System overview of STEP 7 and WinCC 1 What's new in TIA Portal V14 2 SIMATIC Readme 3 WinCC WinCC Advanced V14 Installation 4 Migrating projects and programs 5 Introduction to the TIA Portal 6 Editing projects 7 Editing project data 8 Using libraries 9 System Manual Editing devices and networks 10 Programming the PLC 11 Visualizing processes 12 Using technology functions 13 Using online and diagnostics functions 14 Using Team Engineering 15 Online help printout 10/2016 Legal information Warning notice system This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger. DANGER indicates that death or severe personal injury will result if proper precautions are not taken. WARNING indicates that death or severe personal injury may result if proper precautions are not taken. CAUTION indicates that minor personal injury can result if proper precautions are not taken. NOTICE indicates that property damage can result if proper precautions are not taken. If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage. Qualified Personnel The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems. Proper use of Siemens products Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be complied with. The information in the relevant documentation must be observed. Trademarks All names identified by (R) are registered trademarks of Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner. Disclaimer of Liability We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions. Siemens AG Division Digital Factory Postfach 48 48 90026 NURNBERG GERMANY 10/2016 Subject to change Copyright (c) Siemens AG 2016. All rights reserved Table of contents 1 2 3 System overview of STEP 7 and WinCC....................................................................................................39 1.1 Scaling of STEP 7 and WinCC in the TIA Portal....................................................................39 1.2 Options for STEP 7 and WinCC Engineering.........................................................................40 1.3 Options for S7-1500 Runtime.................................................................................................41 1.4 Options for STEP 7 Engineering System...............................................................................41 1.5 Options for WinCC Engineering and Runtime systems.........................................................41 What's new in TIA Portal V14.....................................................................................................................45 2.1 Introduction............................................................................................................................45 2.2 SIMATIC STEP 7...................................................................................................................45 2.3 SIMATIC WinCC....................................................................................................................48 2.4 SINAMICS Startdrive.............................................................................................................49 2.5 SIMOTION SCOUT TIA.........................................................................................................50 2.6 SIMOCODE ES V14..............................................................................................................50 2.7 Engineering options...............................................................................................................51 2.8 Runtime options.....................................................................................................................53 Readme......................................................................................................................................................55 3.1 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 Notes on the TIA Portal..........................................................................................................55 General notes.........................................................................................................................55 Notes on libraries...................................................................................................................57 Notes on memory cards.........................................................................................................57 Notes on the hardware configuration.....................................................................................58 Notes on instructions..............................................................................................................59 Notes on using the TIA Portal in a virtual environment (private cloud)..................................59 3.2 3.2.1 3.2.2 3.2.3 3.2.3.1 3.2.3.2 3.2.3.3 3.2.3.4 3.2.3.5 3.2.3.6 3.2.3.7 3.2.3.8 3.2.4 3.2.4.1 3.2.4.2 STEP 7 Basic.........................................................................................................................60 Security information...............................................................................................................60 Notes on use..........................................................................................................................62 Editing devices and networks.................................................................................................63 General information on devices and networks.......................................................................63 Use of modules on the S7-1200.............................................................................................63 CP 343-2 on SIMATIC S7 Embedded Controller EC31-RTX.................................................64 F-CM AS-i Safety ST for ET 200SP.......................................................................................65 S7 routing via IE/PB Link.......................................................................................................65 Deactivating SNMP (S7-1200, S7-1500)...............................................................................65 Notes on online and diagnostics............................................................................................67 Network components.............................................................................................................67 Programming a PLC...............................................................................................................69 General notes on PLC programming.....................................................................................69 Instructions.............................................................................................................................72 WinCC Advanced V14 System Manual, 10/2016 3 Table of contents 4 4 3.2.4.3 3.2.4.4 3.2.5 3.2.5.1 3.2.6 3.2.6.1 Testing the user program.......................................................................................................73 Compatibility of PLC programs from older versions...............................................................75 Inter Project Engineering (IPE)..............................................................................................82 Notes on IPE..........................................................................................................................82 Technological functions..........................................................................................................82 Notes on technological functions (S7-1200)..........................................................................82 3.3 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.5.1 3.3.5.2 3.3.5.3 3.3.5.4 3.3.5.5 3.3.5.6 3.3.5.7 3.3.5.8 3.3.6 3.3.7 3.3.8 3.3.8.1 3.3.8.2 3.3.8.3 3.3.9 3.3.9.1 WinCC Comfort/Advanced.....................................................................................................83 Security information...............................................................................................................83 News......................................................................................................................................89 Notes on use..........................................................................................................................89 Migration................................................................................................................................90 Engineering System...............................................................................................................92 Screens and Screen Objects.................................................................................................92 Tags and connections............................................................................................................97 Alarm system and alarm displays..........................................................................................98 System functions and scripts.................................................................................................99 Reports.................................................................................................................................101 Recipes................................................................................................................................102 User administration..............................................................................................................102 Communication....................................................................................................................102 System-wide functions.........................................................................................................105 Compiling and loading..........................................................................................................106 Runtime................................................................................................................................108 Notes on operation in Runtime.............................................................................................108 Notes on operation of panels in Runtime.............................................................................110 Notes on operation of Runtime Advanced...........................................................................111 HMI devices.........................................................................................................................112 Notes on HMI devices..........................................................................................................112 Installation................................................................................................................................................117 4.1 Notes on the installation.......................................................................................................117 4.2 4.2.1 4.2.2 4.2.3 4.2.3.1 4.2.3.2 4.2.3.3 4.2.4 4.2.4.1 4.2.4.2 4.2.4.3 4.2.4.4 System requirements for installation....................................................................................118 Notes on licenses.................................................................................................................118 Notes on the system requirements......................................................................................119 System requirements STEP 7 Basic....................................................................................120 Licensing of STEP 7.............................................................................................................120 Handling licenses and license keys.....................................................................................122 Software and hardware requirements STEP 7.....................................................................124 System requirement for WinCC Advanced..........................................................................127 Software and hardware requirements..................................................................................127 Parallel installation...............................................................................................................130 Add-ons................................................................................................................................131 Licenses and Powerpacks...................................................................................................133 4.3 Installation log......................................................................................................................141 4.4 Starting installation...............................................................................................................142 4.5 Displaying the installed software..........................................................................................144 4.6 Modifying or updating installed products..............................................................................145 4.7 Repairing installed products.................................................................................................146 WinCC Advanced V14 System Manual, 10/2016 Table of contents 5 4.8 Starting to uninstall...............................................................................................................148 4.9 4.9.1 4.9.2 4.9.3 Installing updates and support packages.............................................................................150 Checking availability of updates and support packages and installing them.......................150 Providing updates on a company-internal server.................................................................153 Configuring a company-internal server for updates.............................................................155 4.10 4.10.1 4.10.2 4.10.3 Installing and uninstalling the migration tool........................................................................158 System requirements...........................................................................................................158 Installing the migration tool..................................................................................................158 Uninstalling the migration tool..............................................................................................159 4.11 4.11.1 4.11.2 4.11.3 Installing and uninstalling the multiuser server....................................................................160 Notes on the installation of the multiuser server..................................................................160 Installing the multiuser server..............................................................................................161 Uninstalling the multiuser server..........................................................................................162 Migrating projects and programs..............................................................................................................165 5.1 Overview of Migration Options.............................................................................................165 5.2 5.2.1 5.2.2 5.2.3 5.2.3.1 5.2.3.2 5.2.3.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.7.1 5.2.7.2 5.2.7.3 5.2.7.4 5.2.7.5 5.2.7.6 5.2.8 5.2.8.1 5.2.8.2 5.2.8.3 5.2.8.4 5.2.8.5 5.2.9 5.2.9.1 5.2.9.2 5.2.9.3 5.2.9.4 5.2.9.5 5.2.9.6 Migrating projects to a TIA Portal project.............................................................................167 Migration of projects with the TIA Portal..............................................................................167 Check migration readiness of hardware components..........................................................168 Preparing projects with the migration tool............................................................................169 Migrating projects with the migration tool.............................................................................169 Calling the migration tool......................................................................................................171 Creating a migration file.......................................................................................................171 Migrating projects.................................................................................................................172 Displaying the history of the migration.................................................................................174 Display migration log............................................................................................................174 Migrating STEP 7 projects (S7-300, S7-400).......................................................................175 Migration of STEP 7 projects (S7-300, S7-400)...................................................................175 Requirements for the migration of STEP 7 projects (S7-300, S7-400)................................176 Checking whether STEP 7 projects can be migrated (S7-300, S7-400)..............................177 Consistency check in the initial project (S7-300, S7-400)....................................................178 Removing unsupported hardware components (S7-300, S7-400).......................................179 Special points to observe during migration (S7-300, S7-400)..............................................179 Migrating WinCC flexible projects........................................................................................195 Principles (WinCC flexible)...................................................................................................195 Migrating engineering data (WinCC flexible)........................................................................201 Migrating runtime data (WinCC flexible)..............................................................................222 Migrating integrated projects (WinCC flexible).....................................................................225 Reference (WinCC flexible)..................................................................................................229 Migrating integrated projects................................................................................................243 Migrating an integrated project (S7-300, S7-400)................................................................243 Post-editing integrated projects............................................................................................245 Converting unspecified CPUs into specified CPUs..............................................................246 Creating an integrated HMI connection................................................................................248 Re-linking HMI tags..............................................................................................................250 Delete non-integrated HMI connection.................................................................................251 5.3 5.3.1 5.3.2 Migrating S7-1200 to firmware as of V4 (S7-1200)..............................................................252 Basic information on upgrading to V4 (S7-1200).................................................................252 Migrating to V4 (S7-1200)....................................................................................................254 WinCC Advanced V14 System Manual, 10/2016 5 Table of contents 5.3.3 6 6 Special considerations after migrating to V4 (S7-1200).......................................................256 Introduction to the TIA Portal....................................................................................................................259 6.1 6.1.1 Getting started......................................................................................................................259 Getting Started Documentation............................................................................................259 6.2 6.2.1 6.2.1.1 6.2.1.2 6.2.1.3 6.2.1.4 6.2.1.5 6.2.1.6 6.2.1.7 6.2.2 6.2.2.1 6.2.2.2 6.2.2.3 6.2.2.4 6.2.2.5 6.2.2.6 6.2.2.7 6.2.2.8 6.2.2.9 6.2.2.10 6.2.2.11 6.2.2.12 6.2.3 6.2.3.1 6.2.3.2 6.2.3.3 6.2.3.4 6.2.3.5 6.2.3.6 6.2.3.7 6.2.3.8 6.2.3.9 6.2.3.10 6.2.3.11 6.2.3.12 6.2.4 6.2.4.1 6.2.4.2 User interface and operation................................................................................................260 Starting, setting up, and exiting the TIA Portal....................................................................260 Starting and exiting the TIA Portal.......................................................................................260 Overview of the program settings........................................................................................261 Overview of the script and text editor settings.....................................................................263 Overview of the print settings...............................................................................................264 Overview of the online and diagnostic settings....................................................................264 Changing the settings..........................................................................................................265 Exporting and importing settings..........................................................................................265 Layout of the user interface..................................................................................................268 Views....................................................................................................................................268 Portal view............................................................................................................................268 Project view..........................................................................................................................270 Library view..........................................................................................................................273 Project tree...........................................................................................................................273 Work area.............................................................................................................................277 Inspector window.................................................................................................................285 Task cards............................................................................................................................287 Reference projects...............................................................................................................289 Details view..........................................................................................................................290 Overview window.................................................................................................................292 User interface layout............................................................................................................296 Keyboard operation in the TIA Portal...................................................................................300 Operation of the TIA Portal with the keyboard.....................................................................300 Displaying an overview of all keyboard shortcuts................................................................300 Basic functions of the TIA Portal..........................................................................................300 Using project-related functions.............................................................................................302 Arranging windows...............................................................................................................302 Navigating through the program interface............................................................................303 Customizing editors..............................................................................................................305 Editing objects......................................................................................................................306 Text editing...........................................................................................................................307 Editing tables........................................................................................................................308 Using online functions..........................................................................................................309 Using the on-screen keyboard.............................................................................................310 Special features specific to the operating system................................................................310 Influence of user rights.........................................................................................................310 Expanding user rights..........................................................................................................311 6.3 6.3.1 6.3.2 6.3.3 6.3.4 6.3.4.1 6.3.4.2 6.3.4.3 Help on the information system............................................................................................312 General remarks on the information system........................................................................312 Opening the information system..........................................................................................317 Using the information system...............................................................................................318 Searching the information system........................................................................................320 Basics of searching..............................................................................................................320 Searching help topics...........................................................................................................321 Examples of searching in the information system ...............................................................322 WinCC Advanced V14 System Manual, 10/2016 Table of contents 7 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 6.3.10 6.3.11 Using favorites.....................................................................................................................324 Copying code examples into the program............................................................................325 Displaying more information in the Siemens Industry Online Support.................................326 Printing help topics...............................................................................................................327 Configuring the display of tooltips and tooltip cascades......................................................328 Assembling customized documentation...............................................................................328 Safety Guidelines.................................................................................................................329 6.4 6.4.1 6.4.2 6.4.2.1 6.4.2.2 6.4.2.3 6.4.2.4 6.4.2.5 6.4.2.6 6.4.3 6.4.3.1 6.4.3.2 6.4.3.3 Find and replace..................................................................................................................331 Basics of searching..............................................................................................................331 Search entire project............................................................................................................332 Basics for search in the project............................................................................................332 Overview of the search editor..............................................................................................333 Search in entire project........................................................................................................335 Creating a new search index manually................................................................................336 Enabling and disabling search in the project........................................................................337 Examples for searching in the project..................................................................................338 Searching and replacing in the editor...................................................................................340 Basics for search in open editors.........................................................................................340 Overview of the "Find and replace" palette..........................................................................341 Searching and replacing in the editor...................................................................................342 6.5 6.5.1 6.5.2 6.5.3 Undoing and redoing actions...............................................................................................344 Basics of undoing and redoing actions................................................................................344 Undoing an action................................................................................................................345 Redoing an action................................................................................................................346 Editing projects.........................................................................................................................................349 7.1 7.1.1 7.1.2 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.1.10 7.1.11 7.1.12 7.1.13 Creating and managing projects..........................................................................................349 The basics of projects..........................................................................................................349 Compatibility of projects.......................................................................................................350 Creating a new project.........................................................................................................352 Opening existing projects.....................................................................................................352 Upgrading projects...............................................................................................................354 Upgrading know-how protected blocks................................................................................356 Displaying properties of the project......................................................................................356 Saving projects.....................................................................................................................357 Closing projects....................................................................................................................358 Removing projects from the project list................................................................................359 Deleting projects..................................................................................................................360 Using logs............................................................................................................................361 Importing and exporting CAx data........................................................................................361 7.2 7.2.1 7.2.2 7.2.3 Archiving and retrieving projects..........................................................................................362 Working with project archives..............................................................................................362 Creating a project archive....................................................................................................363 Retrieving compressed project.............................................................................................364 7.3 7.3.1 7.3.2 7.3.3 Using reference projects......................................................................................................365 Basics of reference projects.................................................................................................365 Opening and closing a reference project.............................................................................365 Comparing reference projects..............................................................................................366 WinCC Advanced V14 System Manual, 10/2016 7 Table of contents 8 8 Editing project data...................................................................................................................................369 8.1 8.1.1 8.1.1.1 8.1.1.2 8.1.2 8.1.2.1 8.1.2.2 8.1.2.3 8.1.2.4 8.1.2.5 Compiling and loading project data......................................................................................369 Compiling project data.........................................................................................................369 General information on compiling project data.....................................................................369 Compiling project data.........................................................................................................370 Loading project data.............................................................................................................370 General information on loading............................................................................................370 Downloading project data to a device..................................................................................372 Downloading project data to a memory card........................................................................374 Uploading project data from a device...................................................................................376 Loading project data from a memory card...........................................................................378 8.2 8.2.1 8.2.2 8.2.3 8.2.4 8.2.4.1 8.2.4.2 8.2.4.3 8.2.4.4 8.2.4.5 8.2.4.6 8.2.4.7 8.2.4.8 Comparing project data........................................................................................................379 Basics of project data comparison.......................................................................................379 Carrying out an online/offline comparison............................................................................382 Carrying out offline/offline comparisons...............................................................................382 Using the compare editor ....................................................................................................384 Overview of the compare editor...........................................................................................384 Show and hide table columns..............................................................................................390 Filtering the compare editor view.........................................................................................391 Running a detailed comparison............................................................................................392 Updating the comparison results..........................................................................................393 Set comparison criteria........................................................................................................394 Synchronizing non-identical objects.....................................................................................395 Changing the view................................................................................................................397 8.3 8.3.1 8.3.2 Protecting project data.........................................................................................................398 Protection concept for project data......................................................................................398 Revoking access rights for devices......................................................................................398 8.4 8.4.1 8.4.1.1 8.4.1.2 8.4.1.3 8.4.1.4 8.4.1.5 8.4.1.6 8.4.1.7 8.4.1.8 8.4.1.9 8.4.2 8.4.2.1 8.4.2.2 8.4.2.3 8.4.2.4 8.4.2.5 Printing project contents.......................................................................................................399 Printing project documentation.............................................................................................399 Documentation settings........................................................................................................399 Printout of project contents..................................................................................................400 Changing the print settings..................................................................................................401 Specifying the print layout....................................................................................................402 Entering document information............................................................................................403 Managing cover pages and frames......................................................................................404 Designing cover pages and frames......................................................................................407 Displaying print preview.......................................................................................................413 Printing project data.............................................................................................................416 Printing module labels..........................................................................................................418 Print function for module labels............................................................................................418 Printing labels.......................................................................................................................419 Exporting labeling data as XML...........................................................................................421 XML schema of the export file..............................................................................................422 Determining the print area offset..........................................................................................425 8.5 8.5.1 8.5.2 8.5.3 8.5.4 Working with multi-language projects..................................................................................426 Project text basics................................................................................................................426 Categories of user texts.......................................................................................................428 Select project languages......................................................................................................428 Setting the editing language.................................................................................................429 WinCC Advanced V14 System Manual, 10/2016 Table of contents 9 8.5.5 8.5.6 8.5.7 8.5.8 8.5.9 8.5.10 Translating all project texts in tabular form..........................................................................429 Translating project texts.......................................................................................................430 Translating project texts using reference texts.....................................................................430 Exporting project texts..........................................................................................................431 Importing project texts..........................................................................................................433 Application examples for multilanguage projects.................................................................434 8.6 8.6.1 8.6.2 8.6.3 8.6.4 Working with text lists...........................................................................................................435 Text lists...............................................................................................................................435 Creating user-defined text lists.............................................................................................437 Editing user-defined text lists...............................................................................................437 Editing system-defined text lists...........................................................................................438 8.7 8.7.1 8.7.2 8.7.3 8.7.4 Using memory cards............................................................................................................439 Basics about memory cards.................................................................................................439 Adding a user-defined card reader.......................................................................................439 Accessing memory cards.....................................................................................................440 Displaying properties of memory cards................................................................................441 8.8 8.8.1 Using cross-references........................................................................................................442 Using cross-references........................................................................................................442 8.9 8.9.1 8.9.2 8.9.3 8.9.4 8.9.5 8.9.6 8.9.7 8.9.8 Providing user-defined documentation.................................................................................442 Using user-defined documentation......................................................................................442 Specifying settings in the TIA Portal....................................................................................445 Specifying settings with an XML file.....................................................................................446 Creating a homepage...........................................................................................................447 Conventions for the creation................................................................................................448 Calling user-defined documentation.....................................................................................451 Displaying the call log..........................................................................................................452 Creating user-defined documentation..................................................................................452 Using libraries...........................................................................................................................................455 9.1 Library basics.......................................................................................................................455 9.2 9.2.1 9.2.2 Using the "Libraries" task card.............................................................................................457 Overview of the "Libraries" task card...................................................................................457 Using the element view........................................................................................................459 9.3 9.3.1 9.3.2 Using the library view...........................................................................................................460 Overview of the library view.................................................................................................460 Opening and closing the library view...................................................................................462 9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.4.5 9.4.6 Using library management...................................................................................................463 Overview of the library management...................................................................................463 Opening library management...............................................................................................465 Filtering the display of types.................................................................................................466 Displaying instances in the project.......................................................................................467 Displaying cross references of an instance..........................................................................467 Displaying relations to other library objects..........................................................................468 9.5 9.5.1 9.5.2 9.5.3 9.5.4 Using global libraries............................................................................................................468 Creating a global library.......................................................................................................468 Compatibility of global libraries............................................................................................469 Opening a global library.......................................................................................................470 Displaying properties of global libraries...............................................................................471 WinCC Advanced V14 System Manual, 10/2016 9 Table of contents 10 9.5.5 9.5.6 9.5.7 9.5.8 9.5.9 9.5.9.1 9.5.9.2 9.5.9.3 9.5.10 9.5.10.1 9.5.10.2 Displaying logs of global libraries.........................................................................................472 Saving a global library..........................................................................................................472 Closing a global library.........................................................................................................473 Deleting a global library........................................................................................................474 Archiving and disabling global libraries................................................................................475 Working with archives of global libraries..............................................................................475 Archiving global libraries......................................................................................................475 Retrieving global libraries.....................................................................................................476 Using global corporate libraries............................................................................................477 Basics of corporate libraries.................................................................................................477 Creating a configuration file for corporate libraries..............................................................479 9.6 Creating folders in a library..................................................................................................480 9.7 9.7.1 9.7.2 9.7.3 9.7.4 Using master copies.............................................................................................................480 Basics on master copies......................................................................................................480 Adding master copies...........................................................................................................481 Filtering master copies.........................................................................................................483 Using master copies.............................................................................................................483 9.8 9.8.1 9.8.2 9.8.3 9.8.4 9.8.5 9.8.5.1 9.8.5.2 9.8.5.3 9.8.5.4 9.8.5.5 9.8.5.6 9.8.5.7 9.8.5.8 9.8.5.9 9.8.5.10 9.8.5.11 9.8.5.12 9.8.5.13 9.8.5.14 9.8.5.15 9.8.5.16 9.8.6 9.8.6.1 9.8.6.2 9.8.6.3 9.8.7 Using types and their versions.............................................................................................484 Basics on types....................................................................................................................484 State of type versions...........................................................................................................486 Displaying a released type version......................................................................................488 Displaying properties of a type or version............................................................................488 Working with types in the project library...............................................................................489 Adding types to the project library........................................................................................489 Block requirements..............................................................................................................491 Referencing of objects within a block...................................................................................492 Duplicating types..................................................................................................................493 Using types..........................................................................................................................493 Displaying types for an instance..........................................................................................495 Creating a test version of a type..........................................................................................495 Editing a test version of a type.............................................................................................497 Creating an editing version of a type....................................................................................498 Performing a consistency check for a version......................................................................498 Discarding versions..............................................................................................................499 Discarding all versions within a folder..................................................................................500 Release versions..................................................................................................................500 Releasing all versions within a folder...................................................................................501 Updating the project to the latest versions...........................................................................502 Remove the link between instance and type........................................................................504 Working with types in global libraries...................................................................................504 Adding types to a global library............................................................................................504 Using types..........................................................................................................................505 Updating the project to the latest type versions...................................................................507 Assigning a version..............................................................................................................508 9.9 9.9.1 9.9.2 Multiuser Engineering in libraries.........................................................................................510 Multiuser Engineering with library objects............................................................................510 Checking in types and master copies..................................................................................512 9.10 Editing library elements........................................................................................................513 9.11 Updating a library with the contents of another library.........................................................515 WinCC Advanced V14 System Manual, 10/2016 Table of contents 10 9.12 Harmonizing names and path structure...............................................................................517 9.13 Clean up library....................................................................................................................517 9.14 Comparing library elements.................................................................................................519 Editing devices and networks...................................................................................................................521 10.1 10.1.1 10.1.1.1 10.1.1.2 10.1.1.3 10.1.1.4 10.1.1.5 10.1.1.6 10.1.1.7 10.1.1.8 10.1.1.9 10.1.1.10 10.1.1.11 10.1.1.12 10.1.1.13 10.1.1.14 10.1.1.15 10.1.1.16 10.1.1.17 10.1.1.18 10.1.2 10.1.2.1 10.1.2.2 10.1.2.3 10.1.2.4 10.1.2.5 10.1.2.6 10.1.2.7 10.1.2.8 10.1.2.9 10.1.2.10 10.1.2.11 10.1.2.12 10.1.2.13 10.1.2.14 10.1.2.15 10.1.2.16 10.1.2.17 10.1.3 10.1.3.1 10.1.3.2 10.1.3.3 10.1.3.4 10.1.3.5 10.1.4 10.1.4.1 Configuring devices and networks.......................................................................................521 Hardware and network editor...............................................................................................521 Overview of hardware and network editor............................................................................521 Overview of settings for hardware configuration..................................................................522 Network view........................................................................................................................523 Device view..........................................................................................................................526 Device view: Objects in the device view..............................................................................528 Device view: Area for unplugged modules...........................................................................531 Topology view......................................................................................................................532 Inspector window ................................................................................................................535 Inspector window: Displaying UDTs.....................................................................................538 Hardware catalog.................................................................................................................540 Browsing the hardware catalog ...........................................................................................542 Enabling product support.....................................................................................................544 Displaying product support for hardware components.........................................................545 Printing hardware and network configurations.....................................................................546 Printing: Changing settings..................................................................................................547 Printing: Enabling page break preview.................................................................................548 Keyboard operation: Navigation in the editor.......................................................................548 Keyboard operation: Editing objects....................................................................................549 Configuring devices..............................................................................................................551 Introduction to configuring hardware....................................................................................551 Adding a device to the hardware configuration....................................................................552 Adding an unspecified CPU.................................................................................................553 Selecting a CPU...................................................................................................................554 Selecting fail-safe modules..................................................................................................556 Rack: Basics........................................................................................................................557 Rack: General slot rules.......................................................................................................558 Rack: Inserting a module.....................................................................................................559 Deleting a hardware component..........................................................................................561 Copying a hardware component..........................................................................................562 Moving a hardware component............................................................................................564 Replacing a hardware component.......................................................................................565 Editing properties and parameters.......................................................................................565 Input and output addresses in the address overview...........................................................567 Update module version........................................................................................................570 Distributed I/O in the project tree.........................................................................................571 Comparing devices..............................................................................................................573 Configure networks..............................................................................................................575 Networking devices..............................................................................................................575 Communication via connections..........................................................................................597 Displaying and configuring topology....................................................................................692 Secure Communication (S7-1500).......................................................................................709 Industrial Ethernet security...................................................................................................751 Creating configurations........................................................................................................938 Configuring automation systems (S7-1200).........................................................................938 WinCC Advanced V14 System Manual, 10/2016 11 Table of contents 11 10.1.4.2 10.1.4.3 10.1.4.4 10.1.4.5 10.1.4.6 10.1.4.7 10.1.4.8 10.1.4.9 10.1.5 10.1.5.1 10.1.5.2 10.1.5.3 10.1.5.4 S7-1200 CM/CP.................................................................................................................1072 SCALANCE X, W and M....................................................................................................1128 Configuring AS-i devices....................................................................................................1621 Configuring PROFIBUS DP (S7-1200)..............................................................................1627 Configuring PROFINET IO.................................................................................................1653 Bus coupling with PN/PN coupler......................................................................................1701 Integrating external tools....................................................................................................1702 Loading a configuration......................................................................................................1704 Additional information on configurations............................................................................1715 Identification systems.........................................................................................................1715 Distributed I/O....................................................................................................................1781 IPv4 routing with CP 1543-1 / CM 1542-1..........................................................................1894 IPv6 configuration..............................................................................................................1894 10.2 10.2.1 10.2.1.1 10.2.1.2 10.2.1.3 10.2.1.4 10.2.1.5 10.2.1.6 10.2.1.7 10.2.1.8 10.2.2 10.2.2.1 10.2.2.2 10.2.2.3 Device and network diagnostics.........................................................................................1895 Hardware diagnostics.........................................................................................................1895 Overview of hardware diagnostics.....................................................................................1895 Showing non-editable and current values of configurable module properties....................1907 Showing the current values of dynamic modules properties..............................................1914 Checking a module for defects...........................................................................................1917 Changing the properties of a module or the programming device/PC...............................1925 Diagnostics in STOP mode................................................................................................1944 Online accesses in the Online and Diagnostics view.........................................................1946 Checking PROFIBUS DP subnets for faults......................................................................1949 Connection diagnostics......................................................................................................1952 Overview of connection diagnostics...................................................................................1952 Displaying the connection status using icons.....................................................................1953 Detailed connection diagnostics.........................................................................................1954 Programming the PLC............................................................................................................................1959 11.1 11.1.1 11.1.1.1 11.1.1.2 11.1.2 11.1.2.1 11.1.2.2 11.1.2.3 11.1.2.4 11.1.2.5 11.1.2.6 11.1.2.7 11.1.2.8 11.1.2.9 11.1.3 11.1.3.1 11.1.3.2 11.1.3.3 11.1.3.4 11.1.4 11.1.4.1 11.1.4.2 11.1.4.3 12 Programming basics..........................................................................................................1959 Operating system and user program..................................................................................1959 Operating system...............................................................................................................1959 User program.....................................................................................................................1959 Blocks in the user program................................................................................................1960 Linear and structured programming...................................................................................1960 Overview of the block types...............................................................................................1962 Organization blocks (OB)...................................................................................................1962 Functions (FCs)..................................................................................................................1963 Function blocks (FB)..........................................................................................................1964 Global data blocks (DB).....................................................................................................1965 Instance data blocks..........................................................................................................1966 CPU data blocks................................................................................................................1967 Blocks with optimized access.............................................................................................1968 Block calls..........................................................................................................................1973 Principles of block calls......................................................................................................1973 Call hierarchy.....................................................................................................................1973 Instances............................................................................................................................1975 Parameter transfer at block call.........................................................................................1987 Using and addressing operands........................................................................................1998 Basic information about operands......................................................................................1998 Keywords...........................................................................................................................1999 Using tags within the program............................................................................................2004 WinCC Advanced V14 System Manual, 10/2016 Table of contents 11.1.4.4 11.1.4.5 11.1.5 11.1.5.1 11.1.5.2 11.1.5.3 11.1.5.4 11.1.5.5 Constants...........................................................................................................................2006 Addressing operands.........................................................................................................2011 Handling program execution errors....................................................................................2032 Causes of error..................................................................................................................2032 Overview of mechanisms for error handling.......................................................................2034 EN/ENO mechanism..........................................................................................................2037 Evaluating errors with output parameter RET_VAL...........................................................2049 Use of the instructions GET_ERROR and GET_ERR_ID..................................................2053 11.2 11.2.1 11.2.2 11.2.2.1 11.2.2.2 11.2.3 11.2.3.1 11.2.3.2 11.2.3.3 11.2.3.4 11.2.4 11.2.4.1 11.2.4.2 11.2.4.3 11.2.4.4 11.2.4.5 11.2.5 11.2.6 11.2.7 11.2.8 Programming recommendations (S7-1200, S7-1500).......................................................2055 The new S7-1500 CPU functions and programming recommendations at a glance (S7-1200, S7-1500)............................................................................................................2055 Error handling (S7-1200, S7-1500)....................................................................................2059 Using enable output ENO flexibly in LAD and FBD (S7-1200, S7-1500)...........................2059 Handle program execution errors (S7-1200, S7-1500)......................................................2061 Reliable addressing (S7-1200, S7-1500)...........................................................................2066 Symbolic addressing (S7-1200, S7-1500).........................................................................2066 Addressing with Slice access (S7-1200, S7-1500)............................................................2068 Indirect addressing of ARRAY elements (S7-1200, S7-1500)...........................................2069 Addressing tags indirectly (S7-1200, S7-1500)..................................................................2072 Handling specific data types (S7-1200, S7-1500)..............................................................2078 Using the VARIANT data type (S7-1200, S7-1500)...........................................................2078 Using the DB_ANY data type (S7-1200, S7-1500)............................................................2093 Using PLC data types (UDT) (S7-1200, S7-1500).............................................................2104 Calculating with floating-point numbers (REAL and LREAL) in SCL (S7-1200, S7-1500)..2108 Calculating with constants in SCL (S7-1200, S7-1500).....................................................2113 Using MOVE instructions in STL (S7-1500).......................................................................2116 Using IEC timers and counters (S7-1200, S7-1500)..........................................................2118 Using ARRAY data blocks (S7-1200, S7-1500).................................................................2121 Commenting out program code (S7-1200, S7-1500).........................................................2131 11.3 11.3.1 11.3.2 11.3.2.1 11.3.2.2 11.3.3 11.3.3.1 11.3.3.2 11.3.3.3 11.3.3.4 11.3.3.5 11.3.3.6 11.3.3.7 11.3.3.8 11.3.4 11.3.4.1 11.3.4.2 11.3.4.3 11.3.5 11.3.5.1 11.3.5.2 11.3.5.3 Data types..........................................................................................................................2131 Overview of the valid data types........................................................................................2131 Binary numbers..................................................................................................................2136 BOOL (bit)..........................................................................................................................2136 Bit strings...........................................................................................................................2136 Integers..............................................................................................................................2141 SINT (8-bit integers) (S7-1200, S7-1500)..........................................................................2141 USINT (8-bit integers) (S7-1200, S7-1500)........................................................................2142 INT (16-bit integers)...........................................................................................................2143 UINT (16-bit integers) (S7-1200, S7-1500)........................................................................2144 DINT (32-bit integers).........................................................................................................2145 UDINT (32-bit integers) (S7-1200, S7-1500).....................................................................2146 LINT (64-bit integers) (S7-1500)........................................................................................2147 ULINT (64-bit integers) (S7-1500)......................................................................................2148 Floating-point numbers......................................................................................................2150 REAL..................................................................................................................................2150 LREAL (S7-1200, S7-1500)...............................................................................................2151 Invalid floating-point numbers............................................................................................2152 Timers................................................................................................................................2154 S5TIME (duration) (S7-300, S7-400).................................................................................2154 TIME (IEC time).................................................................................................................2155 LTIME (IEC time) (S7-1500)..............................................................................................2156 WinCC Advanced V14 System Manual, 10/2016 13 Table of contents 14 11.3.6 11.3.6.1 11.3.6.2 11.3.6.3 11.3.6.4 11.3.6.5 11.3.6.6 11.3.7 11.3.7.1 11.3.7.2 11.3.7.3 11.3.7.4 11.3.7.5 11.3.7.6 11.3.8 11.3.8.1 11.3.8.2 11.3.8.3 11.3.9 11.3.9.1 11.3.9.2 11.3.9.3 11.3.10 11.3.10.1 11.3.10.2 11.3.10.3 11.3.10.4 11.3.10.5 11.3.10.6 11.3.11 11.3.11.1 11.3.11.2 11.3.11.3 11.3.12 11.3.12.1 11.3.13 11.3.13.1 11.3.14 11.3.14.1 11.3.15 11.3.15.1 11.3.15.2 11.3.15.3 11.3.16 11.3.16.1 11.3.16.2 11.3.16.3 11.3.17 11.3.17.1 11.3.17.2 11.3.17.3 Date and time.....................................................................................................................2157 DATE..................................................................................................................................2157 TIME_OF_DAY (TOD)........................................................................................................2157 LTOD (LTIME_OF_DAY) (S7-1500)...................................................................................2158 DATE_AND_TIME (date and time of day) .........................................................................2158 LDT (DATE_AND_LTIME) (S7-1500)................................................................................2159 DTL (S7-1200, S7-1500)....................................................................................................2160 Character strings................................................................................................................2161 CHAR (Character)..............................................................................................................2161 WCHAR (Character) (S7-1200, S7-1500)..........................................................................2162 STRING..............................................................................................................................2162 WSTRING (S7-1200, S7-1500)..........................................................................................2165 Transferring a tag of the STRING or WSTRING data type................................................2168 Addressing individual characters of a STRING or WSTRING (S7-1200, S7-1500)...........2168 PLC data types (UDT)........................................................................................................2170 PLC data types (UDT)........................................................................................................2170 Transferring a tag of the PLC data type (UDT)..................................................................2174 Addressing PLC data types (UDT).....................................................................................2174 Anonymous structures.......................................................................................................2175 STRUCT.............................................................................................................................2175 Transferring tags of the STRUCT data type.......................................................................2176 Addressing STRUCT..........................................................................................................2177 ARRAY...............................................................................................................................2177 ARRAY...............................................................................................................................2177 Transferring tags of the ARRAY data type.........................................................................2180 Transferring tags of the ARRAY data type[*].....................................................................2180 Addressing ARRAYs..........................................................................................................2182 Example of a one-dimensional ARRAY.............................................................................2184 Example of a multi-dimensional ARRAY............................................................................2184 Pointer................................................................................................................................2185 POINTER (S7-300, S7-400, S7-1500)...............................................................................2185 ANY (S7-300, S7-400, S7-1500)........................................................................................2188 VARIANT (S7-1200, S7-1500)...........................................................................................2191 Parameter types.................................................................................................................2193 Parameter types.................................................................................................................2193 System data types..............................................................................................................2194 System data types..............................................................................................................2194 Hardware data types..........................................................................................................2196 Hardware data types..........................................................................................................2196 Data type conversion for S7-1500: (S7-1500)....................................................................2198 Overview of data type conversion (S7-1500).....................................................................2198 Implicit conversions (S7-1500)...........................................................................................2200 Explicit conversions (S7-1500)...........................................................................................2249 Data type conversion for S7-1200 (S7-1200).....................................................................2332 Overview of data type conversion (S7-1200).....................................................................2332 Implicit conversions (S7-1200)...........................................................................................2334 Explicit conversions (S7-1200)...........................................................................................2354 Data type conversion for S7-300, S7-400 (S7-300, S7-400).............................................2398 Overview of data type conversions (S7-300, S7-400)........................................................2398 Implicit conversions (S7-300, S7-400)...............................................................................2400 Explicit conversions (S7-300, S7-400)...............................................................................2412 11.4 Instructions.........................................................................................................................2434 WinCC Advanced V14 System Manual, 10/2016 Table of contents 11.4.1 11.4.1.1 11.4.1.2 11.4.1.3 11.4.1.4 11.4.1.5 11.4.1.6 Instructions (S7-1200, S7-1500)........................................................................................2434 Example libraries (S7-1200, S7-1500)...............................................................................2434 Asynchronous instructions (S7-1200, S7-1500).................................................................2436 Basic instructions (S7-1200, S7-1500)...............................................................................2439 Extended instructions (S7-1200, S7-1500)........................................................................3299 Technology (S7-1200, S7-1500)........................................................................................3888 Communication (S7-1200, S7-1500)..................................................................................4177 11.5 11.5.1 11.5.2 11.5.3 11.5.4 11.5.5 11.5.6 11.5.7 11.5.8 11.5.8.1 11.5.8.2 11.5.8.3 11.5.8.4 11.5.8.5 11.5.9 11.5.9.1 11.5.9.2 11.5.9.3 11.5.10 11.5.10.1 11.5.10.2 11.5.11 11.5.11.1 11.5.11.2 11.5.12 11.5.12.1 11.5.12.2 Program editor...................................................................................................................4458 Overview of the program editor..........................................................................................4458 Using the keyboard in the program editor..........................................................................4461 Enlarging the programming window...................................................................................4466 Setting the mnemonics.......................................................................................................4468 Displaying symbolic and absolute addresses....................................................................4469 Find instructions.................................................................................................................4470 Use instruction versions.....................................................................................................4471 Using instruction profiles....................................................................................................4472 Basics of instruction profiles...............................................................................................4472 Creating new instruction profiles........................................................................................4472 Opening and editing instruction profiles.............................................................................4474 Activating and deactivating instruction profiles..................................................................4475 Deleting instruction profiles................................................................................................4476 Using autocompletion.........................................................................................................4477 Basics of autocompletion...................................................................................................4477 Using autocompletion in graphic programming languages................................................4477 Using autocompletion in textual programming languages.................................................4478 General settings for the PLC programming........................................................................4479 Overview of the general settings........................................................................................4479 Changing the settings........................................................................................................4480 Eliminating syntax errors in the program............................................................................4481 Basic information on syntax errors.....................................................................................4481 Finding syntax errors in the program.................................................................................4481 Changing the programming language................................................................................4482 Rules for changing the programming language.................................................................4482 Change the programming language...................................................................................4483 11.6 11.6.1 11.6.1.1 11.6.1.2 11.6.1.3 11.6.1.4 11.6.1.5 11.6.1.6 11.6.1.7 11.6.1.8 11.6.2 11.6.2.1 11.6.2.2 11.6.2.3 11.6.2.4 11.6.3 11.6.3.1 Creating and managing blocks...........................................................................................4483 Creating blocks..................................................................................................................4483 Block folder........................................................................................................................4483 Creating organization blocks..............................................................................................4484 Creating functions and function blocks..............................................................................4485 Creating data blocks..........................................................................................................4486 Using blocks from libraries.................................................................................................4487 Copying and pasting blocks...............................................................................................4489 Entering a block title...........................................................................................................4493 Entering a block comment..................................................................................................4494 Specifying block properties................................................................................................4495 Basics of block properties .................................................................................................4495 Overview of block properties..............................................................................................4496 Block time stamps..............................................................................................................4499 Displaying and editing block properties .............................................................................4502 Managing blocks................................................................................................................4503 Opening blocks..................................................................................................................4503 WinCC Advanced V14 System Manual, 10/2016 15 Table of contents 16 11.6.3.2 11.6.3.3 11.6.3.4 11.6.3.5 11.6.3.6 11.6.3.7 11.6.4 11.6.4.1 11.6.4.2 11.6.4.3 11.6.4.4 11.6.4.5 11.6.4.6 Saving blocks.....................................................................................................................4504 Closing blocks....................................................................................................................4505 Renaming blocks................................................................................................................4505 Deleting blocks offline........................................................................................................4506 Deleting blocks online (S7-300, S7-400)............................................................................4506 Deleting CPU data blocks..................................................................................................4507 Using external source files.................................................................................................4508 Basics of using external source files..................................................................................4508 Rules for programming external source files .....................................................................4509 Saving blocks as external source files...............................................................................4510 Inserting external source files............................................................................................4512 Opening and editing external source files..........................................................................4512 Generating blocks from external source files.....................................................................4513 11.7 11.7.1 11.7.2 11.7.3 11.7.4 11.7.5 11.7.6 11.7.7 Protecting blocks................................................................................................................4514 Protecting blocks................................................................................................................4514 Setting up and removing block copy protection (S7-1200, S7-1500).................................4517 Setting up block know-how protection................................................................................4518 Opening know-how protected blocks.................................................................................4519 Printing know-how protected blocks...................................................................................4520 Changing a password........................................................................................................4521 Removing block know-how protection................................................................................4522 11.8 11.8.1 11.8.2 11.8.2.1 11.8.2.2 11.8.2.3 11.8.2.4 11.8.3 11.8.3.1 11.8.3.2 11.8.3.3 11.8.3.4 11.8.3.5 11.8.3.6 11.8.3.7 11.8.3.8 11.8.3.9 11.8.3.10 11.8.3.11 11.8.3.12 11.8.3.13 11.8.3.14 11.8.4 11.8.5 Declaring the block interface..............................................................................................4522 Overview of the block interface..........................................................................................4522 Rules for declaring the block interface...............................................................................4524 General rules for declaring the block interface...................................................................4524 Valid data types in the block interface (S7-300, S7-400)...................................................4525 Valid data types in the block interface (S7-1200, S7-1500)...............................................4526 Setting the retentivity of local tags.....................................................................................4527 Declaring the block interface..............................................................................................4529 Layout of the block interface..............................................................................................4529 Declaring local tags and constants in the block interface..................................................4530 Declaring a local tag in the program editor........................................................................4531 Declaring tags of the ARRAY data type.............................................................................4533 Declaring tags of STRUCT data type.................................................................................4534 Declare variables of the STRING and WSTRING data types............................................4535 Declaring tags based on a PLC data type..........................................................................4536 Declaring higher-level tags.................................................................................................4536 Declaring multi-instances...................................................................................................4537 Declaring parameter instances..........................................................................................4538 Hiding parameters during the block call.............................................................................4539 Declaring predefined actual parameters............................................................................4540 Editing the properties of local tags and constants..............................................................4541 Edit table of the block interface..........................................................................................4545 Updating the block interface...............................................................................................4548 Extending the block interface (S7-1200, S7-1500)............................................................4550 11.9 11.9.1 11.9.2 11.9.3 11.9.4 11.9.5 Programming data blocks..................................................................................................4551 Basic principles for programming of data blocks................................................................4551 Structure of the declaration table for data blocks...............................................................4553 Creating data blocks..........................................................................................................4555 Updating data blocks..........................................................................................................4556 Extending data blocks (S7-1200, S7-1500).......................................................................4557 WinCC Advanced V14 System Manual, 10/2016 Table of contents 11.9.6 11.9.6.1 11.9.6.2 11.9.6.3 11.9.6.4 11.9.6.5 11.9.7 11.9.7.1 11.9.7.2 11.9.8 11.9.8.1 11.9.8.2 11.9.8.3 11.9.9 11.9.9.1 11.9.9.2 11.9.9.3 11.9.10 11.9.10.1 11.9.10.2 11.9.10.3 11.9.10.4 11.9.10.5 11.9.10.6 11.9.11 11.9.11.1 11.9.11.2 11.9.11.3 11.9.11.4 11.9.11.5 11.9.11.6 11.9.11.7 11.9.11.8 11.9.11.9 Creating a data structure for global data blocks.................................................................4559 Declaring tags of elementary data type..............................................................................4559 Declaring tags of the ARRAY data type.............................................................................4560 Declaring tags of STRUCT data type.................................................................................4561 Declaring tags of the STRING data type............................................................................4562 Declaring tags based on a PLC data type..........................................................................4563 Defining start values...........................................................................................................4564 Basic information on start values.......................................................................................4564 Defining start values...........................................................................................................4565 Setting retentivity................................................................................................................4566 Retentivity of tags in data blocks........................................................................................4566 Setting retentivity in an instance data block.......................................................................4566 Setting retentivity in a global data block.............................................................................4567 Editing the properties of tags in data blocks......................................................................4568 Properties of the tags in data blocks..................................................................................4568 Changing the properties of tags in instance data blocks....................................................4570 Changing the properties of tags in global data blocks.......................................................4572 Editing the declaration table for data blocks......................................................................4573 Inserting table rows............................................................................................................4573 Inserting table rows............................................................................................................4573 Deleting tags......................................................................................................................4574 Automatically filling in successive cells..............................................................................4574 Show and hide table columns............................................................................................4575 Editing tags with external editors.......................................................................................4575 Online and diagnostic functions for data blocks.................................................................4576 Editing data blocks in online mode.....................................................................................4576 Overview of the online and diagnostic functions in data blocks.........................................4578 Monitoring tags...................................................................................................................4579 Modifying tags....................................................................................................................4580 Loading start values as actual values................................................................................4581 Creating a snapshot of the actual values...........................................................................4582 Loading snapshots as actual values..................................................................................4584 Copying the snapshot to the start values...........................................................................4586 Using setpoints during commissioning...............................................................................4587 11.10 11.10.1 11.10.2 11.10.3 11.10.3.1 11.10.3.2 11.10.4 11.10.4.1 11.10.4.2 11.10.4.3 11.10.5 11.10.5.1 11.10.5.2 11.10.6 11.10.6.1 11.10.6.2 11.10.7 11.10.7.1 Declaring PLC tags............................................................................................................4592 Overview of PLC tag tables................................................................................................4592 Structure of the PLC tag tables..........................................................................................4593 Rules for PLC tags.............................................................................................................4595 Valid names of PLC tags....................................................................................................4595 Permissible addresses and data types of PLC tags...........................................................4595 Creating and managing PLC tag tables.............................................................................4598 Creating a PLC tag table....................................................................................................4598 Grouping PLC tag tables....................................................................................................4599 Opening the PLC tag table.................................................................................................4600 Declaring PLC tags............................................................................................................4601 Entering a PLC tag declaration..........................................................................................4601 Setting the retentivity of PLC tags......................................................................................4603 Grouping PLC tags for inputs and outputs in structures....................................................4604 Other useful information regarding structured PLC tags....................................................4604 Creating structured PLC tags.............................................................................................4606 Declaring global constants.................................................................................................4607 Rules for global user constants..........................................................................................4607 WinCC Advanced V14 System Manual, 10/2016 17 Table of contents 18 11.10.7.2 11.10.7.3 11.10.8 11.10.8.1 11.10.8.2 11.10.9 11.10.9.1 11.10.10 11.10.10.1 11.10.10.2 11.10.10.3 11.10.10.4 11.10.10.5 11.10.10.6 11.10.10.7 Rules for global system constants.....................................................................................4608 Declaring global constants.................................................................................................4609 Editing properties...............................................................................................................4610 Editing the properties of PLC tags.....................................................................................4610 Editing properties of global constants................................................................................4612 Monitoring of PLC tags.......................................................................................................4613 Monitoring of PLC tags.......................................................................................................4613 Editing PLC tag tables........................................................................................................4614 Inserting a table row in the PLC tag table..........................................................................4614 Copying entries in the PLC tag table..................................................................................4614 Deleting entries in the PLC tag table..................................................................................4615 Sorting rows in the PLC tag tables.....................................................................................4615 Automatically filling in cells in the PLC tag table................................................................4616 Show and hide table columns............................................................................................4616 Editing PLC tags with external editors...............................................................................4617 11.11 11.11.1 11.11.2 11.11.3 11.11.4 11.11.5 11.11.6 11.11.6.1 11.11.6.2 11.11.6.3 11.11.6.4 11.11.7 11.11.7.1 11.11.7.2 11.11.8 11.11.8.1 11.11.8.2 11.11.8.3 11.11.8.4 11.11.8.5 Declaring PLC data types (UDT) .......................................................................................4620 Basics of PLC data types (UDT)........................................................................................4620 Structure of the declaration table for PLC data types........................................................4623 Creating PLC data types....................................................................................................4624 Delete PLC data types.......................................................................................................4625 Renumbering PLC data types............................................................................................4626 Programming the structure of PLC data types...................................................................4626 Declaring tags of elementary data type..............................................................................4626 Declaring tags of the ARRAY data type.............................................................................4627 Declaring tags of STRUCT data type ................................................................................4628 Declaring tags based on a different PLC data type............................................................4629 Editing tag properties in PLC data types............................................................................4630 Properties of tags in PLC data types..................................................................................4630 Changing the properties of tags in PLC data types............................................................4631 Editing the declaration table for PLC data types................................................................4631 Inserting table rows............................................................................................................4631 Inserting table rows............................................................................................................4632 Deleting tags......................................................................................................................4632 Automatically filling in successive cells..............................................................................4632 Show and hide table columns............................................................................................4633 11.12 11.12.1 11.12.1.1 11.12.1.2 11.12.2 11.12.2.1 11.12.2.2 11.12.3 11.12.3.1 11.12.3.2 11.12.3.3 11.12.3.4 11.12.3.5 11.12.3.6 11.12.3.7 11.12.3.8 Creating LAD programs.....................................................................................................4634 Basic information on LAD...................................................................................................4634 LAD programming language..............................................................................................4634 Overview of the LAD elements...........................................................................................4634 Settings for LAD.................................................................................................................4637 Overview of the settings for LAD........................................................................................4637 Changing the settings........................................................................................................4637 Working with networks.......................................................................................................4638 Using networks...................................................................................................................4638 Inserting networks..............................................................................................................4639 Selecting networks.............................................................................................................4640 Copying and pasting networks...........................................................................................4641 Deleting networks...............................................................................................................4641 Expanding and collapsing networks...................................................................................4642 Inserting network title.........................................................................................................4643 Entering a network comment.............................................................................................4644 WinCC Advanced V14 System Manual, 10/2016 Table of contents 11.12.3.9 11.12.4 11.12.4.1 11.12.4.2 11.12.4.3 11.12.4.4 11.12.4.5 11.12.4.6 11.12.4.7 11.12.4.8 11.12.4.9 11.12.5 11.12.5.1 11.12.5.2 11.12.5.3 11.12.5.4 11.12.5.5 11.12.5.6 11.12.5.7 11.12.5.8 11.12.5.9 11.12.6 11.12.6.1 11.12.6.2 11.12.6.3 11.12.7 11.12.7.1 11.12.7.2 11.12.7.3 11.12.7.4 11.12.7.5 11.12.8 11.12.8.1 11.12.8.2 11.12.8.3 11.12.8.4 11.12.9 11.12.9.1 11.12.9.2 11.12.9.3 11.12.10 11.12.10.1 11.12.10.2 11.12.10.3 11.12.10.4 11.12.10.5 Navigating networks...........................................................................................................4645 Inserting LAD elements......................................................................................................4646 Rules for the use of LAD elements....................................................................................4646 Prohibited interconnections in LAD....................................................................................4648 Inserting LAD elements using the "Instructions" task card.................................................4649 Inserting LAD elements using an empty box......................................................................4649 Selecting the data type of a LAD element..........................................................................4650 Using favorites in LAD........................................................................................................4653 Insert block calls in LAD.....................................................................................................4655 Inserting complex LAD instructions....................................................................................4659 Using free-form comments.................................................................................................4660 Editing LAD elements.........................................................................................................4663 Selecting LAD elements.....................................................................................................4663 Copying LAD elements......................................................................................................4663 Cutting LAD elements........................................................................................................4664 Pasting an LAD element from the clipboard.......................................................................4665 Replacing LAD elements....................................................................................................4665 Inserting additional inputs and outputs in LAD elements (S7-1200, S7-1500)...................4666 Removing inputs and outputs (S7-1200, S7-1500)............................................................4667 Enabling and disabling the EN/ENO mechanism (S7-1500)..............................................4668 Deleting LAD elements......................................................................................................4669 Inserting operands into LAD instructions...........................................................................4670 Inserting operands.............................................................................................................4670 Wiring hidden parameters..................................................................................................4671 Displaying or hiding variable information...........................................................................4672 Branches in LAD................................................................................................................4673 Basic information on branches in LAD...............................................................................4673 Rules for branches in LAD.................................................................................................4674 Inserting branches into the LAD network...........................................................................4674 Closing branches in the LAD network................................................................................4675 Deleting branches in LAD networks...................................................................................4676 Crossings in LAD...............................................................................................................4676 Basic information on crossings in LAD...............................................................................4676 Inserting crossings.............................................................................................................4676 Rearranging crossings.......................................................................................................4677 Deleting crossings..............................................................................................................4678 Rungs in LAD.....................................................................................................................4678 Basic information on rungs in LAD.....................................................................................4678 Insert rung..........................................................................................................................4679 Deleting a rung...................................................................................................................4680 LAD programming examples..............................................................................................4681 Example of controlling a conveyor belt .............................................................................4681 Example of detecting the direction of a conveyor belt........................................................4683 Example of detecting the fill level of a storage area ..........................................................4685 Example of calculating an equation...................................................................................4688 Example of controlling room temperature..........................................................................4690 11.13 11.13.1 11.13.1.1 11.13.1.2 11.13.2 11.13.2.1 Creating FBD programs.....................................................................................................4693 Basic information on FBD..................................................................................................4693 FBD programming language..............................................................................................4693 Overview of the FBD elements..........................................................................................4693 Settings for FBD.................................................................................................................4695 Overview of the settings for FBD.......................................................................................4695 WinCC Advanced V14 System Manual, 10/2016 19 Table of contents 20 11.13.2.2 11.13.3 11.13.3.1 11.13.3.2 11.13.3.3 11.13.3.4 11.13.3.5 11.13.3.6 11.13.3.7 11.13.3.8 11.13.3.9 11.13.4 11.13.4.1 11.13.4.2 11.13.4.3 11.13.4.4 11.13.4.5 11.13.4.6 11.13.4.7 11.13.4.8 11.13.5 11.13.5.1 11.13.5.2 11.13.5.3 11.13.5.4 11.13.5.5 11.13.5.6 11.13.5.7 11.13.5.8 11.13.5.9 11.13.6 11.13.6.1 11.13.6.2 11.13.6.3 11.13.7 11.13.7.1 11.13.7.2 11.13.7.3 11.13.7.4 11.13.8 11.13.8.1 11.13.8.2 11.13.8.3 11.13.9 11.13.9.1 11.13.9.2 11.13.9.3 11.13.9.4 11.13.9.5 Changing the settings........................................................................................................4696 Working with networks.......................................................................................................4696 Using networks...................................................................................................................4696 Inserting networks..............................................................................................................4697 Selecting networks.............................................................................................................4698 Copying and pasting networks...........................................................................................4699 Deleting networks...............................................................................................................4699 Expanding and collapsing networks...................................................................................4700 Inserting network title.........................................................................................................4700 Entering a network comment.............................................................................................4702 Navigating networks...........................................................................................................4703 Inserting FBD elements......................................................................................................4704 Rules for the use of FBD elements....................................................................................4704 Inserting FBD elements using the "Instructions" task card................................................4705 Inserting FBD elements using an empty box.....................................................................4706 Selecting the data type of an FBD element........................................................................4707 Using favorites in FBD.......................................................................................................4710 Inserting block calls in FBD................................................................................................4712 Inserting complex FBD instructions....................................................................................4716 Using free-form comments.................................................................................................4717 Editing FBD elements........................................................................................................4719 Selecting FBD elements.....................................................................................................4719 Copying FBD elements......................................................................................................4720 Cutting FBD elements........................................................................................................4721 Pasting an FBD element from the clipboard......................................................................4722 Replacing FBD elements ..................................................................................................4722 Adding additional inputs and outputs to FBD elements (S7-1200, S7-1500).....................4723 Removing instruction inputs and outputs (S7-1200, S7-1500)...........................................4724 Enabling and disabling the EN/ENO mechanism (S7-1500)..............................................4725 Deleting FBD elements......................................................................................................4726 Inserting operands in FBD instructions..............................................................................4727 Inserting operands.............................................................................................................4727 Wiring hidden parameters..................................................................................................4729 Displaying or hiding variable information...........................................................................4729 Branches in FBD................................................................................................................4730 Basic information on branches in FBD...............................................................................4730 Rules for branches in FBD.................................................................................................4731 Inserting branches in FBD networks .................................................................................4731 Deleting branches in FBD networks ..................................................................................4732 Logic paths in FBD.............................................................................................................4733 Basic information on logic paths in FBD............................................................................4733 Inserting a logic path..........................................................................................................4734 Deleting a logic operation path...........................................................................................4734 FBD programming examples.............................................................................................4735 Example of controlling a conveyor belt .............................................................................4735 Example of detecting the direction of a conveyor belt........................................................4737 Example of detecting the fill level of a storage area ..........................................................4739 Example of calculating an equation...................................................................................4743 Example of controlling room temperature..........................................................................4745 11.14 11.14.1 11.14.1.1 Creating SCL programs.....................................................................................................4747 Basics of SCL.....................................................................................................................4747 Programming language SCL..............................................................................................4747 WinCC Advanced V14 System Manual, 10/2016 Table of contents 11.14.1.2 11.14.1.3 11.14.1.4 11.14.1.5 11.14.1.6 11.14.1.7 11.14.2 11.14.2.1 11.14.2.2 11.14.3 11.14.3.1 11.14.3.2 11.14.3.3 11.14.3.4 11.14.3.5 11.14.3.6 11.14.4 11.14.4.1 11.14.4.2 11.14.4.3 11.14.4.4 11.14.4.5 11.14.5 11.14.5.1 11.14.5.2 11.14.5.3 11.14.5.4 11.14.5.5 11.14.5.6 11.14.5.7 11.14.5.8 11.14.5.9 11.14.5.10 11.14.6 11.14.6.1 11.14.6.2 11.14.6.3 11.14.7 11.14.7.1 11.14.7.2 11.14.7.3 Expressions........................................................................................................................4748 Arithmetic expressions.......................................................................................................4749 Relational expressions.......................................................................................................4752 Logical expressions............................................................................................................4757 Operators and operator precedence..................................................................................4758 Value assignments.............................................................................................................4759 Settings for SCL.................................................................................................................4762 Overview of the settings for SCL........................................................................................4762 Changing the settings........................................................................................................4763 The programming window of SCL......................................................................................4764 Overview of the programming window...............................................................................4764 Customizing the programming window..............................................................................4765 Formatting SCL code.........................................................................................................4766 Expanding and collapsing sections of code.......................................................................4767 Navigate to definitions........................................................................................................4768 Using bookmarks...............................................................................................................4769 Working with regions..........................................................................................................4771 Using regions.....................................................................................................................4771 Inserting regions.................................................................................................................4773 Copying and inserting regions............................................................................................4774 Navigating in regions..........................................................................................................4776 Deleting regions.................................................................................................................4777 Entering SCL instructions...................................................................................................4778 Rules for SCL instructions..................................................................................................4778 Entering SCL instructions manually...................................................................................4779 Inserting SCL instructions using the "Instructions" task card.............................................4780 Defining the data type of an SCL instruction......................................................................4781 Displaying or hiding tag information...................................................................................4783 Using Favorites in SCL......................................................................................................4784 Insert block calls in SCL.....................................................................................................4787 Expanding and reducing the parameter list........................................................................4796 Insert pragmas (S7-1200, S7-1500)...................................................................................4797 Inserting comments............................................................................................................4798 Editing SCL instructions.....................................................................................................4799 Selecting instructions.........................................................................................................4799 Copying, cutting and pasting instructions...........................................................................4800 Deleting instructions...........................................................................................................4800 SCL programming examples..............................................................................................4801 Example of controlling a conveyor belt..............................................................................4801 Example of detecting the direction of a conveyor belt........................................................4803 Example of detecting the fill level of a storage area ..........................................................4805 11.15 11.15.1 11.15.1.1 11.15.1.2 11.15.1.3 11.15.1.4 11.15.2 11.15.2.1 11.15.2.2 11.15.2.3 11.15.2.4 Compiling and loading blocks............................................................................................4808 Compiling blocks................................................................................................................4808 Basic information on compiling blocks...............................................................................4808 Compiling blocks in the project tree...................................................................................4810 Compiling blocks in the program editor..............................................................................4812 Correcting compilation errors.............................................................................................4812 Downloading blocks for S7-1200/1500 (S7-1200, S7-1500)..............................................4813 Introduction to downloading blocks (S7-1200, S7-1500)...................................................4813 Downloading blocks in the "RUN" operating mode to the device (S7-1200, S7-1500)......4817 Downloading blocks from program editor to device (S7-1200, S7-1500)...........................4821 Downloading blocks from the project tree to the device (S7-1200, S7-1500)....................4823 WinCC Advanced V14 System Manual, 10/2016 21 Table of contents 22 11.15.2.5 11.15.2.6 11.15.2.7 11.15.2.8 Uploading blocks from device (S7-1200, S7-1500)............................................................4825 Downloading blocks to a memory card (S7-1200, S7-1500)..............................................4826 Uploading blocks from a memory card (S7-1200, S7-1500)..............................................4828 Switching off the sequencer prior to loading a GRAPH DB (S7-1500)..............................4828 11.16 11.16.1 11.16.1.1 11.16.1.2 11.16.1.3 11.16.1.4 11.16.2 11.16.2.1 11.16.2.2 11.16.3 11.16.4 Comparing PLC programs.................................................................................................4829 Basic information on comparing PLC programs.................................................................4829 Introduction to comparing PLC programs..........................................................................4829 Comparing blocks and PLC data types..............................................................................4831 Comparing PLC tags..........................................................................................................4832 Comparison of PLC programs based on checksums.........................................................4833 Comparing blocks..............................................................................................................4834 Comparing blocks in the compare editor............................................................................4834 Performing detailed block comparisons.............................................................................4835 Comparing PLC tags..........................................................................................................4858 Comparing PLC data types................................................................................................4860 11.17 11.17.1 11.17.2 11.17.2.1 11.17.2.2 11.17.2.3 11.17.2.4 11.17.2.5 11.17.2.6 11.17.2.7 11.17.2.8 11.17.2.9 11.17.2.10 11.17.3 11.17.3.1 11.17.3.2 11.17.3.3 11.17.3.4 11.17.3.5 11.17.3.6 11.17.3.7 11.17.4 11.17.4.1 11.17.4.2 11.17.4.3 11.17.4.4 11.17.4.5 11.17.4.6 11.17.4.7 11.17.5 11.17.5.1 11.17.5.2 11.17.5.3 11.17.5.4 Displaying program information.........................................................................................4862 Overview of available program information........................................................................4862 Displaying an assignment list.............................................................................................4863 Introduction to the assignment list......................................................................................4863 Layout of the assignment list..............................................................................................4864 Symbols in the assignment list...........................................................................................4865 Displaying an assignment list.............................................................................................4866 Setting the view options for the assignment list.................................................................4866 Filter options in the assignment list....................................................................................4867 Defining filters for assignment list......................................................................................4868 Filtering an assignment list.................................................................................................4869 Defining retentive memory areas for bit memories............................................................4870 Enabling the display of retentive bit memories...................................................................4871 Displaying the call structure...............................................................................................4871 Introduction to the call structure.........................................................................................4871 Symbols in the call structure..............................................................................................4873 Layout of the call structure.................................................................................................4874 Displaying the call structure...............................................................................................4875 Setting the view options for the call structure.....................................................................4875 Introducing the consistency check in the call structure......................................................4876 Checking block consistency in the call structure................................................................4877 Displaying the dependency structure.................................................................................4877 Introduction to the dependency structure...........................................................................4877 Layout of the dependency structure...................................................................................4879 Symbols in the dependency structure................................................................................4879 Displaying the dependency structure.................................................................................4880 Setting the view options for the dependency structure......................................................4881 Introducing the consistency check in the dependency structure........................................4881 Checking block consistency in the dependency structure..................................................4882 Displaying CPU resources.................................................................................................4883 Introducing resources.........................................................................................................4883 Layout of the "Resources" tab............................................................................................4885 Displaying resources..........................................................................................................4886 Selecting the maximum load memory available.................................................................4887 11.18 11.18.1 Displaying cross-references...............................................................................................4888 General information about cross references......................................................................4888 WinCC Advanced V14 System Manual, 10/2016 Table of contents 12 11.18.2 11.18.3 11.18.4 11.18.5 11.18.6 11.18.7 11.18.8 11.18.9 11.18.10 11.18.11 Structure of the cross-reference list...................................................................................4889 Settings in the cross-reference list.....................................................................................4891 Displaying the cross-reference list.....................................................................................4893 Sorting the cross-reference list..........................................................................................4894 Filtering the cross-reference list.........................................................................................4896 Printing the cross-reference list..........................................................................................4897 Adding a new object to the cross-reference list.................................................................4898 Show overlapping accesses in the cross-reference list.....................................................4899 Restoring cross-references after project upgrade..............................................................4901 Displaying cross-references in the Inspector window........................................................4902 11.19 11.19.1 11.19.2 11.19.2.1 11.19.2.2 11.19.2.3 11.19.2.4 11.19.2.5 11.19.2.6 11.19.2.7 11.19.2.8 11.19.2.9 11.19.3 11.19.3.1 11.19.3.2 11.19.3.3 11.19.3.4 11.19.3.5 11.19.3.6 11.19.3.7 11.19.3.8 11.19.4 11.19.4.1 11.19.4.2 11.19.4.3 11.19.4.4 11.19.4.5 11.19.4.6 11.19.4.7 11.19.4.8 11.19.4.9 11.19.4.10 Testing the user program...................................................................................................4903 Basics of testing the user program.....................................................................................4903 Testing with program status...............................................................................................4904 Introduction to testing with program status........................................................................4904 Setting the call environment...............................................................................................4906 Switching test with program status on/off...........................................................................4908 Monitoring loops.................................................................................................................4910 Monitoring structures..........................................................................................................4912 Editing blocks during the program test...............................................................................4913 Modifying tags during monitoring.......................................................................................4914 Switching display formats in the program status................................................................4915 Examples of program status display..................................................................................4915 Testing with the watch table...............................................................................................4923 Introduction to testing with the watch table........................................................................4923 Layout of the watch table...................................................................................................4924 Basic mode and expanded mode in the watch table..........................................................4925 Icons in the watch table......................................................................................................4926 Creating and editing watch tables......................................................................................4927 Entering tags in the watch table.........................................................................................4929 Monitoring tags in the watch table......................................................................................4937 Modifying tags in the watch table.......................................................................................4943 Testing with the force table................................................................................................4951 Introduction for testing with the force table........................................................................4951 Safety precautions when forcing tags................................................................................4952 Layout of the force table.....................................................................................................4953 Basic mode and expanded mode in the force table...........................................................4954 Icons in the force table.......................................................................................................4955 Open and edit force table...................................................................................................4956 Entering tags in the force table..........................................................................................4957 Monitoring tags in the force table.......................................................................................4964 Forcing tags in the force table............................................................................................4968 Stop forcing tags................................................................................................................4976 Visualizing processes.............................................................................................................................4979 12.1 12.1.1 12.1.1.1 12.1.1.2 12.1.1.3 12.1.1.4 12.1.1.5 12.1.1.6 Creating screens................................................................................................................4979 Basics.................................................................................................................................4979 Elements and basic settings..............................................................................................4979 Working with screens.........................................................................................................4985 Working with templates......................................................................................................4990 Working with pop-up screens.............................................................................................4997 Working with slide-in screens.............................................................................................5001 Working with styles and style sheets.................................................................................5006 WinCC Advanced V14 System Manual, 10/2016 23 Table of contents 24 12.1.2 12.1.2.1 12.1.2.2 12.1.2.3 12.1.2.4 12.1.3 12.1.3.1 12.1.3.2 12.1.4 12.1.4.1 12.1.4.2 12.1.4.3 12.1.5 12.1.5.1 12.1.5.2 12.1.5.3 12.1.5.4 12.1.5.5 12.1.5.6 12.1.5.7 12.1.5.8 12.1.6 12.1.6.1 12.1.6.2 12.1.6.3 12.1.6.4 12.1.6.5 12.1.7 12.1.7.1 12.1.7.2 12.1.7.3 12.1.7.4 12.1.8 12.1.8.1 12.1.8.2 12.1.8.3 12.1.9 12.1.9.1 12.1.9.2 Working with objects and object groups.............................................................................5022 Working with objects..........................................................................................................5022 Working with object groups................................................................................................5071 Configuring the keyboard access.......................................................................................5078 Examples...........................................................................................................................5081 Working with text lists and graphics lists............................................................................5084 Working with text lists.........................................................................................................5084 Working with graphics lists.................................................................................................5095 Dynamizing screens...........................................................................................................5106 Basics on dynamizing screens...........................................................................................5106 Dynamization with animations............................................................................................5112 Dynamizing with system functions.....................................................................................5125 Working with function keys.................................................................................................5127 Working with function keys ................................................................................................5127 Assigning function keys globally........................................................................................5130 Local assignment of function keys.....................................................................................5131 Assigning a function to a function key................................................................................5132 Assigning operator authorization for a function key...........................................................5134 Assigning a graphic to a function key.................................................................................5136 Configuring LED tags.........................................................................................................5138 Example: Using function keys for screen navigation..........................................................5140 Working with layers............................................................................................................5142 Basics on working with layers............................................................................................5142 Moving objects on layers....................................................................................................5143 Setting the active layer.......................................................................................................5144 Showing and hiding layers (Basic Panels, Panels, RT Advanced)....................................5145 Renaming layers................................................................................................................5146 Working with faceplates.....................................................................................................5148 Basics on faceplates..........................................................................................................5148 Creating and managing faceplates....................................................................................5153 Dynamizing faceplates.......................................................................................................5172 Examples of faceplates......................................................................................................5173 Configuring screen navigation............................................................................................5180 Basics on screen navigation (Basic Panels, Panels, RT Advanced).................................5180 Assigning screen change to button (Panels, RT Advanced, RT Professional)..................5181 Assigning screen change to function key...........................................................................5182 Display and operating elements.........................................................................................5183 Device dependency of the objects.....................................................................................5183 Objects...............................................................................................................................5193 12.2 12.2.1 12.2.1.1 12.2.1.2 12.2.1.3 12.2.1.4 12.2.1.5 12.2.1.6 12.2.2 12.2.2.1 12.2.2.2 12.2.2.3 12.2.3 Working with Tags (Basic Panels, Panels, RT Advanced).................................................5304 Basics (Basic Panels, Panels, RT Advanced)....................................................................5304 Basics of tags (Basic Panels, Panels, RT Advanced)........................................................5304 Overview of HMI tag tables (Basic Panels, Panels, RT Advanced)...................................5306 External tags (Basic Panels, Panels, RT Advanced).........................................................5307 Addressing external tags (Basic Panels, Panels, RT Advanced).......................................5309 Internal Tags (Basic Panels, Panels, RT Advanced).........................................................5312 User-defined PLC data types (UDT) (Basic Panels, Panels, RT Advanced).....................5312 Working with Tags (Basic Panels, Panels, RT Advanced).................................................5314 Creating tags (Basic Panels, Panels, RT Advanced).........................................................5314 Editing tags (Basic Panels, Panels, RT Advanced)...........................................................5318 Configuring Tags (Basic Panels, Panels, RT Advanced)...................................................5327 Working with arrays (Basic Panels, Panels, RT Advanced)...............................................5348 WinCC Advanced V14 System Manual, 10/2016 Table of contents 12.2.3.1 12.2.3.2 12.2.3.3 12.2.4 12.2.4.1 12.2.4.2 12.2.4.3 12.2.4.4 12.2.4.5 12.2.5 12.2.5.1 12.2.5.2 12.2.6 12.2.6.1 12.2.6.2 12.2.7 12.2.7.1 12.2.7.2 Basics on arrays (Basic Panels, Panels, RT Advanced)....................................................5348 Creating array tags (Basic Panels, Panels, RT Advanced)................................................5351 Examples of arrays (Basic Panels, Panels, RT Advanced)...............................................5352 Working with user data types (Panels, RT Advanced).......................................................5353 Basics on user data types (Panels, RT Advanced)............................................................5353 Creating a user data type (Panels, RT Advanced).............................................................5355 Creating user data type elements (Panels, RT Advanced)................................................5357 Managing versions of user data types (Panels, RT Advanced).........................................5358 Creating tags with a user data type data type (Panels, RT Advanced)..............................5359 Working with cycles (Basic Panels, Panels, RT Advanced)...............................................5361 Cycle basics (Basic Panels, Panels, RT Advanced)..........................................................5361 Defining cycles (Panels, RT Advanced).............................................................................5362 Logging tags (Basic Panels, Panels, RT Advanced)..........................................................5363 Basic principles for data logging (Panels, RT Advanced)..................................................5363 Data logging in Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced)....5364 Displaying Tags (Basic Panels, Panels, RT Advanced).....................................................5382 Displaying tags with Basic Panels (Basic Panels).............................................................5382 Displaying tags with Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced)..........................................................................................................................5384 12.3 12.3.1 12.3.1.1 12.3.1.2 12.3.1.3 12.3.1.4 12.3.1.5 12.3.1.6 12.3.1.7 12.3.1.8 12.3.2 12.3.2.1 12.3.2.2 12.3.2.3 12.3.2.4 12.3.3 12.3.3.1 12.3.3.2 12.3.3.3 12.3.3.4 12.3.3.5 12.3.3.6 12.3.3.7 12.3.3.8 12.3.3.9 12.3.3.10 12.3.3.11 12.3.3.12 12.3.3.13 12.3.4 12.3.4.1 12.3.4.2 12.3.4.3 Working with alarms...........................................................................................................5395 Basics.................................................................................................................................5395 Alarm Logging in WinCC (Basic Panels)............................................................................5395 Alarm Logging in WinCC (Panels, RT Advanced)..............................................................5396 Alarm Procedures..............................................................................................................5398 Alarm states.......................................................................................................................5403 Alarm classes.....................................................................................................................5405 Acknowledgement..............................................................................................................5408 Alarm groups (Basic Panels, Panels, RT Advanced).........................................................5411 Alarm number (Basic Panels, Panels, RT Advanced)........................................................5411 Working with Alarms .........................................................................................................5412 Alarm components and properties.....................................................................................5412 Configuring Alarms.............................................................................................................5413 Configuring the Outputting of Alarms.................................................................................5435 Acknowledging alarms.......................................................................................................5452 Logging Alarms (Basic Panels, Panels, RT Advanced).....................................................5455 Alarm Logging Basics (Basic Panels, Panels, RT Advanced)...........................................5455 Creating an alarm log (Basic Panels, Panels, RT Advanced)............................................5457 Logging Alarms (Basic Panels, Panels, RT Advanced).....................................................5459 Configuring an alarm view for logged alarms (Basic Panels, Panels, RT Advanced)........5460 Configuring alarm buffer overflow (Basic Panels, Panels, RT Advanced).........................5461 Direct access to the ODBC log database (Panels, RT Advanced)....................................5462 Setting up the ODBC data source (Panels, RT Advanced)................................................5462 Configuring a checksum for a log (Basic Panels, Panels, RT Advanced)..........................5463 Evaluating the checksum of log data (Basic Panels, Panels, RT Advanced)....................5464 Checksums for logs in regulated projects (Basic Panels, Panels, RT Advanced).............5466 Log response to language switching in runtime (Basic Panels, Panels, RT Advanced). ...5467 Managing logging behavior when Runtime starts (Basic Panels, Panels, RT Advanced)..5468 Controlling the Logging in relation to the Fill Level (Basic Panels, Panels, RT Advanced)..5469 Using Alarms in Runtime....................................................................................................5470 Alarms in Runtime (Basic Panels)......................................................................................5470 Alarms in Runtime (Panels, RT Advanced)........................................................................5472 Using the Alarm Window or Alarm View (Panels, RT Advanced)......................................5474 WinCC Advanced V14 System Manual, 10/2016 25 Table of contents 12.3.4.4 12.3.4.5 12.3.4.6 12.3.4.7 12.3.5 12.3.5.1 12.3.5.2 12.3.6 12.3.6.1 12.3.6.2 12.3.7 12.3.7.1 12.3.7.2 12.3.7.3 12.3.7.4 12.3.7.5 12.4 12.4.1 12.4.1.1 12.4.1.2 12.4.1.3 12.5 12.5.1 12.5.1.1 12.5.1.2 12.5.1.3 12.5.1.4 12.5.1.5 12.5.1.6 12.5.1.7 12.5.1.8 12.5.1.9 12.5.2 12.5.2.1 12.5.2.2 12.5.2.3 12.5.2.4 12.5.2.5 12.5.3 12.5.3.1 12.5.3.2 12.5.4 12.5.4.1 12.5.4.2 12.5.4.3 12.5.4.4 12.5.4.5 26 Using the Simple Alarm Window, Alarm View....................................................................5477 Using the Alarm Indicator...................................................................................................5480 Acknowledging alarms (Basic Panels, Panels, RT Advanced)..........................................5481 Filtering Alarms (Panels, RT Advanced)...........................................................................5482 Displaying security events..................................................................................................5483 Displaying security events on the HMI device (Panels, RT Advanced, RT Professional)..5483 Configuring the display of security events (Panels, RT Advanced, RT Professional)........5483 Sending complete alarm from the controller to the HMI device.........................................5484 Sending and automatically updating complete alarm from the controller to the HMI device (Panels, RT Advanced)...........................................................................................5484 Configuring automatic update of controller alarms on the HMI device (Panels, RT Advanced, RT Professional)..............................................................................................5486 Reference...........................................................................................................................5488 System functions for alarms...............................................................................................5488 Alarm events (Basic Panels, Panels, RT Advanced).........................................................5489 System functions for logs (Panels, RT Advanced, RT Professional).................................5490 Structure of *.csv files that contain alarms (Panels, RT Advanced, RT Professional).......5490 System events....................................................................................................................5492 Working with logs (Basic Panels, Panels, RT Advanced)..................................................5529 Working with logs for Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced)..........................................................................................................................5529 Log Basics (Basic Panels, Panels, RT Advanced).............................................................5529 Properties of Logs (Basic Panels, Panels, RT Advanced).................................................5530 Storage locations of logs (Basic Panels, Panels, RT Advanced).......................................5532 Working with recipes (Basic Panels, Panels, RT Advanced).............................................5536 Basics (Basic Panels, Panels, RT Advanced)....................................................................5536 Definition and applications (Basic Panels, Panels, RT Advanced)....................................5536 Examples for using recipes (Basic Panels, Panels, RT Advanced)...................................5538 Recipe structure (Basic Panels, Panels, RT Advanced)....................................................5538 Display of recipes (Basic Panels, Panels, RT Advanced)..................................................5540 Transferring recipe data records (Basic Panels, Panels, RT Advanced)...........................5542 Configuration of recipes (Basic Panels, Panels, RT Advanced)........................................5545 Special features of some devices (Basic Panels, Panels, RT Advanced).........................5546 Synchronization of recipe data records with the PLC (Basic Panels, Panels, RT Advanced)..........................................................................................................................5548 "Recipes" editor (Basic Panels, Panels, RT Advanced).....................................................5549 Recipes in runtime (Basic Panels, Panels, RT Advanced)................................................5552 Recipe screen and recipe view (Basic Panels, Panels, RT Advanced).............................5552 Simple recipe view (Basic Panels, Panels, RT Advanced)................................................5557 Advanced recipe view (prior to V13) (Basic Panels, Panels, RT Advanced).....................5568 Advanced recipe view (as of V13) (Basic Panels, Panels, RT Advanced).........................5578 Exporting and importing recipe data (Basic Panels, Panels, RT Advanced).....................5588 Configuring Recipes (Basic Panels, Panels, RT Advanced)..............................................5592 Creating and Editing Recipes (Basic Panels, Panels, RT Advanced)................................5592 Configuring the display of recipes (Basic Panels, Panels, RT Advanced).........................5602 Examples (Basic Panels, Panels, RT Advanced)..............................................................5607 Example of creating a recipe (Basic Panels, Panels, RT Advanced).................................5607 Example of configuring a recipe screen (Panels, RT Advanced).......................................5609 Scenario for Entering Recipe Data Records in Runtime (Panels, RT Advanced)..............5611 Scenario for a manual production sequence (Panels, RT Advanced)...............................5612 Scenario for an Automatic Production Sequence (Panels, RT Advanced)........................5614 WinCC Advanced V14 System Manual, 10/2016 Table of contents 12.6 12.6.1 12.6.1.1 12.6.1.2 12.6.2 12.6.2.1 12.6.2.2 12.6.3 12.6.3.1 12.6.4 12.6.4.1 12.6.4.2 12.6.4.3 12.6.4.4 12.6.4.5 12.6.4.6 12.6.4.7 12.6.4.8 12.6.4.9 12.6.4.10 12.6.4.11 Working with reports (Panels, RT Advanced)....................................................................5615 Basics (Panels, RT Advanced)..........................................................................................5615 Reports (Panels, RT Advanced)........................................................................................5615 Structure of reports (Panels, RT Advanced)......................................................................5616 Working with reports (Panels, RT Advanced)....................................................................5618 Creating and printing reports (Panels, RT Advanced).......................................................5618 Working with objects (Panels, RT Advanced)....................................................................5624 Operation in Runtime (Panels, RT Advanced)...................................................................5638 Printing reports (Panels, RT Advanced).............................................................................5638 Objects in reports (Panels, RT Advanced).........................................................................5638 Overview (Panels, RT Advanced)......................................................................................5638 Audit report (Panels, RT Advanced)..................................................................................5639 Date/time field (Panels, RT Advanced)..............................................................................5640 I/O field...............................................................................................................................5641 Graphic view (Panels, RT Advanced)................................................................................5642 Graphic I/O field (Panels, RT Advanced)...........................................................................5643 Alarm report (Panels, RT Advanced).................................................................................5644 Recipe report (Panels, RT Advanced)...............................................................................5646 Page number (Panels, RT Advanced)...............................................................................5647 Symbolic I/O field (Panels, RT Advanced).........................................................................5648 Text field (Panels, RT Advanced)......................................................................................5648 12.7 12.7.1 12.7.1.1 12.7.1.2 12.7.1.3 12.7.1.4 12.7.1.5 12.7.1.6 12.7.1.7 12.7.1.8 12.7.1.9 12.7.2 12.7.2.1 12.7.2.2 12.7.2.3 12.7.2.4 12.7.3 12.7.3.1 12.7.3.2 12.7.3.3 12.7.4 12.7.4.1 12.7.4.2 12.7.4.3 12.7.4.4 12.7.4.5 12.7.4.6 12.7.4.7 Configuring user administration.........................................................................................5649 Basics.................................................................................................................................5649 Field of application of the user administration....................................................................5649 Form of the user administration.........................................................................................5650 Users..................................................................................................................................5651 Users work area.................................................................................................................5653 User groups........................................................................................................................5653 User groups work area.......................................................................................................5654 Settings for the user administration (Basic Panels)...........................................................5655 Settings for the user administration (Panels, RT Advanced).............................................5657 Target groups in the user administration............................................................................5661 Building up and structuring a user administration..............................................................5661 Administering users for Runtime .......................................................................................5661 Managing users on the server............................................................................................5668 Administering users in Runtime.........................................................................................5673 Configuring access protection............................................................................................5683 Reference...........................................................................................................................5684 Objects with access protection (Basic Panels)..................................................................5684 Objects with access protection (Panels, RT Advanced)....................................................5684 Default user groups and authorizations (Basic Panels, Panels, RT Advanced)................5685 Examples...........................................................................................................................5686 Example: Configuring a button with logon dialog box........................................................5686 Example: Logging the logon and logoff events (Basic Panels, Panels, RT Advanced).....5687 Example: Structure of user administration.........................................................................5688 Example: Creating and configuring authorizations.............................................................5690 Example: Configuring a button with access protection......................................................5690 Example: Creating user groups and assigning authorizations:..........................................5692 Example: Creating users and assigning them to a user group..........................................5693 12.8 12.8.1 Working with system functions and Runtime scripting.......................................................5695 Basics (Panels, RT Advanced)..........................................................................................5695 WinCC Advanced V14 System Manual, 10/2016 27 Table of contents 12.8.1.1 12.8.1.2 12.8.1.3 12.8.2 12.8.2.1 12.8.2.2 12.8.2.3 12.8.2.4 12.8.3 12.8.3.1 12.8.3.2 12.8.3.3 12.8.3.4 12.8.3.5 12.8.3.6 12.8.3.7 12.8.3.8 12.8.3.9 12.8.3.10 12.8.4 12.8.4.1 12.8.4.2 12.8.4.3 12.8.4.4 12.8.5 12.8.5.1 12.8.5.2 12.8.5.3 12.8.5.4 12.8.6 12.8.6.1 12.8.6.2 12.8.6.3 12.8.8 12.8.8.1 12.8.8.2 12.8.8.3 Runtime scripting (Panels, RT Advanced).........................................................................5695 System functions (Panels, RT Advanced)..........................................................................5696 User-defined functions (Panels, RT Advanced).................................................................5698 Working with function lists (Panels, RT Advanced)............................................................5700 Basics of the function list (Panels, RT Advanced).............................................................5700 Properties of a function list (Panels, RT Advanced)...........................................................5701 Configuring a function list (Panels, RT Advanced).............................................................5701 Editing a function list (Panels, RT Advanced)....................................................................5703 Working with user-defined VB functions (Panels, RT Advanced)......................................5704 "Scripts" editor (Panels, RT Advanced).............................................................................5704 Access to HMI tags (Panels, RT Advanced)......................................................................5706 Access to objects (Panels, RT Advanced).........................................................................5708 Calling system functions (Panels, RT Advanced)..............................................................5708 Calling user-defined VB functions (Panels, RT Advanced)................................................5709 Transfer and return of values in VBS (Panels, RT Advanced)...........................................5711 Create customized VB functions (Panels, RT Advanced)..................................................5712 Testing the syntax of customized functions (Panels, RT Advanced).................................5714 Renaming customized VB functions (Panels, RT Advanced)............................................5715 Executing customized VB functions (Panels, RT Advanced).............................................5715 Protecting user-defined functions.......................................................................................5716 Setting up know-how protection (Panels, RT Advanced, RT Professional).......................5716 Opening user-defined functions with know-how protection................................................5716 Removing know-how protection.........................................................................................5717 Changing a password........................................................................................................5718 Debugging user-defined VB functions (Panels, RT Advanced).........................................5718 Debugging user-defined VB functions (Panels, RT Advanced).........................................5718 Integrating the debugger (Panels, RT Advanced)..............................................................5721 Registering Microsoft Script Debugger (Panels, RT Advanced)........................................5725 Starting and stopping the debugger (Panels, RT Advanced).............................................5726 Runtime behavior in Runtime (Panels, RT Advanced).......................................................5727 Executing a function list in Runtime (Panels, RT Advanced).............................................5727 Executing user-defined functions in Runtime (Panels, RT Advanced)...............................5728 Processing sequence for user-defined functions and system functions (Panels, RT Advanced)..........................................................................................................................5729 Making object properties dynamic in Runtime (Panels, RT Advanced).............................5731 Examples (Panels, RT Advanced).....................................................................................5731 Example: Converting Fahrenheit into degrees Celsius (Panels, RT Advanced)................5731 Example: Converting inches into meters (Panels, RT Advanced).....................................5733 Example: Changing the operating mode on the HMI device with the current display (Panels, RT Advanced)......................................................................................................5735 Reference...........................................................................................................................5739 Function list (Panels, RT Advanced)..................................................................................5739 Events (Basic Panels, Panels, RT Advanced)...................................................................5980 WinCC Advanced V14 - Programming reference..............................................................6002 12.9 12.9.1 12.9.1.1 12.9.1.2 12.9.1.3 12.9.1.4 12.9.1.5 12.9.1.6 Mobile Panels (Panels, RT Advanced)..............................................................................6002 Basics (Panels, RT Advanced)..........................................................................................6002 Field of application of the Mobile Panel Wireless (Panels, RT Advanced)........................6002 How does the transponder system work? (Panels, RT Advanced)....................................6004 How does the RFID system work? (Panels, RT Advanced)...............................................6006 Zones (Panels, RT Advanced)...........................................................................................6008 Zones work area at transponders (Panels, RT Advanced)................................................6009 Zones work area on connection boxes (Panels, RT Advanced)........................................6010 12.8.6.4 12.8.7 12.8.7.1 12.8.7.2 12.8.7.3 28 WinCC Advanced V14 System Manual, 10/2016 Table of contents 12.9.1.7 12.9.1.8 12.9.1.9 12.9.1.10 12.9.2 12.9.3.1 12.9.3.2 12.9.3.3 12.9.3.4 12.9.4 12.9.4.1 12.9.4.2 12.9.5 12.9.5.1 12.9.5.2 12.9.5.3 12.9.6 12.9.6.1 12.9.6.2 12.9.7 12.9.7.1 12.9.7.2 12.9.7.3 12.9.7.4 12.9.8 12.9.8.1 12.9.8.2 12.9.8.3 12.9.9 12.9.9.1 12.9.9.2 12.9.9.3 Effective ranges (Panels, RT Advanced)...........................................................................6011 Effective ranges working area (Panels, RT Advanced)......................................................6012 Effective ranges (RFID) (Panels, RT Advanced)...............................................................6013 Work area for effective ranges (RFID) (Panels, RT Advanced).........................................6014 Configuring Mobile Panels V2 for fail-safe operation (up to V11 SP2) (Panels, RT Advanced)..........................................................................................................................6016 Configuration overview (Panels, RT Advanced)................................................................6016 Creating PLC for fail-safe operation (Panels, RT Advanced).............................................6017 Installing a general station description (GSD) (Panels, RT Advanced)..............................6017 Creating a module from the GSD file (Panels, RT Advanced)...........................................6018 Creating a connection between a module and the PLC (Panels, RT Advanced)...............6021 Creating Mobile Panel (Panels, RT Advanced)..................................................................6022 Configuring Mobile Panels V2 for fail-safe operation (from V12 SP1) (Panels, RT Advanced)..........................................................................................................................6023 Configuration overview (Panels, RT Advanced)................................................................6023 Creating PLC for fail-safe operation (Panels, RT Advanced).............................................6023 Creating Mobile Panel (Panels, RT Advanced)..................................................................6024 Creating a connection between the Mobile Panel and PLC (Panels, RT Advanced).........6025 Configuring KTP Mobile Panels for fail-safe operation (Panels, RT Advanced)................6026 Creating KTP Mobile Panel for fail-safe operation (Panels, RT Advanced).......................6026 Configuring the termination of the PROFIsafe connection (Panels, RT Advanced)...........6027 Working with zones on transponders (Panels, RT Advanced)...........................................6027 Configuring a zone in the transponder system (Panels, RT Advanced)............................6027 Displaying the screen on entering a zone (Panels, RT Advanced)....................................6029 Displaying an object in relation to the zone (Panels, RT Advanced).................................6030 Working with zones on connection boxes (Panels, RT Advanced)....................................6031 Configuring the zone of a connection box (Panels, RT Advanced)....................................6031 Configuring a screen for connection to connection box (Panels, RT Advanced)...............6032 Working with effective ranges (transponders) (Panels, RT Advanced)..............................6033 Overview (Panels, RT Advanced)......................................................................................6033 Configuring an effective range (transponder) (Panels, RT Advanced)..............................6034 Configuring the effective range name (Panels, RT Advanced)..........................................6035 Configuring additional Mobile Wireless objects (Panels, RT Advanced)...........................6036 Working with effective ranges (RFID) (Panels, RT Advanced)..........................................6037 Overview (Panels, RT Advanced)......................................................................................6037 Configuring effective range (RFID) (Panels, RT Advanced)..............................................6038 Configuring the effective range name (RFID) (Panels, RT Advanced)..............................6039 Reference (Panels, RT Advanced)....................................................................................6039 PROFIsafe address (Panels, RT Advanced).....................................................................6039 Power Management (Panels, RT Advanced).....................................................................6040 Zone ID / connection point ID (Panels, RT Advanced)......................................................6040 12.10 12.10.1 12.10.1.1 12.10.1.2 12.10.1.3 12.10.1.4 12.10.1.5 12.10.1.6 12.10.1.7 12.10.1.8 12.10.2 Planning tasks....................................................................................................................6041 Basics.................................................................................................................................6041 Field of application of the Scheduler..................................................................................6041 Working with tasks and triggers.........................................................................................6042 Work area of the "Scheduler" editor...................................................................................6042 Triggers (Basic Panels)......................................................................................................6044 Triggers (Panels, RT Advanced, RT Professional)............................................................6044 Timers for cyclic triggers (Panels, RT Advanced).............................................................6046 Function list (Basic Panels)................................................................................................6046 Function list (Panels, RT Advanced, RT Professional)......................................................6046 Planning jobs......................................................................................................................6047 12.9.2.1 12.9.2.2 12.9.2.3 12.9.2.4 12.9.2.5 12.9.2.6 12.9.3 WinCC Advanced V14 System Manual, 10/2016 29 Table of contents 12.10.2.1 12.10.2.2 12.10.2.3 12.10.2.4 12.10.3 12.10.3.1 12.10.3.2 12.10.3.3 12.10.3.4 12.10.3.5 12.10.3.6 Planning tasks with acyclic triggers (Panels, RT Advanced, RT Professional)..................6047 Planning tasks with cyclic triggers .....................................................................................6048 Planning tasks with event triggers (Basic Panels, Panels, RT Advanced)........................6049 Administer task...................................................................................................................6050 Examples...........................................................................................................................6051 Example: Update user following change of user (Basic Panels, Panels, RT Advanced)...6051 Example: Terminating Runtime every day.........................................................................6052 Example: Changing the starting point of a task in Runtime (Panels, RT Advanced).........6053 Example: 1. Configuring a tag for Runtime (Panels, RT Advanced)..................................6054 Example: 2. Configuring a Date/time field (Panels, RT Advanced)....................................6054 Example: 3. Configuring a swap to archive with a timer variable (Panels, RT Advanced)..6055 12.11 12.11.1 12.11.1.1 12.11.1.2 12.11.1.3 12.11.2 12.11.3 12.11.3.1 12.11.3.2 12.11.3.3 12.11.3.4 12.11.3.5 Using diagnostics functions................................................................................................6057 Configuring system diagnostics.........................................................................................6057 Basic Panel basics (Basic Panels).....................................................................................6057 Basics on Panels and Runtime Advanced.........................................................................6060 Configuring system diagnostics objects.............................................................................6064 Monitoring functions for SIMATIC IPCs.............................................................................6072 Supervising machinery and plants with ProDiag (Panels, RT Advanced, RT Professional)..6074 Basics of supervision with ProDiag (Panels, RT Advanced, RT Professional)..................6074 Basics of supervising operands (Panels, RT Advanced, RT Professional)........................6075 Requirements and licensing (Panels, RT Advanced, RT Professional).............................6076 Visualizing supervisions (Panels, RT Advanced, RT Professional)...................................6077 Example: Visualization of the ProDiag functionality (Panels, RT Advanced, RT Professional)......................................................................................................................6100 12.12 12.12.1 Communicating with controllers.........................................................................................6112 WinCC Advanced V14 - Communication...........................................................................6112 12.13 12.13.1 12.13.1.1 12.13.1.2 12.13.1.3 12.13.1.4 12.13.1.5 12.13.1.6 12.13.1.7 12.13.2 12.13.2.1 12.13.2.2 12.13.2.3 12.13.2.4 12.13.2.5 12.13.2.6 12.13.3 12.13.3.1 12.13.3.2 Using global functions........................................................................................................6113 Working with libraries.........................................................................................................6113 Basics on libraries..............................................................................................................6113 Overview of the library view...............................................................................................6115 Master copies and types....................................................................................................6117 Libraries in WinCC.............................................................................................................6118 Managing libraries..............................................................................................................6120 Managing objects in a library.............................................................................................6128 Using types and their versions...........................................................................................6133 ...........................................................................................................................................6137 Importing and exporting project data..................................................................................6137 ...........................................................................................................................................6138 Importing and exporting alarms..........................................................................................6142 Importing and exporting tags..............................................................................................6149 Importing and exporting text lists.......................................................................................6156 Import and export of project texts.......................................................................................6160 Using cross-references......................................................................................................6163 General information about cross references......................................................................6163 Special features when working with cross-reference lists in WinCC (Panels, RT Advanced, RT Professional)..............................................................................................6163 Rewiring tags in the screens..............................................................................................6164 Textual cross-references (Panels, RT Advanced, RT Professional)..................................6167 Invalid cross-references (Panels, RT Advanced, RT Professional)...................................6169 Managing languages..........................................................................................................6171 Languages in WinCC.........................................................................................................6171 12.13.3.3 12.13.3.4 12.13.3.5 12.13.4 12.13.4.1 30 WinCC Advanced V14 System Manual, 10/2016 Table of contents 12.13.4.2 12.13.4.3 12.13.4.4 12.13.4.5 12.13.4.6 12.13.4.7 12.13.4.8 12.13.5 12.13.5.1 12.13.5.2 12.13.5.3 12.13.5.4 12.13.6 12.13.6.1 12.13.6.2 12.13.6.3 12.13.7 12.13.7.1 12.13.7.2 12.13.7.3 12.13.7.4 12.13.7.5 12.13.7.6 12.13.8 12.13.8.1 12.13.8.2 12.13.8.3 12.13.9 12.13.10 12.13.10.1 12.13.10.2 12.13.11 12.13.12 Language settings in the operating system........................................................................6172 Operating system settings for Asian languages.................................................................6173 Setting project languages...................................................................................................6174 Creating one project in multiple languages........................................................................6177 Using language-specific graphics......................................................................................6184 Languages in Runtime.......................................................................................................6188 Example of multilingual configuration.................................................................................6196 Replacing devices..............................................................................................................6199 Basics (Basic Panels, Panels, RT Advanced)....................................................................6199 Device-specific functions....................................................................................................6201 Adjusting screens to the new device..................................................................................6207 Example: Replacing devices..............................................................................................6212 Copying between devices and editors...............................................................................6217 Basics.................................................................................................................................6217 Copying and pasting..........................................................................................................6220 Copying between different RT and ES versions................................................................6224 Using WinCC version compatibility....................................................................................6226 Basics on version compatibility (Basic Panels, Panels, RT Advanced).............................6226 Editing projects of a previous WinCC version (Basic Panels, Panels, RT Advanced).......6228 Upgrading projects.............................................................................................................6229 Upgrading a global library..................................................................................................6230 Changing between device versions...................................................................................6231 Changing the device version..............................................................................................6232 Viewing memory card data.................................................................................................6233 Basics (Basic Panels, Panels)...........................................................................................6233 Working with backups........................................................................................................6234 Working with HMI device images.......................................................................................6236 HMI device wizard basics (Basic Panels, Panels).............................................................6241 Managing colors centrally..................................................................................................6242 Basic principles for color management..............................................................................6242 Finding and replacing colors..............................................................................................6243 HMI device wizard basics (RT Advanced, RT Professional)..............................................6245 Exchanging controller data from other projects..................................................................6246 12.14 12.14.1 12.14.2 12.14.2.1 12.14.2.2 12.14.2.3 12.14.2.4 12.14.2.5 12.14.2.6 12.14.2.7 12.14.2.8 12.14.2.9 12.14.2.10 12.14.2.11 12.14.3 12.14.3.1 12.14.3.2 12.14.3.3 12.14.3.4 Compiling and loading........................................................................................................6247 Establishing a connection to the HMI device.....................................................................6247 Basic Panels (Basic Panels)..............................................................................................6248 Runtime settings (Basic Panels)........................................................................................6248 Overview of compiling and loading projects (Basic Panels)...............................................6256 Compiling a project (Basic Panels)....................................................................................6257 Simulating projects (Basic Panels).....................................................................................6258 Loading projects (Basic Panels).........................................................................................6263 Runtime start (Basic Panels)..............................................................................................6266 Error messages during loading of projects (Basic) (Basic Panels)....................................6267 Adapting the project for another HMI device (Basic Panels)..............................................6269 Reducing the project size (Basic Panels)...........................................................................6270 Basics of operating in Runtime (Basic Panels)..................................................................6271 Security on the HMI device (Basic Panels)........................................................................6284 Runtime Advanced and Panels (Panels, RT Advanced)....................................................6285 Runtime settings (Panels, RT Advanced)..........................................................................6285 Overview of compiling and loading projects (Panels, RT Advanced).................................6294 Compiling a project (Panels, RT Advanced)......................................................................6296 Simulating projects (Panels, RT Advanced).......................................................................6297 WinCC Advanced V14 System Manual, 10/2016 31 Table of contents 32 12.14.3.5 12.14.3.6 12.14.3.7 12.14.3.8 12.14.3.9 12.14.3.10 12.14.3.11 12.14.3.12 12.14.3.13 12.14.4 12.14.4.1 12.14.4.2 12.14.4.3 12.14.5 12.14.5.1 12.14.5.2 12.14.5.3 12.14.5.4 12.14.5.5 12.14.5.6 12.14.5.7 12.14.5.8 12.14.5.9 12.14.5.10 12.14.5.11 12.14.6 12.14.6.1 12.14.6.2 12.14.6.3 12.14.6.4 12.14.6.5 Loading projects (Panels, RT Advanced)...........................................................................6304 Compiling and loading with Multi-User Engineering (Panels, RT Advanced)....................6315 Runtime start (Panels, RT Advanced)................................................................................6318 Viewing memory card data (Panels, RT Advanced)..........................................................6321 Error messages during the download of projects (Panels, RT Advanced).........................6328 Reducing the project size (Panels, RT Advanced).............................................................6329 Adapting the project for another HMI device (Panels, RT Advanced)................................6330 Basics of operating in Runtime (Panels, RT Advanced)....................................................6332 Security on the HMI device (Panels, RT Advanced)..........................................................6356 Viewing memory card data.................................................................................................6357 Basics (Basic Panels, Panels)...........................................................................................6357 Working with backups (Basic Panels)................................................................................6358 Working with HMI device images (Panels).........................................................................6360 Servicing the HMI device...................................................................................................6365 Overview of HMI device maintenance (Basic Panels).......................................................6365 Overview of HMI device maintenance tasks (Basic Panels)..............................................6366 ProSave.............................................................................................................................6367 Backup of HMI data............................................................................................................6367 Backing up and restoring data of the HMI device..............................................................6369 Updating the operating system..........................................................................................6370 Updating the operating system on the HMI device............................................................6372 Transferring license keys...................................................................................................6373 Managing licenses.............................................................................................................6374 Installing and uninstalling an option...................................................................................6376 Loading Asian fonts to the HMI device (Panels, RT Advanced)........................................6377 Printer driver (Comfort Panels)..........................................................................................6377 Validity (Comfort Panels)...................................................................................................6377 Supported HMI devices (Comfort Panels)..........................................................................6378 Setting up the printer driver (Comfort Panels)....................................................................6379 Installation (Comfort Panels)..............................................................................................6382 Transferring the Options (Comfort Panels)........................................................................6382 12.15 12.15.1 12.15.1.1 12.15.1.2 12.15.1.3 12.15.1.4 12.15.1.5 12.15.2 12.15.2.1 12.15.2.2 12.15.2.3 12.15.2.4 12.15.2.5 12.15.2.6 12.15.2.7 Performance features.........................................................................................................6383 General technical specifications.........................................................................................6383 Permitted characters..........................................................................................................6383 Recommended printers......................................................................................................6384 Printing via print server......................................................................................................6385 Memory requirement of recipes.........................................................................................6386 Memory requirements of recipes for Basic Panels, OP 77A, and TP 177A.......................6388 Performance features of the devices.................................................................................6389 Basic Panel (Basic Panels)................................................................................................6389 Basic Panel 2nd Generation (Basic Panels)......................................................................6392 Panel (Panels)....................................................................................................................6396 Mobile Panel (Panels)........................................................................................................6399 Multi Panel (Panels)...........................................................................................................6405 Comfort Panel (Panels)......................................................................................................6408 WinCC Runtime Advanced (RT Advanced).......................................................................6414 12.16 12.16.1 Options...............................................................................................................................6418 WinCC Advanced V14 - Options........................................................................................6418 12.17 12.17.1 12.17.1.1 Interfaces...........................................................................................................................6419 OPC for Runtime Advanced (Panels, RT Advanced).........................................................6419 Basics (Panels, RT Advanced)..........................................................................................6419 WinCC Advanced V14 System Manual, 10/2016 Table of contents 13 12.17.1.2 12.17.1.3 12.17.1.4 12.17.1.5 Security concept of OPC UA (Panels, RT Advanced)........................................................6422 Configuring an OPC server (Panels, RT Advanced)..........................................................6424 Configuring an OPC client (Panels, RT Advanced)...........................................................6426 Reference (Panels, RT Advanced)....................................................................................6432 12.18 12.18.1 12.18.2 12.18.2.1 12.18.2.2 12.18.2.3 12.18.2.4 12.18.2.5 Migrating to WinCC in the TIA Portal.................................................................................6435 Overview of the migration to WinCC in the TIA Portal.......................................................6435 WinCC flexible....................................................................................................................6435 Libraries.............................................................................................................................6435 Screens and templates......................................................................................................6437 Scripts in faceplates...........................................................................................................6439 Synchronization of recipes.................................................................................................6440 Special considerations for converting................................................................................6441 Using technology functions.....................................................................................................................6443 13.1 13.1.1 13.1.1.1 13.1.1.2 13.1.1.3 13.1.1.4 13.1.1.5 13.1.1.6 13.1.1.7 13.1.1.8 13.1.2 13.1.2.1 13.1.2.2 13.1.2.3 13.1.2.4 13.1.2.5 13.1.2.6 13.1.2.7 13.1.2.8 13.1.2.9 13.1.2.10 13.1.2.11 13.1.3 13.1.3.1 13.1.3.2 13.1.3.3 13.1.4 13.1.4.1 13.1.4.2 13.1.4.3 13.1.5 13.1.5.1 13.1.5.2 13.1.5.3 13.1.5.4 13.1.5.5 PID control.........................................................................................................................6443 Principles for control...........................................................................................................6443 Controlled system and actuators........................................................................................6443 Controlled systems.............................................................................................................6444 Characteristic values of the control section........................................................................6446 Pulse controller..................................................................................................................6448 Response to setpoint changes and disturbances..............................................................6452 Control Response at Different Feedback Structures..........................................................6453 Selection of the controller structure for specified controlled systems................................6461 PID parameter settings......................................................................................................6462 Configuring a software controller.......................................................................................6462 Overview of software controller..........................................................................................6462 Steps for the configuration of a software controller............................................................6464 Add technology objects......................................................................................................6465 Configure technology objects.............................................................................................6466 Call instruction in the user program...................................................................................6467 Downloading technology objects to device........................................................................6468 Commissioning software controller....................................................................................6469 Save optimized PID parameter in the project.....................................................................6469 Comparing values..............................................................................................................6470 Parameter view..................................................................................................................6473 Display instance DB of a technology object.......................................................................6490 Using PID_Compact (S7-1200, S7-1500)..........................................................................6490 Technology object PID_Compact (S7-1200, S7-1500)......................................................6490 PID_Compact V2 (S7-1200, S7-1500)...............................................................................6491 PID_Compact V1 (S7-1200)...............................................................................................6507 Using PID_3Step (S7-1200, S7-1500)...............................................................................6522 Technology object PID_3Step (S7-1200, S7-1500)...........................................................6522 PID_3Step V2 (S7-1200, S7-1500)....................................................................................6523 PID_3Step V1 (S7-1200)....................................................................................................6540 Using PID_Temp (S7-1200, S7-1500)...............................................................................6555 Technology object PID_Temp (S7-1200, S7-1500)...........................................................6555 Configuring PID_Temp (S7-1200, S7-1500)......................................................................6556 Commissioning PID_Temp (S7-1200, S7-1500)................................................................6577 Cascade control with PID_Temp (S7-1200, S7-1500).......................................................6585 Multi-zone controlling with PID_Temp (S7-1200, S7-1500)...............................................6591 13.2 Using S7-1200 Motion Control (S7-1200)..........................................................................6594 WinCC Advanced V14 System Manual, 10/2016 33 Table of contents 13.2.1 13.2.1.1 13.2.1.2 13.2.2 13.2.2.1 13.2.2.2 13.2.2.3 13.2.2.4 13.2.2.5 13.2.3 13.2.4 13.2.4.1 13.2.4.2 13.2.4.3 13.2.4.4 13.2.4.5 13.2.5 13.2.5.1 13.2.5.2 13.2.5.3 13.2.5.4 13.2.6 13.2.6.1 13.2.6.2 13.2.6.3 13.2.6.4 13.2.7 13.2.8 13.2.8.1 13.2.8.2 13.2.9 13.2.9.1 13.2.9.2 13.2.9.3 13.2.9.4 13.2.9.5 13.2.9.6 13.2.9.7 13.2.10 13.2.10.1 13.2.10.2 13.2.10.3 13.2.10.4 13.2.11 13.2.11.1 13.2.11.2 13.2.11.3 13.2.11.4 13.2.11.5 13.2.11.6 13.2.11.7 13.2.11.8 34 Introduction (S7-1200).......................................................................................................6594 Motion functionality of the CPU S7-1200 (S7-1200)..........................................................6594 Hardware components for motion control (S7-1200).........................................................6595 Basics for working with S7-1200 Motion Control (S7-1200)...............................................6597 Stepper motor on the PTO (S7-1200)................................................................................6597 PROFIdrive drive / analog drive connection (S7-1200)......................................................6604 Hardware and software limit switches (S7-1200)...............................................................6618 Jerk limit (S7-1200)............................................................................................................6619 Homing (S7-1200)..............................................................................................................6620 Guidelines on use of motion control (S7-1200)..................................................................6622 Using versions (S7-1200)...................................................................................................6622 Overview of versions (S7-1200).........................................................................................6622 Changing a technology version (S7-1200).........................................................................6626 Compatibility list of variables V1...3 <-> V4...5 (S7-1200)..................................................6626 Compatibility list of variables V4...5 <-> V6 (S7-1200).......................................................6629 Status of limit switch (S7-1200)..........................................................................................6630 Positioning axis technology object (S7-1200)....................................................................6631 Integration of the positioning axis technology object (S7-1200).........................................6631 Tools of the positioning axis technology object (S7-1200).................................................6634 Adding a positioning axis technology object (S7-1200).....................................................6636 Configuring the positioning axis technology object (S7-1200)...........................................6637 Technology object command table (S7-1200)...................................................................6695 Use of the command table technology object (S7-1200)...................................................6695 Command table technology object tools (S7-1200)...........................................................6695 Adding the technological object command table (S7-1200)...............................................6696 Configuring the command table technology object (S7-1200)...........................................6697 Download to CPU (S7-1200)..............................................................................................6714 Commissioning (S7-1200)..................................................................................................6715 Axis control panel (S7-1200)..............................................................................................6715 Tuning (S7-1200)...............................................................................................................6718 Programming (S7-1200).....................................................................................................6720 Overview of the Motion Control statements (S7-1200)......................................................6720 Creating a user program (S7-1200)...................................................................................6721 Programming notes (S7-1200)...........................................................................................6724 Behavior of the Motion Control commands after POWER OFF and restart (S7-1200)......6726 Monitoring active commands (S7-1200)............................................................................6726 Error displays of the Motion Control statements (S7-1200)...............................................6737 Restart of technology objects (S7-1200)............................................................................6738 Axis - Diagnostics (S7-1200)..............................................................................................6739 Status and error bits (technology objects as of V4) (S7-1200).........................................6739 Motion status (S7-1200).....................................................................................................6742 Dynamics settings (S7-1200).............................................................................................6742 PROFIdrive frame (S7-1200).............................................................................................6743 Appendix (S7-1200)...........................................................................................................6744 Using multiple axes with the same PTO (S7-1200)...........................................................6744 Using multiple drives with the same PTO (S7-1200).........................................................6747 Tracking jobs from higher priority classes (execution levels) (S7-1200)............................6748 Special cases when using software limit switches for drive connection via PTO (S7-1200)..6750 Reducing velocity for a short positioning duration (S7-1200).............................................6756 Dynamic adjustment of start/stop velocity (S7-1200).........................................................6757 Move the axis without position control for servicing (S7-1200)..........................................6757 List of ErrorIDs and ErrorInfos (technology objects as of V6) (S7-1200)...........................6758 WinCC Advanced V14 System Manual, 10/2016 Table of contents 13.2.11.9 Tags of the positioning axis technology object as of V6 (S7-1200)...................................6782 13.2.11.10 Versions V1...5 (S7-1200)..................................................................................................6818 14 Using online and diagnostics functions..................................................................................................6929 14.1 Displaying accessible devices............................................................................................6929 14.2 Changing the device configuration online..........................................................................6930 14.3 14.3.1 14.3.2 14.3.3 14.3.4 14.3.5 14.3.6 14.3.7 Connecting devices online.................................................................................................6931 General information about online mode.............................................................................6931 View in online mode...........................................................................................................6933 Default setting online connection data...............................................................................6934 Establishing or changing an online connection..................................................................6935 Canceling an online connection.........................................................................................6937 Connecting online with several devices.............................................................................6938 Disconnecting online connections of multiple devices.......................................................6939 14.4 14.4.1 14.4.2 14.4.2.1 14.4.2.2 14.4.2.3 14.4.3 14.4.3.1 14.4.3.2 14.4.3.3 Creating a backup of an S7 CPU.......................................................................................6939 Backup options for S7 CPUs..............................................................................................6939 Backing up S7-300 and S7-400 CPUs (S7-300, S7-400, PC)...........................................6941 Creating a backup of a device (S7-300, S7-400, PC)........................................................6941 Restoring the software and hardware configuration of a device (S7-300, S7-400, PC).....6942 Backing up a device configuration (S7-300, S7-400, PC)..................................................6943 Backing up S7-1200 and S7-1500 CPUs (S7-1200, S7-1500, S7-1500)...........................6944 Creating a backup of a device (S7-1200, S7-1500, S7-1500)...........................................6944 Backing up a device configuration (S7-1200, S7-1500, S7-1500).....................................6945 Restoring the configuration of a device (S7-1200, S7-1500, S7-1500)..............................6946 14.5 14.5.1 14.5.2 14.5.3 14.5.4 14.5.5 14.5.6 14.5.6.1 14.5.6.2 14.5.6.3 14.5.6.4 14.5.6.5 14.5.6.6 14.5.6.7 14.5.7 14.5.7.1 14.5.7.2 14.5.7.3 14.5.7.4 14.5.7.5 14.5.7.6 Configuring the PG/PC interface........................................................................................6947 Online access.....................................................................................................................6947 Basics of assigning parameters for the PG/PC interface...................................................6949 Showing or hiding interfaces..............................................................................................6950 Displaying and modifying interface properties...................................................................6950 Adding interfaces...............................................................................................................6951 Setting parameters for the Ethernet interface....................................................................6952 Setting parameters for the Industrial Ethernet interface.....................................................6952 Displaying operating system parameters...........................................................................6953 Connecting the PG/PC interface to a subnet.....................................................................6953 Setting parameters for the Ethernet interface....................................................................6954 Assigning a temporary IP address.....................................................................................6954 Managing temporary IP addresses....................................................................................6955 Resetting the TCP/IP configuration....................................................................................6955 Setting parameters for the MPI and PROFIBUS interfaces...............................................6956 Setting parameters for the MPI and PROFIBUS interfaces...............................................6956 Setting MPI or PROFIBUS interface parameters automatically.........................................6957 Setting parameters for the MPI interface...........................................................................6958 Setting parameters for the PROFIBUS interface...............................................................6960 Overview of the bus parameters for PROFIBUS................................................................6962 Resetting the MPI or PROFIBUS configuration.................................................................6963 14.6 14.6.1 14.6.1.1 14.6.2 14.6.2.1 Using the trace and logic analyzer function.......................................................................6964 Preface...............................................................................................................................6964 Security information...........................................................................................................6965 Description.........................................................................................................................6966 Supported hardware...........................................................................................................6966 WinCC Advanced V14 System Manual, 10/2016 35 Table of contents 36 14.6.2.2 14.6.2.3 14.6.2.4 14.6.3 14.6.3.1 14.6.3.2 14.6.3.3 14.6.3.4 14.6.4 14.6.4.1 14.6.4.2 14.6.4.3 14.6.4.4 14.6.4.5 14.6.4.6 14.6.5 14.6.5.1 Recording of measured values with the trace function......................................................6966 Trace configuration, recording, installed trace and measurement.....................................6968 Data storage.......................................................................................................................6969 Software user interface......................................................................................................6970 Project navigator................................................................................................................6972 Working area......................................................................................................................6977 Trace task card..................................................................................................................6987 Inspector window...............................................................................................................6989 Operation...........................................................................................................................6990 Quick start..........................................................................................................................6990 Using the trace function - overview....................................................................................6994 Project tree.........................................................................................................................6995 Working area - general.......................................................................................................6997 Working area - Configuration tab.......................................................................................7002 Working area - Diagram tab...............................................................................................7003 Devices..............................................................................................................................7010 S7-1200/1500 CPUs..........................................................................................................7010 14.7 14.7.1 14.7.1.1 14.7.1.2 14.7.1.3 14.7.2 14.7.2.1 14.7.2.2 14.7.2.3 14.7.2.4 14.7.3 14.7.3.1 14.7.3.2 14.7.3.3 14.7.3.4 14.7.3.5 14.7.3.6 14.7.4 14.7.4.1 14.7.4.2 14.7.4.3 14.7.4.4 14.7.4.5 14.7.4.6 14.7.5 14.7.5.1 14.7.5.2 14.7.5.3 14.7.5.4 14.7.5.5 14.7.6 14.7.6.1 14.7.6.2 14.7.6.3 14.7.6.4 Establish remote connection with Teleservice...................................................................7025 Basics of working with TeleService....................................................................................7025 Introduction to TeleService................................................................................................7025 TeleService functionality....................................................................................................7026 Telephone book at TeleService.........................................................................................7026 Working with the phone book.............................................................................................7027 Basics on working with the phone book.............................................................................7027 Structure of the phone book...............................................................................................7028 Symbols in the phone book................................................................................................7029 Manage phone book..........................................................................................................7029 Remote connections as dial-up connections......................................................................7035 Basics for establishing a dial-up connection......................................................................7035 Telephone networks and modems.....................................................................................7036 Access protection for dial-up connections..........................................................................7039 TS adapter MPI..................................................................................................................7044 TS adapter IE.....................................................................................................................7051 Establishing a dial-up connection to a remote system.......................................................7057 Remote VPN connections..................................................................................................7059 Basics for establishing a VPN connection..........................................................................7059 Basics of CA certificates....................................................................................................7060 Installing CA certificates for VPN connections...................................................................7062 Deleting CA certificates for VPN connections....................................................................7065 Establishing a VPN connection to a remote system..........................................................7065 TS Adapter IE Advanced....................................................................................................7067 CPU controlled TeleService remote connections ..............................................................7071 Overview of CPU controlled remote connections...............................................................7071 Establishing a connection from and to remote systens (PG-AS-remote coupling)............7072 Data exchange between remote systems (AS-AS-remote coupling).................................7074 Send SMS from a system..................................................................................................7076 Send an email from a system.............................................................................................7077 Notes on troubleshooting...................................................................................................7080 General information on troubleshooting for modem problems...........................................7080 Recording a log file for the modem....................................................................................7080 Dial-up connection to the TS Adapter is not established...................................................7081 Dial-up connection from the TS Adapter is not established...............................................7083 WinCC Advanced V14 System Manual, 10/2016 Table of contents 15 14.7.6.5 14.7.6.6 14.7.6.7 14.7.6.8 Modem connection is interrupted.......................................................................................7084 Checklist for troubleshooting the modem...........................................................................7084 Modem alarms...................................................................................................................7085 Possible error messages with VPN connections................................................................7086 14.8 14.8.1 14.8.2 Simulating devices with S7-PLCSIM..................................................................................7087 Simulation of devices.........................................................................................................7087 Starting the simulation........................................................................................................7087 Using Team Engineering........................................................................................................................7089 15.1 15.1.1 15.1.2 15.1.3 15.1.4 Shared commissioning of projects.....................................................................................7089 Basics for shared commissioning.......................................................................................7089 Requirements for shared commissioning...........................................................................7092 Procedure for shared commissioning.................................................................................7093 Rules for shared commissioning........................................................................................7096 15.2 15.2.1 15.2.2 15.2.3 15.2.4 15.2.5 15.2.6 15.2.6.1 15.2.6.2 15.2.6.3 Exchanging data with Inter Project Engineering (IPE).......................................................7102 Basics of Inter Project Engineering (IPE)...........................................................................7102 Requirements for Inter Project Engineering (IPE)..............................................................7105 Overview for working with Inter Project Engineering (IPE)................................................7105 Creating "Device proxy data" in the source project............................................................7108 Creating an IPE file by means of the "Device proxy data".................................................7109 Using controller data from other projects with IPE.............................................................7109 Using controller data from other projects in an HMI device ..............................................7109 Communication with device proxies...................................................................................7121 Integrated configuring with WinCC and SIMATIC Manager...............................................7128 15.3 15.3.1 15.3.2 15.3.3 15.3.4 15.3.5 15.3.6 15.3.7 15.3.8 15.3.8.1 15.3.8.2 15.3.8.3 15.3.8.4 15.3.9 15.3.9.1 15.3.9.2 15.3.9.3 15.3.10 15.3.10.1 15.3.10.2 15.3.10.3 15.3.10.4 15.3.10.5 15.3.10.6 15.3.10.7 15.3.10.8 15.3.10.9 Using Multiuser Engineering..............................................................................................7140 Introduction to Multiuser Engineering.................................................................................7140 Overview of the mode of operation with Multiuser Engineering.........................................7143 Basics of the multiuser server concept..............................................................................7147 Requirements for working with Multiuser Engineering.......................................................7150 Supported objects for Multiuser Engineering.....................................................................7152 Settings for working with Multiuser Engineering................................................................7154 Requirements for multiuser projects..................................................................................7156 Operator controls in Multiuser Engineering........................................................................7158 Multiuser icons in the user interface...................................................................................7158 Multiuser icons in the user interface...................................................................................7159 Multiuser banner in the user interface................................................................................7161 Functionality of the multiuser editor...................................................................................7162 Installing and uninstalling the Multiuser server..................................................................7165 Notes on the installation of the multiuser server................................................................7165 Installing the multiuser server............................................................................................7166 Uninstalling the multiuser server........................................................................................7167 Configuring and managing the multiuser server................................................................7168 Options for configuring and administering the multiuser server.........................................7168 Using the graphic tool........................................................................................................7169 Using the command line tools............................................................................................7188 Confirm the certificate for a multiuser server.....................................................................7200 Enter access data for the multiuser server.........................................................................7200 Transferring server data to other multiuser servers...........................................................7201 Reading out error log for multiuser server..........................................................................7202 Error log for multiuser server packed as Zip file.................................................................7204 Information on response of the multiuser server to errors.................................................7204 WinCC Advanced V14 System Manual, 10/2016 37 Table of contents 15.3.10.10 15.3.11 15.3.11.1 15.3.11.2 15.3.11.3 15.3.11.4 15.3.11.5 15.3.11.6 15.3.11.7 15.3.12 15.3.12.1 15.3.12.2 15.3.12.3 15.3.12.4 15.3.12.5 15.3.13 15.3.13.1 15.3.13.2 15.3.14 15.3.14.1 15.3.14.2 15.3.15 15.3.15.1 15.3.15.2 15.3.15.3 15.3.15.4 Supported network configurations for the multiuser server................................................7205 Working with the multiuser server......................................................................................7220 Introduction to the multiuser server....................................................................................7220 Setting the multiuser network profiles................................................................................7221 Adding a new multiuser server connection........................................................................7222 Displaying the multiuser server connection........................................................................7223 Editing the multiuser server connection.............................................................................7224 Restore multiuser server connection..................................................................................7225 Deleting the multiuser server connection...........................................................................7226 Working with the local multiuser server..............................................................................7227 Introduction to the local multiuser server...........................................................................7227 Configuring the local multiuser server................................................................................7228 Displaying the local multiuser server..................................................................................7229 Starting the local multiuser server......................................................................................7229 Exiting the local multiuser server.......................................................................................7231 Creating and managing multiuser server projects..............................................................7231 Introduction to working in multiuser server projects...........................................................7231 Adding a new multiuser server project...............................................................................7232 Working in the local session...............................................................................................7233 Creating and managing a local session.............................................................................7233 Editing objects in the local session....................................................................................7242 Working in the server project view.....................................................................................7260 Introduction to working in the server project view..............................................................7260 Opening and closing the server project view.....................................................................7262 Editing objects in the server project view...........................................................................7263 Renaming objects in the server project view......................................................................7265 Index.......................................................................................................................................................7267 38 WinCC Advanced V14 System Manual, 10/2016 1 System overview of STEP 7 and WinCC 1.1 Scaling of STEP 7 and WinCC in the TIA Portal Scope of performance of the products The following graphic shows the scope of performance of the individual products of STEP 7 and WinCC: 6,0$7,&67(3 6,0$7,&:LQ&& 3URJUDPPLQJODQJXDJHV /$')%'6&/67/ 6*5$3+ 0DFKLQHOHYHORSHUDWLRQ DQGPRQLWRULQJ 6&$'$DSSOLFDWLRQV 66RIWZDUH&RQWUROOHU 6&$'$ 6:LQ$& 3URIHVVLRQDO $GYDQFHG &RPIRUW %DVLF 6 %DVLF 3URIHVVLRQDO 6 6LQJOHXVHU3& &RPIRUW3DQHOVDQG[ 1RPLF 0RELOH %DVLF3DQHOV &RPPXQLFDWLRQ 352),%86352),1(7$6L,2/LQN(71HWZRUNWRSRORJ\ 352),VDIHYLD352),%86DQG352),1(7 &RPPRQIXQFWLRQV 6\VWHPGLDJQRVWLFVLPSRUWH[SRUWWR([FHOUHXVLQJHOHPHQWVZLWKWKHKHOSRIOLEUDULHVDQGPXFKPRUHEHVLGHV * Only for STEP 7 Professional for S7-300 / 400 / WinAC and S7-1500 ** With installed optional package "STEP 7 Safety Advanced" STEP 7 STEP 7 (TIA Portal) is the engineering software for configuring the SIMATIC S7-1200, S7-1500, S7-300/400 and WinAC controller families. STEP 7 (TIA Portal) is available in two editions, depending on the configurable controller families: STEP 7 Basic for configuring the S7-1200 STEP 7 Professional for configuring S7-1200, S7-1500, S7-300/400 and SoftwareController (WinAC) WinCC Advanced V14 System Manual, 10/2016 39 System overview of STEP 7 and WinCC 1.2 Options for STEP 7 and WinCC Engineering WinCC WinCC (TIA Portal) is an engineering software for configuring SIMATIC Panels, SIMATIC Industrial PCs, and Standard PCs with the WinCC Runtime Advanced or the SCADA System WinCC Runtime Professional visualization software. WinCC (TIA Portal) is available in four editions, depending on the configurable operator control systems: WinCC Basic for configuring Basic Panels WinCC Basic is included with every STEP 7 Basic and STEP 7 Professional product. WinCC Comfort for configuring all panels (including Comfort Panels, Mobile Panels) WinCC Advanced for configuring all panels and PCs with the WinCC Runtime Advanced visualization software WinCC Runtime Advanced is a visualization software for PC-based single-station systems. WinCC Runtime Advanced can be purchased with licenses for 128, 512, 2k, 4k, 8k and 16k PowerTags (tags with a process interface). WinCC Professional for configuring panels and PCs with WinCC Runtime Advanced or SCADA System WinCC Runtime Professional. WinCC Professional is available in the following editions: WinCC Professional for 512 and 4096 PowerTags as well as "WinCC Professional max. PowerTags". WinCC Runtime Professional is a SCADA system for structuring a configuration ranging from single-station systems to multi-station systems including standard clients or web clients. WinCC Runtime Professional can be purchased with licenses for 128, 512, 2k, 4k, 8k, 64k, 100k, 150k and 256k PowerTags (tags with a process interface). With WinCC (TIA Portal), it is also possible to configure a SINUMERIK PC with WinCC Runtime Advanced or WinCC Runtime Professional and HMI devices with SINUMERIK HMI Pro sl RT or SINUMERIK Operate WinCC RT Basic. 1.2 Options for STEP 7 and WinCC Engineering The following cross-product options are available for STEP 7 and WinCC Engineering: TIA Portal Multiuser (multiple users work jointly on a TIA Portal project) TIA Portal Cloud Connector (access to local interface using RDP) TIA Portal Teamcenter Gateway (connection to Teamcenter) SIMATIC Visualization Architect (creating HMI contents based on STEP7 projects) SIMATIC Energy Suite (energy management) 40 WinCC Advanced V14 System Manual, 10/2016 System overview of STEP 7 and WinCC 1.5 Options for WinCC Engineering and Runtime systems 1.3 Options for S7-1500 Runtime The engineering of the following functions is integrated in the engineering packages of SIMATIC STEP 7 Professional and/or SIMATIC Energy Suite. The enabling takes place in CPU context: SIMATIC ProDiag (machinery and plant diagnostics for S7-1500 and SIMATIC HMI) SIMATIC OPC UA S7-1500 (connection of any third-party devices to the S7-1500) SIMATIC Energy Suite S7-1500 (energy management) 1.4 Options for STEP 7 Engineering System The following options are available for STEP 7 Engineering: SIMATIC STEP 7 Safety Basic/Advanced (safety programs for F-CPUs) SIMATIC S7 PLCSIM Advanced (Virtual Controller S7-1500) SIMATIC Target 1500STM for Simulink(R) (add-on for Simulink(R)) 1.5 Options for WinCC Engineering and Runtime systems SIMATIC Panels as well as WinCC Runtime Advanced and WinCC Runtime Professional contain all essential functions for operator control and monitoring of machines or plants. Additional options allow you to extend the functionality in some cases to increase the range of available tasks. Option for Basic Panel The following add-on is available for Basic Panels: WinCC Sm@rtServer (remote operation) Options for Comfort Panels, Mobile Panels The following possible extensions are available for Comfort Panels, Mobile Panels, and Multi Panels: WinCC Audit (audit trail and electronic signature for regulated applications) SIMATIC ProDiag (machinery and plant diagnostics for S7-1500 and SIMATIC HMI) Option for Multi Panels The following add-on is available for Multi Panels: WinCC Audit (audit trail and electronic signature for regulated applications) WinCC Advanced V14 System Manual, 10/2016 41 System overview of STEP 7 and WinCC 1.5 Options for WinCC Engineering and Runtime systems Note In contrast to WinCC flexible 2008, functions from the WinCC flexible /Sm@rtService, WinCC flexible /Sm@rtAccess options as well as the WinCC flexible /OPC Server option are incorporated into the basic functionality. Options for WinCC Runtime Advanced The following possible extensions are available for WinCC Runtime Advanced: WinCC SmartServer (remote operation) WinCC Recipes (recipe system) WinCC Logging (logging of process values and alarms) WinCC Audit (audit trail for regulated applications) SIMATIC ProDiag (machinery and plant diagnostics for S7-1500 and SIMATIC HMI) Note In contrast to WinCC flexible 2008, functions from the WinCC flexible /Sm@rtService, WinCC flexible /Sm@rtAccess options as well as the WinCC flexible /OPC Server option are incorporated into the basic functionality. Options for WinCC Runtime Professional The following possible extensions are available for WinCC Runtime Professional: WinCC Client (standard client for structuring multi-station systems) WinCC Server (supplements WinCC Runtime to include server functionality) WinCC Recipes (recipe system, formerly WinCC / UserArchives) WinCC WebNavigator (Web-based operator control and monitoring) WinCC DataMonitor (display and evaluation of process states and historical data) WinCC ControlDevelopment (extension by means of customer-specific controls) WebUX (platform and browser-independent operation and monitoring via the Web) SIMATIC Information Server 2014 (Web-based and browser-independent analysis and reports of historic process data) SIMATIC Process Historian 2014 (plant-wide archive server for messages and process data) Industrial Data Bridge (configurable connections to databases and IT systems) Redundancy (increased availability due to redundant server) SIMATIC ProDiag (machinery and plant diagnostics for S7-1500 and SIMATIC HMI) 42 WinCC Advanced V14 System Manual, 10/2016 System overview of STEP 7 and WinCC 1.5 Options for WinCC Engineering and Runtime systems Note In contrast to WinCC V7, functions from the WinCC /OPC-Server and WinCC / ConnectivityPack options are incorporated into the basic functionality. Likewise, the basic functionality includes the Runtime API from WinCC /ODK. WinCC Advanced V14 System Manual, 10/2016 43 System overview of STEP 7 and WinCC 1.5 Options for WinCC Engineering and Runtime systems 44 WinCC Advanced V14 System Manual, 10/2016 What's new in TIA Portal V14 2.1 2 Introduction Description All important new features compared to the present version V13 SP1 are summarized here. You can find additional details on the various topics of the product documentation in the individual sections. 2.2 SIMATIC STEP 7 Description All important new features of STEP 7 are shown grouped together based on the engineering workflow. Hardware configuration Support of the S7-1500 T-CPU family, with the Motion Control functions "constant velocity" and "cam disks". Support of the new CPU 1518(F)-4 PN/DP ODK (Open Development Kit), which enables C/C++ functions created via the SIMATIC ODK 1500S to be integrated into the user program Support of the CPU 1516pro (F)-2 PN Support of the new S7-1500 failsafe software controller IO devices can be grouped in the project tree to quickly find and technologically merge devices. The arrangement of the devices in the topological view can be synchronized with the network view. Own profiles can be defined in the hardware catalog for easy and quick access to frequently used modules. Editors for programming languages Separate editors are available for the new technology objects Output Cam, Cam Track and Measuring Input. There is also a convenient cam disk editor for the S7-1500T controllers. SCL networks can be inserted into a LAD/FBD block. "Regions" can be used in SCL program code to improve structuring and navigation. You can hide the block parameters when calling the block in LAD or FBD. WinCC Advanced V14 System Manual, 10/2016 45 What's new in TIA Portal V14 2.2 SIMATIC STEP 7 The comparison of PLC programs has been thoroughly revised and enables the quick and convenient comparison of source code with many filter options. Networks in the programming editors for LAD / FBD / STL are automatically displayed as they were when you last exited the block. Language innovations ARRAYs of variable length can be passed with ARRAY[*]. Multiple instances can be declared in ARRAYs in the block interface and called in loops. This helps to significantly reduce the program code and provides better readability and more efficient programming when processing the same program objects. The data type DB_ANY can also be used for technology objects. This allows technology objects to be handled more flexibly in the program. An "ARRAY of DB_ANY" may be a list of positioning axes, for example. Instances can be passed as a parameter in the "InOut" section of the block interface so that only one dedicated instance needs to be selected in the call. Message texts and comments for up to 3 languages can be loaded into the PLC S7-1500 and changed online. Messages/diagnostics Using the new "Get_Alarm" instruction, messages can be directly read from the message server of the S7-1500 CPU and, sent and to a higher-level reporting system (e.g. process control system), for example. With the instruction "GET_DIAG" in Mode 1, the diagnostic data are output in the DIS structure. Bit 15 of the parameter IOState of this structure outputs the signal status "1" when a network / hardware fault has occurred. Trace The Trace function enables different measurements to be displayed in a shared diagram ("overlaid measurements"). In addition, with the Trace function, after completion, messages can be stored on the memory card independently of the power supply, and if required, can be automatically restarted. Online functions Restructuring of the toolbar in the DB editor with the possibility to reinitialize complete data blocks with the defined start values. Structures in the block can be observed directly in the Inspector window including the call environment. 46 WinCC Advanced V14 System Manual, 10/2016 What's new in TIA Portal V14 2.2 SIMATIC STEP 7 System functions The new global search enables cross-project searching for PLC and HMI objects. In addition, the search results can be restricted by filter. A "GoTo" function is also available. TIA Portal settings can be exported or imported and stored on a central server. If the server path is available, for example, the stored settings are used automatically as "default" every time you restart the TIA Portal. Innovative help/information system with tab technology, improved search function and the possibility to filter information by device families. The new cross-reference list provides a quick overview of the use of objects and devices within the project. - Support of overlapping accesses (PLC tags) - Support of know-how-protected blocks - Access to Individual elements of an ARRAY - Representation of objects which occur both in HMI and PLC devices - Free entry of objects to be searched for in the cross-reference list possible - Various filter options - Convenient and central provision of updates in company networks. - A company server can be configured with the TIA Automation Corporate Configuration Tool. The available updates / support packages are stored on the server and are thus available to users. S7-PLCSIM Quick start of S7-PLCSIM in compact mode and without a simulation project. Devices can be exchanged in the simulation project so that existing TIM tables and sequence entries can continue to be used without any problems. Sequences can be automatically started on the basis of a trigger condition. Sequences can be temporarily deactivate. Decentralized I/O devices can be simulated in the device view. Motion Control applications Pre-configured and integrated connection and configuration of the SINAMICS V90 PN drive message to a Motion Control technology object of SIMATIC S7-1500. Automatic data synchronization between the controller and the drive. See also Engineering options (Page 51) Runtime options (Page 53) WinCC Advanced V14 System Manual, 10/2016 47 What's new in TIA Portal V14 2.3 SIMATIC WinCC 2.3 SIMATIC WinCC Configuring screens New view on distributed I/Os of the system diagnostic controls. Improvements of controls: - New scroll bar with configurable colors. - Dynamic number of commands in the drop-down menu for recipe control. - Expansion of the slider, bar, gauge controls with up to four limits. New "Siemens TIA Portal Icons" fonts. Graphics library includes new graphics and completely revised structure. Working with tags Symbolic address multiplexing of PlcUDT instances within a ARRAY variable of a data block. Hierarchical IntelliSense for connecting PLC data to HMI tags. SIMATIC Panels and SIMATIC WinCC Runtime Advanced Transfer of configuration via USB stick / SD card for Basic Panels 2ndGeneration, Comfort Panels, Outdoor Panels, Mobile Panels and WinCC Runtime Advanced. Sm@rt Server Option for Basic Panel 2nd Generation. The safety of the following features has been enhanced: - The following components are signed: Comfort and Mobile Panel: Runtime, ProSave options and Runtime add-ons. Basic Panels 2nd Generation: Image of the panel - Security of passwords used in Runtime - Web browser connection to a Sm@rtServer via HTTPS protocol possible and secure connection from a Web SmartClient to the Sm@rtServer possible. The maximum number of power tags in WinCC Runtime Advanced was increased to 16K. WinCC Runtime Professional WebUX option Platform and browser-independent operation and monitoring via the Web. Process diagnostics option When a process fault occurs, process diagnostics provide information about the cause and location of the error and supports troubleshooting. Extension: Quantity structure for 1200/1500 PLCs There can now be 64 connections to S7-1200/1500. 48 WinCC Advanced V14 System Manual, 10/2016 What's new in TIA Portal V14 2.4 SINAMICS Startdrive Extension: Multitouch for certain controls Gestures can now be used to move the display area of controls (trend-based controls, gridbased controls, axis controls). Harmonization: Licenses for WEBNAVIGATOR, DATAMONITOR and WebUX The license type of Web options can be counted consistently. These SCADA options as of V7.4 or V14 in the future will have uniform MLFBs and therefore there will no longer be separate MLFBs for Runtime Professional. See also Engineering options (Page 51) Runtime options (Page 53) 2.4 SINAMICS Startdrive Simplified commissioning and simplified (remote) servicing Extended routing functionality for communication between Startdrive and drive: Routing across various PROFINET systems Routing from PROFIBUS to PROFINET Simple modification of a project to the machine Upgrade G120 firmware version in the Startdrive project (beginning with firmware version 4.4) Reuse of the parameter assignment across various performance ranges. Also for G120C Faster access to Smartdrive download package in SIOS No waiting time for export control Starting with the Startdrive V13 SP1, export restriction no longer applies (export identifier AL=N, ECCN=N) More efficient configuration Optimized compilation time of the S7-CPU for networked drives configured with Startdrive Modification of the supplied S7 data blocks for drive control Drive library now without know-how protection WinCC Advanced V14 System Manual, 10/2016 49 What's new in TIA Portal V14 2.6 SIMOCODE ES V14 Simplified commissioning Assignment of PROFINET device names is now easy to do in the project navigation and in the HWCN network view via the shortcut menu of the drive. Simplified update process Automatic installation of Startdrive HSPs and updates via the TIA Portal Updater Support for new hardware New 1FP1 synchronous Reluktanz motors are supported. No manual update required HSPs for Sinamics Firmware V4.7.3 and V4.7.6 are integrated. 2.5 SIMOTION SCOUT TIA Description The SIMOTION P platform (PC-based) is now available in the TIA Portal. (Planned for approx. 3 months after release of STEP 7) You can now upload the hardware configuration for SIMOTION devices. Additional PROFINET functions for SIMOTION devices: - Shared I-device - Shared device - Seamless Media Redundancy (MRPD) - "Check of VendorID/DeviceID" and "Overwriting of the NameOfStation" (automatic configuration of the topology) - Address tailoring (modular machines) 2.6 SIMOCODE ES V14 Routing via Ethernet - PROFINET SIMOCODE ES V14 supports routing to SIMOCODE pro devices with PROFINET. Devices can now also be reached from an engineering station with SIMOCODE ES V14 Premium via Ethernet, if they are not directly connected to the PROFINET network to which the SIMOCODE pro devices are connected. This improves the capabilities of the software in systems in which SIMOCODE pro devices are used with PROFINET. 50 WinCC Advanced V14 System Manual, 10/2016 What's new in TIA Portal V14 2.7 Engineering options Migration of SIMOCODE ES 2007 group files Configurations created with SIMOCODE ES 2007 in which the parameter files for SIMOCODE pro devices have been assembled into "group files", can now be migrated directly to one and the same TIA Portal V14 project without additional configuration steps. This function improves the handling of the software when migrating from SIMOCODE ES 2007 to SIMOCODE ES V14 TIA Portal. Improved editor functions for charts with SIMOCODE pro interconnections With SIMOCODE ES V14 Standard and Premium, CFC-based charts can be copied in whole or part, saved as library elements and reused. This feature simplifies the handling of recurrent configurations for typical configurations. Clear presentation of all the important parameter settings in the parameter editor All important parameter settings for fast commissioning of a motor feeder can be displayed and edited in a new overview in SIMOCODE ES V14, which significantly helps to improve clarity. Uniform presentation of recorded trends for measured values Measured values and data recorded online and offline with SIMOCODE ES "Live Trend" and "Analog Value Recording" functions are displayed using the TIA Portal "Trace" function. The operation of this function has been significantly improved thanks to the TIA Portal-wide standardization. 2.7 Engineering options TIA Portal Multiuser TIA Portal Multiuser Engineering enables several users to simultaneously work together on a project. This reduces configuration times considerably and enables quicker commissioning of projects. The basic principle: An independent server application carries out project management. The server application can be installed independent of a TIA Portal. or project management is located on a server. The server can be installed independent of a TIA Portal. Different users work in local sessions, based on the projects managed by the server. Users work independently from each other in local sessions; changes made by other editors are displayed and can be applied. The changes from the local sessions are transferred to the server project on check-in. WinCC Advanced V14 System Manual, 10/2016 51 What's new in TIA Portal V14 2.7 Engineering options TIA Portal Teamcenter Gateway The TIA Portal Teamcenter Gateway allows you to store and manage TIA Portal projects and global libraries in the Teamcenter. The operation is performed in the TIA Portal. TIA Portal Cloud Connector The TIA Portal Cloud Connector lets you access local PG/PC interfaces and the SIMATIC hardware connected to them in the TIA Portal engineering even though the engineering itself is operated in a private cloud using Remote Desktop. SIMATIC Energy Suite SIMATIC Energy Suite as an integrated option for the TIA Portal for the first time efficiently combines energy management with automation, bringing energy transparency to production. In addition, the configuration work is significantly reduced due to the simplified configuration of components for energy recording. Integrated and intuitive configuration of energy management Automatic creation of PLC energy program for S7-1500 Archiving to WinCC Runtime Professional or to a PLC-internal SIMATIC memory card Seamless connection to SIMATIC Energy Manager PRO SIMATIC S7-PLCSIM Advanced S7-PLCSIM Advanced is suitable for the simulation of an S7-1500 PLC. Compared to standard S7-PLCSIM, S7-PLCSIM Advanced provides the following additional features: API for interfacing with co-simulations Multiple, distributed instances possible Adjustable, virtual time Web server and OPC UA access SIMATIC ODK 1500S The SIMATIC ODK 1500S enables the development of function libraries with the high-level languages C/C++ for ODK-capable SIMATIC S7-1500 PLCs. These function libraries can be directly loaded and run directly from the user program. ODK-capable S7-1500 PLCs: S7-1500 Software Controller (CPU 1507S (F)) ET 200SP Open Controller (CPU 1515SP PC (F)) S7-1500 Advanced Controller (CPU 1518(F)-4 PN/DP ODK) 52 WinCC Advanced V14 System Manual, 10/2016 What's new in TIA Portal V14 2.8 Runtime options SIMATIC Target 1500STM for Simulink(R) SIMATIC Target 1500STM for Simulink(R) is an add-on for Simulink from MathWorks. It enables the integration of Simulink models directly in the program cycle of an ODK-capable S7-1500 PLC. Enables model-based development with MATLAB(R) and Simulink for SIMATIC controllers Seamless integration in Simulink as a so-called target file No C/C++ or ODK know-how required Support of the Simulink external mode for direct monitoring and control of model parameters in the controller from Simulink The generated program code can be executed on the CPUs 1507S(F) V2.0, CPU 1515SP PC (F) V2.0 and CPU 1518(F)-4 PN/DP ODK. SIMATIC Visualization Architect The SIMATIC Visualization Architect (SiVArc) enables easy, fast and flexible automated production of HMI content based on the STEP 7 user program. Supported HMI devices: Comfort Panel, Mobile Panel 2nd Gen, WinCC RT Professional, WinCC RT Advanced Supported HMI objects: Screens, text lists, power tags, captions, buttons, I/O fields, symbolic I/O fields, graphic I/ O fields, switches, round buttons Configuration via control editor Templates are managed through libraries 2.8 Runtime options Description The following new options are only offered as a runtime option with TIA Portal V14. The products ProDiag and OPC UA S7-1500 are already integrated into the existing products STEP 7 and WinCC and only need to be licensed when used on the real hardware. In comparison with the Engineering options, the runtime options are not version-dependent. SIMATIC ProDiag SIMATIC ProDiag enables precise and fast machine and plant diagnostics for SIMATIC S7-1500 and SIMATIC HMI: Central cycle-precise time stamp of error messages Automatic generation of monitoring logic and message calls Automatic update of the SIMATIC HMI when changes are made to message configuration for 3 languages HMI systems do not have to leave runtime mode in the event of changes WinCC Advanced V14 System Manual, 10/2016 53 What's new in TIA Portal V14 2.8 Runtime options Is directly available in the language editors LAD, FBD, SCL and STL. Monitoring can be parameterized later on F blocks and know-how protected blocks Central project definition of message structure Alarm texts are automatically derived from existing information in the project Simple visualization of the HMI through prepared controls SIMATIC OPC UA S7-1500 The OPC UA S7-1500 option allows easily connection of any third-party devices to the S7-1500 via the OPC UA server integrated in the S7-1500 CPU: OPC UA server directly in S7-1500 OPC UA data access, read/write, subscription to value changes Security XML export for offline configuration of OPC UA clients SIMATIC Energy Suite S7-1500 10 energy objects are supplied with the SIMATIC Energy Suite Engineering. Additional energy objects can be extended by the Runtime packages. WinCC / WebUX WinCC / WebUX allows us to monitor plant processes over the Internet or Intranet using mobile devices and if required, to also control them. The software offers a visualization solution which is suitable for HTML5 and SVG-capable browsers, independent of the operating system - and which does not require engineering work. 54 WinCC Advanced V14 System Manual, 10/2016 3 Readme 3.1 Notes on the TIA Portal 3.1.1 General notes The information in this readme file supersedes statements made in other documents. Read the following notes carefully because they include important information for installation and use. Read these notes prior to installation. Importing and exporting CAx data Contrary to the information in the online help, it is not possible to export and import CAx data. Upgrading from TIA Portal V13 SP1 projects with master copies from TIA Portal V10.5 Before upgrading a project, check if the master copies created with TIA Portal V10.5 are contained in its project library. This is necessary, for example, when you receive a message during the upgrade about an S7-1200 CPU with firmware version V1.0 used in the project, even though you have not configured such a CPU. The CPU is a master copy in the project library in this case. Before upgrading a project with master copies from TIA Portal V10.5, therefore, do the following: 1. Use each master copy created with the TIA Portal V10.5 once in the project. 2. Delete the affected master copies from the project library. 3. Create the master copy again with the objects from the project. 4. Save the project in TIA Portal V13 SP1. You can then upgrade the project to the latest version. Display of Asian characters in the TIA Portal Due to a change in behavior in Microsoft Windows, it may occur that texts are not displayed correctly in the TIA Portal when a Chinese TIA Portal is installed on another Asian operating system (e.g. Korean). To view the texts in TIA Portal correctly, open the Windows Control Panel and select "English" under "Language for non-Unicode programs". Note, however, that this may cause display problems in other programs. WinCC Advanced V14 System Manual, 10/2016 55 Readme 3.1 Notes on the TIA Portal Installing new .Net versions or .Net service packs Close the TIA Portal before installing a new .Net version or a new .Net service pack on your programming device/PC. Restart the TIA Portal only after successful installation of the new .Net version or the new .Net service pack. Notes on handling If a project in the list of projects last used is located on a network drive that is not connected, you may experience delays when opening the "Project" menu. When you insert a CPU, you may need to wait for some time if the project editor is open at the same time. This generally takes longer when you insert the first CPU in a newly created project. To be able to continue working at a good pace, you should close the project text editor before inserting a CPU. The alarm "Application is not responding" may appear in Windows 7 with functions that take a long time to run (loading the CPU for example). If this occurs, wait until the function has correctly finished. If you have installed a Microsoft mouse with IntelliPoint, you may find that it superimposes components over the buttons of the title bar. If this is the case, uninstall the IntelliPoint software from Microsoft. Enabling the "Virtual Desktop" options with NVIDIA graphics cards can cause problems. In this case, disable the "nView virtual desktop manager" of your NVIDIA graphics driver. Working with automatically synchronized network drives A TIA Portal project consists of multiple files that are saved together in one directory. If you store a project that is automatically synchronized on a network drive or in a cloud directory (e.g. Dropbox, Syncplicity or GoogleDrive), this can lead to data loss if the synchronization only takes place partially or asynchronously. For this reason, we do not recommend editing TIA Portal projects directly on synchronized network drives or in cloud directories. Always close the TIA Portal project before synchronization and make sure that all directories and files from the project directory are synchronized together and completely. You may wish to disable automatic synchronization while working with the TIA Portal. The synchronization itself must be implemented in such a way that the current (local) project data replaces the project data on the network drive or in the cloud directory. Entry of decimal places With certain Windows language settings, it may occur that the entry of values with a comma as decimal place is not recognized (entering "1,23" leads to an error). Instead, use the international format ("1.23"). Information on the TIA Portal in online support Overview of the most important technical information and solutions for the TIA Portal in the Siemens Industry online support. 56 WinCC Advanced V14 System Manual, 10/2016 Readme 3.1 Notes on the TIA Portal Internet link: TIA Portal in Siemens Industry online support (https:// support.industry.siemens.com/cs/ww/en/view/65601780) All information on service and support in the Siemens Industry online support: Internet link: Service and support in Siemens Industry online support (https:// support.industry.siemens.com/cs/de/en/) Here, you can also subscribe to the newsletter that provides you with latest information relating to your products. Starting the TIA Portal When you start the TIA Portal, Windows attempts to update the Certificate Revocation List (CRL) of "windowsupdate.com". If no Internet access is available and there are multiple DNS servers, a timeout may occur and delay the start of the TIA Portal. 3.1.2 Notes on libraries Contents Information that could not be included in the online help and important information about product characteristics. Comparing library elements If master copies and types have the same name, the corresponding objects in the project are overwritten when the action "Copy" is used. Please note that this takes place without a prompt. The same behavior occurs when the name of the master copy is different to the name of the type, but an object within the master copy has the same name as the type. 3.1.3 Notes on memory cards Contents Information that could not be included in the online help and important information about product characteristics. Notes on SIMATIC memory cards The SIMATIC memory cards have been formatted and set up by Siemens for use with S7-1200 and S7-1500 modules. This format must not be overwritten; otherwise, the card will no longer be accepted by the modules. Formatting with Windows tools is therefore not permitted. WinCC Advanced V14 System Manual, 10/2016 57 Readme 3.1 Notes on the TIA Portal Behavior in case of open force job Note that an active force job is retained even after you have loaded a new project to the SIMATIC memory card. This means you should first delete the active force job before you remove a SIMATIC memory card from the CPU and before you overwrite the card in the PC with a new project. If you use a SIMATIC memory card with unknown content, you should format the SIMATIC memory card before the next download. Access protection for memory cards in USB card readers By improving the security mechanisms for online access and engineering of S7-1500 CPUs, the data storage on memory cards has been changed. For this reason, this version of STEP 7 cannot evaluate the passwords of the configured protection level when reading project data from memory cards that is accessed via a USB card reader. The changed response affects the memory cards for CPUs of the S7-1200/1500 series. Therefore, use physical safeguards to protect critical project data on memory cards for these devices. Note This restriction is not related to online access to devices or the know-how protection of program blocks. 3.1.4 Notes on the hardware configuration Content Information that could not be included in the online help and important information about product characteristics. Subnet addressing for CP 1613 and CP 1623 CP 1613 and CP 1623 are communication modules with microprocessor. To ensure secure management of communication links, these are processed on the module. The protocol stack in your PC is used for diagnostic purposes (SNMP, DCP). To allow both protocol stacks (i.e. CP 1613/23 Firmware and CP 1613/23 NDIS access) access to the same partners, is recommended to place both stacks of a module in the same subnet. Editing a device IP address Do not use the address range from 192.168.x.241 to 192.168.x.250 when editing a device IP address. If necessary, this address range is automatically assigned by the system to a programming device. Depending on the subnet mask, this applies also for all network classes. Drivers for the CP 5512 communications processor The drivers for the CP 5512 are no longer included in this software version. If you want to use the CP 5512, the following needs to be installed prior to the installation of this software: 58 WinCC Advanced V14 System Manual, 10/2016 Readme 3.1 Notes on the TIA Portal http://support.automation.siemens.com/WW/view/78453460 (http:// support.automation.siemens.com/WW/view/en/78453460) Please note that the CP 5512 can be used with a maximum of Windows 7 32-bit. As of Windows 8 or with 64-bit operating systems, the CP 5512 is not compatible. Note Since 2009, the functional successor the USB 2.0 module CP 5711 has been available. 3.1.5 Notes on instructions Contents Information that could not be included in the online help and important information about product characteristics. Instructions not valid for all CPU firmware versions The firmware version of your CPU determines the following: Whether a specific instruction is available for this CPU: - If you select CPU 1211C DC/DC/DC with firmware version V1.0, for example, the extended instruction "T_COMBINE" will not be available to you. It is grayed out in the "Instructions" task card. - However, if you select CPU 1211C DC/DC/DC with firmware version V3.0, the extended instruction "T_COMBINE" will be available to you in versions V1.1 and V1.2. Which versions of the instruction are available. You can select the different versions in the "Version" column of the "Instructions" task card. 3.1.6 Notes on using the TIA Portal in a virtual environment (private cloud) Contents Information that could not be included in the online help and important information about product characteristics. Instructions for using the TIA Portal in a virtual environment (private cloud) You can find instructions on how to use the TIA Portal in a virtual environment (private cloud) on the installation disk in the directory "Documents\Readme\<language directory>". You can open the PDF document "TIAPortalCloudConnectorHowTo<language ID>.pdf" here. WinCC Advanced V14 System Manual, 10/2016 59 Readme 3.2 STEP 7 Basic The TIA Portal Cloud Connector can be used with the Windows 7 (64-bit) and Windows 8.1 (64-bit) operating systems. Using the TIA Portal Cloud Connector with Windows 10 is in development. Environment variables "TiaUserSettingsPath" and "TiaDefaultProjectPath" The environment variables "TiaUserSettingsPath" and "TiaDefaultProjectPath" can be used to set the location of the user and project settings different from the system default. This can be used, for example, to save the user and project settings at a central location. You can find additional information on the use of environment variables in the Instructions on Using the TIA Portal in a Virtual Environment (Private Cloud). Cross-domain HTTPS connections with the TIA Portal Cloud Connector The TIA Portal Cloud Connector cannot create certificates that are valid for multiple domains. Comparing the configured and actual topology Topology comparison is not supported by the TIA Portal Cloud Connector. Note on using self-signed certificates when using HTTPS as the communication protocol Microsoft regularly checks whether the certificates in the Windows Certificate Store are from a trusted source. Certificates from untrusted sources are deleted. Therefore, ensure that your self-signed certificates are signed with a secure certificate. 3.2 STEP 7 Basic 3.2.1 Security information Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement - and continuously maintain - a holistic, state-of-the-art industrial security concept. Siemens' products and solutions only form one element of such a concept. Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and components should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate security measures (e.g. use of firewalls and network segmentation) in place. Additionally, Siemens' guidance on appropriate security measures should be taken into account. For more information about industrial security, please visit 60 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic http://www.siemens.com/industrialsecurity (http://www.industry.siemens.com/topics/global/ en/industrial-security/Pages/Default.aspx) Siemens' products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer's exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under http://www.siemens.com/industrialsecurity (http://www.industry.siemens.com/topics/global/ en/industrial-security/Pages/Default.aspx) Network settings The following tables show the network settings of each product you need to analyze the network security and to configure external firewalls: STEP 7 Basic Name Port number Transport pro Direction tocol Function Description ALM 4410* TCP Inbound/out bound License serv ice This service provides the complete function ality for software licenses and is used by both the Automation License Manager as well as all license-related software products. RFC 1006 102 TCP Outbound S7 communi cation Communication to the S7 controller via Ethernet/PROFINET for programming and diagnostic purposes. DCP --- Ethernet Outbound PROFINET The DCP protocol (Discovery and Basic Configuration Protocol) is used by PROFI NET and provides the basic functionality for locating and configuring PROFINET devi ces. SNMP 161 UDP Outbound PROFINET The SNMP client functionality is used by STEP 7 to read status information from PROFINET devices. * Default port that can be changed by user configuration WinCC ES Basic (without simulation) Name Port number Transport pro Direction tocol Function Description ALM 4410* TCP Inbound/out bound License serv ice This service provides the complete function ality for software licenses and is used by both the Automation License Manager as well as all license-related software products. HMI Load 1033 TCP Outbound HMI Load (RT Basic) This service is used to transmit images and configuration data to Basic Panels. * Default port that can be changed by user configuration WinCC Advanced V14 System Manual, 10/2016 61 Readme 3.2 STEP 7 Basic Simulation RT Basic Name Port number Transport pro Direction tocol Function Description HMI Load 1033 TCP Inbound HMI Load (RT Basic) This service is used to transmit images and configuration data to Basic Panels. Ethernet/ IP 44818 TCP Outbound Ethernet/IP channel The Ethernet/IP protocol is used for connec tions to Allen Bradley PLCs. 2222 UDP Inbound Ethernet/IP channel The Ethernet/IP protocol is used for connec tions to Allen Bradley PLCs. Modbus TCP 502 TCP Outbound Modbus TCP channel The Modbus TCP protocol is used for con nections to Schneider PLCs. RFC 1006 102 TCP Outbound S7 channel Communication to the S7 controller via Ethernet/PROFINET Mitsubishi MC 5002 TCP Outbound Mitsubishi MC channel The Mitsubishi protocol is used for connec tions to Mitsubishi PLCs. 3.2.2 Notes on use Contents Information that could not be included in the online help and important information about product characteristics. Online operation Simultaneous online operation of STEP 7 V5.5 or earlier versions and STEP 7 Basic V14 is not approved. Simultaneous online connections on an S7-1200 CPU It is not possible to establish an online connection from multiple instances of the TIA Portal simultaneously to the same S7-1200 CPU. Removing/inserting the memory card After removing or inserting a memory card, always perform a memory reset on the CPU in order to restore the CPU to a functional condition. Removing and inserting Ethernet modules If Ethernet modules are removed and re-inserted during operation, you must boot the PC; otherwise, the "Accessible devices" functionality in STEP 7 or NCM PC will not display all devices. While the PC boots, Ethernet modules must be activated. 62 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic Loading project data with TIA Portal V12 and V13 (S7-1200) If you load the project data of an S7-1200 CPU with the TIA Portal V13, you can no longer use TIA Portal V12 to access this data. To do this, first restore the factory settings of the CPU. Read the additional information on this in the online help under "How to reset a CPU to factory settings". Compatibility The device configuration and program of an S7-1200 CPU must always be configured with the same STEP 7 version. Usually, the TIA Portal makes sure that no version conflicts occur by outputting appropriate notifications during loading to the device. This automatic verification is not possible with S7-1200 CPUs with firmware version V1.x. In this case, users themselves must ensure that no version conflicts occur. 3.2.3 Editing devices and networks 3.2.3.1 General information on devices and networks Contents Information that could not be included in the online help and important information about product characteristics. S7 PCT IO-Link The S7 Port Configuration Tool is available for free download at the following link. http://support.automation.siemens.com/WW/view/37936752 (https:// support.industry.siemens.com/cs/ww/en/view/32469496) 3.2.3.2 Use of modules on the S7-1200 Content Information that could not be included in the online help and important information about product characteristics. WinCC Advanced V14 System Manual, 10/2016 63 Readme 3.2 STEP 7 Basic Use of modules on the S7-1200 The modules listed below are not supported on the S7-1200. Family Module Order number S7-300 FMs SM 338 6ES7 338-4BC01-0AB0 FM 350-1 6ES7 350-1AH03-0AE0 FM 350-2 6ES7 350-2AH00-0AE0, 6ES7 350-2AH01-0AE0 FM 351 6ES7 351-1AH01-0AE0, 6ES7 351-1AH02-0AE0 FM 352 6ES7 352-1AH02-0AE0 FM 355 S 6ES7 355-1VH10-0AE0 FM 355 C 6ES7 355-0VH10-0AE0 FM 355-2 C 6ES7 355-2CH00-0AE0 FM 355-2 S 6ES7 355-2SH00-0AE0 CP 340 6ES7 340-1AH02-0AE0, 6ES7 340-1BH02-0AE0, 6ES7 340-1CH02-0AE0 CP 341 6ES7 341-1AH01-0AE0, 6ES7 341-1AH02-0AE0, 6ES7 341-1BH01-0AE0, 6ES7 341-1BH02-0AE0, 6ES7 341-1CH01-0AE0, 6ES7 341-1CH02-0AE0 S7-300 PtP-CP Network component Diagnostics repeater 6ES7 972-0AB01-0XA0 ET 200S 1 Count 24 V 6ES7 138-4DA04-0AB0 1 Count 5 V 6ES7 138-4DE02-0AB0 1 Step 5 V 6ES7 138-4DC00-0AB0, 6ES7 138-4DC01-0AB0 2 pulses 6ES7 138-4DD00-0AB0, 6ES7 138-4DD01-0AB0 1 SI 6ES7 138-4DF01-0AB0 1 SI Modbus 6ES7 138-4DF11-0AB0 1 SSI 6ES7 138-4DB02-0AB0, 6ES7 138-4DB03-0AB0 1 Pos Universal 6ES7 138-4DL00-0AB0 SIWAREX 7MH4910-0AA01, 7MH4912-0AA01, 7MH4920-0AA01 SIWAREX 7MH4 900-2AA01, 7MH4 900-3AA01, 7MH4 950-1AA01, 7MH4 950-2AA01 ET 200M Loading S7-1200 module comments to the PG/PC In central configurations with S7-1200, comments of modules, submodules and signal boards are not loaded. With CPs/CMs, only the comments of the IE interface or DP interface are loaded. In distributed configurations with ET 200SP or ET 200MP, only the comment of the channels is loaded from the I/O modules. 3.2.3.3 CP 343-2 on SIMATIC S7 Embedded Controller EC31-RTX Contents Information that could not be included in the online help and important information about product characteristics. 64 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic CP 343-2 on SIMATIC S7 Embedded Controller EC31-RTX The module AS-Interface CP 343-2 (article no.: 6GK7 343-2AH01) can be inserted in an expansion rack of the SIMATIC S7 Embedded Controller EC31-RTX (article no.: 6ES7 677-1DDxx-0BB0), but the CP 343-2 cannot be operated with the EC31-RTX. 3.2.3.4 F-CM AS-i Safety ST for ET 200SP Content Information that could not be included in the online help and important information about product characteristics. F-CM AS-i Safety ST (3RK7 136-6SC00-0BC1) from HSP0070 When using an F-CM AS-i Safety ST (3RK7 136-6SC00-0BC1) using HSP0070 in TIA Portal V13.0, after updating to Service Pack 1, the HSP0070 (F-CM AS-i Safety ST) must be updated to version V2.0. This is necessary to allow use of the module in TIA Portal V13 Service Pack 1. 3.2.3.5 S7 routing via IE/PB Link Content Information that could not be included in the online help and important information about product characteristics. S7 routing via IE/PB Link In the following situations, no routing via the IE/PB Link PN IO is possible: S7 routing between two CPUs of the S7-1500 S7 routing of PG connections to CPUs of the S7-1200/1500 S7 routing of HMI connections to CPUs of the S7-1200/1500 This behavior relates to the IE/PB Link with firmware version V2.1 (6GK1 411-5AB00). 3.2.3.6 Deactivating SNMP (S7-1200, S7-1500) Contents Information that could not be included in the online help and important information about product characteristics. WinCC Advanced V14 System Manual, 10/2016 65 Readme 3.2 STEP 7 Basic Deactivating SNMP (S7-1200, S7-1500) In the description for deactivating SNMP, the wrong record number is cited ("Index" parameter of the WRREC instruction). The correct data record number is 16#b071. Example program with WRREC call in OB 100 and correct data record number DATA_BLOCK "Deactivate_SNMP" { S7_Optimized_Access := 'TRUE' } VERSION : 0.1 NON_RETAIN VAR snmp_deactivate : Bool; snmp_record : Struct BlockID : UInt; BlockLength : UInt; "Version" : USInt; Subversion : USInt; Reserved : UInt; SNMPControl : UDInt; END_STRUCT; snmp_done : Bool; snmp_error : Bool; snmp_Status : DWord; END_VAR BEGIN snmp_deactivate := true; snmp_record.BlockID := 16#f003; snmp_record.BlockLength := 8; snmp_record."Version" := 1; END_DATA_BLOCK ORGANIZATION_BLOCK "Startup" TITLE = "Complete Restart" { S7_Optimized_Access := 'TRUE' } VERSION : 0.1 BEGIN REPEAT "WRREC_DB_1"(REQ := "Deactivate_SNMP".snmp_deactivate, ID := "Local~PROFINET interface_1", INDEX := 16#b071, DONE => "Deactivate_SNMP".snmp_done, ERROR => "Deactivate_SNMP".snmp_error, STATUS => "Deactivate_SNMP".snmp_Status, RECORD := "Deactivate_SNMP".snmp_record); UNTIL "Deactivate_SNMP".snmp_done OR "Deactivate_SNMP".snmp_error END_REPEAT; END_ORGANIZATION_BLOCK DATA_BLOCK "WRREC_DB_1" 66 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic {OriginalPartName := 'WRREC'; VersionGUID := 'bc169451-58cd-44a3-855b-3f78cc0623c8'; S7_Optimized_Access := 'TRUE' } AUTHOR: SIMATIC FAMILY: DP NAME: WRREC VERSION : 1.0 NON_RETAIN WRREC BEGIN END_DATA_BLOCK 3.2.3.7 Notes on online and diagnostics Contents Information that could not be included in the online help and important information about product characteristics. Hardware detection followed by online connection When the "Online > Hardware detection" command is performed for an unspecified CPU, the online configuration is not loaded from the CPU. If you do not load the configuration resulting from the hardware detection to the CPU, the device and network views will always show a difference between the offline and online configurations. It will appear that there are different configurations in the online and diagnostic views, although the MLFBs are identical in the actual CPU and the offline CPU. Transferring numerous and large trace measurements from the device (memory card) Transferring trace measurements from the device to the project increases the memory requirement. Avoid copying a large number of measurements with large amounts of data at the same time lead to high memory consumption and extended periods needed for copying. 3.2.3.8 Network components Network components Security modules Migration of projects with Ethernet CPs and activated security functions In STEP 7 V5.5 projects that contain Industrial Ethernet CPs with activated security functions, the security settings are disabled during migration to STEP 7 Professional. WinCC Advanced V14 System Manual, 10/2016 67 Readme 3.2 STEP 7 Basic If necessary, follow these steps after the migration: 1. Activate the security functionality. 2. Configure the required security settings. Migration of IP access protection lists when activating the security functions An active IP access protection list is converted to firewall rules when security functions are activated. These rules are visible in advanced firewall mode and can be adjusted there. The advanced firewall mode is activated automatically. Security online diagnostics of S7 CPs Security online diagnostics of a CP with security capability is only possible if the online connection is established directly via the CP. If the online connection was established by STEP 7 via the CPU to the station, with the "Connect online" button on the security diagnostics page "Security" > "Status" of the security CP you can establish a direct connection to the CP to run security online diagnostics. As an alternative, you can also terminate the online connection to the CPU and enter the IP address of the CP in the "Station address" input box under the entry "Online access" in online diagnostics. IKE mode When negotiating the key in phase 1 the IKE mode "Main" should be preferred. This mode normally provides a reliable procedure compared with the "Aggressive" mode. One reason for using the "Aggressive" setting is when you have VPN groups with different pre-shared keys. The IKE "Aggressive" mode should not be used in conjunction with certificates. In the IKE "Aggressive" mode, only use pre-shared keys. A security module must not be used in VPN groups that use different IKE modes. Downloading configuration data to an S7-300/400 via a VPN tunnel When you download configuration data via the gigabit interface of a CP x43-1 Advanced to an S7-300/S7-400 station, the path via which the download takes place is stored in the project. If the project is then downloaded via a VPN tunnel established between a SCALANCE S module and the CP x43-1 Advanced, the download fails due to the changed path. To download via the VPN tunnel, follow the steps below: 1. Using the "Go online" button, connect the engineering station to the gigabit interface of the CP x431 Advanced. 2. Disconnect the online connection to the CP x431 Advanced. 3. Download the project to the station via the gigabit interface of the CP x431 Advanced. 68 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic VPN tunnel establishment with 1200/1500 CPs capable of VPN The establishment of VPN tunnel connections by 1200/1500 CPs capable of VPN with the authentication method "pre-shared key" is only possible if the VPN connection partner is also a 1200/1500 CP capable of VPN. The establishment of VPN tunnel connections by a 1200/1500 CP capable of VPN to all other VPN connection partners is only possible with the "certificate" authentication method. Security configurations from old projects Before a security configuration from an older STEP 7 version in STEP 7 V14 can be used, a user with administrator rights needs to log in to this security configuration in STEP 7 V13 SP1 and save the project. After opening the project in STEP 7 V14, a user must log on again to the security configuration with administrator rights. Thereafter, it is possible to use this security configuration in STEP 7 V14. Copying security modules between STEP 7 instances Copying security modules between different instances of STEP 7 is not supported. Device certificates for CP 1543-1 V2.0 and CP 1543SP-1 For CP 1543-1 V2.0 and CP 1543SP-1, only those device certificates that are assigned to the module via the local certificate manager as device certificates are loaded to the module. This assignment takes place in the local security settings of the module in the "Certificate manager" entry via the "Device certificates" table editor. The certificates of the global certificate manager are available for the certificate assignment. Media converters When you migrate a project, you need to reconfigure the media converters. 3.2.4 Programming a PLC 3.2.4.1 General notes on PLC programming Contents Information that could not be included in the online help and important information about product characteristics. WinCC Advanced V14 System Manual, 10/2016 69 Readme 3.2 STEP 7 Basic Upgrading know-how-protected blocks Know-how protected blocks that were set up with a version <V14 can be loaded without entering the password in the controller and can be run after upgrading from V13 SP1 to V14. To edit a know-how protected block in V14, remove the know-how protection and reset it when done. The block can then be renumbered and renamed in the know-how-protected state (S7-1200 / S7-1500). For know-how protected blocks that were set up with V13 SP1: - To edit a know-how protected block in V14, remove the know-how protection and reset it when done. The block can then be renumbered and renamed in know-how-protected state. For know-how protected blocks that were set up PRIOR TO V13 SP1: - To edit, remove the know-how protection in V13 SP1 and reset it when done. Information about network security For communications access between the TIA Portal and CPU or between HMI (except for HMI access using "GET/PUT communication") and CPU, there are integrated security functions. These provide greater protection from manipulation and higher access protection. To protect against unauthorized network access to a CPU with standardized communications access such as "GET/PUT", "TSEND/TRCV", "Modbus", "FETCH/WRITE", you should also take suitable additional measures (e.g. cell protection concept). Online/offline differences in the project tree (S7-1200 FW V2.0 and V2.1) If you use the instruction "WRIT_DBL: Write to data block in the load memory" to change a data block, the resulting difference between online and offline block is initially not displayed correctly by the symbols in the project tree. The difference is only shown when you terminate an online connection and then go back online. Loading inconsistent programs to a device In TIA Portal, it is not possible to load inconsistent programs to a device without a consistency check. During the loading process, all blocks of the program are implicitly checked and are compiled again in the event of inconsistencies. If, however, there are programs on your CPU which were loaded with earlier versions of STEP 7, these programs could demonstrate inconsistencies. In this case, note the following: If you load an inconsistent program from a device, you will not be able to load the program unchanged to the device afterwards, because a consistency check always takes place during the loading process and existing inconsistencies are corrected. Changed access rights for displaying the comparison status Valid for: CPU 1500 < V2.0 (as well as ET200 SP and Software Controller) CPU 1200 V4.0 and V4.1 70 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic As of TIA Portal V14, the required access rights for displaying the comparison status of blocks have changed for the specified CPUs from the S7-1200/1500 series. Previously, you only needed the "HMI access" access level for the listed CPUs to display the comparison status. As of V14, you need the "read access" access level to display the comparison status. This change means that you are prompted to enter the password for "read access" when you go online. If you only have the password for "HMI access", you can still establish an online connection. In this case, click "Cancel" in the password prompt for read access and enter the password for "HMI access" in the subsequent dialog. The online connection is then established with the available "HMI access rights", but no comparison status of the blocks is displayed. Only questions marks are displayed in place of the icons for the comparison status. Valid for: CPU 1200 <=V3.x. As of TIA Portal V14, there is now a password prompt for the above specified CPUs when you go online for displaying the comparison status of blocks, provided that these CPUs are configured with write protection and/or read protection. If you do not know the password for access to read-protected blocks on a protected CPU, you can still establish an online connection. In this case, leave the displayed password prompt dialog with "Cancel". The online connection is still established, but no comparison status of the blocks is displayed. Only questions marks are displayed in place of the icons for the comparison status. Data exchange between standard and F-program when using Team Engineering To ensure data consistency between standard and safety program, you should: * Not exchange data via bit memory, but rather using global data blocks. * Limit access between safety programs and standard user programs to two standard data blocks. You can find information on this in the section 5.13 of the Programming Guidelines under: https://support.industry.siemens.com (https://support.industry.siemens.com/cs/document/ 81318674/programming-guideline-and-programming-styleguide-for-s7-1200-and-s7-1500? dti=0&lc=en-WW) Avoid using PLC data types generated by the system in libraries Some instructions generate their own PLC data types during instancing which are saved in the "PLC data types" project folder. However, you should not use these system-generated PLC data types in any library, because they may be recreated by the system at any time and may result in an unfavorable system behavior. WinCC Advanced V14 System Manual, 10/2016 71 Readme 3.2 STEP 7 Basic See also https://support.industry.siemens.com (https://support.industry.siemens.com/cs/document/ 81318674/programming-guideline-and-programming-styleguide-for-s7-1200-and-s7-1500? dti=0&lc=en-WW) 3.2.4.2 Instructions Contents Information that could not be included in the online help and important information about product characteristics. Instructions "READ_BIG", "READ_LITTLE", "WRITE_BIG" and "WRITE_LITTLE" When using actual parameters with an ARRAY index variable for the SRC_ARRAY and DEST_VARIABLE, the correct index is now calculated. Instruction "Get_IM_Data: Reading identification and maintenance data" In addition to the values described in the online help, the STATUS parameter can also have the following value: 80A1: LADDR addresses a device that does not support the output of I&M 1, I&M 2 or I&M 3 data. Optimizing the run time of instructions such as "Serialize", "Deserialize", "CMP", which can process structures A series of instructions (e.g. "Serialize: Serialization", "Deserialize: Deserialization", "CMP" (comparator) and "MOVE: Copy value") can process very large, complex structured tags. In doing so, the CPU analyzes the form of the tag structure and executes the corresponding instruction for each substructure contained in the total structure or for all contained elementary components. With a very complex structure, this structure analysis may lead to an unexpected increase in the run time of the corresponding instruction. In addition to the complexity of structured tags specified in the operation, the total number of anonymous structures declared in the program also has an effect on the run time. A very large number of different anonymous structure definitions can also increase the run time. Solution: Avoid anonymous structures These are structures that are defined directly on the tag with the keyword "Struct" and not through a user-defined data type (UDT). Avoid multiple declaration of data structures that are structured very similarly. Try to assemble these into a structure declaration. Avoid the declaration of numerous individual tags in structures and data blocks, if they have the same data type and represent an array of the function. In this case, you should use the ARRAY data type if possible. 72 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic Instruction "CTRL_PWM: Pulse width modulation" In addition to the option described in the online help of changing the pulse duration from the user program, you can also change the cycle time from the user program. To do this, select the check box "Permit change to cycle time in runtime" in the "Pulse options" of the corresponding pulse generator. When this check box is selected, the first two output bytes contain the pulse duration and the third to sixth output byte contains the cycle time. During the run time of the pulse generator, you can change the value of the double word at the end of allocated memory of the outputs. This changes the cycle time of the PWM signal. Example: Select the check box so that the CPU assigns PWM1 six output bytes, and select AB1008 to AB1013 for this. After loading the program into the CPU and starting the pulse generator, you can change the pulse duration by writing AW1008 and the cycle time by writing AD1010. Cycle time Pulse duration Instruction "Get_IM_Data: Reading identification and maintenance data" Currently, the "Get_IM_Data" instruction outputs the error code 16#0000 when a string that is too short is used at the DATA parameter. The 16#8752 error code would be correct. You can find the corresponding description of the 16#8752 error code in the description of the instruction in the information system. 3.2.4.3 Testing the user program Testing with the watch table Contents Information that could not be included in the online help and important information about product characteristics. Multiple access to the same CPU Access to a CPU from a PG/PC is permitted only when a TIA Portal is open. Multiple access to the same CPU is not permitted and can lead to errors. WinCC Advanced V14 System Manual, 10/2016 73 Readme 3.2 STEP 7 Basic Loading data blocks during an active control job Note Loading changed data blocks during an active control job can result in unforeseen operating states. The control job continues to control the specified address, although the address assignment may have changed in the data block. Complete active control jobs before loading data blocks. Testing programs converted from older STEP 7 versions To monitor and test a program converted from an older STEP 7 version, you first need to compile and download the program with the current STEP 7 version. Changed display formats in the watch table The number of display formats has been reduced so that display formats that are used but no longer supported are reset to the defaults during a project upgrade. Example: Pointers can now only be shown in "Pointer" or "Hexadecimal" format. Testing with the force table Contents Information that could not be included in the online help and important information about product characteristics. Example If I/O access to the address "IB0:P" takes place in the user program, it is not permitted to force the following I/O address areas: I0.0:P, IB0:P, IW0:P and ID0:P. Changed display formats in the force table The number of display formats has been reduced so that display formats that are used but no longer supported are reset to the defaults during a project upgrade. Example: Pointers can now only be shown in "Pointer" or "Hexadecimal" format. 74 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic 3.2.4.4 Compatibility of PLC programs from older versions Compatibility of PLC programs from versions prior to V14 Content Information that could not be included in the online help and important information about product characteristics. Compatibility In principle, you can continue to use in V14 all PLC programs that were created with older versions of the TIA Portal. However, because improvements were made to the compiler and errors corrected there in V14, it can occur in rare cases that the program reacts differently after the upgrade or that you have to adjust the program code manually. These cases are described in detail below. Representation of the BCD format The representation of the BCD format has changed in regard to the sign from TIA Portal V13 SP1 to TIA Portal V14. The values in BCD format are show without signs in version V13 SP1. As of version V14, the values in BCD format are show with sign. This can lead to an altered representation of the values in BCD format. Integers (decimal system) Hexadecimal numbers Representation in V13 SP1 Representation in V14 0 16#0000 BCD#0 BCD#0 -26215 16#9999 BCD#9999 BCD#-999 1365 16#0555 BCD#555 BCD#555 21845 16#5555 BCD#5555 BCD#555 4096 16#1000 BCD#1000 BCD#0 -28672 16#9000 BCD#9000 BCD#0 Instructions "SET_BF: Set bit field" and "RESET_BF: Reset bit field" The response of the instruction in regard to the structures has changed from TIA Portal V13 SP1 to TIA Portal V14. In version V13 SP1, the number of bits that set or reset are always indicated at the input. This also applies, for example, if you have specified a structure of data type of the STRUCT or ARRAY PLC data type. If you want, for example, you want set or reset 10 bits and the structure contains only 5 bits, then the following 5 bits within the address sequence is also set or reset. With structures of the type PLC data type, in version V14 STRUCT or ARRAY the number of bits contained in the structure represents the maximum number of bits that can be reset: If you specify the value "20", for example, and the structure only contains 10 bits, only these 10 bits WinCC Advanced V14 System Manual, 10/2016 75 Readme 3.2 STEP 7 Basic are set. If you specify the value "5", for example, and the structure contains 10 bits, then exactly 5 bits are set. Unused bits of PLC data types (UDT) with firmware >= V1.8.1 The unused bits of PLC data types in standard memory areas are occupied or overwritten, for example, for a PLC data type that contains 4 bits. With firmware versions < V1.8.1, you could not use the unused bits of a PLC data type elsewhere. With firmware version >= V1.8.1, all bits are occupied or overwritten even if only 4 bits are used. Note Address assignments Ensure you do not assign the same absolute address twice to different symbolic address assignments. Explicit data type conversion in SCL (S7-1200) with firmware >= V4.2 With firmware versions < V4.2, the string was transferred aligned to the right and filled with leading spaces during explicit data type conversion of SINT/INT/DINT/REAL_TO_STRING/ WSTRING in SCL. Example: REAL_TO_WSTRING(12) = ' 1.200000E+1' As of TIA Portal V13, the string is displayed with a leading sign during explicit data type conversion of SINT/INT/DINT/REAL_TO_STRING/WSTRING in SCL and transferred aligned to the left. Example: REAL_TO_WSTRING(12) = '+1.200000E+1' SCL: EN/ENO mechanism with block parameters of data type (W)STRING (S7-1200/1500) As of TIA Portal V14, it is checked whether block parameters of data type (W)STRING are truncated when parameters are transferred during runtime. This can occur if formal and actual parameters have different declared lengths. If the declared length of the target parameter during runtime is insufficient to accept the (W)STRING, the (W)STRING is truncated and the enable output ENO is set to "FALSE". If you evaluate the enable output ENO in your program, the semantics of your program may change. Forwarding STRING parameters between optimized blocks and standard blocks (S7-1200/1500) Prior to TIA Portal V14, no length information about STRINGs was transferred when parameters were transferred between optimized and non-optimized blocks. This meant that access errors not detected by the ENO mechanism could occur during the further processing of the STRING. The enable output ENO remained at TRUE despite an access error. 76 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic As of TIA Portal V14, the STRING length information is transferred and access errors are monitored by the ENO mechanism. If you evaluate the enable output ENO in your program, the semantics of your program may change. Length declaration for constants of the "STRING" data type Length declarations are no longer permitted for local and global STRING constants. If your program includes length declarations, for example, "MyStringConst [7]", these are automatically removed during the upgrade. This change has no semantic effect on your program, however. Changing the base data type for HW_ANY from WORD to UINT The hardware data type "HW_ANY" is used to identify any hardware component, such as a module. In V14, the base data type of "HW_ANY" was changed from WORD to UINT. After the conversion to V14, compiling errors can therefore occur if you have assigned an explicit WORD constant (such as W#16#1) or a tag of data type WORD at a parameter of data type "HW_ANY". In this case, change the notation of the constant (e.g. to 16#1) or change the data type of the tag to UINT. Length of block comments As of TIA Portal V14, the block comments must not exceed a length of 32767 Unicode characters. Syntax check of the instructions "SR:Set/reset flip-flop" and "RS:Reset/set flip-flop" Inputs, outputs, bit memories as well as static or local data can be used as operands at the "S" input. Use of constants is not permitted. So far, the use of the constants "0" and "1" was not rejected by the syntax check. The syntax check was improved in TIA Portal V14 so that the use of "0" or "1" is now rejected at the "S" input. You may now receive an error message during the compiling of a program that has been compiled without errors up to this point. Change your program in this case and use a permitted operand. Any pointer: Access to optimized data For a CPU of the S7-1500 series, the ANY pointer can also only point to memory areas with "Standard" access mode. Access to optimized data is not permitted with an ANY pointer. A more detailed syntax check of ANY pointers is performed as of TIA Portal V14. Access to optimized data is now rejected. You may now receive an error message during the compiling of a program that has been compiled without errors up to this point. WinCC Advanced V14 System Manual, 10/2016 77 Readme 3.2 STEP 7 Basic "(L)REAL" data type With 64-bit Windows versions, the LREAL data type is sometimes evaluated differently than with the previous 32-bit versions of Windows. A difference may occur when rounding and (L) real values of constants in the least significant bit. The potential difference is in the last digit of the mantissa and in most cases therefore only has a slight effect on the accuracy. If you evaluate the last digit of the mantissa, the semantics of your STEP 7 program may change after the conversion. "ST" parameter for IEC timers The "ST" parameter of an IEC timer is used internally and it is prohibited to write it. This why this parameter is no longer visible as of TIA Portal V14. If you have write access in your program to the "ST" parameter, an error message is generated during compiling after the upgrade. If you exchange data with Inter Project Engineering and you have access to the "ST" parameter with HMI, you must first export the project and then re-import it into the proxy CPU. Only then does the "ST" parameter disappear in the HMI configuration. Implicit data type conversion for block parameters of the "DB_ANY" data type When accessing a block parameter of the "DB_ANY" data type with the syntax DB_ANY. %DB(B|W|D), no implicit data type conversion was performed previously. The bit pattern of the source value was simply converted into the target data type. If the target data type was smaller than the source data type, an overflow occurred and the written value may have been wrong or inaccurate. The enable output ENO is not set to "FALSE" when accuracy is lost or runtime errors occur. As of V14, conversion is performed according to the rules of implicit data type conversion when parameters are passed with the syntax DB_ANY.%DB(B|W|D). Note that after the upgrade a different value may be written and the semantics of your program may change. In addition, the enable output ENO is set to "FALSE" when a runtime error occurs. Interface of organization blocks with standard access The interface of organization blocks with standard access must have a minimum size of 20 bytes. In older versions of the TIA Portal, only the interface of OB1 was checked with regard to the minimum size during the compilation run. As of V14, interfaces of all organization blocks are checked. You may now receive an error message during the compiling of a program that has been compiled without errors up to this point. Compatibility of PLC programs from versions prior to V13.1 Content Information that could not be included in the online help and important information about product characteristics. 78 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic Compatibility In principle, you can continue to use in V13 SP1 all programs that were created with older versions of the TIA Portal. However, because improvements were made to the compiler and errors corrected there in V13 SP1, it can occur in rare cases that the program reacts differently after the upgrade or that you have to adjust the program code manually. These cases are described in detail below. Unused bits of PLC data types (UDT) with firmware >= V1.8.1 The unused bits of PLC data types in standard memory areas are occupied or overwritten, for example, for a PLC data type that contains 4 bits. With firmware versions < V1.8.1, you could not use the unused bits of a PLC data type elsewhere. With firmware version >= V1.8.1, all bits are occupied or overwritten even if only 4 bits are used. Note Address assignments Ensure you do not assign the same absolute address twice to different symbolic address assignments. Explicit data type conversion in SCL (S7-1200) with firmware >= V4.2 With firmware versions < V4.2, the string was transferred aligned to the right and filled with leading spaces during explicit data type conversion of SINT/INT/DINT/REAL_TO_STRING/ WSTRING in SCL. Example: REAL_TO_WSTRING(12) = ' 1.200000E+1' As of TIA Portal V13, the string is displayed with a leading sign during explicit data type conversion of SINT/INT/DINT/REAL_TO_STRING/WSTRING in SCL and transferred aligned to the left. Example: REAL_TO_WSTRING(12) = '+1.200000E+1' Reading an invalid peripheral input In the TIA Portal as of version 12, the error code 16#2942 for the reading of an invalid peripheral input is only output if you have programmed the faulty access in such a way that this becomes effective, for example %MW10 := "InvalidWordAccess":P, and does not lie within an irrelevant sequence. For example, this would be #tmp := "InvalidWordAccess":P, if the tag #tmp is not used in the rest of the program block. Instruction "S_CONV: Convert character string" The EN/ENO mechanism behaves differently in TIA Portal V13 SP1 than in TIA Portal V13. WinCC Advanced V14 System Manual, 10/2016 79 Readme 3.2 STEP 7 Basic In version V13, the ENO enable output returns the signal state "0" in case of error, even if you have deactivated the ENO enable output. If you have switched an additional instruction to the EN enable output, this is then not executed. In version V13 SP1, the ENO enable output returns the signal state "1" in case of error, if you have deactivated the ENO enable output. If you have switched an additional instruction to the EN enable output, this is then executed as expected. Instruction "MUX: Multiplex" (SCL) Up to and including TIA Portal V13, the value of the tag at the input parameter was output unchanged as a function value, even if the K parameter had a negative integer. This behavior has changed in TIA Portal V13 SP1. In TIA Portal V13 SP1, if you use a tag with a valid data type at the input parameters of the MUX instruction and the K parameter is a negative integer, the value of the tag is changed. You can find the valid data types in the description of the MUX instruction in the information system. Instruction "DEMUX: Demultiplex" (SCL) Up to and including TIA Portal V13, no value was output at the OUTELSE output parameter if the value of the K parameter was < 0. In contrast, the value of the IN input parameter was output at the OUTELSE output parameter if the value of the K parameter was > available outputs. This behavior has changed in TIA Portal V13 SP1. In the TIA Portal V13 SP1, if you specify at the K parameter a value that is outside the available outputs (K < 0 or K > available outputs), then the value of the IN input parameter is output at the OUTELSE output parameter. Instructions "READ_DBL: Read from data block in the load memory" and "WRIT_DBL: Write to data block in the load memory" TIA Portal V13 SP1 reports a compilation error if you use "READ_DBL" V1.0 or "WRIT_DBL" V1.0 and access a data block with the attribute "Only store in load memory" using the parameter DSTBLK. Instead, use version 1.2 of both instructions. "READ_DBL instructions: Read from data block in the load memory" and "WRIT_DBL: Write to data block in the load memory" (SCL) As of TIA Portal V13 SP1, the "READ_DBL" and "WRIT_DBL" instruction in SCL are subject to the same strict syntax rules as all other programming languages: In TIA Portal V13, it was possible to specify "standard" data blocks at the SRCBLK and DSTBLK parameters that contained tags with different data types. As of TIA Portal V13 SP1, the individual tags contained must have the same data type for both "standard" as well as for "optimized" data blocks; otherwise, compiling errors are reported. 80 WinCC Advanced V14 System Manual, 10/2016 Readme 3.2 STEP 7 Basic Function values (Return) As of TIA Portal V13 SP1, more stringent syntax rules apply to function call: It is checked that the function value (Return) is written in any case, even if multiple possible program paths can be run through in the function. Therefore, there is no longer any risk that the function values will accidentally not be written during runtime. However, you may possibly receive syntax errors in functions during compiling, which it was still possible to compile without errors in V13. In such cases change the program code so that the function valve is written in all possible program paths. Example: SCL IF #MyIn1 = #MyIn2 THEN #Block_3 := #MyIn1 + 1; END_IF; In this example, the function value of "Block_3" is not written if the condition of the IF instruction is not fulfilled. The function value then contains an undefined value. SCL #Block_3 := #MyIn1; IF #MyIn1 = #MyIn2 THEN #Block_3 := #MyIn1 + 1; END_IF; In this example the function valve of "Block_3" is definitely written in the program, since "MyIn1" is set as default before the IF loop is completed. Comparing the hardware data types HW_IO and HW_DEVICE As of TIA Portal V13 SP1, there is a stricter syntax rule that is valid for the comparison of the data types HW_IO and HW_DEVICE: Up until and including TIA Portal V13 it was possible to compare the data types HW_IO and HW_DEVICE directly with each other. If you want to compare these data types in TIA Portal V13 SP1 you have to first create a tag of the data type HW_ANY in the section "Temp" for the block interface and then copy the LADDR (from data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. WinCC Advanced V14 System Manual, 10/2016 81 Readme 3.2 STEP 7 Basic EN/ENO mechanism for STRING conversion Conversion Description Strg_TO_Chars: Convert character string to Array of CHAR The ENO enable output returns the signal state "0" even if you have deactivated the ENO enable out put: For an invalid character at the CHARS parameter For an invalid ARRAY index at the PCHARS parameter If the sum of the PCHARS and STRG parameters exceeds the length of the target ARRAY. Chars_TO_Strg: Convert Array of CHAR to char acter string The ENO enable output returns the signal state "0" even if you have deactivated the ENO enable out put: If the sum of the PCHARS and CNT parameters exceeds the length of the source ARRAY. 3.2.5 Inter Project Engineering (IPE) 3.2.5.1 Notes on IPE Contents Information that could not be included in the online help and important information about product characteristics. Using system diagnostics in the device proxy To use the "system diagnostics" function in an IPE device proxy, for example, a system diagnostics view, insert the PLC alarms as content of a device proxy. 3.2.6 Technological functions 3.2.6.1 Notes on technological functions (S7-1200) S7-1200 Motion Control - variable <axis name>.StatusBits.NonPositionControlled Contrary to the information in the online help, the content of the variable <axis name>.StatusBits.NonPositionControlled has the following significance: 82 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Position control enabled FALSE = The axis is in position-controlled mode. TRUE = The axis is in non-position-controlled mode. S7-1200 Motion Control - Data connection for PROFIdrive drives and PROFIdrive encoders through a data block Compile the data block for the data connection before you use it in the configuration of the axes. The required offset addresses are calculated this way. S7-1200 Motion Control - "ReferenceMarkPosition" parameter at MC_Home The "ReferenceMarkPosition" parameter shows the position at which the technology object was homed (homing mark), valid for "Done" = TRUE. However, in TIA Portal V14 (S7-1200 Motion Control V6.0), the "ReferenceMarkPosition" parameter shows the position at which the technology object was homed (homing mark), plus the configured home position offset (<TO>.Sensor[n].ActiveHoming.HomePositionOffset). If you configure a home position offset 0.0, you cannot use the "ReferenceMarkPosition" parameter of the "MC_Home" Motion Control instruction. PtP module with CM 1243-5 PROFIBUS Master You have to make the following settings in the instance DB of the instructions when using the PtP modules CM PtP RS232 BA, CM PtP RS422/485 BA, CM PtP RS232 HF, CM PtP RS422/485 HF and CM PtP with a CM 1243-5 PROFIBUS Master with firmware V1.3.4: Send_P2P max_record_len = 240 Modbus_Master Send_P2P.max_record_len = 240 Modbus_Slave Send_P2P.max_record_len = 240 3.3 WinCC Comfort/Advanced 3.3.1 Security information Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. WinCC Advanced V14 System Manual, 10/2016 83 Readme 3.3 WinCC Comfort/Advanced In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement - and continuously maintain - a holistic, state-of-the-art industrial security concept. Siemens' products and solutions only form one element of such a concept. Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and components should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate security measures (e.g. use of firewalls and network segmentation) in place. Additionally, Siemens' guidance on appropriate security measures should be taken into account. For more information about industrial security, please visit http://www.siemens.com/industrialsecurity (http://www.industry.siemens.com/topics/global/ en/industrial-security/Pages/Default.aspx) Siemens' products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer's exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under http://www.siemens.com/industrialsecurity (http://www.industry.siemens.com/topics/global/ en/industrial-security/Pages/Default.aspx) Passwords Various passwords are set by default in WinCC. For security reasons, you should change these passwords. On HMI devices with version V11 or V12, the password "100" is preset for the Sm@rtServer and for the integrated Web server. A default password is not preset for HMI devices with version V13. For the user "Administrator", the default password is "administrator". Integrated Web server It is always possible on a PC to access HTML pages in Runtime, even though the option"HTML pages" is disabled. Setup always installs the standard pages of the Web Server on the PC. Assign an administrator password to prevent unauthorized access to the pages. Communication via Ethernet In Ethernet-based communication, end users themselves are responsible for the security of their data network. The proper functioning of the device cannot be guaranteed in all circumstances; targeted attacks, for example, can lead to overload of the device. 84 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Use of SSL 3.0 For security reasons, the use of the protocol SSL 3.0 is not recommended. The use of the protocol SSL 3.0 is disabled by default on Comfort Panels. If you nevertheless wish to activate the use of SSL 3.0, select the option "Use SSL 3.0" in Internet Explorer or in "Start Center > Settings" under "Internet options > Advanced". For RT Advanced, the use of SSL 3.0 can be disabled in Internet Explorer or in the Control Panel under "Internet Options > Advanced" by deactivating the "Use SSL 3.0" option. Network settings The following tables show the network settings of each product which you need in order to analyze the network security and for the configuration of external firewalls: WinCC Advanced (without simulation) Name Port num Transport ber protocol Direction Function Description ALM 4410* TCP Inbound, Outbound License service This service provides the complete functionali ty for software licenses and is used by both the Automation License Manager as well as all li cense-related software products. HMI Load 1033 TCP Outbound HMI Load (RT Basic) This service is used to transmit images and configuration data to Basic Panels. HMI Load 2308 TCP Outbound HMI Load (RT Advanced) This service is used to transmit images and configuration data to panels. * Default port that can be changed by user configuration WinCC Simulation for Basic Panels Name Port num Transport ber protocol Direction Function Description HMI Load 1033 TCP Inbound HMI Load (RT Basic) This service is used to transmit images and configuration data to Basic Panels. EtherNet/IP 44818 TCP Outbound Ethernet/IP channel The Ethernet/IP protocol is used for connec tions to Allen Bradley PLCs. 2222 UDP Inbound Ethernet/IP channel The Ethernet/IP protocol is used for connec tions to Allen Bradley PLCs. Modbus TCP 502 TCP Outbound Modbus TCP channel The Modbus TCP protocol is used for connec tions to Schneider PLCs. RFC 1006 102 TCP Outbound S7 channel Communication with the S7 controller via Ethernet/PROFINET Mitsubishi MC 5002 TCP Outbound Mitsubishi MC channel The Mitsubishi protocol is used for connections to Mitsubishi PLCs. WinCC Advanced V14 System Manual, 10/2016 85 Readme 3.3 WinCC Comfort/Advanced WinCC Simulation for Panels and Runtime Advanced Name Port num Transport ber protocol Direction Function Description DCP --- Ethernet Outbound PROFINET The DCP protocol (Discovery and basic Con figuration Protocol) is used by PROFINET and provides the basic functionality for locating and configuring PROFINET devices. LLDP --- Ethernet Inbound, Outbound PROFINET The LLDP protocol (Link Layer Discover Proto col) is used by PROFINET for topology detec tion. SMTP 25 TCP Outbound SMTP Communication This service is used by WinCC Runtime Ad vanced to send e-mails. HTTP 80* TCP Inbound Sm@rtServer The Web server is only available when Sm@rtService is activated. The used port may differ depending on automatically selected set tings. RFC 1006 102 TCP Outbound S7 channel Communication with the S7 controller via Ethernet/PROFINET NTP 123 UDP Outbound Time synchroni zation The NTP protocol (Network Time Protocol) is used for time synchronization in IP-based net works. SNMP 161 UDP Outbound PROFINET The SNMP client functionality is used by STEP 7 to read status information from PROFINET devices. HMI Load 2308 TCP Outbound HMI Load (RT Advanced) This service is used to transmit images and configuration data to panels. HTTPS 443* TCP Inbound Sm@rtServer The Web server with HTTPS protocol is only available when Sm@rtService is activated. The used port may differ depending on auto matically selected settings. VNC server 5900* TCP Inbound Sm@rtServer This service is only available when Sm@rtSer vice is activated. 5800* TCP Inbound Sm@rtServer This service is only available when Sm@rtSer vice is activated. 5500 TCP Outbound Sm@rtServer This service is only available when Sm@rtSer vice is activated. VNC client * Default port that can be changed by user configuration PROFINET protocols for Panels and Runtime Advanced Name Port num Transport ber protocol Direction Function Description DCP --- Outbound Lifelist, PROFINET Dis covery and con figuration The DCP protocol (Discovery and basic Con figuration Protocol) is used by PROFINET and provides the basic functionality for locating and configuring PROFINET devices. PROFINET Link Layer Discovery protocol The LLDP protocol (Link Layer Discover Proto col) is used by PROFINET for topology detec tion. LLDP 86 --- Ethernet Ethernet Inbound, Outbound WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced PROFINET protocols for Panels and Runtime Advanced MRP --- Ethernet Outbound PROFINET me dium redundan cy The MRP protocol (Medium redundancy proto col) enables control of redundant transmission paths using a ring topology. PROFINET IO Data --- Ethernet Inbound, Outbound PROFINET Cy clic IO data transfer Cyclic data exchange is used by panels for di rect keys and LEDs. NARE --- Ethernet Inbound, Outbound Name Address Resolution This protocol is used to resolve network names and assign IP addresses. UDP Inbound, Outbound PROFINET con The PROFINET Context Manager provides an nection less endpoint mapper in order to establish an appli RPC cation relation (PROFINET AR). PROFINET Con 34964 text Manager Communication connections for Panels and WinCC Runtime Advanced Name Port num Transport ber protocol Direction Function Description Telnet 23 TCP Inbound Telnet This service can be used for maintenance. SMTP ** TCP Outbound SendEMail This service is used by Windows CE / PC Run time to send e-mails. HTTP 80* TCP Inbound Hypertext Transfer Proto col The HTTP protocol is used for communication with the internal Web server. RFC 1006 ** TCP Outbound S7 channel Communication with the S7 controller via Ethernet/PROFINET. HMI Load 102 TCP Inbound Transfer This service is used to transmit images, Run time, and configuration data to the panel via PN/IE NTP ** UDP Outbound Time synchroni zation The NTP protocol (Network Time Protocol) is used for time synchronization in IP-based net works. DCOM*** 135 TCP Inbound OPC server This service is a component of the Microsoft Windows operating system. Communication via OPC (DA) is based on DCOM. This service is therefore required to initialize OPC (DA) con nections. DCOM*** ** TCP Outbound OPC server The communication via OPC (DA) is based on DCOM and uses unspecified ports assigned by the system. This should be taken into consid eration when using OPC (DA) and creating rules for the firewall. NetBIOS over TCP/IP ** UDP Outbound With the use of Remote File Share Register / log on to a remote server. NetBIOS over TCP/IP ** UDP Outbound With the use of Remote File Share Register / log on to a remote server. SNMP 161 UDP Inbound Simple Network Management Protocol The SNMP client functionality is used by STEP 7 to read status information from PROFINET devices. WinCC Advanced V14 System Manual, 10/2016 87 Readme 3.3 WinCC Comfort/Advanced Communication connections for Panels and WinCC Runtime Advanced HTTPS 443* TCP Inbound Secure Hyper text Transfer Protocol The HTTP protocol is used for communication with the panel-internal Web server via Secure Socket Layer (SSL). Modbus TCP ** TCP Outbound Modbus TCP channel The Modbus TCP protocol is used for connec tions to Schneider PLCs. Mitsubishi MC ** TCP Outbound Mitsubishi MC channel The Mitsubishi protocol is used for connections to Mitsubishi PLCs. Printing ** TCP Outbound Printing Printing on the control panel (via Ethernet). HMI Load 2308 TCP Inbound Transfer This service is used to transmit images and configuration data to panels. On Comfort Pan els, this service has been replaced by Device Manager and SCS as of V13. This service is used to transmit configuration data to WinCC Runtime Advanced. HMI Load 50523 TCP Inbound Transfer This port is used if port 2308 is not available. This service is used to transmit images and configuration data to panels. On Comfort Pan els, this service has been replaced by Device Manager and SCS as of V13. This service is used to transmit configuration data to WinCC Runtime Advanced. ALM 4410* TCP Inbound, Outbound Application Li cense Manager This service of RT Advanced makes available the complete functionalities for software licen ses and is used by the Automation License Manager. OPC UA 4870* TCP Inbound OPC UA server This service is required for communication via OPC UA. HMI Load 5001 TCP Inbound Device Manager This service is used to transmit images and Runtime to panels. HMI Load 5002 TCP Inbound SCS (System Configuration Server) This service is used to transmit configuration data to panels. VNC client 5500 TCP Inbound Sm@rtServer Reverse VNC server connection. Receive mode is set for the VNC client. VNC server 5800* TCP Inbound Sm@rtServer VNC server connection HTTP 5900* TCP Inbound Sm@rtServer VNC server connection SIMATIC Logon ** TCP Outbound UMAC (User Register / log on to a remote server. Management to the Access Con trol) Allen Bradley Ethernet IP ** TCP Outbound Ethernet/IP channel Reserved 49152 ... 65535 TCP/UDP Outbound The Ethernet/IP protocol is used for connec tions to Allen Bradley PLCs. Dynamic port range is used, for example, to connect to the remote file sharing. * Default port that can be changed by user configuration ** Port is assigned automatically. *** Supported by WinCC Runtime Advanced only. 88 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced 3.3.2 News News about the TIA Portal You can learn about the latest news about various topic areas of the TIA Portal in Siemens Industry Online Support. All news concerning WinCC can be found here: News (http://support.automation.siemens.com/ WW/view/en/88360672) 3.3.3 Notes on use Contents Information that could not be included in the online help and important information about product features. Virus scanners during installation Virus scanners should be disabled during the installation of WinCC. Change in response after upgrading The new WinCC version contains new features and improvements as compared to the previous version. The new version may therefore demonstrate slight differences in the names or the response of properties and functions after the upgrade. Unlike in previous versions, the standard properties of newly created objects can also be changed. These differences in response may lead to errors when compiling the project. Working with styles Please note that the system styles are reset to the default style "WinCC Dark" after upgrading the project to V14. To restore the system style that you had set before upgrading the project, follow these steps: 1. Open the Runtime settings of the HMI device. 2. Select the desired system style under "Style of the HMI device". Compatibility with WinCC V13 In WinCC V14, it is not possible to save the project in the WinCC V13 format. Working with standard user rights If you are working with standard user rights in Windows 7, "User Account Control (UAC)" must not be disabled. The "User Account Control" is enabled in Windows 7 by default. WinCC Advanced V14 System Manual, 10/2016 89 Readme 3.3 WinCC Comfort/Advanced For more information on the "User Account Control", refer to the online help for Windows 7. Screen keyboard Once you have opened the TIA Portal, you can no longer call the screen keyboard. To call the on-screen keyboard in Windows, use the following command: "Start > All Programs > Accessories > Ease of Access > On-screen keyboard". Specifying the time of modification in the overview window The times of modification displayed in the overview window only refer to changes to the object itself. Changes to subordinate objects, e.g. screen objects in a screen, do not cause the time of the last change to the screen to change in the overview window. Reports with Asian character sets on Windows CE devices If Asian characters sets are displayed in an illegible manner in a report on a Windows CE device, you must change the character sets for the objects in the report. it is sufficient to change to a different character set and then reset the original character set. File browser on a Windows 8 PC with touch screen You can only operate the file browser dialog with a mouse, keyboard or on-screen keyboard (without using the touch function) on a Windows 8 PC with touch screen. We recommend using the file browser dialog of the Windows operating system with the help of a script on a touch screen PC with Windows 8. Compatibility of WinCC V14 with SCOUT TIA WinCC V14 is not compatible with SCOUT TIA versions lower than V4.5. Version V4.5 will be released soon. Global library A global library cannot be updated as a whole. Only individual folders can be updated within a library. 3.3.4 Migration Contents Information that could not be included in the online help and important information about product features. 90 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Project languages in WinCC WinCC V14 does not support all project languages that were available in WinCC flexible, such as Arabic. If you receive an empty project as the result of your migration, you may want to check the set editing language. Do not set the project languages that are not supported as editing language in the source project. Proceed as follows: 1. Open the project with WinCC flexible. 2. Change the editing language to English, for example. 3. Save the project. 4. Restart the migration. Migrating an integrated project with ProTool objects The "PROTOOL option package(s) missing in STEP 7" error message output during migration of a WinCC flexible project that is integrated in STEP 7 indicates that WinCC flexible 2008 SP3 is installed on your system. Moreover, the project still contains objects that were configured using ProTool. Do not open the project with WinCC flexible 2008 SP3! To migrate the project, proceed as follows: 1. Open the project in the SIMATIC Manager. 2. Execute the "Save as" command in the "File" menu. 3. Enable the option "With reorganization" in the "Save project as" dialog. 4. Click OK. 5. Copy the project back to the original computer. 6. Restart the migration. Migrating a WinCC V7 project: Border line of rectangles In a WinCC V7 project, you have configured a rectangle with the settings "Line weight = 1" and "Draw insider border = yes". Migrate the WinCC V7 project to WinCC V14. To have the rectangle displayed correctly, follow these steps. 1. Open the Inspector window of the rectangle. 2. Open the property list. 3. Disable "Widen border line inwards". Progress bar As long as the progress bar still shows a value of 100%, the software is still busy running remaining tasks such as the closing of references. The software will not respond to user input while this status is given. WinCC Advanced V14 System Manual, 10/2016 91 Readme 3.3 WinCC Comfort/Advanced Migrating projects from WinCC V7 In TIA Portal V13, you can continue to use projects from WinCC V7.2 after migration. Projects from earlier WinCC versions cannot be migrated directly to WinCC TIA Portal version V13. If you wish to continue using such projects in TIA Portal V13, you must first migrate them to the WinCC V7.2 Classic page. To do so, use WinCC V7.2 with the latest update. Supported project languages in WinCC V7 Due to different Windows DotNet versions, there may be different names in WinCC V7 and the TIA Portal within the same language. This may result in different sorting orders in the same project. The following table shows some examples with English spelling: WinCC V7.x TIA Portal Bengali (Bangladesh) Bangla (Bangladesh) Bengali (India) Bangla (India) Chinese (Simplified, PRC) Chinese (People's Republic of China) Chinese (Simplified, Singapore) Chinese (Singapore) Chinese (Traditional, Hong Kong S.A.R) Chinese (Hong Kong S.A.R) Chinese (Traditional, Macao S.A.R) Chinese (Macao S.A.R) Chinese (Traditional, Taiwan) Chinese (Taiwan) French (Monaco) French (Principality of Monaco) Oriya (India) Odia (India) Sami (Inari, Finland) Sami, Inari (Finland) Sami (Skolt, Finland) Sami, Skolt (Finland) Sami, Northern (Norway)$Sami Sami, Northern (Norway) Spanish (Bolivarian Republic of Venezuela) Spanish (Venezuela) Spanish (Spain, Traditional Sort) Spanish (Spain) Spanish (Spain, International Sort) Spanish (Spain) Yakut (Russia) Sakha (Russia) 3.3.5 Engineering System 3.3.5.1 Screens and Screen Objects Contents Information that could not be included in the online help and important information about product features. 92 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Screen objects after HMI device replacement If you upgrade a device to the new HMI device versions, you should check the screens contained in the project. Because of the new appearance and improved operability, texts of symbolic I/O fields may not be completely legible and may be concealed by operator controls. Grouping of screen objects When you group screen objects in WinCC, performance problems can arise in WinCC in the case of large nesting depths. ActiveX and .NET controls ActiveX and .NET controls are always positioned in the foreground in runtime. The configuration of ActiveX and .NET controls on levels is not supported. Use of bitmaps as icons In Windows 8 and Windows 8.1, the use of bitmaps with a size of 48x48 pixels and a color depth of 32 bits as icons is not supported. Border line of rectangles In a WinCC V7 project, you have configured a rectangle with the settings "Line weight = 1" and "Draw insider border = yes". You then migrate the WinCC V7 project to WinCC V12. To have the rectangle displayed correctly, follow these steps. 1. Open the Inspector window of the rectangle. 2. Open the property list. 3. Disable "Widen border line inwards". Border line of "Graphic I/O field" object In WinCC V14, the dynamization of the border line of the "Graphic I/O field" object in "Two states" mode has no effect during runtime. Dynamization of instances of a faceplate type in a group You are using the instance of a faceplate type in an object group. The properties of the instance are also displayed as properties of the group. Any dynamization with tags, scripts or animations of the group is not displayed in Runtime. WinCC Advanced V14 System Manual, 10/2016 93 Readme 3.3 WinCC Comfort/Advanced Preview in screen window You use your own designs with shadows for screen objects. The screen objects can be displayed in a screen window. The shadows of the screen objects are not displayed in the preview of the screen window. The response occurs only in the engineering system. It is displayed correctly in Runtime. Many visually different screen objects The use of screen objects with many visually different properties (e.g. many different styles) can reduce performance in runtime and can increase the amount of available memory space used. Avoid using, for example, very many different corner radii: 0 pixel, 1 pixel, 2 pixels, 3 pixels, etc. Dynamization of grouped objects (RT Professional) For groupings with multiple nestings (group in group, faceplate in group, group in faceplate, etc.), only the events of the outermost group and the innermost objects can be used for dynamization with system functions. System functions that are configured at events of the lower-level group or lower-level faceplate are not executed. Number of characters in text fields, lists and alarm texts The number of characters that can be used in the text of a screen object is not constant. Control instructions and formatting are taken into consideration when entering text data and the maximum number of characters is reduced accordingly. Transparency in WinCC as of V13 Transparent graphics can be displayed without any problems in Runtime. This is true for all Comfort Panels and WinCC Runtime Advanced as of version 13.0. To use the transparency in a graphic view or in a graphic I/O field, the "Fill pattern" property must be set to "Transparent" and the property "Use transparent color" must be disabled. If the property "Use transparent color" is enabled in a device as of version 13.0, the transparency of the graphic is lost and the transparent pixels are displayed in black. We recommend that you check the "Use transparent color" property at the points of use of transparent graphics after upgrading existing projects to device version 13.0 or higher. If the graphics are not displayed correctly, disable this property. Displaying SIMOTION PLC websites in the HTML browser If the SIMOTION PLC websites are not displayed correctly in the HTML browser, insert ""/ basic"" after the website URL to display the websites in basic mode. Display differences between the configuration and the display on the HMI device The display of the text configured in a screen object may be different on the HMI device due to the display configuration. If you are using the options for automatic size adjustment in the configuration, check the display on your HMI device in every language. 94 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced If texts that were configured with the "Fit object to contents" option cannot be displayed in full, they are reduced slightly on the HMI device. If this reduction leads to a distorted display of texts, disable the "Fit object to contents" option and expand the text with additional blanks. Optionally, you can increase the width of the object or use a shorter formulation for the text. Exporting and importing function keys Function keys are synchronized during the import. If a function key is created in the global screen and the key is empty in the screen, the corresponding function key will use the global definition in all screens. If you want to disable the global use of function keys after the import, define empty keys in the screens and import the screen types in the following order: Global screen, templates, screens. If you want to ensure when exporting the screens that the global definition of a function key is not used by the template or by the global screen, create an empty function key in the screen. Select the required function key in the screen, then enable the "Use global assignment" property and disable it again. Corner radius of the "Symbolic I/O field" object The "corner radius" property is not available for a symbolic I/O field on Comfort Panels or RT Advanced. The corner radius that you specify for the "Symbolic I/O field" object in the style editor has no effect in the screen editor for these target systems. PLC Code Viewer The following data types are not supported by the PLC Code Viewer: Date and time: DATE, TOD, LTOD, DT, LDT Characters: CHAR, WCHAR, STRING Complete DTL structures are not supported. Only single elements of DTL structures are supported. Jump from a monitoring alarm to the PLC code view For the jump from a monitoring alarm to the PLC code view, the instance name must conform to the following naming convention <FB name>_DB when using supported local operands in a function block. Note: The jump to a function or an organization block is only possible if only global operands are used. WinCC Advanced V14 System Manual, 10/2016 95 Readme 3.3 WinCC Comfort/Advanced The following restrictions apply to viewing upstream networks: The upstream network must not contain any tags from the Temp or InOut section of an FB. The following data types may not be used for tags: - STRING - WSTRING - CHAR - WCHAR - S5TIME No array element may be used with a tag to be used as an index. Only bit slicing is supported for slice access. Special features: Operands and UDTs Operands that are declared in the "#Temp" or "#InOut" area are generally not supported by the PLC code view. This applies both to elementary data types and to data types that are contained in UDTs. Data types of a UDT can be declared in the "#In" and "#Out" area and displayed in the PLC code view. The same limitations as for elementary data types apply to the data types of the UDT. Faceplates for Runtime Advanced When configuring styles at the faceplate type, the "Use style/design" property has to be available in the interface before the "Style item design" property is used in the interface of the faceplate. Otherwise, the style at the instance of the faceplate is lost when the configuration is updated. GRAPH overview for Runtime Professional When upgrading to V14, the signature of the C function at the "Click" event is changed. The propertyName parameter from the previous versions has been removed. Functions that are able to access this parameter are shown as faulty after the upgrade. Updating faceplates with the UDTs of the type "IEC timer" The "ST" element was automatically removed from the user-defined PLC data types (UDT) that use the "IEC timer" data type. Adapt the faceplates containing these UDTs to a new version of the UDT without an ST element. A detailed description of this can be found in the FAQ with the entry ID "109740393" in the SIMATIC Customer Online Support. 96 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Dynamizing the value column in the table view (RT Professional) Note the following information about dynamizing the properties in the value column of a table view: The "ValueColumnName" property specifies the name of the selected value column. The "ValueColumnName" attribute can be dynamized with the "ValueColumnRename" attribute. The data type is STRING. The "ValueColumnRename" property changes the name of the value column referenced with the "ValueColumnIndex" attribute. The attribute can be dynamized with the "ValueColumnRename" name. With "ValueColumnRename" you also dynamize the "ValueColumnName" attribute. The data type is STRING. The "TimeColumnName" property specifies the name of the selected time column. The "TimeColumnName" attribute can be dynamized with the "TimeColumnRename" attribute. The data type is STRING. The "TimeColumnRename" property changes the name of the time column referenced with the "TimeColumnIndex" attribute. The attribute can be dynamized with the "TimeColumnRename" name. With "TimeColumnRename" you also dynamize the "TimeColumnName" attribute. The data type is STRING. See also http://support.automation.siemens.com (http://support.automation.siemens.com/WW/view/en/ 62101921) 3.3.5.2 Tags and connections Contents Information that could not be included in the online help and important information about product features. Multiplexing tags on a Basic Panel If you multiplex a tag with an external tag on a Basic Panel, the address is read from the PLC in runtime during the first read cycle. The value of the address read is not available until the second read cycle. Tag names in faceplates Use of the "." or "@" character in names of tags in faceplate types is not permitted. Do not use these special characters in the tag names in faceplates. Tags with symbolic addressing and "Char Array" data type (RT Professional) Tags with symbolic addressing and the "WString" data type are not released for communication of RT Professional and SIMATIC S7-1200 V3. WinCC Advanced V14 System Manual, 10/2016 97 Readme 3.3 WinCC Comfort/Advanced Length specification for tags of the "String" type The length specification for the internal HMI tags of the "String" type have no effect in the "Tag" editor. If you want to limit the tag length of an input field or output field, for example, limit the length using VB scripting or C scripting. Tags under "Tag box ID" The tag that you configure under "Tag box ID" with "Runtime Settings > General" may only be used in read-only mode. No values may be written in this tag, however, they may be read in scripts, for example, or output to screens. Array elements in WinCC If you have connected an HMI tag with an array from a STEP 7 data block which does not start with a low limit of 0, the array elements are mapped in WinCC to the low limit of 0. To ensure that you do not have to rethink between the STEP 7 indices and the WinCC indices when accessing the individual array elements, the low limits of arrays should also start at 0 in STEP 7. Duration of the initialization of historical data Initialization of the archives on some storage media can take up to 5 minutes. The successful completion of initialization is confirmed by a system message once it has been completed. If there a lack of any storage medium for archiving when Runtime starts, the appearance of the system message can also take up to 5 minutes. PLC user data types When you access an element of a PLC user data type in a tag table via the object list instead of the name of the PLC tags, the name THIS is inserted. You must replace this label with the name of the PLC tag. 3.3.5.3 Alarm system and alarm displays Contents Information that could not be included in the online help and important information about product properties. Tags in alarm texts of Runtime Advanced Tags of data type WChar or WString cannot be displayed in the alarm view in Runtime Advanced. 98 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Boolean tags in alarm logs Bool type tags are recognized as 0 and -1 in the alarm log. If you use a text list that is controlled by a tag of the type Bool in an alarm log, then add the entry for the value -1 to the corresponding text list. Duration of the initialization of historical data Initialization of the archives on some storage media can take up to 5 minutes. The successful completion of initialization is confirmed by a system message once it has been completed. If there a lack of any storage medium for archiving when Runtime starts, the appearance of the system message can also take up to 5 minutes. PLC alarms A PLC alarm is only visible in the "Alarm" editor of an HMI device when the FB calls for this alarm have been invoked in an OB. 3.3.5.4 System functions and scripts Contents Information that could not be included in the online help and important information about product features. Runtime error on startup on TP 277 and OP 277 At the start of the runtime on a TP 277 or OP 277, the error "Global unknown error with VBScript: 'Expected statement' in script ..." can be reported. This error is triggered on devices with the Windows CE 3.0 operating system by user functions of the following type: Sub VBFunction_1() With HmiRuntime.Screens("Screen_1").ScreenItems("Button_1") .backcolor = vbred .visible = not .visible End With End Sub If the error occurs, you need to re-program the user function as follows: Sub VBFunction_1() HmiRuntime.Screens("Screen_1").ScreenItems("Button_1").backcolor = vbred HmiRuntime.Screens("Screen_1").ScreenItems("Button_1").visible = not .visible End Sub WinCC Advanced V14 System Manual, 10/2016 99 Readme 3.3 WinCC Comfort/Advanced Scripts for service projects Since no interactive user is usually logged in service projects, C scripts and VB scripts lead to problems in the following cases: When the scripts require interaction, for example, operator input. When the scripts show message boxes. There is no common data area for C scripting in service mode. Thus, for example, no global C variables can be exchanged between the "Scheduled tasks" and "Screens". Find and Replace in local scripts in WinCC Professional Use the "Find and Replace" function to find and replace texts within editors. It is not possible to use Find and Replace in local scripts. Block version for the "ActivatePLCCodeView" system function (Comfort Panels and RT Advanced) The version of the GRAPH block must be at least V3.0 for the jump into the GRAPH sequencer via the "ActivatePLCCodeView" system function. Properties no longer used in Comfort Panels and RT Advanced In WinCC V13, many new visual properties have been introduced and many existing properties have been harmonized. In the course of revision of the object properties, some properties that could be used in VB scripts in earlier versions of WinCC are no longer supported for use in WinCC V13. Scripts that use properties that are no longer supported remain valid, but the relevant calls within the scripts have no function. These limitations pertain exclusively to Comfort Panels and RT Advanced in device version V13.0. The following table shows the properties of screen objects that are no longer being used: Property Screen object BorderBrightColor3D Slider BorderColor Text field, I/O field, symbolic I/O field, date/time field BorderInnerWidth3D Slider BorderOuterWidth3D Slider BorderShadeColor3D Slider BorderStyle3D Text field, I/O field, button, symbolic I/O field, graphic I/O field, date/time field, bar, switch BorderWidth Text field, symbolic I/O field CenterColor Gauge DialColor Gauge EdgeStyle Text field, I/O field 100 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Debugging VB scripts You can use the "Debug" object to enter custom texts in a debugger. The object has the methods "Write" and "WriteLine". You can find additional information about the "Debug" object on the Internet (https://msdn.microsoft.com/en-us/library/wk3y866c(v=vs.84).aspx). You can use the "Err" object to respond to error messages that are generated by another object. The object has the methods "Raise" and "Clear". You can find additional information about the "Err" object on the Internet (https:// msdn.microsoft.com/en-us/library/sbf5ze0e(v=vs.84).aspx). Transferring parameters to VBScripts (Panels and RT Advanced) In WinCC, you can define whether the parameters of VB scripts "ByRef" (address of the parameter) or "ByVal" (value of the parameter) are transferred. Transferring the address of the parameter using "ByRef" (Call by Reference) is possible only for the internal tags of the VB script. With HMI tags, the value of the parameter is always transferred regardless of whether the parameter was defined as "ByRef" or as "ByVal". Accessing the "Height" and "Width" properties of some VBS objects in runtime Contrary to what is described in the help, you have read access to the "Height" and "Width" properties for the following VBS objects: AlarmView, Bar, BatteryView, Button, CameraControl, Clock, DateTimeField, FunctionTrendControl, Gauge, GraphicIOField, GraphicView, HTMLBrowser, IOField, Line, MediaPlayer, PDFView, PLCCodeViewer, Polygon, Polyline, ProDiagOverview, ProtectedAreaNameView, RangeLabelView, RangeQualityView, RecipeView, S7GraphOverview, Slider, SmartClientView, StatusForce, Switch, SymbolicIOField, SymbolLibrary, SysDiagControl, TextField, TrendView, UserView, WLanQualityView, ZoneLabelView, ZoneQualityView You can find additional information on the VBS object model in the FAQ with entry ID "53752382" in the SIMATIC Customer Online Support: https://support.industry.siemens.com/cs/ww/en/view/53752382 3.3.5.5 Reports Contents Information that could not be included in the online help and important information about product features. WinCC Advanced V14 System Manual, 10/2016 101 Readme 3.3 WinCC Comfort/Advanced 3.3.5.6 Recipes Contents Information that could not be included in the online help and important information about product features. Arrays in recipe elements If you have configured both an array as well as the elements of this array for recipe elements of a recipe, the loading of data records aborts with the following error message: "290055: Import of data records aborted with error" Use either the array or just the array elements for recipe elements of a single recipe. Saving recipes on Comfort Panels Recipes should be preferably saved on the SD card rather than in the built-in flash memory. 3.3.5.7 User administration Contents Information that could no longer be included in the online help and important information about product features. 3.3.5.8 Communication Contents Information that could not be included in the online help and important information about product features. Connection interruptions with Mitsubishi PLCs After multiple connection interruptions, a situation may arise where all the connection resources of the Mitsubishi PLC are in use and the connection can no longer be established. We recommend that you check these connection resources in the PLC program of the controller and enable them again. Limited number of possible HMI connections An error message is displayed during compilation of a device indicating that the configuration of the HMI connection in the "Devices & Networks" editor is invalid. The reason may be that the maximum number of possible connections of the HMI device or PLC has been exceeded. 102 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Check the maximum number of available connections. Consult the device manuals of the devices you are using. Use of PROFINET IO with panel HMI devices When using PROFINET IO to connect the direct keys and LEDs of HMI devices to the PLC, you can define an offset for the address area of the inputs and outputs during configuration in HW Config. The following restriction applies when a PROFINET IO-capable S7-400 CPU is used with one of the HMI devices listed below: The offset for the start of the address area of the inputs must not be greater than the offset for the start of the address area of the outputs. The restriction applies to the following HMI devices: OP 177B OP 277 Mobile Panel 177 To configure the address parameters, open the PLC that contains the CPU of the 400 series in HW Config. Select the HMI device that is connected via PROFINET IO from the station window of HW Config. A table with the properties of the HMI device is displayed at the bottom of the station window in the detail view. Select the line containing the addresses of the HMI device in the table and open the object properties using the shortcut menu. Enable the "Addresses" tab in the "Object properties" dialog. Configure the offset for the inputs under "Inputs > Start". Configure the offset for the outputs under "Outputs > Start". RT Advanced communication via Station Manager (SIMATIC NET) with an S7-1200 For communication of a SIMATIC S7-1200 with a PC with WinCC RT Advanced via a router, the following restrictions apply to the PC: Windows 7: Only with installed SIMATIC NET 8.1 Windows XP: Communication via Station Manager (SIMATIC NET) is not supported These restrictions also apply if you are using WinAC MP or Station Manager. Connections with the help of the Station Manager of Runtime Advanced are always treated as routed connections. Communication between S7-1200 and a multi panel Communication between an S7-1200 and a multi panel with the "WinAC MP" option installed via ProSave is not possible. The HMI devices affected are: SIMATIC MP 177 6" Touch SIMATIC MP 277 8" Touch SIMATIC MP 277 8" Key SIMATIC MP 277 10" Touch SIMATIC MP 277 10" Key WinCC Advanced V14 System Manual, 10/2016 103 Readme 3.3 WinCC Comfort/Advanced SIMATIC MP 377 12" Touch SIMATIC MP 377 12" Key SIMATIC MP 377 15" Touch SIMATIC MP 377 19" Touch HMI connections in WinCC V13 HMI connections to SIMATIC S7-1200 PLCs with firmware versions earlier than V2.0 are not possible in WinCC V13. Connections via PROFIBUS DP When a connection between a PLC and an HMI device via PROFIBUS DP is interrupted and then re-established, sporadically all other PROFIBUS DP connections in the communication network are interrupted and re-established. De-energize the disconnected station before reconnecting it. Switching a connection A connection may be interrupted when it is switched from an HMI device to a SIMATIC S7-300/400, to a SIMATIC S7-1500 or to a SIMATIC S7-1200 PLC. Note the following settings in the SIMATIC S7-1500 or SIMATIC S7-1200 controllers: Absolute addressing of tags The "Disable PUT-GET communication" option must be selected The "Complete protection" protection level may not be set RT Advanced in the Station Manager If RT Advanced and WinAC RTX use the same communication processor of a PC, HMI communication with SIMATIC S7-1200 and SIMATIC S7-1500 is not possible. Raw data communication in redundant projects Simatic.NET, Named Connections and various communication blocks, such as BSEND/BRCV, for example, can only be used to a limited extent in a redundantly configured PC station because the connection parameters for the redundant partner server cannot be configured. Non-integrated connection to a SIMATIC S7-1500 software controller A non-integrated connection between an HMI device and a SIMATIC S7-1500 software controller is not supported in WinCC. 104 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Transfer areas of the operating mode IO device and DP slave of the HMI devices If you have activated the operating mode "IO device" or "DP slave" for HMI devices, no transfer areas should be added or deleted in the properties of the HMI device. If you have inadvertently deleted or added a transfer area, disconnect and reconnect the controller. Getting diagnostics data by means of HMI devices In contrast to the description of diagnostics icons for modules and devices in the information system, the following icon has the meaning specified here for HMI devices: Icon Meaning No diagnostics data is available. PROFIEnergy communication To set up PROFIEnergy communication, contact Customer Support. Enabling/disabling a connection in Runtime (Basic 2nd Generation) Contrary to the description in the online help, the alarms of the respective controller are displayed after a connection is disabled. The system diagnostics for this controller is also available. 3.3.6 System-wide functions Contents Information that could no longer be included in the online help and important information about product features. Using system diagnostics in the device proxy To use the system diagnostics function in an IPE device proxy, for example, a system diagnostics view, insert the PLC alarms as content of a device proxy. Initialize device proxy with data from a V13 project You cannot initialize a device proxy with data from a V13 project in a project with the version V13 SP1. Upgrade the V13 source project to version V13 SP1 to initialize the device proxy in the target project with the data from the source project. WinCC Advanced V14 System Manual, 10/2016 105 Readme 3.3 WinCC Comfort/Advanced 3.3.7 Compiling and loading Contents Information that could no longer be included in the online help and important information about product features. Compiling and loading If internal errors or warnings occur during compiling, compile the complete project using the command "Compile > Software (rebuild all)" in the shortcut menu of the HMI device. Before you start productive operation with your project, compile the entire project using the "Compile > Software (rebuild all)" command from the shortcut menu of the HMI device. If you are using HMI tags that are connected to control tags in your project, compile all modified blocks with the command "Compile > Software" in the shortcut menu before you compile the HMI device. Incorrect installation of ProSave If you receive an error message during installation of ProSave when loading data to a target device or maintenance of an HMI device, then you cannot remedy this error using the repair function of setup. Remove ProSave via the Control Panel. Then start setup and install the "ProSave" component again. Checking the address parameters During compilation of an HMI device in the project tree with the command "Compile > Software" in the shortcut menu, the address parameters of the HMI device, such as the IP address, will not be checked. If you want to ensure that the address parameters are checked as well, you will have to compile the HMI device using the "Compile" button in the "Devices & Networks" editor of the toolbar. Error message when downloading data to the PLC A panel and a PLC are connected and communicating with other. If a tag is accessed while downloading data from the panel to the PLC, an error message is displayed on the panel. Delayed reaction in the "Extended download to device" dialog If the settings in the "Extended download to device" dialog for "Type of the PG/PC interface" and "PG/PC interface" do not match the settings on the HMI device, this can result in the application not responding for up to a minute. 106 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Extended download with an S7-1200 and a Comfort Panel An S7-1200 PLC and a Comfort Panel are located in the same physical network as the PG/ PC. You open the "Extended download to device" dialog for the Comfort Panel. If you enable the option "Show all accessible devices", it may occur that the application stops responding. OP77A, OP73, TP177A: Loading projects When loading a project to an HMI device, it can happen that Runtime is not automatically ended, even though "Remote Transfers" is activated in the Panel. If this happens, stop Runtime and manually set the transfer mode on the HMI device. Project transfer via USB If you have connected more than one HMI device via USB to your configuration PC, project transfer is only possible to the last connected device. Comfort panels as of device version 13.0: Backing up data while loading projects If the transfer is interrupted for Comfort Panels with a device version 13.0 or higher, WinCC automatically ensures that no data is lost and that existing data is only deleted on the HMI device after complete transmission. Loading projects to a file The "Load project to file" functionality is only available in Runtime Advanced devices with version V13 or older. Displaying characters in transfer alarms If characters are not displayed correctly in the transfer alarms during transfers to HMI devices with the device version V12 or older, please check the region and language settings in Windows. Set the corresponding language under "Language for non-Unicode programs". Reducing the project size When compiling your HMI device, a message appears informing you that the size of your project is approaching the system limits for the corresponding HMI device. In this case, perform a complete compilation of the software to reduce the project size. To do this, use the command "Compile > Software (rebuild all)". See also http://support.microsoft.com (http://support.microsoft.com/default.aspx?scid=kb;EN-US; 224305) http://msdn.microsoft.com/en-us/library/ms968493.aspx (http://msdn.microsoft.com/en-us/ library/ms968493.aspx) WinCC Advanced V14 System Manual, 10/2016 107 Readme 3.3 WinCC Comfort/Advanced 3.3.8 Runtime 3.3.8.1 Notes on operation in Runtime Contents Information that could not be included in the online help and important information about product features. Focus in runtime If you have configured a low-contrast combination of focus color and border color in a V12 project, the focus may no longer be identifiable after changing the HMI device version in Runtime. Change one of the two colors. Language behavior - Layout of on-screen keyboard The layout of the on-screen keyboard is not switched when the runtime language changes. Tag values exceed the maximum length You enter a character string in a string tag via an I/O field. If the character string exceeds the configured number of tags, the character string will be shortened to the configured length. Empty alarm texts Runtime is running with a project. The project is saved on a network drive. In the event of interruptions to the network drive connection, Runtime may attempt to load alarm texts from the network drive. In the event of disconnection, the alarm window or the alarm view remains empty. To avoid this, copy the project to a local drive before the starting the project in Runtime. Large logs delay the ending of Runtime (Basic Panels 2nd Generation) When very large logs are used, ending Runtime can take a long time. Use segmented logs as an alternative to very large circular logs. Complete download in Service mode If you need to perform a "complete download" to the OS in Service mode from the engineering station, Runtime automatically stops and then starts again. The project is then no longer in Service mode. 108 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced In this state, the power supply is interrupted and WinCC Runtime no longer starts automatically on the OS. Remedy: 1. Switch the project manually to Service mode after you have performed the "complete download". 2. Close the project manually. 3. Enable Service mode. 4. Start Runtime again using the surrogate icon in the taskbar. Slow reaction of SmartServer The following programs may start and respond very slowly under Windows 7 and Windows 2008 servers: HMI TouchInputPC SmartServer: <Ctrl+Alt+Del> shortcut in the logon dialog The delay is caused by the callback for the Internet certificate validation. Remedy: You can find the following files on the product DVD under: Support\Windows7\CRL_Check or CD_RT\ Support\Windows7\CRL_Check\: DisableCRLCheck_LocalSystem.cmd DisableCRLCheck_CurrentUser.cmd 1. Run the "DisableCRLCheck_LocalSystem.cmd" file with administrator rights. Select the command "Run as administrator" from the shortcut menu of the file. 2. Reboot the PC. If the problem persists, follow these steps: 1. Double-click the file and run the "DisableCRLCheck_CurrentUser.cmd" file with user rights. 2. Reboot the PC. Note The callback for the certificate validation is disabled for all users or PCs. To restore the original state, perform the following files: RestoreDefaults_LocalSystem.cmd RestoreDefaults_CurrentUser.cmd You can find the files in the following directory of the product DVD: Support\Windows7\CRL_Check or CD_RT\Support\Windows7\CRL_Check\ WinCC Advanced V14 System Manual, 10/2016 109 Readme 3.3 WinCC Comfort/Advanced Ending screensaver on the Sm@rtServer When the screensaver is active on the Sm@rtServer on the server HMI device, you require write access to the Sm@rtClient side in order to end the screen server on the server HMI device. Avoiding corrupt files during power failure If a power failure occurs in Windows systems while the WinCC system is active, files may be corrupt or destroyed. Operation with the NTFS file system provides better security. Secure, continuous operation is only ensured by using an uninterruptible power supply (UPS). 3.3.8.2 Notes on operation of panels in Runtime Contents Information that could not be included in the online help and important information about product features. License transfer via S7USB You always need to run WinCC to transfer a license to a panel via S7USB. Using the mouse wheel in Runtime The use of the mouse wheel in Runtime is not supported on all panels. Basic Panels: Backup on the memory card of the PLC Create the backup file "A.psb" on the memory card of the PLC. An error, for example a connection break, occurs when creating the backup. This will create a corrupt file on the memory card of the PLC. Such a file has "~$" as prefix. Delete the file with the prefix "~$" if you want to save a backup again under the same name "A.psb". Basic Panels: Panel Data Storage and S7-1500F The "Panel Data Storage" PDS function cannot be used on Basic Panels in conjunction with S7-1500F when the password for the protection level "Full access incl. fail-safe" is used. "Panel Data Storage" function on Basic Panels The "Panel Data Storage" (PDS) function provided by Basic Panels is only supported by SIMATIC S7-1200 as of firmware V4.0 and SIMATIC S7-1500. For the PDS function, the panel must be connected directly with the CPU and must not be connected via the CP. 110 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Fonts with file extension ".ttx" The fonts with the file extension ".ttx" are available on all panels and Runtime Advanced and can be correctly displayed on all devices, for example, the "WinCC_flexible_smart" font. 3.3.8.3 Notes on operation of Runtime Advanced Contents Information that could not be included in the online help and important information about product features. Starting Runtime Only WinCC Runtime V14 can be started in TIA Portal V14. WinCC Runtime V11.02, V12, V13, V13 SP1 or V14 can be simulated in TIA Portal V14. Authorization for starting Runtime On a computer running the 32-bit version of Windows 7, WinCC Runtime Professional or WinCC Runtime Advanced can only be started when a user is a member of the automatically created group "Siemens TIA Engineer". .Net-Controls in Runtime If you have incorporated a .Net control in your project as "Custom .Net control", you have to copy the files belonging to these controls to the installation directory of WinCC Runtime, e.g. "C:\ProgramFiles\Siemens\Automation\WinCC RT Advanced". Otherwise, the control cannot be loaded in Runtime. Disabling automatic checking for software updates If the Engineering System is installed together with Runtime on a PC, the operator gets notifications above software updates. For the system to run reliably on a multi-user system, the same software version must be installed on all PCs. It is possible to disable the automatic checking for software updates and to thus improve performance. To disable the automatic checking for software updates, go to "Settings > General > Software updates" and clear the "Check daily for updates" check box. Performance features of WinCC Runtime Advanced Contrary to the description in the help, the following applies in WinCC Runtime Advanced: Maximum number of tags in the project: 24576 Number of power tags: 128 ... 16384 Number of internal tags: 8192 WinCC Advanced V14 System Manual, 10/2016 111 Readme 3.3 WinCC Comfort/Advanced 3.3.9 HMI devices 3.3.9.1 Notes on HMI devices Contents Information that could not be included in the online help and important information about product features. If the PC goes into standby or hibernate mode while the transfer is in progress, the panel status after interruption of the transfer is not defined. Multi-key operation Unintentional actions can be triggered by multi-key operation: When you are using a key device, you cannot press more than two function keys at the same time. When you are using a touch device, a standard PC or a panel PC, you can only press one function key or button at the same time. HMI devices with high communication load S7 Diagnostics should be enabled if a Panel is assigned many connections to PLCs or other HMI devices. Otherwise, you will risk overload on the Panel. TS Adapter with Ethernet interface If an HMI device is connected via Ethernet and a TS adapter, it can not be reset to factory settings. Simulation with real PLC connection The access point used by the simulation is independent from the settings of the engineering system and can only be altered in the Control Panel with the "Setting PG/PC Interface" tool. If the PLC connection is terminated right after the start of the simulation with alarm 140001, you should check the access point used by the simulation with "Setting PG/PC Interface". 1. Double-click "Setting PG/PC Interface" in the Control Panel. A dialog opens. 2. Select "S7ONLINE" in the "Access point of application" field as standard for HMI. 3. Select the interface in the "Interface Parameter Assignment Used" area. 4. Exit the dialog "Setting PG/PC Interface" with OK Simulation of the Basic Panels Use an output field in an alarm text to output an external tag. The content of the output field will always be displayed with "0" during simulation. 112 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Upgrading Basic Panels to device version V12 Before you upgrade Basic Panels from device version V11 to device version V12, transfer the image of the V11 SP2 Update 5 or higher to the devices. In the "SIMATIC ProSave [OS Update]" dialog, select the setting "Reset to factory settings". In this way, you always start a functional update of the image. Affected devices: KP300 Basic mono PN KP400 Basic color PN KTP400 Basic color PN Basic Panels 2nd Generation Basic Panels 2nd Generation support the Sm@rtServer option. If you are not using a USB hub, select the USB port USB_X60.1 as storage path. HMI devices with operating system Windows CE 5.0 or higher Owing to a modified client-server communication security setting, the time difference between the HMI device (client) and PC (server) must not exceed 1 day. If you back up recipe data from the HMI device on a network drive, for example, make sure that the time is set correctly on the PC (server) and the HMI device (client). Floating point numbers on MP 277, MP 377, TP 177B 4'' and CP4 Only floating point numbers in the range from 10-293 ... 10+307 are displayed correctly on the HMI devices MP 277, MP 377, TP 177B 4'' and CP4. If the tag value is outside this range, it is displayed as 0. Restrictions for the HMI device, MP 377 15" Touch daylight readable The following functions are not supported in WinCC V12 for the MP 377 15" Touch daylight readable HMI device: Option: Sm@rtServer System function: SetAndGetBrightness Direct keys Connection switch in the Control Panel with Basic Panels If you use the "Override protected connection information" function, the following restriction applies: You cannot perform a connection switch in the Control Panel of a Basic Panel from a PLC without a protection level to a PLC with a "Complete protection" level. WinCC Advanced V14 System Manual, 10/2016 113 Readme 3.3 WinCC Comfort/Advanced Mobile Panel Communication between fail-safe Mobile Panel and a S7-1200F is not possible with V14.0 and will not be enabled until a later update. Mobile Panels 277F IWLAN Mobile Panels 277F IWLAN are approved for use with CPUs of the type S7-1500F with WinCC V13 SP1 Update 4. If this connection is not established automatically after the panel is switched on or after a failsafe connection to a CPU S7-1500F is interrupted, a STOP/RUN transition needs to be performed on the CPU. Affected MLFBs: 6AV6645-0EB01-0AX1 6AV6645-0EC01-0AX1 6AV6645-0EF01-0AX1 6AV6645-0GB01-0AX1 6AV6645-0GC01-0AX1 6AV6645-0GF01-0AX1 Using Mobile Panel 277F IWLAN in the industrial environment To avoid communication problems between the HMI device and access point, observe the following: IWLAN planning: Wireless connection between the HMI device and access point Wireless field planning needs to be carried out. Radar influences need to be taken into consideration for channels requiring Dynamic Frequency Selection (DFS). Avoid radio frequency interference from other devices, such as hand-held devices with Bluetooth or WLAN functionality. For adjacent access points, use data channels that are separated by at least one wireless channel (e.g. 36 and 44 rather than 36 and 40). Do not place several access points in the immediately vicinity of one another. We recommend a minimum distance of 5 m. For the Mobile Panel 277F IWLAN, use the "Software retry number" 15 instead of the default value 3. Using the "Rapid roaming" function with iPCF-MC Always use iPCF or iPCF-MC (rapid roaming) for PROFIsafe communication. Use the same SSID for all access points. The "Background scan" should be switched off on the HMI device ("Background scan interval" for the HMI device = 1 (default value)). 114 WinCC Advanced V14 System Manual, 10/2016 Readme 3.3 WinCC Comfort/Advanced Use the same "Management channel" and different, non-overlapping "Data channels" for all access points. Configure the "PN-IO cycle time" higher than the "iPCF scan cycle time". Observe the configured timeout when assigning PROFIsafe parameters. "Zone ID/Connection point ID" tag of a Mobile Panel 277 IWLAN V2 The tag used for the "Zone ID/Connection point ID" must be of data type INT for Mobile Panel 277 IWLAN V2 devices. Adapt this data type if necessary when migrating a project. Mobile Panels 277F IWLAN (RFID tag): F_DB_STATES The F_DB_STATES block is no longer supplied with WinCC V14. The block F_DB_STATES serves only for data exchange. You can configure a block to replicate the function of the F_DB_STATES, however. Note the description of the F_DB_STATES in the operating instructions of your HMI device or in the information system. IPC427D If an IPC427D is configured in a V12 or V13 project in which IE1 of the PC station is assigned and the device version of the PC station changes from V1 to V2 after upgrading to V14, the interface assignment of CP_IE_1 must initially be set to "None, or different Windows settings" and then changed to "SIMATIC PC Station" before compiling the project . Then, the project can be compiled without errors. Using PROFIsafe and Sm@rtServer with KTP700F Mobile and KTP900F Mobile Panels The evaluation of the safety operation via PROFIsafe is only guaranteed if the Sm@rtServer is disabled on the panel. Alternatively, the PROFINET cycle time can be increased to at least 128ms. This only affects the device version V14, not V13 SP1. Printing alarms (Mobile Panels 2nd Generation) It is not possible to print alarms as PDF or HTML when the internal memory "/flash" is selected as "Storage Location". To print alarms as PDF or HTML, select an SD memory card or a USB stick as storage location. WinCC Advanced V14 System Manual, 10/2016 115 Readme 3.3 WinCC Comfort/Advanced 116 WinCC Advanced V14 System Manual, 10/2016 Installation 4.1 4 Notes on the installation Contents Information that could not be included in the online help and important information about product characteristics. Installation in a virtual environment (private cloud) You can find instructions on how to install the TIA Portal in a virtual environment (private cloud) on the installation data medium in the directory "Documents\Readme\<language directory>". You can open the PDF document "TIAPortalCloudConnectorHowTo<language ID>.pdf" here. Automated Installation A description of automated installation is available on the product DVD in the directory "Documents\Readme\<Language directory>". Use of the same versions of TIA Portal products during installation When installing different TIA Portal products, make sure that you use the same versions of service packs and updates for the installation. For example, if you have installed SP1 for STEP 7 V13, you must also install SP1 for WinCC V13. The service packs and updates must be installed for all products at the same time. Do not start the TIA Portal until all products have been upgraded. You can download the service packs from the Internet under Siemens Industry online support (https://support.industry.siemens.com/cs/de/en/). Target directory of the installation Do not use any UNICODE characters (for example, Chinese characters) in the installation path. Use of antivirus programs During the installation, read and write access to already installed files is necessary. Some antivirus programs block this access. We therefore recommend that you disable antivirus programs during installation of the TIA Portal and enable them again afterwards. WinCC Advanced V14 System Manual, 10/2016 117 Installation 4.2 System requirements for installation Compatibility with V12 SP1 and V13 Empty projects from previous versions are installed in the installation directory under .. \<INSTALLDIR>\Sample Projects to allow the current TIA Portal to be opened in compatibility mode. These projects must be copied to a local directory with full access before they can be used. For more information on this, refer to FAQ ID 82169157. FAQs on the TIA Portal FAQs on the TIA Portal are available under FAQs (http://support.automation.siemens.com/ WW/view/en/28919804/133000). 4.2 System requirements for installation 4.2.1 Notes on licenses Availability of licenses The licenses for the products of the TIA Portal are usually supplied on an installation data medium and transferred automatically by the Automation Licence Manager during the installation process of the TIA Portal. Before you uninstall the TIA Portal, you must transfer and back up the licenses still required. Use the Automation License Manager for this purpose. Provision of the Automation License Manager The Automation License Manager is supplied on the installation data medium and is transferred automatically during the installation process. If you uninstall the TIA Portal, the Automation License Manager remains installed on your system. Working with the Automation License Manager The Automation License Manager is a product of Siemens AG, which is used for handling license keys (technical representatives of licenses). Software products that require license keys for operation, such as the TIA Portal, register the need for license keys automatically with the Automation License Manager . If the Automation License Manager finds a valid license key for this software, the software can be used according to the license usage terms associated with this license key. 118 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Note For additional information on how to manage your licenses with the Automation License Manager , refer to the documentation supplied with the Automation License Manager . See also Notes on the system requirements (Page 119) Starting installation (Page 142) Displaying the installed software (Page 144) Modifying or updating installed products (Page 145) Repairing installed products (Page 146) Starting to uninstall (Page 148) Installation log (Page 141) 4.2.2 Notes on the system requirements System requirements for individual products The system requirements may differ depending on the products you want to install. You should therefore check the individual system requirements of your products. If you want to install several products, make sure that your system meets the demands of the product with the highest requirements. Displaying PDF files To be able to read the supplied PDF files, you require a PDF reader that is compatible with PDF 1.7 e.g. Adobe (R) Reader version 9. Displaying the Welcome Tour You need the Adobe (R) Flash Player Version 9 or higher to start the Welcome Tour for the TIA Portal. See also Notes on licenses (Page 118) Starting installation (Page 142) Displaying the installed software (Page 144) WinCC Advanced V14 System Manual, 10/2016 119 Installation 4.2 System requirements for installation Modifying or updating installed products (Page 145) Repairing installed products (Page 146) Starting to uninstall (Page 148) 4.2.3 System requirements STEP 7 Basic 4.2.3.1 Licensing of STEP 7 Introduction You require a License Key to license the following STEP 7 editions: STEP 7 Basic STEP 7 Professional You can install the corresponding License Key when you are installing STEP 7 or transfer it using the Automation License Manager after the installation has been completed. Licenses for STEP 7 The following licenses with the corresponding license keys are available: STEP 7 Basic STEP 7 Professional STEP 7 Professional Combo 120 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Validity of license keys for older versions of STEP 7 With a valid License Key for V13.x of STEP 7 Professional and STEP 7 Professional Combo, you can also operate older versions of STEP 7 without restrictions. The following table provides more detailed information about this: Edition License Valid for STEP 7 Basic V14.x STEP 7 Basic STEP 7 Basic V14.x STEP 7 Basic V13.x STEP 7 Basic V12.x STEP 7 Basic V11.x STEP 7 Basic V10.5 STEP 7 Professional V14.x STEP 7 Professional STEP 7 Professional V14.x STEP 7 Professional V13.x STEP 7 Professional V12.x STEP 7 Professional V11.x STEP 7 Basic V14.x STEP 7 Basic V13.x STEP 7 Basic V12.x STEP 7 Basic V11.x STEP 7 Basic V10.5 STEP 7 Professional V14.x STEP 7 Professional Combo STEP 7 Professional V14.x STEP 7 Professional V13.x STEP 7 Professional V12.x STEP 7 Professional V11.x STEP 7 Basic V14.x STEP 7 Basic V13.x STEP 7 Basic V12.x STEP 7 Basic V11.x STEP 7 Basic V10.5 STEP 7 V5.5 STEP 7 V5.4 STEP 7 Professional 2010 STEP 7 Professional 2006 Starting without a valid license key If you start an edition of STEP 7 without a valid License Key , the system alerts you that you are working in non-licensed mode. You have the one-time option of activating a Trial License. However, this license is valid for a limited period only and expires after 21 days. WinCC Advanced V14 System Manual, 10/2016 121 Installation 4.2 System requirements for installation When the Trial License expires, the following scenarios can occur: STEP 7 has never been licensed on the PC in question: - Operations requiring a license can no longer be performed in STEP 7. STEP 7 was already licensed on the PC in question: - A window requiring acknowledgment presents an alert for non-licensed mode every 10 minutes and for every action requiring a license. License requirements for simulation You do not require additional licenses when you use the menu command "Online > Simulation" to start the simulation in STEP 7. If the following conditions are met, the appropriate licenses for the edition of STEP 7 you have installed are also required for the simulation. The engineering station is connected to a PLC. The connection to the PLC is configured and active. Licenses for the TIA Portal Cloud Connector For working with the TIA Portal Cloud Connector, you need a valid License Key for each device that you specify as "User device" in the TIA Portal Cloud Connector. The License Key is also required if the TIA Portal is installed on this device. A License Key is not required for devices that you are using as "remote device". See also Handling licenses and license keys (Page 122) 4.2.3.2 Handling licenses and license keys Introduction In each case, you require a valid License Key to use STEP 7 Basic and STEP 7 Professional. Installing license keys When you install STEP 7 Basic, the License Key is installed automatically during setup. When you install STEP 7 Professional you will be prompted at the end of the setup to transfer the license from the supplied storage medium to your PC. If you want to install additional License Keys, you have to use the Automation License Manager to do this. 122 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation When you install a license, the associated license key is removed from the license key storage location. NOTICE Destruction of license keys by copying It is not possible to copy a License Key. The copy protection prevents the license keys from being copied. If you attempt to copy a License Key this will be destroyed. Uninstalling license keys License keys are always uninstalled using the Automation License Manager. You uninstall a License Key in the following cases: When backing up data. If you no longer require the license. You can then use a valid license on another PC or HMI device. Data backup When backing up data on the HMI device or creating a backup during device replacement, remove the License Keys on the HMI device. To do this, open the Automation License Manager and back up the uninstalled license key to another storage location. NOTICE Destruction of license keys on PCs Start by removing all license keys in the following situations: Before you format the hard disk. Before you compress the hard disk. Before you restore the hard disk. Before you start an optimization program that moves fixed blocks. Before you install a new operating system. Read the description of Automation License Manager ("Start > Siemens Automation > Documentation"). Observe all warnings and notices. On PC-based HMI devices and on non-PC-based HMI devices where Automation License Manager is used, the license key storage location may contain multiple license keys. This capability means you can store multiple licenses of the same type at one location. Save all license keys of an HMI device to the same storage location. NOTICE Always keep the original storage location of the license keys. WinCC Advanced V14 System Manual, 10/2016 123 Installation 4.2 System requirements for installation Invalid license after time zone change The installed license no longer functions in the following case. If you change the time zone on a PC as follows: From a time based on a complete hour to a time not based on a complete hour. Example: You change the time zone from GMT +3:00 to GMT +3:30. To avoid this inconvenience, uninstall the license key using the Automation License Manager under the time zone setting that was set when the license key was installed. This behavior does not apply to the Trial License. Defective license A license is defective in the following cases: If the license key is no longer accessible at the storage location. If the license key disappears during its transfer to the destination drive. You can use the Automation License Manager to repair the defective license. To do this, use the "Restore" function or the "Restore wizard" of the Automation License Manager. To perform this restore operation you must contact Customer Support. You can find more detailed information on the Internet: http://support.automation.siemens.com (http://support.automation.siemens.com/WW/llisapi.dll?aktprim=99&lang=en&referer= %2fWW %2f&func=cslib.csinfo2&siteid=csius&extranet=standard&viewreg=WW&groupid=4000002) See also Licensing of STEP 7 (Page 120) 4.2.3.3 Software and hardware requirements STEP 7 System requirements for installation The following table shows the minimum software and hardware requirements that have to be met for installation of the "SIMATIC STEP 7 Basic" software package: 124 Hardware/software Requirement Processor Intel(R) CoreTM i3-6100U, 2.30 GHz RAM 4 GB Hard disk S-ATA with at least 8 GB available memory space ** Network From 100 Mbit WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Hardware/software Requirement Screen resolution 1024 x 768 Operating systems * Windows 7 (64-bit) Windows 7 Home Premium SP1 Windows 7 Professional SP1 Windows 7 Enterprise SP1 Windows 7 Ultimate SP1 Windows 8.1 (64-bit) Windows 8.1 Windows 8.1 Professional Windows 8.1 Enterprise Windows Server (64-bit) Windows Server 2012 R2 StdE (full installation) * For more detailed information on operating systems, refer to the help on Microsoft Windows or the Microsoft homepage. ** For operation of SIMATIC STEP 7 Basic we recommend free storage space of at least 20 GB Recommended PC hardware The following table shows the recommended software and hardware for the operation of STEP 7. Hardware/software Requirement Computer SIMATIC FIELD PG M5 Advanced or higher (or comparable PC) Processor Intel(R) CoreTM i5-6440EQ (up to 3.4 GHz) RAM 16 GB or more (32 GB for large projects) Hard disk SSD with at least 50 GB available memory space Network 1 Gbit (for multiuser) Monitor 15.6" Full HD Display (1920 x 1080) Supported virtualization platforms You can install the "SIMATIC STEP 7 Basic" software package on a virtual machine. For this purpose, use one of the following virtualization platforms in the specified version or a newer version: VMware vSphere Hypervisor (ESXi) 5.5 as of Update 2 VMware Workstation 11 VMware Player Pro 7.0 Microsoft Windows Server 2012 R2 Hyper-V WinCC Advanced V14 System Manual, 10/2016 125 Installation 4.2 System requirements for installation These virtualization platforms can use the following operating systems as host operating system: Windows 7 Professional/Ultimate/Enterprise (64-bit) Windows Server 2008 R2 (64-bit) Windows Server 2012 R2 (64-bit) Windows 8.1 Professional/Enterprise (64-bit) Windows 10 Professional/Enterprise (64-bit) You can use the following host operating systems to install "SIMATIC STEP 7 Basic" within the selected virtualization platform: Windows 7 Professional/Ultimate/Enterprise (64-bit) Windows 8.1 Professional/Enterprise (64-bit) Note The same hardware requirements apply to the host operating system as for the respective TIA products. The plant operator must ensure that sufficient system resources are available for the host operating systems. The hardware certified by the manufacturers is recommended for the use of HyperV server and ESXi. When you use Microsoft Hyper-V, accessible stations cannot be displayed. Supported security programs The following security programs are compatible with "SIMATIC STEP 7 Basic": Antivirus programs: - Symantec Endpoint Protection 12.1 - Trend Micro Office Scan Corporate Edition 11.0 - McAfee VirusScan Enterprise 8.8 - Kaspersky Anti-Virus 2016 - Windows Defender (as of Windows 8.1) - Qihoo "360 Safe Guard" 9.7 Encryption software: - Microsoft Bitlocker Host-based Intrusion Detection System: - McAfee Application Control 6.2.0 126 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation 4.2.4 System requirement for WinCC Advanced 4.2.4.1 Software and hardware requirements Introduction Specific requirements for the operating system and software configuration must be met for the installation. Note WinCC is generally authorized for use in a domain or workgroup. However, be aware that domain group policies and restrictions of the domain may hinder the installation. If this happens, remove the computer from the domain prior to installing Microsoft Message Queuing, Microsoft SQL Server and WinCC. Log onto the computer in question locally with administrative rights. Then perform the installation. After successful installation, you can enter the WinCC computer back into the domain. If the domain group policies and restrictions of the domain do not impede the installation, the computer need not be removed from the domain during the installation. Be aware that domain group policies and restrictions of the domain may also hinder operation. If you cannot avoid these restrictions, run the WinCC computer in a workgroup. Consult with the domain administrator if needed. Installation requirements The following table shows the minimum software and hardware requirements that have to be met for the installation of the "SIMATIC WinCC Comfort/Advanced" software package: Hardware/software Requirements Processor type Intel(R) CoreTM i3-6100U 2.30 GHz RAM 4 GB Free hard disk space S-ATA with at least 8 GB available memory space *) Operating systems ** Windows 7 (64 bit) Windows 7 Professional SP1 Windows 7 Enterprise SP1 Windows 7 Ultimate SP1 Windows 8 (64 bit) Windows 8.1 Professional Windows 8.1 Enterprise Windows Server (64 bit) Windows Server 2008 R2 Standard Edition SP1 Windows Server 2012 R2 Standard Edition WinCC Advanced V14 System Manual, 10/2016 Screen resolution 1024 x 768 Network From 100 Mb 127 Installation 4.2 System requirements for installation Hardware/software Requirements Optical drive DVD-ROM Software Microsoft .Net Framework 4.5 ** For operation of SIMATIC WinCC Comfort/Advanced, we recommend free storage space of at least 20 GB. ** For additional information on the operating systems, refer to the Microsoft Windows help or the Microsoft homepage. Simultaneously opening multiple instances of WinCC on a configuration PC can also increase the hardware capacity required. Note "Aero Glass Style" of Microsoft Windows 7 A powerful graphics card is required for "Aero Glass Style". It requires DirectX9 capabilities and 128 MB of dedicated graphics memory. The performance of the architecture of the graphics system can significantly influence the performance of WinCC. Recommended hardware The following table shows the recommended hardware for the operation of SIMATIC WinCC. Hardware Requirements Computer As of SIMATIC FIELD PG M5 Advanced (or comparable PC) Processor As of Intel(R) CoreTM i5-6440EQ (up to 3.4 GHz) RAM 16 GB or more (32 GB for larger projects) Hard disk SSD with at least 50 GB available memory space Monitor 15.6" Full HD Display (1920 x 1080) Network From 1 GB Optical drive DL MULTISTANDARD DVD RW Supported virtualization platforms You can install the "SIMATIC WinCC Comfort/Advanced" software package on a virtual machine. For this purpose, use one of the following virtualization platforms: VMware vSphere Hypervisor (ESXi) 5.5 (as from Update 2) VMware Workstation 11 VMware Player Pro 7.0 Microsoft Windows Server 2012 R2 Hyper-V 128 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation The following operating systems can serve as a host operating system for these virtualization platforms: Windows 7 Professional/Ultimate/Enterprise (64-bit) Windows Server 2008 R2 (64-bit) Windows Server 2012 R2 (64-bit) Windows 8.1 Professional/Enterprise (64-bit) Windows 10 Professional/Enterprise (64-bit) You can use the following guest operating systems to install "SIMATIC WinCC Comfort/ Advanced" on the selected virtualization platform: Windows 7 Professional/Ultimate/Enterprise (64-bit) Windows 8.1 Professional/Enterprise (64-bit) Note The same hardware requirements apply to the guest operating system as to the respective TIA products. The plant operator must provide sufficient system resources for the guest operating systems. The hardware certified by the manufacturers is recommended for the use of HyperV server and ESXi. Supported security programs The following security programs are compatible with "SIMATIC WinCC Comfort/Advanced". Virus scanners: - Symantec Endpoint Protection 12.1 - Trend Micro Office Scan Corporate Edition 11.0 - McAfee VirusScan Enterprise 8.8 - Kaspersky Anti-Virus 2016 - Windows Defender (as of Windows 8.1) - Qioo "360 Safeguard" 9.7 Encryption software: - Microsoft Bitlocker Host-based Intrusion Detection System: - McAfee Application Control 6.2.0 Installing Microsoft .Net Framework The software requires .Net Framework 4.5; it is automatically installed and activated. WinCC Advanced V14 System Manual, 10/2016 129 Installation 4.2 System requirements for installation You will be prompted to install the required .Net Framework version if this cannot be performed by the software package installation. A restart may be necessary after installation of .Net Framework. Security settings during installation When you install WinCC V14, security settings are changed in your operating system. The security settings in question are listed during the installation. You must confirm the changes to the security settings. If you make changes to your operating system after the installation, the changes to the security settings made by the installation of the TIA Portal could be changed. You can restore the changes to the security settings made by the installation of the TIA Portal: "Start > All Programs > Siemens Automation > Security Controller > Restore settings". SQL instance of WinCC V14 If you have installed a WinCC V11 product and you wish to install WinCC V14, you must uninstall the WinCC instance of SQL Server 2005 before the installation. A new WinCC SQL 2008 instance is installed with the installation of WinCC V14. See also Options for WinCC Engineering and Runtime systems (Page 131) Licensing of WinCC Engineering System (Page 133) http://support.microsoft.com/kb/917607 (http://support.microsoft.com/kb/917607) 4.2.4.2 Parallel installation Parallel installations in TIA Portal V14 You will be prevented from starting the TIA Portal if you perform a non-permitted parallel installation of STEP 7 and WinCC. The following parallel installations are permitted in the TIA Portal: STEP 7 V14 and WinCC V14 A dialog opens during installation to inform you of any inconsistencies in your parallel installation. The following parallel installations are permitted: WinCC V14 and RT Advanced V14 WinCC V14 and RT Professional V14 The engineering system and Runtime must always be of the same version after an installation. 130 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Parallel installation of WinCC V14 and other SIMATIC HMI products Parallel installation of WinCC V14 and versions of WinCC flexible earlier than WinCC flexible 2008 SP1 is not allowed. Parallel installation of WinCC V14 with versions of WinCC earlier than WinCC V7.0 SP2 is not allowed. Parallel installation of WinCC V14 with WinCC V7.0 SP2 or WinCC V7.0 SP3 is not allowed for: WinCC V 14 Professional WinCC V 14 Runtime Professional Parallel use If the term "Combo" appears in the name or license key of the software after installation, the use of the following products/versions is permitted in accordance with paragraph 4.3 of the General Terms and Conditions (see also setup text): With the license "WinCC V14 Comfort Combo": WinCC flexible 2008 Standard With the license "WinCC V14 Advanced Combo": WinCC flexible 2008 Advanced 4.2.4.3 Add-ons Options for WinCC Engineering and Runtime systems SIMATIC Panels as well as WinCC Runtime Advanced and WinCC Runtime Professional contain all essential functions for operator control and monitoring of machines or plants. Additional add-ons allow you to extend the functionality in some cases to increase the range of available tasks. Keep in mind that a license may be required to use an add-on. Add-ons for Comfort Panels, Mobile Panels, Multi Panels The following add-ons are available for Comfort Panels, Mobile Panels, and Multi Panels: WinCC SmartServer (remote operation) WinCC Audit (audit trail and electronic signature for regulated applications) SIMATIC ProDiag (machine and plant diagnostics for S7-1500 and SIMATIC HMI) Add-ons for WinCC Runtime Advanced The following add-ons are available for WinCC Runtime Advanced: WinCC Recipes (recipe system) WinCC Logging (logging of process values and alarms) WinCC SmartServer (remote operation) WinCC Audit (audit trail for regulated applications) SIMATIC ProDiag (machine and plant diagnostics for S7-1500 and SIMATIC HMI) WinCC Advanced V14 System Manual, 10/2016 131 Installation 4.2 System requirements for installation Add-ons for WinCC Runtime Professional WinCC Runtime Professional contains the following components, which you can activate with a corresponding license: WinCC Server (supplements WinCC Runtime to include server functionality) WinCC Recipes (recipe system, formerly WinCC /UserArchives) WinCC Logging (logging system, previously WinCC/TagLogging) SIMATIC ProDiag (machine and plant diagnostics for S7-1500 and SIMATIC HMI) You can select and install the following add-ons in the installation dialog: WinCC Client (standard client for building multiple-station systems) WinCC WebNavigator (Web-based operator control and monitoring) WinCC DataMonitor (display and evaluation of process states and historical data) WinCC WebUX (platform and browser-independent operator control and monitoring via the Web) In addition to the Runtime add-ons, you can also expand WinCC Runtime Professional with customized controls. The WinCC ControlDevelopment add-on is required to develop controls. See also Software and hardware requirements (Page 127) Installing and uninstalling options (Page 132) Installing and uninstalling options Introduction Some add-ons are included in standard WinCC installation and are installed automatically. During the installation of WinCC Engineering System, the following add-ons are available for you to select for installation: Simulation for WinCC Runtime Advanced During the installation of WinCC Runtime Advanced, the following add-ons are available for you to select for installation: OPC XML Gateway WinCC Audit Viewer Add-ons for non-PC-based HMI devices The required Runtime add-ons are installed on the HMI device as follows: During the transfer of the project to the HMI device Add-ons that are no longer required are removed automatically. With ProSave 132 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Procedure - activating add-ons To activate an add-on for use, install the appropriate license key using the Automation License Manager. In order to backup the license key of an add-on or use it on a different configuration PC or HMI device, you must uninstall this license key using the Automation License Manager. Note When no valid license key is installed on a PC with WinCC Runtime, Runtime runs in Demo mode. See also Options for WinCC Engineering and Runtime systems (Page 131) 4.2.4.4 Licenses and Powerpacks Licensing of WinCC Engineering System You require a license key for the following: WinCC Engineering System, for example, WinCC Professional Add-ons for WinCC Engineering System You can transfer the license key for WinCC simultaneously with the WinCC installation. You transfer licenses for the WinCC add-ons after installation with the Automation License Manager. Starting without a valid license key If you start WinCC without a valid license, the system alerts you that you are working in nonlicensed mode. You have the one-time option of activating a trial license. The trial license for Engineering editions WinCC Basic, Comfort/Advanced, and Professional expires after 21 days. When the trial license has expired, the following scenarios may occur: WinCC was never licensed on the PC in question. - Operations requiring a license can no longer be performed in WinCC. WinCC was already licensed on the PC in question. - Non-licensed mode is indicated every 10 minutes and at every action requiring a license by a window, which you must acknowledge. License requirements for simulation When you want to start simulation in WinCC using the "Online > Simulation> With tag simulator" menu command, you do not need licenses for WinCC Runtime or for add-ons that require a license. WinCC Advanced V14 System Manual, 10/2016 133 Installation 4.2 System requirements for installation If the following conditions are met, you will need the appropriate licenses for WinCC Runtime and add-ons that require a license even for simulation: The engineering station is connected to a PLC. The connection to the PLC is configured and active. You start the simulation with the "Online > Simulation > Start" menu command. See also Software and hardware requirements (Page 127) Licensing WinCC Runtime on PC-based HMI devices (Page 134) Licensing of HMI devices (Page 136) Working with license keys (Page 137) Powerpack (Page 140) Installing a Powerpack (Page 140) Licensing WinCC Runtime on PC-based HMI devices With PC-based HMI devices, you require a license key for the following: WinCC Runtime with 128 tags, for example. WinCC add-ons You can install the license key for WinCC Runtime during the installation of WinCC. You transfer licenses for the WinCC add-ons after installation with the Automation License Manager. Note Only the Certificate of License for WinCC Runtime V14 authorizes operation of WinCC Runtime V14. The appropriate new license is required to license WinCC Runtime. You can upgrade the Runtime licenses of WinCC flexible 2008 and WinCC V7 with an upgrade to WinCC Runtime V14. Productive operation of the software is only allowed with a valid Certificate of License that matches the version listed on it. Non-licensed mode WinCC Runtime and the Runtime add-ons can be used freely without license. Non-licensed mode is indicated every 10 minutes by a window, which you must acknowledge. See also Licensing of WinCC Engineering System (Page 133) 134 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Validity of licensing for older versions of WinCC Validity of license keys for older versions of WinCC With a valid license key for WinCC Advanced V14.x, you can also operate older versions of WinCC without restrictions. The following table provides more detailed information: WinCC Engineering System Edition License Validity WinCC Basic V14.x WinCC Basic WinCC Basic V11.0 SP2 WinCC Basic V12.0 WinCC Basic V13.0 WinCC Basic V14.0 WinCC Comfort/Advanced V14.x WinCC Comfort WinCC Basic V11.0 SP2 WinCC Comfort V10.5 WinCC Comfort V11.0 WinCC Basic, Comfort V12.0 WinCC Basic, Comfort V13.0 WinCC Basic, Comfort V14.0 WinCC Comfort Combo WinCC flexible Compact, Standard >= 2005 WinCC Basic V11.0 SP2 WinCC Comfort V10.5 WinCC Comfort V11.0 WinCC Basic, Comfort V12.0 WinCC Basic, Comfort V13.0 WinCC Basic, Comfort V14.0 WinCC Advanced WinCC Basic V11.0 SP2 WinCC Comfort, Advanced V10.5 WinCC Comfort, Advanced V11.0 WinCC Basic, Comfort, Advanced V12.0 WinCC Basic, Comfort, Advanced V13.0 WinCC Basic, Comfort, Advanced V14.0 WinCC Advanced Combo WinCC flexible Compact, Standard, Advanced >= 2005 WinCC Basic V11.0 SP2 WinCC Comfort, Advanced V10.5 WinCC Comfort, Advanced V11.0 WinCC Basic, Comfort, Advanced V12.0 WinCC Basic, Comfort, Advanced V13.0 WinCC Basic, Comfort, Advanced V14.0 WinCC Advanced V14 System Manual, 10/2016 135 Installation 4.2 System requirements for installation WinCC Runtime Advanced Edition License Validity WinCC RT Advanced V14.x WinCC RT Advanced (128) WinCC RT Advanced V11.0 WinCC RT Advanced (512) WinCC RT Advanced V12.0 WinCC RT Advanced (2048) WinCC RT Advanced V13.0 WinCC RT Advanced (4096) WinCC RT Advanced (8192) WinCC RT Advanced V14.0 WinCC RT Advanced (16384) Validity of licenses for WinCC options WinCC options generally have version-independent license keys. You can use WinCC options V14.x with V11, V12 and V13 license keys and vice versa. Licensing of HMI devices Non-PC-based HMI devices are always equipped with Runtime licenses. A license key is not required for runtime operation. A license may be required for an add-on for non-PC-based HMI devices. The license key of the respective license always activates one add-on for use. License key In order to license non-PC-based HMI devices with license keys, the "SIMATIC HMI License Manager Panel Plugin" add-on is needed. WinCC Setup installs this add-on by default. You open the License Manager Panel Plugin in the Automation License Manager with the "Edit > Connect Target System > Connect HMI Device" menu command. If WinCC is not installed, an installation of ProSave 7.2 or higher is required. Note Further information on license handling can be found in the Automation License Manager help. Note Verify that the current version of the operating system (or higher) is installed on the HMI device before you start licensing. If necessary, update the operating system using ProSave. Non-licensed mode Runtime add-ons can be used for a short time without restrictions without a valid license. Nonlicensed mode is indicated every 10 minutes by a window, which you must acknowledge. 136 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation See also Licensing of WinCC Engineering System (Page 133) Working with license keys Introduction You transfer a license key to the HMI device in the following cases: To use the WinCC engineering system To operate WinCC Runtime To use add-ons for WinCC Runtime on PC-based HMI devices To use add-ons on non-PC-based HMI devices You transfer a license key from the HMI device in the following cases: When backing up data If you no longer require the license You can then use this license on another PC or HMI device. When you transfer a license to an HMI device, the associated license key is removed from the license key storage location. Note A license key cannot be copied. The copy protection employed prevents the license keys from being copied. Data backup You transfer the license keys from the HMI device for data backup on the HMI device or as a backup for device replacement. WinCC Advanced V14 System Manual, 10/2016 137 Installation 4.2 System requirements for installation You use the Automation License Manager to back up license keys from an HMI device to the storage area of the license keys. NOTICE Destruction of license keys on non-PC-based HMI devices License keys transferred as a result of backup/restore operations are destroyed in the case of the following HMI devices: 270 series 370 series Carry out the following before beginning restoring: Use the Automation License Manager and ProSave to check whether license keys are on the HMI device. Transfer the license keys present from the HMI device After restoring has been carried out, transfer the license keys back to the HMI device. Note Destruction of license keys on PCs Transfer all license keys to a storage location in the following cases: Before you format the hard disk Before you compress the hard disk Before you restore the hard disk Starting an optimization program that moves fixed blocks Installing a new operating system Read the description of Automation License Manager ("Start > Simatic Automation > Documentation"). Observe all warnings and notices. The license key storage location on PC-based HMI devices and on non-PC-based HMI devices where Automation License Manager is used may contain multiple license keys. This capability means you can store multiple licenses of the same type at one location. For the backup, use a single storage location for all license keys present on an HMI device. Note Always keep the original storage location of the license keys. Invalid license after time zone change The transferred license no longer functions in the following case. If you change the time zone on a WinCC PC as follows: - From a time based on a complete hour to a time not based on a complete hour. Example: You change the time zone from GMT +3:00 to GMT +3:30. To work around this, transfer the license key from the HMI device with a time zone setting that was set when the license key was transferred to the HMI device. 138 WinCC Advanced V14 System Manual, 10/2016 Installation 4.2 System requirements for installation Example: You transferred the license key with a time zone setting based on a full hour. Then, also transfer the license key to a storage location with a time zone setting based on a full hour. This behavior does not apply to the trial license. Defective license A license is defective in the following cases: If the license key is no longer accessible at the storage area. If the license key disappears during its transfer to the destination drive. Note Resetting of the system date to an earlier time causes all licenses to be become defective. You can use the Automation License Manager to repair the defective license. Use the "Restore" function or the "Restore Wizard" of the Automation License Manager for this purpose. You must contact Customer Support in order to restore the license. For additional information see: http://support.automation.siemens.com (http://support.automation.siemens.com) Note The Runtime software can also be operated without errors if the license is missing or defective. The system alerts you at brief intervals that you are working in non-licensed mode. Note If you start the WinCC Engineering System without a valid license key, the system alerts you that you are working in non-licensed mode. You have the one-time option of activating a trial license. The trial license expires after 21 days. When the trial license has expired, the following scenarios may occur: WinCC was never licensed on the PC in question. WinCC can no longer be started. WinCC was already licensed on the PC in question. WinCC can be started. Non-licensed mode is indicated every 10 minutes by a window, which you must acknowledge. See also Licensing of WinCC Engineering System (Page 133) WinCC Advanced V14 System Manual, 10/2016 139 Installation 4.2 System requirements for installation Powerpack Introduction The following upgrades are possible with a Powerpack: From a smaller to a larger edition of WinCC Engineering System To a runtime system with a larger tag volume A Powerpack also includes a special license that you can use at any time to activate a higher level of WinCC for use. Engineering system You own WinCC Comfort, for example. You can use the "SIMATIC WinCC Advanced Powerpack WinCC Comfort -> WinCC Advanced V14" Powerpack to activate WinCC Advanced for use. Runtime You own WinCC Runtime Advanced with 128 tags, for example. You use the "SIMATIC WinCC Runtime Advanced Powerpack 128 PowerTags -> 512 PowerTags V14" Powerpack to increase the configuration limits from 128 to 512 tags. You own WinCC Runtime Advanced with 128 tags, for example. You use the "SIMATIC WinCC Runtime Professional Powerpack Runtime Advanced 128 PowerTags -> Runtime Professional 128 PowerTags V14" Powerpack to activate WinCC Runtime Professional with 128 tags for use. See also Licensing of WinCC Engineering System (Page 133) Installing a Powerpack Introduction Install a Powerpack by transferring the corresponding license key. The Powerpack license key replaces the license key of an existing installation. Requirement The conditions described in the "System requirements" section must be fulfilled. The license key for the license for which you have purchased a Powerpack is available on the PC. 140 WinCC Advanced V14 System Manual, 10/2016 Installation 4.3 Installation log Installing a Powerpack 1. Open the Automation License Manager. 2. Select the license key. 3. Select "License Key > Upgrade" in the menu. Result The Powerpack license key replaces the former license key. You cannot reverse this process. See also Licensing of WinCC Engineering System (Page 133) 4.3 Installation log Function of the installation log The progress during the following installation processes is logged in a file: Installing products Modifying or updating already installed products Repairing an existing installation Uninstalling products If errors occur during the installation process or warnings are issued, these can be evaluated with the help of the log file. You can do this yourself or contact product support. Installation logs storage location The log file is the most recent file with the file extension ".log" and the name of which that starts with "SIA". The location of the log file is stored in the environment variable "%autinstlog%". You can enter this environment variable in the address bar of Windows Explorer to open the folder with the log files. Alternatively, you can navigate to the corresponding directory by entering "CD %autinstlog%" in the command line. The storage location is dependent on the operating system, e.g. "C:\ProgramData\Siemens \Automation\Logfiles\Setup" in English-language Windows. WinCC Advanced V14 System Manual, 10/2016 141 Installation 4.4 Starting installation Setup_Report (CAB file) To make it easier to provide Product Support with all necessary files, an archive file that contains the installation log and all other required files is saved in CAB format. This log can be found at "%autinstlog%\Reports\Setup_report.cab". Send this CAB file to Product Support if you need assistance with installation. With this information, Product Support can determine whether the installation was executed properly. CAB files that were generated during earlier installation processes are saved with a date ID in the "Reports" directory. See also Notes on licenses (Page 118) Starting installation (Page 142) Checking availability of updates and support packages and installing them (Page 150) Displaying the installed software (Page 144) Modifying or updating installed products (Page 145) Repairing installed products (Page 146) Starting to uninstall (Page 148) 4.4 Starting installation Introduction Software packages are installed automatically by the setup program. The setup program starts once the installation medium has been inserted in the drive. Requirement Hardware and software of the programming device or PC meet the system requirements. You have administrator privileges on your computer. All running programs are closed. Procedure To install the software packages, follow these steps: 1. Insert the installation medium in the relevant drive. The setup program starts automatically unless you have disabled Autostart on the programming device or PC. 2. If the setup program does not start up automatically, start it manually by double-clicking the "Start.exe" file. The dialog for selecting the setup language opens. 3. Choose the language in which you want the setup program dialogs to be displayed. 142 WinCC Advanced V14 System Manual, 10/2016 Installation 4.4 Starting installation 4. To read the information on the product and installation, click the "Read Notes" or "Installation Notes" button. The help file containing the notes opens. 5. Once you have read the notes, close the help file and click the "Next" button. The dialog for selecting the product languages opens. 6. Select the languages for the product user interface, and click the "Next" button. Note "English" is always installed as the basic product language. The dialog for selecting the product configuration opens. 7. Select the products you want to install: - If you wish to install the program in a minimal configuration, click on the "Minimal" button. - If you wish to install the program in a typical configuration, click on the "Typical" button. - If you wish to personally select the products to be installed, click on the "User-defined" button. Then select the check boxes for the products you wish to install. 8. If you want to create a shortcut on the desktop, select the "Create desktop shortcut" check box. 9. Click the "Browse" button if you want to change the target directory for the installation. Note that the length of the installation path must not exceed 89 characters. 10.Click the "Next" button. The dialog for the license terms opens. 11.To continue the installation, read and accept all license agreements and click "Next". If changes to the security and permission settings are required in order to install the TIA Portal, the security settings dialog opens. 12.To continue the installation, accept the changes to the security and permissions settings, and click the "Next" button. The next dialog displays an overview of the installation settings. 13.Check the selected installation settings. If you want to make any changes, click the "Back" button until you reach the point in the dialog where you want to make changes. Once you have completed the desired changes, return to the overview by clicking on "Next". 14.Click the "Install" button. Installation is started. Note If no license key is found during installation, you have the chance to transfer it to your PC. If you skip the license transfer, you can register it later with the Automation License Manager. Following installation, you will receive a message indicating whether the installation was successful. 15.It may be necessary to restart the computer. If this is the case, select the "Yes, restart my computer now." option button. Then click "Restart". 16.If the computer does not reboot, click "Exit". WinCC Advanced V14 System Manual, 10/2016 143 Installation 4.5 Displaying the installed software Result The TIA Portal along with the products and licenses you have ordered and the Automation License Manager have been installed on your computer. See also Installation log (Page 141) Notes on the system requirements (Page 119) Notes on licenses (Page 118) Displaying the installed software (Page 144) Modifying or updating installed products (Page 145) Repairing installed products (Page 146) Starting to uninstall (Page 148) 4.5 Displaying the installed software You can find out which software is installed at any time. In addition, you can display more information on the installed software. Procedure To display an overview of the software installed, follow these steps: 1. Click "Installed software" in the "Help" menu. The "Installed software" dialog opens. You will see the installed software products in the dialog. Expand the entries to see which version is installed in each case. 2. If you would like to display additional information on the installed automation software, click the link on the "Detailed information about installed software" dialog. The "Detailed information" dialog opens. 3. Chose the topic you want more information about in the area navigation. See also Notes on the system requirements (Page 119) Notes on licenses (Page 118) Starting installation (Page 142) Modifying or updating installed products (Page 145) Repairing installed products (Page 146) Starting to uninstall (Page 148) Installation log (Page 141) 144 WinCC Advanced V14 System Manual, 10/2016 Installation 4.6 Modifying or updating installed products 4.6 Modifying or updating installed products You have the option to modify installed products using the setup program or to update to a new version. Blocks with know-how protection from earlier versions of the TIA Portal are not automatically upgraded with the project. Remove the know-how protection of the blocks before you update the TIA Portal. Then set up the know-how protection with the current version of TIA Portal. For more detailed information, refer to the information system. Requirement Hardware and software of the programming device or PC meet the system requirements. You have administrator privileges on your computer. All running programs are closed. Procedure To modify or update installed products, follow these steps: 1. Insert the installation medium in the relevant drive. The setup program starts automatically unless you have disabled Autostart on the programming device or PC. 2. If the setup program does not start up automatically, start it manually by double-clicking the "Start.exe" file. The dialog for selecting the setup language opens. 3. Choose the language in which you want the setup program dialogs to be displayed. 4. To read the information on the product and installation, click the "Read Notes" or "Installation Notes" button. The help file containing the notes opens. 5. Once you have read the notes, close the help file and click the "Next" button. The dialog for selecting the installation variant opens. 6. Select the "Modify/Upgrade" option button and click the "Next" button. The dialog for selecting the product languages opens. 7. Select the check boxes of the product languages that you want to install. You can remove previously installed product languages by clearing the corresponding check boxes. Note Note that the product language "English" cannot be removed. 8. Click the "Next" button. The dialog for selecting the product configuration opens. 9. Select the check boxes of the components that you want to install. You can remove previously installed components by clearing the corresponding check boxes. WinCC Advanced V14 System Manual, 10/2016 145 Installation 4.7 Repairing installed products 10.Click the "Next" button. Note Note that you cannot change the target directory because the existing installation is being modified. If changes to the security and permission settings are required in order to install the TIA Portal, the security settings dialog opens. 11.To continue the installation, accept the changes to the security and permissions settings, and click the "Next" button. The next dialog displays an overview of the installation settings. 12.Click the "Modify" button. This starts the installation of the additional components. Note Following installation, you will receive a message indicating whether the existing installation was successfully changed. 13.It may be necessary to restart the computer. If this is the case, select the "Yes, restart my computer now." option button. Then click "Restart". 14.If the computer does not reboot, click "Exit". Result The existing installation has been modified on your computer. See also Notes on the system requirements (Page 119) Notes on licenses (Page 118) Starting installation (Page 142) Displaying the installed software (Page 144) Repairing installed products (Page 146) Starting to uninstall (Page 148) Installation log (Page 141) 4.7 Repairing installed products You have the option to repair installed products by completely reinstalling them using the setup program. 146 WinCC Advanced V14 System Manual, 10/2016 Installation 4.7 Repairing installed products Requirement Hardware and software of the programming device or PC meet the system requirements. You have administrator privileges on your computer. All running programs are closed. Procedure To repair installed products, follow these steps: 1. Insert the installation medium in the relevant drive. The setup program starts automatically unless you have disabled Autostart on the programming device or PC. 2. If the setup program does not start up automatically, start it manually by double-clicking the "Start.exe" file. The dialog for selecting the setup language opens. 3. Choose the language in which you want the setup program dialogs to be displayed. 4. To read the information on the product and installation, click the "Read Notes" or "Installation Notes" button. The help file containing the notes opens. 5. Once you have read the notes, close the help file and click the "Next" button. The dialog for selecting the installation variant opens. 6. Select the "Repair" option button, and click the "Next" button. The next dialog displays an overview of the installation settings. 7. Click the "Repair" button. This starts the repair of the existing installation. Note Following installation, you will receive a message indicating whether the existing installation was successfully repaired. 8. It may be necessary to restart the computer. If this is the case, select the "Yes, restart my computer now." option button. Then click "Restart". 9. If the computer does not reboot, click "Exit". Result The installed products have been reinstalled. See also Notes on the system requirements (Page 119) Notes on licenses (Page 118) Starting installation (Page 142) Displaying the installed software (Page 144) WinCC Advanced V14 System Manual, 10/2016 147 Installation 4.8 Starting to uninstall Modifying or updating installed products (Page 145) Starting to uninstall (Page 148) Installation log (Page 141) 4.8 Starting to uninstall Introduction Software packages are removed automatically by the setup program. Once started, the setup program guides you step-by-step through the entire removal procedure. You have two options for removing: Removing selected components via the Control Panel Removing a product using the installation medium Note The Automation License Manager will not be removed automatically when you remove the software packages, because it is used for the administration of several license keys for products supplied by Siemens AG. Removing selected components via the Control Panel To remove selected software packages, follow these steps: 1. Open the Control Panel with "Start > Control Panel". 2. Click "Programs and Features". The "Uninstall or change a program" dialog opens. 3. Select the software package to be removed and click the "Uninstall" button. The dialog for selecting the setup language opens. 4. Select the language in which you want the dialogs of the setup program to be displayed and click "Next". The dialog for selecting the products you want to remove opens. 5. Select the check boxes for the products that you want to remove and click "Next". The next dialog displays an overview of the installation settings. 6. Check the list with the products to be removed. If you want to make any changes, click the "Back" button. 7. Click the "Uninstall" button. Removal begins. 8. It may be necessary to restart the computer. If this is the case, select the "Yes, restart my computer now." option button. Then click "Restart". 9. If the computer does not reboot, click "Exit". 148 WinCC Advanced V14 System Manual, 10/2016 Installation 4.8 Starting to uninstall Removing a product using the installation medium To remove all software packages, follow these steps: 1. Insert the installation medium in the relevant drive. The setup program starts automatically unless you have disabled Autostart on the programming device or PC. 2. If the setup program does not start up automatically, start it manually by double-clicking the "Start.exe" file. The dialog for selecting the setup language opens. 3. Select the language in which you want the setup program dialogs to be displayed. 4. To read the information on the product and installation, click "Read product information" or "Read installation notes". The help file containing the notes opens. 5. Once you have read the notes, close the help file and click the "Next" button. The dialog for selecting the installation variant opens. 6. Select the "Uninstall" option button and click the "Next" button. The next dialog displays an overview of the installation settings. 7. Click the "Uninstall" button. Removal begins. 8. It may be necessary to restart the computer. If this is the case, select the "Yes, restart my computer now." option button. Then click "Restart". 9. If the computer does not reboot, click "Exit". See also Installation log (Page 141) Notes on the system requirements (Page 119) Notes on licenses (Page 118) Starting installation (Page 142) Displaying the installed software (Page 144) Modifying or updating installed products (Page 145) Repairing installed products (Page 146) WinCC Advanced V14 System Manual, 10/2016 149 Installation 4.9 Installing updates and support packages 4.9 Installing updates and support packages 4.9.1 Checking availability of updates and support packages and installing them By default, the TIA Portal checks automatically if new software updates or support packages are available, for example, Hardware Support Packages (HSPs). The automatic search for updates takes place after each computer restart and then cyclically every 24 hours. You can also deactivate the automatic search at any time or reactivate it. You can also search for updates manually. If updates are found, you can download and install them. Note Updates and support packages from TIA Portal V13 or higher are supported. Deactivate or activate automatic search for software updates To deactivate or reactivate the automatic search for software updates, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General > Software Updates" group in the area navigation. 3. Deselect the "Look for updates daily" check box if you want to deactivate the automatic search for software updates. 4. Select the "Look for updates daily" check box if you want to reactivate the automatic search for software updates. Manually searching for software updates If you want to search for software updates manually, follow these steps: 1. Click "Installed software" in the "Help" menu. The "Installed software" dialog opens. 2. Click "Look for updates". The "TIA Updater" opens and the available updates are displayed. Or: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General > Software Updates" group in the area navigation. 3. Click "Search for updates now". The "TIA Updater" opens and the available updates are displayed. 150 WinCC Advanced V14 System Manual, 10/2016 Installation 4.9 Installing updates and support packages Or: 1. Open the TIA Updater with "Start > All Programs > Siemens Automation > Totally Integrated Automation UPDATER". 2. Click "Look for updates". The available updates are displayed. Setting the server You must set the corresponding server depending on whether you want to download updates and/or support packages from the TIA Automation Update Server or from a company-internal server. To do this, follow these steps: 1. Open the TIA Updater. 2. Click "Settings" and select the "TIA Automation Software Update Server" option in the dialog that appears in the "Server used to check for updates" area. The software searches for available updates on the server of the manufacturer. Or: 1. Open the TIA Updater. 2. Click "Settings" and select the "User-defined server" option in the dialog that appears in the "Server used to check for updates" area. 3. Enter the server URL which you received from your administrator. The software searches on your company's server for available updates. You can set a different server on which the updates are to be searched for at any time. However, changing this setting is blocked during a download process. After switching the server, all downloaded updates and support packages are displayed, even if they are not available on the currently set server. WinCC Advanced V14 System Manual, 10/2016 151 Installation 4.9 Installing updates and support packages Download and install software updates To download and install available software updates and support packages, follow these steps: 1. If the TIA Updater is not displayed, open it in one of these ways: - If the automatic search has found updates, you receive a message in the information area of the Windows taskbar and the icon for the TIA Update is displayed in the information area. Click either the message or the icon to open the TIA Updater. - Click "Installed software" in the "Help" menu and then "Look for updates". - In the Windows Start menu, click "Start > All Programs > Siemens Automation > Automation Software Updater". 2. Click "Download" in the line of the update or support package that you want to install. The update or support package is downloaded. The associated "Install" button becomes active as soon as the download process has been completed. Note Please note the following: 1. You can initiate multiple download processes simultaneously. 2. You can log off or also shut down the computer while the download process is running. In such cases, the download process continues in the background as soon as you log on again. 3. In some cases, a link to an external web page is displayed instead of the "Download" button. In this case, download the software update from this site and install it manually. 3. Close the TIA Portal if it is still open. 4. In the TIA Updater, click the "Install" button of the software package you want to install. The installation dialog appears. Note Please note the following: 1. It is not possible to install multiple updates simultaneously. 2. Do not log off during an installation and do not shut down the computer. This avoids inconsistent versions of the software on your computer. 5. Click "Next". The selected product is installed. 152 WinCC Advanced V14 System Manual, 10/2016 Installation 4.9 Installing updates and support packages Alternative procedures for the installation of support packages Another procedure is available for the installation of a support package. To do this, follow these steps: 1. Click "Support packages" in the "Options" menu of the TIA Portal. The "Detailed information" dialog opens. A table lists all support packages from the directory that you selected as the storage location for support packages in the settings. 2. If you want to install a support package that is not in the list, you have the following options: - If the support package is already on your computer, you can add it to the list by selecting "Add from file system". - If you add a support package from the "Service & Support" page on the Internet, first you download it by selecting "Download from the Internet". Then you can add it from the file system. 3. Select the support package that you want to install. 4. Click "Install". 5. Close and then restart the TIA Portal. See also Installation log (Page 141) 4.9.2 Providing updates on a company-internal server Introduction Using the TIA Updater Corporate Configuration Tool, you can configure a company-internal server on which the available updates/support packages are stored and can be made available to the users. Requirement You must have administrator rights. WinCC Advanced V14 System Manual, 10/2016 153 Installation 4.9 Installing updates and support packages Adding updates from the TIA Automation Software Update Server To add updates from the TIA Automation Software Update Server, follow these steps: 1. Open the TIA Updater Corporate Configuration Tool. The available updates are displayed. 2. Click the "Add update" button and select the "Add TIA Automation Software Update Server" check box in the dialog that appears. 3. In the dialog "Add update from TIA Automation Software Update Server", select the required updates (software and support packages) and click "Add". If updates are already located on the company-internal server, these are grayed out. You cannot load them again. During the download process, the status and the remaining time is displayed in the dialog. Canceling the download process To cancel the process, follow these steps: 1. Click the "Cancel download" button. 2. Click "Yes" to confirm the dialog that appears. The download of the update is cancelled and it is deleted from the list. Deleting updates from the company-internal server To delete updates, follow these steps: 1. Select the required updates and click the "Remove" button. 2. Click "Yes" to confirm the dialog that appears. The selected updates have been deleted from the list. Server options In the dialog "TIA Automation Software Update Server", click "Settings" to determine the following: 1. Under "Server path", specify the folder in which the downloads are to be saved. You can select either a local drive or a network drive. Note When you work directly on the server, the target directory is a equivalent to the provision directory on the server. All changes are applied directly. This procedure is not recommended, as conflicts can occur with active downloads. We recommend that you work on another computer; the target directory can be any directory. The content of this directory must then still be copied to the provision directory. Here, also, make sure that no conflicts occur with active downloads. 2. Select the check box "Always run server in background (icon is shown in the taskbar)", if the server is to always run in the background. 3. Confirm your entries with "OK". 154 WinCC Advanced V14 System Manual, 10/2016 Installation 4.9 Installing updates and support packages 4.9.3 Configuring a company-internal server for updates Introduction To provide available updates and support packages to users from a central location, you must configure a company-internal server. Use the Microsoft Server Manager to do this. The procedure for creating and configuring the server with the Microsoft Server 2008 R2 operating system is described below. Note Please note that the structure of the start menu and the storage location of the programs may vary depending on the different operating systems. For more detailed information on operating the Server Manager, refer to the Microsoft help. Requirement You must have administrator rights. Install Web server role (IIS) To install the required Web server role, follow these steps: 1. Open the start menu by clicking the command "Start" > "All programs" > "Administration" and select the "Server Manager". 2. Click "Add roles" under "Role overview". 3. Use the "Add roles" wizard to add the Web server roles. Before the wizard starts, it is verified that a complex password has been assigned to the administrator, that the network settings have been configured accordingly and that the latest Windows security updates have been installed. 4. Note the pre-selected role services that are installed by default, and then select the additional role service ASP.NET. 5. Select the required features and click "Next". 6. To complete the installation, click "Close". The Web server role has been added. Create website 1. Click "Roles > Web Server (IIS) > Internet Information Services (IIS) Manager". 2. In the "Bindings" area, right-click "Sites" and then click "Add website". 3. In the "Add website" dialog box, enter a display name for the website in the "Website name" field, for example "TIAPortalUpdates". 4. In the "Physical path" field, enter the physical path of the folder in which the website is located or click the button to browse (...), in order to search for the folder in the file system. 5. Click "OK". WinCC Advanced V14 System Manual, 10/2016 155 Installation 4.9 Installing updates and support packages Check website 1. In the area "Connections > Sites", select the website you created. Activate the "Browse directory" entry in the "Features" view. 2. To check whether the website is displayed with content, select the menu command "Manage website > Browse". The updates available in the virtual directory are now displayed in the dialog that appears. Add MIME type 1. Double-click "MIME type" in the "Features" view. 2. Click "Add" in the "Actions" area. 3. Enter .* in the "File name extension" text field in the "Add MIME type" dialog. 4. Enter a MIME type in the "MIME type" text field. For example, enter "all/files". 5. Click "OK". Add BITS-IIS server extension 1. Click "Server Manager" in the tree view. 2. In the "Feature overview" section, click "Add features". 3. In the wizard for adding features, select the options "Background Intelligent Transfer Service (BITS)" and "IIS server extension". 4. Follow the instructions of the wizard, which may also include installing the required software. Activate BITS-IIS server extension 1. Switch to the virtual directory in the IIS Manager. 2. Double-click "BITS-Uploads" in the Features view of the virtual directory. 3. Select the "Allow clients to upload files" check box and click "Apply". Create a self-signed server certificate 1. In the "Connections" area, navigate to the level which you want to manage. 2. Double-click "Server Certificates" in the "Features" view. 3. Click "Create Self-Signed Certificate" in the "Actions" area. 4. In the "Create Self-Signed certificate" dialog, enter a display name for the certificate in the "Specify a friendly name for the certificate" field and click "OK". Create SSL binding 1. Expand the "Sites" entry in the "Connections" area, and then click the site to which you want to add a binding. 2. Click "Bindings" in the "Actions" area. 156 WinCC Advanced V14 System Manual, 10/2016 Installation 4.9 Installing updates and support packages 3. In the "Site Bindings" dialog, click "Add". 4. In the "Add Site Binding" dialog, select the certificate you created under "Type" "https" and under "SSL certificate" and then click "OK". Verify SSL binding 1. In the "Actions" area, click the previously created binding under "Browse website". An error page is opened in Internet Explorer, because the self-signed certificate was created by your computer. 2. Click "Continue to this website (not recommended)". This message is no longer displayed when you add the certificate to the "Trusted Root Certification Authorities" certificate memory. Configure SSL settings 1. Double-click "SSL settings" in the "Features" view. 2. Use one of the following procedures in the "Client certificates" area of the "SSL Settings" dialog: - Select "Ignore" if no client certificates are to be accepted even if a client has a certificate. - Select "Accept" if client certificates are to be accepted. - Select "Require" if client certificates are to be required. The "Require SSL" option must be activated to allow the "Require client certificates" option to be used. 3. Click "Apply" in the "Actions" area. Distributing updates to different areas It may be the case that different departments need different updates or support packages. In this situation, we recommend operating multiple servers which offer different updates and support packages. Proceed as follows: 1. Set up different company-internal servers as described above. or 1. Install the Web server role. 2. Set up multiple websites. Make sure that you assign unique names for these websites and the physical paths so that there will be no confusion. 3. Set the features described above for the Web server or the websites. You can now store the required updates and support packages for the different departments in the defined directories. WinCC Advanced V14 System Manual, 10/2016 157 Installation 4.10 Installing and uninstalling the migration tool 4.10 Installing and uninstalling the migration tool 4.10.1 System requirements System requirements for the migration tool The following system requirements apply to the use of the migration tool: All products used to create the source project must be installed. The following products are supported: - STEP 7 V5.5 SP3 - WinCC V7.3 with the latest updates - WinCC flexible 2008 SP3 - Integrated projects from STEP 7 V5.5 and the WinCC products listed above - STEP 7 Distributed Safety V5.4 - SINUMERIK STARTER and Startdrives - SIMOTION SCOUT V4.4 You need the SCOUT Migration Tool PlugIn V4.4 to migrate SIMOTION SCOUT V4.4 projects. All optional packages needed to process the STEP 7 project are installed. For example, all HSPs for the devices used in the source project are required. 4.10.2 Installing the migration tool Distribution of the migration tool You can find the migration tool in the "Support" directory on the installation DVD of the TIA Portal. Alternatively, it is available for download from the Siemens Industry Online Support. For some products, (such as SIMATIC Failsafe or SIMOTION) additional plug-ins are required for the migration tool. These plug-ins can also be downloaded from the Siemens Industry Online Support or installed from the installation DVD of the specific products. Normally, the migration tool is installed without the TIA Portal. Because the TIA Portal has its own integrated migration function, a separate installation of the migration tool is not necessary. 158 WinCC Advanced V14 System Manual, 10/2016 Installation 4.10 Installing and uninstalling the migration tool Procedure To install the migration tool, proceed as follows: 1. Download the installation file from the Siemens Industry Online Support, or use the installation file from the "Support" directory of the installation DVD of the TIA Portal to perform the installation. 2. Run the installation file. The setup program for the migration tool will open. 3. First, select the language in which the setup should be displayed and click the "Next" button. The page for selecting the software language is displayed. 4. Since the migration tool is provided exclusively in English, you cannot choose any other language for the installation. Therefore, click "Next" to proceed to the next step. The page for selecting the product is displayed. 5. The migration tool consists solely of a software component. Therefore, the migration tool is already selected. To create a Desktop icon for starting the migration tool, select the check box "Create Desktop icon". Then click the "Next" button. The page for confirming the licensing terms is shown. 6. Click on an entry in the list of license terms to read the selected license term. If you agree with all license terms, select the check box "I accept the terms of the displayed license agreement". Then click the "Next" button. An overview of the installation is displayed. 7. Click the "Install" button. The installation is performed with the displayed settings. 4.10.3 Uninstalling the migration tool The migration tool can be removed using the Control Panel. Procedure To remove the migration tool, follow these steps: 1. Open the Control Panel. 2. Double click on "Add or Remove Programs" in the Control Panel. The "Add or Remove Programs" dialog opens. 3. Select the entry for the migration tool in the "Add or Remove Programs" dialog, and click the "Remove" button. A security prompt appears. 4. Click the "Uninstall" button to confirm this prompt. The migration tool will be removed. WinCC Advanced V14 System Manual, 10/2016 159 Installation 4.11 Installing and uninstalling the multiuser server 4.11 Installing and uninstalling the multiuser server 4.11.1 Notes on the installation of the multiuser server Introduction Installation of the multiuser server gives you access to the Multiuser Engineering functionality that is available with TIA Portal V14. You can install the multiuser server as follows: Together with the installation of the TIA Portal. As standalone installation by means of a separate installation process without TIA Portal. Note Administrator rights are required for the server installation. Installation of the multiuser server with the TIA Portal The multiuser server is installed together with the following TIA Portal products: SIMATIC STEP 7 Basic V14.0 SIMATIC STEP 7 Professional V14.0 SIMATIC WinCC Basic V14.0 SIMATIC WinCC Comfort/Advanced V14.0 SIMATIC WinCC Professional V14.0 The multiuser server is usually activated in the product selection by default and is then installed with the TIA Portal. Check the settings during installation of the TIA Portal. You can find the specific default settings for the multiuser server during setup when selecting the product in the directory "Tools". By selecting or clearing the options, you can specify if the multiuser server is to be installed along with the TIA Portal or not. Installation of the multiuser server as standalone installation The installation of the multiuser server can also be a standalone installation. A description of automated installation is also available on the product DVD in the directory "Documents\Readme\<language directory>". Identical TIA Portal versions during installation When installing different TIA Portal products on various clients, make sure that all participants use the same versions of software products for the installation. 160 WinCC Advanced V14 System Manual, 10/2016 Installation 4.11 Installing and uninstalling the multiuser server For example, if you have installed STEP 7 Professional, WinCC Advanced and Safety as well as the multiuser server with version V14.0, all other Team Engineering participants must also have installed this software in identical versions. The service packs and updates must be installed for all products at the same time. Installation path Do not use any UNICODE characters (for example, Chinese characters) in the installation path. Antivirus programs During the installation, read and write access to installed files is necessary. Some antivirus programs block this access. We therefore recommend that you disable antivirus programs during the installation of the multiuser server and enable them again afterwards. 4.11.2 Installing the multiuser server Introduction The multiuser server V14 can be installed as part of the TIA Portal V14 installation or as standalone product. A description of automated installation is also available on the product DVD in the directory "Documents\Readme\<language directory>". Installation rules Multiple versions of the multiuser server can be installed on a computer, but only one version of the multiuser server can be run with the corresponding version of the TIA Portal. Example: The multiuser server V14.0 can only be run with TIA Portal V14.0. Requirements for installation The same requirements apply to the installation of the multiuser server V14.0 as for the installation of the TIA Portal V14.0. For more details, see: AUTOHOTSPOT Installing the multiuser server with the TIA Portal Follow these steps for installation: 1. Note the requirements for the installation of the selected software package. 2. Start the setup program of the required product by inserting the installation medium into the respective drive. WinCC Advanced V14 System Manual, 10/2016 161 Installation 4.11 Installing and uninstalling the multiuser server 3. Select the preferred settings and click the "Install" button. 4. Make sure that the multiuser server is selected in the product selection and observe the notes in the setup dialogs. Result The multiuser server is installed on your computer together with the TIA Portal. Installing the multiuser server as standalone product Follow these steps for installation: 1. Note the requirements for the installation of the multiuser server. 2. Start setup for the standalone installation of the multiuser server with a double-click on the self-extracting .exe file "TIA_Portal_Multiuser_Server_V14.exe". You can find these files in the directory "Support" on the corresponding product DVD. 3. Select the preferred settings and click the "Install" button. 4. Follow the instructions in the setup dialogs. Result The multiuser server is installed on your computer. 4.11.3 Uninstalling the multiuser server Introduction You can use the Control Panel to remove the multiuser server. Requirements for removal There is a multiuser server installed on your computer. Uninstalling the multiuser server Proceed as follows for removal: 1. Open the Control Panel. 2. Click on "Uninstall a program" in the Control Panel. The "Uninstall or change a program" dialog opens. 3. Right-click the entry for the "Multiuser server" in the "Uninstall or change a program" dialog, and click "Uninstall". A security prompt appears. 4. Click "Yes" to confirm this prompt. 162 WinCC Advanced V14 System Manual, 10/2016 Installation 4.11 Installing and uninstalling the multiuser server Result The multiuser server is removed from your computer. WinCC Advanced V14 System Manual, 10/2016 163 Installation 4.11 Installing and uninstalling the multiuser server 164 WinCC Advanced V14 System Manual, 10/2016 5 Migrating projects and programs 5.1 Overview of Migration Options Migration paths If you want to continue to use existing projects or programs with the latest version of the TIA Portal and the S7-1500, you have several options for migrating projects. The following graphic provides an overview of the migration options: 0LJUDWH3/& SURJUDPWR 6 0LJUDWHSURMHFW 6 6 6 6 6 Migrating projects to the TIA Portal You use the "Migrate project" function to migrate projects that were created outside of the TIA Portal with STEP 7, WinCC, WinCC flexible, or SINUMERIK. The result of the project migration is a TIA Portal project that you can use with your existing S7-300/400 series hardware and existing HMI devices. Migrating PLC programs from S7-300/400 to S7-1500 To migrate a PLC program within the TIA Portal from an S7-300/400 series device to an S7-1500, you use the PLC migration. The result of the PLC migration is an executable PLC program that is automatically adapted to the new system architecture of the S7-1500 as far as possible. WinCC Advanced V14 System Manual, 10/2016 165 Migrating projects and programs 5.1 Overview of Migration Options Optimizing PLC program for S7-1500 You also have the option to optimize your program for the S7-1500 by employing newly introduced programming methods. The optimization enables you to effectively use the higher performance, innovated memory technology and new features of the S7-1500 system. Upgrading projects You can also continue to use projects from previous versions of the TIA Portal. However, these projects do not need to be migrated. You can upgrade projects from previous versions to the current version of the product. You can find additional information on compatibility and upgrading projects in the section "AUTOHOTSPOT". Note Additional support for migration You can find the latest information about PLC migration in the Siemens Industry online support: Migration of complete systems: http://support.automation.siemens.com/WW/view/en/83558085 (http:// support.automation.siemens.com/WW/view/en/83558085) Migration of controllers: http://support.automation.siemens.com/WW/view/en/83557459 (http:// support.automation.siemens.com/WW/view/en/83557459) Migration of visualization: http://support.automation.siemens.com/WW/view/en/76878921 (http:// support.automation.siemens.com/WW/view/en/76878921) Migration of communication: http://support.automation.siemens.com/WW/view/en/83558087 (http:// support.automation.siemens.com/WW/view/en/83558087) If you need further support, please contact SIMATIC Customer Support. 166 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 5.2 Migrating projects to a TIA Portal project 5.2.1 Migration of projects with the TIA Portal Migration of existing projects You can migrate projects from earlier automation solutions to the TIA Portal. Each time you migrate, a new project is created for the migrated data with which you can then work. Any TIA Portal projects already open are closed first. The migration is then displayed in the table of the project history. From there, you have access to the migration log that is created automatically for the migration. After the migration of hardware configurations and program blocks from earlier automation solutions, first check the functionality of the migrated project before you use it in productive operation. Supported products for migration Refer to the chapter "System overview STEP 7 and WinCC" to find out which products are available for the TIA Portal. All products listed there are generally supported by the TIA Portal during migration. Any additional requirements that must be met depend on the initial products that were used and the currently installed products. For more information on the migration options for your products, you can, for example, refer to the Siemens Industry Online Support and the documentation of your software products. See also: Scaling of STEP 7 and WinCC in the TIA Portal (Page 39) Procedure during migration The migration process is divided into the following basic steps: 1. Preparing the initial project If the software for editing the initial project is not installed or not fully installed on the programming device/PC with the TIA Portal, or if the initial project is an integrated project, you must first convert the initial project to a migration file. To do this, install the migration tool on a programming device/PC on which the required software for editing the initial project is installed. Then, use the migration tool to convert the initial project, and copy the file to the programming device/PC on which the TIA Portal is installed. You can omit this step if the initial project and its associated software are on the same programming device/ PC as the TIA Portal, and if the initial project is not an integrated project. 2. Performing migration Perform the migration within the TIA Portal. For the migration, specify as source either the migration file which you created with the migration tool or the initial project when all required software has been installed. WinCC Advanced V14 System Manual, 10/2016 167 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 3. Checking the migration log A migration log is created for each migration. It contains information about modified project parts. You can call the log under "Common data > Logs" in the project tree or in the project history. After completion of the migration, the migration log will be displayed in the TIA Portal. Check the log following completion of the migration. If the migration failed, an XML file is created as a log under "\Logs" in the project directory. You can use any XML editor to open this log and view the reasons why the migration failed. 4. Correcting the migrated project Because the configurations of the initial project may not always be completely compatible with the TIA Portal, all configurations may not be reproduced identically in the migrated project. You should therefore work through the points in the migration log systematically. If you have not included the hardware configuration in the migration, you also have to convert the unspecified devices to the appropriate hardware. Including the hardware configuration in the migration By default, only the software parts of the project are included in the migration. An unspecified device is generated in the migrated project for the devices contained in the initial project. The hardware and network configurations and the connection are not migrated. You therefore convert the unspecified devices into suitable devices after the migration and recreate any network configurations and connections manually. If you are certain that the hardware used in the initial project has a corresponding equivalent in the TIA Portal, you can include the hardware configuration in the migration. In this case, both the hardware configuration and the software are migrated. You can check with a tool (Page 168) to see which hardware components are supported. See also Display migration log (Page 174) Scaling of STEP 7 and WinCC in the TIA Portal (Page 39) 5.2.2 Check migration readiness of hardware components Introduction Siemens offers a tool that can be used to check whether the hardware configuration used in an initial project is ready for migration to the TIA Portal. Components integrated via GSD or GSDML files cannot be checked. For such modules, check manually in the TIA Portal whether the modules are available in the hardware catalog. If the modules are not available there, install the required GSD or GSDML files in the TIA Portal. You can obtain the required files from the manufacturer of the components. In the result you can also see which software products and licenses have to be available on the programming device/PC with the installation of the TIA Portal to perform a migration. You can also see as of which firmware version the individual modules of the initial project are supported in TIA Portal. The result of the check can be output in a Microsoft Excel file or in PDF format. 168 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Download The tool for checking the migration readiness is available for download in the FAQs of the Siemens Industry Online Support under entry number 60162195 (http:// support.automation.siemens.com/WW/view/en/60162195). Source files for the check To check readiness, you require one of the following source files which contains the article number of the hardware used in the initial project: .cfg file You can export the .cfg file from HW Config (STEP 7) with the menu command "Export as .cfg file" in the "Station" menu. The .cfg file contains all MLFBs of the devices used in the currently open station. Microsoft Excel file (in .xls file format) Regardless of the initial project used, you can create a Microsoft Excel list containing all MLFBs of the devices you want to migrate. File in .csv format The article numbers that are to be checked can also be saved to a .csv file instead of a Microsoft Excel list. To do this, use a standard text editor and enter the MLFBs separated by comma and without space after the comma. Save the text file with the extension ".csv". See also Tool for checking migration readiness (http://support.automation.siemens.com/WW/view/en/ 60162195) 5.2.3 Preparing projects with the migration tool 5.2.3.1 Migrating projects with the migration tool Preparation for migration In many cases, a project that you wish to migrate will not be located on the same programming device/PC on which the latest version of the TIA Portal is installed. Therefore, the initial project must first be converted to a compatible format for the migration. The same applies to integrated projects. After creation of the migration file, you copy the migration file to the programming device/PC on which the current version of the TIA Portal is installed. In the TIA Portal, you enter the migration file as the source for the migration and can create a project in the current file format of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 169 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Procedure for migration with the migration tool The following steps are necessary to prepare a migration with the migration tool: 1. Install the migration tool on the programming device/PC where the source project is located. To do this, download the installation file from the Siemens Industry Online Support or install the migration tool from the setup DVD of the TIA Portal. 2. Start the migration tool, and use it to convert the source project to the migration file format with the file extension ".am14". For this step, make sure that all software needed to process the source project is installed on the programming device/PC. This also includes all necessary service packs, hardware support packages and all expansion software that is needed to process the initial project. If individual products are not installed it may not be possible to perform the migration or the migration may be incomplete. 3. Copy the migration file to the target system on which a current version of the TIA Portal is installed. Note that the target system must have been installed with all software needed to configure the complete set of devices contained in the migration. 4. Perform the migration within the TIA Portal and specify the migration file with the extension ".am14" as the source. 5. Once migration is complete, check the migration log and systematically work through the information provided there for the newly created project. Read the information in the Inspector window with special care after the first compilation of the configuration. Including the hardware configuration in the migration By default, only the software parts of the project are included in the migration. An unspecified device is generated in the migrated project for the devices contained in the initial project. The hardware and network configurations and the connection are not migrated. You therefore convert the unspecified devices into suitable devices after the migration and recreate any network configurations and connections manually. If you are certain that the hardware used in the initial project has a corresponding equivalent in the TIA Portal, you can include the hardware configuration in the migration. In this case, both the hardware configuration and the software are migrated. You can check with a tool to see which modules are supported. See also Migration of projects with the TIA Portal (Page 167) Migrating projects (Page 172) Calling the migration tool (Page 171) Creating a migration file (Page 171) 170 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 5.2.3.2 Calling the migration tool Starting the migration tool During the installation, a "Migration to TIA Portal V14" shortcut is created by default in the Start menu under "Siemens Automation > Migration Tool". Click this shortcut. Alternatively, you can call the migration tool directly in Windows Explorer. During the installation, the migration tool is saved by default in one of the following folders: On a 64-bit operating system: C:\Program Files (x86)\Siemens\Automation\MIGTOOL_V14\Bin On a 32-bit operating system: C:\Program Files\Siemens\Automation\MIGTOOL_V14\Bin To start the migration tool, click the "Siemens.Automation.MigrationApplication.exe" file in one of the directories. See also Creating a migration file (Page 171) 5.2.3.3 Creating a migration file The section below describes how you can use the migration tool to convert the initial project to a migration file that can be read by the TIA Portal. Following conversion, this file is transferred to the target system and migrated there. You can specify whether the migration file should contain the entire project, including the complete hardware configuration and the associated software, or whether you want to migrate the software only. Requirement The suitable, original software with a valid license is installed for all configurations used in the initial project. The initial project is not provided with access protection. The initial project must be consistent, otherwise problem-free migration cannot be assured. WinCC Advanced V14 System Manual, 10/2016 171 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Procedure To create the migration file, proceed as follows: 1. Select the path of the source file for the migration in the "Storage Location (Path)" field. 2. Specify the project parts that are to be migrated: - Select the "Include HW and Network data during the migration" check box to migrate not only the software but also the complete hardware parts and the network configuration of the project. - Select the "Copy SCADA runtime data" check box if you also want to migrate the runtime data, such as alarm archives, tag archives and user archives, in addition to the data of the engineering system. 3. Select the path and the file name for the migration file in the "Intermediate file" field. 4. Click the "Migrate" button. Result: A migration file is created. You now copy this file to the target system and migrate this file in the TIA Portal. See also Migrating projects (Page 172) Calling the migration tool (Page 171) Migrating projects with the migration tool (Page 169) 5.2.4 Migrating projects Requirement A converted file in the format ".am14" is already available or the original software with a valid license is installed for all configurations used in the initial project. The initial project is not provided with access protection. The initial project must be consistent, otherwise problem-free migration cannot be assured. Read the additional information on the requirements in the help for the respective products installed. Note System hibernation during the migration While a migration is running, the system should not be changed to the standby or hibernate mode. Otherwise the migration will be aborted. 172 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Procedure To migrate a project, follow these steps: 1. Select the "Migrate project" command in the "Project" menu. The "Migrate project" dialog opens. 2. Specify the path and the file name for the project to be migrated in the "Source path" field. Select a project either in the ".am14" migration format or in the format of the initial project. 3. To include the hardware configuration in the migration, select the "Include hardware configuration" check box. If you have selected a migration file that was created with the migration tool, the check box cannot be selected. In this case, you must specify if you wish to include the hardware configuration in the migration before the conversion with the migration tool . 4. Select the "Copy WinCC Runtime Professional data" check box, if you also want to migrate the runtime data, such as alarm archives, tag archives and user archives, in addition to the data of the engineering system. If you have selected a migration file that was created with the migration tool, the check box cannot be selected. In this case, you must specify if you wish to include the SCADA runtime data in the migration before the conversion with the migration tool . 5. Select a name for the new project in the "Project name" box. 6. Select a path in the "Target path" box where the new project is to be created. 7. Enter your name or the name of another person responsible for the project in the "Author" field. 8. Enter a comment in the "Comment" box, if you require one. 9. Click "Migrate". Result The initial project is converted and a message appears after conversion is complete. The newly created project is then opened in the project view, and the migration log is opened in the TIA Portal. Even if the migration failed, a project directory is created and a migration log in the form of an XML file is generated in this directory. The completion message that appears after the migration contains a link to this XML file. Click the link to open the XML file. Alternatively, you can find the XML file in the project directory under "\Logs". See also Post-editing integrated projects (Page 245) Display migration log (Page 174) Migrating projects with the migration tool (Page 169) Creating a migration file (Page 171) WinCC Advanced V14 System Manual, 10/2016 173 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 5.2.5 Displaying the history of the migration If a project was created by migration, the migration will be listed in the table of the project history. You can open the migration log in the table. The time of the migration is also shown. Procedure To display the migration in an overview table, follow these steps: 1. Select the open project in the project tree. 2. Select "Properties" in the shortcut menu of the project. The dialog with the properties of the project opens. 3. Select the "Project history" group in the area navigation. The overview table is displayed. 5.2.6 Display migration log A log is created for each successful migration. The log contains the following information: Migrated objects Modifications to objects made during migration Errors that occurred during migration In certain cases a link to more help with specific events. In this case, click the question mark to obtain more help. Procedure To display the log file of the migration, follow these steps: 1. Open the "Common data > Logs" folder in the project tree. 2. Double-click the desired log in the list. The contents of the log are displayed in the work area. See also Migration of projects with the TIA Portal (Page 167) 174 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 5.2.7 Migrating STEP 7 projects (S7-300, S7-400) 5.2.7.1 Migration of STEP 7 projects (S7-300, S7-400) Introduction You can migrate a project from SIMATIC STEP 7 V5.4 SP5. You can then continue to use this project in the TIA Portal. If you want to migrate projects from older STEP 7 versions, you must open, compile and save these projects first in STEP 7 V5.4 SP5. It is also possible to migrate integrated projects with devices from other software products. Scope of migration Generally, you can migrate all configurations and objects from SIMATIC STEP 7 V5.4 SP5 that the installed version of the TIA Portal supports. This includes, for example, the following devices and configurations: Devices of the S7-300 and S7-400 family. PROFIBUS configurations with connected distributed I/O. These include GSD-based slaves, I-slaves as well as direct data exchange. PROFINET configurations with distributed I/O. These include GSD-based devices and Idevices. Network configurations Connections Blocks created in the programming languages LAD, FBD or STL, S7-SCL, S7-GRAPH PLC tags User-defined data types (UDT) Alarms and alarm classes Interrupts User-defined attributes (UDA) User text libraries Including the hardware configuration in the migration By default, only the software parts of the project are included in the migration. An unspecified device is generated in the migrated project for each of the devices contained in the initial project. The hardware and network configurations and the connection are not migrated. You can convert the unspecified devices into suitable devices after the migration and create any network configurations and connections manually. WinCC Advanced V14 System Manual, 10/2016 175 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project If you are certain that the hardware used in the initial project has a corresponding equivalent in the TIA Portal, you can include the hardware configuration in the migration. In this case, both the hardware configuration and the software are migrated. Note Additional support for migration You can find the latest information about migration in the Siemens Industry Online Support: Migration of controllers (http://support.automation.siemens.com/WW/view/en/83557459) If you need further support, contact SIMATIC Customer Support. See also Reporting system errors (Page 194) Migrating program blocks (Page 183) 5.2.7.2 Requirements for the migration of STEP 7 projects (S7-300, S7-400) Various requirements for the software installed on the original PG/PC and for the initial project apply to the migration. Requirements for the original PG/PC The following requirements apply to the PG/PC: A licensed version of STEP 7 V5.4 SP5 or higher (we recommend V5.5 SP4) must be installed. For projects that only contain PC stations, it is sufficient if the SIMATIC NET PC software is installed. For all of the configurations used in the project, the corresponding additional software must be installed with a valid license, for example, optional packages All HSPs for modules not included in the hardware catalog must be installed. All GSD files used in the project must comply with the specifications. You must be logged on to the operating system with administrative rights. One of the following software products must be installed: - The TIA Portal with STEP 7 Professional V13 SP1 or higher If you do not migrate with the most recent version of the TIA Portal on the original programming device/PC, the functional scope of the project in more recent versions of the TIA Portal is initially limited. You first have to upgrade the project before you can use the full functional scope of more recent versions. - The migration tool 176 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Requirements for the initial project The initial project must not be configured with access protection. The hardware and software must be consistent. The alarm number assignment must be set to CPU-oriented. The project cannot contain any protected blocks with time stamp conflict. It must be possible to compile all programs and their sources without errors. All called blocks must be available in the block folder. The block folder must contain no blocks that are not called, in particular no instance data blocks. We recommend that you migrate blocks unencrypted, because blocks encrypted with S7Block Privacy cannot be read or modified in the TIA Portal. Requirements for the PG/PC with STEP 7 Professional One of the following software products must be installed: - STEP 7 Professional V13 SP1 or later - STEP 7 Professional V13 SP1 or later (without license) when the project to be migrated only contains components that have been configured with the SIMATIC NET PC software. For all of the configurations used in the project, the corresponding additional software must be installed with a valid license, for example, optional packages. All HSPs for modules that are not contained in the hardware catalog and all GSD files used in the project must be installed. 5.2.7.3 Checking whether STEP 7 projects can be migrated (S7-300, S7-400) Before you start the migration, check to determine whether all necessary requirements for migration have been met in the initial project. Note Note that the actual values are reset in the initial project when the following steps are carried out. Also note that running the block consistency check resets the start values in the instance DBs to the default values. If you are using technology functions, this behavior is not desired. Procedure To check whether a project can be migrated, follow these steps: 1. Open the initial project in SIMATIC STEP 7 V5.5 SP3. For correct matching, only the optional packages and hardware components available in the TIA Portal, including HSPs and GSD files, may be installed. 2. Open the individual stations. If no alarms indicating missing components are displayed when the stations are opened, all the components necessary for migration are available. WinCC Advanced V14 System Manual, 10/2016 177 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 3. Perform a block consistency check for each block container contained in the project. For more information on the consistency check, refer to Chapter "Consistency check in the initial project (Page 178)". 4. Compile the entire project. If no errors are displayed during the compilation, the programs can be migrated. 5. Check whether all modules with an identical MLFB and the same firmware version are contained in the TIA Portal hardware catalog. You can perform the check using a tool. You can find additional information on this in the chapter AUTOHOTSPOT. 6. Check whether the CPU-oriented alarm number assignment is activated for each CPU. 7. Compile the project in NetPro. The compilation in NetPro must also be error-free. See also Consistency check in the initial project (Page 178) FAQ entry on consistency check (http://support.automation.siemens.com/WW/view/en/ 5416540) 5.2.7.4 Consistency check in the initial project (S7-300, S7-400) Consistent initial project A consistent initial project is a requirement for the successful migration of a project to the TIA Portal. It is therefore advisable to perform a consistency check on the initial project before migration. You can find a guide to the consistency check in SIMATIC STEP 7 in an FAQ entry (http://support.automation.siemens.com/WW/view/en/5416540) on the Siemens Industry Online Support page or in the SIMATIC STEP 7 help. Migrate start values in instance DBs for technology blocks The compilation in the block consistency check causes the tags in instance DBs to be reset to the default values. The set start values are lost in the process. To migrate the start values anyway, we recommend one of the following procedures: For smaller projects: Backup the instance DBs outside the block folder Backup the instance DBs before you start the consistency check. After the consistency check has been completed, copy the instance DBs back to the block folder. For larger projects: Create a copy of the project Make a copy of the project and then carry out the check on the copy of the project. Correct any errors found during the consistency check in the initial project. You can then migrate the project with the configured values. In this way, the configuration of the technology functions is also retained. See also Basic information on start values (Page 4564) 178 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 5.2.7.5 Removing unsupported hardware components (S7-300, S7-400) If you have created configurations in the initial project for which not all of the right software is installed, then you can still migrate the project by manually deleting the unsupported configurations from the project. Alternatively, you can use the "Reorganize" function. Procedure To clean the original project, follow these steps: 1. Use an installation of SIMATIC STEP 7 V5.5 SP3 that contains only the optional packages contained in the TIA Portal and all required modules. 2. Save the project again and select the "With reorganization" option when saving. Any unsupported configurations will be removed from the project. For modules that are only available in a new version or with a new firmware version in the TIA Portal, use the "Exchange object" function in the station to exchange an older module for one that can be migrated. 5.2.7.6 Special points to observe during migration (S7-300, S7-400) Device names (S7-300, S7-400) Device names of PROFINET IO devices In STEP 7 V5.5 the device name of a PROFINET IO device is used as the name of the IO devices. After the migration to a TIA Portal project, the device name of the PROFINET IO device from the initial project is used as follows: As the PROFINET device name As the name for the interface module As the name of the station A maximum of 24 characters is permitted for the name of the station in the TIA Portal. The name of the station is therefore truncated to a maximum of 24 characters where required. If truncating of the station name would result in several stations with the same name, the last characters of the station name are used to number the stations consecutively. Names of modules and racks In SIMATIC STEP 7 V5.5, the names of modules and racks do not have to be unique. In the TIA Portal, however, unique names are required. Therefore, the names of the modules and racks are incremented during the migration to make sure that unique names are assigned. This does not apply to PROFINET IO devices and PROFINET CPs. You must provide unique names for these yourself. WinCC Advanced V14 System Manual, 10/2016 179 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project PROFINET IO configurations (S7-300, S7-400) Unique name assignment required The names of PROFINET IO devices must be unique within the subnet. The same applies to the names of PROFINET CPs. For this reason, ensure that the name assignment is unique before the migration into the initial project or provide unique names after migration and before the first compilation. Media redundancy with sync domains If a sync domain with activated media redundancy is found in the initial project, the sync domain configuration is imported during migration. If, however, several sync domains with activated media redundancy are found in the initial project, they are removed and the project is migrated without the sync domains. In any case, you will receive a message which sync domains were imported. In any case, use SIMATIC STEP 7 V5.5 to configure the media redundancy in the initial project. Isochronous mode with PROFINET IO Note the following for PROFINET IO configurations in isochronous mode: IRT with high performance If you have configured IRT with high performance when planning the topology in the initial project, the option is changed to "RT" during migration. You will receive a message informing you of the change. Use of OB 61 If the isochronous mode for PROFINET IO with OB 61 is activated in the original configuration in the STEP 7 project, it will be deactivated by the migration. The devices will still be imported. PROFINET IRT configurations with the option "high flexibility" without the use of OB 61 can be migrated. CBA for IO controllers If you have used the cyclical service CBA (Component Based Automation) in the initial project, it is deactivated during migration. You will receive a message informing you of the change. Use of Shared Devices If Shared Devices are configured in the initial project, they are removal during migration. You will receive a message informing you of their removal. Transfer areas If transfer areas for data exchange between the IO controller and I-device are configured in the initial project, they are removed during migration. You will receive a message informing you when a transfer area is removed during migration. 180 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Update groups for PROFINET IO If necessary, also remove update groups from the STEP 7 project before you start the migration. If any update groups are still configured, then the migration can not be carried out. I slaves and I-devices Only connected and consistent I slave and I-device configurations can be migrated. If the configuration is inconsistent, then the configurations in question will be excluded from the migration. PROFINET IO systems that are not connected Devices with PROFINET IO systems that are not connected can be migrated. The IO devices and the PROFINET IO systems are located in the network view without connection after migration. Connect these IO devices after migration with an IO controller or delete any unnecessary IO devices. PROFIBUS configurations (S7-300, S7-400) Isochronous PROFIBUS It is possible to migrate isochronous PROFIBUS configurations. You should compile the project again after the migration, however, to rule out any possible inconsistencies. Also pay attention to slightly changed SDBs. Orphaned master systems Devices with orphaned DP master systems can be migrated. The DP slaves of the abandoned DP master system are located in the network view without connection after migration. Connect these DP slaves after migration with a DP master or delete any unnecessary DP slaves. GSD and GSDML devices (S7-300, S7-400) For devices that were configured with PROFIBUS GSD or PROFINET GSD files, the corresponding GSD files must also be installed in the TIA Portal. If GSD files are not yet installed in the TIA Portal, they will be installed automatically during the migration. The GSD files must comply with the specifications (e.g., GSDML Specification for PROFINET IO, see www.profinet.com (http://www.profinet.com)), in order for the project to be migrated successfully. If GSD files of a device manufacturer do not comply with the specification, the project cannot be migrated. In the migration log, you receive alarms notifying you of noncompliant GSD files. If the GSD files do not comply with specifications, check whether a newer version of the GSD file is available from the manufacturer. Install the current version. If a version of the GSD file that complies with the specification is not available, contact the device manufacturer. WinCC Advanced V14 System Manual, 10/2016 181 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Connections (S7-300, S7-400) Connections from SIMATIC STEP 7 projects can generally be migrated if they are also supported by the installed version of the TIA Portal. Migratable types of connection The following connection types can be migrated: S7 connection one-way S7 connection two-way Failsafe S7 connection TCP connection ISO-on-TCP connection ISO connection UDP connection E-mail connection FDL connection Point-to-point connection FMS connections on the PROFIBUS are not accepted during the migration. Adapt the connections or modify the user program. Multiprojects (S7-300, S7-400) Multiprojects in SIMATIC STEP 7 In SIMATIC STEP 7, you can organize projects into a multiproject if, for example, a project is very large or if several people are working on it. The subprojects may contain cross-project references, for example connections. All subprojects of a multiproject and the associated libraries are stored in the same directory. Migration of parts of a multiproject You can migrate the subprojects of a multiproject. To do this, select one of the subprojects during the migration. All of the devices and configurations contained in the respective subproject will be imported during the migration. Observe the following when migrating a subproject: Cross-project connections Cross-project connections between subprojects are created as unspecified connections. Cross-project networking Information on networking of devices across project boundaries will be lost during the migration. Links between devices in the same subproject will be retained however. 182 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Grouping a multiproject for the migration. It is only possible to migrate an entire multiproject with all of its associated subprojects if you manually regroup the different subprojects prior to the migration. To regroup a multiproject, copy all devices, for example, and paste the devices into a single project. Migrating program blocks (S7-300, S7-400) You can generally migrate all blocks created in LAD, FBD, SCL, STL, and GRAPH. Please note the following: Programs with absolute addressing In the TIA Portal, symbolic operands are automatically declared for all absolute addresses. If absolute addressing is used in the STEP 7 program to be migrated, symbolic operands are declared for the absolute addresses during the migration. This automatic declaration can lead to data type conflicts, particularly if the IEC check is activated in the TIA Portal. A data type conflict could occur, for example, when a 32-bit data word is interpreted as a tag with the type DWORD by the automatic declaration, but the program expects a tag with the data type REAL. In this case, it is not enough to deactivate the IEC check. Instead, you must correct the declaration in the PLC tag table. Data type conflicts can also occur if you access the same absolute address multiple times in the program, but use different data types for the different access operations. The following figure shows an example of such multiple access: In these cases, a separate tag is declared automatically for each data type during the migration. Since all tags reference the same absolute address, warnings are output in the PLC tag table. You need to manually correct these address overlaps in the PLC tag table. Migration of communication blocks During the migration of communication instructions from STEP 7 V5.x, pointers of the data type ANY are replaced by PLC tags within the own S7 station. After the migration a warning is displayed at the affected parameters. Replace the PLC tags with a pointer at the affected parameters. For absolute addressing of a data block with data type ANY, the data block must have been created with standard access, since symbolic addressing with data type ANY is not possible. Example: To input values, use the appropriate parameters of instruction P#M10.0 BYTE 4 instead of %MD10. WinCC Advanced V14 System Manual, 10/2016 183 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Symbolic names for blocks and user-defined data types (UDT) In the TIA Portal, each block or UDT has a number and a name. It is therefore no longer necessary to declare symbolic names. If the migrated program contains symbol declarations for blocks or UDTs, they will be used as names after the migration. Blocks from STEP 7 libraries In the TIA Portal, standard functions and function blocks are not provided in libraries. Instead, they are available as instructions in the "Instructions" task card. The instructions are sorted by function and can be found under their symbolic name. If calls of standard functions or function blocks are contained in the migrated program, they are replaced during the migration by the instructions that correspond to the original standard function or the original standard function block. If the library block is no longer supported in the TIA Portal, you have the following options: The library block is replaced by a compatible instruction. In this case, you will receive an alarm informing you that you have to compile the program after migration. Note that the calling block may not carry any know-how protection, as the block call has to be adapted during compilation. If there is no compatible instruction, the block is migrated as user block. It is then available as a know-how protected block in the folder "Program blocks" with the extension "_LF" (legacy function). User-defined block libraries User-defined block libraries are no longer available in the familiar form in the TIA Portal. However, you can migrate user-defined libraries by integrating these into a project prior to migration and then migrating the project. After this, you can copy these from this project in the TIA Portal and use them. Instructions in a modified display The display of some of the LAD, FBD, STL, SCL and GRAPH commands in the TIA Portal differs from the display in earlier versions of STEP 7. So, for example, the mathematical functions and the comparators are no longer specific for data types. Instead, there is a central instruction, which can be used for all types of data. The "ADD_I" command is no longer permitted, for example; the instruction "ADD" is used instead. Some other commands also have a new display in the TIA Portal, e.g., edge commands, word logic operations, conversions, IEC timers, IEC counters, etc. The commands will be converted for the new display during the migration. 184 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Stricter IEC check Stricter rules for checking data type compatibility will be used in the TIA Portal. In addition, errors that can lead to runtime errors are already detected during the syntax check. It is no longer permitted to write your own input parameters or to read your own output parameters in functions (FC). Observe the following rules to avoid syntax errors: Only use tags with compatible data types when transferring the parameters. In comparison instructions or arithmetic instructions, only use tags with compatible data types. You may not write to input parameters or read from output parameters. For more information on the block interface and on data type conversion with IEC check, refer to the Help on data types: Data types Stricter data type check with the "MOVE" and "FILL" instructions With the "MOVE" and "FILL" instructions, the compatibility of the source and destination areas is checked according to stricter rules. It is no longer possible, for example, to move a tag of the data type "Integer" to a destination area of the data type "WORD" using "MOVE". Instead of this, use the "CONVERT", "T_CONV" or "S_CONV" instructions in the TIA Portal. You will find more detailed information on the data types compatible with "MOVE" and "FILL" in the help on the instructions: MOVE: Move value (Page 2591) FILL: Fill block (Page 2648) Programs that were created in LAD or in FBD and use invalid data types at the "MOVE" or "FILL" instruction are shown in STL after the migration. However, the language is still set as LAD or FBD in the block properties. In the block properties, change the program again to STL. Then reset the language to LAD or FBD. Suffix for I/O access ":P" In the TIA Portal, the access ID ":P" is used for direct addressing of the I/O. The following notation is not permitted, for example: %PIW3 The following notation is used instead: %IW3:P //absolute display MyTag:P //symbolic display The accesses are converted into the new notation during the migration. However, symbolic names, which were declared to be I/O tags in the original program, cannot be accepted. New declarations will be created instead. For more information on the I/O access refer to the Help on addressing the I/O: Address I/O WinCC Advanced V14 System Manual, 10/2016 185 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project No distinction is made between upper and lower case for jump labels No distinction is made between upper and lower case for jump labels in the TIA Portal. If the source program contains jump labels that differ only through upper/lower case, these will be converted into unique jump labels. The log file provides information on the modified jump labels. German special character "" is not distinguished from "ss" In tag names, the German special character "" is not distinguished from "ss" in the TIA Portal. If, for example, the source program contains tag names that differ only in these two characters, they will be converted into unique tag names. Migration of REAL and STRING values In the TIA Portal it is checked whether the start values of REAL and STRING tags are in the permitted and/or declared range. The following rules apply: REAL tags must have a value in the range from +1.175494E-38 to +3.402823E+38. The maximum length of the STRING value must not exceed the declared length of the STRING. If these rules are not satisfied, the program will be successfully migrated but it will not then be possible to compile it. As remedy, you can open the corresponding data block in STEP 7 (TIA Portal) and change the start values. Then compile the program with the menu command "Software (rebuild all blocks)". Migration of global data blocks The display and handling of data values in data blocks is different in the TIA Portal compared with SIMATIC STEP 7. In global data blocks which are not derived from a higher-level object, for example a UDT, the tags are always assigned the default value of the data type as the default value, for example FALSE for the data type BOOL. This default value is not editable. If offline initial values were assigned in the declaration view, they are not imported during the migration. If you require user-specific default values in the program, use a global data block based on a PLC data type. You can assign user-specific default values for tag values in a PLC data type. For more information on data values in data blocks refer to the Help on data blocks: Programming data blocks Note Additional support for migration You can find the latest information about migration in the Siemens Industry Online Support: Migration of controllers (http://support.automation.siemens.com/WW/view/en/83557459) If you need further support, please contact SIMATIC Customer Support. 186 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of LAD/FBD/STL programs (S7-300, S7-400) LAD, FBD and STL blocks can run after the migration without being recompiled or reloaded. Know-how protection Blocks that were know-how protected before the migration remain know-how protected after the migration. Because the sources are not migrated, the know-how protection cannot be canceled. The blocks can thus not be opened or edited. It is possible, however, to load the blocks into the CPU and to run them. The following options are available for disabling a block's know-how protection: Prior to the migration, remove the KNOW_HOW_PROTECT attribute from the source and create a block without know-how protection from this. Then migrate this block. Import the source into the TIA Portal and create a block without know-how protection from this. Then use the "Edit > Know-how protection" menu command to provide the block with a password. Switch-over from LAD/FBD to STL Programs that were created in LAD or in FBD and contain operations that are no longer permitted in S7-1500 are shown in STL after the migration for system reasons. Invalid operations are, for example, jump operations to downstream networks. However, the language is still set as LAD or FBD in the block properties. In the block properties, change the program again to STL. Then reset the language to LAD or FBD. Switching from STL to LAD/FBD During migration of a LAD/FBD block containing STL networks, an error message appears. The reason behind this error message is that an STL network of a LAD/FBD block cannot be represented in LAD/FBD even after the migration. The STL networks are migrated correctly, however. You can ignore the error message. Migrating GRAPH programs (S7-300, S7-400) Requirement The prerequisite for migrating GRAPH blocks is to have the "S7-GRAPH" optional package, version 5.3 SP6 or later, installed on the original device. WinCC Advanced V14 System Manual, 10/2016 187 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project GRAPH-specific block settings The GRAPH-specific block settings have been significantly reduced in the TIA Portal. The following table gives an overview of how the original block settings are transferred to the TIA Portal. Setting in the initial project Setting in the TIA Portal FB pa rameter Existing parameters will be migrated Minimum Standard Maximum Definable Interface descrip tion Minimized memory space Create minimized DB Structure fields Individual structures are always created Individual structures Run ca pability FC70/71 FC72 FC 73 if the option "Create minimized DB" is active; otherwise FC 72 FC73 Criteria analysis in the DB Setting not relevant in the TIA Portal Skip steps Skip steps Acknowledge errors Acknowledge supervision errors Synchronization Always activated in the TIA Portal Permanent processing of all inter locks in manual operation Permanent processing of all interlocks in manual operation Lock operating mode selection Lock operating mode selection Safe activation mode Always activated in the TIA Portal Warnings Always activated in the TIA Portal None Any Activate alarms Activate alarms Alarms with WR_USMSG Alarms in the TIA Portal always with ALARM_SQ/ALARM_S Step name extension Step name extensions are not supported in the TIA Portal. They are converted to step-specific text during the migration. Compiling the migrated block GRAPH blocks must be recompiled and reloaded after the migration. The following errors may occur when compiling: Data type conflicts may occur due to the stricter IEC check. In this case, change the declaration. Since the "structure fields" setting for the interface is no longer available in the TIA Portal, interface elements can no longer be addressed with G7S[1].X, for example. Access to the element must therefore be corrected, e.g. to STEP1.X. 188 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Changing the interface of the GRAPH block The changed settings can lead to interface changes of the block. Therefore, it may be necessary to regenerate the instance DB or to update block calls. Migrating SCL programs (S7-300, S7-400) The prerequisite for migrating SCL blocks is to have the "S7-SCL" option package, version 5.3 SP5 or later, installed on the original device. SCL blocks must be recompiled and reloaded after the migration. Basic procedure for the migration A complete migration of SCL blocks is only carried out if the associated sources exist in the initial project. The table below gives you an overview of the basic procedure: Existing in the initial project Existing after migration SCL blocks with source Editable SCL blocks Know-how protected SCL blocks with source Editable SCL blocks. After the migration, the blocks no longer have know-how protection but can be re-protected, if necessary. SCL blocks without source Know-how protected SCL blocks Know-how protected SCL blocks without source Know-how protected SCL blocks SCL-specific compiler options Only the compiler options that are defined directly in an SCL source are adopted as block properties in the TIA Portal during migration. If no compiler options are defined in the original SCL source, the options in the properties of the migrated block are deactivated. Compiler options defined as settings in the SCL Editor or in an SCL compile control file are not migrated. The following table gives an overview of the compiler options that are transferred as block property to the TIA Portal. Compiler option in the SCL source Block property in the TIA Portal scl_monitorarraylimits Check ARRAY limits scl_createdebuginfo Create extended status information scl_setokflag Set ENO automatically Calling function blocks A block call with indication of the function block, for example "DBX"."FBX()", is no longer permitted in the TIA Portal. The call syntax is converted to the notation "DBX()" during the migration. WinCC Advanced V14 System Manual, 10/2016 189 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project New EN/ENO mechanism SCL uses the EN/ENO mechanism of the TIA Portal. For this reason, all usages of the OK flag are replaced by ENO during the migration. The points where ENO was used in the original program are highlighted. You must check these points after the migration and adapt them to the new mechanism. See also: AUTOHOTSPOT Operator "DIV" The "DIV" operator is no longer available in the TIA Portal. All usages of "DIV" will be converted to the standard notation "/" during the migration. Nested ARRAYs It is not possible to nest ARRAYs in the TIA Portal. The following declaration is not permitted, for example: ARRAY[1..5] OF ARRAY[0..3] OF INT Nested ARRAYs are converted into multi-dimensional ARRAYs during migration. The example would look as follows after the migration: ARRAY[1..5, 0..3] OF INT Declaration of jump labels (LABEL) The declaration of jump labels is not possible in the TIA Portal. The following declaration would not be accepted from the initial project, for example: LABEL MARKE1, MARKE2, MARKE3 ; END_LABEL Set jump labels, however, will be retained in the program code and can be used for GOTO operations. Declaration of symbolic constants in the block interface In the TIA Portal, symbolic constants always have a data type. If symbolic constants are declared without data type in the source program, an appropriate data type will be assigned to them during the migration. See also: AUTOHOTSPOT Declaring global constants (Page 4607) Indexed I/O access In the TIA Portal, the syntax with rounded parentheses is used for indexed I/O access. The following notation is not permitted, for example: PEB[1] 190 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project The following notation is used instead: EB(1):P The accesses are converted into the new notation during the migration. See also: AUTOHOTSPOT Indexed memory accesses In the TIA Portal, the syntax with rounded parentheses is used for indexed memory accesses. The following notation is not permitted, for example: EB[2] The following notation is used instead: EB(2) The accesses are converted into the new notation during the migration. For additional information on addressing, refer to "See also". Indexed access to data blocks In the TIA Portal, the syntax with rounded parentheses is used for indexed data block accesses. The following notation is not permitted, for example: %DB100.DW[5] The following notation is used instead: %DB100.DW(5) The accesses are converted into the new notation during the migration. For additional information on addressing, refer to "See also". Absolute access to data blocks For absolute access, the absolute designator of the data block must be used. Access using the symbolic designator is not permitted in the TIA Portal. The following notation is not permitted, for example: DB100.DW3 The following notation is used instead: %DB100.DW3 During the migration, the marker "%" will be added for a detected absolute data block access. For additional information on addressing, refer to "See also". Logarithmic functions "EXPD" and "LOG" Logarithmic functions "EXPD" and "LOG" are no longer available in the TIA Portal. All usages of "EXPD" are converted to the standard notation "10**(<expression>)" during the migration. All usages of "LOG" are converted to the standard notation "LN(<expression>)" during the migration. WinCC Advanced V14 System Manual, 10/2016 191 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Mathematical instruction "MAX" The "MAX" instruction cannot process any time data types in the TIA Portal. However, you can use comparators instead. The following example shows how you can find the "larger" of two time data types using comparators: SCL #xs_tod := #xi_tod + #xi_time; // statt #xstod1 := MAX(IN1:=#xtod1, IN2:=#xstod1); IF #xs_tod < #xi_tod THEN #xs_tod := #xi_tod; END_IF; // statt #xsd1 := MAX(IN1:=#xd1, IN2:=#xsd1); IF #xi_date <#xs_date THEN #xs_date := #xi_date; END_IF; #xs_date_time := #xi_date_time + #xi_time; // statt #xs_date_time := MAX(IN1:=#xi_date_time, IN2:=#xs_date_time); IF #xi_date_time <#xs_date_time THEN #xs_date_time := #xi_date_time; END_IF; Floating point numbers - exponential display The exponential notation of floating point numbers without a decimal point is no longer permitted in the TIA Portal. The following notation is not permitted, for example: 3E10 The following notation is used instead: 3.0E10 During the migration, all usages of "3E10" will be converted to the standard notation "3.0E10". See also: Floating-point numbers (Page 2150) Blocks from STEP 7 libraries The functions FC 1 to FC 40 from the STEP 7 classic library "IEC standard functions" are no longer available in the TIA Portal. Calls to the standard functions are converted to calls to the corresponding extended instructions during the migration. If there is no clear conversion possibility, a system error is issued. In this case, change the SCL block after the migration and use SCL instructions or operators instead of IEC standard functions. Examples: 192 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Use S5TIME_TO_TIME instead of S5TI_TIM (FC 33) "TAG_TIME" := S5TIME_TO_TIME ("TAG_S5TIME"); Use the comparator operator <> instead of NE_DT (FC 9): IF #D1 <> #D2 THEN "MyOutput" : = 10; END_IF; Use the comparator operator = instead of EQ_STRING (FC 10): IF #My_String1 = #MyString2 THEN "MyOutput" : = 10; END_IF; Interruption of strings with "$" In STEP 7 Classic, strings in SCL could be interrupted by special characters, e.g., control characters or non-printable characters. These characters were identified by the interruption sequences "$>" and "$<". Example: #myString := 'Test1$> $<Test1'; This option no longer exists in the TIA Portal. String interruptions will be deleted during the migration. NULL pointer Null pointers are no longer specified in the TIA Portal with "NIL" but instead with "NULL". The notation is replaced automatically during the migration. Comments Comments from the migrated source are transferred when possible. The following rules apply: Comments in the output block directly after the block definition are converted as block comments. Comments that appear as line comments after a tag declaration are transferred to the "Comment" column in the block interface. All other comments are not transferred. Example: // Comment that is not transferred. FUNCTION_BLOCK FB57 // Comment that is transferred to the block properties. (*Comment that is transferred to the block properties. *) VAR_TEMP myVar1 : INT;// Comment that is transferred to the interface. myVar2 : INT;(* Comment that is not transferred because it is a comment section *) END_VAR // Comment that is not transferred. BEGIN ; END_FUNCTION_BLOCK WinCC Advanced V14 System Manual, 10/2016 193 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Block calls in S7-SCL sources In the S7-SCL sources with STEP 7 V5.x, you can set the block parameters before or after the actual call of the block. This means that the block can be called with incomplete parameters and the input/output parameters of the block can be suppled with tags or values at a different position with the S7-SCL source. This type of programming is not possible in STEP 7 (TIA Portal) due to the system and will also not be supported in future. Although you can migrate and compile the STEP 7 V5.x project without errors in TIA portal, the function of this block call is no longer possible within the S7-SCL program. Before you compiled your S7-SCL source in STEP 7 V5.x and migrate the project to the TIA Portal, note the following points: All parameters of the called block must be supplied within the call instruction. No parameters of the called block may be deleted and inserted or set at a different position of the S7-SCL source. Messages (S7-300, S7-400) PLC alarms are migrated with all parameters and including all alarm classes. Alarm types and alarm instances are also migrated and stored under the PLC alarms in the TIA Portal. Requirement A requirement is that the CPU-wide assignment of alarm numbers is selected in the initial project. Before the migration, select the "Always assign CPU-oriented unique message numbers" option in the initial project, if necessary, and perform "Save as > With reorganization". Restrictions Symbol-based alarms cannot be migrated. The keywords "$$AKZ$$", "$$BlockComment$$", and "$$Area$$" are transferred but no replacement takes place during runtime. Reporting system errors (S7-300, S7-400) In principle, you can migrate system error messages that you have configured using SIMATIC STEP 7. Restrictions When migrating the "Report system errors" application, only the settings that were set by the user in the SIMATIC STEP 7 project will be migrated (e.g. basic settings, block numbers, block names). The following elements are not migrated: SFM blocks SFM messages and the settings that were made to configure the message texts System text libraries 194 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project After migration, the settings can be manually adjusted once again. The missing elements will be recreated during the first compilation of the hardware configuration. Migration of project texts (S7-300, S7-400) When you migrate an initial project, project texts such as block titles and block comments are adopted in the TIA Portal. However, only project texts in the set editing language of the initial project are migrated. Project texts in other languages are not migrated. See also Migration of STEP 7 projects (Page 175) Project text basics (Page 426) 5.2.8 Migrating WinCC flexible projects 5.2.8.1 Principles (WinCC flexible) Migration (WinCC flexible) Introduction You can continue to use projects in WinCC from WinCC flexible. The following versions of WinCC flexible are supported: WinCC flexible 2008 SP2 WinCC flexible 2008 SP3 The following sections describe the HMI devices that are supported and the required basic conditions for a successful migration. Projects from ProTool Pro and earlier WinCC flexible versions cannot be migrated directly to WinCC. If you want to continue using such projects in WinCC, you have to migrate these to a supported version of WinCC flexible first and change the HMI device type. If the project to be migrated contains components of a supported option package, the option package must be installed for successful migration to WinCC. If the option package is not installed, migration is canceled. This concerns the following option packages: SINUMERIK The following option packages are not supported by the migration: ProAgent Open Platform Program - OPP WinCC Advanced V14 System Manual, 10/2016 195 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project See also Migrating projects from WinCC flexible (Page 198) Compiling and loading a migrated project (WinCC flexible) (Page 200) Supported HMI devices (Page 201) Migration of connections (WinCC flexible) (Page 210) Migration of tags (WinCC flexible) (Page 213) Migration of runtime data (WinCC flexible) (Page 222) Migration of integrated projects (WinCC flexible) (Page 225) Migration principles (WinCC flexible) Introduction In the migration the project data are converted from a WinCC flexible project into the new data format of WinCC. The data will not be evaluated to see if they are consistent in the project you want to migrate. If errors or warnings are output in a source project during compilation, these will not be resolved as part of the migration. This means you should be able to compile the project without errors prior to migration. Note the scope of a project during migration. The features of WinCC apply for migration. For additional information refer to the online help in section "Process visualization > Performance features > Engineering System". Unique object names The objects are clearly identified by the folders in which they are contained in WinCC flexible. Screen objects in groups are clearly identified by the group name. In WinCC, an object name must be unique within an HMI device. The name of screen objects must be unique within a screen. The uniqueness of the name is verified during migration. If a name is not unique according to the new rule, the object in question will be renamed. A renamed object will receive the suffix "#Mign", where "n" stands for a sequential number. Note Changed OPC DA server name If you have configured an OPC-DA server in the WinCC flexible project, the OPC-DA server is no longer available under the old name after migration. In the migrated project, change the name of the OPC-DA server to the following value for the OPC clients concerned: "OPC.SimaticHMI.CoRtHmiRTm". 196 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Points to note when renaming tags If you have structured tags in folders in WinCC flexible, the name of the tag will be formed during migration from the folder name and the tag name. The names of the folders and tags are separated by the character \. The name of the tag after migration is then, for example: Plant1\Line3\Tag17. If the name would otherwise be longer than 128 characters after migration, the name is formed by the character string #mig, a consecutive number, the character # and the tag name from WinCC flexible, for example #mig2#Tag17. If you dynamically compose tag names in scripts, you must check the tags whose names were changed during migration with "#mig". Affected objects The following objects are renamed if necessary: Screens Faceplates Screen objects Graphics Recipes Structures Structural elements Alarm logs Tags Data logs Connections Canceling migration The migration is canceled in the following cases: If the project to be migrated is opened in the engineering system or in Runtime. If not enough memory space is available on the hard disk to create a copy for migration of the project. If migration cannot address the project database due to problems with the installed SQL server. If migration cannot address the project database due to missing user authorization. If you select the "*.hmi" file for the migration in an integrated project. You must select the "*.s7" file for the migration in an integrated project. If the project was created with a version not supported by the migration. WinCC Advanced V14 System Manual, 10/2016 197 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Saving the project in the migration format You do not have to execute the migration of a WinCC flexible project completely on the PC on which the project is available. You can prepare the migration by saving the project in the migration format. The migration tool is available for saving a WinCC flexible project in the migration format. The migration tool exports the engineering data from the WinCC flexible project and saves the data in the migration format "*.AM13". For the actual migration, copy the data in the migration format to a PC on which the TIA Portal is installed. For more detailed information, please refer to the migration tool documentation. Migrating projects from WinCC flexible Introduction When you migrate a project, data from a WinCC flexible project is loaded into a new project for WinCC. A new project is therefore created automatically for project migration. You cannot migrate to an existing project. The migration can be started in both the Portal view and the Project view. You should only migrate a project to a re-started TIA Portal. Information on the migration of an integrated project can be found in the section Migration of integrated projects (WinCC flexible) (Page 225). If you only want to save the project in migration format, you can use the migration tool. See Migration principles (WinCC flexible) (Page 196) for additional information. Note Further support for migration You find current information on migration in the Siemens Industry Online Support: Migration of visualization If you need further assistance, please contact the SIMATIC Customer Support. Requirement A project from WinCC flexible is available. The project is not open in WinCC flexible. 198 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Procedure Migrate a project in the Portal view as follows: 1. Select the action "Start > Migrate Project". 2. In the "Source path" box, navigate to the project you want to migrate. 3. Select the WinCC flexible project file "*.hmi" or "*.am14". WinCC Advanced V14 System Manual, 10/2016 199 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 4. Change the information for the project to be created, if necessary. For example, change the project name or project path. The data to be migrated is created in the new project. 5. Click "Migrate". A new project is created and migration of the data is started: - The Project view opens. - The progress of the migration is shown in a migration window. - Warnings and errors about the migration process are displayed in the Inspector window under "Info > General". - All information about the migration is saved in a log file. - The project is saved and a message displayed upon completion of the migration. The message contains a link that you can use to open the log file. When migration is complete, you will find a newly created device for each migrated HMI device in the project tree. These devices contain the migrated data, such as screens, alarms and tags. Opening the migration log at a later point in time The migration log is saved together with the migrated project. You can view the log at a later point in time. Open the log file as follows: 1. Open the "Common data > Logs" folder in the project tree. It contains the logs of all previously performed migrations. 2. Double-click the required migration log. The log is opened. See also Migration (WinCC flexible) (Page 195) Migration of integrated projects (WinCC flexible) (Page 225) Migration principles (WinCC flexible) (Page 196) Compiling and loading a migrated project (WinCC flexible) Compiling a migrated project Once you have successfully migrated a WinCC flexible project, you need to recompile it before loading it to the HMI device. The project will only compile successfully if it was capable of errorfree compiling prior to migration. If errors occur during compilation of the migrated project, they have to be eliminated. Once compiling is successfully completed, load the project to the HMI device. Settings for download to the HMI device The settings for loading the HMI device are not included in the migration. Once you have migrated the project, you must configure the settings for loading. 200 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Select the HMI device in the project tree and select "Loading in device > Software (complete loading)" from the shortcut menu.The dialog "Advanced Loading" is opened. Configure the required settings for the interface. Click the "Load" button. The project is recompiled and the dialog "Load preview" is opened. Expand the "Overwrite" entry and verify the settings for the following options: Would you like to overwrite the existing user administration data from this device Would you like to overwrite the existing recipe data on HMI system Configure the options as you want to use them in the project in the future. Subsequently, load the project to the HMI device. See also Migration (WinCC flexible) (Page 195) 5.2.8.2 Migrating engineering data (WinCC flexible) HMI devices (WinCC flexible) Supported HMI devices Introduction When migrating projects from WinCC flexible you must bear in mind that WinCC does not support all HMI devices. You have to distinguish between the following cases: HMI device is supported by WinCC. The project is migrated 1:1 and gets the same HMI device after migration as before migration. The HMI device is replaced by a compatible successor model. The project is migrated. The migration replaces the HMI device with a compatible successor model. See HMI device change as a result of migration (WinCC flexible) (Page 204) for additional information. HMI device is not supported. If your WinCC flexible project contains an HMI device that is not supported by WinCC, the migration process is cancelled. To migrate the project, you must change the HMI device in WinCC flexible to a HMI device type supported by WinCC. The following HMI device types are supported both by WinCC flexible and WinCC: Basic Panels KTP400 Basic mono PN KTP400 Basic mono PN Portrait KTP600 Basic DP WinCC Advanced V14 System Manual, 10/2016 201 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project KTP600 Basic DP Portrait KTP600 Basic PN KTP600 Basic PN Portrait KTP600 Basic mono PN KTP600 Basic mono PN Portrait KTP1000 Basic DP KTP1000 Basic PN TP1500 Basic PN Mobile Panels Mobile Panel 177 6'' DP Mobile Panel 177 6'' PN Mobile Panel 277 8'' Mobile Panel 277 8'' IWLAN V2 Mobile Panel 277F 8'' IWLAN V2 Mobile Panel 277F 8'' IWLAN (RFID Tag) Mobile Panel 277 10'' Panels OP 73 OP 77A OP 77B OP 177B 6'' mono OP 177B 6'' color PN/DP TP 177B 4'' color PN/DP TP 177A TP 177A Portrait TP 177B 6'' mono DP TP 177B 6'' color PN/DP OP 277 6'' TP 277 6'' Multi Panels MP 177 6'' Touch MP 277 8'' Key 202 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project MP 277 8'' Touch MP 277 10'' Key MP 277 10'' Touch MP 377 12'' Key MP 377 12'' Touch MP 377 15'' Touch MP 377 15" Touch daylight readable MP 377 19'' Touch SINUMERIK PC OP 010 Key OP 012 Key OP 015 Key OP 015A Key TP 015A Touch+Key HMI applications WinCC flexible Runtime WinCC only supports the functions provided by these HMI device types. Other functions which are not migrated because of the restricted device selection are documented in the following sections. Adaptations before migration If the HMI device was changed to an HMI device with a different screen size in the project to be migrated, you must recompile and save the project in WinCC flexible before the migration. The compilation process will adjust the size of the screens and screen elements. See also Migration (WinCC flexible) (Page 195) HMI device change as a result of migration (WinCC flexible) (Page 204) Configuration change after HMI device change (WinCC flexible) (Page 206) Migration of connections (WinCC flexible) (Page 210) WinCC Advanced V14 System Manual, 10/2016 203 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project HMI device change as a result of migration (WinCC flexible) Introduction WinCC flexible supports some HMI devices which are discontinued in the future. These HMI devices are no longer supported by WinCC. When migrating a WinCC flexible project, an HMI device that is not supported is replaced by a compatible successor device. Only the HMI device type is changed during the migration. HMI device-specific data are not changed by the migration. Inconsistencies in the project may occur due to a change in the HMI device. In a project which was compilable before the migration, errors may occur in the project compilation after changing the HMI device. E.g. because the changed HMI device supports different memory media to the previous HMI device. HMI device change by the migration The following table provides information about which successors replace the HMI devices that are not supported. Unsupported HMI devices Successors C7-635 6" Key MP 177 6" Touch C7-635 6" Touch MP 177 6" Touch C7-636 6" Key MP 177 6" Touch C7-636 10" Touch MP 277 10" Touch HT 8 PCU50.3 -C (resolution: 640*480) Mobile Panel 170 6'' Mobile Panel 177 6'' DP Mobile Panel 277 8'' IWLAN Mobile Panel 277 8'' IWLAN V2 Mobile Panel 277F 8'' IWLAN Mobile Panel 277F 8'' IWLAN V2 OP010 Key PCU50.3B -C (resolution: 640*480) OP012 Key PCU50.3B -C (resolution: 800*600) OP015 Key PCU50.3B -C (resolution: 1024*768) OP 08T PCU50.3 -C (resolution: 640*480) OP 73micro OP 73 OP 170B 6'' mono OP 177B 6'' color PN/DP OP 270 6'' OP 277 6'' OP 270 10'' MP 277 10'' Key TP015A Touch Key PCU50.3B (resolution: 1024*768) TP 170A 6'' TP 177A 6'' TP 170B 6'' mono TP 177B 6'' color PN/DP TP 170B 6'' color TP 177B 6'' color PN/DP TP 170micro 6'' TP 177A TP 177micro 6'' TP 177A TP 270 6'' TP 277 6'' TP 270 10'' MP 277 10'' Touch MP 270 6'' Touch TP 277 6'' 204 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Unsupported HMI devices Successors MP 270 10'' Key MP 277 10'' Key MP 270 10'' Touch MP 277 10'' Touch MP 370 12'' Key MP 377 12'' Key MP 370 12'' Touch MP 377 12'' Touch MP 370 15'' Touch MP 377 15'' Touch PC 477 12'' Key PC 477B 12'' Key PB PC 477 12'' Touch PC 477B 12'' Touch PB PC 477 15'' Key PC 477B 15'' Key PB PC 477 15'' Touch PC 477B 15'' Touch PB PC 477 19'' Touch PC 477B 19'' Touch PB PC 577 12'' Key IPC 577C 12'' Key PB PC 577 12'' Touch IPC 577C 12'' Touch PB PC 577 15'' Key IPC 577C 15'' Key PB PC 577 15'' Touch IPC 577C 15'' Touch PB PC 577 19'' Touch IPC 577C 19'' Touch PB PC 670 10" Key HMI IPC677C 12" Key PB PC 670 12'' Key PC 677B 12'' Key PB PC 670 12'' Touch PC 677B 12'' Touch PB PC 670 15'' Key PC 677B 15'' Key PB PC 670 15'' Touch PC 677B 15'' Touch PB PC 677 12'' Key PC 677B 12'' Key PB PC 677 12'' Touch PC 677B 12'' Touch PB PC 677 15'' Key PC 677B 15'' Key PB PC 677 15'' Touch PC 677B 15'' Touch PB PC 677 17'' Touch PC 677B 17'' Touch PB PC 677 19'' Touch PC 677B 19'' Touch PB PC 870 12" Key HMI IPC677C 12" Key PB PC 870 15" Key HMI IPC677C 15" Key PB PC 870 15" Touch HMI IPC677C 15" Touch PB PC 877 12" Key HMI IPC677C 12" Key PB PC 877 15" Key HMI IPC677C 15" Key PB PC 877 15" Touch HMI IPC677C 15" Touch PB PC 877 19" Touch HMI IPC677C 19" Touch PB PC IL 70 12" Touch HMI IPC577C 12" Touch PB PC IL 70 15" Touch HMI IPC577C 15" Touch PB PC IL 77 12" Touch HMI IPC577C 12" Touch PB PC IL 77 15" Touch HMI IPC577C 15" Touch PB PC IL 77 19" Touch HMI IPC577C 19" Touch PB PC IL 77 12" Key HMI IPC577C 12" Key PB PC IL 77 15" Key HMI IPC577C 15" Key PB WinCC Advanced V14 System Manual, 10/2016 205 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Unsupported HMI devices Successors P012T Touch IPC 677C 12'' Touch PB (if a P350 is connected) P012T Touch IPC 477C 12'' Touch PB (if a P320 is connected) HMI device change by the user If a project contains an HMI device that is not supported by WinCC and no compatible successor model exists, the migration is cancelled. If you want to migrate the project, you must change the HMI device to WinCC yourself before the migration. Use an HMI device which is supported both by WinCC flexible and WinCC for this. See also Supported HMI devices (Page 201) Configuration change after HMI device change (WinCC flexible) Note If you migrate a project with embedded screens, this can result in the project file becoming larger than the old project file. HMI device replacement by the migration If the migration makes an HMI device replacement, it replaces the existing HMI device with a compatible successor model. The successor models are further developed and therefore more efficient than their predecessors. The new models therefore support all the properties of their predecessors. Therefore only a little rework is to be expected on the project due to the HMI device replacement. HMI device replacement by the user if you change an HMI device yourself before the migration, you must ensure that the HMI device used supports all properties which are used in the project. Compile the project after the HMI device replacement in WinCC flexible. The project must be perfectly compilable before the migration. Then migrate the project to WinCC. See also Supported HMI devices (Page 201) 206 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Object support during migration Introduction When migrating projects from WinCC flexible, all configuration data involving an HMI device supported by WinCC will be migrated. Basically, all object types and functions that are available and can be mapped to the new project environment will be fully migrated. Some global object types are not migrated, for example, dictionaries and global libraries. Supported object types The following object types are supported for migration: Animations Disabled animations are not migrated. Audit settings Audit reports Scheduler User administration Area pointers Faceplates Screens Screen template Data types Function lists Graphics lists Display and operating elements All display and operating elements that are available on the supported HMI devices are supported for migration. Alarms Alarm classes Alarm groups Project library Project languages Reports Recipes Runtime languages Runtime scripting Sm@rtAccess/Sm@rtService Structures WinCC Advanced V14 System Manual, 10/2016 207 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project System events System functions Texts Text lists Tags Connections Effective ranges Zones Cycles Unsupported object types The following object types are not supported by migration: Global libraries Dictionaries Project versions Change log Mapping of the screen navigation WinCC does not support the screen navigation from WinCC flexible. The data of the screen hierarchy from WinCC flexible are not migrated. To map the functionality of a screen navigation from WinCC flexible, the naivigation buttons are migrated to the button available in WinCC. The system functions migrated to the "ActivateScreen" system function are migrated to the "Click" event of the respective button. The following system functions used in WinCC flexible are not available for the screen navigation in WinCC: ActivateRootScreen ActivateLeftScreen ActivateRightScreen ActivateParentScreen ActivateFirstChildScreen These system functions are migrated to the "ActivateScreen" system function. The "Screen name" parameter is taken from the data of the screen hierarchy. If one of the named system functions is called from a screen which is not contained in the screen hierarchy, the "ActivateScreen" function is created without parameters. You must configure the desired screen to this system function after the migration. Tab sequence in pictures with faceplates In pictures with faceplates, the tab sequence is changed in both the screen and the faceplate as a result of the migration. 208 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of the screen template WinCC offers an extended concept for working with screen templates. WinCC offers a global screen and several templates for each device. During migration of a template from WinCC flexible, the objects contained there and the properties configured in the template are migrated to the extended concept of the screen templates of WinCC. The following objects are migrated to the "global screen" of WinCC: Alarm window Alarm indicator Help indicator Function keys of HMI devices with function keys All other objects and properties are migrated to a template of WinCC. The connection of the objects and properties to the respective template is automatically adapted. See also Changes of values of object properties by the migration (WinCC flexible) (Page 209) Changes of values of object properties by the migration (WinCC flexible) Introduction The standardization of object properties from WinCC V7 and WinCC flexible requires changes to the object properties during the migration process. The migration calculates the changes in such a way that the representation of the objects after migration is the same as prior to migration. Changes made during migration result in different units of measurements and values in the configuration for some object properties. Migrating the font settings of an object In WinCC V7 and WinCC flexible, the unit of measurement "point" is used to denote the size of the fonts used for an object. In WinCC, the unit of measurement "pixel" is used to denote the size of the fonts used for an object. During migration, the font size is converted accordingly to ensure that the representation of the font is the same size at zoom level 100%. Due to the different units of measurement, the numerical values for the font sizes change after migration. Example: WinCC Advanced V14 System Manual, 10/2016 Font style before migration Font style after migration Arial 10 points Arial 13 pixels Arial 16 points Arial 21 pixels Tahoma 10 points Tahoma 13 pixels Tahoma 16 points Tahoma 21 pixels 209 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of object margins In WinCC flexible, some objects permit the entry of values <0 and >127 for setup of the object margins for the configuration of the representation. In WinCC, the value range for object margins is limited to values between 0 and 127. Migration changes values <0 to "0" and values >127 to "127". See also Object support during migration (Page 207) Connections (WinCC flexible) Migration of connections (WinCC flexible) Introduction If you migrate a project in which a supported communication driver is used, this driver is used further in WinCC. Objects which communicate via this driver are migrated 1:1. No rework is necessary. Not all communication drivers which are available in WinCC flexible are supported in WinCC. If an unsupported driver is used in the project to be migrated, there are two possible scenarios: 1. A compatible spare driver is available for the used driver. 2. No compatible spare driver is available for the used driver. Compatible spare driver is available If a driver is available in WinCC which addresses the used PLC or a comptaible PLC, the driver is automatically replaced during the migration. You get an appropriate warning if the used driver is replaced. In this case, check whether all the external tags and area pointers are valid after the migration by means of the migration report. If the used driver is replaced, all the connection parameters are reset to the standard values. The CPU type is adapted to the appropriate PLC. The properties of the connected tags and area pointers are not changed. Compatible spare driver is not available If no driver is available in WinCC which addresses the used PLC or a compatible PLC, the configured connection is not migrated. All external tags which were connected to the PLC by this driver are converted into internal tags. External tag properties are lost in the conversion, e.g. the address in the PLC. All changes to the tags are recorded in the migration report. You must reconnect the tags with the PLC after the migration and configuring of a connection. You get an appropriate warning if the driver is not migrated. 210 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Converting the communication driver The following tables show the mapping of communication drivers from WinCC flexible to WinCC. Supported communication drivers WinCC flexible WinCC Allen Bradley DF1 Allen Bradley DF1 Mitsubishi FX Mitsubishi FX Modicon MODBUS Modicon MODBUS RTU Modicon MODBUS TCP/IP Modicon MODBUS TCP/IP Omron Hostlink/Multilink Omron HostLink OPC OPC SIMATIC HMI HTTP Protocol SIMATIC HMI HTTP Protocol SIMATIC S7 200 SIMATIC S7 200 SIMATIC S7 300/400 SIMATIC S7 300/400 Compatible communication drivers WinCC flexible WinCC Allen Bradley DH485 Allen Bradley DF1 Allen Bradley E/IP C.Logix Allen Bradley EtherNet/IP Mitsubishi Protocol 4 Mitsubishi MC TCP/IP Not supported communication drivers WinCC flexible WinCC GE Fanuc SNP Not supported ISAC Not supported LG GLOFA-GM Not supported SIMATIC 500/505 DP Not supported SIMATIC 500/505 serial Not supported SIMATIC S5 AS511 Not supported SIMATIC S5 DP Not supported Telemecanique Uni-Telway Not supported See also Migration (WinCC flexible) (Page 195) Supported HMI devices (Page 201) Adapting configuration for non-migrated connection (WinCC flexible) (Page 212) WinCC Advanced V14 System Manual, 10/2016 211 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of area pointers (WinCC flexible) (Page 213) Migration of tags (WinCC flexible) (Page 213) Adapting configuration for non-migrated connection (WinCC flexible) Introduction If a connection cannot be migrated you have the following options: Change the configuration in WinCC flexible before the migration Change the configuration after the migration Change a connection before the migration If the communication driver selected for the connection is not supported by the migration, you must select a driver which is supported by the migration. The HMI device must also support the selected communication driver. If no suitable driver is available for the used HMI device, you must use a suitable HMI device. Then adapt the configuration in WinCC flexible and recompile the project. Migrate the project after successful adaptation and compiling. The connection is then also migrated. Changing a connection before the migration If you migrate a WinCC flexible project in which the connection is not migrated, all external tags of this connection are mapped to internal tags. You receive an appropriate entry in the migration protocol for every tag concerned. You must configure a new connection after the migration. For this connection you select a communication driver which supports the used HMI device. If no suitable driver is available for the used HMI device, you must use a suitable HMI device. If you have configured the new connection, you must reconnect all tags which were mapped to internal tags before the migration. Open the migration report to make reconfiguration easier. Reconfigure the tags according to the log entry. If the project contained area pointers, you must also reconfigure these. You will also find corresponding entries for the area pointers in the migration log. See the section Migrating projects from WinCC flexible (Page 198) for further information about the migration log. See also Migrating projects from WinCC flexible (Page 198) Migration of connections (WinCC flexible) (Page 210) 212 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of area pointers (WinCC flexible) Introduction The migration of area pointers depends on the used communication driver. If the used communication driver is supported by the migration, area pointers from WinCC flexible are taken over unchanged in the migration. if the used communication driver is not supported by the migration, area pointers are not migrated. Migration of the area pointers If the connection used by the area pointers is fully migrated, the area pointers are also fully migrated. The parameters of the area pointers are taken over unchanged. If you replace the communication driver of the connection before the migration, check whether all the parameters of the area pointers are still valid after the migration. If the connection used by the area pointer is not migrated, the area pointers are not migrated either. See Adapting configuration for non-migrated connection (WinCC flexible) (Page 212) for additional information. See also Adapting configuration for non-migrated connection (WinCC flexible) (Page 212) Migration of connections (WinCC flexible) (Page 210) Migration of tags (WinCC flexible) Introduction You need to make some special considerations when migrating tags. The following aspects should be distinguished: Migrating data types of tags Migrating internal tags Migrating external tags Tag names Tag limits Migrating data types WinCC features some other data types and uses different data type names than WinCC flexible. When migrating a relevant tag, the data type from WinCC flexible is mapped to the corresponding data type in WinCC. See Migration of data types (WinCC flexible) (Page 229) for additional information. WinCC Advanced V14 System Manual, 10/2016 213 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating internal tags Internal tags are always migrated completely. Only the data type names and tag names may change due to migration. Migrating external tags If the connection used by the external tags is migrated, the external tags are also fully migrated. The migration of external tags depends on whether the used communication driver is supported by the migration. See Migration of connections (WinCC flexible) (Page 210) for additional information. If the connection used by the external tags is not migrated, the external tags are not migrated either. The external tags are then mapped to internal tags. You must configure a new connection and reconnect the tags with the tags of the PLC after the migration. Migrating names of tags In WinCC flexible, tags located in different folders can have the same name. In WinCC, the tag name must be unique on the configured HMI device. This means that tags with the same name from different folders will be renamed during migration. See Migration principles (WinCC flexible) (Page 196) for additional information. See also Migration of data types (WinCC flexible) (Page 229) Migration of connections (WinCC flexible) (Page 210) Migration principles (WinCC flexible) (Page 196) Migration (WinCC flexible) (Page 195) Migration of alarm classes and alarm groups (WinCC flexible) (Page 215) Migrating scripts (Page 218) Migration of language-specific content (WinCC flexible) (Page 219) Migration of libraries (WinCC flexible) (Page 221) Migration of structures The "StringChar" data type is not supported in HMI user data types in WinCC. If you have used this data type in a structure in a WinCC flexible project, an invalid element is created by the migration in the HMI user data type. After migration , you must re-work this user data type in WinCC and enable the user data type. At the same time, check the offset of the following elements and any existing interconnections between a faceplate and the elements of the user data type. Adapt the elements if required. 214 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of logs Storage location of logs WinCC flexible allowed you to store logs in a database which was automatically set up upon WinCC flexible installation ("System-defined data source" setting). This option is not available in WinCC. If you have used this setting in your WinCC flexible project, it will be changed to "User-defined name of data source" during migration. Before you can store logs in a database, you must configure an ODBC data source in the Windows control panel and configure the name of the user data source specified there as the "name of the data source" in the log in WinCC. Migration of alarm classes and alarm groups (WinCC flexible) Changing the names of alarm classes In contrast to WinCC flexible, the names of the predefined alarm classes are not dependent on the user interface language currently in use. During migration, the names of the alarm classes are assigned as follows: WinCC flexible WinCC Error Alarms System System Warnings Events The names of the alarm classes can be changed as necessary after migration. Migrating alarm groups Migration will migrate only those alarm groups actually in use. Alarm groups with an ID from 1-31 will be migrated 1:1. A corresponding alarm group is created in WinCC for each alarm class in the system. These alarm groups created by the system are assigned IDs beginning with the number 32 and consecutively incremented. The 4 pre-defined message classes in every WinCC project are automatically given IDs 32-35 by their alarm groups. Additionally created alarm group and an additional ID is assigned to each user-defined alarm class. Therefore, the IDs for alarms groups with IDs > 31 may be changed after migration. This step also changes the assignment of the alarm group names to the IDs. Example: In the example, you can see the assignment of the IDs in WinCC for the migration. Alarm groups ID in WinCC flexible ID in WinCC Alarm group 1-16 1-16 1-16 Default for alarm groups from system alarms Alarm group 17-31 17-31 17-31 Custom alarm groups WinCC Advanced V14 System Manual, 10/2016 215 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Alarm groups ID in WinCC flexible ID in WinCC 32-35 Default in WinCC for alarm groups of pre defined alarm classes. Alarm group 32 32 36 Changed assignment of ID to alarm group in WinCC Alarm group 33 33 37 Changed assignment of ID to alarm group in WinCC Also note: When migrating alarm groups that supposedly have the same group name, the migration adapts the name. This occurs, for example, when a group name contains a space at the end of the name. The migration deletes all existing spaces at the end of names. If two groups obtained the same group names due to this deletion, the migration adds the suffix "# Mign" to the group name of the following alarm groups, where "n" stands for a sequential number. Example: The following alarm groups exist in WinCC flexible: "AlarmGroup_18" "AlarmGroup_18 " - group name contains one space "AlarmGroup_18 " - group name contains two spaces "AlarmGroup_18" is the alarm group with the highest number. Result after migration: "AlarmGroup_18" "AlarmGroup_18#Mig1" "AlarmGroup_18#Mig1.1" Changing the names of alarm classes In contrast to WinCC flexible, the names of the predefined alarm classes are not dependent on the user interface language currently in use. During migration, the names of the alarm classes are assigned as follows: WinCC flexible WinCC Error Errors System System Warnings Warnings The names of the alarm classes can be changed as necessary after migration. Display of ALARM_S messages and SIMATIC SFM messages In WinCC flexible you can activate the display classes for ALARM_S messages in integrated projects. In WinCC flexible, you activate the display of SIMATIC SFM messages via a separate setting. The separate setting for activating the display of SIMATIC SFM messages is not required in WinCC. You control the display of SIMATIC SFM messages, and also the display of ALARM_S messages in WinCC only by activating the corresponding display class. 216 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project The changed concept may cause the display of messages to change following migration. If all the display classes for ALARM_S messages are activated and the display of SIMATIC SFM messages is deactivated in the WinCC flexible project , ALARM_S messages and SIMATIC SFM messages are displayed following migration. To ensure that only ALARM_S messages are displayed following migration, you have to assign the SIMATIC SFM messages to an unused display class after migration to STEP 7. You then have to deactivate this display class in WinCC. If all the display classes for ALARM_S messages are deactivated and the display of SIMATIC SFM messages is activated in the WinCC flexible project , ALARM_S messages and SIMATIC SFM messages are not displayed following migration. To ensure that only SIMATIC SFM messages are displayed following migration, you have to assign the SIMATIC SFM messages to an unused display class after migration to STEP 7. You then have to activate this display class in WinCC. The display class is dependent on the settings in STEP 7. The default setting for SIMATIC SFM messages in Step 7 is the display class "0". To activate the display in WinCC, the display class "0" must be activated. You activate the display class in WinCC in the Runtime settings of the respective HMI device in the "Messages" category. See also Migration of tags (WinCC flexible) (Page 213) WinCC Advanced V14 System Manual, 10/2016 217 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating scripts Introduction The migration supports VB-scripts which were created in WinCC flexible. For a VB-script to be migrated successfully it must be functionable in WinCC flexible first. Note Script errors The most efficient way to locate scripting errors in the course of the initial test run after migration is to use an installed Script Debugger and the diagnostics controls. Migration of a VB script A script is analyzed in the migration and adapted to the system behavior of WinCC if necessary. The following is adapted: System functions which have changed their names are renamed. This concerns the following system functions: 218 Function name in WinCC flexible Function name in WinCC IncreaseValue IncreaseTag DecreaseValue DecreaseTag SetBrightness SetAndGetBrightness SetValue SetTag WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project The access to tags as parameters of system functions is adapted to the system behavior of WinCC. In WinCC scripts are no longer transfromed as in WinCC flexible. The scripts are executed directly as a source code. Therefore the stricter rules for the VBS syntax apply. A tag call is always migrated with inverted commas. If several parameter types are allowed for a system function, these are migrated with the keyword "SmartTags". Example 1: The value of the "temperature" tag should be incremented by the value "1". Valid expressions in WinCC flexible: IncreaseValue temperature, 1 IncreaseValue "temperature", 1 IncreaseValue SmartTags("temperature"), 1 Valid expression in WinCC: IncreaseTag "temperature", 1 Example 2: You use a system function on which several parameters are allowed. The value of the "temperature" tag should be incremented by the value of the "heatcontrol" tag. Valid expression for WinCC flexible: IncreaseValue "temperature", "heatcontrol" Valid expression for WinCC: IncreaseTag "temperature", SmartTags("heatcontrol") Objects renamed by the migration are also renamed in the script when using in a script. See the section AUTOHOTSPOT for further information about the renaming objects. You only have to observe the following rules when renaming objects: If you address objects whose names are dynamically generated by the script with the help of a script, the object names in the script can not be automatically changed by the migration. In such a case, you have to correct the generation of the object names in the script after migration. See also Migration of tags (WinCC flexible) (Page 213) Migration of language-specific content (WinCC flexible) Introduction WinCC offers the same options for configuring projects in different languages as those available in WinCC flexible. All languages supported by WinCC are included in the migration of a project. Migrating language-dependent content The following language-dependent content is migrated: Project languages Project texts WinCC Advanced V14 System Manual, 10/2016 219 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Fonts for display in runtime Language-dependent graphics You need to consider the following when migrating language-dependent content: The operating system on the PC performing the migration must support the project languages used in the project. The fonts used for runtime display must be installed on the PC performing the migration. Dictionaries are not supported by the migration. Editiing language of integrated projects following migration During migration of an integrated project, the project components to be migrated from STEP 7 and WinCC flexible also bring their respective settings for the editing language. In WinCC there is only one editing language for all project components. Migration activates for the mgrated project the editing language which was set in STEP 7 prior to migration. If this setting is not the same as the setting from WinCC flexible, the configured texts are no longer visible in WinCC. No text is displayed at the usage locations, or only the entry "Text" can be seen. To make the texts visible, you must change the editing language. Click the "Tasks" taskcard at the right-hand edge of the TIA portal and select the correct editing language in the "Language & Resources" area. 220 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Unsupported languages The migration of language-dependent content depends on whether or not WinCC supports the respective language. If a project only contains project languages not supported by WinCC, the project will not be migrated. If a project contains supported and unsupported project languages, only the supported languages will be migrated. The editing language and reference language are set to a supported language. The following languages are not supported by WinCC: Arabic Hebrew Dhivehi Gujarati Kannada Tamil Telugu Urdu Punjabi Persian Syrian See also Migration of tags (WinCC flexible) (Page 213) Migration of libraries (WinCC flexible) Introduction You need to consider two different cases when migrating from libraries: 1. Migrating a project library 2. Migrating a global library Migrating a project library A project library is stored together with the project data in the project file. For this reason, a project library is migrated with the same restrictions as the project data. WinCC Advanced V14 System Manual, 10/2016 221 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating a global library Global libraries are not supported by the migration. The library objects used in the project will be migrated, however. The library objects are copied when used in the project and then no longer have a connection to the library. To migrate a global library, you must copy or move the objects contained in the library to the project library. The objects are then included in the migration. In WinCC, you move the migrated objects to a new global library that is created. You can copy or move both individual objects or entire library categories. See also Migration of tags (WinCC flexible) (Page 213) 5.2.8.3 Migrating runtime data (WinCC flexible) Migration of runtime data (WinCC flexible) Introduction Only the configuration data are migrated by the migration when migrating a project. The runtime data are not affected. You need to update the runtime data following migration. The runtime data consists of the following: Runtime project The runtime project contains the compiled project data. Recipe data and user administration The recipe data and user administration are data that can be changed in runtime. Log data The data of tag logs and alarm logs are acquired and logged in runtime. Migrating recipe data and user administration If the recipe data and user administration were changed in runtime, you need to back up this information from the HMI device before you load the migrated project. Depending on the used HMI device, you have different options for saving the above data. If the HMI device supports external memory media and the recipe data are saved there, the data remain on the memory medium. External memory media are for example StorageCard or a network drive. You use the data again after the migration. The user adminsitration is not saved on an external memory medium so you have to save these data, e.g. with ProSave. If the recipe data are saved in the internal memory of the HMI device, save these data on an external memory medium. Use ProSave to save the recipe data. If you have already configured 222 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project appropriate system functions in your project, use the system functions. The following system functions are available for the recipe data: "ExportDataRecords" for the backup "ImportDataRecords" for the restore You update the runtime project by compiling the project in WinCC again and loading it to the HMI device. After you have loaded the migrated project on the HMI device, restore the recipe data and the user administration to the HMI device. See also Migration (WinCC flexible) (Page 195) Backing up recipe data and user administration (WinCC flexible) (Page 223) Restoring recipe data and user administration (WinCC flexible) (Page 224) Backing up recipe data and user administration (WinCC flexible) Introduction To continue using the recipe data and user administration in a migrated project, you first need to back up this data from the HMI device. Then load the data into the migrated WinCC project. Use ProSave to back up the data. Requirement The WinCC flexible project is running on the HMI device in Runtime. The HMI device is connected to a PC on which ProSave is installed. Procedure Proceed as follows to back up the recipe data and user administration: 1. Start ProSave. 2. Select the device type and the connection parameters in the "General" tab. 3. Open the "Backup" tab. 4. Select the "Recipes from the device memory" entry in the "Data type" box. Do not select "Complete backup" because otherwise you will not be able to select separately when restoring the recipe data. 5. Navigate to the desired location in the "Save as" box and click "Start Backup". The recipe data are saved. 6. Select "User administration" in the "Data type" box and click "Start Backup". The user administration is saved. For additional information refer to the online help for ProSave. WinCC Advanced V14 System Manual, 10/2016 223 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Alternative procedure ProSave is automatically installed with WinCC flexible. The entire functional range of ProSave is available on the configuration PC within WinCC flexible via the menu command "Project > Transfer". Alternatively, you can back up the recipe data and user administration via the ProSave integrated in WinCC flexible. Start WinCC flexible and select the menu command "Project > Transfer > Backup". Back up the recipe data and user administration as described in steps 4-6. See also Migration of runtime data (WinCC flexible) (Page 222) Restoring recipe data and user administration (WinCC flexible) Introduction To continue using saved recipe data and user administration after the migration, you first need to compile the migrated project and load it to the HMI device. You can then transfer the saved data to the HMI device. Use ProSave to restore the data. Requirement The migrated project has been transferred to the HMI device and is running in runtime. The HMI device is connected to a PC on which ProSave is installed. Procedure Proceed as follows to load the saved recipe data and user administration to the HMI device: 1. Start ProSave. 2. Select the device type and the connection parameters in the "General" tab. 3. Open the "Restore" tab. 4. Navigate to the location of the saved recipe data in the "Opening..." box and select the file. 5. Click "Start Restore". The recipe data will be transferred to the HMI device.. 6. Repeat steps 4-5 to restore the user administration. The user administration will be transferred to the HMI device. For additional information refer to the online help for ProSave. Alternative procedure ProSave is automatically installed with WinCC. The entire functional range of ProSave is available on the configuration PC within WinCC flexible via the menu command "Project > Transfer". 224 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project You can also restore the recipe data and user administration via the ProSave integrated in WinCC. Start WinCC and select the menu command "Online > Device maintenance > Restore". Restore the recipe data and user administration as described in steps 4-6. See also Migration of runtime data (WinCC flexible) (Page 222) Backing up log data (WinCC flexible) Introduction If an HMI device supports external memory media and the log data are saved there, the data remain on the memory medium. External memory media are for example StorageCard or a network drive. If a log is saved on an external memory medium, the migrated project accesses this storage location again after the migration. In this case the log data must not be backed up. Backing up log data If you want to back up the log data externally before the migration, you have the following options: Backup with the "ArchiveLogFile". If you have already configured the "ArchiveLogFile" function in the WinCC flexible project, use this function to back up the data. Copy the log files by Copy&Paste with the Windows Explorer to an external memory medium or network drive. See also Migration of runtime data (WinCC flexible) (Page 222) 5.2.8.4 Migrating integrated projects (WinCC flexible) Migration of integrated projects (WinCC flexible) Introduction The controllers and HMI devices contained in a project integrated in STEP 7 are linked together by the configuration. The configuration data of WinCC flexible and STEP 7 are also connected. When an integrated project is migrated, the complete project will be migrated with components from WinCC flexible and STEP 7. The connections remain intact. WinCC Advanced V14 System Manual, 10/2016 225 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Note It is advisable to compile and save an integrated project in WinCC flexible before you migrate it. You can be sure that the data in WinCC flexible and STEP 7 is synchronized if compilation was completed without errors. Migrating an integrated project When migrating an integrated project, the same requirements apply for the WinCC flexible component as those for the migration of a non-integrated WinCC flexible project. The objects and properties contained in the WinCC flexible component must be supported by WinCC, for example, the HMI device or the communication driver. The "Online" property must be activated on the configured connection. A connection with deactivated "Online" property is not migrated. In addition to the requirements for the WinCC flexible component, there are also requirements for the STEP 7 component of the integrated project. The objects and properties contained in the STEP 7 V5.4 SP5 or V5.5 component must be supported in STEP 7. For detailed information, refer to the documentation for STEP 7. To fully migrate an integrated project and then edit it, the following components must be installed on the PC performing the migration: STEP 7 V5.4 SP5 or STEP 7 V5.5 WinCC flexible 2008 SP2 or WinCC flexible 2008 SP3 STEP 7 If you only want to save the project in migration format, you can use the migration tool. See Migration principles (WinCC flexible) (Page 196) for additional information. An integrated project is always fully migrated. If you only want to migrate the WinCC flexible project it contains, you need to separate it from the STEP 7 project before the migration. To separate the project from the integrated form, open the project in STEP 7 V5.4 SP5 or V5.5. Open the WinCC flexible project in the SIMATIC Manager. The project is opened with WinCC flexible. In WinCC flexible, select the menu command "Project > Copy project from STEP 7". WinCC flexible saves a non-integrated copy of the project. See also Migration (WinCC flexible) (Page 195) Migrating an integrated project (Page 227) Migration principles (WinCC flexible) (Page 196) 226 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating an integrated project Introduction When migrating an integrated project, the components from both the WinCC flexible project and the STEP 7 project will be migrated. This means you need to select the project file with the file extension "*.s7p" for migration. During migration, the data is copied from the existing project and migrated to a new project. You cannot migrate to an existing project. The migration can be started in both the Portal view and the Project view. You should only migrate a project to a re-started TIA Portal. If you only want to save the project in migration format, you can use the migration tool. For more information, refer to basics of migration (WinCC flexible). Requirement STEP 7 V5.4 SP5 or STEP 7 V5.5 and all option packages used are installed. STEP 7 and all option packages used are installed. The TIA Portal is restarted. No project is open in WinCC. An integrated project is available. The integrated project is not open. WinCC Advanced V14 System Manual, 10/2016 227 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Procedure To migrate an integrated project in the portal view, follow these steps: 1. Select the action "Start > Migrate Project". 2. In the "Source path" box, navigate to the project you want to migrate. 3. Select the "*.s7p" project file. 4. Change the information for the project to be created, if necessary. For example, change the project name or project path. The data to be migrated is created in the new project. 5. To migrate the project with the hardware configuration, enable "Include hardware configuration". 228 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 6. Click "Migrate". A new project is created and migration of the data is started: - The Project view opens. - The progress of the migration is shown in a migration window. - Warnings and errors about the migration process are displayed in the Inspector window under "Info > General". - All information about the migration is saved in a log file. - A message is displayed upon completion of the migration. The message contains a link that you can use to open the log file. 7. Once migration is completed, save the project. Once the migration is complete, you will find a newly created device for each migrated HMI device and controller in the project tree. These devices include the migrated data. Note Integrated projects with alarm views The alarm classes in the alarm view can be disabled during migration of the project. Once migration of the project is complete, check the settings in the alarm view. Enable the required alarm classes in the Inspector window of the alarm view if needed under "Properties > General". Opening the migration log at a later point in time The migration log is saved together with the migrated project. You can view the log at a later point in time. Open the log file as follows: 1. Open "Common data > Logs" in the project navigation. 2. Double-click the log file. The migration log opens. See also Migration of integrated projects (WinCC flexible) (Page 225) Migration principles (WinCC flexible) (Page 196) 5.2.8.5 Reference (WinCC flexible) Migration of data types (WinCC flexible) Introduction To harmonize the data types used by PLCs and HMI systems, some data types of the internal HMI tags are renamed. The naming takes place in accordance with IEC conventions. Because only the names change, there are no changes to the internal tags for the configuration. WinCC Advanced V14 System Manual, 10/2016 229 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project The following table describes the mapping of the internal data types from WinCC flexible to the data types in WinCC. Migrating internal data types The internal data types are mapped as follows during migration: Internal data types WinCC flexible Internal data types WinCC Bool Bool Char SInt Byte USInt Int Int UInt UInt Long DInt ULong UDInt Float Real Double LReal String WString DateTime DateTime Migrating external data types See the following pages for how to map the available communication drivers. See also Migrating data types of Allen-Bradley DF1 (WinCC flexible) (Page 231) Migrating data types of Allen-Bradley DH485 (WinCC flexible) (Page 231) Migrating data types of Allen-Bradley Ethernet IP (WinCC flexible) (Page 232) Migrating data types of GE Fanuc SNP (WinCC flexible) (Page 232) Migrating data types of LG GLOFA GM (WinCC flexible) (Page 233) Migrating data types of Mitsubishi FX (WinCC flexible) (Page 233) Migrating data types of Mitsubishi Protocol 4 (WinCC flexible) (Page 234) Migrating data types of Modicon Modbus (WinCC flexible) (Page 235) Migrating data types of Modicon Modbus TCP/IP (WinCC flexible) (Page 235) Migrating data types of Omron Hostlink/Multilink (WinCC flexible) (Page 236) Migrating data types of OPC (WinCC flexible) (Page 236) Migrating data types of SIMATIC 500/505 DP (WinCC flexible) (Page 237) Migrating data types of SIMATIC 500/505 serial (WinCC flexible) (Page 237) Migrating data types of SIMATIC HMI HTTP Protocol (WinCC flexible) (Page 238) Migrating data types of SIMATIC S5 AS511 (WinCC flexible) (Page 238) 230 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of SIMATIC S5 DP (WinCC flexible) (Page 239) Migrating data types of SIMATIC S7 200 (WinCC flexible) (Page 239) Migrating data types of SIMATIC S7 300/400 (WinCC flexible) (Page 240) Migrating data types of Telemecanique Uni-Telway (WinCC flexible) (Page 243) Migrating data types of Allen-Bradley DF1 (WinCC flexible) Migrating data types Allen-Bradley DF1 The data types of the Allen-Bradley DF1 communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC ASCII ASCII BCD4 UInt BCD8 UDInt Bit Bool Int Int Long DInt Real Real UInt UInt ULong UDInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of Allen-Bradley DH485 (WinCC flexible) Migrating data types Allen-Bradley DH485 The Allen-Bradley DH485 communication driver is not supported by WinCC, it is replaced by the Allen-Bradley DF1 driver. The data types of the Allen-Bradley DH485 communication driver are mapped as follows in the migration to WinCC: WinCC Advanced V14 System Manual, 10/2016 Data type in WinCC flexible Data type in WinCC ASCII ASCII Bit Bool Int Int Long DInt Real Real UInt UInt ULong UDInt 231 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of Allen-Bradley Ethernet IP (WinCC flexible) Migrating data types Allen-Bradley Ethernet IP The data types of the Allen-Bradley Ethernet IP communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bool Bool DInt DInt Int Int Real Real SInt SInt String String UDInt UDInt UInt UInt USInt USInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of GE Fanuc SNP (WinCC flexible) Migrating data types GE Fanuc SNP The GE Fanuc SNP communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the GE Fanuc SNP communication driver are mapped as follows in the migration to WinCC: 232 Data type in WinCC flexible Data type in WinCC BCD4 UInt BCD8 UDInt Bit Bool Byte USInt DInt DInt Word UInt Int Int Real Real UInt UInt DWord UDInt WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of LG GLOFA GM (WinCC flexible) Migrating data types LG GLOFA GM The LG GLOFA GM communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the LG GLOFA GM communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bool Bool Byte USInt DInt DInt DWord UDInt Int Int SInt SInt String WString Time UDInt UDInt UDInt UInt UInt USInt USInt Word UInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of Mitsubishi FX (WinCC flexible) Migrating data types Mitsubishi FX The data types of the Mitsubishi FX communication driver are mapped as follows in the migration to WinCC: WinCC Advanced V14 System Manual, 10/2016 Data type in WinCC flexible Data type in WinCC 12 Bit Block 12-Bit Block 16 Bit Block 16-Bit Block 20 Bit Block 20-Bit Block 24 Bit Block 24-Bit Block 28 Bit Block 28-Bit Block 32 Bit Block 32-Bit Block 4 Bit Block 4-Bit Block 233 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Data type in WinCC flexible Data type in WinCC 8 Bit Block 8-Bit Block Bit Bool Double DWord IEEE-Float Real String String Word Word See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of Mitsubishi Protocol 4 (WinCC flexible) Migrating data types Mitsubishi Protocol 4 The Mitsubishi Protocol 4 communication driver is not supported by WinCC, it is replaced by the Mitsubishi MC TCP/IP driver. The data types of the Mitsubishi Protocol 4 communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC 4 Bit Block 4-Bit Block 8 Bit Block 8-Bit Block 12 Bit Block 12-Bit Block 16 Bit Block 16-Bit Block 20 Bit Block 20-Bit Block 24 Bit Block 24-Bit Block 28 Bit Block 28-Bit Block 32 Bit Block 32-Bit Block Bit Bool DInt DInt DWord DWord Int Int Real Real String String Word Word See also Migration of data types (WinCC flexible) (Page 229) 234 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of Modicon Modbus (WinCC flexible) Migrating data types Modicon Modbus The Modicon Modbus communication driver is not supported by WinCC, it is replaced by the Modicon Modbus RTU driver. The data types of the Modicon Modbus communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-Double +/- Double +/-Int +/- Int 16 Bit Group 16 Bit Group ASCII ASCII Bit Bit Double Double Float Float Int Int See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of Modicon Modbus TCP/IP (WinCC flexible) Migrating data types Modicon Modbus TCP/IP The data types of the Modicon Modbus TCP/IP communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-Double +/- Double +/-Int +/- Int 16 Bit Group 16 Bit Group ASCII ASCII Bit Bit Double Double Float Float Int Int See also Migration of data types (WinCC flexible) (Page 229) WinCC Advanced V14 System Manual, 10/2016 235 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of Omron Hostlink/Multilink (WinCC flexible) Migrating data types Omron Hostlink/Multilink The Omron Hostlink/Multilink communication driver is not supported by WinCC, it is replaced by the Omron Host Link driver. The data types of the Omron Hostlink/Multilink communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-DEC Int +/-LDEC DInt ASCII String BIN Bool BYTE Byte DEC UInt IEEE Real LDEC UDInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of OPC (WinCC flexible) Migrating data types OPC The data types of the OPC communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bool VT_BOOL Byte VT_UI1 Char VT_I1 Date VT_DATE Double VT_R8 DWord VT_UI4 Float VT_R4 Long VT_I4 Short VT_I2 String VT_BSTR Word VT_UI2 See also Migration of data types (WinCC flexible) (Page 229) 236 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of SIMATIC 500/505 DP (WinCC flexible) Migrating data types SIMATIC 500/505 DP The SIMATIC 500/505 DP communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the SIMATIC 500/505 DP communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-Double DInt +/-Int Int ASCII WString Bit Bool Double UDInt Int UInt Real Real See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of SIMATIC 500/505 serial (WinCC flexible) Migrating data types SIMATIC 500/505 seriell The SIMATIC 500/505 seriell communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the SIMATIC 500/505 seriell communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-Double DInt +/-Int Int ASCII WString Bit Bool Double UDInt Int UInt Real Real See also Migration of data types (WinCC flexible) (Page 229) WinCC Advanced V14 System Manual, 10/2016 237 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of SIMATIC HMI HTTP Protocol (WinCC flexible) Migrating data types SIMATIC HMI HTTP Protocol The data types of the SIMATIC HMI HTTP Protocol communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bool Bool Byte USInt Char SInt DateTime DateTime Double LReal Float Real Int Int Long DInt String WString UInt UInt ULong UDInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of SIMATIC S5 AS511 (WinCC flexible) Migrating data types SIMATIC S5 AS511 The SIMATIC S5 AS511 communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the SIMATIC S5 AS511 communication driver are mapped as follows in the migration to WinCC: 238 Data type in WinCC flexible Data type in WinCC Bit in D Bool Bit in W Bool DF DInt DH UDInt KC WString KF Int KG Real KH UInt KM UInt KT UDInt KY UInt KZ UInt WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of SIMATIC S5 DP (WinCC flexible) Migrating data types SIMATIC S5 DP The SIMATIC S5 DP communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the SIMATIC S5 DP communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bit in D Bool Bit in W Bool DF DInt DH UDInt KC WString KF Int KG Real KH UInt KM UInt KT UDInt KY UInt KZ UInt See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of SIMATIC S7 200 (WinCC flexible) Migrating data types SIMATIC S7 200 The data types of the SIMATIC S7 200 communication driver are mapped as follows in the migration to WinCC: WinCC Advanced V14 System Manual, 10/2016 Data type in WinCC flexible Data type in WinCC Bool Bool Byte Byte Char Char DInt DInt DWord DWord Int Int Real Real 239 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Data type in WinCC flexible Data type in WinCC StringChar StringChar Timer Timer Word Word See also Migration of data types (WinCC flexible) (Page 229) Migrating data types of SIMATIC S7 300/400 (WinCC flexible) Migrating data types SIMATIC S7 300/400 The data types of the SIMATIC S7 300/400 communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC Bool Bool Byte Byte Char see below Counter see below Date Date Date and Time Date_And_Time DInt DInt DWord DWord Int Int Real Real String String StringChar see below Time Time Time of Day Time_Of_Day Timer see below Word Word Special considerations for some data types There are special considerations to be made when migrating external tags that contain data types of a SIMATIC S7-300/400 PLC. Mapping of the S7 data type "Char" The S7 data type "Char" is a data type for mapping characters according to the specification. However, since this data type is often used for reading and writing numerical values, it is mapped in WinCC to the S7 data type "Byte". If this should be the case during migration, an alarm will appear in the output window. 240 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project If the S7 data type "Char" is used for numerical values and negative numbers were configured at the point of use, the result is an error in mapping to the S7 data type "Byte". The S7 data type "Byte" cannot map any negative numbers. You have to adapt the configuration accordingly to correct the error. Use a signed data type, such as the data type "Int", for processing positive and negative numerical values. If the S7 data type "Char" is used for mapping characters, you must change the configuration after migration. To represent characters, use the data type "String". When an integrated project is migrated, the data type "Char" in WinCC is also migrated to the data type "Byte". With a connected PLC tag, the data type "Char" remains "Char". As a result of changing the data type of the HMI tag, symbolic addressing of the tags in question is not migrated. After migration. the tags are interconnected by absolute addresses and continue to work. If you want to restore symbolic addressing, you have to change the configuration accordingly after the migration. Mapping an array of the S7 data type "Char" An array of the S7 data type "Char" is mapped to an array of the data type "Byte" during migration. If an array of the S7 data type "Char" is used for numerical values and negative numbers were configured at the point of use, the result is an error in mapping to an array of the S7 data type "Byte". The S7 data type "Byte" cannot map any negative numbers. You have to adapt the configuration accordingly to correct the error. Use a signed data type, such as the data type "Int", for processing positive and negative numerical values. Mapping of the S7 data type "Counter" An external tag with the S7 data type "Counter" with counter address is mapped to the S7 data type "Counter". The address will be retained. If an external tag with the S7 data type "Counter" addresses a data block or a bit memory address, it is is mapped to the S7 data type "Word". The address will be retained. The migration sets the coding to "SimaticBCDCounter". The S7 data type "Counter" has a value range of 0-999. When supplied by the S7 data type "Word" the value range may be exceeded on the PLC side. Ensure that you are observing the value range. Example: WinCC flexible WinCC Advanced V14 System Manual, 10/2016 Tag S7 data type Address Comment Counter_Actual_Value Counter C10 BCD coded counter value Counter_Setpoint_Value Counter DB10.DBW200 BCD coded counter value Counter_Setpoint_Value#2 Counter MW20 BCD coded counter value 241 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project WinCC Tag S7 data type Address Coding Comment Counter_Actual_Value Counter %C10 <Standard> BCD coded counter value Counter_Setpoint_Value Word %DB10.%DB W200 SimaticBCDCounter BCD coded counter value Counter_Setpoint_Value#2 Word %MW20 SimaticBCDCounter BCD coded counter value Mapping of the data type "StringChar" In WinCC there is no corresponding data type to which the "StringChar" data type can be mapped. Mapping in WinCC depends on the property "Length" of the S7 data type. A tag of the "StringChar" data type with the "Length" property > 1 is migrated to an array of the S7 data type "Char". The length of the array corresponds to the length of the originally configured data type "StringChar". If the property "Length" = 1, the data type in WinCC is migrated to an array of the S7 data type "Char" with length = 1. The expression for an array with an element is "Array[0 ..0] of Char". Mapping of the S7 data type "Timer" An external tag with the S7 data type "Timer" with timer address is mapped to the S7 data type "Timer". The address will be retained. If an external tag with the S7 data type "Timer" addresses a data block or a bit memory address, it is is mapped to the S7 data type "S5 Time". The address will be retained. Example: WinCC flexible Tag S7 data type Address Comment Timer_Actual_Value Timer T10 BCD coded timer value Timer_Setpoint_Value Timer DB10.DBW200 BCD coded timer value Timer_Setpoint_Value#2 Timer MW20 BCD coded timer value Tag S7 data type Address Comment Timer_Actual_Value Timer %T10 BCD coded timer value Timer_Setpoint_Value S5Time %DB10.%DBW200 BCD coded timer value Timer_Setpoint_Value#2 S5Time %MW20 BCD coded timer value WinCC See also Migration of data types (WinCC flexible) (Page 229) 242 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migrating data types of Telemecanique Uni-Telway (WinCC flexible) Migrating data types Telemecanique Uni-Telway The Telemecanique Uni-Telway communication driver is not supported by WinCC, the data types are mapped to the internal data types of WinCC. The data types of the Telemecanique Uni-Telway communication driver are mapped as follows in the migration to WinCC: Data type in WinCC flexible Data type in WinCC +/-Int Int +/-Long DInt ASCII WString Bool Bool Float Real Int UInt Long UDInt See also Migration of data types (WinCC flexible) (Page 229) 5.2.9 Migrating integrated projects 5.2.9.1 Migrating an integrated project (S7-300, S7-400) Introduction In integrated projects, you use SIMATIC controllers and WinCC components together in a project. When an integrated project is migrated, the complete project will be migrated with components from WinCC and STEP 7. Configured connections between control and visualization remain intact. Migrating an integrated project When migrating an integrated project, the same requirements apply for the STEP 7 component as those for migration of a non-integrated STEP 7 project. The objects and properties contained in the WinCC component must also be supported in WinCC (TIA Portal). For an operating station (OS) to be migrated, it has to be located below a PC station and the WinCC application in the project tree of SIMATIC Manager. The following figure shows the assignment of the operating station within the initial project: WinCC Advanced V14 System Manual, 10/2016 243 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Additional migration requirements for integrated projects can be found in the documentation for WinCC. Also note that the initial project must be compiled before the migration. In order to fully migrate an integrated project, the following components must be installed on the programming device/PC for the migration: STEP 7 V5.4 SP5 WinCC V7.3 with the latest update or WinCC Flexible 2008 SP2 or SP3 To be able to fully post-edit an integrated project, the latest version of the following components must be installed on the PC for post-editing: STEP 7 Professional WinCC Basic, WinCC Comfort/Advanced or WinCC Professional, depending on the components used Using the migration tool It is necessary to use the migration tool under the following circumstances: The initial project is not located on the same programming device/PC as the installation of the TIA Portal. SCADA devices are included in the initial project. These can only be migrated with the migration tool. WinCC Professional V14 and STEP 7 with WinCC V7.3 cannot be installed on the same programming device/PC. Therefore, integrated projects with WinCC V7.3 parts must be prepared for migration using the migration tool. Migration of the STEP 7 part of an integrated project An integrated project is always fully migrated. Individual components cannot be migrated on their own. You can only migrate the included STEP 7 project alone, if you have previously deleted all HMI stations in the SIMATIC stations in the SIMATIC Manager and then recompiled the project in NetPro. Alternatively, you can open the project in an installation of STEP 7 V5.4 SP5 without an installation of WinCC. Then, save the project again and select the "Reorganize" function during saving. The WinCC parts are then automatically removed when the copy is saved. You can then migrate the STEP 7 project without the WinCC project. 244 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Migration of an integrated project with the hardware configuration In integrated projects, HMI devices are migrated even if the hardware configuration is not included in the migration. The STEP 7 part of the hardware configuration, including network configurations, and connections and interrupts, is migrated only if you include the hardware configuration in the migration. Otherwise, unspecified modules will be created for the STEP 7 devices and you will need to convert them into suitable modules after the migration. HMI modules that are plugged into a PC station are converted to a separate Station during the migration. If you perform the migration without including the hardware configuration, the migrated project then contains a non-specified SIMATIC PC Station and a SIMATIC PC Station with the HMI devices. References to HMI devices are not imported during migration. When the hardware configuration is included, the migrated project contains two separate stations: the HMI Station and the PC Station. Storage location of an integrated WinCC project If you migrate an integrated project, the HMI part of it must be on the same PG/PC as the STEP 7 part of the project. If the HMI part is on a different PG, then only the STEP 7 part will be migrated. Unsupported objects The following components are not supported for migration: STEP 7 multiproject A STEP 7 multiproject cannot be migrated. Migration will be canceled. Central Archive Server - CAS If a CAS is part of an integrated project, then the migration will be carried out but the CAS data will not be migrated. See also Post-editing integrated projects (Page 245) 5.2.9.2 Post-editing integrated projects If you have migrated an integrated project without hardware configuration, unspecified CPUs are used instead of the CPUs of the original project. Since no connection can exist between an unspecified CPU and an HMI device, connections from the source project are also imported only unspecified. Procedure To continue to use an integrated project after the migration, follow these steps: 1. Convert the unspecified devices into suitable devices again. 2. Restore the integrated HMI connection between the HMI device and the PLC. 3. Connect all HMI tags to the newly created integrated connection. WinCC Advanced V14 System Manual, 10/2016 245 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 4. Restore the connection between HMI tags and PLC tags. 5. Delete the non-integrated HMI connection. In the following chapters a sample project is used to describe the individual steps in more detail. See also Converting unspecified CPUs into specified CPUs (Page 246) Creating an integrated HMI connection (Page 248) Re-linking HMI tags (Page 250) Delete non-integrated HMI connection (Page 251) 5.2.9.3 Converting unspecified CPUs into specified CPUs The first step after the migration without hardware configuration is the conversion of the unspecified CPUs into specified CPUs. Unspecified CPUs are placeholders for certain CPUs from the hardware catalog that are not currently known. You can define general parameters and home the CPUs already in the user program. However, the project is not fully functional until the unspecified CPU has been specified. 246 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Specifying a CPU using module replacement To use module replacement to specify an unspecified CPU, follow these steps: 1. Select the unspecified CPU in the network or device view. 2. Select the "Replace device" command in the shortcut menu. The "Replace device" dialog opens. 1 2 3. Under "New device" in the tree structure, select the module with which you want to replace the unspecified CPU. (Area 1) "Compatibility information" provides you with information on the extent to which the selected CPU is compatible with the configuration in source project. (Area 2) 4. Click "OK". 5. Perform the above-described steps for all unspecified CPUs. WinCC Advanced V14 System Manual, 10/2016 247 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project See also Creating an integrated HMI connection (Page 248) 5.2.9.4 Creating an integrated HMI connection After you have specified the unspecified CPU, establish the connection to the HMI-device. Procedure To create a connection graphically, follow these steps: 1. On the toolbar, click the "Connections" icon. This activates connection mode. 2. Select the connection type "HMI connection" in the adjacent drop-down list. The network view highlights in color all CPUs and HMI devices that can be used for an HMI connection. 3. You can now have the connection path automatically determined, or explicitly select a connection path via specific interfaces: - Allow connection path to be automatically determined Select the source CPU for a connection. Drag the mouse to the target components. Confirm the connection endpoint with another mouse click. Alternatively: While holding down the shift button, select the target components and with the right mouse button select the "Add new connection" command. - Selecting an explicit connection path from interface to interface Click on the subnet interface in the device for which you want to create a connection. Hold down the mouse button, drag the cursor to the relevant interface in the target device and then release the mouse button. 248 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project Result The following figure shows the state after the integrated connection has been created: 1 2 3 An integrated HMI connection is created and highlighted in the network view. WinCC Advanced V14 System Manual, 10/2016 249 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project The connection is shown in the connection table of the components. The connection can be edited in the connection properties. See also Re-linking HMI tags (Page 250) 5.2.9.5 Re-linking HMI tags When you have created a new HMI connection between the CPU and HMI device, you have to assign the existing HMI tags to the new connection. Perform the following steps for each line in the relevant tag table. Procedure To re-link HMI tags, follow these steps: 1. In the project tree, navigate to the HMI tags and double-click the relevant tag table to show this in the work area. The tag table opens. 2. Click the " ... " button in the "Connection" column. A dialog box for selecting the connection opens. 250 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.2 Migrating projects to a TIA Portal project 3. Select the newly established HMI connection. 4. Click the "" button to apply the selected connection. 5. On the toolbar, click the "Re-connect PLC tag" button. See also Delete non-integrated HMI connection (Page 251) 5.2.9.6 Delete non-integrated HMI connection Finally, you can remove non-integrated HMI connections that still remain from the source project. WinCC Advanced V14 System Manual, 10/2016 251 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Procedure To delete the non-integrated HMI connections, follow these steps: 1. In the project tree, open the HMI device and double-click the "Connections" entry. The connection table opens. 2. Select the row with the old connection in the table. 3. Select the "Delete" command in the shortcut menu of the connection line. 4. Perform the above-described steps for all non-integrated HMI connections of the source project. 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) 5.3.1 Basic information on upgrading to V4 (S7-1200) Introduction If you have used a CPU with firmware version V3 in your project and want to upgrade to a CPU with firmware V4.0 or later, you can easily replace the device. The TIA Portal offers the "Change device" function for this purpose. The project remains unchanged when the device is replaced. You can continue using the programs that you created with firmware version V3. 252 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Rules The following basic rules apply when replacing a device: Replacing a device is only possible if the project was created based on a CPU with firmware version V3.0. If your project was created based on firmware version V1.0 or V2.0, create a new CPU with firmware version V3.0 offline in the project, and copy your program to this CPU. It is not possible to replace a V4 CPU with a V3 CPU. If you want to continue using the existing V3 CPU, create a copy of this CPU before replacing the device. The program cannot be transferred to the new CPU via a memory card. Instead, use the "Change device" function, which is described in the following sections. HMI panels Configured HMI panels are treated differently during device replacement depending on the firmware version of the panel and the communication mode. The following table shows the HMI connections that are supported with the migration: Firmware version of the panel PUT/GET communi Migration to V4 cation V11 or later No S7-1200 does not support this configuration. Upgrade the firmware of the HMI panel to V12.0. Then compile and load the configuration. V11 or later Yes S7-1200 supports this configuration. The connection is established automat ically while you compile and load the project after replacing the device. V12 or later No S7-1200 supports this configuration. The connection is established automat ically while you compile and load the project after replacing the device. During compilation of the program, you receive specific information on migrating the HMI panel. Note HMI TP 177B 4" The HMI TP 177B 4" with firmware version V11.0.2 cannot be operated with S7-1200 V4. Replace the panel with a new device, if necessary. S7-1200 expansion modules If you are already using the following centrally plugged S7-1200 modules in your system, you must perform a firmware update for these modules in order to guarantee operation with S7-1200 V4. ASi - Master - CM 1243 DP - Master - CM 1243-5 WAN CP - CP1243-1 Newly shipped S7-1200 modules have the latest firmware installed ex works. WinCC Advanced V14 System Manual, 10/2016 253 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Protected blocks Blocks equipped with know-how protection or copy protection cannot be converted to V4. If the project contains protected blocks, you must remove the protection prior to migration. If these are supplied blocks and you do not know the password, ask your supplier either for the password or for a V4-compatible block. WARNING Preventing personal injury and material damage Changes are made to the program during device replacement in some cases. Therefore, thoroughly check the program in a test environment after replacing the device and before putting it in operation. Note Additional support You can find the latest FAQs about migrating to S7-1200 V4 in Siemens Industry Online Support: http://support.automation.siemens.com/WW/view/en/82140966 (http:// support.automation.siemens.com/WW/view/en/82140966) If you need further assistance with migrating to S7-1200 V4, please contact SIMATIC Customer Support. See also Migrating to V4 (Page 254) Special considerations after migrating to V4 (Page 256) 5.3.2 Migrating to V4 (S7-1200) Requirement A CPU with firmware version V3 is available in the project. The project contains no protected blocks. 254 WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Procedure Proceed as follows to replace a CPU: 1. Select the V3 CPU you want to replace. 2. Select the "Change device" command in the shortcut menu. The "Change device" dialog box appears. 3. Under "New device" in the tree structure, select the V4 CPU with which you want to replace your current V3 CPU. 4. Click "OK". The existing CPU is replaced by the new one. 5. Select the new CPU and select the "Compile > Hardware and software (only changes)" command in the shortcut menu. The device configuration and the user program are compiled again. 6. Optional: If necessary, apply know-how protection or copy protection to individual blocks in the program. 7. Select the new CPU and select the "Download to device > Hardware and software (only changes)" command in the shortcut menu. The device configuration and the user program are loaded into the new CPU. This completes the device replacement. WARNING Preventing personal injury and material damage Changes are made to the program during device replacement in some cases. Therefore, thoroughly check the program in a test environment after replacing the device and before putting it in operation. Note Additional support You can find the latest FAQs about migrating to S7-1200 V4 in Siemens Industry Online Support: http://support.automation.siemens.com/WW/view/en/82140966 (http:// support.automation.siemens.com/WW/view/en/82140966) If you need further assistance with migrating to S7-1200 V4, please contact SIMATIC Customer Support. See also Basic information on upgrading to V4 (Page 252) Special considerations after migrating to V4 (Page 256) WinCC Advanced V14 System Manual, 10/2016 255 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) 5.3.3 Special considerations after migrating to V4 (S7-1200) Functional changes in V4 S7-1200 V4 offers significantly enhanced functionality. The most important functional changes that you need to consider after migrating from V3 are described briefly below. You can find more information on S7-1200 in the "SIMATIC S7-1200 Automation System" system manual: https://support.industry.siemens.com/cs/ww/en/view/65601780 (http:// support.automation.siemens.com/WW/view/en/65601780) Organization blocks With S7-1200 V4, you can specifically set the interruptibility of each organization block used. When a device is replaced, all the organization blocks are configured as non-interruptible, to ensure that the executability of your V3 program remains unchanged. The OB priorities from the V3 program also remain unchanged. After migration, you can change the settings for priority and interruptibility as needed. The behavior of diagnostic interrupts in V4 has changed as follows: In V3, the start information always contained information on the triggering module, including the channel number. In V4, this information is only generated for a pending diagnostics event. If no diagnostic event is pending, for example, because the fault has already been corrected, only the triggering module is indicated. Access levels S7-1200 V4 offers an extended access level concept. The following table shows how the protection levels of the V3 firmware are indicated in V4: V3 protection level V4 access level Meaning No protection Full access (no protection) Unrestricted access without password protection. Read-only Read access HMI access and unimpeded communication between CPUs without password protection. A password is required for changes (write access) in the CPU and for changing the operating mode of the CPU (RUN/STOP). Write/read protec tion HMI access HMI access and unimpeded communication between CPUs without password protection. A password is required to read the data in the CPU, for changes (writing) in the CPU, and for changing the operating mode of the CPU (RUN/STOP). - 256 No access (com plete protection) No access without password input. A password is required for HMI access, for reading the data in the CPU, for chang ing (writing) data in the CPU, and for changing the operating mode of the CPU (RUN/STOP). WinCC Advanced V14 System Manual, 10/2016 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Instruction libraries After migration to S7-1200 V4, instructions from the libraries of the firmware version V3 are still available. This ensures that you can continue to use your program unchanged. In addition, S7-1200 V4 offers many new instructions which are also compatible with the instructions of the S7-1500. You can find more information on the instruction libraries in the "SIMATIC S7-1200 Automation System" system manual: https://support.industry.siemens.com/cs/ww/en/view/65601780 (http:// support.automation.siemens.com/WW/view/en/65601780) Motion Control When a device is replaced, the Motion Control objects from the libraries of the firmware versions V1 and V2 are replaced with the corresponding objects from the V3 libraries. The objects from V3 libraries are compatible so that you can continue to use the programs unchanged. The libraries of the S7-1200 V4 offer many new Motion Control functions, which are compatible with the functions of the S7-1500. If you want to use V4 libraries, select them on the "Instructions" task card after replacing the device. You can find more information on the new Motion Control functions in the "SIMATIC S7-1200 Programmable controller" system manual. https://support.industry.siemens.com/cs/ww/en/view/65601780 (http:// support.automation.siemens.com/WW/view/en/65601780) Web server The following settings for operation via a web server are transferred from the V3 CPU to the V4 CPU during device replacement: Activate web server on this module Permit access only with HTTPS If you want to operate the V4 CPU via a web server, you need to set up user accounts with assigned user rights in the user management. Only the standard web pages are available to standard users without any additional rights. Note Additional support You can find the latest FAQs about migrating to S7-1200 V4 in Siemens Industry Online Support: http://support.automation.siemens.com/WW/view/en/82140966 (http:// support.automation.siemens.com/WW/view/en/82140966) If you need further assistance with migrating to S7-1200 V4, please contact SIMATIC Customer Support. WinCC Advanced V14 System Manual, 10/2016 257 Migrating projects and programs 5.3 Migrating S7-1200 to firmware as of V4 (S7-1200) Communication via PUT/GET Communication via PUT/GET is enabled after the device replacement. Note that the new integrated connection types offer a security standard higher than PUT/GET communication. If you do not use PUT/GET communication, you should disable it. See also Basic information on upgrading to V4 (Page 252) Migrating to V4 (Page 254) 258 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.1 Getting started 6.1.1 Getting Started Documentation 6 Getting Started with the TIA Portal The Getting Started documentation is available to help you begin using the TIA portal. The Getting Started documentation contains instructions which show you, step-by-step, how to create a project in the TIA Portal and give you the chance to get a quick overview of all the possibilities the TIA Portal offers you. Contents The Getting Started documentation describes the creation of a continuous project for STEP 7 and WinCC that is expanded with each section. You start with simple basic functions, and use more complex ones as you continue with the creation of the project. In addition to the step-by-step instructions, the Getting Started documents also give you background information that explains the functions used and illustrate how they relate to each other. Target audience The Getting Started documents are intended for beginners, but are also useful for users migrating from previous versions of SIMATIC STEP 7 and WinCC. Getting Started documentation You can download the Getting Started documents via the following links: Step-by-step instructions for simple operation of the TIA Portal (STEP 7 Basic, S7-1200) https://support.industry.siemens.com/cs/ww/en/view/40263542 (http:// support.automation.siemens.com/WW/view/en/40263542/0/en) Configuration of an automation solution with STEP 7 Professional/WinCC Advanced (S7-300) https://support.industry.siemens.com/cs/ww/en/view/54430386 (https:// support.industry.siemens.com/cs/ww/en/view/54430386) Multimedia Getting Started for S7-1500: http://www.siemens.com/s7-1500-getting-started (http://www.automation.siemens.com/ salesmaterial-as/interactive-manuals/getting-started_simatic-s7-1500/_content/EN/ content_en.html) WinCC Advanced V14 System Manual, 10/2016 259 Introduction to the TIA Portal 6.2 User interface and operation See also Service and Support (https://support.industry.siemens.com/cs/de/en/) 6.2 User interface and operation 6.2.1 Starting, setting up, and exiting the TIA Portal 6.2.1.1 Starting and exiting the TIA Portal Starting the TIA Portal To start the TIA Portal, follow these steps: 1. In Windows, select "Start > All Programs > Siemens Automation > TIA Portal V14". The TIA Portal opens with the last settings used. Exiting the TIA Portal To exit the TIA Portal, follow these steps: 1. In the "Project" menu, select the "Exit" command. If the project contains any changes that have not been saved, you will be asked if you wish to save them. - Select "Yes" to save the changes in the current project and close the TIA Portal. - Select "No" to close the TIA Portal without saving the most recent changes in the project. - Select "Cancel" to cancel the closing procedure. The TIA Portal will remain open if you select this option. 260 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation 6.2.1.2 Overview of the program settings Overview The following table shows the application settings that you can make: Group Setting Description General settings User name The user name of the user. The user name is stored in the project properties when a new project is created. User interface language Language for the program interface Mnemonic Specifies the mnemonics for programming: "German" uses the German mnemonics, for example, "E1.0". "International" uses international mnemonics, for example, "I1.0". For information on the differences in the mnemonics of the indi vidual commands, refer to the description of the relevant program ming language. Show list of recently used projects Number of entries in the list of recently used projects in the "Project" menu Load most recent project during startup The last opened project is opened automatically after the TIA Por tal starts. Displaying truncated text in full Texts which are truncated due to their length are displayed in a tooltip. Show tooltips (contextTooltips are displayed and you get context-sensitive help. If this sensitive help is available) function is disabled, you can open the tooltip with <F1>. Reset to default Start view View for objects in overview WinCC Advanced V14 System Manual, 10/2016 Open cascade automati cally in tooltips After a brief time, the tooltips automatically expand to display a cascade containing additional help. If this option is cleared, the tooltips must be manually expanded. Show hidden banner Banners with additional information in the editor are hidden from display by default. All application settings All changes that you made in the TIA Portal after installation are undone. Layout of the editors Resets the complete layout of the application to the factory state. Show all alarm windows All alarm windows whose appearance was manually suppressed are displayed again. Most recent view Starts the program in the last view that was used. This can be either the portal view or the project view. Portal view Starts the TIA Portal in the portal view every time, irrespective of the last view you worked in. Project view Starts the TIA Portal in the project view every time, irrespective of the last view you worked in. Details When several views are available, the detail view opens by de fault, for example, in the overview window. List When several views are available, the list view opens by default, for example, in the overview window. Thumbnails When several views are available, the symbol view opens by de fault, for example, in the overview window. 261 Introduction to the TIA Portal 6.2 User interface and operation Group Setting Description Storage settings Recently used storage lo cation When a project is saved the first time, the most recently used file path is set by default. Default storage location Enables the specification of file paths for: Projects Libraries Configuration file for corporate libraries Data exchange Storage location for data import Imported files are searched for at this storage path by default. Storage location for data export This is the default storage path for the data export. Storage location for sup port packages When support packages are downloaded, they are stored in the specified storage path and can be installed from there. Storage location for log files Log files are stored at the location specified here. Storage location for project archives This storage path for the filing project archives is set by default. See also Starting and exiting the TIA Portal (Page 260) Resetting the user interface layout (Page 299) Changing the settings (Page 265) Configuring the display of tooltips and tooltip cascades (Page 328) 262 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation 6.2.1.3 Overview of the script and text editor settings Overview The following table shows the available settings for script and text editors: Group Setting Description Font Font type and size Sets the font type and size for the text in text editors. Font colors Color settings You can choose the colors for individual text elements from the respective drop-down lists in the text editors. Optional settings are available for the following text elements: Text Keywords Comments Operators Scripts Standard functions Instructions/system functions Constant strings Numeric constants Constant tags Tags Object models Formal parameters Reset to default Resets all font colors in editors to their factory settings. Tab width Sets the width of tabs. Use tabs Enables the use of tabs. Use spaces Specifies use of space characters instead of tabs. None Text entries are not automatically indented. Block The lines or the selected paragraph are automatically indented. Smart The lines or the selected paragraph are automatically indented. All unnecessary spaces are also removed. View Show white spaces Shows control characters within a text. STL (Statement List) Font type and size Sets the font type and size for STL program code. SCL (Structured Control Language) Show line numbers Shows the row numbers in SCL programs. Tabs Indent See also Changing the settings (Page 265) WinCC Advanced V14 System Manual, 10/2016 263 Introduction to the TIA Portal 6.2 User interface and operation 6.2.1.4 Overview of the print settings Overview The following table shows the available settings for printing: Group Setting Description General Always print table data as pairs of values Tables are printed as a list and not in tabular form. The corresponding values are listed for each column. Enable this option, for example, if you want to print a table that is too large for the print area. Hardware configura tion Active graphic view The graphics of network and device view are included in the printout. Active table A table associated with an editor is included when printing with the editor. PLC Programming Zoom factor Specifies the size in which blocks are to be printed out. With interface The interfaces of blocks are included in the printout. With comments Comments on blocks are included in the printout. With line numbers The line numbers of the program code are printed for text-based pro gramming languages. Motion & Technology Dialog display/graphic HMI screens The content of the editor is printed out as a graphic if the editor sup ports this. Table The parameters of the technology objects are printed out in the form of a table. Show tab order In the printout you can specify the order in which the runtime objects can be selected with the TAB key. See also Changing the settings (Page 265) 6.2.1.5 Overview of the online and diagnostic settings Overview The following table shows the settings that you can make for the online and diagnostic functions: Group Setting Description Preset connection Type of the PG/PC interface Specifies the type of the PG/PC interface that is used as the presetting path for online access in the dialogs for online access, e.g., in the "Go online" dialog. 264 PG/PC interface Specifies a particular PG/PC interface that is used as the presetting in the dialogs for online access, e.g., in the "Go online" dialog. Use preset connection path for online connection Activates or deactivates the presettings for the PG/PC interface. If the check box is selected, the connection path specified in the settings is used as the presetting in the dialogs for online access. WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Group Setting Description Alarm display Multiline Displays the alarms in the Inspector window using multiple lines. Autoscroll When a new alarm occurs, the display scrolls automatically to this alarm. Archive size Maximum number of alarms that can be displayed in the Inspector window. If the set number of alarms is exceeded, older alarms are automatically deleted. 6.2.1.6 Changing the settings Procedure To change the settings, proceed as follows: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General" group in the area navigation to change the settings described in the previous sections. Or click on one of the other entries in area navigation to make settings for your installed products. 3. Change the settings. Result The change will be adopted immediately, there is no need to save it explicitly. See also Overview of the program settings (Page 261) Overview of the script and text editor settings (Page 263) Overview of the print settings (Page 264) 6.2.1.7 Exporting and importing settings Exporting and importing settings You can export settings of the TIA Portal to a file. When you import the settings, they are applied together. This function makes it possible to send settings to other users. Likewise, system settings can be specified centrally, to provide a unified environment for multiple engineering PCs. The TIA Portal searches for a initialization file at startup. When a initialization file is found, the settings saved therein are automatically applied after rebooting. If a more recent version of this file is available, the local settings are updated. You can export all settings, for example: Language of the user interface Path of the company libraries WinCC Advanced V14 System Manual, 10/2016 265 Introduction to the TIA Portal 6.2 User interface and operation Path of the user-defined documentation Window layouts Profiles of the hardware catalog The initialization files are version-specific and can be imported automatically within a product version, but not in other versions of the product. Exporting settings You can export settings of the TIA Portal to a file, for example, to back them up or to share them with other users. Procedure 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are displayed. 2. Select the "General" entry in the area navigation. 3. In the "Import/export settings" area, click on the "Export settings ..." button. The "Export settings" dialog opens. 4. Select the settings for the export. - Click "Select all" to select all the settings for the export. - Click "Deselect all" to then select individual settings for the export. It all the nested settings are selected as well. 5. If you want to accept the settings selected from previous export operations, for example for a different use of the initialization files, select the check box "Use selection from a previous export file" and enter the file in the box. 6. Enter a file name for the initialization file in the "File name" box. 7. Click "Export". Settings are exported to a file with the extension ".tps14". Note Empty entry fields in the export file Entry fields, such as "Central settings", are available in the settings. If you do not fill out one of these entry fields and nevertheless select the initialization for the export, an empty initialization will be exported. If the subsequently import the initialization file, the corresponding local settings are overwritten by the empty contents of important initialization file. If you do not want these fields to be deleted by an import, disable the non-filled entry fields during export of the initialization file. 266 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Importing settings automatically When the TIA Portal starts up, you can automatically import the settings from a initialization file, for example, to incorporate a centrally defined environment. Procedure 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are displayed. 2. Select the "General" entry in the area navigation. 3. In the "Central settings" area, click on the "Browse" button. 4. Select the setting file with the extension ".tps14". 5. Click "Open". The settings are applied after a restart of the TIA Portal. Note Priority of central settings Central settings have priority over manually imported settings and override them. Importing settings manually You can import settings of the TIA Portal manually from a initialization file, for example, to take over settings from other users. Procedure 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are displayed. 2. Select the "General" entry in the area navigation. 3. In the "Import/export settings" area, click on the "Import settings ..." button. 4. Select the setting file with the extension ".tps14". 5. Click "Open". The settings are applied after a restart of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 267 Introduction to the TIA Portal 6.2 User interface and operation 6.2.2 Layout of the user interface 6.2.2.1 Views Views Three different views are available for your automation project: The portal view is a task-oriented view of the project tasks. The project view is a view of the components of the project, as well as the relevant work areas and editors. The library view (Page 273) shows the elements of the project library and the open global libraries. You can change over between the two views using a link. 6.2.2.2 Portal view Purpose of the portal view The portal view provides you with a task-oriented view of the tools. Here, you can quickly decide what you want to do and call up the tool for the task in hand. If necessary, the view changes automatically to the project view (Page 270) for the selected task. 268 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Layout of the portal view The following figure shows an example of the components in the portal view: Portals for different tasks Actions for the selected portal Selection panel for the selected action Switch to project view Display of the project that is currently open Portals The portals provide the basic functions for the individual task areas. The portals that are provided in the portal view depends on the products that have been installed. Actions for the selected portal Here, you will find the actions available to you in the portal you have selected. You can call up the help function in every portal on a context-sensitive basis. WinCC Advanced V14 System Manual, 10/2016 269 Introduction to the TIA Portal 6.2 User interface and operation Selection panel for the selected action The selection panel is available in all portals. The content of the panel adapts to your current selection. Switch to project view You can use the "Project view" link to change to the project view. Display of the project that is currently open Here, you can obtain information about which project is currently open. See also Function and structure of the project tree (Page 273) Basics of the work area (Page 277) Inspector window (Page 285) Basics on task cards (Page 287) Details view (Page 290) 6.2.2.3 Project view Purpose of the project view The project view is a structured view of all components of the project. 270 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Layout of the project view The following figure shows an example of the components of the project view: WinCC Advanced V14 System Manual, 10/2016 Title bar Menu bar Toolbar Project tree (Page 273) Reference projects (Page 289) Details view (Page 290) Work area (Page 287) Dividers Inspector window (Page 285) Changing to the portal view (Page 268) Editor bar Status bar with progress display Task cards (Page 287) 271 Introduction to the TIA Portal 6.2 User interface and operation Title bar The name of the project is displayed in the title bar. Menu bar The menu bar contains all the commands that you require for your work. Toolbar The toolbar provides you with buttons for commands you will use frequently. This gives you faster access to these commands. Dividers Dividers separate individual components of the program interface. The arrows on the dividers allow you to display and hide the adjacent sections of the user interface. Changing to the portal view You can use the "Portal view" link to change to the portal view. Editor bar The Editor bar displays the open editors. This allows you to quickly switch between open elements. If you have opened numerous editors, you can display the editors of the same type as a group. Status bar with progress display In the status bar, you will find the progress display for processes that are currently running in the background. This also includes a progress bar that shows the progress graphically. Hover the mouse pointer over the progress bar to display a tooltip providing additional information on the active background process. You can cancel the background processes by clicking the button next to the progress bar. If no background processes are currently running, the status bar displays the last generated alarm. See also Basics of the work area (Page 277) 272 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation 6.2.2.4 Library view Function of the library view The library view provides an overview of the elements in the project library and the open global libraries. You can switch to the library view using the "Libraries" task card. See also: Overview of the library view (Page 460) 6.2.2.5 Project tree Function and structure of the project tree Function of the project tree Using the project tree features gives you access to all components and project data. You can perform the following tasks in the project tree: Add new components Edit existing components Scan and modify the properties of existing components You can select the objects of the project tree either with the mouse or via the keyboard by typing the first letter of the desired object. If more than one object begins with the same letter, the next lower object is selected. The project tree must be the focused user interface element in order for you to select an object with its initial letter. WinCC Advanced V14 System Manual, 10/2016 273 Introduction to the TIA Portal 6.2 User interface and operation Layout of project tree The following figure shows an example of the project tree areas: 274 Title bar Toolbar Table header Project WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Devices Ungrouped devices Unassigned devices Common data Documentation settings Languages & resources Online access Card Reader / USB memory Title bar The title bar of the project tree has a button for automatically and manually collapsing the project tree. Once it is collapsed manually, the button is "Reduced" to the left-hand margin. It changes from an arrow pointing left to one that is pointing right, and can now be used to reopen the project tree. You can use the "Collapse automatically" button collapse to project tree automatically when you do not need it. See also: Maximizing and minimizing the work area (Page 279) Toolbar You can do the following tasks in the toolbar of the project tree: Create a new user folder; for example, in order to group blocks in the "Program blocks" folder or group devices. Navigate forward to the source of a link and back to the link itself. There are two buttons for links in the project tree. You can use these to navigate from the link to the source and back. Show an overview of the selected object in the work area. When the overview is displayed, the lower-level objects and actions of the elements in the project tree are hidden. Table header The "Name" column is shown by default. You can also show the columns "Type name" and "Version". If you are showing the additional columns, you see the name of the respective type as well as the version used for instances of types from the library. Project You will find all the objects and actions related to the project in the "Project" folder, e.g.: Devices Languages & resources Online access WinCC Advanced V14 System Manual, 10/2016 275 Introduction to the TIA Portal 6.2 User interface and operation Device There is a separate folder for each device in the project, which has an internal project name. Objects and actions belonging to the device are arranged inside this folder. Ungrouped devices All distributed I/O devices in the project are collected together in the "Ungrouped devices" folder. Unassigned devices Distributed I/O devices that are not assigned to a distributed I/O system appears as links in the "Unassigned devices" folder. Common data This folder contains data that you can use across more than one device, such as common alarm classes, logs and scripts. Documentation settings In this folder, you can specify the layout for the printed project documentation. Languages & resources You can determine the project languages and texts in this folder. Online access This folder contains all the interfaces of the programming device / PC, even if they are not used for communication with a module. Card Reader / USB memory This folder is used to manage all card readers an other USB storage media connected to the programming device / PC. See also Portal view (Page 268) Project view (Page 270) Basics of the work area (Page 277) Inspector window (Page 285) Basics on task cards (Page 287) 276 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Details view (Page 290) Showing and hiding columns (Page 277) Showing and hiding columns You can show additional columns in the project tree, if necessary. These additional columns show the name of the type associated with an instance as well as its version number. Procedure To show or hide additional table columns for the associated type and its version number, follow these steps: 1. Click the "Display/hide column heading" in the toolbar of the project tree. The column view of the project tree is enabled and a table header is displayed. 2. Right-click on the table header of the project tree. 3. Select the "Show/Hide" command in the shortcut menu, and select the columns you want to display. The selected columns are displayed or hidden. See also Function and structure of the project tree (Page 273) 6.2.2.6 Work area Basics of the work area Function of the work area The objects that you can open for editing purposes are displayed in the work area. These objects include, for example: Editors and views Tables You can open several objects. However, normally it is only possible to see one of these at a time in the work area. All other objects are displayed as tabs in the Editor bar. If, you would like to view two objects at the same time when performing certain tasks, you can tile the work area either horizontally or vertically or undock elements of the work area. If no objects are open, the work area will be empty. WinCC Advanced V14 System Manual, 10/2016 277 Introduction to the TIA Portal 6.2 User interface and operation Layout of the work area The following figure shows an example of a vertically split work area: 1 3 2 4 Title bar of left-hand editor Work area of left-hand editor Title bar of right-hand editor Work area of right-hand editor See also Maximizing and minimizing the work area (Page 279) Splitting the work area (Page 280) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) 278 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) Save user interface layout (Page 296) Maximizing and minimizing the work area You have the option to adapt the work area to make it as large as possible. You can use the following function for this: Maximizing the work area You can close the task cards, project tree and inspector window with a single click. This increases the size of the work area. You can minimize the work area again at any time in order to return to the previous view. Collapsing task cards, project tree, and Inspector window automatically You can use the "Collapse automatically" option for the task cards, project tree, and Inspector window. This function causes these items to collapse automatically when you don't need them. Maximizing and minimizing the work area To maximize the work area, follow these steps: 1. Open an element such as an editor or a table. The element appears in the work area. 2. Click the "Maximize" button in the title bar of the element. The task cards, project tree and inspector window collapse, and the work area is shown with its maximum dimensions. To minimize the work area again, follow these steps: 1. Click the "Embed" button in the title bar of the displayed element. This restores the view that existed before the work area was maximized. That is, if the task cards, project tree, or Inspector window were expanded before, they will be expanded again. Collapsing task cards, project tree, and Inspector window automatically To collapse the task cards automatically, follow these steps: 1. Click "Collapse automatically" in the title bar of the task cards. The task cards collapse when you click anywhere outside the task cards. 2. To use the task cards, click the collapsed task cards. 3. The task cards expand and are available for use. The "Collapse automatically" option remains enabled. WinCC Advanced V14 System Manual, 10/2016 279 Introduction to the TIA Portal 6.2 User interface and operation To collapse the project tree automatically, follow these steps: 1. Click "Collapse automatically" in the title bar of the project tree. The project tree collapses when you click anywhere outside the project tree. 2. To use the project tree, click the collapsed project tree. The project tree expands and is available for use. The "Collapse automatically" option remains enabled. To collapse the Inspector window automatically, follow these steps: 1. Click "Collapse automatically" in the title bar of the Inspector window. The Inspector window collapses when you click anywhere outside the Inspector window. 2. To use the Inspector window, click the collapsed Inspector window. The Inspector window expands and is available for use. The "Collapse automatically" option remains enabled. To disable the automatic collapse option, follow these steps: 1. Click "Expand permanently" again in the relevant window. The Collapse automatically" option is disabled, and the window remains expanded. See also Basics of the work area (Page 277) Splitting the work area (Page 280) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) Splitting the work area You can split the work area vertically or horizontally. Procedure To split the work area vertically or horizontally, follow these steps: 1. In the "Window" menu, select the "Split editor space vertically" or "Split editor space horizontally" command. The element you have clicked and the next element in the Editor bar will be displayed either next to one another or one above the other. 280 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Note If no elements are open in the work area, the "Split editor space vertically" and "Split editor space horizontally" functions will not be available. See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) Floating the work area elements You can float work area elements in their own separate window: Editors Tables Setting windows Task cards Inspector window You can embed floating elements again in the work area at any time. Floating the work area elements To float work area elements, follow these steps: 1. Click the "Float" button in the title bar of the element. The element will be released from the work area and displayed in its own window. You can now place the window wherever you wish. If you have minimized the window, you can restore it via the editor bar. Embedding elements in the work area To embed elements in the work area again, follow these steps: 1. Click the "Embed" button in the title bar of the element. The element will appear in the work area again. WinCC Advanced V14 System Manual, 10/2016 281 Introduction to the TIA Portal 6.2 User interface and operation See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) Splitting the work area (Page 280) Using grouped elements of the work area (Page 282) Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) Using grouped elements of the work area If you have opened several similar elements as editors or spreadsheets, you can have them displayed in the editor bar as a group. You can use these groups as follows: Displaying individual elements of a group Displaying all elements of a group in separate windows Embedding all displayed elements of a group in the work area Minimizing all displayed elements Closing all elements of a group You can undo the grouping of similar elements at any time. Grouping or ungrouping similar elements To group similar elements in the editor bar or ungroup them again, follow these steps: 1. Click on the "Group editors/Ungroup" button on the right in the editor bar. Each time you click the button, similar elements are grouped or existing groups are dissolved. The icon of the button changes slightly here to enable you to quickly identify the mode in which you are working. The configured mode is retained even after the elements are closed. Displaying individual elements of a group To display individual elements of a group, follow these steps: 1. In the editor bar, click the group containing the element you want to display. All list of all available elements of the group is displayed. 2. Click the element that you want to display. 282 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Displaying all elements of a group in separate windows To display all elements of a group in separate windows, follow these steps: 1. In the editor bar, right-click the group whose elements you want to display. 2. Select "Restore group" in the shortcut menu. All elements of the group are displayed in separate, overlapping windows. Move the windows in order to see the individual element, or choose an element via the group in the editor bar. Embedding all displayed elements of a group in the work area To embed all elements of a group displayed in separate windows in the work area again, follow these steps: 1. In the editor bar, right-click the group whose elements you want to embed. 2. Select "Embed group" in the shortcut menu. All elements of the group are embedded in the work area again. Minimizing all displayed elements To minimize all elements of a group, follow these steps: 1. In the editor bar, right-click the group whose elements you want to minimize. 2. Select "Minimize group" in the shortcut menu. All elements of the group are minimized. However, the minimized elements remain open and can be quickly maximized again via the group in the editor bar. Closing all elements of a group To close all elements of a group, follow these steps: 1. In the editor bar, right-click the group whose elements you want to close. 2. Select "Close group" in the shortcut menu. All elements of the group are closed. The group is removed. See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) Splitting the work area (Page 280) Floating the work area elements (Page 281) Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) WinCC Advanced V14 System Manual, 10/2016 283 Introduction to the TIA Portal 6.2 User interface and operation Minimizing and maximizing elements of the work area You can minimize the elements that are open in the work area, such as editors or tables, as needed. However, an element remains open even if it has been minimized, and can quickly be maximized again using the editor bar. Minimizing elements in the work area To minimize elements in the work area, follow these steps: 1. Click the "Minimize" button in the title bar of the element. The element is minimized, but can still be accessed via the editor bar. To minimize all elements at the same time, follow these steps: 1. In the "Window" menu, select the "Minimize all" command. Maximizing elements in the work area To maximize elements in the work area again, follow these steps: 1. Click the required element in the editor bar. The element is maximized and appears in the work area. See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) Splitting the work area (Page 280) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) Switching between the elements in the work area (Page 284) Saving a layout of editors and tables (Page 298) Switching between the elements in the work area You can switch between the elements in the work area at any time. Switching between the elements in the work area To switch to the previous or next editor, follow these steps: 1. In the "Window" menu, select the "Next editor" or "Previous editor" command. The next or previous editor will be displayed. See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) 284 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Splitting the work area (Page 280) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) Minimizing and maximizing elements of the work area (Page 284) Saving a layout of editors and tables (Page 298) 6.2.2.7 Inspector window Function of the Inspector window Additional information on an object selected or on actions executed are displayed in the inspector window. Layout of the Inspector window The following figures show the components of the Inspector window: WinCC Advanced V14 System Manual, 10/2016 "Properties" tab "Info" tab "Diagnostics" tab Area navigation within the "Properties" tab Content of the "Properties" tab 285 Introduction to the TIA Portal 6.2 User interface and operation "Properties" tab "Info" tab "Diagnostics" tab Navigation through additional tabs within a tab (only available in the "Info" and "Diagnostics" tabs) Toolbar (only available in the secondary "General" and "Compile" tabs of the "Info" tab) Content of the "Compile" tab in the "Info" tab "Properties" tab This tab displays the properties of the object selected. You can change editable properties here. "Info" tab This tab displays additional information on the object selected, as well as alarms on the actions executed (such as compiling). "Diagnostics" tab This tab provides information on system diagnostics events, configured alarm events, and connection diagnostics. Navigation within the tabs You can use area navigation and the lower-level tabs to display the information you require within the tabs. 286 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Toolbar You can use the toolbar in the "General" and "Compile" tabs within the "Info" tab to specify which types of alarms are to be displayed. You can enable or disable the display for the following alarm types: Errors Warnings Information See also Function and structure of the project tree (Page 273) Basics of the work area (Page 277) Portal view (Page 268) Project view (Page 270) Basics on task cards (Page 287) Details view (Page 290) 6.2.2.8 Task cards Basics on task cards Function of task cards Depending on the edited or selected object, task cards that allow you perform additional actions are available. These actions include: Selecting objects from a library or from the hardware catalog Searching for and replacing objects in the project Dragging predefined objects to the work area The task cards available can be found in a bar on the right-hand side of the screen. You can collapse and reopen them at any time. Which task cards are available depends on the products installed. More complex task cards are divided into panes that you can also collapse and reopen. WinCC Advanced V14 System Manual, 10/2016 287 Introduction to the TIA Portal 6.2 User interface and operation Layout of task cards The following figure shows an example of the bar with the task cards: Task cards closed Task card open Opened palette of a task card Closed palette of a task card See also Changing the pane mode (Page 289) Function and structure of the project tree (Page 273) Basics of the work area (Page 277) Inspector window (Page 285) Portal view (Page 268) Project view (Page 270) Details view (Page 290) 288 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Changing the pane mode You can choose between two pane modes: Single pane mode: Only one pane is open at any given time. If you open another pane, the previously opened pane is closed automatically. Multi-pane mode: You can open several panes at the same time. Procedure To change the pane mode, follow these steps: 1. Click the "Change pane mode" button above the panes inside a task card. See also Basics on task cards (Page 287) 6.2.2.9 Reference projects Function of reference projects In the "Reference projects" palette, you can open other projects in addition to the current project. These reference projects are write-protected and cannot be edited. However, you can drag the objects of a reference project into your current project and further edit them there. You can also compare the objects of a reference project to the objects of your current project. Layout of the "Reference projects" palette The following figure shows the layout of the "Reference projects" palette: WinCC Advanced V14 System Manual, 10/2016 289 Introduction to the TIA Portal 6.2 User interface and operation 1 2 3 Title bar Toolbar Opened reference projects Title bar The arrow for closing the palette is located in the title bar of the "Reference projects" palette. Once it is closed, the direction in which the arrow is pointing changes from downwards to right. It can now be used to reopen the palette. Toolbar The toolbar contains buttons for opening and closing reference projects. Opened reference projects Opened reference projects are displayed as read-only with their objects and their hierarchical structure. 6.2.2.10 Details view Purpose of the details view The detail view shows certain content of the selected object is in the overview window or in the project tree. This might include text lists or tags. 290 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Layout of the details view The following figure shows an example of the details view: Title bar Tab Content of the selected object Title bar The arrow for closing the details view is located in the title bar of the details view. After it has closed, the direction in which the arrow is pointing changes from left to right. It can now be used to reopen the details view. Tab The tab displayed in the detail view depends on the selected object. The "Modules" tab is displayed when you select a device, a device link or a folder that contains one of these objects. The "Modules" tab displays the installed modules or sub-modules of a device in the detail view, when you select the device itself or a device link in the project tree. The "IO tags" displays existing IO tags for selected devices and device links to below the "Local modules" folder or a device folder. The name of the simple tag or data element of a PLC data type is displayed in addition to the data type and the address. Note If a simple tag is defined for a channel address but it is also within the address range of the data element of a PLC data type, only the name of the simple tag is displayed. Objects The displayed content varies depending on the selected object. You can move the content of objects from the details view to the required location using drag-and-drop. WinCC Advanced V14 System Manual, 10/2016 291 Introduction to the TIA Portal 6.2 User interface and operation See also Function and structure of the project tree (Page 273) Basics of the work area (Page 277) Inspector window (Page 285) Basics on task cards (Page 287) Portal view (Page 268) Project view (Page 270) 6.2.2.11 Overview window Overview window Functions of the Overview window The Overview window supplements the project tree. The Overview window shows the contents of the folder currently selected in the project tree. In addition, you can perform the following actions in the Overview window: Open objects Display and edit the properties of objects in the Inspector window Rename objects Call object-specific actions from the shortcut menu Compare objects side by side Perform various object operations, such as inserting objects from the library via drag-anddrop and moving, copying, pasting, and deleting objects 292 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Layout of the Overview window The following figure shows the components of the Overview window: 1 5 6 6 7 2 3 4 8 Overview window Switch to the Details view Switch to the List view Switch to the Icon view Move to higher level Split the overview window in two. Either the right or left half of the overview window is synchronized. Clicking again cancels the split. All elements within a selected folder are displayed even if these are located in lower-level groups. This option is only available in details view. Contents of the object selected in the project tree. WinCC Advanced V14 System Manual, 10/2016 293 Introduction to the TIA Portal 6.2 User interface and operation Display forms of the Overview window The content of the Overview window can be displayed as follows: Details view The objects are displayed in a list with additional information, such as the date of the last change. List view The objects are displayed in a simple list. Icon view The objects are displayed as icons according to category. See also Comparing objects in the overview window (Page 294) Sorting the details view of the overview window (Page 295) Overview of the library view (Page 460) Comparing objects in the overview window You can display the contents of two folders or objects side by side in the Overview window. The Overview window is split in half and you can display different contents on the left and right sides. In addition, you can use a drag-and-drop operation to move objects between the split windows. Thus, for example, you can move contents from one window to the other. Procedure To split the Overview window in half or cancel the split, follow these steps: 1. In the toolbar, click on the "Synchronize left side" or "Synchronize right side" icon to split the overview window. Either the left or the right side of the overview window synchronized with the contents of the selected object in the project tree. 2. To cancel the split, click again on the previously selected icon. See also Overview window (Page 292) 294 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Sorting the details view of the overview window You have several options for adapting the display in the details view of the overview window: Adding additional columns Some columns are hidden by default to increase clarity. You can display hidden columns if needed. The columns available depend on the selected object. Display of folder contents in a flat hierarchy Folder contents can be displayed in a flat hierarchy. All the content is displayed at once even if it is located in different groups. Sorting the table columns You can sort individual columns of the table in ascending or descending order. Showing or hiding columns To show or hide additional table columns, follow these steps: 1. Right-click the title bar of the table. 2. Select the "Show/Hide" command in the shortcut menu, and select the columns you want to display. Displaying folder contents in flat hierarchy To display the content of a folder in a flat hierarchy, follow these steps: 1. Select the required folder in the project tree or in the library navigation of the library view. 2. Click the "Show subordinate elements" icon in the toolbar. All elements are displayed at once in the table even if they are located in subfolders. Sorting a table in ascending or descending order To sort the table by a column in ascending or descending order, follow the steps below: 1. Click the table header of a column if you want to sort the column in ascending order. 2. Click again on the same column of the table header to sort the column in descending order. 3. Click a third time on the table header of the same column to cancel the sorting. See also Overview window (Page 292) WinCC Advanced V14 System Manual, 10/2016 295 Introduction to the TIA Portal 6.2 User interface and operation 6.2.2.12 User interface layout Save user interface layout Options for backing up the user interface layout When you make a change to the user interface, this is retained even after a restart of the TIA Portal. A change to the user interface layout includes, for example, moving a window or adjusting the size of an editor. In addition to the automatic saving of the user interface layout, you have the option of manually backing up specific layouts: Save the window layout You can save the layouts of the windows and editors of the TIA Portal manually and restore these at a later time. It is possible to call five window layouts using a key combination. Use this function, for example, if you are working with a notebook to which you connect an external monitor when necessary. You can create a window layout for mobile use on the notebook display and another layout for when you work at the office with an external monitor. Save the layout within editors With some editors, you can adjust the display. You can, for example, adjust the width of tables or show or hide individual table columns. See also Save window layout (Page 296) Load window layout (Page 297) Managing window layouts (Page 298) Saving a layout of editors and tables (Page 298) Resetting the user interface layout (Page 299) Basics of the work area (Page 277) Save window layout You can save the current window layout in order to call it again in the same form at a later time. Procedure To save a window layout, follow these steps: 1. Arrange all windows in the way in which you want to save them. 2. In the "Window" menu, select the "Save window layout as" command. The "Save current window layout as" dialog opens. 3. Enter a name for the window layout in the "Name" field. 296 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation 4. Enter a description of the window layout in the "Description" field in order to be able to identify the window layout more easily later. 5. Click "Save". Result The new window layout is saved in the last position after the existing saved window layouts. The first five window layouts can be called using a key combination. See also Save user interface layout (Page 296) Load window layout If you have already saved a window layout, you can load this, allowing you to quickly adjust your work environment to the respective conditions. You can load the first five window layouts using quick access via the "Window" menu or via a key combination. If you load a window layout and then make changes to the arrangement of the window, you can restore the originally saved window layout. Using quick access to load window layouts 1 to 5 To load one of the first five saved window layouts, follow these steps: 1. In the "Window" menu, select a window layout or select the key combination <Alt+Shift+[1 ... 5]>. Loading additional window layouts To load a window layout that is not among the first five window layouts, follow these steps: 1. In the "Window" menu, select the "Additional window layouts" command. The "Manage all windows layouts" dialog opens. 2. Select the desired window layout. 3. Click "OK". Restore window layout To go back to a saved window layout, follow these steps: 1. In the "Window" menu, select the "Restore window layout" command or select the key combination <Alt+Shift+0>. See also Save user interface layout (Page 296) WinCC Advanced V14 System Manual, 10/2016 297 Introduction to the TIA Portal 6.2 User interface and operation Managing window layouts You can carry out the following actions with existing window layouts: Changing the order of window layouts The order of the window layouts is important, as the first five window layouts can be called directly via the "Window" menu and via a key combination. Select a window layout If a window layout is not one of the first five window layouts, you can call it using the "Manage all window layouts" dialog box. Deleting window layouts Procedure To manage the existing window layouts, follow these steps: 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are displayed. 2. In the area navigation, navigate to the entry "General > Manage all window layouts". 3. Select a window layout. The selected window layout is immediately activated. 4. Click the "Up" or "Down" symbol to move the window layout up or down. 5. Click the "Delete" symbol to delete the selected window layout. See also Save user interface layout (Page 296) Saving a layout of editors and tables You have the option of adapting editors and tables to meet your requirements. For example, you can hide columns in tables that you don't need. You can then save your customized view. Procedure To save the layout of editors and tables in the work area, follow these steps: 1. Adapt the editor or table according to your requirements. 2. Click the "Save window settings" button in the editor or table. Result The layout is saved. When you reopen the editor or table, this layout will be used. 298 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation See also Basics of the work area (Page 277) Maximizing and minimizing the work area (Page 279) Splitting the work area (Page 280) Floating the work area elements (Page 281) Using grouped elements of the work area (Page 282) Minimizing and maximizing elements of the work area (Page 284) Switching between the elements in the work area (Page 284) Save user interface layout (Page 296) Resetting the user interface layout Every change you make to the layout of the user interface is saved. The changes are thus available even after a restart of the TIA Portal. For example, if you change the height and width of a text editor or the division of a table, your changes are retained so that you don't have to re-customize elements every time. In some cases, however, it may be helpful to restore the original layout settings; for example, if another user prefers a different arrangement of the user interface. Procedure To reset the user interface settings to the default, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General" group in the area navigation. 3. Click the "Reset to default" button under "Reset to default > Editor layout". Result The default settings for the user interface are restored. See also Overview of the program settings (Page 261) Save user interface layout (Page 296) WinCC Advanced V14 System Manual, 10/2016 299 Introduction to the TIA Portal 6.2 User interface and operation 6.2.3 Keyboard operation in the TIA Portal 6.2.3.1 Operation of the TIA Portal with the keyboard You can navigate through the TIA Portal using the keyboard, for example if you do not have a mouse available at the given moment. Many functions are also accessible via keyboard shortcuts. You can find an overview of all keyboard shortcuts in the settings for the TIA Portal. In the following sections, you will learn how to navigate in the TIA Portal using the keyboard, edit objects, and customize the TIA Portal to your needs. See also Displaying an overview of all keyboard shortcuts (Page 300) 6.2.3.2 Displaying an overview of all keyboard shortcuts You can display an overview of all keyboard shortcuts. Procedure To display an overview of all available keyboard shortcuts, follow these steps: 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are displayed. 2. Open the "Keyboard shortcuts" entry in the area navigation. You can see an overview of all keyboard shortcuts, which are valid for the currently installed products. 6.2.3.3 Basic functions of the TIA Portal Below, you will learn how you can use the basic functions of the TIA Portal using only your keyboard. Using the basic functions of the TIA Portal with the keyboard The following table shows how you can access basic functions of the TIA Portal with keyboard shortcuts: Function Keyboard shortcut Change between the project view and the portal view <Alt+F7> Change between the project view and the library view <Alt+F5> Open the online and diagnostics view <Ctrl+D> Start Runtime <Ctrl+Shift+Z> Display cross-references <Shift+Alt+F11> Cross-reference information <Shift+F11> 300 Menu command WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Menu command Open the Help system <F1> Help > Show help If you need help on the TIA Portal, press <F1>. Cancel the current action <Esc> Find <Ctrl+F> Replace an object <Ctrl+H> You can replace found objects when searching in the editor. Find next <F3> If you have started a search in the editor, you can jump to the next hit with <F3>. Print object <Ctrl+P> Run default action of the object <Enter> Action <F5> Scroll horizontally to the right <Ctrl+Arrow right> Scroll horizontally to the left <Ctrl+Arrow left> Open block/PLC data type <F7> Project > Print Operating menus The following table shows how you can navigate through menus using the keyboard: Function Keyboard shortcut Start keyboard shortcuts in the menu <Alt> You can access the menu using the <Alt> key and then continue to navigate with the arrow keys to scroll through the menu. Confirm your selection of the menu command with <Enter>. Go directly to a specific menu You can go directly to an individual menu command by holding down the <Alt> key. There is an underlined letter for each menu command. Press the <Alt> key along with the underlined letter. <Alt+underlined letter in respective menu> Open shortcut menu of an object <Shortcut menu key> With the shortcut menu key (on Microsoft Windows compatible keyboards), you can open the shortcut menu of the selected object. Alternatively, you can use <Shift+F10> if you are not using a Microsoft Windows compatible keyboard. You can use the arrow keys to scroll through the shortcut menu and select a menu command with <Enter>. Alternative: <Shift+F10> Operating expandable elements The following table shows how you can operate expandable elements using the keyboard: Function Keyboard shortcut Expand a folder in a tree <Arrow right> With <Arrow right>, for example, you expand a folder in the project tree. Close a folder in a tree <Arrow left> With <Arrow left>, for example, you collapse a folder in the project tree. Open a drop-down list <F4> You can open drop-down lists with <F4> and then navigate with the arrow keys to scroll through the drop-down list. Finally, press the <Enter> key to confirm your selection. WinCC Advanced V14 System Manual, 10/2016 301 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Open autocompletion <Ctrl+Space> <Ctrl+I> Show object selection 6.2.3.4 <Ctrl+J> Using project-related functions Editing a project Function Keyboard shortcuts Menu command Open a project <Ctrl+O> Project > Open Close a project <Ctrl+W> Project > Close Save a project <Ctrl+S> Project > Save Save a project under a different name <Ctrl+Shift+S> Project > Save as Delete a project <Ctrl+E> Project > Delete project Print project <Ctrl+P> Project > Print Undo last action <Ctrl+Z> Edit > Undo Redo last action <Ctrl+Y> Edit > Redo Calling up the help function Function Keyboard shortcuts Menu command Calling up the help function <F1> or <Shift+F1> Help > Show help 6.2.3.5 Arranging windows Below, you will learn how to open and close individual windows of the TIA Portal and work with saved window layouts using the keyboard. Opening and closing windows The following table shows how you can open and close windows with keyboard shortcuts: Function Keyboard shortcut Menu command Open/close project tree <Ctrl+1> View > Project tree Opening/closing the detailed view <Ctrl+4> View > Details view Opening/closing the overview <Ctrl+2> View > Overview Opening/closing a task card <Ctrl+3> View > Task card Open libraries <Ctrl+Shift+L> Open hardware catalog If you are in the device or network view, the hardware catalog opens. <Ctrl+Shift+C> Open/close inspector window <Ctrl+5> 302 View > Inspector window WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Open the "Properties" tab in the inspector window <Ctrl+6> Open the "Info" tab in the inspector window <Ctrl+7> Open the "Diagnostics" tab in the Inspector window <Ctrl+8> Display or hide reference projects <Ctrl+9> Display the on-screen keyboard <Ctrl+Shift+K> Menu command You can display a keyboard on the screen, for example, to operate with a touch screen. Close all editors <Ctrl+Shift+F4> Window > Close all Using saved window layouts You can save individual window arrangements and restore them at a later point in time. The following table shows how you to access saved window layouts with keyboard shortcuts: Function Keyboard shortcut Menu command Restore active window layout <Shift+Alt+0> Window > Restore window layout <Shift+Alt+[Number of the win dow layout]> Window > Window layout 1 to 5 If you use a saved window layout and have made changes to the program interface in the meantime, you can restore the original state of the active window layout with <Alt+Shift+0>. Load window layout You can use <Alt+Shift+[number of the window layout]> to activate the first of the five saved window layouts. 6.2.3.6 Navigating through the program interface The TIA Portal is divided into various user interface areas, for example, individual windows, toolbars, and editors. If you want to work with the keyboard within an interface area, you first have to place the focus on it. Below, you will learn how to place the focus on individual interface areas using the keyboard. You will also learn how to move within an interface area in the TIA Portal using the keyboard. Switching between interface areas and editors The following table shows how to move between individual interface areas of the TIA Portal: Function Keyboard shortcut Move clockwise between the interface areas <F6> You can use the <F6> key to move clockwise between the individual interface areas of the TIA Portal. The interface area currently in focus is highlighted with a blue title bar. If you are in the project tree, for example, and press the <F6> key, you jump to the currently open editor. If you press <F6> again, the task cards are in focus. If you press <Shift+F6>, on the other hand, you move counterclockwise between the work areas. Move counterclockwise between the interface areas <Shift+F6> With <Shift+F6> you move counter-clockwise between the interface areas of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 303 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Go to the next open editor <Ctrl+Alt+Arrow right> With <Ctrl+Alt+Arrow right> you go to the next open editor. You can see the open editors in the editor toolbar. Alternative: <Ctrl+F6> Go to the previous open editor <Ctrl+Alt+Arrow left> With <Ctrl+Alt+Arrow left>, you go to the last opened editor. Alternative: <Ctrl+Shift+F6> Go to the next higher section of the interface area <Shift+Esc> With <Shift+Esc>, you move to the next higher section of the program interface. If, for example, you have selected a device in the project tree and you press <Shift+Esc>, the entire project navigation is put into focus. Alternative: <Alt+Arrow up> Go to the next lower section of the interface area <Enter> With <Enter>, you place the focus on the next lower section of the program interface. For example, if you have just opened the properties of a device in the Inspector window in order to assign parameters to the device, press <Enter> to go one level deeper in the program interface. You can then navigate to the desired parameter using the Tab key. Alternative: <Alt+Arrow down> Navigation within interface areas and editors The following table shows how you can navigate within a user interface area using the keyboard: Function Keyboard shortcut Jump to the next element within an interface area <Tab> You can use the Tab key to jump from one element to the next within a work area. If, for example, you have opened the properties of a device and want to jump from one field to the next, press the Tab key. Any changes you have made to the current text box are applied in this case. Jump to the previous element within an interface area <Shift+Tab> With <Shift+Tab>, you can jump to the previous element in a work area, for example, a previous text box. Any changes you have made to the current text box are applied in this case. Jump to the higher-level element within an interface area <Shift+Home> With <Shift+Home> you can jump to the higher-level element of a work area, e.g., to the higher-level folder in the project tree. Move to the next tab within an interface area <Ctrl+Tab> If an interface area is divided into separate tabs, you can move between the tabs with the shortcut keys <Ctrl+Tab>. If, for example, you are in the "Properties" tab of the Inspector window and you want to jump to the "Info" tab, press the shortcut keys <Ctrl+Tab>. Go to the previous tab <Ctrl+Shift+Tab> With <Ctrl+Shift+Tab>, you move to the most recently open tab within an interface area. 304 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Jumping to the toolbar of an editor <Alt+F10> You can use the <Alt+F10> key to jump to the toolbar of an editor. For example, if you have opened the print preview and want to switch to the next page of the printout in the toolbar, press <Alt+F10>. Then, use the arrow keys to navigate to the appropriate icon in the toolbar and confirm the selection with <Enter>. Use arrows on the divider to display or hide user interface components <Space> The table in the work area can be minimized and maximized. First, navigate to the work area and use the Tab key to place the focus on one of the little arrows on the separator line above the table. The arrows have the focus as soon as they are highlighted in blue. Then, press the space bar to minimize or maximize the table. 6.2.3.7 Customizing editors Below, you will learn how to arrange editors using the keyboard. You will also learn how to select the display size and the area within a graphical editor. Arranging and customizing editors The following table shows how to arrange open editors above and below each other or sideby-side, and how to close an open editor: Function Keyboard shortcut Close active editor <Ctrl+F4> Split editor space vertically <F12> Window > Split editor space ver tically <Ctrl+F12> Window > Split editor space hor izontally <Alt+Shift+F12> Window > Unsplit editor space If, for example, you have opened the overview window and the network view and want to display them side-by-side, press the <F12> key. Split editor space horizontally You can display two open editors in the work area above and below each other. Remove window split Menu command If you have displayed two editors in the work area horizontally or vertically in split mode, you can remove the split with <Alt+Shift +F12>. Customizing the display in an editor The following table shows how you how to zoom in and out in graphical editors and how to move the area selection in an editor: Function Keyboard shortcut Zoom in step-by-step in an editor <Ctrl+Plus> With <Ctrl> and the <Plus> key on the numeric keypad of the keyboard, you can zoom in on the display of the editor. Alternative: <Ctrl+Scroll up> Zoom out step-by-step in an editor <Ctrl+Minus> Use the <Ctrl> and the <Minus> key on the numeric keypad of the keyboard to zoom out of the display of the editor. Alternative: <Ctrl+Scroll down> WinCC Advanced V14 System Manual, 10/2016 305 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Set view in the editor to 100% <Ctrl+0> Press <CTRL+0> to enlarge or reduce the current view in a graphical editor to 100%. Move the area selection of the editor <Space> If you hold down the spacebar, you can move the displayed section of an editor using the mouse. 6.2.3.8 Editing objects Selecting objects The following table shows how to select individual objects, for example, devices in the project tree: Function Keyboard shortcut Select an object located at the left, right, above or below <Arrow keys> Jump to the first object within the current interface area <Home> Menu command The first object in the interface area currently in focus is selected. In the project tree, this would be the project node at the top, for example. Jump to the last object within the current interface area <End> The last object in the interface area currently in focus is selected, for example, the last item in the project tree. Select all objects in an area <Ctrl+A> Edit > Select all All objects in the work area currently in focus are selected. Select multiple objects If you want to select several objects that are not located directly next to each other, you first have to move the focus (gray outline of an object) to the next desired object using <Ctrl+Arrow keys>. The current selection is maintained. Then, press the space bar to select the new focused object as well. Repeat this process until all desired objects are selected. <Ctrl+Arrow keys> + <Space> Editing objects The following table provides an overview of all the keyboard shortcuts required for editing objects: Function Keyboard shortcut Insert new object <Ctrl+N> Menu command A new object is inserted depending on your current context. If, for example, you are in the device view, the "Add Device" dialog opens for creating a new device. Open object <Enter> Rename an object <F2> Edit > Rename Copy an object <Ctrl+C> Edit > Copy Alternative: <Ctrl+Ins> 306 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Menu command Cut an object <Ctrl+X> Edit > Cut Alternative: <Shift+De lete> Paste an object <Ctrl+V> Edit > Paste Alternative: <Shift+Insert> Delete an object <Del> Edit > Delete Compile an object <Ctrl+B> Edit > Compile Open properties of an object <Alt+Enter> - Many objects in the TIA Portal have editable properties. Press the shortcut keys <Alt+Enter> to display the properties of an object. 6.2.3.9 Text editing Below, you will learn how to operate text editing functions using only the keyboard. Editing text The following table shows the basic editing functions for text: Function Keyboard shortcuts Switch to insert or overwrite mode <Insert> Exit edit mode <Esc> Delete <Del> Delete characters <Backspace> Confirm entry in a text box and leave the text box <Return> Line break in a multiline text box <Shift+Return> In a multiline text box, hold down the <Shift> button to create a line break. Reset input in a text box <Esc> If you are in an text box and press <Esc>, you exit the box and the changes are discarded. Navigating within a text area The following table shows how to navigate in a text area with the keyboard: Function Keyboard shortcuts Jump to start of line <Home> Jump to end of line <End> Jump to start of text <Ctrl+Home> Jump to end of text <Ctrl+End> Jump to the previous page <PgUp> Jump to the next page <PgDn> Confirm entry in a text box and leave the text box <Return> WinCC Advanced V14 System Manual, 10/2016 307 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcuts Line break in a multiline text box <Shift+Return> Reset input in a text box <Esc> If you are in an text box and press <Esc>, you exit the box and the changes are discarded. Selecting text The following table shows how to select text with the keyboard: Function Keyboard shortcuts Expand selection to the word at the left or right <Ctrl+Shift+Arrow left or Arrow right> The text or current text selection is marked up to the end of word. If you are at the beginning or end of a word, the previous or next word is selected. Expand selection to beginning of line <Shift+Home> Expand selection to end of line <Shift+End> Expand selection to beginning of text <Ctrl+Shift+Home> The text is selected up to the beginning or the end. Expand selection to end of text <Ctrl+Shift+End> The text is selected up to the beginning or the end. 6.2.3.10 Editing tables Below, you will learn how to navigate with the keyboard in tables, edit individual fields, and select parts of tables. General keyboard operation in tables The following table shows how you can edit tables using only the keyboard: Function Keyboard shortcut Place a cell in edit mode <F2> or <Return> Confirm entry and exit edit mode <Enter> Cancel editing and discard changes <Esc> Open drop-down list in a cell <F4> Open the drop-down list with <F4>. Use the arrow keys to select the desired entry and then confirm the selection with <Return>. Close drop-down list in a cell and discard changes <Esc> Navigate in tables The following table shows how you can navigate within a table using the keyboard: Function Keyboard shortcut Go to line <Ctrl+G> Go to the next cell <Arrow keys> 308 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Go to the next editable cell on the right <Tab> Go to the next editable cell on the left <Shift+Tab> Move a screen upwards <PgUp> Move a screen downwards <PgDn> Go to the first cell in the row <Home> Go to the last cell in the row <End> Go to the first cell in the table <Ctrl+Home> Go to the last cell in the table <Ctrl+End> Go to the top cell in the column <Ctrl+Arrow up> Go to the bottom cell in the column <Ctrl+Arrow down> Insert table row below <Alt+Ins> Insert line break in an entry field/insert table row above <Ctrl+Return> Selecting areas in tables The following table shows how you can select areas within a table using the keyboard: Function Keyboard shortcut Select column <Ctrl+Space> Select line <Shift+Space> Select all cells <Ctrl+A> Expand selection by one cell <Shift+arrow keys> Extend selection up one page <Shift+PgUp> Extend selection down one page <Shift+PgDn> Expand selection up to the first row <Ctrl+Shift+Arrow up> Expand selection down to the last row <Ctrl+Shift+Arrow down> Expand selection to the first cell in the row <Ctrl+Shift+Arrow left> Expand selection to the last cell in the row <Ctrl+Shift+Arrow right> 6.2.3.11 Using online functions Controlling online functions with the keyboard The following table provides an overview of the shortcut keys that you can use for the online functions of the TIA Portal: Function Keyboard shortcut Menu command Establish an online connection <Ctrl+K> Online > Go online Go offline <Ctrl+M> Online > Go offline Download project data to the device <Ctrl+L> Online > Download to de vice WinCC Advanced V14 System Manual, 10/2016 309 Introduction to the TIA Portal 6.2 User interface and operation Function Keyboard shortcut Menu command Show accessible devices <Ctrl+U> Online > Show accessi ble devices <Ctrl+Shift+E> Online > Start CPU <Ctrl+Shift+Q> Online > Stop CPU <Ctrl+Shift+X> Online > Simulation > Start This opens a dialog showing all devices that are connected to the PG/ PC interface of the PG/PC. Start CPU The CPU is set to "RUN" mode. The CPU must be online for this. Stop CPU The CPU is set to "STOP" mode. The CPU must be online for this. Start simulation The hardware and software of the project can be tested in a simulated online environment, without the modules actually being online. 6.2.3.12 Using the on-screen keyboard Introduction When working with the TIA Portal, you also have the Microsoft on-screen keyboard available. Displaying the on-screen keyboard To display the on-screen keyboard, follow these steps: 1. In the "View" menu, select the "Screen keyboard" command. Exiting the on-screen keyboard To exit the on-screen keyboard, follow these steps: 1. In the "File" menu of the on-screen keyboard, select the "Exit" command. 6.2.4 Special features specific to the operating system 6.2.4.1 Influence of user rights Restrictions when user rights are limited The software provides several functions that require direct access to the hardware of the programming device / PC and therefore also to the installed operating system. To make full use of the range of functions, the software must cooperate closely with the operating system. To ensure problem-free interaction, you should therefore be logged on to the operating system with adequate user rights. In particular, you may not be able to use functions requiring an online connection or those that change the settings of interface cards if you work with limited user rights. 310 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.2 User interface and operation Recognizing restricted functions You can recognize functions requiring special rights as follows: A shield icon is displayed beside the function. The function can be used but is regulated by the user account control. A box is grayed out and cannot be accessed. You require administrator privileges to access the box. In some operating system environments, you can obtain administrator privileges by entering an administrator password. Note A box being grayed out does not necessarily mean a lack of rights. You should also check the additional information in the tooltip cascades to find out the conditions for editing the box. 6.2.4.2 Expanding user rights Counteracting restrictions due to user rights Certain functions may not be available if you are not logged on to the operating system with adequate rights. You can counteract these restrictions in the following ways: Enabling of extended rights using Windows user account control Logging on to the operating system with administrator privileges Using temporary administrator rights Enabling extended rights using Windows user account control To be able to use a function indicated by the shield icon of the Windows user account control, follow these steps: 1. Click on the box or button with the shield icon. The security prompt of the Windows user account control opens. 2. Follow the instructions of the Windows user account control and, when prompted enter an administrator password, if possible. The function can now be used once without restrictions. Logging on to the operating system with administrator privileges To be able to use a function that is disabled due to lack of user rights, follow these steps: 1. Close the software. 2. Log off from the operating system. 3. Log on to the operating system with administrator privileges. 4. Restart the software. WinCC Advanced V14 System Manual, 10/2016 311 Introduction to the TIA Portal 6.3 Help on the information system Using temporary administrator rights To obtain administrator privileges temporarily, follow these steps: 1. Click the "Change settings" button. You will find this button in dialogs that allow the temporary assignment of administrator privileges. An operating system dialog box for entering an administrator password opens. 2. Enter an administrator password. The settings can be temporarily changed. When you call the dialog again, the procedure must be repeated. Note This function is not supported by all operating systems. If no "Change settings" button is present or the button is grayed out, you will need to log on to the operating system with administrator privileges instead. 6.3 Help on the information system 6.3.1 General remarks on the information system Quick answers to your questions The information system of the TIA Portal helps you solve your problems and offers the required help topics at each step of the configuration. While working with the program, you receive the following support: Information system with all the background information, step-by-step instructions and examples that you need when working with the TIA Portal. Tooltips for information on elements of the user interface, for example text boxes, buttons and icons. Some of the tooltips are supplemented by cascades containing more precise information. Help on the current context, for example on menu commands when you press the <F1> key. Help on messages Roll-outs for correct inputs in dialog boxes Banner on the software interface 312 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Information system The information system opens in a separate window. The following figure shows the information system for the TIA Portal: The information system is divided into the following areas: Search area In the search area, you can perform a full text search across all help topics. Navigation area You can find the table of contents and favorites in the navigation area. Content area The help pages appear in the content area. You can open multiple tabs to view various help pages at the same time. The arrows on the window dividers allow you to display and hide the individual sections. You can open both the search area and the navigation area to increase the contents area as needed. WinCC Advanced V14 System Manual, 10/2016 313 Introduction to the TIA Portal 6.3 Help on the information system Buttons in the contents area The following buttons are available in the contents area of the information system: Button Function Synchronize Shows the position of the open help topic in the table of contents. Forward / backward Navigates through the history of the help topics previously opened in this tab. Favorites Adds the current help topic to the favorites. New tab Opens a new, empty tab. Home page Displays the start page of the information system. Printing Prints the current help topic. Help Displays help on the information system. Identification of the topics according to the information type The information system provides you with a wide range of information. The help topics are identified by different symbols depending on the type of information they contain. Symbols tell you at a glance what kind of information you have just opened. Symbol 314 Information type Explanation Operating instructions Describes the steps to follow in order to carry out a particular task. Example Contains a practical application example that explains how to solve an automation task. Factual information Provides background information on the functions of the TIA Por tal and provides basic knowledge. Reference Provides detailed reference information about instructions and objects for reference. WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Identification of the topics according to the target system Depending on the scope of the installation, the help system may contain sections or pages that apply to specific devices only. To be able to recognize such sections or pages at first glance, you will find a note in brackets in the table of contents. The search results in the full text search are marked in the same way if they only apply to a specific device. You will find an icon in the title bar of such pages. Move the cursor over the icon to obtain information about the valid target system. Roll-out Certain text boxes offer information that rolls out and helps you to enter valid parameters and values. The roll-out informs you about permitted value ranges and data types of the text boxes. The following figure shows a roll-out (yellow) and a roll-out error message (red), which indicates an invalid value: The roll-out is closed as soon as you exit the window or click the x in the upper right corner. Tooltip User interface elements offer brief information in the form of a tooltip. Tooltips, which have an arrow icon on the left, contain additional information in tooltip cascades. If you position the mouse pointer briefly over the tooltip or click the arrow icon, this information is displayed. The automatic display of tooltip cascades can be disabled. If additional information is available, a link to the corresponding help topic appears in the cascade. If you click on the link, the corresponding topic opens in the information system. The following figure shows a tooltip with opened cascade: WinCC Advanced V14 System Manual, 10/2016 315 Introduction to the TIA Portal 6.3 Help on the information system Help on messages Numerous actions are accompanied by messages in the Inspector window of the TIA Portal. The messages give information about whether or not an action was successful. In addition, you see which changes have been made in the project. Further help is available for some messages. If further help is available for an message, you access the help by clicking the question mark symbol. The following figure shows the "Info" tab in the Inspector window with several messages and a question mark symbol: 316 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Banner on the software interface In some editors, you can obtain additional support with banners at the top of the editor. The following figure shows a banner for an open library type: To hide the banner, click on the vertical blue bar at the left edge of the banner or on the x in the upper right corner. To expand a collapsed banner, click on the information symbol at the top left of the opened editor. In the settings of the TIA Portal, you can specify that banner is to be hidden by default. If multiple banners are available in an editor, the most relevant banner is displayed first. To move to the next banner, scroll to the next banner at the bottom right corner. See also Configuring the display of tooltips and tooltip cascades (Page 328) Using user-defined documentation (Page 442) 6.3.2 Opening the information system Opening the information system with the menu To access the information system on the home page, follow these steps: 1. Select "Display help" command from the "Help" menu. The start page of the information system opens. WinCC Advanced V14 System Manual, 10/2016 317 Introduction to the TIA Portal 6.3 Help on the information system Opening the information system with <F1> To access the information system and help for the current context, proceed as follows: 1. Select an object for which you want to view the help, for example, a menu command or a program element. 2. Press <F1>. The information system opens. If information on the current context is available, the appropriate topic appears. If no information on the current context is available, the home page of the information system is displayed. Opening the information system via tooltip cascades To open the information system from a tooltip cascade, proceed as follows: 1. Move the mouse pointer over an object with a tooltip cascade. The tooltip cascade opens. If additional information is available, the tooltip cascade contains links to the corresponding help topics. 2. Click on a link. The information system opens and the additional help topic appears. Opening help for error messages Numerous actions are accompanied by messages in the Inspector window of the TIA Portal. If help on such a message is available, a blue question mark appears behind the message. To view the help for a message, follow these steps: 1. Display the Inspector window. 2. Click on the blue question mark behind a message. The information system opens and the help error message appears. It contains an exact description of cause of the error and how to remedy it. See also Calling user-defined documentation (Page 451) Using the information system (Page 318) 6.3.3 Using the information system Opening a help topic in the current tab To open a help topic in the current tab, follow these steps: 1. Click on the help topic in the table of contents. 318 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Or: 1. Double-click on the help topic in the list of search results. Opening a help topic in a new tab To open a help topic in a new tab, follow these steps: 1. Select the help topic in the table of contents or in the list of search results. 2. Select the "Open in new tab" command from the shortcut menu. Or: 1. Click on the "New tab" button in the contents area of the information system. A new empty tab opens. 2. Click on the help topic in the table of contents or double-click on the help topic in the list of search results. Closing a tab To close a tab, follow these steps: 1. Click on the cross at the right in the tab. The current tab is closed. Or: 1. Click on the tab. 2. Select the "Close other tabs" command from the shortcut menu. All tags except the current one will be closed. Showing the history The history of the previously opened help topics is stored individually for each tab. To remove a help topic from the history, follow these steps: 1. In the contents area of the information system, click the "Forward" or "Backward" buttons to scroll chronologically through the history. Displaying the position of a help topic in the table of contents To display the position of the open help topic in table of contents, follow these steps: 1. Position the mouse pointer on the help topic. 2. Click "Synchronize" in the contents area of the information system. Displaying help for the information system To display the help on the information system, follow these steps: 1. Click on the "Help" button in the contents area of the information system. WinCC Advanced V14 System Manual, 10/2016 319 Introduction to the TIA Portal 6.3 Help on the information system 6.3.4 Searching the information system 6.3.4.1 Basics of searching Introduction You have the option to search the information system for terms. You are provided a search area for this. Search options You can search for the following text: Search for a word: <Search term> This finds all help pages that contain the search term exactly or in a slightly changed form. Search for several words: <Search_term_1 Search_term_2 ... Search_term_n> This finds all help pages that contain all search terms exactly or in a slightly changed form. Neither the order nor the distance between the search terms plays a role here. Search for phrases <"Search_term_1 Search_term_2 ... Search_term_n"> This finds all help pages that contain all search terms in the exact order specified. To find a phrase, place your search expression in quotation marks. You can further specify your search with additional criteria: Boolean search with "AND": <Search_term AND Search_term> <Search_term + Search_term> You can link your search terms using the Boolean "AND" operator. This finds all help pages that contain all search terms exactly or in a slightly changed form. Alternatively, you can enter multiple search terms even without the operators "AND" or "+". This too finds all help pages that contain all search terms. Boolean search with "OR": <Search_term OR Search_term> <Search_term - Search_term> You can link your search terms using the Boolean "OR" operator. This finds all help pages that contain one of the search terms exactly or in a slightly changed form. Negate search with "NOT" <Search_term_1 NOT Search_term_2> <Search_term_1 ! Searchterm_2> You can negate a search term with "NOT". You must enter at least one additional search term for this purpose, however. This finds all help pages in which "Search_term_1" occurs. Pages in which "Search_term_2" occurs are not included in the hits, since this search term has been negated. 320 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Fuzzy search with "~" <Search~> You can place a tilde ("~") after the search term. This finds all help pages in which the search term appears with approximately this spelling. Distance search with "~<proximity>" <"Search_term_1 Search_term_2" ~proximity> The proximity search allows you to find help pages where two search terms are no further apart than the defined distance. Enter the proximity as a positive integer. Enter the two search terms in quotes. There should be no gap between the tilde ("~") and the space. Search filter You can limit the search to a specific device or a device series by specifying a device as a search filter: If you select a device as a filter criterion, the keyword is only searched for in the pages or sections that apply to the specified device. If select the "Show all" option from the list instead of specifying a device, the search term is sought throughout the entire information system. Extended search You can also use the extended search to search the information system. It offers the same search options as the default search. However, you also obtain direct information about the possible selections for search options. See also Searching help topics (Page 321) Examples of searching in the information system (Page 322) 6.3.4.2 Searching help topics To quickly find the required information, you can perform a full text search across all help topics. Procedure To search the information system for a specific terms, follow these steps: 1. Open the search area. 2. In the "Find what" box, enter the search term or select a recently searched phrase from the drop-down list. 3. Optional: To obtain information on the search options, click "...". The "Extended search" dialog opens. It shows an overview of all options. 4. Optional: In the "Devices" selection box, select a device as a search filter. WinCC Advanced V14 System Manual, 10/2016 321 Introduction to the TIA Portal 6.3 Help on the information system 5. Click "Find". The search is performed and the results are listed: - The title of the help topic found is displayed in the "Title" column. - The "Position" column shows the section containing the help topic. - The relevance of the topic to the search term appears in the "Rank" column. You can change the sorting by clicking on the header of a column. 6. Double-click on a search result or select the "Open in new tab" command in the shortcut menu. Result The help topic opens in the contents area. To display the location of the open help topic in the table of contents, click on the "Synchronize" button. See also Basics of searching (Page 320) Examples of searching in the information system (Page 322) 6.3.4.3 Examples of searching in the information system Examples of the search for one word Searching for a word finds all help pages that contain the search term exactly or in a slightly changed form. Terms that contain special characters must be enclosed in quotes: Search for <PLC data type> This finds all pages containing the words "PLC data type", "PLC data types" or similar related terms. Examples if searching for several words Searching for multiple words finds all help pages that contain all search terms exactly or in a slightly changed form. Neither the order nor the distance between the search terms plays a role. Search for <variant example> This finds all pages containing the terms "variant", "VARIANT", "variant instruction" and "example", "examples" or similar related terms. Search for <LED tag> This finds all pages containing the terms "LED tag", "LED-tag", "LED status of the tag" or similar related terms. 322 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system Examples of searching with phrases Searching with phrases finds all help pages that contain all search terms in the exact order specified. To find a phrase, place your search expression in quotation marks. Search for <"examples for using recipes"> This finds all pages containing the terms "Examples for using recipes" or similar terms in the specified order. Examples of the Boolean search with "AND" A Boolean search with "AND" finds all help pages that contain all search terms exactly or in a slightly changed form. Neither the order nor the distance between the search terms plays a role. Search for <user groups AND authorization> This finds all pages containing the terms "user groups", "user group" and "authorization", "authorizations" or similar related terms. Search for <examples AND "Use in the recipes"> In this example, the Boolean search using "AND" is combined with the phrase search: This finds all pages containing exactly the terms "use in the recipes" in the specified order and "examples" at any position. Examples of the Boolean search with "OR" A Boolean search with "OR" finds all help pages that contain one or more of the specified search terms exactly or in a slightly changed form. Search for <block OR function> This finds all pages containing the terms "block", "blocks" and/or "function", "functions" or similar related terms. Search for <block OR function OR function block> This finds all pages containing the terms "block", "blocks" and/or "function", "functions" and/ or "function block", "function blocks" or similar related terms. Examples of the Boolean search with "NOT" A Boolean search with "NOT" finds all help pages that contain the specified search terms but not the negated search terms. Search for <alarm CPU NOT GRAPH> This finds all pages containing the terms "alarms", "alarm" and "CPU" but not the word "GRAPH". Search for <alarm NOT GRAPH CPU> This finds all pages containing the terms "alarms", "alarm" and "CPU" but not the word "GRAPH". Search for <alarm NOT CPU NOT GRAPH> All pages containing the term "message" are found but not the word "GRAPH" and not the word "CPU". WinCC Advanced V14 System Manual, 10/2016 323 Introduction to the TIA Portal 6.3 Help on the information system Examples of the fuzzy search with "~" A fuzzy search finds all help pages in which the search term appears with approximately this spelling. Search for <trends~> This finds all pages containing the terms "trend", "trend bit", "trend value", "trend display" "trend recording" or similar related terms. Examples of a proximity search with "~ <distance>" A proximity search finds all help pages where two search terms are no further apart from each other than the defined distance. Search for <trend measurement~10> This finds all pages in which the terms "trend" and "measurement" are no more than 10 words apart. Examples of searching with filters When searching with a filter, keywords are searched for only in the pages or sections that are valid for the specified device. Search for <example> with search filter "S7-1500" This finds all pages containing the terms "example", "examples" or similar related terms and that apply to S7-1500. Search for <SCL> with search filter "S7-400" This finds all pages containing the term "SCL" and that apply to S7-400. 6.3.5 Using favorites Using favorites You can save individual help pages or sections as favorites. This saves you searching for the help topic a second time. Favorites are retained even if you close the TIA Portal. They are still available when the information system opens the next time. Saving favorites To save a page or section as a favorite, follow these steps: 1. Open the page or the section that you want to save as a favorite. 2. Click on the "Add to favorites" button. Or: 1. Select a page or section in the table of contents. 2. Select the "Add to favorites" command in the shortcut menu. 324 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system The help topic or chapter is saved as a favorite and is available the next time you open the help system. Calling favorites To open a page from your favorites, follow these steps: 1. Open the "Favorites" tab. 2. Double-click on the help topic that you want to open. Or: 1. Open the "Favorites" tab. 2. Select the shortcut menu command "Open in new tab". The help topic opens in the contents area of the current tab or in a new tab. Go to position in the table of contents To navigate from your favorites to the position of the subject in the table of contents, follow these steps: 1. Select the topic in the favorites where you want to go in the table of contents. 2. Select the shortcut menu command "Go". The menu command is enabled only when you select a topic that is included in the table of contents. Context-sensitive help topics, for example, help on syntax errors, are not included in the table of contents. The "Go to" is not executable for this. The table of contents opens and expands at the desired position. Deleting favorites To delete an entry from the favorites, proceed as follows: 1. Open the "Favorites" tab. 2. Select the topic you want to remove from the list. 3. Select the "Remove" command from the shortcut menu. 6.3.6 Copying code examples into the program Many help topics include code examples that illustrate instructions and functions for programming in the TIA Portal. You can copy code examples in the programming languages SCL and STL and use them directly in your program. Example You recognize an example that can be copied by the "Copy" symbol in the header of the program example: WinCC Advanced V14 System Manual, 10/2016 325 Introduction to the TIA Portal 6.3 Help on the information system SCL "Tag_Result1" := ABS("Tag_Value"); "Tag_Result2" := ABS("Tag_Value1"*"Tag_Value2"); Procedure To copy a code example, follow these steps: 1. Open the Help topic with the sample program you require. 2. Click on the "Copy" button in the header of the program example. The program code is copied to the clipboard. 3. Open the programming editor and insert the copied code. To do this, select the "Paste" command in the shortcut menu. The copied program code is inserted from the clipboard into the program code being edited. 6.3.7 Displaying more information in the Siemens Industry Online Support The information system provides an introduction to the "TIA Portal Information Center" in the Siemens Industry Online Support. Here you obtain additional up-to-date information about the TIA Portal, for example, application examples, training opportunities, FAQs, hardware documentation and much more. Note Internet connection required To access the information in Siemens Industry Online Support, you need an Internet connection. Procedure To open more information in Siemens Industry Online Support, follow these steps: 1. Open the start page of the information system. You have the following options here: - Select the top entry in the table of contents. The entry has the title "Information system". - Select the "Home page" button in the contents area. The start page of the information system opens. The "TIA Portal Information Center" displayed at the bottom of the home page. 2. Click on the screen of the "TIA Portal Information Center". The "TIA Portal Information Center" opens. 326 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system 6.3.8 Printing help topics You have the following options for printing the contents of the information system: You can print the selected sections or pages from the index together. You can select any content of the information system. It need not involve contents of contiguous sections. The selected content will be printed in a print-optimized layout with pagination. You can print a single open page. Print sections or pages from the table of contents To print the contents from the table of contents, follow these steps: 1. Open the table of contents of the information system. 2. Click on the "Print" button in the "Contents" tab. The "Print" dialog opens. 3. In the "Print" dialog, select the sections and pages that you want to print. 4. Click the "Print" button to print the selected information. The standard print dialog box opens. 5. Select the printer on which you want to print the information. 6. Click "Properties" if you want to make additional printer settings. 7. Confirm your entries with "OK". The information is printed on the selected printer. Printing single opened page To print a single page, follow these steps: 1. Open the page to be printed in the contents area of the information system. 2. Select the "Print" button in the contents area. 3. The standard print dialog box opens. 4. Select the printer on which you want to print the information. 5. Click "Properties" if you want to make additional printer settings. 6. Confirm your entries with "OK". The page is printed on the selected printer. WinCC Advanced V14 System Manual, 10/2016 327 Introduction to the TIA Portal 6.3 Help on the information system 6.3.9 Configuring the display of tooltips and tooltip cascades Configuration options for tooltips and tooltip cascade You can customize the display of tooltips and tooltip cascades to suit your needs. You can make the following settings: Display or hide truncated texts Sometimes texts may be too long for a text field. The texts are then fully displayed in a tooltip when you hover your mouse over the text field. You can enable or disable this function. Enable or disable tooltips Tooltips provide more detailed information about an element of the user interface. You can also have tooltips displayed in a cascade. If you disable the tooltips, the cascade with context-sensitive help is also no longer displayed. However, you have the option of manually displaying the tooltip for the currently active interface element by pressing <F1>. Enable or disable automatic opening of tooltip cascades By keeping the mouse pointer over a tooltip for a brief time, any available cascades are displayed automatically. You can enable or disable the automatic display of cascades. When automatic display is disabled, you must open the cascade manually if necessary. To do this, click on the arrow icon in the tooltip. Procedure To configure the display of tooltips and tooltip cascades, follow these steps: 1. Select the "Settings" command in the "Options" menu. 2. Select the "General" group in the area navigation. 3. Select or clear the individual check boxes in the "Tooltips" area to suit your needs. The "Open cascade automatically in tooltips" check box is only available if you have enabled the display of tooltips. See also General remarks on the information system (Page 312) 6.3.10 Assembling customized documentation Customized documentation In the Siemens Industry Online Support, in the "mySupport Documentation" category, you can assemble customized documentation that is tailored to your needs. All configurable manuals and operating instructions of the Siemens Industry Online Support are available to you for this purpose. You can select the parts that are of interest to you and combine them into in a library to form personal documentation. You can organize the documentation using folders in your personal library. The folders will later become the individual chapters of your custom documentation. 328 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.3 Help on the information system You can open "mySupport Documentation" here: https://support.industry.siemens.com/My/ww/en/documentation (https:// support.industry.siemens.com/My/ww/en/documentation) Requirement The manuals or operating instructions used must be configurable. You can recognize configurable manuals by the suffix "configurable" in their name. To use all the functions, you have to register in the Siemens Industry Online Support and log on. Documentation in different languages You can change the language of the assembled documentation to German, French, Spanish, Italian and Chinese. This gives you the possibility, for example, to gather relevant information for a specific project and make it available to colleagues who speak other languages. Export function in the documentation You can perform an export at any part of your library in various formats (PDF, XML, RTF). Help on creating documentation You can find more help on creating and using custom documentation in the Siemens Industry Online Support: https://support.industry.siemens.com/My/ww/en/documentation (https:// support.industry.siemens.com/cs/helpcenter/en/index.htm) 6.3.11 Safety Guidelines Safety guidelines This Help manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger. DANGER indicates that death or severe personal injury will result if proper precautions are not taken. WARNING indicates that death or severe personal injury may result if proper precautions are not taken. WinCC Advanced V14 System Manual, 10/2016 329 Introduction to the TIA Portal 6.3 Help on the information system CAUTION with a safety alert symbol, indicates that minor personal injury can result if proper precautions are not taken. NOTICE without a safety alert symbol, indicates that property damage can result if proper precautions are not taken. Note indicates that an unintended result or situation can occur if the corresponding information is not taken into account. If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage. Qualified Personnel The device/system may only be set up and used in conjunction with this documentation. Commissioning and operation of a device/system may only be performed by qualified personnel. Within the context of the safety notes in this documentation qualified persons are defined as persons who are authorized to commission, ground and label devices, systems and circuits in accordance with established safety practices and standards. Prescribed Usage Note the following: WARNING This device may only be used for the applications described in the catalog or the technical description and only in connection with devices or components from other manufacturers which have been approved or recommended by Siemens. Correct, reliable operation of the product requires proper transport, storage, positioning and assembly as well as careful operation and maintenance. Trademarks All names identified by (R) are registered trademarks of the Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner. 330 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Disclaimer of Liability We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions. 6.4 Find and replace 6.4.1 Basics of searching Introduction You can use the following search options within TIA Portal: Search entire project Searching and replacing in the editor Browsing the hardware catalog In addition, individual products in TIA Portal offer more search options. Search entire project You can search the entire project for a specific text. The search editor helps you in the search, for example, by further limiting the search. All objects containing the search text are displayed clearly in a table. You can open each object in the search editor to view the relevant location. Searching and replacing in the editor You can search for texts in the editors. The search function finds all texts containing the search key in the currently opened editor. The results are selected in sequence in the opened editor. You also have the following options: Narrowing down the search with additional options Replacing found texts Which additional options are available and which types of text can be searched for depends on the installed products and the open editor. Browsing the hardware catalog You can search for a specific hardware component in the hardware catalog. See also: Browsing the hardware catalog WinCC Advanced V14 System Manual, 10/2016 331 Introduction to the TIA Portal 6.4 Find and replace See also Searching and replacing in the editor (Page 342) Search in entire project (Page 335) 6.4.2 Search entire project 6.4.2.1 Basics for search in the project Introduction You can search the open project for a specific text (search term). The search term can be one word, several words or parts of words. Only spaces are considered as word limits. You can use search terms that are up to 255 characters long. You can create any complex search terms using wildcards. You can also limit the search to specific areas, objects or object properties. Uppercase and lowercase letters are not taken into account in the search. For the search, an index of the texts of the editors which can be searched in the project is built up automatically in the background. The search index is updated with each change. You cannot start the search before indexing is complete. You can generate the search index again at any time. Note that the search index is saved with the project. This may increase the file size of the project. If you want to pass on the project, you can reduce the file size by archiving or minimizing the project. The search index is removed in this case. You can also completely disable the search in the project if necessary. In the case of changes to STEP 7 objects, e.g. name changes of tags, PLC data types or blocks, you must update the point of use of the these object before any search in the project in order that the search can take these changes into account. To do this you can, for example, recompile your program. The search only includes the texts in the set editing language. The search index is generated again when you change the editing language. This may take some time, depending on the number of texts in the project. The search editor helps you with your search. In it, you can specify search options and start the search. After the search is completed, the search editor lists the objects which contain the search text. You can open the individual objects directly from the search editor. 332 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Search options The following options are available for the search: Limit search: - Search in: You can select the sections of the project that are to be searched. - Find exact match: Finds exactly the text you have entered. The search term is searched as individual word or as phrase. You cannot use wildcards in the search term when you use this option, for example, when you enter "*" or "?" the search is exactly for these characters. - Limit search: You can limit the search to specific object properties or object types. Use "*" as wildcard for any number of characters and "?" as wildcard for exactly one character within a word: When you use the "*" or "?" wildcards in a search term, you will receive whole words that match this search term as hits. When you enter "Motor*start", for example, you will receive hits such as "Motor starter" or "Motor1_Start" but not "Starting motors" or "Start motor1". An implicit wildcard search is always conducted. If you enter "Motor" as search term, for example, the search also finds the texts "Motor_ON", "Motor starter" and "123_Motor". This corresponds to the explicit wildcard search with the search term "*Motor*". You can deactivate the implicit wildcard search by enabling the option "Find exact match". Replace texts in the project You have the option to replace individual texts in the project. To do this, you can open the location immediately after a search by double-clicking on the hit list and editing the text. Once it is changed, the text is automatically indexed again. If you then want to open the next match, you receive a message that offers you the chance to refresh the hit list. In this way, you can replace a text in the entire project until the hit list no longer shows results. See also Basics of searching (Page 331) Overview of the search editor (Page 333) Search in entire project (Page 335) Creating a new search index manually (Page 336) Enabling and disabling search in the project (Page 337) Examples for searching in the project (Page 338) 6.4.2.2 Overview of the search editor Function of the search editor The search editor searches the entire project for specific texts and represents the search results clearly in a table. WinCC Advanced V14 System Manual, 10/2016 333 Introduction to the TIA Portal 6.4 Find and replace Layout of the search editor The figure below shows the components of the search editor: 1 2 3 4 Search mask Status bar Search filter Results list Search mask You enter the search term in the search mask and limit the search area. You also have the option to select "Find exact match" which means the search is limited exactly to the entered search term in the project and similar text passages are ignored. You start the search in the search mask. Status bar The status bar includes information about the search result. 334 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Search filter You can use the search filter to further limit the search results. If you have not activated any filters, the search includes all objects and object properties. If you activate a filter, only the search results which match the filter setting are displayed. Results list The results list shows all objects which include the search term. Double-click on a search result to open the corresponding editor and highlight the reference. See also Basics of searching (Page 331) Basics for search in the project (Page 332) Search in entire project (Page 335) Creating a new search index manually (Page 336) Enabling and disabling search in the project (Page 337) Examples for searching in the project (Page 338) 6.4.2.3 Search in entire project Requirement A project is open. Procedure To search the current project for a specific text, follow these steps: 1. Enter the search term in the text box for the search in the TIA Portal toolbar. 2. Click "Search in project". The search editor opens and a search for the search term is conducted across the entire project. The objects containing the search text are listed in the overview. Note You cannot enter any search options with this search. The entire project is searched and all objects that can be searched are included in the search. If you want to further limit the search or use search options, you can start the search once again. To do so, follow the alternative instructions under "Or" as of step 2. WinCC Advanced V14 System Manual, 10/2016 335 Introduction to the TIA Portal 6.4 Find and replace Or: 1. Open the search editor in one of two ways: - Select the "Search in project" command in the "Edit" menu. - Right-click an object in the project tree and select the "Search in project" command from the shortcut menu. The object is set as default search area in the "Search in" box. - Make sure that the focus is outside of an editor that supports an editor-specific search and press the shortcut <Ctrl+F>. 2. Enter the search term in the "Search" box, or select a term from the list of terms for which you have already searched. 3. To search exactly for the search term, select the check box "Find exact match". You cannot use wildcards in the search term when you use this option, for example, when you enter "*" or "?" the search is exactly for these characters. 4. To limit the search area, select the sections you want to include in the search under "Search in". 5. To limit the search to specific objects or object properties, select the objects or object properties you want to include in the search under "Limit search to". 6. Click "Start Search". The objects containing the search text are listed in the overview. 7. Double-click an object to open it. See also Basics of searching (Page 331) Basics for search in the project (Page 332) Overview of the search editor (Page 333) Creating a new search index manually (Page 336) Enabling and disabling search in the project (Page 337) Examples for searching in the project (Page 338) Searching and replacing in the editor (Page 342) 6.4.2.4 Creating a new search index manually For the search, an index of the texts of the editors which can be searched in the project is built up automatically in the background. The search index is updated with each change. You cannot start the search before indexing is complete. You can also generate the search index manually at any time. 336 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Procedure To automatically generate the search index, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the group "General > Search in project". 3. Click "Recreate search index". Result The indexes of the project are generated again. See also Basics of searching (Page 331) Basics for search in the project (Page 332) Overview of the search editor (Page 333) Search in entire project (Page 335) Enabling and disabling search in the project (Page 337) Examples for searching in the project (Page 338) 6.4.2.5 Enabling and disabling search in the project You can disable searching in the project centrally, if you do not need it. If necessary, you can enable again it at any time. By default, the search is enabled. Procedure To disable or enable searches in the project, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the group "General > Search in project". 3. Select or clear the "Enable 'Search in project'" check box. See also Basics of searching (Page 331) Basics for search in the project (Page 332) Overview of the search editor (Page 333) Search in entire project (Page 335) Creating a new search index manually (Page 336) Examples for searching in the project (Page 338) WinCC Advanced V14 System Manual, 10/2016 337 Introduction to the TIA Portal 6.4 Find and replace 6.4.2.6 Examples for searching in the project Examples for use of property and object filters The search editor offers filters in the "Limit search to" area which you can use to limit the search to specific properties or objects. Keep in mind the following mechanism: If you do not activate any filters, the search term is searched in all objects and properties that can be searched within the set search area. If you activate filters, only the selected properties or objects are searched. Examples for use of property and object filters: Search for an object with the name "Motor1": Enter the search term and activate the filter "Name". All objects which include "Motor1" in their name are found. Search for an object which includes the text "Motor1" either in its name or in a comment: Enter the search term and activate the filters "Name" and "Comment". All objects which include "Motor1" in their name or in the comment are found. Search for a block with the name "Motor1": Enter the search term and activate the filters "Name" and "Block". All blocks which include "Motor1" in their name are found. Search for a block which includes the text "Motor1" either in its name or in a comment: Enter the search term and activate the filters "Name", "Comment" and "Block". All blocks which include "Motor1" in their name or in the comment are found. Search for a block or a technology object with the name "Motor1": Enter the search term and activate the filters "Name", "Block" and "Technology object". All blocks or technology objects which include "Motor1" in their name are found. When entering the search term, note the following examples for searching for a term or several terms. Examples for the search for one term When your search entry consists of only one term and the option "Find exact match" is disabled, the search is always an implicit wildcard search. The system adds the wildcard "*" in front of and behind the search term. You can insert wildcards in the search term yourself to conduct an explicit wildcard search. If you want to find exactly the term you have entered, select the option "Find exact match". Uppercase and lowercase letters are not taken into account in the search. Examples for the search for one term: Search for "motor", "Find exact match" option is disabled An implicit wildcard search is conducted. The search term is interpreted as "*motor*" and all terms which include "motor" are found, for example, "motor", "motor_1", "Motorstart" or "Start_Motor". Search for "m*tor" (explicit wild card search), "Find exact match" option is disabled The search term is interpreted as "*m*tor*" in this wildcard search. This means terms, such as "motor", "motor_1", "Start_Motor", "GLOB.Mode.motor[1]" or "Mo_tor" are also found. 338 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Search for "motor", "Find exact match" option is enabled No wildcards are used for the search, which means only the terms "motor" and "Motor" are found. Search for "m*tor" (explicit wild card search), "Find exact match" option is enabled The character "*" is no longer a wildcard and is interpreted as a regular character. The search only finds the character strings "m*tor" and "M*tor" but not, for example, the terms "motor", "", "Motormotor_1". Application examples: If you want to determine from where the "GLOB_DB.MODE.FG[6].IN.ERROR_DROP_START" element of a data block is accessed, you can use the cross-reference list. If access takes place by indirect addressing (e.g. with "#GLOB.MODE.FG[#FgNr].IN.ERROR_DROP_START := TRUE;"), however, the crossreference list does not return any results. Use a wildcard search for "MODE.FG[*].IN.ERROR_DROP_START" across the entire project in this case. You want to find all instances where "ERROR_DROP_START" is used. Perform a search for "ERROR_DROP_START" across the entire project. The search also finds all "ERROR_DROP_START" elements within the "FG[]" array. Examples for the search for multiple terms When you enter a search term which consists of multiple terms and the "Find exact match" option is disabled, you will find those objects which include all these terms. The texts can appear in any order. If you want the terms to appear exactly as you have entered them in an object, select the "Find exact match" option. Uppercase and lowercase letters are not taken into account in the search. Examples for the search for multiple terms: Search for "motor start", "Find exact match" option is disabled All objects which include "motor" and "start" are found. It does not matter how far apart they are from each other or in which order they appear. Possible hits therefore include: "Motor start", "start my motor", "my motor is in start mode" Search for "motor start*", "Find exact match" option is disabled As with the search for a word, an implicit wildcard search is always conducted for all words with a multiple word search. This means it is not necessary to explicitly enter a wildcard character. "motor start*" is interpreted as "*motor* *start*" and the same hits are found as with "motor start". Search for "motor start", "Find exact match" option is enabled When the option "Find exact match" is enabled, only objects which include both terms one after the other as a phrase are found. The search finds the search term, for example, in objects which include the texts "push motor start button" or "motor start on". No hits are returned for "start motor", "motorstart", "start my motor", "my motor is in start mode". Search for "motor start*", "Find exact match" option is enabled The character "*" is no longer a wildcard and is interpreted as a regular character. The search only finds objects in which the character string "motor start*" appears in uppercase or lowercase letters. "motor starting", "start my motor", "motor start", "Motor Start", "motor start_mode" do not result in any hits. WinCC Advanced V14 System Manual, 10/2016 339 Introduction to the TIA Portal 6.4 Find and replace Application examples: You want to find out where you have used the function "Setbit" to set the "MotorOn" tag. To do so, conduct a search for "setbit motoron". You want to find a specific network comment but you only know that it includes the words "CPU" and "Cycle". To do so, start a search for "CPU cycle". See also Basics of searching (Page 331) Basics for search in the project (Page 332) Overview of the search editor (Page 333) Search in entire project (Page 335) Creating a new search index manually (Page 336) Enabling and disabling search in the project (Page 337) 6.4.3 Searching and replacing in the editor 6.4.3.1 Basics for search in open editors Introduction You can start a search which is limited to the editor currently open in the workspace. You can customize the search as follows to suit requirements: You can optimize the search with additional options. You can specify the search area. You can specify the search direction. Additional options for searching You can refine the search with the help of the following additional options: Whole words only Only whole words are taken into account for the search. Compound words that contain the search key as a part are ignored. Match case Upper- and lowercase letters are taken into account in the search. Find in substructures The search also includes texts contained in another object. Find in hidden texts Texts that are assigned to another text but that are currently hidden are also included in the search. 340 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Use wildcards Enter an asterisk as the wildcard for any number of characters. Example: You want to search for all words starting with "Device". Type in "Device*" in the search key box. Enter a question mark as the wildcard, however, if you only want to exclude a single character. Use regular expressions (for searching in scripts only) A regular expression is a character string used to describe sets of values and for filtering. This allows you to create complex search patterns. The additional options available depend on the installed products and the editor opened. Search area and search direction You have the following options for define the search area: Whole document The entire is searched regardless of the current selection and position. From current position The search starts at the current position. Depending on the search direction, all texts above or to the left or below or to the right of the current position are not included in the search. Selection The search term is only searched for in the current selection. You can define the search direction independent of the search area: Down Search takes place in editor from top to bottom or from left to right. Up Search takes place in editor from bottom to top or from right to left. 6.4.3.2 Overview of the "Find and replace" palette Function of the "Find and replace" palette The "Find and replace" palette in the "Tasks" task card lets you search in an open editor. It includes all options that you need for an efficient search. WinCC Advanced V14 System Manual, 10/2016 341 Introduction to the TIA Portal 6.4 Find and replace Layout of the "Find and replace" palette The following figure shows the components of the "Find and replace" palette: 1 2 3 4 5 6 7 Enter search terms Additional options Search direction Start search Enter replacement term Replace area Replace 6.4.3.3 Searching and replacing in the editor You have the option to search for text in an editor or to replace it. 342 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.4 Find and replace Start search Follow these steps to start the "Find and replace" function: 1. Select the "Find and replace" command in the "Edit" menu or open the "Find and replace" pane in the "Tasks" task card. The "Find and replace" pane opens. 2. Enter a term in the "Find" drop-down list. As an alternative, you can select the most recent search key from the drop-down list. 3. Select the options desired for the search. 4. Using the option buttons, select the starting point for the search and the search direction. 5. Click "Find". The first hit is marked in the editor. 6. Click "Find" again to display the next hit. The next hit is marked in the editor. Repeat this step as needed until you reach the last hit. Replacing the search key You have the option of replacing hits individually or automatically replacing all the found texts, if the respective editor supports this function. Follow these steps to replace terms: 1. Enter a term in the "Find" drop-down list. As an alternative, you can select the most recent search key from the drop-down list. 2. Select the options desired for the search. 3. Click the "Find" button to start a search for the specified search key. The first hit is displayed in the editor. 4. In the "Replace" drop-down list, enter the text you wish to use to replace the search key. As an alternative, you can select one of the last entered texts from the drop-down list. 5. Click the "Replace" button to replace the selected hit with the specified text. The found text is replaced and the next hit is marked in the editor. Repeat this procedure until you have replaced all the desired hits. To skip to the next hit without replacing the marked word, click the "Find" button instead of "Replace". 6. Click "Replace all" to automatically replace all hits at once. See also Basics of searching (Page 331) Search in entire project (Page 335) WinCC Advanced V14 System Manual, 10/2016 343 Introduction to the TIA Portal 6.5 Undoing and redoing actions 6.5 Undoing and redoing actions 6.5.1 Basics of undoing and redoing actions Function You can undo performed actions at any time. For this purpose, every action you perform is saved in an action stack. When undoing actions, the stack is processed from top to bottom. In other words, if you undo an action that lies further down in the stack, all actions located above it in the stack will also be undone automatically. You can redo previously undone actions until you execute a new action. Once you execute a new action, it is no longer possible to redo previously undone actions. Particularities for undoing There are a few actions that empty the action stack. You cannot undo these actions or the actions performed before these actions. The following actions empty the action stack: Saving Project management (creating a new project, opening project, closing a project, deleting a project) Establishing an online connection Keep in mind that the action stack is emptied every time you establish an online connection. This means that the actions executed offline cannot be undone once the online connection is established. You can undo all actions which you subsequently execute online, even after the online connection has been terminated. Displaying the action stack The "Undo" button in the toolbar is enabled as soon as you perform an action that can be undone. This button is split; you can use the arrow down portion to open a drop-down list. containing all actions of the action stack that you can undo. If you had performed actions in an editor other than the currently displayed editor, the corresponding editor is also displayed as a subheading. This allows you to always identify the point at which the undo operation will be applied. The subheadings are removed from the list when the editor responsible can no longer undo actions. Actions you have undone are entered in the action stack from where they can be redone. Here, you can redo actions you have undone. The display of actions you can redo it is analogous to the display of the actions that you can undo. 344 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.5 Undoing and redoing actions Example of undoing actions The figure below shows how actions performed in various editors and tables are undone: $FWLRQVWDFN +DUGZDUHDQG QHWZRUNHGLWRU 8QGRVHTXHQFH 7DVNSODQQHU 3URJUDPPLQJHGLWRU 0HVVDJHV 6DYHSURMHFW In this example, you cannot undo actions 1 to 3 because the project was saved. You can undo actions 4 to 10 in the order indicated by the direction of the arrow. In other words, you must undo action 10 first. Once you have undone action 8, you cannot then undo action 5. You must first undo actions 7 and 6. As the final step in the sequence, you can then undo action 4. You also have the option of undoing several actions in a single step by undoing an action located further down in the action stack. All actions located above it in the stack will be undone automatically. The same principle also applies to redoing of actions. See also Undoing an action (Page 345) Redoing an action (Page 346) 6.5.2 Undoing an action The following options are available for undoing actions: Undoing the last action only Only the last action performed is undone. Undoing as many actions as required Multiple actions in the action stack are undone in a single step. WinCC Advanced V14 System Manual, 10/2016 345 Introduction to the TIA Portal 6.5 Undoing and redoing actions Undoing the last action only To undo the last action performed, follow the steps below: 1. Click the "Undo" button in the toolbar. - If the action was not performed in the currently displayed editor, a confirmation prompt appears. - If the undo operation requires an editor containing a protected object to be opened, you must enter the password for the object. 2. Click "Yes" to confirm. 3. Enter the password, if necessary. The editor in which the action was performed is displayed and the action is undone. Undoing as many actions as required To undo multiple actions in the action stack in a single step, follow these steps: 1. Click the Down arrow next to the "Undo" button in the toolbar. This opens a drop-down list containing all actions you can undo. Actions performed in other editors are identified by the editor name in the subheading. 2. Click the action you want to undo. The chosen action and all actions in the stack located above the chosen action are undone. If the undo operation requires an editor containing a protected object to be opened, you must enter the password for the object. 3. Enter the required passwords, if necessary. The editors in which the actions were performed are displayed and the actions are undone. See also Basics of undoing and redoing actions (Page 344) Redoing an action (Page 346) 6.5.3 Redoing an action You have the option of redoing an action that has been undone, so that you can return to the status present before "Undo" was performed. However, this is only possible until you perform a new action. The following options are available for redoing actions: Redoing the last undone action only Only the last undone action is redone. Redoing as many undone actions as required Multiple undone actions in the action stack are redone in a single step. 346 WinCC Advanced V14 System Manual, 10/2016 Introduction to the TIA Portal 6.5 Undoing and redoing actions Redoing the last undone action only To redo the last undone action, follow the steps below: 1. Click the "Redo" button in the toolbar. - If the action is not being redone in the currently displayed editor, a confirmation prompt appears. - If the redo operation requires an editor containing a protected object to be opened, you must enter the password for the object. 2. Click "Yes" to confirm. 3. Enter the password, if necessary. The editor in which the action was undone is displayed and the action is redone. Redoing as many undone actions as required To redo multiple undone actions in the action stack in a single step, follow these steps: 1. Click the Down arrow next to the "Redo" button in the toolbar. This opens a drop-down list containing all actions you can redo. Actions performed in other editors are identified by the editor name in the subheading. 2. Click the action you want to redo. The chosen action and all actions in the stack located above the chosen action are redone. If the redo operation requires an editor containing a protected object to be opened, you must enter the password for the object. 3. Enter the required passwords, if necessary. The editors in which the actions were undone are displayed and the actions are redone. See also Basics of undoing and redoing actions (Page 344) Undoing an action (Page 345) WinCC Advanced V14 System Manual, 10/2016 347 Introduction to the TIA Portal 6.5 Undoing and redoing actions 348 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects 7.1.1 The basics of projects 7 Introduction Projects are used to organize the storage of data and programs resulting from the creation of an automation solution. The data that makes up a project includes the following: Configuration data on the hardware structure and parameter assignment data for modules Project engineering data for communication over networks Project engineering data for the devices Logs for important events in the life cycle of the project Project hierarchy Data is stored in a project in the form of objects. Within the project, the objects are arranged in a tree structure (project hierarchy). The project hierarchy is based on the devices and stations along with the configuration data and programs belonging to them. Common data of the project and online access, for example, are also displayed in the project tree. See also Using logs (Page 361) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) WinCC Advanced V14 System Manual, 10/2016 349 Editing projects 7.1 Creating and managing projects 7.1.2 Compatibility of projects You can use the TIA Portal to open projects that were created with the same version of the product or with a different installation package. Projects from previous versions must be upgraded to the current version prior to opening. Projects from older product versions cannot be opened directly. Below, you will learn what to consider when opening projects from older product versions. Opening projects from older product versions The table below describes the behavior of the TIA Portal when opening projects from older product versions: Product version of the TIA Portal Behavior when opened with the current product version of the TIA Portal (file extension of the respec tive version) V10.5 (.ap10) A message is displayed instructing you to open the project with the product version V13 SP1. V11.x (.ap11) The project is automatically upgraded to the project format V13 SP1 and is given the file extension ".ap13" when opened with the product version V13 SP1, following your confirma tion. V12 (.ap12) V12 SP1 (.ap12) V13 (.ap13) V13 SP1 (.ap13) The project is automatically upgraded to the project format V14 and is given the file extension ".ap14" when opened with the product version V14, following your confirmation. The upgraded project is a copy of the original project. The original project is retained un changed. Backward compatibility with the current product version Projects that have been saved with the current version of the TIA Portal are not backward compatible with older versions due to their enhanced functionality. Projects saved with TIA Portal V14 can only be opened with TIA Portal V14 or later. 350 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects Opening projects created with add-on products The project you want to open may include data that were created with an optional software. The following cases may occur if you did not install the optional software: Software components which are not absolutely required are missing: A dialog appears listing the missing software components. After the project is opened, its properties are displayed. You now have the opportunity to install missing components. All the devices contained in the project are available even if you do not install the missing components. However, you can only work with the devices that are supported by the currently installed software. Devices which are not supported because software components are missing are identified by the following symbol in the project tree: Essential software components are missing: A dialog appears listing the missing software components. The essential software components are marked. The project can only be opened if you install the missing software components. Special features when using data blocks from other product versions Data blocks that were created with a different product version of the TIA Portal cannot be opened and edited with the current product version. When you open a program block in the project tree in online mode, you receive an error message. Unsupported data blocks are marked the project tree with the following symbol in an additional column in the "Program blocks" folder below a device or in the "Online access" folder below an interface: In order to open and edit the unsupported data blocks, you can upgrade the blocks in the project. You can find additional information in the section "Upgrading projects (Page 354)". See also The basics of projects (Page 349) Creating a new project (Page 352) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) Compatibility of global libraries (Page 469) WinCC Advanced V14 System Manual, 10/2016 351 Editing projects 7.1 Creating and managing projects 7.1.3 Creating a new project Procedure To create a new project, follow these steps: 1. Select the "New" command in the "Project" menu. The "Create a new project" dialog opens. 2. Enter your project name and path or accept the proposed settings. 3. Click the "Create" button. Result The new project is created and displayed in the project tree. See also The basics of projects (Page 349) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) 7.1.4 Opening existing projects You can open projects directly from the current product version with the TIA Portal. When you open projects from a previous version, you are prompted to upgrade the project. You recognize projects of the TIA Portal by their file name extension ".ap[version number]". Projects of TIA Portal V14 have the file name extension ".ap14". 352 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects Procedure To open an existing project, follow these steps: 1. Select the "Open" command in the "Project" menu. The "Open project" dialog box opens and the list of recently used projects is displayed. 2. Select a project from the list and click "Open". 3. If the project you require is not included in the list, click the "Browse" button. Navigate to the desired project folder and open the project file. Projects in the current project format are opened in the project view. If you have selected a project from a previous version of the TIA Portal, the "Upgrade project" dialog opens. You can find more information on upgrading projects under "Upgrading projects (Page 354)". Checking for missing software components When opening existing projects, an automatic check is made to determine if the appropriate software is installed for all modules used within the project. If you try to open a project with modules that are not supported by the current scope of installation of the TIA portal, a message appears on opening the project informing you of the missing software components. If the software components are not absolutely required to open the project, the project can still be opened. Reaction to missing software components Unsupported modules of a project are handled as follows: Display of the modules on the user interface - The unsupported modules are displayed in the project tree with all of their lower-level objects. However, the modules themselves cannot be processed in editors or in the inspector window. When possible, a replacement module is used that best matches the original module. Replacement modules are indicated by an exclamation mark. - Display of properties in tables is limited. This applies in particular to the display of network parameters, such as the IP address. Functional limitations - Unsupported modules cannot be printed out or compiled. - An online connection cannot be established to the modules. It is therefore also impossible to download. - To change the device type, the device must first be deleted and then re-inserted. The "Change device type" function is not supported. - Copying and inserting lower-level objects, such as blocks, is possible although the device itself cannot be copied and inserted. - The network configuration cannot be changed with replacement modules within the network view. - Cross-references can be displayed. However, the cross-references only reflect the status last saved within the project because on online comparison with the original module cannot be made. WinCC Advanced V14 System Manual, 10/2016 353 Editing projects 7.1 Creating and managing projects See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) Compiling project data (Page 370) Opening a global library (Page 470) 7.1.5 Upgrading projects Projects from older versions of the TIA Portal can only be opened after being upgraded to the current product version. To find out which options you have depending on the product version of the project, go to chapter "Compatibility of projects (Page 350)". When you open projects from older product versions, you are prompted to upgrade the project. After the project is upgraded to the current product version, it can no longer be opened in older versions of the TIA Portal. But the original project is still available. The upgraded project is saved as a copy and receives the name extension "_V14". Global libraries are not upgraded automatically together with the project because they are independent of projects. If you want to continue using global libraries from older versions of the TIA Portal, upgrade the global libraries as well. You can find more information on upgrading global libraries in the chapter "Compatibility of global libraries (Page 469)". Blocks with know-how protection from earlier versions of the TIA Portal are not automatically upgraded with the project. Remove the know-how protection of the blocks from the earlier version of the product before upgrading the project. Set up know-how protection again afterwards with the latest version of the TIA Portal. For more detailed information, refer to section "Upgrading know-how protected blocks (Page 356)". Upgrading projects from TIA Portal V13 SP1 To upgrade a project from TIA Portal V13 SP1, follow these steps: 1. Select the "Open" command in the "Project" menu. The "Open project" dialog box opens and the list of recently used projects is displayed. 2. Select a project from the list and click "Open". 3. If the project you require is not included in the list, click the "Browse" button. Navigate to the desired project folder and open the project file. The "Upgrade project" dialog box opens. 354 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects 4. Click "OK". The project is upgraded to the current version and opened. 5. Compile the hardware and software of all devices in the project. Upgrading from TIA Portal V13 SP1 projects with master copies from TIA Portal V10.5 Before upgrading a project, check if the master copies created with TIA Portal V10.5 are contained in its project library. This is necessary, for example, if you receive a message during the upgrade about an S7-1200 CPU with firmware version V1.0 used in the project, even though you have not configured such a CPU. The CPU is a master copy in the project library in this case. Before upgrading a project with master copies from TIA Portal V10.5, therefore, do the following: 1. Use each master copy created with the TIA Portal V10.5 once in the project. 2. Delete the affected master copies from the project library. 3. Create the master copy again with the objects from the project. 4. Save the project in TIA Portal V13 SP1. You can then upgrade the project to the latest version. Upgrading projects from the TIA Portal V13 or earlier Projects of product version V13 or earlier cannot be upgraded and opened with the TIA Portal. You first have to upgrade projects from TIA Portal V13 or earlier with the product version V13 SP1. You can then upgrade, open and edit projects with the current product version. You can find additional information on upgrading projects from earlier product versions in the Siemens Industry online support (https://support.industry.siemens.com/cs/ww/en/view/ 109476392). See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) Compiling project data (Page 370) WinCC Advanced V14 System Manual, 10/2016 355 Editing projects 7.1 Creating and managing projects 7.1.6 Upgrading know-how protected blocks For security reasons, the know-how protection of blocks is tied to the version of the TIA Portal with which the know-how protection was set up. This means blocks that were assigned knowhow protection in an earlier product version cannot be opened and edited with the previous password after the upgrade. However, the blocks can be downloaded to the controller and are executable. If you want to open and edit the block after the upgrade, remove the know-how protection of the blocks and set it up again. Procedure To upgrade know-how protected blocks, follow these steps: 1. Remove the know-how protection of the blocks from the previous version in the "Edit" menu with the "Know-how protection" command. For more detailed information, refer to section "Removing know-how protection for blocks". 2. Upgrade the project as described in the section "Upgrading projects (Page 354)". 3. Set up the know-how protection of the blocks from the current product version again in the "Edit" menu with the "Know-how protection" command. For more detailed information, refer to section "Setting up know-how protection for blocks". 7.1.7 Displaying properties of the project You can display the properties of a project. In the "General" tab you find the following project properties in the area navigation: Metadata for the project This includes the following information: creation time, author, file path, project size, copyright, project languages, etc. Many of the properties can be changed. Project history The project history contains an overview with important events in the project life cycle. Here, for example, you can see the version of the TIA Portal used to create a project and whether it has been converted to another version in the meantime. If a project was created during a migration, for example, this is also indicated in the project history table with the date and time of the migration. If a log was created for an event, you can also call the log directly. Support packages in the project An overview of the add-on software needed to work with all devices in the project is displayed. In addition, installed GSD files are listed (device description files for other devices in the hardware catalog). Software products in the project You can display an overview of all installed software products needed for the project. In the "Protection" tab you specify that blocks can be simulated after the compilation with SIMATIC S7-PLCSIM Advanced. To do this, select the check box "Support simulation during block compilation". By default, the function is disabled. 356 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects Procedure To display the project properties, follow these steps: 1. Select the open project in the project tree. 2. Select "Properties" in the shortcut menu of the project. The dialog with the properties of the project opens. 3. Select the project properties in the area navigation that you want to have displayed. See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) 7.1.8 Saving projects You can save the project at any time either under the same or a different name. You can even save a project when it still contains elements with errors. Saving a project To save a project, follow these steps: 1. Select the "Save" command in the "Project" menu. All changes to the project are saved under the current project name. If you are editing a project from an earlier version of the TIA Portal, the file extension of the project is also retained and you can continue to edit the project in the earlier version of the TIA Portal. Project Save as To save a project under another name, follow these steps: 1. Select the "Save as" command in the "Project" menu. The "Save current project as" dialog opens. 2. Select the project folder in the "Save in" box. WinCC Advanced V14 System Manual, 10/2016 357 Editing projects 7.1 Creating and managing projects 3. Enter the new project name in the "File name" box. 4. Confirm your entry with "Save". The project is saved under the new name and opened. Note Undoing actions Keep in mind that you cannot undo actions once you have saved the project. See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Closing projects (Page 358) Removing projects from the project list (Page 359) Deleting projects (Page 360) 7.1.9 Closing projects Procedure To close a project, follow these steps: 1. Select the "Close" command in the "Project" menu. If you have made changes to the project since the last time you saved it, a message is displayed. 2. Decide whether or not you want to save the changes. See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) 358 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects Saving projects (Page 357) Removing projects from the project list (Page 359) Deleting projects (Page 360) 7.1.10 Removing projects from the project list You can remove projects from the list of recently used projects. The project data is retained on the storage medium. Procedure To remove a project from the list of recently used projects, follow these steps: 1. Select the "Delete project" command in the "Project" menu. The "Delete project" dialog opens and includes the list of most recently used projects. 2. Select a project from the list. 3. Click the "Remove" button. 4. Click "Yes" to confirm the prompt in order to remove the project from the list. Result The project is no longer displayed in the list of recently used projects. If you open the project again, it will be added to the list again. See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Deleting projects (Page 360) WinCC Advanced V14 System Manual, 10/2016 359 Editing projects 7.1 Creating and managing projects 7.1.11 Deleting projects Note When you delete a project, the entire project data is removed from the storage medium. Requirement The project you want to delete is not open. Procedure Follow the steps below to delete an existing project: 1. Select the "Delete project" command in the "Project" menu. The "Delete project" dialog opens and includes the list of most recently used projects. 2. Select a project from the list. If the project you require is not included in the list, click the "Browse" button. Navigate to the desired project folder, and open the project file. 3. Click the "Delete" button. 4. Click "Yes" to confirm. This starts the deletion of the project. Result The entire project folder is deleted from the file system. See also The basics of projects (Page 349) Creating a new project (Page 352) Compatibility of projects (Page 350) Opening existing projects (Page 352) Upgrading projects (Page 354) Displaying properties of the project (Page 356) Saving projects (Page 357) Closing projects (Page 358) Removing projects from the project list (Page 359) 360 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.1 Creating and managing projects 7.1.12 Using logs For some operations within the TIA Portal, logs are created automatically in the background. These logs document changes in the project. Logs are created automatically, for example, when you migrate projects and programs or when you update instances from the library. Logs are displayed in the "Common data" folder in the project tree. They are stored together with the project in the project folder and can therefore be read independently of the programming device/PC used as soon as you have opened the project. The log can be filtered for errors, warnings, and information. In addition to displaying them in the TIA Portal, logs can also be printed. Displaying logs To open a log, follow these steps: 1. Open the "Common data > Logs" folder in the project tree. 2. Double-click the desired log in the list. The contents of the log are displayed in the work area. 3. Optional: To show or hide a particular category of alarms, activate or deactivate the button for "Errors", "Warnings", or "Information" in the toolbar. Deleting logs To delete a log, follow these steps: 1. Select the log in the project tree. 2. Press <Del>. The selected log is deleted from the project directory and removed from the project tree. 7.1.13 Importing and exporting CAx data CAx files are XML files that you create in the TIA Portal and that you can swap between different installations or with other tools such as ECAD systems. The files include information on the hardware configuration of an individual station or of an entire project. Folder hierarchies (Groups) are retained when exporting or importing CAx files. Requirements You have installed the "Openness" option package. If you have not installed the option package, install it from the TIA Portal installation DVD from the subfolder "\support". You have opened a project. WinCC Advanced V14 System Manual, 10/2016 361 Editing projects 7.2 Archiving and retrieving projects Exporting CAx files of a project 1. In the "Tools" menu, click on "Export CAx data...". 2. In the "CAx Export" dialog, select a directory for the file to be exported. 3. If necessary, change the file name and confirm with "Save". The exported file receives the file extension ".Cax". You will receive a feedback message about the status of the export of stations, for example error messages, in the inspector window in the "Info > General" tab. Exporting CAx files of a station 1. Select the station to be exported in the project tree. 2. Select "Export CAx data ..." from the shortcut menu. 3. In the "CAx Export" dialog, select a directory for the file to be exported. 4. If necessary, change the file name and confirm with "Save". The exported file receives the file extension ".Cax". You will receive a feedback message about the status of the export of stations, for example error messages, in the inspector window in the "Info > General" tab. Importing CAx files of a station or of a project 1. In the "Tools" menu, click on "Import CAx data...". 2. Select a CAx file in a directory in the "CAx Import" dialog. 3. Click the "Open" button. You will receive a feedback message about the status of the import of stations, for example error messages, in the inspector window in the "Info > General" tab. 7.2 Archiving and retrieving projects 7.2.1 Working with project archives Archiving and transferring projects If you work for a long time with a project, large files may result, especially with extensive hardware configurations. Therefore, you may want to reduce the size of the project, for example, when you archive it to an external hard drive, or when you send it via e-mail and require a smaller file size. You can create a project archive to reduce the size of the project. TIA Portal project archives are compressed or uncompressed files, each containing an entire project including the entire folder structure of the project. Before the project directory is compressed into the archive file, all files are reduced to their essential components to further decrease the size of the project. 362 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.2 Archiving and retrieving projects Project archives have the file extension ".zap[version number of the TIA Portal]". Projects created with TIA Portal V14 have the file extension ". zap14". To open a project archive, retrieve the project archive. By retrieving it, the archive file with the included project files is extracted to the original project directory structure. See also Retrieving compressed project (Page 364) Creating a project archive (Page 363) 7.2.2 Creating a project archive You can reduce the required storage space of the currently open project by archiving the project in a compressed file. Note The most recently saved state of the project is used for archiving. Therefore, save the project before using the archiving function. This will ensure that your most recent changes are included in the archived project. Procedure To archive a project, follow these steps: 1. Select the "Archive ..." command from the "Project" menu. The "Archive project" dialog box opens. 2. To create a compressed archive file, select the "TIA Portal project archive" option. 3. If you do not want to archive the search index and the HMI compile result, select the option "Discard recoverable data". You can restore the discarded data if needed. 4. To add a date and time automatically, select the "Add date and time to the file name". The extension is shown in the "Resulting file name" box behind the selected file name. 5. Enter a file name in the "File name" box. 6. Select the path to the archive file. You can set the default directory under "Options > General > Storage location for project archives". 7. Click "Archive". Result A compressed file with the extension ".zap14" is generated. The archive file contains the complete project directory. The individual files of the project are also reduced to the essential components in order to save space. WinCC Advanced V14 System Manual, 10/2016 363 Editing projects 7.2 Archiving and retrieving projects See also Working with project archives (Page 362) Retrieving compressed project (Page 364) 7.2.3 Retrieving compressed project You extract project archives of the TIA Portal with the "Retrieve" function. This restores the project directory structure including all project files. Requirement No project is open. Procedure To extract a project archive, follow these steps: 1. Select the "Retrieve" command in the "Project" menu. The "Retrieve archived project" dialog opens. 2. Select the project archive. 3. Click "Open". 4. The "Find folder" dialog opens. 5. Select the target directory to which the archived project should be extracted. 6. Click "OK". Result The project is extracted to the selected directory and opened immediately. If you extract a project archive that includes a project from the product version V13 SP1, you may have to upgrade the project. You will automatically receive the corresponding prompt as soon as you open the project. The same rules apply that are described in the chapter "Compatibility of projects (Page 350)". The search index and HMI compile result are automatically restored in the background. See also Working with project archives (Page 362) Opening existing projects (Page 352) Compatibility of projects (Page 350) Upgrading projects (Page 354) 364 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.3 Using reference projects 7.3 Using reference projects 7.3.1 Basics of reference projects Introduction You can open other projects as a reference in addition to the current project. You can use these reference projects as follows: You can drag individual objects from a reference project into the current project and then edit them. You can open specific objects, for example, code blocks from a reference project as readonly. But this is not possible for all elements. You can use an offline/offline comparison to compare devices of the reference project to devices from the current project. Note that reference projects are read-only. You cannot change the objects of a reference project. Projects that were created with an older version of the TIA Portal or with a different installation package can also be opened as reference projects. The same compatibility rules apply here as for normal opening of a project from an older version of the TIA Portal. See also: Compatibility of projects (Page 350) See also Comparing reference projects (Page 366) Opening and closing a reference project (Page 365) Reference projects (Page 289) 7.3.2 Opening and closing a reference project Opening a reference project To open a reference project, follow these steps: 1. In the "View" menu, select the "Reference projects" check box. The "Reference projects" palette is displayed in the project tree. 2. In the "Reference projects" palette of the project tree, click on "Open reference project" in the toolbar. The "Open reference project" dialog box opens. WinCC Advanced V14 System Manual, 10/2016 365 Editing projects 7.3 Using reference projects 3. Navigate to the desired project folder and open the project file. TIA Portal V14 projects have the extension ".ap14". Older projects of the TIA Portal have the extension ".ap[version number]". 4. Click "Open". The selected project is opened as a read-only reference project. Closing a reference project To close a reference project, follow these steps: 1. In the "Reference projects" palette of the project tree, select the reference project you want to close. 2. Click on "Close reference project" in the toolbar. The selected reference project is closed. See also Basics of reference projects (Page 365) Comparing reference projects (Page 366) Reference projects (Page 289) 7.3.3 Comparing reference projects Introduction You can compare devices from reference projects with devices from both the current project as well as from the same or another reference project or from a library. Note Please note the following: You cannot specify actions for the comparison objects, since the reference projects are write-protected. You can perform a detailed comparison for the comparison objects, if the type of comparison object generally allows a detailed comparison. When comparing reference projects, you can always switch between automatic and manual comparison. 366 WinCC Advanced V14 System Manual, 10/2016 Editing projects 7.3 Using reference projects Procedure To compare the objects of a reference project to the device data of the current project, follow these steps: 1. In the project tree, select the device whose data you want to compare to the data of a reference project and which allows offline/offline comparison. 2. Select "Compare > Offline/Offline" from the shortcut menu. The compare editor opens with the selected device displayed in the left area. 3. Open the "Reference projects" palette in the project tree. 4. Select the device of a reference project that you want to compare to the device data from the current project. 5. Drag the device from the reference project into the right drop area of the compare editor. You can identify the status of the objects based on the symbols in the status and action area. When you select an object, the object's properties and the corresponding object of the associated device is clearly shown in the properties comparison. You can drag a library or other devices from a reference project from the current project into drop areas at any time and thus start a new comparison. It does not matter which device you drag into the drop area. See also Basics of reference projects (Page 365) Reference projects (Page 289) Opening and closing a reference project (Page 365) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) WinCC Advanced V14 System Manual, 10/2016 367 Editing projects 7.3 Using reference projects 368 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.1 Compiling and loading project data 8.1.1 Compiling project data 8.1.1.1 General information on compiling project data 8 Compiling project data During compilation, project data is converted so that it can be read by the device. Hardware configuration data and program data can be compiled separately or together. You can compile the project data for one or more target systems at the same time. The following project data must be compiled prior to loading: Hardware project data, for example, configuration data of the devices or networks and connections Software project data, for example, program blocks or process screens Note While a device is being compiled, no additional compiling process can be started. Note in this regard that you can not only perform a compiling process manually, but you can also trigger it automatically for operator control and monitoring devices. Scope of the compilation When you compile project data, you have the following options depending on the device involved: Hardware and software (only changes) Hardware (only changes) Hardware (rebuild completely) Software (only changes) Software (rebuild all blocks) Software (reset memory reserve) See also Compiling project data (Page 370) WinCC Advanced V14 System Manual, 10/2016 369 Editing project data 8.1 Compiling and loading project data 8.1.1.2 Compiling project data The following section describes the general procedure for compiling project data in the project tree. You will find details of how certain objects are compiled and any special points to note in the online help of the product. Procedure To compile project data, follow these steps: 1. In the project tree, select the devices whose project data you want to compile. 2. Select the option you require in "Compile" submenu of the shortcut menu. Note Note that the options available to you depend on the selected device. The project data is compiled. You can check whether or not the compilation was successful in the Inspector window with "Info > Compile". See also General information on compiling project data (Page 369) 8.1.2 Loading project data 8.1.2.1 General information on loading Introduction In order to set up your automation system, you need to load the project data you generated offline on the connected devices. This project data is generated, for example when configuring hardware, networks, and connections or when programming the user program or when creating recipes. The first time you download, the entire project data is downloaded. During later loading operations, only changes are downloaded. You can download the project data to devices and memory cards. Note While a device is being compiled, no additional download process can be started. Note in this regard that you can not only perform a compiling process manually, but you can also trigger it automatically for operator control and monitoring devices. 370 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.1 Compiling and loading project data Possible options for downloading Depending on the object you want to download, you have the following options: Hardware and software (only changes) Both the hardware configuration and software are downloaded to the destination if differences exist between the online and offline versions. Hardware configuration Only the hardware configuration is downloaded to the destination. Software (only changes) Only the objects that differ online and offline are downloaded to the destination. Load PLC program to device and reset All the blocks are loaded to the destination and all values are reset to their initial state. Be aware that this also applies to retentive values. You can also upload project data already contained in a device back to your project. You have the following options: Upload entire device as new station The hardware configuration of the device and the software on the device are loaded in the project. All relevant data of the device is uploaded to the project. Upload software of a device Only the blocks and parameters from the device are uploaded to an existing CPU in the project. In both cases, during loading all instances of library types are connected again with the corresponding version of the type in the project library. If no suitable type is yet available for a loaded instance or the correct version of the type does not exist in the project library, the type or the version is added to the project library. Downloading with synchronization In team engineering, it is possible for several users to work on one project with several engineering systems at the same time and to access one S7-1500 CPU. To ensure consistency within the shared project, it is necessary to synchronize the changed data prior to loading so that nothing gets overwritten unintentionally. If differences are detected between the online and offline data management within the shared project that were caused by a different engineering system, automatic synchronization of the data to be loaded is offered when loading. In this case, the "Synchronization" dialog displays the data to be synchronized with the current status (online-offline comparison) and the possible actions. Use case Recommendation Synchronization One or more blocks on the CPU (online) are more recent than in the engineering system (offline). These blocks should be uploaded from the CPU to the engineering system be fore downloading. Automatic synchronization is possible: One or more new blocks have been cre These blocks should be uploaded from ated and exist only on the CPU (online). the CPU to the engineering system be fore downloading. Automatic synchronization is possible: WinCC Advanced V14 System Manual, 10/2016 The blocks in the engineering system are updated prior to loading. The new blocks are added to the engi neering system prior to the download. 371 Editing project data 8.1 Compiling and loading project data Use case Recommendation One or more blocks on the CPU have been deleted. The blocks should also be deleted prior Automatic synchronization is not possi to the download in the engineering sys ble. tem. The blocks deleted on the CPU should be manually deleted in the offline project in the engineering system. One or more blocks on the CPU and in the engineering system are different. These blocks with competing changes must be adapted manually. You decide in this case which changes you are go ing to accept. This is the case when a different user has changed blocks to which you have also made corrections and has already downloaded them to the CPU. If the blocks on the CPU are to be re tained, you should adopt these blocks from the CPU in your engineering sys tem before downloading to the CPU. Synchronization Automatic synchronization is not possi ble: The affected blocks on the CPU or in the engineering system must be adapted manually. One of the existing block ver sions (online or offline) will be overwrit ten in the process. If the blocks that you have changed are to be applied, you can continue with the download without synchronization. There are differences in the hardware configuration on the CPU (online) and in the engineering system (offline). Differences in the hardware configura tion must be adapted manually. You de cide in this case which hardware config uration you are going to accept. Automatic synchronization is not possi ble: If the existing hardware configuration on the CPU is to be retained, you should adopt this in your engineering system prior to downloading. One of the existing hardware configura tions (online or offline) will be overwrit ten. The hardware configuration must be adapted manually. If you want to apply the hardware con figuration you changed, you can contin ue downloading without synchroniza tion. If required, you can use the "Force download to device" command to download blocks without synchronization. See also Downloading project data to a device (Page 372) Downloading project data to a memory card (Page 374) Uploading project data from a device (Page 376) 8.1.2.2 Downloading project data to a device The following section describes the general procedure for downloading project data to a device. You will find details of how certain objects are downloaded and any special points to note in the online help of the product. Requirement The project data is consistent. Each device to which you want to download is accessible via an online access. 372 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.1 Compiling and loading project data Procedure To download the project data to the selected devices, follow these steps: 1. Select one or more devices systems in the project tree. 2. Right-click on a selected element. The shortcut menu opens. 3. Select the option you require in the shortcut menu of the "Download to device" submenu. Note Note that the options available to you depend on the selected device. When necessary, the project data is compiled. - If you had previously established an online connection, the "Load preview" dialog opens. This dialog displays messages and proposes actions necessary for downloading. - If you had not previously established an online connection, the "Extended download to device" dialog opens, and you must first select the interfaces via which you want to establish the online connection to the device. You have the option of showing all compatible devices by selecting the corresponding option and clicking the "Start search" command. See also: AUTOHOTSPOT 4. Check the messages in the "Load preview" dialog, and select the actions in the "Action" column, if necessary. WARNING Preventing personal injury and material damage Performing the proposed actions while the plant is in operation can cause serious bodily injury and property damage in the event of malfunctions or program errors. Make sure that no dangerous situations can arise before you start the actions. As soon as loading becomes possible, the "Load" button is enabled. 5. Click the "Load" button. The loading operation is performed. If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are required for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. The "Load results" dialog then opens. In this dialog, you can check whether or not the loading operation was successful and take any further action that may be necessary. 6. Click the "Finish" button. Result The selected project data was downloaded to the devices. WinCC Advanced V14 System Manual, 10/2016 373 Editing project data 8.1 Compiling and loading project data See also General information on loading (Page 370) Downloading project data to a memory card (Page 374) Uploading project data from a device (Page 376) 8.1.2.3 Downloading project data to a memory card You have the option of loading project data to a memory card. For CPUs of the S7-300/400 series you can also explicitly download the user program to a memory card inserted in the CPU. To download project data to a memory card, you have the following options: Dragging project data to a memory card Writing project data to a memory card Downloading user program to a memory card that is inserted in a CPU of the S7-300/400 series Requirement A memory card is displayed. See also: Accessing memory cards (Page 440) Downloading project data to a memory card To download project data to a memory card, follow these steps: 1. In the project tree, drag the project data you want to download to the memory card. If necessary, the project data is compiled. The "Load preview" dialog then opens. This dialog displays alarms and recommends actions needed for the loading operation. 2. Check the alarms and select the actions in the "Action" column, if necessary. As soon as downloading becomes possible, the "Load" button is enabled. 3. Click the "Load" button. The loading operation is performed. Or: 1. In the project tree, select the project data that you want to download. 2. To do this, right-click the selection and select the "Copy" command from the shortcut menu. You can also use the key combination <Ctrl+C>. 3. Right-click the memory card and select the "Paste" command from the shortcut menu. You can also use the key combination <Ctrl+V>. If necessary, the project data is compiled. The "Load preview" dialog then opens. This dialog displays alarms and recommends actions needed for the loading operation. 374 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.1 Compiling and loading project data 4. Check the alarms and select the actions in the "Action" column, if necessary. As soon as downloading becomes possible, the "Load" button is enabled. 5. Click the "Load" button. The loading operation is performed. Or: 1. In the project tree, select the project data that you want to download. 2. Select the "Card Reader/USB memory > Write to memory card" command in the "Project" menu. The "Select memory card" dialog opens. 3. Select a memory card that is compatible with the CPU. A button with a green check mark is activated at the bottom of the dialog. 4. Click the button with the green check mark. If necessary, the project data is compiled. The "Load preview" dialog then opens. This dialog displays alarms and recommends actions needed for the loading operation. 5. Check the alarms and select the actions in the "Action" column, if necessary. As soon as downloading becomes possible, the "Load" button is enabled. 6. Click the "Load" button. The loading operation is performed. Downloading the user program to a memory card in the CPU (S7-300/400 only) To download the user program to a memory card in a CPU of the S7-300/400 series, follow the steps below: 1. Select a CPU of the S7-300/400 series in the project tree. 2. Select the "Download user program to memory card" command in the "Online" menu. The "Load preview" dialog opens. This dialog displays alarms and recommends actions needed for the loading operation. 3. Check the alarms and select the actions in the "Action" column, if necessary. As soon as downloading becomes possible, the "Load" button is enabled. 4. Click the "Load" button. The loading operation is performed and the "Load results" dialog is displayed. This dialog displays alarms and suggests possible actions. 5. Check the alarms and select the actions in the "Action" column, if necessary. 6. Click the "Finish" button. See also General information on loading (Page 370) Downloading project data to a device (Page 372) Uploading project data from a device (Page 376) WinCC Advanced V14 System Manual, 10/2016 375 Editing project data 8.1 Compiling and loading project data 8.1.2.4 Uploading project data from a device The following section describes the general procedure for uploading project data from a device. Which project data you can upload from a device depends on the products installed. You have the following options for uploading project data from a device to your project: Uploading as a new station With this option you upload existing project data of a device to your project as a new station. Uploading project data of a device With this option you upload project data from the device to an existing CPU in the project. You will find the project data that can be loaded in the online help of the product. In both cases, all instances of library types are connected again with the corresponding version of the type in the project library during uploading. If no suitable type is yet available for an uploaded instance or the correct version of the type does not exist in the project library, the type or the version is added to the project library. You can only upload library types in the state "in test" that are saved on the device to the project, if the released type version on which the test version is based is available in the project library. Requirement A project is open. The hardware configuration and software to be uploaded must be compatible with the TIA Portal. If the data on the device was created with a previous program version or with a different configuration software, please make sure they are compatible. Uploading as a new station To upload the complete device to your project, follow these steps: 1. Select the project name in the project tree. 2. Select "Upload device as new station (hardware and software)" in the "Online" menu. The "Upload device to PG/PC" dialog opens. 3. Select the type of interface you want to use for the uploading operation in the "Type of the PG/PC interface" drop-down list. 4. Select the interface to be used from the "PG/PC interface" drop-down list. 5. Click the "Configure interface" button to the right of the "PG/PC interface" drop-down list to adapt the settings for the selected interface. See also: AUTOHOTSPOT 6. Display all compatible devices by selecting the relevant option and clicking the "Start search" command. In the accessible devices table, select the device from which you want to upload project data. 7. Click on "Load". Depending on the selected device, a dialog appears in which you have to enter additional information, such as the position of the module rack. The project data of the device is uploaded to the project. You can edit it offline and then download it to the device again. 376 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.1 Compiling and loading project data Uploading project data of a device To upload only project data from one device to your project, follow these steps: 1. Establish an online connection to the device from which you want to download the project data. See also: AUTOHOTSPOT 2. Select the device in the project tree. The "Upload from device (software)" command in the "Online" menu is enabled. 3. Select the "Upload from device (software)" command in the "Online" menu. The "Upload preview" dialog box opens. 4. Check the alarms in the "Upload preview" dialog, and select the necessary actions in the "Action" column. As soon as uploading becomes possible, the "Upload from device" button is enabled. 5. Click the "Upload from device" button. The loading operation is performed. Loading of project data from a different project version from a device When the commands "Upload from device (software)" and "Loading the device as new station (hardware and software)" are executed in the "Online" menu, it is checked whether the project data on the device was created with a different version than the opened version of the TIA Portal. If the project data was created with a different project version, the "Upload preview" dialog provides you with information on whether all upload requirements are met. Note the information on the requirements for loading and, if necessary, select a command in the selection menu in the "Action" column. The "Upload from device" button is enabled as soon as the view has been updated and uploading is possible. Special features when using data blocks from other product versions Data blocks that were created with a different product version of the TIA Portal cannot be opened and edited with the current product version. You can find additional information in the section "AUTOHOTSPOT". See also General information on loading (Page 370) Downloading project data to a device (Page 372) Downloading project data to a memory card (Page 374) WinCC Advanced V14 System Manual, 10/2016 377 Editing project data 8.1 Compiling and loading project data 8.1.2.5 Loading project data from a memory card You have the following options for uploading project data from a memory card to your project: Upload project data of the memory card as a new station With this option you upload the project data of a memory card to your project as a new station. Upload project data of the memory card to an existing device With this option you upload project data of a memory card to an existing device in your project. You will find the project data that can be loaded in the online help of the product. In both cases, all instances of library types are connected again with the corresponding version of the type in the project library during loading. If no suitable type is yet available for a loaded instance or the correct version of the type does not exist in the project library, the type or the version is added to the project library. Requirement A project is open. The memory card is displayed. See also: Accessing memory cards (Page 440) The hardware configuration and software to be uploaded must be compatible with the TIA Portal. If the data on the memory card was created with a previous program version or with different configuration software, please make sure they are compatible. Uploading project data as a new station To upload project data from a memory card to your project, follow these steps: 1. In the project tree, select the project data you want to upload. 2. Select "Upload device as new station (hardware and software)" in the "Online" menu. Or: 1. In the project tree, drag the memory card folder to the project. Or: 1. Right-click on the memory card. 2. Select "Copy" in the shortcut menu. 3. Right-click on the project. 4. Select the "Paste" command in the shortcut menu. 378 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Uploading project data to an existing device To upload the project data of a memory card to an existing device, follow these steps: 1. In the project tree, drag the folder of the memory card to a device in the project or copy the memory card and paste the data into a device. The "Upload preview" dialog box opens. 2. Check the alarms in the "Upload preview" dialog, and select the necessary actions in the "Action" column. As soon as uploading becomes possible, the "Upload from device" button is enabled. 3. Click the "Upload from device" button. The loading operation is performed. 8.2 Comparing project data 8.2.1 Basics of project data comparison Function You can compare project data of the same type in order to determine possible differences. In principle, the following comparison methods are available: Online/offline comparison With this comparison method you can compare the software of objects of a device with the objects of a project. This is only possible when you establish an online connection to the device. Offline/offline comparison With this comparison method you can either compare the software or the hardware. When you compare the software, you can compare objects from projects or libraries. The hardware comparison is available for devices from the currently open project or from reference projects. You can decide for the software as well as the hardware comparison whether the comparison should be performed automatically for all objects or whether you want to compare individual objects manually. Detailed comparison For some objects, for example, blocks, you can also perform a detailed comparison in addition to the online/offline and offline/offline comparison. This involves opening the blocks to be compared beside each other and highlighting the differences. A simple online/offline comparison is performed as soon as you establish an online connection. During this process, comparable objects in the project tree are marked with icons that represent the result of the comparison. You can also run a more comprehensive online/offline and offline/ WinCC Advanced V14 System Manual, 10/2016 379 Editing project data 8.2 Comparing project data offline comparison in the compare editor. When you compare software, you can also select actions for non-identical objects in the comparison. Note Not all objects allow all types of comparison. Which comparison method you can use for which project data depends on the products installed. Compile your user program before you start a comparison or detailed comparison. After each change of the program during a comparison, repeat this step before you update the result of the comparison. This ensures that the comparison shows the current status. When monitoring a module, note that a difference of the time stamp can also exist with an online/offline comparison if the block is recompiled with code change. The checksum remains unchanged. In this case download the block to the device and restart the monitoring. Comparison using checksums The online/offline and offline/offline comparison of software objects uses checksums that are generated for certain data of the objects. The objects are only the same if their checksums are identical. Note Time stamps continue to be used for online/offline comparison for CPUs of the S7-300/400 series. The data of an object are divided into the following two categories: Source data Source data are all the data of an object which you can directly influence, such as the name of the object, source code, comments or programming language. The properties that you can edit here may differ depending on the object. Target data All compiler and runtime data are the target data. These data may have no direct influence, since they are produced by the system based on their source data. Once again here, the characteristics differ depending on the object. 380 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data The following table provides an overview of the areas of the property comparison: Category Area Description Source data Safety Checksum for safety objects You can find additional information about the compari son of safety objects in the "Comparing safety programs" section of the online help for SIMATIC Safety. Interface without comments Checksum of all the tags of the block interface of the first layer. Comments of the tags are not part of the check sum. Code without comments Checksum of the source code. Block and network com ments are not included in the checksum. Comments (multilingual) Checksum of all block comments and network comments Language configuration Online/offline comparison: Displays the languages that are loaded to the device during the loading process. Offline/offline comparison: Displays the enabled lan guages in the project. Target data Event Checksum of all event-relevant data of an organization block (OB). Properties Checksum of all configurable properties of an object. Configuration of technology objects Checksum of the technology-specific settings of a tech nology object. Alarm configuration Checksum on all alarm-specific settings of an object. Supervision configuration Checksum of all supervision settings of an object. Compiling and runtime data Checksum of data for compiling and relevant for loading. Time stamp Time stamps for S7-300/400 CPUs that are created by the system for compiling and downloading. Only availa ble when an online connection is available. Note Note that the object determines which checksums are actually used for the comparison. The value settings of technology objects are also transferred to the checksum of the block interface. For know-how protected blocks that were created in an older version, the checksums "Code without comments" and "Comments (multilingual)" are not displayed under "Source data". See also Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Running a detailed comparison (Page 392) Using the compare editor (Page 384) WinCC Advanced V14 System Manual, 10/2016 381 Editing project data 8.2 Comparing project data 8.2.2 Carrying out an online/offline comparison The online/offline comparison lets you compare objects of a device with objects of a project. Requirement The project tree is open. Procedure To perform an online/offline comparison, follow these steps: 1. Select a device in the project tree that allows online/offline comparison. 2. Select the "Compare > Offline/online" command in the shortcut menu. 3. If you have not already established an online connection to this device, the "Go online" dialog opens. In this case, set all the necessary parameters for the connection and click "Connect". The online connection is established and compare editor opens. Result All objects that exist online and offline are displayed. The symbols in the compare editor and in the project tree show you the status of the objects. In the compare editor, you can now define certain actions for the objects, depending on their status. See also Basics of project data comparison (Page 379) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Running a detailed comparison (Page 392) 8.2.3 Carrying out offline/offline comparisons With offline/offline comparison you have the option to compare the project data of two devices. You can carry out a software as well as a hardware comparison. When you compare the software, you can compare objects from projects or libraries. The hardware comparison is available for devices from the currently open project or from reference projects. You can decide whether the comparison should be performed automatically for all objects or whether you want to compare individual objects manually. For a software comparison, the following options are available as well: For objects that are not identical, you can specify actions to eliminate the differences. You can specify the criteria that should be used for the comparison. You can drag any other device to the drop area at any time to perform further comparisons. 382 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Requirement The project tree is open. Performing an offline/offline comparison for software To perform an offline/offline comparison for software, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. All existing objects of the selected devices are displayed depending on the settings of the compare editor in the "Software" tab and an automatic comparison is carried out. You can identify the status of the objects based on the symbols in the compare editor. If needed, specify an action for non-identical objects to eliminate the differences. 4. If needed, define the comparison criteria. 5. Select an object to display the details of the property comparison. 6. If you want to carry out a manual comparison, click on the button for switching between automatic and manual comparison in the status and action area. Then select the objects that you want to compare. The properties comparison is displayed. You can identify the status of the objects based on the symbols. Performing an offline/offline comparison for hardware To perform an offline/offline comparison for hardware, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. 4. Open the "Hardware" tab. 5. If you want to carry out a manual comparison, click on the button for switching between automatic and manual comparison in the status and action area. Then select the objects that you want to compare. The properties comparison is displayed. You can identify the status of the objects based on the symbols. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Using the compare editor (Page 384) Running a detailed comparison (Page 392) WinCC Advanced V14 System Manual, 10/2016 383 Editing project data 8.2 Comparing project data 8.2.4 Using the compare editor 8.2.4.1 Overview of the compare editor Function The compare editor gives an overview of the results of a comparison in a table. The appearance varies slightly depending on whether it is an online/offline comparison or a hardware/software comparison. Layout of the compare editor The following figure shows the layout of the compare editor for an online/offline comparison: 1 2 3 4 5 Compare editor toolbar Left comparison table 384 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Status and action area Right comparison table Property comparison The following figure shows the layout of the compare editor for an offline/offline comparison (software): 1 2 3 2 4 5 6 7 Compare editor toolbar Drop areas Button to toggle between automatic and manual comparison Left comparison table Status and action area Right comparison table Property comparison WinCC Advanced V14 System Manual, 10/2016 385 Editing project data 8.2 Comparing project data The following figure shows the layout of the compare editor for an offline/offline comparison (hardware): 1 2 4 3 2 5 6 7 Compare editor toolbar Drop areas Button to toggle between automatic and manual comparison Left comparison table Status area Right comparison table Property comparison Compare editor toolbar With the toolbar, you can access the following compare editor functions: Show identical and different objects You can show identical objects if you want to view the comparison in full. Show only objects with differences You can hide identical objects to make the comparison easier to follow. Show additional filters available (only online/offline comparison and offline/offline comparison for software) You can define which objects are to be compared. 386 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Display available assignment criteria (only offline/offline comparison for hardware) You can specify the criterion according to which the modules are to be assigned to each other for the comparison. Changing the view You can choose between a hierarchical and a flat view. In the hierarchical view, the devices are shown in their structure; in the flat view, the objects of the devices are listed without structure. Start detail comparison (only online/offline comparison and offline/offline comparison for software) You can start a detailed comparison for objects to show the individual differences. This function is, however, not available for every object. Refresh the view After you have modified objects, you can update the comparison results using this function. Execute actions (only online/offline comparison and offline/offline comparison for software) You can synchronize non-identical objects using specific actions. Set comparison criteria (only online/offline comparison and offline/offline comparison for software) You can specify which criteria are to be used in the comparison. Disabled criteria do not affect the overall result of the comparison. Drop areas In the case of an offline/offline comparison, you can drag the devices you want to compare into the drop areas. In the case of a software comparison, the devices to be compared can originate from the opened project, from reference projects, from the project library or from global libraries. However, note that you can only drop complete libraries into the right drop area. In the case of a hardware comparison, you can compare devices from the opened project or from reference projects. Button to toggle between automatic and manual comparison With an offline/offline comparison, you can switch between automatic and manual comparison. In the case of automatic comparison, the objects to be compared are assigned automatically to each other. In the case of a manual comparison, you can select the objects that are to be compared. Comparison tables Comparison tables show the objects of the devices being compared to one another. The following table shows the meaning of the columns of the comparison table: WinCC Advanced V14 System Manual, 10/2016 Column Description Name Name of the compare object Comment Comment on the compare object Title Title of the compare object Address Address of the compare object Numbering Type of numbering for the comparison object 387 Editing project data 8.2 Comparing project data Column Description Type Type of compare object Language Programming language set for the compare object. Time stamp interface Time of the last modification to the block interface Time stamp code Time of the last modification to the source code Author Name of the author of the compare object Version Version of the compare object Family Name of the object family Load memory Memory usage of the load memory of the compare object Work memory Memory usage of the work memory of the compare object Modified on Time of last modification Optimized block access Indicates whether "Optimized block access" is enabled for a block. Signature Signature of the comparison object (SIMATIC Safety*) Interface signature Signature of the block interface of the comparison object (SIMATIC Safety *) * You can find additional information about the comparison of safety objects in the "Comparing safety programs" section of the online help for SIMATIC Safety. Not all columns are available in every comparison type. For the hardware comparison, for example, the comparison tables contain only the "Name" column. Not all columns are shown in the default setting. However, as in all table editors, you can show or hide the columns as required and sort according to individual columns. Status and action area The status and action area offers the following options: You can view the results of automatic comparison. The results are displayed with symbols. In an online/offline comparison and an offline/offline comparison for software, you can specify actions for non-identical objects. Status and action symbols The following table shows the comparison results symbols for an online/offline comparison: Symbol Description Folder contains objects whose online and offline versions differ Result of comparison is either not known or cannot be displayed for the following reasons: No rights available for access to a protected CPU. The loading process on the CPU was executed with a TIA Portal version earlier than V14. Online and offline versions of the object are identical Online and offline versions of the object are different 388 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Symbol Description Object only exists offline Object only exists online This comparison criterion is disabled and the associated checksum is not incor porated into the comparison result. The following table shows the comparison results symbols for an offline/offline comparison: Symbol Description Reference program Version compared Folder contains objects of which the versions compared differ Results of the offline/offline comparison are not known The versions of the object compared are identical The versions of the object compared differ Object only exists in the reference program Object only exists in the version compared Hardware comparison only: Although the lower-level objects of the container are identical, there are differences between the containers themselves. Such a con tainer may be a rack, for example. Hardware comparison only: The lower-level objects of the container are different. There are also differences between the containers. Such a container may be a rack, for example. This comparison criterion is disabled and the associated checksum is not incor porated into the comparison result. The following table shows the symbols for possible actions in a software comparison: Symbol Description No action Overwrite the object of the compared version with the object from the reference program Overwrite the object of the output program with the object from the compared version Different actions for the compare objects in the folder WinCC Advanced V14 System Manual, 10/2016 389 Editing project data 8.2 Comparing project data Property comparison The property comparison compares the properties of the selected compare objects. The result is displayed with symbols. Only the property comparison is made with a manual comparison so that the status and action area remains empty. With automatic comparison, you can perform the property comparison in addition to the comparison in the comparison tables. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Running a detailed comparison (Page 392) Updating the comparison results (Page 393) Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.2 Show and hide table columns In a software comparison, you can show or hide the columns of comparison tables as required. Procedure To show or hide table columns, follow these steps: 1. Click a column header. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. 5. In order to show or hide multiple columns, click "More" and select or clear the check boxes of the corresponding columns in the "Show/Hide" dialog. Result The columns in both the left and the right comparison table are shown or hidden. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) 390 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Filtering the compare editor view (Page 391) Running a detailed comparison (Page 392) Updating the comparison results (Page 393) Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.3 Filtering the compare editor view You can improve the clarity of the compare editor using the following filters: Hiding identical comparison objects You can hide comparison objects which have identical online/offline or offline/offline versions. Any such comparison objects you have hidden can also be shown again at any time. Selecting displayed objects In an online/offline comparison or an offline/offline comparison for software, you can specify the objects for which the comparison results are to be shown. Requirement The compare editor is open. Hiding identical comparison objects To hide identical objects, follow these steps: 1. Click on the "Show only objects with differences" button in the toolbar. Only the elements that differ online and offline are displayed. Showing identical comparison objects To show identical objects again, follow these steps: 1. Click on the "Show identical and different objects" button in the toolbar. All elements will be displayed. Selecting displayed objects To select the objects for which comparison results should be displayed, follow these steps: 1. Perform an online/offline or an offline/offline comparison for software. 2. Click the arrow of the button "Show additional filters available" in the toolbar. 3. Select the required filter. WinCC Advanced V14 System Manual, 10/2016 391 Editing project data 8.2 Comparing project data See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Running a detailed comparison (Page 392) Updating the comparison results (Page 393) Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.4 Running a detailed comparison Note Not all objects allow a detailed comparison. The project data for which you can perform a detailed comparison depends on the products installed. A detailed comparison of the hardware components is not available for hardware comparison. Procedure Proceed as follows to perform a detailed comparison: 1. First, perform an online/offline or an offline/offline comparison for software. The compare editor opens. Note You can only perform a detailed comparison for objects that are listed in the left as well as the right comparison table. 2. In the compare editor, select the object for which you want to perform a detailed comparison. 3. Click the "Start detailed comparison" button in the toolbar. Result The object and its associated comparison partners are opened in their appropriate editors. The editors are arranged next to each other to provide you with a quick overview of the differences. You can find more information with the description of the respective data type. 392 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Updating the comparison results (Page 393) Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.5 Updating the comparison results As soon as you change an object, the comparison results are no longer valid and must be updated. Note For online/offline comparisons, you should note that changes in the device may result in the system automatically updating the comparison editor if objects in the comparison are affected by the change. This can have the following results: Some of the actions you have defined may become invalid, for example if the device no longer contains the object in question. Objects with such invalid actions will be highlighted so you can define new, valid actions. The selection you made before the automatic update may also be cancelled. Requirement The comparison editor is open. Procedure To update the comparison results, follow these steps: 1. Click the "Refresh view" button in the toolbar. The comparison results are updated. Note Please note that the "Refresh view" button will not be available while the comparison editor is loading or synchronizing content. WinCC Advanced V14 System Manual, 10/2016 393 Editing project data 8.2 Comparing project data See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Running a detailed comparison (Page 392) Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.6 Set comparison criteria You have the option to set to criteria to be taken into account for a comparison. The specified criteria are applied to all objects of a comparison, if they are available for an object. If a criterion for an object is not available, for example, "Code without comments" for data blocks, the comparison result for this checksum is considered to "match". For a criterion that you disabled, you can still view the checksums for the overall comparison result although it is not used. Disabled comparison criteria for the property comparison are indicated by the filter icon. The filter symbol can also be displayed in the upper area of the comparison editor when no checksums should be used in the comparison result based on the selection of comparison criteria. Note With an online/offline comparison, the comparison criteria have no influence on the result of comparison in the project tree. Note that there may be different results in the project tree and comparison editor. Procedure To define the criteria to be taken into account for the comparison, follow these steps: 1. In the toolbar, click on the arrow of the "Display additional comparison criteria" button. 2. Select all the criteria that should be considered for the comparison. 3. Clear all the criteria that should be considered for the comparison. 4. Click the button with the green check mark at the bottom of the drop-down list. 5. Click on the button with the x to close the drop-down list without applying the changes. Result Only the enabled criteria are taken into account for the comparison. 394 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Running a detailed comparison (Page 392) Updating the comparison results (Page 393) Synchronizing non-identical objects (Page 395) Changing the view (Page 397) 8.2.4.7 Synchronizing non-identical objects Specifying actions If you have performed a comparison, you can specify the actions to be performed for nonidentical objects in the compare editor. You cannot select any actions for identical objects. Note that you cannot execute any actions during hardware comparison. In the case of an online/offline comparison, only synchronization actions in one direction are permitted, in order to retain program consistency. Thus, for example, you can load multiple blocks to a device or from a device, but you cannot perform a combination of loading actions in one synchronization action. In this case, the first action you set in the compare editor determines the synchronization direction. For example, if you specify for a block that the offline block is to be loaded to the device, then the other objects can also only be loaded to the device via a synchronization action. To load objects from the device again, first select the "No action" option. You can then specify the action settings again as required. Or, you can perform a new comparison. Note Note the following CPU-specific aspects when defining actions: S7-300/400: You can define actions for the "Program blocks" folder, for folders you have created yourself or for individual blocks. S7-1200/1500: You can define actions for the "Program blocks" folder, for folders you have created yourself or for individual blocks. If you have performed an online/offline comparison and select download to the device as action, a consistent download is executed. If you upload the object from the device to the project, however, you can also upload individual blocks. Requirement The compare editor is open. WinCC Advanced V14 System Manual, 10/2016 395 Editing project data 8.2 Comparing project data Procedure To select an action for a non-identical object, follow these steps: 1. In the status and action area, click in the "Action" column on the cell of the object for which you want to define an action. The cell changes to a drop-down list. 2. Click on the drop-down list. 3. Select the action you want. The action set will be carried out for the object in question the next time synchronization is performed. If you have accidentally changed the action you had selected, you can undo the change before the next synchronization. 4. To restore the previously set action selection, right-click the action in the status and action area that you want to restore. 5. Select the "Restore last selection" command in the shortcut menu. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Updating the comparison results (Page 393) Synchronizing objects (Page 396) Synchronizing objects Synchronization executes the actions you have specified for non-identical objects. Note, however, that in the case of an online/offline comparison you can only perform actions in one direction in one synchronization action. Requirement The compare editor is open. The desired actions have been selected. Procedure To synchronize objects, follow these steps: 1. Click the "Execute actions" button in the toolbar. 396 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.2 Comparing project data Result The actions you specified for the objects are performed. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Updating the comparison results (Page 393) Specifying actions (Page 395) 8.2.4.8 Changing the view You can choose between a hierarchical and a flat view for the left comparison table. In the hierarchical view, the devices are shown in their structure; in the flat view, the objects of the devices are listed without structure. In the right comparison table, the objects are always displayed flat. Setting the hierarchical view To set the hierarchical view, follow these steps: 1. Click the "Display in hierarchical view" button in the toolbar of the compare editor. Setting the flat view To set the flat view, follow these steps: 1. Click the "Display in flat view" button in the toolbar of the compare editor. See also Basics of project data comparison (Page 379) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Overview of the compare editor (Page 384) Show and hide table columns (Page 390) Filtering the compare editor view (Page 391) Running a detailed comparison (Page 392) Updating the comparison results (Page 393) WinCC Advanced V14 System Manual, 10/2016 397 Editing project data 8.3 Protecting project data Set comparison criteria (Page 394) Synchronizing non-identical objects (Page 395) 8.3 Protecting project data 8.3.1 Protection concept for project data Introduction You can protect your project data from unauthorized access. These include, for example: Access protection for devices Copy and display protection of objects Restrictions for printouts of know-how-protected objects For objects with know-how protection, this protection is also retained after the object is pasted into a library. Note that every protection mechanism is not available for all objects. How to protect specific objects is described in the online help of the product. Revoking access rights for devices If you want to execute a function that is password-protected by means of the device protection level, you are prompted to enter a password. When the password is entered correctly, you can execute the required function. The access right is retained on the device until you close the TIA Portal. If you want to reactivate password protection while the TIA Portal is open, you can explicitly revoke the access rights for a device. As a result, certain functions for the protected device cannot be executed until the correct password is entered again. You specify the functions for which a password must be entered when you assign the device protection level. See also Printing project data (Page 416) 8.3.2 Revoking access rights for devices Requirement A protection level has been set for the device. A protected function for the device has been enabled by entering the password. 398 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Procedure To revoke the access rights for the device, follow these steps: 1. Select the device for which you want to revoke access rights in the project tree. 2. Select the "Delete access rights" command in the "Online" menu. Result The access rights are revoked, and starting from now the user will be prompted to enter the password again to execute a password-protected function on the device. The function can only be executed if the correct password is entered. If the device has an online connection, it will be disconnected. See also Protection concept for project data (Page 398) 8.4 Printing project contents 8.4.1 Printing project documentation 8.4.1.1 Documentation settings Introduction Once a project is created, the contents can be printed in an easy-to-read format. You may print the entire project or individual objects within the project. A well-structured printout is helpful when editing the project or performing service work. The printout can also be used for your customer presentations or as full system documentation. You can prepare the project in the form of standardized circuit manuals and print it in a uniform layout. You can limit the scope of the printout. You have the option to print to the entire project, individual objects along with their properties, or a compact overview of the project. In addition, you can print the contents of an open editor. Improving the printout with frames and cover pages You can design the appearance of the printed pages according to your own requirements, for example, to add your own company logo or the corporate design of your company in the project documentation. You can create any number of design variants as frames and cover pages. The frames and cover pages are stored in the project tree under the item "Documentation settings" and are part of the project. You can insert placeholders for data from previously entered document information within the frames and cover pages. These will be filled automatically with the appropriate metadata during printing. WinCC Advanced V14 System Manual, 10/2016 399 Editing project data 8.4 Printing project contents If you want to avoid designing your own template, there are ready-made frames and covers pages available. These include templates complying with the ISO standard for technical documentation. Modular structure of a printout An printout generally consists of the following components: Cover page (only when printing from the project tree) Table of contents (only when printing from the project tree) Name and path of an object within the project tree Object data Printout of the cover page or the table of contents can be deactivated in the "Print" dialog. See also Creating frames (Page 405) Creating a cover page (Page 406) Editing cover pages and frames (Page 407) Entering document information (Page 403) Print function for module labels (Page 418) 8.4.1.2 Printout of project contents Availability of print function The following contents can be printed: An entire project in the project tree One or more project-related objects in the project tree Contents of an editor Tables Libraries Diagnostics view of the Inspector window It is not possible to print in the following areas: Portal view Detailed view Overview window Compare editor All tabs of the Inspector window, except the diagnostics view All task cards, except the libraries 400 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Most of the dialogs Properties and devices of the programming device/PC not related to the project, for example online portals and connected card readers. Scope of printout To be able to print, at least one printable element has to be selected. If a selected object is printed, all subordinate objects are also printed. For example, if a device is selected in the project tree, all of its data is also printed. If you select the entire project in the project tree for printing, all project contents are printed with the exception of the graphical views. These have to be printed separately. Items in the project tree that are not part of the project cannot be printed. For example, this includes online portals and connected card readers and USB memory devices. When table contents are printed, all lines in the table in which a cell is selected are printed. In order to print one or more table columns, the desired columns must be selected. If no individual cells or columns are selected, the entire table is printed. Limitations when printing In general, it is possible to print all objects that can be visualized on the user interface. Conversely, this means that you cannot print objects that you do not have access to. If a printout fails, possible reasons may include the following: A valid license does not exist for displaying an object. There is no device description for an object. A software component needed to display an object is not installed. See also Printing project data (Page 416) 8.4.1.3 Changing the print settings Changing the print settings You can specify general print settings that are retained even after the TIA Portal is closed and re-opened. Some settings are dependent on the products installed. The following settings are possible in every case: Always print table data as pairs of values If this option is selected, tables are not printed in tabular format but rather as a pairs of key and value. WinCC Advanced V14 System Manual, 10/2016 401 Editing project data 8.4 Printing project contents Example: Object name Property 1 Property 2 Object A Value A1 Value A2 Object B Value B1 Value B2 In this case, the printout has the following appearance: Object A Property 1: Value A1 Property 2: Value A2 Object B Property 1: Value B1 Property 2: Value B2 Printing mask editors Always print data in tables All parameters of technology objects are printed in tabular format. Print mask graphics if possible If the utilized editor supports this function, the contents of the editor are not printed as a table but rather as a complete graphic as it appears on the screen. Procedure To change the print settings, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General" group. 3. Select the desired default settings in the "Print settings" area. The changes are applied immediately and are retained for all projects, even after the TIA Portal is closed. See also Overview of the print settings (Page 264) 8.4.1.4 Specifying the print layout Specifying the print layout If you do not want to rely on ready-made print templates, you can specify your own cover page or your own layout for the individual pages. Your designs are saved together with the respective project. 402 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Your designs for the cover page and your templates for the page layout can be found in the project tree under the "Documentation information" group. You will also find metadata on the project there under the entry "Document information". For subsequent print operations, you can customize the appearance of the printout in the "Print" dialog using the saved cover pages and page layout templates and the available metadata. Designing the cover page The cover page can be customized. You can insert a background graphic and provide placeholders for text on the page. The placeholders are automatically filled with data from a documentation information during printing. Cover pages are located in the project tree under the "Documentation information > Cover pages" group. Designing the content page The regular pages of a printout can contain the following elements: Frame with static content, such as a company logo Placeholders for text, such as the name of the project, the page number, and the time the printout was started Several different values for the individual placeholders can be specified in the document information. Other values, such as the project name, are preassigned and are inserted automatically during printing. Footnote The footnote is always output below the content area. Content area You can specify an area where the printed content is to be embedded. The design of the content pages is saved in Frames. The individual frames are located in the project tree under the "Documentation information > Frames" group. 8.4.1.5 Entering document information You can enter metadata in the document information for every project. In addition, a print frame and a cover page are specified in the document information. You can create different information, if required, to enable you to quickly switch between different document information containing different information, frames, cover pages, page sizes, and page orientations when printing. For example, this is useful if you want to generate printouts in different languages and different document information is provided for each language. In the documentation editor, you can specify placeholders on the cover page or in the frame of the regular pages. These placeholders can be automatically replaced with metadata from the documentation information during printing. The various document information are therefore part of the printing function and specify the print layout and print content. WinCC Advanced V14 System Manual, 10/2016 403 Editing project data 8.4 Printing project contents Procedure To add metadata, follow these steps: 1. To create new document information, double-click "Add new document information" under "Documentation information > Document information" in the project tree. The new document information is created and opened immediately. 2. Enter a name for the set in the "Name" field. 3. Fill in the individual fields with the metadata for the project. 8.4.1.6 Managing cover pages and frames Using cover pages and frames Uses for cover pages You can give your plant documentation printouts a professional appearance by adding a cover page. You can design your own cover page or use ready-made cover pages. Ready-made cover pages can be adapted and stored again as a template. Cover pages can be saved in global libraries where they are available for use across projects. Cover pages are designed for use as a right printed page only. Uses of frames You can embed the regular pages of your plant documentation inside a consistently uniform page frame. The frame can contain placeholders for project metadata, which is stored in the document information. It can also contain graphic elements that you design yourself. You can create your own frames or rely on ready-made page frames. You can adapt a readymade page frame and then store it again as a new frame. Like cover pages, frames can be saved in global libraries where they are available for use across projects. Frames are designed for use on right printed pages only. Cover pages and templates in the project tree Cover pages and frames associated with the project are stored in the project tree under the entry "Documentation information". There are separate folders here for frames and cover pages. The following actions are available in the project tree for cover pages and frames. Creating your own subfolders Copying and pasting Inserting cover pages and frames from the "Documentation templates" system library Copying cover pages and templates to a global library 404 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Cover pages and templates in libraries The "Documentation templates" system library contains a few cover pages and templates that are available in every project. The cover pages and templates can be moved from there to the project tree using a drag-and-drop operation. You can then adapt the cover pages and templates in the project tree according to the requirements of your project. Cover pages and templates can be moved from the project tree to a global library. Afterwards, these are available in every project. See also Library basics (Page 455) Overview of the "Libraries" task card (Page 457) Using ready-made frames and cover pages (Page 406) Designing cover pages and frames (Page 407) Creating frames You can create any number of frames for each project. The frames are stored in the project tree below the "Documentation information > Frames" group. You can assign a frame to all document information. When you select document information for printing, its associated frame is used. Procedure To create a new frame, follow these steps: 1. Double-click the entry "Add new frame" below the "Documentation information > Frames" group in the project tree. The "Creating frames" dialog opens. 2. Enter a name for the frame in the "Name" field. 3. Choose the paper size from the "Paper type" drop-down list. 4. Choose whether the page is to be created in portrait or landscape format in the "Orientation" drop-down list. Click the "Add" button. Result A new frame is created. The frame is then opened automatically in the documentation editor where it can be edited. See also Editing cover pages and frames (Page 407) Creating a cover page (Page 406) WinCC Advanced V14 System Manual, 10/2016 405 Editing project data 8.4 Printing project contents Creating a cover page You can create any number of cover pages for the printout for each project. The cover pages are stored in the project tree below the the "Documentation information > Cover pages" group. You can assign a cover page to all document information. When you select specific document information for printing, its associated cover page is used. Procedure To create a new cover page, follow these steps: 1. Double-click the entry "Add new cover page" below the "Documentation information > Cover pages" group in the project tree. The "Add new cover page" dialog box opens. 2. Enter a name for the cover page in the "Name" field. 3. Choose the paper size from the "Paper type" drop-down list. 4. Choose whether the page is to be created in portrait or landscape format in the "Orientation" drop-down list. Click the "Add" button. Result A new cover page is created. The cover page is then opened automatically in the documentation editor where it can be edited. See also Editing cover pages and frames (Page 407) Creating frames (Page 405) Using ready-made frames and cover pages The TIA Portal comes with some ready-made frames and cover pages. These can change according to your wishes. Procedure To create and edit the ready-made frames and cover pages, follow these steps: 1. Open the "Global libraries" pane in the "Libraries" task card. 2. In the "Templates" folder, open the "Cover Pages" or "Frames" folder. 406 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents 3. Drag a cover page or a frame from one of the folders into the project tree and drop it into one of the following folders: - For frames: "Document information > Frames" - For cover pages: "Document information > Cover pages". The ready-made frame or cover page can now be used in the project. 4. Double-click on the new entry in the project tree click to edit the frame or the cover page. See also Using cover pages and frames (Page 404) Editing cover pages and frames (Page 407) 8.4.1.7 Designing cover pages and frames Editing cover pages and frames The documentation editor is a graphical editor which allows you to design frames and cover pages for your plant documentation. You can place images or text elements on the frame and the cover pages in the document editor. The text elements are either static or they are automatically filled during printing with the data from the document information that you have selected in the print dialog. Procedure To edit a cover page or a frame in the documentation editor, follow these steps: 1. In the project tree, double-click on the entry for an existing cover page or frame under the "Documentation information > Frames " or "Documentation information > Cover pages" group. The documentation editor opens. 2. Design the cover page or frame as desired. 3. Close the documentation editor. The changes to the cover page or frame are applied automatically. See also Creating a cover page (Page 406) Creating frames (Page 405) General operation of the documentation editor (Page 408) WinCC Advanced V14 System Manual, 10/2016 407 Editing project data 8.4 Printing project contents General operation of the documentation editor Components of the documentation editor The following figure provides an overview of the components of the documentation editor: 408 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents WinCC Advanced V14 System Manual, 10/2016 Toolbar The toolbar provides the following tools (from left to right): Arrow tool Enables object selection. Navigation tool Allows shifting of the partial page. Zoom-in button Magnifies the page display incrementally. Zoom-out button Reduces the page display incrementally. Zoom with selection Adapts the page size to a selected work area. Dynamic zoom Adapts the page width to the work area. Work area You can design the cover page or frame in the work area. "Toolbox" task card The "Toolbox" task card contains various types of placeholders that you can use on the cover sheet or frame. The placeholders can be placed in the work place using a drag-and-drop operation. Properties in the Inspector window You can display and modify the properties of the currently selected object in the "Properties" tab of the Inspector window. For example, you can modify the properties of the page, format text, specify the position of objects on the page, etc. 409 Editing project data 8.4 Printing project contents Operation in the documentation editor The following basic functions are available in the documentation editor: Drag-and-drop functionality The documentation editor is a graphic editor. which means you can place objects anywhere with the mouse. An image of the page is displayed in the work area. This image corresponds to the ultimate print layout. If you want to select objects on the page in order to move them or modify their properties, the arrow tool must be activated in the toolbar. Zoom function You can use the zoom function to change the size of the page display. You have two options for changing the page size: - Via the buttons in the toolbar Select the "Zoom in" or "Zoom out" magnifying glass button in the toolbar of the documentation editor. Then click on the page in order to magnify (zoom in) or reduce (zoom out) the page incrementally. To zoom in on a particular area, select the "Zoom with selection" tool and use the mouse to drag an outline around the area you want to focus on. To continuously zoom in or zoom out of the work area, use the "Dynamic zoom" tool. To magnify the page display, click anywhere on the work area, and then hold down the mouse button while dragging the mouse toward the top of the page. To reduce the page display, drag the mouse toward the bottom of the page. - Via the zoom bar You can also use the zoom bar (located in the bottom right corner of the work area) to change the display size. Select a percentage value from the drop-down list or enter a percentage value. Alternatively, you control the display size using the slider. Navigation over the page In addition to scrolling, you the option of changing the partial page with the navigation tool. To change the partial page with the navigation tool, select the Hand button in the toolbar. Then, click anywhere on the page and hold the mouse button down while moving the page to the desired position. Using and adapting the positioning aids You have various aids at your disposal to help you position elements on the page: Rulers Rulers are affixed to the page margins in the work area. Page grid A grid is placed underneath the page in the work area. You can display, hide or adapt the positioning aids in the Inspector window under "Properties > Rulers and grid". You can make the following settings: Units: Specify the unit of measurement for the grid and the rulers. Grid steps: Specify the width of the grid. Show grid: Specify whether the grid is to be displayed or hidden. 410 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Snap to grid: Specify whether objects are to be aligned automatically to the grid. If the option is selected, the grid lines function like a "magnet". Show rulers: Specify whether the rulers are to be displayed. See also Editing cover pages and frames (Page 407) Specifying the print area (Page 411) Inserting placeholders for metadata (Page 411) Specifying the print area An area within the frame is provided for the actual printed contents. The project data is then always inserted inside this defined and uniformly consistent area within the frame. You can adjust the size of the print area. Requirement A frame is open in the documentation editor. Procedure To define an area for the printed contents, follow these steps: 1. Click on the slightly darker area within the page display in the documentation editor to select the area for the print content. This opens the properties of the area to be printed in the Inspector window. 2. Enter the position of the print area on the X and Y axes in the Inspector window. 3. Specify the width and height of the print area in cm in the Inspector window. Alternatively, you can change the width and position of the print area in the graphic display of the page. To do so, use the mouse to drag the margins of the print area until the desired size and position are achieved. See also Creating frames (Page 405) General operation of the documentation editor (Page 408) Inserting placeholders for metadata You can provide placeholders on the cover page and in a frame. The placeholders are automatically filled with metadata from documentation information during printing, if they are placeholders for text. Alternatively, you can add non-modifiable data, such as free text or an image. WinCC Advanced V14 System Manual, 10/2016 411 Editing project data 8.4 Printing project contents All elements are arranged in numbered Z-Orders. If objects overlap, you can determine in which sequence these are to be arranged. Types of placeholders The following types of placeholders are available to you: Text field The text field stands as a placeholder for a text element from a document information. In the properties of the text field, you set which text from a document information should be automatically inserted during printing. Field for date and time A date and time are inserted instead of the placeholder when printing. This can be the date of creation or the point in time when the last change was made to the project. In the properties of the Inspector window, you specify which date or time is printed. Page number The correct page number is automatically applied when printing. Free text You can enter freely selectable text in the properties of the text field. The text is static and is not influenced by the document information selected at the time of printing. Image Select the image file in the properties of the placeholder in the Inspector window. Images in the formats BMP, JPEG, PNG, EMF or GIF are possible. Requirement An cover page or frame is open in the documentation editor. Procedure To insert placeholders for metadata on the cover sheet or in a frame, follow these steps: 1. Drag a field from the "Toolbox > Elements" task card to the work area of the documentation editor. The placeholder is inserted. The placeholder properties are shown in the Inspector window and can be edited there. 2. Select the metadata to be inserted during printing from the "Text" drop-down list in the Inspector window under "Properties > General > Text box". Alternatively, you have the option of entering free text or selecting an image depending on the type of placeholder. 3. In the Inspector window under "Properties > General > Position and size", specify the position of the placeholder on the X and Y axis and enter the width and height of the text box in cm. You specify the sequence of the objects in the "Z-Order" field, if these overlap. The smaller the value, the further down an object is located. 4. In the Inspector window, go to "Properties > View" and select the font formatting and the orientation of the text as well as the alignment of the text. You cannot make this setting for images. 412 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents See also General operation of the documentation editor (Page 408) 8.4.1.8 Displaying print preview Creating a print preview Creating a print preview You can create a preview of the printout. Document information can be chosen for this, in the same way as for the actual printout. In this way, you preview the selected frame and, if applicable, the cover sheet. The settings are retained for later printing. Procedure To create a print preview and to set the scope of the later printout, follow these steps: 1. Select the "Print preview" command in the "Project" menu. The "Print preview" dialog opens. 2. Select the frame layout you want to use for the printout. - In the "Document information" drop-down list, select the documentation information you want to use later for the printout. - Select the "Print cover page" check box to print the cover page, which is specified in the selected document information. - Select the "Print table of contents" check box to add a table of contents to the printout. The check boxes for printing the cover page and the table of contents can only be selected if you have started the printout in the project tree. 3. Under "Print objects/area", select what is to be printed. The selection is only possible if you have started the printout from an editor that supports this function. - Select "All" to print out the entire content of the editor. - Choose "Selection" to print only the objects currently selected in the editor. WinCC Advanced V14 System Manual, 10/2016 413 Editing project data 8.4 Printing project contents 4. Select the print scope under "Properties". - Select "All" to print all configuration data of the selected objects. - Select "Visible" to print the information of an editor that is currently visible on the screen. This option can only be chosen if you have started the printout from an editor that supports this function. - Select "Compact" to print out an abbreviated version of the project data. 5. Click "Preview" to generate the preview. A print preview is created in the work area. Note Wait time for extensive documents It can take several minutes to generate the print preview in the case of very extensive projects. You can continue working normally in the meantime on systems with adequate resources. The progress of the print preview is shown in the status bar. See also Operation within the print preview (Page 415) 414 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Operation within the print preview Functions within the print preview The print preview shows an exact image of the subsequent printout. You can use the buttons in the toolbar to modify the print preview display. The following functions are available (from left to right): Navigation mode Allows shifting of the partial page. To change the partial page with the navigation tool, select the arrow button in the toolbar. Then, click anywhere on the page and hold the mouse button down while moving the page to the desired position. Zoom function - "Zoom in" and "Zoom out" Magnifies or reduces the page display. To zoom in or zoom out the display incrementally, select the corresponding button. Then click on the page in order to magnify (zoom in) or reduce (zoom out) the page incrementally. To zoom in on a particular area, enable the "Zoom with selection" icon and use the mouse to drag an outline around the area you want to focus on. To zoom dynamically through the page, select the button "Zoom in / zoom out dynamically". With pressed mouse button, scroll down over the page to zoom in. Scroll up to zoom out. - Percentage value in the drop-down list Specifies the display size of the page in percent. Enter a percentage value or select a percentage value from the drop-down list. Alternatively, choose the "Fit to page" option from the drop-down list to adapt the page size to the work area. Or, choose "Fit to width" to adapt the page width to the work area. "Forward" and "Backward" Each change in the partial page, the page count, or the display size is saved in a history in the background. You can use the "Forward" or "Backward" button to return to the previous view or the next view. Page navigation - "First page" Jumps to the first page - "Previous page" Goes to the previous page. - "Page number" input field Shows the current page. To jump directly to a page, enter the page number of the page you want to view. - "Next page" Goes to the next page. - "Last page" Jumps to the last page. WinCC Advanced V14 System Manual, 10/2016 415 Editing project data 8.4 Printing project contents See also Creating a print preview (Page 413) 8.4.1.9 Printing project data You have two options for printing out project data: Print immediately using default settings by means of the "Print" button in the toolbar. The button is only active if a printable object is selected. Printout with additional setting options with the "Project > Print" menu command. For example, you can choose a different printer or specific documentation information or you can specify whether a cover page and table of contents are to be printed. In addition, you can specify the print scope or display a print preview prior to printing. Requirement At least one printer is configured. The objects to be printed are not protected. The print scope for protected objects is limited. Disable the know-how protection to print the objects in full. Printing project data To print out data from the current project or the entire project with additional setting options, follow these steps: 1. Select the entire project in the project tree in order to print out the entire project. To print only individual elements within a project, select them in the project tree. 2. Select the "Print" command in the "Project" menu. The "Print" dialog opens. 3. Select the printer in the "Name" box. 4. Click "Advanced" to modify the Windows printer settings. 5. Select the frame layout you want to use for the printout. - Select the documentation information in the "Document information" drop-down list. The frame stored in the document information is used for the printout. All placeholders within the chosen frame are filled with the metadata from the selected document information. - Select the "Print cover page" check box to print the cover page, which is stored in the selected document information. - Select the "Print table of contents" check box to add a table of contents to the printout. The check boxes for printing the cover page and the table of contents can only be selected if you have started the printout in the project tree. 416 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents 6. Under "Print objects/area", select what is to be printed. The selection is only possible if you have started the printout from an editor that supports this function. - Select "All" to print out the entire content of the editor. - Select "Selection" to print only the objects currently selected in the editor. 7. Select the print scope under "Properties". - Select "All" to print all configuration data of the selected objects. - Select "Visible" to print the information of an editor that is currently visible on the screen. This option can only be chosen if you have started the printout from an editor. - Select "Compact" to print out an abbreviated version of the project data. 8. Click "Preview" to generate a print preview in advance. A print preview is created in the work area. 9. Click "Print" to start the printout. Note Scope of the "Print" dialog The options available in the "Print" dialog vary depending on the elements to be printed. Result The project data is prepared in the background for printing and then printed on the selected printer. The status bar shows the progress of the print operation. You can continue working normally while data is being prepared for printing. The print results and any errors or warnings are listed in the Inspector window under "Info" at the conclusion of the print job. Canceling a print job To cancel an active print job, follow these steps: 1. Click the blue cross in the status bar next to the progress display for the printout. The printout is aborted. See also Protection concept for project data (Page 398) Revoking access rights for devices (Page 398) Printout of project contents (Page 400) Designing cover pages and frames (Page 407) WinCC Advanced V14 System Manual, 10/2016 417 Editing project data 8.4 Printing project contents 8.4.2 Printing module labels 8.4.2.1 Print function for module labels Printing of module labeling strips for hardware modules You can print labeling strips for the modules in your project with the help of the TIA Portal. The labeling strips are custom-fit to each module and can contain the following printed information: Symbolic name of the input or output Absolute address of the input or output Symbolic name and additionally the absolute address of the input or output. The order of the information can be specified. The modules are displayed graphically in the device view. If you set the zoom level in the device view to at least 200%, the labels for the individual modules will be visible. The printout on the labeling strip corresponds to the representation of the labeling in the device view. The following figure shows an example of two modules in the device view on which the labeling of the inputs and outputs is visible: Export and further editing as Microsoft Word file The labeling strips are first exported as a Microsoft Word file (.docx) before they are printed. The file can be further edited with commonly available word processing programs such as Microsoft Word. The individual labeling strips are represented as a table in the .docx file. The character spacing of the text within the table is adapted by default, so that texts are not truncated. If you want to prevent this from stretching or compressing the text too much, change the character spacing of the text in the table cell properties. 418 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Printing the labeling data to an XML file As an alternative to printing the labeling strips, you can output the addresses of the inputs and outputs of a module to an XML file. You can use the export to an XML file for devices for which no ready-made labeling strips are available. You can also use the export to an XML file to create labeling strips with another program. The program must be able to transform the data of the XML file into an input format that is suitable for the labeling system. The schema of the XML file is available in the section "XML schema of the export file (Page 422)". Print media You can print the labeling strips either on ready-made print sheets or on standard DIN A4 paper. You can separate the individual labeling strips from the ready-made print sheets and insert them in the designated labeling areas of your modules. If you print on standard paper, the individual labeling strips must be cut out. Cut marks are automatically included on the printout and serve as aids. Because the paper feeds of printers differ slightly, the printout may be slightly offset on the paper. When the labeling strips are printed on ready-made sheets, printing that is accurate to the millimeter is important. Otherwise, the text will not be fit exactly inside the stamped area. In addition, if the printing is imprecise, the labeling of an input or output may no longer be congruent with the channel status displays of the module. To ensure precise printing, you can enter an offset value for your printer in the TIA Portal. For information on how to determine the proper offset value for your printer, refer to Chapter "Determining the print area offset (Page 425)". See also Exporting labeling data as XML (Page 421) XML schema of the export file (Page 422) Printing labels (Page 419) Determining the print area offset (Page 425) Documentation settings (Page 399) 8.4.2.2 Printing labels You can print labeling strips for the modules in your project if provision has been made for attaching labels to the utilized modules. The labels are first exported to a Microsoft Word file (.docx). A separate .docx file is created for each module family (for example, for all selected S7-1500 modules). The labels are always printed from the word processing program. WinCC Advanced V14 System Manual, 10/2016 419 Editing project data 8.4 Printing project contents Requirement The following requirements apply to printing of labeling strips: The chosen modules must support the printing of labels. Otherwise, the data can only be output to an XML file. A word processing program that supports Microsoft Word DOCX files must be installed, e.g., Microsoft Word 2010 or later. You need the ready-made labels for your modules or commercially available DIN A4 paper. Procedure To print labeling strips for hardware modules, follow these steps: 1. In the project tree, select the modules for which you want to print labeling strips. - You can select one or more stations in order to print out labeling strips for all modules plugged into these stations. - Alternatively, select the desired modules below the stations in the "Local modules" folder. 2. Right-click one of the devices, and select the "Export labeling strips" command from the shortcut menu. The "Export labeling strips" dialog opens. 3. In the "Content of the labeling strip" area, select the data to be printed on the labeling strip: - Select "Symbolic name" in order to print the symbolic name of the input or output (corresponds to the contents of the "Name" column in the IO tag table). - Select "Absolute address" in order to print the absolute address of the input or output (corresponds to the contents of the "Address" column in the IO tag table). - Select "Absolute and symbolic address" or "Symbolic and absolute address" in order to print both addresses. Printing takes place according to the specified order. 4. In the "Export format" area, define how the labeling data will be output. - Select "Print on SIEMENS labeling sheet" if you are printing on a ready-made label sheet for your modules. - Select "Print on plain DIN A4 page" if you are printing on standard DIN A4 paper. 5. Select correction values for your printer in the "Offset print area", if required. The correction values are used for correct alignment of the print area. Correction values are only necessary if you are printing on ready-made labeling strips. - Enter a correction value, in millimeters, in the "Vertical offset" field. A negative value shifts the print area upward. A positive value shifts the print area downward. - Enter a correction value, in millimeters, in the "Horizontal offset" field. A negative value shifts the print area to the left. A positive value shifts the print area to the right. 6. In the "Path" field, select the path where the exported files will be stored. 7. Click the "Export" button to start the export. The export files are created. 8. Open the DOCX files with a conventional word processing program, such as Microsoft Word, and change the design of the labeling strips if necessary. 420 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents 9. Print out the labeling strips from your word processing program. Use the paper that you specified in the Export dialog for this. 10.If you are using ready-made sheets, separate the labeling strips at the stamped lines provided for that purpose. When standard DIN A4 paper is used, you must cut out the labeling strips. See also Determining the print area offset (Page 425) Exporting labeling data as XML (Page 421) 8.4.2.3 Exporting labeling data as XML The TIA Portal supports a large number of different modules and can be continually expanded using Hardware Support Packages, for example. Ready-made labeling strips are not available for every supported module. However, you can still use the TIA Portal to label inputs and outputs of modules that are not supported. First, you export the absolute and symbolic addresses of the inputs and outputs to a standardized XML file. Then, you import the XML file to an external program for printing the labels. In this program, you prepare the data to suit your modules and print out the labels. Procedure To export labeling data for hardware modules as XML, follow these steps: 1. In the project tree or network view, select the modules for which you need labeling strips. - You can select one or more stations in order to export the input and output addresses of all modules plugged into these stations. - Alternatively, select the desired modules below the stations in the "Local modules" folder. 2. Right-click one of the devices and select the "Export module labeling strips" command from the shortcut menu. The "Export labeling strips" dialog opens. 3. In the "Export format" area, select the "Export to XML file" option. 4. In the "Path" field, select the path where the XML file will be stored. 5. Click the "Export" button to start the export to an XML file. The XML file is created with the name "<Project name>_IO_Channels.xml". See also XML schema of the export file (Page 422) Print function for module labels (Page 418) Printing labels (Page 419) WinCC Advanced V14 System Manual, 10/2016 421 Editing project data 8.4 Printing project contents 8.4.2.4 XML schema of the export file XML schema of an export file The XML file for module labeling strips is structured according to the following schema: <?xml version="1.0" encoding="utf-8"?> <xs:schema targetNamespace="http://tempuri.org/XMLSchema.xsd" elementFormDefault="qualified" xmlns:mstns="http://tempuri.org/ XMLSchema.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="Stations"> <xs:complexType> <xs:sequence> <xs:element name="Station" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="Rack" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="Module" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="IOChannel" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="Address" type="xs:string"></ xs:element> <xs:element name ="Tag" type="xs:string"></xs:element> </xs:sequence> <xs:attribute name="Number" type="xs:int"></xs:attribute> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Name"></xs:attribute> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Name" type="xs:string"></xs:attribute> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Name" type="xs:string"></xs:attribute> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> 422 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents Example of an XML file The following example shows an XML file that contains the labeling data for an S7-1500 CPU with a digital input module and an analog input module: <?xml version="1.0" encoding="UTF-8"?> <Stations> <!-- The CPU is specified first --> <Station Name="S71500/ET200MP-Station_1"> <Rack Name="Rack_0"> <!-- Name of the rack --> <Module Name="Sample S7-1500" /> <!-- Name of the CPU --> <Module Name="DI 16x24VDC BA_1"> <!-- Name of the digital input module --> <!-- The individual channels of the digital input module are specified --> <IOChannel Number="0"> <Address>%I0.0</Address> <Tag>Input Value 1</Tag> <!-- Symbolic address of input 0 --> </IOChannel> <IOChannel Number="1"> <Address>%I0.1</Address> <Tag>Input Value 2</Tag> </IOChannel> <IOChannel Number="2"> <Address>%I0.2</Address> <Tag>Input Value 3</Tag> </IOChannel> <!-- All other channels follow --> </Module> <Module Name="AI 4xU/I/RTD/TC ST_1"> <!-- Name of the analog input module --> <!-- The individual channels of the analog input module are specified --> <IOChannel Number="0"> <Address>%IW2</Address> <Tag> <!-- Symbolic addresses are not specified for the analog input module. --> </Tag> </IOChannel> <IOChannel Number="1"> <Address>%IW4</Address> <Tag> </Tag> </IOChannel> <IOChannel Number="2"> <Address>%IW6</Address> <Tag> </Tag> </IOChannel> <IOChannel Number="3"> <Address>%IW8</Address> <Tag> </Tag> WinCC Advanced V14 System Manual, 10/2016 423 Editing project data 8.4 Printing project contents </IOChannel> </Module> <Module Name="Sample S7-1500" /> <Module Name="DI 16x24VDC BA_1"> <IOChannel Number="0"> <Address>%I0.0</Address> <Tag>Input Value 1</Tag> </IOChannel> <IOChannel Number="1"> <Address>%I0.1</Address> <Tag>Input Value 2</Tag> </IOChannel> <IOChannel Number="2"> <Address>%I0.2</Address> <Tag>Input Value 3</Tag> </IOChannel> <!-- All other channels follow --> </Module> <Module Name="AI 4xU/I/RTD/TC ST_1"> <IOChannel Number="0"> <Address>%IW2</Address> <Tag> </Tag> </IOChannel> <IOChannel Number="1"> <Address>%IW4</Address> <Tag> </Tag> </IOChannel> <IOChannel Number="2"> <Address>%IW6</Address> <Tag> </Tag> </IOChannel> <IOChannel Number="3"> <Address>%IW8</Address> <Tag> </Tag> </IOChannel> </Module> </Rack> </Station> </Stations> See also Exporting labeling data as XML (Page 421) 424 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.4 Printing project contents 8.4.2.5 Determining the print area offset If you are using a ready-made label sheet, the printing on it must be applied precisely so that the text is properly oriented on the prestamped labels and will have the proper fit relative to the channel status displays of the module. However, the paper feeds vary slightly from one printer to another. For this reason, you must enter a suitable correction value for your printer in the TIA Portal, if necessary. The print area is then shifted in the exported .docx file in such a way that the printing fits precisely on the ready-made label sheet. The settings for shifting the print area are stored for the specific Windows user. If you log on to Windows using a different user name, you have to enter the correction values again. The procedure for determining the correction value for your printer is described below. Requirement You require a ready-made label sheet. You must have access to the actual printer that you will use subsequently for the printout. The printer must be made ready for printing on standard DIN A4 paper. Procedure To determine the correction value for your printer, follow these steps: 1. Print out a label sheet on standard DIN A4 paper, as described in Chapter "Printing labels (Page 419)". 2. Compare the printout on the DIN A4 paper with the ready-made label sheet. 3. If the print area is offset, you must use correction values. - Using a ruler, measure the horizontal offset relative to the ready-made label sheet. This will be entered later in the "Horizontal offset" field of the Export dialog box for the printing. If the print area is offset to the right, a negative correction value must be entered. If the print area is offset to the left , a positive correction value must be entered. - Using a ruler, measure the vertical offset relative to the ready-made label sheet. This will be entered later in the "Vertical offset" field of the Export dialog box for the printing. If the print area is offset downward, a negative correction value must be entered. If the print area is offset upward, a positive correction value must be entered. WinCC Advanced V14 System Manual, 10/2016 425 Editing project data 8.5 Working with multi-language projects 8.5 Working with multi-language projects 8.5.1 Project text basics Texts in different languages in the project When you enter texts while working on a project, you would normally do this in your own language. If you then pass on the project to someone else who does not know this language, this person will require a translation of the relevant texts to a language they know. This is why all texts can be translated. In this way, you can ensure that anyone who is subsequently confronted with the texts sees the texts in his/her language of choice. Project language Project languages are all languages in which a project will later be used. Based on the editing language, all the texts can be translated to the various project languages. You specify the languages that will be available in the project tree under "Languages & Resources > Project languages". Editing language Every project has an editing language. When you enter texts, these are always created in the editing language. You should therefore make sure that the editing language set is the language in which you enter the texts. This avoids problems if you translate the texts later. The editing language does not depend on the language of the user interface. You could, for example, set English as the user interface language, but use Italian as the editing language. If you enter texts, these will be created in the project language "Italian" in this case, although the user interface of the TIA Portal is displayed in English. You set the editing language in the project tree under "Languages & Resources > Project languages > Editing language". Reference language The reference language is used as a template for translation. The text is displayed in the reference language for each text box in the "Tasks > Languages and resources" task card. You therefore know which text that belongs in a text box, even when no text is entered in the currently selected editing language. User texts and system texts For clarification purposes, a distinction is made between user texts and system texts: User texts are texts that the user created. System texts are texts that are created automatically according to the configuration in the project. 426 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.5 Working with multi-language projects You manage the project texts in the project tree under "Languages & Resources > Project texts". Examples of multilingual project texts You can, for example, manage the following project texts in more than one language: Block titles and block comments Network titles and network comments Comments in tables Alarm texts Operator-relevant texts Text lists Labels of buttons Display names of recipes Translating texts The following procedures are available to translate texts. Translate all texts used in the project in tabular form You can enter the translations for the individual project languages directly in the "Project texts" table. You can find the table in the project tree under "Languages & Resources > Project texts". Specify text assigned to individual objects in the Inspector window In the Inspector window, you can translate the texts that are assigned to the currently selected objects. Columns are displayed in a table for all available project languages. You can enter the translations for each text in the columns. Translating texts using reference texts You can change the editing language for shorter texts. All the text cells are filled again with the default values and can be filled in the current language. As orientation, you can display what you last entered in the box in the reference language. To do this, select the "Tasks" task card and open the "Languages & resources". Exporting texts and translating them externally With larger volumes of text, you can export the texts to an Office Open XML file and translate them in a conventional table calculation program. You then import the translated list again into the TIA Portal. Note Using East Asian project languages You need Microsoft Windows at least in the Professional version or higher to display East Asian project languages. Microsoft Windows in the Professional version must be installed in the local language. With the "Ultimate" or "Enterprise" versions, it is sufficient to install the appropriate language pack. WinCC Advanced V14 System Manual, 10/2016 427 Editing project data 8.5 Working with multi-language projects See also Overview of the program settings (Page 261) Changing the settings (Page 265) Application examples for multilanguage projects (Page 434) 8.5.2 Categories of user texts Overview of text categories Below you will find an overview of the categories of user texts that you can select for export. Text categories Usage Formatted alarm text HMI scree Text that appears in an HMI screen HMI comments Text that appears in a comment in Runtime HMI Runtime Category for text lists Multilingual text category Alarm class text Alarm text Text that appears in a message display SiVArc configuration Other text categories 8.5.3 Select project languages All the texts can be displayed within a project in the same language that you selected for your software user interface. This means that all project texts must exist in the corresponding language. You can select the available project languages yourself. Procedure To select the project languages, follow these steps: 1. Click on the arrow symbol to the left of "Languages & Resources" in the project tree. The elements below this are displayed. 2. Double-click on "Project languages". In the work area, you will see a list of languages that you can select. 3. Select the required languages. Result All texts can be displayed in the activated languages if there is already a translation for these languages. 428 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.5 Working with multi-language projects 8.5.4 Setting the editing language All the texts in the project are created in the editing language when they are entered. If you change the editing language, all future text input will be stored in the new editing language. Procedure To change the editing language, follow these steps: 1. Click on the arrow symbol to the left of "Languages & Resources" in the project tree. The lower-level elements are displayed. 2. Double-click on "Project languages". The possible settings for the project languages are displayed in the work area. 3. Select the editing language in "General > Editing language". 8.5.5 Translating all project texts in tabular form You can display and edit all project text used in the currently open project in a list. User and system texts are separated into two different lists for clarity. Both lists contain a column for each project language. Enter the translations of the texts in the respective columns. Requirement You have selected at least one further project language. Procedure To translate text in the project-wide list, follow these steps: 1. Click on the arrow symbol to the left of "Languages & Resources" in the project tree. The elements below this are displayed. 2. Double-click "Project texts". A list with the user texts in the project is displayed in the work area. 3. Click on "System texts" if you you want to edit the list of system texts rather than the user texts. 4. You can improve the clarity of the lists if you have a lot of texts. - To group identical texts and to translate them all at once, click the "Switch on/off grouping" button in the toolbar. - To hide texts that do not have a translation, click the "Filter for empty texts on/off" button in the toolbar. - To further limit the displayed project texts to certain devices, select the devices for which you want to display project texts in the drop-down list. 5. Enter the translation of the project texts in the relevant column. WinCC Advanced V14 System Manual, 10/2016 429 Editing project data 8.5 Working with multi-language projects 8.5.6 Translating project texts If you want to edit the text of individual objects, it would be too difficult to locate the matching text in the table with all project texts. For this reason, there is a table in the Inspector window in which only the texts assigned to the currently selected objects are displayed. In the table, you can add missing translations for individual project languages or change existing texts. Requirement Enter a text in at least one project language for the texts to be translated. Procedure To edit the text of the currently selected object, follow these steps: 1. Select the object whose text you want to edit. 2. Open the "Properties" tab in the Inspector window. 3. Open the lower-level "Texts" tab in the inspector window. A table with all the texts that belong to the selected objects is displayed. The table contains one column for the currently selected editing language and the reference language, as well as additional columns for the other project languages. 4. Add or change the entries in the table for each project language. See also Application examples for multilanguage projects (Page 434) 8.5.7 Translating project texts using reference texts Introduction After changing the editing language, all texts are shown in input boxes in the new editing language. If there is not yet a translation available for the newly set language, the input boxes are empty or filled with default values. If you enter text in an input box, this is saved in the current editing language. Following this, the texts exist in two project languages for this input field, in the previous editing language and in the current editing language. This makes it possible to create texts in several project languages. 430 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.5 Working with multi-language projects You can display existing translations for an input box in other project languages. These serve as a comparison for text input in the current editing language and they are known as the reference language. Note The display of reference texts depends on the installed products and is not supported by every editor. Requirement There is at least one translation into a different project language for an input field. Procedure To display the translation of an input cell in a reference language, follow these steps: 1. In the "Tasks" task card, select the "Languages & Resources" pane. 2. Select a reference language from the "Reference language" drop-down list. Result The reference language is preset. If you click in a text box, translations that already exist in other project languages are shown in the "Tasks > Languages & Resources" task card. 8.5.8 Exporting project texts You can export project texts for translation and then reimport them. The texts are exported to an Office Open XML file with the extension ".xlsx". This can be edited in Microsoft Excel or a number of other spreadsheet programs. The following export options are available: Exporting individual project texts You can select individual texts in the project texts editor and then export the selected texts. Exporting project texts of a device When you have selected a device, the "Properties > Texts" tab of the Inspector window includes all texts that are part of the respective device. Here you can export all texts that are part of the respective device. Exporting all user texts or system texts at once You can either export all texts in the project or further limit the export by categories. WinCC Advanced V14 System Manual, 10/2016 431 Editing project data 8.5 Working with multi-language projects Note Row limit in Microsoft Excel Note that spreadsheet programs may be able to process only a certain number of rows. Microsoft Excel 2003 supports a maximum of 65536 rows, for example. Later versions of Microsoft Excel support significantly more rows. Exporting individual project texts To export individual project texts, follow these steps: 1. Open the "Languages & Resources" folder in the project tree. The lower-level elements are displayed. 2. Double-click "Project texts". The project texts editor opens. 3. Choose the "User texts" or "System texts" tab in the editor, depending on which texts you want to export. 4. Select the project texts you want to export. 5. Click "Export project texts" on the editor toolbar. The "Export" dialog box opens. 6. Select the language you want to translate from in the "Source language" drop-down list. 7. Select the language you want to translate to in the "Target language" drop-down list. The drop-down list contains the project languages you specified previously. If the required language is missing, you must first specify it in the project languages editor. 8. Specify a file path and a file name for the export file in the "Select file for export" input box. 9. Click "Export". Exporting project texts of a device 1. To export all project texts that are part of a specific device, follow these steps: 2. Select the device and open the device properties in the Inspector window. 3. Open the "Texts" tab in the Inspector window. 4. On the toolbar, click the "Export project texts" icon. The "Export" dialog box opens. 5. Select the language you want to translate from in the "Source language" drop-down list. 6. Select the language you want to translate to in the "Target language" drop-down list. The drop-down list contains the project languages you specified previously. If the required language is missing, you must first specify it in the project languages editor. 7. Specify a file path and a file name for the export file in the "Select file for export" input box. 8. Click "Export". 432 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.5 Working with multi-language projects Exporting all system or user texts To export all project texts, follow these steps: 1. Select the "Export project texts" command in the "Tools" menu. The "Export" dialog box opens. 2. Select the language you want to translate from in the "Source language" drop-down list. 3. Select the language you want to translate to in the "Target language" drop-down list. The drop-down list contains the project languages you specified previously. If the required language is missing, you must first specify it in the project languages editor. 4. In "Select content", select the check box "User texts" to export user texts. To export system texts, select "System texts". To export both user texts and system texts, select both check boxes. 5. In "Select content", select the required text categories for the user texts or the system texts. 6. In the "Export file" input field, specify a file name for the export file. 7. In the "Path" input field, select a path in the data system to which the export file is to be saved. 8. Click "Export". See also Application examples for multilanguage projects (Page 434) Importing project texts (Page 433) 8.5.9 Importing project texts After external compilation in a table calculation program, you import the project texts into the TIA Portal. You can import the project texts at the following locations: The "Tools" menu In the toolbar of the project texts editor In the properties of a device When you have selected a device, the "Properties > Texts" tab of the Inspector window includes all texts that are part of the respective device. You can also import the texts of the device at this location. WinCC Advanced V14 System Manual, 10/2016 433 Editing project data 8.5 Working with multi-language projects Importing project texts To import a file containing project texts, follow these steps: 1. Select the "Import project texts" command in the "Tools" menu. Alternatives: - Click the "Import project texts" icon in the toolbar of the project texts editor. - Select a device and open its properties in the Inspector window. Open the "Texts" tab and click the "Import project texts" icon in the toolbar. 2. The "Import" dialog box opens. 3. Select the path and the file name of the import file from the "Select file for import" field. 4. Select the "Import source language" check box if you have made changes to the source language in the export file and you want to overwrite the entries in the project with the changes. 5. Click "Import". See also Exporting project texts (Page 431) 8.5.10 Application examples for multilanguage projects Let us assume you are working in a team with colleagues some of whom speak English, some French and some German. You have created a project with the TIA Portal and have already created a functioning configuration. To allow your other colleagues to be able to keep track of the project, you would like all devices being used to have comments in English and German. First, you would like to enter the comments in German. Following this, to save time and costs, you want to have the texts translated into English in a spreadsheet program by an external translation office. In addition to this, you also want a single comment for a particular device in French so that your French-speaking colleague can continue working on this device. The section below describes an example of how you can achieve this with the tools of the TIA Portal. Translating the project into English To enter the comments in German and to have them translated into English later, follow these steps: 1. Set the editing language to "German" and fill all the comment boxes with the relevant texts in German. On the device selected from the French-speaking colleague, enter, for example "Unser neues Gerat" in German first. All the comments are now stored in German. 2. Export all user texts to an Office Open XML file with the extension ".xlsx". 434 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.6 Working with text lists 3. Have the user texts contained in the file translated into English in a spreadsheet program such as Microsoft Excel. 4. Import the file into the TIA Portal after it has been translated. All texts are now available in German and English. Translating a single comment field to French To translate an individual comment field to French, follow these steps: 1. Open the comment box for the device on which the French-speaking colleague will be working. 2. Open the "Languages & resources" pane in the "Tasks" task card. 3. Set "French" as the editing language in the "Languages & Resources" pane. As the reference language, set, for example, "English". Since no translation has yet been installed in French, the comment box is empty. In the "Languages & Resources" pane, the English translation "Our new device" is displayed as a reference. 4. Orientating yourself on the English reference text enter "Notre nouvel appareil" in the comment box. The comment for this device is now available in the languages German, English and French. See also Project text basics (Page 426) Exporting project texts (Page 431) Translating project texts (Page 430) 8.6 Working with text lists 8.6.1 Text lists Introduction You can centrally manage texts to be referenced in alarms. All the texts are stored in text lists. Each text list has a unique name with which you can call up its content. A range of values is assigned to each text in a text list. If a value from a range of values occurs, the corresponding text is called up. WinCC Advanced V14 System Manual, 10/2016 435 Editing project data 8.6 Working with text lists All the texts can be translated to all project languages. Here, you have two options available: You can enter the translation of the texts in a list. You will find the list in the project tree under "Languages & Resources > Project texts". You can export all texts to a file in Office Open XML format and enter the translation in a spreadsheet program. The translations can then be imported again. Only export the data to areas that are protected with appropriate access mechanisms. Only import files that originate from trusted sources. The texts are translated into the other project languages within the framework of the project texts. In the text lists editor, you only have to manage the assignment of individual texts to a text list. Each device in a project can have its own text lists. Device-specific text lists relate to only one device in the project and are therefore only valid for this device. For this reason, they are arranged under a device in the project tree. Device-specific text lists can be user-defined or created by the system. Text lists editor The text lists editor is divided into a bottom and top area. The top area displays the individual text lists. As soon as you select a text list, the included texts and the associated value ranges are displayed in the lower area. You can sort the table columns in the text lists editor in ascending and descending order by clicking the table header of the respective column. User-defined and system-defined text lists There are two types of text lists: User-defined text lists You can create user-defined text lists yourself and fill them with texts; in other words, you can specify value ranges and the corresponding texts yourself. With user-defined text lists, the name of the text list begins with "USER" as default. You can change this name to any suitable name. System-defined text lists System-defined text lists are created by the system. These always involve texts relating to devices. They are automatically created as soon as you insert a device in the project. With system alarms, the name of the text list begins with "SYSTEM". The name of the text list and the ranges of values it contains cannot be modified. You can only edit texts assigned to individual value ranges. 436 User-defined text lists System-defined text lists You can create new text lists and delete existing text lists. You cannot create new text lists or delete text lists. You can add and delete value ranges in the text lists. You cannot add or delete value ranges in the text lists. You can specify both the value ranges as well as the associated texts. You can only edit the text associated with one val ue range. WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.6 Working with text lists See also Exporting project texts (Page 431) 8.6.2 Creating user-defined text lists You can create user-defined text lists for individual devices. Requirement You are in the project view. A project is open. The project includes a least one device. Procedure To create user-defined text lists, follow these steps: 1. Click on the arrow to the left of a device in the project tree. The elements arranged below the device are displayed. 2. Double-click on "Text lists". All the text lists assigned to the device are displayed in the work area listed in a table. 3. Double-click on the first free row in the table. A new user-defined text list is created. 4. Enter a name for your new text list in the "Name" column. 5. Select if you want to specify the value ranges in decimal, binary or in bits from the dropdown list in the "Selection" column. Depending on the device, there may be further options available at this point. 6. Enter a comment in the "Comment" column. A new user-defined text list is created and you can now enter the value ranges and texts. 8.6.3 Editing user-defined text lists You can enter value ranges and the corresponding texts in user-defined text lists. User-defined text lists are always located below a device in the project tree. Requirement You are in the project view. A project is open. The project includes a least one device. WinCC Advanced V14 System Manual, 10/2016 437 Editing project data 8.6 Working with text lists Procedure To add to user-defined text lists with value ranges and texts, follow these steps: 1. Click on the arrow to the left of a device in the project tree. The elements arranged below are displayed. 2. Double-click on "Text lists". All the text lists assigned to the device are displayed in the work area listed in a table. 3. Select a text list in the table. The contents of the selected text list are displayed in the work area. There, you can enter a value range and assign texts to the individual value ranges. 4. Enter the value ranges you require in the "Range from" and " Range to" columns. The entry must be made in the numeric format selected for the text list. 5. Enter a text for each value range in the "Entry" column. 8.6.4 Editing system-defined text lists In system-defined text lists, you can modify the individual texts assigned to a value range. System-defined text lists are always located below a device in the project tree. Requirement You are in the project view. A project is open. The project includes a least one device. Procedure To edit texts in system-defined text lists that are assigned to a value range, follow these steps: 1. Click on the arrow to the left of a device in the project tree. The elements arranged below are displayed. 2. Double-click on "Text lists". All the text lists assigned to the device are displayed in the work area listed in a table. 3. Select a text list in the table. The contents of the selected text list are displayed in the work area. Here, you can add to or edit the texts assigned to a value range. 4. Enter a text for each value range in the "Entry" column. 438 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.7 Using memory cards 8.7 Using memory cards 8.7.1 Basics about memory cards Introduction Memory cards are plug-in cards that come in a variety of types and can be used for a variety of purposes. Depending on the device type or device family, memory cards can be used for purposes, such as: Load memory of a CPU Storage medium for projects, firmware backups, or any other files Storage medium for performing a firmware update Storage medium for the PROFINET device name For information regarding the technical variants of the respective memory cards and general information on their handling, refer to the respective documentation for the device. For information on handling memory cards in the TIA Portal, refer to the online help under the keyword "Memory Card". NOTICE Memory card is unusable for SIMATIC devices If you use a SIMATIC memory card for non-SIMATIC purposes or you format it incorrectly, you will overwrite the internal structure of the SIMATIC memory card. The structure is not recoverable and the SIMATIC memory card becomes unusable for SIMATIC devices. Do not use memory cards for non-SIMATIC-related purposes, and do not format SIMATIC memory cards with third-party devices or Windows tools. See also Adding a user-defined card reader (Page 439) Accessing memory cards (Page 440) Displaying properties of memory cards (Page 441) 8.7.2 Adding a user-defined card reader Introduction If your card reader is not detected automatically, you can add it manually. WinCC Advanced V14 System Manual, 10/2016 439 Editing project data 8.7 Using memory cards Requirement The project view is open. Procedure To add a card reader, follow these steps: 1. Open the project tree. 2. Select the "Card Reader / USB memory > Add user-defined Card Reader" command in the "Project" menu. The "Add user-defined Card Reader" dialog opens. 3. In the drop-down list box, select the path for the card reader. 4. Confirm your entries with "OK". See also Basics about memory cards (Page 439) Accessing memory cards (Page 440) Displaying properties of memory cards (Page 441) 8.7.3 Accessing memory cards Requirement A memory card is inserted in the card reader. The project view is open. Note You cannot work with multiple memory cards at one time. Only insert one memory card into the card reader. 440 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.7 Using memory cards Procedure To access memory cards, follow these steps: 1. Open the project tree. 2. Select the "Card Reader / USB memory > Card Reader / Show USB memory" command in the "Project" menu. The "Card reader / USB memory" folder is displayed in the project tree. 3. Open the "Card Reader / USB memory" folder. You can now access the memory card. Note If data from a non-installed product is stored on the memory card, the folders that contain these data are shown in gray. You receive an error message when you attempt to access such a folder. Install the corresponding product if needed. See also Basics about memory cards (Page 439) Adding a user-defined card reader (Page 439) Displaying properties of memory cards (Page 441) 8.7.4 Displaying properties of memory cards You can display the properties for the utilized memory cards. Note that different memory cards with different properties must be used, depending on the device. Requirement A memory card is inserted in the card reader. The project view is open. Procedure To display the properties of a memory card, follow these steps: 1. Right-click on the memory card for which you want to display the properties. 2. Select the "Properties" command in the shortcut menu. The "Memory Card <name of the memory card>" dialog opens. The properties are displayed in this dialog. WinCC Advanced V14 System Manual, 10/2016 441 Editing project data 8.9 Providing user-defined documentation See also Basics about memory cards (Page 439) Adding a user-defined card reader (Page 439) Accessing memory cards (Page 440) 8.8 Using cross-references 8.8.1 Using cross-references Introduction to cross-references The cross-reference list provides an overview of the use of objects within the project. You can see which objects are interdependent and where the individual objects are located. Crossreferences are therefore part of the project documentation. You can also jump directly to the point of use of an object. Which objects you can display and localize in the cross-reference list depends on the installed products. See also Displaying cross references of an instance (Page 467) 8.9 Providing user-defined documentation 8.9.1 Using user-defined documentation User-defined documentation for project or library contents Over time, you create your own contents in a project or a library. Your own contents include, for example, blocks, tags or library types. While the functionality of the TIA Portal is described in the supplied help system, there is no help for the contents you have created yourself. You can create your own user-defined documentation to explain to other employees how your project works or how to use individual library types. You can provide user-defined documentation in the available user interface languages. The default user interface languages in the TIA Portal are English, German, French, Spanish, Italian, and Chinese. You need to observe a few conventions when you create user-defined documentation so that the help matching an object can be opened. 442 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation You create the user-defined documentation either in one of the supported Office formats or as compiled HTML help in CHM format. Possible areas for user-defined documentation You can offer user-defined documentation in the following areas of the TIA Portal, for example: Project tree "Libraries" task card and library view Some editors, depending on the products installed, for example: - Program editor The programming languages LAD, FBD, STL, SCL and GRAPH are supported. Block calls also support the connection of user-defined documentation. - "Screens" editor Uses of screens and instances of HMI faceplates are supported in the "Screens" editor. Directories for user-defined documentation Save the user-defined documentation in one of the following directories: Project folder If you create user-defined documentation for objects within a project, save this help in the project folder. The user-defined documentation is also included when you pass on the project. Directory of a global library If you create user-defined documentation for objects within a global library, save the userdefined documentation in the directory of the global library. The user-defined documentation is also included when you pass on the global library. Central directory on the hard drive or a network drive You can store the user-defined documentation in a central directory on the hard disk or on a network drive. In this way, you have access to the user-defined documentation in each project or you use the documentation on a network drive together in the team. You specify the central file directory for the user-defined documentation using an XML file or in the settings of the TIA Portal. Homepage for the user-defined documentation You can create a separate homepage for each language version of the user-defined documentation. The homepage for the user-defined documentation can contain general help for a project or for a library. The homepage must be saved in the central storage directory for user-defined documentation. Calling the user-defined documentation If user-defined documentation is available for an object, you call it with the keyboard shortcut <Shift+F1>. The user-defined documentation is always opened with the standard program specified for the respective file format in Microsoft Windows. WinCC Advanced V14 System Manual, 10/2016 443 Editing project data 8.9 Providing user-defined documentation Once you have pressed <Shift+F1>, certain directories are searched in a fixed order for userdefined documentation. The search order is given below: 1. Search in the central directory for user-defined documentation 1.1 Search for a CHM file 1.2 Search for documentation in other file formats 2. Search in the project or library directory 2.1 Search for a CHM file 2.2 Search for documentation in other file formats The search is initially performed in the language directory for the currently set user interface language of the TIA Portal. If no help is contained in this language directory, the search for user-defined documentation is performed in the same order in the English language directory. As soon as user-defined documentation is found in one location, the user-defined documentation is opened and the search is canceled. If no user-defined documentation is found in any of the directories, a search for a homepage for user-defined documentation is performed in the order presented above. The search for a homepage is again initially performed in the language directory for the currently set user interface language. If no homepage is found there, the English language directory is searched. Call log You can display a call log for the user-defined documentation for easier connection of the userdefined documentation. The alarms within the log indicate the directories in which documentation is searched for and whether the call of the user-defined documentation is successful. In addition, the file name that is expected for the file is indicated. This allows you to identify how you must name your documentation and the directories in which you must save the user-defined documentation. The call log has the same sequence as the one used to search for user-defined documentation or a homepage. The log is displayed in the Inspector window in the "Info" tab. Before you can display the call log, you must first enable the call log in the settings of the TIA Portal or using an XML file. See also Conventions for the creation (Page 448) Specifying settings with an XML file (Page 446) Creating a homepage (Page 447) Creating user-defined documentation (Page 452) Calling user-defined documentation (Page 451) General remarks on the information system (Page 312) 444 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation 8.9.2 Specifying settings in the TIA Portal You specify the following settings for user-defined documentation in the settings of the TIA Portal: Displaying the call log in the Inspector window A log of the call of user-defined documentation is displayed on the 'Info > General' tab of the Inspector window. The log helps you to adhere to the conventions for calling userdefined documentation. Search for user-defined documentation in a central file directory You can save user-defined documentation in a directory outside the current project directory in order, for example, to make documentation available across projects. Central directory for user-defined documentation You store cross-project documentation in the central file directory for user-defined documentation. Note XML configuration file takes precedence over the settings of the TIA Portal If you use an XML configuration file and have specified settings for user-defined documentation there, the settings in the XML file take precedence. As soon as you refresh the XML configuration file or restart the TIA Portal, the settings from the XML file are applied. The settings that you have made in the TIA Portal lose their validity. Procedure To specify a central storage location for user help, follow these steps: 1. Select the "Settings" command in the "Options" menu. 2. Open the "General > General" area. 3. Navigate to the "User documentation" section. 4. Select the "Display call log for user-defined documentation" check box in order to display a log of the call of the user-defined documentation in the Inspector window. 5. Select the "Search for user-defined documentation in a central directory" check box in order to store user-defined documentation in a cross-project directory. 6. Specify the path to where you save the cross-project documentation in the "Central directory for user-defined documentation" field. See also Specifying settings with an XML file (Page 446) WinCC Advanced V14 System Manual, 10/2016 445 Editing project data 8.9 Providing user-defined documentation 8.9.3 Specifying settings with an XML file As an alternative to settings in the TIA Portal, you can make settings for the user-defined documentation in an XML file. The XML file is the same file you use for integrating corporate libraries. If you use an XML configuration file and have specified settings for user-defined documentation there, the settings in the XML file take precedence. As soon as you refresh the XML configuration file or restart the TIA Portal, the settings from the XML file are applied. The settings that you have made in the TIA Portal lose their validity. You can set the following options in the XML configuration file: Displaying the call log in the Inspector window A log of the call of user-defined documentation is displayed on the 'Info > General' tab of the Inspector window. The log helps you to adhere to the conventions for calling userdefined documentation. Search for user-defined documentation in a central file directory You can save user-defined documentation in a directory outside the current project directory in order, for example, to make documentation available across projects. Central directory for user-defined documentation You store cross-project documentation in the central file directory for user-defined documentation. Procedure To specify settings for the user-defined documentation, follow these steps: 1. Create an XML file named "CorporateSettings.xml", if you are not yet using an XML configuration file for the integration of company libraries. If you are already using a configuration file, proceed with step 3. The configuration file must be saved with "UTF-8" coding. 2. Save the file in the following directory on your computer: C:\ProgramData\Siemens\Automation\Portal V14\CorporateSettings\ 3. Enter the content listed below into the XML configuration file. 4. Adapt the attributes for display of the user-defined documentation. The meaning of the individual elements is available in the comments in the XML configuration file. Use the value "true" to activate a function. Use the value "false" to deactivate a function. 446 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation Content of the XML configuration file The XML configuration file must have the following content: XML <?xml version="1.0" encoding="utf-8"?> <Document> <Settings.Settings ID="0"> <ObjectList> <Settings.General ID="1" AggregationName="General"> <!-- Here you find the settings for global company libraries, if available. --> <ObjectList> <Settings.UserDocumentation ID="2" AggregationeName="UserDocumentation"> <!-- In the following section, you specify the values for display of the user-defined documentation. --> <AttributeList> <!-- Activates or deactivates the display of the access log. --> <DisplayLogInformation> <Value>true</Value> </DisplayLogInformation> <!-- Activates or deactivates the search for user-defined documentation in a central directory. --> <EnableLookupFromCentralStorageLocation> <Value>true</Value> </EnableLookupFromCentralStorageLocation> <!-- Specifies the central directory for user-defined documentation. --> <CentralStorageLocation> <Value>D:\CorporateDocumentation\UserDocumentation\</Value> </CentralStorageLocation> </AttributeList> </Settings.UserDocumentation> </ObjectList> </Settings.General> </ObjectList> </Settings.Settings> </Document> See also Using user-defined documentation (Page 442) Specifying settings in the TIA Portal (Page 445) Calling user-defined documentation (Page 451) Creating a homepage (Page 447) Creating a configuration file for corporate libraries (Page 479) 8.9.4 Creating a homepage You can design a homepage for user-defined documentation. The homepage can be an HTML page that you save either within a CHM file or in the directory of the relevant language. You WinCC Advanced V14 System Manual, 10/2016 447 Editing project data 8.9 Providing user-defined documentation can also use other file formats approved for user-defined documentation. You design the homepage of the user-defined documentation outside the TIA Portal. Procedure To create a homepage, follow these steps: 1. Design a file in HTML format or in any other file format approved for user-defined help. 2. Name the file "Home". 3. Copy the file to the central directory for user-defined documentation on the hard disk or on a network drive: <Central directory for user-defined documentation>\<Folder for the respective language> 4. If the respective language folder does not exist yet, create the folder now. Alternative: If you are creating the homepage for a CHM file, place the homepage in the main directory of the CHM file. Sample configuration for the homepage Below you see the correct path for the following conditions: The user-defined documentation is in Spanish. The homepage is an HTML file. The path for these conditions is as follows: <Central directory for user-defined documentation>\es-ES\Home.html See also Specifying settings with an XML file (Page 446) Using user-defined documentation (Page 442) Conventions for the creation (Page 448) Calling user-defined documentation (Page 451) Displaying the call log (Page 452) Creating user-defined documentation (Page 452) 8.9.5 Conventions for the creation You must observe some conventions to ensure that user-defined documentation is called at the correct location: the user-defined documentation must be saved in the correct directory. The file name must be exactly the same as the object name in the TIA Portal. To prevent malicious code from being executed on your computer, only file formats that are considered as relatively safe are permitted. 448 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation Supported file formats Create the user-defined documentation in one of the following file formats: Microsoft Word (.docx) Microsoft Excel (.xlsx) Microsoft PowerPoint (.pptx and .ppsx) HTML pages (.htm or .html) Microsoft XPS (.xps) Rich Text Format (.rtf) Text documents (.txt) Compiled HTML help (.chm) PDF documents (.pdf) You save the homepage of the user-defined documentation in HTML format or save the homepage within a CHM file. NOTICE Infection of the computer with malicious code If the user-defined documentation contains malicious code, it can infect your computer. Especially HTML pages and CHM files can contain malicious code. Make sure that the user-defined documentation comes from a trustworthy source. You should also use the standard security measures, such as the use of a firewall and an up-to-date virus scanner. Directories for user-defined documentation Save the user-defined documentation in one of the following directories: Project folder: UserFiles\UserDocumentation\<Folder for the respective language>\<Object category> Directory of a global library: UserFiles\UserDocumentation\<Folder for the respective language>\<Object category> Central directory on the hard drive or a network drive: <Central directory for user-defined documentation>\<Folder for the respective language> \<Object category>\ The user-defined documentation must be located in the suitable subfolder for the respective language. The table below shows the respective language folders for the user languages installed as default: WinCC Advanced V14 System Manual, 10/2016 Language Subfolder German \de-DE English \en-US Spanish \es-ES 449 Editing project data 8.9 Providing user-defined documentation Language Subfolder French \fr-FR Italian \it-IT Chinese \zh-CN The language folder must contain a separate subfolder for each object category. Create the corresponding subfolders for objects for which you are providing user-defined documentation. Always use the English designation of the object category. The table below shows the English designations of the most important object categories in the TIA Portal: Object category English designation HMI screens Screens Organization blocks (OB) Organization Blocks Function blocks (FBs) Function Blocks Functions (FCs) Functions Data blocks Data Blocks Types in the library Library Types Master copies in the library Master Copies The project node in the project tree Projects All types of folders in the project tree, in the project library or in global libraries Folders All types of links in the project tree, for example, "Add new block", "Add new device", etc. ShortCut Libraries in the "Libraries" task card or in the library view Libraries If you are not sure of the English designation for an object category, change the user interface language of the TIA Portal to English. Alternatively, open the user-defined documentation for an object with <Shift+F1> and check in the call log which designation is expected for the object category. Permitted file names The file name must be exactly the same as the object name in the TIA Portal. There are, however, restrictions for file names under Microsoft Windows. The same restrictions apply to the file system used to format the hard drive. The file name may only include certain characters and must not exceed a specific length. The restrictions for file names differ depending on the Windows version and the file system used for the hard drive. To ensure that the help call works, read up on possible restrictions in the Microsoft Windows documentation. 450 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation Special features of CHM files You store CHM files directly in the respective language folder. The folder for the respective object category must be included in the actual CHM file. Within the compiled CHM file, the names of the individual HTML files must also be exactly the same as the object names in the TIA Portal. Note Opening CHM files on network drives If CHM files are saved on a network drive, the CHM files are not displayed correctly in more recent versions of Microsoft Windows. This behavior is determined by the security guidelines of the operating system. All versions of Microsoft Windows as of Windows Server 2003 SP1 are affected. You can bypass the security guidelines by changing the registry database in Microsoft Windows. To not compromise the security of your computer, save the CHM files only locally on your computer and do not change the registry database. See also Using user-defined documentation (Page 442) Creating a homepage (Page 447) 8.9.6 Calling user-defined documentation The user-defined documentation is opened in the language that is currently set as the user interface language. If there is no user-defined documentation available in the currently set user interface language, the English version of the user-defined documentation opens. If no userdefined documentation exists, a homepage is searched for. Requirement You have already saved user-defined documentation or a homepage according to the conventions. Procedure To open the user-defined documentation, follow these steps: 1. Select the object for which you want to display the user-defined documentation. 2. Press <Shift+F1>. The suitable user-defined documentation or the homepage opens. WinCC Advanced V14 System Manual, 10/2016 451 Editing project data 8.9 Providing user-defined documentation See also Using user-defined documentation (Page 442) Opening the information system (Page 317) Creating a homepage (Page 447) Specifying settings with an XML file (Page 446) Displaying the call log (Page 452) 8.9.7 Displaying the call log Use the call log to check whether the user-defined documentation is connected correctly. The call log shows the directories in which the search is performed for user-defined documentation or a homepage. The call log also displays the names that the individual files must have in order to call the user-defined documentation. Requirement The call log is enabled in the settings of the TIA Portal or using an XML configuration file. Procedure To display the call log, follow these steps: 1. Open the "Info" tab in the Inspector window. 2. Open the "General" tab. 3. Select the object for which you want to call the help. 4. Press <Shift+F1>. If possible, the matching user-defined documentation or the homepage of the user-defined documentation is opened. In any case, you will be informed in the Inspector window about which user-defined documentation is opened. You may be shown the directories in which no user-defined documentation was found. See also Calling user-defined documentation (Page 451) Creating a homepage (Page 447) 8.9.8 Creating user-defined documentation You create user-defined documentation for individual elements within a project or global library outside the TIA Portal. You can create the user-defined documentation in all available user interface languages. 452 WinCC Advanced V14 System Manual, 10/2016 Editing project data 8.9 Providing user-defined documentation If you create the user-defined documentation as CHM file, the procedure for creating the help is somewhat different to the creation process for other file formats. Note the information provided in chapter "Conventions for the creation (Page 448)". Creating user-defined documentation as single file To create user-defined documentation as a single file, follow these steps: 1. Create a file in a valid file format. 2. Name the file identically to the object for which you want to call the user-defined documentation. If you are offering help for a library type, for example, name the help file identical to the type. 3. Depending on whether you are creating the user-defined documentation for project contents or for contents of a global library, copy the file to one of the following storage locations: - project folder under "UserFiles\UserDocumentation\<Folder for the respective language>\<Object category>" - Directory of a global library under "UserFiles\UserDocumentation\<Folder for the respective language>\<Object category>" - Central directory on the hard drive or a network drive: <Central directory for user-defined documentation>\<Folder for the respective language>\<Object category>\ If the respective language folder or the folder for the object category does not exist yet, create the required folders before copying the file. Sample configuration for user-defined documentation Below you see the correct path for the following conditions: The user-defined documentation is intended for a type in a global library. The user-defined documentation is in French. The type is called "commande de moteur". The user-defined documentation is supplied with the global library. The user-defined documentation is created in Microsoft PowerPoint format. The path for these conditions is as follows: <Folder of the global library>\UserFiles\UserDocumentation\fr-FR\Library Types\commande de moteur.pptx WinCC Advanced V14 System Manual, 10/2016 453 Editing project data 8.9 Providing user-defined documentation Creating user-defined documentation as CHM file To provide user-defined documentation in CHM format, follow these steps: 1. Create a folder in Windows Explorer for each object category for which you want to create user-defined documentation. Use the English designation for the object category. 2. Create an HTML file for each object for which you want to provide user-defined documentation. Name the HTML file identically to the object for which you want to call the user-defined documentation. If you want to provide user-defined documentation for a library type, for example, name the HTML file identically to the type. 3. Store the HTML files in the corresponding folders of the respective object category. 4. Use the Microsoft HTML Help Workshop to create the CHM file. Use the prepared folder structure with the HTML files. 5. Copy the CHM file to one of the following storage locations: - Project folder under "UserFiles\UserDocumentation\<Folder for the respective language>" - Directory of a global library under "UserFiles\UserDocumentation\<Folder for the respective language>" - Central directory on the hard drive or a network drive: <Central directory for user-defined documentation>\<Folder for the respective language> If the respective language folder does not exist yet, create the language folder before you copy the CHM file. See also Creating a homepage (Page 447) Conventions for the creation (Page 448) 454 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.1 9 Library basics Introduction You can store objects you want to reuse in libraries. For each project there is a project library that is connected to the project. In addition to the project library, you can create any number of global libraries that can be used over several projects. Since the libraries are compatible with each other, library elements can be copied and moved from one library to another. Libraries are used, for example, to create templates for blocks that you first paste into the project library and then further develop there. Finally, you copy the blocks from the project library to a global library. You make the global libraries available to other employees working on your project. The other employees continue to use the blocks and adapt them to their individual requirements as needed. Both the project library and global libraries distinguish between two different types of objects: Master copies Almost every object can be saved as a master copy and pasted into the project again later. You can, for example, save entire devices with their contents or cover sheets for plant documentation as master copies. Types Elements that are required to run user programs, for example, blocks, PLC data types, userdefined data types or faceplates are suitable as types. Types can be versioned and therefore support professional further development. Projects using the types can be updated as soon as new versions of the types are available. Project library Each project has its own library, the project library. In the project library, you store the objects you want to use more than once in the project. The project library is always opened, saved, and closed together with the current project. WinCC Advanced V14 System Manual, 10/2016 455 Using libraries 9.1 Library basics Global libraries In addition to the project library, you use global libraries if you want to use libraries over several projects. Global libraries exist in three versions: System libraries Siemens supplies global libraries for its own software products. These include off-the-peg functions and function blocks that you can use within your project. The supplied libraries cannot be changed. The supplied libraries are loaded automatically matching the project. Corporate libraries Corporate libraries are made available centrally by your organization, for example, in a central folder on a network drive. The TIA Portal manages the corporate libraries automatically. As soon as a more recent version of an existing corporate library becomes available, you receive a prompt to update the corresponding corporate library to the more recent version. User libraries Global user libraries are independent of a specific project and can therefore be passed on to other users. Shared access to global user libraries is also possible, for example on a network drive, if all users open the global user library with write protection. Global user libraries from older versions of the TIA Portal that you created yourself can still be used. To continue using global user libraries from older versions of the TIA Portal, they must first be upgraded. Comparing library objects You can compare blocks and PLC data types with the objects of a device. This allows you to determine, for example, whether certain blocks or PLC data types have been used in a project and whether they have been modified. See also Overview of the "Libraries" task card (Page 457) Overview of the library view (Page 460) Overview of the library management (Page 463) Basics on master copies (Page 480) Basics on types (Page 484) 456 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.2 Using the "Libraries" task card 9.2 Using the "Libraries" task card 9.2.1 Overview of the "Libraries" task card Function of the "Libraries" task card The "Libraries" task card enables you to work efficiently with the project library and the global libraries. Layout of the "Libraries" task card The "Libraries" task card consists of the following components: WinCC Advanced V14 System Manual, 10/2016 "Library view" and "Library management" buttons "Project library" pane 457 Using libraries 9.2 Using the "Libraries" task card "Global libraries" pane "Elements" pane "Info" pane "Types" folder "Master copies" folder "Library view" button The "Library view" button is used to change to the library view. The "Libraries" task card and the project tree are hidden with this action. See also: Using the library view (Page 460) "Project library" pane In the "Project library" pane, you can store the objects that you want to use more than once in the project. "Global libraries" pane In the "Global libraries" pane, you manage the global libraries whose elements you want to reuse over several projects. The "Global libraries" pane also lists libraries that were shipped together with the products you purchased. These libraries provide you with ready-made functions and function blocks, for example. The supplied global libraries cannot be edited. "Elements" pane In this pane, you can display the contents of folders in the library. The "Elements" pane is not displayed by default. If you want to display the "Elements" pane, you have to enable it first. Three view modes are available in the "Elements" palette: Details mode The properties of folders, master copies and types are shown in table form in details mode. List mode In list mode, the contents of folders are listed. Overview mode In overview mode, the contents of folders are displayed with large symbols. See also: Using the element view (Page 459) "Info" pane You can display the contents of the library elements in the "Info" pane. The individual versions of types and the last revision date of the version are also displayed. 458 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.2 Using the "Libraries" task card "Types" folder In the "Types" directories, you can manage types and type versions of objects that you use as instances in the project. See also: Using types (Page 484) "Master copies" folder In the "Master copies" directories, you can manage master copies of objects that you can use as copies in the project. See also: Using master copies (Page 480) See also Library basics (Page 455) Comparing library elements (Page 519) 9.2.2 Using the element view Introduction When you open the "Libraries" task card the first time, the "Project library" and "Global libraries" palettes are opened and the "Info" palette is closed. You can display the "Elements" palette if needed. The elements view shows the elements of the selected library. Three view modes are available in the elements view: Details The properties of folders, master copies and types are shown in table form in details mode. List In list mode, the contents of folders are listed. Overview In overview mode, the contents of folders are displayed with large symbols. The "Info" palette shows the contents of the selected library element. If you select a type in the elements view, for example, the type versions are displayed in the "Info" palette. Requirement The "Libraries" task card is displayed. WinCC Advanced V14 System Manual, 10/2016 459 Using libraries 9.3 Using the library view Procedure To use the element view, follow these steps: 1. Click "Open or close the element view" in the "Project library" or "Global libraries" pane. 2. To change the view mode from the details view to the list mode or overview mode, click the corresponding icon on the toolbar. See also Library basics (Page 455) Overview of the "Libraries" task card (Page 457) Comparing library elements (Page 519) Using global libraries (Page 468) 9.3 Using the library view 9.3.1 Overview of the library view Function of the library view The library view combines the functionality of the "Libraries" task card and the overview window. In the library view, the elements of a library are displayed in various views. In the details view, for example, you see additional properties of the individual elements. You can also edit and version the types in the library view. 460 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.3 Using the library view Layout of the library view The following figure shows the components of the library view: Library tree Library overview "Open/close the Library view" button and "Open library management" "Open or close library overview" button Library tree The library tree is similar to the "Libraries" task card, apart from a few minor differences. In contrast to the task card, there is no "Elements" palette, because the elements are displayed in the library overview. In addition, you can close the library view in the library tree, or open and close the library overview. See also: "Libraries" task card (Page 457) WinCC Advanced V14 System Manual, 10/2016 461 Using libraries 9.3 Using the library view Library overview The library overview corresponds to the overview window and displays the elements of the currently selected object in the library tree. You can display the elements in three different views: Details view The objects are displayed in a list with additional information, such as the date of the last change. List view The objects are displayed in a simple list. Icon view The objects are displayed as icons according to category. In addition, you can perform the following actions in the library overview: Renaming elements Deleting elements Copying elements Moving elements Editing type instances Versioning types WinCC only: Editing faceplates and HMI user data types See also: Overview window (Page 292) See also Basics on master copies (Page 480) Basics on types (Page 484) Opening and closing the library view (Page 462) Library basics (Page 455) Comparing library elements (Page 519) 9.3.2 Opening and closing the library view The library view is opened automatically in some cases, for example, when you edit the test instance of a type or when you edit faceplates and HMI user data types. You can also open the library view manually. 462 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.4 Using library management Opening the library view To open the library view manually, follow these steps: 1. Open the "Libraries" task card. 2. Click the "Open library view" button in the "Libraries" task card. The library tree opens. The "Library" task card and the project tree are closed. 3. If the library overview is not displayed, click "Open/close library overview" button in the library tree. The library overview opens. Exit library view To exit the library view, follow these steps: 1. Click the "Close library view" button in the library tree. The library tree closes. The "Libraries" task card and the project tree are opened. See also Overview of the library view (Page 460) Library basics (Page 455) Comparing library elements (Page 519) Using the "Libraries" task card (Page 457) Using global libraries (Page 468) 9.4 Using library management 9.4.1 Overview of the library management Function of the library management Master copies and types with dependencies to other library elements are subject to some functional restrictions. They cannot be deleted, for example, as long as dependencies still exist. This prevents other library elements from becoming useless. The library management is used to identify the dependencies and to create an overview of the work progress. The library management offers the following functions: Display of the correlations of types and master copies If a type is referenced in other types or master copies, the correlations are displayed in the library management. You will also be able to see which library elements reference a type or a master copy. Display of points of use of types in the project WinCC Advanced V14 System Manual, 10/2016 463 Using libraries 9.4 Using library management Display of types that qualify for upgrading Use of filters to narrow down the displayed types Layout of the library management The following figure shows the components of the library management: Toolbar of the library management "Types" area "Uses" area Toolbar of the library management You can perform the following tasks in the toolbar of the library management: Update uses If the project was changed, you can update the view of the library management. Clean up library By cleaning up a library, you delete all types and type versions that are not linked to an instance in the project. Harmonize project By harmonizing a project, you adapt the names and the path structures of type uses in the project to the corresponding names and path structures of the types within a library. Collapse all With the "Collapse all" icon you hide all subentries of the uppermost node in the "Types" area. The lower-level elements, such as types and individual versions, are no longer displayed. Expand all With the "Show all" icon you expand all lower-level elements in the "Types" area. The lowerlevel elements, such as types and individual versions, are displayed in full. 464 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.4 Using library management "Types" area The "Types" area displays the contents of the folder that you have selected in the library view. For each type, the types that it references are displayed. You can expand or collapse all type nodes by using the buttons in the toolbar of the "Types" area. You can also filter the view with the "Filter" drop-down list. "Uses" area The "Uses" area gives you an overview of the points of use of the selected types and master copies. The "Uses" area is divided into two tabs: "Use in the project" tab The "Use in the project" tab is used to show the instances of type versions and their respective point of use in the project. When you select an instance, you can show the cross references of the instance in the project in the Inspector window. "Use in the library" tab The "Use in the library" tab is used to show all points within the library at which a type or a master copy is used. See also Opening library management (Page 465) Filtering the display of types (Page 466) Displaying cross references of an instance (Page 467) Displaying instances in the project (Page 467) Displaying relations to other library objects (Page 468) Library basics (Page 455) Basics on master copies (Page 480) Basics on types (Page 484) 9.4.2 Opening library management Procedure To open the library management, follow these steps: 1. Open the library view. 2. Select a type or any folder that contains types. 3. Select the "Library management" command from the shortcut menu. Result The library management opens and the types are displayed with their versions. WinCC Advanced V14 System Manual, 10/2016 465 Using libraries 9.4 Using library management See also Overview of the library management (Page 463) 9.4.3 Filtering the display of types Use filters to obtain a better overview of types in extensive libraries. A filter provides you with the option of limiting the displayed types. The following filters are available: Types with pending changes The filter displays all types that have a version "in test" or "in progress". Released types The filter displays all released types that do not have versions "in test" or "in progress". Types with multiple versions The filter displays all types that have more than one version. Types without use in the project The filter displays all types which have no instance in the project. Types with new versions for upgrading other types The filter displays all types that are relevant for upgrading other types. The types must also meet the following criteria: - The types have more than one version. - All versions of the respective type have been released. Requirement The library management is open. Procedure To filter the displayed types, follow these steps: 1. In the "Types" area, select the folder whose contents you want to filter. 2. Select the required filter in the "Filter" drop-down list. In the "Types" area, types are displayed that correspond to the selected filter criteria. See also Overview of the library management (Page 463) State of type versions (Page 486) Creating a test version of a type (Page 495) Editing a test version of a type (Page 497) Creating an editing version of a type (Page 498) 466 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.4 Using library management 9.4.4 Displaying instances in the project In the library management, you can have the instances of all versions of a type or an individual type version displayed. You can jump directly to each instance in the project. Requirement The library management is open. Procedure To display the instances of a type or its versions, follow these steps: 1. In the "Types" area select the required folders, types or versions. 2. Open the "Uses in the project" tab in the "Uses" area. The instances in the project are displayed for each type version. The "Path" column shows the path at which the respective instance is located in the project. 3. Optional: Click the path to jump directly to the respective instance in the project tree. The library management is hidden and the instance is selected in the project tree. See also Displaying cross references of an instance (Page 467) Using types (Page 493) Overview of the library management (Page 463) Displaying relations to other library objects (Page 468) 9.4.5 Displaying cross references of an instance You can display the cross references of an instance without exiting the library management. Requirement The library management is open. Procedure To display the cross references of an instance in the project, follow these steps: 1. In the "Types" area, select a type version whose instances you want to display. 2. Select the instance of the required type version in the "Uses > Uses in the project" area. 3. Open the "Info > Cross-references" tab in the inspector window. The cross reference of the instance are displayed in the project. WinCC Advanced V14 System Manual, 10/2016 467 Using libraries 9.5 Using global libraries See also Using cross-references (Page 442) Overview of the library management (Page 463) Displaying instances in the project (Page 467) 9.4.6 Displaying relations to other library objects You can display relations between individual library objects in the library management. The references of the individual type versions to the other library objects are automatically displayed in the "Types" area. In the "Uses" area, you can also view the other library objects in which the respective type version is referenced. Requirement The library management is open. Procedure To display the other library objects from which a type version is referenced, follow these steps: 1. In the "Types" area select the required folders, types or versions. 2. Open the "Uses in the library" tab in the "Uses" area. In the "Uses" area, you can now see which other library objects are referenced by the individual type versions. 3. Optional: To jump to the referenced library object, click on the respective path in the "Path" column. See also Displaying instances in the project (Page 467) Overview of the library management (Page 463) Referencing of objects within a block (Page 492) 9.5 Using global libraries 9.5.1 Creating a global library Requirement The "Libraries" task card is displayed or the library view is open. 468 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries Procedure To create a new global library, follow these steps: 1. Click the "Create new global library" icon in the toolbar of the "Global libraries" palette or select the command "Global libraries > Create new library" in the "Options" menu. The "Create new global library" dialog opens. 2. Specify the name and the storage location for the new global library. 3. Confirm your entries with "Create". Result The new global library is generated and pasted into the "Global libraries" palette. A folder with the name of the global library is created in the file system at the storage location of the global library. The actual library file is given the file name extension ".al14". See also Library basics (Page 455) Opening a global library (Page 470) Displaying properties of global libraries (Page 471) Saving a global library (Page 472) Closing a global library (Page 473) Deleting a global library (Page 474) 9.5.2 Compatibility of global libraries Libraries from the TIA Portal V13 or earlier Global libraries that were created with TIA Portal V13 or earlier cannot be used in the current version of the TIA Portal. First, upgrade the libraries with version V13 SP1 of the TIA Portal to the current library version. You can then open the library with the TIA Portal V14 and perform another upgrade. Libraries from the TIA Portal V13 SP1 You can use the TIA Portal to open global libraries that were created with TIA Portal V13 SP1. When you open the library, you are prompted to upgrade the library to the current version of the TIA Portal. Once the global library is upgraded, it cannot be opened with earlier versions of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 469 Using libraries 9.5 Using global libraries Backward compatibility of the current library version Global libraries saved with the library format of the current TIA Portal product version are not backward compatible with older versions due to their enhanced functionality. Global libraries in the current library format can only be used in connection with TIA Portal V14 projects. See also Opening a global library (Page 470) 9.5.3 Opening a global library Global libraries can be further developed centrally and used over several projects. Several persons can open a global library simultaneously from a central storage location, provided all users open the global library in write-protected mode. Requirement The "Libraries" task card is displayed or the library view is open. Procedure To open a global library, follow these steps: 1. Click the "Open global library" icon in the toolbar of the "Global libraries" pane or select the command "Global libraries > Open library" in the "Options" menu. The "Open global library" dialog box is displayed. 2. Select the global library you want to open. Library files are identified by the file name extension ".al[version number]". This means that global libraries that were saved with the current TIA Portal product version have the file name extension ".al14". 3. Write protection is activated for the library. If you want to modify the global library, disable the "Open as read-only". 4. Click "Open". The global library is opened and pasted into the "Global libraries" pane if the library version matches the project version. The "Upgrade global library" dialog opens if you have selected a global library from TIA Portal V13 SP1. Upgrade the library to the current version of the TIA Portal in this case. See also Retrieving global libraries (Page 476) Compatibility of global libraries (Page 469) Library basics (Page 455) Creating a global library (Page 468) Displaying properties of global libraries (Page 471) 470 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries Saving a global library (Page 472) Closing a global library (Page 473) Deleting a global library (Page 474) 9.5.4 Displaying properties of global libraries Global libraries contain properties for describing the respective library in more detail. Properties include the following: General information about the library This includes the following information: creation time, author, file path, file size, copyright, etc. Many of the attributes can be changed. Library history The library history contains an overview of the migrations performed. Here you can also call the log file for the migrations. The library history also contains information on updates of the global library. Support packages in the library You can display an overview of additional software. The additional software is needed to process all devices of the project. Software products in the library You can display an overview of all installed software products needed for the project. Requirement The "Libraries" task card is displayed or the library view is open. Procedure To display the properties of a global library, follow these steps: 1. Right-click the global library whose properties you want to display. 2. Select the "Properties" command in the shortcut menu. A dialog containing the properties of the global libraries opens. 3. Select the properties in the area navigation that you want to have displayed. See also Opening a global library (Page 470) Library basics (Page 455) Creating a global library (Page 468) Saving a global library (Page 472) Closing a global library (Page 473) Deleting a global library (Page 474) WinCC Advanced V14 System Manual, 10/2016 471 Using libraries 9.5 Using global libraries 9.5.5 Displaying logs of global libraries Logs are created when you update or clean up global libraries or assign a shared version to several types. The logs list all changes you have made to the global library. The logs are stored together with the global library and are always available once you have opened the global library. Procedure To open the logs of a global library, follow these steps: 1. Open the global library in the "Libraries" task card or in the library view. 2. Open "Common data > Logs" in the lower-level folder. 3. Double-click the required log. The log opens in the work area. See also Updating a library with the contents of another library (Page 515) 9.5.6 Saving a global library After you have changed a global library, you need to save it. You can save a global library under another name using the "Save library as" command. Note Backward compatibility with older versions of the TIA Portal Note that global libraries can no longer be opened in older versions of the TIA Portal once they have been saved in the current version. Requirement The "Libraries" task card is displayed or the library view is open. Saving changes To save a global library, follow these steps: 1. Right-click on the global library you want to save. 2. Select the "Save library" command in the shortcut menu. 472 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries Saving a global library under another name To save a global library under another name, follow these steps: 1. Right-click the global library that you want to save under a different name. 2. Select the "Save library as" command in the shortcut menu. The "Save global library as" dialog opens. 3. Select the storage location and enter the file name. 4. Confirm your entries with "Save". The library is saved in the specified location under the new name. The original library is retained. See also Working with archives of global libraries (Page 475) Archiving global libraries (Page 475) Library basics (Page 455) Creating a global library (Page 468) Opening a global library (Page 470) Displaying properties of global libraries (Page 471) Closing a global library (Page 473) Deleting a global library (Page 474) 9.5.7 Closing a global library Global libraries are independent of projects. This means that global libraries are not closed together with your project. You must therefore close global libraries explicitly. Requirement The "Libraries" task card is displayed or the library view is open. Procedure To close a global library, follow these steps: 1. Right-click on the global library you want to close. 2. Select the "Close library" command in the shortcut menu. If you have made changes to the global library, select whether or not you want to save the changes. The global library is closed. WinCC Advanced V14 System Manual, 10/2016 473 Using libraries 9.5 Using global libraries See also Creating a global library (Page 468) Opening a global library (Page 470) Displaying properties of global libraries (Page 471) Saving a global library (Page 472) Library basics (Page 455) Deleting a global library (Page 474) 9.5.8 Deleting a global library If you no longer require a global library, you can delete it. Libraries supplied by Siemens cannot be deleted. Requirement The "Libraries" task card is displayed or the library view is open. Procedure To delete a global library, follow these steps: 1. Right-click the global library you want to delete. 2. Select the "Delete" command in the shortcut menu. 3. Click "Yes" to confirm. Result The global library is removed from the "Global libraries" palette. The entire library for the global library is deleted from the file system. See also Library basics (Page 455) Creating a global library (Page 468) Opening a global library (Page 470) Displaying properties of global libraries (Page 471) Saving a global library (Page 472) Closing a global library (Page 473) 474 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries 9.5.9 Archiving and disabling global libraries 9.5.9.1 Working with archives of global libraries If you want to back up global libraries on an external hard drive or send them via e-mail, for example, use the archiving function to reduce the storage space of the library. Options for reducing the size of the project There are two ways to reduce the space required to store global libraries: Creating a compressed archive of global libraries Archives of global libraries are compressed files, each containing an entire global library, including the entire folder structure of the library. Before the directory with the global library is compressed into the archive file, all files are reduced to their essential components to further decrease the storage space. Compressed archives of global libraries are therefore well suited for sending via e-mail. Compressed archives of global libraries of the current product version have the file extension ".zal14". Archives from the TIA Portal V13.x have the file extension ".zal13". To open a compressed archive of a global library, retrieve the archive. The archive file is extracted to a location you have selected with the entire folder structure and all files. Minimizing global libraries You can skip additional compression in an archive file, and instead create a copy of the global library directory. The included files can be reduced to the essential elements. This minimizes the required storage space. The full functionality of the global library is retained and the global library can be loaded as usual. Minimized global libraries are especially well suited for archiving, for example, on an external medium. See also Archiving global libraries (Page 475) Retrieving global libraries (Page 476) 9.5.9.2 Archiving global libraries You reduce the storage space of a global library by packing it into a compressed file. You can also reduce the storage space by saving the global library reduced to the essential elements. You can do both of these with the archiving function for global libraries. Requirement The global library is loaded. WinCC Advanced V14 System Manual, 10/2016 475 Using libraries 9.5 Using global libraries Procedure To archive a global library, follow these steps: 1. Select the global library that you want to archive. 2. Right-click the global library and select the "Archive" command from the shortcut menu. The "Archive global library as..." dialog opens. 3. Select the directory where you want to save the archive file or the new directory of the global library. The directory may not be located in a project directory or within the directory of a global library. 4. Select the file type from the "File type" drop-down list: - Global libraries archive, if you want to create a compressed file of the library. - Minimized global library, if you only want to create a copy of the library directory with minimal storage requirement. 5. Enter a file name in the "File name" field if you are creating an archive file. If you are creating a minimized global library, enter the name of the new library directory to be created in the "File name" box. 6. Click "Save". Result A compressed file with the extension ".zal14" is generated. The file includes the complete directory of the global library. The individual files of the global library are also reduced to the essential components in order to save space. If you have minimized the global library, only a copy of the original directory of the global library is created at the required location. The files contained within it were reduced to their essential components in order to save space. See also Working with archives of global libraries (Page 475) Retrieving global libraries (Page 476) 9.5.9.3 Retrieving global libraries Before you can use an archived global library, you have to retrieve it. The global library is extracted and then opened in the TIA Portal. Procedure To extract the archive of a global library, follow these steps: 1. Select the "Global libraries > Retrieve library" command in the "Options" menu. The "Retrieve archived global library" dialog opens. 2. Select the archive file. 476 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries 3. Select the check box "Open read-only" if you want to load the global library write-protected. 4. Click "Open". 5. The "Find folder" dialog opens. 6. Select the target directory to which the archived global library should be extracted. 7. Click "OK". Result The global library is extracted to the selected directory and opened immediately. See also Working with archives of global libraries (Page 475) Archiving global libraries (Page 475) Opening a global library (Page 470) Compatibility of global libraries (Page 469) 9.5.10 Using global corporate libraries 9.5.10.1 Basics of corporate libraries Introduction Corporate libraries are global libraries made available by an administrator and assigned to the TIA Portal. The administrator can assign new libraries or change libraries at any time. New libraries are automatically loaded in the TIA Portal following your confirmation. As soon as more recent versions of corporate libraries are available, the existing corporate libraries are automatically updated to the more recent version, also following your confirmation. The corporate libraries are located just like normal global libraries in the "Global libraries" palette of the "Libraries" task card. Providing corporate libraries Corporate libraries can be saved in any directory on the hard drive of the computer or on a network drive. To include corporate libraries in the TIA Portal, use an XML file. The XML file includes the directories and names of the assigned corporate libraries. The XML file must be saved in the following directory on the hard drive of the computer: C:\ProgramData\Siemens\Automation\Portal V14\CorporateSettings\ The XML file must be named "CorporateSettings.xml". You either copy the configuration file yourself to the corresponding directory or the configuration file is assigned to you through the company network. The valid configuration is WinCC Advanced V14 System Manual, 10/2016 477 Using libraries 9.5 Using global libraries automatically applied when the TIA Portal is started. When the TIA Portal is started, it continuously monitors the directory for configuration files. If the configuration file has changed, you receive a prompt to apply the new configuration. You can reject this prompt twice. You will always receive the next prompt three hours later. You must apply the new configuration at the third prompt. You receive a changed configuration file from the project administrator, for example, if corporate libraries have been added or deleted. Options as project administrator You can automatically assign the configuration file or the corporate libraries to the computers of the team members or distribute updates to the team members. This function is not part of the TIA Portal and requires a corresponding IT infrastructure in your company. If you want to administer the configuration file centrally, discuss this approach with the IT managers at your company. The archive function for global libraries can be used to pass corporate libraries to employees of the project team. However, you must retrieve corporate libraries prior to their use in the TIA Portal. The following figure shows an example of how you can distribute corporate libraries to individual employees within your organization: Employee's computer IT infrastructure of the company ;0/FRQILJXUDWLRQILOH &?3URJUDP'DWD?6LHPHQV?$XWRPDWLRQ? 3RUWDO9?&RUSRUDWH6HWWLQJV? &RUSRUDWH6HWWLQJV[PO ([WUDFWHGOLEUDULHV ;0/FRQILJXUDWLRQILOH &RUSRUDWH6HWWLQJV[PO $UFKLYHGOLEUDULHV 6DPSOHOLEUDU\]DO 6DPSOHOLEUDU\]DO 6DPSOHOLEUDU\]DO 478 $GLVWULEXWLRQVFULSWFRSLHV WKH;0/FRQILJXUDWLRQILOH DQGDUFKLYHGOLEUDULHV7KH DUFKLYHGOLEUDULHVDUHDOVR H[WUDFWHGZLWKWKHVFULSW WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.5 Using global libraries See also Working with archives of global libraries (Page 475) Archiving global libraries (Page 475) Retrieving global libraries (Page 476) 9.5.10.2 Creating a configuration file for corporate libraries You use a configuration file in XML format to make the corporate libraries available in the TIA Portal. The configuration file includes the directories and file names of the libraries to be loaded. Below you will learn how you create the XML configuration file and where to save it. Procedure To provide a configuration file for corporate libraries, follow these steps: 1. Create an XML configuration file with the content listed below. Use the coding "UTF-8". 2. Replace the paths mentioned in the example in the "<CorporateLibraryPaths>" section below with the paths where your libraries are stored. 3. Save the XML file under the name "CorporateSettings.xml". 4. Save the file in the following directory on your computer: C:\ProgramData\Siemens\Automation\Portal V14\CorporateSettings\ Content of the XML configuration file The XML configuration file must have the following content: XML <?xml version="1.0" encoding="utf-8"?> <Document> <Settings.Settings ID="0"> <ObjectList> <Settings.General ID="1" AggregationName="General"> <AttributeList> <CorporateLibraryPaths> <!-- Example for two entries --> <Item>D:\CorporateLibraries\Corporate_Library_1.al14</Item> <Item>D:\CorporateLibraries\Corporate_Library_2.al14</Item> <!-- Here you enter additional global libraries, if any. --> </CorporateLibraryPaths> </AttributeList> </Settings.General> </ObjectList> </Settings.Settings> </Document> Result As soon as you have saved the XML configuration file in the respective directory, you will receive a prompt in the TIA Portal to load the corporate libraries. WinCC Advanced V14 System Manual, 10/2016 479 Using libraries 9.7 Using master copies See also Specifying settings with an XML file (Page 446) 9.6 Creating folders in a library The library elements are stored in the libraries according to their type in the "Types" and "Master copies" folders. Create additional folders below "Types" and "Master copies" to further organize master copies and types. Requirements The "Libraries" task card is displayed or the library view is open. If you want to create new folders within a global library, you have to open the global library with write permission. Procedure To create a new folder, follow these steps: 1. Right-click any folder within the library. 2. Select "Add folder" from the shortcut menu. A new folder is created. 3. Enter a name for the new folder. See also Filtering master copies (Page 483) Working with types in the project library (Page 489) 9.7 Using master copies 9.7.1 Basics on master copies Master copies are used to create standardized copies of frequently used elements. You can create as many elements as needed and insert them into the project based on a master copy. The elements inherit the properties of the master copy. You store master copies either in the project library or in a global library. Master copies in the project library can only be used within the project. When you create the master copy in a global library, it can be used in different projects. 480 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.7 Using master copies The following elements can be created as master copies in the library, for example: Devices with their device configuration Tag tables or individual tags Instruction profiles Watch tables Elements from the documentation settings, for example, cover sheets and frames Blocks and groups containing multiple blocks PLC data types and groups containing multiple PLC data types Text lists Alarm classes Technology objects In many cases, the objects you add as master copy contain additional elements. A CPU, for example, can contain blocks. If the included elements are uses of a type version, the used versions of the types are automatically created in the library. The elements contained therein are then used as an instance and linked to the type. See also Adding master copies (Page 481) Using master copies (Page 483) Basics on types (Page 484) Filtering master copies (Page 483) 9.7.2 Adding master copies If you want to use objects multiple times, copy them as master copies in the project library or in a global library. You can choose from the following methods for creating master copies: You select one or more elements and create individual master copies from them You select multiple elements and create a single master copy from them that contains all selected elements. Requirement The "Libraries" task card is displayed. If you add a device as a master copy, this device meets the following requirements: - The device is compiled and consistent. - The device contains no test instance of a type. If you add the master copy to a global library, the global library is opened with write permission. WinCC Advanced V14 System Manual, 10/2016 481 Using libraries 9.7 Using master copies Creating master copies from one or more elements To create a master copy for one or more elements, follow these steps: 1. Open the library in the "Libraries" task card. 2. Select the desired elements. 3. Using a drag-and-drop operation, move the elements to the "Master copies" folder or any subfolder of "Master copies". Alternative: 1. Select the desired elements. 2. Copy the elements to the clipboard and paste the elements at the required location. Each element is pasted in the library as a master copy. A type is created automatically in each case from any objects contained (e.g., referenced blocks). Creating a single master copy from multiple elements To create a single master copy for all elements from multiple elements, follow these steps: 1. Open the library in the "Libraries" task card. 2. Copy to the clipboard the elements that you want to create as master copies. 3. Right-click on the "Master copies" folder or any of its subfolders in the library. 4. In the shortcut menu, select "Paste as a single master copy" command. Alternative: 1. Select the desired elements. 2. Using a drag-and-drop operation, move the elements to the "Master copies" folder or any subfolder of "Master copies". Meanwhile, keep the <Alt> key pressed. The elements are pasted in the library as a single master copy. The single master copy contains all selected elements. A type is created automatically in each case from any objects contained (e.g., referenced blocks). Note Avoiding complex structures of master copies To prevent name conflicts and conflicts regarding the folder structure during subsequent use of master copies, avoid complex master copies. Complex master copies are, for example, master copies that consist of multiple elements and nested folders. See also Basics on master copies (Page 480) Using master copies (Page 483) Library basics (Page 455) Adding types to the project library (Page 489) 482 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.7 Using master copies 9.7.3 Filtering master copies To make it easier to keep track of a large number of master copies, you can filter the display according to the type of master copy. Requirement The "Libraries" task card is displayed or the library view is open. Procedure To filter the view, follow these steps: 1. Open the "Master copies" folder in the project library or a global library. 2. In the drop-down list of the toolbar, select the type of objects you want to display under "Master copies". Result Only the selected type of master copies is displayed. You can set the filter to "All" to return to an unfiltered view. See also Library basics (Page 455) Creating folders in a library (Page 480) Basics on master copies (Page 480) Using master copies (Page 483) Using the element view (Page 459) 9.7.4 Using master copies Master copies are contained either in the project library or in a global library. You can paste one or more master copies in the project at the same time. If you insert multiple master copies at the same time, ensure that all master copies are compatible with the desired point of use. Requirement The "Libraries" task card is displayed. WinCC Advanced V14 System Manual, 10/2016 483 Using libraries 9.8 Using types and their versions Procedure To paste a master copy into the project, follow these steps: 1. Open the "Master copies" folder or any subfolder of "Master copies" in a library. 2. Using a drag-and-drop operation, move the desired master copies or whole folders to the point of use. Or: 1. Open the element view. 2. Using a drag-and-drop operation, move the desired master copies or whole folders from the "Elements" pane to the point of use. Result A copy of the master copies is inserted. If incompatible master copies were included in a multiple selection, these are omitted and a copy is not created in the project. See also Basics on master copies (Page 480) Adding master copies (Page 481) Filtering master copies (Page 483) Library basics (Page 455) Using the element view (Page 459) 9.8 Using types and their versions 9.8.1 Basics on types Using types Types are elements that are required for the execution of user programs. Types can be versioned and further developed from a central location. The following elements can be stored as type in the project library or the global library: Functions (FCs) Function blocks (FBs) PLC data types User data types Faceplates Screens 484 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Styles User-defined functions Any number of instances can be derived from the versions of types in the project. The instances are then linked to the version of the type. If you are using types from a global library, the type is also created in the project library. If the type already exists in the project library, missing type versions are added if necessary. The instance is then linked only to the respective type version in the project library. Types and their instances are marked with a black triangle. The following figure shows an instance, marked with a black triangle, and an ordinary program block: Basics on versioning of types Type versioning provides you with the means to develop types centrally and then roll out the most recent version to the individual projects as an update. In this way, error corrections and added functions can be easily integrated into existing projects. If you have created a new version of a global library, you can update existing projects in an automatic process. This minimizes errors and reduces the amount of maintenance work for large automation solutions that contain numerous individual projects. Versioning allows you to trace the development process of individual types. Before you release a version, you can try it out in a test environment to determine whether changes made to a type integrate smoothly into an existing project. You only release a version for productive use after you have made sure that everything operates without errors. You can view the history of individual instances in the project at any time and determine the version from which the instance was derived. The TIA Portal also checks automatically whether there are associated objects with individual versions of a type. Associated objects can be, for example, PLC data types or other blocks referenced in a block. All associated objects are already taken into consideration during the creation of a type or during copying between libraries. Before being released, versions of types are checked for their consistency to ensure that no inconsistencies arise in the project. Versions of types Versions are assigned to each type. The version number is displayed in both the "Libraries" task card as well as the library view next to the respective type. You can also display the version of a type in the project tree next to the instances. To do this, select the "Version" column in the project tree. This allows you to see at all times which version of an instance is used in the project. The version number consists of three numbers separated by periods. You can randomly assign the first two digits. Numbers from 1 to 999 are permitted as the first two numbers. The third digit is the build number. It is automatically incremented by one when you edit an instance related to the version. The build number is reset to 1 when you release the version. WinCC Advanced V14 System Manual, 10/2016 485 Using libraries 9.8 Using types and their versions The versions of types can have three states: In progress (faceplates and HMI user data types) In test (all sorts of types except faceplates and HMI user data types) Released The following figure shows a type with two versions. One version is "in test" and one version is released: If you use functions (FCs) or function blocks (FBs) as types in the project library, observe the following when compiling the block if you use different instruction versions: You can recompile know-how-protected blocks without password if the interfaces of the block versions are identical. You can recompile blocks that are not know-how-protected if the supply is not lost for any actual parameters and if no new actual parameters that you need to supply are added by the new version. If it is not possible to compile the type with a different instruction version, a new version of the type is required that contains the required adjustments. See also State of type versions (Page 486) Basics on master copies (Page 480) Adding types to the project library (Page 489) Using types (Page 493) Editing library elements (Page 513) Duplicating types (Page 493) 9.8.2 State of type versions The versions of types can be in three different states. The states can be determined from the instance or in the library. "In progress" status Only versions of faceplates and HMI user data types have the "In progress" status. If a version is in progress, "In progress" appears next to the version in the library. When you create a new type or a new version of a released type, the type is assigned the status "In progress". 486 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Types with the status "In progress" can be edited in the library view. A reference to an instance in the project does not have to exist. Upon release, the compatibility of the type is tested by a consistency check. "In test" status All types except for faceplates and HMI user data types can have the "in test" status. If a version is in test, "in test" appears next to the instance and in the library. A version in the test state is linked to a test instance in the project. This allows you try out the effects of your changes in a test environment including all online functions before you release a type for use in actual operations. "Released" status The "released" status is available for all types, regardless of the point of use. If a version has been released, the symbol of the version is marked with a seal in the library: Released versions can be opened with write protection in their instance. If you want to edit a released version, you must first create a new "In progress" or "in test" version. See also Basics on types (Page 484) Using types (Page 493) Creating a test version of a type (Page 495) Editing a test version of a type (Page 497) Creating an editing version of a type (Page 498) Performing a consistency check for a version (Page 498) Discarding versions (Page 499) Release versions (Page 500) Assigning a version (Page 508) Updating the project to the latest versions (Page 502) Remove the link between instance and type (Page 504) Filtering the display of types (Page 466) WinCC Advanced V14 System Manual, 10/2016 487 Using libraries 9.8 Using types and their versions 9.8.3 Displaying a released type version If you display a released version but do not want to edit it, open the instance with write protection. All types except faceplates and HMI user data types can be opened directly at the instance. Faceplates and HMI user data types can only be opened in the "Libraries" task card or in the library view. Requirement The released version has an instance in the project; except with types, this is a faceplate or an HMI user data type. Opening a type version at an instance To open a released version of a type with write protection starting from an instance, follow these steps: 1. Select the released version at the instance in the project tree. 2. To do this, right-click the instance and select the "Open" command from the shortcut menu. The instance is opened with write protection. Opening a type version in the "Libraries" task card or library view To open a released version of a type in the "Libraries" task card or in the library view, follow these steps: 1. Select the version. 2. To do this, right-click the version and select the "Open" command from the shortcut menu. If it is a faceplate or HMI user data type, it is opened directly in the library view. In this case, skip the remaining steps. If it is any other type, the "Open type" dialog opens. 3. Select the instance with the version that you want to display from the list of instances. 4. Click "OK" to confirm. The instance is opened with write protection. 9.8.4 Displaying properties of a type or version You can display the properties of a type or version. Procedure To display the properties of a type or a version and to enter a comment, follow these steps: 1. Select a type or the version of a type in the "Libraries" task card or in the library view. 2. To do this, right-click on the type or one of its versions and select the "Properties" command from the shortcut menu. The "Properties" dialog box opens. 3. If needed, enter a comment on the type in the "Comment" field or edit an existing comment. 488 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Visible and changeable properties The following table shows the properties that you can see or change for a type or version: Property Description Version Types Name Name of the type - Visible and changeable Version Version number Visible - Last change If you create, release, duplicate or assign a version, this is recorded as a change to the type. The date and time of the change are entered in the "Last change" field. Visible - Author The creator of the version is indicated as the author. - - Original library The project and the library from which the current version of the type was generated are indicated. This information is important, for example, for finding the original of the type after it has been copied from another library. Visible - Version GUID or Type GUID The GUID is used to uniquely identify the type or the version of the type, even if, for example, there are types or versions with an identical name within the project library or the global library. The GUID cannot be changed and is assigned automatically. Visible Visible Comment Comment on the type or version Visible and, for Visible and versions changeable whose status is "in test" or "in work", change able 9.8.5 Working with types in the project library 9.8.5.1 Adding types to the project library Types for reuse in the project can be created in the project library for various elements. You can create the following elements as types, for example: Program blocks Faceplates PLC data types HMI user data type If you add an element as a type to the project library and this element has dependencies to other elements, the dependent elements are automatically created as a type as well. After a type has been added to the project library, the type is linked to the added element from the project. WinCC Advanced V14 System Manual, 10/2016 489 Using libraries 9.8 Using types and their versions Requirement The "Libraries" task card is displayed. The elements that you want to add as type are compiled. The elements are consistent. For blocks, all other requirements are met as described in section "Block requirements (Page 491) Procedure To add an existing element to the project library as a type, follow these steps: 1. Open the project library in the "Libraries" task card. 2. Drag-and-drop one or more elements into the "Types" folder or any subfolder of "Types". Alternative: Copy the elements in the project tree to the clipboard and add the elements in the desired project library folder. The "Generate type" dialog opens. 3. Enter the properties of the new type: - Enter a name for the new type in the "Name of the type" field. - Enter a version number for the new type in the "Version" field. - Enter the name of the editor who is responsible for the type in the "Author" field. - Enter a comment on the type in the "Comment" field. 4. Click "OK" to confirm. The new type is generated with a released version. The version is linked to the element that has been added. See also Basics on types (Page 484) Duplicating types (Page 493) Block requirements (Page 491) Referencing of objects within a block (Page 492) Library basics (Page 455) Adding master copies (Page 481) 490 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions 9.8.5.2 Block requirements Permitted blocks for creating a type You can create types of the following blocks in the project library: Function blocks Functions User-defined data types Consistency and compilation To create a type from a block, the block must be consistent and compiled. When you create a type, the consistency of the block is checked automatically and the block is compiled if necessary. Block requirements To create a type from a block, the block must meet the following requirements: The block must match the type of CPU. A block which does not match a CPU can be identified by an incompatibility symbol to the right of the block in the project tree. This is the case, for example, when you copy a block from an S7-1500 CPU to an S7-300 CPU. A block of an S7-1500 is not compatible with an S7-300 CPU and cannot be compiled. This means that you cannot create a type from the block. The block is not a system data block. The block does not include global data access or single instance call of an instance data block. This also applies, for example, to the call of a data block within an STL block with the "OPN" command. Special aspects for know-how-protected blocks You can also create types of know-how-protected blocks. However, keep in mind the following additional requirements for know-how-protected blocks: Release of the block for use as type Know-how-protected blocks must be released to be used in a library. You make the necessary settings in the block properties. The block does not include access to data blocks, PLC tags or PLC constants. Because you cannot create types from data blocks, PLC tags or PLC constants, you also cannot create a type from know-how-protected blocks with access to the objects listed above. The instance of a know-how-protected block does not work without the associated data blocks, PLC tags or PLC constants. WinCC Advanced V14 System Manual, 10/2016 491 Using libraries 9.8 Using types and their versions See also Adding types to the project library (Page 489) Referencing of objects within a block (Page 492) 9.8.5.3 Referencing of objects within a block In many cases you reference other objects within a type. For example, call a tag or a data block within block. Accordingly, there is a dependence between the block and the referenced object. The block is only consistent if all dependent objects are also available. Referencing other types If you call other program blocks, faceplates, PLC data types or HMI user data types in a block these dependent objects are also stored automatically as type in the project library. When the referenced block is reused later as instance in the project, an instance of the referenced object is also created. The TIA Portal thus automatically ensures that the block state is consistent at all times. Referencing additional objects Access to data blocks, PLC tags or PLC constants is permitted in blocks without know-how protection, Therefore, types can be created from the blocks. While function blocks referenced in a block, for example, are also automatically created as type in the project library, this is not the case for access to data blocks, PLC tags and PLC constants. If data blocks, PLC tags or PLC constants are referenced in a block, only the block itself is created as type. The referenced objects are not created as type. If you reference objects which are not stored as type, note the following: Use the block at a different point of use If you create an instance from the type at another point of use (for example, a different CPU), the referenced objects are missing at the later point of use. This means that you should create referenced objects at the later point of use again (for example, data blocks or tag tables). Make sure that the referenced objects have the same name at the later point of use. Subsequent name changes to referenced objects If you subsequently change the name of the referenced objects, the block is no longer consistent. The referenced object (for example, a tag) is no longer found. In the case of already released versions of the type, you can no longer correct the call of the object. In this case create a new version of the type and correct the name of the called object. Then update all the instances of the type in the project to the latest version. See also Block requirements (Page 491) Adding types to the project library (Page 489) Performing a consistency check for a version (Page 498) 492 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Updating the project to the latest versions (Page 502) Displaying relations to other library objects (Page 468) 9.8.5.4 Duplicating types Types in the project library can be duplicated. If you duplicate a type, the following applies to the duplicate: The duplicate is created in the same folder. The duplicate is created from the highest version of the type. The duplicate does not have an instance in the project. Requirement The type is released. Procedure To duplicate a type in the project library, follow these steps: 1. Right-click on a type. 2. Select the "Duplicate type" command in the shortcut menu. The "Duplicate type" dialog opens. 3. Enter the properties of the new type: - Enter a name for the new type in the "Name of the type" field. - Enter a version number for the new type in the "Version" field. - Enter the name of the editor who is responsible for the type in the "Author" field. - Enter a comment on the type in the "Comment" field. 4. Click "OK" to confirm. The new type is generated with a released version. See also Adding types to the project library (Page 489) Editing library elements (Page 513) 9.8.5.5 Using types Types from the project library can be used any number of times within a project. The use of types is always linked to a version of the respective type in the project library. If the type contains dependent elements, these are also created as a type of use at a suitable point in the project. Examples of dependent elements are PLC data types referenced in a block. You can only assign a version of the same type to a device. If necessary, you can create uses of several types at the same time. WinCC Advanced V14 System Manual, 10/2016 493 Using libraries 9.8 Using types and their versions Uses of a type are called instances in the project tree. Possible points of use for type versions To use a type, create an instance of a particular version of the type at a suitable point in the project. Suitable points of use are: Folder in the project tree An instance of a type can be created in a folder in the project tree. The folder must be suitable for the particular type. If the type is a user data type, for example, you can only create the instance in the "PLC data types" folder. Editor An instance can be created from a type in a suitable editor. For example, you can create an instance from the type of a function block in another block. The type of the function block is called from another block in this way. Options for creating an instance You have two options for creating type instances: Drag the required type version from the project library and drop it at the location where you want to use it. Instances of the types and their dependent elements are generated and pasted at the location where you want to use them. The instances are connected to the respective type version in the project library. If you have created the instances in an editor, instances of the types are also created at the appropriate points in the project tree. By default, the folder structure from the library is reproduced in the project tree. If you want to select a different folder in the project tree, you will find the instances in the same folders as in the library. Copying and pasting type instances You can copy type instances to the clipboard and paste them at another point. This way you create another instance of the type version. The instance is still connected to the same type version in the project library. When you copy the instance of a type to the clipboard and paste it in another project, all required type versions are accepted in the project library of the other project. Requirement The desired versions have been released. A device which supports the category of desired type is already available in the project The device is not yet assigned any further instance of the same type. 494 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Procedure To create an instance of a type, follow these steps: 1. In the project library, select the versions from which you want to create an instance. 2. Using a drag-and-drop operation, move the versions from the project library to the point of use in the project tree or an editor. Alternative: To automatically use the newest version, move the types themselves from the project library to the point of use using a drag-and-drop operation. For example, use a drag-and-drop operation to move the type of a function block to the block folder of the CPU in the project tree. To call the type directly from another block, for example, move the type from the project library to the point of use in the program editor using a drag-and-drop operation. Alternative: 1. Copy one or more instances to the clipboard. 2. Paste the instances at a suitable point in the same project or in a different project. See also Basics on types (Page 484) State of type versions (Page 486) Displaying types for an instance (Page 495) Library basics (Page 455) Using master copies (Page 483) 9.8.5.6 Displaying types for an instance In the project tree, you can jump to a type associated with an instance in the project library. Procedure To jump to the type associated with an instance in the project library, follow these steps: 1. Right-click the instance of the type in the project tree. 2. Select the "Go to type" command from the shortcut menu. The associated type is displayed in the project library. See also Using types (Page 493) 9.8.5.7 Creating a test version of a type Before you release a type for productive use, you need to test the type within a project and on the automation system. The test is conducted in a specific test environment. This test environment can be a CPU, for example. WinCC Advanced V14 System Manual, 10/2016 495 Using libraries 9.8 Using types and their versions Create a version with "in test" status for the test. The creation of a version "in test" is suitable for all sorts of types except for faceplates and HMI user data types. On the other hand, versions "in progress" can be created from faceplates and HMI user data types. There are two ways to create a test version of a type and define the test environment: In the "Libraries" task card or library view Generate the new version with "in test" status in the "Libraries" task card or in the library view. You can generate the new version either directly from the type or from a specific version of the type. At an instance in the project tree You can also create the test version directly at the instance in the project tree. Since the instance is always used in a specific version in the project, a new version of the type is generated from the version used at the instance. You can also create test versions from several types at the same time. The following rules apply to a version "in test": You can set only one version to "in test" for each type at a given time. A version in testing may only be linked to a single instance in the project. Therefore, it is not possible to copy an instance to the clipboard, to duplicate it or to create an additional type from the instance as long as it has "in test" status. Requirement There is at least one instance of the type within the project in a given version. If you want to create the new version from a particular version of the type, the instance must be used in this version in the project. Procedure To generate a new test version of a type or the version of a type, follow these steps: 1. Select the type, a version of the type, or the instance. When you create the test version directly at the instance, you can select several elements or folders with multiple selection. You can skip steps 3 and 4 because the test environment is already defined by the selected instance. 2. Right-click the selected element and select the "Edit type" command from the shortcut menu. If you have started the editing in the "Libraries" task card or in the library view, the "Edit type" dialog opens. If you have started the editing at the instance in the project tree, the test instance is immediately opened for editing in the library view. 496 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions 3. Select an instance of the type from the list in the project. If you have started editing at the type itself, the following applies: - The location at which the instance is used (for example, the CPU) is also used as test environment for the subsequent editing of the type. - Selecting the test instance also defines the version to be edited. The following applies to editing a specific version: If your starting point is a specific version, you can only select from the list instances that are used in the same version. 4. Click "OK" to confirm. Result A new version of the type is created. The new version is "in test" and is identified as such in the user interface. See also Basics on types (Page 484) State of type versions (Page 486) Library basics (Page 455) 9.8.5.8 Editing a test version of a type When you edit a version "in test", a new version is not created. You can start the editing of the test version at the instance in the project tree, in the "Libraries" task card or in the library view. Note Deleting and renaming interface parameters You can add new parameters. However, if you rename or delete existing parameters, these parameters will not be supplied when the block is called. Procedure To edit the test version of a type, follow these steps: 1. Right-click the test version or the instance. 2. Select the "Edit type" command from the shortcut menu. The test instance is opened and can be edited. See also Basics on types (Page 484) State of type versions (Page 486) WinCC Advanced V14 System Manual, 10/2016 497 Using libraries 9.8 Using types and their versions Library basics (Page 455) Performing a consistency check for a version (Page 498) Discarding versions (Page 499) Release versions (Page 500) 9.8.5.9 Creating an editing version of a type If you want to edit a type with faceplates or HMI user data types, create a new "in progress" version of the type. The new version is edited in the library view. To check the compatibility of the changes, a consistency check is automatically performed for the type prior to the release. Requirement The project library is opened in the "Libraries" task card or in the library view. Procedure To create a new version of a type in progress, follow these steps: 1. Right-click the type or the version of the type. 2. Select the "Edit type" command from the shortcut menu. A new "in progress" version is created and opened for editing in the library view. See also Basics on types (Page 484) State of type versions (Page 486) Library basics (Page 455) 9.8.5.10 Performing a consistency check for a version A type version can unintentionally obtain an inconsistent state during editing. To notice errors in the development process in good time, you can regularly perform a consistency check. However, the consistency check always takes place automatically as soon as you release a version. Details of how to start the consistency check manually for the version of a type are provided below. Requirement The project library is opened in the "Libraries" task card or in the library view. The version is "in progress" or "in test". 498 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Procedure To perform a consistency check for the version of a type, follow these steps: 1. Right-click on the version that you want to check for consistency. 2. Select the "Consistency check" command in the shortcut menu. The consistency check is carried out. You receive a message with the result of the consistency check. See also Release versions (Page 500) Discarding versions (Page 499) Editing a test version of a type (Page 497) Basics on types (Page 484) State of type versions (Page 486) Library basics (Page 455) 9.8.5.11 Discarding versions Discard versions of a type "in test" or "In progress" when you no longer need the version. You can also select several types or folders and discard all test or editing versions contained therein. All uses of the deleted versions are reset to the last released status. Requirement The version that you want to discard is in the state "in test" or "in progress". Your are in the library view of the "Libraries" task card is open. Procedure To discard one version, follow these steps: 1. Right-click the version that you want to discard. 2. Select the "Discard changes and delete version" command from the shortcut menu. The version is deleted. Alternative in the library view: 1. Click the "Discard changes and delete version" button in the toolbar while a version is opened for editing. The version is deleted. See also Basics on types (Page 484) State of type versions (Page 486) WinCC Advanced V14 System Manual, 10/2016 499 Using libraries 9.8 Using types and their versions Library basics (Page 455) Performing a consistency check for a version (Page 498) 9.8.5.12 Discarding all versions within a folder You can discard all versions with the "In test" or "In progress" status at the same time within a folder. All uses of the deleted version are reset to the last released status. Requirement Your are in the library view of the "Libraries" task card is open. Discarding a version of a single type To discard all versions within a folder, follow these steps: 1. Right-click the folder. 2. Select the "Discard all" command from the shortcut menu. All "In test" or "In progress" versions are deleted. 9.8.5.13 Release versions When you are finished editing a type version, release the version for productive use. Assign a version number for the release. You can also use a multiple selection to release several versions at the same time. Requirement The "Libraries" task card is open or you are in the library view. The versions that you want to release are "in test" or "In progress" status. The versions are consistent. A consistency check is performed as soon as you start the release. If errors that prevent a release occur during the consistency check, a message is displayed indicating how you can correct the errors. Procedure To release type versions, follow these steps: 1. Select the versions you want to release. 2. Right-click your selection. 3. Select the "Release version" command from the shortcut menu. The "Release type version" dialog box opens. 500 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions 4. If necessary, change the properties of the version: - Enter a name for the type in the "Name" field. If you have selected several versions for release, the "Name" field cannot be changed. - In the "Version" field, define a main and an intermediate version number for the version to be released. If you have selected several versions for release, the "Version" field cannot be changed and the last version number is used for the release. - In the "Author" field, enter the editor of the version to be released. - In the "Comment" field, enter a comment on the version to be released. 5. Optional: Select the "Delete unused type versions from the library" check box to delete all versions from the library that are not connected to any instance in the project. Versions with dependencies on other types or library elements are not deleted. 6. Click "OK" to confirm. Alternative in the library view: 1. Click the "Release version" icon in the toolbar while a version is opened for editing. 2. Continue with steps 3 to 5 of the description above. Result The selected versions are released. The properties are applied for the types themselves, the versions to be released, and for all future versions. Versions already released remain unaffected by the changes. If needed, all instances with the same original version are updated to the most recent version and the unused versions of the type are deleted. See also Releasing all versions within a folder (Page 501) Basics on types (Page 484) State of type versions (Page 486) Library basics (Page 455) Performing a consistency check for a version (Page 498) Assigning a version (Page 508) Adding types to a global library (Page 504) Updating the project to the latest versions (Page 502) 9.8.5.14 Releasing all versions within a folder When you are finished editing all types within a folder, release all versions simultaneously. WinCC Advanced V14 System Manual, 10/2016 501 Using libraries 9.8 Using types and their versions Requirement Your are in the "Libraries" task card or in the library view. The folder includes versions "in test" or "in progress" status. All versions "in test" or "in progress" are consistent. A consistency check is performed as soon as you start the release. If errors that prevent release occur during the consistency check, a message is displayed indicating how to correct the errors. Procedure To release all type versions within a folder, follow these steps: 1. Right-click the required folder. 2. Select the "Release all" command from the shortcut menu. The "Release type version" dialog box opens. 3. If necessary, change the properties of the version: - In the "Author" field, enter the editor of the versions to be released. - In the "Comment" field, enter a comment on the versions to be released. 4. Select the "Delete all unused type versions from the library" check box to delete all versions from the library that are not connected to any instance in the project. Versions with dependencies on other types or master copies are not deleted. 5. Click "OK" to confirm. Result All type versions "in test" or "in progress" status within the selected folder are released. The properties are applied for the versions to be released and for all future versions. Versions already released remain unaffected by the changes. Versions of types not used in the project may be deleted. See also Release versions (Page 500) 9.8.5.15 Updating the project to the latest versions After you have updated several types in the project library, update all instances in the project to the most recent version of the types from the project library. If you do not want to apply the changes to the entire project, restrict the update to individual devices in the project. 502 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Each of the following elements can be selected as source for the update: The entire project library Individual folders within the project library Individual types You can select multiple types. Requirement Your are in the "Libraries" task card or in the library view. Procedure To update instances in a project with the contents from the project library, follow these steps: 1. Select the entire project library or elements from it. 2. Right-click the required elements and select the "Update > Project" command from the shortcut menu. The "Update project" dialog box opens. 3. Select either the entire project or individual devices for the update. 4. Select the options for the update process: - The "Update all instances of the affected types" check box is always selected during this process. - Select the "Delete all unused versions of affected types" check box to delete all older versions of the updated types from the project library. 5. Click "OK" to confirm. The update is performed. Result The following changes were made to the project: All older versions are deleted from the project library as needed. All instances within the selected devices are updated to the most recent version of the linked type. If a CPU does not include block instances that are called in the user program, the block instances are removed from the CPU. The types still exist in the library and can be used in the project again as needed. You can find a log of the update process in the projection tree under "Common data". See also Updating the project to the latest type versions (Page 507) Updating a library with the contents of another library (Page 515) Basics on types (Page 484) WinCC Advanced V14 System Manual, 10/2016 503 Using libraries 9.8 Using types and their versions Library basics (Page 455) State of type versions (Page 486) 9.8.5.16 Remove the link between instance and type Instances of types are always connected to the version of the corresponding types. They cannot be edited like an ordinary object. If you edit the instance, a new version of the type is created automatically in the library and the changes therefore affect the entire project. If you remove the link between the instance and its type, you then edit the object like an ordinary object in the project tree. Requirement The instance may not be "in test". Procedure To remove the link between instances and their type versions, follow these steps: 1. Select one or more instances in the project tree. 2. Right-click the selection and select the "Terminate connection to type" command from the shortcut menu. 3. The link to the corresponding type versions is removed. See also Basics on types (Page 484) Library basics (Page 455) State of type versions (Page 486) 9.8.6 Working with types in global libraries 9.8.6.1 Adding types to a global library Global libraries are used as a central resource when working on multiple projects. Among the types, only the types in the project library can be edited directly. Therefore, use the project library if you want to work on types. When you are finished editing a type in the project library, you can add the type to a global library. Adding types from the project library corresponds to a normal copy process from the project library. Requirement The "Libraries" task card is displayed or the library view is open. The global library to which you want to add types is opened and can be written to. 504 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Procedure To add types to a global library, follow these steps: 1. Open the required folder in the global library in the "Libraries" task card or in the library view. 2. Drag one or more types from the project library to the "Types" folder or any subfolder of the global library. Alternative: 1. Copy the required types from the project library to the clipboard. 2. Open the required global library in the "Global library" palette of the "Libraries" task card. 3. Right-click the "Types" folder or any of its subfolders. 4. Select the "Paste" command in the shortcut menu. Result The types are inserted in the global library. Dependent types, such as types of HMI user data types or tags, are also copied to the global library, provided they do not already exist there. This ensures that all necessary elements for generating an instance are present in the global library. If a type already exists in the global library, the described action corresponds to an update of the global library. In this case, the most recent released versions of the types are added to the global library. See also Basics on types (Page 484) Release versions (Page 500) Assigning a version (Page 508) Updating the project to the latest type versions (Page 507) Library basics (Page 455) 9.8.6.2 Using types To use types from the global library, create an instance of a particular version of the type at a suitable point in the project. If necessary, you can create uses of several types at the same time. Uses of a type are called instances in the project tree. WinCC Advanced V14 System Manual, 10/2016 505 Using libraries 9.8 Using types and their versions Possible points of use for type versions Suitable points of use for types from the global libraries are: Folder in the project tree An instance of a type can be created in a folder in the project tree. The folder must be suitable for the particular type. If the type is a user data type, for example, you can only create the instance in the "PLC data types" folder. Editor An instance can be created from a type in a suitable editor. For example, you can create an instance from the type of a function block in another block. The type of the function block is called from another block in this way. Linking the instance with the project library In the project, instances of types from a global library are not linked to the type in the global library. Instead, a copy of the type and its dependent elements is generated in the project library when an instance is created. Dependent elements, for example, can be PLC data types that are referenced in a block. In each case, the copy of the type and the dependent elements in the project library contains the version that you have linked to the instances. If the type or a dependent element already exists in the project library, only the missing version is added in the project library, if necessary. The instance is finally linked to the copy of the type in the project library. You can only assign a type to a device once irrespective of the version. Requirement A device which supports the category of the type is already available in the project. The device is not assigned to any further instances of the same type. Procedure To use the version of a type in the project, follow these steps: 1. In the global library, select the versions from which you want to create an instance. 2. Using a drag-and-drop operation, move the desired versions of the types to the point of use. Alternative: To automatically use the newest version, move the types themselves from the library to the point of use using a drag-and-drop operation. For example, use a drag-and-drop operation to move the type of a function block to the block folder of the CPU in the project tree. To call the type directly from another block, for example, move the type from the library to the point of use in the program editor using a drag-and-drop operation. Result Missing types or individual versions are added in the project library. If a type is not yet present in the project library, it is stored in the same folder as before in the global library. An instance is created from the types and their dependent elements and inserted at the point of use. The instances are connected to the respective type version in the project library. 506 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions If you have created the instances in an editor, instances of the types are also created at the appropriate points in the project tree. The folder structure from the library is reproduced in the project tree. You will therefore find the instances in the same folders as in the global library. See also Basics on types (Page 484) Updating the project to the latest type versions (Page 507) Library basics (Page 455) Using the element view (Page 459) 9.8.6.3 Updating the project to the latest type versions In large enterprises with numerous automation projects. the global libraries are frequently edited from a central location. The updated global libraries of the individual projects are made available after the completion of a new version. If you have received a more recent version of a global library, replace the outdated instances in your project with the most recent version. If you do not want to apply the changes to the entire project, restrict the update to individual devices in the project. The project library is also updated with the new versions of the types in the global library during the updating of the project or individual devices. The following elements can be selected as source for the updating: Individual folders within a global library Individual types You can select multiple types. Requirement Your are in the "Libraries" task card or in the library view. The updated global library is open. Procedure To update instances in a project with the contents from a global library, follow these steps: 1. Select the updated global library or the individual elements from it. 2. Right-click the global library or the required elements and select the "Update > Project" command from the shortcut menu. The "Update project" dialog box opens. 3. Select either the entire project or individual devices for the update. WinCC Advanced V14 System Manual, 10/2016 507 Using libraries 9.8 Using types and their versions 4. Select the options for the update process: - The "Update all instances of the affected types" check box is always selected during this process. - Select the "Delete all unused versions of affected types" check box to delete all older versions of the updated types from the project library. 5. Click "OK" to confirm. The update is performed. Result The following changes were made to the project: The most recent version of the select types is present in the project library. All older versions were deleted if necessary. All instances within the selected devices were updated to the most recent version of the linked types. You can find a log of the update process in the projection tree under "Common data". See also Updating the project to the latest versions (Page 502) Updating a library with the contents of another library (Page 515) Basics on types (Page 484) Library basics (Page 455) Adding types to a global library (Page 504) 9.8.7 Assigning a version A library is more clearly structured if types related by content have the same version number. The identical version number reflects the work progress. When you have completed the work on multiple associated types, you can assign the same version number to these types. You have the following options to assign a common version to types: One or more folders in a library One or more types Requirement The "Libraries" task card or the library view is open. Your selection must not contain types with "in test" or "in progress" status. 508 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.8 Using types and their versions Procedure To assign several types the same version, follow these steps: 1. Select the types to which you want to assign a common version. 2. Select the "Assign version" command from the shortcut menu. The "Assign version" dialog box opens. 3. If necessary, change the properties of the version: - In the "Version" field, determine the new version number. The version number must be higher than the highest version number of all selected types. - In the "Author" field, enter the person responsible for the version to be released. - In the "Comment" field, enter a comment on the version to be released. 4. Click "OK" to confirm. Result The selected type versions are changed as follows: A new version of all selected types is created with the specified version number. The properties are applied to all selected types, the new version and to all future versions. Lower versions remain unaffected by the changes. If you make no changes to the properties, the properties of the last released version of each type are applied. The build number of dependent types is incremented to the next free build number as long as the dependent types were not in your selection. If you had selected a dependent type as well, the version number you specified will be assigned. A log of the changes is created. If you have versioned the types in the project library, you find the log in the project tree under "Common data > Logs". If you have versioned types in a global library, you find the log in the "Common data > Logs" folder in the level below the global library. See also Basics on types (Page 484) State of type versions (Page 486) Library basics (Page 455) Release versions (Page 500) Adding types to a global library (Page 504) Displaying logs of global libraries (Page 472) WinCC Advanced V14 System Manual, 10/2016 509 Using libraries 9.9 Multiuser Engineering in libraries 9.9 Multiuser Engineering in libraries 9.9.1 Multiuser Engineering with library objects Library objects in the project library can be used in Multiuser Engineering. More information on working with Multiuser Engineering can be found in section "Introduction to Multiuser Engineering (Page 7140)". Markings for the check-in Individual objects within the project library are marked for Multiuser Engineering in the same way as in the project tree. You can mark library objects in the following areas of the TIA Portal: "Libraries" task card Library view Library management At the respective point of use, e.g. at type instances Always mark the library objects manually. The figure below shows the "Libraries" task card with the marking column and marked objects for the multiuser function: 510 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.9 Multiuser Engineering in libraries Markable library objects The following table shows which types can be marked for check-in in the project library and in the instance in the project: Type can be marked in the library Instance can be marked Function blocks (FB) Yes Yes PLC Block Library Type (FC) Yes Yes PLC data types (UDT) Yes Yes HMI faceplates Yes By marking the screen in which the instance of the block is loca ted HMI user-defined data type (UDT) Yes By marking the object (e.g. screen or HMI tag), in which the UDT is used. HMI style Yes No HMI style sheet Yes Not available HMI screen Yes Yes HMI C script Yes Yes HMI VB script Yes Yes Deleting types in the local session If you want to delete types in the local session, note the following: Release the types if a version is still being tested or edited. To delete types in the assigned server project, mark types in the local session before deletion. Individual versions can be deleted in the local session, but these retained in the server project. Because deleting is an administrative activity, you delete types and their versions in the server project. Updating the project If you want to update the project, note the following: Mark the types before you update the project. Mark the HMI user data types at the point of use before you update the project. Changes to HMI styles are not applied in the local session when you update the project. Update the HMI style in the server project view. See also Introduction to Multiuser Engineering (Page 7140) WinCC Advanced V14 System Manual, 10/2016 511 Using libraries 9.9 Multiuser Engineering in libraries 9.9.2 Checking in types and master copies Check changes to types and master copies into the multiuser server project in the same way as all other objects within the local session. When you check in a type, all versions of the type are always checked in. Update the server project Library type and master copies are identified and synchronized based on the unique GUID in the server project. When types and master copies are checked in, their changes from the local session are applied in the server project: The properties of the type or the master copy, e.g. the name, are applied in the server project Missing versions of types are added. The folder structure within the library is applied in the server project. However, empty folders are not deleted. Conflicts can occur through updating the server project. Any conflicts are resolved as follows: Name conflicts Two types with identical names are not permitted. In the case of name conflicts, the name of the affect types are therefore automatically adapted in the local session. A type in "In testing" or "In progress" state. If a type is in one of these two states in the server project or in the local session, you cannot update the server project. First release all marked types before you update the server project. Version conflicts A message will notify you if both the server project and local session have versions with the identical version number but different content. Change the version numbers so that these exist only once. More information on Multiuser Engineering can be found in section "Introduction to Multiuser Engineering (Page 7140)". See also Introduction to Multiuser Engineering (Page 7140) 512 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.10 Editing library elements 9.10 Editing library elements Types, master copies and folder can be cut, copied, pasted, moved, renamed or deleted in the usual way within the "Libraries" task card or the library view. Global libraries must be opened with write permission for each of the above-described processes. Note User-defined documentation for types and master copies User-defined documentation is not affected by any of the operations within the library. If you move a master copy or a type to a different location, you also move the associated user-defined documentation in the file system to the corresponding location. For additional help on using the user-defined documentation, refer to the chapter "Using userdefined documentation (Page 442)". Copying types The following rules apply when you copy types to the clipboard: Types are always copied to the clipboard with all associated versions. However, only versions that have previously been released are copied. Types are always copied to the clipboard with all dependent elements. Master copies are always copied to the clipboard with all type versions used in them. Copying and pasting type versions When you copy type versions to another library, the types must already exist in the target library. Cutting elements You can only paste previously cut library elements into the same library. In so doing, you can only paste master copies into the "Master copies" folder or any of its subfolders. Likewise, you can only paste types into the "Types" folder or any of its subfolders. Pasting types Pasting types in a different library corresponds to updating the target library. The following rules apply when you have pasted a type into a different library: A type is always pasted with all its versions. If the type already exists in the target library, all versions that are not yet available are added to the corresponding types in the target library. If there is already a version with released status in the target library, this version is not pasted again. WinCC Advanced V14 System Manual, 10/2016 513 Using libraries 9.10 Editing library elements If the same version exists with in test or in progress status in the target library, it is replaced by the released version. If a type needs other types, these are also added at the respective location. Pasting master copies When you paste master copies, all type versions contained in these copies are also pasted. If the corresponding types already exist in the library, only the missing versions are added to the individual types. If one of the types used does not yet exist, it is pasted at the highest level in the library. The type includes the type version that was used in the master copy. Moving elements When you move an element from one library to another, the element is copied and not moved. The same rules apply as described under "Pasting types" and "Pasting master copies". Deleting of types and type versions Note the following when you delete types or type versions: A type or a type version can only be deleted if there are no dependencies to other types. When you delete a type, all versions of the type are deleted. If you delete all versions of a type, the type is also deleted. If you delete a version that has instances in the project, the instances are also deleted from the project. If you delete a type that is also stored at the same time as a master copy, the master copy is also deleted. Deleting instances If you delete an instance that has dependencies to other instances, this instance is restored during the next compilation. The instance is then linked again to the original type version. This restores the consistency of the project. See also Library basics (Page 455) Remove the link between instance and type (Page 504) Updating a library with the contents of another library (Page 515) Conventions for the creation (Page 448) Using user-defined documentation (Page 442) Duplicating types (Page 493) 514 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.11 Updating a library with the contents of another library 9.11 Updating a library with the contents of another library An existing library can be updated with the contents of another library. The following options are available for updating libraries: Updating a global library with types from another global library or from the project library Updating the project library with types from a global library Each of the following elements can be selected as source for the update: An entire library Individual folders within a library Individual types You can select multiple types. During the update, new versions are added to the types that already exist in the target library. Types that do not yet exist in the target library are copied together with all their versions to the target library. Note User-defined documentation when copying types User-defined documentation is not copied together with a type to another library. You need to copy the user-defined documentation for types to the corresponding directory. For additional help on using the user-defined documentation, refer to the section "Using userdefined documentation (Page 442)". Requirement If you want to update a global library, you have to open it with write permission. Procedure To update a library with the contents of a different library, follow these steps: 1. Select a library or individual elements from a library as source for the update. 2. Right-click the source and select the "Update > Library" command from the shortcut menu. The "Update library" dialog box opens. 3. Select the type of library you want to update: - Select "Update the project library" to update the project library with types from a global library. - Select "Update a global library" if you want to update a global library. 4. Optional: In the drop-down list, select the global library that you want to update, if you want to update a global library. WinCC Advanced V14 System Manual, 10/2016 515 Using libraries 9.11 Updating a library with the contents of another library 5. Select the options for the update: - The "Update all instances of the affected types" option is always disabled during this process. - Select the "Delete all unused versions of the affected types" check box to delete all older versions of types from the project library if these are not assigned to any instance in the project and if there are no dependencies to other types. This option cannot be selected for the update of a global library, since types of a global library never have a point of use in the project. 6. Click "OK" to confirm. The update is performed. Result The following changes were made to the target library: Types not yet available in the target library were copied together with all their versions. More recent versions were added to the types that already exist in the target library. If a more recent version of a type already existed in the target library, the latest version was nevertheless copied and automatically assigned a newer version number. If needed, all versions of types were deleted from the project library if these were not used in any instance in the project. A log listing all performed changes to the target library was created for the update process. If you have updated the project library, you can find the log in the project tree under "Common data > Logs". If you have updated a global library, you can find the log in the "Common data > Logs" folder in the level below the global library. See also Updating the project to the latest versions (Page 502) Updating the project to the latest type versions (Page 507) Displaying logs of global libraries (Page 472) Library basics (Page 455) Using user-defined documentation (Page 442) Conventions for the creation (Page 448) 516 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.13 Clean up library 9.12 Harmonizing names and path structure You can harmonize the project with a library. This helps you correct the following items: Names of the instances: Instances can be created during the development phase of a library, the names of which are appended by "_1", "_2", etc. due to an automatic correction. This extension is used to prevent duplicate names in the project. During harmonization, the instances once again receive the names of their associated types. Path structure: The original path structure can be lost due to parallel development or copying of dependent instances. This affects the clarity of the project. During harmonization, the path structure within the project is adapted to the path structure of the library. Procedure To harmonize the names and the path structure, follow these steps: 1. Open the library management. 2. Click "Harmonize project" in the toolbar. The "Harmonize project" dialog box opens. 3. Select the device with which you wish to harmonize the library. 4. Select the "Harmonize paths between project and library" check box if you want to restore the path structure. 5. Select the "Harmonize names between project and library" check box if you want to have the names corrected. 6. Confirm your entries with "OK". Result Depending on your settings, the names and the path structure in the project are harmonized with the library. The changes to the project are logged. The log is available under "Common data > Logs" in the project navigation. See also Library basics (Page 455) Overview of the library view (Page 460) Overview of the library management (Page 463) 9.13 Clean up library You can clean up the project library or global libraries to remove types or versions that are not connected to any instance in the project. This step provides more clarity within the libraries and decreases the size of the library. WinCC Advanced V14 System Manual, 10/2016 517 Using libraries 9.13 Clean up library Cleaning up the project library To clean up the project library, follow these steps: 1. Open the library management. 2. Click on "Clean up library" in the toolbar. The "Clean up project library" dialog box opens. 3. Select the scope in which types or versions are to be deleted: - to retain the version with the highest version number, even if this has no instance, select the option "Delete old type versions and retain the newest type version". - Select the option "Delete complete types" to delete the complete type if no version is connected to an instance. 4. Confirm your entry with "OK". Depending on your selection, either unused type versions or types are removed from the project library. The changes are logged. The log is available under "Common data > Logs" in the project navigation. Clean up global library To clean up a global library, follow these steps: 1. Open the library management. 2. Click on "Clean up library" in the toolbar. The "Clean up global library" dialog box opens. 3. Click "Continue". Unused type versions are deleted. The latest version of a type is always retained. The changes are logged. The log is available in the "Common data > Logs" folder in the level below the global library. See also Library basics (Page 455) Overview of the library view (Page 460) Overview of the library management (Page 463) Displaying logs of global libraries (Page 472) 518 WinCC Advanced V14 System Manual, 10/2016 Using libraries 9.14 Comparing library elements 9.14 Comparing library elements Introduction You can compare devices from libraries with devices from both the current project as well as from the same or another libraries or reference projects. Note, however, that reference projects are write-protected. You can also compare instances in a device with their type version in a library. Not all actions are available for the comparison with types. You cannot, for example, overwrite an instance of a newer version with an older type version from the library. When comparing library elements, you can always switch between automatic and manual comparison. Procedure To compare library elements with the device data of a project, follow these steps: 1. In the project tree, select the device whose data you want to compare to a library element and which allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Open the "Libraries" task card. 4. Select the library element that you want to compare to the device data. 5. Drag the library element into the right drop area of the compare editor. You can identify the status of the objects based on the symbols in the status and action area. When you select an object, the object properties and the corresponding object of the assigned device are clearly shown in the property comparison. You can drag other devices into the drop areas from the current project, a library or from a reference point at any time to start a new comparison. It does not matter which device you drag into the drop area. See also Using the compare editor (Page 384) Carrying out offline/offline comparisons (Page 382) Using the library view (Page 460) Library basics (Page 455) Overview of the "Libraries" task card (Page 457) Overview of the library view (Page 460) Using the element view (Page 459) Using global libraries (Page 468) WinCC Advanced V14 System Manual, 10/2016 519 Using libraries 9.14 Comparing library elements 520 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.1 Hardware and network editor 10.1.1.1 Overview of hardware and network editor 10 Function of the hardware and network editor The hardware and network editor opens when you double-click on the "Devices and Networks" entry in the project tree. The hardware and network editor is the integrated development environment for configuring, networking and assigning parameters to devices and modules. It provides maximum support for the realization of the automation project. WinCC Advanced V14 System Manual, 10/2016 521 Editing devices and networks 10.1 Configuring devices and networks Structure of the hardware and network editor The hardware and network editor consists of the following components: Device view (Page 526), Network view (Page 523), Topology view (Page 532): Graphic area Device view (Page 526), Network view (Page 523), Topology view (Page 532): Table area Hardware catalog (Page 540) Inspector window (Page 535) The hardware and network editor provides you with three views of your project. You can switch between these three views at any time depending on whether you want to produce and edit individual devices and modules, entire networks and device configurations or the topological structure of your project. Drag the devices and modules you need for your automation system from the hardware catalog to the network, device ot topology view. The inspector window contains information on the object currently marked. Here you can change the settings for the object marked. 10.1.1.2 Overview of settings for hardware configuration In "Options > Settings > Hardware configuration", you can make various settings relating to the hardware configuration. 522 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Overview The following table provides an overview of the settings for the hardware configuration: Group Setting Description Information on product support Deactivated Prevents access to the Siemens Industry Online Support Via Internet Enables access to product information about individual devices in the hardware catalog via the Internet. Topology overview Temporarily assigning an IP address Assigns a temporary IP address for topology discovery if a device does not have a valid IP address. Topology information (LLDP) can not be read from a device without valid IP address. Show a warning if the op Shows a warning when a temporary IP address is assigned to a de tion is activated vice during topology discovery. Compiling and download Download module com ing ment Download I&M data Transfers any existing comments in addition to the hardware config uration when loading the hardware configuration to the device. The comment is available after the device is loaded to a programming device. This option must be enabled if you want to be able to also download I&M data to the actual hardware when downloading the hardware configuration, the software or both to a device. See also Changing the settings (Page 265) Enabling product support (Page 544) Displaying product support for hardware components (Page 545) Topology view (Page 532) 10.1.1.3 Network view Introduction The network view is one of three working areas of the hardware and network editor. You undertake the following tasks here: Configuring and assign device parameters Networking devices with one another WinCC Advanced V14 System Manual, 10/2016 523 Editing devices and networks 10.1 Configuring devices and networks Structure The following diagram shows the components of the network view: Changeover switch: device view / network view / topology view Toolbar of network view Graphic area of network view Overview navigation Table area of network view You can use your mouse to change the division between the graphic and table areas of the network view. The division can be changed between horizontal and vertical using a button in the toolbar. To change the position of the divider, click between the graphic and the table areas and change the spacing by moving the divider to the left or right while keeping the mouse button pressed. The Speedy Splitter (the two small arrow keys) allows you to use a single click to minimize the table view, maximize the table view or restore the last selected split. Toolbar The toolbar provides the following functions: Icon Meaning Mode to network devices. Mode to create connections. You can use the adjacent drop-down list to set the con nection type. Mode to create relations. Opens the dialog for manual name assignment for PROFINET devices. For this purpose the IO device must be inserted and connected online with the IO system. Show interface addresses. You can edit the addresses for the MPI, PROFIBUS and Ethernet interfaces in the network view itself: Select the required address and then click on the selected address field or press [F2]. Enables page break preview. Dotted lines are displayed at the positions where the pages break when printed. 524 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Icon Meaning You can zoom in (+) or zoom out (-) the view in steps using the zoom symbol or draw a frame around an area to be zoomed in. Changes the division of the graphical area and table area of the editor view between horizontal and vertical. Saves the current table view. The layout, width and visibility of columns in the table view is stored. Graphic area The graphic area of the network view displays any network-related devices, networks, connections and relations. In this area, you add devices from the hardware catalog, connect them with each other via their interfaces and configure the communication settings. The operator controls for view control are located at the bottom edge of the graphic area: Select the zoom leveling using the drop-down list. You can also enter a value directly into the field of the drop-down list. You can also set the zoom level using the slider. You can re-focus the window of the graphic area using the icon in the bottom right corner. Overview navigation Click in the overview navigation to obtain an overview of the created objects in the graphic area. By holding down the mouse button, you can quickly navigate in the overview navigation to the desired objects and display them in the graphic area. Table area The table area of the network view includes various tables for the devices, connections and communication settings present: Network overview Connections Relations IO Communication VPN You can use the shortcut menu of the title bar of the table to adjust the tabular display. See also Adding a device to the hardware configuration (Page 552) Networking devices in the network view (Page 576) Tabular network overview (Page 579) Layout of the user interface (Page 268) WinCC Advanced V14 System Manual, 10/2016 525 Editing devices and networks 10.1 Configuring devices and networks 10.1.1.4 Device view Introduction The device view is one of three working areas of the hardware and network editor. You undertake the following tasks here: Configuring and assign device parameters Configuring and assign module parameters Structure The following diagram shows the components of the device view: Changeover switch: device view / network view / topology view Toolbar of device view Graphic area of the device view Overview navigation Table area of device view You can use your mouse to change the spacing between the graphic and table areas of the device view. The division can be changed between horizontal and vertical using a button in the toolbar. To change the position of the divider, click between the graphic and the table areas and change the spacing by moving the divider to the left or right while keeping the mouse button pressed. The Speedy Splitter (the two small arrow keys) allows you to use a single click to minimize the table view, maximize the table view or restore the last selected split. 526 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Toolbar You can switch between the devices in your project in the device view using the drop-down list in the toolbar. The following functions are also available for device selection in addition to the drop-down list: Icon Meaning Switches to the network view. The device view can switch between the existing devices using the drop-down list. Show the area of unplugged modules. Opens the dialog for manual name assignment for PROFINET devices. For this pur pose the IO device must be inserted and connected online with the IO system. Show module labels. You can edit the labeling in the device view itself: Select the required labeling and then click on the selected text field or press [F2]. Enables page break preview. Dotted lines are displayed at the positions where the pages break when printed. You can use the Zoom icon to zoom in (+) or out (-) incrementally or to drag a frame around an area to be enlarged. With signal modules, you can recognize the address labels of the I/O channels from a zoom level of 200% or higher. Changes the division of the graphical area and table area of the editor view between horizontal and vertical. Saves the current table view. The layout, width and visibility of columns in the table view is stored. Graphic area The graphic area of the device view displays hardware components and if necessary the associated modules that are assigned to each other via one or more racks. In the case of devices with racks, you have the option of installing additional hardware objects from the hardware catalog into the slots on the racks. The operator controls for view control are located at the bottom edge of the graphic area: Select the zoom leveling using the drop-down list. You can also enter a value directly into the field of the drop-down list. You can also set the zoom level using the slider. You can re-focus the window of the graphic area using the icon in the bottom right corner. Overview navigation Click in the overview navigation to obtain an overview of the created objects in the graphic area. By holding down the mouse button, you can quickly navigate in the overview navigation to the desired objects and display them in the graphic area. Table area The table area of the device view gives you an overview of the modules used and the most important technical and organizational data. WinCC Advanced V14 System Manual, 10/2016 527 Editing devices and networks 10.1 Configuring devices and networks You can use the shortcut menu of the title bar of the table to adjust the tabular display. See also Rack: Basics (Page 557) Network view (Page 523) Device view: Area for unplugged modules (Page 531) Rack: Inserting a module (Page 559) Device view: Objects in the device view (Page 528) Layout of the user interface (Page 268) 10.1.1.5 Device view: Objects in the device view A graphic display of the rack and the devices plugged into it is shown in the left area of the device view. You can see the device overview in the right area of the device view. The device overview is a table showing you the most important information about the modules inserted in the rack. Both areas are displayed in a window. The size of both areas is adjusted using a divider. You can also use it to display one or the other area in full or to hide them. Structure and content of device view The offline configuration of the devices in the rack are displayed in the graphic device view. This is a symbolic representation of the configuration on the real rack. The rack configuration is displayed as a table in the device view. Each line in the table contains the information for assigning a slot. The following screenshot shows the device view with the configuration of a SIMATIC S7-1200 CPU. 528 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Graphic view of the allocation of the rack by the CPU and various modules in slots 1 to 4, as well as 101 and 102. You can use the divider to adjust the proportion of the device view between the left area (graphic view) and the right area (device overview). If you click on the arrows, you can quickly switch the division of the separate areas. Device view with the tabular representation of the rack's slots and the inserted components. You can show additional columns and hide displayed columns using the shortcut menu of the column title. Each line in the device overview represents one slot. The key information for each slot is displayed in the various columns: Column WinCC Advanced V14 System Manual, 10/2016 Meaning Online status Symbolic representation of the online status Fail-safe Symbolic representation for fail-safe module Module Name of module, can be edited in any way 529 Editing devices and networks 10.1 Configuring devices and networks Column Meaning Rack Number of the rack Slot Slot number I address Input address area, can be edited in any way Q address Output address area, can be edited in any way F-source address F-source address when using fail-safe I/O F-destination address F-destination address when using fail-safe I/O Type Catalog name of module Article no. Article number of the module Firmware Firmware version of the module Comment Optional comment Display in I/O channels If you set the zoom level in the device view to at least 200%, you can see the individual I/O channels for I/O modules. If you have defined PLC tags for the channels, the names of the PLC tags are displayed. The figure below shows the input channels of the digital input module with the two PLC tags "Test1" and "Test2" at a zoom level of 400 %. You can select the individual I/O channels and have the following options for channels with PLC tags: You see the general properties of the selected PLC tag in the inspector window under "Properties". In the inspector window under "Info > Cross-references" you find the cross-reference information on the selected PLC tag. If you have selected the PLC tag, you can also open the cross-reference information using the shortcut menu. See also Device view (Page 526) Overview of PLC tag tables (Page 4592) 530 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.1.6 Device view: Area for unplugged modules In some cases, the modules for a hardware configuration are not assigned a slot for short periods. Such unplugged modules are moved to the area of unplugged modules, a special area in the device view. Adding modules to the storage area The modules that, for example, should be assigned to a device using a copy action but for which the corresponding rack does not have a free compatible slot, are moved automatically into the area of unplugged modules. Under the following conditions, modules are automatically added to the area of unplugged modules: In the network view, a module is moved to a device but the rack does not have a compatible free slot. In the device view, a module is moved or copied from the rack, the hardware catalog or the project tree straight into the storage area. CPs and FMs that occupy a network resource can be moved into the area of unplugged modules but will lose the network resources they have been assigned. You can add modules to the area of unplugged modules by means of drag-and-drop, for example. To do this, the area must be opened. Using the area of unplugged modules Use the corresponding button to open the area of unplugged modules. You can find the area of unplugged modules in the device view. You open the area of unplugged modules with the respective icon in the toolbar of the device view (Page 526). Icon Meaning Open area of unplugged modules Note To free up slots, move modules from your configuration into the storage area and plug the modules you want from the storage area into the freed up slots. You can use this approach to temporarily move modules whose parameters have already been assigned out of the configuration without deleting them. WinCC Advanced V14 System Manual, 10/2016 531 Editing devices and networks 10.1 Configuring devices and networks Treatment of modules in the storage area The following rules apply to modules in the storage area: The modules appear in the project tree under the corresponding device in the "Local modules" folder. The modules retain all settings and parameters previously assigned. The modules are not taken into account during loading to a target system. This means that a consistency check is not undertaken for modules in the area of unplugged modules. Using the context menu, the modules can be copied, cut, or deleted, for example. 10.1.1.7 Topology view Introduction The topology view is one of three working areas of the hardware and network editor. You undertake the following tasks here: Displaying the Ethernet topology Configuring the Ethernet topology Identifying and minimizing differences between the desired and actual topology 532 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure The following figure provides an overview of the topology view. Changeover switch: device view / network view / topology view Topology view toolbar Graphic area of the topology view Overview navigation Table area of the topology view (topology overview) You can use your mouse to change the spacing between the graphic and table areas of the topology view. The division can be changed between horizontal and vertical using a button in the toolbar. To change the position of the divider, click between the graphic and the table areas and change the spacing by moving the divider to the left or right while keeping the mouse button pressed. The Speedy Splitter (the two small arrow keys) allows you to use a single click to minimize the table view, maximize the table view or restore the last selected split. Toolbar The toolbar provides the following functions: Icon Meaning Opens the dialog for manual name assignment for PROFINET devices. For this pur pose the IO device must be inserted and connected online with the IO system. Changes the position of the devices in the topology view so that the new position is as close as possible to the position in the network view. Enables page break preview. Dotted lines are displayed at the positions where the pages break when printed. WinCC Advanced V14 System Manual, 10/2016 533 Editing devices and networks 10.1 Configuring devices and networks Icon Meaning You can zoom in (+) or zoom out (-) the view in steps using the zoom symbol or draw a frame around an area to be zoomed in. Changes the division of the graphical area and table area of the editor view between horizontal and vertical. Saves the current table view. The layout, width and visibility of columns in the table view is stored. Graphic area The graphic area of the topology view displays Ethernet modules with their appropriate ports and port interconnections. Here you can add additional hardware objects with Ethernet interfaces. See: Adding a device to the hardware configuration (Page 552) The operator controls for view control are located at the bottom edge of the graphic area: Select the zoom leveling using the drop-down list. You can also enter a value directly into the field of the drop-down list. You can also set the zoom level using the slider. You can re-focus the window of the graphic area using the icon in the bottom right corner. Overview navigation Click in the overview navigation to obtain an overview of the created objects in the graphic area. By holding down the mouse button, you can quickly navigate in the overview navigation to the desired objects and display them in the graphic area. Table area The table area consists of the following two tabs: "Topology overview" tab "Topology comparison" tab The "Topology overview" tab displays the Ethernet or PROFINET modules, their ports and port interconnections in a table. This table corresponds to the network overview table in the network view. In the "Topology comparison" tab, you identify and minimize differences between the desired and actual topology. See also Overview of settings for hardware configuration (Page 522) Layout of the user interface (Page 268) 534 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.1.8 Inspector window The properties and parameters shown for the object selected can be edited in the Inspector window. Structure The Inspector window consists of the following components: Switch between various information and work areas Switch between various tabs of the information and work areas Navigation between various pieces of information and parameters Display showing the selected information and parameters WinCC Advanced V14 System Manual, 10/2016 535 Editing devices and networks 10.1 Configuring devices and networks Description of functions The information and parameters in the Inspector window are split into different types of information with different tabs: Properties This is where you can configure the device. You can make the settings for the hardware, edit tags and system constants and manage project texts. The following tabs are available here: - General (see Properties and parameters (Page 565)) - IO tags (see Overview of PLC tag tables (Page 4592)) - System constants (see Rules for global system constants (Page 4608)) - Texts (see Project text basics (Page 426)) Info In this area, you will find general information on the device in the project, a cross-reference list and messages and notes on compiling the device. The following tabs are available here: - General - Cross-reference list (see Cross-references in the Inspector window (Page 4902)) - Compiling (see Information on compiling (Page 369)) Diagnostics When you go online with the device, you will find the diagnostic information for the device and its connections here. The relevant diagnostic messages are also displayed. The following tabs are available here: - Device information (see Hardware diagnostics) - Connection information (see Connection diagnostics) - Message display (see Message display) To display the corresponding information and parameters, click in the relevant area. Display of device properties The "Properties" area is the most important one for configuring an automation system. The editing options for this area are therefore described in detail below. For information on the other areas, please see the links above to other sections of the information system. "General" tab Display the properties and settings of the device or module. Here you can edit the settings and parameters. The left pane of the Inspector window is used for area navigation. Information and parameters are arranged there in groups. If you click on the arrow symbol to the left of the group name, you can expand the group if sub-groups are available. If you select a group or sub-group, the corresponding information and parameters are displayed in the right pane of the Inspector window and can be edited there too. "IO tags" tab Display the IO tags of the PLC. You can assign names for the tags, assign the tags to the userdefined tag tables via a drop-down list, and enter comments for the tags. The IO tags are also shown in the PLC tag table. 536 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You can click on the tag symbols in the table to drag and drop tags for use in other editors. For example, you can assign a tag to an instruction in the programming editor or copy a tag to the tag table of another device. Note If you want to create multiple tags with similar names, you can also click on the name of a tag and drag the frame at the bottom right-hand corner over fields above or below. A new tag is created in all fields selected. To differentiate between the tags, a number is added to the name of the original tag in each case. If the tag name already ends in a number, the number is incremented: Using the same method, you can also use the column to create new tags for the tag table or assign existing tags a different tag table. Select a tag table from the drop-down list and drag the frame over additional fields as described above. This creates new tags in the corresponding tag table: If existing tags are affected by these actions, a dialog appears to ask whether the affected tags should be overwritten or whether new tags should only be inserted in empty fields. In the latter case, this means that only three tags are added to an area with nine fields and six existing tags; the existing tags are not changed. "System constants" tab Display of the global constants used by the device with HW identifiers, for example, of the modules, submodules and interfaces. Using the drop-down list, you can select whether to view all system constants of the device or only the system constants of the hardware or the software. With I-slaves and I-devices, the system constants of the DP master or IO controller relating to the I-slave or I-device are also displayed. If you click on the link in the column in which the use of the constant is displayed, the device view of the corresponding device opens. The system constants are also shown in the PLC tag table. You can click on the constant symbols in the table to drag and drop system constants to use in other editors. For example, you can assign a system constant to an instruction in the programming editor or create a system constant as a user constant in another device. "Texts" tab Display the reference language and specify the text source for the project texts. Please see the rest of the information system. See also Overview of hardware and network editor (Page 521) Translating project texts (Page 430) WinCC Advanced V14 System Manual, 10/2016 537 Editing devices and networks 10.1 Configuring devices and networks Addressing modules (Page 1021) Inspector window: Displaying UDTs (Page 538) 10.1.1.9 Inspector window: Displaying UDTs Under "Properties > IO tags", the Inspector window displays self-defined data structures comprising multiple elements. These UDT (User Defined Structure) PLC data types are displayed differently from simple IO tags. Display of UDTs in the I/O tag table Structured PLC tags that occupy the address space of a module are displayed along with the data items they contain in combined columns. Occupied address areas are indicated by vertical lines and individual addresses by small diamonds. The following symbols are used for display in line with IO module channel address assignment by the address area of the UDTs: Symbol Meaning Start of a data item address area covering several channels. The address area of the entire channel is used. Part of a data item address area covering several channels. The address area of the entire channel is used. End of a data item address area covering several channels. The address area of the entire channel is used. Complete address area of a data item over the address area of a channel used in full. Example: Only the input word of a channel is completely used for a data item. Start of a data item address area covering several channels. Only part of the address area of the channel is used. End of a data item address area covering several channels. Only part of the address area of the channel is used. Complete address area of a data item. Only the first part of the channel address is used. Example: Only the first byte of a word is assigned. Complete address area of a data item. Only the second part of the channel address is used. Example: Only the second byte of a word is assigned. Single address of a data item for a channel that only has one address. Example: Individual bit access to the channel address of a digital input. Single address of a data item for a channel that has multiple addresses. Example: Individual bit access to the channel address of an analog input. 538 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Application example The figure below shows a tag table with a UDT "Motor" PLC data type and its data items "Start", "Stop" and "Dummy": For a DI32 input module with input addresses I0.0 to I3.7, you see the combined column "Motor ("MotorUDT")" under the IO tags in the Inspector window. This combined column contains a column for the address area of the UDT "Motor" and a column for the data items contained in the UDT: "Motor.Dummy", "Motor.Start" and "Motor.Stop". The "Status" data item only starts at address I4.0 and is not displayed in the IO tags for this input module, because the address area of the 32 digital channels only runs from I0.0 to I3.7. The tag "ErrorCode (Byte)" is not part of the UDT. It is therefore not displayed in the combined column under UDT "Motor", but is instead shown in a separate column: The UDT "Motor" in this module occupies an address area from I0.0 to I3.7. Within this address area, the "Dummy" tag occupies the address area from I0.0 to I1.7, and the two tags "Start" WinCC Advanced V14 System Manual, 10/2016 539 Editing devices and networks 10.1 Configuring devices and networks and "Stop" occupy the single addresses I2.0 and I2.1. The "ErrorCode (Byte)" tag that is not part of the UDToccupies addresses I3.0 to I3.7 in its own column. Note The table of IO tags only shows the data in the address area of the selected device; in this case the address area of the input module DI32. If another input module with at least 16 channels is connected, the display of the address assignment is continued by the UDT with the extended address area: The address area of the UDT "Motor" runs to address I5.7, and the status data item it contains covers addresses I4.0 to I5.7. The "Status" data item occupies single addresses for individual status bits from I4.0 to I4.7. An additional column is added to the combined column of the UDT to display the status bits. See also Other useful information regarding structured PLC tags (Page 4604) Creating structured PLC tags (Page 4606) Using PLC data types (UDT) (Page 2104) Inspector window (Page 535) Details view (Page 290) 10.1.1.10 Hardware catalog The "Hardware catalog" task card gives you easy access to a wide range of hardware components. 540 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure The "Hardware catalog" task card consists of the following panes: "Catalog" pane, search and filter function "Catalog" pane, component selection "Information" pane Search and filter function The search and filter functions of the "Catalog" pane make it easy to search for particular hardware components. After entering the search text, you can start a search in the upwards or downwards direction from the current catalog position. WinCC Advanced V14 System Manual, 10/2016 541 Editing devices and networks 10.1 Configuring devices and networks You can limit the display of the hardware components to certain criteria using the filter function. For example, you can limit the display to objects that you can also place within the current context or which contain certain functions. Objects that can be used in the current context include, for example, interconnectable objects in the network view or only modules compatible with the device in the device view. You can create hardware profiles with which the objects displayed in the hardware catalog are limited. For example, you could create a hardware profile in which only certain controllers can be seen and another profile in which only certain devices of the distributed I/O are included. You can switch between the created hardware profiles. Component selection The component selection in the "Catalog" pane contains the installed hardware components in a tree structure. You can move the devices or modules you want from the catalog to the graphic work area of the device or network view. Installed hardware components without a license are grayed out. You cannot use non-licensed hardware components. Hardware components belonging to various components groups thematically are partially implemented as linked objects. When you click on such linked hardware components, a catalog tree opens in which you can find the appropriate hardware components. Information The "Information" pane contains detailed information on the object selected from the catalog: Schematic representation Name Article number Version number Description See also Browsing the hardware catalog (Page 542) Overview of hardware and network editor (Page 521) 10.1.1.11 Browsing the hardware catalog Introduction Use the "Hardware catalog" task card to select the hardware components you want for a hardware configuration. Use the hardware catalog to select the interconnectable hardware components in the network and topology view and to select the modules you want in the device view. 542 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Context filter You can use the "Filter" option of the hardware catalog to restrict the number of displayed hardware components and the number of hardware components that can be found by searching. When you enable the filter, components available in the hardware catalog are displayed depending on the selected view and the selected device. If you switch between the various views, the view of the filter objects is adapted to the current context. If the filter is not enabled, the entire hardware catalog is displayed in all views. Example: With the filter enabled in the device view of an S7-1200 CPU, only S7-1200 CPUs and matching modules are displayed in the hardware catalog. Search options You can use the search function to search for specific entries in the hardware catalog. Note the following rules when entering search terms: No distinction is made between upper and lower case text. Dashes and blanks are ignored during the search. The search function considers parts of a search term. Multiple search terms must be separated by a space. The asterisk "*" is used as a wildcard. Note Use of wildcards in the hardware catalog In search queries, the asterisk "*" is used as a wildcard. A search for "1A**0", for example, also return hits with "1AD30" or "1AE40". The hardware catalog also contains modules with wildcards in their article numbers. The wildcards in the various article numbers can be either asterisks or the lowercase letters "x", "y" or "z". If you search for the specific article number "3RW4 422-1BC34", for example, your search will also return articles with the number "3RW4 422-*BC**" and "3RW4 4xx-1By3z". You start the search from an object highlighted in the hardware catalog and either search upwards or downwards. Icon Meaning Search down Search up WinCC Advanced V14 System Manual, 10/2016 543 Editing devices and networks 10.1 Configuring devices and networks Browsing the hardware catalog If you want to browse the hardware catalog, proceed as follows: 1. Click in the entry field of the search function 2. Enter a search term. The search includes the following elements: - Name of device or module - Article number (MLFB) - Description in "Information" pane 3. Click on either the "Search down" or "Search up" button. Note To ensure the right search direction, note which point you have marked in the hardware catalog. To browse the entire catalog, click on the topmost object of the hardware catalog and start the search once you have entered the search term by clicking "Search down". The first match with the search term found is displayed as the result. For more search results, again click on the "Search down" or "Search up" button. Observe the context filter of the hardware catalog. If this is selected, the search in the hardware catalog is restricted to the displayed inserted hardware components. See also Hardware catalog (Page 540) 10.1.1.12 Enabling product support For each device in the hardware catalog, you have the option of displaying additional information that is stored in the Siemens Industry Online Support. By default, the function is disabled. Instructions for enabling the function are given below. Requirement The TIA Portal has access to the Internet. Procedure To enable access to Siemens Industry Online Support, follow these steps: 1. In the "Options" menu, select the "Settings" command. 2. Open the "Hardware configuration" group in the area navigation. 3. Select the "Via Internet" check box. Result You can access product support, FAQs and manuals in the hardware catalog via the shortcut menu for the module. 544 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Displaying product support for hardware components (Page 545) Overview of settings for hardware configuration (Page 522) 10.1.1.13 Displaying product support for hardware components In the hardware catalog, you have direct access to information that is stored for each module in Siemens Industry Online Support. You can jump directly to the following pages in Siemens Industry Online Support: Information on product support FAQs Manuals Requirement You have access to the Internet. Access to Product Support is enabled in the settings of the TIA Portal. For information on how to enable the function, refer to section "Enabling product support (Page 544)". Procedure To display the information for a particular module in Siemens Industry Online Support, follow these steps: 1. Navigate to the required module in the hardware catalog. 2. Right-click the module. 3. Select one of the following entries in the shortcut menu: - Information on product support - FAQs - Manuals Result The default browser set in the operating system is opened and the relevant page in the Siemens Industry Online Support is loaded. See also Enabling product support (Page 544) Overview of settings for hardware configuration (Page 522) WinCC Advanced V14 System Manual, 10/2016 545 Editing devices and networks 10.1 Configuring devices and networks 10.1.1.14 Printing hardware and network configurations Printout of hardware and network configurations You can print out the following elements of the hardware and network view as part of the project documentation: Graphic network view Network overview table Graphic device view The device overview table The parameters of the object currently selected in the editor Printout of editor content If you start a printout within an opened editor and no module is selected, the content of the editor is always printed. This includes a graphic representation of the editor as well as the table for the editor. You can adapt the scope of the printout. You can specify whether only the graphic view, the table or both together are to be printed. Read section "Printing: Changing settings (Page 547)" for more on this. If the graphic is larger than the page layout you have selected, the printout is continued on the next page. No content is lost this way. Alternatively, you can change the zoom level of the graphic representation to fit the printout on one page. The printout is always made in the currently selected zoom setting. To check that all content fits on one page, you can either use the print preview or activate the page break preview. When page break preview is activated, dashed lines are displayed within the graphic editor at the location where the page break is later made. Printing very large tables If a table is larger than the print area and therefore cannot be fully printed, the content of the table is not printed as a table, but instead as pairs between value and key. Example: Object name Property 1 Property 2 Object A Value A1 Value A2 Object B Value B1 Value B2 In this case, the printout has the following appearance: Object A Property 1: Value A1 Property 2: Value A2 Object B Property 1: Value B1 546 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Property 2: Value B2 You can also preset this as a template so that tables are always printed as pairs between the key and the value. Read section "Changing the print settings (Page 401)" for more on this. Printing module parameters Parameters of selected modules are printed out along with the current value settings in text form. All parameters from corresponding modules are also printed. For example, if you have selected a CPU, the parameters of an inserted signal board, if present, are printed as well. You can determine the scope of the module parameters to be printed. In the "Print" dialog, select whether all properties and parameters of a module are to be printed or whether to use the compact printout. If you select the compact form, only the entries in the "General" area of the module properties are printed. Comments on modules, as well as the author and module description, are excluded. In compact mode, the following module parameters are therefore printed, for example: Module specifications Name, module slot, short description, article number, firmware version Name of the PROFINET interface Subnet specifications Name of the subnet, ID of the S7 subnet See also Printing: Changing settings (Page 547) Documentation settings (Page 399) Creating a print preview (Page 413) Printing project data (Page 416) Printing: Enabling page break preview (Page 548) 10.1.1.15 Printing: Changing settings Changing the scope of the printout When printing from an editor, you can specify whether both graphics and tables are to be printed or just one of the two. Both are printed by default. Procedure To change the scope of the printout, proceed as follows: 1. In the "Options" menu, select the "Settings" command. 2. In the area navigation, open the "Print settings" parameter group under "General". 3. Scroll to the "Hardware configuration" group. WinCC Advanced V14 System Manual, 10/2016 547 Editing devices and networks 10.1 Configuring devices and networks 4. Select or clear the "Active graphic view" check box, depending on whether you want to print the graphics of the network and device view as well. 5. Select or clear the "Active table" check box, depending on whether you want to print the table for the editor as well. See also Printing hardware and network configurations (Page 546) 10.1.1.16 Printing: Enabling page break preview You can activate the page break preview for the printout in the graphic editor. If this option is activated, dashed lines are shown within the graphic editor at the locations where page breaks are later made during printout. Procedure Proceed as follows to activate the page break preview: 1. Select the graphic area of the corresponding view. 2. Click on the "Show page break" symbol in the toolbar of the graphic editor. Dashed lines are displayed within the graphic editor at the location a page break is later made. 3. To modify the frame layout, select the "Print" command in the "Project" menu. 4. To disable page break preview, click again on the "Show page break" symbol in the toolbar of the graphic editor. 10.1.1.17 Keyboard operation: Navigation in the editor You can use shortcut keys in the network and device view to navigate between the components of the hardware and network editor and its objects. Navigating between elements and functions Function Shortcut keys Switch to the next lower selection level <Return> You can for example, use <Return> to switch from a selected rack to the lower selection level of the devices and modules that are snapped onto it. If a device is selected, you can use <Return> to switch to the lower selection level of the interfaces that are dis played on the device. Switch to the next higher selection level <Esc> You can use <Esc>, for example, to switch from a selected interface to the higher selection level of the devices and modules. If a device is selected, you can use <Esc> to switch to the higher selection level of the rack. 548 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Function Shortcut keys Navigation between objects in the current selection level <Up arrow> You can use the arrow keys to switch between the objects within a current selection level. To change the selection level, use the <Return> or <Esc> keys. <Down arrow> <Right arrow> <Left arrow> Switches to the device view <Ctrl+Shift+D> Switches to the network view <Ctrl+Shift+N> Switches to the topology view <Ctrl+Shift+T> Switch between editor elements <Tab> Use the <Tab> key to switch from one editor element to the next element. Use <Shift +Tab> to switch to the previous element. You can switch, for example, between the graphical view, Speedy Splitter, table view or underlying tabs. <Shift+Tab> Switch between tabs <Ctrl+Tab> Use the <Ctrl+Tab> keys to switch from one tab to the next tab on the right. Use <Ctrl <Ctrl+Shift+Tab> +Shift+Tab> to switch to the next tab to the left. You can use these keys, for example, to switch between the device view, the network view and the topology view. Opening elements and functions Function Shortcut keys Opening the online and diagnostics view <Ctrl+D> When a device is selected, <Ctrl+D> opens the online and diagnostics view for the selected device. Opening the download to device dialog <Ctrl+L> When a device is selected, <Ctrl+L> opens the advanced download dialog. Add new device <Ctrl+N> <Ctrl+N> opens the dialog for adding a new device. Opens the "Hardware catalog" task card <Ctrl+Shift+C> Opens "Online Tools" task card <Ctrl+Shift+O> See also Keyboard operation in the TIA Portal (Page 300) 10.1.1.18 Keyboard operation: Editing objects You can execute some of the functions of the network and device view directly with a combination of keyboard and mouse in the hardware and network editor. The keyboard operation in tables (Page 300) corresponds to standard characteristics. Here you find the keyboard operation for the graphic work area of the network and device view. WinCC Advanced V14 System Manual, 10/2016 549 Editing devices and networks 10.1 Configuring devices and networks General keyboard operation Function Shortcut keys Zoom in on view in frame <Ctrl+Space> + pressed mouse but ton Drag a frame in the graphical view in order to correspondingly change the size of the view. Move view <Space> + pressed mouse button Move the mouse pointer in order to move the view. Cancel current operation <Esc> Separate connection <Esc> or double-click Use <Esc> or a double-click to exit connection mode when dragging a connection. Zoom in graphic view <Ctrl> + turn mouse wheel The enlargement or reduction depends on the direction of rotation. Selected objects Function Shortcut keys Select object Mouse click Cut an object <Ctrl+X> The selected object is copied to the clipboard and deleted from the graphical view. Copy object <Ctrl+C> The selected object is copied to the clipboard. Paste object <Ctrl+V> The object from the clipboard is inserted into the selection. Delete selected object <Del> Select several objects 1 <Shift> + click You can add several objects to the selected objects by clicking on them individually. Alternatively, you can use <Shift> + pressed mouse key to drag a frame around the objects that are to be selected. Select several objects 2 <Ctrl> + click You can add several objects to the selected objects by clicking on them individually. Alternatively, you can use <Shift> + pressed mouse key to drag a frame around the objects that are to be selected. When holding down the <Ctrl> key, you can use a mouse click to deselect selected objects. Move selection Mouse button pressed When the mouse button is pressed, you can drag devices or modules to allowed slots on a rack. Copy selection <Ctrl> + pressed mouse button Using <Ctrl> + pressed mouse button you can drag devices and modules to allowed slots on a rack. This copies the devices or modules. 550 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.2 Configuring devices 10.1.2.1 Introduction to configuring hardware To set up an automation system, you will need to configure, assign parameters and interlink the individual hardware components. The work needed for this is undertaken in the device and network view. Configuring "Configuring" is understood to mean arranging, positioning, and networking devices and modules within the device or network view. Racks are represented symbolically. Just like "real" racks, they allow you to plug in a defined number of modules. An address is automatically assigned to each module. The addresses can be subsequently modified. When the automation system is started, the CPU compares the configuration that is preset by the software with the actual configuration of the system. Possible errors can be detected and reported straight away. Assigning parameters "Assigning parameters" is understood to mean the setting of properties of the components used. Parameter assignment is carried out for hardware components and for data exchange settings: Properties of modules with assignable parameters Settings for data exchange between components The parameters are loaded to the CPU and transferred to the corresponding modules when the CPU starts up. Modules can be replaced with ease since the assigned parameters are automatically loaded into the new module during startup. Adjusting the hardware to the project requirements You need to configure hardware if you want to set up, expand or change an automation project. To do this, add hardware components to your configuration, connect them to existing components, and adapt the hardware properties to the tasks. The properties of the automation systems and modules are preset in such a way that in many cases there is no need for additional parameter assignment. Parameter assignment is however needed in the following cases: You want to change the default parameter settings of a module. You want to use special functions. You want to configure communication connections. WinCC Advanced V14 System Manual, 10/2016 551 Editing devices and networks 10.1 Configuring devices and networks 10.1.2.2 Adding a device to the hardware configuration Introduction There are various ways of adding a connectable device from the hardware configuration in the network view and the topology view: Command "Add new device" in the project tree Double-click device in hardware catalog Drag-and-drop from the hardware catalog in network view or in topology view: - Text entry from the "Catalog" pane - Preview graphic from the "Information" pane "Add > Device" command from menu bar in network view or topology view Shortcut menu of a device in the hardware catalog for copying and pasting A suitable rack is created along with the new device. The selected device is inserted at the first permitted slot of the rack. Regardless of the method selected, the added device is visible in the project tree and the network view of the hardware and network editor. Adding device using the project tree To use the project tree to add a device to the hardware configuration, proceed as follows: 1. Click on the command "Add new device" in the project tree. The "Add new device" dialog box opens. 2. Display the required device in the tree structure: - Go to required device in the tree structure. - Enter a device name in the entry field. 3. Select the required device from the tree. More information about the device presently selected is displayed on the right-side of the dialog box. 4. If necessary, set the firmware version using the drop-down list in the dialog box. 5. Select the "Open device view" check box if you want to change to the device view immediately after adding the device. There you can immediately continue with device configuration and equipping the rack. 6. Click on "OK" to add the device selected. The dialog box closes. Adding device from the hardware catalog To add a device to the hardware configuration using the hardware catalog, proceed as follows: 1. Open the network view or the topology view. 2. Open the hardware catalog. 552 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Go to the required device in the hardware catalog. 4. Click on the chosen device to select it. 5. If necessary, set the firmware version using the drop-down list in the hardware catalog. 6. Drag the device to the network view or the topology view. You have now placed the device in the network view or in the topology view. The displayed rectangle (in other words "Station") symbolizes the plugged device together with its rack and any lower-level modules. Double-click on the device or station to open the device view and view the new rack and inserted device. In the next steps, you can configure the device in the device view and equip the rack with modules. See also Network view (Page 523) Adding an unspecified CPU (Page 553) Topology view (Page 532) 10.1.2.3 Adding an unspecified CPU Introduction If you have not yet selected a CPU but have already started programming or want to use an existing program, you have the option of using an unspecified CPU. You can also adjust some settings with unspecified CPUs. The setting options are restricted to parameters that all CPUs of the same CPU family have in common. Adding an unspecified CPU in the portal view To add an unspecified CPU in the portal view, follow these steps: 1. Now, click one of the following options: - "Devices & networks > Add new device" - "PLC programming" > "Device" button 2. For a device family, select an unspecified CPU from the tree structure of the "Add new device" dialog. 3. Click on "Add". An unspecified CPU is added and the device view for this CPU is opened. WinCC Advanced V14 System Manual, 10/2016 553 Editing devices and networks 10.1 Configuring devices and networks Further options for adding unspecified CPUs In the project view, you can add unspecified CPUs like specified CPUs: Using the "Add new device" button in the project tree In the "Hardware catalog" task card You can also use these methods to add multiple unspecified CPUs. Specifying unspecified CPUs You have two options for specifying unspecified CPUs: Use drag-and-drop to assign an existing CPU from the hardware catalog to an unspecified CPU by means of module replacement (Page 565). Select a selected, unspecified CPU and then the menu command "Online > Hardware detection" and assign a CPU identified online. For this purpose, you assign an IP address using the "Add address for PG/PC" button. Note If you want to go online after the hardware detection, you have to first download the detected configuration to your project; otherwise, an error may occur due to inconsistent configurations. After hardware detection, the article numbers of the CPU in the project and the actually existing CPU are identical, but their parameters are not. The parameters of the CPU in the project have the default values; the parameters of the actually existing CPU have the values set by you. After module replacement, F-CPUs behave as a CPU without failsafe functionality. In contrast to F-CPUs from the hardware catalog, after module replacement with an unspecified CPU or a hardware recognition, the F capability is turned off and the protection level is set to "Full access (no protection)". See also Selecting a CPU (Page 554) Adding a device to the hardware configuration (Page 552) 10.1.2.4 Selecting a CPU Introduction Select a CPU from the hardware catalog and place it, together with a rack, in the network view. On this device drag the desired modules from the hardware catalog; they are arranged automatically on the rack. 554 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Selecting the components in the hardware catalog Each hardware component is displayed as a folder in the hardware catalog. When you open this folder, you see the different versions of the selected hardware component with its respective article numbers. There will be an example of how to set up a CPU with a rack in network view. Requirement The hardware catalog is open. You must be in the network view. Procedure To select a CPU from the hardware catalog, proceed as follows: 1. In the hardware catalog navigate to the folder with the desired CPUs. 2. Open the folder with the desired CPU type; you will see all article numbers for the selected CPU type. 3. Click on a CPU article number to get information about the selected CPU in the "Information" pane. 4. Set up the CPU and a rack. You have the following options: - Use drag-and-drop to drag the CPU from the hardware catalog into network view. - Use Copy & Paste to copy the CPU to the network view. - Double-click the CPU entry in the hardware catalog. WinCC Advanced V14 System Manual, 10/2016 555 Editing devices and networks 10.1 Configuring devices and networks See also Browsing the hardware catalog (Page 542) Adding a device to the hardware configuration (Page 552) Rack: Inserting a module (Page 559) Rack: Basics (Page 557) Adding an unspecified CPU (Page 553) 10.1.2.5 Selecting fail-safe modules Introduction Fail-safe automation systems (F systems) are used to control processes with a safe state that can be achieved immediately on shutdown. F systems control processes that can be shut down immediately without endangering human beings or the environment. Selecting the F components in the hardware catalog Each hardware component is displayed as a folder in the hardware catalog. Fail-safe hardware components are displayed with yellow symbols in the hardware catalog in contrast to the blue hardware components that are not fail-safe. The following figure shows an excerpt from the hardware catalog with an F-CPU (yellow). Based on this color coding, you can identify F components in the hardware catalog simply and quickly. Display of the F components in the hardware and network editor If you use fail-safe devices and "normal" devices in the graphic views of the hardware and network editor, you can recognize them simply by the yellow color-coding of the devices. The following figure shows two CPUs. The F CPU is shown in yellow: Fail-safe modules in racks or devices can also be recognized in the device view due to their yellow color coding. Since modules that are not capable of networking are not displayed in the network or topology view, devices with F components without networking capability are represented by a special symbol in the network and topology view. The following figure shows a "normal" CPU and an F-CPU in the network view that both contain F components: 556 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Based on the color coding of the fail-safe devices and modules, you can also identify the F components quickly in the graphic views of the hardware and network editor. 10.1.2.6 Rack: Basics Introduction To assign modules to a device, you need a rack, for example a mounting rail. Secure the modules on the rack and connect these via the backplane bus with the CPU, a power supply or other modules. Creating a rack If you insert a device in the network view, a station and a rack suitable for the device selected are created automatically. The rack and slots available are displayed in the device view. The number of slots available again depends on the type of device used. Rack structure A rack always contains the device that has been inserted in the network view. The device is permanently assigned a slot which will depend on the type of device in question. There are additional slots on the right of the device and, if necessary, on left of the device; slot numbers are located above slots in which devices are plugged. A corresponding short description is displayed above the plugged devices and modules. You show or hide this short description via the toolbar under "View" with the command "Display module titles" or the corresponding symbol in the toolbar of the device view (Page 526). Symbol Meaning Show module titles When modules are selected in the hardware catalog, all the slots permitted for this module are marked. This allows you to see immediately the slot into which the selected module can be inserted. In the following screenshot, a signal module has been selected in the hardware catalog for a partially filled S7-1200 rack: WinCC Advanced V14 System Manual, 10/2016 557 Editing devices and networks 10.1 Configuring devices and networks Since slots 101-103 are reserved for communications modules, only the other free slots are shown as available slots. You can expand and collapse the front group of slots using an arrow symbol above the expandable slot. When the group of slots is collapsed, the first and last of the group's slot numbers are displayed. The following figure shows the expanded slot group: Groups of slots into which modules have already been plugged cannot be collapsed. Multiple selection of modules and slots There are various ways of selecting several modules or slots: By pressing <Shift> or <Ctrl>, you can select several modules or slots at the same time. Click outside the rack and then hold the mouse button and drag a frame to include the modules or slots you want to select. 10.1.2.7 Rack: General slot rules Introduction Specific slot rules apply to each automation system and module. If you select a module from the hardware catalog in the device view, all possible slots for the module selected are marked in the rack. You can only drag modules to marked slots. If you insert, move or swap a module, the slot rules are also applied. 558 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Consistency Some slot rules depend on how the environment is configured. This means that you can sometimes plug modules into the rack although this would result in inconsistencies at the current time. If you change the configuration, for example by selecting different modules or module parameter settings, you can make the configuration consistent again. In cases where inserting a module results in an inconsistency that can be corrected, this will be permitted. A consistency check is run when the configuration is compiled. Inconsistencies are displayed as alarms in the Inspector window under "Info". Based on the result of the consistency check, you can revise your configuration and make it consistent again. Rules for arranging modules The following rules apply generally to modules in racks: You can only plug modules into a rack. You can only plug interface modules into a module. You can only use modules of the same product or system family in one rack. There are also other special rules for some modules: Can only be inserted in certain slots Insertion depends on other modules, CPUs or settings Limited number of uses in a rack 10.1.2.8 Rack: Inserting a module Introduction Once you have added devices from the hardware catalog to your configuration in network view, you can add modules to the devices. There are various ways of adding a module to a rack in the device view: If there is an available valid slot, double-click a module in the hardware catalog. Use drag-and-drop to move the module from the hardware catalog to an available valid slot in the graphic or table area: - Text entry from the "Catalog" pane - Preview graphic from the "Information" pane Select "Copy" in the shortcut menu for a module in the hardware catalog and then select "Paste" in the shortcut menu on an available valid slot in the graphic or table area. To access the device view from the network view, double-click a device or station in the network view or select the Device view tab. The device view contains an illustration of the device WinCC Advanced V14 System Manual, 10/2016 559 Editing devices and networks 10.1 Configuring devices and networks selected within a rack. The graphic illustration of the rack in the software corresponds to the real structure, i.e. you can see the same number of slots as exist in the real structure. Note You can also move a module to a rack in the network view. The filter function for the hardware catalog must be deactivated in this instance. The module is automatically plugged into a free and permitted slot. If there are no slots available, the module will be moved to the area of unplugged modules (Page 531). Equipping a rack Arrange the modules on a rack according to the applicable slot rules. After a module has been inserted in a rack with an already inserted CPU, the address areas are checked automatically so that addresses are not assigned twice. After it has been inserted, each module then has one valid address range. To do so, DP slaves and IO devices must be networked with a CPU via the corresponding DP master or IO system. Requirements You are in the device view. The hardware catalog is open. Adding module from the hardware catalog How to insert a module from the hardware catalog into a rack is illustrated based on the example of a signal module. To do this, follow these steps: 1. Go to the required module board in the hardware catalog. Note If you activate the filter function of the hardware catalog, only those modules which match the selected device type will be displayed. 2. Select the chosen module. 3. If necessary, set the firmware version using the drop-down list in the hardware catalog. 4. Drag the signal module to a free slot in the rack. 560 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You have now inserted the digital signal module in a slot in the rack. Repeat these steps with the other modules. The name of the module is displayed above the inserted modules. You can activate or deactivate module labeling in the menu bar with "View > Show module labels". Inserting module You can also drag modules and drop them between modules that have already been inserted. To do this, drag a module above and between the two existing modules while holding down the mouse button. A mouse pointer appears. When you release the mouse button, all modules plugged to the right of the pointer are moved one slot to the right. Any redundant modules are moved to the area of unplugged modules. The new module is plugged at the point of the freed up slot. See also Device view (Page 526) Device view: Area for unplugged modules (Page 531) Rack: General slot rules (Page 558) 10.1.2.9 Deleting a hardware component There are various ways of deleting hardware components. Deleted hardware components are removed from the system and assigned addresses made available again. Rules CPUs or modules from the rack and from the area of unplugged modules can be deleted. When a rack is deleted in the device view, the plugged hardware components are moved to the area of unplugged modules. WinCC Advanced V14 System Manual, 10/2016 561 Editing devices and networks 10.1 Configuring devices and networks Procedure Proceed as follows to delete a hardware component: 1. Select the hardware components you want to delete. - Network view: Select devices or network relevant hardware components in the graphic view or in the network view. - Device view: In the graphic view or device overview, select racks or modules in racks or in the area of unplugged components. - Topology view: Select devices or hardware components with Ethernet interfaces in the graphic view or in the topology view. - Project tree: Select devices or individual hardware components from the tree structure. 2. Select "Delete" from the shortcut menu or press <Del>. If the "Delete" menu item is unavailable, your selection contains at least one component that cannot be deleted. The selected hardware components are deleted. Note Deleting hardware components may result in inconsistencies in the project, such as violation of slot rules. Inconsistencies are reported during the consistency check. Correct the inconsistencies by taking appropriate action, for example, ensuring compliance with the slot rules. See also Keyboard operation: Editing objects (Page 549) 10.1.2.10 Copying a hardware component You can copy hardware components in the device or network view. Copied hardware components are stored on a clipboard and can be pasted at another point from this clipboard. Copied stations are pasted as new stations in the network view. Copied devices and modules can be pasted into existing racks in the network and device view. Rules Single objects as well as several objects can be copied at the same time. Modules inserted in the rack and in the area of unplugged modules can be copied. You can only copy devices and modules to free and valid slots in keeping with the slot rules. Racks with a CPU inserted cannot be copied individually, but only as complete units along with all inserted hardware components. 562 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure Proceed as follows to copy a hardware component: 1. Select the hardware components you want to copy. - Device view: Select the module in a rack or put it in the area of unplugged modules. - Network view: Select the station or the relevant hardware component from the network view. - Project tree: Select the station or module. 2. Select "Copy" from the shortcut menu or press <Ctrl+C>. If the "Copy" menu item is unavailable, your selection contains at least one component that cannot be copied. 3. Select the location at which the content of the clipboard is to be pasted. - Device view: Select a free slot in the rack or area of unplugged modules. - Network view: Select a station where you want to insert devices or modules or move the mouse pointer to a free location in the network view to paste a copied station or a hardware component relevant to the network view. 4. Select "Paste" from the shortcut menu or press <Ctrl+V>. If the "Paste" menu item is unavailable, the clipboard is empty or contains at least one component that cannot be pasted at this point. The selected object is pasted at the chosen point. Once you have selected a station where you want to insert a module in the network view, the module is inserted in the first free and valid slot. If no free, valid slots are available, the object is inserted in the area of unplugged modules. Note You can also copy a module from one device to another: To do so, copy a module in the hardware and network editor, select a different device in the network view or the drop down list of the device view and insert the module. You can insert the copied object directly in a slot or place it in the area of unplugged modules in the device view. If you add the copied object in the network view of a device or a station, it will be inserted in the first available slot. If there is no slot available for the object, it is automatically placed in the area of unplugged modules (Page 531). Note You can use <Ctrl> and drag-and-drop to directly copy a selected hardware component. See also Keyboard operation: Editing objects (Page 549) WinCC Advanced V14 System Manual, 10/2016 563 Editing devices and networks 10.1 Configuring devices and networks 10.1.2.11 Moving a hardware component You can move hardware components in the device or network view. Rules You can move devices and modules from the rack and the area for unplugged modules taking the slot rules into consideration. CPs can be moved in the network view. The CP is plugged in a free and valid slot in the target device. If there are no free slots available, the CP to be inserted is moved to the area for unplugged modules. In the network view, CPU and slave head modules can be moved between the devices; depending on CPU type also within the rack. Note Moved CPs are disconnected from their network but keep their network parameters and address. If you reconnect the CP to the network and its address has been assigned, use a dialog to assign a new unique address to the CP. Procedure Proceed as follows to move a hardware component: 1. Select the hardware component you want to move. - Device view: Select the module in a rack or put it in the area of unplugged modules. - Network view: Select the hardware component of relevance to the network view. 2. Select "Cut" from the shortcut menu or press <Ctrl+X>. If the "Cut" menu item is unavailable, your selection contains at least one component that cannot be cut. 3. Select the location to which the cut object is to be moved. - Device view: Select a free slot in the rack or area of unplugged modules. - Network view: Select a station where you want to insert devices or modules. 4. Select "Paste" from the shortcut menu or press <Ctrl+V>. If the "Paste" menu item is unavailable, the clipboard is empty or contains at least one component that cannot be pasted at this point. The selected hardware component is moved to the target. If the hardware component being moved is a networked object, it is disconnected from the network. Note You can use drag-and-drop to directly move a selected hardware component. 564 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Keyboard operation: Editing objects (Page 549) 10.1.2.12 Replacing a hardware component You can replace hardware components with others. This, for example, allows you to replace unspecified CPUs (Page 553) with available CPUs from the hardware catalog. Rules You can only replace hardware components if they support module replacement and if the two components are compatible. Procedure To replace one module with another, proceed as follows: 1. Select the module you want to replace. 2. Open the shortcut menu: - If the "Replace device" entry is enabled, the module can be replaced. - If the "Replace device" entry is disabled, a module cannot be replaced. 3. Click on "Replace device" in the shortcut menu. The "Replace device" dialog box appears. 4. Under "New device" in the tree structure, select the module with which you want to replace your current module. 5. Click "OK". 6. Compile the hardware and software. The existing module is replaced by the new one. As an alternative, you can take a module by dragging it from the hardware catalog to the module you are replacing. If the module can be replaced by the selected module, this is indicated by the mouse pointer symbol. 10.1.2.13 Editing properties and parameters Once you have inserted hardware components in your rack, you can edit their default properties, for example parameters or addresses in the network or device view. WinCC Advanced V14 System Manual, 10/2016 565 Editing devices and networks 10.1 Configuring devices and networks Requirement You are in the device view. Note You can also edit properties and parameters in the network view. In the graphic network view, you have access to the network-related hardware components and the station. You can access modules and hardware components not displayed in the graphic network view using the table network view. Procedure To change the properties and parameters of the hardware components, proceed as follows: 1. In the graphic view, select the CPU, module, rack or interface you want to edit. 2. Edit the settings for the selected object: - Use the table view to edit addresses and names, for example. - In the Inspector window additional setting possibilities are available in "Properties". Note that modules can only be fully parameterized if they are assigned to a CPU. Therefore, PROFIBUS or PROFINET interfaces modules must first be networked with the CPU or a centrally inserted communication module so that they form a master system or IO system. Only then is it possible, for example, to edit the addresses of the distributed components that are inserted. 566 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Example of changing settings Selection of a module Editing option for addresses in the device overview Selection options in the inspector window Editing option for addresses in the inspector window See also Inspector window (Page 535) 10.1.2.14 Input and output addresses in the address overview Introduction The currently used input and output addresses can be displayed in the address overview in a table form. The address overview can be found in the Inspector window under "Properties" of the CPU. WinCC Advanced V14 System Manual, 10/2016 567 Editing devices and networks 10.1 Configuring devices and networks Design of the address overview With the different check boxes, you can set which objects should be displayed in the address overview: Inputs: Display of the input addresses Outputs: Display of the output addresses Address gaps: Display of open address spaces Slot: Display of the slot number The following information is typically shown in the address overview: Table header Meaning Type Type of the address range. Indicates whether the area is an input address area or an output address area. I = input address of module with input I/O address space (with length > 0) I* = input or diagnostics address of modules without input I/O address space (with length = 0) No data (signal statuses or measured values) is exchanged via these addresses in the user program. Used for reporting diagnostics events of the operating system (e.g. in the start information of error OBs). Q = output address Addr. from Start address of the address range. Indicates the first assigned address of the input or output. Addr. to End address in the address range. Indicates the last assigned address of the input or output. Size Address length of the address range occupied by the module for the input or output. Examples: With a start address of 0 and an end address of 1, the address length is 2 bytes. With a start address of 0 and an end address of 3, the address length is 4 bytes. With a start address of 0.1 and an end address of 0.2, the address length is 2 bits. If the start address and end address are identical, 0 bytes is displayed. Module Module using the address area. Rack Number of the rack on which the hardware component is inserted. Slot Number of the slot in the rack in which the hardware component is inserted. Device name Name and type of device in which the module is inserted. Examples: The module is inserted in a PLC with the name "PLC_1" of the type CPU 1516-3 PN/DP, "PLC_1 [CPU 1516-3]" is displayed. The module is inserted in a head module with the name "IO Device_1" of the type IM 151-3 PN; "IO Device_1 [IM 151-3 PN]" is displayed 568 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table header Meaning Device number PROFINET device number or PROFIBUS address if the module is con nected to a PLC via PROFINET or PROFIBUS. If the module is inserted directly in a PLC, "-" is displayed. Examples: The module is inserted in a head module that is connected to a PLC via a PROFINET interface; the device number of the Ethernet address is displayed. The module is inserted in a DP slave that is connected to a PLC via a PROFIBUS interface, the address parameter of the PROFIBUS address is displayed. Master I/O system Name of the DP master system or IO system via which the DP slave or IO device is connected to the PLC. The corresponding number of the DP master system or IO system is displayed in square brackets. If the module is inserted directly in a PLC, "-" is displayed. Examples: The module is inserted in an IO device and is connected to a PLC via a PROFINET IO system with the name "PROFINET IO-System_1" and the number 100. "PROFINET IO-System_1 [100]" is displayed. The module is inserted in a DP slave and is connected to a PLC via a PROFIBUS DP master system with the name "DP-Mastersystem" and the number 1. "DP-Mastersystem [1]" is displayed. OB Organization block that is assigned to the process image. The "Main" cycle OB always refers to the automatic update of the process image. This column is not available for every CPU. PIP Process image partition. Indicates whether the address is updated auto matically via the cyclic process image or is located in a process image partition that must be triggered explicitly for an update. Refer to the further description of the "Process image partition PIP2" below. Process image partition PIP The "PIP" table column shows the assignment of the address to the cyclic process image or to a process image partition (PIP). For S7-300/400: "OB1-PA": The address is assigned to the cyclic process image. The operating system updates this address automatically in each program cycle. "PIP x": The address is assigned to the process image partition x (for example PIP 1, no cyclic process image). The operating system updates this PIP when the assigned OB is executed. If this PIP is not assigned to an OB, the operating system does not update this PIP. You have the option to update the PIP yourself with the instructions "UPDAT_PI" and "UPDAT_PO" (for S7-400 and some S7-300 CPUs). For S7-1200: "Automatic update": The address is assigned to the cyclic process image (PIP 0). The operating system updates this address automatically in each program cycle. "None": The address not assigned to any process image partition. You access this address directly in the user program (direct I/O access, no process image). WinCC Advanced V14 System Manual, 10/2016 569 Editing devices and networks 10.1 Configuring devices and networks "PIP x": The operating system updates this PIP when the assigned OB is executed. If this PIP is not assigned to an OB, the operating system does not update this PIP. You have the option to read inputs or write outputs in the user program via direct I/O access. The instructions "UPDAT_PI", "UPDAT_PO", "SYNC_PI" and "SYNC_PO" are not supported for S7-1200. "PIP OB servo": The process image partition "PIP OB Servo" is not assigned to an organization block (fixed setting for organization block: "---(None)"). The operating system does not update this PIP or any of the addresses contained in it: You access the addresses directly in the user program (direct I/O access). For S7-1500: "Automatic update": The address is assigned to the cyclic process image (PIP 0). The operating system updates this address automatically in each program cycle. "None": The address not assigned to any process image partition. You access this address directly in the user program (direct I/O access, no process image). "PIP x" (PIP 1 to PIP 31): The operating system updates PIP x when the assigned OB is executed. If this PIP is not assigned to an OB, the operating system does not update PIP x. You have the option to update the PIP x in the user program with the instructions "UPDAT_PI" and "UPDAT_PO". If PIP x is assigned to an isochronous mode interrupt OB (OB 61 to OB 64), the operating system does not update PIP x. You have the option to update PIP x in your user program with the instructions "SYNC_PI" and "SYNC_PO". "PIP OB servo": The process image partition "PIP OB servo" is permanently assigned to the OB "MC-Servo". STEP 7 generates this OB automatically when you create a technology object in the Motion Control area. When the OB is executed, the PIP OB Servo is updated isochronously. All drives and encoders used by Motion Control are assigned to this process image partition. See also Specifying input and output addresses (Page 1022) 10.1.2.15 Update module version Explanation of terms The terms "Module version" and "Firmware version" are explained in more detail in the following section. Module version: The specific version of the configuration software from which the module description stems. Example: V11.0.0.0 Firmware version: The version of the firmware of the module whose parameters are assigned offline Example: V2.0 570 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement You have created a device configuration. You have installed an update or an optional package at a later date. As a result of this installation, the module version of at least one module type was updated in the hardware catalog, whereby the new version is incompatible with the previous version. You have used such modules in your device configuration and want to use the modified or added properties. Procedure Perform the following step for each affected module type. 1. Select the affected module in the device view. 2. In the Inspector window, go to "Properties > General > Catalog Information". Click the "Update module version" button there. 3. In the query that then appears, specify whether you want to update the module version only for the selected module or for all modules of this type in the current project. Result The selected modules are replaced by the same modules with updated module version in the current project. In which cases is it unnecessary to update the module version? An updating of the module version is not necessary in the following cases: You do not want to use the modified or added properties of the modules. When you open an existing project with a version of the configuration software that is more recent than the version with which you created the project, the system automatically performs a project conversion, for example, from TIA Portal V12 to V13. In this case, all older module versions are automatically adapted. 10.1.2.16 Distributed I/O in the project tree Distributed I/O devices in the project tree shown in separate folders. Depending on whether a device was assigned to a PROFINET IO system, a DP master system or no system, the device is displayed as a node or link to the device in one of the folders described below. "Ungrouped devices" folder in the project All distributed I/O devices in the project are collected in the "Ungrouped devices" folder. The icons of the folders and links show the status "assigned" with colored identifiers: PROFINET IO devices are marked green, PROFIBUS DP slaves are marked magenta, other distributed I/O devices are not marked. WinCC Advanced V14 System Manual, 10/2016 571 Editing devices and networks 10.1 Configuring devices and networks The icons of the folders and links show the status "not assigned" with question marks. If you have established a connection to an IO device or a DP slave with the "Go online" function, the same diagnostics information (e.g. green check mark) is displayed for the link of a device as for the device itself in the project navigation. For more information, refer to the section "View in the online mode". It is possible to copy or move distributed I/O devices from the "Ungrouped devices" folder, but not the folder itself, to another position in the project tree. Possible destinations are the project folder or device folder. You can also copy or move distributed I/O devices back to the "Ungrouped devices" folder. By double-clicking on the link, you go to the device view and can configure the distributed I/O device. "Unassigned devices" folder in the project Devices that are not assigned to a distributed I/O system appear as links in the "Unassigned devices" folder. The icon for the folder and the link of the respective device in the project tree indicate with a question mark that they are not connected to a distributed I/O system. The link is marked by a small arrow. The display of the project tree as a link allows IO devices or DP slaves to be selected individually, for example to select the destination of the link. It remains possible to select device groups. By double-clicking on the link, you go to the device view and can configure the distributed I/O device. 572 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Distributed I/O" folder under a device If you assign an IO device to a PROFINET IO system, this is displayed as a link below the node "Distributed I/O > PROFINET IO system". Accordingly, a DP slave that is assigned to a DP master system is shown as a link below the node "Distributed I/O > DP master system". The link references the corresponding IO device or the DP slave in the project tree. The icon for the node and the link of the respective device in the project tree indicate whether the device is connected via PROFINET (green) or via PROFIBUS (magenta). The link is marked by a small arrow. Gateways are shown as a link below the DP master/IO node to which they were assigned. By double-clicking on the link, you go to the device view and can configure the distributed I/O device. 10.1.2.17 Comparing devices Basics of device comparison Function You have the option of comparing the hardware components of two devices allowing you to identify any differences. You can perform an offline/offline comparison for this purpose. The devices to be compared can be from one project or different projects. You can compare the central as well as the distributed I/O. The devices to be compared can be assigned either automatically or manually. The automatic assignment of central I/O is based WinCC Advanced V14 System Manual, 10/2016 573 Editing devices and networks 10.1 Configuring devices and networks on the slot number. With the distributed I/O, the automatic assignment can be made according to the following criteria: Assignment using the address/HW ID: The assignment is made using the addresses or IDs of the devices. This criterion is suitable for comparing devices within a project. Assignment using the name: The assignment is made based on the device names. This criterion is suitable for comparing devices in different projects. You can either specify the assignment yourself or let the system decide. In the latter case, the system selects the assignment itself depending on the context. To compare the modules of the distributed I/O, start an offline/offline comparison for the affected distributed stations. See also Basics of project data comparison (Page 379) Overview of the compare editor (Page 384) Making a device comparison (Page 574) Making a device comparison Procedure Follow the steps below to compare devices: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The comparison editor opens and the selected device is displayed in the left area. 3. Open the "Hardware" tab. 4. Drag an additional device to the drop area in the right-hand pane. All existing objects of the selected devices are displayed depending on the settings of the comparison editor in the "Hardware" tab and an automatic comparison is made. You can identify the status of the comparison objects based on the symbols in the compare editor. For submodules, you can find detailed results in the "Property comparison" area. 5. If you want to change the matching criterion, click on the arrow of the "Available matching criteria" button in the toolbar. Then, select the matching criterion you want to use. 6. If you want to make a manual comparison, click the button for switching between automatic and manual comparison above the status area. Then select the objects you want to compare. The properties comparison is displayed. You can see the status of the objects based on the symbols. See also Basics of device comparison (Page 573) Overview of the compare editor (Page 384) 574 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.3 Configure networks 10.1.3.1 Networking devices Communication and networks Communication between devices The basis of all types of communication is always a previously configured network. The network configuration provides the necessary requirements for communication: All the devices in a network are provided with a unique address Communication of the devices with consistent transmission properties Definition Via the network, the various computers and end devices (PC, PG, PLC, AS) are connected together with interface modules, physical cables and suitable software. Networked devices can exchange data with each other. Networking can be implemented via wiring or a wireless network, e.g. via WLAN. The subnet is part of a network whose parameters must be synchronized with the devices (e.g., with PROFIBUS). It includes the bus components and all connected devices. Subnets can also be linked by gateways to form a network. In practice, the terms "subnet" and "networked devices" are often used synonymously. Network configuration The following steps are necessary when configuring networks: Connect devices to subnet Specify the properties/parameters for each subnet Specify the device properties for every networked module Download configuration data to the devices to supply interfaces with the settings resulting from the network configuration Document the network configuration For Open User Communication, creating and configuring a subnet is supported by the assignment of connection parameters. Relation between network configuration and project Within a project, subnets and their properties are managed. Properties result mainly from adjustable network parameters and the quantity and communication properties of the connected devices. The devices to be networked must be in the same project. WinCC Advanced V14 System Manual, 10/2016 575 Editing devices and networks 10.1 Configuring devices and networks Subnet name and subnet ID Within the project, subnets are clearly identified by a subnet name and ID. The subnet ID is saved in all components along with interconnectable interfaces. Components can then be clearly assigned to a subnet even after uploading into a project. Networking options In the project, you can create and network devices with components capable of communication. The following basic options are available for networking the devices: You link the interfaces of the components capable of communication with one another. A new subnet is created suitable for the type of interface. You connect the interface of the devices capable of communication with a new or existing subnet. You create an Open User Communication connection. When you assign parameters to the connection for Open User Communication, a subnet is created automatically between the communication partners. You use the graphic connection configuration to configure connections; missing networks are hereby recognized and are created either automatically or via dialog. Due to the different tasks of the devices or the span of the plant, you may need to use several subnets. These subnets are managed in a project. Networking devices in the network view Options In the graphic network view, you have an overview of the subnets of the entire system in the project. You can use the tabular network overview for additional support. Depending on the starting situation, there are various ways of undertaking configuration to network the interface for a component capable of communication. The procedures are described in the following section: Creating an individual subnet Creating several subnets at one time Connecting two target devices via a new subnet Connecting devices to existing subnet Selecting an existing subnet from a list Automatic networking during the configuration of the connection; See also: AUTOHOTSPOT Possible starting situations are: A suitable subnet is not yet available. The subnet with which you want to connect the component already exists. 576 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure - creating a single subnet To create a subnet and to connect it to an interface, proceed as follows: 1. Select the interface of a CPU / a CP. 2. Select the "Create subnet" command in the shortcut menu of the interface. The selected interface is connected to a new subnet. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. The following schematic shows an interface with outgoing line connecting to a subnet: Procedure - creating several subnets at one time To create several subnets at one time, proceed as follows: 1. Select several interfaces by clicking on them while pressing the <Ctrl> button. 2. Select the "Create subnet" command in the shortcut menu of the interface. Each selected interface is connected to a new subnet. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. The following figure shows multiple subnets created by selecting multiple interfaces: Procedure - Connecting two target devices via a new subnet To connect an interface with another device via a subnet that does not yet exist, proceed as follows: 1. Position the mouse pointer over the interface for a component capable of communication requiring networking. 2. Click with the left mouse button and hold the button down. WinCC Advanced V14 System Manual, 10/2016 577 Editing devices and networks 10.1 Configuring devices and networks 3. Move the mouse pointer. The pointer now uses the networking symbol to indicate "Networking" mode. At the same time, the mouse pointer shows the lock symbol that will only disappear when the pointer is on a valid target. 4. Now move the pointer in networking mode onto the interface of the target device. You can either keep the mouse button pressed or release it. 5. Now release the left mouse button or press it again (depending on your previous action). Note If you want to exit networking mode beforehand, press <Esc>, right-click or double-click in the background of the network view. A new subnet is created. The interfaces are now connected via the new subnet. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. The following schematic shows two networked devices: Procedure - Connecting devices to existing subnet To connect an interface to an existing subnet, proceed as follows: 1. Position the mouse pointer on the interface of a communications-compliant component you want to network or on the existing subnet. 2. Click with the left mouse button and hold the button down. 3. Move the mouse pointer. The pointer now uses the networking symbol to indicate "Networking" mode. At the same time, the mouse pointer shows the lock symbol that will only disappear once the pointer is moved to a valid target. 578 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Now move the mouse pointer to the existing subnet or to the interface to be networked. You can either keep the mouse button pressed or release it. 5. Now release the left mouse button or press it again. If you want to exit networking mode beforehand, press <Esc> or right-click. Result: The interface and selected subnet are now connected. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. Procedure - selecting an existing subnet from a list To link an interface with a subnet that has already been created, proceed as follows: 1. Select the interface of a CPU. 2. Select the "Assign to new subnet" command in the shortcut menu of the interface. A list box containing the available subnets appears. 3. Select a subnet from the list. The interface and selected subnet are now connected. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. Tabular network overview Table area of network view The table area of the network view consists of several tables: Network overview: The table for the network overview supplements the graphical network view with the following functions: - You obtain detailed information on the structure and parameter settings of the devices. - Using the "Subnet" column, you can connect components capable of communication with created subnets. Connections: Communication connections are displayed in this table. Some aspects of the connections displayed here can be edited directly in the table. Selected connections are displayed in the Inspector window and can be edited there. Relations: Logical connections of the HMI client-server relation are displayed here. WinCC Advanced V14 System Manual, 10/2016 579 Editing devices and networks 10.1 Configuring devices and networks I/O communication: Device communication via PROFIBUS DP and PROFINET IO is configured and displayed in this table. In the I/O communication table, only those interfaces of a device are displayed that can be used for communication via PROFIBUS DP or PROFINET IO. VPN: Properties of the VPN user groups and their assigned security modules are displayed here. Basic functions for tables The network overview supports the following basic functions for editing a table: Displaying and hiding table columns Note: The columns relevant for configuration cannot be hidden. Optimizing column width Sorting table Displaying the meaning of a column, a row or cell using tooltips. Networking devices in the device view Networking in the device view In the device view, you can check and set all the parameters of the components belonging to a device and the interfaces in detail. Here you can also assign the interfaces to the subnets created in the project. Requirements The subnet with which you want to connect an interface has already been created. If the subnet has not yet been created, change to the network view and perform the networking. Procedure - connecting to an existing subnet To connect an interface to an existing subnet, proceed in the device view as follows: 1. Select the entire communications-compliant component or the interface to be networked. The properties of the selected interface or component are displayed in the Inspector window. 2. In the Inspector window, select the parameter group for the selected interface; for example, the "Ethernet addresses" parameter group for a PROFINET interface. 3. Select the subnet to be connected from the "Interface connected with" drop-down list. The interface and selected subnet are now connected. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. 580 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure - creating a new subnet To create a subnet and to connect it to the interface, proceed as follows in the device view: 1. Select the entire communications-compliant component or the interface to be networked. The properties of the selected interface or component are displayed in the Inspector window. 2. In the Inspector window, select the parameter group belonging to the selected interface, for example, the "Ethernet addresses" parameter group for a PROFINET interface. 3. In "Interface connected with", click the "Add new subnet" button. The interface is connected to a new subnet of the appropriate subnet type. The inconsistencies possibly resulting from the modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. Checking or changing network parameters and interface parameters Introduction Communication between networked devices requires the following parameters to be configured: Network parameters Network parameters identify the network within the system configuration, for example, using a name. Interface parameters Interface parameters define specific properties of a component capable of communication. Addresses and transmission characteristics are set automatically and are consistent with the network parameters. Note Network parameters and interface parameters are usually set during networking such that communication can take place for numerous applications without the parameters having to be changed. The inconsistencies possibly resulting from a modified configuration are clarified automatically or per query. In the case of consistency problems, the next free address is preferably used. Procedure - checking or changing network parameters Proceed as follows to check or change network parameters: 1. Enter the network view. 2. Select the subnet from the network view. You can see the network parameters in the "Properties" tab in the inspector window. 3. If necessary, check or modify the network parameters in the relevant group of parameters. Procedure - checking or changing interface parameters You can check and modify interface parameters in the network and device view. WinCC Advanced V14 System Manual, 10/2016 581 Editing devices and networks 10.1 Configuring devices and networks Proceed as follows to check or change interface parameters: 1. Enter the network view or device view. 2. Select the interface. You can see the interface parameters in the "Properties" tab in the inspector window. 3. If necessary, check or modify the interface parameters in the relevant group of parameters. Procedure - checking or changing interface addresses You can edit the MPI, PROFIBUS and Ethernet addresses in the graphical network view itself. Proceed as follows to edit MPI, PROFIBUS and Ethernet addresses in the network view: 1. Enable the display of interface addresses in the network view. 2. Select an MPI, PROFIBUS or Ethernet address to be edited. 3. Click on the selected address field or press [F2] to edit the address in the network view. Changing networkings Introduction You can cancel an interface's network connection or assign it to another subnet of the same subnet type. Consequences Depending on the version, a distinction should be made between: Canceling a network connection for an interface The configured parameters for the interface remain unchanged. Assigning a network connection to another subnet If the addresses in the assigned subnet are not unique, in other words, they already exist, they will be changed automatically to make them unique. 582 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure - disconnecting from a network Proceed as follows to cancel the network connection for an interface: 1. Select the networked interface. 2. Select the "Disconnect from subnet" command in the shortcut menu of the interface. The network connection is deleted, the interface addresses are, however, not changed. Configured connections are retained; however these connections are marked red in the connection table because they are not networked. Specified connections remain specified. See also Networking devices in the network view (Page 576) Copying, cutting or deleting subnets Introduction You can copy subnets as individual objects or copy them along with networked devices or other networks. For example, you can create complex configurations to be used more than once in different variants within the project with no additional effort. Effects on the copied subnet Properties that have to be assigned explicitly within a project are re-assigned appropriately when the copied objects are copied. For subnets, this means: The subnet ID and name are re-assigned to the copied subnet. The configured properties are adopted in the copied subnet. Procedure - copying a subnet Proceed as follows to copy one or more subnets: 1. Select one or more subnets. 2. In the shortcut menu, select the "Copy" command. 3. Select the "Paste" command in the shortcut menu. The copied subnets are shown as "orphaned" subnets in the top part of the network view. WinCC Advanced V14 System Manual, 10/2016 583 Editing devices and networks 10.1 Configuring devices and networks Procedure - copying a subnet with connected devices To copy one or more subnets with networked devices, proceed as follows: 1. Select one or more subnets with the connected devices, for example by drawing a lasso around them. 2. In the shortcut menu, select the "Copy" command. 3. Select the "Paste" command in the shortcut menu. Complete copies of the subnets and connected devices are created. Configured connections are adopted and remain within the copied devices. Connections to devices that have not been copied are interrupted and become unspecified. MPI network configuration (S7-300, S7-400, PC) Allocating MPI addresses Note the following for devices with an MPI interface: All devices of a subnet must have a different device address. CPUs with MPI address ship with the default MPI address 2. Since you can only use this address once in the MPI subnet, you will have to change the default address in all other CPUs. The following applies to devices with the article no. 6ES7 3xx-xxxxx-0AB0: When planning the MPI addresses for several CPUs, you have to fill "MPI address gaps" for FMs and CPs with separate MPI addresses to prevent addresses being assigned twice. Only when all the modules in a subnet have different addresses and your actual structure matches that of the network configuration produced, should you load the settings across the network. Rules for assigning the MPI address Allocate the MPI addresses in ascending order. Reserve MPI address 0 for a programming device. You can link up to 126 (addressable) devices with one another in an MPI subnet; up to 8 devices at a transfer speed of 19.2 KB/s. All MPI addresses in an MPI subnet must be different. 584 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You will find other rules relating to the structure of a network in the manuals for setting up automation systems. PROFIBUS network configuration PROFIBUS addresses Rules for the network configuration All the devices in a subnet must have a different PROFIBUS address. Only when all the modules in a subnet have different addresses and your actual structure matches that of the network configuration produced, should you load the settings across the network. You can connect devices to the PROFIBUS subnet that communicate via configured connections or that belong to a PROFIBUS DP master system. You can find more information on configuring a DP master system in the following sections. Requirements The 121xC CPU is PROFIBUS compatible as of firmware version 2.0. Rules for assigning PROFIBUS addresses Allocate the PROFIBUS addresses in ascending order. Reserve the PROFIBUS address "0" for a programming device. Allocate a unique PROFIBUS address between 0 and 126 for each device on the PROFIBUS network and/or for each DP master and each DP slave in the PROFIBUS network. There are modules with which the smallest address that can be set has to be greater than 1. All PROFIBUS addresses of a PROFIBUS subnet must be different. You will find additional rules relating to the structure of a network in the manuals for setting up automation systems, for example SIMATIC S7-1200. Note PROFIBUS address "0" Reserve PROFIBUS address "0" for a programming device that you will briefly connect up to the PROFIBUS network at a later date for servicing. See also What you need to know about PROFIBUS bus parameters (Page 586) WinCC Advanced V14 System Manual, 10/2016 585 Editing devices and networks 10.1 Configuring devices and networks What you need to know about PROFIBUS bus parameters Matching parameters to one another The PROFIBUS subnet will only function without problem if the parameters for the bus profile are matched to one another. You should therefore only change the default values if you are familiar with how to configure the bus profile for PROFIBUS. Note It may be possible for the bus parameters to be adjusted depending on the bus profile. If the bus parameters cannot be adjusted, they are grayed out. The offline values of the bus parameters are always shown even if you are online and linked to the target system. The parameters shown apply to the entire PROFIBUS subnet and are briefly explained below. Activating cyclic distribution of the bus parameters If the "Enable cyclic distribution of the bus parameters" check box is selected under "Bus parameters" while PROFIBUS subnet is selected in the Inspector window, the bus parameters are transferred cyclically during operation by the modules that support this function. This allows a programming device, for example, to be easily connected to the PROFIBUS in runtime. You should deactivate this function: For a heterogeneous PROFIBUS subnet (or more accurately: when external devices are connected whose protocol uses the DSAP 63 for Multicast) When in constant bus cycle time mode (minimize bus cycle) Bus parameters for the bus profile of PROFIBUS subnets Bus parameter Adjustable? Limit values Tslot_Init Yes Max. Tsdr + 15 <= Tslot_init <= 16.383 t_bit Max. Tsdr Yes 35 + 2*Tset + Tqui <= Max. Tsdr <= 1.023 t_bit Min. Tsdr Yes 11 t_bit <= Min. Tsdr <= MIN(255 t_bit, ... ... Max. Tsdr - 1, 34 + 2*Tset + Tqui) Tset Yes 1 t_bit <= Tset <= 494 t_bit Tqui Yes 0 t_bit <= Tqui <= MIN(31 t_bit, Min. Tsdr - 1) GAP factor Yes 1 <= GAP factor <= 100 Retry limit Yes 1 <= Retry limit <= 15 Tslot No --- Tid2 No Tid2 = Max. Tsdr Trdy No Trdy = Min. Tsdr Tid1 No Tid1 = 35 + 2*Tset + Tqui Ttr Yes 256 t_bit <= Ttr <= 16.777.960 t_bit 586 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Bus parameter Adjustable? Limit values Ttr typical No This time is provided for information only and is not transferred to the nodes. Response monitoring 10 ms <= response monitoring (watchdog) <= 650 s If you want to create a customized bus profile, we recommend the following settings: Minimum target rotation time (Ttr) = 5000 x HSA (highest PROFIBUS address) Minimum response monitoring (watchdog) = 6250 x HSA Recalculating You can use the "Recalculate" button to recalculate the parameters. See also PROFIBUS addresses (Page 585) Description of the bus parameters (Page 587) Description of the bus parameters Detailed description of PROFIBUS bus parameters Bus parameter Meaning Tslot_Init The wait-for-reception (slot time) defines the maximum time the sender will wait to receive a response from the addressed partner. If the influence of the line components on message frame run times is entered in the "Cable Configuration" parameter group, these components must also be taken into account. The com ponent is added to the specified Tslot_Init and the total used as Tslot. Max. Tsdr The maximum protocol processing time defines the latest time by which the re sponding node should have replied. Min. Tsdr The minimum protocol processing time defines the earliest time by which the responding node may reply. Tset The trigger time is the time which may lapse between the reception of a data message frame and the response to it in the node. Tqui The modulator quiet time is the time which a sending node needs after the end of the message frame to switch from sending to receiving. GAP factor The GAP update factor defines the number of token rotations after which a newly added, active node can be added to the logical token ring. Retry limit This parameter defines the maximum number of attempts (message frame re peats) made to reach a node. Tslot The wait-for-reception time (slot time) defines the maximum time the sender will wait to receive a response from the addressed partner. If the influence of the bus design components on message frame run times is entered in the "Cable Configuration" parameter group, these components must also be taken into account. The component is added to the specified Tslot_Init and the total used as Tslot. WinCC Advanced V14 System Manual, 10/2016 587 Editing devices and networks 10.1 Configuring devices and networks Bus parameter Meaning Tid2 Idle time 2 defines the earliest time by which a sending node may send the next message frame after sending a message frame that has not been acknowledged. Trdy The ready time specifies the earliest time by which a sending node may receive a response message frame. Tid1 Idle time 1 defines the earliest time by which a sending node may send the next message frame after receiving a response. Ttr The target rotation time is the maximum time made available for a token rotation. During this time, all active nodes (DP masters etc.) have the right to send (token) once. The difference between the target rotation time and the actual token holding time of a node determines how much time is left over for the other active nodes (programming device, other DP masters etc.) to send message frames. Ttr typical The typical data cycle time is the average response time on the bus if all config ured slaves are exchanging data with the DP master. None of the slaves report diagnostics and there is no extra message frame traffic with programming devices or other active nodes etc. on the bus. Response monitoring The response monitoring time is only needed for PROFIBUS-DP bus systems. It defines the latest time by which a DP slave has to be addressed by its DP master with a new data message frame. If this does not happen, the DP slave assumes that the DP master has failed and resets its outputs to a secure mode. See also What you need to know about PROFIBUS bus parameters (Page 586) Bus profiles with PROFIBUS Introduction Depending on the device types connected and protocols used on the PROFIBUS, different profiles are available. The profiles differ in terms of the setting options and calculation of bus parameters. The profiles are explained below. Devices with different profiles on the same PROFIBUS subnet The PROFIBUS subnet only functions without problem if the bus parameters of all devices have the same values. For example, if both DP and FMS services are being used on a subnet, the "slower" sets of bus parameters must always be set for all devices, i.e. even the "Universal (DP/FMS)" profile for DP devices. Profiles and transmission rates 588 Profiles Supported transmission speeds in Kbits/s DP 9.6 19.2 45.45 93.75 187.5 500 1500 3000 6000 12000 Standard 9.6 19.2 45.45 93.75 187.5 500 1500 3000 6000 12000 Universal (DP-FMS) 9.6 19.2 93.75 187.5 500 1500 Customized 9.6 19.2 45.45 93.75 187.5 500 1500 3000 6000 12000 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Meaning of profiles Profile Meaning DP Select the "DP" bus profile when the only devices connected to the PROFIBUS subnet are those which satisfy the requirements of standard EN 50170 Volume 2/3, Part 8-2 PROFIBUS. The bus parameter setting is optimized on these de vices. This includes devices with DP master and DP slave interfaces of the SIMATIC S7 and distributed I/Os of other manufacturers. Standard Compared to the "DP" profile, the "Standard" profile also offers scope for devi ces of another project or devices which have not been configured here to be taken into account when calculating the bus parameters. The bus parameters are then calculated following a simple, non-optimized algorithm. Universal (DP/FMS) Select the "Universal (DP/FMS)" bus profile when individual devices on the PROFIBUS subnet use the PROFIBUS-FMS service. This includes the following devices for example: CP 343-5 (SIMATIC S7) PROFIBUS-FMS devices of other manufacturers As with the "Standard" profile, this profile allows you to take other devices into account when calculating the bus parameters. Customized The PROFIBUS subnet will only function without problem if the parameters for the bus profile are matched to one another. Select the "Customized" profile when none of the usual profiles "match" a PROFIBUS device and you need to adapt the bus parameters to your special structure. Information on this can be found in the documentation for the PROFIBUS device. You should only change the default values if you are familiar with how to con figure the bus profile for PROFIBUS. Not all combinations that can be theoretically set can be used even with this bus profile. The PROFIBUS standard specifies several parameter limits that depend on other parameters. For example, a responder must not respond (Min Tsdr) before the initiator can receive the message frame (Trdy). These standard specifications are also checked in the "Customized" profile. Tip: The bus parameters last valid on the PROFIBUS subnet are always auto matically set as customized. For example, if the "DP" bus profile was valid for the subnet, then the bus parameters for "DP" are set in the "Customized" bus profile. The parameters can be modified on this basis. The monitoring times are not automatically recalculated so that you do not put at risk the consistency of set values, for example with configurations in other configuration tools without realizing that you have done so. You can also have the Ttr monitoring times and target rotation time calculated on the basis of parameters you have set: Click here on the "Recalculate" button. Note Both mono-master mode and multi-master mode are possible with all PROFIBUS profiles. WinCC Advanced V14 System Manual, 10/2016 589 Editing devices and networks 10.1 Configuring devices and networks What you need to know about PROFIBUS line configuration Cable configuration and bus parameters Information regarding the cable configuration can be taken into consideration when calculating the bus parameters. For this purpose, you must select the "Consider cable configuration" check box in the properties for the PROFIBUS subnet. The remaining information then depends on the type of cable used; the following settings are available: Copper cable Fiber-optic cable/optical ring PROFIBUS line configuration, optical ring The calculation depends on the OLM types used. The selection is made by activating the check box (multiple activation is possible, at least one OLM type must be selected): OLM/P12 OLM/G12 OLM/G12-EEC OLM/G12-1300 The following bus parameter adjustments are made: Configuration of a node not present Note The following restrictions apply to optical rings, even for passive nodes (DP slaves for example): A maximum of HSA-1 nodes may be connected to the PROFIBUS network. With an HSA of 126, addresses 126 and 125 must not be used. A maximum of 125 nodes are possible on the bus (No. 0 to 124). If an HSA is less than or equal to 125, the addresses HSA and greater may not be used. The address HSA-1 may not be used. Increase the retry value to 3 Setting of minimum slot time needed for ring mode Note Short slot time values are needed for OLM/P12, average ones for OLM/G12 and OLM/G12EEC and long ones for OLM/G12-1300. This results in high performance for small network lengths and average to low performance for average to large network lengths. 590 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PROFIBUS communication load Communication load - allowing for additional network stations The bus parameters depend on the volume of communication between the active network nodes. There are differences between cyclic communication (DP) and connection-based, acyclic communication (S7 communication, Send/Receive (FDL), FMS). Unlike DP, the volume and size of communication tasks (communication load) depends on the user program. For this reason, the communication load cannot always be calculated automatically. To calculate the bus times you can define a network configuration in the "Additional network stations" parameter group that differs from the network configuration. Taking the profile into account The network configuration can be defined for the "Standard", "Universal (DP/FMS)", and "Userdefined" profiles. Parameters cannot be entered in the "Additional network stations" parameter group for the "DP" profile. Quantification of the communication load The following settings are available in order to make allowance for the communication load. Information regarding the number of unconfigured network stations; Information on the communication load resulting from the user programs for FDL or S7 communication. Here you can selected from the following settings: - Low Typically used for DP, no great data communication apart from DP. - Medium Typically used for mixed operations featuring DP and other communication services (such as for S7 communication), when DP has strict time requirements and for average acyclic volumes of communication. - High For mixed operations featuring DP and other communication services (such as for S7 communication), when DP has loose time requirements and for high acyclic volumes of communication. Configuring Industrial Ethernet Rules for the network configuration The Ethernet interfaces of the devices have a default IP address that you can change. WinCC Advanced V14 System Manual, 10/2016 591 Editing devices and networks 10.1 Configuring devices and networks IP address The IP parameters are visible if the module capable of communication supports the TCP/IP protocol. This is usually the case for all Ethernet modules. The IP address consists of 4 decimal figures in the range of 0 to 255. The decimal figures are separated from one another by a dot. Example: 140.80.0.2 The IP address consists of: Address of IP subnet Address of the device (generally also called host or network node) Subnet mask The subnet mask splits these two addresses. It determines which part of the IP address addresses the network and which part of the IP address addresses the device. The set bits of the subnet mask determine the network part of the IP address. Example: Subnet mask: 255.255.0.0 = 11111111.11111111.00000000.00000000 In the example given for the above IP address, the subnet mask shown here has the following meaning: The first 2 bytes of the IP address identify the subnet - i.e. 140.80. The last two bytes address the device, i.e. 0.2. It is generally true that: The network address results from AND logic operation of the IP address and subnet mask. The device address results from the AND NOT logic operation of the IP address and subnet mask. Relation between IP address and default subnet mask An agreement exists relating to the assignment of IP address ranges and so-called "Default subnet masks". The first decimal number (from the left) in the IP address determines the structure of the default subnet mask. It determines the number of "1" values (binary) as follows: 592 IP address (decimal) IP address (binary) Address class Default subnet mask 0 to 126 0xxxxxxx.xxxxxxxx.... A 255.0.0.0 128 to 191 10xxxxxx.xxxxxxxx... B 255.255.0.0 192 to 223 110xxxxx.xxxxxxxx... C 255.255.255.0 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Range of values for the first decimal point A value of between 224 and 255 is also possible for the first decimal number of the IP address (address class D, etc). This is not recommended, however, because there is no address check for these values. Masking other subnets You can use the subnet mask to add further structures and form "private" subnets for a subnet that is assigned one of the address classes A, B or C. This is done by setting other lower points of the subnet mask to "1". For each bit set to "1", the number of "private" networks doubles and the number of devices they contain is halved. Externally, the network functions like an individual network as it did previously. Example: You have a subnet of address class B (for example IP address 129.80.xxx.xxx) and change the default subnet mask as follows: Masks Decimal Binary Default subnet mask 255.255.0.0 11111111.11111111.00000000. 00000000 Subnet mask 255.255.128.0 11111111.11111111.10000000. 00000000 Result: All devices with addresses between 129.80.001.xxx and 129.80.127.xxx are on one IP subnet, all devices with addresses between 129.80.128.xxx and 129.80.255.xxx are on another IP subnet. Router The task of the routers is to connect the IP subnets. If an IP datagram is to be sent to another network, it first has to be conveyed to a router. To make this possible, you have to enter the address of the router for each device in the IP subnet. The IP address of a device in the subnet and the IP address of the router can only differ at the points at which there is a "0" in the subnet mask. See also Settings for interconnecting Ethernet devices (Page 593) Settings for interconnecting Ethernet devices The following paragraph describes the behavior of STEP 7 during interconnection of PROFINET devices and the effects of the port interconnection on the network view. WinCC Advanced V14 System Manual, 10/2016 593 Editing devices and networks 10.1 Configuring devices and networks Relation between port interconnection and network view Topology view In the topology view, you specify the physical interconnection of Ethernet ports. You specifically determine which Ethernet port of a device is to be connected with a specific Ethernet port of another device by means of an Ethernet cable (preset topology). Example: You specify that port 1 of the PROFINET interface of the CPU is to be connected to port 2 of the PROFINET interface of device A by means of an Ethernet cable. You also specify the interface for devices with several PROFINET interfaces. Example: You specify that port 1 of PROFINET interface X2 of the CPU is to be connected to port 2 of the PROFINET interface of device A by means of an Ethernet cable. The Ethernet ports can be interconnected in a table or graphically. Network view In the network view, you specify which devices are to be connected with each other via an Ethernet subnet. You do not specify the Ethernet ports by which the devices are interconnected with each other (that is the task of the port interconnection). The port interconnection has effects on the network view: When you interconnect Ethernet ports of devices with each other in the topology view, STEP 7 connects the interconnected PROFINET interfaces of the devices in the network view with an Ethernet subnet (green line). However, the course of the green line does not reflect the actual cable routing. You specify the actual wiring in the topology view. An Ethernet subnet always has a name and an S7 subnet ID. You can set these two values in the subnet properties. Which Ethernet subnet is used to link interconnected devices? STEP 7 distinguishes between the following cases: Ethernet subnet specified (default subnet). No Ethernet subnet specified (no default subnet). Ethernet subnet specified (default subnet) The option "Connect devices that are not linked with this subnet in case of port connection" is activated in the properties of an Ethernet subnet (default). This option can be activated for exactly one Ethernet subnet. Activate the option, if necessary, for the Ethernet subnet that is to be continued when interconnecting devices that are not linked. This subnet is referred to as "default subnet" below. Response of STEP 7: When you interconnect the ports of two devices that are not linked in the topology view, STEP 7 links these devices with the default subnet. Example: 594 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Step 1: Create a subnet in the network view at PLC_4, "Connect devices that are not linked with this subnet in case of port connection" option is enabled. Step 2: Interconnect PLC_1 with PLC_2 (topology view). Result: All PLCs are now connected to the same default subnet (network view). No Ethernet subnet specified (no default subnet). This is the case when the following conditions are fulfilled: A subnet has been added to a PROFINET interface (this interface is referred to as "Interface A" below). The option "Connect devices that are not linked with this subnet in case of port connection" is deactivated in the properties of this subnet (no default subnet). There is no other Ethernet subnet for which this option is activated. Response of STEP 7: The Ethernet subnet of interface A is only continued when you interconnect a port of interface A with a port of another device. When you interconnect ports of other devices that are not linked with each other, STEP 7 creates a new Ethernet subnet. Example: Step 1: Create a subnet in the network view at PLC_4, "Connect devices that are not linked with this subnet in case of port connection" option is disabled. WinCC Advanced V14 System Manual, 10/2016 595 Editing devices and networks 10.1 Configuring devices and networks Step 2: Interconnect PLC_1 with PLC_2 (topology view). Result: PLC_1 and PLC_2 are connected to a new subnet (network view). Manual adaptation of the IP addresses It can occur that STEP 7 does not adapt the IP addresses of the interconnected devices in such a way that the resulting network can be correctly compiled, for example, for devices with multiple PROFINET interfaces. In these situations, you need to adapt the IP addresses of the devices manually. The following rules apply: Devices that are to communicate with each other without a router cannot belong to different IP subnets. For devices with multiple PROFINET interfaces, the interfaces must be in different IP subnets. To change the IP address of a PROFINET interface, perform the following steps: 1. Change to the network view (if not selected already). 2. Left-click on the icon of the PROFINET interface that is not to be part of the IP subnet. 3. Change the subnet part of the IP address in the properties of the PROFINET interface (in the "Ethernet addresses" area). Example: Manual conversion of the IP subnet part for devices with multiple PROFINET interfaces in a subnet The IP address is: "192.168.0.1". The subnet mask is "255.255.255.0". 596 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The first three numbers "192.168.0" form the IP subnet part of the IP address "192.168.0.1". Change the IP subnet part, for example, to "192.168.1" See also Interconnecting ports in the graphic view (Page 703) Interconnecting ports in the table view (Page 704) Configuring Industrial Ethernet (Page 591) 10.1.3.2 Communication via connections Working with connections Using Open User Communication (S7-1200, S7-1500) Basics of Open User Communication (S7-1200, S7-1500) Introduction Open User Communication (OUC) is the name given to a program-controlled communication process for communicating via the integrated PN/IE interface of S7-1200/1500 and S7-300/400 CPUs. Different connection types are available for this communication process. The main feature of Open User Communication is its high degree of flexibility in terms of the data structures transferred. This allows open data exchange with any communicating devices providing they support the connection types available here. Since this communication is controlled solely by instructions in the user program, event-driven connection establishment and termination is possible. Connections can also be modified by the user program during runtime. For CPUs with an integrated PN/IE interface, the TCP, UDP, and ISO-on-TCP connection types are available for Open User Communication. The communication partners can be two SIMATIC PLCs or a SIMATIC PLC and a suitable third-party device. WinCC Advanced V14 System Manual, 10/2016 597 Editing devices and networks 10.1 Configuring devices and networks Instructions for Open User Communication To create the connections, you have various instructions available after opening in the program editor in the "Instructions > Communication > Open User Communication" task card: Compact instructions for sending or receiving data via the integrated functions for establishing and terminating the connection (S7-1200/1500 only): - TSEND_C (Page 4200) (connection establishment/termination, sending) - TRCV_C (Page 4214) (connection establishment/termination, receiving) Individual instructions for sending and receiving data or for establishing or terminating connections: - TCON (Page 4254) (connection establishment) - TDISCON (Page 4264) (connection termination) - TSEND (Page 4269) (TCP or ISO-on-TCP: Sending) - TRCV (Page 4273) (TCP or ISO-on-TCP: Receiving) - TUSEND (Page 4282) (UDP: Sending) - TURCV (Page 4286) (UDP: Receiving) Connection establishment For Open User Communication, instructions for establishing and terminating the connection must exist for both communication partners. One communication partner sends its data using TSEND, TUSEND or TSEND_C while the other communication partner receives the data using TRCV, TURCV or TRCV_C. One of the communication partners starts the connection establishment as the active partner. The other communication partner reacts by starting its connection establishment as the passive partner. If both communication partners have initiated their connection establishment, the communication connection is fully established. Connection configuration You can specify establishment of the connection via a connection description DB with the TCON_Param, TCON_IP_v4, or TCON_IP_RFC structure by means of parameter assignment as follows: Manually create, assign parameters and write directly to the instruction. Supported by connection configuration. Connection configuration supports the establishment of the connection and should, therefore, be given preference over the other methods. You specify the following in the connection configuration: Connection partner Connection type Connection ID 598 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Connection description DB Address details according to selected connection type In addition, you specify here which communication partner activates the connection establishment and which partner establishes a connection passively in response to a request from its communication partner. See also Principle of operation of connection-oriented protocols (Page 610) Connection configuration (S7-1200, S7-1500) Overview of connection configuration (S7-1200, S7-1500) Introduction You can find the connection configuration in the inspector window of the program editor if you want to program Open User Communication with the communication instructions TSEND_C, TRCV_C or TCON. Connection configuration supports the flexible functionality of communication programming: The parameters entered for the connection configuration are stored in an automatically generated global DB derived from the TCON_Param, TCON_IP_v4 or TCON_IP_RFC structure. You can modify the connection parameters in this connection description DB. WinCC Advanced V14 System Manual, 10/2016 599 Editing devices and networks 10.1 Configuring devices and networks Structure of the connection configuration The connection configuration is made up of the following components: 600 Communication instruction for TCON, TSEND_C or TRCV_C WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Configuration" tab in the "Properties" tab Area navigation of the "Configuration" tab General properties of the connection parameters Address details of the connection parameters (for selected connection DBs) "Configuration" tab Enter the desired connection parameters in the "Configuration" tab. The area navigation of the "Configuration" tab includes the "Connection parameters" group. This group contains the connection configuration. Here, you can enter the parameters for the connections and the address details with system support. Here, you also connect the CONNECT (TCON, TSEND_C, TRCV_C) or ID (TCON, TSEND, TRCV, TUSEND, TURCV) block parameters of the selected communication instructions. When all the required parameters are assigned, a check mark is set in front of the "Connection parameters" group in the area navigation. Note The connection parameter assignment does not check whether the connection IDs and port numbers (TCP, UDP) or TSAPs (ISO-on-TCP, ISO) are unique. When you configure Open User Communication, you should, therefore, make sure that the parameter settings are unique within a device. See also Connection parameters with structure according to TCON_Param (Page 612) Connection parameters with structure according to TCON_IP_v4 (Page 615) Connection parameters with structure according to TCON_IP_RFC (Page 620) TSEND_C: Send data via Ethernet (Page 4200) TSEND_C: Establishing a connection and sending data (Page 4205) TRCV_C: Receive data via Ethernet (Page 4214) TRCV_C: Establishing a connection and receiving data (Page 4219) TCON: Establish communication connection (Page 4254) TCON: Establish communication connection (Page 4258) WinCC Advanced V14 System Manual, 10/2016 601 Editing devices and networks 10.1 Configuring devices and networks Description of the connection parameters (S7-1200, S7-1500) Overview The following table shows the general connection parameters: Parameter Description End point The names of the local end point and the partner end point are shown. The local end point is the CPU for which TCON, TSEND_C or TRCV_C is programmed. The local end point is, therefore, always known. The partner end point is selected from the drop-down list. The drop-down list shows all avail able possible connection partners including unspecified connection partners for devices whose data is unknown in the project. For S7-1500, broadcast can be selected as the partner end point (message to all subnet devices). For S7-1500 CPs/CMs, multicast can also be selected as the partner end point (message to a group within the subnet). The connection type is converted automatically to UDP in this case. As long as no connection partner is selected, all other parameters in the mask are disabled except for the "Connection data" parameter. Interface The interface of the local end point is displayed. If multiple interfaces are available, e.g., by means of CPs or CMs, the interface can be selected from the drop-down list. To display or select the partner interface, a specified partner end point must first be selected. Subnet The subnet of the local end point is displayed, provided this exists. The partner subnet is displayed only after the partner end point has been selected. If at least one of the two connection partners is not connected with a subnet, the two connec tion partners are connected with each other. A connection between partners in different subnets is only possible with IP routing. The IP routing settings can be edited in the properties of the relevant Ethernet interfaces. Address The IP address or the PROFIBUS address of the local end point is displayed, depending on the subnet used. The corresponding address of the partner is displayed only after the partner end point has been selected. If you have selected an unspecified connection partner, the input box is empty and has a red background. In this case, you must specify a valid IP address/PROFIBUS address. The ad dress type (IP or PROFIBUS) depends on the type of subnet that is set for the local partner. Broadcast (S7-1500 only): If "Broadcast" is set as the partner end point, a non-editable IP address with host address 255 is entered automatically for the connection partner. The net work allocation corresponds to that of the sender. Example: Local IP address 192.168.0.1, partner IP address 192.168.0.255. Multicast (S7-1500 CPs/CMs only): If "Multicast" is set as the partner end point, the editable IP address 224.0.1.0 is entered automatically for the connection partner. Connection type Select the connection type you want to use from the "Connection type" drop-down list: TCP ISO-on-TCP UDP With the S7-1500, you can also select the ISO connection type at the configuration type of the configured connections for TSEND_C and TRCV_C or TCON. The connection types can only be used for partners that support the corresponding protocol. 602 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Description Connection type (for S7-1500 only) With the S7-1500, two different configuration types can be set for TSEND_C and TRCV_C: Programmed connections use program blocks for the connection description. Configured connections are saved for the configuration and are only created after download to the device in runtime. You can also use the configured connection to select the connection type ISO. The specified configuration method depends on the selected connection type. If both config uration methods are possible, the programmed connection is preset. The same configuration method must be set for both connection partners. Connection ID Enter the connection ID in the input box. You can change the connection ID in the input boxes or enter it directly in TCON. Ensure that the connection ID assigned is unique within the device. Connection data The names of the connection description DBs for the connection description structured ac cording to TCON_IP_v4, TCON_IP_RFC or TCON_Param are displayed in the drop-down lists. You can use the drop-down list to generate a new data block or to select an existing data block. This data block is filled automatically with the values from the connection configuration. The name of the selected data blocks is entered automatically in the CONNECT block pa rameter of the selected TSEND_C, TRCV_C or TCON instruction. From the drop-down list, you can also reference another valid data block. If a DB is referenced using the CONNECT input parameter of the TSEND_C, TRCV_C or TCON extended instruc tions and this does not correspond to the structure of a TCON_IP_v4, TCON_IP_RFC or TCON_Param, the drop-down list is shown with no content on a red background. Connection name (for S7-1500 only) If the connection type of the configured connections is set for TSEND_C and TRCV_C for the S7-1500, the "Connection data" parameter is replaced with the "Connection name" parame ter. The name of the configured connection serves here as the connection data. The drop-down list is still empty after selection of a connection partner. You can use the dropdown list to generate a new connection or to select an existing connection. If needed, a data block is created and automatically filled with the values from the connection configuration. The name of the data block is entered automatically in the CONNECT block parameter of the TSEND_C or TRCV_C instruction. You can also reference an existing connection from the drop-down list. Active connection establish ment Use the "Active connection establishment" check box to specify the active partner of the Open User Communication (only with TCP and ISO-on-TCP). Port Address component for a TCP or UDP connection. The default after creating a new TCP connection is 2000. (only with TCP and UDP) You can change the port numbers. The port numbers must be unique on the device! TSAP (ISO-on-TCP only) Address component for an ISO-on-TCP connection. The default value after creating a new ISO-on-TCP connection is E0.01.49.53.4F.6F.6E.54.43.50.2D.31 (S7-1200/1500) or E0.02.49.53.4F.6F.6E.54.43.50.2D.31 (S7-300/400). You can enter the TSAP-ID with an extension or as an ASCII TSAP. The TSAPs must be unique on the device! WinCC Advanced V14 System Manual, 10/2016 603 Editing devices and networks 10.1 Configuring devices and networks Note UDP connection for the "Broadcast" setting (S7-300/400/1200) The parameters of the UDP connection for the "Broadcast" setting for the partner end point are stored in a connection description DB TCON_IP_v4 : With respect to UDP communication with TCON and TUSEND/TURCV , the TCON_IP_v4 is not filled with any partner parameters (value=0). However, the partner address and the partner port are necessary for sending the data and must be entered by the user in the TADDR_Param . The TADDR_Param for UDP communication is referenced by the TUSEND-/TURCV block parameter ADDR . The values for both parameters can be taken from the connection configuration. The configuration must also be adapted for the other recipients of UDP communication. In order to receive broadcast frames, the partner port must be configured at the receiver end. For this purpose, the RemotePort parameter of the TADDR_Param must be filled at the ADDR block. Note Communication via TSEND_C and TRCV_C (S7-1500) When TSEND_C and TRCV_C are used, a separate TSEND_C and TRCV_C block pair with a configured connection is required for each communication. Multiple TSEND_C and TRCV_C block pairs cannot simultaneously use the same configured connection for communication. Additional connections for a TSEND_C or TRCV_C instruction can be created in the inspector window for the connection parameters using the appropriate button next to the connection data. The connections configured using TSEND_C and TRCV_C are displayed in a connection table in the inspector window under "Properties > Configuration > Overview of configured connections" when the TSEND_C or TRCV_C block is selected. See also Assignment of port numbers (Page 626) TSAP structure (Page 629) Examples of TSAP assignment (Page 631) Ability to read back connection description parameters (Page 628) Creating and assigning parameters to connections (Page 606) Connection parameters with structure according to TCON_Param (Page 612) Connection parameters with structure according to TCON_IP_v4 (Page 615) Connection parameters with structure according to TCON_IP_RFC (Page 620) Starting connection parameter assignment (S7-1200, S7-1500) The connection configuration for Open User Communication is enabled as soon as a TCON, TSEND_C or TRCV_C instruction for communication is selected in a program block. 604 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement Your project must contain at least one S7-CPU. The program editor is open. A network is available. Procedure To insert the extended instructions for Open User Communication, proceed as follows: 1. Open the task card, pane and folder "Instructions > Communication > Open User Communication". 2. Drag one of the following instructions to a network: - TSEND_C - TRCV_C - TCON The "Call options" dialog opens. 3. Edit the properties of the instance DB in the "Call properties" dialog. You have the following options: - Change the default name. - Select the "Manual" check box to assign your own number. - You can also execute the DB as a multi-instance for function blocks. 4. Click "OK" to complete your entry. Result A corresponding instance DB is created at a single instance for the inserted instruction TSEND_C, TRCV_C or TCON. In the case of a multi-instance, the instance DB of the function block is used. With TSEND_C, TRCV_C or TCON selected, you will see the "Configuration" tab under "Properties" in the Inspector window. The "Connection parameters" group in area navigation contains the connection parameter assignment that you can now make. See also Inserting FBD elements using the "Instructions" task card (Page 4705) Inserting LAD elements using the "Instructions" task card (Page 4649) Creating and assigning parameters to connections (Page 606) TSEND_C: Send data via Ethernet (Page 4200) TSEND_C: Establishing a connection and sending data (Page 4205) TRCV_C: Receive data via Ethernet (Page 4214) TRCV_C: Establishing a connection and receiving data (Page 4219) WinCC Advanced V14 System Manual, 10/2016 605 Editing devices and networks 10.1 Configuring devices and networks TCON: Establish communication connection (Page 4254) TCON: Establish communication connection (Page 4258) Creating and assigning parameters to connections (S7-1200, S7-1500) In the connection configuration for Open User Communication, you can create and configure connections of the TCP, UDP or ISO-on-TCP type. Requirements A CPU exists with a TCON, TSEND_C or TRCV_C communication instruction. Procedure To create a connection for Open User Communication, follow these steps: 1. Select a TCON, TSEND_C or TRCV_C block of Open User Communication in the program editor. 2. Open the "Properties > Configuration" tab in the inspector window. 3. Select the "Connection parameters" group. Until you select a connection partner, only the drop-down lists for the partner end point and the local connection data are enabled. All other input options are disabled. The connection parameters already known are displayed: - Name of the local end point - Interface of the local end point - IP address (for Ethernet subnet) or PROFIBUS address (for PROFIBUS subnet) of the local end point. 4. If you want to use an existing connection description DB, go to step 6. If you want to configure the connection with a new remote connection partner, continue here: In the drop-down list box of the partner end point, select a connection partner. You can select an unspecified device or a CPU in the project as the communication partner. Certain connection parameters are then entered automatically. The following parameters are set: - Name of the partner end point - Interface of the partner end point - IP address (for Ethernet subnet) or PROFIBUS address (for PROFIBUS subnet) of the partner end point. If the connection partners are networked, the name of the subnet is displayed. 5. With the S7-1500, in the "Configuration type" drop-down list, you choose between using program blocks or configured connections. 606 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 6. Select an existing connection description DB in the "Connection data" drop-down list or for configured connections select an existing connection under "Connection name". You can also create a new connection description DB or a new configured connection. When you select an existing connection description DB, the available configuration data is applied and entered in the connection description. Any data of a remote partner that was entered previously is overwritten. Later, you can still select other configured connections or change the names of the connection description DBs in order to create new data blocks: - You can also see the selected data block at the interconnection of the CONNECT input parameter of the selected TCON, TSEND_C or TRCV_C instruction. - If you have already specified a connection description DB for the connection partner using the CONNECT parameter of the TCON, TSEND_C or TRCV_C instruction, you can either use this DB or create a new DB. - If you edit the name of the displayed data block in the drop-down list, a new data block with the changed name but with the same structure and content is generated and used for the connection. - Changed names of a data block must be unique in the context of the communication partner. - A connection description DB must have the structure TCON_Param, TCON_IP_v4 or TCON_IP_RFC, depending on CPU type and connection. - A data block cannot be selected for an unspecified partner. Additional values are determined and entered after the selection or creation of the connection description DB or configured connection. The following is valid for specified connection partners: - ISO-on-TCP connection type - Connection ID with default of 1 - Active connection establishment by local partner - TSAP ID for S7-1200/1500: E0.01.49.53.4F.6F.6E.54.43.50.2D.31 for S7-300/400: E0.02.49.53.4F.6F.6E.54.43.50.2D.31 The following is valid for unspecified connection partners: - TCP connection type - Partner port 2000 The following applies for a configured connection with a specified connection partner: - TCP connection type - Connection ID with default of 257 - Active connection establishment by local partner - Partner port 2000 The following applies for a configured connection with an unspecified connection partner: - TCP connection type - Local port 2000 WinCC Advanced V14 System Manual, 10/2016 607 Editing devices and networks 10.1 Configuring devices and networks 7. Enter a connection ID as needed for the connection partner. No connection ID can be assigned to an unspecified partner. Note You must enter a unique value for the connection ID at a known connection partner. The uniqueness of the connection ID is not be checked by the connection parameter settings and there is no default value entered for the connection ID when you create a new connection. 8. Select the desired connection type in the relevant drop-down list. Default values are set for the address details depending on the connection type. You can choose between the following: - TCP - ISO-on-TCP - UDP For configured connections with S7-1500, ISO applies in addition. 9. You can edit the input boxes in the address details. Depending on the selected protocol, you can edit the ports (for TCP and UDP) or the TSAPs (for ISO-on-TCP and ISO). 10.Use the "Active connection establishment" check box to set the connection establishment characteristics for TCP, ISO and ISO-on-TCP. You can decide which communication partner establishes the connection actively. Changed values are checked immediately for input errors by the connection configuration and entered in the data block for the connection description. Note Open User Communication between two communication partners can only work when the program section for the partner end point has been downloaded to the hardware. To achieve fully functional communication, make sure that you load not only the connection description of the local CPU on the device but also that of the partner CPU as well. See also Description of the connection parameters (Page 602) Starting connection parameter assignment (Page 604) TSAP structure (Page 629) Assignment of port numbers (Page 626) Connection parameters with structure according to TCON_Param (Page 612) Connection parameters with structure according to TCON_IP_v4 (Page 615) Connection parameters with structure according to TCON_IP_RFC (Page 620) TSEND_C: Send data via Ethernet (Page 4200) TSEND_C: Establishing a connection and sending data (Page 4205) TRCV_C: Receive data via Ethernet (Page 4214) 608 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks TRCV_C: Establishing a connection and receiving data (Page 4219) TCON: Establish communication connection (Page 4254) TCON: Establish communication connection (Page 4258) Deleting connections (S7-1200, S7-1500) Introduction The data of a created connection for Open User Communication is stored in a connection description DB. You can delete the connection by deleting the data block containing the connection description. Requirement You have created an Open User Communication connection. Procedure To delete a connection, follow these steps: 1. Select a communication partner for Open User Communication in the project tree. 2. Open the "Program blocks > System blocks > Program resources" folder below the selected communication partner. 3. Select the "Delete" command from the shortcut menu of the data block with the connection parameter assignment. Note If you are not certain which block to delete, open the extended instruction TCON, TSEND_C or TRCV_C. You will find the name of the data block as the CONNECT input parameter or in the connection parameter assignment as the "Connection data" parameter. If you only delete the instance DBs of the extended instructions TCON, TSEND_C or TRCV_C, the assigned connections are not deleted as well. Note If the connection DB is still being used by other blocks of the extended instructions, then the corresponding calls, their instance DBs, and, if present, the combination blocks TSEND_C and TRCV_C must also be deleted from the block folder, provided they are not used elsewhere. This action prevents the program from being inconsistent. WinCC Advanced V14 System Manual, 10/2016 609 Editing devices and networks 10.1 Configuring devices and networks Result You have deleted the connection. Note Insert an extended instruction TCON, TSEND_C, or TRCV_C again in order to reference an existing connection description with the TCON_Param, TCON_IP_v4, or TCON_IP_RFC structure again via the "Connection data" parameter. Connection parameters (S7-1200, S7-1500) Principle of operation of connection-oriented protocols (S7-1200, S7-1500) Introduction Connection-oriented protocols establish a logical connection to the communication partner before data transmission is started. After the data transmission is complete, they then terminate the connection, if necessary. Connection-oriented protocols are used especially when reliable data transmission is important. Several logical connections can exist over one physical line. Open User Communication supports the following connection types: TCP ISO-on-TCP ISO (S7-1500 only) UDP Both communication partners must support the same connection type for a connection. If a communication partner does not support a connection of the type ISO-on-TCP, for example, use the connection type TCP instead, if it is supported. For communication partners that cannot be configured in the TIA Portal, such as third-party devices or PCs, enter "unspecified" for the partner end point during connection parameter assignment. The required connection type for unspecified devices is listed in the respective documentation. Note Connections with ISO For S7-1500 CPUs, configured connections of the type ISO can be created using the TSEND_C and TRCV_C instructions. For additional information on these connection types, refer to the general connection descriptions. 610 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Characteristics of TCP TCP is a streaming protocol in which the length of the data stream is transmitted to the receiver so that it can receive the data stream as individual TCP segments. This means no information about the start and end of a message is transmitted during data transmission via a TCP connection. The receiver cannot determine by the received segments of the data stream where one message in the data stream ends and the next one begins. It is therefore recommended that the number bytes to be received (parameter LEN, instruction TRCV/TRCV_C) be assigned the same value as the number of bytes to be sent (parameter LEN, instruction TSEND/ TSEND_C). If the length of the sent data and the length of the expected data do not match, the following occurs: Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) greater than length of data to be sent (parameter LEN, instruction TSEND/TSEND_C): TRCV/TRCV_C copies the received data to the specified receive area (parameter DATA) only after the assigned length is reached. When the assigned length is reached, data of the subsequent job are already being received. As a result, the receive area contains data from two different send jobs. If you do not know the exact length of the first message, you are unable to recognize the end of the first message and the start of the second message. Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) less than length of data to be sent (parameter LEN, instruction TSEND/TSEND_C): TRCV/TRCV_C copies the number of bytes you specified in the LEN parameter to the receive data area (parameter DATA). Then, it sets the NDR status parameter to TRUE (job completed successfully) and assigns RCVD_LEN (amount of data actually received) the value of LEN. With each subsequent call, you receive a further block of the sent data. A receive area with fixed data length can be specified in the TRCV/TRCV_C instructions with the protocol version of the Ad-hoc mode. Characteristics of ISO-on-TCP ISO-on-TCP is a message-oriented protocol which detects the end of the message at the receiver end and indicates the data that belongs to the message to the user. This does not depend on the specified reception length of the message. This means that information regarding the length and the end of a message is included during data transmission via an ISO-on-TCP connection. If the length of the sent data and the length of the expected data do not match, the following occurs: Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) greater than length of data to be sent (parameter LEN, instruction TSEND/TSEND_C): TRCV/TRCV_C copies all the sent data to the receive data area (parameter DATA). Then, it sets the NDR status parameter to TRUE (job completed successfully) and assigns RCVD_LEN (amount of data actually received) the length of the data sent. Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) less than length of data to be sent (parameter LEN, instruction TSEND/TSEND_C): TRCV/TRCV_C does not copy any data to the receive data area (parameter DATA), but instead supplies the following error information: ERROR=1, STATUS=W#16#8088 (destination buffer too small). WinCC Advanced V14 System Manual, 10/2016 611 Editing devices and networks 10.1 Configuring devices and networks Characteristics of UDP UDP is a message-oriented protocol which detects the end of the message at the receiver end and indicates the data that belongs to the message to the user. This does not depend on the specified reception length of the message. This means that information on the length and the end of a message is included during data transmission via a UDP connection. If the length of the sent data and the length of the expected data do not match, the following occurs: Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) greater than length of data to be sent (parameter LEN, instruction TUSEND/TSEND_C): TURCV/TRCV_C copies all the sent data to the receive data area (DATA parameter). Then, it sets the NDR status parameter to TRUE (job completed successfully) and assigns RCVD_LEN (amount of data actually received) the length of the data sent. Length of data to be received (parameter LEN, instruction TRCV/TRCV_C) less than length of data to be sent (parameter LEN, instruction TUSEND/TSEND_C): TRCV/TRCV_C copies as much data to the receive data area (parameter DATA) as the LEN parameter requests. No further error message is generated. In this case, the user has to call a T_URCV again in order to receive the remaining bytes. See also Basics of Open User Communication (Page 597) TSEND_C: Send data via Ethernet (Page 4200) TRCV_C: Receive data via Ethernet (Page 4214) TSEND: Send data via communication connection (Page 4269) TRCV: Receive data via communication connection (Page 4273) TUSEND: Sending data (Page 4282) TURCV: Receiving data (Page 4286) Connection parameters with structure according to TCON_Param (S7-1200, S7-1500) Data block for connection description A connection description DB with a structure according to TCON_Param is used for some S7-1200 CPUs when it comes to the assignment of parameters for TCP, UDP and ISO-onTCP communication connections. The fixed data structure of the TCON_Param contains all the parameters that are needed to establish the connection. The connection description DB is automatically created for a new connection by the connection configuration for Open User Communication when the TSEND_C, TRCV_C or TCON instruction is used. The CONNECT connection parameter of the instance DBs for TSEND_C, TRCV_C or TCON contains a reference to the data block used. 612 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure of the connection description according to TCON_Param Byte Parameter Data type Start value Description 0 ... 1 block_length UINT 64 Length: 64 bytes (fixed) 2 ... 3 id CONN_OUC 1 Reference to this connection (value range: 1 to 4095). You must specify the value of this parameter for the TSEND_C, TRCV_C or TCON instruction under ID. 4 connection_type USINT 17 Connection type: 17: TCP (17 dec = 0x11 hex) 18: ISO-on-TCP (18 dec = 0x12 hex) 19: UDP (19 dec = 0x13 hex) 5 active_est BOOL TRUE Identifier for the type of connection establishment. FALSE al ways applies to UDP, since data can be sent and received via local ID. The following is valid for TCP and ISO-on-TCP: FALSE: Passive connection establishment TRUE: Active connection establishment 6 local_device_id USINT 1 ID for the local PN/IE interface. 7 local_tsap_id_len USINT 0 Length of parameter local_tsap_id used, in bytes; possible values: 0 or 2, if connection type = 17 (TCP) Only the value 0 is permissible for the active side. 2 to 16, if connection type = 18 (ISO-on-TCP) 2, if connection type = 19 (UDP) 8 rem_subnet_id_len USINT 0 This parameter is not used. 9 rem_staddr_len USINT 4 Length of address of partner end point, in bytes: 0: unspecified, in other words, parameter rem_staddr is irrelevant. 4: valid IP address in the parameter rem_staddr (TCP and ISO-on-TCP only) 10 rem_tsap_id_len USINT 2 Length of parameter rem_tsap_id used, in bytes; possible val ues: 0 or 2, if connection type = 17 (TCP) Only the value 0 is permissible for the passive side. 2 to 16, if connection type = 18 (ISO-on-TCP) 0, if connection type = 19 (UDP) 11 next_staddr_len WinCC Advanced V14 System Manual, 10/2016 USINT 0 This parameter is not used. 613 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type 12 ... 27 local_tsap_id ARRAY [1..16] of BYTE Start value - Description Local address component of connection: TCP and UDP: local port no. (possible values: 1...49151; recommended values: 2000...5000); local_tsap_id[1] = high byte of port no. in hexadecimal notation; local_tsap_id[2] = low byte of port no. in hexadecimal notation; local_tsap_id[3-16] = irrelevant ISO-on-TCP: local TSAP-ID: local_tsap_id[1] = B#16#E0; local_tsap_id[2] = rack and slot of local end points (bits 0 to 4: Slot number, bits 5 to 7: rack number); local_tsap_id[3-16] = TSAP extension, optional Note: Make sure that every value of local_tsap_id is unique within the CPU. 28 ... 33 rem_subnet_id ARRAY [1..6] of USINT - This parameter is not used. 34 ... 39 rem_staddr ARRAY [1..6] of USINT - TCP and ISO-on-TCP only: IP address of the partner end point, for example, for 192.168.002.003: rem_staddr[1] = 192 rem_staddr[2] = 168 rem_staddr[3] = 002 rem_staddr[4] = 003 rem_staddr[5-6]= irrelevant 40 ... 55 rem_tsap_id ARRAY [1..16] of BYTE - Partner address component of connection TCP: partner port no. (possible values: 1...49151; recommended values: 2000...5000); rem_tsap_id[1] = high byte of port no. in hexadecimal notation; rem_tsap_id[2] = low byte of port no. in hexadecimal notation; rem_tsap_id[3-16] = irrelevant ISO-on-TCP: partner TSAP-ID: rem_tsap_id[1] = B#16#E0; rem_tsap_id[2] = rack and slot of partner end point (bits 0 to 4: Slot number, bits 5 to 7: rack number); rem_tsap_id[3-16] = TSAP extension, optional UDP: This parameter is not used. 56 ... 61 next_staddr ARRAY [1..6] of BYTE 62 ... 63 spare WORD 614 W#16#0000 This parameter is not used. Reserved. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note TCON_Param for S7-1500 CPU The connection description DB with the structure according to TCON_Param is also supported by S7-1500 CPUs for migration reasons. However, we recommend that you use the new structures TCON_IP_v4 and TCON_IP_RFC. See also Principle of operation of connection-oriented protocols (Page 610) Description of the connection parameters (Page 602) Ability to read back connection description parameters (Page 628) Basic principles for programming of data blocks (Page 4551) Overview of connection configuration (Page 599) TSAP structure (Page 629) Assignment of port numbers (Page 626) Connection parameters with structure according to TCON_IP_v4 (S7-1200, S7-1500) Data block for connection description A connection description DB with a structure according to TCON_IP_v4 is used for CPUs of S7-1200 V4.0 and higher and S7-1500 to assign parameters for TCP and UDP communication connections. The fixed data structure of the TCON_IP_v4 contains all parameters that are required to establish the connection. The connection description DB is automatically created for a new connection by the connection configuration for Open User Communication when the TSEND_C, TRCV_C or TCON instruction is used. The CONNECT connection parameter of the instance DBs for TSEND_C, TRCV_C or TCON contains a reference to the data block used. Structure of the connection description according to TCON_IP_v4 Byte Parameter Data type Start value Description 0 ... 1 interface_id HW_ANY 64 Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 id CONN_OUC 1 Reference to this connection (value range: 1 to 4095). You must specify the value of this parameter for the TSEND_C, TRCV_C or TCON instruction under ID. WinCC Advanced V14 System Manual, 10/2016 615 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type Start value Description 4 connection_type BYTE 11 Connection type: 11: TCP (11 dec = 0x0B hex) 19: UDP (19 dec = 0x13 hex) For compatibility and migration reasons, the CPU S7-1500 also allows the values of the connection description DB with a structure according to TCON_Param. For the connection type TCP, the entry 17 is therefore also valid (17 dec = 0x11 hex). 5 active_established BOOL TRUE Identifier for the type of connection establishment: FALSE: Passive connection establishment TRUE: Active connection establishment 6 ... 9 remote_address ARRAY [1..4] of BYTE IP address of the partner end point, for example, for 192.168.0.1: addr[1] = 192 addr[2] = 168 addr[3] = 0 addr[4] = 1 10 ... 11 remote_port UINT 2000 Port address of the remote connection partner (value range: 1 to 49151). 12 ... 13 local_port UINT 2000 Port address of the local connection partner (value range: 1 to 49151). See also Principle of operation of connection-oriented protocols (Page 610) Description of the connection parameters (Page 602) Ability to read back connection description parameters (Page 628) Basic principles for programming of data blocks (Page 4551) Overview of connection configuration (Page 599) Assignment of port numbers (Page 626) Connection parameters according to TCON_IP_V4_SEC (S7-1500) Data block for connection description To configure the communication connections for TCP over IPv4 with Secure Communication, use the following modules: S7-1500 as of firmware version V2.0 With connection description DB with the structure of the SDT TCON_IP_V4_SEC Additionally optional: CP 15431 as of firmware version V2.0 or CP1543SP-1 as of firmware version V1.0 616 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Non-secure TCP or UDP connection over IPv4 You can also use SDT TCON_IP_V4_SEC for a non-secure TCP or UDP connection over IPv4. The connection parameter CONNECT of the instance DBs for TCON contains a reference to the data block used. Structure of the connection description according to TCON_IP_V4_SEC Byte Parameter Data type Start value Description 0... 15 ConnPara TCON_IP_v4 - SDT for the connection parameters Information about the interface_id: If you leave the interface_id at the preset value of 0, the operating system of the CPU evaluates the remote IP address and the IP routes existing locally and then specifies an Industrial Ethernet interface of the CPU for establishing the secure OUC connection. In this case, the diagnostics data is always assigned to the first Industrial Ethernet interface of the CPU. If you specify the hardware identifier of an Industrial Ethernet interface of the CPU or of a CP as interface_id, the secure OUC connection is established via the associated Industrial Ethernet interface. 16 ActivateSecure Conn BOOL FALSE Activation of Secure Communication for this connection 17 TLSServerReq ClientCert BOOL FALSE Only for the server side: Request for an X.509-V3 certificate from the TLS client 18 ... 19 ExtTLSCapabilities WORD 16#0 Bit 0: Only for the client side. A set bit means that the client validates the alternative name of the certificate subject (subjectAlternateName) in the X.509-V3 certificate of the server to check the identity of the server. The certificates are checked when the connection is established. If this parameter has the value FALSE, the subsequent secur ity parameters are irrelevant, meaning that the connection is non-secure. You can set up a non-secure TCP or UDP con nection in this case. Bit 1 to 15: reserved for future upgrades WinCC Advanced V14 System Manual, 10/2016 617 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type Start value Description 20 ... 23 TLSServerCertRef UDINT 0 Server side: ID of its own X.509-V3 certificate 24 ... 27 TLSClientCertRef Client side: ID of the X.509-V3 certificate (usually a CA certificate) that is used by the TLS client to validate the TLS server authentication. If this parameter is 0, the TLS client uses all the (CA) certificates currently loaded in the client certificate store to validate the server authentication. UDINT 0 Client side: ID of its own X.509-V3 certificate Server side: ID of the X.509-V3 certificate (or a group of X.509-V3 certificates) that is used by the TLS server to validate the TLS client. If this parameter is 0, the TLS server uses all (CA) certificates currently loaded in the server certificate store to validate the client authentication. See also Connection parameters with structure according to TCON_IP_v4 (Page 615) Connection parameters in accordance with TCON_QDN (S7-1500) Data block for connection description To configure the communication connections for TCP and UDP over the fully qualified domain name, use a connection description DB with a structure according to TCON_QDN for S7-1500 CPUs as of firmware version V2.0. The connection parameter CONNECT of the instance DBs for TCON contains a reference to the data block used. Structure of the connection description in accordance with TCON_QDN Byte Parameter 0 ... 1 interface_id Data type Start value Description HW_ANY 0 irrelevant Note: The first Industrial Ethernet interface is always used in the firmware version V2.0 of the S7-1500 CPUs. 2 ... 3 id CONN_OUC 1 Reference to this connection (value range: 1 to 4095). You must specify the value of this parameter for the TCON instruction under ID. 4 connection_type BYTE 11 Connection type: 11: TCP (11 dec = 0x0B hex) 19: UDP (19 dec = 0x13 hex) For compatibility and migration reasons, the CPU S7-1500 also allows the values of the connection description DB with a structure according to TCON_Param. For the connection type TCP, the entry 17 is therefore also valid (17 dec = 0x11 hex). 618 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type Start value Description 5 active_established BOOL TRUE Identifier for the type of connection establishment: FALSE: Passive connection establishment TRUE: Active connection establishment 6... 261 remote_qdn Array of STRING [1..254] - Fully qualified domain name of the partner end point, which must finish with "." Please note that in a SIMATIC network, the name including the concluding dot must not exceed 254 characters. 262 ... 263 remote_port UINT 2000 Port address of the remote connection partner (value range: 1 to 49151). 264 ... 265 local_port UINT 2000 Port address of the local connection partner (value range: 1 to 49151). Connection parameters in accordance with TCON_QDN_SEC (S7-1500) Data block for connection description To configure the communication connections for TCP over the fully qualified domain name with secure communication, use a connection description DB with the structure of the SDT TCON_QDN_SEC for S7-1500 CPUs with firmware version V2.0 or higher. Note Non-secure TCP or UDP connection over the fully qualified domain name You can also use the TCON_QDN_SEC SDT for a non-secure TCP or UDP connection over the fully qualified domain name. The connection parameter CONNECT of the instance DBs for TCON contains a reference to the data block used. Structure of the connection description according to TCON_QDN_SEC Byte Parameter Data type Start value Description 0... 271 ConnPara TCON_QDN - Connection parameter 272 ActivateSecure Conn BOOL FALSE Activation of secure communication for this connection TLSServerReq ClientCert BOOL 273 WinCC Advanced V14 System Manual, 10/2016 If this parameter has the value FALSE, the subsequent secur ity parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. FALSE Only for the server side: Request for an X.509-V3 certificate from the TLS client 619 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter 274 .. ExtTLSCapabilities . 275 Data type Start value Description WORD 16#0 Bit 0: Only for the client side. A set bit means that the client validates the subjectAlternateName in the X.509-V3 certificate of the server to check the identity of the server. The certificates are checked when the connection is established. Bit 1 to 15: reserved for future upgrades 276 .. TLSServerCertRef . 279 UDINT 280 ... 283 UDINT TLSClientCertRef 0 Server side: ID of its own X.509-V3 certificate Client side: ID of the X.509-V3 certificate (usually a CA certificate) that is used by the TLS client to validate the TLS server authentication. If this parameter is 0, the TLS client uses all (CA) certificates currently loaded in the client certificate store to validate the server authentication. 0 Client side: ID of its own X.509-V3 certificate Server side: ID of the X.509-V3 certificate (or a group of X.509-V3 certificates) that is used by the TLS server to validate TLS client authentication. If this parameter is 0, the TLS server uses all (CA) certificates currently loaded in the server certificate store to validate the client authentication. See also Connection parameters in accordance with TCON_QDN (Page 618) Secure OUC from an S7-1500 CPU as a TLS client to an external PLC (TLS server) (Page 739) Connection parameters with structure according to TCON_IP_RFC (S7-1200, S7-1500) Data block for connection description A connection description DB with a structure according to TCON_IP_RFC is used for CPUs of S7-1200 V4.0 and higher and S7-1500 to assign parameters to ISO-on-TCP communication connections. The fixed data structure of the TCON_IP_RFC contains all parameters that are required to establish the connection. The connection description DB is automatically created for a new connection by the connection configuration for Open User Communication when the TSEND_C, TRCV_C or TCON instruction is used. The CONNECT connection parameter of the instance DBs for TSEND_C, TRCV_C or TCON contains a reference to the data block used. 620 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure of the connection description according to TCON_IP_RFC Byte Parameter Data type Start value Description 0 ... 1 interface_id HW_ANY 64 Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 id CONN_OUC 1 Reference to this connection (value range: 1 to 4095). You must specify the value of this parameter for the TSEND_C, TRCV_C or TCON instruction under ID. 4 connection_type BYTE 12 Connection type 12: ISO-on-TCP (12 dec = 0x0C hex) For compatibility and migration reasons, the CPU S7-1500 also allows the values of the connection description DB with a structure according to TCON_Param. For the connection type ISO-on-TCP, the entry 18 is therefore also valid (18 dec = 0x12 hex). 5 active_established BOOL TRUE Identifier for the type of connection establishment: FALSE: Passive connection establishment TRUE: Active connection establishment 8... 11 remote_address ARRAY [1..4] of BYTE IP address of the partner end point, for example, for 192.168.0.1: addr[1] = 192 addr[2] = 168 addr[3] = 0 addr[4] = 1 12 ... 45 remote_tselector TSelector - TSelector of the remote connection partner: TSelLength = Value range 0 to 32 as UINT TSel[1-32] = Value range each 0 to 255 in bytes 46 ... 79 local_tselector TSelector - TSelector of the local connection partner: TSelLength = Value range 0 to 32 as UINT TSel[1-32] = Value range each 0 to 255 in bytes See also Principle of operation of connection-oriented protocols (Page 610) Description of the connection parameters (Page 602) Ability to read back connection description parameters (Page 628) Basic principles for programming of data blocks (Page 4551) Overview of connection configuration (Page 599) TSAP structure (Page 629) WinCC Advanced V14 System Manual, 10/2016 621 Editing devices and networks 10.1 Configuring devices and networks Connection parameters to TCON_Phone (S7-1200, S7-1500) System data types TCON_... for telecontrol connections TCON_PHONE is used as a connection description for the following types of connection: In mobile wireless CPs of the S71200 for connections of Open User Communication to transfer SMS over TCON / TDISCON / TSEND or TSEND_C. With the CP 12427 for telecontrol connections to SMS clients with TC_CON To configure establishment of a connection using one of the previously mentioned instructions, the CONNECT parameter of the instruction is used for the connection description. The connection description is defined by the structure of the system data type (SDT) TCON_Phone. The structure of the relevant SDT contains the parameters necessary to establish the connection with the remote communications partner. Creating a DB of the type TCON_Phone You need to type in the data type of the DB with the keyboard. It is not displayed in a selection list. Upper or lower case is unimportant when entering the data type. Follow these steps to create the DB: 1. Create a data block of the type "Global DB" with block access "Standard". To do so, deactivate the property "Optimized access" in the block properties (shortcut menu) in the "Attributes" tab. 2. Create an SDT in the parameter configuration table of the DB. 3. Enter the following name in the declaration table of the DB in the cell of the data type: TCON_Phone The SDT and its parameters are created (see below). 4. Configure the parameters described below. Reserved bits are not displayed. System data type TCON_Phone for SMS connections Note SMS text Programmed SMS texts for SMS messages to be sent are accessed using the DATA parameter of the TC_SEND instruction. The text of a received SMS message is assigned to the address area of the CPU by the DATA parameter of the TC_RECV instruction. 622 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-1 Parameters of TCON_Phone Byte Parameter Data type 0 ... 1 InterfaceId HW_ANY 2 ... 3 ID CONN_OUC Initial value Description Reference to the local interface (telecontrol interface or Ethernet interface of the CP > "Hardware identifier") 1...07FFh Reference to the local mobile wireless connection. The ID is assigned and must be unique within the CPU. Note on telecontrol connections of the CP 1242-7: The same value as that of the parameter ID of the TC_CON instruction must be used here. 4 ConnectionType Byte 5 ActiveEstablished Bool W#16#0E Protocol variant 14 (Eh): SMS connection Identifier for the type of connection establishment (not relevant for the CP 1242-7): 0: Passive connection establishment (not relevant here) 1: Active connection establishment 6...7 - - 8 ... 31 PhoneNumber - String[22] - reserviert Call number of the connection partner Permitted values: Plus character (+) and numbers Note the exact notation of the international dialing code of the relevant phone number assigned by the network provider ("+" character or zeros). Note on the telecontrol connections of the CP 1242-7: if the parameter PhoneNumber is not entered, no con nection partner is specified and SMS messages can be received by all authorized connection partners. Without an entry, TC_RECV initially delivers the oldest received SMS messages during startup. Connection parameters to TCON_FDL (S7-1200, S7-1500) System data block (SDT) for FDL connection description In order to parameterize an FDL connection for the CM 15425, a connection description DB with an SDT to TCON_FDL is used. The fixed data structure of the STD contains all parameters that are required to establish the connection. The connection description SDT has to be created in a created DB. The connection parameter CONNECT of the instance DBs for TSEND_C or TRCV_C contains a reference to the data block used. WinCC Advanced V14 System Manual, 10/2016 623 Editing devices and networks 10.1 Configuring devices and networks The following types of FDL connections can be established: Configured FDL connections These connection types are configured in the STEP 7 program editor, see AUTOHOTSPOT. TSEND_C and TRCV_C are used as blocks. - Specified connection Fully configured connection between two masters - Unspecified connection Configured connection with an unspecified partner Programmed FDL connections These connection types cannot be configured in the STEP 7 program editor. Instead these connection types require the calling the TCON instruction together with TSEND/TRCV or TUSEND/TURCV, respectively. - Unspecified Layer 2 connection Programmed FDL connection with an unspecified partner with free Layer 2 access - Broadcast connection Connection with all connected partners - Multicast connection Connection with several defined partners If specific settings for the individual connection types are required, this is mentioned at the subsequent parameters of the SDT. Structure of the connection description "TCON_FDL" for configured connections The table below describes the connection parameters for the following configured FDL connections: Specified connection Unspecified connection Byte Parameter Data type Value range / Start value Description 0 ... 1 InterfaceId HW_ANY 0 .. 65535 Hardware identifier of the local interface 2 ... 3 ID CONN_OUC 0 .. 4095 Reference to this connection in accordance with connection configuration 4 ConnectionType Byte 15 Connection type: 0x15 (dec. 21) for FDL 5 ActiveEstablished Bool FALSE ID for the manner in which the connection is established FALSE: Passive connection establishment TRUE: Active connection establishment The parameter value is not processed further. 624 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type Value range / Start value Description 5 ServiceId Byte 0 .. 2 Identifier of the data transfer service 0: Automatic default with selection of the service in accordance with the receiver configured in the connection description Only SDA is used in this setting for configured connections. 1: Send Data Acknowledged (SDA) - for active connections between two masters Use this setting for unspecified connections. 2: Send Data Non-Acknowledged (SDN) - for multicast / broadcast 6 ... 9 RemotePBAddress Byte 0 .. 126 PROFIBUS address of the connection partner Is used for specified connections by the connection configuration. Has to be stated explicitly for unspecified connections. 6 ... 9 LocalPBAddress Byte 0 .. 126 10 ... 11 Byte 2 .. 32 Own (local) PROFIBUS address Is assigned automatically by the interface configuration. RemoteLSAP LSAP (link layer service access point) of the connection part ner Has to be stated explicitly for configured connections. 12 ... 13 LocalLSAP Byte 2 .. 32 Own (local) LSAP Has to be stated explicitly for configured connections. Structure of the connection description "TCON_FDL" for programmed connections The table below describes the connection parameters for the following programmed FDL connections: Unspecified Layer 2 connection Broadcast connection Multicast connection Byte Parameter Data type Value range / Start value Description 0 ... 1 InterfaceId HW_ANY 0 .. 65535 Hardware identifier of the local interface 2 ... 3 ID CONN_OUC 0 .. 4095 Reference to this connection Reference to the value of the ID generated by TCON. Specify the value for TSEND / TRCV or TUSEND / TURCV at the parameter ID. 4 ConnectionType Byte 15 Connection type: 0x15 (dec. 21) for FDL 5 ActiveEstablished Bool FALSE ID for the manner in which the connection is established FALSE: Passive connection establishment TRUE: Active connection establishment The parameter value is not processed further. WinCC Advanced V14 System Manual, 10/2016 625 Editing devices and networks 10.1 Configuring devices and networks Byte Parameter Data type Value range / Start value Description 5 ServiceId Byte 0 .. 2 Identifier of the data transfer service 0: Automatic selection of the service. Not to be used for programmed connections. 1: Send Data Acknowledged (SDA) - for active connections between two masters 2: Send Data Non-Acknowledged (SDN) - for multicast / broadcast "1" or "2" has to be programmed for programmed connections. 6 ... 9 RemotePBAddress Byte 0 .. 127 PROFIBUS address of the connection partner Specify the address if TSEND or TUSEND is used. The value is set by the user program for TRCV or TURCV. For broadcast / multicast: 127 6 ... 9 LocalPBAddress Byte 0 .. 126 Own (local) PROFIBUS address Is assigned automatically by the interface configuration. 10 ... 11 RemoteLSAP Byte 2 .. 32, 63 LSAP (link layer service access point) of the connection part ner Specify the address if TSEND or TUSEND is used: For unspecified Layer 2 connections: 2 .. 32 For broadcast: 63 For multicast: Use the same values as "LocalLSAP". The value is set by the user program for TRCV or TURCV. 12 ... 13 LocalLSAP Byte 2 .. 32 Own (local) LSAP Is to be assigned by the program. Assignment of port numbers (S7-1200, S7-1500) Introduction When an Open User Communication is created, the value 2000 is automatically assigned as the port number. Permissible values for port numbers are 1 to 49151. You can assign any port number within this range. However, because some ports may already be used depending on the system, port numbers within the range from 2000 to 5000 are recommended. Note Port numbers must be unique. The connection configuration or a corresponding block call is rejected with an error if the port numbers are assigned twice. 626 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Overview of port numbers The following table summarizes the system reactions to different port numbers. Port no. Description System reaction 2000 ... 5000 Recommended range No warning, no error message on entry Port number is permitted and accepted 1 ... 1999, 5001 ... 49151 Can be used, but is outside the recom mended range 0, 20, 21, 25, 80, 102, 135, 161, 443, 465, 989, 990, 8080, 34962 ... 34964 Can be used conditionally* 53, 80, 102, 135, 161, 162, 443, 520, 9001, 34962 ... 34964 Can be used conditionally** Warning message on entry Port number is permitted and accepted * Ports specified for specific functions ("well-known Ports"): 0: ANY - Port number is automatically assigned by S7-1500 CPU as value (>49151) 20: FTP data transmission 21: FTP control 25: SMTP (Simple Mail Transfer Protocol) / TMAIL_C 80: HTTP (Hypertext Transfer Protocol) / Web server 102: ISO-on-TCP (RFC1006) 135: DCE Endpoint Mapper for PROFINET 161: SNMP (Simple Network Management Protocol) 443: HTTPS (Hypertext Transfer Protocol Secure) 465: SMTPS (Simple Mail Transfer Protocol Secure) 989: FTPS data transfer 990: FTPS control 8080: HTTP alternative / internal Web 34962 ... 34964: PROFINET Note The user usually specifies the value 0 for the local port on the active connection end point for UDP/TCP. In this case, the CPU operating system selects the next available port above 49151. The partner port usually has the default 0 with the passive connection end point. The corresponding parameter is disabled in the connection configuration. ** These ports are disabled depending on the function scope of the CPU in use. The documentation of the respective CPUs provides the assignment of these ports. See also Description of the connection parameters (Page 602) Creating and assigning parameters to connections (Page 606) WinCC Advanced V14 System Manual, 10/2016 627 Editing devices and networks 10.1 Configuring devices and networks Ability to read back connection description parameters (S7-1200, S7-1500) Changing parameter values in the connection description The connection description for exactly one connection of the Open User Communication is entered from the connection configuration in the connection description DB. You can change the parameter values of the connection description DB outside of the connection configuration in the user program. Connection description DBs containing values you changed subsequently can be read back from the connection configuration. Under "Properties > Configuration > Connection parameters", the inspector window displays only the connection parameters stored in the connection description DB. Note You can only change the values in the running user program if the instructions TCON, TSEND_C or TRCV_C are not being processed and the referenced connection is not established. The connection configuration does not support nested entries of connection descriptions in DB types that can only be found via offset referencing (for example, Global-DB). The structure of the connection description cannot be changed. Ability to read back individual connection parameters For the "Address" parameter of the communication partner in a TCP or ISO-on-TCP connection, its IP address is displayed from the "rem_staddr" parameter of the connection description. The following values can also be reloaded from the connection description: Connection type Local connection ID Active/passive connection establishment (only with UDP) Local TSAP (ISO-on-TCP only) Partner TSAP (ISO-on-TCP only) Local port (only with TCP and UDP) Partner port (only with TCP) The values of the connection ID parameters of the communication partner, the connection data, as well as the connection establishment, are not included in the connection description in the local connection description DB. Consequently, these parameters cannot be displayed when the connection configuration is reopened. The connection establishment of the partner results from the local connection establishment and is therefore also displayed. A new communication partner can be selected at any time in the "Partners" drop-down list box. When a CPU recognized in the project is selected as a specified communication partner, the entry options for the connection ID and the connection data are shown again. 628 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Connection parameters with structure according to TCON_Param (Page 612) Description of the connection parameters (Page 602) TSAP structure (S7-1200, S7-1500) Introduction For an ISO-on-TCP connection, Transport Service Access Points (TSAPs) must be assigned for both communication partners. TSAP IDs are assigned automatically after an ISO-on-TCP connection is created. To ensure the uniqueness of TSAP IDs within a device, you can change the preassigned TSAPs in the connection parameter assignment. Structure of TSAPs You must comply with certain rules when assigning TSAPs. A TSAP must contain a certain number of bytes, which are able to be displayed and entered as hexadecimal values (TSAPID) or as ASCII characters (ASCII-TSAP): $6&,,76$3 76$3 $6&,, ,62RQ7&3 $6&,,FKDUDFWHUV 76$3,' ))(' +H[YDOXHV 76$3,' Entries or changes of the TSAP-ID or the ASCII-TSAP in the corresponding entry fields always take effect in the other display format as well. If a TSAP contains no valid ASCII characters, the TSAP is displayed only as TSAP-ID and not as ASCII-TSAP. This is the case after a connection is created. The first two hex characters as TSAP-ID identify the communication type and the rack/slot. Because these characters are not valid ASCII characters for a CPU, the ASCII-TSAP is not displayed in this case. $6&,,76$3QRWSUHVHQW 76$3,'FRQWDLQVLQYDOLG$6&,,FKDUDFWHUV $6&,,FKDUDFWHUV 76$3 $6&,, 76$3,' ())(' 76$3,' +H[YDOXHV 76$3H[WHQVLRQ FRPSOHWH76$3,' In addition to the rules for length and structure of TSAPs, you must also ensure the uniqueness of the TSAP-ID. The assigned TSAPs are not automatically unique. WinCC Advanced V14 System Manual, 10/2016 629 Editing devices and networks 10.1 Configuring devices and networks Length and content of TSAPs Structure of the TSAP ID with TSAP extension: Valid for CPU S7-1200 firmware V1 Length = 2 to 16 bytes x_tsap_id[0] = 0xE0 (Open User Communication) x_tsap_id[1] (bits 0 to 4) = slot number of CPU x_tsap_id[1] (bits 5 to 7) = rack number of CPU x_tsap_id[2...15] = any characters (TSAP extension, optional) (x = loc (local) or x = rem (partner)) Valid for CPU S7-1500 and S7-1200 firmware as of V2 Length = 2 to 16 bytes x_tsap_id[0] = 0xE0 (Open User Communication) x_tsap_id[1] = 0x00 to 0xFF x_tsap_id[2...15] = any characters (TSAP extension, optional) (x = loc (local) or x = rem (partner)) Structure of the TSAP ID as ASCII TSAP: Valid for CPU S7-1200 firmware V1 Length = 3 to 16 bytes x_tsap_id[0...2] = 3 ASCII characters (0x20 to 0x7E) x_tsap_id[3...15] = any characters (optional) (x = loc (local) or x = rem (partner)) Valid for CPU S7-1200 firmware as of V2 Length = 3 to 16 bytes x_tsap_id[0...2] for active connection = 3 ASCII characters (0x00 to 0xFF) or any bit string* x_tsap_id[0...2] for passive connection = 3 ASCII characters (0x20 to 0x7E) or any bit string* x_tsap_id[3...15] = any characters (optional) (x = loc (local) or x = rem (partner)) Valid for S7-1500 CPU Length = 3 to 16 bytes x_tsap_id[0...2] = 3 ASCII characters (0x00 to 0xFF) or any bit string* x_tsap_id[3...15] = any characters (optional) (x = loc (local) or x = rem (partner)) * ASCII character strings must not start with "SIMATIC-" The following table shows the schematic structure of various TSAP IDs: TSAP-ID tsap_id_len tsap_id[0] tsap_id[1] tsap_id[2] tsap_id[3..15] ...with extension 2...16 bytes 0xE0 0x01 or 0x02 or 0x00* Extension (optional) Extension (optional) 2...16 bytes 0xE0 0x00...0xFF Extension (optional) Extension (optional) 3...16 bytes 0x20...0x7E 0x20...0x7E 0x20...0x7 Any (optional) (CPU S7-1200 firmware V1) ...with extension (CPU S7-1500, S7-1200 firmware as of V2) ...as ASCII-TSAP (CPU S7-1200 firmware V1) 630 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks *An S7-1200 CPU is normally inserted on rack 0 and slot 1, and an S7-300/400 CPU on rack 0 and slot 2. For this reason, hex value 01 or 02 is valid for the second position of the TSAP ID with extension. If the connection partner is an unspecified CPU, for example, a third-party device, the hex value 00 is also permissible for the slot address. Note For unspecified communication partners, the local TSAP-ID and the partner TSAP-ID can have a length of 0 to 16 bytes, in which all hex values from 00 to FF are permitted. ASCII code table for entry of ASCII TSAPs When entering ASCII TSAPs with the hexadecimal values from 20 to 7E, only the following characters are permitted: Code ..0 2.. ..1 ..2 ..3 ..4 ..5 ..6 ..7 ..8 ..9 ..A ..B ..C ..D ..E ..F ! " # $ % & ' ( ) * + , - . / 3.. 0 1 2 3 4 5 6 7 8 9 : ; < = > ? 4.. @ A B C D E F G H I J K L M N O 5.. P Q R S T U V W X Y Z [ \ ] ^ _ 6.. a b c d e f g h i j k l m n o 7.. p q r s t u v w x y z { | } ~ See also Examples of TSAP assignment (Page 631) Description of the connection parameters (Page 602) Creating and assigning parameters to connections (Page 606) Examples of TSAP assignment (S7-1200, S7-1500) The following examples show the processing of the TSAPs for CPUs of the S7-1200/1500 (CPU on slot 1) under various points of view: Example 1: Creating a new connection for PLC-PLC communication Example 2: Entry of a local ASCII-TSAP Example 3: Entry of a TSAP extension in the TSAP-ID Example 4: Incorrect editing of the TSAP-ID Example 5: Entry of an ASCII-TSAP via the "TSAP-ID" entry field Example 1: Creating a new connection for PLC-PLC communication Once you have created a new connection with two PLCs for the Open User Communication, the TSAP extension "ISOonTCP-1" is assigned automatically. WinCC Advanced V14 System Manual, 10/2016 631 Editing devices and networks 10.1 Configuring devices and networks This TSAP extension produces the TSAP-ID E0.01.49.53.4F.6F.6E.54.43.50.2D.31, which is entered automatically in the connection description DB and in the entry fields of the local and the partner TSAP. The entry fields of the ASCII-TSAPs remain empty: Local TSAP Partner TSAP E0.01.49.53.4F.6F.6E.54.43.50.2D.31 E0.01.49.53.4F.6F.6E.54.43.50.2D.31 TSAP (ASCII) TSAP-ID You can change the values in the entry fields of the TSAP-ID and the ASCII-TSAP at any time. The entry field of the TSAP-ID shows the complete TSAP stored in the data block of the connection description. The TSAP-ID with TSAP extension, which is limited to 16 characters, is not displayed in the "TSAP (ASCII)" entry field because the character E0 does not represent a valid character for the ASCII-TSAP. If the displayed TSAP-ID is a valid ASCII-TSAP, it is displayed in the "TSAP (ASCII)" entry field. Changes in the entry fields for TSAP-ID and ASCII-TSAP affect the other field. Example 2: Entry of a local ASCII-TSAP If you have created a new connection and assigned an ASCII value for the local TSAP in the "TSAP (ASCII)" entry field, for example, "ISOonTCP-1", the resulting TSAP-ID is created automatically. When you exit the "TSAP (ASCII)" entry field, the number of ASCII characters is checked automatically for compliance with the limit (3 to 16 characters) and the resulting TSAP-ID is entered into the corresponding entry field: Local TSAP TSAP (ASCII) ISOonTCP-1 TSAP-ID 49.53.4F.6F.6E.54.43.50.2D.31 Partner TSAP E0.01.49.53.4F.6F.6E.54.43.50.2D.31 Example 3: Entry of a TSAP extension in the TSAP-ID If, following creation of a connection and entry of an ASCII-TSAP (see examples 1 and 2) in the entry field of the local TSAP-ID, you add the prefix "E0.01" to the TSAP value, the ASCIITSAP will no longer be displayed when the entry field is exited. Local TSAP Partner TSAP E0.01.49.53.4F.6F.6E.54.43.50.2D.31 E0.01.49.53.4F.6F.6E.54.43.50.2D.31 TSAP (ASCII) TSAP-ID Once you have exited the entry field of the TSAP-ID, a check is performed automatically to determine whether the first character of the TSAP-ID is a valid ASCII character. Since the character "E0" now present in the TSAP-ID is not a valid character for the ASCII-TSAP, the "TSAP (ASCII)" entry field no longer displays an ASCII-TSAP. If a valid ASCII character is used, the check for compliance with the length specification of 2 to 16 characters follows. 632 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Example 4: Incorrect editing of the TSAP-ID If you remove the hex value "E0" from a TSAP-ID beginning with "E0.01", the TSAP-ID now begins with "01" and therefore no longer complies with the rules and is invalid: Local TSAP Partner TSAP 01.49.53.4F.6F.6E.54.43.50.2D.31 E0.01.49.53.4F.6F.6E.54.43.50.2D.31 TSAP (ASCII) TSAP-ID After the entry field is exited, a message is output because the TSAP-ID is neither a valid ASCIITSAP (this would have to have a hex value in the range from 20 to 7E as the first value) or a valid TSAP-ID (this would have to have the identifier "E0" as the first value). Example 5: Entry of an ASCII-TSAP via the "TSAP-ID" entry field If you remove the value "01" in addition to the value "E0" from the incorrect TSAP-ID in example 4, the TSAP-ID begins with the hex value 49. This value is within the permissible range for ASCII-TSAPs: Local TSAP Partner TSAP 49.53.4F.6F.6E.54.43.50.2D.31 E0.01.49.53.4F.6F.6E.54.43.50.2D.31 TSAP (ASCII) TSAP-ID When you exit the entry field, the TSAP-ID is recognized as a valid ASCII-TSAP and the resulting ASCII-TSAP "ISOonTCP-1" is written to the "TSAP (ASCII)" entry field. See also TSAP structure (Page 629) Description of the connection parameters (Page 602) Configuring HMI connections Introduction to configuring connections Definition A connection defines a logical assignment of two communication partners in order to undertake communication services. A connection defines the following: Communication partner involved Type of connection (e.g., HMI connection) Special properties (e.g., whether a connection is established permanently or whether it is established and terminated dynamically in the user program, and whether status messages are to be sent) Connection path WinCC Advanced V14 System Manual, 10/2016 633 Editing devices and networks 10.1 Configuring devices and networks What you need to know about connection configuration During connection configuration, a local connection name is assigned for an HMI connection as a unique local identification. In the network view, a "Connections" tab is displayed in addition to the "Network overview" tab. This tab contains the connection table. A line in this connection table represents a configured connection, e.g., between an HMI device and PLC, along with its properties. What you need to know about using connection resources Introduction Each connection requires connection resources for the end point and/or transition point on the devices involved. The number of connection resources is device-specific. If all the connection resources of a communication partner are assigned, no new connections can be established. This situation is apparent when a newly created connection in the connection table has a red background. The configuration is then inconsistent and cannot be compiled. HMI connections For HMI connections via the integrated PN interface, one connection resource for the endpoint per HMI connection is occupied for the HMI device. One connection resource is also required for the connection partner (PLC). 634 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Views containing information about the configured connections The views described below will provide you with comprehensive access to all the information and functions regarding configuring and checking communication connections. Connection display in the network view Connection table "Properties" tab for a connection in the inspector window WinCC Advanced V14 System Manual, 10/2016 635 Editing devices and networks 10.1 Configuring devices and networks Benefits The information shown in these views are always up-to-date in terms of the current user actions. This means: The connection table displays all connections created. If you have selected a connection in the connection table: - You will graphically see the connection path in the network view. - The "Properties" tab in the Inspector window displays the parameters of this connection. The connection table The connection table offers the following functions: List of all connections in the project Selection of a connection and display of connections associated with it in the network view Changing of connection partners Display showing status information "Properties" tab for a connection in the inspector window The properties dialog has the following meaning: Display for connection parameters Display of connection path Subsequent specification of connections using the "Find connection path" button Creating a new connection Creating a connection - alternatives You have the following options for creating a connection in the network view: Graphic connection configuration Interactive connection configuration You'll find the individual steps for this in the following chapters. Requirement and result You have created the devices with CPUs and HMI devices between which you want to configure connections in the network view. 636 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Specifying a connection If both partners for the connection type selected are networked on the same network, use the graphic or interactive selection of both communication partners to create a fully specified connection. This connection is entered automatically into the connection table of the HMI device. A local connection name is assigned for this connection. The following schematic shows a configured connection with a networked device: Creating a new connection graphically Graphically configuring connections When using the graphic connection configuration, if necessary the system asks you to define the connection path. Select the devices to be connected in the current configuration. WinCC Advanced V14 System Manual, 10/2016 637 Editing devices and networks 10.1 Configuring devices and networks Automatically determining connection path To create a connection graphically, follow these steps: 1. Click the "Connections" button. The connection mode for the connection type you have selected is then activated. You will see this from the following: The devices that can be used for the connection type selected in your project are colorhighlighted in the network view. 2. Hold down the mouse button and drag the mouse pointer from the device from which the connection will originate to the device at which the connection ends. 3. Release the mouse button over the destination device to create the connection between the two devices. Result A specified connection is created. The connection path is highlighted. The connection is entered in the connection table. Interactively creating a new connection Interactively configuring connections Define the local device and its connection partners. 638 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure Proceed as follows to interactively create a connection: 1. Select the "Create new connection" command in the shortcut menu of a connection partner for which you want to create a connection. The "Create new connection" dialog is opened. 2. Select the partner endpoint. In the right pane of the dialog, a possible connection path fitting the selected endpoint is displayed, if available. Incomplete paths, for example, for a non-specified CPU, are marked by an exclamation mark on a red background. 3. To close the dialog, click "OK". To accept the configured connection and to configure additional connections to other endpoints, click "Apply". Working in the network view Highlighting connection path and partner in the network view To display the connection partners for all or certain connection types in the network view, proceed as follows: 1. Click the "Connections" button. 2. Select the "Highlight connection partners" command in the shortcut menu for the HMI device whose connection partners you want to display in the network view. 3. Select "All connection partners" in the following menu. The local device and the CPUs of the target devices are selected. The local connection partner shows an arrow pointing right and the remote connection partners show an arrow pointing left. 4. To open a list with information on the target devices, click the arrow of the local device. This additional function is useful in complex network configurations in which some devices are not visible. Note You can display one of the connection partners which cannot be seen in the current display range of the network view. Click on the communication partner in the list that appears. Result: The display is moved such that the connection partner becomes visible. WinCC Advanced V14 System Manual, 10/2016 639 Editing devices and networks 10.1 Configuring devices and networks See also Creating a new connection graphically (Page 637) Working with the connection table Basic functions for tables The connection table supports the following basic functions for editing a table: Changing column width Displaying the meaning of a column, a row or cell using tooltips. Changing column width To adjust the width of a column to the content so that all texts in the lines are legible, follow these steps: 1. Position the cursor in the header of the connection table to the right of the column that you want to optimize until the cursor changes its shape to two parallel lines (as if you wanted to change the width of the column by dragging it with the cursor). 2. Double click on this point. or 1. Open the shortcut menu on the header of the table. 2. Click on - "Optimize column width" or - "Optimize width of all columns". For columns that are too narrow, the complete content of specific fields is shown when you pause with the cursor on the respective field. Show / hide columns You can use the shortcut menu of the header of the connection table to control the display of the various table columns. The shortcut menu entry "Show/hide columns" provides you with an overview of the available columns. Use the check box to control whether columns are shown or hidden. Using cursor keys to move within the connection table You can use the UP and DOWN cursor keys to select a connection from the connection table; the selected connection is marked and is shown highlighted in the network view. Changing properties of connection You can directly edit the parameters displayed in the connection table in some cases. To change the name of a connection, you do not have to navigate to the Inspector window. 640 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Changing connection partners You can change the connection partner of a connection as follows: 1. Select the connection. 2. Select the new connection partner from the open drop-down list in the "Partner" column. Deleting connections You can delete configured connections using the network view or the connection table. In the network view you can delete one highlighted connection per action. In the connection table you can delete one or several connections per action. Procedure To delete a connection, follow these steps: 1. Select the connection to be deleted: - In the network view: Select the connection to be deleted. - In the connection table: Select the rows of the connections to be deleted (multiple selection possible). 2. Open the shortcut menu with a right mouse click. 3. Select the "Delete" command. Result The selected connection is removed completely. Copying connections Introduction Connections are not copied singly but always in context along with the project or the device. You can copy: Entire projects One or more devices within a project or from one project to another Copying a project When you copy a project all configured connections will also be copied. No settings whatsoever are required for the copied connections because the connections remain consistent. WinCC Advanced V14 System Manual, 10/2016 641 Editing devices and networks 10.1 Configuring devices and networks Copying devices If you copy devices for which connections have been configured (HMI devices), the connections are copied as well. To complete the connection path, you must still finalize the networking. An S7-1200 CPU with a V.10 firmware is only a server for connections and has no connection configuration itself. Consequently, no connections are copied along with it when an S7-1200 CPU with a V1.0 firmware is copied. Inconsistent connections - connections without assignment With an inconsistent connection the structure of the connection data is destroyed or the connection is not functional in the project context. Inconsistent connections cannot be compiled and loaded - operation is not possible with such a connection. In the connection table inconsistent connections are marked in red. Possible causes for inconsistent connections Deletion or change of the hardware configuration. Missing interface network links in the project, which are necessary for a connection. Connection resources are exceeded Errors when backing up data due to insufficient memory Connections to an unspecified connection partner without partner address information. Detailed information regarding the reasons for the inconsistency can be found in the "Compile" tab following compilation (Edit > Compile). Remedies If the connection cannot be repaired by opening the connection properties, changing them or undoing them in the configuration, then it may be necessary to delete the connection and recreate it. HMI connection general settings General connection parameters General connection parameters are displayed in the "General" parameter group under the properties of the connection; these connection parameters identify the local connection end point. Here, you can also assign the connection path and specify all aspects of the connection partner. 642 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Special connection properties Display of the connection properties (cannot be changed): Active connection establishment The connection establishment always starts from the HMI device. This option is selected by default if the address of the partner is specified. One-way One-way means that the connection partner functions as a server on this connection and cannot send or receive actively. Sending operating mode messages Not relevant for HMI devices. Address details Displaying address details of the HMI connection. With an unspecified partner, the values for the rack and slot can be changed. All other values are obtained from the current configuration and cannot be changed. Miscellaneous Display of the access points for the online connection between HMI device and connection partner. Configuring S7 connections (S7-1200) Introduction to configuring connections (S7-1200) Definition A connection defines a logical assignment of two communication partners in order to undertake communication services. A connection defines the following: Communication partner involved Type of connection (for example, S7 connection) Special properties (e.g., whether a connection is established permanently or whether it is established and terminated dynamically in the user program, and whether status messages are to be sent) Connection path What you need to know about connection configuration During connection configuration, a local connection name is assigned for an S7 connection as a unique local identification. In the network view, a "Connections" tab is displayed in addition to the "Network overview" tab. This tab contains the connection table. A row in this connection table represents a WinCC Advanced V14 System Manual, 10/2016 643 Editing devices and networks 10.1 Configuring devices and networks configured connection from the viewpoint of the local communication partner with its properties, for example, between two S7-1200 CPUs. What you need to know about using connection resources (S7-1200) Introduction Each connection requires connection resources for the end point and/or transition point on the devices involved. The number of connection resources is device-specific. If all the connection resources of a communication partner are assigned, no new connections can be established. This situation is apparent when a newly created connection in the connection table has a red background. The configuration is then inconsistent and cannot be compiled. S7 connections In the case of S7 connections via the PN interface, one connection resource per S7 connection is assigned for the endpoint for the S7-1200 CPU. One connection resource is also required for the connection partner. You can find an overview of available and assigned connection resources for selected S7-1200 CPU in the Inspector window at "Properties > Connection Resources" 644 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Views containing information about the configured connections (S7-1200) The views described below will provide you with comprehensive access to all the information and functions regarding configuring and checking communication connections. Connection display in the network view Connection table "Properties" tab for a connection in the inspector window WinCC Advanced V14 System Manual, 10/2016 645 Editing devices and networks 10.1 Configuring devices and networks Benefits The information shown in these views are always up-to-date in terms of the current user actions. This means: The connection table displays all connections created. If you have selected a connection in the connection table: - When connection mode is enabled, the connection path is highlighted in the network view. - The "Properties" tab in the Inspector window displays the parameters of this connection. The connection table The connection table offers the following functions: List of all connections in the project Selection of a connection and display of connections associated with it in the network view (when connection mode is enabled) Changing of connection partners Display showing status information "Properties" tab for a connection in the inspector window The properties dialog has the following meaning: Display for connection parameters Display of connection path Subsequent specification of connections using the "Find connection path" button Creating a new connection (S7-1200) Creating a connection - alternatives You have the following options for creating a connection in the network view: Graphic connection configuration Interactive connection configuration You'll find the individual steps for this in the following chapters. Requirement and result In the network view, you have add devices between which the connections should be configured. 646 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Specifying a connection If both partners for the connection type selected are networked on the same network, use the graphic or interactive selection of both communication partners to create a fully specified connection. This connection is entered automatically in the connection table of the S7-1200 CPU. A local connection name is assigned for this connection. The following schematic shows a configured connection with a networked device: Creating a new connection graphically (S7-1200) Graphically configuring connections In the case of graphic connection configuration, the connection path is automatically specified provided interfaces and resources are available. Select the devices to be connected in the current configuration. WinCC Advanced V14 System Manual, 10/2016 647 Editing devices and networks 10.1 Configuring devices and networks Automatically determining connection path To create a connection graphically, follow these steps: 1. Click the "Connections" button. This step activates the connection mode: You can now select the connection type you want. You will see this from the following: The devices that can be used for the connection type selected in your project are colorhighlighted in the network view. 2. Hold down the mouse button and drag the mouse pointer from the device from which the connection will originate to the device at which the connection ends. 3. Release the mouse button over the destination device to create the connection between the two devices. Result A specified connection is created. The connection path is highlighted. The connection is entered in the connection table. Configuring a connection when there is no or no clear network assignment Any networking not in place will if possible be created automatically when a connection is created. A query will be made upon completion of connection configuration if unique network assignment is not possible. You will be able to choose from the existing subnets. Example below: A query is made upon creation of a connection between stations PLC_1 and PLC_2, which are not yet networked. 648 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interactively creating a new connection (S7-1200) Interactively configuring connections Define the local device and its connection partners. Procedure Proceed as follows to interactively create a connection: 1. Select the "Add new connection" command in the shortcut menu of a connection partner for which you want to create a connection. The "Create new connection" dialog appears. 2. Select the partner endpoint. In the right pane of the dialog, a possible connection path fitting the selected endpoint is displayed, if available. Incomplete paths, for example, for a non-specified CPU, are marked by an exclamation mark on a red background. 3. To accept the configured connection and to configure additional connections to other endpoints, click "Add". To close the dialog, click "OK". Working in the network view (S7-1200) Highlighting connection path and partner in the network view To display the connection partners for all or certain connection types in the network view, proceed as follows: 1. Click the "Connections" button. 2. Select the S7-CPU for which you want to display the connection partners in the network view and then select the "Highlight connection partners" command in the shortcut menu. 3. Select "All connection partners" in the following menu. The local device and the CPUs of the target devices are selected. The local connection partner shows an arrow pointing right and the remote connection partners show an arrow pointing left. 4. To open a list with information on the target devices, click the arrow of the local device. This additional function is useful in complex network configurations in which some devices are not visible. WinCC Advanced V14 System Manual, 10/2016 649 Editing devices and networks 10.1 Configuring devices and networks Note You can display one of the connection partners which cannot be seen in the current display range of the network view. Click on the communication partner in the list that appears. Result: The display is moved such that the connection partner becomes visible. Working with the connection table (S7-1200) Basic functions for tables The connection table supports the following basic functions for editing a table: Changing column width Displaying the meaning of a column, a row or cell using tooltips. Changing column width To adjust the width of a column to the content so that all texts in the lines are legible, follow these steps: 1. Position the cursor in the header of the connection table to the right of the column that you want to optimize until the cursor changes its shape to two parallel lines (as if you wanted to change the width of the column by dragging it with the cursor). 2. Double click on this point. or 1. Open the shortcut menu on the header of the table. 2. Click on - "Optimize column width" or - "Optimize width of all columns". For columns that are too narrow, the complete content of specific fields is shown when you pause with the cursor on the respective field. Show / hide columns You can use the shortcut menu of the header of the connection table to control the display of the various table columns. The shortcut menu entry "Show/hide columns" provides you with an overview of the available columns. Use the check box to control whether columns are shown or hidden. 650 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you want to store the layout, width and visibility of the table columns, click on the "Remember layout" function in the top right-hand of the network view. Symbol Meaning Remember layout Saves the current table view. The layout, width and visibility of columns in the table view is stored. Using cursor keys to move within the connection table You can use the UP and DOWN cursor keys to select a connection from the connection table; the selected connection is marked and is shown highlighted in the network view. Changing properties of connection You can directly edit some of the parameters displayed in the connection table. The name of the connection can, for example, only be changed in the connection table. Changing connection partners You can change the connection partner of a connection as follows: 1. Select the connection. 2. Select the new connection partner from the open drop-down list in the "Partner" column. Deleting connections (S7-1200) You can delete configured connections using the network view or the connection table. In the network view you can delete one highlighted connection per action. In the connection table you can delete one or several connections per action. Procedure To delete a connection, follow these steps: 1. Select the connection to be deleted: - In the network view: Select the connection to be deleted. - In the connection table: Select the rows of the connections to be deleted (multiple selection possible). 2. Open the shortcut menu with a right mouse click. 3. Select the "Delete" command. Result The selected connection is removed completely. WinCC Advanced V14 System Manual, 10/2016 651 Editing devices and networks 10.1 Configuring devices and networks Copying connections (S7-1200) Introduction Connections are not copied singly but always in context along with the project or the device. You can copy: Entire projects One or more devices within a project or from one project to another Copying a project When you copy a project all configured connections will also be copied. No settings whatsoever are required for the copied connections because the connections remain consistent. Copying devices If you copy devices for which connections have been configured, the connections are copied as well. To complete the connection path, you must still finalize the networking. An S7-1200 CPU with a V.10 firmware is merely a server for connections and has no connection configuration itself. Consequently, no connections are copied along with it when an S7-1200 CPU with a V1.0 firmware is copied. Inconsistent connections - connections without assignment (S7-1200) With an inconsistent connection the structure of the connection data is destroyed or the connection is not functional in the project context. Inconsistent connections cannot be compiled and loaded - operation is not possible with such a connection. In the connection table inconsistent connections are marked in red. Possible causes for inconsistent connections Deletion or change of the hardware configuration. Missing interface network links in the project, which are necessary for a connection. Connection resources are exceeded Connections to an unspecified connection partner without partner address information. Detailed information regarding the reasons for the inconsistency can be found in the "Compile" tab following compilation (Edit > Compile). 652 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Remedies To assign a closed connection path to an existing open connection path, expand the device configuration in such a way that the interfaces required for the connection type are available for both partners. At "Properties > General > Interface" in the Inspector window, you can use the "Find connection path" button to create a connection to an existing partner. S7 connection - general settings (S7-1200) General connection parameters General connection parameters are displayed in the "General" parameter group under the properties of the connection; these connection parameters identify the local connection end point. Here, you can assign the connection path and specify all aspects of the connection partner. Local ID The local ID of the module from which the connection is viewed is displayed here (local partner). You can change the local ID. You may need to do this if you have already programmed communication function blocks, and you want to use the local ID specified in those function blocks for the connection. Special connection properties Display of connection properties (can be modified depending on the components used): One-way One-way means that the connection partner functions as a server on this connection and cannot send or receive actively. Active connection establishment In the case of one-way connection, for example with a S7-1200 CPU (firmware version V1.0), a connection partner can only be provided for the active connection establishment. In the case of a two-way connection you can set which connection partner will assume the active role. Sending operating mode messages Indicates whether or not the local partner sends operating mode messages to the connection partner. Address details Displaying address details of the S7 connection. With an unspecified partner, the values for the rack and slot can be changed. All other values are obtained from the current configuration and cannot be changed. WinCC Advanced V14 System Manual, 10/2016 653 Editing devices and networks 10.1 Configuring devices and networks S7 connection - address details (S7-1200) Meaning The address details show the end points of the connection and can localize these via the specification of rack and slot. When a connection is established, the connection-specific resources of a module are assigned permanently to this connection. This assignment requires that the connection resource can be addressed. The TSAP (Transport Service Access Point) is, as it were, the address of the resource that is formed with the help of the connection resource or, in the case of S7-1200 CPUs (firmware V2.0 or higher) with the SIMATIC-ACC (SIMATIC Application Controlled Communication). Configuration of TSAP for S7-1200 For S7-1200 CPU (firmare V2.0 or higher): "SIMATIC-ACC"<nnn><mm> nnn = Local ID mm = any value For S7-1200 CPU (firmare V1.0): <xx>.<yz> xx = Number of the connection resource y = Rack number z = Slot number TSAP structure, dependent on partner The configuration of the TSAP for S7-1200 CPUs is dependent on the respective firmware and on the remote connection partner. When a S7-1200 CPU is connected with a S7-300/400 CPU, a S7-1200 CPU also uses a TSAP configuration that includes the connection resource. 654 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See the following examples of TSAPs of various connection configurations Connection between two S7-1200 CPUs (both with firmware V2.0): - S7-1200 CPU "A" with firmware V2.0 and local ID 100: TSAP: SIMATIC-ACC10001 - S7-1200 CPU "B" with firmware V2.0 and local ID 5AE: TSAP: SIMATIC-ACC5AE01 Connection between two S7-1200 CPUs (firmware V2.0 and V1.0): - S7-1200 CPU with firmware V2.0 and local ID 1FF: TSAP: SIMATIC-ACC1FF01 - S7-1200 CPU with firmware V1.0 (rack 0, slot 1, connection resource 03): TSAP: 03.01 Connection between S7-1200 CPUs (firmware V2.0) and S7-300/400 CPU: - S7-1200 CPU with firmware V2.0 (rack 0, slot 1, connection resource 12): TSAP: 12.01 - S7-300/400 CPU (rack 0, slot 2, connection resource 11): TSAP: 11.02 S7 connections via CM/CP (S7-1200) Introduction S7-1200 CPUs with a firmware version of V2.0 or higher support one-way and two-way S7 connections via CM/CP interfaces. This increases the number of Ethernet ports and networks that can be used for S7 connections. Even though the connection is then guided via the CM/ CP, the associated S7-1200 CPU is an end point of the connection. The other end point can be any other device in the case of two-way connections. This other device must also support S7 connections. Data volumes and configuration limit The number of communication connections which are supported by CM/CP can be found in the manual accompanying every CM/CP. The number of connections per device can be further increased by adding other CM/CPs. If several CM/CPs are fitted in a device, an automatic switch is made to the next CM/CP when this limit is exceeded. Specifically assign the connections using the path selection as required. Note Data transfer > 240 byte transfer is supported by the current CPs. CPs with an older product version support the transfer of data with a data length of up to 240 bytes. For more information, refer to the details provided in the Ethernet CP equipment manual. WinCC Advanced V14 System Manual, 10/2016 655 Editing devices and networks 10.1 Configuring devices and networks Tasks of the Ethernet CM/CP in online mode During data transfer via a connection, the Ethernet CM/CP takes on the following tasks: Receiving Receiving data from the Ethernet and forwarding to the user data area in the CPU Sending Transferring data from the user data area of the CPU and sending data via the Ethernet The connection is established automatically as soon as the partner can be reached. S7 connections using PUT and GET instructions Basic information on communication via the PUT/GET instruction Basic information on PUT/GET instructions Use PUT and GET instructions to exchange data between two CPUs via an S7 connection. The GET instruction is used to read data from a partner CPU. The PUT instruction is used to control the writing of tags by the communication partner via the user program. Apart from the PUT and GET instructions, no additional communication functions are provided for reading and writing tags. To simplify the use of the two instructions, specify all required parameters for the connection and all block parameters in the Inspector window of the program editor. Requirement To be able to use the PUT and GET instructions, the following requirements must be satisfied: At least one S7-1200/1500 CPU or S7-300/400 CPU must be created in the project. Firmware 2.0 or higher must be installed on an S7-1200 CPU. If you have not yet created a second CPU in the project, you can initially establish the connection to an unspecified partner. An S7 connection must exist between the two CPUs. If you have not yet established a connection between two CPUs, a connection is automatically established during the configuration of the instructions. For both instructions, an instance data block is required in which all data used by the instruction is stored. The instance data block is created automatically as soon as you drag a PUT or GET instruction to a network in the program editor. For the correct execution of the program, it is essential that the instance data blocks are not changed; consequently, these data blocks are know-how protected. You only have read access to the instance data blocks. See also Overview of connection configuration (Page 657) Assigning parameters to start request (Page 662) 656 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PUT: Set parameters for write and send area (Page 663) GET: Set parameters for read and memory area (Page 664) Connection configuration Overview of connection configuration Introduction The connection parameters for the PUT and GET instructions are assigned in the inspector window of the program editor. All parameters are saved in the corresponding instance data block. WinCC Advanced V14 System Manual, 10/2016 657 Editing devices and networks 10.1 Configuring devices and networks Structure of the connection configuration The connection configuration is made up of the following components: Communication instruction for PUT or GET Call of online and diagnostic functions "Configuration" tab in the "Properties" tab Area navigation of the "Configuration" tab General properties of the connection parameters Display of online and diagnostic functions If you click the icon for starting the online and diagnostic functions, the associated CPU goes online automatically. The connection table in the network view is opened. In addition, the "Diagnostics" tab and the connection information are displayed in the inspector window. 658 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Entering the connection parameters Enter the desired connection parameters in the "Configuration" tab. The area navigation of the "Configuration" tab includes the "Connection parameters" group. This group contains the connection configuration. Here, you can enter the parameters for the connections using system functions. When all the required parameters are assigned, a check mark is set behind the "Connection parameters" group in the area navigation. See also Assigning parameters to start request (Page 662) PUT: Set parameters for write and send area (Page 663) GET: Set parameters for read and memory area (Page 664) Description of the connection parameters Overview The following table shows the general connection parameters: Parameter Description End point The names of the local end point and the partner end point are shown. Local end point The local end point is the CPU in which the PUT or GET instruction is programmed. Partner end point The partner end point is selected from the drop-down list. The drop-down list shows all available possible connection partners including unspecified connection partners for devices whose data is unknown in the project. As long as no connection partner is set, all other parameters in the mask are disabled. Interface The interface of the partner CPU is displayed. The partner interface is not displayed until a specified partner CPU has been selected. Interface type The type of interface via which communication is handled is displayed. Subnet name The subnet of the local end point is displayed, provided this exists. The partner subnet is displayed only after the partner end point has been selected. If at least one of the two connection partners is not connected with a subnet, the two connec tion partners are automatically connected with each other. The partner which is not connected to a network is hereby connected to the same subnet via which the other partner is already connected to a network. A connection of connection partners to different subnets is only possible with IP or S7 routing. The IP routing settings can be edited in the properties of the relevant Ethernet interfaces. Address The IP address of the local end point is displayed. The IP address of the partner is displayed only after the partner end point has been selected. If you have selected an unspecified connection partner, the input box is empty and has a red background. In this case, you will need to specify a valid IP address for the connection partner. Connection ID WinCC Advanced V14 System Manual, 10/2016 The currently set connection ID is displayed. You can change the connection ID in the con nection table in the network view. You can also directly access the connection table while you are setting the connection parameters. To do this, click the "Create new connection" icon. 659 Editing devices and networks 10.1 Configuring devices and networks Parameter Description Connection name The name of the connection which was automatically created when the PUT/GET instruction was inserted is displayed. You can change the name of the connection by entered a different name in the field. You can also create a new connection or edit existing connections by clicking the "Create new connection" icon. Active connection establish ment Use the "Active connection establishment" option button to specify which partner starts the communication. When the connection is created, the local partner is initially specified by default for the establishment of the connection. If a device does not support active connection establishment, you have to activate active connection establishment on the other partner. Configured at one end If this check box is selected, the connection partner is the server for this connection. It cannot actively send or receive. This corresponds to the behavior of the PUT/GET instructions. In this case, other instructions are not possible. If the check box is not selected, other instructions can also be used for the communication. Starting connection parameter assignment You can assign the connection parameters for PUT and GET in the inspector window as soon as you have inserted and selected a PUT or GET instruction in a program block. Procedure To insert PUT/GET instructions, follow these steps: 1. Open the "Instructions" task card in the "Communication > S7 Communication" folder. 2. Drag a PUT or GET instruction to a network. The "Call options" dialog opens. 3. Optional: Edit the properties of the instance DB in the "Call properties" dialog. You have the following options: - Change the default name. - Select the "Manual" check box to assign your own number. 4. Click "OK". Result A corresponding instance data block is created for the inserted PUT or GET instruction. For S7-300 CPUs, a function block is also created in the program resources. When PUT or GET instruction is selected, you will see the "Configuration" tab under "Properties" in the inspector window. The "Connection parameters" group in area navigation contains the connection parameter assignment that you can now make. See also Creating and assigning parameters to connections (Page 661) Deleting connections (Page 662) 660 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Creating and assigning parameters to connections You can create S7 connections and assign the parameters for these in the connection parameter assignment of the PUT/GET instructions. Changed values are checked immediately by the connection parameter assignment for input errors. Requirement A CPU exists with a PUT or GET communication instruction. Procedure To configure an S7 connection using PUT/GET instructions, follow these steps: 1. In the program editor, select the call of the PUT or GET instruction. 2. Open the "Properties > Configuration" tab in the inspector window. 3. Select the "Connection parameters" group. Until you select a connection partner, only the empty drop-down list for the partner end point is enabled. All other input options are disabled. The connection parameters already known are displayed: - Name of the local end point - Interface of the local end point - IP address of the local end point 4. In the drop-down list box of the partner end point, select a connection partner. You can select an unspecified device or a CPU in the project as the communications partner. The following parameters are automatically entered as soon as you have selected the connection partner: - Interface of the partner end point - Interface of the partner end point. If several interfaces are available, you can change the interface as required. - Interface type of the partner end point - Subnet name of both end points - IP address of the partner end point - Name of the connection which is used for the communication. If no connection exists yet, it is automatically established. 5. If required, change the connection name in the "Connection name" input box. If you want to create a new connection or edit an existing connection, click on the "Create new connection" icon. Note The PUT and GET instructions between two communication partners can only run if both the hardware configuration and the program part for the partner end point have been loaded into the hardware. To achieve fully functional communication, make sure that you load not only the connection description of the local CPU on the device but also that of the partner CPU as well. WinCC Advanced V14 System Manual, 10/2016 661 Editing devices and networks 10.1 Configuring devices and networks Deleting connections A connection which was automatically created during the insertion of a PUT or GET instruction appears in the connection table of the network view like every standard connection. As a result, it can be deleted in the connection table. Procedure To delete a connection, follow these steps: 1. Open the connection table in the network view. 2. In the connection table, select the connection that you want to delete. 3. To do this, right-click the connection and select the "Delete" command from the shortcut menu. Result The connection is deleted. The PUT or GET instruction and the associated instance data blocks are retained and must be manually deleted if necessary. To continue using the PUT or GET instruction, you must configure the connection again in the inspector window of the program editor, since all connection parameters were also deleted when the connection was deleted. In this case, specify a new communication partner and a suitable connection. Block parameter assignment Assigning parameters to start request To start communication via the PUT or GET instruction, you have to specify an event which activates the instruction. This event is referred to as control parameter (REQ). The communication job is activated as soon as there is a positive edge at the control parameter REQ. Please note that the control parameter REQ is assigned the default FALSE at first call. Requirement The program editor is open. You have already inserted a PUT or GET instruction. A connection has been established between two communication partners. Procedure To define the REQ control parameter, follow these steps: 1. Select the PUT or GET instruction in the program editor. 2. Open the "Configuration" tab in the inspector window. 662 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Select the "Block parameter assignment" entry in the area navigation. 4. In the "REQ" field, select a tag of the "BOOL" data type to initialize the execution of the instruction. Alternatively, you can also interconnect a previous instruction in the program editor. See also Data consistency (Page 4177) PUT: Set parameters for write and send area (Page 663) GET: Set parameters for read and memory area (Page 664) PUT: Set parameters for write and send area For communication via the PUT instruction, you must specify the memory area of the partner CPU to which the data should be written. In addition, you must specify the memory area of the local CPU from which the data is to be read. Requirement The program editor is open. You have already inserted a PUT instruction. A connection has been established between two communication partners. Procedure To specify the read and the memory area for the instruction, follow these steps: 1. Select the PUT instruction in the program editor. 2. Open the "Configuration" tab in the inspector window. 3. Select the "Block parameter assignment" entry in the area navigation. 4. In the "In/Outputs > Write area (ADDR_1) > Start" field, select a "REMOTE" data type pointer to the area of the partner CPU which is to be written. Only absolute addressing is permitted. Example: P#DB10.DBX5.0 Byte 10 5. In the "Length" field, enter the length of the write area and select the data type of the memory area from the drop-down list. 6. In the "In/Outputs > Send area (SD_1) > Start" field, select a pointer to the area in the local CPU which contains the data to be sent. 7. In the Length field, enter the length of the memory area to be read and select the data type from the drop-down list. Only the data types BOOL (for a bit array, "0" must be used as address and an integer multiple of byte must be used as length), BYTE, CHAR, WORD, INT, DWORD, DINT, REAL, COUNTER, TIMER are permitted. If the VARIANT pointer accesses a DB, the DB must always be specified (for example: P#DB10.DBX5.0 Byte 10). WinCC Advanced V14 System Manual, 10/2016 663 Editing devices and networks 10.1 Configuring devices and networks See also GET: Set parameters for read and memory area (Page 664) GET: Set parameters for read and memory area For communication via the GET instruction, you must specify the memory area of the local CPU to which the data should be written. In addition, you must specify the memory area of the partner CPU from which the data is to be read. Requirement The program editor is open. You have already inserted a GET instruction. A connection has been established between two communication partners. Procedure To specify the read and the memory area for the instruction, follow these steps: 1. Select the GET instruction in the program editor. 2. Open the "Configuration" tab in the inspector window. 3. Select the "Block parameter assignment" entry in the area navigation. 4. In the "In/Outputs > Read area (ADDR_1) > Start" field, select a "REMOTE" data type pointer to the area of the partner CPU which is to be read. Only absolute addressing is permitted. Example: P#DB10.DBX5.0 Byte 10 5. In the "Length" field, enter the length of the read area and select the data type of the memory area from the drop-down list. 6. In the "In/Outputs > Memory area (RD_1) > Start" field, select a pointer to the area in the local CPU in which the read data is to be stored. 7. In the Length field, enter the length of the memory area and select the data type from the drop-down list. Only the data types BOOL (for a bit array, "0" must be used as address and an integer multiple of byte must be used as length), BYTE, CHAR, WORD, INT, DWORD, DINT, REAL, COUNTER, TIMER are permitted. See also PUT: Set parameters for write and send area (Page 663) 664 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Connection resources Configuration limits in the connection configuration Connection resources Some communications services require connections. During operation, communication connections utilize memory and program resources of the CPUs, CPs, and CMs involved in the communication path (e.g., memory areas in the CPU operating system). Within a controller (PLC), this applies, for example, to the CPU as connection end point and to the extensions with CPs as interfaces to the subnets. In most cases, one resource per CPU/CP/CM is assigned for a connection. In HMI communication, up to 3 connection resources are required for each HMI connection. Available connection resources The maximum configuration limit within the automation system is always defined by the CPU, either through the high system limit defined by the CPU (S7-1200/1500) or through the sum of usable resources of the CPU and CP (S7-300/400). In most cases, the available connection resources of a CPU/CP/CM are automatically distributed to their interfaces, as required. Each CPU brings along reserved connection resources for programming device, HMI, and Web server communication in its configuration. In addition, there are available resources that can be used for any HMI, S7 and open communication (S7-1200/1500). You can determine which resources are available to you based on the configuration of the devices as follows: Selection of the device type at connection end point (CPU) Number and type of additional communication modules (CP, CM) The number of connection resources available differs for the various automation systems: S7-300: The used CPU defines the number of available resources for connections. The maximum number of resources for connections can be expanded by added CPs. S7-400: The used CPU defines the number of possible resources for S7 connections. The resources can also be used for other connection types, in which case the maximum number of resources for other connection types can be expanded by adding CPs. S7-1200: The used CPU defines the number of possible resources for S7 connections. This high limit can be extended by adding CPs or CMs. S7-1500: The CPU that is used defines the applicable high limit of the connection resources for the whole automation system. The CPU itself accounts for some of these connection resources, and additional resources are accrued via CPs and CMs. However, regardless of how many CPs and CMs are added, the total number of connection resources cannot exceed the high limit of connection resources defined by the CPU type. WinCC Advanced V14 System Manual, 10/2016 665 Editing devices and networks 10.1 Configuring devices and networks Time of occupation of connection resources Which resources are actually used in operation, depends on which communication functions are used at any specific time and which communication connections are enabled at any specific time. Therefore, only limited checks of compliance with specific configuration limits and available communication resources can be performed at the time of configuration. The connection configuration offers the greatest possible support for this. Factors influencing the configuration limits You determine the communication resources with the device configuration: Number of available S7 connection resources in the CPU (S7-300/400) Number of connection resources for S7 communication and open communication in the station (S7-1500) Number of protocol-specific connection resources in the CPs/CMs Number of available CPs/CMs Automatic, programmed, or configured connection setup Behavior of the connection configuration During input, the connection configuration checks the following circumstances and behaves as follows: During the creation of S7 connections Is the maximum number of available S7 connections assigned? If yes, it is not possible to configure another S7 connection via the selected interface. For the S7-300, it is possible to increase the configuration limit by adding CPs. During the creation of any connection types Is the maximum number of protocol-specific connection resources in the interface (CP) assigned? If yes, it is not possible to configure another connection of the selected type via the selected interface. For the S7-300/400, it is possible to increase the configuration limit by adding CPs. During the creation of any connection types with OPC (PC stations) In the case of connections with OPC as connection end point, more connections can generally be configured than can be operated at any one time in the CP used in the PC station. That is because the connection properties differentiate between "Maintain permanently" and "Set up on demand". 666 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks When the connection configuration is compiled, a warning or, in the case of a non-assignable interface, an error is output, if appropriate. Note S7 connection resources are exhausted If the maximum number of S7 connection resources is reserved, no S7 connection resources additionally required for data transmission between CPU and CP are in operation or possibly available for connections. The corresponding communication jobs are then refused. You should therefore make sure that there is a sufficient number of non-assigned S7 connection resources, depending on the total assigned communication functions. You can find the number of reserved S7 connection resources for the selected S7-300 or S7-1200/1500 CPU in the area navigation under "Connection resources". For the S7-300, only the connection resources of the CPU are shown. For the S7-1200/1500, you also see the resources of the CPs and CMs. Connection resources and communication type Every connection needs connection resources for the endpoint and transition point (e.g., CP, CM) on the devices involved. The number of available connection resources is CPU/CP/CMspecific. If all the connection resources of a communication partner are assigned, no new connections can be established. Each type of communication is considered in detail below. Any number of combinations are possible however as long as the available connection resources are taken into account. S7 connections via integrated interface With S7 connections via the integrated MPI/PROFIBUS DP/PN interface, one connection resource is assigned for the endpoint on the CPU per S7 connection. This applies to all S7-300/400/1200/1500 CPUs. &38 Assigned S7 connection resource on the CPU Subnet (e.g., MPI, PROFIBUS-DP, or Industrial Ethernet/PROFINET) S7-300/400 CPU: One S7 connection resource is assigned on the CPU. S7-1200/1500 CPU: One S7 connection resource is assigned on the CPU and thus also one S7 connection resource on the station. WinCC Advanced V14 System Manual, 10/2016 667 Editing devices and networks 10.1 Configuring devices and networks S7 connections via external interfaces With S7 connections via an external CP interface, a distinction should be made between the following scenarios: S7-300 CPU - S7 connection configured at one end: One S7 connection resource is assigned on the CPU (for the endpoint) and one S7 connection resource on the CP (transition point) for each S7 connection. &38 &3 &38 &3 One S7 connection resource in the CPU and one in the CP of the local end point Connection partner Subnet, e.g., Industrial Ethernet - S7 connection configured at both ends: One S7 connection resource is assigned on the CP for each S7 connection. &38 &3 &38 &3 One S7 connection resource in the CP of the local end point Connection partner Subnet, e.g., Industrial Ethernet S7-400 CPU One S7 connection resource is assigned on the CPU (for the endpoint) and one S7 connection resource on the CP (transition point) for each S7 connection. 668 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks &38 &3 &38 &3 One S7 connection resource in the CPU and one in the CP of the local end point Connection partner Subnet, e.g., Industrial Ethernet S7-1200/1500 CPU - S7 connection configured at one end: One S7 connection resource is assigned on the CPU and thus also one S7 connection resource on the station for each S7 connection. &38 &3 &38 &3 One S7 connection resource in the CPU and one in the CP of the local end point Connection partner Subnet, e.g., Industrial Ethernet - S7 connection configured at both ends: One S7 connection resource is assigned on the CPU and thus also one S7 connection resource on the station for each S7 connection. &38 &3 &38 &3 WinCC Advanced V14 System Manual, 10/2016 One S7 connection resource in the CP and, thus, also one in the station Connection partner Subnet, e.g., Industrial Ethernet 669 Editing devices and networks 10.1 Configuring devices and networks Note The number of reserved S7 connection resources for the selected CPU for certain CPU types of the S7-300, and for the selected CPU and its connected communication modules for the S7-1200/1500, can be seen in the area navigation under "Connection resources". S7 connection resources for OP/PG and S7 basic communication can be reserved here. Connections for open communication services (SEND/RECEIVE interface) Communication via the SEND/RECEIVE interface is solely via CPs. For this, one protocolspecific connection resource is allocated for the endpoint per connection (i.e., FDL, ISO transport ISO on TCP, UDP and TCP connection). Here, no connection resources are required for the connection on the CPU. &38 &3 1 assigned connection resource in the CP Subnet, e.g., Industrial Ethernet Exception: on the S7-400 CPU, connections with the property "SPEED SEND/RECEIVE" require an additional S7 connection resource for each "SPEED SEND/RECEIVE" connection on the CPU. Connection resources and connection type Setting up the connection Often, you can decide between a configured setup or a programmed setup. The programmed setup makes it easier to release connection resources following data transfer. With configured setup, you receive help in managing connection resources in STEP 7. Table 10-2 Setting up the communication service Communication service 670 Automatic setup Programmed setup Configured setup PG communication X - - HMI communication X - X S7 communication - X X Open communication via TCP/IP - X X WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Communication service Automatic setup Programmed setup Configured setup Open communication via ISO-onTCP - X X Open communication via UDP - X X Open communication via ISO - X X Open communication via e-mail - X - Open communication via FTP - X - Open communication via FDL - X X S7 routing - - X Assignment of connection resources according to the connection setup Connection resources are assigned in different ways, depending on the type of connection setup: Configured setup In the case of configured connections, the connection resource is assigned as soon as the hardware configuration has been downloaded to the CPU. For OPC servers, the resources are assigned, as required. Programmed setup The call of the appropriate instructions for establishing the connection (using TSEND_C or T_CON) triggers assignment of a connection resource. Automatic setup As soon as you have connected the programming device or HMI device to a CPU physically and online, the connection resources will be assigned. Connection resources for configured setup You set up the connection in the network view of the hardware and network editor in the context of a CPU. Following the data transfer, the connection is not terminated, i.e., the connection resources remain permanently assigned. To terminate the connection you must delete the connection configuration and download the modified configuration to the CPU. OPC connections are automatically established and terminated as needed. If you have configured the connections, compliance with the maximum possible number of connection resources in the automation system will be monitored. Connection resources for programmed setup You set up the connection in the program editor in the context of a CPU by parameter assignment of instructions for communication, e.g., TSEND_C. Once the connection is established by the TCON or TSEND_C instruction, the connection will be terminated through appropriate parameter assignment of the TSEND_C instruction or by calling the TDISCON instruction after the data transfer. If the connection is terminated, the connection resources in the CPU/CP/CM are available again. If the connection is retained and WinCC Advanced V14 System Manual, 10/2016 671 Editing devices and networks 10.1 Configuring devices and networks another data transfer is performed, the processing time of the instructions will be shorter because the connection does not have to be reestablished. If the establishment and termination of connections are programmed in the user program, you are responsible for ensuring compliance with the automation system limits. If necessary, you will receive a communication error at the "STATUS" output parameter of the TSEND_C or T_CON instruction and can obtain more detailed information from the connection diagnostics. Connection resources for automatic setup The connection will be set up automatically (e.g., programming device or HMI connection) as soon as the PG/PC interface has been physically connected to an interface of the CPU and the assignment to the interface has been made in the "Go online" dialog. For automatically set up connections, compliance with the connection resources reserved in the automation system for these connections is monitored. See also TCON: Establish communication connection (Page 4254) TDISCON: Terminate communication connection (Page 4264) TSEND_C: Send data via Ethernet (Page 4200) TSEND_C: Establishing a connection and sending data (Page 4205) TCON: Establish communication connection (Page 4258) S7-1200 connection resources: (S7-1200) Display of connection resources (S7-1200) Connection resources in the Inspector window You will find an overview of the reserved and available connection resources of an S7-1200 automation system in the inspector window of the hardware and network editor under the CPU properties. Overview of connection resources The CPU supports at most the following number of simultaneous asynchronous communication connections for PROFINET and PROFIBUS. The maximum number of connection resources assigned to each category is predefined. You cannot modify the values. The 6 freely available connections can, however, be used to increase the number of connections in each category as required by your application. The display of connection resources distinguishes between the offline and online view. The following figure shows you the offline display of the reserved and available connection resources of a CPU 1217C: 672 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Station-specific connection resources Module-specific connection resources Station-specific connection resources The columns of the station-specific connection resources provide information about the reserved and dynamically available connection resources of the station. In the example, a maximum of 68 station-specific connection resources are available for the automation system. 62 connection resources are reserved for specific connection types 6 connection resources can be used freely for connection types The warning triangle in the column of the dynamic station resources is displayed because the sum of the maximum available connection resources of the CPU has reached the station limit of 68. Note Exceeding the available connection resources STEP 7 signals the reaching of the station-specific connection resources with a warning. If you require more connection resources, you either have to use a CPU with a higher maximum number of available station-specific connection resources or reduce the number of communications connections. Module-specific connection resources The columns of the module-specific connection resources provide information about the allocation of resources on the CPUs, CPs and CMs of an automation system: The display is per module and not per interface. In the example, the CPU provides a maximum of 68 connection resources. Note If you add CM/CP modules, the total number of S7-1200 communication resources is not increased. WinCC Advanced V14 System Manual, 10/2016 673 Editing devices and networks 10.1 Configuring devices and networks Online view If you are connected to the CPU online, you can also see how many resources are currently being used in the "Connection information" tab of the "Diagnostics" section in the Inspector window. The online view of the "Connection resources" table not only displays the reserved and dynamic connection resources of the configured connections, but also includes columns containing the connection resources of the programmed and automatically set-up connections that are currently allocated in the station. Thus, the online view displays all the assigned connection resources in the automation system, regardless of how the connection was set up. The "Other communication" row displays connection resources assigned for communication with external devices and communication via data record routing. The table is updated automatically. If there are inconsistencies between the configured hardware configuration and the hardware configuration available online, a corresponding message will be output. Resource requirements of the connections The communication connections of open user communication, S7 connection, HMI, programming device and Web server (HTTP) can utilize several connection resources on the basis of the functions used. The following number of connections are available per device on the basis of the assigned connection resources: Programming device (PG) Maximum number of connection re sources of a CPU 1217C HMI devices 4 12 (guaranteed support of a programming de vice connection) (guaranteed support of four HMI connec tions) GET/PUT client/ Open user commu server nication 8 8 Web browser 30 (guaranteed sup port of three HTTP connections) Programming device communication For example, four connection resources are available for programming device communication. Depending on the currently used programming device functions, the programming device occupies up to three connection resources for a connection. With the S7-1200, at least one programming device connection is guaranteed at all times. HMI communication A further example is the number of HMI devices as shown in the following figure. 12 connection resources are available for HMI devices. Depending on the type or model of your HMI device and the HMI functions used, the HMI device can require up to three connection resources for an HMI connection. For example, a Basic Panel requires up to two connection resources in the CPU for an HMI connection, while a Comfort Panel requires up to three connection resources in the CPU. Depending on the number of required connection resources, at least four HMI connections can be configured simultaneously. 674 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks An HMI device can use its available connection resources for the following functions: Reading Writing Interrupts and diagnostics This is only an example. The actual number of connections can differ depending on the type and version of the HMI device. Example Used con nection re sources HMI 1 HMI 2 HMI 3 HMI 4 HMI 5 Total num ber of availa ble connec tion resour ces 2 2 2 3 3 12 Information regarding the availability and assignment of connection resources for HMI connections is available in the offline view in the HMI device context (under "Properties > General > Connection resources" in the Inspector window): The following is displayed in the connection resources area: Number of available connections on the HMI reserved for HMI communication and HTTP communication Number of connection resources for HMI communication and HTTP communications used offline in the HMI If the maximum number of available connection resources for an HMI device is exceeded, a corresponding alarm is output by STEP 7. Maximum number of used PLC resources per HMI connection. This parameter is a factor that is to be multiplied by the number of HMI connections used offline. The product is the number of HMI resources occupied on the CPU. If the maximum number of available connection resources for an HMI device is exceeded, a corresponding alarm is output. WinCC Advanced V14 System Manual, 10/2016 675 Editing devices and networks 10.1 Configuring devices and networks Web communication The CPU offers Web server (HTTP) connections for several Web browsers. The number of browsers that can be supported simultaneously by the CPU depends on the number of connections that a Web browser requests/utilizes. Connection resources S7-1500 (S7-1500) Connection resources in the automation system (S7-1500) Introduction Some communications services require connections. Connections occupy resources in the automation system. The connection resources are made available by the CPUs, communications processors (CPs) and communications modules (CMs). Connection resources of a station The connection resources available depend on the CPUs, CPs and CMs and may not exceed a maximum number per station. The maximum number of resources of a station is determined by the CPU. Each CPU has reserved connection resources for PG, HMI and Web server communication. This ensures, for example, that a PG can always establish at least one online connection with the CPU regardless of how many other communications services are already using connection resources. In addition, there are dynamic resources. The difference between the maximum number of connection resources and the number of reserved connection resources is the maximum number of dynamic connection resources. The communication services PG communication, HMI communication, S7 communication, Open User Communication, Web communication and other communication (such as OPC UA) use the dynamic connection resources from the pool. The figure below shows an example of how individual components make connection resources available to an S71500 station. 676 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks % $ & ' Available connection resources of the station, of which A Reserved connection resources of the station A+B Connection resources of CPU 1518 C Connection resources of communications module CM 15421 D Connection resources of communications processor CP 15431 Maximum communications resources of the station using the example of a configuration from CPU 1518, CM 15421 and CP 15431 Number of connection resources of a station The following table lists the maximum number of available connection resources for some CPU types: Connection resources of a station Maximum connection resour ces of the station 1511 1511C 1512C 96 128 1515 1516 1517 1518 192 256 320 384 1513 of which reserved of which dynamic 10 86 118 182 246 310 374 Connection resources of the CPU 64 88 108 128 160 192 Max. additionally usable con nection resources by plug ging in CMs/CPs 32 40 84 128 160 192 WinCC Advanced V14 System Manual, 10/2016 677 Editing devices and networks 10.1 Configuring devices and networks Connection resources of a station 1511 1511C 1512C 1515 1516 1517 1518 1513 Additional connection resour ces CM 1542-1 64 Additional connection resour ces CP 1543-1 118 Additional connection resour ces CM 1542-5 40 Additional connection resour ces CP 1542-5 16 The number of connection resources supported by a CPU or a communication module is described in the technical specifications section of the manuals. Example You have configured a CPU 1518-4PN/DP with a communications module CM 1542-1 and a communications processor CP 1542-5. Maximum connection resources of the station: 384 Available connection resources: - CPU 1518-4 PN/DP: 192 - CM 1542-1: 64 - CP 1542-5: 16 - Total: 272 The setup provides 272 connection resources. By adding further communication modules the station can support a maximum of 112 additional connection resources. Reserved connection resources 10 connection resources are reserved for stations with S71500 CPU, ET 200SP CPU and ET 200pro CPU based on S7-1500: 4 for PG communication required by STEP 7, for example, for test and diagnostics functions or downloading to the CPU 4 for HMI communication which are occupied by the first HMI connections configured in STEP 7 2 for communication with the Web server 678 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Allocation of connection resources (S7-1500) Overview - occupation of connection resources The following figure shows how different connections occupy the resources of the S7-1500: :HEVHUYHU +0, 6 6 23&8$FOLHQW 3*3& HMI communication: See below. Open User Communication: Connections of Open User Communication occupy a connection resource in every end point. S7 communication: Connections of S7 communication occupy a connection resource in every end point. Web communication: The Web server connection occupies at least one connection resource in the station. The number of occupied connections depends on the browser. PG communication: The PG connection occupies one connection resource in the station. OPC UA communication: Each session that the OPC UA server of the CPU establishes with an OPC UA client usually occupies one connection resource (other communication) in the station. Connection resource for HMI communication Connection resource for Open User Communication Connection resource for S7 communication Connection resource for Web communication Connection resource for PG communication Connection resource for other communication (for example OPC UA) WinCC Advanced V14 System Manual, 10/2016 679 Editing devices and networks 10.1 Configuring devices and networks Connection resources for HMI communication With HMI communication, the occupation of connection resources in the station depends on the HMI device being used. The following table lists the maximum number of occupied connection resources for an HMI connection depending on the various HMI devices: 1 HMI device Maximum number of allocated connection resour ces of the station for each HMI connection Basic Panel 1 Comfort Panel 21 RT Advanced 21 RT Professional 3 If you do not use system diagnostics or alarm configuration, the station occupies only one connection resource per HMI connection. Example: You have configured the following HMI connections for a CPU 15163 PN/DP: Two HMI connections to an HMI TP700 Comfort (2 connection resources each) One HMI connection to an HMI KTP1000 Basic (1 connection resource) A total of 5 connection resources are allocated for HMI communication in the CPU. Connection resources for routing S7 connections beyond network boundaries (S7 routing) To transfer data beyond S7 subnets ("S7 routing"), an S7 connection is established between two CPUs. The S7 subnets are connected via gateways known as S7 routers. The router is the transition point of an S7 connection and is capable of establishing S7 connections. CPUs, CMs and CPs in S71500 are S7 routers. The following applies for a routed S7 connection: A routed connection occupies one connection resource each in both end points. STEP 7 shows these connection resources in the "Connection resources" table. On the S7 router, two special connection resources are occupied for S7 routing. STEP 7 does not display the special connection resources for S7 routing in the "Connection resources" table. The number of resources for S7 routing depends on the CPU. You will find the resources for S7 routing in the technical specifications of the CPU in "Number of S7 routing connections". The following figure shows the allocation of the connection resources at S7 routing: (QGSRLQW 6URXWHU (QGSRLQW Connection resource for S7 communication Special connection resources for S7 routing 680 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Data record routing Data record routing also enables transfer of data beyond S7 subnets from an engineering station connected to PROFINET to various field devices via PROFIBUS. With data record routing, as with S7 routing, two of the special connection resources for S7 routing are also occupied at the network transitions in every record router. At the end point of communication (CPU), connection resources for data record routing are displayed in the online view of the "Connection resources" table in the "Other communication" row. Note Connection resources with data record routing With data record routing, on the data record router, two special connection resources for S7 routing are occupied. Neither the data record connection nor the allocated connection resources are displayed in the table of connection resources. You are responsible for observing the limits during configuration. When are connection resources occupied? The time for the occupation of connection resources depends on how the connection is set up. Programmed setup of a connection As soon as an instruction to establish a connection is called in the user program of the CPU (TSEND_C/TRCV_C or TCON), a connection resource is occupied. With suitable parameter assignment of the CONT parameter of the TSEND_C/TRCV_C instructions or by calling the TDISCON instruction, the connection can be terminated following data transfer and the connection resource is available again. If the connection is terminated, the connection resources on the CPU/CP/CM are available again. Configured connections (e.g. HMI connection) If you have configured a connection in STEP 7, the connection resource is occupied as soon as the hardware configuration is loaded to the CPU. After using a configured connection for data transfer, the connection is not terminated. The connection resource is permanently occupied. To release the connection resource again, you need to delete the configured connection in STEP 7 and download the modified configuration to the CPU. Programming device connection As soon as you have connected the programming device to a CPU online in STEP 7, connection resources are occupied. Web server As long as you have opened the Web server of the CPU in a browser, connection resources are occupied in the CPU. OPC UA server As long as a session exists between the OPC UA server of the CPU and an OPC UA client, a connection resource is occupied in the CPU. WinCC Advanced V14 System Manual, 10/2016 681 Editing devices and networks 10.1 Configuring devices and networks Monitoring the maximum possible number of connection resources Offline During configuration of connections, STEP 7 monitors the occupation of the connection resources. If the maximum possible number of connection resources is exceeded, STEP 7 signals this with a suitable warning. Online The CPU monitors the use of connection resources in the automation system. If you establish more connections in the user program than those provided by the automation system, the CPU acknowledges the instruction to establish the connection with an error. Display of the connection resources (S7-1500) Connection resources in the Inspector window You will find an overview of the reserved available connection resources of an S7-1500 automation system in the Inspector window of the hardware and network editor under the CPU properties. Display of the connection resources in STEP 7 (offline view) The display of connection resources distinguishes between the offline and online view. The following figure shows you the offline display of the reserved and available connection resources of an S7-1500 CPU with a CP and a CM: 682 Station-specific connection resources Module-specific connection resources WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Station-specific connection resources The columns of the station-specific connection resources provide information about the reserved and dynamically available connection resources of the station. In the example, a maximum of 256 station-specific connection resources are available for the automation system. 10 reserved connection resources, of which 4 are already in use and a further 6 still available. The occupied 4 resources are used for HMI communication. 246 dynamic connection resources, of which 81 are already in use and a further 165 still available. The configured resources are divided up as follows: - 6 resources for HMI communication - 23 resources for S7 communication - 52 resources for Open User Communication The warning triangle in the column of the dynamic station resources is therefore displayed because the sum of the maximum available connection resources of CPU, CP and CM (= 294 connection resources) exceeds the station limit of 256. Note Exceeding the available connection resources STEP 7 signals the exceeding of the station-specific connection resources with a warning. To make full use of the connection resources from the CPU, CP and CM, either use a CPU with a higher maximum number of available station-specific connection resources or reduce the number of communications connections. Module-specific connection resources The columns of the module-specific connection resources provide information about the allocation of resources on the CPUs, CPs and CMs of an automation system: The display is per module and not per interface. In the example, the CPU makes a maximum of 128 connection resources available, of which 47 are already in use and a further 81 still available. The configured resources are divided up as follows: 6 resources for HMI communication 2 resources for S7 communication 39 resources for Open User Communication The CP makes 118 resources and the CM 48 resources available, of which 17 resources and 21 resources respectively are used. WinCC Advanced V14 System Manual, 10/2016 683 Editing devices and networks 10.1 Configuring devices and networks Display of the connection resources in STEP 7 (online view) If you are connected to the CPU online, you can also see how many resources are currently being used in the "Connection information" tab of the "Diagnostics" section in the Inspector window. The following figure shows you the online display of the reserved, available and used connection resources of an S7-1500 CPU: The online view of the "Connection resources" table not only displays the reserved and dynamic connection resources of the configured connections, but also includes columns containing the connection resources of the programmed and automatically set-up connections that are currently allocated in the station. Thus, the online view displays all the assigned connection resources in the automation system, regardless of how the connection was set up. The "Other communication" row displays connection resources assigned for communication with external devices and communication via data record routing. The table is updated automatically. If there are inconsistencies between the configured hardware configuration and the hardware configuration available online, a corresponding message will be output. Note If a routed S7 connection goes through a CPU, the required connection resources of the CPU do not appear in the table of connection resources! Display of the connection resources for HMI For HMI communication, connection resources in the CPU are assigned according to the HMI device used and the applications in which the HMI device is used. For example, a Basic Panel requires up to two connection resources in the CPU for an HMI connection, while a Comfort Panel requires up to three connection resources in the CPU. 684 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Information regarding the availability and allocation of connection resources for HMI connections is available in the offline view in the HMI device context (under "Properties > General > Connection resources" in the Inspector window). The following is displayed in the connection resources area: Number of available connections on the HMI reserved for HMI communication and HTTP communication Number of connection resources for HMI communication and HTTP communications used offline in the HMI If the maximum number of available connection resources for an HMI device is exceeded, a corresponding alarm is output by STEP 7. "Maximum number of used PLC resources per HMI connection". This parameter is a factor that is to be multiplied by the number of HMI connections used offline. The product is the number of HMI resources occupied on the CPU. If the maximum number of available connection resources for an HMI device is exceeded, a corresponding alarm is output. Displaying the connection resources in the Web server You can display the connection resources not only in STEP 7, but also with a browser that displays the relevant page of the Web server. You will find information on displaying connection resources in the Web server in the function manual for the Web server. Example for calculating the connection resources (S7-1500) Introduction This example for the table displaying connection resources shows you how the individual table entries are put together. WinCC Advanced V14 System Manual, 10/2016 685 Editing devices and networks 10.1 Configuring devices and networks Requirement 2x CPU 1516-3 PN/DP with one CP 1543-1 and one CM 1542-1 each as connection partners for purposes of extending the configuration limit. 1x TFT display MP 377 12" Touch with WinAC MP 377 as a connection partner for HMI connections. The devices are networked together. Creating the connections Once the connection partners (CPUs, CPs, CMs, MP 377) have been created and networked in the network view of the hardware and network editor, follow these steps: 1. Switch to connection mode in the network view. 2. Create the following connections: - S7 connections: 2x via CPU, 21x via CM - TCP connections: 2x via CPU, 4x via CM - ISO connection: 6x via CP - ISO-on-TCP: 3x via CPU, 4x via CM - UDP connections: 4x via CPU, 106x via CP - HMI connections: 1x via CPU, 2x via CP Result The display of connection resources shows you not only the available resources but also the resources required for the created connections. The available resources of devices and modules are highlighted in the following figure. 686 Depending on the CPU, at most 256 connections are available for this station. Ten (10) resources are reserved for particular connection types and 246 resources are dynamically available. The CPU provides 128 connection resources, and the CP and CM each provide another 118 resources. CPU, CP, and CM altogether provide 128 + 118 + 118 = 364 resources. Because more connection resources are provided via the devices and modules than the station can operate with its maximum limit of 256 connection resour ces, a warning icon is displayed. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following figure highlights the resources utilized by the created connections: These are the resources assigned via the HMI connections. In this example, one HMI connection utilizes 3 connec tion resources. For the whole station, 3 + 6 = 9 connection resources are required for the HMI communication. Four (4) resources are reserved for the HMI communication. The 9 resources required for HMI communication are broken down as follows: For the first 4 resources, the resources already reserved for HMI communication will be used. The other 5 required resources will be taken from the dynamic resources. These are the resources assigned via the S7 connections. An S7 connection occupies 1 connection resource. For the whole station, 2 + 21 = 23 connection resources are required. For the S7 communication, there are no reserved resources. All 23 required resources come from the dynamically available resources. These are the resources of the Open User Communication (for TCP, FDL, ISO, ISO-on-TCP, and UDP). For the whole station, 9 + 112 + 8 = 129 connection resources are required. For the Open User Communication, there are no reserved resources. All 129 required resources come from the dynamically available resources. WinCC Advanced V14 System Manual, 10/2016 687 Editing devices and networks 10.1 Configuring devices and networks Calculation of connection resources Based on the available and utilized resources of individual devices and modules, the resources that are still free and the total resources used are calculated: All required resources for the respective communication types of the CPU are displayed here. Three (3) resources are required for HMI communication, 2 for S7 communication, and 9 for the connection types of the Open User Communication. The total number of resources required is listed below the required resources for the communication types. For the CPU, therefore, 3 + 2 + 9 = 14 resources are required. The CP 1543-1 has 118 available connection resources. If these are utilized, no more connections can be created for the CP. For the CP 1543-1, 118 connection resources are already utilized by the 2 HMI connections (3 resources each = 6 resources) and 112 resources by connections of the open communication. The CP 1543-1 has no more free resources. No more connections can be created for the CP 1543-1. The number of resources still available and the total number of resources used is also displayed for the whole station: 688 All connection resources used (configured), including both reserved and dynamic connection resources, for the individual communication types for the entire station. The values represent the sum of all resources utilized for devices and modules (CPU, CP, CM). All connection resources used (configured), including both reserved and dynamic connection resources, for all communication types for the entire station. Total number of reserved and dynamic connection resources still available. The values are obtained by subtracting the number of resources used from the maximum number of resources that can be configured. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Data consistency (S7-1500) Definition Data consistency is important for data transfer and you need to take this into account when configuring the communication task. Otherwise, malfunctions may occur. A data area which cannot be modified by concurrent processes is called a consistent data area. This means that a data area which belongs together and which is larger than the maximum size of the consistent data area can consist in part of new and of old data at the same time. An inconsistency can occur when an instruction for communication is interrupted, for example by a hardware interrupt OB with higher priority. This interrupts the transfer of the data area. If the user program in this OB now changes the data that has not yet been processed by the communication instruction, the transferred data originates from different times: The following figure shows a data area that is smaller than the maximum size of the consistent data area. In this case, when transferring the data area, it is ensured that there is no interruption by the user program during data access so that the data is not changed. 5(&25' 6RXUFHGDWDDUHD 7DUJHWGDWDDUHD The source data area is smaller than the maximum size of the consistent data area (). The instruction transfers the data together to the destination data area. Maximum size of the consistent data area Figure 10-1 Consistent transfer of data The following figure shows a data area that is larger than the maximum size of the consistent data area. In this case, the data can be changed during an interruption of the data transfer. An interruption also occurs if, for example, the data area needs to be transferred in several parts. If the data is changed during the interruption, the transferred data originates from different times. WinCC Advanced V14 System Manual, 10/2016 689 Editing devices and networks 10.1 Configuring devices and networks 6RXUFHGDWDDUHDDWWLPH7 7DUJHWGDWDDUHD 6RXUFHGDWDDUHDDWWLPH7 7DUJHWGDWDDUHD The source data area is larger than the maximum size of the consistent data area (). At time T1, the instruction only transfers as much data from the source data area to the destination data area as fit in the consistent data area. At time T2, the instruction transfers the rest of the source data area to the destination data area. After the transfer, data from different points in time exist in the destination data area. If the data in the source data area has changed in the meantime, an inconsistency may result. Maximum size of the consistent data area Figure 10-2 Transfer of data larger than the maximum consistency area Example of an inconsistency The figure below shows an example of changing data during the transfer. The destination data area contains data from different points in time. (6$1$% (6$1 (6%+$$ (6$1 $$ Figure 10-3 690 Example: Changing data during the transfer WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks System-specific maximum data consistency for S71500: No inconsistency occurs if the system-specific maximum size of the consistent data is kept to. With an S7-1500, communication data is copied consistently into or out of the user memory in blocks of up to 512 bytes during the program cycle. Data consistency is not ensured for larger data areas. Where defined data consistency is required, the length of communication data in the user program of the CPU must not exceed 512 bytes. You can then access these data areas consistently, for example from an HMI device by reading/writing tags. If more data than the system-specific maximum size needs to be transferred consistently, you yourself must ensure the data consistency with suitable measures in the user program. Ensuring data consistency Use of instructions for access to common data: If the user program contains instructions for communication that access common data, for example TSEND/TRCV, you can coordinate access to this data area yourself, for example using the "DONE" parameter. The data consistency of the data areas that are transferred with an instruction for communication can therefore be ensured in the user program. Note Measures in the user program To achieve data consistency, you can copy transferred data to a separate data area (for example global data block). While the user program continues to work with the original data, you can transfer the data saved in the separate data area consistently with the communication instruction. For the copying, use uninterruptible instructions such as UMOVE_BLK or UFILL_BLK. These instructions ensure data consistency up to 16 KB. Use of PUT/GET instructions or Write/Read via HMI communication: In S7 communication with the PUT/GET instructions or Write/Read via HMI communication, you need to take into account the size of the consistent data areas during programming or configuration. In the user program of an S7-1500 as server, there is no instruction available that can coordinate the data transfer in the user program. The data exchanged using PUT/GET instructions updates the S7-1500 while the user program is running. There is no point in time within the processing of the cyclic user program at which the data is exchanged consistently. The length of the data area to be transferred should be smaller than 512 bytes. Additional information You will also find the maximum amount of consistent data in the CPU, CM or CP manuals in the Technical Specifications. You will find further information on data consistency in the description of the instructions in the STEP 7 online help. WinCC Advanced V14 System Manual, 10/2016 691 Editing devices and networks 10.1 Configuring devices and networks 10.1.3.3 Displaying and configuring topology Overview of the topology view Functions of the topology view The topology view is one of three working areas of the hardware and network editor. You undertake the following tasks here: Displaying the Ethernet topology - Displaying all the PROFINET devices and passive Ethernet components of the project along with their ports - Displaying interconnections between the ports - Displaying corresponding logical networks - Display diagnostic information of all ports Configuring the Ethernet topology - Creating, modifying and deleting interconnections of the ports - Renaming stations, devices, interfaces or ports - Adding PROFINET devices and passive Ethernet components to the project from the hardware catalog Identifying and minimizing differences between the desired and actual topology - Running an offline/online comparison of Ethernet modules, ports and port interconnections - Adopting existing online topology information in the offline project Note Devices without valid IP address Topology information (LLDP) cannot be read from a device without valid IP address. To prevent devices from having an invalid IP address, specify in the settings of the TIA Portal for hardware configuration that devices without valid IP address are temporarily assigned an IP address. Note Subnet membership Before the topology determination, you have to set for the local interface of your PG/PC the network address that the Ethernet components that are to be determined also have in the real plant. If you do not meet this requirement, no further topology information (information about ports and neighborhood relationships) can be determined. 692 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Differences between network view and topology view The network view shows all the logical subnets of the project. The topology view shows all Ethernet components of the project. These include passive components such as switches, media converters and cables. Note Stations with non-Ethernet components are also displayed if the station has a least one Ethernet component. The position of a device in the network view and its position in the topology view are initially independent of one other; in other words, the same device generally appears at different locations in the two views. If you want to align the devices in the topology view as in the network view, click on the following icon in the toolbar of the topology view. Icon Meaning Changes the position of the devices in the topology view so that the new position is as close as possible to the position in the network view. If you open the hardware catalog in the topology view, you only see devices with an Ethernet interface. Structure of the topology view The topology view (Page 532) essentially consists of a graphic area (called the graphic view below) and a table area (called the table view below). Which functions are there in the graphic view and which functions are there in the table view? Displaying the Ethernet topology Function Graphic view Table view Displaying all the PROFINET devices and passive Ethernet com ponents of the project along with their ports yes yes Display interconnections between the ports (including type of me dium) yes yes Displaying corresponding logical networks no yes Displaying properties of the cables between the ports no yes Display diagnostic information of all ports yes yes Configuring the Ethernet topology WinCC Advanced V14 System Manual, 10/2016 693 Editing devices and networks 10.1 Configuring devices and networks Function Graphic view Table view Creating, modifying and deleting interconnections of the ports Create: yes Create: yes Modify: yes Modify: yes Delete: yes Delete: yes Renaming stations, devices, interfaces or ports no yes Adding PROFINET devices and passive Ethernet components to the project from the hardware catalog yes no Identifying and minimizing differences between the desired and actual topology Function Graphic view Table view Running an offline/online comparison of Ethernet modules, ports and port interconnections no yes Adopting existing online topology information in the offline project no yes Structure of the table view The table view consists of the following two tabs: "Topology overview" tab "Topology comparison" tab The "Topology overview" tab provides the following functions: Display of the configured topology with hierarchical structures (from the station to the port) Configuration of the Ethernet topology The display of the diagnostics status of hardware components The "Topology comparison" tab provides the following functions: Identifying and minimizing differences between the desired and actual topology Starting the topology view Requirement The device or network view is open in the hardware and network editor. Procedure To start the topology view of your project, follow these steps: 1. Click on the "Topology view" tab. 694 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Or: 1. Open the network view of the hardware editor. 2. Select a PROFINET device or a PROFINET module. 3. Select the "Go to topology view" command in the shortcut menu. Result The topology view is started. If you opened the topology view using the shortcut menu, the selected component remains selected after the change of view. Displaying topology Displaying the graphic view of the configured topology What is shown? The graphic view of the configured topology shows the following: Configured PROFINET devices and passive Ethernet components along with their ports Configured stations with non-Ethernet components if there is at least one Ethernet component in the station Configured interconnections between the ports Type of display The way in which the graphic view of the topology view and the network view are displayed is very similar: Compared with the device view, components are shown in a simplified form. The interconnections between ports are shown as horizontal and vertical lines. These are dashed when an interconnection between a tool changer port and its possible partner ports is involved. Displaying the table view of the configured topology Requirement The table view of the topology is open. You are in the "Topology overview" tab WinCC Advanced V14 System Manual, 10/2016 695 Editing devices and networks 10.1 Configuring devices and networks What is shown? The table view of the configured topology shows exactly the same content as the graphic view except for the logical PROFINET subnets: All the configured PROFINET devices and passive Ethernet components along with their ports All the configured stations with non-Ethernet components if there is at least one Ethernet component in the station Configured interconnections between the ports For each port with the "Alternating partner port" property, there are as many completed rows as there are potential partner ports plus one empty row. Type of display As the name implies, the table view of the topology view consists of a table, the topology overview table. It displays the configured topology with hierarchical structures (from the station to the port) It is structured like the network overview table. It consists of the following columns: Device / port This is the most important column of the table. The entries in this column have a hierarchical structure with the PROFINET ports being the last element in the hierarchy. You can expand and collapse the hierarchical entries. For a CPU, for example, an entry consists of the following elements: - Station name - Device name - Name of the PROFINET interface - Names of the ports Note: All the other columns only have entries in the rows containing the port names. Slot Indicates the number of the slot in a rack in which the relevant module is installed. For interfaces, the designation of the interface is also displayed. Index (by default, this column is not displayed) Exists only with PC stations. Approximately corresponds to the slot. Device type (by default, this column is not displayed) Shows what type of station, device or interface the table row relates to or whether it belongs to a port. Article no. (by default, this column is not displayed) Article no. of the device Subnet (as default, this column is not displayed) Configured subnet to which the interface belongs Master/IO system (as default, this column is not displayed) Shows whether or not the interface belongs to a PROFIBUS DP master system or a PROFINET IO system. IP address (by default, this column is not displayed) Configured address of the interface in the subnet 696 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Partner station Name of the station that contains the partner port Partner device Name of the device that contains the partner port Partner interface Interface to which the partner port belongs Partner port Cable data Contains the cable length and the signal delay of the cable connecting the ports Basic functions for tables The topology overview table supports the following basic functions for editing a table: Displaying and hiding table columns Note: The columns relevant for configuration cannot be hidden. Optimizing column width Saving current representation Displaying the meaning of a column, a row or cell using tooltips. Displaying the diagnostics status of ports and cables in the graphic view Requirements The graphic view of the topology view is open. Procedure To determine the diagnostics status of the port, follow these steps: 1. Go online with the required component or components. Result The following icons are displayed: The corresponding diagnostics icon is displayed for each device. If there is an error in at least one lower-level component, the diagnostics icon "Error in lowerlevel component" is also displayed in the left-hand lower corner of the diagnostics icon. The corresponding diagnostics icon is displayed for each port. Every cable between two ports that are online has the color that matches its diagnostics status. You will find the possible diagnostics icons for ports and the color coding of Ethernet cables in the description of hardware diagnostics. See: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 697 Editing devices and networks 10.1 Configuring devices and networks Showing the diagnostics status of hardware components in the table view Requirement The table view of the topology view is open. You are in the "Topology overview" tab Procedure To obtain the diagnostics status of hardware components of the topology overview table, follow these steps: 1. Go online with the required components. Result The following icons are displayed at the left-hand edge of the topology overview table in each row that belongs to the component involved: The diagnostics icon belonging to the hardware component is displayed. If the hardware component has lower-level components and if there is an error in at least one of the lower-level components, the diagnostics icon "Error in lower-level component" is also displayed in the left-hand lower corner of the diagnostics icon of the hardware component. For the possible diagnostics icons for hardware components, refer to the description of hardware diagnostics. See: AUTOHOTSPOT Note The display of the diagnostics status of hardware components in the topology overview table and the network overview table is identical. Running an offline/online comparison and displaying the results Requirements The table view of the topology view is open. You are in the "Topology comparison" tab There may be an online connection to one or more devices, but this is not actually necessary. Procedure To find the differences between the configured and the actual topology, follow these steps: 1. Click the "Compare offline/online" button in the toolbar. 698 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Result The actual topology is identified and compared with the configured topology. Devices identified online are automatically assigned to configured devices as far as this is possible. See Automatic assignment of devices by offline/online comparison (Page 707) The columns on the right-hand side of the table are filled or updated: Columns for the result of the offline/online comparison: "Status" and "Action" Columns for the topology identified online Note Stopping a running online/offline comparison If you click the "Compare offline/online" button while topology discovery is active, the current topology discovery is stopped. The following buttons are enabled in the toolbar of the table: Button Name Meaning Update The detection of the existing online topology is started again. Synchronize Adopting the port interconnections identified online in the project (Page 708) Adopt the devices identified online in the project (Page 708) Note If you have not configured your own programming device or your own PC offline, the gray filled circle is displayed as a diagnostic symbol. You can also configure a second and third programming device or a second and third PC offline. Columns for the result of the offline/online comparison The following columns are displayed: "Status" The result of the offline/online comparison is shown here in the form of diagnostics icons. The following icons are possible: Diagnostics icon Meaning Differing topology information in at least one lower-level component Identical topology information Topology information only available offline or device is disabled WinCC Advanced V14 System Manual, 10/2016 699 Editing devices and networks 10.1 Configuring devices and networks Diagnostics icon Meaning Topology information only exists online Differing topology information No port interconnection configured, no port interconnection discovered online If a device does not support topology functions, the "Status" column remains empty. "Action" The possible actions are shown here. The following actions are possible: - No action - Apply Note Separating columns To separate the offline and online columns of the topology comparison table optically, there is a separating column to the left of the "Status" column and to the right of the "Action" column. The separating columns cannot be hidden and their width cannot be changed. Columns for the topology identified online The following columns are displayed: "PROFINET device name" "Article no." (by default, this column is not displayed) "Device family" (by default, this column is not displayed) "IP address" (by default, this column is not displayed) "Port" "Interconnection" - Green line if the port is interconnected - Gray line if the port is not interconnected "Partner port" "Partner IP address" "Partner PROFINET device name" "Partner article number" (by default, this column is not displayed) "Partner device family" (by default, this column is not displayed) 700 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Basic functions for tables The topology comparison table supports the following basic functions for editing a table: Displaying and hiding table columns Note: The columns relevant for configuration cannot be hidden. Optimizing column width Saving current representation Displaying the meaning of a column, a row or cell using tooltips. Running an advanced offline/online comparison and displaying the results Overview With the standard offline/online comparison, a search method based on the DCP protocol is used. With the advanced offline/online comparison, ICMP is also used to be able to detect devices that do not support DCP. These include, for example, PG/PC stations. Requirement The table view of the topology view is open. You are in the "Topology comparison" tab The devices to be detected with ICMP are located in the same subnet as the network adapter of your PG/PC you are currently using. Procedure Follow these steps: 1. In the toolbar, click on the arrow in the "Advanced comparison" button. 2. With the input boxes "Start address" and "End address", select an IP address range in which accessible Ethernet nodes will be searched for with ICMP. Confirm this, for example by clicking the button with the green check mark. 3. Click on the icon in the left-hand part of the "Advanced comparison" button. Result The Ethernet nodes detectable with DCP and ICMP are discovered. The columns on the right-hand side of the table are filled or updated: WinCC Advanced V14 System Manual, 10/2016 701 Editing devices and networks 10.1 Configuring devices and networks Configuring topology Interconnecting ports Overview Interconnecting ports in the topology view In the topology view, you have the following options for interconnecting ports: in the graphic view (Page 703) in the graphic view of a tool changer (Page 705) in the table view (Page 704) in the table view of a tool changer (Page 705) by adopting port interconnections identified online (Page 708) Note Interconnecting an electric with an optical port If you want to interconnect an electric and an optical port, you have to decide between RT and IRT communication: With RT communication, it is not necessary to configure a media converter. With IRT communication, you have to make the interconnection via a media converter. What effects does the interconnection of ports have on the network view? Note In the properties of a subnet in the network view, you can specify that this subnet is used when a port interconnection is created between two devices that are not networked. When you create an interconnection between two ports, the following effects are possible in the network view: If the corresponding interfaces are disconnected: If you have specified a default subnet, this is used. Otherwise a new subnet is created to connect the two interfaces. If one (and only one) of the two interfaces involved is networked: The non-networked interface is connected to the same subnet as the already networked interface. In all other cases: The corresponding interfaces are not connected to a logical subnet. 702 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Interconnecting ports (Page 1678) Settings for interconnecting Ethernet devices (Page 593) Interconnecting ports in the graphic view Requirement You are in the graphic view of the topology view. Procedure - Creating a new interconnection between two ports To interconnect a port of a device with a port of another device, follow these steps: 1. Place the mouse cursor on the port you want to interconnect. 2. Click with the left mouse button and hold it down. 3. Move the mouse pointer. The pointer now shows the networking symbol to indicate "Interconnect" mode. At the same time, the mouse pointer shows the lock symbol that will only disappear when the pointer is on a valid target. 4. Now drag the mouse cursor to the target port. You can do this while holding down or after releasing the mouse button. 5. Now release the left mouse button or press it again (depending on your previous action). Result: A new port interconnection is created. Note Creating a ring for S7-300, S7-400, and S7-1500 CPUs If you create a ring using port interconnections for S7-300, S7-400, or S7-1500 CPUs, an MRP domain is created automatically. Procedure - Changing an existing port interconnection without deleting it first To do this, follow these steps: 1. Place the mouse cursor on the port of an existing interconnection that is to receive a new partner port. 2. Drag the port to the new partner port. Result: The existing port interconnection is deleted. The new port interconnection is created. Alternative procedure: 1. Place the mouse cursor on a port without an interconnection that is to be connected with an already interconnected port. 2. Drag the port to the already interconnected port. WinCC Advanced V14 System Manual, 10/2016 703 Editing devices and networks 10.1 Configuring devices and networks Result: The existing port interconnection is deleted. The new port interconnection is created. Procedure - Interconnecting two interconnected ports with each other without first deleting the two existing port interconnections To do this, follow these steps: 1. Place the mouse cursor on the interconnected port that is to receive a new partner port. 2. Drag the port to the new partner port that has also already been interconnected. Result: The two existing port interconnections are deleted. The new port interconnection is created. Interconnecting ports in the table view Which actions are possible with port interconnections in the table view? The following actions are possible with port interconnections in the table view: Creating a new port interconnection Changing an existing port interconnection Deleting an existing port interconnection Requirement The row with the port whose interconnection you want to create, modify or delete is visible in the "Topology overview" tab. Procedure To create the interconnection of a port for the first time, to modify it or delete it, follow these steps: 1. Move the mouse pointer to the "Partner port" column in the row of the source port. 2. Click the drop-down list there. 3. Select the required partner port (when creating or changing a port interconnection) or the "Any partner" entry (when deleting a port interconnection). Result The required action is performed. The new partner port (after creating or modifying a port interconnection) or the "Select port" entry (after deleting a port interconnection) is displayed in the "Partner port" column. 704 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interconnecting a port with more than one partner port in the graphic view Requirement You have configured a port of a PROFINET device with the "Alternative partners" property and have specified its possible partner ports. The graphic view of the topology view is open. Procedure 1. Interconnect this port (referred to hereafter as source port) with one of the partner ports you have specified (referred to hereafter as target port). 2. Interconnect the source port with an additional target port. You can do this in several ways: - Drag the mouse pointer from a partner port that is already interconnected to a target port. - Drag the mouse pointer from an interconnection that has already been created to a target port. - Drag the mouse pointer from a target port to a partner port that is already interconnected. - Drag the mouse pointer from a target port to an already created interconnection. 3. If necessary, repeat the step above one or more times. Result An interconnection is created between the source port and the alternative partner ports. This is indicated by a dashed line. Interconnecting a port with more than one partner port in the table view Which actions are possible with port interconnections to several partner ports in the table view? When working with a tool changer, the following actions can be performed with port interconnections to multiple partner ports in the table view: Creating a new port interconnection Changing an existing port interconnection Deleting an existing port interconnection Requirement You have configured a port of a PROFINET device with the "Alternative partners" property and have specified its possible partner ports. The row with the port whose interconnection you want to create, modify or delete is visible in the "Topology overview" tab. WinCC Advanced V14 System Manual, 10/2016 705 Editing devices and networks 10.1 Configuring devices and networks Procedure To create the interconnection of a port to one or more partner ports for the first time, to modify it, or to delete it, follow these steps: 1. Move the mouse pointer to the "Partner port" column in the row of the source port. 2. Click the drop-down list there. 3. Select the required partner port (when creating or changing a port interconnection) or the "Any partner" entry (when deleting a port interconnection). Result The required action is performed: If you are creating an interconnection, a new row is inserted in the topology overview table. The new partner port is displayed there in the "Partner port" column. If you change an interconnection, the new partner port is displayed in the "Partner port" column. If you delete an interconnection, the row with the previous port interconnection is deleted. Note With a tool changer, there are normally several rows for a port with port interconnections to more than one partner port. The last row is always an empty row. The first row can be edited, all other rows are read-only. Renaming stations, devices, interfaces or ports Rename a station, a device, an interface or a port Requirement The table view of the topology view is open. You are in the "Topology overview" tab Procedure To rename a station, a device, an interface or a port, proceed as follows: 1. Click twice in the relevant field of the topology overview table (the second click starts the editing mode). 2. Enter the new name and then press the ENTER key (this closes editing mode). Result The object is renamed. 706 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Offline/online comparison Automatic assignment of devices by offline/online comparison Overview During the offline/online comparison, the configured topology is compared with the actual existing topology. Devices identified online are automatically assigned to configured devices as far as this is possible. Start of availability detection You start the availability detection the first time by clicking the "Compare offline/online" button in the toolbar of the "Topology comparison" tab. You restart availability detection by clicking the "Update" button. Note The availability detection can take several seconds. During this time, no user input is possible. Automatic assignment of a PNIO device A PNIO device identified online is automatically assigned to a configured device if the following properties of the two devices match up: Article no. Device type or device family PROFINET device name No automatic assignment In the following situations, no automatic assignment is possible: No device can be identified online to match a configured device. (This means that the corresponding columns in the "Online topology" area of the topology comparison table are empty.) In this case, you should add the already configured device to your system or delete the configured device from the configuration. A device identified online can be assigned to a configured device, but there are differences in the port interconnections. In this case, you can apply the port interconnections identified online manually to the project (Page 708). A device identified online cannot be assigned to a configured device. (In this case, the corresponding columns in the "Offline topology" area of the topology comparison table are empty.) In this case, you can include the device identified online manually in the project (Page 708). WinCC Advanced V14 System Manual, 10/2016 707 Editing devices and networks 10.1 Configuring devices and networks Apply the port interconnections identified online manually to the project Requirement You have run an offline/online comparison in the topology view. The result of this is that at least one device identified online was automatically assigned to a configured device, but that there are differences relating to the interconnection. Procedure To adopt one more port interconnections identified online in the project manually, follow these steps: 1. Select the row belonging to the port interconnection. 2. If applicable, select further roles using multi-selection. 3. Select "Apply" > "Use selected" in the shortcut menu. The content of the corresponding table cells in the "Action" column changes to "Apply". 4. If you have mistakenly prepared too many port interconnections to be included in the project: Select the rows that belong to the port interconnections you have mistakenly prepared for inclusion in the project using multi-selection. Select "Reset" > "Reset selected" in the shortcut menu. The content of the corresponding table cells in the "Action" column change to "No action". 5. Click the "Synchronize" button. Result The port interconnections identified online for the corresponding devices are included in the project. Successful adoption is indicated by the diagnostics icon "Identical topology information" for each port. Note If other port interconnections are recognized for a device identified online and these differ from those that exist in the project, adopting these in the project means that the port interconnections that were previously in the project are replaced by those identified online. If no port interconnections are detected for a device identified online, adopting in the project means that all the port interconnections of this device are deleted in the project. Include the devices identified online manually in the project Requirements You have run an offline/online comparison in the topology view. The result of this is that at least one device identified online could not be assigned to any configured device. 708 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure To adopt one more devices identified online in the project manually, follow these steps: 1. For a configured device without an online partner, move the mouse pointer to the "Device/ port" column of the online topology. 2. Select the device you want to assign to the configured device from the drop-down list of this box. 3. Repeat the previous steps if necessary for other configured devices without an online partner. Result The selected device that was identified online is moved up from the end of the table. Following this, it is in the row of the configured device to which you have just assigned it. Automatic assignment of devices by advanced offline/online comparison Overview With the advanced offline/online comparison, ICMP is also used alongside DCP to be able to detect devices that do not support DCP. Automatic assignment of devices detected by ICMP With devices detected by ICMP, no type is available. With passive devices, no article number is available. For this reason, passive devices can only be assigned automatically if you have not assigned an article number in the configured data and the offline and online IP addresses match. With switches, automatic assignment is possible if the offline and online article number, IP address and PROFINET device name match. 10.1.3.4 Secure Communication (S7-1500) Basics of Secure Communication (S7-1500) Basics of Secure Communication (S7-1500) For STEP 7 (TIA Portal) as of V14 and for S7-1500 CPUs as of firmware V2.0, the options for secure communication have been broadened considerably. "S7-1500 CPUs" also refers to CPU versions S7-1500F, S7-1500T, S7-1500C as well as S7-1500pro CPUs and ET200SP CPUs. WinCC Advanced V14 System Manual, 10/2016 709 Editing devices and networks 10.1 Configuring devices and networks Introduction The attribute "secure" is used for the identification of communication mechanisms that are based on a Public Key Infrastructure (PKI) (for example RFC 5280 for Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List Profile). A Public Key Infrastructure (PKI) is a system that can issue, distribute and check digital certificates. The digital certificates issued are used within the PKI to secure computer-based communication. If a PKI uses asymmetric key cryptography, the messages in a network can be digitally signed and encrypted. Components that you have configured in STEP 7 (TIA Portal) for secure communication use an asymmetric key encryption scheme with a public key (Public Key) and a private key (Private Key). TLS (Transport Layer Security) is used as the encryption protocol. TLS is the successor for the SSL (Secure Sockets Layer) protocol. Objectives of secure communication Secure communication is used to achieve the following objectives: Confidentiality i.e. the data is secret/cannot by read by eavesdroppers. Integrity i.e. the message that reaches the recipient is the same message, unchanged, that the sender sent. The message has not been altered on the way. End point authentication i.e. the end point communication partner is exactly who it claims to be and the party who is to be reached. The identity of the partner is verified. In the past, these objectives were primarily relevant to IT and networked computers. Today, industrial machinery and control systems with sensitive data are at equally high risk, as they are also networked, and consequently pose high security requirements for data exchange. Protection of the automation cell by means of the cell protection concept through firewall, or via connection through VPN, for example with the security module, was common in the past and remains so. However, it is becoming increasingly necessary to also transfer data to external computers in encrypted form via Intranet or public networks. 710 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Common principles of secure communication Independent of the context, secure communication is based on the Public Key Infrastructure (PKI) concept and contains the following components: An asymmetric encryption scheme. This scheme allows the following: - Encryption or decryption of the messages using public or private keys. - The verification of signatures in messages and certificates. The messages / certificates are signed by the sender / certificate owner with their private key. The recipient / verifier checks the signature with the public key of the sender / certificate owner. Transport and storage of the public key using X.509 certificates. - X.509 certificates are digitally signed data that allow public key authentication in terms of the bound identity. - X.509 certificates can also contain information that describes in more detail or restricts use of the public key. For example the effective date of a public key in a certificate and when it expires. - X.509 certificates also contain information on the issuer of the certificate in secure form. The following paragraphs give an overview of these basic concepts which are required for managing certificates in STEP 7 (TIA Portal), for example, and for programming the communication instructions for secure Open User Communication (sOUC). Secure communication in STEP 7 STEP 7 as of V14 provides the required PKI for the configuration and operation of secure communication. Examples: The Hypertext Transfer Protokoll (HTTP) becomes Hypertext Transfer Protokoll Secure (HTTPS) by means of the TLS (Transport Layer Security) protocol. Since HTTPS is a combination of HTTP and TLS, it is called "HTTP over TLS" in the corresponding RFC. You can see in the browser that HTTPS is being used. This is indicated by the URL scheme "https://" instead of "http://" in the address bar of the browser. Most browsers highlight such secure connections. Open User Communication becomes secure Open User Communication. The underlying protocol is also TLS. E-mail providers also offer access over the "Secure SMTP over TLS" protocol to increase the security of e-mail communication. The figure below shows the TLS protocol in the context of communication layers. WinCC Advanced V14 System Manual, 10/2016 711 Editing devices and networks 10.1 Configuring devices and networks 3/&SURJUDP 2SHQXVHUFRPPXQLFDWLRQ 7B6(1' 1HWZRUN/D\HU 'DWD/LQN/D\HU 3K\VLFDO/D\HU 28& 6HFXUH28& +7736 7/6 6HVVLRQ/D\HU 7UDQVSRUW/D\HU 7B5&9 :HEVHUYHU +773 $SSOLFDWLRQ/D\HU 7B&21 7&38'3 ,3Y (WKHUQHW Secure communication with OPC UA An OPC UA server is implemented in S7-1500 CPUs as of firmware V2.0. OPC UA Security also covers authentication, encryption and data integrity with digital X.509 certificates and also uses a Public Key Infrastructure (PKI). Depending on the requirements of the application you can select various security levels for the end point security. The description of the OPC UA server functionality is covered in a separate section. Confidentiality through encryption (S7-1500) Message encryption is an important element of data security. When encrypted messages are intercepted by third parties during communication, these potential eavesdroppers cannot access the information they contain. There is a wide range of mathematical processes (algorithms) for encrypting messages. All algorithms process a "key" parameter to encrypt and decrypt messages. Algorithm + key + message => encrypted message Encrypted message + key + algorithm => (decrypted) message 712 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Symmetric encryption The central aspect of symmetric encryption is that both communication partners use the same key for message encryption and decryption, as shown in the figure below. Bob uses the same key for encryption as Alice uses for decryption. In general, we also say that the two sides share a secret, the secret key, with which they encrypt or decrypt a message. %RE $OLFH Bob encrypts his message with the symmetric key Alice decrypts the encrypted message with the symmetric key The process can be compared to a briefcase to which the sender and recipient have the same key, which both locks and opens the case. Advantage: Symmetric encryption algorithms (for example AES, Advanced Encryption Algorithm) are fast. Disadvantages: How can the key be sent to a recipient without getting into the wrong hands? This is a key distribution problem. If enough messages are received, the key can also be worked out and must therefore be changed regularly. If there is a large number of communication partners, there is also a large number of keys to distribute. Asymmetric encryption Asymmetric encryption works with a pair of keys consisting of one public key and one private key. In connection with a PKI it is also called a Public Key process or only PKI process: A communication partner, Alice in the figure below, has a private key and a public key. The public key is provided to the public, in other words any potential communication partner. Anyone with the public key can encrypt messages for Alice. In the figure below, this is Bob. Alice's private key, which she must not disclose, is used by Alice to decrypt an encrypted message addressed to her. WinCC Advanced V14 System Manual, 10/2016 713 Editing devices and networks 10.1 Configuring devices and networks 3XEOLFNH\ 3ULYDWHNH\ %RE $OLFH Alice provides Bob with her public key. No precautionary measures are required to this purpose: Anyone can use the public key for messages to Alice if they are sure that it is actually Alice's public key. Bob encrypts his message with Alice's public key. Alice decrypts the encrypted message from Bob with her private key. As only Alice has the private key and never discloses it, only she can decrypt the message. With her private key, she can decrypt any message encrypted with her public key - not only messages from Bob. The system can be compared to a mailbox into which anyone can put a message, but from which only the person with the key can remove messages. Advantages: A message encrypted with a public key can only be decrypted by the owner of the private key. As another (private) key is required for decryption, it is also much harder to work out the decryption key on the basis of large numbers of encrypted messages. This means that the public key does not have to be kept strictly confidential, unlike with symmetric keys. Another advantage is easier distribution of public keys. No specially secured channel is required in asymmetric cryptography to transfer the public key from the recipient to the sender encrypting the messages. Less effort is thus required in the management of the keys than with the symmetric encryption process. Disadvantages: Complex algorithm (e.g. RSA, named after the three mathematicians Rivest, Shamir and Adleman), and therefore poorer performance than with symmetric encryption. Encryption processes in practice In practice, for example with a CPU Web server and Secure Open User Communication, the TLS protocol is used below the relevant application layer. Application layers are HTTP or SMTP, for example, as detailed above. TLS (Transport Layer Security) uses a combination of asymmetric encryption and symmetric encryption (hybrid encryption) for secure data transfer, for example, over the Internet, and uses the following subprotocols: TLS Handshake Protocol, responsible for authentication of communication partners and negotiation of the algorithms and keys to be used for subsequent data transfer on the basis of asymmetric encryption TLS Record Protocol, responsible for encryption of user data with symmetric encryption and data exchange. 714 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Both asymmetric and symmetric encryption are considered secure encryption schemes - there is basically no difference in security between the two procedures. The degree of security depends on parameters such as the selected key length. Improper use of encryption You cannot tell what identity is assigned to a public key from the bit string. A fraud could provide their public key and claim to be someone else. If a third party then uses this key thinking that they are addressing their required communication partner, confidential information could end up with the fraud. The fraud then uses their private key to decrypt the message that was not intended for them, and sensitive information falls into the wrong hands. To prevent this type of abuse, the communication partners must be confident that they are dealing with the right communication partner. This trust is established by using digital certificates in a PKI. Authenticity and integrity through signatures (S7-1500) Attacks from programs that intercept communication between the server and client and act as if they themselves were client or server, are called man-in-the-middle attacks. If the false identity of these programs is not detected, they can, for example, obtain important information via the S7 program or set values in the CPU and attack a machine or plants. Digital certificates are used to avoid such attacks. Secure communication uses digital certificates that meet the standard X.509 of the International Telecommunication Union (ITU). This allows the identity of a program, a computer or an organization to be checked (authenticated). How certificates establish trust The main role of X.509 certificates is to bind an identity with the data of a certificate subject (for example e-mail address or computer name) to the public key of the identity. Identities can be people, computers or machines. Certificates are issued by certificate authorities (Certificate Authority, CA) or by the owner of a certificate itself. PKI systems specify how users can trust the certificate authorities and the certificates that they issue. The certificate process: 1. Anyone wishing to own a certificate submits a certificate application to a registration authority linked to the certificate authority. 2. The certificate authority assesses the application and applicant on the basis of set criteria. 3. If the identity of the applicant can be clearly established, the certificate authority confirms that identity by issuing a signed certificate. The applicant has now become the certificate holder. The figure below is a simplified overview of the process. It does not show how Alice can check the digital signature. WinCC Advanced V14 System Manual, 10/2016 715 Editing devices and networks 10.1 Configuring devices and networks 7ZHQW &$ FRQILUPVZLWKKLV VLJQDWXUHWKDWWKHSXEOLFNH\LV %RE V+HKDVFKHFNHG 7ZHQW &$ &$ %RE $OLFHJHWV%RE VSXEOLFNH\ZKLFKLVVLJQHGE\ 7ZHQW6KHFDQEHFRQILGHQWWKDWWKLVSXEOLF NH\LVUHDOO\%RE VLIVKHWUXVWV7ZHQW $OLFHWUXVWV7ZHQW WKHFHUWLILFDWHDXWKRULW\&$ $OLFH Self-signed certificates Self-signed certificates are certificates whose signature comes from the certificate owner and not from an independent certificate authority. Examples: You can create and sign a certificate yourself, for example, to encrypt messages to a communication partner. In the example above, Bob (instead of Twent) could himself sign his certificate with his private key. Alice can use Bob's public key to check that the signature and public key from Bob match. This procedure is sufficient for simple internal plant communication that is to be encrypted. A root certificate is, for example, a self-signed certificate, signed by the certificate authority (CA), that contains the public key of the issuer. Features of self-signed certificates The attributes "CN" (Common Name of Subject) for the certificate holder and "Issuer" (issuer) of the self-signed certificates are identical: You have signed your certificate yourself. The field "CA" (Certificate Autority) for the certificate authority must be set to "False"; the self-signed certificate should, after all, not be used to sign other certificates. Self-signed certificates are not embedded in a PKI hierarchy. Certificate content A certificate to the X.509 V3 standard, the same standard that is used by STEP 7 and the S7-1500 CPUs, consists primarily of the following elements: Public key Details of the certificate holder (meaning the holder of the key). This is, for example, the Common Name (CN) of Subject Attributes such as serial number and validity period Digital signature from the certificate authority (CA) confirming that the information is correct. 716 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks There are also extensions, for example: Specification of what the public key may be used for (Key Usage), for example, signing or key encryption. When you create a new certificate with STEP 7, for example in the context of Secure Open User Communication, select the correct entry from the list of possible usages, e.g. "TLS". Specification of a "Subject Alternative Name" ("SAN"), which is used in secure communication with Web servers (HTTP over TLS), for example, to ensure that the certificate in the address bar of the Web browser also belongs to the Web server specified in the URL. How signatures are generated and verified Asymmetric key usage ensures that certificates can be verified: The example of the certificate "MyCert" illustrates the "Sign" and "Verify signature" processes. Generating a signature: 1. The issuer of the "MyCert" certificate generates a hash value from the certificate data using a specific hash function (for example SHA-1, Secure Hash Algorithm). The hash value is a bit string of a constant length. The advantage of the constant length of the hash value is that it always takes the same amount of time to sign. 2. Using the hash value generated in this way and the private key, the issuer of the certificate then generates a digital signature. The RSA signature scheme is often used. 3. The digital signature is saved in the certificate. The certificate is now signed. Verifying a signature: 1. The authenticator of the "MyCert" certificate obtains the certificate of the certificate issuer and thus also the public key. 2. A new hash value is formed from the certificate data with the same hash algorithm that was used for signing (for example SHA-1). 3. This hash value is then compared with the hash value that was determined by means of the public key of the certificate issuer and the signature algorithm to verify the signature on the certificate. 4. If the signature verification supplies a positive result, both the identity of the certificate holder as well as the integrity, meaning the authenticity and genuineness of the certificate contents, is proven. Anyone who has the public key, meaning the certificate from the certificate authority, can check the signature and thus prove that the certificate was actually signed by the certificate authority. The figure below shows how Alice uses the public key in the certificate from Twent (who represents the certificate authority, CA) to verify the signature on Bob's public key. All that is required for verification is therefore the availability of the certificate from the certificate authority at the time of verification. The validation itself is executed automatically in the TLS session. WinCC Advanced V14 System Manual, 10/2016 717 Editing devices and networks 10.1 Configuring devices and networks &$ 7ZHQW $OLFHYHULILHV%RE V VLJQDWXUHZLWKWKHSXEOLF NH\IURP7ZHQW &$ &$ %RE Signing messages The method described above for signing and verifying also uses the TLS session for signing and verifying messages: If a hash value is generated by a message and this hash value is signed with the private key of the sender and attached to the original message, the recipient of the message is able to check the integrity of the message. The recipient decrypts the hash value with the public key of the sender, puts together the hash value from the message received and compares the two values. If the values are not the same, the message has been tampered with on the way. Chain of certificates to root certificate The certificates of a PKI are often organized hierarchically: The top of the hierarchy is formed by root certificates. These are certificates that are not signed by a higher-level certificate authority. The certificate holder and certificate issuer of root certificates are identical. Root certificates enjoy absolute trust. They are the "anchor" of the trust and must therefore be known at the receiver as absolute certificates. They are stored in an area provided for trusted certificates. The function of root certificates is to sign certificates from lower-level certificate authorities, socalled intermediate certificates. This transfers the trust from the root certificate to the intermediate certificate. An intermediate certificate can sign a certificate just like a root certificate; both are therefore referred to as "CA certificates". This hierarchy can be continued over multiple intermediate certificates until the end-entity certificate. The end-entity certificate is the certificate of the user who is to be identified. The validation process runs through the hierarchy in the opposite direction: As described above, the certificate issuer is established and the signature checked with the issuer's public key, then the certificate of the higher-level certificate issuer is established along the entire chain of trust to the root certificate. Conclusion: The chain of intermediate certificates to the root certificate, the certificate path, must be available in every device that is to validate an end-entity certificate of the communication partner, irrespective of the type of secure communication that you configure. Managing certificates with STEP 7 (S7-1500) STEP 7 as of version V14 together with the S7-1500-CPUs as of FW version 2.0 support the Internet PKI (RFC 5280) in as far as an S7-1500 CPU is able to communicate with devices that similarly support the Internet PKI. 718 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The use of X.509 certificates, for example to verify certificates as described in the preceding sections, is a result of this. STEP 7 as of V14 uses a PKI similar to the Internet PKI. Certificate Revocation Lists (CRLs), for example, are not supported. Create or assign certificates For devices with security properties, such as an S7-1500 CPU as of firmware V2.0, you create certificates in STEP 7 for various applications. The following areas in the Inspector window of the CPU allow the creation of new certificates or the selection of existing ones: "Protection & Security > Certificate manager" - for the generation or assignment of all types of certificates. The default setting for the creation of certificates is TLS certificates for Secure Open User Communication. "Web server > Security" - for the generation and assignment of Web server certificates. "OPC UA > Server > Security" - for the generation or assignment of OPC UA certificates WinCC Advanced V14 System Manual, 10/2016 719 Editing devices and networks 10.1 Configuring devices and networks Special feature of the area "Protection & security > Certificate manager" Only in this area of the Inspector window do you switch between the global, meaning the projectwide, certificate manager and the local, meaning the device-specific, certificate manager (option "Use global security settings for certificate manager"). The option decides whether you have access to all the certificates in the project or not. If you do not use the certificate manager in the global security settings, you only have access to the local certificate memory of the CPU. You do not have any access, for example, to imported certificates or root certificates. Without these certificates only limited functionality is available. You can, for example, only create self-signed certificates. If you do not use the certificate manager in the global security settings and you are logged on as an administrator, you have access to the global, project-wide certificate memory. You can, for example, assign imported certificates to the CPU or create certificates that are issued and signed by the project CA (certification authority of the project). The figure below shows how the "Global security settings" are displayed in the project tree after activation of the option "Use global security settings for certificate manager" in the Inspector window of the CPU. When you double-click "User login" in the project tree below the global security settings and log in, a line "Certificate manager" is displayed there among other things. With a double-click on the "Certificate manager" line you receive access to all the certificates in the project, divided into the tabs "CA" (certificate authorities), "Device certificates" and "Trusted certificates and root certification authorities". 720 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Private keys STEP 7 generates private keys when generating device certificates or server certificates (endentity certificates). It depends on the use of the global security settings for the certificate manager where the private key is stored encrypted: If you use global security settings, the private key is stored encrypted in the global (projectwide) certificate memory. If you do not use global security settings, the private key is stored encrypted in the local (CPU-specific) certificate memory. The existence of the private key that is required, for example, to decrypt data, is displayed in the "Private key" column in the "Device certificates" tab of the certificate manager in the global security settings. When the hardware configuration is downloaded, the device certificate, the public key as well as the private key are downloaded to the CPU. NOTICE The option "Use global security settings for certificate manager" influences the previously used private keys: If you have already created certificates without using the certificate manager in the global security settings and then change the option to the use of the certificate manager, the private keys are lost and the certificate ID can change. A warning draws your attention to this fact. Therefore specify at the beginning of the configuration which option is required for the certificate management. Examples for the management of certificates (S7-1500) As explained in the preceding sections, certificates are required for every type of secure communication. The following section shows as an example how you handle the certificates with STEP 7 so that the requirements for Secure Open User Communication are met. WinCC Advanced V14 System Manual, 10/2016 721 Editing devices and networks 10.1 Configuring devices and networks In the following section a distinction is made as to which devices the participating communication partners are. The respective steps for supplying the communication participants with the required certificates are described for each. An S7-1500 CPU or an S7-1500 software controller as of firmware version 2.0 is required. The following generally applies: During the establishment of a secure connection ("handshake") the communication partners as a rule only transfer their end-entity certificates (device certificates). Therefore the CA certificates required to verify the transferred device certificate must be located in the certificate memory of the respective communication partner. Note The current date/time must be set in the CPU. When using secure communication (for example, HTTPS, secure OUC, OPC UA), make sure that the corresponding modules have the current time of day and the current date. Otherwise, the modules evaluate the used certificates as invalid and the secure communication does not work. Secure Open User Communication between two S7-1500 CPUs Two S7-1500 CPUs PLC_1 and PLC_2 should interchange data over Secure Open User Communication. You generate the required device certificates with STEP 7 and assign them to the CPUs as described below. STEP 7 project certification authorities (CA of the project) are used to sign the device certificates. The certificates are to be referenced by their certificate ID in the user program (TCON communication instruction in combination with the associated system data type, for example TCON_IPV4_SEC). STEP 7 assigns the certificate ID automatically when generating or creating certificates. 722 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure STEP 7 automatically downloads the required CA certificates together with the hardware configuration to the participating CPUs so that the requirements for certificate verification exist for both CPUs. You therefore only have to generate the device certificates for the respective CPU - everything else is done by STEP 7 for you. 1. Select PLC_1 and activate the "Use global security settings for certificate manager" option in the "Protection & Security" area. 2. Log in as a user in the project tree in the "Global security settings" area. The "Administrator" role is the default for the first login to a new project. 3. Return to the PLC 1 in the "Protection & Security" section. Click in an empty line in the "Certificate holder" column in the "Device certificates" table to add a new certificate. 4. Click the "Add" button in the drop-down list to select a certificate. The "Generate new certificate" dialog opens. 5. Leave the default settings in this dialog. They are tailored to the usage of Secure Open User Communication (usage: TLS). Tip: Extend the preset name of the certificate holder - in this case the CPU name. In order to differentiate better, leave the default CPU name in case you have to manage a large number of device certificates. Example: PLC_1/TLS becomes PLC_1-SecOUC-Chassis17FactoryState. 6. Compile the configuration. The device certificate and the CA certificate are part of the configuration. 7. Repeat the steps described for PLC_2. In the next step you have to create the user programs for the data exchange and download the configurations together with the program. Use self-signed certificates instead of CA certificates When creating device certificates you can select the "Self-signed" option. You can create selfsigned certificates without having to be logged in for the global security settings. This procedure is not recommended because the certificates created by this method do not exist in the global certificate memory and can therefore not be assigned directly to a partner CPU. As described above you should select the name of the certificate holder with care so that the right certificate can be assigned to a device without any doubt. A verification with the CA certificates of the STEP 7 project is not possible with self-signed certificates. To ensure that self-signed certificates can be verified, you have to include the selfsigned certificate of the communication partner in the list of trusted partner devices for each CPU. To do so, you must have activated the option "Use global security settings for certificate manager" and be logged in as a user in the global security settings. WinCC Advanced V14 System Manual, 10/2016 723 Editing devices and networks 10.1 Configuring devices and networks Proceed as follows to add the self-signed certificate of the communication partner of the CPU: 1. Select PLC_1 and navigate to the table "Certificates of partner devices" in the "Protection & Security" area. 2. Click in an empty line of the "Certificate holder" column to open the drop-down list for adding or selecting certificates. 3. From the drop-down list select the self-signed certificate of the communication partner and confirm the selection. In the next step you have to create the user programs for the data exchange and download the configurations together with the program. Secure Open User Communication between an S7-1500 CPU as a TLS client and an external device as a TLS server Two devices are to interchange data via a TLS connection or TLS session, for example to exchange recipes, production data or quality data: An S7-1500 CPU (PLC_1) as the TLS client; the CPU uses Secure Open User Communication An external device (such as a Manufacturing Execution System (MES)) as the TLS server As the TLS client the S7-1500 CPU establishes the TLS connection / session to the MES system. TLS client TLS server In order to authenticate the TLS server, the S7-1500 CPU requires the CA certificates of the MES system: The root certificate and if appropriate the intermediate certificates for verifying the certificate path. You have to import these certificates into the global certificate memory of the S7-1500 CPU. Proceed as follows to import certificates of the communication partner: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (trusted certificates of root certification authorities) for the certificate to be imported. 3. Right-click in the table to open the shortcut menu. Click "Import" and import the required certificate or the required CA certificates. Through the import the certificate receives a certificate ID and can be assigned to a module in the next step. 724 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Select PLC_1 and navigate to the table "Certificates of partner devices" in the "Protection & Security" area. 5. Click in an empty line of the "Certificate holder" column to add the imported certificates. 6. From the drop-down list select the required CA certificates of the communication partner and confirm the selection. Optionally the MES system can also request a device certificate of the CPU to authenticate the CPU (meaning the TLS client). In this case the CA certificates of the CPU must be available to the MES system. Prerequisite for importing the certificates into the MES system is a preceding export of the CA certificates from the STEP 7 project of the CPU. Proceed as follows: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates) for the certificate to be exported. 3. Right-click to open the shortcut menu for the selected certificate. 4. Click "Export". 5. Select the export format of the certificate. In the next step you have to create the user programs for the data exchange and download the configurations together with the program. Secure Open User Communication between an S7-1500 CPU as TLS server and an external device as TLS client If the S7-1500 CPU acts as a TLS server and the external device, for example an ERP system (Enterprise Resource Planning System), establishes the TLS connection / session, you require the following certificates: For the S7-1500 CPU you generate a device certificate (server certificate) with a private key and download it with the hardware configuration. When generating the server certificate you use the option "Signed by certificate authority". The private key is required for the key exchange as explained in the figure for the example "HTTP over TLS". For the ERP system you have to export the CA certificate of the STEP 7 project and import / download it to the ERP system. With the CA certificate, the ERP system checks the server certificate of the S7-1500 that was transmitted from the CPU to the ERP system during the establishment of the TLS connection/session. TLS server TLS client The description of the required actions is provided in the preceding sections. WinCC Advanced V14 System Manual, 10/2016 725 Editing devices and networks 10.1 Configuring devices and networks Secure Open User Communication via S7-1543-1 CP as an e-mail client (SMTP over TLS) An S7-1500 CPU can establish a secure connection to an e-mail server via the CP 1543-1 with the communication instruction TMAIL-C. The system data types TMail_V4_SEC, TMail_V6_SEC and TMail_QDN_SEC allow you to specify the partner port of the e-mail server and thus to reach the e-mail server via "SMTP over TLS". Prerequisite for a secure e-mail connection is an import of the root certificate and of the intermediate certificates from the e-mail server (provider) into the global certificate memory of the STEP 7 project. When these certificates have been assigned to the CP, the CP can check the server certificate of the e-mail server that is sent by the e-mail server during the establishment of the TLS connection / session by means of this certificate. Follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (trusted certificates of root certification authorities) for the certificate to be imported. 3. Right-click in the table to open the shortcut menu. Click "Import" and import the required certificate or the required CA certificates. Through the import the certificate receives a certificate ID and can be assigned to the CP in the next step. 4. Select the CP 1543-1 and navigate to the table "Certificates of partner devices" in the "Security" section. 5. Click in an empty line of the "Certificate holder" column to add the imported certificates. 6. From the drop-down list select the required CA certificates of the e-mail server and confirm the selection. In the next step you have to create the user programs for the e-mail client function of the CPU and download the configurations together with the program. See also Secure OUC from an S7-1500 CPU as a TLS client to an external PLC (TLS server) (Page 739) Example: HTTP over TLS (S7-1500) The following paragraphs show how the mechanisms described are used to create secure communication between a Web browser and the Web server of an S7-1500 CPU. 726 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks First the changes for the option "Permit access only through HTTPS" in STEP 7 are described. As of STEP 7 V14 you have the option of influencing the server certificate of the Web server of an S7-1500 CPU as of firmware V2.0: The server certificate is generated with STEP 7 as of this version. In addition the processes that are implemented when a website of the Web server of the CPU is called up with a Web browser of a PC via an encrypted HTTPS connection are displayed. Using Web server certificates for S7-1500 CPUs as of FW V2.0 For S7-1500 CPUs with a firmware version before V2.0, you were able to set "Permit access only with HTTPS" when setting the Web server properties, without specific requirements applying. You did not have anything to do with the handling of certificates for these CPUs; the CPU automatically generates the certificates required for the Web server. For S7-1500 CPUs as of firmware V2.0, STEP 7 generates the server certificate (end-entity certificate) for the CPU. You assign a server certificate to the Web server in the properties of the CPU (Web server > Server security). Since a server certificate name is always preset, nothing changes in the simple configuration of the Web server: You activate the Web server and activate the option "Permit access only with HTTPS" - STEP 7 generates a server certificate with the preset name during compiling. Irrespective of whether you use the certificate manager in the global security settings or not: STEP 7 has all the information needed to generate the server certificate. In addition you have the option of determining the properties of the server certificate, for example, the name or the duration of validity. Note The current date/time must be set in the CPU. When using secure communication (for example, HTTPS, secure OUC, OPC UA), make sure that the corresponding modules have the current time of day and the current date. Otherwise, the modules evaluate the used certificates as invalid and the secure communication does not work. Downloading the Web server certificate The server certificate generated by STEP 7 is automatically also loaded when the hardware configuration is downloaded to the CPU. If you use the certificate manager in the global security settings, the certificate authority of the project (CA certificate) signs the server certificate of the Web server. When downloading the CA certificate of the project is automatically loaded as well. If you do not use the certificate manager in the global security settings, STEP 7 generates the server certificate as a self-signed certificate. When you address the Web server of the CPU via the IP address of the CPU, a new server certificate (end-entity certificate) must be generated and loaded with each change of the IP address of an Ethernet interface of the CPU. This is necessary because the identity of the WinCC Advanced V14 System Manual, 10/2016 727 Editing devices and networks 10.1 Configuring devices and networks CPU changes with the IP address - and the identity requires a signature in accordance with the PKI rules. You can avoid this problem by addressing the CPU with a domain name instead of its IP address, e.g. "myconveyer-cpu.room13.myfactory.com". To do so, you need to manage the domain names of your CPUs over a DNS server. Supplying a Web browser with a CA certificate of the Web server In the Web browser, the user who accesses the websites of the CPU through HTTPS should install the CA certificate of the CPU. If no certificate is installed, a warning is output recommending that you do not use the page. To view this page, you must explicitly "Add an exception". The user receives the valid root certificate (Certification Authority) for download from the "Intro" web page of the CPU Web server under "Download certificate". STEP 7 offers a different possibility: Export the CA certificate of the project with the certificate manager into the global security settings in STEP 7. Subsequently import the CA certificate into the browser. Course of Secure Communication The figure below shows, in simplified terms, how communication is established ("handshake"), focusing on the negotiation of keys used for data exchange (here via HTTP over TLS). However, the course can theoretically be applied to all communication options that are based on the use of TLS, i.e. also for Secure Open User Communication (see Basics of secure communication). $OLFHDFFHVVHVZHEVLWHZLWK KWWSV $OLFH $OLFHVHOHFWV UDQGRPV\PP NH\ :HEVHUYHUDFFHSWVWKHFRQQHFWLRQ DQGVHQGVLWVFHUWLILFDWHZLWKSXEOLF NH\ &$ $OLFHVHQGVWKHV\PPHWULF NH\HQFU\SWHGZLWKWKHSXEOLFNH\RI WKHVHUYHU &$ 6LJQHGSXEOLFNH\DQG SULYDWHNH\RIWKH:HE VHUYHU :HEVHUYHUGHFU\SWVWKH V\PPHWULFNH\ZLWKLWV SULYDWHNH\ $OLFHDQGWKH:HEVHUYHUQRZ XVHV\PPHWULFHQFU\SWLRQDQG GHFU\SWLRQ The figure does not show the measures taken at Alice's end (browser) to verify the certificate sent by the Web server. Whether Alice can trust the transferred Web server certificate and 728 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks thus the identity of the Web server and allow the data exchange depends on a positive outcome of the verification. The steps for verifying the authenticity of the Web server are: 1. Alice must know the public keys of all relevant certificate authorities, i.e. she requires the complete certificate chain to be able to verify the Web server certificate (i.e. the end-entity certificate of the Web server). Alice will generally have the required root certificate in her certificate memory. When a Web browser is installed, a whole range of trusted root certificates is also installed. If she does not have the root certificate, she has to download it from the certificate authority and install it in the certificate memory of the browser. The certificate authority can also be the device on which the Web server is located. You have the following options for obtaining the intermediate certificates: - The server itself sends the required intermediate certificates along with its end-entity certificate to Alice - in the form of a signed message so that Alice can check the integrity of the certificate chain. - The certificates often contain the URLs of the certificate issuer. Alice can load the required intermediate certificates from these URLs. When you handle certificates in STEP 7, it is always assumed that you have imported the required intermediate certificates and the root certificate into the project and have assigned them to the module. 2. Alice validates the signatures in the certificate chain with the public keys of the certificates. 3. The symmetric key has to have been generated and transferred to the Web server. 4. If the Web server is addressed by its domain name, Alice verifies the identity of the Web server in accordance with the PKI rules defined in RFC 2818. She is able to do this because the URL, in this case the "Fully Qualified Domain Name (FQDN) of the Web server, is saved in the end-entity certificate of the Web server. If the certificate entry in the "Subject Alternative Name" field corresponds to the entry in the address bar of the browser, everything is fine. The process continues with the exchange of data with the symmetric key, as shown in the figure above. Global security settings (S7-1500) Global security certificate manager (S7-1500) Introduction In the global certificate manager, you have an overview of all the certificates, for example, CA certificates, used in the project with information about the certificate holder, issuer, validity, use and the existence of a private key. With the corresponding authorization you can also manage certificates for the project there. WinCC Advanced V14 System Manual, 10/2016 729 Editing devices and networks 10.1 Configuring devices and networks Activation of the global security settings The global security settings are not visible until they have been activated in the project for at last one device. The "Use global security settings for certificate manager" check box is available to this end in the local CPU-specific certificate manager: The check box is located in the Inspector window in the general settings of a device with security functions under "Protection & Security > Certificate manager". Principle The CA certificate is issued by a certificate authority from which the device certificates are derived. Certificate authorities can be: STEP 7: If the "certificate holder" and "issuer" are the same, this is a self-signed certificate; in other words a certificate issued by STEP 7. Higher-level certificate authority: These external certificates are external to the project and are imported and stored in the certificate memory of STEP 7. Certificates created by one of the two certificate authorities always have a private key so that the device certificates can be derived from them. Functions of the global security certificate manager The following functions are available for selection in the global security certificate manager: Import of new certificates and certificate authorities. Import of SSL certificates (only CP x43-1 Adv.), for example, for FTP communication. Export of the certificates and certificate authorities used in the project. Renewal of expired certificates and certificate authorities. Replacement of existing certificate authorities. Adding trusted certificates and certification authorities. 730 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Deleting manually imported certificates. Note Downloading the configuration After replacing or renewing certificates the configuration has to be downloaded to the corresponding devices. After replacing or renewing CA certificates the configuration has to be downloaded to the corresponding devices. Note Current date and current time of day on the security modules When using secure communication (for example, HTTPS), make sure that the corresponding devices have the current time of day and the current date. Otherwise the certificates used are not evaluated as valid and the secure communication does not work. Managing users and roles (S7-1500) Introduction After you have activated the global security settings for the certificate manager, you have to log in to the global security settings or you require administrator rights. Otherwise you do not have sufficient user rights to edit the global certificates. You cannot access the global certificate manager without a login or if you do not have sufficient rights. Roles and rights You can configure the security settings if the predefined roles "Administrator" or "Standard" are assigned to you or if a different defined role with the associated authorization is assigned. You can view the roles in the project tree under "Global security settings > User administration > Roles" or, if you have corresponding rights, edit them. Assigned role Diagnosing Configuring Managing users and roles Administrator Yes Yes Yes Standard Yes Yes No Diagnostics Yes No No You can create new roles and users as an administrator and assign users and roles to each other in the user administration. Requirement You have to be logged in as an administrator via the user login to the global security settings. WinCC Advanced V14 System Manual, 10/2016 731 Editing devices and networks 10.1 Configuring devices and networks Procedure Proceed as follows to edit users and roles: 1. In the project navigator go to user administration in the global security settings. 2. Select the role to be changed or create a new role. 3. Edit the rights of the selected role in the rights list. Importing and exporting certificates (S7-1500) Introduction You can import and export certificates and the associated private keys. Certificates can only be imported with the global certificate manager. Certificates can also be exported via the local CPU-specific certificate manager. You can import or export the certificates into the following file types: Certificates without private key to CER, DER, CRT or PEM Certificates with their private key to P12 (PKCS12). Requirement During import of certificates with private key you may require a password for access. Importing certificates To import a certificate follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates, device certificates, trusted certificates of root certification authorities) for the certificate to be imported. 3. Right-click in the table to open the shortcut menu. 4. Click "Import". 5. Select the import format of the certificate: - CER, DER, CRT or PEM for certificates without private keys. - P12 (PKCS12 archive) for certificates with private key. 6. Click "Open" to import the certificate. The imported certificate has to be assigned manually to the desired device or module. 732 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Exporting certificates To export a certificate, follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates, device certificates, trusted certificates of root certification authorities) for the certificate to be exported. 3. Right-click to open the shortcut menu for the selected certificate. 4. Click "Export". 5. Select the export format of the certificate: - CER, DER, CRT or PEM for certificates without private keys. - CRL for certificate block list encoded to DER - P12 (PKCS12 archive) for certificates with private key. 6. Click "Save" to export the certificate. You can also export certificates directly from the local CPU-specific certificate manager. Selectable file formats X.509 certificates to the certificate standard X.509 V3 from the RFC 5280 can be imported or exported in various formats with different file name extensions: File name ex tension PEM File type Privacy Enhanced Mail Security Certificate Usage Base64-encoded certificate MIME type application/x-pem-file Meaning Certificate in PEM/X509 format (PEM = Privacy-Enhanced Mail) with an encoding in ASCII (Base64). For mat of the certificate authorities often used for the certificate transfer via e-mail to the applicant of the certificate. Instead of the file name extension PEM, a Base64-enoded certificate can also have the exten sions CER or CRT. Usage In TIA Portal the import and export is supported with PEM encoding. An export with PEM encoding can be effected in the file format PEM or CRT. File name ex tension DER File type DER Encoded X509 Certificate Usage Binary encoded certificate MIME type application/x-x509-ca-cert, application/pkix-cert Meaning Certificate in DER/X.509 format (DER = Distinguished Encoding Rules) with binary encoding. The binary DER format is the basis for the ASCII-encoded PEM format. The DER format is used in particular in the Microsoft Windows environment and on Java platforms. Instead of the file name extension DER a binaryencoded certificate can also have the extensions CER or CRT. Usage In TIA Portal the import and export is supported with DER encoding. An export with DER encoding can be effected in the file format DER or CER. WinCC Advanced V14 System Manual, 10/2016 733 Editing devices and networks 10.1 Configuring devices and networks File name ex tension CER File type Internet Security Certificate File Usage After PEM or DER encoded certificate MIME type application/x-x509-ca-cert, application/pkix-cert, application/keychain_access Meaning Alternative file name extension CER (Canonical Encoding Rules) for a binary encoded certificate in the DER format or for a Base64/ASCII-encoded certificate in PEM format. Usage In TIA Portal the import and export is supported in the file format CER. When importing a certificate in the file format CER the encoding can be to PEM or DER. The DER encoding is used for export in the file format CER. File name ex tension CRT File type Internet Security Certificate File Usage After PEM or DER encoded certificate MIME type application/x-x509-ca-cert, application/pkix-cert, application/keychain_access Meaning Alternative file name extension CRT for a binary encoded certificate in the DER format or for a Base64/ ASCII-encoded certificate in PEM format. Usage In TIA Portal the import and export is supported in the file format CRT. When importing a certificate in the file format CRT the encoding can be to PEM or DER. The PEM encoding is used for export in the file format CRT. File name ex tension CRL File type Certificate Revocation List Usage Certificate block list encoded to DER MIME type application/pkix-crl, application/x-pkcs7-crl Meaning The CRL (Certificate Revocation List) is an X.509 V3 extension and contains the list of blocked or revoked certificates for a specific root certificate. Certificate authorities use the option to revoke the authorization of certificates already issued. This is the case when certificates are compromised or if their content turns out to be faulty. Blocked certificates can be unblocked again with the CRL, for example, when the certificate turns out not to be compromised after all or if the content was correct after all. Revoked certificates remain invalid forever and cannot be authorized again. The certificate authority updates its CRLs as soon as their validity has expired or the content has changed. The source of supply of a CRL is entered in the respective certificate. Usage The TIA Portal does not support a certificate revocation via CRL. Since some external clients must have certificate block lists for the validation of the certificates, an export of the CRL is however supported. But the list is empty and solely serves the purpose of making the validation of an output certificate by certain external clients possible. File name ex tension P12 File type Personal Information Exchange File Usage As PKCS12-archive encoded certificates, optionally with private key MIME type application/keychain_access, application/x-pkcs12 734 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks File name ex tension P12 Meaning File types in the format P12 can also contain the private key in addition to the server certificate and inter mediate certificates. A password can be assigned when storing. Usage In TIA Portal the import and export is supported in the file format P12. The option for exporting into a PKCS12 archive only exists if the certificate disposes of a private key. During export a password can be assigned for the PKCS12 archive. Analog to the password assignment during exporting, the entry of a password may be required to access the certificate during importing. Renewing certificates (S7-1500) Introduction You can renew certificates, for example, to update a compromised certificate by an imported or new certificate. Procedure To renew a certificate, follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates, device certificates) for the certificate to be renewed. 3. Right-click to open the shortcut menu for the selected certificate. 4. Click "Renew". 5. You can edit the data of the selected certificate in the dialog for new certificates. 6. When you click "OK", the certificate is renewed with the changed values. When you renew a certificate, the old certificate is replaced by the certificate with the new values. Through the renewal of certificates no signature query to a certificate authority is generated. Replacing certificates (S7-1500) Introduction You can replace an existing certificate by a different certificate. Procedure To replace a certificate, follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates, device certificates, trusted certificates of root certification authorities) for the certificate to be replaced. 3. Right-click to open the shortcut menu for the selected certificate. WinCC Advanced V14 System Manual, 10/2016 735 Editing devices and networks 10.1 Configuring devices and networks 4. Click "Replace". 5. In the dialog for changing the certificate authority you replace the existing CA certificate of the project or the CA group certificate with a new one. All certificates listed in the "Certificates involved" table are derived once again. Displaying certificates (S7-1500) Introduction You can have an overview of all the certificate data displayed via the Windows certificate dialog Procedure Proceed as follows to display the certificate data: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (CA certificates, device certificates, trusted certificates of root certification authorities) for the certificate to be displayed. 3. Right-click to open the shortcut menu for the selected certificate. 4. Click "Display". Result Different information about the selected certificate is displayed in a window: General information about the certificate Detailed information about the certificate Information about the certification path Deleting certificates (S7-1500) Introduction You can delete certificates that are no longer required or are compromised. Procedure To delete a certificate, follow these steps: 1. Open the certificate manager in the global security settings in the project tree. 2. Select the matching table (device certificates, trusted certificates of root certification authorities) for the certificate to be deleted. 3. Right-click to open the shortcut menu for the selected certificate. 4. Click "Delete". 736 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note CA certificates reserved for the project and certificates that are assigned automatically to a CP cannot be deleted. You can also delete certificates directly in the local CPU-specific certificate manager. The certificate then remains in the global security manager for the project, but is no longer used for the device. Secure Open User Communication (S7-1500) Secure OUC between two S7-1500 CPUs (S7-1500) The following section describes how you can set up a Secure Open User Communication over TCP between two S7-1500 CPUs In the process one S71500 CPU acts as a TLS client (active connection establishment) and the other S71500 CPU as a TLS server (passive connection establishment). Setting up a secure TCP connection between two S7-1500 CPUs In order to establish secure TCP communication between two S71500 CPUs you have to create a data block with the system data type TCON_IPv4_SEC in each CPU, carry out the parameter assignment and call it directly at the instruction. The TCON instruction supports the system data type TCON_QDN_SEC. Requirements: Both S7-1500 CPUs have a minimum firmware version of V2.0 TLS client and TLS server have all the required certificates. 7/6&OLHQW &3B 'HYLFHFHUWLILFDWH &$FHUWLILFDWHIURP 7/6VHUYHU 9DOLGDWLRQ 'HYLFHFHUWLILFDWHIURP 7/6VHUYHU WinCC Advanced V14 System Manual, 10/2016 +HOOR +HOOR 7/66HUYHU &3B 'HYLFHFHUWLILFDWH &$FHUWLILFDWHIURP 7/6FOLHQW 9DOLGDWLRQ 'HYLFHFHUWLILFDWHIURP 7/6FOLHQW 737 Editing devices and networks 10.1 Configuring devices and networks Settings at the TLS client To set up a secure TCP connection in the TLS client, follow these steps: 1. Create a global data block in the project tree. 2. Define a tag of the data type TCON_IP_4_SEC in the global data block. To do so, enter the string "TCON_IP_V4_SEC" in the "Data type" field. The example below shows the global data block "Data_block_1" in which the tag "SEC connection 1 TLS Client" of the data type TCON_IP_V4_SEC is defined. 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the IPv4 address of the TLS server for "RemoteAddress". 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerCertRef": ID of the own X.509-V3 certificate. - "TLSClientCertRef": Enter, for example, the value 1. This references the CA certificate of the TIA Portal project (SHA1). 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_IP_V4_SEC. 738 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings at the TLS server To set up a secure TCP connection in the TLS server, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TCON_IP_V4_SEC. The example below shows the global data block "Data_block_1" in which the tag "SEC connection 1 TLS Server" of the data type TCON_IP_V4_SEC is defined. 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the IPv4 address of the TLS client for "RemoteAddress". 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerReqClientCert ": Request for an X.509-V3 certificate from the TLS client Enter the value "true". - "TLSServerCertRef": ID of the own X.509-V3 certificate. - "TLSClientCertRef": Enter, for example, the value 1. This references the CA certificate of the TIA Portal project (SHA1). 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_IP_V4_SEC. Secure OUC from an S7-1500 CPU as a TLS client to an external PLC (TLS server) (S7-1500) The following section describes how you can set up a Secure Open User Communication over TCP from an S7-1500 CPU as TLS client to a TLS server. WinCC Advanced V14 System Manual, 10/2016 739 Editing devices and networks 10.1 Configuring devices and networks Setting up a secure TCP connection from an S7-1500 CPU as TLS client to a TLS server S7-1500 CPUs as of firmware version V2 support Secure Communication with addressing via a Domain Name System (DNS). In order to establish secure TCP communication via the domain name you have to create a data block yourself with the system data type TCON_QDN_SEC, carry out the parameter assignment and call it directly at the instruction. The TCON instruction supports the system data type TCON_QDN_SEC. Requirements: At least one DNS server exists in your network. You have configured at least one DNS server for the S71500 CPU. TLS client and TLS server have all the required certificates. To set up a secure TCP connection to a TLS server, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TCON_QDN_SEC. The example below shows the global data block "Data_block_1" in which the tag "DNS ConnectionSEC" of the data type TCON_QDN_SEC is defined. 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the fully qualified domain name (FQDN) of the TLS server for "RemoteQDN". 740 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "ExtTLSCapabilities": When you enter the value 1, the client validates the subjectAlternateName in the X.509-V3 certificate of the server to check the identity of the server. The certificates are checked when the connection is established. - "TLSServerCertRef": ID of the X.509-V3 certificate (usually a CA certificate) that is used by the TLS client to validate the TLS server authentication. If this parameter is 0, the TLS client uses all (CA) certificates currently loaded in the client certificate store to validate the server authentication. The certificate ID of the CA certificate is entered in the TLS server. 7/6&OLHQW 6 &$FHUWLILFDWHIURP 7/6VHUYHU LPSRUWHGDQG DVVLJQHG 7/66HUYHU H[WHUQDO3/& +HOOR +HOOR 'HYLFHFHUWLILFDWH 9DOLGDWLRQ 'HYLFHFHUWLILFDWH IURP 7/6VHUYHU - "TLSClientCertRef": ID of the own X.509-V3 certificate. 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_QDN_SEC. In the example below, the CONNECT parameter of the TCON instruction is interconnected with the tag "DNS connectionSEC" (data type TCON_QDN_SEC). WinCC Advanced V14 System Manual, 10/2016 741 Editing devices and networks 10.1 Configuring devices and networks See also Connection parameters in accordance with TCON_QDN_SEC (Page 619) TCON: Establish communication connection (Page 4258) Examples for the management of certificates (Page 721) Secure OUC from an S7-1500 CPU as TLS server to an external PLC (TLS client) (S7-1500) The following section describes how you can set up a Secure Open User Communication over TCP from one S7-1500 CPU as TLS server to a TLS client. Setting up a secure TCP connection via the domain name of the communication partner S7-1500 CPUs as of firmware version V2 support Secure Communication with addressing via a Domain Name System (DNS). In order to establish secure TCP communication via the domain name you have to create a data block yourself with the system data type TCON_QDN_SEC, carry out the parameter assignment and call it directly at the instruction. The TCON instruction supports the system data type TCON_QDN_SEC. Requirements: At least one DNS server exists in your network. You have configured at least one DNS server for the S71500 CPU. TLS client and TLS server have all the required certificates. To set up a secure TCP connection to a TLS client, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TCON_QDN_SEC. The example below shows the global data block "Data_block_1" in which the tag "DNS ConnectionSEC" of the data type TCON_QDN_SEC is defined. 742 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the local ID of the TCP connection in "ID". 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerReqClientCert": Request for an X.509-V3 certificate from the TLS client - "TLSServerCertRef": ID of the own X.509-V3 certificate. 7/66HUYHU 6 'HYLFHFHUWLILFDWH JHQHUDWHGLQ7,$3RUWDO 7/6&OLHQW H[WHUQDO3/& +HOOR +HOOR &$FHUWLILFDWHIURP 7/6VHUYHU H[SRUWHGIURP 7,$3RUWDO 9DOLGDWLRQ 'HYLFHFHUWLILFDWHIURP 7/6VHUYHU - "TLSClientCertRef": ID of the X.509-V3 certificate (or a group of X.509-V3 certificates) that is used by the TLS server to validate TLS client authentication. If this parameter is 0, the TLS server uses all (CA) certificates currently loaded in the server certificate store to validate the client authentication. 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_QDN_SEC. In the example below, the CONNECT parameter of the TCON instruction is interconnected with the tag "DNS connectionSEC" (data type TCON_QDN_SEC). WinCC Advanced V14 System Manual, 10/2016 743 Editing devices and networks 10.1 Configuring devices and networks Secure OUC via CP interface (S7-1500) The following sections describes the particular points to be taken into consideration in the case of Secure Open User Communication via a CP interface. At least one station is an S7-1500 station with the following modules: S7-1500 CPU as of firmware version V2.0 (with the exception of S7-1500 Software Controller) CP 1543-1 as of firmware version V2.0 or CP 1543SP-1 as firmware version V1.0 The CP acts in an S71500 station as a TLS client (active connection establishment) or a TLS server (passive connection establishment). The fundamental procedure and the concept for using secure communication via a CP interface is similar to that of secure communication via the interfaces of the S7-1500 CPUs. Essentially, you have to assign the certificates to the CPU in the role of a TLS server or TLS client and not to the CPU. Other rules and procedures therefore apply. These are described below. Handling certificates for CPs The following applies in general: You have to be logged on at the certificate manager in the global security settings. The generation of self-signed certificates also requires logon for the global security settings. You have to have sufficient rights as a user (administrator or user with the "Standard" role with the right to "Configure security"). The starting point for the generation or assignment of certificates at the CP is the section "Security > Security properties". In this section, you log on for the global security settings. Procedure: 1. In the network view of STEP 7, mark the CP and select the section "Security > Security properties" in the Inspector window. 2. Click on the "User logon" button. 3. Log on using your user name and password. 4. Enable the "Activate security functions" option. The security properties are initialized. 5. Click in the first line of the "Device certificates" table to generate a new certificate or select an existing device certificate. 6. If the communication partner is also an S7-1500 station, you also have to assign a device certificate to the communication partner with STEP 7 as described here or for the S7-1500 CPU. Example: Setting up a secure TCP connection between two S7-1500 CPUs via CP interfaces In order to establish secure TCP communication between two S71500 CPs, you have to create a data block with the system data type TCON_IPv4_SEC in each CPU, carry out the parameter assignment and call it directly at the instruction. 744 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirements: Both S7 1500 CPUs have at least firmware version V2.0. If you use the CP 1543SP-1: Firmware version as of V1.0. Both CPs (for example CP 1543-1) must have at least firmware version V2.0 TLS client and TLS server have all the required certificates. - A device certificate (end-entity certificate) for the CP must be generated and be located in the certificate memory of the CP. If a communication partner is an external device (for example an MES or ERP system), a device certificate also has to exist for this device. - The root certificate (CA certificate) with which the device certificate of the communication partner is signed must also be located in the certificate memory of the CP or in the certificate memory of the external device. If you use intermediate certificates, you have to ensure that the complete certificate path exists in the validating device. A device uses these certificates to validate the device certificate of the communication partner. The communication partner must always be addressed via its IPv4 address, not via its domain name. The following figure shows the different certificates in the devices for the case that both communication partners communicate via a CP 1543-1. In addition, the figure shows the transfer of the device certificates during establishment of the connection ("Hello"). 7/6&OLHQW &3B 'HYLFHFHUWLILFDWH &$FHUWLILFDWHIURP 7/6VHUYHU 9DOLGDWLRQ 'HYLFHFHUWLILFDWHIURP 7/6VHUYHU WinCC Advanced V14 System Manual, 10/2016 +HOOR +HOOR 7/66HUYHU &3B 'HYLFHFHUWLILFDWH &$FHUWLILFDWHIURP 7/6FOLHQW 9DOLGDWLRQ 'HYLFHFHUWLILFDWHIURP 7/6FOLHQW 745 Editing devices and networks 10.1 Configuring devices and networks To set up a secure TCP connection in the TLS client, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TCON_IP_V4_SEC. To do so, enter the string "TCON_IP_V4_SEC" in the "Data type" field. The example below shows the global data block "Data_block_1" in which the tag "SEC connection 1 TLS Client" of the data type TCON_IP_V4_SEC is defined. The Interface ID has the value of the HW identifier of the IE interface of the local CP (TLS client). 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the IPv4 address of the TLS server for "RemoteAddress". 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerCertRef": ID of the own X.509-V3 certificate. - "TLSClientCertRef": Enter the value 2 (reference to the CA certificate of the TIA Portal project (SHA256) or the value 1 (reference to the CA certificate of the TIA Portal project (SHA1)). 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_IP_V4_SEC. 746 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings at the TLS server To set up a secure TCP connection in the TLS server, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TCON_IP_V4_SEC. The example below shows the global data block "Data_block_1" in which the tag "SEC connection 1 TLS Server" of the data type TCON_IP_V4_SEC is defined. The interface ID has the value of the HW identifier of the IE interface of the local CP (TLS server). 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the IPv4 address of the TLS client for "RemoteAddress". 4. Set the parameters for Secure Communication in the "Start value" column. - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerReqClientCert ": Request for an X.509-V3 certificate from the TLS client Enter the value "true". - "TLSServerCertRef": ID of the own X.509-V3 certificate. - "TLSClientCertRef": Enter the value 2 (reference to the CA certificate of the TIA Portal project (SHA256) or the value 1 (reference to the CA certificate of the TIA Portal project (SHA1)). 5. Create a TCON instruction in the program editor. 6. Interconnect the CONNECT parameter of the TCON instruction with the tag of the data type TCON_IP_V4_SEC. WinCC Advanced V14 System Manual, 10/2016 747 Editing devices and networks 10.1 Configuring devices and networks Upload device as new station When you upload a configuration with certificates and configured secure Open User Communication as a new station into your STEP 7 project, the certificates of the CP are not uploaded, in contrast to the certificates of the CPU. After the device has been loaded as a new station, no more certificates are contained in the corresponding tables of the CPs for the device certificates. You have to perform configuration of certificates again after the upload. Otherwise, renewed loading of the configuration results in the certificates that originally exist in the CP being deleted so that secure communication does not function. Secure OUC connections via CPU and CP interfaces - similarities Connection resources: No differences between OUC and secure OUC. A programmed secure OUC connection uses a connection resource just like an OUC connection, irrespective of which IE/ PROFINET interface communicates with the station. Connection diagnostics: No differences between OUC and secure OUC connection diagnostics. Loading of projects with secure OUC connections into the CPU: Only possible in STOP of the CPU, if certificates are loaded as well. Recommendation: Load to device > Hardware and software. Reason: Ensuring the consistency between the program with secure OUC, hardware configuration and certificates. Certificates are loaded with the hardware configuration - therefore loading requires a stop of the CPU. The reloading of blocks that utilize further secure OUC connections is only possible in RUN if the certificates required for this purpose are already located on the module. Secure OUC via e-mail (S7-1500) The following section describes how to establish a secure connection (SNMP over TLS) to a mail server with the communication instruction TMAIL_C. Setting up a secure connection to a mail server In order to establish a secure communication to a mail server you have to create a data block yourself with one of the system data types TMAIL_V4_SEC, TMAIL_V6_SEC or TMAIL_QDN_SEC, carry out the parameter assignment and call it directly at the TMAIL_C instruction. Requirements: S7-1500 CPU as of firmware version V2.0 with communication module CP 15431 as of firmware version V2.0 ET 200SP CPU as of firmware version V2.0 with communication module CP 1542SP1 (IRC) as of firmware version V1.0 You have assigned all CA certificates of the mail server (TLS server) to the CP (TLS client) and have downloaded the configuration to the CPU. 748 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks To set up a secure mail server connection via the IPv4 address of the mail server, follow these steps: 1. Create a global data block in the project tree. 2. In the global data block, define a tag of the data type TMAIL_V4_SEC. The example below shows the global data block "MailConnDB" in which the tag "MailConnectionSEC" of the data type TMAIL_V4_SEC is defined. 3. Set the connection parameters of the TCP connection in the "Start value" column. For example, enter the IPv4 address of the mail server in "MailServerAddress". WinCC Advanced V14 System Manual, 10/2016 749 Editing devices and networks 10.1 Configuring devices and networks 4. Set the parameters for Secure Communication in the "Start value" column. For example, enter the certificate ID of the CA certificate of the communication partner in "TLSServerCertRef". - "ActivateSecureConn": Activation of secure communication for this connection. If this parameter has the value FALSE, the subsequent security parameters are irrelevant. You can set up a non-secure TCP or UDP connection in this case. - "TLSServerCertRef": Reference to the X.509 V3 (CA) certificate of the mail server which is used by the TLS client to validate the authentication of the mail server. 7/6FOLHQW &3 &$FHUWLILFDWHIURP 7/6VHUYHU LPSRUWHGDQG DVVLJQHG +HOOR +HOOR 7/6VHUYHU PDLOVHUYHU 'HYLFHFHUWLILFDWH 9DOLGDWLRQ 'HYLFHFHUWLILFDWH IURP 7/6VHUYHU 5. Create a TMAIL_C instruction in the program editor. 6. Interconnect the MAIL_ADDR_PARAM parameter of the TMAIL_C instruction with the tag of the data type TMAIL_V4_SEC. In the following example the MAIL_ADDR_PARAM parameter of the TMAIL_C instruction is interconnected with the "MAILConnectionSEC" tag (data type TMAIL_V4_SEC). 750 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.3.5 Industrial Ethernet security Configuring security General Supported devices Supported devices Security functions can be configured for the following products: SCALANCE S: - S602 V2*/V3/V4 - S612 V2*/V3/V4 - S613 V2* - S623 V3/V4 - S627-2M V4 SOFTNET Security Client: - SOFTNET Security Client V4 S7-CPs: CP 343-1 GX31 Advanced, CP 443-1 GX30 Advanced, CP 443-1 OPC UA, CP 1543-1, CP 1543SP-1, CP 1243-1 BX30, CP 1243-1 PCC, CP 1242-7 KX31, CP 1243-7 LTE, CP 1243-8 IRC PC CP: CP 1628 Mobile wireless router: SCALANCE M875 * SCALANCE S V2 devices cannot be inserted in a STEP 7 project. SCALANCE S V2 devices from projects of older STEP 7 versions are simply displayed with their properties. The properties of these devices can, however, not be changed. Downloading and compilation and diagnostics of SCALANCE S V2 devices is also not possible. All the functions described for SCALANCE S devices relate to the firmware versions as of V3. When opening a STEP 7 project with existing SCALANCE S V2 devices global firewall rules can be created from the existing local firewall rules for the device. General terminology "security module" In this section of the information system, the following products are grouped together under the term "security module": SCALANCE S602 / SCALANCE S612 / SCALANCE S613 / SCALANCE S623 / SCALANCE S627-2M, CP 343-1 GX31 Advanced, CP 443-1 GX30 Advanced, CP 443-1 OPC UA, CP 1543-1, CP 1543SP-1, CP 1243-1 BX30, CP 1243-1 PCC, CP 1242-7 KX31, CP 1243-7 LTE, CP 1243-8 IRC, CP 1628. WinCC Advanced V14 System Manual, 10/2016 751 Editing devices and networks 10.1 Configuring devices and networks Use of the terms "interface" and "port" In this documentation, the ports of SCALANCE S modules are named as follows: "External interface": The external port of the SCALANCE S602 / S612 / S613 / S623 or an external port of the SCALANCE S627-2M (marked red) "Internal interface": The internal port of the SCALANCE S602 / S612 / S613 / S623 or an internal port of the SCALANCE S627-2M (marked green) "DMZ interface": The DMZ port of the SCALANCE S623 / S627-2M (marked yellow) The term "port" itself is used when the focus of interest is a special port of an interface. Naming the S7 CPs In this documentation, the term "CP x43-1 Adv." includes the following products: CP 343-1 GX31 Advanced / CP 443-1 GX30 Advanced. The name "CP 1243-1" is used for the product CP 1243-1 BX30. The name "CP 1242-7" is used for the product CP 1242-7 KX31. Structure of this section of the help system Topics that are relevant to all security modules can be found in the "General" section. Information that is only relevant to certain module types can be found in the sections relating specifically to these modules. Overview - Scope of performance and method of operation General use of the term "STEP 7" Configuration of security functions is supported as of STEP 7 V12. For this reason, in this section of the information system, the name "STEP 7" will be used for all versions of STEP 7 V12 or higher. Scope of performance You can use the following security functions in STEP 7: Configuration of the security modules Creating VPN configuration data for SOFTNET Security Client V4 Creating VPN configuration data for SCALANCE M875 Creating VPN configuration files for VPN devices from third-party manufacturers Test and diagnostics functions, status displays 752 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Offline configuration view and online diagnostics view The security functions are configured in two views: Offline configuration view In the offline configuration view, you create the configuration data. Prior to downloading, there must already be a connection to the security modules. Online diagnostics view The online diagnostics view is used for diagnostics of the security module and, among other things, allows you to run firmware updates. How it works - security and consistency Access only for authorized users The security functions of every project are protected from unauthorized access by assigning user names and passwords. With the help of password policies, project-specific rules for password assignment can be defined. Consistent project data Consistency checks are running even while you make the entries in the dialogs. In addition, cross-dialog, project-wide consistency checks are carried out. Only consistent project data can be downloaded to the security modules. Protecting project data by encryption The project and configuration data relevant to security are protected by encryption. Depending on the security module, data can be stored in the project and/or on the C-PLUG. WinCC Advanced V14 System Manual, 10/2016 753 Editing devices and networks 10.1 Configuring devices and networks User interface - layout and menu commands User interface for security functions in STEP 7 Global security settings The global security settings are located in the project navigation. These security settings can be configured inde pendently of the module and subsequently assigned to individual security modules as required. Changes to the global security settings must be loaded on all security modules involved. This also applies to the settings of redun dancy relationships. If the first security module to be configured is a CP, the global security settings are only displayed when the security functions have been enabled in the local security settings of the CP. If the first security module to be configured is 754 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks a SCALANCE S module, a SCALANCE M module or a security device the global security settings are displayed after logging in to the security project. The following main folders and entries are available in the global security settings: User login For the security configuration within a project, there is a separate user management. Log in to the security configuration using the "User login" entry. The first time that there is a login to the security configuration, a user with the system-defined role "Administrator" is created automatically. You can create further users in the security configuration in the user management. User administration In user administration, you can create users, define rights for roles and assign these roles to users. Certificate manager In the certificate manager, you see an overview of all the certificates used in the project. You can, for example, import new certificates as well as export, renew or replace existing certificates. Firewall Under the "Firewall" entry, you can define global IP and MAC firewall rule sets and user-specific IP rule sets (SCALANCE S modules only) and assign security modules. Global firewall rule sets can also be exported from STEP 7 and imported into STEP 7. IP and MAC service definitions are used to define the IP and MAC firewall rules compactly and clearly. VPN groups All created VPN groups are contained in this folder. You can create new VPN groups here and assign security modules to these VPN groups. You can also adapt VPN group properties of VPN groups that have already been created. NTP Here, you can create NTP servers and assign them to one or more security modules. This ensures that time synchronization is performed through the assigned NTP server. Unsecured NTP servers can only be configured in the local security settings. RADIUS Here, you can create RADIUS servers and assign them to one or more security modules. With this, you ensure that authentication queries from users who log on to the selected security module to activate user-specific IP rule sets are forwarded to the assigned RADIUS server. Work area Once you have selected a SCALANCE M module or a security module in the work area, you can configure its local security settings in "Properties" > "General". If the selected object is in a VPN group, related information is displayed in the VPN tab. WinCC Advanced V14 System Manual, 10/2016 755 Editing devices and networks 10.1 Configuring devices and networks VPN tab This tab displays information about all the VPN groups to which the security module that was selected in the working area belongs. Information about the respective participants of a VPN group can be displayed and hidden. 756 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Local security settings Local security settings are configured for a specific security module / SCALANCE M module / security device. After one of these objects has been selected in the working area, its local security settings are available in the Inspector window under "Properties" > "General". Note for CPs: Before local security settings can be configured for CPs, these must first be enabled. To do this, log in to your security project and then in the Inspector window, select the "Activate security features" check box in the "Properties" > "General" tab, "Security" entry. The local security settings are then displayed below the "Security" entry. When the check box is selected, the following settings (assuming they were enabled) are migrated automatically to the local security settings. CP x43-1 Advanced: SNMP FTP configuration Time-of-day synchronization Web server Entries of IP access lists CP 443-1 OPC UA: SNMP Time-of-day synchronization Web server OPC UA CP 1543-1: SNMP FTP configuration Time-of-day synchronization CP 1243-1, CP 1243-1 PCC, CP 1243-8 IRC, CP 1543SP-1: SNMP Time-of-day synchronization CP 1242-7, CP 1243-7 LTE: Time-of-day synchronization CP 1628: WinCC Advanced V14 System Manual, 10/2016 757 Editing devices and networks 10.1 Configuring devices and networks SNMP Time-of-day synchronization Depending on the particular security module, additional security functions are also available such as NTP (secure), SNMPv3, FTPS. In addition, firewall rules that enable a connection to be established are created automatically for configured con nections. Log settings are available to record blocked packets. Secure and non-secure configuration areas The user interface can be divided into secure and non-secure configuration areas. The secure areas are areas in which configuration is possible only after logging in to the security configuration. These areas are encrypted and therefore only available to persons authorized in the user management even if the project is accessible to a wider circle of people. Functions from the non-secure areas, on the other hand, can be configured without logging in to the security configuration. The correctness of the settings must be checked before downloading the project to the plant components if a wider circle of people can make modifications to the project. Below, you will find a list of the configuration areas of the user interface showing which areas are secure and which are non-secure. To some extent, this depends on the security module for which the configuration is created. All settings from the global security settings are secure. Secure and non-secure configuration areas for SCALANCE S modules: - All the settings for the interfaces and ports, in particular IP addresses, are non-secure. - The settings under the entry "General" in the local security settings are non-secure. - Higher-level settings (e.g. MRP settings such as MRP manager etc.) that are not configured on the security module itself but may affect the security module are nonsecure. This does not relate to the global security settings. - The other settings are protected. Secure and non-secure configuration areas for CPs: - All settings outside the "Security" entry are non-secure. - Higher-level settings (e.g. MRP settings such as MRP manager, PROFINET settings, connections etc.) that are not configured on the security module itself but may affect the security module are non-secure. This does not relate to the global security settings. - All the settings for the interfaces and ports, in particular IP addresses, are non-secure. - All settings below the "Security" entry are secure. Restrictions in the use of libraries If a master copy is created in the global library for a security module, the configuration of this security module is lost in the master copy. You need to log in again if you use a master copy. 758 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If a master copy is created in the project library for a security module, the configuration of this security module is retained, apart from the cross-module information for VPN and redundancy relationships. IP addresses for configurable servers When configuring servers, the (alias) IP addresses of the security module must not be used. For all configurable servers, there is a consistency check when the IP address is assigned. Running a consistency check Overview The following consistency checks are available: Local consistency checks Project-wide consistency checks In the individual dialog descriptions in this help system, the rules you need to take into account for your entries are listed under the keyword "Consistency check". Local consistency checks A consistency check is local when it can be performed directly within a dialog. With the following actions, local consistency checks are made: After exiting a box After exiting a row in a table When you confirm a dialog with OK. Project-wide consistency checks Project-wide consistency checks provide you with information indicating whether or not project data is correctly configured. With the following actions, there is a consistency check through the entire project: When compiling a configuration When downloading a configuration Note You can only download configured data to a security module if the project-wide consistency check for the security module was successful. WinCC Advanced V14 System Manual, 10/2016 759 Editing devices and networks 10.1 Configuring devices and networks Replacing a security module Module-specific function Only SCALANCE S modules as of V3 can be replaced by SCALANCE S modules as of V3, refer to the section: Replacing a security module (Page 863) in the section "SCALANCE S". Managing certificates Overview of certificates Certificate management The certificate manager in the global security settings contains an overview of all the certificates used in the project, for example, CA certificates with information about the certificate owner, issuer, validity, use and the existence of a private key. A CA certificate is a certificate issued by a certificate authority from which the device certificates are derived. The device certificates include SSL certificates. SSL certificates are required for authentication during secure communication between a network node and a security module. Further device certificates include the VPN group certificates of security modules located in VPN groups and OPC UA client/server certificates of CP 443-1 OPC UA modules. Certificate authorities can be: The STEP 7 project itself. If the "certificate owner" and "issuer" are the same, this is a selfsigned certificate; in other words, issued by the STEP 7 project. A higher ranking (commercial) certificate authority. These third-party certificates are external to the project and are imported and stored in the certificate store of STEP 7. Certificates created by one of the two certificate authorities always have a private key so that the device certificates can be derived from them. Every certificate is assigned an ID via which the certificate can be referenced in the program blocks. The IDs are generated consecutively when certificates are created. Due to the system some IDs are not used. Note Downloading the configuration After replacing or renewing certificates, the configuration must be downloaded to the relevant security modules. After replacing or renewing CA certificates, the configuration must be downloaded to all security modules. 760 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Current date and current time of day on the security modules When using secure communication (for example, HTTPS, VPN...), make sure that the security modules involved have the current time of day and the current date. Otherwise the certificates used are not evaluated as valid and the secure communication does not work. Note Character set of certificates Certificates are always stored in the ASCII character set. If a certificate contains characters that do not exist in the ASCII character set, the certificate is stored with the UTF-8 character set. This is not possible for SCALANCE S V2 modules. Global certificate manager The following functions are available in the certificate manager in the global security settings: Import of new certificates and certificate authorities. Import of SSL certificates (CP x43-1 Adv. only), e.g. for FTP communication. Export of the certificates and certificate authorities used in the project. Renewal of expired certificates and certificate authorities. Replacing existing certificate authorities. Addition of trusted certificates and certificate authorities. Deleting manually imported certificates. Double-click on the "Certificate manager" entry in the global security settings. In the individual tabs, you have the following commands available in the shortcut menu: Command Meaning Import / Export Import / export of certificates. The following formats are permitted: *.cer (certificate only) *.crt (certificate only) *.pem (certificate only) *.p12 (certificate and corresponding private key) Displays Opens the certificate dialog of Windows where you see an overview of all certificate data. For the certificate to be displayed as valid, install it via the "Install certificate..." button of the "General" tab in the Windows certificate store. Appropriate Windows user rights are required to install the certificate. WinCC Advanced V14 System Manual, 10/2016 761 Editing devices and networks 10.1 Configuring devices and networks Command Meaning Renew (only in the "CA" and "Device certificates" tabs) Opens the "Renew certificate" dialog in which you can have a new certificate created by STEP 7 when necessary, for example with compromised certificates. Replace (only in the "CA" tab) Opens the "Replace certificate" dialog in which you can replace an existing certificate with a new one. Delete Deletes a certificate in the "Trusted certificates and root certification authorities" tab. Local certificate manager Certificates that were imported via the certificate manager in the global security settings are not automatically assigned to the corresponding modules. Imported certificates must be included in the list of trustworthy partner certificates manually via the entry "Certificate manager" in the local security settings. When assigning a CA certificate the module is also assigned the certificates derived from it. Certificates generated by STEP 7 such as SSL certificates or VPN group certificates are automatically assigned to the corresponding modules and do not need to be assigned using the local security settings. Before certificates can be referenced in the program block for Secure Communication, these certificates must be assigned to the security module as device certificates via the local certificate manager. After selecting a table cell, you can either create a new certificate using the "Add" button or use an existing certificate of the project using the check mark symbol. For access to existing certificates of the project and for signing a new certificate by a certification authority, the check box "Use global security settings for the certificate manager" must be activated. To make the assigned certificate known to the partner module, this certificate must be entered in the list of trustworthy partner certificates after import. Certificate authorities "CA" tab The following certification authorities are displayed CA certificates of a project: When you create a new project, CA certificates are generated for the project that use different hash algorithms for the certificate signature. The SSL certificates and OPC UA client/server certificates for the individual security modules are derived from the CA certificates. CA group certificates: When you create a new VPN group, a CA certificate is generated for the VPN group. The VPN group certificates of VPN group subscribers are derived from this certificate.. 762 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Device certificates "Device certificates" tab Display of the device-specific certificates generated by the certification authorities for modules. These include: SSL certificate of a module: An SSL certificate that is derived from a CA certificate of the project is generated for each module that you create. SSL certificates are used for authentication during secure communication between PG/PC and module when downloading the configuration. OPC UA client/server certificate of the module: Depending on the configured OPC UA client/ server function of the CP 443-1 OPC UA, an OPC UA client/server certificate is generated that is used for authentication with the relevant communications partner. VPN group certificate of a module: A VPN group certificate is also generated for each module for each VPN group in which it is located. Trusted certificates and root certification authorities "Trusted root certification authorities" tab Display of the third-party certificates imported into STEP 7. Server certificates can be imported for example from external FTP servers, project certificates from other STEP 7 projects and certificates required for the external services such as dyn.DNS. After the import, certificates must be assigned to the corresponding modules using the local security settings. For further information, refer to the section Overview of certificates (Page 760). Renewing certificates Meaning In this dialog, you renew CA certificates and device certificates. How to access this function 1. Right-click on a list entry in the certificate manager. 2. Select the "Renew" entry in the shortcut menu. 3. Decide whether or not the new certificate will be self-signed or signed by a certificate authority. 4. If the certificate is to be signed by a certificate authority, select the certificate authority to be used with the "Select" button. Only certificate authorities stored in the certificate store of the current project can be selected. 5. Depending on the certificate, enter the following parameters in the corresponding input fields: WinCC Advanced V14 System Manual, 10/2016 763 Editing devices and networks 10.1 Configuring devices and networks Parameter Meaning Common name of sub ject Holder of the certificate. The common name of subject can contain no more than 35 characters. The displayed ID is not included in this count. Signature Algorithm used by the certification authority for signing the certificate. Valid from The validity period of the certificate Valid to Usage Value that is entered in the "KeyUsage" and "ExtendedKeyUsage" extensions of the standard X. 509 V3 for digital certificates. Subject Alternative Name (SAN) Depending on the certificate to be renewed, the subject alternative name is displayed with an adaptable name type and value. Replacing certificates Meaning In the "Replace certificate" dialog replace an existing certificate with a new one. How to access this function 1. Right-click on the list entry of a certificate. 2. Select the "Replace" entry in the shortcut menu. 3. The "Replace certificate" dialog opens. All certificates listed in the "Certificates involved" table are derived once again. This means that the CA group certificate of an already configured VPN group can be replaced in the project by the CA group certificate of a different project. The VPN group certificates for the VPN group members are therefore derived from the same CA group certificate in both projects. After making changes in the certificate manager, download the configuration to all security modules affected. 764 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Managing users and roles Rules for user names, roles and passwords Which rules apply to user names, role names and passwords? When creating or modifying a user, a role or a password, remember the following rules: Table 10-3 Rules for user management Permitted characters The following characters from the ANSI X 3.4-1986 character set are permitted: 0123456789 A...Z a...z !#$%&()*+,-./:;<=>?@ [\]_{|}~^ Characters not allowed "' Length of the user name (authenti cation method "password") 1 to 32 characters Length of the user name (authenti cation method "RADIUS") 1 to 255 characters Length of the password 8 to 32 characters Length of the role name 1 to 32 characters Maximum number of users per project Maximum number of users on a se curity module (number of users that are assigned a role with module rights for the security module) 128 32 + 1 administrator when creating the project Maximum number of roles per project 126 Maximum number of roles on a se curity module (number of roles that are assigned module rights for the security module and that are as signed to users) 37 Note User names and passwords As an important measure for increasing security, always make sure that user names and passwords are as long as possible and include special characters, upper and lowercase letters and numerals. Using password policies, you can tighten the restrictions listed above for passwords even further. How to define password policies is described in the section: Configuring password policies (Page 773) WinCC Advanced V14 System Manual, 10/2016 765 Editing devices and networks 10.1 Configuring devices and networks Password strength When a new password is entered, its password strength is checked. The following levels are distinguished for the password strength: Very weak Weak Medium Good Strong Very strong Create users Meaning The security functions configured in STEP 7 are protected from unauthorized access by a separate user management. Before you can access the global and local security settings of security modules, you need to log in to the security configuration as a user. Creating the first user in the project After creating the first security module in the project, you first need to create a user. To do this, in the local security settings of the created security module, click the "User login" button under the "Security properties" entry and enter the login data of the user you want to create. You will then be logged in as the created user and the user is assigned the system-defined "Administrator" role. This role includes all configuration and module rights. Creating users in the user management When you are logged in as a user in the security configuration, you can create further users or delete users with the "User management" entry in the global security settings. Note Users with the "Administrator" role There must always be at least one user with full configuration rights within a project. The administrator that is created automatically when you first enable the security functions in the project can only be deleted if at least one other user exists with the system-defined role "Administrator". 766 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following parameters are available in user management in the "User" tab: Table 10-4 Information in the "User" tab Parameter Meaning User name Name of the user to be created. Click on the "Add new user" entry in the "User name" column to create a new user. Password (only with the "Password" authentication method) Entry of the password for the user. When it is entered, the password strength is checked. For more detailed information on password strength, refer to the following section: Rules for user names, roles and passwords (Page 765) Authentication method Password: Use this authentication method for users that edit and download the STEP 7 Security project and that need to run diagnostics on the security module. The authentication of the user is performed by the security module when user-specific IP rule sets are activated. RADIUS: (only for SCALANCE S as of V4): The authentication of the user is performed by a RADIUS server when user-specific IP rule sets are activated. The password of the user is not configured in STEP 7 when using this authentication method but must be stored on the RADIUS server. Only use this authentication method for users that only need to log on to the Web page of a security module. A user with the "RADIUS" authentication method cannot log on to STEP 7 Security projects. Role Selecting a system-defined or user-defined role. Maximum time of the session (only for SCALANCE S V3 or higher) Entry of the time after which a user logged on to the Web page for userspecific IP rule sets of SCALANCE S modules is automatically logged off. The time entered here starts after the logon and after renewing the session on the Web page of the security module. Default setting: 30 minutes Minimum value: 5 minutes Maximum value: 480 minutes Comment Entry of optional comments. Creating roles Overview You can assign a system-defined or a user-defined role to a user. Specify the module rights of a user-defined role for each security module. WinCC Advanced V14 System Manual, 10/2016 767 Editing devices and networks 10.1 Configuring devices and networks System-defined roles The system-defined roles listed below are predefined. Certain rights are assigned to the roles that are the same on all modules and that the administrator can neither change nor delete. Administrator Default role when creating a security configuration. Unlimited access rights to all configuration data and all security modules. Standard Role with restricted access rights. Diagnose - Read access to configurations. - Read access to the security module in the "Online" mode for testing and diagnostics. Remote-Access No rights except for logging on to the Web page for user-specific firewall rule sets. administrator (radius) Role that can be used to activate user-specific IP rule sets with authentication using a RADIUS server. Access rights to all configuration data except SNMP MIBs. radius Role that can be used to activate user-specific IP rule sets with authentication using a RADIUS server. Read-only access. You will find a detailed list of the configuration and module rights assigned to the systemdefined roles "Administrator", "Standard" and "Diagnostics" in tables 1-3 to 1-7 of the section Managing rights (Page 769). For more detailed information on user-specific IP rule sets, refer to the following section: AUTOHOTSPOT For more detailed information on authentication using a RADIUS server, refer to the following section: AUTOHOTSPOT User-defined role In addition to the system-defined roles, you can create user-defined roles. For a user-defined role, select the configuration or module rights and specify the appropriate module rights for every security module used in the project. You manually assign the user-defined roles to the relevant user. How to access this function 1. Double-click on the "User management" entry in the global security settings. 2. Select the "Roles" tab in User management. 768 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-5 Information in the "Roles" tab Parameter Meaning Role Freely selectable role name. Double-click on the "Add new role" entry to create a new user-defined role. You can then set the rights for the created role. Description Specifying the system-defined role With user-defined roles, the "User-de fined role" character string is displayed. Maximum time of the ses sion (only for SCALANCE S V3 or higher) Entry of the time after which a user with the assigned role is automatically logged off from the Web page for user-specific IP rule sets of SCALANCE S modules. The time entered here starts after the logon and after renew ing the session on the Web page of the security module. Default setting: 30 minutes Minimum value: 5 minutes Maximum value: 480 minutes Comment Entry of additional, optional comments. Note Deleting roles A user-defined role can only be deleted when it is no longer assigned to any user. If necessary, assign the user a different role. System-defined roles cannot be deleted. Managing rights How to access this function 1. Double-click on the "User management" entry in the global security settings. 2. Select the "Roles" tab in User management. Creating and assigning a user-defined role 1. Double-click on the "Add new role" entry. 2. Enter a name for the role and, if applicable, specify the maximum session time after which users with the assigned role are automatically logged off from the Web page for userspecific IP rule sets. 3. If necessary, select the system-defined role whose rights will be used as the template for the user-defined role from the drop-down list labeled "<Copy rights from>". User-defined roles cannot be selected from the drop-down list. Result: In the list of rights of the user roles, the rights are selected that are assigned to the selected system-defined role. 4. For each security module, enable or disable the rights to be assigned to the user-defined role. 5. Assign the role to a user in the "User" tab. WinCC Advanced V14 System Manual, 10/2016 769 Editing devices and networks 10.1 Configuring devices and networks Configuration rights Configuration rights are not module dependent and control the rights for configuration in STEP 7. Depending on the user type, the following configuration rights are available for selection: Table 10-6 Configuration rights Configuration right Administrator Standard Diagnose Diagnose security x x x Configure security x x - Managing users and roles x - - Module rights Module rights are configured per module. The "Service" column shows the service to which the particular right relates. With the "Copy rights" and "Paste rights" commands in the shortcut menu, you can transfer the rights from one module to another. Depending on the user type, the following module rights are available for selection: Table 10-7 Module rights CP x43-1 Advanced Right within the service Administrator Standard Diagnose Web: Format CP file system * x - - FTP: Read files from the CP file system x x x FTP: Write files to the CP file system x x - FTP: Read files (DBs) from the S7 CPU ** x x x FTP: Write files (DBs) to the S7 CPU *** x x - Applet: Read tags using configured symbols * x x x Applet: Write tags using configured symbols * x x - Applet: Read tags using absolute addresses * x x x Applet: Write tags using absolute addresses * x x - Applet: Read status of the modules in the rack * x x x Applet: Query order numbers of the modules in the rack * x x x SNMP: Read MIB-II x x x SNMP: Write MIB-II x x - SNMP: Read automation MIB x x x SNMP: Read LLDP-MIB x x x SNMP: Read SNMPv2-MIB x x x SNMP: Read MRP MIB x x x SNMP: Write MRP MIB x x - TIA Portal: Run diagnostics of the security module **** x x x 770 Service File system PLC SNMP Security WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Right within the service Administrator Standard Diagnose Web: Expand IP access control list * x - - Web: Access Web diagnostics and CP file system x x x Web: Send test e-mails * x x x Web: Update firmware * x x - Web: Load diagnostics texts later * x x - Table 10-8 Service Web Maintenance Module rights CP 443-1 OPC UA Right within the service Administrator Standard Diagnose Service OPC UA: Read variables x x x OPC UA OPC UA: Write variables x x - OPC UA TIA Portal: Run diagnostics of the security module **** x x x Security SNMP: Read automation MIB x x x SNMP SNMP: Read LLDP MIB x x x SNMP SNMP: Read MIB-II x x x SNMP SNMP: Write MIB-II x x - SNMP SNMP: Read SNMPv2-MIB x x x SNMP Web: Update firmware x x - Maintenance Web: Load diagnostics texts later x x - Maintenance Web: Diagnostics x x x Web Administrator Standard Diagnose Service SNMP: Read MIB-II x x x SNMP SNMP: Write MIB-II x x - SNMP: Read automation MIB x x x SNMP: Read SNMPv2-MIB x x x TIA Portal: Run diagnostics of the security module **** x x x Security Table 10-9 Module rights CP 1628 Right within the service Table 10-10 Module rights SCALANCE S Right within the service Administrator Standard Diagnose Service Download the configuration files x x - Security TIA Portal: Run diagnostics of the security module **** x x x SNMP: Read automation MIB x x x SNMP: MIB-II read x x x SNMP: MIB-II write x x - SNMP: MRP-MIB read x x x SNMP: MRP-MIB write x x - SNMP: Read SNMPv2-MIB x x x Web: Update firmware x x - WinCC Advanced V14 System Manual, 10/2016 SNMP Maintenance 771 Editing devices and networks 10.1 Configuring devices and networks Table 10-11 Module rights CP 1543-1 Right within the service Administrator Standard Diagnose Service FTP: Read files from the CP file system x x x FTP: Write files to the CP file system x x - TIA Portal: Run diagnostics of the security module **** x x x Security SNMP: Read automation MIB x x x SNMP SNMP: Read IPv6 MIB x x x SNMP: Read LLDP-MIB x x x SNMP: Read MIB-II x x x SNMP: Write MIB-II x x - SNMP: Read SNMPv2-MIB x x x FTP: Read files (DBs) from the S7 CPU ** x x x FTP: Write files (DBs) to the S7 CPU *** x x - Administrator Standard Diagnose Service TIA Portal: Run diagnostics of the security module **** x x x Security SNMP: Read automation MIB x x x SNMP File system PLC Table 10-12 Module rights CP 1543SP-1 Right within the service SNMP: Read IPv6 MIB x x x SNMP: Read LLDP MIB x x x SNMP: Read MIB-II x x x SNMP: Write MIB-II x x - SNMP: Read SNMPv2-MIB x x x Table 10-13 Module rights CP 1243-1 Right within the service Administrator Standard Diagnose Service TIA Portal: Run diagnostics of the security module **** x x x Security SNMP: Read automation MIB x x x SNMP SNMP: Read IPv6 MIB x x x SNMP: Read MIB-II x x x SNMP: Write MIB-II x x - SNMP: Read SNMPv2-MIB x x x Administrator Standard Diagnose x - - Table 10-14 Module rights CP 1242-7 Right within the service Use TeleService 772 Service TeleService WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-15 Module rights CP 1242-7 LTE Right within the service Administrator Standard Diagnose Service TIA Portal: Run diagnostics of the security module **** x x x Security Use TeleService x - - TeleService Table 10-16 Module rights CP 1243-8 IRC Right within the service Administrator Standard Diagnose Service TIA Portal: Run diagnostics of the security module **** x x x Security SNMP: Read automation MIB x x x SNMP SNMP: Read IPv6 MIB x x x SNMP: Read MIB-II x x x SNMP: Write MIB-II x x - SNMP: Read SNMPv2-MIB x x x * To be able to use the function, the module right "Web: Access Web diagnostics and CP file system" must be enabled as well. ** To be able to use the function, the module right "FTP: Read files from CP file system" must be enabled as well. *** To be able to use the function, the module right "FTP: Write files to CP file system" must be enabled as well. **** To use the function, the configuration right "Security diagnostics" must also be enabled. Setting module rights before and after creating the security modules Within a user-defined role, the module rights for each security module are defined separately. If a security module was created before this role was added and module rights within a role need to be set, STEP 7 presets the module rights for the security module according to the selected rights template. The preset module rights can then be adapted when adding the role. If a security module was created after adding a role, no rights are preset for this security module. In this case, you will need to edit an existing role and set all the module rights yourself for the security module. You can also transfer existing module rights to another module by copying and, if necessary, adapting them there. To do this, select a module in the shortcut menu in the module rights and select the "Copy rights" or "Paste rights" menu command. Configuring password policies Meaning Using the password policies, specifications can be defined that need to be taken into account when assigning passwords to new users. WinCC Advanced V14 System Manual, 10/2016 773 Editing devices and networks 10.1 Configuring devices and networks How to access this function 1. Double-click on the "User management" entry in the global security settings. 2. Select the "Password policies" tab in User management. After selecting a check box, the corresponding policy is active and can, if necessary, be adapted using the relevant input box. The minimum number of numbers and special characters together must not be longer than the minimum password length. Parameter Meaning Minimum password length Minimum number of characters that passwords are required to contain. The corresponding check box is enabled as default and cannot be disabled. Minimum value: 8 characters Maximum value: 32 characters Minimum number of digits Minimum number of digits that passwords are required to contain. Minimum value: 1 digit Maximum value: 32 digits Minimum number of special characters Minimum number of special characters that passwords are required to contain. A special character is any character that is neither a letter nor digit. Minimum value: 1 special character Maximum value: 32 special characters Number of user passwords blocked for re-use Number of the most recently used passwords that are not available for use as a new password if the password is changed. Minimum value: 1 password Maximum value: 10 passwords At least one uppercase and lowercase character If you select this check box, passwords must contain at least one uppercase and one lowercase letter. Authentication using a RADIUS server Module-specific function This function is available only for SCALANCE S V4 modules or higher, refer to: AUTOHOTSPOT in the section "SCALANCE S". 774 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Generating configuration data for SCALANCE M modules Meaning You can generate the VPN information for the assignment of parameters to a SCALANCE M using STEP 7. For this to be possible, the module must be in at least one VPN group with a security module or a SOFTNET Security Client. With the generated files, you can then configure the SCALANCE M using the Web Based Management of the device. Generated files The following file types are generated: Export file with the configuration data - File type: *.txt file in ASCII format - Contains the exported configuration information for the SCALANCE M including information on the additionally generated certificates. VPN group certificates of the module - File type of the private key: *.p12 file - The file contains the module certificate and the key material. - Access is password protected. CA certificates of VPN groups - File type: *.cer file Figure 10-4 WinCC Advanced V14 System Manual, 10/2016 SCALANCE M configuration file 775 Editing devices and networks 10.1 Configuring devices and networks Note No transfer to the SCALANCE M module Configuration files are not transferred to the SCALANCE M module. An ASCII file is generated with which you can configure the VPN-relevant properties of the SCALANCE M. To allow this, the SCALANCE M must be located in at least one VPN group with another security module or a SOFTNET security client. Note Protecting exported configuration files from unauthorized access Configuration files for SCALANCE M exported from STEP 7 can contain security related information. You should therefore make sure that these files are protected from unauthorized access. This is particularly important when passing on the files. Follow the steps below 1. Select the module of the type "SCALANCE M". 2. In the local security settings, select the entry "SCALANCE M configuration". 3. Select the "Generate SCALANCE M files" check box and select a storage location for the configuration files. 4. Specify a password for the encryption of the VPN group certificate by using the project name as the password or assigning a password of your own. 5. Compile the configuration of the SCALANCE M module. Result: The files (.txt file and certificates) are stored in the folder you specify. Generating configuration data for security devices Meaning A security device serves as substitute for a device from another manufacturer. A security device can have the function of a VPN device that serves as substitute for a VPN device from another manufacturer. You can generate the VPN information for the assignment of parameters to a VPN device using STEP 7. For this to be possible, the VPN device must be in at least one VPN group with a security module. With the generated files, you can then configure the VPN device. Note Protecting exported configuration files from unauthorized access Configuration files for VPN devices exported from STEP 7 can contain security related information. You should therefore make sure that these files are protected from unauthorized access. This is particularly important when passing on the files. 776 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Follow the steps below 1. Select the security device to be edited. 2. Select the "VPN device" entry in the local security settings. 3. Select the "Generate files of the VPN device" check box. 4. Select the mode of the VPN device from the "VPN mode" drop-down list. This selection is only possible when the VPN device is located in a VPN group. - VPN client: The VPN device can adopt the following role: Initiator The VPN device actively attempts to establish a VPN connection to the partner. - VPN server: The VPN device can adopt the following roles: Initiator/Responder: The VPN device actively attempts to establish a VPN connection to the partner. The receipt of requests for VPN connection establishment is also possible. This role is selected as default in the VPN connection properties. Responder: The receipt of requests for VPN connection establishment is possible. - NCP VPN client for Android (as of version 2.1): The VPN device with installed software NCP Secure VPN Client for Android actively attempts to establish a VPN connection to the partner. 5. Select a storage location for the configuration files. 6. Specify a password for the encryption of the VPN group certificate by using the project name as the password or assigning a password of your own. 7. If you have configured the VPN device as a VPN client: - Specify the corresponding file types in the "Exported certificates and keys" entry. 8. If you have configured the VPN device as a VPN server: - In the box "VPN server address (WAN IP address)" enter the WAN IP address at which the VPN server can be reached by the initiator of the VPN connection. - Specify the corresponding file types in the "Exported certificates and keys" entry. - In the entry "Subnets reachable through tunnel", enter the subnets and/or IP addresses for which tunnel communication will be released. 9. If you have configured the VPN device as an NCP secure VPN client: - In the entry "NCP Secure VPN client settings", enter the storage path on the NCP secure VPN client. Note Releasing subnets and subscribers with a VPN connection between NCP secure VPN client and SCALANCE S The local internal subnet of SCALANCE S modules is released for tunnel communication as default. For this reason this is always entered as the first released subnet in the file generated for the NCP secure VPN client. Since NCP secure VPN client supports a maximum of 5 entries for released subnets / subscribers, as default the local internal network of the SCALANCE S module and the first 4 table entries from the entry "Nodes" in the NCP secure VPN client are released. To release other subnets and subscribers for tunnel communication, the file generated by STEP 7 must be suitably adapted. WinCC Advanced V14 System Manual, 10/2016 777 Editing devices and networks 10.1 Configuring devices and networks Configuring interfaces for SCALANCE S modules Overview You will find information on configuration interfaces of SCALANCE S modules in AUTOHOTSPOT of the section "SCALANCE S". The information contained here deals with the following configuration options: Mode (bridge mode / routing mode / ghost mode (only for SCALANCE S602 as of V3.1)): Setting the operating mode (Page 866) IP address parameters: Configuring IP address parameters (Page 867) Port settings (only for SCALANCE S as of V3): Configuring port mode (Page 868) Settings for the Internet Service Provider (ISP) if one of the interfaces is operated using PPPoE (only for SCALANCE S as of V3): Configuring an Internet connection (Page 869) DNS and dynamic DNS (only for SCALANCE S as of V3): Configuring DNS and dynamic DNS (Page 870) LLDP (only for SCALANCE S as of V4 in routing mode): Configuring LLDP (Page 873) Media redundancy in ring topologies (e.g. MRP client), (only for SCALANCE S627-2M as of V4 in routing mode): AUTOHOTSPOT For more information on special features of the Ghost mode, refer to the following section: Special features of the ghost mode (Page 876) The configuration of the interfaces of CPs is described in the sections dealing with the CPs. Setting up a firewall Overview of the firewall Module-specific function Configuration of the firewall is not possible for the CP 443-1 OPC UA and CP 1242-7. Meaning The firewall functionality of the security modules is intended to protect networks and stations from third-party influence and interference. This means that only certain, previously specified communications relations are permitted. The firewall discards invalid frames without sending a response. To filter the data traffic, IP addresses, IP subnets, services or MAC addresses can be used. You can also set a bandwidth limitation. The firewall functionality can be configured for the following protocol levels: IP firewall with stateful packet inspection (layer 3 and 4) Firewall also for Ethernet "non-IP" frames according to IEEE 802.3 (layer 2) 778 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks With security modules capable of VPN, the firewall can also be used for the encrypted data traffic (IPsec tunnel). With the SCALANCE S602 Security module, the firewall can only be used for unencrypted data traffic. Firewall rules Firewall rules describe which packets in which direction are permitted or forbidden. IP rules affect all IP packets of layer 3 or higher. MAC rules only affect frames lower than layer 3. Types of firewall rules Global firewall rule sets: Global firewall rule sets can be assigned to several security modules at the same time. Global firewall rule sets are configured in the global security settings. Local firewall rules: Local firewall rules are configured in the local security settings of a security module. User-specific IP rule sets (only for SCALANCE S as of V3): User-specific IP rule sets can be assigned to individual or several security modules at the same time. User-specific IP rule sets are configured in the global security settings and assigned there to one or more users. SCALANCE S as of V4 (RADIUS): User-specific IP rule sets can be assigned individual or multiple users as well as individual or multiple roles. Service definitions With the aid of service definitions, you can also define firewall rules clearly in a compact form. Service definitions are configured in the global security settings and can be used in the global, local and user-specific firewall rules. Adapting standard rules for IP services For SCALANCE S modules V3 or higher, you can adapt service-specific firewall rules that are set as default for the interfaces of the security modules. You will find information on configuring these firewall rules in Adapting standard rules for IP services (Page 892) of the section "SCALANCE S". Automatically generated firewall rules for CP connections For connections that were configured using CPs, STEP 7 automatically creates firewall rules that allow communication with the partner of the CP in the specified direction (CP active/ passive). The connection establishment directions are taken into account. To display these firewall rules, if the advanced firewall mode is enabled, the "Update connection rules" button needs to be clicked. The firewall rules are then displayed in advanced firewall mode. WinCC Advanced V14 System Manual, 10/2016 779 Editing devices and networks 10.1 Configuring devices and networks Which firewall rules are generated automatically is described in the following sections. For S7-300 CPs/S7-400 CPs/PC CPs: Connection-related automatic firewall rules (Page 924) in the section "Security for S7-300 / S7-400 / PC CPs". For S7-1200-/S7-1500-CPs: Connection-related automatic firewall rules (Page 936) in the section "Security for S7-1200 / S7-1500 CPs". Enabling the firewall Firewall functionality for a specific security module is controlled in the local security settings using the "Enable firewall" check box. If the check box is enabled, the firewall can be configured and is effective following the download. For a security module that is a member of a VPN group, the "Enable firewall" check box is activated by default and cannot be deactivated. After switching to advanced firewall mode, it is not possible to switch back to standard mode. For more information about the standard and advanced firewall modes, refer to the section: Overview of local firewall rules (Page 801). Global firewall rule sets Application Regardless of the module, global firewall rule sets are configured in the global security settings. A firewall rule set consists of one or more firewall rules and is assigned to the individual security modules. In the global firewall rule sets, a distinction is made between the following: IP rule sets MAC rule sets The following schematic illustrates the relationship between globally defined rule sets and locally used rule sets. 3URMHFW JOREDOUXOHVHWQ JOREDOUXOHVHW JOREDOUXOHVHW 5XOHJ 0RGXOH ORFDOUXOHVHW ORFDOUXOHO JOREDOUXOHVHW 5XOHJ 5XOHJ ORFDOUXOHO JOREDOUXOHVHW 780 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring When configuring global firewall rules, you can make detailed firewall settings. You can allow individual services for a single node or all services for the node for access to the station or network. When are global IP and MAC firewall rules useful? Global firewall rules are useful if you want to define identical filter criteria for communication with several security modules. Note Assigning firewall rule sets with incompatible firewall rules For a security module, only the firewall rules from firewall rule sets are adopted correctly if the security module supports them. A firewall rule contained in a global firewall rule set with the direction "From: External" or "To: Any" is, for example not assigned to a CP 1628. The other firewall rules of the global firewall rule set are adopted if the CP 1628 supports them. Global firewall rule sets - conventions Global firewall rule sets are used locally The following conventions apply when creating a global set of firewall rules and when assigning it to a module: Configuration view Global firewall rule sets are configured in the global security settings. Priority As default, locally defined rules have a higher priority than the global IP and MAC firewall rule sets. Newly assigned global IP and MAC firewall rule sets are therefore initially entered at the bottom of the local rule list. The priority can be changed by changing the position in the rule list. Entering, changing or deleting rule sets Global firewall rule sets cannot be edited in the local rule list of the firewall rules in the module properties. They can only be displayed there and positioned according to the required priority. It is not possible to delete a single rule from an assigned rule set in the local security settings. Only the entire rule set can be removed from the local list of rules. The firewall rule sets in the global security settings remain unaffected. WinCC Advanced V14 System Manual, 10/2016 781 Editing devices and networks 10.1 Configuring devices and networks Creating global firewall rule sets How to access this function 1. In the global security settings, select the entry "Firewall" > "Global firewall rule sets" > "IP rule sets" or "MAC rule sets". Result: The previously created IP rule sets or MAC rule sets are displayed under the selected entry. 2. Double-click on the entry "Add new IP rule set" or "Add new MAC rule set". Result: The created firewall rule set is displayed with an automatically assigned number below the entry "IP rule sets" or "MAC rule sets". 3. Double-click on the created firewall rule set. Result: In the working area the assignment dialog for firewall rule sets is displayed. The selected firewall rule set is selected in the "Rule set" drop-down list. The required security modules can be assigned to this, see section Assigning global firewall rule sets (Page 782). In the local security settings, the configurable properties of the firewall rule set are displayed. 4. Enter the following data in the "General" entry in the local security settings: - Name: Project-wide, unique name of the rule set. The name appears in the local rule list of the security module after the rule set is assigned. - Description (optional): Enter a description of the global rule set. 5. In the local security settings in the entry "Firewall rule set" enter the firewall rules in the list. Note the parameter description in the following sections: For IP rule sets: Defining IP packet filter rules (Page 802) For MAC rule sets: Defining MAC packet filter rules (Page 806) To switch over to the local security settings of another firewall rule set, select this from the "Rule set" drop-down list of the assignment dialog or double-click on the corresponding entry in the global security settings. Result You have created the global firewall rule set and can now assign this to the required security modules. Note the descriptions in the following section: Assigning global firewall rule sets (Page 782) Assigning global firewall rule sets Requirement You have enabled the advanced firewall mode for the security modules you want to assign to a firewall rule set. 782 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure 1. In the global security settings, select the entry "Firewall" > "Global firewall rule sets" > "Assign module to a firewall rule set". 2. From the "Rule set" drop-down list, select the rule set to which you want to assign the security module. In the right-hand table, you will see the security modules that you can assign to the selected firewall rule set. In the left-hand table, you will see the security modules already assigned to the selected firewall rule set. 3. In the "Available modules" area, select the security modules you want to assign to the selected rule set. 4. Click the "<<" button to assign the selected modules to the selected rule set. Result The global rule set is used by the assigned security modules as a local rule set and appears automatically at the end of the list of firewall rules in the local security settings. Exporting and importing global firewall rule sets Meaning and function Global IP rule sets and global MAC rule sets can be exported from STEP 7 in the XLSX format and imported into STEP 7. Per firewall rule set an XLSX file is created when you export. The export and import provides the option of exchanging firewall rule sets between different STEP 7 projects. Exported firewall rule sets can also be edited in Microsoft Excel(R) and then imported into STEP 7 again. This simplifies the making of mass changes. Firewall rule sets exported from STEP 7 are largely compatible with the Security Configuration Tool (SCT). Firewall rule sets exported from from the Security Configuration Tool are fully compatible with STEP 7. Note Restrictions when importing firewall rule sets from STEP 7 into the Security Configuration Tool In SCT, IPv6 firewall rules and ICMPv6 services are not supported. During import firewall rules identified as IPv6 firewall rules and ICMPv6 services are ignored. As the bandwidth limit a maximum of 100 Mbps are permitted in SCT. During import firewall rules with more than 100 Mbps are ignored. Exporting firewall rule sets from STEP 7 1. In the global security settings, select the entry "Firewall" > "Global firewall rule sets". 2. Double-click on the "Overview" entry. Result: The IP rule sets and MAC rule sets that exist in STEP 7 are displayed in the working area. WinCC Advanced V14 System Manual, 10/2016 783 Editing devices and networks 10.1 Configuring devices and networks 3. If you do not want to export all firewall rule sets, enable the check box of the firewall rule sets to be exported. 4. Click the button. 5. In the "Export firewall rule sets" dialog, select whether all firewall rule sets or only the selected firewall rule sets will be exported. 6. Enter a path on which the firewall rule sets will be saved and click the "Export" button. Result: Per firewall rule set an XLSX file was created. The XLSX files were named with the name of the corresponding firewall rule set and according to the date and time of the export. Importing firewall rule sets in STEP 7 Exported firewall rule sets can be edited prior to importing them. Refer to the information in the section "Requirements for firewall rule sets to be imported". Follow the steps outlined below to import firewall rule sets in STEP 7: 1. In the global security settings, select the entry "Firewall" > "Global firewall rule sets". 2. Double-click on the "Overview" entry. Result: The IP rule sets and MAC rule sets that exist in STEP 7 are displayed in the working area. 3. Click the button. 4. If firewall rule sets of the same name are to be overwritten, select the "Overwrite existing firewall rule sets" check box. Note: For the comparison between the firewall rule sets existing in STEP 7 and the XLSX files, only the name of the firewall rule sets is used. The information about the date and time of the XLSX files is ignored. 5. Select the XLSX files to be imported. Multiple selection is possible. 6. Click the "Import" button. Result: The firewall rule sets of the selected XLSX files have been imported in STEP 7. Structure of exported IP rule sets For every IP rule set exported from STEP 7, an XLSX file is created with the following table sheets: IP Ruleset: Contains the IP packet filter rules of the IP rule set IP Services: Contains the IP services used in packet filter rules of the IP rule set. IP services in the IP service groups used are also displayed. ICMP Services: Contains the ICMP services used in packet filter rules of the IP rule set. ICMP services in the IP service groups used are also displayed. IP Service Groups: Contains the IP service groups used in IP packet filter rules of the IP rule set. The corresponding IP and ICMP services are displayed for every IP service group. 784 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure of exported MAC rule sets For every MAC rule set exported from STEP 7, an XLSX file is created with the following table sheets: MAC Ruleset: Contains the MAC packet filter rules of the MAC rule set MAC Services: Contains the MAC services used in MAC packet filter rules of the MAC rule set. MAC services in the MAC service groups used are also displayed. MAC Service Groups: Contains the MAC service groups used in MAC packet filter rules of the MAC rule set. The corresponding MAC services are displayed for every MAC service group. Conventions for rule sets to be imported The following conventions apply to firewall rule sets to be imported in STEP 7: The files have the file extension *.XLSX and the corresponding Office Open XML format. If the name of the XLSX file is longer than 128 characters, the rule set will be created in STEP 7 with a standard name. The names of the columns within the table sheets must not be changed, the order of the columns may, however, be changed. The names of the table sheets must not be changed, the order of the table sheets may, however, be changed. WinCC Advanced V14 System Manual, 10/2016 785 Editing devices and networks 10.1 Configuring devices and networks Permitted parameter values for IP rule sets to be imported The following values may be entered in the table columns of XLSX files for IP rule sets. Upper and lower case characters are not taken into account when the notation is checked. 786 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-17 Permitted parameter values for table sheet "IP Ruleset" Action From Allow External Drop To IPv6* Intern True al False DMZ Tunn el Source IP ad dress Destina tion IP Address Service [free text with max. 255 charac ters] [free text with max. 255 charac ters] [free text with max. 128 charac ters] Band width Logging [Possible True values: False 0.001... 1000] Stateful Com ment True [free text Fals with max. 255 e charac ters] Any Statio n Internal Exter nal Intern al DMZ Tunn el Any Statio n DMZ Exter nal Intern al Tunn el Any Tunnel Exter nal Intern al DMZ Tunn el Any Statio n Any Exter nal Intern al DMZ WinCC Advanced V14 System Manual, 10/2016 787 Editing devices and networks 10.1 Configuring devices and networks Action From Station To IPv6* Source IP ad dress Destina tion IP Address Service Band width Logging Stateful Com ment Exter nal Intern al Tunn el * This column is optional. If the column does not exist when importing into STEP 7, the default value "False" is used in STEP 7. Table 10-18 Permitted parameter values for table sheet "IP Services" Name Protocol [free text with max. 128 char UDP acters] TCP Source Port [free text with max. 32 char acters] Destination Port [free text with max. 32 char acters] All 788 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks WinCC Advanced V14 System Manual, 10/2016 789 Editing devices and networks 10.1 Configuring devices and networks Table 10-19 Permitted parameter values for table sheet "ICMP Services" Name [free text with max. 128 char True acters] ICMPv6* Type PacketToBig Code NoCode EchoRequest EchoReply MulticastListenerQuery MulticastListenerReport V2MulticastListenerRepo rt MulticastListenerDone RouterSolicitation RouterAdvertisement NeighbourSolicitation NeighbourAdvertisement RedirectMessage InverseDiscoverySolicitati on InverseDiscoveryAdvertis ement HomeDiscoveryRequest HomeDiscoveryReply MobilePrefixSolicitation MobilePrefixAdvertiseme nt CertificationPathSolicitati on CertificatePathAdvertise ment IcmpMessagesUtilizedBy Seamoby MulticastRouterAdvertise ment MulticastRouterSolicitatio n MulticastRouterTerminati on FmIpV6 RplControl RouterRenumbering RouterRenumberingCom mand RouterRenumberingResu lt SequenceNumberReset IcmpNodeInformationQuery 790 ContainsIpV6 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name ICMPv6* Type Code ContainsName ContainsIpV4 IcmpInformationResponse Successful RefuseToSupplyAnswer UnknownQtypeOfQuery TimeExceeded HopLimitExceededInTran sit FragmentReassemblyTi meExceeded ParameterProblem ErroneousHeaderFieldEn countered UnrecognizedNextHeade rTypeEncountered UnrecognizedIpV6Option Encountered False EchoReply NoCode SourceQuench AlternateHostAddress EchoRequest RouterSolicitation TimestampReply TimestampRequest InformationRequest InformationReply AddressMaskReply AddressMaskRequest MobileHostRedirect IpV6WhereAreYou IpV6IAmHere MobileRegistrationReply MobileRegistrationReque st Skip Star DestinationUnreachable Star NetUnreachable HostUnreachable ProtocolUnreachable PortUnreachable FragmentationNeededAn dDontFragmentWasSet SourceRouteFailed WinCC Advanced V14 System Manual, 10/2016 791 Editing devices and networks 10.1 Configuring devices and networks Name ICMPv6* Type Code DestinationNetworkUnkn own DestinationHostUnknown SourceHostIsolated CommunicationWithDesti nationNetworkIsAdministr ativelyProhibited CommunicationWithDesti nationHostIsAdministrativ elyProhibited DestinationNetworkUnre achableForTypeOfServic e DestinationHostUnreach ableForTypeOfService CommunicationAdministr ativelyProhibited HostPrecedenceViolation PrecedenceCutOffInEffec t Redirect Star DatagramForNetwork DatagramForTheHost DatagramForTheTypeOf ServiceAndNetwork DatagramForTheTypeOf ServiceandHost RouterAdvertisement Star NormalRouterAdvertisem ent DoesNotRouteCommonT raffic TimeExceeded Star TimeToLiveExceededInT ransit FragmentReassemblyTi meExceeded ParameterProblem Star TheIpHeaderIsInvalid ArequiredOptionIsMissin g Traceroute Star OutboundPacketSuccess fullyForwarded 792 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name ICMPv6* Type Code NoRouteForOutboundPa cketThePacketWasDisca rded ConversionError Star UnknownOrUnspecifiedE rror DontConvertOptionPrese nt UnknownMandatoryOptio nPresent KnownUnsupportedOptio nPresent UnsupportedTransportPr otocol OverallLengthExceeded IpHeaderLengthExceede d TransportProtocolGreater Then255 PortConversionOutOfRa nge TransportHeaderLengthE xceeded BitRolloverMissingAndAc kSet UnknownMandatoryTran sportOptionPresent Photuris Star BadSpi AuthenticationFailed DecompressionFailed DecryptionFailed NeedAuthentication NeedAuthorization * This column is optional. If the column does not exist when importing into STEP 7, the default value "False" is used in STEP 7. Table 10-20 Permitted parameter values for table sheet "IP Service Groups" Name [free text with max. 128 characters] WinCC Advanced V14 System Manual, 10/2016 Description [free text with max. 255 characters] IP Services [free text, services are separated from each other with commas] 793 Editing devices and networks 10.1 Configuring devices and networks Permitted parameter values for MAC rule sets to be imported The following values may be entered in the table columns of XLSX files for MAC rule sets. Upper and lower case characters are not taken into account when the notation is checked. Table 10-21 Permitted parameter values for table sheet "MAC Ruleset" Action Allow From External To Internal Drop Tunnel Any Station Internal External Tunnel Source MAC Ad dress Destina tion MAC Address Service [MAC ad dress in the cor rect for mat: xxxx-xx-xxxx-xx] [MAC ad dress in the cor rect for mat: xxxx-xx-xxxx-xx] [free text with max. 128 char acters] Bandwidth [Possible values: 0.001... 1000] Logging Comment [free text with max. 255 char acters] True False Any Tunnel External Internal Station Any External Internal Station External Tunnel Table 10-22 Permitted parameter values for table sheet "MAC Services" Name Protocol [free text with max. 128 characters] SNAP PROFINET IO ISO DSAP [hexadecimal val ues with max. 2 characters] SSAP CTRL OUI OUI Type [hexadecimal values with max. 2 char acters] [hexadecimal values with max. 2 char acters] [hexadecimal values with max. 6 char acters] [hexadecimal values with max. 4 char acters] [hexadecimal values beginning with 0x] Table 10-23 Permitted parameter values for table sheet "MAC Service Groups" Name [free text with max. 128 characters] 794 Description [free text with max. 255 characters] MAC Services [free text, services are separated from each other with commas] WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks IP services Defining IP services How to access this function In the global security settings, select the entry "Firewall" > "Services" > "Define services for IP rules". Procedure Using the definition of IP services, you can define succinct and clear firewall rules for specific services. You select a name and assign the service parameters to it. These services defined in this way can also be grouped together under a group name. When you configure the packet filter rules, you then use this name. Parameters for IP services You define the IP services using the following parameters: Table 10-24 IP services: Parameter Parameter Meaning/comment Available options / ranges of values Name Name for the service that is used as identification in the rule definition or in the group. The names of pre defined services cannot be changed. Name must start with a letter. Name must not contain any special characters. Name must not be redundant. Protocol Selection of the protocol type TCP UDP TCP+UDP All WinCC Advanced V14 System Manual, 10/2016 795 Editing devices and networks 10.1 Configuring devices and networks Parameter Meaning/comment Available options / ranges of values Source port Filtering is based on the port number specified here; this defines the service access at the frame sender. With the protocol selection "TCP+UDP", it is not possible to specify a port. Examples: *: Port is not checked 20 or 21: FTP service Destination port Filtering is based on the port number specified here; With the protocol selection this defines the service access at the frame recipient. "TCP+UDP", it is not possible to specify a port. Examples: *: Port is not checked TCP 80: Web HTTP service TCP 102: S7 protocol Defining ICMP services How to access this function 1. In the global security settings, select the entry "Firewall" > "Services" > "Define services for IP rules". 2. Select the "ICMP" tab. Procedure Using the definition of ICMP services, you can define succinct and clear firewall rules for specific services. You select a name and assign the service parameters to it. These services defined in this way can be grouped together under a group name. When you configure the packet filter rules, you then use this name. 796 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameters for ICMP services Parameter Meaning/comment Available options / ranges of val ues Name User-definable name for the service that is used as identification in the rule definition or in the group. The names of predefined ICMPv6 services cannot be modified. Name must start with a letter. Name must not contain any special characters. Name must not contain more than 20 characters. Name must not occur more than once ICMPv6 If you enable this check box, the ICMP service is declared as an ICMPv6 service and you can select an ICMPv6-specific type and code for the service. An ICMPv6 service can only be used in the firewall rule of a security module that supports IPv6. Enabled Type Type of the ICMPv4 or ICMPv6 message. If the "ICMPv6" check box is de selected, ICMPv4-specific types can be selected. If the check box is selected, ICMPv6-specific types can be selected. Code Code of the ICMP type. Values depend on the selected type. Disabled (default) Creating service groups How to access this function 1. In the global security settings, select the entry "Firewall" > "Services" > "Define services for IP rules". 2. Select the "Service groups" tab. Forming service groups You can put several services together by creating service groups. This allows you set up more complex services that you can then use in the packet filter rules simply by selecting the name. IPv4 and IPv6 services can be collected in the same service group. Create groups in the open "Service groups" tab. You can then assign services to a group in the "Group management" tab. Follow the steps below 1. First, create groups in this tab with names to suit your requirements and add a description if required. 2. Select the "Group management" tab. You can assign the previously specified IP services to the groups defined in this tab. WinCC Advanced V14 System Manual, 10/2016 797 Editing devices and networks 10.1 Configuring devices and networks Managing service groups How to access this function 1. In the global security settings, select the entry "Firewall" > "Services" > "Define services for IP rules". 2. Select the "Group management" tab. Forming service groups You can put several services together by creating service groups. This allows you set up more complex services that you can then use in the packet filter rules simply by selecting the name. IPv4 and IPv6 services can be collected in the same service group. Use the "Group management" tab to assign services to a selected group you created previously in the "Service groups" tab. Follow the steps below 1. Select a group created previously in the "Service groups" tab from the "Service groups" drop-down list in this tab. 2. Then assign the required services from the right-hand "Available services" list box to the group. MAC services Define MAC services How to access this function In the global security settings, select the entry "Firewall" > "Services" > "Define services for MAC rules". Meaning Using the definition of MAC services, you can define succinct and clear firewall rules for specific services. You select a name and assign the service parameters to it. These services defined in this way can be grouped together under a group name. When you configure the global or local packet filter rules, you use this name. 798 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameters for MAC services A MAC service definition is formed using protocol-specific MAC parameters: Table 10-25 MAC services - parameters Parameter Meaning/comment Available options / ranges of values Name User-definable name for the service that is used as identi Name must start with a letter. fication in the rule definition or in the group. Name must not contain any special characters. Name must not be redundant. Protocol Name of the protocol type: ISO ISO ISO identifies frames with the following properties: Lengthfield <= 05DC (hex), DSAP= userdefined SSAP= userdefined CTRL= userdefined SNAP PROFINET IO 0x (entry of the protocol number) SNAP SNAP identifies frames with the following properties: Lengthfield <= 05DC (hex), DSAP=AA (hex), SSAP=AA (hex), CTRL=03 (hex), OUI=userdefined, OUI-Type=userdefined PROFINET IO As an alternative, a protocol number can be entered. The protocol entries 0800 (hex) and 0806 (hex) are not accepted since these values apply to IP or ARP frames. DSAP Destination Service Access Point: LLC recipient address SSAP Source Service Access Point: LLC sender address CTRL LLC control field OUI Organizationally Unique Identifier (the first 3 bytes of the MAC address = vendor ID) OUI type Protocol type/identification Note Processing for S7-CPs Only settings for ISO frames with DSAP=SSAP=FE (hex) are processed. Other frame types are not relevant for S7 CPs and are therefore discarded even before processing by the firewall. WinCC Advanced V14 System Manual, 10/2016 799 Editing devices and networks 10.1 Configuring devices and networks Special settings for SIMATIC NET services To filter special SIMATIC NET services, please use the following protocol settings: DCP: PROFINET IO SiClock : OUI= 08 00 06 (hex) , OUI-Type= 01 00 (hex) Creating service groups How to access this function 1. In the global security settings, select the entry "Firewall" > "Services" > "Define services for MAC rules". 2. Select the "Service groups" tab. Forming service groups You can put several services together by creating service groups. This allows you set up more complex services that you can then use in the packet filter rules simply by selecting the name. Create groups in the open "Service groups" tab. You can then assign services to a group in the "Group management" tab. Follow the steps below 1. First, create groups in this tab with names to suit your requirements and add a description if required. 2. Select the "Group management" tab. You can assign the previously specified MAC services to the groups defined in this tab. Managing service groups How to access this function 1. In the global security settings, select the entry "Firewall" > "Services" > "Define services for MAC rules". 2. Select the "Group management" tab. Forming service groups You can put several services together by creating service groups. This allows you set up more complex services that you can then use in the packet filter rules simply by selecting the name. Use the "Group management" tab to assign services to a selected group you created previously in the "Service groups" tab. 800 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Follow the steps below 1. Select a group created previously in the "Service groups" tab from the "Service groups" drop-down list in this tab. 2. Then assign the required services from the right-hand "Available services" list box to the group. Overview of local firewall rules Meaning Local firewall rules are configured in the local security settings of a security module and apply only to this security module. After enabling the firewall functionality you can either use predefined firewall rules or define firewall rules in the advanced firewall mode. Using predefined firewall rules Here, you use simple, predefined rules. You can only enable service-specific rules. The enabled services are allowed for all nodes in the specified direction. You can find detailed information on the definition of firewall rules in this dialog in the following module-specific sections: For SCALANCE S: AUTOHOTSPOT For S7-300/S7-400/PC CPs: AUTOHOTSPOT For S7-1200/S7-1500 CPs: AUTOHOTSPOT Defining firewall rules in advanced firewall mode In advanced firewall mode, you can make detailed firewall settings. You can allow individual services for a single node or all services for the node for access to the station or network. You enable the advanced firewall mode using the "Activate firewall in advanced mode" check box. In the local security settings, the firewall rules can then be configured in "Firewall" > "IP rules" or "MAC rules". The configuration options available here are described individually in the following section: For IP packet filter rules: Defining IP packet filter rules (Page 802) For MAC packet filter rules: Defining MAC packet filter rules (Page 806) Note Deactivating the advanced firewall mode not possible Once you have activated the advanced firewall mode, you can no longer deactivate it. WinCC Advanced V14 System Manual, 10/2016 801 Editing devices and networks 10.1 Configuring devices and networks Adopting predefined firewall rules in the advanced firewall mode When you switch over to the advanced firewall mode, enabled predefined firewall rules and logging settings are adopted. If, for example, the check box "Allow S7 protocol" is selected in the direction "From external to internal", in the advanced firewall mode an allow rule with this communication direction and the service "S7" is created automatically. If predefined logging settings exist for S7-1200 / S7-1500 CPs, in advanced mode these are not shown as firewall rules but under the entry "Firewall > Log settings" where they can be edited. Configuration limits Number of firewall rules (advanced firewall mode) SCALANCE S as of V3 Maximum of 256 S7-1200/S7-1500 CPs Maximum of 256 CP x43-1 Adv. Maximum of 226 CP 1628 Maximum of 226 Defining IP packet filter rules Meaning With IP packet filter rules, you filter according to IP frames, such as TCP, UDP and ICMP. Within a packet filter rule, you can also fall back on the definitions of the IP services. Entering IP packet filter rules Enter the firewall rules one by one in the list. Note the following parameter description. 802 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-26 IP rules: Parameter Parameter Meaning/comment Available options / ranges of values Action Allow/disallow (enable/block) Allow Allow frames according to definition. Drop Block frames according to definition. For firewall rules generated automatically as result of configuring a connection and subsequently adapted manually: Allow* Drop* If you change automatically created connection rules, when the "*" option is selected they are not recreated and overwritten by STEP 7. From / To Selection of the communica tions directions for which the rule will apply. Described in separate sections. For SCALANCE S modules: IP packet filter directions SCALANCE S (Page 891) For S7-300/S7-400/PC CPs: IP packet filter directions S7-300-/S7-400-/ PC-CPs (Page 922) For S7-1200/S7-1500 CPs: IP packet filter directions S7-1200 / S7-1500 CPs (Page 935) IPv6 If this check box is selected, you can use a previously de fined ICMPv6 service in the firewall rule. For some secur ity CPs, after selecting the check box you can enter ad ditional IPv6 addresses in the "Source IP address" and "Destination IP address" in put boxes. Source IP ad The firewall rule is applied to dress the frames whose sender has the IP address specified here. If you do not specify an IP address, the firewall rule applies to all nodes in the communications direction you selected in the "From" column. Destination IP address The firewall rule is applied to the frames whose recipient has the IP address specified here. If you do not specify an IP address, the firewall rules applies to all nodes in the communications direction you selected in the "To" col umn. The check box can only be selected and deselected if there are no entries in the "Source IP address" and "Destination IP address" input boxes. If IPv6 is disabled in the local settings of a CP capable of IPv6, you cannot select the "IPv6" check box in the local security settings of the CP and there fore cannot use ICMPv6 services or IPv6 addresses in firewall rules. Existing firewall rules that use IPv6 are shown grayed out if IPv6 is disabled. You can find additional information about IP addresses in the IP addresses in IP packet filter rules (Page 808) section. Configuration options in ghost mode (only for SCALANCE S S602 as of V3.1): If ghost mode is activated, the IP address of the internal node is dynamically determined by the security module at runtime. Depending on the selected direction, you can select one of the following options in the column "Source IP address" (for direction "From internal to external) or in the column "Desti nation IP address" (for direction "From external to internal"): IP address of the internal node: The IP address of the internal node is inserted in the firewall rule by the SCALANCE S. Limited broadcast: The broadcast IP address 255.255.255.255 is inserted in the firewall rule by the SCALANCE S. Directed broadcast: The broadcast IP address of the SCALANCE S network is inserted in the firewall rule by the SCALANCE S. A directed broadcast can also be forwarded into the destination network via routers. Multicast: The multicast address band 224.0.0.0 /24 is inserted in the firewall rule by the SCALANCE S. After selecting this option, as an alternative a specific multicast IP address from the multicast address band can be specified. WinCC Advanced V14 System Manual, 10/2016 803 Editing devices and networks 10.1 Configuring devices and networks Parameter Meaning/comment Available options / ranges of values Service Selection of the IP/ICMP service or the service group to be used. The drop-down list box displays the predefined and configured IP services and service groups you can select. These are displayed in the global security settings under "Firewall" > "Services" > "Define services for IP rules". Before you select an ICMPv6 service, you need to select the "IPv6" check box. Note: Before using a prede fined service make sure that its predefined parameters meet your requirements. Pay particular attention to the pre defined source and destina tion ports. Bandwidth (Mbps) Option for setting a band width limitation CP x43-1, S7-1200-/S7-1500 CPs: 0.001 ... 100 Mbps Can only be entered if the "Allow" action is selected. For global and user-specific rules: 0.001 ... 1000 Mbps A packet passes through the firewall if the allow rule matches and the permitted bandwidth for this rule has not yet been exceeded. CP 1628 and SCALANCE S: 0.001 ... 1000 Mbps Note: If the direction "From tunnel to station" is configured in a firewall rule for the S7-1200/S7-1500 CPs, no bandwidth limitation can be specified. Logging Enable and disable logging Enabled for this rule. If logging is ena Disabled (default) bled, the settings for the packet filter logging config ured in the local security set tings apply. Number Automatically assigned num ber for the rule. The numbers are recalculated when rules are moved. 804 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Meaning/comment Available options / ranges of values Stateful If this check box for an IP rule is disabled with the "Allow" action, no firewall states are generated by packets to which the allow rule applies. Firewall states automatically allow the responses to al lowed packets. For allow rules of SCALANCE S V3: Can only be adapted if the "Allow" action is selected. Configuration of IP rules with out firewall states is only pos sible for SCALANCE S mod ules as of firmware V3. If the responses to packets that have passed the firewall ac cording to such IP rules should also be allowed, addi tional IP rules need to be con figured for these responses. Comment enabled (default) disabled For allow rules of SCALANCE S < V3 and CPs: enabled (default) Note: The check box is not present for CPs; however, the activated option is always used implicitly for allow rules of CPs. For drop rules: Disabled (default) Space for your own explana If a comment is marked with "AUTO", it was created for an automatic con tion of the rule nection rule. For rules you have created, entry of a comment is optional. Table 10-27 Meaning of the entries in the shortcut menu Entry in the shortcut menu Meaning Delete This deletes the selected rule or the selected rule set. Notes on removing a globally defined and locally assigned rule set: if you delete a rule set here, this only cancels the assignment to the security mod ule. Save as global rule set (only for local firewall rules) Copies the selected firewall rule(s) and inserts it as a global firewall rule set in the global security settings. The firewall configuration currently configured for the se curity module remains unaffected by this procedure. Move up Use this button to move the selected rule or selected rule set up one position in the list. As an alternative, you can move the selected rule or the selected rule set by dragging it with the mouse. You can select multiple entries. The rule / rule set you moved is therefore handled with higher priority. Move down Use this button to move the selected rule or selected rule set down one position in the list. As an alternative, you can move the selected rule or the selected rule set by dragging it with the mouse. You can select multiple entries. The rule / rule set you moved is therefore handled with lower priority. Define service for IP rules WinCC Advanced V14 System Manual, 10/2016 This opens the dialog in which you can manage the IP services and service groups. 805 Editing devices and networks 10.1 Configuring devices and networks Defining MAC packet filter rules Meaning With the MAC packet filter rules, you filter according to MAC frames. Within a packet filter rule, you can also fall back on the definitions of the MAC services. Entering MAC packet filter rules Enter the firewall rules one by one in the list. Note the following parameter description. Table 10-28 MAC rules: Parameter Parameter Meaning/comment Available options / ranges of values Action Allow/disallow (enable/block) Allow Allow frames according to definition. Drop Block frames according to definition. For firewall rules generated automatically as result of configuring a connection and subsequently adapted manually: Allow* Drop* If you change automatically created connection rules, when the "*" option is selected they are not recreated and overwritten by STEP 7. From / To Selection of the communications di Described in separate sections. rections for which the rule will apply. For SCALANCE S modules: MAC packet filter directions SCALANCE S (Page 891) For S7-300/S7-400/PC CPs: MAC packet filter directions S7-300-/S7-400-/PC-CPs (Page 922) For S7-1200/S7-1500 CPs: MAC packet filter directions S7-1200 / S7-1500 CPs (Page 935) Source MAC address The firewall rule is applied to the frames whose sender has the MAC address specified here. If you do not specify a MAC address, the firewall rule applies to all nodes in the com munications direction you selected in the "From" column. Destination MAC address The firewall rule is applied to the frames whose recipient has the MAC address specified here. If you do not specify a MAC address, the firewall rule applies to all nodes in the com munications direction you selected in the "To" column. 806 MAC address in the correct format WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Meaning/comment Service Selection of the MAC service or the service group to be used. Available options / ranges of values Bandwidth (Mbps) Option for setting a bandwidth limita CP x43-1, S7-1200-/S7-1500 CPs: 0.001 ... 100 Mbps tion. Can only be entered if the "Al CP 1628 and SCALANCE S: 0.001 ... 1000 Mbps low" action is selected. For global rules: 0.001 ... 1000 Mbps A packet passes through the firewall Note: If the direction "From tunnel to station" is configured in a fire if the allow rule matches and the per wall rule for the S7-1200/S7-1500 CPs, no bandwidth limitation can mitted bandwidth for this rule has not be specified. yet been exceeded. Logging Enable and disable logging for this Enabled rule. If logging is enabled, the set Disabled (default) tings for the packet filter logging con figured in the local security settings apply. Number Automatically assigned number for the rule. The numbers are recalcula ted when rules are moved. Comment Space for your own explanation of the rule The drop-down list box displays the predefined and configured serv ices and service groups you can select. These are displayed in the Note: Before using a predefined serv global security settings under "Firewall" > "Services" > "Define serv ice make sure that its predefined pa ices for MAC rules". rameters meet your requirements. If a comment is marked with "AUTO", it was created for an automatic connection rule. For rules you have created, entry of a comment is optional. Table 10-29 Meaning of the menu commands Button Meaning Delete This deletes the selected rule or the selected global rule set. Notes on removing a globally defined and locally assigned rule set: if you delete a rule set here, this only cancels the assignment to the security mod ule. Save as global rule set (only for local firewall rules) Copies the selected firewall rule(s) and inserts it as a global firewall rule set in the global security settings. The firewall configuration currently configured for the se curity module remains unaffected by this procedure. Move up Use this button to move the selected rule or selected global rule set up one position in the list. As an alternative, you can move the selected rule or the selected rule set by dragging it with the mouse. You can select multiple entries. The rule / rule set you moved is therefore handled with higher priority. Move down Use this button to move the selected rule or selected global rule set down one position in the list. As an alternative, you can move the selected rule or the selected rule set by dragging it with the mouse. You can select multiple entries. The rule / rule set you moved is therefore handled with lower priority. Define service for MAC rules WinCC Advanced V14 System Manual, 10/2016 This opens the dialog in which you can manage the MAC services and service groups. 807 Editing devices and networks 10.1 Configuring devices and networks IP addresses in IP packet filter rules Entering IP addresses in IP packet filter rules In IP packet filter rules, you have the following options for entering IP addresses: Nothing specified The rule applies to all IP addresses. An IP address The rule applies specifically to the specified address. Address range The rule applies to all the IP addresses covered by the address range. An address range is defined by specifying the number of valid bit places in the IP address in the format: [IP address]/[number of bits to be taken into account] - [IP address]/24 therefore means that only the most significant 24 bits of the IP address are included in the filter rule. These are the first three octets of the IP address. - [IP address ]/25 means that only the first three octets and the highest bit of the fourth octet of the IP address are included in the filter rule. Address area For the source IP address, an address range can be entered in the following format: [Start IP address]-[End IP address] IPv4 addresses An IPv4 address consists of 4 decimal numbers in the range from 0 to 255 separated from each other by a dot. Table 10-30 Examples of address ranges in IPv4 addresses Source IP address or destination IP address Address range Number of addresses*) from to 192.168.0.0/16 192.168.0.0 192.168.255.255 65.536 192.168.10.0/24 192.168.10.0 192.168.10.255 256 192.168.10.0/25 192.168.10.0 192.168.10.127 128 192.168.10.0/26 192.168.10.0 192.168.10.63 64 192.168.10.0/27 192.168.10.0 192.168.10.31 32 192.168.10.0/28 192.168.10.0 192.168.10.15 16 192.168.10.0/29 192.168.10.0 192.168.10.7 8 192.168.10.0/30 192.168.10.0 192.168.10.3 4 *) Note: Note that the network address and the broadcast address are not available as IP addresses of network nodes in an address range. IPv6 addresses IPv6 addresses consist of 8 fields each with four hexadecimal numbers (128 bits in total). The fields are separated by a colon. 808 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Example: fd00:ffff:ffff:ffff:ffff:ffff:2f33:8f21 Rules / simplifications: Leading zeros within a field can be omitted. Example: Instead of 2001:0db8:2426:08d3:1457:8a2e:0070:7344 it is also possible to use the notation 2001:db8:2426:8d3:1457:8a2e:70:7344. If one or more fields have the value 0 (or 0000), a shortened notation is possible. Example: Instead of 2001:0db8:0:0:0:0:1428:57ab it is also possible to use the notation 2001:db8::1428:57ab. To ensure uniqueness, this shortened form can only be used once within the entire address. Decimal notation with periods The last 2 fields or 4 bytes can be written in the normal decimal notation with periods. Example: The IPv6 address fd00::ffff.125.1.0.1 is equivalent to fd00::ffff:7d01:1. Address range notation in IP packet filter rules: In the same way as IPv4 addresses, IPv6 addresses can also be noted in the form of address ranges. Example: The entry "2001:0db8:85a3:08d3:1319:8a2e:0:0/96" covers all IPv6 addresses from 2001:0db8:85a3:08d3:1319:8a2e:0:0 to 2001:0db8:85a3:08d3:1319:8a2e:ffff:ffff. Carrying out module-specific log settings Log settings - overview Module-specific function The recording of packet filter events is not available for the CP 443-1 OPC UA, CP 1242-7 and CP 1243-7 The recording of audit events and system events is not available for the CP 1242-7. Log settings in the configuration The log settings made here are loaded on the module with the configuration and take effect when the security module starts up. You can restrict the configured packet filter log settings in the online functions if necessary. For example, you can use the online functions to specify that merely IP logging is displayed if you have configured IP and MAC logging. Logging procedures and event classes Here, you can specify which data should be logged. As a result, you enable logging as soon as you download the configuration to the security module. During configuration, you also select one or both of the possible logging procedures: Local logging Network Syslog WinCC Advanced V14 System Manual, 10/2016 809 Editing devices and networks 10.1 Configuring devices and networks In both logging procedures, the security module recognizes the three following types of events: Packet filter events Audit events System events Configuring local logging How to access this function 1. Select the module to be edited. 2. Select the "Log settings" > "Local log memory" entry in the local security settings. 810 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring local logging Table 10-31 Local logging - settings for log events Log event Meaning Comments Packet filter log (firewall) The packet filter log records certain packets of the data traffic. Only those data packets for which a configured packet filter rule (firewall) applies or to which the basic protection reacts (cor rupt or invalid packets) are logged. This is only possible when logging is enabled for the packet filter rule. Packet filter log data is not retentive The data is stored in volatile memory on the security module and is therefore no longer available after the power supply has been turned off. For retentive storage, you can also save the log data displayed in the "Online & diagnostics" dialog in a file. In the "Packets to be logged" dropdown list, you can specify the data packets to be logged: "All packets": The data packets that are logged are those to which a configured firewall rule applies. In addition to this, all the response packets to such packets are recorded that have passed the firewall according to a configured allow rule. "Status generating packets" (only for SCALANCE S as of V3): The only data packets that are logged are those to which a configured firewall rule (standard mode or advanced mode) applies and that initially generate a status in the firewall. Data packets that pass through the firewall by using this firewall status are not logged. Audit log The logging of audit events is always enabled. Audit log data is retentive The audit log automatically records security-relevant events, for example user actions such as activating or de activating packet logging or down loading configurations to the security module. Note for CPs: The system log automatically logs successive system events, for exam ple the start of a process or the failed login attempt of a user. System log data is not retentive The data is stored in a retentive memory of the The logged information is always stor security module and is therefore still available ed in the ring buffer. after turning off the power supply. System log Select the "Log settings" > "System events" entry to configure the event filter and cable diagnostics functions. WinCC Advanced V14 System Manual, 10/2016 The audit log files are not retentive on CPs. You should therefore use a Syslog server to backup this data. The data is stored in volatile memory on the security module and is therefore no longer available after the power supply has been turned off. For retentive storage, you can also save the log data displayed in the "Online & diagnostics" dialog in a file. 811 Editing devices and networks 10.1 Configuring devices and networks Table 10-32 Local logging - storage of recorded data Storage Meaning Ring buffer At the end of the buffer, the recording continues at the start of the buffer and overwrites the oldest entries. One-shot buffer Recording stops when the buffer is full. Configuring system events How to access this function 1. Select the module to be edited. 2. Select the "Log settings" > "System events" entry in the local security settings. Filtering of the system events In this dialog, you set a filter level for the system events. As default, the following values are set: SCALANCE S: Level 3 (Error) CP: Level 3 (Error) The system events are recorded that have the same priority as the selected filter level and that have a higher priority than the selected filter level. The lower the value of the filter level, the higher its priority and therefore less events are recorded. The priority of the selected filter level must be the same or lower than the severity set for the cable diagnostics; see the "Setting parameters for line diagnostics" table (not for CPs). Recommendation: Select "Error" as the filter level or a filter level with a higher priority to prevent recording of general non-critical events. Note for CP For CPs, select only level 3 or level 6 since only events of these levels are generated for CPs. Level 0 to level 3 error messages are output if level 3 is selected. If you select level 6, the error messages of levels 0 to 6 are output. 812 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Properties of the system events - line diagnostics (only for SCALANCE S) Line diagnostics generates a special system event. A system event is generated when a selectable percentage of bad frames is reached. This system event is assigned the severity and facility set in this dialog. Table 10-33 Setting parameters for line diagnostics Function / option / parameter Meaning Enable Enabling and disabling logging Limit Selectable percentage of faulty frames representing the limit at which a system event is triggered. Facility Select a facility from the drop-down list that identifies the system event to be logged. Severity Using the severity, you weight the system events of line diagnostics relative to the severity of the other system events. Note Severity of the system events of line diagnostics The system events of the line diagnostics must not have a lower severity than you set for the filter. At a lower severity, these events cannot pass through the filter and will not be logged. Configuring the network Syslog How to access this function 1. Select the module to be edited. 2. Select the "Log settings" > "Network Syslog" entry in the local security settings. Configuring the network Syslog Table 10-34 Network Syslog - basic settings Option / parameter Enable network Syslog Enables and disables the transfer of logging events to the Syslog server. Syslog server Here, enter the IP address of the Syslog server. As an alternative, an FQDN can be entered for SCALANCE S modules as of V4. The Syslog server must be accessible from the security module at the specified address and, if applicable, using the router configuration under the "Routing" entry of the local security settings. If the Syslog server cannot be accessed no Syslog messages are sent. You can recognize this oper ating state on the basis of corresponding system alarms. To activate the sending of the Syslog information again, you may have to update the rout ing information and initiate a restart of the security module. WinCC Advanced V14 System Manual, 10/2016 813 Editing devices and networks 10.1 Configuring devices and networks Option / parameter Enabling event classes Enable the classes of events to be transferred to the Syslog server. You can classify packet filter and audit events according to the Severity and using the Facility according to their origin. Module name The module name is displayed and cannot be changed at this point. Note Non-secure transfer of logging events Logging events are transferred to Syslog servers in plain language. This should be taken into account when using Syslog servers. Table 10-35 Network Syslog - settings for log events Log event Configuring Comments Packet filter events (firewall) The packet filter log records certain packets of the data traffic. Only those data packets for which a configured packet filter rule (firewall) applies or to which the basic protection reacts (cor rupt or invalid packets) are logged. This is only possible if logging is acti vated for the packet filter rule. The value you select here depends on the evaluation in the Syslog server. If you retain the "default" value setting, the se curity module specifies the combination of fa cility and severity with which the event is dis played. Syslog alarms can be classified ac cording to their origin and their severity level by setting Facility and Severity. This assignment is carried out with drop-down lists. The severity and fa cility that you set here is assigned to every event. Audit events The audit log automatically records se curity-relevant events, for example user actions such as activating or de activating packet logging or download ing configurations to the security mod ule. Assignment of the severity and facility is carried out with drop-down lists. The severity and facility that you set here is assigned to every event. System events 814 The system log automatically logs suc cessive system events, for example the start of a process or the failed login attempt of a user. The value you select here for the severity and facility depends on the evaluation in the Sy slog server. If you retain the "default" value setting, the se curity module specifies the combination of fa cility and severity with which the event is dis played. Select the "Log settings" > "System events" entry in the local security settings to configure the event filter and cable diagnostics func tions. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Security module as router Overview of the routing settings Meaning If you operate the security module in routing mode, the networks connected to the internal and external interface are transformed into separate subnets. The DMZ interface (SCALANCE S623/S627-2M only) is connected in routing mode regardless of the mode. In routing mode, the frames intended for an existing IP address in the subnet are forwarded. The firewall rules for the direction of transmission also apply. You have the following additional options: Setting specific routes - can be set in the local security settings under "Routing" (SCALANCE S only), see Specifying routes (Page 893) in the section "SCALANCE S". Use standard router - can be set in the local security settings with "External interface [P1] red", "Internal interface [P2] green" or "DMZ interface [P3] yellow" (SCALANCE S623/ S627-2M only) see Configuring IP address parameters (Page 867) in the section "SCALANCE S". A maximum of one standard router can be used per security module. NAT/NAPT routing - can be set with "NAT / NAPT" (only for SCALANCE S and CP x43-1 Adv.) in the local security settings. To be able to use NAT/NAPT, the security module must be in routing mode. Enabling routing mode (required for SCALANCE S modules only) For this mode, you configure an internal IP address and an internal subnet mask for addressing the router in the internal subnet in the local security settings. All network requests that do not belong to a subnet are forwarded by the security module to a different subnet. Note: In contrast to the bridge mode of the security module, VLAN tags are lost in routing mode. 1. Select the "Routing mode" option under "Mode" in the local security settings. 2. In the local security settings, enter an internal IP address and an internal subnet mask for addressing the router on the internal subnet in the input boxes under "Internal interface [P2] green" > Ethernet addresses". Overview of NAT/NAPT Module-specific function This function is only available for SCALANCE S and CP x43-1 Adv. WinCC Advanced V14 System Manual, 10/2016 815 Editing devices and networks 10.1 Configuring devices and networks Requirements The security module is in routing mode or the DMZ interface is activated (SCALANCE S623 / S627-2M only). Since firewall rules that enable communication in the configured address translation direction are generated automatically for NAT / NAPT rules, the advanced firewall mode must be enabled for the security module. For more detailed information, refer to section Relationship between NAT/NAPT router and firewall (Page 823) How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "NAT / NAPT". 3. When required, enable address translation according to NAT (Network Address Translation) or NAPT (Network Address Port Translation). Address translation with NAT (Network Address Translation) NAT is a procedure for address translation between two address spaces. The main task is to translate private addresses into public addresses; in other words into IP addresses that are used and even routed on the Internet. As a result, the IP addresses of the internal network are not known to the outside in the external network. The internal nodes are only visible to the external network by means of external IP address that is specified in the address translation list (NAT table). If the external IP address is not the address of the security module and if the internal IP address is unique, this is known as 1:1 NAT. With 1:1 NAT, the internal address is translated to this external address without port translation. Otherwise, n:1 NAT is being used. Address translation with NAPT (Network Address Port Translation) The address translation with NAPT changes the target address and the target port to a communication relation (port forwarding). Frames coming from the external network or DMZ network and intended for the IP address of the security module are translated. If the destination port of the frame is identical to one of the values specified in the "Source port" column, the security module replaces the destination IP address and the destination port as specified in the corresponding row of the NAPT table. With the reply, the security module uses the values for the destination IP address and destination port as contained in the initial frame as the source IP address and the source port. The difference to NAT is that with this protocol ports can also be translated. There is no 1:1 translation of the IP address. There is now only a public IP address that is translated to a series of private IP addresses with the addition of port numbers. Address translation in VPN tunnels Address translations with NAT/NAPT can also be performed for communications relations established via a VPN tunnel. This is supported for connection partners of the type SCALANCE S612 / S623 / S627-2M as of V4. 816 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You will find further information on address translations in VPN tunnels in the following sections: NAT/NAPT routing (Page 817) Address translation with NAT/NAPT in VPN tunnels (Page 823) Consistency check - these rules must be adhered to Among other things, remember the following rules to obtain consistent entries: The IP address of the internal interface must not be used in the NAT / NAPT table. An IP address used in the NAT/NAPT address conversion list must not be a multicast or broadcast address. The external ports assigned for the NAPT translation are in the range > 0 and 65535. Port 443 (HTTPS), 161 (SNMP), 67+68 (DHCP) and 500+4500 (IPsec) are excluded if the relevant services are activated on the security module. The external IP address of the security module or the IP address of the DMZ interface may only be used in the NAT table for the action "Source NAT". Checking for duplicates in the NAT table An external IP address or an IP address in the DMZ network used in the direction "Destination NAT", "Source NAT +Destination NAT" or "Double NAT" may only be used once in each specified direction. Checking for duplicates in the NAPT table: A source port number may only be entered once for each interface. Internal NAPT ports can be in the range > 0 and 65535. See also Overview of the routing settings (Page 815) NAT/NAPT routing Enabling NAT The input boxes for NAT are enabled. NAT address translations only take effect with the entries in the address translation list described below. After creating NAT rules, the corresponding firewall rules are generated and displayed in advanced firewall mode, see section: Relationship between NAT/NAPT router and firewall (Page 823) If PPPoE is activated for the external interface or the DMZ interface, the action "Destination NAT" cannot be configured. When configuring the action "Source NAT", the IP address cannot be entered in the "Source translation" input box because this is obtained dynamically during runtime. Possible address translations for NAT The following tables show the input options for address translation with NAT. WinCC Advanced V14 System Manual, 10/2016 817 Editing devices and networks 10.1 Configuring devices and networks Action "Destination NAT" - "Redirect" The action "Destination NAT" can be performed in the following direction: External to internal If the DMZ interface of the security module (SCALANCE S623/S627-2M only) is activated, the action "Destination NAT" can also be performed in the following directions: External to DMZ DMZ to internal DMZ to external If the SCALANCE S module (only SCALANCE S612/S623/S627-2M as of V4) is in a VPN group and the tunnel interface is enabled, the "Destination NAT" action can also be performed in the following directions: Tunnel to internal Tunnel to external Tunnel to DMZ (only if the DMZ interface is activated) The following applies, for example for the direction "external to internal": The destination IP address of a frame coming from the external network is checked to see whether it matches the IP address specified in the "Destination IP address" input box. If it matches, the frame is forwarded into the internal network by replacing the destination IP address of the frame with the IP address specified in the "Destination translation" input box. Access from external to internal using the external address is possible. The following table shows the input required for the action "Destination NAT". Box Possible entries Meaning Source IP address Not relevant for this action. Source translation Not relevant for this action. Destination IP address IP address in the source network Destination IP address in the source network with which an IP address in the destination network will be accessed. The destination IP address must not match the IP address of the security module in the source network. If the destination IP address in a frame matches the address entered, the address is replaced by the cor responding IP address in the destination network. The specified destination IP address becomes the alias address. This means that the specified IP ad dress is also registered as an IP address on the selec ted interface. Make sure that the alias address does not cause an IP address conflict in the network. The alias IP addresses of a security module are displayed under the entry "Alias IP addresses" of the relevant interface. Destination translation No. 818 IP address in the destination network - The destination IP address is replaced by the IP ad dress specified here. Consecutive number assigned by STEP 7 used to ref erence the firewall rule generated by STEP 7 for the NAT rule. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Action "Source NAT" - "Masquerading" The action "Source NAT" can be performed in the following direction: Internal to external If the DMZ interface of the security module (SCALANCE S623/S627-2M only) is activated, the action "Source NAT" can also be performed in the following directions: Internal to DMZ External to DMZ DMZ to external If the SCALANCE S module (only SCALANCE S612/S623/S627-2M as of V4) is in a VPN group and the tunnel interface is enabled, the "Source NAT" action can also be performed in the following directions: Internal to tunnel External to tunnel DMZ to tunnel (only if the DMZ interface is activated) The following applies, for example for the direction "internal to external": The source IP address of a frame coming from the internal network is checked to see whether it matches the IP address specified in the "Source IP address" input box. If it matches, the frame with the external IP address specified in the "Source translation" input box is forwarded to the external network as a new source IP address. In the external network, the external IP address is effective. The following table shows the input required for the action "Source NAT". Box Possible entries Meaning Source IP address IP address in the source network The source IP address of the specified node is replaced by the IP address specified in the "Source translation" input box. IP address range / IP address band in the source network The IP addresses of the IP address range / IP address band are replaced by the IP address specified in the "Source translation" input box. * Source translation IP address in the destination network The IP addresses of all nodes in the source network are replaced by the IP address specified in the "Source trans lation" input box. Entry of the IP address that will be used as the new source IP address. If the IP address entered here is not the IP address of the security module, this becomes an alias address. This means that the specified address is also registered as an IP address on the selected interface. Make sure that the alias address does not cause an IP address conflict in the network. The alias IP addresses of a security module are displayed under the entry "Alias IP addresses" of the relevant interface. Destination IP address Not relevant for this action. - Destination translation Not relevant for this action. - No. WinCC Advanced V14 System Manual, 10/2016 - Consecutive number assigned by STEP 7 used to refer ence the firewall rule generated by STEP 7 for the NAT rule. 819 Editing devices and networks 10.1 Configuring devices and networks Note You can configure an address translation to the module IP address in the destination network for all frames going from a source network to a destination network. The security module also assigns a port number for each frame. This is an n:1 NAT address translation in which multiple IP addresses of the source network are translated to one IP address of the destination network. Enter, for example, the following parameters for the direction "internal to external": Action: "Source NAT" From: "Internal" To "External" Source IP address: "*" Source translation: External IP address of the security module Action "Source NAT + Destination NAT" - "1:1-NAT" The action "Source NAT + Destination NAT" can be performed in the following direction: Internal to external If the DMZ interface of the security module (SCALANCE S623/S627-2M only) is activated, the action "Source NAT + Destination" can also be performed in the following directions: Internal to DMZ External to DMZ DMZ to external If the SCALANCE S module (only SCALANCE S612/S623/S627-2M as of V4) is in a VPN group and the tunnel interface is enabled, the "Source-NAT + Destination-NAT" action can also be performed in the following directions: External to tunnel Internal to tunnel DMZ to tunnel (only if the DMZ interface is activated) The following applies, for example for the direction "internal to external": When accessing from internal to external, the action "Source NAT" is performed. When accessing from external to internal, the action "Destination NAT" is performed. The following table shows the input required for the action "Source NAT + Destination NAT": Box Possible entries Meaning Source IP address IP address in the source network Source translation IP address in the destination network Destination IP address Not relevant for this action. Destination translation Not relevant for this action. The configuration is always specified in the source NAT direction. The IP addresses of the destination NAT direction are then inserted automatically by STEP 7. No. 820 - Consecutive number assigned by STEP 7 used to ref erence the firewall rules generated by STEP 7 for the NAT rule. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Action "Double NAT" The action "Double NAT" can be performed for SCALANCE S modules in the following directions: Internal to external External to internal If the DMZ interface of the security module (SCALANCE S623/S627-2M only) is activated, the action "Double NAT" can also be performed in the following directions: Internal to DMZ External to DMZ DMZ to internal DMZ to external In every direction, Source and Destination NAT always take place at the same time. The following applies, for example for the direction "external to internal": When accessing from external to internal, the source IP address of the external node is replaced (Source NAT). Access to the internal network also uses the external IP address specified in the "Destination IP address" input box (Destination NAT). You can, for example, use this action if a standard router other than the security module is entered for a device to be accessed using Destination NAT. Response frames from this device are then not sent to the entered standard router but to the corresponding interface of the security module. The following table shows the input required for the action "Double NAT": Box Possible entries Meaning Source IP address IP address in the source network IP address of the node in the source network Source translation WinCC Advanced V14 System Manual, 10/2016 - The Source NAT address translation is always to the IP address of the security module in the destination network. For this reason, the "Source translation" in put box cannot be configured. 821 Editing devices and networks 10.1 Configuring devices and networks Box Possible entries Meaning Destination IP address IP address in the source network Destination IP address in the source network with which an IP address in the destination network will be accessed. If the destination IP address in a frame matches the IP address entered, the IP address is replaced by the IP address specified in the "Destination translation" input box. If the IP address entered here is not the IP address of the security module, this becomes an alias address. This means that the specified address is also regis tered as an IP address on the selected interface. Make sure that the alias ad dress does not cause an IP address conflict in the network. The alias IP ad dresses of a security module are dis played under the entry "Alias IP address es" of the relevant interface. Destination translation IP address in the destination network No. - The destination IP address is replaced by the IP address specified here. Consecutive number assigned by STEP 7 used to reference the firewall rule generated by STEP 7 for the NAT rule. Enabling NAPT The input boxes for NAPT are enabled. NAPT translations only take effect with the entries in the list described below. After creating NAPT rules, the corresponding firewall rules are generated and displayed in advanced firewall mode, see section: Relationship between NAT/NAPT router and firewall (Page 823) The IP address translation with NAPT can be performed in the following direction: External to internal If the DMZ interface of the security module (SCALANCE S623/S627-2M only) is activated, the IP address translation with NAPT can also be performed in the following directions: External to DMZ DMZ to internal DMZ to external If the SCALANCE S module (only SCALANCE S612/S623/S627-2M as of V4) is in a VPN group and the tunnel interface is enabled, the IP address translation with NAPT can also be performed in the following directions: Tunnel to internal Tunnel to external Tunnel to DMZ (only if the DMZ interface is activated) 822 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following applies, for example for the direction "external to internal": Frames intended for the external IP address of the security module and for the port entered in the "Source port" column are forwarded to the specified destination IP address in the internal network and to the specified destination port. The IP address from which the frames of forwarded into the target network is displayed in the column "Virtual IP address". With a direction from external this is the external IP address of the security module and with a direction from DMZ the IP address of the DMZ interface of the security module. The following table shows the input required for address translation with NAPT: Box Possible entries Meaning Source port TCP/UDP port or port range A node in the source network can send a frame to a node in the destination network by using this port number. Destination IP address IP address in the destination network Frames intended for the IP address of the security module in the source network and the TCP/UDP port specified in the "Source port" box are forwarded to the IP address specified here. Destination port TCP/UDP port Port number to which the frames coming from the source net work are forwarded. Protocol TCP+UDP Selection of the protocol family for the specified port numbers Example of entering a port range: 78:99 TCP UDP No. - Consecutive number assigned by STEP 7 used to reference the firewall rule generated by STEP 7 for the NAPT rule. Address translation with NAT/NAPT in VPN tunnels Module-specific function Address translation with NAT/NAPT in VPN tunnels is only available for SCALANCE S612/ S623/S627-2M modules as of V4, refer to the section: Address translation with NAT/NAPT in VPN tunnels (Page 894) Relationship between NAT/NAPT router and firewall Meaning After creating NAT/NAPT rules, STEP 7 automatically generates firewall rules that enable communication in the configured address translation direction. The generated firewall rules are visible in advanced firewall mode and can, if necessary, be moved and expanded (additional IP address / IP address range / IP address band, services, bandwidth). In addition to this, the automatically generated firewall rules should be checked in terms of their priority and their position. If there are also manually configured firewall rules in the rule list that have higher priority than the automatically generated firewall rules, under certain circumstances no NAT / NAPT will be performed. If there are several identical NAT / firewall pairs of rules, the priority in the firewall rule list decides which rule is used. WinCC Advanced V14 System Manual, 10/2016 823 Editing devices and networks 10.1 Configuring devices and networks Firewall parameters generated by STEP 7 cannot be adapted. After deactivating NAT/NAPT, the firewall rules generated by STEP 7 are disabled. To clarify the relationship between the NAT/NAPT rules and the corresponding firewall rules, they are identified by corresponding, consecutive numbers. In firewall rules that were generated automatically for NAT/NAPT rules, the "Stateful" check box cannot be disabled. The following table shows the system behind the firewall rules generated for NAT rules for SCALANCE S modules. Table 10-36 NAT address translation and corresponding firewall rules for SCALANCE S modules NAT action Created firewall rule Action From To Destination NAT Allow Source network Destination network Source NAT Allow Source network Destination network IP address of the node specified in the "Source IP ad dress" input box - Source NAT + Destination NAT Allow Source network Destination network IP address of the node specified in the "Source IP ad dress" input box - Allow Destination network Source network Allow Source network Destination network IP address of the node specified in the "Source IP ad dress" input box IP address speci fied in the "Destina tion IP address" in put box Allow Source network Destination network IP address of the node specified in the "Source IP ad dress" input box IP address of the node specified in the "Destination translation" input box Double NAT 824 Source IP address - - Destination IP ad dress IP address speci fied in the "Destina tion IP address" in put box IP address that was inserted in the "Des tination IP address" input box by STEP 7 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following table shows the system behind the firewall rules generated for NAT rules for CP x43-1 Adv. Table 10-37 NAT address translation and corresponding firewall rules for CP x43-1 Adv. NAT action Created firewall rule Action From To Drop External Allow Source NAT Source NAT + Destination NAT Destination NAT Source IP address Destination IP ad dress Station - IP address of the security module in the external net work External Any - IP address of the node specified in the "Destination translation" input box Allow Any External IP address speci fied in the "Source translation" input box - Allow Any External IP address speci fied in the "Source translation" input box - Drop External Station - IP address of the security module in the external net work Allow External Any - IP address of the node that was inser ted in the "Destina tion translation" in put box by STEP 7 The following table shows the system behind the firewall rules generated for NAT rules for SCALANCE S modules. Table 10-38 NAPT translation and firewall rules created for SCALANCE S modules Created firewall rule Action From To Allow Source network Destination net work WinCC Advanced V14 System Manual, 10/2016 Source IP address Destination IP address Service - IP address of the security module in the source network [Serv ice_NAPT_rule] 825 Editing devices and networks 10.1 Configuring devices and networks The following table shows the system behind the firewall rules generated for NAPT rules for CP x43-1 Adv. Table 10-39 NAPT translations and created firewall rules for CP x43-1 Adv. Created firewall rules Action From To Source IP address Destination IP address Service Drop External Station - IP address of the security module in the external net work [Serv ice_NAPT_rule] Allow External Any - IP address of the security module in the external net work [Serv ice_NAPT_rule] Stateful packet inspection The firewall and NAT/NAPT router supports the "Stateful Packet Inspection" mechanism. As a result, reply frames can pass through the NAT/NAPT router and firewall without it being necessary for their addresses to be included extra in the firewall rule and the NAT/NAPT address translation. Relationship between NAT/NAPT router and user-specific firewall Module-specific function The configuration of NAT/NAPT rules in the user-specific firewall is only available for SCALANCE S modules as of V3, refer to the section: Relationship between NAT/NAPT router and user-specific firewall (Page 896) 826 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring time-of-day synchronization Procedure for time-of-day synchronization Meaning For the time synchronization of the transfer of productive data, the date and time are maintained on the security module to verify the validity (time) of a certificate and for time stamping log entries. For the Security functions the time of day of the security modules of a project must be synchronized. Note Configuring the firewall for communication with NTP servers If the NTP server cannot be reached by the security module, you will need to allow the frames from the NTP server explicitly in the firewall (UDP, port 123). Note Time-of-day synchronization relates solely to the security module and cannot be used to synchronize devices in the internal network of the security module. Some CPs can forward the time of day to other module of the station. The CP 4431 OPC UA can only receive the time-of-day in the SIMATIC mode from the station but cannot forward it. Note Before the security functions of a CP (time-of-day slave) are used, the CP must receive a valid time-of-day frame from the time master. Configuring time-of-day synchronization for a security module How to access this function 1. Select the module to be edited. 2. Select the "Time-of-day synchronization" entry in the local security settings. 3. Select the "Activate time-of-day synchronization" check box. WinCC Advanced V14 System Manual, 10/2016 827 Editing devices and networks 10.1 Configuring devices and networks Procedure for time-of-day synchronization Depending on the security module being used, the following methods can be configured: Possible selection Meaning / effect Set time with each download The module time is set automatically to the PC time when a configuration is downloaded. SIMATIC Time-of-day synchronization by received MMS time-ofday messages (MMS = Manufacturing Message Specifi cation) Time of day from partner Time-of-day synchronization by the communications partner NTP Time-of-day synchronization by an NTP server NTP (secure) Time-of-day synchronization by an NTP server of the type "NTP (secure)". Configuring the synchronization method The synchronization methods and their parameters have the following meaning: Set time with each download When a configuration is downloaded to a SCALANCE S module, the module time of day is set with the PC time of day. SIMATIC For the CP select whether the CP is to adopt or forward the time of day. The CP 1628 always forwards the time of day. The CP 4431 OPC UA uses the SIMATIC mode if no timeof-day synchronization using NTP is configured. It can only receive the time-of-day from the station but cannot forward it. Available directions: - Automatic Only for CP x431 Advanced: The CP receives the time from the station or from the LAN and forwards it to the station or to the LAN. If several CPUs are being operated in the station, the default setting can lead to collisions. To avoid this, you should specifically define the forwarding direction. - From station Only for CP x431 Advanced: The CP forwards the time of day to the LAN. - From LAN The CP forwards the time of day from the LAN to the station. If forwarding of the time of day is enabled, you can use the "Use corrected time" check box to specify whether or not a correction factor included in the time-of-day frame is used. For the CP 1628, this option is is the default and it cannot be disabled. 828 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Time from partner The time is obtained from the partner. - Synchronization cycle: Specifies the cycle for time-of-day synchronization. For the synchronization cycle of the CP, and individual hour or minute interval can be specified. NTP / NTP (secure) - Time zone: In NTP mode, it is generally UTC (Universal Time Coordinated) that is transferred. This corresponds to GMT (Greenwich Mean Time). The time offset from UTC can be set by configuring the local time zone. - Update interval in seconds: Specifies the interval between the time queries in seconds. For SCALANCE S as of V3, the time interval for querying the NTP server is specified automatically. Note Setting the update interval for CPs If the "Enable security functions" check box is enabled in the local security settings of a CP, the setting for the update interval is transferred from the CP's local settings into the CP's local security settings. - Time synchronization on the full minute: With this option, you specify that the time of day is forwarded to the communications bus on the full minute. This option is required for certain special applications. - Accept time from non-synchronized NTP servers Here you can specify whether the security module also accepts the time-of-day from non-synchronized NTP servers. - Forward time of day to station: Disable this option if the CPU requests the time separately from an NTP server. This prevents the time on the CPU obtained directly from the NTP server from being overwritten by the time detected in the CP. The accuracy may be reduced slightly due to forwarding via the CP. - NTP server: Creating NTP servers in the local security settings is described in the section Configuring NTP servers (Page 829). Configuring NTP servers Creating NTP servers of the type "NTP (secure)" in the global security settings In the global security settings only NTP servers of the type "NTP (secure)" can be created and assigned to CPs or SCALANCE S modules as of V4. 1. In the global security settings, select the entry "NTP". Result: The previously created NTP servers (secure) are displayed under the selected entry. 2. Double-click on the "Add new NTP server" entry. Result: The created NTP server (secure) is displayed with an automatically assigned number below the entry "NTP". WinCC Advanced V14 System Manual, 10/2016 829 Editing devices and networks 10.1 Configuring devices and networks 3. Double-click on the created NTP server (secure). Result: In the working area the assignment dialog for NTP servers (secure) is displayed. The selected NTP server (secure) is selected in the "NTP server" drop-down list. The required security modules can be assigned to this, see section Assigning the security module to an NTP server (secure) (Page 831). In the local security settings, the configurable properties of the NTP server (secure) are displayed. 4. Enter the following data in the "General" entry in the local security settings: - Name: A maximum of 25 characters can be used for the name of the NTP server (secure). - IP address / FQDN: IP address of the NTP server (secure). If the NTP server will only be assigned SCALANCE S modules as of V4, an FQDN can be specified as an alternative. 5. Enter the following encryption parameters in the "NTP key" entry in the local security settings: Property Meaning Key ID Numeric value between 1 and 65534. Authentication Select the authentication algorithm. Hex/ASCII Select the format for the NTP key. Key Enter the NTP key with the following lengths: Hex: 22 ... 40 characters ASCII: 11 ... 20 characters To switch over to the local security settings of another NTP server (secure), select this from the "NTP server" drop-down list of the assignment dialog or double-click on the corresponding entry in the global security settings. Result You have created the NTP server (secure) and can now assign this to the required security modules. Note the descriptions in the following section: Creating non-secure NTP servers in the local security settings Non-secure NTP servers for SCALANCE S modules below V4 and CPs need to be created in the local security settings. 1. Select the module to be edited. 2. Select the "Time-of-day synchronization" entry in the local security settings. 3. Select the synchronization method.. 4. Enter a name and the IP address of the NTP server. A maximum of 25 characters can be used for the name. If you have selected the "NTP (secure)" synchronization mode, you can select an NTP server (secure) that you created in the global security settings in the "Name" column. 830 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration limits for NTP servers You can assign a maximum of 4 NTP servers to one security module. Conventions for names of NTP servers The characters 0-9, a-z, A-Z, -._ can be used for the names of NTP servers. A name must start with a letter and end with a letter or number. Before the `.' character only letters and numbers are permitted, after the `.' character only letters. Before the `_' or `-* character only letters and numbers are permitted. Importing/exporting NTP servers (secure) Using the "Import" or "Export" commands in the shortcut menu, you can export the key list of the currently selected NTP server (secure) and import the file into an NTP server (secure) or vice versa. Assigning the security module to an NTP server (secure) Requirement You have defined an NTP server (secure) in the global security settings. "NTP" or "NTP (secure)" is selected as the time-of-day synchronization mode in the local security settings of the security module that you want to assign to an NTP server (secure). Procedure 1. Double-click the "NTP" entry in the global security settings. 2. Double-click the entry "Assign module to an NTP server". 3. From the "NTP Server" drop-down list, select the NTP server (secure) to which you want to assign a security module. 4. In the "Available modules" section, select the security module that you want to assign to the selected NTP server (secure). 5. Click the "<<" button to assign the selected security module to the selected NTP server (secure). Result You have assigned the security module to the NTP server (secure). The NTP server (secure) is displayed automatically in the local security settings in the list of NTP servers. WinCC Advanced V14 System Manual, 10/2016 831 Editing devices and networks 10.1 Configuring devices and networks Security module as DHCP server Module-specific function The use of the security module as a DHCP server is only possible with SCALANCE S modules, see subsection: AUTOHOTSPOT in the section "SCALANCE S". Configuring SNMP Overview of SNMP What is SNMP? The security module supports the transfer of management information using the Simple Network Management Protocol (SNMP). For this purpose, an SNMP agent that receives and responds to SNMP requests is installed on the security module. The information on the properties of SNMPcompliant devices is entered in MIB files (MIB = Management Information Base) for which the user must have the required rights. In SNMPv1, the "community string" is also sent. The "community string" is like a password that is transmitted along with the SNMP request. If the community string is correct, the security module replies with the required information. If the string is incorrect, the security module discards the query and does not reply. The community string is transmitted via SNMPv1 without encryption. SNMPv3 lets you transmit encrypted data. Configuring SNMP - "SNMP" entry Module-specific function The configuration of SNMP is only possible for SCALANCE S as of V3, CP x43-1 Adv., CP 443-1 OPC UA, CP 1543-1, CP 1543SP-1, CP 1243-1, CP 1243-1 PCC, CP 1243-8 IRC and CP 1628. How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "SNMP". 3. Activate the "Activate SNMP" check box. 832 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Select one of the following SNMP protocol versions: Note Encrypted data transmission with SNMPv3 You should use SNMPv3 to transmit data in encrypted form in order to enhance security. - SNMPv1 The security module uses the following default values for the community strings to control the access rights in the SNMP agent. These default values should be adapted to increase security. For read access: public For read and write access: private To enable write access using SNMP, select the "Allow write access" option. - System log (not for CP 1243-1 PCC) Select either only an authentication algorithm or an authentication algorithm and an encryption algorithm. Authentication algorithm: none, MD5, SHA-1 Encryption algorithm: none, AES-128, DES Note Preventing the use of DES DES is an insecure encryption algorithm. Therefore, it should only be used for reasons of down compatibility. Note When using SNMPv3 no RADIUS authentication is possible. 5. If SNMPv3 is to be used, assign a user a role with corresponding activated SNMP rights to enable access to the module via SNMP. An overview of SNMP rights is available in the section: Managing rights (Page 769). 6. In the "Advanced settings" area, for SCALANCE S modules configure module-specific information about the author, location and e-mail address overwriting the information from the project properties. The following applies to values written to the security module by an SNMP tool using an SNMP-SET command: If you select the "Keep values written by SNMP set" check box, the values are not overwritten when there is another download of a STEP 7 configuration to the security module. Configuring proxy ARP Module-specific function This function is available only for SCALANCE S V3 modules or higher, see section Configuring proxy ARP (Page 900) WinCC Advanced V14 System Manual, 10/2016 833 Editing devices and networks 10.1 Configuring devices and networks Activate Web server on security module Module-specific function This function is only available for CP x43-1 Advanced, and CP 443-1 OPC UA see subsection: Activating Web server on security module (Page 926)in the section "Security for S7-300 / S7-400 / PC CPs". IPsec tunnel: Creating and assigning VPN groups How to create an IPsec tunnel with VPN groups Module-specific function This function is only available for SCALANCE S612/S613/S623/S627-2M, CP x43-1 Adv., CP 1243-1, CP 1543-1 V1.1, CP 1543SP-1, CP 1243-7 LTE, CP 1243-8 IRC and CP 1628. Requirement Note Current date and current time of day on the security modules When using secure communication (for example, HTTPS, VPN...), make sure that the security modules involved have the current time of day and the current date. Otherwise the certificates used are not evaluated as valid and the secure communication does not work. Creating a VPN group 1. In the global security settings, select the entry "VPN groups". Result: The previously created VPN groups are displayed under the selected entry. 2. Double-click on the "Add new VPN group" entry. Result: The created VPN group is displayed with an automatically assigned number below the entry "VPN groups". As an alternative, in the network view you can right click on an interface of a module with VPN capability and create a VPN group with the shortcut menu command "Add new VPN group" (not possible for SOFTNET Security Client). The selected security module is automatically assigned to the created VPN group. 3. Double-click on the created VPN group. Result: In the working area the assignment dialog for VPN groups sets is displayed. The selected VPN group is selected in the "VPN" drop-down list. Security modules can be assigned to this in the relevant assignment dialog, see section Assigning a security module to a VPN group (Page 836). In the local security settings, the VPN group properties of the selected VPN group can be adapted, see section Group properties for selected VPN group (Page 838). 834 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Conventions for names of VPN groups The characters 0-9, a-z, A-Z, -._ can be used for the names of VPN groups. A name must start with a letter and end with a letter or number. Before the `.' character only letters and numbers are permitted, after the `.' character only letters. Before the `_' or `-* character only letters and numbers are permitted. Display of the VPN groups with their properties If you select a security module that is in one or more VPN group(s), the properties of the VPN group(s) of which the security module is a member are shown in the "Network data" area. The following properties of the VPN groups are displayed in columns in the "VPN" tab of the "Network data" area: WinCC Advanced V14 System Manual, 10/2016 Property/column Meaning VPN Names of the VPN groups of which the selected security module is member Security module Names of the assigned security modules Authentication Type of authentication: Pre-shared key or certifi cate Group membership until Date and time up to which the VPN group certifi cate of the security module is valid Type Model numbers of the assigned security modules Comment Comment 835 Editing devices and networks 10.1 Configuring devices and networks Setting the life of certificates Open the dialog in which you can set the expiry date of the certificate as follows: 1. Select the VPN group you want to edit in the "VPN" tab. 2. In the "Properties" > "General" tab of the Inspector window, select the entry "Authentication". Note Expiry of a certificate Communication through the VPN tunnel continues after the certificate has expired until the tunnel is terminated or the SA lifetime expires. For more information on certificates, refer to section: AUTOHOTSPOT. Configuration limits Number of IPSec tunnels SCALANCE S612 V3/V4 Maximum of 128 SCALANCE S623 V3/V4 Maximum of 128 SCALANCE S627-2M V4 Maximum of 128 CP x43-1 Advanced Maximum of 32 CP 1628 Maximum of 64 S7-1200/S7-1500 CPs Maximum of 16 Assigning a security module to a VPN group Requirement You have created a VPN group in the global security settings. Before assigning security modules to VPN groups, note the rules for this in the section Modes of VPN groups (Page 840). Procedure 1. Double-click on the "VPN groups" entry in the global security settings. 2. Double-click on the "Assign module to a VPN group" entry. 3. From the "VPN" drop-down list, select the VPN group to which you want to assign a security module. 4. In the "Available modules" section, select the security module that you want to assign to the selected VPN group. 5. Click the "<<" button to assign the selected security module to the selected VPN group. As an alternative to the procedure , in the network view you can assign a security module to an existing VPN group by right clicking on an interface of a module with VPN capability and assign this to the VPN group using the shortcut menu "Assign module to a VPN group" (not possible for SOFTNET Security Client). 836 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Result You have assigned the security module to the VPN group. Authentication methods The following methods are available: The authentication method is specified per VPN group and decides the type of authentication used. The following key-based or certificate-based authentication methods are supported: Pre-shared key Authentication is achieved using a previously specified character string that is distributed to all modules in the group. Enter a pre-shared key in the "Key" field under "Authentication" > "General" in the VPN group properties dialog. If you click the "Renew preshared key" button, STEP 7 renews the pre-shared key to be used. Certificate Certificate-based authentication "Certificate" is the default setting. The procedure is as follows: - When a group is created, a CA certificate is generated as a root certificate. - Each security module that is a member of the VPN group also receives a group certificate signed with the key of the CA certificate. If you click the "Renew certificate " button, STEP 7 renews the CA certificate of the VPN group. All certificates are based on the ITU standard X.509v3 (ITU, International Telecommunications Union). The certificates are generated by a certificate authority contained in STEP 7. Note Restriction in VLAN operation No VLAN tagging is transmitted in IP frames via the VPN tunnel of the security module. The VLAN tags included in IP frames are lost when they pass through the security modules because IPsec is used to transfer the IP frames. As default, no IP broadcast or IP multicast frames can be transferred with IPsec through a layer 3 VPN tunnel. Through a layer 2 VPN tunnel of the security module, IP broadcast or IP multicast frames are packaged just like MAC packets including the Ethernet header in UDP and transferred. With these packets, the VLAN tagging is therefore retained. WinCC Advanced V14 System Manual, 10/2016 837 Editing devices and networks 10.1 Configuring devices and networks Group properties for selected VPN group VPN group properties Note Knowledge of IPsec necessary To be able to set these parameters, you require IPsec experience. If you do not make or modify any settings, the defaults apply. The following settings can be configured in the properties of a VPN group: Authentication method (entry: "General") IKE settings (entry: "Advanced settings phase 1") IPsec settings (entry: "Advanced settings phase 2") How to access this function 1. In the global security settings select the VPN group whose properties you want to configure under the entry "VPN groups". 2. Select "Open" in the shortcut menu of this entry. Result: The VPN group properties appear in the area of the local security settings. 3. In the "Authentication" entry, select whether to use a pre-shared key or certificate for authentication. For more detailed information, refer to section: Authentication methods (Page 837). Parameters for advanced settings phase 1 Phase 1: IKE negotiation of the Security Association (SA) for phase 2: Here you set the parameters for negotiating the security parameters to be used in phase 2: Parameter Description IKE mode Main mode Aggressive mode The difference between the main and aggressive mode is the "identity protection" used in the main mode. The identity is transferred encrypted in main mode but not in aggressive mode. DH group phase 1 Groups selectable for the Diffie-Hellman Key exchange: Group 1 Group 2 Group 5 Group 14 838 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Description SA lifetime type Phase 1 Security Association (SA): Time: Time limit in minutes The lifetime of the current key material is limited in time. When the time expires, the key material is renegotiated. SA lifetime Numeric value: Range of values for time: 1440 ... 2500000 minutes (default: 2500000) Phase 1 encryption Encryption algorithm: DES*: Data Encryption Standard (56 bit key length, mode CBC) 3DES-168: Triple DES (168-bit key length, mode CBC) AES-128, 192, 256: Advanced Encryption Standard (128 bit, 192 bit or 256 bit key length, mode CBC) Phase 1 authentication Authentication algorithm: MD5: Message Digest Algorithm 5 SHA1: Secure Hash Algorithm 1 *DES is an insecure encryption algorithm. It should only be used for reasons of down compatibility. Parameters for advanced settings phase 2 Phase 2: IKE negotiation of the Security Association (SA) for IPsec data exchange: Here, you set the parameters for negotiating the security parameters used for the IPsec data exchange with ESP (Encapsulating Security Payload) and AH (Authentication Header). Communication in phase 2 is already encrypted. Parameter Description SA lifetime type Phase 2 Security Association (SA): Time: Time limit in minutes. The lifetime of the current key material is limited in time. When the time expires, the key material is renegotiated. Limit: Limitation of the data volume in MB SA lifetime Numeric value: Range of values for time: 60 ... 16666666 minutes (default: 2880) Range of values for limit: 2000 ... 500000 MB (default: 4000) Phase 2 encryption Encryption algorithm: DES*: Data Encryption Standard (56 bit key length, mode CBC) 3DES-168: Triple DES (168-bit key length, mode CBC) AES-128: Advanced Encryption Standard (128-bit key length, mode CBC) Phase 2 authentication Authentication algorithm: MD5: Message Digest Algorithm 5 SHA1: Secure Hash Algorithm 1 Perfect Forward Secrecy WinCC Advanced V14 System Manual, 10/2016 If you enable this check box, new Diffie-Hellmann public key values are exchanged for recalculation of the keys. If the check box is disabled, the values already exchanged in phase 1 are used for recalculation of the keys. 839 Editing devices and networks 10.1 Configuring devices and networks *DES is an insecure encryption algorithm. It should only be used for reasons of down compatibility. Modes of VPN groups VPN modes Depending on the mode of the security modules that were added to a VPN group, different modes of VPN groups are distinguished. The mode of a VPN group provides information about the security modules and their modes that can be added to the VPN group. Rules for forming groups Remember the following rules if you want to create VPN groups: For SCALANCE S612 / S613 / S623 / S627-2M / SCALANCE M / VPN device The first module assigned in a VPN group decides which other modules can be added to it. If the first SCALANCE S module to be added is in routing mode or if the first module is a SCALANCE M module or a VPN device, only additional SCALANCE S modules with routing activated or SCALANCE M modules cor VPN devices an be added because SCALANCE M modules and VPN devices always operate in routing mode. If the first SCALANCE S module added is in bridge mode, you can only add other SCALANCE S modules in bridge mode. If you want to change the mode of a VPN group, you have to remove all the modules contained in the group and add them again. A CP and an SSC can be added to a group with a SCALANCE S in bridge or routing mode. For CP / SSC If a CP / SSC is the first module in a VPN group, security modules can be added in any mode. The next module that decides the mode then also decides the mode of the VPN group. A CP / SSC can be assigned to several VPN groups at the same time and use different modes. The CP / SSC is then operated in mixed mode. It is not possible to add a SCALANCE M module to a VPN group that contains a module in bridge mode. Refer to the following table to see which modules can grouped together in a VPN group: Table 10-40 Security modules and VPN modes Module 840 Can be included in a VPN group in... Bridge mode Routing mode SCALANCE S612 / S613 / S623 / S627-2M in bridge mode x -* SCALANCE S612 / S613 / S623 / S627-2M in routing mode - x CP x43-1 Adv. x x S7-1200/S7-1500 CPs x x CP 1628 x x WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Module Can be included in a VPN group in... Bridge mode Routing mode SOFTNET Security Client V4.0 x x SCALANCE M875 / VPN device - x * SCALANCE S623/S627-2M modules in bridge mode can be inserted in a VPN group in routing mode if their DMZ interface is activated (not at the same time). Including security module in configured VPN group The configured VPN group properties are adopted for security modules added to in an existing VPN group. Procedure after including a security module in a configured VPN group Depending on whether or not you have changed the VPN group properties since the last download, you must make a distinction between the following: Case a: If you have not changed the VPN group properties and the module to be added actively establishes the connection to modules of the type SCALANCE S, CP x43-1 Adv. or CP 1628: 1. Add the new security module to the VPN group. 2. Download the configuration to the new module. Case b: If you have changed the VPN group properties or the module being added does not actively establish the connection to the already configured modules: 1. Add the new security module to the VPN group. 2. Download the configuration to all modules that belong to the VPN group. In case a, it is not necessary to reconfigure and load the already commissioned security modules. Active communication is not influenced or interrupted. Settings for nodes with an unknown IP address Nodes whose IP address is unknown at the time of configuration (Unknown Peers) e.g. SOFTNET Security Client or SCALANCE M) or that are connected via a NAT address translation can be inserted in an existing VPN group. The VPN tunnel of such a node to SCALANCE S, CP x43-1 Adv. and CP 1628 can however only be established if you set the parameters for Phase 1 according to one of the following tables ("Encryption parameter 1" to "Encryption parameter 4"). If you use other settings, you cannot establish a VPN tunnel to the modules listed. Table 10-41 Encryption parameter 1 WinCC Advanced V14 System Manual, 10/2016 Parameter Setting Authentication method Certificate DH group phase 1 Group 2 SA lifetime 1440 ... 2500000 minutes 841 Editing devices and networks 10.1 Configuring devices and networks Parameter Setting Encryption phase 1 AES-256 Authentication phase 1 SHA-1 Table 10-42 Encryption parameter 2 Parameter Setting Authentication method Certificate DH group phase 1 Group 2 SA lifetime 1440 ... 2500000 minutes Encryption phase 1 3DES-168 Authentication phase 1 SHA-1 Table 10-43 Encryption parameter 3 Parameter Setting Authentication method Certificate DH group phase 1 Group 2 SA lifetime 1440 ... 2500000 minutes Encryption phase 1 DES Authentication phase 1 MD5 Table 10-44 Encryption parameter 4 Parameter Setting Authentication method Pre-shared key DH group phase 1 Group 2 SA lifetime 1440 ... 2500000 minutes Encryption phase 1 3DES-168 Authentication phase 1 SHA1 Apart from the configured parameter settings, the initiator of the VPN connection also always sends the settings it supports to negotiate parameters to the partner module. It is therefore possible that the configured parameter settings differ from those with which the VPN connection is actually established. 842 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Additional restrictions for the SOFTNET Security Client For the SOFTNET security client, the following restrictions also apply: Table 10-45 Encryption parameters for the SOFTNET Security Client Parameter Setting / special feature Encryption phase 1 AES-256 possible only with Windows 7 SA lifetime phase 1 1440 to 2879 minutes SA lifetime type Must be selected identical for both phases Encryption phase 2 No AES 128 possible SA lifetime phase 2 60 to 2879 minutes Authentication phase 2 No MD5 possible Procedure after removing an active member from a VPN group If you remove an active node from an existing VPN group, this can still establish a connection to the group members even if you have downloaded the project to all members of the VPN group again. If you do not want the removed active node to be able to establish the connection any longer, renew the CA group certificate and download the project again to the members of the VPN group. The certificate can be renewed in the group properties of the VPN group or in the "CA" tab of Certificate Manager. Configuring internal network nodes Overview of configuring internal network nodes Module-specific function This function is available only for SCALANCE S612/S613/S623/S627-2M, CP x43-1 Adv. and CP 1628. Configuring internal network nodes Each security module must know the network nodes in the entire internal network to be able to recognize the authenticity of a frame. The security module must know both its own internal nodes as well as the internal nodes of the security modules in the same VPN group. This information is used on a security module to decide which data packet will be transferred in which tunnel. By adding a security module to a VPN group, the local internal nodes/subnets of the security module are automatically made known to the security module. To allow communication via the VPN tunnel with other subnets or nodes of another subnet (routed internal network; DMZ network when the VPN tunnel is on the external interface and vice versa), these subnets or nodes must be enabled for VPN tunnel communication in the configuration. WinCC Advanced V14 System Manual, 10/2016 843 Editing devices and networks 10.1 Configuring devices and networks SCALANCE S modules allow network nodes to be learned automatically or configured statically. The mode of the security module also decides the options available for learning internal network nodes. SCALANCE S in bridge mode In bridge mode, you can configure the internal IP/MAC nodes and the internal subnets or alternatively can allow automatic learning of internal nodes by the SCALANCE S. SCALANCE S in routing mode In routing mode there is no automatic learning mode available. Instead, enter entire subnets here that need to be released for tunnel communication. CP x43-1 Advanced and CP 1628 CP x43-1 Adv. Decide whether or not tunnel communication to the CP (Gbit interface) and/or to the internal subnet (PROFINET subnet) is permitted for VPN connection partners in routing mode (SCALANCE S / M). CP 1628 Enter the NDIS nodes you want to be reachable through the tunnel of VPN connection partners in routing mode (SCALANCE S / M). Automatic learning of internal network nodes Module-specific function SCALANCE S modules in bridge mode provide a learning mode with which the internal network nodes can be learned automatically during operation. For more detailed information, refer to subsection: Using the learning mode to learn internal nodes (Page 901) in the section "SCALANCE S". Configuring IP network nodes manually for SCALANCE S Module-specific function How to configure IP network nodes for SCALANCE S modules manually is explained in: Configuring IP network nodes manually (Page 902) in the section "SCALANCE S". Configuring MAC network nodes manually for SCALANCE S Module-specific function How to configure MAC network nodes for SCALANCE S modules manually is explained in Configuring MAC network nodes manually (Page 903) in the section "SCALANCE S". 844 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring internal subnets for SCALANCE S manually Module-specific function How to configure the internal subnets for SCALANCE S modules is explained in Configuring internal subnets manually (Page 903) in the section "SCALANCE S". Allow access to S7-300 / S7-400 CPs for VPN connection partners Module-specific function How to allow access to S7-300 / S7-400 CPs for VPN connection partners is explained in Allow access to S7-300 / S7-400 CPs for VPN connection partners (Page 927) in the section "Security for S7-300 /S7-400 /PC CPs". Configuring NDIS nodes for PC CPs that can be reached through the tunnel Module-specific function How you configure NDIS nodes for PC CPs that can be reached through the tunnel is explained in Configuring NDIS nodes manually for PC CPs that can be reached through the tunnel (Page 927) in the section "Security for S7-300 / S7-400 / PC CPs". Configuring module- and connection-specific VPN settings Requirement The module is a member of a VPN group. Module- and connection-specific settings With module- and connection-specific settings, you can configure specific VPN settings. Module-specific settings are configured specifically for a security module while connectionspecific settings are configured specifically for a security module in a certain VPN group. You can configure the following module-specific properties in the local security settings with the "VPN" entry: Dead peer detection Permission to initiate connection establishment Public address (IP address / FQDN) for communication via Internet gateways Nodes that need to be enabled for tunnel communication WinCC Advanced V14 System Manual, 10/2016 845 Editing devices and networks 10.1 Configuring devices and networks If you select a security module in the list of VPN groups in the "Network data" area, the following connection-specific VPN settings can be seen and can be configured: Permission to initiate connection establishment Partner modules to which tunnel connections exist Type of transferred packets Selection of the local interface of the selected security module that will serve as the tunnel endpoint Selection of the partner interface that will serve as the tunnel endpoint Dead peer detection (DPD) As default, DPD is enabled. When DPD is enabled, the modules exchange additional messages at selectable intervals if no communication occurs at these points in time. This means that it is possible to recognize whether the IPsec connection is still valid or possibly needs to be re-established. If there is no longer a connection, the security associations (SA) of phase 2 are terminated prematurely. If DPD is disabled, the SA is ended only after the SA lifetime has expired. For information on setting the SA lifetime, see section Group properties for selected VPN group (Page 838). Permission to initiate connection establishment You can restrict the permission for initiating the VPN connection establishment to certain modules in the VPN. 846 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The decisive factor for the setting of the parameter described is the assignment of the address for the gateway of the module you are configuring. If a static IP address is assigned, the module can be found by the partner. If the IP address is assigned dynamically and therefore changes constantly, the partner cannot establish a connection as things stand. Mode Meaning Start connection to partner (initiator/res ponder) (default) If this option is selected, the module is "active", in other words, it attempts to establish a connection to the partner with a fixed IP address. The reception of requests for VPN connection establishment is also possible. This option is recommended when you obtain a dynamic IP address from the provider for the gateway of the security module you are configuring. The partner is addressed using its configured WAN IP ad dress, its configured external module IP address or the configured DNS name. Wait for partner (responder) If this option is selected, the module is "passive", in other words, it waits for the partner to initiate the connection. This option is recommended when you have been assigned a static IP address by the provider for the gateway of the security module you are configuring. It means attempts to establish a connection can only be initiated by the partner. This partner can, for example, have a dynamic WAN IP address. Note Make sure that you do not set all the modules in a VPN group to "Wait for connection from remote VPN gateway" otherwise no connection is established. WAN IP address / FQDN - addresses of the modules and gateways in a VPN over Internet When operating a VPN with IPsec tunnel over the Internet, additional IP addresses are generally required for the Internet gateways such as DSL routers. The individual security or SCALANCE M modules must know the external IP addresses of the partner modules in the VPN. Note To use a WAN as an external public network, enter the IP address that you received from the provider as the external IP address, through which the security module is then reachable in the WAN (Internet). To allow the security module to send packets via the WAN, you need to enter your DSL router as "Standard router". If you use a DSL router as Internet gateway, the following ports (at least) must be opened on it as described in the relevant documentation: Port 500 (ISAKMP) Port 4500 (NAT-T) To allow this, in the module-specific VPN settings, you have the option of assigning an IP address as a "WAN IP address". When you download the module configuration, the group WinCC Advanced V14 System Manual, 10/2016 847 Editing devices and networks 10.1 Configuring devices and networks members are then informed of the WAN IP addresses of the partner modules. As an alternative to a WAN IP address, you can also enter an FQDN. Depending on the existing addresses, VPN endpoints are used as default according to the following priorities: 1. WAN address 2. FQDN of the primary dynamic DNS service 3. FQDN of the secondary dynamic DNS service 4. External IP address / DMZ IP address of the security module Note: After removing an existing WAN address, the external IP address / DMZ IP address is always used. In the interface selection of the connection-specific VPN settings, you yourself can decide which address the partner will be informed of. In these settings, you can also specify the interface to be used for communication by the nodes of a VPN group and the security module that is authorized to set up connections. 6HFXULW\0RGXO 6HFXULW\0RGXO :$1 WAN ,QWHUQHW*DWHZD\ ,QWHUQHW*DWHZD\ /$1 /$1 *356,QWHUQHW*DWHZD\ 6&$/$1&(0 /$1 Internal IP address - of a module External IP address - of a module IP address of an Internet gateway (for example, GPRS gateway) IP address (WAN IP address) of an Internet gateway (for example, DSL router) Configuring internal network nodes The configuration of internal network nodes is described in the following section: AUTOHOTSPOT 848 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also How to create an IPsec tunnel with VPN groups (Page 834) Configuring router and firewall redundancy Module-specific function This function is available only for SCALANCE S623/S627-2M as of V4, see section AUTOHOTSPOT. Online functions - diagnostics and logging Overview of diagnostics and logging in For test and monitoring purposes, the security module has diagnostic and logging functions. Diagnostic functions These include various system and status functions that you can use for an existing network connection to the security module. Logging functions This involves the logging of system and security events and data packets. Recording events with logging functions You select the events to be logged in the log settings for the relevant security module. You can configure the following variants for logging: Local logging In this variant, you log events in the local buffer of the security module. You can then access these logs, display them and archive them on the service station in the "Online & diagnostics" dialog. The evaluation of the buffer areas of the security module is only possible if there is a network connection to the selected security module. Network Syslog With Network Syslog, you use a Syslog server that exists in the network. This logs the events according to the configuration in the log settings for the relevant security module. Archiving log data and reading in from a file You can save the logged events for archiving in a log file and open this later even without a network connection to the security module. For more detailed information, refer to section AUTOHOTSPOT. WinCC Advanced V14 System Manual, 10/2016 849 Editing devices and networks 10.1 Configuring devices and networks Diagnostics in ghost mode (only for SCALANCE S S602 as of V3.1) When you operate the security module in ghost mode, the external interface of the security module takes over the IP address of the internal node at runtime. Before you can run diagnostics of a security module in ghost mode, you need to establish the connection to the security module via the IP address that the security module obtained from the internal node at runtime. To find out which IP address the security module currently has, you can search for accessible nodes in STEP 7 using the "Online" > "Accessible devices". Protecting exported log files from unauthorized access Log files exported from STEP 7 can contain security related information. You should therefore make sure that these files are protected from unauthorized access. This is particularly important when passing on the files. Function overview online dialog Functions of the "Online & diagnostics" dialog In STEP 7, the security module provides the following functions in the "Online & diagnostics" dialog: Entry in the online dialog Function Status Display of status information about the selected security module, such as the current IP addresses of the interfaces and the current time and date. Interface settings Overview of the settings of the individual interfaces. Dynamic DNS Overview of the settings for dynamic DNS. System log Display of logged system events, starting and stopping logging (only if there is an online connection to SCALANCE S modules) and starting and stopping the reading out of log data from the local buffer of the security module. Audit log Display of logged security events, starting and stopping reading out of log data from the local buffer of the security module. Packet filter log Display of logged data packets, starting and stopping logging (only if there is an online connection to SCALANCE S modules) and starting and stopping the reading out of log data from the local buffer of the security module. ARP table Display of the ARP table of the security module. Logged-on users Shows the users logged in to the Internet page for user-specific IP rule sets. Communications status Display of status information about VPN tunnel connections and members of VPN groups to which the selected security module belongs. Internal nodes Display of the learned or configured internal network nodes of the security module. Dynamically updated firewall rules Display of the IP addresses that were released dynamically over HTTP or HTTPS, or loaded by a user. Firewall blacklist Display of the IP addresses that were entered in the blacklist of the firewall. Ghost mode Dialog for the ghost mode of the SCALANCE S602 with information on the address parameters of the internal node (identical to the external IP address of the security module) and on IP address changes of the internal node. 850 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Entry in the online dialog Function Log files (offline view) System log Display of logged system events as well as starting and stopping the display. Audit log Display of logged security events as well as starting and stopping the display. Packet filter log Display of logged data packets as well as starting and stopping the display. Date and time of day Date and time setting. Firmware update Updating the firmware. Requirements for access The following requirements must be met to use the online functions of a security module: There is a network connection to the selected module The project with which the module was configured is open a user with the required rights must be logged in to the project For CPs the diagnostics access must be opened in the firewall (CP x43-1 and CP 1628: TCP 443; S7-1200/S7-1500 CPs: TCP 8448) Note Requirement for online diagnostics in ghost mode (only for SCALANCE S S602 as of V3.1) Online diagnostics is only available in ghost mode if the security module has learned the IP address of the internal node and has adopted this for its external interface. After this, the security module can be reached via the IP address of the external interface. How to access this function 1. Right-click on the module to process. 2. Select the "Online & diagnostics" command from the shortcut menu. 3. If there is no online connection established to the security module, click the "Connect online" button in the "Diagnostics" entry. Online settings are not saved in the configuration Settings that you make in online mode (for example settings for the logging memory) are not stored in the configuration on the security module. This is why the configuration settings are always applied at the restart of the module. WinCC Advanced V14 System Manual, 10/2016 851 Editing devices and networks 10.1 Configuring devices and networks Functions of the online diagnostics Status information of the security module - "Status" entry Meaning Display of the status of the security module selected in the project. Table 10-46 Online & diagnostics: - "Status" entry System and status functions Meaning Overview Hardware type The type of the security module. External IP address The external IP address of the security module. For S7-1200/S7-1500 CPs, CP 1628: The IP ad dress of the Industrial Ethernet interface. For CP x43-1 Adv.: The IP address of the Gbit interface. Internal IP address The internal IP address of the security module. For CP 1628: The IP address of the NDIS inter face. If there is more than one NDIS address, only one is displayed. For CP x43-1 Adv.: The IP address of the PROFI NET interface. DMZ IP address (SCALANCE S623 / S627-2M on The DMZ IP address of the security module. ly) Tunnel IP address (only SCALANCE S612/S623/ S627-2M as of V4) The first alias internal IP address of the security module in the VPN tunnel. Serial number The serial number of the security module. Order number The MLFB identifier of the security module that is used when ordering. Firmware version The firmware version of the security module. Operating mode Mode of the security module (bridge mode / rout ing mode) External MAC address The external MAC address of the security module. For S7-1200/S7-1500 CPs, CP 1628: The MAC address of the Industrial Ethernet interface. For CP x43-1 Adv.: The MAC address of the gig abit interface. Internal MAC address The internal MAC address of the security module. For CP 1628: The MAC address of the NDIS in terface. For CP x43-1 Adv.: The MAC address of the PRO FINET interface. 852 DMZ MAC address (SCALANCE S623 / S627-2M only) The DMZ MAC address of the security module Hardware release The hardware product version of the security mod ule. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks System and status functions Meaning C-PLUG Shows whether or not a C-PLUG is inserted. Alias IP addresses (only for SCALANCE S as of V4) IP address Alias IP address that was registered on an inter face of the security module by a NAT rule. Corresponding Interface Interface of the security module on which the alias IP address was registered. Local time Current time Date and time that is displayed on the security module. Format for "German" user interface language: dd.mm.yyyy (date) hh:mm:ss (time) Format for "English" user interface language: mm/dd/yyyy (date) hh:mm:ss AM/PM (time) Format for "French", "Italian" and "Spanish" user interface language: dd/mm/yyyy (date) hh:mm:ss (time) Format for "Chinese" user interface language: yyyy/mm/dd (date) hh:mm:ss Note (not for CPs) You set the local time on the SCALANCE S module in "Functions" > "Date and time". Operating time Time since the last restart of the security module. Format with the user interface language "German", "English", "French", "Italian", "Spanish" and "Chi nese": dddd.hh:mm:ss Time-of-day source The source from which the date and time are ob tained. Configuration Created Date and time when the project was first created. Format with the user interface language "Ger man", "English", "French", "Italian", "Spanish" and "Chinese": dd.mm.yyyy (date) hh:mm:ss (time) Name File name of the project last loaded. Author Name of the user who created the project. Is adopted from the project properties. Compiled Date and time when the project was last compiled. Format with the user interface language "Ger man", "English", "French", "Italian", "Spanish" and "Chinese": dd.mm.yyyy (date) hh:mm:ss (time) Storage location Specifies the location (e.g. town) that was entered in the properties of an SCT project. File system (not for CPs) RAM Flash WinCC Advanced V14 System Manual, 10/2016 Indicates how much RAM and flash is occupied in the file system. 853 Editing devices and networks 10.1 Configuring devices and networks Overview of the individual interfaces - "Interface settings" entry Module-specific function This function is available only for SCALANCE S V3 modules or higher, see section Overview of the individual interfaces - "Interface settings" entry (Page 909) Overview of the Dyn. DNS settings - "Dynamic DNS" entry Module-specific function This function is available only for SCALANCE S V3 modules or higher, see section Overview of the Dyn. DNS settings - "Dynamic DNS" entry (Page 910) Display of the ARP table - "ARP table" entry Module-specific function This function is available only for SCALANCE S V3 modules or higher, see section Display of the ARP table - "ARP table" entry (Page 912) Users logged in to the Web page - "Logged in users" entry Module-specific function This function is available only for SCALANCE S V3 modules or higher, see section Users logged in to the Web page - "Logged in users" entry (Page 912) VPN connections of the security module - "Communication status" entry Module-specific function This function is only available for SCALANCE S612/S613/S623/S627-2M, CP x43-1 Adv., CP 1243-1, CP 1543-1 V1.1, CP 1543SP-1, 1243-7 LTE, CP 1243-8 IRC and CP 1628. Meaning Display of the communication status of the following network components: Other security modules of the VPN group to which the selected security module belongs Internal network nodes of these security modules 854 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-47 Online & diagnostics: "Communication Status" entry System and status functions Meaning Known security devices or modules Display of the nodes with which the selected se curity module is in a VPN group. This also shows whether the tunnel status is active or passive. To obtain additional information on one of the nodes, select this in the list. Note: Configured, inactive tunnels are indicated for CPs only. Endpoints Display of information on the internal network no des of the security module that you selected in the "Known security devices or modules" table. For each internal network node, this shows whether it was learned or configured. It also shows the sub net in which the internal network node is located. With SCALANCE S modules, the subnet of net work nodes is only displayed in bridge mode. Tunnel properties Display of properties of the VPN tunnel establish ed to the security module that you selected in the "Known security devices or modules" table. Found internal network nodes - "Internal nodes" entry Module-specific function This function is available only for SCALANCE S612/S613/S623/S627-2M and CP x43-1 Adv. Meaning Display of all learned and configured network nodes. This also displays whether or not the learning mode of the security module is enabled. Updated firewall rules - "Dynamically updated firewall rules" entry Module-specific function This function is only available for CP x43-1 Adv, see section: AUTOHOTSPOTin the section "Security for S7-300 / S7-400 / PC CPs". See also Updated firewall rules - "Dynamically updated firewall rules" entry (Page 927) WinCC Advanced V14 System Manual, 10/2016 855 Editing devices and networks 10.1 Configuring devices and networks Display of the firewall blacklist - "Firewall blacklist" entry Module-specific function This function is available only for SCALANCE S V4 modules or higher, see section Display of the firewall blacklist - "Firewall blacklist" entry (Page 912). Setting the date and time - "Date and Time" entry Module-specific function This function is available only for SCALANCE S, see section Setting the date and time - "Date and time" entry (Page 913). Diagnostics in ghost mode - "Ghost mode" entry Module-specific function This function is available only for SCALANCE S602 as of V3.1, see section Diagnostics in ghost mode - "Ghost mode" entry (Page 913). Logging functions Logging system events - "System log" entry Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 443-1 OPC UA, CP 1243-1, CP 1243-1 PCC, CP 1243-7 LTE, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. Meaning Display of logged system events and starting and stopping reading system events from the local memory of the security module. 856 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The system log automatically logs successive system events, for example the start of a process. The logging can be scaled based on event classes. System and status functions Meaning Start/stop logging (not for CPs) Starts/stops recording of system events. The method and the event classes that are logged are configured in the local security settings. Start/stop reading Starts/stops reading of system events from the lo cal memory of the security module. If you select the "Save log file" check box, the recorded log data is also saved as file. Select the storage location and enter a file name. Note If you select the "Save log file" check box after starting reading, the data read out up to then can no longer be saved in a log file. Clear display Deletes the log data shown in the table. For more information on opening saved system events in log files, refer to section Evaluating system events in offline mode - "System log" entry (offline view) (Page 859). Logging security events - "Audit log" entry Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 443-1 OPC UA, CP 1243-1, CP 1243-1 PCC, CP 1243-7 LTE, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. Meaning Display of logged security events and starting and stopping reading of security events from the local memory of the security module. The audit log automatically logs successive security-relevant events. This includes, for example, user actions such as enabling and disabling packet logging. System and status functions Meaning Start/stop reading Starts/stops reading of security events from the local memory of the security module. If you select the "Save log file" check box, the recorded log data is also saved as file. Select the storage location and enter a file name. Note If you select the "Save log file" check box after starting reading, the data read out up to then can no longer be saved in a log file. Clear display Deletes the log data shown in the table. For more information on opening security events stored in log files, refer to section Evaluating security events in offline mode - "Audit log" entry (offline view) (Page 859). WinCC Advanced V14 System Manual, 10/2016 857 Editing devices and networks 10.1 Configuring devices and networks Logging data packets - "Packet filter log" entry Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 1243-1, CP 1243-1 PCC, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. Meaning Display of logged data packets and starting and stopping reading of packet filter events. The packet filter log records certain packets of the data traffic. Data packets are only logged if they match a configured packet filter rule (firewall) or to which the basic protection reacts (corrupt or invalid packets). This is only possible when logging is enabled for the packet filter rule. For information about activation of the logging, refer to section AUTOHOTSPOT. As well as reading the log data from the buffer and transferring it to the display, it can also be saved in a file for archiving. System and status functions Meaning Start/stop logging (not for CPs) Starts/stops logging of data packets. The method with which the data is logged is configured in the local security settings. Start/stop reading Starts/stops reading out of logged data packets from the local memory of the security module. If you select the "Save log file" check box, the recor ded log data is also saved as file. Select the stor age location and enter a file name. Note If you select the "Save log file" check box after starting reading, the data read out up to then can no longer be saved in a log file. Clear display Deletes the log data shown in the table. Log category Select the data packets for which the logging will be displayed. The selection depends on the set tings you configured offline in the local security settings. Only the data packets for which logging was enabled are logged. If you select a category for which logging was not enabled, no data will be logged for this category. For information on opening the stored packet filter log data, refer to section Evaluating packet filter events in offline mode - "Packet filter log" entry (offline view) (Page 860). 858 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Evaluating log files in offline mode Evaluating system events in offline mode - "System log" entry (offline view) Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 443-1 OPC UA, CP 1243-1, CP 1243-1 PCC, CP 1243-7 LTE, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. How to access this function 1. Right-click on the module to process. 2. Select the "Online & diagnostics" command from the shortcut menu. 3. Select "Diagnostics" > "Log files (offline view)" > "System log". Meaning Opens logged system events that you saved as a file in the online view. For more information, refer to chapter Logging system events - "System log" entry (Page 856). Evaluating security events in offline mode - "Audit log" entry (offline view) Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 443-1 OPC UA, CP 1243-1, CP 1243-1 PCC, CP 1243-7 LTE, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. How to access this function 1. Right-click on the module to process. 2. Select the "Online & diagnostics" command from the shortcut menu. 3. Select "Diagnostics" > "Log files (offline view)" > "Audit log". Meaning Opens logged security events that you saved as a file in the online view. For more detailed information, refer to section Logging security events - "Audit log" entry (Page 857). WinCC Advanced V14 System Manual, 10/2016 859 Editing devices and networks 10.1 Configuring devices and networks Evaluating packet filter events in offline mode - "Packet filter log" entry (offline view) Module-specific function This function is available only for SCALANCE S, CP x43-1 Adv., CP 1243-1, CP 1243-1 PCC, CP 1243-8 IRC, CP 1543-1, CP 1543SP-1 and CP 1628. How to access this function 1. Right-click on the module to process. 2. Select the "Online & diagnostics" command from the shortcut menu. 3. Select "Diagnostics" > "Log files (offline view)" > "Packet filter log". Meaning Opens logged data packets that you saved as a file in the online view. For more detailed information, refer to section Logging data packets - "Packet filter log" entry (Page 858). Download functions Special features when downloading security configurations Security configurations can influence the reachability of the security module for the configuration PC. This, for example, is the case if there is a tunnel connection configured for one security module to another security module in a configuration and this configuration is downloaded from the configuration PC to the security module. After the download by the configuration PC, the security module can no longer be reached and the reachability test performed as default by STEP 7 following the download of the configuration fails. The error message output by STEP 7 relates solely to the reachability test; the actual download of the configuration is ensured if the project data is consistent and the IP address relationship between the security module and the configuration PC is correct. Special features when downloading configurations and firmware to SCALANCE S modules are described in the following subsection of the section "SCALANCE S": AUTOHOTSPOT Uploading configurations to the engineering station Uploading a configuration from a SCALANCE S module or from the CP 1628 to an engineering station is not possible. Uploading a configuration from an S7 CP that supports security to an engineering station is also possible if security features were included in the configuration. Configured security functions are not, however, transferred to the engineering station. In the transferred configuration on the engineering station, the "Activate security features" check box is also deselected. 860 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SOFTNET Security Client Using the SOFTNET Security Client Area of application - access over VPN With the SOFTNET Security Client (SSC) PC software, secure remote access is possible from PGs/PCs to automation systems protected by a security module via public networks. You require SOFTNET Security Client V4.0 HF1 for S7-300/S7-400 CPs and for the PC CP 1628. These CPs are not approved for operation with SOFTNET Security Client V4.0. The SOFTNET Security Client has not been released for other CPs. With the SOFTNET Security Client, a PG/PC is configured automatically so that it can establish a secure IPsec tunnel communication in the VPN (Virtual Private Network) with one or more security modules. This IPsec tunnel communication makes it possible for PG/PC applications such as NCM diagnostics to securely access devices or networks that are located in an internal network protected by the security module. How does the SOFTNET Security Client work? The SOFTNET Security Client reads the configuration that was created by STEP 7 and, if necessary, determines from the file which certificates are to be imported. The CA certificate and the private key are imported when applicable and stored on the local PG/PC. Following this, security settings are made based on the data from the configuration so that applications can access IP addresses downstream from the security modules. If the learning mode is enabled for the internal nodes or programmable controllers, a security policy is first set for secure access to security modules. Then, the SOFTNET Security Client addresses the security modules in order to obtain the IP addresses of the relevant internal nodes. The SOFTNET Security Client enters these IP addresses in special filter lists belonging to this security policy. Applications can then communicate with the programmable controllers via VPN. Note Additional security measures when using the SOFTNET Security Client The SOFTNET Security Client provides a solution for secure communication with automation cells via VPN. For self-protection of the PC/PG and the corresponding automation cell, it is advisable to use additional measures such as a virus scanner and the Windows firewall. In Windows 7, the firewall of the operating system must be enabled so that VPN tunnel establishment works. WinCC Advanced V14 System Manual, 10/2016 861 Editing devices and networks 10.1 Configuring devices and networks Creating a configuration file in STEP 7 Configuring a SOFTNET Security Client module in the project The SOFTNET security client is created as a module in the project. In contrast to the other security modules, you do not need to configure any further properties. Assign the SSC module to the VPN group or groups at which an IPsec tunnel to the PG/PC is to be set up. Note Refer to the information on parameters in section Including security module in configured VPN group (Page 841). Note If you create several SOFTNET Security Clients within a group, no tunnels are set up between these clients but only from the relevant client to the security modules. Configuration files for the SOFTNET Security Client The interface between STEP 7 as configuration tool and the SOFTNET Security Client is controlled by configuration files. :RUNVWDWLRQ FRPSXWHU ([SRUWRIWKHFRQILJXUDWLRQIRU 62)71(76HFXULW\&OLHQWZLWK GDWDPHGLXP 62)71(7 6HFXULW\&OLHQW The configuration is stored in the file types "*.dat", "*.p12" and "*.cer". Procedure To generate the configuration files, perform the following steps in STEP 7: 1. In the "Devices & networks" view, select the "Topology view" or the "Network view" tab. 2. Insert a PC system of the type "SOFTNET Security Client" in the selected tab from the hardware catalog. 3. Assign the SOFTNET Security Client to the VPN groups in which the PG/PC will communicate over IPsec tunnels. 862 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Make sure that the "Generate SSC files" check box is selected under the "Configuration of the SOFTNET Security Client" entry in the local security settings of the SOFTNET Security Client. 5. Select the storage location for the configuration files. 6. Compile the configuration of the SOFTNET Security client to export the configuration file. 7. If you selected certificate as the authentication method, specify a password for the certificate of the VPN configuration. If you do not assign a password, the project name (not the project password) is used as the password. Result: Export of the configuration files is completed. 8. Adopt the files of the type *.dat, *.p12, *.cer on the PG/PC on which you want to operate the SOFTNET Security Client. Note Protecting exported configuration files from unauthorized access Configuration files for SOFTNET Security Client exported from STEP 7 can contain security related information. You should therefore make sure that these files are protected from unauthorized access. This is particularly important when passing on the files. SCALANCE S Replacing a security module Module-specific function This function is available only for SCALANCE S V3 modules or higher. Requirement To be able to replace security modules, their module descriptions must be up to date. To update the module description of security modules, follow the steps below: 1. Select the security module to be edited. 2. In the local security settings, click on the entry "General" > "Catalog information". 3. Click the "Update module description" button. How to access this function 1. Select the security module to be edited in the topology or network view. 2. Right-click on the security module and select the shortcut menu command "Change device...". Based on the following table, you can see which security modules you can replace without data loss and which could involve a possible data loss. WinCC Advanced V14 System Manual, 10/2016 863 Editing devices and networks 10.1 Configuring devices and networks Initial module Possible module replacement S602 V3 S602 V3.1 S602 V4 S612 V3 S612 V4 S623 V3 S623 V4 S623 V4.0.1 S627-2 M V4 S627-2 M V4.0.1 S602 V3 - x x x x x x x x x S602 V3.1 ! - x ! ! ! ! ! ! ! S602 V4 ! ! - ! ! ! ! ! ! ! S612 V3 ! ! ! - x x x x x x S612 V4 ! ! ! ! - ! x x x x S623 V3 ! ! ! ! ! - x x x x S623 V4 ! ! ! ! ! ! - x x x S623 V4.0.1 ! ! ! ! ! ! ! - ! x S627-2M V4 ! ! ! ! ! ! ! ! - x S627-2M V4.0.1 ! ! ! ! ! ! ! ! ! - x Without losses ! Possibly with losses - The module type and the firmware version are not changed. Configuring interfaces for SCALANCE S modules Overview Configuring the mode With the mode you specify how interface routing is handled (external/internal). The DMZ interface of the security module (SCALANCE S623/S627-2M only) is always connected in routing mode. For more detailed information, refer to the section Configuring IP address parameters (Page 867) 864 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring the interfaces If the external interface, the DMZ interface (SCALANCE S623/S627-2M only) or the tunnel interface (only SCALANCE S612/S623/S627-2M as of V4 in VPN group(s)) of a security module needs to be configured, it must be activated using the "Activate interface" check box. Set the IP address information for each interface and settings for the individual ports. The following options are available with which you can assign an IP address for the external interface and for the DMZ interface in the "General" entry (SCALANCE S623/S627-2M only): Static IP address with subnet mask. For more detailed information, refer to the section Configuring IP address parameters (Page 867) Address assignment using PPPoE. For more detailed information, refer to the section Configuring an Internet connection (Page 869) The internal interface and the tunnel interface can only be configured using a static IP address. If alias IP addresses were registered on the interfaces of the security module due to configuring NAT rules, these are displayed in the "Alias IP addresses" entry. Note External interface and DMZ interface as Internet access The simultaneous operation of PPPoE on the external interface and on the DMZ interface (dual ISP) is not possible. Point to Point Protocol over Ethernet (PPPoE) To allow Internet/WAN access directly via a DSL modem, the IP address on the external interface or on the DMZ interface is assigned using PPPoE. PPPoE is a dial-in protocol for obtaining IP addresses from an Internet service provider (ISP). SCALANCE S is operated here in routing mode. To use this IP address assignment mode, specify the ISP in the "PPPoE" entry. The IP address, the subnet mask, the standard router and the DNS server of the interface are specified by the ISP. Note A configured standard router is not taken into account when using PPPoE. This is assigned dynamically to the module by the ISP. Note No network components between SCALANCE S and DSL modem If the interface of a SCALANCE S module is operated using PPPoE, there must be no other network components between this interface and the connected DSL modem, otherwise the dial-in data of the Internet Service Provider may be transferred unencrypted over this link. When using the "CHAP" authentication protocol, the data is transferred encrypted. WinCC Advanced V14 System Manual, 10/2016 865 Editing devices and networks 10.1 Configuring devices and networks Configuring media modules In addition to the functions of the SCALANCE S623, the S627-2M has two media module slots in which an electrical or optical media module with two ports can be inserted. This expands both the external and internal interface by up to two ports. In routing mode, the additional ports of the security module can be used to link the external and internal interface to ring topologies. To integrate media modules in the SCALANCE S627-2M, select the security module and change to the device view. Then select the required media modules from the hardware catalog. For ports with the port type "Copper", you can set the transmission speed and the duplex method manually using the port mode. For ports with the port type "Optical", the port mode is fixed by the media module used or by the SFP transceiver used and cannot be adapted. You will find information on connecting the media module ports to MRP rings in the following section: AUTOHOTSPOT Setting the operating mode How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "Mode". Operating mode - possible selections You can change the operating mode in this dialog if the security module is not included in a VPN group. If the security module is in a VPN group, the mode cannot be changed. The selection applies to interface routing between the external and internal interface. The DMZ interface (SCALANCE S623 and S627-2M only) is always connected in routing mode. Bridge mode For operation in flat networks. External and internal interface are in the same IP subnet. For S623 / S627-2M: External and internal interface are in the same IP subnet, the DMZ interface is in a different IP subnet or is deactivated. Routing mode All interfaces are in different IP subnets. If you have activated the routing mode, you must configure an internal IP address and subnet mask for the internal interface of the security module. Note If you have enabled the routing mode for the SCALANCE S module, no MAC firewall rules can be defined. Ghost mode (only for SCALANCE S S602 as of V3.1) 866 In operation, the security module adopts the IP address of the node connected to the internal interface of the security module for the external interface. The IP address data speci fied for the external interface is only used for downloading the configuration prior to operation in ghost mode. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring IP address parameters Meaning Specify network parameters such as the IP address and subnet mask for the interface(s) of the security module. How to access this function 1. Select the module to be edited. 2. Select "External interface [P1] red" or "DMZ interface [P3] yellow" in the local security settings. The virtual tunnel interface can only be configured when the security module (only SCALANCE S612/S623/S627-2M as of V4) is in at least one VPN group, refer to the section "Meaning of the tunnel IP address". Note Configuration of the internal interface in routing mode If you have selected the "Routing" mode for the security module, you must also configure an internal IP address and subnet mask for the internal interface of the security module. You can access this function in the local security settings under "Internal interface [P2] green" > Ethernet addresses". 3. If applicable, enable the interface using the "Activate interface" check box. 4. Select the "Ethernet addresses" entry. 5. Complete the settings specified in the following table. Parameter Meaning IP address IP address for the external interface. The IP address consists of four decimal numbers from 0 to 255, with each number being separated by a period, for ex ample, 141.80.0.16. Subnet mask The subnet mask consists of four decimal numbers that are separated by period, for example, 255.255.0.0 Use router (not possible for the tunnel interface) Select this check box if you want to use a standard router and enter its IP address in the "Router address" input box. Note Networking the physical interfaces Network the physical interfaces of the security module with suitable subnets to avoid IP address conflicts. WinCC Advanced V14 System Manual, 10/2016 867 Editing devices and networks 10.1 Configuring devices and networks Meaning of the tunnel IP address If you use the function "NAT/NAPT in the VPN tunnel" for a SCALANCE S612/S623/S627-2M module as of V4, you need to assign a tunnel IP address for the security module. This ensures the reachability of the security module via the VPN tunnel and provides a configuration and diagnostics option. The configured tunnel IP address can be expanded with alias tunnel IP addresses using suitable NAT / NAPT rules. The subnet mask is fixed at 32 bits for the tunnel IP address and cannot be changed by the configuration. The tunnel IP address can only be configured if the security module is in at least one VPN group. You will find further information on address translation with NAT/NAPT in VPN tunnels in the following section: Address translation with NAT/NAPT in VPN tunnels (Page 894) Special features with a standard router If the IP assignment configured is via "PPPoE", a configured standard router is ignored because the standard route is always automatically via the PPPoE interface. If the address assignment configured is with "Static address" and if the security module is connected to the Internet via a DSL (NAPT) router, the DSL router must be entered as the standard router. For security modules in ghost mode (SCALANCE S602 as of V3.1 only), no standard routers can be configured since these are identified during runtime. Specific routes cannot be configured for security modules in ghost mode. Configuring port mode Meaning The port mode specifies the transmission speed and the duplex method. The same parameters should be set for the ports involved in communication. Configurable port modes For SCALANCE S V3 and higher, the following port modes can be configured for the permanently installed ports: Port mode Meaning Autonegotiation The transmission speed and the duplex setting are selected automatically. Note A transmission speed of 1000 Mbps and the autocrossing function are supported only if autonegotiation is selected. 10 Mbps, half and full duplex Transmission speed of 10 Mbps 100 Mbps, half and full duplex Transmission speed of 100 Mbps Deactivating a port is possible only for external ports and for the DMZ port of SCALANCE S623/ S627-2M. The port modes for media module ports are configured in the device view and are based on the range of functions of the media module in question. 868 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring an Internet connection Requirement The "PPPoE" entry is only displayed in the local security settings if the IP assignment method "PPPoE" is configured for one of the interfaces. How to access this function 1. Select the security module to be edited 2. In the local security settings, select the entry "PPPoE". Meaning In this entry, you make settings related to the Internet Service Provider (ISP) if a connection using PPPoE is set for one of the interfaces of the security module. Table 10-48 Settings for the ISP account Function Description Authentication protocol Select none or one of the following authentication protocols: PAP (Password Authentication Protocol) CHAP (Challenge Handshake Authentication Protocol) Note Both communications partners have to use the same authentication method otherwise no connec tion can be established. User name Enter the name for logging in with the ISP account. Password Enter the password for logging in with the ISP ac count. Repeat password Enter the password for logging in with the ISP ac count again. Table 10-49 Rules for user names and passwords Permitted characters The following characters from the ANSI X 3.4-1986 character set are permitted: 0123456789 A...Z a...z !#$%&()"*'+,-./:;<=>?@ [\]_{|}~^ WinCC Advanced V14 System Manual, 10/2016 Length of the user name 1 to 255 characters Length of the password 1 to 31 characters 869 Editing devices and networks 10.1 Configuring devices and networks Table 10-50 Settings for the connection Function Description Permanent connection Permanent Internet connection. After the connection has been terminated by the provider, the connection is automatically re stored even if there are currently no packets to be sent. On-demand connection The Internet connection is established automatically if packets need to be sent to the Internet. In this setting, delays in the sending of packets are possible. Maximum idle time (only with the setting "on-demand connection") If no packets are sent during a certain time, the Internet connec tion is automatically terminated. In the "Maximum idle time" box, enter the time in seconds after which the connection will be ter minated. Default setting: 300 Minimum value: 10 Maximum value: 3600 Forced disconnection (only with the Select the check box to be able to adapt the time of the forced "Permanent connection" setting) disconnection by the security module. Forced disconnection time (only with the "Permanent connection" setting) The provider terminates the Internet connection automatically af ter a certain period. If you enter a time of day in this box, the security module terminates the Internet connection itself at this time. This allows disconnection of the Internet connection by the provider to be delayed under certain circumstances. A self-initi ated forced disconnection is only possible with an existing per manent connection. Default setting: 00.00 Permitted entries: 00:00 ... 23:59 Configuring DNS and dynamic DNS Module-specific function DNS servers and FQDNs can be configured for SCALANCE S V3 or higher. The resolution of FQDNs by SCALANCE S modules is possible for SCALANCE S as of V4. DNS To address network notes using FQDNs the security module must know the IP address of a DNS server that converts the DNS queries to the corresponding IP addresses of the network nodes. Dynamic DNS With dynamic DNS, you can access a constantly changing IP address with a permanently defined name (FQDN). This is necessary, for example, if you want to access a server that can be reached via a public IP address that changes. The security module signals the current WAN IP address via which the security module can be reached to a provider for dynamic DNS (for example DynDNS.org, no-ip.com). The provider 870 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks makes sure that DNS queries sent to the FQDN of the security module are replied to with the current WAN IP address of the security module. Dynamic DNS is permitted on the following interfaces: External interface DMZ interface Setting up DNS - Follow the steps below: 1. Select the security module to be edited. 2. In the local security settings, select the entry "DNS". Option Meaning Obtain DNS server address automatically The address of the DNS server can be obtained automatically using PPPoE if the security module is connected to the Internet via a DSL modem. Can only be set for the external interface and the DMZ interface. Use the following DNS server address: Enter the address of the preferred and of the alter native DNS server manually. Setting up dynamic DNS - Requirements Requirement: An account has been created with a provides of dynamic DNS and an FQDN has been registered. Setting up dynamic DNS - Follow the steps below: 1. Select the security module to be edited. 2. Select the "Dynamic DNS" entry in the local security settings. WinCC Advanced V14 System Manual, 10/2016 871 Editing devices and networks 10.1 Configuring devices and networks 3. Activate the "Activate service" check box in the "Primary dynamic DNS service" area and make the following settings: Setting Meaning Ignore errors when checking the server certifi cate To ensure that the authentication data is protec ted, the certificate of the update server is checked as standard. If the certificate check fails, the HTTPS connection is terminated and the account data is not transferred. If you select the check box, the function is disabled, for ex ample if the server certificate of the dynamic DNS service is invalid (e.g. expired). You are ad vised not to ignore the check and not to select the check box. Provider Choose the provider with which you have set up an account for dynamic DNS. With the predefined providers (DynDNS.org and No-IP.com), the provider update URL and the check IP service URL are already completed. To use a different provider and/or to use an HTTP URL as the provider update URL, you need to set up a user-defined provider. User account with the provider Enter the user name that you specified when you created the account. Password with the provider Enter the password that you specified when you created the account. Maximum number of characters: 24 Maximum number of characters: 24 FQDN Enter the host name (e.g. mysecuritymodule) and the domain name (e.g. dyndns.org) that is registered with the provider separated by a peri od. The FQDN can function as a VPN endpoint and differ from the FQDN in the "VPN" entry. You can configure which VPN endpoint the VPN part ner is informed of in the connection-specific VPN settings. Maximum number of characters: 255 872 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Setting Meaning Monitor IP address change on DSL router If the security module is connected to the Internet via a DSL router, enabling this function activates the function of the Check IP service. The security module periodically sends queries to determine the current IP address of the DSL router and to detect an IP address change on the DSL router. The IP address specified in this way is sent to the provider with each change ID. Period Specify the interval at which the Check IP service is called. Default setting: 20 minutes Minimum value: 10 minutes Maximum value: 1440 minutes 4. In case the primary provider fails, create a second provider in the "Secondary dynamic DNS service" area (optional setting). Setting up a user-defined provider for dynamic DNS - Follow the steps below: Set up a user-defined provider if you are not registered with DynDNS.org or No-IP.com and/ or want to use an HTTP URL as the provider update URL. To do this, select the "User-defined" entry in the "Provider" drop-down list and make the following entries: Setting Meaning Provider update URL Enter the URL you received from your provider. The placeholder texts <FQDN> and <CurrentWanIP> need to be placed at the correct positions in the URL. Maximum number of characters: 127 Check IP service URL Enter the URL you received from your provider. Maximum number of characters: 127 Configuring LLDP Module-specific function This function is available only for SCALANCE S V4 modules or higher. Requirement The security module is in routing mode. WinCC Advanced V14 System Manual, 10/2016 873 Editing devices and networks 10.1 Configuring devices and networks Meaning LLDP (Link Layer Discovery Protocol) is a protocol used to discover network topologies. A device capable of LLDP can send information about itself to neighboring devices at regular intervals and at the same time receive information from neighboring devices. The received information is stored on every device with LLDP capability in an LLDP MIB file. Network management systems can access these LLDP MIB files using SNMP and therefore recreate the existing network topology. Configurable parameters The degree of activity of the security module in terms of LLDP can be configured under the "LLDP mode" entry of the relevant interface. Parameter Description Name Name of the port for which the setting is configured. LLDP mode Configured LLDP mode: RxTx: LLDP frames can be sent and received Off: No LLDP frames can be sent or received Media redundancy in ring topologies Media redundancy with MRP Module-specific function This function is available only for SCALANCE S627-2M modules. Meaning The term "media redundancy" groups together various methods for increasing availability in Industrial Ethernet networks in which devices can be reached over different paths. This might be achieved by meshing networks, arranging parallel transmission paths or by closing a linear bus topology to form a ring. Media redundancy method MRP Media redundancy within a ring topology is available with SIMATIC NET products among other things with the MRP method (Media Redundancy Protocol). With this method, one of the nodes is configured as the redundancy manager. The other nodes are redundancy clients. SCALANCE S627-2M modules can only adopt the role of an MRP client. Using test frames, the redundancy manager checks the ring to make sure it is not interrupted. The redundancy clients forward the test frames. If the test frames of the redundancy manager no longer arrive at the other ring port of the redundancy manager due to an interruption, the redundancy manager switches through its two ring ports and informs the redundancy clients of the change immediately. 874 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The time the SCALANCE X switches need to switch through their ring ports as redundancy manager is 200 ms. Note on the use of MRP MRP is supported in ring topologies with up to 100 devices. Exceeding this number of devices can lead to a loss of data traffic. It is recommended that you set the ring ports involved to full duplex and 100 Mbps. Otherwise there may be a loss of data traffic. Possible uses of MRP on media module ports MRP is supported only on the media module ports of the SCALANCE S627-2M. The following table shows the possible uses of MRP on the media module ports of a SCALANCE S627-2M: Ring ports Media module 1 MRP Client Media module 2 P4 P5 P6 P7 - - - - Ring 1 Ring 1 - - - - Ring 2 Ring 2 Ring 1 Ring 1 Ring 2 Ring 2 With two lower-layer rings per SCALANCE S module, layer 3 communication is possible between the rings. Configuring MRP for the security module Requirement The security module is in routing mode. Media modules are configured for the interfaces to be connected to MRP rings. The interfaces of the security module to be connected to rings are networked with the relevant ring managers. How to access this function 1. Select the security module to be edited. 2. In the settings of the required interface, select the "Media Redundancy" entry. WinCC Advanced V14 System Manual, 10/2016 875 Editing devices and networks 10.1 Configuring devices and networks Configurable parameters Parameter Meaning Possible selections MRP domain (only if the "MRP client" media redundancy role is selected) The members of an MRP ring are specified with the help of MRP domains. The same MRP domain must be selec ted for the interfaces of all modules to be connected to the same MRP ring. Display of the MRP domain used for the in terface. Media redundancy role Selection of the media redun Not a node in the ring dancy protocol or disabling of MRP Client media redundancy for the in terface. Ring port 1 (only when the media redundancy role "MRP client" is selected) Name of the first ring port of the selected interface if the media redundancy role "MRP client" was selected for it. - Ring port 2 (only when the media redundancy role "MRP client" is selected) Name of the second ring port of the selected interface if the media redundancy role "MRP client" was selected for it. - Domain settings Using the domain settings, you can add new MRP do mains, edit the names of ex isting MRP domains and de lete existing MRP domains. - Alternative media redundancy protocol Select this check box to ena Enable interface for other media ble the interface of the secur redundancy protocols ity module for other media re Disable interface for other media dundancy protocols. redundancy protocols (default setting) Passive listening Enable this check box if the Activate passive listening (default) selected interface will be con Deactivate passive listening nected to third-party net works in which STP/RSTP (Spanning Tree Protocol/ Rapid Spanning Tree Proto col) is used. Special features of the ghost mode Module-specific function This function is available only for SCALANCE S602 as of V3.1. 876 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Meaning In ghost mode, the security module has no IP address of its own, neither on the internal nor on the external interface. Instead, the security module obtains the IP address for its external interface during runtime from a node connected to the internal interface of the security module whose IP address parameters may be unknown at the time of configuration. It is possible to change an IP address of the internal node and a corresponding IP address at the external interface. Since the internal node is identified based on its MAC address, IP address changes are made only for the learned MAC address. No IP address is configured or obtained at the internal interface of the security module. As regards the MAC addresses, the security module replaces the MAC address of the internal node with the MAC address of the security module in all outgoing packets on the external interface (responses from the internal node). Activating ghost mode 1. Select the module to be edited. 2. In the local security settings, select the entry "Mode". 3. Select the "Ghost mode" option. Configurable module properties In ghost mode, the following module properties can be configured in the local security settings: External interface [P1] red Firewall Time-of-day synchronization Log settings SNMP Since no DNS servers can be configured in ghost mode, no FQDN resolution is possible. Requirement for identifying an internal node The security module can only obtain the IP address of the internal node if the internal node initiates data communication with a communications partner of the external network. In addition to this, the security module does not provide any server services while obtaining the IP address. The security module can only reply to queries from external after data packets have been sent to the security module by the internal node. WinCC Advanced V14 System Manual, 10/2016 877 Editing devices and networks 10.1 Configuring devices and networks Port assignment for incoming and outgoing data connections Since the external interface of the security module and the internal node have the same IP address, the network components must be addressed explicitly via the TCP/UDP ports. For this reason, the ports are either assigned to the security module or the internal node. The assignments of the ports to the relevant devices are shown in the following tables for incoming and outgoing data connections: Table 10-51 Port assignment for incoming connections (from external to security module) Service Port Protocol Comment Web services, configuration and diagnostics access 443 TCP The HTTPS port is perma nently activated for configura tion and diagnostics access using STEP 7 and cannot be changed. SNMP 161 TCP Once SNMP is activated in STEP 7, incoming SNMP queries are transmitted via UDP port 161. Transfer via TCP port 161 is also possible, for example, to be able to reach the internal node. UDP Note After activating SNMP, the SNMP port is permanently as signed to the security mod ule. If SNMP is not activated, the internal node can be ac cessed using SNMP with the aid of a firewall rule. Table 10-52 Port assignment for outgoing connections (from security module to external) Service Port Protocol Comment Syslog 514 UDP If the Syslog service is activa ted in STEP 7, Syslog mes sages are transferred via UDP port 514 by the security module. This port assign ment cannot be changed. NTP 123 UDP If NTP servers are used for time-of-day synchronization, NTP queries are transferred via UDP port 123. This port assignment cannot be changed. 878 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Recognizable IP addresses and subnet masks The security module only recognizes internal nodes with IP addresses in the network class ranges A, B or C. The subnet mask is identified by the security module based on the network class (refer to the table "Network classes and corresponding subnet masks"). To allow the subnet mask to be determined correctly, a standard router must be entered for the internal node. Nodes with IP addresses in the network classes D and E are rejected by the security module. Network class IP addresses Low limit Subnet mask High limit A 0.0.0.0 127.255.255.255 255.0.0.0 B 128.0.0.0 191.255.255.255 255.255.0.0 C 192.0.0.0 223.255.255.255 255.255.255.0 D 224.0.0.0 239.255.255.255 Rejected by the security mod ule E 240.0.0.0 255.255.255.255 Rejected by the security mod ule Configuration limits A maximum of one internal node is recognized by the security module. If several internal nodes exist, the security module reacts as follows: The first device the security module recognizes in the internal network obtains access to the external network segment if the firewall is suitably configured. The data traffic of any additional nodes in the internal network area is blocked in the outgoing direction at level 2 (MAC layer) based on the sender address. Loading configurations and diagnostics after commissioning After obtaining an IP address from the internal node, the security module has an IP address on the external interface that can differ from the IP address with which the security module was initially configured. To load a configuration or to run diagnostics, in STEP 7 you need to specify the IP address for the connection to the external interface that the security module obtained from the internal node during runtime. This is possible in the local security settings or directly in the "Advanced download" or "Connect online" dialogs. For more detailed information on establishing online connections, refer to the section: Downloading a configuration (Page 914) Routing information for hierarchical networks on the external interface If there are hierarchical networks with subnet transitions on the external interface of the security module, the security module needs to obtain the relevant routing information from the internal node. To achieve this, the internal node must respond to ICMP queries sent to it. Responding to ICMP broadcasts is not necessary. WinCC Advanced V14 System Manual, 10/2016 879 Editing devices and networks 10.1 Configuring devices and networks Authentication using a RADIUS server Overview Module-specific function This function is available only for SCALANCE S V4 modules or higher. Meaning RADIUS (Remote Authentication Dial-In User Service) is a protocol for authenticating users by servers on which user data can be stored centrally. The use of RADIUS servers can increase the protection of user names, assigned roles and passwords. 880 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Scenario for the use of RADIUS servers Authentication by RADIUS servers can be performed when activating user-specific IP rule sets. 5$',86VHUYHU 3*IRUDFFHVVWRDXWRPDWLRQFHOO ([WHUQDOQHWZRUN 6HFXULW\PRGXOH ,QWHUQDO$XWRPDWLRQFHOO 1 Entry of the user data on the Web page of the security module 2 Authentication by RADIUS server and activation of the user-specific IP rule set 3 Access to an automation cell The network setup shown above is simply an example. The RADIUS server can also be located in the internal network or in the DMZ network of the security module. For the configuration options described below, it is assumed that a RADIUS server is configured in STEP 7 and was assigned to the relevant security module. In addition to this, one user or role must be configured with the "RADIUS" authentication method. For more detailed information, refer to the following sections: Defining a RADIUS server (Page 883) Assigning a RADIUS server to a security module (Page 884) Create users (Page 766) Creating roles (Page 767) For general information on user-specific IP rule sets, refer to the following section: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 881 Editing devices and networks 10.1 Configuring devices and networks Configuration options To authenticate the user using a RADIUS server, there are two configuration options available: The user and the user's role are known on the security module, only the password management for the user is performed on the RADIUS server. The user and the password are configured on the RADIUS server. - A user with the "RADIUS" authentication method is configured. - The user is assigned to the user-specific IP rule set. Result: - When a user logs on to the Web page of the security module, the authentication query is forwarded to the RADIUS server. - The RADIUS server runs a password check and signals the result back to the security module. - If the password check is passed successfully, the user-specific IP rule set is activated. The role is known on the security module, user management is via the RADIUS server. The user and the password are configured on the RADIUS server. - A user-defined role or a system-defined role is assigned to the user-specific IP rule set. - Under the entry "RADIUS" > "RADIUS settings" in the local security settings of the security module, the check box "Allow RADIUS authentication of unconfigured users" and the check box "Filter ID is required for authentication" are enabled. Result: - When a user logs on to the Web page of the security module, the authentication and authorization query is forwarded to the RADIUS server. - The RADIUS server runs a password check and signals the result back to the security module. - Case a: If, in addition to this, the role name is configured on the RADIUS server: The RADIUS server returns the role name assigned to the user to the security module. - Case b: If the role name is not configured on the RADIUS server: The security module assigns the user the system-defined role "radius". - If the password check is passed successfully, the user-specific IP rule set is activated. Conventions for RADIUS servers The RADIUS servers can be in any network connected to the security module. A maximum of two RADIUS servers can be configured per security module. During operation only one of the RADIUS servers is active. When defining a RADIUS server, an FQDN can also be used instead of IP an address. A maximum of 25 characters can be used for the name of a RADIUS server. 882 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Defining a RADIUS server Meaning Before authentication by a RADIUS server is possible, this first needs to be stored in the STEP 7 project. Following this, you assign the defined RADIUS server to the security module for which the RADIUS server will handle user authentication. Procedure 1. In the global security settings, select the entry "RADIUS". Result: The previously created RADIUS servers are displayed under the selected entry. 2. Double-click on the "Add new RADIUS server" entry. Result: The created RADIUS server is displayed with an automatically assigned number below the entry "RADIUS". 3. Double-click on the created RADIUS server. Result: In the working area the assignment dialog for RADIUS servers is displayed. The selected RADIUS server is selected in the "RADIUS server" drop-down list. The required security modules can be assigned to this, see section Assigning a RADIUS server to a security module (Page 884). In the local security settings, the configurable properties of the RADIUS server are displayed. 4. Enter the following data in the "General" entry in the local security settings: Parameter Meaning Name Name of the RADIUS server. The name can consist of a maximum of 25 characters. The characters 0-9, a-z, A-Z, -._ can be used. A name must start with a letter and end with a letter or number. Before the `.' character only letters and numbers are permitted, after the `.' character only letters. Before the `_' or `-* character only let ters and numbers are permitted. IP address / FQDN IP address or FQDN of the RADIUS server. Port UDP port via which the RADIUS server can be reached. As default, authentication data is received at port 1812. Shared secret Entry of the password that will be used when transferring the logon data between the RADIUS server and security modules for encryption. The following characters from the ANSI X 3.4-1986 character set are permitted: 0123456789 A...Z a...z !#$%&()"*'+,-./:;<=>?@ [\]_{|}~^ Length of the shared secret: 1 to 32 characters Repeat shared secret Confirmation of the password Authentication method Display of the method used to check the user data. Only the "PAP" method (Password Authentication Protocol) is suppor ted. Comment Entry of freely selectable, optional comments. WinCC Advanced V14 System Manual, 10/2016 883 Editing devices and networks 10.1 Configuring devices and networks Result You have defined a RADIUS server and can now assign this to the required security modules. Note the descriptions in the section below: Assigning a RADIUS server to a security module (Page 884) Assigning a RADIUS server to a security module Requirement You have defined a RADIUS server. Procedure 1. Select the module to be edited. 2. Select the "RADIUS" entry in the local security settings. 3. Select the "Enable RADIUS authentication" check box. Note Changing the method of authentication with the Web server on the security module If RADIUS authentication is enabled on the security module, the method for authentication with the Web server is changed from "Digest Access Authentication" to "Basic Access Authentication". 4. In the "RADIUS timeout" input box, enter the maximum time in seconds that the security module will wait for a response from the RADIUS server. 5. In the "RADIUS repetitions" input box, enter the number of connection establishment attempts with the RADIUS server. 6. Select the "Allow RADIUS authentication of unconfigured users" check box if the userspecific IP rule to be activated was assigned a role instead of a user. 7. Select the "Filter ID is required for authentication" check box if the assigned role is a userdefined role. 8. Under the entry "RADIUS server", select the RADIUS server you want to assign to the security module from the "Name" drop-down list. As an alternative, you can assign security modules for which RADIUS authentication is enabled to RADIUS servers in the global security settings. You will find general information on authentication by the RADIUS server in the following section: AUTOHOTSPOT 884 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Setting up a firewall Local firewall rules for SCALANCE S modules Configuring a firewall with predefined firewall rules Configuring a firewall using predefined firewall rules How to access this function 1. Select the module to be edited. 2. Select the "Firewall" entry in the local security settings. Firewall enabled as default The "Enable firewall" check box is enabled by default. The firewall is therefore activated automatically and all access from external to the security module is blocked. By clicking the relevant check box, enable the firewall rules for the specific direction. Note Detailed firewall settings in advanced firewall mode In advanced firewall mode, you can restrict firewall rules to individual nodes. To change to advanced firewall mode, select the "Enable firewall in advanced mode" check box. For more detailed information about the advanced firewall mode, refer to the section Overview of local firewall rules (Page 801) Firewall configuration with VPN If the security module is in a VPN group, the "Tunnel communication only" check box is enabled as default. This means that only encrypted IPsec data transfer is permitted via the external interface or via the DMZ interface. Only HTTPS access to the module (TCP port 443) remains allowed untunneled. If you deselect the check box, tunneled communication and also the types of communication selected in the other boxes are permitted. Table 10-53 Available firewall rules and directions Service From in ternal to external From ex From internal ternal to to DMZ internal From DMZ to internal Enabled ports Meaning Allow IP communica tion x x x x - IP communication for the selected communication directions is al lowed. Allow S7 protocol x x x x TCP port 102 Communication of the nodes using the S7 protocol is allowed. WinCC Advanced V14 System Manual, 10/2016 885 Editing devices and networks 10.1 Configuring devices and networks Service From in ternal to external From ex From internal ternal to to DMZ internal x x Enabled ports Meaning TCP port 20 For file management and file ac cess between server and client. Allow FTP/ FTPS (ex plicit mode) x Allow HTTP x x x x TCP port 80 For communication with a Web server. Allow HTTPS x x x x TCP port 443 For secure communication with a Web server, for example, for Web diagnostics. Allow DNS x x x x TCP port 53 UDP port 53 Communication connection to a DNS server is allowed. TCP port 161/162 For monitoring nodes capable of SNMP. Allow SNMP x From DMZ to internal TCP port 21 x x x x UDP port 161/162 Allow SMTP x x x x TCP port 25 For sending e-mails via an SMTP server. Allow NTP x x x x UDP port 123 For synchronization of the time of day. Allow DHCP x x x x UDP port 67 Only in bridge mode Communication connection with a DHCP server is permitted. UDP port 68 Table 10-54 Logging Option Action when activated Log tunneled packets Only active if the security module is a member of a VPN group. All IP packets transferred via the tunnel are logged. Log blocked incoming packets All incoming IP packets that are discarded are logged. Log blocked outgoing packets All outgoing IP packets that are discarded are logged. You can view the logged packets at the "Packet filter log" entry in the "Online & Diagnostics" dialog. For more detailed information, refer to the section Logging data packets - "Packet filter log" entry (Page 858). Configuring a firewall with predefined MAC rules How to access this function 1. Select the module to be edited. 2. Select the "Firewall" entry in the local security settings. 886 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Firewall enabled as default The "Enable firewall" check box is enabled by default. The firewall is therefore activated automatically and all access from external to the security module is blocked. By clicking the relevant check box, enable the firewall rules for the specific direction. Note Detailed firewall settings in advanced firewall mode In advanced firewall mode, you can restrict firewall rules to individual nodes. To change to advanced firewall mode, select the "Enable firewall in advanced mode" check box. For more detailed information about the advanced firewall mode, refer to the section Overview of local firewall rules (Page 801). Firewall configuration with VPN If the security module is in a VPN group, the "Tunnel communication only" check box is enabled as default. If you deselect the check box, tunneled communication and also the types of communication selected in the other boxes are permitted. Available MAC rules and directions Service From internal to exter nal From external to inter Meaning nal Allow MAC communica tion x x MAC traffic for the selected communication di rections is allowed. Allow ISO protocol x x ISO traffic for the selected communication di rections is allowed. Allow SiClock x x SiClock time-of-day frames for the selected communication directions are allowed. Allow DCP x x DCP traffic for assignment of IP addresses is allowed for the selected communications direc tions. Table 10-55 Logging WinCC Advanced V14 System Manual, 10/2016 Option Action when activated Log tunneled packets Only active if the security module is a member of a VPN group. All MAC packets transferred via the tunnel are logged. Log blocked incoming packets All incoming MAC packets that are discarded are logged. Log blocked outgoing packets All outgoing MAC packets that are discarded are logged. 887 Editing devices and networks 10.1 Configuring devices and networks User-specific IP rule sets Overview Meaning Initially, individual or multiple users are assigned to user-specific IP rule sets. The user-specific IP rule sets are then assigned to individual or multiple security modules. This makes it possible, to allow user-specific access. If, for example all access to the networks downstream from a security module is blocked, certain nodes can be allowed for a user based on their IP addresses. This means that access is allowed for this user but access remains blocked for other users. User logon via the Internet The user can log in to the external interface or the DMZ interface via the Web page of the security module. If authentication is successful, the IP rule set defined for the user for the IP address of the device from which the login is made is enabled. The connection to the Web page of the security module is via HTTPS using the IP address of the connected port and taking into account the valid routing rules: Example: External interface: 192.168.10.1 Call up of the login page with: https://192.168.10.1/ Users can log on with every role as long as the user or the role is assigned to a user-specific firewall rule set. Options for authenticating the user Depending on the authentication method selected when the user who will log in to the security module was created, the authentication is handled by different instances: Authentication method "Password": Authentication is handled by the security module. Authentication method "RADIUS": Authentication is handled by a RADIUS server (SCALANCE S as of V4 only). Assignment of roles to user-specific IP rule sets On SCALANCE S modules as of V4, it is also possible to assign user-specific IP rule sets that are assigned to roles. This makes it possible to enable a group of users for access to certain IP addresses. If a RADIUS server is used for user authentication and a role is assigned to the user-specific IP rule set, users can also be authenticated by the RADIUS server although they are not configured on the security module. These users must be stored on the RADIUS server or on a separate database where they need to be assigned to the role assigned to the user-specific IP rule set in STEP 7. This procedure has the advantage that all user data is stored exclusively on the RADIUS server. 888 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You will find more information on authentication by the RADIUS server in the following section: AUTOHOTSPOT User-specific IP rule sets are used locally - conventions The same conventions as described in the following section apply: Global firewall rule sets - conventions (Page 781) Creating and assigning user-specific IP rule sets Creating user-specific IP rule sets 1. In the global security settings, select the entry "Firewall" > "User-specific IP rule sets" > "IP rule sets". 2. Double-click on the "Add new IP rule set" entry to create a user-specific IP rule set. Result: The created user-specific IP rule set is shown in the entry. 3. Double-click on the created user-specific IP rule set. Result: In the "Properties" > "General" tab of the Inspector window, the configurable properties of the user-specific IP rules set are displayed. 4. In the Inspector window, click on the "General" entry and enter the following data: - Name: Project-wide, unique name of the rule set. The name appears in the local rule list of the security module after the rule set is assigned. - Description (optional): Enter a description of the user-specific IP rule set. 5. Click on the "IP rules" entry and enter the firewall rules one after the other in the list. No IP address can be entered in the "Source IP address" box. This is entered automatically when the node logs on to the security module. The "Stateful" check box cannot be disabled for IP rules of user-specific IP rule sets Note the parameter description in the following sections: Defining IP packet filter rules (Page 802) Note the special features of firewall rules generated automatically by STEP 7 for NAT/NAPT rules: Relationship between NAT/NAPT router and user-specific firewall (Page 896) Assigning user-specific IP rule sets 1. Click on the "Users and roles" entry in the Inspector window. 2. In the "Available users and roles" area, select the users you want to assign to the userspecific rule set. WinCC Advanced V14 System Manual, 10/2016 889 Editing devices and networks 10.1 Configuring devices and networks 3. Click the "<<" button to assign the selected users or roles to the user-specific rule set. The assignment of roles to user-specific IP rule sets is possible only for SCALANCE S modules as of V4. 4. Assign the created user-specific IP rule set to the required security modules using the entry "Assign user-specific IP rule set" in the global security settings. For this, advanced firewall mode must be enabled for the security modules. Note Assignment of user-specific IP rule sets A security module can only be assigned one user-specific rule set per user. Due to the assignment, the right to log in to the security module is activated implicitly for all users and roles assigned to the IP rule set. Result The user-specific rule set is used by the assigned security modules as a local rule set and automatically appears in the local list of firewall rules. The user can log on with the security module. Authentication of the user is performed depending on the selected authentication method either by the security module or a RADIUS server. Range of values for the maximum session time The time after which the user is automatically logged out can be specified when creating or editing a user; the default is 30 minutes. On the Web page of the security module, the session time can be extended to the value assigned to the user. You will find more information creating users in the following section: Create users (Page 766) 890 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks IP packet filter directions SCALANCE S Meaning Possible selections for the communication directions "From" and "To" in the IP rules of the advanced firewall mode. The following directions are available Available options / ranges of values Security module From To S602 S61x S623 / S627-2M Internal External x x x Tunnel - x x Any - x x DMZ - - x Internal x x x Internal x x x Any - - x Tunnel - - x DMZ - - x Internal - x x External - x x DMZ - - x Internal - x x External - - x DMZ - - x Internal - - x External - - x Any - - x Tunnel - - x External Tunnel Any DMZ x = communication direction is configurable - = communication direction is not configurable MAC packet filter directions SCALANCE S Meaning Possible selections for the communication directions "From" and "To" in the MAC rules of the advanced firewall mode. WinCC Advanced V14 System Manual, 10/2016 891 Editing devices and networks 10.1 Configuring devices and networks The following directions are available Available options / ranges of values From To Internal External Tunnel Any Security module S602 S61x S623 / S627-2M External x x x Tunnel - x x Any - x x Internal x x x Any - - x Tunnel - - x Internal - x x External - x x Internal - x x External - - x x = communication direction is configurable - = communication direction is not configurable Adapting standard rules for IP services Requirement This function is available only in advanced firewall mode. How to access this function 1. Select the security module to be edited. 2. In the local security settings, select the entry "Firewall" > "Standard rules for IP services". Meaning of the advanced settings Parameter Meaning when activated Use advanced status options The permitted number of connections and firewall statuses per time unit is limited. If a network node exceeds this limit, its IP address is entered in the IP blacklist of the security module. The node can then no longer communicate via the security module. The IP blacklist of the security module can be viewed in online mode. Log all activated rules Packets that are allowed according to the default rules for IP services are logged. Enable ICMP test for interfaces Ping queries coming in on an interface of the security module can be forwarded to other interfaces. This means that, for example, ping queries can be made from the external network to the internal interface of the security module. 892 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Default firewall rules for SCALANCE S The following table lists the default firewall rules for SCALANCE S modules. In some cases, the firewall rules are only set if the relevant service is used by the security module (e.g. SNMP). Service Direction X1 interface (red) Interface rerouting outgoing - x - - HTTPS Interface X2 (green) Interface X3 Tunnel inter (yellow) (on face* (not for ly for S623, S602) S627-2M) x x* x x incoming - x - x ICMP pathfinder (only for SCA outgoing LANCE S S602 as of V3.1 in ghost mode) - x - - SNMP incoming x x x x Syslog outgoing x x x x NTP outgoing x x x x DNS outgoing x x x x HTTP outgoing x - x - x - x - x - x - - x x - ICMP VPN (IKE) VPN (NAT Traversal) BootP Server incoming BootP Client outgoing - x x - RADIUS outgoing x x x x CARP (only for SCALANCE S62x as of V4) outgoing x* x* - - Pfsync (only for SCALANCE S62x as of V4) outgoing - - x* - x enabled as default - disabled as default * cannot be adapted SCALANCE S module as router Specifying routes Meaning Specifies routes for addressing subnets that cannot be reached directly via the security module. WinCC Advanced V14 System Manual, 10/2016 893 Editing devices and networks 10.1 Configuring devices and networks How to access this function 1. Select the module to be edited. 2. In the local security settings, select the "Routing" entry. 3. Double-click "Add new" in the table to add a route. 4. Enter the following values: Parameter Function Example of a value Network ID Requests to nodes of the subnet with the network ID and the subnet mask specified here are forwarded to the subnet via the specified router IP address. 192.168.11.0 Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. The specified network ID must not be located in the same subnet as the IP address of the security module. Subnet mask The subnet mask determines the network structure. Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. 255.255.255.0 Router IP address IP address of the router that connects to the subnet. As an alternative, an FQDN can be entered for SCALANCE S modules as of V4. 192.168.10.2 The specified router IP address must be in the same subnet as the IP address of the security module. Activate rerouting (only for SCALANCE S as of V3) Select this check box if the frames of the entered route will enter and leave on the same interface of the security module (rerouting). Rerouting is only supported on the internal interface of the security module. Address translation with NAT/NAPT in VPN tunnels Module-specific function Address translation with NAT/NAPT in VPN tunnels is only available for SCALANCE S612/ S623/S627-2M modules as of V4. Meaning Address translations with NAT/NAPT can also be performed for communications relations established via a VPN tunnel. Requirements The following requirements apply generally to a SCALANCE S module that will perform an address translation with NAT/NAPT in a VPN tunnel: The SCALANCE S module is in a VPN group. The SCALANCE S module is in routing mode and/or the DMZ interface of the SCALANCE S module is activated. 894 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The tunnel interface is enabled. The advanced firewall mode is enabled. Supported address translation directions The address translation directions described in the following section are supported: NAT/NAPT routing (Page 817) Supported address translation actions With tunneled communications relations, the following address translation actions are supported: Destination NAT ("Redirect") Source NAT ("Masquerading") Source and Destination NAT ("1:1-NAT") NAPT ("Port forwarding") You will find basic information on these address translation actions in the following section: NAT/NAPT routing (Page 817) Supported VPN links In conjunction with NAT/NAPT, the following VPN links are supported: VPN link VPN link is initiated by Address translation is per formed by SCALANCE S (a) SCALANCE S (b) SCALANCE S (a) or SCA LANCE S (b) SCALANCE S (a) and/or SCALANCE S (b) SCALANCE S CP x43-1 Adv. / PC-CP SCALANCE S or CP x43-1 Adv. / PC-CP SCALANCE S SCALANCE S SCALANCE M SCALANCE M SCALANCE S and/or SCA LANCE M* SOFTNET Security Client SCALANCE S SOFTNET Security Client SCALANCE S * Only 1:1 NAT is supported. SCALANCE S modules of the type SCALANCE S623 V4 and SCALANCE S627-2M V4 that have a VPN endpoint on the external interface and on the DMZ interface can perform address translations on both interfaces at the same time. Address translation characteristics when involved in several VPN groups If a SCALANCE S module is a member of several VPN groups, the address translation rules configured for the tunnel interface of the SCALANCE S module apply for all VPN connections of this SCALANCE S module. Please note: Once you have configured a NAT address translation to or from the direction of the tunnel, only the IP addresses involved in the NAT address translation rules can be reached via the VPN tunnel. WinCC Advanced V14 System Manual, 10/2016 895 Editing devices and networks 10.1 Configuring devices and networks Relationship between NAT/NAPT router and user-specific firewall Module-specific function The configuration of NAT/NAPT rules in the user-specific firewall is only available for SCALANCE S modules as of V3. Meaning After creating NAT/NAPT rules, STEP 7 automatically generates a user-specific IP rule set in the user-specific firewall that enables communication in the configured address translation direction. You can then assign this user-specific IP rule set to individual or multiple users and/ or individual or multiple roles (only for SCALANCE S modules as of V4). The generated firewall rules can, if necessary, be moved and expanded (additional IP address, services, bandwidth). Firewall parameters generated by STEP 7 cannot be adapted. If the userspecific IP rule set is assigned to a security module with NAT/NAPT deactivated, the NAT/ NAPT rules from the user-specific firewall are also applied to this security module. Note The address translation actions "Source-NAT + Destination-NAT" and "Double-NAT" are not supported in conjunction with the user-specific firewall. How to access this function "NAT" or "NAPT" entry in the editor for user-specific IP rules sets, refer to the following section: Creating and assigning user-specific IP rule sets (Page 889) Supported address translation directions for the action "Source NAT" The action "Source NAT" can be performed in the following directions: External to DMZ DMZ to external No IP address can be entered in the "Source IP address" box. This is entered automatically when the node logs on to the security module. Supported address translation directions for the action "Destination NAT" The action "Destination NAT" can be performed in the following directions: External to internal External to DMZ DMZ to internal DMZ to external Tunnel to internal (only SCALANCE S612/S623/S627-2M as of V4) 896 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Tunnel to external (only SCALANCE S612/S623/S627-2M as of V4) Tunnel to DMZ (only SCALANCE S612/S623/S627-2M as of V4) Supported address translation directions for NAPT The address translation with NAPT can be performed in the following directions: External to internal External to DMZ DMZ to internal DMZ to external Tunnel to internal (only SCALANCE S612/S623/S627-2M as of V4) Tunnel to external (only SCALANCE S612/S623/S627-2M as of V4) Tunnel to DMZ (only SCALANCE S612/S623/S627-2M as of V4) NAT/NAPT address translation and corresponding user-specific IP rule sets In the firewall rules for user-specific IP rule sets generated based on NAT/NAPT rules, no IP address can be entered in the "Source IP address" box. This is entered automatically when the node logs on to the security module. The remaining properties generated locally for individual security modules are identical. Refer to the section Relationship between NAT/NAPT router and firewall (Page 823) Security module as DHCP server Overview DHCP server Overview You can operate the SCALANCE S module on the internal network and on the DMZ network as DHCP server (DHCP = Dynamic Host Configuration Protocol). This allows IP addresses to be assigned automatically to the devices connected to the internal network or the DMZ network. Simultaneous DHCP server operation on both interfaces is possible (SCALANCE S623/ S627-2M only). The IP addresses are either distributed dynamically from an address range you have specified or you can select a specific IP address and assign it to a particular device. If devices on the internal interface or on the DMZ interface should always be assigned the same IP address for firewall configuration, the address assignment must only be static based on the MAC address or based on the client ID. WinCC Advanced V14 System Manual, 10/2016 897 Editing devices and networks 10.1 Configuring devices and networks Requirements You configure the devices on the internal network or on the DMZ network so that they obtain the IP address from a DHCP server. Depending on the mode, the security module sends an IP address of the standard router to the nodes in the relevant subnet or you need to inform the nodes in the subnet of a router IP address. Router IP address will be transferred In the following situations, the DHCP protocol of the security module will inform the nodes of the router IP address: - The node is connected to the DMZ interface (SCALANCE S623/S627-2M only) In this case, the security module sends its own IP address as the router IP address. - The node is connected to the internal interface and the security module is configured for router mode In this case, the security module sends its own IP address as the router IP address. - The node is connected to the internal interface and the security module is not configured for router mode, there is, however, a standard router specified in the configuration of the security module. In this case, the security module transfers the IP address of the standard router as the router IP address. Router IP address will not be transferred In the following situations, enter the router IP address manually on the node: - The node is connected to the internal interface and the security module is not configured for router mode. There is also no standard router specified in the configuration of the security module. See also Configuring a DHCP server (Page 898) Configuring a DHCP server How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "DHCP server". 898 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Select the interface for which you want to make the DHCP settings. 4. Make the address assignment. You have the following configuration options: - Static address assignment Devices with a specific MAC address or client ID are assigned the specified IP addresses. You specify these addresses by entering the devices in the address list in the "Static address assignment" group box. - Dynamic address assignment Devices whose MAC address or whose client ID was not specified specifically, are assigned a random IP address from the specified address range. For this purpose, activate the "Dynamic IP address pool" check box. Set the address range in the "Dynamic IP address pool" input area. Note Dynamic address assignment - reaction after interrupting the power supply Please note that dynamically assigned IP addresses are not saved if the power supply is interrupted. On return of the power, you must therefore make sure that the nodes request an IP address again. You should therefore only use dynamic address assignment for the following nodes: Nodes that are used temporarily in the subnet (such as service devices). Nodes that have been assigned an IP address and send this as the "preferred address" the next time they request an address from the DHCP server (for example PC stations). For permanent nodes you should preferably use static address assignment by specifying a client ID or the MAC address. Consistency check - these rules must be adhered to Remember the following rules when making the entries. The IP addresses assigned in the address list in the "Static address assignments" group box must not be in the range of the dynamic IP addresses. IP addresses, MAC addresses and client IDs may only occur once in the "Static address assignment" table (related to the security module). For the statically assigned IP addresses, you must specify either the MAC address or the client ID (computer name). The client ID is a string with a maximum of 63 characters. Only the following characters may be used: a-z, A-Z, 0-9 and - (dash). Note In SIMATIC S7, a client ID can be assigned to the devices on the Ethernet interface to allow them to obtain an IP address using DHCP. With PCs, the procedure depends on the operating system being used; it is advisable to use the MAC address here for the assignment. For the statically assigned IP addresses, you must specify the IP address. WinCC Advanced V14 System Manual, 10/2016 899 Editing devices and networks 10.1 Configuring devices and networks The following IP addresses must not be in the range of the free IP address range (dynamic IP addresses): - All router IP addresses in the "Routing" entry - Syslog server - Standard router - Security module address(es) DHCP is supported by the security module on the interface to the internal subnet and on the interface to the DMZ network. The following additional requirements for IP addresses in the range of the dynamic address assignments result from this operational behavior of the security module: - Bridge mode The range must be within the network defined by the security module. - Routing mode The range must be within the internal subnet defined by the security module. Note The DMZ network always represents a separate subnet. When using DHCP on the DMZ interface, make sure that the free IP address range (dynamic IP addresses) is within the DMZ subnet. The free IP address range must be fully specified by entering the start address and the end address. This end address must be higher than the start address. The IP addresses you enter in the address list in the "Static address assignments" input area must be in the address range of the internal subnet or in the DMZ subnet of the security module. See also Running a consistency check (Page 759) Configuring proxy ARP Overview Proxy ARP allows routers to respond to ARP queries for hosts. The hosts are in networks separated by routers but use the same IP address range. If PC1 sends an ARP request to PC2, it receives an ARP response and the hardware address of the interface (MAC address of the port of the security module) on which the query was received from the security module located in between and not from PC2. The querying PC1 then sends its data to the security module that then forwards it to PC2. 900 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks How to access this function This function is only available for the internal interface of a security module that is a member of a VPN group and is in bridge mode. 1. Select the security module to be edited. 2. In the local security settings, select the entry "Proxy ARP". 3. If the security module is to respond to an ARP query from its own LAN as a substitute for the specific connection partner, enter the corresponding IP address. IPsec tunnel: Creating and assigning groups Configuring internal network nodes Using the learning mode to learn internal nodes Finding nodes for tunnel communication automatically One great advantage when configuring and operating tunnel communication is that SCALANCE S modules in bridge mode can find the nodes on the internal interface automatically. New nodes are detected by the security module during operation. The detected nodes are signaled to the security modules belonging to the same VPN group. This allows data exchange within the tunnels of a group in both directions at any time. Detectable nodes The following nodes are detected: Network nodes with IP capability Network nodes with IP capability are found when they transmit an ICMP response to the ICMP subnet broadcast. IP nodes downstream from routers can be found if the routers pass on ICMP broadcasts. ISO network nodes You can also teach-in network nodes without IP capability that can be addressed by means of ISO protocols. This is only possible if they reply to XID or TEST packets. TEST and XID (Exchange Identification) are auxiliary protocols for exchanging information on layer 2. By sending these packets with a broadcast address, these network nodes can be located. PROFINET nodes Using DCP (Discovery and basic Configuration Protocol), it is possible to find PROFINET nodes. Network nodes that do not meet these conditions must be configured manually. Subnets located on the other side of internal routers also need to be configured manually. WinCC Advanced V14 System Manual, 10/2016 901 Editing devices and networks 10.1 Configuring devices and networks How to access the function 1. Select the module. 2. In the local security settings, select the entry "VPN" > "Nodes". Enabling/disabling the learning mode The learning function is enabled in the configuration as default for every security module. Learning can also be disabled completely for SCALANCE S. In this case, you will need to configure all internal network nodes participating in the tunnel communication manually. When is it useful to disable the automatic learning mode? The default settings for the security module assume that internal networks are always secure; in other words, in a normal situation, no network node is connected to the internal network if it is not trustworthy. Disabling the learning mode can be useful if the internal network is static; in other words, when the number of internal nodes and their addresses do not change. If the learning mode is disabled, this reduces the load on the medium and the nodes in the internal network resulting from the learning packets. The performance of the security module is also slightly improved since it does not need to process the learning packets. Note: In the learning mode, all nodes in the internal network are detected. The information relating to VPN configuration limits relates only to nodes that communicate over VPN in the internal network. Note If more than 128 internal nodes are being operated, the permitted configuration limits are exceeded and an illegal operating status results. Due to the dynamics in the network traffic, this causes internal nodes that have already been learned to be replaced by new previously unknown internal nodes. See also Configuring internal subnets manually (Page 903) Configuring IP network nodes manually Meaning As an alternative to the learning mode that you enable using the "Enable learning of internal nodes" check box and that allows the security module to learn the internal network nodes dynamically, you can enter the network nodes to be learned manually in the "Internal IP nodes" entry and in doing so enable them for VPN tunnel communication. The MAC address of a network node can be specified as an option. 902 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement The security module is in bridge mode. The security module is a member of a VPN group. How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "VPN" > "Nodes" > "Internal IP nodes". Configuring MAC network nodes manually Meaning As an alternative to the learning mode that you enable using the "Enable learning of internal nodes" check box and that allows the security module to learn the internal network nodes dynamically, you can enter the network nodes to be learned manually in the "Internal MAC nodes" entry and in doing so enable them for VPN tunnel communication. Requirement The security module is in bridge mode. The security module is a member of a VPN group. How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "VPN" > "Nodes" > "Internal MAC nodes". Configuring internal subnets manually Requirement The security module is a member of a VPN group. How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "VPN" > "Nodes" > "Internal subnets". WinCC Advanced V14 System Manual, 10/2016 903 Editing devices and networks 10.1 Configuring devices and networks Security module in bridge mode - "Internal subnets" entry To be able to enable internal subnets for VPN tunnel communication manually, you need to enter the following address parameters: Parameter Function Example of a value Network ID Network ID of the subnet to be enabled for VPN tunnel communication. 192.168.11.0 Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. Must not be located in the same subnet as the IP ad dress of the security module. Subnet mask The subnet mask determines the network structure. Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. 255.255.255.0 Router IP address IP address of the router via which the subnet you are allowing is reached. 192.168.10.2 Must be located in the same subnet as the IP address of the security module. Security module in routing mode - "Subnets reachable through tunnel" entry In routing mode, entire subnets are always tunneled. To be able to enable internal subnets reachable via routers, the external subnet or the DMZ subnet for VPN tunnel communication manually, you need to enter the following address parameters: Parameter Function Example of a value Network ID Network ID of the subnet to be enabled for VPN tunnel communication. 192.168.11.0 Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. 904 Subnet mask The subnet mask determines the network structure. Based on the network ID, the router recognizes whether a destination address is inside or outside the subnet. Comment Entry of additional, optional comments. 255.255.255.0 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Router and firewall redundancy Overview Meaning Failures of the security modules SCALANCE S623 as of V4 and SCALANCE S627-2M as of V4 can be automatically compensated by routers and firewall redundancy during operation. To do this, group two security modules of the type SCALANCE S623 or SCALANCE S627-2M in a redundancy relationship by activating routers and firewall redundancy for both security modules. Following this, you decide which security module of the redundancy relationship is passive in normal mode (secondary module). You make this setting for the security module of the redundancy relationship that is active in normal operation (primary module). If the primary module fails during operation, the secondary module automatically adopts the function as firewall and (NAT/NAPT) router. To ensure the identical configuration of both security modules, these are connected together via their DMZ interfaces and their configurations are synchronized during operation. In this case, the DMZ interfaces of the security modules involved cannot be used for other purposes. Address redundancy In addition to their module IP addresses, the two security modules share a common IP address on the external and on the internal interface so that if one of the security modules fails, the IP addresses do not need to be changed. To do this, you need to configure an IP address for the external and for the internal interface of the redundancy relationship. Effects of redundancy relationships on security modules When you create redundancy relationships between security modules, some properties of these security modules are automatically adapted to establish compatibility with the redundancy relationship. The following properties are affected by this adaptation: Module property Effect on the module property Operating mode Where necessary, the mode is changed to the "Routing mode" option. Membership of VPN groups Where necessary, the security module is removed from VPN groups. Interface configuration Where necessary, the external interface and the DMZ inter face of the security module are enabled. Where necessary, the IP assignment method "Static address" is configured for all interfaces. WinCC Advanced V14 System Manual, 10/2016 905 Editing devices and networks 10.1 Configuring devices and networks Configuration of security modules in redundancy relationships After router and firewall redundancy have been enabled and the primary module of the redundancy relationship selected, some of the module properties are configured only using the primary module. The properties configured for the primary module then apply to the redundancy relationship and cannot be configured for the secondary module. The following properties can be configured for the redundancy relationship: Basic settings of the redundancy relationship (secondary module, network parameters) Firewall (standard rules for IP services are configured separately for the individual security modules). Routing NAT/NAPT routing (not 1:1 NAT) The values of the properties listed above are initially adopted from the primary module for the redundancy relationship. The settings listed below remain active for the individual security modules even after including them in a redundancy relationship. Configuring these properties for the primary module therefore has no effect on the secondary module. Interface configuration (disabling interfaces and changing the VIP assignment method "Static address" is not possible). Standard rules for IP services (firewall) DDNS Time-of-day synchronization Log settings SNMP RADIUS Note Loading a configuration on security modules of a redundancy relationship (only SCALANCE S623/S627-2M as of V4) The properties of a redundancy relationship configured for the primary module must be loaded both on the primary module and on the secondary module. To load the configuration, the physical IP address via which your engineering station can reach the security module must be used. The virtual IP addresses of the redundancy relationship cannot be used for loading. 906 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Configuring routing when using routers and firewall redundaancy In a redundancy relationship the only routing information that is synchronized between the primary and secondary module is that that was configured statically in the local security settings of the primary module in the "Routing" entry. Routing entries resulting dynamically due to using standard routers are not synchronized. When using routers and firewall redundancy it is therefore recommended that you configure all known routers statically. Creating redundancy relationships between security modules Requirement The security modules SCALANCE S623/S627-2M as of V4 are not assigned to any other redundancy relationship. Procedure 1. Select the security module that will be the active security module in normal operation (primary module). 2. In the local security settings, select the entry "Router and firewall redundancy". 3. Select the "Router and firewall redundancy" check box. 4. In the "Secondary module" drop-down list, select the security module that will be the passive security module in normal operation. Result: You have created a redundancy relationship between the security modules. Configuring redundancy relationships How to access this function 1. Select the primary module of the redundancy relationship. 2. In the local security settings, select the entry "Router and firewall redundancy". WinCC Advanced V14 System Manual, 10/2016 907 Editing devices and networks 10.1 Configuring devices and networks Configuring network parameters of the redundancy relationship Configurable parameter Meaning IP address IP address of the virtual external or internal interface of the redundancy relationship. The IP address must be located in the external or internal subnet of the primary module. Subnet mask Subnet mask of the virtual external or internal interface of the redundancy relationship MAC address (adaptable only for SCALANCE S623/ S627-2M as of V4.0.1) MAC address of the virtual external or internal interface of the redundancy relationship For general information on configuring network parameters, refer to the following section: Configuring IP address parameters (Page 867) Configuring the firewall IP packet filter rules for redundancy relationships are configured on the primary module. The communications directions "From external to internal" and "From internal to external" are available. For general information on configuring IP packet filter rules in advanced firewall mode, refer to the following section: Defining IP packet filter rules (Page 802) Configuring address translation with NAT/NAPT Address translation with NAT/NAPT for the redundancy relationship is configured on the primary module. For redundancy relationships, only Source NAT and NAPT can be configured. With Source NAT, source IP addresses in the internal subnet can only be replaced with the virtual external IP address of the redundancy relationship. No alias IP addresses can be registered on the external interface of the redundancy relationship. With NAPT, only the "External to internal" address translation direction can be configured. For general information on configuring address translations with NAT/NAPT, refer to the following section: Overview of NAT/NAPT (Page 815) Configuring routing Routes for the redundancy relationship are configured on the primary module. Standard routers must be specified in the "External interface [P1] red" or "Internal interface [P2] green" entry and must be identical per interface. For general information on configuring routing, refer to the following section: Specifying routes (Page 893) 908 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Online functions - diagnostics and logging Overview of the individual interfaces - "Interface settings" entry Meaning Table 10-56 Online diagnostics: "Interface settings" entry System and status functions Meaning Interfaces Table above: General overview of the interfaces of the security module. Table below: Information on the interface operated via PPPoE. Status: Indicates whether or not a connection was established to the Internet Service Provider (ISP). Current IP address: Current IP address of the interface Gateway: IP address of the gateway Primary dynamic DNS service: IP address of the primary dynamic DNS service Secondary dynamic DNS service: IP address of the secondary dynamic DNS service Error code (numeric): Error information if no connection could be established to the ISP. CARP (only SCALANCE S623/S627-2M as of V4) CARP interface: Display of the virtual CARP interface Physical interface: Physical interface on which the virtual CARP interface is operated (external / internal). Status: Displays which of the modules of the redundancy relationship is active. MAC address: MAC address of the virtual CARP interface Preferred: Displays which of the modules of the redundancy relationship is configured as the primary module. WinCC Advanced V14 System Manual, 10/2016 909 Editing devices and networks 10.1 Configuring devices and networks System and status functions Meaning Media redundancy (SCALANCE S627-2M only) Interface: Interface connected to the MRP ring. Protocol: Protocol used (MRP) Ring port 1: Name of the first media module port of the interface connected to the MRP ring. Ring port 2: Name of the second media module port of the interface connected to the MRP ring. Domain name: Name of the MRP domain. Discrepancy: Display whether the domain of the client differs from that of the redundancy manager. Domain UUID: UUID of the MRP domain. Media modules (SCALANCE S627-2M on Port: Port ID(s) of the media module port(s) ly) Name: Name of the media module MLFB: MLFB of the media module Revision: Version of the media module Discrepancy: Displays whether there are differences between the configuration data in STEP 7 and the media modules. Overview of the Dyn. DNS settings - "Dynamic DNS" entry Meaning Table 10-57 Online diagnostics: "Dynamic DNS" System and status functions Meaning Client status Indicates whether or not a connection was established to a dyn. DNS server. Current IP address WAN IP address via which the security module can currently be reached. Defined IP address IP address currently assigned to the FQDN. Current time The current time-of-day. Force update The security module obtains the current IP address of its Internet access and sends an update query to the configured update server(s). This publishes the current IP address on the Internet. The status is displayed in the primary or secondary dynamic DNS service fields. This means, for example that it is possible to check whether configured data such as the user name and password of the dynamic DNS account are correct. Cancel suspension Cancels the suspension (blocking of IP address updates from the dynamic DNS provider on the security module), for example after the dynamic DNS provider pass word has been corrected or an error has been eliminated. Primary and secondary dynamic DNS service FQDN Fully Qualified Domain Name registered with the provider. Server IP Address IP address of the update server used. Successful update Successful update in the dynamic DNS update service. Last update attempt Last update attempt for DynDNS update service. 910 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks System and status functions Meaning Last failed update Last update error in the dynamic DNS update service. Error code Error status of the last unsuccessful update attempt during a dynamic DNS update. What is the meaning of the messages? The messages of the last DDNS update attempt have the following meaning: Message Meaning Success DDNS_OK The update query was successful. Connection-related status messages DDNS_E_CON_UDP_SRV_RESOLV_ERR DDNS_E_CON_UDP_SRV_UNREACHABLE Security-related status messages (errors) DDNS_E_CERT_SUBJECT_INVALID DDNS_E_CERT_UNABLE_TO_GET_ISSUER_CERT DNS name of the update server unknown, FQDN cannot be resolved using the known DNS server. Update server unreachable ("Timeout"). The common name of the subject in the certificate does not match the domain name of the update server or its IP address. Issuer certificate not found. The certificate chain could not be followed back to the root CA because an issuer certificate was not found. The trust chain is incomplete. DDNS_E_CERT_SIGNATURE_INVALID The signature of a certificate could not be read or is in valid. DDNS_E_CERT_NO_TRUST A certificate in the trust chain is invalid, in other words: Not yet valid or ready expired V3 extensions invalid Critical V3 extension is not supported DDNS_E_CERT_DEPTH_ZERO_SELFSIGNED_CERT The update server has supplied a self-signed certificate and the certificate is not in the certificate store for trust worthy root CA certificates. DDNS_E_CERT_SELF_SIGNED_CERT_IN_CHAIN The certificate chain could be established using non trustworthy certificates but no suitable root CA certificate was found in the certificate store for trustworthy certifi cates. DDNS_E_CERT_CHAIN_TOO_LONG The certificate chain exceeds the maximum supported verification depth. DDNS_E_CERT_INVALID_CA A CA certificate is invalid, in other words expired, not yet valid or the V3 extensions are not suitable for the inten ded purpose (for example CA not set to TRUE for CA certificates). DDNS_E_CERT_KEYUSAGE_UNSUITED The V3 extensions key usage or extended key usage set in a certificate of the trust chain are not suitable for the use of the certificate. DDNS_E_CERT_EXTENSION_UNSUPPORTED A certificate in the trust chain used an extension marked as critical that is not supported. WinCC Advanced V14 System Manual, 10/2016 911 Editing devices and networks 10.1 Configuring devices and networks Message Meaning Agent-related status messages (errors) DDNS_E_AGT_BAD_AGENT The update request does not correspond to the structure required by cRSP, for example URL parameters missing. The update request was sent to an illegal URL on the update server. The configured update string contains errors. Display of the ARP table - "ARP table" entry Meaning Display of the ARP table of the security module. Table 10-58 Online diagnostics: "ARP table" tab System and status functions Meaning ARP table Display of the static (proxy ARP) and dynamic en tries of the ARP table on the security module. The "Publication type" tab specifies whether the entry is configured statically or learnt. Users logged in to the Web page - "Logged in users" entry Meaning Shows the users logged in to the Internet page for user-specific IP rule sets. System and status functions Meaning User name Name of the logged on user. Source IP address IP address with which the user logged on. Time remaining Remaining time before the user is automatically logged off. Maximum time of the session Configured total time of the session. Log off The selected user is logged off. Display of the firewall blacklist - "Firewall blacklist" entry Meaning Displays the IP addresses of nodes that have exceeded the permitted number of connections and firewall statuses per time unit. These nodes are entered in the IP blacklist of the firewall. 912 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The number of connections and firewall statuses per time unit is only limited if the "Use extended status options" check box is selected in the "Standard rules for IP services" entry in the local security settings. If you click the "Delete all" button, the displayed IP addresses are removed from the firewall blacklist of the security module. The IP addresses are also no longer displayed. Setting the date and time - "Date and time" entry How to access this function 1. Select the security module whose time and date you want to check or set. 2. Select the "Online & diagnostics" command from the shortcut menu. 3. In online diagnostics, select the "Functions" > "Date and time" entry. Setting the local time on the security module In this area, you can read out and set the time and date of the security module. When you click the "Apply" button, the security module is assigned the time and date currently entered in the "Date" and "Time" input boxes. Setting the local time on PC This area shows the current time and current date of the PC on which STEP 7 is installed. If you click the "Adopt for module" button, the security module is assigned the current time and current date of the PC. Diagnostics in ghost mode - "Ghost mode" entry Module-specific function This function is available only for SCALANCE S602 as of V3.1. Meaning Display of address information as well as information on IP address changes of the internal node. System and status functions Meaning Status of SCALANCE S602 Display of the status of the security module in relation to op eration in ghost mode. IP address IP address of the internal node (identical to the external IP address of the security module). Subnet mask Subnet mask of the security module. MAC address MAC address of the internal node. WinCC Advanced V14 System Manual, 10/2016 913 Editing devices and networks 10.1 Configuring devices and networks System and status functions Meaning Node found on Displays when the internal node was recognized by the se curity module or when an IP address change was made on the internal node. Number of IP address changes Number of IP address changes detected by the security mod ule. IP address IP address in the external network for which the security mod ule requires route information. Standard router Standard router for the IP address in the external network. Download functions Downloading a configuration Downloading the configuration / establishing an online connection 1. From the "PG/PC interface" drop-down list of the "Advanced download" dialog or "Connect online", select the network adapter via which you can reach the module. 2. If the module is in the factory settings status, follow the steps below: - From the "Connection to interface/subnet" drop-down list, with which your engineering station is connected and for which the IP address to be assigned is configured in the local security settings. - Select the "Show all compatible nodes" check box. - Click the "Start search" button. - Result: The module is displayed in the "Compatible devices in target subnet" table with its detected MAC address. - Select the module entry in the table and click the "Assign IP address" button. - Result: The module is assigned the IP address configured in the local security settings for the selected interface. 3. If the module is not in the factory settings status, follow the steps below: - From the "Connection with interface/subnet", select the interface / the FQDN address / WAN address of the module via which your engineering station can reach the module. STEP 7 then uses the address configured in the local security settings for the selected component for access to the module. - If you select the entry "Show devices with the same address" in the "Compatible devices in target subnet" drop-down list, all devices with an address corresponding to that of the selected component are shown. If you select the entry "Show all compatible devices", the devices whose module type matches that of the selected module are shown. - Click the "Start search" button. - Result: The "Address" column of the "Compatible devices in the target subnet" displays the detected IP address / FQDN address of the module. - Select the address entry in the table and click the "Load" or "Go online" button. 914 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Ideally, you should configure the modules of a group via the common external network of these modules (interface X1). If the engineering station is located in an internal network, you will need to enable the IP addresses of the other modules of the group explicitly in the firewall of this SCALANCE S and configure this module first. Note Downloading the configuration when operating in ghost mode (only SCALANCE S602 as of V3.1) When you operate the security module in ghost mode, the external interface of the security module takes over the IP address of the internal node at runtime. Before you can download a new configuration via the external interface to the security module, you need to specify the IP address for downloading a configuration that the security module obtained from the internal node during runtime. To find out the current IP address of the security module, you can search for reachable nodes in STEP 7 with the menu command "Online" > "Accessible devices". Note Loading a configuration on security modules of a redundancy relationship (only SCALANCE S623/S627-2M as of V4) The properties of a redundancy relationship configured for the primary module must be loaded both on the primary module and on the secondary module. To load the configuration, the physical IP address via which your engineering station can reach the security module must be used. The virtual IP addresses of the redundancy relationship cannot be used for loading. Specifying a different address In the "Compatible devices in target subnet" dialog area, you have the option of specifying an IP address / an FQDN address that differs from the IP address / FQDN address in the local security settings. To do this, enter the IP address / FQDN address of the module in the editable cell in the "Address" table column. Firmware version The configuration of a SCALANCE S module can also be downloaded to a SCALANCE S module whose firmware version is higher than the firmware version of the SCALANCE S module in STEP 7. WinCC Advanced V14 System Manual, 10/2016 915 Editing devices and networks 10.1 Configuring devices and networks Operating mode Configurations can be downloaded while the SCALANCE S modules are operating. Restart the SCALANCE S module to activate your configuration changes. Note Special characteristics As long as a module has not yet set IP parameters (in other words, prior to the first configuration), there must be no router between the module and the configuration computer. If you swap a PC from the internal to the external interface of the SCALANCE S, access from this PC to the SCALANCE S is blocked for approximately 20 minutes. Configuration status Prior to each download, the existing configuration on the security module is checked and compared with the configuration to be downloaded from the STEP 7 project. If the configuration of the module originates from the STEP 7 project currently to be downloaded and there are differences between these configurations, it is possible to download only files with differences between the module and project configuration to the security module. In some situations, this can speed up the download. Transferring firmware This needs to be taken into consideration before transferring new firmware To transfer new firmware to a security module, the following conditions must be met: You have the rights required to transfer firmware; refer to section AUTOHOTSPOT. The security module is configured with an IP address. The transfer is secure The firmware is transferred over a secure connection and can therefore also be transferred from the unprotected network. The firmware itself is signed and encrypted. This ensures that only authentic firmware can be downloaded to the SCALANCE S module. Restart necessary following transfer Newly downloaded firmware only becomes active after the SCALANCE S module has been restarted. If the transfer is disturbed and aborted, the module starts up again with the old firmware version. 916 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Security for S7-300 /S7-400 / PC CPs Setting up a firewall Local firewall rules for S7-300 /S7-400 / PC CPs Overview S7-300 CPs / S7-400 CPs /PC CPs Enabling packet filter rules If you enable the security function for the CPs in the local security settings, initially all access to and via the CP is permitted. To enable individual packet filter rules, select the "Activate firewall" check box. Then enable the required services. Firewall rules created automatically due to a connection configuration have priority over rules set manually. Note Detailed firewall settings in advanced firewall mode In advanced firewall mode, you can restrict firewall rules to individual nodes. To change to advanced firewall mode, select the "Activate firewall in advanced mode" check box. Firewall configuration with VPN If the security module is added to a VPN group, the firewall is enabled by default. In addition, the "Tunnel communication only" check box is enabled. This means that only encrypted IPsec data transfer is permitted via the external interface. External data traffic is blocked. If you deselect the check box, tunneled communication and also the types of communication selected in the other boxes are permitted. Updating connection rules Changes to the connection configuration of CPs also change the connection-related firewall rules. To display the modified firewall rules, click the "Update connection rules" button. The modified firewall rules are then displayed in advanced firewall mode. Configuring a firewall with predefined firewall rules - CP x43-1 Advanced Configuring a firewall with predefined IP rules - CP x43-1 Advanced How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "Firewall" > "Predefined IP rules". WinCC Advanced V14 System Manual, 10/2016 917 Editing devices and networks 10.1 Configuring devices and networks Table 10-59 Available services and directions Service From station/ External to internal to ex internal ternal From external to station Enabled ports Meaning Allow IP communica tion x x x All IP traffic for the selected communication directions is allowed. Allow S7 proto col x x x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow FTP/ FTPS (explicit mode) x x x TCP port 20 TCP port 21 For file management and file access be tween server and client. Allow HTTP x x x TCP port 80 For communication with a Web server. Allow HTTPS x x x TCP port 443 For secure communication with a Web server, for example, for Web diagnostics. Allow DNS x x - TCP port 53 Communication connection to a DNS serv er is allowed. UDP port 53 Allow SNMP x x x TCP port 161/162 For monitoring nodes capable of SNMP. UDP port 161/162 Allow SMTP x x - TCP port 25 For sending e-mails via an SMTP server. Allow NTP x x - UDP port 123 For synchronization of the time of day. Table 10-60 Logging Option Action when activated IP log settings Log tunneled packets Log blocked incoming packets Only active if the security module is a member of a VPN group. All IP packets transferred via the tunnel are logged. Relevant firewall rule Action From To Allow Station Tunnel Allow Tunnel Station External Station All incoming IP packets that are dis Drop carded are logged. Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. 918 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring a firewall with predefined MAC rules - CP x43-1 Advanced How to access this function 1. Select the module to be edited. 2. Select the entry "Firewall" > "Predefined MAC rules". Table 10-61 Available services and directions Service From station to external From external to sta Meaning tion Allow MAC communica tion x x The MAC traffic from station to external and vice versa is allowed. Allow ISO protocol x x The ISO traffic from station to external and vice versa is allowed. Table 10-62 Logging Option Action when activated MAC log settings Relevant firewall rule Action From To Only active if the secur Allow ity module is a member Allow of a VPN group. All MAC packets transfer red via the tunnel are logged. Station Tunnel Tunnel Station Log blocked incoming packets All incoming MAC Drop packets that are discar ded are logged. External Station Log blocked outgoing packets All outgoing MAC pack Drop ets that are discarded are logged. Station External Log tunneled packets Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. WinCC Advanced V14 System Manual, 10/2016 919 Editing devices and networks 10.1 Configuring devices and networks Configuring a firewall with predefined firewall rules - CP 1628 Configuring a firewall with predefined IP rules - CP 1628 How to access this function 1. Select the module to be edited. 2. Select the "Security" > "Firewall" > "Predefined IP rules" entry. Table 10-63 Available services and directions Service From external to station Enabled ports Meaning Allow IP communication x All IP traffic from external to station is al lowed. Allow S7 protocol x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow FTP/FTPS (explicit mode) x TCP port 20 TCP port 21 For file management and file access between server and client. Allow HTTP x TCP port 80 For communication with a Web server. Allow HTTPS x TCP port 443 For secure communication with a Web server, for example, for Web diagnos tics. Allow DNS x TCP port 53 Communication connection to a DNS server is allowed. Allow SNMP x UDP port 53 TCP port 161/162 UDP port 161/162 For monitoring nodes capable of SNMP. Allow SMTP x TCP port 25 For sending e-mails via an SMTP serv er. Allow NTP x UDP port 123 For synchronization of the time of day. Table 10-64 Logging Option Action when activated IP log settings Log tunneled packets Log blocked incoming packets 920 Relevant firewall rule Action From To Only active if the security module is a member of a VPN group. All IP packets transferred via the tunnel are logged. Allow Station Tunnel Allow Tunnel Station All incoming IP packets that are discarded are logged. Drop External Station WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. Configuring a firewall with predefined MAC rules - CP 1628 How to access this function 1. Select the module to be edited. 2. Select the entry "Security" > "Firewall" > "MAC rules". Table 10-65 Available services and directions Service From station to exter From external to sta Meaning nal tion Allow MAC level communication x x The MAC traffic from external to the sta tion and vice versa is allowed. Allow ISO communication x x ISO traffic from external to the station and vice versa is allowed. Allow SiClock x x SiClock time-of-day frames from external to the station and vice versa are allowed. Table 10-66 Logging Option Action when activated MAC log settings Log tunneled packets WinCC Advanced V14 System Manual, 10/2016 Only active if the security module is a member of a VPN group. All MAC packets transferred via the tunnel are logged. Relevant firewall rule Action From To Allow Station Tunnel Allow Tunnel Station Log blocked incoming packets All incoming MAC packets Drop that are discarded are logged. External Station Log blocked outgoing packets All outgoing MAC packets Drop that are discarded are logged. Station External 921 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. IP packet filter directions S7-300-/S7-400-/PC-CPs Meaning Possible selections for the communication directions "From" and "To" in the IP rules of the advanced firewall mode. The following directions are available Available options / ranges of values From Internal External Station Tunnel Any To Security module Meaning CP x43-1 Adv. CP 1628 Station x - Access from the internal network to the station. Any x - Access from internal to the external network, VPN tunnel partner and the station. Station x x Access from the external network to the station. Any x - Access from external to the internal network and the station. Internal x - Access from the station to the internal network. External x x Access from the station to the external network. Tunnel x x Access from the station to the VPN tunnel partner. Station x x Access via the VPN tunnel partner to the station. Any x - Access from VPN tunnel partners to the internal network and the station. External x - Access from the internal network and the station to the external network. MAC packet filter directions S7-300-/S7-400-/PC-CPs Context Possible selections for the communication directions "From" and "To" in the MAC rules of the advanced firewall mode. 922 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following directions are available Available options / ranges of values From To External Station Tunnel Security module Meaning CP x43-1 Adv. CP 1628 Station x x Access from the external network to the station. External x x Access from the station to the external network. Tunnel x x Access from the station to the VPN tunnel part ner. Station x x Access via the VPN tunnel partner to the sta tion. Configuring the access list Module-specific function This function is not available for the CP 1628. Meaning You set access protection for certain IP addresses using the IP access lists. List entries that have already been created and the corresponding rights are displayed in the local settings of the CP in the entry "Firewall" > "IP rules" (advanced firewall mode). Note Changed behavior after activation of security Once you have activated the security function for a CP, access protection will only apply to the external interface. You can apply access protection to the internal interface as well, by configuring suitable firewall rules in advanced firewall mode. The CP also responds to ARP requests from IP addresses that have not been released (layer 2). If the IP access list of a CP contains no entries and you activate security for the CP, the firewall will be activated and prevent access to the CP from external locations. Configure the corresponding firewall rules in advanced firewall mode so that the CP can be reached. Effect of IP access list entries at activation of security If security is enabled in the local settings of a CP, the corresponding rules are created in the advanced firewall mode. A firewall rule "Allow" > "External" > "Station" is created for an IP address you specified in the address list. The IP address from the IP access list is used accordingly as source IP address. IP addresses from a defined IP address range are also integrated into corresponding firewall rules. WinCC Advanced V14 System Manual, 10/2016 923 Editing devices and networks 10.1 Configuring devices and networks Requirements for editing Before you can edit created firewall rules, the following condition must be met: for editing using STEP 7: "Configure security" configuration right for editing using a Web server: Module right "Web: Expand IP access control list" The requirements for editing the IP access lists outside the local security settings are described in the sections on the specific CPs. Connection-related automatic firewall rules Meaning For connections that were configured using CPs, STEP 7 automatically creates firewall rules that allow communication with the partner of the CP in the specified direction (CP active/ passive). The connection establishment directions are taken into account. To display these firewall rules, if the advanced firewall mode is enabled, the "Update connection rules" button needs to be clicked. The firewall rules are then displayed in advanced firewall mode. Note Releasing UDP multicast connections manually No automatic firewall rules are created for UDP multicast connections. To enable the connections, add the relevant firewall rules manually in advanced firewall mode. Depending on how the connection establishment is configured, the following level 3 firewall rules are created. If the security module is in a VPN group, the direction "External" changes to "Tunnel". This applies only to CPs that support VPN. The IP address of the connection partner is entered in the "Source IP address" or "Destination IP address" column of these firewall rules. CP->external Action From To active Allow Station External Drop External Station Drop Station External Allow External Station Allow External Station Allow Station External CP->internal Action From To active Allow Station Internal Drop Internal Station Drop Station Internal Allow Internal Station Allow Internal Station Allow Station Internal passive active and passive passive active and passive 924 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks For level 2 connections, "Allow" rules are created for both directions. If the security module is in a VPN group, the direction "External" changes to "Tunnel". The MAC address of the connection partner is entered in the "Source MAC address" or "Destination MAC address" column of these firewall rules. CP->external Action From To active, passive, active and passive Allow Station External Allow External Station Note Changing the connection configuration Changes to the connection configuration of CPs also change the connection-related firewall rules. To display the modified firewall rules, click the "Update connection rules" button. Conventions for automatically created firewall rules Priority The rules have highest priority and are therefore inserted at the top in the local rule list. Deleting rules The rules cannot be deleted. Logging can be enabled and services can be assigned. Moreover, you may insert a bandwidth and a comment. Changing the action If you set the action from "Allow" to "Drop" or vice versa, this is overwritten again during renewed system synchronization. Select "Allow*" or "Drop*" to retain your changes. In this case, only the IP address is synchronized and the action and direction remain as set. Settings for logging, service, bandwidth and comment are also retained after a renewed system synchronization even without changing the action to "Allow*" or "Drop*". If the configured connection is deleted, the corresponding rules are removed from the list. WinCC Advanced V14 System Manual, 10/2016 925 Editing devices and networks 10.1 Configuring devices and networks Security module in VPN group As default, the "Tunnel communication only" check box is enabled. If you deselect the check box, in addition to tunnel communication between tunnel partners, communication is also possible with network nodes to which there is no tunnel. Communication is untunneled if the partner address belongs to a station known in STEP 7 for which no VPN tunnel is configured. Communication is through the tunnel if the partner address is a VPN endpoint. If it is not clear whether connection should bypass or run through the VPN tunnel, the connection is assigned to the VPN tunnel and a message to this effect is displayed. The assignment can be adapted in advanced firewall mode, for example, by changing the "From" direction "Tunnel" to "External". To avoid this adaptation being overwritten by the next system synchronization, the "Allow*" or "Drop*" action must be selected. Note If you want to ensure that only communication through the tunnel is possible, you will need to create suitable firewall rules in advanced firewall mode, for example, for internal nodes or NDIS addresses. To allow only tunneled communication for a CP, add a rule with the following settings: "Action": "Drop" "From": "Any" "To": "External" For the CP 1628, add a rule with the following settings: "Action": "Drop" "From": "Station" "To": "External" In addition to this, you need to remove existing firewall rules that allow untunneled communication. Activating Web server on security module Module-specific function This function is only available for CP x43-1 Advanced, and CP 443-1 OPC UA: Meaning After activating the Web server, you have access to the Web pages of the module. In the local security settings, you can restrict access to these Web pages for the CP x43-1 Adv using the HTTPS protocol. This access is controlled using the "Allow access only using HTTPS" check box. In addition, you must configure the firewall accordingly. For the CP 443-1 OPC UA access to the Web server is only permitted using HTTPS. 926 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks IPsec tunnel: Creating and assigning groups Configuring internal network nodes - "Nodes" entry Allow access to S7-300 / S7-400 CPs for VPN connection partners Possible selections Decide whether or not the VPN connection partner can have access to the CP and/or the internal subnet of the CP in routing mode (SCALANCE S / M). How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "Node". 3. Configure access for the VPN connection partner of the CP in routing mode (SCALANCE S / M): - Allow connection to the CP (Gbit interface) - Allow connection to the internal subnet (PROFINET subnet) Configuring NDIS nodes manually for PC CPs that can be reached through the tunnel Configuring NDIS nodes that can be reached through the tunnel The internal nodes are learned and assigned to the routes dynamically. This concerns the NDIS IP addresses of the Windows PC. Follow the steps below 1. Select the module to be edited. 2. In the local security settings, select the entry "Nodes" > "NDIS nodes reachable via tunnel". 3. Enter the NDIS IP addresses. Online functions - Debug / Diagnostics and Logging Updated firewall rules - "Dynamically updated firewall rules" entry Module-specific function This function is only available for CP x43-1 Adv. WinCC Advanced V14 System Manual, 10/2016 927 Editing devices and networks 10.1 Configuring devices and networks Meaning Display of the IP addresses or IP address ranges that were enabled dynamically using HTTP or HTTPS, or loaded by a user. The rights assigned for accessing the S7 CP are displayed for the enabled IP addresses. An update of the IP addresses in this tab can only be triggered by the following events: Extension/modification of the IP access control list Update of firewall rules Dynamic extensions transmitted to the CP at runtime, for example, PROFINET IO devices Since only the dynamically updated firewall rules are displayed here, you also need to take into account the firewall rules that were configured offline and downloaded to the station for a full picture of the current firewall status of the module. Security for S7-1200-/S7-1500-CPs Setting up a firewall Local firewall rules for S7-1200 / S7-1500 CPs Overview of the local firewall rules for S7-1200 / S7-1500 CPs Enabling packet filter rules If you enable the security function for the CPs in the local security settings, initially all access to and via the CP is permitted. To enable individual packet filter rules, select the "Activate firewall" check box. Then enable the required services. Firewall rules created automatically due to a connection configuration have priority over rules set manually. Note Detailed firewall settings in advanced firewall mode In advanced firewall mode, you can restrict firewall rules to individual nodes. To change to advanced firewall mode, select the "Activate firewall in advanced mode" check box. Updating connection rules Changes to the connection configuration of CPs also change the connection-related firewall rules. To display the modified firewall rules, click the "Update connection rules" button. The modified firewall rules are then displayed in advanced firewall mode. 928 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring a firewall with predefined firewall rules - CP 1543-1 / CP 1543SP-1 Configuring a firewall using predefined IP rules How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "Firewall" > "Predefined IP rules". Table 10-67 Available services and directions Service From exter Enabled ports nal to station Meaning Allow IP communi cation x All IP traffic from external to station is allowed. Allow S7 protocol x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow FTP/FTPS* (explicit mode) x TCP port 20 For file management and file access between server and client. Allow HTTP x TCP port 80 For communication with a Web server. Allow HTTPS x TCP port 443 For secure communication with a Web server, for example, for Web diagnostics. Allow SNMP x TCP port 161/162 For monitoring nodes capable of SNMP. TCP port 21 UDP port 161/162 Allow security di agnostics x TCP port 8448 Allow security diagnostics. *not available for CP 1543SP-1 Table 10-68 Logging Option Action when activated IP log settings Log tunneled packets Log blocked incoming packets Only active if the security module is a member of a VPN group. All IP packets transferred via the tunnel are logged. Relevant firewall rule Action From To Allow Station Tunnel Allow Tunnel Station External Station All incoming IP packets that are dis Drop carded are logged. Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. WinCC Advanced V14 System Manual, 10/2016 929 Editing devices and networks 10.1 Configuring devices and networks Configuring a firewall using predefined IPv6 rules Meaning With the predefined IPv6 rules, you have the option of configuring the firewall for services in which IPv6 is used. By enabling a predefined IPv6 rule in the local security settings of the CP 1543-1 V1.1, the system-defined ICMPv6 services that can be seen in the global security settings in the "ICMP" tab in "Firewall" > "Services" > "Define services for IP rules"are also enabled in the firewall. The firewall of the CP 1543-1 V1.0 allows ICMPv6 packets through even without enabling a predefined IPv6 rule. How to access this function 1. Select the module to be edited. 2. Select the "Firewall" > "Pre-defined IPv6 rules" item in the local security settings. Table 10-69 Available services and directions Service From exter Enabled ports nal to station Meaning Allow IP communi cation x All IP traffic from external to station is allowed. Allow S7 protocol x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow FTP/FTPS* (explicit mode) x TCP port 20 For file management and file access between server and client. Allow SNMP x TCP port 21 TCP port 161/162 For monitoring nodes capable of SNMP. UDP port 161/162 *not available for CP 1543SP-1 Table 10-70 Logging Option Action when activated IP log settings Relevant firewall rule Action Log blocked incoming packets All incoming IP packets that are dis Drop carded are logged. From To External Station Note Relationship between log settings in default mode and firewall rules Log settings made in "Predefined IPv6 rules" have no effect on firewall rules that were automatically generated as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. 930 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring a firewall with predefined MAC rules How to access this function 1. Select the module to be edited. 2. Select the entry "Firewall" > "Predefined MAC rules". Table 10-71 Available services and directions Service From sta tion to ex ternal From external to sta tion Enabled ports Meaning Allow MAC commu nication x x - The MAC traffic from external to the station and vice versa is al lowed. Allow ISO protocol* Allow DCP x x - ISO traffic from external to the station and vice versa is allowed. x x - DCP traffic from external to the station and vice versa is allowed. Allow LLDP* x x - LLDP traffic from external to the station and vice versa is allowed. *not available for CP 1543SP-1 Table 10-72 Logging Option Action when activa Relevant firewall rule ted MAC log settings Action From To Allow Station Tunnel Allow Tunnel Station Log blocked incoming pack All incoming MAC ets packets that are discarded are log ged. Drop External Station Log blocked outgoing pack All outgoing MAC ets packets that are discarded are log ged. Drop Station External Log tunneled packets WinCC Advanced V14 System Manual, 10/2016 Only active if the security module is a member of a VPN group. All MAC packets transfer red via the tunnel are logged. 931 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. Configuring a firewall with predefined firewall rules - S7-1200 CPs Configuring a firewall using predefined IP rules How to access this function 1. Select the module to be edited. 2. In the local security settings, select the entry "Firewall" > "Predefined IP rules". Table 10-73 Available services and directions Service From exter Enabled ports nal to station Meaning Allow IP communi cation x All IP traffic from external to station is allowed. Allow S7 protocol x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow HTTP x TCP port 80 For communication with a Web server. Allow HTTPS x TCP port 443 For secure communication with a Web server, for example, for Web diagnostics. Allow SNMP x TCP port 161/162 For monitoring nodes capable of SNMP. UDP port 161/162 Allow security di agnostics x TCP port 8448 Allow security diagnostics. Table 10-74 Logging Option Action when activated IP log settings Log tunneled packets Log blocked incoming packets 932 Only active if the security module is a member of a VPN group. All IP packets transferred via the tunnel are logged. Relevant firewall rule Action From To Allow Station Tunnel Allow Tunnel Station External Station All incoming IP packets that are dis Drop carded are logged. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. Configuring a firewall using predefined IPv6 rules Meaning With the predefined IPv6 rules, you have the option of configuring the firewall for services in which IPv6 is used. By enabling a predefined IPv6 rule in the local security settings of of an S7-1200 CP capable of IPv6, the system-defined ICMPv6 services that can be seen in the global security settings in the "ICMP" tab in "Firewall" > "Services" > "Define services for IP rules" are also enabled in the firewall. How to access this function 1. Select the module to be edited. 2. Select the "Firewall" > "Predefined IPv6 rules" item in the local security settings. Table 10-75 Available services and directions Service From exter Enabled ports nal to station Meaning Allow IP communi cation x All IP traffic from external to station is allowed. Allow S7 protocol x TCP port 102 Communication of the nodes using the S7 protocol is allowed. Allow SNMP x TCP port 161/162 For monitoring nodes capable of SNMP. UDP port 161/162 Table 10-76 Logging Option IP log settings Log blocked incoming packets WinCC Advanced V14 System Manual, 10/2016 Action when activated Relevant firewall rule Action All incoming IP packets that are dis Drop carded are logged. From To External Station 933 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings made in "Predefined IPv6 rules" have no effect on firewall rules that were automatically generated as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. Configuring a firewall with predefined MAC rules How to access this function 1. Select the module to be edited. 2. Select the entry "Firewall" > "Predefined MAC rules". Table 10-77 Available services and directions Service From sta tion to ex ternal From external to sta tion Enabled ports Meaning Allow MAC commu nication x x - The MAC traffic from external to the station and vice versa is al lowed. Allow DCP x x - DCP traffic from external to the station and vice versa is allowed. Table 10-78 Logging Option Action when activa Relevant firewall rule ted MAC log settings Action From To Allow Station Tunnel Allow Tunnel Station Log blocked incoming pack All incoming MAC ets packets that are discarded are log ged. Drop External Station Log blocked outgoing pack All outgoing MAC ets packets that are discarded are log ged. Drop Station External Log tunneled packets 934 Only active if the security module is a member of a VPN group. All MAC packets transfer red via the tunnel are logged. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Relationship between log settings in default mode and firewall rules Log settings that are made in "Predefined IP rules" and "Predefined MAC rules" have no effect on firewall rules that were automatically created as a result of configuring a connection. This means, for example, that tunneled frames belonging to a configured connection cannot be logged. In advanced firewall mode, logging can be extended to the automatically generated firewall rules of connections. IP packet filter directions S7-1200 / S7-1500 CPs Meaning Possible selections for the communication directions "From" and "To" in the IP rules of the advanced firewall mode. The following directions are available Available options / ranges of values Meaning From To External Station Access from the external network to the station. Station External Access from the station to the external network. Tunnel Access from the station to the VPN tunnel partner. Station Access by VPN tunnel partners to the station. Tunnel MAC packet filter directions S7-1200 / S7-1500 CPs Meaning Possible selections for the communication directions "From" and "To" in the MAC rules of the advanced firewall mode. The following directions are available Available options / ranges of values Meaning From To External Station Access from the external network to the station. Station External Access from the station to the external network. Tunnel Access from the station to the VPN tunnel partner. Station Access by VPN tunnel partners to the station. Tunnel WinCC Advanced V14 System Manual, 10/2016 935 Editing devices and networks 10.1 Configuring devices and networks Connection-related automatic firewall rules Meaning For connections that were configured using CPs, STEP 7 automatically creates firewall rules that allow communication with the partner of the CP in the specified direction (CP active/ passive). The connection establishment directions are taken into account. To display these firewall rules, if the advanced firewall mode is enabled, the "Update connection rules" button needs to be clicked. The firewall rules are then displayed in advanced firewall mode. Note Enabling UDP multicast and UDP broadcast connections manually No automatic firewall rules are created for UDP multicast and UDP broadcast connections. To enable the connections, add the relevant firewall rules manually in advanced firewall mode. Depending on how the connection establishment is configured, the following level 3 firewall rules are created. If the CP is in a VPN group, the direction "External" changes to "Tunnel". The IP address of the connection partner is entered in the "Source IP address" or "Destination IP address" column of these firewall rules. CP->external Action From To active Drop External Station Allow Station External Drop Station External Allow External Station Allow External Station Allow Station External passive active and passive For level 2 connections, "Allow" rules are created for both directions. If the CP is in a VPN group, the direction "External" changes to "Tunnel". The MAC address of the connection partner is entered in the "Source MAC address" or "Destination MAC address" column of these firewall rules. CP->external Action From To active, passive, active and passive Allow Station External Allow External Station Note Changing the connection configuration Changes to the connection configuration of CPs also change the connection-related firewall rules. To display the modified firewall rules, click the "Update connection rules" button. 936 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Conventions for automatically created firewall rules Priority The rules have highest priority and are therefore inserted at the top in the local rule list. Deleting rules The rules cannot be deleted. Logging can be enabled and services can be assigned. Moreover, you may insert a bandwidth and a comment. Changing the action If you set the action from "Allow" to "Drop" or vice versa, this is overwritten again during renewed system synchronization. Select "Allow*" or "Drop*" to retain your changes. In this case, only the IP address is synchronized and the action and direction remain as set. Settings for logging, service, bandwidth and comment are also retained after a renewed system synchronization even without changing the action to "Allow*" or "Drop*". If the configured connection is deleted, the corresponding rules are removed from the list. Security module in VPN group As default, the "Tunnel communication only" check box is enabled. If you deselect the check box, in addition to tunnel communication between tunnel partners, communication is also possible with devices to which there is no tunnel. Communication is untunneled if the partner address belongs to a station known in STEP 7 for which no VPN tunnel is configured. Communication is through the tunnel if the partner address is a VPN endpoint. Note If you want to ensure that only communication through the tunnel is possible, you will need to create suitable firewall rules in advanced firewall mode. To allow only tunneled communication for a CP, add a rule with the following settings: "Action": "Drop" "From": "Station" "To": "External" In addition to this, you need to remove existing firewall rules that allow untunneled communication. WinCC Advanced V14 System Manual, 10/2016 937 Editing devices and networks 10.1 Configuring devices and networks 10.1.4 Creating configurations 10.1.4.1 Configuring automation systems (S7-1200) Functional description of S7-1200 CPUs (S7-1200) Operating modes (S7-1200) Principles of the operating modes of S7-CPUs (S7-1200) Introduction Operating modes describe the behavior of the CPU. The following operating modes are possible: STARTUP RUN STOP In these operating modes, the CPU can communicate via the PN/IE interface, for example. Other operating modes If the CPU is not ready for operation, it is in one of following two operating modes: Deenergized, i.e. the supply voltage is switched off. Defective, which means an internal error has occurred. If the "Defective" status is caused by a firmware error, this state is indicated by the status LEDs of the CPU (refer to the description of the CPU). To find out the cause, follow these steps: - Turn the power supply switch off and on again. - Read out the diagnostics buffer when the CPU starts up and send the data for analysis to Customer Support. If the CPU does not start up, replace it. See also STOP mode (Page 943) RUN mode (Page 943) "STARTUP" operating mode (Page 940) 938 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Operating mode transitions (S7-1200) Overview The following figure shows the operating modes and the operating mode transitions of S7-1200 CPUs: 32:(5 21 6723 67$5783 581 The following table shows the conditions under which the operating modes will change: No. Operating mode transition Conditions POWER ON STARTUP After switching on, the CPU goes to "STARTUP" mode if: "Warm restart" startup type is set, and the hardware configuration and the program blocks are consistent. Non-retentive memory is cleared and the contents of non-retentive DBs are reset to the initial values of the load memory. Retentive memory and retentive DB contents are retained. POWER ON STOP When startup type "No startup" is set, the CPU goes to "STOP" mode after the supply voltage is switched on. Non-retentive memory is cleared and the contents of non-retentive DBs are reset to the initial values of the load memory. Retentive memory and retentive DB contents are retained. STOP STARTUP The CPU switches to "STARTUP" mode if: CPU is set to "RUN" from the programming device, and the hardware configuration and the program blocks are consistent. STARTUP STOP The CPU returns to the "STOP" mode in the following situations: Error detected during startup. The CPU is set to "STOP" from the programming device. A STOP command is processed in the STARTUP OB. STARTUP RUN If the STARTUP is successful, the CPU switches to "RUN". RUN STOP The CPU returns to the "STOP" mode in the following situations: An error is detected that prevents continued processing. The CPU is set to "STOP" from the programming device. A STOP command is processed in the user program. WinCC Advanced V14 System Manual, 10/2016 939 Editing devices and networks 10.1 Configuring devices and networks "STARTUP" operating mode (S7-1200) Principles of the STARTUP mode (S7-1200) Function After turning on the CPU, it executes a startup program before starting to execute the cyclic user program. By suitably programming startup OBs, you can specify certain initialization variables for your cyclic program in the startup program. There is no rule in terms of the number of startup OBs. That is, you can set up one or several startup OBs in your program, or none at all. Parameter settings for startup characteristics You can specify whether the CPU remains in STOP mode or whether a warm restart is run. Over and above this, you can set the response during startup (RUN or previous mode) in the "Startup" group of the CPU properties. Special characteristics Note the following points regarding the "STARTUP" mode: The startup OBs are executed. All startup OBs you have programmed are executed, regardless of the selected startup mode. No time-based program execution can be performed. Interrupt controlled program execution limited to: - OB 82 (diagnostics interrupt) The outputs on the modules are disabled. The process image is not updated; direct I/O access to inputs is possible. See also Principles of the operating modes of S7-CPUs (Page 938) Startup OBs (Page 998) Warm restart (Page 940) Warm restart (S7-1200) Function During a warm restart, all non-retentive bit memory is deleted and non-retentive DB contents are reset to the initial values from load memory. Retentive bit memory and retentive DB contents are retained. Program execution begins at the call of the first startup OB. 940 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Triggering a warm restart You can trigger a "Warm restart" using a corresponding menu command on your programming device in the following situations: The CPU must be in "STOP" mode. After a memory reset After downloading a consistent program and a consistent hardware configuration in the "STOP" mode of the CPU. "POWER ON" triggers a "warm restart" if you have set the following parameters for the startup response: Startup type "warm restart - RUN" (regardless of the CPU operating mode prior to POWER OFF). "Warm restart - mode prior to POWER OFF" (depending on the CPU operating mode prior to POWER OFF. The CPU must have been in RUN mode prior to this.) See also Retentive memory areas (Page 948) Startup activities (S7-1200) Overview The following table shows which activities the CPU performs at STARTUP: Activities in execution sequence At warm restart Clear non-retentive bit memories Yes Clear all bit memories No Clear the process image output Yes Processing startup OBs Yes Update the process image input Yes Enable outputs after changing to "RUN" mode Yes Sequence The following figure shows the activities of the CPU in "STOP", "STARTUP", and "RUN" modes. You can use the following measures to specify the state of the I/O outputs in the first cycle of the user program: Use assignable output modules to be able to output substitute values or to retain the last value. Set default values for outputs in startup OBs. During the startup, all interrupt events are entered in a queue so that they can be processed later during RUN mode. In RUN mode, hardware interrupts can be processed at any time. WinCC Advanced V14 System Manual, 10/2016 941 Editing devices and networks 10.1 Configuring devices and networks 6723 67$5783 5HVHWSURFHVVLPDJHLQSXW 'LVDEOH,2RXWSXWV WXUQRIIUHWDLQODVWYDOXH RUVXEVWLWXWHDYDOXH 5XQVWDUWXS2%V 7UDQVIHU,2LQSXWVWRWKH SURFHVVLPDJHLQSXW (QDEOH,2RXWSXWV 581 2XWSXWSURFHVVLPDJH RXWSXW 7UDQVIHU,2LQSXWVWRWKH SURFHVVLPDJHLQSXW 5XQF\FOLF2%V 2SHUDWLQJV\VWHP DFWLYLWLHV FRPPXQLFDWLRQ VHOIWHVWHWF Special features during startup (S7-1200) Response when expected and actual configurations do not match The expected configuration is represented by the engineering configuration loaded on the CPU. The actual configuration is the actual configuration of the automation system. If the expected configuration and actual configuration differ, the CPU nevertheless initially changes to RUN. Canceling a STARTUP If errors occur during startup, the startup is canceled and the CPU remains in "STOP" mode. Under the following conditions, a startup will not be performed or will be canceled: If an invalid SD card is inserted. If no hardware configuration has been downloaded. 942 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Overview of the CPU properties (Page 960) RUN mode (S7-1200) Function In "RUN" mode the cyclic, time-driven, and interrupt-driven program sections execute: The process image output is read out. The process image input table is read. The user program is executed. Active data exchange between S7-1200 CPUs by means of Open User Communication is only possible in "RUN" mode. Running the user program Once the CPU has read the inputs, the cyclic program runs from the first to the last instruction. If you have configured a minimum cycle time, the CPU will not end the cycle until this minimum cycle time is up even if the user program is completed sooner. A maximum cycle time is set which you can adjust according to your requirements. This ensures that the cyclic program is completed within a specified time. The system will respond with a time error if the cyclic program is not completed within this time. Other events such as hardware and diagnostic interrupts can interrupt the cyclic program flow and prolong the cycle time. See also Principles of the operating modes of S7-CPUs (Page 938) Events and OBs (Page 952) STOP mode (S7-1200) Function In "STOP" mode, the user program is not executed. All outputs are disabled or react according to the parameter settings: They provide a substitute value as set in the parameters or retain the last value output and bring the controlled process to a safe status. The CPU checks the following points: Hardware, for example whether are all modules are available Whether the default settings for the CPU are applicable or parameter sets are present Whether the general conditions for the programmed startup behavior are correct WinCC Advanced V14 System Manual, 10/2016 943 Editing devices and networks 10.1 Configuring devices and networks See also Principles of the operating modes of S7-CPUs (Page 938) Basics of a memory reset (S7-1200) Function A memory reset on the CPU is possible only in STOP mode. When memory is reset, the CPU is changed to an "initial status". This means: An existing online connection between your programming device/PC and the CPU is terminated. The content of the work memory and the retentive and non-retentive data are deleted. The diagnostic buffer, the time, the IP address, the hardware configuration, and active force jobs are retained. The load memory (code and data blocks) is then copied to work memory. As a result, the data blocks no longer have current values but their configured initial values. Memory areas (S7-1200) What you need to know about SIMATIC memory cards (S7-1200) Function of the SIMATIC memory card The SIMATIC memory card for an S7-1200 is an SD memory card, preformatted by Siemens for the CPU user program, that is compatible with the Windows operating system. NOTICE Formatting the SIMATIC memory card You may only delete files and folders. If you format the SIMATIC memory card with Windows tools, for example with a commercially available card reader, you will render the memory card unusable as a storage medium for an S7 CPU. 944 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Setting the card type You can use the SIMATIC memory card as a transfer card, a program card or a firmware update card. To set the card type, insert the SIMATIC memory card into the card reader of the programming device and select the "Card reader/USB memory" folder from the project tree. In the properties of the selected memory card, designate the card type: Program If the SIMATIC memory card is used as a program card, you can load the user program to the card. In this case, the internal load memory of the device is replaced by the SIMATIC memory card and the internal load memory is erased. The user program is then fully executable from the SIMATIC memory card. If the SIMATIC memory card with the user program is removed, there is then no program. Transfer If the SIMATIC memory card is used as a transfer card, you can transfer the user program from the card to the internal load memory of the CPU. You can then remove the SIMATIC memory card. Firmware card Firmware for the S7-1200 modules can be stored on a SIMATIC memory card. It is therefore possible to perform a firmware update with the help of a specifically prepared SIMATIC memory card. A backup copy of firmware for a module can also be stored on the SIMATIC memory card. Transferring objects from the project to a SIMATIC memory card When the SIMATIC memory card is inserted in the programming device or in an external card reader, you can transfer the following objects from the project tree to the SIMATIC memory card: Individual blocks (multiple selection possible) In this case a consistent transfer is available, as the dependencies of the blocks to each other is taken into account with block selection. PLC In this case, all objects relevant to processing, such as blocks and the hardware configuration, are transferred to the SIMATIC memory card, just as with downloading. To perform the transfer, you can move the objects with drag-and-drop or use the command "Card reader/USB memory > Write to memory card" in the "Project" menu. Transferring objects from the SIMATIC memory card to the project You can transfer Individual blocks (multiple selection is possible) by dragging them to the project. A hardware configuration cannot be transferred from the SIMATIC memory card to the project. Updating firmware with a SIMATIC memory card You can get the latest firmware data on the Internet from the Service & Support pages: WinCC Advanced V14 System Manual, 10/2016 945 Editing devices and networks 10.1 Configuring devices and networks http://support.automation.siemens.com (http://support.automation.siemens.com/WW/view/en/ 34143537) Save the firmware files on the hard disk and plug the SIMATIC Memory Card into the card reader of your programming device. To store the file on the SIMATIC memory card, select the SIMATIC memory card in the "Card Reader/USB memory" folder in the project tree. Select the shortcut menu "Card Reader/USB memory > Create firmware update memory card". Then follow the instructions in the Service & Support portal for performing a firmware update with your CPU. Updating the firmware changes the CPU firmware status. If you have used the CPU in the project, you will have to update the CPU already configured to the CPU with the new firmware status by changing devices offline, and adapt and then load the program or configuration. See also Useful information on CPU firmware versions and STEP 7 versions (Page 1019) Displaying properties of memory cards (Page 441) Load memory (S7-1200) Function Each CPU has an internal load memory. The size of this internal load memory depends on the CPU used. This internal load memory can be replaced by using external memory cards. If there is no memory card inserted, the CPU uses the internal load memory; if a memory card is inserted, the CPU uses the memory card as load memory. See also Using memory cards (Page 439) Work memory (S7-1200) Function Work memory is a non-retentive memory area for storing elements of the user program that are relevant for program execution. The user program is executed exclusively in work memory and system memory. 946 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks System memory (S7-1200) System memory areas (S7-1200) Function System memory contains the memory elements that each CPU makes available to the user program, such as the process image and bit memory. By using appropriate operations in your user program, you address the data directly in the relevant operand area. The following table shows the operand areas of the system memory: Operand area Description Access via units of the following size: S7 notation Process image output The CPU writes the values from the process image out put table to the output mod ules at the start of the cycle. Output (bit) Q Output byte QB Output word QW Output double word QD The CPU reads the inputs from the input modules and saves the values to the proc ess image input table at the start of the cycle. Input (bit) I Input byte IB Input word IW Input double word ID This area provides storage for intermediate results cal culated in the program. Bit memory (bit) M Memory byte MB Memory word MW Memory double word MD Data bit DBX Data byte DBB Data word DBW Data double word DBD Local data bit L Local data byte LB Local data word LW Local data double word LD Process image input Bit memory Data block Data blocks store informa tion for the program. They can either be defined so that all code blocks can access them (global DBs) or as signed to a specific FB or SFB (instance DB). Requirement: The block at tribute "Optimized block ac cess" is not enabled. Local data This area contains the tem porary data of a block while the block is being processed. Requirement: The block at tribute "Optimized block ac cess" is not enabled. Recommendation: Access local data (temp) symbolical ly. WinCC Advanced V14 System Manual, 10/2016 947 Editing devices and networks 10.1 Configuring devices and networks Operand area Description Access via units of the following size: S7 notation I/O input area The I/O input and output areas permit direct access to central and distributed input and output modules. I/O input bit <tag>:P I/O output area I/O input byte I/O input word I/O input double word I/O output bit I/O output byte I/O output word I/O output double word See also Diagnostics buffer (Page 950) Basic principles of process images (Page 949) Basic principles for programming of data blocks (Page 4551) Declaring local tags and constants in the block interface (Page 4530) Overview of the block interface (Page 4522) Access to the I/O addresses (Page 951) Retentive memory areas (S7-1200) Retentive memory areas Data loss after power failure can be avoided by marking certain data as retentive. This data is stored in a retentive memory area. A retentive memory area is an area that retains its content following a warm restart, in other words, after cycling the power when the CPU changes from STOP to RUN. The following data can be assigned retentivity: Bit memory: The precise width of the memory can be defined for bit memory in the PLC tag table or in the assignment list. Tags of a function block (FB): You can define individual tags as retentive in the interface of an FB if you have enabled optimized block access. Retentivity settings can be defined only in the assigned instance data block if optimized block access has not been activated for the FB. Tags of a global data block: You can define retentivity either for individual or for all tags of a global data block depending on the settings for access. - Block with optimized access: retentivity can be set for each individual tag. - Block with standard access: The retentivity setting applies to all tags of the DB; either all tags are retentive or no tag is retentive. 948 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Warm restart (Page 940) Setting the retentivity of PLC tags (Page 4603) process image input/output (S7-1200) Basic principles of process images (S7-1200) Function When the user program addresses the input (I) and output (O) operand areas, it does not query or change the signal states on the digital signal modules. Instead, it accesses a memory area in the system memory of the CPU. This memory area is referred to as the process image. Advantages of the process image Compared with direct access to input and output modules, the main advantage of accessing the process image is that the CPU has a consistent image of the process signals for the duration of one program cycle. If a signal state on an input module changes during program execution, the signal state in the process image is retained until the process image is updated again in the next cycle. The process of repeatedly scanning an input signal within a user program ensures that consistent input information is always available. Access to the process image also requires far less time than direct access to the signal modules since the process image is located in the internal memory of the CPU. Updating the process images (S7-1200) Sequence The operating system updates the process images at cyclic intervals unless defined otherwise in your configuration. The process image input/output is updated in the following order: 1. The internal tasks of the operating system are performed. 2. The process image output (PIQ) table is written to the outputs of the module. 3. The status of inputs is read to the process image input (PII) table. 4. The user program is executed with all the blocks that are called in it. The operating system automatically controls the writing of the process image output to the outputs of the modules and the reading of the process image input. WinCC Advanced V14 System Manual, 10/2016 949 Editing devices and networks 10.1 Configuring devices and networks Special characteristics You have the option of accessing inputs or outputs directly using direct I/O access. If an instruction accesses an output directly and the output address is located in the process image output, the process image of the relevant output is updated. If an instruction accesses an output directly and the output address is not located in the process image output, the process image of the relevant output is not updated. Example of normal I/O access by way of the process image 029( , 0: (1 (12 ,1 287 4 4: Update QW10 in the I/O output area with the value from MW0. I/O access error during process image updating If an error occurs during process image updating (I/O access error), the CPU reacts with the default system reaction "Ignore". See also Start address of a module (Page 951) Access to the I/O addresses (Page 951) Startup activities (Page 941) Diagnostics buffer (S7-1200) Function The diagnostics buffer is part of the system memory of the CPU. It contains the errors detected by the CPU or modules with diagnostics capability. It includes the following events: Every mode change of the CPU (for example, POWER UP, change to STOP mode, change to RUN mode) Every diagnostics interrupt The diagnostics buffer of the S7-1200-CPU has a capacity of 50 entries of which the last (most recent) 10 entries are retained following power cycling. Those entries can only be cleared by restoring the CPU to factory defaults. You can read the content of the diagnostics buffer with the help of the Online and Diagnostics view. 950 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks I/O data area (S7-1200) Start address of a module (S7-1200) Definition The start address is the lowest byte address of a module. It acts as the initial address of the module user data area. Configuring module start addresses The addresses used in the user program and the module start addresses are coordinated when the modules are configured. In the module properties ("I/O addresses" group), you can change the start addresses that were assigned automatically after the modules were inserted. You can also make a setting that decides whether or not the addresses are located in the process image. Access to the I/O addresses (S7-1200) I/O addresses If you insert a module in the device view, its user data is located in the process image of the S7-1200 CPU (default). The CPU handles the data exchange between the module and the process image area automatically during the update of the process images. Append the suffix ":P" to the I/O address if you want the program to access the module directly instead of using the process image. This could be necessary, for example, during execution of a time-sensitive program which also has to control the outputs within the same cycle. WinCC Advanced V14 System Manual, 10/2016 951 Editing devices and networks 10.1 Configuring devices and networks Basics of program execution (S7-1200) English designation of the OB types (S7-1200) English designation of the OB types When an OB is created in the "Add new block" dialog, the OB types can only be displayed in English for technical reasons - irrespective of the set user interface language. In order to facilitate handling, the following table lists the English terms and their corresponding designations in the set user interface language. English designation of the OB type in the "Add new block" dialog. Designation in the information system Program cycle Cycle OB, OB for cyclic program processing, cyclic program Startup Startup OB Time delay interrupt Time-delay interrupt OB Cyclic interrupt Cyclic interrupt OB Hardware interrupt Hardware interrupt OB Time error interrupt Time error OB Diagnostic error interrupt Diagnostic interrupt OB Pull or plug of modules Pull/plug interrupt OB Rack or station failure Rack failure OB Time of day Time-of-day interrupt OB Status Status interrupt OB Update Update interrupt OB Profile OB for vendor or profile-specific interrupt MC-Interpolator MC-Interpolator OB MC-Servo MC-Servo OB MC-PreServo MC-PreServo OB MC-PostServo MC-PostServo OB Events and OBs (S7-1200) Events and OBs The operating system of S7-1200-CPUs is based on events. There are two types of events: Events which can start an OB Events which cannot start an OB An event which can start an OB triggers the following reaction: It calls the OB you possibly assigned to this event. The event is entered in a queue according to its priority if it is currently not possible to call this OB. The default system reaction is triggered if you did not assign an OB to this event. 952 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks An event which cannot start an OB triggers the default system reaction for the associated event class. The user program cycle is therefore based on events, the assignment of OBs to those events, and on the code which is either contained in the OB, or called in the OB. The following table provides an overview of the events which can start an OB, including the associated event classes and OBs. The table is sorted based on the default OB priority. Priority class 1 is the lowest. Event class OB no. Cyclic program Number of OBs Start event OB priority (de fault) 1, >= 123 >= 1 Starting or end of the last program cycle OB 1 Startup 100, >= 123 >=0 STOP to RUN transition 1 Time-of-day interrupt >= 10 Max. 2 Start time has been reached 2 Time-delay interrupt >= 20 Max. 4 Delay time expired 3 Cyclic interrupt >= 30 Constant bus cycle time expired 8 Hardware interrupt >= 40 Positive edge (max. 16) 18 Max. 50 (more can be used with DETACH and AT TACH) Negative edge (max. 16) HSC: Count value = reference value (max. 6) 18 HSC: Count direction changed (max. 6) HSC: External reset (max. 6) Status interrupt 55 0 or 1 CPU has received status interrupt 4 Update interrupt 56 0 or 1 CPU has received update interrupt 4 Manufacturer- or profilespecific interrupt 57 0 or 1 CPU has received manufacturer-specific or pro 4 file-specific interrupt Diagnostic error interrupt 82 0 or 1 Module has detected an error 5 Pull/plug interrupt 83 0 or 1 Removal/insertion of modules of distributed I/O 6 Rack error 86 0 or 1 Error in the I/O system of the distributed I/O 6 Time error 80 0 or 1 Maximum cycle time exceeded 22 Called OB is still being executed Time-of-day interrupt missed Time-of-day interrupt missed during STOP Queue overflow Interrupt loss due to high interrupt load The following table describes events which do not trigger an OB start, including the corresponding reaction of the operating system. The table is sorted based on event priority. Event class Event Insert/remove central modules Insert/remove a module I/O access error during proc ess image update WinCC Advanced V14 System Manual, 10/2016 Event priority System reaction 21 STOP I/O access error during process image update 22 Ignore 953 Editing devices and networks 10.1 Configuring devices and networks Event class Event Programming error Programming error in a block for which you 23 use system reactions provided by the operat ing system (note: the error handling routine in the block program is executed if you acti vated local error handling). Event priority RUN I/O access error I/O access error in a block for which you use 24 system reactions provided by the operating system (note: the error handling routine in the block program is executed if you activated lo cal error handling). RUN Maximum cycle time exceeded twice Maximum cycle time exceeded twice STOP 27 System reaction Assignment between OBs and events With the exception of the cyclic program and startup program and event can only be assigned to one OB. However, in certain event classes such as hardware interrupts one and the same OB can be assigned to several events. The assignment between OBs and events is defined in the hardware configuration. Defined assignments can be changed at runtime by means of ATTACH and DETACH instructions. OB priority and runtime behavior S7-1200-CPUs support the priority classes 1 (lowest) to 27 (highest). An OB is assigned the priority of its start event. OBs are always executed on a priority basis: The OBs with the highest priority are executed first. Events of the same priority are processed in order of occurrence. As of firmware version V4.0 of the S7-1200 CPUs you can specify in the device configuration, under properties of the CPU, if the OBs are interruptible or not. This parameter assignment has an effect on all OBs with exception of the cycle OBs which are always interruptible. The following applies to S7-1200 CPUs with firmware version < V4.0: Any OB with priority >= 2 will interrupt cyclic program execution. An OB of priority 2 to 25 cannot be interrupted by any event of priority group 2 to 25. This rule also applies to events of a priority higher than that of the currently active OB. Such events are processed later. A time error (priority 26) will interrupt any other OB. The following applies to S7-1200 CPUs as of firmware version V4.0: If you do not configure the OBs as interruptible, an OB is always processed completely even if an event of a higher priority occurs during its runtime. Specifically, this means: Any OB with priority >= 2 will interrupt cyclic program execution. An OB of priority 2 to 25 cannot be interrupted by any event. This rule also applies to events of a priority higher than that of the currently active OB, which also includes a time error. Such events are processed later. 954 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you do configure the OBs as interruptible and an event of a higher priority occurs during the runtime of an OB, the running OB is interrupted and the OB associated with the occurring event is processed. Once this OB has been completed, processing of the interrupted OB continues. Specifically, this means: Any OB with priority >= 2 will interrupt cyclic program execution. An OB of priority 2 to 25 can be interrupted by any event whose priority is higher than that of the running OB. This is also true for time errors: A time error (priority 26) will interrupt any OB. OB start information Certain OBs have start information, while others do not. This is explained in greater detail in the description of the relevant OB. See also Event-based program execution (Page 955) ATTACH: Attach an OB to an interrupt event (Page 3631) DETACH: Detach an OB from an interrupt event (Page 3636) Event-based program execution (S7-1200) OB priority and runtime behavior S7-1200-CPUs support the priority classes 1 (lowest) to 27 (highest). An OB is assigned the priority of its start event. Interrupt OBs can only be interrupted by time error interrupts. This rule also applies to events of a priority higher than that of the currently active OB. That is, only one interrupt OB can be active, with exception of the time error interrupt OB. Any further event of generated while an interrupt OB is being executed is added to a queue in accordance with its priority. Start events within a queue are processed later based on the chronological order of their occurrence. Program execution on the CPU Cyclic OBs are interrupted by interrupt OBs. Reactions to events which start an interrupt OB: For CPUs up to firmware version V3: Interrupt OBs can only be interrupted by time error interrupt OBs. For CPUs as of firmware version V4: Interrupt OBs can be interrupted by interrupt OBs of a higher priority. The figure below shows the basic procedure in case interrupt OBs cannot be interrupted (behavior up to firmware version V3): WinCC Advanced V14 System Manual, 10/2016 955 Editing devices and networks 10.1 Configuring devices and networks (YHQWV &\FOLF2%V ,QWHUUXSW2%V 7LPHHUURULQWHUUXSW2%V :ULWH3,4 5HDG3,, %HJLQ 2% ,QWHUUXSWLRQ 5HVXPH 2% ,QWHUUXSWLRQ %HJLQ 2%[[ (QG %HJLQ 2%[\ ,QWHUUXSWLRQ 5HVXPH 2%[\ (QG %HJLQ 2% 7LPHHUURU LQWHUUXSW (QG %HJLQ 2%[] (QG 5HVXPH 2% (QG and %HJLQ 2%[] (QG An event (e.g. a hardware interrupt) calls its associated OB. A called OB is executed without interruption, including all of its nested blocks. Execution of the cyclic OB is resumed on completion of interrupt processing, provided the queue does not contain any events which trigger an OB start. An interrupt OB can only be interrupted by a time error interrupt OB (OB 80). An new alarm-triggering event occurs during interrupt processing. Reaction for CPUs up to and including firmware version V3: This new event is added to a queue. The queued events successively call their corresponding OBs only after execution of the current interrupt OBs was completed and according to the following rules: Events are processed in the order of their priority (starting at the highest priority). Events of the same priority are processed in chronological order. Reaction for CPUs as of firmware version V4: You use a CPU parameter to set the interruptibility for CPUs as of firmware version V4. Default behavior: OBs are interruptible. In this case: If the new event has a higher priority than the currently running OB, the OB started by the new event interrupts the currently running OB. 956 If you disable the option, the interrupt OBs cannot be interrupted. The cyclic OBs are processed one after the other. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Notes on queues Every priority class (OBs of the same priority to be called) is assigned a separate queue. The size of those queues is set by default. Any new event leading to the overflow of a queue is discarded and therefore lost. A "time error interrupt event" is generated simultaneously. Information identifying the OB that caused the error is included in the start information of the time error interrupt OB (OB 80). A corresponding reaction such as an alarm trigger can be programmed in the time error interrupt OB. Example of a hardware interrupt event (S7-1200) The function principle of event-oriented program execution in the S7-1200 CPU is described based on the example of a hardware interrupt-triggering module. Process events and their priority Process events are triggered by the I/O (e.g. at a digital input) and initiate a call of the assigned OB in the S7-1200 CPU. OBs assigned to a process event are called hardware interrupt OBs. Examples of process events and their priority: Process events "rising edge" or "falling edge" at an interrupt-triggering module: The hardware interrupt OB started by such an event is always assigned priority 5. Process events from a high-speed counter - Count value corresponds to the reference value - Change count direction - External reset of the high-speed counter The hardware interrupt OB started by this event is always assigned priority 6. The figure below shows the chronological sequence of hardware interrupt execution: In the case of two hardware interrupt events in immediate succession, the second hardware interrupt triggering event is held back in the queue until the first OBx has been processed. The next hardware interrupt triggering event can only start the associated OBx when the OBx has been processed. Additional hardware interrupt triggering events are lined up in the queue according to this principle. WinCC Advanced V14 System Manual, 10/2016 957 Editing devices and networks 10.1 Configuring devices and networks &38 0RGXOH %HJLQ 2%[ ', &38 0RGXOH :$,7 %HJLQ 2%[ ', &38 0RGXOH :$,7 %HJLQ 2%[ (QG ', %HJLQ 2%[ Hardware interrupt execution A hardware interrupt-triggering event such as a rising edge at the input calls the OB to which it is assigned. If a new event occurs that triggers a hardware interrupt while the OB is executing, this event is entered in a queue. The new event that triggers a hardware interrupt starts the hardware interrupt OB as signed to the event. Assigning the interrupt-triggering event The interrupt-triggering event is assigned to an OB in the input properties of the device view. An interrupt-triggering event can only be assigned to a single OB. OBs, however, can be assigned to several interrupt-triggering events. This means, for example, that you can assign both the rising and the falling edge to the same interrupt OB in order to trigger the same reaction to any change of the input signal. 958 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The started OB can interrupt a cycle OB at every instruction. Consistent data access is secured up to dword size. You can parameterize module-specific interrupt-triggering events such as a rising and the falling edge at the input. Assign the interrupt-triggering event and the OB to be started in the configuration of the interrupt-triggering module. However, within the started hardware interrupt OB you can override this assignment using the DETACH instruction, or assign the same event to a different OB using the ATTACH instruction. This functionality allows a flexible reaction to external process signals. Setting the operating behavior (S7-1200) Changing properties of the modules (S7-1200) Default settings When they leave the factory, all hardware components with parameters have default settings suitable for standard applications. These default values allow the hardware components to be used immediately without making any additional settings. You can, however, modify the behavior and the properties of the hardware components to suit the requirements and circumstances of your application. Hardware components with settable parameters include, for example, communications modules and several analog and digital modules. Setting and loading parameters When you have selected a hardware component in the device or network view, you can set the properties in the Inspector window. When you save a device configuration with its parameters, data is generated that needs to be loaded on the CPU. This data is transferred to the relevant modules during startup. Properties of the CPUs The properties of the CPUs have special significance for system behavior. For example for a CPU you can set: Interfaces Inputs and outputs High-speed counters Pulse generators Startup behavior Time-of-day Protection level Bit memory for system and clock WinCC Advanced V14 System Manual, 10/2016 959 Editing devices and networks 10.1 Configuring devices and networks Cycle time Communications load The entry possibilities specify what is adjustable and in which value ranges. Fields that cannot be edited are disabled or are not shown in the properties window. Requirement You have already arranged the hardware components for which you want to change properties on a rack. Procedure To change the properties and parameters of the hardware components, follow these steps: 1. In the device or network view, select the hardware component or interface that you want to edit. 2. Edit the settings for the selected object: - For example in the device view you can edit addresses and names. - In the Inspector window additional setting possibilities are available. You do not need to confirm your entries, the changed values will be applied immediately. CPU properties (S7-1200) Overview of the CPU properties (S7-1200) Overview The following table provides you with an overview of the CPU properties: Group Properties Description General Project information General information to describe the inserted CPU. Except for the slot number, you can change this information. Catalog information Read-only information from the hardware catalog for this CPU. Identification & Maintenance For saving application-specific information such as the name of the plant and the installation location. Checksums To check the identity or integrity of PLC programs. Blocks in the block folder and text lists are automatically marked with unique checksums when they are compiled. You can easily establish whether the program currently running on the CPU is the same program that you loaded a long time ago or whether the program has been changed in the meantime. The "GetCh ecksum" instruction is available to read out the checksum while the program is running. See: Comparison of PLC programs based on checksums (Page 4833) 960 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Group Properties Description PROFINET interface General Name and comment for this PROFINET interface. The name is limited to 110 characters. Ethernet addresses Select whether the PROFINET interface is networked. If subnets have already been created in the project, they are available for selection in the drop-down list. If not, you can create a new subnet with the "Add new subnet" button. Information on the IP address, subnet mask and IP router usage in the subnet is available in the IP protocol. If an IP router is used, the information about the IP address of the IP router is necessary. See: Assigning addresses and names for PROFINET devices Advanced options Name, comment and additional setting options of the Ethernet interface port. Time synchronization Settings for time synchronization in the NTP time format. The NTP (network time protocol) is a general mechanism for syn chronizing system clocks in local and global area networks. In NTP mode, the interface of the CPU sends time queries (in client mode) at regular intervals to NTP servers on the subnet (LAN) and the addresses must be set in the parameters here. Based on the replies from the server, the most reliable and most accurate time is calculated and synchronized. The advantage of this mode is that it allows the time to be synchronized across subnets. The accuracy depends on the quality of the NTP server being used. DI#/DO# General Name of and comment on the integrated digital inputs of the CPU. Digital inputs Input delays can be set for digital inputs. The input delays can be set in groups (in each case for 4 inputs). The detection of a positive and a negative edge can be enabled for each digital input. A name and a hardware interrupt can be assigned to this event. Depending on the CPU, pulse catches can be activated at various inputs. When the pulse catch is activated, even pulse edges that are shorter than the cycle time of the program are detected. Digital outputs The reaction to a mode change from RUN to STOP can be set for all digital outputs: The state can either be frozen (corresponds to retain last value) or you set a substitute value ("0" or "1") WinCC Advanced V14 System Manual, 10/2016 I/O addresses The address space of the input and output addresses is specified as is the process image. Hardware identifier The hardware identifier of the device is displayed. 961 Editing devices and networks 10.1 Configuring devices and networks Group Properties Description AI# General Name of and comment on the integrated analog inputs of the CPU. Analog inputs During noise reduction, the specified integration time suppresses interference frequencies at the specified frequency (in Hz). The channel address, measurement type, voltage range, smooth ing and overflow diagnostics must be specified in the "Channel #" group. The measurement type and voltage range are set per manently to voltage, 0 to 10 V. Smoothing analog values provides a stable analog signal for fur ther processing. Smoothing analog values can be useful with slow measured value changes, for example, in temperature measurement. The measured values are smoothed with digital filtering. Smoothing is achieved by the module forming mean val ues from a specified number of converted (digitalized) analog values. The selected level (slight, medium, strong) decides the number of analog signals used to create the mean value. If overflow diagnostics is enabled, a diagnostics event is gener ated if an overflow occurs. High-speed counter (HSC) I/O addresses The address space of the input addresses is specified as is the process image. Hardware identifier The hardware identifier of the device is displayed. High-speed counter (HSC)# High-speed counters are typically used to drive counting mecha nisms. See: Configuring high-speed counters (Page 973) Pulse generators (PTO/PWM) PTO#/PWM# A pulse generator is activated and can be initialized with project information. For the configuration of an activated pulse generator, specify the usage as PWM (Pulse Width Modulation) or as PTO (Pulse Train Output). Specify the output source, time base, pulse width format, cycle time and initial pulse width for PWM. A pulse output is specified as the hardware output. The PWM output is controlled by the CTRL_PWM instruction, see CTRL_PWM (Page 3788). Specify the output source for PTO. A pulse output and a direction output are specified as the hardware outputs. A PTO is operated together with a high-speed counter in the "axis of motion" count mode and controlled by the Motion Control technology object (see keyword "Motion Control S7-1200") . The hardware ID is displayed in the I/O-diagnostics addresses and, if the PWM function is selected, the address space of the output addresses and the process image can be selected. 962 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Group Properties Description Startup Startup after POWER ON Setting the startup characteristics after cycling power. See: Principles of the STARTUP mode (Page 940) Comparison of preset configura tion and actual configuration Specifies the startup characteristics of the CPU for situations in which the actual configuration of the S7-1200 station does not correspond to the preset configuration: Startup of the CPU only if compatible Startup of the CPU even if there are differences With the "Startup CPU only if compatible" setting, a module in a configured slot must be compatible with the configured module. Compatible means that the module that is present matches the number of inputs and outputs and must match with respect to its electrical and functional properties. A compatible module must be able to completely replace a configured module; it may be more capable, but not less capable. Example for the "Startup CPU only if compatible" setting: A CPU can be a compatible replacement for a CPU of the same type with a lower firmware version. An input module with 32 digital inputs can be a compatible replacement for a signal module with 16 digital inputs. The CPU starts up when the configured module or a compatible module is plugged in. The CPU does not start up if an incompatible module is inserted. Example of the "Startup CPU even if mismatch" setting: Instead of a configured digital input module, an analog output module is plugged in or no module is present in this slot. Although the con figured inputs cannot be accessed, the CPU starts up. Note in this case that the user program cannot function correctly and take the appropriate measures. Configuration time for central and distributed I/O Specifies a maximum period (standard: 60000 ms) in which the central I/O and distributed I/O must start up. (The CMs and CPs are supplied with voltage and communication parameters during the CPU startup. This configuration time provides a time period during which I/O modules connected to the CM or CP must start up.) The CPU switches to RUN as soon as the central I/O and the distributed I/O has started and is ready for operation, regardless of the "Parameter assignment time for central and distributed I/ O" parameter. If the central I/O and distributed I/O has not started up during this period, the CPU switches to RUN without the cen tral I/O and distributed I/O. Cycle Maximum cycle time and mini mum cycle time. Specification of a maximum cycle time or a fixed minimum cycle time. If the cycle time exceeds the maximum cycle time, the CPU goes to STOP mode. See: Cycle time and maximum cycle time (Page 966) Communication load Maximum allocation of the cycle Controls the duration of communication processes that always for communication (as a percent also extend the cycle time, within certain limits. Examples of com age) munication processes include: Transferring data to another CPU or loading blocks (initiated via the PC). See: Cycle loading by communications (Page 967) WinCC Advanced V14 System Manual, 10/2016 963 Editing devices and networks 10.1 Configuring devices and networks Group Properties Description System and clock memory System memory bits and clock memory bits You use system memory bits for the following scans: Is the current cycle the first since cycling power? Have there been any diagnostics state changes compared with the previous cycle? Scan for "1" (high) Scan for "0" (low) Clock memory bits change their values at specified periodic in tervals. See: Enabling system memory (Page 984) See: Using clock memory (Page 984) Web server - Enables and configures the Web server function. See: Enabling the Web server Automatic update Sends the requested web page with current CPU data periodi cally to the web browser. Enter the period duration under "Update interval". Automatic update can only be activated if the web server is enabled. See: AUTOHOTSPOT User Management You enter the user names with their access rights here. Everyone: pre-defined user whose access rights you assign using a drop-down list. The "Everyone" user is a user who does not log on with a password for Web access. User#: Editable name for a user for whom you assign access rights and a password. As soon as you click in a line below "Everyone", a preset name is displayed that you can change. Each user can be assigned different access rights via a dropdown list. There are access rights that are connected to each other. Exam ple: When you activate the access right "Perform firmware up date", the access rights "Change operating mode" and "... query diagnostics" are activated automatically. These two rights are re quired to perform a firmware update from the Web server. See: User list Watch tables Allows you to create watch tables and defines access to those tables. User-defined web pages Allows access to freely-designed web pages of the CPU via a web browser. Entry page Allows you to select the entry page. Overview of interfaces Table of all modules with their Ethernet interfaces providing Web server functionality for this device. See: AUTOHOTSPOT Here, you can permit or deny access to the Web server over the interface for each Ethernet interface of the device (CPU, CP or CM). 964 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Group Properties Description User interface lan guages - If you want to use translations of project texts for the Web server, you need to assign the project language to the languages for the Web server (number depends on the CPU). This specifies the project languages that are displayed when the Web server is ac cessed. Example: You assign the project language "German (Luxem bourg)" to the Web server language "German" by selecting it from the drop-down list. Enable the project language under "Languag es & resources > Project languages" in the project tree to make it available for selection in the drop-down list. Time Local time and daylight saving time Setting of the time zone in which the CPU is operated and setting of the daylight-saving/standard time changeover. Protection & Security Protection and password for read/ Setting the read/write protection and the password for access to write access the CPU. See: Setting options for the protection level (FW V1 to V3) (Page 985) See: Setting options for the protection (FW as of V4) (Page 986) Configuration control Connection mechanisms Enabling access over PUT/GET communication. Security event Enabling group alarms for security events and specifying a mon itoring time (interval). External load memory Disables copying from the internal to the external load memory. - Enables configuration control. Allows a configuration change in the user program within certain limits. See: Configuration control Connection resources - Provides an overview of the assigned reserved and dynamic re sources for the CPU connections. The resources currently used are also displayed in the online view. See: Use of connection resources Address overview - Tabular representation of all addresses used by the CPU for in tegrated inputs/outputs as well as for the inserted modules. Ad dresses that are not used by any module are represented as gaps. The view can be filtered according to Input addresses Output addresses Address gaps See also Assigning parameters to hardware interrupt OBs (Page 1017) Access to the I/O addresses (Page 951) Special features during startup (Page 942) WinCC Advanced V14 System Manual, 10/2016 965 Editing devices and networks 10.1 Configuring devices and networks Cycle time and maximum cycle time (S7-1200) Function The cycle time is the time that the operating system requires to execute the cyclic program and all the program sections that interrupt this cycle. The program execution can be interrupted by: Time errors and 2xMaxCycleTime errors System activities, e.g., process image updating The cycle time (Tcyc) is therefore not the same for every cycle. The following schematic shows an example of different cycle times (TZ1 TZ2) for S7-1200 CPUs: 'LIIHUHQWF\FOHWLPHVIRU6&38V &XUUHQWF\FOH 1H[WF\FOH 7] 1H[WF\FOH 7] 2% 8SGDWLQJWKH 8SGDWLQJWKH3,, 2% 3,2 2% 2% 8SGDWLQJWKH 3,2 8SGDWLQJWKH 3,, 2% 2% 8SGDWLQJWKH 3,2 3,,3URFHVVLPDJHLQSXW 3,23URFHVVLPDJHRXWSXW In the current cycle, the cyclic OB used here (e.g. OB 1) will be interrupted by a time error (e.g. OB 80). Following the cyclic OB, the next cycle OB 201 is processed. Maximum cycle time The operating system monitors the execution time of the cyclic program for a configurable upper limit known as the maximum cycle time. You can restart this time monitoring at any point in your program by calling the RE_TRIGR instruction. If the cyclic program exceeds the maximum cycle time, the operating system will attempt to start the time error OB (OB 80). If the OB is not available, the S7-1200 CPU reacts as follows: CPUs with firmware version V1.x to V3.x: The CPU remains in RUN mode. CPUs with firmware version as of V4.x: The CPU changes to STOP mode In addition to monitoring the runtime for overshooting of the maximum cycle time, adherence to a minimum cycle time is guaranteed. To do this, the operating system delays the start of 966 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks the new cycle until the minimum cycle time has been reached. During this waiting time, new events and operating system services are processed. If the maximum cycle time is exceeded a second time, for example while the time error OB is being processed (2xMaxCycleTime error), the CPU changes to STOP mode. See also Time error OB (Page 1008) Cycle loading by communications (S7-1200) Function The cycle time of the CPU can be extended due to communications processes. These communications processes include for example: Transferring data to another CPU Loading of blocks initiated by a programming device You can control the duration of these communications processes to some extent using the CPU parameter "Cycle load due to communication". In addition to communications processes, test functions also extend the cycle time. The "Cycle load due to communication" parameter can be used to influence the duration. How the parameter works You use the "Cycle load due to communication" parameter to enter the percentage of the overall CPU processing capacity that can be available for communications processes. This CPU processing capacity is now available at all times for communication. This processing capacity can be used for program execution when not required for communication. Effect on the actual cycle time The "Cycle load due to communication" parameter can be used to extend the cycle time of the cyclic organization block (e.g., OB 1) by a factor calculated according to the following formula: &\FOHORDGGXHWRFRPPXQLFDWLRQ The formula does not take into account the effect of asynchronous events such as hardware interrupts or cyclic interrupts on the cycle time. If the cycle time is extended due to communication processes, more asynchronous events may occur within the cycle time of the cyclic organization block. This extends the cycle still further. The extension depends on how many events occur and how long it takes to process them. WinCC Advanced V14 System Manual, 10/2016 967 Editing devices and networks 10.1 Configuring devices and networks Example 1 - no additional asynchronous events: If the "Cycle load due to communication" parameter is set to 50%, this can cause the cycle time of the cyclic organization block to increase by up to a factor of 2. Example 2 - additional asynchronous events: For a pure cycle time of 500 ms, a communication load of 50% can result in an actual cycle time of up to 1000 ms, provided that the CPU always has enough communications jobs to process. If, parallel to this, a cyclic interrupt with 20 ms processing time is executed every 100 ms, this cyclic interrupt would extend the cycle by a total of 5*20 ms = 100 ms without communication load. That is, the actual cycle time would be 600 ms. Because a cyclic interrupt also interrupts communications, it affects the cycle time by adding 10 * 20 ms at 50 % communication load. That is, in this case, the actual cycle time amounts to 1200 ms instead of 1000 ms. Note Observe the following: Check the effects of changing the value of the "Cycle load due to communication" parameter while the system is running. You must always consider the communication load when setting the minimum cycle time as time errors will otherwise occur. Recommendations Increase this value only if the CPU is used primarily for communication purposes and the user program is not time critical. In all other situations you should only reduce this value. Time-of-day functions (S7-1200) Basic principles of time of day functions (S7-1200) All S7-1200 CPUs are equipped with an internal clock. The backup supports the display of the correct time for up to 10 hours if the power supply is interrupted. Time-of-day format The clock always shows the time of day with a resolution of 1 millisecond and the date including the day of the week. The time adjustment for daylight-saving time is also taken into account. 968 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Setting and reading the time of day (S7-1200) Setting and reading the time with instructions You can set, start and read the time-of-day and date on the CPU clock with the following instructions in the user program: Set the time-of-day: "WR_SYS_T" Read time of day "RD_SYS_T" Read local time "RD_LOC_T" Set time zone "SET_TIMEZONE" Manual setting You can also read and set the time-of-day manually in the online and diagnostics view under "Functions > Set time-of-day". See also WR_SYS_T: Set time-of-day (Page 3311) RD_SYS_T: Read time-of-day (Page 3313) RD_LOC_T: Read local time (Page 3315) SET_TIMEZONE: Set time zone (Page 3320) Assigning the clock parameters (S7-1200) Clock parameters The clock parameters allow you to make the following settings: Enable time synchronization via NTP server Select this check box if you want the internal clock to be synchronized using the NTP synchronization mode. Network time server The IP addresses of up to four NTP servers need to be configured. Update interval The update interval defines the interval between time queries. WinCC Advanced V14 System Manual, 10/2016 969 Editing devices and networks 10.1 Configuring devices and networks High-speed counters (S7-1200) General information on high-speed counters (S7-1200) Introduction High-speed counters are typically used to drive counting mechanisms in which a shaft turning at a constant speed is equipped with an incremental step encoder. The incremental step encoder ensures a certain number of count values per rotation and a reset pulse once per rotation. The clock memory bit(s) and the reset pulse of the incremental step encoder supply the inputs for the high-speed counter. The various S7-1200 CPUs have differing numbers of high-speed counters available: S7-1200 CPU Number of HSCs HSC designation CPU 1211C 3 (with digital signal board 4)* HSC1...3 (and HSC5)* CPU 1212C 4 (with digital signal board 5)* HSC1...4 (and HSC5)* CPU 1214C 6 HSC1...6 CPU 1215C CPU 1217C * with DI2/DO2 signal board How it works The first of several default values is loaded on the high-speed counter. The required outputs are enabled for the time during which the current value of the counter is lower than the default value. The counter is set up so that an interrupt occurs if the current value of the counter is equal to the default value or when the counter is reset. If the current value is equal to the default value and an interrupt event results, a new default value is loaded and the next signal state is set for the outputs. If an interrupt event occurs because the counter is reset, the first default value and the first signal states of the outputs are set and the cycle repeated. Since the interrupts occur much less frequently than the high-speed counter counts, a precise control of the fast operations can be implemented with only a slight influence on the overall cycle of the automation system. Since you can assign specific interrupt programs to interrupts, each new default can be loaded in a separate interrupt program allowing simple control of the state. Note You can also process all interrupt events in a single interrupt program. 970 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Count algorithms of the various counters All counters work in the same way, however some high-speed counters do not support all count algorithms. There are four basic count algorithms: Single-phase counter with internal direction control Single-phase counter with external direction control 2-phase counter with 2 clock inputs A/B counter Each high-speed counter can be used with or without a reset input. If the reset input is activated, this resets the current value. The current value remains reset until the reset input is deactivated. See also Configuring high-speed counters (Page 973) Interdependency of the counter mode and counter inputs (Page 971) Interdependency of the counter mode and counter inputs (S7-1200) General information on counter mode and counter inputs You can assign not only the counter modes and counter inputs to the high-speed counters but also functions such as clock pulse generator, direction control, and reset. The following rules apply: An input cannot be used for two different functions. If an input is not required by the current counter mode of the defined high-speed counter, it can be used other purposes. If, for example, you set HSC1 to counter mode 1, in which inputs I0.0 and I0.3 are required, you can use I0.1 for edge interrupts or for HSC2. If, for example, you set HSC1 and HSC5, inputs I0.0 (HSC1) and I1.0 (HSC5) are always used with the counting and frequency counter modes. As a result, these two inputs are not available for any other functions when counters are operated. You have additional inputs available if you use a digital signal board. WinCC Advanced V14 System Manual, 10/2016 971 Editing devices and networks 10.1 Configuring devices and networks Overview of the interdependency of counter mode and counter inputs Counter mode Description Inputs HSC1 I0.0 (CPU) I0.1 (CPU) I0.3 (CPU) I4.0 (signal board) I4.1 (signal board) I4.3 (signal board) HSC2 I0.2 (CPU) I0.3 (CPU) I0.1 (CPU) I4.2 (signal board) I4.3 (signal board) I4.1 (signal board) I0.4 (CPU) I0.5 (CPU) I0.7 (CPU) HSC4 (CPU 1212/14/15/17C on I0.6 (CPU) ly) I0.7 (CPU) I0.5 (CPU) HSC5 (CPU 1214/15/17C on ly)** I1.0 (CPU) I1.1 (CPU) I1.2 (CPU) I4.0 (signal board) I4.1 (signal board) I4.3 (signal board) HSC6 (CPU 1214/15/17C on ly)** I1.3 (CPU) I1.4 (CPU) I1.5 (CPU) Clock pulse genera tor - - HSC3* Counting / frequen Single-phase counter with inter cy nal direction control Counting Resetting Counting / frequen Single-phase counter with exter Clock pulse genera cy nal direction control tor Direction Counting Resetting Counting / frequen 2-phase counter with 2 clock in cy puts Clock pulse genera tor forwards Clock pulse genera tor backwards Clock pulse genera tor A Clock pulse genera tor B Counting Resetting Counting / frequen A/B counter cy Counting Motion axis - Resetting Pulse generators PWM/PTO HSC1 and HSC2 support the motion axis count mode for the PTO1 and PTO2 pulse generators: For PTO1, HSC1 evaluates the Q0.0 outputs for the number of pulses. For PTO2, HSC2 evaluates the Q0.2 outputs for the number of pulses. Q0.1 is used as the output for the motion direction. * HSC3 can only be used for CPU 1211 without a reset input ** HSC5 can be also be used for CPU 1211/12 if a DI2/DO2 signal board is used See also General information on high-speed counters (Page 970) Configuring high-speed counters (Page 973) 972 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring high-speed counters (S7-1200) Requirement An S7-1200 CPU has been inserted in the hardware configuration. Procedure To configure a high-speed counter, follow these steps: 1. Select an S7-1200 CPU in the device or network view. 2. Click on the required high-speed counter under "Properties > High-speed counter (HSC)" in the Inspector window: - CPU 1211C: HSC1 to HSC3 (also HSC5 with a DI2/DO2 signal board) - CPU 1212C: HSC1 to HSC4 (also HSC5 with a DI2/DO2 signal board) - CPU 1214C / 1215C / 1217C: HSC1 to HSC6 3. Enable the high-speed counter in the "General" parameter group using the relevant check box. Note If you use a CPU 1211C or CPU 1212C with a DI2/DO2 signal board, you can also enable the high-speed counter HSC5. Note When you activate the pulse generators and operate them as PTO (to control stepper motors), high-speed counters are required. With firmware versions as of V3.0, the CPU uses internal (additional) HSCs. With firmware versions lower than V3.0, the CPU uses HSC1 for PTO1 and HSC2 for PTO2. The counters are then no longer available for other counting tasks. In "Project information" you can enter a name and a comment for the counter. WinCC Advanced V14 System Manual, 10/2016 973 Editing devices and networks 10.1 Configuring devices and networks 4. Define the functionality of the counter in the "Function" parameter group: - Count mode: Select one of the following functions of the counter from the drop-down list: - Counting (decides the number of pulses) - Period (measurement of the period of pulses) - Frequency (measurement of the frequency of pulses) - Motion Control (use counter for motion control). - Operating phase: Select from the drop-down list how the counter will be operated: - Single phase (one clock input for counting, up and down can be set via the direction input) - Two-phase (one clock input for counting up, one clock input for counting down) - A/B counter (two clock inputs with phase-shifted pulses, single count value) -A/B counter fourfold (two clock inputs with phase-shifted pulses, quadruple count value) - Input source (only in firmware versions lower than 4.0): As the input source for the count pulses, select a CPU input or an input of a signal board. - Count direction is specified by: If the operating phase "Single phase" is set, you can choose whether the user program decides the count direction (instruction CTRL_HSC, parameters DIR and NEW_DIR) or a digital input. - Initial count direction: If the user program is set as the direction control for the count direction, you can select the count direction at the start of counting. - Frequency meter period: If frequency or period is set as the count mode, you can select the duration of the frequency measurement periods in the drop-down list. 5. Specify the initial values and reset condition of the counter in the "Reset to initial values" parameter group: - Initial counter value: Enter a start value for the counter. - Initial reference value: Enter a reference value. The current count is compared with this reference value: When the current counter value is equal to the reference value, an event is triggered (if enabled in "Event configuration"). Here, you can also set whether the counter uses a reset input and the counter resets the current count at a high or low level at the reset input. 6. The following events can be enabled in the "Event configuration" parameter group: - Counter value equal to reference value - External reset - Direction change You can assign a hardware interrupt OB to each of these events under "Hardware interrupt". Alternatively, assign a hardware interrupt OB to every event in the user program ("ATTACH" instruction). Result: When an event is triggered, the CPU executes the assigned hardware interrupt OB (according to the configured priority). The names of the events and the hardware interrupts can be changed. 974 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 7. In the parameter group "Hardware inputs", hardware inputs are already entered. You can accept these. Alternatively, click the "..." button beside "Clock generator up", "Clock generator down" or "Reset input" and select an input. Note: With earlier firmware versions (lower than V4.0), the hardware inputs were preset and could not be changed. 8. In the "I/O addresses" area, the following parameters can be set: - Start address: The CPU writes the counter status to the address area with the set start address (data type DInt). - Organization block: Assignment of this address area to an organization block. - Process image: Assignment of the address area to a process image partition (PIP). The default setting is automatic update (PIP0). Result You have now adapted the parameters of the high-speed counter to the requirements of your project. See also General information on high-speed counters (Page 970) Interdependency of the counter mode and counter inputs (Page 971) Point-to-point communication (S7-1200) Overview of point-to-point communication (S7-1200) PtP communication is communication via a serial interface that uses standardized UART data transmission (Universal Asynchronous Receiver/Transmitter). The S7-1200 uses communications modules with an RS-232 or RS-485 interface to establish PtP communication. Functions of point-to-point communication Point-to-point communication (PtP) allows numerous applications: Direct transmission of information to an external device, for example a printer or a barcode reader Reception of information from external devices such as barcode readers, RFID readers, cameras and third-party optical systems as well as many other devices. Exchange of information with third-party devices, for example GPS devices, radio modems and many others The Freeport protocol The S7-1200 supports the Freeport protocol for character-based serial communication. Using Freeport communication, the data transmission protocol can be configured entirely by the user program. WinCC Advanced V14 System Manual, 10/2016 975 Editing devices and networks 10.1 Configuring devices and networks Siemens provides libraries with Freeport communication functions that you can use in your user program: USS Drive protocol Modbus RTU Master protocol Modbus RTU Slave protocol See also Configuring a communications port (Page 976) Using RS-232 and RS-485 communications modules (S7-1200) Communications modules with RS-232 and RS-485 interfaces In an S7-1200 CPU, you can use two different communications modules: RS-232 communications module RS-485 communications module The communications modules can be connected to the S7-1200 CPU via the I/O channel on the left. You can plug in up to three different modules. Properties of the communications modules The communications modules have the following features: Support of the Freeport protocol Configuration by the user program with the aid of expanded instructions and library functions Configuring a communications port (S7-1200) Configuring a communications port After you have inserted a communications module with an RS-232 or RS-485 interface, you then set the interface parameters. You set the parameters for the interface either in the properties of the interface or you control the interface parameters from the user program using the PORT_CFG instruction. The following description relates to the graphic configuration. Note If you use the user program to change the port setting, the settings of the graphic configuration are overwritten. You should also keep in mind that the settings made by the user program are not retained if there is a power down. 976 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement A communications module is already plugged in. You are in the device view. Procedure To configure the communications port, proceed as follows: 1. Select the interface in the graphic representation in the device view. The properties of the interface are displayed in the Inspector window. 2. Select the "Port configuration" group in the area navigation of the Inspector window. The settings of the port are displayed. 3. From the "Transmission speed" drop-down list, select the speed for the data transmission. With user-programmed communication, remember the influence of the transmission speed on the changeover time. 4. From the "Parity" drop-down list, select the type of detection of bad information words. 5. Using the "Data bits" drop-down list, decide whether a character consists of eight or seven bits. 6. From the "Stop bit" drop-down list, select how many bits will identify the end of a transmitted word. 7. From the "Flow control" drop-down list, select the method for ensuring a trouble-free data stream between sender and receiver. This parameter can only be set for the RS-232 interface. - Enter a HEX value in the "XON character" box that will cause the transmission of the message to be continued when it is detected. This parameter can only be set for software-controlled data flow control. - Enter a HEX value in the "XOFF character" box that will cause the transmission of the message to be suspended for the set wait time. This parameter can only be set for software-controlled data flow control. 8. In the "Wait time" box, enter a wait time in ms that must be kept to after the end of the message before the next transmission can start. Note You can configure the interface in the network view as well. To do so, you must first select the communication module in the tabular network view and then select the interface in the Inspector window. Then you can continue as described above. See also Setting data flow control (Page 978) WinCC Advanced V14 System Manual, 10/2016 977 Editing devices and networks 10.1 Configuring devices and networks Setting data flow control (S7-1200) Data flow control Data flow control is a method that ensures a balanced send and receive behavior. In the ideal situation, the intelligent control does not allow data to be lost. It ensures that a device does not send more information than the receiving partner can process. There are two methods of data flow control: Hardware-controlled data flow control Software-controlled data flow control With both methods, the DSR signals of the communications partners must be active at the beginning of transmission. If the DSR signals are inactive, the transmission is not started. The RS-232 communications module can handle both methods. The RS-485 communications module does not support data flow control. Hardware-controlled data flow control Hardware-controlled data flow control uses the request to send (RTS) and clear to send (CTS) signals. With the RS-232 communications module, the RTS signal is transmitted via the output by pin 7. The CTS signal is received via pin 8. If hardware-controlled data flow control is enabled, the RTS signal is then always set to activated when data is sent. At the same time, the CTS signal is monitored to check whether the receiving device can accept data. If the CTS signal is active, the module can transfer data until the CTS signal becomes inactive. If the CTS signal is inactive, the data transfer must be suspended for the set wait time. If the CTS signal is still inactive after the set wait time, the data transfer is aborted and an error is signaled back to the user program. Data flow control using hardware handshaking If data flow control is controlled by hardware handshaking, the sending device sets the RTS signal to active as default. A device such as a modem can then transfer data at any time. It does not wait for the CTS signal of the receiver. The sending device itself monitors it own transmission by sending only a limited number of frames (characters), for example to prevent overflow of the receive buffer. If there is nevertheless an overflow, the transferring device must hold back the message and signal an error back to the user program. Software-controlled data flow control Software-controlled data flow control uses certain characters within the messages and these control the transfer. These characters are ASCII characters selected for XON and XOFF. XOFF indicates when a transmission must be suspended. XON indicates when a transmission can be continued. If the sending device receives the XOFF character, it must suspend sending for the selected wait time. If the XON character is sent after the selected wait time, the transfer is continued. If no XON character is received after the wait time, an error is signaled back to the user program. 978 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Software data flow control requires full duplex communication because the receiving partner needs to send the XON character during the ongoing transfer. See also Configuring a communications port (Page 976) Configuration of message transfer (S7-1200) User-programmed communication You can control the data traffic between a communications module and a device connected externally via the serial interface using your own mechanisms. If you want to do this, you will need to define a communications protocol yourself. In freely programmable communication, ASCII and binary protocols are supported for message transfer. Within the communications protocol, you will need to specify the criteria by which the start and end of a transferred message can be recognized in the data stream. User-programmed communication can only be activated in RUN mode. If there is a change to STOP mode, the user-programmed communication is stopped. Specifying the communications protocol You can specify the communications protocol as follows: With the user program - The behavior when sending data is controlled by the SEND_CFG instruction. - The behavior when receiving data is controlled by the RCV_CFG instruction. Using parameter settings set graphically in the Inspector window Note If you change the communications protocol from the user program, the settings of the graphic configuration are overwritten. You should keep in mind that the settings made by the user program are not retained if there is a power down. See also User-programmed communication with RS-232 devices (Page 980) Making the settings for sending (Page 981) Specifying the start of the message (Page 982) Specifying the end of the message (Page 983) WinCC Advanced V14 System Manual, 10/2016 979 Editing devices and networks 10.1 Configuring devices and networks User-programmed communication with RS-232 devices (S7-1200) RS-232/PIP multi-master cable and user-programmed communication with RS-232 devices Using the RS-232/PIP multi-master cable and user-programmed communication, you can connect a wide variety of RS-232-compliant devices to the communications modules of the S7-1200. The cable must, however, be set to the "PIP/user-programmed communication" mode. Settings on the cable The switches on the cable must be set as follows: Switch 5 must be set to 0 Switch 6 sets either the local mode (DCE) or the remote mode (DTE): - Switch set to 0 for the local mode - Switch set to 1 for the remote mode Changing over between send and receive mode The RS-232/PIP multi-master cable is in send mode when data is sent from the RS-232 interface to the RS-485 interface. The cable is in receive mode when it is idle or when data is sent from the RS-485 interface to the RS-232 interface. The cable changes from receive to send mode immediately when it detects characters on the RS-232 send line. Supported transmission speeds The RS-232/PIP multi-master cable supports transmission rates between 1200 baud and 115.2 kbaud. The RS-232/PIP multi-master cable can be set to the required transmission rate using the DIP switch on the PC/PIP cable. The following table shows the switch settings for the various transmission speeds: Transmission speed Switchover time Settings (1 = up) 115200 bps 0.15 ms 110 57600 bps 0.3 ms 111 38400 bps 0.5 ms 000 19200 bps 1.0 ms 001 9600 bps 2.0 ms 010 4800 bps 4.0 ms 011 2400 bps 7.0 ms 100 1200 bps 14.0 ms 101 The cable returns to receive mode when the RS-232 send line is idle for a certain time that is defined as the changeover time of the cable. The set transmission speed influences the changeover time as shown in the table. 980 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Influence of the changeover time When working with an RS-232/PIP multi-master cable in a system in which user-programmed communication is used, the program must take into account the changeover time for the following reasons: The communications module reacts to messages sent by the RS-232 device. Once the communications module has received a request from the RS-232 device, it must delay the reaction message for a period that is equal to or longer than the changeover time of the cable. The RS-232 device reacts to messages sent by the communications module. Once the communications module has received a reaction message from the RS-232 device, it must delay the next request message for a period that is equal to or longer than the changeover time of the cable. In both situations, the RS-232-PIP multi-master cable has enough time to change from send to receive mode so that the data can be sent from the RS-485 interface to the RS-232 interface. See also Configuration of message transfer (Page 979) Making the settings for sending (Page 981) Specifying the start of the message (Page 982) Specifying the end of the message (Page 983) Making the settings for sending (S7-1200) Sending messages You can program pauses between individual messages. The following table shows which pauses can be set: Parameter Definition RTS ON delay You can set the time that must elapse after the send request RTS (request to send) before the actual data transfer starts. RTS OFF delay You can set the time that must elapse after the complete transfer be fore RTS signal is deactivated. Send pause at the start of the message You can specify that a pause is sent at the start of every message transfer when the RTS ON delay has elapsed. The pause is specified in bit times. Send Idle Line after a pause You can make a setting so that following a selected pause at the start of the message, the "Idle Line" signal is output to signal that the line is not in use. To enable the parameter, "Send pause at message start" must be set. The duration of the "Idle Line" signal is specified in bit times. WinCC Advanced V14 System Manual, 10/2016 981 Editing devices and networks 10.1 Configuring devices and networks See also Specifying the start of the message (Page 982) Specifying the end of the message (Page 983) User-programmed communication with RS-232 devices (Page 980) Specifying the start of the message (S7-1200) Recognizing the start of the message To signal to the receiver when the transfer of a message is completed and when the next message transfer starts, criteria must be specified in the transmission protocol to identify the end and start of a message. If a criterion is met that indicates the start of a message, the receiver starts searching the data stream for criteria that mean the end of the message. There are two different methods for identifying the start of a message: Starting with any character: Any character can defined the start of a message. This is the default method. Starting with a specific condition: The start of a message is identified based on selected conditions. Conditions for detecting the start of a message The following table shows the various options for defining the start of a message: Parameter Definition Recognize start of message by line break The receiver recognizes a line break when the received data stream is interrupted for longer than one character. If this is the case, the start of the message is identified by the line break. Recognize start of message by idle line The start of a message is recognized when the send transmission line is in the idle state for a certain time (specified in bit times) followed by an event such as reception of a character. Recognize start of message with individual characters The start of a message is recognized when a certain character occurs. You can enter the character as a HEX value. Recognize start of message by a character string The start of a message is detected when one of the specified character sequences arrives in the data stream. You can specify up to four char acter sequences each with up to five characters. The individual conditions can be logically linked in any way. See also Making the settings for sending (Page 981) User-programmed communication with RS-232 devices (Page 980) 982 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Specifying the end of the message (S7-1200) Recognizing the end of the message To signal to the receiver when the transfer of a message is completed and when the next message transfer starts, criteria must be specified in the transmission protocol to identify the end and start of a message. In total, there are six different methods of recognizing the end of a message and these can all be logically linked in any way. The following table shows the various possible setting options: Parameter Definition Recognize end of message by message timeout The end of a message is recognized automatically when a selected maximum duration for a message is exceeded. Values from 0 to 65535 ms can be set. Recognize end of message by reply timeout The end of a message is recognized when there is no reply within a set time after transferring data. Values from 0 to 65535 ms can be set. Recognize end of message by timeout between characters The end of a message is detected when the time between two char acters specified in bit times is exceeded. Values from 0 to 2500 bit times can be set. The S7-1200 CPU only accepts a maximum time of eight seconds even if the value that is set results in a duration of more than eight seconds. Recognize end of message by maximum length The end of a message is recognized when the maximum length of a message is exceeded. Values from 1 to 1023 characters can be set. Read message length from message The message itself contains information about the length of the mes sage. The end of a message is reached when the value taken from the message is reached. Which characters are used for the evaluation of the message length is specified with the following parameters: Offset of the length field in the message The value decides the position of the character in the message that will be used to indicate the message length. Values from 1 to 1022 characters can be set. Size of the length field This value specifies how many characters starting at the first evaluation position will be used to indicate the message length. Values of 0, 1, 2 and 4 characters can be set. The data following the length field (does not belong to the message length) The value specifies the number of bytes after the length field that must be ignored in the evaluation of the message length. Values from 0 to 255 characters can be set. Recognize message end with a character sequence WinCC Advanced V14 System Manual, 10/2016 The end of a message is detected when the specified character se quence arrives in the data stream. You can define up to five characters in the character string that are to be checked. If the specified charac ters appear at the correct location in the message, the message end is recognized. To recognize the message end when character 1 and character 3 have a certain value, for example, you have to activate the check box for character 1 and character 3 and enter a character value. 983 Editing devices and networks 10.1 Configuring devices and networks See also Making the settings for sending (Page 981) User-programmed communication with RS-232 devices (Page 980) Enabling system memory (S7-1200) System memory A system memory is a bit memory with defined values. You decide which memory byte of the CPU will become the system memory byte when assigning the system memory parameters. Benefits You can use system memory in the user program, for example to run program segments in only the first program cycle after start-up. Two system memory bits are constant 1 or constant 0. Bits of the system memory bytes The following table shows the meaning of the system memory: Bit of the system memory bytes 7 6 5 4 3 2 1 0 Meaning Reserved (=0) Reserved (=0) Reserved (=0) Reserved (=0) =0 =1 =1 with change to the diag nosis sta tus =1 in first pro gram cycle after startup, otherwise 0 Note The selected memory byte cannot be used for intermediate storage of data. Using clock memory (S7-1200) Clock memory A clock memory is a bit memory that changes its binary status periodically in the pulse-nopulse ratio of 1:1. You decide which memory byte of the CPU will become the clock memory byte when assigning the clock memory parameters. 984 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Benefits You can use clock memory, for example, to activate flashing indicator lamps or to initiate periodically recurring operations such as recording of actual values. Available frequencies Each bit of the clock bit memory byte is assigned a frequency. The following table shows the assignment: Bit of the clock memory byte 7 6 5 4 3 2 1 0 Period (s) 2.0 1.6 1.0 0.8 0.5 0.4 0.2 0.1 Frequency (Hz) 0.5 0.625 1 1.25 2 2.5 5 10 Note Clock memory runs asynchronously to the CPU cycle, i.e. the status of the clock memory can change several times during a long cycle. The selected memory byte cannot be used for intermediate storage of data. Protection (S7-1200) Setting options for the protection level (FW V1 to V3) (S7-1200) Protection level The following section describes how to use the various protection levels of the S7-1200 CPUs V1 to V3. WinCC Advanced V14 System Manual, 10/2016 985 Editing devices and networks 10.1 Configuring devices and networks Effects of the protection level setting You can choose between the following protection levels: No protection: This corresponds to the default behavior. You cannot enter a password. Read and write access is always permitted. Write protection: Only read-only access is possible. You cannot change any data on the CPU and cannot load any blocks or a configuration. HMI access and communication between CPUs are excluded from the write protection. Assignment of a password is required to select this protection level. Write/read protection: No write or read access is possible in the "Accessible devices" area or in the project for devices that are switched online. Only the CPU type and the identification data can be displayed in the project tree under "Accessible devices". Display of online information or blocks under "Accessible devices", or in the project for devices interconnected online, is possible. HMI access and communication between CPUs are excluded from the write protection. Assignment of a password is required to select this protection level. Behavior of a password-protected CPU during operation The CPU protection takes effect after the settings are downloaded to the CPU. Validity is checked before the online function is executed. If password protection is in place, you are prompted to enter a password. Example: The module was assigned write protection and you want to execute the "Modify tags" function. This requires write access; therefore, the assigned password must be entered to execute the function. The functions protected by a password can only be executed by one programming device/PC at any one time. Another programming device/PC cannot log on with a password. Access authorization to the protected data is in effect for the duration of the online connection or until the access authorization is manually rescinded with "Online > Delete access rights". Access authorization will also expire when the project is closed. Note You cannot restrict functions for process control, monitoring, and communications. However, some functions are protected due to their use as online data. RUN/STOP in the "Online tools" task card or "Set time of day" in the online and diagnostics view are therefore write-protected. Setting options for the protection (FW as of V4) (S7-1200) Protection level The following section describes how to use the various access levels of the S7-1200 CPUs as of V4. 986 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks S7-1200 CPUs provide various access levels to limit the access to specific functions. The parameters for the access levels are assigned in a table. The green checkmarks in the columns to the right of the respective access level specify which operations are possible without knowing the password of this access level. If you want to use the functions of check boxes that are not selected, a password has to be entered. NOTICE Configuring an access level does not replace know-how protection Configuring access levels prevents unauthorized changes to the CPU by restricting download privileges. However, blocks on the memory card are not write- or read-protected. Use knowhow protection to protect the code of blocks on the memory card. Default characteristics The default access level is "Full access (no protection)". Every user can read and change the hardware configuration and the blocks. A password is not set and is also not required for online access. The access levels in detail With an S7-1200 CPU, you can configure the following access levels: Full access (no protection): The hardware configuration and the blocks can be read and changed by all users. Read access: With this access level, only read access to the hardware configuration and the blocks is possible without entering a password - meaning that you can load the hardware configuration and blocks into the programming device. In addition, HMI access and access to diagnostics data is possible. You cannot load blocks or a hardware configuration into the CPU without entering the password. Moreover, writing test functions and firmware updates are not possible without a password. HMI access: With this access level, only HMI access and access to diagnostics data is possible without entering the password. Without entering the password, you can neither load blocks and hardware configuration into the CPU, nor load blocks and hardware configuration from the CPU into the programming device. In addition, the following is not possible without a password: Writing test functions, changing the operating state (RUN/STOP) and firmware updates. No access (complete protection): When the CPU is completely protected, no read or write access to the hardware configuration and the blocks is possible. HMI access is also not possible. The server function for PUT/GET communication is disabled in this access level (cannot be changed). Authorization with the password again provides you full access to the CPU. Behavior of a password-protected module during operation The CPU protection takes effect after the settings are downloaded to the CPU. WinCC Advanced V14 System Manual, 10/2016 987 Editing devices and networks 10.1 Configuring devices and networks Validity is checked before the online function is executed. If password protection is in place, you are prompted to enter a password. Example: The module was configured with read access and you want to execute the "Modify tags" function. This requires write access; therefore, the assigned password must be entered to execute the function. The functions protected by a password can only be executed by one programming device/PC at any one time. Another programming device/PC cannot log on. Access authorization to the protected data is in effect for the duration of the online connection or until the access authorization is manually rescinded with "Online > Delete access rights". Each access level allows unrestricted access to certain functions without entering a password, for example, identification using the "Accessible devices" function. Configuring access levels (S7-1200) The following section describes how to configure an access level and enter passwords for an S7-1200 CPU as of V4. For an S7-1200 CPU, you can enter multiple passwords and thereby set up different access rights for individual user groups. The passwords are entered in a table in such a way that exactly one access level is assigned to each password. The effect of the password is given in the "Access level" column. Example You select the "No access (complete protection)" access level for a standard CPU (in other words, not an F-CPU) and enter a separate password for each of the access levels that lie above it in the table. For users who do not know any of the passwords, the CPU is completely protected. Not even HMI access is possible. For users who know one of the set passwords, the effect depends on the table row in which the password occurs: The password in row 1 (Full access (no protection)) allows access as if the CPU were completely unprotected. Users who know this password have unrestricted access to the CPU. The password in row 2 (read access) allows access as if the CPU were write-protected. Users who know this password have read-only access to the CPU. The password in row 3 (HMI access) allows access as if the CPU were write-protected and read-protected so that only HMI access is possible for users who know this password. 988 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure To configure the access levels of an S7-1200 CPU, follow these steps: 1. Open the properties of the module in the inspector window. 2. Open the "Protection" entry in the area navigation. A table with the possible access levels appears in the inspector window. 3. Activate the required access level in the first column of the table. The green checkmarks in the columns to the right of the respective protection level show you which operations are still available without entering the password. 4. In the "Password" column, specify a password for full access in the first row. In the "Confirmation" column, enter the selected password again to protect against incorrect entries. Ensure that the password is sufficiently secure, in other words, that is does not follow a machine-recognizable pattern! You must enter a password in the first row "Full access (no protection)". This enables unrestricted access to the CPU for those who know the password, regardless of the selected protection level. 5. Assign additional passwords as needed to other access levels if the selected protection level allows you to do so. 6. Download the hardware configuration so that the access level takes effect. Result The hardware configuration and the blocks are protected against unauthorized access according to the set access level. If an operation cannot be executed without a password due to the set access level, a dialog for entering a password is displayed. Restriction of communication services (S7-1200) Introduction The CPU can be the server for a number of communication services. This means that other communication participants can access CPU data even if you have not configured and programmed connections for the CPU. The local CPU as a server thus does not have the possibility to control communication to the clients. The parameter "Connection mechanisms" in the "Protection" area of the CPU parameters is used to specify whether this type of communication is permitted or not for the local CPU during operation. WinCC Advanced V14 System Manual, 10/2016 989 Editing devices and networks 10.1 Configuring devices and networks Permit access with PUT/GET communication from remote partners By default, the "Permit access with PUT/GET communication from remote partners (...)" option is disabled. In this case, read and write access to CPU data is only possible for communication connections that require configuration or programming both for the local CPU and for the communication partner. Access through BSEND/BRCV instructions is possible, for example. Connections for which the local CPU is only a server (meaning that no configuration/ programming of the communication with the communication partner exists at the local CPU), are therefore not possible during operation of the CPU, for example, For PUT/GET, FETCH/WRITE or FTP access via communication modules For PUT/GET access from other S7 CPUs For HMI access that is realized via PUT/GET communication If you want to allow access to CPU data from the client side, meaning that you do not want to restrict the communication services of the CPU, activate the "Permit access with PUT/GET communication from remote partners" option. Group alarms for security events (S7-1200) What you should know about group alarms for security events Security events in the diagnostics buffer The CPU stores information on important actions and events in the diagnostics buffer. The following security events (event types) lead to an entry in the diagnostics buffer of the S7-1200: Going online with the correct or incorrect password. Manipulated communications data detected. Manipulated data detected on memory card. Manipulated firmware update file detected. Changed protection level (access protection) downloaded to the CPU. Password legitimization restricted or enabled (by instruction or CPU display). Online access denied due to the possible number of simultaneous access attempts being exceeded. Timeout when an existing online connection is inactive. Logging in to the Web server with the correct or incorrect password. Creating a backup of the CPU. 990 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Restoring the CPU configuration. During startup: - Project on the SIMATIC memory card has changed (the SIMATIC memory card remains the same) - SIMATIC memory card was replaced Group alarm for security events To prevent the diagnostics buffer being "swamped" by large numbers of identical security events, as of STEP 7 V13 service pack 1, you can set parameters so that these events are entered in the diagnostics buffer as a group alarm. Per interval (monitoring time), the CPU then only generates one group alarm per event type. Example: Brute-Force attacks With Brute-Force attacks, attackers attempt to gain access to the CPU by systematically trying out a large number of the possible password combinations. As a result, the CPU receives a large number of login requests within seconds and the inrush of identical single entries in the diagnostics buffer leads to the loss of important diagnostics information. Group alarms help here. Principle of operation of group alarms The CPU enters the first three events of an event type in the diagnostics buffer. It then ignores all subsequent security events of this type. At the end of the monitoring time (interval), the CPU generates a group alarm in which it enters the event type and the frequency of the event during the elapsed interval. If these security events also occur in the intervals that follow, the CPU only generates one group alarm per interval. An attack leaves the following pattern in the diagnostics buffer: Three individual alarms followed by a series of group alarms. This series can consist of two, three or more group alarms depending on the selected monitoring time and duration of the attack. Since the alarms in the diagnostics buffer have a time stamp, the duration of the attack can be determined. WinCC Advanced V14 System Manual, 10/2016 991 Editing devices and networks 10.1 Configuring devices and networks Security events of one type, for example login attempts with an invalid password. Interval (monitoring time): When a security event of a particular type occurs the first time (or reoccurs), the monitoring time is started (or restarted). Single alarms: The first three security events of a type are entered in the diagnostics buffer immediately. As of the fourth security event of this type, the CPU only creates group alarms. If a security event of this type occurs after a pause of at least one interval, the CPU enters a single alarm in the diagnostics buffer and restarts the monitoring time. Group alarms: After three security events, the CPU only generates a group alarm as a summary of all other security events in this interval. If these security events also occur in the intervals that follow, the CPU only generates one group alarm per interval. Configuring a group alarm for security events (S7-1200) Requirements STEP 7 V14 S7-1200-CPU as of firmware V4.2 Procedure To configure group alarms for security events, follow these steps: 1. Click on the CPU symbol in the network view. The properties of the CPU are displayed in the Inspector window. 2. Go to the "Protection" > "Security event" area. 3. Click on "Security event". 4. Select the option "Summarize security events in case of high message volume" to enable group alarms for security events. 5. Set the duration of an interval (monitoring time); the default is 20 seconds. See also What you should know about group alarms for security events (Page 990) 992 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Deactivating SNMP (S7-1200) The network management protocol SNMP (Simple Network Management Protocol) is a protocol that uses various services and tools for detection and diagnostics of the network topology. SNMP uses the transport protocol UDP. SNMP recognizes two network components, the SNMP manager and the SNMP client. The SNMP manager monitors the network nodes: The SNMP clients collect the various network-specific information in the individual network nodes and store it in a structured form in the MIB (Management Information Base). Various services and tools can run detailed network diagnostics with the help of this data. Under certain conditions, it may be useful to disable SNMP. Examples: The security guidelines in your network do not allow the use of SNMP. You use your own SNMP solution, e.g. with your own communications instructions. If you disable SNMP for a device, various options for diagnostics of the network topology (e.g. using the PRONETA tool or the Web server of the CPU) are no longer available to you. Requirements CPU S7-1200 V4.1 and higher CPU S7-1500 V1.8 and higher Disabling SNMP To disable SNMP, follow these steps: 1. In STEP 7, create a data block that contains the structure of data record F003H. The following table shows the structure of the data record F003H. Byte Element Code Explanation 0-1 BlockID F003H Header 2-3 BlockLength 8 4 Version 01 H The data record length is coun ted starting at byte 4 "Version". 5 Subversion 00 H 6-7 Reserved - - 8-11 SNMP controller Disable/enable SNMP If you want to disable SNMP, enter the value 0. If you want to enable SNMP, enter the value 1. 2. Transfer the data record F003H in the startup OB (OB100) to the CPU with the WRREC instruction (write data record). Use an integrated interface of the CPU as the hardware ID. WinCC Advanced V14 System Manual, 10/2016 993 Editing devices and networks 10.1 Configuring devices and networks Symbolic and numerical names of instructions (S7-1200) Description The instructions from the task card are comprised of functions (FC), function blocks (FB), system functions (SFC) and system function blocks (SFB) that are identified internally by numbers. The following tables show the assignment of numerical and symbolic names. Function blocks (FBs) 994 Numerical name Symbolic name FB 105 TC_CONFIG FB 110 Port_Config FB 111 Send_Config FB 112 Receive_Config FB 113 Send_P2P FB 114 Receive_P2P FB 115 Receive_Reset FB 116 Signal_Get FB 117 Get_Features FB 118 Set_Features FB 163 TC_SEND FB 164 TC_RECV FB 165 TC_CON FB 166 TC_DISCON FB 804 SET_TIMEZONE FB 1030 TSEND_C FB 1031 TRCV_S FB 1071 USS_DRIVE FB 1080 MB_COMM_LOAD FB 1081 MB_MASTER FB 1082 MB_SLAVE FB 1084 MB_CLIENT FB 1085 MB_SERVER FB 1100 MB_Halt FB 1101 MC_Home FB 1102 MC_MoveAbsolute FB 1103 MC_MoveJog FB 1104 MC_MoveRelative FB 1105 MC_MoveVelocity FB 1107 MC_Power FB 1108 MC_Reset FB 1110 MC_MoveInterrupt WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Numerical name Symbolic name FB 1111 MC_ChangeDynamik FB 1112 MC_CommandTable FB 1113 MC_MoveLinearAbs_2D FB 1114 MC_MoveLinearRel_2D FB 1115 MC_MoveCircular_2D FB 1130 PID_Compact FB 1134 PID_3Step FB 1140 HSC FB 2040 RecipeCreate FB 2041 RecipeOpen FB 2042 RecipeRead FB 2043 RecipeWrite FB 2044 RecipeAppend FB 2045 RecipeClose Numerical name Symbolic name FC 2 (1) CONCAT FC 4 (1) DELETE Functions (FCs) FC 11 (1) FIND FC 17 (1) INSERT FC 20 (1) LEFT FC 21 (1) LEN FC 22 LIMIT (1) FC 25 (1) FC 26 MID FC 27 (1) MIN FC 31 (1) REPLACE FC 32 (1) RIGHT FC 36 (1) ENCO FC 36 (1) SEL FC 37 DECO FC 800 LED FC 801 IM_DATA FC 802 DeviceStates FC 803 ModuleStates FC 1070 USS_PORT FC 1072 USS_RPM FC 1073 USS_WPM (1) WinCC Advanced V14 System Manual, 10/2016 MAX (1) MC7+ instruction 995 Editing devices and networks 10.1 Configuring devices and networks System data types (SDTs) Numerical name Symbolic name SDT 99 WWW_CDB SDT 513 CONDITIONS SDT 581 Send_Conditions SDT 582 Receive_Conditions System function blocks (SFBs) 996 Numerical name Symbolic name SFB 0 (1) CTU SFB 1 (1) CTD SFB 2 (1) CTUD SFB 3 (1) TP SFB 4 (1) TON SFB 5 TOF (1) SFB 27 START_OB SFB 52 RDREC SFB 53 WRREC SFB 54 RALRM SFB 105 T_CONFIG SFB 106 TDIAG SFB 107 TRESET SFB 110 PORT_CFG SFB 111 SEND_CFG SFB 112 RCV_CFG SFB 113 SEND_PTP SFB 114 RCV_PTP SFB 115 SGN_GET SFB 116 SGN_SET SFB 117 RCV_RST SFB 120 CTRL_HSC SFB 122 CTRL_PWM SFB 124 CTRL_HSC_EXT SFB 140 DataLogCreate SFB 141 DataLogOpen SFB 142 DateLogWrite SFB 143 DataLogClear SFB 144 DataLogClose SFB 145 DataLogDelete SFB 146 DataLogNewFile WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks System functions (SFCs) WinCC Advanced V14 System Manual, 10/2016 Numerical name Symbolic name SFC 7 DP_PRAL SFC 11 DPSYC_FR SFC 13 DPNRM_DG SFC 14 DPRD_DAT SFC 16 RD_OBINF SFC 23 DEL_DB SFC 28 SET_TINT SFC 29 CAN_TINT SFC 30 ACT_TINT SFC 31 QRY_TINT SFC 32 SRT_DINT SFC 33 CAN_DINT SFC 34 QRY_DINT SFC 41 DIS_AIRT SFC 42 EN_AIRT SFC 43 RE_TRIGR SFC 45 D_ACT_DP SFC 46 STP SFC 82 CREA_DBL SFC 83 READ_DBL SFC 84 WRIT_DBL SFC 86 CREATE_DB SFC 89 RST_EVOV SFC 99 WWW SFC 101 RTM SFC 117 GET_DIAG SFC 124 ATTR_DB SFC 140 IO2MOD SFC 143 RD_ADDR SFC 154 RD_LOC_T SFC 154 DPWR_DAT SFC 161 WR_LOC_T SFC 180 ID2LOG SFC 181 LOG2ID SFC 182 ID2GEO SFC 190 SET_CINT SFC 191 QRY_CINT SFC 192 ATTACH SFC 193 DETACH MC7+ Anweisung GET_ERROR MC7+ Anweisung GET_ERR_ID 997 Editing devices and networks 10.1 Configuring devices and networks Organization blocks (S7-1200) Startup OBs (S7-1200) Description You can determine the boundary conditions for the startup characteristics of your CPU, for example, the initialization values for "RUN". To do this, write a startup program. The startup program consists of one or more startup OBs (OB numbers 100 or >= 123). The startup program is executed once during the transition from "STOP" mode to "RUN" mode. Current values from the process image of the inputs are not available for startup program, nor can these values be set. After the complete execution of the startup OBs, the process image of the inputs is read in and the cyclic program is started. There is no time limit for executing the startup routine. Therefore the scan cycle monitoring time is not active. Time-driven or interrupt-driven organization blocks cannot be used. Start information A startup OB has the following start information: Tag Data type Description LostRetentive BOOL = 1, if retentive data storage areas have been lost LostRTC BOOL = 1, if realtime clock has been lost See also "STARTUP" operating mode (Page 940) Events and OBs (Page 952) Cyclic OBs (S7-1200) Introduction For the program execution to start, at least one program cycle OB must be present in the project. The operating system calls this program cycle OB once in each cycle and thereby starts the execution of the user program. You can use multiple OBs (OB numbers >= 123). When multiple program cycle OBs are used, these are called in one after the other in the order of their OB numbers. The program cycle OB with the lowest OB number is called first. The program cycle OBs have the priority class 1. This corresponds to the lowest priority of all OBs. The cyclic program can be interrupted by events of any other event class. 998 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Programming cyclic program execution You program cyclic program execution by writing your user program in the cycle OBs and the blocks that they call. The first cyclic program execution begins as soon as the startup program has ended without errors. The cycle restarts after the end of each cyclic program execution. Sequence of cyclic program execution One cycle of the program execution encompasses the following steps: 1. The operating system starts the maximum cycle time. 2. The operating system writes the values from the process image output to the output modules. 3. The operating system reads out the state of the inputs of the input modules and updates the process image input. 4. The operating system processes the user program and executes the operations contained in the program. 5. At the end of a cycle, the operating system executes any tasks that are pending, for example, loading and deleting blocks or calling other cycle OBs. 6. Finally, the CPU returns to the start of the cycle and restarts the scan cycle monitoring time. See also: process image input/output (Page 949) Options for interrupting Cyclic program execution can be interrupted by the following events: Interrupt A STOP command, triggered by - Operation of the programming device - "STP" instruction Supply voltage failure Occurrence of a device fault or program error Start information None Optimized start information: Name Data type Meaning first_scan BOOL = TRUE in the first call of this OB: Transition from STOP or HOLD to RUN After reloading retentivity WinCC Advanced V14 System Manual, 10/2016 BOOL = TRUE, if retentive data are available 999 Editing devices and networks 10.1 Configuring devices and networks See also Events and OBs (Page 952) Organization blocks for interrupt-driven program execution (S7-1200) Time-of-day interrupt OBs (S7-1200) Function Organization blocks for time-of-day interrupt (OB number >=123) can be processed as follows: One time to a preset time (date with time of day) Periodically with preset start time and the following intervals: - Every minute - Hourly - Daily - Weekly - Monthly - Yearly - End of month Time-of-day interrupt-OBs are therefore used to run parts of the user program on a timecontrolled basis. Status for time-of-day interrupt The following table contains the possible status of a time-of-day interrupt as well as it's meaning. Status Meaning Cancelled The one-time processing has already taken place, or the start event of an not yet processed time-of-day interrupt has been deleted with the extended instruction CAN_TINT. Set You have scheduled the time or start time for processing. Activated You have scheduled whether processing takes place one time or periodically, and in the case of periodic processing, you have scheduled the interval. Rules for time-of-day interrupts The following rules apply to the use of time-of-day interrupts: A time-of-day interrupt can only be processed if it is set and activated, and a corresponding organization block exists in the user program. The start times of periodic time-of-day interrupts must correspond to a real date. For example, it is not possible to repeat an organization block monthly which first occurs on January 31st. In this case, on OB will only be started in the months that have 31 days. 1000 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks A time-of-day interrupt activated during startup by extended instruction call ACT_TINTwill not be executed until the startup is complete. After each CPU startup, you must reactivate previously set time-of-day interrupts Setting and activating a time-of-day interrupt OB Before a time-of-day interrupt can be deleted and the corresponding time-of-day interrupt OB can be processed from the operating system, you must set and activate the interrupt. You have the following options: Set time-of-day interrupt Activate time-of-day interrupt Means of configuring Means of configuring Means of configuring By extended instruction call ACT_TINT By extended instruction call SET_TINTL By extended instruction call ACT_TINT Note If you configure a time-of-day interrupt in such a way that the corresponding OB is to be processed once, the start time must not be in the past (relative to the real-time clock of the CPU). If you configure a time-of-day interrupt in such a way that the corresponding OB is to be processed periodically, but the start time is in the past, then the time-of-day interrupt will be processed the next time it is due. Time-of-day interrupt status query In order to query the status of the time-of-day interrupt, call the extended instruction QRY_TINT. Cancelling a time-of-day interrupt You can cancel a time-of-day interrupt which has not yet been processed with the extended instruction CAN_TINT. You can reset cancelled time-of-day interrupts with the extended instruction SET_TINTL and activate them with the extended instruction ACT_TINT. WinCC Advanced V14 System Manual, 10/2016 1001 Editing devices and networks 10.1 Configuring devices and networks Conditions that effect the time-of-day interrupt OBs Since a time-of-day interrupt occurs only at specific intervals, certain conditions can affect the function of the associated OBs during execution of your program. The following table shows some of these conditions and describes how these affect the processing of a time-of-day interrupt OB. Condition Result The extended instruction CAN_TINT is called in the user pro The operating system deletes the start event (date and time) gram. of the time-of-day interrupt. You must reset and reactivate the time-of-day interrupt if you are going to call the corresponding time-of-day interrupt OB again. By synchronizing or correcting the CPU system clock, the time of day will be set ahead. With this, the start time for a time-of-day interrupt OB will be bypassed. The operating system calls the time error interrupt OB (OB 80) and records the start event, the number, and the priority of the first bypassed time-of-day interrupt OB in its start infor mation. After completion of the OB 80, the operating system processes the bypassed time-of-day interrupt OB only once. By synchronizing or correcting the CPU system clock, the time of day will be set back. The corrected clock time is before the start time of an already processed time-of-day interrupt OB. The time-of-day interrupt OB is repeated. A time-of-day interrupt OB is still being processed when the start event for its next execution occurs. The operating system then calls time error interrupt OB 80. The requested OB is processed only after the processing and further execution of the current time-of-day interrupt OB has completed. Start information A time-of-day interrupt OB has the following start information: Tag Data type Description CaughtUp BOOL =1, if the OB call is executed because clock time is turned ahead. SecondTime BOOL =1 if the OB is called a second time because clock time is turned back (more exactly, if the planned time of the current OB processing is earlier than or the same time as the planned time for the previous OB processing). Note: SecondTime is only set once. Status interrupt OB (S7-1200) Description When it receives a status interrupt, the operating system of the S7-1200 CPU calls the status interrupt OB from a DP master or IO controller. This may be the case if a module of a slave changes its operating mode, for example, from "RUN" to "STOP". For more detailed information on events that trigger a status interrupt, refer to the documentation of the slave or device manufacturer. 1002 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Structure of the start information The status-interrupt OB has the following start information: Name Data type Meaning LADDR HW_IO Hardware address of the component triggering the interrupt Slot UINT Slot number of the component triggering the interrupt Specifier WORD Interrupt specifier from the interrupt frame See also Events and OBs (Page 952) Update interrupt OB (S7-1200) Description When it receives a status interrupt, the operating system of the S7-1200 CPU calls the update interrupt OB from a DP master or IO controller. This may be the case if you changed a parameter on a slot of a slave or device. For more detailed information on events that trigger an update interrupt, refer to the documentation of the slave or device manufacturer. Structure of the start information The update interrupt OB has the following start information: Name Data type Meaning LADDR HW_IO Hardware address of the component triggering the interrupt Slot UINT Slot number of the component triggering the interrupt Specifier WORD Interrupt specifier from the interrupt frame See also Events and OBs (Page 952) OB for vendor- or profile-specific interrupts (S7-1200) Description When it receives a manufacturer-specific or profile-specific interrupt from a DP master or IO controller, the operating system of the S7-1200 CPU calls OB 57. For more detailed information on events that trigger this type of interrupt, refer to the documentation of the slave or device manufacturer. WinCC Advanced V14 System Manual, 10/2016 1003 Editing devices and networks 10.1 Configuring devices and networks Structure of the start information The OB for manufacturer-specific and profile-specific interrupts has the following start information: Name Data type Meaning LADDR HW_IO Hardware address of the component triggering the interrupt Slot UINT Slot number of the component triggering the interrupt Specifier WORD Interrupt specifier from the interrupt frame See also Events and OBs (Page 952) Time-delay interrupt OBs (S7-1200) Description A time-delay interrupt OB is started after a configurable time delay of the operating system. The delay time starts after the SRT_DINT instruction is called. You can use up to four time-delay interrupt OBs or cyclic OBs (OB numbers >= 123) in your program. If, for example, you are already using two cyclic interrupt OBs, you can insert a maximum of two further time-delay interrupt OBs in your program. You can use the CAN_DINT instruction to prevent the execution of a time-delay interrupt that has not yet started. Function of time-delay interrupt OBs The operating system starts the corresponding OB after the delay time, which you have transferred with an OB number and an identifier to the SRT_DINT instruction. To use a time-delay interrupt OB, you must execute the following tasks: You must call the instruction SRT_DINT. You must download the time-delay interrupt OB to the CPU as part of your program. The delay time is measured with a precision of 1 ms. A delay time can immediately start again after it expires. Time delay interrupt OBs are executed only when the CPU is in the "RUN" mode. A warm restart clears all start events of time-delay interrupt OBs. The operating system calls the time-delay interrupt OB if one of the following events occurs: If the operating system attempts to start an OB that is not loaded and you specified its number when calling the SRT_DINT instruction. If the next start event for a time-delay interrupt occurs before the time delay OB has completely executed. 1004 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You can disable and re-enable time-delay interrupts using the DIS_AIRT and EN_AIRT instructions. Note If you disable an interrupt with DIS_AIRT after executing SRT_DINT, this interrupt executes only after it has been enabled with EN_AIRT. The delay time is extended accordingly. Start information None Optimized start information: Name Data type Meaning sign WORD User ID: Input parameter SIGN from the call of the "SRT_DINT" instruction Note "sign" tag The "sign" tag exists only since firmware version V4.1 of the S7-1200 CPUs. See Useful information on CPU firmware versions and STEP 7 versions (Page 1019) See also SRT_DINT: Start time-delay interrupt (Page 3664) CAN_DINT: Cancel time-delay interrupt (Page 3666) Events and OBs (Page 952) Cyclic interrupt OBs (S7-1200) Description Cyclic interrupt OBs serve to start program in periodic time intervals independently of the cyclic program execution. The start times of a cyclic interrupt OB are specified using the time base and the phase offset. The time base defines the intervals at which the cyclic interrupt OB is started and is an integer multiple of the basic clock cycle of 1 ms. The phase offset is the time by which the start time is offset compared with the basic clock cycle. If several cyclic interrupt OBs are being used, you can use this offset to prevent a simultaneous start time if the time bases of the cyclic interrupt OBs have common multiples. You can specify a time period between 1 ms and 60000 ms as the time base. WinCC Advanced V14 System Manual, 10/2016 1005 Editing devices and networks 10.1 Configuring devices and networks You can use up to four cyclic interrupt OBs or time-delay OBs (OB numbers >= 123) in your program. If, for example, you are already using two time-delay interrupt OBs, you can insert a maximum of two further cyclic interrupt OBs in your program. Note The execution time of each cyclic interrupt OB must be noticeably smaller than its time base. If a cyclic interrupt OB has not been completely executed but execution is again pending because the cycle clock has expired, the time error OB is started. The cyclic interrupt that caused the error is executed later or discarded. Example of the use of phase offset You have inserted two cyclic interrupt OBs in your program: Cyclic interrupt OB1 Cyclic interrupt OB2 For cyclic interrupt OB1, you have set a time base of 20 ms and for cyclic interrupt OB2 a time base of 100 ms. After expiration of the time base of 100 ms, the cyclic interrupt OB1 reaches the start time for the fifth time, cyclic interrupt OB2 for the first time. To nevertheless execute the cyclic interrupt OBs offset, enter a phase offset for one of the two cyclic interrupt OBs. Start information None Optimized start information: Name Data type Meaning first_scan BOOL = TRUE in the first call of this OB At the transition from STOP or HOLD to RUN After reloading event_count INT Number of lost start events since the last start of this OB See also Assigning parameters to cyclic interrupt OBs (Page 1016) Events and OBs (Page 952) Hardware interrupt OBs (S7-1200) Description You can use hardware interrupt OBs to react to specific events. You can assign an event that triggers an alarm to precisely one hardware interrupt OB. A hardware interrupt OB in contrast can be assigned to several events. 1006 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Hardware interrupts can be triggered by high-speed counters and input channels. For each high-speed counter and input channel that should trigger a hardware interrupt, the following properties need to be configured: The process event that should trigger the hardware interrupt (for example, the change of a count direction of a high-speed counter) The number of the hardware interrupt OB which is assigned to this process event You can use up to 50 hardware interrupt OBs (OB numbers >= 123) that are independent of each other in your program. Functionality of a hardware interrupt OB After triggering a hardware interrupt, the operating system identifies the channel of the input or the high-speed counter and determines the assigned hardware interrupt OB. If no other interrupt OB is active, the determined hardware interrupt OB is called. If a different interrupt OB is already being executed, the hardware interrupt is placed in the queue of its priority class. The hardware interrupt is acknowledged after the completion of the assigned hardware interrupt OB. If another event that triggers a hardware interrupt occurs on the same module during the time between identification and acknowledgement of a hardware interrupt, the following applies: If the event occurs on the channel that previously triggered the hardware interrupt, then no additional hardware interrupt is triggered. Another hardware interrupt can only be triggered if the current hardware interrupt is acknowledged. If the event occurs on a different channel, a hardware interrupt is triggered. Hardware interrupt OBs are called only in the CPU's "RUN" mode. Start information None Optimized start information: Name Data type Meaning Laddr HW_IO Hardware identifier of the module that triggers the hardware interrupt USI WORD Identifier for future extensions (not user-relevant) IChannel USINT Number of the channel that triggered the hardware interrupt EventType BYTE Identifier for the event type associated with the event triggering the in terrupt (e.g., positive edge) This identifier can be found in the description of the respective module. See also Assigning parameters to hardware interrupt OBs (Page 1017) Events and OBs (Page 952) WinCC Advanced V14 System Manual, 10/2016 1007 Editing devices and networks 10.1 Configuring devices and networks Time error OB (S7-1200) Description The operating system calls the time error OB (OB 80) if one of the following events occurs: The cyclic program exceeds the maximum cycle time. The OB called is currently still being executed (possible for time-delay interrupt OBs and cyclic interrupt OBs). A time-of-day interrupt was missed because the clock time was set forward by more than 20 seconds. A time-of-day interrupt was missed during a STOP. An overflow has occurred in an interrupt OB queue. An interrupt was lost due to the excessive interrupt load. If you have programmed no time error OB, the S7-1200 CPU reacts as follows: CPUs with firmware version V1.x to V3.x: The CPU remains in RUN mode. CPUs with firmware version as of V4.x: - The CPUs goes to STOP mode when the maximum cycle time is exceeded. - With all other start events of the time error OB, the CPU remains in RUN mode. Violation of the maximum cycle time twice does not lead to the calling of an OB, but to the STOP of the CPU. You can avoid the second violation by restarting the cycle monitoring of the CPU with the RE_TRIGR instruction. You can use only one time error OB in your program. Start information The time error OB has the following start information: Tag Data type Description fault_id BYTE 0x01: Maximum cycle time exceeded 0x02: Called OB is still being executed 0x05: Expired time-of-day interrupt due to time jump 0x06: Expired time-of-day interrupt on return to RUN mode 0x07: Queue overflow 0x09: Interrupt loss due to high interrupt load csg_OBnr OB_ANY Number of the OB being executed at the time of the error csg_prio UINT Priority of the OB being executed at the time of the error See also Events and OBs (Page 952) Cycle time and maximum cycle time (Page 966) 1008 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Diagnostic interrupt OB (S7-1200) Description You can enable the diagnostic error interrupt for diagnostics-capable modules so that the module detects changes in the I/O status. As a result, the module triggers a diagnostic error interrupt in the following cases: A fault is present (incoming event) A fault is no longer present (outgoing event) If no other interrupt OB is active, then the diagnostic interrupt OB (OB 82) is called. If another interrupt OB is already being executed, the diagnostic error interrupt is placed in the queue of its priority group. You can use only one diagnostic interrupt OB in your program. Start information The diagnostic interrupt OB has the following start information: Tag Data type Description IO_state WORD Contains the I/O status of the diagnostics-ca pable module. laddr HW_ANY HW-ID Channel UINT Channel number multi_error BOOL = 1, if there is more than one error IO_state tag The following table shows the possible I/O states that the IO_state tag can contain: IO_state Description Bit 0 Configuration correct: = 1, if the configuration is correct = 0, if the configuration is no longer correct Bit 4 Error: = 1, if an error is present, e.g., a wire break = 0, if the error is no longer present Bit 5 Configuration not correct: = 1, if the configuration is not correct = 0, if the configuration is correct again Bit 7 I/O cannot be accessed: = 1, if an I/O access error has occurred In this case, laddr contains the hardware identifier of the I/O with the access error. = 0, if the I/O can be accessed again Bits 8 to 15 WinCC Advanced V14 System Manual, 10/2016 Reserved (always 0) 1009 Editing devices and networks 10.1 Configuring devices and networks See also Events and OBs (Page 952) Pull/plug interrupt OB (S7-1200) Description The S7-1200 CPU operating system calls the pull/plug interrupt OB (OB 83) if a configured and non-disabled distributed I/O module or submodule (PROFIBUS, PROFINET, AS-i) is removed or inserted. Note The removal or insertion of a central module leads to the STOP of the CPU. Start information The pull/plug interrupt OB has the following start information: Name Data type Meaning LADDR HW_IO Hardware identifier of the affected module or submodule Event_Class BYTE B#16#38: (Sub)module plugged Fault_ID BYTE B#16#39: (Sub)module pulled or not responding Error code (possible values: B#16#51, B#16#54, B#16#55, B#16#56, B#16#57, B#16#58) The following table shows which event caused the start of the pull/plug interrupt OB. ev_class (B#16# ...) fault_id (B#16# ...) Meaning 39 51 Module pulled 39 54 Submodule pulled 38 54 Submodule plugged, which conforms to the para meterized submodule 38 55 Submodule inserted, which does not conform to the submodule parameter assignment 38 56 Submodule inserted, but error in module parame ter assignment 38 57 Submodule or module inserted, but with a fault or maintenance 38 58 Submodule access error remedied See also Events and OBs (Page 952) 1010 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Rack error OB (S7-1200) Description The S7-1200 CPU operating system calls the OB 86 in the following cases: The failure of a DP master system or of a PROFINET IO system is detected (in the case of either an incoming or an outgoing event). The failure of a DP slave or of an IO device is detected (in the case of either an incoming or an outgoing event). Failure of some of the submodules of a PROFINET I-device is detected. Structure of the start information The rack fault OB has the following start information: Name Data type Meaning LADDR HW_IO Hardware identifier of the defective hardware object Event_Class BYTE B#16#32: Activation of a DP slaves or an IO device B#16#33: Deactivation of a DP slaves or an IO device B#16#38: outgoing event B#16#39: incoming event Fault_ID BYTE Error code (possible values: B#16#C3, B#16#C4, B#16#C5, B#16#C6, B#16#C7, B#16#C8, B#16#C9, B#16#CA, B#16#CB, B#16#CC, B#16#CD, B#16#CE, B#16#CF, B#16#F8, B#16#F9) The following table shows which event caused the start of OB 86. WinCC Advanced V14 System Manual, 10/2016 Ev_class Fault_id B#16# ... B#16# ... Meaning 39 C3 Failure of a DP master system 39/38 C4 Failure/return of a DP slave 38 C5 Return of a DP slave; however, slave is faulty 38 C6 Expansion unit return, but error in module parameter assignment 38 C7 Return of a DP device, but there is error in module configuration 38 C8 Return of a DP device, but discrepancy between preset/actual configuration 32/33 C9 Activation/deactivation of a DP slave with the "D_ACT_DP" instruction 39 CA Failure of a PROFINET IO system 39/38 CB Failure/return of a PROFINET IO device 38 CC Return of a PROFINET IO device with fault or maintenance 38 CD Return of a PROFINET IO device, deviation between preset/actual configu ration 38 CE Return of a PROFINET IO device, error in module configuration 32/33 CF Activation/deactivation of an IO device with the "D_ACT_DP" instruction 39/38 F8 Failure/return of some of the submodules of a PROFINET I-device 38 F9 Return of some of the submodules of a PROFINET I-device with a device configuration difference 1011 Editing devices and networks 10.1 Configuring devices and networks See also Events and OBs (Page 952) MC-servo OB (S7-1200) Description When you create a technology object with drive connection using MC-Servo [OB91]/create an analog output, the organization block PROFIdrive is created automatically. The Motion Control functionality of the technology objects creates its own execution level, and is called according to the Motion Control application cycle. The MC-Servo OB is write-protected. The content cannot be changed. The position control algorithms of all technology objects configured for motion control on the CPU are calculated within the MC-Servo OB. You can set the application cycle and the priority of the organization block in accordance with your requirements for control quality and system load. Application cycle You can set the application cycle in which the MC-Servo OB is called in the properties of the organization block. The MC-Servo OB is called cyclically with the specified application cycle. The selected application cycle must be long enough to allow all the technology objects to be processed in one cycle. If the processing time of the technology objects is longer than the application cycle, overflows will occur. To avoid disruptions in the program execution on the CPU, set the application cycle depending on the number of axes used as follows: Application cycle = number of axes x 2 ms The following table shows the resulting application cycle as an example according to the number of axes: Number of axes Application cycle 1 2 ms 2 4 ms 4 8 ms 8 16 ms The SINAMICS G120 drive updates the drive process image every 4 ms. To improve control, set the application cycle of the MC-Servo OB to 4 ms or to a multiple of 4 ms. See also MC-PreServo OB (Page 1013) MC-PostServo OB (Page 1013) 1012 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MC-interpolator OB (Page 1014) Assigning the MC-Servo OB parameters (Page 1019) MC-PreServo OB (S7-1200) Description The organization block MC-PreServo [OB67] can be programmed and is called in the application cycle configured at the MC-Servo OB (Page 1012). MC-PreServo [OB67] is called directly before MC-Servo [OB91]. Via the organization block, you can read out the configured application cycle (information in s). Structure of the start information Optimized start information: Name Data type Meaning Initial_Call BOOL =TRUE in the first call of this OB during transition from STOP to RUN PIP_Input BOOL TRUE: The associated process image input is up-to-date PIP_Output BOOL TRUE: The associated process image output was transferred to the outputs in good time after the last cycle IO_System USINT Number of the distributed I/O system triggering the interrupt Event_Count INT = n: Number of lost cycles = -1: An unknown number of cycles has been lost (e.g., because cycle has changed). Synchronous BOOL Reserved CycleTime UDINT Display of the application cycle configured for the MC-Servo OB in s MC-PostServo OB (S7-1200) Description The organization block MC-PostServo [OB95] can be programmed and is called in the application cycle configured for the MC-Servo OB (Page 1012). MC-PostServo [OB95] is called directly after MC-Servo [OB91]. Via the organization block, you can read out the configured application cycle (information in s). WinCC Advanced V14 System Manual, 10/2016 1013 Editing devices and networks 10.1 Configuring devices and networks Structure of the start information Optimized start information: Name Data type Meaning Initial_Call BOOL =TRUE in the first call of this OB during transition from STOP to RUN PIP_Input BOOL TRUE: The associated process image input is up-to-date PIP_Output BOOL TRUE: The associated process image output was transferred to the outputs in good time after the last cycle IO_System USINT Number of the distributed I/O system triggering the interrupt Event_Count INT = n: Number of lost cycles = -1: An unknown number of cycles has been lost (e.g., because cycle has changed). Synchronous BOOL Reserved CycleTime UDINT Display of the application cycle configured for the MC-Servo OB in s MC-interpolator OB (S7-1200) Description When you create a technology object with drive connection using MCInterpolator [OB91]/ create an analog output, the organization block PROFIdrive is created automatically. The Motion Control functionality of the technology objects creates its own execution level, and is called according to the Motion Control application cycle of the MC-Servo OB (Page 1012). The MC-Interpolator OB is write-protected. The content cannot be changed. The evaluation of the motion control instructions as well as the monitoring and the setpoint generation for all technology objects configured on the CPU (motion control) is performed within the MC-Interpolator OB. The MC-Interpolator OB is called at the end of processing of the MC-Servo OB. The clock ratio between MC-Interpolator OB and MC-Servo OB is always 1:1. Process response You must select the application cycle of the MC-Servo OB long enough to allow all the technology objects for motion control to be processed in one application cycle. If the application cycle is not observed, overflows occur. Note the following response to overflows: The CPU tolerates a maximum of three consecutive overflows of the MC-Interpolator OB. The processing of an MC-Interpolator OB can be interrupted by the calling of the MC Servo OB, at most. 1014 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Block parameters of organization blocks (S7-1200) Basics of block parameters (S7-1200) Introduction Several organization blocks (OBs) have properties with which you can control their behavior or their assignment to specific events. You can influence these properties by assigning parameters. Overview You can assign parameters to the properties for the following organization blocks: Time-of-day interrupt OBs Cyclic interrupt OBs Hardware interrupt OBs MC-Servo OB See also Assigning parameters to hardware interrupt OBs (Page 1017) Assigning parameters to cyclic interrupt OBs (Page 1016) Parameter assignment for time-of-day interrupt OBs (S7-1200) Procedure for setting the parameters To set the parameters of a time-of-day interrupt OB, proceed as follows: 1. Open the "Properties" dialog belonging to the time-of-day interrupt OB in question. 2. Click the "Time-of-day interrupt" group in the area navigation. Overview of the parameters that can be set You can set the following parameters: Execution Start date and time-of-day Option buttons "Local time" and "System time" "Execution" parameter Use the drop-down list "Execution" to define the periods at which the time-of-day interrupt OB is to be executed. The time intervals relate to the settings for "Start date" and "Time-of-day". WinCC Advanced V14 System Manual, 10/2016 1015 Editing devices and networks 10.1 Configuring devices and networks The following values are possible for "Execution": Never Once Every minute Hourly Daily Weekly Monthly Yearly End of month Note With the value "End of month", the value specified under "Start date" is irrelevant. "Start date" and "Time-of-day" parameter Here, you specify the time at which the time-of-day interrupt is to be executed for the first time. Example: Start date = 07/05/2013, time =11:16 Depending on the value of the "Execution" parameter, the CPU generates additional time-ofday interrupts periodically. Depending on the setting, the start time relates either to the local time or to the coordinated universal timeUTC. Note If you set the "Execution" parameter to "Monthly", the start date cannot be set to the 29th, the 30th, or the 31st. If you want the time-of-day interrupt OB to start at the end of the month, you should set the parameter "Execution" to "End of month". "Local time" or "System time" Here, you decide which time the start time of the time-of-day interrupt OB relates to: "Local time": The start time relates to the time zone set for the CPU. "System time": The start time relates to the coordinated universal time UTC (Universal Time Coordinated). Assigning parameters to cyclic interrupt OBs (S7-1200) Introduction You can use cyclic interrupt OBs to start programs at regular time intervals. To do so you must enter a scan time and a phase shift for each cyclic interrupt OB used. 1016 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You can use up to four cyclic interrupt OBs or time-delay OBs (OB numbers >= 200) in your program. If, for example, you are already using two time-delay interrupt OBs, you can insert a maximum of two further cyclic interrupt OBs in your program. Note If you assign multiple cyclic OBs, make sure that you assign a different cycle time or phase offset to each cyclic interrupt OB to avoid them executing at the same time or having to queue. When you create a cyclic interrupt OB, the cycle time 100 and the phase offset 0 are entered as start value. Procedure To enter a scan time and a phase shift for a cyclic interrupt OB, proceed as follows: 1. Open the "Program blocks" folder in the project tree. 2. Right-click on an existing cyclic interrupt OB. 3. Select the "Properties" command in the shortcut menu. The "<Name of the cyclic interrupt OB>" dialog box opens. 4. Click the "Cyclic interrupt" group in the area navigation. The text boxes for the scan time and the phase shift are displayed. 5. Enter the scan time and the phase shift. 6. Confirm your entries with "OK". See also Creating organization blocks (Page 4484) Basics of block parameters (Page 1015) Cyclic interrupt OBs (Page 1005) Assigning parameters to hardware interrupt OBs (S7-1200) Introduction You must select the corresponding event and assign the following parameters for every input channel and high-speed counter that should trigger a hardware interrupt: Event name Number of the hardware interrupt OB that is assigned to this process event The parameters of the hardware interrupt are assigned in the properties of the corresponding device. You can assign parameters for up to 50 hardware interrupt OBs. WinCC Advanced V14 System Manual, 10/2016 1017 Editing devices and networks 10.1 Configuring devices and networks You can create the hardware interrupt OB to be assigned parameters either before or during activation of an event. Procedure To configure a hardware interrupt event, follow these steps: 1. Double-click the "Devices & Networks" command in the project tree. The hardware and network editor opens in the network view. 2. Change to the device view. 3. If the Inspector window closed in the device view, select the "Inspector window" check box in the "View" menu. The Inspector window opens. 4. Click the "Properties" tab. 5. In the device view, select the module for which you want to a assign a hardware interrupt. 6. Select the corresponding event that will trigger a hardware interrupt, e.g., a positive edge. 7. Enter an event name. 8. Select an existing hardware interrupt OB from the "Hardware interrupt" drop-down list or create a new hardware interrupt OB. If you have not previously created any hardware interrupt OBs, you can click the "Add new block" button in the drop-down list. The start information of the corresponding hardware interrupt OB, including all specifications for the interrupt-triggering event, is updated. 9. If you want to assign further hardware interrupts, repeat steps 5 to 8. A system constant of data type Event_HwInt is created automatically for the event identified by the explicit event name. The system constants are displayed in the standard tag table. See also Creating organization blocks (Page 4484) Basics of block parameters (Page 1015) Hardware interrupt OBs (Page 1006) Events and OBs (Page 952) 1018 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assigning the MC-Servo OB parameters (S7-1200) Procedure for setting the parameters To assign the parameters of an MC-Servo OB, follow these steps: 1. Open the "Properties" dialog associated with the MC-Servo OB in question. 2. Click on the "Cycle time " group in the area navigation. Overview of the parameters that can be set In the "Cycle time" group, select the application cycle with which the MC-Servo OB will be called cyclically in the execution system of the SIMATIC S7-1200 You set the cycle in which the MC-Servo OB is called in the "Application cycle" field. See also Basics of block parameters (Page 1015) MC-servo OB (Page 1012) Useful information on CPU firmware versions and STEP 7 versions (S7-1200) CPUs and engineering software for configuring the CPUs is constantly developed further to improve performance and security. New versions that have some special features with respect to the interaction of the components are created in this way. The sections below describe the special features of the S7-1200 CPUs with firmware version V4 as compared to firmware versions V1 to V3. For a detailed comparison of the range of functions, read the S7-1200 System Manual (description of new instructions, new organization blocks and advanced configuration options). Required engineering software S7-1200 CPUs V4 can be configured with STEP 7 as of V13. Compatibility between memory card content and firmware version of the CPU Memory cards (transfer cards or program cards) with configuration and program for an S7-1200 CPU V1, V2 or V3 do not work with an S7-1200 CPU V4. Memory cards with configuration and program for an S7-1200 CPU V4 do not work with an S7-1200 CPU V1, V2 or V3. You must change an S7-1200 CPU V1 to V3 configuration to an S7-1200 CPU V4 configuration (device replacement) and then download it to the CPU. A gradual device replacement is required for an S7-1200 CPU V1-V2 (see below). When you insert the memory card into a CPU with an incompatible firmware version, the CPU does not start up. When you insert a memory card for a CPU V1, V2 or V3 into an S7-1200 CPU V4, this CPU outputs a version error. WinCC Advanced V14 System Manual, 10/2016 1019 Editing devices and networks 10.1 Configuring devices and networks Going online and loading When you have configured an S7-1200 CPU with firmware version V1, V2 or V3 with STEP 7, the CPU to which you want to go online or which you want to download must have one of these firmware versions. You cannot go online to an S7-1200 CPU V4 with a configured S7-1200 CPU V1, V2 or V3. On the other hand, you cannot go online to an S7-1200 CPU V1, V2 or V3 with a configured S7-1200 CPU V4 or download this CPU. Replacing an existing CPU You can replace a configured S7-1200-CPU V1, V2 or V3 with a new CPU with a firmware version greater than or equal to 4. In case of an existing S7-1200 CPU V1 or V2, you must start by replacing the device with an S7-1200 CPU V3: It is not possible to directly replace it with an S7-1200 CPU V4. 1. S7-1200 CPU V1 (V2) > S7-1200 CPU V3 2. S7-1200 CPU V3 > S7-1200 CPU V4 As long as you do not download the configuration, you can undo the device replacement ("Undo" command in the "Edit" menu). When you download the configuration for the new CPU firmware version ("V4 configuration") to the CPU, you can no longer return to version V3. This means you should save the existing project, for example, with a V3 configuration as project archive so that you can access it later. Special notes for device replacement (V3 > V4): The interrupt behavior of interrupt OBs remains the same; they are not configured as interruptible. This is also the default behavior of S7-1200 CPUs V1-V3. The interrupt behavior of the interrupt OB can be configured for S7-1200 V4 CPUs. If you drag an S7-1200 CPU V4 directly from the hardware catalog into the network view, this option is activated (interrupt OBs are interruptible). The behavior for PUT/GET access of remote partners remains the same; access is permitted. This is also the default behavior of S7-1200 CPUs V1-V3. The access via PUT/ GET communication by means of remote partners can be configured for S7-1200 V4 CPUs ("Protection" area of CPU parameters). If you drag an S7-1200 CPU V4 directly from the hardware catalog into the network view, access is not permitted and must be explicitly enabled. The wording for the protection levels changes but the effect of the settings remains the same. You can also select the access level "No access (complete protection)". The web server settings for activation of the web server and HTTP/HTTPS settings are applied. You also have the option to create users and assign them specific rights (Web server area > User management of CPU parameters). Web server users only have access to standard websites when you do not configure users. An S7-1200 CPU V4 no longer supports the user "admin" and his/her password. For reasons of compatibility, the interfaces of used OBs are not changed by the device replacement. You can therefore continue to use used OBs. If you want to use OB properties that have been added or changed in the new firmware version of the S7-1200 CPU, you will need to recreate the corresponding OB. 1020 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Communication with HMI devices When you connect an HMI device to an S7-1200 CPU V4, make sure that you use the appropriate Runtime software version of the HMI device. You may have to transfer the latest HMI Runtime version by means of the WinCC engineering software. You must compile the HMI configuration once again and download it to the HMI device for the CPU-HMI communication to work. See also What you need to know about SIMATIC memory cards (Page 944) Addressing modules (S7-1200) Addressing modules (S7-1200) Introduction In the device overview, you see the addresses or address ranges of the modules in the I address and Q address columns. There are other addresses as well, which are explained below. I/O address I/O addresses (input/output addresses) are required to read inputs and set outputs in the user program. Input and output addresses are assigned automatically when modules are inserted in the rack. The address of the first channel is the start address of a module. The addresses of the other channels are derived from this start address. The address end is obtained from the modulespecific address length. Device address (e.g., Ethernet address) Device addresses are addresses of programmable modules (Industrial Ethernet addresses). They are required to address the different stations of a subnet, for example, to download a user program to a CPU. Hardware identifier for identifying modules and submodules In addition to the I addresses and Q addresses, a hardware identifier (HW ID) is assigned automatically and is used to address and identify the module. Submodules (units of a module), such as an integrated counter, also receive such a hardware identifier. The hardware identifier consists of an integer and is output by the system with diagnostics alarms to allow the faulty module or the faulty submodule to be localized. WinCC Advanced V14 System Manual, 10/2016 1021 Editing devices and networks 10.1 Configuring devices and networks In addition, the hardware identifier is used for a number of instructions to address the corresponding module. The hardware identifier cannot be changed. Example: Identifying high-speed counters of the S7-1200 CPU The hardware identifier is assigned automatically when components are inserted in the device or network view and in the PLC tags. A name is also assigned automatically for the hardware identifier. The system constants of the PLC tags cannot be changed either. See also Specifying input and output addresses (Page 1022) Assigning addresses to a location in the program (Page 1023) Introduction to loading a configuration (Page 1704) Inspector window (Page 535) Specifying input and output addresses (S7-1200) Default input and output addresses are set automatically. You can, however, change the address assignment later. All addresses of modules are located in the process image area. The process image is automatically updated cyclically. Requirement You are in the device view. Procedure To change the preset address range proceed as follows: 1. In the device view, click on the module for which you want to set the start address. 2. Go to "I/O addresses" in "Properties" in the inspector window. 3. Under "Start address" enter the required start address. 4. Press <Return> or click on any object to accept a modified value. 1022 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you have entered an invalid address, a message indicating the next available address is displayed. Note You can also change the addresses directly in the device overview. See also Editing properties and parameters (Page 565) Input and output addresses in the address overview (Page 567) Assigning addresses to a location in the program (S7-1200) You can assign addresses of the I/O channels of modules directly to the points of use in the program or to a tag table. Requirement The device view of the hardware and network editor is open. The zoom level in the device view must be set to at least 200% to allow you to see the individual I/O channels. The instruction window of the programming editor or a tag table is open. WinCC Advanced V14 System Manual, 10/2016 1023 Editing devices and networks 10.1 Configuring devices and networks Procedure To assign I/O channels of modules to the points of use in the program or to a tag table, follow these steps: 1. In the device view, navigate to the module with the desired I/O channel. 2. Click and hold down the mouse button to drag the desired I/O address to the corresponding point of use of the block or to the tag table. 1024 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The address of the module is assigned to the point of use in the program or entered as a tag in the tag table. Note The tag for an input or output of a block can also be dragged to the input or output of a module in order to link the tag to the I/O channel of the module. See also Overview of PLC tag tables (Page 4592) Signal board (S7-1200) Inserting a signal board in a CPU (S7-1200) Introduction Signal boards allows you to increase the number of the S7-1200 CPU's own inputs and outputs. Just like all other hardware components, you will find signal boards in the hardware catalog. However, you do not insert signal boards in the rack like other modules but directly in a slot of the CPU itself. Note the following points when using a signal board: Each CPU can have only one signal board inserted in it. A signal board can only be inserted when the slot in the CPU is free. There are various ways of inserting a signal board in a CPU: Double click on a signal board in the hardware catalog when there is a free slot in the CPU Drag from the hardware catalog to a free slot in the CPU Shortcut menu of a signal board in the hardware catalog for copying and pasting Requirement The hardware catalog is open. The S7-1200 CPU has a free slot for the signal board. WinCC Advanced V14 System Manual, 10/2016 1025 Editing devices and networks 10.1 Configuring devices and networks Inserting a signal board in a CPU To insert a signal board in a CPU, proceed as follows: 1. Go to the required signal board in the hardware catalog. 2. Select the signal board you want to use. 3. Drag the signal board to the free slot in the CPU. You have now inserted a signal board in the slot of the CPU. If you are in the network view, you can also drag a signal board to a device. If the CPU has a an empty slot for a signal board, the signal board is inserted automatically into this slot. Configurations for Web server (S7-1200) Information about the web server (S7-1200) Introduction The Web server allows you to monitor the CPU via the Internet or the intranet of your company. This permits evaluation and diagnostics over long distances. Alarms and status information are visualized on HTML pages. Web browser You need a web browser to access the HTML pages of the CPU. The information with which Web browsers and Web browser versions the Web server was tested is available in the corresponding manual (http://support.automation.siemens.com/WW/ view/en/36932465). Reading information via the Web server The following information can be read from the CPU. The availability of the respective web pages depends on the CPU and its firmware version. 1026 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks As of firmware version 4 the web pages are available in several languages. Page/information Description Introduction Entry page for the standard web pages Start page with general CPU information The start page provides an overview of general information on the CPU, the name of the CPU, the type of CPU and basic information on the current operating state. Diagnostics Display of the detailed information about the CPU including the serial number, article number and version numbers. Displays the content of the diagnostics buffer with the most recent entries first. Module information Display of the identification information whether the centrally inserted components of a station are OK, whether there are maintenance requirements or components cannot be reached, for example. As of firmware version 4 a firmware update is pos sible via this Web page. Communication Displays the communication connections during open communication (OUC); displays resources and address parameters. Diagnostic buffer Display of the diagnostic buffer content Tags Displays the status of operands of the user pro gram to monitor and change the values. File browser Data logs in CSV format to transfer to the hard disk of the programming device. The data logs are cre ated with data log instructions in the user program and filled with data. (as of firmware version 4) As of firmware version 4 you have access to files of the internal load memory and of the external load memory (Memory Card) via this web page, for example, to the content of the directories "Da taLogs" and "Recipes". Login Login as a user or logoff. User pages (if user-defined web pages have been configured and loaded) The user web pages deliver a list of web pages with customer-specific web applications. Web access to the CPU via PG/PC Proceed as follows to access the Web server: 1. Connect the client (PG/PC) to the CPU via the PROFINET interface. 2. Open the web browser. Enter the IP address of the CPU in the "Address" field of the Web browser in the format http://ww.xx.yy.zz (example: http://192.168.3.141). The start page of the CPU is opened. From the start page, you can navigate to further information. WinCC Advanced V14 System Manual, 10/2016 1027 Editing devices and networks 10.1 Configuring devices and networks Standard web pages (S7-1200) Requirements for web access (S7-1200) The requirements for access to standard CPU web pages are explained in the following, as well as the effects of missing or existing configuration information. Requirement The web server must be started. The web server only starts when it has been activated in the properties of the CPU in the "Web server" section. Note the following: The web pages are normally transmitted via an non-secure connection and are not secured against hacker attacks. If you want to transfer the web pages in encrypted form to the browser, use the URL https://, followed by the IP address of the CPU. Logon No logon is required to access the standard web pages read-only. A user must be logged on to execute certain actions like changing the operating mode of the CPU or for write access. For S7-1200 CPUs up to FW version V3: You must be logged on as "admin" for the actions listed above. The logon input boxes are on the top left of each standard web page. If you log on as "admin", you must enter the user name and password there. Name: admin. Password: configured CPU password (for password-protected CPU). For S7-1200 CPUs as of FW version 4: You can freely select the names of users and the passwords (CPU parameter "Web server", area "User management"). You assign rights to the users, for example the right to query diagnostics or to update the firmware. JavaScript and cookies The standard web pages use JavaScript and cookies. You must enable both in your web browser. 1028 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If JavaScript is not enabled, the following limitations apply: Data from standard web pages is not automatically updated. You cannot log on as user. Fields cannot be sorted (module information) If cookies are not enabled, you cannot log on. See also Access for HTTPS (Page 1030) Settings for operation (S7-1200) Settings for operation To be able to use the web server of an S7-1200-CPU, you must select the CPU in the network view or the device view and make the following settings in the inspector window under "Properties > General > Web server": Enable the web server Restricting access to the CPU to HTTPS transmission protocol (encrypted transmission) Access via port 80 is then blocked. Communication is only possible via port 443. WinCC Advanced V14 System Manual, 10/2016 1029 Editing devices and networks 10.1 Configuring devices and networks Enabling automatic update of web pages The update interval is set by default and cannot be changed. The CPU updates web pages with changing content ( (for example, status information or diagnostics information) at regular intervals. Creating and managing users Users are exclusively entitled to options that are assigned to the access rights. Depending on the CPU and firmware used, you can assign different user rights. Rights that your CPU does not support cannot be activated. A user called "Everybody" with minimal access rights, that you can, however, extend, is set by default in the user list. A user who uses the Web server without entering a password has "Everybody" user rights. You have the possibility of configuring further users with different access rights. These users have to log on with the configured user name and password. WARNING Unauthorized access to the CPU by means of the Web server Unauthorized access to the CPU or the changing of PLC variables to invalid values can result in interruptions of the processes controlled by the CPU and cause death, serious bodily harm or material damage! Since the activation of the Web server allows authorized persons for example to change operating modes, to write-access CPU data or to update the firmware, we recommend that the following security measures be taken: If possible limit access to the HTTPS protocol. Create users with secure passwords. An example of a secure password is one which is only used for a single application, is more than 8 characters long, and consists of lower- and upper-case letters as well as symbols and numbers (?!+%$1234...). In addition, passwords based on common keyboard sequences or words from the dictionary should be avoided. Change the password at regular intervals. Do not extend the rights of the "Everybody" user. Check the PLC variables in the user program and limit the range of values to permissible ranges since users can set invalid values via the Web server. Access for HTTPS (S7-1200) Access via HTTPS HTTPS is used for encrypting and authentication of communication between the browser and web server. To transfer data between the browser and the CPU using the HTTPS protocol, enter the URL as https://ww.xx.yy.zz in the address line of your browser, whereby ww.xx.yy.zz stands for the IP address of the CPU. You require a valid, installed certificate for error-free HTTPS access to the CPU. If no certificate is installed a warning is displayed with a recommendation not to use this page. To view the page you must explicitly "Add exception". 1030 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You can receive a valid certificate (Certification Authority) "SIMATIC CONTROLLER" as a download from the "Intro" web page under "Download certificate". The help function for your respective web browser provides information on how to install a certificate. Accessing data of the CPU memory (S7-1200) You can access data in the internal or external CPU load memory by means of a standard web page. Use the web page "Data logs" for S7-1200 CPUs up to and including FW version 3. From this web page, you transfer the data logs from the CPU to a drive on your PC. Use the web page "File Browser" for S7-1200 CPUs as of FW version 4. From this web page, you transfer data from the folders "Data logs" or "Recipes", for example, to a drive on your PC. Depending on the file type and the access permissions you have configured for the web server user, you can download, delete, rename or upload the files. The actual directories can only be created, deleted or renamed. Example: Data logs To open a data log, click on the link of the desired data log. You can then open the file (.csv), for example, in Microsoft Excel or in another program you choose or you can save the file. Special note: Data logs are saved in U.S. American CSV format. You can only open the file directly using the U.S. version of Microsoft Excel. If you are using another national version of Microsoft Excel, you must import the file, selecting "comma" in the import assistant as the delimiter. Downloading a data log To download a data log, click on the download icon of the desired data log. You can then open the file (.csv), for example, in Microsoft Excel or in another program you choose or you can save the file. Downloading and clearing or deleting a data log For a CPU with FW version up to V3.0: To download and delete the current entries of the data log, you must be logged on. To do this, click on the "Download and delete" icon of the required data log. You can then open the file (.csv), for example, in Microsoft Excel or in another program you choose or you can save the file. For a CPU as of FW version V4.0: To reset the data log, follow these steps: 1. Open the CSV file, for example with Excel. 2. Delete the rows between the headline and the row with the entry "//END", if this row exists. WinCC Advanced V14 System Manual, 10/2016 1031 Editing devices and networks 10.1 Configuring devices and networks 3. Save the file to a drive on your PC. 4. On the web page "File Browser", delete the data log (which means the CSV file) and load the prepared CSV file to the CPU with the "Upload file" button of the "File Browser" web page. Additional information is available in the S7-1500 CPU system manual. See also Data logging - Overview (Page 3808) Creating and loading user pages (S7-1200) What you need to know about user pages (S7-1200) Concept The concept of user pages or of user-defined web pages allows you to access freely-designed web pages of the CPU with a web browser. The Web server of the CPU provides this function. You are not dependent on special tools for the design and functionality of the user-defined web pages. You can adapt the pages in the layout with CSS, provide dynamic content with JavaScript or use any framework to produce web pages. The totality of files processed by the Web server is also referred to as the "web application". Web application and user program Using HTML code in user-defined web pages (AWP commands), you can also transmit data via a web browser to the user program of the CPU for further processing and can display data from the operand area of the CPU in the web browser. You can use script instructions (such as Javascript) to optimize your web pages, for example to dynamically change contents or validate user entries. 1032 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks To synchronize between the user program and the Web server, but also to initialize, you must call the WWW (SFC 99) instruction in the user program. If no interaction is required between the web application and the user program, for example, if a web page only provides static information, only initialization in the user program is required. If a simple data exchange is necessary between PLC tags and tags in web applications, to display the contents of PLC tags or write a value in a PLC tag for example, the syntax for reading and writing tags has to be observed. In this case only an initialization is required in the user program, for example in the startup OB. If a further interaction is required between the web application and the user program, you must handle status and control information from the Web Control DB in addition to the synchronization between Web server and user program. This is the case, for example, when user entries are transmitted via the web browser to the Web server for evaluation by the CPU. Unlike simple data exchange, the user program directly influences the time at which the requested web page is relayed back to the web browser. In this case, you must be acquainted with the concept of manual fragments and the structure of the Web Control DB. Initialization User-defined web pages are "packaged" in data blocks for processing by the CPU. You must generate appropriate data blocks from the source data (HTML files, images, JavaScript files, etc.) during configuration to be able to download the web application into the CPU. The Web Control DB takes on a special role (default: DB 333). It contains status and control information as well as links to additional data blocks with coded web pages. Data blocks that contain coded web pages are termed "Fragment DBs". When the data block is downloaded into the CPU, the CPU does not "know" that user-defined web pages are coded inside it. The "WWW" (SFC 99) instruction, for example, in the Startup OB informs the CPU which DB is the Web Control DB. The user-defined web pages can be accessed via a web browser after this initialization. Synchronization If the user program is to exchange data with the user-defined web pages, the WWW (SFC 99) instruction must be used in the cyclic program section. Examples of interaction between user program and web page: Check received data Assemble and send back data to the web browser making the request In this case, the status information must be able to be evaluated and control information must be transmitted to the Web server, for example, to release a requested web page. WinCC Advanced V14 System Manual, 10/2016 1033 Editing devices and networks 10.1 Configuring devices and networks Procedural overview (S7-1200) Basic information This section provides a step-by-step explanation of the basic procedure used to create and download custom web pages and to use them in the operating phase. The following graphic provides a simplified representation of the process used in creating and displaying custom web pages: +70/ *,) ::: Programming a web application (using suitable tools when required and AWP commands for dynamic pages when applicable). The web application is comprised of single source files, for example, *.html, *.gif, *.js, etc. Using STEP 7: Generate the data blocks (Web Control DB and fragment DBs) from source files. The DBs contain meta information and the complete web application, including the images and the dynamic and static parts of the web application. The DBs are stored under "System blocks" in the project tree. Call the "WWW" instruction in the user program. This instruction initializes the web server of the CPU for a web application. 1034 If required, complete final programming for interaction between the web server and user program Downloading the blocks to the CPU. Call the web page in the browser. The web pages of the CPU are called by entering the IP address of the CPU. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Additional information You can find additional information and examples relating to the S7-1200 web server on the Internet (http://support.automation.siemens.com/WW/view/en/36932465). Creating web pages (S7-1200) Web design tools from various companies can be used to create user-defined web pages. As a rule, the web pages should be programmed and designed compliant to the conventions of the W3C (World Wide Web Consortium). No check is made for compliance to W3C criteria in the web server of the CPU. Rules The tool must be able to directly edit the HTML code so that the AWP command can be inserted into the HTML page. Only the AWP commands are parsed in the CPU and, for example, replaced by values from the user program/process image of the CPU. Files containing AWP commands must be coded in UTF-8. In the metadata of the HTML page, therefore, set the attribute charset to UTF-8 and save the file UTF-8 coded. Files containing AWP commands must not contain the following sequence: ]] Files containing AWP commands must not contain the following sequence outside of the "Tag read ranges" (:=<Tag name>:): := Tip: Replace the first character of a prohibited sequence with its character coding; for the colon, for example, &#58;. A small example for a custom web page should make clear the basic design. Requirement The CPU must have a web server and the web server of the CPU must be activated. To be able to access PLC tags with write access as a user, you must be logged on as "admin". For the example below, PLC tags must be defined for those PLC tags that are to be shown on the web page. This is shown here for the first tab used, "Tank_below_max". Creating user-defined web pages The following code for an example web page reads values from the process image and provides them in a table. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/ TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> WinCC Advanced V14 System Manual, 10/2016 1035 Editing devices and networks 10.1 Configuring devices and networks <title>Mix</title> </head> <body> <h1>Mix</h1> <h2> Actual State </h2> <table border="1"> <tr> <th>Variable</th> <th>State</th> </tr> <tr> <td>Tank below max</td> <td>:="Tank_below_max":</td> </tr> <tr> <td>Tank above min</td> <td>:="Tank_above_min":</td> </tr> </table> </body> </html> AWP commands for controlling Web pages (S7-1200) Using AWP commands in Web pages (S7-1200) With AWP (Automation Web Programming) commands, you declare the interface between your user pages (Web application, e.g. a simple HTML page) and the CPU data. To develop user pages or Web applications, you need only observe the restrictions of the Web browser. In one of the programming languages of STEP 7, control with the user program in the CPU which CPU data is displayed at what time in the Web browser of the viewer. Use AWP commands, which you comment within the HTML page, to declare data to be used for intentional interaction between the Web application and the user program. You insert AWP commands as HTML comments with a special syntax into HTML pages. Using AWP commands, the following features can be implemented: Read PLC tags Write PLC tag Read special tags Write special tags Define enum types Assign tags to enum types Defining fragments Import fragments 1036 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Syntax of AWP commands An AWP command begins with "<!-- AWP_" and ends with " -->". In JavaScript files, the commands should also be enclosed by JavaScript comments ("/*...*/"). Notation rules for PLC tag names within an AWP command The AWP commands "AWP_In_Variable" and "AWP_Out_Variable" contain a name attribute and optionally a use attribute. A PLC tag name is assigned to these attributes, by means of which the PLC tags in the browser are written or read. The following rules apply to handling PLC tag names in HTML code: PLC tags must be enclosed in quotation marks (" ... "). PLC tags used in AWP commands must also be enclosed by single quotation marks ('" ... "') or with quotation marks masked by a backslash ("\" ... \""). If the PLC tag name contains the character \ (backslash) or * (star), this character must be designated with the escape sequence \\ as standard character of the PLC tag name. See below for examples. If the PLC tag name in the AWP command is also enclosed by single quotation marks and the single quotation mark (') occurs within the name, it must also be designed as normal character by the escape sequence \'. If an absolute address (input, output, bit memory) is used in AWP command, it is enclosed by single quotation marks. PLC tag PLC tag in HTML code "Velocity" <!-- AWP_In_Variable Name='"Velocity"' --> <!-- AWP_In_Variable Name="\"Velocity\"" --> "abc\de" <!-- AWP_In_Variable Name='"abc\\de"' --> "abc'de" <!-- AWP_In_Variable Name='"abc\'de"' --> "abc'de" <!-- AWP_In_Variable Name="abcde" Use'"abc\'de"' --> "DB name".tag <!-- AWP_In_Variable Name='"DB name".tag' --> "DB name"."ta.g" <!-- AWP_In_Variable Name='"DB name"."ta.g"' --> - <!-- AWP_Out_Variable Name='flag1' Use='M0.0' --> See also Reading tags (Page 1037) Writing tags (Page 1040) Special tags (Page 1041) Reading tags (S7-1200) User-defined web pages can read PLC tags. The PLC tag must be specified by a PLC tag name. These OUT variables (direction of output as viewed from the controller) are inserted at any location within the HTML text with the syntax described in the following. WinCC Advanced V14 System Manual, 10/2016 1037 Editing devices and networks 10.1 Configuring devices and networks Syntax :=<varname>: These references are replaced when the Web server is in operation by the current values of the PLC tag in each case. <varname> can be a simple, global PLC tag but also a complete tag path to a structural element. Notation rules for PLC tag names PLC tags in HTML code are enclosed by quotation marks ("), if they are defined in the tag table. In the case of data block tags, the name of the data block is enclosed by quotation marks. If special characters are used in the structure elements of the data block, for example the dot (.) or blank, this part must also be enclosed by quotation marks. Quotation marks are not used for absolute addresses of inputs, outputs or bit memories. PLC tag PLC tag in HTML code "DB_name".var_name :="DB_name".var_name: "DB_name"."var.name" :="DB_name"."var.name": "memory" :="memory": - :=I0.0: :=Q0.0: :=MW100: :=%MW100: "My_Data_Block".flag1 <!-- AWP_Out_Variable Name='flag1' Use='"My_Data_Block".flag1' --> ... :=flag1: If the PLC tag name contains the character : (colon) or \ (backslash), this character must be designated with the escape sequence \: or \\ as standard character of the PLC tag name. PLC tag PLC tag in HTML code "abc:de" :="abc\:de": "abc\de" :="abc\\de": Special characters "<, &, >" Display problems can occur if these characters are contained in the tag name (for example, "a<b"). Avoid expressions such as :="a<b": in the HTML page. To prevent display problems from occurring, use e.g. an AWP command with a use expression according to the pattern depicted below. The use attribute defines the PLC tag with the problematic character, the name attribute defines the name without problematic character, as it is used in the HTML page. 1038 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PLC tag "a<b" PLC tag in HTML code <!-- AWP_Out_Variable Name='simplename' Use='"a<b"' --> ... :=simplename: Reading tags of the type String and Character Below, these types of quotation marks are used in the explanation: single quotes ('), double quotes ("). As of firmware V1.6, with the "Read PLC tags" function, an S7-1500 CPU outputs tags of the type String or Character enclosed in single quotes to the browser. Example: String tag "Varname".MyString with the content ABC You read the tag in HTML using the function :="Varname".MyString: The Web server outputs the character string 'ABC' to the browser Using String or Character tags in expressions On your HTML page, you use an expression in which the character string for reading a tag is enclosed in quotes, for example in forms. Possible HTML code used: <input type="text" name="appfield" value="myvalue"> If you read the displayed value for the "value" attribute from a PLC tag in this expression, the HTML code appears as follows: <input type="text" name="appfield" value=":="Varname".MyString:"> By reading the PLC tag, the Web server outputs the value 'ABC'. In HTML, the code is then represented as follows: <input type="text" name="appfield" value=" 'ABC' "> If you have used single quotes instead of double quotes in your HTML code to enclose the attributes, the Web server passes on the content of the tags enclosed in two single quotes to the browser. As a result of this, the browser does not output the content of the String or Character tag, since two consecutive single quotes each form a closed sequence. The values to be read are located between these sequences and are not output by the browser. In this context, note in particular that the character string with double quotes is not identical to two single quotes even if they appear to be identical, as shown in the following figure. WinCC Advanced V14 System Manual, 10/2016 1039 Editing devices and networks 10.1 Configuring devices and networks +70/FRGH 2XWSXWWRWKHEURZVHUE\WKH:HEVHUYHU 6HTXHQFHVDFWXDOO\UHDG YDOXH ' 9DUQDPH0\6WULQJ'! YDOXH ' '$%&' '! YDOXH ''$%&''! 6HTXHQFH 6HTXHQFH See also Using AWP commands in Web pages (Page 1036) Writing tags (S7-1200) Custom web pages can write data into the CPU. This requires an AWP command that identifies the PLC tag to be written. The PLC tag must also be specified by a PLC tag name. The IN tags (direction of input as viewed from the controller) are placed on the browser page. This can be done, for example, in a form. The tags are either set in the HTTP header (by cookie or POST method) or in the URL (GET method) by the browser and are then written by the Web server into the respective PLC tag. Syntax To allow the IN tags to be written to the CPU, the tags must first be defined by an explicit AWP instruction: <!-- AWP_In_Variable Name='<PLC_Varname1>' Name='<PLC_Varname2>' Name='<PLC_Varname3>' --> Several tags can be defined in an instruction - such as that shown above. The specific PLC tag name is hereby written in double quotation marks; for example <PLC_Varname1> = "myVar". In cases where the name of the tag that you use for the web application is not identical to the name of the PLC tag, the "Use" parameter can be used to assign to a PLC tag: <!-- AWP_In_Variable Name='<Webapp_Varname>' Use='<PLC_Varname>' Example The "AWP_In_Variable" AWP command is indispensable when handling forms. <form method='post' action='/awp/appl/x.html'> <p> <input name='"var1"' type='text'> <input value='set' name='Button1' type='submit'> </p> </form> 1040 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks In the form defined above, the HTTP request method "post" is used to transfer the tag "var1" to the Web server. The user places the "var1" tag in the form field. The tag 'Button1' has the value 'set', but is not required for the CPU. To allow the "var1" tag to be written to the CPU, the following instruction must be included in the same fragment: <!-- AWP_In_Variable Name='"var1"' --> Since PLC tags are enclosed in double quotation marks ("), the name in the AWP command must be enclosed in single quotation marks (') or in masked quotation marks (\"). To avoid the numerous escape sequences, we recommend the use of single quotation marks. <!-- AWP_In_Variable Name='"Info".par1' --> <!-- AWP_In_Variable Name="\"Info".par1\"" --> Conditions for write access during operation The following requirement has to be met in order for a user to be able to write to PLC tags from a user-defined web page: The user must have rights to change tags. The Web server ignores the commands if the user has no change rights. This rules applies to all writing access to web pages on a CPU. See also Requirements for web access (Page 1028) Using AWP commands in Web pages (Page 1036) Special tags (S7-1200) Special tags are mainly HTTP tags set in the definition of the World Wide Web Consortium (W3C) . Special tags are also used for cookies and server tags. The AWP command to read and write special tags differ only in that they have additional parameters than the AWP command used to read and write normal tags. Reading a special tag The Web server can read PLC tags and transfer these to special tags in the HTTP Response Header. You can, for example, read a URL for a diversion to another web page and transfer to the special tag HEADER:Location using the special tag HEADER:Location. The following special tags can be read: WinCC Advanced V14 System Manual, 10/2016 Name Description COOKIE_VALUE:name Value of cookie with name: "name" COOKIE_EXPIRES:name Execution time of cookie with name: "name" in seconds (must be set beforehand). HEADER:Status HTTP status code (if no other value has been set, status code 302 is returned). HEADER:Location Path for forwarding to another page. Status code 302 must be set. 1041 Editing devices and networks 10.1 Configuring devices and networks Name Description HEADER:Retry-After Anticipated time in which the service is not availa ble. Status code 503 must be set. HEADER: ... All other header tags can also be forwarded in this way. Use the AWP command "AWP_Out_Variable" to specify which PLC tags are to be transferred in the HTTP header to the web browser. Basic structure: <!-- AWP_Out_Variable Name="<Typ>:<Name>" [Use="<Varname>"] --> Parameter description Name: Type and name of special tag Use (optional parameter): In cases where the name of the special tag is not identical to the name of the PLC tag, parameter "Use" can be used to assign to a PLC tag. Example: <!-- AWP_Out_Variable Name="COOKIE_VALUE:siemens" Use='"info".language' --> Writing a special tag In principle, all HTTP tags written in the HTTP header by the web browser can be evaluated by the user program of the CPU. Examples of tag types: Name Description HEADER:Accept-Language Accepted or preferred language HEADER:Authorization Proof of authorization for a requested resource HEADER:Host Host and port of the requested resource HEADER:User-Agent Information on the browser HEADER: ... All other header tags can also be forwarded in this way SERVER:current_user_id Indicates whether a user is logged on (cur rent_user_id=0: no user logged on) SERVER:current_user_name User name of the user logged on SERVER:GET Request method is GET SERVER:POST Request method is POST COOKIE_VALUE:name Value of cookie with name: "name" The AWP command "AWP_In_Variable" is used to define which special tags are to be evaluated in the user program of the CPU. 1042 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Basic structure: <!-- AWP_In_Variable Name="<Typ>:<Name>" [Use="<Varname>"] --> Parameter description: Name: Type and name of special tag Use (optional parameter): In cases where the name of the special tag is not identical to the name of the PLC tag, the parameter Use can be used to assign to a PLC tag. Examples: <!-- AWP_In_Variable Name="COOKIE_VALUE:siemens" Use='"info".language' --> The tag name in the HTTP header is replaced by the PLC tag name specified by Use . The cookie is written to the PLC tag "info".language . <!-- AWP_In_Variable Name='COOKIE_VALUE:siemens' Use='"info".language' --> The tag name in the HTTP header is replaced by the PLC tag name specified by Use. The cookie is written to the PLC tag "info".language . <!-- AWP_In_Variable Name='"COOKIE_VALUE:siemens"' --> The HTTP-header variable is written in the same-name PLC variable. See also Using AWP commands in Web pages (Page 1036) Enumeration types (S7-1200) Enumeration types (enums) Numerical values from the PLC program can be converted into text and vice versa using enums. The numerical values can also be assigned for several languages. Creating enums Enter an AWP command using the following syntax at the start of the HTML file: WinCC Advanced V14 System Manual, 10/2016 1043 Editing devices and networks 10.1 Configuring devices and networks <!-- AWP_Enum_Def Name="<Name of the enum type>" Values='0:"<Text_1>", 1:"<Text_2>", ... , x:"<Text_x>"' --> For example, for German values to be saved as an HTML file in the "de" folder of the HTML directory: <!-- AWP_Enum_Def Name="Enum1" Values='0:"an", 1:"aus", 2:"Storung"' --> For example, for English values, to be saved as an HTML file in the "en" folder of the HTML directory: <!-- AWP_Enum_Def Name="Enum1" Values='0:"on", 1:"off", 2:"error"' --> Assigning enums Tags are assigned from the user program to the individual enum texts using a special AWP command: <!-- AWP_Enum_Ref Name="<VarName>" Enum="<EnumTypeName>" --> <VarName> is thereby the symbolic name from the user program and <EnumTypeName> is the previously set name of the enum type. Note In each fragment in which enum texts are referenced by a PLC tag, this PLC tag must be assigned by the appropriate AWP command of the enum type name. Ensure that no AWP command for importing fragments is positioned between an enum assignment and enum usage because this import can result in the enum assignment lying in a different fragment than the enum usage. Example Enum type "state" is defined with values "0" and "1". "0" means "off", "1" means "on": <!-- AWP_Enum_Def Name="state" Values='0:"off", 1:"on"' --> The following code is contained in the HTML code of the web page to be output: <!-- AWP_Enum_Ref Name="operating state" Enum="state" --> :=operating state: 1044 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Depending on the value of the "operating state" tag, the result displayed is no longer "0" or "1", but "off" or "on". Simplified use of enumeration types (S7-1200) At S7-1200 CPUs as of firmware version 4 it is possible to use enumerations directly in AWP commands to read and write PLC variables. You create enums as described in the previous section, and you can then utilize the values with user program read and write commands. Creating enums <!-- AWP_Enum_Def Name="<Name des Enum Typs>" Values='0:"<Text_1>", 1:"<Text_2>", ... , x:"<Text_x>"' --> Utilizing enums in the user program read and write commands <!-- AWP_In_Variable Name='<Varname>' Enum="<EnumType>" --> <!-- AWP_Out_Variable Name='<Varname>' Enum="<EnumType>" --> Example of reading PLC tags <!-- AWP_Enum_Def Name='AlarmEnum' Values='0:"No alarms", 1:"Tank is full", 2:"Tank is empty"' --><!-- AWP_Out_Variable Name='"Alarm"' Enum="AlarmEnum" -->...<p>The current value of "Alarm" is :="Alarm":</p> If the value of "Alarm" in the CPU is "2", the following text will be displayed on the HTML page: 'The current value of "Alarm" is Tank is empty' because the enum definition assigns the string "Tank is empty" to the numerical value 2. Example of writing PLC tags <!-- AWP_Enum_Def Name='AlarmEnum' Values='0:"No alarms", 1:"Tank is full", 2:"Tank is empty"' --><!-- AWP_In_Variable Name='"Alarm"' Enum='AlarmEnum' -->... <form method="POST"> <p><input type="hidden" name='"Alarm"' value="Tank is full" /></p> <p><input type="submit" value='Set Tank is full' /></p> </form> Because the enum definition assigns the string "Tank is full" to the numerical value "1", the value "1" is written to the PLC tag "Alarm". WinCC Advanced V14 System Manual, 10/2016 1045 Editing devices and networks 10.1 Configuring devices and networks Definition of fragments (S7-1200) Fragments Fragments are "logical sections" of a web page to be processed by the CPU individually. Fragments are usually complete pages but can also be individual elements such as files (for example, images) or complete documents. Defining fragments <!-- AWP_Start_Fragment Name="<Name>" [Type="<Type>"] [ID="<Id>"] [Mode=<Mode>]--> The start of a fragment is specified by this command. A fragment runs to the start of the next fragment or to the end of the file. <Name> Indicates the name of the fragment. The name must start with a letter [a-zA-Z] or an underscore ( _ ). Letters, underscores or numbers [0-9] can follow after this first character. <Type> Indicates the type of the fragment. - "manual" The user program is informed of the request for a fragment; the web page to be returned can be changed by the user program. - "automatic" The page is automatically processed (default). <id> A numeric ID can be stipulated for the fragment. If no ID is assigned, the fragment is automatically assigned an ID. For manual pages (<Type>=manual) , the fragment can be addressed in the user program of the CPU by this ID. Note Keep the ID low because the highest ID influences the size of the Web Control DB. <Mode> Fragments support the visible and hidden modes. - "visible" The fragment is a part of the web page. This mode is preset and can also be omitted. - "hidden" The fragment is not part of the web page. However, the fragment will be saved in the Web DB and is available to the user program for inserting in a requested web page. You use an exchange of the fragment ID (Web-Control-DB.fragment_index tag) to insert a "hidden" fragment in the requested web page. The input document is completely divided into fragments by the "AWP_Start_Fragment" command. "AWP_End_Fragment" is therefore unnecessary. Without a start fragment command, a file is mapped as a fragment; the fragment name is derived from the file name. If a file is divided into several fragments (by "AWP_Start_Fragment"), the file must begin with the "AWP_Start_Fragment" command. 1046 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Importing fragments (S7-1200) You can declare a fragment in an HTML page and import this fragment into other web pages. Example A company logo is to be displayed on all web pages of a web application. There is only one instance of the HTML code for the fragment that displays the company logo. You can import the fragment as often and into as many HTML files as required. Syntax <!-- AWP_Import_Fragment Name = "<name>"--> <name> is the name of the fragment to be imported. Example HTML code within a web page that declares a fragment: <!-- AWP_Start_Fragment Name = "My_Company_Logo" --> <p><img src = "compay_logo.jpg"></p> Example HTML code within another web page that imports the declared fragment: <!-- AWP_Import_Fragment Name = "My_Company_Logo" --> Creating and loading a data block (S7-1200) Requirement All source files required for the web application (*.html, *.js, *.png, ...) have been created. The source files are located in one folder, but only those source files that are required for the web application. No other files may be located in this folder. WinCC Advanced V14 System Manual, 10/2016 1047 Editing devices and networks 10.1 Configuring devices and networks Note Length of file names and tag names If you have a comprehensive web application with many files and directories, the generation of the web data blocks may possibly fail. If this happens, the generation is aborted with the message "Text list overflow...". The cause is system-internal size limitations for management information saved in the web data block. Remedy: Use short file names and short tag names. Procedure To create data blocks from the source files for user-defined web pages in STEP 7, proceed as follows: 1. Select the CPU, for example, in the device configuration. 2. Select the properties for user-defined web pages in the inspector window under "Properties > General > Web server". 3. As "HTML source", select the folder that contains the source files for the web application. 4. Enter the HTMP page to be opened on starting the web application as the start HTML page. 5. Enter a name for the application if required. 6. You can supplement a range of file name extensions as "Files with dynamic content" if necessary. Only enter those file name extensions that also contain AWP commands. 7. The number for the Web Control DB and for the fragment DB start number can be kept as long as they are not already being used by your user program. 8. Click on the "Generate" button to create DBs from the source files. The generated data blocks are saved in the project navigation in the "System block" folder (in the "Web server" subfolder). 9. In the CPU, select the network view to be loaded and then select the "Download to device" command in the "Online" menu to download the blocks. Compilation of the blocks is implicitly initiated before downloading. If errors are reported during this process, you must correct these errors before you can download the configuration. Creating and loading a data block (S7-1200) Requirement All source files required for the web application (*.html, *.js, *.png, ...) have been created. The source files are located in one folder, but only those source files that are required for the web application. No other files may be located in this folder. 1048 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Length of file names and tag names If you have a comprehensive web application with many files and directories, the generation of the web data blocks may possibly fail. If this happens, the generation is aborted with the message "Text list overflow...". The cause is system-internal size limitations for management information saved in the web data block. Remedy: Use short file names and short tag names. Procedure To create data blocks from the source files for user-defined web pages in STEP 7, proceed as follows: 1. Select the CPU, for example, in the device configuration. 2. Select the properties for user-defined web pages in the inspector window under "Properties > General > Web server". 3. As "HTML source", select the folder that contains the source files for the web application. 4. Enter the HTMP page to be opened on starting the web application as the start HTML page. 5. Enter a name for the application if required. 6. You can supplement a range of file name extensions as "Files with dynamic content" if necessary. Only enter those file name extensions that also contain AWP commands. 7. The number for the Web Control DB and for the fragment DB start number can be kept as long as they are not already being used by your user program. 8. Click on the "Generate" button to create DBs from the source files. The generated data blocks are saved in the project navigation in the "System block" folder (in the "Web server" subfolder). 9. In the CPU, select the network view to be loaded and then select the "Download to device" command in the "Online" menu to download the blocks. Compilation of the blocks is implicitly initiated before downloading. If errors are reported during this process, you must correct these errors before you can download the configuration. Structure of the PLC program (S7-1200) Your user program must call the " WWW" instruction to even allow the web application, for example, the user-defined web pages, to be available to the CPU on the standard web pages and to allow them to be called up there. The Web Control DB you have created from the source files is the input parameter (CTRL_DB) for the "WWW" instruction. The Web Control DB references the content of the user-defined web pages coded in the fragment DB and then receives status and control information. WinCC Advanced V14 System Manual, 10/2016 1049 Editing devices and networks 10.1 Configuring devices and networks Calling the "WWW" instruction in the startup program If you do not want the user program to influence requested web pages, it is sufficient to only call the "WWW" instruction once in a startup OB. This instruction initializes communication between the web server and the CPU. Calling the "WWW" instruction in the cyclic program The "WWW" instruction can also be called in an OB processed in cycles (for example, OB 1). This has the advantage of being able to respond to web server requests from within the user program. Manual fragments must be used for this. In this case, you must evaluate information from the Web Control DB in order to identify the requested web page or the requested fragment. On the other hand, you must set a bit in the user program in order to explicitly release the web page to be returned by the web server after processing the web page request. The structure of the Web Control DB is described in the following section. Web Control DB (S7-1200) The Web Control DB (DB 333 by default) is created by STEP 7 and contains information on the structure of user pages, the status of communication and any errors that occur. Additional fragment DBs are also created as well as the Web Control DB. These fragment DBs (there may also only be one fragment DB) are referenced in the Web Control DB. The fragment DBs contain the web pages and media data coded in fragments, for example, images. The content of the fragment DB cannot be changed by the user program. It is created automatically and is only for data management. The status and control tags of the Web Control DB are accessed via symbols. The following lists the tags of the Web Control DB required for status evaluation and to control interaction. The Web Control DB provides two types of information: Global status information: Not bound to a concrete web page request. Request status and control information: Information about queued requests. Global status information "WEB-Control_DB".commandstate.init Activates and initializes the web application. "WEB-Control_DB".commandstate.deactivate Deactivates the web application. "WEB-Control_DB".commandstate.inititializing The web application is initialized (read Web Control DB, etc.). "WEB-Control_DB".commandstate.error Web application could not be initialized. The reason is coded in "WEB-Control_DB".com mandstate.last_error . "WEB-Control_DB".commandstate.deactivat The web application is closed. ing 1050 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "WEB-Control_DB".commandstate.initialized The web application has been initialized and is ready. "WEB-Control_DB".commandstate.last_error Refer to the next table for a value table of pos sible errors. Last_error Description 1 Fragment DB is inconsistent (does not match the Web Control DB). 2 A web application already exists with this name. 3 Memory problem initializing in the web server. 4 Inconsistent data in the Web Control DB. 5 A fragment DB is not available (not loaded). 6 No AWP ID for a fragment DB. 7 The enum fragment is not available (contains the texts and information on the enum types). 8 An action requested via the command flag in the Web Control DB is prohibited in the current state. 9 Web application is not initialized (if there is no reinitializing after disabling). 10 Web server is disabled. ... Last_error is reset once the web application has been successfully initialized. Request status information Request status information is bound to one of four possible requests, x = [1 ... 4]. "WEB-Control_DB".requesttab[x].idle "WEB-Control_DB".requesttab[x].waiting "WEB-Control_DB".requesttab[x].sending "WEB-Control_DB".requesttab[x].aborting Nothing need be done. The user program must react to a request from a manual fragment and explicitly initiate further processing in the web browser. The web server is occupied with processing the request/fragment. The TCP connection is closed by the web serv er. Request control information Request control information is bound to one of four possible requests, x = [1 ... 4]. "WEB-Control_DB".requesttab[x].continue "WEB-Control_DB".requesttab[x].repeat WinCC Advanced V14 System Manual, 10/2016 Releases the fragment being processed for transmission. Processing of the next fragment is initiated. Releases the fragment being processed for transmission. The fragment is then processed again. 1051 Editing devices and networks 10.1 Configuring devices and networks "WEB-Control_DB".requesttab[x].abort "WEB-Control_DB".requesttab[x].finish Closes the TCP connection. Releases the fragment being processed for transmission. Stops further processing of re quests (terminates the request). Example: The tag for the DB is: "WEB-Control_DB". Whether errors have occurred during initialization of the web application can be determined by requesting bit "WEBControl_DB".commandstate.error in the user program. If an error has occurred you can analyze it using the "WEBControl_DB".commandstate.last_error value. Interaction with the user program (S7-1200) With the help of manual fragments, you can make sure that the user program reacts synchronously to browser entries so that the returned website can be prepared by the user program. Fragment type To react to the received data in the user program the "manual" fragment type must be used for the fragment writing the data (for "manual pages"): <!-- AWP_Start_Fragment Name="testfrag" ID="1" Type="manual" --> The values are always transferred to the Web server of the CPU for automatic and manual pages in the same way: Example: <form method="POST" action=""> <p> <input type="submit" value="Set new value"> <input type="text" name='"Velocity"' size="20"> </p> </form> User program for manual fragments When using manual pages, the "WWW" instruction must be called in cycles in the user program of the CPU. To react to values entered in the browser, the request - which is made by the manual page to the Web server - must first be evaluated in the user program. The web-control-DB (for example, DB 333) must investigate pending requests to do this. The array that manages four requests is contained in the "requesttab" section of the Web Control DB. Each element of the array contains information about the respective request in a structure. A simple programming example shows how queued requests are checked based on the tags of the Web Control DB. 1052 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks In cases where a request has been made, this program section writes the fragment ID in the #frag_index tag and the request no. (value range 1-4) in the #req_index tag. Using the information from this, the information transferred in the request can now be processed separately for each fragment ID in the program (for example, plausibility check). Once processing of the request has been completed by the program, the request must be answered and the appropriate entry is once more reset under"requesttab" of the Web Control DB (for example, DB 333). WinCC Advanced V14 System Manual, 10/2016 1053 Editing devices and networks 10.1 Configuring devices and networks A simple programming example for replying to requests: 1054 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Principle sequence of a browser request with interaction from the user program The following figure shows the simplified, principle sequence of the web browser request on the effects of Web Control DB content and the actions required from the user program until the processed web page is returned (response). 5HVSRQVH :HEEURZVHU 5HTXHVW :HEVHUYHU 3URFHVVUHVSRQVH '%ZDLWLQJ 758( '%UHTFRQWLQXH 758( 6HW,1YDULDEOH GDWDWDEOH :ULWH,1YDULDEOH GDWDWDEOH 8VHUSURJUDP 3URFHVVUHTXHVW :HE&RQWURO'% &38 ,GHQWLI\UHTXHVWHG SDJH UHTXHVW (YDOXDWHDQG SURFHVV,1YDULD EOHVVHW287 YDULDEOHV (QDEOHUHTXHVWHG SDJH Displaying custom web pages in the browser (S7-1200) Display web pages in browser Web pages are called from the standard web pages of the web browser. WinCC Advanced V14 System Manual, 10/2016 1055 Editing devices and networks 10.1 Configuring devices and networks In addition to the other links in the navigation bar, the standard web pages also have a link to "user pages". Click on the "user pages" link to open the web browser you have configured as the default HTML page. Creating custom web pages in several languages (S7-1200) You can make each of your custom web pages available in various languages. Requirements The language-dependent HTML; pages must be stored in a folder structure containing folders with the respective language abbreviations: Specified language abbreviations Language abbreviations "de", "en", "fr", "es", "it" and "zh" are fixed. Additional language folders or other designated language folders are not supported. Additional folders within the same folder hierarchy for other files can be created as required; for example, an "img" folder for images and a "script" folder for JavaScript files. Selecting an entry page (S7-1200) Defining the user page as the start page In addition to the default intro page, you can also define the start page of your user pages as the start page of the Web server. Follow these steps to define the user pages in STEP 7 as the start page of the Web server: 1. Select the CPU in the device configuration. 2. Open the settings in the Inspector window of the CPU under "Properties > General > Web server". 3. Select the entry "AWP1" in the area "Entry page" under "Select entry page". If you now enter the IP address of the CPU in the browser, a connection to your user pages is automatically established. If you want to access the Web pages of your CPU again, link the Web pages from your user pages, e.g. via the URL "http://a.b.c.d./Portal/Portal.mwsl?PriNav=Start" or "https://a.b.c.d/ 1056 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Portal/Portal.mwsl?PriNav=Start". In this case, the information "a.b.c.d" represents, as an example, the IP address of the configured CPU. Example of the link in HTML: <a href="/Portal/Portal.mwsl?PriNav=Start">SIMATIC Web pages</a> Note If you define your user page as start page of the Web server, all direct access to the Web pages of the CPU is blocked. This applies also to the bookmarks you saved for the Web pages of the CPU as well as the page for reading out the service data. Reading out service data If you define your user page as the start page of the Web server, all direct access to the Web pages for reading out the service data is also blocked. If you want to continue to read out service data via the Web server in a service situation, here is how you can link the service data page directly to your user page. Just as for the web pages of the CPU, link the service data page e.g. via the URL "http://a.b.c.d/ save_service_data" or "https://a.b.c.d/save_service_data"; the "a.b.c.d" here is an example of the IP address of the configured CPU. Example of the link in HTML: <a href="/save_service_data">Service data</a> Language switching for custom web pages (S7-1200) Requirements The HTML pages are contained in the predefined language folders, for example, HTML pages with German text are in the "de" folder, HTML pages with English text are in the "en" folder. Language switching concept Language switching is based on a predefined cookie named "siemens_automation_language". If the cookie is set to value "de", at the next web page request or web page update, the web server switches to the web page from the "de" folder. Similarly, the web server switches to the web page from the "en" folder when the cookie is set to "en". Example of language switching (S7-1200) The example is structured as follows: The language-dependent HTML files with the same name, for example, "langswitch.html" are located in both language folders "de" and "en". The text to be displayed within the two files are German or English, corresponding to the name of the folder. There is an additional "script" folder in the folder structure containing the JavaScript file "lang.js". Functions required for language switching are stored in this file . WinCC Advanced V14 System Manual, 10/2016 1057 Editing devices and networks 10.1 Configuring devices and networks Structure of the "langswitch.html" file ("de" folder) Meta data "content language", charset and path to JavaScript file are set in the file header. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Language" content="de"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Switch language to German page</title> <script type="text/javascript" src="script/lang.js" ></script> <head> Language selection is implemented in the body of the file by the "select" HTML element. The select element initiates a list box and contains the "de" option, labeled as "German" and "en", labeled as "English"; "de" is the default. The "DoLocalLanguageChange(this)" function is called using the "onchange" event handler. The "this" parameter transmits the select object with the selected option to this function. "onchange" calls the function each time the option is changed. <!-- Language Selection --> <table> <tr> <td align="right" valign="top" nowrap> <!-- change language immediately on change of the selection --> <select name="Language" onchange="DoLocalLanguageChange(this)" size="1"> <option value="de" selected >Deutsch</option> <option value="en" >English</option> </select> </td> </tr> </table> <!-- Language Selection End--> Structure of the "langswitch.html" file ("en" folder) The header of the HTML file with English text is structured similarly to the HTML file with German text. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Language" content="en"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Language switching english page</title> <script type="text/javascript" src="script/lang.js" ></script> Language selection is also implemented in the body of the file by the "select" HTML element. In contrast to the German HTML file, the English option is already selected as a default and the test or the labels are in English. <!-- Language Selection --> <table> <tr> <td align="right" valign="top" nowrap> 1058 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks <!-- change language immediately on change of the selection --> <select name="Language" onchange="DoLocalLanguageChange(this)" size="1"> <option value="de" >German</option> <option value="en" selected >English</option> </select> </td> </tr> </table> <!-- Language Selection End--> Structure of "lang.js" file (in the "script" folder) The " DoLocalLanguageChange" function is defined in the Java script file and calls the "SetLangCookie" function with the language selection value. SetLangCookie combines the cookie name and cookie value and then sets the cookie by means of the corresponding document.cookie property. The web page must then be reloaded (top.window.location.reload) to allow the web server to react to the setting of the cookie by displaying the required language. function DoLocalLanguageChange(oSelect) { SetLangCookie(oSelect.value); top.window.location.reload(); } function SetLangCookie(value) { var strval = "siemens_automation_language="; // this is the cookie by which the web server // detects the desired language // this name is required by the web server strval = strval + value; strval = strval + "; path=/ ;"; // set path to the application, since otherwise // path would be set to the requesting page // would not get the cookie. // The path for user defined applications follows this sample: // path=/awp/<application name>/<pagename> // example: path=/awp/myapp/myappstartpage.htm //(where myapp is the name of the web application // entered in the web server properties of the cpu) /* use expiration if this cookie should live longer than the current browser session var now = new Date(); var endttime = new Date(now.getTime() + expiration); strval = strval + "; expires=" + endttime.toGMTString() + ";"; */ document.cookie = strval; } WinCC Advanced V14 System Manual, 10/2016 1059 Editing devices and networks 10.1 Configuring devices and networks Additional examples (S7-1200) Filling bottles with different drinks This example describes a bottling plant (http://support.automation.siemens.com/WW/view/en/ 94681612) that can be monitored and controlled via a user-defined Web page. It is possible to decide the type of drinks to be bottled using a recipe. For the control and visualization of the plant, no panel (HMI) is necessary. A Web browser serves to display the Web page. The Web page is regularly supplied with current process values. This is done with an invisible inline frame (iframe) that is re-sent regularly by the Web server. Current process values reach the browser with the inline frame. Using JavaScript, the process values are read from the inline frame and inserted in the main page. In addition to this, users can call functions on the CPU via the Web page, for example starting or stopping bottling or importing or exporting recipes (refer to the link Bottling plant application (http://support.automation.siemens.com/WW/view/en/94681612)). Filling and emptying a tank This example describes a tank for liquids (http://support.automation.siemens.com/WW/view/ en/58862931) that can be monitored and controlled via a user-defined Web page. Using buttons, the user controls the inflow into the tank and the outflow from the tank. The current fill level is displayed along with the last ten fill levels with time information The pages "Overview" and "Data" read in the current process values at fixed intervals whereby the Web server sends the pages completely new to the browser. The "DataOpti" page, on the other hand, uses an inline frame simply to receive the current fill levels of the tank from the Web server (see Tank simulation application (http:// support.automation.siemens.com/WW/view/en/58862931)). 1060 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration control (option handling) for devices (S7-1200) Important information regarding configuration control (option handling) (S7-1200) Operating principle With S7-1200 Firmware Version 4.1 or higher, the configuration control enables you to configure the structure of a control system and to work with variants (options) that differ from this configuration. All modules that are needed in a set of similar plant units or machines are configured in a master project with a maximum configuration (station master). Provision is made in the user program of the master project for various station options for various plant units or machines as well as the selection of a station option. A station option uses, for example, only some of the configured modules and these modules are inserted in varying order. An operator selects a station option for a specific plant on-site. The operator does not have to modify the project and thus also does not have to download a modified configuration for this. 6WDWLRQPDVWHU 6WDWLRQRSWLRQ 6WDWLRQRSWLRQ WinCC Advanced V14 System Manual, 10/2016 6WDWLRQRSWLRQ 1061 Editing devices and networks 10.1 Configuring devices and networks A control data record you have programmed in the startup program notifies the CPU as to which modules are missing or located in different slots as compared to the preset configuration. The configuration control has no effect on the parameter assignment of the modules. Configuration control gives you the flexibility to vary the central installation as long as the real configuration can be derived from a preset maximum configuration. Below you will find a description of how to activate configuration control (CPU parameter assignment) and how to structure the required data record. Requirements STEP 7 Version V13 SP1 or higher CPU S7-12XX Firmware Version V4.1 or higher Modules that support the "Configuration control" function also have the "Configuration control" entry in the description (info text) of the hardware catalog. Recommendation: Before you load a new program with a modified control data record, perform a memory reset. This action will prevent inconsistent states that may result from the presence of incompatible control data records. The startup parameter "Compare preset to actual configuration" is set to "Startup CPU even if mismatch" (default setting). 1062 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Required steps 1. Enable the "Allow to reconfigure the device via the user program" parameter when configuring the CPU ("Configuration control" area). 2. Create a control data record (e.g., in a data block) according to the current configuration based on the sample described below for the control data record. The control data record has the number 196. If you want to transfer the control data record as a whole block to the WRREC instruction (input parameter RECORD), note that you must first create a PLC data type containing the structure of the control data record and base the data block on this PLC data type. 3. Transfer the control data record to the CPU in the startup program. The configuration control for the centrally inserted modules takes effect only after an operating mode change of the CPU from STOP to RUN. For this reason, call the extended WRREC (Write data record) instruction in the startup OB, and transfer the created control data record to the CPU; see next section. WinCC Advanced V14 System Manual, 10/2016 1063 Editing devices and networks 10.1 Configuring devices and networks If a valid control data record is not transferred in the startup OB, the control is not ready for operation. The CPU returns from startup to STOP in this case. Transferring a control data record in the startup program The CPU processes the WRREC instruction for asynchronous transfer of the control data record. For this reason, you must call WRREC in the startup OB repeatedly in a loop until the output parameter "BUSY" or "DONE" indicate that the data record has been transferred. Tip: Use the SCL programming language (Page 4747) with the REPEAT ... UNTIL instruction for programming the loop. REPEAT "WRREC_DB"(REQ := "start_config_control", ID := 33, INDEX := 196, LEN := "conf_LEN", DONE => "conf_DONE", BUSY => "conf_BUSY", ERROR => "conf_ERROR", RECORD := "ConfDB".ConfigControl, STATUS => "conf_STATUS"); UNTIL NOT "conf_BUSY" END_REPEAT; 1064 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Below, you will find explanations for individual block parameters that you must supply with specific values in the configuration control context. For the remaining block parameters, see also WRREC (Page 3437): Parameter Explanation ID HW identifier; is always 33 (decimal) for configuration control for centrally arranged modules. INDEX Data record number; is always 196 (decimal) for configuration control for centrally ar ranged modules. RECORD Control data record to be transferred. See the section "Control data record" for the structure of the control data record. Tip: The "RECORD" block parameter of the WRREC instruction (V1.1 and higher) is of the "VARIANT" data type and therefore requires a tag with data type. If you store the control data record in a data block, this data block must thus have a data type. The data block created must not be of the "Global-DB" type. Rather, it must be derived from a user data type. Proceed as follows: 1. First, create a new PLC data type (user data type) with the structure of the control data record and name it, for example, "ConfDB". 2. Create a new data block. Select the newly created user data type, for example, "ConfDB", as type for this data block. In graphical programming languages, you realize the loop using instructions for program control. Example in FBD: Use the LABEL (jump label) and JMP (jump at RLO=1) instructions to program a loop. WinCC Advanced V14 System Manual, 10/2016 1065 Editing devices and networks 10.1 Configuring devices and networks Arrangement of the modules The following table shows the slot number assignment: Slot Modules Note 1 Signal board, communication board, bat tery board Slot on front of the CPU 2-9 Signal modules Slots to the right of the CPU 101 - 103 Communications modules Slots to the left of the CPU Control data record A control data record 196 containing a slot assignment is defined for configuration control. The following codes apply: 0 1 to 9, 101 to 103 16#FF (255) Module is included in the hardware configuration but is not used in the current configuration. Current slot of the module A module is not located in this slot in the hardware configuration. Byte Element Code Explanation 0 Block length 4 + number of slots Header 1 Block ID 196 2 Version 5 (for central I/O) 3 Subversion 0 4 Assignment of the CPU ex Expansion board, 0 or pansion board 16#FF 5 Assignment of configured slot 2 Real slot, 0 or 16#FF ... ... ... 12 Assignment of configured slot 9 Real slot, 0 or 16#FF 13 Assignment of configured slot 101 Real slot or 16#FF 14 Assignment of configured slot 102 Real slot or 16#FF 15 Assignment of configured slot 103 Real slot or 16#FF Control element Describes in each ele ment which real slot in the device is assigned to the configured slot. The structure of a con trol element is descri bed in the following section. In contrast to signal modules, the real slot of the communications modules must corre spond to the config ured slot. Structure of a control element A control element contains the information on which module is inserted in which slot. 1066 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The byte numbers represent the configured slots in ascending order (see above): Byte 4 stands for the configured slot of the expansion board Byte 5 to byte 9 stand for the configured slots 2 to 9 Byte 13 to byte 15 stand for the configured slots 101 to 103 The value that you need to enter in the corresponding byte depends on the following rule: If the module is present in the real configuration, enter the real slot number of the module. - Example 1: The module configured in slot 2 is located in slot 2. Enter value 2 (= actual slot) in byte 5 (= configured slot 2). - Example 2: The module configured in slot 3 is located in slot 2. Enter value 2 (= actual slot) in byte 6 (= configured slot 3). If the module is configured but is missing in the real structure, enter 0 in the byte for the configured slot. If a module is not located in this slot in the hardware configuration, enter 16#FF (255) in the byte for the configured slot. Rules Observe the following rules: The configuration control does not support the repositioning of communications modules. The slot entries in the control data record for slots 101 to 103 must correspond to the real positions of the modules or be defined as not present in the hardware configuration by entering 16#FF (255). Slot gaps in the configuration are not allowed. For example, if a signal module is inserted in slot 4 in the real configuration, slots 2 and 3 of the real configuration must also be occupied. The same applies to the slots 101 to 103. If a communications module is inserted in slot 102 in the real configuration, slot 101 must also have a communications module inserted in the real configuration. If you have enabled configuration control, the CPU is not ready for operation without a control data record. The CPU returns from startup to STOP if a valid control data record is not transferred in the startup OB. The central I/O is not initialized in this case. The cause for the STOP mode is entered in the diagnostics buffer. For addressing the WRREC instruction, use the HW identifier 33 (decimal, for the ID block parameter) to write the control data record. The control data record is saved retentively in the CPU, which means that it is not necessary to write the control data record 196 again at a restart if the configuration is unchanged. Prior to commissioning, we recommend that a memory reset be performed for the CPU in order to delete any control data record that is present. Slot entries in the control data record outside the configured preset configuration are ignored by the CPU. Each real slot may only be present once in the control data record. A real slot may only be assigned to one configured slot. WinCC Advanced V14 System Manual, 10/2016 1067 Editing devices and networks 10.1 Configuring devices and networks Note Modified configuration The writing of a control data record with a modified configuration triggers the following automatic reaction by the CPU: Memory reset with subsequent startup with this modified configuration. As a result of this reaction, the retentively saved original data record 196 is deleted and the new data record 196 is saved retentively. Behavior during operation Effect of the discrepancy between the configured configuration and real configuration: For the online display and for the display in the diagnostics buffer (module OK or module faulty), the hardware configuration is always used and not the differing real configuration. Example: A module supplies diagnostic information. This module is configured in slot 4, but is really inserted in slot 3 (missing module; see example in the next section). In the online view, a configured slot 4 is indicated as faulty. In the real configuration, the module in slot 3 indicates an error via an LED display. If modules are entered as missing in the control data record, the automation system behaves as follows: Modules designated as not present in the control data record do not supply diagnostics and their status is always OK. The value status is OK Direct write access to the outputs or write access to the process image of outputs that are not present: Remains without effect; no access error is signaled. Direct read access to the inputs or read access to the process image of inputs that are not present: Value "0" is supplied; no access error is signaled. Write data record to module that is not present: Remains without effect; no error is signaled. Read data record from module that is not present: An error is signaled because a valid data record cannot be returned. Error messages The following error messages are returned if an error occurs during writing of the control data record: Table 10-79 Error messages Error code 1068 Meaning 16#80B1 Invalid length; the length information in data record 196 is not correct. 16#80B5 Configuration control parameters not assigned. 16#80E2 Data record was transferred in the wrong OB context. The data re cord must be transferred in the startup program. 16#80B8 Parameter error; module signals invalid parameters. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also VARIANT (Page 2191) S7-1200 System Manual (http://support.automation.siemens.com/WW/view/en/89851659) Example of a configuration control (S7-1200) A configuration consisting of a CPU and 3 signal modules is configured in the following. The module at slot 3 is not present in the first configuration expansion and is "hidden" by the configuration control. In the second configuration expansion, the module that was initially hidden is located in the last slot. The added slot is made known to the CPU by a modified control data record. Actual configuration with missing module The specified configuration contains all modules that can be present in a final expansion stage. The module that is inserted in slot 3 in the specified configuration is missing in the real expanded configuration. For this reason, slot 3 must be coded in the control data record accordingly with "FF H" (= not present). WinCC Advanced V14 System Manual, 10/2016 1069 Editing devices and networks 10.1 Configuring devices and networks Module is missing in the real configuration Actual configuration with subsequently added module The module present in slot 3 in the specified configuration is added to the back of the real configuration by inserting it as the last module in slot 4. The control data record is adapted accordingly. 1070 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks WinCC Advanced V14 System Manual, 10/2016 1071 Editing devices and networks 10.1 Configuring devices and networks Additional configurations (S7-1200) Configuring additional functions The S7-1200 automation system has numerous additional functions that are useful as integrated CPU functions or available via plug-in modules (for example, communication modules). You can find the description via the following links. See also Motion functionality of the CPU S7-1200 (Page 6594) Configuring PID_Compact V1 (Page 6507) Configuring PID_3Step V1 (Page 6540) 10.1.4.2 S7-1200 CM/CP Telecontrol CPs CP 124x-x / CP 1542SP-1 IRC CP identification Reference CPs using the "TeleControl Basic" protocol. "CP identification" parameter group One project number for the entire STEP 7 project If you change the project number for a CP in the "CP identification" parameter group, this parameter is changed for all CPs in the entire STEP 7 project using the "TeleControl Basic" protocol. TCSB evaluates project numbers from 1 ... 2000. Configuration of the station number You need to configure a unique station number for each station in the STEP 7 project that uses a CP using the "TeleControl Basic" protocol. TCSB evaluates station numbers from 1 ... 8000. 1072 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Access ID The access ID displayed in the "CP identification" parameter group is made up of the hexadecimal values of the project number, station number and slot. The parameter of the type DWORD is allocated as follows: Bits 0 7: Slot Bits 8 to 20: Station number Bits 21 to 31: Project number CPs with data point configuration Communication types In this parameter group, you enable the communication types you want to use for the particular CP.. To minimize the risk of unauthorized access to the station via Ethernet, you need to enable the communications services that the CP will execute individually. You can leave all options disabled if you do not need them. However, at least one option should be enabled in a telecontrol CP. WinCC Advanced V14 System Manual, 10/2016 1073 Editing devices and networks 10.1 Configuring devices and networks "Communication types" parameter group Activate online functions Enables access to the CPU for the online functions via the CP (diagnostics, loading project data etc.). If the function is enabled, the engineering station can access the CPU via the CP. If the option is disabled, you have no access to the CPU via the CP with the online functions. Online diagnostics of the CPU with a direct connection to the interface of the CPU however remains possible. Enabling S7 communication Enables the functions of S7 communication with a SIMATIC S7 and S7 routing on the CP. If you configure S7 connections to the relevant station, and these run via the CP, you will need to enable this option. Enable telecontrol communication Enables telecontrol communication on the CP. The following protocols can be used as alternatives. - TeleControl Basic Enables communication with the telecontrol server - DNP3 Enables communication with up to four DNP3 masters - IEC 608705104 Enables communication with up to four IEC masters Note Full telecontrol functionality only enabled Security functions For the following functions, you need to enable the Security functions: Send messages (e-mails / SMS) via the telecontrol functionality Use of the "TeleControl Basic" (general) protocol Use of the DNP3 Security functions Use of certificates Note Loss of configuration data when changing the telecontrol protocol If you change the protocol on a configured CP, protocol-specific configuration data is lost, for example, the data point, the partner configuration or the messages (e-mails). 1074 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Ethernet interface Time-of-day synchronization Time-of-day synchronization with S7-1200 Module and synchronization method When using an external time source, the S7-1200 station can obtain the current time of day both via the CPU as well as via a CP. With the S7-1200 there is no forwarding of the time of day from the station to the subnet. Time-of-day synchronization using the CPU As the synchronization method, with the CPU only NTP can be selected. If for the CPU the option "CPU synchronizes the modules of the device" is enabled, all smart modules of the station (CMs, CPs) are synchronized with the CPU time in a synchronization cycle of 10 seconds. Time-of-day synchronization using a telecontrol CP The following synchronization methods are available: NTP NTP can only be used when the telecontrol communication is disabled. In this case, the telecontrol CP is used as an extended PROFINET interface. Time from partner When telecontrol communication is enabled, the CP automatically takes the time-of-day from the communications partner. Note Forwarding the time to the CPU Depending on the firmware version of the modules involved, the time-of-day of the CP is forwarded to the CPU in different ways: Optional forwarding of the CP time to the CPU using a PLC tag Obligatory forwarding of the CP time to the CPU via the backplane bus WinCC Advanced V14 System Manual, 10/2016 1075 Editing devices and networks 10.1 Configuring devices and networks Forwarding the time from the CP to the CPU Note Recommendation: Time-of-day synchronization only by 1 module Only have the time of day of the station from an external time source synchronized by a single module so that a consistent time of day is maintained within the station. When the CPU takes the time from the CP, disable time-of-day synchronization of the CPU. The forwarding of the CP time to the CPU depends on the firmware version of the CP and the CPU. Note the following behaviour. CP firmware V2.1.5 With this firmware version the CP can make the time-of-day available to the CPU as an option via a PLC tag. When this PLC tag is read cyclically by the CPU, the CPU adopts the CP time. For TLC tags, see parameter group "Communication with the CPU" of the CP. CP firmware V2.1.7 and CPU firmware V4.2 If both modules in the station have one of the named firmware versions, the time of day of the CP is automatically forwarded to the CPU. Since the CPU automatically adopts the CP time, you no longer require the forwarding option using the PLC tag. If for the CPU the option "CPU synchronizes the modules of the device" is enabled, all smart modules of the station are synchronized with the CPU time. Time-of-day synchronization with NTP NTP mode In NTP mode, the CP sends time-of-day queries at regular intervals to one or more NTP servers. From the responses of the servers, the CP selects the most accurate time of day. The advantage of this mode is that it allows the time to be synchronized across subnets. In NTP mode, it is generally UTC (Universal Time Coordinated) that is transferred. This corresponds to GMT (Greenwich Mean Time). NTP server and synchronization interval The IP addresses of up to four NTP servers can be configured. The synchronization interval specifies the cycle of the time-of-day queries to the NTP server. The range of values is between 10 seconds and 1 day (86400 seconds). "Accept time of day from non-synchronized NTP servers" option If the option is enabled, the CP also accepts the time-of-day from non-synchronized NTP servers with stratum 16. If the option is disabled, the response is as follows: If the CP receives a time of day frame from an unsynchronized NTP server with stratum 16, the time of day is not set according to the 1076 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks frame. In this case, none of the NTP servers is displayed as "NTP master" in the diagnostics; but rather only as being "reachable". Reconnection delay Note If the partner cannot be reached, connection establishment via the mobile wireless network can take several minutes. This may depend on the particular network and current network load. Depending on your contract, costs may result from each connection establishment attempt. "Reconnection delay" parameter The reconnection delay for connections in telecontrol communication is the waiting time between repeated attempts to establish the connection by the CP when the telecontrol server is not reachable or the connection has aborted. This waiting time avoids continuous connection establishment attempts at short intervals if there are connection problems. A basic value is configured for the waiting time before the next connection establishment attempt. Starting at the basic value, the current waiting time is doubled after every 3 unsuccessful retries up to a maximum value of 900 s. Range of values for the basic value: 10 to 600 s. Example: The basic value 20 results in the following intervals (waiting times) between the attempts to re-establish a connection. three times 20 s three times 40 s three times 80 s etc. up to max. 900 s Note Special characteristics with CP 12427 (6GK72427KX300XE0) together with TELECONTROL SERVER BASIC (V2) If a second telecontrol server or a second router of the telecontrol server is configured, the CP attempts to connect to the second partner at the 4th attempt. If the second partner is also unreachable, the 7th time the CP attempts to connect to the first partner again. Acknowledgment with IEC protocol Acknowledgment mechanisms with telecontrol protocol IEC 608705104 Reference: Configuration of the Ethernet interface of the CP > Parameter group "Advanced options" > Transfer settings" WinCC Advanced V14 System Manual, 10/2016 1077 Editing devices and networks 10.1 Configuring devices and networks With each sent data frame, the CP sends a continuous send sequence number. The data frame remains initially stored in the send buffer of the CP. When it receives the data frame, the master sends the send sequence number from this or (if several frames are received) the last frame as an acknowledgment to the CP. The CP saves the send sequence number returned by the master as a receive sequence number and uses it as an acknowledgment. Frames whose send sequence number is equal to or lower than the current receive sequence number are evaluated as having been successfully transferred and are deleted from the send buffer of the CP. Recommendations of the specification: w should not be higher than 2/3 of k. Recommended value for k: 12 Recommended value for w: 8 Parameter: k: Difference between send sequence number N(S) and receive sequence number N(R) Maximum number of unacknowledged data frames (IAPDUs) as maximum difference between send sequence number N(S) and receive sequence number N(R). When k is reached and t1 has not yet elapsed, the CP does not send any frames until all the frames sent have been acknowledged by the master. When k is reached and t1 has elapsed, the TCP connection is terminated. w: Max. number of unacknowledged data frames Maximum number of received data frames (IAPDUs), after which the oldest frame received from the master must be acknowledged. 1078 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Partner Addressing a double / redundant TCSB system Addressing of the duplicate or redundant telecontrol server Addressing the main and substitute telecontrol server in TCSB V2 Only for CP 12427 (6GK7 242-7KX30-0XE0) With TCSB V2, two independent server PCs can be installed. The second IP address only needs to be configured when these are connected to the Internet via two routers. Addressing the TCSB redundancy group in TCSB V3 In the LAN in the master to which the TCSB server PCs and the DSL router (e.g. SCALANCE M) are connected, the Network Load Balancing (NLB) of the computer operating system will assign a common virtual IP address to the two server PCs. This IP address is configured depending on the network setup: - If only CP 1243-1 modules without a DSL router are connected, the virtual address assigned by the NLB must be configured in the CPs as the IP address of the telecontrol server. - If a DSL router is used, only one IP address will be configured to address the redundant telecontrol server in the stations, the public address of the DSL router. Set the port forwarding on the DSL router so that the public IP address (external network) is led to the virtual IP address of the TCSB server PCs (internal network). Only the public IP address is reachable from the Internet. The station does not therefore receive any information telling it which of the two computers of the redundancy group it is connected to. If you configure a second IP address, you need to make sure that TCSB is reachable via the IP address of a second router. Communication with the CPU CPU scan cycle Structure of the CPU scan cycle The cycle (including the pause) with which the CP scans the memory area of the CPU is made up of the following phases: High-priority read jobs For data points of the type "Input", which are configured with the data point configuration "General > Read cycle" with the setting "Fast cycle", the PLC tags are all read in one scan cycle. Write jobs In every cycle, the values of a certain number of unsolicited write jobs are written to the CPU. The number of tags written per cycle is specified for the CP in the "Communication with the CPU" parameter group with the "Max. number of write jobs" parameter. The tags whose number exceeds this value are then written in the next or one of the following cycles. WinCC Advanced V14 System Manual, 10/2016 1079 Editing devices and networks 10.1 Configuring devices and networks Low-priority read jobs - proportion For data points of the type "Input", which are configured with the "Low priority" setting in the data point configuration in "General > Priority in the scan cycle", the values of a part of the PLC tags are read in every scan cycle. The number of tags read per cycle is specified for the CP in the "Communication with the CPU" parameter group with the "Max. number of read jobs" parameter. The tags that exceed this value and can therefore not be read in one cycle are then read in the next or one of the following cycles. Cycle idle time This waiting time between two scan cycles is used to reserve adequate time for other processes that access the CPU. Duration of the CPU scan cycle Since no fixed time can be configured for the cycle and since the individual phases cannot be assigned a fixed number of objects, the duration of the scan cycle is variable and can change dynamically. Data points and messages Configuring data points and messages Data point-related communication with the CPU No program blocks need to be programmed for the telecontrol CPs with data point configuration to transfer user data between the station and communications partner. The data areas in the memory of the CPU intended for communication with the communications partner are configured data point-related on the CP. Each data point is linked to a PLC tag or a or the tags of a data block. Requirement: Created PLC tags PLC tags or DBs must first be created in the CPU program to allow configuration of the data points. The PLC tags for data point configuration can be created in the standard tag table or in a userdefined tag table. All PLC tags intended to be used for data point configuration must have the attribute "Visible in HMI". Address areas of the PLC tags are input, output or bit memory areas on the CPU. The formats and S7 data types of the PLC tags that are compatible with the protocol-specific data point types of the CP can be found in the section Datapoint types (Page 1086). Access to the memory areas of the CPU The values of the PLC tags or DBs referenced by the data points are read and transferred to the communications partner by the CP. 1080 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Data received from the communications partner is written by the CP to the CPU via the PLC tags or DBs. Configuring the data points and messages in STEP 7 You configure the data points in STEP 7 in the data point and message editor. You can find this using the project tree: Project > directory of the relevant station > Local modules > CP 1200 Figure 10-5 Configuring data points and messages By double-clicking on the entry, the data point or message editor. Using the two entries to the right above the table, you can switch over between the data point and message editor. Figure 10-6 Switching over between the two editors Creating obects With the data point or message editor open, create a new object (data point / message) by double clicking "<Add object>" in the first table row with the grayed out entry. WinCC Advanced V14 System Manual, 10/2016 1081 Editing devices and networks 10.1 Configuring devices and networks A preset name is written in the cell. You can change the name to suit your purposes but it must be unique within the CP. Figure 10-7 Data point table You configure the remaining properties of every object using the drop-down lists of the other table columns and using the parameter boxes shown at the bottom of the screen. Assigning data points to their data source After creating it, you assign a new data point to its data source. Depending on the data type of the data point a PLC tag can serve as the data source. For the assignment you have the following options: Click on the table symbol in the cell of the "PLC tag" column. All configured PLC tags and the tags of the created data blocks are displayed. Select the required data source with the mouse or keyboard. Click the symbol . A selection list of the configured PLC Tags and the blocks is displayed. From the relevant table, select the required data source. In the name box of the PLC tag, enter part of the name of the required data source. All configured PLC tags and tags of the data blocks whose names contain the letters you have entered are displayed. Select the required data source. Note Assignment of parameter values to PLC tags The mechanisms described here also apply when you need to assign the value of a parameter to a PLC tag. The input boxes fro the PLC tag (e.g.: PLC tag for partner status support the functions described here for selecting the PLC tag. 1082 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Arranging and copying objects As with many other programs in the data point or message editor you can also arrange the columns, sort the table according to your requirements and copy and insert objects. Arrange columns If you click on a column header with the left mouse button pressed, you can move the column. Sorting objects If you click briefly with the left mouse button on a column header, you can sort the objects of the table in ascending or descending order according to the entries in this column. The sorting is indicated by an arrow in the column header. After sorting in descending order of a column the sorting can be turned off by clicking on the column header again. Adapting the column width You call this function using the shortcut menu that opens when you click on a column header with the right mouse key. Showing / hiding columns You call this function using the shortcut menu that opens when you click on a column header with the right mouse key. Copying, pasting, cutting and deleting objects If you click in a parameter box of an object in the table with the right mouse key, you can use the functions named with the shortcut menu (copy, paste, cut, delete). You can paste cut or copied objects within the table or in the first free row below the table. Exporting and importing data points To simplify the engineering of larger plants, you can export the data points of a configured CP and import them into other CPs in the project. This is an advantage particularly in projects with many identical or similar stations or data point CPs. The export / import function is available when you select the CP for example in the network or device view and select the relevant shortcut menu. Figure 10-8 Shortcut menu of the CP When it is exported the data point information of a CP is stored in one CSV file. WinCC Advanced V14 System Manual, 10/2016 1083 Editing devices and networks 10.1 Configuring devices and networks Export When you call the export function, the export dialog opens. Here, you select the CP or CPs of the project whose data point information needs to be exported. When necessary, you can export the data points of all CPs of the project at one time. In the export dialog, you can select the storage location in the file directory. When you export the data of a CP you can also change the preset file name. When you export from several CPs, the files are formed with preset names made up of the station name and CP name. The file itself contains the following information in addition to the data point information: CP name CP type CPU name CPU type Editing the data point information You can edit the data point information in an exported CSV file. This allows you to use this file as a configuration template for many other stations. If you have a project with many stations of the same type, you can copy the CSV file with the data points of a fully configured CP for other as yet unconfigured stations and adapt individual parameters to the particular station. This saves you having to configure the data points for every CP in STEP 7. Instead, you simply import the copied and adapted CSV file to the other CPs of the same type. When you import this file into another CP, the changed parameter values of the CSV file are adopted in the data point configuration of this CP. The lines of the CSV file have the following content: Line 1: ,Name,Type, This line must not be changed. Line 2: PLC,<CPU name>, <CPU type>, Meaning: PLC (designation of the station class), CPU name, CPU type Only the elements <CPU name> and <CPU type> may be changed. The CPU type must correspond exactly to the name of the CPU in the catalog. Line 3: Module,<CP name>, <CP type>, Meaning: Module (Designation of the module class), CP type, CP name Only the elements <CP name> and <CP type> may be changed. Be careful when changing the CP names if you want to import data points into several CPs (see below). The CP type must correspond exactly to the name of the CP in the catalog. Line 4: Parameter names (English) of the data points This line must not be changed. Lines 5..n: Values of the parameters according to line 4 of the individual data points You can change the parameter values for the particular station. 1084 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Importing into a CP Before importing the data points make sure that the PLC tags required for the data points have been created. Note that when you import a CSV file all the data points existing on the CP will be deleted and replaced by the imported data points. Select a CP and select the import function from the shortcut menu of the CP. The import dialog opens in which you select the required CSV file in the file directory. If the information on the assignment of the individual data points to the relevant PLC tags matches the assignment in the original CP, the data points will be assigned to the corresponding PLC tags. When you import data points into a CP, but some required PLC tags have not yet been created in the CPU, the corresponding data point information cannot be assigned. In this case, you can subsequently create missing PLC tags and them assign them the imported data point information. The "Assignment repair" function is available for this (see below). If the names of the PLC tags in the CP into which the import is made have different names than in the CP that exported, the corresponding data points cannot be assigned to your PLC tags. Importing into several CPs You can import the data points from several CPs into the CPs of a different project. To do this in the import dialog select all the required CSV files with the control key. Before importing the data points, make sure that the respective stations have been created with CPUs of the same name, CPs of the same name and PLC tags of the same name. When you import the corresponding stations of the project are searched for based on the CP names in the CSV files. If a target station does not exist in the project or the CP has a different name, the import of the particular CSV file will be ignored. Restrictions for the import of data points In the following situations the import of data points will be aborted: The telecontrol protocol used by the CP differs from that of the original CP. The following CPs with the "TeleControl Basic" protocol are compatible with each other: - CP 12427 GPRS V2 - CP 12431 - CP 12437 LTE This means, for example, that data points can be imported from a CP 12431 into a CP 12437 LTE or from a CP 12427 GPRS V2 to a CP 12431. An attribute required by the CP is missing in the CSV file to be imported. Example: If a data point to be imported uses a time trigger, the import will be aborted if no time-of-day synchronization was configured for the CP. Only when importing into several CPs: The import is aborted when a CP or CPU name is different from the data in the CSV file. WinCC Advanced V14 System Manual, 10/2016 1085 Editing devices and networks 10.1 Configuring devices and networks Assignment repair If you have named the PLC tags in a station into which you want to import differently from the station from which the CSV file was exported, the assignment between data point and PLC tag is lost when you import. You then have the option to either rename the existing PLC tags appropriately or add missing PLC tags. You can then repair the assignment between unassigned data points and PLC tags. This function is available either via the shortcut menu of the CP (see above) or with the following icon to the upper left in the data point editor: If a PLC tag with a matching name is found for a data point by the repair function, the assignment is restored. However the data type of the tag is not checked. After the assignment repair make sure that you check whether the newly assigned PLC tags are correct. Datapoint types During the configuration of the user data to be transferred by the CP, each data point is assigned a protocol-specific data point type. The data point types supported by the CP along with the compatible S7 data types are listed below. They are grouped according to format (memory requirements). The direction relates to the direction of transfer (monitoring direction = "in", control direction = "out"). Note Effect of the change of arrays for data points If an array is modified later, the data point must be recreated. CP 12431, CP 12427 GPRS V2, CP 12437 LTE, : Supported data point types Table 10-80 Supported data point types and compatible S7 data types Format (memory require ments) Data point type S7 data types Operand area Bit Digital input Bool I, Q, M, DB Byte Digital output Bool Q, M, DB Command output (CP 12431 and CP 1542SP1 IRC only) Bool Q, M, DB Digital input Byte, USInt I, Q, M, DB Digital output Byte, USInt Q, M, DB Integer with sign (16 bits) Analog input Counter (16 bits) Int I, Q, M, DB Analog output Int Q, M, DB Counter input Word, UInt I, Q, M, DB Integer with sign (32 bits) Analog input Counter (32 bits) 1086 DInt Q, M, DB Analog output DInt Q, M, DB Counter input UDInt, DWord I, Q, M, DB WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Format (memory require ments) Data point type S7 data types Operand area Floating-point number with sign (32 bits) Analog input Real Q, M, DB Analog output Real Q, M, DB Floating-point number with sign (64 bits) Analog input LReal Q, M, DB Analog output LReal Data block (1 .. 64 bytes) 1) Q, M, DB Data ARRAY 1) DB Data ARRAY 1) DB For the possible formats of the ARRAY data type, refer to the following section. Data block (ARRAY) With the ARRAY data type, contiguous memory areas up to a size of 64 bytes can be transferred. The following S7 data types are compatible components of ARRAY: Byte, USInt (total of up to 64 per data block) Int, UInt, Word (total of up to 32 per data block) DInt, UDInt, DWord (total of up to 16 per data block) Time stamp in UTC format Time stamps are transferred in UTC format (48 bits) and contain the time difference in milliseconds since 01.01.1970. CP 12438 IRC: Supported data point types Table 10-81 Supported data point types and compatible S7 data types Format (memo Data point type ry requirements) S7 data types STEP 7 Basic Operand area Bit Bool Byte Integer with sign (16 bits) Digital input (Status Input) Number of data points per SI NAUT object Compatible SI NAUT objects STEP 7 V5 I, Q, M, DB 8 Bin08X_S Digital output (Status Output) Bool Q, M, DB 8 Bin08X_R Digital input (Binary Input) I, Q, M, DB 4 Bin04B_S Digital output (Binary Output) Byte, USInt Q, M, DB 4 Bin04B_R Command output (Command Output) Byte, USInt Q, M, DB 1 Cmd01B_R Analog input (Analog Input) Int I, Q, M, DB 4 Ana04W_S Mean value (Mean Value In put) Int I, Q, M, DB 4 Mean04W_S Analog output (Analog Out put) Int Q, M, DB 4 Ana04W_R Mean value (Mean Value Out Int put) Q, M, DB 4 Mean04W_R Setpoint (Setpoint Output) 1) Byte, USInt Q, M, DB 1 Set01W_R Counter (16 bits) Counter input (Counter Input) UInt, Word I, Q, M, DB 1 Cnt01D_S Counter input (Counter Input) UInt, Word I, Q, M, DB 4 Cnt04D_S WinCC Advanced V14 System Manual, 10/2016 Int 1087 Editing devices and networks 10.1 Configuring devices and networks Format (memo Data point type ry requirements) S7 data types STEP 7 Basic Operand area Floating-point Analog input (Analog Input) number (32 bits) Analog output (Analog Out put) Real I, Q, M, DB 4 Ana04R_S Real Q, M, DB 4 Ana04R_R Data block (4 .. 48 bytes) ARRAY [1...12] of DInt / UDInt / DWord / Real 2) DB 12 Dat12D_S DB 12 Dat12D_R DB 12 Par12D_R Data (Data Input) Data (Data Output) Parameters (Parameter Out put) 1) 1) See below, section "1: Mirroring back" 2) See below, section "2: Data block" Number of data points per SI NAUT object Compatible SI NAUT objects STEP 7 V5 1: Mirroring The mirroring back function using the "Value monitoring" parameter can be configured for the following data point types: Setpoint Output Parameter Output The local values of the data points of this type can be monitored for change and the changes transferred to the master with the Value monitoring function. Changing a local value can, for example, be caused by manual operator input on site. To allow the value resulting from local events or interventions to be transferred to the master, the Value monitoring function generates a mirroring back channel for the relevant data point via which the locally changed value is mirrored back. Remember that to use the mirror back function, you need to interconnect the local values in the controller with the relevant PLC tag of the data point. 2: Data block With the ARRAY data type, blocks of data from contiguous memory areas up to a size of 4 .. 48 bytes can be transferred. Compatible components of ARRAY are DInt, UDint, DWord or Real. The components within an array must be of the same type. CP 12431 DNP3: Supported data point types Table 10-82 Supported data point types, DNP3 object groups, variants and compatible S7 data types Format (memory re quirements) Data point type Bit Binary Input 1 [1, 2] Binary Input Event 2 [1, 2] Direction S7 data types Operand area in Bool I, Q, M, DB in Bool I, Q, M, DB Bool Q, M, DB [variations] Binary Output 1) Binary Output Event Binary Command 1088 DNP3 object group 1) 10 [2] out 11 [1, 2] out 12 [1] out WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Format (memory re quirements) Data point type Integer (16 bits) Counter Static DNP3 object group Direction S7 data types Operand area UInt, Word I, Q, M, DB UInt, Word I, Q, M, DB [variations] 20 [2] in 21 [2, 6] in 22 [2, 6] in 23 [2, 6] in 30 [2] in Int I, Q, M, DB 32 [2] in Int I, Q, M, DB 40 [2] out 41 [2] out Int Q, M, DB 42 [2, 4] out 20 [1] in UDInt, DWord I, Q, M, DB 21 [1, 5] in 22 [1, 5] in UDInt, DWord I, Q, M, DB 23 [1, 5] in Analog Input 30 [1] in DInt Q, M, DB Analog Input Event 32 [1] in DInt Q, M, DB 40 [1, 3] out 41 [1] out DInt Q, M, DB 42 [1] out 30 [5] in Real Q, M, DB 32 [5, 7] in Real Q, M, DB 40 [3] out 41 [3] out Real Q, M, DB 42 [5, 7] out 30 [6] in LReal Q, M, DB 32 [6, 8] in LReal Q, M, DB LReal Q, M, DB Frozen Counter 2) Counter Event Frozen Counter Event 3) Analog Input Analog Input Event Analog Output Status 4) Analog Output Analog Output Event Integer (32 bits) 4) Counter Static Frozen Counter 2) Counter Event Frozen Counter Event Analog Output Status 3) 4) Analog Output Analog Output Event Floating-point num ber (32 bits) 4) Analog Input Analog Input Event Analog Output Status 4) Analog Output Analog Output Event Floating-point num ber (64 bits) 4) Analog Input Analog Input Event Analog Output 41 [4] out 42 [6, 8] out Octet String / Octet String Output 110 [ ] in, out 5) DB Octet String Event 111 [ ] in, out 5) DB Analog Output Event Data block (1...64 bytes) 5) 5) 4) 1) This object group can be configured in the Data point editor of STEP 7 using the substitute object group 12. 2) This object group can be configured in the Data point editor of STEP 7 using the substitute object group 20. 3) This object group can be configured in the Data point editor of STEP 7 using the substitute object group 22. 4) This object group can be configured in the Data point editor of STEP 7 using the substitute object group 41. With these data point types, contiguous memory areas up to a size of 64 bytes can be transferred. All S7 data types with a size between 1 and 64 bytes are compatible. 5) Explanation of the table footnotes 1), 2), 3), 4): Configuring data points using substitute object groups WinCC Advanced V14 System Manual, 10/2016 1089 Editing devices and networks 10.1 Configuring devices and networks The initial data point types of the following object groups can be configured using the substitute object groups listed above: 10 [2] 11 [1, 2] 21 [1, 2, 5, 6] 23 [1, 2, 5, 6] 40 [1, 2, 3] 42 [1, 2, 4, 5, 6, 7, 8] To configure the DNP3 CP, use the specified substitute object group. Assign each data point on the master using the configurable data point index in STEP 7. The data point of the DNP3 CP is then assigned to the corresponding data point on the master. Example of configuring the data point Binary Output (10 [2]) The data point is configured as follows: On the DNP3 CP as Binary Command (12 [1]) On the master as Binary Output (10 [2]) With the data point types Binary Output Event (11) and Analog Output Event (42), you also need to enable mirroring; refer to the next section. Configuration of the mirroring for output events (object groups 11 and 42) You first create the data point types Binary Output Event (object group 11) and Analog Output Event (object group 42) as described above as data points of the object groups 12 or 41. The local values of these two object groups can be monitored for change and the changes transferred to the master (). Changing a local value can, for example, be caused by manual operator input on site. To allow the value resulting from local events or interventions to be transferred to the master, the data point in question requires a channel for mirroring back. You configure this mirroring back function is configured using the "Value monitoring" option in data point configuration, General tab. Remember that to use the mirror back function, you need to interconnect the local values in the controller with the relevant PLC tag of the data point. Time stamp for DNP3-CP in UTC format Time stamps are transferred in UTC format (48 bits) and contain milliseconds since 01.01.1970. CP 12431 IEC: Supported data point types Table 10-83 Supported data point types, IEC types and compatible S7 data types Format (memory requirements) Data point type IEC type Direction Bit Single point information <1> Single point information with time tag Single command 1) 1090 S7 data types Operand area in Bool I, Q, M, DB <30> in Bool I, Q, M, DB <45> out Bool Q, M, DB WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Format (memory requirements) Data point type Byte Integer (16 bits) Integer (32 bits) IEC type Direction S7 data types Operand area Step position information <5> in Byte, USInt I, Q, M, DB Step position information with time tag 1) <32> in Byte, USInt I, Q, M, DB Measured value, normalized value <9> in Int I, Q, M, DB Measured value, normalized value with time tag 1) <34> in Int I, Q, M, DB Measured value, scaled value <11> in Int I, Q, M, DB Measured value, scaled value with time tag 1) <35> in Int I, Q, M, DB Set point command, normalised value <48> out Int Q, M, DB Set point command, scaled value <49> out Int Q, M, DB Bitstring of 32 bits <7> in UDInt, DWord I, Q, M, DB Bitstring of 32 bits with time tag CP56Time2a 1) <33> in UDInt, DWord I, Q, M, DB Integrated totals <15> in UDInt, DWord I, Q, M, DB Integrated totals with time tag CP56Time2a 1) <37> in UDInt, DWord I, Q, M, DB Bitstring of 32 bits <51> out UDInt, DWord Q, M, DB <13> in Real Q, M, DB Measured value, short floating point number with time tag CP56Time2a 1) <36> in Real Q, M, DB Set point command, short floating point number <50> out Real Q, M, DB Double-point information <3> in 2) DB Double-point information with time tag CP56Time2a 1) <31> in 2) DB Double command <46> out 2) DB Regulating step command <47> out 2) DB Bitstring of 32 bits DB Floating-point num Measured value, short floating point ber (32 bits) number Data block (1...2 Bit) 2) Data block (1...32 Bit) 3) <7> in 3) Bitstring of 32 bits with time tag CP56Time2a 1) 3) <33> in 3) DB Bitstring of 32 bits <51> out 3) DB 3) 3) 1) For the format of the time stamp, see the following section. 2) For these data point types, create a data block with an array of precisely 2 bool. With these data point types, contiguous memory areas up to a size of 32 bits can be transferred. Only the S7 Bool data type is compatible. 3) Time stamp with the IEC CP IEC CP time stamps are transferred according to the IEC specification in the "CP56Time2a" format. Note that in the frames only the first 3 bytes for milliseconds and minutes are transferred. WinCC Advanced V14 System Manual, 10/2016 1091 Editing devices and networks 10.1 Configuring devices and networks CP 12431 PCC: Supported data point types Table 10-84 Supported data point types and compatible S7 data types Format (memory require ments) Data point type S7 data types Operand area Bit Digital input Bool I, Q, M, DB Byte Digital input Byte, USInt I, Q, M, DB Integer with sign (16 bits) Analog input Int I, Q, M, DB Counter (16 bits) Word, UInt I, Q, M, DB Integer with sign (32 bits) Analog value DInt Q, M, DB Counter (32 bits) Counter UDInt, DWord I, Q, M, DB Floating-point number with sign (32 bits) Analog value Real Q, M, DB Floating-point number with sign (64 bits) Analog value LReal Q, M, DB Data block (1 .. 64 bytes) Data ARRAY 1) DB Data ARRAY DB 1) Counter input 1) For the possible formats of the ARRAY data type, refer to the following section. Data block (ARRAY) With the ARRAY data type, contiguous memory areas up to a size of 64 bytes can be transferred. The following equivalent S7 data types are compatible components of ARRAY: Bool (total of up to 512 per data block) Byte, USInt (total of up to 64 per data block) Int, UInt, Word (total of up to 32 per data block) DInt, UDInt, Real, DWord (total of up to 16 per data block) LReal (total of up to 8 per data block) Note No processing of arrays in the operation center The array data type cannot be processed in the operation center. Time stamp in UTC format Time stamps are transferred in UTC format (48 bits) and contain the time difference in milliseconds since 01.01.1970. 1092 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Process image, type of transmission, event classes, triggers Introduction Some of the functions described below differ depending on the protocol used by the CP in question: Telecontrol Basic CPs: - CP 12427 GPRS V2 - CP 12431 - CP 12437 LTE CP 12438 IRC CP 12431 DNP3 CP 12431 IEC Storage of values The values of all data points are stored in the image memory of the CP. Values in the image memory are transferred only after being called by TCSB (Telecontrol Basic CPs) or the master (CP 12431 DNP3 / IEC). Events are also stored in the send buffer and can be transferred unsolicited. The image memory, the process image of the CP The image memory is the process image of the CP. All the current values of the configured data points are stored in the image memory. New values of a data point overwrite the last stored value in the image memory. The values are sent only after a query by the communications partner - see below "Transfer after call" in the "Types of transmission" section - or along with a message from the send buffer that needs to be transferred immediately. The send buffer The send buffer of the CP is the memory for the individual values of data points that are configured as an event. The send buffer has the following size: Telecontrol Basic CPs, CP 12438 IRC, CP 12431 DNP3: Max. 64000 events based on 32 bit analog values CP 12431 IEC: Max. 65535 events The capacity of the send buffer is divided up equally for all enabled partners. If the connection to a communications partner is interrupted, the individual values of the events are retained in the buffer. When the connection returns, the buffered values are sent. The frame memory operates chronologically; in other words, the oldest frames are sent first (FIFO principle). WinCC Advanced V14 System Manual, 10/2016 1093 Editing devices and networks 10.1 Configuring devices and networks If a frame was transferred to the communications partner, the transferred value is deleted from the send buffer. If frames cannot be transferred for a longer period of time and the send buffer is threatening to overflow, the response is as follows: Telecontrol Basic CPs, CP 12438 IRC The forced image mode If the send buffer reaches a fill level of 80%, the CP changes to the forced image mode. New values from data points configured as an event are no longer added to the send buffer but rather they overwrite older existing values in the image memory. When the connection to the communications partner returns, the CP changes back to the send buffer mode if the fill level of the send buffer has fallen below 50%. CP 12431 DNP3 / CP 12431 IEC If a send buffer fill level of 100% is reached, the oldest values are overwritten. Saving the data point values The values of data points are generally stored in the image memory of the CP and transferred only after a query by the communications partner. Events are also stored in the send buffer and can be transferred unsolicited. Data points are configured as a static value or as an event using the "Type of transmission" parameter (see below): Static value (no event) Static values are entered in the image memory (process image of the CP). Static values correspond to the following classes: - DNP3: Class 0 - IEC: Class 2 Event The values of data points configured as an event are also entered in the image memory of the CP. The value of the event is sent unsolicited to the communications partner if this function is enabled by the master. The values of events are also entered in the send buffer of the CP. Events correspond to the following classes: - DNP3: Class 1 / 2 / 3 - IEC: Class 1 1094 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Types of transmission The following types of transmission are possible: Transfer after call (class 0) The current value of the data point is entered in the image memory of the CP. New values of a data point overwrite the last stored value in the image memory. After being called by the communications partner, the current value at this time is transferred. Triggered (events) The values of data points configured as an event are entered in the image memory and also in the send buffer of the CP. The values of events are saved in the following situations: - The configured trigger conditions are fulfilled (data point configuration > "Trigger" tab, see below) - The value of a status bit of the status identifiers of the data point changes; see sectionStatus IDs of the data points (Page 1097). Example: When the value of a data point configured as an event is updated during startup of the station by reading the CPU data for the first time, the status "RESTART" of this data point changes (bit status change 1 0). This leads to generation of an event. The configurable event classes of the various CP types are described in the following sections. WinCC Advanced V14 System Manual, 10/2016 1095 Editing devices and networks 10.1 Configuring devices and networks Event classes with the "Triggered" type of transmission Depending on the protocol used, the following event classes are available: TeleControl Basic - Every value triggered Each value change is entered in the send buffer in chronological order. - Current value triggered Only the last, current value is entered in the send buffer. It overwrites the value stored there previously. DNP3 The evaluation of the following classification must be handled by the master. - Event class 1 Class according to DNP3 protocol: Class 1 Each value change is entered in the send buffer in chronological order. - Event class 2 Class according to DNP3 protocol: Class 2 Each value change is entered in the send buffer in chronological order. - Event class 3 Class according to DNP3 protocol: Class 3 Only the current value at the time the trigger condition was met is entered in the send buffer and overwrites the last value stored there. IEC Both of the following event classes correspond to the user data class 1 of the IEC protocol - Every value triggered Each value change is entered in the send buffer in chronological order. - Current value triggered Only the current value at the time the trigger condition was met is entered in the send buffer and overwrites the last value stored there. Trigger Various trigger types are available for starting event-driven transfer: Threshold value trigger The value of the data point is transferred when this reaches a certain threshold. The threshold is calculated as the difference compared with the last stored value, refer to the section Threshold value trigger (Page 1102). Time trigger The value of the data point is transferred at configurable intervals or at a specific time of day. Event trigger The value of the data point is transferred when a configurable trigger signal is fired. For the trigger signal, the edge change (0 1) of a trigger tag is evaluated that is set by the user program. When necessary, a separate trigger tag can be configured for each data point. Resetting the trigger tag in the bit memory area / DB: If the memory area of the trigger tag is in the bit memory or in a data block, the trigger tag is reset to zero when the data point value is transferred. 1096 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Whether the value of a data point is transferred to the communications partner immediately after the trigger or after a delay depends on the protocol used and the settings. DNP3 / IEC The spontaneous transmission in these protocols depends on whether spontaneous sending or asymmetric communication is possible in the network. TeleControl Basic Here you set the time of transmission with the "Transmission mode" parameter; see below. Transmission mode Only when using the "TeleControl Basic" protocol. The transmission mode of a frame is set in the "Trigger" tab of the data point. With the two options, you specify whether frames of events are sent immediately or following a delay: Spontaneous The value is transferred immediately. Conditional spontaneous The value is transferred only when one of the following conditions is fulfilled: - The communications partner queries the station. - The value of another event with the transmission mode "Unsolicited" is transferred. - The fill level of the transmission buffer has reached 80% of its maximum capacity. Status IDs of the data points Status identifiers The status identifiers of the data points listed in the following tables are transferred along with the value in each frame to the communications partner. They can be evaluated by the communications partner. The entries in the table row "Significance" relate to the entry in the table row "Bit status". CP 12431, CP 12427 GPRS V2, CP 12437 LTE, CP 1542SP1 IRC (TeleControl Basic) The status bits are converted to the OPC quality code as follows by TCSB. Quality = BAD, if: NON_EXISTENT or OVER_RANGE = 1 Quality = UNCERTAIN, if: RESTART or CARRY or SB = 1 Quality = GOOD, if: Bits 1, 2, 3, 5 and 6 = 0 WinCC Advanced V14 System Manual, 10/2016 1097 Editing devices and networks 10.1 Configuring devices and networks Table 10-85 Bit assignment of status byte 0 Bit Flag name 7 6 NON_ Meaning Bit status (always 0) 5 4 Substituted 3 2 EXISTENT LOCAL_ FORCED Data point Substitute does not ex value ist or S7 ad dress un reachable Local opera Counted tor control value over flow before reading the value 1 1 CARRY 1 1 0 OVER_ RANGE RESTART ONLINE Limit value of the ana log prepro cessing overshot / undershot Value not yet updated after start Value is val id 1 1 1 1 CP 12431 DNP3, CP 1542SP1 IRC (DNP3) The status IDs correspond to the following elements of the specification: OBJECT FLAGS DNP3 Specification, Volume 6, Data Object Library - Part 1 Table 10-86 Bit assignment of the status byte Bit 7 6 5 4 3 2 1 0 Flag name LOCAL_ FORCED DISCONTI NUITY OVER_ RANGE RESTART ONLINE Meaning Local opera tor control Counted val ue overflow before read ing the value Limit value of the analog preprocess ing overshot / undershot Value not yet updated after start Value is valid Bit status (always 0) (always 0) (always 0) 1 1 1 1 1 CP 12431 IEC, CP 1542SP1 IRC (IEC) The status IDs correspond to the following elements of the specification: Quality descriptor IEC 60870 Part 5-101 Table 10-87 Bit assignment of the status byte Bit 7 6 Flag name SB substituted CY carry OV overflow NT not topical Meaning Substitute value Counted val ue overflow before read ing the value Value range exceeded, analog value Value not up Value is valid dated Bit status (always 0) (always 0) (always 0) 1 1 1098 5 1 4 3 2 1 1 0 IV invalid 0 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks CP 12431 PCC Table 10-88 Bit assignment of status byte 0 Bit 7 6 Flag name NON_ Meaning Bit status (always 0) 5 Substituted 4 3 EXISTENT LOCAL_ FORCED Data point Substitute does not ex value ist or S7 ad dress un reachable Local opera Counted tor control value over flow before reading the value 1 1 1 CARRY 2 1 0 OVER_ RANGE RESTART ONLINE Limit value of the ana log prepro cessing overshot / undershot Value not yet updated after start Value is val id 1 1 1 1 CP 12438 IRC The CP 1243-8 IRC does not supply any status identifiers. Rules for configuring the data point index: Configuration of the data point index Below you will find the rules for configuring the data point index for the individual CP types. CPs using the TeleControl Basic protocol Within a CP, the indexes of the data point classes must comply with the following rules: Input The index of a data point of the type input must be unique throughout all data point types (digital inputs, analog inputs etc.). Output - A data point of the type output can have the same index as a data point of the type input. - Several data points of the type output can have the same index. Note Data points for the inter-station communication with a CP in another S7 station Note that for inter-station communication, the indexes of the two corresponding data points (data point pair) must be identical for the sending and receiving CP. WinCC Advanced V14 System Manual, 10/2016 1099 Editing devices and networks 10.1 Configuring devices and networks CPs using the DNP3 protocol On a CP, data point indexes must be unique within each of the following object groups: Binary Input / Binary Input Event Binary Output / Binary Command Counter / Counter Event Analog Input / Analog Input Event Analog Output Octet String / Octet String Event Indexes of two data points in different object groups can be identical. CPs using the IEC protocol The data point indexes must be unique in a CP. Data point indexes assigned twice are indicated as errors in the consistency check and prevent the project being saved. CP 12438 IRC The data point indexes must be unique in a CP. Data point indexes assigned twice are indicated as errors in the consistency check and prevent the project being saved. CP 12431 PCC The data point indexes must be unique in a CP. Data point indexes assigned twice are indicated as errors in the consistency check and prevent the project being saved. "Trigger" tab Trigger Data points are configured as a static value or as an event using the "Type of transmission" parameter: 1100 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Saving the value of a data point configured as an event Saving the value of a data point configured as an event in the send buffer (message memory) can be triggered by various trigger types: Threshold value trigger The value of the data point is saved when this reaches a certain threshold. The threshold is calculated as the difference compared with the last stored value, refer to the section Threshold value trigger (Page 1102). Time trigger The value of the data point is saved at configurable intervals or at a specific time of day. Event trigger (Trigger tag) The value of the data point is saved when a configurable trigger signal is fired. For the trigger signal, the edge change (0 1) of a trigger tag is evaluated that is set by the user program. When necessary, a separate trigger tag can be configured for each data point. Resetting the trigger tag in the bit memory area / DB: If the memory area of a trigger tag is in the bit memory or in a data block, the CP resets the trigger variable itself to 0 (zero) as soon as the value of the data point has been transferred. This can take up to 500 milliseconds. Note Fast setting of triggers Triggers must not be set faster than a minimum interval of 500 milliseconds. This also applies to hardware triggers (input area). Note Hardware trigger You need to reset hardware triggers via the user program Transferring the value of a data point configured as an event You specify whether the value of a data point is transferred to the communications partner immediately after the trigger fires or after a delay in the "Transmission mode" parameter. Transmission mode The transmission mode of a frame is set in the "Trigger" tab of the data point. With the option, you specify whether messages of events are sent immediately or following a delay: Immediate transfer Spontaneous The value is transferred immediately. Buffered transfer Conditionally spontaneous The value is transferred only when one of the following conditions is fulfilled: - The communications partner queries the station. - The value of another event with the transmission mode "Spontaneous" is transferred. WinCC Advanced V14 System Manual, 10/2016 1101 Editing devices and networks 10.1 Configuring devices and networks Threshold value trigger Note Threshold value trigger: Calculation only after "Analog value preprocessing" Note that the analog value preprocessing is performed before the check for a configured threshold value and before calculating the threshold value. This affects the value that is configured for the threshold value trigger. Note No Threshold value trigger if Mean value generation is configured If mean value generation is configured, no threshold value trigger can be configured for the analog value event involved. For the time sequence of the analog value preprocessing refer to the section Analog value preprocessing (Page 1103). Threshold value trigger Function If the process value deviates by the amount of the threshold value, the process value is saved. Two methods are used to calculate the threshold value deviation: Absolute method With binary and counter values as well as with analog values with configured mean value generation, the absolute method is used to calculate the threshold value deviation. Integrative method With analog values without configured mean value generation, the integrating method is used to calculate the threshold value deviation. In the integration threshold value calculation, it is not the absolute value of the deviation of the process value from the last stored value that is evaluated but rather the integrated deviation. Absolute method For each binary value a check is made to determine whether the current (possibly smoothed) value is outside the threshold value band. The current threshold value band results from the last saved value and the amount of the configured threshold value: Upper limit of the threshold value band: Last saved value + threshold value Lower limit of the threshold value band: Last saved value - threshold value As soon as the process value reaches the upper or lower limit of the threshold value band, the value is saved. The newly saved value serves as the basis for calculating the new threshold value band. Integrative method The integration threshold value calculation works with a cyclic comparison of the integrated current value with the last stored value. The calculation cycle in which the two values are 1102 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks compared is 500 milliseconds. (Note: The calculation cycle must not be confused with the scan cycle of the CPU memory areas). The deviations of the current process value are totaled in each calculation cycle. The trigger is set only when the totaled value reaches the configured value of the threshold value trigger and a new process value is entered in the send buffer. The method is explained based on the following example in which a threshold value of 2.0 is configured. Table 10-89 Example of the integration calculation of a threshold value configured with 2.0 Time [s] (calculation cycle) Process value stored in the send buffer Current process value 0 20.0 Absolute deviation Integrated deviation from the stored val ue 20.0 0 0 0.5 20.3 +0.3 0.3 1.0 19.8 -0.2 0.1 1.5 20.2 +0.2 0.3 2.0 20.5 +0.5 0.8 2.5 20.3 +0.3 1.1 3.0 20.4 +0.4 1.5 3.5 20.5 +0.5 2.0 4.0 20.4 -0.1 -0.1 4.5 20.1 -0.4 -0.5 5.0 19.9 -0.6 -1.1 5.5 20.1 -0.4 -1.5 19.9 -0.6 -2.1 6.0 20.5 19.9 With the changes in the process value shown in the example, the threshold value trigger configured with 2.0 fires twice: At the time 3.5 s: The value of the integrated deviation is at 2.0. The new process value stored in the send buffer is 20.5. At the time 6.0 s: The value of the integrated deviation is at 2.1. The new process value stored in the send buffer is 19.9. In this example, if a deviation of the process value of approximately 0.5 should fire the trigger, then with the behavior of the process value shown here a threshold value of approximately 1.5 ... 2.5 would need to be configured. Analog value preprocessing CPs with data point configuration support analog value preprocessing. For analog value data points, some or all of the functions described below can be configured. WinCC Advanced V14 System Manual, 10/2016 1103 Editing devices and networks 10.1 Configuring devices and networks Requirements and restrictions You will find the requirements for the configuration of the preprocessing options and restrictions in the section relating to the particular function. Note Restrictions due to configured triggers The analog value preprocessing options "Fault suppression time", "Limit value calculation" and "smoothing" are not performed if no threshold value trigger is configured for the relevant data point.. In these cases, the read process value of the data point is entered in the image memory of the CP before the preprocessing cycle of the threshold value calculation (500 ms) elapses. 1104 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Sequence of the analog value preprocessing options The values of analog inputs configured as an event are processed on the CPU according to the following scheme: 5HDGGDWDIURPWKH&38 0HDQYDOXH JHQHUDWLRQ FRQILJXUHG QR PVF\FOH HODSVHG \HV QR \HV 0HDQYDOXHJHQHUDWLRQ PVF\FOH 7KUHVKROGYDOXH WULJJHU FRQILJXUHG 8QLSRODUWUDQVIHU FRQILJXUHG QR \HV QR 8QLSRODUWUDQVIHU \HV 7KUHVKROGYDOXH WULJJHU FRQILJXUHG 7KUHVKROGYDOXHFDOFXODWLRQ DEVROXWHPHWKRG QR \HV 7KUHVKROGYDOXH H[FHHGHG )DXOWVXSS UHVVLRQWLPH FRQILJXUHG QR QR \HV \HV 7ULJJHULQJ WLPHHYHQW WULJJHU \HV 9DOXHLQLPDJH PHPRU\ )DXOWVXSS UHVVLRQ QR /LPLWYDOXHV FRQILJXUHG QR \HV /LPLWYDOXH FDOFXODWLRQ 9DOXHWUDQVIHU 6PRRWKLQJ FRQILJXUHG QR \HV 6PRRWKLQJ 7KUHVKROGYDOXHFDOFXODWLRQ LQWHJUDWLYHPHWKRG PVF\FOH \HV 7KUHVKROGYDOXH H[FHHGHG \HV QR (YHQWWLPHWULJJHU FRQILJXUHG \HV 7ULJJHULQJ WLPHHYHQW WULJJHU 9DOXHWUDQVIHU Figure 10-9 QR QR 9DOXHLQLPDJH PHPRU\ Sequence of the analog value preprocessing WinCC Advanced V14 System Manual, 10/2016 1105 Editing devices and networks 10.1 Configuring devices and networks The 500 millisecond cycle is started by the integrative threshold value calculation. In this cycle, the values are saved even when the following preprocessing options are enabled: Unipolar transfer Fault suppression time Limit value calculation Smoothing Mean value generation Note Restricted preprocessing options if mean value generation is configured If you configure mean value generation for an analog value event, the following preprocessing options are not available: Unipolar transfer Fault suppression time Smoothing Function With this parameter, acquired analog values are transferred as mean values. If mean value generation is active, it makes sense to configure a time trigger.. The current values of an analog data point are read in a 100 millisecond cycle and totaled. The number of read values per time unit depends on the read cycle of the CPU and the CPU scan cycle of the CP. The mean value is calculated from the accumulated values as soon as the transfer is triggered by a trigger. Following this, the accumulation starts again so that the next mean value can be calculated. The mean value can also be calculated if the transmission of the analog value message is triggered by a request from the communications partner. The duration of the mean value calculation period is then the time from the last transmission (for example triggered by the trigger) to the time of the request. Once again, the accumulation restarts so that the next mean value can be calculated. Input modules: Overflow range / underflow range As soon as a value is acquired in the overflow or underflow range, mean value generation is stopped. The value 32767 / 7FFFh or 32768 / 8000h is saved as an invalid mean value for the current mean value calculation period and sent with the next message. 1106 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The calculation of a new mean value is then started. If the analog value remains in the overflow or underflow range, one of the two values named is again saved as an invalid mean value and sent when the next message is triggered. Note Fault suppression time > 0 configured If you have configured an error suppression time and then enable mean value generation, the value of the error suppression time is grayed out but no longer used. If mean value generation is enabled, the error suppression time is set to 0 (zero) internally. Unipolar transfer Restrictions Unipolar transfer cannot be configured at the same time as mean value generation. Enabling unipolar transfer has no effect when mean value generation is activated. Function With unipolar transfer, negative values are corrected to zero. This can be desirable if values from the underrange should not be transferred as real measured values. Exception: With process data from input modules, the value -32768 / 8000h for wire break of a live zero input is transferred. With a software input, on the other hand, all values lower than zero are corrected to zero. Fault suppression time Requirements for the function Configuration of the threshold trigger for this data point Restrictions The fault suppression time cannot be configured at the same time as mean value generation. A configured value has no effect when mean value generation is activated. Function A typical use case for this parameter is the suppression of peak current values when starting up powerful motors that would otherwise be signaled to the control center as a disruption. The transmission of an analog value in the overflow (7FFFh) or underflow range (8000h) is suppressed for the specified time. The value 7FFFH or 8000H is only sent after the fault suppression time has elapsed, if it is still pending. If the value returns to the measuring range before the fault suppression time elapses, the current value is transferred. WinCC Advanced V14 System Manual, 10/2016 1107 Editing devices and networks 10.1 Configuring devices and networks Input modules The suppression is adjusted to analog values that are acquired directly by the S7 analog input modules as raw values. These modules return the specified values for the overflow or underflow range for all input ranges (also for live zero inputs). An analog value in the overflow range (32767 / 7FFFh) or underflow range (32768 / 8000h) is not transferred for the duration of the fault suppression time. This also applies to live zero inputs. The value in the overflow/underflow range is only sent after the fault suppression time has elapsed, if it is still pending. Recommendation for finished values that were preprocessed by the CPU: If the CPU makes preprocessed finished values available in bit memory or in a data block, suppression is only possible or useful if these finished values also adopt the values listed above 32767 / 7FFFh or -32768 / 8000h in the overflow or underflow range. If this is not the case, the parameter should not be configured for preprocessed values. For finished values preprocess in the CPU, the limits for the overflow and underflow can be freely assigned. Smoothing factor Requirements for the function Configuration of the threshold trigger for this data point Restrictions The smoothing factor cannot be configured at the same time as mean value generation. A configured value has no effect when mean value generation is activated. Function Analog values that fluctuate quickly can be evened out using the smoothing function. The smoothing factors are calculated according to the following formula as with S7 analog input modules. yn = xn + ( k - 1) yn - 1 k where yn = smoothed value in the current cycle xn = value acquired in the current cycle n k = smoothing factor The following values can be configured for the module as the smoothing factor. 1 = No smoothing 4 = Weak smoothing 32 = Medium smoothing 64 = Strong smoothing 1108 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Set limit value 'low' / Set limit value 'high' Requirements for the function Configuration of the threshold trigger for this data point PLC tag in the bit memory operand area or data area The analog value data point must be linked to a PLC tag in the bit memory or data area (data block). For PLC tags of hardware modules (input operand area) limit value configuration is not possible. The configuration of limit values is pointless for measured values that have already been preprocessed on the CPU. Function In these two input boxes, you can set a limit value in the direction of the start of the measuring range or in the direction of the end of the measuring range. You can also evaluate the limit values, for example as the start or end of the measuring range. Status identifier "OVER_RANGE" With CPs that support status identifiers (not the CP 1243-8 IRC), if the limit value is overshot or undershot, the status identifier "OVER_RANGE" of the data point is set. This status identifiers are described in the section Status IDs of the data points (Page 1097). The "OVER_RANGE" bit of the status identifier of the data point is set as follows when the relevant analog value is transferred: Limit value 'high': - If the limit value is exceeded: OVER_RANGE = 1 - If the value falls below the limit value: OVER_RANGE = 0 Limit value 'low': - If the value falls below the limit value : OVER_RANGE = 1 - If the value then exceeds the limit value: OVER_RANGE = 0 Configuration of the limit value The limit value is configured as a whole decimal number. The range of values is based on the range of values of the raw value of analog input modules. Range Raw value (16 bits) of the PLC tag Decimal Hexadecimal Module output [mA] 0 .. 20 -20 .. +20 4 .. 20 (unipolar) (bipolar) (life zero) Measuring range [%] Overflow 32767 7FFF > 23.515 > 23.515 > 22.810 > 117.593 Overrange 32511 7EFF 23.515 23.515 22.810 117.593 Nominal range (unipolar / life zero) WinCC Advanced V14 System Manual, 10/2016 ... ... ... ... ... ... 27649 6C01 20.001 20.001 20.001 100.004 27648 6C00 20 20 100 ... ... ... ... ... 0 0000 0 4 0 1109 Editing devices and networks 10.1 Configuring devices and networks Range Raw value (16 bits) of the PLC tag Decimal Nominal range (bipolar) Underrange (unipolar / life zero) Underrange (bipolar) Undershoot / wire break Hexadecimal Module output [mA] 0 .. 20 -20 .. +20 4 .. 20 (unipolar) (bipolar) (life zero) Measuring range [%] 27648 6C00 20 100 ... ... ... ... 0 0000 0 0 ... .... ... ... -27648 9400 -1 FFFF -20 -0.001 -100 3.999 -0.004 ... ... ... ... ... -4864 ED00 -3.518 1.185 -17.59 -27649 93FF -20.001 -100.004 ... ... ... ... -32512 8100 -32768 8000 -23.516 < -3.518 -117.593 < 1.185 < -17.593 Note Evaluation of the value even when the option is disabled If you enable one or both options and configure a value and then disable the option later, the grayed out value is nevertheless evaluated. To disable the two options, delete the previously configured values limit values from the input boxes and then disable the relevant option. Recommendation for quickly fluctuating analog values: If the analog value fluctuates quickly, it may be useful to smooth the analog value first if limit values are configured. Processing status of messages (e-mails / SMS messages) Enable status identifier / External status If the option is enabled, the CP writes a processing status about the sent e-mail / SMS to a PLC tag. The meaning of the statuses is as follows: Table 10-90 SMS: Meaning of the status ID output in hexadecimal format Status Meaning 0000 Transfer completed free of errors 0001 Error in the transfer, possible causes: SIM card invalid. No network Wrong destination phone number (number not reachable) 1110 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-91 E-mails: Meaning of the processing status output in hexadecimal format Status Meaning 0000 Transfer completed free of errors 82xx Other error message from the e-mail server Apart from the leading "8", the status corresponds to the three-digit error number of the SMTP protocol. 8401 No channel available Possible cause: There is already an e-mail connection via the CP. A second connection cannot be set up at the same time. 8403 No TCP/IP connection could be established to the SMTP server. 8405 The SMTP server has denied the login request. 8406 An internal SSL error or a problem with the structure of the certificate was detected by the SMTP client. 8407 Request to use SSL was denied. 8408 The client could not obtain a socket for creating a TCP/IP connection to the mail server. 8409 It is not possible to write via the connection. Possible cause: The communications partner reset the connection or the connection aborted. 8410 It is not possible to read via the connection. Possible cause: The communications partner terminated the connection or the connection was aborted. 8411 Sending the e-mail failed. Cause: There was not enough memory space for sending. 8412 The configured DNS server could not resolve specified domain name. 8413 Due to an internal error in the DNS subsystem, the domain name could not be resolved. 8414 An empty character string was specified as the domain name. 8415 An internal error occurred in the cURL module. Execution was aborted. 8416 An internal error occurred in the SMTP module. Execution was aborted. 8417 Requests to SMTP on a channel already being used or invalid channel ID. Execution was aborted. 8418 Sending the e-mail was aborted. Possible cause: Execution time exceeded. 8419 The channel was interrupted and cannot be used before the connection is terminated. 8420 Certificate chain from the server could not be verified with the root certificate of the CP. 8421 Internal error occurred. Execution was stopped. 8450 Action not executed: Mailbox not available / unreachable. Try again later. 84xx Other error message from the e-mail server Apart from the leading "8", the status corresponds to the three-digit error number of the SMTP protocol. 8500 Syntax error: Command unknown. This also includes the error of having a command chain that is too long. The cause may be that the e-mail server does not support the LOGIN authentication method. Try sending e-mails without authentication (no user name). 8501 Syntax error. Check the following configuration data: Message configuration > Message parameters: Recipient address ("To" or "Cc"). 8502 Syntax error. Check the following configuration data: Message configuration > Message parameters: Email address (sender) WinCC Advanced V14 System Manual, 10/2016 1111 Editing devices and networks 10.1 Configuring devices and networks Status Meaning 8535 SMTP authentication incomplete. Check the "User name" and "Password" parameters in the CP configuration. 8550 SMTP server cannot be reached. You have no access rights. Check the following configura tion data: CP configuration > E-mail configuration: - User name - Password - Email address (sender) Message configuration > Message parameters: - Recipient address ("To" or "Cc"). 8554 Transfer failed 85xx Other error message from the e-mail server Apart from the leading "8", the status corresponds to the three-digit error number of the SMTP protocol. CP 1243-8 IRC Ethernet interface "Station address" parameter group "Station address": Adoption of the subscriber numbers from STEP 7 V5 The subscriber numbers are only displayed after you have imported the configuration data of the station from the STEP 7 V5 project. The subscriber numbers cannot be edited. As a default, all CPUs and CP 1243-8 have the subscriber number 0. The displayed parameters are shown alongside the corresponding parameters in STEP 7 V5. In the text file of the configuration data you will find the parameters in the SDB "Subscriber data". Table 10-92 "Station address" parameter group Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Node number of the CPU Node number of the CPU SINAUT configuration tool > Subscriber administration Node number of the TIM Node number of the TIM SINAUT configuration tool > Subscriber administration 1112 Remarks WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Time-of-day synchronization Time synchronization: Adoption of parameters from STEP 7 V5 The parameter group "Time synchronization" is only displayed after you have imported the configuration data from the STEP 7-V5 project. The displayed parameters are shown alongside the corresponding parameters in STEP 7 V5. In the text file of the configuration data you will find the parameters in the SDB "WAN data". Table 10-93 "Time synchronization" parameter group Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Synchronization cycle Synchronization cycle Properties dialog TIM > "Time Service" tab Seconds intervals Seconds intervals Minute intervals Minute intervals Properties dialog TIM > "Time Service" tab Hourly intervals Hourly intervals Time Time No synchronization No synchronization Hourly intervals / Minute inter Hourly intervals / Minute inter Properties dialog TIM > vals / Seconds intervals vals / Seconds intervals "Time Service" tab Time master Synchronization master Remarks Displays the configured value Properties dialog TIM > "Time Service" tab Advanced options > TCP connection monitoring Ethernet interface (X1) > Advanced options > TCP connection monitoring The setting applies to all TCP connections of the CP. Exception: The settings made here do not apply to connections programmed for Open User Communication with the program blocks.) TCP connection monitoring time If there is no data traffic within the connection monitoring time, the CP sends a keepalive to the communications partner. TCP keepalive monitoring time After sending a keepalive frame, the CP expects a reply from the communications partner within the keepalive monitoring time. If the CP does not receive a reply within the configured time, the keepalive frame is repeated twice. After the monitoring time elapses three times without a reply, the CP terminates and re-establishes the connection. WinCC Advanced V14 System Manual, 10/2016 1113 Editing devices and networks 10.1 Configuring devices and networks "MSC station parameters" parameter group "Advanced options" > "MSC station parameters": Adoption of the data from STEP 7 V5 The following parameters are only displayed after you have imported the configuration data of the station from the STEP 7 V5 project. The displayed parameters are shown alongside the corresponding parameters in STEP 7 V5. Table 10-94 "MSC master" parameter group Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Remarks Port number MSC master MSC port of the TIM SINAUT configuration tool > "MSC Master Properties" MSC port of the master MSCsec Security protocol active SINAUT configuration tool > "MSC Station Properties" MSCsec protocol is used when option is enabled Key exchange interval Rekeying interval [hours] SINAUT configuration tool > "MSC Station Properties" Own WAN address WAN address Properties WAN network no des > "Network Attachment" tab Own WAN address (station address) Table 10-95 Parameter group "MSC partner parameters" Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Remarks Partner WAN address WAN address Properties WAN network no des > "Network Attachment" tab WAN address (station ad dress) of the partner (master) Connection mode Connection mode Properties TIM > "Interfaces" tab Interface mode of the partner: SINAUT configuration tool > "MSC Master Properties" Internet Access (MSC mas ter): Address type Name (via DNS) IP address MSC protocol version Enable security protocol SINAUT configuration tool > "MSC Station Properties" User name User name SINAUT configuration tool > "MSC Station Properties" Password Password SINAUT configuration tool > "MSC Station Properties" Partner IP address 1114 SINAUT configuration tool > "MSC Master Properties" Protocol variant of the CP (MSC / MSCsec) IP address of the router (In ternet Access) WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Serial interface WAN parameters "WAN parameters": Adoption of parameters from STEP 7 V5 The following parameters are only displayed after you have imported the configuration data of the station from the STEP 7 V5 project. The displayed parameters are shown alongside the corresponding parameters in STEP 7 V5. Depending on the configuration of the CP (protocol, network type, station type) not every parameter is displayed. In the text file of the configuration data you will find the parameters in the SDBs "WAN data" and "Ethernet data". Table 10-96 Parameter group "WAN parameters" Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Remarks Interface number Number of the interface Properties TIM > "Interfaces" tab TIM type Node type Properties WAN network no des > "Network Attachment" tab Network type Network type HW Config With Ethernet nodes derived from "Connection mode" (Properties TIM > "Interfa ces" tab) Operating mode Operating mode Properties Network > "Net work Settings" Spontaneous (with Ethernet networks) Polling Polling with time slots Multi-master-polling / time slots Network operating mode not used Frame format Frame format Properties Network > "Net work Settings" Acknowledgment type Acknowledgment type Properties Network > "Net work Settings" Repetition factor Repetition factor Properties Network > "Net work Settings" Preassigned with "3" for Ethernet Connection type Connection type Properties Network > "Net work Settings" Dependence on direction Telecontrol protocol WAN protocol Properties Network > "Net work Settings" Own WAN address WAN address Properties WAN network no des > "Network Attachment" tab WinCC Advanced V14 System Manual, 10/2016 Own WAN address (station address) 1115 Editing devices and networks 10.1 Configuring devices and networks Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Max. frame length Max. message length Properties Network > "Net work Settings" Number of spontaneous frames Number of spontaneous frames Properties WAN network no des > "Basic Param." tab Max. permitted disturbance time Max. permitted disturbance time Properties Network > "Dedi cated line" tab Partner WAN address WAN address Properties WAN network no des > "Network Attachment" tab WAN-address (Station ad dress) of the partner Baud rate Baud rate [bps] Properties Network > "Net work Settings" [Bit/s] Monitoring time Depending on the network type: Network type: Polling Monitoring time Dial-up network Number of local CPUs Number of local CPUs Dedicated line Call answer delay MSC network Monitoring time RTS/CTS delay time RTS/CTS delay time [ms] Properties WAN network no des > "Dedicated line" tab Send delay time Send delay time Properties WAN network no des > "Dedicated line" tab Dial mode Dial mode Properties WAN network no des > "Dialing Param." tab Dialing format Dialing format Properties WAN network no des > "Dialing Param." tab Dial test interval Dial test interval Properties Network nodes > "Dialup network" tab Additional frame run time Additional frame run time Properties WAN network no des > "Basic Param." tab ID Customer identification Properties Network > "Net work Settings" Transmission criterion Transmission criterion Properties WAN network no des > "Dialup network" tab Hour / minute (transmission criterion) "Transmission criterion" pa rameter Interface operating mode "In Operating mode terrupt" Properties Network nodes > "Basic Param." tab AT initialization Properties Network nodes > "AT initialization" tab Initialization string AT initialization when using MSC PIN 1116 Remarks Display of "Hour" / "Minute" when transmission criterion = "Time" or "Interval". AT initialization when using MSC PIN number Properties WAN network no des > "Dialing Param." tab WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-97 "Call parameters" parameter group Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Own phone number Own phone number Properties WAN network no des > "Dialing Param." tab Redial Redial Properties Network > "Net work Settings" Cancel parameter Cancel parameter Properties Network > "Net work Settings" Station type Remarks WAN driver type (master / node / station) Special services Special service Subscriber release status Station address WAN address Phone number Properties WAN network no des > "Dialing Param." tab SMS special services SINAUT configuration tool > tab "Telephone Directory" >Properties - Telephone Number Enable status of the subscrib er (enabled / disabled) Properties WAN network no des > "Network Attachment" tab SINAUT configuration tool > Network configuration Phone number of the sub scriber, components: Initiali zation command (max. 28 characters) or "AT", Dial com mand (max.. 4 characters.), telephone number (max. 32 characters) Partner stations Parameter group "Partner stations" Import partner configuration With the "Import partner configuration" button, you import the text data with the STEP 7 V5 configuration data of the proxy from the file system of the engineering station. You will find a description of the parameters in the following sections. Reset partner configuration With the "Reset partner configuration" button, you delete all the configuration data of the CP that you previously imported from a text file with the "Import partner configuration" button. With this function you reset the partner configuration data to the status of an unconfigured module. WinCC Advanced V14 System Manual, 10/2016 1117 Editing devices and networks 10.1 Configuring devices and networks Imported configuration data file This output box shows the name of the text file whose configuration data you last loaded on this CP. Last import This output box shows the time at which you imported the configuration data file. Partner configuration data Adoption of parameters from STEP 7 V5 After importing the configuration data of the station from the STEP 7 V5 project, the partner configuration data is displayed. For the individual partner stations, only the two following parameters can be configured: Report partner status (connection to partner) PLC tag for partner status The remaining parameters are only displayed. In the text file of the configuration data you will find the parameters in the SDBs "Subscriber data" and "Ethernet data". Table 10-98 "Partner stations" parameter group Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Remarks Subscriber x Subscriber ID Identifier for the subscriber type: 0 = CPU 1 = TIM Subscriber number Subscriber number SINAUT configuration tool > Subscriber administration Subscriber additional identifi er Automatically assigned iden tifier Subscriber type Module type of the STEP 7 V5 configuration Report partner status (con nection to partner) If the option is enabled, the CP signals the status of the connection to the remote communications partner to the CPU. PLC tag for partner status PLC tag for the partner status Connection to partner Interface identifier Automatically assigned iden tifier Subnet of the partner Automatically assigned iden tifier 1118 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter in STEP 7 Basic / Professional Parameter in STEP 7 V5 Configuration in STEP 7 V5 Remarks CFB reference Automatically assigned iden tifier Connection type Automatically assigned iden tifier WAN address WAN address Properties WAN network no des > "Network Attachment" tab Subscriber number of the partner: SINAUT configuration tool > Subscriber administration WAN-address (Station ad dress) of the partner Partner Partner subscriber number Download from device Restrictions when downloading from a CP 12438 IRC When you download the configuration data from a CP 12438 IRC using the online functions, the following data will not be fully downloaded: Partner station data Configuration and partner data of the data points References to PLC tags related to communication partners In order to use the STEP 7 project after a complete download from the devices, you need to download the original export files from STEP 7 V5 with the configuration data of proxies into each CP 12438 IRC (Import partner configuration). WinCC Advanced V14 System Manual, 10/2016 1119 Editing devices and networks 10.1 Configuring devices and networks Mobile wireless CPs CP 12427 (6GK7 2427KX300XE0) Operating modes of CP 1242-7 Modes of the CP CP 12427 (6GK7 2427KX300XE0) allows an S71200 to communicate as a GPRS station with a master or other remote networks via the GSM network. For communication using GPRS, the CP is set to one of the following operating modes: Telecontrol This operating mode of the CP allows the GPRS station to exchange data with the following partners: - Communication with the Telecontrol server This CP mode allows the GPRS station to exchange data with a telecontrol server. The Telecontrol server is a PC connected to the Internet with the "TCSB" application. It is generally located in the master and serves to monitor and control the remote GPRS stations. Data can be exchanged with the OPC client of a central control system via the integrated OPC interface. The Telecontrol server PC is not configured in STEP 7. The "TCSB" application has its own configuration user interface. - Communication with another remote GPRS station The message frames are transmitted via the Telecontrol server. - Communication with an engineering station (for TeleService) Communication with the Telecontrol server is performed via the GSM network and the Internet. This operating mode requires a SIM card with GPRS service enabled and a Telecontrol server that can be reached by the CP. GPRS direct This operating mode of the CP is used for direct communication between remote stations via the GSM network. No Telecontrol server is required. To allow network nodes in public wireless networks to be directly accessible, these need to be addressed using a fixed address. Here, SIM cards with a fixed IP address are used that allow the stations to address each other directly. The possible communications services and security functions (for example VPN) depend on what is offered by the network provider. Possible communications partners of the station with a CP 12427 in "GPRS direct" mode are: - A node that can be reached by the CP via an IP address (S7 station with CP 12427) - An engineering station (for TeleService) See also Connection establishment with a CP 1242-7 (Page 1121) 1120 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Connection establishment with a CP 1242-7 Connection modes of CP 12427 (6GK7 2427KX300XE0) "GPRS direct" mode There are no different connection modes in the "GPRS direct" mode. "Telecontrol" mode The CP can be configured for the following connection modes. - "Permanent" connection mode There is a permanent TCP connection to the telecontrol server. Following connection establishment, there is a permanent TCP connection to the telecontrol server even if data is not transferred permanently. - "Temporary" connection mode A connection is only established to the telecontrol server when required. If a TCP connection is established, process data is sent as soon as the telecontrol instructions are called on the CPU. A connection is always established by the CP. If a connection established by the CP is interrupted, the CP automatically attempts to re-establish the connection. Triggering connection establishment for permanent stations ("Telecontrol" mode) In the "Telecontrol" mode, the permanent connection to the telecontrol server is established when the station starts up. If there is an interruption on the connection, the establishment of the connection can be triggered by a wake-up SMS (see below). Triggering connection establishment for temporary stations ("Telecontrol" mode) With "temporary" stations, connection establishment can be triggered by the following events: Event on the local CPU that needs to be evaluated by the program. In terms of the program, two situations need to be distinguished: - Events that lead to a single connection establishment (for example alarms or commands from the operator). - Expiry of an interval that leads to cyclic connection establishment (for example once daily for data transmission) Request by a communications partner (OPC client or S7 station) The request from the communications partner leads to the connection being established. Request for TeleService by an engineering station The request switched by the telecontrol server or TeleService gateway does not need to be evaluated in the program. Wake-up SMS of the telecontrol server The wake-up SMS can be triggered spontaneously on the telecontrol server. It is also possible to configure cyclic sending on the telecontrol server. WinCC Advanced V14 System Manual, 10/2016 1121 Editing devices and networks 10.1 Configuring devices and networks Telephone wake-up call The wake-up call can be sent from a telephone that has a phone number authorized in the STEP 7 project. The telephone must support the CLIP function (transfer of its own call number). The connection establishment with the (main) telecontrol server is triggered. Telephone wake-up SMS The wake-up SMS can be sent from a telephone that has a phone number authorized in the STEP 7 project. The telephone must support the CLIP function (transmission of its own number) and sending of SMS. The connection establishment with the telecontrol server specified in the SMS is triggered. When a temporary station is woken up, all the data is transferred if this has changed since the last data transfer. Wake-up call / wake-up SMS in the "Telecontrol" operating mode For wake-up call or wake-up SMS, see section Wake-up of cellular CPs (Page 1122). Triggering connection establishment in "GPRS direct" mode In "GPRS direct" mode, a connection establishment is triggered by the following events: Event on the local CPU that is evaluated by the program. Request by a communications partner (not an engineering station) The request in the frame received from the communications partner is evaluated in the program by calling the telecontrol instructions. Request for TeleService by an engineering station The request switched by the telecontrol server or TeleService gateway does not need to be evaluated in the program. Wake-up of cellular CPs Right to wake-up by "Authorized phone numbers" The CP only accepts a wake-up SMS or a wake-up call if the sending communication partner is authorized based on its phone number. These numbers are in configured for the CP in STEP 7 in the "authorized phone numbers" list. Note "Authorized phone numbers" in the STEP 7 project A phone number entered here gives the sender who transfers this phone number the right to trigger connection establishment. If an asterisk (*) is entered in the list, the CP accepts SMS messages from all senders. If the list is empty, the CP cannot be woken up for connection establishment. 1122 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Wake-up SMS Depending on the connection type and the triggering server or intermediary TeleService server, the following text must be transferred in the wake-up SMS: For telecontrol connections: - Text for the wake-up SMS message for establishing a connection to the telecontrol server: TELECONTROL - Text for the wake-up SMS message for establishing a connection to the main telecontrol server: TELECONTROL MAIN - Text for the wake-up SMS message for establishing a connection to the substitute telecontrol server: TELECONTROL BACKUP The configuration of the telecontrol server for the GPRS CP is set in STEP 7 in "Telecontrol interface > Operating mode > main or substitute telecontrol server". Note Wake-up with a mobile phone One of the texts listed above can be used in a wake-up SMS message. With a wake-up call, the station always connects to the main telecontrol server. For TeleService connections: - Text for the wake-up SMS message for establishing a connection to the first configured TeleService server: TELESERVICE or TELESERVICE 1 - Text for the wake-up SMS message for establishing a connection to the second configured TeleService server: TELESERVICE 2 The configuration of the TeleService server for the GPRS CP is set in STEP 7 in "Telecontrol interface > TeleService authorization > 1st or 2nd TeleService server". WinCC Advanced V14 System Manual, 10/2016 1123 Editing devices and networks 10.1 Configuring devices and networks Preferred mobile wireless networks Selection of the preferred mobile wireless networks The following options are available to select the networks that the mobile wireless CP should preferably dial up: Automatic The CP dials with highest priority into the mobile wireless network of the contracted network provider set on the SIM card. If a dialing up the contract network fails, the CP dials up other mobile wireless networks with which the network provider has roaming contracts and whose access data is stored on the SIM card. Contract network only The CP only dials up the mobile wireless network of the contract network provider whose SIM card is plugged into the CP. No roaming. Contract network and preferred networks The CP dials up the contracted network with the highest priority. If dialing up the contract network is unsuccessful, the CP dials up alternative mobile wireless networks, in decreasing priority, as entered in the list of preferred network providers. The alternative networks are entered in the list as "Public Land Mobile Network" (PLMN). PLMN is a construct of Mobile Country Code (MCC) and Mobile Network Code (MNC). Example: 26276 This is the PLMN for the test network of Siemens AG with MCC = 262 and MNC = 76. TeleService via mobile wireless (S7-1200) Download using TeleService (S7-1200) The following behavior applies to all mobile wireless CPs: CP 12427 (6GK7 2427KX300XE0) CP 12427 GPRS V2 (6GK7 2427KX310XE0) CP 12437 LTEEU (6GK7 2437KX300XE0) CP 12437 LTEUS (6GK7 2437SX300XE0) Connection resources for TeleService The TeleService function occupies a connection resource on the engineering station. The function download to device or upload from device during a TeleService session occupies a second connection resource on the engineering station. 1124 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Download to device Only use the "Download to device" function with the mobile wireless CP via a TeleService connection as follows: 1. Select the CP in STEP 7. 2. Select the "Online" > "Download to device" menu. 3. In the "Extended download" dialog that appears, select the TeleService interface. 4. Download the project data from the "Extended download" dialog. Download from device The "Download from device" function via a TeleService connection is supported by the mobile wireless CPs with the following TeleService server applications: TeleControl Server Basic as of version V3 TeleService Gateway as of version V3 TeleService via telecontrol (S7-1200) Communication path for TeleService via telecontrol With TeleService via telecontrol, the connection between the engineering station and a remote S7 station always runs through a TeleService server as an intermediary. The request for connection establishment is triggered by the engineering station and forwarded by the TeleService server. Depending on the available communication paths to the station, the TeleService server forwards the request to the next station via LAN or by a wake-up SMS. The telecontrol CP in the S71200 station establishes a connection to the engineering station via the TeleService server. An alternative intermediary (TeleService server) is: A telecontrol server The telecontrol server can be a separate PC or installed on the engineering station in the form of the "TCSB" application. A TeleService gateway A TeleService gateway is used when no telecontrol server is available. The TeleService server can be connected to the engineering station via LAN or Internet and the TeleService function can be called from there. Requirements for TeleService via telecontrol A TeleService server The STEP 7 project with the required stations Note on project engineering The TeleService server is not configured in STEP 7. WinCC Advanced V14 System Manual, 10/2016 1125 Editing devices and networks 10.1 Configuring devices and networks Establish remote connection via telecontrol (S7-1200) Requirements for TeleService via telecontrol For the requirements and mechanisms, see section TeleService via telecontrol (Page 1125). Start a TeleService session via telecontrol Start TeleService via telecontrol as follows: 1. In the project on the authorized engineering station, select the remote S7 station with which you want to establish a TeleService connection via WAN. 2. Alternatively, open the "Connect online" dialog box as follows: - "Connect online" button - "Connect online" shortcut menu (right mouse button) - "Online" > "Connect online" menu The "Connect online" dialog box opens. 3. Select the interface type "TeleService via Telecontrol" in the "Type of PG/PC interface" drop-down list. 4. In the "PG/PC interface" drop-down list, select the "TeleService board" option if it is not automatically displayed. 5. Click on the "Connect" icon next to the "PG/PC interface" drop-down list. The "Establish remote connection via telecontrol" dialog box opens. 6. Make the necessary settings in this dialog. Details of this are contained in the tooltip cascade of STEP 7. The following details are required to successfully establish a connection: Details required to establish a connection with the S7 station The following information is necessary in the Establish remote connection" dialog: IP address or DNS name of the telecontrol server TCP port number of the telecontrol server or the DSL router via which the connection between the engineering station and the remote S7 station is running. Server password of the ES to authenticate the engineering station at the telecontrol server Only required if a group-specific password has been configured in the "TCSB" application. TeleService user name See CP configuration in STEP 7. TeleService password See CP configuration in STEP 7. Access ID of the CP Only required when there are several telecontrol CPs in the station. See CP configuration in STEP 7. 1126 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Status (S7-1200) Connection states with TeleService via telecontrol The connection states described below can be displayed in the "Establish remote connection via telecontrol" dialog box. When opening the dialog Not connected There is no connection to the remote S7 station. Connection establishment has not yet started. When establishing a connection If connection establishment was started by clicking the "Connect" button, the following states are displayed one after the other after the connection has been established: Connect to telecontrol server The engineering station connects to the telecontrol server. Wait for S7 station The wake-up SMS has been sent to the remote station. Wait for reply from station. Authentication at S7 station The S7 station has established an IP connection with the engineering station via GPRS and Internet and is checking the received logon and authentication data. Connected The station has successfully established the connection to the engineering station. If connection establishment is unsuccessful The following states may be displayed if the connection cannot be successfully established: Telecontrol server not accessible Possible causes: - The connection between the engineering station and the telecontrol server has been interrupted. - The telecontrol server is switched off. Wrong server password Cause: The wrong server password for logging on and authentication was entered at the telecontrol server. S7 station not responding Possible causes: - The communication between the telecontrol server and the station is disrupted. - There is a disrupted connection between the mobile wireless network and the Internet. - Faulty Internet connection. - The telecontrol server could not send a wake-up SMS. - The CP has not received a wake-up SMS. - The sender of the SMS was not configured in the list of authorized wake-up call numbers. WinCC Advanced V14 System Manual, 10/2016 1127 Editing devices and networks 10.1 Configuring devices and networks Wrong TeleService user name or TeleService password Possible causes: - An incorrect TeleService user name or incorrect TeleService password was entered in the authentication dialog for the CP. - The TeleService user name or TeleService password was not configured in STEP 7. All TeleService access points are in use. The CP is not known to the telecontrol server. Cause: The CP originates from a STEP 7 project that does not match the project of the telecontrol server. No resources available for TeleService on the CP: Please contact the hotline. Protocol error Cause: Wrong frame or frame from wrong subscriber. Please contact the hotline. 10.1.4.3 SCALANCE X, W and M Configuring SCALANCE X / W / M Legal notice Qualified personnel The product/system belonging to this documentation may only be handled by qualified personnel for the intended purpose taking into account the documentation relating to the intended purpose and, in particular, the safety and warning notices it contains. Due to training and experience, qualified personnel is capable of recognizing risks and avoiding possible dangers when handling these products/systems. Configuring SCALANCE X System functions Availability of the system functions The following table shows the availability of the system functions on the IE switches. Note that all functions are described in the online help. Depending on your IE switch, some functions are not available. 1128 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks We reserve the right to make technical changes. Informa tion System functions WinCC Advanced V14 System Manual, 10/2016 SCALANCE XB-200 SCALANCE XC-200 SCALANCE XP-200 SCALANCE XM-400/ SCALANCE XR-500 ARP table Log table Ethernet Statistics Diagnostics - (Tempera (Tempera ture) ture) (Tempera ture & power) DNS - - - 1) SMTP client DHCP client DHCP server (restricted) SNMP Manual time setting DST - 1) SNTP NTP SIMATIC Time Client PTP - - - 3) Auto logout Syslog Client Fault monitoring PNIO EtherNet/IP - PLUG - - Power over Ethernet - - ("PoE" identifier in the device name) Port diagnostics 1129 Editing devices and networks 10.1 Configuring devices and networks Layer 2 functions 1130 SCALANCE XB-200 SCALANCE XC-200 SCALANCE XP-200 SCALANCE XM-400/ SCALANCE XR-500 NFC - - 4) Sending priorities - CoS assignment DSCP assignment QoS prioritization CoS port reassignment - Load control GVRP - Port-based VLAN Protocol-based VLAN group - - - Protocol-based VLAN port - - - IPv4 subnet-based VLAN - - - Port-based mirroring RSPAN - - - VLAN-based mirroring - - - MAC flow mirroring - - - IP flow mirroring - - - Dynamic MAC aging Ring redundancy Standby Observer - 1) Spanning Tree RSTP MSTP - Enhanced Passive Listening Compatibility Ring with RSTP - - - 2) Loop detection Link aggregation - DCP forwarding LLDP Unicast filter Locked ports Unicast learning Unicast blocking Multicast groups IGMP GMRP - Multicast blocking Broadcast blocking RMON WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SCALANCE XB-200 SCALANCE XC-200 SCALANCE XP-200 SCALANCE XM-400/ SCALANCE XR-500 - - - - 5) Passwords RADIUS authentication MAC authentication - 1) Guest VLAN - 1) 802.1X reauthentication MAC ACL - - - IP ACL - - - Management ACL RMON history Layer 3 functions Security functions 1) as of firmware version V4.0 2) as of firmware version V4.1 3) only SCALANCE XR528-6M and SCALANCE XR552-12M as of firmware version 5.0 4) only SCALANCE XM-400 5) integrated or using a KEY-PLUG Availability of hardware The following table shows the hardware of the IE switches. We reserve the right to make technical changes. SCALANCE XB-200 SCALANCE XC-200 SCALANCE XP-200 SCALANCE XM-400/ SCALANCE XR-500 Modularity - - - 1) C-PLUG - KEY-PLUG - - - Combo ports - - - Pluggable transceiver slots - - SELECT/SET button - RESET button - - Signaling contact - Serial interface Out-of-band interface - - - Display modes - 1) WinCC Advanced V14 System Manual, 10/2016 SCALANCE XM-400 via extender, SCALANCE XR-500 via media modules 1131 Editing devices and networks 10.1 Configuring devices and networks Configuration limits Configuration limits of the device The following table lists the configuration limits for Web Based Management and the Command Line Interface of the devices. The usability of various functions depends on the device type and whether or not a KEY-PLUG is inserted. Configurable function Maximum number SCALANCE SCALANCE SCALANCE XB-200 XC-200 XP-200 Sys Maximum frame size (ingress) tem 1632 bytes 1632 bytes 1632 bytes 9194 Byte (configurable) Syslog server 3 3 3 3 E-mail server 3 3 3 3 1) 24 24 24 1 24 24 24 1) 575 575 575 - 24 24 24 10 10 10 10 1 1 1 3 DHCP pools 16 IPv4 addresses per DHCP pool IPv4 addresses managed by the DHCP server (dynamic + static) DHCP static assignments per DHCP pool SNMP trap recipient SNTP server 1132 SCALANCE XM-400/ SCALANCE XR-500 16 NTP server 1 1 1 3 Agent/TIA interfaces 2) 1 1 1 1 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configurable function Maximum number SCALANCE SCALANCE SCALANCE XB-200 XC-200 XP-200 Lay Virtual LANs (port-based; including er 2 VLAN 1) WinCC Advanced V14 System Manual, 10/2016 SCALANCE XM-400/ SCALANCE XR-500 17 257 257 257 Protocol-based VLAN groups per port - - - 12 IPv4 subnet-based VLANs - - - 150 Private VLAN - - - 1 Primary PVLANs - - - 1 Secondary isolated PVLANs - - - 24 Secondary community PVLANs - - - 256 Mirroring sessions 1 1 1 7 Multiple Spanning Tree instances - 4 4 16 Link aggregations or Etherchannels each with a maximum of 8 ports per aggregation - 8 8 8 Ports in a link aggregation - 8 8 8 Static MAC addresses in the FDB (Forward Database) 128 128 128 256 Multicast addresses without active GMRP 256 512 512 512 Multicast addresses with active GMRP - 50 50 50 VLANs whose data traffic can be mirrored to a monitor port - - - 255 RSPAN sessions - - - 1 1133 Editing devices and networks 10.1 Configuring devices and networks Configurable function Maximum number SCALANCE SCALANCE SCALANCE XB-200 XC-200 XP-200 Lay IP interfaces er 3 Entries in the hardware routing table SCALANCE XM-400/ SCALANCE XR-500 1 1 1 127 - - - 4096 Static routes - - - 100 Possible routes to the same desti nation - - - 8 DHCP relay agent interfaces 1 1 1 127 DHCP Relay Agent servers 4 4 4 4 NAT interfaces - - - 5 VRRP router interfaces (only VLAN interfaces) - - - 52 OSPF areas per device - - - 5 OSPF area range entries per OSPF area (intra-area summary) - - - 3 OSPF interfaces - - - 40 OSPF interfaces per OSPF area - - - 40 OSPF virtual links (within an auton omous system) - - - 8 OSPF interface authentication keys - - - 200 (40 interfaces each with 5 keys) OSPF virtual link authentication key - - - 40 (8 virtual links each with 5 keys) PIM components - - - 1 Rendezvous points - - - 3 Candidates for rendezvous points - - - 3 Static rendezvous points Se Roles curi Users ty Groups - - 3 1 1 29 1 1 1 28 - - - 32 4 4 4 4 10 10 10 10 Rules for port ACL MAC - - - 128 Ingress and egress rules for port ACL MAC (total) - - - 312 Rules for port ACL IP - - - 128 Ingress and egress rules for port ACL IP (total) - - - 312 Rules for VLAN ACL IP - - - 128 IP addresses from RADIUS servers Management ACLs (access rules for management) 1134 1 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 1) With the SCALANCE XB-200, the number of DHCP pools and manageable IPv4 addresses depends on the number of ports. The number of ports corresponds to the maximum number of DHCP pools and manageable IPv4 addresses. 2) This is an IP interface. Useful information IP addresses IPv4 / IPv6 What are the essential differences? IP configuration IPv4 IPv6 DHCP server Automatic: Manual - Creates a link local address for every interface on which IPv6 is activated. - Stateless Address Autoconfiguration (SLAAC): Stateless autoconfiguration using NDP (Neighbor Discovery Protocol) Manual Stateful DHCPv6 Available IP addresses 32-bit: 4, 29 * 109 address 128-bit: 3, 4 * 1038 addresses es Address format Decimal: 192.168.1.1 Hexadecimal: 2a00:ad80::0123 with port: 192.168.1.1:20 with port: [2a00:ad80::0123]:20 Loopback 127.0.0.1 ::1 IP addresses of the interface 4 IP addresses Multiple IP addresses LLA: A link local address (formed automatically) fe80::/128 per interface ULA: Several unique local unicast addresses per interface GUA: Several global unicast addresses per interface Header Checksum Checking at a higher layer Variable length Fixed size Fragmentation in the header Fragmentation in the extension header No security Fragmentation Host and router Only endpoint of the communication Quality of service Type of Service (ToS) for prioritization The prioritization is specified in the header field "Traffic Class". Types of frame Broadcast, multicast, uni cast Multicast, unicast, anycast WinCC Advanced V14 System Manual, 10/2016 1135 Editing devices and networks 10.1 Configuring devices and networks Identification of DHCP clients/ server IPv4 IPv6 Client ID: DUID + IAID(s) = exactly one interface of the host MAC address DUID = DHCP unique identifier Identifies server and clients uniquely and should not change, not even when replacing network components! IAID = Identity Association Identifier At least one per interface is generated by the client and re mains unchanged when the DHCP client restarts Three methods of obtaining the DUID DUID-LLT DUID-EN DUID-LL DHCP via UDP with broadcast via UDP with unicast RFC 3315, RFC 3363 Stateful DHCPv6 Status-dependent configuration in which the IPv6 address and the configuration settings are transferred. Four DHVPv6 messages are exchanged between client and server: 1. SOLICIT: Sent by the DHCPv6 client to localize DHCPv6 servers. 2. ADVERTISE The available DHCPv6 servers reply to this. 3. REQUEST The DHCPv6 client requests an IPv6 address and the configuration settings from the DHCPv6 server. 4. REPLY The DHCPv6 server sends the IPv6 address and the configuration settings. If the client and server support the function "Rapid commit" the procedure is shortened to two DHCPv6 messages SOLICIT and REPLY . Stateless autoconfiguration In stateless DHCPv6, only the configuration settings are trans ferred. Prefix delegation The DHCPv6 server delegates the distribution of IPv6 prefixes to the DHCPv6 client. The DHCPv6 client is also known as PD router. Resolution of IP addresses in hardware addresses 1136 ARP (Address Resolution Protocol) NDP (Neighbor Discovery Protocol) WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks IPv4 address Structure of an IPv4 address Address classes IP address range Max. number of networks Max. number of hosts/net work 126 16777214 16383 2097151 1.x.x.x through 126.x.x.x 128.0.x.x through 191.255.x.x 192.0.0.x through 223.255.255.x Class CIDR A /8 65534 B /16 254 C /24 224.0.0.0 - 239.255.255.255 Multicast applications D 240.0.0.0 - 255.255.255.255 Reserved for future applications E An IP address consists of 4 bytes. Each byte is represented in decimal, with a dot separating it from the previous one. This results in the following structure, where XXX stands for a number between 0 and 255: XXX.XXX.XXX.XXX The IP address is made up of two parts, the network ID and the host ID. This allows different subnets to be created. Depending on the bytes of the IP address used as the network ID and those used for the host ID, the IP address can be assigned to a specific address class. Subnet mask The bits of the host ID can be used to create subnets. The leading bits represent the address of the subnet and the remaining bits the address of the host in the subnet. A subnet is defined by the subnet mask. The structure of the subnet mask corresponds to that of an IP address. If a "1" is used at a bit position in the subnet mask, the bit belongs to the corresponding position in the IP address of the subnet address, otherwise to the address of the computer. Example of a class B network: The standard subnet address for class B networks is 255.255.0.0; in other words, the last two bytes are available for defining a subnet. If 16 subnets must be defined, the third byte of the subnet address must be set to 11110000 (binary notation). In this case, this results in the subnet mask 255.255.240.0. To find out whether two IP addresses belong to the same subnet, the two IP addresses and the subnet mask are ANDed bit by bit. If both logic operations have the save result, both IP addresses belong to the same subnet, for example, 141.120.246.210 and 141.120.252.108. Outside the local area network, the distinction between network ID and host ID is of no significance, in this case packets are delivered based on the entire IP address. Note In the bit representation of the subnet mask, the "ones" must be set left-justified; in other words, there must be no "zeros" between the "ones". WinCC Advanced V14 System Manual, 10/2016 1137 Editing devices and networks 10.1 Configuring devices and networks IPv6 addresses IPv6 terms Network node A network node is a device that is connected to one or more networks via one or more interfaces. Router A network node that forwards IPv6 packets. Host A network node that represents an end point for IPv6 communication relations. Link A link is, according to IPv6 terminology, a direct layer 3 connection within an IPv6 network. Neighbor A network node located on the same link as the network node. IPv6 interface Physical or logical interface on which IPv6 is activated. Path MTU Maximum permitted packet size on a path from a sender to a recipient. Path MTU discovery Mechanism for determining the maximum permitted packet size along the entire path from a sender to a recipient. LLA Link local address FE80::/10 As soon as IPv6 is activated on the interface, a link local address is formed automatically. Can only be reached by accounts located on the same link. ULA Unique Local Address Defined in RFC 4193. Via this address, the IPv6 interface can be reached in the LAN. GUA Global Unicast Address Via this address, the IPv6 interface can be reached, e.g. via the Internet. Interface ID The interface ID is formed with the EUI-64 method or manually. EUI-64 Extended Unique Identifier (RFC 4291); method for forming the interface ID. In Ethernet, the interface ID is formed from the MAC address of the interface. Divides the MAC address into 1138 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks the manufacturer-specific part (OUI) and the network-specific part (NIC) and inserts FFFE between the two parts. Example: MAC address = AA:BB:CC:DD:EE:FF OUI = AA:BB:CC NIC = DD:EE:FF EUI-64 = OUI + FFFE + NIC = AA:BB:CC:FF:FE:DD:EE:FF Scope Defines the range of the IPv6 address. Structure of an IPv6 address IPv6 address format - notation IPv6 addresses consist of 8 fields each with four-character hexadecimal numbers (128 bits in total). The fields are separated by a colon. Example: fd00:0000:0000:ffff:02d1:7d01:0000:8f21 Rules / simplifications: If one or more fields have the value 0, a shortened notation is possible. The address fd00:0000:0000:ffff:02d1:7d01:0000:8f21 can also be shortened and written as follows: fd00::ffff:02d1:7d01:0000:8f21 To ensure uniqueness, this shortened form can only be used once within the entire address. Leading zeros within a field can be omitted. The address fd00:0000:0000:ffff:02d1:7d01:0000:8f21 can also be shortened and written as follows: fd00::ffff:2d1:7d01:0000:8f21 Decimal notation with periods The last 2 fields or 4 bytes can be written in the normal decimal notation with periods. Example: The IPv6 address fd00::ffff.125.1.0.1 is equivalent to fd00::ffff:7d01:1 WinCC Advanced V14 System Manual, 10/2016 1139 Editing devices and networks 10.1 Configuring devices and networks Structure of the IPv6 address The IPv6 protocol distinguishes three types of address: Unicast , anycast and multicast. The following section describes the structure of the global unicast addresses. IPv6 prefix Suffix Global prefix: Subnet ID Interface ID n bits m bits 128 - n - m bits Assigned address range Description of the location, also subnet prefix or subnet Unique assignment of the host in the net work. The ID is generated from the MAC address. The prefix for the link local address is always fe80:0000:0000:0000. The prefix is shortened and noted as follows: fe80:: IPv6 prefix Specified in: RFC 4291 The IPv6 prefix represents the subnet identifier. Prefixes and IPv6 addresses are specified in the same way as with the CIDR notation (Classless Inter-Domain Routing) for IPv4. Design IPv6 address / prefix length Example IPv6 address: 2001:0db8:1234::1111/48 Prefix: 2001:0db8:1234::/48 Interface ID: ::1111 Entry and appearance The entry of IPv6 addresses is possible in the notations described above. IPv6 addresses are always shown in the hexadecimal notation. 1140 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PROFINET PROFINET PROFINET is an open standard (IEC 61158/61784) for industrial automation based on Industrial Ethernet. PROFINET uses existing IT standards and allows end-to-end communication from the field level to the management level as well as plant-wide engineering. PROFINET also has the following features: Use of TCP/IP Automation of applications with real-time requirements - Real-Time (RT) communication - Isochronous Real-Time (IRT) communication Seamless integration of fieldbus systems You configure PROFINET in "System > PROFINET (Page 1272)". PROFINET IO Within the framework of PROFINET, PROFINET IO is a communications concept for implementing modular, distributed applications. PROFINET IO is implemented by the PROFINET standard for programmable controllers (IEC 61158-x-10). EtherNet/IP EtherNet/IP EtherNet/IP (Ethernet/Industrial Protocol) is an open industry standard for industrial real-time Ethernet based on TCP/IP and UDP/IP. With EtherNet/IP, Ethernet is expanded by the Common Industrial Protocol (CIP) at the application layer. In EtherNet/IP, the lower layers of the OSI reference model are adopted by Ethernet with the physical, network and transport functions. You configure EtherNet/IP in "System > EtherNet/IP (Page 1273)". Common Industrial Protocol The Common Industrial Protocol (CIP) is an application protocol for automation that supports transition of the field buses in Industrial Ethernet and in IP networks. This industry protocol is used by field buses/industrial networks such as DeviceNet, ControlNet and EtherNet/IP at the application layer as an interface between the deterministic fieldbus world and the automation application (controller, I/O, HMI, OPC, ...). The CIP is located above the transport layer and expands the pure transport services with communications services for automation engineering. These include services for cyclic, time-critical and event-controlled data traffic. CIP distinguishes between time-critical I/O messages (implicit messages) and individual query/ response frames for configuration and data acquisition (explicit messages). CIP is objectoriented; all data "visible" from the outside is accessible in the form of objects. CIP has a common configuration basis: EDS (Electronic Data Sheet). WinCC Advanced V14 System Manual, 10/2016 1141 Editing devices and networks 10.1 Configuring devices and networks Electronic Data Sheet Electronic Data Sheets (EDS) are electronic datasheets for describing devices. The EDS required for EtherNet/IP operation can be found in "System > Load&Save". VLAN VLAN Network definition regardless of the spatial location of the nodes VLAN (Virtual Local Area Network) divides a physical network into several logical networks that are shielded from each other. Here, devices are grouped together to form logical groups. Only nodes of the same VLAN can address each other. Since multicast and broadcast frames are only forwarded within the particular VLAN, they are also known as broadcast domains. The particular advantage of VLANs is the reduced network load for the nodes and network segments of other VLANs. To identify which packet belongs to which VLAN, the frame is expanded by 4 bytes (VLAN tagging (Page 1143)). This expansion includes not only the VLAN ID but also priority information. Options for the VLAN assignment There are various options for the assignment to VLANs: Port-based VLAN Each port of a device is assigned a VLAN ID. You configure port-based VLAN in "Layer 2 > VLAN > Port-based VLAN". Protocol-based VLAN Each port of a device is assigned a protocol group. You configure protocol-based VLAN in "Layer 2 > VLAN > Protocol-based VLAN port". IPv4 Subnet-based VLAN The IPv4 address of the device is assigned a VLAN ID. You configure subnet-based VLAN in "Layer 2 > VLAN > lPv4 subnet-based VLAN". processing the VLAN assignment If more than one VLAN assignment is created on the device, the assignments are processed in the following order: 1. IPv4 subnet-based VLAN 2. Protocol-based VLAN 3. Port-based VLAN The frame is first examined for the IPv4 address. If a rule on the "lPv4 subnet-based VLAN" tab applies, the frame is sent to the corresponding VLAN. If no rule applies, the protocol type of the frame is examined. If a rule on the "Protocol-based VLAN port" tab applies, the frame 1142 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks is sent to the corresponding VLAN. If no rule applies, the frame is sent via the port-based VLAN. The rules for the port-based VLAN are specified on the "Port-based VLAN" tab. See also General (Page 1292) GVRP (Page 1295) Port-based VLAN (Page 1296) Protocol-based VLAN group (Page 1297) Protocol-based VLAN port (Page 1298) IPv4 subnet-based VLAN (Page 1298) VLAN tagging Expansion of the Ethernet frames by four bytes For CoS (Class of Service, frame priority) and VLAN (virtual network), the IEEE 802.1Q standard defined the expansion of Ethernet frames by adding the VLAN tag. Note The VLAN tag increases the permitted total length of the frame from 1518 to 1522 bytes. The end nodes on the networks must be checked to find out whether they can process this length / this frame type. If this is not the case, only frames of the standard length may be sent to these nodes. The additional 4 bytes are located in the header of the Ethernet frame between the source address and the Ethernet type / length field: 3UHDPEOH E\WHV 'HVWLQDWLRQ DGGUHVV E\WHV 6RXUFH DGGUHVV E\WHV 73,' E\WHV 7&, E\WHV 7\SH E\WHV 'DWD aE\WHV &5& E\WHV [ 3ULRULW\ ELWV 9/$1,' ELWV &), ELW Figure 10-10 Structure of the expanded Ethernet frame WinCC Advanced V14 System Manual, 10/2016 1143 Editing devices and networks 10.1 Configuring devices and networks The additional bytes contain the tag protocol identifier (TPID) and the tag control information (TCI). Tag protocol identifier (TPID) The first 2 bytes form the Tag Protocol Identifier (TPID) and always have the value 0x8100. This value specifies that the data packet contains VLAN information or priority information. Tag Control Information (TCI) The 2 bytes of the Tag Control Information (TCI) contain the following information: QoS Trust The tagged frame has 3 bits for the priority that is also known as Class of Service (CoS). The priority according to IEEE 802.1P is as follows: CoS bits Type of data 000 Non time-critical data traffic (less then best effort [basic setting]) 001 Normal data traffic (best effort [background]) 010 Reserved (standard) 011 Reserved ( excellent effort ) 100 Data transfer with max. 100 ms delay 101 Guaranteed service, interactive multimedia 110 Guaranteed service, interactive voice transmission 111 Reserved The prioritization of the data packets is possible only if there is a queue in the components in which they can buffer data packets with lower priority. The device has multiple parallel queues in which the frames with different priorities can be processed. First, the frames with the highest priority ("Strict Priority" method) are processed. This method ensures that the frames with the highest priority are sent even if there is heavy data traffic. Canonical Format Identifier (CFI) The CFI is required for compatibility between Ethernet and the token Ring. The values have the following meaning: Value Meaning 0 The format of the MAC address is canonical. In the canonical representation of the MAC address, the least significant bit is transferred first. Standard-setting for Ethernet switches. 1 The format of the MAC address is not canonical. VLAN ID 1144 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks In the 12-bit data field, up to 4096 VLAN IDs can be formed. The following conventions apply: VLAN ID Meaning 0 The frame contains only priority information (priority tagged frames) and no valid VLAN identifier. 1- 4094 Valid VLAN identifier, the frame is assigned to a VLAN and can also include priority information. 4095 Reserved Private VLAN With a private VLAN (PVLAN) you can divide up the layer 2 broadcast domains of a VLAN. A private VLAN consists of the following units: A primary private VLAN (primary PVLAN) The VLAN that is divided up is called primary private VLAN. secondary private VLANs (secondary PVLAN) Secondary PVLANs exist only within a primary PVLAN. Every secondary PVLAN has a specific VLAN ID and is connected to the primary PVLAN. Secondary PVLANs are divided into the following types: - Isolated Secondary PVLAN Devices within an isolated secondary PVLAN cannot communicate with each other via layer 2. - Community Secondary PVLAN Devices within a community secondary PVLAN can communicate with each other directly via layer 2. The devices cannot communicate with devices in other communities of the PVLAN via layer 2. Note VALAN ID with secondary PVLANs If you use the same VLAN ID for secondary PVLANs on different IE switches, the end devices in these secondary PVLANs can communicate with other via layer 2 across the different switches. WinCC Advanced V14 System Manual, 10/2016 1145 Editing devices and networks 10.1 Configuring devices and networks /D\HU Primary PVLAN X Server PC2 PC1 PC4 PC3 Secondary PVLAN 10 Isolated Secondary PVLAN 20 Community Private VLAN PC5 Secondary PVLAN 30 Community VLAN Y 3URPLVFXRXV3RUW7DJJHG0HPEHU 3URPLVFXRXV3RUW8QWDJJHG0HPEHU +RVW3RUW8QWDJJHG0HPEHU In this example, the ports of the IE switches that connect them to other IE switches are promiscuous ports. These network ports are tagged members in all PVLANs: Primary PVLAN and all secondary PVLANs. The ports to which the PCs are connected are host ports. The host ports are all untagged members in the primary PVLAN and in their secondary PVLAN. The port to which the server is connected is a promiscuous port. This promiscuous port ports is an untagged member in all PVLANs: Primary PVLAN and all secondary PVLANs. In this example all PCs can communicate with the server. The server can communicate with all PCs. PC1 cannot communicate with any other PC. The PCs within a community secondary PVLAN can communicate with each other but not with the PCs in another secondary PVLAN. SNMP Introduction With the aid of the Simple Network Management Protocol (SNMP), you monitor and control network components from a central station, for example routers or switches. SNMP controls the communication between the monitored devices and the monitoring station. 1146 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Tasks of SNMP: Monitoring of network components Remote control and remote parameter assignment of network components Error detection and error notification In versions v1 and v2c, SNMP has no security mechanisms. Each user in the network can access data and also change parameter assignments using suitable software. For the simple control of access rights without security aspects, community strings are used. The community string is transferred along with the query. If the community string is correct, the SNMP agent responds and sends the requested data. If the community string is not correct, the SNMP agent discards the query. Define different community strings for read and write permissions. The community strings are transferred in plain text. Standard values of the community strings: public has only read permissions private has read and write permissions Note Because the SNMP community strings are used for access protection, do not use the standard values "public" or "private". Change these values following the initial commissioning. Further simple protection mechanisms at the device level: Allowed Host The IP addresses of the monitoring systems are known to the monitored system. Read Only If you assign "Read Only" to a monitored device, monitoring stations can only read out data but cannot modify it. SNMP data packets are not encrypted and can easily be read by others. The central station is also known as the management station. An SNMP agent is installed on the devices to be monitored with which the management station exchanges data. The management station sends data packets of the following type: GET Request for a data record from the SNMP agent GETNEXT Calls up the next data record. GETBULK (available as of SNMPv2c) Requests multiple data records at one time, for example several rows of a table. SET Contains parameter assignment data for the relevant device. WinCC Advanced V14 System Manual, 10/2016 1147 Editing devices and networks 10.1 Configuring devices and networks The SNMP agent sends data packets of the following type: RESPONSE The SNMP agent returns the data requested by the manager. TRAP If a certain event occurs, the SNMP agent itself sends traps. SNMPv1/v2c/v3 use UDP (User Datagram Protocol) and use the UDP ports 161 and 162. The data is described in a Management Information Base (MIB). SNMPv3 Compared with the previous versions SNMPv1 and SNMPv2c, SNMPv3 introduces an extensive security concept. SNMPv3 supports: Fully encrypted user authentication Encryption of the entire data traffic Access control of the MIB objects at the user/group level With the introduction of SNMPv3 you can no longer transfer user configurations to other devices without taking special action, e.g. by loading a configuration file or replacing the CPLUG. According to the standard, the SNMPv3 protocol uses a unique SNMP engine ID as an internal identifier for an SNMP agent. This ID must be unique in the network. It is used to authenticate access data of SNMPv3 users and to encrypt it. Depending on whether you have enabled or disabled the "SNMPv3 User Migration" function, the SNMP engine ID is generated differently. Restriction when using the function Use the "SNMPv3 User Migration" function only to transfer configured SNMPv3 users to a substitute device when replacing a device. Do not use the function to transfer configured SNMPv3 users to multiple devices. If you load a configuration with created SNMPv3 users on several devices, these devices use the same SNMP engine ID. If you use these devices in the same network, your configuration contradicts the SNMP standard. Compatibility with predecessor products You can only transfer SNMPv3 users to a different device if you have created the users as migratable users. To create a migratable user the "SNMPv3 User Migration" function must be activated when you create the user. 1148 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Redundancy mode Spanning Tree Avoiding loops on redundant connections The spanning tree algorithm allows network structures to be created in which there are several connections between two stations. Spanning tree prevents loops being formed in the network by allowing only one path and disabling the other (redundant) ports for data traffic. If there is an interruption, the data can be sent over an alternative path. The functionality of the spanning tree algorithm is based on the exchange of configuration and topology change frames. Definition of the network topology using the configuration frames The devices exchange configuration frames known as BPDUs (Bridge Protocol Data Units) with each other to calculate the topology. The root bridge is selected and the network topology created using these frames. BPDUs also bring about the status change of the root ports. The root bridge is the bridge that controls the spanning tree algorithm for all involved components. Once the root bridge has been specified, each device sets a root port. The root port is the port with the lowest path costs to the root bridge. Response to changes in the network topology If nodes are added to a network or drop out of the network, this can affect the optimum path selection for data packets. To be able to respond to such changes, the root bridge sends configuration messages at regular intervals. The interval between two configuration messages can be set with the "Hello Time" parameter. Keeping configuration information up to date With the "Max Age" parameter, you set the maximum age of configuration information. If a bridge has information that is older than the time set in "Max Age", it discards the message and initiates recalculation of the paths. New configuration data is not used immediately by a bridge but only after the period specified in the "Forward Delay" parameter. This ensures that operation is only started with the new topology after all the bridges have the required information. WinCC Advanced V14 System Manual, 10/2016 1149 Editing devices and networks 10.1 Configuring devices and networks RSTP, MSTP, CIST Rapid Spanning Tree Protocol (RSTP) One disadvantage of STP is that if there is a disruption or a device fails, the network needs to reconfigure itself: The devices start to negotiate new paths only when the interruption occurs. This can take up to 30 seconds. Fur this reason, STP was expanded to create the "Rapid Spanning Tree Protocol" (RSTP, IEEE 802.1w). This differs from STP essentially in that the devices are already collecting information about alternative routes during normal operation and do not need to gather this information after a disruption has occurred. This means that the reconfiguration time for an RSTP controlled network can be reduced to a few seconds. This is achieved by using the following functions: Edge ports (end node port) Edge ports are ports connected to an end device. A port that is defined as an edge port is activated immediately after connection establishment. If a spanning tree BPDU is received at an edge port, the port loses its role as edge port and it takes part in (R)STP again. If no further BPDU is received after a certain time has elapsed (3 x hello time), the port returns to the edge port status. Point-to-point (direct communication between two neighboring devices) By directly linking the devices, a status change (reconfiguration of the ports) can be made without any delays. Alternate port (substitute for the root port) A substitute for the root port is configured. If the connection to the root bridge is lost, the device can establish a connection over the alternate port without any delay due to reconfiguration. Reaction to events Rapid spanning tree reacts to events, for example an aborted connection, without delay. There is no waiting for timers as in spanning tree. Counter for the maximum bridge hops The number of bridge hops a package is allowed to make before it automatically becomes invalid. In principle, therefore with rapid spanning tree, alternatives for many parameters are preconfigured and certain properties of the network structure taken into account to reduce the reconfiguration time. Multiple Spanning Tree Protocol (MSTP) The Multiple Spanning Tree Protocol (MSTP) is a further development of the Rapid Spanning Tree Protocol. Among other things, it provides the option of operating several RSTP instances within different VLANs or VLAN groups and, for example, making paths available within the individual VLANs that the single Rapid Spanning Tree Protocol would globally block. 1150 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Common and Internal Spanning Tree (CIST) CIST identifies the internal instance used by the switch that is comparable in principle with an internal RSTP instance. HRP HRP - High Speed Redundancy Protocol HRP is the name of a redundancy method for networks with a ring topology. The switches are interconnected via ring ports. One of the switches is configured as the redundancy manager (RM). The other switches are redundancy clients. Using test frames, the redundancy manager checks the ring to make sure it is not interrupted. The redundancy manager sends test frames via the ring ports and checks that they are received at the other ring port. The redundancy clients forward the test frames. If the test frames of the RM no longer arrive at the other ring port due to an interruption, the RM switches through its two ring ports and informs the redundancy clients of the change immediately. The reconfiguration time after an interruption of the ring is a maximum of 0.3 seconds. Standby redundancy Standby redundancy is a method with which rings each of which is protected by high-speed redundancy can be linked together redundantly. In the ring, a master/slave device pair is configured and these monitor each other via their ring ports. If a fault occurs, the data traffic is redirected from one Ethernet connection (standby port of the master or standby server) to another Ethernet connection (standby port of the slave). Requirements HRP is supported in ring topologies with up to 50 devices. Exceeding this number of devices can lead to a loss of data traffic. For HRP, only devices that support this function can be used in the ring. All devices must be interconnected via their ring ports. Devices that do not support HRP must be linked to the ring using special devices with HRP capability. Up to the ring, this connection is not redundant. Standby General SCALANCE X switches support not only ring redundancy within a ring but also redundant linking of rings or open network segments (linear bus). In the redundant link, rings are connected together over Ethernet connections. This is achieved by configuring a master/slave device pair in one ring so that the devices monitor each other and, in the event of a fault, redirect the data traffic from the normally used master Ethernet connection to the substitute (slave) Ethernet connection. WinCC Advanced V14 System Manual, 10/2016 1151 Editing devices and networks 10.1 Configuring devices and networks Standby redundancy Operator Station Operator Stations S7-300 Industrial Ethernet / PROFINET (Twisted Pair) Industrial Ethernet / PROFINET (Fiber Optic) SCALANCE XR528-6M SCALANCE XM408-8C 100 Mbit/s SCALANCE X208 S7-1500 SCALANCE XB205-3 as standby master S7-1500 SCALANCE XB205-3 as standby slave 100 Mbit/s S7-400 SCALANCE X308-2 SCALANCE X204-2 IPC SIMATIC S7-1200 Figure 10-11 Example of a redundant link between rings For a redundant link as shown in the figure, two devices must be configured as standby redundancy switches within a network segment. In this case, network segments are rings with a redundancy manager. Instead of rings, network segments might also be linear. The two standby redundancy switches connected in the configuration exchange data frames with each other to synchronize their operating statuses (one device is master and the other slave). If there are no problems, only the link from the master to the other network segment is active. If this link fails (for example due to a link-down or a device failure), the slave activates its link as long as the problem persists. 1152 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MRP MRP - Media Redundancy Protocol The "MRP" method conforms to the Media Redundancy Protocol (MRP) specified in the following standard: IEC 624392 Edition 1.0 (201002) Industrial communication networks High availability automation networks Part 2: Media Redundancy Protocol (MRP) The reconfiguration time after an interruption of the ring is a maximum of 0.2 seconds. Requirements Requirements for problem-free operation with the MRP media redundancy protocol are as follows: MRP is supported in ring topologies with up to 50 devices. Except in PROFINET IO systems, topologies with up to 100 SCALANCE X-200 and SCALANCE X-300 IE switches were tested successfully. Exceeding this number of devices can lead to a loss of data traffic. The ring in which you want to use MRP may only consist of devices that support this function. These include, for example, some of the Industrial Ethernet SCALANCE X switches, some of the communications processors (CPs) for SIMATIC S7 and PG/PC or non-Siemens devices that support this function. All devices must be interconnected via their ring ports. Multimode connections up to 3 km and single mode connections up to 26 km between two SCALANCE X IE switches are possible. At greater distances, the specified reconfiguration time may be longer. "MRP" must be activated on all devices in the ring (see section "Configuration in STEP 7 (Page 1155)"). The connection settings (transmission medium / duplex) must be set to full duplex and at least 100 Mbps for all ring ports. Otherwise there may be a loss of data traffic. - STEP 7: Set all the ports involved in the ring to "Automatic settings" in the "Options" tab of the properties dialog. - WBM: If you configure with Web Based Management, the ring ports are set automatically to autonegotiation. WinCC Advanced V14 System Manual, 10/2016 1153 Editing devices and networks 10.1 Configuring devices and networks Topology The following schematic shows a possible topology for devices in a ring with MRP. SIMATIC S7-400 PC Operator Station SIMATIC S7-400 SIMATIC S7-300 PC SCALANCE XB205-3 6&$/$1&( ;0 SIMATIC S7-400 SCALANCE X310 Redundancy domain SIMATIC S7-1500 S7-400 with CP 443-1 S7-1500 with CP 1543-1 SCALANCE X208 SIMATIC S7-1500 SIMATIC S7-1200 Industrial Ethernet (Twisted Pair) SIMATIC S7-1200 Figure 10-12 Example of a ring topology with the MRP media redundancy protocol The following rules apply to a ring topology with media redundancy using MRP: All the devices connected within the ring topology are members of the same redundancy domain. One device in the ring is acting as redundancy manager. All other devices in the ring are redundancy clients. Non MRP-compliant devices can be connected to the ring via a SCALANCE X switch or via a PC with a CP 1616. 1154 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration in WBM Role The choice of role depends on the following use cases: You want to use MRP in a ring topology only with Siemens devices: - For at least one device in the ring select "Automatic Redundancy Detection" or "MRP Auto Manager". - For all other devices in the ring select "MRP Client" or "Automatic Redundancy Detection". You want to use MRP in a ring topology that also includes non-Siemens devices: - For exactly one device in the ring select the role "MRP Auto Manager". - For all other devices in the ring topology, select the role of "MRP Client". Note The use of "Automatic Redundancy Detection" is not possible when using non-Siemens devices. You configure the devices in an MRP ring topology partly with WBM and partly with STEP 7: - With the devices you configure using WBM, select "MRP Client" for all devices. - With the devices that you configure using STEP 7, select precisely one device as "Manager" or "Manager (Auto)" and "MRP Client" for all other devices. Note If a device is assigned the role of "Manager" with STEP 7, all other devices in the ring must be assigned the "MRP Client" role. If there is a device with the "Manager" role and a device with the "Manager (Auto)"/"MRP Auto-Manager" in a ring, this can lead to circulating frames and therefore to failure of the network. Configuration In WBM, you configure MRP on the following pages: AUTOHOTSPOT AUTOHOTSPOT Configuration in STEP 7 Configuration in STEP 7 To create the configuration in STEP 7, select the parameter group "Media redundancy" on the PROFINET interface. WinCC Advanced V14 System Manual, 10/2016 1155 Editing devices and networks 10.1 Configuring devices and networks Set the following parameters for the MRP configuration of the device: Domain Role Ring port Diagnostic interrupts These settings are described below. Note Valid MRP configuration In the MRP configuration in STEP 7, make sure that all devices in the ring have a valid MRP configuration before you close the ring. Otherwise, there may be circulating frames that will cause a failure in the network. One device in the ring needs to be configured as "redundancy manager and all other devices in the ring as "clients". Note Note factory settings With brand new SCALANCE XB-200/SCALANCE XP-200 (EtherNet/IP variants), SCALANCE XM-400 and SCALANCE XR-500 switches and those set to the factory settings, MRP is disabled and spanning tree enabled. To load a PROFINET configuration on one of the devices named using MRP, first disable spanning tree on the device using the WBM or CLI. Note Changing the role If you want to change the MRP role, first open the ring. Note Starting up and restarting The MRP settings remain in effect following a restart of the device or following a power down and hot restart. Note Prioritized startup If you configure MRP in a ring, you cannot use the "prioritized startup" function in PROFINET applications on the devices involved. If you want to use the "prioritized startup" function, then disable MRP in the configuration. In the STEP 7 configuration, set the role of the relevant device to "Not a node in the ring". 1156 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Domain Single MRP rings If you want to configure a single MRP ring, leave the factory setting "mrpdomain 1" in the "Domain" drop-down list. All devices configured in a ring with MRP must belong to the same redundancy domain. A device cannot belong to more than one redundancy domain. If you leave the setting for "Domain" as the factory set "mrpdomain-1", the defaults for "Role" and "Ring ports" also remain active. MRP multiple rings If you configure multiple MRP rings, the nodes of the ring will be assigned to the individual rings with the "Domain" parameter. Set the same domain for all devices within a ring. Set different domains for different rings. Devices that do not belong to the same ring must have different domains. Role The choice of role depends on the following use cases. You want to use MRP in a topology with one ring only with Siemens devices and without monitoring diagnostic interrupts: Assign all devices to the "mrpdomain1" domain and the role "Manager (Auto)". The device that actually takes over the role of redundancy manager, is negotiated by Siemens devices automatically. You want to use MRP in a topology with multiple rings only with Siemens devices and without monitoring diagnostic interrupts (MRP multiple rings): - Assign the device that connects the rings the role of "Manager". - For all other devices in the ring topology, select the role of "Client". WinCC Advanced V14 System Manual, 10/2016 1157 Editing devices and networks 10.1 Configuring devices and networks You want to use MRP in a ring topology that also includes non-Siemens devices or you want to receive diagnostic interrupts relating to the MRP status from a device (see "Diagnostic interrupts"): - Assign precisely one device in the ring the role of "Manager (Auto)". - For all other devices in the ring topology, select the role of "Client". You want to disable MRP: Select the option "Not node in the ring" if you do not want to operate the device within a ring topology with MRP. Note Role after resetting to factory settings With brand new Siemens devices and those reset to the factory settings the following MRP role is set: CPs: "Manager (Auto)" SCALANCE X-200, SCALANCE XC-200, SCALANCE XB-200/SCALANCE XP-200 (PROFINET variants), SCALANCE X-300 and SCALANCE X-400: "Automatic Redundancy Detection" If you are operating a non-Siemens device as the redundancy manager in the ring, this may cause loss of the data traffic. With brand new SCALANCE XB-200/SCALANCE XP-200 (EtherNet/IP variants), SCALANCE XM-400 and SCALANCE XR-500 IE switches and those set to the factory settings, MRP is disabled and spanning tree enabled. Ring port 1 / ring port 2 Here, select the port you want to configure as ring port 1 and ring port 2. With devices with more than 8 ports, not all ports can be selected as ring port. The drop-down list shows the selection of possible ports for each device type. If the ports are specified in the factory, the boxes are grayed out. NOTICE Ring ports after resetting to factory settings If you reset to the factory settings, the ring port settings are also reset. If other ports were used previously as ring ports before resetting, with the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. Diagnostic interrupts Enable the "Diagnostic interrupts" option, if you want diagnostic interrupts relating to the MRP status on the local CPU to be output. 1158 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The following diagnostic interrupts can be generated: Wiring or port error Diagnostic interrupts are generated if the following errors occur at the ring ports: - Connection abort on a ring port - A neighbor of the ring port does not support MRP. - A ring port is connected to a non-ring port. - A ring port is connected to the ring port of another MRP domain. Status change active/passive (redundancy manager only) If the status changes (active/passive) in a ring, a diagnostics interrupt is generated. Parameter assignment of the redundancy is not set by STEP 7 (redundancy alternatives) This option only affects SCALANCE X switches. Select this option if you want to set the properties for media redundancy using alternative mechanisms such as WBM, CLI or SNMP. If you enable this option, existing redundancy settings from WBM, CLI or SNMP, are retained and are not overwritten. The parameters in the "MRP configuration" box are then reset and grayed out. The entries then have no meaning. Parallel Redundancy Protocol Parallel Redundancy Protocol The "Parallel Redundancy Protocol" (PRP) is a redundancy protocol for Ethernet networks. It is defined in Part 3 of the IEC 62439 standard. This redundancy method allows data communication to be maintained without interruption/reconfiguration time if there are interruptions in the network. The PRP method is supported, for example, by the devices of the SCALANCE X-200RNA product line. Overlong frames When sending PRP frames, the IE switch expands the frame with a PRP trailer. With frames with the maximum length, appending the PRP trailer results in an overlong frame that exceeds the maximum permitted frame length (according to the IEEE 802.3 standard). To prevent data loss with overlong frames, all network components located in a PRP network must support a frame length of at least 1528 bytes. The devices described in this manual can be used in PRP networks, see also section "Configuration limits (Page 1132)". WinCC Advanced V14 System Manual, 10/2016 1159 Editing devices and networks 10.1 Configuring devices and networks Routing function Introduction The term routing describes the specification of routes for communication between different networks; in other words, how does a data packet from subnet A get to subnet B. SCALANCE X supports the following routing functions: Static routing With static routing, the routes are entered manually in the routing table. Router redundancy With standardized VRRP (Virtual Router Redundancy Protocol), the availability of important gateways is increased by redundant routers. - VRRPv2 (IPv4) - VRRPv3 (IPv4 / IPv6) Dynamic routing The entries in the routing table are dynamic and are updated continuously. The entries are created with one of the following dynamic routing protocols: - OSPFv2 (IPv4) - OSPFv3 (IPv6) - RIPv2 (IPv4) - RIPng (IPv6) VRRP VRRPv2 Router redundancy with VRRP With the Virtual Router Redundancy Protocol (VRRP), the failure of a router in a network can be countered. VRRP can only be used with virtual IP interfaces (VLAN interfaces) and not with router ports. Several VRRP routers in a network segment are put together as a logical group representing a virtual router (VR). The group is defined using the virtual ID (VRID). Within the group, the VRID must be the same. The VRID can no longer be used for other groups. The virtual router is assigned a virtual IP address and a virtual MAC address. One of the VRRP routers within the group is specified as the master router. The master router has priority 255. The other VRRP routers are backup routers. The master router assigns the virtual IP address and the virtual MAC address to its network interface. The master router sends VRRP packets (advertisements) to the backup routers at specific intervals. With the VRRP packets, the master router signals that it is still functioning. The master router also replies to the ARP queries. If the virtual master router fails, a backup router takes over the role of the master router. The backup router with the highest priority becomes the master router. If the priority of the backup 1160 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks routers is the same, the higher MAC address decides. The backup router becomes the new virtual master router. The new virtual master router adopts the virtual MAC and IP address. This means that no routing tables or ARP tables need to be updated. The consequences of a device failure are therefore minimized. You configure VRRP in "Layer 3 (IPv4) > VRRP". VRRP3 Version 3 of VRRP is based on version 2. Note Enable routing to be able to use VRRPv3. You can only use VRRPv3 in conjunction with VLAN interfaces. Router ports are not supported. Simultaneous operation of VRRP and VRRPv3 is not possible. VRRPv3 supports IPv4 and IPv6. Both can be configured and operated at the same time with VRRP3. You configure VRRPv3 in: IPv4: Layer 3 (IPv4 )> VRRPv3 IPv6: Layer 3 (IPv6 )> VRRPv3 OSPF OSPFv2 Dynamic routing with OSPFv2 OSPF (Open Shortest Path First) is a cost-based routing protocol. To calculate the shortest and most cost-effective route, the Short Path First algorithm by Dijkstra is used. OSPF was developed by the IETF (Internet Engineering Task Force). You configure OSPFv2 in "Layer 3 (IPv4) > OSPFv2". OSPFv2 divides an autonomous system (AS) into different areas. WinCC Advanced V14 System Manual, 10/2016 1161 Editing devices and networks 10.1 Configuring devices and networks Areas in OSPF The following areas exist: Backbone The backbone area is area 0.0.0.0. All other areas are connected to this area. The backbone area is connected either directly or via virtual connections with other areas. All routing information is available in the backbone area. As a result, the backbone area is responsible for forwarding information between different areas. Stub Area This area contains the routes within its area within the autonomous system and the standard route out of the autonomous system. The destinations outside this autonomous system are assigned to the standard route. Totally Stubby Area This area knows only the routes within its area and the standard route out of the area. Not So Stubby Area (NSSA) This area can forward (redistribute) packets from other autonomous systems into the areas of its own autonomous system. The packets are further distributed by the NSSA router. Routers of OSPF OSPF distinguishes the following router types: Internal router (IR) All OSPF interfaces of the router are assigned to the same area. Area Border Router (ABR) The OSPF interfaces of the router are assigned to different areas. One OSPF interface is assigned to the backbone area. Where possible, routes are grouped together. Backbone Router (BR) At least one of the OSPF interfaces is assigned to the backbone area. Autonomous System Border Router (ASBR) One interface of the router is connected to a different AS, for example an AS that uses the routing protocol RIP. Virtual connection Each area must be connected to the backbone area. In some situations a direct physical connection is not possible. In this case, a router of the relevant area must be connected to a backbone router via a virtual connection. LSA types Within the autonomous system, packets are exchanged that contain information about the connections of a router and the connection status message. The packets are also known as LSAs (Link State Advertisements). The LSAs are always sent from the router to the neighbor router. If there are changes in the network, LSAs are sent to all routers in the network. The information depends on the LSA type. 1162 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 166$ $6%5 166$ $UHD $%5 6WXE$UHD ,5 %5 $%5 $%5 ,5 '5 $%5 ,5 6WXE$UHD %DFNERQH $UHD $%5 6WXE$UHD $6%5 WinCC Advanced V14 System Manual, 10/2016 Router LSA (LSA Type 1) The LSA Type 1 is only sent within an area. For each active connection of the router that belongs to the area in consideration, an LSA Type 1 is generated. The LSA Type 1 contains information about the status and the costs of the connection, for example IP address, network mask, network type Network LSA (LSA Type 2) The LSA Type 2 is sent only within an area. For each network that belongs to the relevant area, the router generates an LSA Type 2. If several routers are interconnected in a network, the LSA Type 2 is sent by the designated router (DR). The LSA Type 2 includes the network address, the network mask and a list of routers that are connected to the network 1163 Editing devices and networks 10.1 Configuring devices and networks Summary LSA (LSA Type 3 / LSA Type 4) The Summary LSA is generated by the area border router and sent into the area. The Summary LSA contains information about routes outside the area but inside the AS. Where possible, the routes are grouped together. Summary LSA (LSA Type 3) The LSA Type 3 describes the routes to the networks and advertises the standard route to the areas. AS Summary LSA (LSA Type 4) The LSA Type 4 describes the routes to the ASBR. External LSA (LSA Type 5 / LSA Type 7) The External LSA is generated by the ASBR. The LSA type depends on the area. AS External LSA (LSA Type 5) The LSA Type 5 is sent by the AS border router into the areas of the autonomous system except the Stub and NSSA areas. The LSA contains information about routes to a network in another AS. The routes are either created manually or learned externally. The ASBR uses LSA Type 5 to distribute standard routes to the backbone area. NSSA External LSA (LSA Type 7) The LSA Type 7 is generated by the AS border router of an NSSA. The router is also known as the NSSA ASBR. The LSA Type 7 is sent only within the NSSA. If the P bit in LSA Type 7 = 1, these LSAs are converted to LSA Type 5 by the ABR and sent to the backbone area. Establishing the neighborhood The router runs through the following statuses to establish a connection to the neighbor router. 1. Attempt state / Init state The router activates OSPF and begins to send and receive Hello packets. Based on the received Hello packets, the router learns which OSPF routers are in its vicinity. The router checks the content of the Hello packet. The Hello packet also contains the list of the neighbor routers (neighbor table) of the "sender". 2. Two way state If, for example, the ID of the area, the area type and the settings for the times match, a connection (adjacency) can be established to the neighbor. In a point-to-point network, the connection is established directly. If several neighbor routers can be reached in a network, the designated router (DR) and the designated backup router (DBR) are identified based on Hello packets. The router with the highest router priority becomes the designated router. If two routers have the same router priority, the router with the highest router ID becomes the designated router. The router establishes a connection to the designated router. 3. Exchangestart state The neighbor routers decide which router starts communication. The router with the higher router ID becomes the designated router. 4. Exchange state The neighbor routers send packets that describe the content of their neighborhood database. The neighborhood database (link state database - LSDB) contains information on the topology of the network. 1164 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 5. Loading state The router completes the received information. If the router still has questions relating to the status of a specific connection, it sends a link state request. The neighbor router sends a response (link state update). The response contains a suitable LSA. The router confirms receipt of the response (link state acknowledge). 6. Full State The information exchange with the neighbor router is completed. The neighborhood database of the neighbor router is the same. Based on the Short Path First algorithm, the router calculates a route to every destination. The route is entered in the routing table. Check the neighborhood The Hello packets are only used to establish the neighborhood relations. Hello packets are used to check the connection to the neighbor router by sending them cyclically. If no Hello packet is received within a certain interval (dead interval), the connection to the neighbor is marked as "down". The relevant entries are deleted. Updating the neighborhood database Once the neighborhood database is established, LSAs are sent to all routers in the network if there are changes in the topology. OSPFv3 Version 3 of OSPF is based on version 2 and is only used with IPv6. A large part of the routing mechanisms was adopted. OSPFv3 is defined in the RFCs 2740 and 5340. You configure OSPFv3 under "Layer 3 (IPv6) > OSPFv3". The following has not changed: The statuses that a router runs through to establish a connection to the neighbor router. The areas : Backbone, Stub Area, Totally Stubby Area, Not So Stubby Area (NSSA) The router types: Internal Router (IR), Area Border Router (ABR), Backbone Router (BR), Autonomous System Area Border Router (ASBR), Designated Router (DR) The router ID, the area ID and the ID of the LSA are entered in the IPv4 address format: x.x.x.x What has changed? Terms The terms network or subnet are replaced by link. Authentication The authentication was removed. Instead OSPFv3 uses IPsec, that is implemented in IPv6. Neighbor routers The neighbor routers are identified via the router ID. WinCC Advanced V14 System Manual, 10/2016 1165 Editing devices and networks 10.1 Configuring devices and networks Neighbor database The neighbor database (link state database - LSDB) is divided into different areas of application: Link scope LSDB Contains the link LSA Area scope LSDB contains the following LSAs - Router LSA - Network LSA - Inter-area prefix LSA - Inter area router LSA - Intra area prefix LSA AS scope LSDB Contains the AS external LSA LSA types Two new LSA types were defined for OSPFv3. OSPFv2 OSPFv3 Who Within Description 1 Router LSA 0x2001 Router LSA every router Area No longer contains address information. This is contained in the new LSA type 2009. 2 Network LSA 0x2002 Network LSA DR Area No longer contains address information. This is contained in the new LSA type 2009. 3 Summary LSA 0x2003 Inter-area ABR prefix LSA Area Same function as in OSPFv2, simply renamed 4 AS Summary LSA 0x2004 Inter-Area Router LSA ABR Area Same function as in OSPFv2, simply renamed 5 AS External LSA 0x4005 AS Exter nal LSA ASBR AS Same function as in OSPFv2, simply renamed 7 NSSA Exter nal LSA 0x2007 Type 7 LSA NSSA ASBR NSSA Same function as in OSPFv2, simply renamed 0x2008 Link LSA every router Link The LSA is sent by the router to every router linked to it. The LSA contains the link local address of the router and a list with IPv6 prefixes configured on the link. 0x2009 Intra area every prefix LSA router Area The LSA is sent only within an area. The LSA contains the IPv6 prefixes connected to the router or network. In contrast to OSPFv2, OSPFv3 can forward unknown LSA types. Previously these were deleted and not distributed further. 1166 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks RIP RIPv2 Dynamic routing with RIPv2 The Routing Information Protocol (RIPv2) is used to create routing tables automatically. RIPv2 is used in autonomous systems (AS) with a maximum of 15 routers. It is based on the DistanceVector algorithm. RIPv2 was developed by the IETF (Internet Engineering Task Force) and is described in RFC 2453. You configure RIPv2 in "Layer 3 (IPv4) > RIPv2". Setting up a routing table Since a router initially only knows its directly connected networks, it sends a request to its direct neighbor routers. As the reply, it receives the routing tables of the neighbor routers. Based on the information it receives, the router set up its own routing table. The routing table contains entries for all possible destinations. Each entry includes the distance to the destination and the first router on the route. The distance is also known as the metric. This indicates the number of routers to be passed through on the route to the destination (hop count). The maximum distance is 15 routers (hops). Updating the routing table Once the routing table is set up, the router sends its routing table to each direct neighbor router via the UDP port 520 at intervals of 30 seconds. The router compares new routing information with its existing routing table. If the new information includes shorter routes, the existing routes are overwritten. The router only keeps the shortest route to a destination. Checking neighbor routers If a router does not receive messages from a neighbor router for longer than 180 seconds, it marks the router as being invalid. The router assigns the metric 16 for the neighbor router. RIPng RIPng (RIP next generation) is only used with IPv6 and is defined in RFC 2080. As with RIP (IPv4), RIPng is based on the distance vector algorithm of Bellman-Ford. In contrast to RIPv2, RIPng is activated directly on the layer 3 interface (VLAN interface / router port) and not globally on the device. RIPng uses the UDP port 521 and RIP the UDP port 520. You configure RIPng in "Layer 3 (IPv6) > RIPng". WinCC Advanced V14 System Manual, 10/2016 1167 Editing devices and networks 10.1 Configuring devices and networks NAT/NAPT Note NAT/NAPT is possible only on layer 3 of the ISO/OSI reference model. To use the NAT function, the networks must use the IP protocol. When using the ISO protocol that operates at layer 2, it is not possible to use NAT. In Network Address Translation (NAT) IP subnets are divided into "Inside" and "Outside". The division is from the perspective of a NAT interface. All networks reachable via the NAT interface itself count as "Outside" for this interface. All networks reachable via other IP interfaces of the same device count as "Inside" for the NAT interface. If there s routing via the NAT interface, the source or destination IP addresses of the transferred data packets are changed at the transition between "Inside" and "Outside". Whether or not the source or destination IP address is changed depends on the communications direction. It is always the IP address of the communications node that is located "Inside" that is adapted. Depending on the perspective the IP address of a communications node is always designated as "Local" or "Global". Perspective Local Position Inside Outside Global An actual IP address that is as An IP address at which an internal signed to a device in the internal device can be reached from the network. This address cannot be external network. reached from the external network. An actual IP address that is assigned to a device in the external network. Since only "Inside" addresses are converted, there is no distinction made between outside local and outside global. Example In the example two IP subnets are connected together via an IE switch. The division is from the perspective of the NAT interface 10.0.0.155. The communication of PC2 with PC1 is implemented via NAT/NAPT. /D\HU ,QVLGH 3& *HU|W VLAN X: 192.168.16.0/24 1168 2XWVLGH 3& VLAN Y: 10.0.0.0/24 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The actual IP address of PC1 (inside local) is implemented statically with NAT. For PC2, PC1 can be reached at the inside global address. Perspective Position Local Global Inside 192.168.16.150 10.0.0.7 Outside 10.0.0.10 The actual IP address of PC1 (inside local) is implemented statically with NAPT. For PC2, PC1 can be reached at the inside global address. Perspective Position Local Global Inside 192.168.16.150:80 10.0.0.7:80 Outside 10.0.0.10:1660 Computing capacity Due to the load limitation of the CPU packet receipt of the device is limited to 300 packets a second. This corresponds to a maximum data through of 1.7 Mbps. This load limitation does not apply per interface but generally for all packets going the CPU. The entire NAT communication runs via the CPU and therefore represents competition for IP communication going to the CPU, e.g. WBM and Telnet. Note that a large part of the computing capacity is occupied if you use NAT. NAT With Network Address Translation (NAT), the IP address in a data packet is replaced by another. NAT is normally used on a gateway between an internal network and an external network. With source NAT, the inside local source address of an IP packet from a device in the internal network is rewritten by a NAT device to an inside global address at the gateway. With destination NAT, the inside global source address of an IP packet from a device in the external network is rewritten by a NAT device to an inside local address at the gateway. To translate the internal into the external IP address and back, the NAT device maintains a translation list. The address assignment can be dynamic or static. You configure NAT in "Layer 3 (IPv4) > NAT (Page 1368)". NAPT In "Network Address Port Translation" (NAPT), several internal source IP addresses are translated into the same external IP address. To identify the individual nodes, the port of the internal device is also stored in the translation list of the NAT device and translated for the external address. If several internal devices send a query to the same external destination IP address via the NAT device, the NAT device enters its own external source IP address in the header of these WinCC Advanced V14 System Manual, 10/2016 1169 Editing devices and networks 10.1 Configuring devices and networks forwarded frames. Since the forwarded frames have the same external source IP address, the NAT device assigns the frames to the devices using a different port number. If a device from the external network wants to use a service in the internal network, the translation list for the static address assignment needs to be configured. You configure NAPT in "Layer 3 (IPv4) > NAT > NAPT (Page 1371)". NAT/NAPT and IP routing You can enable NAT/NAPT and IP routing at the same time. In this case, you need to regulate the reachability of internal addresses from external networks with ACL rules. Link aggregation Link aggregation With link aggregation, several parallel physical connections with the same transmission speed are grouped together to form a logical connection with a higher transmission speed. This method based on IEEE 802.3ad is also known as port trunking or channel bundling. Link aggregation works only with full duplex connections with the same transmission speed in point-to-point mode. This achieves multiplication of the bandwidth or transmission speed. If part of the connection fails, the data traffic is handled via the remaining parts of the connection. To control and monitor, the Link Aggregation Control Layer (LACL) and the Link Aggregation Control Protocol (LACP) are used. Quality of service Quality of Service (QoS) is a method to allow efficient use of the existing bandwidth in a network. QoS is implemented by prioritization of the data traffic. Incoming frames are sorted into a Queue according to a certain prioritization and further processed. This gives certain frames priority. The different QoS methods influence each other and are therefore taken into account in the following order: 1. The switch first checks whether the incoming frame is a broadcast or agent frame. When the first condition is met, the switch takes into account the priority set on the "General (Page 1287)" page. The switch sorts the frame into a queue according to the assignment on page "CoS Map (Page 1288)". 2. If the first condition is not met the switch checks whether the frame contains a VLAN tag. If the second condition is met the switch checks the settings for the priority on the "General (Page 1287)" page. The switch checks whether a value other than "Do not force" is set for the priority. If the priority is set the switch sorts the frame into a queue according to the assignment on page "CoS Map (Page 1288)". 3. If the second condition is also not met the frames are further processed according to the Trust mode. You configure the Trust mode on the page "QoS Trust (Page 1289)". 1170 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also General (Page 1292) Authentication Overview of user management Access to the device is managed by configurable user settings. Set up users with a password for authentication. Assign a role with suitable rights to the users. The authentication of users can either be performed locally by the device or by an external RADIUS server. You configure how the authentication is handled on the "Security > AAA > General" page. When you transfer the configuration of a device to TIA, the configured users, roles and groups are not transferred. Compatibility with predecessor versions With firmware version 5.1, user management was expanded by the RADIUS authorization mode "Vendor Specific". To ensure compatibility with firmware versions 5.0, the default setting was selected so that following a firmware update the earlier authentication mode "conventional" continues to be used. Local login The local logging in of users by the device runs as follows: 1. The user logs in with user name and password on the device. 2. The device checks whether an entry exists for the user. If an entry exists, the user is logged in with the rights of the associated role. If no corresponding entry exists, the user is denied access. Login via an external RADIUS server RADIUS(Remote Authentication Dial-In User Service) is a protocol for authenticating and authorizing users by servers on which user data can be stored centrally. Depending on the RADIUS authorization mode you have selected on the "Security > AAA > RADIUS Client" page, the device evaluates different information of the RADIUS server. WinCC Advanced V14 System Manual, 10/2016 1171 Editing devices and networks 10.1 Configuring devices and networks RADIUS authorization mode "conventional" If you have set the authorization mode "conventional", the authentication of users via a RADIUS server runs as follows: 1. The user logs in with user name and password on the device. 2. The device sends an authentication request with the login data to the RADIUS server. 3. The RADIUS server runs a check and signals the result back to the device. - The RADIUS server reports a successful authentication and for the "Service Type" attribute returns the value "Administrative User" to the device The user is logged in with administrator rights. - The RADIUS server reports a successful authentication and returns a different or even no value to the device for the attribute "Service Type". The user is logged in with read rights. - The RADIUS server reports a failed authentication to the device: The user is denied access. RADIUS authorization mode "Vendor Specific" Requirement For the RADIUS authorization mode "Vendor Specific" the following needs to be set on the RADIUS server: Manufacturer code: 4196 Attribute number: 1 Attribute format: Character string (group name) Procedure 1172 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you have set the authorization mode "Vendor Specific", the authentication of users via a RADIUS server runs as follows: 1. The user logs in with user name and password on the device. 2. The device sends an authentication request with the login data to the RADIUS server. 3. The RADIUS server runs a check and signals the result back to the device. Case A: The RADIUS server reports a successful authentication and returns the group assigned to the user to the device. - The group is known on the device and the user is not entered in the table "External User Accounts" The user is logged in with the rights of the assigned group. - The group is known on the device and the user is entered in the table "External User Accounts" The user is assigned the role with the higher rights and logged in with these rights. - The group is not known on the device and the user is entered in the table "External User Accounts" The user is logged in with the rights of the role linked to the user account. - The group is not known on the device and the user is not entered in the table "External User Accounts" The user is logged in with the rights of the role "Default". Case B: The RADIUS server reports a successful authentication but does not return a group to the device. - The user is entered in the table "External User Accounts": The user is logged in with the rights of the linked role. - The user is not entered in the table "External User Accounts": The user is logged in with the rights of the role "Default". Case C: The RADIUS server reports a failed authentication to the device: - The user is denied access. Authentication method You can configure the authentication methods "802,1X" and "MAC Authentication" as well as the "Guest VLANGuest VLAN" option separately for each port. The functions have a hierarchical order. If all three functions are enabled, an attempt is made initially to authenticate the end device using "802.1x". If this authentication is unsuccessful, "MAC Authentication" is started. If this authentication is also unsuccessful, the end device is enabled for communication in the "Guest VLAN". "Guest VLAN" can only be used if at least one authentication method is active. The two authentication methods depend on the end device. If the end device supports EAP (Extensible Authentication Protocol), it can be authenticated using the "802.1X" method. If the end device does not support EAP, it can be authenticated using "MAC Authentication". In this case, the IE switch adopts the role of the end device and uses the MAC address of the device as the authentication parameter. WinCC Advanced V14 System Manual, 10/2016 1173 Editing devices and networks 10.1 Configuring devices and networks 802.1X The "802.1X" authentication method works as follows: An end device that supports EAP sends authentication information to the IE switch. The IE switch forwards the information to the authentication server. The authentication server checks the information and allows or denies the end device access to the network. MAC Authentication The "MAC Authentication" authentication method works as follows: As soon as the IE switch receives a frame from the end device, the IE switch sends a query to the RADIUS server to allow or deny the end device access to the network. Assignment of a VLAN via RADIUS or guest VLAN Authentication with a change to the VLAN configuration If during authentication a port is assigned to a VLAN dynamically using the function "RADIUS VLAN Assignment Allowed" or "Guest VLAN" the following happens: If the VLAN that is to be assigned has not been created on the device, the authentication is rejected. If the VLAN that is to be assigned has been created on the device: - The port becomes an untagged member in the assigned VLAN if it was not already. - The PVID of the port is changed to the ID of the assigned VLAN. Note If the port is only to be assigned to one VLAN, you need to adapt the VLAN configuration manually. As default, all ports are untagged members in "vlan 1". If the authentication is canceled, e.g. by link down, the dynamic changes are canceled. The port is no longer a member in the assigned VLAN. The PVID of the port is reset to the value it had prior to authentication. Authentication without a change to the VLAN configuration If during authentication no VLAN is assigned either by the function "RADIUS VLAN Assignment Allowed" or by "Guest VLAN", the existing VLAN configuration of the port remains unchanged. 1174 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Editing properties and parameters Editing options You have the following options for editing properties and parameters: Hardware and network editor Once you have inserted the network component, you can edit the properties and parameters, for example the device name. You will find more detailed information in "Hardware and network editor". Web Based Management (WBM) The parameters and properties are accessible using the supplied HTML pages (WBM pages). Each WBM page has its own help page that describes the properties and parameters. For further information, refer to the configuration manuals: - "SCALANCE XB-200/XC-200/XP-200 Web Based Management" You will find the configuration manual on the Internet pages of Siemens Industry Online Support inSCALANCE XB-200 (https://support.industry.siemens.com/cs/ww/en/ps/ 15291/man), SCALANCE XC-200 (https://support.industry.siemens.com/cs/ww/en/ps/ 15291/man) and SCALANCE XP-200 (https://support.industry.siemens.com/cs/ww/en/ ps/21869/man). - "SCALANCE XM-400/XR-500 Web Based Management" You will find this configuration manual on the Internet pages of Siemens Industry Online Support in SCALANCE XM-400 (https://support.industry.siemens.com/cs/ww/en/ps/ 15315/man) and SCALANCE XR-500 (https://support.industry.siemens.com/cs/ww/en/ ps/15317/man). Command Line Interface All the configuration settings for the device can be made using the CLI. The CLI provides the same options as Web Based Management (WBM). For further information, refer to the configuration manuals: - "SCALANCE XB-200/XC-200/XP-200 Command Line Interface" You will find the configuration manual on the Internet pages of Siemens Industry Online Support inSCALANCE XB-200 (https://support.industry.siemens.com/cs/ww/en/ps/ 15291/man), SCALANCE XC-200 (https://support.industry.siemens.com/cs/ww/en/ps/ 15291/man) and SCALANCE XP-200 (https://support.industry.siemens.com/cs/ww/en/ ps/21869/man). - "SCALANCE XM-400/XR-500 Command Line Interface" You will find this configuration manual on the Internet pages of Siemens Industry Online Support in SCALANCE XM-400 (https://support.industry.siemens.com/cs/ww/en/ps/ 15315/man) and SCALANCE XR-500 (https://support.industry.siemens.com/cs/ww/en/ ps/15317/man). Availability The availability of the settings depends on the port type on the configuration mode WinCC Advanced V14 System Manual, 10/2016 1175 Editing devices and networks 10.1 Configuring devices and networks SCALANCE X distinguishes the following port types: Switch port Router port The following configuration modes are available: Offline configuration You can configure a PC station the first time offline. In this mode only the settings that require no connection to the device are available. Online configuration mode If there is a connection to the device, there are additional pages available in the Inspector window. These pages include the note "This page is only available if there is an online connection to the device". With some settings, the additional information "only available online" is included. Creating and deleting an entry As an example, an entry will be created and deleted on the Syslog client. The procedure is valid on all pages. Creating a new entry 1. Select the device in the network or device view. 2. Open the properties of the device in the Inspector window. 3. In the Inspector window go to System > Syslog client. 4. Enter the IP address for the Syslog server. 5. Click in the table. 6. Select the entry "New entry" in the shortcut menu. A new entry is created in the table. Deleting an entry 1. Select the required entry in the table. 2. Select the "Delete" entry in the shortcut menu. Buttons you require often Refresh the display with "Refresh" Pages that display current parameters have a "Refresh" button at the lower edge of the page. Click this button to request up-to-date information from the device for the current page. Save settings for all ports with "Transfer to table" Pages on which you can configure several ports have 2 tables. In the first table, you can make the settings for all ports and transfer these to the second table. In the last column of the first table, there is the "Transfer to table" button. Click this button to save the settings you have made for all ports. 1176 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assigning the IP address Configuration options When shipped and after restoring to the factory settings, the device does not have an IP address. The following options are available to assign an IP address to the device: DHCP (default setting) Primary Setup Tool For further information, refer to the configuration manual "Primary Setup Tool". You will find the MIB at Siemens Industry Automation and Drives Service & Support on the Internet under the entry ID 19440762 (http://support.automation.siemens.com/WW/view/en/ 19440762). STEP 7 CLI via the serial interface For further information, refer to the configuration manual "SCALANCE XM-400/XR-500 Command Line Interface". You will find the configuration manual on the Internet pages of Siemens Industry Automation and Drives Service & Support (http:// support.automation.siemens.com/WW/view/en/48805144/133300). Requirement "Set IP address on device" is enabled in the properties of the device. You will find more detailed information in "Addressing PROFINET devices". Configuring SCALANCE XR-500 as IO device With a SCALANCE XR500 configured as a PROFINET IO device and assigned to an IO controller, the functions "Compile" and "Download to device" only download the data to the switch that can also be configured in Web Based Management (WBM) (layer 2, layer 3, system, security). If you want to use the "Compile" or "Download to device" functions for the PROFINET IO device data of the XR500, first select the assigned IO controller. Show information Versions Note The page is only available if there is an online connection to the device. This page shows the versions of the hardware and software of the device. WinCC Advanced V14 System Manual, 10/2016 1177 Editing devices and networks 10.1 Configuring devices and networks Description Table 1 has the following columns: Hardware - Basic device Shows the basic device. - PX.X X.X = port in which the SFP module is inserted. - Slot X X = slot number: Module plugged into this slot. Name Shows the name of the device or module. Revision Shows the hardware version of the device. Order number Shows the order number of the device or described module. Table 2 has the following columns: Software - Firmware Shows the current firmware version. If a new firmware file was downloaded and the device has not yet restarted, the firmware version of the downloaded firmware file is displayed here. After the next restart, the downloaded firmware is activated and used. - Bootloader Shows the version of the boot software stored on the device. Description Shows the short description of the software. Version Shows the version number of the software version. Date Shows the date on which the software version was created. I&M Note The page is only available if there is an online connection to the device. This page contains information about device-specific vendor and maintenance data such as the article number, serial number, version number etc. You cannot configure anything on this page. 1178 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed values The table has the following rows: Manufacturer ID Shows the manufacturer ID. Article number Shows the article number. Serial number Shows the serial number. Hardware revision Shows the hardware version. Software version Shows the software version. Revision counter Shows the revision counter: Counter for revisions since the initial commissioning Revision Date Date and time of the last revision Function tag Shows the function tag (plant designation) of the device. The plant designation (HID) is created during configuration of the device with HW Config of STEP 7. Location tag Shows the location tag of the device. The location identifier (LID) is created during configuration of the device with HW Config of STEP 7. Date Shows the date created during configuration of the device with HW Config of STEP 7. Description Shows the description created during configuration of the device with HW Config of STEP 7. ARP / neighbor table ARP table Note The page is only available if there is an online connection to the device. Assignment of MAC address and IP address With the Address Resolution Protocol (ARP), there is a unique assignment of MAC address to IPv4 addresses. This assignment is kept by each network node in its own separate ARP table. The page shows the ARP table of the device. WinCC Advanced V14 System Manual, 10/2016 1179 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Interface Shows the interface via which the row entry was learnt. MAC Address Shows the MAC address of the destination or source device. IP address Shows the IP address of the target device. Media Type Shows the type of connection. - Dynamic The device recognized the address data automatically. - Static The addresses were entered as static addresses IPv6 Neighbor Table Assignment of MAC address and IPv6 address Via the IPv6 neighbor table, there is a unique assignment of MAC address to IPv6 address. This assignment is kept by each network node in its own separate neighbor table. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Displays the interface via which the row entry was learnt. MAC Address Shows the MAC address of the destination or source device. IP Address Shows the IPv6 address of the destination device. Media Type Shows the type of connection. - Dynamic The device recognized the address data automatically. - Static The addresses were entered as static addresses. 1180 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Log table Logging events Note The page is only available if there is an online connection to the device. The device allows you to log events that occur, some of which you can specify in " System > Events". This, for example, allows you to record when an authentication attempt failed or when the connection status of a port has changed. The content of the events log table is retained even when the device is turned off. Settings Severity Filter You can filter the entries in the table according to severity. Select the required entries in the check boxes above the table. - Info Information - When this parameter is enabled, all entries of the category "Info" are displayed. - Warning Warning When this parameter is enabled, all entries of the category "Warning" are displayed. - Critical Critical When this parameter is enabled, all entries of the category "Critical" are displayed. The table has the following columns: - Restart Counts the number of restarts since you last reset to factory settings and shows the device restart after which the corresponding event occurred. - System Up Time Shows the time the device has been running since the last restart when the described event occurred. - System Time Shows the date and time when the described event occurred. If the system time is set, the time is also displayed at which the event occurred. - Severity Shows the severity of the message. - Log Message Displays a brief description of the event that has occurred. You will find the list of possible messages in Appendix D of the configuration manual. WinCC Advanced V14 System Manual, 10/2016 1181 Editing devices and networks 10.1 Configuring devices and networks Buttons Delete Click this button to delete the content of the event log file. All entries are deleted regardless of what you have selected under "Severity Filters". The display is also cleared. The restart counter is only reset after you have restored the device to the factory settings and restarted the device. Note The table can contain 400 entries for each severity. The number of entries in this table is restricted to 1200. When this number is reached, the oldest entries of the relevant severity are discarded. The table remains permanently in memory. Fault Error status Note The page is only available if there is an online connection to the device. if an error occurs, it is shown on this page. On the device, errors are indicated by red fault LED lighting up. Internal errors of the device and errors that you configure on the following pages are indicated: System > Events" "System" > Fault Monitoring" Errors of the "Cold/Warm Start" event can be deleted by a confirmation. The calculation of the time of an error always begins after the last system start. If there are no errors present, the fault LED switches off. Description of the displayed values No. of Signaled Faults Shows the number of reported faults. The table contains the following columns: Fault Time Shows the time the device has been running since the last restart when the described error/ fault occurred. Fault Description Displays a brief description of the fault/error that has occurred. Clear Fault State If the "Clear Fault State" button is enabled, you can delete the fault. "Reset Counters" button Click "Reset Counters" to reset all counters. The counters are reset by a restart. 1182 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Redundancy Spanning Tree Note The page is only available if there is an online connection to the device. The page shows the current information about the Spanning Tree and the settings of the root bridge. Displayed values Spanning Tree Mode Shows the set mode. You specify the mode in "Layer 2 > Spanning Tree > General". The following values are possible: - '-' - STP - RSTP - MSTP Instance ID Shows the number of the instance. The parameter depends on the configured mode. Bridge Priority / Root Priority Which device becomes the root bridge is decided by the bridge priority. The bridge with the highest priority (in other words, with the lowest value for this parameter) becomes the root bridge. If several devices in a network have the same priority, the device whose MAC address has the lowest numeric value will become the root bridge. Both parameters, bridge priority and MAC address together form the bridge identifier. Since the root bridge manages all path changes, it should be located as centrally as possible due to the delay of the frames. The value for the bridge priority is a whole multiple of 4096. Bridge address / root address The bridge address shows the MAC address of the device and the root address shows the MAC address of the root bridge. Root Cost Shows the path costs from the device to the root bridge. Bridge Status Shows the status of the bridge, e.g. whether or not the device is the root bridge. Regional root priority (available only with MSTP) For a description, see Bridge priority / Root priority. Regional root address (available only with MSTP) Shows the MAC address of the device. Regional Root Cost (only available with MSTP) The path costs from this device to the regional root bridge. WinCC Advanced V14 System Manual, 10/2016 1183 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Port Shows the port via which the device communicates. Role Shows the status of the port. The following values are possible: - Disabled The port was removed manually from the spanning tree and will no longer be taken into account by the spanning tree. - Designated The ports leading away from the root bridge. - Alternate The port with an alternative route to a network segment - Backup If a switch has several ports to the same network segment, the "poorer" port becomes the backup port. - Root The port that provides the best route to the root bridge. - Master This port points to a root bridge located outside the MST region. Status Displays the current status of the port. The values are only displayed. The parameter depends on the configured protocol. The following statuses are possible: - Discarding The port receives BPDU frames. Other incoming or outgoing frames are discarded. - Listening The port receives and sends BPDU frames. The port is involved in the spanning tree algorithm. Other outgoing and incoming frames are discarded. - Learning The port actively learns the topology; in other words, the node addresses. Other outgoing and incoming frames are discarded. - Forwarding Following the reconfiguration time, the port is active in the network. The port receives and sends data frames. Oper. Version Shows which Spanning Tree protocol is used by the port. Priority If the path calculated by the spanning tree is possible over several ports of a device, the port with the highest priority (in other words the lowest value for this parameter) is selected. A value between 0 and 240 can be entered for the priority in steps of 16. If you enter a value that cannot be divided by 16, the value is automatically adapted. 1184 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Path Cost This parameter is used to calculate the path that will be selected. The path with the lowest value is selected. If several ports of a device have the same value, the port with the lowest port number will be selected. If the value "Cost Calc." is "0", the automatically calculated value is shown. Otherwise, the value of "Cost Calc." is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000. You configure the "Cost. Calc." on the pages "Layer 2 > Spanning Tree > CIST Port" and "Layer 2 > Spanning Tree > MST Port". Edge type Shows the type of the connection. The following values are possible: - Edge Port An edge port is connected to this port. - No Edge Port There is a spanning tree device at this port. P.t.P. Type Shows the type of point-to-point link. The following values are possible: - P.t.P. With half duplex, a point-to-point link is assumed. - Shared Media With a full duplex connection, a point-to-point link is not assumed. VRRP statistics Introduction Note The page is only available if there is an online connection to the device. This page shows the statistics of the VRRP protocol and all configured virtual routers. WinCC Advanced V14 System Manual, 10/2016 1185 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed values The following fields are displayed: VRID errors Shows how many VRRP frames containing an unsupported VRID were received. Version errors Shows how many VRRP frames containing an invalid version number were received. Checksum errors Shows how many VRRP frames containing an invalid checksum were received. The table has the following columns: Interface Interface to which the settings relate. VRID Shows the ID of the virtual router. Change to master status Shows how often this virtual router changed to the "Master" role. Advertisements recd. Shows how often a VRRP frame was received that contained a bad address list. Advertisement Interval Errors Shows how many bad VRRP packets were received whose interval does not match the value set locally. IP TTL errors Shows how many bad VRRP packets were received whose TTL (Time to live) value in the IP header is incorrect. Prio 0 received Shows how many VRRP packets with priority 0 were received. VRRP packets with priority 0 are sent when a master router is shut down. These packets allow a fast handover to the relevant backup router. Prio 0 sent Shows how many VRRP packets with priority 0 were sent. Packets with priority 0 are sent when a master router is shut down. These packets allow a fast handover to the relevant backup router. Invalid Type Shows how many bad VRRP packets were received whose authentication type was not 0. Type 0 means "no authentication". Address List Errors Shows how many bad VRRP packets were received whose address list does not match the locally configured list. Invalid Auth. Type Shows how many bad VRRP packets were received whose authentication type was not type 0. Type 0 means "no authentication". 1186 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Auth. Type Mismatch Shows how many bad VRRP frames were received whose authentication type does not match. Frame length error Shows how many bad VRRP frames were received whose length is not correct. VRRP Statistics Introduction This page shows the statistics of the VRRPv3 protocol and all configured virtual routers. Note The page is only available if there is an online connection to the device. Displayed values The following fields are displayed: VRID Errors Shows how many VRRPv3 packets containing an unsupported VRID were received. Version Errors Shows how many VRRPv3 packets containing an invalid version number were received. Checksum Errors Shows how many VRRPv3 packets containing an invalid checksum were received. The table has the following columns: Interfaces Interface to which the settings relate. VRID Shows the ID of the virtual router. Valid values are 1 ... 255. Type Shows the version of the IP protocol. Become Master Shows how often this virtual router changed to the "Master" status. Advertisements Received Shows how many VRRPv3 packets were received. Advertisement Interval Errors Shows how many bad VRRPv3 packets were received whose interval does not match the value set locally. IP TTL Errors Shows how many bad VRRPv3 packets were received whose TTL (Time to live) value in the IP header is incorrect. WinCC Advanced V14 System Manual, 10/2016 1187 Editing devices and networks 10.1 Configuring devices and networks Prio 0 received Shows how many VRRPv3 packets with priority 0 were received. VRRPv3 packets with priority 0 are sent when a master router is shut down. These packets allow a fast handover to the relevant backup router. Prio 0 sent Shows how many VRRPv3 packets with priority 0 were sent. Packets with priority 0 are sent when a master router is shut down. These packets allow a fast handover to the relevant backup router. Invalid Type Shows how many bad VRRPv3 packets were received whose value in the "Type" field of the IP header is invalid. Address List Errors Shows how many bad VRRPv3 packets were received whose address list does not match the locally configured list. Packet Length Errors Shows how many bad VRRPv3 packets were received whose length is not correct. Ring Redundancy Note The page is only available if there is an online connection to the device. Automatic Redundancy Detection (ARD) is the default when the device ships. If you want to use the previous High Speed Redundancy Protocol (HRP), HRP must be configured. Reconfiguration time of the frame traffic following a failover in MRP: 200 ms Reconfiguration time of the frame traffic following a failover in HRP: 300 ms This page informs you about the values currently set for the device. 1188 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description The following fields are displayed: Redundancy Function The "Redundancy Function" column shows the role of the device within the ring: - no Ring Redundancy The IE switch is operating without redundancy function. - HRP Client The IE switch is operating as an HRP client. - HRP manager The IE switch is operating as an HRP manager. - MRP Client The IE switch is operating as an MRP client. - MRP manager The IE switch is operating as an MRP manager. Using STEP 7, the role "Manager" was set for the device. - MRP Auto-Manager The IE switch is operating as an MRP manager. Using WBM or CLI the role "MRP AutoManager" or using STEP 7 the role "Manager (Auto)" was set. RM Status The "RM Status" column shows whether or not the IE switch is operating as redundancy manager and whether it has opened or closed the ring in this role. - Passive The IE switch is operating as redundancy manager and has opened the ring; in other words, the line of switches connected to the ring ports is operating problem free. The "Passive" status is also displayed if the IE switch is not operating as the redundancy manager (Redundancy manager disabled). - Active The IE switch is operating as redundancy manager and has closed the ring; in other words, the line of switches connected to the ring ports is interrupted (problem). The redundancy manager connects its ring ports through and restores an uninterrupted linear topology. - "-" The redundancy function is disabled. Observer Status Shows the current status of the observer. Ring Port 1 and Ring Port 2 The "Ring Port 1" and "Ring Port 2" columns show the ports being used as ring ports. WinCC Advanced V14 System Manual, 10/2016 1189 Editing devices and networks 10.1 Configuring devices and networks No. of Changes to RM Active State Shows how often the device as redundancy manager switched to the active status, i.e. closed the ring. If the redundancy function is disabled or the device is not the HRP/MRP manager, the text "Redundancy manager disabled" appears. Max. delay of the RM test frames [ms] Shows the maximum delay for test frames of the redundancy manager. If the redundancy function is disabled or the device is not the HRP/MRP manager, the text "Redundancy manager disabled" appears. Standby Note The page is only available if there is an online connection to the device. On this page, you obtain information about the status of the device in terms of standby redundancy. The text boxes on this page are read-only. Note Device with the higher MAC address becomes master When linking HRP rings redundantly, two devices are always configured as a master/slave pair. This also applies to interrupted HRP rings = linear buses. When operating normally, the device with the higher MAC address adopts the role of master. This type of assignment is important in particular when a device is replaced. Depending on the MAC addresses, the previous device with the slave function can take over the role of the standby master. The Standby tab shows the status of the standby function: Description The following fields are displayed: Standby ports Shows the standby port. Standby name Standby connection name 1190 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Standby Function Shows whether the standby connection is activated or deactivated. - Master The device has a connection to the partner device and is operating as master. In normal operation, the standby port of this device is active. - Slave The device has a connection to the partner device and is operating as slave. In normal operation, the standby port of this device is inactive. - Disabled The standby link is disabled. The device is operating neither as master nor slave. The port configured as a standby port works as a normal port without standby function. - Connection establishment No connection has yet been established to the partner device. The standby port is inactive. In this case, either the configuration on the partner device is inconsistent (for example incorrect connection name, standby link disabled) or there is a physical fault (for example device failure, link down). - Connection lost The existing connection to the partner device has been lost. In this case, either the configuration on the partner device was modified (for example a different connection name, standby link disabled) or there is a physical fault (for example device failure, link down). Standby status Shows the status of the standby port: - Active The standby port of this device is active; in other words is enabled for frame traffic. - Passive The standby port of this device is inactive; in other words is blocked for frame traffic. - "-" The standby function is disabled. No. of Changes to Standby Active State Shows how often the IE switch has changed the standby status from "Passive" to "Active". If the connection of a standby port fails on the standby master, the IE switch changes to the "Active" status. If the standby function is disabled, the text "Standby Disabled" appears in this box. Following each restart on the device, the counters are automatically reset. WinCC Advanced V14 System Manual, 10/2016 1191 Editing devices and networks 10.1 Configuring devices and networks Ethernet Statistics Interface statistics Interface statistics The page shows the statistics from the interface table of the Management Information Base (MIB). Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: In Octet Shows the number of received bytes. Out Octet Shows the number of sent bytes. In Unicast Shows the number of received unicast frames. In Non Unicast Shows the number of received frames that are not of the type unicast. Out Unicast Shows the number of sent unicast frames. Out Non Unicast Shows the number of sent frames that are not of the type unicast. In Errors Shows the number of all possible RX errors, refer to the tab "Packet Error". Packet Size Frames sorted by length This page displays how many frames of which size were sent and received at each port. Note The page is only available if there is an online connection to the device. The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. 1192 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Port Shows the available ports and link aggregations. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Note Display of frame statistics In the statistics relating to frame lengths, note that both incoming and outgoing frames are counted. Frame lengths The other columns after the port number contain the absolute numbers of frames according to their frame length. The following frame lengths are distinguished: - 64 bytes - 65 - 127 bytes - 128 - 255 bytes - 256 - 511 bytes - 512 - 1023 bytes - 1024 - max. Note Data traffic on blocked ports For technical reasons, data packets can be indicated on blocked ports. Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. Frame type Received frames sorted by type This page displays how many frames of the type "unicast", "multicast", and "broadcast" were received at each port. You cannot configure anything on this page. WinCC Advanced V14 System Manual, 10/2016 1193 Editing devices and networks 10.1 Configuring devices and networks The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Port Shows the available ports and link aggregations. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Unicast / Multicast / Broadcast The other columns after the port number contain the absolute numbers of the incoming frames according to their frame type "unicast", "multicast" and "broadcast". Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. Packet Errors Received bad frames This page shows how many bad frames were received per port. You cannot configure anything on this page. The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. Note The page is only available if there is an online connection to the device. 1194 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Port Shows the available ports and link aggregations. Error types The other columns after the port number contain the absolute numbers of the incoming frames according to their error type. In the columns of the table, a distinction is made according to the following error types: - CRC Packets whose content does not match the CRC checksum. - Undersize Packets with a length less than 64 bytes. - Oversize Frames discarded because they were too long. - Fragments Packets with a length less than 64 bytes and a bad CRC checksum. - Jabbers VLAN-tagged packets with an incorrect CRC checksum that were discarded because they were too long. - Collisions Collisions that were detected. Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. History Samples of the statistics The page shows samples from each port with information from the statistics. On the page "Layer 2 > RMON > History", you can set the ports for which samples will be taken. Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1195 Editing devices and networks 10.1 Configuring devices and networks Settings Port Select the port for which the history will be displayed. Displayed values Entries Maximum number of samples that can be saved at the same time. Interval [s] Interval after which the current status of the statistics will be saved as a sample. The table has the following columns: Sample Number of the sample Time for the Sample System up time at which the sample was taken. Unicast Number of received unicast frames. Multicast Number of received multicast frames. Broadcast Number of received broadcast frames. CRC Number of frames with a bad CRC checksum. Undersize Number of frames that are shorter than 64 bytes. Oversize Number of frames discarded because they were too long. Fragments Number of frames that are shorter than 64 bytes and have a bad CRC checksum. Jabbers Number of frames with a VLAN tag that have a bad CRC checksum and will be discarded because they are too long. Collisions Number of collisions of received frames. Utilization Utilization of the port during a sample. Unicast This page shows the current content of the unicast filter table. This table lists the source addresses of unicast address frames. Entries can be made either dynamically when a node sends a frame to a port or statically by the user setting parameters. 1196 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description VLAN ID Shows the VLAN-ID assigned to this MAC address. MAC Address Shows the MAC address of the node that the device has learned or the user has configured. Status Shows the status of each address entry: - Learnt The specified address was learned by receiving a frame from this node and will be deleted when the aging time expires if no further packets are received from this node. Note If there is a link down, learned MAC entries are deleted. - Static Configured by the user. Static addresses are stored permanently; in other words, they are not deleted when the aging time expires or when the switch is restarted. Port Shows the port via which the node with the specified address can be reached. Frames received by the device whose destination address matches this address will be forwarded to this port. Multicast This table shows the multicast frames currently entered in the multicast filter table and their destination ports. The entries can be dynamic (the device has learned them) or static (the user has set them). Description VLAN ID Shows VLAN ID of the VLAN to which the MAC multicast address is assigned. MAC Address Shows the MAC multicast address that the device has learned or the user has configured. WinCC Advanced V14 System Manual, 10/2016 1197 Editing devices and networks 10.1 Configuring devices and networks Status Shows the status of each address entry. The following information is possible: - Static The address was entered statically by the user. Static addresses are stored permanently; in other words, they are not deleted when the aging time expires or when the device is restarted. These must be deleted by the user. - IGMP The destination port for this address was obtained by IGMP configuration. - MLD The destination port for this address was determined by MLD configuration. - GMRP The destination port for this address was registered by a received GMRP frame. List of ports There is a column for each slot. Within a column, the multicast group to which the port belongs is shown: - M (Member) Multicast frames are sent via this port. - R (Registered) Member of the multicast group, registration was by an GMRP frame. - I (IGMP/MLD) Member of the multicast group, registration was by an IGMP/MLD frame. - - Not a member of the multicast group. No multicast frames with the defined multicast MAC address are sent via this port. - F (Forbidden) Not a member of the multicast group. Moreover, this address must not be an address learned dynamically with GMRP or IGMP/MLD. LLDP Note The page is only available if there is an online connection to the device. Status of the neighborhood table This page shows the current content of the neighborhood table. This table stores the information that the LLDP agent has received from connected devices. You set the interfaces via which the LLDP agent receives or sends information in the following section: "Layer 2 > LLDP". 1198 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed values The table contains the following columns: System name System name of the connected device. Device ID Device ID of the connected device. Local interface Port at which the IE switch received the information. Hold Time An entry remains stored in the MIB for the time specified here. If the IE switch does not receive any new information from the connected device during this time, the entry is deleted. Property Shows the properties of the connected device: - Router - Bridge - Telephone - DOCSIS Cable Device - WLAN Access Point - Repeater - Station - Other Port ID Port of the device with which the IE switch is connected. DHCP Server This page shows whether IPv4 addresses were assigned to the devices by the DHCP server. Note The page is only available if there is an online connection to the device. Description IP Address Shows the IPv4 address assigned to the device. Pool ID Shows the number of the IPv4 address band. Identification method Shows the method according to which the DHCP client is identified. WinCC Advanced V14 System Manual, 10/2016 1199 Editing devices and networks 10.1 Configuring devices and networks Identification value Shows the MAC address or he client ID of the DHCP client. Remote ID Shows the remote ID of the DHCP client. Circuit ID Shows the circuit ID of the DHCP client. Assignment method Shows whether the IPv4 address was assigned statically or dynamically. You configure the static entries in "System > DHCP > Static Leases". Assignment status Shows the status of the assignment. - Assigned The assignment is used. - Not used The assignment is not used. - Probing The assignment is being checked. - Unknown The status of the assignment is unknown. Expire Time Shows how long the assigned IPv4 address is still valid. Once this period has elapsed, the device must either request a new IPv4 address or extend the lease time of the existing IPv4 address. Diagnostics This page shows the diagnostics values of internal and external modules of the device. The modules are only shown if they make diagnostics information available. If you add or remove a module, the display is automatically adapted. If the diagnostic value falls below or exceeds the displayed threshold values, the status changes accordingly. On the "System > Events > Configuration" page, you can specify how the device signals the status change. 1200 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description The Usage Table contains the following columns: Name Shows the name of the module. Status Depending on the relationship between the threshold values and the current temperature the following statuses are displayed in ascending priority. - OK The temperature value is within the preset threshold values. - WARNING The lower or upper threshold value of the severity level "Warning" was exceeded. - CRITICAL The lower or upper threshold value of the severity level "Critical" was exceeded. - INVALID The value could not be read out or is invalid. The "Power [%] box shows "-". - INITIAL No data has been read out yet. "-" is displayed in all boxes. Power [%] Shows the current value of the power. The display is updated at regular intervals. High Warning Threshold [%] If the value exceeds this value, the status changes to "WARNING". You can configure that you are informed by a message. High Critical Threshold [%] If the value exceeds this value, the status changes to "CRITICAL". You can configure that you are informed by a message. WinCC Advanced V14 System Manual, 10/2016 1201 Editing devices and networks 10.1 Configuring devices and networks The Temperature Table contains the following columns: Name Shows the name of the module. The information in the row "Chassis" relates to the inner temperature of the housing. With modular devices, the port is also specified. State Depending on the relationship between the threshold values and the current temperature the following statuses are displayed in ascending priority. - OK The temperature value is within the preset threshold values. - WARNING The lower or upper threshold value of the severity level "Warning" was exceeded. - CRITICAL The lower or upper threshold value of the severity level "Critical" was exceeded. - INVALID The value could not be read out or is invalid. In the "Temperature [C]" box "-" is displayed. - INITIAL No data has been read out yet. "-" is displayed in all boxes. Temperature [C] Shows the current value of the temperature. The display is updated at regular intervals. The value can have a tolerance of +/- 3 C Lower Threshold [C] (Critical) If the value falls below this value, the status changes to "CRITICAL". You can configure that you are informed by a message. Lower Threshold [C] (Warning) If the value falls below this value, the status changes to "WARNING". You can configure that you are informed by a message. Upper Threshold [C] (Warning) If the value exceeds this value, the status changes to "WARNING". You can configure that you are informed by a message. Upper Threshold [C] (Critical) If the value exceeds this value, the status changes to "CRITICAL". You can configure that you are informed by a message. FMP Monitoring optical links With Fiber Monitoring, you can monitor optical links. The table shows the current status of the ports. 1202 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks You set the values to be monitored on the following page: "Layer 2 > FMP". Note The page is only available if there is an online connection to the device. Displayed values Port Shows the available optical ports. Rx Power State - disabled Fiber monitoring is disabled. - ok The value for the received power of the optical link is within the set limits - maint. req. Check the link. A warning is signaled. - maint. dem. The link needs to be checked. An alarm is signaled and the fault LED is lit. - link down - The connection is interrupted. WinCC Advanced V14 System Manual, 10/2016 1203 Editing devices and networks 10.1 Configuring devices and networks RX Power Shows the current value of the received power. The value can have a tolerance of +/- 3 dB. If there is no connection (link down) or fiber monitoring is disabled, "-" is displayed. If fiber monitoring is not enabled on the partner port, the value 0.0 is displayed. Power Loss State To be able to monitor the power loss of the connection, the port requires a link to another port with FM enabled. - disabled FM is disabled. - ok The value for the power loss of the optical link is OK. - maint. req. Check the link. A warning is signaled. - maint. dem. The link needs to be checked. An alarm is signaled and the fault LED is lit. - idle The port has no connection to another port with fiber monitoring enabled. If no diagnostics information is received from the optical port of the connection partner for 5 cycles, the fiber monitoring connection is assumed to be interrupted. A cycle lasts 5 seconds. Power Loss [dB] Shows the current value of the power loss. The value can have a tolerance of +/- 3 dB. If there is no connection (link down), fiber monitoring is disabled or the partner port does not support fiber monitoring, "-" is displayed. IPv4 routing Routing table This page shows the routes currently being used. Description The table has the following columns: Destination network Shows the destination address of this route. Subnet mask Shows the subnet mask of this route. Gateway Shows the gateway for this route. Interface Shows the interface for this route. 1204 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Metric Shows the metric of the route. The higher value, the longer the packets require to their destination. Routing protocol Shows the routing protocol from which the entry in the routing table originates. The following entries are possible: - Connected: Connected routes - Static: Static routes - RIP: Routes via RIP - OSPF: Routes via OSPF - other: Other routes OSPFv2 interfaces Overview Note The page is only available if there is an online connection to the device. This page shows the configuration of the OSPF interface. Description of the displayed values The table has the following columns: IP Address Shows the IPv4 address of the OSPF interface Area ID Shows the Area ID to which the OSPF interface belongs. WinCC Advanced V14 System Manual, 10/2016 1205 Editing devices and networks 10.1 Configuring devices and networks Interface Status Shows the status of the WLAN interface: - Down The interface is not available. - Loopback Loopback interface - Waiting Startup and negotiation of the interface. - Point to Point Point-to-point connection - Designated Router The router is a designated router and generates a network LSA. - Backup D. Router The router is backup for the designated router. - Other D. Router The interface is started up. The router is neither a designated router nor a backup designated router. OSPF status Shows the status of OSPF. - Enabled: OSPF is enabled on the interface. - Disabled: OSPF is disabled on the interface. Designated Router Shows the IPv4 address of the designated router for this OSPF interface. Backup Designated Router Shows the IPv4 address of the designated backup router for this OSPF interface. Events Shows the number of status changes of OSPF. OSPFv2 neighbors Note The page is only available if there is an online connection to the device. This page shows the dynamically detected neighbor routers in the relevant networks. Description of the displayed values The table has the following columns: IP Address Shows the IPv4 address of the neighbor router in this network. Router ID Shows the ID of the neighbor router. The two addresses can match. 1206 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Status Shows the status of the neighbor router. The status can adopt the following values: - unknown Status of the neighbor router is unknown. - down The neighbor router cannot be reached. - attemptand init Short-lived statuses during initialization - two-way Two-way receipt of Hello packets. Specification of the designated router and the designated backup router. - exchangestart, exchange and loading Status during exchange of the LSAs - full The database is complete and synchronized within the area. The routes can now be detected. Note Normal status If the partner router is a designated router or a designated backup router, the status is "full". Otherwise the status is "two-way". Assoc. Area Type Shows the area type via which the neighbor-neighbor relation is maintained. The following area types exist: - Normal - Stub - NSSA - Backbone Priority Shows the priority of the neighbor router. This is only significant when selecting the designated router on a network. For virtual neighbor routers, this information is irrelevant. Hello suppr Shows the suppressed Hello packets to the neighbor router. This field normally displays "no". Hello Queue Shows the length of the queue with Hello packets still to be transmitted. Events Shows the number of status changes. WinCC Advanced V14 System Manual, 10/2016 1207 Editing devices and networks 10.1 Configuring devices and networks OSPFv2 virtual neighbors Note The page is only available if there is an online connection to the device. This page shows the configured virtual neighbor routers. Overview The table has the following columns: IP Address Shows the IPv4 address of the virtual neighbor router in this network. Router ID Shows the router ID of the virtual neighbor router. Status Shows the status of the neighbor router. The status can adopt the following values: - unknown Status of the neighbor router is unknown. - down The neighbor router cannot be reached. - attemptand init Short-lived statuses during initialization - two-way Two-way receipt of Hello packets. Specification of the designated router and the designated backup router. - exchangestart, exchange and loading Status during exchange of the LSAs - full The database is complete and synchronized within the area. The routes can now be detected. Note Normal status If the partner router is a designated router or a designated backup router, the status is "full". Otherwise the status is "two-way". Transit Area ID Shows the ID of the area via which the virtual neighborhood relation exists. Hello Suppr. Shows whether there are suppressed Hello packets to the virtual neighbor router. - no: There are no suppressed Hello packets (default) - yes: There are suppressed Hello packets. 1208 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Hello Queue Shows the length of the queue with Hello packets still to be transmitted. Events Shows the number of status changes. OSPFv2 LSDB Overview Note The page is only available if there is an online connection to the device. The link state database is the central database for managing all links within an area. It consists of the link state advertisements (LSAs). The most important data of these LSAs is shown on the this WBM page. WinCC Advanced V14 System Manual, 10/2016 1209 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed boxes The table has the following columns: Area ID Shows the ID of the area to which the LSA belongs. If the LSA is an external connection, '-' is displayed. LSA type Shows the LSA type. The following values are possible: - unknown LSA type is unknown. - Router The router LSA (Type 1) is sent by the OSPF router within an area. The LSA contains information about the status of all router interfaces. - Network The network LSA (Type 2) is sent by the designated router within an area. The LSA contains a list of routers connected to the network. - NSSA External The NSSA external LSA (Type 7) is sent by the NSSA-ASBR within an NSSA. The NSSA-ASBR receives LSAs of Type 5 and converts the information to LSAs of Type 7. The NSSA router can forward these LSAs within an NSSA. - Summary The summary LSA (Type 3) is sent by the ABR within an area. The LSA contains information about routes to other networks. - AS Summary The AS summary LSA (Type 4) is sent by the area border router within an area. The LSA contains information about routes to other autonomous systems. - AS External The AS external LSA (Type 5) is sent by the AS border router within an autonomous system. The LSA contains information about routes from one network to another. Link State ID Shows the ID of the LSA. Router ID Shows the ID of the router that sent this LSA. Sequence number Shows the sequence number of the LSA. Each time an LSA is renewed, this sequence number is incremented by one. RIPv2 statistics Overview Note The page is only available if there is an online connection to the device. 1210 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks This page shows the statistics of the RIP interface. Description of the displayed values The table has the following columns: IP address Shows the IP address of the RIPv2 interface Bad packets Number of received RIP packets that were deleted and therefore ignored. Bad Routes Number of routes of valid RIP packets that could not be taken into consideration. Updates Sent Shows how often the router has sent its routing table to its neighbor routers. NAT Translations Overview This page displays the active NAT connections. Description of the displayed values The table has the following columns: Interface Shows the IP interface. Inside Local Address Shows the actual address of the device that should be reachable from external. Inside Local Port Shows the port that is assigned to the Inside Local Address. Inside Global Address Shows the address at which the device can be reached from external. Inside Global Port Shows the port that is assigned to the Inside Global Address. Outside Local/Global Address Shows the address of the communications partner. Outside Local/Global Port Displays the port of the external communications partner. Last Use Time Shows the time at which the last packet was transferred. WinCC Advanced V14 System Manual, 10/2016 1211 Editing devices and networks 10.1 Configuring devices and networks IPv6 routing Routing table Introduction This page shows the IPv6 routes currently being used. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Destination Network Shows the destination address of this route. Prefix Length Shows the prefix length of this route. Gateway Shows the gateway for this route. Interface Shows the interface for this route. Metric Shows the metric of the route. The higher value, the longer packets require to their destination. Routing Protocol Shows the routing protocol from which the entry in the routing table originates. The following entries are possible: - connected: Connected routes - Static: Static routes - RIPng: Routes via RIPng - OSPFv3: Routes via OSPFv3 - other: Other routes 1212 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks OSPFv3 Interfaces Overview This page shows the configuration of the OSPFv3 interface. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Shows the interface to which the settings relate. Area ID Shows the Area ID to which the OSPF interface belongs. Interface Status Shows the status of the interface. - Down The interface is not available. - Loop back Loop back interface - Waiting Startup and negotiation of the interface. - Point to Point Point-to-point connection - Designated Router The router is a designated router and generates network LSAs. - Backup D. Router The router is the backup router for the designated router. - S D. Router The Interface has started up. The router is neither a designated nor a designated backup router. OSPF Status Shows the status of OSPF. - Enabled: OSPF is enabled on the interface. - Disabled: OSPF is disabled on the interface. Designated Router Shows the IPv6 address of the designated router for this OSPFv3 interface. WinCC Advanced V14 System Manual, 10/2016 1213 Editing devices and networks 10.1 Configuring devices and networks Backup Designated Router Shows the IPv6 address of the designated backup router for this OSPFv3 interface. Events Shows the number of status changes of OSPFv3. OSPFv3 neighbors Overview This page shows the dynamically detected neighbor routers in the relevant networks. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Displays the OSPFv3 interface via which the neighbor router can be reached. Router ID Shows the ID of the neighbor router. Status Shows the status of the neighbor router. The status can adopt the following values: - unknown Status of the neighbor router is unknown. - down The neighbor router cannot be reached. - attempt und init Short-lived status during initialization - two-way Two-way receipt of Hello packets. Specification of the designated router and the designated backup router. - exchangestart, exchange und loading Status during exchange of the LSAs - full The database is complete and synchronized within the area. The routes can now be detected. Note Normal status If the partner router is a designated router or a designated backup router, the status is "full". Otherwise the status is "two-way". 1214 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assoc. Area Type Shows the area type via which the neighbor-neighbor relation is maintained. The following area types exist: - Standard - Stub - NSSA - Backbone Priority Shows the priority of the neighbor router. This is only significant when selecting the designated router on a network. For virtual neighbor routers, this information is irrelevant. Hello suppr Shows the suppressed Hello packets to the neighbor router. This field normally displays "no". Retrans Queue Shows the length of the queue with Hello packets still to be transmitted. Events Shows the number of status changes. OSPFv3 Virtual Neighbors Overview This page shows the configured virtual neighbors. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Displays the OSPFv3 interface via which the neighbor router can be reached. Router ID Shows the ID of the virtual neighbor router. WinCC Advanced V14 System Manual, 10/2016 1215 Editing devices and networks 10.1 Configuring devices and networks Status Shows the status of the virtual neighbor router. The status can adopt the following values: - unknown Status of the neighbor router is unknown. - down The neighbor router cannot be reached. - attempt und init Short-lived status during initialization - two-way Two-way receipt of Hello packets. Specification of the designated router and the designated backup router. - exchangestart, exchange und loading Status during exchange of the LSAs - full The database is complete and synchronized within the area. The routes can now be detected. Note Normal status If the partner router is a designated router or a designated backup router, the status is "full". Otherwise the status is "two-way". Trans. Area-ID Shows the ID of the area via which the virtual neighborhood relation exists. Hello suppr Shows the suppressed Hello packets to the neighbor router. This field normally displays "no". Retrans Queue Shows the length of the queue with Hello packets still to be transmitted. Events Shows the number of status changes. OSPFv3 AS-Scope LSDB Overview The AS-Scope LSDB consists of AS external LSAs. The most important data of these LSAs is shown on this page. Note The page is only available if there is an online connection to the device. 1216 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Link State Type - AS External The AS external LSA (Type 0x4005) is sent by the AS border router within an autonomous system. The LSA contains information about routes from one network to another. Link State ID Shows the ID of the LSA. Router ID Shows the ID of the router that sent this LSA. Sequence Number Shows the sequence number of the LSA. Each time an LSA is renewed, this sequence number is incremented by one. OSPFv3 Area-Scope LSDB Overview The Area-Scope LSDB is the central database for managing all links within an area. The most important data of the LSAs is shown on this page. Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1217 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Area ID Shows the ID of the area to which the LSA belongs. If the LSA is an external connection, '-' is displayed. Link State Type Shows the LSA type. The following values are possible: - Router The router LSA (Type 0x2001) is sent by the OSPF router within an area. The LSA contains information about the status of all router interfaces. However, no longer contains address information. This is contained in the new LSA type 0x2009. - Network The network LSA (Type 0x2002) is sent by the designated router within an area. The LSA contains a list of routers connected to the network. However, no longer contains address information. This is contained in the new LSA type 2009. - Inter-Area Prefix the inter-area prefix LSA (Type 0x2003) is sent by the ABR within an area. The LSA contains information about routes to other networks. - Inter-Area Router The inter-area router LSA (Type 0x2004) is sent by the area border router within an area. The LSA contains information about routes to other autonomous systems. - Type 7 The Type 7 LSA (Type 0x2007) is sent by the NSSA-ASBR within an NSSA. The NSSAASBR receives LSAs of Type 0x4005 and converts the information to LSAs of Type 0x2007. The NSSA router can forward these LSAs within an NSSA. - Intra-Area Prefix The intra-area prefix LSA (Type 0x2009) is only sent within an area. It contains the IPv6 prefixes connected to the router or network. Link State ID Shows the ID of the LSA. Router ID Shows the ID of the router that sent this LSA. Sequence Number Shows the sequence number of the LSA. Each time an LSA is renewed, this sequence number is incremented by one. 1218 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks OSPFv3 Link Scope LSDB Overview The link scope LSDB consists of the link LSAs. The most important data of these LSAs is shown on this page. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Shows the OSPFv3 interface to which the link LSA belongs. Link State Type - Link The link LSA (Type 0x2009) is sent by the router to every router linked to it. It contains the link local address of the router and a list with IPv6 prefixes configured on the link. Link State ID Shows the ID of the LSA. Router ID Shows the ID of the router that sent this LSA. Sequence Number Shows the sequence number of the LSA. Each time an LSA is renewed, this sequence number is incremented by one. RIPng Statistics Overview This page shows the statistics of the RIPng interfaces. Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1219 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Interface Shows the RIPng interface. Status Shows the status of the RIPng interface. - up - down Messages Received Shows how often the router has received messages. Requests Received Shows how often the router has received requests. Responses Received Shows how often the router has received responses. Unknown Commands Shows how many RIPng packets were received whose value in the "Commands" field of the RIPng header is unknown. Known values are 1 for requests and 2 for responses. Other version Shows how many RIPng packets were received whose value in the "Version" field is not 1. Discards Shows how often the router has discarded RIPng packets. Messages Sent Shows how often the router has sent messages. Requests Sent Shows how often the router has sent requests. Responses Sent Shows how often the router has sent responses. Updates Sent Shows how often the router has sent its routing table to its neighbor routers. Security Overview This page shows the security settings and the local and external user accounts. Note The page is only available if there is an online connection to the device. The values displayed depend on the rights of the logged-on user. 1220 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values Services The "Services" list shows the security settings. Telnet Server You configure the setting in "System > Configuration". - Enabled: Unencrypted access to the CLI. - Disabled: No unencrypted access to the CLI. SSH Server You configure the setting in "System > Configuration". - Enabled: Encrypted access to the CLI. - Disabled: No encrypted access to the CLI. Web Server You configure the setting in "System > Configuration". - HTTP/HTTPS: Access to the WBM is possible with HTTP and HTTPS. - HTTPS: Access to the WBM is now only possible with HTTPS. SNMP You can configure setting in "System > SNMP > General". - "-" (SNMP disabled) Access to device parameters via SNMP is not possible. - SNMPv1/v2c/v3 Access to device parameters is possible with SNMP versions 1, 2c or 3. - SNMPv3 Access to device parameters is possible only with SNMP version 3. WinCC Advanced V14 System Manual, 10/2016 1221 Editing devices and networks 10.1 Configuring devices and networks Management ACL You configure the setting in "Security > Management ACL". - Disabled: No access restriction The access control is disabled. - Enabled: No access restriction The access control is enabled but no access rules have been defined. - Enabled: Restricted access only The access control is enabled and access rules have been defined. Login Authentication You configure the setting in "Security > AAA > General". - Local The authentication must be made locally on the device. - RADIUS The authentication must be handled via a RADIUS server. - Local and RADIUS The authentication is possible both with the users that exist on the device (user name and password) and via a RADIUS server. The user is first searched for in the local database. If the user does not exist there, a RADIUS query is sent. - RADIUS and fallback local The authentication must be handled via a RADIUS server. A local authentication is performed only when the RADIUS server cannot be reached in the network. Local and external user accounts You configure local user accounts and roles in "Security > User Accounts" When you create a local user account an external user account is generated automatically. Local user accounts involve users each with a password for logging in on the device. In the table "External User Accounts" a user is linked to a role, for example the user "Observer" with the role "user" In this case, the user is defined on a RADIUS server. The roll is defined locally on the device. When a RADIUS server authenticates a user, the corresponding group however is unknown or does not exist, the device checks whether or not there is an entry for the user in the table "External User Accounts". If an entry exists, the user is logged in with the rights of the associated role. If the corresponding group is known on the device, both tables are evaluated. The user is assigned the role with the higher rights. Note The table "External User Accounts" is only evaluated if you have set "Vendor Specific" in the RADIUS Authorization Mode". With CLI you can access external user accounts. 1222 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table "Local User Accounts" has the following columns: User Account Shows the name of the local user. Role Shows the role of the user. You can obtain more information on the function rights of the role in "Information > Security > Roles". The table "External User Accounts" has the following columns: User Account Shows the name of the user on the RADIUS server. Role Shows the role assigned to the user on the device. You can obtain more information on this in "Information > Security > Roles". Supported Function Rights The page shows the function rights available locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. Displayed values Function Right Shows the number of the function right. Different rights relating to the device parameters are assigned to the numbers. Description Shows the description of the function right. Groups This page shows which group is linked to which role. The group is defined on a RADIUS server. The roll is defined locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. WinCC Advanced V14 System Manual, 10/2016 1223 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Group Shows the name of the group. The name matches the group on the RADIUS server. Role Shows the role. Users who are authenticated with the linked group on the RADIUS server receive the rights of this role locally on the device. Description Shows a a description for the link. Roles The page shows the roles valid locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. Displayed values This table contains the following columns: Role Shows the role. Function Right Shows the function rights of the role: - 1 Users with this role can read device parameters but cannot change them. - 15 Users with this role can both read and change device parameters. - 0 This is a role that the device assigns internally when the user could not be authenticated. The user is denied access to the device. Description Shows a description of the role. Configuring system functions Configuration The page contains the configuration overview of the access options of the device. Specify the services that access the device. With some services, there are further configuration pages on which more detailed settings can be made. 1224 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Telnet Server Enable or disable the "Telnet Server" service for unencrypted access to the CLI. SSH server Enable or disable the "SSH Server" service for encrypted access to the CLI. HTTPS server only If this function is enabled, you can only access the device via HTTPS. DNS client Enable or disable depending on whether the IE switch should operate as a DNS client. You can configure other settings in "System > DNS Client". SMTP Client Enable or disable the SMTP client. You can configure other settings in "System > SMTP Client". Syslog Client Enable or disable the Syslog client. You can configure other settings in "System > Syslog client". DCP Server Specify whether or not the device can be accessed with DCP (Discovery and Configuration Protocol): - "-" (disabled) DCP is disabled. Device parameters can neither be read nor modified. - Read/write access With DCP, device parameters can be both read and modified. - Read-Only With DCP, device parameters can be read but cannot be modified. Time Select the required setting. The following settings are possible: - Manual The system time is set manually. You can configure other settings in "System > System Time > Manual Setting". - SNTP Client The system time is set via an SNTP server. You can configure other settings in "System > System time > SNTP client". - NTP Client The system time is set via an NTP server. You can configure other settings in "System > System time > NTP client". - SIMATIC Time The system time is set using a SIMATIC time transmitter. You can configure other settings in "System > System Time SIMATIC Time Client". - PTP Client(SCALANCE XR528-6M and XR552-12M only) The system time is set via a PTP server. You can configure other settings in "System > System Time > PTP Client". WinCC Advanced V14 System Manual, 10/2016 1225 Editing devices and networks 10.1 Configuring devices and networks SNMP Select the required protocol. The following settings are possible: - "-" (SNMP disabled) Access to device parameters using SNMP is not possible. - SNMPv1/v2c/v3 Access to device parameters is possible with SNMP versions 1, 2c or 3. You can configure other settings in "System > SNMP > General". - SNMPv3 Access to device parameters is possible with SNMP version 3. You can configure other settings in "System > SNMP > General". SNMPv1/v2 Read-Only Enable or disable write access to SNMP variables with SNMPv1/v2c. SNMPv1 traps Enable or disable the sending of SNMP traps (alarm frames). You can configure other settings in "System > SNMP > Traps". SINEMA configuration interface If the SINEMA configuration interface is enabled, you can download configurations to the IE switch via the TIA Portal. NFC (only with SCALANCE XM-400) Enable or disable the "NFC" function. You will find further information on NFC in the "SCALANCE XM400" Operating Instructions. Configuration mode Select the required operating mode. The following modes are possible: - Automatic save Automatic backup mode. Approximately 1 minute after the last parameter change or when you restart the device, the configuration is automatically saved. - Trial In the "Trial" configuration mode, although changes are adopted, they are not saved in the configuration file (startup configuration). To save changes in the configuration file, use the "Write startup config" button. The "Write startup config" button is displayed when you set trial mode. The display area also shows the message "Trial Mode Active - Click the "Write Startup Config" button to make your settings persistent" as soon as there are unsaved modifications. This message can be seen on every page until the changes made have either been saved or the device has been restarted. General Device This page contains the general device information. 1226 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Current System Time(Only available online) Shows the current system time. The system time is either set by the user or by a time-ofday frame: either SINEC H1 time-of-day frame, NTP or SNTP. (readonly) System Up Time(only available online) Shows the operating time of the device since the last restart. (readonly) Device Type(only available online) Shows the type designation of the device. (readonly) System Name You can enter the name of the device. The entered name is displayed in the selection area. A maximum of 255 characters are possible. The system name is also displayed in the CLI input prompt. The number of characters in the CLI input prompt is limited. The system name is truncated after 16 characters. System Contact You can enter the name of a contact person responsible for managing the device. Location You can enter the location of the device. The entered installation location is displayed in the selection area. Note The ASCII characters 0x20 to 0x7e are used in the input boxes. At the start and end of the input boxes"System name", "System Contact" and "System Location", the characters "<", ">" and "space" are not permitted. Coordinates On this page, you configure the geographic coordinates (latitude, longitude and the height above the ellipsoid according to WGS84). These boxes are purely for information with a maximum length of 32 characters. Getting the coordinates Use suitable maps for obtaining the geographic coordinates of the device. The geographic coordinates can also be obtained using a GPS receiver. The geographic coordinates of these devices are normally displayed directly and only need to be entered in the input boxes of this page. WinCC Advanced V14 System Manual, 10/2016 1227 Editing devices and networks 10.1 Configuring devices and networks Settings Latitude Enter the north or south latitude for the location of the device. For example, +49 1 31.67" means that the device is located at 49 degrees, 1 arc minute and 31.67 arc seconds north latitude. A south latitude is shown by a preceding minus character. You can also append the letters N (north latitude) or S (south latitude) to the numeric information (49 1 31.67" N). Longitude Enter the value of the eastern or western longitude of the location of the device. For example, +8 20 58.73" means that the device is located at 8 degrees, 20 minutes and 58.73 seconds east. A western longitude is indicated by a preceding minus sign. You can also add the letter E (eastern longitude) or W (western longitude) to the numeric information (8 20 58.73" E). Height Enter the value of the height above sea level in meters. For example, 158 m means that the device is located at a height of 158 m above sea level. Heights below sea level (for example the Dead Sea) are indicated by a preceding minus sign. Agent IP Configuration of the IP addresses Note The page is only available if there is an online connection to the device. On this page, you specify the IP configuration for the device. With devices with more than one IP interface, this call references the "Subnets > Configuration" menu item in the "Layer 3 (IPv4)" menu and the configuration of the TIA interface there. 1228 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The page contains the following boxes: IP Assignment Method Shows how the IP address is assigned. - Static The IP address is static. You enter the IP settings in the input boxes "IP Address" and "Subnet Mask". - Dynamic (DHCP) The device obtains a dynamic IP address from a DHCP server. IP Address Enter the IP address of the device. After clicking the "Set Values" button, this IP address is also displayed in the address bar of the Internet browser. If this does not take place automatically, you will need to enter the IP address in the address bar of the Internet browser manually. Subnet Mask Enter the subnet mask of the device. Default gateway Enter the IP address of the default gateway to be able to communicate with devices in another subnet, for example diagnostics stations, e-mail server. Agent VLAN ID Select the VLAN ID from the drop-down list. You can only select VLANs that have already been configured. In the mode "802.1D Transparent Bridge", this drop-down list is grayed out, see also "Layer 2 > VLAN > General". Note Changing the Agent VLAN ID If the configuration PC is connected directly to the device via Ethernet and you change the Agent VLAN ID , the device is no longer reachable via Ethernet following the change. MAC Address Shows the MAC address of the device. The MAC address is linked to the hardware and cannot be modified. DNS client On this page, you can configure up to 3 DNS servers. If there is more than one server, the order in the table specifies the order in which the servers are queried. The top server is queried first. The DNS () server (Domain Name System) assigns a domain name to an IP address so that a device can be uniquely identified. WinCC Advanced V14 System Manual, 10/2016 1229 Editing devices and networks 10.1 Configuring devices and networks If this function is enabled, the IE switch can communicate with a DNS server as a DNS client. You have the option of entering names in IP address boxes. Note The DNS client function can only be used if there is a DNS server in the network. Settings The page contains the following boxes: DNS Client Enable or disable depending on whether the IE switch should operate as a DNS client. Used DNS Servers Specify which DNS server the device uses: - learned only The device uses only the DNS servers assigned by DHCP. - manual only The device uses only the manually configured DNS servers. The DNS servers must be connected to the Internet. A maximum of three DNS servers can be configured. - all The device uses all available DNS servers. DNS Server IP Address Enter the IP address of the DNS server. Origin Shows whether the DNS server was configured manually or was assigned by DHCP. The table contains the following columns: DNS Server Address Shows the IP address of the DNS server. Origin Shows whether the DNS server was configured manually or was assigned by DHCP. Restart On this page, there is a button with which you can restart the device and the option of resetting to the factory settings. Note The page is only available if there is an online connection to the device. 1230 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Restart Note the following points about restarting a device: You can only restart the device with administrator privileges. A device should only be restarted with the buttons of this menu or with the appropriate CLI commands and not by a power cycle on the device. Any modifications you have made only become active on the device after clicking the "Set values" button on the relevant WBM page. If the device is in "Trial" mode, configuration modifications must be saved manually before a restart. In "Automatic Save" mode, the last changes are saved automatically before a restart. Reset to Factory Defaults By resetting all the settings to the factory settings, the IP address and the passwords are also lost. Following this, the device can only be accessed via the serial interface, using the Primary Setup Tool or using DHCP. NOTICE With the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. Resetting to defaults (profiles) The profiles provide a preconfiguration for various use cases of the devices. When you start a device with the default settings of a profile, the settings are reset to the factory settings and some parameters are set so that they are designed for a use case. In contrast to resetting to the factory settings. the users and passwords are retained after the restart. The configured IP address is lost so that device can then only be accessed via the serial interface, using the Primary Setup Tool or using DHCP. NOTICE With the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. Which settings were set specially for the profile are displayed before the restart. The profiles can be used independently of the factory setting of the device. Settings Note Note the effects of the individual functions described in the sections above. WinCC Advanced V14 System Manual, 10/2016 1231 Editing devices and networks 10.1 Configuring devices and networks To restart the device, the buttons on this page provide you with the following options: Restart Click this button to restart the system. You must confirm the restart in a dialog box. During a restart, the device is reinitialized, the internal firmware is reloaded, and the device runs a self-test. The settings of the start configuration are retained, e.g. the IP address of the device. The learned entries in the address table are deleted. You can leave the browser window open while the device restarts. After the restart you will need to log in again. Restore Factory Defaults and Restart Click this button to restore the factory defaults of the device and to restart the device. You must confirm the restart in a dialog box. The factory settings depend on the device. To restart the device with a predefined profile, the buttons on this page provide you with the following options: PROFINET Defaults Click this button to restore the default settings of the PROFINET profile and to restart the device. You must confirm the restart in a dialog box. The dialog box displays the settings specially made for operation with the PROFINET protocol. EtherNet/IP Defaults Click this button to restore the default settings of the EtherNet/IP profile and to restart the device. You must confirm the restart in a dialog box. The dialog box displays the settings specially made for operation with the EtherNet/IP protocol. Industrial Ethernet Defaults Click this button to restore the default settings of the Industrial Ethernet profile and to restart the device. You must confirm the restart in a dialog box. The dialog box displays the settings specially made for operation in the Industrial Ethernet environment. Load & save File types Overview of the file types File type Description Config This file contains the start configuration. Among other things, this device contains the definitions of the users, roles, groups and function rights. The passwords are stored the file "Users". ConfigPack Detailed configuration information. for example, start configuration, users, cer tificates ZIP file consisting of the Config, Users and LSYS fle. Debug This file contains information for Siemens Support. It is encrypted and can be sent by e-mail to Siemens Support without any security risk. EDS Electronic Data Sheet (EDS) Electronic data sheets for describing devices in the EtherNet/IP mode 1232 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks File type Description Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. GSDML PROFINET information on the device properties HTTPSCert Default HTTPS certificates including key The preset and automatically created HTTPS certificates are self-signed. We strongly recommend that you create your own HTTPS certificates and make them available. We recommend that you use HTTPS certificates signed either by a reliable external or by an internal certification authority. The HTTPS certifi cate checks the identity of the device and controls the encrypted data exchange. Certificates with a different format cannot be copied in. LogFile File with entries from the event log table MIB Private MSPS MIB file RunningCLI Text file with CLI commands This file contains an overview of the current configuration in the form of CLI commands. You can download the text file. The file is not intended to be uploa ded again unchanged. Script Text file with CLI commands You can upload a script file in a device. The CLI commands it contains are executed appropriately. StartupInfo Startup log file This file contains the messages that were entered in the log during the last start up. Users This file contains the assignment of the user names to the corresponding pass words. WBMFav WBM favorite pages This file contains the favorites that you created in the WBM.. You can download this file and upload it in other devices. Uploading and saving using HTTP Loading and saving data via HTTP This page allows you to store device data in an external file on your client PC or to load such data from an external file from the client PC to the devices. This means, for example, that you can also load new firmware from a file located on your client PC. Note The page is only available if there is an online connection to the device. This page is available both for connections using HTTP and for connections using HTTPS. WinCC Advanced V14 System Manual, 10/2016 1233 Editing devices and networks 10.1 Configuring devices and networks Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Note Incompatibility with predecessor versions During the installation of a previous version, the configuration data and log files can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. Incompatibility with previous firmware versions with/without PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "Not Accepted" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using the WBM page "System > PLUG". Configuration files Note Configuration files and trial mode/automatic save mode In "Automatic Save" mode, the data is saved automatically before the configuration files (ConfigPack and Config) are transferred. In trial mode, although the changes are adopted, they are not saved in the configuration files (ConfigPack and Config). Use the "Write Startup Config" button on the "System > Configuration" WBM page to save changes in the configuration file. CLI script file You can download existing CLI configurations (RunningCLI) and upload your own CLI scripts (Script). Note The downloadable CLI script is not intended to be uploaded again unchanged. Settings The table has the following columns: Type Shows the designation of the file. Description Shows the short description of the file type. 1234 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Load With this button, you can upload files to the device. The button can be enabled, if this function is supported by the file type. Save With this button, you can save files from the device. The button can only be enabled if this function is supported by the file type and the file exists on the device. Delete With this button, you can delete files from the device. The button can only be enabled if this function is supported by the file type and the file exists on the device. Note Following a firmware update, delete the cache of your Internet browser. Uploading and saving using TFTP Loading and saving data via a TFTP server On this page, you can configure the TFTP server and the file names. You can also store device data in an external file on a TFTP server or load such data from an external file from the TFTP server to the devices. This means, for example, that you can also load new firmware from a file located on a TFTP server. Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Note Incompatibility with predecessor versions During the installation of a previous version, the configuration data and log files can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. Incompatibility with previous firmware versions with/without PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "Not Accepted" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using the WBM page "System > PLUG". WinCC Advanced V14 System Manual, 10/2016 1235 Editing devices and networks 10.1 Configuring devices and networks Configuration files Note Configuration files and Trial mode/Automatic Save In "Automatic Save" configuration mode, the data is saved automatically before the configuration files (ConfigPack and Config) are transferred. In trial mode , although the changes are adopted, they are not saved in the configuration files (ConfigPack and Config). Use the "Write Startup Config" button on the "System > Configuration" WBM page to save changes in the configuration files. CLI script file You can download existing CLI configurations (RunningCLI) and upload your own CLI scripts (Script). Note The downloadable CLI script is not intended to be uploaded again unchanged. Settings TFTP Server IP Address Enter the IP address or the FQDN of the TFTP server with which you exchange data. TFTP Server Port Here, enter the port of the TFTP server via which data exchange will be handled. If necessary, you can change the default value 69 to your own requirements. The table has the following columns: File type Shows the designation of the file. Description Shows the short description of the file type. 1236 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks File name A file name is preset here for every file type. Note Changing the file name You can change the file name preset in this column. After clicking the "Set Values" button, the changed name is stored on the device and can also be used with the Command Line Interface. Select action (only available online) Select the required action. The selection depends on the selected file type, for example you can only save the log file. The following actions are possible: - Save file With this selection, you save a file on the TFTP server. - Load file With this selection, you load a file from the TFTP server. Passwords There are files to which access is password protected. To load the file on the device, enter the password specified for the file on the WBM page. Settings The table has the following columns: Type Shows the file type. Description Shows the short description of the file type. Enabled When selected, the password is used. Can only be enabled if the password is configured. Password Enter the password for the file. WinCC Advanced V14 System Manual, 10/2016 1237 Editing devices and networks 10.1 Configuring devices and networks Password Confirmation Confirm the new password. Status Shows whether the current settings for the file match the device. - Valid the "Enabled" setting is selected and the password matches the certificate. - Invalid the "Enabled" setting is selected but the password does not match the certificate or no certificate has been loaded yet. - '-' The password cannot be evaluated or is not yet being used. The "Enabled" check box is not selected. Events Configuration On this page, you specify how the device reacts to system events. By enabling the appropriate options, you specify how the device reacts to events. To enable or disable the options, click the relevant settings of the columns. Settings Signaling Contact Response Select the behavior of the signaling contact. The following reactions are possible: - conventional Default setting for the signaling contact. An error/fault is displayed by the fault LED and the signaling contact is opened. When the error/fault state no longer exists, the fault LED goes off and the signaling contact is closed. - User-defined The way the signaling contact works does not depend on the error/fault that has occurred. The signaling contact can be opened or closed as required by user actions. Signaling Contact Status Select the status of the signaling contact from the drop-down list. The following statuses are possible: - close Signaling contact is closed. - open Signaling contact is opened. 1238 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. E-mail/Trap/Log table/Syslog/Errors Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1239 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Event The "Event" column contains the following values: - Cold/Warm Start The device was turned on or restarted by the user. - Link Change This event occurs only when the port status is monitored and has changed, see "System > Fault Monitoring > Link Change". - Authentication Failure This event occurs when attempting access with a bad password. - RMON Alarm An alarm or event has occurred relating to the remote monitoring of the system. - Power Supply Switchover This event occurs only when power supply lines 1 and 2 are monitored. It indicates that there was a change to line 1 or line 2, see System > Fault Monitoring > Power Supply". - RM status change The redundancy manager has recognized an interruption or restoration of the ring and has switched the line over or back. - Spanning Tree Change The STP or RSTP or MSTP topology has changed. - Fault State Change The fault state has changed. The fault state can relate to the activated port monitoring, the response of the signaling contact or the power supply monitoring. - Standby State Change A device with an established standby connection (master or slave) has activated or deactivated the link to the other ring (standby port). The data traffic was redirected from one Ethernet connection (standby port of the master) to the other Ethernet connection (standby port of the slave). - VRRP State Change (only with routing using VRRP) The status of the virtual router has changed - Loop Detection A loop was detected in the network segment. - OSPF State Change The status of OSPF has changed. - Pnac Port Authentication State Change Port authentication - PoE State Change The status of PoE has changed. - Diagnostics Alarms The diagnostics value has fallen below or exceeded a certain limit. - FMP Status Change The value of the received power or the power loss has fallen below a certain limit. E-mail 1240 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The device sends an e-mail. This is only possible if the SMTP server is set up and the "SMTP client" function is enabled. Trap The device sends an SNMP trap. This is only possible if "SNMPv1 traps" is enabled in "System > Configuration". Log table The device writes an entry in the event log table, see "Information > Log Table" Syslog The device writes an entry to the system log server. This is only possible if the system log server is set up and the "Syslog client" function is enabled. Fault The device triggers a fault. The error LED lights up Severity filter On this page, set the threshold levels for sending system event notifications. Settings The table has the following columns: Client Type Select the client type for which you want to make settings: - E-mail Sending system event messages by e-mail - Log table Entry of system events in the log table. - Syslog Entering system events in the Syslog file - WLAN Authentication Log Forwarding of the entries from the WLAN Authentication Log to the system protocol server. Can only be configured with SCALANCE W770 and SCALANCE W780 Severity Select the required level. The following settings are possible: - Info System events are processed as of the severity level "Info". - Warning System events are processed as of the severity level "Warning". - Critical System events are processed as of the severity level "Critical". WinCC Advanced V14 System Manual, 10/2016 1241 Editing devices and networks 10.1 Configuring devices and networks SMTP client The device provides the option of automatically sending an e-mail if an alarm event occurs (for example to the network administrator). The e-mail contains the identification of the sending device, a description of the cause of the alarm in plain language, and a time stamp. This allows centralized network monitoring to be set up for networks with few nodes based on an E-mail system. When an e-mail error message is received, the WBM can be started by the Internet browser using the identification of the sender to read out further diagnostics information. On this page, you can configure up to three SMTP servers and the corresponding e-mail addresses. Settings SMTP Client Enable or disable the SMTP client. Sender Email Address Enter the name of the sender to be included in the e-mail, for example the device name. This setting applies to all configured SMTP servers. Send Test Mail Send a test e-mail to check your configuration. SMTP Port Enter the port via which your SMTP server can be reached. Factory settings: 25 This setting applies to all configured SMTP servers. SMTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the SMTP server. This table contains the following columns: SMTP Server Address Shows the IP address or the FQDN (Fully Qualified Domain Name) of the SMTP server. Email address of the recipient Enter the e-mail address to which the device sends an e-mail if a fault occurs. Syntax of email addresses The following conditions apply to e-mail addresses: Alphanumeric characters are permitted. The following special characters are permitted: - @ - _ (underscore) - - (hyphen) - . (period) A @ character must be included. 1242 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Only one @ may be used. The characters "@" and the "." must not be the first or last character. DHCP DHCP client If the device is configured as a DHCP client, it starts a DHCP query. As the reply to the query the device receives an IPv4 address from the DHCP server. The server manages an address range from which it assigns IPv4 addresses. It is also possible to configure the server so that the client always receives the same IPv4 address in response to its request. Settings DHCP client configuration file request (opt 66, 67) Select this option if you want the DHCP client to use options 66 and 67 to download and then enable a configuration file. DHCP Mode Select the DHCP mode. The following modes are possible: - via MAC Address Identification is based on the MAC address. - via DHCP Client ID Identification is based on a freely defined DHCP client ID. - Via System Name Identification is based on the system name. If the device name is 255 characters long, the last character is not used for identification. - via PROFINET Name of Station Identification is based on the PROFINET name of the station. This table contains the following columns: Interface Interface to which the setting relates. DHCP Enable or disable the DHCP client for the relevant interface. DHCP Server You can operate the device as a DHCP server. This allows IP addresses to be assigned automatically to the connected devices. The IP addresses are either distributed dynamically from an address band (pool) you have specified or a specific IP address is assigned to a particular device. On this page, specify the address band from which the connected device receives any IP address. You configure the static assignment of the IP addresses in "Static Leases". WinCC Advanced V14 System Manual, 10/2016 1243 Editing devices and networks 10.1 Configuring devices and networks Requirement The connected devices are configured so that they obtain the IP address from a DHCP server. Description The page contains the following boxes: DHCP Server Enable or disable the DHCP server on the device. Note To avoid conflicts with IPv4 addresses, only one device may be configured as a DHCP server in the network. Probe address with ICMP echo before offer When selected, the DHCP server checks whether or not the IP address has already been assigned. To do this the DHCP server sends ICMP echo messages (ping) to the IPv4 address. If no reply is received, the IPv4 address is assigned. Note If there are devices in your network on which the echo service is disabled as default, there may be conflicts with the IPv4 addresses. To avoid this, assign these devices an IPv4 address outside the IPv4 address band. The table has the following columns: Select Select the check box in the row to be deleted. Pool ID Shows the number of the IPv4 address band. If you click the "Create" button, a new row with a unique number is created (pool ID). Interface Select a VLAN IP interface. The IPv4 addresses are assigned dynamically via this interface. The requirement for the assignment is that the IPv4 address of the interface is located in the subnet of the IPv4 address band. If this is not the case, the interface does not assign any IPv4 addresses. Enable Specify whether or not this IPv4 address band will be used. Note If you enable the IPv4 address band, its settings in this and the other DHCP tabs are grayed out and can no longer be edited. Subnet Enter the network address range that will be assigned to the devices. Use the CIDR notation. Lower IP Address Enter the IPv4 address that specifies the start of the dynamic IPv4 address band. The IPv4 address must be within the network address range you configured for "Subnet". 1244 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Upper IP address Enter the IPv4 address that specifies the end of the dynamic IPv4 address band. The IPv4 address must be within the network address range you configured for "Subnet". Lease Time (sec) Specify for how many seconds the assigned IPv4 address remains valid. When half the period of validity has elapsed. the DHCP client can extend the period of the assigned IPv4 address. When the entire time has elapsed, the DHCP client needs to request a new IPv4 address. Port Range On this page, you define the ports via which the IPv4 addresses of an address band are assigned. After you have created an IPv4 address band in the "DHCP Server" tab, a new line is created in this tab and all ports selected that are currently located in the corresponding VLAN. If you add ports to the VLAN later, the ports are not automatically enabled in this tab. Description This table contains the following columns: Pool ID Shows the number of the IPv4 address band. A line is created for every address band. Interface Shows the assigned VLAN IP interface. All ports Select the setting from the drop-down list. You have the following setting options: - Enabled The check box is enabled for all ports. - Disabled The check box is disabled for all ports. - No Change The table remains unchanged. Px.y Specify the ports via which IPv4 addresses of the address band will be assigned. You can only select ports located in the corresponding VLAN. DHCP Options On this page you specify which DHCP options the DHCP server supports. The various DHCP options are defined in RFC 2132. The DHCP options 1, 3, 6, 66 and 67 are created automatically when the IPv4 address band is created. With the exception of DHCP option 1, the options can be deleted. With DHCP option 1 the subnet mask is set automatically that you entered for the address band in "DHCP Server". With the DHCP option 3, you can set the internal IPv4 address of the device as a DHCP parameter using a check box. WinCC Advanced V14 System Manual, 10/2016 1245 Editing devices and networks 10.1 Configuring devices and networks Description The page contains the following boxes: Pool ID Select the required IPv4 address band. Option Code Enter the number of the required DHCP option. The various DHCP options are defined in RFC 2132. The supported DHCP options are listed in the following paragraph. The table has the following columns: Select Select the check box in the row to be deleted. Pool ID Shows the number of the IPv4 address band. Option Code Shows the number of the DHCP option. Use Interface IP If you enable the check box, the IPv4 address is used as the default gateway that is assigned to the VLAN IP address. If the check box is disabled, you can enter an IPv4 address. Value Enter the DHCP parameter that is transferred to the DHCP client. The content depends on the DHCP option. - DHCP option 3 (default gateway): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2. - DHCP option 6 (DNS): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2. You can specify up to three IPv4 addresses separated by commas. - DHCP option 66 (TFTP Server): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2. - DHCP option 67 (boot file name) Enter the name of the boot file in the string format. - DHCP option 12 (host name) Enter the host name in the string format. DHCP options supported The following DHCP options are supported: Option 1 Option 3 Option 6 Option 12 Option 66 Option 67 1246 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Relay Agent Information On this page you define that devices with a certain remote ID and circuit ID are assigned the IPv4 addresses from a specific address band. If you create such an entry for an address band, the ports of the address band only react to DHCP queries via a DHCP relay agent (option 82). You can create further address bands for the same VLAN IP interfaces so that ports react to different requests. Note Extension or release of an IPv4 address assigned via a relay agent. With address assignments via a relay agent "Renew" and "Release" messages going directly from the DHCP client to the DHCP server are ignored by the server. The extension of the period for an IPv4 address assigned via a relay agent is achieved using a "Rebinding" message that the client sends automatically as a broadcast. To speed up the release of an IPv4 address assigned via a relay agent, configure a shorter period of validity. Description The page contains the following boxes: Pool ID Select the required IPv4 address band. Remote ID Enter the remote ID. Circuit ID Enter the circuit ID. The table has the following columns: Select Select the check box in the row to be deleted. Pool ID Shows the number of the IPv4 address band. Remote ID Shows the remote ID. Circuit ID Shows the circuit ID. Static Leases On this page you define that DHCP clients are assigned a preset IPv4 address depending on their client ID or MAC address. WinCC Advanced V14 System Manual, 10/2016 1247 Editing devices and networks 10.1 Configuring devices and networks Description The page contains the following boxes: Pool ID Select the required IPv4 address band. Client identification method Select the method according to which a client is identified. - Ethernet MAC The client is identified by its MAC address. - Client ID The client is identified by a freely defined DHCP client ID. Value Enter the MAC address (Ethernet MAC) or the client ID of the client. The table has the following columns: Select Select the check box in the row to be deleted. Pool ID Shows the number of the IPv4 address band. Identification method Shows whether the client is identified by its MAC address or the client ID. Value Shows the MAC address or client ID of the client. IP Address Specify the IPv4 address that will be assigned to the client. The IPv4 address must be within the IPv4 address band. SNMP General On this page, you make the basic settings for SNMP. Enable the options according to the function you want to use. 1248 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings SNMP Select the SNMP protocol. The following settings are possible: - "-" (disabled) SNMP is disabled. - SNMPv1/v2c/v3 SNMPv1/v2c/v3 is supported. - SNMPv3 Only SNMPv3 is supported. SNMPv1/v2 Read-Only If you enable this option, SNMPv1/v2c can only read the SNMP variables. Note Community String For security reasons, do not use the standard values "public" or "private". Change the community strings following the initial installation. SNMPv1/v2c Read Community String Enter the community string for access of the SNMP protocol. SNMPv1/v2c Read/Write Community String Enter the community string for read and write access of the SNMP protocol. SNMPv1 Traps Enable or disable the sending of SNMP traps (alarm frames). On the "Trap" tab, specify the IP addresses of the devices to which SNMP traps will be sent. SNMPv1/v2c Trap Community String Enter the community string for sending SNMPv1/v2 messages. SNMPv3 User Migration - Enabled If the function is enabled, an SNMP engine ID is generated that can be migrated. You can transfer configured SNMPv3 users to a different device. If you enable this function and load the configuration of the device on another device, configured SNMPv3 users are retained. - Disabled If the function is disabled, a device-specific SNMP engine ID is generated. To generate the ID, the agent MAC address of the device is used. You cannot transfer this SNMP user configuration to other devices. If you load the configuration of the device on another device, all configured SNMPv3 users are deleted. SNMP Engine ID Shows the SNMP engine ID. WinCC Advanced V14 System Manual, 10/2016 1249 Editing devices and networks 10.1 Configuring devices and networks Traps If an alarm event occurs, a device can send SNMP traps (alarm frames) to up to ten different management stations at the same time. Traps are only sent if the events specified in "Events" occur. Note SNMP traps are sent only when the "SNMPv1 Traps" setting was selected in "SNMP > General". Settings Trap Receiver Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the station to which the device sends SNMP traps. You can specify up to ten different recipients. The table has the following columns: Trap Receiver Address If necessary, change the IP addresses or the FQDN of the stations. Trap Enable or disable the sending of SNMP traps. Stations that are entered but not selected do not receive SNMP traps. v3 Groups Security settings and assigning permissions SNMP version 3 allows permissions to be assigned, authentication, and encryption at protocol level. The security levels and read/write permissions are assigned according to groups. The settings automatically apply to every member of a group. Settings Group Name Enter the name of the group. The maximum length is 32 characters. Security Level Select the security level (authentication, encryption) valid for the selected group. You have the following options for the security levels: - no Auth/no Priv No authentication enabled / no encryption enabled. - Auth/no Priv Authentication enabled / no encryption enabled. - Auth/Priv Authentication enabled / encryption enabled. 1250 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Group Name Shows the defined group names. Note Once a group name and the security level have been specified, they can no longer be modified after the group is created. If you want to change the group name or the security level , you will need to delete the group and recreate it and reconfigure it with the new name. Security Level Shows the configured security level. Read Enable or disable read access for the required group. Write Enable or disable write access for the required group. Note For write access to work, you also need to enable read access. Persistence Shows whether or not the group is assigned to an SNMPv3 user. If the group is not assigned to an SNMPv3 user, no automatic saving is triggered and the configured group disappears again after restarting the device. - Yes The group is assigned to an SNMPV3 user. - No The group is not assigned to an SNMPV3 user. v3 users User-specific security settings On the WBM page, you can create new SNMPv3 users and modify or delete existing users. The user-based security model works with the concept of the user name; in other words, a user ID is added to every frame. This user name and the applicable security settings are checked by both the sender and recipient. Settings User name Enter a freely selectable user name. After you have entered the data, you can no longer modify the name. WinCC Advanced V14 System Manual, 10/2016 1251 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: User name Shows the created users. Group Name Select the group to which the user will be assigned. Authentication Protocol Specify the authentication protocol for which a password will be stored. The following settings are available: - None - MD5 - SHA Encryption Protocol Specify whether or not a password should be stored for encryption with the DES algorithm. Can only be enabled when an authentication protocol has been selected. Authentication Password Enter the authentication password. This password must have at least 6 characters, the maximum length is 32 characters. Confirm authentication password Confirm the password by repeating the entry. Encryption Password Enter your encryption password. This password must have at least 6 characters, the maximum length is 32 characters. Confirm Encryption Password Confirm the encryption password by repeating the entry. Persistence Shows whether or not the user is assigned to an SNMPv3 group. If the user is not assigned to an SNMPv3 group, no automatic saving is triggered and the configured user disappears again after restarting the device. - Yes The user is assigned to an SNMPv3 group. - No The user is not assigned to an SNMPv3 group. System time Manual time setting There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. 1252 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks On this page, you set the date and time of the system. For this setting to be used, enable "Manual time setting". Note The page is only available if there is an online connection to the device. Settings Time Manually Enable or disable the manual time setting. If you enable the option, the "System Time" input box can be edited. System Time Enter the date and time in the format "MM/DD/YYYY HH:MM:SS". Use PC Time Click the button to use the time setting of the PC. Last Synchronization Time Shows when the last time-of-day synchronization took place. If no time-of-day synchronization was possible, the box displays "Date/time not set". Last Synchronization Mechanism This box displays how the last time-of-day synchronization was performed. - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame. - PTP Automatic time-of-day synchronization with PTP DST overview On this page, you can create new entries for the daylight saving time changeover. The table provides an overview of the existing entries. WinCC Advanced V14 System Manual, 10/2016 1253 Editing devices and networks 10.1 Configuring devices and networks Settings DST No. Shows the number of the entry. If you create a new entry, a new line with a unique number is created. Name Shows the name of the entry. Year Shows the year for which the entry was created. Start Date Shows the month, day and time for the start of daylight saving time. End Date Shows the month, day and time for the end of daylight saving time. Recurring Date With an entry of the type "Rule", the period in which daylight saving time is active is displayed consisting of week, day, month and time of day. With an entry of the type "Date" a "-" is displayed. State Shows the status of the entry: - enabled The entry was created correctly. - invalid The entry was created new and the start and end date are identical. Type Shows how the daylight saving time changeover is made: - Date A fixed date is entered for the daylight saving time changeover. - Recurring A rule was defined for the daylight saving time changeover. DST configuration On this page, you can configure the entries for the daylight saving time changeover. As result of the changeover to daylight saving or standard time, the system time for the local time zone is correctly set. You can define a rule for the daylight saving time changeover or specify a fixed date. Settings Note The content of this page depends on the selection in the "Type" box. The boxes "DST No.", "Type" and "Name" are always shown. 1254 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks DST No. Select the type of the entry. Type Select how the daylight saving time changeover is made: - Date You can set a fixed date for the daylight saving time changeover. This setting is suitable for regions in which the daylight saving time changeover is not governed by rules. - Recurring You can define a rule for the daylight saving time changeover. This setting is suitable for regions in which the daylight saving time always begins or ends on a certain weekday. Name Enter a name for the entry. Settings with "Date" selected You can set a fixed date for the start and end of daylight saving time. Year Enter the year for the daylight saving time changeover. Start Date Enter the following values for the start of daylight saving time: - Day Specify the day. - Hour Specify the hour. - Month Specify the month. End Date Enter the following values for the end of daylight saving time: - Day Specify the day. - Hour Specify the hour. - Month Specify the month. WinCC Advanced V14 System Manual, 10/2016 1255 Editing devices and networks 10.1 Configuring devices and networks Settings with "Recurring" selected You can create a rule for the daylight saving time changeover. Start Date Enter the following values for the start of daylight saving time: - Hour Specify the hour. - Month Specify the month. - Week Specify the week. You can select the 1st to 4th or the last week of the month. - Weekday Specify the weekday. End Date Enter the following values for the end of daylight saving time: - Hour Specify the hour. - Month Specify the month. - Week Specify the week. You can select the 1st to 4th or the last week of the month. - Weekday Specify the weekday. SNTP client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. SNTP (Simple Network Time Protocol) is used for synchronizing the time in the network. The appropriate frames are sent by an SNTP server in the network. Note To avoid time jumps, make sure that there is only one time server in the network. Settings SNTP Client Enable or disable automatic time-of-day synchronization using SNTP. Current System Time (only available online) Shows the current date and current normal time received by the IE switch. If you specify a time zone, the time information is adapted accordingly. 1256 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. Last Synchronization Mechanism (only available online) Shows how the last time-of-day synchronization was performed. The following methods are possible: - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP Time Zone Enter the time zone you are using in the format "+/- HH:MM". The time zone relates to UTC standard world time. The time in the "Current System Time" box is adapted accordingly. Daylight Saving Time Shows whether the daylight saving time changeover is active. - active (offset +1 h) The system time was changed to daylight saving time; in other words an hour was added. The normal time including the time zone continues to be displayed in the "Current System Time" box. The normal time including the time zone continues to be displayed in the "Current System Time" box. - inactive (offset +0 h) The current system time is not changed. SNTP Mode Select the synchronization mode. The following types of synchronization are possible: - Poll If you select this protocol type, the input boxes "SNTP Server Address", "SNTP Server Port" and "Poll Interval[s]" are displayed to allow further configuration. With this type of synchronization, the device is active and sends a time query to the SNTP server. - Listen With this type of synchronization, the device is passive and "listens" for SNTP frames that deliver the time of day. Poll Interval[s] Here, enter the interval between two-time queries. In this box, you enter the query interval in seconds. Possible values are 16 to 16284 seconds. WinCC Advanced V14 System Manual, 10/2016 1257 Editing devices and networks 10.1 Configuring devices and networks SNTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the SNTP server. SNTP Server Port Enter the port of the SNTP server. The following ports are possible: - 123 (standard port) - 1025 to 36564 Primary The check mark is set for the SNTP server that you create first. If several SNTP servers have been created, the primary server is queried first. NTP client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. If you require time-of-day synchronization using NTP, you can make the relevant settings here. Note To avoid time jumps, make sure that there is only one time server in the network. Settings NTP Client Enable or disable automatic time-of-day synchronization using NTP. Current System Time (only available online) Shows the current date and current normal time received by the IE switch. If you specify a time zone, the time information is adapted accordingly. Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. 1258 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Last Synchronization Mechanism (only available online) This box displays how the last time-of-day synchronization was performed. The following methods are possible: - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP Time Zone Enter the time zone you are using in the format "+/- HH:MM". The time zone relates to UTC standard world time. The time in the "Current System Time" box is adapted accordingly. Daylight Saving Time Shows whether the daylight saving time changeover is active. - active (offset +1 h) The system time was changed to daylight saving time; in other words an hour was added. The normal time including the time zone continues to be displayed in the "Current System Time" box. - inactive (offset +0 h) The current system time is not changed. NTP Server Index Select the index of the NTP server. The server with the lowest index is queried first. NTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the NTP server. NTP Server Port Enter the port of the NTP server. The following ports are possible: - 123 (standard port) - 1025 to 36564 Poll Interval[s] Here, enter the interval between two time queries. In this box, you enter the poll interval in seconds. Possible values are 64 to 1024 seconds. WinCC Advanced V14 System Manual, 10/2016 1259 Editing devices and networks 10.1 Configuring devices and networks SIMATIC Time Client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. On this page, you configure time synchronization with the SIMATIC Time Client. Note To avoid time jumps, make sure that there is only one time server in the network. Settings SIMATIC Time Client Enable or disable the SIMATIC time client. Current System Time (only available online) Shows the current system time. Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. Last Synchronization Mechanism (only available online) This box displays how the last time-of-day synchronization was performed. - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP PTP Client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. If you require time-of-day synchronization using PTP, you can make the relevant settings here. The following devices support time-of-day synchronization with PTP: SCALANCE XR528-6M SCALANCE XR552-12M 1260 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings PTP Client Enable or disable time synchronization using PTP. You can configure other settings in "Layer 2 > PTP". Current System Time (only available online) Shows the current date and current normal time obtained due to time synchronization in the network. If you specify a time zone, the time information is adapted accordingly. Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. If no time-of-day synchronization was possible, the box displays "Date/time not set". Last Synchronization Mechanism (only available online) This box displays how the last time-of-day synchronization was performed. - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP Time Zone Enter the time zone you are using in the format "+/- HH:MM". The time zone relates to UTC standard world time. The time in the "Current System Time" box is adapted accordingly. Daylight Saving Time Shows whether the daylight saving time changeover is active. - active (offset +1 h) The system time was changed to daylight saving time; in other words an hour was added. The normal time including the time zone continues to be displayed in the "Current System Time" box. - inactive (offset +0 h) The current system time is not changed. Auto logout On this page, set the times after which there is an automatic logout from WBM or the CLI following user in activity. If you have been logged out automatically, you will need to log in again. WinCC Advanced V14 System Manual, 10/2016 1261 Editing devices and networks 10.1 Configuring devices and networks Settings Web Based Management [s] Enter the time in seconds for the automatic logout from WBM. If you enter the value 0, the automatic logout is disabled. CLI (TELNET, SSH, Serial) [s] Enter the time in seconds for the automatic logout from the CLI. If you enter the value 0, the automatic logout is disabled. Button The "Select/Set" button has the following functions: Change display mode Enable redundancy manager Restore to factory defaults Fault mask and LED display You will find a detailed description of the individual functions available with the buttons in the device operating instructions. On this page, the functionality of the SELECT/SET button can be restricted or fully disabled. Settings Restore Factory Defaults Enable or disable the "Restore Factory Defaults" function with the Select/Set button. CAUTION Button function "Restore Factory Defaults" active during startup If you have disabled this function in your configuration, disabling is only valid during operation. When restarting, for example after power down, the function is active until the configuration is loaded so that the device can inadvertently be reset to the factory settings. This may cause unwanted disruption in network operation since the device needs to be reconfigured if this occurs. An inserted PLUG is also deleted and returned to the status as shipped Redundancy Manager Enable or disable the redundancy manager function. Set Fault Mask Enable or disable the function "Define fault mask via the LED display" with the Select/set button. This function only works in display mode D. Syslog client Syslog according to RFC 3164 is used for transferring short, unencrypted text messages over UDP in the IP network. This requires a system log server. 1262 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirements for sending log entries: The Syslog function is enabled on the device. The Syslog function is enabled for the relevant event. There is a Syslog server in your network that receives the log entries. Since this is a UDP connection, there is no acknowledgment to the sender. The IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server is entered in the device. Settings Syslog Client Enable or disable the Syslog function. Syslog Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server. The table contains the following columns: Syslog Server Address Shows the IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server. Server Port Enter the port of the Syslog server being used. Ports Port overview The page shows the configuration for the data transfer for all ports of the device. You cannot configure anything on this page. Settings Port Shows the configurable ports. Port name Shows the name of the port. Port Type (only with routing) Shows the type of the port. The following types are possible: - Router Port - Switch Port VLAN Hybrid - Switch-Port VLAN Trunk - Switch Port VLAN Host - Switch-Port PVLAN Promiscuous WinCC Advanced V14 System Manual, 10/2016 1263 Editing devices and networks 10.1 Configuring devices and networks Combo Port Media Type The values are only available with combo ports. Shows the mode of the combo port: - auto - rj45 - sfp Status Shows whether the port is on or off. Data traffic is possible only over an enabled port. OperState Displays the current operational status. The operational status depends on the configured "Status" and the "Link". The available options are as follows: - up You have configured the status "enabled" for the port and the port has a valid connection to the network. - down You have configured the status "disabled" or "Link down" for the port or the port has no connection. - not present With modular devices, this status is displayed when, for example, no media module is inserted. Link (only available online) Shows the connection status to the network. With the connection status, the following is possible: - Up The port has a valid link to the network, a link integrity signal is being received. - Down The link is down, for example because the connected device is turned off. Mode (only available online) Shows the transfer parameters of the port MTU (Maximum Transmission Unit) Shows the maximum packet size. Negotiation Shows whether the automatic configuration is enabled or disabled. Flow Ctrl. Type Shows whether flow control is enabled or disabled for the port. Flow Ctrl. Shows whether or not flow control is working on this port. 1264 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MAC Address (only available online) Shows the MAC address of the port. Blocked by Shows why the port is in the "blocked" status: - The analysis of the port status Is not supported. - forwarding The port is not blocked. - ring redundancy The port belongs to a redundancy manager. When the redundancy manager is in the "Passive status, one of the ring ports is in the "blocking" status. - spanning tree The port has the status "Discarding" in the spanning tree. The port is part of a spanning tree, however it is located on a redundant path and is deactivated for data traffic. - loop detection A loop was detected and as the reaction to a loop, the status "disable" was configured for the port. - down-in-bundle The port is part of a link aggregation and was deactivated by LACP. - la-loop-detection The port is part of a link aggregation. A loop was detected and as the reaction to a loop, the status "disable" was configured for the link aggregation. - la-spanning-tree The port is part of a link aggregation. The link aggregation was switched to the status "Discarding" by the spanning tree. - admin-down The status "disabled" is configured for the port, see "System > Ports > Configuration". - link down The status "enabled" is configured for the port but there is no connection, see "System > Ports > Configuration". - power-down The status "Link down" is configured for the port, see "System > Ports > Configuration". - standby Standby redundancy is enabled on the device. The port is a standby port with the status "Passive". Differing display of the transmission parameters with combo ports. In the connection status "down", the displayed transmission parameters do not match the actual values of the combo port. In the connection status "up", the correct values are displayed. Initial situation A pluggable transceiver is plugged into the combo port with the following settings: Combo Port Media Type: auto Status: enabled Link: down display of the transmission parameters with 100 Mbps pluggable transceivers WinCC Advanced V14 System Manual, 10/2016 1265 Editing devices and networks 10.1 Configuring devices and networks Actual response: Mode: 1G HD Expected response: Mode: 100M FD with 1 Gbps pluggable transceivers Actual response: Mode: 1G HD Expected response: Mode: 1G FD Configuration With this page, you can configure all the ports of the device. Settings Port Select the port to be configured. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Status Specify whether the port is enabled or disabled. - enabled The port is enabled. Data traffic is possible only over an enabled port. - disabled The port is disabled but the connection remains. - Link down The port is disabled and the connection to the partner device is terminated. Port name Enter a name for the port. MAC Address (only available online) Shows the MAC address of the port. Mode Type(only available online) Select the transmission speed and the transmission method of the port. If you set the mode to "Autonegotiation", these parameters are automatically negotiated with the connected end device. This must also be in the "Autonegotiation" mode. Note Before the port and partner port can communicate with each other, the settings must match at both ends. Note "Mode Type" with combo ports To be able to set the "Mode Type" of a combo port, change the "Combo Port Media Type" to "rj45". If "auto" is set for the "Combo Port Media Type" and the RJ-45 port is used, you cannot set the "Mode Type". 1266 Mode (only available online) Shows the transmission speed and mode of the port. The transmission speed can be 10 Mbps, 100 Mbps, 1000 Mbps or 10 Gbps. As the transmission mode, full duplex (FD) or half duplex (HD) can be configured. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Negotiation Shows whether the automatic configuration of the connection to the partner port is enabled or disabled. Flow Ctrl. Type Enable or disable flow control for the port. Note Turning flow control on/off with autonegotiation Flow control can only be enabled or disabled if the "autonegotiation" function is turned off. The function cannot enabled again afterwards. Flow Ctrl. Shows whether flow control is working on this port. MTU Enter the packet size. Port Type (only with routing) Select the type of the port: - Router Port The port is an IP interface. It does not support layer 2 functions. - Switch Port VLAN Hybrid The port sends tagged and untagged frames. It is not automatically a member of a VLAN. - Switch-Port VLAN Trunk The port only sends tagged frames and is automatically a member of all VLANs. - Switch Port VLAN Host Host ports belong to a secondary PVLAN. Connect devices to host ports that are only intended to communicate with certain devices of the PVLAN. - Switch-Port PVLAN Promiscuous Promiscuous ports belong to a primary PVLAN. Connect devices to promiscuous ports that are intended to communicate all devices of the PVLAN. Combo Port Media Type Specify the mode of the combo port: - auto If you select this mode, the SFP transceiver port has priority. As soon as an SFP transceiver is plugged in, an existing connection at the fixed RJ-45 port is terminated. If no SFC transceiver is plugged in, a connection can be established via the fixed RJ-45 port. - rj45 If you select this mode, the fixed RJ-45 port is used regardless of the SFP transceiver port. If a pluggable transceiver is plugged in, it is disabled and the power turned off. - sfp If you select this mode, the SFP transceiver port is used regardless of the built-in RJ-45 port. If an RJ-45 connection is established, it is terminated because the power of the RJ-45 port is turned off. The factory setting for the combo ports is the auto mode. WinCC Advanced V14 System Manual, 10/2016 1267 Editing devices and networks 10.1 Configuring devices and networks OperState Displays the current operational status. The operational status depends on the configured "Status" and the "Link". The available options are as follows: - up You have configured the status "enabled" for the port and the port has a valid connection to the network. - down You have configured the status "disabled" or "Link down" for the port or the port has no connection. - not present With modular devices, this status is displayed when, for example, no media module is inserted. 1268 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Link (only available online) Shows the connection status to the network. The available options are as follows: - Up The port has a valid link to the network, a link integrity signal is being received. - Down The link is down, for example because the connected device is turned off. Blocked by Shows why the port is in the "blocked" status: - The analysis of the port status Is not supported. - forwarding The port is not blocked. - ring-redundancy The port belongs to a redundancy manager. When the redundancy manager is in the "Passive status, one of the ring ports is in the "blocking" status. - spanning-tree The port has the status "Discarding" in the spanning tree. The port is part of a spanning tree, however it is located on a redundant path and is deactivated for data traffic. - loop-detection A loop was detected and as the reaction to a loop, the status "disable" was configured for the port. - down-in-bundle The port is part of a link aggregation and was deactivated by LACP. - la-loop-detection The port is part of a link aggregation. A loop was detected and as the reaction to a loop, the status "disable" was configured for the link aggregation. - la-spanning-tree The port is part of a link aggregation. The link aggregation was switched to the status "Discarding" by the spanning tree. - admin-down The status "disabled" is configured for the port, see "System > Ports > Configuration". - link-down The status "enabled" is configured for the port but there is no connection, see "System > Ports > Configuration". - power-down The status "Link down" is configured for the port, see "System > Ports > Configuration". - standby Standby redundancy is enabled on the device. The port is a standby port with the status "Passive". WinCC Advanced V14 System Manual, 10/2016 1269 Editing devices and networks 10.1 Configuring devices and networks Changing the port configuration Note Optical ports only work with the full duplex mode and at maximum transmission rate. As a result, the following settings cannot be made for optical ports: Automatic configuration Transmission speed Transmission technique Note With various automatic functions, the device prevents or reduces the effect on other ports and priority classes (Class of Service) if a port is overloaded. This can mean that frames are discarded even when flow control is enabled. Port overload occurs when the device receives more frames than it can send, for example as the result of different transmission speeds. Fault Monitoring Power supply Configure whether or not the power supply should be monitored by the messaging system. Depending on the hardware variant, there are one or two power connectors (Supply 1 / Supply 2). With a redundant power supply, configure the monitoring separately for each individual feed-in line. If there is no power on one of the monitored lines (Supply 1 or Supply 2) or when the voltage is too low, a fault is signaled by the signaling system. Note You will find the permitted operating voltage limits in the compact operating instructions of the device. A fault causes the signaling contact to trigger and the fault LED on the device to light up and, depending on the configuration, can trigger a trap, an e-mail, or an entry in the event log table. Settings Line 1 Enable or disable the monitoring of power connector 1. Line 2 Enable or disable the monitoring of power connector 2. 1270 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Link Change On this page, you configure whether or not an error message is triggered if there is a status change on a network connection. If connection monitoring is enabled, an error is signaled when there should be a link on a port and this is missing. or when there should not be a link on a port and a link is detected. An error causes the signaling contact to trigger and the fault LED to light up on the device. Depending on the configuration, the error may trigger a trap, an e-mail or an entry in the event log table. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns Port Shows the available ports. Setting Select the setting. You have the following options: - Up Error handling is triggered when the port changes to the active status. (From "Link down" to "Link up") - Down Error handling is triggered when the port changes to the inactive status. (From "Link up" to "Link down") - "-" (disabled) The error handling is not triggered. Redundancy On this page, you configure whether or not an error message is triggered if there is a status change on a network connection. Setting Redundancy loss (HRP only) Enable or disable connection monitoring. If the redundancy of the connection is lost, an error is signaled. WinCC Advanced V14 System Manual, 10/2016 1271 Editing devices and networks 10.1 Configuring devices and networks PROFINET This page shows the PROFINET IO AR status and the device name. Settings PNIO Device Diagnostics Shows whether PNIO is enabled ("On") or disabled ("Off"). PNIO Device Diagnostics for next boot Set whether PNIO will be enabled ("On") or disabled ("Off") after the next device restart. Note PNIO and EtherNet/IP When PNIO is turned on, EtherNet/IP is turned off. The switchover from PNIO and EtherNet/ IP has no effect on DCP. Note PNIO AR Status If a PROFINET connection is established; in other words the PNIO AR status is "Online", you cannot disable PNIO. PNIO AR Status This box shows the status of the PROFINET IO connection; in other words whether the device is connected to a PROFINET IO controller "Online " or "Offline". Here, online means that a connection to a PROFINET IO controller exists, that this has downloaded its configuration data to the device and that the device can send status data to the PROFINET IO controller. In this status known as "in data exchange", the parameters set via the PROFINET IO controller cannot be configured. PNIO Name of Station This box displays the PROFINET IO device name according to the configuration in HW Config of STEP 7. Restore PROFINET IO Defaults and Restart Click this button to restore the default settings of the PROFINET IO profile and to restart the device. You must confirm the restart in a dialog box. The dialog box displays the settings specially made for operation with the PROFINET protocol. NOTICE By resetting the settings to the default settings of a profile, the IP address is also lost. Following this, the device can only be accessed via the serial interface, using the Primary Setup Tool or using DHCP. With the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. Allow PNIO Data Exchange(only with SCALANCE XB-200) Enable or disable PNIO data exchange Simulate PNIO Data Exchange(only with SCALANCE XB-200) Enable or disable the simulation of PNIO data exchange. 1272 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks EtherNet/IP EtherNet/IP On this page, you configure the mode of EtherNet/IP. Description of the displayed boxes The page contains the following boxes: EtherNet/IP Device Diagnostics Shows whether EtherNet/IP is enabled ("On") or disabled ("Off"). EtherNet/IP Device Diagnostics for next boot Set whether EtherNet/IP will be enabled ("On") or disabled ("Off") after the next device restart. Note EtherNet/IP and PROFINET When EtherNet/IP is turned on, PROFINET is turned off. The switchover from EtherNet/IP and PROFINET has no effect on DCP. Note PROFINET AR Status If a PROFINET connection is established; in other words the PROFINET AR status is "Online", you cannot enable EtherNet/IP. Restore EtherNet/IP Defaults and Restart Click this button to restore the default settings of the EtherNet/IP profile and to restart the device. You must confirm the restart in a dialog box. The dialog box displays the settings specially made for operation with the EtherNet/IP protocol. NOTICE Loss of the IP address By resetting the settings to the default settings of a profile, the IP address is also lost. Following this, the device can only be accessed via the serial interface, using the Primary Setup Tool or using DHCP. With the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. WinCC Advanced V14 System Manual, 10/2016 1273 Editing devices and networks 10.1 Configuring devices and networks PLUG PLUG configuration Note The page is only available if there is an online connection to the device. NOTICE Do not remove or insert a C-PLUG / KEY-PLUG during operation! A PLUG may only be removed or inserted when the device is turned off. The device checks whether or not a PLUG is present at one second intervals. If it is detected that the PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted in the device, the device changes to a defined error state following the restart. Information about the configuration of the C-PLUG / KEY-PLUG This page provides detailed information about the configuration stored on the C-PLUG or KEYPLUG. It is also possible to reset the PLUG to "factory defaults" or to load it with new contents. Note The action is only executed after you click the "Set Values" button. The action cannot be undone. If you decide against executing the function after making your selection, click the "Refresh" button. As a result the data of this page is read from the device again and the selection is canceled. Note Incompatibility with previous versions with PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "NOT ACCEPTED" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using "System > PLUG". 1274 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following rows: Status Shows the status of the PLUG. The following are possible: - ACCEPTED There is a PLUG with a valid and suitable configuration in the device. - NOT ACCEPTED Invalid or incompatible configuration on the inserted PLUG. - NOT PRESENT There is no C-PLUG or KEY-PLUG inserted in the device. - FACTORY PLUG is inserted and does not contain a configuration. This status is also displayed when the PLUG was formatted during operation. - MISSING There is no PLUG inserted. Functions are configured on the device for which a license is required. Device Group Shows the SIMATIC NET product line that used the C-PLUG or KEY-PLUG previously. Device Type Shows the device type within the product line that used the C-PLUG or KEY-PLUG previously. Configuration Revision The version of the configuration structure. This information relates to the configuration options supported by the device and has nothing to do with the concrete hardware configuration. This revision information does not therefore change if you add or remove additional components (modules or extenders), it can, however, change if you update the firmware. File System Displays the type of file system on the PLUG. NOTICE New file system UBI As of firmware version 3.0, UBI is the standard file system for the C-PLUG or KEY-PLUG. If a C-PLUG with the previous file system IECP is detected in such a device, this C-PLUG will be formatted for the UBI file system and the data will be rewritten to the C-PLUG. This change in the file system also occurs following a firmware update to V3.0. A downgrade to the previous version of the firmware then presents a problem. The firmware can neither read nor write the C-PLUG or KEY-PLUG and it is not even possible to "Erase PLUG to factory default". File System Size [bytes] Shows the maximum storage capacity of the file system on the C-PLUG. File System Usage Displays the storage space in use in the file system of the C-PLUG. WinCC Advanced V14 System Manual, 10/2016 1275 Editing devices and networks 10.1 Configuring devices and networks Info String Shows additional information about the device that used the PLUG previously, for example, article number, type designation, and the versions of the hardware and software. The displayed software version corresponds to the version in which the configuration was last changed. With the "NOT ACCEPTED" status, further information on the cause of the problem is displayed. Modify PLUG Select the required setting. You have the following options for changing the configuration on the C-PLUG or KEY-PLUG: - Write current configuration to PLUG This option is available only if the status of the PLUG is "NOT ACCEPTED" or FACTORY. The configuration in the internal flash memory of the device is copied to the PLUG. - Erase PLUG to factory default Deletes all data from the C-PLUG and triggers low-level formatting. PLUG license Note The page is only available if there is an online connection to the device. NOTICE Do not remove or insert a C-PLUG / KEY-PLUG during operation! A PLUG may only be removed or inserted when the device is turned off. The device checks whether or not a PLUG is present at one second intervals. If it is detected that the PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted in the device, the device changes to a defined error state following the restart. If the device was configured at some time with a PLUG, the device can no longer be used without this PLUG. To be able to use the device again, reset the device to the factory settings. Note Incompatibility with previous versions with PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "NOT ACCEPTED" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using "System > PLUG". Information about the license of the KEY-PLUG A C-PLUG can only store the configuration of a device. In addition to the configuration, a KEYPLUG also contains a license that enables certain functions of your SIMATIC NET device. 1276 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks This page provides detailed information about the license on the KEY-PLUG. Displayed values Status Shows the status of the KEY-PLUG. The following are possible: - ACCEPTED The KEY-PLUG in the device contains a suitable and valid license. - NOT ACCEPTED The license of the inserted KEY-PLUG is not valid. - NOT PRESENT No KEY-PLUG is inserted in the device. - MISSING There is no KEY-PLUG or a C-PLUG with the status "FACTORY" inserted in the device. Functions are configured on the device for which a license is required. - WRONG The inserted KEY-PLUG is not suitable for the device. - UNKNOWN Unknown content of the KEY-PLUG. - DEFECTIVE The content of the KEY-PLUG contains errors. Order ID Shows the order number of the KEY-PLUG. The KEY-PLUG is available for various functional enhancements and for various target systems. Serial Number Shows the serial number of the KEY-PLUG. Info String Shows additional information about the device that used the KEY-PLUG previously, for example, order number, type designation, and the versions of the hardware and software. The displayed software version corresponds to the version in which the configuration was last changed. With the "NOT ACCEPTED" status, further information on the cause of the problem is displayed. Note When you save the configuration, the information about whether or not a KEY-PLUG was inserted in the device at the time is also saved. This configuration can then only work if a KEYPLUG with the same article number / license is inserted. WinCC Advanced V14 System Manual, 10/2016 1277 Editing devices and networks 10.1 Configuring devices and networks Ping Reachability of an address in an IP network Note The page is only available if there is an online connection to the device. With the ping function, you can check whether a certain IPv4 address is reachable in the network. Settings IP Address Enter the IPv4 address of the device. Repeat Enter the number of ping requests. Ping Click this button to start the ping function. Ping Output This box shows the output of the ping function. Delete Click this button to delete the ping output. PoE General Note The menu item "PoE" is only displayed for devices that support PoE On this page, you see information about the power that the IE switch supplies with PoE. The SCALANCE X-500 represents a PSE (Power Sourcing Equipment). With the SCALANCE XM400, each group of four ports with PoE capability is known as a PSE. The displayed values apply only to the corresponding PSE. Setting PSE Shows the number of the PoE power supply. Maximum Power Maximum power that a PSE provides to supply PoE devices. 1278 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Allocated Power Sum of the power reserved by the PoE devices according to the "Classification". Used power Sum of the power used by the end devices. Usage Threshold [%] When the power being used by the end devices exceeds the percentage shown here, an event is triggered. Power over Ethernet with SCALANCE XM-400 With a SCALANCE XM-400, you can use the "Power over Ethernet" function via the port extender PE408PoE. PoE power supply The connection of the PoE power supply is external. You can connect 2 PoE power supplies with each PE408PoE port extender. Each PE408PoE therefore has 2 PSE units (Power Sourcing Equipment) each with 4 ports. Port Settings for the ports For each individual PoE port, you can specify whether or not the power will be supplied via Ethernet. You can also set a priority for each connected powered device (PD). Devices for which a high priority was set, take preference over other devices for the power supply. Settings Table 1 has the following columns: Port Shows that the settings are valid for all ports. Setting Select the required setting. Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Priority Select the required priority of the port. Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Type Enter a string that describes the connected device in greater detail. The maximum length is 255 characters. Copy to Table If you click the button, the setting is adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1279 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the configurable PoE ports. The port is made up of the port number and the slot number, for example port 0.1 is slot 0, port 1. Setting Enable the PoE power supply for this port or interrupt it. Priority Select which priority this port will have for the power supply. The following settings are possible, in ascending order of relevance: - low low priority - high medium priority - critical high priority If the same priority is set for two ports, the port with the lower port number will be preferred when necessary. Type Here, you can enter a string to describe the connected device in greater detail. Classification The classification specifies the class of the device. From this, it is possible to recognize the maximum power of the device. Status Shows the current status of the port. The following states are possible: - disabled The PoE power supply is deactivated for this port. - delivering The PoE power supply is activated for this port and a device is connected. - searching The PoE power supply is activated for this port but there is no device connected. Note If a device is connected to a port with PoE capability, a check is made to determine whether the power of the port is adequate for the connected device. If the power of the port is inadequate, although PoE is enabled in "Setting", the port nevertheless has the status "disabled". This means that the port was disabled by the PoE power management. Power [mW] Shows the power that the SCALANCE provides at this port. 1280 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Voltage [V] Shows the voltage applied to this port. Current [mA] Shows the current with which a device connected to this port is supplied. Port diagnostics Cable tester Note The page is only available if there is an online connection to the device. With this page, each individual Ethernet port can run independent fault diagnostics on the cable. This test is performed without needing to remove the cable, connect a cable tester and install a loopback module at the other end. Short-circuits and cable breaks can be localized to within a few meters. Note Please note that this test is permitted only when no data connection is established on the port to be tested. Settings Port Select the required port from the drop-down list. Run Test Activates error diagnostics. The result is shown in the table. WinCC Advanced V14 System Manual, 10/2016 1281 Editing devices and networks 10.1 Configuring devices and networks This table contains the following columns: Pair Shows the wire pair in the cable. Note Wire pairs Wire pairs 4-5 and 7-8 of 10/100 Mbps network cables are not used. In 1000 Mbps or gigabit Ethernet, all 4 wire pairs are used. The wire pair assignment - pin assignment is as follows (DIN 50173): Pair 1 = pin 4-5 Pair 2 = pin 1-2 Pair 3 = pin 3-6 Pair 4 = pin 7-8 Status Displays the status of the cable. Distance [m] Displays the distance to the cable end, cable break, or short-circuit. SFP diagnostics On this page, you run independent error diagnostics for each individual SFP port. This test is performed without needing to remove the cable, connect a cable tester or install a loopback module at the other end. Note Please note that this test is permitted only when no data connection is established on the port to be tested. If, however, there is a data connection to the port to be tested, this is briefly interrupted. Automatic re-establishment of the connection can fail and then needs to be done manually. Description The page contains the following boxes: Port Select the required port from the drop-down list. The values are shown in the following boxes: Name Shows the name of the interface. Model Shows the type of interface. 1282 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Revision Shows the hardware version of the SFP. Serial Shows the serial number of the SFP. Nominal Bit Rate [Mbps] Shows the nominal bit rate of the interface. Max. Link (50.0/125um) [m] Shows the maximum distance in meters that is possible with this medium. Max. Link (62.5/125um) [m] Shows the maximum distance in meters that is possible with this medium. The following table shows the values of the SFP transceiver used in this port: Temperature [C] Shows the temperature of the interface. Voltage [V] Shows the voltage applied to the interface [V]. Current [mA] Shows the current consumption of the interface [mA]. RX Power [mW] Shows the receive power of the interface [mW]. Tx Power [mW] Shows the transmit power of the interface [mW]. Current Shows the current value. Low Shows the lowest value. High Shows the highest value. Configuring layer 2 functions Configuration On this page, you create a basic configuration for the functions of layer 2. On the configuration pages of these functions, you can make more detailed settings. You can also check the settings on the configuration pages. WinCC Advanced V14 System Manual, 10/2016 1283 Editing devices and networks 10.1 Configuring devices and networks Settings Protocol Based VLAN Enable or disable protocol-based VLAN. You can configure other settings in "Layer 2 > VLAN". Subnet Based VLAN Enable or disable subnet-based VLAN. You can configure other settings in "Layer 2 > VLAN". Dynamic MAC Aging Enable or disable the "Aging" mechanism. You can configure other settings in "Layer 2 > Dynamic MAC Aging". Redundancy Type The following settings are available: - "-" (disabled) The redundancy function is disabled. - Spanning Tree If you select this option, you specify the required redundancy mode in "Redundancy Mode". - Ring Enables ring redundancy. You can configure other settings in "Layer 2 > Ring Redundancy > Ring". - Ring with RSTP If you select this option, the compatibility mode for spanning tree is set permanently to RSTP. In the "Redundancy Type" drop-down list, you specify the redundancy mode of the ring redundancy. You can change the current setting in the "Ring Redundancy" and "Spanning Tree" menus. Note Restriction relating to ports with the "Ring with RSTP" option If you have enabled the "Ring with RSTP" option, the following ports must not be included in the spanning tree: Ring ports Standby ports Standby coupling ports 1284 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Redundancy Mode If you select "Spanning Tree" for the "Redundancy Type", the following options are then available: - STP Enables the Spanning Tree Protocol (STP). Typical reconfiguration times with spanning tree are between 20 and 30 seconds. You can configure other settings in "Layer 2 > Spanning Tree". - RSTP Enables the Rapid Spanning Tree Protocol (RSTP). If a spanning tree frame is detected at a port, this port reverts from RSTP to spanning tree. You can configure other settings in "Layer 2 > Spanning Tree". Note When using RSTP (Rapid Spanning Tree Protocol), loops involving duplication of frames or frames being overtaken may occur briefly. If this is not acceptable in your particular application, use the slower standard spanning tree mechanism. - MSTP Enables the Multiple Spanning Tree Protocol (MSTP). You can configure other settings in "Layer 2 > Spanning Tree". If you select "Ring" or "Ring with RSTP" for the "Redundancy Type", the following options are then available: - Automatic Redundancy Detection Select this setting to create an automatic configuration of the redundancy mode. In the Automatic Redundancy Detection mode, the device automatically detects whether or not there is a device with the "HRP Manager" role in the ring. If there is, the device adopts the role "HRP Client" client. If no HRP manager is found, all devices with the "Automatic Redundancy Detection" or "MRP Auto Manager" setting negotiate among themselves to establish which device adopts the role of "MRP Manager". The device with the lowest MAC address will always become "MRP Manager". The other devices automatically set themselves to "MRP Client" mode. - MRP Auto-Manager In the "MRP Auto Manager" mode, the devices negotiate among themselves to establish which device will adopt the role of "MRP Manager". The device with the lowest MAC address will always become "MRP Manager". The other devices automatically set themselves to "MRP Client" mode. In contrast to the setting "Automatic Redundancy Detection", the devices are not capable of detecting whether or not an HRP manager is in the ring. Note MRP configuration in STEP 7 If you set the role "Manager (Auto)" or "Manager" for the device in STEP 7, in both cases, "MRP Auto Manager" is displayed on this WBM page. In the display in the CLI, a distinction is made between the two roles. - MRP Client The device adopts the role of MRP client. WinCC Advanced V14 System Manual, 10/2016 1285 Editing devices and networks 10.1 Configuring devices and networks - HRP Client The device adopts the role of HRP client. - HRP Manager The device adopts the role of HRP manager. When you configure an HRP ring, one device must be set as HRP manager. For all other devices, "HRP Client" or "Automatic Redundancy Detection" must be set. Standby Enable or disable the "Standby redundancy" function. You can configure other settings in "Layer 2 > Ring Redundancy > Standby". Passive Listening Enable or disable the "passive listening" function. RMON If you select this check box, Remote Monitoring (RMON) allows diagnostics data to be collected on the device, prepared and read out using SNMP by a network management station that also supports RMON. This diagnostic data, for example port-related load trends, allow problems in the network to be detected early and eliminated. Dynamic Multicast The following settings are possible: - "-" (disabled) - IGMP Snooping Enables IGMP (Internet Group Management Protocol). You can configure other settings in "Layer 2 > Multicast > IGMP". - MLD Snooping Enables MLD. You can configure other settings in "Layer 2 > Multicast > MLD". - IGMP and MLD Snooping Enables IGMP and MDL. - GMRP Enables GMRP (GARP Multicast Registration Protocol). You can configure other settings in "Layer 2 > Multicast > GMRP". Note GMRP and IGMP cannot operate at the same time. GVRP Enable or disable "GVRP" (GARP VLAN Registration Protocol). You can configure other settings in "Layer 2 > VLAN > GVRP". Mirroring Enable or disable port mirroring. You can configure other settings in "Layer 2 > Mirroring > Port". 1286 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Loop Detection Enable or disable loop detection. You can configure other settings in "Layer 2 > Loop Detection". PTP Specify how the device will process PTP messages. You can configure other settings in "Layer 2 > PTP". - off The device does not process any PTP messages. PTP messages are, however, forwarded according to the rules of the switch. - transparent The device adopts the function of a transparent clock and forwards PTP messages to other nodes while at the same time making entries in the correction field of the PTP message. QoS General Transmission priorities On this page, you can specify the priorities of different frames. In addition to this, depending on the priority you can set the method according to which the processing order of the frames is specified. You should also refer to the section "Basics (Page 1170)". Description of the displayed values The page contains the following boxes: Broadcast Priority Specify the priority of broadcast frames. The switch sorts the frame into a queue according to this prioritization . You configure the assignment of the priority to a queue on the page ""Layer 2 > QoS > CoS Map". Agent Priority Specify the priority of agent frames. The switch sorts the frame into a queue according to this prioritization . You configure the assignment of the priority to a queue on the page ""Layer 2 > QoS > CoS Map". Scheduling Mode Select the order in which the frames are processed in the queues. The higher the queue number, the higher the processing priority. - Strict Queueing As long as there are frames with high priority in the queue, only these high-priority frames are processed. - Weighted Fair Queueing Even if there are frames with high priority in the queue, frames with a lower priority will be processed occasionally. WinCC Advanced V14 System Manual, 10/2016 1287 Editing devices and networks 10.1 Configuring devices and networks CoS Map On this page, you can assign CoS priorities to different Queues. Settings CoS Shows the CoS priority of the incoming packets. Queue From the drop-down list, select the queue that is assigned to the CoS priority. The higher the number of the queue, the higher the processing priority. With queues 1 - 6 frames with a lower priority are occasionally processed even if there are frames with high priority in the queue. With queues 7 - 8 only frames with a high priority are processed as long as there are frames with high priority in the queue. The service classes (CoS) are assigned to the queues as follows: SCALANCE XB-200/XP-200 SCALANCE XM-400/XR-500 CoS 0 Queue 2 CoS 0 Queue 2 CoS 1 Queue 1 CoS 1 Queue 1 CoS 2 Queue 1 CoS 2 Queue 3 CoS 3 Queue 2 CoS 3 Queue 4 CoS 4 Queue 3 CoS 4 Queue 5 COo 5 Queue 3 CoS 5 Queue 6 CoS 6 Queue 4 CoS 6 Queue 7 CoS 7 Queue 4 CoS 7 Queue 8 DSCP Mapping On this page, you can assign DSCP priorities to different Queues. Settings DSCP Shows the DSCP priority of the incoming packets. Queue From the drop-down list, select the queue that is assigned to the DSCP priority. The higher the queue number, the higher the send priority. With queues 1 - 6 frames with a lower priority are occasionally processed even if there are frames with high priority in the queue. With queues 7 - 8 only frames with a high priority are processed as long as there are frames with high priority in the queue. 1288 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The DSCP codes are assigned to the queues as follows: SCALANCE XB-200/XP-200 SCALANCE XM-400/XR-500 DSCP codes 0 - 15 Queue 1 DSCP codes 0 - 7 Queue 2 DSCP codes 16 - 31 Queue 2 DSCP codes 8 - 15 Queue 1 DSCP codes 32 - 47 Queue 3 DSCP codes 16 - 23 Queue 3 DSCP codes 48 - 63 Queue 4 DSCP codes 24 - 31 Queue 4 DSCP codes 32 - 39 Queue 5 DSCP codes 40 - 47 Queue 6 DSCP codes 48 - 55 Queue 7 DSCP codes 56 - 63 Queue 8 QoS Trust Specifying the subnet priority On this page you can set the method according to which frames to be forwarded are prioritized port by port. Description of the displayed values Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Trust Mode Select the required setting. If "No setting" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1289 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the configurable PoE ports. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Trust Mode Select the required mode from the drop-down list: - No Trust The switch sorts the incoming frames into a queue according to the prioritization of the receiving port. If there is a DSCP value in the IP header, this is ignored. If a VLAN tag exists, it is replaced by the priority value of the receiving port. - Trust COS If an incoming frame contains a VLAN tag, the switch sorts it into a queue according to this prioritization. If the frame does not contain a VLAN tag, the switch sorts the frame into a queue according to the prioritization of the receiving port. If there is a DSCP value in the IP header, this is ignored. - Trust DSCP If an incoming frame contains a DSCP prioritization, the switch sorts it into a queue according to this prioritization. If the frame does not contain a DSCP prioritization, the switch sorts the frame into a queue according to the prioritization of the receiving port. If the frame contains a VLAN tag, this is ignored. - Trust COS-DSCP With an incoming frame, there is a sequential check to determine which prioritization it contains. If the frame contains a DSCP prioritization, it is handled as in the "Trust DSCP" mode. If the frame contains no DSCP prioritization, the switch checks whether the frame contains a VLAN tag. If it contains a VLAN tag, the switch sorts it into a queue according to this prioritization. If the frame contains neither a DSCP prioritization nor a VLAN tag, the switch sorts the frame into a queue according to the prioritization of the receiving port. CoS Port Remap Changing priority when sending On this page depending on the priority when receiving, you can change the priority of a frame with which it is sent. Description of the displayed boxes The page contains the following boxes: CoS Remap Enable or disable frames being sent with changed priorities according to Table 2. 1290 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. Priority 0 - 7 The priority in the column stands for the priority with which a frame is received. - 0-7 Select the priority with which a frame will be sent. - No Change No change in table 2. Copy to Table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows all available ports. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Priority 0 - 7 The priority in the column stands for the priority with which a frame is received. In the drop-down list select the priority with which a frame will be sent. Rate Control Limiting the transfer rate of incoming and outgoing data On this page, you configure the load limitation (maximum number of data packets per second) for the individual ports. You can specify the category of frame for which these limit values will apply. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Limit Ingress Unicast (DLF) / Limit Ingress Broadcast / Limit Ingress Multicast Select the required setting. Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Total Ingress Rate [pkts/s] Specify the maximum number of incoming packets processed by the device. If "No Change" is entered, the entry in table 2 remains unchanged Egress Rate [Kb/s] Specify the data rate for all outgoing frames. If "No Change" is entered, the entry in table 2 remains unchanged Transfer to table If you click the button, the settings are adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1291 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the port to which the settings relate. Limit Ingress Unicast (DLF) Enable or disable the data rate for limiting incoming unicast frames with an unresolvable address (Destination lookup failure). Limit Ingress Broadcast Enable or disable the data rate for limiting incoming broadcast frames. Limit Ingress Multicast Enable or disable the data rate for limiting incoming multicast frames. Total Ingress Rate [pkts/s] Specify the maximum number of incoming packets processed by the device. Egress Rate [Kb/s] Specify the data rate for all outgoing frames. Note Rounding of the values, deviation from desired value When you enter the values for transmission rates, note that the WBM rounds to correct values. If values are configured for total ingress transmission rate and egress transmission rate, the actual values in operation can exceed or fall below the set values by 10%. VLAN General On this page, you define the VLAN and specify the use of the ports. Note Changing the "Agent VLAN ID" If the configuration PC is connected directly to the device via Ethernet and you change the "agent VLAN ID", the device is no longer reachable via Ethernet following the change. Important rules for VLANs With SCALANCE XB-200 the rules of the Base Bridge mode apply "802.1Q VLAN Bridge". Make sure you keep to the following rules when configuring and operating your VLANs: Frames with the VLAN ID "0" are handled as untagged frames but retain their priority value. As default, all ports on the device send frames without a VLAN tag to ensure that the end node can receive these frames. With SCALANCE X devices, the VLAN ID "1" is the default on all ports. 1292 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If an end node is connected to a port, outgoing frames should be sent without a tag (static access port). If, however, there is a further switch at this port, the frame should have a tag added (trunk port). With a trunk port, the VLAN assignment is dynamic. Static configurations can only be created if, in addition to the trunk port property, the port is also entered statically as a member in the VLANs involved. An example of a static configuration is the assignment of the multicast groups in certain VLANs. Settings VLAN ID Enter the VLAN ID. The table has the following columns: VLAN ID Shows the VLAN ID. The VLAN ID is assigned once when you create a new data record and can then no longer be changed. To make a change, the entire data record must be deleted and created again. Base Bridge mode (only with SCALANCE XB-200) Specify the base bridge mode. Note Changing base bridge mode Note the section "Changing base bridge mode". This section describes how a change affects the existing configuration. - 802.1Q VLAN Bridge Sets the mode "VLAN-aware" for the device. In this mode, VLAN information is taken into account. Default setting with EtherNet/IP variants - 802.1D transparent bridge Sets the mode "VLAN-unaware" for the device. In this mode, VLAN tags are not taken into account or changed but are forwarded transparently. In this mode, you cannot create any VLANs. Only a management VLAN is available: VLAN 1: Default setting with PROFINET variants Name Enter a name for the VLAN. The name only provides information and has no effect on the configuration. The VLAN name can be a maximum of 32 characters long. Status Shows the status of the entry. Here, static means that the address was entered as a static address by the user. The entry GVRP means that the configuration was registered by a GVRP frame. This is, however, only possible if GVRP was enabled for the device. Private VLAN Type Shows the type of the PVLAN. Primary VLAN ID , With secondary PVLANs shows the ID of the corresponding primary PVLAN. WinCC Advanced V14 System Manual, 10/2016 1293 Editing devices and networks 10.1 Configuring devices and networks Transparent(only with SCALANCE XM-400/XR-500) If you enable these settings, you switch a VLAN to the transparent mode. Ports that were assigned to this VLAN as members or untagged members now become transparent ports. This means the following: - The port VLAN ID of the transparent port is set to the ID of this VLAN. - Untagged frames that are received at these ports are forwarded to all other transparent ports once again without tag as long as they are not forwarded to a standard VLAN by a protocol or subnet rule. - Frames tagged with VLAN ID "0" and that are received at these ports are forwarded to all other transparent ports once again tagged with VLAN ID "0" as long as they are not forwarded to a standard VLAN by a protocol or subnet rule. - Frames tagged with the VLAN ID of the transparent VLAN and that are received at these ports are forwarded to all transparent ports once again tagged with the VLAN ID of the transparent VLAN. - Other frames are forwarded according to the normal VLAN rules and a transparent port behaves like an untagged member in this VLAN. - All ports that were not members or untagged members in the relevant VLAN are automatically set to the "Forbidden" status. - As long as a VLAN is configured as a transparent VLAN, the ports belonging to this VLAN cannot be modified. - You can only configure one a transparent VLAN. List of ports Specify the use of the port. The following options are available: - "-" The port is not a member of the specified VLAN. With a new definition, all ports have the identifier "-". - M The port is a member of the VLAN. Frames sent in this VLAN are forwarded with the corresponding VLAN tag. - R The port is a member of the VLAN. A GVRP frame is used for the registration. - U (upper case) The port is an untagged member of the VLAN. Frames sent in this VLAN are forwarded without the VLAN tag. Frames without a VLAN tag are sent from this port. - u (lower case) The port is an untagged member of the VLAN, but the VLAN is not configured as a port VLAN. Frames sent in this VLAN are forwarded without the VLAN tag. - F The port is not a member of the specified VLAN and it is not possible for the VLAN to be registered dynamically at this port using GVRP. You can configure other settings in "Layer 2 > VLAN > Port-based VLAN". 1294 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks - T This option is only displayed and cannot be selected in the WBM. This port is a trunk port making it a member in all VLANs. You configure this function in the CLI (Command Line Interface) using the "switchport mode trunk" command. Changing Base Bridge mode with SCALANCE XB-200 VLAN-unaware (802.1D transparent bridge) VLAN-aware (802.1Q VLAN bridge) If you change the Base bridge mode from VLAN-unaware to VLAN aware, this has the following effects All static and dynamic unicast entries are deleted. All static and dynamic multicast entries are deleted. VLAN-aware (802.1Q VLAN bridge) VLAN-unaware (802.1D transparent bridge) If you change the Base bridge mode from VLAN-aware to VLAN-unaware, this has the following effects All static and dynamic VLAN information is deleted. A management VLAN is created: VLAN 1: All static and dynamic unicast entries are deleted. All static and dynamic multicast entries are deleted. GVRP Configuration of GVRP functionality Using GVRP frame, a different device can register at the port of the device for a specific VID. A different device, can, for example be an end device or a switch. The device can also send GVRP frames via this port. On this page, you can enable each port for GVRP functionality. Settings GVRP Enable or disable the "GVRP" function. WinCC Advanced V14 System Manual, 10/2016 1295 Editing devices and networks 10.1 Configuring devices and networks Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. Setting Select the setting. You have the following setting options: - Enabled Enables the sending of GVRP frames. - Disabled Disables the sending of GVRP frames. - No Change No change in table 2. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting Enable or disable the sending GVRP frames. Port-based VLAN Processing received frames On this page, you specify the configuration of the port properties for receiving frames. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Priority / Port VID / Acceptable Frames / Ingress Filtering Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. 1296 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the available ports and link aggregations. Priority Select the priority assigned to untagged frames. The CoS priority (Class of Service) used in the VLAN tag. If a frame is received without a tag, it will be assigned this priority. This priority specifies how the frame is further processed compared with other frames. There are a total of eight priorities with values 0 to 7, where 7 represents the highest priority (IEEE 802.1p Port Priority). Port VID Select the VLAN ID. Only VLAN IDs defined on the "VLAN > General" page can be selected. If a received frame does not have a VLAN tag, it has a tag with the VLAN ID specified here added to it and is sent according to the rules at the port. Acceptable Frames Specify which types of frames will be accepted. The following alternatives are possible: - Tagged Frames Only The device discards all untagged frames. Otherwise, the forwarding rules apply according to the configuration. - All The device forwards all frames Ingress Filtering Specify whether the VID of received frames is evaluated. The following options are available: - Enabled The VLAN ID of received frames decides whether they are forwarded: To forward a VLAN tagged frame, the receiving port must be a member in the same VLAN. Frames from unknown VLANs are discarded at the receiving port. - Disabled All frames are forwarded. Protocol-based VLAN group On this page, you specify groups and assign a protocol to them. WinCC Advanced V14 System Manual, 10/2016 1297 Editing devices and networks 10.1 Configuring devices and networks Settings Protocol Based VLAN Enable or disable the protocol-based VLAN assignment. Protocol Value Enter the hexadecimal protocol value. A few examples are shown below: - PROFINET: 88:92 - IP: 08:00 - Novell: 81:37 - netbios: f0:f0 - appletalk: 80:9b Group ID Enter the ID of the group. The table has the following columns: Protocol Value Shows the file value. Group ID Shows the group ID. Protocol-based VLAN port On this page, you specify which protocol and which VLAN is assigned to the individual port. Settings Port Select the required port. All available ports and the link aggregations can be selected. Group ID Select the group ID from the drop-down list. Specify the ID in "Layer 2 > VLAN > Protocol Based VLAN Group". The table has the following columns: Port All available ports and the link aggregations are shown. Group ID Shows the group ID assigned to the port. VLAN ID Select the required VLAN ID to be assigned to the port. IPv4 subnet-based VLAN On this page, you specify which VLAN ID is assigned to the subnet. 1298 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Subnet Based VLAN Enable or disable the subnet-based VLAN assignment. Port Select the port. All available ports and the link aggregations can be selected. Subnet Address Enter the IP address of the subnet. Example: 192.168.10.0 for the network 192.168.10.x with nodes 192.168.10.1 to 192.168.10.254. Subnet Mask Enter the subnet mask. The table has the following columns: Port All available ports and the link aggregations are shown. Subnet Address Shows the subnet assigned to the port. Subnet Mask Shows the subnet mask. VLAN ID Select the VLAN ID you want to assign to the port or the subnet. Private VLAN General Private VLAN configuration page On this page you define the types of the PVLANs and assign secondary PVLANs to a primary PVLAN. Note All secondary PVLANs must be known on all devices of a PVLAN. Even if a device has no host port in a secondary PVLAN, the secondary PVLAN must be known on the device. WinCC Advanced V14 System Manual, 10/2016 1299 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed boxes The table has the following columns: VLAN ID Shows the VLAN ID. Private VLAN Type Specify the type of PVLAN: - Primary Mit diesem Typ definieren Sie ein Primary PVLAN. In a PVLAN you can only define one primary PVLAN. The primary PVLAN uses the VLAN ID of the VLAN. - Isolated With this type, you define a secondary PVLAN. Only one device can exist in this secondary PVLAN. The secondary PVLAN has a specific VLAN ID. - Community With this type, you define a secondary PVLAN. The devices in this secondary PVLAN can communicate with each other via layer 2. The secondary PVLAN has a specific VLAN ID. Primary VLAN ID With secondary PVLANs select the VLAN ID of the primary PVLAN. IP Interface Mapping VLAN configuration page On this page you specify from which secondary PVLANs the IP interface of the primary PVLAN will be reachable. Description of the displayed boxes The page contains the following boxes: Interface Select a primary PVLAN with an IP interface. Secondary VLAN ID Select a secondary VLAN ID from which the IP interface of the primary PVLAN will be reachable. The table has the following columns: Select Select the row you want to delete. Interface Shows the IP interface. Secondary VLAN-ID Shows the secondary VLAN-ID of the secondary PVLAN from which the IP interface of the primary PVLAN is reachable. 1300 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Mirroring Basics Mirroring The device provides the option of simultaneously channeling incoming or outgoing data streams via other interfaces for analysis or monitoring. This has no effect on the monitored data streams. This procedure is known as mirroring. In this menu section, you enable or disable mirroring and set the parameters. Mirroring ports Mirroring a port means that the data traffic at a port (mirrored port) of the IE switch is copied to another port (monitor port). You can mirror one or more ports to a monitor port. If a protocol analyzer is connected to the monitor port, the data traffic at the mirrored port can be recorded without interrupting the connection. This means that the data traffic can be investigated without being affected. This is possible only if a free port is available on the device as the monitor port. General Mirroring in general On this page, you can enable or disable the mirroring function and make the basic settings. Note Mirroring a port does not work beyond switch core boundaries. Refer to the operating instructions of the device. Note You need to disable port mirroring if you want to connect a normal end device to the monitor port. This does not apply to the function extender BUS ANALYZER Agent XM-400. Note the data rate If the maximum data rate of the mirrored port is higher than that of the monitor port, data may be lost and the monitor port no longer reflects the data traffic at the mirrored port. Several ports can be mirrored to one monitor port at the same time. RSPAN With RSPAN (Remote Switched Port Analyzer) you can forward the data traffic of a mirroring session to the monitor port via a VLAN. On the RSPAN VLAN, the mirrored data traffic is not disturbed by other data. Frames addressed directly to the mirroring source cannot be mirrored on the RSPAN destination port. WinCC Advanced V14 System Manual, 10/2016 1301 Editing devices and networks 10.1 Configuring devices and networks Settings Mirroring Enable or disable mirroring of the data traffic. Monitor Barrier Enable or disable the setting to restrict communication via the monitor port. Note Effects of monitor barrier If you enable this setting, the management of the switch via the monitor port is no longer reachable. The following port-specific functions are changed: DCP forwarding is turned off LLDP is turned off Unicast, multicast and broadcast blocking is turned on The previous statuses of these functions are no longer restored after disabling monitor barrier again. They are reset to the default values and may need to be reconfigured. You can reconfigure these functions manually even if monitor barrier is turned on. The data traffic on the monitor port is also allowed again. If you do not require this, make sure that only the data traffic you want to monitor is forwarded to the interface. If mirroring is disabled, the listed port-specific functions are reset to the default values. This reset takes place regardless of whether the functions were configured manually or automatically by enabling "Monitor Barrier". Note Function extender BUS ANALYZER Agent XM-400 If the destination port is a port of the function extender BUS ANALYZER Agent XM-400 the monitor barrier option is always activated. It is activated regardless of whether the check box was disabled or enabled. RSPAN VLAN ID Select a VLAN. 1302 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks This table has the following columns: Session ID The Session ID is assigned automatically when a new entry is created. Session Type Select the required entry: - '-' None - Port-based Port-based mirroring - VLAN VLAN-based mirroring. - MAC ACL Mirroring of the MAC Access Control List. - IP ACL Mirroring of the IP Access Control List. Note If you have created a session of the type "VLAN" "MAC ACL" or "IP ACL", you cannot create any further sessions. You can create up to 7 sessions of the type "Port-based". If you change the "Session Type" of an existing session, all previous configurations of this session are lost. Status Shows whether or not mirroring is active. Hardware Index If in a VLAN you select more than one source port for the port-based egress mirroring, unknown unicast and multicast frames as well as broadcast frames are forwarded only once to the destination port. With several sessions, the corresponding frames are only visible in one session. They are only mirrored on the one destination port with the lowest hardware index. Dest. Port Select the destination port to be mirrored to in this session. Note Function extender BUS ANALYZER Agent XM-400 If you connect a function extender BUS ANALYZER Agent XM-400 with a SCALANCE XM-400 basic device as of firmware version 5.1, you can select up to four ports of the function extender BUS ANALYZER Agent XM-400 as destination ports. Function extender BUS ANALYZER Agent XM-400 supports port-based, VLAN-based, MAC ACL-based and IP ACL-based mirroring. RSPAN Enable or disable RSPAN for a session. WinCC Advanced V14 System Manual, 10/2016 1303 Editing devices and networks 10.1 Configuring devices and networks Port Mirroring ports You can only configure the settings on this page if you have already generated a session ID with the session type "Port-based" on the "General" tab. Settings Session ID Select the session you want to monitor. Up to 7 parallel sessions are possible and their ports must not overlap. The table has the following columns: Port Shows the port to be monitored. Ingress Mirroring Enable or disable listening in on incoming packets at the required port. Egress Mirroring Enable or disable listening in on outgoing packets at the required port. VLAN VLAN sources of the port mirroring You can only configure the settings on this page if you have already generated a session ID with the session type "VLAN" on the "General" tab. On this page, you specify the VLAN whose incoming data traffic will be mirrored to the monitor port. It can happen that data packets are visible on the monitor port that were not received in the defined VLAN. These data packets come from functions that are enabled on the device, e.g. SIMATIC time client. To avoid these data packets when VLAN mirroring, disable the relevant functions on the device before a recording. Settings Session ID Select the session you want to monitor. Only one session is possible. VLAN ID Enter the VLAN ID in the "VLAN ID" input box. The table "Ingress Mirroring " has the following columns: VLAN-ID Shows the VLAN ID for which the incoming frames are mirrored. The VLAN ID can only be assigned once when you create a new data record and can then no longer be changed. To make a change, the entire data record must be deleted and created again. 1304 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MAC Flow You can only configure the settings on this page if you have already generated a session ID with the session type "MAC ACL" on the "General" tab. The MAC ACL filter decides which data is available at the monitor port. Settings Session ID Select the session number of the port mirroring. The table has the following columns: ACL Filter Number Shows the number of the ACL filter. You configure the MAC ACL filter in "Security > MAC ACL". Ingress Mirroring Shows whether incoming packets are mirrored. Note Rules The selected rule only becomes active when you specify with which ACL rules the incoming packets will be filtered for at least one interface. You configure the settings in "Security > MAC ACL > Ingress Rules". Source MAC Shows the MAC address of the sender. Dest. MAC Shows the MAC address of the recipient. Ingress Interfaces Shows all interfaces to which this rule applies. The ACL filter decides which incoming data streams are mirrored on the monitor port (destination port). Egress Interfaces Shows all interfaces to which this rule applies. IP Flow You can only configure the settings on this page if you have already generated a session ID with the session type "IP ACL" on the "General" tab. The ACL filter decides which data is available at the monitor port. Settings Session ID Select the session ID. Only session IDs of the session type "IP ACL" are available. WinCC Advanced V14 System Manual, 10/2016 1305 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: ACL Filter Number Shows the number of the ACL filter. Ingress Mirroring Shows whether incoming packets are mirrored. Note Rules The selected rule only becomes active when you specify with which ACL rules the incoming packets will be filtered for at least one interface. You configure the settings in "Security > IP ACL > Ingress Rules". Source IP Shows the IPv4 address of the sender. Source Subnet Mask Shows the subnet mask of the sender. Dest. IP Shows the IPv4 address of the recipient. Dest. Subnet Mask Shows the subnet mask of the recipient. Ingress Interfaces Shows all interfaces to which this rule applies. The ACL filter decides which incoming data streams are mirrored on the monitor port (destination port). Egress Interfaces Shows all interfaces to which this rule applies. The ACL filter decides which outgoing data streams are mirrored on the monitor port (destination port). Dynamic MAC Aging The device automatically learns the source addresses of the connected nodes. This information is used to forward data frames to the nodes specifically involved. The network load for the other nodes is reduced. If a device does not receive a frame whose source address matches a learnt address within a certain time, the learnt address is deleted. This mechanism is known as aging. Aging prevents frames being forwarded incorrectly, for example when an end device (for example a programming device) is connected to a different port. If the check box is not enabled, a device does not delete learned addresses automatically. Settings Dynamic MAC Aging Enable or disable the function for automatic aging of learned MAC addresses: Aging Time [s] Enter the time in seconds. After this time, a learned address is deleted if the device does not receive any further frames from this sender address. 1306 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Ring Redundancy Ring Rules for ring redundancy Factory settings The factory setting defines MSTP as the redundancy method. With SCALANCE XM-400, the factory setting defines ports P1.1 and P1.2 as ring ports. With SCALANCE XM-500, the factory setting defines ports P0.1 and P0.2 as ring ports. Ring ports Ring ports The predefined ring ports of SCALANCE XR-500 are 10 Gbps ports. If a 1000 Mbps pluggable transceiver is plugged into one of the 10 Gbps ring ports, you cannot enable ring redundancy. Remove the 1000 Mbps pluggable transceiver. Enabling ring redundancy You can enable ring redundancy as follows: using the WBM using the CLI using the SELECT/SET button using a PNIO configuration download WinCC Advanced V14 System Manual, 10/2016 1307 Editing devices and networks 10.1 Configuring devices and networks Settings Ring Redundancy If you enable the "Ring Redundancy" check box, you turn ring redundancy on. The ring ports set on this page are used. Ring redundancy mode Specify the ring redundancy mode. The following options are available: - "-" (disabled) The redundancy function is disabled. - Automatic Redundancy Detection Select this setting to create an automatic configuration of the redundancy mode. In the "Automatic Redundancy Detection" mode, the device automatically detects whether or not there is a device with the "HRP Manager" role in the ring. If this is the case, the device adopts the role of "HRP Client". If no HRP manager is found, all devices with the "Automatic Redundancy Detection" or "MRP Auto Manager" setting negotiate among themselves to establish which device adopts the role of "MRP Manager". The device with the lowest MAC address will always become "MRP Manager". The other devices automatically set themselves to "MRP Client" mode. - MRP Auto Manager Automatic media redundancy manager - MRP Client Media redundancy client - HRP Client High Speed Redundancy Protocol client - HRP Manager High Speed Redundancy Protocol manager Ring ports Specify the ports to be used as ring ports in media redundancy in ring topologies. The ring port you select in the left-hand drop-down menu is the "Isolated Port" in HRP. Note If you restore the factory defaults, the default redundancy mode "Automatic Redundancy Detection" becomes active. The ring port configuration is also reset to the factory default ports. If other ports were used previously as ring ports, with the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. 1308 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Observer Enable or disable the observer. The "Observer" function is only available in HRP rings. The ring port selected in the left-hand drop-down menu is connected to the "Isolated Port" of an HRP manager. The observer monitors malfunctions of the redundancy manager or incorrect configurations of an HRP ring. If the observer is enabled, it can interrupt the connected ring if errors are detected. To do this, the observer switches a ring port to the "blocking" status. When the error is resolved, the observer enables the port again. Restart Observer (only available online) If numerous errors occur in quick succession, the observer no longer enables its port automatically. The ring port remains permanently in the "blocking" status. This is signaled by the error LED and a message text. After the errors have been eliminated, you can enable the port again using the "Restart Observer" button. Restoring factory settings If you have restored the factory defaults (Restore Factory Defaults and Restart), ring redundancy is disabled and the default ports are used as the ring ports. This can lead to circulating frames and failure of the data traffic if other settings were used in a previous configuration. Changing over the status of the ring ports with the redundancy manager If you configure a redundancy manager, set the status of the ring ports. The first ring port changes to the "blocking" status and the second ring port to the "forwarding" status. As long as ring redundancy is enabled, you cannot change the status of these ring ports. Note Make sure that you first open the ring so that there are no circulating frames. WinCC Advanced V14 System Manual, 10/2016 1309 Editing devices and networks 10.1 Configuring devices and networks Standby Redundant linking of rings Standby redundancy allows the redundant linking of HRP rings. To establish a standby connection, configure two neighboring devices within a ring as standby master or standby slave. The standby master and the standby slave must be connected via parallel cables to two devices in another ring. In problem-free operation, messages are exchanged between the two rings via the master. If the master's line is disturbed, the slave takes over the forwarding of messages between the two rings. Enable standby redundancy for both standby partners and select the ports via which the device is connected to the rings you want to link to. For the "Standby Connection Name", a name unique within the ring must be assigned for both partners. This identifies the two devices as standby partners that belong together. Note To be able to use the function, HRP must be activated. The standby manager always requires an activated HRP client or HRP manager. Note Standby master coupling with an optical 100 Mbps connection While the coupling partner of a standby master with an optical 100 Mbps connection starts up again, physically disconnect the connection between the standby master and its coupling partner. Settings Standby Enable or disable this function. Standby Port Select the port to be standby port. The link to the other ring is via the standby port. Note Note Standby ports in the spanning tree Before you enable the port as the standby port, you need to disable the port in the spanning tree. 1. Change to the page "Layer 2 > Spanning Tree > CIST Port". 2. Disable the ports in the spanning tree you want to configure as standby ports. The standby port is involved in the redirection of data traffic. In there are no problems, only the standby port of the master is enabled and handles the data traffic into the connected HRP ring or HRP bus. If the master or the Ethernet connection (link) of one of the standby ports of the master fails, the standby port of the master will be disabled and the standby port of the slave enabled. As a result, a functioning Ethernet connection to the connected network segment (HRP ring or HRP linear bus) is restored. 1310 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Standby Connection Name This name defines the master/slave device pair. Both devices must be located in the same ring. Here, enter the name for the standby connection. This must be identical to the name entered on the standby partner. You can select any name to suit your purposes, however, you can only use the name for one pair of devices in the entire network. Force device to Standby Master When selected, the device is configured as standby master regardless of its MAC address. - If this check box is not selected for either of the devices for which the standby master is enabled, then assuming that no error has occurred, the device with the higher MAC address adopts the role of standby master. - If the option is selected for both devices or if the "Force device to Standby Master" property is supported by only one device, the standby master is also selected based on the MAC address. This type of assignment is important in particular when a device is replaced. Depending on the MAC addresses, the previous device with the slave function can take over the role of the standby master. Note If two devices are linked by the standby function, the "Standby" function must be enabled on both devices. Wait for Standby Partner - Enabled A standby connection is enabled only after the standby master and the standby slave as well as their standby partners have established a connection. This ensures that the redundant connection is really available before communication via a standby connection is enabled. - Disabled A standby connection is enabled even if the standby master has not yet established a connection to the standby slave. This can lead to circulating frames and failure of the data traffic if another standby connection has already been enabled. Multiple standby connections can, for example, result due to configuration errors if different standby connection names were assigned to the standby master and standby slave. Spanning Tree General General settings of MSTP On this page, you configure the settings for MSTP. As default, Rapid Spanning Tree is enabled that can be set to the MSTP, RSTP or STP compatible mode with a switch. On the configuration pages of these functions, you can make detailed settings. WinCC Advanced V14 System Manual, 10/2016 1311 Editing devices and networks 10.1 Configuring devices and networks Depending on the compatibility mode, you can configure the corresponding function on the relevant configuration page. Settings Spanning Tree Enable or disable Spanning Tree. Protocol Compatibility Select the compatibility mode of MSTP. For example if you select RSTP, MSTP behaves like RSTP. The following settings are available: - STP - RSTP - MSTP See also Link aggregation (Page 1322) MST port (Page 1317) MST General (Page 1317) CIST general/ST general The page consists of the following parts. The left-hand side of the page shows the configuration of the device. The central part shows the configuration of the root bridge that can be derived from the spanning tree frames received by a device. The right-hand side shows the configuration of the regional root bridge that can be derived from the MSTP frames. The displayed data is only visible if you have enabled "Spanning Tree" on the "General" page and if "MSTP" is set for "Protocol Compatibility". This also applies to the "Bridge Max Hop Count" parameter. If the device is a root bridge, the information on the left and right matches. Settings Bridge Priority / Root Priority (only available online) Which device becomes the root bridge is decided based on the bridge priority. The bridge with the highest priority becomes the root bridge. The lower the value, the higher the priority. If several devices in a network have the same priority, the device whose MAC address has the lowest numeric value will become the root bridge. Both parameters, bridge priority and MAC address together form the bridge identifier. Since the root bridge manages all path changes, it should be located as centrally as possible due to the delay of the frames. Bridge Address / Root Address(only available online) The bridge address shows the MAC address of the device and the root address shows the MAC address of the root bridge. 1312 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Root Port (only available online) Shows the port via which the switch communicates with the root bridge. Root Cost (only available online) The path costs from this device to the root bridge. Topology Changes / Last Topology Change (only available online) The entry for the device shows the number of reconfigurations due to the spanning tree mechanism since the last startup. For the root bridge, the time since the last reconfiguration is displayed as follows: - Seconds: sec unit after the number - Minutes: min unit after the number - Hour: hr unit after the number Bridge Hello Time [s] / Root Hello Time[s] (only available online) Each bridge regularly sends configuration frames (BPDUs). The interval between two such frames is the Hello time. The default for this parameter is 2 seconds. Bridge Forward Delay [s] / Root Forward Delay [s] New configuration data is not used immediately by a bridge but only after the period specified in the parameter. This ensures that operation is only started with the new topology after all the bridges have the required information. Bridge Max Age / Root Max Age (only available online) When the max age timer elapses the received BPDU is discarded to be accepted as valid by the switch. Bridge Max Hop Count This parameter specifies how many MSTP nodes a BPDU may pass through. If an MSTP BPDU is received and has a "Bridge Max Hop Count" that exceeds the value configured here, it is discarded. Regional root priority (only available online) For a description, see Bridge Priority / Root Priority Regional root address (only available online) The MAC address of the device. Regional root costs (only available online) Shows the path costs from this device to the regional root bridge. Region Name Enter the name of the MSTP region to which this device belongs. As default, the MAC address of the device is entered here. This value must be the same on all devices that belong to the same MSTP region. Region Version Enter the version number of the MSTP region in which the device is located. This value must be the same on all devices that belong to the same MSTP region. Reset Counter (only available online) Click this button to reset the counters on this page to zero. WinCC Advanced V14 System Manual, 10/2016 1313 Editing devices and networks 10.1 Configuring devices and networks CIST Port/ST Port MSTP-CIST port configuration When the page is called, the table displays the current status of the configuration of the port parameters. To configure them, click the relevant cells in the port table. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Spanning Tree Status Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Table 2 has the following columns: Port Shows the available ports and interfaces. - Port X - WLAN X - VAP X.Y - WDS X.Y Spanning Tree Status Specify whether or not the port is integrated in the spanning tree. Note If you disable the "Spanning Tree Status" setting for a port, this may cause the formation of loops. The topology must be kept in mind. Priority Enter the priority of the port. The priority is only evaluated when the path costs are the same. The value must be divisible by 16. If the value that cannot be divided by 16, the value is automatically adapted. Cost Calc. Enter the path cost calculation. If you enter the value "0" here, the automatically calculated value is displayed in the "Path Costs" box. 1314 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Path Costs (only available online) This parameter is used to calculate the path that will be selected. The path with the lowest value is selected as the path. If several ports of a device have the same value for the path costs, the port with the lowest port number is selected. If The "Cost Calc." is "0", the automatically calculated value is shown. Otherwise, the value of the "Cost Calc." box is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000 The values can, however, also be set individually. Status (only available online) Displays the current status of the port. The values are only displayed and cannot be configured. The "Status" parameter depends on the configured protocol. The following is possible for status: - Disabled The port only receives and is not involved in STP, MSTP and RSTP. - Discarding In the "Discarding" mode, BPDU frames are received. Other incoming or outgoing frames are discarded. - Listening In this status, BPDUs are both received and sent. The port is involved in the spanning tree algorithm. - Learning Stage prior to the forwarding status, the port is actively learning the topology (in other words, the node addresses). - Forwarding Following the reconfiguration time, the port is active in the network; it receives and forwards data frames. WinCC Advanced V14 System Manual, 10/2016 1315 Editing devices and networks 10.1 Configuring devices and networks Fwd. Trans (only available online) Specifies the number of changes from the "Discarding" status to the "Forwarding" status Edge type Specify the type of edge port. You have the following options: - "-" Edge port is disabled. The port is treated as a "no edge port". - Admin Select this option when there is always an end device on this port. Otherwise a reconfiguration of the network will be triggered each time a connection is changed. - Auto Select this option if you want a connected end device to be detected automatically at this port. When the connection is established the first time, the port is treated as a "no Edge Port". - Admin/Auto Select these options if you operate a combination of both on this port. When the connection is established the first time, the port is treated as an Edge Port. Edge (only available online) Shows the status of the port. - Enabled An edge port is connected to this port. - Disabled There is a spanning tree or rapid spanning tree device at this port. With an end device, a switch can change over the port faster without taking into account spanning tree frames. If a spanning tree frame is received despite this setting, the port automatically changes to the "Disabled" setting for switches. P.t.P. Type Select the required option. The selection depends on the port that is set. - "-" Point to point is calculated automatically. If the port is set to half duplex, a point-to-point link is not assumed. - P.t.P. Even with half duplex, a point-to-point link is assumed. - Shared Media Even with a full duplex connection, a point-to-point link is not assumed. Note Point-to-point connection means a direct connection between two devices. A shared media connection is, for example, a connection to a hub. 1316 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks P.t.P. - Enabled Shows that a point-to-point link exists. - Disabled Shows that no point-to-point link exists. Hello Time Enter the interval after which the bridge sends configuration BPDUs Note The port-specific setting of the Hello time is only possible in MSTP compatible mode. MST General Multiple Spanning Tree configuration With MSTP, in addition to RSTP, several VLANs can be managed in a LAN with separate RSTP trees. Settings MSTP Instance ID Enter the number of the MSTP instance. The table has the following columns: Select Select the line to be deleted. MSTP Instance ID Shows the number of the MSTP instance. Root Address Shows the MAC address of the root bridge Root Priority Shows the priority of the root bridge. Bridge Priority Enter the bridge priority. The value for the bridge priority is a whole multiple of 4096. VLAN ID Enter the VLAN ID. Here, you can also specify ranges with Start ID, "-", End ID. Several ranges or IDs are separated by ",". MST port Configuration of the Multiple Spanning Tree port parameters On this page, you set the parameters for the ports of the configured multiple spanning tree instances. WinCC Advanced V14 System Manual, 10/2016 1317 Editing devices and networks 10.1 Configuring devices and networks Settings MSTP Instance ID Select the ID of the MSTP instance. Table 1 has the following columns 1st column Shows that the setting is valid for all ports. MSTP Status Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2 Table 2 has the following columns: Port Shows all available ports and link aggregations. MSTP Instance ID ID of the MSTP instance. MSTP Status Enable or disable MSTP for this port. Priority Enter the priority of the port. The priority is only evaluated when the path costs are the same. The value must be divisible by 16. If the value that cannot be divided by 16, the value is automatically adapted. Cost Calc. Enter the path cost calculation in the input box. If you enter the value "0" here, the automatically calculated value is displayed in the next box "Path Costs". Path Costs (only available online) This parameter is used to calculate the path that will be selected. The path with the lowest value is selected as the path. If several ports of a device have the same value for the path costs, the port with the lowest port number is selected. If the value for the Cost Calc is "0" the automatically determined value is displayed. Otherwise, the value of the "Cost Calc box is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000 The values can, however, also be set individually. 1318 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Status (only available online) Displays the current status of the port. The values are only displayed and cannot be configured. The following is possible for status: - Discarding The port exchanges MSTP information but is not involved in the data traffic. - Blocked In the blocking mode, BPDU frames are received. - Forwarding The port receives and sends data frames. Fwd. Trans(only available online) Specifies the number of status changes Discarding - Forwarding or Forwarding - Discarding for a port. Enhanced Passive Listening Compatibility Enabling the function On this page, you can enable passive listening compatibility. Settings Enhanced Passive Listening Compatibility Enable or disable this function for the entire device. Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Displays the port of the device. Setting - Enabled Enables the function. - Disabled Disables the function. WinCC Advanced V14 System Manual, 10/2016 1319 Editing devices and networks 10.1 Configuring devices and networks Loop detection With the "Loop Detection" function, you specify the ports for which loop detection will be activated. The ports involved send special test frames - the loop detection frames. If these frames are sent back to the device, there is a loop. A "local loop" involving this device means that the frames are received again at a different port of the same device. If the sent frames are received again at the same port, there is a "remote loop" involving other network components. Note A loop is an error in the network structure that needs to be eliminated. The loop detection can help to find the errors more quickly but does not eliminate them. The loop detection is not suitable for increasing network availability by deliberately including loops. Note Note that loop detection is only possible at ports that were not configured as ring ports or standby ports. Settings Loop Detection Enable or disable loop detection. VLAN Loop Detection Enable or disable loop detection in a VLAN. Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2 Threshold / Remote Reaction / Local Reaction Select the required settings. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. 1320 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the available ports. Setting Specify how the port handles loop detection frames. Note Test frames create additional network load. We recommend that you only configure individual switches, for example at branch points of the ring, as "sender" and the others as "forwarder". - sender Loop detection frames are sent out and forwarded. - forwarder Loop detection frames from other devices are forwarded. - blocked The forwarding of loop detection frames is blocked. Threshold By entering a number, specify the number of received loop detection frames as of which a loop is assumed. Remote Reaction Specify how the port will react if a remote loop occurs. - no action A loop has no effect on the port. - disable The port is blocked. Local Reaction Specify how the port will react if a local loop occurs. - no action A loop has no effect on the port. - disable The port is blocked Status (only available online) This box shows whether loop detection is enabled or disabled for this port. Source Port (only available online) Shows the receiving port of the loop detection frame that triggered the last reaction Source VLAN (only available online) Shows the VLAN ID of the loop detection frame that triggered the last reaction. This requires that the "VLAN Loop Detection" setting is selected. Reset (only available online) After a loop in the network has been eliminated, click this button to reset the port again. WinCC Advanced V14 System Manual, 10/2016 1321 Editing devices and networks 10.1 Configuring devices and networks Note Changing the configured port status with loop detection The configuration of the port status can be changed with the "Loop Detection" function. If, for example, the administrator has disabled a port, the port can be enabled again after a device restart with "Loop Detection" (enabled). The port status "link down" is not changed by "Loop Detection". Note Effects of configuration using STEP 7 The configuration of Spanning Tree can be changed if you configure "Loop Detection" using STEP 7. If you enable "Loop Detection" on a port with STEP 7, Spanning Tree is automatically disabled on this port. If you disable "Loop Detection" for the port again with STEP 7 Spanning Tree is not automatically enabled. Enable Spanning Tree with the WBM or CLI. Link aggregation Bundling network connections for redundancy and higher bandwidth A link aggregation according to IEEE 802.3ad allows several connections between neighboring devices to be bundled to achieve higher bandwidths and to protect against failure. Ports on both partner devices are included in link aggregations and the devices are then connected via these ports. To assign ports (in other words links) correctly to a partner device, the Link Aggregation Control Protocol (LACP) from the IEEE 802.3ad standard is used. Note When a port is assigned to a link aggregation but is not active (e.g. link down), the values displayed may differ from the values configured for the link aggregation. If the port in the link aggregation becomes active, individual port configurations such as DCP forwarding are overwritten with the configured values of the link aggregation. Settings The table has the following columns: Port Shows the virtual port number of this link aggregation. This identifier is assigned internally by the firmware. Link Aggregation Name Enter a name for the link aggregation. This name can be specified by the user during configuration. The name is not absolutely necessary but can be useful to distinguish between the various link aggregations. 1322 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MAC Address Shows the MAC address. Status Enable or disable link aggregation. MTU Specify the packet size. LACP - on Enables the sending of LACP frames. - off Disables the sending of LACP frames. Frame Distribution Set the type of distribution of packets on the individual links of an aggregation. - Destination&Source Mac The distribution is based on a combination of the destination and source MAC address. - Destination&Source IP-MAC The distribution is based on a combination of the destination and source IP address and MAC address. WinCC Advanced V14 System Manual, 10/2016 1323 Editing devices and networks 10.1 Configuring devices and networks VLAN Mode Specify how the link aggregation is entered in a VLAN: - Hybrid The link aggregation sends tagged and untagged frames. It is not automatically a member of a VLAN. - Trunk The link aggregation only sends tagged frames and is automatically a member of all VLANs. Port Shows the ports that belong to this link aggregation. The following values can be selected from the drop-down list: - "-" (disabled) Link aggregation is disabled. - "a" (active) The port sends LACP frames and is only involved in the link aggregation when LACP frames are received. - "p" (passive) The port is only involved in the link aggregation when LACP frames are received. - o" (on) The port is involved in the link aggregation and does not send any LACP frames. Note Within a "link aggregation", only ports with the following configuration are possible: all ports with "o" all ports with "a" or "p". Note If you add a configured port to a link aggregation, the port adopts the configuration of the link aggregation. If you take the port out of the link aggregation, the settings of the port are reset to the factory settings. See also General (Page 1311) 1324 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks DCP forwarding Applications The DCP protocol is used by STEP 7 and the PST Tool for configuration and diagnostics. When shipped, DCP is enabled on all ports; in other words, DCP frames are forwarded at all ports. With this option, you can disable the sending of these frames for individual ports, for example to prevent individual parts of the network from being configured with the PST Tool or to divide the full network into smaller parts for configuration and diagnostics. Note PNIO configuration Since DCP is a PROFINET protocol, the configuration created here is only effective with the VLAN associated with the TIA interface. All the ports of the device are displayed on this page. After each displayed port, there is a dropdown list for function selection. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting Specify whether the port should block or forward outgoing DCP frames. The following options are available: - forward DCP frames are forwarded at this port. - block No outgoing DCP frames are forwarded at this port. It is nevertheless still possible to receive via this port. WinCC Advanced V14 System Manual, 10/2016 1325 Editing devices and networks 10.1 Configuring devices and networks LLDP Identifying the network topology LLDP (Link Layer Discovery Protocol) is defined in the IEEE 802.AB standard. LLDP is a method used to discover the network topology. Network components exchange information with their neighbor devices using LLDP. Network components that support LLDP have an LLDP agent. The LLDP agent sends information about itself and receives information from connected devices at periodic intervals. The received information is stored in the MIB. Applications PROFINET uses the LLDP protocol for topology diagnostics. In the default setting, LLDP is enabled for all ports; in other words, LLDP frames are sent and received on all ports. With this function, you have the option of enabling or disabling sending and/or receiving per port. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the port. Setting Select whether or not the port will send or receive LLDP frames. The following options are available: - Rx This port can only receive LLDP frames. - Tx This port can only send LLDP frames. - Rx & Tx This port can receive and send LLDP frames. - "-" (disabled) This port can neither receive nor send LLDP frames. 1326 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks FMP Requirements To be able to use the Fiber Monitoring (FM) function, enable LLDP. The FM information is appended to the LLDP packets. You can only use Fiber Monitoring with transceivers capable of diagnostics. Devices and modules with transceivers capable of diagnostics have the supplement "FM" in the name. Monitoring optical links With Fiber Monitoring, you can monitor optical links. If you enable FM on an optical port, diagnostics information is sent via the port. In addition to sending, there is also a check to establish whether information is being received. Regardless of whether the IE switch receives diagnostics information, it monitors the received power and compares it with selectable power limits. If you connect two IE switches via optical ports with FM enabled, they exchange their diagnostics information. This also allows a power loss to be calculated. The power loss is also compared with selectable power limits. If the value of the received power or the power loss falls below a specified limit, an event is triggered. In "System > Events > Configuration", you can specify how the IE switch indicates the event. Settings Port Shows the available optical ports that support fiber monitoring. This depends on the transceivers. State Enable or disable FM. As default, the function is enabled. Rx Power [dBm] maintenance required (warning) Specify the value at which you are informed of the deterioration of the received power by a message of the severity level "Warning" The default value depends on the relevant pluggable transceiver. Rx Power [dBm] maintenance demanded (critical) Specify the value at which you are informed of the deterioration of the received power by a message of the severity level "Critical" The default value depends on the relevant pluggable transceiver. Power Loss [dB] maintenance required (warning) Enter the value at which you want to be informed about the power loss of the connection the first time. Power Loss [dB] maintenance demanded (critical) Enter the value at which you want to be informed about the power loss of the connection the second time. WinCC Advanced V14 System Manual, 10/2016 1327 Editing devices and networks 10.1 Configuring devices and networks Unicast Filter Address filtering This page shows the current content of the unicast filter table. This table lists the source addresses of unicast address frames. The displayed entries were made statically, in other words, the user set them. On this page, you also define the static unicast filters. Settings VLAN ID Select the VLAN ID in which you configure a new static MAC address. If nothing is set, "VLAN1" is set as the basic setting. MAC Address Enter the MAC address here. This table contains the following columns: VLAN ID Shows the VLAN-ID assigned to this MAC address. MAC Address Shows the MAC address of the node that the device has learned or the user has configured. Status Shows the status of each address entry: - static Configured by the user. Static addresses are stored permanently; in other words, they are not deleted when the aging time expires or when the switch is restarted. Port Shows the port via which the node with the specified address can be reached. Frames received by the device whose destination address matches this address will be forwarded to this port. Note You can only specify one port for unicast addresses. Learning Starting/stopping learning Note The page is only available if there is an online connection to the device. 1328 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks With the automatic learning function, all connected devices are automatically entered in the unicast filter table. As long as the "Start learning" function is enabled, all learned unicast addresses are created immediately as static unicast entries. The learning process is ended only after clicking the "Stop learning" button. With this method, learning can take a few minutes or several hours in larger networks before all nodes have really been learned. Only nodes that send packets during the learning phase are found. By subsequently enabling the Port Lock function, only packets from the nodes known after the end of the learning phase (static unicast entries) will be accepted at the relevant ports. Note If the Port Lock function was already active on individual ports prior to the automatic learning phase, no addresses will be learned on these ports. This makes it possible to restrict learning to certain ports. To do this, first enable the Port Lock function of the ports that are not intended to learn addresses. Settings Start learning Click the "Start learning" button to start the learning phase. The device now enters the addresses of connected devices until you stop the function. Stop learning Click the "Stop Learning" button to stop the learning phase. The learned entries are stored. Deleting all static unicast addresses Click the "Clear all static unicast addresses" button to delete all static entries. In large networks with numerous nodes, automatic learning may lead to a lot of undesired static entries. To avoid having to delete these individually, this button can be used to delete all static entries. This function is disabled during automatic learning. Note Depending on the number of entries involved, deleting may take some time. Locked ports Activating the access control On this page, you can block individual ports for unknown nodes. If the Port Lock function is enabled, packets arriving at this port from unknown MAC addresses are discarded immediately. Packets from known nodes are accepted by the port. Since ports with the port lock function enabled cannot learn any MAC addresses, learned addresses on these ports are automatically deleted after the port lock function is enabled. WinCC Advanced V14 System Manual, 10/2016 1329 Editing devices and networks 10.1 Configuring devices and networks Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting Enable or disable access the port lock function for the port. Blocking Blocking forwarding of unknown unicast frames On this page, you can block the forwarding of unknown unicast frames for individual ports. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting Enable or disable the blocking of unicast frames 1330 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Multicast Groups Multicast applications In the majority of cases, a frame is sent with a unicast address to a particular recipient. If an application sends the same data to several recipients, the amount of data can be reduced by sending the data using one multicast address. For some applications, there are fixed multicast addresses (NTP, IETF1 Audio, IETF1 Video etc.). Reducing network load In contrast to unicast frames, multicast frames represent a higher load for the device. Generally, multicast frames are sent to all ports. There are three ways of reducing the load caused by multicast frames: Static entry of the addresses in the multicast filter table. Dynamic entry of the addresses by listening in on IGMP parameter assignment frames (IGMP Configuration). Active dynamic assignment of addresses by GMRP frames. The result of all these methods is that multicast frames are sent only to ports for which an appropriate address is entered. "Information > Multicast" shows the multicast frames currently entered in the filter table and their destination ports. The displayed entries were made statically, in other words, the user set them. Settings VLAN ID Select the VLAN ID to be assigned to the MAC multicast address. MAC Address Here you enter a new MAC multicast address you want to configure. The table has the following columns: VLAN ID Shows VLAN ID of the VLAN to which the MAC multicast address is assigned. MAC Address Shows the MAC multicast address that the device has learned or the user has configured. WinCC Advanced V14 System Manual, 10/2016 1331 Editing devices and networks 10.1 Configuring devices and networks Status Shows the status of each address entry. - Static The address was entered statically by the user. Static addresses are stored permanently; in other words, they are not deleted when the aging time expires or when the device is restarted. These must be deleted by the user. List of ports There is a column for each slot. Within a column, the multicast group to which the port belongs is shown. The following selections are possible: - M (Member) Multicast frames are sent via this port. - F (Forbidden) Not a member of the multicast group. Moreover, this address must not be an address learned dynamically with GMRP or IGMP/MLD. - Not a member of the multicast group. No multicast frames with the defined multicast MAC address are sent via this port IGMP Function IE switches support "IGMP snooping" and the IGMP querier function. If "IGMP snooping" is enabled, IGMP frames are evaluated and the multicast filter table is updated with this information. If "IGMP Querier is also enabled, IE switches also send IGMP queries that trigger responses from IGMP-compliant nodes. IGMP Snooping Aging Time In this menu, you can configure the aging time for IGMP Configuration. When the time elapses, entries created by IGMP are deleted from the address table if they are not updated by a new IGMP frame. This applies to all ports; a port-specific configuration is not possible. IGMP Snooping Aging Time depending on the querier SCALANCE XR500 as IGMP querier: If a SCALANCE XR500 is used as an IGMP querier, the query interval is 125 seconds. For the "IGMP Snooping Aging Time", set at least 250 seconds. Other IGMP queriers If a different IGMP querier is used, the value of the "IGMP Snooping Aging Time" should be at least twice as long as the query interval. 1332 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings IGMP Snooping Enable or disable IGMP (Internet Group Management Protocol). The function allows the assignment of IP addresses to multicast groups. If the check box is selected, IGMP entries are included in the table and IGMP frames are forwarded. IGMP Snooping Aging Time Enter the value for the aging time in seconds in this box. IGMP Querier Enable or disable "IGMP Querier". The device sends IGMP queries. GMRP Enabling GMRP By selecting the check box, you specify whether or not GMRP is used for each individual port. If "GMRP" is disabled for a port, no registrations are made for it and it cannot send GMRP frames. Settings GMRP Enable or disable the GMRP function. Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the settings are adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports and the link aggregations. Setting Enable or disable GMRP for the port or for the link aggregation. Blocking On this page, you can block the forwarding of unknown multicast frames for individual ports. WinCC Advanced V14 System Manual, 10/2016 1333 Editing devices and networks 10.1 Configuring devices and networks Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting Enable or disable the blocking of multicast frames. MLD Mulitcast Listener Discovery Devices support "MLD snooping" and the "MLD querier" function. If "MLD snooping" is enabled, MLD frames are evaluated and the multicast filter table is updated with this information. If "IGMP querier is also enabled, IE switches also send MLD queries that trigger responses from MLD-compliant nodes. With MLD snooping, MLD frames are only forwarded to the intended multicast listeners instead of being flooded to all ports. For MLD snooping to work, you need to enable the function globally and in the VLANs. MLD Snooping Aging Time On this page, you can configure the aging time for MLD configuration. When the time elapses, entries created by MLD are deleted from the address table if they are not updated by a new MLD packet. This applies to all VLANS; a VLAN-specific configuration is not possible. Settings MLD Snooping Enable or disable MLD on the device. MLD Snooping Aging Time Enter the time after which entries generated by MLD are deleted from the multicast filter table. Assuming that this is not updated by a new MLD packet. This applies to all VLANS; a VLAN-specific configuration is not possible 1334 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 1 has the following columns: 1st column Shows that the settings are valid for all VLANs of table 2. Snooping / Querier Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Copy to Table If you click the button, the settings are adopted for all ports of table 2. Table 2 has the following columns: VLAN Shows the VLAN to which the settings relate Snooping Enable or disable MLD for the required VLAN. When enabled, the MLD entries are included the multicast filter table and MLD packets are forwarded. Querier Enable or disable sending of MLD queries Broadcast Blocking the forwarding of broadcast frames On this page, you can block the forwarding of broadcast frames for individual ports. Note Some communication protocols work only with the support of broadcast. In these cases, blocking can lead to loss of data communication. Block broadcast only when you are sure that you do not need it. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port All available ports and the link aggregations are shown. Setting Enable or disable the blocking of broadcast frames. WinCC Advanced V14 System Manual, 10/2016 1335 Editing devices and networks 10.1 Configuring devices and networks PTP General Note The following devices support time-of-day synchronization with PTP: SCALANCE XR528-6M SCALANCE XR552-12M IEEE 1588 with SCALANCE devices The IEEE 1588v2 standard defines mechanisms with which highly precise time-of-day synchronization of devices in a network can be achieved. SCALANCE devices with suitable hardware support time synchronization according to IEEE 1588v2. The functionality is disabled on these devices when they are shipped and following a "Reset to factory defaults". To be able to use PTP, enable this function and configure every port that is on the synchronization path as well as ports that are blocked due to redundancy mechanisms. PTP can also be used with redundancy mechanisms in the ring such as HRP, standby linking of rings, MRP and RSTP. Setting 1588 Mode You can make the following settings: - off The device does not process any PTP messages. PTP messages are, however, forwarded according to the rules of the device. - transparent The device adopts the function of a transparent clock and forwards PTP messages to other nodes while at the same time making entries in the correction field of the PTP message. TC general 1588 Transparent Clock On this page, you specify the general settings for PTP. 1336 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Delay Mechanism Specify the delay mechanism the device will work with: - End-to-end(delay request response mechanism will be used) Note With end-to-end synchronization with more than 2 slaves, freak values > 100 ns can occur in the offset. - Peer-to-peer (peer delay mechanism will be used) Domain Number Enter the domain number for the device. The device ignores PTP messages with a different domain number. A SCALANCE device can only be assigned to one synchronization domain. TC port On this page, you specify the ports that can process PTP messages. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. Setting / Transport Mechanism Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the settings are adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports. Setting The port status. The following entries are possible: - Enabled The port is not involved in PTP. - Disabled The port processes PTP messages. WinCC Advanced V14 System Manual, 10/2016 1337 Editing devices and networks 10.1 Configuring devices and networks Faulty Flag Shows error status relating to PTP. - true An error occurred. - false No error has occurred on this port. Transport Mechanism Specifies the protocol for transferring the PTP messages. This protocol must also be supported by the communications partner of the port - Ethernet - UDP IPv4 RMON Statistics Statistics On this page you can specify the ports for which RMON statistics are displayed. The RMON statistics are shown on the page "Information > Ethernet Statistics" in "Packet Size", "Frame Type" and "Packet Errror". Settings RMON When enabled, Remote Monitoring (RMON) allows diagnostics data to be collected on the device, prepared and read out using SNMP by a network management station that also supports RMON. This diagnostic data, for example port-related load trends, allow problems in the network to be detected early and eliminated. Note If you disable RMON, these statistics are not deleted but retain their last status. Port Select the ports for which statistics will be displayed. The table has the following columns: Port Shows the ports for which statistics will be displayed. 1338 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks History Samples of the statistics On this page, you can specify whether or not samples of the statistics are saved for a port. You can specify how many entries should be saved and at which intervals samples should be taken. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Setting/Buckets/Interval Select the required settings. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the settings are adopted for all ports of table 2. Table 2 has the following columns: Port Shows the port to which the settings relate. Setting Enable or disable the recording of the history on the relevant port. Entries Enter the maximum number of samples to be stored at the same time. Interval [s] Enter the interval after which the current status of the statistics will be saved as a sample. Configuring layer 3 functions for IPv4 Configuration The page contains the overview of the layer 3 functions for IPv4 of the device. On this page, you enable or disable the required layer 3 function. The functions "Routing", "VRRP", "RIP" and "OSPF" are only available with layer 3. WinCC Advanced V14 System Manual, 10/2016 1339 Editing devices and networks 10.1 Configuring devices and networks Settings Routing(only available with devices with a layer 3 license) - Enabled IPv4 routing is enabled. You can only enable the routing function if DHCP is disabled on all configured interfaces. - Disabled IPv4 routing is disabled. If IPv6 routing is enabled on the device, this is also disabled. DHCP Relay Agent Enable or disable the DHCP relay agent. You can configure other settings in "Layer 3 (IPv4)> DHCP Relay Agent". VRRP (only available with devices with a layer 3 license) Enable or disable routing using VRRP. To use VRRP, first enable the routing function. You can configure other settings in "Layer 3 (IPv4) > VRRP". OSPF (only available with devices with a layer 3 license) Enable or disable routing using VRRP. To use VRRP, first enable the routing function. You can configure other settings in "Layer 3 (IPv4) > VRRP". RIP (only available with devices with a layer 3 license) Enable or disable routing using RIP. To use RIP , first enable the routing function. You can configure other settings in "Layer 3 (IPv4) > RIP". Subnets Overview (IPv4) Subnet The page shows the subnets for the selected interface. If more than one subnet is available on an interface, the first entry of this interface is of the address type "Primary". All other subnets have the address type "Secondary". A subnet always relates to an interface. You configure the interface in "Layer 3 (IPv4) > Configuration". Settings Interface Select the interface on which you want to configure another subnet. The table has the following columns: Interface Shows the interface. TIA Interface Shows whether or not the entry is a TIA interface. Interface Name Shows the name of the interface. 1340 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MAC Address Shows the MAC address. IP Address Shows the IPv4 address of the subnet. Subnet Mask Shows the subnet mask. Address Type Shows the address type. The following values are possible: - Primary The first IPv4 address that was configured on an IP interface. - Secondary All other IPv4 addresses that were configured on an interface. IP Assignment Method Shows how the IPv4 address is assigned. - Static The IP address is static. You enter the IP settings in "IP Address" and "Subnet Mask". - Automatic (DHCP) The device obtains a dynamic IPv4 address from a DHCP server. Address Collision Detection Status If new IPv4 addresses become active in the network, this function checks whether this can result in address collisions. With this function, IPv4 addresses that will be assigned twice can be detected. Shows the status of the "Detection of address collisions" function. Note The function does not run a cyclic check. - Idle The interface is not enabled and does not have an IP address. - Starting This status indicates the start-up phase. In this phase, the device initially sends a query as to whether the planned IP address already exists. If the address is not yet been assigned, the device sends the message that it is using this IP address as of now. - Conflict The interface is not enabled. The interface is attempting to use an IP address that is already been assigned. - Defending The interface uses a unique IP address. Another interface is attempting to use the same IP address. - Active The interface uses a unique IP address. There are no collisions. - Not supported The function for detection of address collisions is not supported. WinCC Advanced V14 System Manual, 10/2016 1341 Editing devices and networks 10.1 Configuring devices and networks Configuration On this page, you configure the subnet. You create the subnet in "Layer 3 > Subnets > Overview". Settings Interface (Name) Select the required interface. Interface Name Enter a name for the interface. MAC Address (only available online) Shows the MAC address of the selected interface DHCP Enable or disable the DHCP client for this IPv4 interface. Note If you want to operate the device as a router with several interfaces, disable DHCP on all interfaces. IP Address Enter the IPv4 address of the subnet. The IPv4 address must not be used more than once. Subnet Mask Enter the subnet mask of the subnet you are creating. Subnets on different interfaces must not overlap. Address Type Shows the address type. The following values are possible: - Primary The first subnet of the interface. - Secondary All other subnets of the interface. TIA Interface Enable or disable the setting. The following conditions apply to the TIA interface: - Only interfaces with the address type "Primary" can be enabled as the TIA interface. - There must only ever be one TIA interface. - There can only be one TIA interface. - A TIA interface is always a VLAN interface. TIA interface and PROFINET interface The IP address of the TIA interface is linked to the IP address located in the parameter group "Properties > General > PROFINET interface > Ethernet addresses". Both IP addresses always have the same value. If you change the value of one IP address, the other IP address changes accordingly. 1342 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks TIA Interface The TIA interface is the interface via which all PROFINET functions of the IE switch are handled. TIA interface is the name of the IP address for PROFINET from the perspective of the IE switch. PROFINET interface You make the IP setting of the PROFINET device in TIA under PROFINET interface. PROFINET interface is the name of the IP address for PROFINET from the perspective of the TIA Portal. Routes (IPv4) Static route On this page, you create the static IPv4 routes. Settings Destination Network Enter the network address of the destination that can be reached via this route. Subnet Mask Enter the corresponding subnet mask. Gateway Enter the IPv4 address of the gateway via which this network address is reachable. Metric Enter the metric for the route. The metric corresponds to the quality of a connection, for example speed, costs. If there are several equal routes, the route with the lowest metric value is used. The table has the following columns: Destination Network Shows the network address of the destination. Subnet Mask Shows the corresponding subnet mask. Gateway Shows the IPv4 address of the next gateway. Interface (only available online) Shows the Interface of the route. Metric Enter the metric for the route. When creating the route, "not used" is entered automatically. The metric corresponds to the quality of a connection, for example speed, costs. If there are several equal routes, the route with the lowest metric value is used. State (only available online) Shows whether or not the route is active. WinCC Advanced V14 System Manual, 10/2016 1343 Editing devices and networks 10.1 Configuring devices and networks Route maps General (IPv4) Route maps With route maps, you control how routing information is further processed. You can filter routing information and specify whether the information is further processed, modified or discarded. Route maps operate according to the following principle: Routing information is compared with the filters of the route maps. The comparison is continued until the filters of a route map match the properties of an item of information. The information is then processed according to the route map settings: - The routing information is discarded. - The properties of the routing information are changed. Settings Name Enter the name for the route map. Sequence No Enter a number for the route map. You can create several route maps with the same name but with different sequence numbers. The sequence numbers then specify the order in which the route maps are processed. The table has the following columns: Name Shows the name of the route map. Sequence No Shows the sequence number of the route map. Action Specify what happens to the routing information that matches the settings of the route map: - permit The routing information is further processed according to the settings you make on the "Set" page. - deny The routing information is discarded. Interface & Value Match (IPv4) On this page, you specify whether or not the routing information for a route map is filtered according to interfaces, metric or tags. 1344 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Route Map (name/seq. no.) Select a route map. The created route maps are available to you. Type Select the basis for the filtering: - Interface - Metric - Tag Interface Select an interface. Only active if you have selected the "Interface" entry for "Type". Metric Enter a value for the metric. Only active if you have selected the "Metric" entry for "Type". Tag Enter a value for the tag. Only active if you have selected the "Tag" entry for "Type". Route Type Select the type of the route. - Local The routing information for the route map is filtered according to directly connected routes (local interfaces). - Remote The routing information for the route map is filtered according to learned or statically configured routes. This box is active only if i you have selected the entry "Route Type in the "Type" drop-down list. The table has the following columns: Type Shows the selected type: - Interface - Metric - Tag - Route Type Value Shows the selected interface, the value of the metric or of the tag. Destination Match (IPv4) On this page, you specify whether or not the routing information for a route map is filtered based on the destination IPv4 address. WinCC Advanced V14 System Manual, 10/2016 1345 Editing devices and networks 10.1 Configuring devices and networks Settings Route Map (name/seq. no.) Select a route map. IP Address Enter the IPv4 address of the destination on which the filtering is based. Subnet Mask Enter the subnet mask of the destination on which the filtering is based. The table has the following columns: IP Address Shows the IPv4 address of the destination. Subnet mask/prefix Shows the subnet mask of the destination. Next Hop Match (IPv4) On this page, you specify whether or not the filtering for a route map will be based on the router to which the routing information is sent next. Settings Route Map (name/seq. no.) Select a route map. IP Address Enter the IP address of the router to which the routing information will be sent next. The table has the following columns: IP Address Shows the IP address of the next router. Set (IPv4) On this page, you specify whether or not the routing information will be changed by a route map. If, for example, you have filtered based on a certain metric, you can change the value of the metric here. The routing information is then forwarded with the new value. You can only change the information of a "Permit" route map. Settings Route Map (name/seq. no.) Select a route map. 1346 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Name Shows the name of the route map. Sequence No Shows the sequence number of the route map. Metric Enter the new value for the metric with which the routing information will be forwarded. Tag Enter the new value for the tag with which the routing information will be forwarded. DHCP Relay Agent General If the DHCP server is in a different network, the device cannot reach the DHCP server. The DHCP relay agent intercedes between a DHCP server and the device. The DHCP relay agent forwards the port number of the device with the DHCP query to the DHCP server. If a DHCP server is unreachable, the device can switch to a different DHCP server. Settings DHCP Relay Agent (Opt. 82) Enable or disable the DHCP relay agent. Server IP Address Enter the IPv4 address of the DHCP server. The table has the following columns: Server IP Address Shows the IPv4 address of the DHCP server. Option Parameters of the DHCP relay agent On this page, you can specify parameters for the DHCP server, for example the circuit ID. The circuit ID describes the origin of the DHCP query, for example which port received the DHCP query. You specify the DHCP server on the "General" tab. WinCC Advanced V14 System Manual, 10/2016 1347 Editing devices and networks 10.1 Configuring devices and networks Settings Global configuration Circuit ID router index Enable or disable the setting. When enabled, the router index is added to the generated circuit ID. Circuit ID recipient VLAN ID Enable or disable the setting. When enabled, the VLAN ID is added to the generated circuit ID. Circuit ID receiving port Enable or disable the setting. When enabled, the receiving port is added to the generated circuit ID. Note You need to select a least one option. Remote ID Shows the device ID. Interface-specific configuration Interface Select the required IPv4 interface. 1348 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Interface Shows the interface. Note If you have not created an interface-specific configuration, the global configuration with the MAC address is used as the device ID. Remote ID type Select the type of the device ID. You have the following options: - IP Address The IPv4 address of the device is used as the device ID. Note No automatic updating There is no link between the "Remote ID" box and the currently set IP address. If the IP address is changed, the new IP address is not entered in the "Remote ID" box automatically. Only the value of the "Remote ID Type" box changes to "Free Text". To use the current IP address again, select "IP Address" again in the "Remote ID Type" box. - MAC Address The MAC address of the device is used as the device ID. - Free Text If you use "Free Text", you can enter the device name as the device identifier in the "Remote ID" box. Remote ID Enter the device name. Can only be edited if you select the entry "Free Text" for "Remote ID Type". Circuit ID Type Select the type of circuit ID from the drop-down list. You have the following options: - Predefined The circuit ID is created automatically based on the router index, VLAN ID or port. - Free Number If you use "Free Number", you can enter the ID for "Circuit ID". Circuit ID Enter the circuit ID. Can only be edited if you select the "Free Number" entry for the "Circuit ID Type". WinCC Advanced V14 System Manual, 10/2016 1349 Editing devices and networks 10.1 Configuring devices and networks VRRP Router On this page, you create virtual routers. You can configure other parameters in "Layer 3 (IPv4) > VRRP > Configuration". Note VRRP is available only on layer 3. VRRP can only be used in conjunction with VLAN interfaces. Router ports are not supported. Simultaneous operation of VRRP and VRRPv3 is not possible. Select "VRRP" to configure VRRP Settings The following settings are available: VRRP Enable or disable routing using VRRP. Reply to pings on virtual interfaces When enabled, the virtual IPv4 addresses also reply to the ping. Track Enable or disable VRID tracking. When enabled, all interfaces of a VRID are monitored. When the link of an interface changes from "up" to "down", the priority of all VRRP interfaces with the same VRID is reduced to the value "0". When the link of an interface changes back from "down" to "up", the original priority of the VRRP interfaces is restored. Interface Select the required VLAN interface operating as virtual router. VRID Enter the ID of the virtual router. This ID defines the group of routers that form a virtual router (VR). In the group, this is the same. it can no longer be used for other groups. The table has the following columns: Interface Shows the Interface that functions as the virtual router. VRID Shows the ID of the virtual router. Virtual MAC Address Shows the virtual MAC address of the virtual router. Primary IP Address Shows the numerically lowest IPv4 address in this VLAN. The entry 0.0.0.0 means that the "Primary" address on this VLAN is used. Otherwise all IPv4 addresses configured in this VLAN in "Layer 3 (IPv4) > Subnets" are valid values. 1350 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Router Status Shows the current status of the virtual router. Possible values are as follows: - Master The router is the master router and handles the routing functionality for all assigned IP addresses. - Backup The router is the backup router. If the master router fails, the backup router takes over the tasks of the master router. - Initialize The virtual router has just been turned on. It will soon change to the "Master" or "Backup" status. Master IP Address (only available online) Shows the IPv4 address of the master router. Priority Shows the priority of the virtual router. If an IPv4 address is assigned to the VRRP router that is also actually configured on the local IPv4 interface, the value 255 is entered automatically. All other priorities can be distributed freely among the VRRP routers. The higher the priority, the earlier the VRRP router becomes "Master". Advert. Interval Shows the interval at which the master router sends VRRP packets. Preempt Shows the precedence of a router when changing roles between backup and master. - yes This router has precedence when changing roles. - no This router does not have precedence when changing roles. Configuration Introduction On this page, you configure the virtual router. Note VRRP is available only on layer 3. WinCC Advanced V14 System Manual, 10/2016 1351 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed values The page contains the following boxes: Interface / VRID Select the ID of the virtual router to be configured. Primary IP Address Select the numerically lowest IPv4 address: If the router becomes master router, the router uses this IPv4 address. Note If you only configure one subnet on this VLAN, no entry is necessary. The entry is then 0.0.0.0. If you configure more than one subnet on the VLAN and you want a specific IPv4 address to be used as the source address for VRRP packets, select the IPv4 address from the dropdown list. Otherwise, the numerically lowest IPv4 address will be used. Master If this option is enabled, the numerically lowest IPv4 address is entered for "Associated IP Address". This means that the highest priority IPv4 address of the VRRP router is used as the virtual IP address of the virtual master router. The backup routers in this group must disable the option and use the IPv4 address of the router in "Associated IP address". Priority Enter the priority of this virtual router. If an IPv4 address is assigned to the VRRP router that is also actually configured on the local IPv4 interface, the value 255 is entered automatically. All other priorities can be distributed freely among the VRRP routers. The higher the priority, the earlier the VRRP router becomes "Master". Advertisement Interval Enter the interval in seconds after which a master router sends a VRRP packet again. Preempt lower priority Master Allow the precedence when changing roles between backup and master based on the selection process. Track ID Select a track ID. Decrement Priority Enter the value by which priority of the VRRP interface will be reduced. Current Priority Shows the priority of the VRRP interface after the monitored interface has changed to the "down" status. 1352 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Address overview Overview This page shows which IPv4 addresses the virtual router monitors. Note VRRP is available only on layer 3. Settings The table has the following columns: Interface Shows the Interface that functions as the virtual router. VRID Shows the ID of this virtual router. Number of Addresses Shows the number of IPv4 addresses. Associated IP Address (1) ... Associated IP Address (4) Shows the router IPv4 addresses monitored by this virtual router. If a router takes over the role of master, the routing function is taken over by this router for all these IPv4 addresses. Address configuration Note VRRP is available only on layer 3. Settings The following settings are possible: Interface / VRID Select the required virtual router. Associated IP Address Enter the IPv4 address that the virtual router will monitor. The table has the following columns: Associated IP Address Shows the IPv4 addresses that the virtual router monitors. WinCC Advanced V14 System Manual, 10/2016 1353 Editing devices and networks 10.1 Configuring devices and networks Interface Tracking Introduction On this page, you configure the monitoring of interfaces. When the link of a monitored interface changes from "up" to "down", the priority of the assigned VRRP interface is reduced. You configure the value by which the priority is reduced on the page "Layer 3 > VRRP/VRRPv3 > Configuration". When the link of the interface changes back from "down" to "up", the original priority of the VRRP interface is restored. Note This function is available only with layer 3. Description of the displayed values The page contains the following boxes: Interface From the drop-down list, select the interface to be monitored. Track ID Enter a track ID. Track ID Select a track ID. Track Interface Count Enter how many monitored interfaces need to change to the "down" status, before the priority is changed. The table has the following columns: Select Select the check box in the row to be deleted. Track ID Shows the track ID. Interface Shows the interface that is being monitored. 1354 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks VRRPv3 Router (IPv4) Introduction On this page, you create new virtual routers. You can configure other parameters in "Layer 3 (IPv4) > VRRPv3 > Configuration". Note This function is available only with layer 3. Simultaneous operation of VRRP and VRRPv3 is not possible. Select the "VRRPv3" check box to configure VRRPv3. You can use VRRPv3 on VLAN interfaces. Router ports are not supported. Settings VRRPv3 Enable or disable routing using VRRPv3. Can only be enabled when "Layer 3 (IPv6) > Configuration" "IPv6 Routing" is enabled. Reply to pings on virtual interfaces When enabled, the virtual IPv4 addresses also reply to the ping. Track Enable or disable VRID tracking. When enabled, all interfaces of a VRID are monitored. When the link of an interface changes from "up" to "down", the priority of all VRRP interfaces with the same VRID is reduced to the value "0". When the link of an interface changes back from "down" to "up", the original priority of the VRRP interfaces is restored. Interface Select the required VLAN interface operating as virtual router. VRID Enter the ID of the virtual router. This ID defines the group of routers that form a virtual router (VR). In the group, this is the same. It can no longer be used for other groups. The table has the following columns: Interface Shows the IPv4 interface that functions as the virtual router. VRID Shows the ID of the virtual router. Virtual MAC Address Shows the virtual MAC address of the virtual router. WinCC Advanced V14 System Manual, 10/2016 1355 Editing devices and networks 10.1 Configuring devices and networks Primary IP Address Shows the numerically lowest IPv4 address in this VLAN. The entry 0.0.0.0 means that the "Primary" address on this VLAN is used. Otherwise all IPv4 addresses configured on this VLAN in the "Layer 3 (IPv4) > Subnets" menu are valid values. Router State Shows the current status of the virtual router. Possible values are: - Master The router is the master router and handles the routing functionality for all assigned IPv4 addresses. - Backup The router is the backup router. If the master router fails, the backup router takes over the tasks of the master router. - Initialize The virtual router has just been turned on. It will soon change to the "Master" or "Backup" state. Master IP Address Shows the IPv4 address of the master router. Priority Shows the priority of the virtual router. If an IPv4 address is assigned to the VRRP router that is also actually configured on the local IPv4 interface, the value 255 is entered automatically. All other priorities can be distributed freely among the VRRP routers. The higher the priority, the earlier the VRRP router becomes "Master". Advert. Interval Shows the interval at which the master router sends VRRPv3 packets. Preempt Shows the precedence of a router when changing roles between backup and master. - yes This router has precedence when changing roles. - no This router does not have precedence when changing roles. Configuration (IPv4) Introduction On this page, you configure the virtual router. Note This function is available only with layer 3. 1356 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The page contains the following: Interface / VRID Select the ID of the virtual router to be configured. Primary Address Select the primary IPv4 address. If the router becomes master router, the router uses this IPv4 address. Note If you only configure one subnet on this VLAN, no entry is necessary. The entry is then 0.0.0.0. If you configure more than one subnet on the VLAN and you want a specific IPv4 address to be used as the source address for VRRP packets, select the IPv4 address. Otherwise, the numerically lowest IPv4 address will be used. Master If enabled, the numerically lowest IPv4 address is entered for "Associated IP Address". This means that the numerically lowest IPv4 address of the VRRP router is used as the virtual IP address of the virtual master router. The backup routers in this group must disable the option and use the IPv4 address of the router in "Associated IP address". Priority Enter the priority of this virtual router. Valid values are 1-254. If an IPv4 address is assigned to the VRRPv3 router that is also actually configured on the local IPv4 interface, the value 255 is entered automatically. All other priorities can be distributed freely among the VRRPv3 routers. The higher the priority, the earlier the VRRPv3 router becomes "Master". Advertisement interval Enter the interval in seconds after which a master router sends a VRRPv3 packet again. Preempt lower priority Master. Allow precedence when changing roles between backup and master based on the selection process. VRRP Compatible Mode When enabled, the VRRPv3 router also sends and receives VRRPv2 frames in addition to VRRPv3 frames for configured IPv4 addresses. Only necessary when some VRRP routers do not support VRRPv3 Track ID Select a track ID. Decrement Priority Enter the value by which priority of the VRRP interface will be reduced. Current Priority Shows the priority of the VRRP interface after the monitored interface has changed to the "down" status. WinCC Advanced V14 System Manual, 10/2016 1357 Editing devices and networks 10.1 Configuring devices and networks Addresses Overview (IPv4) Overview This page shows which IPv4 addresses the virtual router monitors. Each virtual router can monitor a maximum of 10 IPv4 addresses. Note This function is available only with layer 3. Settings The table has the following columns: Interface Shows the Interface that functions as the virtual router. VRID Shows the ID of this virtual router. Number of Addresses Shows the number of IPv4 addresses. Associated IP Address (1) ...Associated IP Address (10) Shows the router IPv4 addresses monitored by this virtual router. If a router takes over the role of master, the routing function is taken over by this router for all these IPv4 addresses. Addresses Configuration (IPv4) Creating or changing the monitored IP addresses On this page, you can create, modify or delete the IPv4 addresses to be monitored. Note This function is available only with layer 3. Settings The page contains the following: Interface / VRID Select the ID of the virtual router. Associated IP Address Enter the IPv4 address that the virtual router will monitor. The table has the following columns: Associated IP Address Shows the IPv4 addresses that the virtual router monitors. 1358 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interface Tracking (IPv4) Introduction On this page, you configure the monitoring of interfaces. When the link of a monitored interface changes from "up" to "down", the priority of the assigned VRRP interface is reduced. You configure the value by which the priority is reduced on the page "Layer 3 > VRRP/VRRPv3 > Configuration". When the link of the interface changes back from "down" to "up", the original priority of the VRRP interface is restored. Note This function is available only with layer 3. Description of the displayed values The page contains the following boxes: Interface From the drop-down list, select the interface to be monitored. Track ID Enter a track ID. Track ID Select a track ID. Track Interface Count Enter how many monitored interfaces need to change to the "down" status, before the priority is changed. The table has the following columns: Select Select the check box in the row to be deleted. Track ID Shows the track ID. Interface Shows the interface that is being monitored. WinCC Advanced V14 System Manual, 10/2016 1359 Editing devices and networks 10.1 Configuring devices and networks OSPFv2 Configuration Introduction On this page, you configure routing with OSPF. Note OSPF is available only on layer 3. Settings OSPFv2 Enable or disable routing using OSPFv2. Router ID Enter the name of one of the OSPFv2 interfaces. The name is entered in the IP address format and does not need to match the local IP address. OSPFv2 RFC1583 Compatibility Enable the option if you still have old OSPFv2 routers in operation that are not compatible with RFC 2328. Border Router Displays the status of the OSPFv2 router. If the local system is an active member in at least 2 areas, this is an area border router. AS Border Router Specify whether the router is an AS border router. An AS border router intercedes between multiple autonomous systems, for example if you have an additional RIP network. An AS border router is also necessary to add and to distribute static routes. New LSA Received (only available online) Shows the number of received LSAs. Updates and local LSAs are not counted. New LSA Configured (only available online) Number of different LSAs sent by this local system. External LSA Maximum To limit the number of entries of external LSAs in the database, enter the maximum number of external LSAs. Exit Interval [s] Enter the interval after which the OSPFv2 router once again attempts to come out of the overflow status. A 0 means that the OSPFv3 router attempts to exit the overflow status only following a restart. Inbound Filter Select a route map that filters inbound routes. 1360 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Redistribute Routes Specify which known routes are distributed using OSPFv2. You can make different decisions for the route types Default, Connected and Static. Note The settings can only be enabled on an AS border router. Enabling the Default and Static options, in particular, can cause problems if they are enabled at too many points in the network, for example, forwarding loops. Route Map Select a route map that filters which routes are forwarded using OSPFv2. Areas Overview An autonomous system can be divided into smaller areas. On this page, you can view, create, modify or delete the areas of the router. Note OSPF is available only on layer 3. Settings Area ID Enter the designation of the area. The database is synchronized for all routers of an area. The area ID must be unique in the network. The area identifier is a 32-bit number with the following format: x.x.x.x where x = 0 ... 255 The area ID 0.0.0.0 is reserved for the backbone area and cannot be deleted. This table contains the following columns: Area ID Shows the ID of the area. Area Type Select the area type from the drop-down list. - Normal - Stub - NSSA - Backbone Summary Specify whether summary LSAs are generated for this area. - Summary: Summary LSAs are sent to the area. - No Summary: Summary LSAs are not sent to the area. WinCC Advanced V14 System Manual, 10/2016 1361 Editing devices and networks 10.1 Configuring devices and networks Metric Displays the costs for the OSPFv2 interface. Updates Shows the number of recalculations of the routing tables. LSA Count Shows the number of LSAs in the database. Area BR Shows the number of reachable area border routers (ABR) within this area. AS BR Shows the number of reachable autonomous system border routers (ASBR) in this area. Area range Creating a new OSPFv2 area range On this page, networks can be grouped together under one area ID. The method is used only with area border routers. This means that an area border router only advertises one route for grouped areas to the outside. Note OSPF is available only on layer 3. Settings Area ID Select the area ID of the area. You configure the ID in "Layer 3 > OSPFv2 > Areas". Subnet Address Enter the IPv4 address of the network that will be grouped. Subnet Mask Enter the subnet mask of the network that will be grouped. This table contains the following columns: Area ID Shows the ID of the area. Subnet Address Shows the IPv4 address of the network that will be grouped with other networks. Subnet Mask Shows the subnet mask of the network that will be grouped with other networks. Advertise Enable this setting to advertise the grouped network. 1362 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interfaces Overview On this page, you can configure OSPFv2 interfaces. Note OSPF is available only on layer 3. Settings IP Address Select the IPv4 address of the OSPFv2 interface. Area ID Select the area ID of the area with which the OSPFv2 interface is connected. Note For the secondary interface select the same Area ID as for the corresponding primary interface. The information whether a primary or secondary interface is involved can be found in the "Address Type" column on the "Layer 3 (IPv4) > Subnets > Overview" page. This table contains the following columns: IP Address Shows the IPv4 address of the OSPFv2 interface Area ID Select the area ID of the area with which the OSPFv2 interface is connected. OSPF Status Specify whether or not OSPFv2 is active on the interface. - Enabled: OSPFv2 is enabled on the interface. - Disabled: OSPFv2 is disabled on the interface. Metric Enter the costs for the OSPFv2 interface. Priority Enter the router priority. The priority is only relevant for selecting the designated router or designated border router. This parameter can be selected differently on routers within the same subnet. Trans. Delay Enter the required delay when sending a connection update. Retrans. Delay Enter the time after which an OSPFv2 packet is transferred again if no confirmation was received. WinCC Advanced V14 System Manual, 10/2016 1363 Editing devices and networks 10.1 Configuring devices and networks Hello Interval Enter the interval between two Hello packets. Dead Interval Enter the interval after which the neighbor router is marked as "failed" if no more Hello packets are received from it during this time. Interface authentication Configuring the interface login On this page, you define the authentication of the interface. Note OSPF is available only on layer 3. Settings OSPF Interface Select the OSPFv2 interface for which you want to configure authentication. Authentication type Select the authentication method of the OSPF interface. You have the following options: - None: No authentication - simple: Authentication using an unencrypted password - MD5: Authentication using MD5 Simple authentication Password Enter a password. Confirmation Confirm the entered password. MD5 authentication Authentication Key ID Enter the identifier of the MD5 authentication key. Enter the ID for MD5 authentication with which the password will be used as a key. Since the key ID is transferred with the protocol, the same key must be stored under the same key ID on all neighboring routers. The table has the following columns: Authentication Key ID Can only be edited if you set the MD5 authentication method. It is only possible to use several keys there. MD5 Key Enter the MD5 key. 1364 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Confirm MD5 Key Confirm the entered key. Youngest Key ID (only available online) Shows whether or not the MD5 key is the latest key ID. Virtual links Overview Due to the protocol, each area border router must have access to the backbone area. If a router is not connected directly to the backbone area, a virtual link to it is created. Note OSPF is available only on layer 3. Note Note that when creating a virtual link both the transit area and the backbone area must already be configured. the virtual link must be configured identically at both ends. Settings Virtual links are not effective unless the device is an ABR. (only available online) This is displayed when at least one virtual link entry is configured and the device is not an area border router. Neighbor Router ID Enter the ID of the neighbor router at the other end of the virtual connection. Transit Area ID Select the ID of the area that connects the two routers. This table contains the following columns: Transit Area ID Shows the ID via which the two routers are connected. Neighbor Router ID Shows the ID of the neighbor router at the other end of the virtual connection. Virt. Link Status Specify the status of the virtual link. The following statuses are possible: - down: The virtual link is inactive. - point-to-point: The virtual link is active. Trans. Delay Enter the required delay when sending a link update packet. Retrans. Delay Enter the time after which a packet is transferred again if no confirmation was received. WinCC Advanced V14 System Manual, 10/2016 1365 Editing devices and networks 10.1 Configuring devices and networks Hello Interval Enter the interval between two Hello packets. Dead Interval Enter the interval after which the neighbor router counts as "failed" if no more Hello packets are received from it during this time. Virtual Link Authentication Configuring the virtual link login On this page, you define the authentication for the virtual link. Note OSPF is available only on layer 3. Settings Virtual Link (Area/Neighbor) Select the virtual link for which you want to configure authentication. Authentication type Select the authentication method of the OSPF interface. You have the following options: - None: No authentication - simple: Authentication using an unencrypted password. - MD5: Authentication using MD5 Simple authentication Password Enter the password. Confirmation Confirm the entered password. MD5 authentication Authentication Key ID Enter the identifier of the MD5 authentication key. Enter the ID for MD5 authentication with which the password will be used as a key. Since the key ID is transferred with the protocol, the same key must be stored under the same key ID on all neighboring routers. The table has the following columns: Authentication Key ID Can only be edited if you set the MD5 authentication method. It is only possible to use several keys there. MD5 Key Enter the MD5 key. 1366 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Confirm MD5 Key Confirm the entered key. Youngest Key ID Shows whether or not the MD5 key is the latest key ID. RIPv2 Configuration On this page, you configure routing with RIP. Note RIPv2 is available only on layer 3. Settings RIPv2 Enable or disable routing using RIPv2. Inbound Filter Select a route map that filters inbound routes. Redistribute Routes Specify which known routes are distributed using RIPv2. The following types of route exist: - Static Default - Connected - Static - OSPF Route Map Select a route map that filters which routes are forwarded using RIPv2. Interfaces Overview On this page, you can configure RIPv2 interfaces. Note RIPv2 is available only on layer 3. WinCC Advanced V14 System Manual, 10/2016 1367 Editing devices and networks 10.1 Configuring devices and networks Settings IP Address Select the IPv4 address of the RIPv2 interface. This table contains the following columns: IP Address Shows the IPv4 address of the RIPv2 interface Send Updates Select the way in which updates are sent: - no send No updates are sent. - RIPv1 Updates for RIPv1 are sent. - RIPv1-compat. RIPv2 updates are sent as broadcasts according to the rules of RIPv1. - RIPv2 Updates for RIPv2 are sent as multicasts. - RIPv1 demand/RIPv2 demand RIP packets are sent only as a response to an explicit query. Receive Updates Select the form in which received updates are accepted: - no receive No updates are received. - RIPv1 Only updates of RIPv1 are received. - RIPv2 Only updates of RIPv2 are received. - RIPv1/v2 Updates of RIPv1 and RIPv2 are received. Default Metric Enter the costs for the RIPv2 interface. NAT NAT On this WBM page, you specify the basic settings for NAT. 1368 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description The page contains the following boxes: NAT Enable or disable NAT/NAPT for the entire device. When enabled, the device operates as a NAT router. Idle Timeout [s] Enter the required time. If no data exchange takes place, when this time has elapsed ... TCP Timeout [s] Enter the required time. If no data exchange takes place, the TCP connection is deleted from the "NAT Translations" table when this time has elapsed. UDP Timeout [s] Enter the required time. If no data exchange takes place, the UDP connection is deleted from the "NAT Translations" table when this time has elapsed. Interface Select the an IP interface from the drop-down list: NAT Enable or disable NAT for an IP interface. An entry is created automatically in the "Pool" tab. The device can be reached from the external network using the IP address of the IP interface. If you disable NAT for an IP interface and there are no configurations on the NAT interface, the entry is automatically deleted from the table. NAPT Enable or disable NAPT for an IP interface. The table has the following columns: Interface Interface to which the setting relates. NAT Shows whether NAT is enabled or disabled for the selected IP interface. NAT is only enabled, when you have enabled NAT for the entire device. NAPT Shows whether NAPT is enabled or disabled for the selected IP interface. NAPT is only enabled, when you have enabled NAT for the entire device. If you do not create further configurations for NAPT, the dynamic port translation is enabled. As default, the device cannot be reached from an external network. If the device wants to communicate in an external network, the inside local address and the IP address of the IP interface have a port added and the device is assigned as inside local and inside global address. Using this inside global address, the device can be reached from the external network until the timer of the connection elapses. Static On this WBM page, you configure static address translatiions. You specify which inside global address the inside local address of a device will be converted to and vice versa. This variant allows connection establishment in both directions. The device in the internal network can be reached from the external network. WinCC Advanced V14 System Manual, 10/2016 1369 Editing devices and networks 10.1 Configuring devices and networks Description The page contains the following boxes: Interface Select the an IP interface from the drop-down list: Inside Local Address Enter the actual address of the device that should be reachable from external. Inside Global Address Enter the address at which the device can be reached from external. The table has the following columns: 1st column Select the check box in the row to be deleted. Interface Interface to which the setting relates. Inside Local Address Shows the actual address of the device that should be reachable from external. Inside Global Address Shows the address at which the device can be reached from external. Pool On this WBM page, you configure static address translations. As default, the device cannot be reached from an external network. If the device wants to communicate in an external network, an inside global address is assigned to it dynamically. Using this inside global address, the device can be reached from the external network until the timer of the connection elapses. Description The page contains the following boxes: Interface Select the an IP interface from the drop-down list: Inside Global Address Enter the start address for the dynamic assignment of addresses at which devices will be reachable from external. Inside Local Address Mask Enter the address mask of the external subnet. The table has the following columns: 1st column Select the check box in the row to be deleted. Interface Interface to which the setting relates. 1370 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Inside Global Address Shows the start address for the dynamic assignment of addresses at which devices will be reachable from external. Inside Local Address Mask Shows the address mask of the external subnet. NAPT On this WBM page, you configure static address translations. Description The page contains the following boxes: Interface Select the an IP interface from the drop-down list: Inside Local Address Enter the actual address of the device that should be reachable from external. Service Select the service for which the port translation is valid. When you select a service, the same port is entered in the Start Port and End Port boxes. if you change the start port, the end port is changed accordngly. if you select the entry "-", you can enter the start and end port freely. Start Port Enter a port. End Port Depending on your selection in the "Service" drop down list, you can enter a port or a port is displayed. If you enter different ports in the Start Port and End Port boxes, the same port range is entered in the Inside Global Port box. A port range can only be translated to the same port range. If you enter the same port in the Start Port and End Port boxes, you can enter any Inside Global Port. Inside Global Port Depending on your selection in the "Service" drop down list, you can enter a port or a port is displayed. Protocol Select the protocol for which the port translation is valid. Description Enter a description for the port translation. The table has the following columns: 1st column Select the check box in the row to be deleted. Interface Interface to which the setting relates. WinCC Advanced V14 System Manual, 10/2016 1371 Editing devices and networks 10.1 Configuring devices and networks Inside Local Address Shows the actual address of the device that should be reachable from external. Start Port Shows the start port that will be assigned to the inside local address. End Port Shows the end port that will be assigned to the inside local address. Protocol Shows the protocol for which the port translation applies. Inside Global Address Shows the address at which the device will be reached from external. Inside Global Port Shows the port that will be assigned to the Inside Global Address. Description Shows a a description for the port translation. Configuring layer 3 functions for IPv6 Configuration Introduction The page contains the overview of the layer 3 functions for IPv6. On this page, you enable or disable the required layer 3 function. The functions "IPv6 Routing", "VRRPv3" and "OSPFv3" are only available with Layer 3 (IPv6). Settings IPv6 Routing (only available with devices with a layer 3 license) - Enabled IPv6 routing is enabled. If IPv4 routing is not enabled on the device this is also enabled with this function. - Disabled IPv6 routing is disabled. VRRPv3 (only available with devices with a layer 3 license) Enable or disable routing using VRRPv3. To use VRRPv3 , first enable the IPv6 routing function. You can configure other settings in "Layer 3 (IPv6) > VRRPv3". OSPFv3 (only available with devices with a layer 3 license) Enable or disable routing using OSPFv3. You can configure other settings in "Layer 3 (IPv6) > OSPFv3". 1372 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Subnets (IPv6) Connected Subnets On this page, you can enable IPv6 on the interface. The interface is also called an IPv6 interface. An IPv6 interface can have several IPv6 addresses. Settings The page contains the following: Interface Select the IP interface for which IPv6 will be enabled. IPv6 Enable Enable or disable IPv6 for this interface. Note Disabling IPv6 As soon as IPv6 is enabled on the IP interface, IPv6 can only be disabled by removing the interface. IPv6 Address Enter the IPv6 address. The entry depends on the selected address type. Prefix Length Enter the number of left-hand bits belonging to the prefix IPv6 Address Type Select the address type. - Unicast - Anycast - Link Local IPv6 address is only valid on the link The table has the following columns: Interface Name Shows the name of the interface. IPv6 Address Shows the IPv6 address of the subnet. Prefix Length Shows the prefix length. IPv6 Address Type Displays the address type. The following values are possible: - Unicast - Anycast - Link Local WinCC Advanced V14 System Manual, 10/2016 1373 Editing devices and networks 10.1 Configuring devices and networks DHCPv6 client DHCPv6 client On this page, you specify whether the DHCPv6 client receives not only the configuration settings but also the IPv6 address or supports the "prefix delegation" function. Prefix delegation The DHCPv6 server delegates the distribution of the IPv6 prefix to the DHCPv6 client. To do this an IPv6 interface must be configured on the DHCPv6 client as a PD client. Via the PD client, the DHCPv6 client obtains an IPv6 prefix from the DHCPv6 server and stores it under a prefix name. The IPv6 interfaces of the DHCPv6 client the should adopt the prefix are configured as so-called PD sub clients. You configure the PD sub-clients in "Layer 3 (IPv6)" > "DHCPv6 Client" > "DHCPv6 PD Sub Client". Settings Interface Select the IP interface via which the DHCPv6 client functions. Enable Enable or disable the DHCPv6 client for the relevant interface. Mode Specify the procedure. - Status dependent Obtains the IPv6 address and the configuration file from the DHCPv6 server - Stateless: Obtains only the configuration file from the DHCPv6 server - Prefix Delegation: The DHCPv6 client takes over the distribution of the IPv6 prefix Prefix Name Enter the prefix name that will be further distributed by the DHCPv6 router. Can only be edited with the "Prefix Delegation" procedure. The DHCPv6 router stores IPv6 prefix of the DHCPv6 server under this name. Rapid Commit When enabled the procedure for the IPv6 address assignment is shortened. Instead of 4 DHCPv6 messages (SOLICIT, ADVERTISE , REQUEST, REPLY) only 2 DHCPv6 messages (SOLICIT, REPLY) are used. You will find further information on the messages in RFC 3315. DHCPv6 PD Sub Client On this page you specify which IPv6 interfaces of the DHCPv6 client will adopt the prefix. This achieved by assigning the prefix name followed by a prefix and the required prefix length to them as the IP address. Here, the first bits of the configured prefix are replaced by the values stored in the prefix name. The PD sub client forms the IPv6 address from the prefix name, prefix and prefix length. 1374 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Example: Under the prefix name "test", the following IPv6 prefix is stored: 2001:DB8:1234::/48 Prefix = 2002:AF9:5678::1 Prefix length = 64 From these settings the PD sub client forms the following IPv6 address: 2001:DB8:1234::1 Settings Interface Select the interface that functions as the PD sub client. Only IP interfaces can be selected. Prefix Name Enter the prefix name that will be further distributed by the PD router. The PD router stores IPv6 prefix of the DHCPv6 server under this name. Prefix Specify the network identifier of the host. Prefix Length Enter the number of left-hand bits belonging to the prefix This table contains the following columns Interface Name Shows the name of the interface Prefix Name Shows the name of the prefix. Prefix Shows the prefix. Prefix Length Shows the prefix length. Generated Address (only available online) Shows the IPv6 address formed from the prefix name, prefix and prefix length. Static Routes (IPv6) On this page, you configure static IPv6 routes. Settings The page contains the following: Destination Network Enter the network address of the destination that can be reached via this route. Prefix Length Enter the number of left-hand bits belonging to the prefix Gateway Enter the IPv4 address of the gateway via which this network address is reachable. WinCC Advanced V14 System Manual, 10/2016 1375 Editing devices and networks 10.1 Configuring devices and networks Metric Enter the metric for the route. The metric corresponds to the quality of a connection, based for example on speed or costs. If there are several equal routes, the route with the lowest metric value is used. Interface Specify the IPv6 interface via which the network address of the destination is reached. This table contains the following columns: Destination Network Shows the IPv6 network address of the destination. Prefix Length Shows the prefix length. Gateway Shows the IPv6 address of the next gateway. Interface Shows the Interface of the route. Metric Enter the metric for the route. When creating the route, "not used" is entered automatically. The metric corresponds to the quality of a connection, based for example on speed or costs. If there are several equal routes, the route with the lowest metric value is used. Status Shows whether or not the route is active. Route maps General (IPv6) Route maps With route maps, you control how routing information is further processed. You can filter routing information and specify whether the information is further processed, modified or discarded. Route maps operate according to the following principle: Routing information is compared with the filters of the route maps. The comparison is continued until the filters of a route map match the properties of an item of information. The information is then processed according to the route map settings: - The routing information is discarded. - The properties of the routing information are changed. 1376 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Name Enter the name for the route map. Sequence No Enter a number for the route map. You can create several route maps with the same name but with different sequence numbers. The sequence numbers then specify the order in which the route maps are processed. The table has the following columns: Name Shows the name of the route map. Sequence No Shows the sequence number of the route map. Action Specify what happens to the routing information that matches the settings of the route map: - permit The routing information is further processed according to the settings you make on the "Set" page. - deny The routing information is discarded. Interface & Value Match (IPv6) On this page, you specify whether or not the routing information for a route map is filtered according to interfaces, metric or tags. Settings Route Map (name/seq. no.) Select a route map. The created route maps are available to you. Type Select the basis for the filtering: - Interface - Metric - Tag Interface Select an interface. Only active if you have selected the "Interface" entry for "Type". Metric Enter a value for the metric. Only active if you have selected the "Metric" entry for "Type". WinCC Advanced V14 System Manual, 10/2016 1377 Editing devices and networks 10.1 Configuring devices and networks Tag Enter a value for the tag. Only active if you have selected the "Tag" entry for "Type". Route Type Select the type of the route. - Local The routing information for the route map is filtered according to directly connected routes (local interfaces). - Remote The routing information for the route map is filtered according to learned or statically configured routes. This box is active only if i you have selected the entry "Route Type in the "Type" drop-down list. The table has the following columns: Type Shows the selected type: - Interface - Metric - Tag - Route Type Value Shows the selected interface, the value of the metric or of the tag. Destination Match (IPv6) On this page, you specify whether or not the routing information for a route map is filtered based on the destination IPv6 address. Settings Route Map (Name/Seq. No.) Select a route map. IP Address Enter the IPv6 address of the destination on which the filtering is based. Prefix Length Enter the number of left-hand bits belonging to the prefix The table has the following columns: IP Address Shows the IPv6 address of the destination. Prefix Length Shows the prefix length. 1378 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Next Hop Match (IPv6) On this page, you specify whether or not the filtering for a route map will be based on the router to which the routing information is sent next. Settings Route Map (name/seq. no.) Select a route map. IP Address Enter the IP address of the router to which the routing information will be sent next. The table has the following columns: IP Address Shows the IP address of the next router. Set (IPv6) On this page, you specify whether or not the routing information will be changed by a route map. If, for example, you have filtered based on a certain metric, you can change the value of the metric here. The routing information is then forwarded with the new value. You can only change the information of a "Permit" route map. Settings Route Map (name/seq. no.) Select a route map. The table has the following columns: Name Shows the name of the route map. Sequence No Shows the sequence number of the route map. Metric Enter the new value for the metric with which the routing information will be forwarded. Tag Enter the new value for the tag with which the routing information will be forwarded. DHCPv6 Relay Agent Interfaces A DHCPv6 relay agent forwards the DHCP queries of the DHCPv6 client to the DHCPv6 server. When forwarding the remote ID is inserted in the DHCP query. The remote ID is the identifier of the interface. With this, the DHCPv6 agent can send the reply of the DHCPv6 server to the required DHCPv6 client. WinCC Advanced V14 System Manual, 10/2016 1379 Editing devices and networks 10.1 Configuring devices and networks Settings Remote ID (Opt. 37) When enabled the DHCP relay agent option 37 (Remote ID) is used. Specify the type of identifier in "Remote ID Type". Interface Select the IPv6 interface. The table has the following columns: Interface Interface to which the settings relate. Current Remote ID Shows which remote ID is currently being used. Remote ID Type Select hat is used as the identifier for the IPv6 interface. The following options are available: - DUID DHCP Unique Identifier - System Name System name of the device - Management IP Management IPv6 address of the device - User Defined User-defined entry DHCP Unique Identifier Enter the DUID (DHCP Unique Identifier). User Defined Enter a user-defined entry as the identifier. Server Addresses On this page you enable the DHCPv6 relay agent on the interface. You also specify which DHCPv6 server can be reached via it. Settings Relay Interface Select the interface on which the DHCPv6 relay agent accepts DHCPv6 requests. Server IP Address Enter the IPv6 address of the DHCPv6 server to which the DHCPv6 requests will be forwarded. The address can be either the unicast or the link local multicast address. With the link local multicast address you need to specify an interface, via which the DHCPv6 server can be reached. You configure the interface in "Layer 3 (IPv6) > DHCPv6 Relay Agent > Outgoing Interfaces". The table has the following columns: Server IP Address Shows the IP64 address of the DHCPv6 server. 1380 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Outgoing Interfaces Outgoing Interfaces The link local multicast address (ff02::1:2 ) of the DHCPv6 server can only be reached by devices located on the same link. On this page, you specify the IPv6 interface via which this DHCPv6 server can be reached. Settings Relay Interface Select the IPv6 interface on which the DHCPv6 relay agent accepts DHCPv6 requests. Server IP Address Select the IPv6 address of the DHCPv6 server. Outgoing Interface Select the interface via which the DHCPv6 server can be reached. The table has the following columns: Server IP Address Shows the IPv6 address of the DHCPv6 server. Outgoing Interface Shows the IPv6 interface via which the DHCPv6 server can be reached. VRRPv3 Router (IPv6) Introduction On this page, you create new virtual routers. You can configure other parameters in "Layer 3 (IPv6) > VRRPv3 > Configuration". Note WinCC Advanced V14 System Manual, 10/2016 This function is available only with layer 3. Simultaneous operation of VRRP and VRRPv3 is not possible. Select the "VRRPv3" check box to configure VRRPv3. You can use VRRPv3 on VLAN interfaces. Router ports are not supported. 1381 Editing devices and networks 10.1 Configuring devices and networks Settings VRRPv3 Enable or disable routing using VRRPv3. Can only be enabled when "Layer 3 (IPv6) > Configuration" "IPv6 Routing" is enabled. Track Enable or disable VRID tracking. When enabled, all interfaces of a VRID are monitored. When the link of an interface changes from "up" to "down", the priority of all VRRP interfaces with the same VRID is reduced to the value "0". When the link of an interface changes back from "down" to "up", the original priority of the VRRP interfaces is restored. Interface Select the required VLAN interface operating as virtual router. VRID Enter the ID of the virtual router. This ID defines the group of routers that form a virtual router (VR). In the group, this is the same. It can no longer be used for other groups. The table has the following columns: Interface Shows the Interface that functions as the virtual router. VRID Shows the ID of the virtual router. Virtual MAC Address (only available online) Shows the virtual MAC address of the virtual router. Primary IP Address Shows the numerically lowest IPv6 address in this VLAN. The entry "::" means that the "Primary" address is used on this VLAN. Otherwise all IPv6 addresses configured on this VLAN in the "Layer 3 (IPv6) > Subnets" menu are valid values. Router State (only available online) Shows the current status of the virtual router. Possible values are: - Master The router is the master router and handles the routing functionality for all assigned IPv4 addresses. - Backup The router is the backup router. If the master router fails, the backup router takes over the tasks of the master router. - Initialize The virtual router has just been turned on. It will soon change to the "Master" or "Backup" state. Master IP Address (only available online) Shows the IPv6 address of the master router. Priority (only available online) Shows the priority of the virtual router. The current master router is automatically given 255. All other priorities can be distributed freely among the VRRPv3 routers. The higher the priority, the earlier the VRRPv3 router becomes "Master". 1382 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Advert. Internal Shows the interval at which the master router sends VRRPv3 packets. Preempt Shows the precedence of a router when changing roles between backup and master. - yes This router has precedence when changing roles. - no This router does not have precedence when changing roles. Reply to pings on virtual interfaces (Accept Mode) Shows the precedence of a router when changing roles between backup and master. - Yes Virtual IP addresses also reply to pings. - No Virtual IP addresses do not reply to pings. Configuration (IPv6) Introduction On this page, you configure the virtual router. Note This function is available only with layer 3. Settings Interface / VRID Select the ID of the virtual router to be configured. Primary Address Select the primary IPv6 address. If the router becomes master router, the router uses this IPv4 address. Note If you only configure one subnet on this VLAN, no entry is necessary. The entry is then ::. If you configure more than one subnet on the VLAN and you want a specific IPv6 address to be used as the source address for VRRPv3 packets, select the IPv6 address. Otherwise, the IPv6 address with priority will be used. Master If this option is enabled, the numerically lowest IPv6 address is entered for "Associated IP Address". This means that the highest priority IPv6 address of the VRRP router is used as the virtual IPv6 address of the virtual master router. The backup routers in this group must disable the option and use the IPv6 address of the router in "Associated IP Address". WinCC Advanced V14 System Manual, 10/2016 1383 Editing devices and networks 10.1 Configuring devices and networks Priority Enter the priority of this virtual router. The current master router is always given 255. All other priorities can be distributed freely among the redundant routers. The higher the priority, the earlier the router becomes "Master". Advertisement interval Enter the interval in seconds after which a master router sends a VRRPv3 packet again. Preempt lower priority Master. Allow precedence when changing roles between backup and master based on the selection process. Reply to pings on virtual interfaces (Accept Mode) When enabled, the virtual IPv6 addresses also reply to the ping. Track ID Select a track ID. Decrement Priority Enter the value by which priority of the VRRP interface will be reduced. Current Priority Shows the priority of the VRRP interface after the monitored interface has changed to the "down" status. Addresses Overview (IPv6) Overview This page shows which IPv6 addresses the virtual router monitors. Note This function is available only with layer 3. Displayed values The table has the following columns: Interface Shows the Interface that functions as the virtual router. VRID Shows the ID of this virtual router. Number of Addresses Shows the number of IPv6 addresses. Associated IP Address (1) ...Associated IP Address (10) Shows the router IPv6 addresses monitored by this virtual router. If a router takes over the role of master, the routing function is taken over by this router for all these IPv6 addresses. 1384 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Addresses Configuration (IPv6) Creating or changing the monitored IP addresses On this page, you can create, modify or delete the IPv4 addresses to be monitored. Note This function is available only with layer 3. Settings Interface / VRID Select the ID of the virtual router. Associated IP Address Enter the IPv6 address that the virtual router will monitor. The table has the following columns: Select Select the check box in the row to be deleted Associated IP Address Shows the IPv6 addresses that the virtual router monitors. Interface Tracking (IPv6) Introduction On this page, you configure the monitoring of interfaces. When the link of a monitored interface changes from "up" to "down", the priority of the assigned VRRP interface is reduced. You configure the value by which the priority is reduced on the page "Layer 3 > VRRP/VRRPv3 > Configuration". When the link of the interface changes back from "down" to "up", the original priority of the VRRP interface is restored. Note This function is available only with layer 3. Description of the displayed values The page contains the following boxes: Interface From the drop-down list, select the interface to be monitored. Track ID Enter a track ID. WinCC Advanced V14 System Manual, 10/2016 1385 Editing devices and networks 10.1 Configuring devices and networks Track ID Select a track ID. Track Interface Count Enter how many monitored interfaces need to change to the "down" status, before the priority is changed. The table has the following columns: Select Select the check box in the row to be deleted. Track ID Shows the track ID. Interface Shows the interface that is being monitored. OSPFv3 Configuration Introduction On this page, you configure the routing using OSPFv3. Note This function is available only with layer 3. Settings OSPFv3 Enable or disable routing using OSPFv3. Router ID Enter the name of one of the OSPFv3 interfaces. The router ID is specified in IPv4 format and must be unique in the network. Border Router Displays the status of the OSPFv3 router. If the local system is an active member in at least 2 areas, this is an area border router. AS Border Router Specify whether the router is an AS border router. An AS border router intercedes between multiple autonomous systems, for example if you have an additional RIP network. An AS border router is also necessary to add and to distribute static routes. New LSA Received Shows the number of received LSAs. Updates and its own LSAs are not counted. New LSA Configured Shows the number of different LSAs sent by this local system. 1386 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks External LSA Maximum To limit the number of entries of external LSAs in the database, enter the maximum number of external LSAs. Exit Interval [s] Enter the interval after which the OSPFv3 router once again attempts to come out of the overflow status. A 0 means that the OSPFv3 router attempts to exit the overflow status only following a restart. Inbound Filter Select a route map that filters inbound routes. Redistribute Routes Specify which known routes are distributed using OSPFv3. You make different decisions for the route types Connected, Static and RIPng. Note The options can only be enabled on an AS border router. Enabling the Default and Static options, in particular, can cause problems if they are enabled at too many points in the network, for example, forwarding loops. Route Map Select a route map that filters which routes are forwarded using RIPng. Areas Overview An autonomous system can be divided into smaller areas. On this page, you can view, create, modify or delete the areas of the router. Note This function is available only with layer 3. Settings Area ID Enter the designation of the area. The database is synchronized for all routers of an area. The area identifier must be unique in the network. The area identifier is a 32-bit number with the following format: x.x.x.x where x = 0 ... 255 The area identifier 0.0.0.0 is reserved for the backbone area and cannot be deleted. WinCC Advanced V14 System Manual, 10/2016 1387 Editing devices and networks 10.1 Configuring devices and networks This table contains the following columns: Area ID Shows the ID of the area. Area Type Specify the type of area. - Normal - Stub - NSSA - Backbone Summary Specify whether summary LSAs are generated for this area. - Summary: Summary LSAs are generated and sent to the area. - No Summary: Summary LSAs are not generated and sent to the area. Metric Displays the costs for the OSPFv3 interface. Updates Shows the number of recalculations of the IPv6 routing tables. LSA Count Shows the number of LSAs in the database. Area BR Shows the number of reachable area border routers (ABR) within this area. AS BR Shows the number of reachable autonomous system border routers (ASBR) in this area. Area Range Creating a new OSPFv3 area range On this page, you can group up to 4 networks under one area ID. The method is used only with area border routers. This means that an area border router only advertises one route for grouped areas to the outside. Note This function is available only with layer 3. 1388 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Area ID Select the ID of the area. You specify the ID in "Areas". Prefix Enter the IPv6 address of the network that will be grouped. Prefix Length Enter the number of bits belonging to the prefix that will be grouped. This table contains the following columns: Area ID Shows the ID of the area. Prefix Shows the IPv6 address of the network that will be grouped. Prefix Length Enter the number of bits that will belong to the prefix. Advertise Enable this option to advertise the grouped network. Interfaces Overview On this page, you can configure OSPFv3 interfaces. Note This function is available only with layer 3. Settings Interface Select the IPv6 interface on which OSPFv3 will be enabled. Area ID Select the area ID of the area with which the OSPFv3 interface is connected. Note For the secondary interface select the same Area ID as for the corresponding primary interface. The information whether a primary or secondary interface is involved can be found in "Layer 3 (IPv6) > Subnets". WinCC Advanced V14 System Manual, 10/2016 1389 Editing devices and networks 10.1 Configuring devices and networks This table contains the following columns: Interface Shows the OSPFv3 interface. Area ID Select the area ID of the area with which the OSPFv3 interface is connected. OSPF Status Specify whether or not OSPFv3 is active on the interface. - Enabled: OSPFv3 is enabled on the interface. - Disabled: OSPFv3 is disabled on the interface. Metric Enter the costs for the OSPFv3 interface. Priority Enter the router priority. The priority is only relevant for selecting the designated router or designated border router. This parameter can be selected differently on routers within the same subnet. Trans. Delay Enter the required delay when sending a connection update. Retrans. Interval Enter the time after which an OSPFv3 packet is transferred again if no confirmation was received. Hello Interval Enter the interval between two Hello packets. Dead Interval Enter the interval after which the neighbor router is marked as "failed" if no more Hello packets are received from it during this time. Virtual links Overview Due to the protocol, each area border router must have access to the backbone area. If a router is not connected directly to the backbone area, a virtual link to it is created. Note This function is available only with layer 3. Note Note that when creating a virtual link both the transit area and the backbone area must already be configured. A virtual link must be configured identically at both ends. 1390 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Neighbor Router ID Enter the ID of the neighbor router at the other end of the virtual connection. Transit Area ID Select the ID of the area that connects the two routers. This table contains the following columns: Transit Area ID Shows the ID via which the two routers are connected. Neighbor Router ID Shows the ID of the neighbor router at the other end of the virtual connection. Virt. Link Status Specify the status of the virtual link. The following states are possible: - down: The virtual link is inactive. - point-to-point: The virtual link is active. Trans. Delay Enter the required delay when sending a connection update. Retrans. Interval Enter the time after which a packet is transferred again if no confirmation was received. Hello Interval Enter the interval between two Hello packets. Dead Interval Enter the interval after which the neighbor router counts as "failed" if no more Hello packets are received from it during this time. RIPng Configuration On this page, you configure routing with RIPng. Note This function is available only with layer 3. WinCC Advanced V14 System Manual, 10/2016 1391 Editing devices and networks 10.1 Configuring devices and networks Settings Inbound Filter Select a route map that filters inbound routes. Redistribute Routes Specify which known routes are distributed using RIPng. The following types of route exist: - Connected - Static - OSPFv3 Route Map Select a route map that filters which routes are forwarded using RIPng. Interfaces Overview On this page, you specify the interfaces that support RIPng. Note This function is available only with layer 3. Settings This table contains the following columns: Interface Shows the available IPv6 interface. Admin State Enable or disable the RIPng routing for the interface. Default Metric Enter the costs for the RIPng interface. Configuring security functions Users Local Users Note The page is only available if there is an online connection to the device. 1392 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Local users On this page, you create local users with the corresponding rights. When you create or delete a local user this change is also made automatically in the table "External User Accounts". If you want to make change explicitly for the internal or external user table, use the CLI commands. Note You can create up to 16 additional user accounts. Note The values displayed depend on the rights of the logged-in user. Settings User Account Enter the name for the user. The name must meet the following conditions: - It must be unique. - It must be between 1 and 255 characters long. - The following characters must not be included: ? " ; : < = Note User name cannot be changed After creating a user, the user name can no longer be modified. If a user name needs to be changed, the user must be deleted and a new user created. Deleting users The preset users as well as logged in users cannot be deleted or changed. Password Policy Shows which password policy is being used. Password Enter the password for the user. Note Password Policy: high Note the following password policies: Password length: at least 8 characters, maximum 128 characters At least 1 uppercase letter At least 1 special character At least 1 number WinCC Advanced V14 System Manual, 10/2016 1393 Editing devices and networks 10.1 Configuring devices and networks Password Confirmation Enter the password again to confirm it. Role Select a role. You can choose between system-defined and self-defined roles, refer to the page "Security > Users > Roles.". The table contains the following columns: User Account Shows the user name. Role Shows the role of the user. Description Displays a description of the user account. The description text can be up to 100 characters long. Roles Note The page is only available if there is an online connection to the device. Roles On this page, you create roles that are valid locally on the device. Note The values displayed depend on the rights of the logged-in user. Note You can create up to 28 additional roles. 1394 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Role Name Enter the name for the role. The name must meet the following conditions: - It must be unique. - It must be between 1 and 64 characters long. Note Role name cannot be changed After creating a role, the name of the role can no longer be changed. If a name of a role needs to be changed, the role must be deleted and a new role created. Deleting roles Predefined roles and assigned roles cannot be deleted or modified. The table contains the following columns: Role Shows the name of the role. Function Right Select the function rights of the role. - 1 Users with this role can read device parameters but cannot change them. - 15 Users with this role can both read and change device parameters. Note Function right cannot be changed If you have assigned a role, you can no longer change the function right of the role. If you want to change the function right of a role, follow the steps outlined below: 1. Delete all assigned users. 2. Change the function right of the role: 3. Assign the role again. Description Enter a description for the role. With predefined roles a description is displayed. The description text can be up to 100 characters long. Groups Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1395 Editing devices and networks 10.1 Configuring devices and networks User Groups On this page you link a group with a role. In this example the group "Administrators" is linked to the "admin"role: The group is defined on a RADIUS server. The role is defined locally on the device. When a RADIUS server authenticates a user and assigns the user to the "Administrators" group, this user is given rights of the "admin" role. Note You can create up to 32 groups. Settings Group Name Enter the name of the group. The name must match the group on the RADIUS server. The name must meet the following conditions: - It must be unique. - It must be between 1 and 64 characters long. The table contains the following columns: Group Shows the name of the group. Role Select a role. Users who are authenticated with the linked group on the RADIUS server receive the rights of this role locally on the device. You can choose between system-defined and self-defined roles, refer to the page "Security > Users > Roles.". Description Enter a description for the link of the group.to a role. Passwords Passwords Note The page is only available if there is an online connection to the device. 1396 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks On this page, you can change passwords. If you are logged on with the "admin" role, you can change the passwords for all user accounts. If you are logged on with the "user" role, you can only change your own password. Note If you log on the first time or log on after a "Reset to factory defaults and restart", you will be prompted to change the password. Note If you are logged in via a RADIUS server, you cannot change any local device passwords. Note Changing the password in "Trial" configuration mode Even if you change the password in "Trial" configuration mode, this change is saved immediately. Note The factory settings for the passwords when the devices ship are as follows: admin: admin When you log in for the first time or following a "Restore Factory Defaults and Restart", with the preset user "admin" you will be prompted to change the password. Settings Current User Shows the user that is currently logged in. Current User Password Enter the password for the currently logged in user. User Account Select the user whose password you want to change. Password Policy Shows which password policy is being used when assigning new passwords. - High Password length: at least 8 characters, maximum 128 characters at least 1 uppercase letter at least 1 special character at least 1 number - Low Password length: at least 6 characters, maximum 128 characters New Password Enter the new password again to confirm it. Password Confirmation Enter the new password again to confirm it. WinCC Advanced V14 System Manual, 10/2016 1397 Editing devices and networks 10.1 Configuring devices and networks Options On this page you specify which password policy will be used when assigning new passwords. Description Password Policy Shows which password policy is currently being used New Password Policy Select the required setting from the drop-down list. - High Password length: at least 8 characters, maximum 128 characters at least 1 uppercase letter at least 1 special character at least 1 number - Low Password length: at least 6 characters, maximum 128 characters AAA General The term "AAA" used in the menu stands for "Authentication, Authorization, Accounting" and is used to identify and allow network nodes, to provide them with the appropriate services and to determine the amount of use. On this page, you configure the login. Settings Note To be able to use the login authentication "RADIUS", "Local and RADIUS" or "RADIUS and fallback Local" a RADIUS server must be stored and configured for user authentication. 1398 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Login Authentication Specify how the login is made: - Local The authentication must be made locally on the device. - RADIUS The authentication must be handled via a RADIUS server. - Local and RADIUS The authentication is possible both with the users that exist on the device (user name and password) and via a RADIUS server. The user is first searched for in the local database. If the user does not exist there, a RADIUS query is sent. - RADIUS and fallback Local The authentication must be handled via a RADIUS server. A local authentication is performed only when the RADIUS server cannot be reached in the network. RADIUS client The term "AAA" used in the menu stands for "Authentication, Authorization, Accounting" and is used to identify and allow network nodes, to provide them with the appropriate services and to determine the amount of use. Authentication over an external server The concept of RADIUS is based on an external authentication server. Each row of the table contains access data for one server. In the search order, the primary server is queried first. If the primary server cannot be reached, secondary servers are queried in the order in which they are entered. If no server responds, there is no authentication. Settings The page contains the following boxes: RADIUS Authorization Mode For the login authentication, the RADIUS authorization mode specifies how the rights are assigned to the user with a successful authentication (Page 1171). - conventional In this mode the user is logged in with administrator rights if the server returns the value "Administrative User" to the device for the attribute "Service Type". In all other cases the user is logged in with read rights. - Vendor specific In this mode the assignment of rights depends on whether and which group the server returns for the user and whether or not there is an entry for the user in the table "External User Accounts". WinCC Advanced V14 System Manual, 10/2016 1399 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Auth. Server Type Select which authentication method the server will be used for. - Login The server is used only for the login authentication. - 802.1X The server is used only for the 802.1X authentication. - Login & 802.1X The server is used for both authentication procedures. RADIUS Server Address Enter the IPv4 address or the FQDN (Fully Qualified Domain Name) of the RADIUS server. Server Port Here, enter the input port on the RADIUS server. As default, input port 1812 is set. Shared Secret Enter your access ID. Confirm Shared Secret Enter your access ID again as confirmation. Max. Retrans Enter the maximum number of query attempts before another configured RADIUS server is queried or the login counts as having failed. As default, 3 is set. Primary Server Specify whether or not this server is the primary server. You can select one of the options "yes" or "no". Test With this button, you can test whether or not the specified RADIUS server is available. The test is performed once and not repeated cyclically. Test Result Shows whether or not the RADIUS server is available: - Failed, no test packet sent The IP address is not reachable. The IP address is reachable, the RADIUS server is, however, not running. - Reachable, key not accepted The IP address is reachable, the RADIUS server does not, however accept the shared secret. - Reachable, key accepted The IP address is reachable, the RADIUS server accepts the specified shared secret. The test result is not automatically updated. To delete the test result click the "Refresh" button. 1400 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 802.1x-Authenticator Setting up network access An end device can only access the network after the device has verified the login data of the device with the authentication server. Both the end device and the authentication server must support the EAP protocol (Extensive Authentication Protocol). Enabling authentication for individual ports By selecting the check box, you specify whether or not network access protection according to IEEE 802.1x is enabled on this port. Settings MAC Authentication Enable or disable MAC authentication for the device. Guest VLAN Enable or disable the "Guest VLAN" function for the device. Table 1 has the following columns: 1st column Shows that the settings are valid for all ports of table 2. 802.1X Auth. Control Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. 802.1x Re-authentication Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. MAC Authentication Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Adopt RADIUS VLAN Assignment Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. MAC Auth. Max Permitted Addresses Enter how many end devices are allowed to be connected to the port at the same time. If "No Change" is entered, the entry in table 2 remains unchanged Guest VLAN Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Guest VLAN ID Enter the VLAN ID of the port. If "No Change" is entered, the entry in table 2 remains unchanged WinCC Advanced V14 System Manual, 10/2016 1401 Editing devices and networks 10.1 Configuring devices and networks Guest VLAN max. Permitted Addresses Enter how many end devices are allowed in the guest VLAN at the same time. Transfer to table If you click the button, the settings are adopted for all ports of table 2. Table 2 has the following columns: Port Shows all available ports. 802.1X Auth. Control Specify the authentication of the port: - Force Unauthorized Data traffic via the port is blocked. - Force Authorized Data traffic via the port is allowed without any restrictions. Default setting - Auto End devices are authenticated on the port with the "802.1x" method. The data traffic via the port is permitted or blocked depending on the authentication result. 802.1x Re-authentication Enable this option if you want reauthentication of an already authenticated end device to be repeated cyclically. MAC Authentication Enable this option if you want end devices to be authenticated with the "MAC Authentication" method. Note At the port level, you cannot enable "MAC Authentication" and "Guest VLAN" at the same time. If "Auto is configured for "802.1x Auth. Control and the " MAC Authentication is enabled, the timeout for the "802.1X procedure is 5 seconds. If manual input is necessary at a port for the authentication with the 802.1X" procedure, the 5 seconds are not adequate. To be able to run authentication using "802.1X", disable the MAC authentication on this port. Adopt RADIUS VLAN Assignment The RADIUS server informs the IE switch of the VLAN to which the port will belong. Enable this option if you want the information of the server to be taken into account. The port can only e assigned to the VLAN, if the VLAN has been created on the device. Otherwise Authentication (Page 1171) is rejected. MAC Auth. Max Permitted Addresses Enter how many end devices are allowed to be connected to the port at the same time. 1402 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Guest VLAN Enable this option if you want the end device to be permitted in the guest VLAN if authentication fails. The port can only e assigned to the VLAN, if the VLAN has been created on the device. Otherwise Authentication (Page 1171) is rejected. This function is also known as "Authentication failed VLAN". Note At the port level, you cannot enable "MAC Authentication" and "Guest VLAN" at the same time. Guest VLAN ID Enter the VLAN ID of the port. Guest VLAN max. Permitted Addresses Enter how many end devices are allowed in the guest VLAN at the same time. MAC Auth. Currently Permitted Addresses Shows the number of currently connected end devices. 802.1X Auth.-Status Shows the status of the authentication of the port: - Authorize - Do not authorize MAC Auth. Currently Blocked Addresses Shows the number of currently blocked end devices. Guest VLAN Currently Permitted Addresses Shows how many end devices are currently allowed in the guest VLAN. MAC ACL Rule configuration On this page, you specify the access rules for the MAC-based Access Control List. Using the MAC-based ACL, you can specify whether frames of certain MAC addresses are forwarded or discarded. Settings Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Enter the unicast MAC address of the source. Destination MAC Address Enter the unicast MAC address of the destination. WinCC Advanced V14 System Manual, 10/2016 1403 Editing devices and networks 10.1 Configuring devices and networks Action Select the action. The following is possible: - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Ingress Interfaces Shows a list of all interfaces to which this rule applies. Egress Interfaces Shows a list of all interfaces to which this rule applies. Note Entering the MAC addresses If you enter the address "00:00:00:00:00:00" for the source and/or destination MAC address, the rule created in this way applies to all source or destination MAC addresses. Ingress Rules On this page, you specify the ACL rule according to which incoming frames are handled by the port. Settings Interface Select the required interface. Add Rule Select the ACL rule to be assigned to the interface. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the interface, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the interface, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Shows the unicast MAC address of the source. 1404 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Destination MAC Address Shows the unicast MAC address of the destination. Action Shows the action: - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Egress Rules On this page, you specify the ACL rule according to which outgoing frames are handled by the port. Settings Interface Select the required interface. Add Rule Select the ACL rule to be assigned to the interface. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the interface, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the interface, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Shows the unicast MAC address of the source. Destination MAC Address Shows the unicast MAC address of the destination. Action Shows the action - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. WinCC Advanced V14 System Manual, 10/2016 1405 Editing devices and networks 10.1 Configuring devices and networks IP ACL Rule configuration On this page, you specify the rules for the IP-based ACL. Settings The table has the following columns: Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source IP Enter the IPv4 address of the source. Source Subnet Mask Enter the subnet mask in which the source is located. Dest. IP Enter the IP address of the destination. Dest. Subnet Mask Enter the subnet mask in which the destination is located. Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Ingress Interfaces Shows a list of all interfaces to which this rule applies. Egress Interfaces Shows a list of all interfaces to which this rule applies. Protocol configuration On this page, you specify the rules for protocols. Settings The table has the following columns: Rule Number Shows the number of the protocol rule. When you create a rule, a new row with a unique number is created. Protocol Select the protocol for which this rule is valid. 1406 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Protocol Number Enter a protocol number to define further protocols. This box can only be edited if you have set "Other Protocol" for the protocol. Source Port Min. Enter the lowest possible port number of the source port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Source Port Max. Enter the highest possible port number of the source port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Dest. Port Min. Enter the lowest possible port number of the destination port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Dest. Port Max. Enter the highest possible port number of the destination port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Message Type Enter a message type to decide the format of the message. This box can only be edited if you have set "ICMP" for the protocol. Message Code Enter a message code to specify the function of the message. This box can only be edited if you have set "ICMP" for the protocol. DSCP Enter a value for classifying the priority. This box cannot be edited if you have set "ICMP" for the protocol. Ingress Rules On this page, you specify the ACL rule according to which incoming frames are handled by the port or VLAN. Settings Ports Select the required port: a port or a VLAN interface. To select a VLAN interface, an IP interface must be configured. Note If you use a VLAN interface, the ACL rule applies to all ports that belong to the VLAN. Add Rule Select the ACL rule to be assigned to the port. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the port, click the "Add" button. The configuration is shown in the table. WinCC Advanced V14 System Manual, 10/2016 1407 Editing devices and networks 10.1 Configuring devices and networks Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the port, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Protocol Shows the protocol for which this rule is valid. Protocol Number Shows the protocol number. Source IP Shows the IP address of the source. Source Subnet Mask Shows the subnet mask in which the source is located. Dest. IP Shows the IP address of the destination. Dest. Subnet Mask Shows the subnet mask of the destination. Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Source Port Min. Shows the lowest possible port number of the source port. Source Port Max. Shows the highest possible port number of the source port. Dest. Port Min. Shows the lowest possible port number of the destination port. Dest. Port Max. Shows the highest possible port number of the destination port. Message Type Shows a message type to decide the format of the message. Message Code Shows a message code to specify the function of the message. DSCP Shows the value for classifying the priority. 1408 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Egress Rules On this page, you specify the ACL rule according to which outgoing frames are handled by the port. Settings Ports Select the required port: a port or a VLAN interface. To select a VLAN interface, an IP interface must be configured. Note If you use a VLAN interface, the ACL rule applies to all ports that belong to the VLAN. Add Rule Select the ACL rule to be assigned to the port. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the port, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the port, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Protocol Shows the protocol for which this rule is valid. Protocol Number Shows the protocol number. Source IP Shows the IP address of the source. Source Subnet Mask Shows the subnet mask in which the source is located. Dest. IP Shows the IP address of the destination. Dest. Subnet Mask Shows the subnet mask of the source. WinCC Advanced V14 System Manual, 10/2016 1409 Editing devices and networks 10.1 Configuring devices and networks Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Source Port Min. Shows the lowest possible port number of the source port. Source Port Max. Shows the highest possible port number of the source port. Dest. Port Min. Shows the lowest possible port number of the destination port. Dest. Port Max. Shows the highest possible port number of the destination port. Message Type Shows a message type to decide the format of the message. Message Code Shows a message code to specify the function of the message. DSCP Shows the value for classifying the priority. Management ACL On this page, you can increase the security of your device. To specify which station with which IPv4 address is allowed to access your device, configure the IPv4 address or an entire address range. You can select the protocols and the ports with which the station is allowed to access the device. You define the VLAN in which the station may be located. This ensures that only certain stations within a VLAN have access to the device. Note If you enable this function, note the following A bad configuration on the "Management Access Control List" page can result in you being unable to access the device. You should therefore configure an access rule that allows access to the management before you enable the function. 1410 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Management ACL Enable or disable the function. As default, the function is disabled. Note If the function is disabled, there is unrestricted access to the management of the IE switch. The configured access rules are only taken into account when the function is enabled. IP Address Enter the IPv4 address or the network address for which the rule will apply. If you use the IPv4 address 0.0.0.0, the settings apply to all IPv4 addresses. Subnet Mask Enter the subnet mask. The subnet mask 255.255.255.255 is for a specific IP address. If you want to allow a subnet, for example a C subnet, enter 255.255.255.0. The subnet mask 0.0.0.0 applies to all subnets. The table has the following columns: Rule Order Shows the order of the ACL rules. IP Address Shows the IPv4 address. Subnet Mask Shows the subnet mask. VLANs Allowed Enter the number of the VLAN in which the device is located. The station can only access the device if it is located in this configured VLAN. If this input box remains empty, there is no restriction relating to the VLANs. SNMP Specify whether the station (or the IPv4 address) can access the device using the SNMP protocol. TELNET Specify whether the station (or the IPv4 address) can access the device using the TELNET protocol. HTTP Specify whether the station (or the IPv4 address) can access the device using the HTTP protocol. HTTPS Specify whether the station (or the IPv4 address) can access the device using the HTTPS protocol. SSH Specify whether the station (or the IPv4 address) can access the device using the SSH protocol. Px.y Specify whether the station (or the IPv4 address) can access this device via this port (slot.port). WinCC Advanced V14 System Manual, 10/2016 1411 Editing devices and networks 10.1 Configuring devices and networks Configuring SCALANCE W Interfaces and system functions SCALANCE W780 / W740 Availability of the interfaces The following table shows the availability of the physical and logical interfaces. Note that in this table all interfaces are listed. Depending on the system function, some interfaces are not available. On the WBM pages you can only select the available interfaces. We reserve the right to make technical changes. Client device Access points Access points W748-1 M12 W786-1 RJ-45 W786-2 RJ-45 W748-1 RJ-45 W788-1 M12 W786-2IA RJ-45 W788-1 RJ-45 W786-2 SFP W788-2 M12 W788-2 M12 EEC W788-1 RJ-45 W788-2 RJ-45 Wireless interface (WLAN) WLAN 1 WLAN 1 WLAN 1 (in client mode only one WLAN interface is available) WLAN 2 IP interface: LAN interface P1 P1 P1 VLAN ManagementVLAN ManagementVLAN ManagementV LAN VAP interface 1) - VAP 1.Y VAP X.Y Y=1 X = 1 ... 2 8 Y=18 WDS interface 1) _ WDS 1.Y WDS X.Y Y=1 X = 1 ... 2 8 Y=18 VLAN 1) 1412 24 24 24 only in access point mode WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Availability of the system functions The following table shows the availability of the system functions on the devices. Note that all functions are described in this configuration manual and in the online help. Depending on the mode and the KEY-PLUG, some functions are not available. We reserve the right to make technical changes. Access point mode Access points in client mode. Client device Information Security Inter AP blocking - W780 iFeatures (MLFB 6GK5 907-8PA00) W700 Security (MLFB 6GK5907-0PA00) WLAN WLAN statis tics WLAN iFea tures AP over view - Client list - WDS list - AP overlap - Force roam ing - Client over view - Available APs - IP assign ment - Error Manage ment sent Manage ment re ceived Data sent Data re ceived iREF client list - iREF WDS list AeroScout W780 iFeatures (MLFB 6GK5 907-8PA00) - W780 iFeatures (MLFB 6GK5 907-8PA00) - W780 iFeatures (MLFB 6GK5 907-8PA00) System WinCC Advanced V14 System Manual, 10/2016 PROFINET - EtherNet/IP 1413 Editing devices and networks 10.1 Configuring devices and networks Access point mode Access points in client mode. Client device Interfaces Layer 3 1414 WLAN NAT Basic - Expansions Antennas Permitted channels 802.11n AP - AP WDS - AP 802.11a/ b/g data rates - AP 802.11n data rates - Client 802.11a/b/ g data rates Client 802.11n da ta rates Force roam ing - Signal re corder - Spectrum analyzer - Basic - NAPT - WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Access point mode Access points in client mode. Client device Security WLAN Basic AP commu nication - AP RADI US authen ticator - Client RA DIUS sup plicant - Key - Inter AP Block Basic ing W780 iFeatures (MLFB 6GK5 907-8PA00) W700 Security (MLFB 6GK5907-0PA00) Allowed IP addresses - W780 iFeatures (MLFB 6GK5 907-8PA00) W700 Security (MLFB 6GK5907-0PA00) iFeatures iPCF iPCFv1 W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 Client: W740 iFeatures (MLFB 6GK5 907-4PA00) iPCF-MC iPRP Only dual APs W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 Client: W740 iFeatures (MLFB 6GK5 907-4PA00) Client: W740 iFeatures (MLFB 6GK5 907-4PA00) iREF - W780 iFeatures (MLFB 6GK5 907-8PA00) AeroScout - W780 iFeatures (MLFB 6GK5 907-8PA00) WinCC Advanced V14 System Manual, 10/2016 1415 Editing devices and networks 10.1 Configuring devices and networks SCALANCE W770 / W730 Availability of the interfaces The following table shows the availability of the physical and logical interfaces. Note that in this table all interfaces are listed. Depending on the system function, some interfaces are not available. On the WBM pages you can only select the available interfaces. We reserve the right to make technical changes. Wireless interface (WLAN) Client device Access points SCALANCE W734-1 RJ-45 W774-1 RJ-45 WLAN 1 WLAN 1 P1 P1 IP interface: LAN interface VLAN ManagementVLAN ManagementVLAN VAP interface 1) - VAP 1.Y WDS interface 1) _ Y=1 Y=1 VLAN 1) 16 8 WDS 1.Y 8 16 only in access point mode Availability of the system functions The following table shows the availability of the system functions on the devices. Note that all functions are described in this configuration manual and in the online help. Depending on the mode and the KEY-PLUG, some functions are not available. 1416 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks We reserve the right to make technical changes. Access point mode Access points in client mode Client devices Information Security Inter AP blocking - W780 iFeatures (MLFB 6GK5 907-8PA00) W700 Security (MLFB 6GK5907-0PA00) WLAN WLAN Statis tics WLAN iFea tures Overview AP - Client List - WDS List - Overlap AP - Force Roaming - Overview Client - Available AP - IP Mapping - Faults Manage ment Sent Manage ment Re ceived Data Sent Data Re ceived iREF Client List - iREF WDS List AeroScout W780 iFeatures (MLFB 6GK5 907-8PA00) - W780 iFeatures (MLFB 6GK5 907-8PA00) - W780 iFeatures (MLFB 6GK5 907-8PA00) System WinCC Advanced V14 System Manual, 10/2016 PROFINET - EtherNet/IP 1417 Editing devices and networks 10.1 Configuring devices and networks Access point mode Access points in client mode Client devices Interfaces Layer 3 Security WLAN NAT WLAN Basic - Expansions Antennas Allowed Channels 802.11n AP - AP WDS - AP 802.11a/ b/g Rates - AP 802.11n Rates - Client 802.11a/b/ g Rates - Client 802.11n Rates - Force Roaming - Signal re corder - Spectrum Analyzer - Basic - NAPT - Basic AP Commu nication - AP RADI US Authen ticator - Client RA DIUS Sup plicant - Keys Inter AP Block Basic ing - W780 iFeatures (MLFB 6GK5 907-8PA00) W700 Security (MLFB 6GK5907-0PA00) Allowed Ad dresses W780 iFeatures (MLFB 6GK5 907-8PA00) - W700 Security (MLFB 6GK5907-0PA00) 1418 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Access point mode Access points in client mode Client devices iFeatures iPCF iPCFv1 W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 Client: W740 iFeatures (MLFB 6GK5 907-4PA00) iPCF-MC iPRP Only dual APs W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 W780 iFeatures (MLFB 6GK5 907-8PA00) Access point in client mode: W780 iFeatures (MLFB 6GK5 907-8PA00 Client: W740 iFeatures (MLFB 6GK5 907-4PA00) Client: W740 iFeatures (MLFB 6GK5 907-4PA00) iREF - W780 iFeatures (MLFB 6GK5 907-8PA00) AeroScout - W780 iFeatures (MLFB 6GK5 907-8PA00) SCALANCE W760 / W720 Availability of the interfaces The following table shows the availability of the physical and logical interfaces. Note that in this table all interfaces are listed. Depending on the system function, some interfaces are not available. On the WBM pages you can only select the available interfaces. We reserve the right to make technical changes. Client device Access points W722-1 RJ45 W761-1 RJ45 W721-1 RJ45 Wireless interface (WLAN) WLAN 1 WLAN 1 LAN interface P1 P1 VLAN ManagementVLAN ManagementVLAN - VAP 1.1 IP interface: VAP interface WinCC Advanced V14 System Manual, 10/2016 1) 1419 Editing devices and networks 10.1 Configuring devices and networks Client device Access points W722-1 RJ45 W761-1 RJ45 W721-1 RJ45 WDS interface 1) _ WDS 1.1 VLAN 8 8 1) only in access point mode Availability of the system functions The following table shows the availability of the system functions on the devices. Note that all functions are described in this configuration manual and in the online help. Depending on the mode and the KEY-PLUG, some functions are not available. We reserve the right to make technical changes. Access point mode Access points in client mode Client devices Information WLAN WLAN Statis tics System 1420 Overview AP - Client List - WDS List - Overlap AP - Force Roaming - Overview Client - Available AP - IP Mapping - Faults Manage ment Sent Manage ment Re ceived Data Sent Data Re ceived PROFINET - EtherNet/IP WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Access point mode Access points in client mode Client devices Interfaces Layer 3 Security iFeatures WLAN NAT WLAN iPCF Basic - Advanced Antennas Allowed Channels 802.11n AP - AP WDS - AP 802.11a/ b/g Rates - AP 802.11n Rates - Client 802.11a/b/ g Rates - Client 802.11n Rates - Force Roaming - Signal re corder - Spectrum Analyzer - Basic - NAPT - Basic AP Commu nication - AP RADI US Authen ticator - Client RA DIUS Sup plicant - Keys iPCF - Only W722-1 RJ45 This can be integrated in a WLAN with iPCF, iPCFMC. iPCF-MC - Only W722-1 RJ45 This can be integrated in a WLAN with iPCF, iPCFMC. WinCC Advanced V14 System Manual, 10/2016 1421 Editing devices and networks 10.1 Configuring devices and networks Configuration limits SCALANCE W780 / W740 Configuration limits of the device The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device. Depending on your device, some functions are not available. System Configurable function Maximum number Syslog server 3 E-mail server 3 SNMPv1 trap recipient 10 SNTP server 1 NTP server 1 DHCP pools 1 IPv4 addresses managed by the DHCP server (dynam 100 ic + static) 1422 DHCP static assignments per DHCP pool 20 DHCP options 20 Interfa ces Force destination addresses for roaming 10 Layer 2 Virtual LANs (port-based; including VLAN 1) 24 Multiple Spanning Tree instances 16 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Security Configurable function Maximum number IP addresses from RADIUS servers AAA: 4 WLAN: 2 Management ACLs (access rules for management) 10 MAC ACL rule configuration 20 Ingress and egress rules for MAC ACL (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 80 (P1, WLAN) Access point: 680 (P1, WDS 1,Y, VAP 1,Y) Dual access point: 1320 (P1, WDS X,Y, VAP X,Y) IP ACL rule configuration 20 Ingress and egress rules for port ACL IP (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 120 (P1, WLAN, management VLAN) Access point: 720 (P1, WDS 1,Y, VAP 1,Y, management VLAN) Dual access point: 1360 (P1, WDS X,Y, VAP X,Y, management VLAN) User roles 28 User groups 32 Users 28 SCALANCE W770 / W730 Configuration limits of the device The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device. WinCC Advanced V14 System Manual, 10/2016 1423 Editing devices and networks 10.1 Configuring devices and networks Depending on your device, some functions are not available. System Configurable function Maximum number Syslog server 3 E-mail server 3 SNMPv1 trap recipient 10 SNTP server 1 NTP server 1 DHCP pools 1 IPv4 addresses managed by the DHCP server (dynam 100 ic + static) DHCP static assignments per DHCP pool 20 DHCP options 20 Interfa ces Force destination addresses for roaming 10 Layer 2 Virtual LANs (port-based; including VLAN 1) 16 Multiple Spanning Tree instances 16 IP addresses from RADIUS servers AAA: 4 Security WLAN: 2 Management ACLs (access rules for management) 10 MAC ACL rule configuration 20 Ingress and egress rules for MAC ACL (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 80 (P1, WLAN) Access point: 680 (P1, WDS 1.Y, VAP 1.Y) IP ACL rule configuration 20 Ingress and egress rules for port ACL IP (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 120 (P1, WLAN, management VLAN) Access point: 720 (P1, WDS 1.Y, VAP 1.Y, management VLAN) 1424 User roles 28 User groups 32 Users 28 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SCALANCE W760 / W720 Configuration limits of the device The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device. Depending on your device, some functions are not available. System Configurable function Maximum number Syslog server 3 E-mail server 3 SNMPv1 trap recipient 10 SNTP server 1 NTP server 1 DHCP pools 1 IPv4 addresses managed by the DHCP server (dynam 100 ic + static) WinCC Advanced V14 System Manual, 10/2016 DHCP static assignments per DHCP pool 20 DHCP options 20 Interfa ces Force destination addresses for roaming 10 Layer 2 Virtual LANs (port-based; including VLAN 1) 8 Multiple Spanning Tree instances 16 1425 Editing devices and networks 10.1 Configuring devices and networks Security Configurable function Maximum number IP addresses from RADIUS servers AAA: 4 WLAN: 2 Management ACLs (access rules for management) 10 MAC ACL rule configuration 20 Ingress and egress rules for MAC ACL (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 80 (P1, WLAN) Access point: 680 (P1, WDS 1.Y, VAP 1.Y) Dual access point: 1320 (P1, WDS X.Y, VAP X.Y) IP ACL rule configuration 20 Ingress and egress rules for IP ACL IP (total) 40 per interface (20 ingress rules / 20 egress rules) Client: 120 (P1, WLAN, management VLAN) Access point: 720 (P1, WDS 1.Y, VAP 1.Y, management VLAN) Dual access point: 1360 (P1, WDS X.Y, VAP X.Y, management VLAN) User roles 28 User groups 32 Users 28 Useful information IP address assignment Configuration options When shipped and after restoring to the factory settings, the device does not have an IP address. The following options are available to assign an IP address to the device: DHCP (default setting) Primary Setup Tool For further information, refer to the configuration manual "Primary Setup Tool". You will find the configuration manual at Siemens Industry Automation and Drives Service & Support on the Internet under the entry ID 19440762 (http://support.automation.siemens.com/WW/ view/en/19440762). 1426 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks STEP 7 CLI via the serial interface For further information, refer to the configuration manuals for the Command Line Interface". You will find the configuration manuals at Siemens Industry Automation and Drives Service & Support on the Internet under the following entry IDs. - SCALANCE W780/W740 Command Line Interface - entry ID 62515451 (http:// support.automation.siemens.com/WW/view/en/62515451) - SCALANCE W770/W730 Command Line Interface - entry ID 89534887 (http:// support.automation.siemens.com/WW/view/en/89534887) - SCALANCE W760/W720 Command Line Interface - entry ID 89534699 (http:// support.automation.siemens.com/WW/view/en/89534699) Requirement "Set IP address on device" is enabled in the properties of the device. You will find more detailed information in "Addressing PROFINET devices". WinCC Advanced V14 System Manual, 10/2016 1427 Editing devices and networks 10.1 Configuring devices and networks Editing properties and parameters Editing options You have the following options for editing properties and parameters: Hardware and network editor Once you have inserted the network component, you can edit the properties and parameters, for example the device name. You will find more detailed information in "Hardware and network editor". Web Based Management (WBM) The parameters and properties are accessible using the supplied HTML pages (WBM pages). Each WBM page has its own help page that describes the properties and parameters. For further information, refer to the configuration manuals for Web Based Management. - SCALANCE W780/W740 Web Based Management - entry ID: 62382125 (http:// support.automation.siemens.com/WW/view/en/62382125) - SCALANCE W770/W730 Web Based Management - entry ID: 89535155 (http:// support.automation.siemens.com/WW/view/en/89535155) - SCALANCE W760/W720 Web Based Management - entry ID: 89535534 (http:// support.automation.siemens.com/WW/view/en/89535534) Command Line Interface All the configuration settings for the device can be made using the CLI. The CLI provides the same options as Web Based Management (WBM). For further information, refer to the configuration manuals for the Command Line Interface. - SCALANCE W780/W740 Command Line Interface - entry ID: 62515451 (http:// support.automation.siemens.com/WW/view/en/62515451) - SCALANCE W770/W730 Command Line Interface - entry ID: 89534887 (http:// support.automation.siemens.com/WW/view/en/89534887) - SCALANCE W760/W720 Command Line Interface - entry ID: 89534699 (http:// support.automation.siemens.com/WW/view/en/89534699) Availability The availability of the settings depends on the device mode on the configuration mode Device Device mode With SCALANCE W the following device modes are available: Access point mode Client mode 1428 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration mode The following configuration modes are available: Offline configuration You can configure a PC station the first time offline. In this mode only the settings that require no connection to the device are available. Online configuration mode If there is a connection to the device and Web Based Management has started, there are additional pages available in the work area. In the online help, these pages include the note "This page is only available if there is an online connection to the device". With some settings, the additional information "only available online" is included. Web Based Management can be started in the following ways: - Select "Management" in the navigation panel and click on "Web Based Management". - Start the Web browser and enter the IP address or the URL of the device in the address box. Device Some of the settings depend on the device. The names used in the online help have the following meaning: SCALANCE W740 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W748-1 RJ-45 SCALANCE W748-1 M12 SCALANCE W780 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W788-1 M12 SCALANCE W788-2 M12 SCALANCE W788-2 M12 EEC SCALANCE W788-1 RJ-45 SCALANCE W788-2 RJ-45 SCALANCE W786-1 RJ-45 SCALANCE W786-2 RJ-45 SCALANCE W786-2IA RJ-45 SCALANCE W786-2 SFP SCALANCE W770 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W774-1 RJ-45 SCALANCE W730 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W734-1 RJ-45 SCALANCE W760 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W761-1 RJ-45 SCALANCE W720 The chapter described / the section described / the setting described is only rele vant for the following devices: SCALANCE W721-1 RJ-45 SCALANCE W722-1 RJ-45 WinCC Advanced V14 System Manual, 10/2016 1429 Editing devices and networks 10.1 Configuring devices and networks Access points SCALANCE W788-1 M12 SCALANCE W788-2 M12 SCALANCE W788-2 M12 EEC SCALANCE W788-1 RJ-45 SCALANCE W788-2 RJ-45 SCALANCE W786-1 RJ-45 SCALANCE W786-2 RJ-45 SCALANCE W786-2IA RJ-45 SCALANCE W786-2 SFP SCALANCE W774-1 RJ-45 SCALANCE W761-1 RJ-45 Client SCALANCE W748-1 RJ-45 SCALANCE W748-1 M12 SCALANCE W734-1 RJ-45 SCALANCE W721-1 RJ-45 SCALANCE W722-1 RJ-45 Creating and deleting an entry As an example, an entry will be created and deleted on the Syslog client. The procedure is valid on all pages. Creating a new entry 1. Select the device in the network or device view. 2. Open the properties of the device in the Inspector window. 3. In the Inspector window go to System > Syslog client. 4. Enter the IP address for the Syslog server. 5. Click in the table. Select the entry "New entry" in the shortcut menu. A new entry is created in the table. Deleting an entry 1. Select the required entry in the table. 2. Select the "Delete" entry in the shortcut menu. Buttons you require often Updating the display with "Refresh" Pages that display current parameters have a "Refresh" button at the lower edge of the page. Click this button to request up-to-date information from the device for the current page. Save the settings for all ports with "Transfer to table" Pages on which you can configure several ports have 2 tables. In the first table, you can make the settings for all ports and transfer these to the second table. In the last column of the first table, there is the "Transfer to table" button. Click this button to save the settings you have made for all ports. 1430 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks VLAN VLAN tagging Expansion of the Ethernet frames by four bytes For CoS (Class of Service, frame priority) and VLAN (virtual network), the IEEE 802.1Q standard defined the expansion of Ethernet frames by adding the VLAN tag. Note The VLAN tag increases the permitted total length of the frame from 1518 to 1522 bytes. The end nodes on the networks must be checked to find out whether they can process this length / this frame type. If this is not the case, only frames of the standard length may be sent to these nodes. The additional 4 bytes are located in the header of the Ethernet frame between the source address and the Ethernet type / length field: 3UHDPEOH E\WHV 'HVWLQDWLRQ DGGUHVV E\WHV 6RXUFH DGGUHVV E\WHV 73,' E\WHV 7&, E\WHV 7\SH E\WHV 'DWD aE\WHV &5& E\WHV [ 3ULRULW\ ELWV 9/$1,' ELWV &), ELW Figure 10-13 Structure of the expanded Ethernet frame The additional bytes contain the tag protocol identifier (TPID) and the tag control information (TCI). Tag protocol identifier (TPID) The first 2 bytes form the Tag Protocol Identifier (TPID) and always have the value 0x8100. This value specifies that the data packet contains VLAN information or priority information. Tag Control Information (TCI) The 2 bytes of the Tag Control Information (TCI) contain the following information: QoS Trust WinCC Advanced V14 System Manual, 10/2016 1431 Editing devices and networks 10.1 Configuring devices and networks The tagged frame has 3 bits for the priority that is also known as Class of Service (CoS). The priority according to IEEE 802.1P is as follows: CoS bits Type of data 000 Non time-critical data traffic (less then best effort [basic setting]) 001 Normal data traffic (best effort [background]) 010 Reserved (standard) 011 Reserved ( excellent effort ) 100 Data transfer with max. 100 ms delay 101 Guaranteed service, interactive multimedia 110 Guaranteed service, interactive voice transmission 111 Reserved The prioritization of the data packets is possible only if there is a queue in the components in which they can buffer data packets with lower priority. The device has multiple parallel queues in which the frames with different priorities can be processed. First, the frames with the highest priority ("Strict Priority" method) are processed. This method ensures that the frames with the highest priority are sent even if there is heavy data traffic. Canonical Format Identifier (CFI) The CFI is required for compatibility between Ethernet and the token Ring. The values have the following meaning: Value Meaning 0 The format of the MAC address is canonical. In the canonical representation of the MAC address, the least significant bit is transferred first. Standard-setting for Ethernet switches. 1 The format of the MAC address is not canonical. VLAN ID In the 12-bit data field, up to 4096 VLAN IDs can be formed. The following conventions apply: VLAN ID Meaning 0 The frame contains only priority information (priority tagged frames) and no valid VLAN identifier. 1- 4094 Valid VLAN identifier, the frame is assigned to a VLAN and can also include priority information. 4095 Reserved VLAN Network definition regardless of the spatial location of the nodes VLAN (Virtual Local Area Network) divides a physical network into several logical networks that are shielded from each other. Here, devices are grouped together to form logical groups. Only nodes of the same VLAN can address each other. Since multicast and broadcast frames are only forwarded within the particular VLAN, they are also known as broadcast domains. 1432 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The particular advantage of VLANs is the reduced network load for the nodes and network segments of other VLANs. To identify which packet belongs to which VLAN, the frame is expanded by 4 bytes. This expansion includes not only the VLAN ID but also priority information. Options for the VLAN assignment There are various options for the assignment to VLANs: Port-based VLAN Each port of a device is assigned a VLAN ID. You configure port-based VLAN in "Layer 2 > VLAN". Protocol-based VLAN Each port of a device is assigned a protocol group. Subnet-based VLAN The IP address of the device is assigned a VLAN ID. MAC-based communication Frames sent by the client to the access point always have the MAC address of the WLAN client as the source MAC address. In the "learning table" of the access point there is therefore only the MAC address of the WLAN client. MAC mode "Automatic", "Manual" and "Own" If the MAC address of a device connected to the client is adopted (Automatic) or is set manually (Manual), both the MAC-based and the IP-based frames find their destination for precisely this device. If the MAC address of the Ethernet interface of the WLAN client is used (Own), the MAC-based and IP-based frames only reach the WLAN client. The access point checks whether the destination MAC address matches the MAC addresses of the connected clients. Since a WLAN client can only use a MAC address, communication at the MAC address level (ISO/OSI layer 2) can be to a maximum of one node downstream from the client or the client itself. With IP Mapping, several nodes downstream from a client can be addressed based on the IP protocol. The IP packets are broken down according to an internal table and forwarded to the connected devices. Maximum possible number of Ethernet nodes with layer 2 communication downstream from the client: 1 WinCC Advanced V14 System Manual, 10/2016 1433 Editing devices and networks 10.1 Configuring devices and networks Notes on the "Automatic" setting: As long as there is no link on the Ethernet interface, the device uses the MAC address of the Ethernet interface so that it can be reached in this status. In this status, the device can be found using the Primary Setup Tool and configured with WBM or CLI. As soon as there is a link on the Ethernet interface, the device adopts the source MAC address of the first received frame. Note From the moment that the device adopts another MAC address (manually or automatically), the device no longer responds to queries of the Primary Setup Tool when the query is received over the WLAN interface. Queries of the PST over the Ethernet interface continue to be replied to. MAC mode "Layer 2 Tunnel" With the setting "Layer 2 Tunnel", the client provides information about the devices downstream from it when it logs in to an access point. This makes it possible to enter the MAC addresses of these devices in the "learning table" of the access point. The access point can forward MAC-based frames for the devices downstream from the client to the appropriate client. In much the same way as with WDS, a separate port is created for the L2T client over which the Ethernet frames are sent without changing the destination MAC address. Maximum possible number of Ethernet nodes downstream from the client: 8 IEEE 802.11n Overview The standard IEEE 802.11n is an expansion of the 802.11 standard and was approved in 2009. Previous standards worked either in the 2.4 GHz frequency band (IEEE 802.11g /b) or in the 5 GHz frequency band (IEEE 802.11a). IEEE 802.11n can operate in both frequency band. In the IEEE 802.11n standard, there are mechanisms implemented in PHY and MAC layers that increase the data throughput and improve the wireless coverage. MIMO antenna technology Maximum ratio combining (MRC) Spatial multiplexing Channel bonding Frame aggregation Accelerated guard interval Modulation and coding scheme Data throughput rates up to 450 Mbps (gross) This is not possible on all SCALANCE W700 devices. 1434 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks MIMO antenna technology MIMO (Multiple Input - Multiple Output) is based on an intelligent multiple antenna system. The transmitter and the receiver have several spatially separate antennas. The spatially separate antennas transmit the data streams at the same time. Up to four data streams are possible. The data streams are transmitted over spatially separate paths and return over different paths due to diffraction, refraction, fading and reflection (multipath propagation). The multipath propagation means that at the point of reception a complex, space- and timedependent pattern results as a total signal made up of the individual signals sent. MIMO uses this unique pattern by detecting the spatial position of characteristic signals. Here, each spatial position is different from the neighboring position. By characterizing the individual senders, the recipient is capable of separating several signals from each other. Multipath propagation with IEEE 802.11a/b/g SCALANCE W788-1PRO SCALANCE W746-1PRO Multipath propagation IEEE 802.11n (MIMO) SCALANCE W788-1 M12 SCALANCE W748-1 M12 Maximum ratio combining (MRC) In a multiple antenna system, the wireless signals are received by the individual antennas and combined to form one signal. The MRC method is used to combine the wireless signals. The MRC method weights the wireless signals according to their signal-to-noise ratio and combines the wireless signals to form one signal. The signal-to-noise ratio is improved and the error rate is reduced. Spatial mutliplexing With spatial multiplexing, different information is sent using the same frequency. The data stream is distributed over n transmitting antennas; in other words, each antenna sends only 1/ n of the data stream. The division of the data stream is restricted by the number of antennas. At the receiver end, the signal is reconstructed. Due to the spatial multiplexing, there is a higher signal-to-noise ratio and a higher data throughput. WinCC Advanced V14 System Manual, 10/2016 1435 Editing devices and networks 10.1 Configuring devices and networks Channel bonding With IEEE 802.11n, data can be transferred via two directly neighboring channels. The two 20 MHz channels are put together to form one channel with 40 MHz. This allows the channel bandwidth to be doubled and the data throughput to be increased. To be able to use channel bonding, the recipient must support 40 MHz transmissions. If the recipient does not support 40 MHz transmissions, the band is automatically reduced to 20 MHz. This means that IEEE 802.11n can also communicate with IEEE 802.11a/b/g devices. The channel bonding is set on the "AP" WBM page with the "HT Channel Width [MHz]" parameter. Communication according to IEEE 802.11a /b/g/h standard SCALANCE W788-1PRO SCALANCE W746-1PRO 2 x 20 MHz channels Maximum data rate: 54 Mbps Communication according to IEEE 802.11n standard SCALANCE W788-1 M12 SCALANCE W748-1 M12 1 x 40 MHz channel Maximum data rate: 450 Mbps Frame aggregation With IEEE 802.11n, it is possible to group together individual data packets to form a single larger packet; this is known as frame aggregation. There are two types of frame aggregation: Aggregated MAC Protocol Data Unit (A-MPDU) and Aggregated MAC Service Data Unit (AMSDU). The frame aggregation reduces the packet overheads. Frame aggregation can only be used if the individual data packets are intended for the same receiving station (client). The SCALANCE W700 devices support both types of frame aggregation. You specify the settings for the A-MPDU data packet on the "AP 802.11n" WBM page. Accelerated guard interval The guard interval prevents different transmissions being mixed together. In telecommunications, this mixing is also known as intersymbol interference (ISI). When the send time has elapsed, a send pause (guard interval) must be kept to before the next transmission begins. The guard interval of IEEE 802.11a /b/g is 800 ns. IEEE 802.11n can use the reduced guard interval of 400 ns. You specify the guard interval on the "AP 802.11n" WBM page. 1436 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Modulation and coding schemes The IEEE 802.11n standard supports different data rates. The data rates are based on the number of spatial streams, the modulation method and the channel coding. The various combinations are described in modulation and coding schemes. PROFINET PROFINET PROFINET is an open standard (IEC 61158/61784) for industrial automation based on Industrial Ethernet. PROFINET uses existing IT standards and allows end-to-end communication from the field level to the management level as well as plant-wide engineering. PROFINET also has the following features: Use of TCP/IP Automation of applications with real-time requirements - Real-Time (RT) communication - Isochronous Real-Time (IRT) communication Seamless integration of fieldbus systems You configure PROFINET in "System > PROFINET (Page 1272)". PROFINET IO Within the framework of PROFINET, PROFINET IO is a communications concept for implementing modular, distributed applications. PROFINET IO is implemented by the PROFINET standard for programmable controllers (IEC 61158-x-10). EtherNet/IP EtherNet/IP EtherNet/IP (Ethernet/Industrial Protocol) is an open industry standard for industrial real-time Ethernet based on TCP/IP and UDP/IP. With EtherNet/IP, Ethernet is expanded by the Common Industrial Protocol (CIP) at the application layer. In EtherNet/IP, the lower layers of the OSI reference model are adopted by Ethernet with the physical, network and transport functions. You configure EtherNet/IP in "System > EtherNet/IP (Page 1273)". WinCC Advanced V14 System Manual, 10/2016 1437 Editing devices and networks 10.1 Configuring devices and networks Common Industrial Protocol The Common Industrial Protocol (CIP) is an application protocol for automation that supports transition of the field buses in Industrial Ethernet and in IP networks. This industry protocol is used by field buses/industrial networks such as DeviceNet, ControlNet and EtherNet/IP at the application layer as an interface between the deterministic fieldbus world and the automation application (controller, I/O, HMI, OPC, ...). The CIP is located above the transport layer and expands the pure transport services with communications services for automation engineering. These include services for cyclic, time-critical and event-controlled data traffic. CIP distinguishes between time-critical I/O messages (implicit messages) and individual query/ response frames for configuration and data acquisition (explicit messages). CIP is objectoriented; all data "visible" from the outside is accessible in the form of objects. CIP has a common configuration basis: EDS (Electronic Data Sheet). Electronic Data Sheet Electronic Data Sheets (EDS) are electronic datasheets for describing devices. The EDS required for EtherNet/IP operation can be found in "System > Load&Save". NAT/NAPT What is NAT? With Network Address Translation (NAT), the IP address in a data packet is replaced by another. NAT is normally used on a gateway between a private LAN and an external network with globally valid IP addresses. A local IP address of the internal LAN is changed to an external global IP address by a NAT device at the gateway. To translate the internal into the global IP address, the NAT device maintains a translation list. The address assignment is automatic. You configure the address assignment in "Layer 3 > NAT > Basic". What is NAPT? In "Network Address Port Translation" (NAPT) or "Port Address Translation" (PAT), several internal source IP addresses are translated into the same external source IP address. To identify the individual source nodes, the port of the source device is also stored in the translation list of the NAT gateway and translated for the external address. If several local clients send a query to the same external destination IP address over the NAT gateway, the gateway enters its own external source IP address in the header of these forwarded frames. Since the forwarded frames have the same global source IP address, the NAT gateway assigns the frames to the clients using different port number. Note NAT/NAPT is possible only on layer 3 of the ISO/OSI reference model. To use the NAT function, the networks must use the IP protocol. When using the ISO protocol that operates at layer 2, it is not possible to use NAT. 1438 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If a client from the global network wants to use a service in the internal network, the translation list for the static address assignment needs to be configured. You configure the translation list for NAPT in "Layer 3 > NAT > NAPT". iPCF / iPCF-MC The wireless range of an IWLAN system can be expanded by using multiple access points. If a client moves from the area covered by one access point to the area covered by another access point, the wireless link is maintained after a short interruption (roaming). In an industrial environment, there are applications that require a deterministic response when there are large numbers of nodes and when roaming to another cell require handover times of less than 100 milliseconds. iPCF (industrial Point Coordination Function) iPCF ensures that the entire data traffic of a cell is ordered, controlled by the access point. Even with large numbers of nodes, collisions can also be avoided. iPCF also allows fast cell changes. You configure iPCF in "iFeatures > iPCF (Page 1615)". iPCF-MC (industrial Point Coordination Function - Management Channel) iPCF-MC was developed to make the advantages of iPCF available to fully mobile nodes that communicate without being dependent on RCoax cable or directional antennas. With iPCF-MC, the client also searches for potentially suitable access points when it receives iPCF queries from the access point and the existing connection to an access point is working problem-free. This means that if a change to a different access point is necessary, this is achieved extremely quickly. In contrast to iPCF, the handover times for iPCF-MC are not dependent on the number of wireless channels being used. You configure iPCF-MC in "iFeatures > iPCF-MC (Page 1617)". iPCF / iPCF-MC - how it works The access point checks all nodes in the wireless cell cyclically. At the same time, the scan includes the downlink traffic for this node. In the reply, the node sends the uplink data. The access point scans a new node at least every 5 ms. The scan of a node is seen by all other nodes in the cell. This allows a client to detect the quality of the wireless link to the access point even when it is not communicating with the access point itself. If the client does not receive any frames from the access point for a certain time, it starts to search for a new access point. In iPCF mode, both the search for a new access point and the registration with this access point have been optimized in terms of time. Handover times significantly below 50 ms are achieved. Stable PNIO communication is only possible when a WLAN client is in a cell with more than 60 % (-65 dBm) signal strength at all times. This can be checked by activating and deactivating the various wireless cells. This does not mean that the client needs to change when there is a signal strength < 60 % (< -65 dBm). Make sure that access points are available with adequate signal strength. WinCC Advanced V14 System Manual, 10/2016 1439 Editing devices and networks 10.1 Configuring devices and networks 352),VDIH Wireless cell of access point 1 Wireless cell of access point 2 Wireless cell of access point 3 Wireless cell of access point 4 Plant Figure 10-14 Configuration example of iPCF-MC 1440 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Restrictions iPCF and iPCF-MC are developments of Siemens AG and function only with nodes on which iPCF / iPCF-MC is implemented. With an access point with several WLAN interfaces, it is possible to use both iPCF as well as standard WLAN at the same time. Access points with a WLAN interface cannot take part in the iPCF-MC procedures, iPCF is, however, possible. Requirements for iPCF-MC iPCF-MC uses the two wireless interface of the access point in different ways: One interface works as the management interface and sends a beacon every five milliseconds. The other interface transfers the user data. The following requirements must be met before you can use iPCF-MC: Only SCALANCE W700 devices with two WLAN interfaces can be used as access points The data interface (WLAN1) and management interface (WLAN2) must be operated in the same frequency band and must match in terms of their wireless coverage. iPCF-MC will not work if the two wireless interfaces are equipped with directional antennas that cover different areas. The management interfaces of all access points to which a client can change must use the same channel. A client scans only this one channel to find accessible access points. Transmission based on IEEE 802.11h (DFS) cannot be used for the management interface. 802.11h (DFS) is possible for the data interface. A client must support this feature on its WLAN interface. iREF How it works If an access point has several activated antennas, the transmit power is distributed equally on these antennas. The transmit power is subject to country-specific legal restrictions. The maximum permitted power depends on the gain of the connected antennas. If the connected antennas have different gains, the maximum antenna gain effectively restricts the permitted transmit power. iREF (industrial Range Extension Function) ensures that the data traffic from the access point to each individual client is handled via the most suitable antenna. Which antenna is most suitable is determined by the access point based on the RSSI values of received packets. Taking into account antenna gain and possible cable losses, packets are only sent via the antennas with which the maximum signal strength at the client end can be expected. During this time the other antennas are inactive and the legally permitted transmit power is available for the selected antenna. The inactive antennas do not restrict the permitted transmit power. In particular in applications in which MIMO cannot be used or brings no advantage, this allows data to be transmitted at the highest possible data transmission rate. WinCC Advanced V14 System Manual, 10/2016 1441 Editing devices and networks 10.1 Configuring devices and networks You configure iREF in "iFeatures > iREF" without iREF Access Point Access Point ANT795-6DC ANT795-6DC Client SCALANCE W700 SCALANCE W700 SCALANCE W700 where iREF Access Point Access Point ANT795-6DC ANT795-6DC Client SCALANCE W700 SCALANCE W700 SCALANCE W700 Requirement To be able to use iREF, the SCALANCE W700 device must have at least 2 activated antennas. Restrictions A maximum data rate of only up to 150 Mbps (MCS 0 - 7 or 1 x spatial stream) is possible iREF cannot be used along with other iFeatures (for example iPCF or iPCF-MC) Advantages Due to the directional data transmission and dynamic deactivation of antennas that do not radiate in the direction of the particular client, interference can be reduced. The signal strength is improved because the active antenna always has the maximum permitted transmit power available. iPRP The "Parallel Redundancy Protocol" (PRP) is a redundancy protocol for cabled networks. It is defined in Part 3 of the IEC 62439 standard. With the "industrial Parallel Redundancy Protocol" (iPRP) the PRP technology can be used in wireless networks. iPRP improves the availability of wireless communication. 1442 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks How it works A PRP network consists of two completely independent networks. If one network is disrupted, the frames are sent without interruption/reconfiguration via the parallel redundant network. To achieve this the Ethernet frames are sent to the recipient in duplicate via both networks. Devices capable of PRP have at least two separate Ethernet interfaces that are connected to independent networks. With devices not capable of PRP a redundancy box (RedBox) is connected upstream. This allows access for so-called Single Attached Nodes (SAN) to PRP networks. The RedBox duplicates every Ethernet frame to be sent and among other things adds the VLAN ID and a sequence number. The RedBox sends a copy of the frame at the same time on both Ethernet interfaces via both networks. With PRP the SCALANCE W700 devices PRP can be used in wireless networks. 6LQJOH$WWDFKHG1RGH 6$1 5HGXQGDQF\%R[ 5HG%R[ 9/$1 353$ 9/$1 353% 9/$19/$1 9/$19/$1 $FFHVV3RLQW$3 :/$1 9$3!9/$1 353$ 9$3!9/$1 353% 9/$19/$1 9/$19/$1 $FFHVV3RLQW$3 :/$1 9$3!9/$1 353$ 9$3!9/$1 353% $FFHVV3RLQW$3 :/$1 9$3!9/$1 353$ 9$3!9/$1 353% 9/$1 9/$1 &OLHQW$ :/$1!9/$1 353$ &OLHQW% :/$1!9/$1 353% 9/$19/$1 9/$19/$1 9/$1 353$ 9/$1 353% 5HGXQGDQF\%R[ 5HG%R[ 6LQJOH$WWDFKHG1RGH 6$1 ,QGXVWULDO(WKHUQHW The access points (AP 1, AP 2 and AP 3) and the RedBox A are connected to each other via a switch. The PRP frames are sent to the access points via both networks (PRP A, PRP B). The access points receive the PRP frame. WinCC Advanced V14 System Manual, 10/2016 1443 Editing devices and networks 10.1 Configuring devices and networks The PRP frames are sent at the same time on two different wireless links to the recipients. The clients A and B are connected to different access points at the same time. The clients are never connected to the access point via the same interface. The RedBox forwards the first frame to arrive and discards the second PRP frame. The redundant partners (here: AP1 and AP3 or client A and client B) communicate with each other to prevent the two redundant PRP frames from arriving at the RedBox with too great a time difference. If for example communication between AP1 and client A is not possible, the PRP frame comes to its destination via redundant client B. You configure iPRP in "iFeatures > iPRP (Page 1618)". Requirement The base bridge mode "802.1Q VLAN Bridge" is set. The VLANs have been created. The VLANs are configured on the same interface. Access point mode: The VAP interface is enabled. Client mode: In MAC mode "Layer 2 Tunnel" is set. Depending on the configuration the clients can communicate with every access point. AeroScout AeroScout tags SCALANCE W700 devices support tags of the AeroScout company. Tags are battery-operated RFID sensors that send their data cyclically as multicast frames. Among other things, AeroScout tags have the following features: Ambient temperature If a tag is fitted to a SCALANCE W700 device or material, it is possible to monitor whether a selected ambient temperature is being maintained. Motion Here, a tag can also supply information indicating whether it is in motion or stationary. The areas of material flow and material handling engineering represent possible applications for this function. Button Regardless of the frames sent cyclically, a user can also send a message by pressing a button. LED This provides information on the operating status of the tag. Note For more detailed information, please refer to the AeroScout documentation (www.aeroscout.com). 1444 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks How it works The tag sends its data as AeroScout frames. The tags and the access points communicate in the 2.4 GHz band. If the WLAN interface of the access point receives the AeroScout frame, this is converted into a UDP datagram. The SCALANCE W700 device forwards the UDP datagram along with the information about the signal strength (RSSI) to a PC. The AeroScout Engine runs on the PC and evaluates the received information. Note It is not advisable to use PROFINET communication and AeroScout together on one wireless interface. Accuracy of localization To achieve optimum precision in the localization of AeroScout Tags, we recommend the use of antennas with omnidirectional characteristics if the signals should be received by at least three access points. SNMP Introduction With the aid of the Simple Network Management Protocol (SNMP), you monitor and control network components from a central station, for example routers or switches. SNMP controls the communication between the monitored devices and the monitoring station. Tasks of SNMP: Monitoring of network components Remote control and remote parameter assignment of network components Error detection and error notification In versions v1 and v2c, SNMP has no security mechanisms. Each user in the network can access data and also change parameter assignments using suitable software. For the simple control of access rights without security aspects, community strings are used. The community string is transferred along with the query. If the community string is correct, the SNMP agent responds and sends the requested data. If the community string is not correct, the SNMP agent discards the query. Define different community strings for read and write permissions. The community strings are transferred in plain text. WinCC Advanced V14 System Manual, 10/2016 1445 Editing devices and networks 10.1 Configuring devices and networks Standard values of the community strings: public has only read permissions private has read and write permissions Note Because the SNMP community strings are used for access protection, do not use the standard values "public" or "private". Change these values following the initial commissioning. Further simple protection mechanisms at the device level: Allowed Host The IP addresses of the monitoring systems are known to the monitored system. Read Only If you assign "Read Only" to a monitored device, monitoring stations can only read out data but cannot modify it. SNMP data packets are not encrypted and can easily be read by others. The central station is also known as the management station. An SNMP agent is installed on the devices to be monitored with which the management station exchanges data. The management station sends data packets of the following type: GET Request for a data record from the SNMP agent GETNEXT Calls up the next data record. GETBULK (available as of SNMPv2c) Requests multiple data records at one time, for example several rows of a table. SET Contains parameter assignment data for the relevant device. The SNMP agent sends data packets of the following type: RESPONSE The SNMP agent returns the data requested by the manager. TRAP If a certain event occurs, the SNMP agent itself sends traps. SNMPv1/v2c/v3 use UDP (User Datagram Protocol) and use the UDP ports 161 and 162. The data is described in a Management Information Base (MIB). SNMPv3 Compared with the previous versions SNMPv1 and SNMPv2c, SNMPv3 introduces an extensive security concept. 1446 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SNMPv3 supports: Fully encrypted user authentication Encryption of the entire data traffic Access control of the MIB objects at the user/group level With the introduction of SNMPv3 you can no longer transfer user configurations to other devices without taking special action, e.g. by loading a configuration file or replacing the CPLUG. According to the standard, the SNMPv3 protocol uses a unique SNMP engine ID as an internal identifier for an SNMP agent. This ID must be unique in the network. It is used to authenticate access data of SNMPv3 users and to encrypt it. Depending on whether you have enabled or disabled the "SNMPv3 User Migration" function, the SNMP engine ID is generated differently. Restriction when using the function Use the "SNMPv3 User Migration" function only to transfer configured SNMPv3 users to a substitute device when replacing a device. Do not use the function to transfer configured SNMPv3 users to multiple devices. If you load a configuration with created SNMPv3 users on several devices, these devices use the same SNMP engine ID. If you use these devices in the same network, your configuration contradicts the SNMP standard. Compatibility with predecessor products You can only transfer SNMPv3 users to a different device if you have created the users as migratable users. To create a migratable user the "SNMPv3 User Migration" function must be activated when you create the user. Spanning Tree Avoiding loops The Spanning Tree algorithm detects redundant physical network structures and prevents the formation of loops by disabling redundant paths. It evaluates the distance and performance of a connection or bases the decisions on settings made by the user. Data is then exchanged only over the remaining connection paths. If the preferred data path fails, the Spanning Tree algorithm then searches for the most efficient path possible with the remaining nodes. Root bridge and bridge priority The identification of the most efficient connection is always related to the root bridge, a network component that can be considered as a root element of a tree-like network structure. With the "Bridge Priority" parameter, you can influence the selection of the root bridge. The computer with the lowest value set for this parameter automatically becomes the root bridge. If two computers have the same priority value, the computer with the lower MAC address becomes the root bridge. WinCC Advanced V14 System Manual, 10/2016 1447 Editing devices and networks 10.1 Configuring devices and networks Response to changes in the network topology If nodes are added to a network or drop out of the network, this may affect the optimum path selection for data packets. To be able to respond to such changes, the root bridge sends configuration messages (BPDUs) at regular intervals. You can set the interval between two configuration messages with the "Hello Time" parameter. Keeping configuration information up to date With the "Max Age" parameter, you set the maximum age of configuration information. If a bridge has information that is older than the time set in Max Age, it discards the message and initiates recalculation of the paths. New configuration data is not used immediately by a bridge but only after the period specified in the "Forward Delay" parameter. This ensures that operation is started with the new topology only after all the bridges have the required information. RSTP, MSTP, CIST Rapid Spanning Tree Protocol (RSTP) One disadvantage of STP is that if there is a disruption or a device fails, the network needs to reconfigure itself: The devices start to negotiate new paths only when the interruption occurs. This can take up to 30 seconds. Fur this reason, STP was expanded to create the "Rapid Spanning Tree Protocol" (RSTP, IEEE 802.1w). This differs from STP essentially in that the devices are already collecting information about alternative routes during normal operation and do not need to gather this information after a disruption has occurred. This means that the reconfiguration time for an RSTP controlled network can be reduced to a few seconds. This is achieved by using the following functions: Edge ports (end node port) Edge ports are ports connected to an end device. A port that is defined as an edge port is activated immediately after connection establishment. If a spanning tree BPDU is received at an edge port, the port loses its role as edge port and it takes part in (R)STP again. If no further BPDU is received after a certain time has elapsed (3 x hello time), the port returns to the edge port status. Point-to-point (direct communication between two neighboring devices) By directly linking the devices, a status change (reconfiguration of the ports) can be made without any delays. Alternate port (substitute for the root port) A substitute for the root port is configured. If the connection to the root bridge is lost, the device can establish a connection over the alternate port without any delay due to reconfiguration. 1448 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Reaction to events Rapid spanning tree reacts to events, for example an aborted connection, without delay. There is no waiting for timers as in spanning tree. Counter for the maximum bridge hops The number of bridge hops a package is allowed to make before it automatically becomes invalid. In principle, therefore with rapid spanning tree, alternatives for many parameters are preconfigured and certain properties of the network structure taken into account to reduce the reconfiguration time. Multiple Spanning Tree Protocol (MSTP) The Multiple Spanning Tree Protocol (MSTP) is a further development of the Rapid Spanning Tree Protocol. Among other things, it provides the option of operating several RSTP instances within different VLANs or VLAN groups and, for example, making paths available within the individual VLANs that the single Rapid Spanning Tree Protocol would globally block. Common and Internal Spanning Tree (CIST) CIST identifies the internal instance used by the switch that is comparable in principle with an internal RSTP instance. Show information Versions This page shows the versions of the hardware and software of the device. Note The page is only available if there is an online connection to the device. Displayed values Table 1 contains the following columns: Hardware - Basic Device Shows the basic device. - WLAN X Shows the available WLAN interfaces. A device can have up to two WLAN interfaces. Name Shows the name of the device or module. WinCC Advanced V14 System Manual, 10/2016 1449 Editing devices and networks 10.1 Configuring devices and networks Revision Shows the hardware version of the device. Order ID Shows the order number of the device or module. For the wireless card, only one version is then displayed if the WLAN interface is enabled. Table 2 has the following columns: Software - Firmware Shows the current firmware version. If a new firmware file was downloaded and the device has not yet restarted, the firmware version of the downloaded firmware file is displayed here. After the next restart, the downloaded firmware is activated and used. - Bootloader Shows the version of the boot software stored on the device. - Firmware_Running Shows the firmware version currently being used on the device Description Shows the short description of the software. Version Shows the version number of the software version. Date Shows the date on which the software version was created. I&M Note The page is only available if there is an online connection to the device. This page contains information about device-specific vendor and maintenance data such as the article number, serial number, version number etc. You cannot configure anything on this page. Description of the displayed values The table has the following rows: Manufacturer ID Shows the manufacturer ID. Article number Shows the article number. Serial number Shows the serial number. Hardware revision Shows the hardware version. 1450 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Software version Shows the software version. Revision counter Shows the revision counter: Counter for revisions since the initial commissioning Revision Date Date and time of the last revision Function tag Shows the function tag (plant designation) of the device. The plant designation (HID) is created during configuration of the device with HW Config of STEP 7. Location tag Shows the location tag of the device. The location identifier (LID) is created during configuration of the device with HW Config of STEP 7. Date Shows the date created during configuration of the device with HW Config of STEP 7. Description Shows the description created during configuration of the device with HW Config of STEP 7. ARP table Note The page is only available if there is an online connection to the device. Assignment of MAC address and IP address With the Address Resolution Protocol (ARP), there is a unique assignment of MAC address to IPv4 addresses. This assignment is kept by each network node in its own separate ARP table. The page shows the ARP table of the device. Displayed values The table has the following columns: Interface Shows the interface via which the row entry was learnt. MAC Address Shows the MAC address of the destination or source device. WinCC Advanced V14 System Manual, 10/2016 1451 Editing devices and networks 10.1 Configuring devices and networks IP address Shows the IP address of the target device. Media Type Shows the type of connection. - Dynamic The device recognized the address data automatically. - Static The addresses were entered as static addresses Log tables Event log Logging events Note The page is only available if there is an online connection to the device. The device allows you to log events that occur, some of which you can specify in " System > Events". This, for example, allows you to record when an authentication attempt failed or when the connection status of a port has changed. The content of the events log table is retained even when the device is turned off. 1452 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Severity Filter You can filter the entries in the table according to severity. Select the required entries in the check boxes above the table. - Info Information - When this parameter is enabled, all entries of the category "Info" are displayed. - Warning Warning When this parameter is enabled, all entries of the category "Warning" are displayed. - Critical Critical When this parameter is enabled, all entries of the category "Critical" are displayed. The table has the following columns: - Restart Counts the number of restarts since you last reset to factory settings and shows the device restart after which the corresponding event occurred. - System Up Time Shows the time the device has been running since the last restart when the described event occurred. - System Time Shows the date and time when the described event occurred. If the system time is set, the time is also displayed at which the event occurred. - Severity Shows the severity of the message. - Log Message Displays a brief description of the event that has occurred. You will find the list of possible messages in Appendix D of the configuration manual. Buttons Delete Click this button to delete the content of the event log file. All entries are deleted regardless of what you have selected under "Severity Filters". The display is also cleared. The restart counter is only reset after you have restored the device to the factory settings and restarted the device. Note The table can contain 400 entries for each severity. The number of entries in this table is restricted to 1200. When this number is reached, the oldest entries of the relevant severity are discarded. The table remains permanently in memory. WinCC Advanced V14 System Manual, 10/2016 1453 Editing devices and networks 10.1 Configuring devices and networks WLAN authentication log Logging authentication attempts This page shows a table with information on successful or failed authentication attempts. Note The page is only available if there is an online connection to the device. Displayed values Severity Filters You can filter the entries in the table according to severity. To display all the entries, enable or disable all parameters. - Info Information When this parameter is enabled, all entries of the category "Info" are displayed. - Warning Warnings When this parameter is enabled, all entries of the category "Warning" are displayed. - Critical Critical When this parameter is enabled, all entries of the category "Critical" are displayed. The table has the following columns: Restart Counts the number of restarts since you last reset to factory settings and shows the device restart after which the corresponding event occurred. System Up Time Shows the time the device has been running since the last restart when the described fault occurred. System Time Shows the time at which the described error occurred. Severity Shows the severity of the message. Log Message Displays a brief description of the event that has occurred. You will find the list of possible messages in Appendix D of the configuration manual. If the system time is set, the time is also displayed at which the event occurred. 1454 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Buttons Clear Click this button to delete the content of the log file. All entries are deleted regardless of what you have selected under "Severity Filters". The display is also cleared. The restart counter is only reset after you have restored the device to the factory settings and restarted the device. Note The table can contain 400 entries for each severity. The number of entries in this table is restricted to 1200. When this number is reached, the oldest entries are discarded. The table remains permanently in memory. Show all Click this button to display all the entries on the WBM page. Note that displaying all messages can take some time. Next Click this button to go to the next page. Prev Click this button to go to the previous page. Fault Error status This page displays any errors that occur. Errors of the "Cold/Warm Start" event can be deleted following confirmation. If there are no more unanswered error/fault messages, the fault LED goes off. The time calculation always begins after the last system start. When the system is restarted, a new entry with the type of restart is created in the fault memory. Note The page is only available if there is an online connection to the device. Displayed values No. of Signaled Faults Indicates how often the fault LED lit up and not how many faults occurred. "Reset counters" button The number is reset with this button. WinCC Advanced V14 System Manual, 10/2016 1455 Editing devices and networks 10.1 Configuring devices and networks The table contains the following columns: Fault Time Shows the time the device has been running since the last restart when the described fault occurred. Fault Description Display of the fault status for the device. Clear Fault State To delete files of the "Cold/warm start" event, click the "Clear Fault State" button. Spanning Tree Note The page is only available if there is an online connection to the device. The page shows the current information about the Spanning Tree and the settings of the root bridge. If spanning tree is turned off, only the basic information about this device is displayed. If Spanning Tree is turned on, the status information about the selected instance is displayed and the information about the configured ports is shown in the table. The information depends on the selected Spanning Tree mode. Displayed values Spanning Tree Mode Shows the set mode. You specify the mode in "Layer 2 > MSTP > General". The following values are possible: - '-' - STP - RSTP - MSTP Instance ID Shows the number of the instance. The parameter depends on the configured mode. Bridge Priority / Root Priority Which device becomes the root bridge is decided based on the bridge priority. The bridge with the highest priority (in other words, with the lowest value for this parameter) becomes the root bridge. If several devices in a network have the same priority, the device whose MAC address has the lowest numeric value will become the root bridge. Both parameters, bridge priority and MAC address together form the bridge identifier. Since the root bridge manages all path changes, it should be located as centrally as possible due to the delay of the frames. The value for the bridge priority is a whole multiple of 4096 with a range of values from 0 to 32768. 1456 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Bridge Address / Root Address The bridge address shows the MAC address of the device and the root address shows the MAC address of the root bridge. Root Cost Shows the path costs from the device to the root bridge. Bridge Status Shows the status of the bridge, e.g. whether or not the device is the root bridge Regional root priority (available only with MSTP) For a description, see Bridge Priority / Root Priority Regional root address (available only with MSTP) Shows the MAC address of the device. Regional root costs (available only with MSTP) Shows the path costs from the regional root bridge to the root bridge. The table has the following columns: Port Shows the port via which the device communicates. Role Shows the status of the port. The following values are possible: - Disabled The port was removed manually from the spanning tree and will no longer be taken into account by the spanning tree. - Designated The ports leading away from the root bridge. - Alternate The port with an alternative route to a network segment - Backup If a switch has several ports to the same network segment, the "poorer" Port becomes the backup port. - Root The port that provides the best route to the root bridge. - Master This port points to a root bridge located outside the MST region. WinCC Advanced V14 System Manual, 10/2016 1457 Editing devices and networks 10.1 Configuring devices and networks Status Displays the current status of the port. The values are only displayed. The parameter depends on the configured protocol. The following statuses are possible: - Discarding The port receives BPDU frames. Other incoming or outgoing frames are discarded. - Listening The port receives and sends BPDU frames. The port is involved in the spanning tree algorithm. Other outgoing and incoming frames are discarded. - Learning The port actively learns the topology; in other words, the node addresses. Other outgoing and incoming frames are discarded. - Forwarding Following the reconfiguration time, the port is active in the network. The port receives and sends data frames. Oper. Version Describes the type of spanning tree in which the port operates Priority If the path calculated by the spanning tree is possible over several ports of a device, the port with the highest priority (in other words the lowest value for this parameter) is selected. A value between 0 and 240 can be entered for the priority in steps of 16. If you enter a value that cannot be divided by 16, the value is automatically adapted. Path costs This parameter is used to calculate the path that will be selected. The path with the lowest value is selected. If several ports of a device have the same value, the port with the lowest port number will be selected. If the value "Cost Calc." is "0", the automatically calculated value is shown. Otherwise, the value of "Cost Calc." is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000. 1458 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Edge type Shows the type of the connection. The following values are possible: - Edge Port An edge port is connected to this port. - No Edge Port There is a spanning tree or rapid spanning tree device at this port. P.t.P. Type Shows the type of point-to-point link. The following values are possible: - P.t.P. With half duplex, a point-to-point link is assumed. - Shared Media With a full duplex connection, a point-to-point link is not assumed. Note Point-to-point connection means a direct connection between two devices. A shared media connection is, for example, a connection to a hub. Ethernet Statistics Interface statistics Interface statistics The page shows the statistics from the interface table of the Management Information Base (MIB). Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: In Octet Shows the number of received bytes. Out Octet Shows the number of sent bytes. In Unicast Shows the number of received unicast frames. WinCC Advanced V14 System Manual, 10/2016 1459 Editing devices and networks 10.1 Configuring devices and networks In Non Unicast Shows the number of received frames that are not of the type unicast. Out Unicast Shows the number of sent unicast frames. Out Non Unicast Shows the number of sent frames that are not of the type unicast. In Errors Shows the number of all possible RX errors, refer to the tab "Packet Error". Packet Size Frames sorted by length This page displays how many frames of which size were sent and received at each port. Note The page is only available if there is an online connection to the device. The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. 1460 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Port Shows the available ports and link aggregations. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Note Display of frame statistics In the statistics relating to frame lengths, note that both incoming and outgoing frames are counted. Frame lengths The other columns after the port number contain the absolute numbers of frames according to their frame length. The following frame lengths are distinguished: - 64 bytes - 65 - 127 bytes - 128 - 255 bytes - 256 - 511 bytes - 512 - 1023 bytes - 1024 - max. Note Data traffic on blocked ports For technical reasons, data packets can be indicated on blocked ports. Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. Frame type Received frames sorted by type This page displays how many frames of the type "unicast", "multicast", and "broadcast" were received at each port. You cannot configure anything on this page. WinCC Advanced V14 System Manual, 10/2016 1461 Editing devices and networks 10.1 Configuring devices and networks The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Port Shows the available ports and link aggregations. The port is made up of the module number and the port number, for example port 0.1 is module 0, port 1. Unicast / Multicast / Broadcast The other columns after the port number contain the absolute numbers of the incoming frames according to their frame type "unicast", "multicast" and "broadcast". Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. Packet Errors Received bad frames This page shows how many bad frames were received per port. You cannot configure anything on this page. The displayed values are transferred by RMON. On the page "Layer 2 > RMON > Statistics", you can set the ports for which values will be displayed. Note The page is only available if there is an online connection to the device. 1462 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Port Shows the available ports and link aggregations. Error types The other columns after the port number contain the absolute numbers of the incoming frames according to their error type. In the columns of the table, a distinction is made according to the following error types: - CRC Packets whose content does not match the CRC checksum. - Undersize Packets with a length less than 64 bytes. - Oversize Frames discarded because they were too long. - Fragments Packets with a length less than 64 bytes and a bad CRC checksum. - Jabbers VLAN-tagged packets with an incorrect CRC checksum that were discarded because they were too long. - Collisions Collisions that were detected. Button Reset Counter Click "Reset Counter" to reset all counters. The counters are reset by a restart. Learning table Address filtering This page shows the current content of the learning table. This table lists the source addresses of unicast address frames. Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1463 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: VLAN-ID Shows the VLAN ID of the node. Note This column appears in the table only if a VLAN is configured. MAC Address Shows the MAC address of the node. Status Shows the status of each address entry: - Dynamic The specified address was learned by receiving a frame from this node and will be deleted when the aging time expires if no further frames are received from this node. - Invalid These values are not evaluated. Port Shows the port via which the node with the specified address can be reached. Frames received by the device whose destination address matches this address will be forwarded to this port. Buttons Show all Click this button to display all the entries on the page. Note that displaying all messages can take some time. Next Click this button to go to the next page. Prev Click this button to go to the previous page. Drop-down list for page change From the drop-down list, select the page you want to go to. DHCP Server This page shows whether IPv4 addresses were assigned to the devices by the DHCP server. Note The page is only available if there is an online connection to the device. 1464 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description IP Address Shows the IPv4 address assigned to the device. Pool ID Shows the number of the IPv4 address band. Identification method Shows the method according to which the DHCP client is identified. Identification value Shows the MAC address or he client ID of the DHCP client. Remote ID Shows the remote ID of the DHCP client. Circuit ID Shows the circuit ID of the DHCP client. Assignment method Shows whether the IPv4 address was assigned statically or dynamically. You configure the static entries in "System > DHCP > Static Leases". Assignment status Shows the status of the assignment. - Assigned The assignment is used. - Not used The assignment is not used. - Probing The assignment is being checked. - Unknown The status of the assignment is unknown. Expire Time Shows how long the assigned IPv4 address is still valid. Once this period has elapsed, the device must either request a new IPv4 address or extend the lease time of the existing IPv4 address. Security Overview This page shows the security settings and the local and external user accounts. Note The page is only available if there is an online connection to the device. The values displayed depend on the rights of the logged-on user. WinCC Advanced V14 System Manual, 10/2016 1465 Editing devices and networks 10.1 Configuring devices and networks Displayed values Services The "Services" list shows the security settings. Telnet Server You configure the setting in "System > Configuration". - Enabled: Unencrypted access to the CLI. - Disabled: No unencrypted access to the CLI. SSH Server You configure the setting in "System > Configuration". - Enabled: Encrypted access to the CLI. - Disabled: No encrypted access to the CLI. Web Server You configure the setting in "System > Configuration". - HTTP/HTTPS: Access to the WBM is possible with HTTP and HTTPS. - HTTPS: Access to the WBM is now only possible with HTTPS. SNMP You can configure setting in "System > SNMP > General". - "-" (SNMP disabled) Access to device parameters via SNMP is not possible. - SNMPv1/v2c/v3 Access to device parameters is possible with SNMP versions 1, 2c or 3. - SNMPv3 Access to device parameters is possible only with SNMP version 3. 1466 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Management ACL You configure the setting in "Security > Management ACL". - Disabled: No access restriction The access control is disabled. - Enabled: No access restriction The access control is enabled but no access rules have been defined. - Enabled: Restricted access only The access control is enabled and access rules have been defined. Login Authentication You configure the setting in "Security > AAA > General". - Local The authentication must be made locally on the device. - RADIUS The authentication must be handled via a RADIUS server. - Local and RADIUS The authentication is possible both with the users that exist on the device (user name and password) and via a RADIUS server. The user is first searched for in the local database. If the user does not exist there, a RADIUS query is sent. - RADIUS and fallback local The authentication must be handled via a RADIUS server. A local authentication is performed only when the RADIUS server cannot be reached in the network. Local and external user accounts You configure local user accounts and roles in "Security > User Accounts" When you create a local user account an external user account is generated automatically. Local user accounts involve users each with a password for logging in on the device. In the table "External User Accounts" a user is linked to a role, for example the user "Observer" with the role "user" In this case, the user is defined on a RADIUS server. The roll is defined locally on the device. When a RADIUS server authenticates a user, the corresponding group however is unknown or does not exist, the device checks whether or not there is an entry for the user in the table "External User Accounts". If an entry exists, the user is logged in with the rights of the associated role. If the corresponding group is known on the device, both tables are evaluated. The user is assigned the role with the higher rights. Note The table "External User Accounts" is only evaluated if you have set "Vendor Specific" in the RADIUS Authorization Mode". With CLI you can access external user accounts. WinCC Advanced V14 System Manual, 10/2016 1467 Editing devices and networks 10.1 Configuring devices and networks The table "Local User Accounts" has the following columns: User Account Shows the name of the local user. Role Shows the role of the user. You can obtain more information on the function rights of the role in "Information > Security > Roles". The table "External User Accounts" has the following columns: User Account Shows the name of the user on the RADIUS server. Role Shows the role assigned to the user on the device. You can obtain more information on this in "Information > Security > Roles". Supported Function Rights The page shows the function rights available locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. Displayed values Function Right Shows the number of the function right. Different rights relating to the device parameters are assigned to the numbers. Description Shows the description of the function right. Groups This page shows which group is linked to which role. The group is defined on a RADIUS server. The roll is defined locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. 1468 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Group Shows the name of the group. The name matches the group on the RADIUS server. Role Shows the role. Users who are authenticated with the linked group on the RADIUS server receive the rights of this role locally on the device. Description Shows a a description for the link. Roles The page shows the roles valid locally on the device. Note The page is only available if there is an online connection to the device. The values displayed depend on the role of the logged-on user. Displayed values This table contains the following columns: Role Shows the role. Function Right Shows the function rights of the role: - 1 Users with this role can read device parameters but cannot change them. - 15 Users with this role can both read and change device parameters. - 0 This is a role that the device assigns internally when the user could not be authenticated. The user is denied access to the device. Description Shows a description of the role. WinCC Advanced V14 System Manual, 10/2016 1469 Editing devices and networks 10.1 Configuring devices and networks Inter AP blocking the page shows a list of the devices with which the clients are allowed to communicate. Note The page is only available with SCALANCE W780 / W770 if there is an online connection to the device. in access point mode. with KEY-PLUG inserted: W780 iFeatures (MLFB 6GK5 907-8PA00) or W700 Security (MLFB 6GK5907-0PA00) Settings The table has the following columns: Radio Shows the available WLAN interfaces to which the settings relate. Port Shows the VAP interface to which the settings relate. MAC address Shows the MAC address of the device with which the client may communicate. IP address Shows the IP address of the device with which the client may communicate. IP address resolution Shows the IP address with which the permitted IP address is resolved. WLAN AP overview Overview of the configuration This page shows these settings/properties of the WLAN or the WLAN interface. Note The page is only available if there is an online connection to the device. in access point mode. 1470 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values Table 1 has the following columns: Radio Shows the available WLAN interfaces. WLAN Mode Shows the transmission standard. If DFS is activated, the transmission standard "802.11h" is not shown additionally but only the configured transmission standard "802.11a". Configured Channel Shows the configured channel. If "Auto" is displayed, the access point searches for a free channel itself. Alternative DFS Channel If the DFS function is enabled, the configured alternative channel of the access point is displayed. If "Auto" is displayed, the access point searches for an alternative channel itself. If the DFS function is activated and the access point browses for primary users for 60 seconds before starting communication with the selected channel, the text "scanning ..." is displayed instead of the channel. Operational channel Shows the channel of the access point via which the access point communicates. HT Channel Width Shows the channel bandwidth. - 20 Channel bandwidth 20 MHz - 40 up Channel bandwidth 40 MHz. The configured channel and the neighboring channel above it are used. - 40 down Channel bandwidth 40 MHz. The configured channel and the neighboring channel below it are used. Note Channel bandwidth 40 MHz and frequency band 2.4 GHz If the access point detects another access point on the configured channel or on neighboring channels, the access point changes the channel bandwidth from 40 MHz to 20 MHz. If you set a "free" channel on the access point, the access point uses the channel bandwidth 40 MHz. WinCC Advanced V14 System Manual, 10/2016 1471 Editing devices and networks 10.1 Configuring devices and networks iFeatures Shows which iFeatures are used. - iFeatures are not used. - iPCF - iPCF-MC - iREF Status Shows the status of the WLAN interface. - enabled The WLAN interface is enabled. - disabled The WLAN interface is disabled. Table 2 has the following columns: Radio Shows the available WLAN interfaces in this column. Port Shows the port of the virtual access point. MAC Address Shows the MAC address of the virtual access point. SSID Shows the SSID. Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. Status Shows the status of the WLAN interface. - enabled The WLAN interface is enabled. - disabled The WLAN interface is disabled. 1472 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Client list Logged-on clients The page the clients logged on with the access point as well as additional information, for example status, signal strength, MAC address. Note The page is only available if there is an online connection to the device. in access point mode. Displayed values Logged-on Clients Shows the number of clients logged on to the access point. The table has the following columns: AID (Associated ID) Shows the connection ID of the client. If the client connects to the access point via the VAP interface, the client is assigned a connection ID. The connection ID is unique within a VAP interface. If two clients log on at different VAP interfaces, both clients can receive the same ID. Radio Shows the available WLAN interfaces. Port Shows the VAP interface. Type Shows the client type, for example "Sta" stands for IEEE 802.11 standard client. MAC Address Shows the MAC address of the client. System Name Shows the system name of the client if the client communicates this to the access point. Not all clients support this parameter. Channel Shows the channel over which the client communicates with the access point. Signal Strength [dBm] Shows the signal strength of the connected client in bBm. Signal Strength [%] Shows the signal strength of the connected client as a percentage. Age [s] Shows the time that has elapsed since the last client activity. WinCC Advanced V14 System Manual, 10/2016 1473 Editing devices and networks 10.1 Configuring devices and networks Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. WLAN Mode Shows the transmission standard. If DFS is activated, the transmission standard "802.11h" is not shown additionally but only the configured transmission standard "802.11a". Maximum Data Rate [Mbps] Shows the maximum data rate in megabits per second. Status Shows the current status of the connection, for example connected means that the client is connected to the AP and is ready to communicate with the AP. WDS list Communication between access points In normal operation, the access point is used as an interface to a network and communicates with clients. There are, however, situations in which several access points need to communicate with each other, for example to extend wireless coverage or to set up a wireless backbone. This mode is possible with WDS (Wireless Distributed System). Note The page is only available if there is an online connection to the device. in access point mode. This page shows information about the WDS connections of the access point. Displayed values The table has the following columns: Radio Shows the available WLAN interfaces. Port Shows the port. BSSID Shows the MAC address of the WDS partner. WDS ID Shows the name of the WDS partner. Channel Shows the channel over which the access point communicates with the WDS partner. Signal Strength [dBm] Shows the signal strength of the connected access point in bBm. 1474 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Signal Strength [%] Shows the signal strength of the connected access point as a percentage. Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. Max. Data Rate [Mbps] Shows the maximum data rate in megabits per second. Status Shows the current status of the WDS connection. AP overlap Overlapping channels Note The page is only available if there is an online connection to the device. in access point mode. For optimum data throughput, it is important that the set wireless channel is not used by other access points. In the 2.4 GHz band (802.11b or 802.11g), there is overlapping of the channels so that an access point occupies not only the set channel but also the two or three adjacent channels. You should therefore make sure that there is adequate channel spacing to neighboring access points. This page shows all access points that are visible on the set or adjacent channels (at 2.4 GHz). If entries exist here, the maximum data throughput of the access point and the availability of the communication link to the access point is potentially impaired. Displayed values Table 1 has the following columns: Radio Shows the available WLAN interfaces. Aging Time [min] Specify the life time of the entries in the list. If an access point is inactive for longer than the set time, it is removed from the list. Note Changing the aging time The aging time is a WLAN setting. For this reason, if a change is made, the WLAN connection is briefly interrupted to accept the new value. WinCC Advanced V14 System Manual, 10/2016 1475 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Radio Shows the available WLAN interfaces in this column. Type Shows the mode of the WLAN interface. SSID Shows the SSID of the access point. BSSID Shows the MAC address of the access point. System Name Shows the system name of the device. The entry depends on the access point. Not all access points support this parameter. Channel Shows the channel over which the client communicates with the access point. Signal Strength [dBm] Shows the signal strength of the client in bBm. Signal Strength [%] Shows the signal strength of the client as a percentage. Age [s] Shows the time that has elapsed since the last access point activity. Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. WLAN Mode Shows the transmission standard. If DFS is activated, the transmission standard "802.11h" is not shown additionally but only the configured transmission standard "802.11a" or "802.11n". Client overview Overview of the configuration The page shows an overview of the existing clients and their configuration. Note The page is only available if there is an online connection to the device. for clients or access points in client mode. 1476 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values Radio Shows the available WLAN interfaces in this column. WLAN Mode Shows the transmission standard. MAC Mode Shows how the MAC address is assigned to the interface. - Automatic The client automatically adopts the source MAC address of the first frame that it receives over the Ethernet interface. - Manual The address was entered manually - Own The client uses the MAC address of the Ethernet interface for the WLAN interface. - Layer 2 Tunnel The client uses the MAC address of the Ethernet interface for the WLAN interface. The network is also informed of the MAC addresses connected to the Ethernet interface of the client. Up to eight MAC addresses can be used. MAC Address Shows the MAC address of the WLAN interface. Operational channel Shows the channel of the access point with which the client is connected. HT Channel Width [MHz] Shows the channel bandwidth. - 20 Channel bandwidth 20 MHz - 40 up Channel bandwidth 40 MHz. The configured channel and the neighboring channel above it are used. - 40 down Channel bandwidth 40 MHz. The configured channel and the neighboring channel below it are used. Note Channel bandwidth 40 MHz and frequency band 2.4 GHz If the access point detects another access point on the configured channel or on neighboring channels, the access point changes the channel bandwidth from 40 MHz to 20 MHz. If you set a "free" channel on the access point, the access point uses the channel bandwidth 40 MHz. Connected BSSID This box shows the MAC address of the access point with which the client is connected. Connected SSID This box shows the SSID of the access point with which the client is connected. WinCC Advanced V14 System Manual, 10/2016 1477 Editing devices and networks 10.1 Configuring devices and networks Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. iFeatures Shows which iFeatures are used. - iFeatures are not used. - iPCF - iPCF-MC Status Shows the status of the WLAN interface. - enabled The WLAN interface is enabled. - disabled The WLAN interface is disabled. Available APs Available access points Note The page is only available if there is an online connection to the device. for clients or access points in client mode. This page shows all the access points visible to the client. The list also includes the access points to which the client cannot connect due to its configuration. Note Display when iPCF mode is activated If the iPCF mode is active, the display is different. Since the client does not run a background scan in this case, only the access point with which the client is currently connected is displayed. Displayed values The table has the following columns: Radio Shows the WLAN interface visible to the access point. SSID Shows the SSID of the access point. 1478 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks BSSID Shows the MAC address of the access point. System Name Shows the system name of the access point. The entry depends on the access point. Not all access points support this parameter. Channel Shows the channel on which the access point transmits or communicates. Signal Strength [dBm] Shows the signal strength of the access point in bBm. Signal Strength [%] Shows the signal strength of the access point as a percentage. Type Shows the mode of the WLAN interface. Security Shows which authentication method is used. If the authentication method "Open System + Encryption" or "Shared Key" is used, the "Encrypted (WEP/AES)" authentication method is displayed for both. WLAN Mode Shows the transmission standard. If DFS is activated, the transmission standard "802.11h" is not shown additionally but only the configured transmission standard "802.11a" or "802.11n". Status Shows the status of the access point, for example whether or not the access point is available. Force Roaming Note The page is only available if there is an online connection to the device. in access point mode. The device monitors the connection to IP addresses cyclically. To achieve this, the device sends echo messages (pings) to the configured destination IP address at regular intervals. This WBM page shows the current status of the connection. It also shows whether there is roaming. WinCC Advanced V14 System Manual, 10/2016 1479 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Port Shows the available VAP interfaces. Destination Address / State Shows which destination address is monitored and the status of the connection. You configure the destination address in "Interfaces > WLAN > Force Roaming". - not configured: No destination address is configured. - idle: The configuration is incomplete. - up:The destination address is reachable. - down: The destination address is unreachable. Force Roaming on IP down Indicates whether roaming is currently being performed. - inactive: No roaming is being performed. - active: Roaming is being performed. None of the destination addresses is reachable. IP mapping table WLAN access for several devices via a client Note The page is only available if there is an online connection to the device. for clients or access points in client mode. You can make WLAN access available for several devices with one client if you use IP mapping. This means that you do not need to equip every device with its own WLAN client. This is possible only if the connected devices are addressed only by IP frames. Communication at MAC address level (ISO/OSI layer 2) can be established with one component whose MAC address is configured on the client, be established with a maximum of eight components if the "Layer 2 Tunnel" MAC mode is selected. The "Layer 2 Tunnel" setting meets the requirements of industrial applications in which MAC address-based communication takes place with several devices downstream from the client. Clients with this setting cannot connect to standard Wi-Fi devices and access points with firmware V3.0 or older. 1480 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The client maintains a table with the assignment of MAC address and IP address to be able to send incoming IP frames to the correct MAC address. The page shows the IP mapping table of the device. Note Display of the IP mapping table If "Layer 2 Tunnel" is configured on the device for the MAC mode, the IP mapping table is not displayed. Displayed values MAC address The MAC address of a device located downstream from the WLAN client from the perspective of the access point. IP address The IP address managed for this device by the WLAN client. Type There are two options for the type: - system The information relates to the WLAN client itself. - learned The information relates to a device downstream from the WLAN client. MAC mode Frames sent by the client to the access point always have the MAC address of the WLAN client as the source MAC address. In the "learning table" of the access point there is therefore only the MAC address of the WLAN client. If there are further SCALANCE W700 devices downstream from the client, the "Automatic" option should not be enabled. In this case, the MAC address would be assigned indiscriminately to the first SCALANCE W700 device that signals over Ethernet. If there is only IP communication between the access point and the client, the default setting "Own" can be retained. If MAC address-based frames are also to be sent by SCALANCE W700 devices downstream from the client, you need to select the settings "Automatic", "Manual" or "Layer 2 Tunnel". WinCC Advanced V14 System Manual, 10/2016 1481 Editing devices and networks 10.1 Configuring devices and networks WLAN statistics Fault The page show how many bad frames were received or sent per WLAN interface. If an increased number of errors occurs, you should check the settings for the WLAN interface(s), the setup of the devices and the connection quality. Note The page is only available if there is an online connection to the device. Displayed values The Transmission Errors table has the following columns: Interface Shows the WLAN interface to which the entries apply. Error types The other columns after the WLAN interface contain the absolute numbers of the frames sent according to their error type. The columns of the table distinguish the following error types: - Transmission Errors Shows the number of bad frames that were sent. - Dropped Frames Shows the number of frames that were discarded. Despite all the retries, the frame could not be successfully sent. The frame has not yet been sent and the recipient has logged off in the meantime. - Send Retries Shows the number of frames sent successfully that required one or more retries. The "Received Errors" table has the following columns: Interface Shows the WLAN interface to which the entries apply. Error types The other columns after the WLAN interface contain the absolute numbers of the frames received according to their error type. The columns of the table distinguish the following error types: - Received Errors Shows the number of bad frames that were received. - Duplicated Frames Shows the number of frames that were received twice. - Decryption Errors Shows the number of bad encrypted frames. - FCS Errors Shows the number of frames in which the checksum was incorrect. 1482 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Sent management frames The page shows how many frames in response to logging on or logging off were counted per VAP interface. Note The page is only available if there is an online connection to the device. in access point mode. Displayed values The table has the following columns: Interface Shows the VAP interface to which the entries apply. Frames - Management Frames Shows the number of management frames - Association Requests Shows the number of requesting association frames relevant for a logon. - Association Responses Shows the number of responding association frames relevant for a logon. - Disassociation Requests Shows the number of requesting disassociation frames relevant for a logoff. - Authentication Requests Shows the number of requesting Authentication frames relevant for a logon. - Authentication Responses Shows the number of responding authentication frames relevant for a logon. - Deauthentication Requests Shows the number of requesting deauthentication frames relevant for a logon. Management Frames Received The page shows how many frames in response to logging on or logging off were counted per VAP interface. Note The page is only available if there is an online connection to the device. in access point mode. WinCC Advanced V14 System Manual, 10/2016 1483 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Interface Shows the VAP interface to which the entries apply. Frame - Management Frames Shows the number of management frames - Association Requests Shows the number of requesting association frames relevant for a logon. - Association Responses Shows the number of responding association frames relevant for a logon. - Disassociation Requests Shows the number of requesting disassociation frames relevant for a logoff. - Authentication Requests Shows the number of requesting Authentication frames relevant for a logon. - Authentication Responses Shows the number of responding authentication frames relevant for a logon. - Deauthentication Requests Shows the number of requesting deauthentication frames relevant for a logon. Sent data frames The page shows how many frames were sent per VAP interface. Note The page is only available if there is an online connection to the device. 1484 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Displayed values The table has the following columns: Interface Shows the VAP interface to which the entries apply. Frame types The other columns after the VAP interface contain the absolute numbers of the sent frames according to the frame types. In the columns of the table, a distinction is made according to the following frame types: - Data Frames Shows the number of sent data frames. - Multicast/Broadcast Frames Shows the number of sent multicast and broadcast frames. - Unicast Frames Shows the number of unicast frames sent. - Average Data Rate Shows average data rate of the last data frames sent. Received data frames The page shows how many frames were received per VAP interface. Note The page is only available if there is an online connection to the device. Displayed values The table has the following columns: Interface Shows the VAP interface to which the entries apply. Frame types The other columns after the VAP interface contain the absolute numbers of the received frames according to the frame types. In the columns of the table, a distinction is made according to the following frame types: - Data Frames Number of received data frames. - Multicast/Broadcast Frames Shows the number of received multicast and broadcast frames. - Unicast Frames Shows the number of received unicast frames. - Average Data Rate Shows average data rate of the last data frames received. WinCC Advanced V14 System Manual, 10/2016 1485 Editing devices and networks 10.1 Configuring devices and networks WLAN iFeatures iREF Client List The page shows the antenna connector via which the clients logged on to the access point communicate. Other information such as the signal strength and the MAC address of the WLAN interface is also shown. Note The page is only available for SCALANCE W780 for SCALANCE W780 if there is an online connection to the device. in access point mode. with KEY-PLUG inserted: W780 iFeatures (MLFB 6GK5 907-8PA00) Displayed values Associates Stations Shows the number of clients logged in to the access point. The table has the following columns: AID (Associated ID) Shows the connection ID of the client. If the client connects to the access point via the VAP interface, the client is assigned a connection ID. The connection ID is unique within a VAP interface. If two clients log on at different VAP interfaces, both clients can receive the same ID. Radio Shows the available WLAN interfaces. Port Shows the VAP interface. MAC Address Shows the MAC address of the client. System Name Shows the system name of the client if the client communicates this to the access point. Not all clients support this parameter. TX Chain Shows the antenna connector over which the client communicates with the access point. Signal Strength [dBm] Shows the signal strength of the connected client in bBm. Signal Strength [%] Shows the signal strength of the connected client as a percentage. Age [s] Shows the age of the listed client. 1486 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks iREF WDS List The page shows the access points logged on to the access point via a WDS link. Information such as the antenna used and the signal strength of the WLAN interface is shown. Note The page is only available SCALANCE W780 SCALANCE W770 if there is an online connection to the device. in access point mode. with KEY-PLUG inserted: Access point W780 iFeatures (MLFB 6GK5 907-8PA00) Displayed values Connected WDS partners Shows the number of access points logged in to the access point The table has the following columns: Radio Shows the available WLAN interfaces. Port Shows the WDS interface. BSSID Shows the MAC address of the WDS partner. WDS ID Shows the name of the WDS partner. TX Chain" Shows the antenna connector over which the two access points communicate with each other. Signal Strength [dBm] Shows the signal strength of the connected access point in bBm. Signal Strength [%] Shows the signal strength of the connected access point as a percentage. WinCC Advanced V14 System Manual, 10/2016 1487 Editing devices and networks 10.1 Configuring devices and networks AeroScout Note The page is only available for SCALANCE W780 and SCALANCE W774-1 RJ-45 if there is an online connection to the device. in access point mode. with KEY-PLUG inserted: Access points W780 iFeatures (MLFB 6GK5 907-8PA00) Note AeroScout and iPCF mode The AeroScout function cannot be combined with other iFeatures (iPCF, iPCF-MC iREF). AeroScout can only be used in the 2.4 GHz band according to IEEE 802.11g, IEEE 802.11n and IEEE 802.11n-only. For more detailed information, please refer to the AeroScout documentation of (www.aeroscout.com). Displayed values Tag Information forwarding Shows the setting of the management program. In the management program that evaluates the AeroScout frames, you can specify whether or not an IWLAN device will forward frames. Note No evaluation or processing With a suitable configuration, the SCALANCE W device forwards AeroScout frames but does not process or evaluate them itself. This is done only in the "AeroScout System Manager" program. AeroScout Status Shows whether or not AeroScout is activated. You can set this for each WLAN interface of the device in "iFeatures > AeroScout". If you have enabled forwarding, "active" is displayed here, otherwise "inactive" Engine Port Shows the port at which the device expects UDP datagrams from the AeroScout Engine. Response Port Shows the port via which the device forwards the received AeroScout frames. Response IP Shows the IP address of the PC on which the AeroScout Engine for evaluation of the AeroScout frames is running. Multicast Address Shows the multicast address that the tag uses. The multicast address is configured in the AeroScout Engine. 1488 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Acknowledgments Sent Shows the number of acknowledgments sent by the device. The number reflects the received UDP datagrams. Messages Dropped Shows the number of AeroScout frames that were discarded by the device. If, for example, an AeroScout tag is configured so that it sends on channel 1, the device does not forward a frame received on channel 6. Configuring system functions Configuration Specify the services that access the device. With some services, there are further configuration pages on which more detailed settings can be made. Settings The page contains the configuration overview of the access options of the device. Telnet Server Enable or disable the "Telnet Server" service for unencrypted access to the CLI. SSH server Enable or disable the "SSH Server" service for encrypted access to the CLI. HTTPS Server only Enable or disable access using HTTP. DNS client Enable or disable the DNS client. You can configure other settings in "System > DNS Client". SMTP Client Enable or disable the SMTP client. You can configure other settings in "System > SMTP Client". Syslog Client Enable or disable the system event client. You can configure other settings in "System > Syslog Client". DCP Server Specify whether or not the device can be accessed with DCP (Discovery and Configuration Protocol): - "-" (disabled) DCP is disabled. Device parameters can neither be read nor modified. - Read/write access With DCP, device parameters can be both read and modified. - Read-Only With DCP, device parameters can be read but cannot be modified. WinCC Advanced V14 System Manual, 10/2016 1489 Editing devices and networks 10.1 Configuring devices and networks Time Select the required setting. The following settings are possible: - Manual The system time is set manually. - SIMATIC Time The system time is set using a SIMATIC time transmitter. You can configure other settings in "System > System Time > SIMATIC Time Client". - SNTP Client The system time is set via an SNTP server. You can configure other settings in "System > System time > SNTP client". - NTP Client The system time is set via an NTP server. You can configure other settings in "System > System Time > NTP Client". SNMP Select the required protocol. The following settings are possible: - "-" (SNMP disabled) Access to device parameters using SNMP is not possible. - SNMPv1/v2c/v3 Access to device parameters is possible with SNMP versions 1, 2c or 3. You can configure other settings in "System > SNMP > General". - SNMPv3 Access to device parameters is possible with SNMP version 3. You can configure other settings in "System > SNMP > General". SNMPv1/v2 Read-Only Enable or disable write access to SNMP variables with SNMPv1/v2c. SNMPv1 Traps Enable or disable the sending of SNMP traps (alarm frames). You can configure other settings in "System > SNMP > Traps". DHCP Client Enable or disable the DHCP client. You can configure other settings in "System > DHCP client". 1490 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SINEMA configuration interface If the SINEMA configuration interface is enabled, you can download configurations to the device via the TIA Portal. Configuration Mode Select the required mode. The following modes are possible: - Automatic Save Automatic backup mode. Approximately 1 minute after the last parameter change or when you restart the device, the configuration is automatically saved. In addition to this, the following message appears in the display area "Changes will be saved automatically in x seconds. Press 'Write Startup Config' to save immediately". Note Interrupting the save Saving starts only after the timer in the message has elapsed. How long saving takes depends on the device. During the save, the message "Saving configuration data in progress. Please do not switch off the device" is displayed. Do not switch off the device immediately after the timer has elapsed. - Trial Trial mode. In Trial mode, although changes are adopted, they are not saved in the configuration file (startup configuration). To save changes in the configuration file, use the "Write Startup Config" button. The "Write Startup Config" button is displayed when you set trial mode. In addition to this after every parameter change the following message is displayed in the display area: "Trial Mode Active - Press "Write Startup Config" button to make your settings persistent" as soon as there are unsaved modifications. This message can be seen on every WBM page until the changes made have either been saved or the device has been restarted. General Device This page contains the general device information. Settings Current System Time(Only available online) Shows the current system time. The system time is either set by the user or by a time-ofday frame: either SINEC H1 time-of-day frame, NTP or SNTP. (readonly) System Up Time(only available online) Shows the operating time of the device since the last restart. (readonly) Device Type(only available online) Shows the type designation of the device. (readonly) WinCC Advanced V14 System Manual, 10/2016 1491 Editing devices and networks 10.1 Configuring devices and networks System Name You can enter the name of the device. The entered name is displayed in the selection area. A maximum of 255 characters are possible. The system name is also displayed in the CLI input prompt. The number of characters in the CLI input prompt is limited. The system name is truncated after 16 characters. System Contact You can enter the name of a contact person responsible for managing the device. Location You can enter the location of the device. The entered installation location is displayed in the selection area. Note The ASCII characters 0x20 to 0x7e are used in the input boxes. At the start and end of the input boxes"System name", "System Contact" and "System Location", the characters "<", ">" and "space" are not permitted. Coordinates On this page, you configure the geographic coordinates (latitude, longitude and the height above the ellipsoid according to WGS84). These boxes are purely for information with a maximum length of 32 characters. Getting the coordinates Use suitable maps for obtaining the geographic coordinates of the device. The geographic coordinates can also be obtained using a GPS receiver. The geographic coordinates of these devices are normally displayed directly and only need to be entered in the input boxes of this page. 1492 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Latitude Enter the north or south latitude for the location of the device. For example, +49 1 31.67" means that the device is located at 49 degrees, 1 arc minute and 31.67 arc seconds north latitude. A south latitude is shown by a preceding minus character. You can also append the letters N (north latitude) or S (south latitude) to the numeric information (49 1 31.67" N). Longitude Enter the value of the eastern or western longitude of the location of the device. For example, +8 20 58.73" means that the device is located at 8 degrees, 20 minutes and 58.73 seconds east. A western longitude is indicated by a preceding minus sign. You can also add the letter E (eastern longitude) or W (western longitude) to the numeric information (8 20 58.73" E). Height Enter the value of the height above sea level in meters. For example, 158 m means that the device is located at a height of 158 m above sea level. Heights below sea level (for example the Dead Sea) are indicated by a preceding minus sign. Agent IP Configuration of the IP addresses On this page, you configure the IP address for the device. Settings IP Assignment Method Shows how the IP address is assigned. - Static The IP address is static. You enter the IP settings in "IP Address" and "Subnet Mask". - Dynamic (DHCP) The device obtains a dynamic IP address from a DHCP server. IP Address Enter the IP address of the device. If you change the IP address, the Web browser should automatically set itself to the new address. If this does not happen, enter the new address in the Web browser manually. Subnet Mask Enter the subnet mask of the device. Default Gateway Enter the IP address of the default gateway to be able to communicate with devices in another subnet, for example diagnostics stations, e-mail server. WinCC Advanced V14 System Manual, 10/2016 1493 Editing devices and networks 10.1 Configuring devices and networks Agent VLAN ID Select the VLAN ID from the drop-down list. The drop-down list is only available if "802.1 Q VLAN Bridge" is set for the "Base Bridge Mode" parameter. You configure the parameter in "Layer 2 > VLAN > General". You can only select VLANs that have already been configured. Note Changing the agent VLAN ID If the configuration PC is connected directly to the device via Ethernet and you change the agent VLAN ID, the device is no longer reachable via Ethernet following the change. MAC Address (only available online) Shows the MAC address of the device. The MAC address is linked to the hardware and cannot be modified. DNS client The DNS server (Domain Name System) assigns a domain name to an IP address so that a device can be uniquely identified. If this setting is enabled, the device can communicate with a DNS server as a DNS client. Note Only resource records (RR) of type A (IPv4 address of a host) are supported. Settings DNS client Enable or disable depending on whether the device should operate as a DNS client. DNS server used - learned only The device uses only the DNS servers assigned by DHCP. - manual only The device uses only the manually configured DNS servers. The DNS servers must be connected to the Internet. - all The device uses all available DNS servers. DNS Server Address Enter the IP address of the DNS server. The table has the following columns: DNS Server Address Shows the IP address of the DNS server. Origin This shows whether the DNS server was configured manually or was assigned by DHCP. 1494 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Restart On this page, there is a button with which you can restart the device and various options for resetting to the device defaults. Note The page is only available if there is an online connection to the device. Note Note the following points about restarting a device: You can only restart the device with administrator privileges. A device should only be restarted with the buttons of this page or with the appropriate CLI commands and not by a power cycle on the device. Any modifications you have made only become active on the device after clicking the "Set Values" button on the relevant page. If the device is in "Trial Mode", configuration modifications must be saved manually before a restart. In "Automatic Save" mode, the last changes are saved automatically before a restart. WinCC Advanced V14 System Manual, 10/2016 1495 Editing devices and networks 10.1 Configuring devices and networks Settings The following options are available for restarting: Restart Click this button to restart the system. You must confirm the restart in a dialog box. During a restart, the device is reinitialized, the internal firmware is reloaded, and the device runs a self-test. The learned entries in the address table are deleted. You can leave the browser window open while the device restarts. You then need to log in again. Restore Memory Defaults and Restart Click on this button to restore the factory configuration settings with the exception of the following parameters and to restart: - IP addresses - Subnet mask - IP address of the default gateway - DHCP client ID - DHCP - System name - System location - System contact - Mode of the device Restore Factory Defaults and Restart Click on this button to restore the factory configuration settings. The protected defaults are also reset. An automatic restart is triggered. Note By resetting all the defaults to the factory configuration settings, the IP address is also lost. Following this, the device can only be accessed using the Primary Setup Tool or using DHCP. With the appropriate attachment, a previously correctly configured device can cause circulating frames and therefore the failure of the data traffic. Commit Control Description Note The page is only available if there is an online connection to the device. On this page, you specify when the WLAN settings become effective on the device. If you change a WLAN setting and confirm the change, this change is adopted and takes effect 1496 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks immediately. To do this, the WLAN connection is briefly interrupted. This means that you can lose the WLAN connection to your device before it is fully configured. With the "Manual Commit" setting, you have the opportunity of first fully configuring the device. The changes are accepted, but are not active immediately. The changes only take effect when you confirm the changes with the "Set Values" button. Note If you configure the device via the WLAN interface, we recommend that you use the "Manual Commit" setting. Check the parameters again before you confirm the changes with the "Set Values" button. Settings Commit Mode Select the required setting. - Automatic Commit Each change in the WLAN settings is adopted and is immediately effective when you click the "Set Values" button. With its default setting, the SCALANCE W700 device is set to "Automatic Commit". - Manual Commit The changes are accepted, but do not take effect immediately. The changes only take effect when you click the "Set Values" button. The "Commit Changes" button is displayed when you set "Manual Commit". In addition to this the message "Manual Commit Mode active - Click the "Commit Changes" button to to provide current configuration to driver" appears as soon as there are WLAN changes. This message can be seen on every WBM page until the changes made have either taken effect or the device has been restarted. Note When the changes take effect, the WLAN connection to all WLAN interfaces will be interrupted for a short time. The WLAN driver is started with the new settings. WinCC Advanced V14 System Manual, 10/2016 1497 Editing devices and networks 10.1 Configuring devices and networks Load & save Overview of the file types Table 10-99 HTTP File type Description Down load Save Delete Config Start configuration X X -- ConfigPack Detailed configuration information. for example, start configuration, users, certificates, firmware of the device (if saved as well). X X -- For more detailed information on creating and using the ConfigPack incl. firmware, refer to the section "Maintenance". CountryList The zip file contains the country list as a csv and as a pdf file. -- X -- Debug This file contains information for Siemens Support. -- X X EDS Electronic Data Sheet (EDS) -- X -- Electronic data sheets for describing devices in the EtherNet/IP mode Firmware Loading firmware updates X X -- GSDML Information on the device properties (PROFINET) -- X -- HTTPS Cert HTTPS certificate X X X Maximum file size: 8 KB LogFile File with entries from the event log table -- X -- MIB Private MSPS MIB file "Scalance_w_msps.mib" -- X -- RunningCLI This file contains an overview of the current config uration in the form of CLI commands. You can down load the text file. The file is not intended to be uploa ded again unchanged. -- X -- Script CLI script file X -- -- StartupInfo Startup log file -- X -- Users File with user names and passwords X X -- WLANAuth log File with entries from the WLAN Authentication Log (information on successful or failed authentication attempts) -- X -- WLANCert (in client mode only) User certificate. You can specify a password for the user certificate on the WBM page "Load&Save > Password". X X X X X X Maximum file size: 8 KB WLANServ Cert (in client mode only) 1498 Server certificate Maximum file size: 8 KB WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks File type Description WLANSi gRec (in client mode only) The zip file contains the following: Down load Save Delete -- X X -- X X csv file with the measured values of the signal recorder pdf file with the measured values and an additional graphic representation of the measured values. You will find information about the measured values and their graphic representation in the section "AU TOHOTSPOT". WLANSpec trumAnalyz er (Only in ac cess point mode) The Zip file contains a csv file with the measured values of the spectrum analyzer. You will find information about the measured values and their graphic representation in the section "AU TOHOTSPOT". Table 10-100 TFTP File type Description Save Down load Config Start configuration X X ConfigPack Detailed configuration information. for example, start configuration, users, certificates, firmware of the de vice (if saved as well). X X For more detailed information on creating and using the ConfigPack incl. firmware, refer to the section "Maintenance". CountryList The zip file contains the country list as a csv and as a pdf file. X -- Debug This file contains information for Siemens Support. X -- EDS Electronic Data Sheet (EDS) X -- Electronic data sheets for describing devices in the EtherNet/IP mode Firmware Loading firmware updates X X GSDML Information on the device properties (PROFINET) X -- HTTPS Cert HTTPS certificate X X Maximum file size: 8 KB WinCC Advanced V14 System Manual, 10/2016 LogFile File with entries from the event log table X -- MIB Private MSPS MIB file "Scalance_w_msps.mib" X -- RunningCLI This file contains an overview of the current configura tion in the form of CLI commands. You can download the text file. The file is not intended to be uploaded again unchanged. X -- Script CLI script file -- X StartupInfo Startup log file X -- Users File with user names and passwords X X 1499 Editing devices and networks 10.1 Configuring devices and networks File type Description Save Down load WLANAuthlog File with entries from the WLAN Authentication Log (in formation on successful or failed authentication at tempts) X -- WLANCert User certificate. You can specify a password for the (in client mode only) user certificate on the WBM page "Load&Save > Pass word". X X WLANServerCert Server certificate (in client mode only) Maximum file size: 8 KB X X WLANSigRec The zip file contains the following: (in client mode only) csv file with the measured values of the signal recorder X -- X -- Maximum file size: 8 KB pdf file with the measured values and an additional graphic representation of the measured values. You will find information about the measured values and their graphic representation in the section "AUTO HOTSPOT". WLANSpectrumA nalyzer (Only in access point mode) The Zip file contains a csv file with the measured values of the spectrum analyzer. You will find information about the measured values and their graphic representation in the section "AUTO HOTSPOT". Uploading and saving using HTTP Loading and saving data via HTTP This page allows you to store device data in an external file on your client PC or to load such data from an external file from the client PC to the devices. This means, for example, that you can also load new firmware from a file located on your client PC. Note The page is only available if there is an online connection to the device. This page is available both for connections using HTTP and for connections using HTTPS. 1500 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Note Incompatibility with predecessor versions During the installation of a previous version, the configuration data and log files can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. Incompatibility with previous firmware versions with/without PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "Not Accepted" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using the WBM page "System > PLUG". Configuration files Note Configuration files and trial mode/automatic save mode In "Automatic Save" mode, the data is saved automatically before the configuration files (ConfigPack and Config) are transferred. In trial mode, although the changes are adopted, they are not saved in the configuration files (ConfigPack and Config). Use the "Write Startup Config" button on the "System > Configuration" WBM page to save changes in the configuration file. CLI script file You can download existing CLI configurations (RunningCLI) and upload your own CLI scripts (Script). Note The downloadable CLI script is not intended to be uploaded again unchanged. Settings The table has the following columns: Type Shows the designation of the file. Description Shows the short description of the file type. WinCC Advanced V14 System Manual, 10/2016 1501 Editing devices and networks 10.1 Configuring devices and networks Load With this button, you can upload files to the device. The button can be enabled, if this function is supported by the file type. Save With this button, you can save files from the device. The button can only be enabled if this function is supported by the file type and the file exists on the device. Delete With this button, you can delete files from the device. The button can only be enabled if this function is supported by the file type and the file exists on the device. Note Following a firmware update, delete the cache of your Internet browser. Uploading and saving using TFTP Loading and saving data via a TFTP server On this page, you can configure the TFTP server and the file names. You can also store device data in an external file on a TFTP server or load such data from an external file from the TFTP server to the devices. This means, for example, that you can also load new firmware from a file located on a TFTP server. Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Note Incompatibility with predecessor versions During the installation of a previous version, the configuration data and log files can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. Incompatibility with previous firmware versions with/without PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "Not Accepted" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using the WBM page "System > PLUG". 1502 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration files Note Configuration files and Trial mode/Automatic Save In "Automatic Save" configuration mode, the data is saved automatically before the configuration files (ConfigPack and Config) are transferred. In trial mode , although the changes are adopted, they are not saved in the configuration files (ConfigPack and Config). Use the "Write Startup Config" button on the "System > Configuration" WBM page to save changes in the configuration files. CLI script file You can download existing CLI configurations (RunningCLI) and upload your own CLI scripts (Script). Note The downloadable CLI script is not intended to be uploaded again unchanged. Settings TFTP Server IP Address Enter the IP address or the FQDN of the TFTP server with which you exchange data. TFTP Server Port Here, enter the port of the TFTP server via which data exchange will be handled. If necessary, you can change the default value 69 to your own requirements. The table has the following columns: File type Shows the designation of the file. Description Shows the short description of the file type. WinCC Advanced V14 System Manual, 10/2016 1503 Editing devices and networks 10.1 Configuring devices and networks File name A file name is preset here for every file type. Note Changing the file name You can change the file name preset in this column. After clicking the "Set Values" button, the changed name is stored on the device and can also be used with the Command Line Interface. Select action (only available online) Select the required action. The selection depends on the selected file type, for example you can only save the log file. The following actions are possible: - Save file With this selection, you save a file on the TFTP server. - Load file With this selection, you load a file from the TFTP server. Passwords Password for certificates There are files to which access is password protected. To load the file on the device, enter the password specified for the file on the WBM page. Note User and server certificate in one file If the user and the server certificate are located in the same file, load this file on the device as the user certificate and as the server certificate. Note In Access Point mode, only the HTTPS certificate is available. Settings Type Shows the certificate Description Shows the short description of the certificate. Enabled When selected, the password is used. Can only be enabled if the password is configured. Password Enter the password for the file. 1504 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Password Confirmation Confirm the new password. Status Shows whether the current settings for the file match the device. - Valid the "Enabled" check box is selected and the password matches the certificate. - Invalid the "Enabled" check box is selected but the password does not match the certificate or no certificate has been loaded yet. - '-' The password cannot be evaluated or is not yet being used. The "Enabled" check box is not selected. Events Configuration On this page, you specify how the device reacts to system events. By enabling the appropriate options, you specify how the device reacts to events. To enable or disable the options, click the relevant settings of the columns. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all events of table 2. E-mail / Trap / Log Table / Syslog / Faults Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1505 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Event The column contains the following values: - Cold/Warm Restart The device was turned on or restarted by the user. - Link Change This event occurs only when the port status is monitored and has changed, see "System > Fault Monitoring > Link Change". - Authentication error This event occurs when attempting access with a bad password. - Power Change This event occurs when power supply lines 1 and 2 are monitored. It indicates that there was a change to line 1 or line 2. The event occurs when the PoE power supply has failed, see "System > Fault Monitoring > Power Supply". - Spanning Tree Change The STP or RSTP or MSTP topology has changed. - Fault State Change The fault status has changed. The fault state can relate to the activated port monitoring, the response of the signaling contact or the power supply monitoring. - Overlap AP Detection (only in access point mode) This event is triggered when there is an entry in the Overlap AP list. - WDS (Only in access point mode) The connection status of a WDS link has changed. - DFS (Only in access point mode) This event occurs if a radar signal was received or the DFS scan was started or stopped. - WLAN General (Only in access point mode) This event occurs if a the channel bandwidth has changed. - WLAN Authentication Log Forwarding of the entries from the WLAN authentication log to the system protocol server. - WLAN De/Authentication (Only in client mode) With successful or failed WLAN authentication attempts. - iPCF Cycle Time (Only in access point mode) Only available when the KEY-PLUG is inserted. This event occurs if too many clients are logged on for the set iPCF cycle time or if some clients were not reached in one cycle. - iPCF Poll Size Only available when the KEY-PLUG is inserted. This event occurs if the PROFINET data size is too large for transfer. E-mail The device sends an e-mail. This is only possible if the SMTP server is set up and the "SMTP client" function is enabled. 1506 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Trap The device sends an SNMP trap. This is only possible if "SNMPv1 Traps" is enabled in "System > Configuration". Log Table The device writes an entry in the event log table. Syslog The device writes an entry to the system log server. This is only possible if the system log server is set up and the "Syslog client" function is enabled. Faults The device triggers an error. The error LED lights up. E-mail The device sends an e-mail. This is only possible if the SMTP server is set up and the "SMTP client" function is enabled. Trap The device sends an SNMP trap. This is only possible if "SNMPv1 traps" is enabled in "System > Configuration". Log table The device writes an entry in the log table. Syslog The device writes an entry to the system log server. This is only possible if the system log server is set up and the "Syslog client" function is enabled. Fault The device triggers a fault. The error LED lights up Severity filter On this page, set the threshold levels for sending system event notifications. WinCC Advanced V14 System Manual, 10/2016 1507 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following columns: Client Type Select the client type for which you want to make settings: - E-mail Sending system event messages by e-mail - Log table Entry of system events in the log table. - Syslog Entering system events in the Syslog file - WLAN Authentication Log Forwarding of the entries from the WLAN Authentication Log to the system protocol server. Can only be configured with SCALANCE W770 and SCALANCE W780 Severity Select the required level. The following settings are possible: - Info System events are processed as of the severity level "Info". - Warning System events are processed as of the severity level "Warning". - Critical System events are processed as of the severity level "Critical". SMTP client The device provides the option of automatically sending an e-mail if an alarm event occurs (for example to the network administrator). The e-mail contains the identification of the sending device, a description of the cause of the alarm in plain language, and a time stamp. This allows centralized network monitoring to be set up for networks with few nodes based on an E-mail system. When an e-mail error message is received, the WBM can be started by the Internet browser using the identification of the sender to read out further diagnostics information. On this page, you can configure up to three SMTP servers and the corresponding e-mail addresses. Settings SMTP Client Enable or disable the SMTP client. Sender Email Address Enter the name of the sender to be included in the e-mail, for example the device name. This setting applies to all configured SMTP servers. Send Test Mail Send a test e-mail to check your configuration. 1508 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SMTP Port Enter the port via which your SMTP server can be reached. Factory settings: 25 This setting applies to all configured SMTP servers. SMTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the SMTP server. This table contains the following columns: SMTP Server Address Shows the IP address or the FQDN (Fully Qualified Domain Name) of the SMTP server. Email address of the recipient Enter the e-mail address to which the device sends an e-mail if a fault occurs. Syntax of email addresses The following conditions apply to e-mail addresses: Alphanumeric characters are permitted. The following special characters are permitted: - @ - _ (underscore) - - (hyphen) - . (period) A @ character must be included. Only one @ may be used. The characters "@" and the "." must not be the first or last character. DHCP DHCP client If the device is configured as a DHCP client, it starts a DHCP query. As the reply to the query the device receives an IPv4 address from the DHCP server. The server manages an address range from which it assigns IPv4 addresses. It is also possible to configure the server so that the client always receives the same IPv4 address in response to its request. WinCC Advanced V14 System Manual, 10/2016 1509 Editing devices and networks 10.1 Configuring devices and networks Settings DHCP client configuration file request (opt 66, 67) Select this option if you want the DHCP client to use options 66 and 67 to download and then enable a configuration file. DHCP Mode Select the DHCP mode. The following modes are possible: - via MAC Address Identification is based on the MAC address. - via DHCP Client ID Identification is based on a freely defined DHCP client ID. - Via System Name Identification is based on the system name. If the device name is 255 characters long, the last character is not used for identification. - via PROFINET Name of Station Identification is based on the PROFINET name of the station. This table contains the following columns: Interface Interface to which the setting relates. DHCP Enable or disable the DHCP client for the relevant interface. DHCP server Note The page is only available for SCALANCE W780 / W770 / W740 / W730, W761-1 RJ-45 and W722-1 RJ-45 You can operate the device as a DHCP server. This allows IPv4 addresses to be assigned automatically to the connected devices. The IPv4 addresses are either distributed dynamically from an IPv4 address band you have specified or a specific IPv4 address (static) can be assigned to a particular device. On this page, specify the IPv4 address band from which the device receives any IPv4 address. You configure the static assignment of the IPv4 addresses in "Static IP addresses". 1510 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement In access point mode - The connected devices are configured so that they obtain the IPv4 address from a DHCP server. In client mode - The connected devices are configured so that they obtain the IPv4 address from a DHCP server. - NAT is enabled. You enable NAT in "Layer 3 > NAT". Settings DHCP server Enable or disable the DHCP server on the device. Note To avoid conflicts with IPv4 addresses, only one device may be configured as a DHCP server in the network. Note Access point With an access point, the "DHCP Server" function is only possible on the VLAN assigned to the management (agent VLAN ID). Prior to offering, check the address with ICMP echo When selected, the DHCP server checks whether or not the IPv4 address has already been assigned. To do this the DHCP server sends ICMP echo messages (ping) to the IPv4 address. If no reply is received, the DHCP server can assign the IPv4 address. Note If there are devices in your network on which the echo service is disabled as default, there may be conflicts with the IPv4 addresses. To avoid this, assign these devices an IPv4 address outside the IPv4 address band. The table has the following columns: Pool ID Shows the number of the IPv4 address band. Note Only one pool ID (ID = 1) can be created. Enable Specify whether or not this IPv4 address band will be used. Note If the IPv4 address band is enabled, neither DHCP options nor static PPv4 addresses can be configured. WinCC Advanced V14 System Manual, 10/2016 1511 Editing devices and networks 10.1 Configuring devices and networks Interface Specify the interface via which the IPv4 addresses are dynamically assigned. The requirement for the assignment is that the IPv4 address of the interface is located within the IPv4 address band. If this is not the case, the interface does not assign any IPv4 addresses. Subnet Enter the network address range that will be assigned to the devices. Use the CIDR notation. Lower IP address Enter the IPv4 address that specifies the start of the dynamic IPv4 address band. The IPv4 address must be within the network address range you configured for "Subnet". Upper IP address Enter the IPv4 address that specifies the end of the dynamic IPv4 address band. The IPv4 address must be within the network address range you configured for "Subnet". Lease Time [sec] Specify for how many seconds the assigned IPv4 address remains valid. Once this period has elapsed, the device must either request a new IPv4 address or extend the lease time of the existing IPv4 address. DHCP options Note The page is only available for SCALANCE W780 / W770 / W740 / W730, W761-1 RJ-45 and W722-1 RJ-45 On this page you specify which DHCP options the DHCP server supports. The various DHCP options are defined in RFC 2132. Settings Pool ID Select the required IPv4 address band. Option Code Enter the number of the required DHCP option. The various DHCP options are defined in RFC 2132. The DHCP options 1, 3, 6, 66 and 67 are created automatically when the IPv4 address band is created. With the exception of option 1, the options can be deleted. With the DHCP option 3, the internal IPv4 address of the device is automatically set as a DHCP parameter. Note Not supported DHCP servers The DHCP options 50 - 60 and 255 are not supported. 1512 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Pool ID Shows the number of the IPv4 address band. Option Code Shows the number of the DHCP option. Use Interface IP Specify whether or not the internal IPv4 address of the device will be used. Value Enter the DHCP parameter that is transferred to the DHCP client. The content depends on the DHCP option. - DHCP option 67 (boot file name) Enter the name of the boot file in the string format. - DHCP options 3 (Router) and 6 (DNS): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2. With DHCP option 6, you can specify several IPv4 addresses separated by commas. - DHCP option 66 (TFTP Server): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2 or the FQDN name. - All other DHCP options Enter the DHCP parameter in hexadecimal, e.g. the IPv4 address 192.168.100.2 corresponds to "C0A86402". Static IP addresses Note The page is only available for SCALANCE W780 / W770 / W740 / W730, W761-1 RJ-45 and W722-1 RJ-45 On this page you specify that devices with a certain MAC address are assigned to the selected IPv4 address. Settings Pool ID Select the required IPv4 address band. Client Identification Method Select the method according to which a client is identified. - Ethernet MAC The client is identified by its MAC address. - Client ID The client is identified by a freely defined DHCP client ID. Value Enter the MAC address. WinCC Advanced V14 System Manual, 10/2016 1513 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Pool ID Shows the number of the IPv4 address band. Note Only Pool ID = 1 is supported. Identification Method Shows whether the client is identified by its MAC address or the client ID. Value Shows the MAC address to which the IPv4 address is assigned. IP Address Specify the IPv4 address. The IPv4 address must match the subnet of the IPv4 address band. SNMP General On this page, you make the basic settings for SNMP. Enable the options according to the function you want to use. Settings SNMP Select the SNMP protocol. The following settings are possible: - "-" (disabled) SNMP is disabled. - SNMPv1/v2c/v3 SNMPv1/v2c/v3 is supported. - SNMPv3 Only SNMPv3 is supported. SNMPv1/v2 Read-Only If you enable this option, SNMPv1/v2c can only read the SNMP variables. Note Community String For security reasons, do not use the standard values "public" or "private". Change the community strings following the initial installation. SNMPv1/v2c Read Community String Enter the community string for access of the SNMP protocol. SNMPv1/v2c Read/Write Community String Enter the community string for read and write access of the SNMP protocol. 1514 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks SNMPv1 Traps Enable or disable the sending of SNMP traps (alarm frames). On the "Trap" tab, specify the IP addresses of the devices to which SNMP traps will be sent. SNMPv1/v2c Trap Community String Enter the community string for sending SNMPv1/v2 messages. SNMPv3 User Migration - Enabled If the function is enabled, an SNMP engine ID is generated that can be migrated. You can transfer configured SNMPv3 users to a different device. If you enable this function and load the configuration of the device on another device, configured SNMPv3 users are retained. - Disabled If the function is disabled, a device-specific SNMP engine ID is generated. To generate the ID, the agent MAC address of the device is used. You cannot transfer this SNMP user configuration to other devices. If you load the configuration of the device on another device, all configured SNMPv3 users are deleted. SNMP Engine ID Shows the SNMP engine ID. Traps If an alarm event occurs, a device can send SNMP traps (alarm frames) to up to ten different management stations at the same time. Traps are only sent if the events specified in "Events" occur. Note SNMP traps are sent only when the "SNMPv1 Traps" setting was selected in "SNMP > General". Settings Trap Receiver Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the station to which the device sends SNMP traps. You can specify up to ten different recipients. The table has the following columns: Trap Receiver Address If necessary, change the IP addresses or the FQDN of the stations. Trap Enable or disable the sending of SNMP traps. Stations that are entered but not selected do not receive SNMP traps. WinCC Advanced V14 System Manual, 10/2016 1515 Editing devices and networks 10.1 Configuring devices and networks v3 Groups Security settings and assigning permissions SNMP version 3 allows permissions to be assigned, authentication, and encryption at protocol level. The security levels and read/write permissions are assigned according to groups. The settings automatically apply to every member of a group. Settings Group Name Enter the name of the group. The maximum length is 32 characters. Security Level Select the security level (authentication, encryption) valid for the selected group. You have the following options for the security levels: - no Auth/no Priv No authentication enabled / no encryption enabled. - Auth/no Priv Authentication enabled / no encryption enabled. - Auth/Priv Authentication enabled / encryption enabled. The table has the following columns: Group Name Shows the defined group names. Note Once a group name and the security level have been specified, they can no longer be modified after the group is created. If you want to change the group name or the security level , you will need to delete the group and recreate it and reconfigure it with the new name. Security Level Shows the configured security level. Read Enable or disable read access for the required group. 1516 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Write Enable or disable write access for the required group. Note For write access to work, you also need to enable read access. Persistence Shows whether or not the group is assigned to an SNMPv3 user. If the group is not assigned to an SNMPv3 user, no automatic saving is triggered and the configured group disappears again after restarting the device. - Yes The group is assigned to an SNMPV3 user. - No The group is not assigned to an SNMPV3 user. v3 users User-specific security settings On the WBM page, you can create new SNMPv3 users and modify or delete existing users. The user-based security model works with the concept of the user name; in other words, a user ID is added to every frame. This user name and the applicable security settings are checked by both the sender and recipient. Settings User name Enter a freely selectable user name. After you have entered the data, you can no longer modify the name. The table has the following columns: User name Shows the created users. Group Name Select the group to which the user will be assigned. Authentication Protocol Specify the authentication protocol for which a password will be stored. The following settings are available: - None - MD5 - SHA Encryption Protocol Specify whether or not a password should be stored for encryption with the DES algorithm. Can only be enabled when an authentication protocol has been selected. WinCC Advanced V14 System Manual, 10/2016 1517 Editing devices and networks 10.1 Configuring devices and networks Authentication Password Enter the authentication password. This password must have at least 6 characters, the maximum length is 32 characters. Confirm authentication password Confirm the password by repeating the entry. Encryption Password Enter your encryption password. This password must have at least 6 characters, the maximum length is 32 characters. Confirm Encryption Password Confirm the encryption password by repeating the entry. Persistence Shows whether or not the user is assigned to an SNMPv3 group. If the user is not assigned to an SNMPv3 group, no automatic saving is triggered and the configured user disappears again after restarting the device. - Yes The user is assigned to an SNMPv3 group. - No The user is not assigned to an SNMPv3 group. System time Manual time setting There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. On this page, you set the date and time of the system. For this setting to be used, enable "Manual time setting". Note The page is only available if there is an online connection to the device. Settings Time Manually Enable or disable the manual time setting. If you enable the option, the "System Time" input box can be edited. System Time Enter the date and time in the format "MM/DD/YYYY HH:MM:SS". Use PC Time Click the button to use the time setting of the PC. 1518 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Last Synchronization Time Shows when the last time-of-day synchronization took place. If no time-of-day synchronization was possible, the box displays "Date/time not set". Last Synchronization Mechanism This box displays how the last time-of-day synchronization was performed. - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame. - PTP Automatic time-of-day synchronization with PTP DST overview On this page, you can create new entries for the daylight saving time changeover. The table provides an overview of the existing entries. Settings DST No. Shows the number of the entry. If you create a new entry, a new line with a unique number is created. Name Shows the name of the entry. Year Shows the year for which the entry was created. Start Date Shows the month, day and time for the start of daylight saving time. End Date Shows the month, day and time for the end of daylight saving time. Recurring Date With an entry of the type "Rule", the period in which daylight saving time is active is displayed consisting of week, day, month and time of day. With an entry of the type "Date" a "-" is displayed. WinCC Advanced V14 System Manual, 10/2016 1519 Editing devices and networks 10.1 Configuring devices and networks State Shows the status of the entry: - enabled The entry was created correctly. - invalid The entry was created new and the start and end date are identical. Type Shows how the daylight saving time changeover is made: - Date A fixed date is entered for the daylight saving time changeover. - Recurring A rule was defined for the daylight saving time changeover. DST configuration On this page, you can configure the entries for the daylight saving time changeover. As result of the changeover to daylight saving or standard time, the system time for the local time zone is correctly set. You can define a rule for the daylight saving time changeover or specify a fixed date. Settings Note The content of this page depends on the selection in the "Type" box. The boxes "DST No.", "Type" and "Name" are always shown. DST No. Select the type of the entry. Type Select how the daylight saving time changeover is made: - Date You can set a fixed date for the daylight saving time changeover. This setting is suitable for regions in which the daylight saving time changeover is not governed by rules. - Recurring You can define a rule for the daylight saving time changeover. This setting is suitable for regions in which the daylight saving time always begins or ends on a certain weekday. Name Enter a name for the entry. 1520 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings with "Date" selected You can set a fixed date for the start and end of daylight saving time. Year Enter the year for the daylight saving time changeover. Start Date Enter the following values for the start of daylight saving time: - Day Specify the day. - Hour Specify the hour. - Month Specify the month. End Date Enter the following values for the end of daylight saving time: - Day Specify the day. - Hour Specify the hour. - Month Specify the month. WinCC Advanced V14 System Manual, 10/2016 1521 Editing devices and networks 10.1 Configuring devices and networks Settings with "Recurring" selected You can create a rule for the daylight saving time changeover. Start Date Enter the following values for the start of daylight saving time: - Hour Specify the hour. - Month Specify the month. - Week Specify the week. You can select the 1st to 4th or the last week of the month. - Weekday Specify the weekday. End Date Enter the following values for the end of daylight saving time: - Hour Specify the hour. - Month Specify the month. - Week Specify the week. You can select the 1st to 4th or the last week of the month. - Weekday Specify the weekday. SNTP client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. SNTP (Simple Network Time Protocol) is used for synchronizing the time in the network. The appropriate frames are sent by an SNTP server in the network. Note To avoid time jumps, make sure that there is only one time server in the network. Settings SNTP Client Enable or disable automatic time-of-day synchronization using SNTP. Current System Time (only available online) Shows the current date and current normal time received by the IE switch. If you specify a time zone, the time information is adapted accordingly. 1522 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. Last Synchronization Mechanism (only available online) Shows how the last time-of-day synchronization was performed. The following methods are possible: - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP Time Zone Enter the time zone you are using in the format "+/- HH:MM". The time zone relates to UTC standard world time. The time in the "Current System Time" box is adapted accordingly. Daylight Saving Time Shows whether the daylight saving time changeover is active. - active (offset +1 h) The system time was changed to daylight saving time; in other words an hour was added. The normal time including the time zone continues to be displayed in the "Current System Time" box. The normal time including the time zone continues to be displayed in the "Current System Time" box. - inactive (offset +0 h) The current system time is not changed. SNTP Mode Select the synchronization mode. The following types of synchronization are possible: - Poll If you select this protocol type, the input boxes "SNTP Server Address", "SNTP Server Port" and "Poll Interval[s]" are displayed to allow further configuration. With this type of synchronization, the device is active and sends a time query to the SNTP server. - Listen With this type of synchronization, the device is passive and "listens" for SNTP frames that deliver the time of day. Poll Interval[s] Here, enter the interval between two-time queries. In this box, you enter the query interval in seconds. Possible values are 16 to 16284 seconds. WinCC Advanced V14 System Manual, 10/2016 1523 Editing devices and networks 10.1 Configuring devices and networks SNTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the SNTP server. SNTP Server Port Enter the port of the SNTP server. The following ports are possible: - 123 (standard port) - 1025 to 36564 Primary The check mark is set for the SNTP server that you create first. If several SNTP servers have been created, the primary server is queried first. NTP client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. If you require time-of-day synchronization using NTP, you can make the relevant settings here. Note To avoid time jumps, make sure that there is only one time server in the network. Settings NTP Client Enable or disable automatic time-of-day synchronization using NTP. Current System Time (only available online) Shows the current date and current normal time received by the IE switch. If you specify a time zone, the time information is adapted accordingly. Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. 1524 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Last Synchronization Mechanism (only available online) This box displays how the last time-of-day synchronization was performed. The following methods are possible: - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP Time Zone Enter the time zone you are using in the format "+/- HH:MM". The time zone relates to UTC standard world time. The time in the "Current System Time" box is adapted accordingly. Daylight Saving Time Shows whether the daylight saving time changeover is active. - active (offset +1 h) The system time was changed to daylight saving time; in other words an hour was added. The normal time including the time zone continues to be displayed in the "Current System Time" box. - inactive (offset +0 h) The current system time is not changed. NTP Server Index Select the index of the NTP server. The server with the lowest index is queried first. NTP Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the NTP server. NTP Server Port Enter the port of the NTP server. The following ports are possible: - 123 (standard port) - 1025 to 36564 Poll Interval[s] Here, enter the interval between two time queries. In this box, you enter the poll interval in seconds. Possible values are 64 to 1024 seconds. WinCC Advanced V14 System Manual, 10/2016 1525 Editing devices and networks 10.1 Configuring devices and networks SIMATIC Time Client There are different methods that can be used to set the system time of the device. Only one method can be active at any one time. If one method is activated, the previously activated method is automatically deactivated. On this page, you configure time synchronization with the SIMATIC Time Client. Note To avoid time jumps, make sure that there is only one time server in the network. Settings SIMATIC Time Client Enable or disable the SIMATIC time client. Current System Time (only available online) Shows the current system time. Last Synchronization Time(only available online) Shows when the last time-of-day synchronization took place. Last Synchronization Mechanism (only available online) This box displays how the last time-of-day synchronization was performed. - Not set The time was not set. - Manual Manual time setting - SNTP Automatic time-of-day synchronization using SNTP - NTP Automatic time-of-day synchronization using NTP - SIMATIC Automatic time-of-day synchronization using the SIMATIC time frame - PTP Automatic time-of-day synchronization with PTP 1526 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Auto logout On this page, set the times after which there is an automatic logout from WBM or the CLI following user in activity. Note No automatic logout from the CLI If the connection is not terminated after the set time, check the setting of the "keepalive" mechanism on the Telnet client. If the interval is shorter than the configured time, the connection is kept alive although no user data is transferred. Example: you selected 300 seconds for the automatic logout and 120 seconds is set for the keepalive function. In this case, a packet is sent every 120 seconds that keeps the connection up. Disable the keepalive mechanism (interval time = 0) or Set the interval high enough so that the underlying connection is terminated when there is inactivity. Settings Web Based Management [s] Enter the time in seconds for the automatic logout from WBM. If you enter the value 0, the automatic logout is disabled. CLI (TELNET, SSH) [s] Enter the time in seconds for the automatic logout from the CLI. If you enter the value 0, the automatic logout is disabled. Syslog client Syslog according to RFC 3164 is used for transferring short, unencrypted text messages over UDP in the IP network. This requires a system log server. Requirements for sending log entries: The Syslog function is enabled on the device. The Syslog function is enabled for the relevant event. There is a Syslog server in your network that receives the log entries. Since this is a UDP connection, there is no acknowledgment to the sender. The IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server is entered in the device. WinCC Advanced V14 System Manual, 10/2016 1527 Editing devices and networks 10.1 Configuring devices and networks Settings Syslog Client Enable or disable the Syslog function. Syslog Server Address Enter the IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server. The table contains the following columns: Syslog Server Address Shows the IP address or the FQDN (Fully Qualified Domain Name) of the Syslog server. Server Port Enter the port of the Syslog server being used. Fault Monitoring Power supply Note This page is not available on the SCALANCE W786-2 SFP. Configure whether or not the power supply should be monitored by the messaging system. Depending on the hardware variant, there are one or two power connectors (Supply 1 / Supply 2). With a redundant power supply, configure the monitoring separately for each individual feed-in line. If there is no power on one of the monitored lines (Supply 1 or Supply 2) or when the voltage is too low, a fault is signaled by the signaling system. Note You will find the permitted operating voltage limits in the operating instructions of the device. An error causes the fault LED to light up on the device. Depending on the configuration, the error may trigger a trap, an e-mail or an entry in the event log table. Settings Line 1 Enable or disable the monitoring of power connector 1. Line 2 (not available with W760/W720) Enable or disable the monitoring of power connector 2. 1528 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PoE (not available with W760/W720) Enable or disable the monitoring of the power supply via Ethernet. PROFINET redundancy (not available with W760/W720) With the following devices, you can also configure which power supply will be monitored by PROFINET: - SCALANCE W788-x RJ-45 variants - SCALANCE W748-1 RJ-45 - SCALANCE W774-1 (RJ-45 and M12 variant) - SCALANCE W734-1 RJ-45 Link Change On this page, you configure whether or not an error message is triggered if there is a status change on a network connection. If connection monitoring is enabled, an error is signaled when there should be a link on a port and this is missing. or when there should not be a link on a port and a link is detected. An error causes the signaling contact to trigger and the fault LED to light up on the device. Depending on the configuration, the error may trigger a trap, an e-mail or an entry in the event log table. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Setting Select the required setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. WinCC Advanced V14 System Manual, 10/2016 1529 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns Port Shows the available ports. Setting Select the setting. You have the following options: - Up Error handling is triggered when the port changes to the active status. (From "Link down" to "Link up") - Down Error handling is triggered when the port changes to the inactive status. (From "Link up" to "Link down") - "-" (disabled) The error handling is not triggered. EtherNet/IP EtherNet/IP On this page, you configure the mode of EtherNet/IP. Note Devices with two Ethernet interfaces On devices with two Ethernet interfaces only one of the interfaces (P1 or P2) may be used for the EtherNet/IP configuration. This applies to the following devices: SCALANCE W786-2 SFP . SCALANCE W774-1 RJ-45 SCALANCE W774-1 M12 EEC SCALANCE W734-1 RJ-45. 1530 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Description of the displayed boxes The page contains the following boxes: EtherNet/IP Device Diagnostics Shows whether EtherNet/IP is enabled ("On") or disabled ("Off"). EtherNet/IP Device Diagnostics for next boot Set whether EtherNet/IP will be enabled ("On") or disabled ("Off") after the next device restart. Note EtherNet/IP and PROFINET When EtherNet/IP is turned on, PROFINET is turned off. The switchover from EtherNet/IP and PROFINET has no effect on DCP. Note PROFINET AR Status If a PROFINET connection is established; in other words the PROFINET AR status is "Online", you cannot enable EtherNet/IP. PROFINET Settings for PROFINET This page shows the PROFINET AR status and the device name. Description of the displayed boxes The page contains the following boxes: PROFINET Mode Shows whether PROFINET is enabled ("On") or disabled ("Off"). PROFINET Mode for next boot Set whether PROFINET will be enabled ("On") or disabled ("Off") after the next device restart. Note PROFINET and EtherNet/IP When PROFINET is turned on, EtherNet/IP is turned off. The switchover from PROFINET and EtherNet/IP has no effect on DCP. Note PROFINET AR Status If a PROFINET connection is established; in other words the PROFINET AR status is "Online", you cannot disable PROFINET. WinCC Advanced V14 System Manual, 10/2016 1531 Editing devices and networks 10.1 Configuring devices and networks PROFINET AR Status This box shows the status of the PROFINET connection; in other words whether the device is connected to a PROFINET controller "Online " or "Offline". Here, online means that a connection to a PROFINET controller exists, that this has downloaded its configuration data to the device and that the device can send status data to the PROFINET controller. In this status known as "in data exchange", the parameters set via the PROFINET controller cannot be configured. PROFINET Name of Station This box displays the PROFINET device name according to the configuration in HW Config of STEP 7. Note Devices with two Ethernet interfaces With devices that have two Ethernet interfaces, only interface P1 should be used for the PROFINET configuration because LLPD frames can only be sent and received via interface P1. They are blocked at interface P2 and are also not forwarded between the interfaces. This applies to the following devices: SCALANCE W786-2 SFP SCALANCE W774-1 RJ-45 SCALANCE W774-1 M12 EEC SCALANCE W734-1 RJ-45 SCALANCE W700 and STEP 7 The Ethernet interface can be configured in STEP 7 if the following requirements are met: STEP 7 V13 Update 3 with HSP0107 or STEP7 version 5.5.4 with GSDML version 2.31 The diagnostics functions can also be used. The WLAN interface cannot be configured with STEP 7. PROFINET for client devices If a client is to be used as a PROFINET device, the MAC address of the client must be specified as follows (MAC Mode): Own In the network beyond the device, only IP communication and no PROFINET is possible. Layer 2 Tunnel The client and the devices downstream from it can be used as PROFINET devices. Note If "Automatic" or "Manual" is configured as the MAC mode for a client, this device cannot be used as a PROFINET device. 1532 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks PLUG Configuration Note The page is only available if there is an online connection to the device. This page is only available for SCALANCE W780 / W 770 / W740 / W730. NOTICE Do not remove or insert a C-PLUG / KEY-PLUG during operation! A PLUG may only be removed or inserted when the device is turned off. The device checks whether or not a PLUG is inserted at one second intervals. If it is detected that the PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted in the device, the device changes to a defined error state following the restart. With SCALANCE W, the available wireless interfaces are deactivated in this case. If the device was configured at some time with a PLUG, the device can no longer be used without this PLUG. To be able to use the device again, reset the device to the factory settings. Information about the configuration of the C-PLUG / KEY-PLUG This page provides detailed information about the configuration stored on the C-PLUG or KEYPLUG. It is also possible to reset the PLUG to factory defaults or to load it with new contents. Note The action is only executed after you click the "Set Values" button. The action cannot be undone. If you decide against executing the function after making your selection, click the "Refresh" button. As a result the data of this page is read from the device again and the selection is canceled. Note Incompatibility with previous versions with PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "NOT ACCEPTED" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using "System > PLUG". WinCC Advanced V14 System Manual, 10/2016 1533 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following rows: Status Shows the status of the PLUG. The following are possible: - ACCEPTED There is a PLUG with a valid and suitable configuration in the device. - NOT ACCEPTED Invalid or incompatible configuration on the inserted PLUG. - NOT PRESENT There is no C-PLUG or KEY-PLUG inserted in the device. - FACTORY PLUG is inserted and does not contain a configuration. This status is also displayed when the PLUG was formatted during operation. - MISSING There is no PLUG inserted. Functions are configured on the device for which a license is required. Device Group Shows the SIMATIC NET product line that used the C-PLUG or KEY-PLUG previously. Device Type Shows the device type within the product line that used the C-PLUG or KEY-PLUG previously. Configuration Revision The version of the configuration structure. This information relates to the configuration options supported by the device and has nothing to do with the concrete hardware configuration. This revision information does not therefore change if you add or remove additional components (modules or extenders), it can, however, change if you update the firmware. File System Displays the type of file system on the PLUG. NOTICE New file system UBI As of firmware version 2.0, UBI is the standard file system for the C-PLUG or KEY-PLUG. If a C-PLUG with the previous file system IECP is detected in such a device, this C-PLUG will be formatted for the UBI file system and the data will be rewritten to the C-PLUG. This change in the file system also occurs following a firmware update to V2.0. A downgrade to the previous version of the firmware then presents a problem. The firmware can neither read nor write the C-PLUG or KEY-PLUG and it is not even possible to "Erase PLUG to factory default". File System Size [bytes] Shows the maximum storage capacity of the file system on the C-PLUG. File System Usage Displays the storage space in use in the file system of the C-PLUG. 1534 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Info String Shows additional information about the device that used the PLUG previously, for example, order number, type designation, and the versions of the hardware and software. The displayed software version corresponds to the version in which the configuration was last changed. With the "NOT ACCEPTED" status, further information on the cause of the problem is displayed. If a PLUG was configured as a PRESET PLUG this is shown here as additional information in the first row. For more detailed information on creating and using a PRESET PLUG refer to the section "Maintenance (page 363)". Modify PLUG Select the required setting. You have the following options for changing the configuration on the C-PLUG or KEY-PLUG: - Write current configuration to PLUG This option is available only if the status of the PLUG is "NOT ACCEPTED" or FACTORY. The configuration in the internal flash memory of the device is copied to the PLUG. - Erase PLUG to factory default Deletes all data from the C-PLUG and triggers low-level formatting. License NOTICE Do not remove or insert a C-PLUG / KEY-PLUG during operation! A PLUG may only be removed or inserted when the device is turned off. The device checks whether or not a PLUG is present at one second intervals. If it is detected that the PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted in the device, the device changes to a defined error state following the restart. With SCALANCE W, the available wireless interfaces are deactivated in this case. If the device was configured at some time with a PLUG, the device can no longer be used without this PLUG. To be able to use the device again, reset the device to the factory settings. Note Incompatibility with previous versions with PLUG inserted During the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory settings after the firmware has been installed. In this situation, if a PLUG is inserted in the device, following the restart, this has the status "NOT ACCEPTED" since the PLUG still has the configuration data of the previous more up-to-date firmware. This allows you to return to the previous, more up-to-date firmware without any loss of configuration data. If the original configuration on the PLUG is no longer required, the PLUG can be deleted or rewritten manually using "System > PLUG". WinCC Advanced V14 System Manual, 10/2016 1535 Editing devices and networks 10.1 Configuring devices and networks Information about the license of the KEY-PLUG A C-PLUG can only store the configuration of a device. In addition to the configuration, a KEYPLUG also contains a license that enables certain functions of your SIMATIC NET device. Note Information only available online You can only view the information on this page if there is an online connection to the device. This page is only available for SCALANCE W780 / W 770 / W740 / W730. Displayed values Status Shows the status of the KEY-PLUG. The following are possible: - ACCEPTED The KEY-PLUG in the device contains a suitable and valid license. - NOT ACCEPTED The license of the inserted KEY-PLUG is not valid. - NOT PRESENT No KEY-PLUG is inserted in the device. - MISSING There is no KEY-PLUG or a C-PLUG with the status "FACTORY" inserted in the device. Functions are configured on the device for which a license is required. - WRONG The inserted KEY-PLUG is not suitable for the device. - UNKNOWN Unknown content of the KEY-PLUG. - DEFECTIVE The content of the KEY-PLUG contains errors. Order ID Shows the order number of the KEY-PLUG. The KEY-PLUG is available for various functional enhancements and for various target systems. Serial Number Shows the serial number of the KEY-PLUG. Info String Shows additional information about the device that used the KEY-PLUG previously, for example, order number, type designation, and the versions of the hardware and software. The displayed software version corresponds to the version in which the configuration was last changed. With the "NOT ACCEPTED" status, further information on the cause of the problem is displayed. 1536 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note When you save the configuration, the information about whether or not a KEY-PLUG was inserted in the device at the time is also saved. This configuration can then only work if a KEYPLUG with the same order number / license is inserted. This applies regardless of whether or not iFeatures are configured. Ping Reachability of an address in an IP network Note The page is only available if there is an online connection to the device. With the ping function, you can check whether a certain IPv4 address is reachable in the network. Settings IP Address Enter the IPv4 address of the device. Repeat Enter the number of ping requests. Ping Click this button to start the ping function. Ping Output This box shows the output of the ping function. Delete Click this button to delete the ping output. Configuring interfaces Ethernet Overview The page shows the configuration for the data transfer for all ports of the device. WinCC Advanced V14 System Manual, 10/2016 1537 Editing devices and networks 10.1 Configuring devices and networks Settings Port Shows the configurable ports. Port name Shows the name of the port. Status Shows whether the port is on or off. Data traffic is possible only over an enabled port. OperState Displays the current operational status. The operational status depends on the configured "Status" and the "Link". The available options are as follows: - up You have configured the status "enabled" for the port and the port has a valid connection to the network. - down You have configured the status "disabled" or "Link down" for the port or the port has no connection. Link (only available online) Shows the connection status to the network. With the connection status, the following is possible: - up The port has a valid link to the network, a link integrity signal is being received. - down The link is down, for example because the connected device is turned off. Mode (only available online) Shows the transfer parameters of the port MTU Shows the maximum packet size. Negotiation Shows whether the automatic configuration is enabled or disabled. MAC Address (only available online) Shows the MAC address of the port. Configuration On this page, you configure the Ethernet ports of the device. Note SCALANCE W786-2 SFP The two SFP ports of the SCALANCE W786-2 SFP cannot be assigned parameters or diagnosed individually. 1538 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Port Select the port to be configured. Status Specify whether the port is enabled or disabled. - enabled The port is enabled. Data traffic is possible only over an enabled port. - disabled The port is disabled but the connection remains. - Link down The port is disabled and the connection to the partner device is terminated. Port name Enter a name for the port. MAC Address (only available online) Shows the MAC address of the port. Mode Type Note This parameter cannot be configured for: SCALANCE W786-2 SFP SCALANCE W770 SCALANCE W760 SCALANCE W730 SCALANCE W720 The value is permanently set to "Auto negotiation". Shows the transmission speed and the transmission method of the port. You make the settings for "Autonegotiation" and "Transmission rate" in the port options. Note Before the port and partner port can communicate with each other, the settings must match at both ends. Mode (only available online) Shows which transmission speed and which transmission mode is currently being used. Negotiation Shows whether the automatic configuration of the connection to the partner port is enabled or disabled. MTU ((Maximial Transmission Unit) Enter the packet size above which packets are fragmented. WinCC Advanced V14 System Manual, 10/2016 1539 Editing devices and networks 10.1 Configuring devices and networks OperState Displays the current operational status. The operational status depends on the configured "Status" and the "Link". The available options are as follows: - up You have configured the status "enabled" for the port and the port has a valid connection to the network. - down You have configured the status "disabled" or "Link down" for the port or the port has no connection. Link (only available online) Shows the connection status to the network. With the connection status, the following is possible: - Up The port has a valid link to the network, a link integrity signal is being received. - Down The link is down, for example because the connected device is turned off. Changing the port configuration Note Optical ports only work with the full duplex mode and at maximum transmission rate. As a result, the following settings cannot be made for optical ports: Automatic configuration Transmission speed Transmission technique Note With various automatic functions, the device prevents or reduces the effect on other ports and priority classes (Class of Service) if a port is overloaded. This can mean that frames are discarded even when flow control is enabled. Port overload occurs when the device receives more frames than it can send, for example as the result of different transmission speeds. 1540 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks WLAN Basic Note To configure the WLAN interface, you must always specify the country code first. Some parameters are dependent on the country setting, for example the transmission standard. Settings Country Code Specify the country in which the device will be used. You do not need to know the data for the specific country, the channel division and output power are set by the device according to the country you select. Note Locale setting The correct country setting is mandatory for operation complying with the approvals. Selecting a country different from the country of use can lead to legal prosecution. Device Mode Mode of the device. The mode can only be changed for access points. The following modes are possible: - AP: Access point mode - Client: Client mode Note After changing the mode, a message is displayed. If you confirm the message with "Yes", the configuration settings are updated in the changed mode. Radio Shows the available WLAN interfaces. Enabled Status of the WLAN interface. To enable the WLAN interface, enable the setting. Note Enabling the WLAN interface The WLAN interfaces are disabled when the device is supplied. The WLAN interfaces are can be enabled once the country and the antenna settings are configured. Radio Mode Shows the mode of the WLAN interface. WinCC Advanced V14 System Manual, 10/2016 1541 Editing devices and networks 10.1 Configuring devices and networks Frequency Band Specify the frequency band. In client mode, dual-frequency operation is also possible. - 2.4 GHz - 5 GHz - 2.4 GHz + 5 GHz (only in client mode) Note Configuring WLAN interfaces of the W786-2IA RJ-45 for different frequency bands If both WLAN interfaces are configured for the same frequency band on this device, there may be mutual influence or interference. This applies in particular when there is a high data throughput. WLAN Mode 2.4 GHz/WLAN Mode 5 GHz Select the required transmission standard for the configured frequency band. The selection depends on the country setting. - Auto (in client mode only) The transmission standard is determined automatically (2.4 GHz + 5 GHz). - 802.11a The transmission standard IEEE 802.11a (5 GHz) is set. - 802.11g The transmission standard IEEE 802.11g (2.4 GHz) is set. This transmission standard is downwards compatible with IEEE 802.11b - 802.11n The transmission standard IEEE 802.11n (2.4 GHz and 5 GHz) is set. This transmission standard is downwards compatible with IEEE 802.11a and IEEE 802.11g. - 802.11n only The transmission standard IEEE 802.11n (2.4 GHz and 5 GHz) is set. This transmission standard is downwards compatible with IEEE 802.11a and IEEE 802.11g. Note Fragmentation length If you select the transmission standard "802.11n", "802.11n only" or "Auto" (only in client mode), you cannot set the threshold value of the fragmentation length see "Fragmentation Length Threshold" in "Interfaces > WLAN > Advanced". 1542 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks DFS (802.11h) Enables or disables the "Dynamic Frequency Selection (DFS)" function. - Enabled If you have enabled this function, additional DFS channels from the 5 GHz band are available to you. These channels are country-specific and are subject to certain DFS regulations. If the access point discovers a disturbance on the current channel, it changes automatically to an alternative channel and the current channel is blocked for 30 minutes. The disturbance can originate from a primary user or radar interference. Before the access point starts the communication on a channel it searches 60 seconds for primary users on the channel. During this time the access point does not send beacons. If signals are found on the channel, the access point changes channel and repeats the check. Only when no signals from primary users are detected after 60 seconds does the access point send on a channel. The access point also searches for primary users during operation. - Disabled The DFS function is not used. Outdoor Mode - Enabled If you have enabled the outdoor mode, you only have the channels available that are permitted for outdoor operation. - Disabled If you have disabled the outdoor mode, you only have the channels available that are permitted for operation in a building. WinCC Advanced V14 System Manual, 10/2016 1543 Editing devices and networks 10.1 Configuring devices and networks Maximum Tx Power Specify the transmit power of the device. If the transmit power is set too high the received signal at the client may be overmodulated. Check the received signal strength at the client (dBm). It may be necessary to reduce the transmit power depending on the antennas being used to avoid exceeding the maximum legal transmit power. Reducing the transmit power effectively reduces cell size. Note The maximum possible transmit power varies depending on the channel and data rate. For more detailed information on transmit power, refer to the documentation "Characteristics radio interface". Note If both interfaces of access points with two WLAN interfaces are operated in the same frequency range, this may cause wireless interference on one or both interfaces at a transmit power higher than 15 dBm. Tx power check (only available online) Indicates whether the settings that have been made will violate the permitted transmit power restrictions of the selected country. The following parameters influence this calculation: max. Maximum Tx Power, Antenna Gain, Additional Attenuation. The following displays can appear: - Allowed The channels can be used with the current settings. - Not Allowed (Some Channels) Among the channels, there are some on which the current transmit power exceeds the maximum permitted transmit power. - Not Allowed (All Channels) No permitted operation is possible. The transmit power is too high. - Controlled automatically by iREF. Controlled by the iREF function. Advanced You only need to adapt the settings on this page if the device cannot be used as it is intended with the default settings. Settings Radio Shows the available WLAN interfaces. Beacon Interval [ms] (Only in access point mode) Specify the interval (40 - 1000 ms) at which the access point sends beacons. Beacons are packets that are sent cyclically by an access point to inform clients of its existence. 1544 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks DTIM(Only in access point mode) The DTIM interval (1-15) specifies the number of beacons to be sent before the access point sends the collected packets (broadcast, unicast, multicast) to the client. - If you enter a "1", the access point transmits broadcast, unicast and multicast packets directly after each beacon (recommended setting for normal network environments). - If you entered a "5", this would mean that the access point collects the packets and sends them after every fifth beacon. Increasing this value allows a longer sleep mode for the clients but means a greater delay for packets. RTS/CTS Threshold [Bytes] RTS/CTS (Request To Send/Clear To Send) is a method for avoiding collisions. The method is based on the exchange of status information prior to sending the actual data (Hidden node problem). To minimize the network load due to additional protocol traffic, this method is used only as of a certain packet size. You specify the packet size with the RTS/ CTS Threshold parameter. Fragmentation Length Threshold [Bytes] Specify the maximum packet size transferred on the wireless link. Large packets are divided up into small packets prior to transmission and then reassembled into the original size after they have been received. This can be beneficial if the transmission quality is poor because larger packets are more difficult to transmit. However fragmentation into smaller packets means a poorer throughput. Note You can only edit this value if the you have set the transmission standard "802.11g" (2.4 GHz) or "802.11 a" (5 GHz), see "WLAN Mode" in "Interfaces > WLAN > Basic". HW Retries Specify the number of hardware retries. The hardware repetition is performed by the WLAN chip itself when it tries to repeat an unacknowledged packet immediately. If all hardware repetitions were unsuccessful, the packet is deleted. Note If you have enabled iPCF or iPCF-MC, you can set up to 16 hardware retries. WinCC Advanced V14 System Manual, 10/2016 1545 Editing devices and networks 10.1 Configuring devices and networks Multi Radar Detection (only in access point mode) - Enabled This function is only available if you have enabled the "DFS" function on the "Basic" page. This function is suitable for systems with several access points connected via an Ethernet network and that send on the same channel. When an access point detects a radar signal it distributes this information to all connected access points. If at least one further access point verifies the radar signal within 40 ms, all connected access points are informed. All the devices sending on this channel change to a different channel. The channel is blocked for 30 minutes for the access points in the network. If you have configured "Auto" for the channel on the "Interfaces > WLAN > AP" page, the function cannot be used reliably. In this case the verification of the radar signals is only possible when at least two connected access points happen to transmit on the same channel. If only one access point detects a signal on a channel, it treats this as a valid radar signal. - Disabled The function is not used. When an access point detects a radar signal it changes to another channel.. The configured channel is no longer taken into account. Prefer Configured DFS Channel (only in access point mode) - Enabled This function is only available if you have enabled the "DFS" function on the "Basic" page. If the configured channel of a WLAN interface was blocked due to radar detection and is released again after 30 minutes the access point changes automatically to the configured channel. Before the access point starts the communication on the configured channel it searches 60 seconds for primary users on the channel. During this time the access point does not send beacons. If signals are found on the channel, the access point changes channel and repeats the check. Only when no signals from primary users are detected after 60 seconds does the access point send on the channel. If you have configured "Auto" for the channel on the "Interfaces > WLAN > AP" page, the device does not have a configured channel to which it can return. - Disabled The function is not used. 1546 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Antennas Overview Overview of IWLAN antennas: Antennas for SCALANCE W700 acc. to IEEE 802.11n and IEEE 802.11a/b/g Antennas only for SCALANCE W700 acc. to IEEE 802.11n with 1 connector with 2 connectors (dual) with 1 connector with 3 connectors (MIMO) Antennas only for SCALANCE W700 acc. to IEEE 802.11a/b/g with 1 connector ANT795-4MA ANT793-6DG ANT795-6MT ANT792-4DN ANT795-4MR ANT795-4MC ANT793-8DJ ANT793-6DT ANT793-4MN ANT795-4MS ANT795-4MD ANT793-8DK ANT792-6MN ANT795-6DN ANT795-6DC ANT793-6MN ANT793-8DN ANT793-8DP ANT792-8DN ANT795-6MN RCoax leaky feeder cable The antenna name provides information about the properties of the antennas listed in the IWLAN antenna overview: Antennas for SCALANCE W700 WinCC Advanced V14 System Manual, 10/2016 4 2 2,4 GHz 4 3 5 GHz 5 2,4 + 5 GHz 6 8 - medium gain high gain very high gain D D M x directional antenna Omnidirectional antenna (omnidirectional) G_IK10_XX_30288 - Directivity 2 Gain Frequency ANT79 1547 Editing devices and networks 10.1 Configuring devices and networks Antennas On this page, you configure the settings for the connected external antennas. Note Transmission disruptions without an antenna connected A WLAN interface can have up to three antenna connectors. A the first connector, there must be always be an antenna connected as soon as the associated WLAN Interface is turned on. Connectors that are not used must have a 50 terminating resistor fitted. If no antenna is connected, the relevant WLAN interface must also be disabled for Rx and Tx. Otherwise, there may be transmission disruptions. Settings Connector Shows the name of the relevant antenna connection. Antenna Type Select the type of external antenna connected to the device. If the type of your external antenna is not available, select the entry "User defined". If you terminate an antenna connection using a 50 terminating resistor, select the entry "Not used (Connect 50 Ohm Termination)". Antenna Gain If you select the "User defined" entry for the "Antenna Type", enter the antenna gain manually in the "dBi" unit. - Antenna Gain 2.4 GHz [dBi] Here, enter the antenna gain the antenna has in the 2.4 GHz frequency band. - Antenna Gain 5 GHz [dBi] Here, enter the antenna gain the antenna has in the 5 GHz frequency band. Cable Length [m] Enter the length of the flexible antenna connecting cable between the device and the external antenna in meters. 1548 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Additional Attenuation [dB] Here, specify the additional attenuation caused, for example by an additional splitter. Antenna Mode Specify the use of the antenna. For antenna connector 1 (R1 A1 and R2 A1), the entry cannot be changed. - TX For sending only - RX For receiving only - RX\TX For receiving and sending The following table shows which combinations are possible: R1 A1 / R2 A1 R1 A2 / R2 A2 R1 A3 / R2 A3 RX\TX RX\TX RX\TX RX\TX RX\TX RX RX\TX RX RX RX\TX RX\TX TX RX\TX TX TX RX\TX RX\TX -- 1) RX\TX TX -- 1) RX\TX RX -- 1) RX\TX -- 1) -- 1) 1) Antenna type "50 termination" Permitted channels For communication, a specific channel within a frequency band is used. You can either set this channel specifically or configure so that the channel is selected automatically. WinCC Advanced V14 System Manual, 10/2016 1549 Editing devices and networks 10.1 Configuring devices and networks Settings Table 1 contains the following columns: Radio Shows the available WLAN interfaces. Use Allowed Channels only If you enable the setting, you restrict the selection of channels via which the AP or the client is allowed to establish the connection. In the following tables, you define the - channels that the AP can use to establish a wireless cell when the "Auto" channel setting is enabled. - the channels on which the client searches for an AP. The tables are divided up according to frequency bands. When disabled, the channels available based on the settings (country code, antennas, transmit power etc.) are used. Above the tables for the frequency bands, you will find the following setting: Select / Deselect all - Enabled All channels are activated. - Disabled The first valid channel of the frequency band remains enabled. Enable the required channel. The tables of the frequency bands have the following columns: Radio Shows the available WLAN interfaces. Radio Mode Shows the mode. Channel number To specify the valid channels for the required frequency band, select the appropriate check box for the channel number. The table displays the permitted channels of the country. Only the valid channels can be enabled. Invalid channels are grayed out and cannot be enabled. Note To specify the channels, the setting "Use Allowed Channels only" must be enabled. 1550 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 802.11n Properties of 802.11n With the IEEE 802.11n standard, it is possible to put together individual data packets in one larger data packet, the A-MPDU and A-MSDU data packets. This achieves a higher data throughput. On this page, you make the settings for the A-MPDU and A-MSDU data packets. Some of the settings depend on the set transmission standard and the selected channel width. Settings The table has the following columns: Radio Shows the available WLAN interfaces. A-MPDU Enables or disables the sending of A-MPDU data packets. If this setting is disabled, only A-MPDU data packets are received. A-MPDU Limit [frames] Specify the number of individual subframes grouped together in one A-MPDU data frame. A-MPDU Limit [Bytes] Specify the maximum size of the A-MPDU frame. A-MSDU Aggregated MAC Service Data Unit (A-MSDU)Enables or disables that several MSDUs with the same destination address are bundled into an A-MSDU and are sent together. This reduces the network load. Due to their shorter maximum length A-MSDUs are more suitable for the bundling of several shorter frames. If this check box is disabled, A-MSDU data packets are received but not sent. A-MSDUPacket Size [bytes] Specify the maximum size of the A-MSDU data packet. Range of values: 50 - 200 bytes Default: 100 bytes Guard Interval [ns](only in access point mode) Select the send pause that must be kept to between two transmitted OFDM symbols. The following settings are possible. The selection depends on the selected transmission standard. - 400 (short)/800 (long): The setting 400 ns is optional. Depending on the signal quality, packets can be sent with a send pause of 400 ns or 800 ns. - 800 (long): The send pause is 800 ns. Access point Note The page is available only in access point mode. WinCC Advanced V14 System Manual, 10/2016 1551 Editing devices and networks 10.1 Configuring devices and networks Settings Table 1 has the following columns: Radio Shows the available WLAN interfaces. Channel Specify the main channel. If you want the access point to search for a free channel itself, use "Auto". The selection of channels used by an access point when establishing a wireless cell can be restricted. For "Channel selection", enable the setting "Use Allowed Channels only". If you want to use a fixed channel, select the required channel from the drop-down list. Note SCALANCE W780/W740: Channel spacing with WLAN interfaces If you use a second WLAN interface, make sure that you have adequate channel spacing. Alternative DFS Channel (802.11h) If you have enabled the "DFS" function on the "Basic" page, specify the alternative channel here. If you want the access point to search for a free channel itself, use "Auto". If a primary user was detected both on the main and alternative channel, the access point automatically searches for a free channel. If you want to use a fixed channel, select the required channel from the drop-down list. HT Channel Width [MHz] You can specify the channel bandwidth only with the IEEE 802.11n transmission standard. The following settings are possible. - 20 Channel bandwidth 20 MHz - 40 up Channel bandwidth 40 MHz. The configured channel and the neighboring channel above it are used. - 40 down Channel bandwidth 40 MHz. The configured channel and the neighboring channel below it are used. Note Channel bandwidth 40 MHz and frequency band 2.4 GHz If the access point detects another access point on the configured channel or on neighboring channels, the access point changes the channel bandwidth from 40 MHz to 20 MHz. If you set a "free" channel on the access point, the access point uses the channel bandwidth 40 MHz. Table 2 has the following columns: Radio Shows the available WLAN interfaces in this column. Available Channels Shows the permitted channels. The display depends on the wireless approvals of the currently selected country and the settings for "Channel selection". 1552 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 3 has the following columns: Radio Shows the WLAN interface. Port Shows the VAP interface. Enabled To use the required VAP interface, select this check box. SSID Enter the SSID of the WLAN. The length of the character string for SSID it is 1 to 32 characters. The ASCII characters 0x20 to 0x7e are used for the SSID. Broadcast SSID - deactived The SSID is no longer sent in the beacon frame of the access point. This means that the SSID is not visible for other devices. Only clients that know the SSID of the access point and that are configured with it can connect to the access point. The "Any SSID" option must be disabled on these clients. - activated The SSID is sent in the Beacon frame of the access point and is visible for other devices. This means that clients on which the "Any SSID" setting is enabled can also connect to the access point. Note Since no encryption is used for the SSID transfer, this function can only provide basic protection against unauthorized access. The use of an authentication method (for example WPA2 (RADIUS) or WPA2-PSK if this is not possible) provides higher security. You must also expect that certain end devices may have problems with access to a hidden SSID. WDS only If you enable this setting, the access point only supports communication via WDS. In WDS mode, all access points must use the same channel. WDS ID Enter the WDS ID. The WDS ID can be a maximum of 32 characters long. To establish a WDS connection, enter this WDS ID for the WDS partner. ASCII characters 0x20 to 0x7e are used for the WDS ID. AP WDS In normal operation, the access point is used as an interface to a network and communicates with clients. There are, however, situations in which several access points need to communicate with each other, for example to extend wireless coverage or to set up a wireless backbone. This mode is possible with WDS (Wireless Distributed System). Note This tab is available only in access point mode. WinCC Advanced V14 System Manual, 10/2016 1553 Editing devices and networks 10.1 Configuring devices and networks Settings Radio Shows the available WLAN interfaces. Port Shows the port. Port enabled Enables the WDS interface. Connection over Specify the VAP interface via which the WDS connection is established. Both the MAC address of the VAP as well as security settings (for example WPA2) are used. Partner ID Type Specify the type of WDS communication. - MAC Address The MAC address is used. The "Partner WDS ID" input box is grayed out. For "Partner MAC", enter the MAC address of the WDS partner. - WDS ID The WDS ID is used. The "Partner MAC" input box is grayed out. Enter the WDS ID of the WDS partner in "Partner WDS ID". Use this option if you want to replace the access point later using the C-PLUG or KEY-PLUG. Partner MAC Enter the MAC address of the WDS partner. Can only be edited if "MAC Address" is set for the "Partner ID Type". Partner WDS ID Enter the WDS ID of the WDS partner. Can only be edited if "WDS ID" is set for the "Partner ID Type". For the WDS ID, the ASCII characters 0x20 to 0x7e are permitted. Note Matching security settings in WDS mode In WDS mode, make sure that the security settings match up for all devices involved. If settings are incorrect or not compatible on the individual devices, no data exchange is possible due to incorrect authentication. Avoid the "Auto" setting in the security settings of the Basic Wizard, because with this setting, synchronization of the security settings between the access points is not possible. Note In WDS operation, the following restrictions apply to all access points involved: All access points that will communicate with each other must use the same channel, the same transmission procedure and the same data rate. You can select either WEP or WPA(2)-PSK as the encryption method. You configure the security settings in the assigned VAP interface: "Security > WLAN > Basic" You cannot use authentication with a RADIUS server for a WDS connection. In the IEEE 802.11h transmission mode, it is not practical to select the WDS mode. In WDS mode, all access points must use the same channel. If a signal from a primary user is detected by an access point, the channel is changed automatically and the existing connection is then terminated. 1554 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks AP 802.11a/b/g Rates Note The page is only available in access point mode. Can be configured if "802.11a", "802.11g" or "802.11n" is set for the WLAN mode. The page shows the available data transmission speeds for the WLAN mode 802.11a/b/g. If necessary, you can change the data transmission speeds. Otherwise, we recommend that you retain the default setting for data transmission speeds. The access point will then use only the selected data transmission speeds for communication with the clients. Settings Table 1 has the following columns: Radio Specifies the WLAN interface to which the information relates. Use selected data rates only If you select this setting, you can specify the data transmission speeds for the required WLAN interface. If this setting is disabled, the default values are used. Radio Select the WLAN interfaces displayed in Table 3 (Data rate). Table 2 has the following columns: All data rate settings Shows that the setting is valid for all entries in Table 3. Enabled / Basic settings Select the required setting. If "No Change" is selected, the entry in table 3 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 3 Table 3 (Data Rate) has the following columns: Radio Specifies the WLAN interface to which the information relates. Data Rate [Mbps] Shows the supported data transmission speeds in megabits per second. WinCC Advanced V14 System Manual, 10/2016 1555 Editing devices and networks 10.1 Configuring devices and networks Enabled Enable the setting to assign the required data transmission speed to the WLAN interface. Note You need to enable at least one data transmission speed. Basic Enable the option to declare the required data transmission speed as "Basic". The setting specifies that a client must be capable of the required speed to be able to connect to the access point. The setting can only be enabled if an available data rate has been selected. Note At least one data transmission speed needs to be specified as "Initial Setup". Default Values The "Default Values" button sets the selection of values to conform with the standard. AP 802.11n data rates Note The page is only available in access point mode. Can be configured if "802.11n only" or "802.11n" is set for the WLAN mode. The page shows the available data transmission speeds (MCS = Modulation and Coding Schemes) for the WLAN mode 802.11n. You can select any combination of these data transmission speeds. The access point will then use only the selected data transmission speeds for communication with the clients. Settings Table 1 has the following columns: Radio Specifies the WLAN interface to which the information relates. Use selected data rates only If you select this setting, you can specify the data transmission speeds for the required WLAN interface. If this setting is disabled, the default values are used. As default, the setting is disabled. Radio Select the WLAN interfaces displayed in Table 3 (MCS Index). 1556 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: All data rate settings Shows that the setting is valid for all entries in Table 3. Enabled Select the required setting. If "No Change" is selected, the entry in table 3 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 3. Table 3 (MCS Index) consists of the following columns: Radio Specifies the WLAN interface to which the information relates. MCS Index Shows the supported MCS indexes. The displayed MCS indexes depend on the settings "Antenna Type" and "Antenna Mode". You will find the settings in "Interfaces > WLAN > Antennas". If, for example, you only use one antenna, only the MCS 0 to 7 are displayed. Streams Shows the maximum possible number of parallel data streams that can be transmitted with the selected MCS index. Data Rate [Mbps] Shows the supported data transmission speeds in megabits per second. The displayed data transmission speeds depend on the settings "Guard Interval" and "HT Channel Width". The "HT Channel Width" setting can be found in "Interfaces > WLAN > Access Point". The "Guard Interval" setting can be found in "Interfaces > WLAN > 802.11n" Enabled Enable the setting to assign the required data transmission speed to the WLAN interface. Note You need to enable at least one MCS index. Default Values The "Default Values" button sets the selection of values to conform with the standard. Client Connecting to a network On this page, you can specify how the device connects to a network as client. Note This page is only available for clients or access points in client mode. WinCC Advanced V14 System Manual, 10/2016 1557 Editing devices and networks 10.1 Configuring devices and networks Settings Table 1 has the following columns: Radio Shows the available WLAN interfaces. Note WLAN interface disabled The WLAN interface will be disabled unless at least one SSID is configured or the setting "Any SSID" is enabled. MAC Mode Specify how the MAC address is assigned to the client. The following are possible: - Automatic The client automatically adopts the source MAC address of the first frame that it receives over the Ethernet interface. - Manual If you select Manual, enter the MAC address in the "MAC Address" column. - Own The client uses the MAC address of the Ethernet interface for the WLAN interface. - Layer 2 Tunnel The client uses the MAC address of the Ethernet interface for the WLAN interface. The network is also informed of the MAC addresses connected to the Ethernet interface of the client. Up to eight MAC addresses can be used. MAC Address If you have selected "Manual" for "MAC Mode", enter the MAC address of the client. Any SSID - Enabled In client mode the SCALANCE W700 device attempts to connect to the access point that corresponds to the security settings of security context 1. The clients can only connect to the access point on which the "Broadcast SSID" option is enabled. - Disabled The client attempts to connect to the access point from the SSID list whose security settings match one of the defined security contexts. Roaming Threshold Specify the threshold after which the client roams to the new access point. - High Changes only at a significantly higher field strength to the AP with the stronger signal. - Medium Changes at a moderately higher field strength to the AP with the stronger signal. - Low Changes at a slightly higher field strength to the AP with the stronger signal. 1558 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Background Scan Mode While the client is connected to an access point, it scans for other access points in the background with which it can connect when necessary. Specify the mode for the scan. The following options are available: - always The client scans continuously for access points. - Idle If there is no data traffic for a certain time, a scan is started for further access points. - Disabled As long as the client is connected, there is no scan for further access points. Background Scan Interval [ms] Specify the interval at which further access points are scanned. Table 2 has the following columns: Radio Shows the WLAN interface. Scan Channels Shows the channels on which the client searches for an access point. The display depends on the wireless approvals of the selected country and the settings for "Channel selection". Table 3 has the following columns: Enabled Enables or disables the relevant SSID. Radio Shows the WLAN interface. SSID Enter the SSID of the access point with which the client will connect. For the SSID, ASCII code 0x20 to 0x7e is used. Security Select a security context. You create and configure a security context in "Security > WLAN > Basic". Default setting: Context 1 Note iPCF or iPCF-MC mode activated If the iPCF or iPCF-MC mode is enabled, you can only select security context 1. WinCC Advanced V14 System Manual, 10/2016 1559 Editing devices and networks 10.1 Configuring devices and networks Force Roaming Note The page is only available in access point mode if there is an online connection to the device. The WLAN interface of the device must be enabled, otherwise the frequency ranges cannot be scanned. If the interface is no longer available (cable break, network component faild, connector removed), a client connected over the wireless network is not aware of this. The access point can force the logged-on clients to roam by deactivating the relevant interface. On this page you specify when roaming is performed. On connection abort If the wired Ethernet interface is no longer available the WLAN interface is turned off. The clients roam and then connect to a different access point. As soon as the first access point reaches the server again it switches its WLAN interfaces active again. When the destination address is unreachable. Roaming depends on destination addresses. To monitor the device sends pings to the configured destination addresses at regular intervals. - VAP interface monitored using a destination address If no ping response is received from this destination address, the access point turns the relevant VAP interface off. - VAP interface monitored using several destination addresses Only when no ping response is received from any of these destination addresses does the access point turn the relevant VAP interface off. As long as at least one destination address is reachable, the VAP interface remains active. The access point sends a disassociation frame to the WAN clients connected via this VAP interface. The WLAN clients roam and connect to a different VAP interface. If the address becomes reachable again, the connection can be established again via this VAP interface. Settings Table 1 has the following columns: Radio Shows the available WLAN interfaces. Force roaming on link down When enabled if there is a connection abort via the Ethernet interface, the WLAN interface is turned off. 1560 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table "Force Roaming on IP down"has the following columns: Select Select the check box in the row to be deleted. Destination Address Enter the IPv4 address or the FQDN (Fully Qualified Domain Name) of the destination whose reachability will be checked. Note Destination address not in the agent IP subnet If the destination address is not in the agent IP subnet, a gateway must be entered for "Layer 2 > Agent IP". The Base Bridge mode "802.1Q VLAN Bridge" If you have configured the "Base Bridge Mode" "802.1Q VLAN Bridge" in "Layer 2 > VLAN", echo messages (ping packets) are sent into the management VLAN. Interval [ms] Specify the interval at which echo messages (pings) are sent. Max. Lost Packets Specify the maximum number of consecutive lost ping responses. When this number is reached for a destination address, this destination address counts as being unreachable (down). VAP X.Y Specify the VAP interface via which the address is monitored. Signal recorder Recording the effective user signal The signal recorder is used to record the effective user signal between access point and client. Using this data, you can locate areas with an inadequate user signal. The signal recorder can be particularly useful when the client moves along a fixed path. Note The page is only available for clients or access points in client mode if there is an online connection to the device. The WLAN interface of the device is enabled, otherwise no recording will be made. WinCC Advanced V14 System Manual, 10/2016 1561 Editing devices and networks 10.1 Configuring devices and networks Description The graphic contains the following elements: Scroll bar With the scroll bar, you can look through the entire measurement. To do this you can use the "<<" and ">>" buttons or the arrow keys on the keyboard. Bar (left) In the bar on the left-hand side the user signal is displayed in real time according to the color scheme. The gray line shows the background noise. Color scheme The range > -35 dBm (blue) is the overmodulation range, in other words the WLAN signal is too strong and is received overmodulated. As of approximately -60 dBm (yellow) the WLAN signal is weaker. The individual colors are described again under the graphic. x axis The x axis shows the course of the measurement in random samples and milliseconds. Measurement data The measurement data shows the value of the effective user signal according to the color scheme shown. The gray line shows the background noise. If the client changes access points during a measurement (roaming) or reconnects, this is displayed by a vertical black line. On the line the previous AP system name and the BSSID are shown. If during a measurement the client has no connection to an access point, no user signal is displayed. To make it clear that there is no connection to an access point, the BSSID is set to 00:00:00:00:00:00 and shown in red. If the client has an iPCF-MC connection, the user signal of the management channel is shown with an additional black line. Under the graphic the following values are displayed: Current Sample The number of the current measurement BSSID The BSSID (Basic Service Set Identification) AP System Name The system name of the access point Operative Channel The current channel or the channel on which the client is connected to the access point TX Rate [Mbps] The average data rate of the sent data packets during the current random test RX Rate [Mbps] The average data rate of the received data packets during the current random test Signal [dBm] The effective user data signal in dBm Signal [%] The effective user data signal in % RSSI The raw value of the RSSI (Received Signal Strength Indication) 1562 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Noise Floor [dBm] The background noise in dBm Roaming Counter The roaming counter shows how often the client has changed access points. After 99999 changes the counter is reset. Settings This table contains the following columns: Radio Shows the available WLAN interfaces. Since a client has a WLAN interface, there is only ever one row for "WLAN 1" in this table. Interval [ms] Specify the time interval between acquiring two measured values in milliseconds. Samples Specify how many measurements should be made. Endless If you enable the option checkmark, the number of measurements is unlimited The "Samples" box is grayed out . The signal recorder runs until it is stopped manually or the device is reconfigured. You can only select this option starting at a time interval 100. Start Click the button in this column to start recording the user data signal. The signal recorder saves the recorded data automatically every 10 minutes. Following a restart, the recording contains all the values up to the last save action. Stop Click the button in this column to stop recording the user data signal prematurely. If the specified number of measurements has been made, recording of the user data signal stops automatically. Displayed samples Select how many measured values will be shown in the graphic. Notes on usage Note the following tips that will help you to obtain useful measurements with the signal recorder: Set a fixed data rate on the access point. If you have activated iPCF, set as low a cycle time on the access point as possible for the measurements. Make sure that there is enough data communication during the measurement because the statistics functions evaluate incoming data frames. The measurement path should be traveled 2 to 3 times with the same parameters to find out whether losses of signal strength always occur at the same position. Selective measurements at a fixed position should be made over a longer period of time. WinCC Advanced V14 System Manual, 10/2016 1563 Editing devices and networks 10.1 Configuring devices and networks Note If you start a new recording, the previous recording will be overwritten. When the device restarts, the measured values are deleted. Change to one of the following menu items to call up the result of the recording: System > Load&Save > HTTP Click the "Save" button in the "WLANSigRec" table row to save the file "signal_recorder_SCALANCE_W700.zip" in the file system of the connected PC. System > Load&Save > TFTP If necessary, change the file name "signal_recorder_SCALANCE_W700.zip" in the "WLANSigRec" table row. In the table row "WLANSigRec", select the "Save file" entry from the drop-down list of the last column and click the "Save Values" button. The downloaded ZIP file contains two files with the results of the recording: A PDF file A CSV file Spectrum Analyzer Note The page is only available in access point mode if there is an online connection to the device. The WLAN interface of the device must be enabled, otherwise the frequency ranges cannot be scanned. Technical information The frequency range depends on the configuration. Parameters Amplitude accuracy Value In 2.4 GHz 3 dBm In 5 GHz 7 dBm Resolution bandwidth 330 KHz Min. signal strength -100 dBm Max. signal strength Analysis time Update time 1564 0 dBm At 40 MHz 120 ms At 20 MHz 95 ms 1 s. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Representing signals of the frequency range Which the spectrum analyzer you can recognize and represent the electromagnetic signals of a frequency range. You can measure the strength of all signals located in the environment of the access point. Note When the spectrum analyzer is started, all WLAN connections are terminated on both WLAN interfaces. The access point then also does not send any beacons. Note Do not enable the spectrum analyzer if the device is operating productively. This can influence the performance of the device. Note The functionality of the spectrum analyzer does not replace a dedicated spectrum analyzer. Description The page contains the following graphics: In all graphics, the lower x axis shows the channels around the selected center frequency for which the measurements are made. The upper x axis shows the frequency range. The display of the y axis depends on the selected graphic. Realtime The y axis shows the signal strength in dBm. The graphic shows the strength of all signals that the access point receives in its environment in the configured frequency range. The red line shows the maximum values since the start of the measurement. The white line shows the current values. The green line shows the average values. Spectrogram The y axis shows the course of the measured values over time from current (0 s) to the values received before 500 s. The graphic shows the strength of all signals that the access point receives in its environment in the configured frequency range. The color depends on the setting for "Color Scheme". Density Chart The y axis shows the signal strength in dBm. The graphic shows how often signals occur with a certain strength in the configured frequency range. The color goes from the lowest value (0%) in black to the highest value (100%) in red. The page contains the following buttons: Expand With this icon you only show one graphic type in large format on the page. Reduce With this icon you return to the view with all three graphic types. WinCC Advanced V14 System Manual, 10/2016 1565 Editing devices and networks 10.1 Configuring devices and networks Color Scheme With this icon, you change the colours scheme for the graphic type "Spectrogram": - The color goes from the lowest value (-100 dBm) in black to the highest value (0 dBm) in red. - The color goes from the lowest value (-100 dBm) in red to the highest value (0 dBm) in black. Reset With this icon you reset the maximum and average values of the graphic type "Realtime". This table contains the following columns: Radio Shows the WLAN interface to which the information applies. State Shows the status of the measurement. The following values are possible: - Stopped The measurement was stopped. - Started The measurement is running. Frequency Band Specify the frequency band. Center Frequency Select the center frequency. How many channels are displayed depends on the setting for the "HT Channel Width", refer to the page "Interfaces > WLAN > AP". Start Click the button in this column to start the measurement. Note If you start a new measurement, the previous measurement will be overwritten. Stop Click the button in this column to end the measurement. You can save the measurement result as a CSV file with the menu "System > Load&Save > WLANSpectrumAnalyzer". Measurement results CSV file The CSV file contains information on the configuration of the device and detailed information on all individual measurements and is divided into two areas. The first area contains the configured settings: System Name The system name of the access point Device IP The IP address of the device 1566 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Device MAC The MAC address of the device Recording Interval The interval between acquisition of two measured values The second area is a table. The table contains the following for each measured value: Sample The consecutive number of the measurement Timestamp The time stamp The following columns show all frequencies of the selected frequency band. The cells are only filled for the frequencies for which a value was measured. The measured values show the signal strength in dBm. Configuring layer 2 functions VLAN General On this page you specify whether or not the device forwards frames with VLAN tags transparently (IEEE 802.1D/VLAN-unaware mode) or takes VLAN information into account (IEEE 802.1Q/VLAN-aware mode). If the device is in the "802.1Q VLAN Bridge" mode, you can define VLANs and specify the use of the ports . Note Changing the agent VLAN ID If the configuration PC is connected directly to the device via Ethernet and you change the agent VLAN ID, the device is no longer reachable via Ethernet following the change. WinCC Advanced V14 System Manual, 10/2016 1567 Editing devices and networks 10.1 Configuring devices and networks Settings The page contains the following boxes: Base Bridge-Mode Select the required mode from the drop-down list. The following modes are possible: Note Changing Base bridge mode Note the section "Changing Base bridge mode". This section describes how a change affects the existing configuration. - 802.1 D Transparent Bridge Sets the mode "VLAN-unaware" for the device. In this mode, VLAN tags are not taken into account or changed but are forwarded transparently. In this mode, you cannot create any VLANs. - 802.1Q VLAN Bridge Sets the mode "VLAN-unaware" for the device. In this mode, VLAN tags are not taken into account or changed but are forwarded transparently. In this mode, you cannot create any VLANs. Only a management VLAN is available: VLAN 1. VLAN ID Enter the VLAN-ID (a number between 1 and 4094). You can create up to 2 (SCALANCE W760), 8 (SCALANCE W770) or 24 (SCALANCE W780) VLANS. The table has the following columns: VLAN ID Shows the VLAN ID. The VLAN ID (a number between 1 and 4094) can only be assigned once when creating a new data record and can then no longer be changed. To make a change, the entire data record must be deleted and created again. Name Enter a name for the VLAN. The name only provides information and has no effect on the configuration. 1568 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Status Shows the status type of the entry in the internal port filter table. Here, static means that the address was entered as a static address by the user. The entry GVRP means that the configuration was registered by a GVRP frame. This is, however, only possible if GVRP was enabled for the device. List of ports Specify the use of the port. The following options are available: - "-" - The port is not a member of the specified VLAN. With a new definition, all ports have the identifier "-". - M The port is a member of the VLAN. Frames sent in this VLAN are forwarded with the corresponding VLAN tag. - R The port is a member of the VLAN. A GVRP frame is used for the registration. - U (upper case) The port is an untagged member of the VLAN. Frames sent in this VLAN are forwarded without the VLAN tag. Frames without a VLAN tag are sent from this port. - u (lower case) The port is an untagged member of the VLAN, but the VLAN is not configured as a port VLAN. Frames sent in this VLAN are forwarded without the VLAN tag. - F The port is not a member of the specified VLAN and it is not possible for the VLAN to be registered dynamically at this port using GVRP. You can configure other settings in "Layer 2 > VLAN > Port-based VLAN". Changing Base bridge mode VLAN-unaware (802.1D transparent bridge) VLAN-aware (802.1Q VLAN bridge) If you change the Base Bridge mode from VLAN-unaware to VLAN aware, this has the following effects All static and dynamic unicast entries are deleted. VLAN-aware (802.1Q VLAN bridge) VLAN-unaware (802.1D transparent bridge) If you change the Base Bridge mode from VLAN-aware to VLAN-unaware, this has the following effects: All VLAN configurations are deleted. A management VLAN is created: VLAN 1. All static and dynamic unicast entries are deleted. WinCC Advanced V14 System Manual, 10/2016 1569 Editing devices and networks 10.1 Configuring devices and networks 802.1Q VLAN Bridge: Important rules for VLANs Make sure you keep to the following rules when configuring and operating your VLANs: Frames with the VLAN ID "0" are handled as untagged frames but retain their priority value. As default, all ports on the device send frames without a VLAN tag to ensure that the end node can receive these frames. With SCALANCE W devices, the VLAN ID "1" is the default on all ports. If an end node is connected to a port, outgoing frames should be sent without a tag (static access port). If, however, there is a further switch at this port, the frame should have a tag added (trunk port). Port-based VLAN Processing received frames On this page, you specify the configuration of the port properties for receiving frames. Settings Table 1 has the following columns: 1st column Shows that the settings are valid for all ports. Priority / Port VID / Acceptable Frames / Ingress Filtering Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Port Shows the available ports and link aggregations. Priority Select the priority assigned to untagged frames. The CoS priority (Class of Service) used in the VLAN tag. If a frame is received without a tag, it will be assigned this priority. This priority specifies how the frame is further processed compared with other frames. There are a total of eight priorities with values 0 to 7, where 7 represents the highest priority (IEEE 802.1p Port Priority). Port VID Select the VLAN ID. Only VLAN IDs defined on the "VLAN > General" page can be selected. If a received frame does not have a VLAN tag, it has a tag with the VLAN ID specified here added to it and is sent according to the rules at the port. 1570 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Acceptable Frames Specify which types of frames will be accepted. The following alternatives are possible: - Tagged Frames Only The device discards all untagged frames. Otherwise, the forwarding rules apply according to the configuration. - All The device forwards all frames Ingress Filtering Specify whether the VID of received frames is evaluated. The following options are available: - Enabled The VLAN ID of received frames decides whether they are forwarded: To forward a VLAN tagged frame, the receiving port must be a member in the same VLAN. Frames from unknown VLANs are discarded at the receiving port. - Disabled All frames are forwarded. Dynamic MAC aging The device automatically learns the source addresses of the connected nodes. This information is used to forward data frames to the nodes specifically involved. The network load for the other nodes is reduced. If a device does not receive a frame whose source address matches a learnt address within a certain time, the learnt address is deleted. This mechanism is known as aging. Aging prevents frames being forwarded incorrectly, for example when an end device (for example a programming device) is connected to a different port. If the check box is not enabled, a device does not delete learned addresses automatically. Settings Dynamic MAC Aging Enable or disable the function for automatic aging of learned MAC addresses: Aging Time [s] Enter the time in seconds. After this time, a learned address is deleted if the device does not receive any further frames from this sender address. Spanning Tree General General settings of MSTP This is the basic page for spanning tree. Select the compatibility mode from the drop-down list. As default, Multiple Spanning Tree is enabled. WinCC Advanced V14 System Manual, 10/2016 1571 Editing devices and networks 10.1 Configuring devices and networks On the configuration pages of these functions, you can make detailed settings. Note Client device not as root bridge Using the configuration of priorities and path costs, make sure that a client device can never become the root bridge. If a client device becomes the root bridge the Rapid Spanning Tree function no longer works. Depending on the compatibility mode, you can configure the corresponding function on the relevant configuration page. Settings Spanning Tree Enable or disable Spanning Tree. Note Clients or access points in client mode If "Automatic" is set for "MAC Mode", spanning tree is not supported. Protocol Compatibility Select the compatibility mode of Spanning Tree. If, for example, you select RSTP, Spanning Tree behaves like RSTP. The following settings are available: - STP - RSTP - MSTP Note If iPCF mode is enabled, only the compatibility modes STP and RSTP are supported. CIST general The page consists of the following parts: The left-hand side of the page shows the configuration of the device. The central part shows the configuration of the root bridge that can be derived from the spanning tree frames received by a device. The right-hand side shows the configuration of the regional root bridge that can be derived from the MSTP frames received by a device. The displayed data is only visible if you have enabled "Spanning Tree" on the "General" page and if "MSTP" is set for "Protocol Compatibility". This also applies to the "Bridge Max Hop Count" parameter. If the device is a root bridge, the information on the left and right matches. 1572 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Bridge Priority / Root Priority (only available online) Which device becomes the root bridge is decided based on the bridge priority. The bridge with the highest priority becomes the root bridge. The lower the value, the higher the priority. If several devices in a network have the same priority, the device whose MAC address has the lowest numeric value will become the root bridge. Both parameters, bridge priority and MAC address together form the bridge identifier. Since the root bridge manages all path changes, it should be located as centrally as possible due to the delay of the frames. Bridge Address / Root Address(only available online) The bridge address shows the MAC address of the device and the root address shows the MAC address of the root bridge. Root Port (only available online) Shows the port via which the switch communicates with the root bridge. Root Cost (only available online) The path costs from this device to the root bridge. Topology Changes / Last Topology Change (only available online) The entry for the device shows the number of reconfigurations due to the spanning tree mechanism since the last startup. For the root bridge, the time since the last reconfiguration is displayed as follows: - Seconds: "Sec" unit after the number - Minutes: "Min" unit after the number - Hour: "Hr" unit after the number Bridge Hello Time / Root Hello Time (only available online) Each bridge regularly sends configuration frames (BPDUs). The interval between two such frames is the Hello time. The default for this parameter is 2 seconds. Bridge Forward Delay [s] / Root Forward Delay [s] New configuration data is not used immediately by a bridge but only after the period specified in the parameter. This ensures that operation is only started with the new topology after all the bridges have the required information. Bridge Max Age / Root Max Age (only available online) Bridge Max Age defines the maximum "age" of a received BPDU for it to be accepted as valid by the switch. The following values are available only in access point mode: Regional root priority (only available online) For a description, see Bridge Priority / Root Priority Regional root address (only available online) The MAC address of the device. Regional root costs (only available online) The path costs from this device to the root bridge. Bridge Max Hop Count This parameter specifies how many MSTP nodes a BPDU may pass through. If an MSTP BPDU is received and has a "Bridge Max Hop Count" that exceeds the value configured here, it is discarded. WinCC Advanced V14 System Manual, 10/2016 1573 Editing devices and networks 10.1 Configuring devices and networks Region Name Enter the name of the MSTP region to which this device belongs. As default, the MAC address of the device is entered here. This value must be the same on all devices that belong to the same MSTP region. Region Version Enter the version number of the MSTP region in which the device is located. This value must be the same on all devices that belong to the same MSTP region. Layer-2 Tunnel Admin Edge Port (only available in access point mode) Enable this setting if there can be an end device on a layer 2 tunnel port. Otherwise a reconfiguration of the network will be triggered whenever a link to this port is modified. The L2T clients should be interconnected. Layer-2 Tunnel Auto Edge Port(Only available in access point mode) Enable this setting if you want to detect automatically at all layer 2 tunnel ports whether or not an end device is connected. To reset the counters on this page the following button is available: Reset Counters (only available online) The values are reset with this button. CIST port MSTP-CIST port configuration When the page is called, the table displays the current status of the configuration of the port parameters. To configure them, click the relevant cells in the port table. Settings Table 1 has the following columns: 1st column Shows that the setting is valid for all ports of table 2. Spanning Tree Status Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. 1574 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 2 has the following columns: Port Shows the available ports and interfaces. - Port X - WLAN X - VAP X.Y - WDS X.Y Spanning Tree Status Specify whether or not the port is integrated in the spanning tree. Note If you disable the "Spanning Tree Status" setting for a port, this may cause the formation of loops. The topology must be kept in mind. Priority Enter the priority of the port. The priority is only evaluated when the path costs are the same. The value must be divisible by 16. If the value that cannot be divided by 16, the value is automatically adapted. Cost Calc. Enter the path cost calculation. If you enter the value "0" here, the automatically calculated value is displayed in the "Path Costs" box. WinCC Advanced V14 System Manual, 10/2016 1575 Editing devices and networks 10.1 Configuring devices and networks Path Costs (only available online) This parameter is used to calculate the path that will be selected. The path with the lowest value is selected as the path. If several ports of a device have the same value for the path costs, the port with the lowest port number is selected. If The "Cost Calc." is "0", the automatically calculated value is shown. Otherwise, the value of the "Cost Calc." box is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000 The values can, however, also be set individually. Status (only available online) Displays the current status of the port. The values are only displayed and cannot be configured. The "Status" parameter depends on the configured protocol. The following is possible for status: - Disabled The port only receives and is not involved in STP, MSTP and RSTP. - Discarding In the "Discarding" mode, BPDU frames are received. Other incoming or outgoing frames are discarded. - Listening In this status, BPDUs are both received and sent. The port is involved in the spanning tree algorithm. - Learning Stage prior to the forwarding status, the port is actively learning the topology (in other words, the node addresses). - Forwarding Following the reconfiguration time, the port is active in the network; it receives and forwards data frames. 1576 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Fwd. Trans (only available online) Specifies the number of changes from the "Discarding" status to the "Forwarding" status Edge type Specify the type of edge port. You have the following options: - "-" Edge port is disabled. The port is treated as a "no edge port". - Admin Select this option when there is always an end device on this port. Otherwise a reconfiguration of the network will be triggered each time a connection is changed. - Auto Select this option if you want a connected end device to be detected automatically at this port. When the connection is established the first time, the port is treated as a "no Edge Port". - Admin/Auto Select these options if you operate a combination of both on this port. When the connection is established the first time, the port is treated as an Edge Port. Edge (only available online) Shows the status of the port. - Enabled An edge port is connected to this port. - Disabled There is a spanning tree or rapid spanning tree device at this port. With an end device, a switch can change over the port faster without taking into account spanning tree frames. If a spanning tree frame is received despite this setting, the port automatically changes to the "Disabled" setting for switches. P.t.P. Type Select the required option. The selection depends on the port that is set. - "-" Point to point is calculated automatically. If the port is set to half duplex, a point-to-point link is not assumed. - P.t.P. Even with half duplex, a point-to-point link is assumed. - Shared Media Even with a full duplex connection, a point-to-point link is not assumed. Note Point-to-point connection means a direct connection between two devices. A shared media connection is, for example, a connection to a hub. WinCC Advanced V14 System Manual, 10/2016 1577 Editing devices and networks 10.1 Configuring devices and networks P.t.P. - Enabled Shows that a point-to-point link exists. - Disabled Shows that no point-to-point link exists. Hello Time Enter the interval after which the bridge sends configuration BPDUs Note The port-specific setting of the Hello time is only possible in MSTP compatible mode. MST General Multiple Spanning Tree configuration With MSTP, in addition to RSTP, several VLANs can be managed in a LAN with separate RSTP trees. Settings MSTP Instance ID Enter the number of the MSTP instance. The table has the following columns: Select Select the line to be deleted. MSTP Instance ID Shows the number of the MSTP instance. Root Address Shows the MAC address of the root bridge Root Priority Shows the priority of the root bridge. Bridge Priority Enter the bridge priority. The value for the bridge priority is a whole multiple of 4096. VLAN ID Enter the VLAN ID. Here, you can also specify ranges with Start ID, "-", End ID. Several ranges or IDs are separated by ",". MST port Configuration of the Multiple Spanning Tree port parameters On this page, you set the parameters for the ports of the configured multiple spanning tree instances. 1578 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings MSTP Instance ID Select the ID of the MSTP instance. Table 1 has the following columns 1st column Shows that the setting is valid for all ports. MSTP Status Select the setting. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2 Table 2 has the following columns: Port Shows all available ports and link aggregations. MSTP Instance ID ID of the MSTP instance. MSTP Status Enable or disable MSTP for this port. Priority Enter the priority of the port. The priority is only evaluated when the path costs are the same. The value must be divisible by 16. If the value that cannot be divided by 16, the value is automatically adapted. Cost Calc. Enter the path cost calculation in the input box. If you enter the value "0" here, the automatically calculated value is displayed in the next box "Path Costs". Path Costs (only available online) This parameter is used to calculate the path that will be selected. The path with the lowest value is selected as the path. If several ports of a device have the same value for the path costs, the port with the lowest port number is selected. If the value for the Cost Calc is "0" the automatically determined value is displayed. Otherwise, the value of the "Cost Calc box is displayed. The calculation of the path costs is largely based on the transmission speed. The higher the achievable transmission speed is, the lower the value of the path costs. Typical values for path costs with rapid spanning tree: - 10,000 Mbps = 2,000 - 1000 Mbps = 20,000 - 100 Mbps = 200,000 - 10 Mbps = 2,000,000 The values can, however, also be set individually. WinCC Advanced V14 System Manual, 10/2016 1579 Editing devices and networks 10.1 Configuring devices and networks Status (only available online) Displays the current status of the port. The values are only displayed and cannot be configured. The following is possible for status: - Discarding The port exchanges MSTP information but is not involved in the data traffic. - Blocked In the blocking mode, BPDU frames are received. - Forwarding The port receives and sends data frames. Fwd. Trans(only available online) Specifies the number of status changes Discarding - Forwarding or Forwarding - Discarding for a port. DCP forwarding Applications The DCP protocol is used by STEP 7 and the PST Tool for configuration and diagnostics. When shipped, DCP is enabled on all ports; in other words, DCP frames are forwarded at all ports. With this option, you can disable the sending of these frames for individual ports, for example to prevent individual parts of the network from being configured with the PST Tool or to divide the full network into smaller parts for configuration and diagnostics. Note Empty table If you have enabled NAT on the device, the table is empty or will be emptied: Settings Port Shows the available ports. Setting Specify whether the port should block or forward outgoing DCP frames. The following options are available: - block No outgoing DCP frames are forwarded via this port. It is nevertheless still possible to receive via this port. - forward DCP frames are forwarded via this port. 1580 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks LLDP Identifying the network topology LLDP (Link Layer Discovery Protocol) is defined in the IEEE 802.AB standard. LLDP is a method used to discover the network topology. Network components exchange information with their neighbor devices using LLDP. Network components that support LLDP have an LLDP agent. The LLDP agent sends information about itself and receives information from connected devices at periodic intervals. The received information is stored in the MIB. Applications PROFINET uses the LLDP protocol for topology diagnostics. In the default setting, LLDP is enabled for all ports; in other words, LLDP frames are sent and received on all ports. With this function, you have the option of enabling or disabling sending and/or receiving per port. Settings The table has the following columns: Port Shows the port. Setting Specify the LLDP functionality. The following options are available: - Tx This port can only send LLDP frames. - Rx This port can only receive LLDP frames. - Rx & Tx This port can receive and send LLDP frames. - "-" (disabled) This port can neither receive nor send LLDP frames. WinCC Advanced V14 System Manual, 10/2016 1581 Editing devices and networks 10.1 Configuring devices and networks Configuring layer 3 functions NAT Basic Note The page is only available SCALANCE W740, SCALANCE W730 and SCALANCE W722-1 RJ45 clients or access points in client mode. On this page, you specify the basic settings for NAT. Settings Interface Select the required interface. Enable NAT Enable or disable NAT for the Ethernet interface. Can only be enabled if "Own" is set on the client for "MAC Mode". TCP Idle Timeout [s] Enter the required time in seconds. If no data exchange takes place, the TCP connection is deleted from the translation table when this time has elapsed. The range of values is 1 to 4294967295. Default setting: 86400 seconds UDP Idle Timeout [s] Enter the required time in seconds. If no data exchange takes place, the UDP connection is deleted from the translation table when this time has elapsed. The range of values is 1 to 4294967295. Default setting: 300 seconds Local Interface IP address Enter the local IP address of the Ethernet interface. This IP address is the gateway address of the local device. Local Interface Subnet Mask Enter the subnet mask for the local Ethernet. NAPT Note The page is only available SCALANCE W740, SCALANCE W730 and SCALANCE W722-1 RJ45 clients or access points in client mode. On this page, you define the translation list for communication from the global to the local network. 1582 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Interface Interface to which the settings relate. Can only be selected if the device has several interfaces. Traffic Type Specify the protocol for which the address assignment is valid. Global Port Enter the global port. Incoming frames with this port as the destination port are forwarded. Note If the port is already occupied by a local service, for example Telnet, a warning is displayed. In this case, avoid using TCP port 23 (Telnet), port 22 (SSH), ports 80/443 (http/https: reachability of the client with the WBM) and UDP port 161 (SNMP) as global port. Local IP address Enter the IP address of the node in the local network. The frame is forwarded to this IP address. Local Port Enter the number of the port. This is the new destination port to which the incoming frame will be forwarded. You can enter the same port in the local area network for more than one node. The table has the following columns: Select Select the lines to be deleted. Interface Shows the interface to which the settings relate. Activate When enabled, the entry for the address assignment is used. Traffic Type Shows the protocol for which the address assignment applies. Dynamic Global IP Address Shows whether or not dynamic address translation is used. Global IP Address Shows the global IP address to which the local IP address will be translated. Global Port Shows the global port. Local IP address Shows the IP address of the node in the local network. Local Port Shows the number of the local port. WinCC Advanced V14 System Manual, 10/2016 1583 Editing devices and networks 10.1 Configuring devices and networks Configuring security functions Passwords Passwords Note The page is only available if there is an online connection to the device. On this page, you can change passwords. If you are logged on with the "admin" role, you can change the passwords for all user accounts. If you are logged on with the "user" role, you can only change your own password. Note If you log on the first time or log on after a "Reset to factory defaults and restart", you will be prompted to change the password. Note If you are logged in via a RADIUS server, you cannot change any local device passwords. Note Changing the password in "Trial" configuration mode Even if you change the password in "Trial" configuration mode, this change is saved immediately. Note The factory settings for the passwords when the devices ship are as follows: admin: admin When you log in for the first time or following a "Restore Factory Defaults and Restart", with the preset user "admin" you will be prompted to change the password. Settings Current User Shows the user that is currently logged in. Current User Password Enter the password for the currently logged in user. User Account Select the user whose password you want to change. 1584 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Password Policy Shows which password policy is being used when assigning new passwords. - High Password length: at least 8 characters, maximum 128 characters at least 1 uppercase letter at least 1 special character at least 1 number - Low Password length: at least 6 characters, maximum 128 characters New Password Enter the new password again to confirm it. Password Confirmation Enter the new password again to confirm it. Options On this page you specify which password policy will be used when assigning new passwords. Description Password Policy Shows which password policy is currently being used New Password Policy Select the required setting from the drop-down list. - High Password length: at least 8 characters, maximum 128 characters at least 1 uppercase letter at least 1 special character at least 1 number - Low Password length: at least 6 characters, maximum 128 characters Users Local users Note The page is only available if there is an online connection to the device. Local users On this page, you create local users with the corresponding rights. WinCC Advanced V14 System Manual, 10/2016 1585 Editing devices and networks 10.1 Configuring devices and networks When you create or delete a local user this change is also made automatically in the table "External User Accounts". If you want to make change explicitly for the internal or external user table, use the CLI commands. Note The values displayed depend on the rights of the logged-in user. Description The page contains the following: User Account Enter the name for the user. The name must meet the following conditions: - It must be unique. - It must be between 1 and 250 characters long. Note User name cannot be changed After creating a user, the user name can no longer be modified. If a user name needs to be changed, the user must be deleted and a new user created. Note Default user "user" set in the factory As of firmware version 6.0 the default user set in the factory "user" is no longer available when the product ships. If you update a device to the firmware V6.0 the default user set in the factory "user" is initially still available. If you reset the device to the factory settings ("Restore Factory Defaults and Restart") the default user set in the factory "user" is deleted. You can create new users with the role "user". Password Policy Shows which password policy is being used. You configure the password policy, see the Security > Passwords > Options page 1586 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Password Enter the password. The strength of the password depends on the set password policy: Note Password Policy: Low Password length: at least 6 characters, maximum 128 characters Password Policy: High The password must meet the following conditions: Password length: at least 8 characters, maximum 128 characters At least 1 uppercase letter At least 1 special character At least 1 number Password Confirmation Enter the password again to confirm it. Role Select a role. You can choose between default and self-defined roles, refer to the page "Security > Users > Roles.". The table contains the following columns: Select Select the check box in the row to be deleted. Note The preset users as well as logged in users cannot be deleted or changed. User Account Shows the user name. Role Shows the role of the user. Description Displays a description of the user account. The description text can be up to 100 characters long. Roles Note The page is only available if there is an online connection to the device. WinCC Advanced V14 System Manual, 10/2016 1587 Editing devices and networks 10.1 Configuring devices and networks Roles On this page, you create roles that are valid locally on the device. Note The values displayed depend on the rights of the logged-in user. Settings Role Name Enter the name for the role. The name must meet the following conditions: - It must be unique. - It must be between 1 and 64 characters long. Note Role name cannot be changed After creating a role, the name of the role can no longer be changed. If a name of a role needs to be changed, the role must be deleted and a new role created. Deleting roles Predefined roles and assigned roles cannot be deleted or modified. The table contains the following columns: Role Shows the name of the role. Function Right Select the function rights of the role. - 1 Users with this role can read device parameters but cannot change them. - 15 Users with this role can both read and change device parameters. Note Function right cannot be changed If you have assigned a role, you can no longer change the function right of the role. If you want to change the function right of a role, follow the steps outlined below: 1. Delete all assigned users. 2. Change the function right of the role: 3. Assign the role again. Description Enter a description for the role. With predefined roles a description is displayed. The description text can be up to 100 characters long. 1588 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Groups Note The page is only available if there is an online connection to the device. User Groups On this page you link a group with a role. In this example the group "Administrators" is linked to the "admin"role: The group is defined on a RADIUS server. The role is defined locally on the device. When a RADIUS server authenticates a user and assigns the user to the "Administrators" group, this user is given rights of the "admin" role. Settings Group Name Enter the name of the group. The name must match the group on the RADIUS server. The name must meet the following conditions: - It must be unique. - It must be between 1 and 64 characters long. The table contains the following columns: Group Shows the name of the group. Role Select a role. Users who are authenticated with the linked group on the RADIUS server receive the rights of this role locally on the device. You can choose between system-defined and self-defined roles, refer to the page "Security > Users > Roles.". Description Enter a description for the link of the group.to a role. AAA User management Overview of user management Access to the device is managed by configurable user settings. Set up users with a password for authentication. Assign a role with suitable rights to the users. The authentication of users can either be performed locally by the device or by an external RADIUS server. You configure how the authentication is handled on the "Security > AAA > General" page. WinCC Advanced V14 System Manual, 10/2016 1589 Editing devices and networks 10.1 Configuring devices and networks Local logon The local logging on of users by the device runs as follows: 1. The user logs on with user name and password on the device. 2. The device checks whether an entry exists for the user. If an entry exists, the user is logged in with the rights of the associated role. If no corresponding entry exists, the user is denied access. Login via an external RADIUS server RADIUS (Remote Authentication Dial-In User Service) is a protocol for authenticating and authorizing users by servers on which user data can be stored centrally. Depending on the RADIUS authorization mode you have selected on the "Security > AAA > RADIUS Client" page, the device evaluates different information of the RADIUS server. RADIUS authorization mode "Standard" If you have set the authorization mode "conventional", the authentication of users via a RADIUS server runs as follows: 1. The user logs on with user name and password on the device. 2. The device sends an authentication request with the login data to the RADIUS server. 3. The RADIUS server runs a check and signals the result back to the device. - The RADIUS server reports a successful authentication and returns the value "Administrative User" to the device for the attribute "Service Type". The user is logged in with administrator rights. - The RADIUS server reports a successful authentication and returns a different or even no value to the device for the attribute "Service Type". The user is logged in with read rights. - The RADIUS server reports a failed authentication to the device: The user is denied access. RADIUS authorization mode "SiemensVSA" Requirement For the RADIUS authorization mode "Siemens VSA" the following needs to be set on the RADIUS server: Manufacturer code: 4196 Attribute number: 1 Attribute format: Character string (group name) Procedure 1590 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you have set the authorization mode "SiemensVSA", the authentication of users via a RADIUS server runs as follows: 1. The user logs on with user name and password on the device. 2. The device sends an authentication request with the login data to the RADIUS server. 3. The RADIUS server runs a check and signals the result back to the device. Case A: The RADIUS server reports a successful authentication and returns the group assigned to the user to the device. - The group is known on the device and the user is not entered in the table "External User Accounts" The user is logged in with the rights of the assigned group. - The group is known on the device and the user is entered in the table "External User Accounts" The user is assigned the role with the higher rights and logged in with these rights. - The group is not known on the device and the user is entered in the table "External User Accounts" The user is logged in with the rights of the role linked to the user account. - The group is not known on the device and the user is not entered in the table "External User Accounts" The user is logged in with the rights of the role "Default". Case B: The RADIUS server reports a successful authentication but does not return a group to the device. - The user is entered in the table "External User Accounts": The user is logged in with the rights of the linked role "". - The user is not entered in the table "External User Accounts": The user is logged in with the rights of the role "Default". Case C: The RADIUS server reports a failed authentication to the device: - The user is denied access. General The term "AAA" used in the menu stands for "Authentication, Authorization, Accounting" and is used to identify and allow network nodes, to provide them with the appropriate services and to determine the amount of use. On this page, you configure the login. Settings Note To be able to use the login authentication "RADIUS", "Local and RADIUS" or "RADIUS and fallback Local" a RADIUS server must be stored and configured for user authentication. WinCC Advanced V14 System Manual, 10/2016 1591 Editing devices and networks 10.1 Configuring devices and networks Login Authentication Specify how the login is made: - Local The authentication must be made locally on the device. - RADIUS The authentication must be handled via a RADIUS server. - Local and RADIUS The authentication is possible both with the users that exist on the device (user name and password) and via a RADIUS server. The user is first searched for in the local database. If the user does not exist there, a RADIUS query is sent. - RADIUS and fallback Local The authentication must be handled via a RADIUS server. A local authentication is performed only when the RADIUS server cannot be reached in the network. RADIUS client The term "AAA" used in the menu stands for "Authentication, Authorization, Accounting" and is used to identify and allow network nodes, to provide them with the appropriate services and to determine the amount of use. Authentication over an external server The concept of RADIUS is based on an external authentication server. Each row of the table contains access data for one server. In the search order, the primary server is queried first. If the primary server cannot be reached, secondary servers are queried in the order in which they are entered. If no server responds, there is no authentication. Settings The page contains the following boxes: RADIUS Authorization Mode For the login authentication, the RADIUS authorization mode specifies how the rights are assigned to the user with a successful authentication. - conventional In this mode the user is logged in with administrator rights if the server returns the value "Administrative User" to the device for the attribute "Service Type". In all other cases the user is logged in with read rights. - Vendor specific In this mode the assignment of rights depends on whether and which group the server returns for the user and whether or not there is an entry for the user in the table "External User Accounts". 1592 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Auth. Server Type Select which authentication method the server will be used for. - Login The server is used only for the login authentication. - 802.1X The server is used only for the 802.1X authentication. - Login & 802.1X The server is used for both authentication procedures. RADIUS Server Address Enter the IPv4 address or the FQDN (Fully Qualified Domain Name) of the RADIUS server. Server Port Here, enter the input port on the RADIUS server. As default, input port 1812 is set. Shared Secret Enter your access ID. Confirm Shared Secret Enter your access ID again as confirmation. Max. Retrans Enter the maximum number of query attempts before another configured RADIUS server is queried or the login counts as having failed. As default, 3 is set. Primary Server Specify whether or not this server is the primary server. You can select one of the options "yes" or "no". Test With this button, you can test whether or not the specified RADIUS server is available. The test is performed once and not repeated cyclically. Test Result Shows whether or not the RADIUS server is available: - Failed, no test packet sent The IP address is not reachable. The IP address is reachable, the RADIUS server is, however, not running. - Reachable, key not accepted The IP address is reachable, the RADIUS server does not, however accept the shared secret. - Reachable, key accepted The IP address is reachable, the RADIUS server accepts the specified shared secret. The test result is not automatically updated. To delete the test result click the "Refresh" button. WinCC Advanced V14 System Manual, 10/2016 1593 Editing devices and networks 10.1 Configuring devices and networks MAC ACL Rule configuration On this page, you specify the access rules for the MAC-based Access Control List. Using the MAC-based ACL, you can specify whether frames of certain MAC addresses are forwarded or discarded. Settings Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Enter the unicast MAC address of the source. Destination MAC Address Enter the unicast MAC address of the destination. Action Select the action. The following is possible: - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Ingress Interfaces Shows a list of all interfaces to which this rule applies. Egress Interfaces Shows a list of all interfaces to which this rule applies. Note Entering the MAC addresses If you enter the address "00:00:00:00:00:00" for the source and/or destination MAC address, the rule created in this way applies to all source or destination MAC addresses. Ingress Rules On this page, you specify the ACL rule according to which incoming frames are handled by the port. 1594 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings Interface Select the required interface. Add Rule Select the ACL rule to be assigned to the interface. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the interface, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the interface, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Shows the unicast MAC address of the source. Destination MAC Address Shows the unicast MAC address of the destination. Action Shows the action: - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Egress Rules On this page, you specify the ACL rule according to which outgoing frames are handled by the port. Settings Interface Select the required interface. Add Rule Select the ACL rule to be assigned to the interface. You specify the ACL rule on the "Rules Configuration" page. WinCC Advanced V14 System Manual, 10/2016 1595 Editing devices and networks 10.1 Configuring devices and networks Add To permanently assign the ACL rule to the interface, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the interface, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source MAC Shows the unicast MAC address of the source. Destination MAC Address Shows the unicast MAC address of the destination. Action Shows the action - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. IP ACL Rule configuration On this page, you specify the rules for the IP-based ACL. Settings The table has the following columns: Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Source IP Enter the IPv4 address of the source. Source Subnet Mask Enter the subnet mask in which the source is located. Dest. IP Enter the IP address of the destination. 1596 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Dest. Subnet Mask Enter the subnet mask in which the destination is located. Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Ingress Interfaces Shows a list of all interfaces to which this rule applies. Egress Interfaces Shows a list of all interfaces to which this rule applies. Protocol configuration On this page, you specify the rules for protocols. Settings The table has the following columns: Rule Number Shows the number of the protocol rule. When you create a rule, a new row with a unique number is created. Protocol Select the protocol for which this rule is valid. Protocol Number Enter a protocol number to define further protocols. This box can only be edited if you have set "Other Protocol" for the protocol. Source Port Min. Enter the lowest possible port number of the source port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Source Port Max. Enter the highest possible port number of the source port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Dest. Port Min. Enter the lowest possible port number of the destination port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Dest. Port Max. Enter the highest possible port number of the destination port. This box can only be edited if you have set "TCP" or "UDP" for the protocol. Message Type Enter a message type to decide the format of the message. This box can only be edited if you have set "ICMP" for the protocol. WinCC Advanced V14 System Manual, 10/2016 1597 Editing devices and networks 10.1 Configuring devices and networks Message Code Enter a message code to specify the function of the message. This box can only be edited if you have set "ICMP" for the protocol. DSCP Enter a value for classifying the priority. This box cannot be edited if you have set "ICMP" for the protocol. Ingress Rules On this page, you specify the ACL rule according to which incoming frames are handled by the port or VLAN. Settings Ports Select the required port: a port or a VLAN interface. To select a VLAN interface, an IP interface must be configured. Note If you use a VLAN interface, the ACL rule applies to all ports that belong to the VLAN. Add Rule Select the ACL rule to be assigned to the port. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the port, click the "Add" button. The configuration is shown in the table. Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the port, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Protocol Shows the protocol for which this rule is valid. Protocol Number Shows the protocol number. Source IP Shows the IP address of the source. Source Subnet Mask Shows the subnet mask in which the source is located. 1598 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Dest. IP Shows the IP address of the destination. Dest. Subnet Mask Shows the subnet mask of the destination. Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Source Port Min. Shows the lowest possible port number of the source port. Source Port Max. Shows the highest possible port number of the source port. Dest. Port Min. Shows the lowest possible port number of the destination port. Dest. Port Max. Shows the highest possible port number of the destination port. Message Type Shows a message type to decide the format of the message. Message Code Shows a message code to specify the function of the message. DSCP Shows the value for classifying the priority. Egress Rules On this page, you specify the ACL rule according to which outgoing frames are handled by the port. Settings Ports Select the required port: a port or a VLAN interface. To select a VLAN interface, an IP interface must be configured. Note If you use a VLAN interface, the ACL rule applies to all ports that belong to the VLAN. Add Rule Select the ACL rule to be assigned to the port. You specify the ACL rule on the "Rules Configuration" page. Add To permanently assign the ACL rule to the port, click the "Add" button. The configuration is shown in the table. WinCC Advanced V14 System Manual, 10/2016 1599 Editing devices and networks 10.1 Configuring devices and networks Remove Rule Select the ACL rule to be deleted. Remove To remove the ACL rule from the port, click the "Remove" button. The table has the following columns: Rule Order Shows the order of the ACL rules. Rule Number Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. Protocol Shows the protocol for which this rule is valid. Protocol Number Shows the protocol number. Source IP Shows the IP address of the source. Source Subnet Mask Shows the subnet mask in which the source is located. Dest. IP Shows the IP address of the destination. Dest. Subnet Mask Shows the subnet mask of the source. Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule. - Forward If the frame complies with the ACL rule, the frame is forwarded. - Discard If the frame complies with the ACL rule, the frame is not forwarded. Source Port Min. Shows the lowest possible port number of the source port. Source Port Max. Shows the highest possible port number of the source port. Dest. Port Min. Shows the lowest possible port number of the destination port. Dest. Port Max. Shows the highest possible port number of the destination port. Message Type Shows a message type to decide the format of the message. Message Code Shows a message code to specify the function of the message. DSCP Shows the value for classifying the priority. 1600 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks WLAN Basic (Access Point) Safety levels To make the network secure, authentication and encryption are used. On this page, you specify the security settings. Note Transmission standard IEEE 802.11 n The transmission standard IEEE 802.11 n with the setting "802.11n" or "802.11 n only" supports only WPA2/ WPA2-PSK with AES in the security settings. iPCF or iPCF-MC If iPCF or iPCF-MC is enabled, only "Open System" with the encryption methods WEP or AES is supported in the security settings. WinCC Advanced V14 System Manual, 10/2016 1601 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following columns: Interface Shows the available interfaces. Authentication Type Select the type of authentication. The selection depends on the operating mode and the transmission standard. - Open System There is no authentication. Encryption with a fixed (unchanging) WEP key can be selected as an option. To use the key, enable "Encryption". You define the WEP key on the "Keys" page. If iPCF mode is enabled, the encryption method AES with 128 bit key length is also supported. - Shared Key With this authentication, a fixed key is stored on the client and access point. This WEP key is then used for authentication and encryption. You define the WEP key on the "Keys" page. Note If you use "Open System" with "Encryption" or "Shared Key", Key 1 must always be set on the "Keys" page. - WPA (RADIUS) Wi-Fi Protected Access is a method specified by the Wi-Fi Alliance to close security gaps in WEP. Authentication using a server is stipulated (802.1x). The dynamic exchange of keys at each data frame introduces further security. - WPA-PSK WPA Pre Shared Key (WPA-PSK) is a weakened form of WPA. In this method, authentication is not established by a server but is based on a password. This password is configured manually on the client and server. - WPA2 (RADIUS) WPA2 (Wi-Fi Protected Access 2) is a further development of WPA and implements the functions of the IEEE 802.11i security standard. WPA authentication works, however, without the RADIUS server. - WPA2-PSK WPA2-PSK is based on the 802.11i standard. WPA authentication works, however, without a RADIUS server. Instead of this, a WPA(2) key (WPA(2) pass phrase) is stored on each client and access point. The WPA(2) pass phrase is used for authentication and further encryption. - WPA/WPA2-Auto-PSK Setting with which an access point can process both the "WPA-PSK" as well as the "WPA2-PSK" type of authentication. This is necessary when the access point communicates with different clients, some using "WPA-PSK" and others "WPA2-PSK". The same encryption method is set on the clients. 1602 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks - WPA/WPA2-Auto Setting with which an access point can process both the "WPA" as well as the "WPA2" type of authentication. This is necessary when the access point communicates with different clients, some using "WPA" and others "WPA2". The same encryption method is set on the clients Encryption Encryption protects the transferred data from eavesdropping and corruption. You can only disable encryption if you have selected "Open System" for authentication. All other security methods include both authentication and encryption. Cipher Select the encryption method. The selection depends on the transmission standard. - AUTO AES or TKIP is used depending on the capability of the other station. - WEP WEP (Wired Equivalent Privacy) A symmetrical stream encryption method with only 40- or 104-bit long keys based on the RC4 algorithm (Ron's Code 4). - TKIP (Temporal Key Integrity Protocol) A symmetrical encryption method with the RC4 algorithm (Ron's Code 4). In contrast to the weak WEP encryption, TKIP uses changing keys derived from a main key. TKIP can also recognize corrupted data frames. - AES (Advanced Encryption Standard) Strong symmetrical block encryption method based on the Rijndael algorithm that further improves the functions of TKIP. Note To provide better protection of your data against attacks, use WPA2/ WPA2-PSK with AES. WPA(2) Pass Phrase Enter a WPA(2) pass phrase here. This WPA(2) key must be known both at the client end and on the access point and is entered by the user at both ends. ASCII code 0x20 to 0x7e is used for the WPA(2) key. WPA(2) Pass Phrase Confirmation Confirm the entered WPA(2) key. Default Key Specify the WEP key used to encrypt the data. You define the WEP key on the "Keys" page. Options Which settings are possible depends on the "Authentication Type" you have selected. WinCC Advanced V14 System Manual, 10/2016 Authentication type Encryption Cipher Encryption key source Open System disabled -- -- Open System Enabled WEP Default Key Open System Enabled AES Default Key (128-bit) 1) 1603 Editing devices and networks 10.1 Configuring devices and networks Authentication type Encryption Cipher Encryption key source Shared Key Enabled WEP Default Key WPA (RADIUS) Enabled Auto/TKIP/AES RADIUS Server WPA-PSK Enabled Auto/TKIP/AES WPA(2) Pass Phrase WPA2 (RADIUS) Enabled Auto/TKIP/AES RADIUS Server WPA2-PSK Enabled Auto/TKIP/AES WPA(2) Pass Phrase WPA/WPA2-AutoPSK Enabled Auto/TKIP/AES WPA(2) Pass Phrase WPA/WPA2-Auto (RADI US) Enabled Auto/TKIP/AES RADIUS Server 1) available only with iPCF or iPCF-MC Basic (Client) Safety levels To make the network secure, authentication and encryption are used. On this page, you specify the security settings. Note Transmission standard IEEE 802.11 n The transmission standard IEEE 802.11 n with the setting "802.11n" or "802.11 n only" supports only WPA2/ WPA2-PSK with AES in the security settings. iPCF or iPCF-MC mode activated If iPCF or iPCF-MC mode is enabled, only "Open System" with the encryption method AES is supported in the security settings with Security Context 1. 1604 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following columns: Security context Shows the number of the entry. If you create a new entry, a new row with a unique number is created. You can create up to 8 security contexts. The security context 1 cannot be deleted. Authentication Type Select the type of authentication. The selection depends on the operating mode and the transmission standard. - Open System There is no authentication. Encryption with a fixed (unchanging) WEP key can be selected as an option. To use the key, enable "Encryption". You define the WEP key on the "Keys" page. If iPCF or iPCF-MC mode is enabled, only the encryption method AES with 128 bit key length is supported. - Shared Key In Shared Key authentication, a fixed key is stored on the client and access point. This WEP key is then used for authentication and encryption. You define the WEP key on the "Keys" page. - WPA (RADIUS) Wi-Fi Protected Access is a method specified by the Wi-Fi Alliance to close security gaps in WEP. Authentication using a server is stipulated (802.1x). The dynamic exchange of keys at each data frame introduces further security. Note Make the relevant RADIUS settings initially on the page "Security > WLAN > Basic". - WPA-PSK WPA Pre Shared Key (WPA-PSK) is a weakened form of WPA. In this method, authentication is not established by a server but is based on a password. This password is configured manually on the client and server. - WPA2 (RADIUS) WPA2 (Wi-Fi Protected Access 2) is a further development of WPA and implements the functions of the IEEE 802.11i security standard. WPA authentication works, however, without the RADIUS server. Note Make the relevant RADIUS settings initially on the page "Security > WLAN > Client Radius Supplicant". - WPA2-PSK WPA2-PSK is based on the 802.11i standard. WPA authentication works, however, without a RADIUS server. Instead of this, a WPA(2) key (WPA(2) pass phrase) is stored on each client and access point. The WPA(2) pass phrase is used for authentication and further encryption. WinCC Advanced V14 System Manual, 10/2016 1605 Editing devices and networks 10.1 Configuring devices and networks - WPA/WPA2-Auto-PSK Setting with which an access point can process both the "WPA-PSK" as well as the "WPA2-PSK" type of authentication. This is necessary when the access point communicates with different clients, some using "WPA-PSK" and others "WPA2-PSK". The same encryption method is set on the clients. - WPA/WPA2-Auto Setting with which an access point can process both the "WPA" as well as the "WPA2" type of authentication. This is necessary when the access point communicates with different clients, some using "WPA" and others "WPA2". The same encryption method is set on the clients Encryption Encryption protects the transferred data from eavesdropping and corruption. You can only disable encryption if you have selected "Open System" for authentication. All other security methods include both authentication and encryption. Cipher Select the encryption method. The selection depends on the transmission standard. - AUTO AES or TKIP is used depending on the capability of the other station. - WEP WEP (Wired Equivalent Privacy) A symmetrical stream encryption method with only 40- or 104-bit long keys based on the RC4 algorithm (Ron's Code 4). - TKIP (Temporal Key Integrity Protocol) A symmetrical encryption method with the RC4 algorithm (Ron's Code 4). In contrast to the weak WEP encryption, TKIP uses changing keys derived from a main key. TKIP can also recognize corrupted data frames. - AES (Advanced Encryption Standard) Strong symmetrical block encryption method based on the Rijndael algorithm that further improves the functions of TKIP. Note To provide better protection of your data against attacks, use WPA2/ WPA2-PSK with AES. WPA(2) Pass Phrase Enter a WPA(2) pass phrase here. This WPA(2) key must be known on both the client and the access point and is entered by the user at both ends. For a key with 8 to 63 characters, you can only use the following readable ASCII characters: 0x20 - 0x7e. For a key with precisely 64 characters, you can use the following ASCII characters: 0 - 9, a - f and A - F. WPA(2) Pass Phrase Confirmation Confirm the entered WPA(2) key. Default Key Specify the WEP key used to encrypt the data. You define the WEP key on the "Keys" page. 1606 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks AP communication Communications options On this page, you specify the type of communication allowed by the access point. Note The page is available only in access point mode. Settings Table 1 has the following columns: Port Shows that the settings are valid for all ports of Table 2. within own VAP / with other VAPs / with Ethernet Select the setting you require. If "No Change" is selected, the entry in table 2 remains unchanged. Transfer to table If you click the button, the setting is adopted for all ports of table 2. Table 2 has the following columns: Radio Shows the available WLAN interfaces. Port Shows the VAP interface. within own VAP - Enabled Clients logged on to the same VAP interface of an access point can communicate with each other. - Disabled Option is disabled. WinCC Advanced V14 System Manual, 10/2016 1607 Editing devices and networks 10.1 Configuring devices and networks with other VAPs Only available if the device has at least 2 VAP interfaces. - Enabled Clients logged on to different VAP interfaces of an access point can communicate with each other. - Disabled Option is disabled. Note For an access point, "with other VAPs" must be enabled on all WLAN interfaces or on all VAPs to allow communication between clients logged on at different VAP interfaces of the access point. with Ethernet - Enabled Clients can communicate via the Ethernet interface of the access point. - Disabled Option is disabled. Client RADIUS Supplicant Client Supplicant On this page, you configure the settings for the RADIUS authorization of the client. Note This page is only available for clients or access points in client mode. Settings The table has the following columns: Security context Shows the security context. Dot1x User Name Enter the user name with which the client will log on with the RADIUS server. Dot1x User Password Enter the password for the user name specified above. The client logs on with the RADIUS server using this combination. For password assignment, ASCII characters 0x20 to 0x7e are used. Confirm Dot1x user password Confirm the password. 1608 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Dot1x Check Server Certificate Specify whether or not the RADIUS server identifies itself to the client using a certificate. Dot1x EAP Types Specify the authentication method. The following methods are available: - Auto EAP-TLS, EAP-TTLS or PEAP is used depending on the capability of the other station. - EAP-TLS Client logs on using a certificate. - EAP-TTLS The client logs on with the RADIUS server using the user name and password - PEAP The client logs on with the RADIUS server using the user name and password. AP RADIUS Authenticator Configuration of the RADIUS server On this page, you define the RADIUS servers and the RADIUS authentication of the access point. You can enter data for two RADIUS servers. Note The page is available only in access point mode. Settings Reauthentication Mode Specify who sets the time after which the clients are forced to reauthenticate. - '-' Disabled Reauthentication mode is disabled. - Server Enables time management on the server. - Local Enables local time management. In "Reauthentication Interval", specify the time of validity. Reauthentication Interval [s] If time management is local, enter the period of validity of the authentication in seconds. The minimum time is 1 minute (enter 60), the maximum time is 12 hours (enter 43200). The default is one hour (3,600 seconds). WinCC Advanced V14 System Manual, 10/2016 1609 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Server IP Address Here, enter the IP address of the RADIUS server. Server Port Here, enter the input port on the RADIUS server. Shared Secret Enter the password of the RADIUS server. For the password, ASCII code 0x20 to 0x7e is used. Confirm Shared Secret Confirm the password. Max. Retransmissions Enter the maximum number of connection attempts. Primary Server Specify whether or not this server is the primary server. - yes: Primary server - no: Backup server. Status With this setting, you can enable or disable the RADIUS server Key Specifying the WEP key To allow you to enable the encryption for the "Open System" and "Shared Key" authentication methods, you must first enter at least one key in the key table. 1610 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following columns: Key 1 - 4 Enter the WEP or AES key. For the WEP key, characters of the ASCII code from 0x20 to 0x7E or hexadecimal characters from 0x00 to 0xFF are permitted. If iPCF or iPCF-MC mode is enabled, only the encryption method AES with 128-bit key length is supported. You can choose between the following key lengths: - 5 or 13 ASCII or 10 or 26 hexadecimal characters (40/104 bits) - 16 ASCII or 32 hexadecimal characters (128 bits) Note The hexadecimal characters are entered without being preceded by "0x". One hexadecimal character codes four bits. The entries "ABCDE" (ASCII characters) and "4142434445" (hexadecimal characters) are therefore the same because the ASCII character "A" has hexadecimal code "0x41". Key 1 - 4 Confirmation Confirm the WEP key. Management ACL On this page, you can increase the security of your device. To specify which station with which IP address is allowed to access your device, configure the IP address or an entire address range. You can select the protocols and the ports with which the station is allowed to access the device. You define the VLAN in which the station may be located. This ensures that only certain stations within a VLAN have access to the device. Note Note that a bad configuration may mean that you can no longer access the device. Settings Management ACL Enable or disable the function. IP Address Enter the IP address or the network address to which the rule will apply. If you use the IP address 0.0.0.0, the settings apply to all IP addresses. Subnet Mask Enter the subnet mask. The subnet mask 255.255.255.255 is for a specific IP address. If you want to allow a subnet, for example a C subnet, enter 255.255.255.0. The subnet mask 0.0.0.0 applies to all subnets. WinCC Advanced V14 System Manual, 10/2016 1611 Editing devices and networks 10.1 Configuring devices and networks The table has the following columns: Select Select the lines to be deleted. Rule Order Shows the number of the ACL rule. When you create a rule, a new row with a unique number is created. IP Address Shows the IP address. Subnet Mask Shows the subnet mask. VLANs Allowed Enter the number of the VLAN in which the device is located. The station can only access the device if it is located in this configured VLAN. If this input box remains empty, there is no restriction. SNMP Specify whether the station or the IP address accesses the device using the SNMP protocol. TELNET Specify whether the station or the IP address accesses the device using the TELNET protocol. HTTP Specify whether the station or the IP address accesses the device using the HTTP protocol. HTTPS Specify whether the station or the IP address accesses the device using the HTTPS protocol. SSH Specify whether the station or the IP address accesses the device using the SSH protocol. Px Specify whether the station or the IP address accesses the device via this port. WLAN1 (In client mode only) Specify whether the station or the IP address accesses the device via the WLAN interface. VAPX.Y (only in access point mode) Specify whether the station or the IP address accesses the device via the VAP interface. WDSX.Y (only in access point mode) Specify whether the station or the IP address accesses the device via the WDS interface. 1612 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Inter AP blocking Basic Note This tab is only available. - SCALANCE W780 / W770 - in access point mode This WBM page can only be configured with the following KEY-PLUGs: - W780 iFeatures (MLFB 6GK5 907-8PA00) - W700 Security (MLFB 6GK5907-0PA00) When should Inter AP blocking be used? The clients connected to an access point can normally communicate with all devices of the layer 2 network. With inter AP blocking, the communication of the clients connected to the access point can be restricted. Only the devices whose IP addresses are configured in "Allowed Addresses" on the access point are accessible to the clients. Communication with other nodes in the network is therefore prevented. Settings Refresh Interval [s] Enter the refresh interval for the ARP table. The table has the following columns: Radio Specifies the WLAN interface to which the settings relate. Port Specifies the VAP interface to which the settings relate. SSID Specifies the SSID to which the settings relate. Enabled When selected, the access restriction is used. You configure the devices that are accessible for the clients in "Security > Inter AP Blocking > Allow IP Addresses". Block Gratuitous ARP Requests When enabled, gratuitous ARP packets are not forwarded. Block Non-IP Frames When enabled, there is no exchange of non-IP packets, for example layer 2 packets between the client and the devices configured on the access point as permitted communications partners. WinCC Advanced V14 System Manual, 10/2016 1613 Editing devices and networks 10.1 Configuring devices and networks Allowed Addresses On this page you specify which devices are accessible to the clients. Note This tab is only available. - SCALANCE W780 / W770 - in access point mode This WBM page can only be configured with the following KEY-PLUGs: - W780 iFeatures (MLFB 6GK5 907-8PA00) - W700 Security (MLFB 6GK5907-0PA00) Settings Port Select the required port. IP address Enter the IP address of the devices accessible to the client. The table has the following columns: Select Select the lines to be deleted. Radio Specifies the WLAN interface to which the settings relate Port Specifies the VAP interface to which the settings relate IP address IP Address of the devices accessible to the client. If necessary, you can change the IP address. Resolver IP Address The IP address with which the allowed IP address is resolved. The entry is necessary if the management IP address is located in a different subnet. If the IP address "0.0.0.0" is configured for "IP address resolution", the management IP address is used for the resolution. 1614 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring iFeatures iPCF Note iPCF for clients or access points in client mode SCALANCE W740, SCALANCE W734-1 RJ-45 and SCALANCE W722-1 RJ-45 The setting can only be configured with the following KEY-PLUG: - Client: W740 iFeatures (MLFB 6GK5 907-4PA00) iPCF in access point mode SCALANCE W780 and SCALANCE W774-1 RJ-45 The setting can only be configured with the following KEY-PLUG: - Access point: W780 iFeatures (MLFB 6GK5 907-8PA00) When should iPCF be used? The use of iPCF is advisable particularly if you have a large number of nodes and want to implement highly deterministic operation. This is necessary, for example with PROFINET or other cyclic protocols. Note iPCF, iPCF-MC and iPRP are not compatible with each other and cannot be used at the same time on a device. Settings In both modes, the table has the following columns: Radio Specifies the WLAN interface to which the settings relate. Enable iPCF Enable or disable iPCF mode. For PROFINET communication, we recommend that you enable the iPCF mode. By enabling iPCF, the data rates provided by the access point are adapted. We strongly recommend that you retain the default setting for the data rates (802.11 a/b/g = 12 Mbps and 802.11n = MCS 2). WinCC Advanced V14 System Manual, 10/2016 1615 Editing devices and networks 10.1 Configuring devices and networks In access point mode, the table has the following additional columns: Protocol Support Specify which protocol is handled with priority by the WLAN interface. - PROFINET if you set PROFINET, there must be no PROFINET controller downstream from the client. - EtherNet/IP If you set Ethernet/IP, there must be no scanner downstream from the client. - Disabled The function is disabled. iPCF Cycle Time [ms] Select the required cycle time from the drop-down list. The following points need to be taken into account when setting the cycle time. Otherwise it may not be possible to establish stable communication. - There is only one access point in the system; in other words, the clients move only in one wireless cell. In this case, update times >= 16 ms are supported. - There are several access points in the system that communicate over different channels. The clients roam between the access points. In this case, select update times >= 32 ms. In addition to the guide values shown above, remember that the shortest cycle time to be set is calculated according to the formula "2 ms * max. number of nodes". Scanning Mode The selected setting affects the scanning of the logged-on clients. The following settings are available: - All Channels The client scans all permitted channels and selects the access point with the best signal strength and connects to it. - Next Channel The client scans the next channel from its permitted channel list. If an access point is there, it connects to it. If it does not find an access point on this channel, it scans the next channel. Signal Quality Threshold Can only be configured if "Next Channel" is set for "Scanning Mode". The client is given a minimum signal strength with which the access point must be seen during the scan so that a connection can be established to it. The following threshold values exist for the signal strength: 1616 Level Signal quality in RSSI Signal quality in % 1 20 40 2 25 50 3 30 60 4 35 70 5 40 80 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks iPCF-MC Requirements to be able to use iPCF-MC: The access point has at least two WLAN interfaces (dual AP). Access point mode: Only dual APs with KEY-PLUG W780 iFeatures (MLFB 6GK5 907-8PA00) Client mode: Client with KEY-PLUG W740 iFeatures (MLFB 6GK5 907-4PA00) The management interface and data interface must be operated in the same frequency band and mode and must match in terms of their wireless coverage. iPCF-MC will not work if both wireless interfaces are equipped with directional antennas that cover different areas. The management interfaces of all access points to which a client can change must use the same channel. A client scans only this one channel to find accessible access points. Transmission based on IEEE801.11h (DFS) cannot be used for the management interface. 801.11h (DFS) is possible for the data interface. The client cannot be operated with "Use Allowed Channels only". "Force Roaming on link down" is automatically mirrored on the second interface. The following applies to clients: All configured and active SSIDs must be assigned to security context 1. An SSID is active when the corresponding check box "Enabled" is selected on the page "Interfaces > WLAN > Client". In Japan, iPCF-MC cannot be enabled if the data or management interface uses a frequency of the 4920 MHz - 5080 MH frequency band. When should iPCF-MC be used? iPCF was developed to achieve short handover times when roaming between cells. The iPCFMC technique allows short handover times even for freely mobile clients and when a lot of cells are involved or a large number of channels is being used. Note iPCF, iPCF-MC and iPRP are not compatible with each other and cannot be used at the same time on a device. With 11n devices, remember that the assignment of the WLAN interfaces is fixed for iPCFMC. - WLAN1: Data interface - WLAN2: Management interface WinCC Advanced V14 System Manual, 10/2016 1617 Editing devices and networks 10.1 Configuring devices and networks Settings The following setting exists in both modes Enable iPCF-MC Enable or disable the iPCF-MC mode of the device. For PROFINET communication, we recommend enabling the iPCF-MC mode. By enabling iPCF-MC, the data rates provided by the access point are adapted. We strongly recommend that you retain the default setting for the data rates (802.11 a/b/g = 12 Mbps and 802.11n = MCS 2). The following setting exists only in access point mode iPCF Cycle Time Select the update time configured for the network to which the access point is connected. The lowest value for the update time is 32 ms. The following setting exists only in client mode Management Scan Period This parameter specifies the time between two client background scans (specified in iPCF cycles). If, for example, you select two, the client runs a background scan only in every second iPCF cycle. A lower value for the background scan interval provides the basis for fast roaming, however this means that no high data throughput can be achieved. A higher value should be selected for a high data throughput. Protocol Support (only in access point mode) Specify which protocol is handled with priority. PROFINET if you set PROFINET, there must be no PROFINET controller downstream from the client. EtherNet/IP If you set Ethernet/IP, there must be no scanner downstream from the client. iPRP Note This page is only available with SCALANCE W780/W740 with SCALANCE W770/W730 The following KEY-PLUGs are inserted: Access point: W780 iFeatures (MLFB 6GK5 907-8PA00) Client: W740 iFeatures (MLFB 6GK5 907-4PA00) 1618 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks When should iPRP be used? Note Use of iPRP with other iFeatures IPRP and other iFeatures (e.g. iPCF. iPCF-MC, ) are not compatible with each other and cannot be used at the same time on a device. With the "industrial Parallel Redundancy Protocol" (iPRP) the PRP technology can be used in a wireless network. With IPRP the PRP frames are transferred parallel via two wireless links. The parallel transfer allows disruptions of the transfer on one wireless link to be compensated on the other. Requirement The Base Bridge mode "802.1Q VLAN Bridge" is set. The VLANs have been created. Access point mode: The VAP interface is enabled. Client mode: For "MAC Mode", Layer 2 Tunnel is set. Settings The page contains the following: PRP A Select the VLAN assignment for PRP from the drop-down list. PRP B Select the VLAN assignment for PRP B from the drop-down list. This table contains the following columns: Interface Shows the available interfaces. Enable iPRP Enable or disable iPRP for the required interface. PRP Network Specify the PRP network in which the interface is a member. iREF Note The page is available only in access point mode. The function is supported by SCALANCE W780 / W770. The setting can only be configured with the following KEY-PLUG: - Access point: W780 iFeatures (MLFB 6GK5 907-8PA00) WinCC Advanced V14 System Manual, 10/2016 1619 Editing devices and networks 10.1 Configuring devices and networks When should iREF be used? With iREF, the data can be sent with the highest possible transmit power. This applies in particular to use cases in which MIMO cannot be used, is of no advantage or when using sector antennas. Note Use of iREF with other iFeatures iREF and other iFeatures (e.g. iPCF) are not compatible with each other and cannot be used at the same time on a device. Settings The table has the following columns: Radio Specifies the WLAN interface to which the settings relate. Enable iREF Enable or disable iREF for the required WLAN interface. The result is shown in "Information > WLAN >iFeatures". Note To be able to use iREF, there must be at least two antennas. The antennas are automatically switched to antenna mode RX/TX as soon as iREF is enabled. AeroScout Note The page is only available - SCALANCE W780 / W770 - in access point mode The setting can only be configured with the following KEY-PLUG: - Access point: W780 iFeatures (MLFB 6GK5 907-8PA00) Note The AeroScout function cannot be combined with other iFeatures (iPCF,iPCF-MC, iREF). AeroScout can only be used in the 2.4 GHz band according to IEEE 802.11g, IEEE 802.11n and IEEE 802.11n-only. For more detailed information, please refer to the AeroScout documentation (www.aeroscout.com). 1620 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings The table has the following columns: Radio Specifies the WLAN interface to which the settings relate. Enable AeroScout Enable or disable AeroScout support for the required WLAN interface. The result is shown in "Information > WLAN iFeatures". This page is only available in the WBM. 10.1.4.4 Configuring AS-i devices Digital addresses Bit assignment The bit assignment is determined from the IO code (I/O configuration) of the configured AS-i slave. The following table shows the bit assignment. IO code Offset of the input bits Offset of the output bits 0.0 0.1 0.2 0.3 0.0 0.1 0.2 0.3 0 (EEEE) IN1 IN2 IN3 IN4 - - - - 1 (EEE-) IN1 IN2 IN3 - - - - - 2 (EEEE) IN1 IN2 IN3 IN4 - - - - 3 (EEA-) IN1 IN2 - - - - OUT1 - 4 (EEBE) IN1 IN2 IN3 IN4 - - OUT1 - 5 (EAAA) IN1 - - - - OUT1 OUT2 OUT3 6 (BBBB) IN1 IN2 IN3 IN4 OUT1 OUT2 OUT3 OUT4 7 (BBBB) IN1 IN2 IN3 IN4 OUT1 OUT2 OUT3 OUT4 8 (AAAA) - - - - OUT1 OUT2 OUT3 OUT4 9 (AAAE) - - - IN1 OUT1 OUT2 OUT3 - A (AAAB) - - - IN1 OUT1 OUT2 OUT3 OUT4 B (AAEE) - - IN1 IN2 OUT1 OUT2 - - C (AABB) - - IN1 IN2 OUT1 OUT2 OUT3 OUT4 D (AEEE) - IN1 IN2 IN3 OUT1 - - - E (ABBB) - IN1 IN2 IN3 OUT1 OUT2 OUT3 OUT4 IN1 = first input of the AS-i slave, IN2 = second input of the AS-i slave, etc. OUT1 = first output of the AS-i slave, OUT2 = second output of the AS-i slave, etc. WinCC Advanced V14 System Manual, 10/2016 1621 Editing devices and networks 10.1 Configuring devices and networks Note The labeling of the inputs and outputs on the AS-i slaves may differ from this illustration. For A/B slaves (with ID code = A), output bit offset 0.3 is not occupied. Exception: An A/B slave with 4 inputs and 4 outputs (IO code = 7, ID code = A) occupies all output bits. The actual address of the bit is calculated from the input and/or output address plus that of the offset given in this table. Example Input address 100.0 and output address 200.4 have been set. The IO code of the slave has been set to "3 (EEA-)". The AS-i slave data then lies in the process image on input and/or output bits E100.0, E100.1 and A200.6. Network configuration of AS interface AS-Interface consists of an AS-i master and AS-i slaves connected to each other over an ASi subnet. Rules for AS interface network configuration All the nodes in an AS-i subnet must have a different AS-i node address. You should only load the settings over the network when all the modules in a subnet have different addresses and when the actual structure matches that of the network configuration you have created. One AS-i master and up to 62 AS-i slaves can be operated on an AS-i subnet. For more information on configuring an AS-Interface with an AS-i master and AS-i slaves, refer to the section on AS-Interface and the documentation of the AS-i master modules. I/O range Input and output ranges The CM AS-i Master ST module has an I/O range (process image for inputs and outputs) for transferring the AS-i slave input and output data to the CPU of the PLC. The permissible length of the I/O range, as well as the assignment of I/O addresses to AS-i slaves, is dependent on the configuration used. The input and output ranges have the same length. The length of data configured is always transferred, although data not used by slaves is filled with substitute values. If a configured slave is not present (e.g. in the event of slave failure), the allocated input range is populated with substitute values. 1622 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks In the event of a slave failure, no I/O area access error is generated because the entire I/O range is transferred, filled with either process values or substitute values. In order to achieve the best possible performance, select the length of the I/O range based on the volume of data used by the slaves. If the length is set to > 32 bytes, the module in the ET 200SP slot uses time division multiplexing to internally transfer data with a block size of 32 bytes. Properties of the I/O range for different configurations CM AS-i Master ST, FW version V1.0 Length of I/O range: 32 bytes The digital inputs and outputs of the AS-i slaves are assigned to the addresses in the I/O range according to a defined format. See the table below for more details. The analog inputs and outputs of the AS-i slaves can be transferred via data record communication. The following table shows the assignment of the digital I/O address to the AS-i slave address: WinCC Advanced V14 System Manual, 10/2016 Byte Bit 7 ... 4 Bit 3 ... 0 n+0 Reserved Slave 1 or 1A n+1 Slave 2 or 2A Slave 3 or 3A n+2 Slave 4 or 4A Slave 5 or 5A n+3 Slave 6 or 6A Slave 7 or 7A n+4 Slave 8 or 8A Slave 9 or 9A n+5 Slave 10 or 10A Slave 11 or 11A n+6 Slave 12 or 12A Slave 13 or 13A n+7 Slave 14 or 14A Slave 15 or 15A n+8 Slave 16 or 16A Slave 17 or 17A n+9 Slave 18 or 18A Slave 19 or 19A n+10 Slave 20 or 20A Slave 21 or 21A n+11 Slave 22 or 22A Slave 23 or 23A n+12 Slave 24 or 24A Slave 25 or 25A n+13 Slave 26 or 26A Slave 27 or 27A n+14 Slave 28 or 28A Slave 29 or 29A n+15 Slave 30 or 30A Slave 31 or 31A n+16 Status data Slave 1B n+17 Slave 2B Slave 3B n+18 Slave 4B Slave 5B n+19 Slave 6B Slave 7B n+20 Slave 8B Slave 9B n+21 Slave 10B Slave 11B n+22 Slave 12B Slave 13B n+23 Slave 14B Slave 15B n+24 Slave 16B Slave 17B n+25 Slave 18B Slave 19B 1623 Editing devices and networks 10.1 Configuring devices and networks n+26 Slave 20B Slave 21B n+27 Slave 22B Slave 23B n+28 Slave 24B Slave 25B n+29 Slave 26B Slave 27B n+30 Slave 28B Slave 29B n+31 Slave 30B Slave 31B n = Start address Status data only possible with CM AS-i Master ST from FW version V1.1 onwards, otherwise these 4 bits are not used (reserved). CM AS-i Master ST, from FW version V1.1 with configuration via acceptance of ACTUAL configuration, e.g. via SET button Note No configuration of AS-i slaves in STEP 7 and/or configuration via GSD Switchable I/O range length: 16 bytes or 32 bytes The digital inputs and outputs of the AS-i slaves are assigned to the addresses in the I/O range according to a defined format. See above table. The analog inputs and outputs of the AS-i slaves can be transferred via data record communication. When the length is set to 16 bytes, the digital I/Os of the AS-i slaves with B addresses are not transferred. When the length is set to 32 bytes, 4 bits of status data can be additionally transferred. CM AS-i Master ST, from FW version V1.1 with configuration of AS-i slaves in STEP 7 (i.e. selection of AS-i slaves from hardware catalog) Settable I/O range length: 4 ... 288 bytes Possible settings: 4, 8, 12, 16, 20, 24, 28, 32, 64, 96, 128, 160, 192, 224, 256, 288 bytes The digital and analog inputs and outputs of the AS-i slaves can be freely assigned within the I/O range. The digital and analog inputs and outputs of the AS-i slaves can also be transferred via data record communication. Further factors affecting the length of the I/O range: Length of I/O range: 4 ... 256 bytes for configurations with IM 155-6 PN ST from FW V3.1 onwards Length of I/O range: 4 ... 32 bytes for configurations with IM 155-6 PN ST < FW V3.1 Restriction when operating under CPU S7-300 FW version < V3 - length of I/O range: max. 224 bytes Length of I/O range: 4 ... 32 bytes for configurations with IM 155-6 DP HF 1624 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks I/O configuration for AS-i slaves I/O configuration The I/O configuration is assigned as follows on the basis of the I/O code standard: Table 10-101 AS-i standard slave I/O code I/O configuration D0 D1 D2 D3 0 I I I I 1 I I I O 2 I I I B 3 I I O O 4 I I B B 5 I O O O 6 B B B B 7 B B B B 8 O O O O 9 O O O I A O O O B B O O I I C O O B B D O I I I E O B B B F F F F F Key: I=Input; O=Output; B=Bidirectional (input/output); F=TriState Table 10-102 AS-i A/B slave I/O code WinCC Advanced V14 System Manual, 10/2016 I/O configuration D0 D1 D2 D3 0 I I I I 1 I I I - 2 I I I I 3 I I O - 4 I I B I 5 I O O - 6 B B B I 7 B B B I 8 O O O - 9 O O O I A O O O I B O O I I 1625 Editing devices and networks 10.1 Configuring devices and networks I/O code I/O configuration D0 D1 D2 D3 C O O B I D O I I I E O B B I F F F F F Key: I=Input; O=Output; B=Bidirectional (input/output); F=TriState Operating principle of the safe AS-i outputs Safety-related communication for safe AS-i outputs also uses code sequences. However, they have a different data structure compared to the code sequences of safe ASi input slaves. The code sequences for safe AS-i outputs do not have to be taught and transferred. For the function of a safe ASi output, you need the following components: A control unit An evaluation unit Control unit The control unit outputs safety-related IN or OUT control commands to the AS-i bus. The control unit is integrated in the FCM ASi Safety ST module. The control unit assumes an active position in the communication. It acts like an AS-i slave and has an AS-i address that must be called by the ASi master. The values in the output data of the AS-i master are not relevant in this case. The FCM ASi Safety ST module inserts the safety-related control data into the communication data. Besides controlling the OFF state according to specification, a control unit can control up to four different output switching states: FOUT 1, FOUT 2, FOUT 3, and FOUT 4. The FCM ASi Safety ST module, however, makes available only the output switching state FOUT 1, i.e., The OFF and ON states are controlled. In addition to the switching states, a control unit can send out two different auxiliary signals: AUX1 and AUX2. You can use these auxiliary signals for error acknowledgement in the evaluation unit. For technical reasons, the AUX1 and AUX2 signals are mapped in the safe process image output. The auxiliary signals are not safety-related signals, however. During control by the safety program, the FCM ASi Safety ST module sends a sequence from each auxiliary signal one after the other on the AS-i bus. Up to 16 different control units can be activated in the FCM ASi Safety ST module. The control units are managed in the FCM ASi Safety ST module as switching group 0 to switching group 15. If you want to use more than 16 different control units, you can plug two FCM ASi Safety ST modules into the ET 200SP station. 1626 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Observe the information on the bus configuration in Section AUTOHOTSPOT. NOTICE Uniqueness of the ASi address on the AS-i bus Carefully check the ASi addresses for the control of the safe ASi outputs. Ensure that the assigned AS-i address exists only once on the AS-i bus. This is particularly important when you are using multiple devices that can control safe AS-i outputs on the same AS-i bus. If this is not observed, reliable shutdown of a safe output module is not guaranteed. Evaluation unit The evaluation unit reads the safety-related control commands ON or OFF on the AS-i bus and passes corresponding switching commands, e.g., to switching contacts. In case of error, e.g., communication error on the AS-i bus, the evaluation unit switches off. The evaluation unit is integrated in the safe AS-i output module to which, for example, drive contactor coils are connected. The evaluation unit behaves as a passive unit in the AS-i communication. The master does not detect the evaluation unit and does not call it. The evaluation unit monitors the communication of the AS-i address of the control unit and reacts to its safety-related control signals. You set the AS-i address (see Section "Control unit") the evaluation unit is to monitor. You can set multiple evaluation units to the same address so that a control unit can control multiple safe output modules simultaneously. NOTICE Bus cycle time for safe AS-i outputs An evaluation unit requires a minimum AS-i bus cycle time. Ensure that at least 5 AS-i addresses are present on the AS-i bus. Otherwise, the control unit goes to error state. When A/B slaves are used, at least 5 different numerical AS-i addresses must be present. That is, a combination of slave addresses 1A and 1B count as 1 numerical address. The FCM ASi Safety ST module does not have a monitoring function for this configuration rule. 10.1.4.5 Configuring PROFIBUS DP (S7-1200) The basics of configuring a DP master system (S7-1200) Distributed I/O DP master systems that consist of a DP master and DP slaves which are connected via a bus and communicate with one another via the PROFIBUS DP protocol are referred to as distributed I/O. WinCC Advanced V14 System Manual, 10/2016 1627 Editing devices and networks 10.1 Configuring devices and networks Firmware version of the S71200 CPU Use of the PROFIBUS functions with the S71200, requires CPUs with firmware version 2.0 or higher. Configuring distributed I/O Since DP masters and DP slaves are different devices, these instructions only provide a basic configuration procedure. However, the process for configuring distributed I/O is practically identical to that of non-distributed configuration. Creating the DP master system in the network view After you have used dragged a DP master and a DP slave (for example, a CM 12435 and a CM 12435) from the hardware catalog to the network view, connect them both to a PROFIBUS subnet. Additional information Observe additional information on the scope of functions in the manuals of the respective device. DP slaves within the hardware catalog (S7-1200) DP slaves within the hardware catalog You will find the DP slaves in the "Distributed I/O" folder of the hardware catalog. Compact and modular DP slaves are located there: Compact DP slaves Modules with integrated digital/analog inputs and outputs, for example, ET 200L Modular DP slaves (Interface modules with S7 modules assigned, for example, ET 200M The available DP master and the desired functionality will determine which DP slaves can be used. I slaves within the hardware catalog The CM 1242-5 is, for example, an DP slave that can be configured as intelligent DP slave. You can find it in the hardware catalog at: CM 12425 "PLC > SIMATIC S7 1200 > Communication module > PROFIBUS" 1628 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks DP/DP coupler in the hardware catalog (S7-1200) Introduction A DP/DP coupler connects two PROFIBUS DP networks as a gateway so that the DP master from one network can transfer data to the DP master of the other network. The maximum amount of data that can be transferred is 244 bytes input data and 244 bytes output data. DP/DP coupler in the hardware catalog Details of a DP/DP coupler as gateway between two DM master systems are contained in the hardware catalog in the folder "Other field devices > PROFIBUS-DP > Gateways". Configuring the DP/DP coupler DP/DP couplers are configured in both PROFIBUS networks, each in their own master systems. The input and output areas of both networks must thereby be matched to one another. The output data from one end of the DP/DP coupler are accepted as input data at the other respective end and vice versa. Configurations involving PROFIBUS DP (S7-1200) Configurations involving basic DP slaves (S7-1200) Communication between DP master and DP slave In the case of a configuration involving simple DP slaves, data is exchanged between the DP master and simple DP slaves, i.e. with I/O modules via the DP master. The DP master sequentially polls each DP slave configured within the DP master system and contained in its polling list. In doing so, it transfers the output data to the slaves and receives their input data in return. WinCC Advanced V14 System Manual, 10/2016 1629 Editing devices and networks 10.1 Configuring devices and networks Mono-master system The configuration with only one DP master is also described as mono-master system. A single DP master with its associated DP slaves is connected to a physical PROFIBUS DP subnet. '3PDVWHUV\VWHP '3PDVWHU '3VODYH '3VODYH '3VODYH Configurations involving intelligent DP slaves (S7-1200) Definition DP slaves that feature their own preprocessing program are referred to as intelligent DP slaves (I-slaves). CM 1242-5 is an intelligent DP slave. I-slave <> DP master data exchange A higher-level automation system processes the automation task, which is broken down into sub-tasks. The sub-tasks are processed in the lower-level automation systems. The necessary control tasks are processed separately and efficiently in the CPUs as preprocessing programs. In the case of configurations involving intelligent DP slaves, the DP master only accesses the operand area of the I-slave's CPU, and not the I/O modules of the intelligent DP slave. The operand area must not be assigned to any actual I/O modules in the I-slave. The assignment must be made during I-slave configuration. The addresses of the data to be exchanged between the master and slave are configured in the transfer area of the I-slave. 1630 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks '3PDVWHUV\VWHP '3PDVWHU 'DWDH[FKDQJH '3VODYH '3VODYH '3VODYH ,VODYH Configuring distributed I/O systems (S7-1200) Creating a DP master system (S7-1200) Introduction To create a PROFIBUS DP master system, you need to have one DP master and at least one DP slave. As soon as you connect a DP master to a DP slave via their PROFIBUS DP interfaces, a master-slave link is established. DP master and DP slave The DP master must have a PROFIBUS DP interface. When using an S7-1200 CPU with PROFINET interface, you require the communications module CM 12435 with PROFIBUS DP interface for use as the DP master. As DP slave, you can use head modules of the distributed I/O with PROFIBUS DP interface or CPUs as intelligent DP slaves. When using an S7-1200 CPU with PROFINET interface, you require the communications module CM 12425 with PROFIBUS DP interface to use the CPU as an intelligent DP slave. Requirement You are in the network view. The hardware catalog is open. WinCC Advanced V14 System Manual, 10/2016 1631 Editing devices and networks 10.1 Configuring devices and networks Procedure To create a DP master system, for example with a CPU 1217C , follow these steps: 1. Select a CPU 1217C from the hardware catalog as a potential DP master. 2. Drag the CPU onto the free area within the network view. 3. Select the communications module CM 12435 from the hardware catalog. 4. Drag the communications module to the CPU in the network view. 5. Right-click on the DP interface of the communications module. 6. Select "Create master system" from the shortcut menu. A DP master system with a CPU 1217C is created as the only node via the CM 12435 as DP master. If you connect the DP interface of a DP slave to the DP interface of the DP master, the DP slave will be added automatically to the DP master system. If there is not yet a subnet between the DP master and DP slave, a new subnet is created between the DP master and DP slave. To include, for example, a CPU 1217C with communications module CM 12425 as an intelligent DP slave in the DP master system, follow the steps below: 1. Click on the DP interface of the DP master (interface of the CM 12435) or DP slave (interface of the CM 12425). 2. Hold down the mouse button and draw a connecting line between this DP interface and that of the desired communication partner. or 1. Click on the hyperlink of the DP slave CPU 1217C with CM 12425. 2. Select the required DP master from the list of possible DP masters displayed. The intelligent DP slave CPU 1217C with CM 12425 is included in the DP master system as DP master with CPU 1217C and CM 12435 . 1632 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Drag between the DP interfaces of DP slave to DP master. Click on the link of an unassigned DP slave, and a selection of possible DP masters opens. If necessary, adapt the properties of the PROFIBUS subnet or of the DP master (e.g. PROFIBUS address) in the Inspector window under "Properties". DP master display on the DP slave When a DP slave is connected to a DP master, the name of the DP master is displayed on the DP slave as a hyperlink. Click the hyperlink to select the associated DP master. WinCC Advanced V14 System Manual, 10/2016 1633 Editing devices and networks 10.1 Configuring devices and networks Highlighting applied to the DP master system When you create a new DP master system, highlighting will be applied to it. This enables you to identify quickly which devices belong to the DP master system. You can also highlight a DP master system yourself by moving the mouse pointer over a subnet. This will result in the names of the available DP master systems being displayed. Click the required DP master system to highlight it. There are various ways of removing the highlighting from a DP master system: Highlight a different DP master system. Click on the pin with the name of the DP master system in the top right-hand corner of the network view. Editing DP master systems and interfaces (S7-1200) Introduction Once you have created a DP master system, you also have the option of disconnecting the DP master system from its components. This can result in subnets with DP slaves but without DP master. Generally, there is no need to edit the interfaces of a DP master. You can change the name and number on the DP master system. Disconnection of master or slaves from the DP master system If you have configured a PROFIBUS CP as a DP master with master system, you can then disconnect the DP master system from the DP master. After this, the device will no longer be connected to the DP master system. Disconnecting the subnet from a DP master effectively eliminates the master system in the sense that it is no longer assigned to a DP master. However, the individual DP slaves are still interconnected via the subnet. 1634 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you delete the DP slaves or disconnect them from the master system, the master system is then retained on the DP master. Requirement You must be in the network view. There has to be a DP master system with one DP master and at least one DP slave. Disconnecting the DP master from the DP master system To disconnect the DP master system, proceed as follows: 1. Right-click on the DP master's DP interface. 2. Select "Disconnect from master system" from the shortcut menu. The selected DP master will be disconnected from the DP master system. A subnet with the DP slaves will be retained. Adding a DP master to the DP master system To reassign a DP master to a subnet, proceed as follows: 1. Right-click on the DP master's DP interface. 2. Select "Create master system" from the shortcut menu. 3. Draw connecting lines between the new DP master system and the DP interfaces of the DP slaves. The DP master combines with the DP slaves to recreate a DP master system. Editing the properties of a DP master system To edit the properties of a DP master system, proceed as follows: 1. Move the mouse pointer over a subnet with a DP master system. 2. A message will appear displaying the available DP master systems. Click the one you want to edit. The DP master system will now be color-highlighted. 3. Click on the highlighted DP master system. 4. In the inspector window, edit the DP master system attributes under "Properties > General". Note If you click a subnet when no DP master system is highlighted, you will be able to edit the properties of the entire subnet under "Properties" in the inspector window. Adding DP slaves to the master system and configuring them (S7-1200) In the network view, you can add various DP slaves from the hardware catalog directly by using the drag-and-drop function or by double-clicking. WinCC Advanced V14 System Manual, 10/2016 1635 Editing devices and networks 10.1 Configuring devices and networks Types of DP slaves For configuration purposes, DP slaves are broken down into the following categories: Compact DP slaves (Modules with integrated digital/analog inputs and outputs, for example, ET 200L) Modular DP slaves (interface modules with S5 or S7 modules assigned, for example ET 200M) Intelligent DP slaves (I-slaves) (SIMATIC S7-300 with, for example, CP 342-5, CPU 315-2 DP, or ET 200S with IM 151-7 CPU) Slot rules Your DP master system should only contain one DP master, but it may contain one or or more DP slaves. You may only configure as many DP slaves in a DP master system as are permitted for the specific DP master. Note When configuring the DP master system, remember to observe the DP master technical data (max. number of nodes, max. number of slots, max. quantity of user data). User data restrictions may possibly prevent you from being able to use the maximum number of nodes that is theoretically possible. Requirements You are in the network view. A DP master system must have been created. Adding a DP slave to the DP master system To add a DP slave from the hardware catalog to the DP master system, follow these steps: 1. Select a DP slave from the hardware catalog. 2. Drag-and-drop the DP slave from the hardware catalog into the network view. 3. Draw a connecting line between the DP master's DP interface or a highlighted DP master system and the DP interface of the new DP slave. A DP master system will be created and the DP slave will be connected to the DP master automatically. Note When a DP master system is highlighted, you can double-click the required DP slave in the hardware catalog. This will result in the DP slave being added to the highlighted DP master system automatically. 1636 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Disconnecting a DP slave from the DP master system To disconnect a DP slave from the DP master system, follow these steps: 1. In the network view, right-click on the DP slave's DP interface. 2. From the shortcut menu, select the method for disconnecting from the DP master system: - "Disconnect from subnet": The PROFIBUS connection is broken and the device is no longer connected to the DP master system or a subnet. - "Disconnect from master system": The DP slave remains connected to the subnet, but is no longer assigned to the DP master system as a DP slave. The selected DP slave will be disconnected from the DP master system. You can also disconnect directly using the shortcut menu of the DP slave: 1. In the network view, right-click on the DP slave. 2. Select "Disconnect from DP master/IO system" from the shortcut menu. The DP slave remains connected to the subnet, but is no longer assigned to the DP master system as a DP slave. Assigning a DP slave to a new DP master system To assign an existing DP slave to a new DP master system, follow these steps: 1. Right-click on the DP slave's DP interface. 2. From the shortcut menu, select "Assign to new master". It does not matter whether the DP slave concerned is already assigned to another DP master system. 3. From the selection list, select the DP master with the DP master system to which you want to connect the DP slave. The selected DP slave is now assigned to a new DP master system. The "Assign to new subnet" function works in a similar way in that it allows you to connect a DP slave to a new subnet. However, in this case, the DP slave will not be connected to an existing DP master system. You can also make the assignment directly using the shortcut menu of the DP slave: 1. Right-click the DP slave. 2. From the shortcut menu, select "Assign new DP master/IO system". 3. Select the DP master from the list of available DP masters. The selected DP slave has now been assigned to a new DP master system. Note If there is only one DP master on a subnet, you only have to connect the interface of the DP slave to the subnet of this DP master with drag-and-drop. The DP slave is then connected to the subnet of the DP master immediately, and the DP slave is assigned to this DP master. WinCC Advanced V14 System Manual, 10/2016 1637 Editing devices and networks 10.1 Configuring devices and networks Configuring a DP slave To configure a DP slave, follow these steps: 1. Switch to the DP slave's device view. 2. Select the module you want. 3. Configure the DP slave in the Inspector window. Hint: Quick configuration of master systems (S7-1200) If the DP master system has several DP slaves, use drag-and-drop operation to assign to the master in one step all DP slaves that were placed. Requirements DP master and DP slaves are placed in the network view. Assigning DP slaves to a DP master system To do this, follow these steps: 1. Select an appropriate zoom factor so that you can see as many DP slaves as possible in the network view. 2. Arrange the DP slaves in a maximum of two rows. 3. Select all DP interfaces with the mouse cursor (not all devices!). This only works if you begin to drag the mouse cursor outside of the first DP slave and release the mouse button at the last DP slave (selection with the lasso). 1638 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 4. Select the shortcut menu "Assign to new master" and select the corresponding DP interface for the DP master in the subsequent dialog. 5. The DP slaves are automatically networked with the DP master and combine with it to form a DP master system. Note When a DP master system is highlighted, you can double-click on a DP slave in the hardware catalog and thereby quickly add additional DP slaves. This will result in the DP slave being added to the highlighted DP master system automatically. Configuring intelligent DP slaves (S7-1200) Adding an I-slave to a DP master system (S7-1200) Introduction One of the characteristics of an intelligent DP slave (I-slave) is that the DP master is not provided with I/O data directly by a real I/O, but by a preprocessing CPU. Together with the CP, this preprocessing CPU forms the I-slave. '3PDVWHU 2SHUDQGDUHD ,4 &0 ,QWHOOLJHQW'3VODYH 7UDQVIHUDUHD &38 &0 2SHUDQGDUHD ,4 &38 352),%86 WinCC Advanced V14 System Manual, 10/2016 1639 Editing devices and networks 10.1 Configuring devices and networks Difference: DP slave v. intelligent DP slave In the case of a DP slave, the DP master accesses the distributed I/O directly. In the case of an intelligent DP slave, the DP master actually accesses a transfer area in the I/O address space of the preprocessing CPU instead of accessing the connected I/O of the intelligent DP slave. The user program running on the preprocessing CPU is responsible for ensuring data exchange between the address area and I/O. Note The I/O areas configured for data exchange between the DP master and DP slaves must not be used by I/O modules. Applications Configurations involving intelligent DP slaves: I-slave <> DP master data exchange Procedure To add an I-slave to a DP master system, follow these steps: 1. In the network view, drag from the hardware catalog to a station one CM 1242-5 as an Islave and one CM 1243-5 as a DP master. 2. Draw a connecting line between the DP interfaces of both devices. This way you connect the I-slave with a DP master in a DP master system. Result: You have now set up a DP master system with one DP master and one I-slave. 1640 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring access to I slave data (S7-1200) Data access The following applies to the CP 1242-5 in its function as I-slave: The addresses for the data transfer area and the address for the I/O modules in the I-slave differ. This means that the start address occupied by an I/O module can no longer be used for the transfer memory. If the higher-level DP master is to access the data of an I/O module in the I-slave, you must configure this data exchange between the I/O module and transfer area in the I-slave user program. '3PDVWHU 2SHUDQGDUHD ,4 &0 ,QWHOOLJHQW'3VODYH 7UDQVIHUDUHD &38 2SHUDQGDUHD ,4 &0 &38 ,2 352),%86 Configuration of the transfer area for the CM 1242-5 (transfer area) With CM 12425, the transfer area for the cyclic PROFIBUS data exchange is configured as transfer area in the parameter group "PROFIBUS interface > Mode > I Slave Communication". Direct data access from CPU to CPU Direct data access from CPU to CPU via PROFIBUS is supported by the S7-1200 PROFIBUS CMs only via the PUT/GET services. Configuring DP slaves as distributed I/O devices (S7-1200) Configuring an ET 200S (S7-1200) Slot rules for configuring an ET 200S The following rules apply when configuring an ET 200S: Do not leave any gaps when inserting the ET 200S modules. Slot 1: only for PM-E or PM-D Power Modules. To the left of an Electronics Module (EM): an EM or a Power Module (PM-E or PM-D) only. WinCC Advanced V14 System Manual, 10/2016 1641 Editing devices and networks 10.1 Configuring devices and networks To the left of Motor Starter (MS): an MS, a PM-D, PM-D Fx (1..x..4) Power Module or a PMX Power Module only. To the left of a PM-X: a motor starter or a PM-D only Up to 63 modules and one IM Interface Module are permitted Note Remember to ensure that the correct PM-E and EM voltage ranges are assigned. Configuring reference junctions A reference junction is the connection of a thermocouple to a supply line (generally in the terminal box). The voltage that occurs due to the effects of temperature falsifies the temperature value measured by the module. On the ET 200S, one channel of the AI RTD module can be programmed as a reference junction. Other AI TC modules can correct their measured values using the temperature at the reference junction as measured by this module. 7KHUPRFRXSOH 5HIHUHQFHMXQFWLRQ 7HPSHUDWXUHPHDVXULQJ PRGXOH $,7& 7HPSHUDWXUHPHDVXULQJ PRGXOH $,57' 5HIHUHQFHMXQFWLRQ &RPSHQVDWLRQ Configuring the AI TC: Selection of the reference junction used Configuring of the AI RTD: Activation of the reference junction Specifying the slot and channel of the AI RTD Special characteristics to be noted when assigning parameters for reference junctions The process of assigning parameters for reference junctions will be explained based on the example of a resistance thermometer with a Pt 100 climatic range that is used for measuring the reference junction temperature. To assign parameters for the reference junction, follow these steps: 1. In the ET 200S device view, insert an analog electronics module, for example a 2AI RTD HF. 2. Select the module on the rack. 1642 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Under "Properties > Inputs" in the inspector window, set a channel for the reference junctions function to the "RTD-4L Pt 100 climatic range" measuring range. 4. Select the ET 200S. 5. Under "Properties > Module parameters > Reference junctions" in the inspector window, select the "Reference junction" check box and specify the slot and channel number of the relevant RTD module. 6. Insert the analog electronics module for measuring the temperature using a thermocouple (TC module) and parameterize it with the reference junction number of the RTD module. Additional information For additional information on the various types and uses of ET 200S modules, please refer to the operating instructions and the manual titled "ET 200S Distributed I/O System". For additional information on analog value processing, please see the documentation for the ET 200S distributed I/O system. Packing addresses (S7-1200) Introduction DP slaves and I/O devices from the ET 200S family are configured in the same way as other modular DP slaves and I/O devices. As well as supporting all the standard modular DP slave and I/O device functions, the ET 200S also offers the "Pack addresses" function: When digital electronics modules requiring an address space of 2 or 4 bits are inserted into the device view, they will initially be spread over a total area of 1 byte. However, the address area actually occupied can be compressed after configuration using the "Pack addresses" function. Initial state After "Pack addresses" Module I address I address 2DI (2-bit) Byte 10 10.0...10.1 4DI (4-bit) Byte 11 10.2...10.5 Requirements You are in the device view. An ET 200S, for example an IM 151-1, must be present. A pair of digital electronics modules, for example 2DI AC120V ST, must be inserted into the slots. WinCC Advanced V14 System Manual, 10/2016 1643 Editing devices and networks 10.1 Configuring devices and networks Packing addresses To pack addressed, follow these steps: 1. Select the electronics modules whose addresses are to be packed. The following options are available for selecting multiple electronics modules: - Press and hold down <Shift> or <Ctrl> while clicking the relevant electronics modules. - Click off the rack and select the required electronics modules by drawing round them with the mouse. 2. Click "Pack addresses" in the shortcut menu for the selected electronics modules. The address areas for inputs, outputs and motor starters are packed separately. The packed addresses will be displayed in the I address and Q address columns of the device overview. How packed addresses are generated and structured If you make use of the "Pack addresses" function, the addresses of the selected electronics modules will be packed in accordance with the following rules: The start of the address area is determined by the lowest address of the selected electronics modules: X.0 If the bit address is not "0", then the next (free) byte address as of which the selected area can be compacted will be selected automatically: (X+n).0 If no coherent area exists, the addresses will be automatically packed into any available address gaps. Electronics modules with packed addresses and the same byte address form a packing group. Unpacking addresses To unpack addressed, follow these steps: 1. Select one or more electronics modules with packed addresses. 2. Click "Unpack addresses" in the shortcut menu for the selected electronics modules. The packing groups of the selected electronics modules will be disbanded and the packed addresses for the relevant electronics modules unpacked. The packing group will also be disbanded and the packed addresses unpacked in the following cases: if you delete electronics modules from a packing group, move electronics modules out of a packing group or insert electronics modules on a free slot within a packing group. The start addresses of the unpacked electronics modules will be assigned to the next available byte addresses in each case. 1644 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Special characteristics of electronics modules with packed addresses The following special characteristics apply to electronics modules with packed addresses: As far as the CPU is concerned, there is no way of assigning a slot for the electronics module. Consequently, the instruction GADR_LGC (SFC 5) outputs error information W#16#8099 "Slot not configured" for the actual slot of the electronic module. The instruction LGC_GADR (SFC 49) and SZL-ID W#16#xy91 "module status information" cannot be evaluated for an electronics module. The electronics module receives an additional diagnostics address via the DPV1 function, because otherwise the packed addresses would prevent interrupts from being assigned as far as the CPU is concerned. The "Insert/remove interrupt" is not possible. This is because the "Pack addresses" and "Insert/remove interrupt" functions are mutually exclusive. Configuring option handling with standby modules (S7-1200) You can use the option handling function to prepare the ET 200S with PROFIBUS interface for future expansions (options). This section describes option handling with standby modules. You do this by assembling, wiring, configuring, and programming the maximum configuration envisaged for the ET 200S and by using cost-effective standby modules (138-4AA00 or 138-4AA10) during assembly until it becomes time to replace them with the necessary electronics modules. Note The ET 200S can be completely factory-wired with the master cabling, as no connection exists between a standby module and the terminals of the terminal module (and, in turn, to the process). Requirement ET 200S interface module - IM 151-1 STANDARD (6ES7 151-1AA03-0AB0 or higher) - IM 151-1 FO STANDARD (6ES7 151-1AB02-0AB0 or higher) Power module with option handling - PM-E DC24..48V - PM-E DC24..48V/AC24..230V WinCC Advanced V14 System Manual, 10/2016 1645 Editing devices and networks 10.1 Configuring devices and networks Procedure To activate option handling, follow these steps: 1. Select the IM 151-1 in the device view and enable it in "Option handling" check box under "Properties > General > Option handling" in the inspector window. 2. Select the numbered check boxes for the slots that are initially to accommodate the standby modules prior to the future electronics modules. 3. Select the power module in the device view and enable it in the "Option handling" check box under "Properties > Addresses" in the inspector window. Reserve the necessary address space for the control and check-back interface in the process image output (PIQ) and process image input (PII). The assembled standby modules can be replaced with the configured modules at a later date without having to modify the configuration. Note The addresses for these interfaces are reserved as soon as you activate option handling on the power module. The "Option handling" function must also be activated on the DP slave (IM 151-1 STANDARD Interface Module). If it is not activated, the addresses reserved for the control and check-back interface will be released again. Note that activating and deactivating the option handling function repeatedly can change the address of the control and check-back interface. Option handling may be activated for one PM-E DC24..48V or one PM-E DC24..48V/ AC24..230V Power Module only. Additional information For additional information on the assignment and significance of bytes within the process image, option handling with PROFIBUS and the use of standby modules, please refer to the documentation for the ET 200S distributed I/O system. How option handling works during startup If "Startup when expected/actual config. differ" is not available, the ET 200S will still start up if a standby module is inserted instead of the configured electronics module and option handling has been activated for the slot concerned. 1646 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks How option handling works during operation During operation, the option handling mode varies in accordance with the following: Option handling enabled for a slot: Either the standby module (option) or the configured electronics module can be plugged into this slot. If any other kind of module is present on this slot, diagnostics will be signaled (no module/incorrect module). Option handling disabled for a slot: Only the configured electronics module can be plugged into this slot. If any other kind of module is present, diagnostics will be signaled (no module/incorrect module). Standby module substitute values Substitute value for digital inputs: 0 Substitute value for analog inputs: 0x7FFF Control and evaluation in the user program The ET 200S is equipped with a control and feedback interface for the "Option handling" function. The control interface is located in the process image output (PIQ). Each bit in this address area controls one of the slots from 2 to 63: Bit value = 0: Option handling parameterized. Standby modules are permitted. Bit value = 1: Option handling canceled. Standby modules are not permitted on this slot. The check-back interface is located in the process image input (PII). Each bit in this address area provides information about the modules that are actually plugged into slots 1 to 63: Bit value = 0: This slot has the standby module, an incorrect module or no module plugged into it. Bit value = 1: The configured module is plugged into this slot. See also Which modules support option handling? (http://support.automation.siemens.com/WW/view/ en/22564754) WinCC Advanced V14 System Manual, 10/2016 1647 Editing devices and networks 10.1 Configuring devices and networks Configuring option handling without standby modules (S7-1200) You can use the option handling function to prepare the ET 200S for future expansions (options) without installing standby modules. This section describes option handling without standby modules. Note ET 200S with PROFINET interface This description refers to the ET 200S with PROFIBUS interface. In principle, option handling for ET 200S with PROFINET interface functions as described here without standby modules. PN interface modules are to be used instead of the DP interface modules listed here. You can find additional information about option handling for ET 200S with PROFINET interface in the corresponding manuals. Requirement ET 200S interface module - IM 151-1 HIGH FEATURE (6ES7151-1BA02 or higher) - IM 151-1 STANDARD (6ES7 151-1AA05-0AB0 or higher) Power module with option handling - PM-E DC24..48V - PM-E DC24..48V/AC24..230V Procedure To activate option handling, follow these steps: 1. Select the IM 151-1 in the device view and enable it in "Option handling" check box under "Properties > General > Option handling" in the inspector window. 2. Select the power module in the device view and enable it in the "Option handling" check box under "Properties > Addresses" in the inspector window. Reserve the necessary address space for the control and check-back interface in the process image output (PIQ) and process image input (PII). 3. Configure the slave's maximum configuration. The selection/clearing of options is controlled via the user program. Note The addresses for these interfaces are reserved as soon as you activate option handling on the power module. The "Option handling" function must also be activated on the DP slave (IM 151-1 interface module). If it is not activated, the addresses reserved for the control and check-back interface will be released again. Note that activating and deactivating the option handling function repeatedly can change the address of the control and check-back interface. Option handling may be activated for one PM-E DC24..48V or one PM-E DC24..48V/ AC24..230V Power Module only. 1648 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Additional information For additional information on the assignment and significance of bytes within the process image, option handling with PROFIBUS and the use of standby modules, please refer to the documentation for the ET 200S distributed I/O system. Control and evaluation in the user program The ET 200S is equipped with a control and feedback interface for the "Option handling" function. The control interface is located in the process image output (PIQ). Each bit in this address area controls one of the slots from 1 to 63: Bit value = 0: Slot is not available in the actual configuration. Bit value = 1: Slot is available in the actual configuration. The check-back interface is located in the process image input (PII). Each bit in this address area provides information about the modules that are actually plugged into slots 1 to 63: Bit value = 0: Slot belongs to an option that is not available or module status is faulty. Bit value = 1: The configured module is plugged into this slot. See also Sample applications for ET 200S, option handling without standby module (http:// support.automation.siemens.com/WW/view/en/29430270) Configuring the ET 200S in DPV1 mode (S7-1200) PROFIBUS DPV1 enables you to access extended PROFIBUS functions. Requirement You must be in network view. A DP master with DPV1 functionality must be available. A master-slave connection must be established with PROFIBUS. Procedure To switch the DP slave over to DPV1, follow these steps: 1. Select the DP slave. 2. Under "Properties > Module parameters" in the Inspector window, select "DPV1" mode from the "DP interrupt mode" drop-down list. WinCC Advanced V14 System Manual, 10/2016 1649 Editing devices and networks 10.1 Configuring devices and networks or 1. Select the DP master. 2. In the I/O communications table, select the row with the connection between the DP master and the desired DP slave. 3. Under "Properties > Module parameters" in the Inspector window, select "DPV1" mode from the "DP interrupt mode" drop-down list. Special characteristics The parameters are subject to interdependencies, which are outlined below: Parameter DPV0 mode DPV1 mode Operation when target configura Fully available tion does not match actual con figuration Fully available Diagnostics interrupt (OB 82) Not available, not set Fully available Hardware interrupt (OB 40 to 47) Not available, not set Fully available Insert/remove interrupt (OB 83) Only available when addresses are not packed. Not available, not set "Startup when target configura tion does not match actual con figuration" is activated automati cally along with an insert/remove interrupt. Interrupts in the case of modules with packed addresses If the module is capable of triggering interrupts and the bit address is not equal to 0 because of packed addresses, you will need to assign a diagnostics address in the ET 200S address dialog. The diagnostics address is required for the purpose of assigning a DPV1 interrupt to the module as an interrupt trigger. The CPU will only be able to assign an interrupt correctly and store information on the interrupt in the interrupt OB start information/in the diagnostics buffer if the module concerned has this "unpacked" address. In this context, the CPU cannot make use of "packed" addresses. From the point of view of interrupt processing (interrupt OB), this means the module will have the assigned diagnostics address, but from the point of view of processing the input and output data in the user program, the module will have the packed addresses. Note When the module addresses are packed, the insert/remove interrupt for the ET 200S is unavailable. 1650 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Using GSD files (S7-1200) GSD revisions (S7-1200) What you need to know about GSD revisions The properties of DP slaves are made available to configuration tools by means of GSD files. Functional enhancements in the area of the distributed I/O will have an effect on the GSD specification, for example, they will require the definition of new keywords. This results in the versioning of the specification. In the case of GSD files, the version of the specification on which a GSD file is based is called a "GSD revision". From GSD revision 1, the GSD revision must be included as a keyword "GSD_revision" in GSD files. GSD files without this keyword will therefore be interpreted by configuration tools as GSD revision "0". GSD files can be interpreted up to GSD revision 5. This means that DP slaves that support the following functions, for example, will be supported: Diagnostic alarms for interrupt blocks Isochronous mode and constant bus cycle time SYNC/FREEZE Clock synchronization for DP slaves Installing the GSD file (S7-1200) Introduction A GSD file (generic station description file) contains all the DP slave properties. If you want to configure a DP slave that does not appear in the hardware catalog, you must install the GSD file provided by the manufacturer. DP slaves installed via GSD files are displayed in the hardware catalog and can then be selected and configured. Requirement The hardware and network editor is closed. You have access to the required GSD files in a directory on the hard disk. Procedure To install a GSD file, follow these steps: 1. In the "Options" menu, select the "Install general station description file (GSD)" command. 2. In the "Install general station description file" dialog box, select the folder in which the GSD files are stored. 3. Choose one or more files from the list of displayed GSD files. WinCC Advanced V14 System Manual, 10/2016 1651 Editing devices and networks 10.1 Configuring devices and networks 4. Click on the "Install" button. 5. To create a log file for the installation, click on the "Save log file" button. Any problems during the installation can be tracked down using the log file. You will find the new DP slave installed by means of the GSD file in a new folder in the hardware catalog. See also Overview of hardware and network editor (Page 521) Deleting GSD file (S7-1200) Introduction You can delete installed DP slaves using GSD files. These DP slaves are then no longer displayed in the hardware catalog. Requirement The hardware and network editor is closed. The hardware catalog contains DP slaves installed via GSD files. Procedure To delete a GSD file, follow these steps: 1. In the "Options" menu, select the "Install general station description file (GSD)" command. 2. In the "Install general station description file" dialog box, select the folder in which the GSD file is stored. 3. Select the file that is to be deleted from the list of displayed GSD files. 4. Click the "Delete" button. The selected GSD file was deleted and the DP slave is no longer located in the hardware catalog. Configuring GSD-based DP slave (S7-1200) DP slaves that you have inserted through installation of a GSD file can be selected as usual via the hardware catalog and inserted in the network view. If you want to insert the modules of the GSD-based DP slaves, you must take into account some particular details. Requirement You have installed a DP slave using a GSD file. You have inserted the head module in the network view in the usual manner. 1652 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The device overview opens in the device view. The hardware catalog is open. Procedure To add the modules of a GSD-based DP slave, proceed as follows: 1. In the hardware catalog, navigate to the modules of the GSD-based DP slave. GSD-based DP slaves, also referred to as DP standard slaves, can be found in the "Other field devices" folder of the hardware catalog. 2. Select the desired module. 3. Use drag-and-drop to move the module to a free space in the device overview. 4. Select the module in the device overview to edit parameters. You have now inserted the module in a free slot of the GSD-based DP slave and can edit its parameters. Note You can see only the GSD-based DP slave in the graphic area of the device view. The added modules of GSD-based DP slaves are only found in the device overview. Preset configuration For modules with an adjustable preset configuration, you can change this configuration in the inspector window under "Properties > Preset configuration". 10.1.4.6 Configuring PROFINET IO What you need to know about PROFINET IO What is PROFINET IO? PROFINET IO PROFINET is an Ethernet-based automation standard of PROFIBUS Nutzerorganisation e.V. (PNO) which defines a manufacturer-neutral communication, automation and engineering model. WinCC Advanced V14 System Manual, 10/2016 1653 Editing devices and networks 10.1 Configuring devices and networks Objective The objective of PROFINET is: Integrated communication via field bus and Ethernet Open, distributed automation Use of open standards Architecture The PROFIBUS User Organisation e.V. (PNO) has designated the following aspects for PROFINET architecture: Communication between controllers as components within distributed systems. Communication between field devices, such as I/O devices and drives. Implementation by Siemens The demand for "Communication between controllers as components within distributed systems" is implemented by "Component Based Automation" (CBA). Component Based Automation is used to create a distributed automation solution based on prefabricated components and partial solutions. The demand for "Communication between field devices" is implemented by Siemens with "PROFINET IO". Just as with PROFIBUS DP, the complete configuration and programming of the components involved is possible using the Totally Integrated Automation Portal. The following sections deal with the configuration of communication between field devices using PROFINET IO. Overview of RT classes RT classes in PROFINET IO PROFINET IO is a scalable, real-time communication system based on Ethernet technology. The scalable approach is reflected in several real-time classes: RT: Transmission of data in prioritized, non-isochronous Ethernet frames. The required bandwidth is within the free bandwidth area for TCP/IP communication. IRT: Isochronous transmission of data with high stability for time-critical applications (for example, motion control). The required bandwidth is from the area of bandwidth reserved for cyclic data. Depending on the device, not all real-time classes are supported. 1654 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Which IO controllers and IO devices support which PROFINET functions? Additional information and overviews In the following Siemens Industry Online Support article (http:// support.automation.siemens.com/WW/view/en/44383954), you will find an overview of the PROFINET IO controllers and IO devices that support the following PROFINET functions: Isochronous real-time communication (IRT) Prioritized startup Media redundancy (MRP) PROFIenergy Shared device I-device Isochronous mode of process data The functions are explained in the following sections, but without naming the respective hardware that supports these functions. In the hardware catalog, you can also find an overview of the supported functions in the description below the selected components. You can also find a description of PROFINET in the respective current STEP 7 version here (http://support.automation.siemens.com/WW/view/en/49948856). Connecting existing bus systems Connection of PROFINET and PROFIBUS PROFINET IO and PROFIBUS DP can be connected with each other as follows: via Industrial Ethernet: To connect the two network types, Industrial Ethernet (plant control level) and PROFIBUS (cell level/field level), use the IE/PB link, for example. via Industrial Wireless LAN: PROFIBUS devices, for example, can be connected to PROFINET IO via a wireless LAN/ PB link. This allows existing PROFIBUS configurations to be integrated into PROFINET. AS interface devices can be connected by an IE/AS-i link PN IO to the interface of a PROFINET device. This allows the existing AS-i network to be integrated into PROFINET. The following figure shows the connection of a PROFIBUS subnet via a PROFINET device with proxy functions. WinCC Advanced V14 System Manual, 10/2016 1655 Editing devices and networks 10.1 Configuring devices and networks ,QGXVWULDO(WKHUQHW 352),%86 PROFINET devices PROFINET device with proxy functions (for example, IE/PB link) PROFIBUS devices PROFINET device with proxy functions used as proxy for a PROFIBUS device The PROFINET device with proxy functions is the proxy for a PROFIBUS device on the Ethernet. The proxy functionality enables a PROFIBUS device to communicate with all devices on the PROFINET and not just with its master. Existing PROFIBUS systems can easily be integrated into PROFINET communication using the proxy functions. If, for instance, you connect a PROFIBUS device via an IE/PB link to PROFINET, the IE/PB link acts as a proxy for the PROFIBUS components for communicating via PROFINET. Configuration using IE/PB link PN IO Configuration using IE/PB Link PN IO You can use the IE/PB Link PN IO to connect PROFIBUS DP configurations to PROFINET IO. From the CPU perspective, the PROFIBUS DP slaves are connected to the same network as the IE/PB Link PN IO. These slaves have the same device name and IP address as the IE/PB Link PN IO, but different device numbers. Furthermore, each also has a specific PROFIBUS address. In the properties of the IE/PB link, the PROFIBUS addresses of the connected DP slaves are displayed in addition to the PROFINET device numbers, as this device has two addressing schemes. 1656 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Handling device numbers and PROFIBUS addresses on the master system During placement, the same number is assigned for the PROFINET device number and the PROFIBUS address. In the Inspector window under "General Properties > PROFINET device number", you can find an overview of the device numbers used and the PROFIBUS addresses of an IE/PB link. The device number can also be changed here. You can also set that the device number and the PROFIBUS address should or should not always be identical. If the "PROFINET device number=PROFIBUS address" option is activated, you do not have to update the device number when the PROFIBUS address changes. The PROFIBUS address can be changed in the properties of the PROFIBUS device. Restrictions The following restrictions apply to DP slaves configured as described above on the PROFIBUS subnet of an IE/PB link: No pluggable IE/PB link No pluggable DP/PA link No pluggable Y link Not CiR-compliant No pluggable redundant slaves No isochronous transmission / constant bus cycle time can be configured SYNC/FREEZE instructions ("DPSYC_FR") of a CPU on the the Ethernet subnet for DP slaves behind the IE/PB-Link are not supported. See also Connect the DP slave via the IE/PB Link to a PROFINET IO system (Page 1691) Configuration using IWLAN/PN link Maximum number of devices in a IWLAN segment If an Ethernet subnet is set up as wireless network (IWLAN = Industrial Wireless LAN), cyclic data exchange between IO controllers and IO devices is possible via a wireless route. On one side of the wireless route there are fixed installed access points (for example, SCALANCE W 788) and on the other side mobile stations (with, for example IWLAN/PB links with PROFIBUS devices). If the action radius of the mobile stations is large, it may be necessary to install several access points (SCALANCE W 788). Since each access point forms a segment with its wireless range, the IWLAN is made up of a series of segments. The mobile devices "on the one side" of the wireless link with their IWLAN/PB links can move along the segments. WinCC Advanced V14 System Manual, 10/2016 1657 Editing devices and networks 10.1 Configuring devices and networks Special feature If several IWLAN/PB links are located within a segment, they have to share the bandwidth that is available for wireless transmission. This leads to a lengthening of the update time for these devices. Example In the following example there are two IO devices (IWLAN/PB link) with a segment. If no more than a maximum of two IWLAN/PB links are present in a IWLAN segment at the same time, enter a "2". 1658 Segment 1 Segment 2 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configure PROFINET IO Addressing PROFINET devices Assigning addresses and names to PROFINET devices In this chapter you will learn which address and naming conventions are valid for the PROFINET devices. IP addresses All PROFINET devices work with the TCP/IP protocol and therefore require an IP address for Ethernet operation. You can set the IP addresses in the module properties. If the network is part of an existing company Ethernet network, ask your network administrator for this data. The IP addresses of the IO devices are assigned automatically, usually at CPU startup. The IP addresses of the IO devices always have the same subnet mask as the IO controller and are assigned in ascending order, starting at the IP address of the IO controller. Device names Before an IO device can be addressed by an IO controller, it must have a device name. This procedure was chosen for PROFINET because names are easier to administer than complex IP addresses. Both the IO controller as well as IO devices have a device name. When the "Generate PROFINET device name automatically" option is activated, the device name is automatically derived from the name configured for the device (CPU, CP or IM): The PROFINET device name is made up of the name of the device (for example, the CPU), the name of the interface (only with multiple PROFINET interfaces) and optionally the name of the IO system: <CPU name>.<Name of the interface>.<IO system name> You cannot change this name directly. You change the PROFINET device name indirectly, by changing the name of the affected CPU, CP or IM in the general properties of the module. This PROFINET device name is also displayed, for example, in the list of accessible devices. If you want to set the PROFINET device name independently of the module name, you have to deactivate the "Generate PROFINET device name automatically" option. A "converted name" is generated from the PROFINET device name. This is the device name that is actually loaded into the device. The PROFINET device name is only converted if it does not comply to the rules of IEC 61158-6-10. You cannot change this name directly either. WinCC Advanced V14 System Manual, 10/2016 1659 Editing devices and networks 10.1 Configuring devices and networks Rules for the converted name The rules for the converted name are listed in the following section. If the converted name is not different from the name of the module, the name of the module must comply with this rule. The name consists of one or more labels , which are separated by a dot [.]. Restricted to a total of 240 characters (lower case letters, numbers, dash, or dot) A name component within the device name, which means a character string between two dots, must not exceed 63 characters. A name component consists of the characters [a-z, 0-9]. The device name must not begin or end with the "-" character. The device name must not begin with a number. The device name form n.n.n.n (n = 0, ... 999) is not permitted. The device name must not begin with the string "port-xyz" or "port-xyz-abcde" (a, b, c, d, e, x, y, z = 0, ... 9). Example of device names device-1.machine-1.plant-1.vendor If you assign this name to a CPU, for example, STEP 7 will not convert it since it conforms to the rules described above. Device number In addition to the device name, a device number is also automatically assigned when an IO device is plugged in. You can change this number. Devices in the PROFINET subnet In a PROFINET subnet the maximum allowable number of devices is monitored during configuration. See also Assigning the device name and IP address (Page 1660) Retentivity of IP address parameters and device names (Page 1670) Assigning the device name and IP address Assigning an IP address and subnet mask for an IO controller the first time There are various options for this. During parameter assignment of the PROFINET interface you must specify if the IP address is set in the project (which means in the hardware configuration) or if the IP address is to be set on the device. 1660 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assignment of an IP address Comments Option "IP address is set in the project": When the hardware configuration is loaded to the The IO controller receives the IP address by load IO controller (e.g. CPU), the IP address and the device name, if set, are also loaded. ing the hardware configuration, for example, via one of the PROFINET interfaces, by means of the Example PROFINET interface: PROFIBUS interface or via the MPI interface. 1. Connect your programming device/PC to the same network as the relevant PROFINET device. The interface of the PG/PC must be set to TCP/IP (Auto) mode. 2. Have a list of accessible devices displayed. 3. Select the target device by using its MAC address and load the hardware configuration including the configured IP address (IP address is then saved retentively). If your PROFINET device has an MPI or PROFI BUS DP interface, connect your programming de vice/PC directly to the PROFINET device via the MPI or PROFIBUS DP interface. The configured IP address is applied when the hardware configu ration is loaded. Option "IP address is set directly at the device": Assign online Assignment by user program (instruction IP_CONFIG for S7-300/400, T_CONFIG for S7-1200/1500) Assign via CPU display (S7-1500) Higher-level IO controller makes assignment (only with I-devices) If you have selected this option in the properties of the PROFINET interface, the IP address can be assigned by the online and diagnostics editor, by the primary setup tool, or by the user program ("IP_CONFIG" instruction). This option is set automatically if the option "Mul tiple use IO system" has been enabled in the prop erties of the PROFINET IO system (standard ma chine project). In case of an S7-1200-CPU, make sure that ac cess to the CPU is not protected by a password. If the CPU is write-protected, no IP address and no device name can be assigned directly on the device. Commissioning a PROFINET interface Further details of how to commission a PROFINET interface can also be found in the operating instructions for the PROFINET devices of the SIMATIC family. Assignment of device name for IO devices when the "Support device replacement without exchangeable medium" option is selected For IO controllers with the "Support device replacement without exchangeable medium" option selected, you do not have to assign device names to the IO devices locally, for example in the event of device replacement. Another application is automatic commissioning, in which the CPU automatically assigns the device name and IP address parameters to the IO devices during startup. WinCC Advanced V14 System Manual, 10/2016 1661 Editing devices and networks 10.1 Configuring devices and networks Requirement: The ports of the devices are interconnected, and the devices involved support LLDP. The devices have been put into the delivery state or - for S7-1500 CPUs version V1.5 and higher - the "Permit overwriting of device names of all assigned IO devices" option is selected for the IO controller ("Advanced options > Interface options" area of the properties of the PROFINET interface). Assignment of device name and address for an IO device The following graphic illustrates the process for assigning the device name and address. This process does not apply when the "Support device replacement without exchangeable medium" option is selected. 6,0$7,& ; (WKHUQHW 352),QHW6\VWHP 85 &38 ,( ',['&9 '2['&9 ,0 ,0 9HQWLO ,0 9HQWLO ,0 .ODSSH 6FKQHFNH ,0 ,0 ,0 )UGHUEDQG ([WUXGHU $EOXIW 9HUWHLOHU ,2FRQWUROOHU 352),1(7 0$&$GU 1662 ,QGXVWULDO(WKHUQHW ,2GHYLFHV 0$&$GU Each device receives a name; STEP 7 automatically assigns an IP address. From the name, STEP 7 generates a PROFINET device name that you assign to an IO device online (MAC address) and that is written to the device. You load the configuration to the IO controller. The IO controller assigns the appropriate IP address to the IO device with the assigned PRO FINET device name during startup. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Changing the device name and IP address You can change the name and IP address manually. The device name must first be changed in the configuration in order to subsequently assign it to the IO device via the memory card or online with programming device/PC. Offline with memory card: 1. Place the configured data (device name: for example, turbo-3) for the IO device on the MMC in the PG/PC. Use the command "SIMATIC Card Reader > Save Device Name to Memory Card" in the "Project" menu for this. 2. Then insert the MMC into the IO device. The IO device automatically adopts the configured device name. Online with programming device/PC: 1. Connect the programming device/PC directly to the Ethernet subnetwork via the PROFINET interface. 2. In the network view, select the subnet or I/O device, and click the "Assign device name" command: - Either in the shortcut menu of the selected subnet / I/O device or - in the menu bar of the graphic view on the corresponding button. 3. In the "Assign PROFINET device name" dialog box, select the suitable PG/PC interface to connect to the Ethernet subnet. All configured PROFINET device names are in the top dropdown list. Select a PROFINET device name from it and select the IO device to receive this device name from the table at the bottom. You can filter the display of devices in the table according to various criteria. 4. You can easily identify the device using the "Flash LED" button. 5. Click "Assign name". The IO controller recognizes the IO device by its device name and automatically assigns the configured IP address to it. IP address assignment for special IO devices Special IO devices, for example, SCALANCE X, S7-300 CPs, support the option of assigning the IP addresses not from the IO controller during startup. In this case, the IP address is assigned in a different way. The option is called "IP address is set directly at the device". For additional information, refer to the manual of the respective PROFINET device of the SIMATIC device family. Another special case is the option "IP address is set directly at the device" in the "IP protocol" area of the Ethernet address properties of an IO device. This option is set automatically when the option "Multiple use IO system" is selected for a standard machine project in the associated PROFINET IO system. In this case, an adapted IP address is not assigned by the IO controller until the IO controller itself has received a local IP address. WinCC Advanced V14 System Manual, 10/2016 1663 Editing devices and networks 10.1 Configuring devices and networks Requirement for additional procedures when assigning IP address and device name If the IO device, as described above, should not obtain the IP address or device name from the IO controller, proceed as follows: 1. Select device or network view. 2. Open the properties of the respective PROFINET device and select the area "PROFINET interface [X1]" > "Ethernet addresses". 3. Select the option "IP address is set directly at the device" under "IP protocol" or the option "PROFINET device name is set directly at the device" under "PROFINET". Rules If the "IP address/device name is set directly at the device" option is used for a PROFINET device, note the following: The subnet part of the IP address of the IO device must match the subnet part of the IP address of the IO controller. The corresponding PROFINET device cannot be used as a gateway. See also Enabling device replacement without exchangeable medium (Page 1689) Example of the assignment of the device name In this example you assign device names to a PROFINET IO controller and a PROFINET IO device. To make assignment easier, the device names should also contain the names of the PROFINET IO system. Requirement You must be in the network view. A CPU 1214C (V2.0 or higher) must be available in the network view. An interface module IM 151-3PN exists. The PROFINET interfaces of both modules are networked. 1664 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure To assign the names, follow these steps: 1. Select the CPU. Make sure that you have selected only the CPU and not the complete device! 2. Assign the name "myController" in the Inspector window, under "General". 3. Select the interface module. Ensure that you have selected only the interface module and not the complete ET 200S device. 4. Assign the name "Device_1" in the Inspector window, under "General". 5. Right-click on the PROFINET IO system and select the "Properties" command. WinCC Advanced V14 System Manual, 10/2016 1665 Editing devices and networks 10.1 Configuring devices and networks 6. Assign the name "Plant_section1" to the IO system and select the check box "Use name as extension for PROFINET device names". 7. You can find the automatically generated PROFINET device names at the selected device in the Inspector window, at "PROFINET interface". The PROFINET device name corresponds to the name of the module (with the name of the IO system as extension) with the difference that only lower case text is used. Background: No distinction is made between upper and lower case ("case insensitive") for the storing of the name. If you want to specify the device name independently of the module name, you have to deactivate the "Generate PROFINET device name automatically" option. The PROFINET device name can be edited in this case. 1666 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The converted name is displayed below. This is the name that is automatically generated from the PROFINET device name and satisfies the DNS conventions. If you work with STEP 7, you do not require this name. This name is displayed here as a check and corresponds to the name that is stored in the device. If you work with other tools that are able to record the data exchange and read the actual device names, then you find the converted names. Other special features For PROFINET devices with multiple PROFINET interfaces, the name of the interface is attached to the name of the module, separated by a dot. Example: Name of the module: myController Name of the interface: Interface_1 PROFINET device name: mycontroller.interface_1 Assign device name via communication table Introduction You can assign the device names of PROFINET IO devices configured offline to the devices online. You can do this in the table area of the network view in the table "I/O communication". You can also assign the device names to several devices at the same time. "Online assignment" tab In the I/O communication table, you will find the tabs "Offline configuration" and "Online assignment". In the "Online assignment" tab, you can assign the PROFINET device names that were assigned offline to the corresponding IO devices online. To do this, use the buttons "Check devices" and "Assign now". The objects displayed in the table of the "Online assignment" tab depend on the setting of the filter function. If only selected objects should be displayed, only objects of the corresponding context are displayed depending on the selection in the network view. PROFINET subnet: All connected devices and their PROFINET interfaces IO system All devices involved and their PROFINET interfaces Sync domain: All devices involved and their PROFINET interfaces Devices: The device and any existing PROFINET interfaces Other subnets or interfaces such as MPI or PROFIBUS are not displayed If the display is set for all devices using the filter function, all devices are displayed that have a PROFINET interface, regardless of whether they are connected via a PROFINET subnet or are part of an IO system. Devices without a PROFINET interface, for example only with a DP or MPI interface, are not displayed. WinCC Advanced V14 System Manual, 10/2016 1667 Editing devices and networks 10.1 Configuring devices and networks General procedure To assign PROFINET device names, you must first detect the IO devices available online. With this procedure, it matters whether the MAC addresses are known or unknown. This results in a general procedure in two steps: 1. Detecting the IO devices available online 2. Assigning configured PROFINET device names to the IO devices available online Requirements You are in the network view. There is an online connection to the devices. Procedure (step 1) To detect IO devices available online from the I/O communication table, follow these steps: 1. Optional: Entered known MAC addresses in the "MAC address" column. After every valid entry, the check box under "Assign device" is selected for the relevant row. Note You can enter, insert or import the MAC address in different formats. The correct format is automatically entered in the cell. The following entries are supported and then converted to the required format: "08:00:06:BA:1F:20" "08 00 06 BA 1F 20" "080006BA1F20" The formats used in the example are automatically converted to "08-00-06-BA-1F-20". 2. Click "Check devices" to start the check of the IO devices available online. 3. Set the PG/PC interface in the dialog window and click "Start". Intermediate result After the check, the result is displayed for every device in the table. Online data found is automatically entered in the table and the check box "Assign device" is set to "checked" in the rows in which a MAC address was entered or found online. The result of the check is shown as an icon in the "Status" column. Status Meaning Agreement: Matching device and compatible type. The PROFINET device name and the device type of the device found online matches the device in the project. No action is required. Ready for assignment: The device type of the device found online matches the device in the project. With a known MAC address the device is ready for the assignment of the PROFINET device name. Different device type: A matching device was found online, but the device type does not match the device type in the project. Please select a device with a matching device type online. 1668 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Status Meaning Different device: No device could be found online that uniquely matches the device in the project. Please select a matching device manually. Device cannot be accessed: With a known MAC address the device cannot be accessed online. Please check the connection to the device. Note The icon "Ready for assignment" appears when a MAC address exists and matching device data was found, but no PROFINET device name was found online. You can update the data of the detected devices again via their MAC addresses at any time. To do this, you specify the MAC address and the status of the device is displayed immediately without having to re-detect the device. Procedure (step 2) All PROFINET device names configured offline will be assigned to the devices available online in a bulk operation. 1. Click the "Assign now" button. Note The bulk operation cannot be reversed. A message to this effect appears in a dialog window. 2. Click "Start" in the dialog window to start the assignment of the PROFINET device names. Result The PROFINET device names configured offline will be assigned to the devices available online. This relates to devices in whose row the check box under "Assign device" is selected, that have a MAC address and have the status "Ready for assignment". Importing and exporting data Using the import and export button, you can import or export the data of the I/O communication table for the online assignment: When you export, the currently displayed data of the table is exported to a CSV file. Using the filter function of the table, you can select which data will be exported. When you import, the data of the CSV file is written to the table. If there are conflicts with values already existing in the table, you can decide whether the data should be overwritten or whether the import needs to be stopped. WinCC Advanced V14 System Manual, 10/2016 1669 Editing devices and networks 10.1 Configuring devices and networks Assign device name via memory card Introduction You can configure the device names of PROFINET IO devices offline. To do this, store a configured device name on a memory card and then insert the card into the appropriate IO device. If an IO device has to be completely replaced due to a device defect, the IO controller automatically reconfigures the new device. Using the memory card, a device can be replaced without a programming device. Requirements The programming device has a card reader for memory cards. The IO device must support the assignment of the device name via memory card. The station and its PROFINET IO system is configured. Procedure To store a device name on a memory card, follow these steps: 1. Insert the memory card into the card reader. 2. Select the IO device whose device name is to be assigned by the memory card. 3. Select the "Card reader > Save Device Name to Memory Card" command in the "Project" menu. If the memory card is not empty, a message will be issued informing you of this and you will have the option to delete the card. Retentivity of IP address parameters and device names The retentivity of IP address parameters (IP address, subnet mask, router setting) and device name depends on how the address is assigned. The non-retentive, temporary assignment means: IP address parameters and device name remain valid for the following time period: - Until the next POWER OFF - Until the next memory reset - Until termination of the online connection (for example, after loading the program) After POWER OFF / POWER ON or a memory reset, the CPU can only be accessed via the MAC address. If the IP address parameters are not retentive, communication based on the IP protocol can no longer take place after the above described events (for example, after POWER OFF/ POWER ON). The assignment of a temporary IP address also deletes retentively saved IP address parameters. 1670 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assigning IP address parameters and device name non-retentively IP address parameters and device name are not retentive in the following cases: A temporary IP address that is not retentive is implicitly assigned with the "Accessible devices" function, if the device (e.g. CPU) does not yet have an IP address. The device is a "normal" IO controller (i.e., not an I-device), and it is specified in the user program ("IP_Conf" instruction) that the IP address parameters/device name are not to be retentive. Assigning IP address parameters and device name retentively IP address parameters and device name are retentive in the following cases: In the properties of the PROFINET interface, it is specified that the IP address parameters are set in the project ("Set IP address in the project" option). In the properties of the PROFINET interface, it is specified that the IP address is to be set on the device. - Once the configuration is loaded, the IP address parameters and the device name are assigned via STEP 7 or a setup tool such as PST (STEP 7: online and diagnostic function "Assign IP address"). The assigned IP address parameters are retentive. - The device is a "normal" IO controller (i.e., not an I-device), and it is specified in the user program ("IP_Conf" instruction) that the IP address parameters/device name are to be retentive. Special features of the I-device In the properties of the PROFINET interface of the I-device, it is specified that the IP address parameters are to be set on the device. The IP address parameters for the I-device are assigned by the higher-level IO controller. If prioritized startup is set, the IP address parameters are retentive. If no prioritized startup is set, the IP address parameters are not retentive. Recommendation If possible, use the "Set IP address in project" option and specify an appropriate IP address. In this case, the IP address is assigned retentively. WinCC Advanced V14 System Manual, 10/2016 1671 Editing devices and networks 10.1 Configuring devices and networks Resetting of retentive IP address parameters and device names Retentive IP address parameters and device names are reset via the online and diagnostic function "Reset to factory settings". Note Consequences of reassignment of IP address parameters on top of existing IP parameters The temporary assignment of IP address parameters/device names results in a reset of any retentively saved IP address parameters/device names. With a fixed assignment of IP address parameters/device names, previously retentivelysaved parameters are replaced by the newly assigned parameters. Note Reuse of devices Execute the "Reset to factory settings" before you install a device with retentive IP address parameters and device name in another subnet or system or before you place it in storage. Creating a PROFINET IO system Introduction To create a PROFINET IO system, you need to have a PROFINET IO controller and at least one PROFINET IO device. As soon as you connect an IO controller to an IO device via their PROFINET interfaces, a controller-device link is established. IO controller and IO device As IO controller, you can use the following devices with a PROFINET interface: CPU with a permanently integrated or plug-in PROFINET interface CP in conjunction with a CPU Interface module assigned to a CPU/FM Interface module with a PROFINET interface As IO device, you can use head modules of the distributed I/O with PROFINET interface or CPUs as intelligent IO devices. With some devices, you can switch between modes (such as "IO controller" and "IO device") under "Mode" in the Inspector window of the PROFINET interface. Select the option button with the required mode. Requirements You are in the network view. The hardware catalog is open. 1672 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure To create a PROFINET IO system, for example with a CPU 1217C , follow these steps: 1. Select a CPU 1217C as a potential IO controller from the hardware catalog. 2. Drag the CPU onto the free area within the network view. 3. Right-click on the PROFINET interface of the CPU. 4. Select "Create IO system" from the shortcut menu. A PROFINET IO system with a CPU 1217C as IO controller will be created as the only node. If you connect the PROFINET interface of an IO device to the PROFINET interface of the IO controller, the IO slave will be added automatically to the IO system. If there is not yet a subnet between the IO controller and IO device, a new subnet is created between the IO controller and IO device. To include a CPU 1217C as an intelligent IO device in the DP master system, for example, follow the steps below: 1. Click on the PROFINET interface of the IO controller or IO device. 2. Hold down the mouse button and drag a connection from the selected PROFINET interface to the PROFINET interface of the desired communications partner. or 1. Click on the hyperlink of the IO device CPU 1217C. 2. Select the required IO controller from the displayed list of possible IO controllers. The intelligent IO device CPU 1217C is included in the PROFINET IO system with the CPU 1217C as IO controller. WinCC Advanced V14 System Manual, 10/2016 Drag between the PROFINET interfaces of IO device to IO controller. Click on the link of an unassigned IO device, and a selection of possible IO controller opens. 1673 Editing devices and networks 10.1 Configuring devices and networks If required, adapt the properties of the Ethernet subnet or the IO controller (for example, IP address) under "Properties" in the inspector window. Note If there is only one IO controller on a subnet, you only have to connect the interface of the IO device to the subnet of this IO controller with drag-and-drop. The IO device is then connected to the subnet of the IO controller immediately, and the IO device is assigned to this IO controller. Display of the IO controller in the IO device When an IO device is connected to an IO controller, the name of the IO controller is displayed on the IO device as a hyperlink. Click the hyperlink to select the assigned IO controller. 1674 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Highlighting the PROFINET IO system When you have created a new PROFINET IO system, the PROFINET IO system will be highlighted. This enables you to identify quickly which devices belong to the PROFINET IO system. You can also highlight a PROFINET IO system yourself by moving the mouse pointer over a subnet. This will result in the names of the available PROFINET IO systems being displayed. If you click on one of the displayed PROFINET IO systems with the mouse, the corresponding PROFINET IO system is highlighted. There are various ways of removing the highlighting from a PROFINET IO system: Highlight a different PROFINET IO system. Click on the pin with the name of the PROFINET IO system in the top right-hand corner of the network view. Handling PROFINET IO systems Using shortcut menu commands, you can delete PROFINET IO systems, create new ones or even connect the interface to another subnet from within the network view. An existing PROFINET configuration can thereby be corrected in the network view. Create new PROFINET IO system for IO controller To create a new PROFINET IO for an IO controller, proceed as follows: 1. Make sure that no IO system is already assigned to the IO controller. If an IO system is already assigned to the IO controller, the "Assign IO system" shortcut menu command is disabled. 2. Select the PROFINET interface and then select the "Assign IO system" shortcut menu command. A new PROFINET IO system is created at the IO controller and you can assign IO devices to this IO system. WinCC Advanced V14 System Manual, 10/2016 1675 Editing devices and networks 10.1 Configuring devices and networks Disconnecting PROFINET IO devices from PROFINET IO system To disconnect an already networked PROFINET IO device from its PROFINET IO system, follow these steps: 1. Click on the PROFINET interface of an IO device. 2. Select the "Disconnect from IO system" shortcut menu command. The IO device that was assigned to this IO system is then no longer assigned to it. You can create a new IO systems and can assign each of the non-assigned IO devices to an IO controller. Assign PROFINET IO devices to other IO controllers Existing PROFINET IO systems can be easily reconfigured in the network view by selecting the IO device or its interface and the required command from the shortcut menu: When selecting the interface: 1. Select the interface of an IO device and then select the shortcut menu. You have the following options here: - Assign a new subnet to the IO device or disconnect it from the existing subnet - Assign the IO device to a new IO controller - Assign a new IO system to the IO device or disconnect it from the existing subnet 2. To assign another IO controller to the IO device, select the "Assign to new IO controller" shortcut menu command. If there is no connection, a subnet is automatically created and the IO device is assigned to the IO system of the new IO controller. 1676 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks When selecting the entire device: 1. Select the IO device and select the shortcut menu. You have the following options here: - Assign the IO device to a new IO controller - Disconnect the IO device from the existing subnet 2. To assign the IO device to another IO controller, select the "Assign new DP master/IO controller" shortcut menu command. If there is no connection, a subnet is automatically created and the IO device is assigned to the IO system of the new IO controller. Tip: Quick configuration of IO systems If the IO system has a lot of IO devices, assign all IO devices placed by drag-and-drop operation to an IO controller on one step. Requirements IO controller and IO devices are placed in the network view. Assign IO devices to an IO system To do this, follow these steps: 1. Select an appropriate zoom factor so that you can see as many IO devices as possible in the network view. 2. Arrange the IO devices in not more than of two rows. 3. Select all IO interfaces (not all devices) with the mouse cursor. This only works if you begin to drag the mouse cursor outside of the first IO device and release the mouse button at the last IO device (selection with the lasso). WinCC Advanced V14 System Manual, 10/2016 1677 Editing devices and networks 10.1 Configuring devices and networks 4. Select the shortcut menu "Assign new IO controller" and select the corresponding IO interface of the IO controller in the subsequent dialog. 5. The IO devices are automatically networked with the IO controller and combine with it to form an IO system. Note When an IO system is highlighted, you can double-click on an IO device in the hardware catalog and thereby quickly add additional IO devices. Result: The IO device is automatically added to the highlighted IO system. Interconnecting ports If an IO device is assigned to an IO controller, this does not yet specify how the ports are connected to each other. Although a port interconnection is not required to make use of the Ethernet/PROFINET functions, it does offer the following advantages: A target topology is specified with the port interconnection. Based on an online-offline comparison, it is possible to conduct a target-actual comparison with all devices that support this function. Only with IRT communication: If a port interconnection is configured, STEP 7 can determine the required bandwidth more precisely. As a rule, this leads to a higher performance. Make sure that no invalid ring structures occur through the interconnection of ports. Port interconnection is only advisable for devices that support the topology configuration. 1678 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interconnecting ports in the Inspector window To interconnect ports, follow these steps: 1. Select the Ethernet/PROFINET device or the Ethernet/PROFINET interface. 2. Navigate to the port property "Port interconnection". When the Ethernet/PROFINET interface is selected, you can find this setting in the Inspector window as follows: Properties > General > Advanced Options > Port [...] > Port Interconnection. 3. In the "Local port" section, you can find the settings at the local port. In the case of fiberoptic cable you can, for example, set the cable names here. In the "Partner port" section, click on the black triangle in the "Partner port" box to display and select the available partner ports. 4. If the port interconnection is a port interconnection with copper as medium and the devices support IRT communication, you can also set cable length and signal transit time. If the Ethernet/PROFINET interface was disconnected, it is automatically networked by this action. In the properties of the subnet you can set whether this subnet should or should not be used for the networking. Note Interconnecting an electric with an optical port If you want to interconnect an electrical and an optical port, you have to distinguish between RT and IRT communication: With RT communication, it is not necessary to configure a media converter. With IRT communication, you have to make the interconnection via a media converter. Information on monitoring the partner port After you have interconnected the two ports, you receive information on the monitoring of the partner port in a text field. The following displays are possible: Monitoring of the partner port is not possible. Partner port is being monitored. It is not possible to monitor the partner port if you, for example, select a deactivated port as partner port. In this case it is not possible to monitor the target topology and the signal propagation time. A device replacement is then only possible with a Micro Memory Card. See also Overview (Page 702) WinCC Advanced V14 System Manual, 10/2016 1679 Editing devices and networks 10.1 Configuring devices and networks Setting the send clock Requirements to change the send clock at the PROFINET device No IRT (Isochronous Realtime) should be configured. In detail, this means: No device must be configured at the IO system as a sync slave or sync master. All devices at the IO system must be unsynchronized. If IRT is configured (in other words, if the IO controller is configured as sync master), the send clock can only be configured in the sync domain. Procedure To set the send clock on the PROFINET device, follow these steps: 1. Select the PROFINET IO controller in the device or network view. 2. Change the value for the shortest possible update interval in the properties of the PROFINET interface under "PROFINET Interface > Advanced options > Real-time settings > IO communication > Send clock". The send clock is valid for all PROFINET devices at the IO system. If the synchronization role is set to a value other than "Unsynchronized", you can only set the send clock in the sync domain, in other words, centrally at the PROFINET IO system. Setting the update time Update time An IO device / IO controller in the PROFINET IO system is supplied with new data from the IO controller / IO device within this time period. The update time can be separately configured for each IO device and determines the time interval in which data is transmitted from the IO controller to the IO device (outputs) as well as data from the IO device to the IO controller (inputs). STEP 7 calculates the update time automatically in the default setting for each IO device of the PROFINET IO system, taking into account the volume of data to be exchanged as well as the set send clock. Setting the update time If you do not want to have the update time calculated automatically, you can change the setting. 1680 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks To change the update time in the Inspector window, proceed as follows: 1. Select the PROFINET interface of the IO device in the network or device view. 2. Specify the update time in the interface properties under "Advanced options > Real time settings > IO cycle". You can specify the update time in two ways: - Automatic calculation of the optimal update time. - Update time you can set yourself by selecting different values from a drop-down list. 3. If you want to keep the relationship between the send clock and the update time constant, enable the "Adapt update time when send clock changes" option. This option ensures that the update time is not set to less than the send clock. You can also carry out this setting directly in the I/O communication table via the drop-down list in the "Update time mode" column. Manual setting of the send clock may result in errors if the available bandwidth is not adequate or when other limits/configuration limits are exceeded (for example, too many nodes are configured). Note When you change the update time mode from "Can be set" to "Automatic", a manually entered update time is overwritten by the automatically calculated value. No update time can be calculated STEP 7 determines the sequence of the cyclic data exchange based on the configuration information (IO controller properties, IO device properties, number and type of the IO devices, consistency of the cyclic user data...). The cyclic data is packed in frames and sent/received successively at calculated time intervals. The maximum number/size of the frames and the maximum number of intervals available must be sufficient to "accommodate" all the data. The resulting send/receive interval must also be supported by every PROFINET device. If the limits relating to the amount of cyclic user data/number of frames or relating to the intervals available are exceeded, STEP 7 cannot calculate an update time. If there is no common basis for the send/receive interval, calculating the update time is also not possible. If there is a reason preventing the calculation of the update time, STEP 7 reports the cause when compiling the hardware configuration. How to eliminate the problem: Reduce the number of IO devices Reduce the number of modules within the IO devices If you are using an IE/PB link: Reduce the number of DP slaves downstream from the IE/ PB link Use a more powerful IO controller or IE/PB link WinCC Advanced V14 System Manual, 10/2016 1681 Editing devices and networks 10.1 Configuring devices and networks Increase the send clock - With RT: in the properties of the IO controller - With IRT: in the properties of the sync domain Check the device properties of the IO devices ('MinDeviceInterval' and the possible scan rates) due to the common basis for the send/receive interval. Replace unsuitable IO devices. This device properties are stored in the GSD file of the IO device. With IRT configuration: - Check whether the ports of the sync master and sync slaves are interconnected. - Check the order of the IO devices: There can be no unsynchronized device connected between the sync master and sync slave (Example of bad configuration: Sync master --- unsynchronized device --- sync slave). - Check whether you have configured more than one sync master. - Check the bandwidth remaining for RT data. The bandwidth for RT data available for the transfer can be restricted by IRT communication on the same Ethernet subnet. When using I-devices: It may not be possible to use the set send clock together with the existing I-device configuration. - Configure the I-device without lower-level IO devices and activate the setting "Parameter assignment of PN interface by higher-level IO controller". - Change the send clock of the IO controller to an even value (... 0.250, 0.500, 1.000, ...). Identification of the IO devices involved: You can identify the IO devices involved for which no update time can be calculated in the "I/ O communication" table of the PROFINET IO system in the network view. No entry is made in the "Update time" column for the IO device involved (entry "-"). Setting the watchdog time Watchdog time You can configure the watchdog time for PROFINET IO devices. If the IO device is not supplied with input or output data (IO data) by the IO controller within the watchdog time, it switches to the safe state. Do not enter the watchdog time directly, but as "Accepted number of update cycles when IO data is missing". This makes setting easier because the update time can be shorter or longer, depending on the power of the IO device or the setting. The resulting watchdog time is automatically calculated from the "Accepted number of update cycles when IO data is missing". 1682 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring the watchdog time To specify the watchdog time, follow these steps: 1. Select the PROFINET interface of the IO device in the network or device view. 2. In the properties of the interface, navigate to "Advanced options > Realtime settings > IO cycle". 3. Select the required number of cycles from the drop-down list "Trigger watchdog after # cycles with missing IO data". The watchdog time is subsequently calculated automatically based on the preset factor. It must not be more than 1.92 seconds. Note The default setting should only be changed in exceptional cases, for example, during the commissioning phase. Calculated bandwidth for cyclic IO data Calculated bandwidth for cyclic IO data Adherence to the maximum available bandwidth for cyclic IO data is monitored by the system. The maximum bandwidth depends on the send clock cycle. If the send clock cycle is greater than or equal to 1 ms, the maximum bandwidth is 0.5 ms. If the send clock cycle is shorter, the maximum available bandwidth is also reduced. The bandwidth actually required for cyclic IO data is determined by the system based on the number of configured IO devices and IO modules. Furthermore, the required bandwidth depends on the update time that is used. In general, the calculated bandwidth increases in the following cases: There is a greater number of IO devices There is a greater number of IO modules The update times are shorter. Maximum bandwidth for cyclic IO data depending on the send clock The following table shows how the maximum available bandwidth for cyclic IO data reacts based on the send clock: WinCC Advanced V14 System Manual, 10/2016 Send clock cycle Maximum bandwidth for cyclic IO data 250 s - 468.75 s << 125 s 500 s - 968.75 s = send clock / 2 1 - 4 ms = 500 s 1683 Editing devices and networks 10.1 Configuring devices and networks Setting port options Setting the port options Changing connection settings for the PROFINET IO port By default, the settings for ports of a PROFINET interface are specified in such a way that problem-free data exchange is ensured in normal situations. If necessary, you can change the settings. The setting options are described below. Possible settings for transmission rate/duplex Depending on the selected device, you can make the following settings for "Transmission rate/ duplex": Automatic setting Recommended default setting of the port. The transmission settings are automatically "negotiated" with the partner port. The "Enable autonegotiation" option is automatically selected by default. TP/ITP at x Mbps full duplex (half duplex) Setting of the transmission rate and the full duplex/half duplex mode. The effectiveness depends on the "Enable autonegotiation" setting: - Autonegotiation enabled You can use both cross cable and patch cable. The port is monitored with this setting. - Autonegotiation disabled Make sure that you use the correct cables (patch or cross cables). The port is also monitored with this setting. Deactivated Depending on the device type, the drop-down list box can contain the "Deactivated" option. With this option, you can prevent access via an unused port for security reasons, for example. With this setting, diagnostic events are not generated. "Monitor" option With the "Monitor" option, you enable/disable port diagnostics. You can only enable monitoring if the device supports this function. 1684 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Below is a list of what is monitored during operation by the device when monitoring is enabled - regardless of whether you have interconnected the port or not: The link status is monitored; in other words, diagnostics is generated when the link is down (e.g. with a wire break or a removed connector). With fiber-optic ports (FO), the link power margin is monitored so that a staged maintenance diagnostics is obtained. The media settings are monitored; in other words, a diagnostics message is generated when the local port setting (transmission rate/duplex) during operation does not match the setting of the partner port. If the port is interconnected: The cable length/signal delay time is monitored; in other words, a diagnostics message is generated if the locally detected cable length/signal delay time does not match the cable length/signal delay time detected by the partner. Disabling monitoring Monitoring does not make sense in the following cases: The option "Alternative partners" is enabled at the local port, for example, for a docking port of a docking station (tool changer). In this case, a link status change is a normal operational situation. The partner port belongs to a non-PROFINET device. Only ports of PROFINET devices transfer their port settings such as the transmission rate, duplex setting etc. The local port is connected to a media converter (passive network component with different signal delay times for Ethernet frames). At the local port, the option "End of topology discovery" is enabled in the boundaries settings. Monitoring of the desired topology With the "Monitoring" option, no monitoring is linked to the adherence to the desired topology. This means that whether the configured interface and port properties such as device name, port name and cable length match the current settings is not influenced by the "Monitoring" option. Adherence to the desired topology is checked automatically when you interconnect the local port with a partner port; the partner port must not then be disabled. The port properties indicate whether the monitoring of the desired topology is performed or is impossible (port interconnection, partner port refer, to the figure below ). WinCC Advanced V14 System Manual, 10/2016 1685 Editing devices and networks 10.1 Configuring devices and networks 1686 Display of whether the device can check the actual properties of the partner port against the configured properties of the partner port. This adherence to the desired topology is checked automatically when you interconnect the local port with a partner port. Setting the monitoring to link down, media settings and cable length/signal delay time. At runtime, the local port compares its own settings with the settings of the partner port. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Option "Enable autonegotiation " The autonegotiation setting can only be changed if a concrete medium (for example, TP 100 Mbps full duplex) is selected. Whether or not a concrete medium can be set depends on the properties of the module. If autonegotiation is disabled, this causes the port to be permanently specified, as for example, is necessary for a prioritized startup of the IO device. You must make sure the partner port has the same settings because, with this option, the operating parameters of the connected network are not detected and the data transmission rate and transmission mode can therefore not be optimally set. Note When a local port is interconnected, STEP 7 makes the setting for the partner port if the partner port supports the setting. If the partner port does not support the setting, an error message is generated. Port options for using the GBIT PROFINET interface The PROFINET interface (X3) of the CPU 1518-4 PN/DP supports a maximum transmission rate of 1000 Mbps (GBIT). In order to achieve this transmission rate, the following requirements must be met: CPU Firmware Version V1.7 or higher. Devices on the same PROFINET subnet must also support the 1000 Mbps transmission rate. The network infrastructure (network cables and outlets) must be category CAT 5e or better. The port options of PROFINET interface X3 must be set as follows: - "Transmission rate/Duplex": Automatic - "Autonegotiation": Activated See also Wiring rules for disabled autonegotiation (Page 1687) Boundaries at the port (Page 1688) Wiring rules for disabled autonegotiation Requirement You have made the following settings for the port in question, for example, to accelerate the startup time of the IO device: Fixed transmission speed Autonegotiation incl. autocrossing disabled WinCC Advanced V14 System Manual, 10/2016 1687 Editing devices and networks 10.1 Configuring devices and networks This saves you the time required to negotiate the transmission rate during startup. If you have disabled autonegotiation, you must observe the wiring rules. Wiring rules for disabled autonegotiation PROFINET devices have the following two types of ports: Type of port PROFINET devices Note Switch port with crossed pin as signment For IO devices: Port 2 Crossed pin assignment means that the pin assignment for the ports for sending and receiving between the respective PROFI NET devices is exchanged inter nally. End device port with uncrossed pin assignment For S7 CPUs with 2 ports: Ports 1 and 2 For IO devices: Port 1 - For S7 CPUs with one port: Port 1 Validity of the wiring rules The cabling rules described in the following paragraph apply exclusively to the situation in which you have specified a fixed port setting. Rules for cabling You can connect several IO devices in a line using a patch cable (one-to-one wiring of both connectors). To do this, you connect port 2 (P2) of the IO device to port 1 (P1) of the next IO device. The following graphic gives an example with two IO devices. 6ZLWFKRU 352),1(7GHYLFH 3 ,2GHYLFH 3 3 3DWFKFDEOHV ,2GHYLFH 3 3 3 3DWFKFDEOHV 6ZLWFKSRUW (QGGHYLFHSRUW Boundaries at the port Requirement The respective device must support boundaries settings in order to work with boundaries. If the device for PROFINET does not support boundary settings, the corresponding parameters are disabled, such as in the CPU 1215C V3, for example. 1688 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Enable boundaries "Boundaries" are limits for transmission of certain Ethernet frames. The following boundaries can be set at a port: "End of detection of accessible devices" DCP frames for detection of accessible devices are not forwarded. Devices located behind this port are no longer displayed in the project tree under "Accessible devices". Devices located behind this port can no longer be reached by the CPU. The device must have more than one port for this function. "End of topology discovery" LLDP frames (Link Layer Discovery Protocol) for topology detection are not forwarded. "End of sync domain" Sync frames transmitted for synchronization of devices within a sync domain are not forwarded. For example, if you operate a PROFINET device with more than two ports in a ring, you should prevent the sync frames from being fed into the ring by setting a sync boundary (at the ports not inside the ring). The device must have more than one port for this function. Additional example: If you want to use several sync domains, configure a sync domain boundary for the port connected to a PROFINET device of the other sync domain. Restrictions The following restrictions must be observed: The individual check boxes can only be used if the port supports the function in question. If a partner port has been defined for the port, the following check boxes cannot be used: - "End of detection of accessible devices" - "End of topology discovery" Enabling device replacement without exchangeable medium Replacing an IO device without exchangeable medium It is often necessary to replace IO devices in automation systems. The IO devices are generally assigned a device name by either inserting an exchangeable medium or via the programming device. The IO controller uses this device name to identify the IO device. Subject to certain conditions, IO devices can also receive their device names without the insertion of an exchangeable medium (e.g., memory card) or without a programming device. For this purpose, the IO controller uses Ethernet mechanisms (LLDP protocol; Link Layer Discovery Protocol) to analyze the relationships between the individual IO devices and the IO controller. From these relationships, the IO controller detects which IO device was replaced and assigns the configured device name to it. WinCC Advanced V14 System Manual, 10/2016 1689 Editing devices and networks 10.1 Configuring devices and networks Requirements A port interconnection is already configured. The affected IO devices in the automation system must support device replacement without exchangeable medium (LLDP protocol). Note Use only new IO devices as replacement devices, or restore IO devices already configured to the delivery state prior to commissioning. For S7-1500 CPUs with firmware version V1.5 or higher, it is not necessary to reset IO devices with an existing parameter assignment to delivery state. Requirement: The "Permit overwriting of device names of all assigned IO devices" option is selected for the IO controller ("Advanced option > Interface options" area of the properties of the PROFINET interface). Procedure In order to enable the replacement of an IO device without exchangeable medium, proceed as follows: 1. In the device or network view, select the PROFINET interface of the corresponding IO controller. 2. In the interface properties under "Advanced settings > Interface options", select the "Support device replacement without exchangeable medium" check box. The option "Support device replacement without exchangeable medium" also permits automatic commissioning, which means you can commission the IO system with the IO devices without assigning their device names in advance. IO devices without corresponding functionality When individual IO devices in the automation system do not support device replacement without exchangeable medium, a corresponding alarm is output for the IO device. It is possible to use the functionality nevertheless. However, all of the following conditions have to be fulfilled: The function "Device replacement without exchangeable medium" is activated in the higherlevel IO controller. The IO device supports the LLDP protocol. At least one "neighbor" of the IO device supports - The function "Device replacement without exchangeable medium" as an IO controller or - The LLDP protocol as an IO device. When you configure the environment of the IO device so that the conditions described above are met for the "Device replacement without exchangeable medium", the usage of the function is possible even if the IO device does not support the functionality directly. 1690 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Assigning the device name and IP address (Page 1660) Components with the the device replacement without exchangeable medium function (http:// support.automation.siemens.com/WW/view/en/36752540) Connect the DP slave via the IE/PB Link to a PROFINET IO system Requirements STEP 7 as of V12 S71500 CPU as of firmware version 1.7 ET 200SP CPU as of firmware version 1.7 S7-1500 software controller S7-300/400 CPU Procedure for connecting a DP slave via an IE/PB Link To connect a DP slave to a PROFINET IO system via an IE/PB Link in STEP 7, follow these steps: 1. Drag a PROFINET CPU, e.g. 1513-1 PN, from the hardware catalog to the network view of STEP 7. 2. Drag an IE/PB Link PN IO from the hardware catalog to the network view of STEP 7. You will find the IE/PB Link PN IO under Network components > Gateways > IE/PB Link PN IO. 3. Assign the IE/PB Link PN IO to the CPU. 4. Drag a PROFIBUS interface module e.g. IM155-6 DP HF, from the hardware catalog to the network view. 5. Assign the interface module to the IE/PB Link. 6. Select the IE/PB Link PN IO in the network view of STEP 7. WinCC Advanced V14 System Manual, 10/2016 1691 Editing devices and networks 10.1 Configuring devices and networks 7. In the Inspector window, go to the "Gateway" area and select the "Network gateway as PROFINET IO proxy" option. 8. In the PROFINET device number area, you can assign a PROFINET device number for the DP slave. If you have selected the "Device number = PB address" check box (default), STEP 7 automatically assigns the device number according to the PROFIBUS address of the slave. In addition, you no longer need to update the device number if the PROFIBUS address changes. See also Configuration using IE/PB link PN IO (Page 1656) Setup recommendations for optimizing PROFINET Optimizing PROFINET with RT PROFINET provides you with high-performance communication on all levels. The figure below shows an example of an optimized PROFINET topology. 1692 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3URGXFWLRQOLQH 3*3& 3*3& 3*3& 6ZLWFK 2IILFH(WKHUQHW +0, 6 6 352),%86 (76 352),1(7,QGXVWULDO(WKHUQHW (763 (703 (763 (703 (7SUR When setting up your PN network topology, take care that the various automation applications are distributed among separate network branches so that a sufficient bandwidth reserve will be available for future expansions. When you integrate standard Ethernet devices into the network topology or use standard Ethernet communication, take into account the network load caused by standard Ethernet and adapt the network topology as appropriate (max. bandwidth 100 Mbps). For communication with higher-level networks with a high data volume, use the most direct paths possible to the higher-level network infrastructure. Also observe the Installation Guideline of the PROFIBUS User Organization. WinCC Advanced V14 System Manual, 10/2016 1693 Editing devices and networks 10.1 Configuring devices and networks Setting up PROFINET with IRT Keep in mind the following rules for setting up and operating a PROFINET IO system in IRT mode. These rules will ensure best possible operation of your PROFINET IO system. When using IRT, you must configure the topology. This will enable exact calculation of the update time, bandwidth, and other parameters. If you would like to use multiple sync domains, configure a sync boundary for the port which is currently connected to the PROFINET device of another sync domain. In a sync domain, you can only configure one sync master at a time. A PROFINET IO system may only be part of a single sync domain. When you configure PROFINET devices in a sync domain and want to synchronize with IRT, the PROFINET devices concerned must support IRT communication. If possible, use the same PROFINET device as the PROFINET IO controller and sync master. If only some of the PROFINET devices in a PROFINET IO system are synchronized, please keep in mind the following: Assign PROFINET devices that are not participating in the IRT communication to the RT class "RT" and the synchronization role "unsynchronized" in the sync domain. 1694 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Applications for CPU with multiple PROFINET IO interfaces Connecting machines: Your configuration contains machines located on separate IO lines. You can operate real-time communication between the CPUs over X2 PROFINET IO interfaces. Use the Idevice or shared Idevice function for this purpose. The figure below shows an example configuration for 2 machines connected over the X2 interface with an Idevice relationship. 6ZLWFK ;DV,2 FRQWUROOHU ;DV,2 GHYLFH &RQQHFWLRQ 0DFKLQH 0DFKLQH Distribution by automation tasks: - For automation tasks with high performance and deterministic requirements, use PROFINET with IRT over the X1 interface. - For other tasks that you can implement with RT, use the X2 interface. If you use interface X2 as the PROFINET IO interface for one of the following CPUs, this can affect performance: CPU 1515(F)2 PN CPU 1515T2 PN CPU 1516(F)3 PN/DP CPU 1516(F)pro-2 PN You can find additional information in the Cycle and Response Times function manual. Topological overlap of IO systems in multicontroller applications In a configuration with multiple IO controllers, shared paths are subject to the combined network loads of all connected PROFINET IO systems. WinCC Advanced V14 System Manual, 10/2016 1695 Editing devices and networks 10.1 Configuring devices and networks To avoid high communication loads in multicontroller applications, observe the following recommendations: Avoid paths that are shared by multiple IO systems. The figure below shows a configuration with two PROFINET IO systems that use the same paths. ,2FRQWUROOHU ,2FRQWUROOHU ,2GHYLFH ,2GHYLFH Shared path In the figure below, the two PROFINET IO systems do not use shared paths. ,2GHYLFH ,2FRQWUROOHU ,2FRQWUROOHU ,2GHYLFH If separation is not possible: Increase the update time for the affected IO devices. Installation guidelines of the PROFIBUS user organization The installation guidelines can be found on the Internet. Limitation of the data infeed into the network Limiting the data infeed into the network on PROFINET interfaces The "Limit data infeed into the network" function limits the network load of standard Ethernet communication which is fed into the network by the interface to a maximum value. This does not apply to cyclic real-time communication (RT/IRT). In a PROFINET IO system, critical network loads can occur quickly with standard Ethernet communication. All devices in a PROFINET IO system should support the "limitation of the data infeed into the network". If you use devices that feed a lot of "standard Ethernet communication" into the PROFINET IO system, you should adapt the topology, if necessary. Depending on the interface, you can activate or deactivate the "Limit data infeed into the network" function. If you use the X1 interface of an S7-1500 CPU as the IO controller or Idevice, the "Limit data infeed into the network" function is always enabled. Example: If you are not using the X1 interface of an S7-1500 CPU as IO controller or I-device, you can enable or disable the function. 1696 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Uses of the limitation of the data infeed to the network Division of the bandwidth for standard Ethernet communication between devices: In PROFINET networks cyclic real-time communication and standard Ethernet communication share the same network. This means that only a limited bandwidth remains for standard Ethernet communication. The limitation of the data infeed ensures that the remaining bandwidth for standard Ethernet communication is not used just by one device, but is divided between several devices. Smoothing peaks in the data infeed: The limitation of the data infeed smooths peak loads of standard Ethernet communication (for example, from Open User Communication, access by the Web server). Limiting problems in the data infeed: If applications in a device generate too much data, this data is not forwarded to the PROFINET network. Negative effects (for example data loss, communication breakdown) remain limited to the device and its communications partner. Other nodes are not disturbed. Setting limitation of the data infeed into the network for a CPU To set the limitation of the data infeed into the network ("infeed load limitation"), follow these steps: 1. In the network view of STEP 7, select the interface of the CPU. 2. In the Inspector window, go to "Properties" > "General" > "Advanced options" > "Interface options". 3. Select or clear the "Limit data infeed into the network" check box. Using GSD files GSD files for IO devices Basic information on GSD files of IO devices The properties of PROFINET IO devices are not stored in a keyword-based text file (as for PROFIBUS DP slaves), but in an XML file whose structure and rules are determined by a GSDML schema. The language used to describe the GSD files is GSDML (Generic Station Description Markup Language). It is defined by the GSDML schema. WinCC Advanced V14 System Manual, 10/2016 1697 Editing devices and networks 10.1 Configuring devices and networks A GSDML schema contains validation rules that allow it, for example, to check the syntax of a GSD file. GSDML schemas (as schema files) are acquired by IO device manufacturers from PROFIBUS International. Functional enhancements in the area of PROFINET IO will have an effect on the GSDML specification and the corresponding schema. A new version of the specification and of the schema is created by the functional enhancement. Names of GSD files for IO devices One possible example of a GSD file name for IO devices is: "GSDML-V1.0-Siemens-ET200S-20030616.xml" Name component Explanation GSDML String at the start of each GSD file for IO devices V1.0 Version of the GSDML schema Siemens Manufacturer ET200S Name of the device 20030616 Version code (date) .xml File extension Versioning of GSD files for IO devices The version information of GSD files is two-fold: First, the version of the GSDML schema is indicated. This determines the language scope used by a GSD file. This is followed by the version, listed as an issue date. The version number of GSD files is incremented, for example, after elimination of an error or introduction of a functional enhancement. Functional enhancements may result in a new version of the GSDML schema. A new version of a GSDML schema might only be supported with restrictions. Installing the GSD file Introduction A GSD file (general station description file) contains all properties of an IO device. If you want to configure an IO device that is not available in the hardware catalog, you must install the GSD file provided by the manufacturer. IO devices installed via GSD files are displayed in the hardware catalog and can then be selected and configured. Requirement The hardware and network editor is closed. You have access to the required GSD files in a directory on the hard disk. 1698 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure To install a GSD file, follow these steps: 1. In the "Options" menu, select the "Install general station description file (GSD)" command. 2. In the "Install general station description file" dialog box, select the folder in which the GSD files are stored. 3. Choose one or more files from the list of displayed GSD files. 4. Click on the "Install" button. 5. To create a log file for the installation, click on the "Save log file" button. Any problems during the installation can be tracked down using the log file. You will find the new IO devices installed by means of GSD files in the hardware catalog under "Additional field devices > PROFINET". See also Overview of hardware and network editor (Page 521) Deleting GSD file Introduction You can delete installed DP slaves using GSD files. These DP slaves are then no longer displayed in the hardware catalog. Requirement The hardware and network editor is closed. You will find the new IO devices installed by means of GSD files in the hardware catalog under "Additional field devices > PROFINET". Procedure To delete a GSD file, follow these steps: 1. In the "Options" menu, select the "Install general station description file (GSD)" command. 2. In the "Install general station description file" dialog box, select the folder in which the GSD file is stored. 3. Select the file that is to be deleted from the list of displayed GSD files. 4. Click the "Delete" button. The selected GSD file was deleted and the DP slave is no longer located in the hardware catalog. WinCC Advanced V14 System Manual, 10/2016 1699 Editing devices and networks 10.1 Configuring devices and networks Changing the revision of a GSD file Changing the revision of a GSD file You can change the revision of a GSD file for an IO device: Only for the current IO device All suitable IO devices within the IO system All suitable IO devices within the complete project First, all existing GSD files for the current IO device are shown. The only difference between the GSD files shown is their revision status. The currently used GSD file is highlighted. Requirement The I/O data is the same for all IO devices whose revision is to be changed. The article number has not changed. The number of submodules is identical. The configuration data has not changed. There must be no module or submodule in a slot that is invalid after the new GSD file has been created. Procedure To change the revision of one or more IO devices, proceed as follows: 1. Select the IO device whose GSD file revision is to be changed. 2. Click on the "Change revision" button under "General> Catalog information" in the properties of the IO device. The "Change revision" dialog box opens. 3. Select the GSD revision you want to use in the "Available revisions" table. 4. Under "Use selected revision for", select the devices whose version are to be changed: - Only for the current IO device - For all suitable IO devices in the IO system - For all suitable IO devices in the project 5. Click the "Apply" button. 1700 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 10.1.4.7 Bus coupling with PN/PN coupler Application and function Application The PN/PN coupler is used to link two Ethernet subnets with one another and to exchange data. That way use data about input or output address areas or datasets can be used. The maximum size of the transferable input and output data is 1024 bytes. The division into input and output data is preferable, so that e.g. 800 byte input data and 200 byte output data can be configured. As a device, the PN/PN coupler has two PROFINET interfaces, each of which is linked to one subnet. In the configuration, two IO Devices are produced from this one PN/PN coupler which means that there is one IO Device for each station with its own subnet. The other part of PN/PN coupler in each case is known as the bus node. Once configuring is complete, the two parts are joined. ,2&RQWUROOHU 6 ,2'HYLFH (76 23 3131FRXSOHU ,2'HYLFH (76 6ZLWFK 3* 6ZLWFK ,2&RQWUROOHU 6 6ZLWFK 352),1(7,QGXVWULDO(WKHUQHW Figure 10-15 Coupling two PROFINET IO subnets with one PN/PN coupler Additional information For additional information on "PN/PN couplers", refer to Service & Support on the Internet (http://support.automation.siemens.com/WW/view/en/44319532). Linking Ethernet subnets Linking Ethernet subnets with a PN/PN coupler You can link Ethernet subnets with the standard device PN/PN coupler. To link Ethernet subnets, follow these steps: 1. Create your Ethernet subnets. 2. Select the standard field devices in the hardware catalog. Find the PN/PN coupler as head module in the "PROFINET IO" folder. WinCC Advanced V14 System Manual, 10/2016 1701 Editing devices and networks 10.1 Configuring devices and networks 3. In the network view, drag the two components X1 and X2 to the required version of the PN/ PN coupler per drag-and-drop operation. The components form a device, but are shown separately to make handling easier. 4. Connect the Ethernet interface of the PN/PN coupler X1 to the first Ethernet subnet. 5. Connect the Ethernet interface of the PN/PN coupler X2 to the second Ethernet subnet. The Ethernet subnets are now linked through the two components of the PN/PN coupler. 10.1.4.8 Integrating external tools Integrating S7-external tools Introduction Tools external to STEP 7 ("Device Tools") with a special call interface (Tool Calling Interface) can be used to configure distributed devices. Such devices are also referred to as "TCI capable". The performance range of these tools exceeds the possibilities provided within GSD configuration, for example, they can provide expanded graphical input options. Distributed devices can be as follows: PROFIBUS DP slaves Modules within a DP slave PROFINET IO devices Modules within an IO device Note Warranty and liability Siemens accepts no liability for third-party software (device tools) called with the TCI (Tool Calling Interface) or for proper interaction with the associated devices. 1702 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Requirement The call interface of the tool complies with the TCI specification. Parameters and commands are forwarded to the distributed device via this call interface. Such tools have to be installed using a setup provided by the manufacturer. The "S7-PCT" (Port Configuration Tool) device tool for IO-Link master modules and IO-Link devices is an exception; this is supplied with STEP 7. Special note: After the installation, the tool is not shown in the list of installed software or in the list of software products in the project. The GSD file of the distributed device that is to be configured with the Device Tool must be installed. Starting the device tool The command for starting the device tool is available in the shortcut menu of the TCI-capable device in the shortcut menu of the graphical and tabular device view: "Start device tool". See also Starting the SIMATIC S7-PCT (Page 1703) Starting the SIMATIC S7-PCT Introduction The "S7-PCT" (Port Configuration Tool) device tool is installed with STEP 7. The tool is used to assign parameters to the ports of IO-Link modules such as 4SI IO-Link (S7-1200, ET 200S) or 4IOL+8DI+4DO (ET 200eco PN). Requirement You have configured the corresponding CPU, the DP slave or the IO device with an IO-Link module. Procedure To start via the graphical device view, follow these steps: 1. Select the IO-Link module in the device view. 2. Select "Start device tool" from the shortcut menu. OR, to start with the tabular device view, follow these steps: 1. Select the IO-Link module in the device view. 2. Arrange the areas in the work area in such a way that the tabular device overview is visible (it is located between the device view and the inspector window). 3. Select the row with the IO-Link module in the device overview. 4. Select "Start device tool" from the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 1703 Editing devices and networks 10.1 Configuring devices and networks Result The tool starts and you can configure the ports. See also Integrating S7-external tools (Page 1702) 10.1.4.9 Loading a configuration Introduction to loading a configuration In order to commission a device, identical configurations must be stored on the programming device/PC and on the connected devices. To synchronize the configurations on the programming device/PC and the connected devices, you load a configuration. Configuration data can be loaded in two directions: From the programming device/PC to a device From the device to a PG/PC See also Uploading project data from a device (Page 376) General information on loading (Page 370) Downloading a configuration to a device (Page 1704) Downloading project data to a device (Page 372) General information on loading to PG/PC (Page 1705) Downloading a configuration to a device Loading the hardware configuration After you have inserted a new device in the project and configured it or if you have modified an existing hardware configuration, the next step is to load the current configuration to the device. This ensures that the same configuration is set on the programming device/PC and on the module that is physically present. Use the "Online > Download to device (Page 372)" menu command for this. In the first download, the complete hardware configuration is downloaded. In subsequent downloads, only changes to the hardware configuration are downloaded. You have the following options for loading the hardware configuration: Loading in the device or network view Loading in the project tree Loading to an accessible device 1704 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks WARNING Perform load operation only in STOP mode Following loading, the machine or process may behave unexpectedly if the parameter assignment is incorrect. A CPU must be set to STOP mode for the load operation to rule out possible damage to equipment or personal injury. Special considerations for loading isochronous applications Isochronous applications consist of a hardware configuration part and a software part. Example: If you change the number of an IO system, the delay time, or the assignment of a process image partition of the isochronous I/O in the hardware configuration, this affects the parameters of the isochronous mode interrupt OB and thus also the software part. With isochronous applications, you should always load the complete project (hardware and software). With partial loading (loading hardware and software separately at different times), inconsistencies can arise that, for example, can prevent CPU startup or isochronous operation of the application. See also General information on loading (Page 370) Loading a configuration to PG/PC General information on loading to PG/PC Introduction If you bring your PG/PC to a plant and the STEP 7 project used to create the configuration of this plant is not available, load the configuration to a new project on your PG/PC, for example. Use the "Online > Loading the device as new station (hardware and software) (Page 376)" menu command for this. The list of accessible devices in the project tree is always used when loading a device to your programming device. You can select multiple devices and load them to the project at the same time. Requirements The hardware configuration in the device must be created in TIA Portal, V12 or higher. A hardware configuration present in the device that was created with an older version cannot be loaded and must be upgraded. Modules present in the device from GSD (ML), HSPs, or service packs must be installed in TIA Portal on the PG/PC. WinCC Advanced V14 System Manual, 10/2016 1705 Editing devices and networks 10.1 Configuring devices and networks A project must be open. This project can be a new (empty) project or an existing project. The opened project is in offline mode. Scope of load operation The following list shows an overview of the loadable components of a configuration: The device (e.g., a CPU) with all I/O modules and all parameter settings PROFIBUS master systems and all PROFIBUS-relevant settings PROFINET IO systems and all PROFINET-relevant settings I devices and I slaves Settings for direct data exchange After loading a CPU, all other modules within the address area of the CPU are also loaded. The following connections are also loaded when the configuration is loaded: S7 connections (including routed connections) in combined PB/IE networks, including via IE-CP or PB-CM interfaces. S7 connections are automatically accepted as configured at one end when a device configuration is loaded, even if the S7 connection was configured at both ends in the original project. When both connection partners are loaded, the connection is joined together again during the next compilation. TCP connections via CPU-internal Ethernet interface, UDP/ISOonTCP connections, and TCP, UDP, ISO, and ISOonTCP connections via IE-CP interface Connections via the OUC connection parameter assignment for projects from STEP 7 V13 and higher Note The hardware configuration loaded to PG/PC is not completely identical to the configuration originally loaded to the device. Note the additional information on loading, in particular with regard to partially loaded configuration data in the case of cross-device communication. Loading PC systems, such as WinAC or PC-based automation, is not possible. See also General information on loading (Page 370) 1706 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Loading specific device configurations Information on loading When device configurations are loaded to the PG/PC, all assigned parameters are transferred from the device to the project. If the CPU is connected to a subnet, all parameters of the device are loaded and the CPU is displayed in the network view as networked. Note CPUs reset to their factory settings do not have any hardware configuration. Therefore, nothing is loaded in this case after "Load to PG/PC" is selected in the "Online" menu. Loading S7-300/400 configurations To avoid conflicts when loading a device to an existing project, the following rules must be followed: Device names for CPUs, PROFIBUS slaves (DP slaves, I-slaves) and PROFINET devices (IO devices, I devices) must be unique The combination of network name, subnet ID, and IP/DP address for modules must be unique If conflicts occur, the load operation is canceled and an alarm provides information about the problems that occurred. You can then adapt the project correspondingly or install missing components and then repeat the load operation. Alarm configurations are not loaded to PG/PC. Loading S7-1200/1500 configurations Take the following into consideration when loading: CPUs of the S7-1200 series with firmware version V1.0 are not supported when loading. Device-specific diagnostic interrupts of the S7-1200 are not supported when loading. For device-specific diagnostic interrupts of the S7-1200 to be generated on the PG/PC once again, the hardware configuration must be compiled once again. Module comments of the S7-1200/1500 are loaded from the device to the PG/PC if the same project language is set that was used during loading to the device. You can deselect the loading of comments, if desired. Note All types of PC systems, such as WinAC, Embedded Controller, CP 1616 or PC CPs, do not support loading to PG/PC. WinCC Advanced V14 System Manual, 10/2016 1707 Editing devices and networks 10.1 Configuring devices and networks Loading distributed I/O The following functionalities and settings of the distributed I/O are loaded: DP master systems/IO systems with associated DP masters/IO controllers (CPUs and CPs), DP slaves/IO devices, the utilized modules and their parameter assignment and properties, such as options handling, status bytes, or SYNC/FREEZE Connection of process image partitions (PIP) to organization blocks (OB). Applies to the module and OB properties Configured hardware interrupts with the associated properties DP master systems with I-slave CPs as PROFIBUS I-slave or PROFINET I-device Direct data exchange Master-slave relationships between the I-slave/I-device and assigned DP master/IO controller are only established in the project if both the master as well as the I-slave are loaded to the PG. It does not matter whether you load the DP master/IO controller or the I-slave/I-device first. As soon as both devices are loaded, the master-slave/controller-device relationships will also be re-established. Loading subnets and devices with MPI, PROFIBUS, Ethernet, and PtP The following special considerations apply to loading subnets and end points of connections for MPI, PROFIBUS, Ethernet, and PtP with their respective connection properties: If a device with PROFIBUS interface is loaded, the bus parameters of the device will initially be different from the settings in the original project. The bus parameters will only match those of the original project after all devices involved are loaded and no additional devices are on the same bus. Passive communication devices that are not connected as DP slaves or IO devices to a corresponding master system or IO system do not participate in the data exchange. They are therefore not loaded. All devices involved should therefore be loaded for cross-device configurations. A warning is output during compiling of the project for missing network stations. Missing routing information due to communication stations that are not loaded is displayed as warning during compilation. If the configuration is loaded from the PG/PC back to the device, different routing information results. When you compile the project after loading devices to the PG/PC, STEP 7 checks if all devices to which communication relationships have been configured are available. If devices are missing, you receive an alarm with the number of missing communication stations. NOTICE Cross-device communication When you load a configuration with cross-device communication to the PG/PC, you must also load all corresponding network stations to the PG/PC. If required network stations are missing and the configuration is loaded back to the device, there is no guarantee that cross-device communication is working again. 1708 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Loading configurations with web server Information on loading The hardware configuration of a CPU also contains the Web server settings. A number of restrictions apply to loading a Web server configuration to the PG/PC: The assignment of the Web server language and project language is not loaded for S7-300/400. The project texts are not loaded and an alarm is output that no project languages are assigned. The languages assigned in STEP 7 are loaded without restriction for S7-1200/1500 CPU. User administration data of the S7-1200/1500 can be loaded but not edited. You can use a check box to select whether you want to use the existing data as read-only data or discard these data and enter new data. Watch tables of the Web server are not loaded. The source files of the user-defined web pages (HTML pages, Java scripts, etc.) are not loaded. The program blocks generated during loading can only be edited if you enter the properties and the HTML page yourself. See also Information about the web server (Page 1026) Loading configurations with PROFIBUS Information on loading A DP master is loaded to PG/PC. The DP master system and all connected DP slaves are inserted into the project. The respective settings remain unchanged. If a suitable PROFIBUS subnet has already been created, the loaded devices with PROFIBUS interface are connected to the existing subnet. As a prerequisite for loading DP master systems with standard slaves, the corresponding GSD files must be installed in the TIA Portal and available in the hardware catalog. If a required GSD file is not available in the same version as in the device, differences are identified during the consistency check. Note Direct data exchange in a configuration is only loaded if all communication partners involved in the direct data exchange are loaded to the PG/PC. WinCC Advanced V14 System Manual, 10/2016 1709 Editing devices and networks 10.1 Configuring devices and networks Isochronous mode Note the following when loading DP master systems with activated PROFIBUS functionality "Isochronous mode": Bus parameters and the settings for isochronous mode are only identical after the device is loaded to the PG/PC if all devices relevant for calculation of isochronous mode are loaded. Only mono-master systems with isochronous mode are supported. Therefore, only configurations with just one DP master on the PROFIBUS subnet are loaded. I-slave Master-slave relations between DP master and I slave are only established in the project if both the DP master and the I slave are downloaded to the PG. It does not matter whether you load the DP master or the I-slave first. If you load the DP master from a DP master system with connected I-slave, the DP master and its DP slaves are loaded. An I-slave proxy is loaded as dummy module for an involved I-slave. For I-slave proxy devices: DP master can be complied and loaded Properties are displayed but cannot be changed Diagnostics in the project tree is not carried out In the network view, proxy devices are represented with a question mark: It is possible to load a DP master with connected I-slave proxy from the PG/PC to the device. Replacing the I-slave proxy In order to edit the I-slave in the project, you must load the I-device from the device to the PG/ PC. The I-slave proxy is hereby replaced by the full I-slave with its subordinate DP slaves. You have the following options for replacing the I-slave proxy with the corresponding I-slave: In the menu bar with the command "Online >Upload device as new station (hardware and software) With selected I-slave proxy using the shortcut menu command "Upload from device > Hardware and software". In the toolbar with the button "Upload from device". Note The replacement of I-slave proxy devices is only possible if the required I-device is available in the hardware catalog. I-slaves protected by a password are not loaded. 1710 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Loading configurations with PROFINET Information on loading If you have selected a CPU in the list of accessible devices and perform an load operation to PG/PC, all IO controllers and IO devices associated with this device along with their IO systems will be loaded. Settings for the topology are also transferred. If there is already a suitable Ethernet network in the project, the loaded devices are integrated into the existing network. Relationships between the IO controllers and IO devices are only established within the project if both the IO controller as well as the I-device are loaded to the PG. It does not matter whether you load the IO controller or the I-devices first. Supported functions The following functionalities and settings are loaded: PROFINET configurations (RT and IRT) in IO systems with the associated IO controllers (CPUs and CPs), IO devices, and the modules used Logical addresses and interface properties Port interconnections Isochronous mode Sync domains/MRP domains Redundancy role "Client" or "Manager" for MRP configurations Note Empty Sync domains and MRP domains are not included in the loading. GSD-based IO devices As a prerequisite for loading GSD-based IO devices, the corresponding GSD files must be installed in the TIA Portal and available in the hardware catalog. If a required GSD file is not available in the same version as in the device, differences are identified during the consistency check. WinCC Advanced V14 System Manual, 10/2016 1711 Editing devices and networks 10.1 Configuring devices and networks I-device If you load the IO controller from an IO system with connected I-device, the IO controller and its IO devices will be loaded. An I-device proxy is loaded as dummy module for an involved Idevice. The CPU parameter assignment, including the parameter assignment of the CPU's "own" (subordinate) IO system, is missing in the I-device proxy. Only the interface to the higherlevel IO controller is loaded. 6,0$7,&&38&3 ,2FRQWUROOHU HJ(7 ,QGXVWULDO(WKHUQHW 352),1(7,2 HJ(7 ,2GHYLFH ,2GHYLFH ,GHYLFH SUR[\ 6,0$7,&&38&3 DV,GHYLFH +LJKOHYHO ,2V\VWHP /RDGHG,2V\VWHPZLWK ,GHYLFHSUR[\ ,2GHYLFH ,2FRQWUROOHU 8VHUSURJUDP LQWHOOLJHQWSUHSURFHVVLQJ HJ(7 HJ(7 ,2GHYLFH ,QGXVWULDO(WKHUQHW 352),1(7,2 ,2GHYLFH 8QORDGHGORZHUOHYHO,2 V\VWHP /RZHUOHYHO ,2V\VWHP For I-device proxy devices: IO controller can be compiled and loaded Properties are displayed but cannot be changed Diagnostics in the project tree is not carried out In the network view, proxy devices are represented with a question mark: 1712 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks It is possible to load an IO controller with connected I-device proxy from the PG/PC to the device. Replacing the I-device proxy In order to edit the I-device in the project, you must load the I-device from the device to the PG/PC. This replaces the I-device proxy with the complete I-device along with its subordinate IO devices. You have the following options for replacing the I-device proxy with the corresponding I-device: In the menu bar with the command "Online >Upload device as new station (hardware and software) With selected I-device proxy using the shortcut menu command "Upload from device > Hardware and software". In the toolbar with the button "Upload from device". Note The replacement of I-device proxy devices is only possible if the required I-device is available in the hardware catalog. I-devices protected by a password are not loaded. An I-device proxy representing a SIMOTION I-device cannot be loaded and replaced. Configurations with IE/PB link If one of the following configurations with IE/PB Link PN IO as PROFINET IO device is present, the complete configuration with all subordinate PROFIBUS devices is loaded: CPU/CP of S7-300/400 PC station and connected PROFIBUS master system The complete configuration consists of the following: CPU CP configuration PROFINET IO system with connected IE/PB link PROFIBUS master system of the IE/PB link with connected DP slaves An example configuration consists of an S7-300 CPU with a CP as PROFINET IO controller. An IE/PB link as IO device is connected to the IO controller. As the PROFIBUS DP master, the IE/PB link polls a PROFIBUS DP slave, e.g., ET 200L. If you load the CPU from the device to the PG/PC, the complete configuration is loaded. Note If the IE/PB link is not operated as a PROFINET IO proxy but rather as a gateway in standard mode, the IE/PB link functions as a CPU and can be loaded separately. WinCC Advanced V14 System Manual, 10/2016 1713 Editing devices and networks 10.1 Configuring devices and networks Loading Shared Devices The following applies to loading comments: If an input/output module with the Module-internal Shared Input (MSI) or Module-internal Shared Output (MSO) function consists of only one submodule, the submodule does not have its own comment. Instead, it uses the comment of the input/output module. The module must be subdivided into several submodules for the input/ output module and all submodules to have their own comment fields. Loading HMI devices Information on loading We distinguish between the following cases when loading HMI devices to PG/PC: HMI devices connected to a DP master as DP slave or to an IO controller as IO device are loaded as DP slave or IO device respectively (for example, PP 17-I PROFIsafe). HMI devices in a master system as I-slave or in an IO system as I-device are loaded as Islave proxies or I-device proxies (Page 1711) (for example, SIMATIC Comfort Panels). The settings of the device proxy are read-only. HMI devices are not loaded if they are connected to a subnet (PROFIBUS or PROFINET) but not to a master system or IO system (for example, KP600 Basic color DP). Going online with loaded configurations You can go online with the loaded project or with loaded portions of the project. Requirement The hardware configuration loaded from the device to the PG/PC has been compiled. The statuses of the central and distributed modules are only correctly displayed after compilation. Note If you go online before compiling, the diagnostics icon "?" is displayed (diagnostics not possible). A corresponding alarm is displayed under "Info > General" in the Inspector window. 1714 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Dependencies Depending on how completely the hardware configuration was loaded to the PG, restrictions apply to going online and to diagnostics: Completely loaded device with all associated central and distributed modules, such as DP slaves or IO devices: Going online and diagnostics are possible. Loaded device with connected I-devices/I-slaves: - I device/I slave is not loaded: Going online for the device and its modules is possible. For the dependent components of the configuration that are not loaded, device proxies are handled with only minimum diagnostics support. The online status is represented as an icon. The standard diagnostics is shown in the online and diagnostics view. I&M data are not loaded. - I device/I slave is also loaded: Going online is possible for all devices; diagnostics is fully supported. 10.1.5 Additional information on configurations 10.1.5.1 Identification systems RFID systems Ident profile and Ident blocks You will find detailed information on the Ident profile in the manual "Ident Profile and Ident Blocks, Standard Function for Ident Systems" on the pages of "Product Support (http:// support.automation.siemens.com/WW/view/en/10805817)". WinCC Advanced V14 System Manual, 10/2016 1715 Editing devices and networks 10.1 Configuring devices and networks Programming Ident blocks Basic blocks Read The "Read" block reads the user data from the transponder and enters this in the "IDENT_DATA" buffer. The physical address and the length of the data are transferred using the "ADR_TAG" and "LEN_DATA" parameters. With the RF68xR readers, the block reads the data from memory bank 3 (USER area). Specific access to a certain transponder is made with the "EPCID_UID" and "LEN_ID". Figure 10-16 "Read" block Table 10-103 Explanation of the "Read" block Parameter Data type Default values Description ADR_TAG DWord DW#16#0 Physical address on the transponder where the read starts. You will find more information on addressing in the section "AUTOHOTSPOT". With MV: The length of the read code is located starting at address "0" (2 bytes). The read code is located start ing at address "2". 1) LEN_DATA Word W#16#0 Length of the data to be read LEN_ID Byte B#16#0 Length of the EPC-ID/UID Default value: 0x00 unspecified sin gle tag access (RF680R, RF685R) 1716 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Data type EPCID_UID Array[1...62] of Byte 0 Default values Description Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] ("LEN_ID = 8") Default value: 0x00 unspecified sin gle tag access (RF620R, RF630R, RF640R) IDENT_DATA Any / Variat 0 Data buffer in which the read data is stored. Note: For Variant, currently only an "Ar ray_of_Byte" with a variable length can be created. For Any, other data types/ UDTs can also be created. 1) You will find further information on working with code reader systems in the operating instructions "SIMATIC MV420 / SIMATIC MV440". Read_MV The "Read_MV" block reads out the read result of a camera. The length of the data to be read is calculated automatically by the camera based on the length of the created receive buffer. The actual length of the read result is output in the "LEN_DATA" output parameter. The data will be saved in the "IDENT_DATA" data buffer. If the buffer is too small, the error message "0xE7FE0400" appears and the expected length is output at "LEN_DATA". To achieve an optimum speed, we recommend that you adapt the length of the data type "IDENT_DATA" so that this is as close as possible to the maximum expected length of the read result (2 bytes code length + read code). Figure 10-17 "Read_MV" block WinCC Advanced V14 System Manual, 10/2016 1717 Editing devices and networks 10.1 Configuring devices and networks Table 10-104 Explanation of the "Read_MV" block Parameter Data type Default values Description IDENT_DATA Any / Variant 0 Read result The length of the read code is located in bytes 0 and 1. LEN_DATA Word W#16#0 Length of the read result 2 bytes code length + read code Note: For Variant, an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. Reset_Reader The "Reset_Reader" block can currently only be used in conjunction with the RF680R and RF685R readers or the RF120C communications module with a reader connected. Using the "Reset_Reader" block, you can reset all reader types of the Siemens RFID systems. All the readers are reset to the settings stored in the device configuration of the RF120C or that were configured in the RF68x reader using the WBM. The "Reset_Reader" block does not have any device-specific parameters and is executed using the "EXECUTE" parameter. You will find descriptions of other Reset blocks for operation with the communications modules RF180C and ASM 456 or code reader systems in the section "AUTOHOTSPOT". With the "Reset_Reader" block and the other reset blocks, you can interrupt any active Ident block at any time. These blocks are then ended with "DONE = true" and "ERROR = false". Figure 10-18 "Reset_Reader" block 1718 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Set_MV_Program With the aid of the "Set_MV_Program" block, you can change the program in a camera. The required program number is transferred using the "PROGRAM" parameter. Figure 10-19 "Set_MV_Program" block Table 10-105 Explanation of the "Set_MV_Program" block Parameter Data type Default values Description PROGRAM Byte B#16#1 Program number Range of values: 0x01 ... 0x0F Write The "Write" block writes the user data from the "IDENT_DATA" buffer to the transponder. The physical address and the length of the data are transferred using the "ADR_TAG" and "LEN_DATA" parameters. With the RF68xR readers, the block writes the data to memory bank 3 (USER area). Specific access to a certain transponder is made with the "EPCID_UID" and "LEN_ID". Figure 10-20 "Write" block WinCC Advanced V14 System Manual, 10/2016 1719 Editing devices and networks 10.1 Configuring devices and networks Table 10-106 Explanation of the "Write" block Parameter Data type Default values Description ADR_TAG DWord DW#16#0 Physical address on the transponder where the write starts. You will find more information on addressing in the section "AUTOHOTSPOT". With MV: Address is always 0. 1) LEN_DATA Word W#16#0 Length of the data to be written LEN_ID Byte B#16#0 Length of the EPC-ID/UID Default value: 0x00 unspecified sin gle tag access (RF680R, RF685R) EPCID_UID Array[1...62] of Byte 0 Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] (LEN_ID = 8) Default value: 0x00 unspecified sin gle tag access (RF620R, RF630R, RF640R) IDENT_DATA Any / Variant 0 Data buffer with the data to be written. With MV: The first byte encodes the corresponding MV command.1) Note: For Variant, currently only an "Ar ray_of_Byte" with a variable length can be created. For Any, other data types/ UDTs can also be created. 1) You will find further information on working with code reader systems in the operating instructions "SIMATIC MV420 / SIMATIC MV440". Extended blocks Config_Upload/-_Download Using the "Config_Upload" and "Config_Download" blocks, you can read out ("Config_Upload") or write ("Config_Download") the configuration of the RF680R/RF685R readers via the control program. The configuration data is not interpretable data. Save the data on the controller so that it can be written to the reader again if a device is replaced. Bytes 6-9 (see table below) contain a configuration ID with a unique version identifier. With the configuration ID, when performing a 1720 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Config Upload", you can check whether the configuration data read matches the configuration data stored on the controller. The configuration data has the following structure: Table 10-107 Structure of the configuration data Byte Name 0 Structure identifier (2 bytes) 2 Length information (4 bytes) Length of the version identifier and parameter block 6 Version identifier (4 bytes) Based on the identifier, you can uniquely identify the configuration. This is a time stamp in Linux format. The time stamp indicates how many seconds have passed since Janu ary 1, 1979, 00:00 (midnight). The identifier is assigned when a config uration is generated. 10 ... "DATA" end Parameter block "Config_Upload/Config_Download" can be executed on every channel of the RF680R/ RF685R. It is always the same configuration data that is transferred. Figure 10-21 "Config_Upload" block Table 10-108 Explanation of the "Config_Upload" block Parameter Data type Description DATA Any / Variant Data buffer for configuration data. The real length of the data depends on the com plexity of the configuration and the firmware ver sion of the reader. With a standard configuration of the RF680R/RF685R reader, we recommend a memory size of 4 KB. If you use advanced read er configurations (filtering) or want to change the configuration in the future without needing to adapt the memory size of "DATA", we recom mend a memory size of 8-16 KB. Note: For Variant, currently only an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. WinCC Advanced V14 System Manual, 10/2016 1721 Editing devices and networks 10.1 Configuring devices and networks Figure 10-22 "Config_Download" block Table 10-109 Explanation of the "Config_Download" block Parameter Data type Description DATA Any / Variant Data buffer for configuration data. The real length of the data depends on the com plexity of the configuration and the firmware ver sion of the reader. With a standard configuration of the RF680R/RF685R reader, we recommend a memory size of 4 KB. If you use advanced read er configurations (filtering) or want to change the configuration in the future without needing to adapt the memory size of "DATA", we recom mend a memory size of 8-16 KB. Note: For Variant, currently only an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. Inventory The "Inventory" block activates the taking of inventories. With the RF620R and RF630R readers, inventories are always taken as soon as the antenna is turned on. The "NUMBER_TAGS" output parameter is used to output the number of identified transponders. Special feature of the RF680R, RF685R readers Note that the length of the data buffer ("IDENT_DATA") must correspond to at least the length of the maximum expected data. If more transponders are identified and data read out than have space in the assigned buffer length of "IDENT_DATA", the data of these transponders is lost. This reaction is indicated by the error "E7FE0400h" (buffer overflow). For the RF680R and RF685R readers, the parameters "DURATION" and "DUR_UNIT" are also available. Using the parameters, you can specify the duration of the inventories. 1722 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks With the RF680R/RF685R readers. there are four different modes that you can select with the "ATTRIBUTE" parameter. At the start, a certain duration/number (period of time, number of inventories, number of "observed" events or identified transponders) is specified. A distinction is made between the following options: - Duration Take inventories for a specified period of time - Number of inventories Take a specified number of inventories - Number of "observed" events Take inventories until a specified number of transponders have been identified at the same time. Inventories are then taken by the reader for this time or number of inventories. When the specified time/number is reached, the block is ended and returns all identified transponders in "IDENT_DATA". In other words, other commands can only be executed when all inventories have been taken completely. The unit (time or number) is specified using "DUR_UNIT" and the value (time value or number) using "DURATION". This mode can be executed using the attributes "0x80" and "0x81". Depending on the attribute, more or less data is supplied about the identified transponders. With the attributes "0x86" (start "Presence_Mode") and "0x87" (end "Presence_Mode"), inventories can be taken permanently. The presence of a transponder can then always be queried using "PRESENCE" without needing to start the block with "EXECUTE". No information about the identified transponders is returned when the command executes! To obtain information about the identified transponders, use one of the two calls listed above (with time / number of inventories = 0). When this mode is active, commands relating to transponders are not executed immediately but only when a transponder is identified. This achieves shorter reaction times since the command is already pending when the transponder enters the antenna field. The "Presence_Mode" is practical in the context of the "Repeat command" function. The "NUMBER_TAGS" output parameter is used to output the number of identified transponders. Figure 10-23 "Inventory" block WinCC Advanced V14 System Manual, 10/2016 1723 Editing devices and networks 10.1 Configuring devices and networks Table 10-110 Explanation of the "Inventory" block Parameter Data type Default values Description ATTRIBUTE Byte B#16#0 Selecting the status mode: RF300, MOBY U: 0x00 RF620R, RF630R: 0x82 (read out next data record), 0x83, 0x85, 0x90, 0x91, 0x92 RF680R, RF685R: 0x80, 0x81, 0x86, 0x87 DURATION Word W#16#0 RF680R, RF685R: Duration dependent on "DUR_UNIT" Period of time or number of inventories or number of "Observed" events Example: 0x00 no inventory 0x01 one inventory DUR_UNIT Word W#16#0 RF680R, RF685R: Unit for "DURATION" 0x00 time [ms] 0x01 inventories 0x02 number of "Observed" events IDENT_DATA Any / Variant 0 Data buffer for inventory data Note: For Variant, an "Array_of_Byte" with a variable length and the existing status UDTs can be created. For Any, other data types/UDTs can also be created. NUMBER_TAGS Int 0 Number of transponders in the antenna field LEN_DATA Word W#16#0 Length of the valid data Results for MOBY U Table 10-111 ATTRIBUTE "0x00" ("IID_INVENTORY_00_MOBY_U" data type) Name Type Comment number_MDS WORD Number of MDS UID_length WORD length of UID UID ARRAY[1..12] of IID_IN_I_8BYTE UID[1] IID_IN_I_8BYTE UID ARRAY[1..8] of BYTE 1724 UID[1] BYTE UID[2] BYTE WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name Type UID[3] BYTE UID[4] BYTE UID[5] BYTE UID[6] BYTE UID[7] BYTE UID[8] BYTE UID[2] "IID_IN_I_8BYTE" UID[3] "IID_IN_I_8BYTE" UID[4] "IID_IN_I_8BYTE" UID[5] "IID_IN_I_8BYTE" UID[6] "IID_IN_I_8BYTE" UID[7] "IID_IN_I_8BYTE" UID[8] "IID_IN_I_8BYTE" UID[9] "IID_IN_I_8BYTE" UID[10] "IID_IN_I_8BYTE" UID[11] "IID_IN_I_8BYTE" UID[12] "IID_IN_I_8BYTE" Comment Results for RF620R, RF630R Table 10-112 ATTRIBUTE "0x83" ("IID_INVENTORY_82_83_RF600" data type) for RF620R, RF630R with EPC-ID/UID Name Type reserved0 BYTE number_MDS BYTE EPC ARRAY[1..19] of "IID_IN_I_12BYTE" EPC[1] ID ARRAY[1..12] of BYTE BYTE ID[2] BYTE ID[3] BYTE ID[4] BYTE ID[5] BYTE ID[6] BYTE ID[7] BYTE ID[8] BYTE ID[9] BYTE ID[10] BYT ID[11] BYTE ID[12] BYTE WinCC Advanced V14 System Manual, 10/2016 Number of MDS "IID_IN_I_12BYTE" ID[1] EPC[2] Comment "IID_IN_I_12BYTE" 1725 Editing devices and networks 10.1 Configuring devices and networks Name Type EPC[3] "IID_IN_I_12BYTE" EPC[4] "IID_IN_I_12BYTE" EPC[5] "IID_IN_I_12BYTE" EPC[6] "IID_IN_I_12BYTE" EPC[7] "IID_IN_I_12BYTE" EPC[8] "IID_IN_I_12BYTE" EPC[9] "IID_IN_I_12BYTE" EPC[10] "IID_IN_I_12BYTE" EPC[11] "IID_IN_I_12BYTE" EPC[12] "IID_IN_I_12BYTE" EPC[13] "IID_IN_I_12BYTE" EPC[14] "IID_IN_I_12BYTE" EPC[15] "IID_IN_I_12BYTE" EPC[16] "IID_IN_I_12BYTE" EPC[17] "IID_IN_I_12BYTE" EPC[18] "IID_IN_I_12BYTE" EPC[19] "IID_IN_I_12BYTE" Comment Note Number of EPC-IDs "number_MDS" specifies the number of EPC-IDs (1 to 19) transferred with the "INVENTORY" block. To receive the handle IDs of all transponders located in the antenna field, it may be necessary to run the "INVENTORY" block again with ATTRIBUTE "0x82". Table 10-113 ATTRIBUTE "0x83", "0x90", "0x91" and "0x92" ("IID_INVENTORY_8x_9x_RF6_MD" data type) for RF620R, RF630R with handle ID Name Type reserved BYTE number_MDS BYTE UID ARRAY[1..29] of "IID_IN_I_8BYTE" UID[1] UID 1726 Comment Number of MDS "IID_IN_I_8BYTE" ARRAY[1..8] of BYTE UID[1] BYTE UID[2] BYTE UID[3] BYTE UID[4] BYTE UID[5] BYTE UID[6] BYTE UID[7] BYTE WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name Type UID[8] Comment BYTE UID[2] "IID_IN_I_8BYTE" UID[3] "IID_IN_I_8BYTE" UID[4] "IID_IN_I_8BYTE" UID[5] "IID_IN_I_8BYTE" UID[6] "IID_IN_I_8BYTE" UID[7] "IID_IN_I_8BYTE" UID[8] "IID_IN_I_8BYTE" UID[9] "IID_IN_I_8BYTE" UID[10] "IID_IN_I_8BYTE" UID[11] "IID_IN_I_8BYTE" UID[12] "IID_IN_I_8BYTE" UID[13] "IID_IN_I_8BYTE" UID[14] "IID_IN_I_8BYTE" UID[15] "IID_IN_I_8BYTE" UID[16] "IID_IN_I_8BYTE" UID[17] "IID_IN_I_8BYTE" UID[18] "IID_IN_I_8BYTE" UID[19] "IID_IN_I_8BYTE" UID[20] "IID_IN_I_8BYTE" UID[21] "IID_IN_I_8BYTE" UID[22] "IID_IN_I_8BYTE" UID[23] "IID_IN_I_8BYTE" UID[24] "IID_IN_I_8BYTE" UID[25] "IID_IN_I_8BYTE" UID[26] "IID_IN_I_8BYTE" UID[27] "IID_IN_I_8BYTE" UID[28] "IID_IN_I_8BYTE" UID[29] "IID_IN_I_8BYTE" reserved1 DWORD Data ARRAY[1..222] of BYTE Note Number of handle IDs "number_MDS" specifies the number of handle IDs (1 to 29) transferred with the "INVENTORY" block. To receive the handle IDs of all transponders located in the antenna field, it may be necessary to run the "INVENTORY" block again with ATTRIBUTE "0x82". WinCC Advanced V14 System Manual, 10/2016 1727 Editing devices and networks 10.1 Configuring devices and networks Table 10-114 ATTRIBUTE "0x85" ("IID_INVENTORY_85_RF600" data type) Name Type reserved BYTE number_MDS STRUCT ID BYTE ID[1] Handle ARRAY[1..8] of BYTE BYTE Handle[2] BYTE Handle[3] BYTE Handle[4] BYTE Handle[5] BYTE Handle[6] BYTE Handle[7] BYTE Handle[8] BYTE ARRAY[1..12] of BYTE EPC[1] BYTE EPC[2] BYTE EPC[3] BYTE EPC[4] BYTE EPC[5] BYTE EPC[6] BYTE EPC[7] BYTE EPC[8] BYTE EPC[9] BYTE EPC[10] BYTE EPC[11] BYTE EPC[12] BYTE ID[2] "IID_IN_I_20Byte" ID[3] "IID_IN_I_20Byte" ID[4] "IID_IN_I_20Byte" ID[5] "IID_IN_I_20Byte" ID[6] "IID_IN_I_20Byte" ID[7] "IID_IN_I_20Byte" ID[8] "IID_IN_I_20Byte" ID[9] "IID_IN_I_20Byte" ID[10] "IID_IN_I_20Byte" ID[11] "IID_IN_I_20Byte" 1728 Number of MDS BYTE Handle[1] EPC Comment WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Number of IDs transferred "number_MDS" specifies the number of IDs (1 to 11 handle IDs and EPC-IDs) transferred with the "INVENTORY" block. To receive the IDs of all transponders located in the antenna field, it may be necessary to run the "INVENTORY" block again with ATTRIBUTE "0x82". You will find more detailed information on the individual status modes in the manuals matching the modes "FB 45", "FB55" and "SIMATIC RF620R/RF630R". The identifiers of the status modes correspond to the following identifiers in the other manuals: 0x82 0x83 0x85 0x90 0x91 0x92 0x02 0x03 0x05 0x10 0x11 0x12 Programming ATTRIBUTE "0x82" If the number of transponders in the antenna field is unknown, repeat the "INVENTORY" block with the ATTRIBUTE = "0x82". 6WDUW,19(1725<ZLWK $775,%87( [[ [[[ QXPEHUB0'6 LQ$775,%87( ; QR DOO,'VDUH UHDGRXW \HV ,19(1725< UHSHDWZLWK $775,%87( [ * The number of returned IDs "X" depends on the "ATTRIBUTE" used. Figure 10-24 Program sequence of ATTRIBUTE "0x82" with unknown transponder populations WinCC Advanced V14 System Manual, 10/2016 1729 Editing devices and networks 10.1 Configuring devices and networks Results for RF680R, RF685R The number of "TAG_DATA[x]" elements of the data types of the ATTRIBUTES "0x80" and "0x81" depends on the number of transponders to be expected. For this reason, you need to assemble the receive buffer yourself. Not the following structure when creating the receive buffer :"IDENT_DATA"/data type: The first element "NUM_MDS" is always of the type "WORD". The next element "TAG_DATA" is always of the type "ARRAY". The number of transponders to be expected ("n") must be entered in the "ARRAY". The following tables show an example of the structure of the receive buffer "IDENT_DATA"/ data type for the ATTRIBUTES "0x80" and "0x81". Table 10-115 ATTRIBUTE "0x80" Name Type Comment NUM_MDS WORD Number of MDS TAG_DATA ARRAY[1..n]o f IID_IN_I_80 Length of EPC ID TAG_DATA[1] IID_IN_I_80 Reserved BYTE ID_Len BYTE Length of EPC ID EPC_ID ARRAY[1..62] of BYTE EPC-ID tagPC WORD TAG_DATA[2] IID_IN_I_80 ... ... TAG_DATA[n] IID_IN_I_80 Table 10-116 ATTRIBUTE "0x81" Name Type Comment NUM_MDS WORD Number of MDS TAG_DATA ARRAY[1..n] of IID_IN_I_81 TAG_DATA[1] 1730 IID_IN_1_81 reserved BYTE ID_LEN BYTE EPC length EPC_ID ARRAY[1..62] of BYTE EPC-ID tagPC WORD RSSI BYTE RSSI value MaxRSSI BYTE highest RSSI value MinRSSI BYTE lowest RSSI value channel BYTE channel; 1..15_ESTI; 1..53:FCC WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name 1) Type Comment antenna BYTE antenna; bit coded; Bit 0=antenna 1; Bit 1=antenna 2 polarization BYTE polarizatuin of antenna; 0=undefined; 1=circular time Time_OF_Day S7 time power BYTE power in dBm filterDataAvailable BYTE 0=false; 1=true Inventoried WORD 1) TAG_DATA[2] IID_IN_1_81 ... ... TAG_DATA[n] IID_IN_1_81 Indicates how often the transponder was identified via the air interface before it changed to the "Observed" status. Read_EPC_Mem The "Read_EPC_Mem" block reads data from the EPC memory of the RF600 transponder. The length of the EPC memory to be read out is specified by the "LEN_DATA" parameter. Figure 10-25 "Read_EPC_Mem" block Table 10-117 Explanation of the "Read_EPC_Mem" block Parameter Data type Description LEN_DATA Word Length of the EPC memory to be read out (1 ... 62 bytes) LEN_ID Byte Length of the EPC-ID/UID Default value: 0x00 unspecified single tag ac cess (RF680R, RF685R) WinCC Advanced V14 System Manual, 10/2016 1731 Editing devices and networks 10.1 Configuring devices and networks Parameter Data type Description EPCID_UID Array[1...62] of Byte Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] ("LEN_ID = 8") Default value: 0x00 unspecified single tag ac cess (RF620R, RF630R, RF640R) IDENT_DATA Any / Variant Data buffer in which the read EPC memory data is stored. Note: For Variant, currently only an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. Read_TID The "Read_TID" block reads data from the TID memory area (Tag Identification Memory Bank) of the RF600 transponder. The length of the TID to be read is specified by the "LEN_DATA" parameter. The length of the TID varies depending on the transponder and can be found in the transponder data sheet. Figure 10-26 "Read_TID" block Table 10-118 Explanation of the "Read_TID" block Parameter Data type Default values Description LEN_ID Byte B#16#0 Length of the EPC-ID/UID EPCID_UID Array[1...62] of Byte 0 Length of the EPC-ID/UID Default value: 0x00 unspecified sin gle tag access (RF680R, RF685R) 1732 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Data type Default values Description LEN_DATA Word W#16#4 Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] ("LEN_ID = 8") Default value: 0x00 unspecified sin gle tag access (RF620R, RF630R, RF640R) IDENT_DATA Any / Variant 0 Read TID Note: For Variant, currently only an "Ar ray_of_Byte" with a variable length can be created. For Any, other data types/ UDTs can also be created. Read_UID The "Read_UID" block reads the UID of an HF transponder. The UID always has a fixed length of 8 bytes. Figure 10-27 "Read_UID" block Table 10-119 Explanation of the "Read_UID" block Parameter Data type Description IDENT_DATA Any / Variant UID Note: For Variant, currently only an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. WinCC Advanced V14 System Manual, 10/2016 1733 Editing devices and networks 10.1 Configuring devices and networks Set_Ant With the aid of the "Set_Ant" block, you can turn antennas on or off. There are different blocks for RF300 and RF600. The "Set_Ant_RF300" block can also be used for RF200, MOBY D and MOBY U. The "Set_Ant_RF600" block relates only to the RF620R and RF630R readers. Set_Ant_RF300 Figure 10-28 "Set_Ant_RF300" block Table 10-120 Explanation of the "Set_Ant_RF300" block Parameter Data type Description ANTENNA Bool 0 = turn antenna off 1 = turn antenna on Set_Ant_RF600 Figure 10-29 "Set_Ant_RF600" block 1734 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-121 Explanation of the "Set_Ant_RF600" block Parameter Data type Description ANTENNA_1 Bool 0 = turn antenna 1 off 1 = turn antenna 1 on ANTENNA_2 Bool 0 = turn antenna 2 off 1 = turn antenna 2 on TAGLIST_INIT Bool 0 = TagList is reset 1 = the existing TagList continues to be used Set_Param With the "Set_Param" block, you can change UHF parameters on an RF680R/RF685R during runtime (e.g. the antenna power). Note Settings saved only temporarily Note that the parameters in the "Set_Param" block are only stored temporarily. If the power for the reader is interrupted, the stored values are lost and must be set again. Figure 10-30 "Set_Param" block Table 10-122 Explanation of the "Set_Param" block WinCC Advanced V14 System Manual, 10/2016 Parameter Data type Default values Description PARMID DWORD 0x00 Parameter identifier VALUE DWORD 0x00 Parameter value 1735 Editing devices and networks 10.1 Configuring devices and networks Table 10-123 Parameter values PARMID (hex) PARMID (ASCII) Parameter VALUE 0x41315057 A1PW Radiated power antenna 01 Range of values 0, 5 ... 33 0x41325057 A2PW Radiated power antenna 02 Increment 0.25 0x41335057 A3PW Radiated power antenna 03 0x41345057 A4PW Radiated power antenna 04 Radiated power of the antenna in dBm. Bytes 1 and 2 are not used, byte 3 represents the integer and byte 4 the decimal place. Example: A radiated power of 10.25 dBm represents a "VALUE" of "0x0A19". 0x41315452 A1TR RSSI threshold value antenna 01 Range of values 0 ... 255 0x41325452 A2TR 0x41335452 A3TR 0x41345452 A4TR RSSI threshold value antenna 02 Threshold value for RSSI. Trans RSSI threshold value antenna 03 ponders with lower values are dis carded. Value without unit without a RSSI threshold value antenna 04 direct relationship with the radiated power. 0x5331444C S1DL RSSI delta read point 1 Range of values 0 ... 255 0x5332444C S2DL RSSI delta read point 2 0x5333444C S3DL RSSI delta read point 3 0x5334444C S4DL RSSI delta read point 4 Difference for RSSI values. Trans ponders with lower values relative to the transponder with the highest RSSI value are discarded. Value without unit without a direct relation ship with the radiated power. 0x4131504F A1PO Polarization antenna 01 Range of values 0, 1, 2, 4 0x4132504F A2PO Polarization antenna 02 0x4133504F A3PO Polarization antenna 03 0x4134504F A4PO Polarization antenna 04 Polarization of the antenna (for intel ligent antennas e.g. internal anten na RF685R) 0: default, undefined 1: circular 2: vertical linear 4: horizontal linear Input is bit coded. Combinations are possible (adding values). 1736 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Write_EPC_ID The "Write_EPC_ID" block overwrites the EPC-ID of the RF600 transponder and adapts the length of the EPC-ID in the memory of the transponder. The new EPC-ID length to be written is specified with the "LEN_ID_NEW" parameter and the previous EPC-ID is specified using the "LEN_ID" and "EPCID_UID" parameters. Figure 10-31 "Write_EPC_ID" block Table 10-124 Explanation of the "Write_EPC_ID" block Parameter Data type Default values Description LEN_ID_NEW Byte W#16#0C Length of the current EPC-ID LEN_ID Byte B#16#0 Length of the previous EPC-ID EPCID_UID Array[1...62] of Byte 0 Previous EPC ID IDENT_DATA Any / Variant Current EPC ID 0 Note: For Variant, currently only an "Ar ray_of_Byte" with a variable length can be created. For Any, other data types/ UDTs can also be created. WinCC Advanced V14 System Manual, 10/2016 1737 Editing devices and networks 10.1 Configuring devices and networks Write_EPC_Mem The "Write_EPC_Mem" block overwrites the EPC memory of the RF600 transponder. The length of the EPC memory to be overwritten is specified by the "LEN_DATA" parameter. Figure 10-32 "Write_EPC_Mem" block Table 10-125 Explanation of the "Write_EPC_Mem" block Parameter Data type Description LEN_DATA Word Length of the EPC memory to be overwritten (1 ... 62 bytes) LEN_ID Byte Length of the EPC-ID/UID Default value: 0x00 unspecified single tag ac cess (RF680R, RF685R) EPCID_UID Array[1...62] of Byte Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] ("LEN_ID = 8") Default value: 0x00 unspecified single tag ac cess (RF620R, RF630R, RF640R) IDENT_DATA Any / Variant Data buffer with the EPC memory data to be over written. Note: For Variant, currently only an "Array_of_Byte" with a variable length can be created. For Any, other data types/UDTs can also be created. AdvancedCMD With the "AdvancedCmd" block, every command can be executed including commands not represented by other blocks. This general structure can be used for all commands and is intended only for trained users. 1738 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks This block allows you to send chained commands. To allow this, the block provides a CMD buffer for 10 commands. All chained commands must be entered starting at the first position in the buffer. For every chained command, the "chained bit" must also be set in the CMD structure. The "chained bit" is not set in the last command in the chain. You will find further information on the "chained bit" in the section "AUTOHOTSPOT". The entire command structure must be specified in the "CMD" input parameter. You create the structure for the "CMD" parameter in a data block. Figure 10-33 "AdvancedCmd" block Table 10-126 Explanation of the "AdvancedCmd" block Parameter Data type Default values CMDREF IID_CMD_STRUCT -- Description You will find a detailed description of the parameter in the sections: "AUTOHOTSPOT" "AUTOHOTSPOT" IDENT_DATA Any / Variant 0 Buffer for data to be written or read. Note: For Variant, currently only an "Ar ray_of_Byte" with a variable length can be created. For Any, other data types/ UDTs can also be created. Reset blocks The reset blocks described in this section are required when you want to operate the code reader systems MV420, MV440 or the communications modules RF180C, ASM 456 with a SIMATIC S7-1200/S7-1500 controller. As an alternative you can also use these blocks for the RF120C if you have selected the appropriate setting in the device configuration. In the system, these reset blocks have the same function as the "Reset_Reader" block described earlier. However, with the blocks described here, you need to set reader-dependent parameters. Remember that the default value will be used automatically if you do not select a value manually. WinCC Advanced V14 System Manual, 10/2016 1739 Editing devices and networks 10.1 Configuring devices and networks Reset_MOBY_D Figure 10-34 "Reset_MOBY_D" block Table 10-127 Explanation of the "Reset_MOBY_D" block Parameter Data type Default values Description TAG_CONTROL Bool True Presence check TAG_TYPE Byte 1 Transponder type: 1 = every ISO transponder RF_POWER Byte 0 Output power RF power from 0.5 W to 10 W in incre ments of 0.25 W (range of values: 0x02 ... 0x28) Reset_MOBY_U Figure 10-35 "Reset_MOBY_U" block 1740 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-128 Explanation of the "Reset_MOBY_U" block Parameter Data type Default values Description TAG_CONTROL Bool True Presence check DISTANCE Byte 23h Range limitation (range of values: 0x02 ... 0x23 or 0x82 ... 0xA3 for reduced transmit pow er) MULTITAG Byte 1 Maximum number of transponders that can be processed at the same time in the antenna field. (Range of values: 0x01 ... 0x12) SCAN_TIME Byte 0 Scanning time: Standby time of the transponder (range of values: 0x00 ... 0xC8) FCON Byte 0 field_ON_control: BERO mode (range of values: 0x00 ... 0x03) FTIM Byte 0 field_ON_time: Time for BERO mode (range of values: 0x00 ... 0xFF) Reset_MV To reset cameras of the code reader systems, call the block and activate the "EXECUTE" parameter. Figure 10-36 "Reset_MV" block Table 10-129 Explanation of the "Reset_MV" block Parameter Data type Description PROGRAM Byte Program selection B#16#0: Reset without program selection or in the case of diagnostics, the error code for "IN_OP = 0" is shown at the "STATUS" output parameter. B#16#1 ... B#16#15: Number of the program to be started Reset with program selection (as of firmware V5.1 of the MV4x0) WinCC Advanced V14 System Manual, 10/2016 1741 Editing devices and networks 10.1 Configuring devices and networks Reset_RF200 Figure 10-37 "Reset_RF200" block Table 10-130 Explanation of the "Reset_RF200" block Parameter Data type Default values Description TAG_CONTROL Byte 1 Presence check TAG_TYPE Byte 1 Transponder type: 1 = every ISO transponder 3 = MDS D3xx - optimization RF_POWER Byte 4 Output power; only relevant for RF290R RF power from 0.5 W to 5 W in incre ments of 0.25 W (range of values: 0x02 ... 0x14). Default value 0x04 1 W. Reset_RF300 Figure 10-38 "Reset_RF300" block 1742 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-131 Explanation of the "Reset_RF300" block Parameter Data type Default values Description TAG_CONTROL Byte 1 Presence check 0 = Off 1 = on 4 = presence (antenna is off. The antenna is turned on only when a Read or Write command is sent.) TAG_TYPE Byte 0 Transponder type: 1 = every ISO transponder 0 = RF300 transponder RF_POWER Byte 0 Output power; only relevant for RF380R RF power from 0.5 W to 2 W in incre ments of 0.25 W (range of values: 0x02 ... 0x08). Default value 0x00 1.25 W. Reset_RF600 Figure 10-39 "Reset_RF600" block WinCC Advanced V14 System Manual, 10/2016 1743 Editing devices and networks 10.1 Configuring devices and networks Table 10-132 Explanation of the "Reset_RF600" block Parameter Data type Default values Description TAG_CONTROL Bool True Presence check RADIO_PROFILE Byte 1 Scanning time: Wireless profile accord ing to EPC Global (range of values: 0x01 ... 0x09 depend ing on the reader variant) POWER_ANT1 Byte 0 Transmit power for antenna 1 or inter nal antenna (range of values: 0x00 ... 0x0F) POWER_ANT2 Byte 0 Transmit power for antenna 2 or exter nal antenna (range of values: 0x00 ... 0x0F) UID_HANDLE Bool False Meaning of the UID in the command: True = Handle ID, only the least signif icant 4 bytes of the UID are evaluated; False = UID/EPC-ID with a length of 8 bytes BLACK_LIST Bool False True = activate black list TAG_HOLD Bool False True = activate Tag Hold PARAM_SET Byte 0 Field_ON_Control (0 = fast; range of values: 0x00, 0x02) CHANNEL_PLAN Byte 0F Field_ON_Time (range of values: 0x00 ... 0x0F; ETSI only) MULTITAG Byte 1 Maximum number of transponders that can be processed at the same time in the antenna field. (Range of values: 0x01 ... 0x50) ISTM Bool False True = activate intelligent single tag mode SCAN NING_MODE Bool False True = activate scanning mode 1) 1) 1744 Is not currently possible with the Ident blocks. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Reset_Univ The "Reset_Univ" block is a universal reset block with which all identification systems can be reset. Use this block only after consulting Support. Figure 10-40 "Reset_Univ" block Table 10-133 Explanation of the "Reset_Univ" block Parameter Data type Description PARAM Array [1...16] of Byte Data for reset frame The data to be set here can be made available by Support when necessary for special settings. Table 10-134 Structure of the "PARAM" parameter WinCC Advanced V14 System Manual, 10/2016 Byte 1 2...5 6 7...8 9 10 11 12 13...14 15 16 Value 04h 0 0Ah 0 scan ning_ time param op tion_ 1 dis tance_ limiting Num ber of trans pond ers field_ on_ control field_ on_ time 1745 Editing devices and networks 10.1 Configuring devices and networks Status blocks Reader_Status The "Reader_Status" block reads status information from the reader. For the various reader families, there are different status modes that you can select using the "ATTRIBUTE" parameter. Figure 10-41 "Reader_Status" block Table 10-135 Explanation of the "Reader_Status" block Parameter Data type Default values Description ATTRIBUTE Byte B#16#81 Identifier of the status modes / possible entries: RF200: 0x81 RF300: 0x81, 0x86 RF620R, RF630R: 0x87, 0x88, 0xA0, 0xA1 RF680R, RF685R: 0x89 MOBY U: 0x81, 0x84, 0x85 MOBY D: 0x81 IDENT_DATA Any / Variant 0 Event values depending on attributes Note: For Variant, an "Array_of_Byte" with a variable length and the existing status UDTs can be created. For Any, other data types/UDTs can also be created. 1746 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Results Apply the correct data type that is assigned to the ATTRIBUTE value at the "IDENT_DATA" input of the block so that the data can be correctly interpreted. Table 10-136 ATTRIBUTE "0x81" ("IID_READER_STATUS_81_RF200_300_U" data type) Name Type Comment status_info BYTE SLG status mode hardware CHAR Type of hardware hardware_version WORD Version of hardware loader_version WORD Version of loader firmware CHAR Type of firmware firmware_version_HB BYTE Version of firmware firmware_version_LB BYTE driver CHAR Type of driver driver_version WORD Version of driver interface BYTE Type of interface (RS 232/RS 422) baud BYTE Baudrate reserved1 BYTE Reserved reserved2 BYTE Reserved reserved3 BYTE Reserved distance_limiting_SLG BYTE Distance limiting of SLG multitag_SLG BYTE Multitag SLG field_ON_control_SLG BYTE Field ON control field_ON_time_SLG BYTE Field On time sync_SLG BYTE Synchronization with SLG status_ant BYTE Status of antenne stand_by BYTE Time of standby after command MDS_control BYTE Presence mode Table 10-137 ATTRIBUTE "0x84" ("IID_READER_STATUS_84_MOBY_U" data type) Name Type Comment status_info BYTE SLG status mode number_MDS BYTE Range 1..24 UID ARRAY [1..24] of DWord WinCC Advanced V14 System Manual, 10/2016 1747 Editing devices and networks 10.1 Configuring devices and networks Table 10-138 ATTRIBUTE "0x86" ("IID_READER_STATUS_86_RF300" data type) Name Type Comment status_info BYTE SLG status mode FZP BYTE Error counter passive: distortion without communication ABZ BYTE Dropout counter CFZ BYTE Code error counter SFZ BYTE Signature error counter CRCFZ BYTE CRC-error counter BSTAT BYTE Status of last command ASMFZ BYTE Error counter for host interface (ASM) reserved0 ARRAY [1..20...] Table 10-139 ATTRIBUTE "0x87" ("IID_READER_STATUS_RF600" data type) Name Type Comment status_info BYTE SLG status mode hardware CHAR Type of hardware hardware_version WORD Version of hardware reserved0 WORD firmware CHAR Type of firmware firmware_version_HB BYTE Version of firmware highbyte firmware_version_LB BYTE Version of firmware lowbyte driver CHAR Type of driver current_time_hour BYTE Hours current_time_min BYTE Minutes current_time_sec BYTE Seconds reserved1 BYTE SLG_version BYTE SLG version baud BYTE Baudrate reserved2 BYTE distance_limiting_SLG BYTE Selected transmit power multitag_SLG BYTE Multitag SLG field_ON_control_SLG BYTE Selected comunication typ field_ON_time_SLG BYTE Selected channel expert_mode BYTE Expert mode status_ant BYTE Status of antenna 1748 1) 2) WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name Type Comment scanning_time_SLG BYTE Radio communication profile (country specific radio standart) MDS_control BYTE Presence mode 1) The internal time stamp of the reader that relates to this event is output. The internal reader time stamp is not synchronized with UTC. 2) The antenna status relates to the "ATTRIBUTE" (bits 0 and 1) of the last executed "SET-ANT" or to the default value set by "init-run". In "init_run" of the RF620R, the default value is "1" (int. antenna on), with the RF630R, it is "3" (antennas 1 and 2 on). Table 10-140 ATTRIBUTE "0x88" ("IID_READER_STATUS_88_RF600" data type) Name Type Comment status_info BYTE SLG-Status mode(Subcommand) hardware CHAR Type of hardware hardware_version WORD Version of hardware reserved_word1 WORD Reserved firmware CHAR Type of firmware firmware_version_HB BYTE Version of firmware (High-Byte) firmware_version_LB BYTE Version of firmware (Low-Byte) driver CHAR Type of driver current_time_hour BYTE Hours current_time_minute BYTE Minutes 1) current_time_sec BYTE Seconds 1) current_time_reservByte BYTE SLG_version BYTE SLG-Version baud BYTE Baudrate reserved_byte1 BYTE Reserved distance_limiting_SLG BYTE Selected transmit power multitag_SLG BYTE Multitag SLG field_ON_control_SLG BYTE Selected communication type field_ON_time_SLG BYTE Selected channel expert_mode BYTE Expert mode status_ant BYTE Status of antenna scanning_time_SLG BYTE Radio communication profile (country specific radio standart) MDS_control BYTE Presence mode blink_pattern BYTE Blink Pattern act_algor_Single_Tag Bool Single_Tag [1] act_algor_ITF_Phase2 Bool ITF_Phase2 [2] act_algor_ITF_Phase1 Bool ITF_Phase1 [3] act_algor_Smoothing Bool Smoothing [4] act_algor_Blacklist Bool Blacklist [5] act_algor_RSSI_Threshold Bool RSSI_Threshold WinCC Advanced V14 System Manual, 10/2016 1) 2) [6] 1749 Editing devices and networks 10.1 Configuring devices and networks Name Type Comment act_algor_Power_Ramp Bool Power_Ramp act_algor_Power_Gap Bool Power_Gap [8] Reserved1 Bool Reserved1 [1] Reserved2 Bool Reserved2 [2] Reserved3 Bool Reserved3 [3] Reserved4 Bool Reserved4 [4] [7] act_algor_EPC_MemBankFilte Bool r EPC_MemBankFilteres [5] act_algor_Tag_Holg Bool Tag_Hold [6] act_algor_Multi_Tag Bool Multi_Tag [7] act_algor_ISTM Bool ISTM [8] reserved_word2 WORD Reserved reserved_word3 WORD Reserved reserved_word4 WORD Reserved filtered_max_rssi BYTE Maximum RSSI value of a tag, of all filtered tags reserved_byte2 BYTE Reserved filtered_tags_rssi BYTE Number of tags, filtered out by the RSSI threshold reserved_byte3 BYTE Reserved filtered_tags_black_list WORD Number of tags, filtered out via Black-List filtered_tags_epc_data WORD Number of tags, filtered out via EPC Data Filter filtered_tags_smoothing WORD Number of tags in Tag List of status Not-Observed itf_ph1_max_detect WORD Number of reads of a Tag, filtered out via ITFphase 1 itf_ph1_tags_detect WORD Number of tags, filtered out via ITF-phase 1 itf_ph2_max_detect WORD Number of reads of a Tag, filtered out via ITFphase 2 itf_ph2_tags_detect WORD Number of tags, filtered out via ITF-phase 2 filtered_istm_min_dist WORD Minimum distance of tags according to sorting criterion of ISTM filtered_istm_tags WORD Number of tags, filtered out via ISTM algorithm last_error BYTE error code of the last occuring error (last_command) reserved_byte4 BYTE Reserved error_command1 WORD Last command (has lead to error code) "last_error" error_command2 WORD Last command (has lead to error code) "last_error" error_command3 WORD Last command (has lead to error code) "last_error" reserved_word5 WORD Reserved reserved_array_byte ARRAY[1..30] of Byte 1750 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Table 10-141 ATTRIBUTE "0x89" ("IID_READER_STATUS_89_RF68xR" data type) Name Type Comment status_info BYTE SLG-Status mode(Subcommand) hardware_version BYTE Version of hardware firmware_version ARRAY[1..4] of CHAR Version of firmware config ID DWORD Unix timestamp inventory_status WORD 0=inventory not active; 1=inventory active; 2=presence mode active sum_of_filtered_tags WORD All filtered Tags filtered_smoothing WORD Filtered Tags trough Smoothing filtered_blacklist WORD Filtered Tags trough Blacklist filtered_data-filter WORD Filtered Tags trough Data-Filter filtered_RSSI_threshold WORD Filtered Tags trough RSSI Threshold filtered_RSSI_delta WORD Filtered Tags trough RSSI Delta Table 10-142 ATTRIBUTE "0xA0" and "0xA1" ("IID_READER_STATUS_A0_A1_RF600" data type) Name Type reserved BYTE Status_info BYTE Status-Info, SLG-Status SubCommand 20/21 number_tags_frame BYTE Number of Tags in this frame number_tags_next_frames BYTE Number of Tags in the next frames reserved_byte1 BYTE Reserved reserved_byte2 BYTE Reserved reserved_byte3 BYTE Reserved reserved_byte4 BYTE Reserved reserved_byte5 BYTE Reserved reserved_byte6 BYTE Reserved Black_List_ID ARRAY[1..13] of "IID_IN_Blac klist" EPC-ID Length Black_List_ID[1] Comment "IID_IN_Blac klist" EPC_Length BYTE EPC-ID Length Antenna BYTE Antenna = Default 3 Filtered_Tag WORD Number of times - EPC-ID filtered out via BlackList EPC ARRAY[1..12] of Byte EPC-ID Black_List_ID[2] "IID_IN_Blac klist" Black_List_ID[3] "IID_IN_Blac klist" WinCC Advanced V14 System Manual, 10/2016 1751 Editing devices and networks 10.1 Configuring devices and networks Name Type Black_List_ID[4] "IID_IN_Blac klist" Black_List_ID[5] "IID_IN_Blac klist" Black_List_ID[6] "IID_IN_Blac klist" Black_List_ID[7] "IID_IN_Blac klist" Black_List_ID[8] "IID_IN_Blac klist" Black_List_ID[9] "IID_IN_Blac klist" Black_List_ID[10] "IID_IN_Blac klist" Black_List_ID[11] "IID_IN_Blac klist" Black_List_ID[12] "IID_IN_Blac klist" Black_List_ID[13] "IID_IN_Blac klist" Comment You will find more detailed information on the individual status modes in the manuals matching the modes "FB 45", "FB55" and "SIMATIC RF620R/RF630R". The identifiers of the status modes correspond to the following identifiers in the other manuals: 0x81 0x82 0x83 0x85 0x87 0x88 0x90 0x91 0x92 0xA0 0xA1 1752 0x01 0x02 0x03 0x05 0x07 0x08 0x10 0x11 0x12 0x20 0x21 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Tag_Status The "Tag_Status" block reads the status information of the transponder. For the various transponder types and reader families, there are different status modes that you can select using the "ATTRIBUTE" parameter. Figure 10-42 "Tag_Status" block Table 10-143 Explanation of the "Tag_Status" block Parameter Data type Default values Description ATTRIBUTE Byte B#16#0 Identifier of the status modes / possible entries: RF200: 0x83 RF300: 0x04, 0x82, 0x83 (only ISO transponders) RF620R, RF630R: 0x84, 0x85 MOBY D: 0x83 1) MOBY U: 0x80 LEN_ID Byte B#16#0 Length of the EPC-ID/UID Default value: 0x00 unspecified sin gle tag access (RF680R, RF685R) WinCC Advanced V14 System Manual, 10/2016 1753 Editing devices and networks 10.1 Configuring devices and networks Parameter Data type EPCID_UID Array[1...62] of Byte 0 Default values Description Buffer for up to 62 bytes EPC-ID, 8 bytes UID or 4 bytes handle ID. 2 - 62-byte EPC-ID is entered at the start of the buffer (length is set by "LEN_ID") 8-byte UID is entered at the start of the buffer ("LEN_ID = 8") 4-byte handle ID must be entered in the array element [5]-[8] ("LEN_ID = 8") Default value: 0x00 unspecified sin gle tag access (RF620R, RF630R, RF640R) IDENT_DATA Any / Variant 0 Event values depending on attributes Note: For Variant, an "Array_of_Byte" with a variable length and the existing status UDTs can be created. For Any, other data types/UDTs can also be created. 1) SLG D10S only Results Table 10-144 ATTRIBUTE "0x04" ("IID_TAG_STATUS_04_RF300" data type) Name Type Comment reserved BYTE status_info BYTE UID ARRAY [1..8] of BYTE MDS_type BYTE Type of MDS Lock_state BYTE Write Protection Status EEPROM Reserved1 ARRAY[1..6] of BYTE MDS status mode Table 10-145 ATTRIBUTE "0x80" ("IID_TAG_STATUS_80_MOBY_U" data type) Name Type Comment UID ARRAY [1..4] of BYTE Unique indentifier (MDS-Number) MDS_type BYTE Trype of MDS sum_subframe_access DInt Sum of subframe access sum_searchmode_access INT Sum of search mode access ST_date_Week BYTE Date of last sleep-time change (week of year) 1754 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name Type Comment ST_date_Year BYTE Date of last sleep-time change (year) battery_left INT Battery power left (percent) ST BYTE Actual sleep-time on MDS Table 10-146 ATTRIBUTE "0x82" ("IID_TAG_STATUS_82_RF300" data type) Name Type Comment reserved BYTE status_info BYTE UID ARRAY [1..8] of BYTE LFD BYTE Magnetic flux density: correlation between limitvalue FZP BYTE Error counter passive: distortion without communication FZA BYTE Error counter active: distortion during communication ANWZ BYTE Presence counter: measure value for presence time reserved1 ARRAY [1..3] of BYTE MDS status mode Table 10-147 ATTRIBUTE "0x83" ("IID_TAG_STATUS_83_ISO" data type) Name Type Comment reserved BYTE status_info BYTE UID ARRAY [1..8] of BYTE MDS_Type BYTE Type of MDS IC_version BYTE Chip version size_HB BYTE Size of Memory (high Byte) size_LB BYTE Size of memory (low Byte) lock_state BYTE Write protection status EEPROM block_size BYTE Size of a block in addressable memory number_of_block BYTE Number of blocks in addressable memory MDS status mode Table 10-148 ATTRIBUTE "0x84" ("IID_TAG_STATUS_84_RF600" data type) Name Type reserved BYTE status_info BYTE WinCC Advanced V14 System Manual, 10/2016 Comment MDS status mode 1755 Editing devices and networks 10.1 Configuring devices and networks Name Type UID ARRAY [1..8] of BYTE antenna BYTE Antenna which has observed the MDS RSSI BYTE RSSI value last_observed_hour BYTE Last observed time hour last_observed_min BYTE Last observed time minute last_observed_sec BYTE Last observed time seconds last_observed_channel BYTE Last observed time channel EPC_length BYTE EPC-Length reserved1 BYTE 1) Comment The internal time stamp of the internal reader clock that relates to this event is output. The internal reader clock is not synchronized with UTC. Table 10-149 ATTRIBUTE "0x85" ("IID_TAG_STATUS_85_RF600" data type) Name Type Comment status_info BYTE MDS status mode antenna BYTE Antenna which has observed the MDS channel BYTE Channel UID ARRAY [1..8] of BYTE DT_glimpsed_1 BYTE Time elasped between acknowledgement and first read in [ms]1 Highbyte DT_glimpsed_2 BYTE Time elasped between acknowledgement and first read in [ms]2 DT_glimpsed_3 BYTE Time elasped between acknowledgement and first read in [ms]3 DT_glimpsed_4 BYTE Time elasped between acknowledgement and first read in [ms]4 Low-Byte reserved1 BYTE reserved2 BYTE reserved3 BYTE reserved4 BYTE last_observed_hour BYTE Last observed time hour last_observed_min BYTE Last observed time minutes 1) last_observed_sec BYTE Last observed time seconds 1) last_observed_EPC_length BYTE Last observed time EPC length EPC_ID_Byte ARRAY [1..62] of BYTE EPC-ID reads_HB BYTE Number of Reads of MDS in Inventory (1 - 65535) reads_LB BYTE Number of Reads of MDS in Inventory (1 - 65535) RSSI BYTE Current RSSI value of MDS 1756 2) WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Name Type Comment mean_RSSI BYTE Mean RSSI value of MDS max_RSSI BYTE Max RSSI value of MDS min_RSSI BYTE Min RSSI value of MDS min_POWER BYTE Min Power value of MDS current_POWER BYTE Current Power value of MDS reserved5 ARRAY[1..137 ] of BYTE 3) 1) The internal time stamp of the reader that relates to this event is output. The internal reader time stamp is not synchronized with UTC. 2) The value "Reads" indicates the total transponder recognitions (inventories) regardless of the set smoothing parameters. In this way, in extreme situations, the "Reads" counter can reach extremely high values without the transponder ever reaching the "Observed" status. 3) The "current_Power" value is specified as transmit power in 0.25 dBm steps (ERP/EIRP). A "current_Power" value of "72" (0x48) therefore corresponds to 18 dBm (ERP/EIRP). You will find more detailed information on the individual status modes in the manuals matching the modes "FB 45", "FB55" and "SIMATIC RF620R/RF630R". The identifiers of the status modes correspond to the following identifiers in the other manuals: 0x04 0x82 0x83 0x84 0x85 0x01 0x02 0x03 0x04 0x05 Programming the Ident profile Structure of the Ident profile Note Parallel operation using Ident blocks and Ident profile is not possible Note that the CM or reader cannot be operated at the same time using the Ident blocks and the Ident profile. The blocks described in the section"AUTOHOTSPOT" represent a simplified interface of the Ident profile. If the functionality available with the blocks is not adequate for your application, you can use the Ident profile as an alternative. Using the Ident profile, you can set complex WinCC Advanced V14 System Manual, 10/2016 1757 Editing devices and networks 10.1 Configuring devices and networks command structures and work with command repetition. The following graphic shows the Ident profile including the commands that can be implemented with it. Note Ident profile for trained users The Ident profile is a complex block containing all the functionality of the Ident blocks. The Ident profile was developed specially for trained block users who want to configure complex functions with their own blocks. For untrained users, we recommend using the Ident blocks. 3K\VLFDO DGGUHVVVHWWLQJ RIWKHUHDGHU ,,'B+:B&211(&7 +:B&211(&7 '21( %22/ (5525 %22/ 67$786 ':25' :$51,1* &RPPDQGV IRUWKH UHDGHU &RQWUROOLQJ FRPPDQGV DQGGDWD %22/ (;(&87( %86< %22/ %22/ 537&0' 537$&7 %22/ %22/ 65(6(7 (55B,5(4 %22/ %22/ ,1,7 73& %22/ 73 %22/ 8,1 %22/ ,17 &0'',0 ,17 &0'6(/ $55$<>@ RI&0'B6758&7 &0'5() :ULWHDQG SDUDPHWHU GDWDIRUWDJ DQGUHDGHU $55$<>1@ RI%<7( 7;5() 5HDGGDWD IURPWDJRU UHDGHU $55$<>1@ RI%<7( 5;5() ,GHQWSURILOH 6WDUWDQGUHVHW FRPPDQGV %22/ 8,1 %22/ 8,1 %22/ 8,1 %22/ 75/(1 ,17 6WDWXVDQGHUURU /('V 'LVSOD\RI WDJVLQWKH DQWHQQDILHOG /HQJWKRIGDWD WUDQVIHUUHGZLWKWKH ODVWFRPPDQG Figure 10-43 The input parameters of the Ident profile 1758 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Note Working with multiple channels If you work with several channels, you must ensure that for each channel, the block is called with a separate instance DB. Interface description Table 10-150 Input parameter Input parameter Data type Default value Description HW_CONNECT HW_CONNECT -- Own data type for physical addressing of communications modules and readers and for synchronizing the blocks used for each reader. The addressing is as described in the section "AUTOHOT SPOT". EXECUTE BOOL FALSE TRUE = triggers a new command Before starting you need to set the command and the corre sponding parameters in the memory linked to "CMDREF". RPTCMD BOOL FALSE TRUE = Repeating the command currently being executed or the next command to be executed by communications module SRESET BOOL FALSE TRUE = Cancellation of the command currently processed on the communications module INIT BOOL FALSE TRUE = Communications module executes a Reset and is re-assigned parameters CMDDIM INT 10 Number of commands in the parameter "CMDREF" CMDSEL INT 0 Selection of the command to be executed "CMDREF"; 1 1. command, ... The value of the "CMDSEL" parameter can never be higher than the value of the "CMDDIM" parameter. CMDREF TXREF RXREF WinCC Advanced V14 System Manual, 10/2016 ARRAY[1...10] of CMD_STRUCT -- ARRAY[1...n] of BYTE -- ARRAY[1...n] of BYTE -- Command field The field can hold up to 10 commands. The commands are complex variables of the type "CMD_STRUCT". You will find more information on "CMDREF" in the section "AUTOHOT SPOT". Reference to global memory area for send data. The memory area can be shared with other block instances. The value "n" of the individual blocks is variable and can be up to 32 KB in size. Reference to global memory area for receive data. The memory area can be shared with other block instances. The value "n" of the individual blocks is variable and can be up to 32 KB in size. 1759 Editing devices and networks 10.1 Configuring devices and networks Table 10-151 Output parameter Output parameter Data type Default value Description DONE BOOL FALSE TRUE = Command was executed free of errors ERROR BOOL FALSE TRUE = Error was detected The error is output in the "STATUS" parameter. The bit is reset automatically when a new command is started. STATUS DWORD FALSE Warning and error If ERROR = TRUE or WARNING = TRUE, the error or warn ing information is contained in the STATUS parameter. For more information, refer to the section "AUTOHOTSPOT". WARNING BOOL FALSE TRUE = Warning was detected The warning is output in the "STATUS" parameter. If the "ER ROR" parameter is not set at the same time, the data was correctly processed. The bit is reset automatically when a new command is started. BUSY BOOL FALSE TRUE = the block is executing a command Other commands except for "INIT" and "SRESET" cannot be started. RPTACT BOOL FALSE TRUE = "RPTCMD" is active The acknowledgement bit shows that the "Repeat mode" of the CM/reader is active. ERR_IREQ BOOL FALSE TRUE = An error has occurred on the communications mod ule or reader (e.g. at power-up or connection termination) TPC BOOL FALSE Transponder Presence Changed TRUE = New transponder in the antenna field of the reader. The parameter is set to "FALSE" after the successful execu tion of the next "INVENTORY" or "INIT" command. TP BOOL FALSE Transponder Presence TRUE = There is a transponder in the antenna field of the reader. UIN0 BOOL FALSE UIN1 BOOL FALSE UIN2 BOOL FALSE UIN3 BOOL FALSE TRLEN INT 0 With RFID readers, the number of transponders in the anten na field is indicated. With code reader devices, the various statuses of the code reader device is displayed. UIN0: Corresponds to IN_OP bit of the reader UIN1: Corresponds to RDY bit of the reader UIN2 + UIN3: These two bits are interpreted as an unsigned value (bit 2 is the less significant bit) that represents the num ber of available decoded codes. If the value is = 3, three or more decoded codes are available. Number of data elements received after successful execution of the command. Data structure of the Ident profile Each time the Ident profile is called, you need to supply the parameters ( "HW_CONNECT", "CMDREF", "TXREF" and "RXREF") with values as described in section "Structure of the Ident profile (Page 1757)". 1760 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The call for the Ident profile is always via the input parameter "HW_CONNECT" and the "IN/ OUT" parameters "CMDREF", "TXREF" and "RXREF". All three parameters need to be created in a data block. The relationship between the three "IN/OUT" parameters is described in greater detail below: CMDREF (command buffer): Array[1...10] of CMD_STRUCT TXREF (send buffer): Array[1...n] of Byte RXREF (receive buffer): Array[1...n] of Byte WinCC Advanced V14 System Manual, 10/2016 1761 Editing devices and networks 10.1 Configuring devices and networks VWLQVWDQFH QGLQVWDQFH &DOO,GHQWB3URILOH +:B&211(&7 &0'5() 7;5() 5;5() &0'5() :5,7(&21),* 2))6(7%8))(5 >@ ]%:5,7( 2))6(7%8))(5 >@ ]%5($' 2))6(7%8))(5 >@ >@ >@ %XIIHUIRU FRPPDQGV >@ >@ >@ >@ >@ 7;5() %XIIHUIRU GDWDWRWKH&0RU WUDQVSRQGHU Q 5;5() %XIIHUIRU GDWDWRWKH&0RU WUDQVSRQGHU Q Figure 10-44 Data structure example of the Ident profile 1762 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Explanation of the example Incoming commands: CMDREF[1]: Command "WRITE-CONFIG", OFFSETBUFFER = 0 The "WRITE-CONFIG" command should always be located at the point CMDREF[1] so that the "INIT/Reset" is executed free of errors. CMDREF[2]: Command "WRITE", OFFSETBUFFER = 15 CMDREF[3]: Command "READ", OFFSETBUFFER = 0 If the "CMDREF[2]" command is selected, a write command is started and the data to be written is fetched starting at byte 15 of the "TXREF" parameter. If the "CMDREF[3]" command is selected, the read data is stored starting at byte 0 in the "RXREF" parameter. Communications module RF120C "Reader" parameter group The "Reader" parameter group contains the following: Diagnostics: Setting to decide whether or not hardware diagnostics messages are output. Ident system: Selection of the connected Ident system. Depending on the selection you make, the "Ident System" parameter group is adapted. "Diagnostics" parameter Parameter assignment options: None Apart from standard diagnostics messages, no other diagnostics messages are generated. Hard Errors Extended diagnostics messages are generated if the following events occur. - Hardware error (memory test) - Firmware error (checksum) - Connection to reader lost - Short-circuit fault/interruption if supported by the hardware Further information For further information on diagnostics, refer the documentation for the RF120C communications module with application blocks for S7-1200 and S7-1500. WinCC Advanced V14 System Manual, 10/2016 1763 Editing devices and networks 10.1 Configuring devices and networks "Ident system" parameter group In the "ID system" parameter group the parameters for the selected identification system are set. The table shows the parameters that exist with all identification systems (RFID and optical reading systems). Table 10-152 Standard parameters for all identification systems Parameter Parameter value Default value Description Transmission speed 19.2 kBd 115.2 kBd After changing the transmission speed, the reader must be turned off and on again. On On = presence is reported as soon as there is a transponder in the antenna field of the reader 57.6 kBd 115.2 kBd Presence check On Off (RF field off) Off (RF field on ) = the presence check in the FB is suppressed. The antenna on the reader is nevertheless turned on as long as it has not been turned off by a command. Off (RF field on) Off (RF field off) = the antenna is turned on only when a command is sent and it then turns itself off again (RF300 only) Reset ERR LED On Off Off On = the flashing of the error LED on the RF120C is reset by each FB reset. Off = the error LED always indicates the last error. The display can only be reset by turning off the RF120C. The following parameters are system specific according to the selection you made in the "Reader" parameter group. RF200 Table 10-153 RF200 general Parameter Parameter value Default value Description - - - Only the standard parameters are available. Parameter Parameter value Default value Description RF power 0.50 - 5.00 W 1.00 W Setting for the output power of the reader. Table 10-154 RF290R 1764 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks RF300 Table 10-155 RF300 general Parameter Parameter value Default value Description Transponder type RF300 RF300 Selection of the transponders used. ISO 15693 Table 10-156 RF380R Parameter Parameter value Default value Description RF power 0.50 - 2.00 W 1.25 W Setting for the output power of the reader. Transponder type RF300 RF300 Selection of the transponders used. ISO 15693 RF600 Table 10-157 Ident system: RF600 Parameter Parameter value Default value Description Max. no. of transponders 1 - 80 1 Number of transponders expected in the anten na field. Permitted values: 1 - 40 for RF620R 1 - 80 for RF630R with 2 antennas 1 - 40 for RF630R with 1 antenna The value stored in "multitag" defines the ex pected number of transponders to be read (EPC-ID) in the inventory. The value does not restrict the number of trans ponders to be processed in the antenna field. To ensure an efficient inventory of transpond ers in the antenna field, make sure that the val ues specified here do not deviate by more than approximately 10% from the maximum number of transponders to be expected in the antenna field. Reader type RF620R ETSI RF620R FCC RF620R CMIIT RF630R ETSI RF620R ETSI Selection of the reader used. By selecting a reader, you open the "Reader type" parameter group. The parameters are de scribed in the following table. RF630R FCC RF630R CMIIT WinCC Advanced V14 System Manual, 10/2016 1765 Editing devices and networks 10.1 Configuring devices and networks Reader type (RF600 only) In the parameter group "Reader type", further specific parameters are set for the reader type selected in the "ID system" parameter group. Table 10-158 RF600 menu: Reader type Parameter Parameter value Default value Description Wireless profile - - Selection of the relevant wireless profile for ET SI, FCC or CMIIT. Multitag mode UID = EPC-ID (8 bytes) UID = EPC-ID (8 bytes) UID = EPC-ID (8 bytes) 8 byte UID of the bytes 5-12 of the 12 byte long EPC-ID UID = Handle ID (4 bytes) Intelligent Single Tag Mode (ISTM) On Black List On UID = handle ID (4 bytes) 4 byte UID as handle ID for access to transponders with an EPC-ID of any length Off Enable/disable the "Intelligent Single Tag Mode ISTM" algorithm 1) Off Enable/disable the "Black list" 1) Off Off Radiated power internal an tenna (RF620R) 0-B 4 Setting the radiated power for the internal an tenna 1) 2) Internal antenna (RF620R) - - Enable/disable the internal antenna. With the RF620R, either only the internal or on ly the external antenna can be set. Transmit power (external an 0 - 9 tenna RF620R) 4 Setting the transmit power for the external an tenna 1) 2) External antenna (SetAnt block required) (RF620R) - - Enable/disable the external antenna. Transmit power ANT 1 (RF630R) 0-9 4 Setting the transmit power for antenna 11) 2) Transmit power ANT 2 (RF630R) 0-9 4 Setting the transmit power for the antenna 21) 2) Communications speed Reliable detection Reliable detection 1) Off Enable/disable "Tag hold" 1) Off Enable/disable the "Scanning mode" 1) - Selection of the wireless channels to be used 1) With the RF620R, either only the internal or on ly the external antenna can be set. Fast detection Tag hold On Off Scanning mode On Off Channel assignment (only with wireless profile ETSI) - 1) You will find further information in the "Configuration manual RF620R/RF630R".* 2) The values for the transmit/radiated power of the antennas can be found in the following table. 1766 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks * You will find the configuration manual RF620R/RF630R here (http:// support.automation.siemens.com/WW/view/en/10805817). Table 10-159 Transmit / radiated power of the antennas Hex value RF630R transmit power RF620R radiated power (internal antenna) RF620R transmit power ETSI FCC CMIIT dBm / (mW) dBm / (mW) ERP dBm / (mW) EIRP dBm / (mW) ERP dBm / (mW) 0 18 / (63) 18 / (63) 20 / (100) 18 / (65) 18 / (63) 1 19 / (79) 19 / (79) 21 / (126) 19 / (79) 19 / (79) ... ... ... ... ... ... 4 22 / (158) 22 / (158) 24 / (251) 22 / (158) 22 / (158) ... ... ... ... ... ... 9 27 / (501) 27 / (501) 29 / (794) 27 / (501) 27 / (501) A 27 / (501) 28 / (631) 30 / (1000) 28 / (631) 27 / (501) B (...F) 27 / (501) 29 / (794) 31 / (1259) 29 / (794) 27 / (501) SLG D10S Table 10-160 SLG D10S Parameter Parameter value Default value Description RF power 0.50 - 10.00 W 1.00 W Setting for the output power of the reader. Transponder type ISO ISO Selection of the transponders used. I-Code (e.g. MDS D139) SLG D11S/D12S Table 10-161 SLG D11S/D12S Parameter Parameter value Default value Description Transponder type ISO ISO Selection of the transponders used. I-Code (e.g. MDS D139) WinCC Advanced V14 System Manual, 10/2016 1767 Editing devices and networks 10.1 Configuring devices and networks MOBY U Table 10-162 MOBY U Parameter Parameter value Default value Description Standby time 0 - 1400 ms 0 ms Standby time (scanning_time) for the trans ponder. If the transponder receives a further command before the standby time has elapsed, this com mand can be executed immediately. If the trans ponder receives a command after standby time has elapsed, command execution is delayed by the "sleep_time" of the transponder. Distance limitation 0.2 m 1.5 m - 1 Maximum number of transponders that can be processed at the same time in the antenna field. 0.5 m 1.0 m 1.5 m 2.0 m 2.5 m 3.0 m 3.5 m Max. no. of transponders 1768 1 - 12 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Parameter value Default value Description BERO mode Without BEROs Without BEROs Without BEROs No reader synchronization 1 or 2 BEROs 1 or 2 BEROs The BEROs are logically ORed. The antenna field is turned on during the actuation of a BERO. 1st BERO on, 2nd BERO off Synchronization by cable connection 1st BERO on, 2nd BERO off The 1st BERO switches the antenna field on and the 2nd BERO switches the antenna filed off. If there are two BEROs and a "BERO time in s" is set, the antenna field is automatically turned off if the 2nd BERO does not switch within this BERO time. If no "BERO time in s" is set, the antenna field remains turned on until the 2nd BERO is activated. Synchronization by cable connection Enable reader synchronization via cable connection (see manual on configuration, installation and service for MOBY U). BERO time in s 0 - 255 s 0s Can only be set if the BERO mode is set to "1st BERO on, 2nd BERO off". 0 The time monitoring is disabled. To switch the field off, the 2nd BERO is required. 1 ... 255 s Operating time for the reader field General Reader Table 10-163 General Reader Parameter Parameter value Default value Description Input box for byte sequence (hexadecimal) 00000000 00000000 Expert mode WinCC Advanced V14 System Manual, 10/2016 With this function, you can specify the reset pa rameters directly in hexadecimal notation. This setting may only be selected if you have previ ously received the hexadecimal string for the setting from a member of the SIEMENS staff. 1769 Editing devices and networks 10.1 Configuring devices and networks Parameters via FB / optical readers Table 10-164 Parameters via FB / optical readers Parameter Parameter value Default value Description MOBY mode RF200/RF300/ RF200/RF300/ Only the mode "RF200/RF300/RF600; MV4x0; RF600; MV4x0; MO RF600; MV4x0; MO MOBY U/D" is supported. BY U/D BY U/D For further information on resetting a function block, refer to the documentation for the RF120C communications module with applica tion blocks for S7-1200 and S7-1500. * * You will find information on the documentation here (https://support.industry.siemens.com/ cs/ww/en/ps/14971/man). Communications module RF170C Communications module for Ident systems - RF170C, RS422/RS232 The module RF170C RS422/RS232 is a communications module for Ident systems for the I/ O system ET 200pro. Several RF170C RS422/RS232 communications modules can be mounted and operated on an IM 154-8 CPU and on an interface module IM 154-1 DP, IM 154-2 DP High Feature or IM 154-4 PN High Feature of the ET 200pro. A maximum of two readers can be connected to the RF170C RS422/RS232. The connected readers are processed at the same time The function blocks FB 45, FC 45 and the program block for the Ident profile/RFID standard profile allow simple programming using the SIMATIC S7 tools. The function blocks FB 45, FC 45 and the program block for the Ident profile/RFID standard profile can be operated both on the S7-300 and the S7-400. The transponder data is accessed by means of normal addressing or file handler addressing. Physical addressing of the transponder Physical addressing of a transponder is also referred to as normal addressing. When using normal addressing you can set up the data structure of a transponder yourself You decide which physical address which data is written to. The addressing of the transponder memory generally begins at the address 0000 hex and ends at an end address that corresponds to the size of the transponder memory. File handler addressing of the transponder With file handler addressing you specify a file name for access to the data. The file name consists of eight ASCII characters. The file handler manages the user data on the transponder independently. You do not need to configure any data structures on the transponder. 1770 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Module parameters" parameter group In this parameter group, you can configure all module-specific parameters of the RF170C RS422/RS232. Table 10-165 Parameters in the "Module parameters" parameter group Parameter Parameter value Default value Description User Mode Ident profile/RFID stand ard profile Ident profile/RFID standard profile Selection depends on the communications mod ule and and Ident system being used. With this parameter you select the block: FB 45 / FC 45 Ident profile/RFID standard profile: The program block for the Ident profile/RFID standard profile is used on the controller. FB 55 / FC 55 FB 45 / FC 45: Single tag mode FB 45 (PROFIBUS/ PROFINET) or FC 45 (PROFIBUS) is used on the controller. FB 55 / FC 55: Multitag mode. FB 55 (PROFIBUS/ PROFINET) or FC 55 (PROFIBUS) is used on the controller. MOBY Mode RF200/RF300/RF600; MV4x0; MOBY U/D MOBY I/E MV3xx RF200/RF300/ Selection depends on the communications mod RF600; MV4x0; MO ule and and Ident system being used. With this BY U/D parameter, you set the mode of the communica tions module. RF200/RF300/RF600; MV4x0; MOBY U/D Freeport protocol MOBY I/E RF300 filehandler MV3xx Freeport protocol RF300 filehandler Normal addressing: The transponder is ad dressed with physical addresses. Filehandler: Prior to use, the transponder needs to be formatted. Transmission speed 19.2 kBd 57.6 kBd 115.2 kBd 115.2 kBd Selection depends on the communications mod ule and and Ident system being used. With this parameter you set the transmission speed be tween the communications module and reader. When the RFID reader is connected: After changing the transmission speed, the reader must be turned off and on again. With a connected optical reader: The transmis sion speed selected here must match the trans mission speed selected in the firmware of the reader. WinCC Advanced V14 System Manual, 10/2016 1771 Editing devices and networks 10.1 Configuring devices and networks Parameter Parameter value Default value Description Diagnostics messages None None Selection depends on the communications mod ule and and Ident system being used. With this parameter you set whether hardware diagnos tics messages will be reported. Hard errors None: Apart from standard diagnostics, no other alarms are generated. Hard errors: Critical hardware errors are reported by the S7 diagnostics. Suppression of Error LED None None Channel 1 The communications module has two channels to which the readers / optical readers can be connected. The Error LED of the other channel flashes permanently when only one of the chan nels is being used. With the help of the suppres sion, you can disable the Error LED of the un used channel. Channel 2 Interface RS-232 RS-422 1772 Disabling the Error LED (ERR) of a channel. -- Selection of the interface type that the connected hardware (reader / optical reader) uses. WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Message Frame" parameter group The "Frame" parameter group is only displayed when you have selected the parameter value "Freeport protocol" in the "MOBY Mode" parameter of the module parameters. In this parameter group, you can configure all parameters specific to the "Freeport protocol". Table 10-166 Parameters in the "Frame" parameter group Parameter Parameter value Default value Description Data bits 7 8 Selection of the number of bits on which a char acter is represented. None Parity selection 8 Parity None Odd A sequence of data bits can be expanded by a parity bit. With its value "0" or "1", the parity bit is added to the sum of all bits (data bits and parity bits) to form a defined status. This increases data reliability. Even Fixed value 1 Fixed value 0 None: Data is sent without a parity bit. Odd: The parity bit is set so that the sum of the data bits (including the parity bit) is odd when the signal state is "1". Even: The parity bit is set so that the sum of the data bits (including the parity bit) is even when the signal state is "1". Fixed value 1: The parity bit is set permanently to the value "1". Fixed value 0: The parity bit is set permanently to the value "0". Stop bits 1 2 WinCC Advanced V14 System Manual, 10/2016 1 Selection of the number of stop bits that indicate the end of a character. The stop bits are appended to every transferred character during transmission. 1773 Editing devices and networks 10.1 Configuring devices and networks Parameter Parameter value Default value Description Specifying end detec tion After character delay time elapses After character de lay time elapses Specifies the end detection of a received frame. On receipt of fixed num ber of characters On receipt of the end de limiter(s): After character delay time elapses: The frame has neither a fixed length nor defined end delimiters. The end of a frame is indicated by a gap in the character sequence. The size of this gap is specified by the character delay time. On receipt of fixed number of characters: The length of the received frame is always the same. When data is received, the end of the frame is recognized when the set number of characters has been received. On receipt of the end delimiter(s): At the end of the frame there are one or two defined end delimiters. When data is received, the end of the frame is recognized when the set end delimiter is received. No. of end delimiters 1 1 2 1st end delimiter 0...7F / 0...FF Selection of the number of end delimiters. A maximum of 2 end delimiters can be config ured. When data is received, the end of the frame is recognized when the selected end delimiter combination is received. 3 Input of the 1st end delimiter of maximum two end delimiters for end criteria "On receipt of the end delimiter(s)". The selected end delimiter or the selected end delimiter combination limits the length of the frame. Parameter value depending on the "Data bits" parameter. 2nd end delimiter 0...7F / 0...FF 0 Input of the 2nd end delimiter of maximum two end delimiters for end criteria "On receipt of the end delimiter(s)". The selected end delimiter or the selected end delimiter combination limits the length of the frame. Parameter value depending on the "Data bits" parameter. Frame length 1...233 / 1...229 233 Entry of the frame length in bytes for the end criterion "On receipt of fixed number of charac ters". Character delay time 0...65535 15 Entry of the time [ms] that may elapse until a frame end is recognized. Select the character delay time dependent on the send behavior of your communications partner. Depending on the data transmission speed the character delay time is limited to a minimum value. Note that the ASCII driver pauses between two message frames when sending. 1774 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "I/O addresses" parameter group Inputs 1. Assign a start address to the module. 2. If you want to assign the address area to a process image partition, select the desired process image partition in the "Process image" drop-down list. Outputs 1. Assign a start address to the module. 2. If you want to assign the address area to a process image partition, select the desired process image partition in the "Process image" drop-down list. Note Input and output address must be identical. ASM 475 What you should know about the ASM 475 Introduction Up to eight ASM 475 interface modules can be plugged in and operated in a rack of the SIMATIC S7-300. If you have a configuration with several racks (max. four racks), the ASM 475 can be plugged in and operated in each rack. This means that with the maximum configuration of a SIMATIC S7-300, 32 ASM 475 modules can be operated. A maximum of two SLGs (write/read devices) can be connected to the ASM 475. The processing of the connected SLGs is parallel. FC45 allows simple programming using the SIMATIC S7 tools. FC45 can be used both in the S7-300 and S7-400. With S7-400, the ASM 475 is connected via an ET 200M. Note that the IM 153-1 must have at least order number 6ES7 153-1AA03-0XB0 or 6ES7 153-1AA83-0XB0 and IM 153-2 at least order number 6ES7 153-2AA02-0XB0 or 6ES7 153-2AB01-0XB0. Access to the MDS data is with normal addressing. WinCC Advanced V14 System Manual, 10/2016 1775 Editing devices and networks 10.1 Configuring devices and networks Physical addressing of the MDS (mobile data storage) The physical addressing of an MDS is also known as normal addressing. Users set up the structure of the MDS themselves. They know the physical MDS address to which data is written. The addressing of the MDS storage generally begins at 0000 hex and ends at an end address corresponding to the size of the MDS storage. File handler addressing of the MDS For file handler addressing, the user specifies a file name for access to the data. The file name consists of eight ASCII characters. The file handler manages the user data independently on the MDS. The user does not need to configure data structures on the MDS. Prior to use, the MDS needs to be formatted. ASM 456 communications module Communications module for Ident systems - ASM 456 The ASM 456 module is a communications module for Ident systems for PROFIBUS DP V1. A maximum of two readers can be connected to the ASM 456. The connected readers are processed at the same time The function blocks FB 45, FC 45, FB 55, FC 55, FC 56 and the program block for the Ident profile/RFID standard profile allow simple programming using the SIMATIC S7 tools. The function blocks FB 45, FC 45, FB 55, FC 55, FC 56 and the program block for the Ident profile/ RFID standard profile can be operated both on the S7-300 and the S7-400. For the S7-1200 and S7-1500 the Ident profile must be used. The transponder data is accessed by means of normal addressing or file handler addressing. Physical addressing of the transponder Physical addressing of a transponder is also referred to as normal addressing. When using normal addressing you can set up the data structure of a transponder yourself You decide which physical address which data is written to. The addressing of the transponder memory generally begins at the address 0000 hex and ends at an end address that corresponds to the size of the transponder memory. File handler addressing of the transponder With file handler addressing you specify a file name for access to the data. The file name consists of eight ASCII characters. The file handler manages the user data on the transponder independently. You do not need to configure any data structures on the transponder. 1776 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Device-specific parameters" parameter group. In this parameter group, you can configure all module-specific parameters of the ASM 456. Table 10-167 Parameters in the "Module parameters" parameter group Parameter Parameter value Default value Description User Mode Ident profile/RFID stand ard profile Ident profile/RFID standard profile Selection depends on the communications mod ule and and Ident system being used. With this parameter you select the block: FB 45 / FC 45 Ident profile/RFID standard profile: The program block for the Ident profile/RFID standard profile is used on the controller. FB 55 / FC 55 FC 56 FB 45 / FC 45: Single tag mode FB 45 (PROFIBUS/ PROFINET) or FC 45 (PROFIBUS) is used on the controller. FB 55 / FC 55: Multitag mode. FB 55 (PROFIBUS/ PROFINET) or FC 55 (PROFIBUS) is used on the controller. FC 56 File handler for S7-300 and S7-400 MOBY Mode RF200/RF300/RF600; MV4x0; MOBY U/D RF680R/RF685R MOBY I/E normal ad dressing RF200/RF300/ Selection depends on the communications mod RF600; MV4x0; MO ule and and Ident system being used. With this BY U/D parameter, you set the mode of the communica tions module. RF200/RF300/RF600; MV4x0; MOBY U/D RF300 filehandler RF680R/RF685R MOBY U file handler MOBY I/E normal addressing MOBY I File handler RF300 filehandler MOBY U file handler MOBY I file handler Normal addressing: The transponder is ad dressed with physical addresses. Filehandler: Prior to use, the transponder needs to be formatted. Transmission speed 19.2 kBd 57.6 kBd 115.2 kBd 115.2 kBd Selection depends on the communications mod ule and and Ident system being used. With this parameter you set the transmission speed be tween the communications module and reader. When the RFID reader is connected: After changing the transmission speed, the reader must be turned off and on again. With a connected optical reader: The transmis sion speed selected here must match the trans mission speed selected in the firmware of the reader. WinCC Advanced V14 System Manual, 10/2016 1777 Editing devices and networks 10.1 Configuring devices and networks Parameter Parameter value Default value Description Diagnostics messages None None Selection depends on the communications mod ule and and Ident system being used. With this parameter you set whether hardware diagnos tics messages will be reported. Hard errors Hard/soft errors low prior ity None: Apart from standard diagnostics, no other alarms are generated. Hard/soft errors high pri ority Hard errors: Critical hardware errors are reported by the S7 diagnostics. Hard/soft errors low priority Critical hardware errors and errors that occur during command processing are reported by the S7 diagnostics. The "Ext_Diag" bit is not set. Hard/soft errors high priority Critical hardware errors and errors that occur during command processing are reported by the S7 diagnostics. The "Ext_Diag" bit is set. Suppression of Error LED None None Channel 1 Channel 2 Disabling the Error LED (ERR) of a channel. The communications module has two channels to which the readers / optical readers can be connected. The Error LED of the other channel flashes permanently when only one of the chan nels is being used. With the help of the suppres sion, you can disable the Error LED of the un used channel. RF680R/RF685R Readers RF680R/RF685R for the UHF range The UHF readers RF680R and RF685R are intended for use in logistics and automation, for example on a production line but are equally suitable for applications in logistics. To meet these requirements, the readers were equipped with a high transmit power and degree of protection (IP65). The readers are equipped with extensive diagnostics options and can process ISO 18000-6C and ISO 18000-6B transponders. The RF685R has one special feature with its internal, adaptive antenna. This significantly increases the reliability of read and write actions even under difficult radio conditions. The RF680R and RF685R readers are either integrated without problems in SIMATIC S7 automation systems via an integrated PROFINET connector or via the RS-422 interface and the ASM 456 communications module via PROFIBUS. Suitable programming blocks are available. A second Ethernet interface (both M12) can be used for diagnostics during operation so that the connection to the higher-level system does not need to be interrupted. The WBM (Web Based Management) allows commissioning, configuration and diagnostics of the devices using an Internet browser. This makes additional updates and installation of configuration and diagnostics software unnecessary. 1778 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks "Web Based Management" parameter group In this parameter group you can start the Web Based Management. Table 10-168 Parameters in the "Web-based management" parameter group Parameter Description Web Based Manage ment (WBM) Starting the Web Based Management of the reader. The Web Based Management provides a wide range of functions for configuring the readers. Note: The WBM can only be started if either the PROFINET connection between the CPU and reader is established or the reader was assigned the IP address stored in the project. This means that the device name has been assigned and the TIA configuration must be loaded on the SIMATIC controller. "Module parameters" parameter group In this parameter group, you can configure all module-specific parameters of the RF680R/ RF685R readers. Table 10-169 Parameters in the "Module parameters" parameter group Parameter Parameter value Default value Description RFID read point alarm Off Off Enabling/disabling read-point related diagnos tics messages. On "Configuration management" parameter group In this parameter group you can load or save the configuration data. Table 10-170 Parameters in the "Configuration management" parameter group Parameter Description User name User name of a user created on the reader Note that the user must have the required rights. Password Entry of the password for the user Load configuration to device Loading configuration data on the reader from the STEP 7 project. Check the configura tion in the project. Saving configuration data of the reader in the current STEP 7 project. Requirement The following requirements must be met to allow configuration data to be loaded or saved: The correct IP address of the reader is entered in the "PROFINET interface [X1]". The user name and corresponding password have been created in the WBM. The entered user has the required rights to run the download/upload. WinCC Advanced V14 System Manual, 10/2016 1779 Editing devices and networks 10.1 Configuring devices and networks Note User name and password only necessary if user management is enabled The "User name" and "Password" text boxes only need to be completed if the user management of the WBM is enabled. "RFID communication" parameter group In this parameter group you can configure the address range of the RFID communication. Table 10-171 Parameters in the "RFID communication" parameter group Parameter Description General General settings Input boxes for the name of the communication and for a comment. I/O addresses Specify the I/O address of the reader ("LADDR") This parameter is used in the "IID_HW_CONNECT" variable. Hardware identifier Specify the hardware identifier of the reader ("HW-ID") This parameter is used in the "IID_HW_CONNECT" variable. "Digital inputs/outputs" parameter group In this parameter group you can configure the address range of the digital inputs / outputs. Table 10-172 Parameters in the "Digital inputs / outputs" parameter group Parameter Description General General settings Input boxes for the name of the of the digital inputs / outputs and for a comment. I/O addresses Specify the I/O address of the digital inputs/outputs Using the set address range (I/O address), the digital inputs/outputs configured in the WBM of the reader can be accessed. Hardware identifier Specify the hardware identifier of the digital inputs/outputs. Optical reading systems Optical readers MV420/MV440 Optical readers MV420/MV440 The optical reading systems MV420/MV440 were designed specifically for the recognition and evaluation of numerous machine-readable codes, plaint text and objects in industrial production. 1780 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The readers can be operated both in the controllers S7-300, S7-400, S7-1200 and S7-1500 as well as with various third-party controllers. The connection to the controller is via PROFINET IO (FB79/Ident profile), TCP, RS-232 or via communications modules. The function blocks FB79 and the Ident profile allow simple programming using the SIMATIC S7 tools. "Operating mode" parameter group In this parameter group you can configure the operating mode of the MV420/MV440 readers. Table 10-173 Parameters in the "Operating mode" parameter group Parameter Parameter value Default value Description Function block FB79 FB79 With this parameter you select the block: Ident profile FB79 Compatible with the "VS130-2" reader; Compatible controllers: S7-300 and S7-400 Ident profile Complex Ident block with MV-specific blocks; Compatible controllers: S7-300, S7-400, S7-1200 and S7-1500 10.1.5.2 Distributed I/O Distributed I/O systems SIMATIC ET 200 - The right solution for all applications SIMATIC ET 200 provides the most varied range of distributed I/O systems. Solutions for use in the control cabinet Solutions without control cabinet directly at the machine Additionally, there are also components that can be used in explosive areas. SIMATIC ET 200 systems for construction without a control cabinet are contained in robust, glass-fibre reinforced plastic casing and are therefore shock-resistant, resistant to dirt and watertight. Their modular design allows the ET 200 systems to be easily scaled and expanded in small steps. Fully-integrated auxiliary modules lower costs and also provide a wide range of possible applications. There are several combination possibilities available: Digital and analog I/OS Intelligent modules with CPU functions, Safety technology, Pneumatics, Frequency converters Various technology modules. WinCC Advanced V14 System Manual, 10/2016 1781 Editing devices and networks 10.1 Configuring devices and networks Communication via PROFIBUS and PROFINET, uniform engineering, clear diagnostic possibilities as well as optimal connection to SIMATIC controller and HMI devices vouch for the unique consistency provided by Totally Integrated Automation. The following table provides an overview of I/O devices for use in the control cabinet: I/O device Properties ET 200L Cost-effective digital block I/O Digital electronic blocks up to 32 channels ET 200M Modular design with standard modules from SIMATIC S7-300 Failsafe I/O modules Use in hazardous areas up to Zone 2, sensors and actuators up to Zone 1 High level of plant availability, for example by plugging and unplugging during operation ET 200MP Modular design with standard SIMATIC S7-1500 modules Isochronous PROFINET IO with send clocks up to 250 s IO device with PROFINET IO interface DP slave with PROFIBUS DP interface Technology modules for counting, positioning, time-based IO ET 200S Highly modular design with multiple conductor connections Multifunctional due to a wide range of modules I-device Use in explosive areas (Zone 2) ET 200S COMPACT Highly modular design with multiple conductor connections Multifunctional due to a wide range of modules Use in explosive areas (Zone 2) Integrated DE/DA 1782 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks I/O device Properties ET 200SP Compact modules Permanent wiring with one or more wire connection PROFINET interface with 3 ports Isochronous PROFINET IO with the profiles PROFIsafe and PROFIenergy I-device Modules for counting, positioning, weighing and measuring Fail-safe CPUs and modules ET 200iSP Modular design, also possible with redundancy Robust and intrinsically safe design Use in explosive areas up to Zone 1/21; sensors and actuators even up to Zone 0/20 High level of plant availability, for example by plugging and unplugging during operation The following table provides an overview of I/O devices for use without a control cabinet: I/O device Properties ET 200AL Simple installation in all locations, in the smallest spaces Connection to PROFINET IO, PROFIBUS DP or ET 200SP High degree of protection IP65/IP67 For temperatures from -25 C to +55 C, acceleration up to 5 g Connection of sensors and actuators using M8 and M12 connector system ET 200eco PN Cost-efficient, space-saving block I/OS Digital modules up to 16 channels (also configurable) Analog modules, IO-link master and load voltage distributor PROFINET connection with 2-port switch in each module Can be flexibly distributed via PROFINET in line or star shape directly within the plant ET 200eco Cost-effective digital block I/O Flexible connection possibilities Failsafe modules High level of plant availability WinCC Advanced V14 System Manual, 10/2016 1783 Editing devices and networks 10.1 Configuring devices and networks I/O device Properties ET 200pro Modular design with compact housing Easy assembly Multifunctional due to a wide range of modules I-device High level of plant availability due to plugging and unplugging during operation and permanent wiring Comprehensive diagnostics ET 200R Specially for use on robots Assembled directly on the chassis Resistant to weld spatter due to robust metal housing See also Documentation on ET 200L (http://support.automation.siemens.com/WW/view/en/1142908/0/ en) Documentation on ET 200S (http://support.automation.siemens.com/WW/view/en/1144348/0/ en) Documentation on ET 200M (http://support.automation.siemens.com/WW/view/en/1142798/0/ en) Documentation on ET 200pro (http://support.automation.siemens.com/WW/view/en/ 21210852/0/en) Documentation on ET 200iSP (http://support.automation.siemens.com/WW/view/en/ 28930789/0/en) Documentation on ET 200R (http://support.automation.siemens.com/WW/view/en/ 11966255/0/en) Documentation on ET 200eco PN (http://support.automation.siemens.com/WW/view/en/ 29999018/0/en) Documentation on ET 200eco (http://support.automation.siemens.com/WW/view/en/ 12403834/0/en) Documentation on ET 200SP (http://support.automation.siemens.com/WW/view/en/ 84133942/0/en) Documentation on ET 200MP (http://support.automation.siemens.com/WW/view/en/ 86140384/en) Documentation on ET 200AL (http://support.automation.siemens.com/WW/view/en/ 95242965/0/en) 1784 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuring HART variables Introduction Numerous HART field devices make available additional measured quantities (e.g. sensor temperature). These can be read if they are set accordingly in the field device configuration. Using the HART variables. it is possible to apply the set measured values directly from the field device into the I/O area of your automation system. Regardless of the number of configured channels, a maximum of 8 HART variables can be assigned for HART modules and no more than 4 HART variables per channel. You assign the HART variables to a channel in the properties for the module ("HART variable settings" area). To do this, check the manual of the corresponding module. Address assignment By default, the HART modules occupy 16 input/output bytes (user data). If you configure HART variables, the modules occupy an additional 5 bytes for each HART variable. If you use all 8 HART variables, the HART input module occupies a total of 56 input/output bytes (16 bytes + 8 x 5 bytes = 56 bytes). The "None" configuration occupies no additional input bytes. Configuration of HART variables You can configure up to 4 HART variables for a channel PV (Primary Variable) SV (Secondary Variable) TV (Tertiary Variable) QV (Quaternary Variable) CiR is a placeholder that reserves the address space for a HART variable. You must configure the HART variables you are not using with the "None" parameter. Configuration of HART variables Each HART variable occupies 5 bytes of input data and is structured as follows: %\WHQ %\WHQ %\WHQ %\WHQ +$57YDULDEOH %\WHQ 4XDOLW\FRGH 9DOXHLQ+(;IRUPDW The quality code can accept different values depending on the module. To do this, check the manual of the corresponding module. WinCC Advanced V14 System Manual, 10/2016 1785 Editing devices and networks 10.1 Configuring devices and networks See also Documentation for HART analog modules (http://support.automation.siemens.com/WW/view/ en/22063748) ET 200iSP ET 200iSP Distributed I/O Station Definition The ET 200iSP distributed I/O station is a highly modular and intrinsically safe DP slave with degree of protection IP 30. Area of application The ET 200iSP distributed I/O station can be operated in potentially explosive atmospheres characterized by gas and dust: Approval ET 200iSP Station* Inputs and outputs ATEX Zone 1, Zone 21 up to Zone 0, Zone 20 ** IECEx Zone 2, Zone 22 up to Zone 0, Zone 20 ** * In combination with an appropriate enclosure ** for electronic module 2 DO Relay UC60V/2A: up to Zone 1, Zone 21 The ET 200iSP distributed I/O station can, of course, also be used in the safety area. You can insert almost any combination of ET 200iSP I/O modules directly next to the interface module that transfers the data to the DP master. This means you can adapt the configuration to suit your on-site requirements. Every ET 200iSP consists of a power supply module, an interface module and a maximum of 32 electronic modules (for example digital electronics modules). Remember not to exceed the maximum current consumption. Terminal modules and electronic modules In principle, the ET 200iSP distributed I/O station consists of various passive terminal modules onto which you plug the power supply and the electronic modules. The ET 200iSP is connected to PROFIBUS RS 485-IS by means of a connector on terminal module TM-IM/EM. Every ET 200iSP is a DP slave on the PROFIBUS RS 485IS. DP master All ET 200iSP modules support communication with DP masters that are compliant with IEC 61784-1:2002 Ed1 CP 3/1 and operate with "DP" transmission protocol (DP stands for distributed peripherals or distributed I/O). 1786 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Documentation on ET 200iSP (http://support.automation.siemens.com/WW/view/de/ 28930789/0/en) Assigning the channel and IEEE tag Properties Analog electronic modules 4 AI I 2WIRE/HART, 4 AI I 4WIRE/ HART and 4 AO I HART support up to four IEEE tags. The process input image (PII) provides up to 20 bytes per module for the IEEE tags. Thus, four blocks of 5 bytes each are available for the four IEEE tags within the PII. Requirements The HART field device must support the assigned number of IEEE tags. WinCC Advanced V14 System Manual, 10/2016 1787 Editing devices and networks 10.1 Configuring devices and networks Assigning IEEE tags You assign the IEEE tags of the field devices to any one of the four blocks in the PII. IL[HGDVVLJQPHQWRIDQDORJYDOXHVLQWKH3,, DQ\DVVLJQPHQWRI,(((YDULDEOHVLQWKH3,, 3,,RID+$57LQSXW PRGXOHZLWKFRQILJXUD WLRQ: ,%[ ,%[ ,%[ ,%[ ,%[ ,%[ ,%[ ,%[ $QDORJ YDOXH $QDORJ YDOXH $QDORJ YDOXH $QDORJ YDOXH 6HFRQGDU\YDOXH ,%[ ,((( ,%[ YDULDEOH ,%[ IURP ,%[ FKDQQHO ,%[ 6HFRQGDU\YDOXH ,%[ ,((( ,%[ YDULDEOH ,%[ IURP ,%[ FKDQQHO ,%[ 6HFRQGDU\YDOXH ,%[ ,((( ,%[ YDULDEOH ,%[ IURP ,%[ FKDQQHO ,%[ 6HFRQGDU\YDOXH ,%[ ,((( ,%[ YDULDEOH ,%[ IURP ,%[ FKDQQHO ,%[ HJ+$57 LQSXWPRGXOH +$57ILHOGGHYLFHRQFKDQQHO $QDORJYDOXH FRUUHVSRQGVWR+9 ,(((YDULDEOH +9 ,(((YDULDEOH ,(((YDULDEOH ,(((YDULDEOH +$57ILHOGGHYLFHRQFKDQQHO $QDORJYDOXH FRUUHVSRQGVWR+9 ,(((YDULDEOH +9 ,(((YDULDEOH ,(((YDULDEOH ,(((YDULDEOH +$57ILHOGGHYLFHRQFKDQQHO $QDORJYDOXH FRUUHVSRQGVWR+9 ,(((YDULDEOH +9 ,(((YDULDEOH ,(((YDULDEOH ,(((YDULDEOH +$57ILHOGGHYLFHRQFKDQQHO $QDORJYDOXH FRUUHVSRQGVWR+9 ,(((YDULDEOH +9 ,(((YDULDEOH ,(((YDULDEOH ,(((YDULDEOH +9 PDLQYDULDEOH See also Documentation on ET 200iSP (http://support.automation.siemens.com/WW/view/de/ 28930789/0/en) 1788 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assigning parameters to reference junctions for thermocouples Compensation of the reference junction temperature There are various ways of obtaining the reference junction temperature in order to get an absolute temperature value from the temperature difference between the reference junction and the measuring point. Table 10-174 Compensation of the reference junction temperature Option Explanation Reference junction parameters No compensation You record not only the temperature of the measurement point. The tempera ture of the reference junction (transition from Cu line to thermocouple line) also affects the thermo-electromotive force. The measured value then includes an error. None Use of a Pt100 Cli matic Range resist ance thermometer to record the reference junction temperature (best method) You can record the reference junction temperature using a resistance ther mometer (Pt100 Climatic Range). If par ameterized accordingly, this tempera ture value is distributed to the 4 AI TC modules in the ET 200iSP where it is off set against the temperature value ob tained at the measuring location. The parameter assignment of the IM 152 and the 4 AI TC must be coordi nated: Number of reference junctions: 2 4 AI RTD assigned parameters for Pt100 climatic range in correct slot; 4 AI TC: Reference junction : "yes"; select reference junction number "1" or "2" IM 152-1:Assignment of the reference junction to a slot with 4 AI RTD; channel selection; Internal compensa tion 4 AI TC The TC sensor module (temperature 4 AI TC: Reference junction sensor) is mounted onto the terminals of number "internal" terminal module EM 4 AI TC. The tem perature sensor reports the temperature of the terminals to the 4 AI TC. This value is then calculated together with the measured value from the channel of the electronic module. Compensation by means of a resistance thermometer at the 4 AI RTD If thermocouples that are connected to the inputs of the 4 AI RTD have the same reference junction, compensate by means of a 4 AI RTD. For both channels of the 4 AI TC module, you can select "1", "2" or "internal" as the reference junction number. If you select "1" or "2", the same reference junction (RTD channel) is always used for all four channels. WinCC Advanced V14 System Manual, 10/2016 1789 Editing devices and networks 10.1 Configuring devices and networks Setting parameters for the reference junction You set the reference junctions for the 4 AI TC electronic modules by means of the following parameters: Table 10-175 Reference junction parameters Parameter Module Range of values Explanation Slot reference junction 1 to slot 2 IM 152 none, 4 to 35 With this parameter, you can assign up to 2 slots (none, 4 to 35), on which the channels for reference temperature measurement (cal culating the compensation value) are loca ted. Input reference junction 1 to 4 in IM 152 put reference junction RTD on channel 0 This parameter allows you to set the channel (0/1/2/3) for measuring the reference tem perature (calculation of the compensation value) for the assigned slot. RTD on channel 1 RTD on channel 2 RTD on channel 3 Reference junction E0 to refer ence junction E3 4 AI TC Reference junction number 4 AI TC None yes 1 2 Internal This parameter allows you to enable the use of the reference junction. This parameter allows you to assign the ref erence junction (1, 2) that contains the refer ence temperature (compensation value). See also Documentation on ET 200iSP (http://support.automation.siemens.com/WW/view/de/ 28930789/0/en) Fundamentals of Time Stamping Properties Time stamping is possible with the IM 152 in customer applications using FB 62 (FB TIMESTMP). Principle of operation A modified input signal is assigned a time stamp and stored in a buffer (data record). If time stamped signals exists or a data record is full, a hardware interrupt is generated to the DP master. The buffer is evaluated with "Read data record". Special messages are generated for events that influence the time stamping (communication with the DP master interrupted, frame failure of time master, ...). 1790 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter Assignment With the parameter assignment you define which IM 152 user data will be monitored. For the time stamping these are digital inputs that are monitoring for signal changes. Parameter Setting Description Time stamping disabled Activate the time staming for the channels of the electronics module 8 DI NAMUR. enabled Edge evaluation incom rising edge ing event falling edge Determine the type of signal change that will be time-stamped. Counting Count properties Counting functions The 8 DI NAMUR electronics module has configurable counting functions: 2 x 16-bit up counters (standard counting function) or 2 x 16-bit down counters (standard counting function) or 1 x 32-bit down counter (cascading counter function) Setting a setpoint with the PIQ GATE function You can configure the control signals of the counters: - Configuration channel 0..1: "Counter", channel 2..7: "DI": Two counters are configured. The control signals of the counters are stored in the PIQ (process image output). - Configuration channel 0..1: "Counter", channel 2..7: "Control": Two counters are configured. The control signals of the counters are stored in the PIQ (process image output). They are also controlled by the digital inputs of the 8 DI NAMUR. See also Principle of operation (Page 1791) Configuring counters (Page 1794) Assigning parameters to counters (Page 1796) Principle of operation 16-bit up counters (standard counting function) The counting range is 0 to 65,535. WinCC Advanced V14 System Manual, 10/2016 1791 Editing devices and networks 10.1 Configuring devices and networks With each count pulse at the digital input, the count is incremented by 1. Once the count limit is reached, the counter is reset to 0 and it counts up again from this value. If there is counter overflow, the corresponding output is set in the PII. A positive edge of the Reset output control signal resets the output in the PII. This does not affect the current count value. In 16-bit up counting operations, the system does not set any outputs in the PIQ. These are always reset. The positive edge of the Reset counter control signal sets the counter to 0 and resets the set counter output. The GATE control signal pauses the counting on a positive edge. Count pulses are processed at the digital input again, but only at the negative edge. The Reset counter control signal is also effective when GATE is active. $FWXDOYDOXHRIWKHFRXQWHU &RXQWLQJOLPLW &RXQWHURXWSXWLQ 3,, &RQWUROVLJQDO5HVHW RXWSXW &RQWUROVLJQDO5HVHW FRXQWHU &RQWUROVLJQDO *$7( 3XOVHVDWGLJLWDO LQSXW 7LPH 7LPH 7LPH 7LPH 7LPH 7LPH 16-bit down counters (periodic counting function) The maximum counting range is always 65,535 to 0. When the counter is started, the actual value is set to the selected setpoint. Each counted pulse reduced the actual value by 1. Once the actual value reaches 0, the corresponding output in the PII is turned on and the actual value is set to the selected setpoint. The counter then counts down from this value. The positive edge of the Reset counter control signal resets the selected setpoint and the corresponding output in the PII. A positive edge of the Reset output control signal resets the output in the PII. This does not affect the current count value. 1792 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The GATE control signal pauses the counting on a positive edge. At the same time, the assigned output in the PII is reset. Count pulses are processed at the digital input again, but only at the negative edge. The Reset output and Reset counter control signals are also effective when GATE is active. The setpoint of the counter is set and changed using the PIQ. The setpoint is adopted on a positive edge of the Reset counter control signal or when the counter has reached zero. $FWXDOYDOXHRIWKH FRXQWHU 6SHFLILHGYDOXH &RXQWHURXWSXW LQ3,, &RQWUROVLJQDO 5HVHWRXWSXW &RQWUROVLJQDO 5HVHWFRXQWHU &RQWUROVLJQDO *$7( 3XOVHVDW GLJLWDOLQSXW 7LPH 7LPH 7LPH 7LPH 7LPH 7LPH 32-bit down counter (cascading counter function) The maximum counting range is always 4294967295 to 0. The principle of operation is identical to that of the 16-bit down counter. Channel 1 has no function. See also Count properties (Page 1791) WinCC Advanced V14 System Manual, 10/2016 1793 Editing devices and networks 10.1 Configuring devices and networks Configuring counters Procedure 1. Using the mouse, pull module 8 DI Namur from the hardware catalog into distributed I/O station ET 200iSP. 2. Select the required configuration (channel 0..1: "Counter", channel 2..7: "DI" or "Control"). In the module properties (inspector window), you can find this setting under "Parameters > Inputs > Configuration". Configuration channel 0..1: "Counter", channel 2..7: "DI" Assignment of the digital inputs on the electronic module 8 DI NAMUR Table 10-176 Assignment of digital inputs for channel 0..1: "Counter", channel 2..7: "DI": 1794 Digital input Terminal Assignment Channel 0 1, 2 Counter 1 Channel 1 5, 6 Counter 2 (does not apply to 32-bit down counters) Channel 2 9, 10 Digital input 2 Channel 3 13, 14 Digital input 3 Channel 4 3, 4 Digital input 4 Channel 5 7, 8 Digital input 5 Channel 6 11, 12 Digital input 6 Channel 7 15, 16 Digital input 7 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assignment of the process image input (PII) (%[ (%[ (%[ (%[ %LWVWR $FWXDOYDOXHRIFRXQWHU %LWVWR %LWVWR %LWVWR $FWXDOYDOXHRIFRXQWHU %LWVWR %LWVWR %LWVWR %LWVWR 6HWSRLQWFRXQWHU ELW GRZQFRXQWHU (%[ &RXQWHURXWSXW &RXQWHURXWSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 6IRUPDW (%[ (%[ 1RWDVVLJQHG 9DOXHVWDWXVIRUFKDQQHOVWR %,QSXWVLJQDOLVYDOLG %,QSXWVLJQDOLVLQYDOLG Assignment of the process image output (PIQ) $%[ $%[ $%[ $%[ %LWVWR 6SHFLILHGYDOXHRIFRXQWHU %LWVWR %LWVWR 6SHFLILHGYDOXHRIFRXQWHU %LWVWR %LWVWR %LWVWR %LWVWR %LWVWR 6HWSRLQWFRXQWHU ELW GRZQFRXQWHU $%[ 1RWDVVLJQHG 1RWDVVLJQHG &RQWUROVLJQDO*$7( &RQWUROVLJQDO*$7( &RQWUROVLJQDO5HVHWFRXQWHU &RQWUROVLJQDO5HVHWFRXQWHU &RQWUROVLJQDO5HVHWFRXQWHURXWSXW &RQWUROVLJQDO5HVHWFRXQWHURXWSXW Configuration channel 0..1: "Counter", channel 2..7: "CONTROL" With this configuration, you can also control the counters over the digital inputs. Assignment of the digital inputs on electronic module 8 DI NAMUR For further information on input assignments, refer to the technical data for electronic module 8 DI NAMUR. WinCC Advanced V14 System Manual, 10/2016 1795 Editing devices and networks 10.1 Configuring devices and networks Table 10-177 Assignment of the digital inputs for 2 Count/ 6 Control Digital input Terminal Assignment Channel 0 1, 2 Counter 1 Channel 1 5, 6 Counter 2 (does not apply to 32-bit down counters) Channel 2 9, 10 control signal GATE 1 Channel 3 13, 14 control signal GATE 2 Channel 4 3, 4 control signal Reset counter 1 Channel 5 7, 8 control signal Reset counter 2 Channel 6 11, 12 control signal Reset counter output 1 Channel 7 15, 16 control signal Reset counter output 2 Assignment of the process image input (PII) Assignment is identical to configuration 0..1: "Counter", channel 2..7: "DI". Assignment of the process image output (PIQ) Assignment is identical to configuration 0..1: "Counter", channel 2..7: "DI". See also Count properties (Page 1791) Assigning parameters to counters Parameters for the counting function Only those parameters that are relevant for the counters are explained below. These belong to the parameters of electronic module 8 DI NAMUR and depend on the selected configuration: Table 10-178 Parameters for the counters Parameter Setting Description Sensor type counter in puts Channel disabled Select the sensor for the respective counter of channels 0 or 1. NAMUR sensor Single contact, no load resistance Mode for counter 1 Standard counting function Select the mode for counter 1. Periodic counting function Cascaded counting function Mode for counter 2 Standard counting function Periodic counting function Cascaded counting function Select the mode for counter 2. This parameter is not relevant if you have set the "Mode for counter 1" parame ter to "Cascaded counter function". See also Count properties (Page 1791) 1796 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Frequency measurement Frequency measurement properties Properties The electronic module 8 DI NAMUR allows the frequencies to be measured on channel 0 and 1: 2 frequency meters from 1 Hz to 5 kHz Configurable metering window (GATE) The signals of the frequency meter are read in by means of the digital inputs of the electronic module. See also Principle of operation (Page 1797) Configuring frequency meters (Page 1798) Assigning parameters for the frequency meters (Page 1800) Principle of operation Frequency measurement The signal frequencies are identified from the input signals of channel 0 or 1 of the electronic module. To calculate the frequency the signals are measured within a configurable gate. The frequency is displayed as 16-bit value in fixed-point format and transferred to the PII. The frequency meter calculates the frequency according to the follow formula: )UHTXHQF\>+]@ 1XPEHURIULVLQJHGJHVDWGLJLWDOLQSXW 0HDVXULQJZLQGRZ>V@ Exceeding the input frequency If the input frequency exceeds 5kHz, 7FFFH is reported as actual value. If the input frequency is above approx. 8 kHz it is no longer possible to display correct actual values. See also Frequency measurement properties (Page 1797) WinCC Advanced V14 System Manual, 10/2016 1797 Editing devices and networks 10.1 Configuring devices and networks Configuring frequency meters Procedure 1. Using the mouse, pull module 8 DI Namur from the hardware catalog into distributed I/O station ET 200iSP. 2. Select the required configuration (channel 0..1: "Trace", channel 2..7: "DI"). In the module properties (inspector window), you can find this setting under "Parameters > Inputs > Configuration". Configuration 0..1: "Trace", channel 2..7: "DI" Assignment of the digital inputs on electronic module 8 DI NAMUR Digital input Terminal Assignment Channel 0 1, 2 Frequency counter 1 Channel 1 5, 6 Frequency counter 2 Channel 2 9, 10 Digital input 2 Channel 3 13, 14 Digital input 3 Channel 4 3, 4 Digital input 4 Channel 5 7, 8 Digital input 5 Channel 6 11, 12 Digital input 6 Channel 7 15, 16 Digital input 7 Assignment of process image input (PII) for configuration of channel 0..1: "Trace", channel 2..7: "DI" 1798 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks (%[ (%[ (%[ (%[ (%[ %LWVWR %LWVWR %LWVWR %LWVWR )UHTXHQF\PHWHU )UHTXHQF\PHWHU 1RWDVVLJQHG 1RWDVVLJQHG 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 'LJLWDOLQSXW 6IRUPDW (%[ (%[ 1RWDVVLJQHG 9DOXHVWDWXVIRUFKDQQHOVWR %,QSXWVLJQDOLVYDOLG %,QSXWVLJQDOLVLQYDOLG Assignment of the process image output (PIQ): The PIQ is not assigned. See also Frequency measurement properties (Page 1797) WinCC Advanced V14 System Manual, 10/2016 1799 Editing devices and networks 10.1 Configuring devices and networks Assigning parameters for the frequency meters Parameters for frequency meter Only those parameters that are relevant for the frequency meters are explained below. These are part of the parameters of electronic module 8 DI NAMUR. Table 10-179 Parameters for the frequency meters Parameter Setting Description Sensor type frequency inputs Channel disabled Select the sensor for the relevant frequency meter for channel 0 or 1. NAMUR sensor Single contact, no load resistance Measuring window (GATE) 50 ms 200 ms 1s Select the required measuring window for channel 0 or 1. To achieve the highest possible accuracy when metering frequencies, remember the following rules: High frequencies (> 4 kHz): Set a low measuring window (50 ms) Variable/medium frequencies: set medium measuring window (200 ms) Low frequencies (< 1 kHz): Set a high measuring window (1 s) See also Frequency measurement properties (Page 1797) ET 200eco PN ET 200eco PN Distributed I/O Device Definition The ET 200eco PN distributed I/O device is a compact PROFINET IO device in degree of protection IP 65/66 or IP 67 and UL Enclosure Type 4x, Indoor use only. 1800 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Field of application The fields of application of the ET 200eco PN are derived from its special properties. A robust design and degree of protection IP 65/66 or IP 67 make the ET 200eco PN distributed I/O device suitable in particular for use in rugged industrial environments. The compact design of the ET 200eco PN is particularly favorable for applications in confined areas. The easy handling of ET 200eco PN facilitates efficient commissioning and maintenance. Properties The ET 200eco PN has the following properties: Integrated switch with 2 ports Supported Ethernet services: - ping - arp - Network diagnostics (SNMP) - LLDP Interrupts - Diagnostics interrupts - Maintenance interrupts Port diagnostics Isochronous real-time communication Prioritized startup Device replacement without programming device Media redundancy Connection to intelligent sensors/actuators via IO link master interface module. IO Controller The ET 200eco PN can communicate with all IO Controllers that conform to IEC 61158. ET 200eco PN can be configured on a CPU with advanced diagnostics. See also Documentation on ET 200eco PN (http://support.automation.siemens.com/WW/view/en/ 29999018) WinCC Advanced V14 System Manual, 10/2016 1801 Editing devices and networks 10.1 Configuring devices and networks Parameter description analog input Group diagnostics You can generally enable and disable the diagnostics function of the device with this parameter. The "Fault" and "Parameter assignment error" diagnostics functions are always independent of the group diagnostics. Diagnostics, missing 1L+ If you enable this parameter, the check for missing supply voltage is enabled. Diagnostics, sensor supply short circuit If you enable this parameter, a diagnostics event is generated if a short-circuit of the sensor supply to ground is detected and the channel is enabled. The sensor supply is monitored for connectors X1, X3, X5 and X7. It is not possible to differentiate which connector has experienced the sensor short circuit. Interference frequency suppression With this parameter, you set the integration time of the device, based on the selected interference frequency. Select the frequency of the supply voltage used. Interference frequency suppression Off means 500 Hz, which corresponds to an integration time of 2 ms for a measurement channel. Temperature unit Specify the unit of the temperature measurement here. Measurement type (channel-wise) With this parameter, you set the measurement type, for example, voltage. For any unused channels, you must select the disabled setting. For a disabled channel, the conversion time and integration time of the channel = 0 s and the cycle time is optimized. Measuring range With this parameter, you set the measuring range of the selected measurement type. Temperature coefficient (for RTD, thermoresistor) The correction factor for the temperature coefficients (-value) indicates by what extent the resistance of specific material changes relatively if the temperature increases by 1 . The -values conform to EN 60751, GOST 6651, JIS C 1604 and ASTM E-1137. The temperature coefficient depends on the chemical composition of the material. 1802 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Smoothing Smoothing of the analog values produces a stable analog signal for further processing. The smoothing of analog values is useful when handling wanted signals (measured values) with a slow rate of change, for example, temperature measurements. The measured values are smoothed by digital filtering. To achieve smoothing, the device generates a mean value from a specified number of converted (digitized) analog values. You assign a maximum of four levels for the smoothing (none, weak, medium, strong). The level determines the number of module cycles, from which the mean value is generated. The stronger the smoothing, the more stable the smoothed analog value and the longer it takes until the smoothed analog value is applied following a signal change (see the example below). The figure below shows the number of cycles a module requires to apply the smoothed analog value at almost 100% after a step response, based on the smoothing function settings. The figure applies to all signal changes at the analog input. The smoothing value defines the number of cycles a module requires to reach 63% of the end value of the changed signal. 6LJQDO FKDQJH [ [ [ 0RGXOHF\FOHV Smoothing, weak Smoothing, medium Smoothing, strong Diagnostics, wire break When this parameter is enabled, the Wire break diagnostics event is generated when a wire break is detected. WinCC Advanced V14 System Manual, 10/2016 1803 Editing devices and networks 10.1 Configuring devices and networks Observe the rules outlined below to handle a wire break in the 1 to 5 V and 4 to 20 mA measuring ranges: Parameter Enable wire break1 Wire break disabled 1 Event Measured val Explanation ue Wire break 7FFFH Diagnostics, wire break Wire break 8000H Measured value after leaving the under range Underflow enabled Wire break disabled1 Diagnostic message Lower limit value un dershot Wire break Underflow disabled 1 8000H Measured value after leaving the under range Measuring range limits for wire break detection and measuring range undershoot detection: 1 to 5 V: At 0.296 V 4 to 20 mA: At 1.185 mA Diagnostics, underflow If you enable this parameter, the Underflow diagnostics event is generated when the measured value reaches the underflow range. Diagnostics, overflow If you enable this parameter, the Overflow diagnostics event is generated when the measured value reaches the overflow range. Reference junction for thermoresistor (TC) A difference in temperature between the measuring point and the free ends of the thermocouple (terminal point) generates a voltage between the free ends, namely the thermoelectric voltage. The value of this thermoelectric voltage is determined by the temperature difference between the measuring point and the free ends and by the type of material combination of the thermocouple. Since a thermocouple always measures a temperature difference, the free ends at the reference junction must be maintained at a known temperature in order to determine the temperature of the measuring point. If you specify Internal compensation, the temperature of the measuring point in the housing of the I/O device is measured. With the External compensation setting, you can connect a compensation box in series in order to increase the accuracy of the temperature measurement. Parameter description analog output Group diagnostics You can generally enable and disable the diagnostics function of the device with this parameter. The "Fault" and "Parameter assignment error" diagnostics functions are always independent of the group diagnostics. 1804 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Diagnostics, missing 1L+ If you enable this parameter, the check for missing supply voltage is enabled. Diagnostics, sensor supply short circuit When this parameter is enabled, the system generates a diagnostics event if it detects a shortcircuit of the sensor supply to ground. This diagnostics function is activated when the group diagnostics function is enabled. Response to CPU/Master STOP Select how the module's outputs will respond to a CPU STOP: Shut down The I/O device goes to the safe state. The process image output is deleted (=0). Keep last value The I/O device retains the last value to be output before STOP. Substitute value The I/O device outputs the value for the channel set beforehand. Note Make sure that the plant is always in a safe state if "Keep last value" is selected. Type of output With this parameter, you set the output type, for example, voltage. For any unused channels, select the disabled setting. For a disabled channel, the conversion time and integration time of the channel = 0 s, and the cycle time is optimized. Output range With this parameter, you set the output range of the selected output type. Diagnostics, wire break (in current mode) When this parameter is enabled, the Wire break diagnostics event is generated when a wire break is detected. This diagnostics event cannot be detected in the zero range. Diagnostics, short circuit (in voltage mode) If you enable this parameter, a diagnostics event is generated in the event of a short circuit in the output line. This diagnostics event cannot be detected in the zero range. Diagnostics, overload If you enable this parameter, the diagnostics event is generated in the event of an overload. WinCC Advanced V14 System Manual, 10/2016 1805 Editing devices and networks 10.1 Configuring devices and networks Substitute values With this parameter, you enter a substitute value that the module is to output in CPU-STOP mode. The substitute value must be in the nominal range, overrange, or underrange. ET 200SP ET 200SP distributed I/O system Definition The ET 200SP distributed I/O system is a scalable, highly flexible distributed I/O system for connection of process signals to a central controller via a field bus. Application area The ET 200SP is a multi-functional distributed I/O system for various fields of application. The scalable design allows you to configure the system exactly to the specific requirements on location. The ET 200SP is approved for degree of protection IP 20 and for installation in a control cabinet. Structure The ET 200SP is mounted on a mounting rail and comprises: An interface module which can communicate with all IO controllers that conform to the PROFINET standard IEC 61158 Up to 32 I/O modules which can be inserted on passive BaseUnits in any combination A server module that completes the design of the ET 200SP. ET 200SP with own CPU module ET 200SP with own CPU The ET 200SP can be equipped with its own CPU, for example with the CPU 1510SP-1 PN or CPU 1512SP-1 PN. You can connect up to 65 modules of the S7-1500 automation system to this CPU. Note the configuration rules of the ET 200SP (http://support.automation.siemens.com/WW/ view/en/58649293). 1806 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Interface module parameters Status bytes Status bytes If you enable the "Status bytes" option, 4 bytes of input data are reserved for the status of the supply voltage of each I/O module. %\WH %\WH %\WH %\WH ,2PRGXOHVORWV %LW %LW /RDGYROWDJHPLVVLQJRU,2PRGXOHQRW SUHVHQW /RDGYROWDJHDQG,2PRGXOHSUHVHQW Note An inserted or missing server module always reports for the slot bit = 0. Group diagnostics, missing supply voltage L+ Group diagnostics, missing supply voltage L+ This diagnostics is a group diagnostics that covers the supply voltage status of all I/O modules of a potential group which are defined by BaseUnits with incoming power supply (light-colored BaseUnit BU...D). The group diagnostics is formed from the states of the supply voltage of the inserted I/O modules within the potential group. The group diagnostics does not depend on the "Missing supply voltage L+" parameter of the I/O modules being enabled. The server module does not influence the missing supply voltage L+ group diagnostics. Requirements for the correct operation of the group diagnostics for missing supply voltage L+: I/O modules or BU covers must be inserted on the light-colored and dark-colored BaseUnits. If no I/O module is inserted on a light-colored BaseUnit, the start of this potential group will not be detected by the interface module; the I/O modules of this potential group will thus belong to the previous potential group. A supply voltage L+ group error will then be assigned to the wrong potential group. When an I/O module is inserted on the light-colored BaseUnit, the interface module detects the new potential group, re-evaluates the status, and reports a new group diagnostics in the case of an error. The server module must be inserted. The server module itself does not influence the missing supply voltage L+ group diagnostics. WinCC Advanced V14 System Manual, 10/2016 1807 Editing devices and networks 10.1 Configuring devices and networks Configuration control with ET 200SP Operating principle Configuration control allows you to operate various real configurations (options) with a single configuration of the distributed I/O device ET 200SP. Configuration control provides you with the option of configuring the ET 200SP distributed I/ O device with its maximum configuration and nevertheless operating it with missing modules. If missing modules are retrofitted later, no new configuration is required and the hardware configuration does not have to be reloaded either. Using control data record 196, which is transferred to the interface module in the user program, you define a current preset configuration. The configured module is not present on a slot. - A BU cover can be inserted in this slot instead of the configured I/O module. As there is no configured module on the slot, the term "Configuration control with empty slots" is also used. - The module that is configured to the right of the missing module can be inserted on this slot instead of the configured module. The missing module makes the actual configuration appear pushed together. As the configured module is missing but no gap arises in the configuration, this is also referred to as a "Configuration without empty slots". The configuration is extended by an already configured module. - In the case of configuration control with empty spaces, you extend the configuration by inserting the configured module on the corresponding empty slot. - In the case of configuration control without empty spaces, insert the configured module on the right-hand side next to the last module of the ET 200SP. Requirement The CPU startup parameter "Compare preset to actual configuration" is set to Startup even if mismatch (default setting). This setting is also selected for the startup parameters of the individual modules of the ET 200SP. Enabling configuration control In the properties of the interface module under Module parameters > General > Configuration control, select "Enable reconfiguration of device via user program". This activates configuration control. Control data record 196 for ET 200SP The figure below shows the data block 196 for the configuration control of an ET 200SP with four modules. The value "12" is in the "block_length" element. 1808 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If you configure an ET 200SP in STEP 7 with more modules, the data block will be longer. The data record for the maximum configuration with 65 modules is 134 bytes long (configuration with PN interface module). There are two bytes in the data record for each module. The positions of these two bytes in the data record each code a module in the original configuration with STEP 7: "slot_1" and "info_slot_1" (bytes 4 and 5 in the data record, see figure below) correspond to the module in slot 1 in configuration with STEP 7. "slot_2" and "info_slot_2" (bytes 6 and 7) correspond to the module in slot 2 in configuration with STEP 7. "slot_3" and "info_slot_3" (bytes 8 and 9) correspond to the module in slot 3 in configuration with STEP 7. etc. "slot_x" byte The current slot is coded by the figure that is assigned to "slot_x" (by its value). Examples: The value "1" in byte 4 means you are assigning the module originally inserted in slot 1 to slot 1 in the current configuration (slot_1 = 1). The value "2" in byte 4 means you are assigning the module originally inserted in slot 1 to slot 2 in the current configuration (slot_1 = 2). The value "3" in byte 4 means you are assigning the module originally inserted in slot 1 to slot 3 in the current configuration (slot_1 = 3). etc. The value "1" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 1 in the current configuration (slot_2 = 1). The value "2" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 2 in the current configuration (slot_2 = 2). The value "3" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 3 in the current configuration (slot_2 = 3). etc. If a BU cover can be inserted instead of a module, code this by adding 128 to the slot (bit 7 of the "slot_x" byte is set). Examples: The value "129" in slot_1 means you are also assigning the module originally inserted in slot 1 to slot 1 in the current configuration. A BU cover can also be used instead of this module. In the real plant configuration, either the module or a BU cover is inserted. The value "130" in slot_1 means you are assigning the module originally inserted in slot 1 to slot 2 in the current configuration. A BU cover can also be used instead of this module. In the real plant configuration, either the module or a BU cover is inserted. The value "131" in slot_1 means you are assigning the module originally inserted in slot 1 to slot 3 in the current configuration. A BU cover can also be used instead of this module. In the real plant configuration, either the module or a BU cover is inserted. "info_slot_x" byte WinCC Advanced V14 System Manual, 10/2016 1809 Editing devices and networks 10.1 Configuring devices and networks If a new potential group is opened with the module, assign the "info_slot_x" byte the value 1 (bit 0 of the byte is set). Examples: The value "1" in the "info_slot_2" byte means that a new potential group is opened with module 2. The value "1" in the "info_slot_3" byte means that a new potential group is opened with module 3. The value "1" in the "info_slot_4" byte means that a new potential group is opened with module 4. Exception: A new potential group is automatically assigned to the first module in the original configuration in STEP 7. This is not coded in the data record. You can enter any value in "info_slot_1". You can choose any name for the components of the control data record (for example "slot_1"). Example of control data record 196 for ET 200SP The figure below shows control data record 196 for an ET 200SP with four modules. The module inserted in slot 2 in the configuration in STEP 7 can also be inserted in slot 2 in this configuration. It can also be inserted in slot 2 of a BU cover. Otherwise, nothing has changed compared to the original configuration. Addressing the interface module using the HW identifier To transfer data record 196 with the instruction WRREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Readback data record 197 for ET 200SP Readback data record 197 is used to read the actual configuration of a station (in this case, of an ET 200SP). 1810 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks This readback data record allows you to check the real configuration of the ET 200SP (actual configuration). The readback data record for each configured module specifies whether or not it is actually available. The value "1" means that the correct module is inserted in the correct slot. The value "0" codes all other possibilities (wrong module, empty slot, BU cover). Configuration details: The configuration of the data block corresponds to the original configuration of the ET 200SP with STEP 7. There are two bytes in the data record for each module. The position of these two bytes in the data record corresponds to the position of a module in the original configuration with STEP 7. Sequence of bytes: "status_slot_1" and "reserve_1" (bytes 4 and 5 in the data record) correspond to the module in slot 1 in the configuration, "status_slot_2" and "reserve_2" (bytes 6 and 7) correspond to the module in slot 2 in the configuration "status_slot_3" and "reserve_3" (bytes 8 and 9) correspond to the module in slot 3 in the configuration, etc. Example The original configuration in STEP 7 has been changed by a control data record 196 (see example above): In the modified configuration, module 2 can either be inserted in slot 2 or be replaced by a BU cover. The figure below shows readback data record 197 which ET 200SP outputs to indicate that there is a module in slot 2: The "status_slot_2" byte has the value "1". The other modules are also available and are inserted in the correct slots. The figure below displays the readback data record 197 which ET 200SP outputs to indicate that a BU cover is being used in slot 2: The "status_slot_2" byte has the value "0". The other modules are available and are inserted in the correct slots. WinCC Advanced V14 System Manual, 10/2016 1811 Editing devices and networks 10.1 Configuring devices and networks Reading readback data record 197 You can read readback data record 197 from the ET 200SP with the instruction RDREC. RDREC operates asynchronously. If you call RDREC in the startup OB, you must call the instruction multiple times using a loop until the "BUSY" or "DONE" output parameter indicates that the data record has been read. To read data record 197 with the instruction RDREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Additional information and examples Specific examples of configuration control can be found in this application description (http:// support.automation.siemens.com/WW/view/en/29430270). Further information on ET 200SP can be found in the manuals IM 155-6 PN (http:// support.automation.siemens.com/WW/view/en/73184046) and IM 155-6 DP (http:// support.automation.siemens.com/WW/view/en/73098660) You will find a library of the data records and other application examples here: Templates for the data records (http://support.automation.siemens.com/WW/view/en/ 29430270) See also Configuration control with ET 200AL (Page 1855) Configuration control for ET 200SP with integrated ET 200AL modules (Page 1813) 1812 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration control for ET 200SP with integrated ET 200AL modules ET 200SP with integrated ET 200AL modules Configuration control for ET 200SP and ET 200AL is described in separate help topics. See the links under "See also". The steps outlined also apply to configuration control of an ET 200SP with integrated AL modules. The procedure is different for control data record 196 and readback data record 197. The following help text describes control data record 196 and the readback data record 197 for an ET 200SP expanded with ET 200AL modules. Control data record 196 The two figures below show parts of control data record 196 for a configuration of an ET 200SP expanded with ET 200AL modules. This configuration is given as an example: The module "BA Send 1xFC" is in slot 1 "slot_1". This module allows you to integrate ET 200AL modules into an ET 200SP. In our configuration example, 16 AL modules are connected to the BA-Send (maximum configuration). If a BA-Send is being used, this module must be inserted in slot 1. All slots from 2 to 64 are assigned ET 200SP modules. A server module is inserted in slot 65. There are 16 AL modules in slots 66 to 81. The ET 200SP with integrated AL modules, originally configured with STEP 7, is now to be reconfigured from the user program. The new configuration has the following properties: The "BA Send 1xFC" module is inserted in "slot_1_BA-Send" (fixed setting). Module 2 "slot_2" is not available in the modified configuration (value "0"). Module 3 "slot_3" is in slot 2 in the modified configuration (value "2"). Module 4 "slot_4" is in slot 3 in the modified configuration (value "3"). All modules from slot 5 to slot 81 are operated in the original configuration with STEP 7. WinCC Advanced V14 System Manual, 10/2016 1813 Editing devices and networks 10.1 Configuring devices and networks The components of control data record 196 (figure above): block_length: Note the length of the control data record here; in the example: 166 (bytes). The length of the control data block is calculated using the formula "2 x number of slots + 4". block_ID: Enter the figure 196 here. version: The ET 200SP uses version 2 of control data record 196. subversion: The ET 200SP uses subversion 0 of control data record 196. 1814 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The components of control data record 196 (figure above): slot_65_SP: This byte relates to the server module in the ET 200SP rack. It ends the backplane bus of the ET 200SP. From "slot_66_AL" come the 16 configured ET 200AL modules: Our configuration example does not change the configuration with STEP 7. The byte "slot_66_AL" has the value "66", the byte "slot_67_AL" has the value "67", the byte "slot_68_AL" has the value "68", etc. Definition of control data record 196 A control data record 196 containing a slot assignment is defined for configuration control. Byte Component Value Description 0 block_length e.g. 166 for maxi mum configuration with The length of the data record is calculated using the formula: 4 + "number of modules" x 2 Header 65 ET-200SP mod ules and 16 ET 200AL mod ules (with DP interface module, maximum of 33 ET 200SP modules and 16 ET 200AL modules) 1 Block ID 196 ID for control data record 196 2 version 2 Version 2 of control data record 196 3 subversion 0 Subversion 0 of control data re cord 196 4 slot_1_BA-Send Real slot for SP mod When AL modules are integrated ule 1 in ET 200SP, the module "BA Send 1xFC" must always be in Possible value: serted in slot 1. 1 5 WinCC Advanced V14 System Manual, 10/2016 info_slot_1_BASend 0 or 1 The value "1" means that a new potential group is opened with this module. (Not evaluated in this byte) 1st slot for SP modules Assignment for the con figured SP module 1 to a real slot 1815 Editing devices and networks 10.1 Configuring devices and networks 6 slot_2 Real slot for SP mod The configured SP module 2 can ule 2 be inserted in any real slot from 2 to slot 65 (2 to 33 for a DP in Possible values: terface module). 2 to 65 (not 66 to 81, re served for AL mod ules) 0 (if the configured module 2 is not avail able) 7 info_slot_2 1 Slots 66 to 81 are for AL modules (34 to 49 with DP interface mod ule). 2nd slot for SP modules Assignment for the con figured SP module 2 to a real slot The value "1" means that a new potential group is opened with this module. A new potential group must al ways be opened in this byte as BA-Send cannot open a new po tential group. 8 slot_3 Real slot for SP mod The configured SP module 3 can ule 3 be inserted in any real slot from 2 to slot 65 (2 to 33 for a DP in Possible values: terface module). 2 to 65 (not 66 to 81, re served for AL mod ules) 0 (if the configured module 3 is not avail able) 9 info_slot_3 1 Slots 66 to 81 are for AL modules (34 to 49 with DP interface mod ule). 3rd slot for SP modules Assignment for the con figured SP module 3 to a real slot The value "1" means that a new potential group is opened with this module. . : : : 132 slot_65 Real slot for SP mod The configured SP module 65 ule 65 can be inserted in any real slot from 2 to slot 65 (2 to 33 for a DP Possible values: interface module). 2 to 65 (not 66 to 81, re served for AL mod ules) 0 (if the configured module 65 is not available) 133 1816 info_slot_65 0 or 1 : : Slots 66 to 81 are for AL modules (34 to 49 with DP interface mod ule) 65th Slot for SP modules Assignment for the con figured SP module 65 to a real slot The value "1" means that a new potential group is opened with this module (the value is not eval uated in this slot). WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 134 slot_66 Real slot for AL mod The configured AL module 1 can 1st Slot for ule 1 be inserted in any slot from 66 to AL modules slot 81 (34 to 49 for PROFIBUS). Assignment Possible values: for the con 66 to 81 figured AL (not 1 to 65, re module 1 to served for SP mod a real slot ules) 0 (if the configured AL module 1 is not available) 135 info_slot_66 - Reserve : : : : 164 slot_81 Real slot for AL mod The configured AL module 16 ule 16 can be inserted in any slot from 66 to slot 81 (34 to 49 for DP in Possible values: terface module). 66 to 81 (not 1 to 65, re served for SP mod ules) : 16th Slot for AL modules Assignment for the con figured AL module 16 to a real slot 0 (if the configured AL module 16 is not available) 165 info_slot_81 - Reserve Rules If the "BA Send 1xFC" module is being used, it must be inserted in slot 1. ET 200SP modules are inserted in slots 2 to 65 (slots 2 to 33 for DP interface module). AL modules are inserted in slots 66 to 81 (slots 34 to 49 for DP interface module). If you expand an ET 200SP with ET 200 AL modules, the 1st AL module is always coded in bytes 134 and 135 of the control data record, the 2nd AL module in bytes 136 and 137, etc., even if not all SP slots are to be occupied by SP modules. Non-assigned SP slots are coded with the value "0". Error messages The following error messages are returned if an error occurs when writing control data record 196: Table 10-180 Error messages WinCC Advanced V14 System Manual, 10/2016 Error code Meaning 16#80A2 DP protocol error on layer 2 Indicates that a data record has not been acknowledged due to the system. 16#80B1 Invalid length; the length information in data record 196 is not correct. 16#80B5 Configuration control parameters not assigned. 1817 Editing devices and networks 10.1 Configuring devices and networks Error code Meaning 16#80B2 Invalid slot: The configured slot is not assigned. 16#80B8 Parameter error; module signals invalid parameters. 16#80C5 DP slave or module not available. Indicates that a data record has not been acknowledged due to the system. Readback data record 197 for ET 200SP with AL modules The actual configuration of an ET 200SP with AL modules can be checked with readback data record 197. Data record 197 largely corresponds to readback data record 197 for ET 200SP without AL modules; however, it is longer as the additional AL modules also need to be coded. There are two bytes in the data record for each module. The position of these two bytes in the data record codes a module in the original configuration with STEP 7. In the figure below: The components "status_slot_1" and "reserve_1" (bytes 4 and 5 in the data record) correspond to the module in slot 1 in the configuration with STEP 7, "status_slot_2" and "reserve_slot_2" (bytes 6 and 7) correspond to the module in slot 2, "status_slot_3" and "reserve_slot_3" (bytes 8 and 9) correspond to the module in slot 3, etc. The following data record is structured for configuration with 65 SP modules and 16 AL modules. The value "166" therefore appears in the "block_length" element of the data record. If you configure an ET 200SP in STEP 7 with fewer AL modules, the data block will be shorter. If you use fewer SP modules in a configuration, this has no effect on the length of data record 197 (with an expansion of ET 200SP with ET 200AL modules). The "reserve_x" component of readback data record 197 is reserved for future applications. You can choose any name for the components of the readback data record (for example "status_slot_1"). The figure below shows the start of readback data record 197 for reading the actual configuration of an ET 200SP with AL modules. 1818 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks It does not show the components "status_slot_7" to "reserve_81" (maximum configuration of an ET 200SP with PN interface module) or "status_slot_7" to "reserve_slot_49" (maximum configuration of an ET 200SP with DP interface module). Meaning of "status_slot_x": The value "1" in status_slot_x means that module x is inserted in the correct slot The value "0" codes all other possibilities (wrong module, empty slot, BU cover). The figure below shows part of feedback data record 197 for reading the actual configuration of an ET 200SP with AL modules (and PN interface module). ET 200SP modules are inserted up to slot 65, and then the AL modules. For example, a value of "1" in the byte "status_slot_66_AL" means that the 1st AL module actually exists in the plant and is inserted in the correct slot. WinCC Advanced V14 System Manual, 10/2016 1819 Editing devices and networks 10.1 Configuring devices and networks Reading feedback data record 197 You can read the feedback data record 197 from the ET 200SP with the RDREC instruction. RDREC operates asynchronously. If you call RDREC in the startup OB, you must call the instruction multiple times using a loop until the "BUSY" or "DONE" output parameter indicates that the data record has been read. Further information and examples Specific examples of configuration control can be found in this application description (http:// support.automation.siemens.com/WW/view/en/29430270). Further information on ET 200SP can be found in the manuals for IM 155-6 PN (http:// support.automation.siemens.com/WW/view/en/73184046) and IM 155-6 DP (http:// support.automation.siemens.com/WW/view/en/73098660) Further information on ET 200AL is available here (http://support.automation.siemens.com/ WW/view/en/89254863). See also Configuration control with ET 200SP (Page 1808) Configuration control with ET 200AL (Page 1855) Expanding ET 200SP with ET 200AL modules Introduction The ET 200SP is a distributed I/O system for installation in a control cabinet. The system can be expanded with modules of the ET 200AL series with IP65/67 degree of protection. ET 200AL modules can be mounted on site, for example on a machine. Slot rules The following rules apply to the use of ET 200AL modules in an ET 200SP with interface module: The "BA-Send 1xFC" module must be inserted in slot 1 of the ET 200SP if the ET 200SP is to be expanded with ET 200AL modules. The ET 200AL modules must be configured with no gaps. The procedure detailed further on covers the use of ET 200AL modules in an ET 200SP with interface module. The following, different, rules apply to the use of ET 200AL modules in an ET 200SP with CPU: The "BA-Send 1xFC" module can be located in slots 2 to 4 of the ET 200SP CPU. A CM DP communication module can be inserted as CPU submodule, but then occupies slot 2. 1820 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Procedure Follow the steps below to configure an ET 200SP with interface module with ET 200AL modules: 1. Drag an interface module (PROFINET or PROFIBUS) from the ET 200SP series to the network view. 2. Go to the device view. You do this by clicking twice on the icon of the module you have just inserted. 3. Insert the module "BA Send 1xFC" into slot 1 of the ET 200SP. STEP 7 now generates an ET-Connection rack with 16 slots for ET 200AL modules (figure below). An ET-Connection rack is a virtual rack that sets the order of the connected ET 200AL modules. Question marks are displayed above the slots as an ET 200AL module has yet to be connected to BA-Send. WinCC Advanced V14 System Manual, 10/2016 1821 Editing devices and networks 10.1 Configuring devices and networks 4. From the hardware catalog (subfolder ET 200AL in the ET 200SP folder), select the first ET 200AL module to be connected to the ET 200SP: Drag and drop this module to the 1st slot in the ET connection rack. From this module, STEP 7 generates a line to the "BA-Send 1xFC" module and allocates the slot numbers 66 to 81 (figure below). If you configure the ET 200SP with a DP interface module, STEP 7 assigns the slot numbers 34 to 49 for the ET 200AL modules. 1822 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 5. Now drag all other ET 200AL modules into the free slots in the ET-Connection rack. STEP 7 automatically inserts the ET-Connection between the individual ET 200AL modules (green loops). In the configuration below, five ET 200AL modules are connected in series. 6. Complete the configuration of the ET 200SP: Drag all ET 200SP modules from the hardware catalog to the slots in the ET 200SP. Five ET 200SP modules are plugged in the configuration example below: The PN interface module in slot 0, the module "BA-Send 1xFC" in slot 1, one input module each in slots 2 and 3, and a server module in slot 4: WinCC Advanced V14 System Manual, 10/2016 1823 Editing devices and networks 10.1 Configuring devices and networks See also Configuration control with ET 200AL (Page 1855) ET 200AL distributed I/O system (Page 1848) Output module parameters Substitute value reaction Substitute value reaction In the ET 200SP, the substitute value reaction is executed by the IO controller per slot. 1824 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The respective output reacts according to its set substitute value reaction: "Turn off" "Output substitute value" "Keep last value" This substitute value reaction is triggered in the following cases: IO controller in STOP Controller failure (connection interruption) Firmware update Reset to factory settings More than one I/O module withdrawn simultaneously Disable the IO device Station stop - Missing server module - More than one I/O module withdrawn simultaneously - At least one I/O module is inserted on the wrong BaseUnit Note Reducing a configuration If you reduce the configuration of the ET 200SP and download the configuration to the CPU, the modules which are no longer configured but still present retain their original substitute value reaction. This applies until the supply voltage on the BaseUnit BU...D or on the interface module is turned off. Input module parameters Parameters of the digital input modules Diagnostics missing supply voltage L+ Enabling of the diagnostics for missing or insufficient supply voltage L+. WinCC Advanced V14 System Manual, 10/2016 1825 Editing devices and networks 10.1 Configuring devices and networks Diagnostics short-circuit to ground Enabling of the diagnostics if a short-circuit of the actuator supply to ground occurs. 0 / 1826 Encoder supply Short-circuit WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Diagnostics short-circuit to L+ Enabling of the diagnostics if a short-circuit of the encoder supply to L+ occurs. 0 / Encoder supply Short-circuit Diagnostics wire break Enabling diagnostics if the line to the encoder is interrupted. Operating mode Determines whether a channel is enabled or disabled. Pulse extension (only High Feature modules) Pulse extension is a function for changing a digital input signal. A pulse at a digital input is extended to at least the configured length. If the input pulse is already longer than the configured length, the pulse is not changed. Pulse extension is started whenever the state of the input signal changes and no pulse extension is active for this channel. WinCC Advanced V14 System Manual, 10/2016 1827 Editing devices and networks 10.1 Configuring devices and networks Potential group of the left module / new potential group Specifies whether the I/O module is located on a base unit with supply voltage feed (new potential group) or whether it is it located on a base unit without supply voltage feed (in which case it belongs to the potential group of the left module). Parameters of the analog input modules Missing supply voltage L+ Enabling of the diagnostics, with missing or too little supply voltage L+. Reference junction (AI 4xRTD/TC 2-/3-/4-wire HF) A BaseUnit with internal temperature sensor (BU..T) or the channel 0 of the I/O module can be used as reference junction, provided this has been configured as "Thermal resistor Pt100 climatic range Celsius". A possible parameter assignment is shown below (see also Information about reference channel mode (Page 1831)): Table 10-181 RTD channel Setting Description No reference channel operation Temperature value at channel 0 can be used as module-wide reference value if the parameters of the other channels are assigned accordingly. Reference channel of Group x The channel acts as sender for the reference junction temperature of Group x. Distribution is performed via the interface module. Table 10-182 TC channel Setting Description Reference channel of the module The corresponding TC channel uses the channel 0 of the same module as ref erence junction temperature. This must be set as "Thermal resistor Pt 100 cli matic range Celsius" and "No reference channel operation"; otherwise, refer ence junction diagnostics is triggered. Internal reference junction The reference junction temperature is read by an internal temperature sensor on the BaseUnit. Reference junction diagnostics is triggered if there is a wrong BaseUnit type. Reference channel of Group x With the setting "TC" (thermocouple...), the channel acts as receiver for the reference junction temperature of Group x. Fixed reference temperature No temperature compensation occurs. The linearization is executed with an assumed reference junction temperature of 0 C. Overflow Enabling of the diagnostics if the measured value exceeds the overflow range. 1828 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Underflow Enabling of the diagnostics if the measured value falls below the underflow range. Wire break Enabling of the diagnostics if the module has no current flow or too low a current flow for the measurement on the corresponding configured input. Smoothing The individual measurements are smoothed using digital filtering. The smoothing can be set in 4 stages, whereby the smoothing factor k multiplied by the cycle time of the I/O module corresponds to the time constant of the smoothing filter. The larger the smoothing, the larger the time constant of the filter. The following figure shows the step response for the various smoothing factors depending on the number of module cycles. QRQHN ZHDNN PHGLXPN VWURQJN 6WHSUHVSRQVH [ [ [ [ 0RGXOHF\FOHV Figure 10-45 Smoothing with AI 4xRTD/TC 2/3/4wire HF Interference frequency suppression With analog input modules, suppresses the disturbance caused by the frequency of the AC network used. The frequency of the AC network may interfere with measured values, particularly for measurements within low voltage ranges and when thermocouples are being used. This parameter is used to define the predominant power frequency of the system. Hardware interrupt limits If the high limit 1/2 or the low limit 1/2 is violated, the module triggers a hardware interrupt. WinCC Advanced V14 System Manual, 10/2016 1829 Editing devices and networks 10.1 Configuring devices and networks Below are some examples for the selection of the limits 1 and 2. +LJKOLPLW +LJKOLPLW +LJKOLPLW +LJKOLPLW +LJKOLPLW +LJKOLPLW +LJKOLPLW /RZOLPLW +LJKOLPLW /RZOLPLW /RZOLPLW /RZOLPLW 0HDVXUHGYDOXH /RZOLPLW 0HDVXUHGYDOXH /RZOLPLW /RZOLPLW 0HDVXUHGYDOXH /RZOLPLW 0HDVXUHGYDOXH Low limit 1/2 Specify a threshold whose undershoot triggers a hardware interrupt. High limit 1/2 Specify a threshold whose overrange triggers a hardware interrupt. Potential group of the left module/New potential group Specifies whether the I/O module is located on a BaseUnit with supply voltage infeed (new potential group) or on a BaseUnit without supply voltage feed (in which case, it belongs to the potential group of the left module). Temperature coefficient (measurement type thermoresistor) The correction factor for the temperature coefficient ( value) defines the relative rate of change of the resistance of a specific material at a temperature rise of 1 . The temperature coefficient depends on the chemical composition of the material. In Europe, only one value is used per sensor type (default value). The further values facilitate a sensor-specific setting of the temperature coefficient and enhance accuracy. See also Special features of AI 4xRTD/TC 2-/3-/4-wire HF (Page 1839) 1830 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Information about reference channel mode An RTD/TC module of the ET 200SP works in reference channel mode when a channel sends the reference temperature to other channels of the station. The receiving channels use the reference temperature for temperature compensation when measuring with thermocouples. Structure and use of thermocouples The thermocouple consists of two wires with different metals or alloys that are welded together at the end. The weld is called measuring point. The other end of the two wires is open. This end is called reference junction. A thermal voltage, which depends on the temperature at the measuring point, occurs between the two metals/alloys at the measuring point. Other thermal voltages also occur at the reference junction - with transition from thermocouple to copper lines, for example - that falsify the actual measured value and need to be compensated. No compensation is required for a reference junction temperature of 0 C. Different methods are used to compensate the reference junction temperature: Fixed reference temperature: The reference junction is permanently set to a specific temperature, for example, to 0 C by an icewater bath (no compensation required). Internal reference junction: The reference junction is the terminal of the BaseUnit on which the analog module is plugged. If you select the "Internal reference junction" compensation type, you have to use BaseUnits with integrated temperature measurement to compensate the reference junction temperature. These BaseUnits have the designation "BU..T". The module records the temperature at the reference junction and uses this to determine the actual temperature at the measuring point. Reference channel of Group x: An external thermal resistor records the temperature at the reference junction for the Group x (group of channels within a station). The actual temperature at the respective measuring point can be determined as a result. One external thermal resistor is required for each group. The thermal resistors are each connected to one channel of an analog module. These channels are called senders (for the temperature at the reference junction). The mode of operation and settings are described in the section "Station-wide distribution of reference temperature". Reference channel of the module: The mode of operation is comparable with "Reference channel of Group x". You connect an external thermal resistor to channel 0 of the module to measure the temperature at the reference junction. Other channels of the same module use this reference temperature for temperature compensation. The mode of operation and settings are described in the section "Module-wide distribution of reference temperature". You can find information about the structure and mode of operation of a thermocouple in the Analog value processing (http://support.automation.siemens.com/WW/view/en/67989094) manual. WinCC Advanced V14 System Manual, 10/2016 1831 Editing devices and networks 10.1 Configuring devices and networks Station-wide distribution of the reference temperature You can record the temperature at the reference junction x using a thermal resistor on a channel (sender of the reference temperature) and send it to other channels within a station (receivers). All channels that receive the temperature at a reference junction x form the Group x. For each group, you assign parameters to exactly one channel as sender of the reference temperature. Thermal resistor at the reference junction Channel records temperature at the reference junction and sends it to the other channels within a station (sender of Group x). The temperature value is used for the compensation of the refer ence junction temperature. Channels of the Group x receive the temperature at the reference junction (receivers) Parameter assignment of a channel as reference channel (sender for Group 1) Parameter assignment is described below using Group 1 as example: 1. Open the project in STEP 7 2. Select the required analog module (RTD/TC) in the device view. 3. Then select a channel that is to work as sender of the reference junction temperature. The following settings are required: "Measurement type": "Thermal resistor", for example, "Thermal resistor (4-wire connection)" "Measuring range": "Pt 100 climatic range" "Temperature unit": "Degrees Celsius" "Reference junction": "Reference channel of Group 1" The following figure shows the parameter assignment. 1832 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The channel configured in this way (thermal resistor measurement type) works as reference channel of Group 1 and sends the measured temperature to all channels (thermocouple measurement type) that are configured as receivers of Group 1. In the next section, you will learn how to assign parameters for channels that are receivers of Group 1. Parameter assignment of a channel as receiver of Group 1 The figure below shows the parameter assignment of a channel that receives the temperature at the reference junction of Group 1. WinCC Advanced V14 System Manual, 10/2016 1833 Editing devices and networks 10.1 Configuring devices and networks The following settings are required: "Measurement type": "Thermocouple" "Reference junction": "Reference channel of Group 1" Module-wide distribution of the reference temperature You can record the temperature on a reference junction using the channel 0 of the module and use the temperature value for the channels 1, 2, 3... of this module. The recorded temperature value is not sent to the channels of the other modules within the station (no reference channel mode). 1834 Thermal resistor at the reference junction Channels of the same module use the temperature value for the compensation of the reference junction temperature for the measurement with thermocouples, "Reference junction" parameter: "Reference channel of the module" Channel records temperature at the reference junction, "Reference junction" parameter: "No reference channel mode" WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Parameter assignment of channel 0 as reference channel of the module The figure below shows the parameter assignment of channel 0 of a module that is to be used for recording the temperature at the reference junction: The following settings are required: "Measurement type": "Thermal resistor", for example, "Thermal resistor (4-wire connection)" "Measuring range": "Pt 100 climatic range" "Temperature unit": "Degrees Celsius" "Reference junction": "No reference channel mode" WinCC Advanced V14 System Manual, 10/2016 1835 Editing devices and networks 10.1 Configuring devices and networks Parameter assignment of a channel that uses channel 0 as reference channel The figure below shows how parameters have to be assigned for a channel that uses the channel 0 of this module as reference channel for temperature compensation. The settings below are required for the channels of the module that compensate the temperature of the reference junction using channel 0: "Measurement type": "Thermocouple" "Reference junction": "Reference channel of the module" See also Parameters of the analog input modules (Page 1828) Information about the Oversampling function High-speed analog modules (HS) are available to meet high performance and speed requirements. The main characteristics of these HS analog modules compared to Standard analog modules (ST) is their shorter cycle times. To achieve this goal, the input and output modules are equipped with components with extremely short throughput and conversion times. In addition, the entire architecture of the modules is designed for faster signal processing. HS analog modules convert the output of measured values and output values at the same time. Each channel within the module has its own A/D or D/A converter. This means the cycle time is basically the conversion time and independent of the number of activated channels. This is true for analog input modules as well as analog output modules. This means HS modules can be used in fast isochronous mode. Apart from isochronous mode, the HS analog modules also provide benefits in nonisochronous (free-running) mode. Due to the fast processing of the process signals, HS analog modules are able to detect changes in the process values more quickly and to respond to 1836 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks these events with the appropriate program blocks (for example, hardware interrupt or cyclic interrupt organization blocks). Isochronous mode Isochronous mode refers to synchronous coupling Of signal acquisition and output via the distributed I/O Of signal transmission via PROFIBUS or PROFINET Of program processing with the constant bus cycle time of the PROFIBUS or PROFINET. The result is a system that acquires its input signals in constant time intervals, processes them and outputs the output signals. Isochronous mode guarantees reproducible and defined process reaction times as well as equidistant and synchronous signal processing with distributed I/O. The bus system and the I/O modules work synchronously with configured isochronous mode. The transmitted input and output data are linked to an "isochronous task" in the CPU. As a result, the data of a cycle are always consistent. All data of a process image belong together logically and in time. Jitter in the user program caused by the acquisition of outdated values is therefore almost impossible. Even fast processes can be perfectly controlled by the exact timely reproducibility of all processes. Isochronous mode thus contributes to high control quality and hence to greater manufacturing precision. While possible fluctuations of the process reaction times are drastically reduced. The time-assured processing can be utilized to improve machine cycle times. Shorter cycle times increase the processing speed and help to lower production costs. Oversampling The use of the oversampling function in analog input or analog output modules requires an isochronous configuration. With analog input modules, the set send clock is divided into time-equidistant sub-cycles. The send clocks can be subdivided into 2 to 16 sub-cycles. Each sub-cycle reads in a measured value. The read-in measured values of a data cycle are copied to the interface module (IM) in the next send clock and are then available to the processing CPU one clock later. With analog output modules, the set send clock is also divided into time-equidistant sub-cycles. The send clocks can be subdivided into 2 to 16 sub-cycles. Each sub-cycle returns an output value. The output values are copied to the interface module by the CPU within the same send clock and are written to the process one send clock later. The read-in and output values are transmitted in the user data of the analog module. In this way, the address space of the module is extended from 2 bytes of user data per channel to 16 x 2 bytes of user data per channel (with 16 sub-cycles). If you subdivide the send clock into fewer than 16 sub-cycles, the unused addresses are assigned the error value 0x7FFF during input. For output, the values of the unused addresses are ignored. Because the sub-cycles have to be within a send clock, oversampling needs an additional clock to copy the data to the interface module, unlike the 3-cycle model of isochronous mode. The result is a 5-cycle model. WinCC Advanced V14 System Manual, 10/2016 1837 Editing devices and networks 10.1 Configuring devices and networks ,VRFKURQRXVPRGH &\FOH Q Q &38 2%[ ,0 Q &38 Q ,0 Q 6XEF\FOHV Send clock is divided into sub-cycles which record the measured value (in this case: 10 subcycles) Measured values are copied to the IM Measured values are processed and output values determined Output values are copied by the CPU to the IM Output values are written to the process Higher sampling rates through oversampling Due to the configured modules, the IO device has a minimum possible update time. Within this update period, the IO device/IO controller of the PROFINET IO system is supplied once with new data. The following applies with respect to the channels of a single standard module in the I/O device: The shortest update time ("sampling rate") is exactly one send clock. If you want to shorten the update time for the channels of a standard module, you have to shorten the send clock. Because of the properties of the involved components and the structure of the I/O system, this is only possible to a certain extent (e.g., down to 0.25 ms). Modules with oversampling, however, offer the option of further reducing the update time ("sampling rate") for their channels without having to shorten the send clock for the entire IO device at the same time. The subdivision of the send clock into time-equidistant sub-cycles enables the processing of faster processes through higher sampling rates. Example In practice, the use of oversampling makes sense when the isochronous system works with only one specific send clock (for example, 1 ms) due to the modules used and when faster sampling of the process values is required. By using oversampling and subdividing the send clock into 4 sub-cycles, for example, you can sample the process values in intervals of 250 s. Configuring oversampling Enable the option "Isochronous mode" in the IO device used, and set the corresponding parameters ("Send clock", etc.). With the distributed analog input modules (e.g. AI 2xU/I 2,4-wire HS), you specify the number of sub-cycles using the "Sampling rate" parameter. With the distributed analog output modules (e.g. AQ 2xU/I HS), you specify the number of subcycles using the "Sampling rate" parameter. 1838 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks If, for example, you configure a "Sampling rate" of 4 "Values/cycle" for a send clock of 1 ms, the send clock is subdivided into 4 sub-cycles and the process values are sampled at intervals of 250 s. Reference You can find additional information in the manuals on the high-speed analog modules and in the Analog value processing (http://support.automation.siemens.com/WW/view/en/67989094) function manual. Special features of AI 4xRTD/TC 2-/3-/4-wire HF Use of Cu10 sensors Select "3-wire thermal resistor" and "Cu10" in the parameter assignment. Wire the Cu10 sensor using 3-wire connection technology. An automatic, internal compensation of the line resistance of the missing measuring line takes place during operation. Note To ensure optimum line compensation for Cu10, please note the following: The sum of cable resistance and measuring resistance must not exceed 31 . Cable resistance should not exceed 8 if you want to use the temperature range up to over 312 C. Example: A 200 m long copper cable with 0.5 mm2 core cross-section has approx. 7 . A lower cross-section reduces the permissible cable length accordingly. Use of PTC resistors PTCs are suitable for temperature monitoring of or as thermal protective equipment for complex drives or transformer windings. Select "2-wire resistor" and "PTC" in the parameter assignment. Connect the PTC using 2-wire technology. Use type A PTC resistors (PTC thermistors) in accordance with DIN/VDE 0660, Part 302. If the "Over-/underflow" diagnostics is enabled, a "low limit violation" diagnostics which shows a short circuit is generated for resistance values < 18 . Sensor data on PTC resistance: WinCC Advanced V14 System Manual, 10/2016 1839 Editing devices and networks 10.1 Configuring devices and networks Table 10-183 Use of PTC resistors Property Switching points Technical specifica tions Note Reaction to rising temperature < 550 Normal range: SIMATIC S7: bit 0 = "0", bit 2 = "0" (in the PII) 550 to 1650 Prewarning range: SIMATIC S7: bit 0 = "0", bit 2 = "1" (in the PII) < 1650 Response range: SIMATIC S7: bit 0 = "1", bit 2 = "0" (in the PII) Reaction to falling temperature < 750 Response range: SIMATIC S7: bit 0 = "1", bit 2 = "0" (in the PII) 750 to 540 Prewarning range: SIMATIC S7: bit 0 = "0", bit 2 = "1" (in the PII) < 540 Normal range: SIMATIC S7: bit 0 = "0", bit 2 = "0" (in the PII) (TNF-5) C max. 550 (TNF+5) C min. 1330 (TNF+15) C min. 4000 Measuring voltage max. 7.5 V RRT= rated response temperature Voltage on the PTC 1840 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Assignment in the process image inputs (PII) with SIMATIC S7 (%[ PHDVXUHGUHVLVWDQFHUHVSRQVHYDOXH PHDVXUHGUHVLVWDQFH!UHVSRQVHYDOXH %HWZHHQSUHZDUQLQJWKUHVKROGDQGUHVSRQVHYDOXH (%[ 6KRUWFLUFXLW Figure 10-46 Assignment in the process image inputs (PII) Notes on programming Note Only the bits 0+2 are relevant for the evaluation in the process image inputs. You can use the bits 0+2 to monitor the temperature, for example, of a motor. The bits 0+2 in the process image inputs have no latching function. When you are assigning parameters, take into consideration that a motor, for example, starts up in a controlled manner (via an acknowledgment). Bits 0+2 can never be set simultaneously, but are instead set consecutively. For safety reasons, always evaluate the diagnostic entries of the AI 4xRTD/TC 2-/3-/4wire HF, as no measurement is possible if I/O modules are unplugged, if the supply voltage of the I/O module has failed, or if there is a wire break or short circuit of the measuring lines. WinCC Advanced V14 System Manual, 10/2016 1841 Editing devices and networks 10.1 Configuring devices and networks Example The following diagram shows the temperature variation and the associated switching points. 5>@ 1RUPDO UDQJH 3UHZDUQLQJ UDQJH $GUHVVDEOHUDQJH 3UHZDUQLQJUDQJH 1RUPDO UDQJH 6KRUW FLUFXLW 7>r&@ See also Parameters of the analog input modules (Page 1828) What you should know about the scalable measuring range (Page 1842) What you should know about the scalable measuring range The scalable measuring range The scalable measuring range is a section from the temperature measuring range of an analog input module (for example, the ET 200SP module "AI 8xRTD/TC 2-wire HF"). In this section, a higher resolution of the measured values is possible, comparable with a magnifier that allows a subsection to be viewed in greater detail. The scalable measuring range is supported for the following measurement types: Thermal resistor (RTD) standard Thermocouple The scalable measuring range is not available with the following measurement types: Voltage Resistance Thermal resistor climatic 1842 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Position and resolution of the scalable measuring range The position and resolution of the scalable measuring range can be set (scaled): Position: The scalable measuring range can be moved over the entire standard measuring range. This allows you to select the temperature range for which your application requires a higher resolution. Exception: The scalable measuring range cannot be moved to the extent that it enters the overflow or underflow of the standard measuring range (Clipping). You select the position of the scalable measuring range with the "Measuring range center" parameter (see figure below). Resolution: The following values can be set: - 2 decimal places (0.01 ) - 3 decimal places (0.001 ) You set the resolution with the "Measuring range resolution" parameter (figure below). Example of a parameter assignment The following figure shows a parameter assignment for the ET 200SP module "AI 8xRTD/TC 2-,3-,4-wire HF". In STEP 7, you can find parameters in the properties box via General > AI 4 > Inputs > Channel 0 to channel 3. Conductor resistor: WinCC Advanced V14 System Manual, 10/2016 1843 Editing devices and networks 10.1 Configuring devices and networks The "Conductor resistor" parameter in the parameter assignment above is enabled only if the "Thermal resistor (2-wire terminal)" measurement type was selected. Here, enter the value for the resistance of the connecting cable of the thermal resistor: A 200 m long copper cable with 0.5 mm2 wire cross-section, for example, has a resistance value of seven ohms. Measuring range resolution: In the parameter assignment above, a resolution of 0.01 C was selected (measuring range resolution "2 decimal places"). Measuring range center: The measuring range center is set to 500 C. With a resolution of 0.01 C, this results in a scalable measuring range from 174.88 C to 825.11 C. At a resolution of 0.01 C, the scalable measuring range covers 650.23 C. Maximum (scalable measuring range): This value represents the high limit of the scalable measuring range. In the example above, 825.11 . The value is calculated by STEP 7 (at a resolution of 0.001 C, the high limit is at 532.511 C, see figure below). Minimum (scalable measuring range): This value represents the low limit of the scalable measuring range. In the example above, 174.88 . The value is calculated by STEP 7 (at a resolution of 0.001 C, the low limit is at 467.488 C; see figure below). Higher resolution: The following figure shows a parameter assignment with a resolution of 0.001 C (otherwise the same example as in the figure above): At a resolution of 0.001 C, the scalable measuring range is between 467.488 and 532.511 C and covers 65.023 C (a tenth of the measuring range at a resolution of 0.01 C). 1844 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Standard measuring range with 0.1 C resolution The following table shows the standard measuring range for thermal resistors of the type "Pt 100", values in degrees Celsius. Pt 100 standard in C Decimal values Hexadecimal values Ranges > 1000.0 32767 7FFF Overflow 1000.0 10000 2710 Over : : : range 850.1 8501 2135 850.0 8500 2134 : : : -200.0 -2000 F830 -200.1 -2001 F82F : : : -243.0 -2430 F682 < -243.0 -32768 8000 (1 digit = 0.1 C) Nominal range Under range Underflow The standard measuring range is the basis for the scalable measuring range. You can set the measuring range center within the nominal range (-200 C to 850 C, see table above). For temperatures below and above the set measuring range center, you then obtain measured values with a higher resolution. The width of this range around the measured value center depends on the selected resolution. Scalable measuring range 0.01 C and 0.001 C resolution The scalable measuring range is identified by the following value ranges: Scalable measuring range Measuring range resolution (values in C) WinCC Advanced V14 System Manual, 10/2016 Hexadecimal val ues 2 decimal places 3 decimal places Overflow > 325.11 > 32.511 7FFF High limit 325.11 32.511 7EFF Measuring range center 0 0 0 Low limit 325.11 -32.511 8100 Underflow < -325.11 < -32.511 8000 1845 Editing devices and networks 10.1 Configuring devices and networks The maximum and minimum of the scalable measuring range depend on the selected resolution: 2 decimal places, resolution of 0.01 : The high limit is 325.11 C above the measuring range center you have set. The low limit is 325.11 C below the measuring range center you have set. This means that the scalable measuring range is 650.22 C around the measuring range center. 3 decimal places, resolution of 0.001 : The high limit is 32.511 above the measuring range center you have set. The low limit is 32.511 below the measuring range center you have set. This means that the scalable measuring range is 65.022 around the measuring range center. Calculation of the temperature You calculate the temperature value by adding the value you receive from the module to the measuring range center. Example: You have set the measuring range center 500 C (see example in the section "Example of a parameter assignment"). For the resolution, you selected "2 decimal places". From the module, you receive the hexadecimal value "0100" in S7 format: Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit Bit 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 The hexadecimal value "0100" corresponds to the decimal value 256. Since you have selected a resolution of 0.01 C, the number 256 corresponds to the temperature value "2.56 C". You now add 500 C and 2.56 C and obtain the measured value 502.56 C. 1846 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Scalable measuring range in the standard measuring range 0HDVXULQJUDQJH 8QGHUIORZ 8QGHU UDQJH 2YHU UDQJH 1RPLQDOUDQJH 8QGHUIORZ 2YHUIORZ 2YHUIORZ + 8QGHUIORZ + ++())+ 0HDVXULQJUDQJH FHQWHU ++())+ 8QGHUIORZ + ! )))+ 2YHUIORZ ! )))+ ++$%+ 2YHUIORZ ! )))+ Scalable measuring range with 2 decimal places, temperature values in S7 format. Scalable measuring range with 3 decimal places, temperature values in S7 format. Scalable measuring range cut off at the overflow of the standard measuring range ("Clipping"). The sum of the measuring range center (for example 750 C) and the measured value returned by the module must not extend into the overflow of the standard measuring range. For this reason, in the example above, the maximum value that the module can return is limited to 250 C Clipping STEP 7 limits the maximum of the scalable measuring range so that the sum of the measured value center and the maximum measured value that the module can return is not located in the overflow of the standard measuring range. In the same way, STEP 7 restricts the minimum of the scalable measuring range. See also Special features of AI 4xRTD/TC 2-/3-/4-wire HF (Page 1839) WinCC Advanced V14 System Manual, 10/2016 1847 Editing devices and networks 10.1 Configuring devices and networks ET 200AL ET 200AL distributed I/O system SIMATIC ET 200AL The SIMATIC ET 200AL distributed I/O system is a scalable and highly flexible, distributed I/ O system for connecting process signals to a superordinate control with a field bus. Properties Connection to PROFINET or PROFIBUS or integration into ET 200SP / ET 200SP CPU Up to 32 modules on an ET 200AL Integration into ET 200SP / ET 200SP CPU: Up to 16 AT modules can be connected to an ET 200AL Connection of modules via ET-Connection Spatially separated mounting possible Module widths of 30 and 45 millimeters Degree of protection IP65/IP67 Suitable for temperatures from -25 to +55 C and accelerations up to 5 g. Installation in all positions Color coding of the cables and connections CA-compliant labeling of the interfaces PROFIenergy integrated Configuration control Connection of sensors and actuators using M8 and M12 connection system 1848 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Area of application The SIMATIC ET 200AL distributed I/O system is especially well suited for use in tight spaces, moving applications and for assembly and handling technique. Thanks to its scalable construction, you have the option precisely customize its configuration to your on site needs. The SIMATIC ET 200AL distributed I/O system features protection type IP65/IP67 and is suited for distributed use on a machine or assembly line. Structure The SIMATIC ET 200AL distributed I/O system is made up of the following components: Interface modules (PROFINET/PROFIBUS) Digital and analog I/O modules Communications module After an interface module you can configure 2 lines (ET-Connection), each with 16 modules. Alternatively, you can configure a line with 16 I/O modules on the SIMATIC ET 200SP distributed I/O system with BusAdapter BA-Send 1xFC. The ETConnection backplane bus is designed as a cable. This allows you to create spatial distances of up to 10 m between the modules. WinCC Advanced V14 System Manual, 10/2016 1849 Editing devices and networks 10.1 Configuring devices and networks Configuration example The figure below shows a configuration example of the SIMATIC ET 200AL distributed I/O system with a PROFINET interface module. Interface module (PROFINET) Digital input/Digital output module Digital input module Analog input module Communications module PROFINET cable Power supply cable ET-Connection line Sealing caps Figure 10-47 Example configuration of the ET 200AL See also Expanding ET 200SP with ET 200AL modules (Page 1820) Configuring ET 200AL Introduction ET 200AL is a distributed I/O system with an IP65/67 degree of protection. It is therefore designed for use on site, for example right beside a machine (no control cabinet required). 1850 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The system includes interface and communications modules as well as input and output modules. There are two use cases for the ET 200AL: 1. As I/O device or DP slave: The system interface module is connected to a field bus (PROFINET or PROFIBUS) and connected to the PN or DP interface of a CPU. 2. As an ET 200SP expansion: The ET 200AL modules are connected to the ET 200SP over the "BA Send 1xFC" module ("mixed mode"). The following sections describe how to configure an ET 200AL as I/O device or DP slave (use case 1). For use case 2, see the link under "See also". WinCC Advanced V14 System Manual, 10/2016 1851 Editing devices and networks 10.1 Configuring devices and networks Procedure Follow the steps below to configure an ET 200AL in STEP 7: 1. Copy an interface module (PROFINET or PROFIBUS) from the ET 200SP series to the network view (drag-and-drop operation from the hardware catalog). 2. Go to the device view. Double-click on the interface module you have just inserted. The interface module and two ET-Connection racks are displayed in the device view (figure below). There are no slot numbers assigned yet, which is why question marks are displayed above the slots. 1852 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 3. Now select the modules (input, output and communication modules) from the hardware catalog (ET 200AL folder) and drag them to the free slots (outlined in blue; not shown). You can place up to 16 ET 200AL modules in each ET-Connection rack (figure below). An ET-Connection rack is a virtual rack that sets the order of the connected ET 200AL modules. WinCC Advanced V14 System Manual, 10/2016 1853 Editing devices and networks 10.1 Configuring devices and networks 4. Now connect the interface module to the two ET-Connection racks. First click on an ET-Connection interface of the interface module, then hold and drag a line to the left-hand ET connection of the first module in one of the two ET-Connection racks. Repeat this step for the second ET-Connection interface of the interface module and the second ET-Connection rack (if used). 5. Double-click on a module to access the module properties and set the module parameters. Rules The ET 200AL modules must be configured with no gaps. The first module in an ET-Connection rack must be connected to the interface module. 1854 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also ET 200AL distributed I/O system (Page 1848) Configuration control with ET 200AL Operating principle With configuration control, you can change the original configuration of an ET 200AL (created by configuring with STEP 7) with a user program and operate the ET 200AL in this modified configuration. STEP 7 is no longer required for this configuration: You use your user program to signal to the ET 200AL the slot in which a configured module is actually inserted. In this case, use control data record 196. In this data record, you code which modules are missing or located in different slots in the real configuration compared to the configuration with STEP 7. The configuration control has no effect on the parameter assignment of the modules (for example, the enabling of diagnostic alarms). You then call the "WRREC" instruction and use it to write the data record to the interface module of the ET 200AL. Configuration control gives you the flexibility to vary the configuration of an ET 200AL as long as the real configuration can be derived from a preset maximum configuration (originally created with STEP 7). The following sections describe how to enable configuration control and how to structure the required data record 196 for the ET 200AL. Requirement The CPU startup parameter "Compare preset to actual configuration" is set to Startup even if mismatch (default setting). This setting is also selected for the startup parameters of the individual modules of the ET 200AL. Enabling configuration control In the properties of the interface module under Module parameters > General > Configuration control, select "Enable reconfiguration of device via user program". This activates configuration control. Structure of control data record 196 The configuration of the data block corresponds to the original configuration of the ET 200AL with STEP 7. WinCC Advanced V14 System Manual, 10/2016 1855 Editing devices and networks 10.1 Configuring devices and networks There are two bytes in the data record for each module. The position of these two bytes in the data record codes a module in the original configuration with STEP 7. Bytes 4 and 5 in the data record correspond to the module in slot 1 in the original configuration. Bytes 6 and 7 in the data record correspond to the module in slot 2 in the original configuration. Bytes 8 and 9 in the data record correspond to the module in slot 3 in the original configuration. etc. The current (real) slot is coded by the number that is assigned to the "Slot_x" byte (by its value): Examples: The value "2" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 2 in the current configuration. The value "3" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 3 in the current configuration. The value "4" in byte 6 means you are assigning the module originally inserted in slot 2 to slot 4 in the current configuration. etc. Creating control data record 196 The figure below shows part of control data record 196 for configuration of an ET 200AL. This configuration is given as an example: ET-Con1 is inserted in "slot_1" (fixed setting). The two ET-Connection submodules "ETCon1" and "ET-Con2" are submodules of the interface module of the ET 200AL. They are integrated as fixed modules in the IM module. They cannot be inserted individually. ET-Con2 is inserted in "slot_18" (fixed setting). In this configuration, 16 AL modules are connected to ET-Con1 ("slot_2" to "slot_17" in the following data record). This is the maximum configuration. In this configuration, one AL module is connected to ET-Con2 ("slot_19"). However, a total of 16 AL electronic modules could be connected to ET-Con2 (as to ET-Con1). The ET 200AL originally configured with STEP 7 is now to be reconfigured from the user program. The new configuration has the following properties: ET-Con1 is inserted in "slot_1" (fixed setting). Module 2 is also operated in slot 2 in the modified configuration. Module 3 is not used. Module 4 is now inserted in slot 3. Module 5 is now inserted in slot 4. No other modules at ET-Con1 are used. 1856 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks ET-Con2 is inserted in "slot_18" (fixed setting) The module at ET-Con2 is used. WinCC Advanced V14 System Manual, 10/2016 1857 Editing devices and networks 10.1 Configuring devices and networks The components of control data record 196 (definition in section "Control data record 196" below): block_length: Note the length of the control data record here; in the example: 42 (bytes). The length of the control data block is calculated using the following formula: 2 x "number of modules" + 4. block_ID: Enter the figure 196 here. This number identifies the data record as the data record for configuration control. version: The ET 200AL uses version 2 of control data record 196. subversion: The ET 200AL uses subversion 1 of control data record 196. slot_1: The ET-Connection 1 submodule is always inserted in slot 1 of the ET 200AL. reserve_1: This byte is not used (value "0"). slot_2: The configured module 2 is inserted in slot 2 (value "2"). reserve_2: This byte is not used (value "0"). slot_3: The configured module 3 is not present in the current configuration (value "0"). reserve_3: This byte is not used (value "0"). slot_4: The configured module 4 is inserted in slot 3 in the current configuration (value "3"). reserve_4: This byte is not used (value "0"). slot_5: The configured module 5 is inserted in slot 4 in the current configuration (value "4"). reserve_5: This byte is not used (value "0"). slot_6: The configured module 6 is not present in the current configuration (value "0"). reserve_6: This byte is not used (value "0"). slot_7: The configured module 7 is not present in the current configuration (value "0"). reserve_7: This byte is not used (value "0"). etc. slot_18: The ET-Connection 2 submodule is always inserted in slot 18 of the ET 200AL (value "18"). reserve_18: This byte is not used (value "0"). slot_19: The configured module 19 is inserted in slot 19 in the current configuration (value "19"). reserve_19: This byte is not used. (value "0") 1858 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Control data record 196 for ET 200AL A control data record 196 containing a slot assignment is defined for configuration control. Byte Element Value Description 0 Block length in bytes e.g. 14 for ET 200AL with 5 modules The length of the data record is calculated using the formula: 4 + (number of modules x 2) bytes 1 Block ID 196 ID for control data record 196 2 Version 2 Version 2 of control data record 196 3 Subversion 1 Subversion 1 of control data re cord 196 4 Configured module 1 1 ET-Connection 1 is always as signed to slot 1 (fixed). The value "1" must therefore always be en tered in byte 4. (ET-Connec tion 1) 5 Reserve for configured module 1 0 Not used 6 Configured module 2 Real slot of module 2 The configured module 2 can be inserted in any slot from 2 to slot 34. Slot 18 is reserved for ETCon 2. If the configured module is not used, this byte contains the value "0". Possible values: 2 up to the number of modules (except 18) 0 (if the configured module 2 is not present) 7 Reserve for configured module 2 0 Not used 8 Configured module 3 Real slot of module 3 The configured module 3 can be inserted in any slot from 2 to slot 34. Slot 18 is reserved for ETConnection 2. If the configured module is not used, this byte contains the value "0". Possible values: 2 up to the number of modules (except 18) 0 (if the configured module 2 is not present) Assignment for config ured mod ule 1 (ETConnection 1) to real slot 1 Assignment for the con figured mod ule 2 to a re al slot Assignment for the con figured mod ule 3 to a re al slot 9 Reserve for configured module 3 0 Not used : : : : : 39 Configured module 18 18 ET-Connection 2 is always as signed to slot 18 if AT modules are connected at this submodule. Assignment for config ured mod ule 18 (ETConnection 2) to real slot 18 (ET-Connec tion 2) WinCC Advanced V14 System Manual, 10/2016 Header 40 Reserve for configured module 18 0 Not used : : : : : 1859 Editing devices and networks 10.1 Configuring devices and networks (Bytes 4 to 70, Configured module x not byte 39) (Bytes 5 to 71, not byte 40) Real slot of module x Possible values: 2 up to the number of modules (except 18) 0 (if there is no config ured module x) Reserve for configured module x 0 The configured module x can be inserted in any real slot from 2 to slot 34. Slot 18 is reserved for ETCon 2 (bytes 39 and 40 in the control data record) Assignment for config ured mod ule x to a re al slot y Not used Rules The ET-Connection 1 and ET-Connection 2 submodules must be treated like real modules in configuration control. Restriction: ET-Connection 1 is always placed in slot 1 and ETConnection 2 is always placed in slot 18 (fixed assignment). There are no reserve modules for the ET 200AL (unlike for the ET 200S or with BU cover modules for the ET 200SP). For this reason, bit 7 of "slot_x" must not be set (i.e. only the values 0 to 127 may be used). The value "0" of "slot_x" indicates that this module is not inserted in the current configuration. Gaps must not be left between the AL modules when configuring with STEP 7. If no modules are connected to ET-Con2 when STEP 7 is configured, ET-Con2 is not configured: This shortens data record 196. If fewer than 16 modules are connected to ET-Con1 during configuration with STEP 7 and there are also modules connected to ET-Con2, control data record 196 must contain all unassigned slots for ET-Con 1. They are assigned zero as the value for the real slot. Writing a data record Transfer the control data record to the ET 200AL module. To do so, call the extended WRREC (Write data record) instruction, and transfer the control data record created. If you do not transfer a control data record, the interface module uses the original configuration with STEP 7. Here, the following applies: Configured module x is inserted in real slot x. Addressing the interface module using the HW identifier To transfer data record 196 with the instruction WRREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. 1860 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Error messages The following error messages are returned if an error occurs when writing control data record 196: Table 10-184 Error messages Error code Meaning 16#80A2 DP protocol error on layer 2 Indicates that a data record has not been acknowledged due to the system. 16#80B1 Invalid length; the length information in data record 196 is not correct. 16#80B5 Configuration control parameters not assigned. 16#80B2 Invalid slot: The configured slot is not assigned. 16#80B8 Parameter error; module signals invalid parameters. 16#80C5 DP slave or module not available. Indicates that a data record has not been acknowledged due to the system. Feedback data record 197 for ET 200AL The feedback data record 197 is used to read the actual configuration of a station (in this case of an ET 200AL). This data record allows you to check the real configuration of the ET 200AL (actual configuration). The feedback data record for each configured module specifies whether or not it is actually present. The value "1" means that the correct module is inserted in the correct slot. The value "0" codes all other possibilities (wrong module, empty slot, BU cover). Example: A module has been configured with STEP 7 for slot 4. This module has then been moved to slot 3 in the current configuration using data record 196. If this module is also really in slot 3, this is coded by the value "1" (status_slot_4 = 1). Configuration details: The configuration of the data block corresponds to the original configuration of the ET 200AL with STEP 7. There are two bytes in the data record for each module. The position of these two bytes in the data record corresponds to the position of a module in the original configuration with STEP 7. Sequence of bytes: "status_slot_1_ET_Con1" and "reserve_slot_1_ET-Con1" (bytes 4 and 5 in the data record) correspond to the module in slot 1 in the configuration, "status_slot_2" and "reserve_slot_2" (bytes 6 and 7) correspond to the module in slot 2 in the configuration "status_slot_3" and "reserve_slot_3" (bytes 8 and 9) correspond to the module in slot 3 in the configuration, etc. WinCC Advanced V14 System Manual, 10/2016 1861 Editing devices and networks 10.1 Configuring devices and networks Example The following feedback data record 197 is returned by the ET 200AL that was reconfigured with control data record 196 in the example above (section "Creating control data record 196"). Modules 2, 4 and 5 are actually connected to ET-Con1. None of the other modules that were connected to ET-Con1 in the configuration with STEP 7 are present in the current configuration (in line with the control data record 196 settings from the example above). 1862 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks A module is really connected to ET-Con2 as in the original configuration with STEP 7. Reading feedback data record 197 You can read the feedback data record 197 from the ET 200AL with the RDREC instruction. RDREC operates asynchronously. If you call RDREC in the startup OB, you must call the instruction multiple times using a loop until the "BUSY" or "DONE" output parameter indicates that the data record has been read. To read data record 197 with the instruction RDREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Additional information and examples Further information on ET 200AL is available here (http://support.automation.siemens.com/ WW/view/en/89254863). Specific examples of configuration control can be found here in this application description (http://support.automation.siemens.com/WW/view/en/29430270). You will find a library of the data records and other application examples here: Templates for the data records (http://support.automation.siemens.com/WW/view/en/29430270) See also ET 200AL distributed I/O system (Page 1848) Expanding ET 200SP with ET 200AL modules (Page 1820) Configuration control with ET 200SP (Page 1808) ET 200MP ET 200MP distributed I/O system Definition The ET 200MP distributed I/O system is a scalable and flexible distributed I/O system for connection of process signals to a central controller via a field bus. Application area The ET 200MP is a multi-functional distributed I/O system for various fields of application. The scalable design allows you to configure the system exactly to the specific requirements on location. The ET 200MP complies with IP 20 degree of protection and is intended for installation in a control cabinet. WinCC Advanced V14 System Manual, 10/2016 1863 Editing devices and networks 10.1 Configuring devices and networks Structure The ET 200MP is installed on a mounting rail and comprises: An interface module that communicates with all IO controllers conforming to the PROFINET standard IEC 61158 Up to 30 modules (power supply modules and I/O modules from the S7-1500 I/O range) can be inserted to the right of the interface module. If you insert a power supply module to the left of the interface module, this yields a possible maximum configuration of 32 modules in total. The number of insertable I/O modules is limited by their power requirements. Slot rules Slot 0: Power supply module (optional) Slot 1: Interface module Slot 2 to 31: I/O modules or power supply modules Interface module parameters Supply voltage L+ connected Parameter "Supply voltage L+ connected" This parameter influences the diagnostics and the checking of the power budget. Diagnostics of the ET 200MP: If the actual configuration does not match the preset configuration with regard to the supply voltage of the interface module, the interface module generates a diagnostic alarm. Example: You have deactivated the "Supply voltage L+ connected" option, but you have connected the supply voltage in the actual configuration. Power budget check during configuration: The power budget changes in accordance with the parameter setting: Either the interface module feeds power into the backplane bus or it draws power from the backplane bus. The default ("Supply voltage L+ connected" option is activated) means that the front of the interface module is supplied with 24 V DC and the power is stored in the backplane bus. If the "Supply voltage L+ connected" option is deactivated, the interface module may not be supplied with 24 V DC on the front. 1864 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks In this case, insert a power supply unit (PS) on the left next to the interface module that supplies the interface module and the modules to the right of the interface module. Note We recommend that you always supply the interface module on the front side with 24 V DC. If a system power supply unit (PS) is inserted and connected additionally before or on the left next to the interface module, both the power from the system power supply unit (PS) as well as the power from the integrated power supply of the interface module are then available to the configuration. In this case, you do not have to change the default setting of the parameter. Configuration control (handling options) with ET 200MP Operating principle Configuration control allows you to operate various real configurations (options) with a single configuration of the distributed I/O device ET 200MP. Configuration control provides you with the option of configuring the ET 200MP distributed I/ O device with its maximum configuration and still operating it with modules missing. If missing modules are retrofitted later, no new configuration is required and the hardware configuration does not have to be reloaded either. Using control data record 196, which is transferred to the interface module in the user program, you define a current configuration. You transfer the control data record with the instruction WRREC. Readback data record 197 is used to read the actual configuration of an ET 200MP. Requirements The CPU startup parameter "Compare preset to actual configuration" is set to Startup even if mismatch (default setting). This setting is also selected for the startup parameters of the individual modules of the ET 200MP. Enabling configuration control In the properties of the interface module under Module parameters > General > Configuration control, select "Enable reconfiguration of device via user program". This activates configuration control. Control data record 196 for ET 200MP The figure below shows the start of control data record 196 for the configuration control of an ET 200MP. The data block is 36 bytes long (maximum configuration with 32 modules). The value "36" therefore appears in the "block_length" element of the data record. WinCC Advanced V14 System Manual, 10/2016 1865 Editing devices and networks 10.1 Configuring devices and networks If you configure an ET 200MP in STEP 7 with fewer modules, the data block will be shorter: If there are only five modules, for example, the data record is reduced to 9 bytes (4 bytes for the header plus one byte for each module). There is one byte in the data record for each module. The position of this byte in the data record codes a module in the original configuration with STEP 7: "slot_0 power supply" (byte 4 in the data record below) corresponds to the power supply module in slot 0 in the configuration with STEP 7. "slot_2" (byte 5 in the data record) corresponds to the module in slot 2 in the configuration. "slot_3" (byte 6 in the data record) corresponds to the module in slot 3 in the configuration. "slot_4" (byte 7) corresponds to the module in slot 4 in the configuration. etc. Note Interface module in slot 1 Configuration control is controlled by the interface module (slot 1/submodule 1). The interface module in slot 1 is therefore not an element of the configuration control and is not included in the data record. Value in slot_x The current slot is coded by the figure that is assigned to "slot_x" (by its value). Examples: The value "2" in slot_2 means you are assigning the module originally inserted in slot 2 to slot 2 in the current configuration (slot_2 = 2). The value "3" in slot_2 means you are assigning the module originally inserted in slot 2 to slot 3 in the current configuration (slot_2 = 3). The value "4" in slot_2 means you are assigning the module originally inserted in slot 2 to slot 4 in the current configuration (slot_2 = 4). etc. Example for data record 196 The following data record was created for a configuration that changes the original configuration with STEP 7. The modified configuration has the following properties: The module inserted in slot 0 in the configuration (power supply module) is also inserted in slot 0 in the current configuration (specification). The module inserted in slot 2 in the configuration (module 2) is also inserted in slot 2 in the current configuration. The module inserted in slot 3 in the configuration (module 3) does not exist in the current configuration. The module inserted in slot 4 in the configuration (module 4) is inserted in slot 3 in the current configuration. 1866 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The module inserted in slot 5 in the configuration (module 5) is inserted in slot 4 in the current configuration. etc. The bytes "slot_6" to "slot_31" are not shown in the figure below. Rules If a module dos not exist in the current configuration, this is indicated by the value 127: "slot_x" = 127. The power supply module is always in slot 0 ("slot_0 power supply" = 0). The interface module in slot 1 is not included in the control data record. Addressing the interface module using the HW identifier To transfer data record 196 with the instruction WRREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Readback data record 197 for ET 200MP Readback data record 197 is used to read the actual configuration of a station (in this case, of an ET 200MP). This data record allows you to check the real configuration of the ET 200MP (actual configuration). The readback data record for each configured module specifies whether or not it is actually available. The value "1" means that the correct module is inserted in the correct slot. The value "0" codes all other options (wrong module, empty slot, reserve module). Example: A module has been configured with STEP 7 for slot 4. This module has then been moved to slot 3 in the current configuration using data record 196. WinCC Advanced V14 System Manual, 10/2016 1867 Editing devices and networks 10.1 Configuring devices and networks If this module is also really in slot 3, this is coded by the value "1" (status_slot_4 = 1). Configuration details: The configuration of the data block corresponds to the original configuration of the ET 200MP with STEP 7. There is a byte in the data record for each module. The position of this bytes in the data record corresponds to the position of a module in the original configuration with STEP 7. Sequence of bytes: "status_slot_0 power supply" (byte 4 in the data record below) corresponds to the power supply module in slot 0 in the configuration with STEP 7. "status_slot_2" (byte 5) corresponds to the module in slot 2 in the configuration. "status_slot_3" (byte 6) corresponds to the module in slot 3 in the configuration, etc. You can choose any name for the components (for example "status_slot_2"). Meaning of "status_slot_x": The value "1" in status_slot_x means that module x is in the correct slot. The value "0" in status_slot_x codes all other possibilities (wrong module, module does not exist). Example: The figure below shows readback data record 197 for the configuration of an ET 200MP in which there is no module 3 (the module in slot 3 in the configuration). All other modules are available and correctly plugged. The bytes "status_slot_6" to "status_slot_31" are not shown in the figure below. Reading readback data record 197 You can read readback data record 197 from the ET 200MP with the instruction RDREC. RDREC operates asynchronously. If you call RDREC in the startup OB, you must call the instruction multiple times using a loop until the "BUSY" or "DONE" output parameter indicates that the data record has been read. 1868 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks To read data record 197 with the instruction RDREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Additional information and examples Further information on ET 200MP can be found in the manual for IM 155-5 PN (http:// support.automation.siemens.com/WW/view/en/89261636). Specific examples of configuration control can be found in this application description (http:// support.automation.siemens.com/WW/view/en/29430270). You will find a library of the data records and other application examples here: Templates for the data records (http://support.automation.siemens.com/WW/view/en/29430270) See also Documentation on configuration control (http://support.automation.siemens.com/WW/view/en/ 67295970) Input module parameters Parameters of the analog input modules Missing supply voltage L+ Enabling of the diagnostics for missing or insufficient supply voltage L+. Wire break Enabling of the diagnostics if the module has no current flow or the current is too weak for the measurement at the corresponding configured input or the applied voltage is too low. Current limit for wire break diagnostics Threshold at which a wire break is reported. The value can be set to 1.185 mA or 3.6 mA, depending on the sensor used. Overflow Enabling of the diagnostics if the measured value exceeds the overrange. Underflow Enabling of the diagnostics if the measured value undershoots the underrange. WinCC Advanced V14 System Manual, 10/2016 1869 Editing devices and networks 10.1 Configuring devices and networks Common mode error Enable diagnostics if the valid common mode voltage is exceeded. Reference channel error (only for AI 8xU/I/RTD/TC ST) Enable diagnostics on error at the temperature compensation channel, e.g. wire break. Dynamic reference temperature compensation type is configured and no reference temperature has been transferred to the module yet. Temperature coefficient The temperature coefficient depends on the chemical composition of the material. In Europe, only one value is used per sensor type (default value). The correction factor for the temperature coefficient ( value) specifies how much the resistance of a certain material changes when the temperature is raised by 1 C. The further values facilitate a sensor-specific setting of the temperature coefficient and enhance accuracy. Interference frequency suppression At analog input modules, this suppresses interference caused by the frequency of AC mains. The frequency of the AC network may interfere with measured values, particularly for measurements within low voltage ranges and when thermocouples are being used. With this parameter, you define the mains frequency in your system. Smoothing The individual measured values are smoothed using filtering. Smoothing can be set in 4 stages for the analog input modules AI 8xU/I/RTD/TC ST and AI 8xU/I HS. Smoothing time = number of module cycles (k) x cycle time of the module. The figure below shows the number of module cycles after which the smoothed analog value is almost 100%, depending on the set smoothing. Is valid for each signal change at the analog input. 1870 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks 6LJQDOFKDQJHLQ SHUFHQWDJH 1 3 4 2 0RGXOHF\FOHV N None (k = 1) Weak (k = 4) Medium (k = 16) Strong (k = 32) Reference junction (only for AI 8xU/I/RTD/TC ST) The following settings can be configured for the reference junction parameter: Table 10-185 Possible parameter assignments for the reference junction parameter Setting Description Fixed reference temperature The reference junction temperature is configured and stored in the module as a fixed value. Dynamic reference temperature The reference junction temperature is transferred in the user program from the CPU to the module by data records 192 to 199 using the WRREC (SFB 53) instruction. Internal reference junction The reference junction temperature is determined using an integrated sensor of the module. Reference channel of the module The reference junction temperature is determined using an external resistance thermometer (RTD) at the reference channel (COMP) of the module. Note Fixed reference temperature During parameter assignment of a thermocouple Type B, only the setting "Fixed reference temperature" with a temperature of 0 C is possible. WinCC Advanced V14 System Manual, 10/2016 1871 Editing devices and networks 10.1 Configuring devices and networks Enable hardware interrupt 1 or 2 Enable a hardware interrupt if high limit 1 or 2 is exceeded, or low limit 1 or 2 is violated. Low limit 1 or 2 Specifies the low limit threshold that triggers hardware interrupt 1 or 2. High limit 1 or 2 Specifies the high limit threshold that triggers hardware interrupt 1 or 2. Temperature compensation for thermocouples Introduction You have several options of measuring the reference junction temperature in order to obtain an absolute temperature value as a function of the temperature difference between the reference junction and the measuring point. You can use various compensation options depending on the required location of the reference junction. Note During parameter assignment of a thermocouple Type B, only the setting "Fixed reference temperature" with a temperature of 0 C is possible. 1872 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Options of compensating for the reference junction temperature Compensation options Explanation Internal reference junction With this compensation, the reference junction tem For the connection, you use perature is determined using an integrated sensor compensating lines matching the of the module. thermocouple material. Procedure If the reference junction temperature Connect the thermocouple to the I/O module direct ly or with compensating lines. Reference channel of the module The reference junction temperature is determined using an external resistance thermometer (RTD). Procedure Connect the thermocouple to the supply lines at the reference junction, either directly or with compen sating lines. You connect the supply lines to the appropriate terminals of the module. Connect the resistance thermometer (RTD) to the reference channel of the module. The resistance thermometer (RTD) must be placed in the area of the reference junction. Application case and the module temperature are identical in your system, you may also use lines made from a different material. You want to measure the temperature directly at the reference junction. The measured temperatures of all channels that you have configured for this compensation type is corrected automatically by the temperature value of the reference junction. You can use inexpensive lines, e.g., copper lines, from the reference junction to the module. Dynamic reference tempera The temperature of the reference junction is deter You use multiple modules at the ture mined via a module. This temperature value is reference junction and can therefore transferred to other modules via a data record in compensate all channels using a the user program. common temperature value. Procedure You require only one resistance Connect the resistance thermometer (RTD) for the reference junction to any channel. thermometer (RTD) to acquire the temperature value. The reference junction temperature is communica You can use inexpensive lines, e.g., ted from the CPU to the module by data records copper lines, from the reference 192 to 199 using the WRREC instruction. junction to the module. Fixed reference temperature The reference junction temperature is stored in the module as a fixed value. Procedure Connect the thermocouple to the supply lines at the reference junction, either directly or with compen sating lines. You connect the supply lines to the appropriate terminals of the module. You keep the reference junction temperature constant and know the temperature value. You can use inexpensive lines, e.g., copper lines, from the reference junction to the module. When configuring the module, specify a fixed tem perature value for the reference junction (e.g. 20 C). WinCC Advanced V14 System Manual, 10/2016 1873 Editing devices and networks 10.1 Configuring devices and networks Output module parameters Parameters of the analog output modules Missing supply voltage L+ Enabling of the diagnostics, with missing or too little supply voltage L+. Short-circuit to ground Enabling of the diagnostics if a short-circuit of the actuator supply to ground occurs. Wire break Enabling diagnostics if the line to the encoder is interrupted. Overflow Enabling of the diagnostics if the measured value exceeds the overflow range. Underflow Enabling of the diagnostics if the measured value falls below the underflow range. Reaction to CPU STOP Determines the reaction of the output to the CPU going into STOP state. Substitute value The substitute values are values that the outputs (the output) issue in the event of a CPU STOP. Pulse-width modulation (PWM) The channels of some modules support the pulse width modulation (PWM) function. You can use the pulse width modulation function to easily generate periodic pulses with a constant rated voltage and a variable pulse duration for the above-mentioned channels. Configuration You configure the pulse width modulation with the following parameters: Enable PWM function on module Set PWM operating mode for the corresponding channel Set period 1874 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks How it works In the pulse width modulation mode, the correspondingly configured outputs provide a pulse width modulated output signal. Pulse width modulation is characterized by its time period (frequency) and its duty factor. The duty factor describes the relation between pulse duration and time period. The pulse duration is derived from the time period and the duty factor: Pulse duration = duty factor x time period. Example for duty factor of 50% and time period of 10 ms: Pulse duration 0.5 x 10 ms = 5 ms You define the duty factor of the channels in the user program using the output value (0 ... 1000) in the process image output. The output signal is a square wave signal (pulse sequence of on and off pulses). '4Q Time period T (2 to 100 ms); Frequency of the pulse width modulation: f = 1/T (10 to 500 Hz) Pulse duration (duty factor x time period) Figure 10-48 How pulse width modulation works Minimum pulse duration The minimum pulse duration is 300 s due to the hardware. The duty factor can be adjusted from 0.0 to 100.0%. The time period can be adjusted from 2 to 100 ms. Example: If you configure a time period of 2 ms and set a duty factor of 0.1% for the output, this would result in a pulse duration of 200 s. In fact, the output works with a minimum pulse duration of 300 s. Pulse waveform The pulse duration of the actual signal profile is slightly longer than the specified, ideal pulse duration. The figure below shows the reaction of the output to control by PWM. The blue line shows the specified, ideal signal profile (square wave signal), with which the output is controlled. The red dashed line show the actual signal profile on the output graph, caused by the externally connected load. WinCC Advanced V14 System Manual, 10/2016 1875 Editing devices and networks 10.1 Configuring devices and networks 89 WV Time period Pulse duration (duty factor x time period) Figure 10-49 Pulse waveform at output terminal ET 200M Configuring an ET 200M Introduction For the ET 200M series, you can find a wide range of modules in the hardware catalog under "Distributed I/O". Configuration and parameter assignment Information on configuration and parameter assignment can be found in the following sections. ET 200M configuration Definition The distributed IO device, ET 200M, is a modular DP slave with an IP 20 degree of protection. The ET 200M has the configuration technology of the S7300 automation system and consists of an IM 153x and I/O modules of the S7300. ET 200M supports communication with: all DP masters compliant with IEC 61784-1:2002 Ed1 CP 3/1 all IO controllers compliant with IEC 61158 1876 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Configuration of the ET 200M (example) 1 2 3 Power supply module PS 307 Interface module IM 153x up to 12 I/O modules (SM / FM / CP) Configuration of the 'Module replacement during operation' function Introduction The ET 200M supports the "Replace modules during operation" function and the associated pull/plug interrupt. The "Replace modules during operation" function makes it possible for you to pull modules from or plug modules into the ET 200M rack during operation. Requirement You have configured an interface module that supports replacing modules during operation. (as of IM 153-1, article no. 153-1AA02-0XB0). In addition, the configured CPU must also support the function, e.g. for PROFIBUS an S7-400 with DP interface. You must use the active backplane bus (bus rail with slots) for the hardware configuration. The conventional profile rail with bus connectors between the modules does not support this function. Configuring If the configuration requirements have been met, the "Replace modules during operation" parameter is available for selection in the inspector window's "Module parameters" area. Below this parameter, a table for the configured modules is displayed, which shows the required active bus modules for the hardware configuration. For a PROFIBUS configuration, the "Startup if preset configuration does not match actual configuration" option is displayed. This option is automatically enabled if "Replace modules during operation" is enabled. WinCC Advanced V14 System Manual, 10/2016 1877 Editing devices and networks 10.1 Configuring devices and networks Signal modules for process automation Fundamentals Introduction Signal modules for the process automation are S7-300 models, such as SM 321; DI 16xNAMUR or SM 322; DO 16x24VDC/0.5A. They are being operated in a DP slave (IM 153-2). Unlike standard modules, they offer the following additional technical functions, such as pulse extension and chatter monitoring. See also Changeover contact (Page 1878) Technological parameters (Page 1879) Changeover contact "Changeover contact" sensor type If the digital inputs of a channel group are configured as "changeover contacts", the module runs diagnostics for the changeover contact sensor type for this channel group. Changeover contact A changeover contact is an auxiliary switch with only one moving switch element with one close setting each for closed and open switching device. Remember the following rule: Always connect a normally open contact to the "even" channel Always connect a normally closed contact to the "odd" channel. The tolerated switchover time between the two channels is fixed at 300 ms. If the result of the check is negative, then the module identifies the value status of the normally open channel as "invalid" the module generates a diagnostic entry for the normally open channel triggers a diagnostic interrupt (if diagnostic interrupts have been enabled) The digital input signal and the value status are updated only for the normally open channel. For the normally closed channel, the digital input signal is set permanently to "zero" and the value status to "invalid" since this channel is used only to check the sensor. Diagnostics depends on the "Selection" parameter (of the sensor). You should also note the special features of diagnostics with the changeover contact sensor type in the "Signal Modules for Process Automation" manual. 1878 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks See also Documentation on modules for process automation (http://support.automation.siemens.com/ WW/view/de/7215812/0/en) Technological parameters Pulse extension and flutter monitoring Pulse extension is a function for changing a digital input signal. A pulse at a digital input is extended to at least the length set in the parameters. If the input pulse is already longer than the specified length, it is not changed. If you want the pulse to be extended, click in the box to select the time. If you do not want the pulses to be extended, select the "---" entry. Flutter monitoring is a process control function for digital input signals. It detects and reports signal changes that are unexpected in process control, for example when an input signal fluctuates too often between "0" and "1". Flutter monitoring is possible only when group diagnostics has also been enabled for this input. Monitoring window and number of signal changes Flutter monitoring works with aid of the two parameters Monitoring window and Number of signal changes. The first time the signal changes, the time set as the monitoring window is started. If the signal changes more often during this time than allowed by the number of signal changes parameter, this is signaled as a flutter error. If no flutter error is detected during the monitoring window time, the monitoring window can be restarted at the next signal change. Note If you set pulse extension for an input channel, this also affects the flutter monitoring enabled for this channel. The "extended pulse" signal is the input signal for the flutter monitoring. You should therefore make sure that the values set for pulse extension and flutter monitoring are compatible with each other. See also Documentation on modules for process automation (http://support.automation.siemens.com/ WW/view/de/7215812/0/en) WinCC Advanced V14 System Manual, 10/2016 1879 Editing devices and networks 10.1 Configuring devices and networks IQ Sense module Properties of 8 IQ-SENSE Properties The 8 IQ-SENSE module has the following properties: Connection of sensors with IQ-SENSE(R), photoelectric proximity switches: for example, reflex sensors, diffuse sensors, and laser sensors. It can be used centrally in an S7-300 or distributed in an ET 200M. You can connect up to 8 sensors to every module. Each sensor requires a two-wire cable. Function reserve that can be assigned parameters. Time functions, switching hysteresis, synchronous mode that can be assigned parameters Sensitivity and distance values can be specified (IntelliTeach using the "IQ-SENSE Opto" FB) Teach-in Sensors can be removed and inserted during operation (automatic reassignment of parameters) Anti-interference group Only for optical IQ Sense devices (IQ profile ID 1). For IQ Sense devices with IQ profile ID 128 (ultrasound), see "Multiplex/synchronous mode" under the channel-specific parameters. Prevention of interference (e.g., scattered light) by assigning an anti-interference group. This means: Anti-interference group: None (= default) Optical sensors on one or more modules can mutually influence each other when unfavorably arranged. Anti-interference group: 3 or 4 Optical sensors on the same module with anti-interference group 3 or 4 cannot mutually influence each other. Similarly, optical sensors on different modules with anti-interference group 3 or 4 cannot mutually influence each other. You need not maintain minimum clearance between the IQ Sense devices and can, for example, align two retroreflective sensors on a single reflector. 1880 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Operating principle The diagram below explains the functioning of the anti-interference group parameter: 6ORW [,46HQVH QRQH $QWLLQWHUIHUHQFH JURXS SDUDPHWHU Mutual interference is only possible between the optical sensors of the modules in slot 5, 6, 7 and 9 because they are in the same anti-interference group 3 or "None" is set. Note Sensors in the same anti-interference group must be installed to maintain the minimum clearance (see sensor package insert) and to prevent mutual interference. Encoder type This parameter is used to set the sensor type per channel: Reflex sensor or Diffuse sensor or Disabled Diffuse sensor Table 10-186 Diffuse sensor Diffuse sensor Transmitter Receiver Transmitter Receiver WinCC Advanced V14 System Manual, 10/2016 Object Circuit state 0: No object detected, which means the object is not in the beam. The receiver does not see any light. Circuit state 1: Object detected, which means the object is in the beam. The re ceiver does not see any light. 1881 Editing devices and networks 10.1 Configuring devices and networks Reflex sensor Table 10-187 Reflex sensor Reflex sensor Transmitter Receiver Transmitter Receiver Object Circuit state 0: No object detected, which means the object is not in the beam. The receiver sees light. Circuit state 1: Object detected, which means the object is in the beam. The re ceiver does not see any light. Switching hysteresis Faults with the diffuse sensor or in the production process can result in signal wobbles. The measured value then changes the switching threshold by 100 % (object detected - object not detected). You can prevent this switching threshold wobble using the switching hysteresis parameter. This will ensure a stable output signal on the sensor. You can assigned parameters to 5 %/10 %/20 %/50 % for switching hysteresis. Requirements You can only set the switching hysteresis parameter for diffuse sensors with background fadeout. 1882 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Operating principle 5HFHLYLQJOHYHO 6ZLWFKLQJ WKUHVKROG 'LIIHUHQWLDOWUDYHO 7LPH W 6ZLWFKLQJRXWSXWRQVHQVRU 7LPH W Figure 10-50 Switching hysteresis parameter Time function,time value These parameters can be used to set the electronic module for its specific application. WinCC Advanced V14 System Manual, 10/2016 1883 Editing devices and networks 10.1 Configuring devices and networks Operating principle 7LPHU 1RQH GHIDXOW 6ZLWFKLQJVWDWXV &XUYH 5HVHWGHOD\HG 7 7 3LFNXSGHOD\HG 7 7 3LFNXSDQG UHVHWWLQJGHOD\ 7 7 7 0RPHQWDU\ LPSXOVH 6ZLWFKLQJVWDWH RQVHQVRU 7 7 7 2EMHFWGHWHFWHG 2EMHFWQRWGHWHFWHG 7 WLPHYDOXHSDUDPHWHU Figure 10-51 Time functions, time values parameters Multiplex/synchronous mode For the prevention of mutual influence between IQ Sense ultrasound devices in spatial proximity (devices with IQ profile ID 128), use the "Multiplex/synchronous operation" parameter. 1884 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Settings for the multiplex/synchronous mode parameter Disabled: Mutual influence between IQ Sense ultrasound sensors in spatial proximity is possible (default). The cycle time is determined by the IQ Sense ultrasound sensor. Multiplex: The IQ Sense ultrasound sensors determine the process value (distance) one after another, preventing them from affecting one another. The cycle time here is the sum of the configured synchronous cycle times of the IQ Sense ultrasound sensors that are to be multiplexed. Synchronization: The IQ Sense ultrasound sensors determine the process value (distance) at exactly the same time, preventing them from affecting one another. The cycle time here corresponds to the greatest configured synchronous cycle time from among the IQ Sense ultrasound sensors that are to be synchronized. You can, for example, use synchronous operation for a curtain function in which several IQ Sense ultrasound sensors aligned in parallel share a single extended detection area. The sensors simultaneously emit an ultrasound impulse. When an object enters the detection area, the sensor nearest to the object receives the echo most quickly. The object can therefore not only be detected, it can be located as well. AFI value Using the AFI value (application series identifier, as defined in the ISO 15693-3 international standard), transponders can be selected for different applications. Only transponders whose AFI value coincides with the value set on the sensor are processed. If a transponder has the AFI value "0", it can be identified and processed regardless of the AFI value of the sensor. This parameter is only important if it is supported by the ident system, otherwise any value (normally "0") may be assigned. Transponder type Depending on the type of the transponder, you must configure whether it is an ISO transponder or a vendor-specific type. For transponders in accordance with international standard ISO 15693, the value "1" should be selected; for all other types "0" is set. Based on this setting, one of the two possible air interface drivers is selected in the sensor. This parameter is only important if it is supported by the ID system, otherwise any value (normally "0") may be assigned. ET 200S Configuring an ET 200S Introduction For the ET 200S series, you can find a wide range of modules in the hardware catalog under "Distributed I/O". WinCC Advanced V14 System Manual, 10/2016 1885 Editing devices and networks 10.1 Configuring devices and networks Assigning parameters For information on configuration and parameter assignment, refer to "See also". Frequency converters Use of the frequency converter Frequency converters The frequency converter ICU24 and ICU24F ( as fail-safe version) are modular design frequency converters that are completely embedded in the distributed I/O system ET 200S. For parameterization of both modules, please see the following. Message frame The message frame number and the operating mode of the module are only displayed and cannot be modified. Application ID You indicate the saved parameters in the frequency converter as a whole with the application ID. Enter an application ID from the value range 0 to 65535. During startup (or pull/plug), this ID is compared with the application ID stored on the converter. Converters that work with identical applications are usually also identically parameterized and should be identified with the same application ID. Converters with the same application ID may be exchanged between each other. Copying of the complete parameterization of a converter to another converter, for example, via an MMC, is only accepted, if both have the same application ID. Converters that work with different applications and are parameterized differently must be identified by different application IDs. This prevents a converter with unsuitable parameterization from starting on an incorrect slot, i.e. on the wrong application. This also prevents the parameterization that is saved in the converter from being accidently overwritten with any parameteriation that is stored on an MMC. Enable diagnostic interrupt You can enable the diagnostic interrupt for the frequency converter. If diagnostic interrupt is enabled, an OB 82 must be available in a CPU to process the diagnostic events. See also Documentation for the frequency converter (http://support.automation.siemens.com/WW/view/ en/26291825/0/en) 1886 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks ET 200pro ET 200pro with own CPU module ET 200pro with own CPU The ET 200pro can be equipped with its own CPU, for example with the CPU 1516pro. In this regard, note the following rules. Expansion rules with the CPU 1516pro: You can expand the CPU 1516pro with up to 16 modules. The total width can be a maximum of one meter. Expansion with wide modules If the maximum width of one meter is exceeded in a configuration with large modules (for example frequency converters or motor starters), the configuration cannot be compiled. In this case, reduce the configuration. Configuration control with ET 200pro Operating principle Through the configuration control, it is possible to change the original configuration of an ET 200pro (created by configuring with STEP 7) and to operate the ET 200pro in this modified configuration. STEP 7 is no longer required for this configuration: You communicate to the ET 200pro the slot in which a configured module is actually inserted by means of your user program. In this case, use control data record 196. In this data record, you code which modules are missing or located in different slots in the real configuration compared to the configuration. The configuration control has no effect on the parameter assignment of the modules (for example, the enabling of diagnostic alarms). You then call the "WRREC" instruction and use it to write the data record to the interface module of the ET 200pro. Configuration control gives you the flexibility to vary the configuration of an ET 200pro as long as the real configuration can be derived from a preset maximum configuration (originally created with STEP 7). The following sections describe how to enable configuration control. They also outline how control data record 196 and readback data record 197 are structured. Requirements The CPU startup parameter "Compare preset to actual configuration" is set to Startup even if mismatch (default setting). This setting is also selected for the startup parameters of the individual modules of the ET 200pro. WinCC Advanced V14 System Manual, 10/2016 1887 Editing devices and networks 10.1 Configuring devices and networks Enabling configuration control Enable the "Allow to reconfigure the device via the user program" parameter when configuring the ET 200pro in STEP 7 ("Configuration control" area). Configuration of control data record 196 for the ET 200pro There is a byte in control data record 196 for each module. The position of this byte in the data record codes one module in the original configuration with STEP 7: "slot_IM" (byte 4 in the data record, figure below) corresponds to the module in slot 1 in the configuration "slot_2" (byte 5) corresponds to the module in slot 2 in the configuration. "slot_3" (byte 6) corresponds to the module in slot 3 in the configuration. etc. "slot_x" byte The current slot is coded by the figure that is assigned to "slot_x" (by its value). Examples: The value "2" in byte 5 means you are assigning the module originally inserted in slot 2 to slot 2 in the current configuration (slot_2 = 2). The value "3" in byte 5 means you are assigning the module originally inserted in slot 2 to slot 3 in the current configuration (slot_2 = 3). The value "4" in byte 5 means you are assigning the module originally inserted in slot 2 to slot 4 in the current configuration (slot_2 = 4). etc. There are no reserve modules for the ET 200pro (unlike for the ET 200S or with BU cover modules for the ET 200SP). For this reason, bit 7 of "slot_x" must not be set. The value "0" in "slot_x" indicates that this module is not inserted in the current configuration. Example of control data record 196 The figure below shows control data record 196 for a configuration of an ET 200pro with four modules. This configuration is given as an example: The module originally configured with STEP 7 in slot 1 is also inserted in slot 1 in the current configuration. The module in slot 2 is in slot 2 in the current configuration. The module in slot 3 does not exist in the current configuration. The module in slot 4 is actually inserted in slot 3 in the current configuration. 1888 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks The components of control data record 196 (figure above): block_length: Note here the length of the control data record; in the example: 8 (bytes). The length is calculated using the following formula: "Number of assigned slots" + 4. block_ID: Enter the figure 196 here. version: The ET 200pro uses Version 1 of control data record 196. subversion: The ET 200pro uses Subversion 0 of control data record 196. slot_IM: The IM module is always inserted in slot 0 of the ET 200pro. Slot 1 always contains the virtual power module that is integrated as a fixed module in the IM module. The "slot_IM" (name can be changed) can contain any values. This byte is not interpreted in the configuration control of the ET 200pro. slot_2: The configured module 2 is inserted in slot 2 (value "2"). slot_3: The configured module 3 is not present in the current configuration (value "0"). slot_4: The configured module 4 is inserted in slot 3 in the current configuration (value "3"). Definition of control data record 196 A control data record 196 containing a slot assignment is defined for configuration control. WinCC Advanced V14 System Manual, 10/2016 Byte Element Value Description 0 Block length e.g., 8 for ET 200pro with four modules The length of the data record is calcula ted using the formula: 4 + Number of modules in bytes 1 Block ID 196 ID for control data record 196 2 Version 1 Version 1 of control data record 196 3 Subversion 0 Subversion 0 of control data record 196 4 Slot_1 Any values are possible: For example "1" This byte is not interpreted for the ET 200pro because the power module that is integrated as a fixed module in the IM module of the ET 200pro is always inser ted in slot 1. 1889 Editing devices and networks 10.1 Configuring devices and networks 5 Slot_2 Coding of the actual slot: Byte 5 indicates where the module origi nally configured with STEP 7 in slot 2 is 2 = Slot 2 actually inserted in the current configura 3 = Slot 3 tion. 4 = Slot 4 etc. Coding for missing mod ule: 0 = No slot, module not present 6 Slot_3 Example: 2 The module originally configured with STEP 7 in slot 2 is also actually located in slot 2 in the current configuration (val ue "2"). Coding of the actual slot: Byte 6 indicates where the module origi nally configured with STEP 7 in slot 3 is 2 = Slot 2 actually inserted in the current configura 3 = Slot 3 tion. 4 = Slot 4 etc. Coding for missing mod ule: 0 = No slot, module not present 7 Slot_4 Example: 0 The module originally configured with STEP 7 in slot 3 is not present in the cur rent configuration (value "0"). Coding of the actual slot: Byte 7 indicates where the module origi nally configured with STEP 7 in slot 4 is 2 = Slot 2 actually inserted in the current configura 3 = Slot 3 tion. 4 = Slot 4 etc. Coding for missing mod ule: 0 = No slot, module not present : : : Example: 3 The module originally configured with STEP 7 in slot 4 is actually located in slot 3 in the current configuration (value "3"). : Writing a data record Transfer the control data record to the ET 200pro module. To do so, call the extended WRREC (Write data record) instruction, and transfer the control data record created. If you do not transfer a control data record, the interface module uses the original configuration with STEP 7. Here, the following applies: Configured module x is inserted in real slot x. 1890 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Addressing the interface module using the HW identifier To transfer data record 196 with the instruction WRREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. Error messages The following error messages are returned if an error occurs when writing control data record 196: Table 10-188 Error messages Error code Meaning 16#80A2 DP protocol error on layer 2 Indicates that a data record has not been acknowledged due to the system. 16#80B1 Invalid length; the length information in data record 196 is not correct. 16#80B5 Configuration control parameters not assigned. 16#80B2 Invalid slot: The configured slot is not assigned. 16#80B8 Parameter error; module signals invalid parameters. 16#80C5 DP slave or module not available. Indicates that a data record has not been acknowledged due to the system. Readback data record 197 for ET 200pro Readback data record 197 is used to read the actual configuration of a station (in this case of an ET 200pro). This data record allows you to check the real configuration of the ET 200pro (actual configuration). The feedback data record for each configured module specifies whether or not it is actually present. The value "1" means that the correct module is inserted in the correct slot. The value "0" codes all other options (wrong module, empty slot). Example: A module has been configured with STEP 7 for slot 4. This module has then been moved to slot 3 in the current configuration using data record 196. If this module is also really in slot 3, this is coded by the value "1" (status_slot_4 = 1). Configuration details: The configuration of the data block corresponds to the original configuration of the ET 200pro with STEP 7. There is a byte in the data record for each module. The position of this bytes in the data record corresponds to the position of a module in the original configuration with STEP 7. WinCC Advanced V14 System Manual, 10/2016 1891 Editing devices and networks 10.1 Configuring devices and networks Sequence of bytes: "status_slot_IM" (byte 4 in the data record) corresponds to the module in slot 1 in the configuration, "status_slot_2" (byte 5) corresponds to the module in slot 2 in the configuration "status_slot_3" (byte 6) corresponds to the module in slot 3 in the configuration, etc. The following example is for a configuration with 4 modules. The value "8" therefore appears in the "block_length" element of the data record. If you configure an ET 200pro in STEP 7 with fewer modules, the data block will be shorter. You can choose any name for the components of the control data record (for example "status_slot_2"). Meaning of "status_slot_x": The value "1" in status_slot_x means that module x is inserted in the correct slot The value "0" in status_slot_x codes all other options (wrong module, module does not exist). Example: The figure below shows readback data record 197 for an ET 200pro with four modules. There is no module 3 (this was assigned in control data record 196, see section "Example of control data record 196" above) The three other modules are actually inserted in the ET 200pro. Reading readback data record 197 You can read readback data record 197 from the ET 200pro with the instruction RDREC. RDREC operates asynchronously. If you call RDREC in the startup OB, you must call the instruction multiple times using a loop until the "BUSY" or "DONE" output parameter indicates that the data record has been read. To read data record 197 with the instruction RDREC, you must enter the HW identifier of the IM submodule with the extension "Head" as the input parameter for the instruction. The system constant of this HW identifier is, for example, "IO-Device_2Head". The system constants of a selected device are, for example, displayed in the network view in the "System constants" tab. Use the corresponding value for addressing. 1892 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.1 Configuring devices and networks Additional information and examples Further information on the PN interface module of the ET 200pro is available here (http:// support.automation.siemens.com/WW/view/en/98099372). Specific examples of configuration control can be found here in this application description (http://support.automation.siemens.com/WW/view/en/29430270). You will find a library of the data records and other application examples here: Templates for the data records (http://support.automation.siemens.com/WW/view/en/ 29430270) See also Configuration control with ET 200SP (Page 1808) Use of the frequency converter Frequency converters The frequency converters ET 200pro FC and ET 200pro F-FC (as fail-safe version) are modularly design frequency converters that are completely embedded in the distributed I/O system ET 200pro. The following section describes how to configure the two modules. Message frame The message frame number and the operating mode of the module are only displayed and cannot be modified. Application ID You indicate the saved parameters in the frequency converter as a whole with the application ID. Enter an application ID from the value range 0 to 65535. During startup (or pull/plug), this ID is compared with the application ID stored on the converter. Converters that work with identical applications are usually also identically configured and should be identified with the same application ID. Converters with the same application ID may be exchanged between each other. Copying of the complete configuration of a converter to another converter, for example, via an MMC, is only applied, if both have the same application ID. Converters that work with different applications and are configured differently must be identified by different application IDs. This prevents a converter with unsuitable configuration from starting on an incorrect slot, in other words on the wrong application. This also prevents the configuration that is saved in the converter from being accidently overwritten with any configuration that is stored on an MMC. Enable diagnostic interrupt You can enable the diagnostic interrupt for the frequency converter. If diagnostic interrupt is enabled, an OB 82 must be available in a CPU to process the diagnostic events. WinCC Advanced V14 System Manual, 10/2016 1893 Editing devices and networks 10.1 Configuring devices and networks 10.1.5.3 IPv4 routing with CP 1543-1 / CM 1542-1 IPv4 routing with CP 15431 / CM 15421 The following restrictions apply to the "IPv4 routing over the backplane bus" function of the CM/CP. IPv4 routing over the CM / CP to the CPU of the station is not possible. IP configuration with CM 15421 as PROFINET IO controller If the CM with enabled IPv4 routing over the backplane bus is used as PROFINET IO controller, please note the following points for IP configuration of the subordinate IO devices: If IP address configuration for the subordinate IO devices is fixed ("Set IP address in the project" option), IPv4 routing over the CM to the IO devices is not possible. The following settings are required in the IP configuration of the subordinate IO devices to allow IPv4 routing over the CM to those IO devices: - First select the "Use router" option for the IO device. Copy the IP address of the IO controller (CM) to the router address field. - Activate the "IP address is set directly at the device" option for the IO device. 10.1.5.4 IPv6 configuration IPv6 protocol The Internet Protocol version 6 - called IPv6 below - extends the Internet Protocol version 4 (IPv4) that is used predominantly at the current time. Address format IPv6: Notation IPv6 addresses consist of 8 fields each with four-character hexadecimal numbers (128 bits in total). The fields are separated by a colon. Example: fd00:0000:0000:0000:0db8:002f:0000:0000 Rules / simplifications: Leading zeros within a field can be omitted. Example: fd00:0000:0000:0000:0db8:002f:0000:0000, abbreviated fd00:0:0:0:db8:2f:0:0 If one or more blocks have the value 0, a shortened notation is possible with two successive colons. To ensure uniqueness, this shortened form can only be used once within the entire address. With two or more such abbreviations, it may not be possible to determine how many blocks were shortened. Valid example: fd00::db8:2f:0:0 or fd00:0:0:0:db8:2f:: (both clearly recognizable as fd00:0:0:0:db8:2f:0:0) Invalid example: fd00::db8:2f:: (not clear, can be interpreted as fd00:0:0:0:db8:2f:0:0 or fd00:0:0:db8:2f:0:0:0 etc.) The last 2 fields or 4 bytes can be written in the normal decimal notation with periods. Example: The IPv6 address fd00::db8:fd01:2f is equivalent to fd00::db8.253.1.0.47 1894 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Entry and appearance The entry of IPv6 addresses is possible in the notations described above. IPv6 addresses are always shown in the same notation in which they were entered. See also IPv6 with the CP 1543-1 (Page 1895) IPv6 with the CP 1543-1 Use of IPv6 with the CP 1543-1 For all IP services, the CP supports the Internet protocol version 4 (IPv4) The additional specification of addresses in IPv6 format can be used with the CP for the following services and applications: FETCH/WRITE: Direct write/read access by PC stations, SIMATIC S5 or third-party devices FTP client: FTP access from the S7-1500 CPU to an FTP server with program block FTP_CMD FTP server: FTP access from an FTP client to data areas of the S7-1500 CPU SNMP: Data query using MIB objects according to SNMP E-mail: Data transfer from the S7-1500 CPU using the program block T_Mail 10.2 Device and network diagnostics 10.2.1 Hardware diagnostics 10.2.1.1 Overview of hardware diagnostics Principal methods of hardware diagnostics Principal methods of hardware diagnostics Hardware diagnostics can be performed as follows: Using the Online and Diagnostics view Using the "Online Tools" task card Using the "Diagnostics > Device Info" area of the Inspector window Using diagnostics icons, for example, in the device view and the project tree WinCC Advanced V14 System Manual, 10/2016 1895 Editing devices and networks 10.2 Device and network diagnostics Structure of the Online and Diagnostics view The Online and Diagnostics view consists of two windows alongside each other: The left window shows a tree structure with folders and - when you open the folder - groups. The right window contains detailed information on the selected folder or selected group. The "Online access" group and the "Diagnostics" and "Functions" folders are located here: "Online access" group: Displays whether or not there is currently an online connection with the associated target. In addition, you can establish or disconnect the online connection. "Diagnostics": Contains several diagnostics groups for the selected module. "Functions": Contains several groups, in which you can make settings for the selected module or issue commands to the module. Function and structure of the "Online Tools" task card For modules with their own operating mode (such as CPUs), the "Online tools" task card allows you to read current diagnostics information and commands to the module. If you selected a module without its own operating mode or if you selected several modules before activation of the "Online Tools" task card, the task card relates to the relevant CPU. The "Online Tools" task card consists of the following panes: CPU control panel Cycle time Memory Note A pane is filled with content only if the module controls the associated functions and an online connection exists. If there is no online connection to the respective module, the display "No online connection" appears in blue in each pane. If an existing online connection was disconnected, then "This target is not available" will be displayed. 1896 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Structure or the "Diagnostics" tab of the Inspector window The "Diagnostics" tab of the Inspector window itself consists of several tabs. Of these tabs, the following is relevant for the hardware diagnostics. Device information This tab relates to all online devices (e.g. CPUs) to which an online connection has been established and to the devices that are assigned to these online devices (such as PROFINET devices and PROFIBUS slaves). Alarms related to the faulty online devices and the faulty devices are output here. Note What is displayed when a module is faulty? If a module within a device is faulty, only the associated device or its proxy (e.g. head module) are shown, but not the module itself. The faulty devices are displayed "at the top level" and not in a hierarchical view below their online device (as is the case in the project tree). See also Basics on task cards (Page 287) Inspector window (Page 285) Determination of which of the devices that are connected online are defective Overview of the defective devices In the "Diagnostics > Device Info" area of the Inspector window you will obtain an overview of the defective devices that are or were connected online. The "Diagnostics> Device Info" area of the Inspector window consists of the following elements: Header line with the number of defective devices Table with detailed information on each defective device If you originate the establishment of an online connection to a device which is not reachable or reports one or more faults or is not in RUN mode, it will rank as defective. Structure of the table with detailed information on the defective devices The table consists of the following columns: Online status: Contains the online status as a diagnostic symbol and in words Operating mode: Contains the operating mode as a symbol and in words Device / module: Name of the affected device or the affected module Message: explains the entry of the previous column WinCC Advanced V14 System Manual, 10/2016 1897 Editing devices and networks 10.2 Device and network diagnostics Details: The link opens the online and diagnostics view for the device, and places it in the foreground. If an online connection does not exist any longer, the link will open the connection establishment dialog. Help: The link supplies further information on the defect that has occurred. See also Displaying diagnostics status and comparison status using icons (Page 1898) Displaying diagnostics status and comparison status using icons Determining diagnostics status online and displaying using icons When the online connection to a device is established, the diagnostics status of the device and, if applicable, its lower-level components is determined. The operating state of the device is also determined, where applicable. 1898 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics The following is a description of which icons are displayed in specific views. Device view - The associated diagnostic icon is displayed for every hardware component (except the signal board on the CPU). To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - For hardware components with their own operating state, the operating state icon is also displayed to the left of or above the diagnostic icon. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: No diagnostic icons are displayed (due to the configuration as GSDML device). Device overview - The associated diagnostic icon is displayed for every hardware component. To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: For modules assigned to the CPU, the associated diagnostic icon is displayed (modules that are not assigned do not receive a diagnostic icon). The associated diagnostic icon is displayed for plug-in submodules of an assigned module (submodules that are not pluggable are not visible and therefore do not receive a diagnostic icon). Network view - The associated diagnostic icon is displayed for every device. To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: A diagnostic icon is displayed. It belongs to that part of the station that is assigned to the CPU. WinCC Advanced V14 System Manual, 10/2016 1899 Editing devices and networks 10.2 Device and network diagnostics Network overview - The associated diagnostic icon is displayed for every hardware component. To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: A diagnostic icon is displayed. It belongs to that part of the station that is assigned to the CPU. Topology view - The associated diagnostic icon is displayed for every device. To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - The associated diagnostic icon is displayed for every port. The meaning of the individual colors is described further below. - Each cable between two online ports is assigned the color associated with its diagnostics status. The color of the cable between two ports depends on the status of the individual ports: Color of the first port Color of the second port Color of the connecting cable light green light green light green light green dark green dark green green gray gray green red red gray red red - The following applies to modules or submodules of a shared device with an S7-1500 CPU: A diagnostic icon is displayed. It belongs to that part of the station that is assigned to the CPU. Topology overview - The associated diagnostic icon is displayed for every hardware component. To start the Online and Diagnostics view (if available), double-click the diagnostic icon. - For a hardware component with lower-level components, if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: A diagnostic icon is displayed. It belongs to that part of the station that is assigned to the CPU. 1900 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Project tree - The associated diagnostic icon is displayed behind every hardware component. - For a hardware component with lower-level components (e.g., distributed I/O, Slave_1), if there is a hardware error in at least one lower-level component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Hardware error in lower-level component" is also shown in the lower right corner. - For hardware components with their own operating state, the operating state icon is also displayed in the top right corner of the diagnostic icon. - If forcing is active on a CPU, a red F is displayed at the left margin of the diagnostic icon. - The diagnostic icon "Hardware error in lower-level component" is displayed behind the "Local modules" folder when there is a hardware error in at least one of the associated modules. - The diagnostic icon "Hardware error in lower-level component" is displayed behind the "Distributed I/O" folder when there is a hardware error in at least one of the associated modules. - The diagnostic icon "Hardware error in lower-level component" is displayed behind the project folder when the "Hardware error in lower-level component" diagnostic icon is displayed behind at least one of the "Local modules" or "Distributed I/O" folders. - The following applies to modules or submodules of a shared device with an S7-1500 CPU: The associated diagnostic icon is displayed for modules assigned to the CPU (modules that are not assigned are grayed out and do not receive a diagnostic icon). The associated diagnostic icon is displayed for plug-in submodules of an assigned module (submodules that are not pluggable are not visible and therefore do not receive a diagnostic icon). Note If the diagnostic for a hardware component is "not reachable from the CPU", the diagnostic icon "Hardware error in lower-level component" is not additionally shown. Diagnostic icons for modules and devices The following table shows the available icons and their meaning. Icon Meaning The connection with a CPU is currently being established. The CPU is not reachable at the set address. The configured CPU and the CPU actually present are of incompatible types. On establishment of the online connection to a protected CPU, the password dialog was terminated without specification of the correct password. No fault WinCC Advanced V14 System Manual, 10/2016 1901 Editing devices and networks 10.2 Device and network diagnostics Icon Meaning Maintenance required Maintenance demanded Error The module or device is deactivated. The module or the device cannot be reached from the CPU (valid for modules and devices below a CPU). No input or output data are available, because the (sub)module has blocked its input or output channels. Diagnostics data are not available because the current online configuration data differ from the offline configuration data. The configured module or device and the module or device actually present are incompatible (valid for modules or devices under a CPU). The connection is established, but the module status has not yet been determined or is unknown. The configured module does not support display of the diagnostics status. Hardware error in lower-level component: A hardware fault has occurred in at least one lower-level hardware component (occurs as a separate icon only in the project tree) Note Some modules, for example, the FM 450-1, are only indicated as having a problem in the case of an error if you have enabled the diagnostic interrupt when assigning the module property parameters. Icons for the comparison status The diagnostic icons can be combined at the bottom right with additional smaller icons that indicate the result of the online/offline comparison. The following table shows the available comparison icons and their meaning. Icon Meaning Hardware error in lower-level component: The online and offline versions differ (only in the project tree) in at least one lower-level hardware component. Software error in lower-level component: The online and offline versions differ (only in the project tree) in at least one lower-level software component. Online and offline versions of the object are different Object only exists online Object only exists offline Online and offline versions of the object are the same 1902 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Note If both a comparison icon and the "Error in lower-level component" diagnostic icon are to be displayed at the bottom right in the device view, the following rule applies: The diagnostic icon for the lower-level hardware component has a higher priority than the comparison icon. This means that a comparison icon is only displayed if the lower-level hardware components have no errors. Display of software errors in the project tree The associated comparison icon is shown behind each block. Behind each folder, under which exclusively blocks are contained, the diagnostic icon "Software error in lower-level component" is displayed when there is a software error in at least one of the associated blocks. For a hardware component with lower-level software components, if there is no hardware error and there is an error in at least one lower-level software component, the diagnostic icon appears as follows: The hardware component's diagnostic icon has a pale appearance and the diagnostic icon "Software error in lower-level component" is also shown in the lower right corner. Combined diagnostics and comparison icons The following table shows examples of icons that are displayed in the diagnostics icon. Icon Meaning Folder contains objects whose online and offline versions differ (only in the project tree) Object only exists online Operating state icons for CPUs and CPs The following table shows the available icons and their respective operating states. Icon Operating state RUN STOP STARTUP HOLD DEFECTIVE WinCC Advanced V14 System Manual, 10/2016 1903 Editing devices and networks 10.2 Device and network diagnostics Icon Operating state Unknown operating state The configured module does not support display of the operating state. Note If forcing is active on a CPU, a red F is displayed on a pink background at the bottom right of the operating state icon. Color marking of ports and Ethernet cables The following table shows the available colors and their respective meaning. Color Meaning No fault or maintenance required Offline Maintenance demanded Communication error or topological error no diagnostic capability Start online and diagnostics view Overview of possible ways of starting the Online and Diagnostics view You can start the Online and Diagnostics view of a module to be diagnosed at the following locations: Overview Project tree Device view Device overview Network view Network overview Topology view Topological overview In the following, examples are used to show how to proceed. 1904 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Requirement The project with the module to be diagnosed is open. Note This requirement does not apply if you call the online and diagnostics view from the project tree after you have identified the accessible devices. Procedure To start the online and diagnostics view of a module, follow these steps: 1. In the project tree, open the respective device folder. 2. Double click on "Online & Diagnostics". Or: 1. In the project tree, select the respective device folder. 2. Select the "Online & Diagnostics" command in the shortcut menu or the "Online" main menu. Or: 1. In the project tree, open the "Online access" folder. 2. Open the folder for the interface with which you want to establish the online connection. 3. Double click on "Show/Update accessible devices". 4. Select the module to be diagnosed. 5. Select the "Online & Diagnostics" command in the shortcut menu or the "Online" main menu. Or: 1. In the project tree, open the "Local modules" folder. 2. Select the respective device or the module that is to be diagnosed. 3. Select the "Online & Diagnostics" command in the shortcut menu or the main menu. Or: 1. Open the device view in the device configuration. 2. Select the module to be diagnosed. 3. Select the "Online & Diagnostics" command in the shortcut menu or the "Online" main menu. Or: 1. Open the device view in the device configuration. 2. Establish an online connection to the module to be diagnosed. 3. Double-click on the diagnostics icon above the module. WinCC Advanced V14 System Manual, 10/2016 1905 Editing devices and networks 10.2 Device and network diagnostics Or: 1. Open the network view in the device configuration. 2. Select the station with the module to be diagnosed. 3. Select the "Online & Diagnostics" command in the shortcut menu or the "Online" main menu. Or: 1. Open the topology view in the device configuration. 2. Establish an online connection to the module to be diagnosed. 3. In the topology view, double-click the diagnostic icon associated with the module. Result The online and diagnostics view of the module to be diagnosed will be started. If an online connection to the associated CPU had previously been created, the header bar of the Online and Diagnostics view will now have an orange background. Note If no online connection exists when the online and diagnostics view is started, no online information is displayed and the display fields remain empty. Activation of the "Online Tools" task card Activation of the "Online Tools" task card You can activate this task card as follows: 1. Start the online and diagnostics view. 2. Click on the "Online Tools" task card. Or: 1. Start the device view. 2. Click on the "Online Tools" task card. Or: 1. Start the network view. 2. Click on the "Online Tools" task card. 1906 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics 10.2.1.2 Showing non-editable and current values of configurable module properties Showing general properties and system-relevant information for a module Where do I find the information I need? The general properties and system-relevant information for a module can be found in the "General" group in the "Diagnostics" folder in the online and diagnostics view of the module to be diagnosed. Structure of the "General" group The "General" group consists of the following areas: Module Module information Vendor information "Module" area This area shows the following data of the module: Short designation, for example, CPU 1214C DC/DC/DC Article no. Hardware Firmware TIA Portal version, e.g. V13.0 SP1 UPD1 Note TIA Portal version The displayed TIA Portal version is the minimum version that is required to open the blocks loaded to the device. This means it does not necessarily have to be the version with which you have loaded the blocks to the device. Fictitious example: You have loaded your program with TIA Portal version V13.0 SP1 UPD6 to the CPU; however, version V13.0 SP1 is displayed. Racks Slot WinCC Advanced V14 System Manual, 10/2016 1907 Editing devices and networks 10.2 Device and network diagnostics "Module information" area This area shows the following data of the module that you configured during hardware configuration: Module name Installation date (not displayed for all modules) Additional information (not displayed for all modules) "Manufacturer information" area This area shows the following data of the module: Manufacturer Serial number Profile: Profile ID as hexadecimal number Note You will find the corresponding profile name in the profile ID table for PROFIBUS International (see "www.profibus.com"). Profile details: Profile-specific type as hexadecimal number Note You will find the corresponding profile-specific type name in the profile-specific type table for PROFIBUS International (see "www.profibus.com"). Display configured cycle times Where do I find the information I need? The required information can be found in the following places: In the "Cycle time" group of the "Diagnostics" folder in the Online and Diagnostics view of the module to be diagnosed. In the "Cycle time" pane of the "Online Tools" task card Structure of the "Cycle time" group in the "Diagnostics" folder of the Online and Diagnostics view The "Cycle time" group consists of the following areas: Cycle time diagram (graphical display of the assigned and measured cycle times) Cycle time configured (display of the assigned cycle times as absolute values) Cycle times measured (display of the measured cycle times as absolute values) 1908 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Structure of the "Cycle time" pane of the "Online Tools" task card The "Cycle time" pane displays the cycle time diagram and below it the measured cycle times as absolute values. Assigned cycle times The following assigned cycle times are displayed in the cycle time diagram and in the "Cycle time configured" area. Minimum cycle time Maximum cycle time In the cycle time diagram, the minimum cycle time and the maximum cycle time correspond to the two markings on the time axis. In the "Cycle time configured" area, the assigned cycle times are displayed as absolute values. Show interfaces and interface properties of a module Where do I find the information I need? The interfaces and interface properties of a module can be found in the "Diagnostics" folder in the online and diagnostics view of the module to be diagnosed in the following group: PROFINET interface "PROFINET interface" group This group is divided into the following areas: "Ethernet address" with the "Network connection" and "IP Parameters" subareas "Ports" "Network connection" subarea of the "Ethernet address" area This subarea shows the following data for the module: MAC Address: MAC address of the interface. The MAC address consists of two parts. The first part ("Basic MAC address") identifies the manufacturer (Siemens, 3COM, ...). The second part of the MAC address differentiates between the various Ethernet devices. Each Ethernet module is assigned a unique MAC address. WinCC Advanced V14 System Manual, 10/2016 1909 Editing devices and networks 10.2 Device and network diagnostics "IP Parameters" subarea of the "Ethernet address" area This subarea shows the following data for the module: IP address: Internet protocol address of the device on the bus (TCP/IP) Subnet mask: The subnet mask shows which part of the IP address determines the membership of a particular sub-network. Default router: If the subnet is connected via a router to other subnets, the IP address of the default router must be known. This is the only way a datagram can be forwarded with a non-matching subnet address. IP settings: Identifier for the path by which the device has obtained its IP settings (IP address, subnet mask, default router). Identifier Meaning 0 IP address is not initialized 1 By configuration (i.e., by the configuration loaded to the device from the device or network view) 2 Via the "Assign IP address" group of the online and diagnostics view 3 Via the DHCP server (i.e., the IP parameters are obtained by a special service from a DHCP server (Dynamic Host Configuration Protocol) and assigned for a limited time) 4 IP address is set by a user program 5 Source of IP address unknown IP setting time: Time stamp of the last change to the IP address directly through the Ethernet connection of the module "Ports" area This area shows the following data for the module: Ethernet ports Physical properties of the PROFINET interface 1910 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Properties of the PROFI NET interface Meaning Port no. Port number The short description of interface (X + interface no.) and port (P + port no.) is specified in parentheses. An "R" in the short description of a port means that it is a ring port. Status Displays the status of the port LINK LED. Status "OK" means another device (such as a switch) is connected to the port and the physical connection is available. Status "disconnected" means no other device is connected to the port. Status "deactivated" means that access to the port is blocked. Settings "Automatic" for automatic network settings of the device Network settings for speed and transmission method for manual network settings of the device Operating mode Network settings for speed and transmission method If you select a line in the port table, additional help information will be provided for the corresponding port. Displaying IO controllers that access modules of a Shared Device (S7-1500) Where do I find the information I need? The display of those IO controllers that access the modules of a Shared Device can be found in the Online and Diagnostics view of the interface module of the Shared Device in the "Diagnostics" folder in the following area of the "PROFINET interface" group: IO controller Displaying sync domain properties of a PROFINET device Where do I find the information I need? The sync domain properties of a PROFINET device can be found in the following area of the "PROFINET interface" group in the "Diagnostics" folder of the Online and Diagnostics view of the device to be diagnosed: Domain "Domain" area This area is divided into the following subareas: Sync domain MRP domain WinCC Advanced V14 System Manual, 10/2016 1911 Editing devices and networks 10.2 Device and network diagnostics What is a sync domain? A sync domain is a group of PROFINET devices that are synchronized to a common clock. Exactly one device has the role of the sync master (clock generator); all other devices assume the role of a sync slave. The sync master is usually an IO controller or a switch. Non-synchronized PROFINET devices are not part of a sync domain. "Sync domain" subarea of the "Domain" area This subarea shows the following properties of the sync domain: Name: Name of sync domain Role: Role of the PROFINET device in the sync domain. The following roles are possible: - Sync master - Sync slave Synchronization interval: Interval at which the synchronization is performed Send clock Smallest possible send interval for the data exchange Jitter accuracy of the send clock Reserved bandwidth for cyclic communication Displaying MRP domain properties of a PROFINET device Where do I find the information I need? The MRP domain properties of a PROFINET device can be found in the following area of the "PROFINET interface" group in the "Diagnostics" folder of the Online and Diagnostics view of the device to be diagnosed: Domain "Domain" area This area is divided into the following subareas: Sync domain MRP domain What is an MRP domain? The Media Redundancy Protocol (MRP) enables redundant networks to be structured. Redundant transmission paths (ring topology) ensure that, if one transmission path fails, an alternative communication path is available. The PROFINET devices that are part of this redundant network form an MRP domain. 1912 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics "MRP domain" subarea of the "Domain" area This subarea shows the following properties of the MRP domain: Name: Name of MRP domain Role: Role of the PROFINET device in the MRP domain. The following roles are possible: - Manager - Manager (Auto) - Client - Not a device of the ring Ring port 1: The port of the PROFINET device that has the "Ring port 1" property Ring port 2: The port of the PROFINET device that has the "Ring port 2" property Status of the MRP ring: Indicates whether the ring is interrupted ("open" status) or not ("closed" status). Displaying current firmware of a module (S7-300, S7-400, S7-1500) Displaying firmware You can display the currently installed firmware of a module. Requirements The module supports a firmware update. The module is connected online. Procedure To display the current firmware, follow these steps: 1. Open the module in the Online and Diagnostics view. 2. Select the "Firmware update" group in the "Functions" folder. 3. You read off the current firmware in the "Online data" area under "Firmware". WinCC Advanced V14 System Manual, 10/2016 1913 Editing devices and networks 10.2 Device and network diagnostics 10.2.1.3 Showing the current values of dynamic modules properties Display measured cycle times Where do I find the information I need? The measured cycle times can be found at each of the following places: In the "Cycle time" group of the "Diagnostics" folder in the Online and Diagnostics view of the module to be diagnosed. In the "Cycle time" pane of the "Online Tools" task card Structure of the "Cycle time" group in the "Diagnostics" folder of the Online and Diagnostics view The "Cycle time" group consists of the following areas: Cycle time diagram (graphical display of the assigned and measured cycle times) Cycle time configured (display of the assigned cycle times as absolute values) Cycle times measured (display of the measured cycle times as absolute values) Structure of the "Cycle time" pane of the "Online Tools" task card The "Cycle time" pane displays the cycle time diagram and below it the measured cycle times as absolute values. Graphical display of the measured cycle times The following measured cycle times are displayed in the cycle time diagram: Shortest cycle time: Duration of the shortest cycle since the last transition from STOP to RUN This corresponds to the dashed gray arrow on the left in the diagram. Current / last cycle time: Duration of the last cycle This corresponds to the green arrow in the diagram. If the current / last cycle time exceeds the maximum cycle time, the arrow will turn red. Note If the duration of the last cycle comes close to the maximum cycle time, it may be possible that it will be exceeded. Depending on the CPU type, parameter assignment and your user program, the CPU can switch to STOP mode. If for instance you are monitoring the tags in your program, this will increase the cycle time. If the cycle lasts longer than double the maximum cycle time, and you do not restart the maximum cycle time in the user program (by calling the extended RE_TRIGR) instruction, the CPU will switch to STOP mode. Longest cycle time: Duration of the longest cycle since the last transition from STOP to RUN. This corresponds to the dashed blue arrow on the right in the diagram. 1914 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics A blue band extends between the two dashed lines; this band corresponds to the entire range of the measured cycle times. If a measured cycle time is greater than the maximum cycle time, the portion of the band that lies outside the assigned limits will be colored red. Display of the measured cycle times as absolute values The following measured times are displayed in the "Cycle times measured" area and in the "Cycle time" pane. Shortest cycle time since the last transition from STOP to RUN. Current/last cycle time: Longest cycle time since the last transition from STOP to RUN. Showing the current status of the LEDs of a CPU Where do I find the information I need? The current status of the LEDs of a CPU can be found in the display area of the "CPU control panel" pane of the "Online tools" task card. Display area of the "CPU control panel" pane of the "Online Tools" task card This area contains the following displays: Station name and CPU type (short designation) RUN / STOP (corresponds to the "RUN / STOP" LED of the CPU) ERROR (corresponds to the "ERROR" LED on the CPU) MAINT (corresponds to the "MAINT" LED on the CPU) Showing fill levels of all types of memory on a CPU Where do I find the information I need? The fill levels of all types of memory on a CPU can be found on the following two pages: In the display area of the "Memory" group in the "Diagnostics" folder in the online and diagnostics view of the module to be diagnosed In the display area of the "Memory" pane on the "Online Tools" task card Display area of the "Memory" group in the "Diagnostics" folder of the online and diagnostics view This area contains the current memory utilization of the associated module and details of the individual memory areas. The memory utilization is shown both as a bar diagram and as a numerical value (percentage). WinCC Advanced V14 System Manual, 10/2016 1915 Editing devices and networks 10.2 Device and network diagnostics The following memory utilizations are shown: Load memory If no memory card is inserted, the internal load memory is displayed. If a memory card is inserted, the operating system only uses the inserted load memory as the load memory. This is displayed here. Work memory Retentive memory Display area of the "Memory" pane of the "Online Tools" task card This area contains the current memory utilization of the associated module. The available memory is shown both as a bar diagram and as a numerical value (percentage). The numerical value is rounded to an integer value. Note If less than 1% of a memory area is utilized, the available portion of this memory area is shown as "99%". The following memory utilizations are shown: Load memory If no memory card is inserted, the internal load memory is displayed. If a memory card is inserted, the operating system only uses the inserted load memory as the load memory. This is displayed here. Work memory Retentive memory See also Load memory (Page 946) Work memory (Page 946) Retentive memory areas (Page 948) Displaying fill level of all types of memory of an S7-1500 CPU (S7-1500) Where do I find the information I need? The fill levels of all types of memory of an S7-1500 CPU can be found at the following two places: In the display area of the "Memory" group in the "Diagnostics" folder in the online and diagnostics view of the module to be diagnosed In the display area of the "Memory" pane on the "Online Tools" task card 1916 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Display area of the "Memory" group in the "Diagnostics" folder of the online and diagnostics view This area contains the current memory utilization of the associated module and details of the individual memory areas. The memory utilization is shown both as a bar diagram and as a numerical value (percentage). The following memory utilizations are shown: Load memory Note The load memory is located on the SIMATIC memory card. Code work memory: work memory for program code Data work memory: work memory for data blocks Retentive memory Display area of the "Memory" pane of the "Online Tools" task card This area contains the current memory utilization of the associated module. The available memory is shown both as a bar diagram and as a numerical value (percentage). The numerical value is rounded to an integer value. Note If less than 1% of a memory area is utilized, the available portion of this memory area is shown as "99%". The following memory utilizations are shown: Load memory Note The load memory is located on the SIMATIC memory card. Code work memory: work memory for program code Data work memory: work memory for data blocks Retentive memory 10.2.1.4 Checking a module for defects Determining the diagnostic status of a module Where is the diagnostics status of a module displayed? The diagnostic status of a module is displayed in the "Diagnostic status" group in the "Diagnostics" folder in the online and diagnostics view of the module to be diagnosed. WinCC Advanced V14 System Manual, 10/2016 1917 Editing devices and networks 10.2 Device and network diagnostics The "Diagnostics status" group consists of the following areas: Status Standard diagnostics (for S7-300 and S7-400 only for non-CPU modules) "Status" area The following status information is displayed in this area: Status of the module as viewed by the CPU, for example: - Module available and OK. - Module defective. If the module experiences a fault and you have enabled the diagnostic error interrupt during configuration, the "Module defective" status is displayed. - Module configured, but not available. Example: Diagnostics data is not available because the current online configuration differs from the offline configuration. Detected differences between the configured and the inserted module. Provided it can be ascertained, the article number will be displayed for the set and actual type. The scope of the displayed information depends on the selected module. "Standard diagnostics" area The following diagnostics information for non-CPU modules is displayed in this area: Internal and external faults that relate to the overall module Associated diagnostics events Examples of such diagnostics information are: Entire backup failed Module defective Note Diagnostic interrupts A diagnostic interrupt can be reported to the CPU only if the module has diagnostic interrupt capability and the diagnostic interrupt has been enabled. The display of the diagnostic interrupt is a snapshot. Sporadic module defects can be identified in the diagnostics buffer of the respective CPU. 1918 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Performing communication diagnostics of PROFINET ports Where are port-specific errors of PROFINET ports displayed? The port-specific errors of PROFINET ports are displayed in the "Communication diagnostics" group of the "Diagnostics" folder in the Online and Diagnostics view of the module to be diagnosed. Structure of the "Communication diagnostics" group The "Communication diagnostics" group consists of the following areas: Table containing the port-specific errors "Details of the event" text field "Help on event" text field Structure of the table containing the port-specific errors Each line of the error table corresponds to one error. The table consists of the following columns: Name: port no. and port designation, as well as diagnostics icon Error: description of the error that occurred on this port "Details" text field If you select a line in the error table, the "Detail" text field will contain detailed information (if available) on the corresponding error. "Help on selected diagnostic line" text field If you select a line in the error table, the "Help on selected diagnostic line" text field will contain help information (if available) on the corresponding error. PROFINET IO component diagnostics Where do I perform PROFINET IO component diagnostics? You perform the PROFINET IO component diagnostics in the "PROFINET IO diagnostics" group under "PROFINET interface" in the "Diagnostics" folder of the Online and Diagnostics view. WinCC Advanced V14 System Manual, 10/2016 1919 Editing devices and networks 10.2 Device and network diagnostics "PROFINET IO diagnostics" group Manufacturer-related diagnostics texts for the IO device or the selected module of the IO device are displayed in this area. If the diagnostics can be read by the IO controller, then communication errors and configuration errors (online/offline discrepancies) are displayed here. Reading out the diagnostics buffer of a CPU Where do you read out the diagnostics buffer of a CPU? You read out the diagnostics buffer of a CPU in the "Diagnostics buffer" group in the "Diagnostics" folder in the Online and Diagnostics view. Structure of the "Diagnostics buffer" group The "Diagnostics buffer" group consists of the following areas: "Events" "Settings" Diagnostics buffer The diagnostics buffer is used as a log file for the diagnostics events that occurred on the CPU and the modules assigned to it. These are entered in the order of their occurrence, with the latest event shown at the top. "Events" area The "Events" area consists of the following elements: Check box "CPU time stamp takes into account local PG/PC time" Event table "Freeze display" or "Cancel freeze" button Details of the event: Event no., event ID, module and possibly station or device name, rack/ slot, description, help on the event, plant designation, location identifier, coming/going information, event type "Open in editor", "Save as" buttons Check box "CPU time stamp takes into account local PG/PC time" If you have not activated the check box, the diagnostics buffer entries are shown with the module time. If you have activated the check box, the diagnostics buffer entries are shown with the time given by the following formula: 1920 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Displayed time = module time + time zone offset on your programming device / PC This requires the module time to be identical to UTC. You should use this setting if you wish to see the times of the diagnostics buffer entries for the module expressed in the local time of your programming device / PC. Selecting or clearing the check box immediately changes the times displayed for the diagnostics buffer entries. Note If you use the "WR_SYS_T" instruction in your program or if you set the real-time clock of the CPU using an HMI device instead of using UTC, we recommend that you clear the "CPU time stamp takes into account local PG/PC time" check box. In this case, the module time is the sole time of concern. Event table The following information is displayed in the table for each diagnostics event: Sequential number of the entry The first entry contains the latest event. Date and time of the diagnostics event If no date and time are shown, the module has no integrated clock. Short name of the event and, if applicable, the reaction of the CPU Note If an individual parameter of a text cannot be determined, the character string "###" is shown in its place. If no display text is yet available for new modules or new events, the numbers of the events and the individual parameters are stated as hexadecimal values. Only for S7-1200 and S7-1500 CPUs: Icon for the event type The following table shows the available icons and their meaning. Icon Meaning OK (no maintenance and/or no fault) Maintenance required Maintenance demanded Error Icon for information related to incoming/outgoing status The following table shows the available icons and their meaning. WinCC Advanced V14 System Manual, 10/2016 1921 Editing devices and networks 10.2 Device and network diagnostics Icon Meaning Incoming event Outgoing event Incoming event to which there is no independent outgoing event User-defined diagnostics event You can change the order of the columns, adjust the column widths and remove and add individual columns in the event table. In addition, you can sort as follows: by sequential number, by "Date and time" and by "Event". "Freeze display" or "Cancel freeze" button The "Freeze display" or "Cancel freeze" button is only enabled when there is an online connection to the CPU. The default setting is "Freeze display". The following happens when you click the "Freeze display" button: The current display of the diagnostics buffer entries is frozen. The labeling of the button changes to "Cancel freeze". If an error has occurred in your system, diagnostics events can occur very quickly in succession. This produces a high update rate on the display. Freezing the display allows you to calmly examine the situation in more detail. If the display is frozen and you click the "Cancel freeze" button, the following happens: The display of the diagnostics buffer entries is updated again. The labeling of the button changes to "Freeze display". Note If you freeze the diagnostics buffer display, the CPU continues to enter events in the diagnostics buffer. Details of the event If you select a line in the list of events, you obtain detailed information on the respective event: Sequential number of the event in the diagnostics buffer Event ID Module and, if applicable, station or device name Rack/slot 1922 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Description of the event with event-specific additional information. Examples of this additional information: - Command that caused the event - Operating mode switch caused by the diagnostics event Help on the event: The selected event is explained in more detail and possible solutions may be specified. With outgoing events, the text "Outgoing event: "No user action required" is displayed. Only for S7-1200 and S7-1500 CPUs: Plant designation, location identifier Information on whether the event is an incoming or outgoing event Type of event. The following types of event are possible: - OK (no maintenance and/or no fault) - Maintenance required - Maintenance demanded - Error "Open in editor" button The following table shows if the "Open block" button is active and which function it conceals. When is the "Open in editor" button enabled? What happens when you click this button? If the diagnostics event references the relative address of a block. The "Open in editor" function opens the referenced block in the offline view at the programming instruction that causes the error. This allows you to check and, if necessary, change the source code of the block at the specified place and then download it again to the CPU. This is the address of the command that caused the event. If the diagnostics event was triggered by a module. The "Open in editor" function opens the Device view of the module involved. "Save as ..." button If you click this button, the content of the diagnostics buffer is saved in a text file. "Diagnostics", depending on the language, with the extension ".txt" is suggested as the file name. You can however change this name. "Settings" area The "Settings" area consists of the following elements: "Display events" list "Apply settings as default" button "Output event information in hexadecimal format" check box WinCC Advanced V14 System Manual, 10/2016 1923 Editing devices and networks 10.2 Device and network diagnostics List "Display events:" There is an check box in this list for every event class (default setting: all check boxes are selected). If you clear a check box, the events of that event class is no longer displayed in the "Events" area. Reselecting the check box displays the associated events once again. "Apply settings as default" button If you click this button, the settings are also applied to future occasions when the "Events" tab is opened. "Output event information in hexadecimal format" check box If you select the check box, the event IDs in the Events list of the "Events" area is displayed in hexadecimal format. If you clear the check box, the event information is given in text form. See also Basic information on the diagnostics buffer (Page 1944) Saving service data (S7-1500) Purpose In the event of servicing it may be possible that the SIEMENS Customer Support requires very special information about the state of a module of your system for diagnostic purposes. If such a case occurs in your system, you will be asked by Customer Support to save the service data of the module and send the resulting file to them. Where do you carry out the saving of service data of a module? You carry out the saving of service data of a module in its online and diagnostics view at the following points: In the "Functions" folder in the "Save service data" group" The "Save service data" group consists of the following areas: Online data Saving service data "Online data" area This area shows the following data of the module: Article number Firmware version Module name (you configured this while configuring the hardware.) 1924 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Rack Slot "Save service data" area Proceed as follows to create and save a file with special service data: 1. Select the point in the file system at which you want to save the file: - You use the path preset in the "Path" field. - Click the three-dot (browse) button. In the dialog that opens specify the desired path and enter the file name. 2. Click the "Save data" button. 10.2.1.5 Changing the properties of a module or the programming device/PC Changing the mode of a CPU Requirement There is an online connection to the CPU whose mode you want to change. Procedure To change the mode of the CPU, follow these steps: 1. Enable the "Online tools" task card of the CPU. 2. Click the "RUN" button in the "CPU control panel" pane if you want to change the CPU to RUN mode or the "STOP" button if you want to change the CPU to STOP mode. Note The only button active is the one that can be selected in the current operating mode of the CPU. 3. Acknowledge the confirmation prompt with "OK". Or: 1. Open the "Online" menu. 2. Choose the "Start CPU" menu command if you want to set the CPU to RUN mode and "Stop CPU" if you want to set the CPU to STOP mode. Note The only button that is active is the one that can be chosen in the current operating mode of the CPU. 3. Acknowledge the confirmation prompt with "OK". WinCC Advanced V14 System Manual, 10/2016 1925 Editing devices and networks 10.2 Device and network diagnostics Or: 1. Click the "Start CPU" button in the toolbar if you want to set the CPU to RUN mode and the "Stop CPU" button if you want to set the CPU to STOP mode. Note The only button that is active is the one that can be chosen in the current operating mode of the CPU. 2. Acknowledge the confirmation prompt with "OK". Result The CPU will be switched to the required operating mode. Performing a memory reset Requirement There is an online connection to the CPU on which the memory reset is to be performed. The CPU is in STOP mode. Note If the CPU is still in RUN mode and you start the memory reset, you can place it in STOP mode after acknowledging a confirmation prompt. Procedure To perform a memory reset on a CPU, follow these steps: 1. Enable the "Online Tools" task card of the CPU. 2. Click the "MRES" button in the "CPU control panel" pane. 3. Acknowledge the confirmation prompt with "OK". Result The CPU is switched to STOP mode, if necessary, and the memory reset is performed on the CPU. See also Basics of a memory reset (Page 944) 1926 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Determining and setting the time of day on a CPU Where do I find the functions I need? You determine and change the time of day on a CPU in the "Set time of day" group in the "Functions" folder of the Online and Diagnostics view. This requires an online connection. Structure of the "Set time of day" group The "Set time of day" group consists of the following areas: Area for reading out and setting the time of day Time system (This area does not exist for S7-1200 and will not be examined here.) Structure of the area for reading out and setting the time of day This area consists of the following parts: Programming device / PC time Here the time zone setting, the current date and the current time setting of your programming device / PC are displayed. Module time Here the date and time values currently read from the module (for example the CPU), are converted to local time and date and displayed. If the "Take from PG/PC" check box is selected, when you click the "Apply" button, the date and the PG/PC time converted to UTC are transferred to the module. If the "Take from PG/PC" check box is not selected, you can assign the date and time for the integrated clock of the module. After clicking the "Apply" button, the date and the time recalculated to UTC time are transferred to the module. Resetting an S7-1200 CPU to factory settings (S7-1200) Requirement There is no memory card inserted in the CPU. There is an online connection to the CPU that you want to reset to the factory settings. The CPU is in STOP mode. Note If the CPU is still in RUN mode and you start the reset operation, you can place it in STOP mode by answering the security prompt with yes. WinCC Advanced V14 System Manual, 10/2016 1927 Editing devices and networks 10.2 Device and network diagnostics Procedure To reset an S7-1200 CPU to factory settings, follow these steps: 1. Open the Online and Diagnostics view of the CPU. 2. Select the "Reset to factory settings" group in the "Functions" folder. 3. Select the "Keep IP address" check box if you want to keep the IP address or the "Delete IP address" check box if you want to delete the IP address. Note The two check boxes mentioned are only available if the module to be reset is able to choose whether to retain or delete the IP address. 4. Click the "Reset" button. 5. Acknowledge the confirmation prompt with "OK". Result The module is switched to STOP mode if necessary and the settings are then reset to factory settings. This means: The work memory and the internal load memory and all operand areas are cleared. All parameters are reset to their defaults. The diagnostic buffer is cleared. The time is reset. The IP address is kept or deleted depending on which setting you made. Resetting an S7-1500 CPU to factory settings (S7-1500) Requirement If you start a reset to factory settings from the project context, an online connection to the relevant CPU must exist. The relevant CPU is in STOP mode. Note If the CPU is still in RUN mode and you start the reset operation, you can place it in STOP mode after acknowledging a confirmation prompt. Procedure To reset an S7-1500 CPU to factory settings, follow these steps: 1. Open the Online and Diagnostics view of the CPU (either from the project context or via "Accessible devices"). 2. Select the "Reset to factory settings" group in the "Functions" folder. 1928 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics 3. Select the "Keep IP address" check box if you want to keep the IP address or the "Delete IP address" check box if you want to delete the IP address. Note With "Delete IP address", all IP addresses are deleted. This applies regardless of how you created the online connection. If a memory card is inserted, selecting the "Delete IP address" option causes the following: The IP addresses are deleted and the CPU is reset to factory settings. Then, the configuration (including IP addresses) that is stored on the memory card is transferred into the CPU (see below). If the memory card was formatted before resetting to factory settings or if it is empty, no IP address is transferred into the CPU. 4. Click the "Reset" button. 5. Acknowledge the confirmation prompt with "OK". Result The module is switched to STOP mode if necessary and the settings are then reset to factory settings. This means: The work memory and the internal retentive system memory and all operand areas are cleared. All parameters are reset to their defaults. The diagnostic buffer is cleared. The time of day is reset. The I&M data are deleted except for I&M0 data. The runtime meters are reset. The IP address is kept or deleted depending on which setting you made. If a memory card was inserted prior to the reset to factory settings, the configuration contained on the memory card (hardware and software) is downloaded to the CPU. Resetting a PROFINET IO device to factory settings (S7-1500) Requirements There must be an online connection to the PROFINET IO device that is to be reset. Procedure To reset a PROFINET IO device to factory settings, follow these steps: 1. Open the Online and Diagnostics view of the device (either from the project context or via "Accessible devices"). 2. In the "Functions" folder, select the "Reset to factory settings" group. WinCC Advanced V14 System Manual, 10/2016 1929 Editing devices and networks 10.2 Device and network diagnostics 3. Select the "Retain identification and maintenance data" option button or the "Delete identification and maintenance data" option button, depending on whether you want to retain or delete the identification and maintenance data IM0 to IM3 on the device. 4. Click the "Reset" button. 5. Click "OK" in response to the confirmation prompt. If the PROFINET IO device to be reset supports the Reset-to-Factory command according to PROFINET V2.3, its PROFINET device name, its IP address and the SNMP parameters (SNMP: Simple Network Management Protocol) are reset. Your selection in step 3 determines whether the identification and maintenance data is retained or deleted. The reset process is now complete. 6. If the PROFINET IO device to be reset does not support the Reset-to-Factory command according to PROFINET V2.3, however, you will see a message informing you that all data on the module will be lost during a reset to factory settings. Confirm the security prompt. The reset process will be conducted. If you have selected "Delete identification and maintenance data" in step 3, the identification and maintenance data IM0 to IM3 is deleted during the reset. However, if you have selected "Retain identification and maintenance data" in step 3, it can still happen that the identification and maintenance data IM0 to IM3 is deleted during the reset: The reset behavior depends on the module in this case. Result The PROFINET IO device is reset. The data deleted in the process depends on the factors described above. Formatting an S7-1500 memory card (S7-1500) Requirement If you start the formatting of the memory card from the project context, an online connection to the relevant CPU must exist. The relevant CPU is in STOP mode. Note If the CPU is still in RUN mode and you start a formatting operation, you can place it in STOP mode after acknowledging a confirmation prompt. Procedure To format an S7-1500 memory card, follow these steps: 1. Open the Online and Diagnostics view of the CPU (either from the project context or via "Accessible devices"). 2. Select the "Format memory card" group in the "Functions" folder. 3. Click the "Format" button. 4. Answer the safety prompt with "Yes". 1930 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Result The memory card is formatted. The CPU is temporarily unavailable. The project data on the CPU are deleted with the exception of the IP address. If you start the formatting of the memory card from the project context, the Online and Diagnostics view remains open. If formatting is started via "Accessible devices", the Online and Diagnostics view will close. Updating the firmware of a module Basic information on the firmware update of a module Performing a firmware update Using firmware files, you can update the firmware of a module. Requirements The module is connected online. The module supports a firmware update. For those modules that require supply voltage to perform the firmware update correctly: The supply voltage of the module is ensured. For details, see the documentation of the module. Procedure You can call up the firmware update of a module from the project tree or from the project context. WARNING Impermissible system states possible An S7-1500 CPU immediately goes to STOP mode when you start the firmware update, which can have an effect on the operation of an online process or a machine. Unexpected operation of a process or a machine can result in severe or fatal injuries and/or damage to property. Note After you have run a firmware update, you will need to replace the affected module with the same module with the current firmware version in the hardware configuration of your project. The engineering configuration then matches the actual physical configuration again. WinCC Advanced V14 System Manual, 10/2016 1931 Editing devices and networks 10.2 Device and network diagnostics "Run firmware after update" check box If you have not selected the "Run firmware after update" check box, the previous firmware remains active until the module is reset (for example by power cycling). The new firmware only becomes active after the module has been reset. If you have selected the check box, the module is automatically reset after the firmware has been downloaded and it then runs with the new firmware. Activating the firmware following the update has the following consequences: A station executes a restart. All modules in the station become unavailable as a result. If the corresponding CPU is in RUN, activating the firmware can lead to access errors or other problems in the user program and might even mean that the CPU remains permanently in STOP. Note For some CPUs, the "Run firmware after update" check box is grayed out and cleared. In this case, you must restart the CPU manually. For S7-1500 CPUs, the "Run firmware after update" check box is grayed out and selected. In this case, the new firmware is activated immediately after the download operation. Calling the firmware update from the project tree Requirement The module is located in the first hierarchical level behind the head module (IM or CPU of the module family S7-1500 or ET200SP). The head module is connected to the engineering system via PROFINET. Procedure Follow these steps: 1. Select the relevant head module in the project tree. 2. Open the online and diagnostics view of the head module using the shortcut menu. 3. Select the "Firmware update" group in the "Functions" folder. 4. Select "Local modules". In the "Online data" area, a table lists modules of the first hierarchy level behind the head module. With Siemens modules, these are the modules that support a firmware update. With GSDML-based devices, this is all modules. 5. Select the module whose firmware you want to update. 6. Click the "Browse" button in the "Firmware loader" area in order to select the path to the firmware update files. 7. Select one of these files. The table then lists all modules for which an update is possible with the selected firmware file. 1932 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics 8. Optional: Select the "Run firmware after update" check box to reset the module after the load operation and to start the new firmware. 9. Click the "Start update" button. If the selected file can be interpreted by the module, it is downloaded to the module. If the operating mode of the CPU needs to be changed for this purpose, you will be prompted to do this by means of dialogs. Starting the firmware update from the project context Procedure To perform a firmware update, follow these steps: 1. Open the module in the Online and Diagnostics view. 2. Select the "Firmware update" group in the "Functions" folder. Note For S7-1500-CPUs, this group is subdivided into "PLC" and "Display". 3. Click the "Browse" button in the "Firmware loader" area in order to select the path to the firmware update files. 4. Select one of these files. The table then lists all modules for which an update is possible with the selected firmware file. 5. Optional: Select the "Run firmware after update" check box to reset the module after the load operation and to start the new firmware. 6. Click the "Start update" button. If the selected file can be interpreted by the module, it is downloaded to the module. If the operating mode of the CPU needs to be changed for this purpose, you will be prompted to do this by means of dialogs. Assigning an IP address to a PROFINET IO device Basic information on assigning an IP address to a PROFINET IO device Overview All PROFINET IO devices work with the TCP/IP protocol and therefore require an IP address for operation on Industrial Ethernet. Once an IP address has been assigned to an IO device, it can be accessed via this address. You can then download configuration data or perform diagnostics, for example. WinCC Advanced V14 System Manual, 10/2016 1933 Editing devices and networks 10.2 Device and network diagnostics Requirement The Ethernet LAN connection must already be established. The Ethernet interface of your programming device or PC must be accessible. The IO device that is to be assigned an IP address must be in the same IP band as the programming device or PC. Starting the address assignment via "Accessible devices" Requirement The devices accessible via the associated interface of the PG/PC are displayed in the project tree (to display these, either double-click "Update accessible devices" in the project tree or select the "Accessible devices..." command in the "Online" menu.). You have double-clicked "Online access" -> <Selected interface> -> <PROFINET IO device> -> "Online & Diagnostics" in the project tree to open the Online and Diagnostics view. Procedure 1. Open the "Functions" folder and the "Assign IP address" group inside this folder. The "MAC address" field displays the MAC address of the PROFINET IO device. The "Accessible devices" button is grayed out. 2. Enter the desired IP address. 3. Enter the subnet mask. 4. If a router is to be used, select the "Use router" check box and enter its IP address. 5. Click the "Assign IP address" button. Result The IP address is permanently assigned to the IO device or to the relevant PROFINET interface of the IO device. It is retained even through a startup or a power failure. Note For an S7-1500 CPU, you can also use the above-described method to change the IP address of a PROFINET interface, if a project has already been downloaded to the CPU via this interface. This overwrites the IP address downloaded via the project. 1934 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Starting the address assignment from the project context Requirement An online connection to the PROFINET IO device exists. You have opened the Online and Diagnostics view of the PROFINET IO device from the project context. The PROFINET IO device is not assigned to any IO controller. Procedure 1. Open the "Functions" folder and the "Assign IP address" group inside this folder. 2. Click the "Accessible devices" button in order to identify the devices that can be accessed. Note: For an S7-1500 CPU, there are two entries here because it has two PROFINET interfaces. 3. Select the IO device. The "IP address" field, "Subnet mask" field, "Use router" check box and "Router address" field are grayed out and contain the node properties you used to establish the current online access. 4. Click the "Assign IP address" button. Result The IP address is permanently assigned to the IO device or to the relevant PROFINET interface of the IO device. It is retained even through a startup or a power failure. Assigning a PROFINET device name Basic information on assigning a name to a PROFINET IO device Device name Before an IO device can be addressed by an IO controller, it must have a device name. This procedure was chosen for PROFINET because names are easier to handle than complex IP addresses. Assigning a device name to a PROFINET IO device is comparable to setting the PROFIBUS address for a DP slave. An IO device has no device name in its delivery state. For an IO controller to address an IO device, it must first be assigned a device name using the programming device or PC. It is now ready to transfer the configuration information including the IP address during startup or exchange user data in cyclic operation. WinCC Advanced V14 System Manual, 10/2016 1935 Editing devices and networks 10.2 Device and network diagnostics Rules for the device name The device name is subject to the following limitations: Restricted to a total of 240 characters (lower case letters, numbers, dash, or dot) A name component within the device name, which is a character string between two dots, must not exceed 63 characters. No special characters such as umlauts, brackets, underscore, slash, blank space, etc. The only special character permitted is the dash. The device name must not begin or end with the "-" character. The device name must not begin with a number. The device name form n.n.n.n (n = 0, ... 999) is not permitted. The device name must not begin with the string "port-xyz" or "port-xyz-abcde" (a, b, c, d, e, x, y, z = 0, ... 9). Where do I find the function I am seeking? You can assign the name of a PROFINET IO device at the following places: In the online and diagnostics view of the device in the "Assign name" group of the "Functions" folder. The user interface for this group differs depending on how you open the online and diagnostics view: - Open via "Accessible devices" - Open from the project context In the "Assign PROFINET device name" dialog See also Assigning a name in the online and diagnostics view opened via "Accessible devices" (Page 1936) Assigning a name in the online and diagnostics view opened from the project context (Page 1937) Assigning a name in the "Assign PROFINET device name" dialog (Page 1938) Assigning a name in the online and diagnostics view opened via "Accessible devices" Requirement You have opened the online and diagnostics view of the PROFINET IO device using "Update accessible devices" (in the project tree) or "Accessible devices..." ("Online" menu). 1936 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Procedure 1. Open the "Functions" folder and the "Assign name" group inside this folder. The "Type" field displays the module type of the PROFINET IO device. 2. Enter the required device name in the "PROFINET device name" input box. 3. Optional: Select the "Flash LED" check box in order to run an LED flash test on the PROFINET IO device. In this way, you verify that you are naming the desired IO device. Note The LED flash test is not supported by all PROFINET IO devices. The LED flash test runs until you cancel it. This is done, for example, by clearing the "Flash LED" check box or by closing the online and diagnostics view. 4. Click "Assign name". Result The entered name is assigned to the PROFINET IO device. Assigning a name in the online and diagnostics view opened from the project context Requirement You have opened the online and diagnostics view of the PROFINET IO device from the project context. The PROFINET IO device can be accessed using at least one PG/PC interface. Procedure 1. Open the "Functions" folder and the "Assign name" group inside this folder. The "PROFINET device name" drop-down list displays the current name in the offline project, and the "Type" box shows the module type of the PROFINET IO device. Note For CPUs with several PROFINET interfaces, the names of all existing PROFINET interfaces are displayed in the offline project. 2. Choose a different name from the drop-down list, if necessary. Note In steps 3 to 5, you determine the IO devices that are present in the PROFINET subnet. 3. In the "PG/PC interface for assignment" drop-down list, select the PG/PC interface you want to use to establish the online connection. 4. Optional: Use the three check boxes to make a selection from all IO devices available online. WinCC Advanced V14 System Manual, 10/2016 1937 Editing devices and networks 10.2 Device and network diagnostics 5. Click the icon for determining the IO devices present in the PROFINET subnet. The table is then updated. 6. Select the desired IO device in the table. 7. Optional: Select the "Flash LED" check box in order to run an LED flash test on the PROFINET IO device. In this way, you verify that you are naming the desired IO device. Note The LED flash test is not supported by all PROFINET IO devices. The LED flash test runs until you cancel it. This is done, for example, by clearing the "Flash LED" check box, by selecting another IO device in the table, or by closing the online and diagnostics view. 8. Click "Assign name". Result The selected name is assigned to the PROFINET IO device or one of its PROFINET interfaces. Assigning a name in the "Assign PROFINET device name" dialog Requirement You have opened the "Assign PROFINET device name" dialog from the network view (from the shortcut menu of a PN/IE connection). The PROFINET IO device can be accessed using at least one PG/PC interface. Procedure 1. The following is displayed in the "PROFINET device name" drop-down list: - the name of the interface that was used to open the project in the current offline project - the names of those IO devices that are connected by means of this interface The "Type" field displays the module type of the PROFINET IO device. Choose a different name from the drop-down list, if necessary. Note In steps 2 to 4, you determine the IO devices that are present in the PROFINET subnet. 2. In the "PG/PC interface for assignment" drop-down list, select the PG/PC interface you want to use to establish the online connection. 3. Optional: Use the three check boxes to make a selection from all IO devices available online. 4. Click the icon for determining the IO devices present in the PROFINET subnet. The table is then updated. 5. Select the desired IO device in the table. 1938 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics 6. Optional: Select the "Flash LED" check box in order to run an LED flash test on the PROFINET IO device. In this way, you verify that you are naming the desired IO device. Note The LED flash test is not supported by all PROFINET IO devices. The LED flash test runs until you cancel it. This is done, for example, by clearing the "Flash LED" check box or by selecting another IO device in the table. 7. Click "Assign name". Result The selected name is assigned to the PROFINET IO device or the interface that was used to open the dialog. Calibrating an S7-1500 analog module (S7-1500) Calibrating an S7-1500 analog module - Overview (S7-1500) Where do you calibrate an S7-1500 analog module? You calibrate an S7-1500 analog module in its Online and Diagnostics view in the "Calibrate" group of the "Functions" folder. Overview of the function scope of the calibrating function You can perform the following functions for an S7-1500 analog module in the "Calibrate" group: Specifying the current calibration of all channels Calibrating a channel Canceling a running calibration Resetting the calibration of a channel to the factory settings Requirement for the calibrating function described below The following is required for the calibrating function described below: You have opened the Online and Diagnostics view from the project context (thus not from the project tree or via the "Online" menu). There is an online connection to the analog module that is to be calibrated. Offline and online configuration are identical. WinCC Advanced V14 System Manual, 10/2016 1939 Editing devices and networks 10.2 Device and network diagnostics Calibrating an S7-1500 analog module (S7-1500) Overview of the calibration of a channel of an S7-1500 analog module The calibration of a channel of an S7-1500 analog module consists of the following steps: 1. Start calibration 2. Perform the second step up to the next to last step of the calibration 3. Complete calibration These steps are described in more detail in the following section. Requirement You have opened the Online and Diagnostic view of the S7-1500 analog module from the project context and are in the "Calibrate" group of the "Functions" folder. The associated CPU is online. No calibration is currently running on the analog module (if you want to start the calibration) or the last step initiated has been performed successfully (if you want to resume or complete the calibration). Procedure for starting the calibration To start the calibration, follow these steps: 1. In the overview table, select the line that belongs to the channel to be calibrated. 2. Click the "Start manual calibration" button. The user interface then changes as follows: The overview table and the "Start manual calibration" button and "Set to factory settings" buttons become inactive. The step display is activated and displays the numbers of the current and last steps. The "Command" field becomes active and indicates what the user must do in the next calibration step. The "Status" field becomes active and shows the current status of the calibration, e.g., "Calibration successfully started". The "Measured value" field becomes active. For an input module a value is displayed here; you must enter a value here for an output module. The "Cancel" button becomes active. With certain analog modules (AI Energy Meter) the "Skip" button becomes active. This button can be used to skip to the next step of the calibration. The "Next" button becomes active. This button can be used to advance to the next step of the calibration. 1940 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Procedure for the second to the next to last step of the calibration Follow these steps: 1. Click the "Next" button. The fields of the user interface described above are then updated. With certain analog modules (AI Energy Meter), you can skip the next calibration step as long as the next step is not the last step of the calibration procedure. To do this, follow these steps: 1. Click the "Skip" button. The fields of the user interface described above are then updated. Procedure for the last step of the calibration Follow these steps: 1. Click the "Next" button. The user interface then changes as follows: The overview table becomes active. The calibration display of the calibrated channel is updated. The "Start manual calibration" button and "Set to factory settings" buttons become active. The step display is deactivated and the numbers of the current step and last steps are empty. The "Command" field becomes inactive and is empty. The "Status" field becomes inactive and shows the last status of the calibration, e.g., "Calibration successfully finished". The "Measured value" field becomes inactive and is empty. The "Cancel" button becomes inactive. The "Skip" button becomes inactive. The "Next" button becomes inactive. Error occurrence If an error occurs during the calibration, the module cancels the calibration. Afterwards, the channel that was to be calibrated has the same settings as before the start of the calibration. Except for the "Status" field, the user interface appears the same after the occurrence of an error as before the calibration. The "Status" field displays the error that the module detected during the calibration. WinCC Advanced V14 System Manual, 10/2016 1941 Editing devices and networks 10.2 Device and network diagnostics Canceling a running calibration of an S7-1500 analog module (S7-1500) Requirement You have opened the Online and Diagnostic view of the S7-1500 analog module from the project context and are in the "Calibrate" group of the "Functions" folder. The associated CPU is online. A calibration is currently running on the analog module. Procedure To cancel a running calibration, follow these steps: 1. Click the "Cancel" button. Result The running calibration is canceled, and afterwards the channel to be calibrated has the same settings as before the calibration. All operator controls in the user interface are deactivated until the cancelation is complete. Except for the "Status" field, the user interface appears the same afterwards as before the calibration. The "Status" field displays the result of the cancelation. Resetting an S7-1500 analog module to factory settings (S7-1500) Requirement You have opened the Online and Diagnostic view of the S7-1500 analog module from the project context and are in the "Calibrate" group of the "Functions" folder. The associated CPU is online. Procedure To reset a channel of an S7-1500 analog module to factory settings, follow these steps: 1. Select the line associated with the channel to be reset in the overview table. 2. Click the "Set to factory settings" button. Result All operator controls in the user interface are deactivated until the reset operation is complete. Except for the "Status" field, the user interface appears the same afterwards as before the reset operation. The "Status" field displays the result of the reset operation. 1942 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Loading I&M data to PROFINET IO devices and your modules Which I&M data can be loaded to PROFINET IO devices and your modules? You can load I&M 1 data (plant designation and location identifier) and/or I&M 2 data (installation date) and/or I&M 3 data (additional information) to the actual hardware. Requirements In the project settings (Options > Settings, Hardware configuration > Compiling and downloading), the option "Download I&M data" must be enabled. There is an online connection to the PROFINET IO devices and the modules to which you want to load I&M data. You have entered the I&M data you want to download in the properties of the respective PROFINET IO devices and your modules (Inspector window: "Properties" tab > "General" tab, Settings > Identification & Maintenance). Where do I specify which I&M data is downloaded to which PROFINET IO devices? You specify which I&M data you want to download to which PROFINET IO devices in the "Load preview" dialog. You will find the following alternatives in the drop-down list of the "Identification and maintenance data (I&M)" row: Load nothing The check boxes for all PROFINET IO devices as well as the check boxes for the loadable I&M data are cleared. No I&M data is transferred to the actual hardware during loading with this setting. Load data The check boxes for all PROFINET IO devices as well as the check boxes for the loadable I&M data are selected. The respective I&M 1, I&M 2 and I&M 3 data is transferred to all PROFINET IO devices during loading with this setting. Load selected You select the check boxes of those PROFINET IO devices to which you want to load I&M data. You also select the check boxes of the identification data you want to load. With this setting, you transfer the selected I&M data to the selected PROFINET IO devices during loading. Note Language dependency of the I&M data to be loaded The I&M data are loaded to the real hardware in the form that you specified in the properties of the relevant PROFINET IO devices and your modules. There is no language dependency. WinCC Advanced V14 System Manual, 10/2016 1943 Editing devices and networks 10.2 Device and network diagnostics 10.2.1.6 Diagnostics in STOP mode Basic information on the diagnostics buffer Function The operating system of the CPU enters the errors detected by the CPU and the diagnosticscapable modules into the diagnostics buffer in the order in which they occurred. This includes the following events: Every mode change of the CPU (POWER UP, change to STOP mode, change to RUN mode) Every hardware and diagnostic error interrupt The top entry contains the most recent event. The entries in the diagnostics buffer are stored permanently. They are retained even if the power supply fails and can only be deleted by resetting the CPU to factory settings. A diagnostics buffer entry contains the following elements: Time stamp Error ID Additional information specific to the error ID Advantages of the diagnostics buffer The diagnostics buffer offers the following advantages: After the CPU has changed to STOP mode, you can evaluate the last events prior to the STOP so that you can locate and identify the cause of the STOP. You can detect and eliminate the causes of errors more quickly and thus increase the availability of the system. You can evaluate and optimize the dynamic system response. Organization of the diagnostics buffer The diagnostics buffer is a ring buffer. With the S7-1200 CPUs, the maximum number of entries is 50. When the diagnostics buffer is full and a further entry needs to be made, all existing entries are shifted one position (which means that the oldest entry is deleted) and the new entry is made at the first position that is now free (FIFO principle: first in, first out). Evaluation of the diagnostics buffer The contents of the diagnostics buffer can be accessed as follows: Using the Online and Diagnostics view The evaluation of events occurring prior to the error event (e.g., transition to STOP mode) allows you to obtain a picture of the possible causes or to zero in more closely or specify in more detail the possible causes (depending on the error type). 1944 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Read the detailed information about the events carefully and use the "Help on event" text box to obtain additional information and possible causes of individual entries. Note To make the best use of the time stamp information on the diagnostics buffer entries in timecritical systems, it is advisable to check and correct the date and time of day on the CPU occasionally. Alternatively, it is possible to perform a time-of-day synchronization using an NTP time server. See also Resetting an S7-1200 CPU to factory settings (Page 1927) Determining the cause of a STOP of a CPU (Page 1945) Determining and setting the time of day on a CPU (Page 1927) Assigning the clock parameters (Page 969) Determining the cause of a STOP of a CPU Requirement The CPU you want to analyze is in STOP mode. Procedure To find out the reason why a CPU changed to STOP, follow these steps: 1. Open the online and diagnostics view of the CPU. 2. Select the "Diagnostics buffer" group from the "Diagnostics" folder. 3. Evaluate the events occurring prior to the transition to STOP mode. Use this to obtain a picture of the possible causes or to zero in on or specify in more detail the possible causes (depending on the error type). Read the detailed information about the events carefully and use the "Help on event" button to obtain additional information and possible causes of individual entries. Result You were able to zero in on or determine in more detail the cause of the CPU STOP. Note If the analysis does not enable you to overcome the problem, contact Customer Support. In this case, use the "Save as" button to back up the content of the diagnostics data to a text file and submit it to Customer Support. WinCC Advanced V14 System Manual, 10/2016 1945 Editing devices and networks 10.2 Device and network diagnostics See also Reading out the diagnostics buffer of a CPU (Page 1920) 10.2.1.7 Online accesses in the Online and Diagnostics view Displaying status of the online connection Requirement The associated device can be accessed using at least one PG/PC interface. Procedure 1. Open the online and diagnostics view for the device whose online connection status you want to display. 2. Select the "Online access" group. Note The "Online access" group exists only for CPUs and some CPs. However, if you have opened the online and diagnostics view using the "Show/update accessible devices" function, it is not displayed. Result The status of the online connection is displayed in the "Status" area both graphically and in text form. Specifying a PG/PC interface, going online Requirement The associated device can be accessed using at least one PG/PC interface. There is currently no online connection to the relevant device. 1946 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Procedure 1. Open the Online and Diagnostics view of the device to which you want to establish an online connection. 2. Choose the "Online access" group and the "Online access" area within this group. Note The "Online access" group exists only for CPUs and some CPs. If you have opened the Online and Diagnostics view using the "Show/update accessible devices" function, it is not displayed. 3. If an online connection was established previously for the device, the associated data for this online connection is preset in the drop-down lists. In this case, you can immediately continue with the last step of this operating instruction, provided you have not changed the IP address in the meantime using the Online and Diagnostics view. 4. Choose the interface type in the "Type of PG/PC interface" drop-down list. The "PG/PC interface for online access" drop-down list then shows only the interfaces of the programming device or PC that match the selected interface type. 5. In the "PG/PC interface for online access" drop-down list, select the programming device or PC interface via which you want to establish the online connection. 6. Optional: Click the "Properties" button to change the properties of the associated CP. 7. In the "Connection to subnet" drop-down list, select the subnet via which the device is connected to the PG/PC interface. Note The PG/PC interface is connected to an interface of a device. If you only want to access this device, select the setting "Directly at slot <interface name>" in the drop-down list. If, however, you want to access another device by means of routing, create a subnet at this interface in the device configuration and then select this subnet in the drop-down list. 8. If the device is accessible via a gateway, select the gateway that connects the two subnets involved in the "1st gateway" drop-down list. 9. In the "Device address" entry field, enter the IP address of the device to which you want to establish an online connection, if necessary. Note For CPUs with multiple IP addresses, select the IP address of the PROFINET interface you want to use to establish an online connection from the "Device address" drop-down list. 10.Alternatively: Click the "Show accessible devices" button and choose the device from the list of accessible devices to which you want to establish an online connection. 11.Click the "Go online" button. Result The online connection to the desired device is established. WinCC Advanced V14 System Manual, 10/2016 1947 Editing devices and networks 10.2 Device and network diagnostics Going offline Requirement There is currently an online connection to the relevant device. Procedure 1. Open the online and diagnostics view of the device for which you want to disconnect the online connection. 2. Choose the "Online access" group and the "Online access" area within this group. Note The "Online access" group exists only for CPUs and some CPs. However, if you have opened the online and diagnostics view using the "Show/update accessible devices" function, it is not displayed. 3. Click the "Go offline" button. Result The online connection to the desired device will be disconnected. Performing the flash test for a device with an online connection Requirement There is currently an online connection to the relevant device. The FORCE function is not active. Procedure 1. Open the online and diagnostics view of the device for which you want to perform a flash test. 2. Choose the "Online access" group and the "Status" area within this group. Note The "Online access" group exists only for CPUs and some CPs. However, if you have opened the online and diagnostics view using the "Show/update accessible devices" function, it is not displayed. 3. Select the "LED flash test" check box. 1948 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Result On an S7-1200 CPU, the RUN/STOP, ERROR and MAINT LEDs flash. On an S7-1500 CPU, the RUN/STOP, ERROR, and MAINT LEDs flash. On an S7-300 or S7-400 CPU, the FRCE LED flashes. The LEDs flash until you cancel the flash test. This is done, for example, by clearing the "LED flash test" check box, by changing to another group of the online and diagnostics view, or by changing settings in the "Online access" area. 10.2.1.8 Checking PROFIBUS DP subnets for faults Basic information on the diagnostic repeater What is the diagnostic repeater? The diagnostic repeater is a repeater that can monitor a segment of an RS 485 PROFIBUS subnet (copper cable) during operation and signal line errors to the DP master via a diagnostics message frame. The diagnostic repeater detects, localizes and visualizes line errors during operation at an early stage. As a result, problems in the system are identified early and production downtimes will be minimized. Function of the diagnostic repeater The diagnostic repeater can perform line diagnostics on the DP2 and DP3 segments because it has a measuring circuit for these segments. The line diagnostics run in two steps: Step 1: Topology determination You start the topology determination by calling the "DP_TOPOL" instruction in your program. The diagnostic repeater then determines the PROFIBUS addresses and the distance of the devices and creates a topology table. Step 2: Error localization The diagnostic repeater checks the lines during operation. It determines the distance to the point of the error and the reason for the error; it then issues a diagnostics alarm with relative information on the error location. Display of detailed information on the determined error location You receive detailed information on the determined error location in the Online and Diagnostics view of the diagnostic repeater. By means of icons By means of a display with graphics and text WinCC Advanced V14 System Manual, 10/2016 1949 Editing devices and networks 10.2 Device and network diagnostics See also Displaying the status of the segment diagnostics using icons (Page 1950) Displaying the status of the segment diagnostics using graphics and text (Page 1950) Displaying the status of the segment diagnostics using icons Where do I find the information I need? The icons for the status of the segment diagnostics are available: In the expanded "Segment diagnostics" folder in the navigation pane of the Online and Diagnostics view of the relevant diagnostic repeater. The diagnostics icon associated with the segment will be displayed behind the segment designation. It must be noted here that line errors will be displayed for the DP2 and DP3 segments only. The DP1 and programming device segments do not display errors in the form of a diagnostics icon; rather, they signal only a few bus errors. Diagnostics icons The following table shows the available icons and their meaning. Icon Meaning Segment is error-free Segment contains errors Segment is deactivated Displaying the status of the segment diagnostics using graphics and text Where is the status of the segment diagnostics displayed with graphics and text? The status of the segment diagnostics will be displayed using graphics and text in the "DP1", "DP2", "DP3", and "PG" groups of the "Segment diagnostics" folder in the Online and Diagnostics view of the relevant diagnostic repeater. Structure of the "DP1", "DP2" "DP3", and "PG" groups The "DP1", "DP2", "DP3", and "PG" groups consist of the following elements: "Error location" field "Error" field "Resolution" field "Help on event" button "Freeze display" or "Cancel freeze" button 1950 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics "Error location" field This field displays the error location graphically, provided the diagnostic repeater can determine the location. The following picture shows an example for a line error occurring in the DP2 segment. In this example, the diagnostic repeater has the PROFIBUS address 2, and a line error has occurred between the devices with PROFIBUS addresses 16 and 17. This line error is located 25 m from device 16, 4 m from device 17, and 72 m from the diagnostic repeater. "Error" field The error is explained in plain text in this field. "Resolution" field Here, you will find actions for resolving the error. "Help on event" button Click this button to obtain a more detailed explanation of the error and additional details on resolving the error, if applicable. "Freeze display" or "Cancel freeze" button The "Freeze display" or "Cancel freeze" button is only enabled when there is an online connection to the diagnostic repeater. The default setting is "Freeze display". The following happens when you click the "Freeze display" button: The current display of the segment diagnostics is frozen. The labeling of the button changes to "Cancel freeze". If the display is frozen and you click the "Cancel freeze" button, the following happens: The display of the segment diagnostics is updated again. The labeling of the button changes to "Freeze display". WinCC Advanced V14 System Manual, 10/2016 1951 Editing devices and networks 10.2 Device and network diagnostics 10.2.2 Connection diagnostics 10.2.2.1 Overview of connection diagnostics Basics Connection diagnostics, as described below, refers to the diagnostics of communication connections. The connection diagnostics is started each time an online connection is established to a module (CPU or CP) that participates in one or more communication services. The connection status is updated automatically in the background. In the case of one-way connections, an online connection must exist to the communication partner that has established the communication connection. On connections configured at both ends, a distinction between the following two situations must be made: If there is an online connection to only one connection endpoint, only the part of the connection belonging to this connection endpoint can be diagnosed. If there is an online connection to both connection endpoints, both parts of the connection (and therefore the entire connection) can be diagnosed. Basic connections diagnostics options Connection diagnostics can be performed as follows: Using icons on the connection status display This display is generated in the connection table. Through detailed connection diagnostics This step is available in the "Diagnostics > Connection information" area of the Inspector window. Requirement for the connection diagnostics described below The connection diagnostics is only possible if the devices participating in the connection make the corresponding diagnostics data available. You can display the details of either all the communication connections created in the project (default) or selected communication connections in the connection table. The connection diagnostics described in the following assume that you display the details of selected communication connections. To do this, clear the "Show all connections" option in the shortcut menu. 1952 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics 10.2.2.2 Displaying the connection status using icons Content of connection table without an online connection For a CPU or CP, the connection table lists the communication connections (including properties) configured offline, if an online connection is not established. Content of connection table with an online connection After the online connection has been established, the properties of the communication connections listed offline will be expanded to include diagnostics icons for the connection status ("Online status" column). In addition, entries for all communication connections that exist online only (e.g., connections for the instructions for Open User Communication, programming device and OP connections, connections for web server access) will now be added to the connection table. For connections that exist online or offline only, the diagnostics icon at the bottom right is combined with a smaller additional comparison status icon. Diagnostics icons for communication connections The following table shows the diagnostics icons for communication connections. Icon Meaning Connection setup Connection not setup / is being setup Connection not available Diagnostics icons for the comparison status The diagnostic icons for communication connections can be combined at the bottom right with additional smaller icons that indicate the result of the online/offline comparison. The following table shows the available comparison icons and their meaning. Icon Meaning Connection exists online only Connection exists offline only WinCC Advanced V14 System Manual, 10/2016 1953 Editing devices and networks 10.2 Device and network diagnostics 10.2.2.3 Detailed connection diagnostics Detailed connection diagnostics - overview Where do I perform detailed connection diagnostics? To perform detailed connection diagnostics, go to the "Diagnostics > Connection" information of the Inspector window. How do I open the "Diagnostics > Connection information" area of the Inspector window? The following options are available for opening the "Connection information" tab of the Inspector window. Select the line of the relevant connection in the connection table. Click the "Diagnostics" and "Connection information" tabs one after the other in the Inspector window. Double-click the diagnostics icon of the relevant connection in the connection table. This step takes you to the programming editor for a S7 communication instruction or open user communication instruction. Double-click the diagnostic icon of the instruction (stethoscope). Structure or the "Diagnostics > Connection information" area of the Inspector window Requirements: the content of the "Connection information" tab has been filled, and an online connection to at least one end point of the relevant connection has been established. If a module has been selected (network view), the tab will contain the following group: Connection resources (for S7-1200 and S7-1500) If a connection has been selected (connection table), it will contain the following groups: Connection details Address details of the connection (for S7-1200 and S7-1500) Determining online connection resources for S7-1200 (S7-1200) Where do you determine the online connection resources? The online connection resources are obtained in the "Connection resources" group. This group is located in the "Diagnostics > Connection information" area of the Inspector window. It is displayed only if you have selected a module in the network view to which an online connection exists. 1954 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Number of connection resources Maximum number: Specifies the maximum number of available connection resources of the module. Not assigned: Indicates how many connection resources are not yet assigned. If connection resources are already reserved for certain types of communication, then the unreserved connection resources cannot always be used for the various connection types. Reserved and currently assigned connection resources For the communication types indicated below, the connection resources that are reserved and currently assigned by the module will be displayed. Communication type Meaning PG communication Resources for connections between the module and programming devices (for exam ple, for the establishment of a connection from the project tree, for online diagnostics, etc.) HMI communication Resources for connections between the module and HMI devices Open User Communication Resources for connection of open user communication instructions S7 communication Resources for configured S7 connections, through which data can be exchanged by calling instructions in the user program. Other communication Specifies other assigned connection resources for which connection resources are not reserved. Determining online connection resources for S7-1500 (S7-1500) Where do you determine the online connection resources? The online connection resources are obtained in the "Connection resources" group. This group is located in the "Diagnostics > Connection information" area of the Inspector window. It is displayed only if you have selected a module in the network view to which an online connection exists. Description of the detailed display of the connection resources The detailed display of the connection resources includes: Number of available connection resources Number of configured connection resources Number of connection resources still available For a description of these, go to here . WinCC Advanced V14 System Manual, 10/2016 1955 Editing devices and networks 10.2 Device and network diagnostics Determining connection details Where do I determine the connection details? The connection details are obtained in the "Connection details" group. This group is located in the "Diagnostics > Connection information" area of the Inspector window. When is the "Connection details" group filled in? The following requirements must be met to fill in the "Connection details" group on the "Connection information" tab: An online connection to the end point of the relevant connection must exist. You have selected a line in the connection table. Structure of the "Connection details" group The "Connection details" group consists of the following elements: Local ID (hex) Connection type (for S7-1200 and S7-1500) Protocol Connection status: icon and description Details Last status change (for S7-300 and S7-400 only) Determining the address details of a connection (S7-1200, S7-1500) Where do I determine the address details of a connection? The address details of a connection are obtained in the "Connection address details" group. This group is located in the "Diagnostics > Connection information" area of the Inspector window. For which CPUs is the "Connection address details" group available? The "Connection address details" group of the "Connection information" tab is available for S7-1200 and S7-1500 CPUs. When is the "Connection address details" group filled in? The following requirements must be met to fill in the "Connection address details" group on the "Connection information" tab: An online connection to the end points of the relevant connection must exist. You have selected a line in the connection table. 1956 WinCC Advanced V14 System Manual, 10/2016 Editing devices and networks 10.2 Device and network diagnostics Structure of the "Connection address details" group The address details relevant to the connection type are specified for the two communication partners. WinCC Advanced V14 System Manual, 10/2016 1957 Editing devices and networks 10.2 Device and network diagnostics 1958 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics 11.1.1 Operating system and user program 11.1.1.1 Operating system 11 Function The operating system is contained in every CPU and organizes all CPU functions and sequences that are not associated with a specific control task. The tasks of the operating system, for example, include the following: Processing a warm restart Updating the process image of the inputs and outputs Calling the user program Detecting interrupts and calling interrupt OBs Detecting and handling errors Managing memory areas The operating system is a component of the CPU and is already installed there upon delivery. See also User program (Page 1959) 11.1.1.2 User program Function The user program contains all functions that are necessary for processing your specific automation task. The tasks of the user program include: Checking the requirements for a (warm) restart using startup OBs, for example, limit switch in correct position or safety relay active. Processing process data, e.g. linking binary signals, reading in and evaluating analog values, defining binary signals for output, and outputting analog values WinCC Advanced V14 System Manual, 10/2016 1959 Programming the PLC 11.1 Programming basics Reaction to interrupts, for example, diagnostic error interrupt if the limit value of an analog expansion module is overshot. Error handling in normal program execution You write the user program and load it into the CPU. See also Operating system (Page 1959) 11.1.2 Blocks in the user program 11.1.2.1 Linear and structured programming Linear programming Solutions for small automation tasks can be programmed linearly in a program cycle OB. This is only recommended for simple programs. The following figure shows a linear program schematically: The "Main1" program cycle OB contains the complete user program. 0DLQSURJUDP 0DLQ Structured programming Complex automation tasks can be more easily handled and managed by dividing them into smaller sub-tasks that correspond to the technological functions of the process or that can be reused. These sub-tasks are represented in the user program by blocks. Each block is then an independent section of the user program. 1960 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Structuring the program offers the following advantages: Extensive programs are easier to program through the structure. Individual program sections can be standardized and used repeatedly with changing parameters. Program organization is simplified. Changes to the program can be made more easily. Debugging is simplified since separate sections can be tested. Commissioning is simplified. The following figure shows a structured program schematically: The "Main1" program cycle OB calls subprograms one after the other that execute defined subtasks. 0DLQSURJUDP 6XESURJUDPV 0DLQ %ORFNB %ORFNB Nesting depth for blocks The permissible nesting depth for blocks depends on the CPU that is used. The following table shows the guide values for the maximum nesting depth. For detailed information on the CPU you are using, refer to the technical specifications in the hardware documentation. To call the hardware documentation on the Internet, click the links in the table. CPU family Nesting depth (guide value) Link to hardware documentation S7-1500 24 blocks per priority class SIMATIC S7-1500 / ET 200MP Manual Collection (https://support.industry.siemens.com/cs/ww/en/ view/86140384) S7-1200 16 blocks from cycle or startup OB, 6 additional blocks within any interrupt event OB SIMATIC S7-1200 Automation System (https:// support.industry.siemens.com/cs/ww/en/view/ 91696622) S7-400 24 blocks per priority class, 1-2 additional blocks within an error OB SIMATIC S7-400 automation system S7-400 CPU data (https://support.industry.siemens.com/cs/de/en/ view/53385241) WinCC Advanced V14 System Manual, 10/2016 1961 Programming the PLC 11.1 Programming basics CPU family Nesting depth (guide value) Link to hardware documentation S7-300 16 blocks per priority class, 4 additional blocks within an error OB SIMATIC S7-300 CPU 31xC and CPU 31x: Technical specifications (https://support.industry.siemens.com/ cs/de/de/view/12996906/en) ET 200SP 24 blocks SIMATIC ET 200SP Manual Collection (https:// support.industry.siemens.com/cs/ww/en/view/ 84133942) Nesting depth for structures Structures (STRUCT) and PLC data types (UDT) can be nested to a depth of 8. This nesting depth is independent of the CPU used. 11.1.2.2 Overview of the block types Block types Different BLOCK types are available to perform tasks within an automation system. The following table shows the available block types: Block type Brief description Organization blocks (Page 1962) (OB) Organization blocks define the structure of the user program. Functions (Page 1963) (FC) Functions contain program routines for recurring tasks. They have no "mem ory". Function blocks (Page 1964) (FB) Function blocks are code blocks that store their values permanently in in stance data blocks, so that they remain available even after the block has been executed. Instance data blocks (Page 1966) Instance data blocks are assigned to a function block when it is is called for the purpose of storing program data. Global data blocks (Page 1965) Global data blocks are data areas for storing data that can be used by any blocks. 11.1.2.3 Organization blocks (OB) Definition Organization blocks (OBs) form the interface between the operating system and the user program. They are called by the operating system and control, for example, the following operations: Startup characteristics of the automation system Cyclic program processing Interrupt-driven program execution Error handling 1962 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics You can program the organization blocks and at the same time determine the behavior of the CPU. Various organization blocks are available to you depending on the CPU used. For more information on organization blocks, refer to the descriptions of the modes of operation of CPUs in the "Additional information on configurations" chapter in "Configuring Hardware and Networks". Start information of organization blocks When certain organization blocks are started, the operating system provides information that can be evaluated in the user program. Refer to the descriptions of the organization blocks to find out which information is provided, if any. See also Creating organization blocks (Page 4484) 11.1.2.4 Functions (FCs) Definition Functions (FCs) are code blocks without memory. You have no data memory in which values of block parameters can be stored. Therefore, when a function is called, all formal parameters must be assigned actual parameters. Functions can use global data blocks to store data permanently. Application A function contains a program that is executed when the function is called by another code block. Functions can be used, for example, for the following purposes: To return function values to the calling block, e.g. for mathematical functions To execute technological functions, e.g. individual controls using bit logic operations A function can also be called several times at different points in a program. As a result, they simplify programming of frequently recurring functions. Note Parameter transfer when calling functions To avoid errors when working with functions, observe the information in chapter "AUTOHOTSPOT". See also Creating functions and function blocks (Page 4485) WinCC Advanced V14 System Manual, 10/2016 1963 Programming the PLC 11.1 Programming basics 11.1.2.5 Function blocks (FB) Definition Function blocks are code blocks that store their input, output and in-out parameters permanently in instance data blocks, so that they remain available even after the block has been executed. Therefore they are also referred to as blocks "with memory". Function blocks can also operate with temporary tags. Temporary tags are will not be stored in the instance DB, but are available for one cycle only. Application Function blocks contain subroutines that are always executed when a function block is called by another code block. A function block can also be called several times at different points in a program. As a result, they simplify programming of frequently recurring functions. Instances of function blocks A call of a function block is referred to as an instance. An instance data block is required for each instance of a function block; it contains instance-specific values for the formal parameters declared in the function block. The function block can store its instance-specific data in its own instance data block or in the instance data block of the calling block. Access modes S7-1200 and S7-1500 offer two different access options for the instance data blocks, which can be assigned to a function block when this is called: Data blocks with optimized access Data blocks with optimized access have no firmly defined memory structure. The data elements contain only a symbolic name in the declaration, no fixed address within the block. Data blocks with standard access (compatible with S7-300/400) Data blocks with standard access have a fixed memory structure. The declaration elements contain both a symbolic name in the declaration and a fixed address within the block. Note To avoid errors when working with function blocks, refer to the section "AUTOHOTSPOT". See also Creating functions and function blocks (Page 4485) Multi-instances (Page 1977) 1964 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Instance data blocks (Page 1966) Basics of block access (Page 1968) 11.1.2.6 Global data blocks (DB) Definition Data blocks are used to store program data. Data blocks thus contain variable data that is used by the user program. Global data blocks store data that can be used by all other blocks. The maximum size of data blocks varies depending on the CPU. You can define the structure of global data blocks anyway you please. You also have the option of using PLC data types (UDT) as a template for creating global data blocks. Global data blocks in the user program Every function block, function, or organization block can read the data from a global data block or can itself write data to a global data block. This data remains in the data block even after the data block is exited. A global data block and an instance data block can be open at the same time. The following figure shows the different accesses to data blocks: )XQFWLRQB *OREDO'% '%B*OREDO $FFHVVIRUDOOEORFNV )XQFWLRQB )XQFWLRQ%ORFNB ,QVWDQFH'% '%B,QVWDQFH $FFHVVRQO\IRUIXQFWLRQ GDWDERFNB Access modes S7-1200 and S7-1500 offer two different access options for global data blocks: Data blocks with optimized access Data blocks with optimized access have no fixed defined structure. In the declaration, the data elements are assigned only a symbolic name and no fixed address within the block. Data blocks with standard access (compatible with S7-300/400) Data blocks with standard access have a fixed structure. In the declaration, the data elements are assigned both a symbolic name and a fixed address within the block. WinCC Advanced V14 System Manual, 10/2016 1965 Programming the PLC 11.1 Programming basics ARRAY data blocks (S7-1500) ARRAY data blocks are a particular type of global data block. These consist of an ARRAY of any data type. For example, an ARRAY of a PLC data type (UDT) is possible. The DB contains no other elements besides the ARRAY. Because of their flat structure, ARRAY data blocks facilitate access to the ARRAY elements and their transfer to called blocks. The "Optimized block access" attribute is always enabled for ARRAY data blocks. ARRAY data blocks with standard access are not possible. The "Move operations" section of the "Instructions" task card offers options for addressing of ARRAY DBs. See also Creating data blocks (Page 4486) Basics of block access (Page 1968) 11.1.2.7 Instance data blocks Definition The call of a function block is referred to as an instance. The data with which the instance works is stored in an instance data block. The maximum size of instance data blocks varies depending on the CPU. The tags declared in the function block determine the structure of the instance data block. Access modes S7-1200 and S7-1500 offer two different access options for the instance data blocks, which can be assigned to a function block when this is called: Data blocks with optimized access Data blocks with optimized access have no firmly defined structure. The declaration elements contain only one symbolic name in the declaration, and no fixed address within the block. Data blocks with standard access (compatible with S7-300/400) Data blocks with standard access have a fixed structure. The declaration elements contain both a symbolic name in the declaration and a fixed address within the block. See also Creating data blocks (Page 4486) Basics of block access (Page 1968) 1966 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Insert block calls in LAD (Page 4655) Inserting block calls in FBD (Page 4712) 11.1.2.8 CPU data blocks Definition CPU data blocks are generated by the CPU at runtime. To this purpose, insert the "CREATE_DB" instruction into your user program. You can use the data block that is generated at runtime to save your data. CPU data blocks are indicated by means of a small CPU icon in the "Program blocks" folder of an available node. You can monitor the values of the variables of a CPU data block in online mode, similar to those of a different data block type. You cannot create CPU data blocks in your offline project. Loading CPU data blocks The CPU data block that the user program has generated by means of the "CREATE_DB" instruction is initially only available on the device in online mode. All CPU data blocks will be included with the other blocks the next time you perform a complete download from the device to the project. The CPU data blocks are marked with a small CPU icon in the process. However, you cannot upload these CPU data blocks to your device again. Restrictions on CPU data blocks in the project Once the CPU data blocks have been loaded into your offline project, you can open and view their content. However, note that the CPU data blocks in the project are write-protected. The CPU data blocks in the project are therefore subject to the following restrictions: You cannot edit CPU data blocks, or convert these into a different data block type. CPU data blocks cannot be assigned a know-how protection. You cannot change the programming language of a CPU data block. CPU data blocks cannot be compiled or downloaded to a device. Comparing CPU data blocks Once the CPU data blocks have been loaded into your offline project, you can run an online/ offline comparison for the CPU DBs loaded. The comparison editor provides you with a corresponding overview of the differences. It is possible to synchronize the online and off-line version of CPU data blocks if differences are found, but not by downloading the offline version to the device. Deleting CPU data blocks You can delete CPU data blocks both from the project and from the CPU. WinCC Advanced V14 System Manual, 10/2016 1967 Programming the PLC 11.1 Programming basics See also Deleting CPU data blocks (Page 4507) 11.1.2.9 Blocks with optimized access Basics of block access Introduction STEP 7 offers data blocks with different access options: Data blocks with optimized access (S7-1200/S7-1500) Data blocks with standard access (S7-300 / S7-400 / S7-1200 / S7-1500) Within one program you can combine the two types of blocks. Data blocks with optimized access Data blocks with optimized access have no fixed defined structure. In the declaration, the data elements are assigned only a symbolic name and no fixed address within the block. The elements are saved automatically in the available memory area of the block so that there are no gaps in the memory. This makes for optimal use of the memory capacity. Tags are identified by their symbolic names in these data blocks. To address the tag, enter its symbolic name. For example, you access the "Fill Level" tag in the "Data" DB as follows: "Data".Fill Level Blocks with optimized access offers the following advantages: You can create data blocks with any structure without paying attention to the physical arrangement of the individual data elements. Quick access to the optimized data is always available because the data storage is optimized and managed by the system. Access errors, as with indirect addressing or from the HMI, for example, are not possible. You can define specific individual tags as retentive. Optimized blocks are equipped with a memory reserve by default which lets you expand the interfaces of function blocks or data blocks during operation. You can download the modified blocks without setting the CPU to STOP and without affecting the values of already loaded tags. Note The "Optimized block access" attribute is always enabled for the following blocks and cannot be deselected. GRAPH blocks ARRAY data blocks 1968 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Data blocks with standard access Data blocks with standard access have a fixed structure. In the declaration, the data elements are assigned both a symbolic name and a fixed address within the block. The address is shown in the "Offset" column. Tags in these data blocks can be addressed in both symbolic and absolute form. "Data".Fill Level DB1.DBW2 Setting Retentivity for Optimized Access or Standard Access If you define data as retentive, its values are retained even after a power failure or a network off. A retentive tag is not initialized after the hot restart but retains the value it had prior to the power failure. If a DB tag is defined as retentive, it is stored in the retentive memory area of the data block. The options for setting the retentivity depend on the access type of the block. In data blocks with standard access, you cannot set the retentive behavior of individual tags. The retentivity setting is valid for all tags of the data block. In data blocks with optimized access you can define the retentive behavior of individual tags. For structured data type tags, the retentivity setting always applies to the entire structure. You cannot make any individual retentivity setting for separate elements within the data type. Setting Addressing Options for Optimized Access or Standard Access Blocks with optimized access permit only "type-safe" access. Type-safe access addresses tags by their symbolic name only. This means even changes to the block or the block interface will not result in inconsistencies in the program or access errors. The following table shows the permitted addressing options for optimized data: Addressing Symbolic addressing Block with standard access Block with optimized access x x Indexed addressing of ARRAYs x Slice access x x Overlapping with AT x - Absolute addressing x - Indirect addressing via ANY x - Indirect addressing via POINTER and VARIANT x with symbolic notation only WinCC Advanced V14 System Manual, 10/2016 1969 Programming the PLC 11.1 Programming basics See also Setting up block access (Page 1970) Retentive memory areas (Page 948) Creating blocks (Page 4483) Setting up block access Introduction Block access is set up automatically when you create a block: Blocks created on CPUs of the S7-1200/1500 product range provide optimized access by means of a default setting. New blocks created on CPUs of the S7-300/S7-400 product range provide standard access by means of a default setting. Access to a block that you copy or migrate to a CPU of a different product range is not converted automatically. However, in certain situations it may be useful to change block access in manual mode, e.g., in order to utilize the full functional scope of the CPU. In most cases, you will have to recompile and load the program after block access has been converted. NOTICE Optimized block access for GRAPH blocks The "Optimized block access" attribute is always enabled for GRAPH blocks in S7-1500 and cannot be deselected. Procedure To set the block access, proceed as follows: 1. Open the "Program blocks" folder in the project tree. 2. Right-click on the block whose block access you want to change. 3. Select the "Properties" command in the shortcut menu. The properties dialog box of the block opens. 4. Click "Attributes" in the area navigation. 5. Enable or disable the "Optimized block access" option. 6. Confirm your entries with "OK". Restrictions and special features As a matter of principle, you can only convert block access on CPUs of the S7-1200/1500 product range, as only these support the "optimized" access mode. 1970 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics The following restrictions or special features apply in this context: Instance data blocks The block access of instance data blocks is always determined by the assigned function block and cannot be changed in manual mode. If you change the access mode on a function block, you also need to update the assigned instance data blocks. This update procedure adapts the access mode of the instance data block. System blocks and know-how protected blocks You cannot manually edit the block access for system blocks and know-how protected blocks. Organization blocks The start information of an OB with standard access is always stored in the first 20 bytes of the "Temp" section in the block interface. By contrast, the start information of an OB with optimized access is always written to the "Input" section. For this reason, the block interface of OBs will also change whenever you convert block access. Additional information is provided in the following sections. Converting block access from "standard" to "optimized". A block copied from the CPU of the S7-300/400 product range to a CPU of the S7-1200/1500 product range will initially retain the "standard" access mode. However, you can significantly increase the performance of program execution by using blocks with optimized access, which is why it may be useful to modify the access mode manually. The blocks are adapted as follows in the course of conversion: Function blocks All interface parameters are assigned the "Non-retain" retentivity setting. Global data blocks The retentivity setting that was assigned centrally to the entire data block is transferred to the individual interface parameters. It is now possible to manipulate the retentivity setting of the various parameters. However, the following rule will still apply: For structured data type tags, the retentivity setting always applies to the entire structure. You cannot assign separate retentivity settings to the various elements within a structured data type. It therefore follows that you cannot assign individual retentivity settings to the tags of data blocks that are based on PLC data types. Organization blocks All interface parameters that are stored in the first 20 bytes of the "Temp" section will be deleted. New CPU-specific start information is entered in the "Input" section. Naming conflicts with user-defined interface parameters occurring in the process are resolved by renaming the user-defined interface parameters. WinCC Advanced V14 System Manual, 10/2016 1971 Programming the PLC 11.1 Programming basics CAUTION The conversion of the block access has the following consequences: Absolute addressing of the interface parameters of the block is no longer possible after conversion of block access to the "optimized mode. Example: #L0.1 is no longer valid. Since conversion to the "optimized" block access mode of organization blocks also modifies the OB interface, you may possibly have to adapt, recompile and load the program again due to these changes. Converting block access from "optimized" to "standard". If you want to copy or move a block from the CPU of the S7-300/400 product range to a CPU of the S7-1200/1500 product range, you first need to set the "standard" access mode. The blocks are adapted as follows in the course of conversion: Function blocks and global data blocks. You can no longer set a retentivity in the function block. The corresponding setting is made in the instance data block. All interface parameters in the instance DB or global DB are assigned the same retentivity setting. The conversion is subject to the following rule: - If all interface parameters in the original block were retentive, the entire block will be retentive after conversion. - If all interface parameters in the original block were non-retentive, the entire block will be non-retentive after conversion. - If the interface parameters in the original block had different retentivity settings, the entire block will be non-retentive after conversion. Organization blocks All interface parameters stored in the "Input" section will be deleted. New CPU-specific start information is entered in the "Temp" section. This data is written to the first 20 bytes. Naming conflicts with user-defined interface parameters occurring in the process are resolved by renaming the user-defined interface parameters. CAUTION The conversion of the block access has the following consequences: Since a conversion to "standard" block access mode might change the retentivity settings of the interface parameters, you may possibly have to adapt, recompile and load the program again due to these changes. See also Basics of block access (Page 1968) Specifying block properties (Page 4495) 1972 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics 11.1.3 Block calls 11.1.3.1 Principles of block calls Function of block calls For your blocks to be executed in the user program, they need to be called from another block. When one block calls another block, the instructions of the called block are executed. Only when execution of the called block has been completed does execution of the calling block resume. The execution is continued with the instruction that follows on the block call. The following figure shows the sequence of a block call within a user program: &DOOLQJEORFN 2%)%)& 3URJUDPH[HFXWLRQ &DOOLQJEORFN )%RU)& 3URJUDPH[HFXWLRQ 2SHUDWLRQWKDWFDOOV DQRWKHUEORFN %ORFNHQG Parameter transfer When a block is called, you must assign values to the parameters in the block interface. By providing input parameters you specify the data with which the block is executed. By providing the output parameters you specify where the execution results are saved. See also Call hierarchy (Page 1973) Basics of instances (Page 1975) 11.1.3.2 Call hierarchy Definition The order and nesting of block calls is referred to as the call hierarchy. The following figure shows an example of the order and nesting of block calls within an execution cycle: WinCC Advanced V14 System Manual, 10/2016 1973 Programming the PLC 11.1 Programming basics 1HVWLQJGHSWK 6WDUWRI F\FOH )&B )%B 2SHUDWLQJV\VWHP ,QVWDQFH'% )%B 0DLQ )&B )%B ,QVWDQFH'% ,QVWDQFH'% )&B '%B*OREDO Nesting depth for blocks The permissible nesting depth for blocks depends on the CPU that is used. The following table shows the guide values for the maximum nesting depth. For detailed information on the CPU you are using, refer to the technical specifications in the hardware documentation. To call the hardware documentation on the Internet, click the links in the table. CPU family Nesting depth (guide value) Link to hardware documentation S7-1500 24 blocks per priority class SIMATIC S7-1500 / ET 200MP Manual Collection (https://support.industry.siemens.com/cs/ww/en/ view/86140384) S7-1200 16 blocks from cycle or startup OB, 6 additional blocks within any interrupt event OB SIMATIC S7-1200 Automation System (https:// support.industry.siemens.com/cs/ww/en/view/ 91696622) S7-400 24 blocks per priority class, 1-2 additional blocks within an error OB SIMATIC S7-400 automation system S7-400 CPU data (https://support.industry.siemens.com/cs/de/en/ view/53385241) S7-300 16 blocks per priority class, 4 additional blocks within an error OB SIMATIC S7-300 CPU 31xC and CPU 31x: Technical specifications (https://support.industry.siemens.com/ cs/de/de/view/12996906/en) ET 200SP 24 blocks SIMATIC ET 200SP Manual Collection (https:// support.industry.siemens.com/cs/ww/en/view/ 84133942) Nesting depth for structures Structures (STRUCT) and PLC data types (UDT) can be nested to a depth of 8. This nesting depth is independent of the CPU used. 1974 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics See also Basics of instances (Page 1975) Principles of block calls (Page 1973) 11.1.3.3 Instances Basics of instances Definition The call of a function block is referred to as an instance. The data with which the instance works is stored in an instance data block. Instance data blocks have the following properties: Instance data blocks are always assigned to an FB. The structure of the instance data block is derived from the interface of the corresponding FB and can only be changed there. Instance data blocks are created automatically when a function block is called. Assignment of instances You have the following options for assigning instance data blocks: Single instance: The called function block saves its data in an instance data block of its own. See also: Single instances (Page 1976) Multi-instance: The called function block does not save its data in its own instance data block, but in the instance data block of the calling function block. See also: Multi-instances (Page 1977) Parameter instance: You transfer the instance of the block to be called as an in/out parameter to the calling block. See also: Parameter instances (Page 1979) See also Overview of the block interface (Page 4522) Addressing instance data (Page 2015) Principles of block calls (Page 1973) Call hierarchy (Page 1973) WinCC Advanced V14 System Manual, 10/2016 1975 Programming the PLC 11.1 Programming basics Single instances Definition The call of a function block (FB) that is assigned its own instance data block is referred to as a single instance. By assigning the instance data block, you specify where the instance data of the FB will be saved. Advantages The use of single instances provides the following advantages: Reusability of the function blocks Good structuring options for simple programs How single instances work The following figure shows an FB that uses a further FB ("FB_Valve"). "FB_Valve" is called as a single instance; in other words, it saves its data in its own instance DB. The structure of the instance data block is defined by the interface of the corresponding FB and can only be changed there. The instance DB contains the following data: Block parameters The block parameters in the sections Input, Output and InOut form the block interface for the call in the program. Static local data Static local data in the section Static is used to permanently store intermediate results beyond the current program cycle. Creating single instances Instance DBs are created when a function block is called. When you call an FB, a dialog appears in which you can specify whether the FB will be called as a single instance, multiinstance or parameter instance. 1976 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Addressing data in single instances To address a tag from the instance DB of the current block, enter the character # followed by the symbolic tag name: #<tag name> See also Basics of instances (Page 1975) Multi-instances (Page 1977) Multi-instances Definition When a function block (FB) calls a further FB, you do not need to create a separate instance DB for the called block. The called FB can also save its instance data in the instance DB of the calling FB. This type of block call is referred to as a multi-instance. Advantages The use of multi-instances provides the following advantages: Good structuring options for complex blocks Lower number of instance DBs Simple programming of local sub-programs. WinCC Advanced V14 System Manual, 10/2016 1977 Programming the PLC 11.1 Programming basics How multi-instances work The following figure shows an FB that uses a further FB ("FB_Valve"). "FB_Valve" is called as a multi-instance; in other words, it saves its data in the instance DB of the calling FB. Multiinstance data is located in the "Static" section of the calling block. Creating multi-instances Multi-instances are defined when a function block is called. When you call an FB, a dialog appears in which you can specify whether the FB will be called as a single instance, multiinstance or parameter instance. ARRAYs of multi-instances Multi-instances can also be created as an ARRAY. You can address the individual ARRAY elements via a variable index, e.g. when processing program loops. You do not declare ARRAYS of multi-instances in the dialog that appears when you call the block, but directly in the block interface. See also: Declaring multi-instances Addressing data in multi-instances Both the calling and the called FB can access the multi-instance data. 1978 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Within the called FB, you address the data with the # character followed by the tag name. From the calling block, you access the data with #<multi-instance name>.<tag name>. Syntax Meaning #<tag name> //Access within the called FB #<multi-instance name>.<tag name> //Access from the calling FB See also Basics of instances (Page 1975) Single instances (Page 1976) Example of the use of parameter instances (Page 1981) Parameter instances Definition The parameter instance provides a special option for instantiation: Here, at the time of creating the program, you do not specify a fixed instance for saving the block data. Instead, at runtime, you transfer the instance of the block to be called as an in/out parameter to the calling block. Advantages The use of parameter instances provides the following advantages: At runtime, you can define which instance is currently being used. You can process different instances iteratively in program loops. Note ARRAYs of multi-instances To simplify the iterative processing of instances in program loops, define an ARRAY of multiinstances. See also: Multi-instances (Page 1977) How parameter instances work The following figure shows the "FB_Caller" that uses a further FB ("Valve"). "Valve" is called as a parameter instance. Therefore, when calling "Valve", do not specify a concrete instance. Instead, define an in/out parameter ("#Valve_Instance") with which the concrete instance is transferred at runtime. WinCC Advanced V14 System Manual, 10/2016 1979 Programming the PLC 11.1 Programming basics Creating parameter instances Parameter instances are defined when a function block is called: When you call an FB, a dialog appears in which you can specify whether the FB will be called as a single instance, multiinstance or parameter instance. As an alternative, you also have the option of entering parameter instances manually directly in the block interface. See also: Declaring parameter instances (Page 4538) The following figure shows the call of a parameter instance for the FB "Valve": 1980 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Transferring the instance as a parameter Each time the higher-level FB is called ("FB_Caller" in the example) transfer an instance for the called FB (in the example "Valve"). You can transfer the following types of instances: Single instance Transfer an existing instance DB of the called FB (the FB "Valve" in the example). Multi-instance Transfer an existing multi-instance of the called FB. Individual element of an ARRAY of multi-instances Transfer an element of an existing ARRAY of multi-instances. The following figure shows the call of "FB _Caller". With the "Valve_Instance" parameter, the instance "#currValve" is transferred. This instance, which is pending at the #currValve parameter during runtime, is used to call "Valve". See also Example of the use of parameter instances (Page 1981) Example of the use of parameter instances Description The use of parameter instances allows you to transfer the instance of a function block to another block (FB or FC) for further processing, for example, a data query or an error analysis, or even have the function block executed with the passed instance. The ARRAY multi-instances can be used to combine objects of the same type and process their instances indexed in a program loop. Indexed ARRAY elements can also be passed to another block as a parameter instance. To illustrate this, the object "Valve" (FB_Valve) was selected in the following example. On this basis, you are provided with all required information on valve processing in a program block, "FB_ValveControl" in this case. The figure below illustrates the features needed and how they can be used: WinCC Advanced V14 System Manual, 10/2016 1981 Programming the PLC 11.1 Programming basics FB_ValveControl ARRAY of valve Valve instance[1] Valve instance[2] Valve instance[3] Required Valve instance[...] Valve blocks Conditional special processing e.g. status query: Current: = Status (valve instance[i]) Conditional special processing for example, when maintenance case is detected: IF maintenance case (valve instance[i]) THEN (perform maintenance) FB_Valve Call in FB_ValveControl Basic processing and parameter transfer: Call valve instance[i] (...) (Data definition & basic functionality) FC_StatusValve (Special function) FC_MaintainValve (Special function) The two functions "FC_StatusValve" and "FC_MaintainValve" process a parameter instance of the "FB_Valve" program block which they received in the call. In the "FB_ValveControl" program block, you use the ARRAY multi-instances on the one hand to declare the number of existing valves and, on the other hand, to manage all of the valves in a loop by means of various functions. Note Completeness This solution is only an example to illustrate how this task can be approached. Keep in mind that you need to adjust the program code to your actual task. The following program blocks are required to implement this example: Block Description Programming language FB_ValveCon trol This function block is used as a control block, where you can process all the valves using an ARRAY of multi-instances. SCL FB_Valve This function block contains the definition of the valve data and the program code for processing a valve. SCL FC_StatusValve The function returns the status of the currently pro cessed valve. FC_Maintain Valve 1982 (The three program blocks are used by the "FB_Valve Control" program block.) This function checks if maintenance is required on the valve. If required, the maintenance is performed and the function value TRUE is returned when everything is completed. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Procedure: Create "FB_Valve" To create the SCL function block, follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog opens. 2. Click on the "Function block (FB)" button. 3. Enter the name "FB_Valve". 4. Select "SCL" as the language. 5. Click "OK". 6. The declaration of the block interface is based on a valve which can open and close, and could look like this, for example: 7. The program code for controlling the valves could look like this, for example: Procedure: Create "FC_StatusValve" To create the SCL function "FC_StatusValve", follow these steps: 1. Double-click on the "Add new block" command. The "Add new block" dialog opens. 2. Click on the "Function (FC)" button. 3. Enter the name "FC_StatusValve". 4. Select "SCL" as the language. 5. Click "OK". WinCC Advanced V14 System Manual, 10/2016 1983 Programming the PLC 11.1 Programming basics 6. The declaration of the block interface with integration of the parameter instance "FB_Valve" could look like this, for example: 7. Write the following program code, for example: Procedure: Create "FC_MaintainValve" To create the SCL function "FC_MaintainValve", follow these steps: 1. Double-click on the "Add new block" command. The "Add new block" dialog opens. 2. Click on the "Function (FC)" button. 3. Enter the name "FC_MaintainValve". 4. Select "SCL" as the language. 5. Click "OK". 1984 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics 6. The declaration of the block interface with integration of the parameter instance "FB_Valve" could look like this, for example: 7. Write the following program code, for example: Procedure: Create "FB_ValveControl" To create the SCL function block, follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog opens. 2. Click on the "Function block (FB)" button. 3. Enter the name "FB_ValveControl". 4. Select "SCL" as the language. 5. Click "OK". 6. Define the user constant: The user constant "vmax" is used in this example in order to easily adapt the program to a different number of valves. WinCC Advanced V14 System Manual, 10/2016 1985 Programming the PLC 11.1 Programming basics 7. The declaration of the block interface with integration of the valve instances from "FB_Valve" could look like this, for example: 8. Write the following program code, for example: Procedure: Call of "FB_ValveControl" in OB 1 To call the "FB_ValveControl" function block in OB 1, follow these steps: 1. Open the "Main [OB1]" block with a double-click. 2. Use a drag-and-drop operation to add the "FB_ValveControl" function block to OB1. 1986 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Result One valve is processed in each program cycle. The respective valve selected by index is processed, its status queried and maintenance is performed, if needed. In this example, one valve per cycle has been processed. Of course, it is also possible to process all valves in one program loop, but then the cycle time increases accordingly. If you need a short program cycle, we recommend that you avoid working with a program loop. See also Parameter instances (Page 1979) Multi-instances (Page 1977) 11.1.3.4 Parameter transfer at block call Rules for supplying block parameters Block parameters The calling block gives the called block the values with which it is to work. These values are referred to as block parameters. The input parameters provide the called block with the values that it has to process. The block returns the results via the output parameters. Block parameters therefore form the interface between the calling and the called block. You use input parameters when you want to only query or read values, and output parameters when you want to set or write these values. If block parameters are read and written you have to create these as in-out parameters. The following rules apply to the use of block parameters within the block: Input parameters may only be read. Output parameters may only be written. In/out parameters may be read and written. Formal and actual parameters The block parameters are defined in the interface of the called block. These parameters are referred to as formal parameters. They are placeholders for the parameters that are transferred to the block when it is called. The parameters transferred to the block when it is called are referred to as actual parameters. The data types of actual and formal parameters must be identical or convertible according to the rules of data type conversion. See also Using tags within the program (Page 2004) Parameter assignment to function blocks (Page 1990) WinCC Advanced V14 System Manual, 10/2016 1987 Programming the PLC 11.1 Programming basics Parameter assignment to functions (Page 1988) Rules for declaring the block interface (Page 4524) PLC data types (UDT) (Page 2170) Parameter assignment to functions Parameters of functions (FC) Functions have no data memory in which values of block parameters can be stored. Therefore, when a function is called, all formal parameters must be assigned actual parameters. Input parameters (Input) Input parameters are read only once per cycle, namely before the block call. Therefore, the rule is that writing an input parameter within the block does not affect the actual parameter. Only the formal parameter is written. Output parameters (Output) Output parameters are read only once per cycle, namely after the block call. Therefore, the rule is that output parameters should not be read within the block. If you nevertheless read an output parameter, please note that only the value of the formal parameter is read. The value of the actual parameter cannot be read within the block. If an output parameter of a function is not written in this function, the value that is predefined for the specified data type is used. For example, the value "false" is predefined for BOOL. However, structured output parameters are not pre-assigned with a value. To prevent unintentional further processing of the predefined value or an undefined value, note the following when programming the block: Make sure that the output parameters are written with values for all possible program paths within the block. In doing so, note that jump commands may skip instruction sequences in which outputs are set, for example. Note that the set and reset commands are dependent on the result of the logic operation. If the value of an output parameter is determined with these commands and RLO = 0, a value will not be generated. If possible, assign a default value for the output parameters of functions. In/out parameters (InOut) In/out parameters are read before the block call and written after the block call. If you read or write the parameter within the block, you only access its formal parameter. An exception is in/out parameters with a structured data type. Structured data types consist of several data elements, for example ARRAY or STRUCT. These are passed to the called block through a POINTER. You therefore always access the actual parameter when you read or write a structured in/out parameter within a block. 1988 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics When an in/out parameter of a function is not written to this function, the old output value or the input value is used as a value. Nevertheless, you should observe the information provided above for output parameters so that old values are not inadvertently processed further. Temporary local data (Temp) Temporary local data is only available within a cycle. It is treated differently depending on the block type: Standard access The following rule applies to code blocks with standard access as well as to all tags with retentivity setting "Set in IDB": If you are using temporary local data, you must ensure that the values are initialized prior to use. Otherwise, the values will be random. Temporary data of the STRING of WSTRING data type is an exception: They are automatically pre-assigned the maximum length of 254 characters and the actual length 0. Optimized access The following rule applies to code blocks with optimized access: If a temporary tag is not written within a function, the value that is predefined for the specified data type is used. For example, the value "false" is predefined for BOOL. Elements of the PLC data types are pre-assigned with the default value that is specified in the declaration of the PLC data type (UDT). ARRAY elements are pre-assigned with the value "0", even if they are used within a PLC data type. STRINGs and WSTRINGs are automatically preassigned the maximum length of 254 characters and the actual length 0. Function value (Return) Functions normally calculate a function value. This function value can be returned to the calling block via the RET_VAL output parameter. For this, the RET_VAL output parameter must be declared in the interface of the function. RET_VAL is always the first output parameter of a function. All data types are permitted for the RET_VAL parameter except ARRAY and STRUCT, as well as parameter types TIMER and COUNTER. In the SCL programming language functions can be call directly in an expression. The result of the expression is then formed with the calculated function value. Therefore, the data type ANY is not permitted in SCL for the function value. See also Parameter assignment to function blocks (Page 1990) Rules for supplying block parameters (Page 1987) Calling functions (Page 4788) Examples for calling functions in SCL (Page 4791) WinCC Advanced V14 System Manual, 10/2016 1989 Programming the PLC 11.1 Programming basics Parameter assignment to function blocks Supplying parameters of function blocks (FB) In the case of function blocks the parameter values will be stored in the instance data. If the input, output, or in-out parameters of a function block were not assigned with values, the stored values are used. In some cases, it is mandatory to specify an actual parameter. The following table shows which parameters of a function block must be assigned actual parameters: Parameter Elementary data type Structured data type Parameter type Input (Input) optional optional required Output (Output) optional optional required In-out (InOut) optional required Permitted with S7-1200 only, parameter assignment re quired Temporary (Temp) required required required S7-1500: Optional with opti mized block access S7-1500: Optional with opti mized block access See also Rules for supplying block parameters (Page 1987) Parameter assignment to functions (Page 1988) Parameter types (Page 2193) Transfer parameter as copy or as pointer Introduction When a block is called, you transfer data to the parameters in the block interface. At the input parameters, you transfer the data with which the block is to work. At the output parameters, you specify where the results of the processing are saved. In/out parameters are used to transfer data to the called block as well as to return results. Internally, STEP 7 recognizes two different methods of parameter transfer: The data is transferred either as pointer or as copy, depending on the transfer range and data type of the parameter. Transfer as copy (Call by value) During a block call, the value of the operand is copied to the input parameter of the called block. With function blocks, the copy is stored in the instance DB; with functions, it is stored in the block stack. Additional storage space is required for the copy. 1990 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics This means that the called block always works with the value that the specified operand had at the time of the block call. It cannot access the operand directly. Write access modifies only the copy, but not the actual value of the specified operand. Read access reads only the copy that was created at the time of the block call. "My_int" value: 31 FC / FB IN value: 31 Transfer as pointer (Call by reference) The parameters are referenced via a pointer during the block call. This means that the called block can directly access the memory address of the operand that is specified as parameter: Write access directly results in the changing of the specified operand. Read access reads the value of the operand directly at the time of access. As no copy is created, no additional memory is required. "My_string" value: 'Test' FC/FB IN/OUT Reference to"My_string" Note Declare structured data types in the "InOut" area If possible, use the "InOut" area in the block interface for structured tags (e.g., of data type ARRAY, STRUCT, STRING, ...). Because structured in/out parameters by default are transferred as pointers, the required data memory is not increased unnecessarily. Parameter transfer with S7-1200/1500 The following table shows how block parameters with elementary or structured data type are transferred in S7-1200/1500. Elementary data types are, for example, BOOL, INT or BYTE. Structured data types are, for example, ARRAY, STRUCT or STRING. WinCC Advanced V14 System Manual, 10/2016 1991 Programming the PLC 11.1 Programming basics Elementary data types Structured data types Input Copy Pointer Output Copy Pointer InOut Copy Pointer Input Copy Copy Output Copy Copy InOut Copy Pointer FC FB Note Parameter transfer between blocks with optimized access and blocks with standard access If structures are transferred to the called block as in/out parameters during a block call, they are transferred by default as pointers (Call by reference). However, this does not apply if the two blocks have different optimization settings: If one of the blocks has the property "Optimized access" and the other block has the property "Standard access", all parameters are always transferred as copies (Call by value). If the block contains numerous structured parameters, this can quickly lead to the temporary memory area (local data stack) overflowing. Problems can also occur if the original operands are changed by asynchronous processes, such as by HMI access or interrupt OBs. If the copies are copied back to the original operands after the block processing, the changes carried out asynchronously since the creation of the copy during the block call are hereby overwritten at the original operands. You can avoid this by setting the same access type for both blocks or by having the asynchronous access written first to a separate memory area and then copying this area synchronously at a suitable time. See also: Blocks with optimized access FAQ 109478253: How can it happen that data of the HMI system or of the Web server is overwritten in the S7-1500? (https://support.industry.siemens.com/cs/de/en/view/109478253) 1992 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Parameter transfer with S7-300/400 The following table shows how block parameters with elementary or structured data type are transferred in S7-300/400. Elementary data types Structured data types Input Copy* Pointer Output Copy* Pointer InOut Copy* Pointer Input Copy Copy Output Copy Copy InOut Copy Pointer FC FB * Exception: Operands from the memory areas I, Q, M, P, L and partly qualified DB addresses (for example, "DW 2") are transferred as pointer. Note Special aspects of transfer as pointer in S7-300/400 In cases in which the parameters are transferred via a pointer, it is not possible to forward output parameters or in/out parameters from the calling block to the input parameters of the called block. Forwarding of block parameters Basic information on forwarding block parameters Definition The "Forwarding" of block parameters is a special type of parameter use. In this case the block parameters of the calling block are forwarded to the parameters of the called block. The called block uses the values that are currently present at the block parameters of the calling block as the actual parameters. The following figure shows how the parameters of the function FC_10 are forwarded to the function FC_12: WinCC Advanced V14 System Manual, 10/2016 1993 Programming the PLC 11.1 Programming basics )XQFWLRQ )& )&B &DOO )XQFWLRQ )& )&B 7DJGHFODUDWLRQ 7DJGHFODUDWLRQ 3DUDPB ,QSXW $B3DUDP ,QSXW 3DUDPB 2XWSXW %B3DUDP 2XWSXW 3DUDPB ,QRXW &B3DUDP ,QRXW )&B $B3DUDP 3DUDPB %B3DUDP 3DUDPB &B3DUDP 3DUDPB Rules for LAD/FBD The following general rules apply in LAD and FBD: Input parameters can only be forwarded to input parameters. Output parameters can only be forwarded to output parameters. In/out parameters can be forwarded to all parameter types. In S7-300/400, the two block parameters must have the same data type. In S7-1200/1500, the parameters can also be converted according to the rules of implicit conversion. Rules for STL The following general rules apply in STL: Input parameters can only be forwarded to input parameters. Output parameters can only be forwarded to output parameters. In/out parameters can be forwarded to all parameter types. Both block parameters must have the same data type. In STL, this rule applies to all CPU families. Rules for SCL The rules for SCL are less stringent. So that programs from previous SCL versions can be taken over more easily, additional parameter transfer options are permissible. You can, for example, forward a structured in/out parameter to an input parameter. However, in this case you must ensure that the actual parameter is not located in the temporary local data or in a global data block. Additional rules are described in detail in the following chapters. 1994 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics See also Calling a function by another function (Page 1995) Call of a function by a function block (Page 1996) Call of a function block by a function (Page 1996) Call of a function block by another function block (Page 1997) Calling a function by another function Permissible data types for the call of a function by another function Specific rules apply to the forwarding of formal parameters. The following table shows the rules according to which parameters can be forwarded in the various CPU families: FC calls FC Data types Actual pa rameter Formal pa rameters (calling block) (called block) Input Input Standard data types ARRAY, STRUCT, STRING, WSTRING, DT S7-300/400 S7-1200 S7-1200 S7-1500 ANY, POINTER S7-1500 VARIANT Parameter types (TIMER, COUN TER, BLOCK_XX) S7-1200 S7-1500 S7-1500 Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1200 S7-1200 as of V2 S7-1500 S7-1500 Output DB_Any - - - - - - - - S7-1500 S7-1500 InOut Input S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 InOut Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1200 S7-1500 S7-1500 InOut InOut S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 See also Basic information on forwarding block parameters (Page 1993) WinCC Advanced V14 System Manual, 10/2016 1995 Programming the PLC 11.1 Programming basics Call of a function by a function block Permissible data types for the call of a function by a function block Specific rules apply to the forwarding of formal parameters. The following table shows the rules according to which parameters can be forwarded in the various CPU families: FB calls FC Data types Actual pa rameter Formal pa rameters (calling block) (called block) Input Output InOut Input Output Input Standard data types ARRAY, STRUCT, STRING, WSTRING, DT S7-300/400 S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-300/400 S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-300/400 S7-1200 S7-1200 S7-1500 ANY, POINTER S7-1500 VARIANT Parameter types (TIMER, COUN TER, BLOCK_XX) S7-1200 S7-1500 S7-1200 as of V2 S7-1500 - DB_Any S7-1200 S7-1500 - - - - - - - - S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 InOut Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1200 S7-1500 S7-1500 InOut InOut S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 See also Basic information on forwarding block parameters (Page 1993) Call of a function block by a function Permissible data types for the call of a function block by a function Specific rules apply to the forwarding of formal parameters. The following table shows the rules according to which parameters can be forwarded in the various CPU families: FC calls FB Data types Actual pa rameter Formal pa rameters (calling block) (called block) 1996 Standard data types ARRAY, STRUCT, STRING, WSTRING, DT ANY, POINTER VARIANT Parameter types DB_Any (TIMER, COUN TER, BLOCK_XX) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Input Input S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-300/400 S7-1500 S7-1500 S7-1200 as of V2 S7-1200 - - - - - - - - S7-1500 Output Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1500 S7-1500 S7-1500 InOut Input S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 InOut Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1200 S7-1500 S7-1500 InOut InOut S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 See also Basic information on forwarding block parameters (Page 1993) Call of a function block by another function block Permissible data types for the call of a function block by another function block Specific rules apply to the forwarding of formal parameters. The following table shows the rules according to which parameters can be forwarded in the various CPU families: FB calls FB Data types Actual pa rameter Formal pa rameters (calling block) (called block) Input Output InOut Input Output Input Standard data types ARRAY, STRUCT, STRING, WSTRING, DT S7-300/400 S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-300/400 S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-300/400 S7-1200 S7-1200 S7-1500 ANY, POINTER S7-1500 - VARIANT Parameter types DB_Any (TIMER, COUN TER, BLOCK_XX) S7-1200 S7-300/400 S7-1500 S7-1500 S7-1200 as of V2 S7-1200 - - - - S7-1500 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 WinCC Advanced V14 System Manual, 10/2016 1997 Programming the PLC 11.1 Programming basics InOut Output S7-300/400 S7-1200 S7-1200 S7-1500 - S7-1200 - - - - S7-1500 S7-1500 InOut InOut S7-300/400 S7-1200 S7-1200 S7-1500 S7-1500 S7-1200 S7-1500 S7-1500 See also Basic information on forwarding block parameters (Page 1993) 11.1.4 Using and addressing operands 11.1.4.1 Basic information about operands Introduction When you program instructions you must specify which data values the instruction should process. These values are referred to as operands. You can, for example, use the following elements as operands: PLC tags Constants Tags in instance data blocks Tags in global data blocks Absolute address and symbolic name Operands are identified by means of an absolute address and a symbolic name. You define the names and addresses in the PLC tag table or in the tag declaration of the blocks. Data blocks with optimized access (S7-1200, S7-1500) Data elements in data blocks with optimized access only receive a symbolic name and no absolute address in the declaration. See also Displaying symbolic and absolute addresses (Page 4469) Basics of block access (Page 1968) 1998 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics 11.1.4.2 Keywords SIMATIC recognizes a range of key words whose definitions are fixed and which have a certain meaning in the program. You should not use these keywords as names for tags or constants. Table of keywords The following table shows all keywords. WinCC Advanced V14 System Manual, 10/2016 Keywords German mnemonics Keywords English mnemonics Description & & And logical operation of logical expressions A Q Output, bit A1 CC1 Condition code bit A0 CC0 Condition code bit AB QB Output, byte AD QD Output, double word AND AND And logical operation of logical expressions ANY ANY Data type, pointer AR1 AR1 Address Register 1 AR2 AR2 Address Register 2 ARRAY ARRAY Introduces the specification of an array and is followed by the in dex list between "[" and "]" AT AT Overlaying tag declaration AUTHOR AUTHOR Name of the author, company name, department name, or oth er name (max. 8 characters, no spaces) AW QW Output, word B B Byte BEGIN BEGIN Introduces the instruction part for code blocks or initialization part for a data block BIE BR Binary result BLOCK_FB BLOCK_FB Parameter type for specification of an FB BLOCK_FC BLOCK_FC Parameter type for specification of an FC BLOCK_SDB BLOCK_SDB Parameter type for specification of an SDB BOOL BOOL Data type BY BY Increment of the FOR loop BYTE BYTE Data type CALL CALL Call 1999 Programming the PLC 11.1 Programming basics 2000 Keywords German mnemonics Keywords English mnemonics Description CASE CASE Introduction to the CASE state ment CHAR CHAR Elementary data type CODE_VERSION1 CODE_VERSION1 Label, whether an FB is multiple instance capable or not. If you want to declare multiple instan ces, the FB must not have this characteristic. CONST CONST Start of the constant declaration CONTINUE CONTINUE Instruction to exit a loop in SCL COUNTER COUNTER Parameter type for specification of a counter DATA_BLOCK DATA_BLOCK Introduces the data block DATE DATE Data type DATE_AND_TIME DATE_AND_TIME Data type DB DB Data block DB_ANY DB_ANY Data type DBB DBB Data block, data byte DBD DBD Data block, data double word DBLG DBLG Data block length DBNO DBNO Data block number DBW DBW Data block, data word DBX DBX Data block, data bit DI DI Instance data block DIB DIB Instance data block, data byte DID DID Instance data block, data double word DILG DILG Instance data block length DINO DINO Instance data block number DINT DINT Data type DIW DIW Instance data block, data word DIX DIX Instance data block, data bit DO DO Introduction of the instruction part in FOR and WHILE instruc tion DT DT Data type DTL DTL Data type DWORD DWORD Data type E I Input (via process image), bit EB IB Input (via process image), byte ED ID Input (via process image), dou ble word ELSE ELSE Alternative branch in IF and CASE statement WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics WinCC Advanced V14 System Manual, 10/2016 Keywords German mnemonics Keywords English mnemonics Description ELSIF ELSIF Alternative condition of the IF in struction EN EN System operand of the EN/ENO mechanism ENO ENO System operand of the EN/ENO mechanism END_CASE END_CASE End of the CASE statement END_DATA_BLOCK END_DATA_BLOCK Ends the data block END_FOR END_FOR End of the FOR statement END_FUNCTION END_FUNCTION Ends the function END_FUNCTION_BLOCK END_FUNCTION_BLOCK Ends the function block END_IF END_IF End of the IF instruction END_ORGANIZATION_BLOCK END_ORGANIZATION_BLOCK Ends the organization block END_REGION END_REGION End of a block END_REPEAT END_REPEAT End of the REPEAT statement END_STRUCT END_STRUCT Ends the specification of a struc ture END_SYSTEM_FUNCTION END_SYSTEM_FUNCTION Ends the system function END_SYSTEM_FUNC TION_BLOCK END_SYSTEM_FUNC TION_BLOCK Ends the system function block END_TYPE END_TYPE Ends the PLC data type END_VAR END_VAR Ends a declaration block END_WHILE END_WHILE End of the WHILE instruction EW IW Input (via process image), word EXIT EXIT Instruction to exit a loop in SCL FALSE FALSE Predefined Boolean constant: Logical condition false, value equal to 0 FAMILY FAMILY Block family name: e.g. controller FB FB Function block FC FC Function FOR FOR Introduction of the FOR state ment FUNCTION FUNCTION Introduces the function FUNCTION_BLOCK FUNCTION_BLOCK Introduces the function block GOTO GOTO Introduction of the GOTO state ment IF IF Introduction of the IF instruction INSTANCE INSTANCE Data type INT INT Data type KNOW_HOW_PROTECT KNOW_HOW_PROTECT Block protection L L Local data bit LB LB Local data byte LD LD Local data double word 2001 Programming the PLC 11.1 Programming basics 2002 Keywords German mnemonics Keywords English mnemonics Description LDT LDT Data type LINT LINT Data type LTIME LTIME Data type LTOD LTOD Data type LW LW Local data word LWORD LWORD Data type M M Memory bit MB MB Memory byte MD MD Memory double word MOD MOD Modulo operator MW MW Memory word NAME NAME Block name NETWORK NETWORK Network NOT NOT Logic inversion NULL NULL Zero pointer OB OB Organization block OF OF Introduction of the data type specification / Introduction of the instruction part of the CASE statement OR OR Or logical operation of logical ex pressions ORGANIZATION_BLOCK ORGANIZATION_BLOCK Introduces the organization block OS OS Save overflow OV OV Overflow PA PQ Output (direct peripherals), bit PAB PQB Output (direct peripherals), byte PAD PQD Output (direct peripherals), dou ble word PAW PQW Output (direct peripherals), word PE PI Input (direct peripherals), bit PEB PIB Input (direct peripherals), byte PED PID Input (direct peripherals), double word PEW PIW Input (direct peripherals), word POINTER POINTER Data type PRAGMA_BEGIN PRAGMA_BEGIN Introduction of a Pragma PRAGMA_END PRAGMA_END End of a Pragma READ_ONLY READ_ONLY Write protection for data blocks REAL REAL Data type REGION REGION Introduction of a block REPEAT REPEAT Introduction of the REPEAT statement WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics WinCC Advanced V14 System Manual, 10/2016 Keywords German mnemonics Keywords English mnemonics Description RET_VAL RET_VAL Return value RETURN RETURN RETURN statement in SCL S5T S5T Syntax for data type S5TIME S5TIME S5TIME Data type S7_ S7_ Keywords for system attributes SDB SDB System data block SFB SFB System function block SFC SFC System function SINT SINT Data type STRING STRING Data type STRUCT STRUCT Introduces the specification of a structure and is followed by a list of components STW STW Status word SYSTEM_FUNCTION SYSTEM_FUNCTION System function SYSTEM_FUNCTION_BLOCK SYSTEM_FUNCTION_BLOCK System function block T T Time element (timer) THEN THEN Introduction of the instruction part of an IF instruction THIS THIS Syntax for access to an ARRAY data block TIME TIME Elementary data type for time in formation TIME_OF_DAY TIME_OF_DAY Data type TIMER TIMER Parameter type for specification of a timer TITLE TITLE Optional block title or network ti tle TO TO Definition of the full-scale value of a FOR statement TOD TOD Data type TRUE TRUE Predefined Boolean constant: Logical condition true, value not equal to 0 TYPE TYPE Introduction of the PLC data type UDT UDT Global or PLC data type UDINT UDINT Data type UINT UINT Data type ULINT ULINT Data type UNLINKED UNLINKED Marking 'non runtime-related' UNTIL UNTIL End of the instruction part of a REPEAT statement USINT USINT Data type UO UO Query after (Q1=1) AND (Q0=1) 2003 Programming the PLC 11.1 Programming basics 11.1.4.3 Keywords German mnemonics Keywords English mnemonics Description VAR VAR Introduces a declaration block VAR_IN_OUT VAR_IN_OUT Introduces a declaration block VAR_INPUT VAR_INPUT Introduces a declaration block VAR_OUTPUT VAR_OUTPUT Introduces a declaration block VAR_TEMP VAR_TEMP Introduces a declaration block VARIANT VARIANT Data type VERSION VERSION Version number of the block VOID VOID Function has no return value WCHAR WCHAR Data type WSTRING WSTRING Data type WHILE WHILE Introduction of a WHILE instruc tion WORD WORD Data type XOR XOR Logic operation Z C Counter Using tags within the program Definition A variable is a placeholder for a data value that can be changed in the program. The format of the data value is defined. The use of variables makes your program more flexible. For example, you can assign different values to variables that you have declared in the block interface for each block call. As a result, you can reuse a block you have already programmed for various purposes. A variable consists of the following elements: Name Data type Absolute address - PLC tags and DB tags in blocks with standard access have an absolute address. - DB variables in blocks with optimized access have no absolute address. Value (optional) Declaring Variables You can define variables with different scopes for your program: PLC tags that apply in all areas of the CPU DB variables in global data block that can be used by all blocks throughout the CPU. DB tags in instance data blocks that are predominantly used within the block in which they are declared. 2004 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics The following table shows the difference between the variable types: PLC tags Range of appli cation Variables in instance DBs Are valid throughout the entire CPU. Are predominantly used Can be used by all blocks in the block in which they on the CPU. Can be used by all blocks on the CPU. are defined. The name is unique within The name is unique within the CPU. The name is unique within the global DB. the instance DB. Permissible char Letters, numbers, special characters acters Quotation marks are not permitted. Letters, numbers, special characters Use Block parameters (input, output and in-out parameters), Letters, numbers, special characters Reserved keywords are not permitted. Reserved keywords are not permitted. Reserved keywords are not permitted. I/O signals (I, IB, IW, ID, Q, QB, QW, QD) Static data Bit memory (M, MB, MW, MD) Location of defi nition Variables in global DBs PLC tag table Static data of a block Block interface Declaration table of the glob al DB Note You can find more information on permissible characters in tag names in the Siemens Industry Online Support in the following entries: When should identifiers and operands be used in "quotation marks" in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/en/view/109477857 (https:// support.industry.siemens.com/cs/ww/en/view/109477857) See also Keywords (Page 1999) Basic information about operands (Page 1998) Displaying symbolic and absolute addresses (Page 4469) Valid names of PLC tags (Page 4595) Permissible addresses and data types of PLC tags (Page 4595) WinCC Advanced V14 System Manual, 10/2016 2005 Programming the PLC 11.1 Programming basics 11.1.4.4 Constants Basics of constants Definition Constants are data with a fixed value that you cannot change during program runtime. Constants can be read by various program elements during the execution of the program but cannot be overwritten. There are defined notations for the value of a constant, depending on the data type and data format. A distinction is made between the typed and non-typed notation. Non-typed constants In the non-typed notation, you only enter the value of the constant without a data type. Nontyped constants do not receive their data type until the first arithmetic or logical operation in which they are used. The example below shows the non-typed notation: SCL #My_Int1 := #My_Int2 + 12345 (*The data type of the constant "12345" results from the addition with My_Int. 2. "12345" receives the data type INT.*) #My_Real1 := #My_Real2 + 12345 (*The data type of the constant "12345" results from the addition with My_Real2. "12345" receives the data type REAL.*) Typed constants In the typed notation, you specify a data type in addition to the value of the constant. The example below shows the typed notation: SCL #My_Int1 := INT#12345 (*The data type of the constant is always INT.*) Note Constants of BOOL type in LAD/FBD Constants of the BOOL type may not be used as inputs of instructions in S7-300/400. Constants of the BOOL type may be used as inputs of instructions which are a system-internal function block (FB) in S7-1200/1500. These instructions are identified by the fact that the "Call options" dialog opens when you insert the instruction into a network. Boolean constants may not be used as inputs for all other instructions. 2006 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics See also Declaring the block interface (Page 4529) Declaring global constants (Page 4607) Calculating with constants in SCL (Page 2113) Declaration of symbolic names for constants Symbolic constants You have the option of declaring symbolic names for constants and thus making constant values available under a name in the program. This makes a program more readable and easier to maintain when changing constant values. A symbolic constant consists of the following elements: Name Data type Symbolic constants always have a data type; non-typed notation is not possible for symbolic constants. Constant value You can select any value from the value range of the specified data type as constant value. For information on the value ranges, refer to the "Data types" chapter. Declaration of constants You can define constants with different scopes of validity: Global constants that apply to all areas of the CPU Local constants that only apply within a block The table below shows the difference between the constant types: Scope of validity Global constants Local constants Are valid throughout the entire CPU Are valid only in the block in which they were declared. The name is unique within the CPU. The name is unique within the block. Permitted characters The permitted characters in The permitted characters in constant names are letters, constant names are letters, digits and special characters. digits and special characters. Location of definition "Constants" tab from the PLC tag Block interface table Representation In quotation marks, for example.: Prefixed with a number sign, for example: "Glob_Const" #Loc_Const WinCC Advanced V14 System Manual, 10/2016 2007 Programming the PLC 11.1 Programming basics Name conflicts can occur if you have declared a local and a global constant with the same symbolic name and have used this doubly specified name as the default value of a tag. In this case, the local constant is automatically used. Note Downloading constant declarations (S7-300/400) Local and global constant declarations are not downloaded into the CPU. If you download a program from a device, the constant declarations may no longer be available. Note You can find more information on permissible characters in constant names in the Siemens Industry Online Support in the following entries: When should identifiers and operands be used in "quotation marks" in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/en/view/109477857 (https:// support.industry.siemens.com/cs/ww/en/view/109477857) See also Overview of the valid data types (Page 2131) Calculating with constants in SCL (Page 2113) Declaring global constants (Page 4607) Declaring the block interface (Page 4529) Data types of constants Permitted data types For constants, all basic data types as well as all derived data types are permitted: Binary numbers Bit strings Integers Floating-point numbers Timers Date and time Character strings All general rules for explicit and implicit type conversion apply. 2008 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Data types of non-typed constants Non-typed constants do not contain an explicit type specification. They do not receive their data type until the first arithmetic or logical operation in which they are used. The example below shows how non-typed constants are used: SCL #My_Int1 := #My_Int2 + 12345 (*The data type of the constant "12345" results from the addition with My_Int. 2. "12345" receives the data type INT.*) #My_Real1 := #My_Real2 + 12345 (*The data type of the constant "12345" results from the addition with My_Real2. "12345" receives the data type REAL.*) Note STEP 7 always uses the data type with the highest possible precision Unless the data type of a constant can be clearly defined in an expression, the data type with the highest precision available on the current CPU is used. Example: #My_Real := #My_Int / 3.5 In this expression an integer tag is combined with a non-typed floating point constant. In S7-300/400 the right part of the assignment is calculated in the REAL format. In S7-1200/1500, calculation is performed using the highest possible precision, which in this case means LREAL. As a result, the assignment to a REAL tag is invalid or generates a warning. To precisely define the data type of a constant, use the typed notation. Example: #My_Real := #My_Int / REAL#3.5 See also Overview of the valid data types (Page 2131) Calculating with constants in SCL (Page 2113) Declaring global constants (Page 4607) Declaring the block interface (Page 4529) WinCC Advanced V14 System Manual, 10/2016 2009 Programming the PLC 11.1 Programming basics Examples of using constants Use in instructions, assignments and expressions Constants can be used in place of tags in instructions or assignments. You can also use constants in expressions in SCL. But because constants cannot be written, they may only be used as inputs. The example below shows possible uses of constants: SCL #My_Int := 3; #My_Real1 := #My_Real2 * 3; #My_Real1 := #My_Real2 * #My_local_const; #My_Real1 := #My_Real2 * "My_global_const"; Use as a default value You can use constants as the default value of a tag. To do so, enter either the value or the symbolic name of the constant in the "Default value" column of the block interface. The data type of the constant must match the data type of the tag or be convertible with it according to the implicit conversion with IEC check. Use as maximum STRING length You can use local or global constants of data type UINT, UDINT, ULINT, SINT, INT, DINT, LINT as maximum STRING length. The example below shows the use of constants as maximum STRING length: SCL STRING[#My_local_const1] STRING["My_global_const1"] Use as an ARRAY limit You can use local or global constants of data type UINT, UDINT, ULINT, SINT, INT, DINT, LINT as ARRAY limits. The example below shows the use of constants as ARRAY limits: SCL Array[#My_local_const1..#My_local_const2] of REAL Array["My_global_const1".."My_global_const1"] of REAL 2010 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Note Constants as ARRAY limits or as maximum STRING length Constants which are used as ARRAY limits or maximum STRING length cannot be changed if the memory reserve of the block is activated. This applies to both local and global constants. To change these constants, you must first disable the memory reserve. Changes to global constants result in inconsistencies in the blocks which use them. The inconsistencies are marked in red in the block used. To remedy these inconsistencies, the data blocks have to be updated. See also: Updating data blocks (Page 4556) See also Overview of the valid data types (Page 2131) Calculating with constants in SCL (Page 2113) ARRAY (Page 2177) Declaring global constants (Page 4607) Declaring the block interface (Page 4529) 11.1.4.5 Addressing operands Addressing global variables Addressing global variables To address a global PLC variable, you can use the absolute address or the symbolic name. Note The LWORD, LINT, ULINT, LREAL, LTIME, LTOD and LDT data types can only be addressed by means of their symbolic name. Addressing global variables in symbolic form When you use addressing in symbolic form, you enter the variable name from the PLC tag table. The symbolic name of global variables are automatically enclosed in quotation marks. You address structured tags that are based on a PLC data type with the symbolic name of the PLC tag. You can also indicate the names of the individual components separated by a dot. WinCC Advanced V14 System Manual, 10/2016 2011 Programming the PLC 11.1 Programming basics Addressing global variables in absolute form When you use addressing in absolute form, you enter the address of the variables from the PLC tag table. The absolute address uses numerical addresses starting with zero for each operand range. The address identifier % is set automatically as prefix for the absolute address of global tags. Examples The following examples show applications of symbolic and absolute addressing: Addressing Explanation %Q1.0 Absolute address: Output 1.0 %I16.4 Absolute address: Input 16.4 %IW4 Absolute address: Input word 4 "Motor" Symbolic address "Motor" "Value" Symbolic address "Value" "Structured_Tag" Symbolic address of a tag that is based on a PLC data type "Structured_Tag".Component Symbolic address of the component of a structured tag. See also Displaying symbolic and absolute addresses (Page 4469) Permissible addresses and data types of PLC tags (Page 4595) Accessing I/O devices (Page 2012) Accessing I/O devices Description The process image of the CPU is updated once in a cycle. In time-critical applications, however, it can be that the current state of a digital input or output has to be read or transferred more often than once per cycle. For this purpose you can use a suffix for I/O access identifiers on the operand to directly access the I/O. If you want to read the input directly from the peripherals, use the peripheral inputs memory area (PI) instead of the process input image (I). The peripherals memory area can be read as a bit, byte, word, or double word. If you want to write directly to the output, use the peripheral output (PQ) memory area instead of the process output image (Q). The peripheral output memory area can be written as a bit, byte, word, or double word. To read or write a signal directly from a peripheral input, you can add the suffix for I/O access ":P", to the operand. 2012 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Components of structured PLC tags can also be addressed with ":P". However, access to the higher-level tag with ":P" is not possible. WARNING Direct writing of the I/O Immediate writing to the I/O can lead to hazardous states, for example when writing multiple times to an output in one program cycle. Syntax <Operand>:P Example The following example shows applications of I/O access identifiers: Addressing Description "Motor" Addresses the "Motor" tag in the process image. "Motor":P Addresses the "Motor" tag in the I/O memory area (PI or PQ). "Structured_Tag".Component Addresses the component of a structured PLC tag in the process image. "Structured_Tag".Component:P Addresses the component of a structured PLC tag in the I/O memory area (PI or PQ). See also Addressing global variables (Page 2011) Addressing variables in data blocks Addressing variables in global data blocks Description Tags in global data blocks can be addressed in symbolic or absolute form. For symbolic addressing, you use the name of the data block and the name of the tag, separated by a dot. The name of the data block is enclosed in quotation marks. For absolute addressing, you use the number of the data block and the absolute address of the tags in the data block, separated by a dot. The address identifier % is set automatically as prefix for the absolute address. The S7-1200/1500 provides you with an option of accessing a data block that is not yet known during programming. For this purpose, create a block parameter of data type DB_ANY in the WinCC Advanced V14 System Manual, 10/2016 2013 Programming the PLC 11.1 Programming basics block interface of the accessing block. The data block name or data block number is transferred to this parameter during runtime. In order to access the internal tags of the data block, use the name of the block parameter of data type DB_ANY and the absolute address of the tag, separated by a dot. Note Transfer DB with memory reserve to the parameter DB_ANY. It is not possible to transfer a DB with memory reserve to a block parameter of data type "DB_ANY". Note Addressing DB tags in absolute form Absolute addressing is not possible for the following tags: Tags in blocks with optimized access. Tags of data type LWORD, LINT, ULINT, LREAL, LTIME, LTOD and LDT. Best practice is to use the more convenient symbolic addressing for these tags. ARRAY data blocks ARRAY data blocks are a particular type of global data block. These consist of an ARRAY of any data type. For example, an ARRAY of a PLC data type (UDT) is possible. You address elements in ARRAY data blocks with the help of the keyword "THIS". The index is then specified in square brackets. The index can be a constant as well as a tag. Integers with a width of up to 32 bits are permitted as tags for the index. Extended options for addressing ARRAY DBs are available in the "Move" section of the "Instructions" task card. These instructions give you the option, for example, to also address the DB name indirectly. Syntax "<DBname>".TagName %<DBnumber>.absoluteAddress #<DBAny_name>.%absoluteAddress "<ArrayDBname".THIS[#i].<Component>.<ComponentElement> SCL: "<ArrayDBname"."THIS"[#i].<Component>.<ComponentElement> The following table show the possible absolute addresses of tags in data blocks: 2014 Data type Absolute address Example Description BOOL %DBn.DBXx.y %DB1.DBX1.0 Data bit 1.0 in DB1 BYTE, CHAR, SINT, USINT %DBn.DBBy %DB1.DBB1 Data bit 1 in DB1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Data type Absolute address Example Description WORD, INT, UINT %DBn. DBWy %DB1.DBW1 Data word 1 in DB1 DWORD, DINT, UDINT, REAL, TIME %DBn.DBDy %DB1.DBD1 Data double word 1 in DB1 Example The following examples show the addressing of tags in global data blocks: Addressing Description "Motor".Value Symbolic addressing of the "Value" tag in the "Motor" global data block. %DB1.DBX1.0 Absolute addressing of the "DBX1.0" tags in the "DB1" global data block. #MyDBAny.%DBX30.0 Absolute addressing of the "DBX30.0" tag in the global data block that is transferred at runtime at the "MyDBany" parameter. "MyARRAY_DB".THIS[#MyIndex].MyComponent.MyComponentElement Addressing an ARRAY data block. The ARRAY index is specified with the "MyIndex" tag. The ARRAY element has two additional substructures: "MyComponent" and "MyComponentElement". See also Using the DB_ANY data type (Page 2093) Addressing individual characters of a STRING or WSTRING (Page 2168) Addressing PLC data types (UDT) (Page 2174) Addressing STRUCT (Page 2177) Addressing ARRAYs (Page 2182) Addressing areas of a tag with slice access (Page 2017) Basics of indirect addressing (Page 2022) Addressing instance data (Page 2015) Addressing instance data Description You can address data elements from the interface of the current block. These tags are stored in the instance data block. Note Tags in blocks with optimized access can only be addressed in symbolic form. WinCC Advanced V14 System Manual, 10/2016 2015 Programming the PLC 11.1 Programming basics To address a tag from the interface of the current block, enter the character # followed by the symbolic tag name. You can also access the tags of a multi-instance block. Within the multi-instance block, also use the character # followed by the tag name to address the data. You access the data of the multi-instance block from the calling block using #<Multi-instanceName.TagName>. Syntax Use the following syntax for addressing tags in instance data blocks: #<tag name> #<multi-instance name>.<tag name> Examples The following examples show the addressing of tags in instance data blocks: Addressing Description #Value Addressing the "Value" tag in the instance data block. #On Addressing the "On" tag within the multi-instance block #Multi.On Addressing the "On" tag of the multi-instance block from the calling block See also Addressing variables in global data blocks (Page 2013) Addressing ARRAYs (Page 2182) Addressing areas of a tag with slice access (Page 2017) Basics of indirect addressing (Page 2022) Addressing ARRAY DB (S7-1500) Addressing ARRAY data blocks ARRAY data blocks are a particular form of the ARRAY. ARRAY data blocks are global data blocks that consist of exactly one ARRAY. You address elements in ARRAY data blocks using the following syntax: "<GlobArrayDBname>".THIS[#i].<elementname> SCL: "<GlobArrayDBname>"."THIS"[#i].<elementname> 2016 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Examples The following examples show the addressing of elements in an ARRAY DB: Addressing in SCL Explanation "My_ARRAY_DB"."THIS"[0] "My_ARRAY_DB" is an ARRAY DB, which contains components of the REAL data type. The first component within "My_ARRAY_DB" is addressed here. "MY_UDT_ARRAY_DB"."THIS"[3].MyREAL "MY_UDT_ARRAY_DB" is an ARRAY DB, which contains components of a PLC data type (UDT). The PLC data type contains elements of the BYTE data type. In the "MY_UDT_ARRAY_DB", the fourth ARRAY component and the "MyREAL" element in it are addressed here. Instructions for addressing ARRAY DBs The "Instructions > Basic instructions" task card in the "Move > ARRAY DB" section offers extended options for addressing ARRAY DBs. These instructions give you the option, for example, to address the DB name indirectly: ReadFromArrayDB: Read from array data block WriteToArrayDB: Write to array data block ReadFromArrayDBL: Read from array data block in load memory WriteToArrayDBL: Write to array data block in load memory See also Basics of indirect addressing (Page 2022) Indirect indexing of ARRAY components (Page 2024) Using ARRAY data blocks (Page 2121) ARRAY (Page 2177) Addressing areas of a tag with slice access (S7-1200, S7-1500) Description You have the option to specifically address areas within declared tags. You can access areas of the 1-bit, 8-bit, 16-bit, or 32-bit width. The type of access is referred to as "slice access". Structures, constants and tags overlaying AT cannot be addressed with slice access. WinCC Advanced V14 System Manual, 10/2016 2017 Programming the PLC 11.1 Programming basics Syntax The following syntax is used for addressing: <Tag>.X<Bit number> <Tag>.B<BYTE number> <Tag>.W<WORD number> <Tag>.D<DWORD number> The syntax has the following components: Part Description <Tag> Tag that you access. The tag must be of the "Bit string" or "Integer" data type. With SCL, you can only program slice access to tags of the "Integer" data type when the IEC check is disabled. X ID for the access width "Bit (1Bit)" B ID for the access width "Byte (8 Bit)" W ID for the access width "Word (16 Bit)" D ID for access width "DWord (32-bit)" <BIT number> Bit number within <tag> that is accessed. Number 0 accesses the least significant BIT. <BYTE number> Byte number within <tag> that is accessed. The number 0 accesses the least significant BYTE. <WORD number> Word number within <tag> that is accessed. The number 0 accesses the least significant WORD. <DWORD number> DWord number within <tag> that is accessed. The number 0 accesses the least significant DWORD. Examples The following examples show the addressing of individual bits: Addressing Description "Engine".Motor.X0 "Motor" is a tag of the BYTE, WORD, DWORD or LWORD data type in the global data block "Engine". "Engine".Motor.X7 X0 addresses the bit address 0, X7 the bit address 7 within "Motor". "Engine".Speed.B0 "Engine".Speed.B1 "Speed" is a tag of the WORD, DWORD or LWORD data type in the global data block "Engine". B0 addresses the byte address 0, B1 the byte address 1 within "Speed". "Engine".Fuel.W0 "Engine".Fuel.W1 "FUEL" is a tag of the DWORD or LWORD data type in the global data block "Engine". W0 addresses the word address 0, W1 the word address 1 within "Fuel". 2018 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Addressing Description "Engine".Data.D0 "Data" is a tag of the LWORD data type in the global data block "Engine". "Engine".Data.D1 D0 addresses the double word address 0, D1 the double word address 1 within "Data". See also Addressing with Slice access (Page 2068) Overlaying tags with AT Description To access data areas within a declared tag, you can overlay the declared tags with an additional declaration. This provides you with the option of addressing an already declared tag with a different data type. You can, for example, address the individual bits of a tag of WORD data type with an ARRAY of BOOL. Rules The following general rules are valid for tag overlaying: Overlaying is possible in S7-1200 and S7-1500 in STL, LAD, FBD and GRAPH. SCL supports overlaying in all CPU families. Overlaying of tags is possible in the following blocks: - In code blocks with standard access - In code blocks with optimized access for tags with the retain setting "Set in IDB" The data width of the overlaying tag must be equal to or less than that of the overlaid tag. It is not possible to overlay tags of the VARIANT and INSTANCE data types. Blocks from libraries which are declared as parameters in the interface cannot be overlaid. Structured PLC tags that are declared as parameters in the interface cannot be overlaid. You cannot address overlaying tags with slice access. Note S7-1200/1500: Using AT in FCs The data widths of the overlaying tag and the overlaid tag must be identical for FCs in S7-1200/1500. If this is not possible in your program, check to see if you can use slice access instead of the AT construct. See also: Addressing areas of a tag with slice access (Page 2017) WinCC Advanced V14 System Manual, 10/2016 2019 Programming the PLC 11.1 Programming basics The following combination rules are also valid: Overlaying tag Overlaid tag Elementary Structured * Any/Pointer DB_ANY FB Input Elementary x x Structured * x x Any/Pointer Temp x x Elementary x x Structured x x Any/Pointer Static, Output x x x x Elementary x x x Structured x x x Any/Pointer InOut Elementary x Structured x x Any/Pointer FC Temp Elementary x x Structured x x Any/Pointer Input, Output, InOut Elementary x x x x (both tags must have the same bit width) Structured x Any/Pointer OB Temp Elementary x x Structured x x Any/Pointer x x * Structured data types consist of several data elements, e.g. ARRAY or STRUCT. Declaration To overlay a tag, declare an additional tag directly after the tag that is to be overlaid and identify it with the keyword "AT". 2020 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Example The following figure shows the declaration of an overlaid tag in the interface of a FB: When a block is called with the shown tag declaration, the "MyByte" tag is assigned. Within the block there are now two options for interpreting the data: as a byte As one-dimensional ARRAY of BOOL See also Setting retentivity (Page 4566) Addressing operands indirectly Basics of indirect addressing Introduction Indirect addressing offers the option of addressing operands whose address is not calculated until during runtime. With indirect addressing, program sections can be executed several times and a different operand can be used during each run. WinCC Advanced V14 System Manual, 10/2016 2021 Programming the PLC 11.1 Programming basics WARNING Risk of access errors Since operands are only calculated during runtime with indirect addressing, there is a risk that access errors may occur and that the program will operate with incorrect values. In addition, memory areas may inadvertently be overwritten with incorrect values. The automation system can then react in unexpected manner. Therefore, use indirect addressing only with caution. Indirect addressing Basics of indirect addressing (S7-1200, S7-1500) General indirect addressing options in S7-1200 and S7-1500 The following indirect addressing options are available in all programming languages: Indirect addressing via pointer Indirect indexing of ARRAY components Indirect addressing of a data block via DB_ANY data type. Language-specific options of indirect addressing The following specific addressing options are also available in the various programming languages: In STL, you can address operands indirectly via the address register. In SCL, you can read or write a variable memory area with the following instructions: - POKE - Write memory address - POKE_BOOL - Write memory bit - PEEK - Read memory address - PEEK_BOOL - Read memory bit - POKE_BLK - Write memory area See also Addressing variables in global data blocks (Page 2013) POKE: Write memory address (Page 3170) POKE_BOOL: Write memory bit (Page 3172) PEEK: Read memory address (Page 3166) 2022 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics PEEK_BOOL: Read memory bit (Page 3168) POKE_BLK: Write memory area (Page 3173) Indirect addressing via pointer (Page 2023) Indirect indexing of ARRAY components (Page 2024) Indirect addressing in STL (Page 2029) Indirect addressing via pointer (S7-1200, S7-1500) Description For indirect addressing, a special data format is required that contains the address and possibly also the range and the data type of an operand. This data format is referred to as pointer. The following types of pointers are available to you: POINTER (S7-1500) ANY (S7-1500, only for blocks with standard access) VARIANT (S7-1200/1500) For more information on the pointer data types, refer to "See also". Note In SCL the use of the POINTER is restricted. The only option available is to forward it to the called block. Example The following example shows an indirect addressing with an area-internal pointer: Addressing in STL Explanation L P#10.0 // Load pointer (P#10.0) in accumulator 1 T MD20 // Transfer pointer to the operand MD20 L MW [MD20] // Load MW10 in accumulator 1 .... // Any program L MD [MD20] // Load MD10 in accumulator 1 .... // Any program = M [MD20] // If RLO=1, set the memory bit M10.0 The pointer P#10.0 is transferred to the operand MD20. If the operand MD20 in square brackets is programmed, this will be replaced in runtime by the address that is contained in the pointer. WinCC Advanced V14 System Manual, 10/2016 2023 Programming the PLC 11.1 Programming basics See also Basics of indirect addressing (Page 2022) Pointer (Page 2185) Indirect indexing of ARRAY components (S7-1200, S7-1500) ARRAY access with variable index For addressing ARRAY elements, you can specify either constants or tags of the integer data type as index. Integers with a length of up to 32 bits are allowed here. With indirect addressing using a tag, the index is only calculated during program runtime. You can, for example, use a different index for each cycle in program loops. Syntax The following syntax is used for the indirect indexing of a ARRAY: "MyDB".MyArray[#i] // One-dimensional ARRAY "MyDB".MyArray[#i].a // One-dimensional ARRAY of STRUCT "MyDB".MyArray[#i,#j]// Multi-dimensional ARRAY "MyDB".MyArray[#i].a // Multi-dimensional ARRAY of STRUCT The syntax has the following components: Part Description MyDB Name of the data block in which the ARRAY is located MyArray Tag of the ARRAY data type i, j PLC tags of the integer data type that are used as pointers a Additional partial tag of the structure Note When you call a block and transfer an indirectly indexed ARRAY component ("MyDB".MyArray[#i]) to it as in/out parameter (InOut), you cannot change the value of the index tag [i] while the block is being executed. The value is therefore always written back to the same ARRAY component from which it was read. Indexing ARRAY components using the "FieldRead" and "FieldWrite" instructions You may also use the following instructions for indirect indexing of ARRAY components in LAD and FBD: FieldWrite - Write field FieldRead - Read field 2024 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics See also Examples: Indirect indexing of ARRAY components (Page 2025) Indirect addressing of ARRAY elements (Page 2069) Basics of indirect addressing (Page 2022) Addressing ARRAYs (Page 2182) ARRAY (Page 2177) Examples: Indirect indexing of ARRAY components (S7-1200, S7-1500) Example: ARRAY access with variable index in LAD The following example shows the indirect indexing of an ARRAY component using LAD as example. "MyArray" is a three-dimensional ARRAY. #Tag_1, #Tag_2 and #Tag_3 are input parameters of the data type "Integer". Depending on their values, one of the MyArray components is copied to the "MyTarget" tag. 7DJ,Q 0\'%0\$UUD\>0\7DJB 0\7DJB0\7DJB@ WinCC Advanced V14 System Manual, 10/2016 029( (1 (12 ,1 287 7DJ2XW 0\7DUJHW 2025 Programming the PLC 11.1 Programming basics Example: ARRAY access with variable index in SCL The following example shows you how to address multiple data blocks using a variable index. Five speed-controlled axes are used in the example. These axes are to be processed with SCL iteratively in a FOR loop. 1. First you create five speed-controlled axes. All five axes must be of the same type. A data block is created for each axis in the project navigator: 2. Next, generate a global data block and declare an ARRAY of the data type ANY with five components. 2026 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics 3. For initialization, you assign the symbolic names of the five axes to the individual ARRAY elements in the startup OB. 4. In SCL, access to the individual axes takes place iteratively with the help of a FOR loop. The axes are transferred to the function "MaximumVelocity" for execution one after the other. Example: ARRAY access with variable index in STL An application example for ARRAY access with variable index in STL is available under "Addressing ARRAY elements indirectly". (Page 2069) See also Indirect indexing of ARRAY components (Page 2024) Basics of indirect addressing (Page 2022) Addressing ARRAYs (Page 2182) ARRAY (Page 2177) WinCC Advanced V14 System Manual, 10/2016 2027 Programming the PLC 11.1 Programming basics Indirect addressing of individual characters of a STRING (S7-1200, S7-1500) Description For addressing the individual characters of a STRING or WSTRING, you can specify constants and also tags as the index. The tags must be of the Integer data type. When tags are used, the index is calculated during runtime. You can, for example, use a different index for each cycle in program loops. If you transfer a STRING or WSTRING with variable index to an in/out parameter during a block call, please note that: The index tag [i] is read once at the start of the block call and cannot be changed by the called block while it is being executed. Note Monitoring STRING access in runtime When a STRING or WSTRING that exceeds the defined length is written in runtime, unwanted reactions may occur in the program. Violation of the STRING or WSTRING length is monitored in S7-1200/1500. On read access to the STRING, you receive the character '$00' or '$0000'; write access to the STRING is not executed. If the instruction has the enable output ENO, ENO is set to the signal state FALSE. The CPU does not change to STOP. Syntax The following syntax is used for the indirect indexing of a STRING or WSTRING: "<Data block>".<STRING>["i"] "<Data block>".<WSTRING>["i"] Example The example below shows indirect indexing of a STRING using SCL as an example. "STRING", "WSTRING", "CHAR" and "WCHAR" are tags. "Tag_1" is a PLC tag of the "Integer" data type. Addressing in SCL Description STRING["Tag_1"] := CHAR; (*Indirect addressing: Assignment of "CHAR" to the character of the STRING*) specified by "Tag_1" WSTRING["Tag_1"] := WCHAR; (*Indirect addressing: Assignment of "WCHAR" to the character of the WSTRING*) specified by "Tag_1" WCHAR := WSTRING["Tag_1"]; (*Indirect addressing: Assignment of the WSTRING character specified by "Tag_1" to WCHAR*) See also STRING (Page 2162) WSTRING (Page 2165) 2028 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Indirect addressing in STL Basic information about address registers (S7-1200, S7-1500) Introduction Two address registers are available for the indirect addressing of operands: address register 1 (AR1), and address register 2 (AR2). The address registers are equal and are 32 bits in length. You can store area-internal and cross-area pointers in the address registers. To define the address of an operand, you can call the stored data in the program. Data is exchanged between the registers and the other available memory areas with the assistance of load and transfer instructions. Note In S7-1500, special rules apply to data exchange via address register and data block register: The values in the registers do not remain in existence beyond the block limits. The registers are reset when the language is changed within a block. You can only reference data in blocks with optimized access if these have the retain setting "Set in IDB". It is not possible to reference local data in blocks with optimized access with the help of the address registers (across areas). See also Indirect addressing in STL (Page 2029) Addressing areas of a tag with slice access (Page 2017) Setting retentivity (Page 4566) Indirect addressing in STL (S7-1200, S7-1500) In STL, the following options are available for indirect addressing: Memory-indirect addressing Register-indirect area-internal addressing Register-indirect cross-area addressing Memory-indirect addressing In the case of memory-indirect addressing, you store the address in a tag. The tag can be of WORD or DWORD data type. The tag can be located in the memory areas "Data" (DB or DI), "Bit memory" (M) or "Temporary local data" (L). In S7-1500, FB parameters can also be used to store the address. If the tag is located in a data block, it must be a data black with standard access. WinCC Advanced V14 System Manual, 10/2016 2029 Programming the PLC 11.1 Programming basics The following example shows applications of memory-indirect addressing: Addressing in STL Explanation U E [MD 2] // Execute an AND logic operation with a variable input bit. The address of the input bit is located in the memory double word MD2. = DIX [DBD 2] // Assign the RLO to a variable data bit. The address of the data bit is located in the data double word DBD2. L EB [DID 4] // Load a variable input byte to ACCU 1. The address of the input byte is located in the instance double word DID4. AUF DB [LW 2] // Open a variable data block. The number of the data block is located in the local data word LW2. Register-indirect area-internal addressing Register-indirect addressing uses one of the address registers (AR1 or AR2) to pick up the address of the operand. In the case of register-indirect, area-internal addressing, you index only the bit address and the byte address via the address register (e.g. P#10.0). You do not enter the memory area for which the address in the address register is to apply until during programming of the instruction. The address in the address register then moves to the memory area specified in the instruction. Possible memory areas are "Inputs" (I), "Outputs" (Q), "I/O" (PI or PQ), "Bit memory" (M), "Temporary local data" (L) and "Data" (DB or DI). If the operand is located in a data block, it must be a data black with standard access. When you enter register-indirect, area-internal addressing, specify an offset after the specification of the address register. This offset is added to the contents of the address register without changing the address register. This offset also has the format of a pointer. The specification of a pointer is mandatory and must be entered as constant (e.g. P#0.0 or P#2.0). The following example shows an application of register-indirect area-internal addressing: STL Explanation LAR1 P#10.0 // Load pointer (P#10.0) to address register 1 L IW [AR1, P#2.0] // Increase contents of address register 1 (P#10.0) by offset P#2.0. // Load contents of input word IW12 into accumulator 1 L IW [AR1, P#0.0] // Increase contents of address register 1 (P#10.0) by offset P#0.0. // Load contents of input word IW10 into accumulator 1 2030 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Register-indirect cross-area addressing In the case of register-indirect, cross-area addressing, use the address register to index the entire address of the operand, in other words, the bit address and byte address, as well as the memory area. Possible memory areas are "Inputs" (I), "Outputs" (Q), "I/O" (P), "Bit memory" (M), "Temporary local data" (L) and "Data" (DB or DI). If the operand is located in a data block, it must be a data black with standard access or the operand must have the retain setting "Set in IDB". In the instruction, program only the operand width. Possible operand widths are bit, byte, word, and double word. The following example shows an application of register-indirect cross-area addressing: LAR1 P#M10.0 // Load cross-area pointer (P#M10.0) to address register 1 L W [AR1, P#2.0] // Increase contents of address register 1 (P#M10.0) by offset P#2.0. // Load contents of memory word "MW12" into accumulator 1 LAR1 P#A10.0 L W [AR1, P#2.0] // Load cross-area pointer (P#A10.0) to address register 1 // Add contents of address register 1 (P#A10.0) by offset P#2.0 // Load contents of output word QW12.0 into accumulator 1 Note Special features in S7-1500 In S7-1500, special rules apply to data exchange via address register and data block register: The values in the registers do not remain in existence beyond the block limits. The registers are also reset when the language is changed within a block. If you access an operand of the BYTE, WORD or DWORD type using register-indirect addressing, the address must begin at a byte limit. Examples: LAR1 P#0.0 L MW [AR1, P#0.0] // P#0.0 + P#0.0 = P#0.0 - The addressing is allowed, because P#0.0 points to a byte limit. L MW [AR1, P#2.1] // P#0.0 + P#2.1 = P#2.1 - The addressing is not allowed, because P#2.1 does not point to a byte limit. See also Basics of indirect addressing (Page 2022) Addressing ARRAYs (Page 2182) Basic information about address registers (Page 2029) WinCC Advanced V14 System Manual, 10/2016 2031 Programming the PLC 11.1 Programming basics 11.1.5 Handling program execution errors 11.1.5.1 Causes of error Introduction There are different causes for various error qualities in TIA Portal to which you can respond with different mechanisms. These mechanisms with which you can react to an error are independent of the programming languages. Only the display of the individual mechanisms depends on the respective programming language. The situation determines what counts as an error. The overflow in the case of an addition, for example, can be an error because it does not return the desired result. In some cases, however, the addition overflow is acceptable and defined behavior and therefore not an error. When creating a program code, you must be aware that certain situations may arise. When you program communication, for example, you must be aware that this connection can be canceled at any time. To be prepared for this situation, you must install a corresponding fault reaction because any connection abort prevents the T_SEND program block from transmitting a message. This is why it is important that the connection abort is signaled to inform the operator that the message can no longer be transmitted. Because the instruction T_SEND cannot prevent the connection abort, the error output is the correct behavior for T_SEND. Ignoring this output can be interpreted as an error made by the programmer. Below, we will always refer to an error even if it is defined behavior. Different causes for an error We can distinguish between the following causes for an error: Faulty parameter values Faulty programming Failure of resources Description Errors that are dealt with directly in the instruction. Programming or access errors that result in the ex ecution of an instruction being aborted. Errors that are handled by the operating system and for which you can pro gram a reaction in the pro gram code. Error quality Handled error Synchronous error Asynchronous error Example Overflow of an arithmetic instruction Faulty programming: Occurrence of a specific event outside the pro gram code. Querying a nonexistent peripheral input When accessing an ARRAY by means of a variable index, the value of the index is located outside the valid ARRAY limits 2032 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Faulty parameter values Reaction of the Instructions that are program or operat linked with the enable out ing system put ENO are not execu ted. Faulty programming Failure of resources If you have not program med an error OB, the op erating system response depends on the CPU. 1. If an organization block (OB) is not assigned to the event, the operating system executes the default system response when the event occurs. 2. If an organization block (OB) is assigned to the event, it is called. Mechanisms for error handling in the program Depending on the instruc Global error handling 1): tion, you have different lo Program execution cal error handling options error OB 2) : Programming error EN/ENO mechanism OB The output I/O access error OB parameters: Local error handling 2) - RET_VAL with the instructions: - STATUS GET_ERROR - ERROR GET_ERR_ID Error organization blocks (OB): Time error (OB 80) Diagnostic interrupt (OB 82) Insert/remove module interrupt (OB 83) Rack error (OB 86) Possible system respon ses without assigned er ror OB: The event is ignored by the operating system. The CPU changes to STOP mode. If possible, the error handling takes place locally. If an error OB has been assigned, it will be called in case of a correspond ing event. An application example for diagnostics in the user program With evaluation of the errors in the error OBs (https:// support.industry.siemens .com/cs/document/ 98210758?lc=en-WW) WinCC Advanced V14 System Manual, 10/2016 1) You implement global error handling with the help of organization blocks. 2) You program local error handling within your program code. 2033 Programming the PLC 11.1 Programming basics Note Asynchronous error handling For a CPU of the S7-1500 series, the error OBs are called asynchronously. This means I/O access errors or programming error OBs may not be processed immediately when the error occurs, but delayed depending on the set priority. If additional errors occur before the I/O access error or the programming error OB was processed completely, no additional I/O access error or programming error OB is called. If you want to prevent I/O access or programming error OBs from being discarded, set the priority correspondingly high. 11.1.5.2 Overview of mechanisms for error handling Overview There are different mechanisms by which you can track parameter, programming or access errors: Mechanism Task Enable input EN or IF instruction Prevent execution of a program code Local Error handling Enable output ENO or binary result bit Indicate an error Parameter outputs RET_VAL, STA TUS and ERROR GET_ERROR and GET_ERR_ID in structions Respond to an error Organization blocks Global Local error handling in the case of faulty parameter values Not only does local error handling let you react to an error immediately after it has occurred, you can also get a specific reaction within your program code. You program the local error handling directly in a program block (OB, FB or FC). It only handles errors that occur within this individual program block. Advantages of local error handling: You can use the error information to program a reaction to the error that occurred in the program block. Programmed error evaluation and error reactions do not interrupt the program cycle. System performance is not unnecessarily affected by local error handling. If no errors occur, programmed error analyses and reactions are not executed. 2034 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics The following local error handling options are available: Error handling method Validity Explanation EN/ENO mechanism S7-300 / S7-400 / S7-1200 / S7-1500 You can detect and handle specific runtime errors with the help of the enable output ENO. Execution of subsequent instructions de pends on the signal state of the enable output. You can avoid pro gram crashes by using the EN/ENO mechanism. The block status is passed on in the form of a Boolean tag. 1) For additional information on the EN/ENO mechanism, refer to: Basics of the EN/ENO mechanism (Page 2037) Output parameters STATUS and ER S7-300 / ROR S7-400 / S7-1200 / S7-1500 Using the STATUS and ERROR parameters as return values of system function blocks (SFBs), you can query block-specific error information. The error information is output in a pre-defined struc ture. For further information on the output parameters, refer to the de scriptions of the individual instructions in the information system. Output parameter RET_VAL S7-300 / S7-400 / S7-1200 / S7-1500 You can display general error codes or specific error codes with the help of the output parameter RET_VAL as return value of sequential functions (SFCs). The general error codes refer to any instruction and the specific error codes refer only to a specific instruction. A maximum of one tag of the data type INT or WORD can be output. Additional information on the output parameter RET_VAL is availa ble here: Evaluating errors with output parameter RET_VAL (Page 2049) If the parameters of an instruction did not cause any memory access errors, the associated enable output ENO returns the signal state "1" and the outputs return valid values which you can query. 1) Global and local error handling in the case of faulty programming With the global and local error handling, you can react immediately to errors that have occurred without the CPU changing to "STOP" mode. The following options are available for handling programming and access errors: Type of global error handling Validity Program execution error OB (OB 85) S7-300 / S7-400 Explanation If you are not using OB 85, the CPU changes from RUN mode to STOP mode in case of a program execution error and generates an entry in the diagnostics buffer. Additional information on OB 85 can be found here: AUTOHOTSPOT CPU internal error handling in case of programming and access errors S7-1200 In the event of an error, the CPU generates an entry in the diagnos tics buffer and remains in RUN mode without additional program ming effort. Programming error OB (OB 121) S7-300/ S7-400 / S7-1500 If you are not using OB 121, the CPU changes from RUN mode to STOP mode in the case of a programming error and generates an entry in the diagnostics buffer. Additional information on OB 121 can be found here: S7-300 / S7-400: AUTOHOTSPOT S7-1500: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 2035 Programming the PLC 11.1 Programming basics Type of global error handling Validity Explanation I/O access error OB (OB 122) S7-300/ S7-400 / S7-1500 S7-300 / S7-400: If you are not using OB 122, the CPU changes from RUN mode to STOP mode in the case of an access error. AUTOHOTSPOT S7-1500: In the case of an I/O access error, the CPU always remains in RUN mode and generates an entry in the diagnostics buffer, even if you have not used OB 122. Additional information on OB 122 can be found here: AUTOHOTSPOT Additional information on reading out the diagnostics buffer can be found here:AUTOHOTSPOT You can integrate local error handling directly in your program code with the help of the GET_ERROR and GET_ERR_ID instructions. You also have the option of receiving detailed information on the error and evaluating it in your program close to the error location. You program the local error handling directly in a program block (OB, FB or FC). It only handles errors that occur within this individual program block. Type of local error handling Validity Explanation GET_ERROR and GET_ERR_ID in structions S7-1200/ S7-1500 The instructions give you the opportunity to obtain an error ID or detailed error information and to program a direct response in the program code. When information about the first error is queried, the memory space of the error in the system memory is enabled again. Then, when additional errors occur, information about the next error is output. Additional information on the GET_ERROR and GET_ERR_ID in structions and an overview for prioritizing the errors that occur is available here: Use of the instructions GET_ERROR and GET_ERR_ID (Page 2053) When using local error handling, query via the GET_ERROR instruction, the following default reactions exist: In the case of a write error: The error is ignored and processing of the program continues. In the case of a read error: Processing of the program continues with the substitute value "0" for arithmetic instructions. In the case of an execution error: Processing of the instruction is canceled and processing of the program continues with the next instruction. Advantages of local error handling: Error information that you can query and evaluate is stored in the system memory (e. g. with the help of the GET_ERROR and GET_ERR_ID instructions). You can use the error information to program a reaction to the error that occurred in the program block. Programmed error evaluation and error reactions do not interrupt the program cycle. 2036 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Local error handling has a lower effect than global error handling on the system performance. If no errors occur, programmed error analyses and reactions are not executed. If local error handling has been set for a program block, no global error handling is conducted in the case of errors. Note To prevent the CPU from switching to STOP mode in the case of an error, all programming and I/O access errors must be captured either by global or local error handling. Example A detailed example of local error handling that contains several of the above described options is available here: Handle program execution errors (Page 2061) 11.1.5.3 EN/ENO mechanism Basics of the EN/ENO mechanism Introduction Runtime errors that require a program abort can occur during the processing of instructions. You can use the EN/ENO mechanism to avoid such program aborts. This mechanism can be used at two levels: EN/ENO mechanism for individual instructions EN/ENO mechanism for block calls WinCC Advanced V14 System Manual, 10/2016 2037 Programming the PLC 11.1 Programming basics Instructions in LAD/FBD Enable input EN (enable) ENO enable output You can use the enable input EN to make the ex ecution of the instruction dependent on conditions. The instruction is only executed if the signal state at the enable input EN is "1". You can use the enable output ENO to query run time errors in an instruction and react to these: The enable output ENO has the signal state "1" if no error occurred during the execution. Enable output ENO has the signal state "0" if one of the following conditions applies: - Enable input EN has the signal state "0". - An error occurred during processing. You can enable and disable the enable output ENO specifically for individual instructions by us ing the shortcut menu. Additional information is available here: Enabling and disabling the EN/ENO mechanism (Page 4668) An example of the effects that disabling the enable output ENO has on your program code is available here: Using enable output ENO flexibly in LAD and FBD (Page 2059) The EN/ENO mechanism is used for the following basic instructions: Mathematical functions Move operations Conversion operations Word logic operations Program control > Runtime control Shift and rotate For additional information on the EN/ENO mechanism, refer to: Example of the use of the EN/ENO mechanism in LAD (Page 2044) Example of the use of the EN/ENO mechanism in FBD (Page 2045) 2038 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Program block calls in LAD/FBD All program block calls are provided with an enable input EN and an enable output ENO. This applies to all calling program blocks, regardless of the programming language in which they were created. This means that when you call an STL or SCL program block without an EN/ ENO mechanism, the LAD or FBD program block call still has an EN/ENO mechanism. Enable input EN (enable) ENO enable output You can use the enable input EN to call a program block depending on conditions. The program block is only executed if the signal state at the enable input EN is "1". You can query the error status of the program block using the enable output ENO: The enable output ENO returns the signal state "1" if program block processing took place and the execution was successful. If you do not explicitly set the enable output ENO to the signal state "0" in the program code, it retains the signal state "1". To signal an error statement back to the calling program block, you can explicitly set the enable output ENO to the signal state "0". With the instruction "RET": Return", the enable output ENO of the calling program block is set to the specified signal state. Additional information on the RET instruction is available here. - LAD: --(RET): Return (Page 2676) - FBD: RET: Return (Page 2987) For additional information on the EN/ENO mechanism, refer to: Example of the use of the EN/ENO mechanism in LAD (Page 2044) Example of the use of the EN/ENO mechanism in FBD (Page 2045) WinCC Advanced V14 System Manual, 10/2016 2039 Programming the PLC 11.1 Programming basics STL programming language EN/ENO mechanism Enable input EN and enable output ENO - for instructions The EN/ENO mechanism is not available for individual instructions. It is mapped by language-specific instruction sequences and use of the status word. For additional information on the status word, refer to: AUTOHOTSPOT Additional information is available here: Example of the simulation of the EN/ENO mechanism in STL (Page 2046) - for program block calls A program block that you call from an STL program block is not provided with the EN and ENO parameters. Regardless of the programming language in which the program block was created, you can get an error statement to the calling STL program block by using the BR bit of the status word. You can evaluate the error status of the called program block by linking the BR bit of the status word with the result of logic operation (RLO). The RLO has the signal state "1" as soon as the program block execution of the called program block starts. If you do not explicitly reset the RLO to "0" after the execution of the actions, it retains the signal state "1". To signal an error statement back to the calling program block, you have to explicitly reset the RLO to the signal state "0". The error state ment is set with the instructions "SAVE: Save RLO in BR bit" and "SPBNB: Jump if RLO = 0 and save RLO". For additional information on the BR bit, refer to: Evaluating errors with output parameter RET_VAL (Page 2049) Error information about the BR bit in STL: An error analysis of the BR bit is available in STL. The BR bit is the basis for generating the enable output ENO in the programming languages LAD, FBD and SCL. The value "0" in the BR bit of the status word indicates that an error occurred during an STL program block call (calling program block is an STL program block). 2040 CPU execution of the in BR bit struction Return value Sign of the integer With error(s) 0 Less than "0" Negative (sign bit is "1") Without error 1 Greater than or equal to "0" Positive (sign bit is "0") WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Programming language SCL EN/ENO mechanism Enable input EN (enable) ENO enable output - for instructions The EN/ENO mechanism is optional for instructions. Activate the EN/ENO mech anism using the block property "Set ENO automatically": If you activate the attribute in the program properties, the EN/ENO mechanism is activated as default for all new SCL program blocks. If you activate the attribute in the block properties, only the EN/ENO mechanism of the selected SCL program block is activated. Additional information is available here: Displaying and editing block properties (Page 4502) You can find an example of an instruction here: Example of the use of the EN/ENO mechanism in SCL (Page 2048) - for program block calls You can use the enable input EN to call a program block conditionally. To do this, use the enable input EN as an input parameter in the parameter list of the calling program block. The program block is only executed if the signal state at the enable input EN is "1". If you do not use the enable input EN, the program block call is executed unconditionally. You can query the error status of the program block using the enable output ENO: The enable output ENO has the signal state "1", as soon as the called program block has been executed error-free. The enable output ENO has the signal state "0" if an error occurred during the execution of the called program block. To query the state of the enable output ENO of the called program block, insert the additional output parameter ENO in the program block call. You can find an example of a program block call here: Example of the use of the EN/ENO mechanism in SCL (Page 2048) Note Program block call of functions The EN/ENO mechanism is not available to you for calling functions (FC) in an SCL program block. Use an IF instruction instead to call functions (FC) conditionally. WinCC Advanced V14 System Manual, 10/2016 2041 Programming the PLC 11.1 Programming basics GRAPH programming language (S7-1500) EN/ENO mechanism Enable input EN (enable) ENO enable output - for instructions You have no access to the enable output ENO of the instructions, which means you cannot influence the status of the enable output ENO at the GRAPH function block. However, with conversions, mathematical functions or LAD/FBD instruc tions, for example, you can have the enable output ENO displayed in the program status. Activate the block property "Set ENO automatically". The status of the enable out put ENO is now displayed during testing of the program status. This has the value TRUE if the action was successful and FALSE if the action failed. The display option of the status of the enable output ENO is available at the fol lowing positions in the GRAPH program block: Permanent pre-instructions Sequence view > Actions Permanent post-instructions Link to description is still missing in the online help. For additional information on the activation of the EN/ENO mechanism, refer to: Displaying and editing block properties (Page 4502) You can find an example of the display of the program status here: Example of the EN/ENO mechanism in GRAPH (Page 2048) - for block calls You can use the enable input EN to call a program block depending on condi tions. The program block is only execu ted if the signal state at the enable input EN is "1". You can query the error status of the program block using the enable output ENO: The enable output ENO has the signal state "1", as soon as the called program block has been executed error-free. The enable output ENO has the signal state "0" if an error occurred during the execution of the called program block. The enable output ENO cannot be explicitly set or reset. The enable output ENO is not influenced by the ENO of the instructions. You can find an example of a program block call here: Example of the EN/ENO mechanism in GRAPH (Page 2048) Programming and I/O access errors You cannot evaluate programming and I/O access errors with the EN/ENO mechanism. To do this, use either the global error handling via OBs or the local error handling using the "GET_ERROR" or "GET_ERR_ID" instructions (S7-1200/1500 only). If none of the errors occurred for an instruction, you can evaluate the associated enable output ENO. 2042 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Program block calls in all programming languages (S7-300/400) The following applies to a CPU of the S7-300/400 series: When you call program blocks that do not include any instructions, neither the BR bit nor the ENO enable output are influenced. The signal state of the BR bit remains constant as a result. No statement can be made about the success of the program block call. See also Overview of mechanisms for error handling (Page 2034) EN/ENO mechanism in blocks with different network languages (Page 2043) EN/ENO mechanism in blocks with different network languages Description You can also use the EN/ENO mechanism in blocks with different network languages. Each programming language displays the error status differently: SCL has an ENO tag that stores the error status and can be queried. Direct access to this tag is only possible with SCL. LAD/FBD/STL have no special tag for ENO. However, you can read the error status for STL from the BR bit, and query it via the RET coil for LAD/FBD. The following rules apply to reading out the error status for the entire block: The last network in the block is a LAD/FBD network: If you do not use RET coils, the error status is TRUE by default. The last network in the block is an STL network: The BR bit determines the error status. The BR bit can be edited in STL networks using the BR tab. The last network in the block is an SCL network: The ENO tag determines the error status of the block. See also Basics of the EN/ENO mechanism (Page 2037) WinCC Advanced V14 System Manual, 10/2016 2043 Programming the PLC 11.1 Programming basics Example of the use of the EN/ENO mechanism in LAD Example of an instruction with EN/ENO mechanism The following example shows the "Add" instruction with EN/ENO circuit and a RET coil (Ret False): '%B$'' $'' ,17 7DJ(QDEOH (1 7DJ9DOXH ,1 7DJ9DOXH ,1 (12 287 127 )$/6( 5(7 7DJ5HVXOW After the NO contact "TagEnable", the enable input EN contains the result of the preceding logic operation: If the operand "TagEnable" has the signal state "0", the "Add" instruction is not executed. The enable output ENO is set to signal state "0" and the called program block is exited. The enable output ENO of the calling program block then also has the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the instruction "Add" is executed. The instruction adds two values of the data type INT. If the result is outside the value range of INT (16 bits), the instruction will still return a result but it is within the value range of INT. The result is caused by an integer overflow that occurs when the CPU makes calculations with a limited number of places but more places are required to display the calculation result. This result does not indicate that there was an overflow. Which is why the following applies in case of an addition => ENO:= NOT(OV). If an error occurs during processing of the program block, the enable output ENO is set to signal state "0" and the called program block is exited. The enable output ENO of the calling program block then also has the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the instruction "Add" is executed. If the instruction is executed without errors, the enable output ENO also has the signal state "1" and the output "TagResult" the result. A detailed description of the instruction "RET: Return" is available here: --(RET): Return (Page 2676) Example of a program block call with EN/ENO mechanism The following example shows the call of the program block with EN/ENO circuit: %ORFNQDPHB'% 7DJ(QDEOH %ORFNQDPH (1 2044 (12 7DJ(QDEOH2XW WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics The program block is executed only if the operand "TagEnable" has the signal state "1": If the operand "TagEnable" has the signal state "0", the program block call is not executed. The enable input EN and the enable output ENO both have the signal state "0". The enable output ENO has a signal state that depends on what was programmed within the program block. See also Basics of the EN/ENO mechanism (Page 2037) Example of the use of the EN/ENO mechanism in FBD Example of an instruction with EN/ENO mechanism The following example shows the "Add" instruction with EN/ENO circuit and a RET coil (Ret False): $'' ,17 7DJ(QDEOH (1 7DJ9DOXH ,1 7DJ9DOXH ,1 287 (12 7DJ5HVXOW )$/6( 5(7 After the NO contact "TagEnable", the enable input EN contains the result of the preceding logic operation: If the operand "TagEnable" has the signal state "0", the "Add" instruction is not executed. The enable output ENO is set to signal state "0" and the called program block is exited. The enable output ENO of the calling program block then also has the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the instruction "Add" is executed. The instruction adds two values of the data type INT. If the result is outside the value range of INT (16 bits), the instruction will still return a result but it is within the value range of INT. The reason for this is that the entry into the non-existing 17th bit is withheld, for example, 30000 + 30000 = 60000 ( -65356) = -5536. This result does not indicate that there was an overflow. Which is why the following applies in case of an addition => ENO:= NOT(OV). If an error occurs during processing of the program block, the enable output ENO is set to signal state "0" and the called program block is exited. The enable output ENO of the calling program block then also has the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the instruction "Add" is executed. If the instruction is executed without errors, the enable output ENO also has the signal state "1" and the output "TagResult" the result. A detailed description of the instruction "RET: Return" is available here: RET: Return (Page 2987) WinCC Advanced V14 System Manual, 10/2016 2045 Programming the PLC 11.1 Programming basics Example of a program block call with EN/ENO mechanism The following example shows the call of the program block with EN/ENO circuit: %ORFNQDPHB'% %ORFNQDPH 7DJ(QDEOH (1 (12 7DJ(QDEOH2XW The program block is executed only if the operand "TagEnable" has the signal state "1": If the operand "TagEnable" has the signal state "0", the program block call is not executed. The enable input EN and the enable output ENO both have the signal state "0". The enable output ENO has a signal state that depends on what was programmed within the program block. See also Basics of the EN/ENO mechanism (Page 2037) Example of the simulation of the EN/ENO mechanism in STL Example of a program sequence with EN/ENO mechanism The following example shows a program section for adding values with EN/ENO mechanism: STL Description A "TagEnable" // Query the signal state of the "TagEnable" operand for "1" and AND with the current RLO. JNB MyLABEL // Evaluation of the enable input EN // If RLO = "0", jump to jump label "MyLABEL" and save the current RLO in the BR bit. The following actions are not executed. // If the RLO = "1", execute the following actions. L "Tag_Input_1" // Load first value for addition. L "Tag_Input_2" // Load second value for addition. +I // Add values T "Tag_Result" // Transfer sum to the operand "Tag_Result". AN OV // Query whether an overflow has occurred. SAVE // Transfer signal state of the RLO to the BR bit. CLR /// Reset RLO to "0" and end logic sequence. MyLABEL: A BR // Jump label "MyLABEL" // Query BR bit. 2046 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics STL = "Tag_Output" Description // Assign signal state of the RLO to the "Tag_Output" operand. The query of the operand "TagEnable" provides the result of the preceding logic operation (RLO). The instruction "JNB: Jump if RLO = 0 and save RLO" saves the RLO in the BR bit. Additionally, the instruction evaluates the RLO and executes the following actions depending on the signal state: If the RLO is "0", the processing of the program is continued at the jump label "MyLABEL" with the query of the BR bit. The addition is not executed. The current RLO is assigned with the operand "Tag_Output". If the RLO is "1", the addition is executed. A query of the overflow bit (OV) shows whether an error occurred during the addition. The query result is saved in the BR. The instruction "CLR: Reset RLO to 0" resets the RLO to "0" and ends the logic sequence. The BR bit is then queried and assigned to the operand "Tag_Output". The signal state of the BR bit, and the operand "Tag_Output" shows whether the addition was executed without any error. Example of a program block call with EN/ENO mechanism The following example shows the call of the program block with EN/ENO circuit: STL Description A "TagEnable" // Query the signal state of the "TagEnable" operand for "1" and AND with the current RLO. JNB MyLABEL // Evaluation of the enable input EN // If RLO = "0", jump to jump label "MyLABEL" and save the current RLO in the BR bit. The following actions are not executed. // If the RLO = "1", execute the following actions. CALL "Block name", "Block name_DB" // The program block is called. MyLABEL: A BR // Jump label "MyLABEL" // Query BR bit and link with the RLO after AND. = "Tag_Output" // Assign signal state of the RLO to the "Tag_Output" operand. See also Basics of the EN/ENO mechanism (Page 2037) WinCC Advanced V14 System Manual, 10/2016 2047 Programming the PLC 11.1 Programming basics Example of the use of the EN/ENO mechanism in SCL Example of an instruction with EN/ENO mechanism To use the EN/ENO mechanism for instructions, you have to activate the block property "Set ENO automatically". The following example shows the use of the enable output ENO for the operation "a + b": "MyOutputREAL":= #a + #b; "MyOutputBOOL":= ENO; If the operation "a/b" is executed without error, the operand "MyOutputBool" has the signal state "1". Example of a program block call with EN/ENO mechanism The following example shows the call of the program block with EN/ENO circuit: "Block name_DB"(EN:= "TagEnable" <> 0, ENO => "TagEnableOut"); The program block is executed only if the operand "TagEnable" has the signal state "1": If the operand "TagEnable" has the signal state "0", the called program block call is not executed. Both the enable input EN and the enable output ENO have the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the called program block is executed. The enable output ENO has a signal state that depends on what was programmed within the program block. See also Basics of the EN/ENO mechanism (Page 2037) Example of the EN/ENO mechanism in GRAPH Example of a program status with enable output ENO The following example shows the program status of the enable output ENO in the sequence view under actions: If an error occurs during the execution, the enable output ENO has the signal state FALSE. 2048 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics Example of a program block call The following example shows the call of the GRAPH program block in a LAD program block with EN/ENO connected: *5$3+B)%B'% *5$3+B)% 7DJ(QDEOH (1 7DJ(QDEOH2XW (12 IDOVH 2))B64 6B12 IDOVH ,1,7B64 6B025( The program block is executed only if the operand "TagEnable" has the signal state "1": If the operand "TagEnable" has the signal state "0", the called program block call is not executed. Both the enable input EN and the enable output ENO have the signal state "0". If the operand "TagEnable" has the signal state "1", the enable input "EN has the signal state "1" and the called program block is executed. The enable output ENO has a signal state that depends on what was programmed within the program block. See also Basics of the EN/ENO mechanism (Page 2037) 11.1.5.4 Evaluating errors with output parameter RET_VAL Basics on error analysis of library blocks (SFB and SFC) Two additional error evaluation options are available in addition to the output parameter RET_VAL: With the EN/ENO mechanism (LAD, FBD, and SCL) For additional information on the EN/ENO mechanism, refer to:Basics of the EN/ENO mechanism (Page 2037) With the BR bit (binary result bit) of the status word (STL) With the output parameter RET_VAL (return value) The enable output ENO only informs you that an error has occurred. If you want to know which error occurred exactly, the output parameter RET_VAL will provide more information. You can use it to determine whether or not the CPU was able to execute the instruction successfully. In the case of an error, you will also learn why the instruction could not be executed successfully. The section below includes detailed information on the two error evaluation options RET_VAL and BR bit. WinCC Advanced V14 System Manual, 10/2016 2049 Programming the PLC 11.1 Programming basics Recommendation for sequence of error analyses Before evaluating the instruction-specific output parameters (for example, OUT), you should always follow the steps below: 1. First evaluate the enable output ENO or the BR bit of the status word in STL. 2. Then check the output parameter RET_VAL. If the enable output ENO or the BR bit indicates that an error has occurred during the execution of the instruction or if output parameter RET_VAL contains a general error code, the instructionspecific output parameters return an invalid value. If a general error occurs with the output parameter RET_VAL, this is only indicated by the value "0" in the BR bit of the status word. The return value is of the data type integer (INT). The relationship of the return value to the value "0" indicates whether or not an error occurred during execution of the instruction. General and specific error codes (RET_VAL) The output parameter RET_VAL has two types of error codes: A general error code that all instructions can output and A specific error code that an instruction can output depending on its specific functions. The data type of the output parameter RET_VAL is an integer (INT). The error codes of the instruction are grouped according to hexadecimal values. If you want to examine a return value and compare the value with the error codes listed in this documentation, then display the error code in hexadecimal format. You can write your program so that it reacts to the errors that occur during execution of an instruction. This way you prevent further errors occurring as a result of the first error. The figure below shows the structure of a system function error codes in hexadecimal format: (UURUFRGHHJ: [ (YHQWQXPEHURUHUURUFODVVDQGVLQJOHHUURU ,I[ WKHQ\RXDUHGHDOLQJZLWKDVSHFLILFHUURUFRGHRIDQLQVWUXFWLRQ7KH VSHFLILFHUURUFRGHLVLQFOXGHGLQWKHGHVFULSWLRQRIWKHLQGLYLGXDOLQVWUXFWLRQ ,I[! WKHQ\RXDUHGHDOLQJZLWKDJHQHUDOHUURUFRGHRIDQLQVWUXFWLRQ,QWKLV FDVH[LVWKHQXPEHURIWKHLQVWUXFWLRQSDUDPHWHUWKDWKDVFDXVHGWKHHUURU7KH SRVVLEOHJHQHUDOHUURUFRGHVDUHOLVWHGLQWKHIROORZLQJWDEOH 6LJQELW LQGLFDWHVWKDWDQHUURUKDVRFFXUUHG 2050 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics It is easy for you to determine whether an error has occurred because the output parameter RET_VAL is of the type INT: If the value is < 0, there is an error. If the value is = 0, no error has occurred. If the value is > 0, no error has occurred but the instruction was not executed successfully. This is used in asynchronous instructions, for example, to indicate that processing of the instruction was started but is not yet complete. See the return values of T_SEND or WRIT_DBL. General error codes The general error code indicates errors that can occur in all instructions. A general error code consists of the following two numbers: A parameter number from 1 to 111, where 1 indicates the first parameter of the called instruction, 2 the second parameter, and so forth. An event number between 0 and 127. The event number indicates an error. The figure below shows the structure of a general error code: %LWV 3DUDPHWHUQXPEHU (YHQWQXPEHU 6LJQ Note Reaction to a general error code If a general error code was entered in the output parameter RET_VAL, the following situations are possible: The action associated with the instruction was started or has already been completed. A specific instruction error occurred when the action was performed. As a result of a general error that occurred later, the specific error could, however, no longer be indicated. The following table explains the general error codes of a return value. The error code is shown in hexadecimal format. The letter x in each code number is simply a placeholder and represents the number of the system function parameter that caused the error: Error code Description (W#16#...) 8x01 Illegal syntax ID at an VARIANT parameter 8x22 Range length error when reading a parameter. 8x23 Range length error when writing a parameter. This error code indicates that the parameter x is located either entirely or partly outside the range of an address, or that the length of a bit range is not a multiple of 8 with an VARIANT parameter. WinCC Advanced V14 System Manual, 10/2016 2051 Programming the PLC 11.1 Programming basics Error code Description (W#16#...) 8x24 Range error when reading a parameter. 8x25 Range error when writing a parameter. This error code indicates that the parameter x is located in a range that is illegal for the system function. Refer to the descriptions of the individual functions for information about the illegal ranges. 8x26 The parameter contains a timer cell number that is too high. This error code indicates that the timer cell specified in parameter x does not exist. 8x27 The parameter contains a counter cell number that is too high (counter number error). This error code indicates that the counter cell specified in parameter x does not exist. 8x28 Alignment error when reading a parameter. 8x29 Alignment error when writing a parameter. This error code indicates that the reference to parameter x is an operand with bit address that is not equal to 0. 8x30 The parameter is located in a read-only global DB. 8x31 The parameter is located in a read-only instance DB. This error code indicates that parameter x is located in a read-only data block. If the data block was opened by the system function itself, the system function always returns the value W#16#8x30. 8x32 The parameter contains a DB number that is too high (DB number error). 8x34 The parameter contains an FC number that is too high (FC number error). 8x35 The parameter contains an FB number that is too high (FB number error). This error code indicates that parameter x contains a block number higher than the highest permitted number. 8x3A The parameter contains the number of a DB that is not loaded. 8x3C The parameter contains the number of an FC that is not loaded. 8x3E The parameter contains the number of an FB that is not loaded. 8x42 An access error occurred while the system was attempting to read a parameter from the peripheral input area. 8x43 An access error occurred while the system was attempting to write a parameter to the peripheral output area. 8x44 Error in the nth (n > 1) read access after an error occurred. 8x45 Error in the nth (n > 1) write access after an error occurred. This error code indicates that access to the required parameter is denied. 8x7F Internal error This error code indicates an internal error at parameter x. Specific error codes Some instructions have a return value that provides an error code specific for the instruction. A specific error code indicates errors that can occur only in specific instructions. 2052 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.1 Programming basics A specific error code consists of the following two numbers: An error class from 0 to 7. An error number from 0 to 15. %LWV (UURUFODVV 6LQJOHHUURU 6LJQ For further information on specific error codes, refer to the descriptions of the individual instructions in the information system. See also Difference between synchronous and asynchronous instructions (Page 2436) 11.1.5.5 Use of the instructions GET_ERROR and GET_ERR_ID Introduction Local error handling makes it possible to query the occurrence of errors within a program block and evaluate the associated error information. You can set local error handling for organization blocks (OBs), function blocks (FBs), and functions (FCs). If local error handling is enabled, the system reaction is ignored. You can read out the error number from the error information of the instruction GET_ERR_ID. You can find out, for example, which parameter caused an access error from the error information of the instruction GET_ERROR. In order for the instructions to output the required error information, they must be programmed in the user program for each individual program block from which potential errors are to be evaluated. If you work with the instructions, no error OB is called and there is no entry in the diagnostics buffer. With this method of error handling, you actively intervene in the program sequence by programming a reaction to the errors that occurred. Because errors can occur at any location within the program block, we recommend that you integrate the instruction at the end of the program block. The instructions GET_ERROR and GET_ERR_ID differ in the amount of error information that is output with each one. As soon as you have integrated one of the two instructions in your program code, the "Handle errors within block" check box is selected in the inspector window under "Properties > WinCC Advanced V14 System Manual, 10/2016 2053 Programming the PLC 11.1 Programming basics Attributes". This setting cannot be edited in the Inspector window. Local error handling can be deactivated by deleting the inserted instructions for local error handling. Note Block property "Handle errors within block" This setting is not applied by a calling block, nor is it transferred to called program blocks. The system settings still apply to higher-level and lower-level program blocks, provided dedicated local error handling has not been programmed for these blocks. Error output priorities In local error handling, information about the first error that occurred is displayed using the instructions GET_ERROR or GET_ERR_ID. If multiple errors occur at the same time while an instruction is being executed, these errors are displayed according to their priority. The following table shows the priority of different types of errors: Priority Error type 1 Error in the program code 2 Missing reference 3 Invalid range 4 DB does not exist 5 Operands are not compatible 6 Width of specified area is not sufficient 7 Timers or counters do not exist 8 No write access to a DB 9 I/O error 10 Instruction does not exist 11 Block does not exist 12 Invalid nesting depth The highest priority is 1 and the lowest priority is 12. Additional information For additional information on the instructions, refer to the information system under PLC programming > Instructions > Instructions (S7-1200, S7-1500) > Basic instructions. The instructions are available in the programming languages LAD/FBD/STL/SCL and GRAPH. See also GET_ERROR: Get error locally (Page 2997) GET_ERR_ID: Get error ID locally (Page 2690) GET_ERR_ID: Get error ID locally (Page 3001) GET_ERROR: Get error locally (Page 2686) 2054 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 11.2 Programming recommendations (S7-1200, S7-1500) 11.2.1 The new S7-1500 CPU functions and programming recommendations at a glance (S7-1200, S7-1500) Higher performance The S7-1200/1500 CPUs offer much higher performance than the S7-300/400 CPUs. When programming with STEP 7 V5.x, you were probably used to methods such as absolute addressing to achieve higher performance from the CPU and leaner program code. Due to the high performance provided by CPUs of the S7-1200/1500 series, this is now no longer necessary. If you wish to reuse the programming code created on an S7-300/400CPU on an S7-1200/1500 CPU, it will probably be necessary to modify the program code here and there in order to fully exploit the high performance. In the paragraphs below, we would like to introduce some new programming options of the S7-1200/1500 CPUs. You can find more tips on improving the performance here: Increasing performance in STEP 7 (TIA Portal) (https://support.industry.siemens.com/cs/ww/en/view/37571372) Universal symbolism The S7-1500 allows you to use the symbolism throughout the entire project. Using the autocomplete function, you are given context-dependent support for programming with symbols within the programming editors. The data elements, for example those in a data block, are assigned only a symbolic name in the declaration but no fixed address within the data block. This allows you to fully exploit the high performance of the S7-1500 when accessing these data elements. The absolute addresses of operands need not be known and access errors are avoided. Your program code will be clearer due to the symbolism and you have to comment less. All points of use are automatically updated when a correction is made to the symbolism. Note You can find additional information on the use of universal symbols at: How can I address symbolically? Symbolic addressing (Page 2066) WinCC Advanced V14 System Manual, 10/2016 2055 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Optimized block access With optimized block access, the declared data elements are arranged automatically in the available memory area of the block in a way that makes optimal use of its capacity. The data is structured and saved in way that is optimal for the CPU used. The storage is left to the system. The data elements are assigned only a symbolic name in the declaration by which the tag within the block can be addressed. This allows you to increase the performance of the CPU. Access errors, from the HMI, for example, are not possible. 6,(0(16 &RPSDULVRQRIEORFNDFFHVVHV 6WDQGDUG!2SWLPL]HG 'DWDPDQDJHPHQW 6WDQGDUGEORFNDFFHVV 6FRPSDWLEOH ZLWK6 2SWLPL]HGEORFNDFFHVV 6RQO\ <RXFDQDGGUHVVWDJVXVLQJERWKV\PEROLF PHPRU\RSWLPL]HG DQGDEVROXWH XVHUGHILQHG DGGUHVVHV 7KHV\VWHPPDQDJHVDQGRSWLPL]HVWKH GDWDVWRUDJH7KLVUHVXOWVLQRSWLPDOXVHRI WKHPHPRU\FDSDFLW\ 3HUIRUPDQFH 7KHDFFHVVWRD&38RIWKH 6VHULHVGRHVQRWDOZD\V RFFXUDVIDVWDVSRVVLEOHEHFDXVHWKH GDWDVWRUDJHFDQEHLQHIILFLHQWGXHWR DEVROXWHDGGUHVVLQJ 7KHDFFHVVDOZD\VRFFXUVDVIDVWDV SRVVLEOHEHFDXVHWKHGDWDVWRUDJHLV RSWLPL]HGE\WKHV\VWHPDQGQRIL[HG DGGUHVVHVDUHDVVLJQHG 6XVFHSWLELOLW\WRHUURUV $EVROXWHDGGUHVVLQJ HJIURP+0, RUZKHQLQGLUHFWDGGUHVVLQJLVXVHG FDQOHDGWRLQFRQVLVWHQFLHVDIWHUD FKDQJHWRWKHIL[HGDGGUHVV $FFHVVHUURUVHJIURP+0,RUZKHQ LQGLUHFWDGGUHVVLQJLVXVHGDUHQRW SRVVLEOHEHFDXVHWKHDFFHVVLV V\PEROLF 5HWHQWLYLW\ 9DOLGIRUDOOWDJVRIDGDWDEORFN 9DOLGIRULQGLYLGXDOWDJV 5HFRPPHQGDWLRQ 7RDFKLHYHWKHEHVWSRVVLEOHSHUIRUPDQFHWKHFRPELQLQJRIGLIIHUHQWEORFNDFFHVVW\SHVZLWKLQ\RXUSURJUDPLVQRW UHFRPPHQGHG Note You can find additional information on blocks with optimized access here: AUTOHOTSPOT 2056 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) New data types The new data types LWORD, LINT, ULINT, LTIME, LTOD, LDT and ARRAY (32-bit limit) offer much higher calculation accuracy when using mathematical functions. In the area of implicit and explicit data type conversion, you have more options in comparison to the CPUs of the S7-300/400 series. Note You can find additional information on the new data types here: AUTOHOTSPOT PLC data types PLC data types (UDT) are data structures that you define and that can be used multiple times within the program. The structure of a PLC data type is made up of several components, each of which can contain different data types. You define the type of components in the declaration of the PLC data type. You can use the PLC data type as a base data type for defining tags and as a template for creating global data blocks. If you later make changes to the PLC data type, the changes are automatically updated at all points of use. You can also symbolically access individual elements of an ARRAY within a PLC data type. Note You can find additional information on the PLC data types here: What does a PLC data type look like and how can I declare it in my program? PLC data types (UDT) (Page 2170) Basics of PLC data types (UDT) (Page 4620) You can find programming recommendations for the PLC data type here: Using PLC data types (UDT) (Page 2104) Using the DB_ANY data type (Page 2093) Uniform instructions in all programming languages You are provided with a uniform set of instructions in all programming languages (LAD, FBD, STL, SCL, and GRAPH). WinCC Advanced V14 System Manual, 10/2016 2057 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Slice access Slice access gives you the option of specifically addressing areas within declared tags. You can implement symbolic access to a single bit up to the level of the tag. The single bit is then addressed absolutely. Note You can find additional information on slice access here: How can I address with slice access? AUTOHOTSPOT AUTOHOTSPOT Indirect addressing Indirect addressing offers you the option of addressing operands whose address is not calculated until runtime. All programming languages provide general methods for indirect addressing, for example, via POINTER. In the STL and SCL programming languages, you can also use PEEK and POKE instructions. Note You can find additional information on indirect addressing here: AUTOHOTSPOT "Sample Library for Instructions" You can use the "Sample Library for Instructions" to assist in programming. You will find practical and easy-to-understand programming examples for SIMATIC S7-1500 and S7-1200 in the LAD language here. You can simply insert the examples into your program and reuse them there. Note You can find additional information on the program examples here: Sample Library for Instructions (Page 2434) 2058 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Additional programming recommendations You can find additional information about programming recommendations and a programming guide in the Siemens Industry online support under: FAQs: Programming recommendations (http://support.automation.siemens.com/WW/ llisapi.dll?aktprim=0&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&Datakey=47071380&extranet=standard&groupid=40 00002&viewreg=WW&nodeid0=29156492&objaction=csopen) Background and system descriptions in the Programming Guideline and Programming Styleguide (https://support.industry.siemens.com/cs/document/81318674/programmingguideline-and-programming-styleguide-for-s7-1200-and-s7-1500?dti=0&lc=en-WW) 11.2.2 Error handling (S7-1200, S7-1500) 11.2.2.1 Using enable output ENO flexibly in LAD and FBD (S7-1200, S7-1500) Advantages In STEP 7 TIA Portal, the programming languages LAD and FBD contain individual instructions in which the enable output ENO can be enabled or disabled. The ENO enable output is disabled by default. If needed, you can activate the ENO enable output and thereby deliberately control the instructions for which you want to have error evaluation. This gives you the following advantages: The performance increases with ENO disabled. Runtime errors do not cause the CPU to go to STOP when ENO is enabled. You can find additional information about using the EN/ENO mechanism in the individual programming languages (LAD, FBD, STL, SCL and GRAPH) here: AUTOHOTSPOT Procedure in STEP 7 TIA Portal Proceed as follows to activate the EN/ENO mechanism of an instruction: 1. In your program, right-click the instruction at which you want to activate the EN/ENO mechanism. 2. Select the "Generate ENO" command in the shortcut menu. The ENO value is generated for the instruction. Other instructions are inserted with the enable output. WinCC Advanced V14 System Manual, 10/2016 2059 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) The tables below list the instructions for which ENO enable output can be enabled: Basic instructions Math functions ADD, SUB, MUL, DIV, MOD, INC, DEC, ABS, NEG, SQR, SQRT, LN, EXP, SIN, COS, TAN, ASIN, ACOS, ATAN, FRAC, EXPT, MIN, MAX, LIMIT, CALCULATE Move operations MOVE, SWAP, MOVE_BLK, UMOVE_BLK, FILL_BLK, UFILL_BLK, MOVE_BLK_VARIANT Conversion operations CONVERT, ROUND, CEIL, TRUNC, FLOOR, NORM_X, SCALE_X Word logic operations AND, OR, XOR, INV, DECO, ENCO Shift and rotate SHR, SHL, ROR, ROL Extended instructions String + Char CONCAT, LEFT, RIGHT, MID, DELETE, INSERT, REPLACE, FIND, LEN, S_CONV Date and time T_CONV Programming example The following example shows you how to use instructions with the ENO enable output enabled and disabled: If you have activated the ENO enable output, for example with the SUB instruction, all subsequent instructions are also applied with an activated ENO enable output. If an arithmetic error occurs during the execution of the SUB instruction, the ADD instruction is not executed. The ENO enable output is disabled for the DIV instruction in the second branch. If a runtime error occurs during execution, the MUL instruction is executed anyway. See also Enabling and disabling the EN/ENO mechanism (Page 4668) 2060 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 11.2.2.2 Handle program execution errors (S7-1200, S7-1500) Error handling in the TIA Portal Various error scenarios can occur within the program code during runtime. These can involve, for example, an access error or an overflow in mathematical operations. If you do not catch such a runtime error using a program code sequence within your program, the CPU reacts as follows in the event of an error, depending on the model: CPU S7-1200: - The CPU remains in RUN mode and writes an entry to the diagnostics buffer. CPU S7-1500: - When a programming error occurs, the CPU goes to STOP mode and writes an entry to the diagnostics buffer. - With an I/O access error, the CPU remains in RUN mode and writes an entry to the diagnostics buffer. To be able to respond appropriately to possible errors, in addition to global error handling (for example, the use of the organization blocks "Programming error OB" or "I/O access error OB"), we recommend that you implement local error handling in your program (for example, use an EN/ENO mechanism, the parameters RET_VAL, STATUS and ERROR, or the instructions "GET_ERROR"/"GET_ERR_ID"). Note STL programming language In STL, you use the BR bit of the status word instead of the EN/ENO mechanism. Global error handling intervenes at the end of each program cycle, while local error handling is capable of intervening immediately after an error occurs. Note BR bit and EN/ENO mechanism as first indicator A first indicator for an error can be either the BR bit of the status word or the ENO enable output. If these return signal state "0", there is an error in the execution of the instruction. Signal state "1" indicates that there is no error and no further error analysis is necessary, except when a memory access error is involved. In this case, signal state "1" can also indicate an error. WinCC Advanced V14 System Manual, 10/2016 2061 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Options for local error handling The following options for local error handling of programming and access errors are available: Error handling method Validity Explanation EN/ENO mechanism S7-1200/15 You can use the ENO enable output to detect and handle runtime errors. Exe 00 cution of subsequent instructions depends on the signal state of this parameter. You can avoid program crashes by using the EN/ENO mechanism. The block status is passed on in the form of a Boolean tag. Output parameter RET_VAL S7-1200/15 Using the RET_VAL parameter as the return value of system functions (SFCs). 00 you can display general error codes that may relate to any instruction or specific error codes that apply only to the instruction at hand. A maximum of one tag of the data type INT or WORD can be output. This error handling method is suit able for querying a communication error or incorrect data access, for example. You can find more information on the error codes in the Siemens Industry On line Support under the following FAQ ID: 770453 (http:// support.automation.siemens.com/WW/llisapi.dll?aktprim=0&lang=en&referer= %2fWW %2f&func=cslib.csinfo&siteid=csius&groupid=4000002&extranet=standard&vi ewreg=WW&nodeid0=10805384&objaction=csopen) Output parameters STATUS and ERROR S7-1200/15 Using the STATUS and ERROR parameters as return values of system func 00 tion blocks (SFBs), you can query device-specific error information. The error information is output in a pre-defined structure. Instructions "GET_ERROR" and "GET_ERR_ID" S7-1200/15 The instructions give you the opportunity to obtain an error ID or detailed error 00 information. You can use the error information for an access error, for example, to determine the parameter that caused the access error. In order for the in structions to output the required error information, they must be programmed in the user program for each individual block from which potential errors are to be evaluated. This option is ideal especially for custom libraries with error han dling. If you work with the "GET_ERROR" or "GET_ERR_ID" instructions, no error OB is called and there is no entry in the diagnostics buffer. With this method of error handling, you actively intervene in the program sequence when an error occurs. BR bit of the status word S7-1200/15 Using the BR bit of the status word, you can determine whether an error oc 00 curred when the instruction was executed. (BR bit = "0" => An error has occur red; BR bit = "1" => No error has occurred) WARNING Output parameter RET_VAL When errors occur in the supply of the input parameters during the execution of the instruction that contains the RET_VAL parameter, an invalid error code is output at the RET_VAL parameter and the output parameters of the instruction cannot be evaluated. Example The above-mentioned local error handling options can be programmed individually or in combination with one another. To ensure that each error scenario that can occur within your program is recognized, we recommend a combination of local error handling options, as shown in the example below. 2062 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) For a more precise error analysis, in addition to the RET_VAL output parameter you can also use the instructions "GET_ERROR" or "GET_ERR_ID". These options provide you with error codes, the detailed explanations of which are available in the descriptions of the respective instructions. There are also error scenarios in which the RET_VAL output parameter does not output a valid error code. If an access error occurs while reading an input parameter, for example, the outputs of the instruction are no longer written, because the execution of the instruction is interrupted. In this case, we recommend that you integrate the two instructions "GET_ERROR" and "GET_ERR_ID" in your program because they provide reliable error information even when this type of error occurs. WARNING Access error when reading an input parameter The RET_VAL parameter does not return a valid error code and no detailed error information is output to the diagnostics buffer. The following example shows you how you can recognize an access error when reading an input parameter: WinCC Advanced V14 System Manual, 10/2016 2063 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 2064 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) In network 1, the instruction "MOVE_BLK_VARIANT": Move block" is called. The "SrcField" source area is accessed at the SRC parameter using a variable index. If no errors occur during the execution of the instruction, the ENO enable output returns signal state "1", and program execution jumps to network 4 and continues there. If an access error occurs during the execution of the instruction, for example, due to the variable index, the instruction "GET_ERR_ID: Get error ID locally" in network 2 returns an error ID. The comparison of the error ID for "UNEQUALS" with the value "0" in network 2 returns the result #Test2 = TRUE. The comparison of the error ID for "EQUALS" with the value "0" in network 3 returns the result #Test3 = TRUE. The #TagRet_Val operand at the RET_VAL output parameter returns no valid error code in this case. Exceptions There are some instructions, however, for which you cannot program the error handling as described in the example above. This includes the following instructions: Instructions which generally do not have an EN/ENO mechanism Instructions in which the ENO was disabled S_COMP PEEK, PEEK_BOOL, POKE, POKE_BOOL and POKE_BLK The BR bit or the ENO enable output is set to TRUE in these instructions even if it may result in an access error. The following example shows you how to program reliable error handling in the STL programming language: STL Explanation SET // The operand #Tag_ErrorID is initialized with "0". L 0 T #Tag_ErrorID CALL S_COMP WinCC Advanced V14 System Manual, 10/2016 // The instruction is called. 2065 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) STL Explanation src_type := String // Data type of the parameters IN1 and IN2 relation := EQ // The comparison type of the instruction IN1 := #StringArray.THIS[#index] // Variable access to the ARRAY component. IN2 := 'STRING' // The two values are compared with each other. OUT := #TagResult // If both values are identical, the operand #TagResult receives the signal state "1". A BR // The BR bit is queried. CALL GET_ERR_ID // The instruction is called. RET_VAL := #Tag_ErrorID // The instruction outputs an error code in the case of an access error. Even if the RLO bit has signal state "1", the access error is detected. You can query the error code via the evaluation of the #Tag_ErrorID operand of the instruction "GET_ERR_ID": Get error ID locally". See also GET_ERROR: Get error locally (Page 2686) GET_ERR_ID: Get error ID locally (Page 2690) Parameter STATUS (Page 3475) 11.2.3 Reliable addressing (S7-1200, S7-1500) 11.2.3.1 Symbolic addressing (S7-1200, S7-1500) Advantages of symbolic addressing The use of universally applied and meaningful symbols in the overall project makes the program code easier to read and understand. This gives you the following advantages: You do not have to write detailed comments. Data access is faster. No errors occur when accessing data. You no longer have to work with absolute addresses. The assignment of the symbol to the memory address is monitored by STEP 7, which means all points of use are automatically updated when the name or the address of a tag changes. 2066 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming in STEP 7 V5.x STEP 7 V5.x already gave you the option to write a program that is easier to read by using descriptive names for operands and blocks. You did this by assigning the symbolic operands to memory addresses and blocks in the symbol table. In order for a change in the symbolism to also have an affect on the program code in the program editor, you had to use the "Operand priority" property to specify whether the symbol or the absolute value had priority. The use of symbolic addressing allowed you to create a program with greater clarity. However, in some cases, such as when programming with user-defined data types (UDT), this could impair performance. You could increase the performance by ignoring the symbolism in the UDT and using absolute addressing. This made it necessary, however, to know the data storage. Changes to the UDT were not automatically updated. Using absolute addressing, you could also access parts of a tag and edit these. The disadvantage of exclusively absolute addressing, however, was that the program code became cluttered after a certain level and you had to insert additional comments for better orientation. Procedure in STEP 7 TIA Portal The S7-1500 CPU offers much higher performance than the S7-300/400 CPUs. To make full use of this high performance, we recommend that you enable optimized block access for all blocks and use symbolic addressing in the program code. The program editor helps you work with symbols through context-sensitive input help, for example, auto-completion. Using it, you can easily access existing tags or instructions during programming. WinCC Advanced V14 System Manual, 10/2016 2067 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming example The following example shows you how to symbolically access individual elements: You can use the tag names that you have defined in the block interface directly at the parameters of the TON instruction without knowing the absolute address of the tags. See also Using autocompletion (Page 4477) 11.2.3.2 Addressing with Slice access (S7-1200, S7-1500) Symbolically accessing tags of Bit string data type, bit by bit, byte by byte, word by word and double word by double word You have the option to specifically address areas within declared tags. You can access areas of the 1-bit, 8-bit, 16-bit, or 32-bit width. The allocation of a memory area (e.g., BYTE or WORD) to a small memory area (e.g., BOOL) is also referred to as "Slice". You can find additional information on the syntax of slice access under "See also". 2068 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming example You can find a detailed example in the Siemens Industry Online Support under the following FAQ ID: 57374718 (http://support.automation.siemens.com/WW/llisapi.dll? aktprim=0&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&Datakey=47071380&extranet=standard&groupid=4000 002&viewreg=WW&nodeid0=29156492&objaction=csopen) 11.2.3.3 Indirect addressing of ARRAY elements (S7-1200, S7-1500) Implementing ARRAY access in TIA Portal with a variable index It is advisable to use an ARRAY when you want to process assembled data of the same data type. For addressing ARRAY elements, you can specify either constants or tags of the integer data type as index. Integers with lengths of up to 32 bits are allowed here. With indirect addressing using a tag, the index is only calculated during program runtime. You can, for example, use a different index for each cycle in program loops. You can also access an ARRAY within a PLC data type (UDT). This gives you the following advantages: No addressing is necessary with address registers or with self-assembled pointers, for example, an ANY pointer. More flexibility within your program. The variable index is available in all STEP 7 programming languages. It uses the existing names of data blocks and ARRAY tags (symbolic addressing). This improves readability of the program code. The start address of the ARRAY does not have to be known. The program code is easier to create and the compiler generates optimized program code. Procedure in STEP 7 V5.x In STEP 7 V5.x, you had to use an address register with the help of a self-configured POINTER for indirect addressing of ARRAY elements. The following aspects had to be taken into consideration for this: The name of the ARRAY was not used. This reduced the readability of the program code and make additional comments necessary. The start address of the ARRAY had to be known to perform the addressing. The SCL programming language already supported indirect addressing with variable index. WinCC Advanced V14 System Manual, 10/2016 2069 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming example in STEP 7 V5.x The "Data_classic" data block is required for the following STL example. To address an element of the "Quantities" ARRAY, the following commands must be used: STL Explanation OPN "Data_classic" // The "Data_classic" data block is called. L #index // The value of the local tag #index is loaded into accumulator 1. SLD 3 // Move bits 0 to 31 of accumulator 1 by 3 positions to the left. // Fill the now empty bit places with zeros. LAR1 // Load address register 1 with contents of accumulator 1. L DBW [AR1, P#10.0] // Load the ARRAY element addressed with #index into accumulator 1. // P#10.0 = Start address of the array Programming example in STEP 7 TIA Portal In the example below, you see the indirect addressing of an ARRAY element in STL in the TIA Portal. Create a global data block for this purpose: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_Quantities". 4. Select the type of the data block "ARRAY DB". 5. Select the "DINT" data type as ARRAY data type. 2070 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 6. Specify "10" as high ARRAY limit. 7. Click "OK". 1. Create a function block and name it "FB_Quantities". 2. Declare the block interface as follows: WinCC Advanced V14 System Manual, 10/2016 2071 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 3. Write the following program code: You need just one more program line for addressing an ARRAY element in the TIA Portal. The value of the ARRAY element #index is loaded directly from the data block into accumulator 1. 4. Call the "FB_Quantities" function block in OB1 and assign it an index between 0 - 10: Note the following to get the best performance: Declare tags that are used as an ARRAY index as an integer of less than or equal to 32 bits. Store intermediate results and ARRAY indexes in the temporary local data area. See also ARRAY (Page 2177) ARRAY (Page 2177) 11.2.3.4 Addressing tags indirectly (S7-1200, S7-1500) Implementing tag access with variable index Using a variable index, you can access tags that have different data types and are located in different areas. For addressing, you can specify either constants or tags of the integer data type as index. Integers with lengths of up to 32 bits are allowed here. With indirect addressing using a tag, the index is only calculated during program runtime. You can, for example, use a different index for each cycle in program loops. 2072 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) This gives you the following advantages: No addressing is necessary with address registers or with self-assembled pointers, for example, an ANY pointer. More flexibility within your program. The variable index is available in all STEP 7 programming languages. The existing names of data blocks and tags are used (symbolic addressing). This improves readability of the program code. The start address does not need to be known. The program code is easier to create and the compiler generates optimized program code. 1. Programming example In the example below, you use the index to access three tags from different memory areas. Access list of the three tags, each of which is assigned to an index: Index Accessing tag Memory area 1 Input_WORD_0 IW 0 2 "Processdata".Temperature DB 1 3 Output_WORD_4 QW 4 Declare the following two tags in the "Default tag table": Create a global data block: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_Processdata". 4. Select "Global DB" as the type of the data block. 5. Click "OK". 6. Declare the data block element "Temperature": WinCC Advanced V14 System Manual, 10/2016 2073 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Declare indirect access using an index within a function. 1. Create an SCL function and name it "FB_AccessGroupInt". 2. Declare the block interface as follows: 3. Write the following program code: 4. Call the "FC_AccessGroupInt" function in OB1: Depending on which number (1, 2 or 3) you specify at the Index parameter, the first, second or third case of the "FC_AccessGroupInt" instruction is executed. 2. Programming example In the example below, you use the index to access three different optimized data blocks. 2074 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Since all data blocks should contain the same tags, you can use a PLC data type (UDT) in this case. 1. To create a PLC data type, double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Rename the PLC data type to "UDT_SiloContents". 3. Declare the following lines within the PLC data type: MyBool > Data type: BOOL MyInt > Data type: INT MyWord > Data type: WORD Create three global data blocks. 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the names "DB_SiloWater", "DB_SiloSugar" and "DB_SiloMilk". WinCC Advanced V14 System Manual, 10/2016 2075 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 4. Select the data blocks "UDT_SiloContents" as the type of the data blocks. 5. Click "OK". Create a function to read the values of the data block tags and to write these to a PLC data type. 1. Create an SCL function and name it "FC_AccessGroupSiloRead". 2. Declare the block interface as follows: 2076 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 3. Write the following program code: 4. Call the "FC_AccessGroupSiloRead" function in OB1: Depending on which number (1, 2 or 3) you specify at the Index parameter, the first, second or third case of the "FC_AccessGroupSiloRead" instruction is executed. Result With this procedure, the programming is comprehensible, as you can use cross-reference lists reliable, as you use only the previously defined memory areas applicable to both standard and optimized data areas WinCC Advanced V14 System Manual, 10/2016 2077 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 11.2.4 Handling specific data types (S7-1200, S7-1500) 11.2.4.1 Using the VARIANT data type (S7-1200, S7-1500) Overview of the VARIANT data type (S7-1200, S7-1500) Introduction The VARIANT data type is a pointer or a reference to another data object. The data type VARIANT is typified, i.e., you can read out the data type of a referenced tag during program runtime. Using the data type VARIANT, you can above all create generic, standardized function blocks (FB) or functions (FC) for various data types. Various instructions in all programming languages are available to you for this purpose. During the creation of the program, you can specify which data types the block should be able to process. The VARIANT data type supports you here by allowing the interconnection of any tags. You can then react accordingly to their data types in the block. Each of the figures below shows you a section from the "Moving data" programming example. You can find the detailed program code under "See also". Application cases for pointers with an S7-1200/1500 CPU as compared to S7-300/400 The following table provides you with an overview of the various applications for pointers on a CPU of the S7-300/400 series (ANY pointer) and their solution with a CPU of the S7-1200/1500 series. In most applications, the use of a pointer is no longer required on a CPU of the S7-1200/1500 series. Instead, much simpler language resources are available. It is only advisable to use the VARIANT data type for indirect addressing, when the data types are only determined during the program runtime. 2078 What is the purpose of the ANY pointer? Recommendations in the TIA Portal (S7-1200/ S7-1500) Moving data of any source and destination data type in the program using the instruction "BLKMOV: Move block". Definition of tags within a PLC data type. You can use the instructions "Serialize" and "Deserialize" to move the tags. Initializing an ARRAY structure Using the instruction "FILL_BLK: Fill block", you initialize or fill an ARRAY structure. Moving ARRAY elements Using the instruction "MOVE_BLK: Move block". you move the content of multiple elements of an ARRAY structure to another ARRAY structure. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) What is the purpose of the ANY pointer? Recommendations in the TIA Portal (S7-1200/ S7-1500) Memory and performance optimization using struc Use the InOut section in the block interface to op tured data timize memory and performance. You can find additional information in the "Pro gramming Guideline for S7-1200/1500" under the following link Programming Guideline for S7-1200/1500 (http:// support.automation.siemens.com/WW/llisapi.dll? aktprim=4&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&groupid=400 0002&extranet=standard&viewreg=WW&nodeid4 =20229695&objaction=csopen) Access to individual bits/bytes of a WORD Use the "slice access" Additional information is available here: Example of a slice access (http:// support.automation.siemens.com/WW/llisapi.dll? aktprim=0&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&groupid=400 0002&extranet=standard&viewreg=WW&nodeid0 =29156492&objaction=csopen) WinCC Advanced V14 System Manual, 10/2016 Determination of the length of structures or data blocks Use an ARRAY and read its length using the in struction "CountofElements: Get number of AR RAY elements. The instruction only works in con junction with the data type VARIANT. Indirect addressing You can use the VARIANT pointer for the indirect addressing of data types that will only be known during runtime. You can use the data type DB_ANY for indirect access to a data block. 2079 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Initializing the VARIANT data type Initialize the VARIANT data type by assigning a specific tag to the VARIANT block parameter at the block call. This forms a reference to the address of the passed tag. To do this, create a block parameter of the VARIANT data type in the block interface. In the following example, these are the two block parameters SourceArray and DestinationArray in the section InOut. Note Direct passing of a tag to a VARIANT tag is not possible, such as myVARIANT := #Variable Passing various data types In the following example, you see how the VARIANT block parameter can be initialized with different tags when a generic, standardized function is called multiple times: The "FC_PartialArrayCopy" function is called twice. The VARIANT parameter SourceArray is interconnected with an ARRAY of "my_struct" with the left call. The VARIANT parameter SourceArray is interconnected with an ARRAY of REAL with the right call. 2080 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Reading out and checking data types Various comparison instructions are available to you to read out the data type of a tag or an element and compare it with data types of other tags or elements. In the figure below, you see the usage of multiple comparison instructions to check whether the elements of the ARRAYs have the same data type: The MOVE_BLK_VARIANT instruction is only executed if the data types of the ARRAY elements are the same. See also ANY (Page 2188) VARIANT (Page 2191) TypeOf: Check data type of a VARIANT tag (Page 3109) TypeOfElements: Check data type of an ARRAY element of a VARIANT tag (Page 3110) IS_ARRAY: Check for ARRAY (Page 3111) Programming example: Moving data (Page 2085) VARIANT instructions (S7-1200, S7-1500) VARIANT instructions The following instructions for working with VARIANT are available to you in the TIA Portal: Basic instructions Category Instruction Description Comparator operations EQ_Type Compare data type for EQUAL with the data type of a tag NE_Type Compare data type for UNEQUAL with the data type of a tag EQ_ElemType Compare data type of an ARRAY element for EQUAL with the data type of a tag NE_ElemType Compare data type of an ARRAY element for UNEQUAL with the data type of a tag IS_NULL Query for EQUALS ZERO pointer NOT_NULL Query for UNEQUALS ZERO pointer IS_ARRAY Check for ARRAY TypeOf Check data type of a VARIANT tag TypeOfElements Check element data type of a VARIANT tag WinCC Advanced V14 System Manual, 10/2016 2081 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Basic instructions Category Instruction Description Move operations MOVE_BLK_VAR IANT Move block VariantGet Read out VARIANT tag value VariantPut Write VARIANT tag value CountOfElements Get number of ARRAY elements Conversion operations VAR Convert VARIANT to DB_ANY IANT_TO_DB_AN Y DB_ANY_TO_VA RIANT Convert DB_ANY to VARIANT Note Differences between MOVE, MOVE_BLK and MOVE_BLK_VARIANT You can use the "MOVE" instruction to copy complete structures. You can use the "MOVE_BLK" instruction to move parts of ARRAYs with known data type. The MOVE_BLK_VARIANT instruction is only required if you want to move parts of ARRAYs with a data type that is only known during program runtime. You can find additional information on the individual instructions in the information system under "Basic instructions > Respective programming language". You can also find additional instructions which also work with the VARIANT data type under the "Extended instructions". See also VARIANT (Page 2191) Indirect addressing with the VARIANT data type (http://support.automation.siemens.com/WW/ llisapi.dll?aktprim=0&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&groupid=4000002&extranet=standard&viewreg=WW&n odeid0=29156492&objaction=csopen) Using VARIANT instructions (S7-1200, S7-1500) Introduction In the following chapter, you will learn which application options you have with VARIANT instructions. 2082 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Evaluating data types of tags to which a VARIANT points In the table below, you see which instructions are available to you to evaluate data types of tags to which a VARIANT points: Function Instruction Description To determine the data type TypeOf(): Check data type of a VARIANT tag You use this instruction to compare the data type to which a VARIANT tag points with the data type of any other tag. You can also make the comparison with a PLC data type. (This instruction is available only in SCL and only in conjunction with an IF instruction.) TypeOfElements(): Check element data type of a VARIANT tag (This instruction is available only in SCL and only in conjunction with an IF instruction.) EQ_Type: Compare data type for EQUAL with the data type of a tag NE_Type: Compare data type for UNEQUAL with the data type of a tag EQ_ElemType: Compare element data type for EQUAL with the data type of a tag NE_ElemType: Compare element data type for UNEQUAL with the data type of a tag To evaluate AR RAY elements IS_ARRAY: Check for ARRAY You use this instruction to compare the data type to which a VARIANT tag points with the data type of any other tag. You can also make the comparison with a PLC data type. If the data type of the VARIANT tag is an ARRAY, the data type of the ARRAY elements is compared. You use this instruction to compare the data type to which a VARIANT tag points with the data type of any other tag. You can also make the comparison with a PLC data type. You use this instruction to compare the data type to which a VARIANT tag points with the data type of any other tag. You can also make the comparison with a PLC data type. If the data type of the VARIANT tag is an ARRAY, the data type of the ARRAY elements is compared. You use this instruction to check whether the data type to which a VARIANT tag points is an ARRAY. CountOfElements: Get number of ARRAY ele You use this instruction to read out how many ARRAY ments elements the tag has to which the VARIANT tag points. You can find additional information on the individual instructions in the information system under "Basic instructions > Respective programming language". Reading data to which a VARIANT points To be able to use the data you must move this data to a tag as an intermediate step, as it cannot be processed directly. Instruction Description Example VARIANT points to VariantGet: Read out VARIANT tag value WinCC Advanced V14 System Manual, 10/2016 You use this instruction to move UDT_1 the value of a single tag to anoth REAL er tag. The data types of both DINT tags must match. Result Destination da ta type UDT_1 REAL DWORD The instruction is executed The instruction is not executed. 2083 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Assigning data to a VARIANT tag You cannot use the instruction to initialize VARIANT tags. The VARIANT tags must therefore already be initialized when the data is returned to the tag. Do not use uninitialized temporary VARIANT tags. Instruction Description Example Source data type VariantPut: Write VARIANT tag value You use this instruction to move UDT_1 the value of a single tag to anoth REAL er tag. The data types of both DINT tags must match. Result VARIANT points to: UDT_1 REAL DWORD The instruction is executed The instruction will not be executed, as the data types are different. Processing dynamic ARRAY structures To evaluate AR RAY elements TypeOfElements(): Check data type of an AR You use this instruction to compare the data type to RAY element of a VARIANT tag which a VARIANT tag points with the data type of any other tag. You can also make the comparison with a (This instruction is available only in SCL and PLC data type. If the data type of the VARIANT tag is only in conjunction with an IF instruction.) an ARRAY, the data type of the ARRAY elements is compared. IS_ARRAY: Check for ARRAY You use this instruction to check whether the data type to which a VARIANT tag points is an ARRAY. CountOfElements: Get number of ARRAY ele You use this instruction to read out how many ARRAY ments elements the tag has to which the VARIANT tag points. MOVE_BLK_VARIANT: Move block This instruction is used to move dynamic and type-safe (integrated type test) ARRAYs. You can freely select the limit values for the source and destination AR RAYs. The data types of ARRAY elements must match. Note Differences between MOVE, MOVE_BLK and MOVE_BLK_VARIANT You can use the "MOVE" instruction to copy complete structures. You can use the "MOVE_BLK" instruction to move parts of ARRAYs with known data type. The MOVE_BLK_VARIANT instruction is only required if you want to move parts of ARRAYs with a data type that is only known during program runtime. Additional information on the use of the MOVE_BLK_VARIANT instruction can be found in the "Moving data" programming example. See also VARIANT (Page 2191) Programming example: Moving data (Page 2085) 2084 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming examples with VARIANT (S7-1200, S7-1500) Programming example: Moving data (S7-1200, S7-1500) Programming example In this programming example, data values, which are collected for example during a production shift, are moved for further processing. The data is collected in an ARRAY. Using the "MOVE_BLK_VARIANT instruction: Move block", you can move either the entire ARRAY or only individual ARRAY elements dynamically and type-safe. You can freely select the ARRAY limits for the respective source and destination ARRAYs and these do not have to match. However, the data type of the data values that are to be moved must match. This instruction is available in all programming languages. By using the VARIANT data type, you can use the created program code to move data for other production shifts as well, by specifying a different source and destination area at the block call. Procedure 1. Create a function using the SCL programming language and give it the name "FC_PartialArrayCopy". 2. Declare the block interface as follows: WinCC Advanced V14 System Manual, 10/2016 2085 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 3. Create the SCL program code as follows: You can find the program code below as template. 4. Create the PLC data type "UDT_MyStruct": 5. Create the global data block "DB_WithArrays": 2086 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 6. Call the "FC_PartialArrayCopy" function in an organization block, for example OB1, and initialize the parameters with the DB_WithArrays data block. Enter the named constants: 7. Instead of using the first two ARRAYs, which have the data type UDT_MyStruct, you can also use the third and fourth ARRAY, which have the data type REAL: Result As soon as the "FC_PartialArrayCopy" block is called in the program cycle, two data values, starting with the fourth element, are copied from the first ARRAY of the "DB_WithArrays" global data block to the second ARRAY of the data block. The copied data values are inserted in the second ARRAY, starting from the fourth element. WinCC Advanced V14 System Manual, 10/2016 2087 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) SCL program code for copying: SCL IF IS_ARRAY(#SourceArray) AND TypeOfElements(#SourceArray) = TypeOfElements(#DestinationArray) THEN #Error := MOVE_BLK_VARIANT(COUNT := #Count, SRC := #SourceArray, SRC_INDEX := #SourceIndex, DEST => #DestinationArray, DEST_INDEX := #DestinationIndex); END_IF; #FC_PartialArrayCopy := #Error; See also VARIANT (Page 2191) Programming example: Programming queues (FIFO) (S7-1200, S7-1500) Programming example In the following example, you program a ring buffer which consists of an ARRAY and is written and read according to the FIFO principle. The program code has a read-VARIANT pointer and a write-VARIANT pointer. Using the VARIANT instructions, you can program the program code robustly and ensure reliable copying or deleting. Using the VARIANT data type, program sections can be influenced during runtime. The VARIANT pointer is a type-safe pointer, i.e. a type test is performed during runtime. For blocks that have been created with the block property "optimized", sub-functions that were previously programmed with an ANY pointer can now be resolved with a VARIANT pointer. The VARIANT data type is used to transfer structures to system function blocks. 2088 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Procedure 1. Create an SCL function block and name it "FIFOQueue". 2. Declare the block interface as follows: Declaration Parameters Data type Comment Input request BOOL The instruction is execu ted when a positive signal edge is detected at the "re quest" parameter. mode BOOL 0 = The first entry in the ring buffer is returned. 1 = An entry is written at the last position in the ring buffer. initialValue VARIANT Value with which the AR RAY of the ring buffer is in itialized. Output error INT Error information InOut item VARIANT The entry that is either re turned from the ring buffer or written to the ring buffer. buffer VARIANT An ARRAY that is used as a ring buffer. edgeupm BOOL Edge memory bit in which the RLO of the previous query is saved. firstItemIndex INT Index of the oldest entry in the ring buffer nextEmptyItemIn dex INT Index of the next free entry in the ring buffer edgeup BOOL Result of edge evaluation internalError INT Error information newFirstItemIndex INT Variable index newNextEmptyIte mIndex INT Variable index bufferSize UDINT Number of ARRAY ele ments in the ring buffer Static Temp 3. Create the following program code in the "FIFOQueue" function block: (* This program code section is only executed once after a positive signal edge. If there is no change in the signal state of the result of logic operation, the program processing of the "FIFOQueue" FB is terminated. *) #edgeup := #request & NOT #edgeupm; #edgeupm := #request; IF NOT (#edgeup) THEN RETURN; END_IF; WinCC Advanced V14 System Manual, 10/2016 2089 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) // ------Validation of whether all parameter inputs are valid.---(* This program code section checks whether the ring buffer is an ARRAY. If so, the number of the ARRAY elements is read out. If it is not an ARRAY, the program execution is terminated at this point and the error code "-10" is output. *) IF NOT (IS_ARRAY(#buffer)) THEN #error := -10; RETURN; ELSE #bufferSize := CountofElements(#buffer); END_IF; (* This program code section checks whether the data type of the ARRAY elements matches the data type of the entry (tag #item). If the data types do not match, the program execution is terminated at this point and the error code "-11" is output. *) IF NOT (TypeOf(#item) = TypeOfElements(#buffer)) THEN #error := -11; RETURN; END_IF; (* This program code section checks whether the initial value of the ring buffer matches the entry (tag #item). If the data types do not match, the program execution is terminated at this point and the error code "-12" is output. *) IF NOT (TypeOf(#item) = TypeOf(#initialValue)) THEN #error := -12; RETURN; END_IF; (* This program code section checks whether the variable indices are within the ARRAY limits. If this is not the case, the program execution is terminated at this point and either error code "-20" or "-21" is output depending on the index. *) IF (#nextEmptyItemIndex >= #bufferSize) THEN #error := -20; RETURN; END_IF; IF (#firstItemIndex >= #bufferSize) THEN #error := -21; RETURN; END_IF; 2090 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) //-----------Program code execution, depending on the Mode parameter------------// The execution of the instructions depends on the signal state of the Mode parameter. IF #mode = 0 THEN // If the Mode parameter has the signal state "0", the first entry from the passed ring buffer is returned. (* This program code section checks whether the ring buffer is empty. If this is the case, program execution is terminated at this point and the error code "-40" is output. *) IF (#firstItemIndex = -1) THEN #error := -40; RETURN; END_IF; // This program code section returns the first entry of the ring buffer. #internalError := MOVE_BLK_VARIANT(SRC := #buffer, COUNT := 1, SRC_INDEX := #firstItemIndex, DEST_INDEX := 0, DEST => #item); IF (#internalError = 0) THEN (* This program code section checks whether the ring buffer contains ARRAY elements. If it does, the first entry is passed on and the index is incremented by 1. *) #internalError := MOVE_BLK_VARIANT(SRC := #initialValue, COUNT := 1, SRC_INDEX := 0, DEST_INDEX := #firstItemIndex, DEST => #buffer); // This program code section calculates the new index of the first entry. #newFirstItemIndex := #firstItemIndex +1; #newFirstItemIndex := #newFirstItemIndex MOD UDINT_TO_INT(#bufferSize); // This program section checks whether the ring buffer is empty. IF (#nextEmptyItemIndex = #newFirstItemIndex) THEN // If the ring buffer is empty, the index is set to 0. #firstItemIndex := -1; #nextEmptyItemIndex := 0; ELSE // The index of the first entry is changed. #firstItemIndex := #newFirstItemIndex; WinCC Advanced V14 System Manual, 10/2016 2091 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) END_IF; END_IF; ELSE // If the Mode parameter has the signal state "1", the entry is written to the passed ring buffer. (* This program code section checks whether the ring buffer is full. If this is the case, program execution is terminated at this point and the error code "-50" is output. *) IF (#nextEmptyItemIndex = #firstItemIndex) THEN #error := -50; RETURN; END_IF; // This program code section writes the entry to the ring buffer. #internalError := MOVE_BLK_VARIANT(SRC := #item, COUNT := 1, SRC_INDEX := 0, DEST_INDEX := #nextEmptyItemIndex, DEST => #buffer); IF (#internalError = 0) THEN // This program code section increments the index by 1 and calculates the new empty entry index. #newNextEmptyItemIndex := #nextEmptyItemIndex +1; #newNextEmptyItemIndex := #newNextEmptyItemIndex MOD #bufferSize; #nextEmptyItemIndex := #newNextEmptyItemIndex; (* This program code section checks which index the "#firstItemIndex" tag has. If the number = -1, the ring buffer is initialized and the entry is written to the ring buffer. This is why the tag value "0" must be assigned. *) IF (#firstItemIndex = -1) THEN #firstItemIndex := 0; END_IF; END_IF; END_IF; //-------------------------Local error handling---------------------------(* This program code section checks whether a local error has occurred. If this is the case, program execution is terminated at this point and the error code "-100" is output. *) IF (#internalError > 0) THEN #error := -100; RETURN; 2092 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) END_IF; // If no error occurred during program execution, the error code "0" is output. #error := 0; Result Call the SCL function block at the position in your program at which the FIFO queue is to run. 11.2.4.2 Using the DB_ANY data type (S7-1200, S7-1500) Using the DB_ANY data type (S7-1200/1500) The DB_ANY data type is used to identify any data block. For CPUs of the S7-1200/1500 series, you have the option of accessing a data block that is not yet available during programming. For this purpose, create a block parameter of the DB_ANY data type in the block interface of the accessing block. The data block name or a tag of data type DB_ANY which was previously assigned to the data block name is transferred to this parameter during runtime. You can symbolically process the content of a data block by means of the following instructions: VARIANT_TO_DB_ANY: Convert VARIANT to DB_ANY DB_ANY_TO_VARIANT: Convert DB_ANY to VARIANT For more information about the instructions, refer to "Basic instructions > LAD/FBD/STL/SCL > Conversion operations > VARIANT". The advantage of this procedure: You can create the program code before you know which data block will be processed. Programming example The following example shows you how to use the DB_ANY data type: A punching machine can punch out a variety of geometric shapes. The punching jobs are transferred to the machine and there are specific job data for each individual job. The job data differ in their job type as well as in their values. WinCC Advanced V14 System Manual, 10/2016 2093 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Procedure - Creating the PLC data types In the first job, a round hole is to be punched out of a piece of sheet metal. For the punching machine to be able to execute this job, it needs the center point coordinates and the radius of the hole. You can transfer these job data to the punching machine collectively in a PLC data type (UDT). 8'7B+ROH < 5DGLXV 0 ; Create the PLC data type "UDT_Hole" to transfer the job data: 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare the following lines within the PLC data type: X-coordinate > REAL Y-coordinate > REAL Radius > REAL A rectangle is to be punched out of a piece of sheet metal in the second job. For this job, you need two coordinates which define the upper left-hand point and the bottom right-hand point of the rectangle. You can transfer these job data to the punching machine collectively in the PLC data type "UDT_RectangleWindowStatic". 2094 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 8'7B5HFWDQJOH:LQGRZ6WDWLF < % $ ; Create the PLC data type "UDT_RectangleWindowStatic": 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare the following lines within the PLC data type: X1-coordinate > REAL Y1-coordinate > REAL X2-coordinate > REAL Y2-coordinate > REAL The job data of the "UDT_RectangleWindowStatic" can only be used to punch out rectangles whose edges are aligned parallel to the x and y axis. If you want to punch out a rectangle with different alignment, i.e., not parallel to the x and y axis, you need an additional PLC data type. In it, you can specify the height and width, for example, as well as the alignment of the rectangle to the x axis by means of an angle. WinCC Advanced V14 System Manual, 10/2016 2095 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 8'7B5HFWDQJOH:LQGRZ)OH[LEOH < GW K +H L JK W :L 0 ; Create the PLC data type "UDT_RectangleWindowFlexible": 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare the following lines within the PLC data type: X-coordinate > REAL Y-coordinate > REAL Height > REAL Width > REAL Angle > REAL The x and y coordinates specify the center of the rectangle. 2096 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Procedure - Creating the data blocks In the next section, you will learn how to transfer simple geometric shapes whose job data you have defined in the PLC data types to the punching machine. The punch jobs are broken down into individual punches in the program code; these punches are then executed consecutively by the punching machine. The punching machine has a cross table on which a sheet metal has been firmly clamped. You can move a cross table along the x and/or y axis just as in a coordinate system. The cross table is moved by two motors. The tool has different dies to punch out shapes from the sheet metal, such as circles and rectangles of different sizes. The tool can also be rotated by up to 90 degrees to cut out rectangles at different alignments. You now use the PLC data types to create a data block. The data block then includes the specific values, for example, for a hole. Create the data block "DB_OrderHole": 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_OrderHole". 4. Select "Global-DB" as the type of the data block. 5. Click "OK". Create the following tag in the data block and enter the corresponding start values: To manufacture a specific sheet metal part such as the side panel of a control cabinet, for example, the necessary geometric shapes are loaded to the punching machine. For this purpose, you need to create another data block which includes a list of data blocks. Create the data block "DB_OrderList": 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_OrderList". 4. Select "Global-DB" as the type of the data block. 5. Click "OK". WinCC Advanced V14 System Manual, 10/2016 2097 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Create the following job list in the data block: Procedure - Creating the program code The punching machine should now start processing the jobs. If it is already processing the jobs, it should get the next job from the job list and prepare it. 1. Create an SCL function block. 2. Double-click the "Add new block" command. The "Add new block" dialog box opens. 3. Click the "Function block (FB)" button. 4. Specify the name "FB_PickNextOrder". 2098 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 5. Declare the block interface as follows: 6. Write the following program code: The next job on the list is prepared by breaking down the current punch job into individual punches. The punching machine must be able to recognize which punch job it is processing. 1. Create an SCL function. 2. Double-click the "Add new block" command. The "Add new block" dialog box opens. 3. Click the "Function (FC)" button. 4. Specify the name "FC_PrepareOrder". WinCC Advanced V14 System Manual, 10/2016 2099 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 5. Declare the block interface as follows: 6. Write the following program code. The calls of the three functions are not yet given a red underline because they still have to be created. The "VariantGet" instruction copies the information from the #a tag to the #Hole tag. 2100 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) In the following section, you create the functions "FC_PrepareHole" and "FC_PrepareWindowStatic". A separate function is created for each job type. The punch jobs are broken down into individual punches here and collected in an ARRAY. 1. Create a PLC data type. 2. Double-click the "Add new data type" command under "PLC data types". A new PLC data type with the name "UserDataType_x" is created. 3. Rename the PLC data type to "UDT_Punch". 4. Declare the following lines within the PLC data type: Tool > DINT x > REAL y > REAL w > BOOL 5. Create the global data block "DB_PunchList": WinCC Advanced V14 System Manual, 10/2016 2101 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) To prepare the punch job for a hole, create an SCL function and name it "FC_PrepareHole". 1. Declare the block interface as follows: 2. Write the following program code: 2102 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) To prepare the punch job for a window, you need a function which combines four punch sequences into the punch job. Create an SCL function and name it "FC_PrepareWindowStatic". 1. Declare the block interface as follows: 2. Write the following program code: Call the SCL function block "FC_PrepareOrder" in the SCL function block "FB_PickNextOrder": WinCC Advanced V14 System Manual, 10/2016 2103 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Then, call the "FB_PickNextOrder" in OB1: Result This example shows you how to use the instruction "DB_ANY_TO_VARIANT: Convert DB_ANY to VARIANT" to determine the PLC data type of a data block and how to select and execute a suitable function based on this. 11.2.4.3 Using PLC data types (UDT) (S7-1200, S7-1500) Using a PLC data type PLC data types (UDT) are data structures that you define yourself and that can be used multiple times in the program. The structure can be composed of multiple elements of different data types. You define the data types of the individual elements during the declaration of a PLC data type. PLC data types are frequently used if an assembled data record with various data types is required and these are to be processed from different points in the program. For example, these could be: Data records for material tracking Parameter sets for a motor setting Recipes 2104 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) The use of PLC data types provides you with the following benefits: The elements of a PLC data type can also be addressed indirectly, which means the address is variable and is not calculated until during runtime. Tags based on a PLC data type inherit all properties of the PLC data type. When there is a change to the PLC data type, all tags based on this PLC data type are therefore adapted automatically. Using universal symbolism makes the program easier to read, because the names of the individual elements of a PLC data type are displayed in the program. Optimum utilization of the high performance of an S7-1500 CPU. The PLC data type can be passed as a complete structure for a block call. A simplified call interface due to a lower number of parameters to be supplied. Procedure in STEP 7 V5.x STEP 7 V5.x already gave you the option to create a data record as a structured tag using the STRUCT data type or a PLC data type (UDT). However, the performance was adversely affected by the use of symbolic addressing. The declaration in the data blocks was mostly implemented as an anonymous structure. The blocks themselves were then programmed to pass the values of the structure as actual parameters and the calculated values were copied back into the structure. This enabled you to also pass the data block number and use absolute addressing in the block. The number of parameters that you had to supply was often very large. The actual data was stored in the data blocks and the calculated values were passed to other blocks. However, no symbolism was available when passing the data block tags. Programming example in STEP 7 TIA Portal You can assign both a formula parameter and an actual parameter to a PLC data type. This means that you no longer have to declare individual parameters. If a block has an input parameter that is based on a PLC data type, you must transfer a tag of the same PLC data type as actual parameter. WinCC Advanced V14 System Manual, 10/2016 2105 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) The following example shows the call and the parameter assignment of a function block (FB) with two formal parameters: 1. To create a PLC data type, double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Rename the PLC data type to "UDT_Material". 3. Declare the following lines within the PLC data type: ArticleNumber > Data type: DINT ArticleName > Data type: STRING Amount > Data type: REAL Unit > Data type: STRING Use the PLC data type within a global data block. You can specify the PLC data type either directly as data type of the data block or within the data block as data type of a tag. Create a global data block for this purpose: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_MaterialBuffer". 4. Select the type of the data block "ARRAY DB". 5. Select the PLC data type "UDT_Material" as ARRAY data type. 2106 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 6. Specify "1000" as high ARRAY limit. 7. Click "OK". At the function block call, interconnect the formal parameters with tags from the global data block "DB_MaterialBuffer". 1. Create an SCL function block and name it "FB_Material". 2. Declare the block interface as follows: WinCC Advanced V14 System Manual, 10/2016 2107 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 3. Write the following program code: 4. Call the "FB_Material" function block in OB1 and interconnect the formal parameters with tags of the global data block "DB_MaterialBuffer": The material data are moved within the global data block "DB_MaterialBuffer". See also Other useful information regarding structured PLC tags (Page 4604) Creating structured PLC tags (Page 4606) PLC data types (UDT) (Page 2170) PLC data types (UDT) (Page 2170) 11.2.4.4 Calculating with floating-point numbers (REAL and LREAL) in SCL (S7-1200, S7-1500) Representation of the accuracy of floating-point numbers The data type REAL, for example, is specified and calculated in the program with an accuracy of 6 decimal places. For the calculation of floating-point numbers (REAL and LREAL), it should be noted that this accuracy applies in general to each individual step of the calculation. The exponents are adjusted when floating-point numbers are added and subtracted. The base and the exponents are thus equal during the addition and subtraction and only the mantissas 2108 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) are added. For additional information on the structure of floating-point numbers, refer to "See also". Programming example In the following programming example, you are to perform a calculation in which two operands of the data type REAL are to be added and one is to be subtracted. In the next step of the calculation, the constant 1 is divided by the previous result. To do this, create a global data block in which you declare your operands and a function in which you program the calculation operations. Calculation formulas y = a + b - c Z = 1/y The operands are stored with the following values: Operand Value REAL value a 100 000 000 1.000000*108 b 1 1.000000*100 c 100 000 000 1.000000*108 Procedure Create the data block "DB_GlobalData": 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_GlobalData". 4. Select "Global DB" as the type of the data block. 5. Click "OK". 6. Create the following tags in the data block and enter the corresponding start values: The start value of both tags is 100000000.0 and is converted into 1.0E+8 according to the data type REAL. WinCC Advanced V14 System Manual, 10/2016 2109 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Create an SCL function and name it "FC_Calculate". 1. Declare the block interface as follows: 2. Write the following formulas in your program code and establish an online connection to see the result: SCL #y := "DB_GlobalData".a + "DB_GlobalData".b - "DB_GlobalData".c; #z := 1/#y; As you can see, the result at the operand is #y = 0, even though the number 1 is actually expected as result. The incorrect result comes about as follows: 1. In the first step of the calculation, the operands a + b are added. The REAL values of the two operands (a = 1.000000*108 and b = 1.000000*100) look as follows after the exponents have been adjusted: a = 1.000000*108 and b = 0.00000001*108. The last two places of the second number (operand b) are truncated, as they can no longer be represented due to the accuracy of 6 decimal places. Therefore, a 0 instead of a 1 is added to the operand. 2. In the second calculation step, the operand C is subtracted from the result of the preceding calculation step (intermediate result = 1.000000*108 - c = 1.000000*108 is 0.000000e0). 3. If you now calculate the operand z in the next calculation step, you try to divide by zero. 2110 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 1. Possible solution To work around such cases, you can simply adjust your calculation formula. Write the formula as follows instead: Calculation formulas y = a - c + b Z = 1/y Since the result 0.000000e0 is available in this case after the first calculation step (operand a - c), the addition of the REAL number in the second calculation step (intermediate result + b) leads to the correct result (y = 0.000000*100*+ 1.000000*100 = 1.000000*100). We recommend that you check how the calculation can be made most effectively before you program a calculation. WinCC Advanced V14 System Manual, 10/2016 2111 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 2. Possible solution To calculate the above named formulas, use the LREAL data type instead of the REAL data type. Since the data type is processed with an accuracy of 15 decimal places, this problem does not even arise. 1. In the global data block "DB_GlobalData", create three new tags with the same values, each with the data type LREAL. 2. In the block interface of the FC "FC_Calculate", also declare two new tags with the data type LREAL. 3. Use the new LREAL tags for the formulas in your program code and establish an online connection to see the result. SCL #y_LREAL := "DB_GlobalData".a_LREAL + "DB_GlobalData".b_LREAL "DB_GlobalData".c_LREAL; #z_LREAL := 1/#y_LREAL; 2112 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) See also REAL (Page 2150) LREAL (Page 2151) Invalid floating-point numbers (Page 2152) 11.2.4.5 Calculating with constants in SCL (S7-1200, S7-1500) Interpretation of typed and non-typed constants Constants are data with a fixed value that cannot change during program runtime. Constants can be read by various program elements during the execution of the program but cannot be overwritten. There are defined notations for the value of a constant, depending on the data type and data format. A distinction is made between the typed and non-typed notation. We recommend that you do not mix typed and non-typed constants within mathematical functions as you may otherwise be faced with unwanted implicit conversions and thus end up with incorrect values. WinCC Advanced V14 System Manual, 10/2016 2113 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming example In the following programming example, you see a calculation operation with a typed and a nontyped constant. 1. Create an SCL function block and name it "FB_MathsFunctions". 2. Declare the "Variable_DINT" tag in the "Temp" section of the block interface. 3. Write the following program code: Variable_DINT := INT#1 +50000; In this math operation, the typed constant INT#1 and the non-typed constant 50000 are to be added. The non-typed constant 50000 is underlined in yellow in the software to indicate that the constant value is outside the permitted range of the data type INT. To see the result, go online. 1. Compile the SCL function block "FB_MathsFunctions" by right-clicking the command "Compile > Software (only changes)" to execute it. 2. Download the block with the command "Download to device > Software (only changes)". 3. Go online and monitor your block. The data type of the typed constant defines the data type of the addition. This means that the addition is performed in the data type area INT. In the first step, the non-typed constant 50000 is implicitly converted into the data type INT. However, the conversion leads to a negative value (-15536). This value is then added to the typed constant (INT#1). The result is -15535. Since the tag to which the result of the addition is to be written is declared with the data type DINT, the number -15535 is implicitly converted into the data type DINT and written to the tag "Variable_DINT". However, the result remains negative. 2114 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 1. Possible solution One option for avoiding this undesired result is to type both constants. If you type both constants, the longer data type determines the calculation operation. 1. Write the following program code in the "FB_MathsFunctions" SCL function block: In this calculation operation, the typed constant INT#1 and the typed constant DINT#50000 are to be added. To see the result, go online. 1. Compile the SCL function block "FB_MathsFunctions" by right-clicking the command "Compile > Software (only changes)" to execute it. 2. Download the block with the command "Download to device > Software (only changes)". 3. Go online and monitor your block. The constant INT#1 is converted into the DINT data type and the addition of the two constants is executed in the DINT data type area. 2. Possible solution Another option for avoiding this undesired result is not to type both constants. If you do not type both constants, these are then interpreted as the widest possible data type on the current CPU. This means that on an S7-1500 series CPU, the two constants are interpreted as LINT data type. 1. Write the following program code in the "FB_MathsFunctions" SCL function block: In this calculation operation, the non-typed constant 1 and the non-typed constant 50000 are to be added. WinCC Advanced V14 System Manual, 10/2016 2115 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) To see the result, go online. 1. Compile the SCL function block "FB_MathsFunctions" by right-clicking the command "Compile > Software (only changes)" to execute it. 2. Download the block with the command "Download to device > Software (only changes)". 3. Go online and monitor your block. The constants 1 and 50000 are interpreted as LINT data type and the result of the addition is again converted into the DINT data type. See also Overview of the valid data types (Page 2131) 11.2.5 Using MOVE instructions in STL (S7-1500) Possible applications You can now program with MOVE instructions in STL on an S7-1500 CPU. This gives you the following advantages: The program structure is easier to create. The performance of the CPU increases. Programming in STEP 7 V5.x In STEP 7 V5.x, you used the "BLKMOV: Move block" and "UBLKMOV: Move block uninterruptible" system functions to implement the MOVE functionality. Procedure in STEP 7 TIA Portal The following new MOVE instructions are available in STEP 7 TIA Portal: MOVE: Move value MOVE_BLK: Move block MOVE_BLK_VARIANT: Move block UMOVE_BLK: Move block uninterruptible You can find additional information on the new MOVE instructions under "See also". 2116 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming example The following example shows you how the "MOVE_BLK instruction works: Move block". An ARRAY block is copied into another ARRAY block: Using the MOVE_BLK instruction, ten elements from "Array_1" of the "Data_DB" data block are copied into "Array_2" of the same data block. WinCC Advanced V14 System Manual, 10/2016 2117 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 11.2.6 Using IEC timers and counters (S7-1200, S7-1500) Advantages of IEC timers and counters The universal use of IEC timers and counters makes your program code more efficient. This gives you the following advantages: The blocks can be called multiple times with newly generated instance data blocks. The IEC counters have a large counting range. Compared to S5 timers, IEC timers have better performance and greater time accuracy. Programming in STEP 7 V5.x The S5 timers and counters in STEP 7 V5.x were addressed absolutely via a number. Due to this dependency on numbers, program blocks were not reusable with S5 timers and counters. The value range of a timer was limited to 9990 seconds and that of a counter limited to a maximum of 999. Procedure in STEP 7 TIA Portal You declare IEC timers and counters in the program block where they are called or needed. The IEC timer is a structure of data type IEC_TIMER, IEC_LTIMER, or TON_TIME and TON_LTIME, for example, which you can also declare as a local tag in a block. The IEC counter is a structure of data type IEC_SCOUNTER, IEC_USCOUNTER, etc. 2118 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Programming examples in the TIA Portal The following example shows you how to declare an IEC timer and IEC counter as a local tag: The data of the TON IEC timer and the CTU IEC counter is stored as a local tag (multi-instance) in the block interface. WinCC Advanced V14 System Manual, 10/2016 2119 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) You also have the option to create IEC timers and IEC counters within structures as multiple instances and to use them in your program code. 1. To do this, for example, create a global data block with an ARRAY of TON. The data type TON does not appear in the drop-down list, but can be entered manually: 2. Create a function block and drag the instruction "TON: Generate on-delay" to a network. Call the instance of IEC timer TON as follows: Call of a timer as multi-instance If you want to use the IN parameter to start a timer as multi-instance, you must not initialize it beforehand in your program code. In this case, the timer called at the IN parameter no longer recognizes a positive signal edge and the timer is not started: 1. Create the timer "Time_1" as a multi-instance of the data type "TP_TIME" in the "Static" section of the block interface. 2. Write the following program code: 2120 STL Explanation A "Tag_Output" // When the "Tag_Output" output receives the signal state 1, WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) STL Explanation = #Time_1.IN // the IN parameter of the multi-instance timer #Timer_1 is initialized with a positive signal edge. CALL #Time_1 // When the multi-instance timer is now called and the IN parameter queried again, the timer is not started because there is no new positive signal edge. time_type := Time IN := "Tag_Output" PT := T#30s Q := "Tag_4" ET := "Tag_ElapsedTime" // Enter TIME as data type of the instruction. This is why you must program the initialization of the multi-instance timer within the call. STL Explanation CALL #Time_1 // The timer is called and started. time_type := Time IN := "Tag_Output" PT := T#30s // Enter TIME as data type of the instruction. Q := "Tag_4" ET := "Tag_ElapsedTime" See also Calling IEC timers (Page 3058) Calling IEC counters (Page 3090) Timers (Page 2154) 11.2.7 Using ARRAY data blocks (S7-1200, S7-1500) Using an ARRAY data block (S7-1500) ARRAY data blocks are global data blocks that consist exclusively of an ARRAY. A data block with a tag of the ARRAY data type is sufficient for most applications because access can be programmed intuitively with a tag of the ARRAY data type (for example, #myArray[#index]) and offer a better runtime performance than ARRAY data blocks. In certain scenarios, however, it is necessary to process ARRAYs with different lengths. The ARRAY data block is particularly suitable for these scenarios. ARRAY data blocks with different length can be processed by means of the following instructions: ReadFromArrayDB: Read from Array data block WriteToArrayDB: Write to array data block ReadFromArrayDBL: Read from array data block in load memory WriteToArrayDBL: Write to array data block in load memory WinCC Advanced V14 System Manual, 10/2016 2121 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) For more information about the instructions, refer to "Basic instructions > LAD/FBD/STL/SCL/ GRAPH > Move operations > ARRAY DB". When the program code is being written, it is not necessary to know which ARRAY data block is read or written or what size it is. As a result, you can program the block flexibly so that it can also be used for buffers of various length. It is also not necessary to know the data type of the ARRAY elements, as the function in the program code using the DB_ANY data type does not yet require this information. The data type VARIANT is used so that you can also be flexible in specifying the value to be read or written. The ARRAY data block is transferred only during runtime in order to then access the values in the program block. The data type of the ARRAY elements and the data type of the value that is to be read or written are determined. You can determine the number of objects and the fill level of the ARRAY data block using the ARRAY elements. Note When you create an ARRAY data block, specify the data type and the number of ARRAY elements. The data type of the value which is to be written to the ARRAY data block, for example, must match the data type of the ARRAY elements of the data block. In each case, connect a source area (PLC data type) with a destination area (ARRAY data block). The advantage of this procedure is that the program code can already be created before you know which ARRAY data block and which value will be processed. Programming example The following example shows you how to use an ARRAY data block: Individual pieces of material are transported on a conveyor belt. These pieces of material pass a scanner which can read out the information that a piece of material carries with it. The information is read out and transmitted to a panel. Because the scanner and the panel have different clock cycles/speeds, the material information must be cached in each case. In the following programming example, we show you how to program the program code for passing on material information. For this purpose, you use a PLC data type (UDT) and an ARRAY data block. 2122 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Procedure Create the PLC data type "UDT_Queue". You use this PLC data type as an instance which can be accessed by both functions ("FC_Enqueue" and "FC_Dequeue"). This is important, for example, for accessing the tag #Queue.Used, as the function "FC_Enqueue" increments the tag by one and the function "FC_Dequeue" decrements the tag by one. 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare the following lines within the PLC data type: DB > Data type: DB_ANY Size > Data type: DINT Used > Data type: DINT ReadPos > Data type: DINT WritePos > Data type: DINT WinCC Advanced V14 System Manual, 10/2016 2123 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Program the instruction "FC_Enqueue", which writes the values from a PLC data type into an ARRAY data block. The PLC data type and the ARRAY data block must be still unknown at this time, as the interfaces with the data types VARIANT and DB_ANY are programmed: 1. Create an SCL function and name it "FC_Enqueue". 2. Declare the block interface as follows: 3. Write the following program code: 2124 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) With this function, you check whether there is still space free in the data block. If so, write the value that is specified at the parameter value into the data block at the parameter db. With each new item of material information that is written, the tag #Queue.Used and the pointer tag #Queue.WritePos are incremented by one. As soon as the cursor reaches the end of the data block, it is reset to 0. If the data block is full, the error code #4711 is returned. Program the instruction "FC_Dequeue", which reads the material information from an ARRAY data block and writes it into a PLC data type. The PLC data type and the ARRAY data block must be still unknown at this time, as the interfaces are programmed with the data types WinCC Advanced V14 System Manual, 10/2016 2125 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) VARIANT and DB_ANY. The material information can then be displayed on a panel, for example: 1. Create an SCL function and name it "FC_Dequeue". 2. Declare the block interface as follows: 3. Write the following program code: 2126 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) With this function, you check whether material information is available in the data block. If so, read the value to which the pointer #Queue.ReadPos points, and write it to the tag #Value. With each item of material information that is read, the tag #Queue.Used is decremented by one and the pointer tag #Queue.ReadPos is incremented by one. As soon as the cursor reaches the end of the data block, it is reset to 0. If the data block is empty, the error code #4712 is returned. In order to be able to write or read data, you require a specific PLC data type and an ARRAY data block, each of which must have the same data type. WinCC Advanced V14 System Manual, 10/2016 2127 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) To do this, create the PLC data type "UDT_Material". The scanner writes the read-out material information into this PLC data type. 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare the following lines within the PLC data type: ArticleNumber > Data type: DINT ArticleName > Data type: STRING Amount > Data type: REAL Unit > Data type: STRING Create the ARRAY data block "DB_MaterialBuffer". The material information from the PLC data type "UDT_Material" is sent to this ARRAY data block with the help of the function "FC_Enqueue". 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Specify the name "DB_MaterialBuffer". 4. Select the type of the data block "ARRAY DB". 5. Select the PLC data type "UDT_Material" as ARRAY data type. 6. Specify "1000" as high ARRAY limit. 7. Click "OK". 2128 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) Create the start of the organization block (OB) "OB_MaterialQueue". In this organization block, you initialize the tags DB and Size. 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Organization block (OB)" button. 3. Specify the name "OB_MaterialQueue". 4. Select the type "Startup". 5. Select SCL as the language of the organization block. 6. Click "OK". 7. Write the following program code: By assigning the data block, you connect the ARRAY data block "DB_MaterialBuffer" with the SCL functions "FC_Enqueue" and "FC_Dequeue". Enter the size of the ARRAY data block at the Size parameter. The start value of the Used parameter is "0". The first item of material information is thus written to the ARRAY element "0". 1. Select the folder "Program blocks" in the project tree and select the command "Compile > Software (only changes)" from the shortcut menu. 2. Declare the following tags in the "Default tag table": 3. Call the SCL function "FC_Enqueue" within the function block in which the scanner reads out the material information. 4. Declare the tag "ConnectionToUDT" in the section "Temp" in the block interface and link this tag with the PLC data type "UDT_Material": WinCC Advanced V14 System Manual, 10/2016 2129 Programming the PLC 11.2 Programming recommendations (S7-1200, S7-1500) 5. Link the function call with the following tags and, at the enable input EN, create the signal edge "P: Scan operand for positive signal edge". Link the signal edge with the global tags from the default tag table: 6. Call the SCL function "FC_Dequeue" 7. Link the function call with the following tags and, at the enable input EN, create the signal edge "P: Scan operand for positive signal edge". Link the signal edge with the global tags from the default tag table: Result As soon as a positive signal edge occurs, material information is written to an ARRAY data block with the help of the instruction "WriteToArrayDB" and sent to the panel with the help of the instruction "ReadFromArrayDB". See also Addressing ARRAYs (Page 2182) Basic principles for programming of data blocks (Page 4551) 2130 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.2.8 Commenting out program code (S7-1200, S7-1500) Description In the TIA Portal, you have the option of commenting out program code and individual instructions in the programming languages LAD, FBD, STL and SCL. You can find more information on commenting out within the information system here: STL: AUTOHOTSPOT SCL: Inserting comments (Page 4798) Programming example You can find examples of all programming languages in the Siemens Industry Online Support under the following FAQ ID: 109482004 (https://support.industry.siemens.com/cs/ww/en/view/ 109482004) 11.3 Data types 11.3.1 Overview of the valid data types Validity of data type groups The data type groups define the properties of the data, for example, the representation of the contents and the valid memory areas. In the user program, you have the option of using pre-defined data types, which you add to the data types you have defined yourself. The following type categories are available for this: Elementary data types (binary numbers, integers, floating-point numbers, timers, DATE, TOD, LTOD CHAR, WCHAR) Complex data types (DT, LDT, DTL, STRING, WSTRING, ARRAY, STRUCT) User-defined data types (PLC data type (UDT)) Pointer Parameter types System data types Hardware data types The following tables show the availability of data types in the various S7-CPUs: WinCC Advanced V14 System Manual, 10/2016 2131 Programming the PLC 11.3 Data types Table 11-1 Binary numbers Binary numbers S7-300/400 S7-1200 S7-1500 BOOL (Page 2136) X X X BYTE (Page 2136) X X X WORD (Page 2137) X X X DWORD (Page 2138) X X X LWORD (Page 2139) - - X Integers S7-300/400 S7-1200 S7-1500 SINT (Page 2141) - X X INT (Page 2143) X X X DINT (Page 2145) X X X USINT (Page 2142) - X X UINT (Page 2144) - X X UDINT (Page 2146) - X X LINT (Page 2147) - - X ULINT (Page 2148) - - X Floating-point numbers S7-300/400 S7-1200 S7-1500 REAL (Page 2150) X X X LREAL (Page 2151) - X X Timers S7-300/400 S7-1200 S7-1500 S5TIME (Page 2154) X - X TIME (Page 2155) X X X LTIME (Page 2156) - - X Date and time S7-300/400 S7-1200 S7-1500 DATE (Page 2157) X X X TIME_OF_DAY (TOD) (Page 2157) X X X LTOD (LTIME_OF_DAY) (Page 2158) - - X DT (DATE_AND_TIME) (Page 2158) X - X Bit strings Table 11-2 Table 11-3 Table 11-4 Table 11-5 2132 Integers Floating-point numbers Timers Date and time WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Date and time S7-300/400 S7-1200 S7-1500 LDT (Page 2159) - - X DTL (Page 2160) - X X Character strings S7-300/400 S7-1200 S7-1500 CHAR (Page 2161) X X X WCHAR (Page 2162) - X X STRING (Page 2162) X X X WSTRING (Page 2165) - X X PLC data types (UDT) S7-300/400 S7-1200 S7-1500 PLC data type (Page 2170) (UDT) X X X Anonymous structures S7-300/400 S7-1200 S7-1500 STRUCT (Page 2175) X X X ARRAY S7-300/400 S7-1200 S7-1500 ARRAY [....] of <data type> (Page 2177) X X X Pointer S7-300/400 S7-1200 S7-1500 POINTER (Page 2185) X - X ANY (Page 2188) X - X VARIANT (Page 2191) - X X Parameter types S7-300/400 S7-1200 S7-1500 TIMER (Page 2193) X - X COUNTER (Page 2193) X - X BLOCK_FC (Page 2193) X - X BLOCK_FB (Page 2193) X - X Table 11-6 Table 11-7 Table 11-8 Table 11-9 Character strings PLC data types (UDT) Anonymous structures ARRAY Table 11-10 Pointer Table 11-11 Parameter types WinCC Advanced V14 System Manual, 10/2016 2133 Programming the PLC 11.3 Data types Parameter types S7-300/400 S7-1200 S7-1500 BLOCK_DB (Page 2193) X - - BLOCK_SDB (Page 2193) X - - BLOCK_SFB (Page 2193) X - - BLOCK_SFC (Page 2193) X - - BLOCK_OB (Page 2193) X X X VOID (Page 2193) X X X PARAMETER (Page 2193) - X X Table 11-12 System data types System data types S7-300/400 S7-1200 S7-1500 IEC_TIMER (Page 2194) X X X 1) IEC_LTIMER (Page 2194) - - X IEC_SCOUNTER (Page 2194) - X X IEC_USCOUNTER (Page 2194) - X X IEC_COUNTER (Page 2194) X2) X X IEC_UCOUNTER (Page 2194) - X X IEC_DCOUNTER (Page 2194) - X X IEC_UDCOUNTER (Page 2194) - X X IEC_LCOUNTER (Page 2194) - - X IEC_ULCOUNTER (Page 2194) - - X ERROR_STRUCT (Page 2194) - X X NREF (Page 2194) - X X CREF (Page 2194) - X X VREF (Page 2194) - X X SSL_HEADER (Page 2194) X - - CONDITIONS (Page 2194) - X - TADDR_Param (Page 2194) - X X TCON_Param (Page 2194) - X X HSC_Period (Page 2194) - X - 1) For S7-300/400 CPUs, the data type is represented by TP, TON and TOF. 2) For S7-300/400 CPUs, the data type is represented by CTU, CTD and CTUD. Table 11-13 Hardware data types 2134 Hardware data types S7-300/400 S7-1200 S7-1500 REMOTE (Page 2196) - X X HW_ANY (Page 2196) - X X HW_DEVICE (Page 2196) - X X HW_DPMASTER (Page 2196) - - X HW_DPSLAVE (Page 2196) - X X HW_IO (Page 2196) - X X WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Hardware data types S7-300/400 S7-1200 S7-1500 HW_IOSYSTEM (Page 2196) - X X HW_SUBMODULE (Page 2196) - X X HW_MODULE (Page 2196) - - X HW_INTERFACE (Page 2196) - X X HW_IEPORT (Page 2196) - X X HW_HSC (Page 2196) - X X HW_PWM (Page 2196) - X X HW_PTO (Page 2196) - X X EVENT_ANY (Page 2196) - X X EVENT_ATT (Page 2196) - X X EVENT_HWINT (Page 2196) - X X OB_ANY (Page 2196) - X X OB_DELAY (Page 2196) - X X OB_TOD (Page 2196) - X X OB_CYCLIC (Page 2196) - X X OB_ATT (Page 2196) - X X OB_PCYCLE (Page 2196) - X X OB_HWINT (Page 2196) - X X OB_DIAG (Page 2196) - X X OB_TIMEERROR (Page 2196) - X X OB_STARTUP (Page 2196) - X X PORT (Page 2196) - X X RTM (Page 2196) - X X PIP (Page 2196) - - X CONN_ANY (Page 2196) - X X CONN_PRG (Page 2196) - X X CONN_OUC (Page 2196) - X X CONN_R_ID (Page 2196) - - X DB_ANY (Page 2196) - X X DB_WWW (Page 2196) - X X DB_DYN (Page 2196) - X X Note Depending on the CPU version, the actually valid data types can deviate slightly from the table. WinCC Advanced V14 System Manual, 10/2016 2135 Programming the PLC 11.3 Data types 11.3.2 Binary numbers 11.3.2.1 BOOL (bit) Description An operand of data type BOOL represents a bit value and contains one of the following values: TRUE FALSE The following table shows the properties of data type BOOL: Length (bits) Format Value range Examples of value input 1 Boolean FALSE or TRUE TRUE BOOL#0 or BOOL#1 BOOL#1 BOOL#FALSE or BOOL#TRUE BOOL#TRUE Unsigned integers (decimal system) 0 or 1 1 Binary numbers 2#0 or 2#1 2#0 Octal numbers 8#0 or 8#1 8#1 Hexadecimal numbers 16#0 or 16#1 16#1 Note Applies to CPUs of the S7-1500 series For a block with the block property "Optimized block access", the bit has a length of 1 byte. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.2.2 Bit strings BYTE Description An operand of data type BYTE is a bit string of 8 bits. 2136 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following table shows the properties of data type BYTE: Length (bits) Format Value range 8 Integers1) (decimal sys Signed integers: -128 tem) to +127 Unsigned integers: 0 to 255 Binary numbers 2#0 to 2#1111_1111 Examples of value input Constants Absolute and sym bolic addresses 15 IB2 BYTE#15 MB10 BYTE#10#15 DB1.DBB4 B#15 Tag_Name 2#0000_1111 BYTE#2#0000 _1111 B#2#0000_111 1 Octal numbers 8#0 to 8#377 8#17 BYTE#8#17 B#8#17 Hexadecimal numbers 16#0 to 16#FF 16#0F BYTE#16#0F B#16#0F 1) The value range depends on the relevant interpretation or conversion. Note The BYTE data type cannot be compared for more than or less than. It can only be supplied with the same decimal data that can be processed by the SINT and USINT data types. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) WORD Description An operand of data type WORD is a bit string of 16 bits. WinCC Advanced V14 System Manual, 10/2016 2137 Programming the PLC 11.3 Data types The following table shows the properties of data type WORD: Length (bits) Format 16 Integers (decimal sys tem) Value range Signed integers: -32_768 to +32_767 Unsigned integers: 0 to 65_535 Examples of value input Constants Absolute and symbolic addresses 61_680 MW10 WORD#61_680 DB1.DBW2 WORD#10#61_680 Tag_Name W#61_680 Binary numbers 2#0 to 2#1111_1111_1111_1111 2#1111_0000_1111_ 0000 WORD#2#1111_000 0_1111_0000 W#2#1111_0000_11 11_0000 Octal numbers 8#0 to 8#177_777 8#170_360 WORD#8#170_360 W#8#170_360 Hexadecimal numbers 16#0 to 16#FFFF 16#F0F0 WORD#16#F0F0 W#16#F0F0 BCD C#0 to C#999 C#55 Decimal sequence B#(0, 0) to B#(255, 255) B#(127, 200) Note The WORD data type cannot be compared for more than or less than. It can only be supplied with the same decimal data that can be processed by the INT and UINT data types. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) DWORD Description An operand of data type DWORD is a bit string of 32 bits. 2138 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following table shows the properties of data type DWORD: Length (bits) Format 32 Integers (decimal system) Value range Signed integers: -2_147_483_648 to +2_147_483_648 Unsigned integers: 0 to 4_294_967_295 Binary numbers Examples of value input Constants Absolute and symbolic addresses +15_793_935 MD10 DWORD#+15_793_935 DB1.DBD8 DWORD#10# +15_793_935 Tag_Name DW#+15_793_935 2#0 to 2#0000_0000_1111_000 2#1111_1111_1111_1111_1 0_1111_1111_0000_111 111_1111_1111_1111 1 DWORD#2#0000_0000_ 1111_0000_1111_1111_ 0000_1111 DW#2#0000_0000_1111 _0000_1111_1111_0000 _1111 Octal numbers 8#0 to 8#37_777_777_777 8#74_177_417 DWORD#8#74_177_417 DW#8#74_177_417 Hexadecimal num bers 16#0000_0000 to 16#FFFF_FFFF 16#00F0_FF0F DWORD#16#00F0_FF0 F DW#16#00F0_FF0F Decimal sequence B#(0, 0, 0, 0) to B#(255, 255, 255, 255) B#(127, 200, 127, 200) Note The DWORD data type cannot be compared for more than or less than. It can only be supplied with the same decimal data that can be processed by the DINT and UDINT data types. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) LWORD (S7-1500) Description An operand of data type LWORD is a bit string of 64 bits. WinCC Advanced V14 System Manual, 10/2016 2139 Programming the PLC 11.3 Data types The following table shows the properties of data type LWORD: Length Format (bits) Value range Examples of value input 64 Signed integers: -9_223_372_036_854_775_808 to +9_223_372_036_854_775_807 +26_123_590_360_715 Integers (decimal system) Unsigned integers: 0 to 18_446_744_073_709_551_615 Binary numbers 2#0 to 2#1111_1111_1111_1111_1111_1111_1111_ 1111_1111_1111_1111_1111_1111_1111_11 11_1111 LWORD#+26_123_590_360_715 LWORD#10#+26_123_590_360_715 LW#+26_123_590_360_715 2#0000_0000_0000_0000_0000_1011_1 110_0001_0010_1111_0101_0010_1101 _1110_1000_1011 LWORD#2#0000_0000_0000_0000_000 0_1011_1110_0001_0010_1111_0101_0 010_1101_1110_1000_1011 LW#2#0000_0000_0000_0000_0000_10 11_1110_0001_0010_1111_0101_0010_ 1101_1110_1000_1011 Octal numbers 8#0 to 8#1_777_777_777_777_777_777_777 8#13_724_557_213 LWORD#8#13_724_557_213 LW#8#13_724_557_213 Hexadecimal num 16#0000_0000 to bers 16#FFFF_FFFF_FFFF_FFFF 16#0000_0000_5F52_DE8B LWORD#16#0000_0000_5F52_DE8B LW#16#0000_0000_5F52_DE8B Decimal sequence B#(0, 0, 0, 0, 0, 0, 0, 0) to B#(255, 255, 255, 255, 255, 255, 255, 255) B#(127, 200, 127, 200, 127, 200, 127, 200) Note The LWORD data type cannot be compared for more than or less than. It can only be supplied with the same decimal data that can be processed by the LINT and ULINT data types. See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 2140 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.3 Integers 11.3.3.1 SINT (8-bit integers) (S7-1200, S7-1500) Description An operand of data type SINT (Short INT) has a length of 8 bits and consists of two components: a sign and a numerical value in the two's complement. The signal states of bits 0 to 6 represent the number value. The signal state of bit 7 represents the sign. The sign may assume "0" for the positive, or "1" for the negative signal state. An operand of data type SINT occupies one BYTE in the memory. The following table shows the properties of data type SINT: Length (bits) Format Value range Examples of value input 8 Signed integers (decimal system) -128 to +127 +44 SINT#+44 SINT#10#+44 The value range extends to a maximum of SINT#255 when using the type SINT#. This val ue is interpreted as an integer with -1. Binary numbers (only pos 2#0 to 2#0111_1111 itive) 2#0010_1100 SINT#2#0010_1100 SINT#2#10 Octal numbers (only posi tive) 8#0 to 8#177 Hexadecimal numbers (only positive) 16#0 to 16#7F 8#54 SINT#8#54 16#2C SINT#16#2C The value range extends to a maximum of SINT#16#FF when using the type SINT#. This val ue is interpreted as an integer with -1. Example The following figure shows the integer +44 as a binary number: %LW 6LJQ 'HFLPDOYDOXHV WinCC Advanced V14 System Manual, 10/2016 2141 Programming the PLC 11.3 Data types See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.3.2 USINT (8-bit integers) (S7-1200, S7-1500) Description An operand of data type USINT (Unsigned Short INT) has a length of 8 bits and contains unsigned numerical values: An operand of data type USINT occupies one BYTE in the memory. The following table shows the properties of data type USINT: Length (bits) Format Value range Examples of value input 8 Unsigned integers (deci mal system) 0 to 255 78 Binary numbers 2#0 to 2#1111_1111 USINT#78 USINT#10#78 2#0100_1110 USINT#2#0100_1110 USINT#2#10 Octal numbers 8#0 to 8#377 8#116 USINT#8#116 Hexadecimal numbers 16#0 to 16#FF 16#4E USINT#16#4E Example The following figure shows the integer 78 as a binary number: %LW 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 2142 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.3.3 INT (16-bit integers) Description An operand of data type INT has a length of 16 bits and consists of two components: a sign and a numerical value in the two's complement. The signal states of bits 0 to 14 represent the number value. The signal state of bit 15 represents the sign. The sign may assume "0" for the positive, or "1" for the negative signal state. An operand of data type INT occupies two BYTE in the memory. The following table shows the properties of data type INT: Length (bits) Format Value range Examples of value input 16 Signed integers (decimal system) -32_768 to +32_767 +3_785 Binary numbers (only posi tive) 2#0 to 2#0000_1110_1100_100 2#0111_1111_1111_1111 1 INT#+3_785 INT#10#+3_785 INT#2#0000_1110_1100_ 1001 INT#2#10 Octal numbers 8#0 to 8#7_7777 8#7311 INT#8#7311 Hexadecimal numbers (only positive) 16#0 to 16#7FFF 16#0EC9 INT#16#0EC9 Example The following figure shows the integer +3785 as a binary number: %LW 6LJQ 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2143 Programming the PLC 11.3 Data types 11.3.3.4 UINT (16-bit integers) (S7-1200, S7-1500) Description An operand of data type UINT (Unsigned INT) has a length of 16 bits and contains unsigned numerical values. An operand of data type UINT occupies two BYTE in the memory. The following table shows the properties of data type UINT: Length (bits) Format Value range Examples of value input 16 Unsigned integers (decimal system) 0 to 65_535 65_295 Binary numbers 2#0 to 2#1111_1111_1111_1111 UINT#65_295 UINT#10#65_295 2#1111_1111_0000_1111 UINT#2#1111_1111_0000_ 1111 UINT#2#10 Octal numbers 8#0 to 8#17_7777 8#17_7417 UINT#8#17_7417 Hexadecimal num bers 16#0 to 16#FFFF 16#FF0F UINT#16#FF0F Example The following figure shows the integer 65295 as a binary number: %LW 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 2144 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.3.5 DINT (32-bit integers) Description An operand of data type DINT (Double INT) has a length of 32 bits and consists of two components: a sign and a numerical value in the two's complement. The signal states of bits 0 to 30 represent the number value. The signal state of bit 31 represents the sign. The sign may assume "0" for the positive, or "1" for the negative signal state. An operand of data type DINT occupies four BYTE in the memory. The following table shows the properties of data type DINT: Length (bits) Format Value range Examples of value input 32 Signed integers (decimal system) -2_147_483_648 to +2_147_483_647 +125_790 DINT#+125_790 DINT#10#+125_790 L#275 Binary numbers (only posi 2#0 to tive) 2#0111_1111_1111_1111_1111_111 1_1111_1111 2#0000_0000_0000_0001_1110_ 1011_0101_1110 DINT#2#0000_0000_0000_0001_ 1110_1011_0101_1110 DINT#2#10 Octal numbers (only posi tive) 8#0 to 8#177_7777_7777 Hexadecimal numbers 16#0 to 16#7FFF_FFFF 8#36_5536 DINT#8#36_5536 16#0001_EB5E DINT#16#0001_EB5E Example The following figure shows the integer +125790 as a binary number: %LW 6LJQ 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2145 Programming the PLC 11.3 Data types 11.3.3.6 UDINT (32-bit integers) (S7-1200, S7-1500) Description An operand of data type UDINT (Unsigned Double INT) has a length of 32 bits and contains unsigned numerical values. An operand of data type UDINT occupies four BYTE in the memory. The following table shows the properties of data type UDINT: Length (bits) Format Value range Examples of value input 32 Unsigned integers (decimal system) 0 to 4_294_967_295 4_042_322_160 UDINT#4_042_322_160 UDINT#10#4_042_322_160 Binary numbers 2#0 to 2#1111_1111_1111_1111_111 1_1111_1111_1111 2#1111_0000_1111_0000_1111_000 0_1111_0000 UDINT#2#1111_0000_1111_0000_11 11_0000_1111_0000 UDINT#2#10 Octal numbers 8#0 to 8#377_7777_7777 Hexadecimal numbers 16#0 to 16#FFFF_FFFF 8#360_7417_0360 UDINT#8#360_7417_0360 16#F0F0_F0F0 UDINT#16#F0F0_F0F0 Example The following figure shows the integer 4042322160 as a binary number: %LW 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 2146 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.3.7 LINT (64-bit integers) (S7-1500) Description An operand of data type LINT (Long INT) has a length of 64 bits and consists of two components: a sign and a numerical value in the two's complement. The signal states of bits 0 to 62 represent the number value. The signal state of bit 63 represents the sign. The sign may assume "0" for the positive, or "1" for the negative signal state. An operand of data type LINT occupies eight BYTE in the memory. The following table shows the properties of data type LINT: Lengt h (bits) Format Value range Examples of value input 64 Signed integers (decimal system) -9_223_372_036_854_775_808 to +9_223_372_036_854_775_807 +154_325_790_816_159 LINT#+154_325_790_816_159 LINT#10#+154_325_790_816_159 Binary numbers (only positive) 2#0 to 2#0000_0000_0000_0000_1000_1100_0101_1 2#0111_1111_1111_1111_1111_1111_1 011_1100_0101_1111_0000_1111_0111_1001 111_1111_1111_1111_1111_1111_1111 _1111 _1111_1111_1111 LINT#2#0000_0000_0000_0000_1000_1100_0 101_1011_1100_0101_1111_0000_1111_0111 _1001_1111 Octal numbers 8#0 to 8#7_7777_7777_7777_7777_7777 8#4305_5705_7417_3637 16#0 to 16#7FFF_FFFF_FFFF_FFFF 16#0000_8C5B_C5F0_F79F LINT#2#10 Hexadecimal num bers (only positive) WinCC Advanced V14 System Manual, 10/2016 LINT#8#4305_5705_7417_3637 LINT#16#0000_8C5B_C5F0_F79F 2147 Programming the PLC 11.3 Data types Example The following figure shows the integer +154325790816159 as a binary number: %LW %LW 6LJQ 'HFLPDOYDOXHV See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 11.3.3.8 ULINT (64-bit integers) (S7-1500) Description An operand of data type ULINT (Unsigned Long INT) has a length of 64 bits and contains unsigned numerical values. An operand of data type ULINT occupies eight BYTE in the memory. 2148 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following table shows the properties of data type ULINT: Length Format (bits) Value range Examples of value input 64 Unsigned integers (decimal system) 0 to 18_446_744_073_709_551_615 154_325_790_816_159 Binary numbers 2#0 to 2#1111_1111_1111_1111_1111_111 1_1111_1111_1111_1111_1111_111 1_1111_1111_1111_1111 ULINT#154_325_790_816_159 ULINT#10#154_325_790_816_159 2#0000_0000_0000_0000_1000_1100_0101_101 1_1100_0101_1111_0000_1111_0111_1001_111 1 ULINT#2#0000_0000_0000_0000_1000_1100_01 01_1011_1100_0101_1111_0000_1111_0111_10 01_1111 ULINT#2#10 Octal numbers 8#0 to 8#17_7777_7777_7777_7777_7777 8#4305_5705_7417_3637 ULINT#8#4305_5705_7417_3637 Hexadecimal num 16#0 to 16#FFFF_FFFF_FFFF_FFFF 16#0000_8C5B_C5F0_F79F bers ULINT#16#0000_8C5B_C5F0_F79F Example The following figure shows the integer 154325790816159 as a binary number: %LW %LW 'H]LPDOZHUWH WinCC Advanced V14 System Manual, 10/2016 2149 Programming the PLC 11.3 Data types See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 11.3.4 Floating-point numbers 11.3.4.1 REAL Description Operands of the data type REAL have a length of 32 bits and are used to represent floatingpoint numbers. An operand of the REAL data type consists of the following three components: Sign: The sign is determined by the signal state of bit 31. The bit 31 assume the value "0" (positive) or "1" (negative). 8-bit exponents to basis 2: The exponent is increased by a constant (base, +127), so that it has a value range of 0 to 255. 23-bit mantissa: Only the fraction part of the mantissa is shown. The integer part of the mantissa is always 1 with normalized floating-point numbers and is not stored. The REAL data type is processed with a precision of 6 digits. The following figure shows the structure of the REAL data type: %LW 6 6LJQ ELW H P ([SRQHQWH ELWV 0DQWLVVDP ELWV Note With floating-point numbers, only the precision defined by the IEEE754 standard is stored. Additionally specified decimals are rounded off according to IEEE754. The number of decimal places may decrease for frequently nested arithmetic calculations. If more decimal places are specified than can be stored by the data type, the number is rounded to the value corresponding to the precision allowed by this value range. 2150 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following table shows the properties of data type REAL: Length (bits) Format Value range Examples of value input 32 Floating-point num bers according to IEEE754 -3.402823e+38 to -1.175495e-38 1.0e-5; REAL#1.0e-5 Floating-point num bers 0.0 +1.175495e-38 to +3.402823e+38 1.0; REAL#1.0 See also Overview of the valid data types (Page 2131) Calculating with floating-point numbers (REAL and LREAL) in SCL (Page 2108) Data type conversion for S7-1200 (Page 2332) 11.3.4.2 LREAL (S7-1200, S7-1500) Description Operands of the data type LREAL have a length of 64 bits and are used to represent floatingpoint numbers. An operand of the LREAL data type consists of the following three components: Sign: The sign is determined by the signal state of bit 63. The bit 63 assumes the value "0" (positive) or "1" (negative). 11-bit exponents to base 2: The exponent is increased by a constant (base, +1023), so that it has a value range of 0 to 2047. 52-bit mantissa: Only the fraction part of the mantissa is shown. The integer part of the mantissa is always 1 with normalized floating-point numbers and is not stored. The LREAL data type is processed with a precision of 15 digits. The following figure shows the structure of the LREAL data type: %LW 9 6LJQ9 ELWV H P ([SRQHQWH ELWV WinCC Advanced V14 System Manual, 10/2016 0DQWLVVDP ELWV 2151 Programming the PLC 11.3 Data types The following table shows the properties of data type LREAL: Length (bits) Format Value range Examples of value input 64 Floating-point num bers according to IEEE754 -1.7976931348623158e+308 to -2.2250738585072014e-308 1.0e-5; LREAL#1.0e-5 Floating-point num bers +2.2250738585072014e-308 to +1.7976931348623158e+308 0.0 1.0; LREAL#1.0 Note With floating-point numbers, only the precision defined by the IEEE754 standard is stored. Additionally specified decimals are rounded off according to IEEE754. The number of decimal places may decrease for frequently nested arithmetic calculations. If more decimal places are specified than can be stored by the data type, the number is rounded to the corresponding value of the precision allowed by this value range . See also Overview of the valid data types (Page 2131) Calculating with floating-point numbers (REAL and LREAL) in SCL (Page 2108) Data type conversion for S7-1200 (Page 2332) 11.3.4.3 Invalid floating-point numbers Description We distinguish between four number ranges for data types REAL and LREAL: normalized numbers stored with full accuracy denormalized numbers not stored with full accuracy Infinite numbers: +Inf/-Inf (infinity) Invalid numbers: NaN (Not a Number) Note Floating-point numbers are stored as specified by the IEEE754 standard. Results of conversion or arithmetic functions with a denormalized, infinite or NaN (Not a Number) floating point depend on the CPU. If you are not working with normalized floating-point numbers in mathematical functions, the result will show significant differences depending on the series of the CPU which you are using. 2152 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types A CPU cannot calculate with denormalized floating-point numbers, with the exception of older CPU versions of the S7-300 and S7-400 series. The bit pattern of a denormalized number is interpreted as a zero. If the result of calculation falls into this range, it is continued with zero; the status bits OV and OS are set (number range undershoot). Even though the values of invalid floating-point numbers can only be displayed with limited accuracy for mathematical functions, numbers with an exponent of -39 (e.g. 2.4408e-039) can be monitored in the TIA Portal and therefore do not necessarily represent a faulty result. This means that floating-point values may be located outside the range of valid numerical values. Note The following applies to CPUs of the series S7-1200 V1, V2 and V3: The comparison operation "Equal" uses the bit pattern of the invalid floating-point number. If two "NaN numbers" with the same bit pattern are compared, the output of the "Equal" comparison operation returns the result TRUE. Note The following applies to CPUs of the S7-1200 V4 and S7-1500 series: If two invalid numbers (NaN) are compared with each other, the result is always FALSE, regardless of the bit pattern of the invalid number or the relation (>, >, ...). Note Comparison of denormalized floating-point numbers For the comparison operation "Equal" with two denormalized floating-point numbers, the output for CPUs of the S7-300/400 series is set to the signal state "0" and for CPUs of the S7-1200/1500 series to the signal state "1". If the input variables of a mathematical function represent an invalid floating-point number, an invalid floating-point number will also be output as result. You have the following options to evaluate possible errors caused by invalid floating-point numbers: In LAD/FBD and SCL, you can query the enable output ENO for FALSE In STL, you can evaluate the status bit OV See also Overview of the valid data types (Page 2131) Calculating with floating-point numbers (REAL and LREAL) in SCL (Page 2108) Data type conversion for S7-1200 (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2153 Programming the PLC 11.3 Data types 11.3.5 Timers 11.3.5.1 S5TIME (duration) (S7-300, S7-400) Format Data type S5TIME stores the duration in BCD format. The duration is the product from a time in the range 0 to 999 and a time basis. The time basis indicates the interval at which a timer decrements the time value by one unit until it reaches "0". The resolution of the times can be controlled via the time basis. The following table shows the range of values for data type S5TIME: Length (bits) Format Range of values Examples of value input 16 S7 time in incre S5T#0MS to ments of 10 ms (de S5T#2H_46M_30S_0MS fault value) S5T#10s, S5TIME#10s Hexadecimal num 16#0 to 16#3999 bers 16#2 The following table shows the time base coding for S5TIME: Time basis Binary code for time basis 10 ms 00 100 ms 01 1s 10 10 s 11 Always observe range limits and the resolution of time values when using data type S5TIME with timers. The table below specifies the range associated with each resolution: Resolution Range 0.01 s 10 ms to 9 s 990 ms 0.1 s 100 ms to 1 min 39 s 900 ms 1s 1 s to 16 min 39 s 10 s 10 s to 2 h 46 min 30 s Values that exceed 2h46m30s are not accepted. 2154 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Example The following figure shows the content of the time operand for a time value of 127 and a time base of 1 s: %LW [ [ 7LPHYDOXHLQ%&'IRUPDW WR 7LPHEDVLV VHFRQG ,UUHOHYDQW7KHVHELWDUHGLVUHJDUGHGZKHQWKHWLPHULVVWDUWHG See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.5.2 TIME (IEC time) Description The contents of an operand of the data type TIME is interpreted as milliseconds. The representation contains information for days (d), hours (h), minutes (m), seconds (s) and milliseconds (ms). The following table shows the properties of data type TIME: Length (bits) Format Value range Examples of value input 32 Signed duration T#-24d_20h_31m_23s_648ms to T# +24d_20h_31m_23s_647ms T#10d_20h_30m_20s_630ms, TIME#10d_20h_30m_20s_630ms Hexadecimal numbers 16#0000_0000 to 16#FFFF_FFFF 16#0001_EB5E It is not necessary to specify all time units. T#5h10s is a valid entry, for example. If only one unit is specified, the absolute value of days, hours, and minutes must not exceed the high or low limits. When more than one time unit is specified, the value must not exceed 24 days, 23 hours, 59 minutes, 59 seconds or 999 milliseconds. WinCC Advanced V14 System Manual, 10/2016 2155 Programming the PLC 11.3 Data types See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.5.3 LTIME (IEC time) (S7-1500) Description The contents of an operand of data type LTIME is interpreted as nanoseconds. The representation contains information for days (d), hours (h), minutes (m), seconds (s) and milliseconds (ms), microseconds (us) and nanoseconds (ns). The following table shows the properties of data type LTIME: Length (bits) Format Value range Examples of value input 64 Signed duration LT#-106751d_23h_47m_16s_854 ms_775us_808ns to LT# +106751d_23h_47m_16s_854ms _775us_807ns LT#11350d_20h_25m_14s_830 ms_652us_315ns, LTIME#11350d_20h_25m_14s_ 830ms_652us_315ns Hexadecimal num bers 16#0 to 16#7FFF_FFFF_FFFF_FFFF 16#2 It is not necessary to specify all time units. LT#5h10s is therefore a valid entry, for example. If only one unit is specified, the absolute value of days, hours, and minutes must not exceed the high or low limits. When more than one time unit is specified, the value must not exceed 106751 days, 23 hours, 59 minutes, 59 seconds, 999 milliseconds, 999 microseconds or 999 nanoseconds. See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 2156 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.6 Date and time 11.3.6.1 DATE Format The DATE data type saves the date as an unsigned integer. The representation contains the year, the month, and the day. The contents of an operand of DATE data type correspond in hexadecimal format to the number of days since 01-01-1990 (16#0000). The following table shows the properties of data type DATE: Length (bytes) Format Value range Examples of value input 2 IEC date D#1990-01-01 to D#2169-06-06 D#2009-12-31, DATE#2009-12-31 16#0000 to 16#FFFF 16#00F2 (Year-Month-Day) Hexadecimal num bers See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.6.2 TIME_OF_DAY (TOD) Format Data type TOD (TIME_OF_DAY) occupies a double word and stores the number of milliseconds since the beginning of the day (0:00 h) as unsigned integer. The following table shows the properties of data type TOD: Length (bytes) Format Value range Examples of value input 4 Time-of-day (hours:mi nutes:seconds.milliseconds) TOD#00:00:00.000 to TOD#23:59:59.999 TOD#10:20:30.400, TIME_OF_DAY#10:20:30.40 0 You always need to specify the hours, minutes and seconds. The specification of milliseconds is optional. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2157 Programming the PLC 11.3 Data types 11.3.6.3 LTOD (LTIME_OF_DAY) (S7-1500) Format Data type LTOD (LTIME_OF_DAY) occupies two double words and stores the number of nanoseconds since the beginning of the day (0:00 h) as unsigned integer. The following table shows the properties of data type LTOD: Length (bytes) Format Value range Examples of value input 8 Time-of-day (hours:mi nutes:seconds.nanoseconds) LTOD#00:00:00.0000000 00 to LTOD#23:59:59.9999999 99 LTOD#10:20:30.400_365_21 5, LTIME_OF_DAY#10:20:30.4 00_365_215 You always need to specify the hours, minutes and seconds. The specification of nanoseconds is optional. See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 11.3.6.4 DATE_AND_TIME (date and time of day) Format The DT (DATE_AND_TIME) data type saves the information on date and time of day in BCD format. The following table shows the properties of data type DT: Length (bytes) Format Value range 8 Date and time Min.: DT#2008-10-25-08:12:34.567, DT#1990-01-01-00:0 DATE_AND_TIME#2008-10-25 0:00.000 -08:12:34.567 (year-month-day-hour:mi nute:second:millisecond 3)) 2158 Example of value input Max.: DT#2089-12-31-23:5 9:59.999 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following table shows the structure of the DT data type: Byte Contents Value range 0 Year 0 to 99 (Years 1990 to 2089) BCD#90 = 1990 ... BCD#0 = 2000 ... BCD#89 = 2089 1 Month BCD#1 to BCD#12 2 Day BCD#1 to BCD# 31 3 Hour BCD#0 to BCD#23 4 Minute BCD#0 to BCD#59 5 Second BCD#0 to BCD#59 6 The two most significant digits of MSEC BCD#0 to BCD#999 7 (4MSB) 1) The least significant digit of MSEC BCD#0 to BCD#9 7 (4LSB) 2) Weekday BCD#1 to BCD#7 BCD#1 = Sunday ... BCD#7 = Saturday 1) MSB: Most significant bit 2) LSB: Least significant bit 3) Fixed point number See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.6.5 LDT (DATE_AND_LTIME) (S7-1500) Format Data type LDT (DATE_AND_LTIME) stores the date and time-of-day information in nanoseconds since 01/01/1970 0:0. WinCC Advanced V14 System Manual, 10/2016 2159 Programming the PLC 11.3 Data types The following table shows the properties of data type LDT: Length (bytes) Format Value range 8 Date and time Min.: LDT#2008-10-25-08:12:34.567 LDT#1970-01-01-00:00:00.0 00000000 (Year-Month-DayHour:Minute:Sec ond.Nanoseconds) Hexadecimal numbers Example of value input Max.: LDT#2262-04-11-23:47:16.8 54775807 16#0 to 16#7FFF_FFFF_FFFF_FFF F 16#7FFF See also Overview of the valid data types (Page 2131) Overview of data type conversion (Page 2198) Implicit conversions (Page 2200) Explicit conversions (Page 2249) Data type conversion for S7-1200 (Page 2332) 11.3.6.6 DTL (S7-1200, S7-1500) Description An operand of data type DTL has a length of 12 bytes and stores date and time information in a predefined structure. The following table shows the properties of data type DTL: Length (bytes) Format Value range Example of value input 12 Date and time Min.: DTL#1970-01-01-00:00:00.0 DTL#2008-12-16-20:30:20 .250 (Year-Month-DayHour:Minute:Sec ond.Nanoseconds) Max.: DTL#2262-04-11-23:47:16.8547 75807 The structure of data type DTL consists of several components each of which can contain a different data type and range of values. The data type of a specified value must match the data type of the corresponding components. The following table shows the structure components of data type DTL and their properties: Byte Component Data type Value range 0 Year UINT 1970 to 2262 1 2160 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Byte Component Data type Value range 2 Month USINT 1 to 12 3 Day USINT 1 to 31 4 Weekday USINT 1(Sunday) to 7(Saturday) The weekday is not considered in the value entry. 5 Hour USINT 0 to 23 6 Minute USINT 0 to 59 7 Second USINT 0 to 59 8 Nanosecond UDINT 0 to 999999999 9 10 11 See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 11.3.7 Character strings 11.3.7.1 CHAR (Character) Description A tag of the CHAR (Character) data type has a length of 8 bits and occupies one BYTE of memory. The CHAR data type stores a single character in ASCII format. You can find information on the encoding of special characters under "See also > STRING". The following table shows the value range of the CHAR data type: Length (bits) Format Value range Example of value inputs 8 ASCII characters ASCII character set 'A', CHAR#'A' See also Overview of the valid data types (Page 2131) STRING (Page 2162) Data type conversion for S7-1200 (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2161 Programming the PLC 11.3 Data types 11.3.7.2 WCHAR (Character) (S7-1200, S7-1500) Description A tag of the data type WCHAR (Wide Characters) has a length of 16 bits and occupies two BYTE of memory. The WCHAR data type saves a single character of an expanded character set which is stored in Unicode format. However, only a subset of the entire Unicode range is covered. When a control character is entered, it is represented with a dollar sign. The following table shows the value range of the WCHAR data type: Length (bits) Format Range of values Example of value input 16 Unicode $0000 - $D7FF WCHAR#'a' See also Overview of the valid data types (Page 2131) 11.3.7.3 STRING Description An operand of the STRING data type saves several characters in a character string that can consist of up to 254 characters. In a character string, all characters of the ASCII code ASCII 7-bit, 8-bit are permitted depending on the code page for the project language set in the TIA Portal. The characters are specified in single quotation marks. The following table shows the properties of a STRING tag: Length (bytes) Format Value range Example of value input n + 2 1) ASCII character string incl. special characters 0 to 254 characters 'Name' STRING#'NAME' STRING#'Na... (The current length of the string is longer than the space available.) STRING#'' (The string is empty.) An operand of the STRING data type occupies two bytes more than the specified maximum length in the memory. 1) A character string can also contain special characters. Characters not contained in the ASCII code are coded using the code page currently set in Windows. The escape character $ is used to identify control characters, dollar signs and single quotation marks. 2162 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The table below shows examples for the notation of special characters: Character Hex Meaning Example $L or $l 0A Line feed '$LText', '$0AText' $N 0A and 0D Line break '$NText', '$0A$0DText' The line break occupies 2 characters in the character string and is conver ted to $R$L in the display in the edi tor. $P or $p 0C Page feed '$PText', '$0CText' $R or $r 0D Carriage return (CR) '$RText','$0DText' $T or $t 09 Tab '$TText', '$09Text' $$ 24 Dollar sign '100$$', '100$24' $' 27 Single quotation mark '$'Text$'','$27Text$27' If the escape character $ is followed by a letter from the table, the character indicated in the table is entered in the string. If the escape character $ is followed by a letter that is not in the table, this letter is entered in the string. If the escape character $ is followed by two hexadecimal digits or only one digit, this code is entered in the string. Note Different code pages Please note that the special characters are coded using the code page currently set in Windows. This means that a string that contains special characters can be displayed differently on a different operating system with a different code page. Use in the watch table The following applies to a CPU of the S7-300/400 series: If a tag of the STRING data type is being monitored, only the first 30 characters will be displayed. If the actual length is greater than 30 characters, an ellipsis (...) is displayed instead of the final apostrophe ('). STRING values with more than 30 characters cannot be used for modifying. Maximum length of a character string The maximum length of the character string can be specified during the declaration of an operand using square brackets after the keyword STRING (for example, STRING[4]). You can also use local or global constants to declare the maximum length (for example, STRING[#loc_const] or STRING["glob_const"]). If the specification of the maximum length is omitted, the standard length of 254 characters is set for the respective operand. You can find additional information about using local or global constants to declare the maximum length here: Declaring the block interface: Declare variables of the STRING and WSTRING data types (Page 4535) Programming data blocks: Declaring tags of the STRING data type (Page 4562) AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 2163 Programming the PLC 11.3 Data types If the actual length of a specified character string is shorter than the declared maximum length, the characters are written to the character string left-justified and the remaining character spaces remain undefined. Only occupied character spaces that define the actual length of the string are considered for the value processing and all displays. Note For S7-300/400 CPUs, please note: If a temporary tag of the STRING data type was defined, you must describe the BYTE "Max. length of string" with the defined length before you use the tags in the user program. Transferring a STRING for parameter supply You can transfer the STRING data type as a parameter. You can find additional information on parameter supply with STRING here: Transferring a tag of the STRING or WSTRING data type (Page 2168) For S7-1200/1500: Valid data types in the block interface (Page 4526) For S7-300/400: Valid data types in the block interface (Page 4525) Example The example below shows the byte sequence if the STRING[4] data type is specified with output value 'AB': %\WH %\WH 0D[OHQJWKRIWKH VWULQJ %\WH $FWXDOOHQJWKRI WKHVWULQJ $% $6&,,YDOXH RI$ %\WH %\WH %\WH $6&,,YDOXH RI% See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) 2164 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.7.4 WSTRING (S7-1200, S7-1500) Description An operand of data type WSTRING (Wide Character String) stores several Unicode characters, as defined by the operating system, of the WCHAR data type in one character string. If you do not specify a length, the character string has a preset length of 254 characters. All UCS2 characters of the Unicode format that are supported by the operating system are permitted In a character string. This means you can also use Chinese characters in a character string. When declaring an operand of data type WSTRING you can define its length using square brackets (for example WSTRING[10]). If you do not specify a length, the length of the WSTRING is set to 254 characters by default. You can declare a length of up to 16382 characters (WSTRING[16382]). The specification of the characters occurs in single quotes and always with the qualifier WSTRING#. The following table shows the properties of a WSTRING tag: Length (WORD) Format Value range Example of value input n+2 Unicode character string; Preset value: 0 to 254 characters WSTRING#'Hello World' n specifies the length of the character string. Max. possible value: 0 to 16382 WSTRING#'Hello Wo... (The current length of the string is longer than the space available.) 1) WSTRING#'' (The string is empty.) An operand of the WSTRING data type occupies two WORDs more in the memory than the specified maximum length. 1) A character string can also contain special characters. The escape character $ is used to identify control characters, dollar signs and single quotation marks. The table below shows examples for the notation of special characters: Character Hex Meaning Example $L or $l 000A Line feed '$LText', '$000AText' $N 000A and 000D Line break '$NText', '$000A $000DText' The line break occupies 2 characters in the character string and is conver ted to $R$L in the display in the edi tor. WinCC Advanced V14 System Manual, 10/2016 $P or $p 000C Page feed '$PText', '$000CText' $R or $r 000D Carriage return (CR) '$RText','$000DText' $T or $t 0009 Tab '$TText', '$0009Text' 2165 Programming the PLC 11.3 Data types Character Hex Meaning Example $$ 0024 Dollar sign '100$$', '100$0024' $' 0027 Single quotation mark '$'Text$'','$0027Text $0027' If the escape character $ is followed by a letter from the table, the character indicated in the table is entered in the string. If the escape character $ is followed by a letter that is not in the table, this letter is entered in the string. If the escape character $ is followed by four hexadecimal digits, this code is entered in the string. Note Conversion of WSTRING tags Implicit conversion of the WSTRING data type is not possible. Explicit conversion of the WSTRING data type to STRING is generally possible. However, as standard, it is only possible to convert characters in the code range from 0 - 127 in all Windows code pages. For all characters outside this range, the code page character and the lower byte of the Unicode character must be in exactly the same position for the conversion to work without errors. Use in the watch table If a tag of the WSTRING data type is being monitored, only the first 254 characters are displayed. If the actual length is greater than 254 characters, an ellipsis (...) is displayed instead of the closing apostrophe ('). WSTRING values with more than 254 characters cannot be used for modifying. Maximum length of a character string The maximum length of the character string can be specified during the declaration of an operand using square brackets after the keyword WSTRING (for example, WSTRING[4]). You can also use local or global constants to declare the maximum length (for example, WSTRING[#loc_const] or WSTRING["glob_const"]). If the specification of the maximum length is omitted, the standard length of 254 characters is set for the respective operand. You can find additional information about using local or global constants to declare the maximum length here: Declaring the block interface: Declare variables of the STRING and WSTRING data types (Page 4535) Programming data blocks: Declaring tags of the STRING data type (Page 4562) AUTOHOTSPOT If the actual length of a specified character string is shorter than the declared maximum length, the characters are written to the character string left-justified and the remaining character spaces remain undefined. Only occupied character spaces are considered in the value processing. 2166 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Transferring a WSTRING for parameter supply Operands of the data type WSTRING can be transferred as parameters up to the maximum length for blocks with "optimized" access. For function blocks (FB) with "standard" access, operands of the data type WSTRING can be declared as parameters in all sections of the block interface except in the section "InOut". For a function (FC) with "standard" access, only operands of the WSTRING data type can be transferred as parameters. The function value of an FC in the "Return" section and expressions in the SCL programming language are another exception to this rule. In these cases, the WSTRING tag must not be longer than 1022 characters. If you need a WSTRING tag with more than 1022 characters, declare a tag of the data type "WSTRING" with the required character length in the section "Temp" and assign the function value to the tag. The declared lengths of formal and actual parameters may be different. You can find additional information on parameter supply with WSTRING here: Transferring a tag of the STRING or WSTRING data type (Page 2168) Valid data types in the block interface (Page 4526) Example The example below shows the byte sequence if the WSTRING[4] data type is specified with output value 'AB': %\WH %\WH 0D[OHQJWKRIWKHVWULQJ %\WH %\WH $FWXDOOHQJWKRIWKHVWULQJ $% %\WH %\WH %\WH 8QLFRGHYDOXHRI$ 8QLFRGHYDOXH See also Overview of the valid data types (Page 2131) WinCC Advanced V14 System Manual, 10/2016 2167 Programming the PLC 11.3 Data types 11.3.7.5 Transferring a tag of the STRING or WSTRING data type Description You can transfer tags of the STRING or WSTRING data type as parameters. The following table shows the rules that apply to the (W)STRING transfer in the various CPU families: CPU family Data type Rules for transfer at the block call S7-300/400 STRING The declared lengths of formal and actual parameters must be identical. S7-1200/150 0 STRING The declared lengths of formal and actual parameters may be different. If the declared length WSTRING of the target parameter during runtime is insufficient to accept the (W)STRING, the (W)STRING is truncated and the enable output ENO is set to FALSE. In the programming editor, a gray rectangle at the parameter indicates that (W)STRING might be truncated during runtime. Exception: When calling STL blocks, the declared lengths of formal and actual parameters must always be identical. The following figure shows a block call in which the lengths of the declared formal and actual parameters differ. Due to the different declared lengths, both "Input_String_20" and "Output_String_10" could be truncated during runtime. 11.3.7.6 Addressing individual characters of a STRING or WSTRING (S7-1200, S7-1500) Addressing individual characters of a STRING or WSTRING Use the syntax StringName[i] to access an individual character of a STRING or WSTRING tag. The counting index "i" begins with "1". Thus, you access the first character of the string with StringName[1]. You cannot access individual characters of a STRING or WSTRING constant. Examples The following examples show the addressing of (W)STRINGs: 2168 Addressing Explanation STRING[3] Addresses the third character of the STRING. WSTRING[3] Addresses the third character of the WSTRING. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Troubleshooting W(STRING) access Access errors result during runtime when you access a character that is located outside the STRING length. On read access to the STRING, you receive the character '$00' or '$0000'; write access to the STRING is not executed. If the instruction has the enable output ENO, ENO is set to the signal state FALSE. The CPU does not change to STOP. The only exception is when the character is written directly after the actual length of the STRING. The following example shows the string 'Hello' with the actual length of 5. The 27th character of the STRING lies outside the actual length and can therefore not be written. The STRING remains unchanged; the result of the assignment is 'hello'. SCL MyDB.mystring := 'hello'; MyDB.mystring[27] := CHAR_TO_BYTE('!'); The following example shows the specified exception: The character is written directly behind the STRING to the 6th character. The result of the assignment is 'hello!'. SCL MyDB.mystring := 'hello'; MyDB.mystring[6] := CHAR_TO_BYTE('!'); Where possible, use instructions from the "Extended instructions > String + Char" pane to handle STRINGs. SCL CONCAT(IN1 := 'hello', IN2 := '!'); See also Character strings (Page 2161) WinCC Advanced V14 System Manual, 10/2016 2169 Programming the PLC 11.3 Data types 11.3.8 PLC data types (UDT) 11.3.8.1 PLC data types (UDT) Description A PLC data type (UDT) is a complex, user-defined data type that is used for the declaration of a tag. It represents a data structure made up of several components of different data types. The components can also be derived from another PLC data type, from an ARRAY or directly using the STRUCT keyword as a structure. The nesting depth is hereby limited to 8 levels. You can change a PLC data type (UDT) centrally and use it repeatedly in the program code. All locations of use are updated automatically. Advantages of the PLC data types: Simple data exchange via block interfaces among several blocks Group data according to the process control Transferring a parameter as a data unit Using a PLC data type You can declare PLC data types as a type when creating data blocks. Based on this type, you can create a number of data blocks, all of which have the same data structure. These data blocks can be adapted by entering different actual values for the corresponding task. For instance, create a PLC data type for a recipe for blending paints. You can then assign this data type to several data blocks, each of which contains different quantity information. '%%/8( 8'75HFLSH 2170 SO '%/,*+7B%/8( 7H P 3/&GDWDW\SH DW H IR U The following figure shows this application: 7H P SOD W H IR U '%3853/( WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types PLC data types can be used for the following applications: PLC data types can be used as data types for tags in the tag declaration of logic blocks or in data blocks. PLC data types can be used as templates for the creation of global data blocks with identical data structures. PLC data types can be used in S7-1200 and S7-1500 as a template for the creation of structured PLC tags. Nesting depth and potential number of PLC data types A maximum of 64K objects of FCs, FBs, DBs and PLC data types are defined (the total number is restricted accordingly for CPUs, however). A maximum of 16K components can be defined per hierarchy level for each structure description (for example, a DB or a PLC data type (UDT)). These components can also be an ARRAY or a STRUCT data type. When a structured component is hereby derived from an explicitly declared PLC data type, there is no restriction. In other words, 16K components of PLC data type (UDT)/SDT are supported for each hierarchy level. However, a maximum of 252 of the 16K components can have "anonymous structures". PLC data types can be nested to a depth of 8 hierarchy levels. This nesting depth is independent of the CPU used. Generating external sources from blocks When generating external sources from blocks, the changes made directly in the block interface to the default values of PLC data types are not exported to the sources. This means that these values are not available when the sources are imported once again. The default values are applied instead. To prevent this loss of data for the modified default values, the changes must be made directly in the PLC data type and not in the block interface. In this case, the changes are also exported when external sources are generated. Disadvantages of anonymous structures The components of the structured tag can be identically addressed. This is regardless of whether the declaration has been made using a PLC data type or an anonymous structure. The following disadvantages apply when using anonymous structures: Reusability of the same structure by copying. This makes it difficult to change the structure Anonymous structures are not compatible with PLC data types (UDT) of the same structure Performance, since the matching types for structural components are checked during runtime The high limit is more easily reached when using anonymous structures, since all components must be evaluated individually. WinCC Advanced V14 System Manual, 10/2016 2171 Programming the PLC 11.3 Data types Example The following example shows the data type definition of the "MyUDT" PLC data type: 2172 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Additional information on the PLC data types Note You can find more information on the PLC data types within the information system here: You can find basic information on the PLC data type here: Basics of PLC data types (UDT) (Page 4620) Creating PLC data types (Page 4624) Structure of the declaration table for PLC data types (Page 4623) Programming the structure of PLC data types (Page 4626) You can find programming recommendations for the PLC data types here: Using PLC data types (UDT) (Page 2104) Using the DB_ANY data type (Page 2093) How can you address tags of the data type PLC data type in the data blocks? Addressing PLC data types (UDT) (Page 2174) How can you declare tags that are based on a PLC data type in the block interface? Declaring tags based on a PLC data type (Page 4536) How can you program tags that are based on a PLC data type in the data block? Declaring tags based on a PLC data type (Page 4563) How can you compare PLC data types in your program? Comparing PLC data types (Page 4860) Comparing PLC tags (Page 4832) CMP ==: Equal (Page 2523) How can you address PLC tags of the data type PLC data type? Creating structured PLC tags (Page 4606) Permissible addresses and data types of PLC tags (Page 4595) How can you program the parameter transfer of PLC data types at a block call? Transferring a tag of the PLC data type (UDT) (Page 2174) WinCC Advanced V14 System Manual, 10/2016 2173 Programming the PLC 11.3 Data types Note You can find more information on the PLC data types in the Siemens Industry Online Support in the following contributions: How can you initialize structures in optimized memory areas at the S7-1500 in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/de/view/78678760 (https:// support.industry.siemens.com/cs/ww/en/view/78678760) How do you create a PLC data type (UDT) at an S7-1500 control system? https://support.industry.siemens.com/cs/ww/de/view/67599090 (https:// support.industry.siemens.com/cs/ww/en/view/67599090) How is the specific application of own PLC data types (UDT) effected in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/de/de/view/67582844 (https:// support.industry.siemens.com/cs/de/en/view/67582844) Why should complete structures be transferred at a block call for S7-1500 instead of many individual components? https://support.industry.siemens.com/cs/ww/de/view/67585079 (https:// support.industry.siemens.com/cs/ww/en/view/67585079) 11.3.8.2 Transferring a tag of the PLC data type (UDT) Description You can also transfer tags that are declared as PLC data type (UDT) as actual parameters. If the formal parameter is declared as a PLC data type (UDT) in the tag declaration, you must transfer a tag that has the same PLC data type (UDT) as an actual parameter. An element of a tag declared using the PLC data type (UDT) can also be transferred as an actual parameter for the block call, provided the data type of the element of the tag matches the data type of the formal parameter. 11.3.8.3 Addressing PLC data types (UDT) Addressing data elements of an PLC data type The following syntax is used to access elements of a PLC data type: <PLCDataTypeName>.<ElementName> 2174 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Examples The following examples show the addressing of structured data type tags: Addressing Description Values.Temperature Addressing of the "Temperature" element in the "Values" tag, which is based on a PLC data type. See also Basics of PLC data types (UDT) (Page 4620) 11.3.9 Anonymous structures 11.3.9.1 STRUCT Description The STRUCT data type represents a data structure that consists of a fixed number of components of different data types. Components of STRUCT or ARRAY data type can also be nested in a structure. Structures can be used to group data according to the process control system and to transfer parameters as one data unit. Nesting depth and potential number of structures A maximum of 64K objects of FCs, FBs, DBs and PLC data types are defined (the total number is restricted accordingly for CPUs, however). A maximum of 16K components can be defined per hierarchy level for each structure description (for example, a DB or a PLC data type (UDT)). These components can also be an ARRAY or a STRUCT data type. When a structured component is hereby derived from an explicitly declared PLC data type, there is no restriction. In other words, 16K components of PLC data type (UDT)/SDT are supported for each hierarchy level. However, a maximum of 252 of the 16K components can have "anonymous structures". Structures (STRUCT) can be nested to a depth of 8 hierarchy levels. This nesting depth is independent of the CPU used. Transferring a STRUCT for parameter supply You can transfer the STRUCT data type as a parameter. You can find additional information on parameter supply with STRUCT here: Transferring tags of the STRUCT data type (Page 2176) WinCC Advanced V14 System Manual, 10/2016 2175 Programming the PLC 11.3 Data types Disadvantages of anonymous structures The components of the structured tag can be identically addressed. This is regardless of whether the declaration has been made using a PLC data type or an anonymous structure. The following disadvantages apply when using anonymous structures: Reusability of the same structure by copying. This makes it difficult to change the structure Anonymous structures are not compatible with PLC data types (UDT) of the same structure Performance, since the matching types for structural components are checked during runtime The high limit is more easily reached when using anonymous structures, since all components must be evaluated individually. Example Structured tags are usually derived from a PLC data type (UDT). However, they can also be declared directly. Declaration of a structured tag with or without PLC data type (UDT): Structured tag with PLC data type (UDT) Structured tag without PLC data type (UDT) Structure declarations that are used directly on the tags are called anonymous structures. See also Overview of the valid data types (Page 2131) 11.3.9.2 Transferring tags of the STRUCT data type Description You can transfer structures as parameters. If a block has an input parameter of the STRUCT data type, you must transfer a STRUCT with identical structure as the actual parameter. This means that the names and data types of all structure components have to be identical. 2176 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types You can also transfer individual elements of an STRUCT as actual parameter if the element corresponds to the data type of the formal parameter. Note We recommend that you program structures as PLC data types (UDT). PLC data types (UDT) make programming easier, since they can be used repeatedly and changed centrally. 11.3.9.3 Addressing STRUCT Addressing data elements in structures You access individual elements in a structure using the following syntax: <StructureName>.<ElementName> Example The following examples show the addressing of structured data type tags: Addressing Explanation Batch_1.Temperature Addressing of the element "Temperature" in the structure "Batch_1" See also Anonymous structures (Page 2175) 11.3.10 ARRAY 11.3.10.1 ARRAY Description A tag of the ARRAY data type represents a data structure that consists of a fixed number of elements of the same data type. The array components are addressed by means of an index. The index limits are defined in square brackets during the declaration of the field after the keyword ARRAY. The low limit must be smaller than or equal to the high limit. An array may contain up to six dimensions, the limits of which can be specified separated by a comma. You can find an example of a multi-dimensional ARRAY here: Example of a multi-dimensional ARRAY (Page 2184) WinCC Advanced V14 System Manual, 10/2016 2177 Programming the PLC 11.3 Data types The following table shows the property of the ARRAY data type: Block property Format Standard ARRAY[low limit...high lim [-32768..32767] of <data it] of <data type> type> Optimized ARRAY limits [-2147483648..2147483 647] of <data type> Data type Binary numbers, inte gers, floating-point num bers, timers, date and time, character strings, STRUCT, PLC data types, system data types, hardware data types Note Applies to CPUs of the S7-1500 series For a block with the "Optimized block access" block property, an element of the BOOL data type requires 1 byte of memory. This is also true when you use an ARRAY of <data type>. An ARRAY[0..1] of BOOL, for example, thus requires 2 bytes in an optimized program block. Addressing ARRAY elements The ARRAY elements are addressed using an index. You can address the elements anywhere within the ARRAY limits. The ARRAY elements can also be addressed indirectly. You can find additional information about indirect addressing here: AUTOHOTSPOT Using constants as ARRAY limits You can use local or global constants as ARRAY limits. You can find additional information here: AUTOHOTSPOT Explanation ARRAY[1.."n"] of <data type> Fixed ARRAY limits consisting of a number and a global user constant One-dimensional ARRAY ARRAY[1.."n", 2..5, #1..#u] of <data type> Fixed ARRAY limits consisting of numbers and global and local user constants Three-dimensional ARRAY ARRAY of multiple instances (only in blocks with optimized access) Multi-instances can also be created as an ARRAY. You can address the individual ARRAY elements using a variable index, e.g. when processing program loops. You can find additional information here: AUTOHOTSPOT Declaring multi-instances (Page 4537) 2178 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Maximum ARRAY limits The maximum ARRAY limits depend on the following factors: Data type of the ARRAY elements Memory reserve (only in blocks with optimized access) You can find additional information under: AUTOHOTSPOT. Maximum size of the data block Maximum memory capacity of the CPU (you can find more information in the manual for the device) Tag ARRAY limits (only in blocks with optimized access) Note Availability of ARRAY[*] ARRAY[*] is available in optimized blocks for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. You can use an ARRAY[*] to program blocks that can process an ARRAY with a length that was unknown when it was created. To do this, you declare variable ARRAY limits for the parameters of a function or function block. ARRAY[*] is available in all programming languages. You can use the following syntax: Explanation ARRAY [*] of <data type> Variable ARRAY limits One-dimensional ARRAY ARRAY[*,*,*] of <data type> Variable ARRAY limits Three-dimensional ARRAY You can find additional information on the use of ARRAY[*] here: Transferring tags of the ARRAY data type[*] (Page 2180) Valid data types in the block interface (Page 4526) In the block interface: Declaring tags of the ARRAY data type (Page 4560) Using the "LOWER_BOUND" and "UPPER_BOUND" instructions, you can read the low and high limits of an ARRAY with variable limits. Example The following example shows how operands of ARRAY data type can be declared: Name WinCC Advanced V14 System Manual, 10/2016 Declaration Comment Measured value ARRAY[1..20] of REAL One-dimensional array with 20 elements Time-of-day ARRAY[-5..5] of LINT One-dimensional array with 11 elements Character ARRAY[1..2, 3..4] of CHAR Two-dimensional array with 4 elements 2179 Programming the PLC 11.3 Data types See also Overview of the valid data types (Page 2131) Indirect addressing of ARRAY elements (Page 2069) 11.3.10.2 Transferring tags of the ARRAY data type Description You can transfer tags of the ARRAY data type as parameters. If a block has an input parameter of ARRAY data type, you must pass an ARRAY with identical structure as the actual parameter. This means that the data type, the number of dimensions and the number of field components must be identical. You can also transfer individual elements of an ARRAY as actual parameter if the element corresponds to the data type of the formal parameter. 11.3.10.3 Transferring tags of the ARRAY data type[*] Description You can use ARRAY[*] to declare ARRAYs with variable limits at the parameters of a function or function block. You need not know the actual length of the ARRAY that will be transferred later during runtime when you declare the block call. The following figure shows two calls of a block with an input parameter of the ARRAY[*] data type. ARRAYs of different length are transferred with each call. 2180 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following rules apply when transferring ARRAYs with variable limits: The assignment of ARRAY[*] to ARRAY[*] is permitted if the number of dimensions and the data type match. However, you cannot transfer individual ARRAY elements in this process. Example: SCL CALL CalleeWithDynamicArray ( dynArray := #dynArray ); The assignment of an ARRAY with fixed limits to an ARRAY[*] is permitted if the number of dimensions and the data type match. Here, you can also assign individual ARRAY components. WinCC Advanced V14 System Manual, 10/2016 2181 Programming the PLC 11.3 Data types Examples SCL CALL CalleeWithDynamicArray ( dynArray := #statArray ); SCL CALL CalleeWithDynamicArray ( dynArray := #statArray[#Index] ); The assignment of ARRAY[*] to VARIANT is permitted. Example: SCL CALL CalleeWithVariant ( myVariant := #dynArray ); The assignment of ARRAY[*] to ARRAYs with fixed limits is not permitted. Note Block parameters of the ARRAY [*] type must be supplied with an actual parameter. 11.3.10.4 Addressing ARRAYs Addressing data elements of an ARRAY You access an element in an ARRAY using the following syntax: <ArrayName>[i,j,k...] The index of the element is specified in square brackets. The index includes an integer value (-2147483648 ... 2147483647) for each ARRAY dimension. See also: ARRAY (Page 2177) AUTOHOTSPOT Examples The following examples show the addressing of structured data type tags: 2182 Addressing Description Motor.Value_1x3[2] Addressing of the one-dimensional array "Value_1x3" in the "Motor" DB. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Addressing Description Motor.Value_2x4[2,4] Addressing of the two-dimensional array "Value_2x4" in the "Motor" DB. Motor.Value_4x7[2,4,1,3] Addressing of the four-dimensional array "Value_4x7" in the "Motor" DB. Troubleshooting ARRAY access Access errors result when you access an element during runtime which is located outside the declared ARRAY limits. The various CPU families react differently to violations of the ARRAY limits: S7-300/400 - The CPU changes to "STOP" mode. - You can program the program execution error OB (OB 85) to prevent this. - In SCL, you also have the option of enabling the attribute "Check ARRAY limits" in the block properties. This causes the enable output ENO to be set to FALSE in the case of ARRAY access errors. S7-1200 - The CPU generates a diagnostic buffer entry and remains in "RUN" mode. S7-1500 - The CPU changes to "STOP" mode. - You can program the programming error OB (OB 121) to prevent this. - You also have the option of programming the local error handling with the instructions "GET_ERROR: Get error locally" or "GET_ERROR_ID: Get error ID locally". Note Monitoring ARRAY access errors with ENO The enable output ENO is not set to the signal state FALSE if the ARRAY limits are violated during execution of an instruction. The only exception is SCL blocks on CPUs of the S7-300/400 series for which the block property "Check ARRAY limits" is set. WinCC Advanced V14 System Manual, 10/2016 2183 Programming the PLC 11.3 Data types 11.3.10.5 Example of a one-dimensional ARRAY Description The following table shows the declaration of a one-dimensional tag of the ARRAY data type: Name Data type Comment Station ARRAY[1..3] of INT One-dimensional tag of the ARRAY data type with 3 elements The following figure shows the structure of the declared tag of the ARRAY data type: 6WDWLRQ $55$<>@RI,17 6WDWLRQ>@ 6WDWLRQ>@ 6WDWLRQ>@ Access to an element You access the values of the individual elements using an index just like for ARRAYs, for example, "Station[2]" := 42. 11.3.10.6 Example of a multi-dimensional ARRAY Description Tags of the ARRAY data type can contain up to 6 dimensions. The same rules apply as for one-dimensional arrays. The dimension areas are written in the declaration in square brackets, each separated by a comma. In multidimensional arrays, the elements are stored starting with the first dimension. The following table shows the declaration of a two-dimensional tag of the ARRAY data type: Name Data type Value Betr_Temp ARRAY[1..2, 1..3] of INT 1,1,4(0) Comment Two-dimensional tag of the ARRAY data type with 6 elements The first two elements are assigned the value "1". The remaining four ele ments are assigned the value "0". The following figure shows the structure of the declared tag of the ARRAY data type: 2184 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 6WDWLRQ>@ 6WDWLRQ>@ 6WDWLRQ>@ 6WDWLRQ $55$<>@RI,17 6WDWLRQ>@ 6WDWLRQ>@ 6WDWLRQ>@ Access to elements You access the values of the individual elements using an index. You can use a constant or a tag for the index. The index of the first element is, for example, [1,1] and the index of the fourth element is [2,1]. "Station[2,1]" must be specified in the program, for example, in order to access the value of the fourth element. 11.3.11 Pointer 11.3.11.1 POINTER (S7-300, S7-400, S7-1500) Description A parameter of the type POINTER is a pointer that can point to a specific tag. It occupies 6 bytes (48 bits) in memory and may contain the following tag information: DB number, or 0 if the data is not stored in a DB Memory area in the CPU Tag address The following figure shows the structure of parameter type POINTER: 3RLQWHUIRUPDW %LW %LW %\WH 0HPRU\DUHD E E E E E E E E E E E %\WH E E E E E [ [ [ %\WH E %\WHDGGUHVVRIWKHWDJ WinCC Advanced V14 System Manual, 10/2016 %\WH '%QXPEHU RU %\WH %\WH [ %LWDGGUHVVRI WKHWDJ 2185 Programming the PLC 11.3 Data types Types of pointer Depending on the information, you can use parameter type POINTER to declare the following four types of pointer: Area-internal pointer: An area-internal pointer contains information on the address of a tag. Cross-area pointer: A cross-area pointer contains information on the memory area and the address of a tag. DB pointer: You can use a DB pointer to point to a data block tag. A DB pointer also contains a data block number in addition to the memory area and the address of a tag. Zero pointer: Use the zero pointer to indicate a missing value. A missing value may indicate that no value exists, or that the value is not yet known. A zero value represents the absence of a value, but is also a value. The following table shows the formats for the declaration of various pointer types: P#ByteRepresentation Format Example of value in put Description Symbolic P#Byte.Bit "MyTag" Area-internal pointer P#OperandAreaByte.Bit "MyTag" Cross-area pointer P#Data_block.Data_oper and "MyDB"."MyTag" DB pointer P#Zero value - Zero pointer P#Byte.Bit P#20.0 Area-internal pointer P#OperandAreaByte.Bit P#M20.0 Cross-area pointer P#Data_block.Data_oper and P#DB10.DBX20.0 DB pointer P#Zero value P#0.0, ZERO Zero pointer Absolute The prefix P# Enter the actual value without prefix P# in the block call to supply a formal parameter of the POINTER data type. The entry is then automatically converted to the POINTER format. If you use the prefix P#, you can only point to memory areas with "Standard" access mode. You can find additional information and a direct comparison of the two access options here: AUTOHOTSPOT The new S7-1500 CPU functions and programming recommendations at a glance (Page 2055) 2186 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types The following should be noted when using the prefix P# in the STL programming language: Block type "Optimized" access mode "Standard" access mode Function (FC) A tag cannot be used in the pro gram code with the prefix P#. The following tags can be used in the pro gram code with the prefix P#. Structured tags that are declared in the InOut section of the block interface. Tags with elementary data types cannot be used with the prefix P#. Function block (FB) A tag cannot be used in the pro gram code with the prefix P#. The following tags can be used in the pro gram code with the prefix P#. Tags that have been declared in the sections Static, Input and Output of the block interface. Tags with the PLC data type (UDT) that are declared in the InOut section of the block interface. You can find additional information about structured and elementary data types here: AUTOHOTSPOT Memory areas The following table shows the hexadecimal codes of the memory areas for parameter type POINTER: Hexadecimal code Memory area Description B#16#80 P Peripherals on a CPU S7-300/400 16#1 P Peripheral inputs on a CPU S7-1500 16#2 P Peripheral outputs on a CPU S7-1500 B#16#81 I Memory area of inputs B#16#82 Q Memory area of outputs B#16#83 M Memory area of bit memory B#16#84 DBX Data block B#16#85 DIX Instance data block B#16#86 L Local data B#16#87 V Previous local data 1) 1) These data types can only be used for the POINTER pointer on a CPU S7-300/400. See also Overview of the valid data types (Page 2131) WinCC Advanced V14 System Manual, 10/2016 2187 Programming the PLC 11.3 Data types 11.3.11.2 ANY (S7-300, S7-400, S7-1500) Description An ANY type parameter points to the start of a data area and specifies its length. An ANY pointer occupies 10 bytes of memory and may contain the following information: Data type: Data type of the elements of the data area Repetition factor: Number of elements of the data area DB number: Data block that contains the declaration of data area elements. Memory area: Memory area of the CPU that stores the data area elements. Start address of the data in the format "byte.bit": Data area start identified by the ANY pointer. Zero pointer: Use the zero pointer to indicate a missing value. A missing value may indicate that no value exists, or that the value is not yet known. A zero value represents the absence of a value, but is also a value. Note Access options For a CPU of the S7-1500 series, the ANY pointer can also only point to memory areas with "Standard" access mode. You can find additional information and a direct comparison of the two access options here: AUTOHOTSPOT The new S7-1500 CPU functions and programming recommendations at a glance (Page 2055) In the programming languages SCL and STL, memory of any kind can be transferred upon a block call if an ANY pointer has been programmed at a block parameter. The ANY pointer cannot, however, store any information on the structure of the memory. For example, the ANY pointer does not save the information that it points to a tag of the PLC data type. The ANY pointer sees this as an ARRAY of BYTE. Parameters of the ANY data type can be passed to system function blocks (SFBs) or system functions (SFCs). The following figure shows the structure of the ANY pointer: 2188 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types %LW %LW %\WH KIRU6 %\WH 'DWDW\SH %\WH %\WH 5HSHWLWLRQIDFWRU %\WH %\WH '%QXPEHU RU %\WH 0HPRU\DUHD E %\WH E E E E E E E E E E %\WH E E E E E [ [ [ %\WH E %\WHDGGUHVVRIWKHWDJ [ %LWDGGUHVVRI WKHWDJ An ANY pointer cannot identify structures. It can only be assigned to local tags. The following table shows the formats for the declaration of an ANY pointer: Representation Format Example of value input Description Symbolic P#DataBlock.Memo ryArea DataAddress Type Number "MyDB".StructTag.Ini tialComponents Area with 10 words in global DB11 starting with DBB20.0 P#MemoryArea Data Address Type Number "MyMarkerTag" Area with 4 bytes start ing with MB 20.0 "MyTag" Input I1.0 P#Zero value - Zero value P#DataBlock.Memo ryArea DataAddress Type Number P#DB11.DBX20.0 INT 10 Area with 10 words in global DB11 starting with DBB20.0 P#MemoryArea Data Address Type Number P#M20.0 BYTE 10 Area with 10 bytes start ing with MB 20.0 P#I1.0 BOOL 8 Range with 8 bits from input I1.0 (the range length specified must be divisible by 8.) Absolute P#Zero value 1) P#P0.0 VOID 0, NULL 1) Zero value In the programming languages LAD and FBD, only NULL is a value entry for the zero value. Coding of data types The following table lists the coding of data types for the ANY pointer: Hexadecimal code Data type Description B#16#00 NIL Null pointer B#16#01 WinCC Advanced V14 System Manual, 10/2016 BOOL Bits B#16#02 BYTE bytes, 8 bits B#16#03 CHAR 8-bit characters B#16#04 WORD 16-bit words B#16#05 INT 16-bit integers B#16#06 DWORD 32-bit words 1) 2189 Programming the PLC 11.3 Data types Hexadecimal code Data type Description B#16#07 DINT 32-bit integers B#16#08 REAL 32-bit floating-point numbers B#16#0B TIME Time duration B#16#0C S5TIME Time duration B#16#09 DATE Date B#16#0A TOD Date and time B#16#0E DT Date and time B#16#13 STRING Character string B#16#171) BLOCK_FB Function block B#16#181) BLOCK_FC Function B#16#191) BLOCK_DB Data block B#16#1A BLOCK_SDB System data block B#16#1C1) COUNTER Counter B#16#1D TIMER Timer 1) 1) 1) These data types can only be used for the ANY pointer on a CPU S7-300/400. Coding of the memory area The following table lists the coding of the memory areas for the ANY pointer: Hexadecimal code Area Description B#16#801) P I/O B#16#81 I Memory area of inputs B#16#82 Q Memory area of outputs B#16#83 M Memory area of bit memory B#16#84 DBX Data block B#16#851) DIX Instance data block B#16#86 L Local data B#16#87 V Previous local data 1) These memory areas can only be used for the ANY pointer on an S7-300/400 CPU. See also Overview of the valid data types (Page 2131) 2190 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.11.3 VARIANT (S7-1200, S7-1500) Description A parameter of the VARIANT type is a pointer that can point to tags of different data types other than an instance. The VARIANT pointer can be an object of an elementary data type, such as INT or REAL. It can also be a STRING, DTL, ARRAY of STRUCT, UDT, or ARRAY of UDT. The VARIANT pointer can recognize structures and point to individual structure components. An operand of data type VARIANT occupies no space in the instance data block or work memory. However, it will occupy memory space on the CPU. A tag of the VARIANT type is not an object but rather a reference to another object. Individual elements of the VARIANT type can only be declared on formal parameters within the block interface of a function in the VAR_IN, VAR_IN_OUT and VAR_TEMP sections. For this reason, it cannot be declared in a data block or in the static section of the block interface of a function block, for example, because its size is unknown. The size of the referenced objects can change. You can use VARIANT to generate generic function blocks or functions. When a block is called, you can connect the parameters of the block to tags of any data type. When a block is called, the type information of the tag is transferred in addition to a pointer to the tag. The code of the block can then be executed according to its type in line with the tag transferred during runtime. If, for example, a block parameter of a function has the VARIANT data type, then a tag of the integer data type can be transferred at one point in the program, and a tag of the PLC data type can be transferred at another point in the program. With the help of the VARIANT instructions, the function is then in a position to react to the situation without errors. Note You can only point to a complete data block if it was originally derived from a user-defined data type (UDT). Note Address I/O Direct reading or writing of a signal from an I/O input or output is only possible on a CPU of an S7-1500 module. (<Operand>: P) The following table shows the properties of the VARIANT pointer: Length (bytes) Repre sentation Format Example of value input 0 Symbolic Operand "TagResult" NameDataBlock.NameOper and.Component "Data_TIA_Portal".StructVariable.First Component Operand %MW10 DataBlockNumber.Operand Type Length P#DB10.DBX10.0 INT 12 1) Absolute (valid only for blocks with standard ac cess) P#Zero value1) P#0.0 VOID 0, ZERO 1) If you use the prefix P#, you can only point to memory areas with "standard" access mode. 1) WinCC Advanced V14 System Manual, 10/2016 2191 Programming the PLC 11.3 Data types Coding of data types If you use absolute addressing with P#, the following data types are permitted: Hexadecimal code Data type Description B#16#00 NIL Null pointer B#16#01 BOOL Bits B#16#02 BYTE bytes, 8 bits B#16#03 CHAR 8-bit characters B#16#04 WORD 16-bit words B#16#05 INT 16-bit integers B#16#06 DWORD 32-bit words B#16#07 DINT 32-bit integers B#16#08 REAL 32-bit floating-point numbers B#16#0B TIME Time duration B#16#0C S5TIME Time duration B#16#09 DATE Date B#16#0A TOD Date and time B#16#0E DT Date and time B#16#13 STRING Character string B#16#17 BLOCK_FB Function block B#16#18 BLOCK_FC Function B#16#19 BLOCK_DB Data block B#16#1A BLOCK_SDB System data block B#16#1C COUNTER Counter B#16#1D TIMER Timer Example The following example shows how VARIANT works using the "MOVE: Move value" instruction of STL: STL Explanation CALL MOVE // The instruction is called. value_type := VARIANT // Data type of the parameters IN and OUT IN := "Data_TIA_Portal".StructVariable.FirstCompo- // The contents of the "FirstComponent" operand nent are moved from the "Data_TIA_Portal" DB. OUT := "MotorDB".StructResult.TagResult // And transferred to the "TagResult" operand from the "MotorDB" DB. See also Overview of the valid data types (Page 2131) VARIANT instructions (Page 2081) 2192 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Data type conversion for S7-1200 (Page 2332) Using the VARIANT data type (Page 2078) 11.3.12 Parameter types 11.3.12.1 Parameter types Description The parameter types are data types for formal parameters that are transferred to called blocks. A parameter type can also be a PLC data type. The following table shows the available parameter data types and their purpose: Parameter type Length (bits) Description TIMER 16 Is used to specify a timer that is used in the called code block. If you supply a formal parameter of the TIMER parameter type, the associated actual parameter must be a timer. Example: T1 COUNTER 16 Is used to specify a counter that is used in the called code block. If you supply a formal parameter of the COUNTER parameter type, the associated actual parameter must be a counter. BLOCK_FC 16 BLOCK_FB 16 BLOCK_DB 16 BLOCK_SDB 16 BLOCK_SFB 16 BLOCK_SFC 16 BLOCK_OB 16 VOID - The VOID parameter type does not save any values. This pa rameter type is used if the return values of an output are not required. The VOID parameter type can be specified at the STATUS output, for example, if no error information is required. PARAMETER - The PARAMETER data type enables the symbol of a local tag of the program block containing instructions "GetSymbolName: Read out name of a tag at input parameter" and "GetSymbol Path: Query composite global name of the input parameter as signment" to be used with the corresponding input of these in structions. Example: C10 Is used to specify a block that is used as input in the called code block. The declaration of the parameter determines the block type (for example FB, FC, DB) that is to be used. If you supply a formal parameter of the BLOCK parameter type, specify a block address as the actual parameter. Example: DB3 See also Overview of the valid data types (Page 2131) WinCC Advanced V14 System Manual, 10/2016 2193 Programming the PLC 11.3 Data types 11.3.13 System data types 11.3.13.1 System data types Description The system data types (SDT) are made available by the system and have a predefined structure. The structure of a system data type consists of a fixed number of components that can have various data types. It is not possible to change the structure of a system data type. The system data types can only be used for specific instructions. The following table shows the available system data types and their purpose: System data type Length (bytes) Description IEC_TIMER 16 Structure of a timer whose timer values are of TIME data type. This data type is used for the "TP", "TOF", "TON", "TONR", "RT" and "PT" instructions, for example. IEC_LTIMER 32 Structure of a timer whose timer values are of LTIME data type. This data type is used for the "TP", "TOF", "TON", "TONR", "RT" and "PT" instructions, for example. IEC_SCOUNTER 3 Structure of a counter whose count values are of SINT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_USCOUNTER 3 Structure of a counter whose count values are of USINT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_COUNTER 6 Structure of a counter whose count values are of INT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_UCOUNTER 6 Structure of a counter whose count values are of UINT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_DCOUNTER 12 Structure of a counter whose count values are of DINT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_UDCOUNTER 12 Structure of a counter whose count values are of UDINT data type. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. IEC_LCOUNTER 24 Structure of a counter with count values of data type UDINT. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. 2194 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types System data type Length (bytes) Description IEC_ULCOUNTER 24 Structure of a counter with count values of data type UINT. This data type is used for the "CTU", "CTD" and "CTUD" in structions, for example. ERROR_STRUCT 28 Structure of an error information to a programming or I/O access error. This data type is used, for example, for the "GET_ERROR" instruction. CREF 8 Components of the ERROR_STRUCT data type, in which information about the address of a block is saved. NREF 8 Components of the ERROR_STRUCT data type, in which information about the address of an operand is saved. VREF 12 Is used for storage of a VARIANT pointer. This data type is, for example, used for instructions from S7-1200 Motion Control. SSL_HEADER 4 Specifies the data structure in which information about the data records are saved during the reading of the system sta tus lists. This data type is used, for example, for the "RDSYSST" instruction. CONDITIONS 52 User-defined data structure defining the conditions for start and end of a data reception. This data type is used, for example, for the "RCV_CFG" in struction. TADDR_Param 8 Specifies the structure of a data block which stores descrip tions of connections for Open User Communication via UDP. This data type is used for the "TUSEND" and "TURSV" in structions, for example. TCON_Param 64 Specifies the structure of a data block which stores descrip tions of connections for Open User Communication via In dustrial Ethernet (PROFINET). This data type is used for the "TSEND" and "TRSV" instruc tions, for example. HSC_Period 12 Specifies the structure of the data block for the time period measurement with the extended high-speed counter. This data type is used, for example, for the "CTRL_HSC_EXT" instruction. See also Overview of the valid data types (Page 2131) WinCC Advanced V14 System Manual, 10/2016 2195 Programming the PLC 11.3 Data types 11.3.14 Hardware data types 11.3.14.1 Hardware data types Description The hardware data types are made available by the CPU. The number of available hardware data types depends on the CPU. Constants of a specific hardware data type are stored based on the modules set in the hardware configuration. When an instruction for controlling or activating a configured module is inserted in the user program, the available constants can be used for the parameters. The following table shows the available hardware data types and their purpose: Data type Basic data type Description REMOTE ANY Serves to specify the address of a remote CPU. This data type is used, for example, for the "PUT" and "GET" instructions. HW_ANY UINT Identification of any hardware component, e.g. a mod ule. HW_DEVICE HW_ANY Identification of a DP slave/PROFINET IO device HW_DPMASTER HW_INTERFACE Identification of a DP master HW_DPSLAVE HW_DEVICE Identification of a DP slave HW_IO HW_ANY Identification number of the CPU or the interface The number is automatically allocated and is stored in the properties of the CPU or of the interface in the hardware configuration. HW_IOSYSTEM HW_ANY Identification of a PN/IO system or DP master system HW_SUBMODULE HW_IO Identification of a central hardware component HW_MODULE HW_IO Identification of a module HW_INTERFACE HW_SUBMODULE Identification of an interface component HW_IEPORT HW_SUBMODULE Identification of a port (PN/IO) HW_HSC HW_SUBMODULE Identification of a high-speed counter This data type is used, for example, for the "CTRL_HSC" and "CTRL_HSC_EXT" instructions. HW_PWM HW_SUBMODULE Identification of a pulse width modulation This data type is used, for example, for the "CTRL_PWM" instruction. HW_PTO HW_SUBMODULE Identification of a pulse encoder EVENT_ANY AOM_IDENT Used to identify any event EVENT_ATT EVENT_ANY Is used to specify an event that can be assigned dy namically to an OB This data type is used for Motion Control. This data type is used, for example, for the "ATTACH" and "DETACH" instructions. EVENT_HWINT 2196 EVENT_ATT Is used to specify a hardware interrupt event WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Data type Basic data type Description OB_ANY INT Serves to specify any organization block. OB_DELAY OB_ANY Used to specify an organization block that is called when a time-delay interrupt occurs. This data type is used, for example, for the "SRT_DINT" and "CAN_DINT" instructions. OB_TOD OB_ANY Specifies the number of a time-of-day interrupt OB. This data type is used, for example, for the "SET_TINT", "CAN_TINT", "ACT_TINT" and "QRY_TINT" instructions. OB_CYCLIC OB_ANY Is used to specify an organization block that is called when a watchdog interrupt occurs. OB_ATT OB_ANY Is used to specify an organization block that can be assigned dynamically to an event. This data type is used, for example, for the "ATTACH" and "DETACH" instructions. OB_PCYCLE OB_ANY Is used to specify an organization block that can be assigned to an event of the "Cyclic program" event class. OB_HWINT OB_ATT Is used to specify an organization block that is called when a hardware interrupt occurs. OB_DIAG OB_ANY Is used to specify an organization block that is called when a diagnostic interrupt occurs. OB_TIMEERROR OB_ANY Is used to specify an organization block that is called when a time error occurs. OB_STARTUP OB_ANY Is used to specify an organization block that is called when a startup event occurs. PORT HW_SUBMODULE Serves to specify a communication port. This data type is used for point-to-point communica tion. RTM UINT Serves to specify the number of an operating hours counter. This data type is used, for example, for the "RTM" instruction. PIP UINT Is used to create and connect a "Synchronous Cycle" OB. This data type is used for the SFCs 26, 27, 126 and 127. CONN_ANY WORD Serves to specify any connection. CONN_PRG CONN_ANY Serves to specify a connection for open communica tion over UDP. CONN_OUC CONN_ANY Used to specify a connection for open communication over Industrial Ethernet (PROFINET). CONN_R_ID DWORD Data type for the R_ID parameter on the S7 commu nication blocks. DB_ANY UINT Identification (name or number) of a DB The data type "DB_ANY" has the length 0 in the sec tion "Temp". WinCC Advanced V14 System Manual, 10/2016 2197 Programming the PLC 11.3 Data types Data type Basic data type Description DB_WWW DB_ANY Number of a DB generated via the Web application (for example, "WWW" instruction) The data type "DB_WWW" has the length 0 in the section "Temp". DB_DYN DB_ANY Number of a DB generated by the user program See also Overview of the valid data types (Page 2131) 11.3.15 Data type conversion for S7-1500: (S7-1500) 11.3.15.1 Overview of data type conversion (S7-1500) Introduction If you combine several operands in an instruction, you must make sure that the data types are compatible. This also applies when you assign or supply block parameters. If the operands are not of the same data type, a conversion has to be carried out. There are two options for conversion: Implicit conversion Implicit conversion is supported by the programming languages LAD, FBD, SCL and GRAPH. Implicit conversion is not possible in the STL programming language. Explicit conversion You use an explicit conversion instruction before the actual instruction is executed. Note Converting bit strings to SCL All bit strings (BYTE, WORD, DWORD and LWORD) are handled like the corresponding unsigned integers (USINT, UINT, UDINT and ULINT) in expressions. Therefore, implicit conversion from DWORD to REAL is carried out like a conversion from UDINT to REAL, for example. 2198 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion Implicit conversion is executed automatically if the data types of the operands are compatible. This compatibility test can be carried out according to strict or less strict criteria: With IEC check (default setting) If IEC check is set, the following rules are applied: - Implicit conversion of BOOL into other data types is not possible. - Only the data types REAL, BYTE, WORD, DWORD, DINT, INT, SINT, UDINT, UINT, USINT, TIME, LDT, DTL, DT, TOD, WCHAR and CHAR can be converted implicitly. - The bit length of the source data type may not exceed the bit length of the target data type. A WORD data type operand, for example, cannot be specified at a parameter at which the BYTE data type is expected. Without IEC check If IEC check is not set, the following rules are applied: - Implicit conversion of BOOL into other data types is not possible. - Only the data types REAL, LREAL, BYTE, WORD, DWORD, LWORD, SINT, INT, DINT, LINT, USINT, UINT, UDINT, ULINT, TIME, LTIME, S5TIME, LDT, DTL, TOD, LTOD, DATE, STRING, WSTRING, WCHAR and CHAR can be converted implicitly. - The bit length of the source data type may not exceed the bit length of the target data type. A DWORD data type operand, for example, cannot be specified at a parameter at which the WORD data type is expected. - The bit length of an operand entered at in-out parameters (InOut) must be the same as the programmed bit length for the parameter in question. Note Implicit conversion without IEC check The programming editor uses a gray rectangle to mark operands that are implicitly converted. The dark gray rectangle signals that an implicit conversion is possible without any accuracy loss, for example, if you convert the data type INT to DINT. A light gray rectangle signals that implicit conversion is possible, but errors could occur during runtime. If, for example, you are converting the data type LINT to DINT and an overflow occurs, the enable output ENO is set to "0". For more information about the setting of the IEC check and the implicit conversion, refer to "See also". Explicit conversion If the operands are not compatible and implicit conversion is therefore not possible, you can perform an explicit conversion. You can do this by using the conversion instructions in the "Instructions" Task Card or you can insert the conversion into the program manually. You can find the format for explicit conversion functions under "See also". WinCC Advanced V14 System Manual, 10/2016 2199 Programming the PLC 11.3 Data types Any overflow will be displayed on the ENO enable output. An overflow occurs, for example, if the value of the source data type is greater than the value of the target data type. Note Shifting of bit patterns If the explicit conversion involves shifting a bit pattern, the enable output ENO is not set. You can find additional information on explicit conversion under "See also". The following figure shows an example in which explicit data type conversion must be carried out: %ORFNB'DWD &219(57 ',17WR,17 ,1B',17 (1 (12 ,1 287 %ORFN (1 287B,17 287B,17 (12 ,1B,17 287B%22/ The "Block" function block expects a tag of the INT data type at the "IN_INT" input parameter. The value of the "IN_DINT" tag has therefore to the converted first from DINT to INT. Conversion is performed if the value of the "IN_DINT" tag is within the admissible value range for the INT data type. Otherwise an overflow is reported. However, a conversion takes place even in the event of an overflow, but the values are truncated and the ENO enable output is set to "0". See also Implicit conversions (Page 2200) Explicit conversions (Page 2249) 11.3.15.2 Implicit conversions (S7-1500) Setting and disabling the IEC check (S7-1500) The data types of the operands used are checked for compatibility. This compatibility test can be carried out according to criteria that are more or less strict. If "IEC check" is activated, stricter criteria are applied. You can set the IEC check centrally for all new blocks of the project or for individual blocks. 2200 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Setting IEC check for new blocks To set the IEC check for all new blocks in the project, proceed as follows: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "PLC programming > General" group in the area navigation. 3. Select or clear the "IEC check" check box in the "Default settings for new blocks" group. The IEC check is enabled or disabled for all new blocks in the program. Setting IEC check for a block To set the IEC check for a block, proceed as follows: 1. Open the block. 2. Open the "Properties" tab in the inspector window. 3. Select the "Attributes" group in the area navigation. 4. Select or clear the "IEC check" check box. The IEC check is enabled or disabled for this block. The setting is stored together with the project. Binary numbers (S7-1500) Implicit conversion of BOOL (S7-1500) Implicit conversion options The BOOL data type cannot be implicitly converted. See also BOOL (bit) (Page 2136) Overview of data type conversion (Page 2198) Setting and disabling the IEC check (Page 2200) Explicit conversion of BOOL (Page 2249) WinCC Advanced V14 System Manual, 10/2016 2201 Programming the PLC 11.3 Data types Bit strings (S7-1500) Implicit conversion of BYTE (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of BYTE data type: Source Destination With IEC check Without IEC check Explanation BYTE BOOL - - No implicit conversion WORD X X DWORD X X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LWORD X X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X No implicit conversion The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible See also BYTE (Page 2136) Setting and disabling the IEC check (Page 2200) 2202 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Overview of data type conversion (Page 2198) Explicit conversion of BYTE (Page 2251) Implicit conversion of WORD (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of WORD data type: Source Destination With IEC check Without IEC check Explanation WORD BOOL - - No implicit conversion BYTE - X The low byte is transferred to the destination data type; the high byte is ignored. DWORD X X LWORD X X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. SINT - X The low byte is transferred to the destination data type; the high byte is ignored. USINT - X INT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - - LREAL - - TIME - - LTIME - - S5TIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LDT - - No implicit conversion DTL - - DT - - DATE - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. TOD - - No implicit conversion LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X No implicit conversion The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2203 Programming the PLC 11.3 Data types See also WORD (Page 2137) Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) Explicit conversion of WORD (Page 2254) 2204 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of DWORD (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of DWORD data type: Source Destination With IEC check Without IEC check Explanation DWORD BOOL - - No implicit conversion BYTE - X WORD - X The right byte is transferred to the destination data type; the left byte is ignored. LWORD X X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) LREAL - - No implicit conversion TIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTIME - - No implicit conversion S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTOD - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is transferred unchanged to the destination data type. The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible See also DWORD (Page 2138) Setting and disabling the IEC check (Page 2200) WinCC Advanced V14 System Manual, 10/2016 2205 Programming the PLC 11.3 Data types Overview of data type conversion (Page 2198) Explicit conversion of DWORD (Page 2257) Implicit conversion of LWORD (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LWORD data type: Source Destination With IEC check Without IEC check Explanation LWORD BOOL - - No implicit conversion BYTE - X WORD - X The right byte is transferred to the destination data type; the left byte is ignored. DWORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X ULINT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. REAL - - No implicit conversion LREAL - X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion LTIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. S5TIME - - No implicit conversion LDT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DTL - - No implicit conversion DT - - DATE - - TOD - - LTOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2206 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) LWORD (Page 2139) Explicit conversion of LWORD (Page 2261) WinCC Advanced V14 System Manual, 10/2016 2207 Programming the PLC 11.3 Data types Integers (S7-1500) Implicit conversion of SINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of SINT data type: Source Destination With IEC check Without IEC check Explanation SINT BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. The remaining bits are filled with "0". LWORD - X USINT - X INT X X UINT - X DINT X X UDINT - X LINT X X ULINT - X REAL X X LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value transfer from SINT #-1 -> INT #-1, not filled with "0".) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) 2208 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types SINT (8-bit integers) (Page 2141) Explicit conversion of SINT (Page 2265) Implicit conversion of USINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of USINT data type: Source Destination With IEC check Without IEC check Explanation USINT BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. The remaining bits are filled with "0". LWORD - X SINT - X INT X X UINT X X DINT X X UDINT X X LINT X X ULINT X X REAL X X LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from USINT #10 -> DINT #10 or USINT #128 -> SINT #-128) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2209 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) USINT (8-bit integers) (Page 2142) Explicit conversion of USINT (Page 2269) 2210 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of INT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of INT data type: Source Destination With IEC check Without IEC check Explanation INT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X UINT - X DINT X X UDINT - X LINT X X ULINT - X REAL X X LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. TOD - - No implicit conversion LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from INT #-1 -> SINT #-1, or INT #-32 767 -> UINT #32 769) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) WinCC Advanced V14 System Manual, 10/2016 2211 Programming the PLC 11.3 Data types INT (16-bit integers) (Page 2143) Explicit conversion of INT (Page 2272) Implicit conversion of UINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of UINT data type: Source Destination With IEC check Without IEC check Explanation UINT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X INT - X DINT X X UDINT X X LINT X X ULINT X X REAL X X LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. TOD - - No implicit conversion LTOD - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from UINT #100 -> DINT #100 or UINT #60 000 -> INT #-5536) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2212 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) UINT (16-bit integers) (Page 2144) Explicit conversion of UINT (Page 2276) WinCC Advanced V14 System Manual, 10/2016 2213 Programming the PLC 11.3 Data types Implicit conversion of DINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of DINT data type: Source Destination With IEC check Without IEC check Explanation DINT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X INT - X UINT - X UDINT - X LINT X X ULINT - X REAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from DINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 8 388 608) LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTIME - - No implicit conversion S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTOD - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from DINT #-1 -> SINT #-1 or DINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2214 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) DINT (32-bit integers) (Page 2145) Explicit conversion of DINT (Page 2279) WinCC Advanced V14 System Manual, 10/2016 2215 Programming the PLC 11.3 Data types Implicit conversion of UDINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of UDINT data type: Source Destination With IEC check Without IEC check Explanation UDINT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X INT - X UINT - X DINT - X LINT X X ULINT X X REAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from DINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 8 388 608) LREAL X X The value is converted to the destination data type format. (The value "-1", for example, is converted to the value "-1.0".) TIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTIME - - No implicit conversion S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. LTOD - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from DINT #-1 -> SINT #-1 or DINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2216 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) UDINT (32-bit integers) (Page 2146) Explicit conversion of UDINT (Page 2283) WinCC Advanced V14 System Manual, 10/2016 2217 Programming the PLC 11.3 Data types Implicit conversion of LINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LINT data type: Source Destination With IEC check Without IEC check Explanation LINT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X ULINT - X REAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from LINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 8 388 608) LREAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from LINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 9 007 199 254 740 992) TIME - - No implicit conversion LTIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (duration in nanoseconds) S5TIME - - No implicit conversion LDT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (nanoseconds since 1/1/1970) DTL - - No implicit conversion DT - - DATE - - TOD - - LTOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from LINT #-1 -> SINT #-1 or LINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2218 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) LINT (64-bit integers) (Page 2147) Explicit conversion of LINT (Page 2286) WinCC Advanced V14 System Manual, 10/2016 2219 Programming the PLC 11.3 Data types Implicit conversion of ULINT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of ULINT data type: Source Destination With IEC check Without IEC check Explanation ULINT BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DWORD - X LWORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X REAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from LINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 8 388 608) LREAL - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from LINT #-1 -> REAL #-1.0, but there is a loss in accuracy for num bers with an absolute value greater than 9 007 199 254 740 992) TIME - - No implicit conversion LTIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (duration in nanoseconds) S5TIME - - No implicit conversion LDT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (nanoseconds since 1/1/1970) DTL - - No implicit conversion DT - - DATE - - TOD - - LTOD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the destination data type. (for example, value conversion from ULINT #-1 -> SINT #-1 or ULINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. x: Conversion possible -: Conversion not possible 2220 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) ULINT (64-bit integers) (Page 2148) Explicit conversion of ULINT (Page 2290) WinCC Advanced V14 System Manual, 10/2016 2221 Programming the PLC 11.3 Data types Floating-point numbers (S7-1500) Implicit conversion of REAL (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of REAL data type: Source Destination With IEC check Without IEC check Explanation REAL BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. LWORD - - No implicit conversion SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X The bit pattern of the source value is rounded off and converted and transferred to the destination data type. (For example, round ing off and value conversion of REAL #2.5 -> INT #2, or negative numbers REAL #-2.5 -> INT #-2 -> USINT #254. With an overflow, the remainder is determined REAL #305.5 -> INT #306 -> USINT #50) LINT - X ULINT - X LREAL X X The value is transferred to the destination data type. TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible 2222 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) REAL (Page 2150) Explicit conversion of REAL (Page 2293) WinCC Advanced V14 System Manual, 10/2016 2223 Programming the PLC 11.3 Data types Implicit conversion of LREAL (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LREAL data type: Source Destination With IEC check Without IEC check Explanation LREAL BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. SINT - X USINT - X INT - X The bit pattern of the source value is rounded off and converted and transferred to the destination data type. (For example, round ing off and value conversion of LREAL #2.5 -> INT #2, or negative numbers LREAL #-2.5 -> INT #-2 -> USINT #254. With an overflow, the remainder is determined LREAL #305.5 -> INT #306 -> USINT #50) UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - X The value is transferred to the destination data type. TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) 2224 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types LREAL (Page 2151) Explicit conversion of LREAL (Page 2296) Timers (S7-1500) Implicit conversion of S5TIME (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of data type S5TIME: Source Destination With IEC check Without IEC check Explanation S5TIME BOOL - - No implicit conversion BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. DWORD - - No implicit conversion LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2225 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) S5TIME (duration) (Page 2154) Explicit conversion of S5TIME (Page 2299) 2226 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of TIME (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of TIME data type: Source Destination With IEC check Without IEC check Explanation TIME BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. LWORD - - No implicit conversion SINT - - USINT - - INT - - UINT - - DINT - X UDINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. LINT - - No implicit conversion ULINT - - REAL - - LREAL - - S5TIME - - LTIME X X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion shows the duration in nanoseconds. (1 ms = 1 000 000 ns) LDT - - No implicit conversion DTL - - DT - - DATE - - TOD - X If the source value is between 0 s and 84599.999 s, the bit pattern of the source value is transferred unchanged to the destination data type. (Display in nanoseconds) The target value remains unchanged otherwise. The result of the conversion shows the time that has passed since midnight. LTOD - - No implicit conversion STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2227 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) TIME (IEC time) (Page 2155) Explicit conversion of TIME (Page 2301) 2228 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of LTIME (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LTIME data type: Source Destination With IEC check Without IEC check Explanation LTIME BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion shows the duration in nanoseconds. SINT - - No implicit conversion USINT - - INT - - UINT - - DINT - - UDINT - - LINT - X ULINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion shows the duration in nanoseconds. REAL - - No implicit conversion LREAL - - S5TIME - - TIME - X If the source value is outside the value range of the destination data type, the target value remains unchanged. (0.123456789 s becomes 0.123 s) LDT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion shows the duration in nanoseconds since 1/1/1970. DTL - - No implicit conversion DT - - DATE - - TOD - - LTOD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion shows the duration in nanoseconds since 1/1/1970. STRING - - No implicit conversion WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2229 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) LTIME (IEC time) (Page 2156) Explicit conversion of LTIME (Page 2304) 2230 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Date and time-of-day (S7-1500) Implicit conversion of DT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of DT data type: Source Destination With IEC check Without IEC check Explanation DT BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT X X DTL X X The source value is transferred unchanged with the same value to the destination data type. (12/24/2012 14:30 remains 12/24/2012 14:30) DATE - - No implicit conversion TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2231 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) DATE_AND_TIME (date and time of day) (Page 2158) Explicit conversion of DT (Page 2307) 2232 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of LDT (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LDT data type: Source Destination With IEC check Without IEC check Explanation LDT BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (nanoseconds since 1/1/1970) No implicit conversion SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - X ULINT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (nanoseconds since 1/1/1970) REAL - - No implicit conversion LREAL - - TIME - - LTIME - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. (nanoseconds since 1/1/1970) S5TIME - - No implicit conversion DT - X The bit pattern of the source value is converted with a loss in accuracy to the destination data type. (12/24/2012 12:34:56.123456789 becomes 12/24/2012 12:34:56.123) DTL X X The source value is transferred unchanged with the same value to the destination data type. (12/24/2012 14:30 remains 12/24/2012 14:30) DATE - - No implicit conversion TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2233 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) Explicit conversion of LDT (Page 2310) LDT (DATE_AND_LTIME) (Page 2159) 2234 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of DTL (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of DTL data type: Source Destination With IEC check Without IEC check Explanation DTL BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT X X The source value is transferred unchanged with the same value to the destination data type. (12/24/2012 14:30 remains 12/24/2012 14:30) DT - X The bit pattern of the source value is converted with a loss in accuracy to the destination data type. (12/24/2012 12:34:56.123456789 becomes 12/24/2012 12:34:56.123) DATE - - No implicit conversion TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2235 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) DTL (Page 2160) Explicit conversion of DTL (Page 2313) 2236 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of DATE (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of data type DATE: Source Destination With IEC check Without IEC check Explanation DATE BOOL - - No implicit conversion BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion is equal to the number of days since 01/01/1990. DWORD - - No implicit conversion LWORD - - SINT - - USINT - - INT - X UINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion is equal to the number of days since 01/01/1990. DINT - - No implicit conversion UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DT - - DTL - - TOD - - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) WinCC Advanced V14 System Manual, 10/2016 2237 Programming the PLC 11.3 Data types DATE (Page 2157) Explicit conversion of DATE (Page 2316) 2238 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of TOD (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of TOD data type: Source Destination With IEC check Without IEC check Explanation TOD BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of milliseconds since the start of day (0:00). LWORD - - No implicit conversion SINT - - USINT - - INT - - UINT - - DINT - X UDINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of milliseconds since the start of day (0:00). LINT - - No implicit conversion ULINT - - REAL - - LREAL - - TIME - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of milliseconds since the start of day (0:00). LTIME - - No implicit conversion S5TIME - - LDT - - DT - - DTL - - DATE - - LTOD X X The source value is transferred unchanged with the same value to the destination data type. (12:34:56.123 becomes 12:34:56.123000000) STRING - - No implicit conversion WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2239 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) TIME_OF_DAY (TOD) (Page 2157) Explicit conversion of TOD (Page 2318) 2240 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of LTOD (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of LTOD data type: Source Destination With IEC check Without IEC check Explanation LTOD BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of nanoseconds since the start of day (0:00 hrs). SINT - - No implicit conversion USINT - - INT - - UINT - - DINT - - UDINT - - LINT - X ULINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of nanoseconds since the start of day (0:00 hrs). REAL - - No implicit conversion LREAL - - TIME - - LTIME - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corre sponds to the number of nanoseconds since the start of day (0:00 hrs). No implicit conversion S5TIME - - LDT - - DT - - DTL - - DATE - - TOD - X The source value is transferred unchanged with the same value rounded off to the destination data type. (12:34:56.123456789 becomes 12:34:56.123) No implicit conversion STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2241 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) Explicit conversion of LTOD (Page 2320) LTOD (LTIME_OF_DAY) (Page 2158) 2242 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types String (S7-1500) Implicit conversion of CHAR (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of CHAR data type: Source Destination With IEC check Without IEC check Explanation CHAR BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. The remaining bits are filled from the left with "0". LWORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - - LREAL - - TIME - - No implicit conversion LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - WCHAR - - STRING X X The STRING is shortened to length 1 and includes the character. WSTRING - - No implicit conversion x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) WinCC Advanced V14 System Manual, 10/2016 2243 Programming the PLC 11.3 Data types CHAR (Character) (Page 2161) Explicit conversion of CHAR (Page 2323) Implicit conversion of WCHAR (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of WCHAR data type: Source Destination With IEC check Without IEC check Explanation WCHAR BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. The remaining bits are filled from the left with "0". LWORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X LINT - X ULINT - X REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - CHAR - - STRING - - WSTRING X X No implicit conversion The WSTRING is shortened to length 1 and includes the charac ter. x: Conversion possible -: Conversion not possible 2244 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) WCHAR (Character) (Page 2162) Explicit conversion of WCHAR (Page 2325) WinCC Advanced V14 System Manual, 10/2016 2245 Programming the PLC 11.3 Data types Implicit conversion of STRING (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of STRING data type: Source Destination With IEC check Without IEC check Explanation STRING BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - CHAR - X The first character of the STRING is returned if the STRING in cludes one or more characters. Otherwise, the character is out put with coding $00. No implicit conversion WCHAR - - WSTRING - - x: Conversion possible -: Conversion not possible See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) 2246 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types STRING (Page 2162) Explicit conversion of STRING (Page 2327) Implicit conversion of WSTRING (S7-1500) Implicit conversion options The following table shows the options for the implicit conversion of WSTRING data type: Source Destination With IEC check Without IEC check Explanation WSTRIN G BOOL - - No implicit conversion BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DTL - - DT - - DATE - - TOD - - LTOD - - CHAR - - WCHAR - X The first character of the WSTRING is returned if the WSTRING includes one or more characters. Otherwise, the character is out put with coding $0000. STRING - - No implicit conversion x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2247 Programming the PLC 11.3 Data types See also Setting and disabling the IEC check (Page 2200) Overview of data type conversion (Page 2198) WSTRING (Page 2165) Explicit conversion of WSTRING (Page 2330) 2248 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types 11.3.15.3 Explicit conversions (S7-1500) Binary numbers (S7-1500) Explicit conversion of BOOL (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BOOL data type: Source Destination Conversion Explanation Mnemonics of the instruction BOOL BYTE X BOOL_TO_BYTE WORD X DWORD X LWORD X Only the LSB (Least Significant Bit) is set in the destination data type. The enable output ENO is always "1". SINT X BOOL_TO_SINT USINT X BOOL_TO_USINT INT X BOOL_TO_INT UINT X BOOL_TO_UINT DINT X BOOL_TO_DINT UDINT X BOOL_TO_UDINT LINT X BOOL_TO_LINT ULINT X REAL - LREAL - - TIME - - LTIME - - S5TIME - - LDT - - DT - - DTL - - TOD - - LTOD - - DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - BOOL_TO_WORD BOOL_TO_DWORD BOOL_TO_LWORD BOOL_TO_ULINT No explicit conversion - x: Conversion possible - : Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2249 Programming the PLC 11.3 Data types See also Overview of data type conversion (Page 2198) Implicit conversion of BOOL (Page 2201) BOOL (bit) (Page 2136) 2250 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Bit strings (S7-1500) Explicit conversion of BYTE (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BYTE data type: WinCC Advanced V14 System Manual, 10/2016 2251 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction BYTE BOOL X The following possibilities can oc cur: BYTE_TO_BOOL 1) If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". 2252 WORD1) X DWORD1) X The bit pattern of the source value BYTE_TO_WORD is transferred unchanged right-justi BYTE_TO_DWORD fied to the destination data type. BYTE_TO_LWORD LWORD1) X SINT X BYTE_TO_SINT USINT X BYTE_TO_USINT INT X BYTE_TO_INT UINT X BYTE_TO_UINT DINT X BYTE_TO_DINT UDINT X BYTE_TO_UDINT LINT X BYTE_TO_LINT ULINT X REAL - LREAL - TIME X LTIME X The bit pattern of the source value BYTE_TO_TIME is transferred unchanged right-justi BYTE_TO_LTIME fied to the destination data type. S5TIME - No explicit conversion LDT X The bit pattern of the source value BYTE_TO_LDT is transferred unchanged right-justi fied to the destination data type. DT - No explicit conversion DTL - TOD X LTOD X DATE X The bit pattern of the source value BYTE_TO_TOD is transferred unchanged right-justi BYTE_TO_LTOD fied to the destination data type. BYTE_TO_DATE STRING - No explicit conversion WSTRING - CHAR X WCHAR X BYTE_TO_ULINT No explicit conversion - - - - The bit pattern of the source value BYTE_TO_CHAR is transferred unchanged right-justi BYTE_TO_WCHAR fied to the destination data type. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) are interpreted as an unsigned integer with the same bit length. The data type BYTE is interpreted as USINT, WORD as UINT, DWORD as UDINT and LWORD as ULINT. 1) See also Overview of data type conversion (Page 2198) Implicit conversion of BYTE (Page 2202) BYTE (Page 2136) WinCC Advanced V14 System Manual, 10/2016 2253 Programming the PLC 11.3 Data types Explicit conversion of WORD (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the WORD data type: 2254 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction WORD BOOL X The following possibilities can occur: WORD_TO_BOOL 1) If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) 1) X LWORD1) X The bit pattern of the source value is trans WORD_TO_BYTE ferred unchanged right-justified to the desti WORD_TO_DWORD nation data type. WORD_TO_LWORD SINT X ENO = TRUE DWORD X WORD_TO_SINT #sint1 := WORD_TO_SINT(16#FFFF); // -1 to #sint1 := WORD_TO_SINT(16#FF80); // -128 #sint1 := WORD_TO_SINT(16#0); // 0 to #sint1 := WORD_TO_SINT(16#007F); // 127 ENO = FALSE #sint1 := WORD_TO_SINT(16#FF7F); // -129 to #sint1 := WORD_TO_SINT(16#8000); // -32768 #sint1 := WORD_TO_SINT(16#0080); // 128 to #sint1 := WORD_TO_SINT(16#7FFF); // 32767 USINT X INT X UINT X DINT X WORD_TO_DINT UDINT X WORD_TO_UDINT LINT X WORD_TO_LINT ULINT X REAL - LREAL - TIME X LTIME X S5TIME X LDT X DT - WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value is trans WORD_TO_USINT ferred unchanged right-justified to the desti WORD_TO_INT nation data type. WORD_TO_UINT WORD_TO_ULINT No explicit conversion - The bit pattern of the source value is trans WORD_TO_TIME ferred unchanged right-justified to the desti WORD_TO_LTIME nation data type. WORD_TO_S5TIME WORD_TO_LDT No explicit conversion - 2255 Programming the PLC 11.3 Data types Source Destination Conversion DTL - Explanation Mnemonics of the instruction TOD X LTOD X DATE X The bit pattern of the source value is trans WORD_TO_TOD ferred unchanged right-justified to the desti WORD_TO_LTOD nation data type. WORD_TO_DATE STRING - No explicit conversion WSTRING - CHAR X WCHAR X WORD_ BCD16 INT X BCD16 INT X - - The bit pattern of the source value is trans WORD_TO_CHAR ferred unchanged right-justified to the desti WORD_TO_WCHAR nation data type. The value to be converted has data type WORD and is accepted as a BCD-coded value between -999 and +999. The result is available after conversion as an integer (in binary notation) of the type INT. A real con version takes place. If the bit pattern in cludes an invalid tetrad, a synchronous error is not triggered but only the status bit OV is set instead. WORD_BCD16_TO_INT BCD16_TO_INT x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) are interpreted as an unsigned integer with the same bit length. The data type BYTE is interpreted as USINT, WORD as UINT, DWORD as UDINT and LWORD as ULINT. 1) See also Implicit conversion of WORD (Page 2203) Overview of data type conversion (Page 2198) WORD (Page 2137) 2256 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DWORD (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DWORD data type: WinCC Advanced V14 System Manual, 10/2016 2257 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction DWORD1) BOOL X The following possibilities can occur: DWORD_TO_BOO L If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X LWORD1) X SINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. DWORD_TO_BYT E DWORD_TO_WO RD DWORD_TO_LW ORD ENO = TRUE DWORD_TO_SIN T #sint1 := DWORD_TO_SINT(16#FFFF_FFFF); // -1 to #sint1 := DWORD_TO_SINT(16#FFFF_FF80); // -128 #sint1 := DWORD_TO_SINT(16#0); // 0 to #sint1 := DWORD_TO_SINT(16#0000_007F); // 127 ENO = FALSE #sint1 := DWORD_TO_SINT(16#FFFF_FF7F); // -129 #sint1 := DWORD_TO_SINT(16#8000_0000); // -2147483648 #sint1 := DWORD_TO_SINT(16#0000_0080); // 128 to #sint1 := DWORD_TO_SINT(16#7FFF_FFFF); // 2147483647 USINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. DWORD_TO_USI NT INT X ENO = TRUE DWORD_TO_INT #int1 := DWORD_TO_INT(16#FFFF_FFFF); // -1 to #int1 := DWORD_TO_INT(16#FFFF_8000); // -32768 #int1 := DWORD_TO_INT(16#0); // 0 to #int1 := DWORD_TO_INT(16#0000_7FFF); // 32767 ENO = FALSE #int1 := DWORD_TO_INT(16#FFFF_7FFF); // -32769 #int1 := DWORD_TO_INT(16#8000_0000); // 2258 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction -2147483648 #int1 := DWORD_TO_INT(16#8000); // 32768 to #int1 := DWORD_TO_INT(16#7FFF_FFFF); // 2147483647 UINT X DINT X UDINT X LINT X DWORD_TO_LINT ULINT X DWORD_TO_ULI NT REAL X DWORD_TO_RE AL LREAL - No explicit conversion - TIME X DWORD_TO_TIM E LTIME X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. S5TIME - No explicit conversion - LDT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. DWORD_TO_LDT DT - No explicit conversion - DTL - TOD X LTOD X DATE X STRING - WSTRING - CHAR X WCHAR X WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value is transferred unchanged right-justified to the destination data type. If no errors occur during the conversion, the signal state of ENO = 1; if an error occurs during processing, the signal state of ENO = 0. DWORD_TO_UIN T DWORD_TO_DIN T DWORD_TO_UDI NT DWORD_TO_LTI ME The bit pattern of the source value is transferred unchanged right-justified to the destination data type. DWORD_TO_TOD DWORD_TO_LTO D DWORD_TO_DAT E No explicit conversion - The bit pattern of the source value is transferred unchanged right-justified to the destination data type. DWORD_TO_CHA R DWORD_TO_WC HAR 2259 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction DWORD_BCD3 2 DINT X BCD32 DINT X The value to be converted has data type DWORD DWORD_BCD32_ and is accepted as a BCD-coded value between TO_DINT -9999999 and +9999999. The result is available af BCD32_TO_DINT ter conversion as an integer (in binary notation) of the type DINT. A real conversion takes place. If the bit pattern includes an invalid tetrad, a synchronous error is not triggered but only the status bit OV is set instead. x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) are interpreted as an unsigned integer with the same bit length. The data type BYTE is interpreted as USINT, WORD as UINT, DWORD as UDINT and LWORD as ULINT. 1) See also Implicit conversion of DWORD (Page 2205) Overview of data type conversion (Page 2198) DWORD (Page 2138) 2260 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of LWORD (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LWORD data type: WinCC Advanced V14 System Manual, 10/2016 2261 Programming the PLC 11.3 Data types Source Destination Conver sion Explanation Mnemonics of the in struction LWORD1) BOOL X The following possibilities can occur: LWORD_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X DWORD1) X SINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_BYTE LWORD_TO_WORD LWORD_TO_DWOR D ENO = TRUE LWORD_TO_SINT #sint1 := LWORD_TO_SINT(16#FFFF_FFFF_FFFF_FFFF); // -1 to #sint1 := LWORD_TO_SINT(16#FFFF_FFFF_FFFF_FF80); // -128 #sint1 := LWORD_TO_SINT(16#0); // 0 to #sint1 := LWORD_TO_SINT(16#0000_0000_0000_007F); // 127 ENO = FALSE #sint1 := LWORD_TO_SINT(16#FFFF_FFFF_FFFF_FF7F); // -129 #sint1 := LWORD_TO_SINT(16#8000_0000_0000_0000); // -9223372036854775808 #sint1 := LWORD_TO_SINT(16#0000_0000_0000_0080); // 128 #sint1 := LWORD_TO_SINT(16#7FFF_FFFF_FFFF_FFFF); // 9223372036854775807 USINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_USINT INT X ENO = TRUE LWORD_TO_INT #int1 := LWORD_TO_INT(16#FFFF_FFFF_FFFF_FFFF); // -1 to #int1 := LWORD_TO_INT(16#FFFF_FFFF_FFFF_8000); // -32768 #int1 := LWORD_TO_INT(16#0); // 0 to #int1 := LWORD_TO_INT(16#0000_0000_0000_7FFF); // 32767 ENO = FALSE #int1 := LWORD_TO_INT(16#FFFF_FFFF_FFFF_7FFF); // -32769 #int1 := LWORD_TO_INT(16#8000_0000_0000_0000); // -2147483648 2262 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conver sion Explanation Mnemonics of the in struction #int1 := LWORD_TO_INT(16#0000_0000_0000_8000); // 32768 to #int1 := LWORD_TO_INT(16#7FFF_FFFF_FFFF_FFFF); // 2147483647 UINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_UINT DINT X ENO = TRUE LWORD_TO_DINT #dint1 := LWORD_TO_DINT(16#FFFF_FFFF_FFFF_FFFF); // -1 to #dint1 := LWORD_TO_DINT(16#FFFF_FFFF_8000_0000); // -2147483648 #dint1 := LWORD_TO_DINT(16#0); // 0 to #dint1 := LWORD_TO_DINT(16#0000_0000_7FFF_FFFF); // 2147483647 ENO = FALSE #dint1 := LWORD_TO_DINT(16#FFFF_FFFF_7FFF_FFFF); // -2147483649 to #dint1 := LWORD_TO_DINT(16#8000_0000_0000_0000); // -9223372036854775808 #dint1 := LWORD_TO_DINT(16#0000_0000_8000_0000); // 2147483648 to #dint1 := LWORD_TO_DINT(16#7FFF_FFFF_FFFF_FFFF); // 9223372036854775807 UDINT X LINT X ULINT X REAL - No explicit conversion - LREAL X LWORD_TO_LREAL TIME X LTIME X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. If no errors occur during the conversion, the signal state of ENO = 1; if an error occurs during processing, the signal state of ENO = 0. S5TIME - No explicit conversion - LDT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_LDT DT - No explicit conversion - DTL - TOD X LTOD X DATE X STRING - WSTRING - CHAR X WCHAR X WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_UDINT LWORD_TO_LINT LWORD_TO_ULINT LWORD_TO_TIME LWORD_TO_LTIME The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_TOD LWORD_TO_LTOD LWORD_TO_DATE No explicit conversion - The bit pattern of the source value is transferred unchanged right-justified to the destination data type. LWORD_TO_CHAR LWORD_TO_WCHAR 2263 Programming the PLC 11.3 Data types Source Destination Conver sion Explanation Mnemonics of the in struction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) are interpreted as an unsigned integer with the same bit length. The data type BYTE is interpreted as USINT, WORD as UINT, DWORD as UDINT and LWORD as ULINT. 1) See also Implicit conversion of LWORD (Page 2206) Overview of data type conversion (Page 2198) LWORD (Page 2139) 2264 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Integers (S7-1500) Explicit conversion of SINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the SINT data type: WinCC Advanced V14 System Manual, 10/2016 2265 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction SINT BOOL X The following possibilities can oc cur: SINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". 2266 BYTE1) X WORD1) X DWORD 1) X LWORD 1) X The bit pattern of the source value is transferred unchanged right-justi fied to the destination data type. If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". SINT_TO_BYTE SINT_TO_WORD SINT_TO_DWORD SINT_TO_LWORD USINT X SINT_TO_USINT INT X UINT X DINT X UDINT X LINT X ULINT X REAL X LREAL X TIME X The value is transferred to the des SINT_TO_TIME tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des SINT_TO_LTIME tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. SINT_TO_LDT DT - No explicit conversion - DTL - TOD X SINT_TO_INT SINT_TO_UINT SINT_TO_DINT SINT_TO_UDINT SINT_TO_LINT SINT_TO_ULINT The value is converted to the desti SINT_TO_REAL, NORM_X nation data type format. (The value SINT_TO_LREAL, NORM_X "-1" is changed to the value "-1.0", for example, with the instruction "Convert value" (CONVERT). The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value SINT_TO_TOD WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction "-1" (16#FFFFFFFF). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in milliseconds since 0:0) LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in nanoseconds since 0:0) SINT_TO_LTOD DATE X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in days since 1990-1-1) SINT_TO_DATE STRING X The value is converted into a char acter string. SINT_TO_STRING, S_CONV, VAL_STRG WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. SINT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the char acter string is violated, the enable output ENO is set to "0". CHAR1) X WCHAR1) X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". SINT_TO_CHAR SINT_TO_WCHAR x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. WinCC Advanced V14 System Manual, 10/2016 2267 Programming the PLC 11.3 Data types See also Implicit conversion of SINT (Page 2208) Overview of data type conversion (Page 2198) SINT (8-bit integers) (Page 2141) 2268 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of USINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the USINT data type: WinCC Advanced V14 System Manual, 10/2016 2269 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction USINT BOOL X The following possibilities can oc cur: USINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". 2270 BYTE1) X WORD1) X DWORD1) X LWORD X 1) The bit pattern of the source value USINT_TO_BYTE is transferred unchanged right-justi USINT_TO_WORD fied to the destination data type. USINT_TO_DWORD USINT_TO_LWORD SINT X The bit pattern of the source value USINT_TO_SINT is transferred unchanged right-justi fied to the destination data type. If the sign is changed during the con version, the enable output ENO is set to "0". INT X UINT X DINT X The bit pattern of the source value is converted and transferred to the destination data type. UDINT X USINT_TO_UDINT LINT X USINT_TO_LINT ULINT X USINT_TO_ULINT REAL X LREAL X TIME X The value is transferred to the des USINT_TO_TIME tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des USINT_TO_LTIME tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. USINT_TO_LDT DT - No explicit conversion - DTL - USINT_TO_INT USINT_TO_UINT USINT_TO_DINT The value is converted to the desti USINT_TO_REAL, NORM_X nation data type format. (The value USINT_TO_LREAL, NORM_X "1" is changed to the value "1.0", for example, with the instruction "Con vert value" (CONVERT). - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction TOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in milliseconds since 0:0) USINT_TO_TOD LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in nanoseconds since 0:0) USINT_TO_LTOD DATE X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in days since 1990-1-1) USINT_TO_DATE STRING X WSTRING X The value is converted into a char USINT_TO_STRING, S_CONV, acter string. If the permitted length VAL_STRG of the character string is violated, USINT_TO_WSTRING the enable output ENO is set to "0". CHAR1) X WCHAR1) X The bit pattern of the source value is converted and transferred to the destination data type. USINT_TO_CHAR USINT_TO_WCHAR x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width (the non-existing sign is replaced with zeros), and then the bits are copied. The source type determines the interpre tation. 1) See also Implicit conversion of USINT (Page 2209) Overview of data type conversion (Page 2198) USINT (8-bit integers) (Page 2142) WinCC Advanced V14 System Manual, 10/2016 2271 Programming the PLC 11.3 Data types Explicit conversion of INT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the INT data type: 2272 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction INT BOOL X The following possibilities can occur: INT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) WORD X X 1) DWORD1) X LWORD X 1) The bit pattern of the source value is transferred unchanged right-justified to the destination data type. If a nega tive value is converted into an un signed destination data type, the ena ble output ENO is set to "0". INT_TO_BYTE The bit pattern of the source value is converted and transferred to the des tination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destina tion data type, the enable output ENO is set to "0". INT_TO_SINT INT_TO_WORD INT_TO_DWORD INT_TO_LWORD SINT X USINT X UINT X DINT X UDINT X LINT X ULINT X REAL X LREAL X TIME X The value is transferred to the desti nation data type and interpreted as milliseconds. INT_TO_TIME LTIME X The value is transferred to the desti nation data type and interpreted as nanoseconds. INT_TO_LTIME S5TIME - No explicit conversion - LDT X The result is returned in nanoseconds since 1970-1-1-0:0:0.0. INT_TO_LDT DT - No explicit conversion - DTL - TOD X WinCC Advanced V14 System Manual, 10/2016 INT_TO_USINT INT_TO_UINT INT_TO_DINT INT_TO_UDINT INT_TO_LINT INT_TO_ULINT The value is converted to the destina INT_TO_REAL, NORM_X tion data type format. (The value "-1" INT_TO_LREAL, NORM_X is changed to the value "-1.0", for ex ample, with the instruction "Convert value" (CONVERT). The bit pattern of the source value is INT_TO_TOD converted and transferred to the des tination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destina tion data type, the enable output ENO 2273 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction is set to "0". (interpretation in millisec onds since 0:0; check for 24h limit) LTOD X The bit pattern of the source value is INT_TO_LTOD converted and transferred to the des tination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destina tion data type, the enable output ENO is set to "0". (interpretation in nano seconds since 0:0; check for 24h limit) DATE X The bit pattern of the source value is INT_TO_DATE converted and transferred to the des tination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destina tion data type, the enable output ENO is set to "0". (interpretation in days since 1990-1-1; check for negative val ue) STRING X The value is converted into a charac ter string. INT_TO_STRING, S_CONV, VAL_STRG WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. INT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the character string is violated, the enable output ENO is set to "0". CHAR1) WCHAR BCD16 X 1) X X BCD16_WOR X D 2274 The bit pattern of the source value is INT_TO_CHAR converted and transferred to the des INT_TO_WCHAR tination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destina tion data type, the enable output ENO is set to "0". The value to be converted has type INT and is accepted as an integer with a value between -999 and +999. The result is available after conversion as a BCD-coded number of the type WORD. A real conversion takes place. If the value is outside the target INT_TO_BCD16 INT_TO_BCD16_WORD WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction area, a synchronous error is not trig gered, but rather only the status bit OV is set. x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 1) See also Implicit conversion of INT (Page 2211) Overview of data type conversion (Page 2198) INT (16-bit integers) (Page 2143) WinCC Advanced V14 System Manual, 10/2016 2275 Programming the PLC 11.3 Data types Explicit conversion of UINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the UINT data type: 2276 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction UINT BOOL X The following possibilities can oc cur: UINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X DWORD 1) X LWORD 1) X The bit pattern of the source value is transferred unchanged right-justi fied to the destination data type. If bits are lost in the process, the en able output ENO is set to "0". UINT_TO_BYTE UINT_TO_WORD UINT_TO_DWORD UINT_TO_LWORD SINT X UINT_TO_SINT USINT X INT X The bit pattern of the source value UINT_TO_INT is transferred unchanged right-justi fied to the destination data type. If the sign bit is changed during the conversion, the enable output ENO is set to "0". UINT_TO_USINT DINT X UDINT X LINT X The bit pattern of the source value UINT_TO_DINT is transferred unchanged right-justi UINT_TO_UDINT fied to the destination data type. UINT_TO_LINT ULINT X UINT_TO_ULINT REAL X LREAL X TIME X The value is transferred to the des UINT_TO_TIME tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des UINT_TO_LTIME tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. UINT_TO_LDT DT - No explicit conversion - DTL - WinCC Advanced V14 System Manual, 10/2016 The value is converted to the desti UINT_TO_REAL, NORM_X nation data type format. (The value UINT_TO_LREAL, NORM_X "1" is changed to the value "1.0", for example, with the instruction "Con vert value" (CONVERT). - 2277 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction TOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in milliseconds since 0:0; check for 24h limit) UINT_TO_TOD LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in nanoseconds since 0:0; check for 24h limit) UINT_TO_LTOD DATE X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in days since 1990-1-1; check for negative value) UINT_TO_DATE, T_CONV STRING X WSTRING X The value is converted into a char UINT_TO_STRING, S_CONV, acter string. If the permitted length VAL_STRG of the character string is violated, UINT_TO_WSTRING the enable output ENO is set to "0". CHAR1) X WCHAR 1) X The bit pattern of the source value UINT_TO_CHAR is transferred unchanged to the des UINT_TO_WCHAR tination data type. The enable out put ENO is set to "0" in the event of overflow. x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width (the non-existing sign is replaced with zeros), and then the bits are copied. The source type determines the interpre tation. See also Implicit conversion of UINT (Page 2212) Overview of data type conversion (Page 2198) UINT (16-bit integers) (Page 2144) 2278 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DINT data type: WinCC Advanced V14 System Manual, 10/2016 2279 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction DINT BOOL X The following possibilities can oc cur: DINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X DWORD LWORD 2280 1) X 1) X The bit pattern of the source value is transferred unchanged right-justi fied to the destination data type. If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". DINT_TO_BYTE The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative val ue is converted into an unsigned destination data type, the enable output ENO is set to "0". DINT_TO_SINT DINT_TO_WORD DINT_TO_DWORD DINT_TO_LWORD SINT X USINT X INT X UINT X UDINT X LINT X ULINT X REAL X LREAL X TIME X The value is transferred to the des DINT_TO_TIME, T_CONV tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des DINT_TO_LTIME, T_CONV tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. DINT_TO_LDT DT - No explicit conversion - DTL - TOD X DINT_TO_USINT DINT_TO_INT DINT_TO_UINT DINT_TO_UDINT DINT_TO_LINT DINT_TO_ULINT The value is converted to the desti DINT_TO_REAL, NORM_X nation data type format. (The value DINT_TO_LREAL, NORM_X "-1" is changed to the value "-1.0", for example, with the instruction "Convert value" (CONVERT). The bit pattern of the source value DINT_TO_TOD is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction (16#FFFFFFFF)). If a negative val ue is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in milliseconds since 0:0) LTOD X The bit pattern of the source value DINT_TO_LTOD is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative val ue is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in nanoseconds since 0:0) DATE X The bit pattern of the source value DINT_TO_DATE is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative val ue is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in days since 1990-1-1) STRING X The value is converted into a char acter string. DINT_TO_STRING, S_CONV, VAL_STRG WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. DINT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the char acter string is violated, the enable output ENO is set to "0". CHAR1) X WCHAR1) X BCD32 X BCD32_DWO RD X WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value DINT_TO_CHAR is converted and transferred to the DINT_TO_WCHAR destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative val ue is converted into an unsigned destination data type, the enable output ENO is set to "0". The value to be converted has type DINT and is accepted as an integer with a value between -999999 and +9999999. The result is available DINT_TO_BCD32 DINT_TO_BCD32_DWORD 2281 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction after conversion as a BCD-coded number of the type DWORD. The enable output is set to "0" in the event of overflow. A real conversion takes place. If the value is outside the target area, a synchronous error is not triggered, but rather only the status bit OV is set. x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 1) See also Implicit conversion of DINT (Page 2214) Overview of data type conversion (Page 2198) DINT (32-bit integers) (Page 2145) 2282 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of UDINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the UDINT data type: WinCC Advanced V14 System Manual, 10/2016 2283 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction UDINT BOOL X The following possibilities can oc cur: UDINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". 2284 BYTE1) X WORD1) X DWORD 1) X LWORD 1) X The bit pattern of the source value is transferred unchanged right-justi fied to the destination data type. If bits are lost in the process, the en able output ENO is set to "0". UDINT_TO_BYTE UDINT_TO_WORD UDINT_TO_DWORD UDINT_TO_LWORD SINT X UDINT_TO_SINT USINT X UDINT_TO_USINT INT X UDINT_TO_INT UINT X UDINT_TO_UINT DINT X The bit pattern of the source value UDINT_TO_DINT is transferred unchanged right-justi fied to the destination data type. If the sign bit is changed during the conversion, the enable output ENO is set to "0". LINT X ULINT X The bit pattern of the source value UDINT_TO_LINT is transferred unchanged right-justi UDINT_TO_ULINT fied to the destination data type. REAL X LREAL X The value is converted to the desti UDINT_TO_REAL, NORM_X nation data type format. (The value UDINT_TO_LREAL, NORM_X "1" is changed to the value "1.0", for example, with the instruction "Con vert value" (CONVERT). TIME X The value is transferred to the des UDINT_TO_TIME tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des UDINT_TO_LTIME tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. UDINT_TO_LDT DT - No explicit conversion - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion DTL - Explanation Mnemonics of the instruction TOD X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in milliseconds since 0:0; check for 24h limit) UDINT_TO_TOD, T_CONV LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in nanoseconds since 0:0; check for 24h limit) UDNT_TO_LTOD, T_CONV DATE X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in days since 1990-1-1; check for negative value) UDINT_TO_DATE STRING X WSTRING X The value is converted into a char UDINT_TO_STRING, S_CONV, acter string. If the permitted length VAL_STRG of the character string is violated, UDINT_TO_WSTRING the enable output ENO is set to "0". CHAR1) X WCHAR1) X - The bit pattern of the source value UDINT_TO_CHAR is transferred unchanged to the des UDINT_TO_WCHAR tination data type. The enable out put ENO is set to "0" in the event of overflow. x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width (the non-existing sign is replaced with zeros), and then the bits are copied. The source type determines the interpre tation. See also Implicit conversion of UDINT (Page 2216) Overview of data type conversion (Page 2198) UDINT (32-bit integers) (Page 2146) WinCC Advanced V14 System Manual, 10/2016 2285 Programming the PLC 11.3 Data types Explicit conversion of LINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LINT data type: 2286 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction LINT BOOL X The following possibilities can oc cur: LINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X 1) DWORD X LWORD 1) X The bit pattern of the source value is transferred unchanged right-justi fied to the destination data type. If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". LINT_TO_BYTE LINT_TO_WORD LINT_TO_DWORD LINT_TO_LWORD SINT X USINT X LINT_TO_USINT INT X LINT_TO_INT UINT X LINT_TO_UINT DINT X LINT_TO_DINT UDINT X LINT_TO_UDINT ULINT X REAL X LREAL X TIME X The value is transferred to the des LINT_TO_TIME, T_CONV tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des LINT_TO_LTIME, T_CONV tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. LINT_TO_LDT DT - No explicit conversion - DTL - TOD X WinCC Advanced V14 System Manual, 10/2016 LINT_TO_SINT LINT_TO_ULINT The value is converted to the desti LINT_TO_REAL, NORM_X nation data type format. (The value LINT_TO_LREAL, NORM_X "-1" is changed to the value "-1.0", for example, with the instruction "Convert value" (CONVERT). The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative LINT_TO_TOD 2287 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in milliseconds since 0:0) LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in nanoseconds since 0:0) LINT_TO_LTOD DATE X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". (interpre tation in days since 1990-1-1) LINT_TO_DATE STRING X The value is converted into a char acter string. LINT_TO_STRING, S_CONV, VAL_STRG WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. LINT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the char acter string is violated, the enable output ENO is set to "0". CHAR1) X WCHAR1) X The bit pattern of the source value is converted and transferred to the destination data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted into an unsigned destination data type, the enable output ENO is set to "0". LINT_TO_CHAR LINT_TO_WCHAR x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 2288 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Implicit conversion of LINT (Page 2218) Overview of data type conversion (Page 2198) LINT (64-bit integers) (Page 2147) WinCC Advanced V14 System Manual, 10/2016 2289 Programming the PLC 11.3 Data types Explicit conversion of ULINT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the ULINT data type: 2290 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction ULINT BOOL X The following possibilities can oc cur: ULINT_TO_BOOL If the source is "0", the destination data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE1) X WORD1) X DWORD1) X The bit pattern of the source value ULINT_TO_BYTE is transferred unchanged right-justi ULINT_TO_WORD fied to the destination data type. ULINT_TO_DWORD LWORD X ULINT_TO_LWORD SINT X ULINT_TO_SINT USINT X ULINT_TO_USINT INT X ULINT_TO_INT 1) UINT X ULINT_TO_UINT DINT X The bit pattern of the source value ULINT_TO_DINT is transferred unchanged right-justi fied to the destination data type. If the sign bit is overwritten during the conversion, the enable output ENO is set to "0". UDINT X LINT X The bit pattern of the source value ULINT_TO_UDINT is transferred unchanged right-justi ULINT_TO_LINT fied to the destination data type. REAL X LREAL X TIME X The value is transferred to the des ULINT_TO_TIME tination data type and interpreted as milliseconds. LTIME X The value is transferred to the des ULINT_TO_LTIME tination data type and interpreted as nanoseconds. S5TIME - No explicit conversion - LDT X The result is returned in nanosec onds since 1970-1-1-0:0:0.0. ULINT_TO_LDT DT - No explicit conversion - WinCC Advanced V14 System Manual, 10/2016 The value is converted to the desti ULINT_TO_REAL, NORM_X nation data type format. (The value ULINT_TO_LREAL, NORM_X "1" is changed to the value "1.0", for example, with the instruction "Con vert value" (CONVERT). 2291 Programming the PLC 11.3 Data types Source Destination Conversion DTL - TOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in milliseconds since 0:0) ULINT_TO_TOD, T_CONV LTOD X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in nanoseconds since 0:0) ULINT_TO_LTOD, T_CONV DATE X The bit pattern of the source value is converted and transferred to the destination data type. (interpreta tion in days since 1990-1-1) ULINT_TO_DATE STRING X WSTRING X The value is converted into a char ULINT_TO_STRING, S_CONV, acter string. If the permitted length VAL_STRG of the character string is violated, ULINT_TO_WSTRING the enable output ENO is set to "0". CHAR1) X WCHAR 1) X Explanation Mnemonics of the instruction - The bit pattern of the source value is converted and transferred to the destination data type. ULINT_TO_CHAR ULINT_TO_WCHAR x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width (the non-existing sign is replaced with zeros), and then the bits are copied. The source type determines the interpre tation. See also Implicit conversion of ULINT (Page 2220) Overview of data type conversion (Page 2198) ULINT (64-bit integers) (Page 2148) 2292 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Floating-point numbers (S7-1500) Explicit conversion of REAL (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the REAL data type: WinCC Advanced V14 System Manual, 10/2016 2293 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction REAL BOOL - No explicit conversion - BYTE - - WORD - - DWORD X The bit pattern of the source value REAL_TO_DWORD is transferred unchanged right-justi fied to the destination data type. LWORD - No explicit conversion - SINT X REAL_TO_SINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X USINT X INT X UINT X The value is converted into the des tination data type. The result of con version depends on the instruction employed. The enable output ENO is set to "0" if the admissible range of values of the destination data type is exceeded during conversion or the value to be converted has an invalid floating-point number. DINT X REAL_TO_DINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X UDINT X REAL_TO_UDINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LINT X REAL_TO_LINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X ULINT X REAL_TO_ULINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL X The value is converted into the des REAL_TO_LREAL, ROUND, CEIL, tination data type. The result of the FLOOR, TRUNC, NORM_X, SCALE_X conversion depends on the instruc tion used, e.g. TRUNC(2.5) = 2.0; CEIL(2.5) = 3.0 TIME - No explicit conversion LTIME - - S5TIME - - LDT - - DT - - DTL - - TOD - - LTOD - - DATE - STRING X WSTRING X CHAR - WCHAR - 2294 REAL_TO_USINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X REAL_TO_INT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X REAL_TO_UINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X - The value is converted into a char REAL_TO_STRING, S_CONV, acter string. The enable output VAL_STRG ENO is set to "0" if the character REAL_TO_WSTRING string length is exceeded or the val ue to be converted has an invalid floating-point number. The min. length of the character string is 14 characters. No explicit conversion - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible See also Implicit conversion of REAL (Page 2222) Overview of data type conversion (Page 2198) REAL (Page 2150) WinCC Advanced V14 System Manual, 10/2016 2295 Programming the PLC 11.3 Data types Explicit conversion of LREAL (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LREAL data type: 2296 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction LREAL BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - LWORD X The bit pattern of the source value LREAL_TO_LWORD is transferred unchanged right-justi fied to the destination data type. SINT X USINT X INT X UINT X The value is converted into the des tination data type. The result of con version depends on the instruction employed. The enable output ENO is set to "0" if the admissible range of values of the destination data type is exceeded during conversion or the value to be converted has an invalid floating-point number. DINT X LREAL_TO_DINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X UDINT X LREAL_TO_UDINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LINT X LREAL_TO_LINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X ULINT X LREAL_TO_ULINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X REAL X The value is converted into the des LREAL_TO_LREAL, ROUND, CEIL, tination data type. If the permitted FLOOR, TRUNC, NORM_X, SCALE_X value range of the destination data type is violated during the conver sion or if the value to be converted is an invalid floating-point number, the enable output ENO is set to "0". A loss in accuracy is tolerated. TIME - No explicit conversion LTIME - - S5TIME - - LDT - - DT - - DTL - - TOD - - LTOD - - DATE - STRING X WSTRING X WinCC Advanced V14 System Manual, 10/2016 LREAL_TO_SINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL_TO_USINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL_TO_INT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL_TO_UINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X - The value is converted into a char LREAL_TO_STRING, S_CONV, acter string. The enable output VAL_STRG ENO is set to "0" if the character LREAL_TO_WSTRING string length is exceeded or the val ue to be converted has an invalid floating-point number. The min. 2297 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction length of the character string is 21 characters. CHAR - WCHAR - No explicit conversion - x: Conversion possible - : Conversion not possible See also Implicit conversion of LREAL (Page 2224) Overview of data type conversion (Page 2198) LREAL (Page 2151) 2298 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Timers (S7-1500) Explicit conversion of S5TIME (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the S5TIME data type: Source Destination Conversion Explanation Mnemonics of the instruction S5TIME BOOL - No explicit conversion - BYTE - - WORD X The bit pattern of the source value S5TIME_TO_WORD is transferred unchanged right-justi fied to the destination data type. DWORD - No explicit conversion LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - TIME X A conversion of the source value in S5TIME_TO_TIME to the destination data type takes place here (for example, s5t#10ms becomes T#10ms) LTIME X A conversion of the source value in S5TIME_TO_LTIME to the destination data type takes place here (for example, s5t#10ms becomes LTIME#10ms) LDT - No explicit conversion DT - - DTL - - TOD - - LTOD - - DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - 1) WinCC Advanced V14 System Manual, 10/2016 - - 2299 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. See also Implicit conversion of S5TIME (Page 2225) Overview of data type conversion (Page 2198) S5TIME (duration) (Page 2154) 2300 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of TIME (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the TIME data type: WinCC Advanced V14 System Manual, 10/2016 2301 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction TIME BOOL - No explicit conversion - BYTE X WORD1) X The bit pattern of the source value TIME_TO_BYTE is transferred unchanged right-justi TIME_TO_WORD fied to the destination data type. TIME_TO_DWORD 1) 2302 DWORD1) X LWORD X 1) TIME_TO_LWORD SINT X The bit pattern of the source value TIME_TO_SINT is transferred unchanged right-justi TIME_TO_USINT fied and interpreted as milliseconds TIME_TO_INT to the destination data type. TIME_TO_UINT USINT X INT X UINT X DINT X The bit pattern of the source value TIME_TO_DINT, T_CONV is transferred unchanged right-justi fied to the destination data type. The result of conversion shows the duration in milliseconds. UDINT X LINT X ULINT X The bit pattern of the source value TIME_TO_UDINT is transferred unchanged right-justi TIME_TO_LINT fied and interpreted as milliseconds TIME_TO_ULINT to the destination data type. A change in sign has the result that the enable output ENO is set to "0". REAL - No explicit conversion LREAL - S5TIME X A conversion of the source value in TIME_TO_TIME to the destination data type takes place here (for example, T#10ms becomes s5t#10ms) LTIME X A conversion of the source value in TIME_TO_LTIME to the destination data type takes place here (for example, T#10ms becomes LTIME#10ms) LDT - No explicit conversion DT - - DTL - - TOD X The bit pattern of the source value TIME_TO_TOD is transferred unchanged right-justi fied to the destination data type. If the source value is outside the val ue range of TOD, the destination data type remains unchanged. LTOD - No explicit conversion DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - - - - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. See also Implicit conversion of TIME (Page 2227) Overview of data type conversion (Page 2198) TIME (IEC time) (Page 2155) WinCC Advanced V14 System Manual, 10/2016 2303 Programming the PLC 11.3 Data types Explicit conversion of LTIME (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LTIME data type: 2304 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction LTIME BOOL - No explicit conversion - BYTE X WORD1) X The bit pattern of the source value LTIME_TO_BYTE is transferred unchanged right-justi LTIME_TO_WORD fied to the destination data type. LTIME_TO_DWORD 1) DWORD1) X LWORD X 1) LTIME_TO_LWORD SINT X The bit pattern of the source value is transferred unchanged right-justi fied and interpreted as nanosec onds to the destination data type. A change in sign has the result that the enable output ENO is set to "0". USINT X INT X UINT X DINT X UDINT X LTIME_TO_UDINT LINT X LTIME_TO_LINT, T_CONV ULINT X LTIME_TO_ULINT REAL - LREAL - S5TIME X A conversion of the source value in LTIME_TO_S5TIME to the destination data type takes place here (for example, LTIME#10ms becomes s5t#10ms) TIME X A conversion of the source value in LTIME_TO_TIME to the destination data type takes place here (for example, LTI MET#10ms becomes T#10ms) LDT X A conversion of the source value in LTIME_TO_LDT to the destination data type takes place here (for example, LTI MET#10ms becomes LDT#1970-1-1-0:0:0.010000000) DT - No explicit conversion DTL - - TOD - - LTOD X The bit pattern of the source value LTIME_TO_LTOD is transferred unchanged right-justi fied to the destination data type. If the source value is outside the val ue range of LTOD, the destination data type remains unchanged. DATE - No explicit conversion STRING - - WSTRING - - CHAR - - WCHAR - - No explicit conversion LTIME_TO_SINT LTIME_TO_USINT LTIME_TO_INT LTIME_TO_UINT LTIME_TO_DINT - - - x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. 1) WinCC Advanced V14 System Manual, 10/2016 2305 Programming the PLC 11.3 Data types See also Implicit conversion of LTIME (Page 2229) Overview of data type conversion (Page 2198) LTIME (IEC time) (Page 2156) 2306 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Date and time-of-day (S7-1500) Explicit conversion of DT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DT data type: WinCC Advanced V14 System Manual, 10/2016 2307 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction DT BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - S5TIME - - TIME - - LTIME - - LDT X A conversion of the source value in DT_TO_LDT to the destination data type takes place here (for example, DT#1990-1-2-0:0:1.0 becomes LDT#1990-1-2-0:0:1.0) DTL X A conversion of the source value in DT_TO_DTL to the destination data type takes place here (for example, DT#1990-1-2-0:0:1.0 becomes DTL#1990-1-2-0:0:1.0) TOD X A conversion of the source value in DT_TO_TOD to the destination data type takes place here (for example, DT#1990-1-2-0:0:1.0 becomes TOD#1990-1-2-0:0:1.0) LTOD X A conversion of the source value in DT_TO_LTOD to the destination data type takes place here (for example, DT#1990-1-2-0:0:1.0 becomes LTOD#1990-1-2-0:0:1.0) DATE X The bit pattern of the source value DT_TO_DATE is transferred unchanged right-justi fied to the destination data type. STRING - No explicit conversion WSTRING - - CHAR - - WCHAR - - 2308 - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible See also Implicit conversion of DT (Page 2231) Overview of data type conversion (Page 2198) DATE_AND_TIME (date and time of day) (Page 2158) WinCC Advanced V14 System Manual, 10/2016 2309 Programming the PLC 11.3 Data types Explicit conversion of LDT (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LDT data type: 2310 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction LDT BOOL - No explicit conversion - BYTE X WORD1) X DWORD1) X The bit pattern of the source value LDT_TO_BYTE is transferred unchanged right-justi LDT_TO_WORD fied to the destination data type. LDT_TO_DWORD LWORD 1) X LDT_TO_LWORD SINT X LDT_TO_SINT USINT X LDT_TO_USINT INT X LDT_TO_INT UINT X LDT_TO_UINT DINT X LDT_TO_DINT UDINT X LDT_TO_UDINT LINT X LDT_TO_LINT ULINT X LDT_TO_ULINT REAL - LREAL - - S5TIME - - TIME - LTIME X The bit pattern of the source value LDT_TO_LTIME is transferred unchanged right-justi fied to the destination data type. DT X A conversion of the source value in LDT_TO_DT to the destination data type takes place here (for example, LDT#1990-1-2-0:0:1.0 becomes DT#1990-1-2-0:0:1.0) DTL X A conversion of the source value in LDT_TO_DTL to the destination data type takes place here (for example, LDT#1990-1-2-0:0:1.0 becomes DTL#1990-1-2-0:0:1.0) TOD X A conversion of the source value in LDT_TO_TOD to the destination data type takes place here (for example, LDT#1990-1-2-0:0:1.0 becomes TOD#1990-1-2-0:0:1.0) LTOD X A conversion of the source value in LDT_TO_LTOD to the destination data type takes place here (for example, LDT#1990-1-2-0:0:1.0 becomes LTOD#1990-1-2-0:0:1.0) DATE X The bit pattern of the source value LDT_TO_DATE is transferred unchanged right-justi fied to the destination data type. STRING - No explicit conversion WSTRING - - CHAR - - 1) WinCC Advanced V14 System Manual, 10/2016 No explicit conversion - - - 2311 Programming the PLC 11.3 Data types Source Destination Conversion WCHAR - Explanation Mnemonics of the instruction - x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. 1) See also Implicit conversion of LDT (Page 2233) Overview of data type conversion (Page 2198) LDT (DATE_AND_LTIME) (Page 2159) 2312 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DTL (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DTL data type: WinCC Advanced V14 System Manual, 10/2016 2313 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction DTL BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - LWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - LINT - - ULINT - - REAL - - LREAL - - S5TIME - - TIME - - LTIME - - LDT X A conversion of the source value in DTL_TO_LDT to the destination data type takes place here (for example, DTL#1990-1-2-0:0:1.0 becomes LDT#1990-1-2-0:0:1.0) DT X A conversion of the source value in DTL_TO_DT to the destination data type takes place here (for example, DTL#1990-1-2-0:0:1.0 becomes DT#1990-1-2-0:0:1.0) TOD X X During the conversion, the time of day is extracted from the DTL for mat and written to the destination data type. DTL_TO_TOD, T_CONV LTOD DATE X During the conversion, the date is extracted from the DTL format and written to the destination data type. The enable output ENO is set to "0" in the event of overflow. DTL_TO_DATE, T_CONV STRING - No explicit conversion - WSTRING - - CHAR - - WCHAR - - DTL_TO_LTOD x: Conversion possible - : Conversion not possible 2314 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Implicit conversion of DTL (Page 2235) Overview of data type conversion (Page 2198) DTL (Page 2160) WinCC Advanced V14 System Manual, 10/2016 2315 Programming the PLC 11.3 Data types Explicit conversion of DATE (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DATE data type: Source Target Conversion Explanation Mnemonics of the instruction DATE BOOL - No explicit conversion - BYTE1) X WORD1) X DWORD1) X The bit pattern of the source value DATE_TO_BYTE is transferred unchanged, right-jus DATE_TO_WORD tified, to the target data type. DATE_TO_DWORD LWORD X DATE_TO_LWORD 1) SINT X USINT X The number of days since 1/1/1990 is returned as result. DATE_TO_SINT INT X DATE_TO_INT UINT X DATE_TO_UINT DINT X DATE_TO_DINT UDINT X DATE_TO_UDINT LINT X DATE_TO_LINT ULINT X REAL - LREAL - - S5TIME - - TIME - - LTIME - DT X LDT X DTL 2) X TOD - LTOD - - STRING - - WSTRING - - CHAR - - WCHAR - - DATE_TO_USINT DATE_TO_ULINT No explicit conversion - The conversion sets the date in the destination type. DATE_TO_DT DATE_TO_LDT DATE_TO_DTL No explicit conversion - x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. 1) The data type DTL is initialized as follows: 1970-1-1-0:0:0. Conversion from DATE_TO_DTL only sets the corresponding part of the DTL. The rest of the DTL remains as it was initialized. This results in the following differences for the instructions "T_COMBINE" and "T_CONV": 2) T_COMBINE(D#2015-24-12, LTOD#12:13:14) returns DTL#2015-24-12-12:13:14 myDTL := T_CONV(D#2015-24-12); myDTL := T_CONV(LTOD#12:13:14) results in myDTL = DTL#1970-1-1-12:13:14 2316 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Implicit conversion of DATE (Page 2237) Overview of data type conversion (Page 2198) DATE (Page 2157) WinCC Advanced V14 System Manual, 10/2016 2317 Programming the PLC 11.3 Data types Explicit conversion of TOD (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the TOD data type: Source Destination Conversion Explanation Mnemonics of the instruction TOD BOOL - No explicit conversion - BYTE1) X WORD1) X DWORD1) X The bit pattern of the source value TOD_TO_BYTE is transferred unchanged right-justi TOD_TO_WORD fied to the destination data type. TOD_TO_DWORD LWORD X TOD_TO_LWORD 1) SINT X USINT X The number of milliseconds since midnight is returned as result. TOD_TO_SINT INT X TOD_TO_INT UINT X TOD_TO_UINT DINT X TOD_TO_DINT UDINT X The result of the conversion corre sponds to the number of millisec onds since the start of day (0:00). LINT X ULINT X The bit pattern of the source value TOD_TO_LINT is transferred unchanged right-justi TOD_TO_ULINT fied to the destination data type. REAL - No explicit conversion LREAL - S5TIME - TIME X The duration since midnight is re turned as result. LTIME - No explicit conversion - DT X TOD_TO_DT LDT X The conversion sets the time in the destination data type. DTL X DATE - No explicit conversion LTOD X A conversion of the source value in TOD_TO_LTOD to the destination data type takes place here (for example, TOD#1:0:0.0 becomes LTOD#1:0:0.0) STRING - No explicit conversion WSTRING - - CHAR - - WCHAR - - TOD_TO_USINT TOD_TO_UDINT, T_CONV TOD_TO_TIME TOD_TO_LDT TOD_TO_DTL - - x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. 2318 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Implicit conversion of TOD (Page 2239) Overview of data type conversion (Page 2198) TIME_OF_DAY (TOD) (Page 2157) WinCC Advanced V14 System Manual, 10/2016 2319 Programming the PLC 11.3 Data types Explicit conversion of LTOD (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the LTOD data type: 2320 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction LTOD BOOL - No explicit conversion - BYTE X WORD1) X The bit pattern of the source value LTOD_TO_BYTE is transferred unchanged right-justi LTOD_TO_WORD fied to the destination data type. LTOD_TO_DWORD 1) DWORD1) X LWORD X 1) LTOD_TO_LWORD SINT X The number of nanoseconds since midnight is returned as result. LTOD_TO_SINT USINT X INT X LTOD_TO_INT LTOD_TO_USINT UINT X LTOD_TO_UINT DINT X LTOD_TO_DINT UDINT X LTOD_TO_UDINT LINT X LTOD_TO_LINT ULINT X LTOD_TO_ULINT, T_CONV REAL - LREAL - - S5TIME - - TIME - LTIME X The bit pattern of the source value LTOD_TO_LTIME is transferred unchanged right-justi fied to the destination data type. DT X A conversion of the source value in LTOD_TO_DT to the destination data type takes place here (for example, LTOD#1:0:0.0 becomes DT#1:0:0.0) LDT X A conversion of the source value in LTOD_TO_LDT to the destination data type takes place here (for example, LTOD#1:0:0.0 becomes LDT#1:0:0.0) DTL X A conversion of the source value in LTOD_TO_DTL to the destination data type takes place here (for example, LTOD#1:0:0.0 becomes DTL#1:0:0.0) DATE - No explicit conversion TOD X A conversion of the source value in LTOD_TO_TOD to the destination data type takes place here (for example, LTOD#1:0:0.0 becomes TOD#1:0:0.0) STRING - No explicit conversion WSTRING - - CHAR - - WCHAR - - WinCC Advanced V14 System Manual, 10/2016 No explicit conversion - - - - 2321 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data types CHAR and WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. See also Implicit conversion of LTOD (Page 2241) Overview of data type conversion (Page 2198) LTOD (LTIME_OF_DAY) (Page 2158) 2322 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types String (S7-1500) Explicit conversion of CHAR (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the CHAR data type: Source Destination Conversion Explanation Mnemonics of the instruction CHAR BOOL BYTE1) - No explicit conversion - X WORD1) X DWORD1) X The bit pattern of the source value CHAR_TO_BYTE is transferred unchanged right-justi CHAR_TO_WORD fied to the destination data type. CHAR_TO_DWORD LWORD X CHAR_TO_LWORD SINT X CHAR_TO_SINT USINT X CHAR_TO_USINT INT X CHAR_TO_INT UINT X CHAR_TO_UINT DINT X CHAR_TO_DINT UDINT X CHAR_TO_UDINT LINT X CHAR_TO_LINT ULINT X REAL - LREAL - - S5TIME - - TIME - - LTIME - - DT - - LDT - - DTL - - TOD - - LTOD - - DATE - - STRING X The value is converted into the first CHAR_TO_STRING, S_CONV character in the character string (STRING). The length "1" is set af ter conversion if the character string length is not defined. If the charac ter string length is defined, it re mains unchanged following conver sion. WSTRING - No explicit conversion WCHAR X 1) WinCC Advanced V14 System Manual, 10/2016 CHAR_TO_ULINT No explicit conversion - CHAR_TO_WCHAR 2323 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data type WCHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. 1) See also Implicit conversion of CHAR (Page 2243) Overview of data type conversion (Page 2198) CHAR (Character) (Page 2161) 2324 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of WCHAR (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the WCHAR data type: Source Destination Conversion Explanation Mnemonics of the instruction WCHAR BOOL BYTE1) - No explicit conversion - X WORD1) X DWORD1) X The bit pattern of the source value WCHAR_TO_BYTE is transferred unchanged right-justi WCHAR_TO_WORD fied to the destination data type. WCHAR_TO_DWORD LWORD X WCHAR_TO_LWORD SINT X WCHAR_TO_SINT USINT X WCHAR_TO_USINT INT X WCHAR_TO_INT UINT X WCHAR_TO_UINT DINT X WCHAR_TO_DINT UDINT X WCHAR_TO_UDINT LINT X WCHAR_TO_LINT ULINT X REAL - LREAL - - S5TIME - - TIME - - LTIME - - DT - - LDT - - DTL - - TOD - - LTOD - - DATE - - STRING - WSTRING X CHAR X 1) WCHAR_TO_ULINT No explicit conversion - The value is converted into the first character in the character string (WSTRING). The length "1" is set after conversion if the character string length is not defined. If the character string length is defined, it remains unchanged following con version. WCHAR_TO_WSTRING WCHAR_TO_CHAR x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD, LWORD) and the data type CHAR are initially extended to the necessary width, and then the bits are copied. The source type determines the interpretation. WinCC Advanced V14 System Manual, 10/2016 2325 Programming the PLC 11.3 Data types See also Overview of data type conversion (Page 2198) WCHAR (Character) (Page 2162) Implicit conversion of WCHAR (Page 2244) 2326 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of STRING (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the STRING data type: WinCC Advanced V14 System Manual, 10/2016 2327 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction STRING BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - LWORD - SINT X USINT X INT X UINT X DINT X UDINT X LINT X ULINT X REAL X LREAL X S5TIME - TIME - - LTIME - - DT - - LDT - - DTL - - TOD - - LTOD - - DATE - CHAR X The first character in the character STRING_TO_CHAR, S_CONV string (STRING) is transferred to the destination data type. The value "0" is written to the destination data type if the character string is empty. WCHAR - No explicit conversion WSTRING X Conversion begins with the first character in the character string (STRING) and stops at the end of the string or at the first inadmissible character. The following characters are admissible for conversion: Digit Sign Dot The first character in the character string may be a sign (+, -) or a digit. Leading spaces are ignored. The dot is used as separation for the conversion of floating-point num bers. The exponential notation "e" or "E" is not permitted. The comma as thousand separator to the left of the decimal point is permitted but is ignored. If the layout of the charac ter string is invalid for the conver sion or an overflow occurs, then the enable output ENO will be set to "0". No explicit conversion STRING_TO_SINT, S_CONV, STRG_VAL STRING_TO_USINT, S_CONV, STRG_VAL STRING_TO_INT, S_CONV, STRG_VAL STRING_TO_UINT, S_CONV, STRG_VAL STRING_TO_DINT, S_CONV, STRG_VAL STRING_TO_UDINT, S_CONV, STRG_VAL STRING_TO_LINT, S_CONV, STRG_VAL STRING_TO_ULINT, S_CONV, STRG_VAL STRING_TO_REAL, S_CONV, STRG_VAL STRING_TO_LREAL, S_CONV, STRG_VAL - - STRING_TO_WSTRING x: Conversion possible - : Conversion not possible 2328 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also Implicit conversion of STRING (Page 2246) Overview of data type conversion (Page 2198) STRING (Page 2162) WinCC Advanced V14 System Manual, 10/2016 2329 Programming the PLC 11.3 Data types Explicit conversion of WSTRING (S7-1500) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the WSTRING data type: 2330 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Destination Conversion Explanation Mnemonics of the instruction WSTRIN G BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - LWORD - SINT X USINT X INT X UINT X DINT X UDINT X LINT X ULINT X REAL X LREAL X S5TIME - TIME - - LTIME - - DT - - LDT - - DTL - - TOD - - LTOD - - DATE - - CHAR - - WCHAR X The first character in the character WSTRING_TO_WCHAR string (WSTRING) is transferred to the destination data type. The value "0" is written to the destination data type if the character string is empty. STRING X WSTRING_TO_STRING Conversion begins with the first character in the character string (WSTRING) and stops at the end of the string or at the first inadmissible character. The following characters are admissible for conversion: Digit Sign Dot The first character in the character string may be a sign (+, -) or a digit. Leading spaces are ignored. The dot is used as separation for the conversion of floating-point num bers. The exponential notation "e" or "E" is not permitted. The comma as thousand separator to the left of the decimal point is permitted but is ignored. If the layout of the charac ter string is invalid for the conver sion or an overflow occurs, then the enable output ENO will be set to "0". No explicit conversion WSTRING_TO_SINT, S_CONV, STRG_VAL WSTRING_TO_USINT, S_CONV, STRG_VAL WSTRING_TO_INT, S_CONV, STRG_VAL WSTRING_TO_UINT, S_CONV, STRG_VAL WSTRING_TO_DINT, S_CONV, STRG_VAL WSTRING_TO_UDINT, S_CONV, STRG_VAL WSTRING_TO_LINT, S_CONV, STRG_VAL WSTRING_TO_ULINT, S_CONV, STRG_VAL WSTRING_TO_REAL, S_CONV, STRG_VAL WSTRING_TO_LREAL, S_CONV, STRG_VAL - x: Conversion possible - : Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2331 Programming the PLC 11.3 Data types See also Overview of data type conversion (Page 2198) WSTRING (Page 2165) Implicit conversion of WSTRING (Page 2247) 11.3.16 Data type conversion for S7-1200 (S7-1200) 11.3.16.1 Overview of data type conversion (S7-1200) Introduction If you link several operands in an instruction, you must make sure that the data types are compatible. This applies also for assignments or for supplying block parameters. If the operands are not the same data type, a conversion has to be carried out. There are two options for the conversion: Implicit conversion The conversion take place automatically when the instruction is executed. Explicit conversion You use an explicit conversion instruction before the actual instruction is executed. Note The data type conversion options described always refer to the latest version of the CPU (V. 4) Conversions marked as possible may not be available in CPU versions 1 - 3. Note Converting bit strings in SCL All bit strings (BYTE, WORD, and DWORD) are handled like the corresponding unsigned integers (USINT, UINT, and UDINT) in expressions. Therefore, implicit conversion from DWORD to REAL is carried out like a conversion from UDINT to REAL, for example. 2332 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion An implicit conversion is executed automatically if the data types of the operands are compatible. This compatibility test can be carried out according to criteria that are more or less strict: With IEC check (default) If IEC check is set, the following rules are applied: - Implicit conversion of BOOL to other data types is not possible. - Only the REAL, BYTE, WORD, DINT, INT, SINT, UDINT, UINT, USINT, TIME, DT, STRING, CHAR and WCHAR data types can be converted implicitly. - The bit length of the source data type must not exceed the bit length of the target data type. An operand of data type WORD, for example, cannot be declared at a parameter at which data type BYTE is expected. Without IEC check If IEC check is not set, the following rules are applied: - Implicit conversion of BOOL to other data types is not possible. - Only the REAL, LREAL, BYTE, WORD, DWORD, SINT, INT, DINT, USINT, UINT, UDINT, TIME, DTL, TOD, DATE, STRING, CHAR and WCHAR data types can be converted implicitly. - The bit length of the source data type must not exceed the bit length of the target data type. An operand of data type DWORD, for example, cannot be declared at a parameter at which data type WORD is expected. - The bit length of an operand entered in-out parameters InOut) must be the same as the programmed bit length for the parameter in question. Note Implicit conversion without IEC check The programming editor uses a gray rectangle to mark operands that are implicitly converted. The dark gray rectangle signals that an implicit conversion is possible without any accuracy loss, for example, if you convert the data type SINT to INT. A light gray rectangle signals that implicit conversion is possible, but errors could occur during runtime. If, for example, you are converting the data type DINT to INT and an overflow occurs, the enable output ENO is set to "0". For more information about the setting of the IEC check and the implicit conversion, refer to "See also". Explicit conversion If the operands are not compatible and an implicit conversion is therefore not possible, you can use an explicit conversion instruction. You can find the conversion instructions in the "Instructions" task card. WinCC Advanced V14 System Manual, 10/2016 2333 Programming the PLC 11.3 Data types A possible overflow is displayed at the ENO enable output. An overflow is created, for example, if the value of the source data type is greater than the value of the target data type. Note Shifting of bit patterns If the explicit conversion involves shifting a bit pattern, the enable output ENO is not set. For more information about explicit conversion, refer to "See also". The following figure shows an example in which an explicit data type conversion must be carried out: %ORFNB'DWD &219(57 ',17WR,17 ,1B',17 (1 (12 ,1 287 %ORFN (1 287B,17 287B,17 (12 ,1B,17 287B%22/ The "Block" function block expects a tag of the INT data type at the "IN_INT" input parameter. Therefore, the value of the "IN_DINT" tag must first be converted from DINT to INT. If the value of the "IN_DINT" tag is within the permitted value range of the INT data type, the conversion takes place. Otherwise, an overflow is signaled. A conversion still takes place even in case of an overflow, but the values are cut off and the enable output ENO is set to "0". See also Setting and canceling the IEC check (Page 2334) Implicit conversions (Page 2334) Explicit conversions (Page 2354) 11.3.16.2 Implicit conversions (S7-1200) Setting and canceling the IEC check (S7-1200) The data types of the operands used are check for compatibility. This compatibility test can be carried out according to criteria that are more or less strict. If "IEC check" is activated, stricter criteria are applied. You can set the IEC check centrally for all new blocks of the project or for individual blocks. 2334 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Setting IEC check for new blocks To set the IEC check for all new blocks in the project, proceed as follows: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "PLC programming > General" group in the area navigation. 3. Select or clear the "IEC check" check box in the "Default settings for new blocks" group. The IEC check is enabled or disabled for all new blocks in the program. Setting IEC check for a block To set the IEC check for a block, proceed as follows: 1. Open the block. 2. Open the "Properties" tab in the Inspector window. 3. Select the "Attributes" group in the area navigation. 4. Select or clear the "IEC check" check box. The IEC check is enabled or disabled for this block. The setting is stored together with the project. Binary numbers (S7-1200) Implicit conversion of BOOL (S7-1200) Options for implicit conversion The implicit conversion of the BOOL data type is not possible. See also BOOL (bit) (Page 2136) WinCC Advanced V14 System Manual, 10/2016 2335 Programming the PLC 11.3 Data types Bit strings (S7-1200) Implicit conversion of BYTE (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the BYTE data type: Source BYTE Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion WORD x x DWORD x x The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. SINT - x USINT - x INT - x UINT - x DINT - x UDINT - x REAL - - LREAL - - TIME - - DTL - - TOD - - DATE - - STRING - - WSTRING - - CHAR - x WCHAR - x No implicit conversion The bit pattern of the source value is transferred unchanged to the target data type. x: Conversion possible -: Conversion not possible See also BYTE (Page 2136) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of BYTE (Page 2355) 2336 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of WORD (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the WORD data type: Source WORD Target With Without IEC check IEC check Description BOOL - - No implicit conversion BYTE - X The least significant byte is transferred to the target data type, while the most significant byte is ignored. DWORD X X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. SINT - X The least significant byte is transferred to the target data type, while the most significant byte is ignored. USINT - X INT - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. UINT - X DINT - X UDINT - X REAL - - LREAL - - TIME - - DTL - - TOD - - DATE - X The bit pattern of the source value is transferred unchanged to the target data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X No implicit conversion The bit pattern of the source value is transferred unchanged to the target data type. x: Conversion possible -: Conversion not possible See also WORD (Page 2137) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of WORD (Page 2357) WinCC Advanced V14 System Manual, 10/2016 2337 Programming the PLC 11.3 Data types Implicit conversion of DWORD (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the DWORD data type: Source DWORD Target BOOL With Without IEC check IEC check Explanation - - No implicit conversion The right bytes are transferred to the target data type; the left bytes are ignored. BYTE - X WORD - X SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X REAL - X The value is converted to the format of the target data type. (The value "-1", for example, is converted to the value "-1.0".) LREAL - - No implicit conversion TIME - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DTL - - No implicit conversion TOD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DATE - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also DWORD (Page 2138) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of DWORD (Page 2360) 2338 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Integers (S7-1200) Implicit conversion of SINT (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the SINT data type: Source SINT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. The remaining bits are filled with "0". DWORD - X USINT - X INT X X UINT - X DINT X X UDINT - X REAL X X LREAL X X The value is converted to the format of the target data type. (The value "-1", for example, is converted to the value "-1.0".) TIME - - No implicit conversion DTL - - TOD - - DATE - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value transfer from SINT #-1 -> INT #-1, not filled with "0".) The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also SINT (8-bit integers) (Page 2141) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of SINT (Page 2364) WinCC Advanced V14 System Manual, 10/2016 2339 Programming the PLC 11.3 Data types Implicit conversion of USINT (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the USINT data type: Source USINT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. The remaining bits are filled with "0". DWORD - X SINT - X INT X X UINT X X DINT X X UDINT X X REAL X X LREAL X X The value is converted to the format of the target data type. (The value "1", for example, is converted to the value "1.0".) TIME - - No implicit conversion DTL - - TOD - - DATE - - STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from USINT #10 -> DINT #10 or USINT #128 -> SINT #-128) The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also USINT (8-bit integers) (Page 2142) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of USINT (Page 2367) 2340 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of INT (S7-1200) Options for implicit conversion The following table shows the options for the implicit conversion of the INT data type: Source INT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DWORD - X SINT - X USINT - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from INT #-1 -> SINT #-1, or INT #-32 767 -> UINT #32 769) UINT - X DINT X X UDINT - X REAL X X LREAL X X The value is converted to the format of the target data type. (The value "-1", for example, is converted to the value "-1.0".) No implicit conversion TIME - - DTL - - TOD - - DATE - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also INT (16-bit integers) (Page 2143) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of INT (Page 2370) WinCC Advanced V14 System Manual, 10/2016 2341 Programming the PLC 11.3 Data types Implicit conversion of UINT (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the UINT data type: Source UINT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DWORD - X SINT - X USINT - X INT - X DINT X X UDINT X X REAL X X LREAL X X The value is converted to the format of the target data type. (The value "1", for example, is converted to the value "1.0".) TIME - - No implicit conversion DTL - - TOD - - DATE - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. STRING - - No implicit conversion WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from UINT #100 -> DINT #100 or UINT #60 000 -> INT #-5536) The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also UINT (16-bit integers) (Page 2144) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of UINT (Page 2373) 2342 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of DINT (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the DINT data type: Source DINT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DWORD - X SINT - X USINT - X INT - X UINT - X UDINT - X REAL - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from DINT #-1 -> REAL #-1.0, but there is a loss in accuracy for numbers with an absolute value greater than 8 388 608) LREAL X X The value is converted to the format of the target data type. (The value "-1", for example, is converted to the value "-1.0".) TIME - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DTL - - No implicit conversion TOD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DATE - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from DINT #-1 -> SINT #-1 or DINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also DINT (32-bit integers) (Page 2145) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of DINT (Page 2376) WinCC Advanced V14 System Manual, 10/2016 2343 Programming the PLC 11.3 Data types Implicit conversion of UDINT (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the UDINT data type: Source UDINT Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DWORD - X SINT - X USINT - X INT - X UINT - X DINT - X REAL - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from DINT #-1 -> REAL #-1.0, but there is a loss in accuracy for numbers with an absolute value greater than 8 388 608) LREAL X X The value is converted to the format of the target data type. (The value "1", for example, is converted to the value "1.0".) TIME - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DTL - - No implicit conversion TOD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. DATE - - No implicit conversion STRING - - WSTRING - - CHAR - X WCHAR - X The bit pattern of the source value is converted and transferred to the target data type. (for example, value conversion from DINT #-1 -> SINT #-1 or DINT #-1 -> USINT #255) The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. x: Conversion possible -: Conversion not possible See also UDINT (32-bit integers) (Page 2146) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of UDINT (Page 2379) 2344 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Floating-point numbers (S7-1200) Implicit conversion of REAL (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the REAL data type: Source REAL Target With Without IEC check IEC check Explanation BOOL - - BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. SINT - X USINT - X INT - X UINT - X The bit pattern of the source value is rounded off and converted and transferred to the target data type. (for example, rounding off and value conversion of REAL #2.5 -> INT #2 or negative number REAL #-2.5 -> INT #-2 -> USINT #254. With an overflow, the remainder is determined REAL #305.5 -> INT #306 -> USINT #50) DINT - X UDINT - X LREAL X X The value is transferred to the target data type. TIME - - No implicit conversion DTL - - TOD - - DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - No implicit conversion x: Conversion possible -: Conversion not possible See also REAL (Page 2150) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of REAL (Page 2382) WinCC Advanced V14 System Manual, 10/2016 2345 Programming the PLC 11.3 Data types Implicit conversion of LREAL (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the LREAL data type: Source LREAL Target With Without IEC check IEC check BOOL - - BYTE - - WORD - - DWORD - - SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X REAL - - TIME - - DTL - - TOD - - DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - Explanation No implicit conversion The bit pattern of the source value is rounded off and converted and transferred to the target data type. (for example, rounding off and value conversion of REAL #2.5 -> INT #2 or negative number REAL #-2.5 -> INT #-2 -> USINT #254. With an overflow, the remainder is determined REAL #305.5 -> INT #306 -> USINT #50) No implicit conversion x: Conversion possible -: Conversion not possible See also Explicit conversion of LREAL (Page 2385) 2346 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Timers (S7-1200) Implicit conversion of TIME (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the TIME data type: Source TIME Target With Without IEC check IEC check Explanation BOOL - - BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion shows the duration in milliseconds. SINT - - No implicit conversion USINT - - INT - - UINT - - DINT - X UDINT - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion shows the duration in milliseconds. REAL - - No implicit conversion LREAL - - DTL - - TOD - X The bit pattern of a source value that is less than 24 h (86 400 00 ms) is transferred without changes to the target data type. No further changes are made to the target value. The result of the conversion shows the time that has passed since midnight. DATE - - No implicit conversion STRING - - WSTRING - - CHAR - - WCHAR - - No implicit conversion x: Conversion possible -: Conversion not possible See also TIME (IEC time) (Page 2155) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of TIME (Page 2388) WinCC Advanced V14 System Manual, 10/2016 2347 Programming the PLC 11.3 Data types Date and time (S7-1200) Implicit conversion of DATE (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the DATE data type: Source DATE Target With Without IEC check IEC check Explanation BOOL - - BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of days since 01-01-1990. DWORD - - No implicit conversion SINT - - USINT - - INT - X UINT - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of days since 01-01-1990. DINT - - No implicit conversion UDINT - - REAL - - LREAL - - TIME - - DTL - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of days since 01-01-1990. TOD - - No implicit conversion STRING - - WSTRING - - CHAR - - WCHAR - - No implicit conversion x: Conversion possible -: Conversion not possible See also DATE (Page 2157) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of DATE (Page 2390) 2348 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of TOD (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the TOD data type: Source TOD Target With Without IEC check IEC check Explanation BOOL - - BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of milliseconds since the start of day (0:00 hrs). SINT - - No implicit conversion USINT - - INT - - UINT - - DINT - X UDINT - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of milliseconds since the start of day (0:00 hrs). REAL - - No implicit conversion LREAL - - TIME - X The bit pattern of the source value is transferred unchanged to the target data type. The result of the conversion corresponds to the number of milliseconds since the start of day (0:00 hrs). DTL - - No implicit conversion DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - No implicit conversion x: Conversion possible -: Conversion not possible See also TIME_OF_DAY (TOD) (Page 2157) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of TOD (Page 2391) WinCC Advanced V14 System Manual, 10/2016 2349 Programming the PLC 11.3 Data types Implicit conversion of DTL (S7-1200) Options for implicit conversion The DTL data type cannot be implicitly converted. See also Explicit conversion of DTL (Page 2392) Character strings (S7-1200) Implicit conversion of CHAR (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the CHAR data type: Source CHAR Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. The remaining bits are filled from the left with "0". SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X REAL - - LREAL - - TIME - - DTL - - TOD - - DATE - - WCHAR - - STRING X X The STRING is shortened to length 1 and includes the character. WSTRING - - No implicit conversion No implicit conversion x: Conversion possible -: Conversion not possible 2350 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also CHAR (Character) (Page 2161) Setting and canceling the IEC check (Page 2334) Overview of data type conversion (Page 2332) Explicit conversion of CHAR (Page 2393) Implicit conversion of WCHAR (S7-1200) Options for implicit conversion The following table shows the options for the implicit conversion of the WCHAR data type: Source WCHAR Target With Without IEC check IEC check Explanation BOOL - - No implicit conversion BYTE - X WORD - X DWORD - X The bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. The remaining bits are filled from the left with "0". SINT - X USINT - X INT - X UINT - X DINT - X UDINT - X REAL - - LREAL - - TIME - - DTL - - TOD - - DATE - - CHAR - - STRING - - WSTRING X X No implicit conversion The WSTRING is shortened to length 1 and includes the character. x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2351 Programming the PLC 11.3 Data types Implicit conversion of STRING (S7-1200) Options for implicit conversion The following table shows the options for implicit conversion of the STRING data type: Source STRING Target With Without IEC check IEC check BOOL - - BYTE - - WORD - - DWORD - - SINT - - USINT - - Explanation No implicit conversion INT - - UINT - - DINT - - UDINT - - REAL - - LREAL - - TIME - - DTL - - DATE - - TOD - - CHAR - X The first character of the STRING is returned if the STRING includes one or more characters. Otherwise, the character is output with cod ing $00. WCHAR - - No implicit conversion WSTRING - - x: Conversion possible -: Conversion not possible See also Explicit conversion of STRING (Page 2395) 2352 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of WSTRING (S7-1200) Options for implicit conversion The following table shows the options for the implicit conversion of the WSTRING data type: Source WSTRING Target With Without IEC check IEC check Explanation BOOL - - BYTE - - WORD - - DWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - REAL - - LREAL - - TIME - - DTL - - DATE - - TOD - - CHAR - - WCHAR - X The first character of the WSTRING is returned if the WSTRING includes one or more characters. Otherwise, the character is output with coding $0000. STRING - - No implicit conversion No implicit conversion x: Conversion possible -: Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2353 Programming the PLC 11.3 Data types 11.3.16.3 Explicit conversions (S7-1200) Binary numbers (S7-1200) Explicit conversion of BOOL (S7-1200) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BOOL data type: Source Target Conversion Explanation Mnemonics of the instruction BOOL BYTE X BOOL_TO_BYTE WORD X DWORD X Only the LSB (Least Significant Bit) is set in the target data type. The enable output ENO is always "1". SINT X BOOL_TO_SINT USINT X BOOL_TO_USINT INT X BOOL_TO_INT UINT X BOOL_TO_UINT DINT X BOOL_TO_DINT UDINT X REAL - LREAL - - TIME - - DTL - - BOOL_TO_WORD BOOL_TO_DWORD BOOL_TO_UDINT No explicit conversion - TOD - - DATE - - STRING - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible - : Conversion not possible See also BOOL (bit) (Page 2136) Implicit conversion of BYTE (Page 2336) Overview of data type conversion (Page 2332) 2354 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Bit strings (S7-1200) Explicit conversion of BYTE (S7-1200) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BYTE data type: Source Target Conversion Explanation Mnemonics of Instruction BYTE 1) BOOL X The following scenarios are possible: BYTE_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bits are not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". WORD1) DWORD X 1) X The bit pattern of the source value is trans BYTE_TO_WORD ferred unchanged, right-justified, to the tar BYTE_TO_DWORD get data type. BYTE_TO_SINT SINT X USINT X BYTE_TO_USINT INT X BYTE_TO_INT UINT X BYTE_TO_UINT DINT X BYTE_TO_DINT UDINT X BYTE_TO_UDINT REAL - LREAL - TIME X The bit pattern of the source value is trans BYTE_TO_TIME ferred unchanged, right-justified, to the tar get data type. DTL - No explicit conversion TOD X DATE X The bit pattern of the source value is trans BYTE_TO_TOD ferred unchanged, right-justified, to the tar BYTE_TO_DATE get data type. STRING - No explicit conversion WSTRING - CHAR X WCHAR X WinCC Advanced V14 System Manual, 10/2016 No explicit conversion - - - The bit pattern of the source value is trans BYTE_TO_CHAR ferred unchanged, right-justified, to the tar BYTE_TO_WCHAR get data type. 2355 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of Instruction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) are interpreted as an unsigned integer with the same bit length.. Data type BYTE is interpreted as USINT, WORD as UINT and DWORD as UDINT. 1) See also BYTE (Page 2136) Implicit conversion of BYTE (Page 2336) Overview of data type conversion (Page 2332) 2356 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of WORD (S7-1200) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the WORD data type: WinCC Advanced V14 System Manual, 10/2016 2357 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction WORD BOOL X The following scenarios are possible: WORD_TO_BOOL 1) If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X DWORD X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. SINT X ENO = TRUE 1) WORD_TO_BYTE WORD_TO_SINT WORD_TO_DWORD #sint1 := WORD_TO_SINT(16#FFFF); // -1 to #sint1 := WORD_TO_SINT(16#FF80); // -128 #sint1 := WORD_TO_SINT(16#0); // 0 to #sint1 := WORD_TO_SINT(16#007F); // 127 ENO = FALSE #sint1 := WORD_TO_SINT(16#FF7F); // -129 to #sint1 := WORD_TO_SINT(16#8000); // -32768 #sint1 := WORD_TO_SINT(16#0080); // 128 to #sint1 := WORD_TO_SINT(16#7FFF); // 32767 2358 USINT X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. WORD_TO_USINT INT X UINT X DINT X UDINT X REAL - LREAL - TIME X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. WORD_TO_TIME WORD_TO_INT WORD_TO_UINT WORD_TO_DINT WORD_TO_UDINT No explicit conversion - DTL - No explicit conversion - TOD X WORD_TO_TOD DATE X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. WORD_TO_DATE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction STRING - No explicit conversion - WSTRING - CHAR X WCHAR X WORD_BCD16 INT X BCD16 INT X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. WORD_TO_CHAR The value to be converted has data type WORD and is accepted as a BCD-coded value between -999 and +999. The re sult is available after conversion as an integer (in binary notation) of the type INT. A real conversion takes place. If the bit pattern includes an invalid tetrad, a synchronous error is not triggered but only the status bit OV is set instead. WORD_BCD16_TO_INT WORD_TO_WCHAR BCD16_TO_INT x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD) are interpreted as an unsigned integer with the same bit length.. Data type BYTE is interpreted as USINT, WORD as UINT and DWORD as UDINT. See also WORD (Page 2137) Implicit conversion of WORD (Page 2337) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2359 Programming the PLC 11.3 Data types Explicit conversion of DWORD (S7-1200) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DWORD data type: 2360 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source DWORD 1) Target Conversion Explanation Mnemonics of the instruction BOOL X The following scenarios are possible: DWORD_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X WORD X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. SINT X ENO = TRUE 1) DWORD_TO_BYTE DWORD_TO_WORD DWORD_TO_SINT #sint1 := DWORD_TO_SINT(16#FFFF_FFFF); // -1 bis #sint1 := DWORD_TO_SINT(16#FFFF_FF80); // -128 #sint1 := DWORD_TO_SINT(16#0); // 0 bis #sint1 := DWORD_TO_SINT(16#0000_007F); / / 127 ENO = FALSE #sint1 := DWORD_TO_SINT(16#FFFF_FF7F); // -129 #sint1 := DWORD_TO_SINT(16#8000_0000); / / -2147483648 #sint1 := DWORD_TO_SINT(16#0000_0080); / / 128 bis #sint1 := DWORD_TO_SINT(16#7FFF_FFFF); // 2147483647 USINT X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. DWORD_TO_USINT INT X ENO = TRUE DWORD_TO_INT #int1 := DWORD_TO_INT(16#FFFF_FFFF); // -1 bis #int1 := DWORD_TO_INT(16#FFFF_8000); // WinCC Advanced V14 System Manual, 10/2016 2361 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction -32768 #int1 := DWORD_TO_INT(16#0); // 0 bis #int1 := DWORD_TO_INT(16#0000_7FFF); // 32767 ENO = FALSE #int1 := DWORD_TO_INT(16#FFFF_7FFF); // -32769 #int1 := DWORD_TO_INT(16#8000_0000); // -2147483648 #int1 := DWORD_TO_INT(16#8000); // 32768 bis #int1 := DWORD_TO_INT(16#7FFF_FFFF); // 2147483647 2362 UINT X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. DWORD_TO_UINT DINT X UDINT X REAL X The bit pattern of the source value is DWORD_TO_REAL transferred unchanged, right-justified, to the target data type. If no errors oc cur during the conversion, the signal state of ENO = 1; if an error occurs during processing, the signal state of ENO = 0. LREAL - No explicit conversion - TIME X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. DWORD_TO_TIME DTL - No explicit conversion - TOD X DWORD_TO_TOD DATE X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. STRING - No explicit conversion - WSTRING - CHAR X DWORD_TO_CHAR WCHAR X The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. DWORD_TO_DINT DWORD_TO_UDINT DWORD_TO_DATE DWORD_TO_WCHAR WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation DWORD_BCD32 DINT X BCD32 DINT X The value to be converted has data DWORD_BCD32_TO_DINT type DWORD and is accepted as a BCD32_TO_DINT BCD-coded value between -9999999 and +9999999. The result is available after conversion as an integer (in bi nary notation) of the type DINT. A real conversion takes place. If the bit pat tern includes an invalid tetrad, a syn chronous error is not triggered but on ly the status bit OV is set instead. Mnemonics of the instruction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) are interpreted as an unsigned integer with the same bit length.. Data type BYTE is interpreted as USINT, WORD as UINT and DWORD as UDINT. 1) See also DWORD (Page 2138) Implicit conversion of DWORD (Page 2338) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2363 Programming the PLC 11.3 Data types Integers (S7-1200) Explicit conversion of SINT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the SINT data type: 2364 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction SINT BOOL X The following scenarios are possible: SINT_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X WORD1) X DWORD WinCC Advanced V14 System Manual, 10/2016 1) X The bit pattern of the source value is trans ferred unchanged, right-justified, to the tar get data type. If a negative value is conver ted to an unsigned target data type, the en able output ENO is set to "0". SINT_TO_BYTE The bit pattern of the source value is con verted and transferred to the target data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is con verted to an unsigned target data type. SINT_TO_USINT The value is converted into the format of the target data type (the value "-1" will be converted into the value "-1.0" with the "Convert value" (CONVERT) instruction. SINT_TO_REAL, NORM_X SINT_TO_WORD SINT_TO_DWOR D USINT X INT X UINT X DINT X UDINT X REAL X LREAL X TIME X The value is transferred to the target data type and interpreted as milliseconds. SINT_TO_TIME DTL - No explicit conversion - TOD X The bit pattern of the source value is con SINT_TO_TOD verted and transferred to the target data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is con verted to an unsigned target data type. (in terpretation in milliseconds since 0:0) DATE X The bit pattern of the source value is con SINT_TO_DATE verted and transferred to the target data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is con verted to an unsigned target data type. (in terpretation in days since 1990-1-1) STRING X The value is converted to a character string. WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of SINT_TO_INT SINT_TO_UINT SINT_TO_DINT SINT_TO_UDINT SINT_TO_LREAL, NORM_X SINT_TO_STRIN G, S_CONV, VAL_STRG SINT_TO_WSTRI NG 2365 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction spaces depends on the length of the numerical value. Positive numeric values are output without a sign. STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the character string is violated, the enable output ENO is set to "0". CHAR1) WCHAR X 1) X The bit pattern of the source value is con SINT_TO_CHAR verted and transferred to the target data SINT_TO_WCHA type. (The value "-1" (16#FF) becomes the R value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is con verted to an unsigned target data type. x: Conversion possible - : Conversion not possible 1) Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. See also SINT (8-bit integers) (Page 2141) Implicit conversion of SINT (Page 2339) Overview of data type conversion (Page 2332) 2366 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of USINT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the USINT data type: WinCC Advanced V14 System Manual, 10/2016 2367 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction USINT BOOL X The following scenarios are possible: USINT_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X WORD1) X DWORD1) X SINT X The bit pattern of the source value is USINT_TO_SINT transferred unchanged to the target data type. If the sign is changed dur ing the conversion, the enable output ENO is set to "0". INT X USINT_TO_INT UINT X DINT X The bit pattern of the source value is transferred unchanged, right-justi fied, to the target data type. UDINT X REAL X USINT_TO_REAL, NORM_X LREAL X The value is converted into the for mat of the target data type (the value "1" will be converted into the value "1.0" with the "Convert value" (CON VERT) instruction. TIME X The value is transferred to the target USINT_TO_TIME data type and interpreted as millisec onds. DTL - No explicit conversion - The bit pattern of the source value is transferred unchanged, right-justi fied, to the target data type. USINT_TO_TOD The value is converted to a character string. If the permitted length of the character string is violated, the ena ble output ENO is set to "0". USINT_TO_STRING, S_CONV, VAL_STRG TOD X DATE X STRING X WSTRING X 2368 CHAR1) X WCHAR1) X The bit pattern of the source value is transferred unchanged, right-justi fied, to the target data type. USINT_TO_BYTE USINT_TO_WORD USINT_TO_DWORD USINT_TO_UINT USINT_TO_DINT USINT_TO_UDINT The bit pattern of the source value is converted and transferred to the tar get data type. USINT_TO_LREAL, NORM_X USINT_TO_DATE USINT_TO_WSTRING USINT_TO_CHAR USINT_TO_WCHAR WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width (the non-existing sign is replaced with zeros) and then the bits are copied. The source type determines the interpretation. 1) See also USINT (8-bit integers) (Page 2142) Implicit conversion of USINT (Page 2340) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2369 Programming the PLC 11.3 Data types Explicit conversion of INT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the INT data type: 2370 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction INT BOOL X INT_TO_BOOL The following scenarios are possible: If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X WORD1) X DWORD WinCC Advanced V14 System Manual, 10/2016 1) X SINT X USINT X UINT X DINT X UDINT X REAL X LREAL X TIME The bit pattern of the source value is transferred unchanged, right-justified, to the target data type. If a negative value is converted to an unsigned tar get data type, the enable output ENO is set to "0". INT_TO_BYTE INT_TO_WORD INT_TO_DWORD The bit pattern of the source value is converted and transferred to the target data type. (The value "-1" (16#FF) be comes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". INT_TO_SINT The value is converted to the format of the target data type (the value "-1", for example, is converted with the instruc tion "Convert value" (CONVERT) to the value "-1.0"). INT_TO_REAL, NORM_X X The value is transferred to the target data type and interpreted as millisec onds. INT_TO_TIME DTL - No explicit conversion - TOD X The bit pattern of the source value is converted and transferred to the target data type. (The value "-1" (16#FF) be comes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". (interpretation in milliseconds since 0:0; check for 24h limit) INT_TO_TOD DATE X The bit pattern of the source value is converted and transferred to the target data type. (The value "-1" (16#FF) be comes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". (interpretation INT_TO_DATE INT_TO_USINT INT_TO_UINT INT_TO_DINT INT_TO_UDINT INT_TO_LREAL, NORM_X 2371 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction in days since 1990-1-1; check for neg ative value) STRING X The value is converted to a character string. INT_TO_STRING, S_CONV, VAL_STRG) WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. INT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the character string is violated, the enable output ENO is set to "0". CHAR1) WCHAR X 1) X BCD16 X BCD16_WO RD X The bit pattern of the source value is INT_TO_CHAR converted and transferred to the target INT_TO_WCHAR data type. (The value "-1" (16#FF) be comes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". The value to be converted has type INT INT_TO_BCD16 and is accepted as an integer with a INT_TO_BCD16_WO value between -999 and +999. The re RD sult is available after conversion as a BCD-coded number of the type WORD. A real conversion takes place. If the value is outside the target area, a synchronous error is not triggered, but rather only the status bit OV is set. x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 1) See also INT (16-bit integers) (Page 2143) Implicit conversion of INT (Page 2341) Overview of data type conversion (Page 2332) 2372 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of UINT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the UINT data type: WinCC Advanced V14 System Manual, 10/2016 2373 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction UINT BOOL X The following scenarios are possible: UINT_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". BYTE1) X WORD1) X UINT_TO_BYTE UINT_TO_WORD DWORD X SINT X USINT X INT X The bit pattern of the source value is transferred unchanged to the target data type. If the sign bit is changed during the conversion, the enable output ENO is set to "0". UINT_TO_INT DINT X UINT_TO_DINT UDINT X The bit pattern of the source value is transferred unchanged, right-justi fied, to the target data type. REAL X UINT_TO_REAL, NORM_X LREAL X The value is converted to the format of the target data type (the value "1", for example, is converted with the in struction "Convert value" (CON VERT) to the value "1.0"). TIME X The value is transferred to the target UINT_TO_TIME data type and interpreted as millisec onds. DTL - No explicit conversion - TOD X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is converted to an unsigned target data type. (interpretation in millisec onds since 0:0; check for 24h limit) UINT_TO_TOD DATE X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output UINT_TO_DATE, T_CONV 1) 2374 The bit pattern of the source value is transferred unchanged, right-justi fied, to the target data type. If bits are lost in the process, the enable output ENO is set to "0". UINT_TO_DWORD UINT_TO_SINT UINT_TO_USINT UINT_TO_UDINT UINT_TO_LREAL, NORM_X WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction ENO is set to "0" if a negative value is converted to an unsigned target data type. (interpretation in days since 1990-1-1; check for negative value) STRING X WSTRING X CHAR1) WCHAR X 1) X The value is converted to a character string. If the permitted length of the character string is violated, the ena ble output ENO is set to "0". UINT_TO_STRING, S_CONV, VAL_STRG The bit pattern of the source value is transferred unchanged to the target data type. The enable output ENO is set to "0" in the event of overflow. UINT_TO_CHAR UINT_TO_WSTRING UINT_TO_WCHAR x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data type CHAR are first extended to the necessary width (the non-existing sign is replaced with zeros) and then the bits are copied. The source type determines the interpretation. 1) See also UINT (16-bit integers) (Page 2144) Implicit conversion of UINT (Page 2342) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2375 Programming the PLC 11.3 Data types Explicit conversion of DINT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the DINT data type: 2376 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conver sion Explanation Mnemonics of the in struction DINT BOOL X The following scenarios are possible: DINT_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". WinCC Advanced V14 System Manual, 10/2016 BYTE1) X WORD1) X The bit pattern of the source value is DINT_TO_BYTE transferred unchanged, right-justi DINT_TO_WORD fied, to the target data type. If a neg DINT_TO_DWORD ative value is converted to an un signed target data type, the enable output ENO is set to "0". DWORD1) X SINT X USINT X INT X UINT X UDINT X REAL X LREAL X TIME X The value is transferred to the target DINT_TO_TIME, data type and interpreted as millisec T_CONV onds. DTL - No explicit conversion - TOD X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". (interpretation in millisec onds since 0:0) DINT_TO_TOD DATE X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target DINT_TO_DATE The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". DINT_TO_SINT The value is converted to the format of the target data type (the value "-1", for example, is converted with the in struction "Convert value" (CON VERT) to the value "-1.0"). DINT_TO_REAL, NORM_X DINT_TO_USINT DINT_TO_INT DINT_TO_UINT DINT_TO_UDINT DINT_TO_LREAL, NORM_X 2377 Programming the PLC 11.3 Data types Source Target Conver sion Explanation Mnemonics of the in struction data type, the enable output ENO is set to "0". (interpretation in days since 1990-1-1) STRING X The value is converted to a character string. DINT_TO_STRING, S_CONV, VAL_STRG WSTRING X LAD/FBD: The first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Positive numeric values are output without a sign. DINT_TO_WSTRING STL/SCL: No spaces are inserted. The character string is shown preceded by a sign. If the permitted length of the charac ter string is violated, the enable out put ENO is set to "0". CHAR1) X WCHAR1) X BCD32 X BCD32_DWO RD X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF)). If a negative value is converted to an unsigned target data type, the enable output ENO is set to "0". DINT_TO_CHAR DINT_TO_WCHAR The value to be converted has type DINT_TO_BCD32 DINT and is accepted as an integer DINT_TO_BCD32_DWO with a value between -999999 and RD +9999999. The result is available af ter conversion as a BCD-coded num ber of the type DWORD. The enable output is set to "0" in the event of overflow. A real conversion takes place. If the value is outside the tar get area, a synchronous error is not triggered, but rather only the status bit OV is set. x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 1) See also DINT (32-bit integers) (Page 2145) Implicit conversion of DINT (Page 2343) Overview of data type conversion (Page 2332) 2378 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of UDINT (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the UDINT data type: WinCC Advanced V14 System Manual, 10/2016 2379 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction UDINT BOOL X The following scenarios are possible: UDINT_TO_BOOL If the source is "0", the target data type is also "0" and enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and enable output ENO is "1". If bit is not equal to LSB in the source value, the target data type is set according to LSB and enable output ENO is "0". 2380 BYTE1) X WORD1) X The bit pattern of the source value is transferred unchanged to the target data type. If bits are lost in the proc ess, the enable output ENO is set to "0". UDINT_TO_BYTE DWORD1) X SINT X USINT X UDINT_TO_USINT INT X UDINT_TO_INT UINT X UDINT_TO_UINT DINT X The bit pattern of the source value is transferred unchanged to the target data type. If the sign bit is changed during the conversion, the enable output ENO is set to "0". UDINT_TO_DINT REAL X UDINT_TO_REAL, NORM_X LREAL X The value is converted to the format of the target data type (the value "1", for example, is converted with the in struction "Convert value" (CON VERT) to the value "1.0"). TIME X The bit pattern of the source value is UDINT_TO_TIME transferred unchanged right-justified and interpreted as milliseconds to the target data type. DTL - No explicit conversion - TOD X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output ENO is set to "0" if a negative value is converted to an unsigned target data type. (interpretation in millisec onds since 0:0; check for 24h limit) UDINT_TO_TOD, T_CONV DATE X The bit pattern of the source value is converted and transferred to the tar get data type. (The value "-1" (16#FF) becomes the value "-1" (16#FFFFFFFF). Enable output UDINT_TO_DATE UDINT_TO_WORD UDINT_TO_DWORD UDINT_TO_SINT UDINT_TO_LREAL, NORM_X WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction ENO is set to "0" if a negative value is converted to an unsigned target data type. (interpretation in days since 1990-1-1; check for negative value) STRING X WSTRING X CHAR1) X WCHAR 1) X The value is converted to a character string. If the permitted length of the character string is violated, the ena ble output ENO is set to "0". UDINT_TO_STRING, S_CONV, VAL_STRG The bit pattern of the source value is transferred unchanged to the target data type. The enable output ENO is set to "0" in the event of overflow. UDINT_TO_CHAR UDINT_TO_WCHAR UDINT_TO_WCHAR x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD, LWORD) and the data type CHAR are first extended to the necessary width (the non-existent sign is replaced with zeros) and then the bits are copied. The source type determines the interpretation. 1) See also UDINT (32-bit integers) (Page 2146) Implicit conversion of UDINT (Page 2344) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2381 Programming the PLC 11.3 Data types Floating-point numbers (S7-1200) Explicit conversion of REAL (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the REAL data type: 2382 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction REAL BOOL - No explicit conversion - BYTE - - WORD - - DWORD X The bit pattern of the source value is transferred unchanged to the target data type. REAL_TO_DWORD SINT X REAL_TO_SINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X USINT X The value is converted to the target data type. The result of the conver sion depends on the instruction used. Enable output ENO is set to "0" if the valid range of values of the target da ta type is exceeded during conver sion, or if the value to be converted is an invalid floating-point number. INT X REAL_TO_INT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X UINT X REAL_TO_UINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X DINT X REAL_TO_DINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X UDINT X REAL_TO_UDINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL X The value is converted to the target data type. The result of the conver sion depends on the instruction used, e.g. TRUNC(2.5) = 2.0; CEIL(2.5) = 3.0 REAL_TO_LREAL, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X TIME - No explicit conversion - DTL - - TOD - - DATE - - STRING X WSTRING X WinCC Advanced V14 System Manual, 10/2016 CHAR - WCHAR - REAL_TO_USINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X The value is converted to a character REAL_TO_STRING, string. Enable output ENO is set to S_CONV, VAL_STRG "0" if the character string length is ex REAL_TO_WSTRING ceeded, or if the value to be conver ted is an invalid floating-point num ber. The string has a minimum length of 14 characters. No explicit conversion - 2383 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the in struction x: Conversion possible -: Conversion not possible See also REAL (Page 2150) Implicit conversion of REAL (Page 2345) Overview of data type conversion (Page 2332) 2384 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of LREAL (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the LREAL data type: WinCC Advanced V14 System Manual, 10/2016 2385 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction LREAL BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - SINT X USINT X INT X UINT X LREAL_TO_UINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X DINT X LREAL_TO_DINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X UDINT X LREAL_TO_UDINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X REAL X The value is converted to the tar get data type. Enable output ENO is set to "0" if the valid range of values of the target data type is exceeded during conversion, or if the value to be converted is an invalid floating-point number. A loss in accuracy is tolerated. LREAL_TO_LREAL, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X TIME - No explicit conversion - DTL - - TOD - - DATE - - STRING X WSTRING X CHAR - WCHAR - The value is converted to the tar get data type. The result of the conversion depends on the in struction used. Enable output ENO is set to "0" if the valid range of values of the target data type is exceeded during conversion, or if the value to be converted is an invalid floating-point number. LREAL_TO_SINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL_TO_USINT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X LREAL_TO_INT, ROUND, CEIL, FLOOR, TRUNC, NORM_X, SCALE_X The value is converted to a char LREAL_TO_STRING, acter string. Enable output ENO S_CONV, VAL_STRG is set to "0" if the character string LREAL_TO_WSTRING length is exceeded, or if the value to be converted is an invalid float ing-point number. The string has a minimum length of 21 charac ters. No explicit conversion - x: Conversion possible -: Conversion not possible 2386 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also LREAL (Page 2151) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2387 Programming the PLC 11.3 Data types Timers (S7-1200) Explicit conversion of TIME (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the TIME data type: Source Target Conversion Explanation Mnemonics of the instruc tion TIME BOOL - No explicit conversion - BYTE 1) X TIME_TO_BYTE WORD X The bit pattern of the source value is transferred unchanged to the target data type. DWOR D1) X SINT X USINT X INT X UINT X DINT X The bit pattern of the source value is TIME_TO_DINT, T_CONV transferred unchanged to the target data type. The result of the conversion shows the duration in milliseconds. UDINT X The bit pattern of the source value is transferred unchanged right-justified and interpreted as milliseconds to the target data type. Enable output ENO is set to "0" if the sign changes. TIME_TO_UDINT REAL - No explicit conversion - LREAL - - DTL - - TOD X The bit pattern of the source value is TIME_TO_TOD transferred unchanged, right-justified, to the target data type. If the source value exceeds the range of values of TOD, the target data type remains un changed. DATE - No explicit conversion STRIN G - - WSTRI NG - - CHAR - - WCHA R - - 1) 2388 TIME_TO_WORD TIME_TO_DWORD The bit pattern of the source value is transferred unchanged right-justified and interpreted as milliseconds to the target data type. TIME_TO_SINT TIME_TO_USINT TIME_TO_INT TIME_TO_UINT - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruc tion x: Conversion possible -: Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width and then the bits are copied. The source type determines the interpretation. 1) See also TIME (IEC time) (Page 2155) Implicit conversion of TIME (Page 2347) Overview of data type conversion (Page 2332) WinCC Advanced V14 System Manual, 10/2016 2389 Programming the PLC 11.3 Data types Clock and calendar (S7-1200) Explicit conversion of DATE (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the DATE data type: Source Target Conversion Explanation DATE BOOL - No explicit conversion - BYTE1) X DATE_TO_BYTE WORD1) X DWORD1) X The bit pattern of the source value is transferred un changed, right-justified, to the target data type. SINT X USINT X INT X UINT X DATE_TO_UINT DINT X DATE_TO_DINT UDINT X DATE_TO_UDINT REAL - LREAL - TIME - DTL 2) X The bit pattern of the source value is transferred un changed, right-justified, to the target data type. DATE_TO_DTL TOD - No explicit conversion - STRING The number of days since 1/1/1990 is returned as re sult. No explicit conversion Mnemonics of the instruction DATE_TO_WORD DATE_TO_DWORD DATE_TO_SINT DATE_TO_USINT DATE_TO_INT - - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width and then the bits are copied. The source type determines the interpretation. 1) The data type DTL is initialized as follows: 1970-1-1-0:0:0. Conversion from DATE_TO_DTL only sets the corresponding part of the DTL. The rest of the DTL remains as it was initialized. This results in the following differences for the instructions "T_COMBINE" and "T_CONV": 2) T_COMBINE(D#2015-24-12, LTOD#12:13:14) returns DTL#2015-24-12-12:13:14 myDTL := T_CONV(D#2015-24-12); myDTL := T_CONV(LTOD#12:13:14) results in myDTL = DTL#1970-1-1-12:13:14 2390 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also DATE (Page 2157) Implicit conversion of DATE (Page 2348) Overview of data type conversion (Page 2332) Explicit conversion of TOD (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the TOD data type: Source Target Conversion Explanation Mnemonics of the instruction TOD BOOL - No explicit conversion - BYTE X WORD1) X TOD_TO_WORD DWORD1) X The bit pattern of the source value is transferred un changed to the target data type. SINT X USINT X INT X UINT X TOD_TO_UINT DINT X TOD_TO_DINT UDINT X The result of the conversion corresponds to the number of milliseconds since the start of day (0:00 hrs). TOD_TO_UDINT, T_CONV REAL - No explicit conversion - LREAL - TIME X The duration since midnight is returned as result. DTL X The date is set to 1.1.1970 as TOD_TO_DTL a result. DATE - No explicit conversion STRING 1) The number of milliseconds since midnight is returned as result. TOD_TO_BYTE TOD_TO_DWORD TOD_TO_SINT TOD_TO_USINT TOD_TO_INT TOD_TO_TIME - - - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width including sign, and then the bits are copied. The source type determines the interpretation. 1) WinCC Advanced V14 System Manual, 10/2016 2391 Programming the PLC 11.3 Data types See also TIME_OF_DAY (TOD) (Page 2157) Implicit conversion of TOD (Page 2349) Overview of data type conversion (Page 2332) Explicit conversion of DTL (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the DTL data type: Source Target Conversion Explanation Mnemonics of the instruc tion DTL BYTE - No explicit conversion - WORD - - DWORD - - SINT - - USINT - - INT - - UINT - - DINT - - UDINT - - REAL - - LREAL - - TIME - - TOD X During the conversion, the time-of- DTL_TO_TOD, T_CONV day is extracted from the DTL for mat and written to the target data type. DATE X During the conversion, the date is extracted from the DTL format and written to the target data type. The enable output ENO is set to "0" in the event of overflow. DTL_TO_DATE, T_CONV STRING - No explicit conversion - WSTRING - - CHAR - - WCHAR - - x: Conversion possible -: Conversion not possible 2392 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also DTL (Page 2160) Overview of data type conversion (Page 2332) Character strings (S7-1200) Explicit conversion of CHAR (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the CHAR data type: Source Target CHAR BOOL BYTE1) Conversion Explanation Mnemonics of the instruction - No explicit conversion - X The bit pattern of the source val CHAR_TO_BYTE ue is transferred unchanged, CHAR_TO_WORD right-justified, to the target data CHAR_TO_DWORD type. CHAR_TO_SINT WORD1) X DWORD1) X SINT X USINT X CHAR_TO_USINT INT X CHAR_TO_INT UINT X CHAR_TO_UINT DINT X CHAR_TO_DINT UDINT X CHAR_TO_UDINT REAL - LREAL - - TIME - - DTL - - TOD - - DATE - - STRING X WSTRING WCHAR X No explicit conversion - The value is converted to the first CHAR_TO_STRING character in the character string (STRING). If the length of the character string is not defined, the length "1" is set after the con version. If the length of the char acter string is defined, it remains unchanged after the conversion. No explicit conversion CHAR_TO_WCHAR x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width and then the bits are copied. The source type determines the interpretation. 1) WinCC Advanced V14 System Manual, 10/2016 2393 Programming the PLC 11.3 Data types See also CHAR (Character) (Page 2161) Implicit conversion of CHAR (Page 2350) Overview of data type conversion (Page 2332) Explicit conversion of WCHAR (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the WCHAR data type: Source Target Conversion Explanation Mnemonics of the instruction WCHA R BOOL - No explicit conversion - BYTE X WORD1) X DWORD1) X SINT X The bit pattern of the source val WCHAR_TO_BYTE ue is transferred unchanged, WCHAR_TO_WORD right-justified, to the target data WCHAR_TO_DWORD type. WCHAR_TO_SINT USINT X WCHAR_TO_USINT INT X WCHAR_TO_INT UINT X WCHAR_TO_UINT DINT X WCHAR_TO_DINT UDINT X WCHAR_TO_UDINT REAL - LREAL - - TIME - - DTL - - TOD - - DATE - - STRING - 1) WSTRING X CHAR X No explicit conversion - The value is converted to the first WCHAR_TO_WSTRING character in the character string (WSTRING). If the length of the character string is not defined, the length "1" is set after conver sion. If the length of the character string is defined, it remains un changed after conversion. WCHAR_TO_CHAR x: Conversion possible - : Conversion not possible Bit strings (BYTE, WORD, DWORD) and data type CHAR are first extended to the necessary width and then the bits are copied. The source type determines the interpretation. 1) 2394 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of STRING (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the STRING data type: Source Target Conversion Explanation Mnemonics of the in struction STRIN G BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - SINT X USINT X INT X UINT X DINT X Conversion begins with the first char acter in the character string (STRING) and stops at the end of the string or at the first inadmissible char acter. The following characters are permitted for conversion: Digit Sign Dot STRING_TO_SINT, S_CONV, STRG_VAL STRING_TO_USINT, S_CONV, STRG_VAL STRING_TO_INT, S_CONV, STRG_VAL STRING_TO_UINT, S_CONV, STRG_VAL STRING_TO_DINT, S_CONV, STRG_VAL UDINT X REAL X LREAL X The first character of the string may be a sign (+, -) or a number. Leading spaces are ignored. The dot is used as separation for the conversion of floating-point numbers. The exponen tial notation "e" or "E" is not permitted. The comma as thousands separator is permitted to the left of the decimal point but will be ignored. If the layout of the character string is invalid for the conversion or an overflow occurs, then the enable output ENO will be set to "0". TIME - No explicit conversion DTL - - TOD - - DATE - CHAR X The first character in the character STRING_TO_CHAR, string (STRING) is transferred to the S_CONV destination data type. If the string is empty, then the value "0" will be writ ten in the destination data type. WCHAR - No explicit conversion WSTRING X STRING_TO_UDINT, S_CONV, STRG_VAL STRING_TO_REAL, S_CONV, STRG_VAL STRING_TO_LREAL, S_CONV, STRG_VAL - - STRING_TO_WSTRING x: Conversion possible - : Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2395 Programming the PLC 11.3 Data types See also STRING (Page 2162) Overview of data type conversion (Page 2332) 2396 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of WSTRING (S7-1200) Options for explicit conversion The following table shows the options and instructions for explicit conversion of the WSTRING data type: Source Target Conversion Explanation Mnemonics of the in struction WSTRI NG BOOL - No explicit conversion - BYTE - - WORD - - DWORD - - SINT X USINT X INT X UINT X DINT X Conversion begins with the first char acter in the character string (STRING) and stops at the end of the string or at the first inadmissible char acter. The following characters are permitted for conversion: Digit Sign Dot WSTRING_TO_SINT, S_CONV, STRG_VAL WSTRING_TO_USINT, S_CONV, STRG_VAL WSTRING_TO_INT, S_CONV, STRG_VAL WSTRING_TO_UINT, S_CONV, STRG_VAL WSTRING_TO_DINT, S_CONV, STRG_VAL UDINT X REAL X LREAL X The first character of the string may be a sign (+, -) or a number. Leading spaces are ignored. The dot is used as separation for the conversion of floating-point numbers. The exponen tial notation "e" or "E" is not permitted. The comma as thousands separator is permitted to the left of the decimal point but will be ignored. If the layout of the character string is invalid for the conversion, or an overflow oc curs, the enable output ENO will be set to "0". TIME - No explicit conversion DTL - - TOD - - DATE - - CHAR - - WCHAR X STRING X The first character in the character string (WSTRING) is transferred to the target data type. If the string is empty, the value "0" will be written in the target data type. WSTRING_TO_UDINT, S_CONV, STRG_VAL WSTRING_TO_REAL, S_CONV, STRG_VAL WSTRING_TO_LREAL, S_CONV, STRG_VAL - WSTRING_TO_WCHAR WSTRING_TO_STRING x: Conversion possible - : Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2397 Programming the PLC 11.3 Data types 11.3.17 Data type conversion for S7-300, S7-400 (S7-300, S7-400) 11.3.17.1 Overview of data type conversions (S7-300, S7-400) Introduction If you combine several operands in an instruction, you must make sure that the data types are compatible. This also applies when you assign or supply block parameters. If the operands are not of the same data type, a conversion has to be carried out. There are two options for conversion: Implicit conversion Implicit conversion is supported by the programming languages LAD, FBD, SCL and GRAPH. Implicit conversion is not possible in the STL programming language. Explicit conversion Note Converting bit strings to SCL All bit strings (BYTE, WORD, and DWORD) are handled like the corresponding unsigned integers (USINT, UINT, and UDINT) in expressions. Therefore, implicit conversion from DWORD to REAL is carried out like a conversion from UDINT to REAL, for example. 2398 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion Implicit conversion is executed automatically if the data types of the operands are compatible. This compatibility test can be carried out according to strict or less strict criteria: With IEC check The following rules apply in the LAD, FBD and GRAPH programming languages when the IEC check has been set: - The only data types for which implicit conversion is possible are BYTE and WORD. - The bit length of the source data type may not exceed the bit length of the target data type. A WORD data type operand, for example, cannot be specified at a parameter at which the BYTE data type is expected. The following rules apply in the SCL programming language when the IEC check has been set: - Implicit conversion of bit strings into other data types is not possible. A WORD data type operand, for example, cannot be specified at a parameter at which the INT data type is expected. - The bit length of the source data type may not exceed the bit length of the target data type. A WORD data type operand, for example, cannot be specified at a parameter at which the BYTE data type is expected. Without IEC check (default setting) The following rules apply in the LAD, FBD and GRAPH programming languages when the IEC check has not been set: - Implicit conversion of data types BYTE, WORD, DWORD, INT, DINT, TIME, S5TIME, TOD, DATE and CHAR is possible. - The bit length of the source data type may not exceed the bit length of the target data type. A DWORD data type operand, for example, cannot be specified at a parameter at which the WORD data type is expected. The following rules apply in the SCL programming language when the IEC check has not been set: - Bit strings can be implicitly converted into other data types. A WORD data type operand can, for example, be given at a parameter at which the WORD data type is expected. - Bit strings cannot be implicitly converted into floating-point numbers. A WORD data type operand, for example, cannot be specified at a parameter at which the REAL data type is expected. - Bit strings can only be implicitly converted into the data types TIME, TOD, DATE and CHAR if these have the same bit length. A DWORD data type operand, for example, cannot be specified at a parameter at which the DATE data type is expected. - The bit length of the source data type may not exceed the bit length of the target data type. A DINT data type operand, for example, cannot be specified at a parameter at which the INT data type is expected. - The bit length of an operand entered at in-out parameters must be the same as the programmed bit length for the parameter in question. WinCC Advanced V14 System Manual, 10/2016 2399 Programming the PLC 11.3 Data types Explicit conversion If the operands are not compatible and implicit conversion is therefore not possible, you can use an explicit conversion instruction. You can find the conversion instructions in the "Instructions" task card. Any overflow will be displayed on the ENO enable output. An overflow occurs, for example, if the value of the source data type is greater than the value of the target data type. Note Shifting of bit patterns If the explicit conversion involves shifting a bit pattern, the enable output ENO is not set. You can find additional information on explicit conversion under "See also". The following figure shows an example in which explicit data type conversion must be carried out: %ORFNB'DWD &219(57 ',17WR,17 ,1B',17 (1 (12 ,1 287 %ORFN (1 287B,17 287B,17 (12 ,1B,17 287B%22/ The "Block" function block expects a tag of the INT data type at the "IN_INT" input parameter. The value of the "IN_DINT" tag has therefore to the converted first from DINT to INT. Conversion is performed if the value of the "IN_DINT" tag is within the admissible value range for the INT data type. Otherwise an overflow is reported. However, a conversion takes place even in the event of an overflow, but the values are truncated and the ENO enable output is set to "0". See also Setting and disabling the IEC check (Page 2400) Implicit conversions (Page 2400) Explicit conversions (Page 2412) 11.3.17.2 Implicit conversions (S7-300, S7-400) Setting and disabling the IEC check (S7-300, S7-400) The data types of the tags used are checked for compatibility. This compatibility test can be carried out according to criteria that are more or less strict. If "IEC check" is activated, stricter criteria are applied. You can set the IEC check centrally for all new blocks of the project or for individual blocks. 2400 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Setting IEC check for new blocks To set the IEC check for all new blocks in the project, proceed as follows: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "PLC programming > General" group in the area navigation. 3. Select or clear the "IEC check" check box in the "Default settings for new blocks" group. The IEC check is enabled or disabled for all new blocks in the program. Setting IEC check for a block To set the IEC check for a block, proceed as follows: 1. Open the block. 2. Open the "Properties" tab in the inspector window. 3. Select the "Attributes" group in the area navigation. 4. Select or clear the "IEC check" check box. The IEC check is enabled or disabled for this block. The setting is stored together with the project. See also Overview of data type conversions (Page 2398) Binary numbers (S7-300, S7-400) Implicit conversion of BOOL (S7-300, S7-400) Implicit conversion options The BOOL data type cannot be implicitly converted. See also BOOL (bit) (Page 2136) WinCC Advanced V14 System Manual, 10/2016 2401 Programming the PLC 11.3 Data types Bit strings (S7-300, S7-400) Implicit conversion of BYTE (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of BYTE data type: Source Target With IEC check Without IEC check Explanation BYTE BOOL - - No implicit conversion WORD X X DWORD X X The bit pattern of the source value is transferred unchanged rightjustified to the target data type. INT - - No implicit conversion DINT - X The bit pattern of the source value is transferred unchanged rightjustified to the target data type. REAL - - No implicit conversion TIME - - S5TIME - - DT - - TOD - - DATE - - STRING - - CHAR - X The bit pattern of the source value is transferred unchanged to the target data type. x: Conversion possible -: Conversion not possible See also BYTE (Page 2136) Overview of data type conversions (Page 2398) Explicit conversion of BYTE (Page 2413) Setting and disabling the IEC check (Page 2400) 2402 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Implicit conversion of WORD (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of WORD data type: Source Target With IEC check Without IEC check Explanation WORD BOOL - - No implicit conversion BYTE - X Only the low byte is transferred to the destination data type. DWORD X X INT - X The bit pattern of the source value is transferred unchanged rightjustified to the destination data type. DINT - X REAL - - TIME - - S5TIME - X The bit pattern of the source value is transferred unchanged to the destination data type. No implicit conversion No implicit conversion DT - - TOD - - DATE - X The bit pattern of the source value is transferred unchanged to the destination data type. STRING - - No implicit conversion CHAR - - x: Conversion possible -: Conversion not possible See also WORD (Page 2137) Overview of data type conversions (Page 2398) Explicit conversion of WORD (Page 2415) Setting and disabling the IEC check (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2403 Programming the PLC 11.3 Data types Implicit conversion of DWORD (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of DWORD data type: Source Target With IEC check Without IEC check Explanation DWORD BOOL - - No implicit conversion BYTE - X WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. INT - - No implicit conversion DINT - X The bit pattern of the source value is transferred unchanged to the destination data type. REAL - - No implicit conversion TIME - X The bit pattern of the source value is transferred unchanged to the destination data type. S5TIME - - No implicit conversion DT - - TOD - X The bit pattern of the source value is transferred unchanged to the destination data type. DATE - - No implicit conversion STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also DWORD (Page 2138) Overview of data type conversions (Page 2398) Explicit conversion of DWORD (Page 2417) Setting and disabling the IEC check (Page 2400) 2404 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Integers (S7-300, S7-400) Implicit conversion of INT (S7-300, S7-400) Options for implicit conversion The following table shows the options for the implicit conversion of INT data type: Source Target With IEC check Without IEC check Explanation INT BOOL - - No implicit conversion BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. DWORD - - No implicit conversion DINT X X X X The bit pattern of the source value is transferred unchanged to the destination data type. No implicit conversion 1) REAL TIME - - S5TIME - - DT - - TOD - - DATE - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible : Only possible in SCL 1) See also INT (16-bit integers) (Page 2143) Overview of data type conversions (Page 2398) Explicit conversion of INT (Page 2420) Setting and disabling the IEC check (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2405 Programming the PLC 11.3 Data types Implicit conversion of DINT (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of DINT data type: Source Target With IEC check Without IEC check Explanation DINT BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. INT - - No implicit conversion REAL - - TIME - X The bit pattern of the source value is transferred unchanged to the destination data type. S5TIME - - No implicit conversion DT - - TOD - - DATE - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also DINT (32-bit integers) (Page 2145) Overview of data type conversions (Page 2398) Explicit conversion of STRING (Page 2433) Setting and disabling the IEC check (Page 2400) Floating-point numbers (S7-300, S7-400) Implicit conversion of REAL (S7-300, S7-400) Implicit conversion options The REAL data type cannot be implicitly converted. 2406 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types See also REAL (Page 2150) Overview of data type conversions (Page 2398) Explicit conversion of CHAR (Page 2432) Setting and disabling the IEC check (Page 2400) Timers (S7-300, S7-400) Implicit conversion of TIME (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of TIME data type: Source Target With IEC check Without IEC check Explanation TIME BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. INT - - No implicit conversion DINT - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. REAL - - No implicit conversion S5TIME - - DT - - TOD - - DATE - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also TIME (IEC time) (Page 2155) Overview of data type conversions (Page 2398) Explicit conversion of TIME (Page 2427) Setting and disabling the IEC check (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2407 Programming the PLC 11.3 Data types Implicit conversion of S5TIME (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of S5TIME data type: Source Target With IEC check Without IEC check Explanation S5TIME BOOL - - No implicit conversion BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of conversion shows the duration in milliseconds. DWORD - - No implicit conversion INT - - DINT - - REAL - - TIME - - DT - - TOD - - DATE - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also S5TIME (duration) (Page 2154) Overview of data type conversions (Page 2398) Explicit conversion of S5TIME (Page 2428) Setting and disabling the IEC check (Page 2400) 2408 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Date and time (S7-300, S7-400) Implicit conversion of DATE (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of DATE data type: Source Target With IEC check Without IEC check Explanation DATE BOOL - - No implicit conversion BYTE - - WORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corresponds to the number of days since 01/01/1990. DWORD - - No implicit conversion INT - - DINT - - REAL - - TIME - - S5TIME - - DT - - TOD - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also DATE (Page 2157) Overview of data type conversions (Page 2398) Setting and disabling the IEC check (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2409 Programming the PLC 11.3 Data types Implicit conversion of TOD (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of TOD data type: Source Target With IEC check Without IEC check Explanation TOD BOOL - - No implicit conversion BYTE - - WORD - - DWORD - X The bit pattern of the source value is transferred unchanged to the destination data type. The result of the conversion corresponds to the number of milliseconds since the start of day (0:00). INT - - No implicit conversion DINT - - REAL - - TIME - - S5TIME - - DT - - DATE - - STRING - - CHAR - - x: Conversion possible -: Conversion not possible See also TIME_OF_DAY (TOD) (Page 2157) Overview of data type conversions (Page 2398) Setting and disabling the IEC check (Page 2400) Implicit conversion of DT (S7-300, S7-400) Implicit conversion options The DT data type cannot be implicitly converted. See also DATE_AND_TIME (date and time of day) (Page 2158) Overview of data type conversions (Page 2398) 2410 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DT (Page 2431) Setting and disabling the IEC check (Page 2400) Character strings (S7-300, S7-400) Implicit conversion of CHAR (S7-300, S7-400) Implicit conversion options The following table shows the options for the implicit conversion of CHAR data type: Source Target With IEC check Without IEC check Explanation CHAR BOOL - - No implicit conversion BYTE - X The bit pattern of the source value is transferred unchanged to the destination data type. WORD - - No implicit conversion DWORD - - INT - - DINT - - REAL - - TIME - - S5TIME - - DT - - TOD - - DATE - - STRING X X The bit pattern of the source value is transferred unchanged to the destination data type. x: Conversion possible -: Conversion not possible See also CHAR (Character) (Page 2161) Overview of data type conversions (Page 2398) Explicit conversion of CHAR (Page 2432) Setting and disabling the IEC check (Page 2400) Implicit conversion of STRING (S7-300, S7-400) Implicit conversion options The STRING data type cannot be implicitly converted. WinCC Advanced V14 System Manual, 10/2016 2411 Programming the PLC 11.3 Data types See also STRING (Page 2162) Overview of data type conversions (Page 2398) Explicit conversion of STRING (Page 2433) Setting and disabling the IEC check (Page 2400) 11.3.17.3 Explicit conversions (S7-300, S7-400) Binary numbers (S7-300, S7-400) Explicit conversion of BOOL (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BOOL data type: Source Target Conversion Explanation Mnemonics of the instruction BOOL BYTE X CONVERT WORD X DWORD X INT X Only the LSB (Least Significant Bit) is set in the destination data type. The enable output ENO is always "1". DINT X REAL - TIME - S5TIME - DT - TOD - DATE - STRING - CHAR - BOOL_TO_INT BOOL_TO_DINT No explicit conversion - x: Conversion possible - : Conversion not possible See also Overview of data type conversions (Page 2398) BOOL (bit) (Page 2136) Implicit conversions (Page 2400) 2412 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Bit strings (S7-300, S7-400) Explicit conversion of BYTE (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the BYTE data type: Source Target Conversion Explanation Mnemonics of the instruction BYTE BOOL X The following possibilities can oc cur: CONVERT If the source is "0", the target data type is also "0" and the enable output ENO "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the target data type is also "1" and the enable output ENO "1". If bits are not equal to LSB in the source value, the target data type is set according to LSB and the enable output ENO is "0". WORD X DWORD X INT X DINT X REAL - TIME - S5TIME - DT - TOD - DATE - STRING - CHAR X The bit pattern of the source value CONVERT is transferred unchanged right-justi fied to the target data type. The re maining bits are set to "0". No explicit conversion - The bit pattern of the source value CONVERT is transferred unchanged right-justi fied to the target data type. The re maining bits are set to "0". x: Conversion possible - : Conversion not possible WinCC Advanced V14 System Manual, 10/2016 2413 Programming the PLC 11.3 Data types See also BYTE (Page 2136) Overview of data type conversions (Page 2398) Implicit conversion of BYTE (Page 2402) 2414 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of WORD (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the WORD data type: Source Target Conversion Explanation Mnemonics of the instruction WORD BOOL X The following possibilities can oc cur: CONVERT If the source is "0", the destination data type is also "0" and the enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO is "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE X DWORD X INT X DINT X REAL - TIME - S5TIME X The bit pattern of the source value MOVE is transferred unchanged, right-jus tified, to the target data type. DT - No explicit conversion TOD - DATE X The bit pattern of the source value MOVE is transferred unchanged, right-jus tified, to the target data type. STRING - No explicit conversion CHAR X The bit pattern of the source value WORD_TO_CHAR is transferred unchanged, right-jus tified, to the target data type. BLOCK_DB X The bit pattern of WORD is interpre WORD_TO_BLOCK_DB ted as a data block number. WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value is transferred unchanged, right-jus tified, to the target data type. If the permitted value range of the desti nation data type is violated, the en able output ENO is set to "0". The result of the conversion is invalid in such a case. No explicit conversion - - - 2415 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction WORD_BCD1) 2) INT X WORD_BCD_TO_INT BCD1) 2) INT X If the permitted value range of the destination data type is violated or if there is an invalid tetrad in the A F range, the enable output ENO is set to "0". The result of the conver sion is invalid in such a case. BCD_TO_INT x: Conversion possible - : Conversion not possible The value to be converted has data type WORD and is accepted as a BCD-coded value between -999 and +999. The result is available after conversion as an integer (in binary notation) of the type INT. 1) Valid for SCL: If the BCD code contains a pseudo tetrad, the CPU reports a programming error and opens the organization block "OB121". If the organization block OB121 is not present, the CPU changes to STOP mode. 2) See also WORD (Page 2137) Overview of data type conversions (Page 2398) Implicit conversion of WORD (Page 2403) 2416 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DWORD (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DWORD data type: WinCC Advanced V14 System Manual, 10/2016 2417 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction DWORD BOOL X The following possibilities can occur: CONVERT If the source is "0", the target data type is also "0" and the enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO is "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE X WORD X The bit pattern of the source value is transferred un changed, right-justified, to the target data type. INT X ENO = TRUE #int1 := DWORD_TO_INT(16#FFFF_F FFF); // -1 bis #int1 := DWORD_TO_INT(16#FFFF_8 000); // -32768 #int1 := DWORD_TO_INT(16#0); // 0 bis #int1 := DWORD_TO_INT(16#0000_7 FFF); // 32767 ENO = FALSE #int1 := DWORD_TO_INT(16#FFFF_7 FFF); // -32769 #int1 := DWORD_TO_INT(16#8000_00 00); // -2147483648 #int1 := DWORD_TO_INT(16#8000); // 32768 bis #int1 := DWORD_TO_INT(16#7FFF_F FFF); // 2147483647 2418 DINT X REAL X The bit pattern of the source value is transferred un MOVE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation TIME X changed, right-justified, to the target data type. S5TIME - No explicit conversion - DT - TOD X The bit pattern of the source value is transferred un changed, right-justified, to the target data type. MOVE DATE - No explicit conversion - STRING - CHAR - DWORD_BCD1) DINT X BCD1) 2) DINT X 2) Mnemonics of the instruction If the permitted value range of DWORD_BCD_TO_DINT the destination data type is vio lated or if there is an invalid tet BCD_TO_DINT rad in the A - F range, the ena ble output ENO is set to "0". The result of the conversion is invalid in such a case. x: Conversion possible - : Conversion not possible The value to be converted has data type DWORD and is accepted as a BCD-coded value between -9999999 and +9999999. The result is available after conversion as an integer (in binary notation) of the type DINT. 1) 2) Valid for SCL: If the BCD code contains a pseudo tetrad, the CPU reports a programming error and opens the organization block "OB121". If the organization block OB121 is not present, the CPU changes to STOP mode. See also DWORD (Page 2138) Overview of data type conversions (Page 2398) Implicit conversion of DWORD (Page 2404) WinCC Advanced V14 System Manual, 10/2016 2419 Programming the PLC 11.3 Data types Integers (S7-300, S7-400) Explicit conversion of INT (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the INT data type: 2420 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction INT BOOL X The value is first converted to WORD and then to BOOL. INT_TO_BOOL The following possibilities can occur: If the source is "0", the destination data type is also "0" and the enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO is "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". BYTE X WORD X DWORD X DINT X REAL X The value is converted into the format of the CONVERT, SCALE, ITR destination data type (the value "1", for ex ample, is converted with the instruction "Con vert value" (CONVERT) into the value "1.0"). TIME - No explicit conversion S5TIME - DT - TOD - DATE - STRING X The value is converted into a character string. S_CONV, CONVERT The character string is shown preceded by a sign. If the permitted length of the character string is violated, the enable output ENO is set to "0". CHAR X The bit pattern of the source value is trans ferred unchanged to the destination data type. With the conversion of negative values or with an overflow, the enable output ENO will be set to "0". BCD1) 2) X If the permitted value range of the destination data type is violated or if there is an invalid tetrad in the A - F range, the enable output ENO is set to "0". The result of the conversion is invalid in such a case. BCD_WORD X 1) 2) WinCC Advanced V14 System Manual, 10/2016 The bit pattern of the source value is trans CONVERT ferred unchanged, right-justified, to the target MOVE data type. The enable output ENO is set to "0" if a negative value is converted to an un signed destination data type or if overflow oc CONVERT, ITD curs. - CONVERT INT_TO_BCD INT_TO_BCD_WORD 2421 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible The value to be converted has type INT and is accepted as an integer with a value between -999 and +999. The result is available after conversion as a BCD-coded number of the type WORD. 1) 2) Valid for SCL: If the BCD code contains a pseudo tetrad, the CPU reports a programming error and opens the organization block "OB121". If the organization block OB121 is not present, the CPU changes to STOP mode. See also INT (16-bit integers) (Page 2143) Overview of data type conversions (Page 2398) Implicit conversion of INT (Page 2405) 2422 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DINT (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DINT data type: WinCC Advanced V14 System Manual, 10/2016 2423 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction DINT X The value is first converted to DWORD and then to BOOL. DINT_TO_BOOL BOOL The following possibilities can occur: If the source is "0", the destination data type is also "0" and the enable output ENO is "1". If only the LSB (Least Significant Bit) "1" is set in the source value, the destination data type is also "1" and the enable output ENO is "1". If bit is not equal to LSB in the source value, the destination data type is set according to LSB and the enable output ENO is "0". 2424 BYTE X The bit pattern of the source value is trans CONVERT ferred unchanged, right-justified, to the tar get data type. The enable output ENO is MOVE set to "0" if a negative value is converted CONVERT to an unsigned destination data type or if overflow occurs. WORD X DWORD X INT X REAL X The value is converted into the format of the destination data type (the value "1", for example, is converted with the instruction "Convert value" (CONVERT) into the value "1.0"). TIME X The bit pattern of the source value is trans T_CONV, MOVE ferred unchanged to the destination data type. S5TIME - No explicit conversion DT - TOD X DATE X STRING X The value is converted into a character string. The character string is shown pre ceded by a sign. If the permitted length of the character string is violated, the enable output ENO is set to "0". CHAR X The bit pattern of the source value is trans DINT_TO_CHAR ferred unchanged to the destination data type. With the conversion of negative val ues or with an overflow, the enable output ENO will be set to "0". BCD1) 2) X BCD_DWOR D1) 2) X If the permitted value range of the destina DINT_TO_BCD tion data type is violated or if there is an DINT_TO_BCD_DWORD invalid tetrad in the A - F range, the enable output ENO is set to "0". The result of the conversion is invalid in such a case. CONVERT, DTR, SCALE - The bit pattern of the source value is trans CONVERT ferred unchanged, right-justified, to the tar get data type. S_CONV, CONVERT WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Source Target Conversion Explanation Mnemonics of the instruction x: Conversion possible - : Conversion not possible The value to be converted has data type DWORD and is accepted as a BCD-coded value between -9999999 and +9999999. The result is available after conversion as an integer (in binary notation) of the type DINT. 1) 2) Valid for SCL: If the BCD code contains a pseudo tetrad, the CPU reports a programming error and opens the organization block "OB121". If the organization block OB121 is not present, the CPU changes to STOP mode. See also DINT (32-bit integers) (Page 2145) Overview of data type conversions (Page 2398) Implicit conversions (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2425 Programming the PLC 11.3 Data types Floating-point numbers (S7-300, S7-400) Explicit conversion of REAL (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the REAL data type: Source Target Conversion Explanation Mnemonics of the instruction REAL BOOL - No explicit conversion - BYTE - WORD - DWORD X The bit pattern of the source value is transferred unchanged to the desti nation data type. CONVERT, MOVE INT X DINT X The value is converted into the desti CONVERT, ROUND, RND, CEIL, RND+, nation data type. The result of con FLOOR, RND-, TRUNC, UNSCALE version depends on the instruction employed. The enable output ENO is set to "0" if the admissible range of values of the destination data type is exceeded during conversion or the value to be converted has an invalid floating-point number. TIME - No explicit conversion - S5TIME - DT - TOD - DATE - STRING X The value is converted into a charac S_CONV, CONVERT ter string. The enable output ENO is set to "0" if the character string length is exceeded or the value to be con verted has an invalid floating-point number. CHAR - No explicit conversion - x: Conversion possible - : Conversion not possible See also REAL (Page 2150) Overview of data type conversions (Page 2398) Implicit conversions (Page 2400) 2426 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Timer operations (S7-300, S7-400) Explicit conversion of TIME (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the TIME data type: Source Target Conversion Explanation Mnemonics of the instruction TIME BOOL - No explicit conversion - BYTE - WORD - DWORD X The bit pattern of the source value is CONVERT transferred unchanged to the destina tion data type. The result of conver sion shows the duration in millisec onds. INT - No explicit conversion DINT X The bit pattern of the source value is T_CONV, CONVERT transferred unchanged to the destina tion data type. The result of conver sion shows the duration in millisec onds. REAL - No explicit conversion S5TIME X The value is converted to the destina T_CONV, CONVERT tion data type format. The enable out put ENO is set to "0" in the event of overflow. DT - No explicit conversion TOD - DATE - STRING - CHAR - - - - x: Conversion possible - : Conversion not possible See also TIME (IEC time) (Page 2155) Overview of data type conversions (Page 2398) Implicit conversion of TIME (Page 2407) WinCC Advanced V14 System Manual, 10/2016 2427 Programming the PLC 11.3 Data types Explicit conversion of S5TIME (S7-300, S7-400) Options for explicit conversion in LAD, FBD, STL and GRAPH The following table shows the options and instructions for the explicit conversion of the S5TIME data type: Source Target Conversion Explanation Mnemonics of the instruction S5TIME BOOL - No explicit conversion - BYTE - WORD X The value is converted to the destina S5TIME_TO_WORD tion data type format. DWORD - No explicit conversion INT - DINT - REAL - TIME X The value is converted to the destina T_CONV, CONVERT tion data type format. DT - No explicit conversion TOD - DATE - STRING - CHAR - - - x: Conversion possible - : Conversion not possible See also S5TIME (duration) (Page 2154) Overview of data type conversions (Page 2398) Implicit conversion of S5TIME (Page 2408) 2428 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Date and time (S7-300, S7-400) Explicit conversion of DATE (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DATE data type: Source Target Conversion Explanation Mnemonics of the instruction DATE BOOL - No explicit conversion - BYTE - WORD X The value is converted to the destina DATE_TO_WORD tion data type format. DWORD - No explicit conversion INT X DINT X The value is converted to the destina DATE_TO_INT tion data type format. DATE_TO_DINT REAL - No explicit conversion TIME - S5TIME - DT - TOD - STRING - CHAR - - - x: Conversion possible - : Conversion not possible See also DATE (Page 2157) Overview of data type conversions (Page 2398) Implicit conversion of DATE (Page 2409) WinCC Advanced V14 System Manual, 10/2016 2429 Programming the PLC 11.3 Data types Explicit conversion of TOD (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the TOD data type: Source Target Conversion Explanation Mnemonics of the instruction TOD BOOL - No explicit conversion - BYTE - WORD - DWORD X The value is converted to the destina TOD_TO_DWORD tion data type format. INT - No explicit conversion - DINT X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. TOD_TO_DINT REAL - No explicit conversion - TIME - S5TIME - DT - DATE - STRING - CHAR - x: Conversion possible - : Conversion not possible See also TIME_OF_DAY (TOD) (Page 2157) Overview of data type conversions (Page 2398) Implicit conversion of TOD (Page 2410) 2430 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of DT (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the DT data type: Sourc e Target Conversion Explanation Mnemonics of the instruction DT BOOL - No explicit conversion - BYTE - WORD - DWORD - INT - DINT - REAL - TIME - S5TIME - TOD X During conversion, times are extracted from the DTL format and transferred to the desti nation data type. T_CONV, CONVERT DATE X During the conversion, the date information is extracted from the DTL format and trans ferred to the destination data type. STRING - No explicit conversion CHAR - - x: Conversion possible - : Conversion not possible See also DATE_AND_TIME (date and time of day) (Page 2158) Overview of data type conversions (Page 2398) WinCC Advanced V14 System Manual, 10/2016 2431 Programming the PLC 11.3 Data types String (S7-300, S7-400) Explicit conversion of CHAR (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the CHAR data type: Source Target Conversion Explanation Mnemonics of the instruction CHAR BOOL - No explicit conversion - BYTE X The bit pattern of the source value is transferred unchanged right-justified to the destination data type. CONVERT No explicit conversion - WORD X DWORD X INT X DINT X REAL - TIME - S5TIME - DT - TOD - DATE - STRING X The value is converted into the first S_CONV, CONVERT character in the character string (STRING). The length "1" is set after conversion if the character string length is not defined. If the character string length is defined, it remains un changed following conversion. x: Conversion possible - : Conversion not possible See also CHAR (Character) (Page 2161) Overview of data type conversions (Page 2398) Implicit conversion of CHAR (Page 2411) 2432 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.3 Data types Explicit conversion of STRING (S7-300, S7-400) Options for explicit conversion The following table shows the options and instructions for the explicit conversion of the STRING data type: Source Target Conversion Explanation Mnemonics of the instruction STRING BOOL - No explicit conversion - BYTE - WORD - DWORD - INT X S_CONV, CONVERT DINT X REAL X Conversion begins with the first character in the character string (STRING) and stops at the end of the string or at the first inad missible character. The following charac ters are admissible for conversion: Digit Sign Dot The first character in the character string may be a sign (+, -) or a digit. Leading spaces are ignored. The dot is used as separation for the conversion of floatingpoint numbers. The exponential notation "e" or "E" is not permitted. The comma as thousand separator to the left of the deci mal point is permitted but is ignored. If the layout of the character string is invalid for the conversion or an overflow occurs, then the enable output ENO will be set to "0". TIME - S5TIME - DT - TOD - DATE - CHAR X No explicit conversion - The first character in the character string (STRING) is transferred to the target data type. The value "0" is written to the target data type if the character string is empty. S_CONV, CONVERT x: Conversion possible - : Conversion not possible See also STRING (Page 2162) Overview of data type conversions (Page 2398) Implicit conversions (Page 2400) WinCC Advanced V14 System Manual, 10/2016 2433 Programming the PLC 11.4 Instructions Additional conversion functions (S7-300, S7-400) Additional explicit conversion functions in SCL (S7-300, S7-400) Additional options for explicit conversion in SCL The following table shows the additional options and operations for explicit conversion in SCL: Source Target Explanation Mnemonics of the instruction WORD BLOCK_DB The bit pattern of WORD is interpreted as a data block number. WORD_TO_BLOCK_DB BLOCK_DB WORD The data block number is interpreted as a bit pattern of WORD. BLOCK_DB_TO_WORD 11.4 Instructions 11.4.1 Instructions (S7-1200, S7-1500) 11.4.1.1 Example libraries (S7-1200, S7-1500) Sample Library for Instructions (S7-1200, S7-1500) The "Sample Library for Instructions" is the global library for the program examples using the instructions in STEP 7 (TIA Portal). This library offers you support during programming with its compact, easy to understand program examples in the programming language LAD. A CPU from the family SIMATIC S7-1200 / S7-1500 is required to use the library. ,QVWUXFWLRQVLQWKH7,$3RUWDO ([DPSOHV DVOLEUDU\ 2434 6LPSOH ,QVWUXFWLRQV ([WHQGHG ,QVWUXFWLRQV 6DPSOHOLEUDU\IRULQVWUXFWLRQV 7HFKQRORJ\ &RPPXQLFDWLRQ WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Programming examples in the TIA Portal information system Programming examples in the "Sample Library for Instructions" match the instructions used in the programming examples in the TIA Portal information system. This means that you can call the respective programming example documentation via the help (<F1>) in the TIA Portal. 3URJUDPLQWKH7,$3RUWDO 7,$3RUWDO,QIRUPDWLRQ6\VWHP 'RFXPHQWDWLRQH[SODLQVSURJUDPH[DPSOH ) /LEUDU\FRQWDLQVSURJUDPH[DPSOHIURPWKHGRFXPHQWDWLRQ Downloading the library The "Sample Library for Instructions" is available at the FAQ page (https:// support.industry.siemens.com/cs/de/en/view/109476781). WinCC Advanced V14 System Manual, 10/2016 2435 Programming the PLC 11.4 Instructions Library of General Functions (S7-1200, S7-1500) The "Library of General Functions" is the global library for supplementary functions for the instructions in STEP 7 (TIA Portal). To expand the scope of instructions, this library offers blocks with useful basic functions that are often required in automation projects. All contents of the library can be used with a CPU of the series SIMATIC S7-1200(F) / S7-1500(F). *HQHULFIXQFWLRQV ([DPSOHV DVOLEUDU\ /*) /LEUDU\RI*HQHUDO)XQFWLRQV &RQYHUVLRQ IXQFWLRQV 'DWD KDQGOLQJ 0DWK IXQFWLRQV 'DWHDQGWLPH IXQFWLRQV 2WKHU IXQFWLRQV 6LJQDO JHQHUDWRUV General functions The general functions of the "Library of General Functions" are provided as blocks in the SCL programming language. The library includes the following functions: FIFO, search function, matrix calculations, astro clock. You can immediately use the functions by means of parameter assignment and implement them universally. Downloading the library The "Library of General Functions" is stored on the FAQ page (https:// support.industry.siemens.com/cs/ww/en/view/109479728). 11.4.1.2 Asynchronous instructions (S7-1200, S7-1500) Difference between synchronous and asynchronous instructions (S7-1200, S7-1500) Asynchronous instructions In program processing, a differentiation is made between synchronous and asynchronous instructions. The "synchronous" and "asynchronous" properties relate to the temporal relationship between the call and execution of the instruction. The following applies to synchronous instructions: When the call of a synchronous instruction is ended, the execution is also ended. This is different in the case of asynchronous instructions: The execution of an asynchronous instruction can extend over multiple calls. The CPU processes asynchronous instructions in parallel with the cyclic user program. Asynchronous instructions occupy resources in the CPU while they are being processed. 2436 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Asynchronous instructions are usually instructions for transferring data (data records for modules, communication data, diagnostics data). Additional information about asynchronous instructions can be found here:SIMATIC S7-1500 / ET 200MP Manual Collection (https://support.industry.siemens.com/cs/ww/en/view/ 86140384) In the system manual under Basics of program processing > Asynchronous instructions Identification of the job To execute an instruction over multiple calls, the CPU must be able to uniquely assign a subsequent call to a running job of the instruction. To assign a call to a job, the CPU uses one of the following two mechanisms, depending on the type of the instruction: The instance of the instruction (with type "SFB" system function block) The input parameter of the instruction identifying the job If you use asynchronous instructions to trigger a process interrupt, output control commands to DP slaves, start a data transfer, or abort a non-configured connection and then call the instruction again before the current job is completed, the reaction of the instruction will depend on whether the second call involves the same job. Passing parameters to program blocks that are to be executed asynchronously Code blocks (FBs/FCs) and data blocks (DBs) can be created with different access types ("standard" and "optimized"). In code blocks, you can call any instructions. Some instructions (e.g. "WRIT_DBL" and "READ_DBL") are executed asynchronously. These blocks cannot be supplied with tags from TEMP because the data must not be changed during execution. Ensure that you do not use these instructions in programs in which code blocks of different access types are called reciprocally. This could cause the following to occur: A structure from a standard data block is directly or indirectly passed to an optimized code block, which forwards this structure directly or indirectly to one of the blocks mentioned above. The reverse scenario, whereby a structure from an optimized code block is directly or indirectly passed to a standard data block, which forwards this structure directly or indirectly to one of the program blocks mentioned above. Otherwise, a hidden copy of the passed data is created in TEMP, which leads to the asynchronous program blocks returning a negative acknowledgment. WinCC Advanced V14 System Manual, 10/2016 2437 Programming the PLC 11.4 Instructions Parameter REQ The input parameter REQ (request) is used solely to start the job: Trigger the job by setting the input parameter REQ to "1" (case 1). If a particular job has been started and not yet completed and you call the instruction again to perform the same job (for example, in a cyclic interrupt OB), then REQ is not evaluated by the instruction (case 2). If the job is completed, but the input parameter REQ is still set to "1", the job is immediately started again. Note REQ bit = "1" Please note that, when the REQ bit is set, the asynchronous instruction will be started again after the previous call is completed. This may not be desired. To make the project clearer and easier to maintain, it is therefore advisable to reset the REQ bit to "0" as early as possible. Parameter RET_VAL and BUSY The output parameters RET_VAL and BUSY indicate the status of the job. Pay attention to the note in section: AUTOHOTSPOT In case 1 (first call with REQ = 1), code W#16#7001 will be entered in RET_VAL and BUSY will be set to "1" if system resources are available and the supply of the input parameters is correct. If the required system resources are currently being used or the input parameters contain an error, the corresponding error code is entered in RET_VAL and BUSY receives the value "0". In case 2 (intermediate call), the code W#16#7002 is entered in RET_VAL (this corresponds to the message that the call is currently still being processed) and BUSY is set to "1". The following applies to the last call for a job: - For instruction "DPNRM_DG (Page 3551)", the number of data in bytes will entered as integer in RET_VAL in case there are no errors in data transmission. BUSY has the value "0" in this case. If there is an error, then the error information will be entered in RET_VAL and you should not evaluate BUSY in this case. - For all other instructions, "0" will be entered in RET_VAL if the job was executed without errors and BUSY will receive the value "0". If there is an error, the error code will be entered in RET_VAL and BUSY will receive the value "0". Note If the first and last call coincide, the reaction for RET_VAL and BUSY is the same as for the last call. 2438 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Overview The following table provides you with an overview of the relationships explained above. In particular, it shows the possible values of the output parameters if the execution of the job is not completed after an instruction call has been completed. Note Following every call, you must evaluate the relevant output parameters in your program. Relationship between call, REQ, RET_VAL and BUSY during a "running" job. Number of Type of call the call REQ RET_VAL BUSY DONE ERROR 1 1 W#16#7001 1 0 0 First call Error code 0 0 1 2 to (n - 1) Intermediate call irrelevant W#16#7002 1 0 0 n irrelevant W#16#0000 (exceptions: RD_REC (Page 3530) and RD_DPARA (Page 3625): The successfully read data length is written to the parameter STA TUS.) 0 1 0 Error code if errors occurred 0 0 1 Last call 11.4.1.3 Basic instructions (S7-1200, S7-1500) LAD (S7-1200, S7-1500) Bit logic operations (S7-1200, S7-1500) ---| |---: Normally open contact (S7-1200, S7-1500) Description The activation of the normally open contact depends on the signal state of the associated operand. When the operand has signal state "1", the normally open contact closes and the signal state at the output is set to the signal state of the input. When the operand has signal state "0", the normally open contact is not activated and the signal state at the output of the instruction is reset to "0". Two or more normally open contacts are linked bit-by-bit by AND when connected in series. With a series connection, power flows when all contacts are closed. The normally open contacts are linked by OR when connected in parallel. With a parallel connection, power flows when one of the contacts is closed. WinCC Advanced V14 System Manual, 10/2016 2439 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the instruction: Parameter <Operand> Declaration Input Data type BOOL Memory area S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Description Operand whose sig nal state is queried. Example The following example shows how the instruction works. Create a global data block with the following content for this purpose: Name of the block: SLI_gDB_NOContact Name Data type start1 BOOL start2 BOOL start3 BOOL startOut BOOL Write the following program code: 6/,BJ'%B 6/,BJ'%B 12&RQWDFW 12&RQWDFW VWDUW VWDUW 6/,BJ'%B 12&RQWDFW VWDUW2XW 6/,BJ'%B 12&RQWDFW VWDUW Operand "SLI_gDB_NOContact".startOut is set when one of the following conditions is fulfilled: The operands "SLI_gDB_NOContact".start1 and "SLI_gDB_NOContact".start2 have the signal state "1". The operand "SLI_gDB_NOContact".start3 has the signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) 2440 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ---| / |---: Normally closed contact (S7-1200, S7-1500) Description The activation of the normally closed contact depends on the signal state of the associated operand. When the operand has signal state "1", the normally closed contact opens and the signal state at the output of the instruction is reset to "0". When the operand has signal state "0", the normally closed contact is not enabled and the signal state of the input is transferred to the output. Two or more normally closed contacts are linked bit-by-bit by AND when connected in series. With a series connection, power flows when all contacts are closed. The normally closed contacts are linked by OR when connected in parallel. With a parallel connection, power flows when one of the contacts is closed. Parameter The following table shows the parameters of the instruction: Parameter <Operand> Declara tion Data type Input BOOL Memory area S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Description Operand whose signal state is quer ied. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 7DJ,QB The "TagOut" operand is set when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The operand "TagIn_3" has the signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) WinCC Advanced V14 System Manual, 10/2016 2441 Programming the PLC 11.4 Instructions Basic information on LAD (Page 4634) Memory areas (Page 944) --|NOT|--: Invert RLO (S7-1200, S7-1500) Description You use the "Invert RLO" instruction to invert the signal state of the result of logic operation (RLO). If the signal state is "1" at the input of the instruction, the output of the instruction has signal state "0". If the signal state is "0" at the input of the instruction, the output has the signal state "1". Example The following example shows how the instruction works: 7DJ,QB 127 7DJ2XW 7DJ,QB 7DJ,QB Operand "TagOut" is reset when one of the following conditions is fulfilled: The operand "TagIn_1" has the signal state "1". The signal state of the operands "TagIn_2" and "TagIn_3" is "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) ---( )---: Assignment (S7-1200, S7-1500) Description You can use the "Assignment" instruction to set the bit of a specified operand. If the result of logic operation (RLO) at the input of the coil has signal state "1", the specified operand is set to signal state "1". If the signal state is "0" at the input of the coil, the bit of the specified operand is reset to "0". 2442 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction does not influence the RLO. The RLO at the input of the coil is sent directly to the output. Parameter The following table shows the parameters of the "Assignment" instruction: Parameter Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand to which the RLO is assigned. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ,QB 7DJ2XWB 7DJ,QB 7DJ2XWB The "TagOut_1" operand is set when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The signal state of the operand "TagIn_3" is "0". The "TagOut_2" operand is set when one of the following conditions is fulfilled: Operands "TagIn_1", "TagIn_2", and "TagIn_4" have signal state "1". The signal state of the "TagIn_3" operand is "0" and the signal state of the "TagIn_4" operand is "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2443 Programming the PLC 11.4 Instructions --( / )--: Negate assignment (S7-1200, S7-1500) Description The "Negate assignment" instruction inverts the result of logic operation (RLO) and assigns it to the specified operand. When the RLO at the input of the coil is "1", the operand is reset. When the RLO at the input of the coil is "0", the operand is set to signal state "1". Parameter The following table shows the parameters of the "Negate assignment" instruction: Parameter Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand to which the RLO is assigned. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ,QB 7DJ2XWB 7DJ,QB 7DJ2XWB Operand "TagOut_1" is reset when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The signal state of the operand "TagIn_3" is "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) 2444 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ---( R )---: Reset output (S7-1200, S7-1500) Description You can use the "Reset output" instruction to reset the signal state of a specified operand to "0". The instruction is only executed if the result of logic operation (RLO) at the input of the coil is "1". If power flows to the coil (RLO = "1"), the specified operand is reset to "0". If the RLO at the input of the coil is "0" (no signal flow to the coil), the signal state of the specified operand remains unchanged. Parameter The following table shows the parameters of the "Reset output" instruction: Parameter Declaration Data type Memory area S7-1200 <Operand> Output BOOL Description S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Operand that is re set when RLO = "1". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 5 7DJ,QB Operand "TagOut" is reset when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The signal state of the operand "TagIn_3" is "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2445 Programming the PLC 11.4 Instructions ---( S )---: Set output (S7-1200, S7-1500) Description You can use the "Set output" instruction to set the signal state of a specified operand to "1". The instruction is only executed if the result of logic operation (RLO) at the input of the coil is "1". If power flows to the coil (RLO = "1"), the specified operand is set to "1". If the RLO at the input of the coil is "0" (no signal flow to the coil), the signal state of the specified operand remains unchanged. Parameter The following table shows the parameters of the "Set output" instruction: Parameter Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand which is set with RLO = "1". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 6 7DJ,QB The "TagOut" operand is set when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The signal state of the operand "TagIn_3" is "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) 2446 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SET_BF: Set bit field (S7-1200, S7-1500) Description You use the "Set bit field" instruction to set several bits starting from a certain address. You determine the number of bits to be set using the value of <Operand1>. The address of the first bit to be set is defined by <Operand2>. If the value of <Operand1> is greater than the number of bits in a selected byte, then the bits of the next byte will be set. The bits remain set until they are explicitly reset by another instruction. The instruction is only executed if the result of logic operation (RLO) at the input of the coil is "1". If the RLO at the input of the coil is "0", the instruction does not execute. Bit fields of the type PLC data type, STRUCT or ARRAY With structures of the type PLC data type, STRUCT or ARRAY, the number of bits contained in the structure represents the maximum number of bits that can be reset: If you specify the value "20" at <Operand1>, for example, and the structure only contains 10 bits, then only these 10 bits are set. If you specify the value "5" at <Operand1>, for example, and the structure contains 10 bits, then exactly 5 bits are set. Parameter The following table shows the parameters of the "Set bit field" instruction: Parameter Declaration Data type Memory area Description <Operand2> Output BOOL I, Q, M Pointer to the first bit to be set. In the case of a DB or an IDB, an ele ment of an AR RAY[..] of BOOL <Operand1> Input UINT Constant Number of bits to be set Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 0\'%0\%RRO$UUD\>@ 6(7B%) If the operands "TagIn_1" and "TagIn_2" have the signal state "1", 5 bits are set starting at the address of the operand "MyDB".MyBoolArray[4]. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2447 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) RESET_BF: Reset bit field (S7-1200, S7-1500) Description You use the "Reset bit field" instruction to reset several bits starting from a certain address. You specify the number of bits to be reset using the value of <Operand1>. The address of the first bit to be reset is defined by <Operand2>. If the value of <Operand1> is greater than the number of bits in a selected byte, then the bits of the next byte will be reset. The bits remain set until they are explicitly reset by another instruction. The instruction is only executed if the result of logic operation (RLO) at the input of the coil is "1". If the RLO at the input of the coil is "0", the instruction does not execute. Bit fields of the type PLC data type, STRUCT or ARRAY With structures of the type PLC data type, STRUCT or ARRAY, the number of bits contained in the structure represents the maximum number of bits that can be set: If you specify the value "20" at <Operand1>, for example, and the structure only contains 10 bits, then only these 10 bits are reset. If you specify the value "5" at <Operand1>, for example, and the structure contains 10 bits, then exactly 5 bits are reset. Parameter The following table shows the parameters of the "Reset bit field" instruction: Parameter Declaration Data type Memory area Description <Operand2> Output BOOL I, Q, M Pointer to the first bit to be re With a DB or an in set. stance DB, an ele ment of an AR RAY[..] of BOOL <Operand1> Input UINT Constant Number of bits to be reset Example The following example shows how the instruction works: 7DJ,QB 2448 7DJ,QB 0\'%0\%RRO$UUD\>@ 5(6(7B%) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the operands "TagIn_1" and "TagIn_2" have the signal state "1", 5 bits are reset starting at the address of the operand "MyDB".MyBoolArray[4] For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SR: Set/reset flip-flop (S7-1200, S7-1500) Description Use the instruction "Set/reset flip-flop" to set or reset the bit of the specified operand, depending on the signal state of the inputs S and R1. If the signal state is "1" at input S and "0" at input R1, the specified operand is set to "1". If the signal state is "0" at input S and "1" at input R1, the specified operand will be reset to "0". Input R1 takes priority over input S. When the signal state is "1" on both inputs S and R1, the signal state of the specified operand is reset to "0". The instruction is not executed if the signal state at the two inputs S and R1 is "0". The signal state of the operand then remains unchanged. The current signal state of the operand is transferred to output Q and can be queried there. Parameter The following table shows the parameters of the "Set/reset flip-flop" instruction: Parameter WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 Description S Input BOOL I, Q, M, D, L I, Q, M, D, L Enable setting R1 Input BOOL I, Q, M, D, L I, Q, M, D, L, Enable resetting T, C <Operand> InOut BOOL I, Q, M, D, L I, Q, M, D, L Operand that is set or reset. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Signal state of the operand 2449 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ65 7DJ,QB 6 65 4 7DJ2XW 7DJ,QB 5 The operands "TagSR" and "TagOut" are set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The operand "TagIn_2" has the signal state "0". The operands "TagSR" and "TagOut" are reset when one of the following conditions is fulfilled: The operand "TagIn_1" has signal state "0" and the operand "TagIn_2" has signal state "1". The operands "TagIn_1" and "TagIn_2" have signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) RS: Reset/set flip-flop (S7-1200, S7-1500) Description You can use the "Reset/set flip-flop" instruction to reset or set the bit of a specified operand based on the signal state of the inputs R and S1. If the signal state is "1" at input R and "0" at input S1, the specified operand will be reset to "0". If the signal state is "0" at input R and "1" at input S1, the specified operand is set to "1". Input S1 takes priority over input R. When the signal state is "1" at both inputs R and S1, the signal state of the specified operand is set to "1". The instruction is not executed if the signal state at the two inputs R and S1 is "0". The signal state of the operand then remains unchanged. The current signal state of the operand is transferred to output Q and can be queried there. 2450 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Reset/set flip-flop" instruction: Parameter Declaration Data type Memory area S7-1200 Description S7-1500 R Input BOOL I, Q, M, D, L I, Q, M, D, L Enable resetting S1 Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable setting <Operand> InOut BOOL I, Q, M, D, L I, Q, M, D, L Operand that is reset or set. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Signal state of the operand Example The following example shows how the instruction works: 7DJ56 7DJ,QB 5 56 4 7DJ2XW 7DJ,QB 6 The operands "TagRS" and "TagOut" are reset when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The operand "TagIn_2" has the signal state "0". The operands "TagRS" and "TagOut" are set when one of the following conditions is fulfilled: The operand "TagIn_1" has signal state "0" and the operand "TagIn_2" has signal state "1". The operands "TagIn_1" and "TagIn_2" have signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2451 Programming the PLC 11.4 Instructions --|P|--: Scan operand for positive signal edge (S7-1200, S7-1500) Description You can use the "Scan operand for positive signal edge" instruction to determine if there is a "0" to "1" change in the signal state of a specified operand (<Operand1>). The instruction compares the current signal state of <Operand1> with the signal state of the previous scan, which is saved in an edge memory bit (<Operand2>). If the instruction detects a change in the result of logic operation (RLO) from "0" to "1", there is a positive, rising edge. The following figure shows the change in the signal state in case of a negative and a positive signal edge: 6LJQDO VWDWH 3RVLWLYHVLJQDOHGJH 1HJDWLYHVLJQDOHGJH 7LPHU The positive signal edge is queried each time the instruction executes. When a positive signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". Specify the operand to be queried (<Operand1>) in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameter The following table shows the parameters of the "Scan operand for positive signal edge" instruction: Parameter 2452 Declaration Data type Memory area S7-1200 S7-1500 Description <Operand1> Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Signal to be scanned <Operand2> InOut BOOL I, Q, M, D, L I, Q, M, D, L Edge memory bit in which the signal state of the previous query is saved. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB 7DJ2XW 3 7DJB0 Operand "TagOut" is set when the following conditions are fulfilled: The operands "TagIn_1", "TagIn_2", and "TagIn_3" have signal state "1". There is a rising edge at operand "TagIn_4". The signal state of the previous scan is stored in the edge memory bit "Tag_M". The signal state of the operand "TagIn_5" is "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) --|N|--: Scan operand for negative signal edge (S7-1200, S7-1500) Description You can use the "Scan operand for negative signal edge" instruction to determine if there is a "1" to "0" change in the signal state of a specified operand (<Operand1>). The instruction compares the current signal state of <Operand1> with the signal state of the previous scan that is saved in an edge memory bit <Operand2>. If the instruction detects a change in the result of logic operation (RLO) from "1" to "0", there is a negative, falling edge. The following figure shows the change in the signal state in case of a negative and a positive signal edge: 6LJQDO VWDWH 3RVLWLYHVLJQDOHGJH 1HJDWLYHVLJQDOHGJH 7LPHU The negative signal edge is queried each time the instruction executes. When a negative signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". WinCC Advanced V14 System Manual, 10/2016 2453 Programming the PLC 11.4 Instructions Specify the operand to be queried (<Operand1>) in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameter The following table shows the parameters of the "Scan operand for negative signal edge" instruction: Parameter Declaration Data type Memory area Description S7-1200 S7-1500 <Operand1> Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Signal to be scanned <Operand2> InOut BOOL I, Q, M, D, L I, Q, M, D, L Edge memory bit in which the signal state of the previous query is saved. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB 7DJ2XW 1 7DJB0 Operand "TagOut" is set when the following conditions are fulfilled: The operands "TagIn_1", "TagIn_2", and "TagIn_3" have signal state "1". There is a negative signal edge at operand "TagIn_4". The signal state of the previous scan is stored in the edge memory bit "Tag_M". The signal state of the operand "TagIn_5" is "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2454 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) --(P)--: Set operand on positive signal edge (S7-1200, S7-1500) Description You can use the "Set operand on positive signal edge" instruction to set a specified operand (<Operand1>) when there is a "0" to "1" change in the result of logic operation (RLO). The instruction compares the current RLO with the RLO from the previous query, which is saved in the edge memory bit (<Operand2>). If the instruction detects a change in the RLO from "0" to "1", there is a positive signal edge. The positive signal edge is queried each time the instruction executes. When a positive signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". You specify the operand (<Operand1>) to be set in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameter The following table shows the parameters of the instruction "Set operand on positive signal edge": WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description <Operand1> Output BOOL I, Q, M, D, L Operand which is set by a positive edge. <Operand2> InOut BOOL I, Q, M, D, L Edge memory bit 2455 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 3 7DJB0 7DJ,QB Operand "TagOut" is set for one program cycle, when the signal state at the input of the coil switches from "0" to "1" (positive signal edge). In all other cases, the operand "TagOut" has the signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) --(N)--: Set operand on negative signal edge (S7-1200, S7-1500) Description You can use the "Set operand on negative signal edge" instruction to set a specified operand (<Operand1>) when there is a "1" to "0" change in the result of logic operation (RLO). The instruction compares the current RLO with the RLO from the previous query, which is saved in the edge memory bit (<Operand2>). If the instruction detects a change in the RLO from "1" to "0", there is a negative signal edge. The negative signal edge is queried each time the instruction executes. When a negative signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". You specify the operand (<Operand1>) to be set in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. 2456 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the instruction "Set operand on negative signal edge": Parameter Declaration Data type Memory area Description <Operand1> Output BOOL I, Q, M, D, L Operand which is set by a negative edge. <Operand2> InOut BOOL I, Q, M, D, L Edge memory bit Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 1 7DJB0 7DJ,QB Operand "TagOut" is set for one program cycle, when the signal state at the input of the coil switches from "1" to "0" (negative signal edge). In all other cases, the operand "TagOut" has the signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) P_TRIG: Scan RLO for positive signal edge (S7-1200, S7-1500) Description Use the "Scan RLO for positive signal edge" instruction to query a "0" to "1" change in the signal state of the result of logic operation (RLO). The instruction compares the current signal state of the RLO with the signal state of the previous query, which is saved in an edge memory bit (<operand>). If the instruction detects a change in the RLO from "0" to "1", there is a positive signal edge. WinCC Advanced V14 System Manual, 10/2016 2457 Programming the PLC 11.4 Instructions The positive signal edge is queried each time the instruction executes. As soon as a positive single edge is detected, the output Q of the instruction returns the signal state "1" for the length of a program cycle. In all other cases, the output returns the signal state "0". Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameter The following table shows the parameters of the instruction "Scan RLO for positive signal edge": Parameter Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Current RLO <Operand> InOut BOOL M, D Edge memory bit in which the RLO of the previous query is saved. Q Output BOOL I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 3B75,* &/. 4 &$6 -03 7DJB0 7DJ,QB The RLO of the previous query is saved in the edge memory bit "Tag_M". If a "0" to "1" change is detected in the signal state of the RLO, the program jumps to jump label CAS1. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2458 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions N_TRIG: Scan RLO for negative signal edge (S7-1200, S7-1500) Description Use the "Scan RLO for negative signal edge" instruction to query a "1" to "0" change in the signal state of the result of logic operation (RLO). The instruction compares the current signal state of the RLO with the signal state of the previous query, which is saved in an edge memory bit (<operand>). If the instruction detects a change in the RLO from "1" to "0", there is a negative signal edge. The negative signal edge is queried each time the instruction executes. As soon as a negative single edge is detected, the output Q of the instruction returns the signal state "1" for the length of a program cycle. In all other cases, the signal state at the output of the instruction is "0". Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This step influences the edge evaluation and the result is therefore no longer unique. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameter The following table shows the parameters of the "Scan RLO for negative signal edge" instruction: Parameters Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Current RLO <Operand> InOut BOOL M, D Edge memory bit in which the RLO of the previous query is saved. Q Output BOOL I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 1B75,* &/. 4 &$6 -03 7DJB0 7DJ,QB The RLO of the previous query is saved in the edge memory bit "Tag_M". If a "1" to "0" change is detected in the signal state of the RLO, the program jumps to jump label CAS1. WinCC Advanced V14 System Manual, 10/2016 2459 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) R_TRIG: Detect positive signal edge (S7-1200, S7-1500) Description With the "Detect positive signal edge" instruction, you can detect a state change from "0" to "1" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "0" to "1", a positive signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". Parameter The following table shows the parameters of the "Detect positive signal edge" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output CLK Input BOOL I, Q, M, D, L or con Incoming signal, the edge of stant which is to be queried. Q Output BOOL I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: '% 5B75,*B'% 5B75,* (1 7DJ,QB (12 7DJ,QB &/. 4 7DJ2XWB4 7DJ,QB 2460 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The previous state of the tag at the CLK input is stored in the "R_TRIG_DB" tag. If a change in the signal state from "0" to "1" is detected in the "TagIn_1" and "TagIn_2" operands or in the "TagIn_3" operand, the "TagOut_Q" output has signal state "1" for one cycle. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) F_TRIG: Detect negative signal edge (S7-1200, S7-1500) Description With the "Detect negative signal edge" instruction, you can detect a state change from "1" to "0" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "1" to "0", a negative signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". Parameter The following table shows the parameters of the "Detect negative signal edge" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output CLK Input BOOL I, Q, M, D, L or con Incoming signal, stant the edge of which is to be queried. Q Output BOOL I, Q, M, D, L Result of edge evaluation 2461 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: '% )B75,*B'% )B75,* (1 7DJ,QB (12 7DJ,QB &/. 4 7DJ2XWB4 7DJ,QB The previous state of the tag at the CLK input is stored in the "F_TRIG_DB" tag. If a change in the signal state from "1" to "0" is detected in the "TagIn_1" and "TagIn_2" operands or in the "TagIn_3" operand, the "TagOut_Q" output has signal state "1" for one cycle. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Timer operations (S7-1200, S7-1500) TP: Generate pulse (S7-1200, S7-1500) Description You can use the "Generate pulse" instruction to set the Q output for a programmed duration. The instruction is started when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. Output Q is set for the duration PT, regardless of the subsequent course of the input signal. Even if a new positive signal edge is detected, the signal state at the output Q is not affected as long as the PT time duration is running. You can scan the current time value at the ET output. The timer value starts at T#0s and ends when the value of the time duration PT is reached. When the time PT has elapsed and the signal state at input IN is "0", the ET output is reset. 2462 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Each call of the "Generate pulse" instruction must be assigned to an IEC timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC timer is a structure of the data type IEC_TIMER or TP_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME, TP_LTIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC Timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TP_TIME or TP_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME, TP_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate pulse" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Generate pulse" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 Description S7-1500 IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P PT Input TIME TIME, LTIME I, Q, M, D, L or constant Start input I, Q, M, D, L, Duration of the P or constant pulse The value of the PT parameter must be positive. WinCC Advanced V14 System Manual, 10/2016 2463 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 Description S7-1500 Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Pulse output ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current time val ue Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate pulse" instruction: ,1 4 37 37 37 (7 37 Example The following example shows how the instruction works: 73B'% 7DJB6WDUW 7DJB3UHVHW7LPH 73 7,0( ,1 4 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: 2464 Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status TRUE ET Tag_ElapsedTime from T#0s => T#10s WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started and the "Tag_Status" operand is set to "1". The current time value is stored in the "Tag_ElapsedTime" operand. When the time expires, the "Tag_Status" operand is reset to signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Example of controlling room temperature (Page 4690) Basic information on LAD (Page 4634) Memory areas (Page 944) TON: Generate on-delay (S7-1200, S7-1500) Description You can use the "Generate on-delay" instruction to delay setting of the Q output by the programmed time PT. The instruction is started when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. When the time PT has elapsed, the output Q has the signal state "1". Output Q remains set as long as the start input is still "1". When the signal state at the start input changes from "1" to "0", the Q output is reset. The timer function is started again when a new positive signal edge is detected at the start input. The current time value can be queried at the ET output. The timer value starts at T#0s and ends when the value of the time duration PT is reached. The ET output is reset as soon as the signal state at the IN input changes to "0". Each call of the "Generate on-delay" instruction must be assigned to an IEC timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC timer is a structure of the data type IEC_TIMER or TON_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) WinCC Advanced V14 System Manual, 10/2016 2465 Programming the PLC 11.4 Instructions For S7-1500 CPU An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TON_TIME or TON_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME, TON_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate on-delay" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Generate on-delay" instruction: Parameters 2466 Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, P IN Input BOOL BOOL Start input PT Input TIME TIME, LTIME I, Q, M, D, L or con stant I, Q, M, D, L, Duration of P or constant the on-delay The value of the PT pa rameter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is set when the time PT expires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current time value WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate on-delay" instruction: ,1 4 37 37 (7 37 Example The following example shows how the instruction works: 721B'% 7DJB6WDUW 7DJB3UHVHW7LPH 721 7,0( ,1 4 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status FALSE; after 10 s => TRUE ET Tag_ElapsedTime from T#0s => T#10s When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. When the time duration expires, the "Tag_Status" operand is set to the signal state "1". The Tag_Status operand remains set to "1" as long as the Tag_Start operand has signal state "1". The current time value is stored in the "Tag_ElapsedTime" operand. When the signal state at the operand "Tag_Start" changes from "1" to "0", the "Tag_Status" operand is reset. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2467 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) TOF: Generate off-delay (S7-1200, S7-1500) Description You can use the "Generate off-delay" instruction to delay resetting of the Q output by the programmed time PT. The Q output is set when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). When the signal state at input IN changes back to "0", the programmed time PT starts. Output Q remains set as long as the time duration PT is running. When the PT time duration expires, the Q output is reset. If the signal state at input IN changes to "1" before the PT time duration expires, the timer is reset. The signal state at the output Q continues to be "1". The current time value can be queried at the ET output. The timer value starts at T#0s and ends when the value of the time duration PT is reached. When the PT time duration expires, the ET output remains set to the current value until input IN changes back to "1". If input IN switches to "1" before the duration PT has expired, the ET output is reset to the value T#0s. Each call of the "Generate off-delay" instruction must be assigned to an IEC Timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC timer is a structure of the data type IEC_TIMER or TOF_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TOF_TIME or TOF_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME, TOF_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) 2468 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction data is updated in the following cases: When the instruction is called if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate off-delay" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Generate off-delay" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, P Description IN Input BOOL BOOL Start input PT Input TIME TIME, LTIME I, Q, M, D, L or con stant I, Q, M, D, L, Duration of P or constant the off delay The value of the PT pa rameter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is reset when the time PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current time value 2469 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate off-delay" instruction: ,1 4 37 37 (7 37 Example The following example shows how the instruction works: 72)B'% 7DJB6WDUW 7DJB3UHVHW7LPH 72) 7,0( ,1 4 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1"; sig nal transition "1" => "0" PT Tag_PresetTime T#10s Q Tag_Status TRUE ET Tag_ElapsedTime from T#10s => T#0s When the signal state of the operand "Tag_Start" changes from "0" to "1", the "Tag_Status" operand is set to signal state "1". When the signal state of the "Tag_Start" operand changes from "1" to "0", the time programmed for the PT parameter is started. As long as the time is running, the "Tag_Status" operand remains set to TRUE. When the time has expired, the "Tag_Status" operand is reset to FALSE. The current time value is stored in the "Tag_ElapsedTime" operand. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2470 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) TONR: Time accumulator (S7-1200, S7-1500) Description The instruction "Time accumulator" is used to accumulate time values within a period set by the parameter PT. When the signal state at the IN input changes from "0" to "1" (positive signal edge), the instruction is executed and time PT starts. While the time PT is running, the time values are accumulated that are recorded when the IN input has signal state "1". The accumulated time is written to the ET output and can be queried there. When the duration PT expires, the output Q has signal state "1". The Q parameter remains set to "1", even when the signal state at the IN parameter changes from "1" to "0" (negative signal edge). The R input resets the ET and Q outputs regardless of the signal state of the start input. Each call of the "Time accumulator" instruction must be assigned an IEC timer in which the instruction data is stored. For S7-1200 CPU An IEC Timer is a structure of the data type IEC_TIMER or TONR_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TONR_TIME or TONR_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME, TONR_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the Time accumulator" instruction requires a preceding logic operation. It can be placed within or at the end of the network. WinCC Advanced V14 System Manual, 10/2016 2471 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Time accumulator" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Start input R Input BOOL BOOL I, Q, M, D, L or constant I, Q, M, D, Reset input L, P or con stant PT Input TIME TIME, LTIME I, Q, M, D, L or constant I, Q, M, D, Maximum duration L, P or con of time recording stant The value of the PT parameter must be positive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is set when time PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Accumulated time Pulse timing diagram The following figure shows the pulse timing diagram of the "Time accumulator" instruction: ,1 5 4 37 (7 2472 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7215B'% 7DJB6WDUW 7DJB5HVHW 7DJB3UHVHW7LPH 7215 7,0( ,1 4 5 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH 37 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status FALSE; after 10 s => TRUE ET Tag_ElapsedTime Signal transition from "0" => "1" The time T#10s expires. After 5 s signal transition from "1" => "0": The time at the "Tag_Elapsed Time" operand remains at T#5s. After approx. 2 s, renewed signal transition from "0" => "1": The time at the "Tag_Elapsed Time" operand continues to run at T#5s. When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. The time continues to run as long as the "Tag_Start" operand has the signal state "1". When the signal state of the "Tag_Start" operand changes from "1" to "0", the time stops and the current time value at the Tag_ElapsedTime operand is recorded. When the signal state at the "Tag_Start" operand changes again from "0" to "1", the time continues to run starting at the time value that was recorded at the transition from "1" to "0". When the time value specified for the PT parameter is reached, the "Tag_Status" operand is set to the signal state "1". The current time value is stored in the "Tag_ElapsedTime" operand. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2473 Programming the PLC 11.4 Instructions ---( TP )---: Start pulse timer (S7-1200, S7-1500) Description Use the "Start pulse timer" instruction to start an IEC timer with a specified duration as pulse. The IEC timer is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The IEC timer runs for the specified duration regardless of any subsequent changes in the RLO. The run of the IEC timer is also not affected by the detection of a new positive signal edge. As long as the IEC timer is running, the querying of the timer status for "1" returns the signal state "1". When the IEC timer has expired, the timer status returns the signal state "0". Note You can start and query the IEC timer at various execution levels, as each querying of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start pulse timer" stores its data in a structure of the data type IEC_TIMER or TP_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_LTIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The instruction "Start pulse timer" stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TP_TIME or TP_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME, TP_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is stored in the Q structure component of the IEC timer. You can use a normally open contact to query timer status for "1" or a normally closed contact for "0". The execution of the "Start pulse timer" instruction assumes a preceding logic operation. It can be placed only at the end of the network. 2474 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Start pulse timer" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description <Time dura tion> Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC timer runs. <IEC timer> InOut IEC_TIMER, TP_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME D, L IEC timer that is star ted. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJB,QSXW '% 0\,(&B7,0(5 73 7DJ7LPH The "Start pulse timer" instruction is executed when the signal state of the operand "Tag_Input" changes from "0" to "1". The timer "DB1".MyIEC_TIMER is started for the time stored in the operand "TagTime". '% 0\,(&B7,0(54 7DJB2XWSXW As long as the timer "DB1". MyIEC_TIMER is running, the timer status ("DB1".MyIEC_TIMER.Q) has signal state "1" and the operand "Tag_Output" is set. When the IEC timer has expired, the signal state of the time status changes back to "0" and the "Tag_Output" operand is reset. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2475 Programming the PLC 11.4 Instructions ---( TON )---: Start on-delay timer (S7-1200, S7-1500) Description Use the "Start on-delay timer" instruction to start an IEC timer with a specified duration as ondelay. The IEC timer is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The IEC timer runs for the specified time. The output returns the signal state "1" if the RLO at the input of the instruction has the signal state "1". If the RLO changes to "0" before the time expires, the IEC timer is reset. In this case, querying the timer status for "1" returns signal state "0". The IEC timer restarts when the next positive signal edge is detected at the input of the instruction. Note You can start and query the IEC timer at various execution levels, as each querying of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start on-delay timer" stores its data in a structure of the data type IEC_TIMER or TON_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Start on-delay timer" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TON_TIME or TON_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME, TON_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is stored in the ET structure component of the IEC timer. You can use a normally open contact to query timer status for "1" or a normally closed contact for "0". The execution of the "Start on-delay timer" instruction assumes a preceding logic operation. It can be placed only at the end of the network. 2476 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Start on-delay timer" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description <Time dura tion> Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC timer runs. <IEC timer> InOut IEC_TIMER, TON_TIME IEC_TIMER, IEC_LTIMER, TON_TIME, TON_LTIME D, L IEC timer that is started. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJB,QSXW 0\,(&B7,0(5 721 7DJ7LPH The "Start on-delay timer" instruction is executed when the signal state of the operand "Tag_Input" changes from "0" to "1". The "MyIEC_TIMER timer is started for the time stored in the "TagTime" operand. 0\,(&B7,0(54 7DJB2XWSXW If the timer "MyIEC_TIMER" has expired and the operand "Tag_Input" has the signal state "1", querying the timer status ("MyIEC_TIMER).Q) returns signal state "1" and the "Tag_Output" operand is set. When the signal state of the operand "Tag_Input" changes to "0", the querying of the timer status returns the signal state "0" and the operand "Tag_Output" is reset. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2477 Programming the PLC 11.4 Instructions ---( TOF )---: Start off-delay timer (S7-1200, S7-1500) Description Use the "Start off-delay timer" instruction to start an IEC timer with a specified duration as ondelay. The query of the timer status for "1" returns the signal state "0" if the result of logic operation (RLO) at the input of the instruction has the signal state "1". When the RLO changes from "1" to "0" (negative signal edge), the IEC timer starts with the specified time. The timer status remains at signal state "1" as long as the IEC timer is running. When the timer has run out and the RLO at the input of the instruction has the signal state "0", the timer status is set to the signal state "0". If the RLO changes to "1" before the time expires, the IEC timer is reset and the timer status remains at signal state "1". Note You can start and query the IEC timer at various execution levels, as each querying of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start off-delay timer" stores its data in a structure of the data type IEC_TIMER or TOF_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Start off-delay timer" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TOF_TIME or TOF_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME, TOF_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is stored in the ET structure component of the IEC timer. You can use a normally open contact to query timer status for "1" or a normally closed contact for "0". The execution of the "Start off-delay timer" instruction assumes a preceding logic operation. It can be placed only at the end of the network. 2478 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Start off-delay timer" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description <Time dura tion> Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC timer runs. <IEC timer> InOut IEC_TIMER, TOF_TIME IEC_TIMER, IEC_LTIMER, TOF_TIME, TOF_LTIME D, L IEC timer that is started. You can find additional information on valid data types under "See also". Example As long as timer #MyIEC_TIMER is running, the query of the time status (#MyIEC_TIMER.Q) returns the signal state "1" and operand "Tag_Output" is set. If the timer has expired and the operand "Tag_Input" has the signal state "0", the query of the timer status returns the signal state "0". If the signal state of the operand "Tag_Input" changes to "1" before timer #MyIEC_TIMER expires, the timer is reset. When the signal state of the operand "Tag_Input" is "1", the query of the timer status returns the signal state "1". The following example shows how the instruction works: 7DJB,QSXW 0\,(&B7,0(5 72) 7DJ7LPH The "Start off-delay timer" instruction is executed when the signal state of the operand "Tag_Input" changes from "1" to "0". The timer #MyIEC_TIMER is started for the time stored in the operand "TagTime". 0\,(&B7,0(54 7DJB2XWSXW For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2479 Programming the PLC 11.4 Instructions ---( TONR )---: Time accumulator (S7-1200, S7-1500) Description You can use the "Time accumulator" instruction to record how long the signal is at the input of instruction "1". The instruction is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The time is recorded as long at the RLO is "1". If the RLO changes to "0", the instruction is halted. If the RLO changes back to "1", the time recording is continued. The query of the timer status for "1" returns the signal state "1" if the recorded time exceeds the value of the specified duration and the RLO at the input of coil is "1". The timer status and the currently expired timer can be reset to "0" using the "Reset timer" instruction. Note You can start and query the IEC timer at various execution levels, as each querying of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The "Time accumulator" instruction stores its data in a structure of the data type IEC_TIMER or TONR_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Time accumulator" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TONR_TIME or TONR_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME, TONR_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is stored in the ET structure component of the IEC timer. You can use a normally open contact to query timer status for "1" or a normally closed contact for "0". The execution of the Time accumulator" instruction requires a preceding logic operation. It can be placed only at the end of the network. 2480 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Time accumulator" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description <Time dura tion> Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC timer runs. <IEC timer> InOut IEC_TIMER, TONR_TIME IEC_TIMER, IEC_LTIMER, TONR_TIME, TONR_LTIME D, L IEC timer that is started. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJB,QSXW 0\,(&B7,0(5 7215 7DJ7LPH The "Time accumulator" instruction executes on a positive signal edge in the RLO. The time is recorded as long as the operand "Tag_Input" has the signal state "1". 0\,(&B7,0(54 7DJB2XWSXW If the recorded time exceeds the value of the operand "TagTime", then the query of the timer status ("MyIEC_TIMER".Q) will return the signal state "1" and the operand "Tag_Output" will be set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2481 Programming the PLC 11.4 Instructions ---( RT )---: Reset timer (S7-1200, S7-1500) Description You can use the "Reset timer" instruction to reset an IEC timer to "0". The instruction is only executed if the result of logic operation (RLO) at the input of the coil is "1". If current is flowing to the coil (RLO is "1"), the structure components of the timer in the specified data block are reset to "0". If the RLO at the input of the instruction is "0", the timer remains unchanged. The instruction does not influence the RLO. The RLO at the input of the coil is sent directly to the output of the coil. You assign the "Reset timer" instruction an IEC timer that has been declared in the program. The instruction data is updated only when the instruction is called and not each time the assigned IEC timer is accessed. Querying the data is only identical from the call of the instruction to the next call of the instruction. Parameters The following table shows the parameters of the "Reset timer" instruction": Parameter Declaration <IEC timer> Data type Output S7-1200 S7-1500 IEC_TIMER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME, TOF_TIME, TOF_LTIME, TONR_TIME, TONR_LTIME Memory area Description D, L IEC timer that is reset. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 721B'% 721 7,0( 7DJB,QSXWB 7DJB37 7DJB6WDWXV ,1 4 37 (7 7DJB(7 The "Generate on-delay" instruction executes when the signal state of the "Tag_Input_1" operand changes from "0" to "1". The timer stored in the "TON_DB" instance data block starts running for the time duration specified by operand "Tag_PT". 2482 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 7DJB,QSXWB 7DJB,QSXWB 721B'% 57 If operands "Tag_Input_2" and "Tag_Input_3" have the signal state "1", the "Reset timer" instruction is executed and the timer stored in the "TON_DB" data block. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ---( PT )---: Load time duration (S7-1200, S7-1500) Description You can use the "Load time duration" instruction to set the time for an IEC timer. The instruction is executed in every cycle when the result of logic operation (RLO) at the input of the instruction has the signal state "1". The instruction writes the specified time to the structure of the specified IEC timer. Note If the specified IEC timer is running while the instruction executes, the instruction overwrites the current time of the specified IEC timer. This can change the timer status of the IEC timer. You assign an IEC timer declared in the program to the "Load time duration" instruction. The instruction data is updated only when the instruction is called and each time the assigned IEC timer is accessed. The query on Q or ET (for example, "MyTimer".Q or "MyTimer".ET) updates the IEC_TIMER structure. WinCC Advanced V14 System Manual, 10/2016 2483 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Load time duration" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description <Time dura tion> Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC timer runs. <IEC timer> Output IEC_TIMER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME, TOF_TIME, TOF_LTIME, TONR_TIME, TONR_LTIME D, L IEC timer, the duration of which is set. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 721B'% 721 7,0( 7DJB,QSXWB 7DJB37 7DJB6WDWXV ,1 4 37 (7 7DJB(7 The "Generate on-delay" instruction executes when the signal state of the "Tag_Input_1" operand changes from "0" to "1". The IEC timer stored in the instance data block "TON_DB" is started with the time duration that is specified by the operand "Tag_PT". 7DJB,QSXWB 721B'% 37 7DJB37B The "Load time duration" instruction is executed when the operand "Tag_Input_2" has the signal state "1". The instruction writes the time duration "Tag_PT_2" in the instance data block "TON_DB" and at the same time overwrites the value of the operand "Tag_PT" within the data block. The signal state of the timer status may therefore change at the next query or when "MyTimer".Q or "MyTimer".ET are accessed. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2484 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Legacy (S7-1500) S_PULSE: Assign pulse timer parameters and start (S7-1500) Description The "Assign pulse timer parameters and start" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV) as soon as the signal state at input S is "1". If the signal state at input S changes to "0" before the programmed duration expires, the timer is stopped. In this case, the signal state at output Q is "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is output BI-coded at output BI and BCD-coded at output BCD. If the timer is running and the signal state at input R changes to "1" then the current time value and the time base are also set to zero. If the timer is not running, the signal state "1" at the R input has no effect. The "Assign pulse timer parameters and start" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. The instruction data is updated at every access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". WinCC Advanced V14 System Manual, 10/2016 2485 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Assign pulse timer parameters and start": Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L TV Input S5TIME, WORD I, Q, M, D, L or con Preset time value stant Start input R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (BI-coded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L Status of the timer You can find additional information on valid data types under "See also". 2486 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the instruction "Assign pulse timer parameters and start": W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: 7LPHUB 7DJ,QB 7DJ,QB1XPEHU 7DJ,QB 6B38/6( 7DJ2XW 6 4 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 5 The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number" as long as the operand "TagIn_1" has the signal state "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer "Timer_1" is stopped. The operand "TagOut" is reset to "0" in this case. WinCC Advanced V14 System Manual, 10/2016 2487 Programming the PLC 11.4 Instructions The operand "TagOut" has the signal state "1" as long as the timer is running and the operand "TagIn_1" has the signal state "1". When the timer expires or is reset, the operand "TagOut" is reset to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_PEXT: Assign extended pulse timer parameters and start (S7-1500) Description The "Assign extended pulse timer parameters and start" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV), even if the signal state at input S changes to "0". As long as the timer is running, the output Q has the signal state "1". When the timer expires, the output Q is reset to "0". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is restarted with the duration programmed at input TV. The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is output BI-coded at output BI and BCD-coded at output BCD. If the timer is running and the signal state at input R changes to "1" then the current time value and the time base are also set to zero. If the timer is not running, the signal state "1" at the R input has no effect. The "Assign extended pulse timer parameters and start" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. The instruction data is updated at every access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". 2488 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Assign extended pulse timer parameters and start": Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L TV Input S5TIME, WORD I, Q, M, D, L or con Preset time value stant Start input R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (BI-coded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L Status of the timer You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2489 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign extended pulse timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHULVUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPHU Example The following example shows how the instruction works: 7LPHUB 7DJ,QB 7DJ,QB1XPEHU 7DJ,QB 6B3(;7 7DJ2XW 6 4 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 5 The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number" without being affected by a negative edge at input S. If the signal state of the operand "TagIn_1" changes from "0" to "1" before the timer expires, the timer is restarted. 2490 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The operand "TagOut" has the signal state "1" as long as the timer is running. When the timer expires or is reset, the operand "TagOut" is reset to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_ODT: Assign on-delay timer parameters and start (S7-1500) Description The "Assign on-delay timer parameters and start" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV) as soon as the signal state at input S is "1". If the timer expires correctly and input S still has signal state "1" then output Q returns signal state "1". If the signal state at input S changes from "1" to "0" while the timer is running, the timer is stopped. In this case, output Q is reset to signal state "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is output BI-coded at output BI and BCD-coded at output BCD. If the time is running and the signal state at input R changes from "0" to "1" then the current time value and the time base are also set to zero. In this case, the signal state at output Q is "0". The timer is reset if the signal state is "1" at the R input even if the timer is not running and the RLO at input S is "1". Specify the timer of the instruction in the placeholder above the box. The timer must be declared with the data type TIMER. The "Assign on-delay timer parameters and start" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. The instruction data is updated at every access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". WinCC Advanced V14 System Manual, 10/2016 2491 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign on-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L TV Input S5TIME, WORD I, Q, M, D, L or con Preset time value stant Start input R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (BI-coded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L Status of the timer You can find additional information on valid data types under "See also". Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign on-delay timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHULVUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPHU 2492 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7LPHUB 7DJ,QB 7DJ,QB1XPEHU 7DJ,QB 6B2'7 7DJ2XW 6 4 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 5 The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number". If the timer expires and the operand has the signal state "1", the operand "TagOut" is set to "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer is stopped. The operand "TagOut" has the signal state "0" in this case. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_ODTS: Assign retentive on-delay timer parameters and start (S7-1500) Description The "Assign retentive on-delay timer parameters and start" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV), even if the signal state at input S changes to "0". If the timer expires, the "Q" output returns signal state "1" regardless of the signal state at input "S". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is restarted with the duration programmed at input (TV). The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is output BI-coded at output BI and BCD-coded at output BCD. Signal state "1" at input R resets the current time value and time base to "0" regardless of the signal state at start input S. In this case, the signal state at output Q is "0". The "Assign retentive on-delay timer parameters and start" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. WinCC Advanced V14 System Manual, 10/2016 2493 Programming the PLC 11.4 Instructions The instruction data is updated at every access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the "Assign retentive on-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L or con Preset time value stant R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (BI-coded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L Status of the timer You can find additional information on valid data types under "See also". 2494 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign retentive on-delay timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHULVUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPHU Example The following example shows how the instruction works: 7LPHUB 7DJ,QB 7DJ,QB1XPEHU 7DJ,QB 6B2'76 7DJ2XW 6 4 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 5 The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number", even if the signal state of the operand "TagIn_1" changes to "0". When the timer expires, the operand "TagOut" is set to "1". If the signal state of the operand "TagIn_1" changes from "0" to "1" while the timer is running, the timer is restarted. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2495 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_OFFDT: Assign off-delay timer parameters and start (S7-1500) Description The "Assign off-delay timer parameters and start" instruction starts a programmed timer when a change from "1" to "0" (negative signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV). As long as the timer is running or input S returns signal state "1", then output Q has signal state "1". When the timer expires and the signal state at input S is "0", output Q is reset to the signal state "0". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is stopped. The timer is only restarted after a falling signal edge is detected at input S. The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is output BI-coded at output BI and BCD-coded at output BCD. Signal state "1" at input R resets the current time value and time base to "0". In this case, the signal state at output Q is "0". The "Assign off-delay timer parameters and start" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. The instruction data is updated at every access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the "Assign off-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S 2496 Input BOOL I, Q, M, D, L Start input WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area TV Input S5TIME, WORD I, Q, M, D, L or con Preset time value stant Description R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (BI-coded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L Status of the timer You can find additional information on valid data types under "See also". Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign off-delay timer parameters and start" instruction: W W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHULVUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPHU WinCC Advanced V14 System Manual, 10/2016 2497 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7LPHUB 7DJ,QB 7DJ,QB1XPEHU 7DJ,QB 6B2))'7 7DJ2XW 6 4 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 5 The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "1" to "0". The timer expires with the time value of the operand "TagIn_Number". The operand "TagOut" is set to "1" when the timer is running and when the operand "TagIn_1" has the signal state "0". If the signal state of the operand "TagIn_1" changes from "0" to "1" while the timer is running, the timer is reset. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SP ): Start pulse timer (S7-1500) Description The "Start pulse timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO). The timer runs with the specified duration as long as the RLO has the signal state "1". As long as the timer is running, the query of timer status "1" returns the signal state "1". If there is a change from "1" to "0" in the RLO before the time value has elapsed, the timer stops. In this case, the querying of the timer status for "1" returns the signal state "0". The duration is made up internally of a time value and a time base. When the instruction is started, the programmed time value is counted down to zero. The time base indicates the time period with which the time value is changed. 2498 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The "Start pulse timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the instruction "Start pulse timer": Parameters Declaration Data type Memory area Description <Time dura tion> Input S5TIME, WORD I, Q, M, D, L or con Duration with which the timer stant expires. <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 1HWZRUN 7DJ,QB 7LPHUB 63 7DJ,QB1XPEHU 7LPHUB 7DJ2XW 7DJ,QB 7LPHUB 5 1HWZRUN "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the time value of the "TagIn_Number" operand as long as the signal state of the "TagIn_1" operand is "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer is stopped. As long as the timer is running, the "TagOut" operand returns signal state "1". A signal state change of the operand "TagIn_2" from "0" to "1" resets the timer, which stops the timer and sets the current time value to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2499 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SE ): Start extended pulse timer (S7-1500) Description The "Start extended pulse timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO). The timer runs for the specified time period even when the RLO changes to signal state "0". As long as the timer is running, the query of timer status "1" returns the signal state "1". If the RLO changes from "0" to "1" while the timer is running, the timer is restarted with the programmed time period. The querying of the timer status for "1" returns the signal state "0" when the timer expires. The duration is made up internally of a time value and a time base. When the instruction is started, the programmed time value is counted down to zero. The time base indicates the time period with which the time value is changed. The "Start extended pulse timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the "Start extended pulse timer" instruction: Parameters Declaration Data type Memory area Description <Time dura tion> Input S5TIME, WORD I, Q, M, D, L or con Duration with which the timer stant expires. <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". 2500 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN 1HWZRUN 7DJ,QB 7LPHUB 6( 7DJ,QB1XPEHU 7LPHUB 7DJ2XW 7DJ,QB 7LPHUB 5 1HWZRUN "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number" without being affected by a negative signal edge in the RLO. As long as the timer is running, the "TagOut" operand returns signal state "1". If the signal state of the operand "TagIn_1" changes again from "0" to "1" before the timer expires, the timer is restarted. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SD ): Start on-delay timer (S7-1500) Description The "Start on-delay timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO). The timer runs for the specified duration as long as the RLO is "1". If the timer expires and the RLO still has the signal state "1", the query of the timer status for "1" returns the signal state "1". If the RLO changes from "1" to "0" while the timer is running, the timer is stopped. In this case, the querying of the timer status for "1" returns the signal state "0". The duration is made up internally of a time value and a time base. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. WinCC Advanced V14 System Manual, 10/2016 2501 Programming the PLC 11.4 Instructions The "Start on-delay timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the "Start on-delay timer" instruction: Parameters Declaration Data type Memory area Description <Time dura tion> Input S5TIME, WORD I, Q, M, D, L or con Duration with which the timer stant expires. <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 1HWZRUN 7DJ,QB 7LPHUB 6' 7DJ,QB1XPEHU 7LPHUB 7DJ2XW 7DJ,QB 7LPHUB 5 1HWZRUN The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number". If the timer expires and the RLO has the signal state "1", the operand "TagOut" is set to "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer is stopped. If the signal state of the operand "TagIn_2" is "1", the timer "Timer_1" is reset, which stops the timer and sets the current time value to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2502 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SS ): Start retentive on-delay timer (S7-1500) Description The "Start retentive on-delay timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO). The timer expires with the specified duration, even if the RLO changes to the signal state "0". When the timer expires, the querying of the timer status for "1" returns the signal state "1". After expiry of the timer, the timer can only be restarted if it is explicitly reset. The duration is made up internally of a time value and a time base. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The "Start retentive on-delay timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the "Start retentive on-delay timer" instruction: Parameters Declaration Data type Memory area Description <Time dura tion> Input S5TIME, WORD I, Q, M, D, L or con Duration with which the timer stant expires. <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2503 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN 1HWZRUN 7DJ,QB 7LPHUB 66 7DJ,QB1XPEHU 7LPHUB 7DJ2XW 7DJ,QB 7LPHUB 5 1HWZRUN The timer "Timer_1" is started when the signal state of the operand "TagIn_1" changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number". When the timer expires, the operand "TagOut" is set to "1". If the signal state of the operand "TagIn_1" changes from "0" to "1" while the timer is running, the timer is restarted. If the signal state of the operand "TagIn_2" is "1", the timer "Timer_1" is reset, which stops the timer and sets the current time value to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SF ): Start off-delay timer (S7-1500) Description The "Start off-delay timer" instruction starts a programmed timer when a change from "1" to "0" (negative signal edge) is detected in the result of logic operation (RLO). The timer expires with the specified duration. As long as the timer is running, the query of timer status "1" returns the signal state "1". If the RLO changes from "0" to "1" while the timer is running, the timer is reset. The timer is always restarted when the RLO changes from "1" to "0". The duration is made up internally of a time value and a time base. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The queries of the timer status for "1" return the query result "1" if the signal state of the result of logic operation is "1" at the execution of the instruction. If the RLO is "0", queries of the timer status for "1" return the query result "0". 2504 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The "Start off-delay timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. For an example of how a time cell can be structured, refer to See also "L: Load timer value". Parameters The following table shows the parameters of the instruction "Start off-delay timer": Parameters Declaration Data type Memory area Description <Time dura tion> Input S5TIME, WORD I, Q, M, D, L or con Duration with which the timer stant expires. <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 1HWZRUN 7DJ,QB 7LPHUB 6) 7DJ,QB1XPEHU 7LPHUB 7DJ2XW 7DJ,QB 7LPHUB 5 1HWZRUN "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "1" to "0". The timer expires with the time value of the operand "TagIn_Number". As long as the timer is running, the "TagOut" operand is set to "1". If the signal state at the "TagIn_1" operand changes from "1" to "0" while the timer is running, the timer is restarted. If the signal state of the "TagIn_2" operand is "1", "Timer_1" is reset, i.e. the timer is stopped and the current time value is set to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2505 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Counter operations (S7-1200, S7-1500) CTU: Count up (S7-1200, S7-1500) Description You can use the "Count up" instruction to increment the value at output CV. When the signal state at the CU input changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value at the CV output is incremented by one. The counter value is incremented each time a positive signal edge is detected, until it reaches the high limit for the data type specified at the output CV. When the high limit is reached, the signal state at the CU input no longer has an effect on the instruction. You can query the counter status in the Q output. The signal state at the Q output is determined by the PV parameter. If the current counter value is greater than or equal to the value of the PV parameter, the Q output is set to signal state "1". In all other cases, the Q output has signal state "0". The value at the CV output is reset to zero when the signal state at input R changes to "1". As long as the R input has signal state "1", the signal state at the CU input has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER 2506 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTU_LINT / CTU_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTU_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count up" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Count up" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 Description CU Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Count input R Input BOOL I, Q, M, D, L, P or constant I, Q, M, T, C, D, L, P or constant Reset input PV Input Integers I, Q, M, D, L, P or constant I, Q, M, D, L, Value at which P or constant the output Q is set. Q Output BOOL I, Q, M, D, L I, Q, M, D, L CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Counter status Current counter value You can select the data type of the instruction from the "???" drop-down list of the instruction box. WinCC Advanced V14 System Manual, 10/2016 2507 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: &78B'% &78 7DJ,QB 7DJ,QB 7DJB39 ,17 &8 4 5 &9 7DJ2XW 7DJB&9 39 When the signal state of the "TagIn_1" operand changes from "0" to "1", the "Count up" instruction is executed and the current counter value of the "Tag_CV" operand is incremented by one. With each additional positive signal edge, the counter value is incremented until the high limit of the data type (INT = 32767) is reached. The value of the PV parameter is adopted as the limit for determining the "TagOut" output. The "TagOut" output has signal state "1" as long as the current counter value is greater than or equal to the value of the "Tag_PV" operand. In all other cases, the "TagOut" output has signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Setting the retentivity of local tags (Page 4527) Setting retentivity in an instance data block (Page 4566) Basic information on LAD (Page 4634) Memory areas (Page 944) CTD: Count down (S7-1200, S7-1500) Description You can use the "Count down" instruction to decrement the value at output CV. When the signal state at the CD input changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value at the CV output is decremented by one. Each time a positive signal edge is detected, the counter value is decremented until it reaches the low limit of the specified data type. When the low limit is reached, the signal state at the CD input no longer has an effect on the instruction. You can query the counter status in the Q output. If the current counter value is less than or equal to zero, the Q output is set to signal state "1". In all other cases, the Q output has signal state "0". 2508 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The value at the CV output is set to the value of the PV parameter when the signal state at the LD input changes to "1". As long as the LD input has signal state "1", the signal state at the CD input has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTD_LINT / CTD_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTD_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2509 Programming the PLC 11.4 Instructions When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count down" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Count down" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 I, Q, M, D, L or constant Description CD Input BOOL I, Q, M, D, L or constant Count input LD Input BOOL I, Q, M, D, L, I, Q, M, T, C, P or constant D, L, P or constant PV Input Integers I, Q, M, D, L, I, Q, M, D, L, Value to which the P or constant P or constant CV output is set with LD = 1. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Current counter val ue Load input You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: &7'B'% &7' 7DJ,QB 7DJ,QB 7DJB39 ,17 &' 4 /' &9 7DJ2XW 7DJB&9 39 When the signal state of the "TagIn_1" operand changes from "0" to "1", the instruction is executed and the value at the "Tag_CV" output is decremented by one. With each additional positive signal edge, the counter value is decremented until the low limit of the specified data type (INT = -32768) is reached. The "TagOut" output has signal state "1" as long as the current counter value is less than or equal to zero. In all other cases, the "TagOut" output has signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2510 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Setting the retentivity of local tags (Page 4527) Basic information on LAD (Page 4634) Memory areas (Page 944) CTUD: Count up and down (S7-1200, S7-1500) Description You can use the "Count up and down" instruction to increment and decrement the counter value at the CV output. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one and stored at the CV output. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the counter value at the CV output is decremented by one. If there is a positive signal edge at the CU and CD inputs in one program cycle, the current counter value at the CV output remains unchanged. The counter value can be incremented until it reaches the high limit of the data type specified at the CV output. When the high limit is reached, the counter value is no longer incremented on a positive signal edge. The counter value is no longer decremented once the low limit of the specified data type has been reached. When the signal state at the LD input changes to "1", the counter value at the CV output is set to the value of the PV parameter. As long as the LD input has signal state "1", the signal state at the CU and CD inputs has no effect on the instruction. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has signal state "1", a change in the signal state of the CU, CD and LD inputs has no effect on the "Count up and down" instruction. You can query the status of the up counter at the QU output. If the current counter value is greater than or equal to the value of the PV parameter, the QU output is set to signal state "1". In all other cases, the QU output has signal state "0". You can query the status of the down counter at the QD output. If the current counter value is less than or equal to zero, the QD output is set to signal state "1". In all other cases, the QD output has signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up and down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: WinCC Advanced V14 System Manual, 10/2016 2511 Programming the PLC 11.4 Instructions For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTUD_LINT / CTUD_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTUD_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count up and down" instruction requires a preceding logic operation. It can be placed within or at the end of the network. 2512 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Count up and down" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description CU Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Count up input CD Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Count down input R Input BOOL I, Q, M, D, L, I, Q, M, T, C, P or constant D, L, P or constant Reset input LD Input BOOL I, Q, M, D, L, I, Q, M, T, C, P or constant D, L, P or constant Load input PV Input Integers I, Q, M, D, L, I, Q, M, D, L, Value at which the P or constant P or constant QU output is set / value to which the CV output is set when LD = 1. QU Output BOOL I, Q, M, D, L I, Q, M, D, L Status of the up counter QD Output BOOL I, Q, M, D, L I, Q, M, D, L Status of the down counter CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Current counter val ue You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: &78'B'% &78' ,17 7DJ,QB 7DJ2XW &8 48 &' 4' 7DJ2XWB4' 5 &9 7DJB&9 7DJ,QB 7DJ,QB 7DJ,QB /' 7DJB39 39 If the signal state at the "TagIn_1" or "TagIn_2" input changes from "0" to "1" (positive signal edge), the "Count up and down" instruction is executed. When there is a positive signal edge at the "TagIn_1" input, the current counter value is incremented by one and stored at the "Tag_CV" output. When there is a positive signal edge at the "TagIn_2" input, the counter value WinCC Advanced V14 System Manual, 10/2016 2513 Programming the PLC 11.4 Instructions is decremented by one and stored at the "Tag_CV" output. When there is a positive signal edge at the CU input, the counter value is incremented until it reaches the high limit of 32767. If input CD has a positive signal edge, the counter value is decremented until it reaches the low limit of INT = -32768. The "TagOut" output has signal state "1" as long as the current counter value is greater than or equal to the value at the "Tag_PV" input. In all other cases, the "TagOut" output has signal state "0". The "TagOut_QD" output has signal state "1" as long as the current counter value is less than or equal to zero. In all other cases, the "TagOut_QD" output has signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Setting the retentivity of local tags (Page 4527) Example of detecting the fill level of a storage area (Page 4685) Basic information on LAD (Page 4634) Memory areas (Page 944) Legacy (S7-1500) S_CU: Assign parameters and count up (S7-1500) Description You can use the "Assign parameters and count up" instruction to increment the value of a counter. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. The current counter value is output as a hexadecimal value at output CV and BCD-coded at output CV_BCD. The counter value can be incremented until the limit of "999" is reached. When the limit is reached, the counter value is no longer incremented on a positive signal edge. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO at input CU is "1", the counter will count accordingly in the next scan cycle, even when no change has been detected in the signal edge. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CU and S inputs has no effect on the counter value. 2514 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count up" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Assign parameters and count up" instruction: Parameters Declaration Data type Memory area Description <Counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. CU Input BOOL I, Q, M, D, L Count up input S Input BOOL I, Q, M, D, L, T, C or constant Input for presetting counter PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input BI Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&8 7DJ,QB &8 7DJ2XW 4 7DJ,QB 6 7DJ3UHVHW9DOXH 7DJ,QB WinCC Advanced V14 System Manual, 10/2016 39 5 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB 2515 Programming the PLC 11.4 Instructions When the signal state at the "TagIn_1" input changes from "0" to "1" (positive signal edge) and the current counter value is less than "999", the counter value is incremented by one. When the signal state at input "TagIn_2" changes from "0" to "1", the counter value is set to the value of the operand "TagPresetValue". The counter value is reset to "0" when the "TagIn_3" operand has signal state "1". The current counter value is saved as a hexadecimal value in the operand "TagValue_1" and BCD-coded in the operand "TagValue_2". The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_CD: Assign parameters and count down (S7-1500) Description You can use the "Assign parameters and count down" instruction to decrement the value of a counter. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the counter value is decremented by one. The current counter value is output as a hexadecimal value at output CV and BCD-coded at output CV_BCD. The counter value is decremented until the low limit of "0" is reached. When the low limit is reached, the counter value is no longer decremented on a positive signal edge. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO at input CD is "1", the counter will count accordingly in the next scan cycle, even when no change has been detected in the signal edge. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CD and S inputs has no effect on the counter value. The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count down" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. 2516 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign parameters and count down" instruction: Parameters Declaration Data type Memory area Description <Counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. CD Input BOOL I, Q, M, D, L or con Count down input stant S Input BOOL I, Q, M, D, L, T, C or constant PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input BI Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter Input for presetting counter You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&' 7DJ,QB &' 7DJ2XW 4 7DJ,QB 6 7DJ3UHVHW9DOXH 7DJ,QB 39 5 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB When the signal state at the "TagIn_1" input changes from "0" to "1" (positive signal edge) and the current counter value is greater than "0", the counter value is decremented by one. When the signal state at input "TagIn_2" changes from "0" to "1", the counter value is set to the value of the operand "TagPresetValue". The counter value is reset to "0" when the "TagIn_3" operand has signal state "1". The current counter value is saved as a hexadecimal value in the operand "TagValue_1" and BCD-coded in the operand "TagValue_2". The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". WinCC Advanced V14 System Manual, 10/2016 2517 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) S_CUD: Assign parameters and count up / down (S7-1500) Description You can use the "Assign parameters and count up / down" instruction to increment or decrement the value of a counter. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the counter value is decremented by one. The current counter value is output as a hexadecimal value at output CV and BCDcoded at output CV_BCD. If there is a positive signal edge at the CU and CD inputs in one program cycle, the counter value remains unchanged. The counter value can be incremented until the high limit of "999" is reached. When the high limit value is reached, the counter value is no longer incremented on a positive signal edge. When the low limit "0" is reached, the counter value is not decremented any further. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO is "1" at the inputs CU and CD, the counter counts accordingly in the next scan cycle, even if no change in the signal edge was detected. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CU, CD and S inputs has no effect on the counter value. The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count up / down" instruction requires a preceding logic operation for edge evaluation and can be placed within or at the end of the network. 2518 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign parameters and count up / down" instruction: Parameters Declaration Data type Memory area Description <Counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. CU Input BOOL I, Q, M, D, L Count up input CD Input BOOL I, Q, M, D, L, T, C or constant Count down input S Input BOOL I, Q, M, D, L, T, C or constant Input for presetting counter PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input BI Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&8' 7DJ,QB &8 7DJ,QB 7DJ,QB 7DJ3UHVHW9DOXH 7DJ2XW 4 &' 6 39 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB 7DJ,QB 5 If the signal state at the "TagIn_1"" or "TagIn_2" input changes from "0" to "1" (positive signal edge), the "Assign parameters and count up / down" instruction is executed. When there is a positive signal edge at the "TagIn_1" input and the current counter value is less than "999", the counter value is incremented by one. When there is a positive signal edge at the "TagIn_2" input and the current counter value is greater than "0", the counter value is decremented by one. WinCC Advanced V14 System Manual, 10/2016 2519 Programming the PLC 11.4 Instructions When the signal state at input "TagIn_3" changes from "0" to "1", the counter value is set to the value of the operand "TagPresetValue". The counter value is reset to "0" when the "TagIn_4" operand has signal state "1". The current counter value is saved as a hexadecimal value in the operand "TagValue_1" and BCD-coded in the operand "TagValue_2". The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( SC ): Set counter value (S7-1500) Description You can use the "Set counter value" instruction to set the value of a counter. The instruction is executed when the result of logic operation (RLO) at the input changes from "0" to "1". When the instruction is executed, the counter is set to the specified counter value. The "Set counter value" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Parameters The following table lists the parameters of the "Set counter value" instruction: Parameters Declaration Data type Memory area Description <Count val ue> Input WORD I, Q, M, D, L or con Value with which the counter stant is preset in the BCD format. (C#0 to C#999) <Counter> InOut/Input COUNTER C Counter that is preset. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 2520 &RXQWHUB 6& & WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions the counter "Counter_1" starts with the value "100" when the signal state of the "TagIn" operand changes from "0" to "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( CU ): Count up (S7-1500) Description With the "Count up" instruction you can increment the value of the specified counter by one if there is a positive signal edge in the result of logic operation (RLO). The counter value can be incremented until the limit of "999" is reached. When the limit is reached, the counter value is no longer incremented on a positive signal edge. The "Count up" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Parameters The following table shows the parameters of the "Count up" instruction: Parameters Declaration Data type Memory area Description <Counter> InOut/Input COUNTER C Counter whose value is incre mented. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 7DJ,QB &RXQWHUB 6& & 1HWZRUN 7DJ,QB &RXQWHUB &8 1HWZRUN 7DJ,QB &RXQWHUB 5 WinCC Advanced V14 System Manual, 10/2016 2521 Programming the PLC 11.4 Instructions When the signal state of the "TagIn_1" operand changes from "0" to "1" (positive signal edge), the counter "Counter_1" is preset with the value "100". The value of the counter "Counter_1" is incremented by one when the signal state of the operand "TagIn_2" changes from "0" to "1". When the operand "TagIn_3" has the signal state "1", the value of the counter "Counter_1" is reset to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) ---( CD ): Count down (S7-1500) Description With the "Count down" instruction you can increment the value of the specified counter by one if there is a positive signal edge in the result of logic operation (RLO). The counter value can be decremented until the limit of "0" is reached. When the limit is reached, the counter value is no longer changed on a positive signal edge. The "Count down" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Parameters The following table shows the parameters of the "Count down" instruction: Parameters Declaration Data type Memory area Description <Counter> InOut/Input COUNTER C Counter whose value is de cremented. You can find additional information on valid data types under "See also". 2522 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN 7DJ,QB &RXQWHUB 6& & 1HWZRUN 7DJ,QB &RXQWHUB &' 1HWZRUN 7DJ,QB &RXQWHUB 5 When the signal state of the "TagIn_1" operand changes from "0" to "1" (positive signal edge), the counter "Counter_1" is preset with the value "100". The value of the counter "Counter_1" is decremented by one when the signal state of the operand "TagIn_2" changes from "0" to "1". When the operand "TagIn_3" has the signal state "1", the value of the counter "Counter_1" is reset to "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Comparator operations (S7-1200, S7-1500) CMP ==: Equal (S7-1200, S7-1500) Description You can use the "Equal" instruction to determine if a first comparison value (<Operand1>) is equal to a second comparison value (<Operand2>). If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. WinCC Advanced V14 System Manual, 10/2016 2523 Programming the PLC 11.4 Instructions If IEC check is enabled, the operands to be compared must be of the same data type. If IEC check is not enabled, the width of the operands must be the same. Comparison of floating-point numbers If you want to compare the data types REAL or LREAL, then instead of the instruction "CMP ==: Equal" we recommend using the instruction "IN_RANGE: Value within range". When floating-point numbers are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. The special bit patterns of invalid floating-point numbers (NaN) that are the outcome of undefined results (e.g. root of -1) are not comparable. This means that if one of the operands has the value NaN, the instruction "CMP ==: Equal" has the result FALSE. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'AA' 'AA' 1 'Hello World' 'HelloWorld' 0 'AA' 'aa' 0 'aa' 'aaa' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time Bit patterns of invalid timers, date and times, e.g. DT#2015-13-33-25:62:99.999_999_999, cannot be compared. This means that if one of the operands has an invalid value, the instruction "CMP ==: Equal" has the result FALSE. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of hardware data types To be able to compare the operands of the PORT data type, you need to select the WORD data type from the drop-down list in the instruction box. 2524 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If you want to compare the two hardware data types HW_IO and HW_DEVICE, you must first create a tag of data type HW_ANY in the section "Temp" of the block interface and then copy the LADDR (of data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. Comparison of structures Note Availability of comparison of structures The option to compare structures is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. You can compare the values of two structured operands when both tags are of the same structure data type. When structures are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. An exception is comparisons in which one of the two operands is a VARIANT or an ANY. If the data type is not yet known when the program is created, you can use the VARIANT data type. In this case you can also compare the operand with a structured tag of any data type. You can also compare two tags of the data type VARIANT or ANY with each other. You can select the data type VARIANT for the comparison of structures from the drop-down list in the instruction box. The following data types are possible: PLC data type STRUCT Tag to which ANY is pointing Tag to which VARIANT is pointing The following requirements must be met to compare two tags of the data type ARRAY with VARIANT selected: The elements must each have the same data type. The two ARRAYs must have the same dimension. All dimensions must have the same number of elements. The exact ARRAY limits do not have to match. Note ARRAY of BOOL When you compare two operands of the data type ARRAY of BOOL with each other, you have selected the data type VARIANT from the drop-down list, and the number of elements cannot be divided by 8, the fill bits are compared as well. This may affect the comparison result. If an element within the structures that you want to compare is an invalid STRING/WSTRING, an invalid time or date or an invalid floating-point number, the comparison result in the RLO (result of logic operation) will return the signal state "0". WinCC Advanced V14 System Manual, 10/2016 2525 Programming the PLC 11.4 Instructions The table below shows an example of a comparison of structures: <Operand1> <Operand2> Tag of data type A <PLC data type> BOOL Tag value FALSE INT 2 Tag of data type A <PLC data type> RLO of the instruc tion Tag of data type A <PLC data type> BOOL 2 Tag of data type B <PLC data type> Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 Tag of data type A <PLC data type> Tag value 1 FALSE INT Tag value Tag value VARIANT (supplied with tag of data type A) 0 Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 1 When two anonymous structures are compared, the comparison result returns the signal state "0", except when the anonymous structures are elements of the same ARRAY. Parameters The following table shows the parameters of the instruction "Equal": Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type Second value to compare As detailed above, the data types ARRAY, STRUCT, VARIANT, ANY and PLC data type are only available as of firmware version 2.0 or 4.2. 2526 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" = "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) CMP <>: Not equal (S7-1200, S7-1500) Description You can use the "Not equal" instruction to determine if a first comparison value (<Operand1>) is not equal to a second comparison value (<Operand2>). If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. If IEC check is enabled, the operands to be compared must be of the same data type. If IEC check is not enabled, the width of the operands must be the same. WinCC Advanced V14 System Manual, 10/2016 2527 Programming the PLC 11.4 Instructions Comparison of floating-point numbers If you want to compare the data types REAL or LREAL, then instead of the instruction "CMP <>: Not equal" we recommend using the instruction "OUT_RANGE: Value outside range". If floating-point numbers are being compared, the operands to be compared must be of the same data type regardless of the IEC check setting. The special bit patterns of invalid floating-point numbers (NaN) that are the outcome of undefined results (e.g. root of -1) are not comparable. This means that if one of the operands has the value NaN, the instruction "CMP <>: Not equal" has the result FALSE. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'AA' 'aa' 1 'Hello World' 'HelloWorld' 1 'AA' 'AA' 0 'aa' 'aaa' 1 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time Bit patterns of invalid timers, date and times, e.g. DT#2015-13-33-25:62:99.999_999_999, cannot be compared. This means that if one of the operands has an invalid value, the instruction "CMP <>: Not equal" has the result FALSE. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of hardware data types To be able to compare the operands of the PORT data type, you need to select the WORD data type from the drop-down list in the instruction box. If you want to compare the two hardware data types HW_IO and HW_DEVICE, you must first create a tag of data type HW_ANY in the section "Temp" of the block interface and then copy the LADDR (of data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. 2528 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Comparison of structures Note Availability of comparison of structures The option to compare structures is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. You can compare the values of two structured operands when both tags are of the same structure data type. When structures are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. An exception is comparisons in which one of the two operands is a VARIANT or an ANY. If the data type is not yet known when the program is created, you can use the VARIANT data type. In this case you can also compare the operand with a structured tag of any data type. You can also compare two tags of the data type VARIANT or ANY with each other. You can select the data type VARIANT for the comparison of structures from the drop-down list in the instruction box. The following data types are possible: PLC data type STRUCT Tag to which ANY is pointing Tag to which VARIANT is pointing The following requirements must be met to compare two tags of the data type ARRAY with VARIANT selected: The elements must each have the same data type. The two ARRAYs must have the same dimension. All dimensions must have the same number of elements. The exact ARRAY limits do not have to match. Note ARRAY of BOOL When you compare two operands of the data type ARRAY of BOOL with each other, you have selected the data type VARIANT from the drop-down list, and the number of elements cannot be divided by 8, the fill bits are compared as well. This may affect the comparison result. If an element within the structures that you want to compare is an invalid STRING/WSTRING, an invalid time or date or an invalid floating-point number, the comparison result in the RLO (result of logic operation) will return the signal state "0". WinCC Advanced V14 System Manual, 10/2016 2529 Programming the PLC 11.4 Instructions The table below shows an example of a comparison of structures: <Operand1> <Operand2> Tag of data type A <PLC data type> BOOL Tag value FALSE INT 2 Tag of data type A <PLC data type> RLO of the instruc tion Tag of data type A <PLC data type> BOOL 2 Tag of data type B <PLC data type> Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 Tag of data type A <PLC data type> Tag value 0 FALSE INT Tag value Tag value VARIANT (supplied with tag of data type A) 1 Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 0 When two anonymous structures are compared, the comparison result returns the signal state "0", except when the anonymous structures are elements of the same ARRAY. Parameters The following table shows the parameters of the "Not equal" instruction: Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type Second value to compare As detailed above, the data types ARRAY, STRUCT, VARIANT, ANY and PLC data type are only available as of firmware version 2.0 or 4.2. 2530 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ! ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" <> "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) CMP >=: Greater or equal (S7-1200, S7-1500) Description You can use the "Greater or equal" instruction to determine if a first comparison value (<Operand1>) is greater than or equal to a second comparison value (<Operand2>). Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. WinCC Advanced V14 System Manual, 10/2016 2531 Programming the PLC 11.4 Instructions Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the longer string is considered greater. The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'BB' 'AA' 1 'AAA' 'AA' 1 'Hello World' 'Hello World' 1 'Hello World' 'HelloWorld' 0 'AA' 'aa' 0 'AAA' 'a' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time When time values are compared, the RLO of the instruction is "1" if the point of time at <Operand1> is greater (more recent) than or equal to the point of time at <Operand2>. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Greater or equal" instruction: Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2532 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ! ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" >= "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4685) Basic information on LAD (Page 4634) Memory areas (Page 944) CMP <=: Less or equal (S7-1200, S7-1500) Description You can use the "Less or equal" instruction to determine if a first comparison value (<Operand1>) is less than or equal to a second comparison value (<Operand2>). Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the shorter string is considered smaller. WinCC Advanced V14 System Manual, 10/2016 2533 Programming the PLC 11.4 Instructions The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'AA' 'aa' 1 'AAA' 'a' 1 'Hello World' 'Hello World' 1 'HelloWorld' 'Hello World' 0 'BB' 'AA' 0 'AAA' 'AA' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time When time values are compared, the RLO of the instruction is "1" if the point of time at <Operand1> is less (less recent) than or equal to the point of time at <Operand2>. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Less or equal" instruction: Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2534 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" <= "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) CMP >: Greater than (S7-1200, S7-1500) Description You can use the "Greater than" instruction to determine if a first comparison value (<Operand1>) is greater than a second comparison value (<Operand2>). Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the longer string is considered greater. WinCC Advanced V14 System Manual, 10/2016 2535 Programming the PLC 11.4 Instructions The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'BB' 'AA' 1 'AAA' 'AA' 1 'AA' 'aa' 0 'AAA' 'a' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time When time values are compared, the RLO of the instruction is "1" if the point of time at <Operand1> is greater (more recent) than the point of time at <Operand2>. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Greater than" instruction: Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2536 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ! ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" > "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) CMP <: Less than (S7-1200, S7-1500) Description You can use the "Less than" instruction to determine if a first comparison value (<Operand1>) is less than a second comparison value (<Operand2>). Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify the first comparison value (<Operand1>) at the operand placeholder above the instruction. Specify the second comparison value (<Operand2>) at the operand placeholder below the instruction. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the shorter string is considered smaller. WinCC Advanced V14 System Manual, 10/2016 2537 Programming the PLC 11.4 Instructions The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'AA' 'aa' 1 'AAA' 'a' 1 'BB' 'AA' 0 'AAA' 'AA' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time When time values are compared, the RLO of the instruction is "1" if the point of time at <Operand1> is less (less recent) than the point of time at <Operand2>. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Less than" instruction: Parameters Declaration Data type Memory area Description <Operand1> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value <Operand2> Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2538 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH ,17 7DJ2XW 6 7DJB9DOXH The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" < "Tag_Value2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4685) Basic information on LAD (Page 4634) Memory areas (Page 944) IN_RANGE: Value within range (S7-1200, S7-1500) Description You can use the "Value within range" instruction to query whether of the value at input VAL is within a specific value range. You specify the limits of the value range with the MIN and MAX inputs. The "Value within range" instruction compares the value at the VAL input with the values of the MIN and MAX inputs and sends the result to the box output. If the value at input VAL satisfies the comparison MIN <= VAL or VAL <=MAX, the box output has the signal state "1". If the comparison is not fulfilled, the box output has the signal state "0". If the box input has the signal state "0", the "Value within range" instruction is not executed. The comparison function can only execute if the values to be compared are of the same data type and the box input is interconnected. WinCC Advanced V14 System Manual, 10/2016 2539 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Value within range" instruction: Parameters Declaration Data type Memory area Description Box input Input BOOL I, Q, M, D, L Result of the previous logic operation MIN Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VAL Input Integers, floatingpoint numbers I, Q, M, D, L or con Comparison value stant MAX Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant Box output Output BOOL I, Q, M, D, L Result of the comparison You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB0LQ 7DJB9DOXH 7DJB0D[ ,1B5$1*( 5($/ 7DJ,QB 7DJ2XW 0,1 9$/ 0$; The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The value of the operand "Tag_Value" is within the value range that is specified by the current values of the operands "Tag_Min" and "Tag_Max" (MIN <= VAL or VAL <= MAX). The operand "TagIn_3" has the signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2540 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions OUT_RANGE: Value outside range (S7-1200, S7-1500) Description You can use the "Value outside range" instruction to query whether of the value at input VAL is outside a specific value range. You specify the limits of the value range with the MIN and MAX inputs. The "Value outside range" instruction compares the value at input VAL with the values of the inputs MIN and MAX and sends the result to the box output. If the value at input VAL satisfies the comparison MIN > VAL or VAL >MAX, the box output has the signal state "1". The box output also has the signal state "1" if a specified operand with the REAL data type shows an invalid value. The box output returns the signal state "0", if the value at input VAL does not satisfy the MIN > VAL or VAL > MAX condition. If the box input has the signal state "0", the "Value outside range" instruction is not executed. The comparison function can only execute if the values to be compared are of the same data type and the box input is interconnected. Parameters The following table shows the parameters of the "Value outside range" instruction: Parameters Declaration Data type Memory area Description Box input Input BOOL I, Q, M, D, L Result of the previous logic operation MIN Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VAL Input Integers, floatingpoint numbers I, Q, M, D, L or con Comparison value stant MAX Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant Box output Output BOOL I, Q, M, D, L Result of the comparison You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB0LQ 7DJB9DOXH 7DJB0D[ WinCC Advanced V14 System Manual, 10/2016 287B5$1*( 5($/ 7DJ,QB 7DJ2XW 0,1 9$/ 0$; 2541 Programming the PLC 11.4 Instructions The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The value of the operand "Tag_Value" is outside the value range that is specified by the values of the operands "Tag_Min" and "Tag_Max" (MIN > VAL or VAL > MAX). The operand "TagIn_3" has the signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ----I OK I----: Check validity (S7-1200, S7-1500) Description You can use the "Check validity" instruction to check if the value of an operand (<operand>) is a valid floating-point number. The query is started in each program cycle when the signal state at the input of the instruction is "1". The output of the instruction has signal state "1" when the value of the operand is a valid floating-point number at the time of the query and the input of the instruction has signal state "1". In all other cases, the signal state at the output of the "Check validity" instruction is "0". You can use the "Check validity" instruction together with the EN mechanism. If you connect the instruction box to an EN enable input, the enable input is set only when the result of the validity query of the value is positive. You can use this function to ensure that an instruction is enabled only when the value of the specified operand is a valid floating-point number. Parameters The following table shows the parameters of the "Check validity" instruction: Parameters Declaration Data type Memory area Description <Operand> Input Floating-point numbers I, Q, M, D, L Value to be queried. You can find additional information on valid data types under "See also". 2542 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJB9DOXH 2. 7DJB9DOXH 2. 08/ 5($/ (1 (12 7DJB9DOXH ,1 7DJB9DOXH ,1 287 7DJ2XW 7DJB5HVXOW When the values of the operands "Tag_Value1" and "Tag_Value2" show valid floating-point numbers, the "Multiply" instruction is executed. The value of operand "Tag_Value1" is multiplied by the value of operand "Tag_Value2". The product of the multiplication is then written in the operand "Tag_Result". If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ----I NOT_OK I----: Check invalidity (S7-1200, S7-1500) Description You can use the "Check invalidity" instruction to check if the value of an operand (<operand>) is an invalid floating-point number. The query is started in each program cycle when the signal state at the input of the instruction is "1". The output of the instruction has signal state "1" when the value of the operand is an invalid floating-point number at the time of the query and the input of the instruction has signal state "1". In all other cases, the signal state at the output of the "Check invalidity" instruction is "0". Parameters The following table shows the parameters of the instruction "Check invalidity": Parameters Declaration Data type Memory area Description <Operand> Input Floating-point numbers I, Q, M, D, L Value to be queried. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2543 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 029( 7DJ,QB9DOXH 127 127B2. 7DJ,QB9DOXH (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH When the value of operand "TagIn_Value" is an invalid floating-point number, the instruction "Move value" is not executed. The "TagOut" operand at the ENO enable output is set to the signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) VARIANT (S7-1200, S7-1500) EQ_Type: Compare data type for EQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type for EQUAL with the data type of a tag" instruction to query the data type of a tag to which a VARIANT points. You are comparing the data type of the tag (<Operand1>), which you declared in the block interface, with the data type of a tag (<Operand2>) for "Equal to". <Operand1> must have the VARIANT data type. <Operand2> can be an elementary data type or a PLC data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify <Operand1> at the operand placeholder above the instruction. Specify <Operand2> at the operand placeholder below the instruction. 2544 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP ==". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP ==: Equal (Page 2523) Parameters The following table shows the parameters of the "Compare data type for EQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not pos sible.) L (A declara First operand tion in the "Temp" sec tion of the block inter face is not possible.) <Operand1> Input VARIANT <Operand2> Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG (4B7\SH 7DJ2XW 6 7DJB2SHUDQG WinCC Advanced V14 System Manual, 10/2016 2545 Programming the PLC 11.4 Instructions The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand1 operand is equal to "Tag_Operand2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basic information on LAD (Page 4634) Memory areas (Page 944) NE_Type: Compare data type for UNEQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type for UNEQUAL with the data type of a tag" instruction to query which data type a tag to which a VARIANT points does not have. You are comparing the data type of the tag (<Operand1>), which you declared in the block interface, with the data type of a tag (<Operand2>) for "Not equal to". <Operand1> must have the VARIANT data type. <Operand2> can be an elementary data type or a PLC data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify <Operand1> at the operand placeholder above the instruction. Specify <Operand2> at the operand placeholder below the instruction. Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. 2546 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Comparison of structures For the comparison of structures, you can use the instruction "CMP <>". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP <>: Not equal (Page 2527) Parameters The following table shows the parameters of the "Compare data type for UNEQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not pos sible.) L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) <Operand1> Input VARIANT <Operand2> Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types Description First operand I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG 1(B7\SH 7DJ2XW 6 7DJB2SHUDQG The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand1 operand is not equal to "Tag_Operand2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) WinCC Advanced V14 System Manual, 10/2016 2547 Programming the PLC 11.4 Instructions Basic information on LAD (Page 4634) Memory areas (Page 944) EQ_ElemType: Compare data type of an ARRAY element for EQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type of an ARRAY element for EQUAL with the data type of a tag" instruction to query the data type of a tag to which a VARIANT points. You are comparing the data type of the tag (<Operand1>), which you declared in the block interface, with the data type of a tag (<Operand2>) for "Equal to". <Operand1> must have the VARIANT data type. <Operand2> can be an elementary data type or a PLC data type. If the data type of the VARIANT tag (<Operand1>) is an ARRAY, the data type of the ARRAY elements is compared. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify <Operand1> at the operand placeholder above the instruction. Specify <Operand2> at the operand placeholder below the instruction. Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP ==". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP ==: Equal (Page 2523) 2548 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type of an ARRAY element for EQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) L (A declara First operand tion in the "Temp" sec tion of the block inter face is not possible.) <Operand1> Input VARIANT <Operand2> Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG (4B(OHP7\SH 7DJ2XW 6 7DJB2SHUDQG The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand1 operand is equal to "Tag_Operand2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2549 Programming the PLC 11.4 Instructions NE_ElemType: Compare data type of an ARRAY element for UNEQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type of an ARRAY element for UNEQUAL with the data type of a tag" instruction to query which data type a tag does not have to which a VARIANT points. You are comparing the data type of the tag (<Operand1>), which you declared in the block interface, with the data type of a tag (<Operand2>) for "Not equal to". <Operand1> must have the VARIANT data type. <Operand2> can be an elementary data type or a PLC data type. If the data type of the VARIANT tag (<Operand1>) is an ARRAY, the data type of the ARRAY elements is compared. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". The RLO of the instruction is logically combined with the RLO of the entire rung as follows: By AND, when the comparison instruction is connected in series. By OR, when the comparison instruction is connected in parallel. Specify <Operand1> at the operand placeholder above the instruction. Specify <Operand2> at the operand placeholder below the instruction. Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP <>". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP <>: Not equal (Page 2527) 2550 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type of an ARRAY element for UNEQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) L (A declara First operand tion in the "Temp" sec tion of the block inter face is not possible.) <Operand1> Input VARIANT <Operand2> Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG 1(B(OHP7\SH 7DJ2XW 6 7DJB2SHUDQG The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand1 operand is not equal to "Tag_Operand2". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2551 Programming the PLC 11.4 Instructions IS_NULL: Check for EQUALS NULL pointer (S7-1200, S7-1500) Description You can use the instruction "Check for EQUALS NULL pointer" to query whether the VARIANT points to a NULL pointer and therefore does not point to an object. <Operand> must have the VARIANT data type. Note VARIANT tag points to an ANY pointer If the VARIANT tag points to an ANY pointer, the instruction always returns the result RLO = "0" even if the ANY pointer is NULL. Parameters The following table shows the parameters of the "Check for EQUALS NULL pointer" instruction: Parameter Declaration Data type Memory area Description <Operand> Input VARIANT L (A declaration in Operand that is compared for the "Temp" sec EQUALS NULL tion of the block in terface is not pos sible.) You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG ,6B18// 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand operand does not point to an object. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) 2552 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basic information on LAD (Page 4634) Memory areas (Page 944) NOT_NULL: Check for UNEQUALS NULL pointer (S7-1200, S7-1500) Description You can use the instruction "Check for UNEQUALS NULL pointer" to query whether the VARIANT does not point to a NULL pointer and therefore points to an object. <Operand> must have the VARIANT data type. Note VARIANT tag points to an ANY pointer If the VARIANT tag points to an ANY pointer, the instruction always returns the result RLO = "1" even if the ANY pointer is NULL. Parameters The following table shows the parameters of the "Check for UNEQUALS NULL pointer" instruction: Parameter Declaration Data type Memory area <Operand> Input VARIANT L (A declaration in Operand that is compared for the "Temp" sec UNEQUALS NULL tion of the block in terface is not pos sible.) Description You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB2SHUDQG 127B18// 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand operand points to an object. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2553 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basic information on LAD (Page 4634) Memory areas (Page 944) IS_ARRAY: Check for ARRAY (S7-1200, S7-1500) Description You can use the "Check for ARRAY" instruction to query whether the VARIANT points to a tag of the ARRAY data type. <Operand> must have the VARIANT data type. Parameters The following table shows the parameters of the "Check for ARRAY" instruction: Parameters Declaration Data type Memory area Description <Operand> Input VARIANT L (A declaration in Operand that is queried for the "Temp" sec ARRAY tion of the block in terface is not pos sible.) You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9$5,$17 7R$UUD\ ,6B$55$< 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "#Tag_VARIANTToArray" operand is of the ARRAY data type. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2554 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Using the VARIANT data type (Page 2078) Memory areas (Page 944) Math functions (S7-1200, S7-1500) CALCULATE: Calculate (S7-1200, S7-1500) Description The "Calculate" instruction is used to define and execute an expression for the calculation of mathematical operations or complex logic operations depending on the selected data type. You can select the data type of the instruction from the "???" drop-down list of the instruction box. Depending on the data type selected, you can combine the functions of certain instructions to perform a complex calculation. The expression to be calculated is specified via a dialog you can open via the "Calculator" icon at the top of the instruction box. The expression can contain names of input parameters and the syntax of the instructions. Operand names and operand addresses cannot be specified. In its initial state, the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. The values of the inputs are used to execute the specified expression. Not all of the defined inputs have to be used in the expression. The result of the instruction is transferred to the output OUT. Note If one of the mathematical operations fails in the expression, no result is transferred to the output OUT and the enable output ENO returns the signal state "1". If you use inputs in the expression that are not available in the box, they are inserted automatically. This requires that there are no gaps in the numbering of the inputs to be newly defined in the expression. For example, you cannot use the IN4 input in the expression unless the IN3 input has been defined. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The result of the "Calculate" instruction is outside the range permitted for the data type specified at the OUT output. A floating-point number has an invalid value. An error occurred during execution of one of the instructions in the expression. WinCC Advanced V14 System Manual, 10/2016 2555 Programming the PLC 11.4 Instructions The following table shows the instructions that can be executed together in the expression of the instruction "Calculate", depending on the selected data type: Data type Instruction Syntax Example Bit strings AND: AND logic operation AND OR: OR logic operation OR IN1 AND IN2 OR IN3 XOR: EXCLUSIVE OR logic operation XOR INV: Create ones complement NOT SWAP: Swap SWAP Integers Floating-point numbers 1) 2556 1) ADD: Add + (IN1 + IN2) * IN3; SUB: Subtract - MUL: Multiply * (ABS(IN2)) * (ABS(IN1)) DIV: Divide / MOD: Return remainder of division MOD INV: Create ones complement NOT NEG: Create twos complement -(in1) ABS: Form absolute value ABS( ) ADD: Add + SUB: Subtract - MUL: Multiply * DIV: Divide / EXPT: Exponentiate ** ABS: Form absolute value ABS( ) SQR: Form square SQR( ) SQRT: Form square root SQRT( ) LN: Form natural logarithm LN( ) EXP: Form exponential value EXP( ) FRAC: Return fraction FRAC( ) SIN: Form sine value SIN( ) COS: Form cosine value COS( ) TAN: Form tangent value TAN( ) ASIN: Form arcsine value ASIN( ) ACOS: Form arccosine value ACOS( ) ATAN: Form arctangent value ATAN( ) NEG: Create twos complement -(in1) TRUNC: Truncate numerical value TRUNC( ) ROUND: Round numerical value ROUND( ) CEIL: Generate next higher integer from floating-point number CEIL( ) FLOOR: Generate next lower integer from floating-point number FLOOR( ) ((SIN(IN2) * SIN(IN2) + (SIN(IN3) * SIN(IN3)) / IN3)); (SQR(SIN(IN2)) + (SQR(COS(IN3)) / IN2)) Not possible for data type BYTE. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Calculate" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers First available input IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers Second available input INn Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers Additionally inserted inputs OUT Output Bit strings, inte I, Q, M, D, L, P gers, floating-point numbers Output to which the end re sult is to be transferred. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &$/&8/$7( ,17 7DJB,QSXW 7DJB2XWSXW (1 (12 7DJB9DOXHB ,1 ,1,1 ,1 ,1 287 7DJB9DOXHB ,1 7DJB9DOXHB ,1 7DJB9DOXHB ,1 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN1 Tag_Value_1 4 IN2 Tag_Value_2 4 IN3 Tag_Value_3 3 IN4 Tag_Value_4 2 OUT Tag_Result 12 If the "Tag_Input" input has the signal state"1", the "Calculate" instruction is executed. The value of operand "Tag_Value_1" is added to the value of operand "Tag_Value_2". The sum is multiplied with the value of operand "Tag_Value_3". The product is divided by the value of WinCC Advanced V14 System Manual, 10/2016 2557 Programming the PLC 11.4 Instructions operand "Tag_Value_4". The quotient is transferred as end result to the operand "Tag_Result" at the OUT output of the instruction. If the instruction is executed without errors, the enable output ENO and operand "Tag_Output" are set to "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Using the "Calculate" instruction (Page 4659) Overview of the valid data types (Page 2131) Example of calculating an equation (Page 4688) Basic information on LAD (Page 4634) Memory areas (Page 944) ADD: Add (S7-1200, S7-1500) Description You can use the "Add" instruction to add the value at input IN1 and the value at input IN2 and query the sum at output OUT (OUT := IN1+IN2). In its initial state, the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are added. The sum is stored at the OUT output. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at the OUT output. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Add" instruction: 2558 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant First number to be added IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Second number to be added WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description INn Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Optional input values that are added. OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Sum You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: 7DJ,Q $'' ,17 (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW 6 (12 287 7DJB5HVXOW If operand "TagIn" has the signal state "1", the "Add" instruction is executed. The value of operand "Tag_Value1" is added to the value of operand "Tag_Value2". The result of the addition is stored in operand "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Selecting a data type (Page 4650) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) SUB: Subtract (S7-1200, S7-1500) Description You can use the "Subtract" instruction to subtract the value at input IN2 from the value at input IN1 and query the difference at output OUT (OUT := IN1-IN2). WinCC Advanced V14 System Manual, 10/2016 2559 Programming the PLC 11.4 Instructions Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at the OUT output. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Subtract" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Minuend IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Subtracting OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Difference You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 68% ,17 (1 7DJB9DOXH ,1 7DJB9DOXH ,1 (12 287 7DJ2XW 6 7DJB5HVXOW If operand "TagIn" has the signal state "1", the "Subtract" instruction is executed. The value of operand "Tag_Value2" is subtracted from the value of operand "Tag_Value1". The result of the subtraction is stored in operand "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2560 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) MUL: Multiply (S7-1200, S7-1500) Description You can use the "Multiply" instruction to multiply the value at input IN1 with the value at input IN2 and query the product at output OUT (OUT := IN1*IN2). The number of inputs can be expanded in the instruction box. The added inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are multiplied. The product is stored at the OUT output. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN input has the signal state "0". The result is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Multiply" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Multiplier IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Number being multiplied INn Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Optional input values that can be multiplied. OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Product You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2561 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 08/ 5($/ 7DJ,Q (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW 6 (12 287 7DJB5HVXOW If operand "TagIn" has the signal state "1", the "Multiply" instruction is executed. The value of operand "Tag_Value1" is multiplied by the value of operand "Tag_Value2". The result of the multiplication is stored in operand "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) DIV: Divide (S7-1200, S7-1500) Description You can use the "Divide" instruction to divide the value at input IN1 by the value at input IN2 and query the quotient at output OUT (OUT := IN1/IN2). Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at the OUT output. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Divide" instruction: 2562 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Dividend IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Divisor OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Quotient value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q ',9 5($/ (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW 6 (12 287 7DJB5HVXOW If operand "TagIn" has the signal state "1", the "Divide" instruction is executed. The value of operand "Tag_Value1" is divided by the value of operand "Tag_Value2". The division result is stored in operand "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) LAD programming examples (Page 4681) Basic information on LAD (Page 4634) Memory areas (Page 944) MOD: Return remainder of division (S7-1200, S7-1500) Description You can use the "Return remainder of division" instruction to divide the value at input IN1 by the value at input IN2 and query the remainder of division at output OUT. WinCC Advanced V14 System Manual, 10/2016 2563 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Return remainder of division" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers I, Q, M, D, L, P, or constant Dividend IN2 Input Integers I, Q, M, D, L, P, or constant Divisor OUT Output Integers I, Q, M, D, L, P Remainder of division You can select the data type of the instruction from the "Auto (???)" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 02' 7DJ,Q ',17 (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW 6 (12 287 7DJB5HVXOW If operand "TagIn" has the signal state "1", the "Return remainder of division" instruction is executed. The value of operand "Tag_Value1" is divided by the value of operand "Tag_Value2". The remainder of division is stored in operand "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2564 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions NEG: Create twos complement (S7-1200, S7-1500) Description You can use the "Create twos complement" instruction to change the sign of the value at the IN input and query the result at the OUT output. If there is a positive value at input IN, for example, the negative equivalent of this value is sent to output OUT. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at the OUT output. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Create twos complement" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input SINT, INT, DINT, float ing-point numbers SINT, INT, DINT, LINT, float ing-point numbers I, Q, M, D, L, P, or con stant Input value OUT Output SINT, INT, DINT, float ing-point numbers SINT, INT, DINT, LINT, float ing-point numbers I, Q, M, D, L, P Twos complement of the in put value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB9DOXH WinCC Advanced V14 System Manual, 10/2016 1(* 5($/ (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH 2565 Programming the PLC 11.4 Instructions If operand "TagIn" has the signal state "1", the "Create twos complement" instruction is executed. The sign of the value at input "TagIn_Value" is changed and the result is provided at output "TagOut_Value". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) INC: Increment (S7-1200, S7-1500) Description You can use the "Increment" instruction to change the value of the operand at the IN/OUT parameter to the next higher value and query the result. The "Increment" instruction is only started when the signal state at the EN enable input is "1". If no overflow error occurs during the execution, the ENO enable output also has the signal state "1". Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Increment" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN/OUT InOut Integers I, Q, M, D, L Value to be incremented. You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2566 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ,1& 7DJ,QB 7DJ,QB 7DJB,Q2XW ,17 (1 (12 7DJ2XW ,1 287 If operands "TagIn_1" and "TagIn_2" have the signal state "1", the value of operand "Tag_InOut" is incremented by one and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) DEC: Decrement (S7-1200, S7-1500) Description You can use the "Decrement" instruction to change the value of the operand at the IN/OUT parameter to the next lower value and query the result. The "Decrement" instruction is only started when the signal state at the EN enable input is "1". If the range of values of the selected data type is not exceeded during processing, the ENO output also has the signal state "1". Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Decrement" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN/OUT InOut Integers I, Q, M, D, L Value to be decremented. You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2567 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: '(& 7DJ,QB 7DJ,QB 7DJB,Q2XW ,17 (1 7DJ2XW (12 ,1 287 If operands "TagIn_1" and "TagIn_2" have the signal state "1", the value of operand "Tag_InOut" is decremented by one and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ABS: Form absolute value (S7-1200, S7-1500) Description You can use the "Form absolute value" instruction to calculate the absolute value of the value specified at input IN. The result of the instruction is sent to the OUT output and can be queried there. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Form absolute value" instruction: Parameters 2568 Declaration S7-1200 Data type S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type S7-1200 S7-1500 Memory area Description IN Input SINT, INT, DINT, float ing-point numbers SINT, INT, I, Q, M, D, Input value DINT, L, P, or con LINT, float stant ing-point numbers OUT Output SINT, INT, DINT, float ing-point numbers SINT, INT, I, Q, M, D, DINT, L, P LINT, float ing-point numbers Absolute value of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB9DOXH $%6 5($/ (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value -6.234 OUT TagOut_Value 6.234 If operand "TagIn" has the signal state "1", the "Form absolute value" instruction is executed. The instruction calculates the absolute value of the value at input "TagIn_Value" and sends the result to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2569 Programming the PLC 11.4 Instructions MIN: Get minimum (S7-1200, S7-1500) Description The "Get minimum" instruction compares the values at the available inputs and writes the lowest value to the OUT output. The number of inputs can be expanded at the instruction box by additional inputs. The inputs are numbered in ascending order in the box. A minimum of two and a maximum of 100 inputs must be specified for the execution of the instruction. The ENO enable output has the signal state "0" if one of the following conditions is fulfilled: Enable input EN has the signal state "0". The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Get minimum" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant First input value IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Second input value INn Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Additionally inserted inputs whose values are to be com pared OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Result If the IEC check is not activated, you can also use tags with the data types TIME, LTIME, TOD, LTOD, DATE and LDT by selecting a bit string or integer with the same length as the data type of the instruction (for example, instead of TIME => DINT, UDINT or DWORD = 32 bit). You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2570 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 0,1 ,17 7DJ2XW (1 (12 7DJ,QB9DOXH ,1 287 7DJ,QB9DOXH ,1 7DJ,QB9DOXH ,1 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 TagIn_Value1 12222 IN2 TagIn_Value2 14444 IN3 TagIn_Value3 13333 OUT TagOut_Value 12222 If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction compares the values of the specified operands and copies the lowest value ("TagIn_Value1") to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) MAX: Get maximum (S7-1200, S7-1500) Description The "Get maximum" instruction compares the values at the available inputs and writes the highest value to the OUT output. The number of inputs can be expanded at the instruction box by additional inputs. The inputs are numbered in ascending order in the box. A minimum of two and a maximum of 100 inputs must be specified for the execution of the instruction. WinCC Advanced V14 System Manual, 10/2016 2571 Programming the PLC 11.4 Instructions The ENO enable output has the signal state "0" if one of the following conditions is fulfilled: Enable input EN has the signal state "0". The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Get maximum" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant First input value IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Second input value INn Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Additionally inserted inputs whose values are to be com pared OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Result If the IEC check is not activated, you can also use tags with the data types TIME, LTIME, TOD, LTOD, DATE and LDT by selecting a bit string or integer with the same length as the data type of the instruction (for example, instead of TIME => DINT, UDINT or DWORD = 32 bit). You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 0$; ,17 7DJ2XW (1 (12 7DJ,QB9DOXH ,1 287 7DJ,QB9DOXH ,1 7DJ,QB9DOXH ,1 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: 2572 Parameter Operand Value IN1 TagIn_Value1 12222 IN2 TagIn_Value2 14444 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Operand Value IN3 TagIn_Value3 13333 OUT TagOut_Value 14444 If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction compares the values of the specified operands and copies the highest value ("TagIn_Value2") to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) LIMIT: Set limit value (S7-1200, S7-1500) Description You can use the "Set limit value" instruction to limit the value at input IN to the values at the inputs MN and MX. If the value at the IN input meets the MN condition <= IN <= MX, it is copied to the OUT output. If the condition is not fulfilled and the input value IN is below the low limit MN, the output OUT is set to the value of the MN input. If the high limit MX is exceeded, output OUT is set to the value of the input MX. If the value at the MN input is greater than at the MX input, the result is undefined and the enable output ENO is "0". The ENO enable output has the signal state "0" if one of the following conditions is fulfilled: Enable input EN has the signal state "0". The specified tags are not of the same data type. An operand has an invalid value. The value at the MN input is greater than the value of the MX input. Parameters The following table shows the parameters of the "Set limit value" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration S7-1500 Memory area Description S7-1200 Data type EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output 2573 Programming the PLC 11.4 Instructions Parameters Declaration Data type S7-1200 S7-1500 Memory area Description MN Input Integers, floating-point numbers, TIME, TOD, DATE Integers, floating-point numbers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Low limit IN Input Integers, floating-point numbers, TIME, TOD, DATE Integers, floating-point numbers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Input value MX Input Integers, floating-point numbers, TIME, TOD, DATE Integers, floating-point numbers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant High limit OUT Output Integers, floating-point numbers, TIME, TOD, DATE Integers, floating-point numbers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, P Result The data types TOD, LTOD, DATE, and LDT can only be used if the IEC test is not enabled. You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB01 7DJB9DOXH 7DJB0; 2574 /,0,7 ,17 (1 (12 01 287 7DJ2XW 7DJB5HVXOW ,1 0; WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value MN Tag_MN 12000 IN Tag_Value 8000 MX Tag_MX 16000 OUT Tag_Result 12000 If operands "TagIn_1" and "TagIn_2" have the signal state "1", the "Set limit value" instruction is executed. The value of operand "Tag_Value" is compared with the values of operands "Tag_MN" and "Tag_MX". Since the value of operand "Tag_Value" is less than the low limit, the value of operand "Tag_MN" is copied to the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SQR: Form square (S7-1200, S7-1500) Description The instruction "Form square" is used to square the value of a floating-point number at input IN and to write the result to output OUT. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form square": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Floating-point numbers I, Q, M, D, L, P Square of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. WinCC Advanced V14 System Manual, 10/2016 2575 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH 645 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 5.0 OUT Tag_Result 25.0 If the operand "TagIn" has the signal state "1", the "Form square" instruction is executed. The instruction squares the value of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Selecting the data type of a LAD element (Page 4650) System memory areas (Page 947) SQRT: Form square root (S7-1200, S7-1500) Description The instruction "Form square root" is used form the square root from the value of the floatingpoint number at input IN and to write the result to output OUT. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, output OUT returns an invalid floating-point number. If the value at input IN is "0", the result is also "0". 2576 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. The value at input IN is negative. Parameters The following table shows the parameters of the instruction "Form square root": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Floating-point numbers I, Q, M, D, L, P Square root of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH 6457 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 25.0 OUT Tag_Result 5.0 If the operand "TagIn" has the signal state "1", the "Form square root" instruction is executed. The instruction calculates the square root of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2577 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Selecting the data type of a LAD element (Page 4650) System memory areas (Page 947) LN: Form natural logarithm (S7-1200, S7-1500) Description You can use the "Form natural logarithm" instruction to calculate the natural logarithm to base e (e = 2.718282) of the value at input IN. The result is sent to output OUT and can be queried there. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, output OUT returns an invalid floating-point number. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. The value at input IN is negative. Parameters The following table shows the parameters of the instruction "Form natural logarithm": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Floating-point numbers I, Q, M, D, L, P Natural logarithm of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2578 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: /1 5($/ 7DJ,Q 7DJB9DOXH (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW If the operand "TagIn" has the signal state "1", the "Form natural logarithm" instruction is executed. The instruction forms the natural logarithm of the value at input "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) EXP: Form exponential value (S7-1200, S7-1500) Description You can use the "Form exponential value" instruction to calculate the exponent from the base e (e = 2.718282) and the value specified at input IN. The result is provided at output OUT and can be queried there (OUT = eIN). Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form exponential value": WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Floating-point numbers I, Q, M, D, L, P Exponential value of input value IN 2579 Programming the PLC 11.4 Instructions You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH (;3 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW If the operand "TagIn" has the signal state "1", the "Form exponential value" instruction is executed. The instruction forms the exponent from base e and the value of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SIN: Form sine value (S7-1200, S7-1500) Description Use the "Form sine value" instruction to calculate the sine of the angle. The size of the angle is specified in radians at the IN input. The result of the instruction is sent to the OUT output and can be queried there. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. 2580 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Form sine value" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Size of angle in radians OUT Output Floating-point numbers I, Q, M, D, L, P Sine of the specified angle You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH 6,1 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value +1.570796 (/2) OUT Tag_Result 1.0 If operand "TagIn" has the signal state "1", the "Form sine value" instruction is executed. The instruction calculates the sine of the angle specified at the "Tag_Value" input and stores the result in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2581 Programming the PLC 11.4 Instructions COS: Form cosine value (S7-1200, S7-1500) Description Use the "Form cosine value" instruction to calculate the cosine of the angle. The size of the angle is specified in radians at the IN input. The result of the instruction is sent to the OUT output and can be queried there. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. Parameters The following table shows the parameters of the "Form cosine value" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Size of angle in radians OUT Output Floating-point numbers I, Q, M, D, L, P Cosine of the specified angle You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH &26 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value +1.570796 (/2) OUT Tag_Result 0 If operand "TagIn" has the signal state "1", the "Form cosine value" instruction is executed. The instruction calculates the cosine of the angle specified at the "Tag_Value" input and stores the result in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. 2582 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) TAN: Form tangent value (S7-1200, S7-1500) Description Use the "Form tangent value" instruction to calculate the tangent of the angle. The size of the angle is specified in radians at the IN input. The result of the instruction is sent to the OUT output and can be queried there. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. Parameters The following table shows the parameters of the "Form tangent value" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Size of angle in radians OUT Output Floating-point numbers I, Q, M, D, L, P Tangent of the specified an gle You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2583 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ( 7DJB9DOXH 7$1 5($/ (1 287 ,1 (12 7DJB5HVXOW $ The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value +3.141593 () OUT Tag_Result 0 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the tangent of the angle specified at the "Tag_Value" input and stores the result in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ASIN: Form arcsine value (S7-1200, S7-1500) Description You can use the "Form arcsine value" instruction to calculate the size of the angle from the arcsine value specified at input IN, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified at the IN input. The calculated angle size is output in radians at the OUT output and can range in value from -/2 to +/2. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. The value at the IN input is outside the permitted value range (-1 to +1). 2584 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Form arcsine value" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Sine value OUT Output Floating-point numbers I, Q, M, D, L, P Size of angle in radians You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH $6,1 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 1.0 OUT Tag_Result +1.570796 (/2) If operand "TagIn" has the signal state "1", the "Form arcsine value" instruction is executed. The instruction calculates the size of the angle corresponding to the sine value at the "Tag_Value" input. The result of the instruction is stored in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2585 Programming the PLC 11.4 Instructions ACOS: Form arccosine value (S7-1200, S7-1500) Description You can use the "Form arccosine value" instruction to calculate the size of the angle from the cosine value specified at input IN, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified at the IN input. The calculated angle size is output in radians at the OUT output and can range in value from 0 to +. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. The value at the IN input is outside the permitted value range (-1 to +1). Parameters The following table shows the parameters of the "Form arccosine value" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Cosine value OUT Output Floating-point numbers I, Q, M, D, L, P Size of angle in radians You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH $&26 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: 2586 Parameters Operand Value IN Tag_Value 0 OUT Tag_Result +1.570796 (/2) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If operand "TagIn" has the signal state "1", the "Form arccosine value" instruction is executed. The instruction calculates the size of the angle corresponding to the cosine value at the "Tag_Value" input. The result of the instruction is stored in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ATAN: Form arctangent value (S7-1200, S7-1500) Description You can use the "Form arctangent value" instruction to calculate the size of the angle from the tangent value specified at input IN, which corresponds to this value. It is only permitted to specify valid floating-point numbers (or -NaN/+NaN) at input IN. The calculated angle size is output in radians at the OUT output and can range in value from -/2 to +/2. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form arctangent value": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Tangent value OUT Output Floating-point numbers I, Q, M, D, L, P Size of angle in radians You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2587 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,Q 7DJB9DOXH $7$1 5($/ (1 (12 ,1 287 7DJ2XW 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 1.0 OUT Tag_Result +0.785398 (/4) If the operand "TagIn" has the signal state "1", the "Form arctangent value" instruction is executed. The instruction calculates the size of the angle corresponding to the tangent value at input "Tag_Value". The result of the instruction is stored in the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Invalid floating-point numbers (Page 2152) Basic information on LAD (Page 4634) Memory areas (Page 944) FRAC: Return fraction (S7-1200, S7-1500) Description You can use the "Return fraction" instruction to determine the decimal places of the value at the IN input. The result of the query is stored at the OUT output and can be queried there. If, for example, the IN input has the value 123.4567, the OUT output returns the value 0.4567. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the IN input is not a valid floating-point number. 2588 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Return fraction" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Value, whose decimal places are to be determined. OUT Output Floating-point numbers I, Q, M, D, L, P Decimal places of the value at the IN input You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH )5$& 5($/ 7DJ2XW (1 (12 ,1 287 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 2.555 OUT Tag_Result 0.555 If operands "TagIn_1" and "TagIn_2" have the signal state "1", the "Return fraction" instruction is started. The decimal places from the value of operand "Tag_Value" are copied to operand "Tag_Result". If the instruction is executed without errors, the ENO output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2589 Programming the PLC 11.4 Instructions EXPT: Exponentiate (S7-1200, S7-1500) Description You can use the "Exponentiate" instruction to raise the value at the IN1 input to a power specified with the value at the IN2 input. The result of the instruction is provided at the OUT output and can be queried there (OUT =IN1IN2). The IN1 input can only be assigned valid floating-point numbers. Integers can also be assigned to the IN2 input. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors occur during execution of the instruction, for example, an overflow occurs. Parameters The following table shows the parameters of the "Exponentiate" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Floating-point numbers I, Q, M, D, L, P, or constant Base value IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P, or constant Value with which the base value is exponentiated OUT Output Floating-point numbers I, Q, M, D, L, P Result You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: (;37 7DJ,QB 7DJ,QB 5($/ 5($/ (1 (12 7DJB9DOXH ,1 287 7DJB9DOXH ,1 7DJ2XW 7DJB5HVXOW If operands "TagIn_1" and "TagIn_2" have the signal state "1", the "Exponentiate" instruction is started. The value of operand "Tag_Value1" is raised to a power specified with the value of operand "Tag_Value2". The result is stored in the "Tag_Result" output. If the instruction is 2590 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Move operations (S7-1200, S7-1500) MOVE: Move value (S7-1200, S7-1500) Description You use the "Move value" instruction to transfer the content of the operand at the IN input to the operand at the OUT1 output. The transfer is always made in the direction of ascending address. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The data type at the IN parameter does not correspond to the specified data type at the OUT1 parameter. The following table lists the possible transfers for the S7-1200 CPU series: Source (IN) WinCC Advanced V14 System Manual, 10/2016 Destination (OUT1) With IEC check Without IEC check BYTE BYTE, WORD, DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE ,TOD, CHAR WORD WORD, DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD, CHAR DWORD DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, REAL, TIME, DATE, TOD, CHAR SINT SINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD USINT USINT, UINT, UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD INT INT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD UINT UINT, UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD DINT DINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD 2591 Programming the PLC 11.4 Instructions Source (IN) Destination (OUT1) With IEC check Without IEC check UDINT UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD REAL REAL DWORD, REAL LREAL LREAL LREAL TIME TIME BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME DATE DATE BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, DATE TOD TOD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TOD DTL DTL DTL CHAR CHAR BYTE, WORD, DWORD, CHAR, Character of a string1) WCHAR WCHAR BYTE, WORD, DWORD, CHAR, WCHAR, character of a character string1) Character of a string1) Character of a string CHAR, WCHAR, character of a string ARRAY2) ARRAY ARRAY STRUCT STRUCT STRUCT PLC data type (UDT) PLC data type (UDT) PLC data type (UDT) IEC_TIMER IEC_TIMER IEC_TIMER IEC_SCOUNT ER IEC_SCOUNTER IEC_SCOUNTER IEC_US COUNTER IEC_USCOUNTER IEC_USCOUNTER IEC_COUNTER IEC_COUNTER IEC_COUNTER IEC_UCOUNT ER IEC_UCOUNTER IEC_UCOUNTER IEC_DCOUNT ER IEC_DCOUNTER IEC_DCOUNTER IEC_UD COUNTER IEC_UDCOUNTER IEC_UDCOUNTER The following table lists the possible transfers for the S7-1500 CPU series: Source (IN) 2592 Destination (OUT1) With IEC check Without IEC check BYTE BYTE, WORD, DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE ,TOD, LTOD, CHAR WORD WORD, DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, S5TIME, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR DWORD DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, REAL, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Source (IN) WinCC Advanced V14 System Manual, 10/2016 Destination (OUT1) With IEC check Without IEC check LWORD LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LREAL, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR SINT SINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD USINT USINT, UINT, UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD INT INT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD UINT UINT, UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD. LTOD DINT DINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD UDINT UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD LINT LINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD ULINT ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD REAL REAL DWORD, REAL LREAL LREAL LWORD, LREAL S5TIME S5TIME WORD, S5TIME TIME TIME BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME LTIME LTIME BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LTIME DATE DATE BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, DATE DT DT DT LDT LDT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LDT TOD TOD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TOD LTOD LTOD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LTOD DTL DTL DTL CHAR CHAR BYTE, WORD, DWORD, LWORD, CHAR, Character of a string1) WCHAR WCHAR BYTE, WORD, DWORD, LWORD, CHAR, WCHAR, Character of a string1) 2593 Programming the PLC 11.4 Instructions Source (IN) Destination (OUT1) With IEC check Without IEC check Character of a string1) Character of a string CHAR, WCHAR, character of a string ARRAY2) ARRAY ARRAY STRUCT STRUCT STRUCT COUNTER COUNTER, WORD, INT WORD, DWORD, INT, UINT, DINT, UDINT TIMER TIMER, WORD, INT WORD, DWORD, INT, UINT, DINT, UDINT PLC data type (UDT) PLC data type (UDT) PLC data type (UDT) IEC_TIMER IEC_TIMER IEC_TIMER IEC_LTIMER IEC_LTIMER IEC_LTIMER IEC_SCOUNT ER IEC_SCOUNTER IEC_SCOUNTER IEC_US COUNTER IEC_USCOUNTER IEC_USCOUNTER IEC_COUNTER IEC_COUNTER IEC_COUNTER IEC_UCOUNT ER IEC_UCOUNTER IEC_UCOUNTER IEC_DCOUNT ER IEC_DCOUNTER IEC_DCOUNTER IEC_UD COUNTER IEC_UDCOUNTER IEC_UDCOUNTER IEC_LCOUNT ER IEC_LCOUNTER IEC_LCOUNTER IEC_UL COUNTER IEC_ULCOUNTER IEC_ULCOUNTER 1) You can also use the "Move value" instruction to transfer individual characters of a string to operands of the CHAR or WCHAR data type. The number of the character to be transferred is specified in square brackets next to the operand name. "MyString[2]", for example, transfers the second character of the "MyString" string. The transfer of the operand of the data type CHAR or WCHAR to the individual character of a string is also possible. You can also replace a specific character of a string with the character of another string. Transferring entire arrays (ARRAY) is possible only when the array components of the operands at input IN and at output OUT1 are of the same data type. 2) If the bit length of the data type at input IN exceeds the bit length of the data type at output OUT1, the higher-order bits of the source value are lost. If the bit length of the data type at input IN is less than the bit length of the data type at output OUT1, the higher-order bits of the destination value will be overwritten with zeros. In its initial state, the instruction box contains 1 output (OUT1). The number of outputs can be extended. The added outputs are numbered in ascending order on the box. During the execution of the instruction, the content of the operand at the input IN is transferred to all available outputs. The instruction box cannot be extended if structured data types (DTL, STRUCT, ARRAY) or characters of a string are transferred. You can also use the "Move block" (MOVE_BLK) and "Move block uninterruptible" (UMOVE_BLK) instructions to move operands of the ARRAY data type. Operand of the data 2594 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions type STRING or WSTRING can be copied with the instruction "Move character string" (S_MOVE). Parameter The following table shows the parameters of the "Move value" instruction: Parameters Declaration Data type Memory area Description BOOL I, Q, M, D, L Enable input I, Q, M, D, L S7-1200 S7-1500 EN Input BOOL ENO Output BOOL BOOL IN Input Bit strings, inte gers, floatingpoint numbers, timers, date and time, CHAR, WCHAR, STRUCT, AR RAY, IEC data types, PLC da ta type (UDT) Bit strings, inte I, Q, M, D, L or gers, floatingconstant point numbers, timers, date and time, CHAR; WCHAR, STRUCT, AR RAY, TIMER, COUNTER, IEC data type, PLC data type (UDT) Source value OUT1 Output Bit strings, inte gers, floatingpoint numbers, timers, date and time, CHAR, WCHAR, STRUCT, AR RAY, IEC data types, PLC da ta type (UDT) Bit strings, inte I, Q, M, D, L gers, floatingpoint numbers, timers, date and time, CHAR; WCHAR, STRUCT, AR RAY, TIMER, COUNTER, IEC data type, PLC data type (UDT) Operands to which in the source value is transferred. Enable output You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB9DOXH WinCC Advanced V14 System Manual, 10/2016 029( (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH 2595 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 OUT1 TagOut_Value 0011 1111 1010 1111 If the "TagIn" operand returns signal state "1", the instruction is executed. The instruction copies the contents of operand "TagIn_Value" to operand "TagOut_Value" and sets output "TagOut" to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) Note You can find more information on the MOVE instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) MOVE_BLK: Move block (Page 2604) UMOVE_BLK: Move block uninterruptible (Page 2611) S_MOVE: Move character string (Page 3334) Basic information on LAD (Page 4634) Memory areas (Page 944) Deserialize: Deserialize (S7-1200, S7-1500) Description You can use the "Deserialize" instruction to convert back the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> and to fill its entire contents. The memory area in which the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> is located must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized memory areas also permitted as of version 2.0. The capacity of the standard memory area is 64 KB. Make sure that there is enough memory space prior to the conversion. If the memory area is filled using the instruction "Serialize" and it is possible that fill bytes were inserted, their conversion is not taken into account. It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. 2596 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction enables you to convert multiple sequential representations of converted data back to their original state step-by-step. If you only want to convert back a single sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type>, you can also directly use the instruction "TRCV: Receive data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To deserialize larger structures, you can declare the memory area for sequential representation with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The content of the sequential representation remains unchanged, as for a standard memory area. Only symbolic access to the bytes in the ARRAY is possible. Parameters The following table shows the parameters of the "Deserialize" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output SRC_AR RAY Input VARIANT D, block interface Tag of ARRAY of BYTE data of an FB (The sec type in which the generate tions Input, Out data flow is stored put, Static and Temp are possi ble.) DEST_VARI ABLE InOut ARRAY[*] of BYTE 1) VARIANT D, block interface of an FB Tag in which the reconverted PLC data type (UDT), STRUCT, ARRAY of <data type> is stored 2597 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the number of bytes occupied by the converted customer data. The POS parameter is calcu lated zero-based. RET_VAL Output INT I, Q, M, D, L Error information Possible for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. 1) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B0 The memory areas for the SRC_ARRAY and DEST_VARIABLE parameters overlap. 8136 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8150 The VARIANT data type at the SRC_ARRAY parameter contains a ZERO pointer. 8151 No valid reference at the SRC_ARRAY parameter 8153 There is not enough free memory available at the SRC_ARRAY parameter. 8154 Invalid data type at the SRC_ARRAY parameter 8250 The VARIANT data type at the DEST_VARIABLE parameter contains a ZERO pointer. 8251 No valid reference at the DEST_VARIABLE parameter 8382 The value at the POS parameter is outside the limits of the array. 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8136 Access to the memory area at the SRC_ARRAY parameter is invalid. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". 2598 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following table shows the declaration of the operands: Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface of an FB or FC. BufferPos DINT Error INT In the "Temp" section of the block interface of an FB or FC. Label STRING[4] The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Target Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Bill Array[0..10] of INT Field Array[0..294] of BYTE Buffer The following example shows how the instruction works: Network 1: 029( 'HVHULDOL]H (1 (12 ,1 287 (1 %XIIHU3RV %XIIHU)LHOG %XIIHU3RV 65&B$55$< 326 (12 5(7B9$/ '(67B9$5,$%/( (UURU 7DUJHW&OLHQW The "Move value" instruction moves the value "0" to the #BufferPos operand. The "Deserialize" instruction deserializes the sequential representation of the customer data from the "Buffer" tag and writes it to the "Target" tag. The #BufferPos operand stores the index of the first byte based on the number of bytes occupied by the converted customer data. Network 2: WinCC Advanced V14 System Manual, 10/2016 2599 Programming the PLC 11.4 Instructions 'HVHULDOL]H (12 (1 %XIIHU)LHOG %XIIHU3RV 65&B$55$< 326 'HVHULDOL]H DUWL 5(7B9$/ (UURU '(67B9$5,$%/( /DEHO /DEHO %XIIHU)LHOG %XIIHU3RV 5(7B9$/ 65&B$55$< '(67B9$5,$%/( 326 'HVHULDOL]H %LOO (12 (1 675,1* /DEHO (12 (1 675,1* %XIIHU)LHOG %XIIHU3RV 5(7B9$/ 65&B$55$< 326 '(67B9$5,$%/( The "Deserialize" instruction deserializes the sequential representation of the separator sheet, which was stored in the sequential representation after the customer data, from the "Buffer" tag and writes the characters to the #Label operand. The characters are compared using comparison instructions "arti" and "Bill". If the comparison for "arti" = TRUE, these are article data that have been deserialized and written to the "Target" tag. If the comparison for "Bill" = TRUE, these are billing data that have been deserialized and written to the "Target" tag. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) PLC data types (UDT) (Page 2170) Basic information on LAD (Page 4634) Memory areas (Page 944) Serialize: Serialize (S7-1200, S7-1500) Description You can use the "Serialize" instruction to convert several PLC data types (UDT), STRUCT or ARRAY of <data type> to a sequential representation without losing parts of their structure. You use the instruction to temporarily save multiple structured data items from your program in a buffer, which should preferably be in a global data block, and send them to another CPU. The memory area in which the converted data are stored must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized data is also permitted as of version 2.0. Elements of the ARRAY of BYTE may be filled with zeros to meet the standard alignment rules. The capacity of the standard memory area is 64 KB. Structures that are larger than 64 KB in accordance with the rules for standard memory areas cannot be serialized if the operand at the DEST_ARRAY parameter is located in a standard memory area. 2600 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. The operand at the POS parameter contains information about the number of bytes used by the data. If you want to send a single PLC data type (UDT), STRUCT or ARRAY of <data type>, you can directly call the instruction "TSEND: Send data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To serialize larger structures, you can declare the memory area with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The sequential representation remains unchanged, as for a standard memory area. Parameters The following table shows the parameters of the instruction "Serialize": WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output SRC_VARIA Input BLE VARIANT D, block interface of an FB PLC data type (UDT), STRUCT or ARRAY of <data type> that is converted to se quential representation. DEST_AR RAY VARIANT D, block interface of an FB (the sec tions Input, Out put, Static and Temp are possi ble.) Data block in which the gen erated data stream is stored. InOut 2601 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the to tal number of bytes that the converted customer data has occupied. The POS parame ter is calculated zero-based. RET_VAL Output INT I, Q, M, D, L Error information RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B0 The memory areas for the SRC_VARIABLE and DEST_ARRAY parameters overlap. 8150 The VARIANT data type at the SRC_VARIABLE parameter contains a ZERO pointer. 8151 No valid reference at the SRC_VARIABLE parameter 8236 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8250 The VARIANT data type at the DEST_ARRAY parameter contains a ZERO pointer. 8251 No valid reference at the DEST_ARRAY parameter 8253 There is not enough free memory available at the DEST_ARRAY parameter. 8254 Invalid data type at the DEST_ARRAY parameter 8382 The value at the POS parameter is outside the limits of the array. 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8236 Access to the memory area at the DEST_ARRAY parameter is invalid. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: Network 1: 2602 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 029( 6HULDOL]H (1 (12 ,1 287 (12 (1 %XIIHU3RV 6RXUFH&OLHQW %XIIHU3RV 5(7B9$/ 65&B9$5,$%/( '(67B$55$< 326 (UURU %XIIHU)LHOG The "Move value" instruction moves the value "0" to the #BufferPos operand. The "Deserialize" instruction deserializes the customer data from the "Source" tag and writes the sequential representation to the "Buffer" tag. The index of the next unwritten byte of the "Buffer".Field operand is saved in the #BufferPos operand. Network 2: 6B029( DUWL 6HULDOL]H (1 (12 ,1 287 (12 (1 /DEHO /DEHO %XIIHU3RV 65&B9$5,$%/( 5(7B9$/ '(67B$55$< 326 (UURU %XIIHU)LHOG A kind of separator sheet is inserted now to make it easier to deserialize the sequential representation later. The "Move character string" instruction moves the "arti" characters to the #Label operand. The "Serialize" instruction writes these characters after the customer data to the "Buffer" tag. The value of the #BufferPos operand is incremented accordingly. Network 3: 6HULDOL]H (12 (1 6RXUFH $UWLFOH>'HOLYHU3RV@ %XIIHU3RV 5(7B9$/ 65&B9$5,$%/( '(67B$55$< 326 (UURU %XIIHU)LHOG The "Serialize" instruction serializes the data of a specific article, which is calculated in runtime, from the "Source" tag and writes it in sequential representation to the "Buffer" tag after the "arti" characters. The following table shows the declaration of the operands: WinCC Advanced V14 System Manual, 10/2016 Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface BufferPos DINT In the "Temp" section of the block interface 2603 Programming the PLC 11.4 Instructions Operand Data type Declaration Error INT In the "Temp" section of the block interface Label STRING[4] In the "Temp" section of the block interface The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Source Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Field Array[0..294] of BYTE Buffer For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) PLC data types (UDT) (Page 2170) Basic information on LAD (Page 4634) Memory areas (Page 944) MOVE_BLK: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The number of elements to be moved to the destination area is specified at input COUNT. The width of the elements to be moved is defined by the width of the element at input IN. The instruction can only be executed if the source area and the destination area have the same data type. 2604 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is moved than is made available at input IN or output OUT. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". Parameters The following table shows the parameters of the "Move block" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the source area that is being copied COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P or constant Number of ele ments to be moved from the source area to the des tination area. OUT 1) Output Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the destination area to which the contents of the source area are being copied 1) 1) The specified data types can only be used as elements of an ARRAY structure. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2605 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB DBDUUD\>@ 7DJB&RXQW 029(B%/. (1 (12 ,1 287 7DJ2XW EBDUUD\>@ &2817 The following table shows how the instruction works using specific operand values: Parameter Operand Value IN a_array[2] The data type of the "a_array" operand is Array [0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is Array [0..6] of INT. It consists of seven elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) Note You can find more information on the MOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2606 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MOVE_BLK_VARIANT: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). You can copy a complete ARRAY or elements of an ARRAY to another ARRAY of the same data type. The size (number of elements) of source and destination ARRAY may be different. You can copy multiple or single elements within an ARRAY. When you use the instruction at the time to the block is created, the ARRAY does not yet have to be known, as the source and the designation are transferred per VARIANT. Counting at the parameters SRC_INDEX and DEST_INDEX always begins with the low limit "0", regardless of the later declaration of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is copied than is made available. Parameters The following table shows the parameters of the "Move block" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output SRC Input VARIANT (which points to an AR RAY or an individ ual ARRAY ele ment), ARRAY of <Data_type> L (A declaration in Source block from which to the "Temp" sec copy tion of the block in terface is not pos sible.) COUNT Input UDINT I, Q, M, D, L or con Number of elements which stant are copied 2) Assign the value "1" to the parameter COUNT, if no AR RAY is specified at parame ter SRC or at parameter DEST. WinCC Advanced V14 System Manual, 10/2016 2607 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area SRC_INDEX Input DINT I, Q, M, D, L or con The SRC_INDEX stant parameter is calculated zero-based. If an ARRAY is specified at parameter SRC, the integer at parameter SRC_INDEX specifies the first element within the source area from which it is to be copied. Independent of the declared ARRAY limits. Description If no ARRAY is specified at parameter SRC or only one single element of an ARRAY is specified, then assign the value "0" at parameter SRC_INDEX. DEST_IN DEX Input DINT I, Q, M, D, L or con The DEST_INDEX stant parameter is calculated zero-based. If an ARRAY is specified at parameter DEST, the integer at parameter DEST_INDEX specifies the first element within the destination area that is to be copied into. Independent of the declared ARRAY limits. If no ARRAY is specified at parameter DEST, then assign the value "0" at parameter DEST_INDEX. DEST Output 1) VARIANT L (A declaration in Destination area into which the "Temp" sec the contents of the source tion of the block in block are copied. terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. 1) The DEST parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. 2) With the SRC parameter, the data types BOOL and ARRAY of BOOL are not permitted. You can find additional information on valid data types under "See also". 2608 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data types do not correspond. Instead of an ARRAY of <Struct>, use an ARRAY of <PLC data type (UDT)>. 8151 Access to the SRC parameter is not possible. 8152 The operand at the SRC parameter is not typed. 8153 Code generation error at the SRC parameter 8154 The operand at the SRC parameter has the data type BOOL. 8281 The COUNT parameter has an invalid value 8382 The value at the SRC_INDEX parameter is outside the limits of the VARIANT. 8383 The value at the SRC_INDEX is outside the high limit of the ARRAY. 8482 The value at the DEST_INDEX parameter is outside the limits of the VARIANT. 8483 The value at the DEST_INDEX is outside the high limit of the ARRAY. 8534 The DEST parameter is write protected 8551 Access to the DEST parameter is not possible. 8552 The operand at the DEST parameter is not typed. 8553 Code generation error at the DEST parameter 8554 The operand at the DEST parameter has the data type BOOL. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 7DJ,Q 6UF)LHOG 7DJB&RXQW WinCC Advanced V14 System Manual, 10/2016 029(B%/.B9$5,$17 (1 (12 7DJ2XW 65& &2817 7DJB6UFB,QGH[ 65&B,1'(; 7DJB'HVWB,QGH[ '(67B,1'(; 5(7B9$/ '(67 7DJB5HVXOW 'HVW)LHOG 2609 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Declaration in the block interface Operand Value SRC Input #SrcField The local operand #SrcField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[0..10] of "MOVE_UDT") COUNT Input Tag_Count 2 SRC_INDEX Input Tag_Src_Index 3 DEST_INDEX Input Tag_Dest_Index 3 DEST InOut #DestField The local operand #DestField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[10..20] of "MOVE_UDT") If the "TagIn" operand returns signal state "1", the instruction is executed. Two elements are moved from the source area, starting from the fourth element of the ARRAY [0..10] of MOVE_UDT, to the destination area. The copies are pasted in the ARRAY [10..20] of MOVE_UDT starting from the fourth element. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) Note You can find more information on the MOVE_BLK_VARIANT instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) VariantGet: Read out VARIANT tag value (Page 2632) Programming example: Moving data (Page 2085) VARIANT (Page 2191) 2610 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basic information on LAD (Page 4634) Memory areas (Page 944) UMOVE_BLK: Move block uninterruptible (S7-1200, S7-1500) Description You use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The instruction cannot be interrupted. The number of elements to be moved to the destination area is specified with the COUNT parameter. The width of the elements to be moved is defined by the width of the element at input IN. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the interrupt reaction times of the CPU increase during the execution of the "Move block uninterruptible" instruction. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is moved than is made available at input IN or output OUT. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". You use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Parameters The following table shows the parameters of the "Move block uninterruptible" instruction: Parameter WinCC Advanced V14 System Manual, 10/2016 Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the source area that is being copied 1) 2611 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P or constant Number of ele ments to be moved from the source area to the des tination area. OUT 1) Output Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the destination area to which the contents of the source area are being copied 1) The specified data types can only be used as elements of an ARRAY structure. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB DBDUUD\>@ 7DJB&RXQW 8029(B%/. (1 (12 ,1 287 7DJ2XW EBDUUD\>@ &2817 The following table shows how the instruction works using specific operand values: Parameter Operand Value IN a_array[2] The data type of the "a_array" operand is Array [0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is Array [0..6] of INT. It consists of seven elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. The move operation cannot be interrupted by other operating system activities. If the instruction is executed without errors, the ENO output has the signal state "1" and the "TagOut" output is set. 2612 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) Note You can find more information on the UMOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) FILL_BLK: Fill block (S7-1200, S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the value of the IN input. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. WinCC Advanced V14 System Manual, 10/2016 2613 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Fill block" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P, or constant Element used to fill the desti nation area COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P, or constant Number of re peated move operations OUT Output Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L Address in des tination area from which fill ing starts For additional information on valid data types, refer to "See also". Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: 7DJ,QB 7DJ,QB )LOO9DOXH 7DJB&RXQW ),//B%/. (1 (12 ,1 287 7DJ2XW 7DUJHW$UHD>@ &2817 The following table shows how the instruction works using specific operand values: 2614 Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 STRUCT SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT Generate the following program code to address the MyStruct1 tag: ),//B%/. (1 ,1 &2817 7DJ2XW (12 287 'DWDBEORFNB 0\6WUXFW 0HPEHUB Generate the following program code to address the MyStruct2 tag: WinCC Advanced V14 System Manual, 10/2016 2615 Programming the PLC 11.4 Instructions ),//B%/. (1 ,1 &2817 7DJ2XW (12 287 'DWDBEORFNB0\6WUXFW 6XE$UUD\>@1HVWHG6WUXFW 0HPEHUB In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. If the instruction is executed without errors, the TagOut operand is set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) UFILL_BLK: Fill block uninterruptible (S7-1200, S7-1500) Description You can use the "Fill block uninterruptible" instruction to fill a memory area (destination area) with the value of the IN input. The instruction cannot be interrupted. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the alarm reaction times of the CPU increase during the execution of the "Fill block uninterruptible" instruction. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. 2616 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". You use the "Fill block uninterruptible" instruction to move a maximum of 16 KB. Note the CPUspecific restrictions for this. Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. Parameters The following table shows the parameters of the "Fill block uninterruptible" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P, or constant Element used to fill the desti nation area. COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P, or constant Number of re peated move operations OUT Output Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L Address in des tination area from which fill ing begins. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2617 Programming the PLC 11.4 Instructions Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: 7DJ,QB 7DJ,QB )LOO9DOXH 7DJB&RXQW 8),//B%/. (1 (12 ,1 287 7DJ2XW 7DUJHW$UHD>@ &2817 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. The move operation cannot be interrupted by other operating system activities. If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 2618 STRUCT WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Data_block_1 Data type SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT Generate the following program code to address the MyStruct1 tag: 8),//B%/. (1 ,1 &2817 7DJ2XW (12 287 'DWDBEORFNB 0\6WUXFW 0HPEHUB Generate the following program code to address the MyStruct2 tag: 8),//B%/. (1 ,1 &2817 7DJ2XW (12 287 'DWDBEORFNB0\6WUXFW 6XE$UUD\>@1HVWHG6WUXFW 0HPEHUB In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. If the instruction is executed without errors, the TagOut operand is set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2619 Programming the PLC 11.4 Instructions SWAP: Swap (S7-1200, S7-1500) Description You can use the "Swap" instruction to change the order of the bytes at input IN and query the result at output OUT. The following figure shows how the bytes of an operand of the DWORD data type are swapped using the "Swap" instruction: ,1 287 Parameters The following table lists the parameters of the "Swap" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input WORD, DWORD WORD, DWORD, LWORD I, Q, M, D, L Operand whose bytes are or, P constant swapped. OUT Output WORD, DWORD WORD, DWORD, LWORD I, Q, M, D, L, P Result You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2620 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6:$3 :25' 7DJ,Q 7DJ,QB9DOXH (1 (12 ,1 287 7DJ2XW 6 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0000 1111 0101 0101 OUT TagOut_Value 0101 0101 0000 1111 If operand "TagIn" has the signal state "1", the "Swap" instruction is executed. The order of the bytes is changed and stored in operand "TagOut_Value". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ARRAY DB (S7-1500) ReadFromArrayDB: Read from ARRAYdata block (S7-1500) Description The instruction "Read from ARRAY data block" is used to read data from a data block of the ARRAY DB block type and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Enable output ENO returns the signal state FALSE if one of the following conditions applies: Enable input EN returns the signal state FALSE. If an error occurs during the execution of the instruction. WinCC Advanced V14 System Manual, 10/2016 2621 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Read from ARRAY data block" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output DB Input DB_ANY I, Q, M, D, L Data block that is read INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. VALUE Output 1) VARIANT L (A declaration in Value that is read and output the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. 1) The VALUE parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 2622 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, write protected, or is located in load memory. 8135 The ARRAY data block contains invalid values. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8452 Code generation error WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 8453 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 5HDG)URP$UUD\'% 7DJ,QB $UUD\'% 7DJ2XW (1 (12 '% 5(7B9$/ 7DJ5HWB9DO 9$/8( 7DUJHW)LHOG ,1'(; The following table shows how the instruction works using specific operand values: Parameters Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. If the "TagIn1" operand returns signal state "1", the instruction is executed. The 2nd element is read from "ArrayDB" and written to the "TargetField" operand. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Basic information on LAD (Page 4634) WinCC Advanced V14 System Manual, 10/2016 2623 Programming the PLC 11.4 Instructions WriteToArrayDB: Write to ARRAY data block (S7-1500) Description The instruction "Write to ARRAY data block" is used to write data to a data block of the ARRAY DB block type. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Enable output ENO returns the signal state FALSE if one of the following conditions applies: Enable input EN returns the signal state FALSE. If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Write to ARRAY data block" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output DB Input DB_ANY I, Q, M, D, L Data block to which data is written INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE Input VARIANT L (A declaration in Value to be written the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 2624 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, or is located in load memory. 8134 The data block is write protected. 8135 The data block is not an ARRAY data block. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8350 The data type VARIANT at parameter VALUE provides the value "0". 8352 Code generation error 8353 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: :ULWH7R$UUD\'% 7DJ,QB $UUD\'% 7DJ2XW (1 (12 '% 5(7B9$/ ,1'(; 6RXUFH)LHOG 9$/8( 7DJ5HWB9DO The following table shows how the instruction works using specific operand values: Parameters Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. If the "TagIn1" operand returns signal state "1", the instruction is executed. The value of the "SourceField" operand is written to the 2nd element of the ARRAY DB. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2625 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Basic information on LAD (Page 4634) ReadFromArrayDBL: Read from ARRAY data block in load memory (S7-1500) Description The instruction "Read from ARRAY data block in load memory" is used to read data from a data block of the ARRAY DB block type in the load memory and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". The instruction is terminated if a negative signal edge is detected at the BUSY parameter. The DONE parameter has the signal state "1" for one program cycle and the read value is output at the VALUE parameter within this cycle. With all other program cycles, the value at the VALUE parameter is not changed. Enable output ENO returns the signal state FALSE if one of the following conditions applies: Enable input EN returns the signal state FALSE. If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Read from ARRAY data block in load memory" instruction: 2626 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con REQ = "1": Begin with the stant reading of the ARRAY DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block that is read. INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description VALUE 1) InOut VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being read DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully ERROR Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) The data blocks must be created with the "Optimized" block property. Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8750 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the VALUE parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. WinCC Advanced V14 System Manual, 10/2016 2627 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 5HDG)URP$UUD\'%/B'% 5HDG)URP$UUD\'%/ 7DJ,QB (1 7DJ5HT $UUD\'% 7DJ2XW (12 5(4 %86< 7DJ%XV\ '% '21( 7DJ'RQH (5525 7DJ(UURU ,1'(; 7DUJHW)LHOG 9$/8( The following table shows how the instruction works using specific operand values: Parameters Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. BUSY TagBusy BOOL DONE TagDone BOOL If the "TagIn1" operand has the signal state "1" and a positive edge is detected at the "TagReq" operand, the instruction is executed. The 2nd element is read from "ArrayDB" and output at the VALUE parameter. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is no longer changed. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. After the instruction has been processed, the "TagDone" operand has the signal state TRUE. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) READ_DBL: Read from data block in the load memory (Page 3845) WRIT_DBL: Write to data block in the load memory (Page 3848) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Difference between synchronous and asynchronous instructions (Page 2436) Basic information on LAD (Page 4634) 2628 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WriteToArrayDBL: Write to ARRAY data block in load memory (S7-1500) Description The instruction "Write to ARRAY data block in load memory" is used to write data to a data block of the ARRAY DB block type in the load memory. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". If a negative signal edge is detected at the BUSY parameter, the instruction is terminated and the value at the VALUE parameter is written to the data block. The DONE parameter then has the signal state "1" for one program cycle. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Write to ARRAY data block in load memory" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con REQ = "1": Start writing to the stant array DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block to which data is written INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE 1) Input VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. WinCC Advanced V14 System Manual, 10/2016 BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being written DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully 2629 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) The data blocks must be created with the "Optimized" block property. Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8234 The data block is write protected. 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the VALUE parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. 2630 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: :ULWH7R$UUD\'%/B'% :ULWH7R$UUD\'%/ 7DJ,QB (1 7DJ5HT $UUD\'% 6RXUFH)LHOG 7DJ2XW (12 5(4 %86< 7DJ%XV\ '% '21( 7DJ'RQH (5525 7DJ(UURU ,1'(; 9$/8( The following table shows how the instruction works using specific operand values: Parameters Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. BUSY TagBusy BOOL DONE TagDone BOOL If the "TagIn1" operand has the signal state "1" and a positive edge is detected at the "TagReq" operand, the instruction is executed. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is written to the 2nd element of the "ArrayDB". If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. After the instruction has been processed, the "TagDone" operand has the signal state TRUE. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) READ_DBL: Read from data block in the load memory (Page 3845) WRIT_DBL: Write to data block in the load memory (Page 3848) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Difference between synchronous and asynchronous instructions (Page 2436) Basic information on LAD (Page 4634) WinCC Advanced V14 System Manual, 10/2016 2631 Programming the PLC 11.4 Instructions VARIANT (S7-1200, S7-1500) VariantGet: Read out VARIANT tag value (S7-1200, S7-1500) Description You can use the "Read out VARIANT tag value" instruction to read the value of the tag to which the VARIANT at the SRC parameter points and write it in the tag at the DST parameter. The SRC parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the DST parameter. The data type of the tag at the DST parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT: Move block" instruction. For additional information, refer to "See also". Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The data types do not correspond (no value is transferred). Parameter The following table shows the parameters of the instruction "Read out VARIANT tag value": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output SRC Input VARIANT L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) L (A declara Tag to be read tion in the "Temp" sec tion of the block inter face is not possible.) DST Output Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types I, Q, M, D, L, P Result of the in struction You can find additional information on valid data types under "See also". 2632 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB6RXUFH 9DULDQW*HW (1 (12 7DJ2XW 6 65& '67 7DJ2XWB'HVW If the "TagIn" operand has signal state "1", the instruction is executed. The value of the tag to which the VARIANT at the "#TagIn_Source" operand points, is read and written to the "TagOut_Dest" operand. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) MOVE_BLK_VARIANT: Move block (Page 2607) Using the VARIANT data type (Page 2078) Basic information on LAD (Page 4634) Memory areas (Page 944) VariantPut: Write VARIANT tag value (S7-1200, S7-1500) Description You can use the "Write VARIANT tag value" instruction to write the value of the tag at the SRC parameter to the memory at the DST parameter to which the VARIANT points. The DST parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the SRC parameter. The data type of the tag at the SRC parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT instruction: Move block" instruction. For additional information, refer to "See also". Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The data types do not correspond. (No value is transferred.) WinCC Advanced V14 System Manual, 10/2016 2633 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Write VARIANT tag value": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output SRC Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types I, Q, M, D, L, P Tag to be read DST Input VARIANT L (A declara Result of the in tion in the struction "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) Enable input You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 9DULDQW3XW (1 7DJ,QB6RXUFH 65& 7DJ,QB'HVW '67 (12 7DJ2XW 6 If the "TagIn" operand returns signal state "1", the instruction is executed. The value of the "TagIn_Source" operand is written to the tag to which the VARIANT at the #TagIn_Dest operand points. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) MOVE_BLK_VARIANT: Move block (Page 2607) Using the VARIANT data type (Page 2078) 2634 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basic information on LAD (Page 4634) Memory areas (Page 944) CountOfElements: Get number of ARRAY elements (S7-1200, S7-1500) Description You use the "Get number of ARRAY elements" instruction to query how many ARRAY elements a tag to which VARIANT points has. If it is a multi-dimensional ARRAY, the number of ARRAY elements is output as the result. (The difference between the high and low limit +1). If it is a multi-dimensional ARRAY, the number of all dimensions is output as the result. Note ARRAY within a data block If you want to query the number of the elements of an ARRAY which is located in a data block, the block attribute "Data block write-protected in the device" must not be activated in this block. Otherwise, the RET_VAL parameter returns the result "0", irrespective of how many elements the ARRAY contains. The result is also "0" if the VARIANT tag is not an ARRAY. If the VARIANT points to an ARRAY of BOOL, the fill elements are included in the count. (For example, 8 is returned for an ARRAY[0..1] of BOOL). Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The VARIANT tag is not an ARRAY. (The result is "0".) Parameters The following table shows the parameters of the "Get number of ARRAY elements" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input VARIANT L (A declaration in Tag to be queried the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output UDINT I, Q, M, D, L Result of the instruction You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2635 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,Q &RXQW2I(OHPHQWV (1 7DJ,QB6RXUFH ,1 7DJ2XW 6 (12 5(7B9$/ 7DJ2XWB5HW9DO If the "TagIn" operand returns signal state "1", the instruction is executed. The number of ARRAY elements of the tag to which the VARIANT at the #TagIn_Source operand points is read and output at the "TagOut_RetVal" operand. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Using the VARIANT data type (Page 2078) Memory areas (Page 944) ARRAY[*] (S7-1200, S7-1500) LOWER_BOUND: Read out low ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. The "Read out ARRAY low limit" instruction is used to read out the variable low limit of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The dimension specified at input DIM does not exist. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. 2636 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Read out ARRAY low limit": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable low limit is to be read. FC => Sections In put and InOut DIM Input UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable low limit is to be read. OUT Output DINT I, Q, M, D, L, P Result Example The following example shows how the instruction works: /2:(5B%281' (QDEOHB6WDUW (1 $55$<B$ $55 ',0 (12 287 (QDEOHB2XW 6 5HVXOW If the "Enable_Start" operand returns signal state "1", the instruction is executed. It reads out the variable low limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Enable_Out" and operand "Result" is set. See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) Basic information on LAD (Page 4634) Memory areas (Page 944) UPPER_BOUND: Read out high ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. WinCC Advanced V14 System Manual, 10/2016 2637 Programming the PLC 11.4 Instructions The instruction "Read out ARRAY high limit" is used to read out the variable high limit of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The dimension specified at input DIM does not exist. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. Parameters The following table shows the parameters of the instruction "Read out ARRAY high limit": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable high limit is to be read. FC => Sections In put and InOut DIM Input UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable high limit is to be read. OUT Output DINT I, Q, M, D, L, P Result Example The following example shows how the instruction works: 833(5B%281' (QDEOHB6WDUW (1 $55$<B$ $55 ',0 (12 287 (QDEOHB2XW 6 5HVXOW If the "Enable_Start" operand returns signal state "1", the instruction is executed. It reads out the variable high limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Enable_Out" and operand "Result" is set. 2638 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) Basic information on LAD (Page 4634) Memory areas (Page 944) Legacy (S7-1500) FieldRead: Read field (S7-1500) Description You can use the "Read field" instruction to read out a specific component from the field specified at input MEMBER and transfer its content to the tag at output VALUE. You specify the index of the field component to be read at input INDEX. Specify the first component of the field from which reading is to occur at input MEMBER. The data types of the field component at parameter MEMBER, the index and the tags at parameter VALUE must correspond to the data type of the instruction "Read field" because implicit conversion is not possible. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The field component specified at input INDEX is not defined in the field specified at output MEMBER. Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Read field": Parameter WinCC Advanced V14 System Manual, 10/2016 Declaration Data type S7-1200 S7-1500 Memory area Description Enable input EN Input BOOL BOOL I, Q, M, D, L ENO Output BOOL BOOL I, Q, M, D, L Enable output INDEX Input DINT DINT I, Q, M, D, L, P, or constant Index of field component whose content is read out 2639 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description First compo nent of the field from which reading occurs. MEMBER Input Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR and WCHAR as compo nents of an AR RAY tag Binary num bers, integers, floating-point numbers, timers, DATE, TOD, LTOD, CHAR and WCHAR as components of an ARRAY tag D, L VALUE Output Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, integers, floating-point numbers, timers, DATE, TOD, LTOD CHAR, WCHAR I, Q, M, D, L, P Operand to which the con tent of the field component is transferred You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: )LHOG5HDG 5($/ (1 DBLQGH[ '%B 0DLQB)LHOG>@ ,1'(; 4 (12 9$/8( DBUHDO 0(0%(5 The following table shows how the instruction works using specific operand values: Parameter Tag Value INDEX a_index 4 MEMBER "DB_1".Main_Field[-10] First component of the "Main_Field[-10..10] of REAL" field in the data block "DB_1" VALUE a_real Component with index 4 of the "Main_Field[-10..10] of REAL" field The field component with index 4 is read from the "Main_Field[-10...10] of REAL" field and written to the "a_real" tag. The field component to be read is specified by the value at input INDEX. 2640 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) FieldWrite: Write field (S7-1500) Description The "Write field" instruction is used to transfer the content of the tag at the VALUE input to a specific component of the field at the MEMBER output. You can use the value at the INDEX input to specify the index of the field component that is described. At the MEMBER output, enter the first component of the field which is to be written to. The data types of the field component at parameter MEMBER, the index and the tags at parameter VALUE must correspond to the data type of the instruction "Read field" because implicit conversion is not possible. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The field component specified at the input INDEX is not defined in the field specified at the output MEMBER. Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Write field": Parameter WinCC Advanced V14 System Manual, 10/2016 Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output INDEX Input DINT DINT I, Q, M, D, L, P, or constant Index of the field compo nent that is be ing written with the content of VALUE. 2641 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description VALUE Input Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, integers, floating-point numbers, timers, DATE, TOD, LTOD, CHAR, WCHAR I, Q, M, D, L, P, or constant Operand whose content is copied. MEMBER Output Binary num bers, integers, floating-point numbers, timers, DATE, TOD, CHAR and WCHAR as compo nents of an AR RAY tag Binary num bers, integers, floating-point numbers, timers, DATE, TOD, LTOD, CHAR and WCHAR as components of an ARRAY tag D, L First compo nent of the field to which the content of VAL UE is written. You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: )LHOG:ULWH 5($/ (1 DBLQGH[ ,1'(; DBUHDO 9$/8( 4 (12 0(0%(5 '%B 0DLQB)LHOG>@ The following table shows how the instruction works using specific operand values: Parameter Operand Value INDEX a_index 4 VALUE a_real 10.54 MEMBER "DB_1".Main_Field[-10] First component of the "Main_Field[-10..10] of REAL" field in the data block "DB_1" The value "10.54" of the "a_real" tag is written to the field component with index 4 of the "Main_Field[-10..10] of REAL" field. The index of the field component to which the content of the tag "a_real" is transferred is specified by the value at the input INDEX. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2642 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) BLKMOV: Move block (S7-1500) Description You can use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". The following figure shows the principle of the move operation: '%'%: $ % '%'%: & ' '%'%: ( ) '%'%: * + 0RYH 7KHPRYHWDNHVSODFHLQ WKHGLUHFWLRQRIDVFHQGLQJ DGGUHVVHV 0: $ % 0: & ' 0: ( ) 0: * + 0HPRU\DUHD WinCC Advanced V14 System Manual, 10/2016 2643 Programming the PLC 11.4 Instructions Consistency of source and destination data Make sure that the source data remain unchanged during the execution of the "Move block" instruction. Otherwise, consistency of the destination data cannot be guaranteed. Interruptibility There is no limit to the nesting depth. Memory areas You can use the "Move block" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap. If the source and destination areas have different lengths, only the length of the smaller area will be moved. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. Rules for moving character strings You can use the "Move block" instruction to also move source and destination areas of the STRING data type. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length is also written to the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If you want to move the information on the maximum and actual length of a character string, specify the areas in bytes in the SRCBLK and DSTBLK parameters. Parameters The following table shows the parameters of the "Move block" instruction: 2644 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the SRCBLK parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the DSTBLK parameter. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: %/.029 7DJ,Q 30%<7( 9DULDQW (1 65&%/. (12 5(7B9$/ '67%/. 7DJ2XW 7DJB5HW9DO 3'%'%;%<7( If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. WinCC Advanced V14 System Manual, 10/2016 2645 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) UBLKMOV: Move block uninterruptible (S7-1500) Description You can use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. The move operation cannot be interrupted by other operating system activities. As a result, the interrupt reaction time of the CPU can increase during the execution of the "Move block uninterruptible" instruction. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". Memory areas You can use the "Move block uninterruptible" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap during the execution of the "Move block uninterruptible" instruction. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. 2646 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. If a destination or source area defined as a formal parameter is less than a destination or source area specified in the SRCBLK or DSTBLK parameter, no data is transferred. If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. You can use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Rules for moving character strings You can use the "Move block uninterruptible" instruction to also move source and destination areas of the STRING data type. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length are not written in the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If areas of the STRING data type are moved, specify "1" as area length. Parameters The following table shows the parameters of the "Move block uninterruptible" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: WinCC Advanced V14 System Manual, 10/2016 Error code* (W#16#...) Explanation 0000 No error 8091 The source or destination area is located in the load memory only. 2647 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not suppor ted at the SRCBLK parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not suppor ted at the DSTBLK parameter. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 8%/.029 7DJ,Q 30%<7( 9DULDQW (1 65&%/. 7DJ2XW (12 5(7B9$/ '67%/. 7DJB5HW9DO 3'%'%;%<7( If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) FILL: Fill block (S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the content of another memory area (source area). The "Fill block" instruction moves the content of the source area to the destination area until the destination area is completely written. The move operation takes place in the direction of ascending addresses. 2648 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You use VARIANT to define the source and destination areas. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". For blocks with the "Optimized block access" attribute, you can use the "FILL_BLK instruction. Fill block" instruction. The following figure shows the principle of the move operation: ),// %9$/ $ % 0: $ % 0: & ' 0: & ' 0: ( ) 0: ( ) 0: * + 0: * + 0: $ % 0: & ' 0: ( ) 0: * + 0: $ % 0: & ' 0: %/. Example: The contents of the range MW100 to MW118 are to be preassigned with the contents of the memory words MW14 to MW20. Consistency of source and destination data Note that while the instruction "Fill block" is being executed, the source data remains unchanged; otherwise the consistency of the destination data cannot be guaranteed. Memory areas You can use the "Fill block" instruction to move the following memory areas: Areas of a data block Bit memory WinCC Advanced V14 System Manual, 10/2016 2649 Programming the PLC 11.4 Instructions Process image input Process image output General rules for moving The source and destination areas must not overlap. If the destination area to be preset is not an integer multiple of the length of the input parameter BVAL, the destination area is nevertheless written up to the last byte. If the destination area to be preset is smaller than the source area, the function only copies as much data as can be written to the destination area. If the destination or source area actually present is smaller than the assigned memory area for the source or destination area (BVAL, BLK parameters), no data is transferred. If the ANY pointer (source or destination) is of the data type BOOL, it must be addressed absolutely and the length specified must be divisible by 8; otherwise the instruction is not executed. If the destination area is STRING data type, the instruction writes the entire string including the administration information. Rules for moving structures When you transfer a structure as an input parameter you must bear in mind that the length of a structure is always oriented to an even number of bytes. The structure will need one byte of additional memory space if you declare a structure with an odd number of bytes. Parameters The following table shows the parameters of the "Fill block" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output BVAL Input VARIANT I, Q, M, D, L, P Specification of the memory area (source area), the con tent of which is used to fill the destination area at the BLK parameter. RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. BLK Output 1) VARIANT I, Q, M, D, L, P Specification of the memory area that will be filled with the content of the source area. 1) The BLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. 2650 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BVAL parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BLK parameter. General er See also: "GET_ERR_ID: Get error ID locally" ror informa tion *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: ),// 7DJ,Q 30:25' 9DULDQW (1 %9$/ 7DJ2XW (12 5(7B9$/ %/. 7DJB5HW9DO 30:25' If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies the source area from MW14 to MW20 and fills the destination area from MW100 to MW118 with the content of the 4 words contained in the memory area in the BVAL parameter. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) WinCC Advanced V14 System Manual, 10/2016 2651 Programming the PLC 11.4 Instructions Conversion operations (S7-1200, S7-1500) CONVERT: Convert value (S7-1200, S7-1500) Description The "Convert value" instruction reads the content of the IN parameter and converts it according to the data types selected in the instruction box. The converted value is output at the OUT output. For information on possible conversions, refer to the "Explicit conversion" section at "See also". The enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors, such as an overflow, occur during execution. Conversion options for bit strings BYTE and WORD bit strings cannot be selected in the instruction box. However, it is possible to specify an operand of data type DWORD or LWORD at a parameter of the instruction if the lengths of the input and output operands match. The operand is then interpreted by the data type of a bit string according to the data type of the input or output parameter and is implicitly converted. The data type DWORD is for example interpreted as DINT/UDINT and LWORD as LINT/ULINT. These conversion options are also available to you when "IEC check" is enabled. Note For CPUs of the S7-1500 series: The data types DWORD and LWORD can only be converted to or from data type REAL or LREAL. During the conversion, the bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. If no errors occur during the conversion, the signal state of enable output ENO = 1; if an error occurs during processing, the signal state of the enable output ENO = 0. Parameters The following table shows the parameters of the "Convert value" instruction: 2652 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type IN Input Bit strings, inte I, Q, M, D, L, P or gers, floating-point constant numbers, CHAR, WCHAR, BCD16, BCD32 Memory area Value to be converted. Description OUT Output Bit strings, inte I, Q, M, D, L, P gers, floating-point numbers, CHAR, WCHAR, BCD16, BCD32 Result of the conversion You can select the data types of the instruction from the "???" drop-down lists of the instruction box. Examples The following example shows the conversion of an integer (16 bit) to another integer (32 bit): &219 7DJ,Q ,QSXWB,17 ,17 WR ',17 (1 (12 ,1 287 7DJ2XW 2XWSXWB',17 The following example shows the conversion of a byte (8 bit) to the integer SINT (8 bit): &219 7DJ,Q ,QSXWB%<7( 6,17 WR 6,17 (1 (12 ,1 287 7DJ2XW 2XWSXWB6,17 The following example shows the conversion of a byte (8 bit) to the unsigned integer USINT (8 bit): &219 7DJ,Q ,QSXWB%<7( 86,17 WR 86,17 (1 (12 ,1 287 7DJ2XW 2XWSXWB86,17 The conversions are possible, because the length of the two operands is the same. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2653 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) Basic information on LAD (Page 4634) Memory areas (Page 944) ROUND: Round numerical value (S7-1200, S7-1500) Description You can use the "Round numerical value" instruction to round the value at input IN to the nearest integer. The instruction interprets the value at input IN as a floating-point number and converts this to an integer of data type DINT. If the input value is exactly between an even and odd number, the even number is selected. The result of the instruction is sent to the OUT output and can be queried there. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the "Round numerical value" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value to be rounded. OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Result of rounding You can select the data type for the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 5281' 7DJ,Q 7DJ,QB9DOXH 2654 5($/ WR ',17 (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN TagIn_Value 1.50000000 -1.50000000 OUT TagOut_Value 2 -2 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at input "TagIn_Value" is rounded to the nearest even integer and sent to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) CEIL: Generate next higher integer from floating-point number (S7-1200, S7-1500) Description You can use the "Generate next higher integer from floating-point number" instruction to round the value at input IN to the next higher integer. The instruction interprets the value at the IN input as a floating-point number and converts this number to the next higher integer. The result of the instruction is sent to the OUT output and can be queried there. The output value can be greater than or equal to the input value. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the "Generate next higher integer from floatingpoint number" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Result with next higher inte ger You can select the data type for the instruction from the "???" drop-down list of the instruction box. WinCC Advanced V14 System Manual, 10/2016 2655 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &(,/ 7DJ,Q 7DJ,QB9DOXH 5($/ WR ',17 (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameter Operand Value IN TagIn_Value 0.50000000 -0.50000000 OUT TagOut_Value 1 0 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at the "TagIn_Value" input is rounded to the next higher integer and sent to the "TagOut_Value" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) FLOOR: Generate next lower integer from floating-point number (S7-1200, S7-1500) Description You can use the "Generate next lower integer from floating-point number" instruction to round the value at input IN to the next lower integer. The instruction interprets the value at input IN as a floating-point number and converts this to the next lower integer. The result of the instruction is sent to the OUT output and can be queried there. The output value can be less than or equal to the input value. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors, such as an overflow, occur during execution. 2656 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Generate next lower integer from floatingpoint number" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P, or constant Input value OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P Result with next lower integer You can select the data type for the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: )/225 7DJ,Q 7DJ,QB9DOXH 5($/ WR ',17 (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameter Operand Value IN TagIn_Value 0.50000000 -0.50000000 OUT TagOut_Value 0 -1 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at input "TagIn_Value" is rounded to the next lower integer and sent to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2657 Programming the PLC 11.4 Instructions TRUNC: Truncate numerical value (S7-1200, S7-1500) Description You can use the "Truncate numerical value" instruction to form an integer from the value at the IN input. The value at the IN input is interpreted as a floating-point number. The instruction selects only the integer part of the floating-point number and sends this to the OUT output without decimal places. Enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the "Truncate numerical value" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L or con Input value stant OUT Output Integers, floatingpoint numbers I, Q, M, D, L Integer part of the input value You can select the data type for the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7581& 7DJ,Q 7DJ,QB9DOXH 2658 5($/ WR ',17 (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN TagIn_Value 1.50000000 -1.50000000 OUT TagOut_Value 1 -1 If the "TagIn" operand has signal state "1", the instruction is executed. The integer part of the floating-point number at the "TagIn_Value" input is converted to an integer and sent to the "TagOut_Value" output. If the instruction is executed without errors, the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SCALE_X: Scale (S7-1200, S7-1500) Description You can use the "Scale" instruction to scale the value at the VALUE input by mapping it to a specified value range. When the "Scale" instruction is executed, the floating-point value at the VALUE input is scaled to the value range that was defined by the MIN and MAX parameters. The result of the scaling is an integer, which is stored in the OUT output. The following figure shows an example of how values can be scaled: 0$; 287 0,1 9$/8( WinCC Advanced V14 System Manual, 10/2016 2659 Programming the PLC 11.4 Instructions The "Scale" instruction works with the following equation: OUT = [VALUE (MAX - MIN)] + MIN Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the MIN input is greater than or equal to the value at the MAX input. The value of a specified floating-point number is outside the range of the normalized numbers according to IEEE-754. An overflow occurs. The value at the VALUE input is NaN (Not a Number = result of an invalid arithmetic operation). Note For more information on the converting of analog values, refer to the respective manual. Parameters The following table shows the parameters of the "Scale" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output MIN Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VALUE Input Floating-point numbers I, Q, M, D, L or con Value to be scaled. stant If you enter a constant, you must declare it. MAX Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant OUT Output Integers, floatingpoint numbers I, Q, M, D, L Result of scaling You can select the data types of the instruction from the "???" drop-down lists of the instruction box. You can find additional information on valid data types under "See also". For additional information on declaring constants, refer to "See also". 2660 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6&$/(B; 7DJ,Q 7DJB0,1 5($/ WR ',17 (1 (12 0,1 287 7DJB9DOXH 9$/8( 7DJB0$; 0$; 7DJ2XW 6 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameter Operand Value MIN Tag_MIN 10 VALUE Tag_Value 0.5 MAX Tag_MAX 30 OUT Tag_Result 20 If the "TagIn" operand has signal state "1", the instruction is executed. The value at the "Tag_Value" input is scaled to the range of values defined by the values at the "Tag_MIN" and "Tag_MAX" inputs. The result is stored in the "Tag_Result" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) NORM_X: Normalize (S7-1200, S7-1500) Description You can use the instruction "Normalize" to normalize the value of the tag at the VALUE input by mapping it to a linear scale. You can use the MIN and MAX parameters to define the limits of a value range that is applied to the scale. The result at the OUT output is calculated and stored as a floating-point number depending on the location of the value to be normalized within this value range. If the value to be normalized is equal to the value at the MIN input, the OUT output has the value "0.0". If the value to be normalized is equal to the value at input MAX, output OUT returns the value "1.0". The following figure shows an example of how values can be normalized: WinCC Advanced V14 System Manual, 10/2016 2661 Programming the PLC 11.4 Instructions 287 0,1 0$; 9$/8( The "Normalize" instruction works with the following equation: OUT = (VALUE - MIN) / (MAX - MIN) Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The value at the MIN input is greater than or equal to the value at the MAX input. The value of a specified floating-point number is outside the range of the normalized numbers according to IEEE-754. The value at the VALUE input is NaN (result of an invalid arithmetic operation). Note For more information on the converting of analog values, refer to the respective manual. Parameters The following table shows the parameters of the "Normalize" instruction: 2662 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output MIN 1) Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VALUE 1) Input Integers, floatingpoint numbers I, Q, M, D, L or con Value to be normalized. stant MAX 1) Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description OUT Output Floating-point numbers I, Q, M, D, L Result of the normalization 1) If you use constants in these three parameters, you only need to declare one of them. You can select the data types of the instruction from the "???" drop-down lists of the instruction box. You can find additional information on valid data types under "See also". For additional information on declaring constants, refer to "See also". Example The following example shows how the instruction works: 1250B; 7DJ,Q 7DJB0,1 ',17 WR 5($/ (1 (12 0,1 287 7DJB9DOXH 9$/8( 7DJB0$; 0$; 7DJ2XW 6 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameter Operand Value MIN Tag_MIN 10 VALUE Tag_Value 20 MAX Tag_MAX 30 OUT Tag_Result 0.5 If the "TagIn" operand has signal state "1", the instruction is executed. The value at the "Tag_Value" input is mapped to the range of values that were defined by the values at the "Tag_MIN" and "Tag_MAX" inputs. The tag value at the "Tag_Value" input is normalized to the defined value range. The result is stored as a floating-point number in the "Tag_Result" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2663 Programming the PLC 11.4 Instructions Legacy (S7-1500) SCALE: Scale (S7-1500) Description Use the "Scale" instruction to convert the integer at the IN parameter into a floating-point number, which can be scaled in physical units between a low limit value and a high limit value. You can use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is scaled. The result of the instruction is output on the OUT parameter. The "Scale" instruction works with the following equation: OUT = [((FLOAT (IN) - K1)/(K2-K1)) (HI_LIM-LO_LIM)] + LO_LIM The values of the constants "K1" and "K2" are determined by the signal state on the BIPOLAR parameter. The following signal states are possible on the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case the "K1" constant has the value "-27648.0" and the "K2" constant the value "+27648.0". Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case the "K1" constant has the value "0,0" and the "K2" constant the value "+27648.0". When the value at the IN parameter is greater than the value of the constant "K2", the result of the instruction is set to the value of the high limit (HI_LIM) and an error is output. When the value at the IN parameter is less than the value of the constant "K1", the result of the instruction is set to the value of the low limit value (LO_LIM) and an error is output. When the indicated low limit value is greater than the high limit value (LO_LIM > HI_LIM), the result is scaled in reverse proportion to the input value. Parameter The following table shows the parameters of the "Scale" instruction: 2664 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input INT I, Q, M, D, L, P, or constant Input value to be scaled. HI_LIM Input REAL I, Q, M, D, L, P, or constant High limit LO_LIM Input REAL I, Q, M, D, L, P, or constant Low limit WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area BIPOLAR Input BOOL I, Q, M, D, L or con Indicates if the val stant ue at IN parameter is to be interpreted as bipolar or unipo lar. The parameter can assume the following values: Description 1: Bipolar 0: Unipolar OUT Output REAL I, Q, M, D, L, P Result of the in struction RET_VAL Output WORD I, Q, M, D, L, P Error information Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 0008 The value of the IN parameter is greater than the value of the constant "K2" or less than the value of the constant "K1" General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 6&$/( 7DJ,Q 7DJB,QSXW9DOXH (1 ,1 7DJB+LJK/LPLW +,B/,0 7DJB/RZ/LPLW /2B/,0 7DJB%LSRODU 7DJ2XW (12 5(7B9$/ 287 7DJB2XWSXW9DOXH 7DJB(UURU&RGH %,32/$5 The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Parameter Operand Value IN Tag_InputValue 22 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 2665 Programming the PLC 11.4 Instructions Parameter Operand Value BIPOLAR Tag_Bipolar 1 OUT Tag_OutputValue 50.03978588 RET_VAL Tag_ErrorCode W#16#0000 For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) UNSCALE: Unscale (S7-1500) Description You use the "Unscale" instruction to unscale the floating-point number in the IN parameter into physical units between a low limit and a high limit and convert it into an integer. You use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is unscaled. The result of the instruction is output at the OUT parameter. The "Unscale" instruction works with the following equation: OUT = [ ((IN-LO_LIM)/(HI_LIM-LO_LIM)) (K2-K1) ] + K1 The values of the "K1" and "K2" constants are determined by the signal state at the BIPOLAR parameter. The following signal states are possible at the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case the "K1" constant has the value "-27648.0" and the "K2" constant the value "+27648.0". Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case the "K1" constant has the value "0.0" and the "K2" constant the value "+27648.0". When the value at parameter IN is not within the limits defined by HI_LIM and LO_LIM, an error is output. When the indicated low limit value is greater than the high limit value (LO_LIM > HI_LIM), the result is scaled inversely proportionate to the input value. Parameter The following table shows the parameters of the "Unscale" instruction: 2666 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Input BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description IN Input REAL I, Q, M, D, L, P or constant Input value to be unscaled to an in teger value. HI_LIM Input REAL I, Q, M, D, L, P or constant High limit LO_LIM Input REAL I, Q, M, D, L, P or constant Low limit BIPOLAR Input BOOL I, Q, M, D, L or con Indicates whether stant the value at the IN parameter is to be interpreted as bi polar or unipolar. The parameter can assume the following values: 1: Bipolar 0: Unipolar OUT Output INT I, Q, M, D, L, P Result of the in struction RET_VAL Output WORD I, Q, M, D, L, P Error information RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 0008 The value of the IN parameter is greater than the value of the high limit (HI_LIM) or less than the value of the low limit (LO_LIM). General error information See also: "GET_ERR_ID: Get error ID locally" * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats here: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 2667 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 816&$/( 7DJ,Q 7DJB,QSXW9DOXH (1 ,1 7DJB+LJK/LPLW +,B/,0 7DJB/RZ/LPLW /2B/,0 7DJB%LSRODU 7DJ2XW (12 5(7B9$/ 287 7DJB(UURU&RGH 7DJB2XWSXW9DOXH %,32/$5 The following table shows how the instruction works using specific operand values: Parameter Operand Value IN Tag_InputValue 50.03978588 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 BIPOLAR Tag_Bipolar 1 OUT Tag_OutputValue 22 RET_VAL Tag_ErrorCode W#16#0000 For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) Program control operations (S7-1200, S7-1500) ---( JMP ): Jump if RLO = 1 (S7-1200, S7-1500) Description You can use the "Jump if RLO = 1" instruction to interrupt the linear execution of the program and resume it in another network. The destination network must be identified by a jump label (LABEL). The name of this jump label is specified in the placeholder above the instruction. The specified jump label must be in the same block in which the instruction is executed. The name you specify can only occur once in the block. Only one jumping coil is permitted within a network. 2668 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the result of logic operation (RLO) at the input of the instruction is "1", the jump to the network identified by the specified jump label is executed. The jump direction can be towards higher or lower network numbers. If the condition at the input of the instruction is not fulfilled (RLO = 0), execution of the program continues in the next network. Example The following example shows how the instruction works: 1HWZRUN 7DJ,QB &$6 -03 7DJ,QB 7DJ2XWB 5 1HWZRUN 1HWZRUN &$6 7DJ,QB 7DJ2XWB 5 If operand "TagIn_1" has the signal state "1", the "Jump if RLO = 1" instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If the "TagIn_3" input has signal state "1", the "TagOut_3" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ---( JMPN ): Jump if RLO = 0 (S7-1200, S7-1500) Description You can use the instruction "Jump if RLO = 0" to interrupt the linear execution of the program and resume it in another network, when the result of logic operation at the input of the instruction is "0". The destination network must be identified by a jump label (LABEL). The name of this jump label is specified in the placeholder above the instruction. WinCC Advanced V14 System Manual, 10/2016 2669 Programming the PLC 11.4 Instructions The specified jump label must be in the same block in which the instruction is executed. The name you specify can only occur once in the block. Only one jumping coil is permitted within a network. If the result of logic operation (RLO) at the input of the instruction is "0", the jump to the network identified by the specified jump label is executed. The jump direction can be towards higher or lower network numbers. If the result of logic operation at the input of the instruction is "1", execution of the program continues in the next network. Example The following example shows how the instruction works: 1HWZRUN 7DJ,QB &$6 -031 7DJ,QB 7DJ2XWB 5 1HWZRUN 1HWZRUN &$6 7DJ,QB 7DJ2XWB 5 If operand "TagIn_1" has the signal state "0", the "Jump if RLO = 0" instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If the "TagIn_3" input has signal state "1", the "TagOut_3" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) LABEL: Jump label (S7-1200, S7-1500) Description You can use a jump label to identify a destination network, in which the program execution should resume when a jump is executed. 2670 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The jump label and the instruction in which the jump label is specified must be located in the same block. The name of a jump label can only be assigned once in a block. You can declare up to 32 jump labels when you use a CPU S7-1200 and a maximum of 256 jump labels when you use a CPU S7-1500. Only one jump label can be placed in a network. Each jump label can jump to several locations. Adhere to the following grammatical rules for jump labels: Letters (a to z, A to Z) A combination of letters and numbers. Note the order, i.e. first the letters and then the letters (a - z, A - Z, 0 - 9). Special characters or a combination of letters and numbers in reverse order, i.e. first the numbers and then the letters (0 - 9, a - z, A - Z) must not be used. Example The following example shows how the instruction works: 1HWZRUN 7DJ,QB &$6 -03 7DJ,QB 7DJ2XWB 5 1HWZRUN 1HWZRUN &$6 7DJ,QB 7DJ2XWB 5 If operand "TagIn_1" has the signal state "1", the "Jump if RLO = 1" instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If the "TagIn_3" input has signal state "1", the "TagOut_3" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2671 Programming the PLC 11.4 Instructions JMP_LIST: Define jump list (S7-1200, S7-1500) Description You can use the "Define jump list" instruction to define several conditional jumps and continue the program execution in a specific network depending on the value of the K parameter. You define the jumps with jump labels (LABEL), which you specify at the outputs of the instruction box. The number of outputs can be expanded in the instruction box. You can declare up to 32 outputs when you use a CPU S7-1200 and a maximum of 256 outputs when you use a CPU S7-1500. The numbering of the outputs begins with the value "0" and is continued in ascending order with each new output. Only jump labels can be specified at the outputs of the instruction. Instructions or operands cannot be specified. The value of the K parameter specifies the number of the output and thus the jump label where the program execution is to be resumed. If the value in the K parameter is greater than the number of available outputs, the program execution is resumed in the next network of the block. The "Define jump list" instruction is only executed if the signal state is "1" at the EN enable input. Parameters The following table shows the parameters of the "Define jump list" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input K Input UINT I, Q, M, D, L or con Specifies the number of the stant output and thus the jump that is to be made. DEST0 - - - First jump label DEST1 - - - Second jump label DESTn - - - Optional jump labels For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJB,QSXW 7DJB9DOXH 2672 -03B/,67 (1 . '(67 /$%(/ '(67 /$%(/ '(67 /$%(/ WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand/jump label Value K Tag_Value 1 Dest0 LABEL0 Jump to the network that is iden tified with the jump label "LA BEL0". Dest1 LABEL1 Jump to the network that is iden tified with the jump label "LA BEL1". Dest2 LABEL2 Jump to the network that is iden tified with the jump label "LA BEL2". If operand "Tag_Input" has the signal state "1", the "Define jump list" instruction is executed. The execution of the program is continued according to the value of the operand "Tag_Value" in the network that is identified with the jump label "LABEL1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SWITCH: Jump distributor (S7-1200, S7-1500) Description You can use the "Jump distributor" instruction to define multiple program jumps to be executed depending on the result of one or more comparison instructions. You specify the value to be compared in the K parameter. This value is compared with the values that are provided by the various inputs. You can select the comparison method for each individual input. The availability of the various comparison instructions depends on the data type of the instruction. The following table shows the comparison instructions that are available depending on the selected data type: Data type WinCC Advanced V14 System Manual, 10/2016 S7-1200 S7-1500 Bit strings Bit strings Instruction Syntax Equal == Not equal <> 2673 Programming the PLC 11.4 Instructions Data type S7-1200 Instruction Syntax Equal == S7-1500 Integers, floating- Integers, floatingpoint numbers, point numbers, TIME, DATE, TOD TIME, LTIME, DATE, TOD, LTOD, LDT Not equal <> Greater or equal >= Less or equal <= Greater than > Less than < You can select the data type of the instruction from the "???" drop-down list of the instruction box. If you select a comparison instruction and the data type of the instruction is not yet defined, then the "???" drop-down list will only list those data types that are permitted for the selected comparison instruction. Execution of the instruction begins with the first comparison and runs until a comparison condition is met. If a comparison condition is met, the subsequent comparison conditions are not considered. If none of the specified comparison conditions are fulfilled, the jump is executed at output ELSE. If no program jump is defined at the ELSE output, execution of the program continues in the next network. The number of outputs can be expanded in the instruction box. The numbering of the outputs begins with the value "0" and is continued in ascending order with each new output. Specify jump labels (LABEL) at the outputs of the instruction. Instructions or operands cannot be specified at the outputs of the instruction. An input is automatically inserted to each additional output. The jump programmed at an output is executed if the comparison condition of the corresponding input is fulfilled. Parameters The following table shows the parameters of the instruction "Jump distributor": Parameters 2674 Declaration S7-1200 Data type S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input K Input UINT UINT I, Q, M, D, L or con stant Specifies the value to be compared. <Compari son values> Input Bit strings, in tegers, float ing-point num bers, TIME, DATE, TOD Bit strings, in I, Q, M, D, tegers, float L or con ing-point num stant bers, TIME, LTIME, DATE, TOD, LTOD, LDT Input values with which the value of the parame ter K is compared. DEST0 - - - - First jump label DEST1 - - - - Second jump label WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters DEST(n) Declaration - S7-1500 Memory area Description S7-1200 Data type - - - Optional jump labels: S7-1200: n = 2 to 32 S7-1500: n = 2 to 256 ELSE - - - - Program jump which is executed if none of the comparison conditions are fulfilled. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 6:,7&+ 8,17 7DJB,QSXW (1 7DJB9DOXH . 7DJB9DOXHB '(67 /$%(/ 7DJB9DOXHB ! '(67 /$%(/ 7DJB9DOXHB '(67 /$%(/ (/6( /$%(/ The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Parameters Operand/jump label Value K Tag_Value 23 == Tag_Value_1 20 > Tag_Value_2 21 < Tag_Value_3 19 DEST0 LABEL0 Jump to jump label "LABEL0", if the value of parameter K is equal to 20. DEST1 LABEL1 Jump to jump label "LABEL1", if the value of parameter K is great er than 21. DEST2 LABEL2 Jump to jump label "LABEL2", if the value of parameter K is less than 19. ELSE LABEL3 Jump to jump label "LABEL3", if the none of the comparison con ditions are fulfilled. 2675 Programming the PLC 11.4 Instructions If the operand "Tag_Input" changes to signal state "1", the instruction "Jump distributor" is executed. The execution of the program is continued in the network that is identified with the jump label "LABEL1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) --(RET): Return (S7-1200, S7-1500) Description You can use the "Return" instruction to stop the execution of a program block conditionally or absolutely. The signal state of the return value (operand) is mapped in the enable output ENO of the calling program block when the program block is exited. There are three ways that the execution of a program block can be ended: Termination of the program block Description Without a call of the instruc The program block is exited after the execution of the last network. The tion enable output ENO of the calling program block is set to signal state "1". Call of the instruction with preceding logic operation (see example) If the preceding logic operation is fulfilled, the program execution in the currently called program block is ended and the program block is exited. (Conditional program block end) The program execution is continued in the calling program block (e.g. an OB) after the program block call. The enable output ENO of the calling program block corresponds to the oper and. Call of the instruction with The program block is exited unconditionally. (Absolute program block out preceding logic or the end) The enable output ENO of the calling program block corresponds to instruction is directly con the operand. nected to the left power rail. If an organization block (OB) is ended, another program block is selected by the execution level system and started or further executed. If the OB program cycle is ended, it is restarted. If an OB is ended that has interrupted another program block (e.g. an interrupt OB), then the interrupted program block (e.g. program cycle OB) is further executed. 2676 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note RET instruction in relation with JMP and JMPN If a network already contains the "JMP: Jump if RLO = 1" or "JMPN: Jump if RLO = 0 instruction, the RET: Return" instruction must not be used. Only one jumping coil may be used in a network Possible settings of the return value (operand) The return value of the instruction can assume the following values: Ret (RLO, corresponds to the result of logic operation RLO. The signal state "1" is supplied to the enable output ENO of the calling program block because the RET instruction is only then executed as a conditional instruction when the condition is TRUE.) Ret True or Ret False (the respective value of the constant, TRUE or FALSE, is supplied to the calling program block.) Ret Value (the value of the Boolean tag <Operand> is supplied to the calling program block.) To set the return value of the instruction, click the small yellow triangle of the instruction and select the desired value in the drop-down list. The following table shows the status of the calling program block when the instruction is programmed in a network within the called program block: RLO Return value ENO of the calling program block 1 RLO 1 TRUE 1 FALSE 0 <Operand> <Operand> Boolean tag with possible memo ry areas I, Q, M, D, L, T, and C 0 RLO TRUE The program execution is continued in the next network of the called program block. FALSE <Operand> Example The following example shows how the instruction works: 7DJ,Q )$/6( 5(7 If the "TagIn" operand has signal state "1", the instruction is executed. Program execution is ended in the called program block and continues in the calling program block. The enable output ENO of the calling program block is reset to signal state "0". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2677 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Runtime control (S7-1200, S7-1500) ENDIS_PW: Limit and enable password legitimation (S7-1200, S7-1500) Description You use the "Limit and enable password legitimation" instruction to specify whether configured passwords may be legitimated or not for the CPU. You can prevent legitimated connections, even when the correct password is known. When you call the command and the REQ parameter has the signal state "0", only the currently set state is displayed at the output parameters. If changes are made to the input parameters, these changes are not transferred to the output parameters. When the instruction is called and the REQ parameter has the signal state "1", the signal state is taken from the input parameters (F_PWD, FULL_PWD, R_PWD, HMI_PWD). If signal state "0" is present, authorization via password is not allowed. If signal state "1" is present, the password can be used. Disable or enabling of the passwords can be allowed or prohibited individually. For example, all passwords can be prohibited, except the fail-safe password. You can thus limit access options to a small user group. The output parameters (F_PWD_ON, FULL_PWD_ON, R_PWD_ON, HMI_PWD_ON) always show the current status of the password use, regardless of the REQ parameter. Non-configured passwords must have the TRUE signal state at the input and return the TRUE signal state at the output. The fail-safe password can only be configured for an F-CPU and, therefore, must always be interconnected with theTRUE signal state in a standard CPU. If the instruction return an error, the call remains without effect, i.e. the previous lock remains in force. Disabled passwords can be enabled again under the following conditions: The CPU is reset to its factory settings. The front panel of the S7-1500 CPU supports a dialog that allows you to navigate to the appropriate menu in which the passwords can be enabled again. When you call the "Limit and enable password legitimation" instruction, the input parameter of the desired password has the signal state "1". Set the operating mode switch to STOP. The restriction to password legitimation is reestablished as soon as the switch is set back to RUN. Inserting an empty memory card (transfer card or program card) into S7-1200 CPU. The transition from POWER OFF to POWER ON disables the protection in the S7-1200 CPU. The "Limit and enable password legitimation" instruction must be called again in the program (e.g. in the startup OB). 2678 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note The "Limit and enable password legitimation" instruction blocks access to the HMI system, if the HMI password has not been enabled. Note Existing legitimized connections retain their access rights and you cannot use the "Limit and enable password legitimation" instruction to restrict them. Preventing accidental lockout out with an S7-1500 CPU The same setting can be made on the front panel of the S7-1500 CPU and the CPU saves the most recent setting. To prevent accidental lockout, the protection can be disabled by setting the mode selector to STOP with an S7-1500 CPU. The protection is automatically enabled again by setting mode selector to RUN without having to call the "Limit and enable password legitimation" instruction again or taking additional actions on the front panel. Preventing accidental lockout with an S7-1200 CPU The protection for POWER OFF - POWER ON is disabled because a S7-1200 CPU has no operating mode switch. As a result it is possible and advisable to use certain program sequences within your program to prevent an accidental lockout. To do this, program a time control using either a cyclic interrupt OB or a timer in the main OB (OB 1). This provides you with the option to call the "Limit and enable password legitimation" instruction again without delay in the corresponding OB (e.g. OB 1 or OB 35) after a transition from POWER OFF - POWER ON. Call the instruction in the startup OB (OB 100) in order to keep as short as possible the time window in which the application is not active and thus ensure that no restrictions exist in the password legitimation. This procedure offers you the largest possible protection against unauthorized access. If an unintended lockout occurs you can skip the call in the startup OB (for example, by querying an input parameter) and have the set time (for example 10 seconds to 1 minute), to establish a connection to the CPU before the lock becomes active again. If you have set no timer in your program code and are locked out, insert an empty transfer card or empty program card into the CPU. The empty transfer card or program card deletes the internal load memory of the CPU. You must then load the user program again from STEP 7 in the CPU. WinCC Advanced V14 System Manual, 10/2016 2679 Programming the PLC 11.4 Instructions Procedure for lost passwords with an S7-1200 CPU If you have lost the password for a password-protected S7-1200 CPU, delete the passwordprotected program with an empty transfer card or program card. The empty transfer card or program card deletes the internal load memory of the CPU. You can then load a new user program from STEP 7 Basic in the CPU. WARNING Inserting empty transfer card When you insert a transfer card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. After you remove the transfer card the content of the transfer card is in the internal load memory. Make sure at this point that the card contains no program. WARNING Inserting empty program card When you insert a program card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. Make sure that the program card is empty. The internal load memory is copied to the empty program card. The internal load memory is empty after the removal of the formerly empty program card. You must remove the transfer card or program card before you put the CPU into RUN mode. 2680 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Effects of password use on the operating modes The following table shows what effects the password use by means of the "Limit and enable password legitimation" instruction has on the operating modes and the corresponding user actions. Action Password protection by means of the instruc tion Basic state after Not activated Operating mode switch to STOP (no restrictions) Reset memory manually (PG, switch, change of MC (Motion Control)) Reset to factory setting Basic state after POWER ON S7-1200-CPU: the lock is disabled and the instruction must be called again in the program (in the startup OB, for example). S7-1500 CPU: Enabled (if a lock was activated before POWER OFF). The option of not allowing passwords is retentive. Operating mode transition RUN/STARTUP/HOLD -> Activated STOP (by terminating the instruction, an error or com Passwords still cannot be used. munication) or STOP -> STARTUP/RUN/HOLD Parameters The following table shows the parameters of the "Limit and enable password legitimation" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con When the REQ parameter stant has the signal state "0", the currently set signal state of the passwords is queried. F_PWD Input BOOL I, Q, M, D, L or con Read/write access including stant fail-safe F_PWD = "0": Do not allow password F_PWD = "1": Allow password FULL_PWD Input BOOL I, Q, M, D, L or con Read/write access stant FULL_PWD = "0": Do not allow password FULL_PWD = "1": Allow password WinCC Advanced V14 System Manual, 10/2016 2681 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area R_PWD Input BOOL I, Q, M, D, L or con Read access stant R_PWD = "0": Do not allow password Description R_PWD = "1": Allow password HMI_PWD Input BOOL I, Q, M, D, L or con HMI access stant HMI_PWD = "0": Do not allow password HMI_PWD = "1": Allow password F_PWD_ON Output BOOL I, Q, M, D, L Read/write access including fail-safe F_PWD_ON = "0": Password not allowed F_PWD_ON = "1": Password allowed FULL_PWD_ ON Output BOOL I, Q, M, D, L Read/write access status FULL_PWD_ON = "0": Password not allowed FULL_PWD_ON = "1": Password allowed R_PWD_ON Output BOOL I, Q, M, D, L Read-access status R_PWD_ON = "0": Password not allowed R_PWD_ON = "1": Password allowed HMI_PWD_O Output N BOOL I, Q, M, D, L HMI-access status HMI_PWD_ON = "0": Password not allowed HMI_PWD_ON = "1": Password allowed RET_VAL Output WORD I, Q, M, D, L Error information You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 2682 0000 No error 8090 The "Limit and enable password legitimation" instruction is not supported 80D0 The password for fail-safe is not configured. With standard CPUs, the signal state must be TRUE. 80D1 The read/write access is not configured WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 80D2 The read access is not configured 80D3 The HMI access is not configured *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) PC systems (S7-1500) SHUT_DOWN: Shut down target system (S7-1500) Description You can use the instruction "SHUT_DOWN: Shutdown target system" to shut down the PCbased automation system and restart the S7 software controller CPU 150xS or Windows on the PC-based automation system. The instruction is available in the "Instructions" task card under Basic instructions > Program control > Runtime control. A restart is, for example, advisable in the following situations: An industrial UPS (uninterruptible power supply) reports a power failure via a digital input. Windows stops responding or shows a "blue screen". Too many error OBs are called in the user program. WinCC Advanced V14 System Manual, 10/2016 2683 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Shutdown target system" instruction: Parameter Declaration Data type Memory area MODE Input UINT I, Q, M, D, L or con MODE = 1: Shut stant down CPU 150xS and Windows The CPU goes to STOP and saves the retentive data. Then the CPU and Windows are shut down. The system must be restarted manually. Description MODE = 2: Re start CPU 150xS The CPU goes to STOP and saves the retentive data. Then the CPU is shut down and re started. MODE = 3: Re start Windows. The CPU remains in RUN. Windows is restarted. COMMENT Input STRING I, Q, M, D, L or con With MODE = 1 stant and MODE = 3, you can specify a reason for the re start. The reason is output in the Windows Event Log. Ret_Val Return WORD Q, M, D, L Ret_Val = 0: No faults Ret_Val = 8090: The value passed to MODE is not supported. Ret_Val = 80xy: Windows does not respond to the call of the Shut_Down instruction. 2684 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RE_TRIGR: Restart cycle monitoring time (S7-1200, S7-1500) Description The "Restart cycle monitoring time" instruction is used to restart the cycle monitoring time of the CPU. The cycle monitoring time then restarts with the time you have set in the CPU configuration. If the instruction is called in a block with a higher priority, such as a hardware interrupt or diagnostic error interrupt, the instruction is not executed and the enable output ENO returns signal state "0". The instruction executes completely within a time span (10 times the maximum program cycle), regardless of the number of calls. Once this time has expired, the program cycle can no longer be prolonged. Calling the instruction The following call conditions apply: The following applies to a CPU of the S7-1200 series: In firmware versions <= 2.2, you can call the instruction only in a program cycle organization block of priority 1. This corresponds to the lowest priority of all organization blocks. If the instruction is called in an organization block with a higher priority, the instruction is not executed and the result (BR bit, enable output ENO) is always "0". In firmware versions >= 2.2, you can call the instruction regardless of the priority in all organization blocks. The following applies to a CPU of the S7-1500 series: You can call the instruction regardless of the priority in all organization blocks. Parameters The instruction "Restart cycle monitoring time" has no parameters. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) STP: Exit program (S7-1200, S7-1500) Description You use the "Exit program" instruction to set the CPU to STOP mode and thus end the program execution. The effects at a transition from RUN to STOP depend on the CPU configuration. WinCC Advanced V14 System Manual, 10/2016 2685 Programming the PLC 11.4 Instructions When the result of logic operation (RLO) at the input of the instruction is "1", the CPU changes to STOP mode and the program execution is ended. The signal state at the output of the instruction is not evaluated. When the RLO is "0" at the input of the instruction, then the instruction will not be executed. Parameters The "Exit program" instruction has no parameters. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) GET_ERROR: Get error locally (S7-1200, S7-1500) Description The "Get error locally" instruction is used to query the occurrence of errors within a program block. This normally involves programming or access errors. If the system reports an error during the execution of the program block, detailed information is stored in the operand at the ERROR output for the first error to occur during the execution of the block since the last execution of the instruction. Only operands of the "ErrorStruct" system data type can be specified at the ERROR output. The "ErrorStruct" system data type specifies the exact structure in which the information about the error is stored. Using additional instructions, you can evaluate this structure and program an appropriate response. If several errors occur in the program block, the error information about the next error to occur is output by the instruction only after the first error that occurred has been remedied. Note Output ERROR The ERROR output is only changed if error information is present. To set the output back to "0" after handling an error, you have the following options: Declare the tag in the "Temp" section of the block interface. Reset the tag to "0" before calling the instruction. Query the enable output ENO. 2686 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The enable output ENO is only set if the enable input EN returns signal state "1" and error information is present. If one of these conditions does not apply, then the remaining program execution is not affected by the instruction. Note Activation of the local error handling As soon as you insert the instruction in the program code of a program block, the local error handling is activated and default system reactions are ignored when errors occur. Options for error handling You can find an overview of the options for error handling here: AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameters The following table shows the parameters of the "Get error locally" instruction: Parameters Declaration Data type Memory area Description ERROR Output ErrorStruct D, L Error information Data type "ErrorStruct" The "ErrorStruct" data type can be inserted in a global data block or in the block interface. You can insert the data type more then once if you assign a different name for the data structure each time. The data structure and the name of individual structure elements cannot be changed. If you save the error information in a global data block, it can also be read out by other program blocks. The following table shows the structure of the "ErrorStruct" data type: Structure component Data type Description ERROR_ID WORD Error ID FLAGS BYTE Shows whether the error occurred during a program block call. 16#01: Error during a program block call 16#00: No error during a program block call REACTION BYTE Default reaction: 0: Ignore (write error) 1: Continue with substitute value "0" (read error) 2: Skip instruction (system error) CODE_ADDRESS WinCC Advanced V14 System Manual, 10/2016 CREF Information about the address and type of the program block 2687 Programming the PLC 11.4 Instructions Structure component BLOCK_TYPE Data type Description BYTE Program block type in which the error oc curred: 1: Organization block (OB) 2: Function (FC) 3: Function block (FB) CB_NUMBER UINT Number of the code block OFFSET UDINT Reference to the internal memory MODE BYTE Information about the address of an oper and OPERAND_NUMBER UINT Operand number of the machine command POINTER_NUMBER_LOCA TION UINT (A) Internal pointer SLOT_NUMBER_SCOPE UINT (B) Storage area in internal memory DATA_ADDRESS NREF Information about the address of an oper and BYTE (C) Memory area: AREA L: 16#40...16#7F, 16#86, 16#87, 16#8E, 16#8F, 16#C0...16#FF I: 16#81 Q: 16#82 M: 16#83 DB: 16#40, 16#84, 16#85, 16#8A, 16#8B PI: 16#01 PQ: 16#02 Technological objects: 16#04 DB_NUMBER UINT (D) Number of the data block OFFSET UDINT (E) Relative address of the operand Structure component "ERROR_ID" The following table shows the values that can be output at the structure component "ERROR_ID": 2688 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2577 9591 The block property "Parameter passing via registers" is not selected. 2576 9590 Error in the local data distribution 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 08/ $XWR 5HDO )LHOG>LQGH[@ 7DJ2XWB(QDEOHG ! 5($/ )LHOG>LQGH[@ (12 (5525 (12 ,1 287 %<7( (UURU 7DJ2XW ,1 (UURU5($&7,21 *(7B(5525 (1 (1 7DJ2XWB(QDEOHG 5 An error occurred accessing the #Field[#index] tag. The enable output ENO of the "Multiply" instruction and the #TagOut_Enabled operand have signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, it is WinCC Advanced V14 System Manual, 10/2016 2689 Programming the PLC 11.4 Instructions recommended to program the "Get error locally" instruction after the "Multiply" instruction to get the error. The error information supplied by the "Get error locally" instruction is evaluated with the comparison instruction "Equal". If the "#Error.REACTION" structure component has the value "1", this involves a read/access error and the #TagOut_Enabled output is reset. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) GET_ERR_ID: Get error ID locally (S7-1200, S7-1500) Description The "Get error ID locally" instruction is used to query the occurrence of errors within a block. This is usually to access error. If the system reports during the block processing errors within the block execution since the last execution of the instruction, the error ID of the first error that occurred in the tag is stored at the ID output. Only operands of the WORD data type can be specified at the ID output. If several errors occur in the block, the error ID of the next error to occur in the instruction is output only after the first error that occurred has been remedied. Note The ID output is only changed if error information is present. To set the output back to "0" after handling an error, you have the following options: Declare the tag in the "Temp" section of the block interface. Reset the tag to "0" before calling the instruction. Query the enable output ENO. The enable output ENO of the instruction "Get error ID locally" instruction is set only if the enable input EN returns signal state "1" and error information is present. If one of these conditions is not fulfilled, the remaining program execution is not affected by the "Get error ID locally" instruction. You can find an example of how you can implement the instruction in combination with other troubleshooting options under "See also". Note The "Get error ID locally" instruction enables local error handling within a block. If the "Get error ID locally" instruction is inserted in the program code of a block, any predefined system reactions are ignored if errors occur. 2690 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Options for error handling You can find an overview of the options for error handling here: AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameters The following table shows the parameters of the "Get error ID locally" instruction: Parameters Declaration Data type Memory area Description ID Output WORD I, Q, M, D, L Error ID Parameter ID The following table shows the values that can be output at the ID parameter: WinCC Advanced V14 System Manual, 10/2016 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2576 9590 Error in the local data distribution 2577 9591 The block property "Parameter passing via registers" is not selected. 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected 2691 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 08/ $XWR 5HDO )LHOG>LQGH[@ 7DJ2XWB(QDEOHG ! 5($/ )LHOG>LQGH[@ (12 ,' (12 ,1 287 7DJ2XW ,1 7DJ,' *(7B(55B,' (1 (1 029( ,17 7DJ,' (1 (12 ,1 287 7DJ2XW An error occurred accessing the #Field[#index] tag. The enable output ENO of the "Multiply" instruction and the #TagOut_Enabled operand have signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, it is recommended to program the "Get error ID locally" instruction after the "Multiply" instruction to get the error. The error information supplied by the "Get error ID locally" instruction is evaluated with the comparison instruction "Equal". If the #TagID operand returns the ID 2522, this involves a read/access error and the value "100.0" is written to the #TagOut output. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2692 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions INIT_RD: Initialize all retain data (S7-1500) Description You can use the "Initialize all retain data" instruction to reset the retain data of all data blocks, bit memories and SIMATIC timers and counters at the same time. The instruction can only be executed within a startup OB because the execution would exceed the program cycle duration. Parameters The following table shows the parameters of the "Initialize all retain data" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L, T, C or constant If the input "REQ" has the sig nal state "1", all retain data are reset. RET_VAL Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. You can find additional information on valid data types under "See also". Parameters RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B5 The instruction cannot be executed because it was not programmed within a startup OB. General er See also: "GET_ERR_ID: Get error ID locally" ror informa tion *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 2693 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ,1,7B5' 7DJ,QB 7DJB5(4 (1 5(4 7DJ2XW (12 5(7B9$/ 7DJB5HVXOW If the operands "TagIn_1" and "Tag_REQ" have signal state "1", the instruction is executed. The retain data of all data blocks, bit memories and SIMATIC timers and counters are reset If the instruction is executed without errors, the ENO enable output has the signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 2690) Basic information on LAD (Page 4634) WAIT: Configure time delay (S7-1500) Description The "Configure time delay" instruction pauses the program execution for a specific period of time. You indicate the period of time in microseconds on the WT parameter of the instruction. You can configure time delays from -32768 up to +32767 microseconds (s). The smallest possible delay time depends on the respective CPU and corresponds to the execution time of the "Configure time delay" instruction. The execution of the instruction can be interrupted by higher priority events. The "Configure time delay" instruction returns no error information. Parameters The following table shows the parameters of the "Configure time delay" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output WT Input INT I, Q, M, D, L, P, or constant Time delay in microseconds (s) For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2694 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) RUNTIME: Measure program runtime (S7-1200, S7-1500) Description The "Measure program runtime" instruction is used to measure the runtime of the entire program, individual blocks or command sequences. If you want to measure the runtime of your entire program, call the instruction "Measure program runtime" in OB1. Measurement of the runtime is started with the first call and the output RET_VAL returns the runtime of the program after the second call. The measured runtime includes all CPU processes that can occur during the program execution, for example, interruptions caused by higher-level events or communication. The instruction "Measure program runtime" reads an internal counter of the CPU and write the value to the IN-OUT parameter MEM. The instruction calculates the current program runtime according to the internal counter frequency and writes it to output RET_VAL. If you want to measure the runtime of individual blocks or individual command sequences, you need three separate networks. Call the instruction "Measure program runtime" in an individual network within your program. You set the starting point of the runtime measurement with this first call of the instruction. Then you call the required program block or the command sequence in the next network. In another network, call the "Measure program runtime" instruction a second time and assign the same memory to the IN-OUT parameter MEM as you did during the first call of the instruction. The "Measure program runtime" instruction in the third network reads an internal CPU counter and calculates the current runtime of the program block or the command sequence according to the internal counter frequency and writes it to the output RET_VAL. The "Measure program runtime" instruction uses an internal high-frequency counter to calculate the time. If the counter overruns, the instruction returns values <= 0.0. This can occur up to once per minute for S7-1200 CPUs with firmware version <V4.2. Ignore these runtime values. Note The runtime of a command sequence cannot be determined exactly, because the sequence of instructions within a command sequence is changed during optimized compilation of the program. Parameter The following table lists the parameters of the "Measure program runtime" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output 2695 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description MEM InOut LREAL I, Q, M, D, L The content is for internal pur poses only. RET_VAL Output LREAL I, Q, M, D, L Returns the measured run time in seconds Example The following example shows how the instruction works based on the runtime calculation of a program block: Network 1: 5817,0( 7DJ,Q 7DJ0HPRU\ (1 (12 0(0 5(7B9$/ 7DJB5HVXOW Network 2: '% %HVWBEHIRUHBGDWHB'% )% %HVWBEHIRUHBGDWH (1 (12 Network 3: 5817,0( 7DJ,Q 7DJ0HPRU\ (1 0(0 (12 5(7B9$/ 7DJ5HVXOWB5XQWLPH When the "TagIn1" operand in network 1 has the signal state "1", the instruction is executed. The starting point for the runtime measurement is set with the first call of the instruction and buffered as reference for the second call of the instruction in the "TagMemory" operand. The "Best_before_date" program block FB1 is called in network 2. When the FB1 program block has been executed and the "TagIn1" operand has the signal state "1", the instruction in network 3 is executed. The second call of the instruction calculates the runtime of the program block and writes the result to the output RET_VAL. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2696 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Word logic operations (S7-1200, S7-1500) AND: AND logic operation (S7-1200, S7-1500) Description You can use the "AND logic operation" instruction to combine the value at the IN1 input and the value at the IN2 input bit-by-bit by AND logic and query the result at the OUT output. When the instruction is executed, bit 0 of the value at the IN1 input and bit 0 of the value at the IN2 input are logically ANDed. The result is stored in bit 0 of output OUT. The same logic operation is executed for all other bits of the specified values. The number of inputs can be expanded in the instruction box. The added inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are combined with AND logic (ANDed). The result is stored in the OUT output. The result bit has signal state "1" only when both of the bits in the logic operation also have signal state "1". If one of the two bits of the logic operation has signal state "0", the corresponding result bit is reset. Parameters The following table shows the parameters of the "AND logic operation" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P, or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P, or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P, or constant Other inputs whose values are logically combined. OUT Output Bit strings I, Q, M, D, L, P Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2697 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,Q $1' :25' (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW (12 287 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0000 0000 0000 0101 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" and the value of operand "Tag_Value2" are ANDed. The result is mapped bitfor-bit and output in operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) OR: OR logic operation (S7-1200, S7-1500) Description You can use the "OR logic operation" instruction to combine the value at the IN1 input and the value at the IN2 input bit-by-bit by OR logic and query the result at the OUT output. When the instruction is executed, bit 0 of the value at the IN1 input and bit 0 of the value at the IN2 input are combined by OR logic operation. The result is stored in bit 0 of output OUT. The same logic operation is executed for all bits of the specified tags. The number of inputs can be expanded in the instruction box. The added inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are combined with OR logic (ORed). The result is stored in the OUT output. The result bit has signal state "1" when at least one of the two bits in the logic operation has signal state "1". If both of the bits of the logic operation have signal state "0", the corresponding result bit is reset. 2698 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "OR logic operation" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P, or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P, or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P, or constant Other inputs whose values are logically combined. OUT Output Bit strings I, Q, M, D, L, P Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 25 :25' (1 7DJB9DOXH ,1 7DJB9DOXH ,1 7DJ2XW (12 287 7DJB5HVXOW The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0101 0101 0101 1111 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" and the value of operand "Tag_Value2" are ORed. The result is mapped bit-forbit and output in operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2699 Programming the PLC 11.4 Instructions XOR: EXCLUSIVE OR logic operation (S7-1200, S7-1500) Description You can use the "EXCLUSIVE OR logic operation" instruction to combine the value at the IN1 input and the value at the IN2 input bit-by-bit by EXCLUSIVE OR logic and query the result at the OUT output. When the instruction is executed, bit 0 of the value at the IN1 input and bit 0 of the value at the IN2 input are combined by EXCLUSIVE OR logic operation. The result is stored in bit 0 of output OUT. The same logic operation is executed for all other bits of the specified value. The number of inputs can be expanded in the instruction box. The added inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are combined with EXCLUSIVE OR logic. The result is stored in the OUT output. The result bit has signal state "1" when one of the two bits in the logic operation has signal state "1". If both of the bits of the logic operation have signal state "1" or "0", the corresponding result bit is reset. Parameters The following table shows the parameters of the "EXCLUSIVE OR logic operation" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P, or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P, or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P, or constant Other inputs whose values are logically combined. OUT Output Bit strings I, Q, M, D, L, P Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 2700 ;25 :25' (1 7DJB9DOXH ,1 7DJB9DOXH ,1 (12 287 7DJ2XW 7DJB5HVXOW WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0101 0101 0101 1010 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" and the value of operand "Tag_Value2" are combined by EXCLUSIVE OR logic. The result is mapped bit-for-bit and output in operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) INVERT: Create ones complement (S7-1200, S7-1500) Description You can use the instruction "Create ones complement" to invert the signal status of the bits at input IN. When the instruction is processed, the value at input IN is linked to EXCLUSIVE OR by a hexadecimal mask (W#16#FFFF for 16-bit numbers or DW#16#FFFF FFFF for 32-bit number). This inverts the signal state of the individual bits that are then stored at output OUT. Parameters The following table shows the parameters of the instruction "Create ones complement": Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L IN Input Bit strings, integers I, Q, M, D, L, P, or constant Input value OUT Output Bit strings, integers I, Q, M, D, L, P Ones complement of the val ue at input IN Enable output You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2701 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ,19 :25' 7DJ,Q 7DJ,QB9DOXH (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameter Operand Value IN TagIn_Value W#16#000F W#16#7E OUT TagOut_Value W#16#FFF0 W#16#81 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction inverts the signal state of the individual bits at input "TagIn_Value" and writes the result to output "TagOut_Value". The enable output ENO and the output "TagOut" are set to signal state "1". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) DECO: Decode (S7-1200, S7-1500) Description You can use the "Decode" instruction to set a bit in the output value that is specified by the input value. The "Decode" instruction reads the value at the IN input and sets the bit in the output value whose bit position corresponds to the read value. The other bits in the output value are filled with zeroes. When the value at the IN input is greater than 31, a modulo 32 instruction is executed. Parameters The following table shows the parameters of the "Decode" instruction: 2702 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description IN Input UINT I, Q, M, D, L, P, or constant Position of the bit in the out put value which is set. OUT Output Bit strings I, Q, M, D, L, P Output value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: '(&2 7DJ,Q 7DJ,QB9DOXH 8,17 WR ':25' (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following figure shows how the instruction works using specific operand values: 7DJ,QB9DOXH 7DJ2XWB9DOXH If the "TagIn" operand has signal state "1", the instruction is executed. The instruction reads bit number "3" from the value of the operand "TagIn_Value" at the input and sets the third bit to the value of the operand "TagOut_Value" at the output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ENCO: Encode (S7-1200, S7-1500) Description You can use the "Encode" instruction to read the bit number of the least significant bit in the input value and to send it to the OUT output. WinCC Advanced V14 System Manual, 10/2016 2703 Programming the PLC 11.4 Instructions The "Encode" instruction selects the least significant bit of the value at the IN input and writes its bit number to the tag in the OUT output. Parameters The following table shows the parameters of the "Encode" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Bit strings I, Q, M, D, L, P, or constant Input value OUT Output INT I, Q, M, D, L, P Output value You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: (1&2 ':25' 7DJ,Q 7DJ,QB9DOXH (1 (12 ,1 287 7DJ2XW 7DJ2XWB9DOXH The following figure shows how the instruction works using specific operand values: 7DJ,QB9DOXH 7DJ2XWB9DOXH If the "TagIn" operand has signal state "1", the instruction is executed. The instruction selects the least significant bit at the "TagIn_Value" input and writes bit position "3" to the tag in the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) 2704 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SEL: Select (S7-1200, S7-1500) Description Depending on a switch (G input), the "Select" instruction selects one of the inputs, IN0 or IN1 and copies its content to the OUT output. When the input G has signal state "0", the value at the input IN0 is moved. When the input G has signal state "1", the value at the input IN1 is moved to the output OUT. All tags at all parameters must have the same data type. Parameters The following table shows the parameters of the "Select" instruction: Parameter WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable output G Input BOOL BOOL I, Q, M, D, L or con stant I, Q, M, D, L, Switch T, C or con stant IN0 Input Bit strings, in tegers, float ing-point numbers, timers, TOD, CHAR, WCHAR, DATE Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, LDT, CHAR, WCHAR, DATE I, Q, M, D, L, P, or constant I, Q, M, D, L, First input value P, or con stant 2705 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 IN1 Input Bit strings, in tegers, float ing-point numbers, timers, TOD, CHAR, WCHAR, DATE Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, LDT, CHAR, WCHAR, DATE I, Q, M, D, L, P, or constant I, Q, M, D, L, Second input val P, or con ue stant OUT Output Bit strings, in tegers, float ing-point numbers, timers, TOD, CHAR, WCHAR, DATE Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, LDT, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, Result P You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB* 6(/ :25' (1 (12 * 287 7DJ,QB9DOXH ,1 7DJ,QB9DOXH ,1 7DJ2XW 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: 2706 Parameter Operand G TagIn_G 0 Value 1 IN0 TagIn_Value0 W#16#0000 W#16#4C IN1 TagIn_Value1 W#16#FFFF W#16#5E OUT TagOut_Value W#16#0000 W#16#5E WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the "TagIn" operand has signal state "1", the instruction is executed. Based on the signal state at the "TagIn_G" input, the value at the "TagIn_Value0" or "TagIn_Value1" input is selected and moved to the "TagOut_Value" output. If the instruction is executed without errors, the enable output ENO has signal state "1" and the output "TagOut" is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) MUX: Multiplex (S7-1200, S7-1500) Description You can use the instruction "Multiplex" to copy the content of a selected input to output OUT. The number of selectable inputs of the instruction box can be expanded. You can declare a maximum of 32 inputs. The inputs are numbered automatically in the box. Numbering starts at IN0 and is incremented continuously with each new input. You can use the K parameter to define the input whose content is to be copied to the OUT output. If the value of the parameter K is greater than the number of available inputs, the content of the ELSE parameter is copied to the OUT output and the ENO enable output is assigned the signal state "0". The "Multiplex" instruction can only be executed if the tags have the same data type in all inputs and in the OUT output. The K parameter is an exception, since only integers can be specified for it. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The input at the K parameter is located outside the available inputs. This applies regardless of whether the ELSE input is used. The value at the OUT output remains changed. Errors occurred during execution of the instruction. Parameters The following table shows the parameters of the "Multiplex" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area Description S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output 2707 Programming the PLC 11.4 Instructions Parameters K Declaration Input Data type Memory area Description S7-1200 S7-1500 Integers Integers I, Q, M, D, L, P, or con stant Specifies the input whose content is to be copied. If K = 0 => Parameter IN0 If K = 1 => Parameter IN1, etc. 2708 IN0 Input Binary num bers, integers, floating-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant First input value IN1 Input Binary num bers, integers, floating-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Second input value INn Input Binary num bers, integers, floating-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Optional input values WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S7-1200 S7-1500 ELSE Input Binary num bers, integers, floating-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Specifies the value to be copied when K > n. OUT Output Binary num bers, integers, floating-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P Output to which the val ue is to be copied. You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJB,QSXW 08; ':25' (1 (12 7DJB1XPEHU . 287 7DJB9DOXHB ,1 7DJB9DOXHB ,1 7DJB9DOXHB (/6( 7DJB2XWSXW 6 7DJB5HVXOW The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Parameters Operand K Tag_Number 1 Value IN0 Tag_Value_0 DW#16#00000000 IN1 Tag_Value_1 DW#16#003E4A7D ELSE Tag_Value_2 DW#16#FFFF0000 OUT Tag_Result DW#16#003E4A7D 2709 Programming the PLC 11.4 Instructions If the "Tag_Input" operand has signal state "1", the instruction is executed. Depending on the value of the operand "Tag_Number", the value at input "Tag_Value_1" is copied and assigned to the operand at output "Tag_Result". If the instruction is executed without errors, the "ENO" and "Tag_Output" enable outputs are set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) DEMUX: Demultiplex (S7-1200, S7-1500) Description You can use the instruction "Demultiplex" to copy the content of the input IN to a selected output. The number of selectable outputs can be extended in the instruction box. The outputs are numbered automatically in the box. Numbering starts at OUT0 and continues consecutively with each new output. You can use the K parameter to define the output to which the content of the IN input is to be copied. The other outputs are not changed. If the value of the parameter K is greater than the number of available outputs, then the content of input IN in the parameter ELSE and the enable output ENO will be assigned to the signal state "0". The instruction "Demultiplex" can only be executed if the tags at the input IN and at all outputs are of the same data type. The K parameter is an exception, since only integers can be specified for it. The enable output ENO is reset if one of the following conditions applies: The EN enable input has the signal state "0". The value of the K parameter is greater than the number of available outputs. Errors occurred during execution of the instruction. Parameters The following table shows the parameters of the instruction "Demultiplex": Parameter 2710 Declaration Data type S7-1200 S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter K Declaration Input Data type S7-1200 S7-1500 Integers Integers Memory area Description I, Q, M, D, L, P, or con stant Specifies the output to which the input value (IN) is copied. If K = 0 => Parameter OUT0 If K = 1 => Parameter OUT1, etc. WinCC Advanced V14 System Manual, 10/2016 IN Input Binary numbers, integers, floatingpoint num bers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or con stant Input value OUT0 Output Binary numbers, integers, floatingpoint num bers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P First output OUT1 Output Binary numbers, integers, floatingpoint num bers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P Second output 2711 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description OUTn Output Binary numbers, integers, floatingpoint num bers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P Optional outputs ELSE Output Binary numbers, integers, floatingpoint num bers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P Output to which the input value (IN) at K > n is copied. You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on available data types, refer to "See also". Example The following example shows how the instruction works: '(08; 7DJB,QSXW 7DJB1XPEHU 7DJB9DOXH ':25' 7DJB2XWSXW 6 (1 (12 . 287 7DJB2XWSXWB ,1 287 7DJB2XWSXWB (/6( 7DJB2XWSXWB The following tables show how the instruction works using specific operand values: Table 11-14 Input values of the "Demultiplex" instruction before network execution 2712 Parameter Operand Values K Tag_Number 1 4 IN Tag_Value DW#16#FFFFFFFF DW#16#003E4A7D WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-15 Output values of the "Demultiplex" instruction after network execution Parameter Operand Values OUT0 Tag_Output_0 Unchanged Unchanged OUT1 Tag_Output_1 DW#16#FFFFFFFF Unchanged ELSE Tag_Output_2 Unchanged DW#16#003E4A7D If the "Tag_Input" has signal state "1", the instruction is executed. Depending on the value of the operand "Tag_Number", the value at input "IN" is copied to the corresponding output. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Shift and rotate (S7-1200, S7-1500) SHR: Shift right (S7-1200, S7-1500) Description You can use the "Shift right" instruction to shift the content of the operand at the input IN bitby-bit to the right and query the result at the OUT output. You use the N parameter to specify the number of bit positions by which the specified value is to be shifted. If the value at the parameter N is "0", the value at input IN is copied to the operand at output OUT. If the value at the parameter N is greater than the number of bit positions, the operand value at input IN is shifted to the right by the available number of bit positions. The freed bit positions in the left area of the operand are filled by zeroes when values without signs are shifted. If the specified value has a sign, the free bit positions are filled with the signal state of the sign bit. The following figure show how the content of an operand of integer data type is shifted four bit positions to the right: WinCC Advanced V14 System Manual, 10/2016 2713 Programming the PLC 11.4 Instructions ,1 1 287 6LJQ ELW SODFHV 7KHVHIRXUELWV DUHORVW 7KHIUHHGELWSRVLWLRQV DUHILOOHGE\WKHVLJQDOVWDWXV RIWKHVLJQELW Parameters The following table shows the parameters of the "Shift right" instruction: Parameters Declaration S7-1200 Data type S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Bit strings, inte Bit strings, in gers tegers N Input USINT, UINT, UDINT OUT Output Bit strings, inte Bit strings, in gers tegers I, Q, M, D, L or constant USINT, UINT, I, Q, M, D, L UDINT, ULINT or constant Value to be shifted Number of bit posi tions by which the val ue is shifted I, Q, M, D, L Result of the instruc tion You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2714 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6+5 :25' 7DJ,Q 7DJ,QB9DOXH 7DJB1XPEHU (1 ,1 1 (12 287 7DJ2XW 6 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 N Tag_Number 3 OUT TagOut_Value 0000 0111 1111 0101 If operand "TagIn" has the signal state "1", the "Shift right" instruction is executed. The content of operand "TagIn_Value" is shifted three bit positions to the right. The result is sent to the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) SHL: Shift left (S7-1200, S7-1500) Description You can use the "Shift left" instruction to shift the content of the operand at the input IN bit-bybit to the left and query the result at the OUT output. You use the N parameter to specify the number of bit positions by which the specified value is to be shifted. If the value at the parameter N is "0", the value at input IN is copied to the operand at output OUT. If the value at the parameter N is greater than the number of bit positions, the operand value at input IN is shifted to the right by the available number of bit positions. The bit positions in the right part of the operand freed by shifting are filled with zeros. The following figure shows how the content of an operand of the WORD data type is shifted by six bit positions to the left: WinCC Advanced V14 System Manual, 10/2016 2715 Programming the PLC 11.4 Instructions ,1 1 287 SODFHV 7KHIUHHGELW SRVLWLRQVDUHILOOHGE\ ]HURV 7KHVHVL[ELWV DUHORVW Parameters The following table shows the parameters of the "Shift left" instruction: Parameters Declaration S7-1200 Data type S7-1500 Memory area I, Q, M, D, L Enable input EN Input BOOL BOOL ENO Output BOOL BOOL IN Input Bit strings, inte Bit strings, in gers tegers N Input USINT, UINT, UDINT OUT Output Bit strings, inte Bit strings, in gers tegers Description I, Q, M, D, L Enable output I, Q, M, D, L or con stant USINT, UINT, I, Q, M, D, UDINT, ULINT L or con stant Value to be shifted Number of bit positions by which the value is shifted I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2716 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6+/ :25' 7DJ,Q 7DJ,QB9DOXH 7DJB1XPEHU (1 ,1 1 (12 287 7DJ2XW 6 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 N Tag_Number 4 OUT TagOut_Value 1111 1010 1111 0000 If operand "TagIn" has the signal state "1", the "Shift left" instruction is executed. The content of operand "TagIn_Value" is shifted four bit positions to the left. The result is sent to the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ROR: Rotate right (S7-1200, S7-1500) Description You can use the "Rotate right" instruction to rotate the content of the operand at the input IN bit-by-bit to the right and query the result at the OUT output. You use the N parameter to specify the number of bit positions by which the specified value is to be rotated. The bit positions freed by rotating are filled with the bit positions that are pushed out. If the value at the parameter N is "0", the value at input IN is copied to the operand at output OUT. If the value at the parameter N is greater than the number of available bit positions, the operand value at input IN is nevertheless rotated by the specified number of bit positions. The following figure shows how the content of an operand of DWORD data type is rotated three positions to the right: WinCC Advanced V14 System Manual, 10/2016 2717 Programming the PLC 11.4 Instructions ,1 1 SODFHV 287 7KHVLJQDOVWDWXVRIWKHWKUHH VKLIWHGELWVDUHLQVHUWHGLQWR WKHIUHHGSODFHV Parameters The following table shows the parameters of the instruction "Rotate right": Parameters Declaration S7-1200 Data type S7-1500 Memory area Description EN Input BOOL BOOL I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L Enable output IN Input Bit strings, in tegers Bit strings, in tegers I, Q, M, D, L or con stant N Input USINT, UINT, UDINT USINT, UINT, I, Q, M, D, UDINT, ULINT L or con stant OUT Output Bit strings, in tegers Bit strings, in tegers Value to be rotated Number of bit positions by which the value is rotated I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2718 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 525 :25' 7DJ,Q 7DJ,QB9DOXH 7DJB1XPEHU (1 ,1 1 (12 287 7DJ2XW 6 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0000 1111 1001 0101 N Tag_Number 5 OUT TagOut_Value 1010 1000 0111 1100 If operand "TagIn" has the signal state "1", the "Rotate right" instruction is executed. The content of operand "TagIn_Value" is rotated five bit positions to the right. The result is sent to the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) ROL: Rotate left (S7-1200, S7-1500) Description You can use the "Rotate left" instruction to rotate the content of the operand at the input IN bitby-bit to the left and query the result at the OUT output. You use the N parameter to specify the number of bit positions by which the specified value is to be rotated. The bit positions freed by rotating are filled with the bit positions that are pushed out. If the value at the parameter N is "0", the value at input IN is copied to the operand at output OUT. If the value at the parameter N is greater than the number of available bit positions, the operand value at input IN is nevertheless rotated by the specified number of bit positions. The following figure shows how the content of an operand of DWORD data type is rotated three positions to the left: WinCC Advanced V14 System Manual, 10/2016 2719 Programming the PLC 11.4 Instructions ,1 1 287 SODFHV 7KHVLJQDOVWDWXVRIWKHWKUHH VKLIWHGELWVDUHLQVHUWHGLQWR WKHIUHHGSODFHV Parameters The following table shows the parameters of the instruction "Rotate left": Parameters Declaration S7-1500 Memory area Description S7-1200 Data type Enable input EN Input BOOL BOOL I, Q, M, D, L ENO Output BOOL BOOL I, Q, M, D, L IN Input Bit strings, in tegers Bit strings, inte I, Q, M, D, L gers or constant Value to be rotated N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT Number of bit posi tions by which the val ue is rotated OUT Output Bit strings, in tegers Bit strings, inte I, Q, M, D, L gers I, Q, M, D, L or constant Enable output Result of the instruc tion You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". 2720 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 52/ :25' 7DJ,Q 7DJ,QB9DOXH 7DJB1XPEHU (1 ,1 1 (12 287 7DJ2XW 6 7DJ2XWB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 1010 1000 1111 0110 N Tag_Number 5 OUT TagOut_Value 0001 1110 1101 0101 If input "TagIn" has the signal state "1", the instruction "Rotate left" is executed. The content of operand "TagIn_Value" is rotated five bit positions to the left. The result is sent to the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has signal state "1" and the "TagOut" output is set. For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) Memory areas (Page 944) Legacy (S7-1500) DRUM: Implement sequencer (S7-1500) Description You can use the "Implement sequencer" instruction to assign the programmed values of the OUT_VAL parameter of the corresponding step to the programmed output bits (OUT1 to OUT16) and the output word (OUT_WORD). The specific step must thereby satisfy the conditions of the programmed enable mask on the S_MASK parameter while the instruction remains at this step. The instruction advances to the next step if the event for the step is true and the programmed time for the current step elapses, or if the value at the JOG parameter changes from "0" to "1". The instruction is reset when the signal state of the RESET parameter changes to "1". The current step is hereby equated to the preset step (DSP). The amount of time spent on a step is determined by the product of the preset timebase (DTBP) and the preset counter value (S_PRESET) for each step. At the start of a new step, this WinCC Advanced V14 System Manual, 10/2016 2721 Programming the PLC 11.4 Instructions calculated value is loaded into the DCC parameter, which contains the time remaining for the current step. If, for example the value at the DTBP parameter is "2" and the preset value for the first step is "100" (100 ms), the DCC parameter has the value "200" (200 ms). A step can be programmed with a timer value, an event, or both. Steps that have an event bit and the timer value "0" advance to the next step as soon as the signal state of the event bit is "1". Steps that are programmed only with a timer value start the time immediately. Steps that are programmed with an event bit and a timer value greater than "0" start the time when the signal state of the event bit is "1". The event bits are initialized with a signal state of "1". When the sequencer is on the last programmed step (LST_STEP) and the time for this step has expired, the signal state on the Q parameter is set to "1"; otherwise it is set to "0". When the parameter Q is set, the instruction remains on the step until it is reset. In the configurable mask (S_MASK) you can select the individual bits in the output word (OUT_WORD) and set or reset the output bits (OUT1 to OUT16) by means of the output values (OUT_VAL). When a bit of the configurable mask has a signal state of "1", the OUT_VAL value sets/resets the corresponding bit. If the signal state of a bit of the configurable mask is "0", the corresponding bit is left unchanged. All the bits of the configurable mask for all 16 steps are initialized with a signal state of "1". The output bit at the OUT1 parameter corresponds to the least significant bit of the output word (OUT_WORD). The output bit at the OUT16 parameter corresponds to the most significant bit of the output word (OUT_WORD). Parameters The following table shows the parameters of the "Implement sequencer" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output RESET Input BOOL I, Q, M, D, L or con The signal state "1" indicates stant a reset condition. JOG Input BOOL I, Q, M, D, L or con When the signal state stant changes from "0" to "1", the instruction advances to the next step. DRUM_EN Input BOOL I, Q, M, D, L or con The signal state "1" allows stant the sequencer to advance based on the event and time criteria. LST_STEP Input BYTE I, Q, M, D, L or con Number of the last program stant med step. EVENT(i), Input BOOL I, Q, M, D, L or con Event bit (i); stant Initial signal state is "1". Output BOOL I, Q, M, D, L Output bit (j) Output BOOL I, Q, M, D, L The signal state "1" indicates that the time for the last step has elapsed. 1 i 16 OUT(j), 1 j 16 Q 2722 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description OUT_WORD Output WORD I, Q, M, D, L, P Word address to which the sequencer writes the output values. ERR_CODE Output WORD I, Q, M, D, L, P Error information JOG_HIS Static BOOL I, Q, M, D, L JOG parameter history bit EOD Static BOOL I, Q, M, D, L or con The signal state "1" indicates stant that the time for the last step has elapsed. DSP Static BYTE I, Q, M, D, L, P or constant Preset step of the sequencer DSC Static BYTE I, Q, M, D, L, P or constant Current step of the sequencer DCC Static DWORD I, Q, M, D, L, P or constant Current numerical value of the sequencer DTBP Static WORD I, Q, M, D, L, P or constant Preset timebase of the se quencer PrevTime Static TIME I, Q, M, D, L or con Previous system time stant S_PRESET Static ARRAY[1..16] of WORD I, Q, M, D, L or con Preset counter value for each stant step [1 to 16] where one clock pulse = 1 ms. OUT_VAL Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L or con Output values for each step stant [1 to 16, 0 to 15]. S_MASK Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L or con Configurable mask for each stant step [1 to 16, 0 to 15]. Initial signal states are "1". ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: ERR_COD E* Explanation W#16#000 0 No error W#16#000 B The value at the LST_STEP parameter is less than 1 or greater than 16. W#16#000 C The value at the DSC parameter is less than 1 or greater than the value of the LST_STEP parameter. W#16#000 D The value at the DSP parameter is less than 1 or greater than the value of the LST_STEP parameter. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 2723 Programming the PLC 11.4 Instructions Example In the following example the instruction advances from step 1 to step 2. The output bits (OUT1 to OUT16) and the output word (OUT_WORD) are set according to the mask configured for step 2 and the values of the OUT_VAL parameter. Note You can initialize static parameters in the data block. '580B'% '580 7DJ,Q 7DJ2XW (12 (1 7DJB5HVHW 7DJB,QSXWB-2* 7DJB'580B(1 /DVW6WHS 0\(YHQW 5(6(7 -2* '580B(1 /67B67(3 (9(17 287 4 287B:25' (55B&2'( 0\2XWSXW 7DJB2XWSXWB4 7DJB2XWSXWB:25' 7DJB(UURU&RGH The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for initializing the input parameters: Parameter Operand Address Value RESET Tag_Reset M0.0 FALSE JOG Tag_Input_JOG M0.1 FALSE DRUM_EN Tag_Input_DrumEN M0.2 TRUE LST_STEP Tag_Number_LastStep MB1 B#16#08 EVENT2 MyTag_Event_2 M20.0 FALSE EVENT4 MyTag_Event_4 M20.1 FALSE EVENT6 MyTag_Event_6 M20.2 FALSE EVENT8 MyTag_Event_8 M20.3 FALSE EVENT10 MyTag_Event_10 M20.4 FALSE EVENT12 MyTag_Event_12 M20.5 FALSE EVENT14 MyTag_Event_14 M20.6 FALSE EVENT16 MyTag_Event_16 M20.7 FALSE The following values are saved in the "DRUM_DB" instance data block of the instruction: 2724 Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE DSP DBB13 W#16#0001 DSC DBB14 W#16#0001 DCC DBD16 DW#16#0000000A WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WinCC Advanced V14 System Manual, 10/2016 Parameter Address Value DTBP DBW20 W#16#0001 S_PRESET[1] DBW26 W#16#0064 S_PRESET[2] DBW28 W#16#00C8 OUT_VAL[1,0] DBX58.0 TRUE OUT_VAL[1,1] DBX58.1 TRUE OUT_VAL[1,2] DBX58.2 TRUE OUT_VAL[1,3] DBX58.3 TRUE OUT_VAL[1,4] DBX58.4 TRUE OUT_VAL[1,5] DBX58.5 TRUE OUT_VAL[1,6] DBX58.6 TRUE OUT_VAL[1,7] DBX58.7 TRUE OUT_VAL[1,8] DBX59.0 TRUE OUT_VAL[1,9] DBX59.1 TRUE OUT_VAL[1,10] DBX59.2 TRUE OUT_VAL[1,11] DBX59.3 TRUE OUT_VAL[1,12] DBX59.4 TRUE OUT_VAL[1,13] DBX59.5 TRUE OUT_VAL[1,14] DBX59.6 TRUE OUT_VAL[1,15] DBX59.7 TRUE OUT_VAL[2,0] DBX60.0 FALSE OUT_VAL[2,1] DBX60.1 FALSE OUT_VAL[2,2] DBX60.2 FALSE OUT_VAL[2,3] DBX60.3 FALSE OUT_VAL[2,4] DBX60.4 FALSE OUT_VAL[2,5] DBX60.5 FALSE OUT_VAL[2,6] DBX60.6 FALSE OUT_VAL[2,7] DBX60.7 FALSE OUT_VAL[2,8] DBX61.0 FALSE OUT_VAL[2,9] DBX61.1 FALSE OUT_VAL[2,10] DBX61.2 FALSE OUT_VAL[2,11] DBX61.3 FALSE OUT_VAL[2,12] DBX61.4 FALSE OUT_VAL[2,13] DBX61.5 FALSE OUT_VAL[2,14] DBX61.6 FALSE OUT_VAL[2,15] DBX61.7 FALSE S_MASK[2,0] DBX92.0 FALSE S_MASK[2,1] DBX92.1 TRUE S_MASK[2,2] DBX92.2 TRUE S_MASK[2,3] DBX92.3 TRUE S_MASK[2,4] DBX92.4 TRUE S_MASK[2,5] DBX92.5 FALSE S_MASK[2,6] DBX92.6 TRUE S_MASK[2,7] DBX92.7 TRUE 2725 Programming the PLC 11.4 Instructions Parameter Address Value S_MASK[2,8] DBX93.0 FALSE S_MASK[2,9] DBX93.1 FALSE S_MASK[2,10] DBX93.2 TRUE S_MASK[2,11] DBX93.3 TRUE S_MASK[2,12] DBX93.4 TRUE S_MASK[2,13] DBX93.5 TRUE S_MASK[2,14] DBX93.6 FALSE S_MASK[2,15] DBX93.7 TRUE The output parameters are set to the following values before the execution of the instruction: Parameter Operand Address Value Q Tag_Output_Q M6.0 FALSE OUTWORD Tag_OutputWord MW8 W#16#FFFF OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 TRUE OUT3 MyTag_Output_3 M4.2 TRUE OUT4 MyTag_Output_4 M4.3 TRUE OUT5 MyTag_Output_5 M4.4 TRUE OUT6 MyTag_Output_6 M4.5 TRUE OUT7 MyTag_Output_7 M4.6 TRUE OUT8 MyTag_Output_8 M4.7 TRUE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 TRUE OUT12 MyTag_Output_12 M5.3 TRUE OUT13 MyTag_Output_13 M5.4 TRUE OUT14 MyTag_Output_14 M5.5 TRUE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 TRUE After processing The following values are written to the output parameters after the instruction has been executed: 2726 Parameter Operand Address Value OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 FALSE OUT3 MyTag_Output_3 M4.2 FALSE OUT4 MyTag_Output_4 M4.3 FALSE OUT5 MyTag_Output_5 M4.4 FALSE OUT6 MyTag_Output_6 M4.5 TRUE OUT7 MyTag_Output_7 M4.6 FALSE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Operand Address Value OUT8 MyTag_Output_8 M4.7 FALSE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 FALSE OUT12 MyTag_Output_12 M5.3 FALSE OUT13 MyTag_Output_13 M5.4 FALSE OUT14 MyTag_Output_14 M5.5 FALSE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 FALSE Q Tag_Output_Q M6.0 FALSE OUTWORD Tag_OutputWord MW8 W#16#4321 ERR_CODE Tag_ErrorCode MW10 W#16#0000 The following values are changed in the instance data block "DRUM_DB" of the instruction after the execution of the instruction: Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE DSC DBB14 W#16#0002 DCC DBD16 DW#16#000000C8 For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) DCAT: Discrete control-timer alarm (S7-1500) Description You can use the "Discrete control-timer alarm" to count the time from the point at which the CMD parameter issues the command to open or close. The time is accumulated until the preset time (PT) is exceeded or the information is received that the device was opened or closed (O_FB or C_FB) within the specified time. If the preset time is exceeded before the information on the opening or closing of the device is received, the corresponding alarm is activated. If the signal state of the command input changes before the preset time, the time is restarted. WinCC Advanced V14 System Manual, 10/2016 2727 Programming the PLC 11.4 Instructions The "Discrete control-timer alarm" instruction has the following reactions to the input conditions: When the signal state of the CMD parameter changes from "0" to "1", the signal states of the parameters Q, CMD_HIS, ET (only if ET is < PT) OA and CA are influenced as follows: - The parameters Q and CMD_HIS are set to "1". - The parameters ET, OA and CA are reset to "0". When the signal state of the parameter CMD changes from "1" to "0", the parameters Q, ET (only if ET < PT), OA, CA and CMD_HIS are reset to "0". When the signal state of the parameters CMD and CMD_HIS is "1" and the parameter O_FB is set to "0", the time difference (ms) since the last execution of the instruction is added to the value at the parameter ET. If the value of the ET parameter exceeds the value of the PT parameter, the signal state at the OA parameter is set to "1". If the value of the ET parameter does not exceed the value of the PT parameter, the signal state of the OA parameter is reset to "0". The value at the parameter CMD_HIS is reset to the value of the parameter CMD. If the signal state of the CMD, CMD_HIS and O_FB parameters are set to "1" and the parameter C_FB has the value "0", the signal state of the parameter OA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the O_FB parameter changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters CMD, CMD_HIS and C_FB have the value "0", the time difference (ms) since the last execution of the instruction is added to the value of the parameter ET. If the value of the ET parameter exceeds the value of the PT parameter, the signal state of the parameter CA is reset to "1". If the value at the parameter PT is not exceeded, the parameter CA has the signal state "0". The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters CMD, CMD_HIS and O_FB have the signal state "0" and the parameter C_FB is set to "1", the parameter CA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the C_FB parameter changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters O_FB and C_FB simultaneously have the signal state "1", the signal states of both alarm outputs are set to "1". The "Discrete control-timer alarm" instruction has no error information. Parameters The following table shows the parameters of the "Discrete control-timer alarm" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output CMD Input BOOL I, Q, M, D, L or con A signal state of "0" indicates stant a "close" command. A signal state of "1" indicates an "open" command. 2728 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area O_FB Input BOOL I, Q, M, D, L or con Feedback input when open stant ing Description C_FB Input BOOL I, Q, M, D, L or con Feedback input when closing stant Q Output BOOL I, Q, M, D, L Shows the status of the pa rameter CMD OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing ET Static DINT D, L or constant Currently elapsed time, where one clock pulse = 1 ms PT Static DINT D, L or constant Preset timer value, where one clock pulse = 1 ms PREV_TIME Static DWORD D, L or constant Previous system time CMD_HIS Static BOOL D, L or constant CMD history bit Example In the following example the parameter CMD changes from "0" to "1". After the execution of the instruction the parameter Q is set to "1" and the two alarm outputs OA and CA have the signal state "0". The CMD_HIS parameter of the instance data block is set to the signal state "1" and the ET parameter is reset to "0". Note You can initialize static parameters in the data block. '&$7B'% '&$7 7DJ,Q (1 7DJ2XW (12 7DJB,QSXWB&0' &0' 4 7DJB2XWSXWB4 7DJB,QSXWB2B)% 2B)% 2$ 7DJB2XWSXWB2$ &B)% &$ 7DJB2XWSXWB&$ 7DJB,QSXWB&B)% The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for the input and output parameters: WinCC Advanced V14 System Manual, 10/2016 Parameter Operand Value CMD Tag_Input_CMD TRUE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE 2729 Programming the PLC 11.4 Instructions Parameter Operand Value Q Tag_Output_Q FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#12 PT DBD8 L#222 CMD_HIS DBX16.0 FALSE After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value Q Tag_Output_Q TRUE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#0 CMD_HIS DBX16.0 TRUE For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) MCAT: Motor control-timer alarm (S7-1500) Description The "Motor control-timer alarm" instruction is used to accumulate the time from the point at which one of the command inputs (opening or closing) is switched on. The time is accumulated until the preset time is exceeded or the relevant feedback input indicates that the device has executed the requested operation within the specified time. If the preset time is exceeded before the feedback is received, the corresponding alarm is triggered. 2730 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Execution of the "Motor control-timer alarm" instruction The following table shows the reactions of the "Motor control-timer alarm" instruction to the various input conditions: Input parameters Output parameters ET O_H IS C_H IS O_C MD C_C MD S_C MD O_F B C_F B OO CO OA CA ET O_H IS C_HI Q S Status X 1 1 X X X X X 0 0 1 1 PT 0 0 0 Alarm X X X X X X 1 1 0 0 1 1 PT 0 0 0 Alarm X X X X X 1 X X 0 0 0 0 X 0 0 1 Stop X X X 1 1 X X X 0 0 0 0 X 0 0 1 Stop X 0 X 1 0 0 X X 1 0 0 0 0 1 0 1 Start open ing <PT 1 0 X 0 0 0 X 1 0 0 0 INC 1 0 1 Open X 1 0 X 0 0 1 0 0 0 0 0 PT 1 0 1 Opened >=P T 1 0 X 0 0 0 X 0 0 1 0 PT 1 0 0 Opening alarm X X 0 0 1 0 X X 0 1 0 0 0 0 1 1 Start closing <PT 0 1 0 X 0 X 0 0 1 0 0 INC 0 1 1 Close X 0 1 0 X 0 0 1 0 0 0 0 PT 0 1 1 Closed >=P T 0 1 0 X 0 X 0 0 0 0 1 PT 0 1 0 Closing alarm X 0 0 0 0 0 X X 0 0 0 0 X 0 0 1 Stopped Legend: INC Add the time difference (ms) since the last processing of the FB to ET PT PT is set to the same value as ET X Cannot be used <PT ET < PT >=PT ET >= PT If the input parameters O_HIS and C_HIS both have the signal state "1", they are immediately set to signal state "0". In this case, the last row in the table (X) mentioned above is valid. Because it is therefore no longer possible to check whether the input parameters O_HIS and C_HIS have the signal state "1", the output parameters are set as follows in this case: OO = FALSE CO = FALSE OA = FALSE CA = FALSE ET = PT Q = TRUE The "Motor control-timer alarm" instruction returns no error information. WinCC Advanced V14 System Manual, 10/2016 2731 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Motor control-timer alarm" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output O_CMD Input BOOL I, Q, M, D, L or con "Open" command input stant C_CMD Input BOOL I, Q, M, D, L or con "Close" command input stant S_CMD Input BOOL I, Q, M, D, L or con "Stop" command input stant O_FB Input BOOL I, Q, M, D, L or con Feedback input when open stant ing C_FB Input BOOL I, Q, M, D, L or con Feedback input when closing stant OO Output BOOL I, Q, M, D, L "Open" output CO Output BOOL I, Q, M, D, L "Close" output OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing Q Output BOOL I, Q, M, D, L A signal state of "0" indicates an error condition. ET Static DINT D, L or constant Currently elapsed time, where one clock pulse = 1 ms PT Static DINT D, L or constant Preset timer value, where one clock pulse = 1 ms PREV_TIME Static DWORD D, L or constant Previous system time O_HIS Static BOOL D, L or constant "Open" history bit C_HIS Static BOOL D, L or constant "Close" history bit Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. 2732 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 0&$7B'% 7DJ,Q 0&$7 (1 7DJ2XW (12 7DJB,QSXWB2B&0' 2B&0' 22 7DJB2XWSXW2SHQ &B&0' &2 7DJB2XWSXW&ORVHG 6B&0' 2$ 7DJB2XWSXWB2$ 2B)% &$ 7DJB2XWSXWB&$ &B)% 4 7DJB2XWSXWB4 7DJB,QSXWB&B&0' 7DJB,QSXWB6B&0' 7DJB,QSXWB2B)% 7DJB,QSXWB&B)% The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for the input and output parameters: Parameter Operand Value O_CMD Tag_Input_O_CMD TRUE C_CMD Tag_Input_C_CMD FALSE S_CMD Tag_Input_S_CMD FALSE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE OO Tag_OutputOpen FALSE CO Tag_OutputClosed FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q FALSE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#2 PT DBD8 L#22 O_HIS DBX16.0 TRUE C_HIS DBX16.1 FALSE After processing The following values are written to the output parameters after the instruction has been executed: WinCC Advanced V14 System Manual, 10/2016 Parameter Operand Value OO Tag_OutputOpen TRUE CO Tag_OutputClosed FALSE 2733 Programming the PLC 11.4 Instructions Parameter Operand Value OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q TRUE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#0 O_HIS DBX16.0 TRUE CMD_HIS DBX16.1 FALSE For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) IMC: Compare input bits with the bits of a mask (S7-1500) Description You can use the "Compare input bits with the bits of a mask" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bits of a mask. Up to 16 steps with masks can be programmed. The value of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. In the CMP_STEP parameter, you specify the step number of the mask that is used for the comparison. All programmed values are compared in the same manner. Unprogrammed input bits or unprogrammed bits of the mask have the default signal state FALSE. If a match is found in the comparison, the signal state of the OUT parameter is set to "1". Otherwise, the OUT parameter is set to "0". If the value of the CMP_STEP parameter is greater than 15, the instruction is not executed. An error message is output at the ERR_CODE parameter. Parameters The following table shows the parameters of the "Compare input bits with the bits of a mask" instruction: 2734 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN_BIT0 Input BOOL I, Q, M, D, L or con Input bit 0 is compared with stant bit 0 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area IN_BIT1 Input BOOL I, Q, M, D, L or con Input bit 1 is compared with stant bit 1 of the mask. Description IN_BIT2 Input BOOL I, Q, M, D, L or con Input bit 2 is compared with stant bit 2 of the mask. IN_BIT3 Input BOOL I, Q, M, D, L or con Input bit 3 is compared with stant bit 3 of the mask. IN_BIT4 Input BOOL I, Q, M, D, L or con Input bit 4 is compared with stant bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L or con Input bit 5 is compared with stant bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L or con Input bit 6 is compared with stant bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L or con Input bit 7 is compared with stant bit 7 of the mask. IN_BIT8 Input BOOL I, Q, M, D, L or con Input bit 8 is compared with stant bit 8 of the mask. IN_BIT9 Input BOOL I, Q, M, D, L or con Input bit 9 is compared with stant bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L or con Input bit 10 is compared with stant bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L or con Input bit 11 is compared with stant bit 11 of the mask. IN_BIT12 Input BOOL I, Q, M, D, L or con Input bit 12 is compared with stant bit 12 of the mask. IN_BIT13 Input BOOL I, Q, M, D, L or con Input bit 13 is compared with stant bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L or con Input bit 14 is compared with stant bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L or con Input bit 15 is compared with stant bit 15 of the mask. CMP_STEP Input BYTE I, Q, M, D, L, P or constant The step number of the mask used for the comparison. OUT Output BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. A signal state of "0" indicates that no match was found. WinCC Advanced V14 System Manual, 10/2016 ERR_CODE Output WORD I, Q, M, D, L, P Error information CMP_VAL Static ARRAY OF WORD I, Q, M, D, L or con Comparison masks [0 to 15, stant 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. 2735 Programming the PLC 11.4 Instructions ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000A The value at the CMP_STEP parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) SMC: Compare scan matrix (S7-1500) Description You can use the "Compare scan matrix" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bit of the comparison masks for each step. Processing starts at step 1 and is continued until the last programmed step (LAST) or until a match is found. The input bit of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. All programmed values are compared in the same manner. If a match is found the signal state of the OUT parameter is set to "1" and the step number with the matching mask is written in the OUT_STEP parameter. Unprogrammed input bits or unprogrammed bits of the mask have the default signal state FALSE. If more than one step has a matching mask, only the first one found is indicated in the OUT_STEP parameter. If no match is found, the signal state of the OUT parameter is set to "0". In this case the value at the OUT_STEP parameter is greater by "1" than the value at the LAST parameter. Parameters The following table shows the parameters of the "Compare scan matrix" instruction: 2736 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN_BIT0 Input BOOL I, Q, M, D, L or con Input bit 0 is compared with stant bit 0 of the mask. IN_BIT1 Input BOOL I, Q, M, D, L or con Input bit 1 is compared with stant bit 1 of the mask. IN_BIT2 Input BOOL I, Q, M, D, L or con Input bit 2 is compared with stant bit 2 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area IN_BIT3 Input BOOL I, Q, M, D, L or con Input bit 3 is compared with stant bit 3 of the mask. Description IN_BIT4 Input BOOL I, Q, M, D, L or con Input bit 4 is compared with stant bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L or con Input bit 5 is compared with stant bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L or con Input bit 6 is compared with stant bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L or con Input bit 7 is compared with stant bit 7 of the mask. IN_BIT8 Input BOOL I, Q, M, D, L or con Input bit 8 is compared with stant bit 8 of the mask. IN_BIT9 Input BOOL I, Q, M, D, L or con Input bit 9 is compared with stant bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L or con Input bit 10 is compared with stant bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L or con Input bit 11 is compared with stant bit 11 of the mask. IN_BIT12 Input BOOL I, Q, M, D, L or con Input bit 12 is compared with stant bit 12 of the mask. IN_BIT13 Input BOOL I, Q, M, D, L or con Input bit 13 is compared with stant bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L or con Input bit 14 is compared with stant bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L or con Input bit 15 is compared with stant bit 15 of the mask. OUT Output BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. The signal state "0" indicates that no match was found. WinCC Advanced V14 System Manual, 10/2016 ERR_CODE Output WORD I, Q, M, D, L, P Error information OUT_STEP Output BYTE I, Q, M, D, L, P Contains the step number with the matching mask or the step number which is greater by "1" than the value of the LAST parameter, pro vided no match is found. LAST Static BYTE I, Q, M, D, L, P or constant Specifies the step number of the last step to be scanned for a matching mask. CMP_VAL Static ARRAY OF WORD I, Q, M, D, L or con Comparison masks [0 to 15, stant 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. 2737 Programming the PLC 11.4 Instructions ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000E The value at the LAST parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) LEAD_LAG: Lead and lag algorithm (S7-1500) Description You can use the "Lead and lag algorithm" instruction to process signals with an analog tag. The gain value at the GAIN parameter must be greater than zero. The result of the instruction "Lead and lag algorithm" is calculated using the following equation: 287 /*B7,0( /'B7,0(6$03/(B7 /'B7,0( ,1*$,1 35(9B287*$,1 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 35(9B,1 The "Lead and lag algorithm" instruction supplies plausible results only when processing is in fixed program cycles. The same units must be specified for the LD_TIME, LG_TIME, and SAMPLE_T parameters. At LG_TIME > 4 + SAMPLE_T, the instruction approaches the following function: OUT = GAIN * ((1 + LD_TIME * s) / (1 + LG_TIME * s)) * IN When the value of the GAIN parameter is less than or equal to zero, the calculation is not performed and an error information is output on the ERR_CODE parameter. You can use the instruction "Lead and lag algorithm" in conjunction with loops as a compensator in dynamic feed-forward control. The instruction consists of two operations. The "Lead" operation shifts the phase of the OUT output so that the output leads the input. The "Lag" operation, on the other hand, shifts the output so that the output lags behind the input. Because the "Lag" operation is equivalent to an integration, it can be used as a noise suppressor or as a low-pass filter. The "Lead" operation is equivalent to a differentiation and can therefore be used as a high-pass filter. The two operations together (Lead and Lag) result in the output phase lagging behind the the input at lower frequencies and leading it at higher frequencies. This means that the "Lead and lag algorithm" instruction can be used as a band pass filter. 2738 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Lead and lag algorithm" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input REAL I, Q, M, D, L, P or constant The input value of the current sample time (cycle time) to be processed. Constants can al so be specified on the IN parameter. SAMPLE_T Input INT I, Q, M, D, L, P or constant Sample time Constants can al so be specified on the SAMPLE_T parameter. OUT Output REAL I, Q, M, D, L Result of the in struction ERR_CODE Output WORD I, Q, M, D, L Error information LD_TIME Static REAL I, Q, M, D, L, P or constant Lead time in the same unit as sam ple time. LG_TIME Static REAL I, Q, M, D, L, P or constant Lag time in in the same unit as sam ple time. GAIN Static REAL I, Q, M, D, L, P or constant Gain as % / % (the ratio of the change in output to a change in input as a steady state). PREV_IN Static REAL I, Q, M, D, L, P or constant Previous input PREV_OUT Static REAL I, Q, M, D, L, P or constant Previous output ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 0009 The value at the GAIN parameter is less than or equal to zero. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 2739 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. /($'B/$*B'% /($'B/$* 7DJ,Q 7DJB,QSXW 7DJB,QSXWB6$03/(B7 7DJ2XW (1 (12 ,1 287 6$03/(B7 (55B&2'( 7DJB2XWSXWB5HVXOW 7DJB(UURU&RGH The following tables show how the instruction works using specific values. Before processing In this example the following values are used for the input parameters: Parameter Operand Value IN Tag_Input 2.0 SAMPLE_T Tag_InputSampleTime 10 The following values are saved in the "LEAD_LAG_DB" instance data block of the instruction: Parameter Address Value LD_TIME DBD12 2.0 LG_TIME DBD16 2.0 GAIN DBD20 1.0 PREV_IN DBD24 6.0 PREV_OUT DBD28 6.0 After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value OUT Tag_Output_Result 2.0 The following values are saved in the instance data block "LEAD_LAD_DB" of the instruction: 2740 Parameter Operand Value PREV_IN DBD24 2.0 PREV_OUT DBD28 2.0 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) SEG: Create bit pattern for seven-segment display (S7-1500) Description The instruction "Create bit pattern for seven-segment display" is used to convert each of the four hexadecimal digits of the specified source word (IN) into an equivalent bit pattern for a seven-segment display. The result of the instruction is output in the double word on the OUT parameter. The following relation exists between the hexadecimal digits and the assignment of the 7 segments (a, b, c, d, e, f, g): Input digit (Binary) 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111 WinCC Advanced V14 System Manual, 10/2016 Assignment of the Display Seven-segment display segments (Hexadecimal) gfedcba D 00111111 0 00000110 1 I E 01011011 2 J 01001111 3 01100110 4 H F 01101101 5 G 01111101 6 00000111 7 01111111 8 01100111 9 01110111 A 01111100 B 00111001 C 01011110 D 01111001 E 01110001 F 2741 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Create bit pattern for seven-segment display" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input WORD I, Q, M, D, L, P, or constant Source word with four hexa decimal digits OUT Output DWORD I, Q, M, D, L, P Bit pattern for the seven-seg ment display Example The following example shows how the instruction works: 6(* 7DJ,Q 7DJ2XW 7DJB,QSXW (1 (12 ,1 287 7DJB2XWSXW The following table shows how the instruction works using specific operand values: Parameter Operand Value Hexadecimal Binary IN Tag_Input W#16#1234 0001 0010 0011 0100 OUT Tag_Output DW#16065B4F66 000 00110 0101 1011 0100 1111 0110 0110 Display: 1234 For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) 2742 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions BCDCPL: Create tens complement (S7-1500) Description You can use the "Create tens complement" instruction to create the tens complement of a seven-digit BCD number specified in the IN parameter. This instruction uses the following mathematical formula to calculate: 10000000 (as BCD) - 7-digit BCD value ---------------------------------------Tens complement (as BCD) Parameters The following table shows the parameters of the "Create tens complement" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Bit strings I, Q, M, D, L, P, or constant 7-digit BCD number ERR_CODE Output DWORD I, Q, M, D, L, P Result of the instruction Example The following example shows how the instruction works: %&'&3/ 7DJ,Q 7DJ2XW (1 7DJB,QSXW ,1 (12 (55B&2'( 7DJB2XWSXW The following table shows how the instruction functions using specific values: Parameter Operand Value* IN Tag_Input DW#16#01234567 ERR_CODE Tag_Output DW#16#08765433 *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 2743 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) BITSUM: Count number of set bits (S7-1500) Description The "Count number of set bits" instruction is used to count the number of bits of an operand that is set to the signal state "1". The operand whose bits are to be counted is specified on the IN parameter. The result of the instruction is output on the RET_VAL parameter. Parameters The following table shows the parameters of the "Count number of set bits" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input DWORD I, Q, M, D, L, P, or constant Operand whose set bits are counted RET_VAL Output INT I, Q, M, D, L, P Number of bits to be set Example The following example shows how the instruction works: %,7680 7DJ,Q 7DJ2XW (1 7DJB,QSXW ,1 (12 5(7B9$/ 7DJB2XWSXW The following table shows how the instruction functions using specific values: Parameter Operand Value* IN Tag_Input DW#16#12345678 RET_VAL Tag_Output W#16#000D (13 Bits) *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For more information and the program code to the above named example, refer to: Sample Library for Instructions (Page 2434) 2744 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on LAD (Page 4634) FBD (S7-1200, S7-1500) Bit logic operations (S7-1200, S7-1500) &: AND logic operation (S7-1200, S7-1500) Description You can use the instruction "AND logic operation" to query the signal states of two or more specified operands and evaluate them according to the AND truth table. If the signal state of all the operands is "1", then the condition is fulfilled and the instruction returns the result "1". If the signal state of one of the operands is "0", then the condition is not fulfilled and the instruction generates the result "0". Parameters The following table shows the parameters of the instruction "AND logic operation": Parameters Declaration Data type Memory area S7-1200 <Operand> Input BOOL Description S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C The operand indi cates the bit whose signal state will be queried. Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW Output "TagOut" is set, when the signal state of the operands "TagIn_1" and "TagIn_2" is "1" and reset when the state of the operands "TagIn_1" and "TagIn_2" is "0". WinCC Advanced V14 System Manual, 10/2016 2745 Programming the PLC 11.4 Instructions See also AND truth table (Page 2746) Example of detecting the direction of a conveyor belt (Page 4737) Example of controlling room temperature (Page 4745) Overview of the valid data types (Page 2131) Adding additional inputs and outputs to FBD elements (Page 4723) System memory areas (Page 947) Insert input (Page 2750) Example of detecting the fill level of a storage area (Page 4739) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) FBD programming examples (Page 4735) AND truth table (S7-1200, S7-1500) Results of the logic operation The following table shows the results that arise from the AND logic operation of two operands: Signal state of the first operand Signal state of the second oper and Result of the logic operation 1 1 1 0 1 0 1 0 0 0 0 0 See also &: AND logic operation (Page 2745) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) 2746 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions >=1: OR logic operation (S7-1200, S7-1500) Description You can use the instruction "OR logic operation" to query the signal states of two or more specified operands and evaluate them according to the OR truth table. If the signal state of one of the operands is "1", then the condition is fulfilled and the instruction returns the result "1". If the signal state of all the operands is "0", then the condition is not fulfilled and the instruction generates the result "0". Parameters The following table shows the parameters of the instruction "OR logic operation": Parameters <Operand> Declaration Input Data type BOOL Memory area S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Description The operand indi cates the bit whose signal state will be queried. Example The following example shows how the instruction works: 7DJ,QB ! 7DJ,QB 7DJ2XW Output "TagOut" is set, when the signal state of the operands "TagIn_1" or "TagIn_2" is "1". See also OR truth table (Page 2748) Example of controlling a conveyor belt (Page 4735) Adding additional inputs and outputs to FBD elements (Page 4723) System memory areas (Page 947) Overview of the valid data types (Page 2131) Insert input (Page 2750) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) FBD programming examples (Page 4735) WinCC Advanced V14 System Manual, 10/2016 2747 Programming the PLC 11.4 Instructions OR truth table (S7-1200, S7-1500) Results of the logic operation The following table shows the results that arise from the OR logic operation of two operands: Signal state of the first operand Signal state of the second oper and Result of the logic operation 1 0 1 0 1 1 1 1 1 0 0 0 See also >=1: OR logic operation (Page 2747) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) X: EXCLUSIVE OR logic operation (S7-1200, S7-1500) Description You can use the "EXCLUSIVE OR logic operation" instruction to query the result of a signal state query according to the EXCLUSIVE OR truth table. With an "EXCLUSIVE OR logic operation" instruction, the signal state is "1" when the signal state of one of the two specified operands is "1". When more than two operands are queried, the common RLO is "1" if an odd number of the queried operands returns the result "1". Parameters The following table shows the parameters of the instruction "EXCLUSIVE OR logic operation": 2748 Parameters Declaration Data type <Operand> Input BOOL Memory area S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Description The operand indicates the bit whose signal state will be queried. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB ; 7DJ2XW 7DJ,QB Output "TagOut" is set when the signal state of the operands "TagIn_1" and "TagIn_2" is "1". When both operands return the signal state "1" or "0", the output "TagOut" is reset. See also EXCLUSIVE OR truth table (Page 2749) Adding additional inputs and outputs to FBD elements (Page 4723) Overview of the valid data types (Page 2131) System memory areas (Page 947) Insert input (Page 2750) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) EXCLUSIVE OR truth table (S7-1200, S7-1500) Results of the logic operation The following table shows the results that arise from the EXCLUSIVE OR logic operation of two operands: Signal state of the first operand Signal state of the second oper and Result of the logic operation 1 0 1 0 1 1 1 1 0 0 0 0 The following table shows the results that arise from the EXCLUSIVE OR logic operation of three operands: WinCC Advanced V14 System Manual, 10/2016 Signal state of the first operand Signal state of the sec ond operand Signal state of the third operand Result of the logic oper ation 1 0 0 1 0 1 1 0 0 1 0 1 2749 Programming the PLC 11.4 Instructions Signal state of the first operand Signal state of the sec ond operand Signal state of the third operand Result of the logic oper ation 1 0 1 0 0 0 1 1 1 1 0 0 1 1 1 1 0 0 0 0 See also X: EXCLUSIVE OR logic operation (Page 2748) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) Insert input (S7-1200, S7-1500) Description The "Insert input" instruction is used to add an input to the box of one of the following instructions: "AND logic operation" "OR logic operation" "EXCLUSIVE OR logic operation" You can query the signal state of several operands by the extension of an instruction box. Parameters The following table shows the parameters of the "Insert input" instruction: Parameters <Operand> 2750 Declaration Input Data type BOOL Memory area S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Description The operand indicates the bit whose signal state will be queried. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ2XW 7DJ,QB 7DJ,QB The box of the "AND logic operation" instruction was extended by an additional input at which the signal state of the operand "TagIn_3" is queried. The "TagOut" output is set, when the operands "TagIn_1" and "TagIn_2" and "TagIn_3" return signal state "1". See also &: AND logic operation (Page 2745) >=1: OR logic operation (Page 2747) X: EXCLUSIVE OR logic operation (Page 2748) Overview of the valid data types (Page 2131) Inserting operands in FBD instructions (Page 4727) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) System memory areas (Page 947) Invert RLO (S7-1200, S7-1500) Description You use the "Invert RLO" instruction to invert the signal state of the result of logic operation (RLO). Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB WinCC Advanced V14 System Manual, 10/2016 7DJ,QB ! 7DJ2XW 2751 Programming the PLC 11.4 Instructions The "TagOut" output is set when the following conditions are fulfilled: The input "TagIn_1" and/or "TagIn_2" has signal state "0". The input "TagIn_3" and/or "TagIn_4" has signal state "0" or the input "TagIn_5" has signal state "1". See also Overview of the valid data types (Page 2131) Example of detecting the direction of a conveyor belt (Page 4737) Example of detecting the fill level of a storage area (Page 4739) Example of controlling room temperature (Page 4745) FBD programming examples (Page 4735) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) =: Assignment (S7-1200, S7-1500) Description You can use the instruction "Assignment" to set the bit of a specified operand. If the result of logic operation (RLO) at the box input has the signal state "1", the specified operand is set to signal state "1". If the signal state at the box input is "0", the bit of the specified operand is reset to "0". The instruction does not influence the RLO. The RLO at the box input is assigned directly to the operand above the assignment box. Parameters The following table shows the parameters of the instruction "Assignment": 2752 Parameters Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand to which the RLO is assigned. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB ! 7DJ,QB 7DJ2XW The operand "TagOut" is set at the output of the "Assignment" instruction when one of the following conditions is fulfilled: The inputs "TagIn_1" and "TagIn_2" have the signal state "1". The signal state at the input "TagIn_3" is "0". See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4739) Example of controlling room temperature (Page 4745) FBD programming examples (Page 4735) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) /=: Negate assignment (S7-1200, S7-1500) Description The instruction "Negate assignment" inverts the result of logic operation (RLO) and assigns this to the operand above the box. If the RLO at the input of the box is "1", the binary operand is reset. If the RLO at the input of the box is "0", the operand is set to signal state "1". Parameters The following table shows the parameters of the instruction "Negate assignment": WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand to which the nega ted RLO is assigned. 2753 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ! 7DJ,QB 7DJ,QB 7DJ2XW 7DJ,QB The operand "TagOut" is reset when the following conditions are fulfilled: The operand "TagIn_1" or "TagIn_2" has the signal state "1". The operand "TagIn_3" has the signal state "0". See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) R: Reset output (S7-1200, S7-1500) Description You can use the "Reset output" instruction to reset the signal state of a specified operand to "0". The instruction is only executed if the result of logic operation (RLO) at the box input is "1". If the box input has the signal state "1", the specified operand is reset to "0". If there is an RLO of "0" at the box input, the signal state of the specified operand remains unchanged. Parameters The following table shows the parameters of the "Reset output" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 <Operand> 2754 Output BOOL I, Q, M, D, L I, Q, M, D, L, Operand that is reset if T, C RLO = "1". WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB ! 7DJ2XW 7DJ,QB 5 Operand "TagOut" is reset when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The operand "TagIn_3" has the signal state "0". See also Example of controlling a conveyor belt (Page 4735) Example of detecting the direction of a conveyor belt (Page 4737) System memory areas (Page 947) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) FBD programming examples (Page 4735) S: Set output (S7-1200, S7-1500) Description You can use the instruction "Set output" to set the signal state of a specified operand to "1". The instruction is only executed if the result of logic operation (RLO) at the box input is "1". If the box input has the signal state "1", the specified operand is set to "1". If there is an RLO of "0" at the box input, the signal state of the specified operand remains unchanged. Parameters The following table shows the parameters of the instruction "Set output": WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description <Operand> Output BOOL I, Q, M, D, L Operand which is set with RLO = "1". 2755 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB ! 7DJ2XW 7DJ,QB 6 The "TagOut" operand is set when one of the following conditions is fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The operand "TagIn_3" has the signal state "0". See also System memory areas (Page 947) Overview of the valid data types (Page 2131) Example of detecting the direction of a conveyor belt (Page 4737) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) FBD programming examples (Page 4735) SET_BF: Set bit field (S7-1200, S7-1500) Description You use the "Set bit field" instruction to set several bits starting from a certain address. You use the N input to define the number of bits to be set. The address of the first bit to be set is defined by (<Operand>). If the value of the N input is greater than the number of bits in a selected byte, the bits of the next byte are set. The bits remain set until they are explicitly reset by another instruction. Bit fields of the type PLC data type, STRUCT or ARRAY With structures of the type PLC data type, STRUCT or ARRAY, the number of bits contained in the structure represents the maximum number of bits that can be reset: If you specify the value "20" at the N input, for example, and the structure only contains 10 bits, then only these 10 bits are set. If you specify the value "5" at the N input, for example, and the structure contains 10 bits, then exactly 5 bits are set. 2756 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Set bit field" instruction: Parameters EN Declaration Input Data type BOOL Memory area Description S7-1200 S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Enable input N Input UINT Constant Constant Number of bits to be set <Operand> Output BOOL I, Q, M I, Q, M With a DB or an IDB, an element of an AR RAY[..] of BOOL With a DB or an IDB, an el ement of an ARRAY[..] of BOOL Pointer to the first bit to be set. Example The following example shows how the instruction works: 7DJ,QB 0\'%0\%RRO$UUD\>@ 7DJ,QB 6(7B%) (1 1 If the operands "TagIn_1" and "TagIn_2" have the signal state "1", 5 bits are set starting at the address of the operand "MyDB".MyBoolArray[4]. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) RESET_BF: Reset bit field (S7-1200, S7-1500) Description You use the "Reset bit field" instruction to reset several bits starting from a certain address. You use the value of the N input to define the number of bits to be reset. The address of the first bit to be reset is defined by (<Operand>). If the value of the N input is greater than the WinCC Advanced V14 System Manual, 10/2016 2757 Programming the PLC 11.4 Instructions number of bits in a selected byte, the bits of the next byte are reset. The bits remain set until they are explicitly reset by another instruction. Bit fields of the type PLC data type, STRUCT or ARRAY With structures of the type PLC data type, STRUCT or ARRAY, the number of bits contained in the structure represents the maximum number of bits that can be set: If you specify the value "20" at the N input, for example, and the structure only contains 10 bits, then only these 10 bits are reset. If you specify the value "5" at the N input, for example and the structure contains 10 bits, then exactly 5 bits are reset. Parameters The following table shows the parameters of the "Reset bit field" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input N Input UINT Constant Constant Number of bits to be reset <Operand> Output BOOL I, Q, M I, Q, M With a DB or an IDB, an ele ment of an ARRAY[..] of BOOL With a DB or an IDB, an element of an AR RAY[..] of BOOL Pointer to the first bit to be reset. Example The following example shows how the instruction works: 7DJ,QB 0\'%0\%RRO$UUD\>@ 5(6(7B%) 7DJ,QB (1 1 If the operands "TagIn_1" and "TagIn_2" have the signal state "1", 5 bits are reset starting at the address of the operand "MyDB".MyBoolArray[4]. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) 2758 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) SR: Set/reset flip-flop (S7-1200, S7-1500) Description You can use the "Set/reset flip-flop" instruction to set or reset the bit of a specified operand based on the signal state of the inputs S and R1. If the signal state is "1" at input S and "0" at input R1, the specified operand is set to "1". If the signal state is "0" at input S and "1" at input R1, the specified operand will be reset to "0". Input R1 takes priority over input S. When the signal state is "1" on both inputs S and R1, the signal state of the specified operand is reset to "0". The instruction is not executed if the signal state at the two inputs S and R1 is "0". The signal state of the operand then remains unchanged. The current signal state of the operand is transferred to output Q and can be queried there. Parameters The following table shows the parameters of the "Set/reset flip-flop" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description S Input BOOL I, Q, M, D, L I, Q, M, D, L, Enable setting T, C R1 Input BOOL I, Q, M, D, L I, Q, M, D, L, Enable resetting T, C <Operand> InOut BOOL I, Q, M, D, L I, Q, M, D, L Operand that is set or reset Q Output BOOL I, Q, M, D, L I, Q, M, D, L Signal state of the op erand Example The following example shows how the instruction works: 7DJ65 7DJ,QB 65 6 7DJ2XW 7DJ,QB WinCC Advanced V14 System Manual, 10/2016 5 4 2759 Programming the PLC 11.4 Instructions The operands "TagSR" and "TagOut" are set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The operand "TagIn_2" has the signal state "0". The operands "TagSR" and "TagOut" are reset when one of the following conditions is fulfilled: The operand "TagIn_1" has signal state "0" and the operand "TagIn_2" has signal state "1". The operands "TagIn_1" and "TagIn_2" have signal state "1". See also System memory areas (Page 947) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) RS: Reset/set flip-flop (S7-1200, S7-1500) Description You can use the "Reset/set flip-flop" instruction to reset or set the bit of a specified operand based on the signal state of the inputs R and S1. If the signal state is "1" at input R and "0" at input S1, the specified operand will be reset to "0". If the signal state is "0" at input R and "1" at input S1, the specified operand is set to "1". Input S1 takes priority over input R. When the signal state is "1" at both inputs R and S1, the signal state of the specified operand is set to "1". The instruction is not executed if the signal state at the two inputs R and S1 is "0". The signal state of the operand then remains unchanged. The current signal state of the operand is transferred to output Q and can be queried there. Parameters The following table shows the parameters of the "Reset/set flip-flop" instruction: Parameters 2760 Declaration Data type Memory area S7-1200 S7-1500 Description R Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable resetting S1 Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable setting <Operand> InOut BOOL I, Q, M, D, L I, Q, M, D, L Operand that is reset or set. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Signal state of the oper and WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ56 7DJ,QB 56 5 7DJ2XW 7DJ,QB 6 4 The operands "TagRS" and "TagOut" are reset when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The operand "TagIn_2" has the signal state "0". The operands "TagRS" and "TagOut" are set when the following conditions are fulfilled: The operand "TagIn_1" has signal state "0" and the operand "TagIn_2" has signal state "1". The operands "TagIn_1" and "TagIn_2" have signal state "1". See also System memory areas (Page 947) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) P: Scan operand for positive signal edge (S7-1200, S7-1500) Description You can use the "Scan operand for positive signal edge" instruction to determine whether there is a "0" to "1" change in the signal state of a specified operand (<Operand1>). The instruction compares the current signal state of <Operand1> with the signal state of the previous scan, which is saved in an edge memory bit (<Operand2>). If the instruction detects a change in the result of logic operation (RLO) from "0" to "1", there is a positive, rising edge. The following figure shows the change in the signal state in case of a negative and a positive signal edge: 6LJQDO VWDWH 3RVLWLYHVLJQDOHGJH 1HJDWLYHVLJQDOHGJH WinCC Advanced V14 System Manual, 10/2016 7LPHU 2761 Programming the PLC 11.4 Instructions The positive signal edge is queried each time the instruction executes. When a positive signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". Specify the operand to be queried (<Operand1>) in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameters The following table shows the parameters of the "Scan operand for positive signal edge" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description <Operand1> Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Signal to be scanned <Operand2> InOut BOOL I, Q, M, D, L I, Q, M, D, L Edge memory bit in which the signal state of the previous scan is saved. Example The following example shows how the instruction works: 7DJ,QB 3 7DJB0 7DJ2XW 7DJ,QB The "TagOut" output is set when the following conditions are fulfilled: There is a rising edge at input "TagIn_1". The signal state of the operand "TagIn_2" is "1". See also Overview of the valid data types (Page 2131) Example of detecting the direction of a conveyor belt (Page 4737) 2762 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions FBD programming examples (Page 4735) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) N: Scan operand for negative signal edge (S7-1200, S7-1500) Description You can use the "Scan operand for negative signal edge" instruction to determine whether there is a "1" to "0" change in the signal state of a specified operand (<Operand1>). The instruction compares the current signal state of <Operand1> with the signal state of the previous scan, which is saved in an edge memory bit (<Operand2>). If the instruction detects a change in the result of logic operation (RLO) from "1" to "0", there is a negative, falling edge. The following figure shows the change in the signal state in case of a negative and a positive signal edge: 6LJQDO VWDWH 3RVLWLYHVLJQDOHGJH 1HJDWLYHVLJQDOHGJH 7LPHU The negative signal edge is queried each time the instruction executes. When a negative signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". Specify the operand to be queried (<Operand1>) in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. WinCC Advanced V14 System Manual, 10/2016 2763 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Scan operand for negative signal edge" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description <Operand1> Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Signal to be scanned <Operand2> InOut BOOL I, Q, M, D, L I, Q, M, D, L Edge memory bit in which the signal state of the previous scan is saved. Example The following example shows how the instruction works: 7DJ,QB 1 7DJB0 7DJ2XW 7DJ,QB The "TagOut" output is set when the following conditions are fulfilled: There is a falling edge at input "TagIn_1". The signal state of the operand "TagIn_2" is "1". See also System memory areas (Page 947) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Inserting operands in FBD instructions (Page 4727) Editing FBD elements (Page 4719) P=: Set operand on positive signal edge (S7-1200, S7-1500) Description You can use the instruction "Set operand on positive signal edge" to set a specified operand (<Operand2>) when there is a "0" to "1" change in the result of logic operation (RLO). The instruction compares the current RLO with the RLO from the previous query, which is saved in the edge memory bit (<Operand1>). If the instruction detects a change in the RLO from "0" to "1", there is a positive signal edge. 2764 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The positive signal edge is queried each time the instruction executes. When a positive edge is detected, <Operand2> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". You specify the operand (<Operand2>) to be set in the operand placeholder above the instruction. Specify the edge memory bit (<Operand1>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameters The following table shows the parameters of the instruction "Set operand on positive signal edge": Parameters Declaration Data type Memory area Description <Operand2> Output BOOL I, Q, M, D, L Operand which is set when there is a positive signal edge. <Operand1> InOut BOOL I, Q, M, D, L Edge memory bit Example The following example shows the parameters of the instruction: 7DJ,QB 7DJ,QB 7DJ2XW 3 7DJB0 The "TagOut" output is set for one program cycle, when the signal state at the input of the instruction box switches from "0" to "1" (positive signal edge). In all other cases, the "TagOut" output has signal state "0". See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) WinCC Advanced V14 System Manual, 10/2016 2765 Programming the PLC 11.4 Instructions N=: Set operand on negative signal edge (S7-1200, S7-1500) Description You can use the instruction "Set operand on negative signal edge" to set a specified operand (<Operand1>) when there is a "1" to "0" change in the result of logic operation (RLO). The instruction compares the current RLO with the RLO from the previous query, which is saved in the edge memory bit (<Operand2>). If the instruction detects a change in the RLO from "1" to "0", there is a negative signal edge. The negative signal edge is queried each time the instruction executes. When a negative signal edge is detected, <Operand1> is set to signal state "1" for one program cycle. In all other cases, the operand has the signal state "0". You specify the operand (<Operand1>) to be set in the operand placeholder above the instruction. Specify the edge memory bit (<Operand2>) in the operand placeholder below the instruction. Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameters The following table shows the parameters of the instruction "Set operand on negative signal edge": Parameters Declaration Data type Memory area Description <Operand1> Output BOOL I, Q, M, D, L Operand which is set when there is a negative signal edge. <Operand2> InOut BOOL I, Q, M, D, L Edge memory bit Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJ2XW 1 7DJB0 The operand "TagOut" is set for one program cycle if the signal state at the input of the instruction box changes from "1" to "0" (negative signal edge). In all other cases, the operand "TagOut" has the signal state "0". 2766 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also System memory areas (Page 947) Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Inserting operands in FBD instructions (Page 4727) Editing FBD elements (Page 4719) P_TRIG: Scan RLO for positive signal edge (S7-1200, S7-1500) Description Use the instruction "Scan RLO for positive signal edge" to query a "0" to "1" change in the signal state of the result of logic operation (RLO). The instruction compares the current signal state of the RLO with the signal state of the previous query, which is saved in an edge memory bit (<operand>). If the instruction detects a change in the RLO from "0" to "1", there is a positive signal edge. The positive signal edge is queried each time the instruction executes. As soon as a positive single edge is detected, the output Q of the instruction returns the signal state "1" for the length of a program cycle. In all other cases, the output returns the signal state "0". Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. Parameters The following table shows the parameters of the instruction "Scan RLO for positive signal edge": WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Current RLO <Operand> InOut BOOL M, D Edge memory bit in which the RLO of the previous query is saved. Q Output BOOL I, Q, M, D, L Result of edge evaluation 2767 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB ! 7DJ,QB 7DJ2XW 3B75,* &/. 4 &$6 -03 7DJB0 The RLO of the preceding bit logic operation is saved in the edge memory bit "Tag_M". If a "0" to "1" change is detected in the signal state of the RLO, the program jumps to jump label CAS1. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) N_TRIG: Scan RLO for negative signal edge (S7-1200, S7-1500) Description Use the instruction "Scan RLO for negative signal edge" to query a "1" to "0" change in the signal state of the result of logic operation (RLO). The instruction compares the current signal state of the RLO with the signal state of the previous query saved in the edge memory bit (<Operand>). If the instruction detects a change in the RLO from "1" to "0", there is a negative signal edge. The negative signal edge is queried each time the instruction executes. As soon as a negative single edge is detected, the output Q of the instruction returns the signal state "1" for the length of a program cycle. In all other cases, the signal state at the output of the instruction is "0". Note Modification of the address of the edge memory bit The address of the edge memory bit must not be used more than once in the program, otherwise the bit memory is overwritten. This would influence edge evaluation and the result would no longer be unequivocal. The memory area of the edge memory bit has to be located in a DB (static area for FB) or in the bit memory area. 2768 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Scan RLO for negative signal edge" instruction: Parameter Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Current RLO <Operand> InOut BOOL M, D Edge memory bit in which the RLO of the previous query is saved. Q Output BOOL I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: 7DJ,QB ! 7DJ,QB 7DJ2XW 1B75,* &/. 4 &$6 -03 7DJB0 The RLO of the preceding bit logic operation is saved in the edge memory bit "Tag_M". If a "1" to "0" change is detected in the signal state of the RLO, the program jumps to jump label CAS1. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) R_TRIG: Detect positive signal edge (S7-1200, S7-1500) Description With the "Detect positive signal edge" instruction, you can detect a state change from "0" to "1" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "0" to "1", a positive signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". WinCC Advanced V14 System Manual, 10/2016 2769 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Detect positive signal edge" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output CLK Input BOOL I, Q, M, D, L or constant I, Q, M, D, L, T, C or constant Incoming sig nal, the edge of which is to be queried. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: 7DJ,QB '% 5B75,*B'% ! 5B75,* 7DJ,QB 7DJ,Q 7DJ,QB (1 &/. 4 7DJ2XW (12 The previous state of the tag at the CLK input is stored in the "R_TRIG_DB" tag. If a change in the signal state from "0" to "1" is detected in the "TagIn_1" and "TagIn_2" operands or in the "TagIn_3" operand, the "TagOut_Q" output has signal state "1" for one cycle. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) 2770 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions F_TRIG: Detect negative signal edge (S7-1200, S7-1500) Description With the "Detect negative signal edge" instruction, you can detect a state change from "1" to "0" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "1" to "0", a negative signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". Parameters The following table shows the parameters of the "Detect negative signal edge" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output CLK Input BOOL I, Q, M, D, L or constant I, Q, M, D, L, T, C or constant Incoming sig nal, the edge of which is to be queried. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: 7DJ,QB '% )B75,*B'% ! )B75,* 7DJ,QB 7DJ,Q 7DJ,QB (1 &/. 4 7DJ2XW (12 The previous state of the tag at the CLK input is stored in the "F_TRIG_DB" tag. If a change in the signal state from "1" to "0" is detected in the "TagIn_1" and "TagIn_2" operands or in the "TagIn_3" operand, the "TagOut_Q" output has signal state "1" for one cycle. See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) WinCC Advanced V14 System Manual, 10/2016 2771 Programming the PLC 11.4 Instructions Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) Timer operations (S7-1200, S7-1500) TP: Generate pulse (S7-1200, S7-1500) Description You can use the "Generate pulse" instruction to set the Q output for a programmed duration. The instruction is started when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. Output Q is set for the duration PT, regardless of the subsequent course of the input signal. Even when a new positive signal edge is detected, the signal state of the Q output is not affected as long as the PT duration is running. You can query the current time value at the ET output. The timer value starts at T#0s and ends when the value of the time duration PT is reached. If the configured time duration PT is reached and the signal state at input IN is "0", the ET output is reset. Each call of the "Generate pulse" instruction must be assigned to an IEC timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC timer is a structure of the data type IEC_TIMER or TP_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC Timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TP_TIME or TP_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME, TP_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) 2772 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate pulse" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Generate pulse" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L or constant I, Q, M, D, L, Duration of P or constant the pulse. The value of the PT pa rameter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Pulse output ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current tim er value Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate pulse" instruction: ,1 4 37 37 37 (7 37 WinCC Advanced V14 System Manual, 10/2016 2773 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 73B'% 73 7,0( 7DJB6WDUW ,1 4 7DJB3UHVHW7LPH 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status TRUE ET Tag_ElapsedTime from T#0s => T#10s When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started and the "Tag_Status" operand is set to "1". The current time value is stored in the "Tag_ElapsedTime" operand. When the time expires, the "Tag_Status" operand is reset to signal state "0". See also Overview of the valid data types (Page 2131) Example of controlling room temperature (Page 4745) FBD programming examples (Page 4735) Basic information on FBD (Page 4693) Memory areas (Page 944) TON: Generate on-delay (S7-1200, S7-1500) Description You can use the instruction "Generate on-delay" to delay setting of the Q output by the time configured with the PT time. The instruction is started when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. When the time PT has elapsed, the output Q has the signal state "1". Output Q remains set as long as the start input is still "1". When the signal state at the start input changes from "1" to "0", the Q output is reset. The timer function is started again when a new positive signal edge is detected at the start input. The current time value can be queried at the output ET. The timer value starts at T#0s and ends when the value of the time duration PT is reached. The ET output is reset as soon as the signal state at the IN input changes to "0". 2774 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Each call of the "Generate on-delay" instruction must be assigned to an IEC timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC Timer is a structure of the data type IEC_TIMER or TON_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC Timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TON_TIME or TON_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME, TON_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate on-delay" instruction requires a preceding logic operation. It can be placed within or at the end of the network. WinCC Advanced V14 System Manual, 10/2016 2775 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Generate on-delay" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L or constant I, Q, M, D, L, Duration of P or constant the on delay. The value of the PT pa rameter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is set when the time PT expires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current tim er value Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate on-delay" instruction: ,1 4 37 37 (7 37 2776 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 721B'% 721 7,0( 7DJB6WDUW ,1 4 7DJB3UHVHW7LPH 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status FALSE; after 10 s => TRUE ET Tag_ElapsedTime from T#0s => T#10s When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. When the time duration expires, the "Tag_Status" operand is set to the signal state "1". The Tag_Status operand remains set to "1" as long as the Tag_Start operand has signal state "1". The current time value is stored in the "Tag_ElapsedTime" operand. When the signal state at the operand "Tag_Start" changes from "1" to "0", the "Tag_Status" operand is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) TOF: Generate off-delay (S7-1200, S7-1500) Description You can use the "Generate off-delay" instruction to delay setting of the Q output by the time configured with the PT time. The output Q is set when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive signal edge). When the signal state at input IN changes back to "0" (positive signal edge), the configured time duration PT starts. Output Q remains set as long as the time duration PT is running. When the PT time duration expires, the Q output is reset. If the signal state at input IN changes to "1" before the PT time duration expires, the timer is reset. The signal state at the output Q continues to be "1". The current time value can be queried at the output ET. The timer value starts at T#0s and ends when the value of the time duration PT is reached. When the PT time duration expires, the ET output remains set to the current value until input IN changes back to "1". If input IN changes to "1" before the time duration PT has expired, the ET output is reset to the value T#0s. WinCC Advanced V14 System Manual, 10/2016 2777 Programming the PLC 11.4 Instructions Each call of the "Generate off-delay" instruction must be assigned to an IEC Timer in which the instruction data is stored. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. For S7-1200 CPU An IEC Timer is a structure of the data type IEC_TIMER or TOF_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC Timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TOF_TIME or TOF_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME, TOF_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the "Generate off-delay" instruction requires a preceding logic operation. It can be placed within or at the end of the network. 2778 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Generate off-delay" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L or constant I, Q, M, D, L, Duration of P or constant the off delay The value of the PT pa rameter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is reset when the timer PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current tim er value Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate off-delay" instruction: ,1 4 37 37 (7 37 WinCC Advanced V14 System Manual, 10/2016 2779 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 72)B'% 72) 7,0( 7DJB6WDUW ,1 4 7DJB3UHVHW7LPH 37 (7 7DJB6WDWXV 7DJB(ODSVHG7LPH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1"; sig nal transition "1" => "0" PT Tag_PresetTime T#10s Q Tag_Status TRUE ET Tag_ElapsedTime from T#10s => T#0s When the signal state of the operand "Tag_Start" changes from "0" to "1", the "Tag_Status" operand is set to signal state "1". When the signal state of the "Tag_Start" operand changes from "1" to "0", the time programmed for the PT parameter is started. As long as the time is running, the "Tag_Status" operand remains set to TRUE. When the time has expired, the "Tag_Status" operand is reset to FALSE. The current time value is stored in the "Tag_ElapsedTime" operand. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) TONR: Time accumulator (S7-1200, S7-1500) Description The instruction "Time accumulator" is used to accumulate time values within a period set by the parameter PT. The instruction is executed and the configured time duration PT is started when the result of logic operation (RLO) at input IN changes from "0" to "1" (positive edge). While the time PT is running, the time values are accumulated that are recorded when the IN input has signal state "1". The accumulated time is written to the ET output and can be queried there. When the current time value PT is reached, the output Q has the signal state "1". Output Q remains set at "1", even when the signal state at input IN changes to "0". The R input resets the outputs ET and Q regardless of the signal state at the start input. Each call of the "Time accumulator" instruction must be assigned an IEC timer in which the instruction data is stored. 2780 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For S7-1200 CPU An IEC Timer is a structure of the data type IEC_TIMER or TONR_TIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TONR_TIME or TONR_LTIME that you can declare as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME, TONR_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. The execution of the Time accumulator" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Time accumulator" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description IN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C, P Start input R Input BOOL BOOL I, Q, M, D, L or constant I, Q, M, D, L, Reset input P or constant PT Input TIME TIME, LTIME I, Q, M, D, L or constant I, Q, M, D, L, Maximum P or constant duration of time record ing. The value of the PT pa rameter must be pos itive. WinCC Advanced V14 System Manual, 10/2016 2781 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 Q Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L, P Output that is set when time PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L I, Q, M, D, L, P Current tim er value Pulse timing diagram The following figure shows the pulse timing diagram of the "Time accumulator" instruction: ,1 5 4 37 (7 Example The following example shows how the instruction works: 7215B'% 7215 7,0( 7DJB6WDUW ,1 4 7DJB5HVHW 5 (7 7DJB3UHVHW7LPH 2782 7DJB6WDWXV 7DJB(ODSVHG7LPH 37 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Start Signal transition "0" => "1" PT Tag_PresetTime T#10s Q Tag_Status FALSE; after 10 s => TRUE ET Tag_ElapsedTime Signal transition from "0" => "1" The time T#10s expires. After 5 s signal transition from "1" => "0": The time at the "Tag_Elapsed Time" operand remains at T#5s. After approx. 2 s, renewed signal transition from "0" => "1": The time at the "Tag_Elapsed Time" operand continues to run at T#5s. When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. The time continues to run as long as the "Tag_Start" operand has the signal state "1". When the signal state of the "Tag_Start" operand changes from "1" to "0", the time stops and the current time value at the Tag_ElapsedTime operand is recorded. When the signal state at the "Tag_Start" operand changes again from "0" to "1", the time continues to run starting at the time value that was recorded at the transition from "1" to "0". When the time value specified for the PT parameter is reached, the "Tag_Status" operand is set to the signal state "1". The current time value is stored in the "Tag_ElapsedTime" operand. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2783 Programming the PLC 11.4 Instructions TP: Start pulse timer (S7-1200, S7-1500) Description Use the instruction "Start pulse timer" to start an IEC Timer with a specified duration as pulse. The IEC Timer is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The IEC Timer runs for the specified time duration regardless of the subsequent course of the RLO. The expiry of the IEC Timer is also not affected by the detection of a new rising edge. As long as the IEC Timer is running, the querying of the timer status for "1" returns the signal state "1". When the IEC Timer has expired, the timer status returns the signal state "0". Note The start and the query of the IEC Timer may be on different expiry levels as each query of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start pulse timer" stores its data in a structure of the data type IEC_TIMER or TP_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The instruction "Start pulse timer" stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TP_TIME or TP_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TP_TIME, TP_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is saved in the structure components Q of the IEC Timer. You can query the timer status with the help of a binary logic operation. The execution of the instruction "Start pulse timer" assumes a preceding logic operation. It can be placed only at the end of the network. 2784 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Start pulse timer": Parameters Declaration Data type S7-1200 S7-1500 Memory area Description VALUE Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC Timer runs. <IEC Timer> InOut IEC_TIMER, TP_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME D, L IEC Timer which is star ted. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: '% 0\,(&B7,0(5 7DJB,QSXW 7DJB7,0( 73 7,0( 9$/8( The instruction "Start pulse timer" is executed when the signal state of the operand "Tag_Input" changes from "0" to "1". The timer "DB1".MyIEC_TIMER is started for the time stored in the operand "TagTime". 7DJB2XWSXW '%0\,(&B 7,0(54 As long as the timer "DB1".MyIEC_TIMER is running, the timer status ("DB1".MyIEC_TIMER.Q) has signal state "1" and the operand "Tag_Output" is set. When the IEC Timer has expired, the signal state of the time status changes back to "0" and the "Tag_Output" operand is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2785 Programming the PLC 11.4 Instructions TON: Start on-delay timer (S7-1200, S7-1500) Description Use the "Start on-delay timer" instruction to start an IEC Timer with a specified duration as ondelay. The IEC Timer is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The IEC Timer runs for the specified time duration. The output returns the signal state "1" if the RLO at the input of the instruction has the signal state "1". If the RLO changes to "0" before the end of the timer, the running IEC Timer is reset. The query of the timer status for "1" returns the signal state "0". The IEC Timer restarts when the next rising signal edge is detected at the input of the instruction. Note The start and the query of the IEC Timer may be on different expiry levels as each query of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start on-delay timer" stores its data in a structure of the data type IEC_TIMER or TON_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Start on-delay timer" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TON_TIME or TON_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TON_TIME, TON_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is saved in the structure components ET of the IEC Timer. You can query the timer status with the help of a binary logic operation. The execution of the "Start on-delay timer" instruction assumes a preceding logic operation. It can be placed only at the end of the network. 2786 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Start on-delay timer": Parameters Declaration Data type S7-1200 S7-1500 Memory area Description VALUE Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC Timer runs. <IEC Timer> InOut IEC_TIMER, TON_TIME IEC_TIMER, IEC_LTIMER, TON_TIME, TON_LTIME D, L IEC Timer which is star ted. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 0\,(&B7,0(5 7DJB,QSXW 7DJB7,0( 721 7,0( 9$/8( The "Start on-delay timer" instruction is executed when the signal state of the operand "Tag_Input" changes from "0" to "1". The "MyIEC_TIMER" timer is started for the time stored in the "Tag_TIME" operand. 7DJB2XWSXW 0\,(&B7,0(54 If the timer "MyIEC_TIMER" has expired and the operand "Tag_Input" has the signal state "1", querying the timer status ("MyIEC_TIMER".Q) returns signal state "1" and the "Tag_Output" operand is set. When the signal state of the operand "Tag_Input" changes to "0", the querying of the timer status returns the signal state "0" and the operand "Tag_Output" is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2787 Programming the PLC 11.4 Instructions TOF: Start off-delay timer (S7-1200, S7-1500) Description Use the "Start off-delay timer" instruction to start an IEC Timer with a specified duration as offdelay. The query of the timer status for "1" returns the signal state "0" if the result of the logic operation (RLO) at the input of the instruction has the signal state "1". When the RLO changes from "1" to "0" (negative signal edge), the IEC Timer starts with the specified time duration. The timer status remains at signal state "1" as long as the IEC Timer is running. When the timer has run out and the RLO at the input of the instruction has the signal state "0", the timer status is set to the signal state "0". If the RLO changes to "1" before the end of the timer, the running IEC Timer is reset and the timer status remain at the signal state "1". Note The start and the query of the IEC Timer may be on different expiry levels as each query of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The instruction "Start off-delay timer" stores its data in a structure of the data type IEC_TIMER or TOF_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Start off-delay timer" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TOF_TIME or TOF_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TOF_TIME, TOF_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is saved in the structure components ET of the IEC Timer. You can query the timer status with the help of a binary logic operation. The execution of the "Start off-delay timer" instruction assumes a preceding logic operation. It can be placed only at the end of the network. 2788 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Start off-delay timer": Parameters Declaration Data type S7-1200 S7-1500 Memory area Description VALUE Input TIME TIME, LTIME I, Q, M, D, L or constant Duration with which the IEC Timer runs. <IEC Timer> InOut IEC_TIMER, TOF_TIME IEC_TIMER, IEC_LTI MER, TOF_TIME, TOF_LTIME IEC Timer which is started. D, L You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 0\,(&B7,0(5 72) 7DJB,QSXW 7DJB7,0( 7,0( 9$/8( The "Start off-delay timer" instruction is executed when the signal state of the operand "Tag_Input" changes from "1" to "0". The #MyIEC_TIMER timer is started for the time stored in the operand "Tag_TIME". 7DJB2XWSXW 0\,(&B7,0(5 As long as timer #MyIEC_TIMER is running, the query of the time status (#MyIEC_TIMER.Q) returns the signal state "1" and operand "Tag_Output" is set. If the timer has expired and the operand "Tag_Input" has the signal state "0", the query of the timer status returns the signal state "0". If the signal state of the operand "Tag_Input" changes to "1" before timer #MyIEC_TIMER expires, the timer is reset. When the signal state of the operand "Tag_Input" is "1", the query of the timer status returns the signal state "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2789 Programming the PLC 11.4 Instructions TONR: Time accumulator (S7-1200, S7-1500) Description You can use the "Time accumulator" instruction to record how long the signal is at the input of instruction "1". The instruction is started when the result of logic operation (RLO) changes from "0" to "1" (positive signal edge). The time is recorded as long at the RLO is "1". If the RLO changes to "0", the instruction is halted. If the RLO changes back to "1", the time recording is continued. The query of the timer status for "1" returns the signal state "1" if the recorded time exceeds the value of the specified time duration and the RLO at the input of coil is "1". The timer status and the currently expired timer can be reset to "0" using the "Reset timer" instruction. Note The start and the query of the IEC Timer may be on different expiry levels as each query of the outputs Q or ET updates the IEC_TIMER structure. For S7-1200 CPU The "Time accumulator" instruction stores its data in a structure of the data type IEC_TIMER or TONR_TIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME or IEC_TIMER in the "Static" section of a block (for example, #MyIEC_TIMER) For S7-1500 CPU The "Time accumulator" instruction stores its data in a structure of the data type IEC_TIMER, IEC_LTIMER, TONR_TIME or TONR_LTIME. You can declare the structure as follows: Declaration of a data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER") Declaration as a local tag of the type TONR_TIME, TONR_LTIME, IEC_TIMER or IEC_LTIMER in the "Static" section of a block (for example, #MyIEC_TIMER) The instruction data is updated in the following cases: The IEC_Timer structure is updated when the instruction is called. The time value at the ET output is only updated if the ET or Q outputs are scanned (e.g. "MyTimer".Q or "MyTimer".ET). When the assigned timer is accessed. The current timer status is saved in the structure components ET of the IEC Timer. You can query the timer status with the help of a binary logic operation. The execution of the "Time accumulator" instruction requires a preceding logic operation. It can be placed only at the end of the network. 2790 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Time accumulator" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Descrip tion VALUE Input TIME TIME, LTIME I, Q, M, D, L or con stant Duration with which the IEC Timer runs. <IEC Timer> InOut IEC_TIMER, TONR_TIME IEC_TIMER, IEC_LTIMER, TONR_TIME, TONR_LTIME D, L IEC Tim er which is star ted. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 0\,(&B7,0(5 7DJB,QSXW 7DJB7,0( 7215 7,0( 9$/8( The "Time accumulator" instruction is executed if there is a positive signal edge in the RLO. The time is recorded as long as the operand "Tag_Input" has the signal state "1". 7DJB2XWSXW 0\,(&B7,0(54 If the recorded time exceeds the value of the operand "Tag_TIME", then the query of the timer status ("MyIEC_TIMER".Q) will return the signal state "1" and the operand "Tag_Output" will be set. See also Overview of the valid data types (Page 2131) RT: Reset timer (Page 2792) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2791 Programming the PLC 11.4 Instructions RT: Reset timer (S7-1200, S7-1500) Description You can use the "Reset timer" instruction to reset an IEC Timer to "0". You specify the IEC Timer to be reset by entering the name of the data block that contains the structure of the IEC Timer in the placeholder above the instruction. The instruction is only executed if the result of logic operation (RLO) at the box input is "1". When the instruction is executed the structure components of the IEC Timer are reset to "0" in the specified data block. If the RLO at box input is "0", the instruction is not executed. The instruction does not influence the RLO. The RLO at the box input is transferred directly to the box output. You must assign a IEC Timer declared in the program to the "Reset timer" instruction. The instruction data is updated only when the instruction is called and not each time the assigned IEC Timer is accessed. The query of the data is only identical from the call of the instruction to the next call of the instruction. Parameters The following table shows the parameters of the instruction "Reset timer": Parameters Declaration <IEC Timer> InOut Data type S7-1200 S7-1500 IEC_TIMER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME, TOF_TIME, TOF_LTIME, TONR_TIME, TONR_LTIME Memory area Description D, L IEC Timer, which is reset. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 721B'% 721 7,0( 7DJB,QSXWB ,1 (7 7DJB37 37 4 7DJB(7 7DJB6WDWXV The "Generate on-delay" instruction executes when the signal state of the "Tag_Input_1" operand changes from "0" to "1". The IEC Timer stored in the instance data block "TON_DB" is started with the time duration that is specified by the operand "Tag_PT". 2792 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 7DJB,QSXWB 721B'% 7DJB,QSXWB 57 If the operands "Tag_Input_2" and "Tag_Input_3" have the signal state "1", the "Reset timer" instruction is executed and the IEC Timer stored in the data block "TON_DB" is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) PT: Load time duration (S7-1200, S7-1500) Description Use the "Load time duration" instruction to set the time duration of an IEC Timer. The instruction is executed in every cycle when the result of logic operation (RLO) at the input of the instruction has the signal state "1". The instruction writes the specified time duration to the structure of the specified IEC Timer. Note If the specified IEC Timer is running during the execution, the instruction overwrites the current time duration of the specified IEC Timer. As a result, the timer status of the IEC Timer can change. You must assign a IEC Timer declared in the program to the "Load time duration" instruction. The instruction data is updated when the instruction is called and each time the assigned IEC Timer is accessed. The query for Q or ET (e. g. "MyTimer".Q or "MyTimer".ET) updates the IEC_TIMER structure. WinCC Advanced V14 System Manual, 10/2016 2793 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Load time duration": Parameters Declaration Data type S7-1200 S7-1500 Memory area Description PT Input TIME TIME, LTIME I, Q, M, D, L or constant Time duration <IEC Timer> InOut IEC_TIMER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIMER, IEC_LTIMER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME, TOF_TIME, TOF_LTIME, TONR_TIME, TONR_LTIME D, L IEC Timer, the duration of which is set. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 721B'% 721 7,0( 7DJB,QSXWB ,1 (7 7DJB37 37 4 7DJB(7 7DJB6WDWXV The "Generate on-delay" instruction executes when the signal state of the "Tag_Input_1" operand changes from "0" to "1". The IEC Timer stored in the instance data block "TON_DB" is started with the time duration that is specified by the operand "Tag_PT". 721B'% 37 7DJB,QSXWB 7DJB37B 37 The "Load time duration" instruction is executed when the operand "Tag_Input_2" has the signal state "1". The instruction writes the time duration "Tag_PT_2" in the instance data block "TON_DB" and at the same time overwrites the value of the operand "Tag_PT" within the data block. As a result, the signal state of the timer status can change at the next query or upon access to "MyTimer".Q or "MyTimer".ET. Note The "Tag_Input_2" is executed as pulse flag in order that the time duration is loaded only throughout one program cycle. 2794 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) Legacy (S7-1500) S_PULSE: Assign pulse timer parameters and start (S7-1500) Description The "Assign pulse timer parameters and start" instruction starts a programmed timer when a transition from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV) as long as the signal state at input S is "1". If the signal state at input S changes to "0" before the programmed duration expires, the timer is stopped. In this case, the signal state at output Q is "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The current time value is output binary-coded at output BI and BCD-coded at output BCD. If the timer is running and the signal state at input R changes to "1", the current time value and the time base are also set to zero. If the timer is not running, the signal state "1" at the R input has no effect. The "Assign pulse timer parameters and start" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. The instruction data is updated with each access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". WinCC Advanced V14 System Manual, 10/2016 2795 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign pulse timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (binarycoded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L, P Status of the timer For additional information on valid data types, refer to "See also". 2796 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign pulse timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: 7LPHUB 6B38/6( 7DJ,QB 7DJ,QB1XPEHU 6 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 7DJ2XW 7DJ,QB 5 4 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer runs for the time value of the "TagIn_Number" operand as long as the "TagIn_1" operand has the signal state "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer "Timer_1" is stopped. The "TagOut" operand is reset to signal state "0". WinCC Advanced V14 System Manual, 10/2016 2797 Programming the PLC 11.4 Instructions The "TagOut" operand has the signal state "1" as long as the timer is running and the "TagIn_1" operand has the signal state "1". When the time has expired or is reset, the "TagOut" operand is reset to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_PEXT: Assign extended pulse timer parameters and start (S7-1500) Description The "Assign extended pulse timer parameters and start" instruction starts a programmed timer when a transition from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV), even if the signal state at input S changes to "0". As long as the timer is running, output Q has the signal state "1". When the timer has expired, output Q is reset to "0". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is restarted with the duration programmed at input TV. The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The current time value is output binary-coded at output BI and BCD-coded at output BCD. If the timer is running and the signal state at input R changes to "1", the current time value and the time base are also set to zero. If the timer is not running, the signal state "1" at the R input has no effect. The "Assign extended pulse timer parameters and start" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. The instruction data is updated with each access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". 2798 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign extended pulse timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (binarycoded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L, P Status of the timer For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2799 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign extended pulse timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: 7LPHUB 6B3(;7 7DJ,QB 7DJ,QB1XPEHU 6 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 7DJ2XW 7DJ,QB 5 4 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer runs for the time value of the "TagIn_Number" operand without being affected by a negative edge at the S input. If the signal state at the "TagIn_1" operand changes from "0" to "1" before the timer expires, the timer is restarted. The "TagOut" operand has the signal state "1" as long as the timer is running. When the time has expired or is reset, the "TagOut" operand is reset to "0". 2800 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_ODT: Assign on-delay timer parameters and start (S7-1500) Description The "Assign on-delay timer parameters and start" instruction starts a programmed timer when a transition from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV) as long as the signal state at input S is "1". If the timer expires correctly and input S still has signal state "1", output Q returns signal state "1". If the signal state at input S changes from "1" to "0" while the timer is running, the timer is stopped. In this case, output Q is reset to signal state "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The current time value is output binary-coded at output BI and BCD-coded at output BCD. If the time is running and the signal state at input R changes from "0" to "1", the current time value and the time base are also set to zero. In this case, the signal state at output Q is "0". The timer is reset if the signal state is "1" at the R input even if the timer is not running and the RLO at input S is "1". The "Assign on-delay timer parameters and start" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. The instruction data is updated with each access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". WinCC Advanced V14 System Manual, 10/2016 2801 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign on-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (binarycoded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L, P Status of the timer For additional information on valid data types, refer to "See also". 2802 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign on-delay timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: 7LPHUB 6B2'7 7DJ,QB 7DJ,QB1XPEHU 6 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 7DJ2XW 7DJ,QB 5 4 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the value of operand "TagIn_Number". If the timer expires and the signal state of the operand is "1", the "TagOut" operand is set to "1". If the signal state at the "TagIn_1" operand changes from "1" to "0" before the timer expires, the timer is stopped. The "TagOut" operand has the signal state "0". WinCC Advanced V14 System Manual, 10/2016 2803 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_ODTS: Assign retentive on-delay timer parameters and start (S7-1500) Description The "Assign retentive on-delay timer parameters and start" instruction starts a programmed timer when a transition from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV), even if the signal state at input S changes to "0". If the timer expires, the "Q" output returns signal state "1" regardless of the signal state at input "S". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is restarted with the duration programmed at input (TV). The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The current time value is output binary-coded at output BI and BCD-coded at output BCD. Signal state "1" at input R resets the current time value and time base to "0" regardless of the signal state at start input S. In this case, the signal state at output Q is "0". The "Assign retentive on-delay timer parameters and start" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. The instruction data is updated with each access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the "Assign retentive on-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S 2804 Input BOOL I, Q, M, T, C, D, L, P Start input WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant Description R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (binarycoded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L, P Status of the timer For additional information on valid data types, refer to "See also". Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign retentive on-delay timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH WinCC Advanced V14 System Manual, 10/2016 2805 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7LPHUB 6B2'76 7DJ,QB 7DJ,QB1XPEHU 6 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 7DJ2XW 7DJ,QB 5 4 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the time value of the "TagIn_Number" operand, even when the signal state of the "TagIn_1" operand changes to "0". When the time expires, the "TagOut" operand is reset to "1". If the signal state at the "TagIn_1" operand changes from "0" to "1" while the timer is running, the timer is restarted. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_OFFDT: Assign off-delay timer parameters and start (S7-1500) Description The "Assign off-delay timer parameters and start" instruction starts a programmed timer when a transition from "1" to "0" (negative signal edge) is detected in the result of logic operation (RLO) at input S. The timer expires with the programmed duration (TV). As long as the timer is running or input S returns signal state "1", output Q has signal state "1". If the timer expires and the signal state is "0", output Q is reset to signal state "0". If the signal state at input S changes from "0" to "1" while the timer is running, the timer is stopped. The timer is only restarted after a falling signal edge is detected at input S. The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The current time value is output binary-coded at output BI and BCD-coded at output BCD. Signal state "1" at input R resets the current time value and time base to "0". In this case, the signal state at output Q is "0". The "Assign off-delay timer parameters and start" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. 2806 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction data is updated with each access. It can therefore happen that the query of the data at the start of the cycle returns different values than at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the "Assign off-delay timer parameters and start" instruction: Parameters Declaration Data type Memory area Description <Timer> InOut/Input TIMER T Time of the instruction The number of timers de pends on the CPU. S Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant R Input BOOL I, Q, M, T, C, D, L, P or constant Reset input BI Output WORD I, Q, M, D, L, P Current time value (binarycoded) BCD Output WORD I, Q, M, D, L, P Current time value (BCD for mat) Q Output BOOL I, Q, M, D, L, P Status of the timer For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2807 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign off-delay timer parameters and start" instruction: W W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: 7LPHUB 6B2))'7 7DJ,QB 7DJ,QB1XPEHU 6 79 %, 7DJ9DOXHB %&' 7DJ9DOXHB 7DJ2XW 7DJ,QB 5 4 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "1" to "0". The timer expires with the value of operand "TagIn_Number". The "TagOut" operand is set to "1" if the timer is running or the "TagIn_1" operand has the signal state "0". If the signal state at the "TagIn_1" operand changes from "0" to "1" while the timer is running, the timer is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) 2808 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SP: Start pulse timer (S7-1500) Description The instruction "Start pulse timer" starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at the start input. The timer runs with the specified duration as long as the RLO has the signal state "1". As long as the timer is running, the query of timer status "1" returns the signal state "1". If there is a change from "1" to "0" in the RLO before the time value has elapsed, the timer stops. In this case, the query for timer status for "1" returns the signal state "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The "Start pulse timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the instruction "Start pulse timer": Parameters Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2809 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN 7LPHUB 63 7DJ,QB 7DJ,QB1XPEHU 7DJ2XW 79 1HWZRUN 7LPHUB 7DJ,QB 5 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the time value of the "TagIn_Number" operand as long as the signal state of the "TagIn_1" operand is "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer is stopped. As long as the timer is running, the "TagOut" operand returns signal state "1". A signal state change of the operand "TagIn_2" from "0" to "1" resets the timer, which stops the timer and sets the current time value to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SE: Start extended pulse timer (S7-1500) Description The "Start extended pulse timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at the start input. The timer runs for the specified time period even when the RLO changes to signal state "0". As long as the timer is running, the query of timer status "1" returns the signal state "1". If the RLO changes from "0" to "1" while the timer is running, the timer is restarted with the programmed time period. The querying of the timer status for "1" returns the signal state "0" when the timer expires. 2810 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the "Start extended pulse timer" instruction: Parameters Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. Example The following example shows how the instruction works: 7LPHUB 6( 7DJ,QB 7DJ,QB1XPEHU 7DJ2XW 79 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the time value of the operand "TagIn_Number" without being affected by a negative signal edge in the RLO. As long as the timer is running, the "TagOut" operand returns signal state "1". If the signal state of the operand "TagIn_1" changes again from "0" to "1" before the timer expires, the timer is restarted. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 2811 Programming the PLC 11.4 Instructions SD: Start on-delay timer (S7-1500) Description The "Start on-delay timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at the start input. The timer runs for the specified period of time as long as the RLO is "1". If the timer expires and the RLO has the signal state "1", the query timer status "1" returns the signal state "1". If the RLO changes from "1" to "0" while the timer is running, the timer is stopped. In this case, querying the timer status for "1" returns the signal state "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. The "Start on-delay timer" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the instruction "Start on-delay timer": Parameters Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". 2812 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN 7LPHUB 6' 7DJ,QB 7DJ,QB1XPEHU 7DJ2XW 79 1HWZRUN 7LPHUB 7DJ,QB 5 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the value of operand "TagIn_Number". If the timer expires and the RLO has the signal state "1", the "TagOut" operand is set to "1". If the signal state of the operand "TagIn_1" changes from "1" to "0" before the timer expires, the timer is stopped. If the signal state of the "TagIn_2" operand changes to "1", "Timer_1" is reset, i.e. the timer is stopped and the current time value is set to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SS: Start retentive on-delay timer (S7-1500) Description The "Start retentive on-delay timer" instruction starts a programmed timer when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) at the start input. The timer runs for the specified time period even when the RLO changes to signal state "0". When the timer expires, the query for timer status for "1" returns the signal state "1". When the timer expires, the timer can only be restarted if it is explicitly reset. The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down to zero. The time base determines the time period of the time value. WinCC Advanced V14 System Manual, 10/2016 2813 Programming the PLC 11.4 Instructions The "Start retentive on-delay timer" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Parameters The following table shows the parameters of the instruction "Start retentive on-delay timer": Parameters Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 7LPHUB 66 7DJ,QB 7DJ,QB1XPEHU 7DJ2XW 79 1HWZRUN 7LPHUB 7DJ,QB 5 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "0" to "1". The timer expires with the value of operand "TagIn_Number". When the time expires, the "TagOut" operand is reset to "1". If the signal state at the "TagIn_1" operand changes from "0" to "1" while the timer is running, the timer is restarted. If the signal state of the "TagIn_2" operand 2814 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions changes to "1", "Timer_1" is reset, i.e. the timer is stopped and the current time value is set to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SF: Start off-delay timer (S7-1500) Description The "Start off-delay timer" instruction starts a programmed timer when a change from "1" to "0" (negative signal edge) is detected in the result of logic operation (RLO) at the start input. The timer expires with the specified duration. As long as the timer is running, the query of timer status "1" returns the signal state "1". If the RLO changes from "0" to "1" while the timer is running, the timer is reset. The timer is always restarted when the RLO changes from "1" to "0". The duration is made up internally of a time value and a time base and is programmed at parameter TV. When the instruction is started, the programmed time value is counted down towards zero. The time base indicates the time period with which the time value is changed. The queries of the timer status for "1" return the query result "1" if the signal state of the result of logic operation is "1" at the execution of the instruction. If the RLO is "0", queries of the timer status for "1" return the query result "0". The "Start off-delay timer" instruction requires a preceding logic operation for edge evaluation and can only be placed at the right side of the network. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". WinCC Advanced V14 System Manual, 10/2016 2815 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Start off-delay timer": Parameters Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, T, C, D, L, P Start input TV Input S5TIME, WORD I, Q, M, D, L or con Time duration stant <Timer> InOut/Input TIMER T Timer which is started. The number of timers de pends on the CPU. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 1HWZRUN 7LPHUB 6) 7DJ,QB 7DJ,QB1XPEHU 7DJ2XW 79 1HWZRUN 7LPHUB 7DJ,QB 5 "Timer_1" starts when the signal state of the "TagIn_1" operand changes from "1" to "0". The timer expires with the time value of the operand "TagIn_Number". As long as the timer is running, the "TagOut" operand is set to "1". If the signal state at the "TagIn_1" operand changes from "1" to "0" while the timer is running, the timer is restarted. If the signal state of the "TagIn_2" operand is "1", "Timer_1" is reset, i.e. the timer is stopped and the current time value is set to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) 2816 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Counter operations (S7-1200, S7-1500) CTU: Count up (S7-1200, S7-1500) Description You can use the "Count up" instruction to increment the value at output CV. When the signal state at the CU input changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value at the CV output is incremented by one. The counter value is incremented each time a positive signal edge is detected, until it reaches the high limit for the data type specified at the output CV. When the high limit is reached, the signal state at the CU input no longer has an effect on the instruction. You can query the counter status in the Q output. The signal state at the Q output is determined by the PV parameter. If the current counter value is greater than or equal to the value of the PV parameter, the Q output is set to signal state "1". In all other cases, the Q output has signal state "0". You can also specify a constant for the PV parameter. The value at the CV output is reset to "0" and saved to an edge memory bit when the signal state at input R changes to "1". As long as the R input has signal state "1", the signal state at the CU input has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER WinCC Advanced V14 System Manual, 10/2016 2817 Programming the PLC 11.4 Instructions For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTU_LINT / CTU_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTU_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count up" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Count up" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 Description CU Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Count input R Input BOOL I, Q, M, D, L, P or constant I, Q, M, T, C, Reset input D, L, P or con stant PV Input Integers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Value at which the output Q is set. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Current counter value You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2818 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: &78B'% &78 ,17 7DJ,QB &8 7DJ,QB 5 7DJB39 39 &9 7DJB&9 4 7DJ2XW When the signal state of the "TagIn_1" operand changes from "0" to "1", the "Count up" instruction is executed and the current counter value of the "Tag_CV" operand is incremented by one. With each additional positive signal edge, the counter value is incremented until the high limit of the specified data type (INT = 32767) is reached. The value of the PV parameter is adopted as the limit for determining the "TagOut" output. The "TagOut" output has signal state "1" as long as the current counter value is greater than or equal to the value of the "Tag_PV" operand. In all other cases, the "TagOut" output returns the signal state "0". See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Setting the retentivity of local tags (Page 4527) Basic information on FBD (Page 4693) Memory areas (Page 944) CTD: Count down (S7-1200, S7-1500) Description You can use the "Count down" instruction to decrement the value at output CV. When the signal state at the CD input changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value at the CV output is decremented by one. Each time a positive signal edge is detected, the counter value is decremented until it reaches the low limit of the specified data type. When the low limit is reached, the signal state at the CD input no longer has an effect on the instruction. You can query the counter status in the Q output. If the current counter value is less than or equal to "0", the Q output is set to signal state "1". In all other cases, the Q output has signal state "0". You can also specify a constant for the PV parameter. WinCC Advanced V14 System Manual, 10/2016 2819 Programming the PLC 11.4 Instructions The value at the CV output is set to the value of the PV parameter and saved to a edge memory bit when the signal state at the LD input changes from "0" to "1". As long as the LD input has signal state "1", the signal state at the CD input has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTD_LINT / CTD_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTD_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". 2820 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count down" instruction requires a preceding logic operation. It can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Count down" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 I, Q, M, D, L or constant Description CD Input BOOL I, Q, M, D, L or constant Count input LD Input BOOL I, Q, M, D, L, I, Q, M, T, Load input P or constant C, D, L, P or constant PV Input Integers I, Q, M, D, L, I, Q, M, D, Value to which the P or constant L, P or con CV output is set with stant LD = 1. Q Output BOOL I, Q, M, D, L I, Q, M, D, L Counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Current counter val ue You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: &7'B'% &7' ,17 7DJ,QB &' 7DJ,QB /' &9 7DJB&9 7DJB39 39 4 7DJ2XW When the signal state of the "TagIn_1" operand changes from "0" to "1", the instruction is executed and the value at the "Tag_CV" output is decremented by one. With each additional positive signal edge, the counter value is decremented until the low limit of the specified data type (INT = -32768) is reached. The value of the PV parameter is adopted as the limit for determining the "TagOut" output. The "TagOut" output has signal state "1" as long as the current counter value is less than or equal to "0". In all other cases, the "TagOut" output returns the signal state "0". WinCC Advanced V14 System Manual, 10/2016 2821 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Setting the retentivity of local tags (Page 4527) Basic information on FBD (Page 4693) Memory areas (Page 944) CTUD: Count up and down (S7-1200, S7-1500) Description You can use the "Count up and down" instruction to increment and decrement the counter value at the CV output. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one and stored at the CV output. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the current counter value at the CV output is decremented by one. If there is a positive signal edge at the CU and CD inputs in one program cycle, the current counter value at the CV output remains unchanged. The counter value can be incremented until it reaches the high limit of the data type specified at the CV output. When the high limit is reached, the counter value is no longer incremented on a positive signal edge. The counter value is no longer decremented once the low limit of the specified data type has been reached. When the signal state at the LD input changes to "1", the counter value at the CV output is set to the value of the PV parameter and stored in a edge memory bit. As long as the LD input has signal state "1", the signal state at the CU and CD inputs has no effect on the instruction. The counter value is set to "0" and stored in an edge memory bit when the signal state at input R changes to "1". As long as the R input has signal state "1", a change in the signal state of the CU, CD and LD inputs has no effect on the "Count up and down" instruction. You can query the status of the up counter at the QU output. If the current counter value is greater than or equal to the value of the PV parameter, the QU output is set to signal state "1". In all other cases, the QU output has signal state "0". You can also specify a constant for the PV parameter. You can query the status of the down counter at the QD output. If the current counter value is less than or equal to zero, the QD output is set to signal state "1". In all other cases, the QD output has signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up and down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: 2822 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For S7-1200 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER For S7-1500 CPU Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTUD_LINT / CTUD_ULINT IEC_SCOUNTER / IEC_USCOUNTER IEC_COUNTER / IEC_UCOUNTER IEC_DCOUNTER / IEC_UDCOUNTER IEC_LCOUNTER / IEC_ULCOUNTER You can declare an IEC counter as follows: Declaration of a data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER") Declaration as a local tag of the type CTUD_<Data type> or IEC_<Counter> in the "Static" section of a block (for example #MyIEC_COUNTER) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. For additional information on setting retentivity in an instance data block, refer to "See also". When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. The execution of the "Count up and down" instruction requires a preceding logic operation. It can be placed within or at the end of the network. WinCC Advanced V14 System Manual, 10/2016 2823 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Count up and down" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 Description CU Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or con stant Count up input CD Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or con stant Count down input R Input BOOL I, Q, M, D, L, I, Q, M, T, Reset input P or constant C, D, L, P or constant LD Input BOOL I, Q, M, D, L, I, Q, M, T, Load input P or constant C, D, L, P or constant PV Input Integers I, Q, M, D, L, I, Q, M, D, Value at which the P or constant L, P or con QU output is set / val stant ue to which the CV output is set when LD = 1. QU Output BOOL I, Q, M, D, L I, Q, M, D, L Up-counter status QD Output BOOL I, Q, M, D, L I, Q, M, D, L Down-counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P I, Q, M, D, L, P Current counter value You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: &78'B'% &78' ,17 2824 7DJ,QB&8 &8 7DJ,QB&' &' 7DJ,QB5 5 4' 7DJ2XWB4' 7DJ,QB/' /' &9 7DJB&9 7DJB39 39 48 7DJ2XWB48 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the signal state at the "TagIn_CU" or "TagIn_CD" input changes from "0" to "1" (positive signal edge), the "Count up and down" instruction is executed. When there is a positive signal edge at the "TagIn_CU" input, the current counter value is incremented by one and stored at the "Tag_CV" output. When there is a positive signal edge at the "TagIn_CD" input, the counter value is decremented by one and stored at the "Tag_CV" output. When there is a positive edge at the CU input, the counter value is incremented until it reaches the high limit (INT = 32767). If input CD has a positive signal edge, the counter value is decremented until it reaches the low limit (INT = -32768). The "TagOut_GU" output has signal state "1" as long as the current counter value is greater than or equal to the value at the "Tag_PV" input. In all other cases, the "TagOut_QU" output returns the signal state "0". The "TagOut_QD" output has signal state "1" as long as the current counter value is less than or equal to "0". In all other cases, the "TagOut_QD" output has signal state "0". See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4739) Setting retentivity in an instance data block (Page 4566) Setting the retentivity of local tags (Page 4527) FBD programming examples (Page 4735) Basic information on FBD (Page 4693) Memory areas (Page 944) Legacy (S7-1500) S_CU: Assign parameters and count up (S7-1500) Description You can use the "Assign parameters and count up" instruction to increment the value of a counter. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. The current counter value is output as a hexadecimal value at output CV and BCD-coded at output CV_BCD. The count is incremented until the limit of "999" is reached. When the limit is reached, the counter value is no longer incremented on a positive signal edge. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO at input CU is "1", the counter will count accordingly in the next scan cycle, even when no change has been detected in the signal edge. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CU and S inputs has no effect on the counter value. WinCC Advanced V14 System Manual, 10/2016 2825 Programming the PLC 11.4 Instructions The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count up" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Assign parameters and count up" instruction: Parameters Declaration Data type Memory area Description <counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. CU Input BOOL I, Q, M, D, L, T, C Count up input S Input BOOL I, Q, M, D, L, T, C or constant Input for presetting counter PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input CV Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) CV_BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&8 7DJ,QB &8 7DJ,QB 6 7DJ3UHVHW9DOXH 7DJ,QB 39 5 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB 7DJ2XW 4 When the signal state at the "TagIn_1" input changes from "0" to "1" (positive signal edge) and the current counter value is less than "999", the counter value is incremented by one. When 2826 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions the signal state at the "TagIn_2" input changes from "0" to "1", the counter value is set to the value of the "TagPresetValue" operand. The counter value is reset to "0" when the "TagIn_3" operand has signal state "1". The current counter value is hexadecimal in the "TagValue_1" operand and BCD-coded in the "TagValue_2" operand. The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_CD: Assign parameters and count down (S7-1500) Description You can use the "Assign parameters and count down" instruction to decrement the value of a counter. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the counter value is decremented by one. The current counter value is output as a hexadecimal value at output CV and BCD-coded at output CV_BCD. The count is decremented until the low limit of "0" is reached. When the low limit is reached, the counter value is no longer decremented on a positive signal edge. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO at input CD is "1", the counter will count accordingly in the next scan cycle, even when no change has been detected in the signal edge. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CD and S inputs has no effect on the counter value. The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count down" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. WinCC Advanced V14 System Manual, 10/2016 2827 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Assign parameters and count down" instruction: Parameters Declaration Data type Memory area Description <counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. CD Input BOOL I, Q, M, D, L or con Count down input stant S Input BOOL I, Q, M, D, L, T, C or constant PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input CV Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) CV_BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter Input for presetting counter For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&' 7DJ,QB &' 7DJ,QB 6 7DJ3UHVHW9DOXH 7DJ,QB 39 5 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB 7DJ2XW 4 When the signal state at the "TagIn_1" input changes from "0" to "1" (positive signal edge) and the current counter value is greater than "0", the counter value is decremented by one. When the signal state at the "TagIn_2" input changes from "0" to "1", the counter value is set to the value of the "TagPresetValue" operand. The counter value is reset to "0" when the "TagIn_3" operand has signal state "1". The current counter value is hexadecimal in the "TagValue_1" operand and BCD-coded in the "TagValue_2" operand. The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". 2828 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) S_CUD: Assign parameters and count up / down (S7-1500) Description You can use the "Assign parameters and count up / down" instruction to increment or decrement the value of a counter. If the signal state at the CU input changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. If the signal state at the CD input changes from "0" to "1" (positive signal edge), the counter value is decremented by one. The current counter value is output as a hexadecimal value at output CV and BCDcoded at output CV_BCD. If there is a positive signal edge at the CU and CD inputs in one program cycle, the counter value remains unchanged. The counter value is incremented until the high limit of "999" is reached. When the high limit value is reached, the counter value is no longer incremented on a positive signal edge. When the low limit of "0" is reached, the counter value is no longer decremented. When the signal state at input S changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if RLO is "1" at the inputs CU and CD, the counter counts accordingly in the next scan cycle, even if no change in the signal edge is detected. The counter value is set to zero when the signal state at the R input changes to "1". As long as the R input has the signal state "1", processing of the signal state of the CU, CD and S inputs has no effect on the counter value. The signal state at output Q is "1" if the counter value is greater than zero. If the counter value is equal to zero, output Q has the signal state "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. The "Assign parameters and count up / down" instruction needs a preceding logic operation for the edge evaluation and can be placed within or at the end of the network. Parameters The following table shows the parameters of the "Assign parameters and count up / down" instruction: Parameters Declaration Data type Memory area Description <counter> InOut/Input COUNTER C Counter of the instruction The number of counters de pends on the CPU. WinCC Advanced V14 System Manual, 10/2016 CU Input BOOL I, Q, M, D, L, T, C Count up input CD Input BOOL I, Q, M, D, L, T, C or constant Count down input 2829 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S Input BOOL I, Q, M, D, L, T, C or constant Input for presetting counter PV Input WORD I, Q, M, D, L or con Preset counter value (C#0 to stant C#999) R Input BOOL I, Q, M, D, L, T, C or constant Reset input CV Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (hexa decimal) CV_BCD Output WORD, S5TIME, DATE I, Q, M, D, L Current counter value (BCD format) Q Output BOOL I, Q, M, D, L Status of the counter For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: &RXQWHUB 6B&8' 7DJ,QB &8 7DJ,QB &' 7DJ,QB 6 7DJ3UHVHW9DOXH 7DJ,QB 39 5 &9 7DJ9DOXHB &9B%&' 7DJ9DOXHB 7DJ2XW 4 If the signal state at the input "TagIn_1" or at the input "TagIn_2" changes from "0" to "1" (positive edge), the instruction "Assign parameters and count up / down is executed. When there is a positive signal edge at the "TagIn_1" input and the current counter value is less than "999", the counter value is incremented by one. When there is a positive signal edge at the "TagIn_2" input and the current counter value is greater than "0", the counter value is decremented by one. When the signal state at the "TagIn_3" input changes from "0" to "1", the counter value is set to the value of the "TagPresetValue" operand. The counter value is reset to "0" when the "TagIn_4" operand has signal state "1". The current counter value is hexadecimal in the "TagValue_1" operand and BCD-coded in the "TagValue_2" operand. The "TagOut" output has the signal state "1" as long as the current counter value is not equal to "0". 2830 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SC: Set counter value (S7-1500) Description You can use the "Set counter value" instruction to set the value of a counter. The instruction is executed when the result of logic operation (RLO) at the start input of the instruction changes from "0" to "1". When the instruction is executed, the counter is set to the specified counter value. The "Set counter value" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Parameters The following table lists the parameters of the "Set counter value" instruction: Parameters Declaration Data type Memory area Description <operand> Input BOOL I, Q, M, T, C, D, L Start input PV Input WORD I, Q, M, D, L or con Value with which the counter stant is preset in the BCD format. <counter> InOut/Input COUNTER C (C#0 to C#999) Counter that is preset. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: &RXQWHUB 7DJ,Q & 6& &9 the counter "Counter_1" starts with the value "100" when the signal state of the "TagIn" operand changes from "0" to "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 2831 Programming the PLC 11.4 Instructions CU: Count up (S7-1500) Description You use the "Count up" instruction to increment the value of the specified counter by the count of one on a rising edge at the start input. The count is incremented until the limit of "999" is reached. When the limit is reached, the counter value is no longer incremented on a positive signal edge. The "Count up" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Parameters The following table shows the parameters of the "Count up" instruction: Parameters Declaration Data type Memory area Description <operand> Input BOOL I, Q, M, T, C, D, L Start input <counter> InOut/Input COUNTER C Counter whose value is incre mented. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 1HWZRUN &RXQWHUB 6& 7DJ,QB & 39 1HWZRUN &RXQWHUB 7DJ,QB &8 1HWZRUN &RXQWHUB 7DJ,QB 5 When the signal state of the operand "TagIn_1" changes from "0" to "1" (positive signal edge), the counter "Counter_1" is preset with the value "100". 2832 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The value of "Counter_1" is incremented by the count of one when the signal state of the "TagIn_2" operand changes from "0" to "1". If the "TagIn_3" operand returns signal state "1", the value of "Counter_1" is reset to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) CD: Count down (S7-1500) Description You use the "Count down" instruction to decrement the value of the specified counter by the count of one on a rising edge at the start input. The count is decremented until the limit of "0" is reached. When the limit is reached, the counter value is no longer changed on a positive signal edge. The "Count down" instruction needs a preceding logic operation for the edge evaluation and can only be placed on the right edge of the network. Parameters The following table shows the parameters of the "Count down" instruction: Parameters Declaration Data type Memory area Description <operand> Input BOOL I, Q, M, T, C, D, L Start input <counter> InOut/Input COUNTER C Counter whose value is de cremented. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2833 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1HWZRUN &RXQWHUB 6& 7DJ,QB & 39 1HWZRUN &RXQWHUB &' 7DJ,QB 1HWZRUN &RXQWHUB 7DJ,QB 5 When the signal state of the operand "TagIn_1" changes from "0" to "1" (positive signal edge), the counter "Counter_1" is preset with the value "100". The value of "Counter_1" is incremented by the count of one when the signal state of the "TagIn_2" operand changes from "0" to "1". If the "TagIn_3" operand returns signal state "1", the value of "Counter_1" is reset to "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Comparator operations (S7-1200, S7-1500) CMP ==: Equal (S7-1200, S7-1500) Description You can use the "Equal" instruction to query whether the value at input IN1 is equal to the value at input IN2. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". If IEC check is enabled, the operands to be compared must be of the same data type. If IEC check is not enabled, the width of the operands must be the same. 2834 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Comparison of floating-point numbers If you want to compare the data types REAL or LREAL, then instead of the instruction "CMP ==: Equal" we recommend using the instruction "IN_RANGE: Value within range". If floating-point numbers are being compared, the operands to be compared must be of the same data type regardless of the IEC check setting. The special bit patterns of invalid floating-point numbers (NaN) that are the outcome of undefined results (e.g. root of -1) are not comparable. This means that if one of the operands has the value NaN, the instruction "CMP ==: Equal" has the result FALSE. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. The following table shows examples of string comparisons: IN1 IN2 RLO of the instruction 'AA' 'AA' 1 'Hello World' 'HelloWorld' 0 'AA' 'aa' 0 'aa' 'aaa' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time Bit patterns of invalid timers, date and times, e.g. DT#2015-13-33-25:62:99.999_999_999, cannot be compared. This means that if one of the operands has an invalid value, the instruction "CMP ==: Equal" has the result FALSE. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of hardware data types To be able to compare the operands of the PORT data type, you need to select the WORD data type from the drop-down list in the instruction box. If you want to compare the two data types, you must first create a tag of data type HW_ANY in the "Temp" section of the the block interface and then copy the LADDR (from data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. WinCC Advanced V14 System Manual, 10/2016 2835 Programming the PLC 11.4 Instructions Comparison of structures Note Availability of comparison of structures The option to compare structures is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. You can compare the values of two structured operands when both tags are of the same structure data type. When structures are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. An exception is comparisons in which one of the two operands is a VARIANT or an ANY. If the data type is not yet known when the program is created, you can use the VARIANT data type. In this case you can also compare the operand with a structured tag of any data type. You can also compare two tags of the data type VARIANT or ANY with each other. You can select the data type VARIANT for the comparison of structures from the drop-down list in the instruction box. The following data types are possible: PLC data type STRUCT Tag to which ANY is pointing Tag to which VARIANT is pointing The following requirements must be met to compare two tags of the data type ARRAY with VARIANT selected: The elements must each have the same data type. The two ARRAYs must have the same dimension. All dimensions must have the same number of elements. The exact ARRAY limits do not have to match. Note ARRAY of BOOL When you compare two operands of the data type ARRAY of BOOL with each other, you have selected the data type VARIANT from the drop-down list, and the number of elements cannot be divided by 8, the fill bits are compared as well. This may affect the comparison result. If an element within the structures that you want to compare is an invalid STRING/WSTRING, an invalid time or date or an invalid floating-point number, the comparison result in the RLO (result of logic operation) will return the signal state "0". 2836 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The table below shows an example of a comparison of structures: <Operand1> <Operand2> Tag of data type A <PLC data type> BOOL Tag value FALSE INT 2 Tag of data type A <PLC data type> RLO of the instruc tion Tag of data type A <PLC data type> BOOL 2 Tag of data type B <PLC data type> Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 Tag of data type A <PLC data type> Tag value 1 FALSE INT Tag value Tag value VARIANT (supplied with tag of data type A) 0 Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 1 When two anonymous structures are compared, the comparison result returns the signal state "0", except when the anonymous structures are elements of the same ARRAY. Parameters The following table shows the parameters of the instruction "Equal": Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type Second value to compare As detailed above, the data types ARRAY, STRUCT, VARIANT, ANY and PLC data type are only available as of firmware version 2.0 or 4.2. WinCC Advanced V14 System Manual, 10/2016 2837 Programming the PLC 11.4 Instructions You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" = "Tag_Value2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) CMP <>: Not equal (S7-1200, S7-1500) Description You can use the "Not equal" instruction to query whether the value at input IN1 is not equal to the value at input IN2. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". If IEC check is enabled, the operands to be compared must be of the same data type. If IEC check is not enabled, the width of the operands must be the same. Comparison of floating-point numbers If you want to compare the data types REAL or LREAL, then instead of the instruction "CMP <>: Not equal" we recommend using the instruction "OUT_RANGE: Value outside range". If floating-point numbers are being compared, the operands to be compared must be of the same data type regardless of the IEC check setting. The special bit patterns of invalid floating-point numbers (NaN) that are the outcome of undefined results (e.g. root of -1) are not comparable. This means that if one of the operands has the value NaN, the instruction "CMP <>: Not equal" has the result FALSE. 2838 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. The following table shows examples of string comparisons: IN1 IN2 RLO of the instruction 'AA' 'aa' 1 'Hello World' 'HelloWorld' 1 'AA' 'AA' 0 'aa' 'aaa' 1 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time Bit patterns of invalid timers, date and times, e.g. DT#2015-13-33-25:62:99.999_999_999, cannot be compared. This means that if one of the operands has an invalid value, the instruction "CMP <>: Not equal" has the result FALSE. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of hardware data types To be able to compare the operands of the PORT data type with the "Not equal" instruction, you need to select the WORD data type from the drop-down list of the instructions box. If you want to compare the two hardware data types HW_IO and HW_DEVICE, you must first create a tag of data type HW_ANY in the section "Temp" of the block interface and then copy the LADDR (of data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. Comparison of structures Note Availability of comparison of structures The option to compare structures is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. WinCC Advanced V14 System Manual, 10/2016 2839 Programming the PLC 11.4 Instructions You can compare the values of two structured operands when both tags are of the same structure data type. When structures are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. An exception is comparisons in which one of the two operands is a VARIANT or an ANY. If the data type is not yet known when the program is created, you can use the VARIANT data type. In this case you can also compare the operand with a structured tag of any data type. You can also compare two tags of the data type VARIANT or ANY with each other. You can select the data type VARIANT for the comparison of structures from the drop-down list in the instruction box. The following data types are possible: PLC data type STRUCT Tag to which ANY is pointing Tag to which VARIANT is pointing The following requirements must be met to compare two tags of the data type ARRAY with VARIANT selected: The elements must each have the same data type. The two ARRAYs must have the same dimension. All dimensions must have the same number of elements. The exact ARRAY limits do not have to match. Note ARRAY of BOOL When you compare two operands of the data type ARRAY of BOOL with each other, you have selected the data type VARIANT from the drop-down list, and the number of elements cannot be divided by 8, the fill bits are compared as well. This may affect the comparison result. If an element within the structures that you want to compare is an invalid STRING/WSTRING, an invalid time or date or an invalid floating-point number, the comparison result in the RLO (result of logic operation) will return the signal state "0". The table below shows an example of a comparison of structures: <Operand1> Tag of data type A <PLC data type> Tag value Tag of data type A <PLC data type> RLO of the instruc tion Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 Tag of data type A <PLC data type> 2840 <Operand2> Tag value Tag of data type B <PLC data type> Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 0 1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions <Operand1> <Operand2> Tag of data type A <PLC data type> Tag value RLO of the instruc tion VARIANT (supplied with tag of data type A) Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 0 When two anonymous structures are compared, the comparison result returns the signal state "0", except when the anonymous structures are elements of the same ARRAY. Parameters The following table shows the parameters of the "Not equal" instruction: Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time, AR RAY of <data type> with fixed and variable AR RAY limits, STRUCT, VAR IANT, ANY, PLC data type Second value to compare As detailed above, the data types ARRAY, STRUCT, VARIANT, ANY and PLC data type are only available as of firmware version 2.0 or 4.2. You can select the data type of the instruction from the "???" drop-down list of the instruction box. WinCC Advanced V14 System Manual, 10/2016 2841 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" <> "Tag_Value2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) CMP >=: Greater or equal (S7-1200, S7-1500) Description You can use the "Greater or equal" instruction to query whether the value at input IN1 is greater or equal to the value at input IN2. Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the longer string is considered greater. The following table shows examples of string comparisons: 2842 IN1 IN2 RLO of the instruction 'BB' 'AA' 1 'AAA' 'AA' 1 'Hello World' 'Hello World' 1 'Hello World' 'HelloWorld' 0 'AA' 'aa' 0 'AAA' 'a' 0 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time In comparing timer values, the RLO of the instruction is "1" if the timer at input IN1 is greater (more recent) than or equal to the timer at input IN2. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Greater or equal" instruction: Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" >= "Tag_Value2". WinCC Advanced V14 System Manual, 10/2016 2843 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4739) FBD programming examples (Page 4735) Basic information on FBD (Page 4693) Memory areas (Page 944) CMP <=: Less or equal (S7-1200, S7-1500) Description You can use the "Less or equal" instruction to query whether the value at input IN1 is less or equal to the value at input IN2. Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the shorter string is considered smaller. The following table shows examples of string comparisons: IN1 IN2 RLO of the instruction 'AA' 'aa' 1 'AAA' 'a' 1 'Hello World' 'Hello World' 1 'HelloWorld' 'Hello World' 0 'BB' 'AA' 0 'AAA' 'AA' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time In comparing timer values, the RLO of the instruction is "1" if the timer at input IN1 is smaller (less recent) than or equal to the timer at input IN2. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. 2844 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Less or equal" instruction: Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" <= "Tag_Value2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2845 Programming the PLC 11.4 Instructions CMP >: Greater than (S7-1200, S7-1500) Description You can use the "Greater than" instruction to query whether the value at input IN1 is greater than the value at input IN2. Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the longer string is considered greater. The following table shows examples of string comparisons: IN1 IN2 RLO of the instruction 'BB' 'AA' 1 'AAA' 'AA' 1 'AA' 'aa' 0 'AAA' 'a' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time In comparing timer values, the RLO of the instruction is "1" if the timer at input IN1 is greater (more recent) than the timer at input IN2. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. 2846 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Greater than" instruction: Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. Example The following example shows how the instruction works: ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" > "Tag_Value2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) CMP <: Less than (S7-1200, S7-1500) Description You can use the "Less than" instruction to query whether the value at input IN1 is less than the value at input IN2. Both values to be compared must be of the same data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". WinCC Advanced V14 System Manual, 10/2016 2847 Programming the PLC 11.4 Instructions Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the shorter string is considered smaller. The following table shows examples of string comparisons: <Operand1> <Operand2> RLO of the instruction 'AA' 'aa' 1 'AAA' 'a' 1 'BB' 'AA' 0 'AAA' 'AA' 0 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time In comparing timer values, the RLO of the instruction is "1" if the timer at input IN1 is less (less recent) than the timer at input IN2. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Parameters The following table shows the parameters of the "Less than" instruction: Parameters Declaration Data type Memory area Description IN1 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time First comparison value IN2 Input Bit strings, inte I, Q, M, D, L, P, or gers, floating-point constant numbers, charac ter strings, timers, date and time Second value to compare You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2848 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 7DJ,QB 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn_1" has the signal state "1". The condition of the comparison instruction is fulfilled if "Tag_Value1" < "Tag_Value2". See also Overview of the valid data types (Page 2131) Example of detecting the fill level of a storage area (Page 4739) FBD programming examples (Page 4735) Basic information on FBD (Page 4693) Memory areas (Page 944) IN_RANGE: Value within range (S7-1200, S7-1500) Description You can use the "Value within range" instruction to query whether of the value at VAL input is within a specific value range. You specify the limits of the value range with the MIN and MAX inputs. The "Value within range" instruction compares the value at input VAL with the values of the inputs MIN and MAX and sends the result to the box output. If the value at input VAL satisfies the comparison MIN <= VAL or VAL <=MAX, the box output has the signal state "1". If the comparison is not fulfilled, the signal state is "0" at the box output. The comparison function can only execute if the values to be compared are of the same data type. Parameters The following table shows the parameters of the "Value within range" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description MIN Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VAL Input Integers, floatingpoint numbers I, Q, M, D, L or con Comparison value stant 2849 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area MAX Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant Description Box output Output BOOL I, Q, M, D, L Result of the comparison You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: 7DJ,QB ! 7DJ,QB 7DJ,QB ,1B5$1*( 5($/ 7DJB0LQ 7DJB9DOXH 7DJB0D[ 0,1 9$/ 0$; 7DJ2XW Output "TagOut" is set when the following conditions are fulfilled: The operands "TagIn_1" or "TagIn_2" have signal state "1". The operand "TagIn_3" has the signal state "1". The value of the operand "Tag_Value" is within the value range that is specified by the current values of the operands "Tag_Min" and "Tag_Max" (MIN <= VAL or VAL <= MAX). See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) OUT_RANGE: Value outside range (S7-1200, S7-1500) Description You can use the "Value outside range" instruction to query whether of the value at input VAL is outside a specific value range. You specify the limits of the value range with the MIN and MAX inputs. The "Value outside range" instruction compares the value at input VAL with the values of the inputs MIN and MAX and sends the result to the box output. If the value at input VAL satisfies the comparison MIN 2850 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions > VAL or VAL >MAX, the box output has the signal state "1". The box output has the signal state "1" if a specified operand of data type REAL has an invalid value. The box output returns the signal state "0", if the value at input VAL does not satisfy the MIN > VAL or VAL > MAX condition. The comparison function can only execute if the values to be compared are of the same data type. Parameters The following table shows the parameters of the "Value outside range" instruction: Parameters Declaration Data type Memory area Description MIN Input Integers, floatingpoint numbers I, Q, M, D, L or con Low limit of the value range stant VAL Input Integers, floatingpoint numbers I, Q, M, D, L or con Comparison value stant MAX Input Integers, floatingpoint numbers I, Q, M, D, L or con High limit of the value range stant Box output Output BOOL I, Q, M, D, L Result of the comparison You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJ,QB ! 7DJ,QB 7DJ,QB 287B5$1*( 5($/ 7DJB0LQ 7DJB9DOXH 7DJB0D[ 0,1 9$/ 0$; 7DJ2XW Output "TagOut" is set when the following conditions are fulfilled: The operands "TagIn_1" and "TagIn_2" have signal state "1". The operand "TagIn_3" has the signal state "1". The value of the operand "Tag_Value" is outside the value range that is specified by the values of the operands "Tag_Min" and "Tag_Max" (MIN > VAL or VAL > MAX). WinCC Advanced V14 System Manual, 10/2016 2851 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) OK: Check validity (S7-1200, S7-1500) Description You can use the "Check validity" instruction to check if the value of an operand (<Operand>) is a valid floating-point number. The check is performed in every program cycle. If the operand value at the time of the query is a valid floating-point number, the output box will return the signal state"1". In all other cases, the signal state at the output of the "Check validity" instruction is "0". You can use the "Check validity" instruction together with the EN mechanism. If you connect the instruction box to an EN enable input, the enable input is set only when the result of the validity query of the value is positive. You can use this function to ensure that an instruction is enabled only when the value of the specified operand is a valid floating-point number. Parameters The following example shows how the "Check validity" instruction works: Parameters Declaration Data type Memory area Description <Operand> Input Floating-point numbers I, Q, M, D, L Value to be checked. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: 7DJB9DOXH 2. 7DJB9DOXH 2. 08/ 5($/ (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW When the values of the operands "Tag_Value1" and "Tag_Value2" show valid floating-point numbers, the "Multiply" instruction is executed. The value of operand "Tag_Value1" is multiplied with the value of operand "Tag_Value2". The product of the multiplication is then written in the operand "Tag_Result". If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". 2852 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) NOT_OK: Check invalidity (S7-1200, S7-1500) Description You can use the "Check invalidity" instruction to check if the value of an operand (<Operand>) is an invalid floating-point number. The check is performed in every program cycle. If the operand value at the time of the query is a valid floating-point number, then the output box will return the signal state "1". In all other cases, the signal state on the output box is "0". Parameters The following table shows the parameters of the instruction "Check invalidity": Parameters Declaration Data type Memory area Description <Operand> Input Floating-point numbers I, Q, M, D, L Value to be checked. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: 7DJ,QB9DOXH 127B2. 029( (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW 7DJ,QB9DOXH When the value of operand "TagIn_Value" is an invalid floating-point number, the instruction "Move value" is not executed. The "TagOut" operand at the ENO enable output is set to the signal state "0". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2853 Programming the PLC 11.4 Instructions VARIANT (S7-1200, S7-1500) EQ_Type: Compare data type for EQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type for EQUAL with the data type of a tag" instruction to query the data type of a tag to which a VARIANT points. You are comparing the data type of the tag at IN1 parameter, which you declared in the block interface, with the data type of a tag at IN2 parameter for "Equal". The tag at the IN1 parameter must have the VARIANT data type. The tag at the IN2 parameter can be an elementary data type or a PLC data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP ==". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP ==: Equal (Page 2834) 2854 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type for EQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) L (A declara First operand tion in the "Temp" sec tion of the block inter face is not possible.) IN1 Input VARIANT IN2 Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: (4B7\SH 9DULDEOH ,1 9DULDEOH ,1 287 7DJ,Q 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn" has the signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "Variable1" operand is equal to "Variable2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2855 Programming the PLC 11.4 Instructions NE_Type: Compare data type for UNEQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type for UNEQUAL with the data type of a tag" instruction to query which data type a tag to which a VARIANT points does not have. You are comparing the data type of the tag at IN1 parameter, which you declared in the block interface, with the data type of a tag at IN2 parameter for "Not equal". The tag at the IN1 parameter must have the VARIANT data type. The tag at the IN2 parameter can be an elementary data type or a PLC data type. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP <>". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP <>: Not equal (Page 2838) 2856 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type for UNEQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) First operand I, Q, M, D, L, P Second operand IN1 Input VARIANT IN2 Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types Example The following example shows how the instruction works: 1(B7\SH 9DULDEOH ,1 9DULDEOH ,1 287 7DJ,Q 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn" has the signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "Variable1" operand is not equal to "Variable2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2857 Programming the PLC 11.4 Instructions EQ_ElemType: Compare data type of an ARRAY element for EQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type of an ARRAY element for EQUAL with the data type of a tag" instruction to query the data type of a tag to which a VARIANT points. You are comparing the data type of the tag at IN1 parameter, which you declared in the block interface, with the data type of a tag at IN2 parameter for "Equal". The tag at the IN1 parameter must have the VARIANT data type. The tag at the IN2 parameter can be an elementary data type or a PLC data type. If the data type of the VARIANT tag is an ARRAY, the data type of the ARRAY elements is compared. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP ==". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP ==: Equal (Page 2834) 2858 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type of an ARRAY element for EQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) First operand I, Q, M, D, L, P Second operand IN1 Input VARIANT IN2 Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types Example The following example shows how the instruction works: (4B(OHP7\SH 9DULDEOH ,1 9DULDEOH ,1 287 7DJ,Q 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn" has the signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "Variable1" operand is equal to "Variable2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2859 Programming the PLC 11.4 Instructions NE_ElemType: Compare data type of an ARRAY element for UNEQUAL with the data type of a tag (S7-1200, S7-1500) Description You can use the "Compare data type of an ARRAY element for UNEQUAL with the data type of a tag" instruction to query which data type a tag does not have to which a VARIANT points. You are comparing the data type of the tag at IN1 parameter, which you declared in the block interface, with the data type of a tag at IN2 parameter for "Not equal". The tag at the IN1 parameter must have the VARIANT data type. The tag at the IN2 parameter can be an elementary data type or a PLC data type. If the data type of the VARIANT tag is an ARRAY, the data type of the ARRAY elements is compared. If the condition of the comparison is fulfilled, the instruction returns the result of logic operation (RLO) "1". If the comparison condition is not fulfilled, the instruction returns RLO "0". Comparison of timers, date and time Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. Comparison of structures For the comparison of structures, you can use the instruction "CMP <>". Anonymous structures cannot generally be compared unless they are part of the same ARRAY. For additional information on the comparison of structures, please refer to: CMP <>: Not equal (Page 2838) 2860 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Compare data type of an ARRAY element for UNEQUAL with the data type of a tag" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not pos sible.) L (A declara First operand tion in the "Temp" sec tion of the block inter face is not possible.) IN1 Input VARIANT IN2 Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY, PLC data types I, Q, M, D, L, P Second operand Example The following example shows how the instruction works: 1(B(OHP7\SH 9DULDEOH ,1 9DULDEOH ,1 287 7DJ,Q 7DJ2XW 6 The "TagOut" output is set when the following conditions are fulfilled: The operand "TagIn" has the signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "Variable1" operand is not equal to "Variable2". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) IS_NULL: Check for EQUALS NULL pointer (S7-1200, S7-1500) Description You use the instruction "Check for EQUALS NULL pointer" to query whether the VARIANT points to a NULL pointer and therefore does not point to an object. WinCC Advanced V14 System Manual, 10/2016 2861 Programming the PLC 11.4 Instructions The <operand> must have the VARIANT data type. Note VARIANT tag points to an ANY pointer If the VARIANT tag points to an ANY pointer, the instruction always returns the result RLO = "0" even if the ANY pointer is NULL. Parameters The following table shows the parameters of the "Check for EQUALS NULL pointer" instruction: Parameters Declaration Data type Memory area Description <operand> Input VARIANT L (A declaration in Operand that is compared for the "Temp" sec EQUALS NULL tion of the block in terface is not pos sible.) For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJB2SHUDQG ,6B18// 287 7DJB,Q 7DJ2XW 7DJB,Q The "TagOut" output is set when the following conditions are fulfilled: The operands "Tag_In1" and "Tag_In2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand operand does not point to an object. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2862 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions NOT_NULL: Check for UNEQUALS NULL pointer (S7-1200, S7-1500) Description You can use the instruction "Check for UNEQUALS NULL pointer" to query whether the VARIANT does not point to a NULL pointer and therefore points to an object. The <operand> must have the VARIANT data type. Note VARIANT tag points to an ANY pointer If the VARIANT tag points to an ANY pointer, the instruction always returns the result RLO = "1" even if the ANY pointer is NULL. Parameters The following table shows the parameters of the "Check for UNEQUALS NULL pointer" instruction: Parameters Declaration Data type Memory area Description <operand> Input VARIANT L (A declaration in Operand that is compared for the "Temp" sec UNEQUALS NULL tion of the block in terface is not pos sible.) For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJB2SHUDQG 127B18// 287 7DJB,Q 7DJ2XW 7DJB,Q The "TagOut" output is set when the following conditions are fulfilled: The operands "Tag_In1" and "Tag_In2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the #Tag_Operand operand points to an object. WinCC Advanced V14 System Manual, 10/2016 2863 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) IS_ARRAY: Check for ARRAY (S7-1200, S7-1500) Description You can use the "Check for ARRAY" instruction to query whether the VARIANT points to a tag of the ARRAY data type. The <operand> must have the VARIANT data type. Parameters The following table shows the parameters of the "Check for ARRAY" instruction: Parameters Declaration Data type Memory area Description <operand> Input VARIANT L (A declaration in Operand that is queried for the "Temp" sec ARRAY tion of the block in terface is not pos sible.) For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJB9$5,$17 7R$UUD\ ,6B$55$< 287 7DJB,Q 7DJ2XW 7DJB,Q The "TagOut" output is set when the following conditions are fulfilled: The operands "Tag_In1" and "Tag_In2" have signal state "1". The condition of the comparison instruction is fulfilled, i.e. the "#Tag_VARIANTToArray" operand is of the ARRAY data type. 2864 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) Math functions (S7-1200, S7-1500) CALCULATE: Calculate (S7-1200, S7-1500) Description The "Calculate" instruction is used to define and execute an expression for the calculation of mathematical operations or complex logic operations depending on the selected data type. You can select the data type of the instruction from the "???" drop-down list of the instruction box. Depending on the selected data type, you can combine the functionality of specific instructions to execute a complex calculation. The expression to be calculated is specified via a dialog you can open via the "Calculator" icon at the top of the instruction box. The expression can contain the names of the input parameters and the syntax of the instructions. It is not permitted to specify operand names or operand addresses. In its initial state, the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. The values of the inputs are use to execute the specified expression. Not all defined inputs have to be used in the expression. The result of the instruction is transferred to the box output OUT. Note If one of the mathematical operations fails in the expression, then no result is transferred to the OUT output and the ENO enable output has the signal state "1". If, in the expression, you use inputs that are not available in the box, these inputs are automatically inserted. Provided that there are no gaps in the numbering of the inputs that are to be newly defined in the expression. You cannot, for example, use the input IN4 in the expression if the input IN3 is not defined. Enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result or an interim result of the "Calculate" instruction is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. An error occurred during the execution of one of the instructions specified in the expression. WinCC Advanced V14 System Manual, 10/2016 2865 Programming the PLC 11.4 Instructions The following table shows the instructions that, depending on the selected data type, can be combined and executed in the expression of the "Calculate" instruction: Data type Instruction Syntax Example Bit strings AND: AND logic operation AND OR: OR logic operation OR IN1 AND IN2 OR IN3 XOR: EXCLUSIVE OR logic operation XOR INV: Create ones complement NOT SWAP: Swap SWAP Integers Floating-point numbers 1) 2866 1) ADD: Add + (IN1 + IN2) * IN3; SUB: Subtract - MUL: Multiply * (ABS(IN2)) * (ABS(IN1)) DIV: Divide / MOD: Return remainder of division MOD INV: Create ones complement NOT NEG: Create twos complement -(in1) ABS: Form absolute value ABS( ) ADD: Add + SUB: Subtract - MUL: Multiply * DIV: Divide / EXPT: Exponentiate ** ABS: Form absolute value ABS( ) SQR: Form square SQR( ) SQRT: Form square root SQRT( ) LN: Form natural logarithm LN( ) EXP: Form exponential value EXP( ) FRAC: Return fraction FRAC( ) SIN: Form sine value SIN( ) COS: Form cosine value COS( ) TAN: Form tangent value TAN( ) ASIN: Form arcsine value ASIN( ) ACOS: Form arccosine value ACOS( ) ATAN: Form arctangent value ATAN( ) NEG: Create twos complement -(in1) TRUNC: Truncate numerical value TRUNC( ) ROUND: Round numerical value ROUND( ) CEIL: Generate next higher integer from floating-point number CEIL( ) FLOOR: Generate next lower integer from floating-point number FLOOR( ) ((SIN(IN2) * SIN(IN2) + (SIN(IN3) * SIN(IN3)) / IN3)); (SQR(SIN(IN2)) + (SQR(COS(IN3)) / IN2)) Not possible for data type BYTE. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Calculate": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Bit strings, inte gers, floatingpoint numbers I, Q, M, D, L, I, Q, M, D, First available input P or constant L, P or con stant IN2 Input Bit strings, inte gers, floatingpoint numbers I, Q, M, D, L, I, Q, M, D, Second available input P or constant L, P or con stant INn Input Bit strings, inte gers, floatingpoint numbers I, Q, M, D, L, I, Q, M, D, Additionally inserted in P or constant L, P or con puts stant OUT Output Bit strings, inte gers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Enable input Output to which the end result is to be transferred. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: &$/&8/$7( ,17 7DJB,QSXW (1 287 ,1,1 ,1 ,1 7DJB9DOXHB ,1 7DJB9DOXHB ,1 7DJB9DOXHB ,1 287 7DJB9DOXHB ,1 (12 7DJB5HVXOW 7DJB2XWSXW The following table shows how the instruction works using specific operand values: Parameters Operand Value IN1 Tag_Value_1 4 IN2 Tag_Value_2 4 IN3 Tag_Value_3 3 IN4 Tag_Value_4 2 OUT Tag_Result 12 If the "Tag_Input" has the signal state "1", the instruction is executed. The value of operand "Tag_Value_1" is added to the value of operand "Tag_Value_2". The sum is multiplied with the WinCC Advanced V14 System Manual, 10/2016 2867 Programming the PLC 11.4 Instructions value of the operand "Tag_Value_3". The product is divided by the value of the operand "Tag_Value_4". The quotient is transferred as end result to the operand "Tag_Result" at the OUT output of the instruction. If no errors occur during the execution of the individual instructions, output ENO and the operand "Tag_Output" are set to "1". See also Overview of the valid data types (Page 2131) Example of calculating an equation (Page 4743) Basic information on FBD (Page 4693) Memory areas (Page 944) ADD: Add (S7-1200, S7-1500) Description You can use the "Add" instruction to add the value at input IN1 to the value at input IN2 and query the sum at output OUT (OUT := IN1+IN2). In its initial state the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. During the execution of the instruction, the values of all available input parameters are added. The sum is stored at output OUT. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. Parameters The following table shows the parameters of the instruction "Add": Parameters Declaration Data type Memory area S7-1200 2868 Description S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant First number to be added IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Second number to be added WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 Description INn Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Optional input val ues, which are add ed. OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Sum You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also": Example The following example shows how the instruction works: $'' ,17 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is added to the value of operand "Tag_Value2". The result of the addition is stored in the operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SUB: Subtract (S7-1200, S7-1500) Description You can use the "Subtract" instruction to subtract the value at input IN2 from the value at input IN1 and query the difference at output OUT (OUT := IN1-IN2). The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. WinCC Advanced V14 System Manual, 10/2016 2869 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Subtract": Parameters Declaration Data type Memory area S7-1200 Description S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, Minuend P or constant IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, Subtrahend P or constant OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Difference You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 68% ,17 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value2" is subtracted from the value of operand "Tag_Value1". The result of the subtraction is stored in the operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2870 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MUL: Multiply (S7-1200, S7-1500) Description You can use the "Multiply" instruction to multiply the value at input IN1 with the value at input IN2 and query the total at output OUT (OUT := IN1*IN2). In its initial state the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. When the instruction is executed, the values of all available input parameters are multiplied. The product is stored at the OUT output. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. Parameters The following table shows the parameters of the instruction "Multiply": Parameters Declaration Data type Memory area S7-1200 EN Input BOOL Description S7-1500 I, Q, M, D, L I, Q, M, D, L, Enable input T, C ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, I, Q, M, D, L, First value for multipli L, P or con P or con cation stant stant IN2 Input Integers, floatingpoint numbers I, Q, M, D, I, Q, M, D, L, Second value for mul L, P or con P or con tiplication stant stant INn Input Integers, floatingpoint numbers I, Q, M, D, I, Q, M, D, L, Optional input values, L, P or con P or con which are multiplied. stant stant OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, Product P You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2871 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 08/ 5($/ 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW 6 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is multiplied with the value of operand "Tag_Value2". The result of the multiplication is stored in the operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) DIV: Divide (S7-1200, S7-1500) Description You can use the "Divide" instruction to divide the value at input IN1 by the value at input IN2 and query the quotient at output OUT (OUT := IN1/IN2). The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. Parameters The following table shows the parameters of the instruction "Divide": Parameters 2872 Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 Description IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or con stant Dividend IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or con stant Divisor OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Quotient value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: ',9 5($/ 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW 6 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is divided by the value of operand "Tag_Value2". The result of the division is stored in the operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) MOD: Return remainder of division (S7-1200, S7-1500) Description You can use the "Return remainder of division" instruction to divide the value at input IN1 by the value at input IN2 and query the remainder of division at output OUT. WinCC Advanced V14 System Manual, 10/2016 2873 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Return remainder of division" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers I, Q, M, D, L, P or constant I, Q, M, D, Dividend L, P or con stant IN2 Input Integers I, Q, M, D, L, P or constant I, Q, M, D, Divisor L, P or con stant OUT Output Integers I, Q, M, D, L, P I, Q, M, D, L, P Remainder of division You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 02' ',17 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW 6 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is divided by the value of operand "Tag_Value2". The remainder of division is stored in operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2874 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions NEG: Create twos complement (S7-1200, S7-1500) Description You can use the "Create twos complement" instruction to change the sign of the value at input IN and query the result at output OUT. If there is a positive value at input IN, for example, the negative equivalent of this value is sent to output OUT. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The result of the instruction is outside the range permitted for the data type specified at output OUT. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Create twos complement" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input SINT, INT, DINT, floatingpoint num bers SINT, I, Q, M, INT, D, L, P or DINT, constant LINT, floatingpoint num bers I, Q, M, D, Input value L, P or con stant OUT Output SINT, INT, DINT, floatingpoint num bers SINT, I, Q, M, INT, D, L, P DINT, LINT, floatingpoint num bers I, Q, M, D, L, P Twos complement of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2875 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 1(* 5($/ 7DJ,Q 7DJ,QB9DOXH (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW If the "TagIn" operand has signal state "1", the instruction is executed. The sign of the value at input "TagIn_Value" is changed and the result is stored at output "TagOut_Value". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) INC: Increment (S7-1200, S7-1500) Description You can use the "Increment" instruction to change the value of the operand at parameter IN/ OUT to the next higher value and query the result. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Increment" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN/OUT InOut Integers I, Q, M, D, L I, Q, M, D, L Value to be incremen ted. You can select the data type of the instruction from the "???" drop-down list of the instruction box. 2876 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJ,QB ,1& ,17 7DJ,QB (1 7DJB,Q2XW ,1287 7DJ2XW (12 If the operands TagIn_1 and TagIn_2 have the signal state "1", the value of the operand "Tag_InOut" is incremented by one and the output "TagOut" is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) DEC: Decrement (S7-1200, S7-1500) Description You can use the "Decrement" instruction to change the value of the operand at parameter IN/ OUT to the next lower value and query the result. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the instruction "Decrement": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 WinCC Advanced V14 System Manual, 10/2016 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN/OUT InOut Integers I, Q, M, D, L I, Q, M, D, L Value to be decremen ted. 2877 Programming the PLC 11.4 Instructions You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJ,QB '(& ,17 7DJ,QB (1 7DJB,Q2XW 7DJ2XW ,1287 (12 If the operands "TagIn_1" and "TagIn_2" have the signal state "1", the value of the operand "Tag_InOut" is decremented by one and the output "TagOut" is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ABS: Form absolute value (S7-1200, S7-1500) Description You can use the "Form absolute value" instruction to calculate the absolute value of the value specified at input IN. The result of the instruction is output at the OUT output and can be queried there. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". A floating-point number has an invalid value. Parameters The following table shows the parameters of the instruction "Form absolute value": Parameters 2878 Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 Description S7-1500 IN Input SINT, INT, DINT, float ing-point numbers SINT, INT, DINT, LINT, floatingpoint num bers I, Q, M, D, L, I, Q, M, D, L, Input value P or constant P or constant OUT Output SINT, INT, DINT, float ing-point numbers SINT, INT, DINT, LINT, floatingpoint num bers I, Q, M, D, L, P I, Q, M, D, L, P Absolute val ue of the in put value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: $%6 5($/ 7DJ,Q 7DJ,QB9DOXH (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value -6.234 OUT TagOut_Value 6.234 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the absolute value of the value at input "TagIn_Value" and sends the result to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2879 Programming the PLC 11.4 Instructions MIN: Get minimum (S7-1200, S7-1500) Description The "Get minimum" instruction compares the values at the available inputs and writes the lowest value to the OUT output. The number of inputs can be expanded at the instruction box by additional inputs. The inputs are numbered in ascending order in the box. In its initial state the instruction contains at least two inputs (IN1 and IN2) and no more than 100 inputs. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. Parameters The following table shows the parameters of the "Get minimum" instruction: Parameters Declaration Data type Memory area S7-1200 Description S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant First input value IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Second input value INn Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Additionally inserted inputs whose values are to be compared OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Result If the IEC check is not enabled, you can also use tags of the data type TIME, LTIME, TOD, LTOD, DATE and LDT by selecting a bit string of the same length as the data type. (e.g. instead of TIME => DINT, UDINT or DWORD = 32 bits) You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 2880 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 0,1 ,17 (1 7DJ,QB9DOXH ,1 7DJ,QB9DOXH ,1 287 7DJ,QB9DOXH ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN1 TagIn_Value1 12222 IN2 TagIn_Value2 14444 IN3 TagIn_Value3 13333 OUT TagOut_Value 12222 If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction compares the values of the specified operands and copies the lowest value ("TagIn_Value1") to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) MAX: Get maximum (S7-1200, S7-1500) Description The "Get maximum" instruction compares the values at the available inputs and writes the highest value to the OUT output. The number of inputs can be expanded at the instruction box by additional inputs. The inputs are numbered in ascending order in the box. In its initial state the instruction contains at least two inputs (IN1 and IN2) and no more than 100 inputs. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. WinCC Advanced V14 System Manual, 10/2016 2881 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Get maximum" instruction: Parameters Declaration Data type Memory area S7-1200 Description S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant First input value IN2 Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Second input value INn Input Integers, floatingpoint numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Additionally inserted inputs whose values are to be compared. OUT Output Integers, floatingpoint numbers I, Q, M, D, L, P I, Q, M, D, L, P Result If the IEC check is not enabled, you can also use tags of the data type TIME, LTIME, TOD, LTOD, DATE and LDT by selecting a bit string of the same length as the data type. (e.g. instead of TIME => DINT, UDINT or DWORD = 32 bits) You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 0$; ,17 (1 7DJ,QB9DOXH ,1 7DJ,QB9DOXH ,1 287 7DJ,QB9DOXH ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: 2882 Parameters Operand Value IN1 TagIn_Value1 12222 IN2 TagIn_Value2 14444 IN3 TagIn_Value3 13333 OUT TagOut_Value 14444 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction compares the values of the specified operands and copies the highest value ("TagIn_Value2") to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) LIMIT: Set limit value (S7-1200, S7-1500) Description You can use the "Set limit value" instruction to limit the value at input IN to the values at the inputs MN and MX. If the value at the IN input meets the MN condition <= IN <= MX, it is copied to the OUT output. If the condition is not fulfilled and the input value IN is below the low limit MN, output OUT is set to the value of the input MN. If the high limit MX is exceeded, output OUT is set to the value of the input MX. If the value at input MN is greater than that at input MX, the result is undefined and the enable output ENO is "0". The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The specified tags are not of the same data type. An operand has an invalid value. The value at the MN input is greater than the value at the MX input. Parameters The following table shows the parameters of the "Set limit value" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put MN Input Integers, floatingpoint num bers, TIME, TOD, DATE Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, I, Q, M, D, L, Low limit P or constant P or constant 2883 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 Description S7-1500 IN Input Integers, floatingpoint num bers, TIME, TOD, DATE Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, I, Q, M, D, L, Input value P or constant P or constant MX Input Integers, floatingpoint num bers, TIME, TOD, DATE Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, I, Q, M, D, L, High limit P or constant P or constant OUT Output Integers, floatingpoint num bers, TIME, TOD, DATE Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT I, Q, M, D, L, P I, Q, M, D, L, P Result The data types TOD, LTOD, DATE, and LDT can only be used if the IEC test is not enabled. You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: /,0,7 7DJ,QB ,17 7DJ,QB 7DJB01 7DJB9DOXH 7DJB0; (1 287 01 (12 7DJB5HVXOW 7DJ2XW ,1 0; The following table shows how the instruction works using concrete operand values: 2884 Parameters Operand Value MN Tag_MN 12000 IN Tag_Value 8000 MX Tag_MX 16000 OUT Tag_Result 12000 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The value of operand "Tag_Value" is compared with the values of operands "Tag_MN" and "Tag_MX". Since the value of the operand "Tag_Value" is less than the low limit, the value of the operand "Tag_MN" is copied to the "Tag_Result" output. If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SQR: Form square (S7-1200, S7-1500) Description The instruction "Form square" is used to square the value of a floating-point number at input IN and to write the result to output OUT. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form square": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, P or con stant Input value OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Square of the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 2885 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 645 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value 5.0 OUT Tag_Result 25.0 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction squares the value of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SQRT: Form square root (S7-1200, S7-1500) Description The instruction "Form square root" is used form the square root from the value of the floatingpoint number at input IN and to write the result to output OUT. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, output OUT returns an invalid floating-point number. If the value at input IN is "0", the result is also "0". The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. The value at input IN is negative. 2886 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Form square root": Parameters Declaration Data type Memory area S7-1200 Description S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or con stant Input value OUT Output Floating-point numbers I, Q, M, D, L I, Q, M, D, L I, Q, M, D, L, P or con stant Square root of the in put value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 6457 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value 25.0 OUT Tag_Result 5.0 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the square root of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2887 Programming the PLC 11.4 Instructions LN: Form natural logarithm (S7-1200, S7-1500) Description You can use the "Form natural logarithm" instruction to calculate the natural logarithm to base e (e = 2.718282) of the value at input IN. The result is sent to output OUT and can be queried there. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, output OUT returns an invalid floating-point number. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. The value at input IN is negative. Parameters The following table shows the parameters of the instruction "Form natural logarithm": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, Enable input T, C ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, Input value P or con stant OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, Natural logarithm of P the input value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: /1 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH If the "TagIn" operand has signal state "1", the instruction is executed. The instruction forms the natural logarithm of the value at input "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. 2888 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) EXP: Form exponential value (S7-1200, S7-1500) Description You can use the "Form exponential value" instruction to calculate the exponent from the base e (e = 2.718282) and the value specified at input IN. The result is provided at output OUT and can be queried there (OUT = eIN). The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form exponential value": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or con stant I, Q, M, D, L, Input value P or constant OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Exponential value of input value IN You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: (;3 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH WinCC Advanced V14 System Manual, 10/2016 2889 Programming the PLC 11.4 Instructions If the "TagIn" operand has signal state "1", the instruction is executed. The instruction forms the exponent from base e and the value of the operand "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SIN: Form sine value (S7-1200, S7-1500) Description You can use the "Form sine value" instruction to calculate the sine of an angle. The size of the angle is specified in the radian measure at input IN. The result of the instruction is output at the OUT output and can be queried there. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form sine value": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Size of the an gle in radians OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Sine of the specified angle You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 2890 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6,1 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value +1.570796 (/2) OUT Tag_Result 1.0 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the sine of the angle specified at input "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) COS: Form cosine value (S7-1200, S7-1500) Description You can use the "Form cosine value" instruction to calculate the cosine of an angle. The size of the angle is specified in the radian measure at input IN. The result of the instruction is output at the OUT output and can be queried there. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form cosine value": Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output 2891 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, P or constant IN Input Floating-point numbers I, Q, M, D, L, P or constant Size of the an gle in radians OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Cosine of the specified angle You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: &26 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value +1.570796 (/2) OUT Tag_Result 0 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the cosine of the angle specified at input "Tag_Value" and sends the result to output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) TAN: Form tangent value (S7-1200, S7-1500) Description You can use the "Form tangent value" instruction to calculate the tangent of an angle. The size of the angle is specified in the radian measure at input IN. The result of the instruction is provided at output OUT and can be queried there. 2892 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form tangent value": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, T, C Enable input EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Size of angle in the radian measure OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Tangent of the specified angle You can select the data type of the instruction from the "<???>" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7$1 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value +3.141593 () OUT Tag_Result 0 If the operand "TagIn" has the signal state "1", the "Form tangent value" instruction is executed. The instruction calculates the tangent of the angle specified at input "Tag_Value" and stores the result at output "Tag_Result". If no errors occur during the execution of the instruction, the output "TagOut" is set. WinCC Advanced V14 System Manual, 10/2016 2893 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ASIN: Form arcsine value (S7-1200, S7-1500) Description You can use the "Form arcsine value" instruction to calculate the size of the angle from the sine value specified at input IN, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified at input IN. The calculated angle size is output in radians at the OUT output and can range in value from -/2 to +/2. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. The value at input IN is outside the permitted range (-1 to +1). Parameters The following table shows the parameters of the instruction "Form arcsine value": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Sine value OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Size of the an gle in radians You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 2894 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: $6,1 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value 1.0 OUT Tag_Result +1.570796 (/2) If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the size of the angle corresponding to the sine value at input "Tag_Value". The result of the instruction is stored at output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ACOS: Form arccosine value (S7-1200, S7-1500) Description You can use the "Form arccosine value" instruction to calculate the size of the angle from the cosine value specified at input IN, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified at input IN. The calculated angle size is output in radians at output OUT and can range in value from 0 to +. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. The value at input IN is outside the permitted range (-1 to +1). WinCC Advanced V14 System Manual, 10/2016 2895 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Form arccosine value": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Cosine value OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Size of the an gle in radians You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: $&26 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value 0 OUT Tag_Result +1.570796 (/2) If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the size of the angle corresponding to the cosine value at input "Tag_Value". The result of the instruction is stored at output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2896 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ATAN: Form arctangent value (S7-1200, S7-1500) Description You can use the "Form arctangent value" instruction to calculate the size of the angle from the tangent value specified at input IN, which corresponds to this value. It is only permitted to specify valid floating-point numbers (or -NaN/+NaN) at input IN. The calculated angle size is output in radians at the OUT output and can range in value from -/2 to +/2. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input IN is not a valid floating-point number. Parameters The following table shows the parameters of the instruction "Form arctangent value": Parameters Declaration Data type Memory area S7-1200 EN Input BOOL Description S7-1500 I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, I, Q, M, D, L, P or con L, P or con stant stant Tangent value OUT Output Floating-point numbers I, Q, M, D, L, P Size of the angle in ra dians I, Q, M, D, L, P You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: $7$1 5($/ 7DJ,Q (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW 7DJB9DOXH The following table shows how the instruction works using concrete operand values: WinCC Advanced V14 System Manual, 10/2016 Parameters Operand Value IN Tag_Value 1.0 OUT Tag_Result +0.785398 (/4) 2897 Programming the PLC 11.4 Instructions If the "TagIn" operand has signal state "1", the instruction is executed. The instruction calculates the size of the angle corresponding to the tangent value at input "Tag_Value". The result of the instruction is stored at output "Tag_Result". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Invalid floating-point numbers (Page 2152) Basic information on FBD (Page 4693) Memory areas (Page 944) FRAC: Return fraction (S7-1200, S7-1500) Description You can use the "Return fraction" instruction to determine the decimal places of the value at the IN input. The result of the query is stored at output OUT and can be queried there. If the input IN has e.g. the value 123.4567, the output OUT has the value 0.4567. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors occur during the execution of the instruction, for example there is no valid floatingpoint number at the input. Parameters The following table shows the parameters of the "Return fraction" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, T, C EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value, whose decimal places are to be determined. OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Decimal pla ces of the input value at input IN You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 2898 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 7DJB9DOXH )5$& 5($/ (1 287 ,1 (12 7DJB5HVXOW 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_Value 2.555 OUT Tag_Result 0.555 If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is started. The decimal places from the value at the operand "Tag_Value" are copied to the operand "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) EXPT: Exponentiate (S7-1200, S7-1500) Description You can use the "Exponentiate" instruction to raise the value at the input IN1 by a power specified with the value at input IN2. The result of the instruction is stored at output OUT and can be queried there (OUT = IN1IN2). The value at input IN1 must be a valid floating-point number. Integers are also allowed for setting the input IN2. Enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors occur during the instruction processing, for example, if there is an overflow. WinCC Advanced V14 System Manual, 10/2016 2899 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Exponentiate": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Floating-point numbers I, Q, M, D, I, Q, M, D, L, Base value L, P or con P or constant stant IN2 Input Integers, float ing-point num bers I, Q, M, D, I, Q, M, D, L, Value with which the L, P or con P or constant base value is exponenti stant ated OUT Output Floating-point numbers I, Q, M, D, L, P I, Q, M, D, L, P Result You can select the data type of the instruction from the "???" drop-down list of the instruction box. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB 5($/ (;37 5($/ (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW If the operands "TagIn_1" and "TagIn_2" have signal state "1", the "Exponentiate" instruction is executed. The value of operand "Tag_Value1" is raised by the power of the value of the operand "Tag_Value2". The result is stored at output "Tag_Result". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2900 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Move operations (S7-1200, S7-1500) MOVE: Move value (S7-1200, S7-1500) Description You use the "Move value" instruction to transfer the content of the operand at the IN input to the operand at the OUT1 output. The transfer is always made in the direction of ascending address. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The data type at the IN parameter does not correspond to the specified data type at the OUT1 parameter. The following table lists the possible transfers for the S7-1200 CPU series: Source (IN) WinCC Advanced V14 System Manual, 10/2016 Destination (OUT1) With IEC check Without IEC check BYTE BYTE, WORD, DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE ,TOD, CHAR WORD WORD, DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD, CHAR DWORD DWORD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, REAL, TIME, DATE, TOD, CHAR SINT SINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD USINT USINT, UINT, UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD INT INT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD UINT UINT, UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD DINT DINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD UDINT UDINT BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME, DATE, TOD REAL REAL DWORD, REAL LREAL LREAL LREAL TIME TIME BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TIME DATE DATE BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, DATE TOD TOD BYTE, WORD, DWORD, SINT, USINT, INT, UINT, DINT, UDINT, TOD DTL DTL DTL CHAR CHAR BYTE, WORD, DWORD, CHAR, Character of a string1) 2901 Programming the PLC 11.4 Instructions Source (IN) Destination (OUT1) With IEC check Without IEC check WCHAR WCHAR BYTE, WORD, DWORD, CHAR, WCHAR, character of a character string1) Character of a string1) Character of a string CHAR, WCHAR, character of a string ARRAY2) ARRAY ARRAY STRUCT STRUCT STRUCT PLC data type (UDT) PLC data type (UDT) PLC data type (UDT) IEC_TIMER IEC_TIMER IEC_TIMER IEC_SCOUNT ER IEC_SCOUNTER IEC_SCOUNTER IEC_US COUNTER IEC_USCOUNTER IEC_USCOUNTER IEC_COUNTER IEC_COUNTER IEC_COUNTER IEC_UCOUNT ER IEC_UCOUNTER IEC_UCOUNTER IEC_DCOUNT ER IEC_DCOUNTER IEC_DCOUNTER IEC_UD COUNTER IEC_UDCOUNTER IEC_UDCOUNTER The following table lists the possible transfers for the S7-1500 CPU series: Source (IN) 2902 Destination (OUT1) With IEC check Without IEC check BYTE BYTE, WORD, DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE ,TOD, LTOD, CHAR WORD WORD, DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, S5TIME, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR DWORD DWORD, LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, REAL, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR LWORD LWORD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LREAL, TIME, LTIME, LDT, DATE, TOD, LTOD, CHAR SINT SINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD USINT USINT, UINT, UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD INT INT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Source (IN) WinCC Advanced V14 System Manual, 10/2016 Destination (OUT1) With IEC check Without IEC check UINT UINT, UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD. LTOD DINT DINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD UDINT UDINT, ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD LINT LINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD ULINT ULINT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME, LTIME, LDT, DATE, TOD, LTOD REAL REAL DWORD, REAL LREAL LREAL LWORD, LREAL S5TIME S5TIME WORD, S5TIME TIME TIME BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TIME LTIME LTIME BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LTIME DATE DATE BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, DATE DT DT DT LDT LDT BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LDT TOD TOD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, TOD LTOD LTOD BYTE, WORD, DWORD, LWORD, SINT, USINT, INT, UINT, DINT, UDINT, LINT, ULINT, LTOD DTL DTL DTL CHAR CHAR BYTE, WORD, DWORD, LWORD, CHAR, Character of a string1) WCHAR WCHAR BYTE, WORD, DWORD, LWORD, CHAR, WCHAR, Character of a string1) Character of a string1) Character of a string CHAR, WCHAR, character of a string ARRAY2) ARRAY ARRAY STRUCT STRUCT STRUCT COUNTER COUNTER, WORD, INT WORD, DWORD, INT, UINT, DINT, UDINT TIMER TIMER, WORD, INT WORD, DWORD, INT, UINT, DINT, UDINT PLC data type (UDT) PLC data type (UDT) PLC data type (UDT) IEC_TIMER IEC_TIMER IEC_TIMER IEC_LTIMER IEC_LTIMER IEC_LTIMER 2903 Programming the PLC 11.4 Instructions Source (IN) Destination (OUT1) With IEC check Without IEC check IEC_SCOUNT ER IEC_SCOUNTER IEC_SCOUNTER IEC_US COUNTER IEC_USCOUNTER IEC_USCOUNTER IEC_COUNTER IEC_COUNTER IEC_COUNTER IEC_UCOUNT ER IEC_UCOUNTER IEC_UCOUNTER IEC_DCOUNT ER IEC_DCOUNTER IEC_DCOUNTER IEC_UD COUNTER IEC_UDCOUNTER IEC_UDCOUNTER IEC_LCOUNT ER IEC_LCOUNTER IEC_LCOUNTER IEC_UL COUNTER IEC_ULCOUNTER IEC_ULCOUNTER You can also use the "Move value" instruction to transfer individual characters of a string to operands of the CHAR or WCHAR data type. The number of the character to be transferred is specified in square brackets next to the operand name. "MyString[2]", for example, transfers the second character of the "MyString" string. The transfer of the operand of the data type CHAR or WCHAR to the individual character of a string is also possible. You can also replace a specific character of a string with the character of another string. 1) Transferring entire arrays (ARRAY) is possible only when the array components of the operands at input IN and at output OUT1 are of the same data type. 2) If the bit length of the data type at input IN exceeds the bit length of the data type at output OUT1, the higher-order bits of the source value are lost. If the bit length of the data type at input IN is less than the bit length of the data type at output OUT1, the higher-order bits of the destination value will be overwritten with zeros. In its initial state, the instruction box contains 1 output (OUT1). The number of outputs can be extended. The added outputs are numbered in ascending order on the box. During the execution of the instruction, the content of the operand at the input IN is transferred to all available outputs. The instruction box cannot be extended if structured data types (DTL, STRUCT, ARRAY) or characters of a string are transferred. You can also use the "Move block" (MOVE_BLK) and "Move block uninterruptible" (UMOVE_BLK) instructions to move operands of the ARRAY data type. Operand of the data type STRING or WSTRING can be copied with the instruction "Move character string" (S_MOVE). 2904 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Move value" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input Bit strings, integers, floatingpoint num bers, timers, date and time, CHAR, WCHAR, STRUCT, ARRAY, IEC data types, PLC data type (UDT) Bit strings, integers, floatingpoint num bers, timers, date and time, CHAR; WCHAR, STRUCT, ARRAY, TIMER, COUNTER, IEC data type, PLC data type (UDT) I, Q, M, D, L or constant I, Q, M, D, L or constant Element used to over write the destination address. OUT1 Output Bit strings, integers, floatingpoint num bers, timers, date and time, CHAR, WCHAR, STRUCT, ARRAY, IEC data types, PLC data type (UDT) Bit strings, integers, floatingpoint num bers, timers, date and time, CHAR; WCHAR, STRUCT, ARRAY, TIMER, COUNTER, IEC data type, PLC data type (UDT) I, Q, M, D, L I, Q, M, D, L Destination address You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 029( 7DJ,Q (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW 7DJ,QB9DOXH WinCC Advanced V14 System Manual, 10/2016 2905 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 OUT1 TagOut_Value 0011 1111 1010 1111 If the "TagIn" operand returns signal state TRUE, the instruction is executed. The instruction moves the contents of the "TagIn_Value" operand to the "TagOut_Value" operand. If the instruction is executed without errors, the ENO and "TagOut" enable outputs are set to signal state TRUE. Note You can find more information on the MOVE instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Removing instruction inputs and outputs (Page 4724) MOVE_BLK: Move block (Page 2914) UMOVE_BLK: Move block uninterruptible (Page 2921) S_MOVE: Move character string (Page 3334) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Adding additional inputs and outputs to FBD elements (Page 4723) System memory areas (Page 947) Deserialize: Deserialize (S7-1200, S7-1500) Description You can use the "Deserialize" instruction to convert back the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> and to fill its entire contents. The memory area in which the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> is located must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized memory areas also permitted as of version 2.0. The capacity of the standard memory area is 64 KB. Make sure that there is enough memory 2906 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions space prior to the conversion. If the memory area is filled using the instruction "Serialize" and it is possible that fill bytes were inserted, their conversion is not taken into account. It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. The instruction enables you to convert multiple sequential representations of converted data back to their original state step-by-step. If you only want to convert back a single sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type>, you can also directly use the instruction "TRCV: Receive data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To deserialize larger structures, you can declare the memory area for sequential representation with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The content of the sequential representation remains unchanged, as for a standard memory area. Only symbolic access to the bytes in the ARRAY is possible. Parameters The following table shows the parameters of the "Deserialize" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output SRC_AR RAY Input VARIANT D, block interface Tag of ARRAY of BYTE data of an FB (The sec type in which the generate tions Input, Out data flow is stored put, Static and Temp are possi ble.) ARRAY[*] of BYTE 1) 2907 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description DEST_VARI ABLE InOut VARIANT D, block interface of an FB Tag in which the reconverted PLC data type (UDT), STRUCT, ARRAY of <data type> is stored POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the number of bytes occupied by the converted customer data. The POS parameter is calcu lated zero-based. RET_VAL Output INT I, Q, M, D, L Error information Possible for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. 1) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B0 The memory areas for the SRC_ARRAY and DEST_VARIABLE parameters overlap. 8136 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8150 The VARIANT data type at the SRC_ARRAY parameter contains a ZERO pointer. 8151 No valid reference at the SRC_ARRAY parameter 8153 There is not enough free memory available at the SRC_ARRAY parameter. 8154 Invalid data type at the SRC_ARRAY parameter 8250 The VARIANT data type at the DEST_VARIABLE parameter contains a ZERO pointer. 8251 No valid reference at the DEST_VARIABLE parameter 8382 The value at the POS parameter is outside the limits of the array. 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8136 Access to the memory area at the SRC_ARRAY parameter is invalid. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". 2908 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following table shows the declaration of the operands: Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface of an FB or FC. BufferPos DINT Error INT In the "Temp" section of the block interface of an FB or FC. Label STRING[4] The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Target Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Bill Array[0..10] of INT Field Array[0..294] of BYTE Buffer The following example shows how the instruction works: Network 1: 029( (1 (12 ,1 287 'HVHULDOL]H (1 %XIIHU3RV %XIIHU)LHOG %XIIHU3RV 65&B$55$< 326 (12 5(7B9$/ '(67B9$5,$%/( (UURU 7DUJHW&OLHQW The "Move value" instruction moves the value "0" to the #BufferPos operand. The "Deserialize" instruction deserializes the sequential representation of the customer data from the "Buffer" tag and writes it to the "Target" tag. The #BufferPos operand stores the index of the first byte based on the number of bytes occupied by the converted customer data. Network 2: WinCC Advanced V14 System Manual, 10/2016 2909 Programming the PLC 11.4 Instructions 'HVHULDOL]H %XIIHU )LHOG %XIIHU3RV (12 (1 65&B$55$< 326 5(7B9$/ (UURU '(67B9$5,$%/( /DEHO 675,1* DUWL /DEHO 'HVHULDOL]H ,1 ,1 %XIIHU)LHOG %XIIHU3RV 675,1* 5HFK /DEHO (12 (1 5(7B9$/ 65&B$55$< '(67B9$5,$%/( 326 'HVHULDOL]H ,1 ,1 (12 (1 %XIIHU)LHOG %XIIHU3RV 65&B$55$< 326 5(7B9$/ '(67B9$5,$%/( The "Deserialize" instruction deserializes the sequential representation of the separator sheet, which was stored in the sequential representation after the customer data, from the "Buffer" tag and writes the characters to the #Label operand. The characters are compared using comparison instructions "arti" and "Bill". If the comparison for "arti" = TRUE, these are article data that have been deserialized and written to the "Target" tag. If the comparison for "Bill" = TRUE, these are billing data that have been deserialized and written to the "Target" tag. See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) PLC data types (UDT) (Page 2170) Basic information on FBD (Page 4693) Memory areas (Page 944) Serialize: Serialize (S7-1200, S7-1500) Description You can use the "Serialize" instruction to convert several PLC data types (UDT), STRUCT or ARRAY of <data type> to a sequential representation without losing parts of their structure. You use the instruction to temporarily save multiple structured data items from your program in a buffer, which should preferably be in a global data block, and send them to another CPU. The memory area in which the converted data are stored must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized data is also permitted as of version 2.0. Elements of the ARRAY of BYTE may be filled with zeros to meet the standard 2910 ( 7 $U > WinCC Advanced V14 System Manual, 10/2016 (UURU 7DUJHW %LOO>'HOLYHU3 Programming the PLC 11.4 Instructions alignment rules. The capacity of the standard memory area is 64 KB. Structures that are larger than 64 KB in accordance with the rules for standard memory areas cannot be serialized if the operand at the DEST_ARRAY parameter is located in a standard memory area. It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. The operand at the POS parameter contains information about the number of bytes used by the converted data. If you want to send a single PLC data type (UDT), STRUCT or ARRAY of <data type>, you can directly call the instruction "TSEND: Send data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To serialize larger structures, you can declare the memory area with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The sequential representation remains unchanged, as for a standard memory area. Parameters The following table shows the parameters of the instruction "Serialize": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output VARIANT D, block interface of an FB PLC data type (UDT), STRUCT or ARRAY of <data type> that is converted to se quential representation. SRC_VARIA Input BLE WinCC Advanced V14 System Manual, 10/2016 2911 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description DEST_AR RAY InOut VARIANT D, block interface of an FB (the sec tions Input, Out put, Static and Temp are possi ble.) Data block in which the gen erated data stream is stored. POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the to tal number of bytes that the converted customer data has occupied. The POS parame ter is calculated zero-based. RET_VAL Output INT I, Q, M, D, L Error information RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B0 The memory areas for the SRC_VARIABLE and DEST_ARRAY parameters overlap. 8150 The VARIANT data type at the SRC_VARIABLE parameter contains a ZERO pointer. 8151 No valid reference at the SRC_VARIABLE parameter 8236 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8250 The VARIANT data type at the DEST_ARRAY parameter contains a ZERO pointer. 8251 No valid reference at the DEST_ARRAY parameter 8253 There is not enough free memory available at the DEST_ARRAY parameter. 8254 Invalid data type at the DEST_ARRAY parameter 8382 The value at the POS parameter is outside the limits of the array. 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8236 Access to the memory area at the DEST_ARRAY parameter is invalid. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". 2912 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: Network 1: 029( 6HULDOL]H (1 (12 ,1 287 (12 (1 %XIIHU3RV 6RXUFH&OLHQW 5(7B9$/ 65&B9$5,$%/( '(67B$55$< 326 %XIIHU3RV (UURU %XIIHU)LHOG The "Move value" instruction moves the value "0" to the #BufferPos operand. The "Deserialize" instruction deserializes the customer data from the "Source" tag and writes the sequential representation to the "Buffer" tag. The index of the next unwritten byte of the "Buffer".Field operand is saved in the #BufferPos operand. Network 2: 6B029( DUWL (1 (12 ,1 287 6HULDOL]H (12 (1 /DEHO /DEHO %XIIHU3RV 65&B9$5,$%/( 326 5(7B9$/ '(67B$55$< (UURU %XIIHU)LHOG A kind of separator sheet is inserted now to make it easier to deserialize the sequential representation later. The "Move character string" instruction moves the "arti" characters to the #Label operand. The "Serialize" instruction writes these characters after the customer data to the "Buffer" tag. The value of the #BufferPos operand is incremented accordingly. Network 3: 6HULDOL]H (12 (1 6RXUFH $UWLFOH>'HOLYHU3RV@ %XIIHU3RV 5(7B9$/ 65&B9$5,$%/( '(67B$55$< 326 (UURU %XIIHU)LHOG The "Serialize" instruction serializes the data of a specific article, which is calculated in runtime, from the "Source" tag and writes it in sequential representation to the "Buffer" tag after the "arti" characters. The following table shows the declaration of the operands: WinCC Advanced V14 System Manual, 10/2016 Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface BufferPos DINT In the "Temp" section of the block interface 2913 Programming the PLC 11.4 Instructions Operand Data type Declaration Error INT In the "Temp" section of the block interface Label STRING[4] In the "Temp" section of the block interface The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Source Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Field Array[0..294] of BYTE Buffer See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) PLC data types (UDT) (Page 2170) Basic information on FBD (Page 4693) Memory areas (Page 944) MOVE_BLK: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The number of elements to be moved to the destination area is specified with the COUNT parameter. The width of the elements to be moved is defined by the width of the element at input IN. The instruction can only be executed if the source area and the destination area have the same data type. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is moved than is made available at input IN or output OUT. 2914 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". Parameters The following table shows the parameters of the "Move block" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN 1) Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L D, L The first ele ment of the source area that is being copied COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, I, Q, M, D, L, Number of P or constant P or constant elements to be copied from the source area to the desti nation area OUT 1) Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L 1) D, L The first ele ment of the destination area to which the contents of the source area are be ing copied The specified data types can only be used as elements of an ARRAY structure. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2915 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB DBDUUD\>@ 029(B%/. (1 ,1 287 EBDUUD\>@ 7DJ2XW 7DJB&RXQW &2817 (12 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN a_array[2] The data type of the "a_array" operand is ARRAY [0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is ARRAY [0..6] of INT. It consists of seven elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. Note You can find more information on the MOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) 2916 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MOVE_BLK_VARIANT: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). You can copy a complete ARRAY or elements of an ARRAY to another ARRAY of the same data type. The size (number of elements) of source and destination ARRAY may be different. You can copy multiple or single elements within an ARRAY. When you use the instruction at the time to the block is created, the ARRAY does not yet have to be known, as the source and the designation are transferred per VARIANT. Counting at the parameters SRC_INDEX and DEST_INDEX always begins with the low limit "0", regardless of the later declaration of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is copied than is made available. Parameters The following table shows the parameters of the "Move block" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output SRC Input VARIANT (which points to an AR RAY or an individ ual ARRAY ele ment), ARRAY of <Data_type> L (A declaration in Source block from which to the "Temp" sec copy tion of the block in terface is not pos sible.) COUNT Input UDINT I, Q, M, D, L or con Number of elements which stant are copied 2) Assign the value "1" to the parameter COUNT, if no AR RAY is specified at parame ter SRC or at parameter DEST. WinCC Advanced V14 System Manual, 10/2016 2917 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area SRC_INDEX Input DINT I, Q, M, D, L or con The SRC_INDEX stant parameter is calculated zero-based. If an ARRAY is specified at parameter SRC, the integer at parameter SRC_INDEX specifies the first element within the source area from which it is to be copied. Independent of the declared ARRAY limits. Description If no ARRAY is specified at parameter SRC or only one single element of an ARRAY is specified, then assign the value "0" at parameter SRC_INDEX. DEST_IN DEX Input DINT I, Q, M, D, L or con The DEST_INDEX stant parameter is calculated zero-based. If an ARRAY is specified at parameter DEST, the integer at parameter DEST_INDEX specifies the first element within the destination area that is to be copied into. Independent of the declared ARRAY limits. If no ARRAY is specified at parameter DEST, then assign the value "0" at parameter DEST_INDEX. DEST Output 1) VARIANT L (A declaration in Destination area into which the "Temp" sec the contents of the source tion of the block in block are copied. terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. 1) The DEST parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. 2) With the SRC parameter, the data types BOOL and ARRAY of BOOL are not permitted. You can find additional information on valid data types under "See also". 2918 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data types do not correspond. Instead of an ARRAY of <Struct>, use an ARRAY of <PLC data type (UDT)>. 8151 Access to the SRC parameter is not possible. 8152 The operand at the SRC parameter is not typed. 8153 Code generation error at the SRC parameter 8154 The operand at the SRC parameter has the data type BOOL. 8281 The COUNT parameter has an invalid value 8382 The value at the SRC_INDEX parameter is outside the limits of the VARIANT. 8383 The value at the SRC_INDEX is outside the high limit of the ARRAY. 8482 The value at the DEST_INDEX parameter is outside the limits of the VARIANT. 8483 The value at the DEST_INDEX is outside the high limit of the ARRAY. 8534 The DEST parameter is write protected 8551 Access to the DEST parameter is not possible. 8552 The operand at the DEST parameter is not typed. 8553 Code generation error at the DEST parameter 8554 The operand at the DEST parameter has the data type BOOL. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 029(B%/.B9$5,$17 7DJ,Q 6UF)LHOG 7DJB&RXQW (1 65& &2817 7DJB6UFB,QGH[ 65&B,1'(; 7DJB'HVWB,QGH[ '(67B,1'(; WinCC Advanced V14 System Manual, 10/2016 7DJ2XW (12 5(7B9$/ '(67 7DJB5HVXOW 'HVW)LHOG 2919 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Declaration in the block interface Operand Value SRC Input #SrcField The local operand #SrcField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[0..10] of "MOVE_UDT") COUNT Input Tag_Count 2 SRC_INDEX Input Tag_Src_Index 3 DEST_INDEX Input Tag_Dest_Index 3 DEST InOut #DestField The local operand #DestField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[10..20] of "MOVE_UDT") If the "TagIn" operand returns signal state "1", the instruction is executed. Two elements are moved from the source area, starting from the fourth element of the ARRAY [0..10] of MOVE_UDT, to the destination area. The copies are pasted in the ARRAY [10..20] of MOVE_UDT starting from the fourth element. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. Note You can find more information on the MOVE_BLK_VARIANT instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) VariantGet: Read out VARIANT tag value (Page 2942) Programming example: Moving data (Page 2085) VARIANT (Page 2191) Basic information on FBD (Page 4693) Memory areas (Page 944) 2920 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions UMOVE_BLK: Move block uninterruptible (S7-1200, S7-1500) Description You use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The instruction cannot be interrupted. The number of elements to be moved to the destination area is specified with the COUNT parameter. The width of the elements to be moved is defined by the width of the element at input IN. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the interrupt reaction times of the CPU increase during the execution of the "Move block uninterruptible" instruction. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". More data is moved than is made available at input IN or output OUT. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". You use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Parameters The following table shows the parameters of the "Move block uninterruptible" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN 1) Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L D, L The first ele ment of the source area that is being copied 2921 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 Description S7-1500 COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, I, Q, M, D, L, Number of P or constant P or constant elements to be copied from the source area to the desti nation area OUT 1) Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L 1) D, L The first ele ment of the destination area to which the contents of the source area are be ing copied The specified data types can only be used as elements of an array structure. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB DBDUUD\>@ 8029(B%/. (1 ,1 287 EBDUUD\>@ 7DJ2XW 7DJB&RXQW &2817 (12 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN a_array[2] The data type of the "a_array" operand is ARRAY[0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is ARRAY[0..6] of INT. It consists of seven elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. 2922 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The move operation cannot be interrupted by other operating system activities. If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. Note You can find more information on the UMOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) System memory areas (Page 947) FILL_BLK: Fill block (S7-1200, S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the value of the IN input. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". WinCC Advanced V14 System Manual, 10/2016 2923 Programming the PLC 11.4 Instructions Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. Parameters The following table shows the parameters of the "Fill block" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P, or constant I, Q, M, D, L, P, or con stant Element used to fill the desti nation area COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P, or constant I, Q, M, D, L, P, or con stant Number of re peated move operations OUT Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L D, L Address in destination area from which filling starts For additional information on valid data types, refer to "See also". 2924 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: 7DJ,QB ),//B%/. 7DJ,QB (1 )LOO9DOXH ,1 287 7DUJHW$UHD>@ 7DJ2XW 7DJB&RXQW &2817 (12 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 WinCC Advanced V14 System Manual, 10/2016 STRUCT 2925 Programming the PLC 11.4 Instructions Data_block_1 Data type SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT Generate the following program code to address the MyStruct1 tag: ),//B%/. (1 287 'DWDBEORFNB 0\6WUXFW 0HPEHUB (12 7DJ2XW ,1 &2817 Generate the following program code to address the MyStruct2 tag: ),//B%/. (1 287 'DWDBEORFNB0\6WUXFW 6XE$UUD\>@1HVWHG6WUXFW 0HPEHUB (12 7DJ2XW ,1 &2817 In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. If the instruction is executed without errors, the TagOut operand is set to signal state "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2926 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions UFILL_BLK: Fill block uninterruptible (S7-1200, S7-1500) Description You can use the "Fill block uninterruptible" instruction to fill a memory area (destination area) with the value of the IN input. The instruction cannot be interrupted. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the alarm reaction times of the CPU increase during the execution of the "Fill block uninterruptible" instruction. Enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. When a ARRAY of BOOL is copied, the enable output ENO for an overflow is set to "1" until the byte limit of the ARRAY structure is exceeded. If the byte limit of the ARRAY structure is exceeded by the value at the COUNT input, the ENO enable output is reset to "0". You use the "Fill block uninterruptible" instruction to move a maximum of 16 KB. Note the CPUspecific restrictions for this. Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. Parameters The following table shows the parameters of the "Fill block uninterruptible" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put 2927 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 IN Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P, or con stant I, Q, M, D, L, P, or con stant Element used to fill the destina tion area COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P, or con stant I, Q, M, D, L, P, or con stant Number of repeated move opera tions OUT Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L D, L Address in destination area from which filling starts For additional information on valid data types, refer to "See also". Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: 7DJ,QB 8),//B%/. 7DJ,QB (1 )LOO9DOXH ,1 287 7DUJHW$UHD>@ 7DJ2XW 7DJB&RXQW &2817 (12 The following table shows how the instruction works using specific operand values: 2928 Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the operands "TagIn_1" and "TagIn_2" have signal state "1", the instruction is executed. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. The move operation cannot be interrupted by other operating system activities. If the instruction is executed without errors, the TagOut operand at the "ENO" enable output is set to signal state "1". Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 STRUCT SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT Generate the following program code to address the MyStruct1 tag: 8),//B%/. (1 287 'DWDBEORFNB 0\6WUXFW 0HPEHUB (12 7DJ2XW ,1 &2817 Generate the following program code to address the MyStruct2 tag: WinCC Advanced V14 System Manual, 10/2016 2929 Programming the PLC 11.4 Instructions 8),//B%/. (1 287 'DWDBEORFNB0\6WUXFW 6XE$UUD\>@1HVWHG6WUXFW 0HPEHUB (12 7DJ2XW ,1 &2817 In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. If the instruction is executed without errors, the TagOut operand is set to signal state "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SWAP: Swap (S7-1200, S7-1500) Description You can use the instruction "Swap" to change the order of the bytes within the tag at input IN and query the result at output OUT. The following figure shows how the bytes of a DWORD data type operand are swapped using the "Swap" instruction: ,1 2930 287 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Swap" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input WORD, DWORD WORD, DWORD, LWORD I, Q, M, D, L, I, Q, M, D, L, Operand P or constant P or constant whose bytes are swap ped. OUT Output WORD, DWORD WORD, DWORD, LWORD I, Q, M, D, L, P I, Q, M, D, L, P Result You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 7DJ,Q 7DJ,QB9DOXH 6:$3 :25' 287 (1 7DJ2XWB9DOXH 7DJ2XW ,1 (12 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0000 1111 0101 0101 OUT TagOut_Value 0101 0101 0000 1111 If the "TagIn" operand has signal state "1", the instruction is executed. The arrangement of the bytes is changed and stored in the operand "TagOut_Value". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2931 Programming the PLC 11.4 Instructions ARRAY DB (S7-1500) ReadFromArrayDB: Read from ARRAY data block (S7-1500) Description The instruction "Read from ARRAY data block" is used to read data from a data block of the ARRAY DB block type and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Enable output ENO returns the signal state FALSE if one of the following conditions applies: Enable input EN returns the signal state FALSE. If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Read from ARRAY data block" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output DB Input DB_ANY I, Q, M, D, L Data block that is read INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. VALUE Output 1) VARIANT L (A declaration in Value that is read and output the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. 1) The VALUE parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. You can find additional information on valid data types under "See also". 2932 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, write protected, or is located in load memory. 8135 The ARRAY data block contains invalid values. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8452 Code generation error 8453 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 5HDG)URP$UUD\'% 7DJ,QB (1 $UUD\'% '% ,1'(; 5(7B9$/ 9$/8( 7DJ5HWB9DO 7DUJHW)LHOG 7DJ2XW (12 The following table shows how the instruction works using specific operand values: Parameters Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. If the "TagIn1" operand returns signal state "1", the instruction is executed. The 2nd element is read from "ArrayDB" and written to the "TargetField" operand. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. WinCC Advanced V14 System Manual, 10/2016 2933 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Basic information on FBD (Page 4693) Memory areas (Page 944) WriteToArrayDB: Write to ARRAY data block (S7-1500) Description The instruction "Write to ARRAY data block" is used to write data to a data block of the ARRAY DB block type. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Enable output ENO returns the signal state FALSE if one of the following conditions applies: Enable input EN returns the signal state FALSE. If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Write to ARRAY data block" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output DB Input DB_ANY I, Q, M, D, L Data block to which data is written INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE Input VARIANT L (A declaration in Value to be written the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the RET_VAL parameter. You can find additional information on valid data types under "See also". 2934 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, or is located in load memory. 8134 The data block is write protected. 8135 The data block is not an ARRAY data block. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8350 The data type VARIANT at parameter VALUE provides the value "0". 8352 Code generation error 8353 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: :ULWH7R$UUD\'% 7DJ,QB (1 $UUD\'% '% 6RXUFH)LHOG ,1'(; 5(7B9$/ 9$/8( (12 7DJ5HWB9DO 7DJ2XW The following table shows how the instruction works using specific operand values: Parameters Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. If the "TagIn1" operand returns signal state "1", the instruction is executed. The value of the "SourceField" operand is written to the 2nd element of the ARRAY DB. If the instruction is WinCC Advanced V14 System Manual, 10/2016 2935 Programming the PLC 11.4 Instructions executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Basic information on FBD (Page 4693) Memory areas (Page 944) ReadFromArrayDBL: Read from ARRAY data block in load memory (S7-1500) Description The instruction "Read from ARRAY data block in load memory" is used to read data from a data block of the ARRAY DB block type in the load memory and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". The instruction is terminated if a negative signal edge is detected at the BUSY parameter. The DONE parameter has the signal state "1" for one program cycle and the read value is output at the VALUE parameter within this cycle. With all other program cycles, the value at the VALUE parameter is not changed. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Read from ARRAY data block in load memory" instruction: 2936 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con REQ = "1": Begin with the stant reading of the ARRAY DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block that is read. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. VALUE 1) InOut VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being read DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully ERROR Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) The data blocks must be created with the "Optimized" block property. Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8750 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. WinCC Advanced V14 System Manual, 10/2016 2937 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 5HDG)URP$UUD\'%/B'% 5HDG)URP$UUD\'%/ 7DJ,QB 7DJ5HT $UUD\'% 7DUJHW)LHOG (1 5(4 %86< 7DJ%XV\ '% '21( 7DJ'RQH ,1'(; (5525 7DJ(UURU 9$/8( (12 7DJ2XW The following table shows how the instruction works using specific operand values: Parameters Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. BUSY TagBusy BOOL DONE TagDone BOOL If the "TagIn1" operand has the signal state "1" and a positive edge is detected at the "TagReq" operand, the instruction is executed. The 2nd element is read from "ArrayDB" and output at the VALUE parameter. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is no longer changed. If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. After the instruction has been processed, the "TagDone" operand has the signal state TRUE. See also Overview of the valid data types (Page 2131) WRIT_DBL: Write to data block in the load memory (Page 3848) READ_DBL: Read from data block in the load memory (Page 3845) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Difference between synchronous and asynchronous instructions (Page 2436) Basic information on FBD (Page 4693) Memory areas (Page 944) 2938 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WriteToArrayDBL: Write to ARRAY data block in load memory (S7-1500) Description The instruction "Write to ARRAY data block in load memory" is used to write data to a data block of the ARRAY DB block type in the load memory. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". If a negative signal edge is detected at the BUSY parameter, the instruction is terminated and the value at the VALUE parameter is written to the data block. The DONE parameter then has the signal state "1" for one program cycle. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". If an error occurs during the execution of the instruction. Parameters The following table shows the parameters of the "Write to ARRAY data block in load memory" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con REQ = "1": Start writing to the stant array DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block to which data is written INDEX Input DINT I, Q, M, D, L, P or constant Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE 1) Input VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. WinCC Advanced V14 System Manual, 10/2016 BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being written DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully 2939 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) The data blocks must be created with the "Optimized" block property. Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8234 The data block is write protected. 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the VALUE parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. 2940 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: :ULWH7R$UUD\'%/B'% :ULWH7R$UUD\'%/ 7DJ,QB (1 7DJ5HT 5(4 %86< 7DJ%XV\ '% '21( 7DJ'RQH ,1'(; (5525 7DJ(UURU 9$/8( (12 $UUD\'% 6RXUFH)LHOG 7DJ2XW The following table shows how the instruction works using specific operand values: Parameters Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. BUSY TagBusy BOOL DONE TagDone BOOL If the "TagIn1" operand has the signal state "1" and a positive edge is detected at the "TagReq" operand, the instruction is executed. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is written to the 2nd element of the "ArrayDB". If the instruction is executed without errors, the enable output ENO has the signal state TRUE and the "TagOut" output is set. After the instruction has been processed, the "TagDone" operand has the signal state TRUE. See also Overview of the valid data types (Page 2131) WRIT_DBL: Write to data block in the load memory (Page 3848) READ_DBL: Read from data block in the load memory (Page 3845) Using ARRAY data blocks (Page 2121) VARIANT (Page 2191) Difference between synchronous and asynchronous instructions (Page 2436) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2941 Programming the PLC 11.4 Instructions VARIANT (S7-1200, S7-1500) VariantGet: Read out VARIANT tag value (S7-1200, S7-1500) Description You can use the "Read out VARIANT tag value" instruction to read the value of the tag to which the VARIANT at the SRC parameter points and write it in the tag at the DST parameter. The SRC parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the DST parameter. The data type of the tag specified at the DST parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT instruction: Move block" instruction. For additional information, refer to "See also". Enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The data types do not match (no value is transferred). Parameters The following table shows the parameters of the "Read out VARIANT tag value" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output SRC Input VARIANT L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) Tag to be read DST Output Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types I, Q, M, D, L, P Result of the in struction For additional information on valid data types, refer to "See also". 2942 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 9DULDQW*HW 7DJ,Q 7DJ,QB6RXUFH (1 (12 7DJ2XW 65& '67 7DJ2XWB'HVW If the "TagIn" operand has signal state "1", the instruction is executed. The value of the tag to which the VARIANT at the "#TagIn_Source" operand points, is read and written to the "TagOut_Dest" operand. See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) MOVE_BLK_VARIANT: Move block (Page 2917) Basic information on FBD (Page 4693) Memory areas (Page 944) VariantPut: Write VARIANT tag value (S7-1200, S7-1500) Description You can use the "Write VARIANT tag value" instruction to write the value of the tag at the SRC parameter to the memory at the DST parameter to which the VARIANT points. The DST parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the SRC parameter. The data type of the tag at the SRC parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT instruction: Move block" instruction. For additional information, refer to "See also". Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The data types do not correspond. (No value is transferred.) WinCC Advanced V14 System Manual, 10/2016 2943 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Write VARIANT tag value": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output SRC Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types I, Q, M, D, L, P Tag to be read DST Input VARIANT L (A declara Result of the in tion in the struction "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block interface is not possi ble.) Enable input You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: 9DULDQW3XW 7DJ,Q (1 7DJ,QB6RXUFH 65& 7DJ,QB'HVW '67 (12 7DJ2XW If the "TagIn" operand returns signal state "1", the instruction is executed. The value of the "TagIn_Source" operand is written to the tag to which the VARIANT at the #TagIn_Dest operand points. See also Overview of the valid data types (Page 2131) VARIANT (Page 2191) MOVE_BLK_VARIANT: Move block (Page 2917) Basic information on FBD (Page 4693) Memory areas (Page 944) 2944 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions CountOfElements: Get number of ARRAY elements (S7-1200, S7-1500) Description You use the "Get number of ARRAY elements" instruction to query how many ARRAY elements a tag to which VARIANT points has. If it is a multi-dimensional ARRAY, the number of ARRAY elements is output as the result. (The difference between the high and low limit +1). If it is a multi-dimensional ARRAY, the number of all dimensions is output as the result. Note ARRAY within a data block If you want to query the number of the elements of an ARRAY which is located in a data block, the block attribute "Data block write-protected in the device" must not be activated in this block. Otherwise, the RET_VAL parameter returns the result "0", irrespective of how many elements the ARRAY contains. The result is also "0" if the VARIANT tag is not an ARRAY. If the VARIANT points to an ARRAY of BOOL, the fill elements are included in the count. (For example, 8 is returned for an ARRAY[0..1] of BOOL). Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The VARIANT tag is not an ARRAY. (The result is "0".) Parameters The following table shows the parameters of the "Get number of ARRAY elements" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input VARIANT L (A declaration in Tag to be queried the "Temp" sec tion of the block in terface is not pos sible.) RET_VAL Output UDINT I, Q, M, D, L Result of the instruction You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 2945 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: &RXQW2I(OHPHQWV 7DJ,Q 7DJ,QB6RXUFH (12 (1 ,1 5(7B9$/ 7DJ2XW 7DJ2XWB5HW9DO If the "TagIn" operand returns signal state "1", the instruction is executed. The number of ARRAY elements of the tag to which the VARIANT at the #TagIn_Source operand points is read and output at the "TagOut_RetVal" operand. See also ARRAY (Page 2177) Overview of the valid data types (Page 2131) VARIANT (Page 2191) Basic information on FBD (Page 4693) Memory areas (Page 944) ARRAY[*] (S7-1200, S7-1500) LOWER_BOUND: Read out low ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. The "Read out ARRAY low limit" instruction is used to read out the variable low limit of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The dimension specified at input DIM does not exist. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. 2946 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Read out ARRAY low limit": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable low limit is to be read. FC => Sections In put and InOut DIM Input UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable low limit is to be read. OUT Output DINT I, Q, M, D, L, P Result Example The following example shows how the instruction works: /2:(5B%281' (QDEOHB6WDUW (1 $55$<B$ $55 ',0 (12 (QDEOHB2XW 287 5HVXOW If the "Enable_Start" operand returns signal state "1", the instruction is executed. It reads out the variable low limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Enable_Out" and operand "Result" is set. See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) Basic information on FBD (Page 4693) Memory areas (Page 944) UPPER_BOUND: Read out high ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. WinCC Advanced V14 System Manual, 10/2016 2947 Programming the PLC 11.4 Instructions The instruction "Read out ARRAY high limit" is used to read out the variable high limit of the ARRAY. Enable output ENO returns the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The dimension specified at input DIM does not exist. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. Parameters The following table shows the parameters of the instruction "Read out ARRAY high limit": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable high limit is to be read. FC => Sections In put and InOut DIM Input UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable high limit is to be read. OUT Output DINT I, Q, M, D, L, P Result Example The following example shows how the instruction works: 833(5B%281' (QDEOHB6WDUW (1 $55$<B$ $55 ',0 (12 (QDEOHB2XW 287 5HVXOW If the "Enable_Start" operand returns signal state "1", the instruction is executed. It reads out the variable high limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Enable_Out" and operand "Result" is set. 2948 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) Basic information on FBD (Page 4693) Memory areas (Page 944) Legacy (S7-1500) FieldRead: Read field (S7-1500) Description You can use the "Read field" instruction to read out a specific component from the field specified in the MEMBER parameter and transfer its content to the tag in the VALUE parameter. You use the parameter INDEX to define the index of the field components that are to be read. At the parameter MEMBER you specify the first component of the field to be read. The data types of the field component at parameter MEMBER, the index and the tags at parameter VALUE must correspond to the data type of the instruction "Read field" because implicit conversion is not possible. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The field component specified at the parameter INDEX is not defined in the field specified at the parameter MEMBER. Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Read field": Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put INDEX Input DINT DINT I, Q, M, D, L, I, Q, M, D, L, Index of field P or constant P or constant components whose con tent is read out 2949 Programming the PLC 11.4 Instructions Parameters Declaration Data type S7-1200 S7-1500 Memory area S7-1200 Description S7-1500 MEMBER Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR and WCHAR as components of an AR RAY tag Binary num D, L bers, inte gers, float ing-point numbers, timers, DATE, TOD, LTOD, CHAR and WCHAR as components of an AR RAY tag D, L First compo nent of the field from which will be read VALUE Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num I, Q, M, D, L, bers, inte P gers, float ing-point numbers, timers, DATE, TOD, LTOD CHAR, WCHAR I, Q, M, D, L, P Operand to which the contents of the field component are transfer red. You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: )LHOG5HDG 5($/ 7DJ,Q DBLQGH[ '%B 0DLQB)LHOG>@ (1 ,1'(; 9$/8( DBUHDO 7DJ2XW 0(0%(5 (12 The following table shows how the instruction works using concrete operand values: 2950 Parameters Tag Value INDEX a_index 4 MEMBER "DB_1".Main_Field[-10] First component of the "Main_Field[-10..10] of REAL" field in the data block "DB_1" VALUE a_real Component with index 4 of the "Main_Field[-10..10] of REAL" field WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The field component with index 4 is read from the "Main_Field[-10...10] of REAL" field and written to the "a_real" tag. The field component to be read is defined by the value at the parameter INDEX. See also Overview of the valid data types (Page 2131) Memory areas (Page 944) Basic information on FBD (Page 4693) FieldWrite: Write field (S7-1500) Description The "Write field" instruction is used to transfer the content of the tag at the VALUE input to a specific component of the field at the MEMBER output. You use the value at the INDEX input to specify the index of the field component that is described. At the MEMBER output, enter the first component of the field which is to be written to. The data types of the field component at parameter MEMBER, the index and the tags at parameter VALUE must correspond to the data type of the instruction "Read field" because implicit conversion is not possible. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The field component specified at the input INDEX is not defined in the field specified at the output MEMBER. Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Write field": Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put INDEX Input DINT DINT I, Q, M, D, L, I, Q, M, D, L, Index of field P or constant P or constant component that is writ ten with the content of VALUE 2951 Programming the PLC 11.4 Instructions Parameters Declaration Data type S7-1200 S7-1500 Memory area S7-1200 Description S7-1500 VALUE Input Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR, WCHAR Binary num I, Q, M, D, L, I, Q, M, D, L, bers, inte P or constant P or constant gers, float ing-point numbers, timers, DATE, TOD, LTOD CHAR, WCHAR Operand whose con tents are copied MEMBER Output Binary num bers, inte gers, float ing-point numbers, timers, DATE, TOD, CHAR and WCHAR as components of an AR RAY tag Binary num D, L bers, inte gers, float ing-point numbers, timers, DATE, TOD, LTOD, CHAR and WCHAR as components of an AR RAY tag First compo nent of the field to which the content of VALUE is written. D, L You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: )LHOG:ULWH 5($/ 7DJ,Q (1 DBLQGH[ ,1'(; DBUHDO 9$/8( 0(0%(5 '%B 0DLQB)LHOG>@ 7DJ2XW (12 The following table shows how the instruction works using concrete operand values: 2952 Parameters Operand Value INDEX a_index 4 VALUE a_real 10.54 MEMBER "DB_1".Main_Field[-10] First component of the "Main_Field[-10..10] of REAL" field in the data block "DB_1" WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The value "10.54" of the "a_real" tag is written to the field component with index 4 of the "Main_Field[-10 ... 10] of REAL" field. The index of the field component to which the content of the tag "a_real" is transferred is specified by the value at the input INDEX. See also Overview of the valid data types (Page 2131) Memory areas (Page 944) Basic information on FBD (Page 4693) BLKMOV: Move block (S7-1500) Description You can use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". The following figure shows the principle of the move operation: WinCC Advanced V14 System Manual, 10/2016 2953 Programming the PLC 11.4 Instructions '%'%: $ % '%'%: & ' '%'%: ( ) '%'%: * + 0RYH 7KHPRYHWDNHVSODFHLQ WKHGLUHFWLRQRIDVFHQGLQJ DGGUHVVHV 0: $ % 0: & ' 0: ( ) 0: * + 0HPRU\DUHD Consistency of source and destination data Make sure that the source data remain unchanged during the execution of the "Move block" instruction. Otherwise, consistency of the destination data cannot be guaranteed. Interruptibility There is no limit to the nesting depth. Memory areas You can use the "Move block" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap. If the source and destination area have different lengths, only the length of the smaller area will be moved. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. 2954 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. Rules for moving character strings You can use the "Move block" instruction to also move source and destination areas of the STRING data type. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length is also written to the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If you want to move the information on the maximum and actual length of a character string, specify the areas in bytes to the SRCBLK and DSTBLK parameters. Parameters The following table shows the parameters of the instruction "Move block": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output in the RET_VAL parameter. DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: WinCC Advanced V14 System Manual, 10/2016 Error code* (W#16#...) Explanation 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the SRCBLK parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the DSTBLK parameter. 2955 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: %/.029 9DULDQW 7DJ,Q 30%<7( (1 65&%/. 5(7B9$/ '67%/. 7DJB5HW9DO 3'%'%;%<7( 7DJ2XW (12 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) UBLKMOV: Move block uninterruptible (S7-1500) Description You can use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. 2956 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The move operation cannot be interrupted by other operating system activities. As a result the interrupt reaction time of the CPU can increase during the execution of the "Move block uninterruptible" instruction. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". Memory areas You can use the "Move block uninterruptible" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination area must not overlap during the execution of the "Move block uninterruptible" instruction. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. If a source or destination area defined as a formal parameter is smaller than a destination or source area specified in the SRCBLK or DSTBLK parameter, no data is transferred. If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. You can use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Rules for moving character strings You can use the "Move block uninterruptible" instruction to also move source and destination areas of the STRING data type. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length are not written in the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If areas of the STRING data type are moved, specify "1" as area length. WinCC Advanced V14 System Manual, 10/2016 2957 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Move block uninterruptible" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output in the RET_VAL parameter. DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code (W#16#...) Explanation 0000 No error 8091 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the SRCBLK parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the DSTBLK parameter. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: 8%/.029 9DULDQW 7DJ,Q 30%<7( (1 65&%/. 5(7B9$/ '67%/. 7DJB5HW9DO 3'%'%;%<7( 7DJ2XW (12 2958 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) FILL: Fill block (S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the content of another memory area (source area). The "Fill block" instruction moves the content of the source area to the destination area until the destination area is completely written. The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can use this tag in memory areas "with optimized block access". For blocks with the "Optimized block access" attribute, you can use the "FILL_BLK instruction. Fill block" instruction. The following figure shows the principle of the move operation: WinCC Advanced V14 System Manual, 10/2016 2959 Programming the PLC 11.4 Instructions ),// %9$/ $ % 0: $ % 0: & ' 0: & ' 0: ( ) 0: ( ) 0: * + 0: * + 0: $ % 0: & ' 0: ( ) 0: * + 0: $ % 0: & ' 0: %/. Consistency of source and destination data Note that while the instruction "Fill block" is being executed, the source data remains unchanged; otherwise the consistency of the destination data cannot be guaranteed. Memory areas You can use the "Fill block" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap. If the destination area to be preset is not an integer multiple of the length of the BVAL input parameter, the destination area is nevertheless written up to the last byte. If the destination area to be preset is smaller than the source area, the function only copies as much data as can be written to the destination area. If the destination or source area actually present is smaller than the assigned memory area for the source or destination area (BVAL, BLK parameters), no data is transferred. If the ANY pointer (source or destination) is of the data type BOOL, it must be addressed absolutely and the length specified must be divisible by 8; otherwise the instruction is not executed. 2960 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the destination area is data type STRING, the instruction writes the entire string including the administration information. Rules for moving structures When you transfer a structure as an input parameter you must bear in mind that the length of a structure is always oriented to an even number of bytes. The structure will need one byte of additional memory space if you declare a structure with an odd number of bytes. Parameters The following table shows the parameters of the "Fill block" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO BVAL Output BOOL I, Q, M, D, L Enable output Input VARIANT I, Q, M, D, L, P Specification of the memory area (source area), the con tent of which is used to fill the destination area at the BLK parameter. RET_VAL Output INT I, Q, M, D, L, P Error information: If an error occurs during exe cution of the instruction, an error code is output in the RET_VAL parameter. BLK Output 1) VARIANT I, Q, M, D, L, P Specification of the memory area that will be filled with the content of the source area. 1) The BLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BVAL parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BLK parameter. The WSTRING, WCHAR, and BOOL, data types are not sup ported. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 2961 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: ),// 9DULDQW 7DJ,Q 30:25' (1 %9$/ 5(7B9$/ %/. 7DJB5HW9DO 30:25' 7DJ2XW (12 If the "TagIn" operand has signal state "1", the instruction is executed. The instruction copies the source area from MW14 to MW20 and fills the destination area from MW100 to MW118 with the content of the 4 words contained in the memory area in the BVAL parameter. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) Conversion operations (S7-1200, S7-1500) CONVERT: Convert value (S7-1200, S7-1500) Description The "Convert value" instruction reads the content of the IN parameter and converts it according to the data types set in the instruction box. The converted value is output at the OUT output. The enable output ENO has the signal state "0" if one of the following conditions applies: The EN enable input has the signal state "0". Errors, such as an overflow, occur during execution. 2962 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Conversion options for bit strings The bit strings BYTE and WORD cannot be selected in the instruction box. However, it is possible to specify an operand of data type DWORD or LWORD at a parameter of the instruction if the lengths of the input and output operands match. The operand will be interpreted and implicitly converted from the data type of a bit string according to the data type of the input or output parameter. The data type DWORD is for example interpreted as DINT/ UDINT and LWORD as LINT/ULINT. These conversion options are also available to you when "IEC check" is enabled. Note For CPUs of the S7-1500 series: The data types DWORD and LWORD can only be converted to or from data type REAL or LREAL. During the conversion, the bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. If no errors occur during the conversion, the signal state of enable output ENO = 1; if an error occurs during processing, the signal state of the enable output ENO = 0. Parameters The following table shows the parameters of the "Convert value" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Bit strings, inte I, Q, M, D, L, gers, floating-point P or constant numbers, CHAR, WCHAR, BCD16, BCD32 I, Q, M, D, L, Value to be con P or constant verted. OUT Output Bit strings, inte I, Q, M, D, L, gers, floating-point P numbers, CHAR, WCHAR, BCD16, BCD32 I, Q, M, D, L, P Result of the con version You can select the data types of the instruction from the "???" drop-down lists of the instruction box. WinCC Advanced V14 System Manual, 10/2016 2963 Programming the PLC 11.4 Instructions Example The following example shows conversion of an integer (16 bit) to another integer (32 bit): &219 ,17 7DJ,Q ,QSXWB,17 WR ',17 (1 (12 ,1 287 7DJ2XW 2XWSXWB',17 The following example shows conversion of a byte (8 bit) to the integer SINT (8 bit): &219 6,17 WR 7DJ,Q ,QSXWB%<7( 6,17 (1 (12 ,1 287 7DJ2XW 2XWSXWB6,17 The following example shows the conversion of a byte (8 bit) to the unsigned integer USINT (8 bit): &219 86,17 WR 86,17 7DJ,Q ,QSXWB%<7( (1 (12 ,1 287 7DJ2XW 2XWSXWB86,17 The conversions are possible, because the length of the two operands is the same. See also Overview of the valid data types (Page 2131) Data type conversion for S7-1200 (Page 2332) Basic information on FBD (Page 4693) Memory areas (Page 944) ROUND: Round numerical value (S7-1200, S7-1500) Description You can use the "Round numerical value" instruction to round the value at input IN to the nearest integer. The instruction interprets the value at input IN as a floating-point number and converts this to the nearest integer. If the input value is exactly between an even and odd number, then the even number is converted. The result of the instruction is output at the OUT output and can be queried there. 2964 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the "Round numerical value" instruction: Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, T, C Enable input EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value to be rounded. OUT Output Integers, float ing-point num bers I, Q, M, D, L, P I, Q, M, D, L, P Result of the rounding You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 5281' 5($/ WR ',17 7DJ,Q 7DJ,QB9DOXH (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 1.50000000 -1.50000000 OUT TagOut_Value 2 -2 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at input "TagIn_Value" is rounded to the nearest even integer and sent to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Explicit conversions (Page 2354) WinCC Advanced V14 System Manual, 10/2016 2965 Programming the PLC 11.4 Instructions Basic information on FBD (Page 4693) Memory areas (Page 944) CEIL: Generate next higher integer from floating-point number (S7-1200, S7-1500) Description You can use the "Generate next higher integer from floating-point number" instruction to round the value at input IN to the next higher integer. The instruction interprets the value at input IN as a floating-point number and converts this to the next higher integer. The result of the instruction is output at the OUT output and can be queried there. The output value can be greater than or equal to the input value. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Generate next higher integer from floating-point number": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value as floating-point number OUT Output Integers, float ing-point num bers I, Q, M, D, L, P I, Q, M, D, L, P Result with the next higher in teger You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". 2966 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: &(,/ 5($/ 7DJ,Q 7DJ,QB9DOXH WR ',17 (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0.50000000 -0.50000000 OUT TagOut_Value 1 0 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at input "TagIn_Value" is rounded to the next higher integer and sent to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Explicit conversions (Page 2354) Basic information on FBD (Page 4693) Memory areas (Page 944) FLOOR: Generate next lower integer from floating-point number (S7-1200, S7-1500) Description You can use the "Generate next lower integer from floating-point number" instruction to round the value at input IN to the next lower integer. The instruction interprets the value at input IN as a floating-point number and converts this to the next lower integer. The result of the instruction is provided at output OUT and can be queried there. The output value can be less than or equal to the input value. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors, such as an overflow, occur during execution. WinCC Advanced V14 System Manual, 10/2016 2967 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Generate next lower integer from floating-point number": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value as floating-point number OUT Output Integers, float ing-point num bers I, Q, M, D, L, P I, Q, M, D, L, P Result with the next lower inte ger You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 5($/ 7DJ,Q 7DJ,QB9DOXH )/225 WR ',17 (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0.50000000 -0.50000000 OUT TagOut_Value 0 -1 If the "TagIn" operand has signal state "1", the instruction is executed. The floating-point number at input "TagIn_Value" is rounded to the next lower integer and displayed at output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Explicit conversions (Page 2354) Basic information on FBD (Page 4693) Memory areas (Page 944) 2968 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TRUNC: Truncate numerical value (S7-1200, S7-1500) Description You can use the "Truncate numerical value" instruction to form an integer from the value at input IN. The value at input IN is interpreted as a floating-point number. The instruction selects only the integer part of the floating-point number and sends this to output OUT without decimal places. The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". Errors, such as an overflow, occur during execution. Parameters The following table shows the parameters of the instruction "Truncate numerical value": Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input Floating-point numbers I, Q, M, D, L or con Input value as floating-point stant number OUT Output Integers, floatingpoint numbers I, Q, M, D, L Result with integer part of the floating-point number You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 5($/ 7DJ,Q 7DJ,QB9DOXH 7581& WR ',17 (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 1.50000000 -1.50000000 OUT TagOut_Value 1 -1 If the "TagIn" operand has signal state "1", the instruction is executed. The integer part of the floating-point number at input "TagIn_Value" is converted to an integer and sent to output "TagOut_Value". If the instruction is executed without errors, the "TagOut" output is set. WinCC Advanced V14 System Manual, 10/2016 2969 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Explicit conversions (Page 2354) Basic information on FBD (Page 4693) Memory areas (Page 944) SCALE_X: Scale (S7-1200, S7-1500) Description You can use the "Scale" instruction to scale the value at the VALUE input by mapping it to a specified value range. When the instruction "Scale" is executed, the floating-point value at input VALUE is scaled to the value range, which is defined by the parameters MIN and MAX. The result of the scaling is an integer, which is stored at output OUT. The following figure shows an example of how values can be scaled: 0$; 287 0,1 9$/8( The "Scale" instruction works with the following equation: OUT = [VALUE (MAX - MIN)] + MIN The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input MIN is greater than or equal to the value at input MAX. The value of a specified floating-point number is outside the range of the normalized numbers according to IEEE-754. An overflow occurs. The value at input VALUE is NaN (Not a number = result of an invalid arithmetic operation). 2970 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note For more information on the conversion of analog values, refer to the respective manual. Parameters The following table shows the parameters of the "Scale" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output MIN Input Integers, float ing-point num bers I, Q, M, D, L or constant I, Q, M, D, L or constant Low limit of the value range VALUE Input Floating-point numbers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be scaled. If you enter a constant, you must declare it. MAX Input Integers, float ing-point num bers I, Q, M, D, L or constant I, Q, M, D, L or constant High limit of the value range OUT Output Integers, float ing-point num bers I, Q, M, D, L I, Q, M, D, L Result of scal ing You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". For additional information on declaring constants, refer to "See also". Example The following example shows how the instruction works: 6&$/(B; 5($/ 7DJ,Q 7DJB0,1 WR ',17 (1 0,1 7DJB9DOXH 9$/8( 287 7DJB0$; 0$; (12 7DJB5HVXOW 7DJ2XW WinCC Advanced V14 System Manual, 10/2016 6 2971 Programming the PLC 11.4 Instructions The following table shows how the instruction works using concrete operand values: Parameters Operand Value MIN Tag_MIN 10 VALUE Tag_Value 0.5 MAX Tag_MAX 30 OUT Tag_Result 20 If the "TagIn" operand has signal state "1", the instruction is executed. The value at input "Tag_Value" is scaled to the range of values defined by the values at inputs "Tag_MIN" and "Tag_MAX". The result is stored at output "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) NORM_X: Normalize (S7-1200, S7-1500) Description You can use the instruction "Normalize" to normalize the value of the tag at the VALUE input by mapping it to a linear scale. You can use the parameters MIN and MAX to define the limits of a value range that is applied to the scale. Depending on the location of the normalized value in this value range, the result at output OUT is calculated and stored as a floating-point number. If the value to be normalized is equal to the value at input MIN, output OUT returns the value "0.0". If the value to be normalized is equal to the value at input MAX, output OUT returns the value "1.0". The following figure shows an example of how values can be normalized: 2972 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 287 0,1 0$; 9$/8( The "Normalize" instruction works with the following equation: OUT = (VALUE - MIN) / (MAX - MIN) The enable output ENO has the signal state "0" if one of the following conditions applies: Enable input EN has the signal state "0". The value at input MIN is greater than or equal to the value at input MAX. The value of a specified floating-point number is outside the range of the normalized numbers according to IEEE-754. The value at input VALUE is NaN (result of an invalid arithmetic operation). Note For more information on the conversion of analog values, refer to the respective manual. Parameters The following table shows the parameters of the instruction "Normalize": Parameters EN WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 Description Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output MIN Input Integers, float ing-point num bers I, Q, M, D, L or constant I, Q, M, D, L or constant Low limit of the value range 1) 2973 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 Description VALUE 1) Input Integers, float ing-point num bers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be nor malized. MAX 1) Input Integers, float ing-point num bers I, Q, M, D, L or constant I, Q, M, D, L or constant High limit of the value range OUT Output Floating-point numbers I, Q, M, D, L I, Q, M, D, L Result of the normalization 1) If you use constants in these three parameters, you only need to declare one of them. You can select the data types of the instruction from the "???" drop-down lists of the instruction box. For additional information on valid data types, refer to "See also". For additional information on declaring constants, refer to "See also". Example The following example shows how the instruction works: 1250B; ',17 7DJ,Q 7DJB0,1 WR 5($/ (1 0,1 7DJB9DOXH 9$/8( 287 7DJB0$; 0$; (12 7DJB5HVXOW 7DJ2XW 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value MIN Tag_MIN 10 VALUE Tag_Value 20 MAX Tag_MAX 30 OUT Tag_Result 0.5 If the "TagIn" operand has signal state "1", the instruction is executed. The value at input "Tag_Value" is assigned to the range of values defined by the values at inputs "Tag_MIN" and "Tag_MAX". The tag value at input "Tag_Value" is normalized corresponding to the defined value range. The result is stored as a floating-point number at output "Tag_Result". If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. 2974 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) Legacy (S7-1500) SCALE: Scale (S7-1500) Description Use the "Scale" instruction to convert the integer in the IN parameter into a floating-point number, which can be scaled in physical units between a low limit value and a high limit value. You use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is scaled. The result of the instruction is output at the OUT parameter. The "Scale" instruction works with the following equation: OUT = [((FLOAT (IN) - K1)/(K2-K1)) (HI_LIM-LO_LIM)] + LO_LIM The values of the constants "K1" and "K2" are determined by the signal state of the BIPOLAR parameter. The following signal states are possible in the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case, the constant "K1" has the value -27648.0 and the constant "K2" the value +27648.0. Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case, the constant "K1" has the value 0.0 and the constant "K2" the value +27648.0. When the value at the IN parameter is greater than the value of the constant "K2", the result of the instruction is set to the value of the high limit (HI_LIM) and an error is output. When the value at the IN parameter is less than the value of the constant "K1", the result of the instruction is set to the value of the low limit value (LO_LIM) and an error is output. When the indicated low limit value is greater than the high limit value (LO_LIM > HI_LIM), the result is scaled in reverse proportion to the input value. Parameters The following table shows the parameters of the "Scale" instruction: Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output 2975 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area S7-1200 S7-1500 Description IN Input INT I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value to be scaled. HI_LIM Input REAL I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant High limit LO_LIM Input REAL I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Low limit BIPOLAR Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Indicates if the value at IN pa rameter is to be interpreted as bipolar or unipolar. The parameter can assume the fol lowing values: 1: Bipolar 0: Unipolar OUT Output REAL I, Q, M, D, L, P I, Q, M, D, L, P Result of the in struction RET_VAL Output WORD I, Q, M, D, L, P I, Q, M, D, L, P Error informa tion Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 0008 The value of the IN parameter is greater than the value of the "K2" constant or less than the value of the "K1" constant. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal values in the program editor. You will find information on changing display formats in "See also". 2976 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6&$/( 7DJ,Q 7DJB,QSXW9DOXH (1 ,1 7DJB+LJK/LPLW +,B/,0 5(7B9$/ 7DJB/RZ/LPLW /2B/,0 287 7DJB%LSRODU %,32/$5 7DJB(UURU&RGH 7DJB2XWSXW9DOXH 7DJ2XW (12 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN Tag_InputValue 22 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 BIPOLAR Tag_Bipolar 1 OUT Tag_OutputValue 50.03978588 RET_VAL Tag_ErrorCode W#16#0000 See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) UNSCALE: Unscale (S7-1500) Description You use the "Unscale" instruction to unscale the floating-point number in the IN parameter into physical units between a low limit and a high limit and convert it into an integer. You use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is unscaled. The result of the instruction is output at the OUT parameter. The "Unscale" instruction works with the following equation: OUT = [ ((IN-LO_LIM)/(HI_LIM-LO_LIM)) (K2-K1) ] + K1 WinCC Advanced V14 System Manual, 10/2016 2977 Programming the PLC 11.4 Instructions The values of the "K1" and "K2" constants are determined by the signal state at the BIPOLAR parameter. The following signal states are possible at the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case, the constant "K1" has the value -27648.0 and the constant "K2" the value +27648.0. Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case, the constant "K1" has the value 0.0 and the constant "K2" the value +27648.0. When the value at parameter IN is not within the limits defined by HI_LIM and LO_LIM, an error is output and the result is set to the nearest limit. When the indicated low limit value is greater than the high limit value (LO_LIM > HI_LIM), the result is scaled in reverse proportion to the input value. Parameters The following table shows the parameters of the "Unscale" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Input BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input REAL I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Input value to be unscaled to an integer val ue. HI_LIM Input REAL I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant High limit LO_LIM Input REAL I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Low limit BIPOLAR Input BOOL I, Q, M, D, L or constant I, Q, M, D, L or constant Indicates whether the value at the IN parameter is to be interpreted as bipolar or unipolar. The parameter can assume the fol lowing values: 1: Bipolar 0: Unipolar 2978 OUT Output INT I, Q, M, D, L, P I, Q, M, D, L, P Result of the in struction RET_VAL Output WORD I, Q, M, D, L, P I, Q, M, D, L, P Error informa tion WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 0008 The value of the IN parameter is greater than the value of the high limit (HI_LIM) or less than the value of the low limit (LO_LIM). General error information See also: "GET_ERR_ID: Get error ID locally" * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats here: AUTOHOTSPOT Example The following example shows how the instruction works: 816&$/( 7DJ,Q 7DJB,QSXW9DOXH (1 ,1 7DJB+LJK/LPLW +,B/,0 5(7B9$/ 7DJB/RZ/LPLW /2B/,0 287 7DJB%LSRODU %,32/$5 7DJB(UURU&RGH 7DJB2XWSXW9DOXH 7DJ2XW (12 The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_InputValue 50.03978588 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 BIPOLAR Tag_Bipolar 1 OUT Tag_OutputValue 22 RET_VAL Tag_ErrorCode W#16#0000 See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 2979 Programming the PLC 11.4 Instructions Program control operations (S7-1200, S7-1500) JMP: Jump if RLO = 1 (S7-1200, S7-1500) Description You can use the "Jump if RLO = 1" instruction to interrupt the linear execution of the program and resume it in another network. The target network must be identified by a jump label (LABEL). The jump label description is entered in the placeholder above the instruction box. The specified jump label must be in the same block in which the instruction is executed. The name you specify can only occur once in the block. Only one jumping coil can occur in a network. If the result of logic operation (RLO) at the input of the instruction is "1", the jump to the network identified by the jump label is executed. The jump direction can be towards higher or lower network numbers. If the condition at the input of the instruction is not fulfilled (RLO = 0), execution of the program continues in the next network. Example The following example shows how the instruction works: 1HWZRUN &$6 7DJ,QB 1HWZRUN -03 7DJ2XWB 5 7DJ,QB 1HWZRUN &$6 7DJ2XWB 7DJ,QB 5 If the "TagIn_1" operand has signal state "1", the instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If input "TagIn_3" has the signal state "1", output "TagOut_3" is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2980 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions JMPN: Jump if RLO = 0 (S7-1200, S7-1500) Description You can use the instruction "Jump if RLO = 0" to interrupt the linear execution of the program and resume it in another network, when the result of logic operation at the input of the instruction is "0". The target network must be identified by a jump label (LABEL). The jump label description is entered in the placeholder above the instruction box. The specified jump label must be in the same block in which the instruction is executed. The name you specify can only occur once in the block. Only one jumping coil can occur in a network. If the result of logic operation (RLO) at the input of the instruction is "0", the jump to the network identified by the jump label is executed. The jump direction can be towards higher or lower network numbers. If the result of the logic operation RLO at the input of the instruction is "1", execution of the program continues in the next network. Example The following example shows how the instruction works: 1HWZRUN &$6 7DJ,QB 1HWZRUN -031 7DJ2XWB 5 7DJ,QB 1HWZRUN &$6 7DJ2XWB 7DJ,QB 5 If the "TagIn_1" operand has signal state "0", the instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If input "TagIn_3" has the signal state "1", output "TagOut_3" is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 2981 Programming the PLC 11.4 Instructions LABEL: Jump label (S7-1200, S7-1500) Description The jump label identifies a destination network in which the execution of the program can be resumed after the execution of a jump instruction. The jump label and the instruction in which the jump label is specified must be located in the same block. The name of a jump label can only be assigned once in a block. You can declare up to 32 jump labels when you use a CPU S7-1200 and a maximum of 256 jump labels when you use a CPU S7-1500. Only one jump label can be placed in a network. Each jump label can jump to several locations. Adhere to the following grammatical rules for jump labels: Letters (a to z, A to Z) A combination of letters and numbers. Check that the order is correct, i.e. first the letters, then the numbers (a - z, A - Z, 0 - 9). Special characters or a combination of letters and numbers must not be used in reverse order, i.e. first the numbers and then the letters (0-9, a - z, A - Z). Example The following example shows how the instruction works: 1HWZRUN &$6 7DJ,QB 1HWZRUN -03 7DJ2XWB 5 7DJ,QB 1HWZRUN &$6 7DJ2XWB 7DJ,QB 5 If the "TagIn_1" operand has signal state "1", the instruction is executed. The linear execution of the program is interrupted and continues in Network 3, which is identified by the jump label CAS1. If the "TagIn_3" input has the signal state "1", output "TagOut_3" is reset. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 2982 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions JMP_LIST: Define jump list (S7-1200, S7-1500) Description You can use the "Define jump list" instruction to define several conditional jumps and continue the program execution in a specific network depending on the value of the K parameter. You define the jumps with jump labels (LABEL), which you specify at the outputs of the instruction box. The number of outputs can be expanded in the instruction box. You can declare up to 32 outputs when you use a CPU S7-1200 and a maximum of 256 outputs when you use a CPU S7-1500. The numbering of the outputs begins with the value "0" and is continued in ascending order with each new output. Only jump labels can be specified at the outputs of the instruction. Instructions or operands cannot be specified. The value of the K parameter specifies the number of the output and thus the jump label where the program execution is to be resumed. If the value in the K parameter is greater than the number of available outputs, the program execution is resumed in the next network of the block. The "Define jump list" instruction is only executed if the signal state is "1" at the EN enable input. Parameters The following table shows the parameters of the "Define jump list" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, L, D Enable input K Input UINT I, Q, M, L, D or con Specifies the number of the stant output and thus the jump that is to be made. DEST0 - - - First jump label DEST1 - - - Second jump label DESTn - - - Optional jump labels For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: -03B/,67 7DJB,QSXW (1 7DJB9DOXH . WinCC Advanced V14 System Manual, 10/2016 '(67 /$%(/ '(67 /$%(/ '(67 /$%(/ 2983 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand/jump label Value K Tag_Value 1 DEST0 LABEL0 Jump to the network that is iden tified with the jump label "LA BEL0". DEST1 LABEL1 Jump to the network that is iden tified with the jump label "LA BEL1". DEST2 LABEL2 Jump to the network that is iden tified with the jump label "LA BEL2". If the "Tag_Input" operand has signal state "1", the instruction is executed. The execution of the program is continued according to the value of the operand "Tag_Value" in the network that is identified with the jump label "LABEL1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SWITCH: Jump distributor (S7-1200, S7-1500) Description You can use the "Jump distributor" instruction to define multiple program jumps to be executed depending on the result of one or more comparison instructions. You specify the value to be compared in the K parameter. This value is compared with the values that are provided by the various inputs. You can select the comparison method for each individual input. The availability of the various comparison instructions depends on the data type of the instruction. The following table shows the comparison instructions that are available depending on the selected data type: Data type 2984 S7-1200 S7-1500 Bit strings Bit strings Instruction Syntax Equal == Not equal <> WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Data type S7-1200 Instruction Syntax Equal == S7-1500 Integers, floating- Integers, floatingpoint numbers, point numbers, TIME, DATE, TOD TIME, LTIME, DATE, TOD, LTOD, LDT Not equal <> Greater or equal >= Less or equal <= Greater than > Less than < You can select the data type of the instruction from the "???" drop-down list of the instruction box. If you select a comparison instruction and the data type of the instruction is not yet defined, then the "???" drop-down list will only list those data types that are permitted for the selected comparison instruction. Execution of the instruction begins with the first comparison and runs until a comparison condition is met. If a comparison condition is met, the subsequent comparison conditions are not considered. If none of the specified comparison conditions are fulfilled, the jump is executed at output ELSE. If not jump label is defined at output ELSE, the linear execution of the program is not interrupted but instead continued in the next network. In its initial state the instruction box contains at least 2 outputs (DEST0 and DEST1). The number of outputs can be extended. The numbering of the outputs begins with the value "0" and is continued in ascending order with each new output. Specify jump labels (LABEL) at the outputs of the instruction. Instructions or operands cannot be specified at the outputs of the instruction. An input is automatically inserted to each additional output. The jump programmed at an output is executed if the comparison condition of the corresponding input is fulfilled. Parameters The following table shows the parameters of the instruction "Jump distributor": Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration S7-1500 Memory area Description S7-1200 Data type EN Input BOOL BOOL I, Q, M, D, L Enable input K Input UINT UINT I, Q, M, D, L or constant Specifies the value to be compared. <Compari son values> Input Bit strings, inte gers, floatingpoint numbers, TIME, DATE, TOD Bit strings, inte I, Q, M, D, L gers, floating- or constant point numbers, TIME, LTIME, DATE, TOD, LTOD, LDT Input values with which the value of the parameter K is compared. DEST0 - - - - First jump label DEST1 - - - - Second jump label 2985 Programming the PLC 11.4 Instructions Parameters DEST(n) Declaration Data type - S7-1500 Memory area Description S7-1200 - - - Optional jump labels: S7-1200: n = 2 to 32 S7-1500: n = 2 to 256 ELSE - - - - Program jump which is executed if none of the comparison conditions are fulfil led. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 6:,7&+ 8,17 7DJB,QSXW (1 7DJB9DOXH . 7DJB9DOXHB '(67 /$%(/ 7DJB9DOXHB ! '(67 /$%(/ 7DJB9DOXHB '(67 /$%(/ (/6( /$%(/ The following table shows how the instruction works using specific operand values: 2986 Parameters Operand/jump label Value K Tag_Value 23 == Tag_Value_1 20 > Tag_Value_2 21 < Tag_Value_3 19 DEST0 LABEL0 Jump to jump label "LABEL0", if the value of parameter K is equal to 20. DEST1 LABEL1 Jump to jump label "LABEL1", if the value of parameter K is great er than 21. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Operand/jump label Value DEST2 LABEL2 Jump to jump label "LABEL2", if the value of parameter K is less than 19. ELSE LABEL3 Jump to jump label "LABEL3", if the none of the comparison con ditions are fulfilled. If the operand "Tag_Input" changes to signal state "1", the instruction is executed. The execution of the program is continued in the network that is identified with the jump label "LABEL1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) RET: Return (S7-1200, S7-1500) Description You can use the "Return" instruction to stop the execution of a program block conditionally or absolutely. The signal state of the return value (operand) is mapped in the enable output ENO of the calling program block when the program block is exited. There are three ways that the execution of a program block can be ended: Termination of the program block Description Without a call of the instruc The program block is exited after the execution of the last network. The tion enable output ENO of the calling program block is set to signal state "1". Call of the instruction with preceding logic operation (see example) If the preceding logic operation is fulfilled, the program execution in the currently called program block is ended and the program block is exited. (Conditional program block end) The program execution is continued in the calling program block (e.g. an OB) after the program block call. The enable output ENO of the calling program block corresponds to the oper and. Call of the instruction with The program block is exited unconditionally. (Absolute program block out preceding logic or the end) The enable output ENO of the calling program block corresponds to instruction is directly con the operand. nected to the left power rail. If an organization block (OB) is ended, another program block is selected by the execution level system and started or further executed. If the OB program cycle is ended, it is restarted. If an OB is ended that has interrupted another program block (e.g. an interrupt OB), then the interrupted program block (e.g. program cycle OB) is further executed. WinCC Advanced V14 System Manual, 10/2016 2987 Programming the PLC 11.4 Instructions Note RET instruction in relation with JMP and JMPN If a network already contains the "JMP: Jump if RLO = 1" or "JMPN: Jump if RLO = 0 instruction, the RET: Return" instruction must not be used. Only one jumping coil may be used in a network Possible settings of the return value (operand) The return value of the instruction can assume the following values: Ret (RLO, corresponds to the result of logic operation RLO. The signal state "1" is supplied to the enable output ENO of the calling program block because the RET instruction is only then executed as a conditional instruction when the condition is TRUE.) Ret True or Ret False (the respective value of the constant, TRUE or FALSE, is supplied to the calling program block.) Ret Value (the value of the Boolean tag <Operand> is supplied to the calling program block.) To set the return value of the instruction, click the small yellow triangle of the instruction and select the desired value in the drop-down list. The following table shows the status of the calling program block when the instruction is programmed in a network within the called program block: RLO Return value ENO of the calling program block 1 RLO 1 TRUE 1 FALSE 0 <Operand> <Operand> Boolean tag with possible memo ry areas I, Q, M, D, L, T, and C 0 RLO TRUE The program execution is continued in the next network of the called program block. FALSE <Operand> Example The following example shows how the instruction works: 7DJ,QB 7DJ,QB ! )$/6( 5(7 If one of the operands "TagIn_1" or "TagIn_2" have signal state "1", the instruction is executed. Program execution is ended in the called program block and continues in the calling program block. The enable output ENO of the calling program block is reset to signal state "0". 2988 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) Runtime control (S7-1200, S7-1500) ENDIS_PW: Limit and enable password legitimation (S7-1200, S7-1500) Description You use the "Limit and enable password legitimation" instruction to specify whether passwords configured for the CPU are legitimized or not. In this way, you can prevent legitimized connections, even if the correct password is known. When the instruction is called and the REQ parameter has the signal state "0", the currently set state is displayed at the output parameters. If changes have been made to the input parameters, these are not transferred to the output parameters. When the instruction is called and the REQ parameter has the signal state "1", the signal state is taken from the input parameters (F_PWD, FULL_PWD, R_PWD, HMI_PWD). If signal state "0" is present, authorization via password is not allowed. If signal state "1" is present, the password can be used. Disable or enabling of the passwords can be allowed or prohibited individually. For example, all passwords can be prohibited except the fail-safe password. You can thus limit access options to a small user group. The output parameters (F_PWD_ON, FULL_PWD_ON, R_PWD_ON, HMI_PWD_ON) always show the current status of the password use, regardless of the REQ parameter. Passwords that are not configured must have the signal state TRUE at the input and return the signal state TRUE at the output. The fail-safe password can only be configured for an FCPU and must therefore always be interconnected with the signal state TRUE in a standard CPU. If the instruction returns an error, the call has no effect and the previous lock is still in effect. Disabled passwords can be enabled again under the following conditions: The CPU is reset to its factory settings. The front panel of the S7-1500 CPU supports a dialog that allows you to navigate to the appropriate menu in which the passwords can be enabled again. When you call the "Limit and enable password legitimation" instruction, the input parameter of the desired password has the signal state "1". Set the mode selector to STOP. The restriction to password legitimation is re-established as soon as the switch is set back to RUN. WinCC Advanced V14 System Manual, 10/2016 2989 Programming the PLC 11.4 Instructions Plugging an empty memory card (transfer module or program card) into an S7-1200 CPU. The transition from POWER OFF to POWER ON disables the protection in the S7-1200 CPU. The "Limit and enable password legitimation" instruction must be called once again in the program (e.g. in the startup OB). Note The "Limit and enable password legitimation" instruction blocks access from HMI systems if the HMI password has not been enabled. Note Existing legitimized connections retain their access rights and you cannot use the "Limit and enable password legitimation" instruction to restrict them. Preventing unintentional lockout on an S7-1500 CPU The settings can be made on the front panel of the CPU and the CPU saves the most recent setting. To prevent accidental lockout, the protection can be disabled by setting the mode selector to STOP with an S7-1500 CPU. The protection is automatically enabled again by setting mode selector to RUN without having to call the "Limit and enable password legitimation" instruction again or taking additional actions on the front panel. Preventing unintentional lockout on an S7-1200 CPU Because the S7-1200 CPU does not have a mode switch, protection is disabled with POWER OFF - POWER ON. This means that it is possible and advisable to prevent accidental lockout with the help of specific program sequences within your program. To do so, program a time control either by means of a cyclic interrupt OB or a timer in the Main OB (OB 1). This gives you the option of calling the "Limit and enable password legitimation" instruction in the respective OB (e.g., OB 1 or OB 35) relatively quickly after a transition from POWER OFF to POWER ON and the associated disabling of the protection. Call the instruction in the startup OB (OB 100) to keep the time window in which the instruction is inactive and there are no limitations for password legitimation relatively small. This procedure will give you the best possible protection from unauthorized access. If there has been an accidental lockout, you can skip the call in the startup OB (by querying an input parameter, for example) and you have the set time (for example, 10 seconds up to 1 minute) to establish a connection to the CPU before the lock becomes active once again. If there is no timer in your program code and a lockout has occurred, insert an empty transfer card or an empty program card into the CPU. The empty transfer card or program card deletes the internal load memory of the CPU. You must then download the user program once again from STEP 7 to the CPU. 2990 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Procedure for lost passwords with an S7-1200 CPU If you have lost the password for a password-protected S7-1200 CPU, delete the passwordprotected program with an empty transfer card or program card. The empty transfer card or program card deletes the internal load memory of the CPU. You can then load a new user program from STEP 7 Basic in the CPU. WARNING Inserting an empty transfer card When you insert a transfer card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. Once you have pulled the transfer card, the content of the transfer card is available in the internal load memory. Make sure that the card does not include a program at this point. WARNING Inserting an empty program card When you insert a program card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. Make sure that the program card is empty. The internal load memory is copied to the empty program card. Once you have pulled the previously empty program card, the internal load memory is empty. You must remove the transfer card or program card before you put the CPU into RUN mode. WinCC Advanced V14 System Manual, 10/2016 2991 Programming the PLC 11.4 Instructions Effects of password use on the operating modes The following table shows what effects the password use by means of the "Limit and enable password legitimation" instruction has on the operating modes and the corresponding user actions. Action Password protection by means of the instruc tion Basic state after Not activated Operating mode switch to STOP (no restrictions) Reset memory manually (PG, switch, change of MC (Motion Control)) Reset to factory setting Basic state after POWER ON S7-1200 CPU: The lock is disabled and the instruction must be called once again in the program (e.g., in the startup OB). S7-1500 CPU: Enabled (if a lock was activated before POWER OFF). The option of not allowing passwords is retentive. Operating mode transition RUN/STARTUP/HOLD -> Activated STOP (by terminating the instruction, an error or com Passwords still cannot be used. munication) or STOP -> STARTUP/RUN/HOLD Parameters The following table shows the parameters of the "Limit and enable password legitimation" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L or con When the REQ parameter stant has the signal state "0", the currently set signal state of the passwords is queried. F_PWD Input BOOL I, Q, M, D, L or con Read/write access including stant fail-safe F_PWD = "0": Do not allow password F_PWD = "1": Allow password FULL_PWD Input BOOL I, Q, M, D, L or con Read/write access stant FULL_PWD = "0": Do not allow password FULL_PWD = "1": Allow password 2992 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area R_PWD Input BOOL I, Q, M, D, L or con Read access stant R_PWD = "0": Do not allow password Description R_PWD = "1": Allow password HMI_PWD Input BOOL I, Q, M, D, L or con HMI access stant HMI_PWD = "0": Do not allow password HMI_PWD = "1": Allow password F_PWD_ON Output BOOL I, Q, M, D, L Read/write access including fail-safe F_PWD_ON = "0": Password not allowed F_PWD_ON = "1": Password allowed FULL_PWD_ ON Output BOOL I, Q, M, D, L Read/write access status FULL_PWD_ON = "0": Password not allowed FULL_PWD_ON = "1": Password allowed R_PWD_ON Output BOOL I, Q, M, D, L Read-access status R_PWD_ON = "0": Password not allowed R_PWD_ON = "1": Password allowed HMI_PWD_O Output N BOOL I, Q, M, D, L HMI-access status HMI_PWD_ON = "0": Password not allowed HMI_PWD_ON = "1": Password allowed RET_VAL Output WORD I, Q, M, D, L Error information You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) WinCC Advanced V14 System Manual, 10/2016 0000 No error 8090 The "Limit and enable password legitimation" instruction is not supported 80D0 The password for fail-safe is not configured. The signal state must be TRUE for standard CPUs. 80D1 The read/write access is not configured 2993 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 80D2 The read access is not configured 80D3 The HMI access is not configured *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Basic information on FBD (Page 4693) PC systems (S7-1500) SHUT_DOWN: Shut down target system (S7-1500) Description You can use the instruction "SHUT_DOWN: Shutdown target system" to shut down the PCbased automation system and restart the S7 software controller CPU 150xS or Windows on the PC-based automation system. The instruction is available in the "Instructions" task card under Basic instructions > Program control > Runtime control. A restart is, for example, advisable in the following situations: An industrial UPS (uninterruptible power supply) reports a power failure via a digital input. Windows stops responding or shows a "blue screen". Too many error OBs are called in the user program. 2994 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Shutdown target system" instruction: Parameter Declaration Data type Memory area MODE Input UINT I, Q, M, D, L or con MODE = 1: Shut stant down CPU 150xS and Windows The CPU goes to STOP and saves the retentive data. Then the CPU and Windows are shut down. The system must be restarted manually. Description MODE = 2: Re start CPU 150xS The CPU goes to STOP and saves the retentive data. Then the CPU is shut down and re started. MODE = 3: Re start Windows. The CPU remains in RUN. Windows is restarted. COMMENT Input STRING I, Q, M, D, L or con With MODE = 1 stant and MODE = 3, you can specify a reason for the re start. The reason is output in the Windows Event Log. Ret_Val Return WORD Q, M, D, L Ret_Val = 0: No faults Ret_Val = 8090: The value passed to MODE is not supported. Ret_Val = 80xy: Windows does not respond to the call of the Shut_Down instruction. WinCC Advanced V14 System Manual, 10/2016 2995 Programming the PLC 11.4 Instructions RE_TRIGR: Restart cycle monitoring time (S7-1200, S7-1500) Description The "Restart cycle monitoring time" instruction is used to restart the cycle monitoring time of the CPU. The cycle monitoring time then restarts with the time you have set in the CPU configuration. If the instruction is called in a block with a higher priority, such as a hardware interrupt or diagnostic error interrupt, the instruction is not executed and the enable output ENO returns signal state "0". The instruction executes completely within a time span (10 times the maximum program cycle), regardless of the number of calls. Once this time has expired, the program cycle can no longer be prolonged. Calling the instruction The following call conditions apply: The following applies to a CPU of the S7-1200 series: In firmware versions <= 2.2, you can call the instruction only in a program cycle organization block of priority 1. This corresponds to the lowest priority of all organization blocks. If the instruction is called in an organization block with a higher priority, the instruction is not executed and the result (BR bit, enable output ENO) is always "0". In firmware versions >= 2.2, you can call the instruction regardless of the priority in all organization blocks. The following applies to a CPU of the S7-1500 series: You can call the instruction regardless of the priority in all organization blocks. Parameters The instruction "Restart cycle monitoring time" has no parameters. See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Basic information on FBD (Page 4693) STP: Exit program (S7-1200, S7-1500) Description The instruction "Exit program" instruction is used to set the CPU to STOP mode and therefore to terminate the execution of the program. The effects of changing from RUN to STOP depend on the CPU configuration. 2996 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When the (RLO) at the input of the instruction is "1", the CPU changes to STOP mode and the execution of the program is terminated. The signal state at the output of the instruction is not evaluated. If the RLO at the input of the instruction is "0", then the instruction will not be executed. Parameters The instruction "Exit program" has no parameters. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) System memory areas (Page 947) GET_ERROR: Get error locally (S7-1200, S7-1500) Description The "Get error locally" instruction is used to query the occurrence of errors within a program block. This normally involves programming or access errors. If the system reports an error during the execution of the program block, detailed information is stored in the operand at the ERROR output for the first error to occur during the execution of the block since the last execution of the instruction. Only operands of the "ErrorStruct" system data type can be specified at the ERROR output. The "ErrorStruct" system data type specifies the exact structure in which the information about the error is stored. Using additional instructions, you can evaluate this structure and program an appropriate response. If several errors occur in the program block, the error information about the next error to occur is output by the instruction only after the first error that occurred has been remedied. Note Output ERROR The ERROR output is only changed if error information is present. To set the output back to "0" after handling an error, you have the following options: Declare the tag in the "Temp" section of the block interface. Reset the tag to "0" before calling the instruction. Query the enable output ENO. WinCC Advanced V14 System Manual, 10/2016 2997 Programming the PLC 11.4 Instructions The enable output ENO is only set if the enable input EN returns signal state "1" and error information is present. If one of these conditions does not apply, then the remaining program execution is not affected by the instruction. Note Activation of the local error handling As soon as you insert the instruction in the program code of a program block, the local error handling is activated and default system reactions are ignored when errors occur. Options for error handling You can find an overview of the options for error handling here: AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameters The following table shows the parameters of the "Get error locally" instruction: Parameters Declaration Data type Memory area Description ERROR Output ErrorStruct D, L Error information Data type "ErrorStruct" The "ErrorStruct" data type can be inserted in a global data block or in the block interface. You can insert the data type more then once if you assign a different name for the data structure each time. The data structure and the name of individual structure elements cannot be changed. If you save the error information in a global data block, it can also be read out by other program blocks. The following table shows the structure of the "ErrorStruct" data type: Structure component Data type Description ERROR_ID WORD Error ID FLAGS BYTE Shows whether the error occurred during a program block call. 16#01: Error during a program block call 16#00: No error during a program block call REACTION BYTE Default reaction: 0: Ignore (write error) 1: Continue with substitute value "0" (read error) 2: Skip instruction (system error) CODE_ADDRESS 2998 CREF Information about the address and type of the program block WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Structure component BLOCK_TYPE Data type Description BYTE Program block type in which the error oc curred: 1: Organization block (OB) 2: Function (FC) 3: Function block (FB) CB_NUMBER OFFSET UINT Number of the code block UDINT Reference to the internal memory MODE BYTE Information about the address of an oper and OPERAND_NUMBER UINT Operand number of the machine command POINTER_NUMBER_LOCA TION UINT (A) Internal pointer SLOT_NUMBER_SCOPE UINT (B) Storage area in internal memory DATA_ADDRESS NREF Information about the address of an oper and BYTE (C) Memory area: AREA L: 16#40...16#7F, 16#86, 16#87, 16#8E, 16#8F, 16#C0...16#FF I: 16#81 Q: 16#82 M: 16#83 DB: 16#40, 16#84, 16#85, 16#8A, 16#8B PI: 16#01 PQ: 16#02 Technological objects: 16#04 DB_NUMBER UINT (D) Number of the data block OFFSET UDINT (E) Relative address of the operand Structure component "ERROR_ID" The following table shows the values that can be output at the structure component "ERROR_ID": WinCC Advanced V14 System Manual, 10/2016 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer 2999 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2576 9590 Error in the local data distribution 2577 9591 The block property "Parameter passing via registers" is not selected. 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: ! 5HDO )LHOG>LQGH[@ ,1 ,1 08/ $XWR 5HDO (1 )LHOG>LQGH[@ ,1 287 ,1 (12 7DJ2XW 7DJ2XWB(QDEOHG *(7B(5525 (5525 (1 (UURU (12 %<7( 3000 (UURUB5($&7,21 ,1 ,1 7DJ2XWB(QDEOHG 5 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions An error occurred accessing the #Field[#index] tag. The enable output ENO of the "Multiply" instruction and the #TagOut_Enabled operand have signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, it is recommended to program the "Get error locally" instruction after the "Multiply" instruction to get the error. The error information supplied by the "Get error locally" instruction is evaluated with the comparison instruction "Equal". If the "#Error.REACTION" structure component has the value "1", this involves a read/access error and the #TagOut_Enabled output is reset. See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) GET_ERR_ID: Get error ID locally (S7-1200, S7-1500) Description The "Get error ID locally" instruction is used to query the occurrence of errors within a block. This is usually to access error. If the system reports during the block processing errors within the block execution since the last execution of the instruction, the error ID of the first error that occurred in the tag is stored at the ID output. Only operands of the WORD data type can be specified at the ID output. If several errors occur in the block, the error ID of the next error to occur in the instruction is output only after the first error that occurred has been remedied. Note The ID output is only changed if error information is present. To set the output back to "0" after handling an error, you have the following options: Declare the tag in the "Temp" section of the block interface. Reset the tag to "0" before calling the instruction. Query the enable output ENO. The enable output ENO of the instruction "Get error ID locally" instruction is set only if the enable input EN returns signal state "1" and error information is present. If one of these conditions is not fulfilled, the remaining program execution is not affected by the "Get error ID locally" instruction. WinCC Advanced V14 System Manual, 10/2016 3001 Programming the PLC 11.4 Instructions You can find an example of how you can implement the instruction in combination with other troubleshooting options under "See also". Note The "Get error ID locally" instruction enables local error handling within a block. If the "Get error ID locally" instruction is inserted in the program code of a block, any predefined system reactions are ignored if errors occur. Options for error handling You can find an overview of the options for error handling here:AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameters The following table shows the parameters of the "Get error ID locally" instruction: Parameters Declaration Data type Memory area Description ID Output WORD I, Q, M, D, L Error ID Parameter ID The following table shows the values that can be output at the ID parameter: 3002 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2576 9590 Error in the local data distribution 2577 9591 The block property "Parameter passing via registers" is not selected. 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: ! 5HDO )LHOG>LQGH[@ ,1 ,1 08/ $XWR 5HDO (1 )LHOG>LQGH[@ ,1 287 ,1 (12 7DJ2XW 7DJ2XWB(QDEOHG *(7B(55B,' ,' (1 7DJ,' (12 ,17 7DJ,' ,1 ,1 029( (1 287 ,1 (12 7DJ2XW An error occurred accessing the #Field[#index] tag. The enable output ENO of the "Multiply" instruction and the #TagOut_Enabled operand have signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, it is recommended to program the "Get error ID locally" instruction after the "Multiply" instruction to get the error. The error information supplied by the "Get error ID locally" instruction is WinCC Advanced V14 System Manual, 10/2016 3003 Programming the PLC 11.4 Instructions evaluated with the comparison instruction "Equal". If the #TagID operand returns the ID 2522, this involves a read/access error and the value "100.0" is written to the #TagOut output. See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) INIT_RD: Initialize all retain data (S7-1500) Description The "Initialize all retain data" instruction is used to reset the retentive data of all data blocks, bit memories and SIMATIC timers and counters at the same time. The instruction can only be executed within a startup OB because the execution exceeds the program cycle duration. Parameters The following table shows the parameters of the "Initialize all retain data" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output REQ Input BOOL I, Q, M, D, L, T, C or constant If the input "REQ" has the sig nal state "1", all retentive da ta are reset. RET_VAL Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output in the RET_VAL parameter. For additional information on valid data types, refer to "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 3004 0000 No error 80B5 The instruction cannot be executed because it was not programmed within a startup OB. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) General er See also: "GET_ERR_ID: Get error ID locally" ror informa tion *The error codes can be displayed as integer or hexadecimal values in the program editor. You will find information on changing display formats in "See also". Example The following example shows how the instruction works: ,1,7B5' 7DJ2XW 7DJ,QB 7DJB5(4 (1 5(4 (12 5(7B9$/ 7DJB5HVXOW If the operands "TagIn_1" and "Tag_REQ" have signal state "1", the instruction is executed. All retentive data of all data blocks, bit memories and SIMATIC timers and counters are reset. If the instruction is executed without errors, the ENO enable output has the signal state "1". See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3001) Basic information on FBD (Page 4693) WAIT: Configure time delay (S7-1500) Description The "Configure time delay" instruction pauses the program execution for a specific period of time. You indicate the period of time in microseconds on the WT parameter of the instruction. You can configure time delays from -32768 up to +32767 microseconds (s). The smallest possible delay time depends on the respective CPU and corresponds to the execution time of the "Configure time delay" instruction. The execution of the instruction can be interrupted by higher priority events. The "Configure time delay" instruction returns no error information. WinCC Advanced V14 System Manual, 10/2016 3005 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Configure time delay" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output WT Input INT I, Q, M, D, L, P or constant Time delay in microseconds (s) See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) RUNTIME: Measure program runtime (S7-1200, S7-1500) Description The "Measure program runtime" instruction is used to measure the runtime of the entire program, individual blocks or command sequences. If you want to measure the runtime of your entire program, call the instruction "Measure program runtime" in OB1. Measurement of the runtime is started with the first call and the output RET_VAL returns the runtime of the program after the second call. The measured runtime includes all CPU processes that can occur during the program execution, for example, interruptions caused by higher-level events or communication. The instruction "Measure program runtime" reads an internal counter of the CPU and write the value to the IN-OUT parameter MEM. The instruction calculates the current program runtime according to the internal counter frequency and writes it to output RET_VAL. If you want to measure the runtime of individual blocks or individual command sequences, you need three separate networks. Call the instruction "Measure program runtime" in an individual network within your program. You set the starting point of the runtime measurement with this first call of the instruction. Then you call the required program block or the command sequence in the next network. In another network, call the "Measure program runtime" instruction a second time and assign the same memory to the IN-OUT parameter MEM as you did during the first call of the instruction. The "Measure program runtime" instruction in the third network reads an internal CPU counter and calculates the current runtime of the program block or the command sequence according to the internal counter frequency and writes it to the output RET_VAL. The "Measure program runtime" instruction uses an internal high-frequency counter to calculate the time. If the counter overruns, the instruction returns values <= 0.0. This can occur 3006 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions up to once per minute for S7-1200 CPUs with firmware version <V4.2. Ignore these runtime values. Note The runtime of a command sequence cannot be determined exactly, because the sequence of instructions within a command sequence is changed during optimized compilation of the program. Parameters The following table lists the parameters of the "Measure program runtime" instruction: Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output MEM InOut LREAL I, Q, M, D, L The content is for internal pur poses only. RET_VAL Output LREAL I, Q, M, D, L Returns the measured run time in seconds Example The following example shows how the instruction works based on the runtime calculation of a program block: Network 1: 5817,0( 7DJ,Q 7DJ0HPRU\ (1 (12 0(0 5(7B9$/ 7DJ5HVXOW Network 2: '% %HVWBEHIRUHBGDWHB'% )% %HVWBEHIRUHBGDWH (1 (12 Network 3: WinCC Advanced V14 System Manual, 10/2016 3007 Programming the PLC 11.4 Instructions 5817,0( 7DJ,Q 7DJ0HPRU\ (1 0(0 (12 5(7B9$/ 7DJ5HVXOWB5XQWLPH When the "TagIn1" operand in network 1 has the signal state "1", the instruction is executed. The starting point for the runtime measurement is set with the first call of the instruction and buffered as reference for the second call of the instruction in the "TagMemory" operand. The "Best_before_date" program block FB1 is called in network 2. When the FB1 program block has been executed and the "TagIn1" operand has the signal state "1", the instruction in network 3 is executed. The second call of the instruction calculates the runtime of the program block and writes the result to the output RET_VAL. See also Overview of the valid data types (Page 2131) System memory areas (Page 947) Basic information on FBD (Page 4693) Word logic operations (S7-1200, S7-1500) AND: AND logic operation (S7-1200, S7-1500) Description You can use the instruction "AND logic operation" to link the value at input IN1 to the value at input IN2 bit-by-bit by AND logic and query the result at the output OUT. When the instruction is executed, bit 0 of the value at input IN1 is linked by AND logic to bit 0 of the value at input IN2. The result is stored in bit 0 of output OUT. The same logic operation is executed for all other bits of the specified values. In its initial state the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended. The inserted inputs are numbered in ascending order in the box. During the execution of the instruction, the values of all available input parameters are linked by AND logic. The result is stored at output "OUT". The result bit has the signal state "1" only when both of the bits in the logic operation also have signal state "1". If one of the two bits of the logic operation has signal state "0", the corresponding result bit is reset. 3008 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "AND logic operation": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Optional input values OUT Output Bit strings I, Q, M, D, L, P I, Q, M, D, L, P Result of the in struction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: $1' :25' 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0000 0000 0000 0101 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is linked by AND to the value of the operand "Tag_Value2". The result is mapped bit-for-bit and sent to the operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". WinCC Advanced V14 System Manual, 10/2016 3009 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) OR: OR logic operation (S7-1200, S7-1500) Description You can use the instruction "OR logic operation" to link the value at input IN1 to the value at input IN2 bit-by-bit by OR logic and query the result at the output OUT. When the instruction is executed, bit 0 of the value at input IN1 is linked by OR logic to bit 0 of the value at input IN2. The result is stored in bit 0 of output OUT. The same logic operation is executed for all bits of the specified tags. In its initial state the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended in the instruction box. The inserted inputs are numbered in ascending order in the box. During the execution of the instruction, the values of all available input parameters are linked by OR logic. The result is stored at output "OUT". The result bit has the signal state "1" when at least one of the two bits in the logic operation has signal state "1". If both of the bits of the logic operation have signal state "0", the corresponding result bit is reset. Parameters The following table shows the parameters of the instruction "OR logic operation": Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Optional input values OUT Output Bit strings I, Q, M, D, L, P I, Q, M, D, L, P Result of the in struction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 3010 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 25 :25' 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0101 0101 0101 1111 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is linked by OR to the value of the operand "Tag_Value2". The result is mapped bit-for-bit and sent to the operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) XOR: EXCLUSIVE OR logic operation (S7-1200, S7-1500) Description You can use the instruction "EXCLUSIVE OR logic operation" to link the value at input IN1 to the value at input IN2 bit-by-bit by EXCLUSIVE OR logic and query the result at the output OUT. When the instruction is executed, bit 0 of the value at input IN1 is linked by EXCLUSIVE OR logic to bit 0 of the value at input IN2. The result is stored in bit 0 of output OUT. The same logic operation is executed for all other bits of the specified value. In its initial state the instruction box contains at least 2 inputs (IN1 and IN2). The number of inputs can be extended in the instruction box. The inserted inputs are numbered in ascending order in the box. During the execution of the instruction, the values of all available input parameters are linked by EXCLUSIVE OR logic. The result is stored at output "OUT". The result bit has the signal state "1" when one of the two bits in the logic operation has signal state "1". If both of the bits of the logic operation have signal state "1" or "0", the corresponding result bit is reset. WinCC Advanced V14 System Manual, 10/2016 3011 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "EXCLUSIVE OR logic operation": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, T, C Enable input EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN1 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant First value for logic operation IN2 Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Second value for logic opera tion INn Input Bit strings I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Optional input values OUT Output Bit strings I, Q, M, D, L, P I, Q, M, D, L, P Result of the in struction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: ;25 :25' 7DJ,Q (1 7DJB9DOXH ,1 287 7DJB9DOXH ,1 (12 7DJB5HVXOW 7DJ2XW The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN1 Tag_Value1 0101 0101 0101 0101 IN2 Tag_Value2 0000 0000 0000 1111 OUT Tag_Result 0101 0101 0101 1010 If the "TagIn" operand has signal state "1", the instruction is executed. The value of operand "Tag_Value1" is linked by EXCLUSIVE OR to the value of the operand "Tag_Value2". The result is mapped bit-for-bit and sent to the operand "Tag_Result". The enable output ENO and the output "TagOut" are set to signal state "1". 3012 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) INVERT: Create ones complement (S7-1200, S7-1500) Description You can use the instruction "Create ones complement" to invert the signal status of the bits at input IN. When the instruction is processed, the value at input IN is linked to EXCLUSIVE OR by a hexadecimal mask (W#16#FFFF for 16-bit numbers or DW#16#FFFF FFFF for 32-bit number). This inverts the signal state of the individual bits that are then stored at output OUT. Parameters The following table shows the parameters of the instruction "Create ones complement": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, T, C Enable input I, Q, M, D, L Enable output EN Input BOOL I, Q, M, D, L ENO Output BOOL I, Q, M, D, L IN Input Bit strings, integers I, Q, M, D, L, P, or con stant I, Q, M, D, L, Input value P, or constant OUT Output Bit strings, integers I, Q, M, D, L, P I, Q, M, D, L, P Ones complement of the value at input IN You can select the data type of the instruction from the "<???>" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: ,19 7DJ,Q 7DJ,QB9DOXH WinCC Advanced V14 System Manual, 10/2016 ,17 (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW 3013 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value IN TagIn_Value W#16#000F W#16#7E OUT TagOut_Value W#16#FFF0 W#16#81 If operand "TagIn" has the signal state "1", the "Create ones complement" instruction is executed. The instruction inverts the signal state of the individual bits at input "TagIn_Value" and writes the result to output "TagOut_Value". The enable output ENO and the output "TagOut" are set to signal state "1". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) DECO: Decode (S7-1200, S7-1500) Description You can use the "Decode" instruction to set a bit in the output value specified by the input value. The "Decode" instruction reads the value at the IN input and sets the bit in the output value whose bit position corresponds to the read value. The other bits in the output value are filled with zeroes. If the value at input IN is greater than 31, a modulo 32 instruction is executed. Parameters The following table shows the parameters of the "Decode" instruction: Parameters Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output IN Input UINT I, Q, M, D, L, P or constant I, Q, M, D, L, P or constant Position of the bit in the output value which is set. OUT Output Bit strings I, Q, M, D, L, P I, Q, M, D, L, P Output value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 3014 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: '(&2 8,17 WR ':25' 7DJ,Q (1 287 7DJ,QB9DOXH ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following figure shows how the instruction works using concrete operand values: 7DJ,QB9DOXH 7DJ2XWB9DOXH If the "TagIn" operand has signal state "1", the instruction is executed. The instruction reads bit number "3" from the value of the operand "TagIn_Value" and sets the third bit to the value of the operand "TagOut_Value". If no errors occur during the execution of the instruction, the output ENO has the signal state "1" and the output "TagOut" is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ENCO: Encode (S7-1200, S7-1500) Description The instruction "Encode" is used to read the bit number of the lowest bit in the input value and output it to the output OUT. The instruction "Encode" selects the least significant bit of the value at the IN input and writes its bit number to the tag in the output OUT. Parameters The following table shows the parameters of the instruction "Encode": Parameters WinCC Advanced V14 System Manual, 10/2016 Declaration Data type Memory area S7-1200 S7-1500 Description EN Input BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L I, Q, M, D, L Enable output 3015 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description S7-1200 S7-1500 I, Q, M, D, L, P or constant IN Input Bit strings I, Q, M, D, L, P or constant Input value OUT Output INT I, Q, M, D, L, P I, Q, M, D, L, P Output value You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: (1&2 ':25' 7DJ,Q 7DJ,QB9DOXH (1 287 ,1 (12 7DJ2XWB9DOXH 7DJ2XW The following figure shows how the instruction works using concrete operand values: 7DJ,QB9DOXH 7DJ2XWB9DOXH If the "TagIn" operand has signal state "1", the instruction is executed. The instruction selects bit position "3" as the least significant bit at input "TagIn_Value" and writes the value "3" to the tag at the output "TagOut_Value. If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SEL: Select (S7-1200, S7-1500) Description Depending on the signal state at switch (input G), the "Select" instruction selects one of the inputs IN0 or IN1 and moves its content to the output OUT. When the input G has the signal state "0", the value at the input IN0 is moved. When the input G has the signal state "1", the value at the input IN1 is moved to the output OUT. 3016 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction can only be executed if the enable input EN has the signal state "1" and the tags of all parameters are of the same data type. Parameters The following table shows the parameters of the "Select" instruction: Parame ters Declaration EN Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable output G Input BOOL BOOL I, Q, M, D, L or con stant I, Q, M, D, L, T, C or con stant Switch IN0 Input Bit strings, integers, floatingpoint num bers, timers, TOD, DATE, CHAR, WCHAR Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, DATE, TDT, CHAR, WCHAR I, Q, M, D, L, P or constant I, Q, M, D, L, First input value P or constant IN1 Input Bit strings, integers, floatingpoint num bers, timers, TOD, DATE, CHAR, WCHAR Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, DATE, TDT, CHAR, WCHAR I, Q, M, D, L, P or constant I, Q, M, D, L, Second input value P or constant OUT Output Bit strings, integers, floatingpoint num bers, timers, TOD, DATE, CHAR, WCHAR Bit strings, integers, floatingpoint num bers, timers, TOD, LTOD, DATE, TDT, CHAR, WCHAR I, Q, M, D, L, P I, Q, M, D, L, P Result You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3017 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6(/ :25' 7DJ,Q 7DJ,QB* (1 * 7DJ2XW 7DJ,QB9DOXH ,1 (12 7DJ,QB9DOXH ,1 287 7DJ2XWB9DOXH The following table shows how the instruction works using concrete operand values: Parameters Operand Value G TagIn_G 0 1 IN0 TagIn_Value0 W#16#0000 W#16#4C IN1 TagIn_Value1 W#16#FFFF W#16#5E OUT TagOut_Value W#16#0000 W#16#5E If the "TagIn" operand has signal state "1", the instruction is executed. Based on the signal state at the input "TagIn_G", the value at input "TagIn_Value0" or "TagIn_Value1" is selected and copied to output "TagOut_Value". If the instruction is executed without errors, the enable output ENO has the signal state "1" and the "TagOut" output is set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) MUX: Multiplex (S7-1200, S7-1500) Description You can use the instruction "Multiplex" to copy the content of a selected input to output OUT. In its initial state the instruction box contains at least 2 inputs (IN0 and IN1). The number of selectable inputs of the instruction box can be expanded. You can declare a maximum of 32 inputs. The inputs are numbered automatically in the box. Numbering starts at IN0 and is incremented continuously with each new input. You use the K parameter to define the input whose content is to be copied to the OUT output. If the value of the parameter K is greater than the number of available inputs, the content of the parameter ELSE is copied to output OUT and enable output ENO is assigned the signal state "0". The "Multiplex" instruction can only be executed if the tags have the same data type in all inputs and in the OUT output. The K parameter is an exception, since only integers can be specified for it. 3018 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The enable output ENO is reset if one of the following conditions applies: Enable input EN has the signal state "0". The input at the K parameter is located outside the available inputs. This is the reaction regardless of whether the ELSE input will be used or not. The value at the OUT output remains unchanged. Errors occurred during execution of the instruction. Parameters The following table shows the parameters of the "Multiplex" instruction: Parameters Declaring Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put K Input Integers Integers I, Q, M, D, L, I, Q, M, D, L, Specifies P or constant P or constant the input whose con tent is to be copied. If K = 0 => Paramet er IN0 If K = 1 => Paramet er IN1, etc. IN0 WinCC Advanced V14 System Manual, 10/2016 Input Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num I, Q, M, D, L, I, Q, M, D, L, First input bers, inte P or constant P or constant value gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT 3019 Programming the PLC 11.4 Instructions Parameters Declaring Data type S7-1200 S7-1500 Memory area S7-1200 Description S7-1500 IN1 Input Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num I, Q, M, D, L, I, Q, M, D, L, Second in bers, inte P or constant P or constant put value gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT INn Input Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num I, Q, M, D, L, I, Q, M, D, L, Optional in bers, inte P or constant P or constant put values gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT ELSE Input Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num I, Q, M, D, L, I, Q, M, D, L, bers, inte P or constant P or constant gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT Specifies the value to be copied when K > n OUT Output Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num I, Q, M, D, L, bers, inte P gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT Output to which the value is to be copied I, Q, M, D, L, P You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". 3020 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 08; ':25' 7DJB,QSXW 287 (1 7DJB1XPEHU . 7DJB9DOXHB ,1 7DJB9DOXHB ,1 7DJB9DOXHB (/6( 7DJB5HVXOW 7DJB2XWSXW 6 (12 The following table shows how the instruction works using concrete operand values: Parameters Operand Value K Tag_Number 1 IN0 Tag_ValueI_0 DW#16#00000000 IN1 Tag_Value_1 DW#16#003E4A7D ELSE Tag_Value_2 DW#16#FFFF0000 OUT Tag_Result DW#16#003E4A7D If the "Tag_Input" operand has signal state "1", the instruction is executed. Depending on the value of the operand "Tag_Number", the value at input "Tag_Value_1" is copied and assigned to the operand at output "Tag_Result". If no errors occur during the execution of the instruction, the outputs ENO and "Tag_Output" are set. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) DEMUX: Demultiplex (S7-1200, S7-1500) Description You can use the instruction "Demultiplex" to copy the content of the input IN to a selected output. In its initial state the instruction box contains at least 2 outputs (OUT0 and OUT1). The number of selectable outputs can be extended in the instruction box. The outputs are numbered automatically in the box. Numbering starts at OUT0 and continues consecutively with each new output. You use the K parameter to define the output to which the content of the IN input is to be copied. The other outputs are not changed. If the value of the parameter K is greater than the number of available outputs, then the content of input IN in the parameter ELSE and the enable output ENO will be assigned to the signal state "0". WinCC Advanced V14 System Manual, 10/2016 3021 Programming the PLC 11.4 Instructions The instruction "Demultiplex" can only be executed if the tags at the input IN and at all outputs are of the same data type. The K parameter is an exception, since only integers can be specified for it. The enable output ENO is reset if one of the following conditions applies: Enable input EN has the signal state "0". The value of the K parameter is greater than the number of available outputs. Errors occurred during execution of the instruction. Parameters The following table shows the parameters of the instruction "Demultiplex": Parameter Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable output K Input Integers Integers I, Q, M, D, L, P, or constant I, Q, M, D, Specifies the out L, P, or con put to which the stant input value (IN) is copied. If K = 0 => Parameter OUT0 If K = 1 => Parameter OUT1, etc. 3022 IN Input Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P, or constant I, Q, M, D, Input value L, P, or con stant OUT0 Output Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P I, Q, M, D, L, P First output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area S7-1200 S7-1500 S7-1200 S7-1500 Description OUT1 Output Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P I, Q, M, D, L, P Second output OUTn Output Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P I, Q, M, D, L, P Optional outputs ELSE Output Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, DATE Binary num bers, inte gers, float ing-point numbers, timers, CHAR, WCHAR, TOD, LTOD, DATE, LDT I, Q, M, D, L, P I, Q, M, D, L, P Output to which the input value (IN) at K > n is copied. You can select the data type of the instruction from the "<???>" drop-down list of the instruction box. For additional information on available data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3023 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: '(08; ':25' 7DJB,QSXW 7DJB1XPEHU 7DJB9DOXH (1 287 7DJB2XWSXWB . 287 7DJB2XWSXWB ,1 (/6( 7DJB2XWSXWB 7DJB2XWSXW (12 6 The following tables show how the instruction works using specific operand values: Table 11-16 Input values of the "Demultiplex" instruction before network execution Parameter Operand Values K Tag_Number 1 4 IN Tag_Value DW#16#FFFFFFFF DW#16#003E4A7D Table 11-17 Output values of the "Demultiplex" instruction after network execution Parameter Operand OUT0 Tag_Output_0 Unchanged Values Unchanged OUT1 Tag_Output_1 DW#16#FFFFFFFF Unchanged ELSE Tag_Output_2 Unchanged DW#16#003E4A7D If the "Tag_Input" input has the signal state"1", the "Demultiplex" instruction is executed. Depending on the value of the operand "Tag_Number", the value at input "IN" is copied to the corresponding output. See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) 3024 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Shift and Rotate (S7-1200, S7-1500) SHR: Shift right (S7-1200, S7-1500) Description You can use the "Shift right" instruction to shift the content of the operand at the input IN bitby-bit to the right and query the result at the OUT output. The input N is used to specify the number of bit positions by which the specified value should be moved. If the value at the input N is "0", the value at input IN is copied unchanged to the operand at output OUT. If the value at the input N is greater than the number of available bit positions, the operand value at input IN is shifted to the right by the available number of bit positions. The freed bit positions in the left area of the operand are filled by zeroes when values without signs are shifted. If the specified value has a sign, the free bit positions are filled with the signal state of the sign bit. The following figure show how the content of an operand of integer data type is shifted four bit positions to the right: ,1 1 287 6LJQ ELW SODFHV 7KHIUHHGELWSRVLWLRQVDUH ILOOHGZLWKWKHVLJQDOVWDWH RIWKHVLJQELW WinCC Advanced V14 System Manual, 10/2016 7KHVHIRXUELWV DUHORVW 3025 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Shift right": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be shifted N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L or constant I, Q, M, D, L or constant Number of bit positions by which the value is shif ted OUT Output Bit strings, integers Bit strings, integers I, Q, M, D, L I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 6+5 :25' 7DJ,Q (1 7DJ,QB9DOXH ,1 287 7DJB1XPEHU 1 (12 7DJ2XWB9DOXH 7DJ2XW 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 N Tag_Number 3 OUT TagOut_Value 0000 0111 1111 0101 If the "TagIn" operand has signal state "1", the instruction is executed. The content of the operand "TagIn_Value" is shifted three bit positions to the right. The result is output at the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. 3026 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) SHL: Shift left (S7-1200, S7-1500) Description You can use the "Shift left" instruction to shift the content of the operand at the input IN bit-bybit to the left and query the result at the OUT output. The input N is used to specify the number of bit positions by which the specified value should be moved. If the value at the input N is "0", the value at input IN is copied unchanged to the operand at output OUT. If the value at the input N is greater than the number of available bit positions, the operand value at input IN is shifted to the left by the available number of bit positions. The bit positions in the right part of the operand freed by shifting are filled with zeros. The following figure shows how the content of an operand of the WORD data type is shifted by six bit positions to the left: ,1 1 287 SODFHV 7KHVHVL[ELWV DUHORVW WinCC Advanced V14 System Manual, 10/2016 7KHIUHHGELWSRVLWLRQV DUHILOOHGZLWK]HURV 3027 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Shift left": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be shifted. N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L or constant I, Q, M, D, L or constant Number of bit positions by which the value is shif ted. OUT Output Bit strings, integers Bit strings, integers I, Q, M, D, L I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 6+/ :25' 7DJ,Q (1 7DJ,QB9DOXH ,1 7DJB1XPEHU 1 287 7DJ2XWB9DOXH 7DJ2XW (12 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0011 1111 1010 1111 N Tag_Number 4 OUT TagOut_Value 1111 1010 1111 0000 If the "TagIn" operand has signal state "1", the instruction is executed. The content of the operand "TagIn_Value" is shifted four bit positions to the left. The result is output at the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. 3028 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ROR: Rotate right (S7-1200, S7-1500) Description You can use the "Rotate right" instruction to rotate the content of the operand at the input IN bit-by-bit to the right and query the result at the OUT output. The input N is used to specify the number of bit positions by which the specified value should be rotated. The bit positions freed by rotating on the left-hand side are filled true-to-position with the bit positions that are pushed out from the left-hand side. If the value at the input N is "0", the value at input IN is copied unchanged to the operand at output OUT. If the value of the N parameter is greater than the number of available bit positions, the operand value at the IN input is nevertheless rotated by the specified number of bit positions. The following figure shows how the content of an operand of the DWORD data type is rotated three bit positions to the right: ,1 1 287 SODFHV 7KHVLJQDOVWDWHRIWKHWKUHH VKLIWHGELWVLVLQVHUWHGLQWKH IUHHGSODFHV WinCC Advanced V14 System Manual, 10/2016 3029 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Rotate right": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be rotated N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L or constant I, Q, M, D, L or constant Number of bit positions by which the value is rota ted OUT Output Bit strings, integers Bit strings, integers I, Q, M, D, L I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 525 :25' 7DJ,Q (1 7DJ,QB9DOXH ,1 7DJB1XPEHU 1 287 7DJ2XWB9DOXH 7DJ2XW (12 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 0000 1111 1001 0101 N Tag_Number 5 OUT TagOut_Value 1010 1000 0111 1100 If the "TagIn" operand has signal state "1", the instruction is executed. The content of the operand "TagIn_Value" is rotated five bit positions to the right. The result is output at the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. 3030 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) ROL: Rotate left (S7-1200, S7-1500) Description You can use the "Rotate left" instruction to rotate the content of the operand at the input IN bitby-bit to the left and query the result at the OUT output. The input N is used to specify the number of bit positions by which the specified value should be rotated. The bit positions freed by rotating on the right-hand side are filled true-to-position with the bit positions that are pushed out from the left-hand side. If the value at the input N is "0", the value at input IN is copied to the operand at output OUT. If the value of the N parameter is greater than the number of available bit positions, the operand value at the IN input is nevertheless rotated by the specified number of bit positions. The following figure shows how the content of an operand of the DWORD data type is rotated three bit positions to the left: ,1 1 287 SODFHV 7KHVLJQDOVWDWHRIWKHWKUHH VKLIWHGELWVZLOOEHLQVHUWHGLQWKH IUHHSODFHV WinCC Advanced V14 System Manual, 10/2016 3031 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Rotate left": Parameters Declaration Data type Memory area Description S7-1200 S7-1500 S7-1200 S7-1500 EN Input BOOL BOOL I, Q, M, D, L I, Q, M, D, L, T, C Enable input ENO Output BOOL BOOL I, Q, M, D, L I, Q, M, D, L Enable out put IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L or constant I, Q, M, D, L or constant Value to be rotated. N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L or constant I, Q, M, D, L or constant Number of bit positions by which the value is rota ted. OUT Output Bit strings, integers Bit strings, integers I, Q, M, D, L I, Q, M, D, L Result of the instruction You can select the data type of the instruction from the "???" drop-down list of the instruction box. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: 52/ ':25' 7DJ,Q (1 7DJ,QB9DOXH ,1 7DJB1XPEHU 1 287 7DJ2XWB9DOXH 7DJ2XW (12 6 The following table shows how the instruction works using concrete operand values: Parameters Operand Value IN TagIn_Value 1010 1000 1111 0110 N Tag_Number 5 OUT TagOut_Value 0001 1110 1101 0101 If the "TagIn" has the signal state "1", the instruction is executed. The content of the operand "TagIn_Value" is rotated five bit positions to the left. The result is output at the "TagOut_Value" output. If the instruction is executed without errors, the ENO enable output has the signal state "1" and the "TagOut" output is set. 3032 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) Memory areas (Page 944) Legacy (S7-1500) DRUM: Implement sequencer (S7-1500) Description You can use the "Implement sequencer" instruction to assign the programmed values of the OUT_VAL parameter of the corresponding step to the programmed output bits (OUT1 to OUT16) and the output word (OUT_WORD). The specific step must thereby satisfy the conditions of the programmed enable mask on the S_MASK parameter while the instruction remains at this step. The instruction advances to the next step if the event for the step is true and the programmed time for the current step elapses, or if the value at the JOG parameter changes from "0" to "1". The instruction is reset when the signal state of the RESET parameter changes to "1". The current step is hereby equated to the preset step (DSP). The amount of time spent on a step is determined by the product of the preset timebase (DTBP) and the preset counter value (S_PRESET) for each step. At the start of a new step, this calculated value is loaded into the DCC parameter, which contains the time remaining for the current step. If, for example the value at the DTBP parameter is "2" and the preset value for the first step is "100" (100 ms), the DCC parameter has the value "200" (200 ms). A step can be programmed with a timer value, an event, or both. Steps that have an event bit and the timer value "0" advance to the next step as soon as the signal state of the event bit is "1". Steps that are programmed only with a timer value start the time immediately. Steps that are programmed with an event bit and a timer value greater than "0" start the time when the signal state of the event bit is "1". The event bits are initialized with a signal state of "1". When the sequencer is on the last programmed step (LST_STEP) and the time for this step has expired, the signal state on the Q parameter is set to "1"; otherwise it is set to "0". When the Q parameter is set, the instruction remains on the step until it is reset. In the configurable mask (S_MASK) you can select the individual bits in the output word (OUT_WORD) and set or reset the output bits (OUT1 to OUT16) by means of the output values (OUT_VAL). When a bit of the configurable mask has a signal state of "1", the OUT_VAL value sets/resets the corresponding bit. If the signal state of a bit of the configurable mask is "0", the corresponding bit is left unchanged. All the bits of the configurable mask for all 16 steps are initialized with a signal state of "1". The output bit at the OUT1 parameter corresponds to the least significant bit of the output word (OUT_WORD). The output bit at the OUT16 parameter corresponds to the most significant bit of the output word (OUT_WORD). WinCC Advanced V14 System Manual, 10/2016 3033 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Implement sequencer" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output RESET Input BOOL I, Q, M, D, L or con The signal state "1" indicates stant a reset condition. JOG Input BOOL I, Q, M, D, L or con When the signal state stant changes from "0" to "1", the instruction advances to the next step. DRUM_EN Input BOOL I, Q, M, D, L or con The signal state "1" allows stant the sequencer to advance based on the event and time criteria. LST_STEP Input BYTE I, Q, M, D, L or con Number of the last program stant med step EVENT(i), Input BOOL I, Q, M, D, L or con Event bit (i); stant Initial signal state is "1". Output BOOL I, Q, M, D, L Output bit (j) Q Output BOOL I, Q, M, D, L The signal state "1" indicates that the time for the last step has elapsed. OUT_WORD Output WORD I, Q, M, D, L, P Word address to which the sequencer writes the output values. ERR_CODE Output WORD I, Q, M, D, L, P Error information JOG_HIS Static BOOL I, Q, M, D, L or con JOG parameter history bit stant EOD Static BOOL I, Q, M, D, L or con The signal state "1" indicates stant that the time for the last step has elapsed. DSP Static BYTE I, Q, M, D, L, P or constant Preset step of the sequencer DSC Static BYTE I, Q, M, D, L, P or constant Current step of the sequencer DCC Static DWORD I, Q, M, D, L, P or constant Current numerical value of the sequencer DTBP Static WORD I, Q, M, D, L, P or constant Preset timebase of the se quencer PrevTime Static TIME I, Q, M, D, L or con Previous system time stant S_PRESET Static ARRAY[1..16] of WORD I, Q, M, D, L or con Preset counter value for each stant step [1 to 16] where one clock pulse = 1 ms. 1 i 16 OUT(j), 1 j 16 3034 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area OUT_VAL Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L or con Output values for each step stant [1 to 16, 0 to 15]. Description S_MASK Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L or con Configurable mask for each stant step [1 to 16, 0 to 15]. Initial signal states are "1". ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: ERR_COD E* Explanation W#16#000 0 No error W#16#000 B The value at the LST_STEP parameter is less than 1 or greater than 16. W#16#000 C The value at the DSC parameter is less than 1 or greater than the value of the LST_STEP parameter. W#16#000 D The value at the DSP parameter is less than 1 or greater than the value of the LST_STEP parameter. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example In the following example the instruction advances from step 1 to step 2. The output bits (OUT1 to OUT16) and the output word (OUT_WORD) are set according to the mask configured for step 2 and the values of the OUT_VAL parameter. Note You can initialize static parameters in the data block. '580B'% '580 7DJ,Q 7DJB5HVHW 7DJB,QSXWB-2* 7DJB'580B(1 /DVW6WHS 0\(YHQW (1 5(6(7 -2* '580B(1 /67B67(3 (9(17 (12 287 4 287B:25' (55B&2'( 7DJ2XW 0\2XWSXW 7DJB2XWSXWB4 7DJB2XWSXWB:25' 7DJB(UURU&RGH The following tables show how the instruction works using specific values. WinCC Advanced V14 System Manual, 10/2016 3035 Programming the PLC 11.4 Instructions Before processing In this example, the following values are used for initializing the input parameters: Parameters Operand Address Value RESET Tag_Reset M0.0 FALSE JOG Tag_Input_JOG M0.1 FALSE DRUM_EN Tag_Input_DrumEN M0.2 TRUE LST_STEP Tag_Number_LastStep MB1 B#16#08 EVENT2 MyTag_Event_2 M20.0 FALSE EVENT4 MyTag_Event_4 M20.1 FALSE EVENT6 MyTag_Event_6 M20.2 FALSE EVENT8 MyTag_Event_8 M20.3 FALSE EVENT10 MyTag_Event_10 M20.4 FALSE EVENT12 MyTag_Event_12 M20.5 FALSE EVENT14 MyTag_Event_14 M20.6 FALSE EVENT16 MyTag_Event_16 M20.7 FALSE The following values are saved in the "DRUM_DB" instance data block of the instruction: 3036 Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE DSP DBB13 W#16#0001 DSC DBB14 W#16#0001 DCC DBD16 DW#16#0000000A DTBP DBW20 W#16#0001 S_PRESET[1] DBW26 W#16#0064 S_PRESET[2] DBW28 W#16#00C8 OUT_VAL[1,0] DBX58.0 TRUE OUT_VAL[1,1] DBX58.1 TRUE OUT_VAL[1,2] DBX58.2 TRUE OUT_VAL[1,3] DBX58.3 TRUE OUT_VAL[1,4] DBX58.4 TRUE OUT_VAL[1,5] DBX58.5 TRUE OUT_VAL[1,6] DBX58.6 TRUE OUT_VAL[1,7] DBX58.7 TRUE OUT_VAL[1,8] DBX59.0 TRUE OUT_VAL[1,9] DBX59.1 TRUE OUT_VAL[1,10] DBX59.2 TRUE OUT_VAL[1,11] DBX59.3 TRUE OUT_VAL[1,12] DBX59.4 TRUE OUT_VAL[1,13] DBX59.5 TRUE OUT_VAL[1,14] DBX59.6 TRUE OUT_VAL[1,15] DBX59.7 TRUE OUT_VAL[2,0] DBX60.0 FALSE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Address Value OUT_VAL[2,1] DBX60.1 FALSE OUT_VAL[2,2] DBX60.2 FALSE OUT_VAL[2,3] DBX60.3 FALSE OUT_VAL[2,4] DBX60.4 FALSE OUT_VAL[2,5] DBX60.5 FALSE OUT_VAL[2,6] DBX60.6 FALSE OUT_VAL[2,7] DBX60.7 FALSE OUT_VAL[2,8] DBX61.0 FALSE OUT_VAL[2,9] DBX61.1 FALSE OUT_VAL[2,10] DBX61.2 FALSE OUT_VAL[2,11] DBX61.3 FALSE OUT_VAL[2,12] DBX61.4 FALSE OUT_VAL[2,13] DBX61.5 FALSE OUT_VAL[2,14] DBX61.6 FALSE OUT_VAL[2,15] DBX61.7 FALSE S_MASK[2,0] DBX92.0 FALSE S_MASK[2,1] DBX92.1 TRUE S_MASK[2,2] DBX92.2 TRUE S_MASK[2,3] DBX92.3 TRUE S_MASK[2,4] DBX92.4 TRUE S_MASK[2,5] DBX92.5 FALSE S_MASK[2,6] DBX92.6 TRUE S_MASK[2,7] DBX92.7 TRUE S_MASK[2,8] DBX93.0 FALSE S_MASK[2,9] DBX93.1 FALSE S_MASK[2,10] DBX93.2 TRUE S_MASK[2,11] DBX93.3 TRUE S_MASK[2,12] DBX93.4 TRUE S_MASK[2,13] DBX93.5 TRUE S_MASK[2,14] DBX93.6 FALSE S_MASK[2,15] DBX93.7 TRUE The output parameters are set to the following values before the execution of the instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Operand Address Value Q Tag_Output_Q M6.0 FALSE OUTWORD Tag_OutputWord MW8 W#16#FFFF OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 TRUE OUT3 MyTag_Output_3 M4.2 TRUE OUT4 MyTag_Output_4 M4.3 TRUE OUT5 MyTag_Output_5 M4.4 TRUE OUT6 MyTag_Output_6 M4.5 TRUE 3037 Programming the PLC 11.4 Instructions Parameter Operand Address Value OUT7 MyTag_Output_7 M4.6 TRUE OUT8 MyTag_Output_8 M4.7 TRUE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 TRUE OUT12 MyTag_Output_12 M5.3 TRUE OUT13 MyTag_Output_13 M5.4 TRUE OUT14 MyTag_Output_14 M5.5 TRUE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 TRUE After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Address Value OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 FALSE OUT3 MyTag_Output_3 M4.2 FALSE OUT4 MyTag_Output_4 M4.3 FALSE OUT5 MyTag_Output_5 M4.4 FALSE OUT6 MyTag_Output_6 M4.5 TRUE OUT7 MyTag_Output_7 M4.6 FALSE OUT8 MyTag_Output_8 M4.7 FALSE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 FALSE OUT12 MyTag_Output_12 M5.3 FALSE OUT13 MyTag_Output_13 M5.4 FALSE OUT14 MyTag_Output_14 M5.5 FALSE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 FALSE Q Tag_Output_Q M6.0 FALSE OUTWORD Tag_OutputWord MW8 W#16#4321 ERR_CODE Tag_ErrorCode MW10 W#16#0000 The following values are changed in the instance data block "DRUM_DB" of the instruction after the execution of the instruction: 3038 Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Address Value DSC DBB14 W#16#0002 DCC DBD16 DW#16#000000C8 See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) DCAT: Discrete control-timer alarm (S7-1500) Description You can use the "Discrete control-timer alarm" to count the time from the point at which the CMD parameter issues the command to open or close. The time is accumulated until the preset time (PT) is exceeded or the information is received that the device was opened or closed (O_FB or C_FB) within the specified time. If the preset time is exceeded before the information on the opening or closing of the device is received, the corresponding alarm is activated. If the signal state of the command input changes before the preset time, the time is restarted. The "Discrete control-timer alarm" instruction has the following reactions to the input conditions: When the signal state of the CMD parameter changes from "0" to "1", the signal states of the parameters Q, CMD_HIS, ET (only if ET is < PT) OA and CA are influenced as follows: - The Q and CMD_HIS parameters are set to "1". - The ET, OA, and CA parameters are reset to "0". When the signal state of the parameter CMD changes from "1" to "0", the parameters Q, ET (only if ET < PT), OA, CA and CMD_HIS are reset to "0". When the signal state of the CMD and CMD_HIS parameters is "1" and the parameter O_FB is set to "0", the time difference (ms) since the last execution of the instruction is added to the value at the parameter ET. If the value of the ET parameter exceeds the value of the PT parameter, the signal state at the OA parameter is set to "1". If the value of the ET parameter does not exceed the value of the PT parameter, the signal state of the OA parameter is reset to "0". The value at the parameter CMD_HIS is reset to the value of the parameter CMD. If the signal state of the CMD, CMD_HIS and O_FB parameters are set to "1" and the parameter C_FB has the value "0", the signal state of the parameter OA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the O_FB parameter changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the CMD, CMD_HIS and C_FB parameters return signal state "0", the time difference (ms) since the last execution of the instruction is added to the value of the ET parameter. If the value of the ET parameter exceeds the value of the PT parameter, the signal state of the parameter CA is reset to "1". If the value at the parameter PT is not exceeded, the parameter CA has the signal state "0". The value of the CMD_HIS parameter is set to the value of the CMD parameter. WinCC Advanced V14 System Manual, 10/2016 3039 Programming the PLC 11.4 Instructions If the parameters CMD, CMD_HIS and O_FB have the signal state "0" and the parameter C_FB is set to "1", the parameter CA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the C_FB parameter changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters O_FB and C_FB simultaneously have the signal state "1", the signal states of both alarm outputs are set to "1". The "Discrete control-timer alarm" instruction has no error information. Parameters The following table shows the parameters of the "Discrete control-timer alarm" instruction: Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output CMD Input BOOL I, Q, M, D, L or constant A signal state of "0" indicates a "close" com mand. A signal state of "1" indicates an "open" com mand. 3040 O_FB Input BOOL I, Q, M, D, L or constant Feedback input when opening C_FB Input BOOL I, Q, M, D, L or constant Feedback input when closing Q Output BOOL I, Q, M, D, L Shows the sta tus of the param eter CMD OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing ET Static DINT D, L or constant Currently elapsed time, where one count = 1 ms. PT Static DINT D, L or constant Preset timer val ue, where one clock pulse = 1 ms. PREV_TIME Static DWORD D, L or constant Previous system time CMD_HIS Static BOOL D, L or constant CMD history bit WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example the parameter CMD changes from "0" to "1". After the execution of the instruction the parameter Q is set to "1" and the two alarm outputs OA and CA have the signal state "0". The CMD_HIS parameter of the instance data block is set to the signal state "1" and the ET parameter is reset to "0". Note You can initialize static parameters in the data block. '&$7B'% '&$7 7DJ,Q (1 4 7DJB2XWSXWB4 7DJB,QSXWB&0' &0' 2$ 7DJB2XWSXWB2$ 7DJB,QSXWB2B)% 2B)% &$ 7DJB2XWSXWB&$ 7DJB,QSXWB&B)% &B)% (12 7DJ2XW The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for the input and output parameters: Parameter Operand Value CMD Tag_Input_CMD TRUE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE Q Tag_Output_Q FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#12 PT DBD8 L#222 CMD_HIS DBX16.0 FALSE After processing WinCC Advanced V14 System Manual, 10/2016 3041 Programming the PLC 11.4 Instructions The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value Q Tag_Output_Q TRUE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#0 CMD_HIS DBX16.0 TRUE See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) MCAT: Motor control-timer alarm (S7-1500) Description The "Motor control-timer alarm" instruction is used to accumulate the time from the point at which one of the command inputs (opening or closing) is switched on. The time is accumulated until the preset time is exceeded or the relevant feedback input indicates that the device has executed the requested operation within the specified time. If the preset time is exceeded before the feedback is received, the corresponding alarm is triggered. The "Motor control-timer alarm" instruction returns no error information. Execution of the "Motor control-timer alarm" instruction The following table shows the reactions of the "Motor control-timer alarm" instruction to the various input conditions: Input parameters Output parameters ET O_H IS C_H IS O_C MD C_C MD S_C MD O_F B C_F B OO CO OA CA ET O_H IS C_HI Q S Status X 1 1 X X X X X 0 0 1 1 PT 0 0 0 Alarm X X X X X X 1 1 0 0 1 1 PT 0 0 0 Alarm X X X X X 1 X X 0 0 0 0 X 0 0 1 Stop X X X 1 1 X X X 0 0 0 0 X 0 0 1 Stop X 0 X 1 0 0 X X 1 0 0 0 0 1 0 1 Start open ing <PT 1 0 X 0 0 0 X 1 0 0 0 INC 1 0 1 Open X 1 0 X 0 0 1 0 0 0 0 0 PT 1 0 1 Opened 3042 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Input parameters Output parameters >=P T 1 0 X 0 0 0 X 0 0 1 0 PT 1 0 0 Opening alarm X X 0 0 1 0 X X 0 1 0 0 0 0 1 1 Start closing <PT 0 1 0 X 0 X 0 0 1 0 0 INC 0 1 1 Close X 0 1 0 X 0 0 1 0 0 0 0 PT 0 1 1 Closed >=P T 0 1 0 X 0 X 0 0 0 0 1 PT 0 1 0 Closing alarm X 0 0 0 0 0 X X 0 0 0 0 X 0 0 1 Stopped Legend: INC Add the time difference (ms) since the last processing of the FB to ET PT PT is set to the same value as ET X Cannot be used <PT ET < PT >=PT ET >= PT If the input parameters O_HIS and C_HIS both have the signal state "1", they are immediately set to signal state "0". In this case, the last row in the table (X) mentioned above is valid. Because it is therefore no longer possible to check whether the input parameters O_HIS and C_HIS have the signal state "1", the output parameters are set as follows in this case: OO = FALSE CO = FALSE OA = FALSE CA = FALSE ET = PT Q = TRUE Parameters The following table shows the parameters of the "Motor control-timer alarm" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameters Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output O_CMD Input BOOL I, Q, M, D, L or con "Open" command input stant C_CMD Input BOOL I, Q, M, D, L or con "Close" command input stant S_CMD Input BOOL I, Q, M, D, L or con "Stop" command input stant O_FB Input BOOL I, Q, M, D, L or con Feedback input when open stant ing C_FB Input BOOL I, Q, M, D, L or con Feedback input when closing stant OO Output BOOL I, Q, M, D, L "Open" output CO Output BOOL I, Q, M, D, L "Close" output OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing 3043 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description Q Output BOOL I, Q, M, D, L A signal state of "0" indicates an error condition. ET Static DINT D, L or constant Currently elapsed time, where one clock pulse = 1 ms PT Static DINT D, L or constant Preset timer value, where one clock pulse = 1 ms PREV_TIME Static DWORD D, L or constant Previous system time O_HIS Static BOOL D, L or constant "Open" history bit C_HIS Static BOOL D, L or constant "Close" history bit Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. 0&$7B'% 0&$7 (1 22 7DJB2XWSXW2SHQ 7DJB,QSXWB2B&0' 2B&0' &2 7DJB2XWSXW&ORVHG 7DJB,QSXWB&B&0' &B&0' 2$ 7DJB2XWSXWB2$ 7DJB,QSXWB6B&0' 6B&0' &$ 7DJB2XWSXWB&$ 4 7DJB2XWSXWB4 7DJ,Q 7DJB,QSXWB2B)% 2B)% 7DJB,QSXWB&B)% &B)% 7DJ2XW (12 The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for the input and output parameters: 3044 Parameters Operand Value O_CMD Tag_Input_O_CMD TRUE C_CMD Tag_Input_C_CMD FALSE S_CMD Tag_Input_S_CMD FALSE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE OO Tag_OutputOpen FALSE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Operand Value CO Tag_OutputClosed FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q FALSE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameters Address Value ET DBD4 L#2 PT DBD8 L#22 O_HIS DBX16.0 TRUE C_HIS DBX16.1 FALSE After processing The following values are written to the output parameters after the instruction has been executed: Parameters Operand Value OO Tag_OutputOpen TRUE CO Tag_OutputClosed FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q TRUE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameters Address Value ET DBD4 L#0 O_HIS DBX16.0 TRUE CMD_HIS DBX16.1 FALSE See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 3045 Programming the PLC 11.4 Instructions IMC: Compare input bits with the bits of a mask (S7-1500) Description You can use the "Compare input bits with the bits of a mask" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bits of a mask. Up to 16 steps with masks can be programmed. The value of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. In the CMP_STEP parameter, you specify the step number of the mask that is used for the comparison. All programmed values are compared in the same manner. Unprogrammed input bits or unprogrammed bits of the mask have the default signal state FALSE. If a match is found in the comparison, the signal state of the OUT parameter is set to "1". Otherwise the OUT parameter is set to "0". If the value of the CMP_STEP parameter is greater than 15, the instruction is not executed. An error message is output at the ERR_CODE parameter. Parameters The following table shows the parameters of the "Compare input bits with the bits of a mask" instruction: 3046 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output IN_BIT0 Input BOOL I, Q, M, D, L or con Input bit 0 is compared with stant bit 0 of the mask. IN_BIT1 Input BOOL I, Q, M, D, L or con Input bit 1 is compared with stant bit 1 of the mask. IN_BIT2 Input BOOL I, Q, M, D, L or con Input bit 2 is compared with stant bit 2 of the mask. IN_BIT3 Input BOOL I, Q, M, D, L or con Input bit 3 is compared with stant bit 3 of the mask. IN_BIT4 Input BOOL I, Q, M, D, L or con Input bit 4 is compared with stant bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L or con Input bit 5 is compared with stant bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L or con Input bit 6 is compared with stant bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L or con Input bit 7 is compared with stant bit 7 of the mask. IN_BIT8 Input BOOL I, Q, M, D, L or con Input bit 8 is compared with stant bit 8 of the mask. IN_BIT9 Input BOOL I, Q, M, D, L or con Input bit 9 is compared with stant bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L or con Input bit 10 is compared with stant bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L or con Input bit 11 is compared with stant bit 11 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area IN_BIT12 Input BOOL I, Q, M, D, L or con Input bit 12 is compared with stant bit 12 of the mask. Description IN_BIT13 Input BOOL I, Q, M, D, L or con Input bit 13 is compared with stant bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L or con Input bit 14 is compared with stant bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L or con Input bit 15 is compared with stant bit 15 of the mask. CMP_STEP Input BYTE I, Q, M, D, L, P or constant The step number of the mask used for the comparison. OUT Output BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. A signal state of "0" indicates that no match was found. ERR_CODE Output WORD I, Q, M, D, L, P CMP_VAL Static ARRAY OF WORD I, Q, M, D, L or con Comparison masks [0 to 15, stant 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. Error information ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000A The value at the CMP_STEP parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 3047 Programming the PLC 11.4 Instructions SMC: Compare scan matrix (S7-1500) Description You can use the "Compare scan matrix" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bit of the comparison masks for each step. Processing starts at step 1 and is continued until the last programmed step (LAST) or until a match is found. The input bit of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. All programmed values are compared in the same manner. If a match is found, the signal state of the OUT parameter is set to "1" and the step number with the matching mask is written to the OUT_STEP parameter. Unprogrammed input bits or unprogrammed bits of the mask have the default signal state FALSE. If more than one step has a matching mask, only the first one found is indicated in the OUT_STEP parameter. If no match is found, the signal state of the OUT parameter is set to "0". In this case the value at the OUT_STEP parameter is greater by "1" than the value at the LAST parameter. Parameters The following table shows the parameters of the "Compare scan matrix" instruction: 3048 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output IN_BIT0 Input BOOL I, Q, M, D, L or con Input bit 0 is compared with stant bit 0 of the mask. IN_BIT1 Input BOOL I, Q, M, D, L or con Input bit 1 is compared with stant bit 1 of the mask. IN_BIT2 Input BOOL I, Q, M, D, L or con Input bit 2 is compared with stant bit 2 of the mask. IN_BIT3 Input BOOL I, Q, M, D, L or con Input bit 3 is compared with stant bit 3 of the mask. IN_BIT4 Input BOOL I, Q, M, D, L or con Input bit 4 is compared with stant bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L or con Input bit 5 is compared with stant bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L or con Input bit 6 is compared with stant bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L or con Input bit 7 is compared with stant bit 7 of the mask. IN_BIT8 Input BOOL I, Q, M, D, L or con Input bit 8 is compared with stant bit 8 of the mask. IN_BIT9 Input BOOL I, Q, M, D, L or con Input bit 9 is compared with stant bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L or con Input bit 10 is compared with stant bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L or con Input bit 11 is compared with stant bit 11 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area IN_BIT12 Input BOOL I, Q, M, D, L or con Input bit 12 is compared with stant bit 12 of the mask. Description IN_BIT13 Input BOOL I, Q, M, D, L or con Input bit 13 is compared with stant bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L or con Input bit 14 is compared with stant bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L or con Input bit 15 is compared with stant bit 15 of the mask. OUT Output BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. A signal state of "0" indicates that no match was found. ERR_CODE Output WORD I, Q, M, D, L, P Error information OUT_STEP Output BYTE I, Q, M, D, L, P Contains the step number with the matching mask, or the step number which is greater by "1" than the value at the LAST parameter, pro vided no match is found. LAST Static BYTE I, Q, M, D, L, P or constant Specifies the step number of the last step to be scanned for a matching mask. CMP_VAL Static ARRAY OF WORD I, Q, M, D, L or con Comparison masks [0 to 15, stant 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000E The value at the LAST parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) WinCC Advanced V14 System Manual, 10/2016 3049 Programming the PLC 11.4 Instructions LEAD_LAG: Lead and lag algorithm (S7-1500) Description You can use the "Lead and lag algorithm" instruction to process signals with an analog tag. The gain value at the GAIN parameter must be greater than zero. The result of the instruction "Lead and lag algorithm" is calculated using the following equation: 287 /*B7,0( /'B7,0(6$03/(B7 /'B7,0( ,1*$,1 35(9B287*$,1 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 35(9B,1 The "Lead and lag algorithm" instruction supplies plausible results only when processing is in fixed program cycles. The same units must be specified for the LD_TIME, LG_TIME, and SAMPLE_T parameters. At LG_TIME > 4 + SAMPLE_T, the instruction approaches the following function: OUT = GAIN * ((1 + LD_TIME * s) / (1 + LG_TIME * s)) * IN When the value of the GAIN parameter is less than or equal to zero, the calculation is not performed and an error information is output on the ERR_CODE parameter. You can use the instruction "Lead and lag algorithm" in conjunction with loops as a compensator in dynamic feed-forward control. The instruction consists of two operations. The "Lead" operation shifts the phase of the OUT output so that the output leads the input. The "Lag" operation, on the other hand, shifts the output so that the output lags behind the input. Because the "Lag" operation is equivalent to an integration, it can be used as a noise suppressor or as a low-pass filter. The "Lead" operation is equivalent to a differentiation and can therefore be used as a high-pass filter. The two instructions together (Lead and Lag) result in the output phase lagging behind the the input at lower frequencies and leading it at higher frequencies. This means that the "Lead and lag algorithm" instruction can be used as a band pass filter. Parameters The following table shows the parameters of the "Lead and lag algorithm" instruction: 3050 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input REAL I, Q, M, D, L, P or constant The input value of the current sample time (cycle time) to be processed. SAMPLE_T Input INT I, Q, M, D, L, P or constant Sample time OUT Output REAL I, Q, M, D, L, P Result of the instruction ERR_CODE Output WORD I, Q, M, D, L, P Error information LD_TIME Static REAL I, Q, M, D, L, P or constant Lead time in the same unit as sample time. LG_TIME Static REAL I, Q, M, D, L, P or constant Lag time in the same unit as sample time WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description GAIN Static REAL I, Q, M, D, L, P or constant Gain as % / % (the ratio of the change in output to a change in input as a steady state). PREV_IN Static REAL I, Q, M, D, L, P or constant Previous input PREV_OUT Static REAL I, Q, M, D, L, P or constant Previous output ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 0009 The value at the GAIN parameter is less than or equal to zero. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. /($'B/$*B'% /($'B/$* 7DJ,Q 7DJB,QSXW 7DJB,QSXWB6$03/(B7 287 (1 ,1 (55B&2'( 6$03/(B7 (12 7DJB2XWSXWB5HVXOW 7DJB(UURU&RGH 7DJ2XW The following tables show how the instruction works using specific values. Before processing In this example the following values are used for the input parameters: WinCC Advanced V14 System Manual, 10/2016 Parameters Operand Value IN Tag_Input 2.0 SAMPLE_T Tag_InputSampleTime 10 3051 Programming the PLC 11.4 Instructions The following values are saved in the "LEAD_LAG_DB" instance data block of the instruction: Parameters Address Value LD_TIME DBD12 2.0 LG_TIME DBD16 2.0 GAIN DBD20 1.0 PREV_IN DBD24 6.0 PREV_OUT DBD28 6.0 After processing The following values are written to the output parameters after the instruction has been executed: Parameters Operand Value OUT Tag_Output_Result 2.0 The following values are saved in the instance data block "LEAD_LAD_DB" of the instruction: Parameters Operand Value PREV_IN DBD24 2.0 PREV_OUT DBD28 2.0 See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SEG: Create bit pattern for seven-segment display (S7-1500) Description The instruction "Create bit pattern for seven-segment display" is used to convert each of the four hexadecimal digits of the specified source word (IN) into an equivalent bit pattern for a seven-segment display. The result of the instruction is output in the double word on the OUT parameter. 3052 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following relation exists between the hexadecimal digits and the assignment of the 7 segments (a, b, c, d, e, f, g): Input digit (Binary) Assignment of the segments 0000 00111111 0 0001 00000110 1 0010 01011011 2 0011 01001111 3 0100 01100110 4 0101 01101101 5 0110 01111101 6 0111 00000111 7 1000 01111111 8 1001 01100111 9 1010 01110111 A 1011 01111100 B 1100 00111001 C 1101 01011110 D 1110 01111001 E 1111 01110001 F gfedcba Display Seven-segment display (Hexadecimal) D E I J H F G Parameters The following table shows the parameters of the "Create bit pattern for seven-segment display" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output IN Input WORD I, Q, M, D, L, P or constant Source word with four hexa decimal digits OUT Output DWORD I, Q, M, D, L, P Bit pattern for the seven-seg ment display 3053 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: 6(* 7DJ,Q 7DJB,QSXW (1 287 7DJB2XWSXW ,1 (12 7DJ2XW The following table shows how the instruction functions using specific values: Parameters Operand Value Hexadecimal Binary IN Tag_Input W#16#1234 0001 0010 0011 0100 OUT Tag_Output DW#16065B4F66 00000110 01011011 01001111 01100110 Display: 1234 See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) BCDCPL: Create tens complement (S7-1500) Description You can use the "Create tens complement" instruction to create the tens complement of a seven-digit BCD number specified in the IN parameter. This instruction uses the following mathematical formula to calculate: 10000000 (as BCD) - 7-digit BCD value ---------------------------------------Tens complement (as BCD) Parameters The following table shows the parameters of the "Create tens complement" instruction: 3054 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description IN Input Bit strings I, Q, M, D, L, P or constant 7-digit BCD number ERR_CODE Output DWORD I, Q, M, D, L, P Result of the instruction Example The following example shows how the instruction works: %&'&3/ 7DJ,Q 7DJB,QSXW (1 7DJB2XWSXW (55B&2'( ,1 7DJ2XW (12 The following table shows how the instruction functions using specific values: Parameter Operand Value* IN Tag_Input DW#16#01234567 ERR_CODE Tag_Output DW#16#08765433 *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) BITSUM: Count number of set bits (S7-1500) Description The "Count number of set bits" instruction is used to count the number of bits of an operand that is set to the signal state "1". The operand whose bits are to be counted is specified on the IN parameter. The result of the instruction is output at the RET_VAL parameter. Parameters The following table shows the parameters of the "Count number of set bits" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description EN Input BOOL I, Q, M, D, L, T, C Enable input ENO Output BOOL I, Q, M, D, L Enable output 3055 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description IN Input DWORD I, Q, M, D, L, P or constant Operand whose set bits are counted. RET_VAL Output INT I, Q, M, D, L, P Number of bits to be set Example The following example shows how the instruction works: %,7680 7DJ,Q 7DJB,QSXW (1 ,1 5(7B9$/ (12 7DJB2XWSXW 7DJ2XW The following table shows how the instruction functions using specific values: Parameter Operand Value* IN Tag_Input DW#16#12345678 RET_VAL Tag_Output W#16#000D (13 Bits) *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) Basic information on FBD (Page 4693) SCL (S7-1200, S7-1500) Bit logic operations (S7-1200, S7-1500) R_TRIG: Detect positive signal edge (S7-1200, S7-1500) Description With the "Detect positive signal edge" instruction, you can detect a state change from "0" to "1" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "0" to "1", a positive signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". 3056 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Detect positive signal edge" instruction: SCL <Instance>(CLK := <Operand>, Q => <operand>) Parameters The following table shows the parameters of the "Detect positive signal edge" instruction: Parameter Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Incoming signal, the edge of which is to be queried Q Output BOOL I, Q, M, D, L Result of edge evaluation Example The following example shows how the instruction works: SCL "R_TRIG_DB"(CLK := "TagIn", Q => "TagOut"); The previous state of the tag at the CLK input is stored in the "R_TRIG_DB" tag. If a change is the signal state from "0" to "1" is detected in the "TagIn_1" and "TagIn_2" operands or in the "TagIn_3" operand, the "TagOut_Q" output has signal state "1" for one cycle. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) F_TRIG: Detect negative signal edge (S7-1200, S7-1500) Description With the "Detect negative signal edge" instruction, you can detect a state change from "1" to "0" at the CLK input. The instruction compares the current value at the CLK input with the state of the previous query (edge memory bit) that is saved in the specified instance. If the instruction detects a state change at the CLK input from "1" to "0", a negative signal edge is generated at the Q output, i.e., the output has the value TRUE or "1" for exactly one cycle. In all other cases, the signal state at the output of the instruction is "0". WinCC Advanced V14 System Manual, 10/2016 3057 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Detect negative signal edge" instruction: SCL <Instance>(CLK := <Operand>, Q => <operand>) Parameters The following table shows the parameters of the "Detect negative signal edge" instruction: Parameter Declaration Data type Memory area Description CLK Input BOOL I, Q, M, D, L Incoming signal, the edge of which is to be queried Q Output BOOL I, Q, M, D, L Result of edge eval uation Example The following example shows how the instruction works: SCL "F_TRIG_DB"(CLK := "TagIn", Q => "TagOut"); The previous state of the tag at the CLK input is stored in the "F_TRIG_DB" tag. If a change in the signal state from "1" to "0" is detected in the "TagIn" operand, the "TagOut" output has signal state "1". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) Timer operations (S7-1200, S7-1500) Calling IEC timers (S7-1200, S7-1500) Description You have the option of declaring the IEC timer as single or multiple instance and calling it in the program code. The following syntax options are available for the declaration of an IEC timer as multi-instance within a structure in the block interface: 3058 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions IEC timer as ARRAY element Declaration in the block interface: Program code: SCL #MyARRAY[1].TOF(IN := <Operand>, PT := <Operand>) Declaration in the block interface: Program code: SCL #MyARRAY[#index](IN := <Operand>, PT := <Operand>) IEC timer within an anonymous structure Declaration in the block interface: Program code: SCL #MyStruct.FirstTime.TOF(IN := <Operand>, PT := <Operand>) Declaration in the block interface: WinCC Advanced V14 System Manual, 10/2016 3059 Programming the PLC 11.4 Instructions Program code: SCL #MyStruct.FirstTime(IN := <Operand>, PT := <Operand>) IEC timer in the global data block Declaration in the data block: Program code: SCL "MyGlobalDB".Timer.FirstTime.TOF(IN := <Operand>, PT := <Operand>) Declaration in the data block: Program code: SCL "MyGlobalDB".Timer.SecondTime(IN := <Operand>, PT := <Operand>) 3060 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions IEC timer as elements in the block interface Declaration in the block interface: Program code: SCL #Timer.FirstTime.TOF(IN := <Operand>, PT := <Operand>) Declaration in the block interface: Program code: SCL #Timer.SecondTime(IN := <Operand>, PT := <Operand>) IEC timer within an ARRAY DB Declaration in the ARRAY DB: Program code: SCL "MyARRAYDB"."THIS"[0].FirstTime.TOF(IN := <Operand>, PT := <Operand>) Declaration in the ARRAY DB: WinCC Advanced V14 System Manual, 10/2016 3061 Programming the PLC 11.4 Instructions Program code: SCL "MyARRAYDB"."THIS"[0].SecondTime(IN := <Operand>, PT := <Operand>) See also Using IEC timers and counters (Page 2118) TP: Generate pulse (S7-1200, S7-1500) Description You can use the "Generate pulse" instruction to set the parameter Q for a programmed duration. The instruction is started when the result of logic operation (RLO) of the IN parameter changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. The Q parameter is set for the time PT, regardless of the subsequent changes in the input signal. Even when a new positive signal edge is detected, the signal state of the Q parameter is not affected as long as the time duration PT is active. You can query the current time value set in the ET parameter. The timer value starts at T#0s and ends when the value of the time duration PT is reached. When the time duration PT is reached and the signal state at the IN parameter is "0", the ET parameter is reset. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. Each call of the "Generate pulse" instruction must be assigned to an IEC timer in which the instruction data is stored. The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. 3062 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For CPUs of the S7-1200 series An IEC timer is a structure of the data type IEC_TIMER or TP_TIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TP_TIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) For CPUs of the S7-1500 series An IEC Timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TP_TIME or TP_LTIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_LTIMER_DB") Declaration as local tag of the data type TP_TIME or TP_LTIME in the "Static" section of a program block (for example, #MyIEC_LTIMER_Instance) Syntax The following syntax is used for the "Generate pulse" instruction: Instance data block of system data type IEC_<Timer> (Shared DB): SCL <IEC_Timer_DB>.TP(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_Timer(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC timers (Page 3058) WinCC Advanced V14 System Manual, 10/2016 3063 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input BOOL BOOL I, Q, M, D, L, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L, P Duration of the pulse. The value of the PT parame ter must be pos itive. Q Output BOOL BOOL I, Q, M, D, L, P Operand that is set for the PT duration. ET Output TIME TIME, LTIME I, Q, M, D, L, P Current timer value Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate pulse" instruction: ,1 4 37 37 37 (7 37 Example The following example shows how the instruction works: SCL "TP_DB".TP(IN := "Tag_Start", PT := "Tag_PresetTime", Q => "Tag_Status", ET => "Tag_ElapsedTime"); 3064 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started and the "Tag_Status" operand is set to "1". The current time value is stored in the "Tag_ElapsedTime" operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) TON: Generate on-delay (S7-1200, S7-1500) Description You can use the "Generate on-delay" instruction to delay the setting of the Q parameter for the programmed duration PT. The instruction is started when the result of logic operation (RLO) of the IN parameter changes from "0" to "1" (positive signal edge). The programmed time PT begins when the instruction starts. When the time PT has elapsed, the Q parameter has the signal state "1". The Q parameter remains set as long as the start input is still "1". If the signal state of the IN parameter changes from "1" to "0", the parameter Q will be reset. The timer function is restarted when a new positive signal edge is detected at the IN parameter. The current time value can be queried in the ET parameter. The time value starts at T#0s and ends when the value of the time duration PT is reached. The ET parameter is reset as soon as the signal state of the IN parameter changes to "0". Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. Each call of the "Generate on-delay" instruction must be assigned to an IEC timer in which the instruction data is stored. The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. For CPUs of the S7-1200 series An IEC timer is a structure of the data type IEC_TIMER or TON_TIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TON_TIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) WinCC Advanced V14 System Manual, 10/2016 3065 Programming the PLC 11.4 Instructions For CPUs of the S7-1500 series An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TON_TIME or TON_LTIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TON_TIME or TON_LTIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) Syntax The following syntax is used for the "Generate on-delay" instruction: Instance data block of system data type IEC_<Timer> (Shared DB): SCL <IEC_Timer_DB> TON(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_timer(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC timers (Page 3058) The syntax of the instruction consists of the following parts: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input BOOL BOOL I, Q, M, D, L, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L, P Duration of the on delay. The value of the PT parame ter must be pos itive. 3066 Q Output BOOL BOOL I, Q, M, D, L, P Operand that is set when the timer PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L, P Current time value WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Generate on-delay" instruction: ,1 4 37 37 (7 37 Example The following example shows how the instruction works: SCL "TON_DB".TON(IN := "Tag_Start", PT := "Tag_PresetTime", Q => "Tag_Status", ET => "Tag_ElapsedTime"); When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. When the time duration expires, the "Tag_Status" operand is set to the signal state "1". The Tag_Status operand remains set to "1" as long as the Tag_Start operand has signal state "1". The current time value is stored in the "Tag_ElapsedTime" operand. When the signal state at the operand "Tag_Start" changes from "1" to "0", the "Tag_Status" operand is reset. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3067 Programming the PLC 11.4 Instructions TOF: Generate off-delay (S7-1200, S7-1500) Description You can use the "Generate off-delay" instruction to delay the resetting of the Q parameter for the programmed duration PT. The Q parameter is set when the result of logic operation (RLO) of the IN parameter changes from "0" to "1" (positive signal edge). When the signal state at the IN parameter changes back to "0", the programmed time PT starts. The Q parameter remains set as long as time PT is running. When the time PT expires, the Q parameter is reset. If the signal state of the IN parameter changes to "1" before time PT expires, the timer is reset. The signal state of the Q parameter remains set to "1". The current time value can be queried in the ET parameter. The timer value starts at T#0s and ends when the value of the time duration PT is reached. When the time duration PT expires, the ET parameter remains set to the current value until the IN parameter changes back to "1". If the IN parameter changes to "1" before the time PT has expired, the ET parameter is reset to the value T#0s. Note If the timer is not called in the program because it is skipped, for example, output ET returns a constant value as soon as the timer has expired. Each call of the "Generate off-delay" instruction must be assigned to an IEC Timer in which the instruction data is stored. The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. For CPUs of the S7-1200 series An IEC timer is a structure of the data type IEC_TIMER or TOF_TIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TOF_TIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) For CPUs of the S7-1500 series An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TOF_TIME or TOF_LTIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TOF_TIME or TOF_LTIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) 3068 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Generate off-delay" instruction: Instance data block of system data type IEC_<Timer> (Shared DB): SCL <IEC_Timer_DB>.TOF(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_Timer(IN := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC timers (Page 3058) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description S7-1200 S7-1500 IN Input BOOL BOOL I, Q, M, D, L, P Start input PT Input TIME TIME, LTIME I, Q, M, D, L, P Duration of the off delay. The value of the PT parame ter must be pos itive. WinCC Advanced V14 System Manual, 10/2016 Q Output BOOL BOOL I, Q, M, D, L, P Operand that is reset when the time PT ex pires. ET Output TIME TIME, LTIME I, Q, M, D, L, P Current time value 3069 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse diagram of the "Generate off-delay" instruction: ,1 4 37 37 (7 37 Example The following example shows how the instruction works: SCL "TOF_DB".TOF(IN := "Tag_Start", PT := "Tag_PresetTime", Q => "Tag_Status", ET => "Tag_ElapsedTime"); With a change in the signal state of the "Tag_Start" operand from "0" to "1", the "Tag_Status" operand is set. When the signal state of the "Tag_Start" operand changes from "1" to "0", the time programmed for the PT parameter is started. As long as the time is running, the "Tag_Status" operand remains set. When the time has expired, the "Tag_Status" operand is reset. The current time value is stored in the "Tag_ElapsedTime" operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) 3070 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TONR: Time accumulator (S7-1200, S7-1500) Description The instruction "Time accumulator" is used to accumulate time values within a period set by the parameter PT. When the signal state of the IN parameter changes to "1", the instruction executes and the time duration PT starts. While the time duration PT is running, the time values that are recorded when the IN parameter has signal state "1" are accumulated. The accumulated time is output in the ET parameter and can be queried there. When the time duration PT is reached, the Q parameter has signal state "1". The Q parameter remains set to "1", even when the signal state at the IN parameter changes to "0". The R parameter resets the ET and Q parameters regardless of the signal state at the IN parameter. Each call of the "Time accumulator" instruction must be assigned an IEC timer in which the instruction data is stored. The instruction data is updated in the following cases: When the instruction is called, if the ET or Q outputs are interconnected. If the outputs are not interconnected, the current time value at output ET is not updated. At an access to the Q or ET outputs. For CPUs of the S7-1200 series An IEC Timer is a structure of the data type IEC_TIMER or TONR_TIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TONR_TIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) For CPUs of the S7-1500 series An IEC timer is a structure of the data type IEC_TIMER, IEC_LTIMER, TONR_TIME or TONR_LTIME that you can declare as follows: Declaration of an instance data block of system data type IEC_TIMER or IEC_LTIMER (for example, "MyIEC_TIMER_DB") Declaration as local tag of the data type TONR_TIME or TONR_LTIME in the "Static" section of a program block (for example, #MyIEC_TIMER_Instance) Syntax The following syntax is used for the "Time accumulator" instruction: Instance data block of system data type IEC_<Timer> (Shared DB): SCL <IEC_Timer_DB>.TONR(IN := <Operand>, WinCC Advanced V14 System Manual, 10/2016 3071 Programming the PLC 11.4 Instructions SCL R := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_Timer(IN := <Operand>, R := <Operand>, PT := <Operand>, Q => <Operand>, ET => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC timers (Page 3058) The syntax of the instruction consists of the following parts: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description IN Input BOOL BOOL I, Q, M, D, L, P Start input R Input BOOL BOOL I, Q, M, D, L, P Reset of the ET and Q parame ters PT Input TIME TIME, LTIME I, Q, M, D, L, P Maximum dura tion of time re cording. The value of the PT parame ter must be pos itive. 3072 Q Output BOOL BOOL I, Q, M, D, L, P Operand that remains set when the timer PT has expired. ET Output TIME TIME, LTIME I, Q, M, D, L, P Accumulated time WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Time accumulator" instruction: ,1 5 4 37 (7 Example The following example shows how the instruction works: SCL "TONR_DB".TONR(IN := "Tag_Start", R := "Tag_Reset", PT := "Tag_PresetTime", Q => "Tag_Status", ET => "Tag_Time"); When the signal state of the "Tag_Start" operand changes from "0" to "1", the time programmed for the PT parameter is started. While the time is running, the time values are accumulated that are recorded when the "Tag_Start" operand has signal state "1". The accumulated time is stored in the "Tag_Time" operand. When the time value specified for the PT parameter is reached, the "Tag_Status" operand is set to the signal state "1". The current time value is stored in the "Tag_Time" operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3073 Programming the PLC 11.4 Instructions RESET_TIMER: Reset timer (S7-1200, S7-1500) Description You can use the "Reset timer" instruction to reset an IEC timer to "0". The structure components of the timer in the specified data block are reset to "0". The instruction does not influence the RLO. At the TIMER parameter, the "Reset timer" instruction is assigned an IEC timer declared in the program. The instruction must be programmed in an IF instruction. The instruction data is updated only when the instruction is called and not each time the assigned IEC timer is accessed. Querying the data is only identical from the call of the instruction to the next call of the instruction. Syntax Use the following syntax for the "Reset timer" instruction: SCL RESET_TIMER(TIMER := <IEC timer>) Parameters The following table shows the parameters of the "Reset timer" instruction: Parameter Declaration <IEC timer> Output Data type Memory area S7-1200 S7-1500 IEC_TIM ER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIM D, L ER, IEC_LTI MER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME , TOF_TIME, TOF_LTIME, Description IEC timer that is reset TONR_TIME , TONR_LTIM E Example The following example shows how the instruction works: SCL IF #started = false THEN "TON_DB".TON(IN := "Tag_Start", PT := "Tag_PresetTime", 3074 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL Q => "Tag_Status", ET => "Tag_ElapsedTime"); #started := true; END_IF; IF "TON_DB".ET < T#25s THEN "RESET_TIMER".(TIMER := "TON_DB", #started := false; END_IF; When the tag #started has the signal state "0", the instruction "Generate on-delay" is executed when there is positive signal edge on the operand "Tag_Start". The IEC timer stored in the instance data block "TON_DB" is started with the time duration that is specified by the operand "Tag_PresetTime". The operand "Tag_Status" is set if the time duration specified by the operand "Tag_PresetTime" has expired. The parameter Q remains set as long as the operand "Tag_Start" still has the signal state "1". When the signal state of the start input changes from "1" to "0", the operand on the Q parameter is reset. If the expired time of the IEC timer "TON_DB" is less than 25s, the "Reset timer" instruction is executed and the timer stored in the "TON_DB" instance data block is reset. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) PRESET_TIMER: Load time duration (S7-1200, S7-1500) Description You can use the "Load time duration" instruction to set the time for an IEC timer. The instruction is executed in every cycle when the result of logic operation (RLO) at the input of the instruction has the signal state "1". The instruction writes the specified time to the structure of the specified IEC timer. Note If the specified IEC timer is running while the instruction executes, the instruction overwrites the current time of the specified IEC timer. This can change the timer status of the IEC timer. You assign an IEC timer declared in the program to the "Load time duration" instruction. The instruction data is updated only when the instruction is called and each time the assigned IEC timer is accessed. The query on Q or ET (for example, "MyTimer".Q or "MyTimer".ET) updates the IEC_TIMER structure. WinCC Advanced V14 System Manual, 10/2016 3075 Programming the PLC 11.4 Instructions Syntax Use the following syntax for the "Load time duration" instruction: SCL PRESET_TIMER(PT := <Operand>, TIMER := <IEC timer) Parameter The following table shows the parameters of the "Load time duration" instruction: Parameter Declaration Data type Memory area Description I, Q, M, D, L Duration with which the IEC timer runs. S7-1200 S7-1500 <Time duration> Input TIME TIME, LTIME <IEC timer> IEC_TIM ER, TP_TIME, TON_TIME, TOF_TIME, TONR_TIME IEC_TIM D, L ER, IEC_LTI MER, TP_TIME, TP_LTIME, TON_TIME, TON_LTIME , TOF_TIME, TOF_LTIME, Output IEC timer whose duration of which is set. TONR_TIME , TONR_LTIM E Example The following example shows how the instruction works: SCL IF #started = false THEN "TON_DB".TON(IN := "Tag_Start", PT := "Tag_PresetTime", Q => "Tag_Status", ET => "Tag_ElapsedTime"); #started := true; #preset = true END_IF; IF "TON_DB".ET < T#10s AND #preset = true THEN PRESET_TIMER(PT := T#25s, 3076 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL TIMER := "TON_DB"); #preset := false; END_IF; When the tag #started has the signal state "0" and the operand "Tag_Start" has a positive signal edge, the instruction "Generate on-delay" is executed. The IEC timer stored in the instance data block "TON_DB" is started with the time duration that is specified by the operand "Tag_PresetTime". The operand "Tag_Status" is set if the time duration PT specified by the operand "Tag_PresetTime" has expired. The parameter Q remains set as long as the operand "Tag_Start" still has the signal state "1". When the signal state of the start input changes from "1" to "0", the operand on the Q parameter is reset. The instruction "Load time duration" is executed when the expired time of the IEC timer "TON_DB" is less than 10s and the tag #preset has the signal state "1". The instruction writes the time duration that is specified at the parameter PT in the instance data block "TON_DB", thereby overwriting the time value of the operand "Tag_PresetTime" within the instance data block. The signal state of the timer status may therefore change at the next query or when "TON_DB".Q or "TON_DB".ET are accessed. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) Legacy (S7-1500) S_PULSE: Assign pulse timer parameters and start (S7-1500) Description The "Assign pulse timer parameters and start" instruction starts the time programmed in the T_NO parameter when a change from "0" to "1" (positive signal edge) is detected in the result of logic operation (RLO) of the S parameter. The timer runs for the programmed time (TV) as long as the signal state of the S parameter is "1". When the signal state of the S parameter changes to "0" before the programmed time has expired, the timer is stopped and the Q parameter is reset to "0". Internally, the time is made up of a time value and a time base and is programmed in the TV parameter. When the instruction starts, the programmed time value counts down to zero. The time base specifies the time increment by which the time value changes. The current time value is provided at the parameter BI. If the timer is running and the signal state at input R changes to "1" then the current time value and the time base are also set to zero. If the timer is not running, the signal state "1" at the R input has no effect. Parameter Q returns signal state "1" as long as the timer is running and the signal state at parameter S is "1". When the signal state of the S parameter changes to "0" before the WinCC Advanced V14 System Manual, 10/2016 3077 Programming the PLC 11.4 Instructions programmed time has expired, the Q parameter returns signal state "0". If the timer is reset by parameter R or if the timer has expired then parameter Q also returns signal state "0". The instruction data is updated with each access. It is therefore possible that the query of the data at the start of the cycle returns different values from those at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Syntax Use the following syntax for the "Assign pulse timer parameters and start" instruction: SCL S_PULSE(T_NO := <operand>, S := <operand>, TV := <operand>, R := <operand>, Q => <operand>, BI => <operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description T_NO Input TIMER, INT T The timer that is started. The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L Preset time value R Input BOOL I, Q, M, D, L, P Reset input Q Output BOOL I, Q, M, D, L, P Status of the timer BI Output WORD I, Q, M, D, L, P Current dual-coded timer val ue S5TIME I, Q, M, D, L Current timer value Function value For additional information on valid data types, refer to "See also". 3078 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign pulse timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: SCL "Tag_Result" := S_PULSE(T_NO := "Timer_1", S := "Tag_1", TV := "Tag_Number", R := "Tag_Reset", Q := "Tag_Status", BI := "Tag_Value"); "Timer_1" starts when the signal state of the "Tag_1" operand changes from "0" to "1". The timer counts down with the time value of the operand "Tag_Number" until operand "Tag_1" returns signal state "1". If the signal state at the S parameter changes to "0" before the programmed time has elapsed, the "Tag_Status" operand is reset to "0". If the timer is reset by the R parameter or if the timer has expired, the "Tag_Status" operand also returns signal state "0". WinCC Advanced V14 System Manual, 10/2016 3079 Programming the PLC 11.4 Instructions The current time value is stored both dual-coded at the "Tag_Value" operand and returned as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) S_PEXT: Assign extended pulse timer parameters and start (S7-1500) Description The "Assign extended pulse timer parameters and start" instruction starts a programmed timer when a positive signal edge is detected at the S parameter. The timer runs for the programmed time (TV) even if the signal state at the S parameter changes to "0". As long as the timer runs, parameter Q returns the signal state "1". When the timer has expired, parameter Q is reset to "0". If the signal state at the S parameter changes from "0" to "1" while the timer is running, the timer is restarted with the time programmed in the TV parameter. Internally, the time is made up of a time value and a time base and is programmed in the TV parameter. When the instruction starts, the programmed time value counts down to zero. The time base specifies the time increment by which the time value changes. The current time value is provided at the parameter BI. If the timer is running and the signal state at parameter R changes to "1" then the current time value and the time base are also set to zero. If the timer is not running then signal state "1" at parameter R has no effect. The instruction data is updated with each access. It is therefore possible that the query of the data at the start of the cycle returns different values from those at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". 3080 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax Use the following syntax for the "Assign extended pulse timer parameters and start" instruction: SCL S_PEXT(T_NO := <Operand>, S := <Operand>, TV := <Operand>, R := <Operand>, Q => <Operand>, BI =><Operand>) The syntax of the instruction consists of the following parts: Parameter Declara tion Data type Memory area Description T_NO Input TIMER, INT T The timer that is started. The number of timers depends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L Preset time value R Input BOOL I, Q, M, D, L, P Reset input Q Output BOOL I, Q, M, D, L, P Status of the timer BI Output WORD I, Q, M, D, L, P Current dual-coded timer value S5TIME I, Q, M, D, L Function value Current time value For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3081 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign extended pulse timer parameters and start" instruction: W W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: SCL "Tag_Result" := S_PEXT(T_NO := "Timer_1", S := "Tag_1", TV := "Tag_Number", R := "Tag_Reset", Q := "Tag_Status", BI := "Tag_Value"); "Timer_1" starts when the signal state of the "Tag_1" operand changes from "0" to "1". As long as the timer runs, operand "Tag_Status" returns the signal state "1". When the timer has expired, operand "Tag_Status" is reset to "0". If the signal state at the S input changes from "0" to "1" while the timer is running, the timer is restarted with the time "Tag_Number". The current time value is stored both dual-coded at the "Tag_Value" operand and returned as a function value. 3082 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) S_ODT: Assign on-delay timer parameters and start (S7-1500) Description The "Assign on-delay timer parameters and start" instruction starts a programmed timer as ondelay when a positive signal edge is detected at the S parameter. The timer runs for the programmed time (TV) as long as the signal state of the S parameter is "1". If the timer expires correctly and parameter S still has signal state "1" then parameter Q returns signal state "1". If the signal state at the S parameter changes from "1" to "0" while the timer is running, the timer is stopped. In this case, output Q is reset to signal state "0". Internally, the time is made up of a time value and a time base and is programmed in the TV parameter. When the instruction starts, the programmed time value counts down to zero. The time base specifies the time increment by which the time value changes. The current time value is provided at the parameter BI. If the time is running and the signal state at input R changes from "0" to "1" then the current time value and the time base are also set to zero. In this case, the signal state at parameter Q is "0". The timer is reset if the signal state at the R parameter is "1", even if the timer is not running and the result of logic operation (RLO) at the S parameter is "1". The instruction data is updated with each access. It is therefore possible that the query of the data at the start of the cycle returns different values from those at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Syntax Use the following syntax for the "Assign on-delay timer parameters and start" instruction: SCL S_ODT(T_NO := <Operand>, S := <Operand>, TV := <Operand>, R := <Operand>, Q => <Operand>, BI =><Operand>) WinCC Advanced V14 System Manual, 10/2016 3083 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declara tion Data type Memory area Description T_NO Input TIMER, INT T The timer that is started. The number of timers depends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L Preset time value R Input BOOL I, Q, M, D, L, P Reset input Q Output BOOL I, Q, M, D, L, P Status of the timer BI Output WORD I, Q, M, D, L, P Current dual-coded timer value S5TIME I, Q, M, D, L Current time value Function value For additional information on valid data types, refer to "See also". Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign on-delay timer parameters and start" instruction: W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH 3084 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := S_ODT(T_NO := "Timer_1", S := "Tag_1", TV := "Tag_Number", R := "Tag_Reset", Q := "Tag_Status", BI := "Tag_Value"); "Timer_1" starts when the signal state of the "Tag_1" operand changes from "0" to "1". The timer runs for the duration "Tag_Number" as long as the signal state of operand "Tag_1" is "1". If the timer expires correctly and operand "Tag_Status" has signal state "1" then operand "Tag_Status" is reset to "1". If the signal state of the "Tag_1" operand changes from "1" to "0" while the timer is running, the timer is stopped. In this case, operand "Tag_Status" returns signal state "0". The current time value is stored both dual-coded at the "Tag_Value" operand and returned as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) S_ODTS: Assign retentive on-delay timer parameters and start (S7-1500) Description The "Assign retentive on-delay timer parameters and start" instruction starts a programmed timer when a positive signal edge is detected at the S parameter. The timer runs for the programmed time (TV) even if the signal state at the S parameter changes to "0". If the timer expires, the Q parameter returns signal state "1" regardless of the signal state of the S parameter. If the signal state at the S parameter changes from "0" to "1" while the timer is running, the timer is restarted with the programmed time TV. Internally, the time is made up of a time value and a time base and is programmed in the TV parameter. When the instruction starts, the programmed time value counts down to zero. The time base specifies the time increment by which the time value changes. The current time value is provided at the parameter BI. Signal state "1" at parameter R resets the current time value and time base to "0", independent of the signal state at parameter S. In this case, the signal state at parameter Q is "0". WinCC Advanced V14 System Manual, 10/2016 3085 Programming the PLC 11.4 Instructions The instruction data is updated with each access. It is therefore possible that the query of the data at the start of the cycle returns different values from those at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be formed under: See also "L: Load timer value". Syntax Use the following syntax for the "Assign retentive on-delay timer parameters and start" instruction: SCL S_ODTS(T_NO := <Operand>, S := <Operand>, TV := <Operand>, R := <Operand>, Q => <Operand>, BI =><Operand>) The syntax of the instruction consists of the following parts: Parameter Declara tion Data type Memory area Description T_NO Input TIMER, INT T The timer that is started. The number of timers de pends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L Preset time value R Input BOOL I, Q, M, D, L, P Reset input Q Output BOOL I, Q, M, D, L, P Status of the timer BI Output WORD I, Q, M, D, L, P Current dual-coded timer val ue S5TIME I, Q, M, D, L Current time value Function value For additional information on valid data types, refer to "See also". 3086 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign retentive on-delay timer parameters and start" instruction: W W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH Example The following example shows how the instruction works: SCL "Tag_Result" := S_ODTS(T_NO := "Timer_1", S := "Tag_1", TV := "Tag_Number", R := "Tag_Reset", Q := "Tag_Status", BI := "Tag_Value"); "Timer_1" starts when the signal state of the "Tag_1" operand changes from "0" to "1". The timer runs for the duration "Tag_Number". If the timer expires, operand "Tag_Status" returns signal state "1" independent of the signal state of operand "Tag_1". If the signal state of the "Tag_1" operand changes from "0" to "1" while the timer is running, the timer is restarted with the time "Tag_Number". The current time value is stored both dual-coded at the "Tag_Value" operand and returned as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) WinCC Advanced V14 System Manual, 10/2016 3087 Programming the PLC 11.4 Instructions S_OFFDT: Assign off-delay timer parameters and start (S7-1500) Description The "Assign off-delay timer parameters and start" instruction starts a programmed timer when a negative signal edge is detected at the S parameter. The timer runs for the programmed time (TV). As long as the timer is running or parameter S returns signal state "1", then parameter Q has signal state "1". If the timer expires and the signal state is "0" then parameter Q is reset to signal state "0". If the signal state at parameter S changes from "0" to "1" while the timer is running, the timer is stopped. The timer is only restarted after a falling signal edge is detected at parameter S. Internally, the time is made up of a time value and a time base and is programmed in the TV parameter. When the instruction is started, the programmed timer value is counted down towards zero. The time base indicates the time period with which the time value is changed. The current time value is provided at the parameter BI. Signal state "1" at parameter R resets the current time value and time base to "0". In this case, the signal state at parameter Q is "0". The instruction data is updated with each access. It is therefore possible that the query of the data at the start of the cycle returns different values from those at the end of the cycle. Note In the time cell, the operating system reduces the time value in an interval specified by the time base by one unit until the value equals "0". The decrementation is performed asynchronously to the user program. The resulting timer is therefore at maximum up to one time interval shorter than the desired time base. You can find an example of how a time cell can be structured under: See also "L: Load timer value". Syntax Use the following syntax for the "Assign off-delay timer parameters and start" instruction: SCL S_OFFDT(T_NO := <Operand>, S := <Operand>, TV := <Operand>, R := <Operand>, Q => <Operand>, BI =><Operand>) 3088 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declara tion Data type Memory area Description T_NO Input TIMER, INT T Timer which is started. The number of timers depends on the CPU. S Input BOOL I, Q, M, D, L Start input TV Input S5TIME, WORD I, Q, M, D, L Preset time value R Input BOOL I, Q, M, D, L, P Reset input Q Output BOOL I, Q, M, D, L, P Status of the timer BI Output WORD I, Q, M, D, L, P Current dual-coded timer value S5TIME I, Q, M, D, L Current time value Function value You can find additional information on valid data types under "See also". Pulse timing diagram The following figure shows the pulse timing diagram of the "Assign off-delay timer parameters and start" instruction: W W W W 5/2DWLQSXW6 5/2DWLQSXW5 7LPHUXQQLQJ 4XHU\ 4XHU\ W SURJUDPPHGWLPH WinCC Advanced V14 System Manual, 10/2016 3089 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := S_OFFDT(T_NO := "Timer_1", S := "Tag_1", TV := "Tag_Number", R := "Tag_Reset", Q := "Tag_Status", BI := "Tag_Value"); The timer "Timer_1" is started when the signal state of the operand "Tag_1" changes from "1" to "0". The timer runs for the duration "Tag_Number". As long as the timer is running or operand "Tag_1" returns signal state "1", then operand "Tag_Status" has signal state "1". If the timer expires and the signal state of operand "Tag_1" is "0" then operand "Tag_Status" is reset to signal state "0". If the signal state of the "Tag_1" operand changes from "0" to "1" while the timer is running, the timer is reset. The timer is only restarted after a falling edge is detected at parameter S. The current time value is stored both dual-coded at the "Tag_Value" operand and returned as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Counter operations (S7-1200, S7-1500) Calling IEC counters (S7-1200, S7-1500) Description You have the option of declaring the IEC counter as single or multiple instance and calling it in the program code. The following syntax options are available for the declaration of an IEC counter as multiinstance within a structure in the block interface: IEC counter as ARRAY element Declaration in the block interface: 3090 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Program code: SCL #MyARRAY[1].CTU(CU := <Operand>, PV := <Operand>) Declaration in the block interface: Program code: SCL #MyARRAY[#index](CU := <Operand>, PV := <Operand>) IEC counter within an anonymous structure Declaration in the block interface: Program code: SCL #MyStruct.FirstTime.CTU(CU := <Operand>, PV := <Operand>) Declaration in the block interface: WinCC Advanced V14 System Manual, 10/2016 3091 Programming the PLC 11.4 Instructions Program code: SCL #MyStruct.FirstTime(CU := <Operand>, PV := <Operand>) IEC counter in the global data block Declaration in the data block: Program code: SCL "MyGlobalDB".Counter.FirstCount.CTU(CU := <Operand>, PV := <Operand>) Declaration in the data block: Program code: SCL "MyGlobalDB".Counter.SecondCount(CU := <Operand>, PV := <Operand>) 3092 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions IEC counter as element in the block interface Declaration in the block interface: Program code: SCL #Counter.FirstCount.CTU(CU := <Operand>, PV := <Operand>) Declaration in the block interface: Program code: SCL #Counter.SecondCount(CU := <Operand>, PV := <Operand>) WinCC Advanced V14 System Manual, 10/2016 3093 Programming the PLC 11.4 Instructions IEC counter within an ARRAY DB Declaration in the ARRAY DB: Program code: SCL "MyARRAYDB"."THIS"[0].FirstCount.CTU(CU := <Operand>, PV := <Operand>) Declaration in the ARRAY DB: Program code: SCL "MyARRAYDB"."THIS"[0].SecondCount(CU := <Operand>, PV := <Operand>) See also Using IEC timers and counters (Page 2118) 3094 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions CTU: Count up (S7-1200, S7-1500) Description You can use the "Count up" instruction to increment the value at the CV parameter. When the signal state of the parameter CU changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value of the parameter CV is incremented by one. The counter value is incremented each time a positive signal edge is detected, until it reaches the high limit of the data type specified at the CV parameter. When the high limit is reached, the signal state of the CU parameter no longer has an effect on the instruction. You can query the count status of the Q parameter. The signal state of the Q parameter is determined by the PV parameter. When the current counter value is greater than or equal to the value of the PV parameter, the Q parameter is set to signal state "1". In all other cases, the signal state of the Q parameter is "0". You can also specify a constant for the PV parameter. The value of the CV parameter is reset to zero when the signal state at the R parameter changes to "1". As long as the signal state of the R parameter is "1", the signal state of the CU parameter has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For CPUs of the S7-1200 series Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT For CPUs of the S7-1500 series WinCC Advanced V14 System Manual, 10/2016 Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTU_SINT / CTU_USINT IEC_COUNTER / IEC_UCOUNTER CTU_INT / CTU_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTU_DINT / CTU_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTU_LINT / CTU_ULINT 3095 Programming the PLC 11.4 Instructions You can declare an IEC counter as follows: Declaration of an instance data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER_DB") Declaration as local tag of the data type CTUD_<DatenType> in the "Static" section of a program block (for example, #MyIEC_COUNTER_Instance) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. Syntax The following syntax is used for the "Count up" instruction: Data block of system data type IEC_<Counter> (Shared DB) SCL <IEC_Counter_DB>.CTU(CU := <Operand>, R := <Operand>, PV := <Operand>, Q => <Operand>, CV => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_Counter(CU := <Operand>, R := <Operand>, PV := <Operand>, Q => <Operand>, CV => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC counters (Page 3090) The syntax of the instruction consists of the following parts: 3096 Parameter Declaration CU Input R Input PV Data type Memory area Description BOOL I, Q, M, D, L Count input BOOL I, Q, M, D, L, P Reset input Input Integers I, Q, M, D, L, P Value at which the Q output is set Q Output BOOL I, Q, M, D, L Counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P Current counter value WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "IEC_COUNTER_DB".CTU(CU := "Tag_Start", R := "Tag_Reset", PV := "Tag_PresetValue", Q => "Tag_Status", CV => "Tag_CounterValue"); When the signal state of the "Tag_Start" operand changes from "0" to "1", the "Count up" instruction is executed and the current counter value of the "Tag_CounterValue" operand is incremented by one. With each additional positive signal edge, the counter value is incremented until the high limit of the specified data type (INT = 32767) is reached. The "Tag_Status" output has signal state "1" as long as the current counter value is greater than or equal to the value of the "Tag_PresetValue" operand. In all other cases, the "Tag_Status" output has signal state "0". The current counter value is stored in the "Tag_CounterValue" operand. See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Basics of SCL (Page 4747) Memory areas (Page 944) CTD: Count down (S7-1200, S7-1500) Description The "Count down" instruction is used to decrement the value at the parameter CV. When the signal state of the CD parameter changes from "0" to "1" (positive signal edge), the instruction is executed and the current counter value of the CV parameter is decremented by one. Each time a positive signal edge is detected, the counter value is decremented until it reaches the low limit of the specified data type. When the low limit is reached, the signal state of the CD parameter no longer has an effect on the instruction. You can query the count status of the Q parameter. If the current counter value is less than or equal to zero, the Q parameter is set to signal state "1". In all other cases, the signal state of the Q parameter is "0". You can also specify a constant for the PV parameter. The value of the CV parameter is set to the value of the PV parameter when the signal state of the LD parameter changes to "1". As long as the signal state of the LD parameter is "1", the signal state of the CD parameter has no effect on the instruction. Note Only use a counter at a single point in the program to avoid the risk of counting errors. WinCC Advanced V14 System Manual, 10/2016 3097 Programming the PLC 11.4 Instructions Each call of the "Count down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For CPUs of the S7-1200 series Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT For CPUs of the S7-1500 series Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTD_SINT / CTD_USINT IEC_COUNTER / IEC_UCOUNTER CTD_INT / CTD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTD_DINT / CTD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTD_LINT / CTD_ULINT You can declare an IEC counter as follows: Declaration of an instance data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER_DB") Declaration as local tag of the data type CTD_<DatenType> in the "Static" section of a program block (for example, #MyIEC_COUNTER_Instance) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. Syntax The following syntax is used for the "Count down" instruction: Data block of system data type IEC_<Counter> (Shared DB) SCL <IEC_Counter_DB>.CTD(CD := <Operand>, LD := <Operand>, PV := <Operand>, Q => <Operand>, CV => <Operand>) 3098 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Local tag from the block interface (multi-instance): SCL #myLocal_Counter(CD := <Operand>, LD := <Operand>, PV := <Operand>, Q => <Operand>, CV => <Operand>) For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC counters (Page 3090) The syntax of the instruction consists of the following parts: Parameter Declaration CD Input LD Input PV Data type Memory area Description BOOL I, Q, M, D, L Count input BOOL I, Q, M, D, L, P Load input Input Integers I, Q, M, D, L, P Value to which the CV output is set with LD = 1. Q Output BOOL I, Q, M, D, L Counter status CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P Current counter value Example The following example shows how the instruction works: SCL "IEC_SCOUNTER_DB".CTD(CD := "Tag_Start", LD := "Tag_Load", PV := "Tag_PresetValue", Q => "Tag_Status", CV => "Tag_CounterValue"); When the signal state of the "Tag_Start" operand changes from "0" to "1", the instruction is executed and the value of the "Tag_CounterValue" operand is decremented by one. With each additional positive signal edge, the counter value is decremented until it reaches the low limit of the specified data type (-128). The operand "Tag_Status" has signal state "1" as long as the current counter value is less than or equal to zero. In all other cases, the "Tag_Status" output has signal state "0". The current counter value is stored in the "Tag_CounterValue" operand. See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3099 Programming the PLC 11.4 Instructions CTUD: Count up and down (S7-1200, S7-1500) Description Use the "Count up and down" instruction to increment or decrement the counter value at the CV parameter. When the signal state of the CU parameter changes from "0" to "1" (positive signal edge), the current counter value of the CV parameter is incremented by one. When the signal state of the CD parameter changes from "0" to "1" (positive signal edge), the counter value of the CV parameter is decremented by one. If there is a positive signal edge at the CU and CD inputs in a program cycle, the current counter value of the CV parameter remains unchanged. The counter value can be incremented until it reaches the high limit of the data type specified at the CV parameter. When the high limit is reached, the counter value is no longer incremented on a positive signal edge. The counter value is no longer decremented once the low limit of the specified data type has been reached. When the signal state of the LD parameter changes to "1", the counter value of the CV parameter is set to the value of the PV parameter. As long as the LD parameter has signal state "1", the signal state of the CU and CD parameters has no effect on the instruction. The counter value is set to zero when the signal state of the R parameter changes to "1". As long as the R parameter has signal state "1", a change in the signal state of the CU, CD and LD parameters has no effect on the "Count up and down" instruction. You can query the status of the up counter at the QU parameter. When the current counter value is greater than or equal to the value of the PV parameter, the QU parameter is set to signal state "1". In all other cases, the signal state of the QU parameter is "0". You can also specify a constant for the PV parameter. You can query the status of the down counter at the QD parameter. If the current counter value is less than or equal to zero, the QD parameter is set to signal state "1". In all other cases, the signal state of the QD parameter is "0". Note Only use a counter at a single point in the program to avoid the risk of counting errors. Each call of the "Count up and down" instruction must be assigned an IEC counter in which the instruction data is stored. An IEC counter is a structure with one of the following data types: For CPUs of the S7-1200 series 3100 Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For CPUs of the S7-1500 series Data block of system data type IEC_<Counter> (Shared DB) Local tag IEC_SCOUNTER / IEC_USCOUNTER CTUD_SINT / CTUD_USINT IEC_COUNTER / IEC_UCOUNTER CTUD_INT / CTUD_UINT IEC_DCOUNTER / IEC_UDCOUNTER CTUD_DINT / CTUD_UDINT IEC_LCOUNTER / IEC_ULCOUNTER CTUD_LINT / CTUD_ULINT You can declare an IEC counter as follows: Declaration of an instance data block of system data type IEC_<Counter> (for example, "MyIEC_COUNTER_DB") Declaration as local tag of the data type CTUD_<DatenType> in the "Static" section of a program block (for example, #MyCTUD_COUNTER_Instance) When you set up the IEC counter in a separate data block (single instance), the instance data block is created by default with "optimized block access" and the individual tags are defined as retentive. When you set up the IEC counter as local tag (multi-instance) in a function block with "optimized block access", it is defined as retentive in the block interface. Syntax The following syntax is used for the "Count up and down" instruction: Data block of system data type IEC_<Counter> (Shared DB) SCL <IEC_Counter_DB>.CTUD(CU := <Operand>, CD := <Operand>, R := <Operand>, LD := <Operand>, PV := <Operand>, QU => <Operand>, QD := <Operand> CV => <Operand>) Local tag from the block interface (multi-instance): SCL #myLocal_Counter(CU := <Operand>, CD := <Operand>, R := <Operand>, LD := <Operand>, PV := <Operand>, QU => <Operand>, QD := <Operand> CV => <Operand>) WinCC Advanced V14 System Manual, 10/2016 3101 Programming the PLC 11.4 Instructions For syntax information on calling IEC timers within structures (multi-instance), please refer to: Calling IEC counters (Page 3090) The syntax of the instruction consists of the following parts: Parameter Declaration CU Input CD Input R LD Data type Memory area Description BOOL I, Q, M, D, L Count up input BOOL I, Q, M, D, L Count down input Input BOOL I, Q, M, D, L, P Reset input Input BOOL I, Q, M, D, L, P Load input PV Input Integers I, Q, M, D, L, P Value at which the QU output is set / value to which the CV output is set when LD = 1. QU Output BOOL I, Q, M, D, L Status of the up counter QD Output BOOL I, Q, M, D, L Status of the down counter CV Output Integers, CHAR, WCHAR, DATE I, Q, M, D, L, P Current counter value Example The following example shows how the instruction works: SCL "IEC_COUNTER_DB".CTUD(CU := "Tag_Start1", CD := "Tag_Start2", LD := "Tag_Load", R := "Tag_Reset", PV := "Tag_PresetValue", QU => "Tag_CU_Status", QD => "Tag_CD_Status", CV => "Tag_CounterValue"); If the "Tag_Start1" operand has a positive signal edge in the signal state, the current counter value is incremented by one and stored in the "Tag_CounterValue" operand. If the "Tag_Start2" operand has a positive signal edge in the signal state, the counter value is decremented by one and is also stored in the "Tag_CounterValue" operand. The counter value is incremented on the positive signal edge of the CU parameter until it reaches the high limit of the specified data type (INT). If the CD parameter has a positive signal edge, the counter value is decremented until it reaches the low limit of the specified data type (INT). The operand "Tag_CU_Status" has signal state "1" as long as the current counter value is greater than or equal to the value of the operand "Tag_PresetValue". In all other cases, the "Tag_CU_Status" output has signal state "0". The operand "Tag_CD_Status" has signal state "1" as long as the current counter value is less than or equal to zero. In all other cases, the "Tag_CD_Status" output has signal state "0". See also Overview of the valid data types (Page 2131) Setting retentivity in an instance data block (Page 4566) 3102 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basics of SCL (Page 4747) Memory areas (Page 944) Legacy (S7-1500) S_CU: Assign parameters and count up (S7-1500) Description You can use the "Assign parameters and count up" instruction to increment the value of a counter. When the signal state of the CU parameter changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. The current counter value is provided at the parameter CV. The counter value is incremented until the limit of "999" is reached. When the limit value is reached, the counter value is no longer incremented on a positive signal edge. When the signal state of the S parameter changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if the result of logic operation (RLO) at the CU input is "1", the counter counts once in the next cycle, even when no signal edge change is detected. The counter value is set to zero when the signal state of the R parameter changes to "1". As long as the R parameter has the signal state "1", a change in the signal state of the parameters CU and S has no effect on the counter value. The signal state at parameter Q is "1" if the counter value is greater than zero. When the counter value equals zero, parameter Q returns signal state "0". Note To avoid counting errors, only use a counter at a single location in the program. Syntax The following syntax is used for the "Assign parameters and count up" instruction: SCL S_CU(C_NO := <Operand>, CU := <Operand>, S := <Operand>, PV := <Operand>, R := <Operand>, Q => <Operand>, CV => <Operand>) WinCC Advanced V14 System Manual, 10/2016 3103 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description C_NO Input COUNTER, INT C Counters The number of counters de pends on the CPU. CU Input BOOL I, Q, M, D, L Count up input S Input BOOL I, Q, M, D, L Input for presetting the coun ter PV Input WORD I, Q, M, D, L Preset counter value (C#0 to C#999) in BCD format R Input BOOL I, Q, M, D, L Reset input Q Output BOOL I, Q, M, D, L Status of the counter CV Output WORD I, Q, M, D, L Current counter value WORD I, Q, M, D, L Current counter value in BCD format Function value For more information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := S_CU(C_NO := "Counter_1", CU := "Tag_Start", S := "Tag_1", PV := "Tag_PresetValue", R := "Tag_Reset", Q => "Tag_Status", CV => "Tag_Value"); If the signal state of the "Tag_Start" parameter changes from "0" to "1" (positive signal edge) and the current counter value is less than "999", the counter value is incremented by one. If the signal state of the "Tag_1" input changes from "0" to "1", the counter value in BCD format is set to the value of the "Tag_PresetValue" operand. The counter value is reset to "0" when the "Tag_Reset" operand has signal state "1". The current counter value is stored in hexadecimal form in the operand "Tag_Value". The "Tag_Status" output has the signal state "1" as long as the current counter value is not equal to "0". The current counter value is returned in the "Tag_Value" operand and as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) 3104 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions S_CD: Assign parameters and count down (S7-1500) Description You can use the "Assign parameters and count down" instruction to decrement the value of a counter. When the signal state of the CD parameter changes from "0" to "1" (positive signal edge), the current counter value is decreased by one. The current counter value is provided at the parameter CV. The counter value is decreased until the low limit of "0" is reached. When the low limit is reached, the counter value is no longer decreased on a positive signal edge. When the signal state of the S parameter changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if the result of logic operation (RLO) at the CD parameter is "1", the counter counts once in the next cycle, even when no signal edge change is detected. The counter value is set to zero when the signal state of the R parameter changes to "1". As long as the R parameter has the signal state "1", a change in the signal state of the parameters CD and S has no effect on the counter value. The signal state at parameter Q is "1" if the counter value is greater than zero. When the counter value equals zero, parameter Q returns signal state "0". Note To avoid counting errors, only use a counter at a single location in the program. Syntax The following syntax is used for the "Assign parameters and count down" instruction: SCL S_CD(C_NO:= <Operand>, CD := <Operand>, S := <Operand>, PV := <Operand>, R := <Operand>, Q => <Operand>, CV => <Operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description C_NO Input COUNTER, INT C Counters The number of counters de pends on the CPU. WinCC Advanced V14 System Manual, 10/2016 CD Input BOOL I, Q, M, D, L Count down input S Input BOOL I, Q, M, D, L Input for presetting the coun ter PV Input WORD I, Q, M, D, L Preset counter value (C#0 to C#999) in BCD format 3105 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description R Input BOOL I, Q, M, D, L Reset input Q Output BOOL I, Q, M, D, L Status of the counter CV Output WORD I, Q, M, D, L Current counter value WORD I, Q, M, D, L Current counter value in BCD format Function value For more information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := S_CD(C_NO := "Counter_1", CD := "Tag_Start", S := "Tag_1", PV := "Tag_PresetValue", R := "Tag_Reset", Q => "Tag_Status", CV => "Tag_Value"); When the signal state of the "Tag_Start" operand changes from "0" to "1" (positive signal edge) and the current counter value is greater than "0", the counter value is decreased by one. If the signal state of the "Tag_1" operand changes from "0" to "1", the counter value in BCD format is set to the value of the "Tag_PresetValue" operand. The counter value is reset to "0" when the "Tag_Reset" operand has signal state "1". The current counter value is stored in the "Tag_Value" operand. The "Tag_Status" operand returns signal state "1" as long as the current counter value is not equal to "0". The current counter value is returned in the "Tag_Value" operand and as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) 3106 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions S_CUD: Assign parameters and count up / down (S7-1500) Description You can use the "Assign parameters and count up / down" instruction to increment and decrement the value of a counter. When the signal state of the CU parameter changes from "0" to "1" (positive signal edge), the current counter value is incremented by one. When the signal state of the CD parameter changes from "0" to "1" (positive signal edge), the counter value is decreased by one. The current counter value is provided at the parameter CV. If there is a positive signal edge at the parameters CU and CD in one program cycle, the counter value remains unchanged. The counter value is incremented until the high limit of "999" is reached. When the high limit is reached, the counter value is no longer incremented on a positive signal edge. When the low limit "0" is reached, the counter value is not decremented any further. When the signal state of the S parameter changes from "0" to "1", the counter value is set to the value of the PV parameter. If the counter is set and if the result of logic operation (RLO) of the CU and CD parameters is "1", the counter will count once in the next cycle, even if no signal edge change was detected. The counter value is set to zero when the signal state of the R parameter changes to "1". As long as the parameter R has the signal state "1", processing of the signal state of the parameters CU, CD and S has no effect on the counter value. The signal state at parameter Q is "1" if the counter value is greater than zero. When the counter value equals zero, parameter Q returns signal state "0". Note To avoid counting errors, only use a counter at a single location in the program. Syntax The following syntax is used for the "Assign parameters and count up / down" instruction: SCL S_CUD(C_NO:= <Operand>, CU := <Operand>, CD := <Operand>, S := <Operand>, PV := <Operand>, R := <Operand>, Q => <Operand>, CV => <Operand>) WinCC Advanced V14 System Manual, 10/2016 3107 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description C_NO Input COUNTER, INT C Counters The number of counters de pends on the CPU. CU Input BOOL I, Q, M, D, L Count up input CD Input BOOL I, Q, M, D, L Count down input S Input BOOL I, Q, M, D, L Input for presetting the coun ter PV Input WORD I, Q, M, D, L Preset counter value (C#0 to C#999) in BCD format R Input BOOL I, Q, M, D, L Reset input Q Output BOOL I, Q, M, D, L Status of the counter CV Output WORD I, Q, M, D, L Current counter value (hexa decimal) WORD I, Q, M, D, L Current counter value in BCD format Function value For more information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := S_CD(C_NO := "Counter_1", CU := "Tag_CU", CD := "Tag_CD", S := "Tag_1", PV := "Tag_PresetValue", R := "Tag_Reset", Q => "Tag_Status", CV => "Tag_Value"); When a positive signal edge is detected in the signal state of the "Tag_CU" operand and the current counter value is less than "999", the counter value is incremented by one. When a positive signal edge is detected in the signal state of the "Tag_CD" operand and the current counter value is greater than "0", the counter value is decremented by one. If the signal state of the "Tag_1" operand changes from "0" to "1", the counter value in BCD format is set to the value of the "Tag_PresetValue" operand. The counter value is reset to "0" when the "Tag_Reset" operand has signal state "1". The current counter value is stored in the "Tag_Value" operand. The "Tag_Status" operand returns signal state "1" as long as the current counter value is not equal to "0". The current counter value is returned in the "Tag_Value" operand and as a function value. 3108 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Comparator operations (S7-1200, S7-1500) TypeOf: Check data type of a VARIANT tag (S7-1200, S7-1500) Description You can use the "Check data type of a VARIANT tag" instruction to query the data type of a tag to which a VARIANT tag is pointing. You can compare the data type of the <operand> tag that you have declared in the block interface either to the data type of another tag or directly with a data type to determine whether they are "Equal" or "Not equal". The comparison operand can be an elementary data type or a PLC data type. You can only use the "Check data type of a VARIANT tag" instruction within an IF or CASE instruction. Syntax The following syntax is used for the "Check data type of a VARIANT tag" instruction: SCL TypeOf(<operand>) Parameters The following table shows the parameters of the "Check data type of a VARIANT tag" instruction: Parameter Declaration Data type Memory area <Operand> Input Binary numbers, integers, floatingpoint numbers, times, date and time, character strings, VARIANT L (A declaration in First operand the "Temp" sec tion of the block in terface is not pos sible.) Description You can find additional information on valid data types under "See also". Example The following example shows the comparison with another tag: SCL IF TypeOf(#TagVARIANT) = TypeOf("TagBYTE") THEN WinCC Advanced V14 System Manual, 10/2016 3109 Programming the PLC 11.4 Instructions SCL ...; END_IF; The following example shows the comparison with a data type: SCL IF TypeOf(#TagVARIANT) = BYTE THEN ...; END_IF; If the operand to which the VARIANT #TagVARIANT is pointing has the BYTE data type, the comparison condition has been met. See also Overview of the valid data types (Page 2131) Programming example: Programming queues (FIFO) (Page 2088) VARIANT (Page 2191) Basics of SCL (Page 4747) Memory areas (Page 944) TypeOfElements: Check data type of an ARRAY element of a VARIANT tag (S7-1200, S7-1500) Description You can use the "Check data type of an ARRAY element of a VARIANT tag" instruction to query the data type of a tag to which a VARIANT tag is pointing. You compare the data type of the tag to the data type of a tag that you have declared in the block interface to determine whether they are "Equal" or "Not equal". The operand must have the VARIANT data type. The comparison operand can be an elementary data type or a PLC data type. If the data type of the VARIANT tag is an ARRAY, the data type of the ARRAY elements is compared. You can only use the instruction within an IF instruction. Syntax The following syntax is used for the "Check data type of an ARRAY element of a VARIANT tag" instruction: SCL TypeOfElements(<operand>) 3110 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Check data type of an ARRAY element of a VARIANT tag" instruction: Parameter Declaration Data type Memory area Description <operand> Input VARIANT L (A declaration in First operand the "Temp" sec tion of the block in terface is not pos sible.) For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL IF TypeOfElements(#Tag_VARIANT) = TypeOf("GlobalDB".Product[1]) THEN "Tag_Result" := "GlobalDB".Product[1] * 3; END_IF; The following table shows how the instruction works using specific operand values: Operand Value #Tag_VARIANT 1.5 "GlobalDB".Product[1] 4.5 If the tag to which the VARIANT points and the "GlobalDB".Product[1] operand have the REAL data type, the "GlobalDB".Product[1] operand is then multiplied by 3 and the result is written to the "Tag_Result" operand. See also Overview of the valid data types (Page 2131) Programming example: Programming queues (FIFO) (Page 2088) VARIANT (Page 2191) Basics of SCL (Page 4747) Memory areas (Page 944) IS_ARRAY: Check for ARRAY (S7-1200, S7-1500) Description You can use the "Check for ARRAY" instruction to query whether the VARIANT points to a tag of the ARRAY data type. The <operand> must have the VARIANT data type. WinCC Advanced V14 System Manual, 10/2016 3111 Programming the PLC 11.4 Instructions You can only use the "Check for ARRAY" instruction within an IF instruction. Syntax The following syntax is used for the "Check for ARRAY" instruction: SCL IS_ARRAY(<operand>) Parameters The following table shows the parameters of the "Check for ARRAY" instruction: Parameter Declaration Data type Memory area <operand> Input VARIANT L (A declaration in Operand that is queried for the "Temp" sec ARRAY tion of the block in terface is not pos sible.) UDINT I, Q, M, D, L Function value Description Result of the instruction For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL IF IS_ARRAY(#Tag_VARIANTToArray) THEN "Tag_Result" := CountOfElements(#Tag_VARIANTToArray); END_IF; If the tag to which the VARIANT points is an ARRAY, the number of ARRAY elements is output. See also Overview of the valid data types (Page 2131) Programming example: Programming queues (FIFO) (Page 2088) VARIANT (Page 2191) Basics of SCL (Page 4747) Memory areas (Page 944) 3112 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Math functions (S7-1200, S7-1500) ABS: Form absolute value (S7-1200, S7-1500) Description Use the "Form absolute value" instruction to calculate the absolute value of an input value and to save the result in the specified operands. Syntax Use the following syntax for the "Form absolute value" instruction: SCL ABS(<Expression>) The syntax of the instruction consists of the following parts: Parameter <expression> Function value Declaration Input Data type Memory area Description SINT, INT, DINT, LINT, floatingpoint num bers I, Q, M, D, L, P Input value SINT, INT, DINT, LINT, floatingpoint num bers I, Q, M, D, L, P Absolute value of the input val ue S7-1200 S7-1500 SINT, INT, DINT, floatingpoint numbers SINT, INT, DINT, floatingpoint numbers For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := ABS("Tag_Value"); "Tag_Result2" := ABS("Tag_Value1"*"Tag_Value2"); The absolute value of the input value is returned in the format of the input value as a function value. The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Operand Value Tag_Value -2 Tag_Result1 2 Tag_Value1 4 3113 Programming the PLC 11.4 Instructions Operand Value Tag_Value2 -1 Tag_Result2 4 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) MIN: Get minimum (S7-1200, S7-1500) Description The "Get minimum" instruction compares the values of the available inputs and returns the lowest value as the result. A minimum of two and a maximum of 32 inputs can be specified at the instruction. The result is invalid if any of the following conditions are met: The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. Syntax The following syntax is used for the "Get minimum" instruction: SCL MIN(IN1:= <Operand>, IN2 := <Operand>) 3114 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Get minimum" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN1 Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P First input value IN2 Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Second input value INn Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Additionally in serted inputs whose values are to be com pared Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Result of the in struction Function value The data types TOD, LTOD, DATE, and LDT can only be used if the IEC test is not enabled. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := MIN(IN1 := "Tag_Value1", IN2 := "Tag_Value2", IN3 := "Tag_Value3"); WinCC Advanced V14 System Manual, 10/2016 3115 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 Tag_Value1 12222 IN2 Tag_Value2 14444 IN3 Tag_Value3 13333 Function value Tag_Result 12222 The instruction compares the values of the available inputs and copies the lowest value ("Tag_Value1") to operand "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) MAX: Get maximum (S7-1200, S7-1500) Description The "Get maximum" instruction compares the values of the available inputs and returns the greatest value as the result. A minimum of two and a maximum of 32 inputs can be specified at the instruction. The result is invalid if any of the following conditions are met: The implicit conversion of the data types fails during execution of the instruction. A floating-point number has an invalid value. Syntax The following syntax is used for the "Get maximum" instruction: SCL MAX(IN1:= <Operand>, IN2 := <Operand>) 3116 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Get maximum" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN1 Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P First input value IN2 Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Second input value INn Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Additionally in serted inputs whose values are to be com pared Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Result of the in struction Function value The data types TOD, LTOD, DATE, and LDT can only be used if the IEC test is not enabled. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := MAX(IN1 := "Tag_Value1", IN2 := "Tag_Value2", IN3 := "Tag_Value3"); WinCC Advanced V14 System Manual, 10/2016 3117 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN1 Tag_Value1 12 222 IN2 Tag_Value2 14 444 IN3 Tag_Value3 13 333 Function value Tag_Result 14 444 The instruction compares the values of the specified operands and copies the greatest value ("Tag_Value2") to the operand "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) LIMIT: Set limit value (S7-1200, S7-1500) Description The "Set limit value" instruction limits the value of the parameter IN to the values of the parameters MN and MX. The value of the parameter MN may not be greater than the value of the parameter MX. If the value of the IN parameter fulfills the MN condition <=IN <= MX, it is returned as the result of the instruction. If the condition is not fulfilled and the IN input value is less than the MN low limit, the value of the MN parameter is returned as the result. If the high limit MX is exceeded, the value of the MX parameter is returned as the result. If the value of the MN input is greater than the value of the MX input, the result is undefined. The instruction is only executed if the operands of all parameters are of the same data type. Syntax The following syntax is used for the "Set limit value" instruction: SCL LIMIT(MN := <Operand>, IN := <Operand>, MX := <Operand>) 3118 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description MN Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Low limit IN Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Input value MX Input Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P High limit Integers, float ing-point num bers, TIME, TOD, DATE, DTL Integers, floatingpoint num bers, TIME, LTIME, TOD, LTOD, DATE, LDT, DT, DTL I, Q, M, D, L, P Result of the in struction Function value The data types TOD, LTOD, DATE, and LDT can only be used if the IEC test is not enabled. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := LIMIT(MN := "Tag_Minimum", IN := "Tag_Value", MX := "Tag_Maximum"); WinCC Advanced V14 System Manual, 10/2016 3119 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value MN Tag_Minimum 12 000 IN Tag_Value 8 000 MX Tag_Maximum 16 000 Function value Tag_Result 12 000 The value of operand "Tag_Value" is compared with the values of operands "Tag_Minimum" and "Tag_Maximum". Because the value of the operand "Tag_Value" is less than the low limit value, the value of operand "Tag_Minimum" will be copied to operand "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) SQR: Form square (S7-1200, S7-1500) Description Use the "Form square" instruction to square the input value and save the result in the specified operand. Syntax Use the following syntax for the instruction "Form square": SCL SQR(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value Floating-point numbers I, Q, M, D, L, P Square of the input value Function value You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := SQR("Tag_Value"); 3120 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL "Tag_Result2" := SQR((SQR("Tag_Value1"))*"Tag_Value2"); The square of the input value is returned in the operand "Tag_Resultxy" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 2.5 Tag_Result1 6.25 Tag_Value1 6.0 Tag_Value2 2.0 Tag_Result2 5184.0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) SQRT: Form square root (S7-1200, S7-1500) Description Use the "Form square root" instruction to calculate the square root of the input value and save the result in the specified operand. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, the instruction returns an invalid floatingpoint number. If the input value is "0", the result is also "0". Syntax The following syntax is used for the "Form square root" instruction: SCL SQRT(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value Floating-point numbers I, Q, M, D, L, P Square root of the input value Function value You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 3121 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result1" := SQRT("Tag_Value"); "Tag_Result2" := SQRT((SQR("Tag_Value1"))+"Tag_Value2"); The square root of the input value is returned in the operand "Tag_Resultxy" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 4.0 Tag_Result1 2.0 Tag_Value1 3.0 Tag_Value2 16.0 Tag_Result2 5.0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) LN: Form natural logarithm (S7-1200, S7-1500) Description You can use the "Form natural logarithm" instruction to calculate the natural logarithm to base e (e=2.718282) from the input value. The instruction has a positive result if the input value is greater than zero. If input values are less than zero, the instruction returns an invalid floatingpoint number. Syntax The following syntax is used for the "Form natural logarithm" instruction: SCL LN(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value Floating-point numbers I, Q, M, D, L, P Natural logarithm of the input value Function value 3122 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := LN("Tag_Value"); "Tag_Result2" := LN("Tag_Value1"+"Tag_Value2"); The result of the instruction is returned in the operand "Tag_Resultxy" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 2.5 Tag_Result1 0.916 Tag_Value1 1.5 Tag_Value2 3.2 Tag_Result2 1.548 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) EXP: Form exponential value (S7-1200, S7-1500) Description The "Form exponential value" instruction calculates the exponent from the base e (e = 2.718282) and the input value and saves the result in the specified operand. Syntax The following syntax is used for the "Form exponential value" instruction: SCL EXP(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value Floating-point numbers I, Q, M, D, L, P Exponential value of the in put value Function value WinCC Advanced V14 System Manual, 10/2016 3123 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := EXP("Tag_Value"); "Tag_Result2" := EXP("Tag_Value1"/"Tag_Value2"); The result of the instruction is returned in the operand "Tag_Resultxy" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 20.5 Tag_Result1 799 902 200 Tag_Value1 15.5 Tag_Value2 30.2 Tag_Result2 1.671 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) SIN: Form sine value (S7-1200, S7-1500) Description Use the "Form sine value" instruction to calculate the sine of the input value. The input value must be given in radians. Syntax Use the following syntax for the "Form sine value" instruction: SCL SIN(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value (size of an angle in radians) Floating-point numbers I, Q, M, D, L, P Result of the instruction Function value 3124 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := SIN("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value +1.570796 (/2) Tag_Result 1.0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) COS: Form cosine value (S7-1200, S7-1500) Description Use the "Form cosine value" instruction to calculate the cosine of the input value. The input value must be given in radians. Syntax Use the following syntax for the "Form cosine value" instruction: SCL COS(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value (size of an angle in radians) Floating-point numbers I, Q, M, D, L, P Result of the instruction Function value You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 3125 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := COS("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value +1.570796 (/2) Tag_Result 0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) TAN: Form tangent value (S7-1200, S7-1500) Description Use the "Form tangent value" instruction to calculate the sine of the input value. The input value must be given in radians. Syntax Use the following syntax for the "Form tangent value" instruction: SCL TAN(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Input value (size of an angle in radians) Floating-point numbers I, Q, M, D, L, P Result of the instruction Function value You can find additional information on valid data types under "See also". 3126 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := TAN("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value +3.141593 () Tag_Result 0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ASIN: Form arcsine value (S7-1200, S7-1500) Description You can use the "Form arcsine value" instruction to calculate the size of the angle from a sine value, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified as input values. The calculated angle size is given in radians and can range in value from -/2 to +/2. Syntax Use the following syntax for the "Form arcsine value" instruction: SCL ASIN(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Sine value Floating-point numbers I, Q, M, D, L, P Size of angle in radians Function value You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 3127 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ASIN("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 1.0 Tag_Result +1.570796 (/2) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ACOS: Form arccosine value (S7-1200, S7-1500) Description You can use the "Form arccosine value" instruction to calculate the size of the angle from a cosine value, which corresponds to this value. Only valid floating-point numbers within the range -1 to +1 can be specified as input values. The calculated angle size is given in radians and can range in value from 0 to +. Syntax Use the following syntax for the "Form arccosine value" instruction: SCL ACOS(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Cosine value Floating-point numbers I, Q, M, D, L, P Size of angle in radians Function value You can find additional information on valid data types under "See also". 3128 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ACOS("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 0 Tag_Result +1.570796 (/2) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ATAN: Form arctangent value (S7-1200, S7-1500) Description You can use the "Form arctangent value" instruction to calculate the size of the angle from a tangent value, which corresponds to this value. It is only permitted to specify valid floating-point numbers (or -NaN/+NaN) as input value. The calculated angle size is given in radians and can range in value from -/2 to +/2. Syntax The following syntax is used for the "Form arctangent value" instruction: SCL ATAN(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expres sion> Input Floating-point numbers I, Q, M, D, L, P Tangent value Floating-point numbers I, Q, M, D, L, P Size of angle in radians Function value For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3129 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ATAN("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 1.0 Tag_Result +0.785398 (/4) See also Overview of the valid data types (Page 2131) Invalid floating-point numbers (Page 2152) Basics of SCL (Page 4747) Memory areas (Page 944) FRAC: Return fraction (S7-1200, S7-1500) Description The result of the instruction "Return fraction" returns the decimal places of a value. Input value 123.4567, for example, returns the value 0.4567. Syntax The following syntax is used for the instruction "Return fraction": SCL FRAC(<Expression>) FRAC_<Data type>(<Expression>) 3130 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expression> Input Floating-point numbers I, Q, M, D, L, P Input value Floating-point numbers - Data type of the function val ue: _<Data type> Default: REAL 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or typecoded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value Floating-point numbers I, Q, M, D, L, P Decimal places of the input value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := FRAC("Tag_Value"); "Tag_Result2" := FRAC_LREAL("Tag_Value"); The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 2.555 -1.4421 Tag_Result1 0.555 -0.4421 See also Overview of the valid data types (Page 2131) Invalid floating-point numbers (Page 2152) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3131 Programming the PLC 11.4 Instructions Move operations (S7-1200, S7-1500) Deserialize: Deserialize (S7-1200, S7-1500) Description You can use the "Deserialize" instruction to convert back the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> and to fill its entire contents. The memory area in which the sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type> is located must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized memory areas also permitted as of version 2.0. The capacity of the standard memory area is 64 KB. Make sure that there is enough memory space prior to the conversion. If the memory area is filled using the instruction "Serialize" and it is possible that fill bytes were inserted, their conversion is not taken into account. It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. The instruction enables you to convert multiple sequential representations of converted data back to their original state step-by-step. If you only want to convert back a single sequential representation of a PLC data type (UDT), STRUCT or ARRAY of <data type>, you can also directly use the instruction "TRCV: Receive data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To deserialize larger structures, you can declare the memory area for sequential representation with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The content of the sequential representation remains unchanged, as for a standard memory area. Only symbolic access to the bytes in the ARRAY is possible. 3132 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Deserialize" instruction: SCL Deserialize(SRC_ARRAY := <operand>, DEST_VARIABLE:= <operand>, POS := <operand>) Parameters The following table shows the parameters of the "Deserialize" instruction: Parameters Declaration Data type Memory area SRC_AR RAY Input VARIANT D, block interface Tag of ARRAY of BYTE data of an FB (The sec type in which the generate tions Input, Out data flow is stored put, Static and Temp are possi ble.) DEST_VARI ABLE InOut VARIANT D, block interface of an FB Tag in which the reconverted PLC data type (UDT), STRUCT, ARRAY of <data type> is stored POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the number of bytes occupied by the converted customer data. The POS parameter is calcu lated zero-based. INT I, Q, M, D, L Error information ARRAY[*] of BYTE 1) Function value Description Possible for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. 1) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) WinCC Advanced V14 System Manual, 10/2016 0000 No error 80B0 The memory areas for the SRC_ARRAY and DEST_VARIABLE parameters overlap. 8136 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8150 The VARIANT data type at the SRC_ARRAY parameter contains a ZERO pointer. 8151 No valid reference at the SRC_ARRAY parameter 8153 There is not enough free memory available at the SRC_ARRAY parameter. 8154 Invalid data type at the SRC_ARRAY parameter 8250 The VARIANT data type at the DEST_VARIABLE parameter contains a ZERO pointer. 3133 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 8251 No valid reference at the DEST_VARIABLE parameter 8382 The value at the POS parameter is outside the limits of the array. 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8136 Access to the memory area at the SRC_ARRAY parameter is invalid. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following table shows the declaration of the operands: Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface of an FB or FC. BufferPos DINT Error INT In the "Temp" section of the block interface of an FB or FC. Label STRING[4] The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Target Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Bill Array[0..10] of INT Field Array[0..294] of BYTE Buffer 3134 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following example shows how the instruction works: SCL #Tag_RetVal := Deserialize(SRC_ARRAY := "Buffer".Field, DEST_VARIABLE := "Target".Client, POS := #BufferPos); #Tag_RetVal := Deserialize(SRC_ARRAY := "Buffer".Field, DEST_VARIABLE := #Label, POS := #BufferPos); IF #Label = 'arti' THEN #Tag_RetVal := Deserialize(SRC_ARRAY := "Buffer".Field, DEST_VARIABLE := "Target".Article[#DeliverPos], POS := #BufferPos); ELSIF #Label = 'Bill' THEN #Tag_RetVal := Deserialize(SRC_ARRAY := "Buffer".Field, DEST_VARIABLE := "Target".Bill[#DeliverPos], POS := #BufferPos); ; ELSE ; END_IF; The "Deserialize" instruction deserializes the sequential representation of the customer data from the "Buffer" tag and writes it to the "Target" tag. The #BufferPos operand stores the index of the first byte based on the number of bytes occupied by the converted customer data. The "Deserialize" instruction deserializes the sequential representation of the separator sheet, which was stored in the sequential representation after the customer data, from the "Buffer" tag and writes the characters to the #Label operand. The characters are compared using comparison instructions "arti" and "Bill". If the comparison for "arti" = TRUE, these are article data that have been deserialized and written to the "Target" tag. If the comparison for "Bill" = TRUE, these are billing data that have been deserialized and written to the "Target" tag. See also Overview of the valid data types (Page 2131) PLC data types (UDT) (Page 2170) Basics of SCL (Page 4747) Memory areas (Page 944) Using the VARIANT data type (Page 2078) WinCC Advanced V14 System Manual, 10/2016 3135 Programming the PLC 11.4 Instructions Serialize: Serialize (S7-1200, S7-1500) Description You can use the "Serialize" instruction to convert several PLC data types (UDT), STRUCT or ARRAY of <data type> to a sequential representation without losing parts of their structure. You use the instruction to temporarily save multiple structured data items from your program in a buffer, which should preferably be in a global data block, and send them to another CPU. The memory area in which the converted data are stored must have the ARRAY of BYTE data type and be declared with standard access in version 1.0. Optimized data are also permitted as of version 2.0. Elements of the ARRAY of BYTE may be filled with zeros to meet the standard alignment rules. The capacity of the standard memory area is 64 KB. Structures that are larger than 64 KB in accordance with the rules for standard memory areas cannot be serialized if the operand at the DEST_ARRAY parameter is located in a standard memory area. It is recommended to define the low limit of the ARRAY with "0", because then the index within ARRAY corresponds to the value of the POS parameter, e.g. ARRAY[0] = POS 0. The description and example below have been formed based on this. The operand at the POS parameter contains information about the number of bytes used by the converted data. If you want to send a single PLC data type (UDT), STRUCT or ARRAY of <data type>, you can directly call the instruction "TSEND: Send data via communication connection". Size of the memory area The alignment rules mean that simple structures in the optimized memory area do not contain filling bytes. This results in a structure in the optimized memory area being smaller than in the standard memory area. ARRAYs of structures and structures in which other structures are located contain filling bytes. There is no general rule as to the memory area in which a composed structure requires more space. Applies to CPUs of the S7-1500 series: For a block with the block property "Optimized block access", the BOOL has a length of 1 byte. A structure that consists largely of the data type BOOL can therefore be larger in the optimized memory area than in the standard memory area. Composed structures with a low proportion of BOOL data types are smaller in the optimized memory area than in the standard memory area. Optimized memory area To serialize larger structures, you can declare the memory area with optimized access for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. The sequential representation remains unchanged, as for a standard memory area. 3136 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Serialize" instruction: SCL Serialize(SRC_VARIABLE := <operand>, DEST_ARRAY := <operand>, POS := <operand>) Parameters The following table shows the parameters of the instruction "Serialize": Parameters Declaration Data type Memory area Description SRC_VARIA Input BLE VARIANT D, block interface of an FB PLC data type (UDT), STRUCT or ARRAY of <data type> that is converted to se quential representation. DEST_AR RAY InOut VARIANT D, block interface Data block in which the gen of an FB (The sec erated data stream is stored. tions Input, Out put, Static and Temp are possi ble.) POS InOut DINT I, Q, M, D, L The operand at the POS pa rameter stores the index of the first byte based on the to tal number of bytes occupied by the converted customer data. The POS parameter is calculated zero-based. INT I, Q, M, D, L Error information Function value RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) WinCC Advanced V14 System Manual, 10/2016 0000 No error 80B0 The memory areas for the SRC_VARIABLE and DEST_ARRAY parameters overlap. 8150 The VARIANT data type at the SRC_VARIABLE parameter contains a ZERO pointer. 8151 No valid reference at the SRC_VARIABLE parameter 8236 The tag at the SRC_ARRAY parameter is not in a block with standard access. 8250 The VARIANT data type at the DEST_ARRAY parameter contains a ZERO pointer. 8251 No valid reference at the DEST_ARRAY parameter 8253 There is not enough free memory available at the DEST_ARRAY parameter. 8254 Invalid data type at the DEST_ARRAY parameter 8382 The value at the POS parameter is outside the limits of the array. 3137 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 9512 For a CPU of the S7-1200 module and a block with the block property "Optimized block access": The BOOL data type is used at the DEST_VARIABLE parameter. This makes the object smaller than a full byte. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". For a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0, the following error code has a different meaning: Error code* Explanation (W#16#...) 8236 Access to the memory area at the DEST_ARRAY parameter is invalid. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL #Tag_RetVal := Serialize(SRC_VARIABLE := "Source".Client, DEST_ARRAY := "Buffer".Field, POS := #BufferPos); #Label := STRING_TO_WSTRING('arti'); #Tag_RetVal := Serialize(SRC_VARIABLE := #Label, DEST_ARRAY := "Buffer".Field, POS := #BufferPos); #Tag_RetVal := Serialize(SRC_VARIABLE := "Source".Article[#DeliverPos], DEST_ARRAY := "Buffer".Field, POS := #BufferPos); The "Deserialize" instruction deserializes the customer data from the "Source" tag and writes the sequential representation to the "Buffer" tag. The index of the next unwritten byte of the "Buffer".Field operand is saved in the #BufferPos operand. A kind of separator sheet is inserted now to make it easier to deserialize the sequential representation later. The "Move character string" instruction moves the "arti" characters to the #Label operand. The "Serialize" instruction writes these characters after the customer data to the "Buffer" tag. The value of the #BufferPos operand is incremented accordingly. The "Serialize" instruction serializes the data of a specific article, which is calculated in runtime, from the "Source" tag and writes them in sequential representation to the "Buffer" tag after the "arti" characters. 3138 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows the declaration of the operands: Operand Data type Declaration DeliverPos INT In the "Input" section of the block interface BufferPos DINT In the "Temp" section of the block interface Error INT In the "Temp" section of the block interface Label STRING[4] In the "Temp" section of the block interface The following table shows the declarations of the PLC data types: Name of the PLC data types Name Data type Article Number DINT Declaration STRING Colli INT Title INT First name STRING[10] Surname STRING[10] Client The following table shows the declaration of the data blocks: Name of the data blocks Name Data type Source Client "Client" (PLC data type) Article Array[0..10] of "Article" (PLC da ta type) Field Array[0..294] of BYTE Buffer See also Overview of the valid data types (Page 2131) PLC data types (UDT) (Page 2170) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) MOVE_BLK: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The number of elements to be moved to the destination area is specified with the COUNT parameter. The width of the elements to be moved is defined by the width of the first element in the source area. WinCC Advanced V14 System Manual, 10/2016 3139 Programming the PLC 11.4 Instructions The instruction can only be executed if the source area and the destination area have the same data type. The value of the OUT output is invalid if the following condition is met: More data is moved than is made available at the IN parameter or OUT parameter. Syntax The following syntax is used for the "Move block" instruction: SCL MOVE_BLK(IN := <operand>, COUNT := <operand>, OUT => <operand>) Parameter The following table shows the parameters of the "Move block" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN 1) Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the source area that is being copied COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P Number of ele ments to be copied from the source area to the destination area OUT 1) Output Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the des tination area to which the con tents of the source area are being copied 1) The specified data types can only be used as elements of an ARRAY structure. You can find additional information on valid data types under "See also". 3140 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL MOVE_BLK(IN := #a_array[2], COUNT := "Tag_Count", OUT => #b_array[1]); The following table shows how the instruction works using specific operand values: Parameter Operand Value IN a_array[2] The data type of the "a_array" operand is ARRAY[0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is ARRAY[0..6] of INT. It consists of seven elements of data type INT. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. Note You can find more information on the MOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) MOVE_BLK_VARIANT: Move block (S7-1200, S7-1500) Description You use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). You can copy a complete ARRAY or elements of an ARRAY to another ARRAY of the same data type. The size (number of elements) of source and destination ARRAY may be different. You can copy multiple or single elements within an ARRAY. WinCC Advanced V14 System Manual, 10/2016 3141 Programming the PLC 11.4 Instructions When you use the instruction at the time to the block is created, the ARRAY does not yet have to be known, as the source and the designation are transferred per VARIANT. Counting at the parameters SRC_INDEX and DEST_INDEX always begins with the low limit "0", regardless of the later declaration of the ARRAY. The instruction is not executed if more data is copied than is made available. Syntax The following syntax is used for the "Move block" instruction: SCL MOVE_BLK_VARIANT(SRC := <operand>, COUNT := <operand>, SRC_INDEX := <operand>, DEST_INDEX := <operand>, DEST => <operand>) Parameters The following table shows the parameters of the "Move block" instruction: Parameter Declaration Data type Memory area SRC Input VARIANT (which points to an AR RAY or an individ ual ARRAY ele ment), ARRAY of <Data_type> L (A declaration in Source block from which to the "Temp" sec copy tion of the block in terface is not pos sible.) COUNT Input UDINT I, Q, M, D, L 2) Description Number of elements which are copied Assign the value "1" to the parameter COUNT, if no AR RAY is specified at parame ter SRC or at parameter DEST. 3142 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description SRC_INDEX Input DINT I, Q, M, D, L The SRC_INDEX parameter is calculated zero-based. If an ARRAY is specified at parameter SRC, the integer at parameter SRC_INDEX specifies the first element within the source area from which it is to be copied. Independent of the declared ARRAY limits. If no ARRAY is specified at parameter SRC or only one single element of an ARRAY is specified, then assign the value "0" at parameter SRC_INDEX. DEST_IN DEX Input DINT I, Q, M, D, L The DEST_INDEX parameter is calculated zero-based. If an ARRAY is specified at parameter DEST, the integer at parameter DEST_INDEX specifies the first element within the destination area that is to be copied into. Independent of the declared ARRAY limits. If no ARRAY is specified at parameter DEST, then assign the value "0" at parameter DEST_INDEX. DEST Output 1) Function value (RET_VAL) VARIANT L (A declaration in Destination area into which the "Temp" sec the contents of the source tion of the block in block are copied. terface is not pos sible.) INT I, Q, M, D, L Error information 1) The DEST parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. 2) With the SRC parameter, the data types BOOL and ARRAY of BOOL are not permitted. You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 3143 Programming the PLC 11.4 Instructions Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data types do not correspond. Instead of an ARRAY of <Struct>, use an ARRAY of <PLC data type (UDT)>. 8151 Access to the SRC parameter is not possible. 8152 The operand at the SRC parameter is not typed. 8153 Code generation error at the SRC parameter 8154 The operand at the SRC parameter has the data type BOOL. 8281 The COUNT parameter has an invalid value 8382 The value at the SRC_INDEX parameter is outside the limits of the VARIANT. 8383 The value at the SRC_INDEX is outside the high limit of the ARRAY. 8482 The value at the DEST_INDEX parameter is outside the limits of the VARIANT. 8483 The value at the DEST_INDEX is outside the high limit of the ARRAY. 8534 The DEST parameter is write protected 8551 Access to the DEST parameter is not possible. 8552 The operand at the DEST parameter is not typed. 8553 Code generation error at the DEST parameter 8554 The operand at the DEST parameter has the data type BOOL. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := MOVE_BLK_VARIANT(SRC := #SrcField, COUNT := "Tag_Count", SRC_INDEX := "Tag_Src_Index", DEST_INDEX := "Tag_Dest_Index", DEST => #DestField); 3144 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Declaration in the block interface Operand Value SRC Input #SrcField The local operand #SrcField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[0..10] of "MOVE_UDT") COUNT Input Tag_Count 2 SRC_INDEX Input Tag_Src_Index 3 DEST_INDEX Input Tag_Dest_Index 3 DEST InOut #DestField The local operand #DestField uses a PLC data type that was still unknown at the time when the block was pro grammed. (AR RAY[10..20] of "MOVE_UDT") Two elements are moved from the source area, starting from the fourth element of the ARRAY [0..10] of MOVE_UDT, to the destination area. The copies are pasted in the ARRAY [10..20] of MOVE_UDT starting from the fourth element. Note You can find more information on the MOVE_BLK_VARIANT instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) VariantGet: Read out VARIANT tag value (Page 3185) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3145 Programming the PLC 11.4 Instructions UMOVE_BLK: Move block uninterruptible (S7-1200, S7-1500) Description You use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The instruction cannot be interrupted. The number of elements to be moved to the destination area is specified with the COUNT parameter. The width of the elements to be moved is defined by the width of the first element in the source area. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the interrupt reaction times of the CPU increase during the execution of the "Move block uninterruptible" instruction. The value of the OUT output is invalid if the following condition is met: More data is moved than is made available at the IN parameter or OUT parameter. You use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Syntax The following syntax is used for the "Move block uninterruptible" instruction: SCL UMOVE_BLK(IN := <operand>, COUNT := <operand>, OUT => <operand>) 3146 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Move block uninterruptible" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN 1) Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the source area that is being copied COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P Number of ele ments to be copied from the source area to the destination area OUT 1) Output Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, inte gers, float ing-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L The first ele ment of the des tination area to which the con tents of the source area are being copied 1) The specified data types can only be used as elements of an ARRAY structure. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL UMOVE_BLK(IN := #a_array[2], COUNT := "Tag_Count", OUT => #b_array[1]); WinCC Advanced V14 System Manual, 10/2016 3147 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value IN a_array[2] The data type of the "a_array" operand is ARRAY[0..5] of INT. It consists of six elements of data type INT. COUNT Tag_Count 3 OUT b_array[1] The data type of the "b_array" operand is ARRAY[0..6] of INT. It consists of seven elements of data type INT. Starting from the third element, the instruction selects three INT elements from the #a_array tag and copies their contents to the #b_array output tag, beginning with the second element. The move operation cannot be interrupted by other operating system activities. Note You can find more information on the UMOVE_BLK instruction in the following article in the Siemens Industry Online Support: In STEP 7 (TIA Portal) how do you copy memory areas and structured data from one data block to another? https://support.industry.siemens.com/cs/ww/en/view/42603881 (https:// support.industry.siemens.com/cs/ww/en/view/42603881) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) FILL_BLK: Fill block (S7-1200, S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the value of the IN input. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. 3148 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. Syntax The following syntax is used for the "Fill block" instruction: SCL FILL_BLK(IN := <operand>, COUNT := <operand>, OUT => <operand>) Parameters The following table shows the parameters of the "Fill block" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Binary numbers, integers, float ing-point num bers, timers, TOD, DATE, CHAR, WCHAR Binary numbers, integers, floatingpoint numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P Element used to fill the destina tion area COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P Number of re peated move op erations OUT Output Binary numbers, integers, float ing-point num bers, timers, TOD, DATE, CHAR, WCHAR Binary numbers, integers, floatingpoint numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L Address in desti nation area from which filling starts For additional information on valid data types, refer to "See also". Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: SCL FILL_BLK(IN := #FillValue, COUNT := "Tag_Count", OUT => #TargetArea[1]); WinCC Advanced V14 System Manual, 10/2016 3149 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 STRUCT SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT Generate the following program code to address the MyStruct1 tag: SCL FILL_BLK(IN := 10, COUNT := 2, OUT => "Data_block_1".MyStruct1.Member_2); 3150 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Generate the following program code to address the MyStruct2 tag: SCL FILL_BLK(IN := 10, COUNT := 2, OUT => "Data_block_1".MyStruct2.SubArray[1].NestedStruct.Member_2); In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) UFILL_BLK: Fill block uninterruptible (S7-1200, S7-1500) Description You can use the "Fill block uninterruptible" instruction to fill a memory area (destination area) with the value of the IN input. The instruction cannot be interrupted. The destination area is filled beginning with the address specified at the OUT output. The number of repeated copy operations is specified with the COUNT parameter. When the instruction is executed, the value at the input IN is moved to the target area as often as specified by the value of the COUNT parameter. The instruction can only be executed if the source area and the destination area have the same data type. Note The move operation cannot be interrupted by other operating system activities. This is why the alarm reaction times of the CPU increase during the execution of the "Fill block uninterruptible" instruction. The maximum number of elements changed is the number of elements in the ARRAY or structure. If you copy more data than there are elements at the OUT output, you will get an unintended result. You use the "Fill block uninterruptible" instruction to move a maximum of 16 KB. Note the CPUspecific restrictions for this. WinCC Advanced V14 System Manual, 10/2016 3151 Programming the PLC 11.4 Instructions Filling structures As well as the elements of an ARRAY, you can also fill multiple elements of a structure (STRUCT, PLC data type) with the same value. The structure whose elements you want to fill must only contain individual elements of the same elementary data type. The structure itself can, however, be embedded in another structure. Syntax The following syntax is used for the "Fill block uninterruptible" instruction: SCL UFILL_BLK(IN := <operand>, COUNT := <operand>, OUT => <operand>) Parameters The following table shows the parameters of the "Fill block uninterruptible" instruction: Parameters Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD I, Q, M, D, L, P Element used to fill the destination area COUNT Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L, P Number of repea ted move opera tions OUT Output Binary num bers, integers, floating-point numbers, timers, TOD, DATE, CHAR, WCHAR Binary num bers, integers, floating-point numbers, timers, DATE, CHAR, WCHAR, TOD, LTOD D, L Address in destina tion area from which filling starts For additional information on valid data types, refer to "See also". Example with an ARRAY The following example shows how the instruction works when you want to fill an ARRAY: SCL UFILL_BLK(IN := #FillValue, COUNT := "Tag_Count", 3152 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL OUT => #TargetArea[1]); The following table shows how the instruction works using specific operand values: Parameters Operand Value IN FillValue The data type of the operand is INT. COUNT Tag_Count 3 OUT TargetArea The data type of the operand TargetArea is ARRAY[1..5] of INT. It consists of five elements of data type INT. The instruction copies the value of the operand #FillValue to the #TargetArea output tag three times, starting with the first element. The move operation cannot be interrupted by other operating system activities. Examples with a structure The following examples show how the instruction works when you want to fill a structure: Create a global data block with the following elements: Data_block_1 Data type MyStruct1 STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT MyStruct2 STRUCT SubArray ARRAY[1..2] of STRUCT SubArray[1] STRUCT NestedStruct Member_1 INT Member_2 INT Member_3 INT Member_4 INT SubArray[2] STRUCT Nested Struct WinCC Advanced V14 System Manual, 10/2016 STRUCT STRUCT Member_1 INT Member_2 INT Member_3 INT Member_4 INT 3153 Programming the PLC 11.4 Instructions Generate the following program code to address the MyStruct1 tag: SCL UFILL_BLK(IN := 10, COUNT := 2, OUT => "Data_block_1".MyStruct1.Member_2); Generate the following program code to address the MyStruct2 tag: SCL UFILL_BLK(IN := 10, COUNT := 2, OUT => "Data_block_1".MyStruct2.SubArray[1].NestedStruct.Member_2); In each of the two examples, the value 10 of the IN parameter is copied twice to the operand at the OUT parameter, starting with the element Member_2. This means that the value 10 is copied to the elements Member_2 and Member_3. The other two elements, Member_1 and Member_4, are not changed. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) SWAP: Swap (S7-1200, S7-1500) Description You can use the "Swap" instruction to change the arrangement of the bytes of an input value and save the result in the specified operand. The following figure shows how the bytes of an operand of the DWORD data type are swapped using the "Swap" instruction: 3154 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ,QSXWYDOXH 5HVXOW Syntax The following syntax is used for the "Swap" instruction: SCL SWAP(<Expression>) The syntax of the instruction consists of the following parts: Parameter <Expression> Declaration Input Function value Data type Memory area Description WORD, DWORD, LWORD I, Q, M, D, L, P Input value WORD, DWORD, LWORD I, Q, M, D, L, P Result of the in struction S7-1200 S7-1500 WORD, DWORD WORD, DWORD For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := SWAP("Tag_Value"); The result of the instruction is returned as a function value. WinCC Advanced V14 System Manual, 10/2016 3155 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 0000 1111 0101 0101 Tag_Result 0101 0101 0000 1111 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ARRAY DB (S7-1500) ReadFromArrayDB: Read from array data block (S7-1500) Description The instruction "Read from ARRAY data block" is used to read data from a data block of the ARRAY DB block type and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Syntax The following syntax is used for the "Read from ARRAY data block" instruction: SCL ReadFromArrayDB(DB := <operand>, INDEX := <operand>, VALUE => <operand>) Parameters The following table shows the parameters of the "Read from ARRAY data block" instruction: 3156 Parameter Declaration Data type Memory area Description DB Input DB_ANY I, Q, M, D, L Data block that is read INDEX Input DINT I, Q, M, D, L, P Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area VALUE Output 1) VARIANT L (A declaration in Value that is read and output the "Temp" sec tion of the block in terface is not pos sible.) INT I, Q, M, D, L Function value (RET_VAL) Description Result of the instruction 1) The VALUE parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, write protected, or is located in load memory. 8135 The ARRAY data block contains invalid values. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8452 Code generation error 8453 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL "TagResult" := ReadFromArrayDB(DB := "ArrayDB", INDEX := 2, VALUE => "TargetField"); WinCC Advanced V14 System Manual, 10/2016 3157 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. The 2nd element is read from "ArrayDB" and written to the "TargetField" operand. See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) Basics of SCL (Page 4747) WriteToArrayDB: Write to array data block (S7-1500) Description The instruction "Write to ARRAY data block" is used to write data to a data block of the ARRAY DB block type. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". Syntax The following syntax is used for the "Write to ARRAY data block" instruction: SCL WriteToArrayDB(DB := <operand>, INDEX := <operand>, VALUE := <operand>) 3158 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Write to ARRAY data block" instruction: Parameter Declaration Data type Memory area Description DB Input DB_ANY I, Q, M, D, L Data block to which data is written INDEX Input DINT I, Q, M, D, L, P Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE Input VARIANT L (A declaration in Value to be written the "Temp" sec tion of the block in terface is not pos sible.) INT I, Q, M, D, L Function value (RET_VAL) Result of the instruction You can find additional information on valid data types under "See also". Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 80B5 The copying was interrupted. 8132 The data block does not exist, is too short, or is located in load memory. 8134 The data block is write protected. 8135 The data block is not an ARRAY data block. 8154 The data block has the incorrect data type. 8282 The value at the INDEX parameter is outside the limits of the ARRAY. 8350 The data type VARIANT at parameter VALUE provides the value "0". 8352 Code generation error 8353 There are two possible causes of the error: The size of the VALUE parameter does not match the element length in the ARRAY data block. The two tags are not in a memory area with optimized access. For additional information on the memory area access types, refer to: AUTOHOTSPOT * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 3159 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "TagResult" := WriteToArrayDB(DB := "ArrayDB", INDEX := 2, VALUE := "SourceField"); The following table shows how the instruction works using specific operand values: Parameter Operand Value DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type Array [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. The value of the "SourceField" operand is written to the 2nd element of the ARRAY DB. See also Overview of the valid data types (Page 2131) Using ARRAY data blocks (Page 2121) Basics of SCL (Page 4747) ReadFromArrayDBL: Read from array data block in load memory (S7-1500) Description The instruction "Read from ARRAY data block in load memory" is used to read data from a data block of the ARRAY DB block type in the load memory and write it to a destination area. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". The instruction is terminated if a negative signal edge is detected at the BUSY parameter. The DONE parameter has the signal state "1" for one program cycle and the read value is output at the VALUE parameter within this cycle. With all other program cycles, the value at the VALUE parameter is not changed. 3160 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Read from ARRAY data block in the load memory" instruction: SCL "Instance DB"(REQ := <operand>, DB := <operand>, INDEX := <operand>, VALUE := <operand>, BUSY => <operand>, DONE => <operand>, ERROR => <operand>) Parameters The following table shows the parameters of the "Read from ARRAY data block in load memory" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L REQ = "1": Begin with the reading of the ARRAY DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block that is read. INDEX Input DINT I, Q, M, D, L, P Element in the DB that is read. The specification can be a constant, a global tag or an indexed value. VALUE 1) InOut VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being read DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully ERROR Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) WinCC Advanced V14 System Manual, 10/2016 The data blocks must be created with the "Optimized" block property. 3161 Programming the PLC 11.4 Instructions Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8750 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the VALUE parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. Example The following example shows how the instruction works: SCL "ReadFromArrayDBL_DB"(REQ := "TagReg", DB := "ArrayDB", INDEX := 2, VALUE := "TargetField", BUSY => "TagBusy", DONE => "TagDone", ERROR => "TagError"); The following table shows how the instruction works using specific operand values: 3162 Parameter Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE TargetField The "TargetField" operand is a global tag of the data type INT. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Operand Value BUSY TagBusy BOOL DONE TagDone BOOL The instruction is executed when a positive signal edge is detected at the "TagReq" operand. The 2nd element is read from "ArrayDB" and output at the VALUE parameter. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is no longer changed. After the instruction has been processed, the "TagDone" operand has the signal state TRUE. See also Overview of the valid data types (Page 2131) READ_DBL: Read from data block in the load memory (Page 3845) WRIT_DBL: Write to data block in the load memory (Page 3848) Using ARRAY data blocks (Page 2121) Difference between synchronous and asynchronous instructions (Page 2436) Basics of SCL (Page 4747) WriteToArrayDBL: Write to array data block in load memory (S7-1500) Description The instruction "Write to ARRAY data block in load memory" is used to write data to a data block of the ARRAY DB block type in the load memory. An ARRAY data block is a data block that consists of exactly one ARRAY of [Data type]. The elements of the ARRAY can be of PLC data type or any other elementary data type. Counting of the ARRAY always begins with the low limit "0". If the ARRAY data block has been designated with the block attribute "Only store in load memory", it will only be stored in the load memory. The instruction is executed when a positive signal edge is detected at the REQ parameter. The BUSY parameter then has the signal state "1". If a negative signal edge is detected at the BUSY parameter, the instruction is terminated and the value at the VALUE parameter is written to the data block. The DONE parameter then has the signal state "1" for one program cycle. Syntax The following syntax is used for the "Write to ARRAY data block in the load memory" instruction: SCL "Instance DB"(REQ := <operand>, DB := <operand>, INDEX := <operand>, VALUE := <operand>, BUSY => <operand>, WinCC Advanced V14 System Manual, 10/2016 3163 Programming the PLC 11.4 Instructions SCL DONE => <operand>, ERROR => <operand>) Parameters The following table shows the parameters of the "Write to ARRAY data block in load memory" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L REQ = "1": Start writing to the array DB DB 1) Input DB_ANY I, Q, M, D, L ARRAY data block to which data is written INDEX Input DINT I, Q, M, D, L, P Element in the DB to which data is written. The specifica tion can be a constant, a glob al tag or an indexed value. VALUE 1) Input VARIANT D (element of a global data block) Pointer to the DB in the work memory that is to be read and the value of which is to be written. L (A declaration in the "Temp" sec tion of the block in No local constants or tags terface is not pos from the TEMP section must sible.) be used. BUSY Output BOOL I, Q, M, D, L BUSY = "1": The array DB is still being written DONE Output BOOL I, Q, M, D, L DONE = "1": The instruction was executed successfully ERROR Output INT I, Q, M, D, L Error information: If an error occurs during exe cution of the instruction, an error code is output at the ERROR parameter. 1) The data blocks must be created with the "Optimized" block property. Parameter ERROR The following table shows the meaning of the values of the ERROR parameter: Error code* Explanation (W#16#...) 3164 0000 No error 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8230 The data block number is incorrect. 8231 The data block does not exist. 8232 The data block is too short, or is not located in load memory. 8234 The data block is write protected. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 8235 The data block is not an ARRAY DB. 8254 The data block has the incorrect data type. 8382 The value at the INDEX parameter is outside the limits of the ARRAY. 8450 The data type VARIANT at parameter VALUE provides the value "0". 8751 Code generation error 8752 Code generation error 8753 The size of the VALUE parameter does not match the element length in the ARRAY data block. * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". You can find descriptions of the error codes triggered by the instructions "READ_DBL" and "WRIT_DBL" in the corresponding descriptions of the instructions. Example The following example shows how the instruction works: SCL "WriteToArrayDBL_DB"(REQ := "TagReg", DB := "ArrayDB", INDEX := 2, VALUE := "SourceField", BUSY => "TagBusy", DONE => "TagDone", ERROR => "TagError"); The following table shows how the instruction works using specific operand values: Parameter Operand Value REQ TagReq BOOL DB ArrayDB The "ArrayDB" operand is an AR RAY DB of the data type ARRAY [0 to 10] of INT. INDEX 2 2nd element of the "ArrayDB" VALUE SourceField The "SourceField" operand is a global tag of the data type INT. BUSY TagBusy BOOL DONE TagDone BOOL The instruction is executed when a positive signal edge is detected at the "TagReq" operand. As soon as a negative signal edge is detected at the "TagBusy" operand, the instruction is terminated and the value at the VALUE parameter is written to the 2nd element of the "ArrayDB". After the instruction has been processed, the "TagDone" operand has the signal state TRUE. WinCC Advanced V14 System Manual, 10/2016 3165 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) READ_DBL: Read from data block in the load memory (Page 3845) WRIT_DBL: Write to data block in the load memory (Page 3848) Using ARRAY data blocks (Page 2121) Difference between synchronous and asynchronous instructions (Page 2436) Basics of SCL (Page 4747) Read/write access (S7-1200, S7-1500) PEEK: Read memory address (S7-1200, S7-1500) Description The "Read memory address" instruction is used to read a memory address from a standard memory area without specifying a data type. Use of memory area 16#84: DB If you use a data block as memory area and this is not yet known during the creation of the program code you have the option of using the EN/ENO mechanism to recognize possible access errors: SCL #Peeker := PEEK(AREA := 16#84, DBNUMBER := 1, BYTEOFFSET := 2, ENO => ENO); IF NOT ENO THEN; #Peeker := 16#ffff; END_IF; Syntax The following syntax is used for the "Read memory address" instruction: SCL PEEK(AREA:= <operand>, DBNUMBER := <operand>, BYTEOFFSET:= <operand>) 3166 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL PEEK_<data type>(AREA := <operand>, DBNUMBER := <operand>, BYTEOFFSET:= <operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description AREA Input I, Q, M, D The following areas can be selected: BYTE 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB 16#1: Peripheral input (S7-1500 only) DBNUM BER Input DINT, DB_ANY D Number of the data block if AREA = DB, otherwise "0" BYTEOFF SET Input DINT I, Q, M, D Address to read from _<data type> Only the 16 least significant bits are used. Bit strings default: BYTE - Data type of the function value: 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or type-coded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value Bit strings I, Q, M, D Result of the instruction Note If you read the memory address from the input, output or bit memory areas, you must assign the DBNUMBER parameter the value "0", as the instruction is invalid otherwise. Example The following example shows how the instruction works: SCL "Tag_Result1" := PEEK(AREA := "Tag_Area", DBNUMBER := "Tag_DBNumber", BYTEOFFSET := "Tag_Byte"); WinCC Advanced V14 System Manual, 10/2016 3167 Programming the PLC 11.4 Instructions SCL "Tag_Result2" := PEEK_WORD(AREA := "Tag_Area", DBNUMBER := "Tag_DBNumber", BYTEOFFSET := "Tag_Byte"); The following table shows how the instruction works using specific operand values: Parameter Operand Value AREA Tag_Area 16#84 DBNUMBER Tag_DBNumber 5 BYTEOFFSET Tag_Byte 20 Function value Tag_Result1 Byte value "20" Function value Tag_Result2 Word value "20" The instruction reads the value of address "20" from the "Tag_Byte" operand at data block "5" and returns the result as a function value at the "Tag_Result" operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) PEEK_BOOL: Read memory bit (S7-1200, S7-1500) Description The "Read memory bit" instruction is used to read a memory bit from a standard memory area without specifying a data type. Use of memory area 16#84: DB If you use a data block as memory area and this is not yet known during the creation of the program code you have the option of using the EN/ENO mechanism to recognize possible access errors: SCL #Peeker_BOOL := PEEK_BOOL(AREA := 16#84, DBNUMBER := 1, BYTEOFFSET := 2, BITOFFSET := 1, ENO => ENO); IF NOT ENO THEN; #Peeker_BOOL := 0; END_IF; 3168 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Read memory bit" instruction: SCL PEEK_BOOL(AREA := <operand>, DBNUMBER := <operand>, BYTEOFFSET := <operand>, BITOFFSET := <operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description AREA Input I, Q, M, D The following areas can be selected: BYTE 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB 16#1: Peripheral input (S7-1500 only) DBNUM BER Input DINT, DB_ANY D Number of the data block if AREA = DB, otherwise "0" BYTEOFF SET Input DINT I, Q, M, D Address to read from Only the 16 least significant bits are used. BITOFFSET Input INT I, Q, M, D Bit to be read from Function value BOOL I, Q, M, D Result of the instruction Note If you read the memory bit from the input, output or bit memory areas, you must assign the DBNUMBER parameter the value "0", as the instruction is invalid otherwise. Example The following example shows how the instruction works: SCL "Tag_Result" := PEEK_BOOL(AREA := "Tag_Area", DBNUMBER := "Tag_DBNumber", BYTEOFFSET := "Tag_Byte", BITOFFSET := "Tag_Bit"); The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Parameter Operand Value AREA Tag_Area 16#84 DBNUMBER Tag_DBNumber 5 BYTEOFFSET Tag_Byte 20 3169 Programming the PLC 11.4 Instructions Parameter Operand Value BITOFFSET Tag_Bit 3 Function value Tag_Result 3 The instruction reads the value of memory bit "3" from the "Tag_Bit" operand at byte "20" of data block "5" and returns the result at the "Tag_Result" operand as function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) POKE: Write memory address (S7-1200, S7-1500) Description The "Write memory address" instruction is used to write a memory address to a standard memory area without specifying a data type. Use of memory area 16#84: DB If you use a data block as memory area and this is not yet known during the creation of the program code you have the option of using the EN/ENO mechanism to recognize possible access errors: SCL POKE(AREA := 16#84, DBNUMBER := 1, BYTEOFFSET := 2, VALUE := BYTE#7, ENO => ENO); Syntax The following syntax is used for the "Write memory address" instruction: SCL POKE(AREA := <operand>, DBNUMBER := <operand>, BYTEOFFSET := <operand>, VALUE := <operand>) 3170 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description AREA Input BYTE I, Q, M, D The following areas can be selected: 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB 16#2: Peripheral output (S7-1500 only) DBNUM BER Input DINT, DB_ANY D Number of the data block if AREA = DB, otherwise "0" BYTEOFF SET Input DINT I, Q, M, D Address to be written VALUE Input Only the 16 least significant bits are used. Bit strings I, Q, M, D Value to be written Note If you write the memory address to the input, output or bit memory areas, you must assign the DBNUMBER parameter the value "0", as the instruction is invalid otherwise. Example The following example shows how the instruction works: SCL POKE(AREA := "Tag_Area", DBNUMBER := "Tag_DBNumber", BYTEOFFSET := "Tag_Byte"); VALUE := "Tag_Value", The following table shows how the instruction works using specific operand values: Parameter Operand Value AREA Tag_Area 16#84 DBNUMBER Tag_DBNumber 5 BYTEOFFSET Tag_Byte 20 VALUE Tag_Value 16#11 The instruction overwrites the memory address "20" in the data block "5" with value "16#11". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3171 Programming the PLC 11.4 Instructions POKE_BOOL: Write memory bit (S7-1200, S7-1500) Description The "Write memory bit" instruction is used to write a memory bit to a standard memory area without specifying a data type. Use of memory area 16#84: DB If you use a data block as memory area and this is not yet known during the creation of the program code you have the option of using the EN/ENO mechanism to recognize possible access errors: SCL POKE(AREA := 16#84, DBNUMBER := 1, BYTEOFFSET := 2, BITOFFSET := 4, VALUE := TRUE, ENO => ENO); Syntax The following syntax is used for the "Write memory bit" instruction: SCL POKE_BOOL(AREA := <operand>, DBNUMBER := <operand>, BYTEOFFSET := <operand>, BITOFFSET := <operand>, VALUE := <operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description AREA Input I, Q, M, D The following areas can be selected: BYTE 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB 16#2: Peripheral output (S7-1500 only) 3172 DBNUM BER Input DINT, DB_ANY D Number of the data block if AREA = DB, otherwise "0" BYTEOFF SET Input DINT I, Q, M, D Address to be written Only the 16 least significant bits are used. BITOFFSET Input INT I, Q, M, D Bit to be written VALUE BOOL I, Q, M, D Value to be written Input WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note If you write the memory bit to the input, output or bit memory areas, you must assign the DBNUMBER parameter the value "0", as the instruction is invalid otherwise. Example The following example shows how the instruction works: SCL POKE_BOOL(AREA := "Tag_Area", DBNUMBER := "Tag_DBNumber", BYTEOFFSET := "Tag_Byte", BITOFFSET := "Tag_Bit", VALUE := "Tag_Value"); The following table shows how the instruction works using specific operand values: Parameter Operand Value AREA Tag_Area 16#84 DBNUMBER Tag_DBNumber 5 BYTEOFFSET Tag_Byte 20 BITOFFSET Tag_Bit 3 VALUE Tag_Value M0.0 The instruction overwrites the memory bit "3" in data block "5" in byte "20" with the value "M0.0". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) POKE_BLK: Write memory area (S7-1200, S7-1500) Description The "Write memory area" instruction is used to write a memory area to a different standard memory area without specifying a data type. WinCC Advanced V14 System Manual, 10/2016 3173 Programming the PLC 11.4 Instructions Use of memory area 16#84: DB If you use a data block as memory area and this is not yet known during the creation of the program code you have the option of using the EN/ENO mechanism to recognize possible access errors: SCL POKE_BLK(AREA_SRC := 16#84, DBNUMBER_SRC := 1, BYTEOFFSET_SRC := 2, AREA_DEST := 16#84, DBNUMBER_DEST := 11, BYTEOFFSET_DEST := 22, COUNT := 3, ENO => ENO); Syntax The following syntax is used for the "Write memory area" instruction: SCL POKE_BLK(AREA_SRC:= <operand>, DBNUMBER_SRC:= <operand>, BYTEOFFSET_SRC:= <operand>, AREA_DEST:= <operand>, DBNUMBER_DEST:= <operand>, BYTEOFFSET_DEST:= <operand>, COUNT := <operand>) The syntax of the instruction consists of the following parts: Parameters Declaration Data type Memory area Description AREA_SRC Input I, Q, M, D The following areas can be selec ted in the source memory area: BYTE 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB DBNUMBER_SRC Input DINT, DB_ANY 1) D Number of the data block in the source memory area, if AREA = DB, otherwise "0" BYTEOFF SET_SRC Input DINT I, Q, M, D Address in the source memory area to be written Only the 16 least significant bits are used. 3174 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description AREA_DEST Input I, Q, M, D The following areas can be selec ted in the destination memory area: BYTE 16#81: Input 16#82: Output 16#83: Bit memory 16#84: DB DBNUM BER_DEST Input DINT, DB_ANY 1) D Number of the data block in the destination memory area, if AREA = DB, otherwise "0" BYTEOFF SET_DEST Input DINT I, Q, M, D Address in the destination memory area to be written Only the 16 least significant bits are used. COUNT Input DINT I, Q, M, D Number of bytes which are copied The data types of the parameters DBNUMBER_SRC and DBNUMBER_DEST must have the same data type. In other words, both tags must be either data type DINT or data type DB_ANY. 1) Note If you write the memory address to the input, output or bit memory areas, you must assign the DBNUMBER parameter the value "0", as the instruction is invalid otherwise. Example The following example shows how the instruction works: SCL POKE_BLK(AREA_SRC := "Tag_Source_Area", DBNUMBER_SRC := "Tag_Source_DBNumber", BYTEOFFSET_SRC := "Tag_Source_Byte"); AREA_DEST := "Tag_Destination_Area", DBNUMBER_DEST := "Tag_Destination_DBNumber", BYTEOFFSET_DEST := "Tag_Destination_Byte", COUNT := "Tag_Count"); The following table shows how the instruction works using specific operand values: Parameters Operand Value AREA_SRC Tag_Source_Area 16#84 DBNUMBER_SRC Tag_Source_DBNumber 5 BYTEOFFSET_SRC Tag_Source_Byte 20 AREA_DEST Tag_Destination_Area 16#83 DBNUMBER_DEST Tag_Destination_DBNumber 0 BYTEOFFSET_DEST Tag_Destination_Byte 30 COUNT Tag_Count 100 The instruction writes 100 byte from data block "5" starting with address "20" in the memory area of the bit memory starting at address "30". WinCC Advanced V14 System Manual, 10/2016 3175 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) READ_LITTLE: Read data in little endian format (S7-1200, S7-1500) Description The instruction "Read data in little endian format" is used to read data from a memory area and to write this to a single tag in the little endian byte sequence. With the little endian format, the byte with the least significant bits is saved first, which means at the lowest memory address. The parameters SRC_ARRAY and DEST_VARIABLE are of data type VARIANT. However, there are a few restrictions regarding the data type with which the parameters can be interconnected. The VARIANT at the DEST_VARIABLE parameter must point to an elementary data type. The VARIANT at the SRC_ARRAY parameter points to the memory area to be read from, and this must be an ARRAY of BYTE. The operand at the POS parameter determines the position in the memory area at which reading starts. Note Reading tag of data type VARIANT or BOOL If you want to read a tag to which a VARIANT points, use the "Serialize" or "Deserialize" instructions. If you want to read a tag of the data type BOOL, use a "Slice access". Syntax Use the following syntax for the "Read data in little endian format" instruction: SCL READ_LITTLE(SRC_ARRAY := <operand>, DEST_VARIABLE => <Operand>, POS := <operand>) 3176 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Read data in little endian format" instruction: Parameter Declaration Data type S7-1200 V4.0 and higher S7-1500 Memory area Description I, Q, M, D, L Memory area to be read from SRC_AR RAY Input ARRAY of BYTE ARRAY of BYTE DEST_VARI ABLE Output Bit strings, in tegers, float ing-point numbers, TOD, DATE, CHAR, WCHAR Bit strings, in I, Q, M, D, L tegers, float ing-point num bers, LDT, TOD, LTOD, DATE, CHAR, WCHAR Read value POS InOut DINT DINT I, Q, M, D, L Determines the position at which the reading starts. The POS param eter is calculated zerobased. INT INT I, Q, M, D, L Error information Function value (RET_VAL) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data type at the SRC_ARRAY parameter is not ARRAY of BYTE. 8382 The value at the POS parameter is outside the limits of the ARRAY. 8383 The value at the POS parameter is within the limits of the ARRAY but the size of the memory area exceeds the high limit of the ARRAY. Example The following example shows how the instruction works: SCL #TagResult := READ_LITTLE(SRC_ARRAY := #SourceField, DEST_VARIABLE => #DINTVariable, POS := #TagPos); WinCC Advanced V14 System Manual, 10/2016 3177 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value SRC_ARRAY #SourceField ARRAY[0..3] of BYTE DEST_VARIABLE #DINTVariable 1295788826 POS #TagPos := 16#1A, 16#2B, 16#3C, 16#4D 16#4D3C2B1A 0 => 4 The instruction reads the integer 1_295_788_826 from the #SourceField memory area and writes it to the #DINTVariable operand in little endian format. The data type at the DEST_VARIABLE parameter specifies how many bytes are read. The quantity 4 is stored in the #TagPos operand. See also Overview of the valid data types (Page 2131) Deserialize: Deserialize (Page 3132) Serialize: Serialize (Page 3136) Basics of SCL (Page 4747) Memory areas (Page 944) WRITE_LITTLE: Write data in little endian format (S7-1200, S7-1500) Description You use the "Write data in little endian format" instruction to write the data of a single tag in the little endian byte sequence to a memory area. With the little endian format, the byte with the least significant bits is saved first, which means at the lowest memory address. The parameters SRC_VARIABLE and DEST_ARRAY are of data type VARIANT. However, there are a few restrictions regarding the data type with which the parameters can be interconnected. The VARIANT at the SRC_VARIABLE parameter must point to an elementary data type. The VARIANT at the DEST_ARRAY parameter points to the memory area to which the data is written, and this must be an ARRAY of BYTE. The operand at the POS parameter determines the position in the memory area at which writing starts. Note Writing tag of data type VARIANT or BOOL If you want to write a tag to which a VARIANT points, use the "Serialize" or "Deserialize" instructions. If you want to write a tag of the data type BOOL, use a "Slice access". 3178 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax Use the following syntax for the "Write data in little endian format" instruction: SCL WRITE_LITTLE(SRC_VARIABLE := <operand>, DEST_ARRAY := <operand>, POS := <operand>) Parameters The following table shows the parameters of the "Write data in little endian format" instruction: Parameter Declaration Data type Memory area Description S7-1200 V4.0 and higher S7-1500 SRC_VARIA Input BLE Bit strings, integers, floatingpoint num bers, TOD, DATE, CHAR, WCHAR Bit strings, in tegers, float ing-point num bers, LDT, TOD, LTOD, DATE, CHAR, WCHAR I, Q, M, D, L Tag whose data are writ ten DEST_AR RAY InOut ARRAY of BYTE ARRAY of BYTE I, Q, M, D, L Memory area to which the data are written POS InOut DINT DINT I, Q, M, D, L Determines the position at which the writing starts. The POS param eter is calculated zerobased. INT INT I, Q, M, D, L Error information Function value (RET_VAL) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) WinCC Advanced V14 System Manual, 10/2016 0000 No error 80B4 The data type at the SRC_ARRAY parameter is not ARRAY of BYTE. 8382 The value at the POS parameter is outside the limits of the ARRAY. 8383 The value at the POS parameter is within the limits of the ARRAY but the size of the memory area exceeds the high limit of the ARRAY. 3179 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL #TagResult := WRITE_LITTLE(SRC_VARIABLE := #DINTVariable, DEST_ARRAY := #TargetField, POS := #TagPos); The following table shows how the instruction works using specific operand values: Parameter Operand Value SRC_VARIABLE #DINTVariable 1295788826 16#4D3C2B1A DEST_ARRAY #TargetField ARRAY[0..10] of BYTE = 16#1A, 16#2B, 16#3C, 16#4D POS #TagPos 0 => 4 The instruction writes the integer 1_295_788_826 from the #DINTVariable operand to the #TargetField memory area in little endian format. The data type at the SRC_VARIABLE parameter specifies how many bytes are written. The quantity 4 is stored in the #TagPos operand. See also Overview of the valid data types (Page 2131) Deserialize: Deserialize (Page 3132) Serialize: Serialize (Page 3136) Basics of SCL (Page 4747) Memory areas (Page 944) READ_BIG: Read data in big endian format (S7-1200, S7-1500) Description The instruction "Read data in big endian format" is used to read data from a memory area and to write this to a single tag in the big endian byte sequence. With the big endian format, the byte with the most significant bits is saved first, which means at the lowest memory address. The parameters SRC_ARRAY and DEST_VARIABLE are of data type VARIANT. However, there are a few restrictions regarding the data type with which the parameters can be interconnected. The VARIANT at the DEST_VARIABLE parameter must point to an elementary data type. The VARIANT at the SRC_ARRAY parameter points to the memory area to be read from, and this must be an ARRAY of BYTE. 3180 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The operand at the POS parameter determines the position in the memory area at which reading starts. Note Reading tag of data type VARIANT or BOOL If you want to read a tag to which a VARIANT points, use the "Serialize" or "Deserialize" instructions. If you want to read a tag of the data type BOOL, use a "Slice access". Syntax Use the following syntax for the "Read data in big endian format" instruction: SCL READ_BIG(SRC_ARRAY := <operand>, DEST_VARIABLE => <Operand>, POS := <operand>) Parameters The following table shows the parameters of the "Read data in big endian format" instruction: Parameter Declaration Data type S7-1500 Memory area Description I, Q, M, D, L Memory area to be read from SRC_AR RAY Input ARRAY of BYTE ARRAY of BYTE DEST_VARI ABLE Output Bit strings, in tegers, float ing-point numbers, TOD, DATE, CHAR, WCHAR Bit strings, in I, Q, M, D, L Read value tegers, float ing-point numbers, LDT, TOD, LTOD, DATE, CHAR, WCHAR POS InOut DINT DINT I, Q, M, D, L Determines the position at which the reading starts. The POS parame ter is calculated zerobased. INT INT I, Q, M, D, L Error information Function value (RET_VAL) WinCC Advanced V14 System Manual, 10/2016 S7-1200 V4.0 and higher 3181 Programming the PLC 11.4 Instructions RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data type at the SRC_ARRAY parameter is not ARRAY of BYTE. 8382 The value at the POS parameter is outside the limits of the ARRAY. 8383 The value at the POS parameter is within the limits of the ARRAY but the size of the memory area exceeds the high limit of the ARRAY. Example The following example shows how the instruction works: SCL #TagResult := READ_BIG(SRC_ARRAY := #SourceField, DEST_VARIABLE => #DINTVariable, POS := #TagPos); The following table shows how the instruction works using specific operand values: Parameter Operand Value SRC_ARRAY #SourceField ARRAY[0..10] of BYTE := 16#1A, 16#2B, 16#3C, 16#4D DEST_VARIABLE #DINTVariable 439041101 16#1A2B3C4D POS #TagPos 0 => 4 The instruction reads the integer 439_041_101 from the #SourceField memory area and writes it to the #DINTVariable operand in big endian format. The data type at the DEST_VARIABLE parameter specifies how many bytes are read. The quantity 4 is stored in the #TagPos operand. See also Overview of the valid data types (Page 2131) Deserialize: Deserialize (Page 3132) Serialize: Serialize (Page 3136) Basics of SCL (Page 4747) Memory areas (Page 944) 3182 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WRITE_BIG: Write data in big endian format (S7-1200, S7-1500) Description You use the "Write data in big endian format" instruction to write the data of a single tag in the big endian byte sequence to a memory area. With the big endian format, the byte with the most significant bits is saved first, which means at the lowest memory address. The parameters SRC_VARIABLE and DEST_ARRAY are of data type VARIANT. However, there are a few restrictions regarding the data type with which the parameters can be interconnected. The VARIANT at the SRC_VARIABLE parameter must point to an elementary data type. The VARIANT at the DEST_ARRAY parameter points to the memory area to which the data is written, and this must be an ARRAY of BYTE. The operand at the POS parameter determines the position in the memory area at which writing starts. Note Writing tag of data type VARIANT or BOOL If you want to write a tag to which a VARIANT points, use the "Serialize" or "Deserialize" instructions. If you want to write a tag of the data type BOOL, use a "Slice access". Syntax Use the following syntax for the "Write data in big endian format" instruction: SCL WRITE_BIG(SRC_VARIABLE := <operand>, DEST_ARRAY := <operand>, POS := <operand>) WinCC Advanced V14 System Manual, 10/2016 3183 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Write data in big endian format" instruction: Parameter Declaration Data type Memory area Description S7-1200 V4.0 and higher S7-1500 SRC_VARIA Input BLE Bit strings, in tegers, float ing-point numbers, TOD, DATE, CHAR, WCHAR Bit strings, in I, Q, M, D, L Tag whose data are writ tegers, float ten ing-point num bers, LDT, TOD, LTOD, DATE, CHAR, WCHAR DEST_AR RAY InOut ARRAY of BYTE ARRAY of BYTE I, Q, M, D, L Memory area to which the data are written POS InOut DINT DINT I, Q, M, D, L Determines the position at which the writing starts. The POS parame ter is calculated zerobased. INT INT I, Q, M, D, L Error information Function value (RET_VAL) RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 80B4 The data type at the SRC_ARRAY parameter is not ARRAY of BYTE. 8382 The value at the POS parameter is outside the limits of the ARRAY. 8383 The value at the POS parameter is within the limits of the ARRAY but the size of the memory area exceeds the high limit of the ARRAY. Example The following example shows how the instruction works: SCL #TagResult := WRITE_BIG(SRC_VARIABLE := #DINTVariable, DEST_ARRAY := #TargetField, POS := #TagPos); 3184 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameter Operand Value SRC_VARIABLE #DINTVariable 439041101 DEST_ARRAY #TargetField POS #TagPos 16#1A2B3C4D ARRAY[0..10] of BYTE = 16#1A, 16#2B, 16#3C, 16#4D 0 => 4 The instruction writes the integer 439_041_101 from the #DINTVariable operand to the #TargetField memory area in big endian format. The data type at the SRC_VARIABLE parameter specifies how many bytes are written. The quantity 4 is stored in the #TagPos operand. See also Overview of the valid data types (Page 2131) Deserialize: Deserialize (Page 3132) Serialize: Serialize (Page 3136) Basics of SCL (Page 4747) Memory areas (Page 944) VARIANT (S7-1200, S7-1500) VariantGet: Read out VARIANT tag value (S7-1200, S7-1500) Description You can use the "Read out VARIANT tag value" instruction to read the value of the tag to which the VARIANT at the SRC parameter points and write it in the tag at the DST parameter. The SRC parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the DST parameter. The data type of the tag specified at the DST parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT instruction: Move block" instruction. For additional information, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3185 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Read out VARIANT tag value" instruction: SCL VariantGet(SRC := <operand>, DST => <operand>) Parameters The following table shows the parameters of the "Read out VARIANT tag value" instruction: Parameter Declaration Data type Memory area Description S7-1200 S7-1500 L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) Tag to be read I, Q, M, D, L, P Result of the in struction SRC Input VARIANT DST Output Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL VariantGet(SRC := #TagIn_Source, DST => "TagOut_Dest"); The value of the tag to which the VARIANT at the "#TagIn_Source" operand points, is read and written to the "TagOut_Dest" operand. See also Overview of the valid data types (Page 2131) MOVE_BLK_VARIANT: Move block (Page 3141) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) 3186 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions VariantPut: Write VARIANT tag value (S7-1200, S7-1500) Description You can use the "Write VARIANT tag value" instruction to write the value of the tag at the SRC parameter to the memory at the DST parameter to which the VARIANT points. The DST parameter has the VARIANT data type. Any data type except for VARIANT can be specified at the SRC parameter. The data type of the tag at the SRC parameter must match the data type to which the VARIANT points. Note To copy structures and ARRAYs, you can use the "MOVE_BLK_VARIANT instruction: Move block" instruction. For additional information, refer to "See also". Syntax The following syntax is used for the "Write VARIANT tag value" instruction: SCL VariantPut(SRC := <operand>, DST := <operand>) Parameters The following table shows the parameters of the instruction "Write VARIANT tag value": Parameters Declaration Data type Memory area S7-1200 Description S7-1500 SRC Input Bit strings, inte I, Q, M, D, L gers, floating-point numbers, timers, date and time, character strings, ARRAY elements, PLC data types I, Q, M, D, L, P Tag to be read DST Input VARIANT L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) Result of the in struction L (A declara tion in the "Temp" sec tion of the block inter face is not possible.) You can find additional information on valid data types under "See also". WinCC Advanced V14 System Manual, 10/2016 3187 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL VariantPut(SRC := "TagIn_Source", DST := #TagIn_Dest); The value of the "TagIn_Source" operand is written to the tag to which the VARIANT at the #TagIn_Dest operand points. See also Overview of the valid data types (Page 2131) MOVE_BLK_VARIANT: Move block (Page 3141) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) CountOfElements: Get number of ARRAY elements (S7-1200, S7-1500) Description You use the "Get number of ARRAY elements" instruction to query how many ARRAY elements a tag to which VARIANT points has. If it is a multi-dimensional ARRAY, the number of ARRAY elements is output as the result. (The difference between the high and low limit +1). If it is a multi-dimensional ARRAY, the number of all dimensions is output as the result. Note ARRAY within a data block If you want to query the number of the elements of an ARRAY which is located in a data block, the block attribute "Data block write-protected in the device" must not be activated in this block. Otherwise, the RET_VAL parameter returns the result "0", irrespective of how many elements the ARRAY contains. The result is also "0" if the VARIANT tag is not an ARRAY. If the VARIANT points to an ARRAY of BOOL, the fill elements are included in the count. (For example, 8 is returned for an ARRAY[0..1] of BOOL). Syntax The following syntax is used for the "Get number of ARRAY elements" instruction: SCL CountOfElements(<operand>) 3188 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Get number of ARRAY elements" instruction: Parameter Declaration Data type Memory area <Operand> Input VARIANT L (A declaration in Tag to be queried the "Temp" sec tion of the block in terface is not pos sible.) UDINT I, Q, M, D, L Function value Description Result of the instruction You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL IF IS_ARRAY(#Tag_VARIANTToArray) THEN "Tag_Result" := CountOfElements(#Tag_VARIANTToArray); END_IF; If the tag to which the VARIANT points is an ARRAY, the number of ARRAY elements is output. See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) ARRAY[*] (S7-1200, S7-1500) LOWER_BOUND: Read out low ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. WinCC Advanced V14 System Manual, 10/2016 3189 Programming the PLC 11.4 Instructions The "Read out ARRAY low limit" instruction is used to read out the variable low limit of the ARRAY. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. Syntax The following syntax is used for the "Read out ARRAY low limit": SCL LOWER_BOUND(ARR := <operand>, DIM := <operand>) Parameters The following table shows the parameters of the instruction "Read out ARRAY low limit": Parameter Declaration Data type Memory area Description ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable low limit is to be read. FC => Sections In put and InOut DIM Input Function value UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable low limit is to be read. DINT I, Q, M, D, L, P Result Example The following example shows how the instruction works: SCL "Result" := LOWER_BOUND(ARR := #ARRAY_A, DIM := 2); The instruction reads out the variable low limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Result". See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) 3190 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basics of SCL (Page 4747) Memory areas (Page 944) UPPER_BOUND: Read out high ARRAY limit (S7-1200, S7-1500) Description You can declare tags of the data type ARRAY[*] in the block interface of a function block or function. For these local tags, you can read out the limits of the ARRAY. You will need to specify the required dimension at the DIM parameter. The instruction "Read out ARRAY high limit" is used to read out the variable high limit of the ARRAY. Note Availability of the instruction The instruction is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. Syntax The following syntax is used for the instruction "Read out ARRAY high limit": SCL UPPER_BOUND(ARR := <operand>, DIM := <operand>) Parameters The following table shows the parameters of the instruction "Read out ARRAY high limit": Parameter Declaration Data type Memory area Description ARR Input ARRAY[*] FB => Section In Out ARRAY of which the variable high limit is to be read. FC => Sections In put and InOut DIM Function value WinCC Advanced V14 System Manual, 10/2016 Input UDINT I, Q, M, D, L, P or constant Dimension of the ARRAY of which the variable high limit is to be read. DINT I, Q, M, D, L, P Result 3191 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Result" := UPPER_BOUND(ARR := #ARRAY_A, DIM := 2); The instruction reads out the variable high limit of the ARRAY #ARRAY_A from the second dimension. If the instruction is executed without errors, the result is written to operand "Result". See also Overview of the valid data types (Page 2131) ARRAY (Page 2177) Basics of SCL (Page 4747) Memory areas (Page 944) Legacy (S7-1500) BLKMOV: Move block (S7-1500) Description You can use the "Move block" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can also use this tag in memory areas "with optimized block access". The following figure shows the principle of the move operation: 3192 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions '%'%: $ % '%'%: & ' '%'%: ( ) '%'%: * + 0RYH &RS\LQJLVSHUIRUPHGLQ WKHGLUHFWLRQRIDVFHQGLQJ DGGUHVVHV 0: $ % 0: & ' 0: ( ) 0: * + 0HPRU\DUHD Consistency of source and destination data Note that while the instruction "Move block" is being executed, the source data remains unchanged; otherwise the consistency of the destination data cannot be guaranteed. Interruptibility There is no limit to the nesting depth. Memory areas You can use the "Move block" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap. If the source and destination areas have different lengths, only the length of the smaller area will be moved. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. WinCC Advanced V14 System Manual, 10/2016 3193 Programming the PLC 11.4 Instructions If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. Rules for moving character strings You can use the "Move block" instruction to also move source and destination areas of the STRING data type. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length is also written to the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If you want to move the information on the maximum and actual length of a character string, specify the areas in bytes in the SRCBLK and DSTBLK parameters. Syntax The following syntax is used for the "Move block" instruction: SCL BLKMOV(SRCBLK := <Operand>, DSTBLK => <Operand>) Parameters The following table shows the parameters of the "Move block" instruction: Parameter Declaration Data type Memory area Description SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). INT I, Q, M, D, L, P Error information Function value (RET_VAL) 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. For more information on valid data types, refer to "See also". RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: 3194 Error code* (W#16#...) Explanation 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the SRCBLK parameter. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the DSTBLK parameter. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_RetVal" := BLKMOV(SRCBLK := P#M100.0 BYTE 10, DSTBLK => P#DB1.DBX0.0 BYTE 10); The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) Basics of SCL (Page 4747) UBLKMOV: Move block uninterruptible (S7-1500) Description You can use the "Move block uninterruptible" instruction to move the content of a memory area (source area) to another memory area (destination area). The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. The move operation cannot be interrupted by other operating system activities. As a result, the interrupt reaction time of the CPU can increase during execution of the "Move block uninterruptible" instruction. Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can also use this tag in memory areas "with optimized block access". WinCC Advanced V14 System Manual, 10/2016 3195 Programming the PLC 11.4 Instructions Memory areas You can use the "Move block uninterruptible" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination area must not overlap during the execution of the "Move block uninterruptible" instruction. If the source area is smaller than the destination area, the entire source area will be written to the destination area. The remaining bytes of the destination area remain unchanged. If the destination area is smaller than the source area, the entire destination area will be written. The remaining bytes of the source area are ignored. If a source or destination area defined as a formal parameter is smaller than a destination or source area specified in the SRCBLK or DSTBLK parameter, no data is transferred. If a block of data type BOOL is moved, the tag must be addressed absolutely and the specified length of the area must be divisible by 8, otherwise the instruction cannot be executed. You can use the "Move block uninterruptible" instruction to move a maximum of 16 KB. Note the CPU-specific restrictions for this. Rules for moving character strings You can use the "Move block uninterruptible" instruction to also move source and destination areas of data type STRING. If only the source area is STRING data type, the characters will be moved that are actually contained in the character string. Information on the actual and maximum length are not written in the destination area. If the source and destination area are both STRING data type, the current length of the character string in the destination area is set to the number of characters actually moved. If areas of the STRING data type are moved, specify "1" as the area length. Syntax The following syntax is used for the "Move block uninterruptible" instruction: SCL UBLKMOV(SRCBLK := <Operand>, DSTBLK => <Operand>) 3196 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Move block uninterruptible" instruction: Parameter Declaration Data type Memory area Description SRCBLK Input VARIANT I, Q, M, D, L, P Specifies the memory area to be moved (source area). DSTBLK Output 1) VARIANT I, Q, M, D, L, P Specifies the memory area to which the block is to be moved (destination area). INT I, Q, M, D, L, P Error information Function value (RET_VAL) 1) The DSTBLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. For more information on valid data types, refer to "See also". RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code (W#16#...) Explanation 0000 No error 8091 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the SRCBLK parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the DSTBLK parameter. General error information See also: "GET_ERR_ID: Get error ID locally" *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_RetVal" := UBLKMOV(SRCBLK := P#M100.0 BYTE 10, DSTBLK => P#DB1.DBX0.0 BYTE 10); The instruction copies 10 bytes starting from MB100 and writes them to DB1. If an error occurs during the move operation, its error code is output in the "Tag_RetVal" tag. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) Basics of SCL (Page 4747) WinCC Advanced V14 System Manual, 10/2016 3197 Programming the PLC 11.4 Instructions FILL: Fill block (S7-1500) Description You can use the "Fill block" instruction to fill a memory area (destination area) with the content of another memory area (source area). The "Fill block" instruction moves the content of the source area to the destination area until the destination area is completely written. The move operation takes place in the direction of ascending addresses. You use VARIANT to define the source and destination areas. Note You can also define the source and destination areas using the ANY data type If you use the ANY data type, you must observe the following in connection with the STRING data type: In the case of an assignment of STRING (source area) using ANY after STRING (destination area), the content of the STRING is copied to the destination area repeatedly until it is full. Source area: 'STEP7-SCL-TIA-Portal' Destination area: 'STEP7-SCL-TIA-PortalSTEP7-SCL-TIA-PortalSTEP7-SCL' In the case of an assignment of WSTRING (source area) using ANY after WSTRING (destination area), the entire WSTRING including type information is copied only once to the destination area. Source area: WSTRING#'STEP7-SCL-TIA-Portal' Destination area: WSTRING#'STEP7-SCL-TIA-Portal' Note The tags of the instruction can only be used within memory areas in which the "Optimized block access" attribute is not activated. This applies to data blocks (DBs), organization blocks (OBs), functions (FCs), bit memory (M), inputs (I), and outputs (Q). If a tag of the instruction has been declared with the retentivity setting "Set in IDB", however, you can also use this tag in memory areas "with optimized block access". For blocks with the "Optimized block access" attribute, you can use the "FILL_BLK: Fill block" instruction. The following figure shows the principle of the move operation: 3198 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ),// %9$/ $ % 0: $ % 0: & ' 0: & ' 0: ( ) 0: ( ) 0: * + 0: * + 0: $ % 0: & ' 0: ( ) 0: * + 0: $ % 0: & ' 0: %/. Example: The contents of the range MW100 to MW118 are to be preassigned with the contents of the memory words MW14 to MW20. Consistency of source and destination data Note that while the instruction "Fill block" is being executed, the source data remains unchanged; otherwise the consistency of the destination data cannot be guaranteed. Memory areas You can use the "Fill block" instruction to move the following memory areas: Areas of a data block Bit memory Process image input Process image output General rules for moving The source and destination areas must not overlap. If the destination area to be preset is not an integer multiple of the length of the BVAL input parameter, the destination area is nevertheless written up to the last byte. If the destination area to be preset is smaller than the source area, the function only copies as much data as can be written to the destination area. If the destination or source area actually present is smaller than the assigned memory area for the source or destination area (BVAL, BLK parameters), no data is transferred. WinCC Advanced V14 System Manual, 10/2016 3199 Programming the PLC 11.4 Instructions If the ANY pointer (source or destination) is of the data type BOOL, it must be addressed absolutely and the length specified must be divisible by 8; otherwise the instruction is not executed. If the destination area is STRING data type, the instruction writes the entire string including the administration information. Rules for moving structures When you transfer a structure as an input parameter you must bear in mind that the length of a structure is always oriented to an even number of bytes. The structure will need one byte of additional memory space if you declare a structure with an odd number of bytes. Syntax The following syntax is used for the "Fill block" instruction: SCL FILL(BVAL := <Operand>, BLK => <Operand>) Parameters The following table shows the parameters of the "Fill block" instruction: Parameter Declaration Data type Memory area Description BVAL Input VARIANT I, Q, M, D, L, P Specification of the memory area (source area), the con tent of which is used to fill the destination area at the BLK parameter. BLK Output 1) VARIANT I, Q, M, D, L, P Specification of the memory area that will be filled with the content of the source area. INT I, Q, M, D, L, P Error information Function value (RET_VAL) 1) The BLK parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. For more information on valid data types, refer to "See also". BVAL parameter When you transfer a structure as an input parameter, remember that the length of a structure is always based on an even number of bytes. The structure will need one byte of additional memory space if you declare a structure with an odd number of bytes. 3200 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code (W#16#...) Explanation 0000 No error 8092 The source or destination area is located in the load memory only. 8152 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BVAL parameter. 8352 The WSTRING, WCHAR, BOOL, and ARRAY of STRING data types are not supported at the BLK parameter. General er See also: "GET_ERR_ID: Get error ID locally" ror informa tion *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_RetVal" := FILL(BVAL := P#M14.0 WORD 4, BLK => P#M100.0 WORD 10); The instruction copies the source area from MW14 to MW20 and fills the destination area from MW100 to MW118 with the content of the 4 words contained in the memory area in the BVAL parameter. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) Basics of SCL (Page 4747) Conversion operations (S7-1200, S7-1500) CONVERT: Convert value (S7-1200, S7-1500) Description Use the "Convert value" instruction to program explicit conversions. When the instruction is inserted, the "CONVERT" dialog opens. You specify the source data type and the destination data type of the conversion in this dialog. The source value is read and converted to the specified destination data type. WinCC Advanced V14 System Manual, 10/2016 3201 Programming the PLC 11.4 Instructions Conversion options for bit strings BYTE and WORD bit strings cannot be selected in the instruction box. However, it is possible to specify an operand of data type DWORD or LWORD at a parameter of the instruction if the lengths of the input and output operands match. The operand is then interpreted by the data type of a bit string according to the data type of the input or output parameter and is implicitly converted. The data type DWORD is for example interpreted as DINT/UDINT and LWORD as LINT/ULINT. These conversion options are also available to you when "IEC check" is enabled. Note For CPUs of the S7-1500 series: The data types DWORD and LWORD can only be converted to or from data type REAL or LREAL. During the conversion, the bit pattern of the source value is transferred unchanged, rightjustified, to the target data type. If no errors occur during the conversion, the signal state of enable output ENO = 1; if an error occurs during processing, the signal state of the enable output ENO = 0. Syntax The following syntax is used for the "Convert value" instruction: SCL <DestinationValue> := <???_TO_???(<SourceValue>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <source_val ue> Input Binary numbers, integers, floatingpoint numbers, times, date and time, character strings, BCD16, BCD32 I, Q, M, D, L, P or constant Value to be converted. ???_TO_??? - - <target_val ue> Output Binary numbers, integers, floatingpoint numbers, times, date and time, character strings, BCD16, BCD32 Function that specifies the data type to be converted . I, Q, M, D, L, P or constant Result of the conversion You can find additional information on valid data types under "See also". 3202 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_INT" := REAL_TO_INT("Tag_REAL"); The following table shows how the instruction works using specific operand values: Operand Data type Value Tag_REAL REAL 20.56 Tag_INT INT 21 During the conversion, the value of the "Tag_REAL" operand will be rounded to the nearest integer and saved in the "Tag_INT" operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ROUND: Round numerical value (S7-1200, S7-1500) Description The "Round numerical value" instruction is used to round the value at input IN to the nearest integer. The instruction interprets the value at input IN as a floating-point number and converts it into an integer or floating-point number. If the input value is exactly between an even and odd number, the even number is selected. Syntax The following syntax is used for the "Round numerical value" instruction: SCL ROUND(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <expression> Input Floating-point numbers I, Q, M, D, L, P Input value to be rounded. Integers, float ing-point num bers I, Q, M, D, L, P Result of the round ing Function value For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3203 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ROUND("Tag_Value"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 1.50000000 -1.50000000 Tag_Result 2 -2 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) CEIL: Generate next higher integer from floating-point number (S7-1200, S7-1500) Description Use the "Generate next higher integer from floating-point number" instruction to round the value to the nearest integer. The instruction interprets the input value as floating-point number and converts it to the next higher integer. The function value can be greater than or equal to the input value. Syntax The following syntax is used for the "Generate next higher integer from floating-point number" instruction: SCL CEIL(<Expression>) CEIL_<Data type>(<Expression>) 3204 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expression> Input Floating-point numbers I, Q, M, D, L, P Input value Integers, float ing-point num bers. Default: DINT - Data type of the function value: _<Data type> 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or type-coded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value Integers, float ing-point num bers I, Q, M, D, L Input value rounded up For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := CEIL("Tag_Value"); "Tag_Result2" := CEIL_REAL("Tag_Value"); The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 0.5 -0.5 Tag_Result1 1 0 Tag_Result2 1.0 0.0 The result of the instruction is returned in the operand "Tag_Resultxy" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3205 Programming the PLC 11.4 Instructions FLOOR: Generate next lower integer from floating-point number (S7-1200, S7-1500) Description Use the "Generate next lower integer from floating-point number" instruction to round the value of a floating point number to the next lower integer. The instruction interprets the input value as floating-point number and converts it to the next lower integer. The function value can be equal or less than the input value. Syntax Use the following syntax for the "Generate next lower integer from floating-point number" instruction: SCL FLOOR(<Expression>) FLOOR_<Data type>(<Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Expression> Input Floating-point numbers I, Q, M, D, L, P Input value Integers, float ing-point num bers. Default: DINT - Data type of the function value: _<Data type> 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or type-coded constants. 3. If you neither specify the data type explicitly nor specify defined tags or typecoded constants, the default data type will be used. Function value Integers, float ing-point num bers I, Q, M, D, L Input value rounded For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := FLOOR("Tag_Value"); "Tag_Result2" := FLOOR_REAL("Tag_Value"); 3206 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 0.5 -0.5 Tag_Result1 0 -1 Tag_Result2 0.0 -1.0 The result of the instruction is returned in the operand "Tag_Resultxy" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) TRUNC: Truncate numerical value (S7-1200, S7-1500) Description The "Truncate numerical value" instruction is used to generate an integer from the input value without rounding. The instruction selects only the integer part of the input value and returns this part without decimal places as the function value. Syntax The following syntax is used for the "Truncate numerical value" instruction: SCL TRUNC(<Expression>) TRUNC_<Data type>(<Expression>) WinCC Advanced V14 System Manual, 10/2016 3207 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declara tion Data type Memory area Description <Expression> Input Floating-point numbers I, Q, M, D, L Input value Integers, float ing-point num bers Default: DINT - Data type of the function val ue: _<Data type> 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or typecoded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value Integers, float ing-point num bers I, Q, M, D, L Integer component of the in put value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := TRUNC("Tag_Value1"); "Tag_Result2" := TRUNC("Tag_Value2"+"Tag_Value3"); "Tag_Result3" := TRUNC_SINT("Tag_Value4"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: 3208 Operand Value Tag_Value1 -1.5 Tag_Result1 -1 Tag_Value2 2.1 Tag_Value3 3.2 Tag_Result2 5 Tag_Result3 2 Tag_Value4 2.4 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) SCALE_X: Scale (S7-1200, S7-1500) Description Use the "Scale" instruction to scale a floating-point number by mapping it to a specific value range. You specify the value range with the MIN and MAX parameters. The result of the scaling is an integer. The following figure shows an example of how values can be scaled: 0$; 5HVXOW! 0,1 ([SUHVVLRQ! The instruction "Scale" works with the following equation: OUT = [VALUE (MAX - MIN)] + MIN Note For more information on the conversion of analog values, refer to the respective manual. WinCC Advanced V14 System Manual, 10/2016 3209 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Scale" instruction: SCL SCALE_X(MIN := <Operand>, VALUE := <Operand>, MAX := <Operand>) SCALE_X_<Data type>(MIN := <Operand>, VALUE := <Operand>, MAX := <Operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description MIN Input Integers, float ing-point num bers I, Q, M, D, L Low limit of the value range VALUE Input Floating-point numbers I, Q, M, D, L Value to be scaled. If you en ter a constant, you must de clare it. MAX Input Integers, float ing-point num bers I, Q, M, D, L High limit of the value range Integers, float ing-point num bers Default: INT - Data type of the function val ue: _<Data type> 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or typecoded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value Integers, float ing-point num bers - Result of scaling For more information on valid data types, refer to "See also". For additional information on declaring constants, refer to "See also". 3210 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result1" := SCALE_X(MIN := "Tag_Value1", VALUE := "Tag_Real", MAX := "Tag_Value2"); "Tag_Result2" := SCALE_X_REAL(MIN := "Tag_Value1", VALUE := "Tag_Real", MAX := "Tag_Value2"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Real 0.5 Tag_Value1 10 Tag_Value2 30 Tag_Result1 20 Tag_Result2 20.0 See also Overview of the valid data types (Page 2131) Declaring global constants (Page 4609) Basics of SCL (Page 4747) Memory areas (Page 944) NORM_X: Normalize (S7-1200, S7-1500) Description You can use the instruction "Normalize" to normalize the value of the tag at the VALUE input by mapping it to a linear scale. You can use the MIN and MAX parameters to define the limits of a value range that is applied to the scale. Depending on the location of the normalized value in this value range, the result at output OUT is calculated and stored as a floating-point number. If the value to be normalized equals the value at input MIN, the instruction returns the result "0.0". If the value to be normalized equals the value at input MAX, the instruction returns the result "1.0". The following figure shows an example of how values can be normalized: WinCC Advanced V14 System Manual, 10/2016 3211 Programming the PLC 11.4 Instructions 5HVXOW! 0,1 0$; ([SUHVVLRQ! The "Normalize" instruction works with the following equation: OUT = (VALUE - MIN) / (MAX - MIN) Note For more information on the conversion of analog values, refer to the respective manual. Syntax The following syntax is used for the "Normalize" instruction: SCL NORM_X(MIN := <Operand>, VALUE := <Operand>, MAX := <Operand>) NORM_X_<Data type>(MIN := <Operand>, VALUE := <Operand>, MAX := <Operand>) The syntax of the instruction consists of the following parts: 3212 Parameter Declaration Data type Memory area Description MIN Input Integers, float ing-point num bers I, Q, M, D, L Low limit of the value range VALUE 1) Input Integers, float ing-point num bers I, Q, M, D, L Value to be normalized. MAX 1) Input Integers, float ing-point num bers I, Q, M, D, L High limit of the value range 1) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter _<Data type> Declaration Data type Memory area Description Floating-point numbers Default: REAL - Data type of the function val ue: 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or typecoded constants. 3. If you neither specify the data type explicitly nor specify defined tags or type-coded constants, the default data type will be used. Function value 1) Floating-point numbers I, Q, M, D, L Result of the normalization If you use constants in these three parameters, you only need to declare one of them. For additional information on valid data types, refer to "See also". For additional information on declaring constants, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result1" := NORM_X(MIN := "Tag_Value1", VALUE := "Tag_InputValue", MAX := "Tag_Value2"); "Tag_Result2" := NORM_X_LREAL(MIN := "Tag_Value1", VALUE := "Tag_InputValue", MAX := "Tag_Value2"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Operand Value Tag_InputValue 20 Tag_Value1 10 Tag_Value2 30 Tag_Result1 0.5 Tag_Result2 0.5 3213 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Declaring global constants (Page 4609) Basics of SCL (Page 4747) Memory areas (Page 944) VARIANT (S7-1200, S7-1500) VARIANT_TO_DB_ANY: Convert VARIANT to DB_ANY (S7-1200, S7-1500) Description You use the "Convert VARIANT to DB_ANY" instruction to query the data block number that the operand that is specified at the IN parameter addresses. This can be an instance data block or an ARRAY data block. The operand at the IN parameter has the data type VARIANT, which means you do not need to know the data type of the data block whose number is to be queried when the program is created. The data block number is read during runtime and written to the operand specified at the RET_VAL parameter. Requirements If the requirements are met, the instruction is executed. If the requirements are not met, "0" is output as data block number. The output tag... homed... Conversion options VARIANT ... a data block which is an in The output tag can be converted stance data block of a PLC data to a data block number. type or a system data type (SDT). VARIANT ... a data block which is an AR RAY DB. The output tag can be converted to a data block number. VARIANT ... a tag with an elementary data type. It is not possible to convert the output tag to a database number because a data block can never comprise only one elementary data type. VARIANT ... a structure within a data block. It is not possible to convert the output tags to a database num ber because it is only a part with in the data block. Syntax The following syntax is used for the "Convert VARIANT To DB_ANY" instruction: SCL VARIANT_TO_DB_ANY(IN := <operand>, 3214 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL ERR => <operand>) Parameters The following table shows the parameters of the "Convert VARIANT to DB_ANY" instruction: Parameters Declaration Data type Memory area Description IN Input VARIANT L (A declaration in the "Temp" sec tion of the block in terface is not pos sible.) Tag to be read. (The function value of the "DB_ANY_TO_VARIANT" in struction). You can use a lo cal or global tag at the IN pa rameter. ERR Output INT I, Q, M, D, L Error information DB_ANY I, Q, M, D, L Result: Number of the DB Function value (RET_VAL) For additional information on valid data types, refer to "See also". ERR parameter The following table shows the meaning of the values of the ERR parameter: Error code* Explanation (W#16#...) 0000 No error 252C The VARIANT data type at the IN parameter has the value "0" and the CPU changes to STOP mode. 80B4 The element data type stored in the ARRAY data block does not match the element data type transferred in the VARIANT. 8131 The data block does not exist, is too short, or is located in load memory. 8132 The data block is too short and not an ARRAY data block. 8150 The data type VARIANT at parameter IN provides the value "0". To receive this error message, the "Handle errors within block" block property must be activated. Otherwise the CPU changes to STOP mode and sends the error code 16#252C. 8153 The VARIANT data type at the IN parameter does not point to the start of an ARRAY data block or the length of the VARIANT does not match that of the data block. 8154 The data block has the incorrect data type. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL "OutputDBNumber" := VARIANT_TO_DB_ANY(IN := #tempVARIANT, ERR := "Tag_Error"); WinCC Advanced V14 System Manual, 10/2016 3215 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Parameters Declaration in the block interface Operand Value IN Input tempVARIANT - <function value> Output OutputDBNumber 11 The number of a data block that is specified at the tempVARIANT operand is read. Because the operand has the data type VARIANT, you do not need to know the data type of the tag during program creation. The number is written to the "OutputDBNumber" tag which has the data type DB_ANY. See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) DB_ANY_TO_VARIANT: Convert DB_ANY to VARIANT (S7-1200, S7-1500) Description The "Convert DB_ANY to VARIANT" instruction is used to generate a VARIANT tag from a data block that meets the requirements listed below. The operand at the IN parameter has the data type DB_ANY, which means that the data block does not have to be known when the program is created. The data block number is read during runtime. Requirements If the requirements are met, the instruction is executed. If the requirements are not met or the data block does not exist, the value NULL is output at the RET_VAL parameter. All other accesses with the RET_VAL tag fail. 3216 The input tag of data type ... homed... Conversion options DB_ANY ...a data block which is an in Conversion is possible stance data block of a PLC data type or a system data type (SDT). DB_ANY ...a data block which is an AR RAY DB. Conversion is possible DB_ANY ...a data block which is an in stance data block of a function block or a global data block. Conversion is not possible WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Convert DB_ANY to VARIANT" instruction: SCL DB_ANY_TO_VARIANT(IN := <operand>, ERR => <operand>) Parameters The following table shows the parameters of the "Convert DB_ANY to VARIANT" instruction: Parameters Declaration Data type Memory area Description IN Input DB_ANY I, Q, M, D, L Data block whose number is read. You can use a local or global tag at the IN parame ter. ERR Output INT I, Q, M, D, L Error information VARIANT L (A declaration in Number of the data block the "Temp" sec tion of the block in terface is not pos sible.) Function value (RET_VAL) 1) 1) The RET_VAL parameter is declared as Output, since the data flow into the tag. However, the tag itself must be declared as InOut in the block interface. For additional information on valid data types, refer to "See also". ERR parameter The following table shows the meaning of the values of the ERR parameter: Error code* Explanation (W#16#...) 0000 No error 8130 The number of the data block is "0" 8131 The data block does not exist, is too short, or is located in load memory. 8132 The data block is too short and not an ARRAY data block. 8134 The data block is write protected. 8154 The data block has the incorrect data type. 8155 The data block has an unknown data type. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 3217 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL #tempVARIANT := DB_ANY_TO_VARIANT(IN := "InputDB", ERR := "Tag_Error"); The following table shows how the instruction works using specific operand values: Parameters Declaration in the block interface Operand Value IN Input InputDB 11 <function value> Temp tempVARIANT - The number of any data block that is specified at the "InputDB" operand is used to generate a tag of data type VARIANT that addresses the data block. Because the operand at the IN parameter has the DB_ANY data type, the data block that will be used during runtime does not have to be known when the program is created (neither the name nor the number of the data block). Because the operand at the RET_VAL parameter has the data type VARIANT, you do not need to know the data type of the data block when the program is created. See also Overview of the valid data types (Page 2131) Using the VARIANT data type (Page 2078) Basics of SCL (Page 4747) Memory areas (Page 944) Legacy (S7-1500) SCALE: Scale (S7-1500) Description The instruction "Scale" converts the integer on the parameter IN into a floating-point number, which can be scaled in physical units between a low and a high limit. You can use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is scaled. The result of the instruction is output on the OUT parameter. The instruction "Scale" works with the following equation: OUT = [((FLOAT (IN) - K1)/(K2-K1)) (HI_LIM-LO_LIM)] + LO_LIM 3218 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The values of the "K1" and "K2" constants are determined by the signal state on the BIPOLAR parameter. The following signal states are possible on the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case, the constant "K1" has the value -27648.0 and the constant "K2" the value +27648.0. Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case, the constant "K1" has the value 0.0 and the constant "K2" the value +27648.0. When the value at the IN parameter is greater than the value of the "K2" constant, the result of the instruction is set to the value of the high limit (HI_LIM) and an error is output. When the value at the IN parameter is less than the value of the "K1" constant, the result of the instruction is set to the value of the low limit value (LO_LIM) and an error is output. When the indicated low limit is greater than the high limit (LO_LIM >HI_LIM), the result is scaled in reverse proportion to the input value. Syntax The following syntax is used for the "Scale" instruction: SCL SCALE(IN := <Expression>, HI_LIM := <Operand>, LO_LIM := <Operand>, BIPOLAR := <Operand>, OUT => <Operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description IN Input INT I, Q, M, D, L, P Input value to be scaled. HI_LIM Input REAL I, Q, M, D, L, P High limit LO_LIM Input REAL I, Q, M, D, L, P Low limit BIPOLAR Input BOOL I, Q, M, D, L Indicates if the value at the IN parameter is to be interpre ted as bipolar or unipolar. The parameter can assume the following values: 1: Bipolar 0: Unipolar OUT Output Function value (RET_VAL) REAL I, Q, M, D, L, P Result of the instruction WORD I, Q, M, D, L, P Error information For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3219 Programming the PLC 11.4 Instructions RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code (W#16#...) Explanation 0000 No error 0008 The value of the parameter IN is greater than 27 648 or is less than 0 (unipolar) or -27 648 (bipolar). General er See also: "GET_ERR_ID: Get error ID locally ror informa tion *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_ErrorCode" := SCALE(IN := "Tag_InputValue", HI_LIM := "Tag_HighLimit", LO_LIM := "Tag_LowLimit", BIPOLAR := "Tag_Bipolar", OUT => "Tag_Result"); The error information is returned in the operand "Tag_ErrorCode" as a function value. The following table shows how the instruction works using specific operand values: Parameter Operand Value IN Tag_InputValue 22 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 BIPOLAR Tag_Bipolar 1 OUT Tag_Result 50.03978588 RET_VAL Tag_ErrorCode W#16#0000 See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) Basics of SCL (Page 4747) 3220 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions UNSCALE: Unscale (S7-1500) Description You use the "Unscale" instruction to unscale the floating-point number in the IN parameter into physical units between a low limit and a high limit and convert it into an integer. You use the LO_LIM and HI_LIM parameters to specify the low limit and high limit of the value range to which the input value is unscaled. The result of the instruction is output at the OUT parameter. The "Unscale" instruction works with the following equation: OUT = [((IN-LO_LIM)/(HI_LIM-LO_LIM)) (K2-K1)] + K1 The values of the "K1" and "K2" constants are determined by the signal state at the BIPOLAR parameter. The following signal states are possible at the BIPOLAR parameter: Signal state "1": It is assumed that the value at the IN parameter is bipolar and in a value range between -27648 and 27648. In this case, the constant "K1" has the value -27648.0 and the constant "K2" the value +27648.0. Signal state "0": It is assumed that the value at the IN parameter is unipolar and in a value range between 0 and 27648. In this case, the constant "K1" has the value 0.0 and the constant "K2" the value +27648.0. When the value at parameter IN is not within the limits defined by HI_LIM and LO_LIM, an error is output and the result is set to the nearest limit. When the indicated low limit value is greater than the high limit value (LO_LIM > HI_LIM), the result is scaled in reverse proportion to the input value. Syntax The following syntax is used for the "Unscale" instruction: SCL UNSCALE(IN := <Expression>, HI_LIM := <Operand>, LO_LIM := <Operand>, BIPOLAR := <Operand>, OUT => <Operand>) The syntax of the instruction consists of the following parts: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description IN Input REAL I, Q, M, D, L, P Input value to be unscaled to an integer value. HI_LIM Input REAL I, Q, M, D, L, P High limit LO_LIM Input REAL I, Q, M, D, L, P Low limit 3221 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description BIPOLAR Input BOOL I, Q, M, D, L Indicates whether the value at the IN parameter is to be interpreted as bipolar or uni polar. The parameter can as sume the following values: 1: Bipolar 0: Unipolar OUT Output Function value (RET_VAL) INT I, Q, M, D, L, P Result of the instruction WORD I, Q, M, D, L, P Error information You can find additional information on valid data types under "See also". RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code (W#16#...) Explanation 0000 No error 0008 The value of the IN parameter is greater than the value of the high limit (HI_LIM) or less than the value of the low limit (LO_LIM). General er See also: "GET_ERR_ID: Get error ID locally" ror informa tion * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats here: AUTOHOTSPOT Example The following example shows how the instruction works: "Tag_ErrorCode" := UNSCALE(IN := "Tag_InputValue", HI_LIM := "Tag_HighLimit", LO_LIM := "Tag_LowLimit", BIPOLAR := "Tag_Bipolar", OUT => "Tag_Result"); The error information is returned in the operand "Tag_ErrorCode" as a function value. The following table shows how the instruction works using specific operand values: 3222 Parameter Operand Value IN Tag_InputValue 50.03978588 HI_LIM Tag_HighLimit 100.0 LO_LIM Tag_LowLimit 0.0 BIPOLAR Tag_Bipolar 1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Operand Value OUT Tag_Result 22 RET_VAL Tag_ErrorCode W#16#0000 See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) Basics of SCL (Page 4747) Program control operations (S7-1200, S7-1500) IF: Run conditionally (S7-1200, S7-1500) Description The instruction "Run conditionally" branches the program flow depending on a condition. The condition is an expression with Boolean value (TRUE or FALSE). Logical expression or comparative expressions can be stated as conditions. When the instruction is executed, the stated expressions are evaluated. If the value of an expression is TRUE, the condition is fulfilled; if the value is FALSE, it is not fulfilled. Syntax Depending on the type of branch, you can program the following forms of the instruction: Branch through IF: SCL IF <Condition> THEN <Instructions> END_IF; If the condition is satisfied, the instructions programmed after the THEN are executed. If the condition is not satisfied, the execution of the program continues with the next instruction after the END_IF. Branch through IF and ELSE: SCL IF <Condition> THEN <Instructions1> ELSE <Instructions0>; END_IF; If the condition is satisfied, the instructions programmed after the THEN are executed. If the condition is not satisfied, the instructions programmed after the ELSE are executed. Then the execution of the program continues with the next instruction after the END_IF. Branch through IF, ELSIF and ELSE: WinCC Advanced V14 System Manual, 10/2016 3223 Programming the PLC 11.4 Instructions SCL IF <Condition1> THEN <Instructions1> ELSIF <Condition2> THEN <Instruction2> ELSE <Instructions0>; END_IF; If the first condition (<Condition1>) is satisfied, the instructions (<Instructions1>) after the THEN are executed. After execution of the instructions, the execution of the program continues after the END_IF. If the first condition is not satisfied, the second condition (<Condition2>) is checked. If the second condition (<Condition2>) is fulfilled, the instructions (<Instructions2>) after the THEN are executed. After execution of the instructions, the execution of the program continues after the END_IF. If none of the conditions are fulfilled, the instructions (<Instructions0>) after ELSE are executed followed by the execution of the program after END_IF. You can nest as many combinations of ELSIF and THEN as you like within the IF instruction. The programming of an ELSE branch is optional. The syntax of the IF instruction consists of the following parts: Parameter Data type Memory area Description <Condition> BOOL I, Q, M, D, L Expression to be evaluated <Instruc tions> - Instructions to be executed with satisfied condi tion. An exception are instructions programmed after the ELSE. These are executed if no condition within the program loop is satisfied. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL IF "Tag_1" = 1 THEN "Tag_Value" := ELSIF "Tag_2" = 1 THEN "Tag_Value" := ELSIF "Tag_3" = 1 THEN "Tag_Value" := ELSE "Tag_Value" := END_IF; 10; 20; 30; 0; The following table shows how the instruction works using specific operand values: Operand 3224 Value Tag_1 1 0 0 0 Tag_2 0 1 0 0 Tag_3 0 0 1 0 Tag_Value 10 20 30 0 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) CASE: Create multiway branch (S7-1200, S7-1500) Description The instruction "Create multiway branch" executes one of several instruction sequences depending on the value of a numerical expression. The value of the expression must be an integer. When the instruction is executed, the value of the expression is compared with the values of several constants. If the value of the expression agrees with the value of a constant, the instructions programmed directly after this constant are executed. The constants can assume the following values: An integer (for example, 5) A range of integers (for example 15...20) An enumeration consisting of integers and ranges (for example, 10, 11, 15...20) Syntax The following syntax is used for the "Create multiway branch" instruction: SCL CASE <Expression> OF <Constant1>: <Instructions1> <Constant2>: <Instructions2> <ConstantX>: <InstructionsX>; // X >= 3 ELSE <Instructions0>; END_CASE; WinCC Advanced V14 System Manual, 10/2016 3225 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Data type Memory area Description <Expres sion> Integers I, Q, M, D, L Value which is compared to the programmed con stant values. <Constant> Integers I, Q, M, D, L Constant values which form the condition for the execution of an instruction sequence. The con stants can assume the following values: An integer (for example, 5) A range of integers (for example, 15..20) An enumeration consisting of integers and ranges (for example, 10, 11, 15..20) <Instruction> - Any instructions which are executed if the value of the expression agrees with the value of a constant. An exception are instructions programmed after the ELSE. These instructions are executed if the values do not agree. For more information on valid data types, refer to "See also". If the value of the expression agrees with the value of the first constant (<Constant1>), the instructions (<Instructions1>) which are programmed directly after the first constant are executed. Program execution subsequently resumes after the END_CASE. If the value of the expression does not agree with the value of the first constant (<Constant1>), this value is compared to the value of the constant which is programmed next. In this way, the CASE instruction is executed until the values agree. If the value of the expression does not correspond to any of the programmed constant values, the instructions (<Instructions0>) which are programmed after the ELSE are executed. ELSE is an optional part of the syntax and can be omitted. The CASE instruction can also be nested by replacing an instruction block with CASE. END_CASE represents the end of the CASE instruction. Example The following example shows how the instruction works: SCL CASE "Tag_Value" OF 0 : "Tag_1" := 1,3,5 : "Tag_2" := 6...10 : "Tag_3" := 16,17,20...25 : "Tag_4" := ELSE "Tag_5" := END_CASE; 3226 1; 1; 1; 1; 1; WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows how the instruction works using specific operand values: Operand Values Tag_Value 0 1, 3 , 5 6, 7, 8, 9, 10 16,17, 20, 21, 22, 23, 24, 25 2 Tag_1 1 - - - - Tag_2 - 1 - - - Tag_3 - - 1 - - Tag_4 - - - 1 - Tag_5 - - - - 1 1: The operand is set to the signal state "1". -: The signal state of the operand remains unaltered. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) FOR: Run in counting loop (S7-1200, S7-1500) Description The instruction "Run in counting loop" causes repeated execution of a program loop until a loop variable lies within a specified value range. Program loops can also be nested. Within a program loop, you can program additional program loops with other loop variables. The current continuous run of a program loop can be ended by the instruction "Recheck loop condition" (CONTINUE). The instruction "Exit loop immediately" (EXIT) ends the entire loop execution. For additional information on this topic, refer to "See also". Limits for FOR statements To program "safe" FOR statements that do not run endlessly, observe the following rules and limits: Rule FOR ii := Start TO End BY Step DO WinCC Advanced V14 System Manual, 10/2016 If ... ... then Note start < end end < (PMAX step) Run tag ii runs in a positive direc tion start > end AND step < O end > (NMAX step) Run tag ii runs in a negative di rection 3227 Programming the PLC 11.4 Instructions Limits Different limits apply to the possible data types: Data type PMAX NMAX ii of type SINT 127 -128 ii of type INT 32767 -32768 ii of type DINT 2147483647 -2147483648 ii of type LINT 9223372036854775807 -9223372036854775808 Syntax The following syntax is used for the "Run in counting loop" instruction: SCL FOR<Run_tag> := <Start_value> TO<End_value> BY<Increment> DO<Instructions> END_FOR; Parameter The following table shows the parameters of the "Run in counting loop" instruction: Parameter Data type Memory area Description S7-1200 S7-1500 <Run tag> SINT, INT, DINT SINT, INT, DINT, LINT I, Q, M, D, L Operand whose value is evaluated with the loop execution. The data type of the loop variable determines the da ta type of the other parameters. <Start val ue> SINT, INT, DINT SINT, INT, DINT, LINT I, Q, M, D, L Expression whose value is allocated at the start of the loop execution of the loop variables. <End val ue> SINT, INT, DINT SINT, INT, DINT, LINT I, Q, M, D, L Expression whose value defines the last run of the program loop. The value of the loop variable is checked before each loop: End value not reached: The instructions according to DO are executed End value is reached: The FOR loop is executed one last time End value exceeded: The FOR loop is completed An alteration to the end value is not permitted during execution of the in struction. 3228 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter <Incre ment> Data type S7-1200 S7-1500 SINT, INT, DINT SINT, INT, DINT, LINT Memory area Description I, Q, M, D, L Expression by whose value the loop variable is increased (positive incre ment) or decreased (negative incre ment) after each loop. Specification of the increment is optional. If no incre ment is given, the value of the loop variable is increased by 1 after each loop. An alteration of the increment is not permitted during execution of the in struction. <Instruc tions> - - Instructions which are carried out with each loop, as long as the value of the loop variable lies within the value range. The value range is defined by the start and end values. For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL FOR i := 2 TO 8 BY 2 DO "a_array[i] := "Tag_Value"*"b_array[i]"; END_FOR; The operand "Tag_Value" is multiplied with the elements (2, 4, 6, 8) of the ARRAY tag "b_array". The result is read in to the elements (2, 4, 6, 8) of the ARRAY tag "a_array". See also CONTINUE: Recheck loop condition (Page 3232) EXIT: Exit loop immediately (Page 3233) Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WHILE: Run if condition is met (S7-1200, S7-1500) Description The instruction "Run if condition is met" causes a program loop to be repeatedly executed until the implementation condition is satisfied. The condition is an expression with Boolean value (TRUE or FALSE). Logical expression or comparative expressions can be stated as conditions. WinCC Advanced V14 System Manual, 10/2016 3229 Programming the PLC 11.4 Instructions When the instruction is executed, the stated expressions are evaluated. If the value of an expression is TRUE, the condition is fulfilled; if the value is FALSE, it is not fulfilled. Program loops can also be nested. Within a program loop, you can program additional program loops with other loop variables. The current continuous run of a program loop can be ended by the instruction "Recheck loop condition" (CONTINUE). The instruction "Exit loop immediately" (EXIT) ends the entire loop execution. For additional information on this topic, refer to "See also". Syntax The following syntax is used for the "Run if condition is met" instruction: SCL WHILE <Condition> DO <Instructions> END_WHILE; The syntax of the WHILE instruction consists of the following parts: Parameter Data type Memory area Description <Condition> BOOL I, Q, M, D, L Expression which is evaluated before each loop. <Instruc tions> - Instructions to be executed with satisfied condi tion. If the condition has not been satisfied, pro gram execution continues after END_WHILE. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL WHILE "Tag_Value1" <> "Tag_Value2" DO "Tag_Result" := "Tag_Input"; END_WHILE; As long as the values of the operands "Tag_Value1" and "Tag_Value2" do not match, the value of the operand "Tag_Input" is allocated to the operand "Tag_Result". See also EXIT: Exit loop immediately (Page 3233) CONTINUE: Recheck loop condition (Page 3232) Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) 3230 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions REPEAT: Run if condition is not met (S7-1200, S7-1500) Description The instruction "Run if condition is not met" causes a program loop to be repeatedly executed until a termination condition is met. The condition is an expression with Boolean value (TRUE or FALSE). Logical expression or comparative expressions can be stated as conditions. When the instruction is executed, the stated expressions are evaluated. If the value of an expression is TRUE, the condition is fulfilled; if the value is FALSE, it is not fulfilled. The instructions are executed once, even if the termination condition is fulfilled. Program loops can also be nested. Within a program loop, you can program additional program loops with other loop variables. The current continuous run of a program loop can be ended by the instruction "Recheck loop condition" (CONTINUE). The instruction "Exit loop immediately" (EXIT) ends the entire loop execution. For additional information on this topic, refer to "See also". Syntax The following syntax is used for the "Run if condition is not met" instruction: SCL REPEAT <Instructions> UNTIL <Condition>END_REPEAT; The syntax of the REPEAT instruction consists of the following parts: Parameter Data type <Instruc tions> - <Condition> BOOL Memory area Description Instructions that are executed as long as the pro grammed condition has the value FALSE. The in structions are executed once, even if the termina tion condition is fulfilled. I, Q, M, D, L Expression which is evaluated after each loop. If the expression has the value FALSE, the program loop is executed once again. If the expression has the value TRUE, the program loop continues after END_REPEAT. You can find additional information on valid data types under "See also". Example The following example shows how the instruction works: SCL REPEAT "Tag_Result" := "Tag_Value"; UNTIL "Tag_Error" END_REPEAT; WinCC Advanced V14 System Manual, 10/2016 3231 Programming the PLC 11.4 Instructions As long as the value of the operand "Tag_Error" has the signal state "0", the value of the operand "Tag_Value" is allocated to the operand "Tag_Result". See also CONTINUE: Recheck loop condition (Page 3232) EXIT: Exit loop immediately (Page 3233) Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) CONTINUE: Recheck loop condition (S7-1200, S7-1500) Description The "Recheck loop condition" instruction ends the current program run of a FOR, WHILE or REPEAT loop. After execution of the instruction, the conditions for the continuation of the program loop are evaluated again. The instruction affects the program loop which directly contains the instruction. Syntax The following syntax is used for the "Recheck loop condition" instruction: SCL CONTINUE; Example The following example shows how the instruction works: SCL FOR i := 1 TO 15 BY 2 DO IF (i < 5) THEN CONTINUE; END_IF; "DB10".Test[i] := 1; END_FOR; For additional information on valid data types, refer to "See also". If the condition i < 5 is satisfied, then the subsequent value allocation ("DB10".Test[i] := 1) will not be executed. The run variable (i) is increased by the increment of "2" and checked to see whether its current value lies in the programmed value range. If the run variable lies in the value range, the IF condition is evaluated again. 3232 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the condition i < 5 is not satisfied, then the subsequent value allocation ("DB10".Test[i] := 1) will be executed and a new loop started. In this case, the run variable is also increased by the increment "2" and checked. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) EXIT: Exit loop immediately (S7-1200, S7-1500) Description The instruction "Exit loop immediately" cancels the execution of a FOR, WHILE or REPEAT loop at any point regardless of conditions. The execution of the program is continued after the end of the loop (END_FOR, END_WHILE, END_REPEAT). The instruction affects the program loop which directly contains the instruction. Syntax The following syntax is used for the "Exit loop immediately" instruction: SCL EXIT; Example The following example shows how the instruction works: SCL FOR i := 15 TO 1 BY -2 DO IF (i < 5) THEN EXIT; END_IF; "DB10".Test[i] := 1; END_FOR; For additional information on valid data types, refer to "See also". If the condition i < 5 is satisfied, then the execution of the loop will be canceled. Program execution resumes after the END_FOR. If the condition i < 5 is not satisfied, then the subsequent value allocation ("DB10".Test[i] := 1) will be executed and a new loop started. The run tag (i) is decreased by the increment of "-2" and it is checked whether its current value lies in the programmed value range. If the (i) run variable lies within the value range, the IF condition is evaluated again. WinCC Advanced V14 System Manual, 10/2016 3233 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) GOTO: Jump (S7-1200, S7-1500) Description Use the instruction "Jump" to resume the execution of a program at a given point marked with a jump label. The jump labels and the instruction "Jump" must be in the same block. The name of a jump label can only be assigned once within a block. Each jump label can be the target of several jump instructions. A jump from the "outside" into a program loop is not permitted, but a jump from a loop to the "outside" is possible. Adhere to the following grammatical rules for jump labels: Letters (a to z, A to Z) A combination of letters and numbers. Check that the order is correct, i.e. first the letters, then the numbers (a - z, A - Z, 0 - 9). Special characters or a combination of letters and numbers must not be used in reverse order, i.e. first the numbers and then the letters (0-9, a - z, A - Z). Syntax Use the following syntax for the "Jump" instruction: SCL GOTO <Jump label> ... <Jump label>: <Instructions> The syntax of the GOTO instruction consists of the following parts: Parameter Data type Description <jump label> - Jump label to be jumped to <instructions> - Instructions which are executed after the jump. Example The following example shows how the instruction works: SCL CASE "Tag_Value" OF 3234 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL 1 : GOTO MyLABEL1; 2 : GOTO MyLABEL2; 3 : GOTO MyLABEL3; ELSE GOTO MyLABEL4; END_CASE; MyLABEL1: "Tag_1" := 1; MyLABEL2: "Tag_2" := 1; MyLABEL3: "Tag_3" := 1; MyLABEL4: "Tag_4" := 1; Depending on the value of the "Tag_Value" operand, the execution of the program will resume at the point identified by the corresponding jump label. If the operand "Tag_Value" has the value 2, for example, program execution will resume at the jump label "MyLABEL2". The program line identified by the jump label "MyLABEL1" will be skipped in this case. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) RETURN: Exit block (S7-1200, S7-1500) Description The instruction "Exit block" exits the program execution in the currently edited block and continues in the calling block. The instruction can be omitted at the end of the block. Syntax The following syntax is used for the "Exit block" instruction: SCL RETURN; Example The following example shows how the instruction works: SCL IF "Tag_Error" <>0 THEN RETURN; END_IF; If the signal state of the "Tag_Error" operand is not zero, execution of the program ends in the block currently being processed. WinCC Advanced V14 System Manual, 10/2016 3235 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) (*...*): Insert a comment section (S7-1200, S7-1500) Description You can use the "Insert a comment section" instruction to add a comment section. The text inside the parentheses "(*...*)" is handled as a comment. Syntax The following syntax is used for the "Insert a comment section" instruction: SCL (*...*) Example The following example shows how the instruction works: SCL (*This is a comment section.*) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) REGION: Structure program code (S7-1200, S7-1500) Description You can use the instruction "Structure program code" to structure the program code in an SCL block by dividing it into different areas. For additional information on working with areas, please refer to:Working with regions (Page 4771) 3236 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the instruction "Structure program code": SCL REGION <Name> <Instructions> END_REGION The syntax of the REGION consists of the following parts: Parameter Data type Memory area Description REGION - - Keyword with which the area starts <Name> - - Text designating the REGION END_REGION - - Keyword with which the area ends Example The following example shows how the instruction works: SCL REGION Feeder System // Structures the source code for the feeder system IF "Variable_1" = 0 THEN "Variable_2" := 10; END_IF; END_REGION The Feeder System area comprises the complete program code. See also Overview of the valid data types (Page 2131) Memory areas (Page 944) Basics of SCL (Page 4747) WinCC Advanced V14 System Manual, 10/2016 3237 Programming the PLC 11.4 Instructions Runtime control (S7-1200, S7-1500) ENDIS_PW: Limit and enable password legitimation (S7-1200, S7-1500) Description You use the "Limit and enable password legitimation" instruction to specify whether passwords configured for the CPU are legitimized or not. In this way, you can prevent legitimized connections, even if the correct password is known. When you call the instruction and the REQ parameter has the signal state "0", the currently set state is displayed at the output parameters. If changes have been made to the input parameters, these are not transferred to the output parameters. When the instruction is called and the REQ parameter has the signal state "1", the signal state is taken from the input parameters (F_PWD, FULL_PWD, R_PWD, HMI_PWD). If signal state "0" is present, authorization via password is not allowed. If signal state "1" is present, the password can be used. Disable or enabling of the passwords can be allowed or prohibited individually. For example, all passwords can be prohibited except the fail-safe password. You can thus limit access options to a small user group. The output parameters (F_PWD_ON, FULL_PWD_ON, R_PWD_ON, HMI_PWD_ON) always show the current status of the password use, regardless of the REQ parameter. Passwords that are not configured must have the signal state TRUE at the input and return the signal state TRUE at the output. The fail-safe password can only be configured for an FCPU and must therefore always be interconnected with the signal state TRUE in a standard CPU. If the instruction returns an error, the call has no effect and the previous lock is still in effect. Disabled passwords can be enabled again under the following conditions: The CPU is reset to its factory settings. The front panel of the S7-1500 CPU supports a dialog that allows you to navigate to the appropriate menu in which the passwords can be enabled again. When you call the "Limit and enable password legitimation" instruction, the input parameter of the desired password has the signal state "1". Set the operating mode switch to STOP. The restriction to password legitimation is reestablished as soon as the switch is set back to RUN. Plugging an empty memory card (transfer card or program card) into an S7-1200 CPU. The transition from POWER OFF to POWER ON disables the protection in the S7-1200 CPU. The "Limit and enable password legitimation" instruction must be called once again in the program (e.g. in the startup OB). Note The "Limit and enable password legitimation" instruction blocks access from HMI systems if the HMI password has not been enabled. 3238 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Existing legitimized connections retain their access rights and you cannot use the "Limit and enable password legitimation" instruction to restrict them. Preventing accidental lockout of an S7-1500 CPU The settings can be made on the front panel of the CPU and the CPU saves the most recent setting. To prevent accidental lockout, the protection can be disabled by setting the mode switch to STOP with an S7-1500 CPU. The protection is automatically enabled again by setting mode selector to RUN without having to call the "Limit and enable password legitimation" instruction again or taking additional actions on the front panel. Preventing accidental lockout of an S7-1200 CPU Because the S7-1200 CPU does not have a operating mode switch, protection is disabled with POWER OFF - POWER ON. This means that it is possible and advisable to prevent accidental lockout with the help of specific program sequences within your program. To do so, program a time control either by means of a cyclic interrupt OB or a timer in the Main OB (OB 1). This gives you the option of calling the "Limit and enable password legitimation" instruction in the respective OB (e.g., OB 1 or OB 35) relatively quickly after a transition from POWER OFF to POWER ON and the associated disabling of the protection. Call the instruction in the startup OB (OB 100) to keep the time window in which the instruction is inactive and there are no limitations for password legitimation relatively small. This procedure will give you the best possible protection from unauthorized access. If there has been an accidental lockout, you can skip the call in the startup OB (by querying an input parameter, for example) and you have the set time (for example, 10 seconds up to 1 minute) to establish a connection to the CPU before the lock becomes active once again. If there is no timer in your program code and a lockout has occurred, insert an empty transfer card or an empty program card into the CPU. The empty transfer card or program card deletes the internal load memory of the CPU. You must then download the user program once again from STEP 7 to the CPU. WinCC Advanced V14 System Manual, 10/2016 3239 Programming the PLC 11.4 Instructions Procedure for lost passwords with an S7-1200 CPU If you have lost the password for a password-protected S7-1200 CPU, delete the passwordprotected program with an empty transfer card or program card. The empty transfer card or program card deletes the internal load memory of the CPU. You can then load a new user program from STEP 7 Basic in the CPU. WARNING Inserting an empty transfer card When you insert a transfer card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. Once you have pulled the transfer card, the content of the transfer card is available in the internal load memory. Make sure that the card does not include a program at this point. WARNING Inserting an empty program card When you insert a program card in a CPU during runtime, the CPU goes to STOP mode. If operating states are unstable, controllers may fail and thus cause the uncontrolled operation of the controlled devices. This leads to an unforeseen operation of the automation system which can cause deadly or serious injuries and/or damage to property. Make sure that the program card is empty. The internal load memory is copied to the empty program card. Once you have pulled the previously empty program card, the internal load memory is empty. You must remove the transfer card or program card before you put the CPU into RUN mode. 3240 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Effects of password use on the operating modes The following table shows what effects the password use by means of the "Limit and enable password legitimation" instruction has on the operating modes and the corresponding user actions. Action Password protection by means of the instruc tion Basic state after Not activated Operating mode switch to STOP (no restrictions) Reset memory manually (PG, switch, change of MC (Motion Control)) Reset to factory setting Basic state after POWER ON S7-1200 CPU: The lock is disabled and the instruction must be called once again in the program (e.g., in the startup OB). S7-1500 CPU: Enabled (if a lock was activated before POWER OFF). The option of not allowing passwords is retentive. Operating mode transition RUN/STARTUP/HOLD -> Activated STOP (by terminating the instruction, an error or com Passwords still cannot be used. munication) or STOP -> STARTUP/RUN/HOLD Syntax The following syntax is used for the "Limit and enable password legitimation" instruction: SCL ENDIS_PW(REQ := <Operand>, F_PWD := <Operand>, FULL_PWD := <Operand>, R_PWD := <Operand>, HMI_PWD := <Operand>, F_PWD_ON => <Operand>, FULL_PWD_ON => <Operand>, R_PWD_ON => <Operand>, HMI_PWD_ON => <Operand>) WinCC Advanced V14 System Manual, 10/2016 3241 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Limit and enable password legitimation" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con When the REQ parameter stant has the signal state "0", the currently set signal state of the passwords is queried. F_PWD Input BOOL I, Q, M, D, L or con Read/write access including stant fail-safe F_PWD = "0": Do not allow password F_PWD = "1": Allow password FULL_PWD Input BOOL I, Q, M, D, L or con Read/write access stant FULL_PWD = "0": Do not allow password FULL_PWD = "1": Allow password R_PWD Input BOOL I, Q, M, D, L or con Read access stant R_PWD = "0": Do not allow password R_PWD = "1": Allow password HMI_PWD Input BOOL I, Q, M, D, L or con HMI access stant HMI_PWD = "0": Do not allow password HMI_PWD = "1": Allow password F_PWD_ON Output BOOL I, Q, M, D, L Read/write access status in cluding fail-safe F_PWD_ON = "0": Password not allowed F_PWD_ON = "1": Password allowed FULL_PWD_ ON Output BOOL I, Q, M, D, L Read/write access status FULL_PWD_ON = "0": Password not allowed FULL_PWD_ON = "1": Password allowed R_PWD_ON Output BOOL I, Q, M, D, L Read-access status R_PWD_ON = "0": Password not allowed R_PWD_ON = "1": Password allowed 3242 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration HMI_PWD_O Output N Data type Memory area Description BOOL I, Q, M, D, L HMI-access status HMI_PWD_ON = "0": Password not allowed HMI_PWD_ON = "1": Password allowed Function value (RET_VAL) WORD I, Q, M, D, L Error information You can find additional information on valid data types under "See also". RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* Explanation (W#16#...) 0000 No error 8090 The "Limit and enable password legitimation" instruction is not supported 80D0 The password for fail-safe is not configured. The signal state must be TRUE for standard CPUs. 80D1 The read/write access is not configured 80D2 The read access is not configured 80D3 The HMI access is not configured * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := ENDIS_PW(REQ := 0, F_PWD := 0, FULL_PWD := 0, R_PWD := 1, HMI_PWD := 0, F_PWD_ON => "Status_F_PWD", FULL_PWD_ON => "Status_FULL_PWD", R_PWD_ON => "Status_R_PWD", HMI_PWD_ON => "Status_HMI_PWD"); The following table shows how the instruction works using specific operand values: WinCC Advanced V14 System Manual, 10/2016 Operand Data type Value REQ BOOL 0 F_PWD BOOL 0 FULL_PWD BOOL 0 3243 Programming the PLC 11.4 Instructions Operand Data type Value R_PWD BOOL 1 HMI_PWD BOOL 0 Status_F_PWD BOOL 0 Status_FULL_PWD BOOL 0 Status_R_PWD BOOL 1 Status_HMI_PWD BOOL 0 The instruction is executed because the REQ operand has the signal state "1". The R_PWD operand has the signal state "1", which means that read access is allowed when the assigned password is entered. The R_PWD_ON status operand also has the signal state "1", thereby signaling that the R_PWD operand is activated. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) PC systems (S7-1500) SHUT_DOWN: Shut down target system (S7-1500) Description You can use the instruction "SHUT_DOWN: Shutdown target system" to shut down the PCbased automation system and restart the S7 software controller CPU 150xS or Windows on the PC-based automation system. The instruction is available in the "Instructions" task card under Basic instructions > Program control > Runtime control. A restart is, for example, advisable in the following situations: An industrial UPS (uninterruptible power supply) reports a power failure via a digital input. Windows stops responding or shows a "blue screen". Too many error OBs are called in the user program. 3244 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Shutdown target system" instruction: Parameter Declaration Data type Memory area MODE Input UINT I, Q, M, D, L or con MODE = 1: Shut stant down CPU 150xS and Windows The CPU goes to STOP and saves the retentive data. Then the CPU and Windows are shut down. The system must be restarted manually. Description MODE = 2: Re start CPU 150xS The CPU goes to STOP and saves the retentive data. Then the CPU is shut down and re started. MODE = 3: Re start Windows. The CPU remains in RUN. Windows is restarted. COMMENT Input STRING I, Q, M, D, L or con With MODE = 1 stant and MODE = 3, you can specify a reason for the re start. The reason is output in the Windows Event Log. Ret_Val Return WORD Q, M, D, L Ret_Val = 0: No faults Ret_Val = 8090: The value passed to MODE is not supported. Ret_Val = 80xy: Windows does not respond to the call of the Shut_Down instruction. WinCC Advanced V14 System Manual, 10/2016 3245 Programming the PLC 11.4 Instructions RE_TRIGR: Restart cycle monitoring time (S7-1200, S7-1500) Description The "Restart cycle monitoring time" instruction is used to restart the cycle monitoring time of the CPU. The cycle monitoring time then restarts with the time you have set in the CPU configuration. If the instruction is called in a block with a higher priority, such as a hardware interrupt or diagnostic error interrupt, the instruction is not executed and the enable output ENO returns signal state "0". The instruction executes completely within a time span (10 times the maximum program cycle), regardless of the number of calls. Once this time has expired, the program cycle can no longer be prolonged. Calling the instruction The following call conditions apply: The following applies to a CPU of the S7-1200 series: In firmware versions <= 2.2, you can call the instruction only in a program cycle organization block of priority 1. This corresponds to the lowest priority of all organization blocks. If the instruction is called in an organization block with a higher priority, the instruction is not executed and the result (BR bit, enable output ENO) is always "0". In firmware versions >= 2.2, you can call the instruction regardless of the priority in all organization blocks. The following applies to a CPU of the S7-1500 series: You can call the instruction regardless of the priority in all organization blocks. Syntax The following syntax is used for the "Restart cycle monitoring time" instruction: SCL RE_TRIGR() Parameters The "Restart cycle monitoring time" instruction has no parameters and supplies no error information. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) 3246 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STP: Exit program (S7-1200, S7-1500) Description You use the "Exit program" instruction to set the CPU to STOP mode and therefore to terminate the execution of the program. The effects of changing from RUN to STOP depend on the CPU configuration. Syntax The following syntax is used for the instruction "Exit program": SCL STP() See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) GET_ERROR: Get error locally (S7-1200, S7-1500) Description The "Get error locally" instruction is used to query the occurrence of errors within a program block. This normally involves programming or access errors. If the system reports an error during the execution of the program block, detailed information is output at the <Operand> on the first error to occur during the execution of the block since the last execution of the instruction. The error information can only be saved in operands of the "ErrorStruct" system data type. The "ErrorStruct" system data type specifies the exact structure in which the information about the error is stored. Using additional instructions, you can evaluate this structure and program an appropriate response. If several errors occur in the program block, the error information about the next error to occur is output by the instruction only after the first error that occurred has been remedied. Note <Operand> The <Operand> is only changed if error information is present. To set the operand back to "0" after handling the error, you have the following options: Declare the operand in the "Temp" section of the block interface. Reset the operand to "0" before calling the instruction. WinCC Advanced V14 System Manual, 10/2016 3247 Programming the PLC 11.4 Instructions Note Activation of the local error handling As soon as you insert the instruction in the program code of a program block, the local error handling is activated and default system reactions are ignored when errors occur. Syntax The following syntax is used for the "Get error locally" instruction: SCL GET_ERROR(<operand>) Options for error handling You can find an overview of the options for error handling here: AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameters The following table shows the parameters of the "Get error locally" instruction: Parameters Data type Memory area Description <Operand> ErrorStruct D, L Information about errors that have occurred Data type "ErrorStruct" The "ErrorStruct" data type can be inserted in a global data block or in the block interface. You can insert the data type more then once if you assign a different name for the data structure each time. The data structure and the name of individual structure elements cannot be changed. If you save the error information in a global data block, it can also be read out by other program blocks. The following table shows the structure of the "ErrorStruct" data type: Structure component Data type Description ERROR_ID WORD Error ID FLAGS BYTE Shows whether the error occurred during a program block call. 16#01: Error during a program block call 16#00: No error during a program block call REACTION BYTE Default reaction: 0: Ignore (write error) 1: Continue with substitute value "0" (read error) 2: Skip instruction (system error) 3248 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Structure component Data type Description CODE_ADDRESS CREF Information about the address and type of the program block BYTE Program block type in which the error oc curred: BLOCK_TYPE 1: Organization block (OB) 2: Function (FC) 3: Function block (FB) CB_NUMBER UINT Number of the code block OFFSET UDINT Reference to the internal memory MODE BYTE Information about the address of an oper and OPERAND_NUMBER UINT Operand number of the machine command POINTER_NUMBER_LOCA TION UINT (A) Internal pointer SLOT_NUMBER_SCOPE UINT (B) Storage area in internal memory DATA_ADDRESS NREF Information about the address of an oper and BYTE (C) Memory area: AREA L: 16#40...16#7F, 16#86, 16#87, 16#8E, 16#8F, 16#C0...16#FF I: 16#81 Q: 16#82 M: 16#83 DB: 16#40, 16#84, 16#85, 16#8A, 16#8B PI: 16#01 PQ: 16#02 Technological objects: 16#04 DB_NUMBER UINT (D) Number of the data block OFFSET UDINT (E) Relative address of the operand Structure component "ERROR_ID" The following table shows the values that can be output at the structure component "ERROR_ID": WinCC Advanced V14 System Manual, 10/2016 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 3249 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2576 9590 Error in the local data distribution 2577 9591 The block property "Parameter passing via registers" is not selected. 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL LABEL: #TagOut := #Field[#index] * REAL#40.5; GET_ERROR(#Error); IF #Error.REACTION = 1 THEN GOTO LABEL; ; END_IF; An error occurred accessing the #Field[#index] tag. The #TagOut operand returns the signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, we recommend that you program the "Get error locally" instruction after the multiplication to get the error. The error information supplied by the "Get error locally" instruction is evaluated with a comparison. If the #Error.REACTION structure component has the value "1", there is a read/access error and the program execution begins again at the jump label LABEL. 3250 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) GET_ERR_ID: Get error ID locally (S7-1200, S7-1500) Description The "Get error ID locally" instruction is used to query the occurrence of errors within a block. This is usually to access error. If the system reports during the block processing errors within the block execution since the last execution of the instruction, the instruction outputs the error ID of the first error that occurred. The error ID can only be saved in operands of the WORD data type. If several errors occur in the block, the error ID of the next error to occur in the instruction is output only after the first error that occurred has been remedied. Note The <Operand> is only changed if error information is present. To set the operand back to "0" after handling the error, you have the following options: Declare the operand in the "Temp" section of the block interface. Reset the operand to "0" before calling the instruction. The output of the "Get error ID locally" instruction is only set if error information is present. If one of these conditions is not fulfilled, the remaining program execution is not affected by the "Get error ID locally" instruction. You can find an example of how you can implement the instruction in combination with other troubleshooting options under "See also". Note The "Get error ID locally" instruction enables local error handling within a block. If the "Get error ID locally" instruction is inserted in the program code of a block, any predefined system reactions are ignored if errors occur. Syntax The following syntax is used for the "Get error ID locally" instruction: SCL GET_ERR_ID() WinCC Advanced V14 System Manual, 10/2016 3251 Programming the PLC 11.4 Instructions Options for error handling You can find an overview of the options for error handling here: AUTOHOTSPOT For a detailed example of local error handling that contains several error handling options, refer to: Handle program execution errors (Page 2061) Parameter The following table shows the parameters of the "Get error ID locally" instruction: Parameter Data type Memory area Description Function val ue WORD D, L Error ID Error ID The following table shows the values that can be output: 3252 ID* (hexadecimal) ID* (decimal) Description 0 0 No error 2503 9475 Invalid pointer 2520 9504 Invalid STRING 2522 9506 Read error: Operand outside the valid range 2523 9507 Write error: Operand outside the valid range 2524 9508 Read error: Invalid operand 2525 9509 Write error: Invalid operand 2528 9512 Read error: Data alignment 2529 9513 Write error: Data alignment 252C 9516 Invalid pointer 2530 9520 Write error: Data block 2533 9523 Invalid reference used 2538 9528 Access error: DB does not exist 2539 9529 Access error: Wrong DB used 253A 9530 Global data block does not exist 253C 9532 Faulty information or the function does not exist 253D 9533 System function does not exist 253E 9534 Faulty information or the function block does not exist 253F 9535 System block does not exist 2550 9552 Access error: DB does not exist 2551 9553 Access error: Wrong DB used 2575 9589 Error in the program nesting depth 2576 9590 Error in the local data distribution 2577 9591 The block property "Parameter passing via registers" is not selected. 25A0 9632 Internal error in TP 25A1 9633 Tag is write-protected WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ID* (hexadecimal) ID* (decimal) Description 25A2 9634 Invalid numerical value of tag 2942 10562 Read error: Input 2943 10563 Write error: Output * The error codes can be displayed as integer or hexadecimal values in the program editor. You can find information on switching the display formats under "See also". Example The following example shows how the instruction works: SCL #TagOut := #Field[#index] * REAL#40.5; #TagID := GET_ERR_ID(); IF #TagID = 16#2522 THEN MOVE_BLK(IN := #TagArrayIn[0], COUNT := 1, OUT => #TagArrayOut[1]); END_IF; An error occurred accessing the #Field[#index] tag. The #TagOut operand returns the signal state "1" despite the read/access error and the multiplication is performed with the value "0.0". If this error scenario occurs, we recommend that you program the "Get error ID locally" instruction after the multiplication to get the error. The error ID supplied by the "Get error ID locally" instruction is evaluated with a comparison. If the #TagID operand returns ID 16#2522, there is a read/access error and the value "100.0" of the #TagArrayIn[0] operand is written to the #TagArrayOut[1] operand. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) INIT_RD: Initialize all retain data (S7-1500) Description The "Initialize all retain data" instruction is used to reset the retentive data of all data blocks, bit memories and SIMATIC timers and counters at the same time. The instruction can only be executed within a startup OB because the execution exceeds the program cycle duration. WinCC Advanced V14 System Manual, 10/2016 3253 Programming the PLC 11.4 Instructions Syntax Use the following syntax for the "Initialize all retain data" instruction: SCL INIT_RD(<Operand>) Parameters The following table shows the parameters of the "Initialize all retain data" instruction: Parameter Declaration Data type Memory area Description <Operand> Input BOOL I, Q, M, D, L If the input "REQ" has the sig nal state "1", all retentive da ta are reset. INT I, Q, M, D, L Error information: Function value (RET_VAL) If an error occurs during the execution of the instruction, an error code is output at the RET_VAL parameter. For additional information on valid data types, refer to "See also". RET_VAL parameter The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0000 No error 80B5 The instruction cannot be executed because it was not programmed within a startup OB. General error information See also: "GET_ERR_ID: Get error ID locally *The error codes can be displayed as integer or hexadecimal value in the program editor. For information on toggling display formats, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := INIT_RD("Tag_REQ"); If the operand "Tag_REQ" has the signal state "1", the instruction is executed. All retentive data of all data blocks, bit memories and SIMATIC timers and counters are reset. See also Overview of the valid data types (Page 2131) GET_ERR_ID: Get error ID locally (Page 3251) 3254 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Basics of SCL (Page 4747) Memory areas (Page 944) WAIT: Configure time delay (S7-1500) Description The "Configure time delay" instruction pauses the program execution for a specific period of time. You indicate the period of time in microseconds on the WT parameter of the instruction. You can configure time delays from -32768 up to 32767 microseconds (s). The smallest possible delay time depends on the respective CPU and corresponds to the execution time of the "Configure time delay" instruction. The execution of the instruction can be interrupted by higher priority events. The "Configure time delay" instruction returns no error information. Syntax The following syntax is used for the "Configure time delay" instruction: SCL WAIT(WT:= <Operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description WT Input INT I, Q, M, D, L, P or constant Time delay in microseconds (s) See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) RUNTIME: Measure program runtime (S7-1200, S7-1500) Description The "Measure program runtime" instruction is used to measure the runtime of the entire program, individual blocks or command sequences. If you want to measure the runtime of your entire program, call the instruction "Measure program runtime" in OB1. Measurement of the runtime is started with the first call and the output RET_VAL returns the runtime of the program after the second call. The measured runtime includes all CPU processes that can occur during the program execution, for example, interruptions caused by higher-level events or communication. The instruction "Measure WinCC Advanced V14 System Manual, 10/2016 3255 Programming the PLC 11.4 Instructions program runtime" reads an internal counter of the CPU and writes the value to the in/out parameter. The instruction calculates the current program runtime according to the internal counter frequency and writes it to output RET_VAL. If you want to measure the runtime of individual blocks or individual command sequences, you need three separate networks. Call the instruction "Measure program runtime" in an individual network within your program. You set the starting point of the runtime measurement with this first call of the instruction. Then you call the required program block or the command sequence in the next network. In another network, call the "Measure program runtime" instruction a second time and assign the same memory to the in/out parameter as you did during the first call of the instruction. The "Measure program runtime" instruction in the third network reads an internal CPU counter and calculates the current runtime of the program block or the command sequence according to the internal counter frequency and writes it to the output RET_VAL. The "Measure program runtime" instruction uses an internal high-frequency counter to calculate the time. If the counter overruns, the instruction returns values <= 0.0. This can occur up to once per minute for S7-1200 CPUs with firmware version <V4.2. Ignore these runtime values. Note The runtime of a command sequence cannot be determined exactly, because the sequence of instructions within a command sequence is changed during optimized compilation of the program. Syntax The following syntax is used for the "Measure program runtime" instruction: SCL RUNTIME(<Operand>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description <Operand> InOut LREAL I, Q, M, D, L The content is for internal pur poses only. LREAL I, Q, M, D, L Returns the measured run time in seconds Function value 3256 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows the how the instruction works based on the runtime calculation of a program block: SCL "Tag_Result" := RUNTIME("Tag_Memory"); "Best_before_date_DB" (); "Tag_Result" := RUNTIME("Tag_Memory"); The starting point for the runtime measurement is set with the first call of the instruction and buffered as reference for the second call of the instruction in the "TagMemory" operand. The "Best_before_date" program block FB1 is called. When the program block FB1 has been processed, the instruction is executed a second time. The second call of the instruction calculates the runtime of the program block and writes the result to the output "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) Word logic operations (S7-1200, S7-1500) DECO: Decode (S7-1200, S7-1500) Description The instruction "Decode" sets a bit specified by the input value in the output value. The instruction "Decode" reads the value of the parameter IN and sets the bit in the output value, whose bit position corresponds to the read value. The other bits in the output value are filled with zeroes. If the value of the IN parameter is greater than 31, a modulo 32 instruction is executed. Syntax The following syntax is used for the instruction "Decode": SCL DECO(IN := <Expression>) DECO_WORD(IN := <Expression>) WinCC Advanced V14 System Manual, 10/2016 3257 Programming the PLC 11.4 Instructions The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description IN Input UINT I, Q, M, D, L, P Position of the bit in the output value which is set. Bit strings default: DWORD - Data type of the function value: _<Data type> 1. You can specify the data type of the instruction explicitly using "_". 2. If you do not specify the data type explicitly, it will be determined by the utilized tags or type-coded constants. 3. If you neither specify the data type explicitly nor specify defined tags or typecoded constants, the default data type will be used. Function value Bit strings I, Q, M, D, L, P Current output value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := DECO(IN := "Tag_Value"); "Tag_Result2" := DECO_BYTE(IN := "Tag_Value2"); The following figure shows how the instruction works using specific operand values: 7DJB9DOXH 7DJB5HVXOW The instruction reads the number "3" from the value of the operand "Tag_Value" and sets the third bit to the value of the operand "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) 3258 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ENCO: Encode (S7-1200, S7-1500) Description The instruction "Encode" reads the bit number of the lowest-value bit set in the input value and issues this as a result. Syntax The following syntax is used for the instruction "Encode": SCL ENCO(IN := <Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration Data type Memory area Description IN Input Bit strings I, Q, M, D, L, P Input value INT I, Q, M, D, L, P Bit number of the bit in the input value that is read out. Function value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := ENCO(IN := "Tag_Value"); The following figure shows how the instruction works using specific operand values: 7DJB9DOXH 7DJB5HVXOW The instruction reads the lowest-value set bit of the operand "Tag_Value" and writes the bit position "3" in the operand "Tag_Result". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) WinCC Advanced V14 System Manual, 10/2016 3259 Programming the PLC 11.4 Instructions SEL: Select (S7-1200, S7-1500) Description The instruction "Select" selects one of the parameters IN0 or IN1 depending on a switch (G parameter) and issues its content as a result. When the parameter G has the signal status "0", the value at parameter IN0 is moved. When the parameter G has the signal status "1", the value at parameter IN1 is moved and returned as a function value. The instruction is only executed if the tags of all parameters have the same data type class. Syntax The following syntax is used for the "Select" instruction: SCL SEL(G := <Expression>, IN0 := <Expression>, IN1 := <Expression>) The syntax of the instruction consists of the following parts: Parameter Declaration S7-1200 S7-1500 G Input BOOL BOOL IN0 Input Binary numbers, integers, floatingpoint numbers, timers, strings, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, timers, strings, DATE, TOD, LTOD, DT, LDT First input value IN1 Input Binary numbers, integers, floatingpoint numbers, timers, strings, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, timers, strings, DATE, TOD, LTOD, DT, LDT Second input val ue Binary numbers, integers, floatingpoint numbers, timers, strings, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, timers, strings, DATE, TOD, LTOD, DT, LDT Result of the in struction Function value Data type Memory area Description I, Q, M, D, L Switch For additional information on valid data types, refer to "See also". 3260 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := SEL(G := "Tag_Value", IN0 := "Tag_0", IN1 := "Tag_1"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand Value Tag_Value 0 1 Tag_0 W#16#0000 W#16#4C Tag_1 W#16#FFFF D#16#5E Tag_Result W#16#0000 D#16#5E See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) MUX: Multiplex (S7-1200, S7-1500) Description The "Multiplex" instruction copies the value of a selected input parameter and issues it. You can use the parameter K to determine the number of the input parameter whose value will be moved. Numbering starts at IN0 and is incremented continuously with each new input. You can declare a maximum of 32 inputs. Numerical data types and time data types are permitted at the inputs. All tags with assigned parameters must be of the same data type. The function value is invalid if any of the following requirements are met: Errors occurred during execution of the instruction. If the input at the K parameter is located outside the available inputs and the INELSE input is not used, the function value is invalid. Note K parameter has a negative integer If a tag with a valid data type is specified at the input parameters and the K parameter has a negative integer, the value of the tag is changed. WinCC Advanced V14 System Manual, 10/2016 3261 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Multiplex" instruction: SCL MUX(K := <Expression>, IN0 := <Expression>, IN1 := <Expression>, INELSE := <Expression>) Parameters The following table shows the parameters of the "Multiplex" instruction: Parameter K Declaration Input Data type S7-1200 S7-1500 Integers Integers Memory area Description I, Q, M, D, L, P Specifies the parame ter whose content is to be transferred. If K = 0 => Parameter IN0 If K = 1 => Parameter IN1, etc. 3262 IN0 Input Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, strings, TOD, LTOD, DATE, timers, DT, LDT First input value IN1 Input Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, strings, TOD, LTOD, DATE, timers, DT, LDT Second input value WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description INn Input Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, strings, TOD, LTOD, DATE, timers, DT, LDT Optional input values INELSE Input Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, strings, TOD, LTOD, DATE, timers, DT, LDT Specifies the value to be copied when K <> n. Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num I, Q, M, D, L, bers, integers, P floating-point numbers, strings, TOD, LTOD, DATE, timers, DT, LDT Result of the instruc tion Function value For more information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := MUX(K := "Tag_Number", IN0 := "Tag_1", IN1 := "Tag_2", INELSE := "Tag_3"); The result of the instruction is returned in the operand "Tag_Result" as a function value. The following table shows how the instruction works using specific operand values: Operand WinCC Advanced V14 System Manual, 10/2016 Value Tag_Number 1 4 Tag_1 DW#16#00000000 DW#16#00000000 3263 Programming the PLC 11.4 Instructions Operand Value Tag_2 DW#16#003E4A7D DW#16#003E4A7D Tag_3 DW#16#FFFF0000 DW#16#FFFF0000 Tag_Result DW#16#003E4A7D DW#16#FFFF0000 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) DEMUX: Demultiplex (S7-1200, S7-1500) Description The "Demultiplex" instruction transfers the value of the input parameter IN to a selected output parameter. The selection of the input parameter takes place independent of the parameter value K. The K parameter specifies the output parameter number to which the value of the input parameter IN is transferred. The other output parameters are not changed. Numbering starts at OUT0 and continues consecutively with each new output. You can declare a maximum of 32 output parameters. If the value of the K parameter is greater than the number of output parameters, the value of the ENO enable output is set to "0" and the value of the input parameter IN is transferred to the output parameter OUTELSE. The function value is invalid if any of the following requirements are met: The value of the K parameter is greater than the number of available outputs. Errors occurred during execution of the instruction. Note K parameter < 0 or K > available outputs If you specify at the K parameter a value that is outside the available outputs (K < 0 or K > available outputs), then the value of the IN input parameter is output at the OUTELSE output parameter. Syntax The following syntax is used for the instruction "Demultiplex": SCL DEMUX(K := <Expression>, IN := <Expression>, OUT0 := <Expression>, OUT1 := <Expression>, 3264 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SCL OUTELSE := <Expression>) Parameters The following table shows the parameters of the instruction "Demultiplex": Parameter K Declaration Input Data type S7-1200 S7-1500 Integers Integers Memory area Description I, Q, M, D, L, P Specifies the output to which the input value (IN) will be cop ied. If K = 0 => Parameter OUT0 If K = 1 => Parameter OUT1, etc. WinCC Advanced V14 System Manual, 10/2016 IN Input Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num bers, integers, floating-point numbers, strings, timers, TOD, LTOD, DATE, DT, LDT I, Q, M, D, L, P Input value OUT0 Output Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num bers, integers, floating-point numbers, strings, timers, TOD, LTOD, DATE, DT, LDT I, Q, M, D, L, P First output OUT1 Output Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num bers, integers, floating-point numbers, strings, timers, TOD, LTOD, DATE, DT, LDT I, Q, M, D, L, P Second output 3265 Programming the PLC 11.4 Instructions Parameter Declaration Data type S7-1200 S7-1500 Memory area Description OUTn Output Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num bers, integers, floating-point numbers, strings, timers, TOD, LTOD, DATE, DT, LDT I, Q, M, D, L, P Optional outputs OUTELSE Output Binary num bers, inte gers, floatingpoint num bers, timers, STRING, CHAR, WCHAR, TOD, DATE, DT Binary num bers, integers, floating-point numbers, strings, timers, TOD, LTOD, DATE, DT, LDT I, Q, M, D, L, P Output to which the value at input IN is copied if K > n. For additional information on available data types, refer to "See also". Example The following example shows how the instruction works: SCL DEMUX(K := "Tag_Number", IN := "Tag_Value", OUT0 := "Tag_1", OUT1 := "Tag_2", OUTELSE := "Tag_3"); The following tables show how the instruction works using specific operand values: Input values of the "Demultiplex" instruction before the network execution Parameter Operand Values K Tag_Number 2 4 IN Tag_Value DW#16#FFFFFFFF DW#16#003E4A7D Output values of the "Demultiplex" instruction after the network execution 3266 Parameter Operand Values OUT0 Tag_1 Unchanged Unchanged OUT1 Tag_2 DW#16#FFFFFFFF Unchanged OUTELSE Tag_3 Unchanged DW#16#003E4A7D WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) Shift and Rotate (S7-1200, S7-1500) SHR: Shift right (S7-1200, S7-1500) Description The "Shift right" instruction shifts the contents of the IN parameter bit-by-bit to the right and returns it as a function value. The parameter N is used to specify the number of bit positions by which the specified value should be shifted. If the value of the N parameter is "0", the value of the IN parameter is given as a result. If the value of the N parameter is greater than the number of available bit positions, then the value of the IN parameter is shifted to the right by the available number of bit positions. The freed bit positions in the left area of the operand are filled by zeroes when values without signs are shifted. If the specified value has a sign, the free bit positions are filled with the signal state of the sign bit. The following figure shows how the content of an integer data type operand is shifted by four bit positions to the right: ,1 1 5HVXOW! SODFHV 7KHIUHHGELWSRVLWLRQV DUHILOOHGZLWK]HURV WinCC Advanced V14 System Manual, 10/2016 7KHVHIRXUELWV DUHORVW 3267 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the instruction "Shift right": SCL SHR(IN := <operand>, N := <operand>) Parameters The following table shows the parameters of the "Shift right" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L Value to be shif ted N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L Number of bits by which the val ue (IN) is shifted Bit strings, integers Bit strings, integers I, Q, M, D, L Result of the in struction Function value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := SHR(IN := "Tag_Value", N := "Tag_Number"); The following table shows how the instruction works using specific operand values: Parameter Operand Value IN Tag_Value 0011 1111 1010 1111 N Tag_Number 3 Function value Tag_Result 0000 0111 1111 0101 The content of the "Tag_Value" operand is shifted by three bit positions to the right. The result of the instruction is returned in the operand "Tag_Result" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) 3268 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SHL: Shift left (S7-1200, S7-1500) Description The "Shift left" instruction shifts the contents of the IN parameter bit-by-bit to the left and returns it as a function value. The parameter N is used to specify the number of bit positions by which the specified value should be shifted. If the value of the N parameter is "0", the value of the IN parameter is given as a result. If the value of the N parameter is greater than the number of bit positions, the value of the IN parameter is shifted to the left by the available number of bit positions. The bit positions freed by the shift are filled with zeros in the result value. The following figure shows how the content of an operand of the WORD data type is shifted six bit positions to the left: ,1 1 SRVLWLRQV 5HVXOW! 7KHVHVL[ELWV ZLOOEHORVW 7KHELWSRVLWLRQV WKDWKDYHEHFRPHIUHH ZLOOEHILOOHGZLWK]HURHV Syntax The following syntax is used for the instruction "Shift left": SCL SHL(IN := <Operand>, N := <Operand>) WinCC Advanced V14 System Manual, 10/2016 3269 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Shift left" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L Value to be shif ted N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L Number of bits by which the val ue (IN) is shifted Bit strings, integers Bit strings, integers I, Q, M, D, L Result of the in struction Function value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := SHL(IN := "Tag_Value", N := "Tag_Number"); The following table shows how the instruction works using specific operand values: Parameter Operand Value IN Tag_Value 0011 1111 1010 1111 N Tag_Number 4 Function value Tag_Result 1111 1010 1111 0000 The value of the "Tag_Value" operand is shifted by four bit positions to the left. The result of the instruction is returned in the operand "Tag_Result" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ROR: Rotate right (S7-1200, S7-1500) Description The "Rotate right" instruction rotates the content of the IN parameter bit-by-bit to the right and assigns the result to the specified operand. The parameter N is used to specify the number of bit positions by which the specified value should be rotated. The bit positions freed by rotating are filled with the bit positions that are pushed out. 3270 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the value of the N parameter is "0", the value at input IN is given as a result. If the value at the N parameter is greater than the number of available bit positions, the operand value at the IN input is still rotated by the specified number of bit positions. The following figure shows how the content of an operand of the DWORD data type is rotated three bit positions to the right: ,1 1 SODFHV 5HVXOW! 7KHVLJQDOVWDWHRIWKHWKUHH VKLIWHGELWVLVLQVHUWHGLQWRWKH IUHHGSRVLWLRQV Syntax The following syntax is used for the instruction "Rotate right": SCL ROR(IN := <Operand>, N := <Operand>) Parameters The following table shows the parameters of the "Rotate right" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L Value to be rota ted N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L Number of bit positions by which the value (IN) is rotated Bit strings, integers Bit strings, integers I, Q, M, D, L Result of the in struction Function value For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3271 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ROR(IN := "Tag_Value", N := "Tag_Number"); The following table shows how the instruction works using specific operand values: Parameter Operand Value IN Tag_Value 0000 1111 1001 0101 N Tag_Number 5 Function value Tag_Result 1010 1000 0111 1100 The content of the "Tag_Value" operand is rotated by five bit positions to the right. The result of the instruction is returned in the operand "Tag_Result" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) ROL: Rotate left (S7-1200, S7-1500) Description The "Rotate left" instruction rotates the contents of the IN parameter bit-by-bit to the left and returns it as a function value. The parameter N is used to specify the number of bit positions by which the specified value should be rotated. The bit positions freed by rotating are filled with the bit positions that are pushed out. If the value of the N parameter is "0", the value at input IN is given as a result. If the value at the N parameter is greater than the number of available bit positions, the operand value at the IN input is still rotated by the specified number of bit positions. The following figure shows how the content of an operand of the DWORD data type is rotated three bit positions to the left: 3272 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ,1 1 5HVXOW! SRVLWLRQV 7KHVLJQDOVWDWHRIWKHWKUHH ELWVWKDWKDYHEHHQPRYHGZLOOEH DGGHGLQWKHSRVLWLRQVZKLFKKDYH EHFRPHIUHH Syntax The following syntax is used for the "Rotate left" instruction: SCL ROL(IN := <Operand>, N := <Operand>) Parameters The following table shows the parameters of the "Rotate left" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Bit strings, integers Bit strings, integers I, Q, M, D, L Value to be rota ted N Input USINT, UINT, UDINT USINT, UINT, UDINT, ULINT I, Q, M, D, L Number of bit positions by which the value (IN) is rotated Bit strings, integers Bit strings, integers I, Q, M, D, L Result of the in struction Function value For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3273 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: SCL "Tag_Result" := ROL(IN := "Tag_Value", N := "Tag_Number"); The following table shows how the instruction works using specific operand values: Parameters Operand Value IN Tag_Value 1010 1000 1111 0110 N Tag_Number 5 Function value Tag_Result 0001 1110 1101 0101 The content of the operand "Tag_Value" is rotated five bit positions to the left. The result of the instruction is returned in the operand "Tag_Result" as a function value. See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) Memory areas (Page 944) Legacy (S7-1500) DRUM: Implement sequencer (S7-1500) Description You can use the "Implement sequencer" instruction to assign the programmed values of the OUT_VAL parameter of the corresponding step to the programmed output bits (OUT1 to OUT16) and the output word (OUT_WORD). The specific step must thereby satisfy the conditions of the programmed enable mask on the S_MASK parameter while the instruction remains at this step. The instruction advances to the next step if the event for the step is true and the programmed time for the current step elapses, or if the value at the JOG parameter changes from "0" to "1". The instruction is reset when the signal state of the RESET parameter changes to "1". The current step is hereby equated to the preset step (DSP). The amount of time spent on a step is determined by the product of the preset timebase (DTBP) and the preset counter value (S_PRESET) for each step. At the start of a new step, this calculated value is loaded into the DCC parameter, which contains the time remaining for the current step. If, for example the value at the DTBP parameter is "2" and the preset value for the first step is "100" (100 ms), the DCC parameter has the value "200" (200 ms). A step can be programmed with a timer value, an event, or both. Steps that have an event bit and the timer value "0" advance to the next step as soon as the signal state of the event bit is "1". Steps that are programmed only with a timer value start the time immediately. Steps that are programmed with an event bit and a time value greater than "0" start the time when the signal state of the event bit is "1". The event bits are initialized with a signal state of "1". 3274 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When the sequencer is on the last programmed step (LST_STEP) and the time for this step has expired, the signal state on the Q parameter is set to "1"; otherwise it is set to "0". When the parameter Q is set, the instruction remains on the step until it is reset. In the configurable mask (S_MASK) you can select the individual bits in the output word (OUT_WORD) and set or reset the output bits (OUT1 to OUT16) by means of the output values (OUT_VAL). When a bit of the configurable mask has a signal state of "1", the OUT_VAL value sets/resets the corresponding bit. If the signal state of a bit of the configurable mask is "0", the corresponding bit is left unchanged. All the bits of the configurable mask for all 16 steps are initialized with a signal state of "1". The output bit on the OUT1 parameter corresponds to the least significant bit of the output word (OUT_WORD). The output bit on the OUT16 parameter corresponds to the most significant bit of the output word (OUT_WORD). Syntax The following syntax is used for the "Implement sequencer" instruction: SCL <Instance>(RESET := <Operand>, JOG := <operand>, DRUM_EN := <operand>, LST_STEP := <operand>, EVENT1 - 16 := <Operand>, OUT1 - 16 => <Operand>, Q => <operand>, OUT_WORD => <operand>, ERR_CODE => <operand>) Parameters The following table shows the parameters of the "Implement sequencer" instruction: Parameter Declaration Data type Memory area Description RESET Input BOOL I, Q, M, D, L The signal state "1" indicates a reset condition. JOG Input BOOL I, Q, M, D, L When the signal state changes from "0" to "1", the instruction advances to the next step. DRUM_EN Input BOOL I, Q, M, D, L The signal state "1" allows the sequencer to advance based on the event and time criteria. LST_STEP Input BYTE I, Q, M, D, L Number of the last program med step. EVENT(i), Input BOOL I, Q, M, D, L Event bit (i); Output BOOL I, Q, M, D, L 1 i 16 OUT(j), Initial signal state is "1". Output bit (j) 1 j 16 WinCC Advanced V14 System Manual, 10/2016 3275 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description Q Output BOOL I, Q, M, D, L The signal state "1" indicates that the time for the last step has elapsed. OUT_WORD Output WORD I, Q, M, D, L, P Word address to which the sequencer writes the output values. ERR_CODE Output WORD I, Q, M, D, L, P Error information JOG_HIS Static BOOL I, Q, M, D, L JOG parameter history bit EOD Static BOOL I, Q, M, D, L The signal state "1" indicates that the time for the last step has elapsed. DSP Static BYTE I, Q, M, D, L, P Preset step of the sequencer DSC Static BYTE I, Q, M, D, L, P Current step of the sequencer DCC Static DWORD I, Q, M, D, L, P Current counter value of the sequencer DTBP Static WORD I, Q, M, D, L, P Preset timebase of the se quencer PrevTime Static TIME I, Q, M, D, L Previous system time S_PRESET Static ARRAY[1..16] of WORD I, Q, M, D, L Preset counter value for each step [1 to 16] where one clock pulse = 1 ms. OUT_VAL Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L Output values for each step [1 to 16, 0 to 15]. S_MASK Static ARRAY[1..16, 0..15] of BOOL I, Q, M, D, L Configurable mask for each step [1 to 16, 0 to 15]. Initial signal states are "1". You can find additional information on valid data types under "See also". ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: ERR_COD E* Explanation W#16#000 0 No error W#16#000 B The value at the LST_STEP parameter is less than 1 or greater than 16. W#16#000 C The value at the DSC parameter is less than 1 or greater than the value of the LST_STEP parameter. W#16#000 D The value at the DSP parameter is less than 1 or greater than the value of the LST_STEP parameter. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". 3276 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example the instruction advances from step 1 to step 2. The output bits (OUT1 to OUT16) and the output word (OUT_WORD) are set according to the mask configured for step 2 and the values of the OUT_VAL parameter. Note You can initialize static parameters in the data block. SCL "DRUM_DB"(RESET := "Tag_Reset" JOG := "Tag_Input_Jog" DRUM_EN := "Tag_Input_DrumEN" LST_STEP := "Tag_Number_LastStep" EVENT1 := "MyTag_Event_1" EVENT2 := "MyTag_Event_2" EVENT3 := "MyTag_Event_3" EVENT4 := "MyTag_Event_4" EVENT5 := "MyTag_Event_5" EVENT6 := "MyTag_Event_6" EVENT7 := "MyTag_Event_7" EVENT8 := "MyTag_Event_8" EVENT9 := "MyTag_Event_9" EVENT10 := "MyTag_Event_10" EVENT11 := "MyTag_Event_11" EVENT12 := "MyTag_Event_12" EVENT13 := "MyTag_Event_13" EVENT14 := "MyTag_Event_14" EVENT15 := "MyTag_Event_15" EVENT16 := "MyTag_Event_16" OUT1 => "MyTag_Output_1" OUT2 => "MyTag_Output_2" OUT3 => "MyTag_Output_3" OUT4 => "MyTag_Output_4" OUT5 => "MyTag_Output_5" OUT6 => "MyTag_Output_6" OUT7 => "MyTag_Output_7" OUT8 => "MyTag_Output_8" OUT9 => "MyTag_Output_9" OUT10 => "MyTag_Output_10" OUT11 => "MyTag_Output_11" OUT12 => "MyTag_Output_12" OUT13 => "MyTag_Output_13" OUT14 => "MyTag_Output_14" OUT15 => "MyTag_Output_15" WinCC Advanced V14 System Manual, 10/2016 3277 Programming the PLC 11.4 Instructions SCL OUT16 => "MyTag_Output_16" Q => "Tag_Output_Q" OUT_WORD => "Tag_OutputWord" ERR_CODE => "Tag_ErrorCode"); The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for initializing the input parameters: Parameter Operand Address Value RESET Tag_Reset M0.0 FALSE JOG Tag_Input_JOG M0.1 FALSE DRUM_EN Tag_Input_DrumEN M0.2 TRUE LST_STEP Tag_Number_LastStep MB1 B#16#08 EVENT2 MyTag_Event_2 M20.0 FALSE EVENT4 MyTag_Event_4 M20.1 FALSE EVENT6 MyTag_Event_6 M20.2 FALSE EVENT8 MyTag_Event_8 M20.3 FALSE EVENT10 MyTag_Event_10 M20.4 FALSE EVENT12 MyTag_Event_12 M20.5 FALSE EVENT14 MyTag_Event_14 M20.6 FALSE EVENT16 MyTag_Event_16 M20.7 FALSE The following values are saved in the "DRUM_DB" instance data block of the instruction: 3278 Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE DSP DBB13 W#16#0001 DSC DBB14 W#16#0001 DCC DBD16 DW#16#0000000A DTBP DBW20 W#16#0001 S_PRESET[1] DBW26 W#16#0064 S_PRESET[2] DBW28 W#16#00C8 OUT_VAL[1,0] DBX58.0 TRUE OUT_VAL[1,1] DBX58.1 TRUE OUT_VAL[1,2] DBX58.2 TRUE OUT_VAL[1,3] DBX58.3 TRUE OUT_VAL[1,4] DBX58.4 TRUE OUT_VAL[1,5] DBX58.5 TRUE OUT_VAL[1,6] DBX58.6 TRUE OUT_VAL[1,7] DBX58.7 TRUE OUT_VAL[1,8] DBX59.0 TRUE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WinCC Advanced V14 System Manual, 10/2016 Parameter Address Value OUT_VAL[1,9] DBX59.1 TRUE OUT_VAL[1,10] DBX59.2 TRUE OUT_VAL[1,11] DBX59.3 TRUE OUT_VAL[1,12] DBX59.4 TRUE OUT_VAL[1,13] DBX59.5 TRUE OUT_VAL[1,14] DBX59.6 TRUE OUT_VAL[1,15] DBX59.7 TRUE OUT_VAL[2,0] DBX60.0 FALSE OUT_VAL[2,1] DBX60.1 FALSE OUT_VAL[2,2] DBX60.2 FALSE OUT_VAL[2,3] DBX60.3 FALSE OUT_VAL[2,4] DBX60.4 FALSE OUT_VAL[2,5] DBX60.5 FALSE OUT_VAL[2,6] DBX60.6 FALSE OUT_VAL[2,7] DBX60.7 FALSE OUT_VAL[2,8] DBX61.0 FALSE OUT_VAL[2,9] DBX61.1 FALSE OUT_VAL[2,10] DBX61.2 FALSE OUT_VAL[2,11] DBX61.3 FALSE OUT_VAL[2,12] DBX61.4 FALSE OUT_VAL[2,13] DBX61.5 FALSE OUT_VAL[2,14] DBX61.6 FALSE OUT_VAL[2,15] DBX61.7 FALSE S_MASK[2,0] DBX92.0 FALSE S_MASK[2,1] DBX92.1 TRUE S_MASK[2,2] DBX92.2 TRUE S_MASK[2,3] DBX92.3 TRUE S_MASK[2,4] DBX92.4 TRUE S_MASK[2,5] DBX92.5 FALSE S_MASK[2,6] DBX92.6 TRUE S_MASK[2,7] DBX92.7 TRUE S_MASK[2,8] DBX93.0 FALSE S_MASK[2,9] DBX93.1 FALSE S_MASK[2,10] DBX93.2 TRUE S_MASK[2,11] DBX93.3 TRUE S_MASK[2,12] DBX93.4 TRUE S_MASK[2,13] DBX93.5 TRUE S_MASK[2,14] DBX93.6 FALSE S_MASK[2,15] DBX93.7 TRUE 3279 Programming the PLC 11.4 Instructions The output parameters are set to the following values before the execution of the instruction: Parameter Operand Address Value Q Tag_Output_Q M6.0 FALSE OUTWORD Tag_OutputWord MW8 W#16#FFFF OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 TRUE OUT3 MyTag_Output_3 M4.2 TRUE OUT4 MyTag_Output_4 M4.3 TRUE OUT5 MyTag_Output_5 M4.4 TRUE OUT6 MyTag_Output_6 M4.5 TRUE OUT7 MyTag_Output_7 M4.6 TRUE OUT8 MyTag_Output_8 M4.7 TRUE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 TRUE OUT12 MyTag_Output_12 M5.3 TRUE OUT13 MyTag_Output_13 M5.4 TRUE OUT14 MyTag_Output_14 M5.5 TRUE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 TRUE After processing The following values are written to the output parameters after the instruction has been executed: 3280 Parameter Operand Address Value OUT1 MyTag_Output_1 M4.0 TRUE OUT2 MyTag_Output_2 M4.1 FALSE OUT3 MyTag_Output_3 M4.2 FALSE OUT4 MyTag_Output_4 M4.3 FALSE OUT5 MyTag_Output_5 M4.4 FALSE OUT6 MyTag_Output_6 M4.5 TRUE OUT7 MyTag_Output_7 M4.6 FALSE OUT8 MyTag_Output_8 M4.7 FALSE OUT9 MyTag_Output_9 M5.0 TRUE OUT10 MyTag_Output_10 M5.1 TRUE OUT11 MyTag_Output_11 M5.2 FALSE OUT12 MyTag_Output_12 M5.3 FALSE OUT13 MyTag_Output_13 M5.4 FALSE OUT14 MyTag_Output_14 M5.5 FALSE OUT15 MyTag_Output_15 M5.6 TRUE OUT16 MyTag_Output_16 M5.7 FALSE Q Tag_Output_Q M6.0 FALSE WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Operand Address Value OUTWORD Tag_OutputWord MW8 W#16#4321 ERR_CODE Tag_ErrorCode MW10 W#16#0000 The following values are changed in the instance data block "DRUM_DB" of the instruction after the execution of the instruction: Parameter Address Value JOG_HIS DBX12.0 FALSE EOD DBX12.1 FALSE DSC DBB14 W#16#0002 DCC DBD16 DW#16#000000C8 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) DCAT: Discrete control-timer alarm (S7-1500) Description You can use the "Discrete control-timer alarm" to count the time from the point at which the CMD parameter issues the command to open or close. The time is accumulated until the preset time (PT) is exceeded or the information is received that the device was opened or closed (O_FB or C_FB) within the specified time. If the preset time is exceeded before the information on the opening or closing of the device is received, the corresponding alarm is activated. If the signal state of the command input changes before the preset time, the time is restarted. The "Discrete control-timer alarm" instruction has the following reactions to the input conditions: When the signal state of the CMD parameter changes from "0" to "1", the signal states of the parameters Q, CMD_HIS, ET (only if ET is < PT) OA and CA are influenced as follows: - The Q and CMD_HIS parameters are set to "1". - The ET, OA, and CA parameters are reset to "0". When the signal state on the parameter CMD changes from "1" to "0", the parameters Q, ET (only if ET < PT), OA, CA and CMD_HIS are reset to "0". When the signal state of the parameters CMD and CMD_HIS is "1" and the parameter O_FB is set to "0", the time difference (ms) since the last execution of the instruction is added to the value at the parameter ET. If the value of the ET parameter exceeds the value of the PT parameter, the signal state at the OA parameter is set to "1". If the value of the ET parameter does not exceed the value of the PT parameter, the signal state of the OA parameter is reset to "0". The value at the parameter CMD_HIS is reset to the value of the parameter CMD. WinCC Advanced V14 System Manual, 10/2016 3281 Programming the PLC 11.4 Instructions If the signal state of the CMD, CMD_HIS and O_FB parameters are set to "1" and the parameter C_FB has the value "0", the signal state of the parameter OA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the parameter O_FB changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters CMD, CMD_HIS and C_FB have the value "0", the time difference (ms) since the last execution of the instruction is added to the value of the parameter ET. If the value of the ET parameter exceeds the value of the PT parameter, the signal state of the parameter CA is reset to "1". If the value at the parameter PT is not exceeded, the parameter CA has the signal state "0". The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters CMD, CMD_HIS and O_FB have the signal state "0" and the parameter C_FB is set to "1", the parameter CA is set to "0". The value of the ET parameter is set to the value of the PT parameter. If the signal state of the C_FB parameter changes to "0", the alarm is set the next time the instruction is executed. The value of the CMD_HIS parameter is set to the value of the CMD parameter. If the parameters O_FB and C_FB simultaneously have the signal state "1", the signal states of both alarm outputs are set to "1". The "Discrete control-timer alarm" instruction has no error information. Syntax The following syntax is used for the "Discrete control-timer alarm" instruction: SCL <Instance>(CMD := <Operand>, O_FB := <operand>, C_FB := <operand>, Q => <operand>, OA => <operand>, CA => <operand>) Parameter The following table shows the parameters of the instruction: Parameter Declaration Data type Memory area Description CMD Input BOOL I, Q, M, D, L A signal state of "0" indicates a "close" command. A signal state of "1" indicates an "open" command. 3282 O_FB Input BOOL I, Q, M, D, L Feedback input when opening C_FB Input BOOL I, Q, M, D, L Feedback input when closing Q Output BOOL I, Q, M, D, L Shows the status of the parame ter CMD OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ET Static DINT D, L Currently elapsed time, where one count = 1 ms. PT Static DINT D, L Preset timer value, where one clock pulse = 1 ms. PREV_TIME Static DWORD D, L Previous system time CMD_HIS Static BOOL D, L CMD history bit The static parameters are not visible when calling the instruction in the program. These are saved in the instance of the instruction. Example In the following example the parameter CMD changes from "0" to "1". After the execution of the instruction the parameter Q is set to "1" and the two alarm outputs OA and CA have the signal state "0". The CMD_HIS parameter of the instance data block is set to the signal state "1" and the ET parameter is reset to "0". Note You can initialize static parameters in the data block. SCL "DCAT_DB"(CMD := "Tag_Input_CMD", O_FB := "Tag_Input_O_FB", C_FB := "Tag_Input_C_FB", Q => "Tag_Output_Q", OA => "Tag_Output_OA", CA => "Tag_Output_CA"); The following tables show how the instruction works using specific values. Before processing In this example, the following values are used for the input and output parameters: Parameter Operand Value CMD Tag_Input_CMD TRUE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE Q Tag_Output_Q FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Address Value ET DBD4 L#12 PT DBD8 L#222 CMD_HIS DBX16.0 FALSE 3283 Programming the PLC 11.4 Instructions After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value Q Tag_Output_Q TRUE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE The following values are saved in the instance data block "DCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#0 CMD_HIS DBX16.0 TRUE See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) MCAT: Motor control-timer alarm (S7-1500) Description The "Motor control-timer alarm" instruction is used to accumulate the time from the point at which one of the command inputs (opening or closing) is switched on. The time is accumulated until the preset time is exceeded or the relevant feedback input indicates that the device has executed the requested operation within the specified time. If the preset time is exceeded before the feedback is received, the corresponding alarm is triggered. Execution of the "Motor control-timer alarm" instruction The following table shows the reactions of the "Motor control-timer alarm" instruction to the various input conditions: Input parameters Output parameters ET O_H IS C_H IS O_C MD C_C MD S_C MD O_F B C_F B OO CO OA CA ET O_H IS C_HI Q S Status X 1 1 X X X X X 0 0 1 1 PT 0 0 0 Alarm X X X X X X 1 1 0 0 1 1 PT 0 0 0 Alarm X X X X X 1 X X 0 0 0 0 X 0 0 1 Stop X X X 1 1 X X X 0 0 0 0 X 0 0 1 Stop X 0 X 1 0 0 X X 1 0 0 0 0 1 0 1 Start open ing <PT 1 0 X 0 0 0 X 1 0 0 0 INC 1 0 1 Open X 1 0 X 0 0 1 0 0 0 0 0 PT 1 0 1 Opened 3284 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Input parameters Output parameters >=P T 1 0 X 0 0 0 X 0 0 1 0 PT 1 0 0 Opening alarm X X 0 0 1 0 X X 0 1 0 0 0 0 1 1 Start closing <PT 0 1 0 X 0 X 0 0 1 0 0 INC 0 1 1 Close X 0 1 0 X 0 0 1 0 0 0 0 PT 0 1 1 Closed >=P T 0 1 0 X 0 X 0 0 0 0 1 PT 0 1 0 Closing alarm X 0 0 0 0 0 X X 0 0 0 0 X 0 0 1 Stopped Legend: INC Add the time difference (ms) since the last processing of the FB to ET PT PT is set to the same value as ET X Cannot be used <PT ET < PT >=PT ET >= PT If the input parameters O_HIS and C_HIS both have the signal state "1", they are immediately set to signal state "0". In this case, the last row in the table (X) mentioned above is valid. Because it is therefore not possible to check whether the input parameters O_HIS and C_HIS have the signal state "1", the output parameters are set as follows in this case: OO = FALSE CO = FALSE OA = FALSE CA = FALSE ET = PT Q = TRUE Syntax The following syntax is used for the "Motor control-timer alarm" instruction: SCL <Instance>(O_CMD := <Operand>, C_CMD := <operand>, S_CMD := <operand>, O_FB := <operand>, C_FB := <operand>, 00 => <operand>, C0 => <operand>, OA => <operand>, CA => <operand>, Q => <operand>) Parameter The following table shows the parameters of the "Motor control-timer alarm" instruction: WinCC Advanced V14 System Manual, 10/2016 Parameter Declaration Data type Memory area Description O_CMD Input BOOL I, Q, M, D, L "Open" command input C_CMD Input BOOL I, Q, M, D, L "Close" command input 3285 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description S_CMD Input BOOL I, Q, M, D, L "Stop" command input O_FB Input BOOL I, Q, M, D, L Feedback input when open ing C_FB Input BOOL I, Q, M, D, L Feedback input when closing OO Output BOOL I, Q, M, D, L "Open" output CO Output BOOL I, Q, M, D, L "Close" output OA Output BOOL I, Q, M, D, L Alarm output when opening CA Output BOOL I, Q, M, D, L Alarm output when closing Q Output BOOL I, Q, M, D, L A signal state of "0" indicates an error condition. ET Static DINT D, L Currently elapsed time, where one count = 1 ms PT Static DINT D, L Preset timer value, where one clock pulse = 1 ms PREV_TIME Static DWORD D, L Previous system time O_HIS Static BOOL D, L "Open" history bit C_HIS Static BOOL D, L "Close" history bit The static parameters are not visible when calling the instruction in the program. These are saved in the instance of the instruction. Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. SCL "MCAT_DB"(O_CMD := "Tag_Iput_O_CMD", C_CMD := "Tag_Input_C_CMD", S_CMD := "Tag_Input_S_CMD", O_FB := "Tag_Input_O_FB", C_FB := "Tag_Input_C_FB", OO => "Tag_OutputOpen", CO => "Tag_OutputClosed", OA => "Tag_Output_OA", CA => "Tag_Output_CA", Q => "Tag_Output_Q"); The following tables show how the instruction works using specific values. Before processing 3286 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions In this example, the following values are used for the input and output parameters: Parameter Operand Value O_CMD Tag_Input_O_CMD TRUE C_CMD Tag_Input_C_CMD FALSE S_CMD Tag_Input_S_CMD FALSE O_FB Tag_Input_O_FB FALSE C_FB Tag_Input_C_FB FALSE OO Tag_OutputOpen FALSE CO Tag_OutputClosed FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q FALSE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#2 PT DBD8 L#22 O_HIS DBX16.0 TRUE C_HIS DBX16.1 FALSE After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value OO Tag_OutputOpen TRUE CO Tag_OutputClosed FALSE OA Tag_Output_OA FALSE CA Tag_Output_CA FALSE Q Tag_Output_Q TRUE The following values are saved in the instance data block "MCAT_DB" of the instruction: Parameter Address Value ET DBD4 L#0 O_HIS DBX16.0 TRUE CMD_HIS DBX16.1 FALSE See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) WinCC Advanced V14 System Manual, 10/2016 3287 Programming the PLC 11.4 Instructions IMC: Compare input bits with the bits of a mask (S7-1500) Description You can use the "Compare input bits with the bits of a mask" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bits of a mask. Up to 16 steps with masks can be programmed. The value of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. In the CMP_STEP parameter, you specify the step number of the mask that is used for the comparison. All programmed values are compared in the same manner. Unprogrammed input bits or unprogrammed bits of the mask have a default signal state FALSE. If a match is found in the comparison, the signal state of the OUT parameter is set to "1". Otherwise the OUT parameter is set to "0". If the value of the CMP_STEP parameter is greater than 15, the instruction is not executed. An error message is output at the ERR_CODE parameter. Syntax The following syntax is used for the "Compare input bits with the bits of a mask" instruction: SCL <Instance>(IN_BIT0 - 15 := <Operand>, CMP_STEP := <operand>, OUT => <operand>, ERR_CODE => <operand>) Parameters The following table shows the parameters of the "Compare input bits with the bits of a mask" instruction: 3288 Parameter Declaration Data type Memory area Description IN_BIT0 Input BOOL I, Q, M, D, L Input bit 0 is compared with bit 0 of the mask. IN_BIT1 Input BOOL I, Q, M, D, L Input bit 1 is compared with bit 1 of the mask. IN_BIT2 Input BOOL I, Q, M, D, L Input bit 2 is compared with bit 2 of the mask. IN_BIT3 Input BOOL I, Q, M, D, L Input bit 3 is compared with bit 3 of the mask. IN_BIT4 Input BOOL I, Q, M, D, L Input bit 4 is compared with bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L Input bit 5 is compared with bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L Input bit 6 is compared with bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L Input bit 7 is compared with bit 7 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description IN_BIT8 Input BOOL I, Q, M, D, L Input bit 8 is compared with bit 8 of the mask. IN_BIT9 Input BOOL I, Q, M, D, L Input bit 9 is compared with bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L Input bit 10 is compared with bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L Input bit 11 is compared with bit 11 of the mask. IN_BIT12 Input BOOL I, Q, M, D, L Input bit 12 is compared with bit 12 of the mask. IN_BIT13 Input BOOL I, Q, M, D, L Input bit 13 is compared with bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L Input bit 14 is compared with bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L Input bit 15 is compared with bit 15 of the mask. CMP_STEP Input BYTE I, Q, M, D, L, P The step number of the mask used for the comparison. OUT BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. Output A signal state of "0" indicates that no match was found. ERR_COD E Output WORD I, Q, M, D, L, P Error information CMP_VAL Static ARRAY OF WORD I, Q, M, D, L Comparison masks [0 to 15, 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. The static parameters are not visible when calling the instruction in the program. These are saved in the instance of the instruction. ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000A The value at the CMP_STEP parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) WinCC Advanced V14 System Manual, 10/2016 3289 Programming the PLC 11.4 Instructions SMC: Compare scan matrix (S7-1500) Description You can use the "Compare scan matrix" instruction to compare the signal state of up to 16 programmed input bits (IN_BIT0 to IN_BIT15) with the corresponding bit of the comparison masks for each step. Processing starts at step 1 and is continued until the last programmed step (LAST) or until a match is found. The input bit of the IN_BIT0 parameter is compared with the value of the mask CMP_VAL[x,0], with "x" indicating the step number. All programmed values are compared in the same manner. If a match is found the signal state of the OUT parameter is set to "1" and the step number with the matching mask is written in the OUT_STEP parameter. Unprogrammed input bits or unprogrammed bits of the mask have a default signal state FALSE. If more than one step has a matching mask, only the first one found is indicated in the OUT_STEP parameter. If no match is found, the signal state of the OUT parameter is set to "0". In this case the value at the OUT_STEP parameter is greater by "1" than the value at the LAST parameter. Syntax The following syntax is used for the "Compare scan matrix" instruction: SCL <Instance>(IN_BIT0 - 15 := <Operand>, OUT => <operand>, OUT_STEP => <operand>, ERR_CODE => <operand>) Syntax The following table shows the parameters of the "Compare scan matrix" instruction: 3290 Parameter Declaration Data type Memory area Description IN_BIT0 Input BOOL I, Q, M, D, L Input bit 0 is compared with bit 0 of the mask. IN_BIT1 Input BOOL I, Q, M, D, L Input bit 1 is compared with bit 1 of the mask. IN_BIT2 Input BOOL I, Q, M, D, L Input bit 2 is compared with bit 2 of the mask. IN_BIT3 Input BOOL I, Q, M, D, L Input bit 3 is compared with bit 3 of the mask. IN_BIT4 Input BOOL I, Q, M, D, L Input bit 4 is compared with bit 4 of the mask. IN_BIT5 Input BOOL I, Q, M, D, L Input bit 5 is compared with bit 5 of the mask. IN_BIT6 Input BOOL I, Q, M, D, L Input bit 6 is compared with bit 6 of the mask. IN_BIT7 Input BOOL I, Q, M, D, L Input bit 7 is compared with bit 7 of the mask. IN_BIT8 Input BOOL I, Q, M, D, L Input bit 8 is compared with bit 8 of the mask. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description IN_BIT9 Input BOOL I, Q, M, D, L Input bit 9 is compared with bit 9 of the mask. IN_BIT10 Input BOOL I, Q, M, D, L Input bit 10 is compared with bit 10 of the mask. IN_BIT11 Input BOOL I, Q, M, D, L Input bit 11 is compared with bit 11 of the mask. IN_BIT12 Input BOOL I, Q, M, D, L Input bit 12 is compared with bit 12 of the mask. IN_BIT13 Input BOOL I, Q, M, D, L Input bit 13 is compared with bit 13 of the mask. IN_BIT14 Input BOOL I, Q, M, D, L Input bit 14 is compared with bit 14 of the mask. IN_BIT15 Input BOOL I, Q, M, D, L Input bit 15 is compared with bit 15 of the mask. OUT Output BOOL I, Q, M, D, L The signal state "1" indicates that a match was found. A signal state of "0" indicates that no match was found. OUT_STEP Output BYTE I, Q, M, D, L, P Contains the step number with the matching mask or the step number which is greater by "1" than the value of the LAST parameter, provided no match is found. ERR_COD E Output WORD I, Q, M, D, L, P Error information LAST Static BYTE I, Q, M, D, L, P Specifies the step number of the last step to be scanned for a matching mask. CMP_VAL Static ARRAY OF WORD I, Q, M, D, L Comparison masks [0 to 15, 0 to 15]: The first number of the index is the step number and the second number is the bit number of the mask. The static parameters are not visible when calling the instruction in the program. These are saved in the instance of the instruction. ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 000E The value at the LAST parameter is greater than 15. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 3291 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) LEAD_LAG: Lead and lag algorithm (S7-1500) Description You can use the "Lead and lag algorithm" instruction to process signals with an analog tag. The gain value at the GAIN parameter must be greater than zero. The result of the "Lead and lag algorithm" instruction is calculated using the following equation: 287 /*B7,0( /'B7,0(6$03/(B7 /'B7,0( ,1*$,1 35(9B287*$,1 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 /*B7,0(6$03/(B7 35(9B,1 The "Lead and lag algorithm" instruction supplies plausible results only when processing is in fixed program cycles. The same units must be specified at the parameters LD_TIME, LG_TIME and SAMPLE_T. At LG_TIME > 4 + SAMPLE_T, the instruction approaches the following function: OUT = GAIN * ((1 + LD_TIME * s) / (1 + LG_TIME * s)) * IN When the value of the GAIN parameter is less than or equal to zero, the calculation is not performed and an error information is output on the ERR_CODE parameter. You can use the instruction "Lead and lag algorithm" in conjunction with loops as a compensator in dynamic feed-forward control. The instruction consists of two operations. The "Lead" operation shifts the phase of output OUT so that the output leads the input. The "Lag" operation, on the other hand, shifts the output so that the output lags behind the input. Because the "Lag" operation is equivalent to an integration, it can be used as a noise suppressor or as a low-pass filter. The "Lead" operation is equivalent to a differentiation and can therefore be used as a high-pass filter. The two instructions together (Lead and Lag) result in the output phase lagging behind the input at lower frequencies and leading it at higher frequencies. This means that the "Lead and lag algorithm" instruction can be used as a band pass filter. Syntax The following syntax is used for the "Lead and lag algorithm" instruction: SCL <Instance>(IN := <Operand>, SAMPLE_T := <operand>, OUT => <operand>, ERR_CODE => <operand>) 3292 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows the parameters of the instruction: Parameter Declaration Data type Memory area Description IN Input REAL I, Q, M, D, L, P The input value of the current sample time (cycle time) to be processed. Constants can also be specified at the IN parameter. SAMPLE_T Input INT I, Q, M, D, L, P Sample time Constants can also be specified at the SAMPLE_T param eter. OUT Output REAL I, Q, M, D, L Result of the in struction ERR_CODE Output WORD I, Q, M, D, L Error information LD_TIME Static REAL I, Q, M, D, L, P Lead time in the same unit as sam ple time. LG_TIME Static REAL I, Q, M, D, L, P Lag time in the same unit as sam ple time GAIN Static REAL I, Q, M, D, L, P Gain as % / % (the ratio of the change in output to a change in input as a steady state). PREV_IN Static REAL I, Q, M, D, L, P Previous input PREV_OUT Static REAL I, Q, M, D, L, P Previous output The static parameters are not visible when calling the instruction in the program. These are saved in the instance of the instruction. ERR_CODE parameter The following table shows the meaning of the values of the ERR_CODE parameter: Error code* (W#16#...) Explanation 0000 No error 0009 The value at the GAIN parameter is less than or equal to zero. *The error codes can be displayed as integer or hexadecimal value in the program editor. You can find information on switching the display formats under "See also". WinCC Advanced V14 System Manual, 10/2016 3293 Programming the PLC 11.4 Instructions Example The following example shows how the instruction works: Note You can initialize static parameters in the data block. SCL "LEAD_LAG_DB"(IN := "Tag_Input", SAMPLE_T := "Tag_Input_SAMPLE_T", OUT => "Tag_Output_Result", ERR_CODE => "Tag_ErrorCode"); The following tables show how the instruction works using specific values. Before processing In this example the following values are used for the input parameters: Parameter Operand Value IN Tag_Input 2.0 SAMPLE_T Tag_Input_SAMPLE_T 10 The following values are saved in the "LEAD_LAG_DB" instance data block of the instruction: Parameter Address Value LD_TIME DBD12 2.0 LG_TIME DBD16 2.0 GAIN DBD20 1.0 PREV_IN DBD24 6.0 PREV_OUT DBD28 6.0 After processing The following values are written to the output parameters after the instruction has been executed: Parameter Operand Value OUT Tag_Output_Result 2.0 The following values are saved in the instance data block "LEAD_LAD_DB" of the instruction: Parameter Operand Value PREV_IN DBD24 2.0 PREV_OUT DBD28 2.0 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) 3294 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SEG: Create bit pattern for seven-segment display (S7-1500) Description The "Create bit pattern for seven-segment display" instruction is used to convert each of the four hexadecimal digits of the specified source word (IN) into an equivalent bit pattern for a 7segment display. The result of the instruction is output in the double word on the OUT parameter. The following relation exists between the hexadecimal digits and the assignment of the 7 segments (a, b, c, d, e, f, g): Input digit (Binary) Assignment of the segments 0000 00111111 0 0001 00000110 1 0010 01011011 2 0011 01001111 3 0100 01100110 4 0101 01101101 5 0110 01111101 6 0111 00000111 7 1000 01111111 8 1001 01100111 9 1010 01110111 A 1011 01111100 B 1100 00111001 C 1101 01011110 D 1110 01111001 E 1111 01110001 F gfedcba Display Seven-segment display (Hexadecimal) D I E J H F G Syntax Use the following syntax for the "Create bit pattern for seven-segment display" instruction: SCL SEG(IN := <Operand>, OUT => <Operand>) WinCC Advanced V14 System Manual, 10/2016 3295 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "Create bit pattern for seven-segment display" instruction: Parameter Declaration Data type Memory area Description IN Input WORD I, Q, M, D, L, P Source word with four hexadecimal digits OUT Output DWORD I, Q, M, D, L, P Bit pattern for the seven-segment dis play Function value VOID Empty function val ue Example The following example shows how the instruction works: SCL SEG(IN := "Tag_Input", OUT => "Tag_Output"); The following table shows how the instruction works using specific operand values: Parameter Operand Value Hexadecimal Binary IN Tag_Input W#16#1234 0001 0010 0011 0100 OUT Tag_Output DW16#065B4F66 00000110 01011011 01001111 01100110 Display: 1234 See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) BCDCPL: Create tens complement (S7-1500) Description The "Create tens complement" instruction is used to create the tens complement of a sevendigit BCD number specified by the operand. This instruction uses the following mathematical formula to calculate: 10000000 (as BCD) - 7-digit BCD value ---------------------------------------- 3296 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tens complement (as BCD) Syntax The following syntax is used for the "Create tens complement" instruction: SCL BCDCPL(<Operand>) Parameter The following table shows the parameters of the "Create tens complement" instruction: Parameter Declaration Data type Memory area Description <Operand> Input Bit strings I, Q, M, D, L, P 7-digit BCD number DWORD I, Q, M, D, L, P Result of the in struction Function value For additional information on valid data types, refer to "See also". Example The following example shows how the instruction works: SCL "Tag_Result" := BCDCPL("Tag_Input"); The following table shows how the instruction functions using specific values: Operand Value* Tag_Input DW#16#01234567 Tag_Result DW#16#08765433 *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) BITSUM: Count number of set bits (S7-1500) Description The "Count number of set bits" instruction is used to count the number of bits of an operand that are set to the signal state "1". WinCC Advanced V14 System Manual, 10/2016 3297 Programming the PLC 11.4 Instructions Syntax The following syntax is used for the "Count number of set bits" instruction: SCL BITSUM(<Operand>) Parameter The following table shows the parameters of the "Count number of set bits" instruction: Parameter Declaration Data type Memory area Description <Operand> Input DWORD I, Q, M, D, L, P Operand whose set bits are counted INT I, Q, M, D, L, P Result of the in struction Function value Example The following example shows how the instruction works: SCL "Tag_Result" := BITSUM("Tag_Input"); The following table shows how the instruction functions using specific values: Operand Value* Tag_Input DW#16#12345678 Tag_Result W#16#000D (13 bits) *The error codes can be displayed as integer or hexadecimal value in the program editor. For informa tion on toggling display formats, refer to "See also". See also Overview of the valid data types (Page 2131) Basics of SCL (Page 4747) 3298 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 11.4.1.4 Extended instructions (S7-1200, S7-1500) Date and time-of-day (S7-1200, S7-1500) T_COMP: Compare time tags (S7-1500) Description This instruction is used to compare the contents of two tags of the "Timers" or "Date and time" data type. The instruction supports the comparison of the following data types: DATE, TIME, LTIME, TOD (TIME_OF_DAY), LTOD (LTIME_OF_DAY), DT (DATE_AND_TIME), LDT (DATE_AND_LTIME), DTL, S5Time. The data types must be the same length and format to carry out the comparison. The comparison result is output at the OUT parameter as a return value. For this purpose, the parameter OUT is set to "1" if the condition used for the comparison is satisfied. The following comparison options are available: Symbol Description EQ The return value has the signal state "1" if the time is the same at the parameters IN1 and IN2. NE The return value has the signal state "1" if the time at the parameter IN1 is not the same as that at the parameter IN2. GE The return value has the signal state "1" if the time at parameter IN1 is greater (more recent) than or equal to the time at parameter IN2 . LE The return value has the signal state "1" if the time at parameter IN1 is smaller (less recent) than or equal to the time at parameter IN2. GT The return value has the signal state "1" if the time at parameter IN1 is greater (more recent) than the time at parameter IN2. LT The return value has the signal state "1" if the time at parameter IN1 is smaller (older) than the time at parameter IN2 . Parameters The following table shows the parameters of the "T_COMP" instruction: Parameter Declaration Data type Memory area Description IN1 Input DATE, TIME, LTIME, TOD, LTOD, DT, LDT, DTL, S5Time I, Q, M, D, L, P or con stant First value to be compared. IN2 Input DATE, TIME, LTIME, TOD, LTOD, DT, LDT, DTL, S5Time I, Q, M, D, L, P or con stant Second value to be compared. OUT Output BOOL I, Q, M, D, L, P Return value You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3299 Programming the PLC 11.4 Instructions Example In the following example, you use the "Greater or equal" comparison option to compare two times with the LTIME data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the "GE" comparison option. Since the time of the first value to be compared ("timeValue1") is greater than or equal to the second value ("timeValue2"), the return value ("value1GEvalue2") shows the signal state "TRUE". You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3300 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions T_CONV: Convert times and extract (S7-1200, S7-1500) Description You use the instruction "T_CONV" to convert the data type of the IN input parameter to the data type that is output at the OUT output. You select the data formats for the conversion from the instruction boxes of the input and output. Parameters The following table shows the parameters of the instruction "T_CONV". If an input and output parameter of the same data type is used, the instruction copies the corresponding value. Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input Integers, TIME, date and time* WORD, inte I, Q, M, D, L, P or gers, timers, constant date and time* Value to be converted OUT Return Integers, TIME, date and time* WORD, inte I, Q, M, D, L, P gers, timers, date and time* Result of the conversion * The range of supported data types depends on the CPU. Please refer to the overviews of valid data types for information on the data types supported by the S7-1200 and S7-1500 modules. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you convert a time with the DATE AND TIME data type to a time with the LTIME OF DAY data type. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows and select the data types. WinCC Advanced V14 System Manual, 10/2016 3301 Programming the PLC 11.4 Instructions The value to be converted ("inputTime") is output at the output parameter as a new value ("returnTime"). The information for the date is lost. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) T_ADD: Add times (S7-1200, S7-1500) Description You use this instruction to add the time information in the IN1 input to the time information in the IN2 input. You can query the result in the OUToutput parameter. You can add the following formats: Addition of a time period to another time period. Example: Addition of a TIME data type to another TIME data type. Addition of a time period to a time. Example: Addition of a TIME data type to the DTL data type. 3302 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The data type for the value at input parameter IN1 and output parameter OUT is defined by the selection in the instruction boxes of the input and output. You can only specify time information in TIME format in the IN2 input parameter (for S7-1500 modules, also LTIME). Note Overflow/underflow The largest possible value of the OUT output parameter may be exceeded or the smallest possible value undershot during the calculation. Evaluate the enable output ENO to detect this. Parameters The following tables show the parameters of the "T_ADD" instruction, according to the possible conversions: Table 11-18 Addition of a time period to another time period Parameter Declaration Data type Memory area Description IN1 Input TIME TIME, LTIME I, Q, M, D, L, P or constant First number to be added IN2 Input TIME TIME, LTIME I, Q, M, D, L, P or constant Second number to be added OUT Return DINT, DWORD, TIME, TOD TIME, LTIME, I, Q, M, D, L, P Result of addition S7-1200 S7-1500 The data type selection depends on the data types selected for the IN1 and IN2 input parameters. Table 11-19 Addition of a time period to a time Parameter Declaration Data type S7-1200 IN1 Input DTL, TOD Memory area Description DT, TOD, LTOD, LDT, DTL I, Q, M, D, L, P or constant First number to be added I, Q, M, D, L, P or constant Second number to be added S7-1500 IN2 Input TIME TIME, LTIME OUT Return DINT, DWORD, TIME, TOD, UDINT, DTL DT, DTL, LDT, I, Q, M, D, L, P TOD, LTOD For LTIME at parameter IN2, only LTOD, LDT or DTL can be used. Result of addition The data type selection depends on the data types selected for the IN1 and IN2 input parameters. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3303 Programming the PLC 11.4 Instructions Example In the following example, you add a time duration with the TIME data type to a time of day with the TOD data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. You select the data types for time of day ("timeValTOD") and time period ("timeValTIME"). The time of day ("timeValTOD") and the time period ("timeValTIME") are added and the result is displayed as a time of day at output parameter OUT ("valueTimeResult"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3304 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions T_SUB: Subtract times (S7-1200, S7-1500) Description You use this instruction to subtract the time information in the IN2 input parameter from the time information in the IN1 input parameter. You can query the difference at the OUT output parameter. You can subtract the following formats: Subtraction of a time period from another time period Example: Subtraction of a time period of the data type TIME from another time period of the data type TIME. The result can be output to a tag with the TIME format. Subtraction of a time period from a time Example: Subtraction of a time period of the data type TIME from a time of the data type DTL. The result can be output to a tag with the DTL format. You decide the formats of the values in the IN1 input parameter and the OUT output parameter by selecting the data types for the input and output parameters of the instruction. Note Overflow/underflow The largest possible value of the OUT output parameter may be exceeded or the smallest possible value undershot during the calculation. Evaluate the enable output ENO to detect this. Parameters The following tables show the parameters of the "T_SUB" instruction, according to the possible conversions: Table 11-20 Subtraction of a time period from another time period Parameter Declaration S7-1200 S7-1500 IN1 Input TIME IN2 Input OUT Return WinCC Advanced V14 System Manual, 10/2016 Data type Memory area Description TIME, LTIME I, Q, M, D, L, P or constant Minuend TIME TIME, LTIME I, Q, M, D, L, P or constant Subtrahend DINT, DWORD, TIME, TOD, UDINT TIME, LTIME I, Q, M, D, L, P Result of subtraction 3305 Programming the PLC 11.4 Instructions Table 11-21 Subtraction of a time period from a time Parameter IN1 Declaration Input Data type Memory area Description TOD, LTOD, DTL, DT, LDT I, Q, M, D, L, P or constant Minuend S7-1200 S7-1500 DTL, TOD For LTIME at parameter IN2, only LTOD, LDT or DTL are used. IN2 Input TIME TIME, LTIME I, Q, M, D, L, P or constant Subtrahend OUT Return DTL, DINT, DWORD, TIME, TOD, UDINT TOD, LTOD, DTL, DT, LDT I, Q, M, D, L, P Result of subtraction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you subtract a time period with the TIME data type from a time of day with the TOD data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. You select the data type for the time of day ("value1TOD") and the data type for the time period ("value2Time"). The time of day ("value1TOD") and the time period ("value2Time") are subtracted and the result is displayed as a time of day at output parameter OUT ("value1MINvalue2"). 3306 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). T_DIFF: Time difference (S7-1200, S7-1500) Description You use this instruction to subtract the time information in the IN2 input parameter from the time information in the IN1 input parameter. The result is sent at output parameter OUT. If the time information at the IN2 input parameter is greater than the time information at the IN1 input parameter, the result is output as a negative value at the OUT output parameter. If the result of the subtraction is outside the TIME number range, the enable output ENO is = "0". Depending on the data types used, you get either a truncated result or "0" (0:00). - If you select the minuend and subtrahend parameters of the DTL data type, the result has the TIME data type. It may not be greater than 24 days, otherwise the enable output ENO = "0" and the result is "0". - If you select the minuend and subtrahend parameters of the LDT data type, this restriction is avoided. Parameters The following table shows the parameters of the "T_DIFF" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN1 Input DTL, DATE, TOD DTL, DATE, DT, TOD, LTOD, LDT I, Q, M, D, L, P or constant Minuend IN2 Input DTL, DATE, TOD DTL, DATE, DT, TOD, LTOD, LDT I, Q, M, D, L, P or constant Subtrahend OUT Return TIME, INT TIME, LTIME, INT I, Q, M, D, L, P Difference of input parameters WinCC Advanced V14 System Manual, 10/2016 3307 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Use of the "T_DIFF instruction in SCL In SCL, the data type TIME is preset for the OUT parameter (see also: Basic information on the data types of SCL instructions (Page 4781) If you want to use the data type INT for OUT, you need to extend the instruction name T_DIFF by adding "_INT" (see also: Changing the data type of an SCL instruction (Page 4782)). Example In the following example, you calculate the difference between two times of day with the TOD data type. You specify the difference in the "TIME" data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows and select the data types. With the first selection option, you specify the data type of the points in time. With the second selection option, you specify the data type of the difference. The first time of day ("todvalue1") and the second time of day ("todvalue2") are subtracted and the difference is displayed as a time period at output parameter OUT ("timevalueDIFF"). 3308 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) T_COMBINE: Combine times (S7-1200, S7-1500) Description The instruction combines the value of a date with the value of a time, resulting in a combined date and time value. The date is output at the input parameter IN1. Use a value between DATE and 1990-01-01 for the data type 2089-12-31 (this is not checked). The time is input at the IN2 input value (TOD/LTOD data type). The combined data type for the date and time value is output at the OUT output value. Parameters The following table shows the parameters of the "T_COMBINE" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 Description IN1 Input DATE DATE I, Q, M, D, L, P or con Input tag of the date stant IN2 Input TOD TOD, LTOD I, Q, M, D, L, P or con Input tag of the time stant OUT Return DTL DT, DTL, LDT I, Q, M, D, L, P Return value of the date and time You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Use of T_COMBINE in SCL programs When you drag the instruction "T_COMBINE" from the "Instructions" task card to the SCL programming window, the internal instruction CONCAT_DATE_TOD or CONCAT_DATE_LTOD is displayed there. WinCC Advanced V14 System Manual, 10/2016 3309 Programming the PLC 11.4 Instructions Example In the following example, you combine a time of day with the TOD data type and a date with the DATE data type. You specify the return value in the DT data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows and select the data types. With the first selection option, you specify the data type of the time of day ("valueTOD"). With the second selection option, you specify the data type of the return value ("combTIME"). The date ("valueDATE") is expanded by the specification of the time of day ("valueTOD") and the return value is displayed at output parameter OUT ("combTIME"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3310 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Time-of-day functions (S7-1200, S7-1500) WR_SYS_T: Set time-of-day (S7-1200, S7-1500) Description You use this instruction to set the date and time-of-day (module time) of the CPU clock. Enter the date and time-of-day at the input parameter IN . The value must be in the following range: With DT: min. DT#1990-01-01-0:0:0, max. DT#2089-12-31-23:59:59.999 With LDT: min. LDT#1970-01-01-0:0:0.000000000, max. LDT#2200-12-31-23:59:59.999999999 With DTL: min. DTL#1970-01-01-00:00:00.0, max. DTL#2200-12-31-23:59:59.999999999 You can query whether errors have occurred during execution of the instruction in the RET_VAL output parameter. The "WR_SYS_T" instruction is not used to pass information about the local time zone or daylight saving time. Note Module time of CPU clock The CPU clock interprets the module time as the coordinated universal time (UTC). Accordingly, the module time is always stored without the factors "local time zone" or "summer time" in the CPU clock. The CPU clock then calculates the local time of the CPU clock based on the module time. The module time of the CPU clock is used as template for all time processes starting from the CPU. Examples of use: Calculation of local time of CPU clock based on module time Representation of the module time in local time under "Online & Diagnostics" Block properties Entries in the diagnostics buffer of the CPU Parameter The following table shows the parameters of the "WR_SYS_T" instruction: Parameter Declaration Data type Memory area S7-1200 S7-1500 Description IN Input DTL DT **, DTL, LDT I, Q, M, D, L, P or constant * Date and time RET_VAL Return INT INT Status of the instruction I, Q, M, D, L, P * The data types DT and DTL are not used for the following memory areas: input, output and bit memory. ** When using the data type DT the milliseconds are not transferred to the CPU. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3311 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Description (W#16#....) 0000 No error 8080 Error in date 8081 Error in time 8082** Invalid value specified for the month (byte 2 in DTL format). 8083** Invalid value specified for the day (byte 3 in DTL format). 8084** Invalid value specified for the hour (byte 5 in DTL format). 8085** Invalid value specified for the minute (byte 6 in DTL format). 8086** Invalid value specified for the second (byte 7 in DTL format). 8087** Invalid value specified for the nanosecond (bytes 8 to 11 in DTL format). 80B0 The real-time clock has failed * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". ** Only if the date and time are specified at the parameter IN in DTL format Example In the following example, you set the date and time of the CPU clock. The data type used is DATE AND TIME. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the DATE AND TIME data type. If the normally open contact ("execute") supplies the signal state "TRUE", the "WR_SYS_T" instruction is executed. The module time of the CPU clock is overwritten with the time to be set ("inputTIME"). The output parameter RET_VAL ("returnValueT") indicates that processing took place without errors. 3312 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can establish whether the new module time ("inputTIME") has been correctly received by the CPU clock as follows: Using the display of an S7-1500 CPU: Navigate on the CPU display to "Settings > Date & Time > General". Using TIA Portal: Read out the module time of the CPU clock using the "RD_SYS_T (Page 3313)" instruction. Using TIA Portal: Navigate to the "Online & Diagnostics" entry of the CPU, and open the "Functions > Set time of day" tab. The Coordinated Universal Time (UTC) is set for the module time of the CPU clock. Central European Time is set as local time in the TIA Portal in this example. Accordingly, an hour is added to the time to be set ("inputTIME") in the "Online & Diagnostics" entry in the TIA Portal. Another hour is added when daylight saving time is used. The calculated local time is output in 12-hour clock format. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) RD_SYS_T: Read time-of-day (S7-1200, S7-1500) Description You use this instruction to read the current date and current time-of-day (module time) of the CPU clock. WinCC Advanced V14 System Manual, 10/2016 3313 Programming the PLC 11.4 Instructions The read dates are output at the OUT output parameter of the instruction. The provided value does not include information about the local time zone or daylight saving time. Note Module time of CPU clock The CPU clock interprets the module time as the coordinated universal time (UTC). Accordingly, the module time is always stored without the factors "local time zone" or "summer time" in the CPU clock. The CPU clock then calculates the local time of the CPU clock based on the module time. The module time of the CPU clock is used as template for all time processes starting from the CPU. Examples of use: Calculation of local time of CPU clock based on module time Representation of the module time in local time under "Online & Diagnostics" Block properties Entries in the diagnostics buffer of the CPU You can query whether errors have occurred during execution of the instruction in the RET_VALoutput. Parameters The following table shows the parameters of the "RD_SYS_T" instruction: Parameter Declaration Data type Memory area Description S7-1200 S7-1500 RET_VAL Return INT INT I, Q, M, D, L, P Status of the instruction OUT Output DTL DT, DTL, LDT I, Q, M, D, L, P * Date and time of CPU * The data types DT and DTL cannot be used for the memory areas: input, output and bit memory. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0000 No error 8081 Time value specified at the OUT parameter is outside the valid value range: With DT: min. DT#1990-01-01-0:0:0, max. DT#2089-12-31-23:59:59.999 With LDT: min. LDT#1970-01-01-0:0:0.000000000, max. LDT#2262-04-11-23:47:16.854775807 With DTL: min. DTL#1970-01-01-00:00:00.0, max. DTL#2262-04-11-23:47:16.854775807 * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". 3314 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example, you read out the module time of the CPU clock. The data type used is DATE AND TIME. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the DATE AND TIME data type. The module time of the CPU clock is read out and displayed at output parameter OUT ("outputTIME"). The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) RD_LOC_T: Read local time (S7-1200, S7-1500) Description You use this instruction to read the current local time from the CPU clock and output this at the OUT output. Information on the time zone and the start of daylight saving time and standard time, which you have set in the configuration of the CPU clock, is used to output the local time. WinCC Advanced V14 System Manual, 10/2016 3315 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RD_LOC_T" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description RET_VAL Return INT INT I, Q, M, D, L, P Status of the instruction OUT Output DTL DT, LDT, DTL I, Q, M, D, L, P * Local time * The data types DT and DTL cannot be used for the memory areas: input, output and bit memory. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0000 No error 0001 No error. Local time is output as daylight saving time. 8080 Local time cannot be read. 8081 Time value specified at the OUT parameter is outside the valid value range: With DT: min. DT#1990-01-01-0:0:0, max. DT#2089-12-31-23:59:59.999 With LDT: min. LDT#1970-01-01-0:0:0.000000000, max. LDT#2262-04-11-23:47:16.854775807 With DTL: min. DTL#1970-01-01-00:00:00.0, max. DTL#2262-04-11-23:47:16.854775807 * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Example In the following example, you read out the local time of the CPU clock. The data type used is DATE AND TIME. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the DATE AND TIME data type. 3316 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The local time of the CPU clock is read out and displayed at output parameter OUT ("outputLocTIME"). Output parameter RET_VAL ("returnValue") indicates that processing took place without errors and the local time is output as daylight saving time with this call. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WR_LOC_T: Write local time (S7-1200, S7-1500) Description The instruction "WR_LOC_T" is used to set the date and time of the CPU clock. Enter the date and time-of-day as local time at the input parameter LOCTIME. The value must be in the following range: With DTL: min. DTL#1970-01-01-00:00:00.0, max. DTL#2200-12-31 23:59:59.999999999 With LDT: min. LDT#1970-01-01-0:0:0.000000000, max. LDT#2200-12-31 23:59:59.999999999 The granularity of the time information for local time and system time is product-specific and is at least one millisecond. Input values at the LOCTIME parameter which are less than those supported by the CPU are rounded up during system time calculation. You can query whether errors have occurred during execution of the instruction in the RET_VAL output parameter. WinCC Advanced V14 System Manual, 10/2016 3317 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "WR_LOC_T" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description Local time LOCTIME Input DTL DTL, LDT I, Q, M, D, L, P or constant * DST Input BOOL BOOL I, Q, M, D, L, P, T, C or constant Daylight Saving Time Is only evaluated during the "double hour" at changeover to standard time. TRUE = daylight saving time (first hour) FALSE = standard time (second hour) RET_VAL Return INT INT I, Q, M, D, L, P Error message (see "RET_VAL pa rameter") * The data type DTL cannot be used for the memory areas: input, output and bit memory. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter DST (Daylight Saving Time) The parameter DST is evaluated only during the changeover from daylight saving to standard time: Use of DST during changeover from daylight saving to standard time The clock is set back by (1) one hour at 3 a.m. This means there are two hours between 02:00:00:000000000 AM and 02:59:59:999999999 AM. For all times for LOCTIME that are between 02:00:00:000000000 AM and 02:59:59:999999999 AM, you therefore need to declare whether the time is before or after the time changeover. The DST parameter is used for this: - With DST=TRUE, the time is in the first of the two hours, i.e. still in daylight saving time. - With DST=FALSE, the time is in the second of the two hours, i.e. in standard time. For all times for LOCTIME that are outside the double hour, DST is irrelevant. Changeover from standard to daylight saving time The parameter DST is not relevant for the changeover from standard to daylight saving time. The clock is set forward by (1) one hour at 2 a.m. This means there is no hour between 02:00:00:000000000 AM and 02:59:59:999999999 AM. If you specify a time within this hour at LOCTIME, the error code W#16#8089 is output. The description here assumes Central European Time (CET). The changeover time for CET is 2:00 AM (start of daylight saving), or 3:00 AM (end of daylight saving). Different changeover times may apply correspondingly to other time zones. (1) 3318 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Description (W#16#....) 0000 No error. 8080 The LOCTIME parameter has an invalid value. 8081 Time value specified at the LOCTIME parameter is outside the valid value range: With DTL: min. DTL#1970-01-01-00:00:00.0, max. DTL#2200-12-31 23:59:59.999999999 With LDT: min. LDT#1970-1-1-0:0:0.000000000, max. LDT#2200-12-31 23:59:59.999999999 8082** Invalid value specified for the month (byte 2 in DTL format). 8083** Invalid value specified for the day (byte 3 in DTL format). 8084** Invalid value specified for the hour (byte 5 in DTL format). 8085** Invalid value specified for the minute (byte 6 in format DTL). 8086** Invalid value specified for the second (byte 7 in DTL format). 8087** Invalid value specified for the nanosecond (byte 8 to 11 in DTL format). 8089 Time value does not exist (hour already passed upon changeover to daylight saving time). 80B0 The real-time clock has failed. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". ** Only for local time information at the LOCTIME parameter in DTL format. Example In the following example, you set the local time of the CPU clock. The data type used is DTL. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the DTL data type. WinCC Advanced V14 System Manual, 10/2016 3319 Programming the PLC 11.4 Instructions If the normally open contact ("execute") supplies the signal state "TRUE", the "WR_LOC_T" instruction is executed. The local time of the CPU clock is overwritten with the time to be set ("inputLocTIME"). The output parameter RET_VAL ("returnValue") indicates that the process took place without errors. Input parameter DST ("dstValue") specifies that the time information refers to standard time. This parameter is only relevant for the "double hour" (see description "Parameter DST"). You can establish whether the new local time ("inputLocTIME") has been correctly received by the CPU clock as follows: Using the display of an S7-1500 CPU: Navigate on the CPU display to "Settings > Date & Time > General". Using TIA Portal: Read out the local time of the CPU clock using the "RD_LOC_T (Page 3315)" instruction. Using TIA Portal: Navigate to the "Online & Diagnostics" entry of the CPU, and open the "Functions > Set time of day" tab. The local time is output in a 12-hour clock format. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) SET_TIMEZONE: Set time zone (S7-1200, S7-1500) Description Use the instruction "SET_TIMEZONE" to set the parameter for the local time zone and the daylight saving / standard time changeover. The settings which are carried out with the instruction "SET_TIMEZONE" correspond with the settings for the time-of-day in the properties of the CPU. Define the corresponding parameters in the system data type TimeTransformationRule for execution of the instruction "SET_TIMEZONE". 3320 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The local time is calculated based on the system time using the settings for the time zone and the daylight saving / standard time changeover. The system time of the CPU is the UTC time. The system time is used exclusively for communication within the system. Note Calling the "SET_TIMEZONE" instruction The instruction "SET_TIMEZONE" writes data internally to the load memory of the CPU. Accordingly, the change in time zone also applies after a power failure. Calling the instruction again is unnecessary. Call the instruction once every time the time zone has to be changed. For example, it is advisable to call "SET_TIMEZONE" in a startup OB. Note Use with CPUs of the S7-1500 series The "SET_TIMEZONE" instruction can only be used with a CPU of the S7-1500 series starting from firmware version V1.7. Parameters The following table shows the parameters of the "SET_TIMEZONE" instruction: Parameter Declaration Data type Memory area REQ Input BOOL I, Q, M, D, L, P or con Setting of parameters that are stored at pa stant rameter TimeZone. TimeZone Input TimeTransformation D, L Rule You interconnect the TimeTransformation Rule system data type (see below) at pa rameter TimeZone. DONE Output BOOL Status parameter: I, Q, M, D, L, P Description 0: Job not yet started or still in progress 1: Job completed without error BUSY Output BOOL I, Q, M, D, L, P Status parameter: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started. ERROR Output BOOL I, Q, M, D, L, P Status parameter: 0: No error 1: Error occurred STATUS Output WinCC Advanced V14 System Manual, 10/2016 WORD I, Q, M, D, L, P Detailed error and status information is out put at the parameter STATUS. The param eter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. 3321 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter TimeZone You store the parameters for the local time zone and the daylight saving/standard time changeover in the TimeTransformationRule system data type You create the TimeTransformationRule by entering TimeTransformationRule as the data type in a data block or the local interface of a function block. 3322 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The structure of the TimeTransformationRule is as follows: Name Data type Description TimeTransformationRule STRUCT WinCC Advanced V14 System Manual, 10/2016 3323 Programming the PLC 11.4 Instructions Name Bias Data type Description INT Time difference between the local time and the system time (UTC) in minutes. The value must be between -720 and +780 minutes (-12 to +13 hours). The value (UTC -12 to +13 hours) corresponds to the time zones that you specify in the properties of the CPU. DaylightBias INT Time difference between standard and daylight saving time in minutes. The value must be between 0 and 120 minutes. The value "0" deactivates the changeover between daylight saving time and standard time. The values for "DaylightStart..." and "StandardStart..." are set to "0". Only the value of Bias is evaluated (time difference local time/ system time). If the value is not "0", all tags of the TimeTransformationRule structure are evaluated. If an entry is invalid, error code 808F is output at parameter STATUS. Specification of the time of day for changeover to daylight saving time. The following times always refer to the local time. DaylightStartMonth USINT Month in which change is made to daylight saving time: 1 = January 2 = February 3 = March ... 12 = December DaylightStartWeek USINT Week in which change is made to daylight saving time. 1 = First occurrence of the weekday in the month ... 5 = Last occurrence of the weekday in the month DaylightStartWeek day USINT Weekday on which change is made to daylight saving time: 1 = Sunday ... 7 = Saturday DaylightStartHour USINT Hour in which change is made to daylight saving time DaylightStartMinute USINT Minute in which change is made to daylight saving time Specification of the time of day for changeover to standard time. The following times always refer to the local time. StandardStartMonth USINT Month in which change is made to standard time: 1 = January 2 = February 3 = March ... 12 = December StandardStartWeek USINT Week in which change is made to standard time: 1 = First occurrence of the weekday in the month ... 3324 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name Data type Description 5 = Last occurrence of the weekday in the month StandardStartWeek day USINT Weekday on which change is made to standard time: 1 = Sunday ... 7 = Saturday StandardStartHour USINT Hour in which change is made to standard time StandardStartMinute USINT Minute in which change is made to standard time TimeZoneName STRING[8 0] Not used: The configured character string is ignored and not written to the CPU-internal data. Parameter STATUS Error code* Description (W#16#....) 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 808F The structure, content or data types of the TimeTransformationRule at the TimeZone parameter are invalid or inconsistent. 80C3 Temporary resource error: The CPU is currently processing the maximum possible number of simultane ous block calls. "SET_TIMEZONE" cannot be executed until at least one of the block calls is finished. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Example In the following example, you set the parameters for the local time zone and the daylight saving/ standard time changeover. You are advised to call the example in a startup OB. Create the following for storing the data in a global data block: The "timezone" structure (with the TimeTransformationRule data type) and five additional tags. Note If you want to call the example in a startup OB: Set the start value of the tag "execute" to "TRUE". WinCC Advanced V14 System Manual, 10/2016 3325 Programming the PLC 11.4 Instructions Create a local tag for the interconnection of the output parameter DONE. Network 1: Interconnect the parameters of the "SET_TIMEZONE" instruction as follows. Also, create the following additional interconnections: Network 2: In case of error, you save the status in the "memErrStatus" tag. 3326 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 3: After successful processing, have the input parameter REQ ("execute") automatically reset as follows. Network 4: To ensure that the instruction "SET_TIMEZONE" is fully processed when called in a startup OB, use the instructions JMP (in network 4) and Label (see network 1). Note If you want to call the example in a startup OB, the CPU for processing the example must be in startup. Set the CPU to STOP mode before you load the example to the CPU. Then set the CPU to RUN mode. If the input parameter REQ ("execute) returns the signal state "TRUE", the data for the time zone of the CPU clock is overwritten by the data to be set ("timezone"). That also means that: Output parameter BUSY ("modeBUSY") goes to signal state "TRUE". After processing, output parameter BUSY shows the value "FALSE" and output parameter DONE ("#statDone") shows the value "TRUE". The success status is saved to the "modeDONE" tag. The output parameter STATUS ("statusTime") indicates how processing is running*. (*The job processing begins (value "7001") and the instruction is then shown as already active (value "7002").) The output parameter ERROR ("modeERROR") indicates that processing is running without errors (signal state is "FALSE"). WinCC Advanced V14 System Manual, 10/2016 3327 Programming the PLC 11.4 Instructions Note: The "SET_TIMEZONE" instruction is level-triggered. The instruction is executed only when the input parameter REQ ("execute") returns the signal state "TRUE". After successful processing of SET_TIMEZONE ("modeDONE" is "TRUE"), the input parameter REQ ("execute") is automatically reset to the value "FALSE". The value "16#7002" is queried for "statusTime" for this purpose. After the reset, the status value "16#7000" is output. 3328 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can establish whether the data to be set ("timezone") has been correctly received by the CPU clock as follows: Using the display of an S7-1500 CPU: Navigate on the CPU display to "Settings > Date & Time > Daylight Saving Time". Using TIA Portal: Read out the local time of the CPU clock using the "RD_LOC_T (Page 3315)" instruction. Using TIA Portal: Read out the module time of the CPU clock using the "RD_SYS_T (Page 3313)" instruction. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) SNC_RTCB: Synchronize slave clocks (S7-1500) Definition: Synchronization of slave clocks The synchronization of clock slaves refers to the transfer of the date and time-of-day from the clock master of a bus segment to all clock slaves of this bus segment. Description You use this instruction to synchronize all slave clocks present locally on the CPU or locally on a bus segment independent of the set synchronization interval (the external interface of a CP or CM belongs to a different bus segment). Successful synchronization is only possible if "SNC_RTCB" is called on a CPU whose real-time clock was assigned as the master clock for at least one bus segment. Parameters The following table shows the parameters of the "SNC_RTCB" instruction: Parameter Declaration Data type Memory area Description RET_VAL Output INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred during synchronization. 0001 The existing clock was not assigned the master clock function for any of the bus segments. WinCC Advanced V14 System Manual, 10/2016 3329 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". TIME_TCK: Read system time (S7-1500) Description With the "TIME_TCK" instruction, you read the system time of the CPU. The system time is a time counter that counts from 0 to a maximum of 2147483647 ms. In case of an overflow, the system time is counted again starting with "0". The time scale and the accuracy of the system time is 1 ms. The system time is only influenced by the operating modes of the CPU. You can use the system time, for example, to measure the duration of processes by comparing the results of two "TIME_TCK" calls. The instruction does not provide any error information. The following table provides an overview of how the system time changes depending on the operating modes of the CPU. Operating mode System time ... Startup ... is constantly updated. RUN STOP ... is stopped and retains the current value. Warm restart ... is deleted and restarts with "0". Parameters The following table shows the parameters of the "TIME_TCK" instruction: Parameter Declaration Data type Memory area Description RET_VAL Return TIME I, Q, M, D, L The RET_VAL parameter contains the read system time in the range from 0 to 231 -1 ms. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you read out the system time of the CPU. You specify the return value in the TIME data type. Create one tag for storing the data in a global data block. 3330 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows. The system time of the CPU is read out and displayed at output parameter RET_VAL ("outputCPUtimer"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) RTM: Runtime meters (S7-1200, S7-1500) Description You can use this instruction to set, start, stop, and read out a 32-bit operating hours counter of your CPU. Ensure that the operating hours counter can also be stopped or restarted during execution of the user program, which may render the saved values incorrect. WinCC Advanced V14 System Manual, 10/2016 3331 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RTM" instruction: Parameter Declaration Data type Memory area Description NR Input RTM I, Q, M, D, L or con stant Number of the operating hours counter Numbering starts with 0. For information on the number of operating hours counters of your CPU, refer to the technical spec ifications. MODE Input BYTE I, Q, M, D, L or con stant Job ID: 0: Read out (the status is then written to CQ and the current value to CV). After the operating hours counter has reached (2^31) - 1 hours, it stops at the highest value that can be displayed and outputs an "Overflow" error message. 1: start (at the last counter value) 2: stop 4: set to the value specified in the parameter PV 5: set to the value specified in the parameter PV and start 6: set to the value specified in the parameter PV and stop PV Input DINT I, Q, M, D, L or con stant New value for the operating hours counter RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. CQ Output BOOL I, Q, M, D, L Status of the operating hours counter (1: running) CV Output DINT I, Q, M, D, L Current value of the operating hours counter You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code Explanation (W#16#...) 0000 No error 8080 Wrong number for the operating hours counter 8081 A negative value was passed to the PV parameter. 8082 Overflow of the operating hours counter 8091 The MODE input parameter contains an invalid value. General error in See also: Evaluating errors with GET_ERR_ID (Page 3251) formation 3332 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example, you set the operating hours counter of the CPU and read out the value after an hour. Create six tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. At input parameter NR, specify the number of the operating hours counter of the CPU. If the normally open contact ("execute") supplies the signal state "TRUE", the "RTM" instruction is executed. The operating hours counter of the CPU is set to the value to be set ("in_processValue") and started. After the start of the operating hours counter, set the value of input parameter MODE ("comandMODE") to "0". (To do so, click the parameter and select "Modify operand > Set to 0".) As a result, the "RTM" instruction only reads the current value ("currentValue") of the operating hours counter without changing it. Output parameter CQ ("statusRTM") indicates after the start of the operating hours counter that the operating hours counter is running (value is "TRUE"). The output parameter RET_VAL ("returnValue") indicates that processing is running without errors. WinCC Advanced V14 System Manual, 10/2016 3333 Programming the PLC 11.4 Instructions After an hour, output parameter CV ("currentValue") indicates the value "6". You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) String + Char (S7-1200, S7-1500) S_MOVE: Move character string (S7-1200, S7-1500) Description You can use this instruction to write the content of a character string (W)STRING from parameter IN to the data area that you specify at parameter OUT. To copy tags of data type ARRAY, use the "MOVE_BLK" and "UMOVE_BLK" instructions. 3334 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "S_MOVE" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Source string OUT Output STRING, WSTRING D, L Destination string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you copy the content of a character string from input parameter IN to another character string at output parameter OUT. The data type used is STRING. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The result of the character string to be copied ("stringValueIN") is output at output parameter OUT ("stringValueOUT"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3335 Programming the PLC 11.4 Instructions S_COMP: Compare character strings (S7-1500) Description The instruction compares the contents of two tags in the (W)STRING format and outputs the result of the comparison as a return value. The tags that are to be compared will be interconnected at the IN1 and IN2 inputs. You can only assign a symbolically defined tag for the input parameters. Use the instruction box to select the comparison condition. If the comparison condition (for example, greater than or equal to) is satisfied, the signal state is set to "1" at the output parameter OUT . Select one of the following comparison conditions: Symbol Description EQ The return value has the signal state "1" if the string at the parameter IN1 is equal to the string at the parameter IN2 . NE The return value has the signal state "1" if the string at the parameter IN1 is not equal to the string at the parameter IN2 . GT (1) The return value has the signal state "1" if the string at the parameter IN1 is greater than the string at the parameter IN2 . LT (1) The return value has the signal state "1" if the string at the parameter IN1 is less than the string at the parameter IN2 . GE (1) The return value has the signal state "1" if the string at the parameter IN1 is greater than or equal to the string at the parameter IN2 . LE (1) The return value has the signal state "1" if the string at the parameter IN1 is less than or equal to the string at the parameter IN2 . (1) The characters are compared by their ASCII code (for example, 'a' is greater than 'A'), starting from the left. The first character to be different decides the result of the comparison. If the left part of the longer string is identical to the shorter string, the longer string is considered greater. Parameters The following table shows the parameters of the "S_COMP" instruction: Parameter Declaration Data type Memory area Description IN1 Input STRING, WSTRING* D, L or constant Input tag in the STRING / WSTRING format. IN2 Input STRING, WSTRING* D, L or constant Input tag in the STRING / WSTRING format. OUT Output BOOL I, Q, M, D, L Result of comparison * Define the maximum length of the character string if you use the data type STRING / WSTRING in the interface declaration for a temporary tag (you will find further information in the description of the data type). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3336 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example, you use the "Equal" comparison option to compare two character strings with the "STRING" data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the STRING data type and the EQ comparison option. Since the value of the first character string to be compared ("stringvalue1") is equal to the second character string ("stringvalue2"), the comparison result ("svalue1EQsvalue2") shows the signal state "TRUE". You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3337 Programming the PLC 11.4 Instructions S_CONV: Convert character string (S7-1200, S7-1500) Description You use this instruction to convert the value at the IN input to the data format you have specified in the OUT output. You decide the output format of the conversion by selecting a data type for the OUT output parameter. The following conversions are possible: Conversion of a string Conversion of a numerical value or character to a string Conversion of a character to a character Note Explicit conversions You can find more information on explicit conversions here: For an S7-1200-CPU: Explicit conversions (Page 2354) For an S7-1500-CPU: Explicit conversions (Page 2249) Conversion of a string To a numerical value (integer or floating point): The conversion is performed for all characters of the character string specified in the IN input parameter. Permitted characters are the digits "0" to "9", the decimal point, and the plus and minus signs. The first character of the string may be a valid number or a sign. Leading spaces and exponential notations are ignored. To a character: When a character string is converted to a character, the first character of the character string is transferred to parameter OUT. To a string Conversion of a numerical value or character to a string You decide the format of the numeric value to be converted by selecting a data type for the IN input. Specify a valid tag of the OUT data type at the (W)STRING output. The length of the character string after conversion depends on the value at the IN input. The conversion result is saved as a string starting at the third byte. The first byte of the string records the maximum length and the second byte the actual length of the character string. Positive numeric value are output without a sign. If the numeric value 0, which exists as an INT or UINT data type, is converted to a string (e.g. INT_TO_STRING(0)), the string in the result has a length of 6 characters. 3338 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When a numeric value is converted to a string, the first characters of the string are padded with spaces. The number of spaces depends on the length of the numerical value. Note STL/SCL-specific information When a numerical value is converted to a string, the first characters of the string are not padded with spaces. If you want the first character of the string to be padded with spaces, use the "VAL_STRG" instruction. When a (W)CHAR character is converted, the character is written at the first position of the character string. Note Exponential notation during conversion from floating-point numbers Do not use exponential notation ("e" or "E") for the conversion from floating-point numbers with the instruction "S_CONV". Instead, use the "STRG_VAL" instruction for the conversion of floating-point numbers with exponential notation. Select the input format of the exponential notation via the FORMAT parameter of the instruction. Parameters The following tables show the parameters of the "S_CONV" instruction, according to the possible conversions: Table 11-22 Parameters for converting a character string to a numeric value: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Value to be converted OUT Output CHAR, WCHAR, USINT, UINT, UDINT, ULINT, SINT, INT, DINT, LINT, REAL, LREAL I, Q, M, D, L Result of the conversion Table 11-23 Parameters for converting a character string to a character string: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Value to be converted OUT Output STRING, WSTRING D, L Result of the conversion (possible con versions: STRING to WSTRING and vice-versa) WinCC Advanced V14 System Manual, 10/2016 3339 Programming the PLC 11.4 Instructions Table 11-24 Parameters for converting a numerical value or character to a character string: Parameter Declaration Data type Memory area Description IN Input CHAR, WCHAR, USINT, UINT, UDINT, ULINT, SINT, INT, DINT, LINT, REAL, LREAL I, Q, M, D, L or constant Value to be converted OUT Output STRING, WSTRING D, L Result of the conversion Table 11-25 Parameters for converting a character to a character: Parameter Declaration Data type Memory area Description IN Input CHAR, WCHAR I, Q, M, D, L or constant Value to be converted OUT Output CHAR, WCHAR I, Q, M, D, L Result of the conversion (possible con versions: CHAR to WCHAR and viceversa) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, convert a number with the INT data type to a character string with the STRING data type. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. In doing so, select the data types. With the first selection option, you specify the data type of the value to be converted ("inputValueNBR"). With the second selection option, you specify the data type of the character string to be generated ("resultSTRING"). 3340 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The value to be converted ("inputValueNBR") is converted to the output format. Blank spaces are written to the empty places at the start of the character string. The result of the conversion is output at output parameter OUT ("resultSTRING") as a string. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) See also STRG_VAL: Convert character string to numerical value (Page 3341) STRG_VAL: Convert character string to numerical value (S7-1200, S7-1500) Description The "STRG_VAL" instruction converts a character string to an integer or a floating-point number: You specify the character string to be converted in the IN input parameter. You define the format of the output value by selecting a data type for the OUT output parameter. Permitted characters for the conversion are the digits "0" to "9", the decimal point, the decimal comma, notations "E" and "e", and the plus and minus characters. The conversion is canceled if a invalid character is found. WinCC Advanced V14 System Manual, 10/2016 3341 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "STRG_VAL" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input STRING, WSTRING STRING, WSTRING D, L or constant Number string to be conver ted FORMAT Input WORD WORD I, Q, M, D, L, P or constant Output format of the charac ters P Input UINT UINT I, Q, M, D, L, P or constant Reference to the first charac ter to be converted (first char acter = 1, the value "0" or a value > length of the string is invalid) OUT Output USINT, SINT, UINT, INT, UDINT, DINT, REAL, LREAL USINT, SINT, I, Q, M, D, L, P UINT, INT, UDINT, DINT, ULINT, LINT, RE AL, LREAL Result of the conversion You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter FORMAT You use the FORMAT parameter to specify how the characters of a character string are to be interpreted. Exponential values are also converted and represented with the "STRG_VAL" instruction. The following table shows the possible values of the FORMAT parameter and their meaning: Value Notation Decimal representation Decimal fraction "." (W#16#....) 0000 0001 0002 "," Exponential 0003 0004 to FFFF "." "," Invalid values Parameter P The conversion starts at the character whose position you specified in the P parameter. If, for example, the value "1" is specified in the P parameter, the conversion starts at the first character of the specified character string. 3342 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example The following table shows examples of the conversion of a character string to a numeric value: IN (STRING) FORMAT (W#16#....) OUT (data type) OUT (value) ENO status '123' 0000 INT/DINT 123 1 '-00456' 0000 INT/DINT -456 1 '123.45' 0000 INT/DINT 123 1 '+2345' 0000 INT/DINT 2345 1 '00123AB' 0000 INT/DINT 123 1 '123' 0000 REAL 123.0 1 '-00456' 0001 REAL -456.0 1 '+00456' 0001 REAL 456.0 1 '123.45' 0000 REAL 123.45 1 '123.45' 0001 REAL 12345.0 1 '123,45' 0000 REAL 12345.0 1 '123,45' 0001 REAL 123.45 1 '.00123AB' 0001 REAL 123.0 1 '1.23e-4' 0000 REAL 1.23 1 '1.23E-4' 0000 REAL 1.23 1 '1.23E-4' 0002 REAL 1.23E-4 1 '12,345.67' 0000 REAL 12345.67 1 '12,345.67' 0001 REAL 12.345 1 '3.4e39' 0002 REAL W#16#7F800000 1 '-3.4e39' 0002 REAL W#16#FF800000 1 '1.1754943e-38' 0002 REAL 0.0 1 '12345' -/- SINT 0 0 'A123' -/- -/- 0 0 '' -/- -/- 0 0 '++123' -/- -/- 0 0 '+-123' -/- -/- 0 0 Example In the following example, you convert a number string with the STRING data type to a floatingpoint number with the REAL data type. The result will have a length of 32 bits and may have a sign due to the REAL data type. Create four tags in a global data block for storing the data. WinCC Advanced V14 System Manual, 10/2016 3343 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows. Using the left selection option, select the data type for the character string. Using the right selection option, select the data type for the floating-point number. The number string is converted starting from the first character according to the value "1" of parameter P ("pointerSTRG"). The period in the number string is interpreted as a thousands delimiter due to the value "0001" of parameter FORMAT ("resultSformat"). (The comma is the decimal separator for the value "0001".) The value to be converted ("inputSTRING") is output at output parameter OUT ("outputVAL") as a floating point number. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3344 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions VAL_STRG: Convert numerical value to character string (S7-1200, S7-1500) Description The "VAL_STRG" instruction is used to convert a numerical value into a character string. You specify the value to be converted in the IN input parameter. You decide the format of the numeric value by selecting a data type. You query the result of the conversion in the OUT output parameter. Permitted characters for the conversion are the digits "0" to "9", the decimal point, the decimal comma, notations "E" and "e", and the plus and minus characters. The conversion is interrupted by invalid characters. Parameter The following table shows the parameters of the "VAL_STRG" instruction: Parameter Declaration Data type S7-1200 S7-1500 Memory area Description IN Input USINT, SINT, UINT, INT, UDINT, DINT, REAL, LREAL USINT, SINT, I, Q, M, D, L, P or UINT, INT, constant UDINT, DINT, ULINT, LINT, RE AL, LREAL Value to be converted SIZE Input USINT USINT I, Q, M, D, L, P or constant Number of character positions PREC Input USINT USINT I, Q, M, D, L, P or constant Number of decimal places FORMAT Input WORD WORD I, Q, M, D, L, P or constant Output format of the charac ters P InOut UINT UINT I, Q, M, D, L, P or constant Character starting at which the result is written. OUT Output STRING, WSTRING STRING, WSTRING D, L Result of the conversion You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter P With the P parameter, you specify the character in the string starting at which the result is written. If, for example, the value "2" is specified in the P parameter, the converted value is saved starting at the second character of the string. WinCC Advanced V14 System Manual, 10/2016 3345 Programming the PLC 11.4 Instructions SIZE and P parameters Use the SIZE parameter to specify how many characters of the character string will be written. This is counted starting from the character specified in the P parameter. If the output value is shorter than the specified length, the result is written to the character string right-justified. The empty character positions are filled with blanks. Parameter FORMAT Use the FORMAT parameter to specify how the numerical value is interpreted during conversion and written to the character string. You can specify only tags of the FORMAT data type in the USINT parameter. The following table shows the possible values of the FORMAT parameter and their meaning: Value Notation Sign Decimal representation Decimal fraction "-" "." (W#16#....) 0000 0001 "," 0002 Exponential "." 0003 "," 0004 Decimal fraction "+" and "-" "." 0005 "," 0006 Exponential "." 0007 "," 0008 to FFFF Invalid values Note Relevance of values 2, 3, 6 and 7 of the FORMAT parameter The values 2, 3, 6 and 7 of the FORMAT parameter are only relevant if the parameter IN has data type REAL or LREAL. Parameter PREC Use the PREC parameter to define the number of decimal places when converting floatingpoint numbers. A maximum precision of seven numbers is supported for numerical values of the REAL data type. If the value to be converted is an integer, you use the PREC parameter to specify the position where the decimal point will be placed. Example The following table shows examples of the conversion of numeric values to a character string if the parameters OUT contains an empty string before the call of VAL_STRG. IN (value) IN (data type) P SIZE FORMAT (W#16#....) PREC OUT (STRING) ENO status 123 UINT 16 10 0000 0 xxxxxxx123 C 1 0 UINT 16 10 0000 2 xxxxxx0.00 C 1 3346 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions IN (value) IN (data type) P SIZE FORMAT (W#16#....) PREC OUT (STRING) ENO status 12345678 UDINT 16 10 0000 3 x12345.678 C 1 12345678 UDINT 16 10 0001 3 x12345.678 C 1 123 INT 16 10 0004 0 xxxxxx+123 C 1 -123 INT 16 10 0004 0 xxxxxx-123 C 1 -0.00123 REAL 16 10 0004 4 xxx-0.0012 C 1 -0.00123 REAL 16 10 0006 4 -1.2300E-3 C 1 -Inf REAL 16 10 -/- 4 xxxxxx-INF C 0 +Inf 1) REAL 16 10 -/- 4 xxxxxx+INF C 0 NaN 3) REAL 16 10 -/- 4 xxxxxxxNaN C 0 12345678 UDINT 16 6 -/- 3 xxxxxxxxxx C 0 2) "x" represents blanks 1) -Inf: Floating-point number representing a negative infinite value. 2) +Inf: Floating-point number representing a positive infinite value. 3) NaN: Value returned as the result of invalid math operations. Example The following table shows examples of the conversion of numeric values to a character string when the parameter OUT contains an empty string prior to calling VAL_STRG. In all cases, the parameters IN, SIZE, PREC, FORMAT and P have the same values: IN=123, SIZE=16, PREC=0, FORMAT=4, P=10. Only the default of OUT is different. OUT contains a string that is shorter than P. The CPU fills OUT after the existing string with spaces up to the (P-1)th position. As of position P OUT It is written taking into account leading spaces. OUT before the call of VAL_STRG: ABCDEFxxxxxxxxxx xxxxxxxxxxxxxxxx OUT after the call of VAL_STRG: ABCDEFxxxxxxxxxx xxxxxx123xxxxxxx "x" represents a space OUT contains a string that is longer than P+SIZE As of position P the CPU fills OUT with SIZE characters taking into account the leading spaces. OUT before the call of VAL_STRG: ABCDEFGHIJKLMNOP QRSTUVWXYZABCDEF OUT after the call of VAL_STRG: ABCDEFGHIxxxxxxx xxxxxx123ZABCDEF "x" represents a space OUT contains a string that is longer than P but shorter than P+SIZE As of position P the CPU fills OUT with SIZE characters taking into account the leading spaces. OUT before the call of VAL_STRG: ABCDEFGHIJKLMNOP xxxxxxxxxxxxxxxx OUT after the call of VAL_STRG: ABCDEFGHIxxxxxxx xxxxxx123xxxxxxx "x" represents a space WinCC Advanced V14 System Manual, 10/2016 3347 Programming the PLC 11.4 Instructions Example In the following example, you convert a floating-point number with the REAL data type to a character string with the STRING data type. Create six tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Select the data types: The left selection option is for the value to be converted. The right selection option is for the character string to be generated. The character string is written starting from the 16th character according to the value "16" of parameter P" ("pointer2STRG") . Starting from this point, the character string is 10 characters long, according to the "10" value of the SIZE parameter ("sizeSTRG"). The point of the value to be converted ("inputVAL") is interpreted as a decimal separator due to the value "0004" of parameter FORMAT ("resultV2Sformat"). Three decimal places are written to the string according to the value "3" of parameter PREC ("precVAL"). The sign of the value to be converted is stored as a character in the string and prefixes the numbers. The remaining 10 characters of the string are written as spaces in front of the sign. The character string is output at output parameter OUT ("outputSTRING"). 3348 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3349 Programming the PLC 11.4 Instructions Strg_TO_Chars: Convert character string to Array of CHAR (S7-1200, S7-1500) Description With the "Strg_TO_Chars" instruction, you copy a character string of the data type STRING to an Array of CHAR or Array of BYTE or a character string of the data type WSTRING to an Array of WCHAR or Array of WORD. Only ASCII characters are valid for the copy process. Specify the character string at the input parameter STRG. The characters are written at the parameter CHARS to a Array of CHAR / BYTE / WCHAR / WORD data type. - The number of characters in the destination field must be at least the same as the number copied from the source string. - If the destination field contains fewer characters than the source string, the characters are written up to the maximum length of the destination field. - If the character string contains a "$00" or W#16#0000 character, this has no effect on the copy operation (see graphic). - The number of copied characters is output at parameter CNT. Use the PCHARS parameter to specify the position starting from which writing will begin in the destination field. - Example: If writing should take place starting from the third position, use the value "2" at parameter PCHARS: 675,1*>@ %\WH %\WH %\WH %\WH %\WH %\WH %\WH %\WH 7 ( 6 7 $ % & 7 ( 6 7 $ &KDU>@ &KDU>@ &KDU>@ &KDU>@ &KDU>@ &KDU>@ 3&+$56 $UUD\>@RI&+$5 &KDU>@ &KDU>@ - The default for PCHARS is "0". When PCHARS = 0, the low index limit of the array is used (e.g. CHAR[0] for an Array [0..5] of CHAR). This also applies if the low limit of the array is negative (e.g. CHAR[-5] for an Array [-5..5] of CHAR). Note Use of the instruction with S7-1200 V2.0 S7-1200 up to Version 2.0 only supports Array [0 .. n] of CHAR / BYTE. Negative index limits (e.g. Array [-3..2] of CHAR) are not permissible. This restriction is not checked by the software. 3350 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Strg_TO_Chars" instruction: Parameter Declaration Data type Memory area Description STRG Input STRING, WSTRING D, L or constant Source of the copy operation PCHARS Input DINT I, Q, M, D, L, P or con stant Position in the structure Ar ray of (W)CHAR / BYTE / WORD starting from which the characters of the character string are written. CHARS InOut VARIANT D, L Destination of the copy operation Copy the characters to a structure of the Array of (W)CHAR/ BYTE/ WORD data type. CNT Output UINT I, Q, M, D, L, P Number of moved characters You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you copy characters of a character string with the STRING data type to a structure of the Array of CHAR data type. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows and select the data type of the character string. WinCC Advanced V14 System Manual, 10/2016 3351 Programming the PLC 11.4 Instructions A structure made up of individual characters is created due to the Array of CHAR data type. The CHARS structure ("myarrayCHARS") is ten characters long (Array ... [0..9]). According to the value "2" of parameter PCHARS ("pointerCHARS"), writing begins starting from the third character in the structure ("0" and "1" are empty, "2" contains the first character of the character string ("inputSTRG")). Once the characters of the string ("inputSTRG") are written to the structure ("myarrayCHARS"), the last character of the structure to be created is written empty. The number of characters of the character string that are moved is output at output parameter CNT ("countCHARS"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3352 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Chars_TO_Strg: Convert Array of CHAR to character string (S7-1200, S7-1500) Description With the "Chars_TO_Strg" instruction you copy characters from an Array of CHAR or Array of BYTE to a character string of the data type STRING or from an ARRAY of WCHAR or Array of WORD to a character string of the data type WSTRING. For the copy operation only ASCII characters are valid. Specify the characters of the Array of (W)CHAR / BYTE / WORD that will be copied to a character string at the input parameter CHARS. The characters are written at the parameter STRG to a (W)STRING data type. - The number of characters in the string is at least the same number as were copied from the source field. - If the character string is shorter than the number of characters in the source field, the characters are written up to the maximum length of the string. - If the Array of CHAR / BYTE contains a "$00" character or if the Array of WCHAR / WORD contains a W#16#0000 character, the copy operation is only carried out up to the corresponding position (see graphic). Using the PCHARS parameter, specify the position of the source field as of which the characters will be copied. PCHARS = 0 is the default value and always specifies the lower index limit of the array even if this is negative. - Example: if copying is to start with the third character of the source field, use the value "2" at parameter PCHARS: $UUD\>@RI&+$5 &KDU>@ &KDU>@ &KDU>@ &KDU>@ &KDU>@ &KDU>@ 7 ( 6 7 $ %\WH %\WH %\WH %\WH S&KDUV 675,1*>@ 6 7 %\WH %\WH - If an index is specified at parameter PCHARS and the index is not contained in the copy source (e.g. "7" at Array [0..5] of CHAR) then the instruction is not executed. Note Use of the instruction with S7-1200 V2.0 S7-1200 up to Version 2.0 only supports Array [0 .. n] of CHAR / BYTE. Negative index limits (e.g. Array [-3..2] of CHAR) are not permissible. This restriction is not checked by the software. WinCC Advanced V14 System Manual, 10/2016 3353 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "Chars_TO_Strg" instruction: Parameter Declaration Data type Memory area Description CHARS Input VARIANT D, L Source of the copy operation Array of (W)CHAR / BYTE / WORD from which the characters are copied. PCHARS Input DINT I, Q, M, D, L, P or con stant Position in the Array of (W)CHAR / BYTE / WORD starting at which the characters are copied. CNT Input UINT I, Q, M, D, L, P or con stant Number of characters to be copied. Use "0" to copy all characters. STRG Output STRING, WSTRING D, L Destination of the copy operation Character string with the (W)STRING data type. Observe the maximum length of the data types: STRING: 254 characters WSTRING: 254 characters (default) / 16382 characters (maximum) When using WSTRING, note that you must define a length > 254 characters explicitly with square brackets (e.g., WSTRING[16382]). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you copy characters of a structure of the Array of CHAR data type to a character string with the STRING data type. Create four tags in a global data block for storing the data. 3354 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows and select the data type of the character string. The CHARS structure ("inputArrayCHARS") is ten characters long (Array ... [0..9]). According to the value "2" of parameter PCHARS ("pointerCHARS"), characters are copied starting from the third position of the structure to the character string ("outputSTRG"). Starting from position "2", all characters of the structure ("inputArrayCHARS") are copied to the character string ("outputSTRG"), since parameter CNT ("countCHARS") has the value "0". You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3355 Programming the PLC 11.4 Instructions MAX_LEN: Determine the length of a character string (S7-1200, S7-1500) Description A tag of the (W)STRING data type contains two lengths: the maximum length and the current length (this is the number of currently valid characters). The maximum length of the character string is specified for each tag in the STRING keyword in square brackets. The number of bytes occupied by a string is 2 greater than the maximum length. The maximum length of the character string is specified for each tag in the WSTRING keyword in square brackets. The number of words occupied by a character string is 2 greater than the maximum length. The current length represents the number of the character places actually used. The current length must be less than or equal to the maximum length. You use the "MAX_LEN" instruction to determine the maximum length of the character string specified at the IN input parameter You output this information as a numerical value at the OUT output parameter. Note Checking the character string The "MAX_LEN" instruction does not check the character string at the parameter "IN". If errors occur during processing of the instruction, the value "0" is output at the OUT parameter. Note Reading out the current length You use the "LEN (Page 3375)" instruction to read out the current length of a string. Parameter The following table shows the parameters of the "MAX_LEN" instruction: Parameter Declaration Data type Memory area Description IN Input STRING D, L or constant Character string I, Q, M, D, L, P Maximum number of characters WSTRING OUT Return INT DINT You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3356 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example, you determine the maximum length of a character string with the STRING data type. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The maximum length of the specified character string ("inputSTRING") is determined and returned at output parameter OUT ("stringMLengthOUT") as a numerical value. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) JOIN: Join multiple strings (S7-1500) Description The "JOIN" instruction connects multiple strings into an array. WinCC Advanced V14 System Manual, 10/2016 3357 Programming the PLC 11.4 Instructions To convert multiple strings into a single one, the instruction provides the following functions: Format selection You can use the first bit at the Mode parameter to specify whether the sequence of the source strings for an array should be in the format CSV or FSR. In the following example, two source strings are specified by the two columns of the table. The maximum number of characters amounts to 4 characters for the first source string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. 1963 1974 Miller Jackson John Peter Roadname VeryLongRoadna - With CSV (Comma Separated Values), the contents of the source strings are written consecutively into the destination array and separated with a delimiter. (See examples below.) - With FSR (Fixed Size Records), a certain number of characters is defined in the destination array for each source string. If the characters of a source string do not need the space reserved for them in the destination array, the corresponding array elements are filled with delimiters. However, if the number of characters in a source string is greater than the space reserved for them, the corresponding array elements are filled from the front, and the excess characters of the source string are truncated (see example below). Selection of the delimiter for the source strings The RecSeparator parameter is used to select the delimiter that will be used for each string. Select a character based on the content of the input strings at the SrcStruct parameter. If the input strings contain a comma within a string, for example, do not use the comma as a delimiter. The data type that you use for the delimiter must correspond to the destination array at the DstArray parameter As a result, the delimiters can also be written to the array. Selection of the delimiter for the end of all source strings You can use the third bit of the Mode parameter to specify whether an additional character will be written as a delimiter at the end of the copied characters in the destination array (DstArray parameter). At the EndSeparator parameter, specify the character that will be used as a delimiter. Make sure to use a character other than the one set for the RecSeparator parameter (delimiter for individual strings). If the two delimiters are indistinguishable, you will obtain unexpected results if you reverse the conversion using the "SPLIT" instruction. Selection of the source strings You specify the source strings at the SrcStruct parameter. For the data type, you can use Array of STRING or Array of WSTRING or structures which only contain the STRING or WSTRING data type. This also applies to user data types or nested structures. You can use these as long as they exclusively contain the data type STRING or WSTRING respectively. Specification of the number of joined strings If you use an Array of STRING or Array of WSTRING at the SrcStruct parameter (source string) (no nested structures), you can use the Count parameter to specify the number of source strings that are joined to form a single string. If you use a data type other than Array of (W)STRING at the SrcStruct parameter, the Count parameter is ignored. It is only possible to connect a larger part of an array in this way. 3358 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Selection of a destination area for writing the array You use the Array of (W)CHAR data type at the DstArray parameter. In this case, it is not possible to use the STRING or WSTRING data types, because the length is limited to 254 characters or 256 bytes for STRING. Index of the position in the array (DestArray target parameter) The conversion starts at this position. The instruction reads the Position parameter to determine the position at which the conversion is completed. This enables follow-up calls of the instruction for filling the array. Parameter The following table shows the parameters of the "JOIN" instruction: Parameter Declaration Data type Memory area Description Mode Input DWORD I, Q, M, D, L or constant Specifies how the merger to string is performed (see Mode" parameter). RecSeparator Input VARIANT I, Q, M, D, L Delimiter for the source strings With CSV: Character that is used as a delimiter for the individual strings. With FSR: Character that is used as a fill character for the individual strings. EndSeparator Input VARIANT I, Q, M, D, L Delimiter for the end of the conversion Delimiter that is written at the end of the characters if bit 3 = 1 has been set for the Mode parameter. SrcStruct Input VARIANT I, Q, M, D, L Pointer to the source strings. Count Input UDINT I, Q, M, D, L or constant Number of strings that were joined. I, Q, M, D, L Area in which the characters are written after the conversion. DestArray InOut VARIANT The Count parameter can only be used when an Array of (W)STRING has been used at the SrcStruct parameter. Use the Array [0 .. x] of CHAR/WCHAR data type at the DestArray parameter. You can set the length (x) of the array based on the length of the source strings at the SrcStruct parameter. Position InOut UDINT I, Q, M, D, L Index the position in the total string Ret_Val Return INT I, Q, M, D, L Status of instruction (see table "RET_VAL param eter"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3359 Programming the PLC 11.4 Instructions Parameter Mode Bit Bit value "0" Bit value "1" Description 0 CSV format (Comma Separated Values) FSR format (Fixed Size Record) Selection of the format: With CSV, the source strings are separated by a delimiter in the destination array. With FSR, the source strings are written into the destination array with the fill characters defined at the RecSeparator parameter. 1 - - Irrelevant for the "JOIN" instruction. 2 - - Reserved (irrelevant for bit value) 3 Write no additional delimiters. Write character de Select whether an additional character will be written as a delimiter at fined by the EndSepa the end of the characters in the array (DestArray parameter). rator parameter at the end of the read char acters. 4 - - Irrelevant for the "JOIN" instruction. Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error. 8190 Selection at the Mode parameter is not supported. 8x20 Source strings invalid. 8x53 VARIANT points to data structure that is too short. 8x54 Invalid data type 8082 The value at parameter Count is greater than the number of source character strings in SrcStruct. 8xB4 Different data types at parameters SrcStruct (source) and DestArray (destination) or at separators (pa rameters RecSeparator and EndSeparator). 80B5 Buffer overflow with the instruction. The characters are not completely output at parameter DestArray, or the value at parameter Position is outside of DestArray. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * Note the following for the error codes: The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". The "x" in the second position of the listed error codes stands for the parameter that caused the error. Example: Error code 8352 hex = error occurred at 3rd Parameter (EndSeparator), see Parameter table. If the error cannot be clearly assigned to a specific parameter, "0" is output. Example: The CHAR data type is used for the delimiter (RecSeparator parameter). WCHAR is used as data type for the array at the DestArray parameter. Error code 80B4 is output in this case. 3360 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Two examples for the JOIN instruction when the destination ARRAY should have the format CSV First example: The following source strings are available: - 1963 - Miller - John - Roadname If you select "," as the delimiter, calling JOIN provides the following destination array: 1963,Miller,John,Roadname Second example: The following source strings are available: - 1974 - Jackson - Peter - VeryLongRoadname If you select "," as the delimiter, calling JOIN provides the following destination array: 1974,Jackson,Peter,VeryLongRoadname WinCC Advanced V14 System Manual, 10/2016 3361 Programming the PLC 11.4 Instructions Two examples for the JOIN instruction when the destination ARRAY should have the format FSR First example: The following source strings are available: - 1963 - Miller - John - Roadname The number of reserved characters in the destination array amounts to 4 characters for the first source string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. If you select "," as the fill characters, calling JOIN provides the following destination array: 1963Miller,,,,,,,John,,,,,,Roadname,,,,,, Second example: The following source strings are available: - 1974 - Jackson - Peter - VeryLongRoadname The number of reserved characters in the destination array amounts to 4 characters for the first source string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. If you select "," as the fill characters, calling JOIN provides the following destination array: 1974Jackson,,,,,,Peter,,,,,VeryLongRoadna SPLIT: Splitting an array of characters into multiple strings (S7-1500) Description The "SPLIT" instruction converts an array (Array of CHAR / WCHAR) into several separate strings (Array of STRING / WSTRING or structure). 3362 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To convert the array into several strings, specify the following information: Selection of array to be read You specify the array to be read at the SrcArray parameter. Make sure that the data types used for the input and output parameters match any other parameters used. If you use an array with the CHAR data type at the SrcArray parameter, for example, you must use the CHAR data type for the delimiter (Rec/EndSeparator) and the structure must only contain strings with the STRING data type at the DestStruct parameter. Format selection for the source array You use the first bit of the Mode parameter to specify whether the array to be read has the CSV or FSR format. - With CSV (Comma Separated Values), characters in the source array that belong together are separated by a delimiter from the next characters that belong together. Two examples of a source array: 1963,Miller,John,CitynameA,Roadname 1974,Jackson,Peter,CitynameB,VeryLongRoadname - With FSR (Fixed Size Records), a certain number of characters is defined for each item of logical information of the source array. Each item of information should fit into the space defined for it. When information does not need the space defined for it, it is filled with delimiters. Two examples of source arrays, whereby the length of the information is 4 characters for the first information item (year of birth), 13 characters for the second (last name), 10 characters for the third (first name), 9 characters for the fourth (city) and 16 characters for the fifth (street): 1963Miller,,,,,,,John,,,,,,CitynameARoadname,,,,,,,, 1974Jackson,,,,,,Peter,,,,,CitynameBVeryLongRoadname Delimiter used for the array to be read - If the array to be read has CSV format, use the RecSeparator parameter to specify which delimiter was used. - If the array to be read has FSR format, use the RecSeparator parameter to specify which fill character was used. Selection of the delimiter for the end of the total string Specify the delimiter after which the reading of the array should stop at the EndSeparator parameter. The "SPLIT" instruction stops at this position and outputs the string that has been found. Note that the EndSeparator delimiter is evaluated with higher priority than the RecSeparator delimiter. If the delimiter at the EndSeparator parameter was used in a string to be read (between two RecSeparator delimiters), all content after the EndSeparator delimiter is ignored. Specification of the position starting at which the array is read The conversion starts at this position in the array and the instruction reads the Position parameter to determine the position at which the conversion is completed. This enables follow-up calls of the instruction for filling the various strings at the DestStruct parameter. Outputting the number of read strings If you use an Array of STRING at the DestStruct parameter, you can use the Count parameter to output the number of read strings. Only strings with content are counted. If you use a data type other than Array of STRING at the DestStruct parameter, "0" is output at the Count parameter. WinCC Advanced V14 System Manual, 10/2016 3363 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "SPLIT" instruction: Parameter Declaration Data type Memory area Description Mode Input DWord I, Q, M, D, L or constant Specifies how the split into multiple strings is performed (see "Mode" parameter). RecSeparator Input Variant I, Q, M, D, L Delimiter or fill character With CSV: Character that was used in the array to be read to identify the individual strings. With FSR: Character that has been used as a fill character in the array to be read. EndSeparator Input Variant I, Q, M, D, L Delimiter used to define the end of the total string in the array to be read. SrcArray Input Variant I, Q, M, D, L Pointer to the array to be read (Array of CHAR/WCHAR) DestStruct InOut Variant I, Q, M, D, L Structure which includes the converted strings (Array of STRING / WSTRING). Position InOut UDInt I, Q, M, D, L Position from which the array is to be read at the SrcArray parameter. Ret_Val Return Int I, Q, M, D, L Result of instruction execution / error code (see table "Ret_Val parameter") Count Output UDInt I, Q, M, D, L Number of strings that were found. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3364 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter "Mode" Bit Bit value "0" Bit value "1" Description 0 CSV format (Comma Separated Values) FSR format (Fixed Size Record) Basic mode: Selection of CSV or FSR 1 With CSV: Additional characters cause an error. With CSV: Additional characters are ignored. Use bit 1 to specify how you want to deal with additional characters: With FSR: Additional fill characters remain in string. With FSR: Additional fill characters are removed. With CSV: - If the bit is set, additional characters that do not fit in the destination string are ignored. Example: The instruction writes to a string with a length of 16 characters (STRING[16] data type). No delimiter is contained in the source after the first 16 characters. If bit 1 is set, the extra characters are ignored and the instruction continues to read the array. - If the bit is not set, the instruction stops in such a case and generates an error message at the Ret_Val parameter. With FSR: - - If the bit is set, the fill characters located to the right of characters containing information are not written to the destination character string when the source array is transferred to the destination character strings (see example). - If the bit is not set, the fill characters located to the right of characters containing information are written to the destination character string when the source array is transferred to the destination character strings (see example). 2 - 3 Separator is retained. Separator is removed. Specification of whether the delimiter is removed at the end of the total string. 4 Leave unwritten strings (STRING) at length. Set unwritten strings (STRING) to length "0". Reserved for use in future versions. Specification of whether unused strings (STRING) at the DestStruct parameter are set to the length "0". Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error. 0001 Additional characters are ignored. 8190 Selection at the Mode parameter is not supported. 8x20 Source strings invalid. 8x53 VARIANT points to data structure that is too short. 8x54 Invalid data type 8x84 Additional characters found. 8xB4 Different data types at parameters SrcArray (source) and DestStruct (destination) or at separators (pa rameters RecSeparator and EndSeparator). 80B5 Buffer overflow with the instruction. The character strings are not completely output at parameter Dest Struct. WinCC Advanced V14 System Manual, 10/2016 3365 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * Note the following for the error codes: The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". The "x" in the second position of the listed error codes stands for the parameter that caused the error. Example: Error code 8352 hex = error occurred at 3rd parameter (EndSeparator), see Parameter table. If the error cannot be clearly assigned to a specific parameter, "0" is output. Example: The CHAR data type is used for the delimiter (RecSeparator parameter). WCHAR is used as data type for the array at the DestArray parameter. Error code 80B4 is output in this case. Two examples for the SPLIT instruction when the ARRAY to be read has the CSV format In the first step, the source array is split into strings as specified by the delimiter (RecSeparator parameter, e.g. ","). In the second step, the resulting strings after the split are stored in destination strings. You can use the DestStruct parameter to specify their length. If the strings produced by the split have more characters than can fit in the destination string, the behavior of SPLIT after this point depends on the Mode parameter. With Mode=2#00, this results in an error: The associated error code is returned and no other destination strings are 3366 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions filled. With Mode=2#10, the surplus characters are ignored and the next destination string is filled with the characters after the next delimiter. First example: In this example, there are these two source arrays: - 1963,Miller,John,Roadname - 1974,Jackson,Peter,VeryLongRoadname The length of the destination string amounts to 4 characters for the first destination string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. The first call for SPLIT produces the following destination strings with Mode=2#10: - 1963 - Miller - John - Roadname The second call for SPLIT produces the following destination strings with Mode=2#10: - 1974 - Jackson - Peter - VeryLongRoadna Second example: In this example, the logical information in the source array is not in the order expected. There are these two source arrays: - 1963,Miller,Roadname,John - 1974,Jackson,VeryLongRoadname,Peter As in the first example, the length of the destination string amounts to 4 characters for the first destination string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. The first call for SPLIT produces the following destination strings with Mode=2#10: - 1963 - Miller - Roadname - John The second call for SPLIT produces the following destination strings with Mode=2#10: - 1974 - Jackson - VeryLongRo - Peter WinCC Advanced V14 System Manual, 10/2016 3367 Programming the PLC 11.4 Instructions Two examples for the SPLIT instruction when the ARRAY to be read has format FSR The source array is split into strings as you specified in the DestStruct parameter for the length of the destination string. 3368 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions With regard to the fill characters (RecSeparator parameter e.g. ","), the behavior of SPLIT depends on the Mode parameter: With Mode=2#01, the fill characters are entered in the destination strings; with Mode=2#11, they are not entered. First example: In this example, there are these two source arrays: - 1963Miller,,,,,,,John,,,,,,Roadname,,,,,, - 1974Jackson,,,,,,Peter,,,,,VeryLongRoadname The length of the destination string amounts to 4 characters for the first destination string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. The first call for SPLIT produces the following destination strings with Mode=2#01: - 1963 - Miller,,,,,,, - John,,,,,, - Roadname,,,,,, The second call for SPLIT produces the following destination strings with Mode=2#01: - 1974 - Jackson,,,,,, - Peter,,,,, - VeryLongRoadna Second example: In this example, the logical information in the source array is not in the order expected. There are these two source arrays: - 1963Miller,,,,,,,Roadname,,,,,,John,,,,,, - 1974Jackson,,,,,,VeryLongRoadnamePeter,,,,, As in the first example, the length of the destination string amounts to 4 characters for the first destination string, 13 characters for the second, 10 characters for the third and 14 characters for the fourth. The first call for SPLIT produces the following destination strings with Mode=2#11: - 1963 - Miller - Roadname - ,,,,John Explanation: The SPLIT instruction lays templates over the source array, so to speak. The length of these templates is determined by the length of the destination strings. During transfer to the destination strings, only those commas to the right of characters with information content are interpreted as fill characters. The fill characters are not entered with Mode=2#11. In the first call, the commas are to the right of the "John" fill characters. The commas to the left of "John", however, are not fill characters, because the relevant "John" characters follow before the end of the corresponding destination string is reached. Therefore, the commas to the left of "John" appear in the destination string. The second call for SPLIT produces the following destination strings with Mode=2#11: WinCC Advanced V14 System Manual, 10/2016 3369 Programming the PLC 11.4 Instructions - 1974 - Jackson - VeryLongRo - adnamePeter See also JOIN: Join multiple strings (Page 3357) ATH: Convert ASCII string to hexadecimal number (S7-1200, S7-1500) Description You use the instruction "ATH" to convert the ASCII character string specified at the IN input parameter into a hexadecimal number. The result of the conversion is output to the OUT output parameter. You can reference the following data types using the pointer at the IN parameter (ASCII): STRING, WSTRING, CHAR, BYTE, Array of CHAR, Array of BYTE, WCHAR, Array of WCHAR, Array of WORD. You can reference the following data types using the pointer at the OUT parameter (hexadecimal): Array of CHAR, Array of BYTE, Array of WORD, STRING, BYTE, CHAR, WORD, INT, DWORD, DINT, SINT, USINT, UINT, UDINT. Only with S7-1500: Array of WCHAR, WSTRING, WCHAR, ULINT, LINT, LWORD You specify the number of ASCII characters to be converted with the N parameter. A maximum of 32767 valid ASCII characters can be converted. Only digits "0" to "9", upper case letters "A" to "F", and lower case letters "a" to "f" can be interpreted. All other characters are converted to zeros. Since 8 bits are required for the ASCII character and only 4 bits for the hexadecimal digit, the output word length is only half of the input word length. The ASCII characters are converted and positioned in the output in the same order as they are read in. If there is an odd number of ASCII characters, the hexadecimal number is padded with zeros in the nibble to the right of the last converted hexadecimal number. Parameter The following table shows the parameters of the "ATH" instruction: Parameter Declaration Data type Memory area Description IN Input VARIANT D, L Pointer to ASCII character string N Input INT I, Q, M, D, L or con Number of ASCII characters to be stant converted RET_VAL Return WORD I, Q, M, D, L Status of the instruction OUT Output VARIANT I, Q, M, D, L Hexadecimal number You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3370 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code Description (W#16#....)* 0000 No error 0007 Invalid character. Only the following ASCII characters may be used: Digits "0" to "9", upper case letters "A" to "F", lower case letters "a" to "f". 8101 Invalid pointer at the IN parameter, e.g., because a non-existing data block is refer enced. 8182 Input buffer is too small for data in the N parameter. 8120 Invalid format in the IN parameter. 8151 Non-supported data type in the IN parameter. 8401 Invalid pointer at the OUT parameter, e.g., because a non-existing data block is refer enced. 8482 Output buffer is too small for data in the N parameter. 8420 Invalid format in the OUT parameter. 8451 Non-supported data type in the OUT parameter. * The error codes can be displayed as integer or hexadecimal values in the program editor. For infor mation on switching the display formats, refer to "See also". ASCII characters and hexadecimal values The following table shows the ASCII characters and the corresponding hexadecimal values: WinCC Advanced V14 System Manual, 10/2016 ASCII character ASCII-coded hexadecimal value Hexadecimal digit "0" 30 0 "1" 31 1 "2" 32 2 "3" 33 3 "4" 34 4 "5" 35 5 "6" 36 6 "7" 37 7 "8" 38 8 "9" 39 9 "A" 41 A "B" 42 B "C" 43 C "D" 44 D "E" 45 E "F" 46 F 3371 Programming the PLC 11.4 Instructions Example The following table shows examples of the conversion of ASCII character strings to hexadecimal numbers: Data type of IN IN N OUT ENO status STRING, WSTRING '0a23' 4 WORD#16#0A23 1 STRING, WSTRING `123aFx1a23' 10 UINT#10#2595 LWORD#16#123AF01A_23000000 0 ULINT#10#1 313 626 236 378 939 392 STRING, WSTRING `a23' 3 WORD#16#A230 1 STRING, WSTRING `0a23' 4 WORD#[16#0A23, 16#0000] 1 BYTE#[16#0A, 16#23] STRING, WSTRING `aFbE' 1 CHAR#`A' 1 WCHAR#`A' STRING, WSTRING `0a23' 4 CHAR#[`0', `A', `2', `3'] 1 WCHAR#[`0', `A', `2', `3'] STRING, WSTRING `123aFC1a23' 10 STRING#`123AFC1A23' 1 WSTRING#`123AFC1A23' ArrayOfCHAR, Ar rayOfWCHAR [`a', `B', `E', `3'] 4 WORD#16#ABE3 1 ArrayOfBYTE [16#39, 16#32, 16#35] 3 WORD#16#9250 1 ArrayOfWORD [16#1234, 16#0032, 16#0031, 16#0000] 3 WORD#16#0210 0 ArrayOfWORD [16#0031, 16#0032, 16#0033, 16#0034] 4 WORD#16#1234 1 ArrayOfWORD [16#AB31, 16#32AF, 16#4333, 16#0034] 4 WORD#16#0004 0 ArrayOfWORD [16#0031, 16#0032, 16#0033, 16#0034] 4 [16#1234, 16#0000, 16#0000, 16#0000] 1 ArrayOfWORD [16#0034, 16#0035, 16#0036, 16#0037, 16#0041, 16#0042, 16#0043, 16#0044] 8 DWORD#16#4567_ABCD 3372 1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions HTA: Convert hexadecimal number to ASCII string (S7-1200, S7-1500) Description You use the instruction "HTA" to convert the hexadecimal number specified at the IN input into an ASCII character string. The result of the conversion is stored at the address specified in the OUT parameter. You can reference the following data types using the pointer in the IN parameter (hexadecimal): Array of CHAR, Array of BYTE, STRING, BYTE, CHAR, WORD, Array of WORD, INT, DWORD, Array of DWORD, DINT, SINT, USINT, UINT, UDINT. Only with S7-1500: Array of WCHAR, WSTRING, WCHAR, ULINT, LINT, LWORD, Array of LWORD You can reference the following data types using the pointer in the OUT parameter (ASCII): STRING, WSTRING, Array of CHAR, Array of WCHAR, Array of BYTE, Array of WORD You specify the number of hexadecimal bytes to be converted with the N parameter. Since 8 bits are required for the ASCII character and only 4 bits for the hexadecimal digit, the output value is twice as long as the input value. Each nibble of the hexadecimal number is converted to a character while maintaining the original order. A maximum of 32767 characters are written to the ASCII character string. The result of the conversion is represented by the digits "0" to "9" and upper-case letters "A" to "F". If the complete result of the conversion cannot be displayed in the OUT parameter, the result is will only be partially written to the parameter. Parameter The following table shows the parameters of the "HTA" instruction: Parameter Declaration Data type Memory area Description IN Input VARIANT I, Q, M, D, L Start address of the hexadecimal digits N Input UINT I, Q, M, D, L or con Number of hexadecimal bytes to stant be converted RET_VAL Return WORD I, Q, M, D, L Error message OUT Output VARIANT D, L Address at which the result is stor ed. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0000 No error 8101 Invalid pointer at the IN parameter, e.g., because a non-existing data block is referenced. 8182 Input buffer is too small for data in the N parameter. 8120 Invalid format in the IN parameter. WinCC Advanced V14 System Manual, 10/2016 3373 Programming the PLC 11.4 Instructions Error code* Description (W#16#....) 8151 Non-supported data type in the IN parameter. 8401 Invalid pointer at the OUT parameter, e.g., because a non-existing data block is referenced. 8482 Output buffer is too small for data in the N parameter. 8420 Invalid format in the OUT parameter. 8451 Non-supported data type in the OUT parameter. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". ASCII characters and hexadecimal values The following table shows the ASCII characters and the corresponding hexadecimal values: Hexadecimal digit ASCII-coded hexadecimal value ASCII character 0 30 "0" 1 31 "1" 2 32 "2" 3 33 "3" 4 34 "4" 5 35 "5" 6 36 "6" 7 37 "7" 8 38 "8" 9 39 "9" A 41 "A" B 42 "B" C 43 "C" D 44 "D" E 45 "E" F 46 "F" Example The following table shows examples of the conversion of hexadecimal numbers to ASCII character strings: IN N OUT Data type of OUT ENO status WORD#16#0123 2 '0123' STRING, WSTRING 1 4 '123AF012' STRING, WSTRING 1 WORD#16#ABE3 2 CHAR#[`A', `B', `E', `3'] ArrayOfCHAR, ArrayOfW CHAR 1 WORD#16#9250 2 [16#39, 16#32, 16#35, 16#30] ArrayOfBYTE 1 UINT#10#291 DWORD#16#123AF012 INT#10#305852434 3374 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions IN OUT Data type of OUT ENO status ArrayOfWORD#[16#123A, 2 16#0000, 16#ABCD, 16#0000] N [16#0031, 16#0032, 16#0033, 16#0041] ArrayOfWORD 1 WORD#16#1234 2 [16#0031, 16#0032, 16#0033, 16#0034] ArrayOfWORD 1 DWORD#16#4567ABCD 4 [16#0034, 16#0035, 16#0036, 16#0037, 16#0041, 16#0042, 16#0043, 16#0044] ArrayOfWORD 1 ArrayOfD WORD#[16#A800_0037, 16#0000_0041] 1 `A8' STRING, WSTRING 1 CHAR#[`0', `A', `2', `3'] 2 `3041' STRING, WSTRING 1 5 `3132334146' STRING, WSTRING 1 1 `41' STRING, WSTRING 1 WCHAR#[`0', `A', `2', `3'] STRING#`123AFC1A23' WSTRING#`123AFC1A23' Char#`A` Byte#16#41 LEN: Determine the length of a character string (S7-1200, S7-1500) Description A tag of the (W)STRING data type contains two lengths: the maximum length and the current length (this is the number of currently valid characters). The maximum length of the character string is specified for each tag in the STRING keyword in square brackets. The number of bytes occupied by a string is 2 greater than the maximum length. The maximum length of the character string is specified for each tag in the WSTRING keyword in square brackets. The number of words occupied by a character string is 2 greater than the maximum length. The current length represents the number of the character places actually used. The current length must be less than or equal to the maximum length. You use the instruction "LEN" to query the current length of the character string specified at the IN input parameter. Output this as numerical value at the OUT output parameter. An empty string ('') has the length zero. If errors occur during processing of the instruction, the value "0" is output at the OUT parameter. Note Reading out the maximum length You use the "MAX_LEN (Page 3356)" instruction to read out the maximum length of a string. WinCC Advanced V14 System Manual, 10/2016 3375 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "LEN" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Character string OUT Return INT I, Q, M, D, L Number of valid characters You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you determine the length of a character string with the STRING data type. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The number of actually occupied characters of the character string ("inputSTRING") is determined and returned as a numerical value at output parameter "OUT" ("stringLengthOUT"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3376 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions CONCAT: Combine character strings (S7-1200, S7-1500) Description You use the instruction "CONCAT" to combine the character string at the IN1 input parameter with the character string at the IN2 input parameter. The result is output at the OUT output parameter in (W)STRING format. If the resulting character string is longer than the tag specified in the OUT output parameter, then the resulting character string will be limited to the available length. If errors occur during processing of the instruction and it is possible to write the OUT output parameter, an empty string will be output. Parameters The following table shows the parameters of the "CONCAT" instruction: Parameter Declaration Data type Memory area Description IN1 Input STRING, WSTRING D, L or constant Character string IN2 Input STRING, WSTRING D, L or constant Character string OUT Return STRING, WSTRING D, L Resulting character string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you connect two character strings with the STRING data type. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3377 Programming the PLC 11.4 Instructions The characters of the second character string ("inputstring2") are appended to the first character string ("inputstring1") and the result is output at output parameter OUT ("string1CONCstring2"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) LEFT: Read the left character of a character string (S7-1200, S7-1500) Description You use the instruction "LEFT" to extract a partial string beginning with the first character of the string at the IN input parameter. You specify the number of characters to be extracted in the L parameter. The extracted characters are output at the OUT output parameter in (W)STRING format. If the number of characters to be extracted is greater than the current length of the character string, the OUT output parameter returns the input character string as a result. If the L parameter contains the value "0" or the input value is an empty string, an empty string will be returned. If the value in the L parameter is negative, an empty string will be output. If errors occur during processing of the instruction and it is possible to write the OUT output parameter, an empty string will be output. 3378 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "LEFT" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Character string L Input BYTE, INT, I, Q, M, D, L or con SINT, USINT stant Number of characters to be ex tracted OUT Return STRING, WSTRING Extracted partial string D, L You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you extract a partial character string with the STRING data type from a character string starting from the first character. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. According to the value "4" of parameter L ("extractNumber"), you extract a four-character partial character string from the character string ("inputSTRING") starting from the first character from the left. The extracted partial character string is output at output parameter OUT ("outputExtractSTRING"). WinCC Advanced V14 System Manual, 10/2016 3379 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) RIGHT: Read the right characters of a character string (S7-1200, S7-1500) Description You use this instruction to extract the last L character in a character string in the input parameter IN. You specify the number of characters to be extracted in the L parameter. The extracted characters are output at the OUT output parameter in (W)STRING format. If the number of characters to be extracted is greater than the current length of the character string, the OUT output parameter returns the input character string as a result. If the L parameter contains the value "0" or the input value is an empty string, an empty string will be returned. If the value in the L parameter is negative, an empty string will be output. If errors occur during processing of the instruction and it is possible to write the OUT output parameter, an empty string is output. Parameters The following table shows the parameters of the "RIGHT" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Character string L Input BYTE, INT, I, Q, M, D, L or con SINT, USINT stant Number of characters to be ex tracted OUT Return STRING, WSTRING Extracted partial string D, L You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you extract a partial character string with the STRING data type from a character string starting from the last character. Create three tags in a global data block for storing the data. 3380 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows. According to the value "4" of input parameter L ("extractNumber"), you extract a four-character partial character string from the character string ("inputSTRING") starting from the first character from the right. The extracted partial character string is output at output parameter OUT ("outputExtractSTRING"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) MID: Read middle characters of a character string (S7-1200, S7-1500) Description You use this instruction to extract a portion of the character string in the IN input parameter. With the P parameter, you specify the position of the first character to be extracted. With the L parameter, you define the length of the character string to be extracted. The extracted partial character string is output to the OUT output parameter. WinCC Advanced V14 System Manual, 10/2016 3381 Programming the PLC 11.4 Instructions Note the following rules when executing the instruction: If the number of characters to be extracted exceeds the current length of the character string in the IN input parameter, a partial character string will be output. The partial character string starts at the P character string and is continued until the end of the character string. If the character position specified in the P parameter falls outside the current character string length in the IN input parameter, an empty character string will be output in the OUT output parameter. If the value of the P or L parameter equals zero or is negative, an empty character string will be output in the OUT output parameter. If errors occur during processing of the instruction and it is possible to write the OUT output parameter, an empty string will be output. Parameters The following table shows the parameters of the "MID" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Character string L Input BYTE, INT, SINT, USINT I, Q, M, D, L or con stant Length of the string to be extracted P Input BYTE, INT, SINT, USINT I, Q, M, D, L or con stant Position of the first character to be extracted (first character = 1) OUT Return STRING, WSTRING D, L Extracted partial string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you extract a partial character string with the STRING data type from the middle of a character string. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3382 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions According to the value "4" of input parameter L ("extractNumber"), you extract a four-character partial character string from the character string ("inputSTRING"). The extraction starts from the third character ("startingPoint" has the value "3") of the character string ("inputSTRING"). The extracted partial character string is output at output parameter OUT ("outputExtractSTRING"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) DELETE: Delete characters in a character string (S7-1200, S7-1500) Description You use this instruction to delete a portion of the character string in the IN input parameter. With the P parameter, you specify the position of the first character to be deleted. You specify the number of characters to be deleted in the L parameter. The remaining partial character string is output at the OUT output parameter in (W)STRING format. Note the following rules when executing the instruction: If the value in the P parameter is less than or equals zero, an empty character string will be output in the OUT output parameter. If the value in the P parameter is greater than the current length of the character string in the IN input, the input character string will be returned in the OUT output parameter. WinCC Advanced V14 System Manual, 10/2016 3383 Programming the PLC 11.4 Instructions If the value in the L parameter equals zero, the input character string will be returned in the OUT output parameter. If the number of characters to be deleted at the L parameter is greater than the length of the character string at the IN input parameter, the characters starting at the position specified by the P parameter are deleted. The string resulting from this is output. If the value in the L parameter is negative, an empty character string will be output. If errors occur during processing of the instruction and it is possible to write the OUT output parameter, an empty string will be output. Parameters The following table shows the parameters of the "DELETE" instruction: Parameter Declaration Data type Memory area Description IN Input STRING, WSTRING D, L or constant Character string L Input BYTE, INT, I, Q, M, D, L or con Number of characters to be deleted SINT, USINT stant P Input BYTE, INT, I, Q, M, D, L or con Position of first character to be de SINT, USINT stant leted OUT Return STRING, WSTRING D, L Resulting character string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you delete characters from a character string with the STRING data type. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3384 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions According to the value "4" of input parameter L ("deleteNumber"), you delete four characters from the character string ("inputSTRING") starting from the third character ("startingPoint" has the value "3"). The remaining character string is output at output parameter OUT ("outputResidualSTRING"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) INSERT: Insert characters in a character string (S7-1200, S7-1500) Description You use this instruction to insert the character string in the IN2 input parameter to the character string in the IN1 input parameter. With the P parameter, you specify the position of the character starting at which the characters are inserted. The result is output at the OUT output parameter in (W)STRING format. WinCC Advanced V14 System Manual, 10/2016 3385 Programming the PLC 11.4 Instructions Note the following rules when executing the instruction: If the value in the P parameter exceeds the current length of the character string in the IN1 input parameter, the character string of the IN2 input parameter will be appended to the character string of the IN1 input parameter. If the value at the P parameter is zero, the character string at the OUT parameter followed by the character string at the IN2 parameter will be output in the IN1 parameter. If the value in the P parameter is negative, an empty character string will be output in the OUT output parameter. If the resulting character string is longer than the tag specified in the OUT output parameter, the resulting character string will be limited to the available length. Parameters The following table shows the parameters of the "INSERT" instruction: Parameter Declaration Data type Memory area Description IN1 Input STRING, WSTRING D, L or constant Character string IN2 Input STRING, WSTRING D, L or constant String to insert P Input BYTE, INT, SINT, USINT I, Q, M, D, L or con stant Insert position OUT Return STRING, WSTRING D, L Resulting character string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you insert a character string in another character string. The data type used is STRING. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3386 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The characters of the second character string ("input2_STRING") are inserted in the first character string ("input1_STRING"). According to the value "3" of parameter P ("startingPoint"), characters are inserted after the third character of the first character string ("input1_STRING"). The result is output at output parameter OUT ("outputStrg1AndStrg2"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) REPLACE: Replace characters in a character string (S7-1200, S7-1500) Description You use this instruction to replace a portion of the character string in the IN1 input with the character string in the IN2 input parameter. You specify the position of the first character to be replaced in the P parameter. You specify the number of characters to be replaced in the L parameter. The result is output at the OUT output parameter in (W)STRING format. WinCC Advanced V14 System Manual, 10/2016 3387 Programming the PLC 11.4 Instructions Note the following rules when executing the instruction: If the value in the P parameter is less than or equals zero, an empty character string will be output in the OUT output parameter. If the value in the L parameter is less than zero, an empty character string will be output in the OUT output parameter. If P equals one, the character string in the IN1 input will be replaced beginning with (and including) the first character. If the value in the P parameter exceeds the current length of the character string in the IN1 input parameter, the character string of the IN2 input parameter will be appended to the character string of the IN1 input parameter. If the resulting character string is longer than the tag specified in the OUT output parameter, the resulting character string will be limited to the available length. If the value at parameter L is zero, characters are not replaced but inserted. Similar conditions apply as with the instruction INSERT. See also: INSERT: Insert characters in a character string (Page 3385) Parameters The following table shows the parameters of the "REPLACE" instruction: Parameter Declaration Data type Memory area Description IN1 Input STRING, WSTRING D, L or constant String with characters to be re placed. IN2 Input STRING, WSTRING D, L or constant String with characters to be inser ted. L Input BYTE, INT, I, Q, M, D, L or con Number of characters to be re SINT, USINT stant placed P Input BYTE, INT, I, Q, M, D, L or con Position of first character to be re SINT, USINT stant placed OUT Return STRING, WSTRING D, L Resulting character string You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you replace part of a character string with another character string. The data type used is STRING. Create five tags in a global data block for storing the data. 3388 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows. The second character string ("input2_STRING") is added to the first character string ("input1_STRING") starting from the third character ("startingPoint" has the value "3"). According to the value "2" of parameter L ("replaceNumber"), the third and fourth characters of the first character string ("input1_STRING") are replaced in the process. The result is output at output parameter OUT ("outputNewSTRING"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3389 Programming the PLC 11.4 Instructions FIND: Find characters in a character string (S7-1200, S7-1500) Description You use this instruction to search through the character string at the IN1 input parameter for a specific character string. You specify the value to be searched for in the IN2 input parameter. The search is made from left to right. The position of the first occurrence is output in the OUT output parameter. If the search returns no match, the value "0" will be output in the OUT output parameter. If an invalid character is specified at the IN2 parameter or if an error occurs during processing, the value "0" is output at the OUT parameter. Parameters The following table shows the parameters of the "FIND" instruction: Parameter Declaration Data type Memory area Description IN1 Input STRING, WSTRING D, L or constant String searched through IN2 Input STRING, WSTRING D, L or constant Character string that is searched for OUT Return INT I, Q, M, D, L Character position You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you search for a character string in another character string. The data type used is STRING. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3390 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The first character string ("inputSTRING") searches for the value "4a" of the second character string ("STRINGsearchedFor"). The character position ("4") at which the searched character string begins is output at output parameter OUT ("returnPosition"). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) Runtime information (S7-1200, S7-1500) GetSymbolName: Read out a tag on the input parameter (S7-1200, S7-1500) Description With the "GetSymbolName" instruction, you use the input parameter of a block to read out the name of a tag interconnected at the parameter. WinCC Advanced V14 System Manual, 10/2016 3391 Programming the PLC 11.4 Instructions If a block is used multiple times in the project and called each time by a different tag, you can use the "GetSymbolName" instruction to evaluate the name of the calling tag. The process value of the tag is irrelevant in this case. You specify the input parameters of the block interface at the VARIABLE parameter. Use only an interface parameter for this parameter and no PLC or data block tags. To limit the length of the read tag name, use the SIZE parameter. If the name has been truncated, this is indicated by the characters "..." (Unicode character 16#2026) appears at the end of the name. Note that this character has the length 1. An example to illustrate the meaning of the SIZE parameter. The following tag name is read out via the block interface: "MyPLCTag" (The double quotes at the start and end belong to the name.) SIZE GetSymbolName returns Explanation 1 '...' First character of WSTRING:' Identifier that the name was truncated: ... Last character of WSTRING:' 2 '"...' First character of WSTRING:' The first character of the name and identifier that the name was truncated:"... Last character of WSTRING:' 3 '"M...' First character of WSTRING:' The first two characters of the name and identifier that the name was truncated:"... "M... Last character of WSTRING:' 6 '"MyPL...' First character of WSTRING:' The first five characters of the name and identifier that the name was truncated: "MyPL... Last character of WSTRING:' 0 '"MyPLCTag"' First character of WSTRING:' All characters of the name: "MyPLCTag" Last character of WSTRING:' The name read is output at the OUT parameter. 3392 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "GetSymbolName" instruction: Parameter Declaration Data type Memory area VARIABLE Input PARAMETER Parameter sec Selection of the local interface to which you want to tions Input, read out the name of the input parameter supply. Output, InOut SIZE Input DINT I, Q, M, D, L Description Limits the number of characters output at the OUT parameter. SIZE > 0: GetSymbolName returns the first SIZE characters of the name. SIZE = 0: GetSymbolName returns the entire name. SIZE < 0: GetSymbolName returns the last SIZE characters of the name. OUT Return WSTRING I, Q, M, D, L Output of the tag name of the input parameters supply You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you read out the name of a tag that is interconnected via the input parameter of a block. Create two tags in a global data block for storing the data. Create an input parameter inputValue with the BYTE data type in the "Level1" block. Call the "GetSymbolName" instruction in the "Level1" block. Interconnect the parameters of the instruction as follows. Interconnect the inputValue parameter of the "Level1" block as follows. WinCC Advanced V14 System Manual, 10/2016 3393 Programming the PLC 11.4 Instructions The "GetSymbolName" instruction is executed in the "Level1" block. Input parameter inputValue of the "Level1" block is examined for its interconnection using input parameter VARIABLE of the instruction. In doing so, the "symbolVALUE" tag is read out and output as a character string at output parameter OUT ("MySymNAME"). According to the value of input parameter SIZE, the length of the character string is limited to 60 characters. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) 3394 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions GetSymbolPath: Query composite global name of the input parameter assignment (S7-1200, S7-1500) Description You use the "GetSymbolPath" instruction to read the composite global name of an input parameter at the local interface of a block (FB or FC). The name consists of the storage path and the tag name. Specify the block interface through which the name of the input tag is read at the VARIABLE parameter of the instruction: - If the tag of a data block is used to supply the input parameters, the name of the DB, contained structures and the name of the tag are output as the path. - If a PLC tag is used to supply the input parameters, the name of the PLC tag is output. - If a constant is used to supply the input parameters, the content of the constant is output. To limit the length of the read tag name, use the SIZE parameter. If the name has been truncated, this is indicated by the character "..." (Unicode character 16#2026) at the end of the name. Note that this character has the length 1. An example to illustrate the meaning of the SIZE parameter. The following tag name is read out by the block interface: "MyPLCTag" (The double quotes at the start and end belong to the name.) SIZE GetSymbolPath returns Explanation 1 '...' First character of WSTRING:' Identifier that the name was truncated: ... Last character of WSTRING:' 2 '"...' First character of WSTRING:' The first character of the name and identifier that the name was truncated:"... Last character of WSTRING:' 3 '"M...' First character of WSTRING:' The first two characters of the name and identifier that the name was truncated:"... "M... Last character of WSTRING:' 6 '"MyPL...' First character of WSTRING:' The first five characters of the name and identifier that the name was truncated: "MyPL... Last character of WSTRING:' 0 '"MyPLCTag"' First character of WSTRING:' All characters of the name: "MyPLCTag" Last character of WSTRING:' WinCC Advanced V14 System Manual, 10/2016 3395 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "GetSymbolPath" instruction: Parameter Declaration Data type Memory area Description VARIABLE Input PARAMETER Parameter sections Input, Output, InOut Selection of the local interface to which you want to read the global name of the input pa rameter supply. SIZE Input DINT I, Q, M, D, L or con stant Limits the number of characters output at the OUT parameter. SIZE > 0: GetSymbolPath returns the first SIZE characters of the name. SIZE = 0: GetSymbolPath returns the entire name. SIZE < 0: GetSymbolPath returns the last SIZE characters of the name. OUT Output WSTRING I, Q, M, D, L Output of the tag name of the input parameters supply. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example The following example shows the use of GetSymbolPath over several call levels: The FB_Level_1 block is called from the organization block OB1. In turn, the FB_Level_2 block is called from this. GetSymbolPath is executed in the FB_Level_2 block to read the path of the parameter at the REQ2 interface. Since REQ2 is supplied by the REQ1 interface in turn, the instruction determines the path of the input parameter of REQ1. At the REQ1 parameter, the MyStarterBit tag is used. The bit is located in the MySTRUCT structure in the MyDatablock data block. This information is read by GetSymbolPath and output at the OUT parameter. 3396 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 2% )%B/HYHOB (1 0\'DWD%ORFN0\6758&7 0\6WDUWHU%LW 5(4 7DJB ,QSXWB 7DJB ,QSXWB (12 2XWSXWB 7DJB )%B/HYHOB )%B/HYHOB (1 5(4 5(4 7DJB ,QSXWB 7DJB ,QSXWB (12 7DJB 2XWSXWB )%B/HYHOB *HW6\PERO3DWK (1 5(4 (12 YDULDEOH VL]H 287 :675,1* 0\'DWD%ORFN 0\6758&7 0\6WDUWHU%LW You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3397 Programming the PLC 11.4 Instructions GetInstanceName: Read out name of the read instance (S7-1200, S7-1500) Description You can use the "GetInstanceName" instruction to read the name of the instance data block within a function block. To limit the length of the read instance name, use the SIZE parameter. If the name has been truncated, this is indicated by the character "..." (Unicode character 16#2026) at the end of the name. Note that this character has the length 1. An example to illustrate the meaning of the SIZE parameter. The following instance name is read out via the block interface: "Level1_DB" (The double quotes at the start and end belong to the name.) SIZE GetSymbolPath returns Explanation 1 '...' First character of WSTRING:' Identifier that the name was truncated: ... Last character of WSTRING:' 2 '"...' First character of WSTRING:' The first character of the name and identifier that the name was truncated:"... Last character of WSTRING:' 3 '"L...' First character of WSTRING:' The first two characters of the name and identifier that the name was truncated:"... "L... Last character of WSTRING:' 6 '"Leve...' First character of WSTRING:' The first five characters of the name and identifier that the name was truncated: "Leve... Last character of WSTRING:' 0 '"Level1_DB"' First character of WSTRING:' All characters of the name: "Level1_DB" Last character of WSTRING:' The name of the instance data block is written to the OUT parameter. If the name of the instance data block is longer than the maximum length of WSTRING, the name is truncated. 3398 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "GetInstanceName" instruction: Parameter Declaration Data type Memory area Description SIZE Input DINT I, Q, M, D, L or con Limits the number of characters output at the OUT pa stant rameter. SIZE > 0: GetInstanceName returns the first SIZE characters of the name. SIZE = 0: GetInstanceName returns the entire name. SIZE < 0: GetInstanceName returns the last SIZE characters of the name. OUT Output WSTRING I, Q, M, D, L Read name of the instance data block You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you read out the name of an instance data block. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The "GetInstanceName" instruction is executed in the "Level1_gin" block. By means of the "GetInstanceName" instruction, the associated instance data block of the "Level1_gin" block is determined and output as a character string at output parameter OUT ("outputInstName"). According to the value "0" of parameter SIZE ("limitSIZE"), the length of the character string is unlimited. WinCC Advanced V14 System Manual, 10/2016 3399 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) GetInstancePath: Query composite global name of the block instance (S7-1200, S7-1500) Description You use the "GetInstancePath" instruction to read the composed global name of the block instance within a function block. The composed global name of the block instance is the path of the complete call hierarchy when multi-instances are used. In the following example, the "GetInstancePath" instruction is called in the FB_Level_3 function block. The FB_Level_3 function block stores its data in the calling FB_Level_2 function block. The FB_Level_2 function block in turn stores its data in the calling FB_Level_1 function block. The FB_Level_1 function block in turn stores its data in its instance data block IDB_LEVEL_1. Through the use of multi-instances, the instance data block of FB_Level_1 contains all data of the three function blocks. ,'%B/(9(/B )%B/HYHOB ,QSXW 2XWSXW ,Q2XW 6WDWLF /HYHOBB,QVWDQFH ,QSXW 2XWSXW ,Q2XW 6WDWLF /HYHOBB,QVWDQFH ,QSXW 2XWSXW ,Q2XW 6WDWLF 6WDWLF /HYHOBB,QVWDQFH 6WDWLF /HYHOBB,QVWDQFH 0DLQ ,B'%B/HYHOB )%B/HYHOB )%B/HYHOB 6WDWLF /HYHOBB,QVWDQFH )%B/HYHOB )%B/HYHOB )%B[\] )%BDEF )&B[\] )&BDEF )%B/HYHOB 6WDWLF *HW,QVWDQFH3DWK VL]H 287 The "GetInstancePath" instruction returns the following values for this example: SIZE GetInstancePath returns Explanation 1 '...' First character of WSTRING:' Identifier that the name was truncated: ... Last character of WSTRING:' 2 '"...' First character of WSTRING:' The first character of the name and identifier that the name was truncated:"... Last character of WSTRING:' 3400 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SIZE GetInstancePath returns Explanation 3 '"I...' First character of WSTRING:' The first two characters of the name and identifier that the name was truncated:"... "I... Last character of WSTRING:' 6 '"IDB_...' First character of WSTRING:' The first five characters of the name and identifier that the name was truncated: "IDB_... Last character of WSTRING:' 0 '"IDB_LEVEL_1".Level_2_ First character of WSTRING:' Instance.Level_3_Instance' All characters of the name: "IDB_LEVEL_1".Level_2_Instance.Level_3_Instance Last character of WSTRING:' Note Use of "GetInstancePath" in function blocks with single instance If the function block in which you call "GetInstancePath" saves data in its own instance data block, the name of the single instance is output as the global name. The result at parameter OUT corresponds in this case to the ""GetInstanceName (Page 3398)" instruction. Parameter The following table shows the parameters of the "GetInstancePath" instruction: Parameter Declaration Data type Memory area Description SIZE Input DINT I, Q, M, D, L or con stant Limits the number of characters output at the OUT parameter. SIZE > 0: GetInstancePath returns the first SIZE characters of the name. SIZE = 0: GetInstancePath returns the entire name. SIZE < 0: GetInstancePath returns the last SIZE characters of the name. OUT Output WSTRING I, Q, M, D, L Read global name of the block instance. If the global name of the block instance is lon ger than the maximum length of WSTRING (254 characters), the name is truncated. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3401 Programming the PLC 11.4 Instructions GetBlockName: Read out name of the block (S7-1200, S7-1500) Description You can use the "GetBlockName" instruction to read the name of the block in which the instruction is called. If the length of the block name is to be limited to a certain number of characters, specify the max. length at the SIZE parameter. If the name has been truncated, this is indicated by the character "..." (Unicode character 16#2026) at the end of the name. Note that this character has the length 1. An example to illustrate the meaning of the SIZE parameter. The following block name is read out: "Level1_gbn" (The double quotes at the start and end belong to the name.) SIZE GetBlockName returns Explanation 1 '...' First character of WSTRING:' Identifier that the name was truncated: ... Last character of WSTRING:' 2 '"...' First character of WSTRING:' The first character of the name and identifier that the name was truncated:"... Last character of WSTRING:' 3 '"L...' First character of WSTRING:' The first two characters of the name and identifier that the name was truncated:"... "L... Last character of WSTRING:' 6 '"Leve...' First character of WSTRING:' The first five characters of the name and identifier that the name was truncated: "Leve... Last character of WSTRING:' 0 '"Level1_gbn"' First character of WSTRING:' All characters of the name: "Level1_gbn" Last character of WSTRING:' The name of the block is written at the RET_VAL parameter. If the name of the block is longer than the maximum length of WSTRING, the name is truncated. 3402 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "GetBlockName" instruction: Parameter Declaration Data type Memory area Description SIZE Input UINT I, Q, M, D, L or constant Limits the number of characters output at the RET_VAL parameter. SIZE > 0: GetBlockName returns the first SIZE characters of the name. SIZE = 0: GetBlockName returns the entire name. SIZE < 0: GetBlockName returns the last SIZE characters of the name. RET_VAL Output WSTRING I, Q, M, D, L Read name of the instance data block You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example, you read out the block name. Create two tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The "GetBlockName" instruction is executed in the "Level1_gbn" block. By means of the "GetBlockName" instruction, the name of the "Level1_gbn" block is read out and output as a character string at output parameter RET_VAL("outputBlockName"). According to the value "0" of parameter SIZE ("limitSIZE"), the length of the character string is unlimited. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) WinCC Advanced V14 System Manual, 10/2016 3403 Programming the PLC 11.4 Instructions Process image (S7-1500) UPDAT_PI: Update the process image inputs (S7-1500) Description With the instruction, you update a partial image partition of the inputs defined in the configuration. If you have configured repeated signaling of I/O access errors for the system-side process image update, then the selected process image will be updated constantly. Otherwise, the update can only be performed when the selected process image partition is not updated by the system; in other words if you have not assigned this process image partition to an interrupt OB. Note Each logical address that you have assigned to a process image partition of the inputs per configuration no longer belongs to the OB 1 process image of the inputs. When you update a process image partition with "UPDAT_PI", you must not perform a simultaneous update with the "SYNC_PI (Page 3410)" instruction. System-side updating of the OB 1 process image of the inputs and the process image partitions of inputs that you have assigned to an interrupt OB takes place independently of "UPDAT_PI" calls. Parameter The following table shows the parameters of the "UPDAT_PI" instruction: Parameter Declaration Data type Memory area Description PART Input PIP I, Q, M, D, L or con Number of the process image parti stant tion of the inputs to be updated. Maximum value range (depending on the CPU): 1 <= n <= 31 (means process image partition n). RET_VAL Return INT I, Q, M, D, L, P Error information FLADDR Output WORD I, Q, M, D, L, P Address of the first byte to cause an error if an access error has occurred. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3404 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred. 8090 Illegal value for PART parameter 8091 The specified process image partition was not yet defined. 8092 The process image partition is being updated by the system and must not be used for the PART parameter. 8093 The process image partition update is being processed in another OB. 80A0 An access error was detected when accessing the I/O. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Note If you use the instruction for process image partitions of DP standard slaves, the error codes of the "DPRD_DAT (Page 3536)" instruction are also possible. This is the case if you have defined consistency areas greater than 32 bytes. Example In the following example, you update the process image partition "1" of the inputs defined in the configuration. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3405 Programming the PLC 11.4 Instructions You create an input module (DI) for your CPU, and configure the process image partition "1" under "Properties > Input 0 - 15 > I/O addresses". You also do not assign the process image partition to any OB. The number of the process image partition that is to be updated is stored in the input parameter PART ("part") of the instruction "UPDAT_PI". The specified process image partition is updated when the instruction "UPDAT_PI" is called. The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. Processing without errors sets the coil ("updateOk") to "TRUE". Because no access error occurs, the error address ("errAddress") of the instruction "UPDAT_PI" shows the value "16#0000". 3406 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). UPDAT_PO: Update the process image outputs (S7-1500) Description You use the instruction to transfer the signal states of a process image partition of the outputs defined by configuration to the output modules. If you have specified a consistency range for the selected process image partition, corresponding data is transferred as consistent data to the respective I/O module. Note Each logical address you have assigned to a process image partition of the outputs during configuration no longer belongs to the OB 1 process image of the outputs. Outputs that you update with "UPDAT_PO" must not be updated simultaneously with the "SYNC_PO (Page 3411)" instruction. The OB 1 process image of the outputs and the process image partitions of the outputs that you have assigned to an interrupt OB are transferred by the system to the output modules independently of "UPDAT_PO" calls. Parameter The following table shows the parameters of the "UPDAT_PO" instruction: Parameter Declaration Data type Memory area PART Input PIP I, Q, M, D, L or con Number of the process image partition stant of the outputs to be transferred. Description Maximum value range (depending on the CPU): 1 <= n <= 31 (means process image partition n) RET_VAL Return INT I, Q, M, D, L, P Error information FLADDR Output WORD I, Q, M, D, L, P Address of the first byte to cause an error if an access error has occurred. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3407 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred. 8090 Illegal value for PART parameter 8091 The specified process image partition was not yet defined. 8092 The process image partition is being updated by the system and must not be used for the PART parameter. 8093 The process image partition update is being processed in another OB. 80A0 An access error was detected when accessing the I/O. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Note If you use the instruction for process image partitions of DP standard slaves, the error codes of the "DPWR_DAT (Page 3538)" instruction are also possible. This is the case if you have defined consistency areas greater than 32 bytes. Example In the following example, you update the process image partition "1" of the outputs defined in the configuration. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3408 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You create an output module (DQ) for your CPU, and configure the process image partition "1" under "Properties > Output 0 - 15 > I/O addresses". You also do not assign the process image partition to any OB. The number of the process image partition that is to be updated is stored in the input parameter PART ("part") of the instruction "UPDAT_PO". The specified process image partition is updated when the instruction "UPDAT_PO" is called. The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. Processing without errors sets the coil ("updateOk") to "TRUE". Because no access error occurs, the error address ("errAddress") of the instruction "UPDAT_PO" shows the value "16#0000". WinCC Advanced V14 System Manual, 10/2016 3409 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). SYNC_PI: Synchronize the process image inputs (S7-1500) Description The "SYNC_PI" is used to update the process image partition of inputs in isochronous mode. A user program linked to a DP cycle or PN send cycle uses this instruction to update input data acquired in a process image partition of the inputs isochronously and consistently. Call "SYNC_PI" is interruptible and is only be called in OBs 61, 62, 63 and 64. Note The call of the "SYNC_PI" instruction is only permitted in OBs 61 to 64 if you have assigned the affected process image partition to the associated OB in the HW configuration. A process image partition that you update with "SYNC_PI" must not be updated simultaneously with the "UPDAT_PI (Page 3404)" instruction. Parameter The following table shows the parameters of the "SYNC_PI" instruction: Parameter Declaration Data type Memory area Value range Description PART Input PIP I, Q, M, D, L or constant 1 to 31 Number of the process image partition of the inputs to be updated isochronously. RET_VAL Return INT I, Q, M, D, L, P - Error information FLADDR Output WORD I, Q, M, D, L, P Address of the first byte to cause an error if an access error has occurred. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code (W#16#...)* Explanation 0000 No error occurred. 0001 Consistency warning. The update of the process image partition was distributed over two DP or PN cycles. However, the data in one slave or IO device were consistently transferred. 8090 Illegal value at PART parameter or updating the specified process image partition of the inputs is not permitted in this OB. The specified process image partition was possibly not yet defined. The process image partition of the inputs was not updated. 8092 The process image partition is being updated by the system and must not be used for the PART parameter. 3410 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code (W#16#...)* Explanation 8093 The process image partition update is being processed in another OB. 80A0 During updating an access error was detected. The affected inputs were set to "0". 80A1 The update time is after the permitted access window. The process image partition of the inputs was not updated. The DP or PN cycle is too short to ensure enough time for processing the instruction. You must therefore increase the TDP (also known as T_DC), Ti and To timers. 80A2 Access error with consistency warning In the case of update of the specified process image partition an access error with simultaneous consistency warning was detected. The data of the incorrect inputs was not read by the I/O. In the process image partition of the inputs, the affected inputs are set to "0". The update of the process image partition of the not involved by an access error input data was distributed over two DP and PN cycles. 80C1 The update time is before the permitted access window. The process image partition of the inputs was not updated. General er ror informa tion See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Note If you use the "SYNC_PI" instruction for process image partitions of DP standard slaves, error codes of the "DPRD_DAT" instruction are also possible. This is the case if you have defined consistency areas greater than 32 bytes. See also DPRD_DAT: Read consistent data of a DP standard slave (Page 3536) SYNC_PO: Synchronize the process image outputs (S7-1500) Description The instruction "SYNC_PO" is used to update a process image partition of outputs in isochronous mode. An application program linked to a DP cycle or a PN send cycle can use this instruction for the consistent isochronous transfer of the computed output data of a process image partition from outputs to the I/O devices. WinCC Advanced V14 System Manual, 10/2016 3411 Programming the PLC 11.4 Instructions Call "SYNC_PO" is interruptible and should only be called in OBs 61, 62, 63 and 64. Note The call of the "SYNC_PO" instruction in OBs 61 to 64 is only permitted if you have assigned the affected process image partition to the associated OB in the HW configuration. A process image partition that you update with "SYNC_PO" must not be updated simultaneously with the "UPDAT_PO (Page 3407)" instruction. Parameter The following table shows the parameters of the "SYNC_PO" instruction: Parameter Declaration Data type Memory area Value range Description PART Input PIP I, Q, M, D, L or constant 1 to 31 Number of the process image partition of the outputs to be updated isochronously. RET_VAL Return INT I, Q, M, D, P - If an error occurs while the instruction is being executed, the return value contains an error code. FLADDR Output WORD I, Q, M, D, L, P - Address of the first byte that has caused the error. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code Explanation (W#16#...)* 0000 No error occurred. 0001 Consistency warning. The update of the process image partition was distributed over two DP or PN cycles. However, the data in one slave or IO device were consistently transferred. 8090 Illegal value at PART parameter or updating of the specified process image partition of the outputs is not permitted in this OB. The specified process image partition was possibly not yet defined. Outputs were not transferred to the I/O. The process image partition of the outputs remains unchanged. 8092 The process image partition is being updated by the system and is not used for the PART parameter. 8093 The process image partition update is being processed in another OB. 80A0 In the case of update of the specified process image partition of the outputs an access error was detected. Incorrect outputs were not transferred to the I/O. During process image partition of the outputs, these outputs remain unchanged. 80A1 Access error with consistency warning In the case of update of the specified process image partition of the outputs an access error with simultaneous consistency warning was detected. The data of the incorrect outputs were not transferred to the I/O. During process image partition of the outputs, the involved outputs remain unchanged. The update of the process image partition of the not involved by an access error input data was distributed over two DP and PN cycles. 3412 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code Explanation (W#16#...)* 80A2 The update time is after the permitted access window. Outputs were not transferred to the I/O. The process image partition of the outputs remains unchanged. 80C1 The update time is before the permitted access window. Outputs were not transferred to the I/O. The process image partition of the outputs remains unchanged. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Note If you use the "SYNC_PO" instruction for process image partitions of DP standard slaves, error codes of the "DPWR_DAT" instruction are also possible. This is the case if you have defined consistency areas greater than 32 bytes. See also DPWR_DAT: Write consistent data of a DP standard slave (Page 3538) Distributed I/O (S7-1200, S7-1500) Overview of the types of data records (S7-1200, S7-1500) Introduction The data record as property of the hardware corresponds to the summary of data that reflects certain properties of the hardware. Each hardware can have numerous data records as properties. The data records can hereby be distinguished based on their use and their scope of information. Below you can familiarize yourself with the types of data records and you will be guided through working with data records by assigning modules, systems and instructions. The following information applies to the S7-1200 and S7-1500 automation systems as well as the ET 200MP and ET 200SP distributed I/O systems. WinCC Advanced V14 System Manual, 10/2016 3413 Programming the PLC 11.4 Instructions Types of data records The following types of data records exist: Types Parameter da ta records Uses a) for input modules Parameter data records contain the properties of the input/output function of the relevant I/O module. With the data record, you, for example, read b) for technology modules or modules with the use of the tech out a wire break or change the input delay. Parameter data records can be read and written. nology function a) for output modules Control data re a) to configure a central or dis cords tributed setup b) to reconfigure an IO system I&M data re cords The control data record contains the hardware configuration of the sys tem or setup and allows reconfiguration of a module or an IO system via the user program. The control data record can be read and written. a) for central setup or distributed The I&M data records contain the identification and maintenance data of setup via PROFINET IO a module (I&M = Identification & Maintenance). The data differs as fol b) for central setup or distributed lows: setup via PROFIBUS DP Identification data: - depends on vendor data - read-only - You can, for example, read out the serial number. Maintenance data Diagnostics da ta records and configuration data records - depends on the system and the use of the device - can be read and written. - can be used to change the installation location of the module, for example. a) for distributed setup via PRO Diagnostics data records and configuration data records each have the FINET IO same structure and vary only in content and size. b) for distributed setup via PRO The data records can be distinguished as follows: FIBUS DP Diagnostics data records: - The diagnostics data records contain the diagnostics and monitoring data of a module. - Channel diagnostics data records are generated if a channel is in an error state and / or has triggered an interrupt. A diagnostics data record of length 0 is returned if there is no fault/error. - The structure and size of vendor-specific diagnostics data records depend on the vendor. - Diagnostics data records are read-only. Configuration data records: - The configuration data records contain the data of the actual configuration or preset configuration of a module. - Configuration data records are readable (actual configuration, preset configuration) and writable (preset configuration). Note The recipe data records used in WinCC are not properties of the module and have nothing to do with the data records being discussed here. 3414 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Use of a data record in the proect Before you use a data record in you project, please read the relevant manual for the data record structure and any requirements. The "Additional information" section references the respective manual. Parameter data records Note Reading out channels The data records 0..X and 64..64+X contain channel-specific parameters. Accordingly for example the data record 0 contains the information of channel 0. The data record 128 contains the information of all channels of the relevant module from the hardware configuration. The RD_DPAR instruction can only be executed on an S7-1500 CPU or an ET 200 distributed I/O. Type: Parameter data records (a) Relates to the module: Input module Location: Central setup (S7-1500) or ET 200MP S7-1200 or ET 200SP (*) Instructions: RDREC, WRREC RD_DPAR RDREC, WRREC RD_DPAR (not for S7-1200) Data record (DR): DR 0.X (DR = channel; X = the last channel of the input module) DR 128 DR 128 DR 128 HW ID: Use HW ID of the input module Example: For example, S7-1500 DI16x24VDC HF --> chan nels 0..15; (e.g., use DR 13). *For ET 200SP Na mur: DR 0.X (DR = channel; X = the last channel of the input module) or DR 128 For example, S7-1500 DI16x24VDC HF --> DR 128. 1st example: Use input module of an S7-1212C CPU --> HW ID of CPU, DR 128 and RDREC / WRREC. See also "Use the program See also "Program ex example of the parameter da ample of RD_DPAR ta record with WRREC & (Page 3619)". RDREC (Page 3439)". 2nd example: Use ET 200SP DI8x24VDC HF -> HW ID of DI module, DR 128 and RDREC / WRREC or RD_DPAR. See also "Program example of RD_DPAR (Page 3619)". Type: Parameter data records (b) Relates to the module: Technology modules or module with the use of the technology function Location: Central setup (S7-1500 or S7-1200) or distributed setup (ET 200MP or ET 200SP) Instructions: RDREC, WRREC WinCC Advanced V14 System Manual, 10/2016 RD_DPAR (not for S7-1200) 3415 Programming the PLC 11.4 Instructions Type: Parameter data records (b) Data record (DR): DR 128 Alternatively, for DI mod ules of S7-1500: DR 128 DR 0.X (DR = channel; X = the last channel of the input module) HW ID: Use HW ID of the affected module / I/O module. Example: 1) Example: CPU S7-1511 PN; high speed counter of the S7-1500 DI16x24VDC HF --> for example, DR 1; use HW ID of the DI module (HSC). Use WRREC/RDREC. 2) Example: TM Count 2x24V --> DR 128; use HW ID of the TM. Use WRREC / RDREC or RD_DPAR. 3) Example: High speed counter of an S7-1200 CPU --> DR 128; use HW ID of CPU and WRREC / RDREC. Type: Parameter data records (c) Relates to the module: Output module Location: Central setup (S7-1500) or ET 200MP S7-1200 or ET 200SP (*) Instructions: RDREC, WRREC RDREC, WRREC RD_DPAR (not for S7-1200) Data record (DR): DR 64.64 + X (DR 64 = chan DR 128 nel 0; X = the last channel of the output module) DR 128 DR 128 HW ID: Use HW ID of the output module. Example: For example, DQ16x24VDC/ 0.5A ST --> channels 0..15; (e.g. for channel 13 use the DR 77). RD_DPAR For example, DQ16x24VDC/0.5A ST --> DR 128. *For ET 200SP Na mur: DS 64..64 + X (DR 64 = channel 0; X = the last channel of the output mod ule) or DR 128 For example, ET 200SP DQ8x24VDC/0.5A ST -> DR 128. Note Further data records There may be more data records. E.g. for the input modules: With the ET 200SP AI RTD there is the DR 237 for deactivating the wire break check. With the ET 200SP AI Energy Meter ST there is the DR 142 for reading the measured data. Note Interface module with PROFIBUS DP If you use an interface module with PROFIBUS DP, you cannot read out parameter data records "0" and "1" from the downstream input/output module. Instead read out the content of the diagnostics data records "0" and "1". For example with output modules the "parameter data record 0" is the "DR 64" and the "parameter data record 1"is the "DR 65". 3416 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Additional information You can find additional information on the parameter data record in the manual for the relevant I/O module (e.g. S7-1500 DI16x24VDC HF (https://support.industry.siemens.com/cs/ww/en/ view/59193001)). Control data records Type: Control data records Relates to the module: All modules of the setup that are to be used IO system and required IO devices Location: Central setup (S7-1200, S7-1500) Distributed setup (e.g. ET 200MP, ET 200SP) PROFINET IO Instructions: WRREC, RDREC WRREC, RDREC RDREC ReconfigIOSystem Data record (DR): DR 196 DR 196 DR 197 (feed DR "CTRLREC" (parameter of Re back data re configIOSystem) cord) HW ID: Use HW ID 33. Use HW ID of the head [Head] of the IM of the distributed I/O. Use HW ID of the PROFINET inter face (IO controller). Specify the corresponding HW IDs via CTRLREC according to the con nections and IO devices that are to be set up. Example: For example, for CPU S7-1511-1 PN with DI16x24VDC HF. See also "Use the program ex ample of the control data record with WRREC & RDREC (Page 3447)". For example, DI16x24VDC HF, ET 200MP IM 155-5 PN ST --> use the ID of "<IO-de vice_V2.0[Head]>". For example, connect and activate an S7-1500 CPU (IO controller) with an ET 200MP (IO device) and an ET 200SP (as optional IO device). The real setup contains an ad ditional DI16x24VDC HF, which is not to be considered during the configuration. See also "Program example for Re configIOSystem (Page 3518)". Additional information For more information on the control data record 196, refer to the system manual of the relevant automation system (e.g. "S7-1500 automation system (https://support.industry.siemens.com/ cs/ww/en/view/59191792)"). For more information on the control data record 197, refer to the system manual of the relevant interface module (e.g. "ET 200MP IM 155-5 PN ST (https://support.industry.siemens.com/cs/ ww/en/view/59193106)"). You can find more information on the control data record "CTRLREC" with the instruction "ReconfigIOSystem: Reconfigure IO system (Page 3513)". WinCC Advanced V14 System Manual, 10/2016 3417 Programming the PLC 11.4 Instructions I&M data records Note the following use of the I&M data records: The data record "I&M0" ("16#AFF0") is used to transfer general information about the module or device. The data record "I&M1" ("16#AFF1") is used to transfer the function and installation location of the module or device. The data record "I&M2" ("16#AFF2") is used to transfer the installation date of the module or device. The data record "I&M3" ("16#AFF3") is used to transfer individual additional information about the module or device. Note The data record "I&M0" ("16#AFF0") is supported by every module. All other I&M data records are optional. Type: I&M data records Relates to the module: Device / module Location: Central setup or distributed setup via PROFINET IO or PROFIBUS DP Instructions: RDREC, WRREC Data record (DR): DR 16#AFF0 HW ID: Use HW ID of the module. Example: 1) Example: For CPU S7-1511-1 PN --> DR 16#AFF0; use the HW ID of the CPU. DR 16#AFF1 DR 16#AFF2 DR 16#AFF3 See also "Program example of I&M data record with read RDREC (Page 3422)". Alternatively, for distributed setup via PROFIBUS DP: DR 255 2) Example: For ET 200SP with IM 155-6 DP ST --> DR 255; use the HW ID of the IM. Additional information You can find additional information on the relevant I&M data record: in the system manual of the relevant automation system (e.g. "S7-1500 automation system (https://support.industry.siemens.com/cs/ww/en/view/59191792)"). In the programming manual "SIMATIC NET PROFINET IO-Base user programming interface (https://support.industry.siemens.com/cs/ww/en/view/26435491)". Diagnostics data records and configuration data records Type: Diagnostics data records and configuration data records Relates to the module: Device/module or submodule in the IO system Location: Distributed setup (PROFINET IO, PROFIBUS DP) 3418 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Type: Diagnostics data records and configuration data records Instructions: RDREC, WRREC RDREC Data record (DR): Configuration (actual/preset): Channel diagnostics: Use DR for the relevant module. See also the addressing level and DR for "PROFINET IO (https:// support.industry.siemens.com/cs/ww/en/view/19289930)". Manufacturer-specific diagnos tics via interface module: For PROFI NET IO: For PROFIBUS DP: See Interface module DR 0, 1 HW ID: Use hardware ID of the relevant module (HW ID with "Hw_SubModule" data type). Use hardware ID of the relevant module (HW ID with "Hw_Sub Module" data type). Example: For example, IO controller S7-1513-1 PN; use HW ID of the module on the slot level for the IO device (ET 200MP IM 155-5 PN HF). Read out the preset configu ration with DR 16#C001. For example, PROFIBUS DP: ET 200MP with IM 155-5 DP ST; Read DI module --> HW ID ("Hw_SubModule" data type) of the DI module and use DR 1 for diagnostics. For example, IO device (ET 200MP IM 155-5 PN HF) with DQ module causes a wire break. Use the hardware ID of the header module of the IO device. IO con troller is S7-1513-1 PN. Use DR 16#E00A for channel diagnos tics. See also "Read program exam ple for diagnostic data record with RDREC (Page 3425)". Additional information The addressing level, the setup and the important data records for diagnostics and configuration of PROFINET IO are available at: in the programming manual "From PROFIBUS DP to PROFINET IO (https:// support.industry.siemens.com/cs/ww/en/view/19289930)". You can find additional and general information on channel diagnostics data records: in the online help of STEP 7 in "Diagnostics of PROFINET devices". in the system manual for PROFINET (e.g. "PROFINET with STEP 7 as of V13 (https:// support.industry.siemens.com/cs/ww/en/view/49948856)"). You can find more information on manufacturer-specific diagnostics data records: in the manual for the relevant interface module (for example, ET 200MP IM 155-5 DP ST (https://support.industry.siemens.com/cs/ww/en/view/78324181)). See also Sample Library for Instructions (Page 2434) RDREC: Read data record (Page 3420) WRREC: Write data record (Page 3437) WinCC Advanced V14 System Manual, 10/2016 3419 Programming the PLC 11.4 Instructions RDREC: Read data record (S7-1200, S7-1500) RDREC: Read data record (S7-1200, S7-1500) Description You use the instruction "RDREC" to read the data record with the number INDEX from the module addressed using the ID. This may be a module in a central rack or a distributed module (PROFIBUS DP or PROFINET IO). Use the parameter ID to select from which module (DP/PROFINET IO) a data record is to be read. Use only the hardware identifier (HW ID) of the module for the ID parameter. You can find the hardware identifier of the module in "PLC tags > System constants". For example, for an S7-1500 DI module: This is shown as <Name of DI module> with the data type "Hw_SubModule". Use the INDEX parameter to select which data record is read from the module. Which data records can be read with which data record number depends on the module. You can find additional information on this in the manual for the relevant module. The data records readable via "RDREC" have a different length. Use MLEN to specify the maximum number of data record bytes you want to read. If length "0" is selected at the parameter MLEN, the complete data record is written at the parameter RECORD. Select the destination area RECORD at least MLEN bytes long. If you read out the full data record with MLEN=0, use the maximum length of the data record for RECORD. The structure (configuration, data types and length) that you use at the parameter RECORD, also depends on which data record is read out by which module. The value TRUE for the output parameter VALID indicates that the data record was successfully transferred to the destination area RECORD. In this case, the LEN output parameter contains the length of the read data in bytes. If an error has occurred during transfer of the data record, this is indicated by the output parameter ERROR. In this case, the output parameter STATUS contains the error information. Note The interface of the "RDREC" instruction is identical to that in the "RDREC" FB defined in the standard "PROFIBUS and PROFINET Guideline Communication Function Blocks on PROFIBUS DP and PROFINET IO". Functional description "RDREC" is an instruction that works asynchronously, which means its execution extends over multiple calls. You start the data record transfer by calling "RDREC" with REQ= 1. The job status is displayed via the output parameter BUSY and the two central bytes of output parameter STATUS. The two central bytes of STATUS correspond to the RET_VAL output parameter of the instructions that operate asynchronously. See also: Difference between synchronous and asynchronous instructions (Page 2436) 3420 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The transfer of the data record is complete when the output parameter BUSY has the value FALSE . Parameter The following table shows the parameters of the "RDREC" instruction: Parameter Declaration Data type* Memory area Description REQ Input BOOL I, Q, M, D, L, T**, C** or constant REQ = 1: Transfer data record ID Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the hardware module (DP/PROFINET IO) The number is assigned automatically and is stored in the properties of the module or of the interface in the hardware configuration. INDEX Input DINT I, Q, M, D, L or con stant Data record number MLEN Input UINT I, Q, M, D, L or con stant Maximum length in bytes of the data record information to be read VALID Output BOOL I, Q, M, D, L New data record was received and is valid. BUSY Output BOOL I, Q, M, D, L BUSY = 1: The reading process is not yet com plete. ERROR Output BOOL I, Q, M, D, L ERROR = 1: An error occurred during the read ing process. STATUS Output DWORD I, Q, M, D, L Block status or error information LEN Output UINT I, Q, M, D, L Length of the read data record information RECORD InOut VARIANT I, Q, M, D, L Destination area for the data record read. * There is no implicit conversion in STL, which is why the range of valid data types may be limited. During programming in STL, note the permissible data types in each case in the tooltip of the parameter ** For S7-1500 only. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note If you use "RDREC" to read a data record for PROFINET IO, then negative values in the INDEX, MLEN, and LEN parameters will be interpreted as an unsigned 16-bit integer. Parameter STATUS For interpretation of the STATUS parameter, see Parameter STATUS (Page 3475). Example You can find an example here: Program example of I&M data record with read RDREC (Page 3422). WinCC Advanced V14 System Manual, 10/2016 3421 Programming the PLC 11.4 Instructions You can find another example here: Read program example for diagnostic data record with RDREC (Page 3425). You can find additional information and the program code for the examples here: Sample Library for Instructions (Page 2434). See also Overview of the types of data records (Page 3413) Program example of I&M data record with read RDREC (S7-1200, S7-1500) Introduction In the following example, you read out the I&M0 data record of a CPU S7-1500. Requirement Create nine tags and a structure in a global data block for storing the data. You read the hardware identifier of the CPU in "PLC tags > System constants. The CPU should be displayed there as <Local> with the data type "Hw_SubModule". You store the hardware identifier via the input parameter ID ("id"). Create the following local tags in an FB. 3422 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnect parameters Network 1: Interconnect the parameters of the "RDREC" instruction as follows. Network 2: To save the status if an error occurs, interconnect the "status" variable as follows Result When the input parameter REQ ("start") supplies the signal state "TRUE", the "RDREC" instruction is started. Via the input parameter ID ("id") the instruction "RDREC" calls the module. With the input parameter INDEX ("dataRecNbr") the I&M0 data record of the CPU is called. Over several calls the "RDREC" instruction reads out the I&M0 data record and saves the data record using the parameter RECORD ("recordIM0"). WinCC Advanced V14 System Manual, 10/2016 3423 Programming the PLC 11.4 Instructions Among other things the I&M0 data record contains the following information. The vendor name ("VendorID_HL") The article ("OrderID") & device number ("IM_SerialNbr") Hardware ("IM_HWrev") & software information ("IMSWrev") IM version ("IM_Version") and the bandwidth supported I&Mdata records ("IM_Supported") The length of the read data record is stored using the output parameter LEN ("len"). According to the value of the input parameter MLEN ("maxLen"), has the value "0" the data record information that is to be read is unlimited. During processing the output parameter BUSY ("busy") is set to "TRUE" and VALID ("checkedValid") to "FALSE". A successful reading result ("checkedValid" to "TRUE") is not output until processing is complete. The block status is displayed at the output parameter STATUS ("status"). Processing takes place without errors. 3424 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Read program example for diagnostic data record with RDREC (S7-1200, S7-1500) Introduction In the following example, you use RDREC to read the diagnostic data record "16#E00A" of an IO device. When a wire break is triggered, the error information is output as a diagnostic data record. Note Number of diagnostic data records Each slot of a module triggering an error generates its own data record for the IO device. Diagnostics can thus contain multiple records. The example is intended to read multiple hardware errors (channel errors) of multiple modules and copy them to the appropriate structure of a memory array. The memory arrays ("recordA", "recordB") can hold a maximum of six data records with a maximum of 16 channels each based on a specified setting. 5HDGGDWD 6HOHFWLRQRIWKHVWUXFWXUHIRUHDFK GDWDUHFRUGZLWK[GDWDUHFRUGV UHFRUG$>[@ 6HOHFWLRQRIWKH VWUXFWXUHIRU\ FKDQQHOGLDJQRVWLFV 86,BY>\@ 86,BY>\@ UHFRUG%<7( 9HUVLRQ 86,BY>\@ UHFRUG%>[@ 86,BY>\@ 86,BY>\@ 9HUVLRQ 86,BY>\@ Requirements Hardware installed The following hardware is required: An IO controller (e.g. S7-1513-1 PN) An IO device (e.g. ET 200MP IM 155-5 PN HF) One or more digital output modules of the HF type (for example, DQ 4x24VDC HF) WinCC Advanced V14 System Manual, 10/2016 3425 Programming the PLC 11.4 Instructions Note Trigger wire break Make sure that the channels of the DQ module that are to trigger the wire break are not wired. Note Procedure for configuration of the hardware Configure the hardware as follows: 1. Connect the CPU and IO device over PROFINET and assign the CPU to the IO device as an IO controller. 2. Open the path "Properties > Output 0-x > Outputs > Channel 0-y" for the respective DQ module. 3. Select each channel to be configured and select the "Wire break" option in the ""Diagnostics" area. PLC data types created You need the following PLC data types for the transfer and storage of data records: For the body content of the "A"/"0100" structure: For the body content of the "B"/"0101" structure: 3426 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For the structure of type 1 in accordance with the value from "UserStructureIdentifier": Type 1 of the structure is used for basic channel diagnostics. For the structure of type 2 in accordance with the value from "UserStructureIdentifier": Type 2 of the structure is used for extended channel diagnostics. For the structure of type 3 in accordance with the value from "UserStructureIdentifier": Type 3 of the structure is used for manufacturer-specific channel diagnostics. The configuration of the structure is not defined in this example. For this example, a length of 28 bytes is assumed for type 3. For the summary of the "A"/"0100" structure: For the summary of the "B"/"0101" structure: WinCC Advanced V14 System Manual, 10/2016 3427 Programming the PLC 11.4 Instructions Note Size of the arrays If you want to change the array sizes (for read memory, data record or channels), you need to do the following: For channels: Adapt the size of the arrays ("Array[0..y] of USI_v..") in the PLC data types ("RECdiag_0100", "RECdiag_0101"). Adapt the "maxChannelPos" value in the gDB. For data records: Adapt the size of the arrays ("recordA", "recordB") in the gDB. Adapt the "maxRecordPos" value in the gDB. For the read memory ("recordBYTE"): Adapt the size of the array ("recordBYTE") and the value of "maxPosition" in the gDB. Note that the diagnostics data record "16#E00A" can have a maximum total of 4176 bytes. Watch table created To trigger a wire break, use the "Force" function of a watch table. If you force the value "16#FFFF" for the "%QW0" output, for example, all channels with configured wire break using the output trigger a hardware error. 3428 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Storage of data Create the following tags and structures for storing data in a global data block (gDB): You read the hardware identifier of the head of the IO device and store the hardware identifier using the "id" tag. You can find the hardware identifier for the header module with "PLC tags > System constants" and with an entry such as <Head~IO_Device>. The data type used is "HW_SubModule". FC "SLI_FC_start_RDiag": Interconnect parameters To start the "RDREC" instruction, based on a hardware fault, create the FC "SLI_FC_start_RDiag". Create the following interconnection in the FC. You call the FC "SLI_FC_start_RDiag" in a diagnostic interrupt OB (OB82). WinCC Advanced V14 System Manual, 10/2016 3429 Programming the PLC 11.4 Instructions FC "SLI_FC_reset_RDiag": Interconnect parameters To reset process values after an error, create the FC "SLI_FC_reset_RDiag". Create the following local tag in the FC. Create the following interconnections in the FC. Network 1: To reset the process values, create the following interconnections. Part 1: Part 2: Part 3: Part 4: Network 2: To reset the "reset" tag, create the following interconnections. 3430 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions FB "SLI_FB_chooseStruct_RDiag": Interconnect parameters You create the FB "SLI_FB_chooseStruct_RDiag" to select the appropriate structure for the data record and to copy the data to the appropriate location in the array. You can find additional information in the "Result" section ("Network 6") or in the comment field of the networks (see "Program code"). FB "SLI_FB_RDREC_Diag": Interconnect parameters You create the FB "SLI_FC_start_RDiag" to call and process the "RDREC" instruction and all other subsequent processes. Create the following local tags in the FB. Create the following interconnections in the FB: Network 1: Call the FC "SLI_FC_reset_RDiag" and create the "Label" instruction with the name "RDREC". Network 2: Interconnect the parameters of the "RDREC" instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3431 Programming the PLC 11.4 Instructions Network 3: To save the status if a RDREC error occurs, interconnect the parameter as follows Network 4: To end the processing of RDREC, create the following interconnections. Network 5: To jump back to network 1, create the following interconnections. Network 6: Call the FB "SLI_FB_chooseStruct_RDiag" as follows. You call the FB "SLI_FB_RDREC_Diag" in a cyclic OB (OB1). 3432 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Event FB "SLI_FB_RDREC_Diag" Network 1: If the NO contact ("reset") has the "TRUE" signal state, the process values of the FB "SLI_FB_chooseStruct_RDiag" and the process values of the global data block are reset. Network 2: When the input parameter REQ ("startRead") supplies the signal state "TRUE", the "RDREC" instruction is started. Note Calling "startRead" In accordance with the call by OB82, "startRead" is set to "TRUE" every time a hardware error is detected. The successful calls of RDREC can be counted using the "countCalls" tag. After three triggered channel errors, the "countCalls" value is "3". The "RDREC" instruction calls the header module of the IO device using the input parameter ID ("id"). The input parameter INDEX ("dataRecNbr") is used to call the "16#E00A" diagnostics data record of the IO device. The "RDREC" instruction reads the diagnostic data over several calls and saves the data read (x data records) with the RECORD parameter ("recordBYTE"). The length of the read data is recorded in the LEN output parameter ("#lengthOut") and saved for further use with the "readLength" tag. In accordance with the value of the input parameter MLEN ("maxLength" has the value "0"), the length of the data to be read is not restricted. During processing the output parameter BUSY ("busy") is set to "TRUE" and VALID ("checkedValid") to "FALSE". A successful reading result ("checkedValid" set to "TRUE") is not output until processing is complete; it is used by the FB "SLI_FB_chooseStruct_RDiag" as a start condition. To end processing of the FB "SLI_FB_chooseStruct_RDiag", the "checkedValid" tag is set to "FALSE". The block status is displayed at the output parameter STATUS ("#statusExe"). In the example, processing takes place without errors. WinCC Advanced V14 System Manual, 10/2016 3433 Programming the PLC 11.4 Instructions Network 3: When the NO contact ("error") supplies the signal state "TRUE", the status ("#statusExe") is saved if an error occurs ("memErrStatus"). The "checkedValid" and "startRead" tags are also reset. The processing of RDREC stops. The processing of the FB "SLI_FB_chooseStruct_RDiag" cannot be started. Network 4: When RDREC has been fully processed ("#statusExe" has the value "16#0070_0200"), "startRead" is set to "FALSE". The processing of RDREC stops. Network 5: If the NO contact ("startRead") has the signal state "TRUE", processing jumps to network 1 (with the "JMP" instruction) in accordance with the "RDREC" label. Network 6: If the "checkedValid" tag has the signal state "TRUE" and the "reset" tag has the signal state "FALSE", the sorting process is started in the FB "SLI_FB_chooseStruct_RDiag". In the FB "SLI_FB_chooseStruct_RDiag", the structure type of the respective data record and the structure type corresponding to the UserStructureIdentifier are selected. The data of the data record is copied to the correct location in the appropriate array. In addition, processing may be repeated several times according to the size of the respective data record. The information of one or more channels is read in this case. If the "length of the data record + preceding lengths " ("#allRecLEN") is less than the length of all read data ("readLength") at the end of processing the data record content, processing of the FB starts again from the top. Another data record is read, its contents compared and its data is copied to the correct location of the appropriate array. The sorting process is completed by setting the local tags ("#readComplete", "#dbComplete", "#limitReach") and the global tag "checkedValid" to "FALSE". 3434 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The sorting process is documented based in the following tags: "data_sorting_done": This tag indicates that processing of the FB "SLI_FB_chooseStruct_RDiag" is complete and has ended. The "checkedValid" tag is reset, which means processing of the FB cannot be started again. "outputOverflow": This structure contains three tags, each of which records a different violation of array limits. For example, more data records might have been read than the corresponding array ("recordA" or "recordB") is capable of storing. "different_structs_used": If both "recordA" and "recordB" are used to store the diagnostic data records, the "different_structs_used" tag returns the value "TRUE". "countRecs": This tag counts the copied data records. "chooseStruct": This tag indicates the structure used last. The value "4" indicates that a data record was last stored in the "recordB" structure with the "USI Type 1" form. "posForRec": This tag stores the most recently used location in the array of the data records ("recordA" or "recordB"). The value "1" indicates that a data record was last stored in "recordB[1]" (see "chooseStruct"). "posForChannel": This tag stores the most recently used location in the array of the channels ("USI_DetailsType[x]"). The value "0" indicates that a channel was stored in "recordB[1]/USI_DetailsType[0]" (see "chooseStruct" and "posForRec"). Below you can see the data record with the structure "B"/"0101" at position "0" ("recordB[0]") with two read channels. WinCC Advanced V14 System Manual, 10/2016 3435 Programming the PLC 11.4 Instructions The value "16#8000" from "ChannelLocation" shows diagnostics on the sub-module level. According to the value "16#0006" of "ChannelErrorType", there is a wire break at the channels 0 and 1 (see "ChannelNumber") of submodule 1 (see "SubSlotNumber"), of the module in slot 2 (see "SlotNumber"). Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3436 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions WRREC: Write data record (S7-1200, S7-1500) WRREC: Write data record (S7-1200, S7-1500) Description The instruction "WRREC" is used to transfer the RECORD data record to the component addressed using ID. This may be a module in a central rack or a distributed component (PROFIBUS DP or PROFINET IO). Use the ID parameter to select the module for which a data record is to be written. Use only the hardware identifier (HW ID) of the module for the ID parameter. You can find the hardware identifier of the module in "PLC tags > System constants". For example, for an S7-1500 DI module: This is shown as <Name of DI module> with the data type "Hw_SubModule". Use the INDEX parameter to select which data record is written. The module determines which data records can be written with which data record number. You can find additional information on this in the manual for the relevant module. Use LEN to specify the length of the data record to be transmitted in bytes. Select the source area RECORD at least LEN bytes long. The value TRUE at output parameter DONE indicates that the data record has been successfully transferred. If an error has occurred during transfer of the data record, this is indicated by the output parameter ERROR. In this case, the output parameter STATUS contains the error information. Note The interface of the "WRREC" instruction is identical to that in the "WRREC" FB defined in the standard "PROFIBUS and PROFINET Guideline Communication Function Blocks on PROFIBUS DP and PROFINET IO". Functional description "WRREC" is an asynchronous instruction. Processing takes place across several calls. You start the data record transfer by calling "WRREC" with REQ = 1. The job status is displayed via the output parameter BUSY and the two central bytes of output parameter STATUS. The two central bytes of STATUS correspond to the RET_VAL output parameter of the instructions that operate asynchronously. See also: Difference between synchronous and asynchronous instructions (Page 2436) Note that you must assign the same value to the actual parameter of RECORD for all "WRREC" calls that belong to one and the same job. The same applies to the actual parameters of LEN. The transfer of the data record is complete when the output parameter BUSY has the value FALSE. WinCC Advanced V14 System Manual, 10/2016 3437 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "WRREC" instruction: Parameter Declaration Data type** Memory area Description REQ Input BOOL I, Q, M, D, L, T*, C* or constant REQ = 1: Transfer data record ID Input HW_IO I, Q, M, D, L or con stant ID number of the hardware component (DP/ PROFINET IO) The number is assigned automatically and is stored in the properties of the component or of the interface in the hardware configuration. INDEX Input DINT I, Q, M, D, L or con stant Data record number LEN Input UINT I, Q, M, D, L or con stant (hidden) Maximum length of the data record to be trans ferred in bytes DONE Output BOOL I, Q, M, D, L Data record was transferred BUSY Output BOOL I, Q, M, D, L BUSY = 1: The writing process is not yet com plete. ERROR Output BOOL I, Q, M, D, L ERROR = 1: An error occurred during the writ ing process. STATUS Output DWORD I, Q, M, D, L Block status or error information For interpretation of the STATUS parameter, see Parameter STATUS (Page 3475). RECORD InOut VARIANT I, Q, M, D, L Data record * For S7-1500 only. ** There is no implicit conversion in STL, which is why the range of valid data types may be limited. During programming in STL, please note the valid data types. These are displayed in the parameter tooltip. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note If you use "WRREC" to write a data record for PROFINET IO, negative values in the INDEX and LEN parameters will be interpreted as an unsigned 16-bit integer. Parameter STATUS For interpretation of the STATUS parameter, see Parameter STATUS (Page 3475). Examples You can find an example here: Use the program example of the parameter data record with WRREC & RDREC (Page 3439). You can find another example here: Use the program example of the control data record with WRREC & RDREC (Page 3447). 3438 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the examples here: Sample Library for Instructions (Page 2434). See also Overview of the types of data records (Page 3413) Use the program example of the parameter data record with WRREC & RDREC (S7-1200, S7-1500) Introduction In the following example you read the parameter data record of a digital input module via RDREC and rewrite the data record via WRREC. When doing this you change the input delay. Requirement Create the following tags for storing the data in a global data block: two tags for general use and seven tags for WRREC: a structure for the data record at WRREC: WinCC Advanced V14 System Manual, 10/2016 3439 Programming the PLC 11.4 Instructions eight tags for RDREC: a structure for the data record at RDREC: Create the following local tags in an FB. Create the tags "#clearDiag_BYTE" or "#clearDiag_BOOLS" and "#inDPE_BYTE" or "#inDPE_BOOLS" as AT constructs. Interconnect parameters Interconnect the parameters of the instructions as follows. Network 1: Interconnect the parameters of the "RDREC" instruction as follows. 3440 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Below interconnect all tags of the structure "#readBYTE" with the structure "readParaRecord". Part 1 of the network: Part 2 of the network: Network 3: Then interconnect the tags for the error situation of RDREC. WinCC Advanced V14 System Manual, 10/2016 3441 Programming the PLC 11.4 Instructions Network 4: Then interconnect the tags for ending RDREC. Network 5: Below interconnect all tags of the structure "writeParaRecord" with the structure "#writeBYTE". Part 1 of the network: Part 2 of the network: Network 6: Below interconnect the parameters of the "WRREC" instruction as follows. 3442 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 7: Then interconnect the tags for the error situation of WRREC. Network 8: Then interconnect the tags for ending WRREC and calling RDREC again. WinCC Advanced V14 System Manual, 10/2016 3443 Programming the PLC 11.4 Instructions Result of network 1: You create an input module and read the hardware ID in the properties of the input module. You store the hardware identifier via the input parameter ID ("id"). Using the input parameter INDEX ("dataRecNbr") the data record with the number "3" of the module is called. The data record corresponds to the channel with the same name. When the input parameter REQ ("startRead") supplies the signal state "TRUE", the "RDREC" instruction is started. Via the input parameter ID ("id") the instruction "RDREC" calls the input module. Over several calls the "RDREC" instruction reads out the data record and saves the data record using the parameter RECORD ("#readBYTE"). The length of the read data record is stored using the output parameter LEN ("#readLength"). According to the value of the input parameter MLEN ("maxReadLength"), the data record information that is to be read is limited to 4 bytes. During processing the output parameter BUSY ("readBusy") is set to "TRUE" and VALID ("#readCheck") to "FALSE". A successful reading result is output as follows when processing is complete. The output parameter VALID ("#readCheck") is set to "TRUE" and sets the tag "readCheckedValid" permanently to "TRUE". In addition to this the value of the local tag "#readLength" is stored permanently in the tag "readLength". The block status is displayed at the output parameter STATUS ("readStatus"). Processing takes place without errors. 3444 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of network 2: Using MOVE instructions, the structure "#readBYTE" transfers the values of the tags to the tags of the structure "readParaRecord" with the same names. To improve understanding, the tags of the "readParaRecord" structure are represented by clear names. The structure is described in the device manual of the module. For example "InputDelay_ProcessEvent" indicates an input delay of 3.2 ms. For the status of the channel ("ClearanceDiagnosis") no disruption is output (bits 0 to 8 are "FALSE". Result of network 3: When "readError" supplies the signal status "TRUE", the value of the tag "readStatus" is stored in the tag "reMemErrStat". WinCC Advanced V14 System Manual, 10/2016 3445 Programming the PLC 11.4 Instructions Result of network 4: When the instruction "RDREC" has been executed, "readStatus" supplies the value "16#0070_0200". After this a resetter sets the tag "startRead" to "FALSE" Result of network 5: Using MOVE instructions, the structure "writeParaRecord" transfers the values of the tags to the tags of the structure "#writeBYTE" with the same names. To improve understanding, the tags of the "writeParaRecord" structure are represented by clear names. Result of network 6: When the input parameter REQ ("startWrite") supplies the signal state "TRUE", the "WRREC" instruction is started. The new data for the data record is stored at the RECORD ("#writeBYTE") parameter. Over several calls, the instruction "WRREC" writes the new data to the data record "3". According to the value of the input parameter LEN ("maxWriteLength"), the data record information that is to be written is limited to 4 bytes. During processing the output parameter BUSY ("writeBusy") is set to "TRUE" and DONE ("#writeCheck") to "FALSE". A successful writing result is output as follows when processing is complete. The output parameter DONE ("#writeCheck") is set to "TRUE". When "#writeCheck" supplies the signal state "TRUE" the tag "writeCheckedValid" is set permanently to "TRUE". The block status is displayed at the output parameter STATUS ("writeStatus"). Processing takes place without errors. Result of network 7: When "writeError" supplies the signal status "TRUE", the value of the tag "writeStatus" is stored in the tag "wrMemErrStat". 3446 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of network 8: When the instruction "WRREC" has been executed, "writeStatus" supplies the value "16#0070_0200". After this the resetter sets the tag "startWrite" to "FALSE" The tag "startRead" is set to "TRUE" after which the instruction "RDREC" is executed again. The structure "readParaRecord" shows the newly written values of the data record. Since in "InputDelay_ProcessEvent" the bit 0 supplies the signal state "TRUE", the channel 3 now has an input delay off 0.1 ms. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Use the program example of the control data record with WRREC & RDREC (S7-1200, S7-1500) Introduction In the following example, you write the control data record 196 using WRREC and check this by reading the data record out with RDREC. For the configuration select the central setup of an S7-1500 Requirement Note Enabling configuration control To be able to write the control data record, the configuration control (option handling) of the CPU must be enabled. You will find these in "CPU properties > Configuration control". WinCC Advanced V14 System Manual, 10/2016 3447 Programming the PLC 11.4 Instructions Create the following tags for storing the data in a global data block: three tags for general use and six for WRREC: a structure for the data at WRREC: six tags for RDREC: a structure for the data at RDREC: The instruction "WRREC" for writing the control data recording must be called in a startup OB. In the startup OB create the following local tags for passing on the data. Create the following local tags in an FB. Call the FB in a program cycle OB (OB1). 3448 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnecting parameters in the startup OB Network 1: Below interconnect the parameters of the "WRREC" instruction as follows. Network 2: Then interconnect the parameters for the error situation of WRREC. Network 3: Then interconnect the parameters for ending WRREC. WinCC Advanced V14 System Manual, 10/2016 3449 Programming the PLC 11.4 Instructions Network 4: This is followed by interconnecting the parameters for requesting the repeated call of WRREC. Interconnect parameters in the FB Network 1: Interconnect the parameters of the "RDREC" instruction as follows. 3450 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Then interconnect the parameters for the error situation of RDREC. Network 3: Then interconnect the parameters for ending RDREC. General parameters You store the hardware identifier of the configuration of the CPU ("33") via the input parameter ID ("id"). You store the control data record ("196") using the input parameter INDEX ("dataRecNbr"). According to the value of the tag maxLength" (with the value "0") the amount of data record information to be taken into account is unlimited. Note While the program is loading the CPU is in "STOP" mode. In "Startup" mode the CPU works through the program sections located in the startup OB. Startup OB: Result of network 1 Since the input parameter REQ supplies the signal state "TRUE", the "WRREC" instruction is started. The normally closed contact ("configDone") has the signal state "FALSE". The data for the control data record is stored at the RECORD ("recConfigCtrl_WR") parameter. To improve understanding, the tags of the "recConfigCtrl_WR" structure are represented by clear names and have the same structure as described in the system manual.. WinCC Advanced V14 System Manual, 10/2016 3451 Programming the PLC 11.4 Instructions Over several calls, the instruction "WRREC" writes the new data to the control data record. During processing of WRREC the output parameter BUSY ("busyWR") is set to "TRUE" and DONE ("#checkWR") to "FALSE". A successful writing result is output as follows when processing is complete. The output parameter DONE ("#checkWR") is set to "TRUE" and sets the tag "checkedValid_WR" permanently to "TRUE". The block status is displayed at the output parameter STATUS ("statusWR"). Processing takes place without errors. Startup OB: Result of network 2 If an error occurs when processing WRREC: When "errorWR" supplies the signal status "TRUE", the value of the tag "statusWR" is stored in the tag "memErrStatusWR". Startup OB: Result of network 3 When the instruction "WRREC" has been executed, "statusWR" supplies the value "16#0070_0200". The tag "configDone" is then set to "TRUE". This ends the processing of WRREC. Startup OB: Result of network 4 As long as the processing of the "WRREC" instruction has not yet ended ("configDone" has the value"FALSE" and "busyWR" has the value "TRUE") processing returns to network 1. 3452 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions FB: Result of network 1 After processing the program sections located in the startup OB the CPU is in the "RUN" mode. When the input parameter EN ("configDone") supplies the signal state "TRUE", the "RDREC" instruction is released for processing. When the input parameter REQ ("startRead") supplies the signal state "TRUE", the "RDREC" instruction is started. Over several calls the "RDREC" instruction reads out the control data record and saves the data record using the parameter RECORD ("recConfigCtrl_RD"). The length of the read data record is stored using the output parameter LEN ("#readLength"). During processing of RDREC the output parameter BUSY ("busyRD") is set to "TRUE" and VALID ("#checkRD") to "FALSE". A successful reading result is output as follows when processing is complete. The output parameter VALID ("#checkRD") is set to "TRUE". #checkRD then sets the tag "checkedValid_RD" permanently to "TRUE". In addition to this the value of the local tag "#lengthRD" is stored permanently in the tag "lengthRD". The block status is displayed at the output parameter STATUS ("statusRD"). Processing takes place without errors. FB: Result of network 2 If an error occurs when processing RDREC: When "errorRD" supplies the signal status "TRUE", the value of the tag "statusRD" is stored in the local tag "#memErrStatus". FB: Result of network 3 When the instruction "RDREC" has been executed and has checked the data, "#checkRD" supplies the value "TRUE". The tag "startRead" is then set to "FALSE". Execution of the "RDREC" instruction is then ended. WinCC Advanced V14 System Manual, 10/2016 3453 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). GETIO: Read process image (S7-1200, S7-1500) Description You use the instruction "GETIO" to consistently read out all inputs of a DP standard slave/ PROFINET IO device. The instruction "GETIO" calls the instruction "DPRD_DAT (Page 3536)". If there was no error during the data transmission, the data that has been read is entered in the destination area indicated by INPUTS . The destination area must have the same length that you configured for the selected component. If you read from a DP standard slave with a modular configuration or with several DP identifiers, you only access the data of one component/DP identifier at the configured start address with a "GETIO" call. Parameter The following table shows the parameters of the "GETIO" instruction: Parameter Declaration Data type Memory area Description ID Input HW_SUB MODULE I, Q, M, D, L or constant Hardware ID of the DP standard slave / PROFINET IO device. STATUS Output DWORD I, Q, M, D, L Contains the error information of "DPRD_DAT (Page 3536)" in the form DW#16#40xxxx00. LEN Output INT I, Q, M, D, L Amount of data read in bytes INPUTS InOut VARIANT I, Q, M, D, L Destination area for the read data. It must have the same length as the range that you configured for the selected DP standard slave / PROFINET IO device. Only the data type BYTE is valid. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS See also: DPRD_DAT: Read consistent data of a DP standard slave (Page 3536) Example You will find the example here: Program example for GETIO & SETIO (Page 3456). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). 3454 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SETIO: Transfer process image (S7-1200, S7-1500) Description Transfer the data using the SETIO instruction. The source area of the transfer is defined using the OUTPUTS parameter. The data is transferred in a consistent state to the addressed DP standard slave / PROFINET IO device. If you have configured the relevant address area of the DP standard slave / PROFINET IO device as a consistent range in a process image, the data is transferred to the process image. "SETIO" calls the "DPWR_DAT (Page 3538)" instruction during this transfer. The source range must have the same length that you configured for the selected component. In the case of a DP standard slave / PROFINET IO device with modular configuration or with several DP identifiers, you can only access one DP identifier / component per "SETIO" call. Parameter The following table shows the parameters of the "SETIO" instruction: Parameter Declaration Data type Memory area Description ID Input HW_SUBMOD ULE I, Q, M, D, L or con stant Hardware ID of the DP standard slave / PROFINET IO device. STATUS Output DWORD I, Q, M, D, L Contains the error information of "DPWR_DAT (Page 3538)" in the form DW#16#40xxxx00. OUTPUTS InOut VARIANT I, Q, M, D, L Source range for the data to be written. It must have the same length as the range that you configured for the selected DP standard slave / PROFINET IO device. Only the data type BYTE is valid. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS See also: DPWR_DAT: Write consistent data of a DP standard slave (Page 3538) Example You will find the example here: Program example for GETIO & SETIO (Page 3456). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3455 Programming the PLC 11.4 Instructions Program example for GETIO & SETIO (S7-1200, S7-1500) Introduction In the following example, you read out the channels of a digital input module via GETIO and write new values to the channels of a digital output module via SETIO. You then read out the changes via GETIO and via the digital input module. Requirements An IO device/DP slave is created with a digital input module and a digital output module. To store the data, create nine tags and the two structures "readinputs" and "writeOutputs" in a global data block. Use the tag "id_Read" to store the hardware identifier of the digital input module. Use the tag "id_Write" to store the hardware identifier of the digital output module. Note Find hardware identifier Use "PLC tags > System constants" to find the hardware identifier. For example, for the digital input module, search for "Local~<Name of the DI module>", with the data type "HW_Submodule". The associated cell "value" contains the hardware identifier. 3456 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To pass on the data, create eight local tags in an FB "SLI_FB_GETIO_SETIO". Create the tags "#channel0-7_BYTE" / "#channel0-7_BOOLS" and "#channel8-15_BYTE" / "#channel8-15_BOOLS" as AT constructs. To change the channel states, set the following bits (channel 1 and 2) in the global data block to "TRUE": Interconnect parameters Create the following interconnections in the "SLI_FB_GETIO_SETIO" FB. On the IO device/ DP slave, then call the FB "SLI_FB_GETIO_SETIO" in a program cycle OB (OB1). Network 1: Interconnect the parameters of the "GETIO" instruction as follows. Network 2: Close the instruction "GETIO" as follows. WinCC Advanced V14 System Manual, 10/2016 3457 Programming the PLC 11.4 Instructions Network 3: Create the following interconnections to convert the channel values of GETIO. Part 1: Part 2: Network 4: Create the following interconnections to convert the channel values of SETIO. Part 1: Part 2: 3458 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 5: Interconnect the parameters of the "SETIO" instruction as follows. Network 6: Close the instruction "SETIO" as follows. Result of network 1 (GETIO) When the input parameter EN ("executeRead") returns the signal state "TRUE", the "GETIO" instruction is started. The instruction "GETIO" calls the input module via the input parameter ID ("id_Read"). The channels of the input module are read out via the input parameter INPUTS ("#readBYTE"). The length of the read channels in BYTE is recorded at the output parameter LEN ("lengthRead"). The value "2" references 16 input channels. The block status is displayed at the output parameter STATUS ("statusRead"). Processing takes place without errors. Result of network 2 (GETIO) When the instruction "GETIO" has been executed, the output parameter ENO ("doneRead") returns the signal state "TRUE". After this, the resetter sets the tag "executeRead" to "FALSE" and ends the processing of "GETIO". WinCC Advanced V14 System Manual, 10/2016 3459 Programming the PLC 11.4 Instructions Result of network 3 (GETIO) Using MOVE instructions, the structure "#readBYTE" transfers the values of the tags to the tags of the structure "readInputs". The values of the channels 0 to 7 and 8 to 15 are hereby converted from BYTE to array of BOOL. To improve understanding, the tags of the "readInputs" structure are represented by descriptive names. Result of network 4 (SETIO) Using MOVE instructions, the structure "writeOutputs" transfers the values of the tags to the tags of the structure "#writeBYTE". The values of the channels 0 to 7 and 8 to 15 are converted from array of BOOL to BYTE. To improve understanding, the tags of the "writeOutputs" structure are represented by descriptive names. Result of network 5 (SETIO) When the input parameter EN ("executeWrite") returns the signal state "TRUE", the "SETIO" instruction is started. The instruction "SETIO" calls the output module via the input parameter ID ("id_Write"). New values are written to the channels of the output module via the input parameter OUTPUTS ("#writeBYTE"). The block status is displayed at the output parameter STATUS ("statusWrite"). Processing takes place without errors. Result of network 6 (SETIO) When the instruction "SETIO" has been executed, the output parameter ENO ("doneWrite") returns the signal state "TRUE". After this, the resetter sets the tag "executeWrite" to "FALSE" and ends the processing of "SETIO". 3460 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of reprocessing of GETIO If the tag "executeRead" is reset to "TRUE", the structure "readInputs" shows the new values on the channels of the input module after the execution of GETIO_PART. The channels 1 and 2 ("Channel_0-7[1]..[2]") now return the signal state "TRUE". Note Changing the signal state of a channel If a value is already assigned to a channel on which a signal state is to be changed (for example by a PLC tag), this pre-assignment can make a change by SETIO invalid. Make sure that the signal state of a channel to be changed is not already determined by other factors. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also GETIO: Read process image (Page 3454) SETIO: Transfer process image (Page 3455) GETIO_PART: Read process image area (S7-1200, S7-1500) Description You use the instruction "GETIO_PART" to consistently read out a related part of the inputs of an IO module. "GETIO_PART" calls the instruction "DPRD_DAT (Page 3536)". Use the ID input parameter to select the IO module by means of the hardware ID. You use the OFFSET and LEN parameters to specify the portion of the process image area to be read. If the input area spanned by OFFSET and LEN is not completely covered by the module, the block returns the error code DW#16#4080B700. WinCC Advanced V14 System Manual, 10/2016 3461 Programming the PLC 11.4 Instructions The length of the destination area must be larger than or equal to the amount of bytes to be read: If there was no error during the data transmission, ERROR receives the value FALSE. The data that is read is written to the destination area defined at the INPUTS parameter. If there was an error during the data transmission, ERROR receives the value TRUE. The STATUS parameter receives the error information from "DPRD_DAT". If the destination area is greater than LEN, then the first LEN bytes of the destination area will be written. ERROR receives the value FALSE. Parameter The following table shows the parameters of the "GETIO_PART" instruction: Parameter Declaration Data type Memory area Description ID Input HW_SUBMOD ULE I, Q, M, D, L or constant Hardware identifier of the module OFFSET Input INT I, Q, M, D, L or constant Number of the first byte to be read in the process image for the component (small est possible value: 0). LEN Input INT I, Q, M, D, L or constant Number of bytes to be read. STATUS Output DWORD I, Q, M, D, L Contains the error information of "DPRD_DAT" in the form DW#16#40xxxx00, if ERROR = TRUE. ERROR Output BOOL I, Q, M, D, L Error display: ERROR = TRUE if an error occurs when "DPRD_DAT" is called. INPUTS InOut VARIANT I, Q, M, D, L Destination area for read data: If the destination area is greater than LEN, the first LEN bytes of the destination area are written. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS See "RET_VAL" parameter of the "DPRD_DAT (Page 3536)" instruction. Example You will find the example here: Program example for GETIO_PART & SETIO_PART (Page 3464). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). 3462 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SETIO_PART: Transfer process image area (S7-1200, S7-1500) Description You can use the "SETIO_PART" instruction to consistently write data from the source area spanned by OUTPUTS to the outputs of an IO module. "SETIO_PART" calls the instruction "DPWR_DAT (Page 3538)". With the input parameter ID you select the I/O module based on the hardware identified. With the parameters OFFSET and LEN you specify the portion of the process image area to be written for the component addressed by ID. If the output area spanned by OFFSET and LEN is not completely covered by the module, the block returns the error code DW#16#4080B700. The length of the destination area must be larger than or equal to the amount of bytes to be read: If there was no error during the data transmission, ERROR receives the value FALSE. If there was an error during the data transmission, ERROR receives the value TRUE, and STATUS receives the error information of "DPWR_DAT". If the source area is greater than LEN, the first LEN bytes from OUTPUTS are transferred. ERROR receives the value FALSE. Parameters The following table shows the parameters of the "SETIO_PART" instruction: Parameter Declaration Data type Memory area Description ID Input HW_SUB MODULE I, Q, M, D, L or constant Hardware identifier of the IO module. OFFSET Input INT I, Q, M, D, L or constant Number of the first byte to be written in the process image for the component (smallest possible value: 0). LEN Input INT I, Q, M, D, L or constant Number of bytes to be written. STATUS Output DWORD I, Q, M, D, L Contains the error information of "DPWR_DAT" in the form DW#16#40xxxx00, if ERROR = TRUE. ERROR Output BOOL I, Q, M, D, L Error display: ERROR = TRUE if an error occurs when "DPWR_DAT" is called. OUTPUTS InOut VARIANT I, Q, M, D, L Source range for the data to be written: If the source area is greater than LEN, the first LEN bytes are transferred from OUT PUTS. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". ERROR and STATUS parameters See instruction "DPWR_DAT (Page 3538)". WinCC Advanced V14 System Manual, 10/2016 3463 Programming the PLC 11.4 Instructions Example You will find the example here: Program example for GETIO_PART & SETIO_PART (Page 3464). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). Program example for GETIO_PART & SETIO_PART (S7-1200, S7-1500) Introduction In the following example, you read out the channels of a digital input module via GETIO_PART and write new values to some of the channels of a digital output module via SETIO_PART. You then read out the changes via GETIO_PART and via the digital input module. 3464 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements An IO device/DP slave is created with a digital input module and a digital output module. To store the data, create 14 tags and the two structures "readinputs" and "writeOutputs" in a global data block. Use the tag "id_Read" to store the hardware identifier of the digital input module. Use the tag "id_Write" to store the hardware identifier of the digital output module. Note Find hardware identifier Use "PLC tags > System constants" to find the hardware identifier. For example, for the digital input module, search for "Local~<Name of the DI module>", with the data type "HW_Submodule". The associated cell "value" contains the hardware identifier. WinCC Advanced V14 System Manual, 10/2016 3465 Programming the PLC 11.4 Instructions To pass on the data, create eight local tags in an FB "SLI_FB_GETIO_SETIO_PART". Create the tags "#channel0-7_BYTE" / "#channel0-7_BOOLS" and "#channel8-15_BYTE" / "#channel8-15_BOOLS" as AT constructs. To change the channel states, set the following bits (for BYTE 0 and BYTE 1) to "TRUE" in the global data block: Interconnect parameters Create the following interconnections in the "SLI_FB_GETIO_SETIO_PART" FB. On the IO device/DP slave, then call the FB "SLI_FB_GETIO_SETIO_PART" in a program cycle OB (OB1). Network 1: Interconnect the parameters of the "GETIO_PART" instruction as follows. 3466 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Close the instruction "GETIO_PART" as follows. Network 3: Create the following interconnections to convert the channel values of GETIO_PART. Part 1: Part 2: WinCC Advanced V14 System Manual, 10/2016 3467 Programming the PLC 11.4 Instructions Network 4: Create the following interconnections to convert the channel values of SETIO_PART. Part 1: Part 2: Network 5: Interconnect the parameters of the "SETIO_PART" instruction as follows. 3468 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 6: Close the instruction "SETIO_PART" as follows. Result of network 1 (GETIO_PART) When the input parameter EN ("executeRead") returns the signal state "TRUE", the "GETIO_PART" instruction is started. The instruction "GETIO_PART" calls the input module via the input parameter ID ("id_Read"). The channels of the input module are read out via the input parameter INPUTS ("#readBYTE"). Through the input parameter OFFSET ("firstByteRead") with the value "0", the instruction "GETIO_PART" starts to read channels of the input module starting from the "BYTE 0". Two BYTE (16 channels) are read out according to the value "2" of the input parameter LEN ("maxLengthRead"). In this example, this value corresponds to the channels 0 to 15. The block status is displayed at the output parameter STATUS ("statusRead") and ERROR ("errorRead"). Processing takes place without errors. WinCC Advanced V14 System Manual, 10/2016 3469 Programming the PLC 11.4 Instructions Result of network 2 (GETIO_PART) When the instruction "GETIO_PART" has been executed, the output parameter ENO ("doneRead") returns the signal state "TRUE". After this, the resetter sets the tag "executeRead" to "FALSE" and ends the processing of "GETIO_PART". Result of network 3 (GETIO_PART) Using MOVE instructions, the structure "#readBYTE" transfers the values of the tags to the tags of the structure "readInputs". The values of the channels 0 to 7 and 8 to 15 are hereby converted from BYTE to array of BOOL. To improve understanding, the tags of the "readInputs" structure are represented by descriptive names. 3470 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of network 4 (SETIO_PART) Using MOVE instructions, the structure "writeOutputs" transfers the values of the tags to the tags of the structure "#writeBYTE". The values of the channels 0 to 7 and 8 to 15 are converted from array of BOOL to BYTE. To improve understanding, the tags of the "writeOutputs" structure are represented by descriptive names. Result of network 5 (SETIO_PART) When the input parameter EN ("executeWrite") returns the signal state "TRUE", the "SETIO_PART" instruction is started. The instruction "SETIO_PART" calls the output module via the input parameter ID ("id_Write"). New values are written to the channels of the output module via the input parameter OUTPUTS ("#writeBYTE"). Through the input parameter OFFSET ("firstByteWrite") with the value "0", the instruction "SETIO_PART" starts to write to channels of the output module starting from the "BYTE 0". Only one BYTE (8 channels) is written according to the value "1" of the input parameter LEN ("maxLengthWrite"). In this example, this value corresponds to the channels 0 to 7. The channel 9 set to the value "TRUE" (see "writeOutputs", "Channel_8-15[1]") is thus not taken into consideration during writing to the channels of the output module. The block status is displayed at the output parameter STATUS ("statusWrite") and ERROR ("errorWrite"). Processing takes place without errors. WinCC Advanced V14 System Manual, 10/2016 3471 Programming the PLC 11.4 Instructions Result of network 6 (SETIO_PART) When the instruction "SETIO_PART" has been executed, the output parameter ENO ("doneWrite") returns the signal state "TRUE". After this, the resetter sets the tag "executeWrite" to "FALSE" and ends the processing of "SETIO_PART". Result of reprocessing of GETIO_PART If the tag "executeRead" is reset to "TRUE", the structure "readInputs" shows the new values on the channels of the input module after the execution of GETIO_PART. A change affects only the channels 0 to 7 according to the values of the tags "firstByteWrite" and "maxLengthWrite". The channels 1 and 2 ("Channel_0-7[1]..[2]") now return the signal state "TRUE". The signal state of channel 9 ("Channel_8-15[1]") is unchanged. Note Changing the signal state of a channel If a value is already assigned to a channel on which a signal state is to be changed (for example by a PLC tag), this pre-assignment can make a change by SETIO_PART invalid. Make sure that the signal state of a channel to be changed is not already determined by other factors. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3472 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also GETIO_PART: Read process image area (Page 3461) SETIO_PART: Transfer process image area (Page 3463) RALRM: Receive interrupt (S7-1200, S7-1500) Description RALRM (S7-1200, S7-1500) Description The instruction receives an interrupt with all corresponding information from an I/O module (centralized configuration) or from a module of a DP slave or PROFINET IO device. This information is made available at its output parameters. The information in the output parameters contains the start information of the called OB as well as information of the interrupt source. The configuration of the data structure of the destination area AINFO corresponds to that for a central configuration of the PROFINET IO data structure. Call "RALRM" only within the interrupt OB started by the CPU operating system as a result of the I/O interrupt that is to be examined. Note If you call "RALRM" in an OB whose start event is not an I/O interrupt, the instruction will provide correspondingly reduced information in its outputs. Make sure to use different instance DBs when you call "RALRM" in different OBs. If you evaluate data resulting from an "RALRM" call outside of the associated interrupt OB, use a separate instance DB per OB start event. Note The interface of the "RALRM" instruction is identical to that in the "RALRM" FB defined in the standard "PROFIBUS and PROFINET Guideline Communication Function Blocks on PROFIBUS DP and PROFINET IO". WinCC Advanced V14 System Manual, 10/2016 3473 Programming the PLC 11.4 Instructions Calling RALRM RALRM" can be called in three operating modes (MODE parameter). These are explained in the table below. MODE RALRM ... 0 ... shows the component that triggered the interrupt in the output parameter ID and sets the output parameter NEW to TRUE. 1 ... writes all output parameters, regardless of the component triggering the interrupt. 2 ... checks whether the component specified in the F_ID input parameter has triggered the interrupt. If not, NEW = FALSE If yes, NEW = TRUE and all other output parameters are written. Parameters The following table shows the parameters of the "RALRM" instruction: Parameter Declaration Data type Memory area Description MODE Input INT I, Q, M, D, L or con stant Mode F_ID Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module. The number is assigned automatically and is stored in the hardware configuration properties of the component or interface. MLEN Input UINT I, Q, M, D, L or con stant Maximum length of the interrupt information to be received in bytes. With MLEN = 0, all data specified at the AINFO parameter are read. NEW Output BOOL I, Q, M, D, L A new interrupt was received. STATUS (Page 3475) Output DWORD I, Q, M, D, L Error code ID Output HW_IO I, Q, M, D, L Hardware identifier of the module from which the interrupt was received. LEN Output UINT I, Q, M, D, L Length of the received interrupt information TINFO (Page 3479) InOut VARIANT D, L Destination area for OB start and management information AINFO (Page 3495) InOut VARIANT I, Q, M, D, L Destination area for header information and ad ditional interrupt information For AINFO , provide a length of at least MLEN bytes. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note If you select a destination area (Page 3503)TINFO or AINFO that is too short, RALRM does not enter the full information. 3474 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example You will find the example here: Program example for RALRM (Page 3504). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). Parameter STATUS (S7-1200, S7-1500) Description The STATUS output parameter contains error information. If it is interpreted as ARRAY[1...4] of BYTE, the error information has the following structure: Field element Name Meaning STATUS[1] Function_Num B#16#00, if no error Function ID from DPV1-PDU: In the event of an error, B#16#80 is output (in the event of an error reading a data record B#16#DE and writing a data record B#16#DF). If no DPV1 protocol element is used, then B#16#C0 will be output. STATUS[2] Error_Decode Location of the error ID STATUS[3] Error_Code_1 Error ID STATUS[4] Error_Code_2 Manufacturer-specific extension of the error ID Field element STATUS[2] STATUS[2] can have the following values: Error_Decode (B#16#...) Source Meaning 00 to 7F CPU No error or no warning 80 DPV1 Error according to IEC 61158-6 81 to 8F CPU B#16#8x shows an error in the xth call parameter of the instruction. FE, FF DP profile Profile-specific error Field element STATUS[3] STATUS[3] can have the following values: Error_Decode (B#16#...) Error_Code_1 (B#16#...) 00 00 70 00 reserved, reject Initial call; no active data record transfer 01 reserved, reject Initial call; data record transfer has started 02 reserved, reject Intermediate call; data record transfer already active WinCC Advanced V14 System Manual, 10/2016 Explanation accord ing to DVP1 Meaning No error, no warning 3475 Programming the PLC 11.4 Instructions Error_Decode (B#16#...) Error_Code_1 (B#16#...) 80 81 Explanation accord ing to DVP1 Meaning The system data type at parameter TINFO does not match the call environment of the instruction. The used system data type must match the organization block in the user program (example: for a time-delay inter rupt OB you need the system data type TI_Delay). 90 reserved, pass Invalid logical start address 92 reserved, pass Illegal type for VARIANT pointer 93 reserved, pass The DP component addressed via ID or F_ID is not config ured. 96 The "RALRM (Page 3473)" does not supply the OB start information, management information, header information, or additional interrupt information. For OBs 4x, 55, 56, 57, 82 and 83, you use the "DPNRM_DG (Page 3551)" instruction to read the current diagnostic frame of the relevant DP slave asynchronously (address information from OB start information). A0 read error Negative acknowledgment when reading the module A1 write error Negative acknowledgment when writing to the module A2 module failure DP protocol error at layer 2 (e.g., slave failure or bus prob lems) A3 reserved, pass PROFIBUS DP: DP protocol error with Direct-Data-LinkMapper or User-Interface/User PROFINET IO: General CM error A4 reserved, pass Communication on PBUS+ disrupted A5 reserved, pass - A7 reserved, pass DP slave or module is occupied (temporary error A8 version conflict DP slave or module reports non-compatible versions A9 feature not suppor ted Function is not supported by DP slave or module AA to AF user specific DP slave or module reports a manufacturer-specific error in its application. Please check the documentation from the manufacturer of the DP slave or module. B0 invalid index Data record not known in module Illegal data record number 256 B1 write length error Error at length specification: With "RALRM (Page 3473)": length error in AINFO (Page 3495) With "RDREC (Page 3420)": length error in MLEN With "WRREC (Page 3437)": length error in LEN 3476 B2 invalid slot The configured slot is not occupied. B3 type conflict Actual module type does not match specified module type B4 invalid area DP slave or module reports access to an invalid area WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error_Decode (B#16#...) Error_Code_1 (B#16#...) Explanation accord ing to DVP1 Meaning B5 state conflict DP slave or module not ready B6 access denied DP slave or module denies access B7 invalid range DP slave or module reports an invalid range for a parameter or value B8 invalid parameter DP slave or module reports an invalid parameter B9 invalid type DP slave or module reports an invalid type With "RDREC (Page 3420)": buffer too small (subsets can not be read) With "WRREC (Page 3437)": buffer too small (subsets can not be written) BA to BF user specific DP slave or module reports a manufacturer-specific error when accessing. Please check the documentation from the manufacturer of the DP slave or module. C0 read constrain con flict With "WRREC (Page 3437)": The data is only written when the CPU is in STOP mode. Note: this means that writing by the user program is not possible. You only write the data online with PG/PC. With "RDREC (Page 3420)": the module routes the data record, but either no data is present or the data can only be read when the CPU is in STOP mode. Note: if data can only be read when the CPU is in STOP mode, then an evaluation by the user program is not possible. Therefore, it is only possible to read the data online with PG/PC. C1 write constrain con flict The data of the previous write job on the module for the same data record has not yet been processed by the mod ule. C2 resource busy The module is currently processing the maximum possible number of jobs for a CPU. C3 resource unavailable The required operating resources are currently occupied. C4 Internal temporary error. Job could not be executed. Repeat the job. If this error occurs often, check your instal lation for sources of electrical interference. 81 C5 DP slave or module not available. C6 Data record transfer was canceled due to priority class can cellation C7 Job aborted due to warm or cold restart on the DP master C8 to CF DP slave or module reports a manufacturer-specific re source error. Please check the documentation from the manufacturer of the DP slave or module. Dx user specific DP slave specific. Refer to the description of the DP slave. Ex user specific Manufacturer-specific. Please check the documentation of the module. 00 to FF Error in the initial call parameter (with "RALRM (Page 3473)": MODE 00 Illegal operating mode WinCC Advanced V14 System Manual, 10/2016 3477 Programming the PLC 11.4 Instructions Error_Decode (B#16#...) Error_Code_1 (B#16#...) 82 00 to FF Error in the second call parameter : : : 88 00 to FF Error in the eighth call parameter (with "RALRM (Page 3473)": TINFO (Page 3479)) 01 Wrong syntax ID 23 Configuration limits exceeded or destination area too small 24 Wrong range ID 32 DB/DI no. out of user range 3A DB/DI no. is NULL for area ID DB/DI or specified DB/DI does not exist 00 to FF Error in the ninth call parameter (with "RALRM (Page 3473)": AINFO (Page 3495)) 01 Wrong syntax ID 23 Configuration limits exceeded or destination area too small 24 Wrong range ID 32 DB/DI no. out of user range 3A DB/DI no. is NULL for area ID DB/DI or specified DB/DI does not exist 8A 00 to FF Error in the 10th call parameter : : : 8F 00 to FF Error in the 15th call parameter FE, FF 00 to FF Profile-specific error 89 Explanation accord ing to DVP1 Meaning Field element STATUS[4] With DPV1 errors, the DP master passes on STATUS[4] to the CPU and the instruction. Without DPV1 error, this value is set to 0, with the following exceptions for "RDREC": STATUS[4] contains the destination area length from RECORD, if MLEN > the destination area length from RECORD STATUS[4]=MLEN, if the actual data record length < MLEN < the destination area length from RECORD STATUS[4]=0, if STATUS[4]> 255 would have to be set In PROFINET IO, STATUS[4] has the value "0". 3478 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter TINFO (S7-1200, S7-1500) Data structure of the destination area TINFO The data structure of the destination area TINFO contains the start information of the organization block in which "RALRM" is currently being called. The TINFO destination area can contain the start information with standard access or optimized access. The format of the start information in the TINFO destination area must always match the start information of the corresponding organization block. The start information of an OB with standard access is always stored in the first 20 bytes of the "Temp" section in the block interface. Use the "TI_Classic" data structure for this. The start information of an OB with optimized access is always written to the "Input" section. The start information is stored in data structures specific to the organization block. Use the data structure specific to the organization block. Changing the block access (standard/optimized) also changes the block interface. The following table provides an overview of the data structures that are used depending on the organization block at the TINFO parameter. Name of the data structure S7-1200 CPUs as of version S7-1500 CPUs as of version Data structure used for: Data structure for organization blocks with standard access TI_Classic - V1 Organization blocks without optimized block access. Data structure for organization blocks with optimized block access TI_ProgramCycle V2 V1 Cycle OB (program cycle) TI_Startup V2 V1 Startup OB (startup) TI_Delay V2 V1 Time delay interrupt TI_Cyclic V2 V1 Cyclic interrupt OB TI_HWInterrupt V2 V1 Hardware interrupt OB TI_HWInterrupt_Ex tended - V2.0 Hardware interrupt OB TI_TimeError V2 V1 Time error OB TI_DiagnosticInterrupt V2 V1 Diagnostic error interrupt OB TI_PlugPullModule V2 V1 Pull/plug of modules OB TI_StationFailure V2 V1 Rack or station failure OB TI_ProgIOAccessError V2 V1 Programming error OB I/O access error OB TI_TimeOfDay V2 V1 Time-of-day interrupt OB TI_SynchCycle - V1 Synchronous cycle interrupt OB TI_Submodule V2 V1 Status interrupt OB Update interrupt OB OB for manufacturer or profile-specific interrupt WinCC Advanced V14 System Manual, 10/2016 3479 Programming the PLC 11.4 Instructions Data structure for organization blocks with standard access The following shows the TI_Classic data structure: Parameter TI_Classic 3480 Data type Byte Description Data structure for organization blocks without optimized block access. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Byte Description Bytes 0 to 19: Start information of the OB in which "RALRM" is currently being called.* EV_CLASS BYTE 0 Event class Example OB1: Bits 0-3: ID of the event (1 = incoming event) Bits 4-7: Event class (1 = Event class 1) EV_NUM BYTE 1 Event number (depending on OB type) Example OB1 (SCAN_1): SCAN_1 = 1 for first call SCAN_1 = 3 for all additional calls PRIORITY BYTE 2 Priority class NUM BYTE 3 OB number TYP2_3 BYTE 4 Additional information TYP1 BYTE 5 Different information is stored in the BYTES "TYP2_3" and "TYPE 1" depending on the OB type used. What these are is described in the documentation for the organization blocks. Example (OB1): TYP2_3: OB1_RESERVED_1 (reserved) TYP1: OB1_RESERVED_2 (reserved) ZI1 WORD 6 to 7 Additional information Different information is stored in "ZI1" depending on the OB type used. What these are is described in the documentation for the organization blocks. Example (OB1): ZI1: OB1_PREV_CYCLE (runtime of previous cycle in ms) ZI2_3 DWORD 8 to 11 Additional information Different information is stored in "ZI2_3" depending on the OB type used. What these are is described in the documentation for the organization blocks. Example (OB1): ZI2: OB1_MIN_CYCLE (minimum cycle time (ms) since the last startup) ZI3: OB1_MAX_CYCLE (maximum cycle time (ms) since the last startup) OB_DATE_ TIME DATE_AN D_TIME (DT) 12 to 19 Date and time-of-day when the OB was called. Bytes 20 and 21: Address information address WORD 20 and 21 Address information like S7-300/400 CPUs: In a central configuration, the rack number (0-31): %LW QXPEHURIWKHUDFN For a distributed configuration with PROFIBUS DP: WinCC Advanced V14 System Manual, 10/2016 - DP master system ID (1-31) - Station number (0-127). 3481 Programming the PLC 11.4 Instructions Parameter Data type Byte Description %LW 6WDWLRQQXPEHU '3PDVWHUV\VWHP,' In a distributed configuration with PROFINET IO: - The last two positions in the PROFINET IO system ID (0-15). To obtain the complete PROFINET IO system ID, you must add 100 (decimal) to it. - Station number (0-2047). %LW ,2V\VWHP,' 6WDWLRQQXPEHU Bytes 22 to 31: Management information slv_prfl BYTE 22 Slave profile like S7-300/400 CPUs: In a central configuration: 0 (data record 0 or data record 1) In a distributed configuration: intr_type BYTE 23 - Bit 0 to 3: Slave type - 0000: DP (structure data record 0) - 0001: DPS7 (structure data record 0 or data record 1) - 0010: DPS7 V1 (structure data record 0 or data record 1) - 0011: DPV1 (structure according to PROFIBUS DP standard) - 0100 - 0111: Reserved - 1000: PROFINET IO (structure according to PROFINET IO standard) - from 1001: Reserved - Bit 4 to 7: Profile type (reserved) Interrupt info type like S7-300/400 CPUs: In a central configuration: 0 In a distributed configuration: flags1 BYTE 24 - Bit 0 to 3: Interrupt info type - 0000: Interrupt comes from a configured remote module - 0001: Interrupt comes from a non-DPV1 slav / non IO device or a slot that is not configured - 0010: Interrupt generated in the CPU - from 0011: Reserved - Bit 4 to 7: Structure version - 0000: Initial - from 0001: Reserved Flags of the PROFIBUS DP master interface module / PROFINET IO controller interface module like S7-300/400 CPUs: In a central configuration: 0 In a distributed configuration: - 3482 Bit 0 = 0: Interrupt originating from an integrated interface module (PROFINET IO or PROFIBUS DP) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter flags2 Data type BYTE Byte 25 Description - Bit 0 = 1: Interrupt originating from an external interface module (PROFINET IO or PROFIBUS DP) - Bit 1 to 7: Reserved Flags of the PROFIBUS DP master interface module / PROFINET IO controller interface module like S7-300/400 CPUs: In a central configuration: 0 For a distributed configuration with PROFIBUS DP: - Bit 0: EXT_DIAG_FLAG from the diagnostics message frame, or 0 if this bit does not exist in the interrupt The bit is 1 if the DP slave is faulty. - Bit 1 to 7: Reserved In a distributed configuration with PROFINET IO: id UINT 26 and 27 - Bit 0: ARDiagnosisState or 0 if there is no information in the interrupt. The bit is 1 if the IO device is faulty. - Bit 1 to 7: Reserved Management information In a central configuration: 0 For a distributed configuration with PROFIBUS DP: PROFIBUS ID number as unique identifier of the PROFIBUS DP slave In a distributed configuration with PROFINET IO: PROFINET IO device ID number as unique identifier of the PROFINET IO device manufactur er UINT 28 and 29 Manufacturer ID (only in a distributed configuration with PROFINET IO). instance UINT 30 and 31 Ident number of the instance (only in a distributed configuration with PROFINET IO). *The start information depends on the OB used. You can find the start information of each OB type at the interface or in the documentation of the OB. Data structures for organization blocks with optimized block access The data structures for organization blocks with optimized block access have the following format: Bytes 0 to 3: Format of the start information, class and number of the called OB (same structure for all data structures). Bytes 4 to 19: Optimized start information (structure depends on the OB type). The data in bytes 4 to 19 correspond to the structure and content of the corresponding OB interface. Bytes 20 to 31: In addition, the address and management information for certain OBs. The data in bytes 20 to 31 correspond to the data of 20 to 31 bytes of the TI_Classic data structure. The format of the data structures is described in the following tables. WinCC Advanced V14 System Manual, 10/2016 3483 Programming the PLC 11.4 Instructions Table 11-26 Cycle OB: Data structure TI_ProgramCycle Parameter Data type Byte USINT 0 TI_ProgramCycle SI_Format Description Data structure for cycle OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=1) OB_Nr UINT 2 OB number (1...32767). Initial_Call BOOL 4 = TRUE in the first call of this OB: Transition from STOP or HOLD to RUN After reloading Remanence BOOL 5 = TRUE, if retentive data are available. Table 11-27 Startup OB: Data structure TI_Startup Parameter Data type Byte USINT 0 TI_Startup SI_Format Description Data structure for startup OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=100) OB_Nr UINT 2 OB number (1...32767). LostRetentive BOOL 4 =TRUE, if the contents of retentive data areas have been lost. LostRTC BOOL 5 =TRUE, if the time-of-day of the real-time clock has been lost. Table 11-28 Time delay interrupt OB: Data structure TI_Delay Parameter Data type Byte TI_Delay SI_Format Description Data structure for time delay interrupt OB USINT 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=20) OB_Nr UINT 2 OB number (1...32767). Sign WORD 4 User ID: Input parameter SIGN from the call of the "SRT_DINT (Page 3664)" in struction. 3484 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-29 Cyclic interrupt OB: Data structure TI_Cyclic Parameter Data type Byte USINT 0 TI_Cyclic SI_Format Description Data structure for cyclic interrupt OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=30) OB_Nr UINT 2 OB number (1...32767). Initial_Call BOOL 4 = TRUE in the first call of this OB At the transition from STOP or HOLD to RUN After reloading Event_Count INT 6 Number of discarded start events since the last start of this OB. Table 11-30 Hardware interrupt OB: Data structure TI_HWInterrupt Parameter Data type Byte USINT 0 TI_HWInterrupt SI_Format Description Data structure for hardware interrupt OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=40) OB_Nr UINT 2 OB number (1...32767). LADDR HW_IO 4 Hardware identifier of the module that triggers the hardware interrupt. USI WORD 6 Identifier for future extensions (not user-relevant). IChannel USINT 8 Number of the channel that triggered the hardware interrupt. EventType BYTE 9 Identifier for the event type associated with the event triggering the interrupt (e.g., rising edge). You can find this ID in the description of the respective module. address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UNIT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UNIT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UNIT 30 See "instance" parameter for the TI_Cassic data structure. WinCC Advanced V14 System Manual, 10/2016 3485 Programming the PLC 11.4 Instructions Table 11-31 Hardware interrupt OB: Data structure TI_HWInterrupt_Extended Parameter Data type Byte TI_HWInterrupt_Extended SI_Format USINT Description Data structure for hardware interrupt OB 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=40) OB_Nr UINT 2 OB number (1...32767). LADDR HW_IO 4 Hardware identifier of the module that triggers the hardware interrupt. USI WORD 6 Identifier for future extensions (not user-relevant). IChannel USINT 8 Number of the channel that triggered the hardware interrupt. EventType BYTE 9 Identifier for the event type associated with the event triggering the interrupt (e.g., rising edge). You can find this ID in the description of the respective module. PointAddr DWORD 12 In the case of digital modules: Bit array containing the inputs on the module that triggered the hardware interrupt In the case of analog modules: Bit array with the information as to which channel has exceeded which limit In the case of CPs or IMs: Interrupt status of the module (not user-relevant) address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UNIT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UNIT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UNIT 30 See "instance" parameter for the TI_Cassic data structure. 3486 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-32 Time error OB: Data structure TI_TimeError Parameter Data type Byte USINT 0 TI_TimeError SI_Format Description Data structure for time error OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=80) OB_Nr UINT 2 OB number (1...32767). Csg_OBnr OB_ANY 4 Number of the OB that was being executed when the time error occurred. Fault_ID BYTE 7 Error code. Possible values: B#16#01: Cycle time exceeded B#16#02: The requested OB is still being processed. B#16#05: Expired time-of-day interrupt due to time jump. B#16#06: Expired time-of-day interrupt upon re-entry into RUN after HOLD. B#16#07: Overflow of the OB request buffer for the current priority class. B#16#08: Isochronous mode interrupt - time error. B#16#09: Interrupt loss due to high interrupt load B#16#0B: Technology synchronization interrupt - time error Csg_Prio UNIT WinCC Advanced V14 System Manual, 10/2016 8 Priority of the OB that was being executed when the time error occurred. 3487 Programming the PLC 11.4 Instructions Table 11-33 Diagnostic interrupt OB: Data structure TI_DiagnosticInterrupt Parameter Data type Byte TI_DiagnosticInterrupt SI_Format USINT Description Data structure for diagnostic interrupt OB 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=82) OB_Nr UINT 2 OB number (1...32767). LADDR HW_ANY 4 Hardware identifier of the hardware object that triggered the diagnostic interrupt. IO_State WORD 6 Status of the hardware object: Bit 0: Good Bit 1: Disabled Bit 2: Maintenance required Bit 3: Maintenance demanded Bit 4: Error Bit 5: Not accessible Bit 6: Qualified Bit 7: Not available Channel UINT 8 Channel number MultiError BOOL 10 =TRUE, if there is more than one error. address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UINT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UINT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UINT 30 See "instance" parameter for the TI_Cassic data structure. 3488 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-34 Pull/plug interrupt OB: Data structure TI_PlugPullModule Parameter Data type Byte USINT 0 TI_PlugPullModule SI_Format Description Data structure for pull/plug interrupt OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=83) OB_Nr UINT 2 OB number (1...32767). LADDR HW_IO 4 Hardware identifier of the affected module or submodule Event_Class BYTE 6 B#16#38: (Sub)module plugged B#16#39: (Sub)module pulled or not responding Fault_ID BYTE 7 Error code The following table shows the events that cause the start of the pull/plug interrupt OB. With Event_Class = B#16#38 - module/submodule plugged: - B#16#54: Submodule plugged and matches configured submodule - B#16#55: Submodule plugged, but does not match configured submodule - B#16#56: Submodule plugged, but error in module parameter assignment - B#16#57: Submodule or module plugged, but with a fault or maintenance - B#16#58: Submodule access error corrected - B#16#61: Module inserted With Event_Class = B#16#39 - module/submodule pulled or not responding: - B#16#51: Module pulled - B#16#54: Submodule pulled - B#16#61: Module pulled or not responding address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UINT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UINT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UINT 30 See "instance" parameter for the TI_Cassic data structure. WinCC Advanced V14 System Manual, 10/2016 3489 Programming the PLC 11.4 Instructions Table 11-35 Rack error OB: Data structure TI_StationFailure Parameter Data type Byte USINT 0 TI_StationFailure SI_Format Description Data structure for rack error OB Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=86) OB_Nr UINT 2 OB number (1...32767). LADDR HW_De vice 4 Hardware identifier of the defective hardware object. Event_Class BYTE 6 B#16#32: Activation of a station with the "D_ACT_DP" instruction B#16#33: Deactivation of a station with the "D_ACT_DP" instruction B#16#38: Outgoing event B#16#39: Incoming event Fault_ID BYTE 7 Error code The error code is used to output the event that caused the start of the rack error OB. Event_Class = B#16#39, FAULT_ID = C3: Distributed I/O: Failure of a DP master system Event_Class = B#16#38, FAULT_ID = C4: Failure of a DP station Event_Class = B#16#39, FAULT_ID = CA: PROFINET IO system failure Event_Class = B#16#39/38, FAULT_ID = CB: PROFINET IO station failure/ station return Event_Class = B#16#38, FAULT_ID = CC: PROFINET IO station return with problem or maintenance Event_Class = B#16#38, FAULT_ID = CD: PROFINET IO station return, expected configuration different from actual configuration Event_Class = B#16#38, FAULT_ID = CE: PROFINET IO station return, error in module parameter assignment Event_Class = B#16#32/33, FAULT_ID = CF: Activation/deactivation of a PROFINET IO device with the "D_ACT_DP" instruction Event_Class = B#16#39/38, FAULT_ID = F8: Failure/return of some of the submodules of a PROFINET I-device Event_Class = B#16#38, FAULT_ID = F9: Return of some of the submodules of a PROFINET I-device with a device configuration difference address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UINT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UINT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UINT 30 See "instance" parameter for the TI_Cassic data structure. 3490 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-36 Programming error OB / I/O access error OB: Data structure TI_ProgIOAccessError Parameter Data type TI_ProgIOAccessError WinCC Advanced V14 System Manual, 10/2016 Byte Description* Data structure for programming error OB and I/O access error OB 3491 Programming the PLC 11.4 Instructions Parameter SI_Format Data type Byte Description* USINT 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class: =121 for programming error OB =122 for I/O access error OB OB_Nr UINT 2 OB number (1...32767). BlockNr UINT 4 Number of the block in which the programming error occurred. Reaction USINT 6 0: Ignore error 1: Substitute bad value 2: Skip command Fault_ID BYTE 7 Error code B#16#21: BCD conversion error B#16#22: Area length error when reading B#16#23: Area length error when writing B#16#24: Area error when reading B#16#25: Area error when writing B#16#26: Error in timer no. B#16#27: Error in counter no. B#16#28: Read access to a byte, word or double word with a pointer, the bit address of which is not 0 B#16#29: Write access to a byte, word or double word with a pointer, the bit address of which is not 0 B#16#:30: Write access to a write-protected global DB B#16#31: Write access to a write-protected instance DB B#16#32: DB number error when accessing a global DB B#16#33: DB number error when accessing an instance DB B#16#34: Number error during FC call B#16#35: Number error during FB call B#16#42: I/O access error, reading B#16#43: I/O access error, writing B#16#3A: Access to a DB that is not loaded; the DB number is located in the permitted area B#16#3C: Access to an FC that is not loaded; the FC number is within the permissible range B#16#3D: Access to an instruction (SFC) that is not loaded; the SFC number is within the permissible range B#16#3E: Access to an FB that is not loaded; the FB number is within the permissible range B#16#3F: Access to an SFB that is not available; the SFB number is within the permissible range BlockType 3492 USINT 8 Type of block in which the error has occurred: WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Byte Description* OB: B#16#88 FC: B#16#8C FB: B#16#8E Area USINT 9 Memory area in which the incorrect access occurred: Local data: B#16#40 to 4E, 86, 87, 8E, 8F, C0 to CE Process image input: B#16#01 Process image output: B#16#02 Technology DB: B#16#04 I: B#16#81 Q: B#16#82 M: B#16#83 DB: B#16#84, 85, 8A, 8B DBNr DB_ANY 10 DB no. if AREA = DB (global DB or instance DB) Only relevant for programming error OB. Csg_OBNr OB_ANY 12 OB number: 121: Programming error OB 122: I/O access error OB Csg_Prio USINT 14 OB priority Width USINT 15 Type of access during which the error occurred: Bit: B#16#00 Byte: B#16#01 Word: B#16#02 DWord: B#16#03 LWord: B#16#04 * Only certain output values are possible depending on the OB (I/O access error OB or programming error OB) from which information is read. Table 11-37 Time-of-day interrupt OB: Data structure TI_TimeOfDay Parameter Data type Byte TI_TimeOfDay SI_Format Description Data structure for time-of-day interrupt OB USINT 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=10) OB_Nr UINT 2 OB number (1...32767). CaughtUp BOOL 4 =TRUE if an OB call was executed subsequently because time was adjusted ahead SecondTime BOOL 5 =TRUE if an OB was called a second time because time was adjusted back. Note: SecondTime is set only once in situations in which the time is set back. WinCC Advanced V14 System Manual, 10/2016 3493 Programming the PLC 11.4 Instructions Table 11-38 Isochronous mode interrupt OB: Data structure TI_SynchCycle Parameter Data type Byte Description USINT 0 Format of the start information: TI_SynchCycle SI_Format Data structure for isochronous mode interrupt OB 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class (=61) OB_Nr UINT 2 OB number (1...32767). Initial_Call BOOL 4 = TRUE in the first call of this OB: Transition from STOP or HOLD to RUN After reloading IO _System USINT 5 Number of the distributed I/O system triggering the interrupt Event_Count INT 6 = n: Number of lost cycles = -1: An unknown number of cycles has been lost (e.g., because cycle has changed). PIP_Input BOOL 10 =TRUE: The associated process image of the inputs is up-to-date PIP_Output BOOL 11 =TRUE: The associated process image of the outputs was transferred to the outputs in good time after the last cycle SyncCycle Time LTIME 16 Calculated cycle time 3494 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-39 Status interrupt OB / update interrupt OB for manufacturer or profile-specific interrupt: Data structure TI_Submodule Parameter Data type Byte TI_Submodule SI_Format Description Data structure for status interrupt OB / update interrupt OB for manufacturer or profile-specific interrupt USINT 0 Format of the start information: 16#FF: None 16#FE: Optimized start information OB_Class USINT 1 OB class =55 for status interrupt OB =56 for update interrupt OB =57 for manufacturer or profile-specific interrupt OB OB_Nr UINT 2 OB number (1...32767). LADDR HW_IO 4 Hardware address of the component triggering the interrupt Slot UINT 6 Slot number of the component triggering the interrupt Specifier WORD 8 Interrupt specifier from the interrupt frame address WORD 20 See "address" parameter for the TI_Cassic. data structure slv_prfl BYTE 22 See "slv_prfl" parameter for the TI_Cassic data structure. intr_type BYTE 23 See "intr_type" parameter for the TI_Cassic data structure. flags1 BYTE 24 See "flags1" parameter for the TI_Cassic data structure. flags2 BYTE 25 See "flags2" parameter for the TI_Cassic data structure. id UINT 26 See "id" parameter for the TI_Cassic data structure. manufacturer UINT 28 See "manufacturer" parameter for the TI_Cassic data structure. instance UINT 30 See "instance" parameter for the TI_Cassic data structure. Parameter AINFO (S7-1200, S7-1500) Data structure of the destination area AINFO with interrupts from PROFIBUS DP Byte Meaning 0 to 3 Header information, for exact description, see below 4 to 63 Additional interrupt information: data for the respective interrupt: Distributed: ARRAY[0] to ARRAY[59] Structure of the header information with interrupts from PROFIBUS DP Byte Data type Meaning 0 BYTE Length of the received interrupt information in bytes WinCC Advanced V14 System Manual, 10/2016 Central: 4 to 224 Distributed: 4 to 63 3495 Programming the PLC 11.4 Instructions Byte Data type Meaning 1 BYTE Central: Reserved Distributed: ID for the interrupt type 1: 2: 3: 4: 5: 6: 31 Diagnostics interrupt Process interrupt Pull interrupt Plug interrupt Status interrupt Update interrupt Failure of an expansion device, DP master system or DP station 32 to 126: Manufacturer-specific interrupt 2 BYTE Slot number of the component that triggered the interrupt 3 BYTE Central: Reserved Distributed: Specifier Bits 0 and 1: 0: No further information; 1: Incoming event, fault at slot 2: Outgoing event, fault at slot cleared 3: Outgoing event, slot still faulty Bit 2: Add_Ack Bits 3 to 7: Sequence number Data structure of the destination area AINFO with interrupts from PROFINET IO or central I/O devices Byte Meaning 0 to 25 Header information, for exact description, see below 26 to 1431 Additional interrupt information: Standardized diagnostics data for the respective interrupt: ARRAY[0] to ARRAY[1405] Note: The additional interrupt information may also be omitted. Structure of the header information with interrupts from PROFINET IO or central I/O devices Byte Data type Meaning 0 and 1 WORD Bits 0 to 7: Block type Bits 8 to 15: Reserved 2 and 3 WORD Block length 4 and 5 WORD Version: Bits 0 to 7: low byte Bits 8 to 15: high byte 3496 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Byte Data type Meaning 6 and 7 WORD ID for interrupt type: 1: Diagnostics interrupt (incoming or outgoing) 2: Process interrupt 3: Remove module interrupt 4: Insert module interrupt 5: Status interrupt 6: Update interrupt 7: Redundancy interrupt 8: Controlled by supervisor 9: Released by supervisor 10: Configured module not inserted 11: Return of the sub-module 12: Diagnostics interrupt (outgoing) 13: Slave-to-slave connection alarm 14: Neighborhood change alarm 15: Clock synchronization message (bus end) 16: Clock synchronization alarm (device end) 17: Network component alarm 18: Time synchronization alarm (on bus side) 19 to 31: Reserved 32 to 127: Manufacturer-specific interrupt 128 to 65535: Reserved 8 to 11 DWORD API (Application Process Identifier) 12 to 13 WORD Slot number of the component triggering the interrupt (value range 0 to 65535) 14 to 15 WORD Submodule slot number of the component triggering the interrupt (value range 0 to 65535) 16 to 19 DWORD Module identification; specific information on the source of the interrupt WinCC Advanced V14 System Manual, 10/2016 3497 Programming the PLC 11.4 Instructions Byte Data type Meaning 20 to 23 DWORD Submodule identification; specific information on the source of the interrupt 24 to 25 WORD Interrupt specifier: Bits 0 to 10: Sequence number (value range 0 to 2047) Bit 11: Channel diagnostics: 0: No channel diagnostics available 1: Channel diagnostic information exists Bit 12: Status of manufacturer-specific diagnostics: 0: No manufacturer-specific status information available 1: Manufacturer-specific status information available Bit 13: Status of diagnostics for sub-module: 0: No status information available, all errors have been corrected 1: At least one item of channel diagnostics and/or status information is available Bit 14: Reserved Bit 15: Application relationship diagnosis state: - 0: None of the modules configured within this AR are reporting diagnostic information - 1: At least one of the modules configured in this AR is reporting diagnostic information Structure of the additional interrupt information for interrupts from PROFINET IO or central I/O 3498 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The additional interrupt information for PROFINET IO depends on the format identifier. It can comprise multiple data blocks with the same or different format identifier. The following format identifiers are available: W#16#0000 to W#16#7FFF: Manufacturer-specific diagnostics Byte Data type Meaning 0 to 1 WORD Format identifier for the structure of the following data serving as addi tional interrupt information W#16#0000 to W#16#7FFF: Manufacturer-specific diagnostics 2 to n BYTE See manufacturer's manual. W#16#8000: Channel diagnostics Channel diagnostics is output in blocks of 6 bytes each. The additional interrupt information (without format identifier) is only output for disrupted channels. Byte Data type Meaning 0 to 1 WORD Format identifier for the structure of the following data serving as addi tional interrupt information W#16#8000: Channel diagnostics 2 to 3 WORD Channel number of the component triggering the interrupt (value range: 0 to 65535): W#16#0000 to W#16#7FFF: Channel number of the interface module/sub-module W#16#8000: The generic substitute for the whole sub-module W#16#8001 to W#16#FFFF: Reserved 4 BYTE Bits 0 to 2: Reserved Bits 3 to 4: Type of error: 0: Reserved 1: Incoming error 2: Outgoing error 3: Outgoing error, other errors present Bits 5 to 7: Type of channel: 0: Reserved 1: Input channel 2: Output channel 3: Input/output channel WinCC Advanced V14 System Manual, 10/2016 3499 Programming the PLC 11.4 Instructions Byte Data type Meaning 5 BYTE Data format: B#16#00: Free data format B#16#01: Bit B#16#02: 2-bit B#16#03: 4-bit B#16#04: Byte B#16#05: Word B#16#06: Double word B#16#07: 2 double words B#16#08 to B#16#FF: Reserved 3500 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Byte Data type Meaning 6 to 7 WORD Type of error: W#16#0000: Reserved W#16#0001: Short-circuit W#16#0002: Undervoltage W#16#0003: Overvoltage W#16#0004: Overload W#16#0005: Overtemperature W#16#0006: Wire break W#16#0007: High limit exceeded W#16#0008: Low limit value exceeded W#16#0009: Error W#16#000A: Simulation active W#16#000B to W#16#000E: Reserved W#16#000F to W#16#001F: Manufacturer-specific W#16#0020 to W#16#00FF: Reserved W#16#0100 to w#16#7FFF: Manufacturer-specific W#16#8000: Data transfer not possible W#16#8001: Error at partner W#16#8002: Media redundancy error W#16#8003: Synchronization loss W#16#8004: Isochronous mode error W#16#8005: Multicast CR error W#16#8006: Reserved W#16#8007: Fiber-optic error W#16#8008: Function failure of network component W#16#8009: Time error W#16#800A: DFP problem (DFP: dynamic frame packing) W#16#800B: MRPD problem (MRPD: media redundancy with planned duplication) W#16#800C: System redundancy error W#16#800D to W#16#FFFF: Reserved Not all channels support every error type. For detailed information, refer to the description of the diagnostic data for the specific device. Note The section from "channel number" to "error type" can occur from 0 to n times. WinCC Advanced V14 System Manual, 10/2016 3501 Programming the PLC 11.4 Instructions W#16#8001: MULTIPLE (different types of diagnostics information are transmitted). In this case, the additional interrupt information is transmitted as blocks of variable length. Byte Data type Meaning 0 to 1 WORD Format identifier for the structure of the following data serving as additional interrupt information 2 to 3 WORD Block type 4 to 5 WORD Block length 6 BYTE Version: high byte 7 BYTE Version: low byte 8 to 11 DWORD API (only if low byte of version = 1) 12 to 13 WORD Slot number 14 to 15 WORD Subslot number 16 to 17 WORD Channel number 18 to 19 WORD Channel properties 20 to 21 WORD Format identifier: W#16#8001: Manufacturer-specific diagnostics and/or channel diagnostics W#16#0000 to W#16#7FFF: Manufacturer-specific diagnostics W#16#8000: Channel diagnostics W#16#8002: Extended channel diagnostics W#16#8003: Stepped extended channel diagnostics W#16#8004 to W#16#80FF: Reserved 22 to n BYTE Data depend on the format identifier Note The section starting from "block type" can occur from 1 to n times. W#16#8002: Extended channel diagnostics 3502 Byte Meaning 0 to 1 Format identifier W#16#8002 2 to 3 Channel number 4 to 5 Channel properties 6 to 7 Error type 8 to 9 Additional error value 10 to 13 Additional error information WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions W#16#8003: Stepped extended channel diagnostics Byte Meaning 0 to 1 Format identifier W#16#8003 2 to 3 Channel number 4 to 5 Channel properties 6 to 7 Error type 8 to 9 Additional error value 10 to 13 Additional error information 14 to 17 Qualified channel qualifier W#16#8100: Maintenance information Byte Meaning 0 to 1 Format identifier W#16#8100 2 to 3 Block type 4 to 5 Block length 6 to 7 Block version 8 to 9 Reserved 10 to 13 Maintenance status Note You can find more detailed information about the structure of the additional alarm information in the Programming Manual SIMATIC PROFINET IO from PROFIBUS DP to PROFINET IO and the current version of IEC 61158-6-10-1. Destination area TINFO and AINFO (S7-1200, S7-1500) Destination area TINFO and AINFO Depending on the respective OB in which "RALRM (Page 3473)" is called, the destination areas TINFO and AINFO are only partially written. Refer to the table below to find out which information is entered respectively. Interrupt type OB class TINFO OB start infor mation TINFO AINFO Management in Header infor formation mation AINFO Additional interrupt information Process interrupt 4x Yes Yes Central: No Distributed: As supplied by PROFI BUS DP slave/PROFI NET IO device Yes Status interrupt 55 Yes Yes Yes Yes Yes Update interrupt 56 Yes Yes Yes Yes Yes Manufacturer-specific interrupt 57 Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 3503 Programming the PLC 11.4 Instructions Interrupt type OB class TINFO OB start infor mation TINFO AINFO Management in Header infor formation mation AINFO Additional interrupt information I/O redundancy error 70 Yes Yes No No No Diagnostics interrupt 82 Yes Yes Yes Central: Structure according to PROFINET IO stand ard Distributed: As supplied by PROFI BUS DP slave/PROFI NET IO device Central: No Distributed: As supplied by PROFI BUS DP slave/PROFI NET IO device Insert/remove interrupt 83 Special form of the re 83 move module interrupt: Yes Yes Yes Yes Yes Yes PROFINET IO only 83 Yes Yes Yes PROFINET IO only Unconfigured module inserted 83 Yes Yes Yes PROFINET IO only Rack failure/ station failure 86 Yes Yes No No Yes No No No Controlled by supervi sor Special form of the in sert module interrupt: Enabled by supervisor ... all other OBs Program example for RALRM (S7-1200, S7-1500) Introduction In the following example, you generate a wire break via an input module and receive the interrupt, including associated information. The example applies to PROFINET IO and/or an S7-1500 CPU. Note Place the example The example must be stored in the setup in which the input module is to generate an interrupt (wire break). 3504 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements An input module is created and the hardware identifier is read out in the properties of the input module. You store the hardware identifier via the input parameter F_ID ("alarmCheckID"). To generate an interrupt, select the option "Wire break" for the input channels. This option is available under "Module parameters > Channel template > Inputs". To store the data, create seven tags and the structures "TI_Diagnostic_Interrupt" and "Additional_Diag" in a global data block. Create the "TI_Diagnostic_Interrupt" structure with the "TI_DiagnosticInterrupt" data type. WinCC Advanced V14 System Manual, 10/2016 3505 Programming the PLC 11.4 Instructions Interconnect parameters Call the instruction "RALRM" in a diagnostic interrupt OB (OB82). Interconnect the parameters of the instruction as follows. Result of RALRM Note Trigger wire break To trigger the interrupt, pull one of the power cables of the input module's inputs and then reconnect the cable. Alternatively, you can also pull a potential bridge of the input module and reconnect it. When you generate a wire break, the input module generates an interrupt. The diagnostic interrupt OB is then called and the instruction "RALRM" started. The instruction "RALRM" calls the input module via the input parameter F_ID ("alarmCheckID"). The instruction "RALRM" checks whether the interrupt originates from the input module according to the value "2" of the input parameter MODE ("alarmMode"). If the interrupt originates from the input module ("alarmCheckID" and "alarmFromID" are identical), the output parameter NEW ("alarmReceived") is set to "TRUE" and the interrupt information is stored via the parameters TINFO ("TI_Diagnostivc_Interrupt") and AINFO ("Additional_Diag"). The hardware identifier of the module generating the interrupt (the input module) is displayed at the output parameter ID ("alarmFromID"). The length of the received interrupt information is recorded at the output parameter LEN ("alarmLength"). According to the value of the input parameter MLEN ("alarmMaxLength" has the value "0"), the information that is to be read for AINFO ("Additional_Diag") is unlimited. 3506 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The block status is displayed at the output parameter STATUS ("alarmStatus"). Processing takes place without errors. The following sections contain the evaluation for TINFO and AINFO. Details about parameter TINFO ("TI_Diagnostivc_Interrupt") The OB start information and management information are stored at the parameter TINFO ("TI_Diagnostivc_Interrupt"). The generated interrupt includes the following information: OB start information: The OB82 uses optimized start information ("SI_Format" with the value "254"). Management information: - The input module (see "LADDR") with the status "Error" (see the value of "IO_State") is read out. - An interrupt was recently recorded for the channel "15" (see the value of "Channel"). - Multiple errors were recorded ("MutliError" with the value "TRUE"). - An interrupt was recently recorded for station "0" (see the value of "address"). - A structure was recorded according to the diagnostics data record 0 (see the value of "slv_prfl"). - The interrupt was triggered by a configured, distributed module (see the value of "intr_type"). WinCC Advanced V14 System Manual, 10/2016 3507 Programming the PLC 11.4 Instructions Details about parameter AINFO ("Additional_Diag") The header information and additional information about the interrupt is stored at the parameter AINFO ("Additional_Diag"). Note Structure and scope of the interrupt information This example is intended to show reception of a single hardware fault (wire break). Accordingly, only the interrupt information about one of the relevant channels is displayed when a multierror occurs. To call the additional information for each channel individually, use a multiple call of RALRM: For each call, query the channel ("TI_Diagnostivc_Interrupt.Channel") and store the information of the tags "ChannelErrorType" to "ErrorCode" for each channel. See also "FAQ for channel diagnostics with RALRM (https://support.industry.siemens.com/cs/ww/ en/view/109480387)". Depending on the application, note the structure to be stored at the parameter AINFO (Page 3495). The generated interrupt includes the following information: The OB used is a diagnostic interrupt OB ("InterruptType" with the value "1"). The interrupt is reported for a module at the slot "2" ("SlotNumber") and for the channels 8 to 15 (BYTE 1, "SubSlotNumber"). At least one item of channel diagnostics and/or status information is available for the submodule ("InterruptSpecifier" with the value "16#2000"). In this example, the structure of the channel diagnostics is used ("FormatIdentifier" with the value "16#8000"). The channel number of the component that triggered the interrupt is assigned to the submodule ("ChannelNumber" with the value "16#0008"). An incoming error for an input channel ("ChannelErrorType" with the value "16#28") is diagnosed. 3508 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The data format used is a bit ("DataFormat" with the value "16#01"). A wire break was diagnosed ("ErrorCode" with the value "16#0006"). Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Additional example A more complex example is available here: "FAQ for channel diagnostics with RALRM (https:// support.industry.siemens.com/cs/ww/en/view/109480387)". D_ACT_DP: Enable/disable DP slaves (S7-1200, S7-1500) Description With the instruction D_ACT_DP", you can disable and enable configured DP slaves/ PROFINET IO devices in a targeted manner. In addition, you can determine whether each assigned DP slave or PROFINET IO device is currently activated or deactivated. You cannot disable/enable an IE/PB Link PN IO type of gateway using the instruction "D_ACT_DP". If you nevertheless use "D_ACT_DP" on the gateway named, the CPU returns the value W#16#8093 (there is no hardware object that can be activated or deactivated for the address specified in LADDR). As of firmware version V1.8 of the S7-1500 CPUs the following applies: You can use the "D_ACT_DP" instruction to disable/enable DP slaves that are connected to an IE/PB Link PN IO type of gateway. WinCC Advanced V14 System Manual, 10/2016 3509 Programming the PLC 11.4 Instructions The instruction cannot be used on PROFIBUS PA field devices that are connected by a DP/ PA link to a DP master system. Note Several runs through the cycle control point are required to perform the disabling or enabling job. Therefore, you do not wait for the end of such a job in a programmed loop. Functional description "D_ACT_DP" is an asynchronous instruction. Processing takes place across several calls. You start the job by calling "D_ACT_DP" with REQ = 1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436). Application If you configure DP slaves/PROFINET IO devices in a CPU which are not actually present or not currently required, the CPU will nevertheless continue to access these DP slaves/ PROFINET IO devices at regular intervals. After the slaves are deactivated, further CPU accessing will stop. With PROFIBUS DP, the fastest possible DP bus cycle can be achieved in this manner. The corresponding error events no longer occur. Examples From a machine OEM's point of view, there are numerous device options possible in series production of machines. However, each delivered machine includes only one combination of selected options. Every one of these possible machine options is configured as a DP slave/PROFINET IO device by the manufacturer in order to create and maintain a common user program having all possible options. Use "D_ACT_DP" to deactivate all DP slaves/PROFINET IO devices not present at machine startup. A similar situation exists for machine tools having numerous tooling options available but actually using only a few of them at any given time. These tools are implemented as DP slaves/ PROFINET IO devices. With "D_ACT_DP", the user program activates the tools currently needed and deactivates those required later. Identification of a job If you have started a deactivation or activation job and you call "D_ACT_DP" again before the job is complete, the behavior of the instruction depends on whether or not the new call involves the same job. If the input parameter LADDR matches, the call will be interpreted as follow-on call. 3510 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Deactivating DP slaves/PROFINET IO devices When you deactivate a DP slave/PROFINET IO device with "D_ACT_DP", its process outputs are set to the configured substitute values or to 0 (safe state). The assigned DP master/ PROFINET IO controller does not continue to address this component. Deactivated DP slaves/ PROFINET IO devices are not identified as faulty or missing by the error LEDs on the DP master/PROFINET IO controller or CPU. The process image inputs of deactivated DP slaves/PROFINET IO devices is updated with 0. Therefore, it is treated just like failed DP slaves/PROFINET IO devices. If you directly access the user data of a previously deactivated DP slave/PROFINET IO device from your program, the I/O access error OB is called and the corresponding start event is entered in the diagnostics buffer. If you attempt to access a deactivated DP slave/PROFINET IO device via an instruction (such as "RD_REC (Page 3530)"), you will receive the same error information in RET_VAL as for an unavailable DP slave/PROFINET IO device. Deactivating a DP slave/PROFINET IO device does not start the program error OB, even if its inputs or outputs belong to the system-side process image to be updated. If a DP station/PNIO station fails after you have deactivated it with "D_ACT_DP", the operating system does not detect the failure. Applies to PROFIBUS DP: If you wish to deactivate DP slaves functioning as transmitters in slave-to-slave communication, we recommend that you first deactivate the receivers (listeners) that detect which input data the transmitter is transferring to its DP master. Deactivate the transmitter only after you have performed this step. Activating DP slaves/PROFINET IO devices When you reactivate a DP slave/PROFINET IO device with "D_ACT_DP", this component is configured and assigned parameters by the associated DP master/PROFINET IO controller (as with the return of a failed DP station/PROFINET IO station). This activation is complete when the component is able to transfer user data. Activating a DP slave/PROFINET IO device does not start the program error OB, even if its inputs or outputs belong to the system-side process image to be updated. If you try to activate a DP slave/PROFINET IO device with "D_ACT_DP" that cannot be accessed (for example, because it was physically separated from the bus), the instruction returns the error code W#16#80A7 after expiration of the configured parameter assignment time for distributed I/O. The DP slave/PROFINET IO device is activated and the fact that the activated DP slave/PROFINET IO device cannot be accessed results in a corresponding display in the system diagnostics. If the DP slave/PROFINET IO device is accessible again afterwards, this results in standard system behavior (for example, a call of the OB configured for this purpose). Note Activating a DP slave/PROFINET IO device may be time-consuming. If you want to cancel a currently running activation job, start "D_ACT_DP" with the same value for LADDR and MODE =2. You repeat the call for "D_ACT_DP" with MODE = 2 until the successful cancellation of the activation job is displayed with RET_VAL =0. WinCC Advanced V14 System Manual, 10/2016 3511 Programming the PLC 11.4 Instructions If you wish to activate DP slaves which take part in the slave-to-slave communication, we recommend that you first activate the transmitters and then the receivers (listeners). Parameters The following table shows the parameters of the "D_ACT_DP" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Level-triggered control parameter I, Q, M, D, L or con stant Job identifier Possible values: MODE Input USINT REQ=1: Run activation or deactivation 0: Request information on whether the addressed component is activated or deactivated (output via RET_VAL parameter) 1: Activate the DP slave/PROFINET IO device 2: Deactivate the DP slave/PROFINET IO device LADDR Input HW_DEVICE I, Q, M, D, L or con stant Hardware identifier of the DP slave (HW_DPSlave)/PROFINET IO device (HW_Device) The number can be taken from the properties of the DP slave / PROFINET IO device in the Network view or from the "System constants" tab of the standard tag table. If both the identifier for the device diagnostics as well as the ID for operating state transitions are both specified there, you must use the code for the device diagnostics. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. BUSY Output BOOL I, Q, M, D, L Active code: BUSY=1: The job is still active. BUSY=0: The job was terminated. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation (W#16#...) 0000 Job completed without error. 0001 The DP slave/PROFINET IO device is active (this error code is possible only with MODE = 0.) 0002 The DP slave/PROFINET IO device is deactivated (this error code is possible only with MODE = 0.) 3512 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation (W#16#...) 7000 First call with REQ= 0: The job specified with LADDR is not active; BUSY has the value "0". 7001 First call with REQ= 1. The job specified with LADDRwas triggered. BUSY has the value "1". 7002 Intermediate call (REQ irrelevant). The activated job is still active; BUSY has the value "1". 8090 You have not configured a module with the address specified in LADDR. You operate your CPU as I-slave / I-device and you have specified an address of this I-slave/I-device in LADDR. 8092 The deactivation of the currently addressed DP slave/PROFINET IO device (MODE=2) cannot be can celed by being activated (MODE=1). Activate the component at a later time. 8093 The address specified in LADDR does not belong to any DP slave/PROFINET IO device that can be activated or deactivated or the MODE parameter is unknown. 8094 You have attempted to activate a device which is potential partner for a tool change port. However, another device is already activated on this tool change port at this time. The activated device will remain activated. 80A0 Error during the communication between the CPU and the IO controller. 80A3 The DP master/PROFINET IO controller concerned does not support this function. 80A4 The CPU does not support this function for external DP masters/PROFINET IO controller. 80A7 A timeout occurred during activation: The remote device is unreachable or you have set the parameter assignment time for central and distributed I/O too short. The status of the remote device is "activated", but it is not reachable. 80AA Activation with errors in the DP slave/PROFINET IO device: Differences in the configuration 80AB Activation with errors in the DP slave/PROFINET IO device: Parameter assignment error 80AC Activation with errors in the DP slave/PROFINET IO device: Maintenance required 80C3 Temporary resource error: The CPU is currently processing the maximum possible activation and deactivation jobs (8). (This error code is only possible when MODE = 1 and MODE = 2.) The CPU is busy receiving a modified configuration. Currently you can not enable/disable DP slaves/ PROFINET IO devices. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". ReconfigIOSystem: Reconfigure IO system (S7-1200, S7-1500) ReconfigIOSystem: Reconfigure IO system (S7-1500) Description You can use the "ReconfigIOSystem" instruction to transfer a data record to the PROFINET interface of the CPU. This data record ("CTRLREC" parameter) contains the following information for controlling the configuration: A list of optional IO devices to be activated A list of the partner ports to be specified, if you have set the "Partner is set in the user program" option in the port properties of IO devices WinCC Advanced V14 System Manual, 10/2016 3513 Programming the PLC 11.4 Instructions Note The "ReconfigIOSystem" instruction uses the "D_ACT_DP" instruction internally in MODE 1 and MODE 3 to enable/disable IO devices. Therefore, observe the rules and notes in the description of this instruction. See also "D_ACT_DP: Disable/enable distributed I/O devices (Page 3509)". Dependencies between instruction versions Version V1.1 of instruction "ReconfigIOSystem" requires version V1.1 of the instruction "WRREC". Version V1.0 of instruction "ReconfigIOSystem" requires version V1.1 of instruction "WRREC". Functional description "ReconfigIOSystem" is an asynchronous instruction. Processing takes place across several calls. You start the job by calling "ReconfigIOSystem" with REQ=1. The output parameters STATUS and BUSY indicate the status of the job. Parameters The following table shows the parameters of the "ReconfigIOSystem" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Edge-triggered control parameter I, Q, M, D, L or con stant You control how the instruction works with the MODE parameter. You can find a detailed functional description in the table below. MODE Input UINT REQ=1: Perform data transfer Possible values: 1: Disable all IO devices of the IO system for the conversion phase 2: Reconfigure the IO system according to the data record settings (CTRLREC) 3: Enable all IO devices of the IO system again after reconfiguration LADDR Input HW_INTER FACE I, Q, M, D, L or con stant Hardware identifier of the PROFINET interface (IO controller) CTRLREC Input VARIANT I, Q, M, D, L Data record for controlling the actual configu ration of the IO system DONE Output BOOL I, Q, M, D, L 0: Instruction not yet completed BUSY Output BOOL I, Q, M, D, L 1: Instruction completed Active code: 0: Instruction active 1: Instruction completed 3514 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L 0: Instruction completed without error 1: Instruction completed with error STATUS Output DWORD I, Q, M, D, L Result/error code ERR_INFO Output WORD I, Q, M, D, L HW ID of the most recently determined IO de vice that caused an error. You can find additional information on valid data types under "Overview of valid data types (Page 2131)". Parameter MODE The following values are possible for the MODE input parameter: MODE Description 1 All IO devices of the IO system can be disabled by calling the instruction with mode 1. The "ReconfigIOSystem" instruction uses the "D_ACT_DP" instruction internally. "Re configIOSystem" returns errors that are detected by D_ACT_DP in the following output parameters: STATUS (error code) ERR_INFO (hardware identifier of the IO device causing the error). In STATUS and ERR_INFO, the CPU enters the last determined error/HW identifier and in so doing overwrites an existing error code. For this reason, additional errors can be present besides the entered error. 2 For controlling the actual configuration of the IO system, the instruction transfers the data record to the PROFINET interface, which is addressed with LADDR. See the fol lowing section for information on the structure of the data record. See the following section about the STATUS parameter for error analysis. 3 All non-optional IO devices in the IO system and optional IO devices that are listed in the control data record CTRLREC are enabled. The optional IO devices that are not listed in the CTRLREC data record remain disabled. If IO devices that are part of docking units are listed in the CTRLREC control data record, the PN IO system reacts as follows: IO devices of the docking units remain disabled when ReconfigIOSystem is called with Mode 3. This reaction corresponds to the reaction of a configuration without configurationcontrolled IO devices. IO devices of docking units are disabled by default and must be enabled in the user program. Structure of the control data record You can use the control data record ("CTRLREC" parameter) to inform the PROFINET interface of the CPU which optionally configured IO devices are available in the real IO system configuration and which port interconnections are to be set. WinCC Advanced V14 System Manual, 10/2016 3515 Programming the PLC 11.4 Instructions This requires a configuration that allows IO system configuration to be adapted: The IO devices listed in the control data record must be enabled as "Optional IO device" (IO device properties: PROFINET interface [X1] > Advanced options > Interface options). The port interconnections listed in the control data record are only possible when the partner port is set to "Partner is set by the user program" for the appropriate ports. The data type of parameter CTRLREC is "VARIANT". The "CTRLREC" control data record must have the following structure: Until version V1.1 of ReconfigIOSystem: Array of elements of the Word data type (for numerical addressing) As of version V1.2 of ReconfigIOSystem: Array of elements of the UInt data type (for symbolic or numerical addressing) or array of elements of the Word data type (for numerical addressing) Below, the basic structural composition of "CTRLREC" is described with the Word element data type. You read the required hardware identifiers directly in the "System constants" tab in the network view or in the device view. To do this, select the object in the network view (IO device) or in the device view (PROFINET interface). Recommendation: Use the symbolic addressing of the HW identifiers by using the names of the HW identifiers. Name Data type Comment Version_High, Version_Low Word Version of the control data record( High byte: 01 Low byte: 00 Number_of_opt_Devices_used Word Number of optional IO devices that are used in the real IO sys tem configuration. Optional IO devices that are not listed below remain disabled. Activate_opt_Device_1 Word / Hw_Device The optional IO devices that are present in the real configura tion must be listed with their hardware identifiers. Use the system constant of the IO device object. Example: The IO device object has the name "IO-Device_4~IO Device" and its type is "Hw_Device". Activate_opt_Device_2 Word / Hw_Device 2nd optional IO device (e.g. with value 262) ... ... ... Activate_opt_Device_n Word / Hw_Device nth optional IO device (e.g. with value 282) Number_of_Port_Interconnec tions_used Word Number of port interconnections listed below. If you do not specify port interconnections, enter "0". For all the ports for which you have configured "Partner is set by the user program" and that are not listed below, the CPU uses the "Any partner" setting. Port_Interconnection_1_Local Word / Hw_Interface 1st port interconnection, HW identifier of local port Use the system constant of the port object. Example: The port object has the name "IO-Device_2~PROFI NET_interface~Port_2" and its type is "Hw_Interface". Port_Interconnection_1_Remote Word / Hw_Interface 1st port interconnection, HW identifier of partner port Port_Interconnection_2_Local Word / Hw_Interface 2nd port interconnection, HW identifier of local port 3516 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name Data type Comment Port_Interconnection_2_Remote Word / Hw_Interface 2nd port interconnection, HW identifier of partner port ... ... ... Port_Interconnection_n_Local Word / Hw_Interface nth Port interconnection, hardware identifier local port Port_Interconnectio_n_Remote Word / Hw_Interface nth Port interconnection, hardware identifier local port Parameter STATUS The STATUS output parameter contains error information. You can find a detailed list of possible error codes in the next section. If STATUS is interpreted as ARRAY[1...4] of BYTE, the error information has the following structure: Field element Name Meaning STATUS[1] Function_Num B#16#DF: Error writing data record, otherwise B#16#00. STATUS[2] Error_Decode B#16#80 is output for an error (corresponding to IEC 61158-6 in the context of reading and writing data records). STATUS[3] Error_Code_1 B#16#AA in the case of an error in the structure of the data record STATUS[4] Error_Code_2 Manufacturer-specific error ID extension: B#16#00 Error in the data record (e.g. incorrect padding byte values (not equal to 0) B#16#01 Reserved B#16#02 At least one station number for an IO device in the data record is invalid (not configured, points to a non-optional IO device or has the value 0 for an IO controller) B#16#03 At least one partner port specified in the data record is invalid: Examples: - Subslot address of a partner port is not available - Partner port is configured incorrectly (the correct setting is: "Partner is set by the user program") - Partner port belongs to an IO device that is disabled B#16#10 Version of the CTRLREC control data record invalid (specified version is not supported) B#16#11 The number of optional IO devices to be activated in the CTRLREC control data record is not supported B#16#12 The number of specified interconnections ("Partner set in the user program") in the CTRLREC control data record is not supported B#16#13 Internal conversion of the hardware identifier to device number failed. The ERR_INFO output parameter contains the hardware identifier of the device causing the error. B#16#14 Consistency error: The length of the CTRLREC control data record does not match the information in the control data record. Example: 20 optional IO devices are specified, but the control data record only has a length of 10 bytes. WinCC Advanced V14 System Manual, 10/2016 3517 Programming the PLC 11.4 Instructions Error codes (STATUS parameter) Error code Description 16#0000_0000 Job completed without error 16#0070_0000 No job active 16#0070_0100 First call of the instruction 16#0070_0200 Following call of the instruction (instruction is still running, BUSY = 1) 16#0080_8000 MODE is not supported 16#0084_5100 Incorrect data type of CRTLREC data record. Use an array of UInt or an array of Word. 16#0080_9100 The LADDR parameter does not address any PROFINET interface (does not exist or wrong type, e.g. PROFIBUS interface). The PROFINET interface does not support configuration control of IO systems. 16#0080_Cx00 Temporary error, e.g., due to temporary lack of resources. 16#DF80_AAxy Error in the structure of the data record (MODE 2). For the meaning of "xy", see the definition of STATUS[4] Error_Code_2 above. 16#DF80_B6xy Configuration control not possible because either no optional IO device was con figured or no port was assigned with "Partner is set in the user program". This configuration is a prerequisite for calling the instruction. "xy" is irrelevant. 16#0080_9400 Forwarded error codes of the internally called D_ACT_DP instruction. 16#0080_A000 For the meaning of these error codes, see "D_ACT_DP (Page 3509)". 16#0080_A700 The hardware identifiers of IO devices causing errors are entered in ERR_INFO (entry is consecutively overwritten by subsequent errors). If more than one IO device is involved, online diagnostics with STEP 7 is recommended. 16#0080_AA00 16#0080_AB00 16#0080_AC00 With IRT configuration: The device numbers of the IO devices should follow from the IO controller in ascending order of their topological interconnection, see here. Example You will find the example here: Program example for ReconfigIOSystem (Page 3518). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) Program example for ReconfigIOSystem (S7-1200, S7-1500) Introduction In the following example, you configure an IO system via the program. The target configuration should consist of an S7-1500 CPU, an IO device (for example ET 200MP) and an optional IO device (for example, ET 200SP). For this purpose, disable an existing IO system, transfer the configuration values to the PROFINET interface of the CPU and enable the IO devices. 3518 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements An S7-1500 CPU has been created. Two ET 200 have been created. A PROFINET connection has been created and the hardware settings have been made: - IO device (for example, ET 200MP IM 155-5 PN HF) - optional IO device (for example, ET 200SP IM 155-6 PN ST - IO system is set up by the program Note Hardware settings for an IO system to be set up by the program Proceed as follows: 1. Connect the two ET 200 via PROFINET with the CPU. 2. Assign the two ET 200 as IO controllers to the CPU. Then open the CPU properties. 3. Open the entry "PROFINET interface [X1] > Advanced options > Port X1 P1 > Port interconnection > Partner port". Select the option "Set Partner by user program". Do the same for "Port X1 P2". 4. Open the properties of ET 200MP (...> Port X1 P1) and select the option "Set Partner by user program" (see step 3). 5. Open the properties of ET 200SP (...> Port X1 P1) and perform the following settings: - Select the option "Set Partner by user program" (see step 3). - Open "PROFINET interface [X1] > Advanced options > Interface options" and select the option "Optional IO device". WinCC Advanced V14 System Manual, 10/2016 3519 Programming the PLC 11.4 Instructions Storage of data To store the data, create the two structures "operateMode" and "ctrlRec" and 13 additional tags in a global data block. Note You have to specify the values of the hardware identifiers ("laddr_interface", "ctrlRec") according to your system. For example, determine the hardware identifier of the interface of the CPU ("laddr_interface") as follows: In the CPU, open the entry "PLC tags > Show all tags > System constants" and search for the name <Local~PROFINET-Interface_1> with the data type "Hw_Interface". The associated cell "value" contains the hardware identifier. 3520 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Pay attention to the interfaces used. The Port X1 P1 of the IO device (ET 200MP/"<IO_device_1>") is connected with the port X1 P1 of the CPU ("<Local>"). The Port X1 P1 of the optional IO device (ET 200SP/"<IO_device_2>") is connected with the port X1 P2 of the CPU ("<Local>"). You also require the hardware identifier of the device (data type "Hw_Device") from the optional IO device. WinCC Advanced V14 System Manual, 10/2016 3521 Programming the PLC 11.4 Instructions Interconnecting parameters in the FC "SLI_FC_start_reset_ReconfigIOS" To start or reset the instruction "ReconfigIOSystem", create the FC "SLI_FC_start_reset_ReconfigIOS". To pass on the data, create the following local tags in the FC. Network 1: To set the input parameter REQ ("getExecute"), interconnect the tag "start". Network 2: To reset "start", create the following interconnections. Network 3: To reset all set process values, create the following interconnections. Part 1 of the network: 3522 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Part 2 of the network: Network 4: To reset "reset", create the following interconnections. WinCC Advanced V14 System Manual, 10/2016 3523 Programming the PLC 11.4 Instructions Interconnecting parameters in the FC "SLI_FC_switchMode_ReconfigIOS" To safely reconfigure the IO system, run through all three modes of "ReconfigIOSystem". You need to set an automatism for mode switchover in the FC "SLI_FC_switchMode_ReconfigIOS" so that you do not have to switch the modes of the "ReconfigIOSystem" instruction yourself. Network 1: To save the information in the case of error, create the following interconnections. Network 2: To automatically start the instruction "ReconfigIOSystem" in mode 2 or mode 3, create the following interconnections. Network 3: Record the success of the processing of ReconfigIOSystem in mode 1 as follows. Network 4: To safely switch from mode 1 to mode 2, create the following interconnections. 3524 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 5: Record the success of the processing of ReconfigIOSystem in mode 2 as follows. Network 6: To safely switch from mode 2 to mode 3, create the following interconnections. Network 7: Record the success of the processing of ReconfigIOSystem in mode 3 as follows. WinCC Advanced V14 System Manual, 10/2016 3525 Programming the PLC 11.4 Instructions Network 8: To end the processing of ReconfigIOSystem, create the following interconnections. Note Alternatively, you can switch from mode 3 to mode 1 after processing. For this purpose, enter the value "1" for the instruction "MOVE". Interconnecting parameters in the FB "SLI_FB_ReconfigIOSystem" Call the instruction "ReconfigIOSystem" in an FB ("SLI_FB_ReconfigIOSystem"). To pass on the data, create the following local tags in the FB. Create the tags "#recordAoWord" and "#recordStruct" as AT constructs. The tags must be the same size (as "ctrlRec"). Network 1: To transfer the data record ("ctrlRec"), create the following interconnection. 3526 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Interconnect the FC "SLI_FC_start_reset_ReconfigIOS" as follows. Network 3: Interconnect the instruction "ReconfigIOSystem" as follows. Network 4: Interconnect the FC "SLI_FC_switchMode_ReconfigIOS" as follows. Call the FB ("SLI_FB_ReconfigIOSystem") in an OB1. WinCC Advanced V14 System Manual, 10/2016 3527 Programming the PLC 11.4 Instructions Result (FB "SLI_FB_ReconfigIOSystem") FB Network 1: The values of the data record ("ctrlRec") are transferred to an Array of WORD ("#recordAoWord") via a MOVE instruction. To improve understanding, the tags of the "ctrlRec" and "#recordStruct" structures are represented by descriptive names. FB Network 2: When the input parameter start ("start") returns the signal state "TRUE", the tag "getExecute" and the output parameter startDone ("startDone") are set to "TRUE". The processing of the instruction "ReconfigIOSystem" is started by the tag "getExecute" at "TRUE". When the input parameter reset ("reset") returns the signal state "TRUE", the start command of "ReconfigIOSystem", the process values of the processing and the information of the fault scenario are reset. FB Network 3: When the input parameter REQ ("getExecute") returns the signal state "TRUE", the "ReconfigIOSystem" instruction is started. The instruction "ReconfigIOSystem" calls the interface of the CPU via the input parameter LADDR ("laddr_interface"). The mode for the operating mode is transferred to the instruction "ReconfigIOSystem" via the input parameter MODE ("operateMode.value"). ReconfigIOSystem disables all existing IO systems of the CPU according to the start value "1". The block status is displayed at the output parameter STATUS ("status"). In the example, processing takes place without errors. The "ReconfigIOSystem" instruction only calls the data record at the input parameter CTRLREC ("#recordAoWord") in mode 2. The configuration values for the IO system of ReconfigIOSystem to be set up are communicated to the CPU (IO controller). In mode 3, the "ReconfigIOSystem" instruction enables the IO system. The switchover of the input parameters REQ ("getExecute") and MODE ("operateMode.value") is implemented in network 4 ("SLI_FC_switchMode_ReconfigIOS"). 3528 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions FB Network 4: If the instruction "ReconfigIOSystem" was successfully processed in mode 1 (the tag "done" has the value "TRUE"), the tag "operateMode.Disable_all_IO_devices_done" is set to "TRUE". As a result, the input parameter REQ ("getExecute") is then reset to "FALSE". As soon as ReconfigIOSystem is inactive ("status" has the value "16#0070_0000"), the value "2" is passed to the tag "operateMode.value". ReconfigIOSystem is then in mode 2. In mode 2, the input parameter REQ ("getExecute") is automatically set to "TRUE" if the following applies to the instruction "ReconfigIOSystem": ReconfigIOSystem is inactive ("busy" and "done" is "FALSE"). No error occurs ("error" is "FALSE"). The success state of mode 2 is not reached ("operateMode.Reconfigure_IO_system_done" is "FALSE"). If the instruction "ReconfigIOSystem" was successfully processed in mode 2 (the tag "done" has the value "TRUE"), the tag "operateMode.Reconfigure_IO_system_done" is set to "TRUE". Afterwards, the scenario is similar to with mode 1. The "getExecute" tag is reset to "FALSE". ReconfigIOSystem ("operateMode.value") is set to mode 3. WinCC Advanced V14 System Manual, 10/2016 3529 Programming the PLC 11.4 Instructions In mode 3 the input parameter REQ ("getExecute") is automatically set to "TRUE" if the same applies to the "ReconfigIOSystem" instruction as for mode 2 - with one exception: The success state of mode 3 is not reached ("operateMode.Enable_all_IO_devices_done" is "FALSE"). The success status in mode 3 (the tag "done" has the value "TRUE") is queried in the same way as for mode 2. After the successful processing ReconfigIOSystem remains in mode 3 ("operateMode.value" retains the value). After the completed processing of the three modes, the "ReconfigIOSystem" instruction is inactive ("status" has the value "16#0070_0000"). The IO system is set up: An S7-1500 CPU with an IO device and an optional IO device. Both IO devices are activated. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Others (S7-1200, S7-1500) RD_REC: Read data record from I/O (S7-1500) Description Use the instruction to read the data record with the number RECNUM from the addressed module. You start the read process by assigning the value "1" to the input parameter REQ during the call. If the read process is executed immediately, the instruction returns the value "0" at the output parameter BUSY . If BUSY has the value "1", reading is not yet complete. See also: Difference between synchronous and asynchronous instructions (Page 2436). The data record read is entered in the destination area spanned by the RECORD parameter, providing the data transfer was free of errors. Note When you read out a data record with a number greater than one from an FM or a CP you have purchased prior to February 1997 (below referred to as "old modules"), "RD_REC" responds differently than it does in new modules. This special situation is covered in the section "Using old S7-300 FMs and CPs with data record numbers >1" (see below). If a DPV1 slave is configured via GSD file (GSD rev. 3 and higher) and the DP interface of the DP master is set to "S7 compatible", then you may not read any data records from the I/O modules in the user program with "RD_REC". In this case, the DP master addresses the wrong slot (configured slot + 3). Remedy: Set the interface of the DP master to "DPV1". 3530 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RD_REC" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Read request LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module. RECNUM Input BYTE I, Q, M, D, L or con stant Data record number (permitted values: 0 to 240) RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. In addition: Length of the actually transfer red data record in bytes (possible values: +1 to +240), if the destination area is greater than the transferred data record and if no error occurred during the transfer. BUSY Output BOOL I, Q, M, D, L BUSY = 1: The reading process is not yet com plete. RECORD Output ANY I, Q, M, D, L Destination area for the data record read. With asynchronous execution of "RD_REC", make sure that the actual parameters of RE CORD have the same length information for all calls. Only the BYTE data type is permitted. Note: Note that for S7-300 CPUs, the parameter RECORD always requires the full specification of the DB parameters (for example, P#DB13.DBX0.0 byte 100). The omission of an explicit DB number is illegal for S7-300 CPUs and leads to an error message in the user program. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RECORD Note If you want to ensure that the entire data record is always read, select a destination area with a length of 241 bytes. If the data transfer is without error, RET_VAL contains the actual data record length. WinCC Advanced V14 System Manual, 10/2016 3531 Programming the PLC 11.4 Instructions Using old S7-300 FMs and CPs with data record numbers > 1 If you want to use the instruction "RD_REC" to read out a data record with a number greater than one from an old S7-300 FM or old S7-300 CP, remember the following points: If the destination area is greater than the actual length of the required data record, no data is entered in RECORD . RET_VAL is written with W#16#80B1. If the destination area is less than the actual length of the required data record, the CPU reads as many bytes beginning at the start of the record as are specified in the length information of RECORD and enters this number of bytes in RECORD . RET_VAL is written with "0". If the length specified in RECORD is the same as the actual length of the required data record, the CPU reads the data record and enters it in RECORD . RET_VAL is written with "0". Parameter RET_VAL If an error occurred while the function was being executed, the return value contains an error code. If no error occurred during the transfer, RET_VAL contains the following: - 0, if the entire destination area was filled with data from the selected data record (the data record can also be incomplete). - The length of the actually transferred data record in bytes (possible values: +1 to +240), if the destination area is greater than the transferred data record. Note If the general error W#16#8745 occurs, this only indicates that access to at least one byte of the process image was blocked. The data record was read by the module correctly and written to the I/O memory area. 3532 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When looking at the "real" error information (error codes W#16#8xyz) in the following table, two different cases are described: Temporary errors (error codes W#16#80A2 to 80A3, 80Cx): It is possible that this type of error is eliminated without user action. For this reason, it is advisable to call the instruction again (multiple calls, if necessary). Example of a temporary error: Resources required are currently in use (W#16#80C3). Permanent errors (error codes W#16#809x, 80A0, 80A1, 80Bx): This type of error does not correct itself. Once you have eliminated the error, the instruction needs to be called again. Example of a permanent error: Wrong length specification in RECORD (W#16#80B1). Note If you transfer data records to a DPV1 slave with "WR_REC (Page 3535)" or if you read data records from a DPV1 slave with RD_REC and if this DPV1 slave operates in DPV1 mode, the DP master evaluates the error information it received from the slave as follows: If the error information lies within the range from W#16#8000 to W#16#80FF or W#16#F000 to W#16#FFFF, the DP master passes the error information to the instruction. If the error information is outside this range, the DP master passes the value W#16#80A2 to the instruction and suspends the slave. For a description of the error information originating from DPV1 slaves, refer to STATUS[3] Parameter STATUS (Page 3475). Parameter RET_VAL for WR_REC and RD_REC Error code* (W#16#...) Explanation Restriction 0000 No error - 7000 First call with REQ=0: No data transfer active; BUSY has the value 0. - 7001 First call with REQ=1: Data transfer started; BUSY has the value 1. Distributed I/O 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value 1. Distributed I/O 8090 Address specified at parameter ADDR is invalid. - 8092 A type other than BYTE is specified in the ANY reference. - 8093 This instruction is not permitted for the module selected by means of LADDR and IOID . - 80A0 Negative acknowledgment when reading from the module: Module was removed during the reading process or is defective With "RD_REC" only 80A1 Negative acknowledgment when writing to the module: Module was removed during the writing process or is defective With "WR_REC (Page 3535)" only 80A2 DP protocol error at layer 2 (for example, slave failure or bus problems) Distributed I/O For ET 200S, data record cannot be read in DPV0 mode. 80A3 DP protocol error with user interface/user Distributed I/O 80A4 Communication on PROFIBUS disrupted. - WinCC Advanced V14 System Manual, 10/2016 3533 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation Restriction 80B0 Instruction not possible for module type. - The module does not recognize the data record. Data record number 241 not permitted. With "WR_REC (Page 3535)", data records 0 and 1 are not permitted. 80B1 The length specified in parameter RECORD is incorrect. With "WR_REC (Page 3535)": Length incorrect With "RD_REC" (only when using old S7-300 FMs and S7-300 CPs): specified length > data record length With DPNRM_DG: specified length < data record length 80B2 The configured slot is not occupied. - 80B3 Actual module type does not match specified module type - 80B5 DP slave or module is not ready. - 80B7 DP slave or module reports an invalid range for a parameter or value. With "RD_REC" only 80C0 With "WR_REC (Page 3535)": The data is only written when the CPU is in STOP mode. Note: this means that writing by the user program is not possible. You can only write the data online with PG/PC. With "WR_REC (Page 3535)" or "RD_REC" or "DPNRM_DG (Page 3551)" With "RD_REC": the module routes the data record, but either no data is present or the data can only be read when the CPU is in STOP mode. Note: if data can only be read when the CPU is in STOP mode, then an evaluation by the user program is not possible. In this case, you can only read the data online with PG/PC. With "DPNRM_DG (Page 3551)": No diagnostics data available. 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - 80C3 The required resources (memory, etc.) are currently occupied. - 80C4 Internal temporary error. Job could not be executed. - Repeat the job. If this error occurs often, check your installation for sources of electrical interference. 80C5 Distributed I/O not available. Distributed I/O 80C6 Data record transfer stopped due to priority class abort (restart or background) Distributed I/O 80E1 Manufacturer-specific. Please check the documentation of the mod ule. - 3534 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation Restriction General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WR_REC: Write data record to I/O (S7-1500) Description Use the instruction "WR_REC" to transfer the data record RECORD to the addressed module. The data to be transferred are read from the RECORD parameter during the first call. If the transfer of the data record takes longer than the duration of one call, the contents of the RECORD parameter are no longer relevant for the subsequent instruction calls (for the same job). You start the writing process by assigning the value "1" to the input parameter REQ during the call. If the writing process could be executed immediately, the instruction returns the value "0" at the output parameter BUSY. If BUSY has the value "1", writing is not yet complete. Parameters The following table shows the parameters of the instruction "WR_REC": Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L, T, C or constant REQ = 1: Write request LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module. RECNUM Input BYTE I, Q, M, D, L or con stant Data record number RECORD Input VARIANT I, Q, M, D, L Data record RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. BUSY Output BOOL I, Q, M, D, L BUSY = 1: The writing process is not yet com plete. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3535 Programming the PLC 11.4 Instructions Parameter RET_VAL See also: RD_REC: Read data record from I/O (Page 3530) Note If the general error W#16#8544 occurs, it only indicates that access to at least one byte of the I/O memory area containing the data record was denied. The data transfer was continued. DPRD_DAT: Read consistent data of a DP standard slave (S7-1200, S7-1500) Description Use the instruction "DPRD_DAT" to read out consistent data from an I/O module. The instruction can be used for the central modules as well as for the DP standard slaves and PROFINET IO devices. You require "DPRD_DAT" because you can only read out a maximum of four continuous bytes using the load commands that access the I/O or the process image input table. If required, you can also read consistent data via the process image of the inputs. Refer to the related documentation to find out if your CPU supports this functionality. For additional information on consistent data of a DP standard slave/PROFINET IO device, refer to Section "Data consistency (Page 4177)". If necessary, use the instruction "DPRD_DAT" also for a data area of 1 byte or larger. For information on the maximum length of the data, refer to the documentation of your CPU (e.g. 64 bytes for an S7-1214). Use the parameter LADDR to select the module of the DP normslave/PROFINET IO device. If an access error occurs, the error code W#16#8090 is output. Use the RECORD parameter to define the destination area of the read data: - The destination area has to be at least as long as the inputs of the selected module. Only the inputs are transferred, the other bytes are not considered. If you read from a DP standard slave with a modular configuration or with several DP identifiers, you can only access the data of a module of the configured hardware identifier per "DPRD_DAT" call. If the selected destination area is too small, the error code RET_VAL is output at the 80B1 parameter. - All bit strings and all integers can be used as data type. It is also possible to use these data types in a data structure of the ARRAY type . The data type STRING is not supported. If there was no error during the data transmission, the data that has been read is entered in the destination area defined at the RECORD parameter. 3536 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "DPRD_DAT": Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, L or con stant Hardware ID of the module from which the data is to be read. The hardware ID can be found in the properties of the module in the device view or system con stants. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. RECORD Output VARIANT I, Q, M, D, L Destination area for the user data that were read. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0000 No error occurred. 8090 You have not configured a module for the specified hardware identifier or You have ignored the restriction concerning the length of consistent data, or you have not specified a hardware identifier as an address at parameter LADDR . 8092 A data type other than (Array of) bit string or integer was specified at the RECORD parameter. 8093 No DP module/PROFINET IO device from which you can read consistent data exists for the hardware identifier specified in LADDR . This error code also occurs if the module addressed by means of LADDR does not have inputs. 80A0 An access error was detected when accessing the I/O. 80B1 The length of the specified destination area at parameter RECORD is shorter than the configured user data length. 80C0 The data have not been read yet. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Parameter STATUS (Page 3475) WinCC Advanced V14 System Manual, 10/2016 3537 Programming the PLC 11.4 Instructions DPWR_DAT: Write consistent data of a DP standard slave (S7-1200, S7-1500) Description Use the instruction "DPWR_DAT" to transfer the data at the parameters RECORD consistently to the addressed module of the central module or of the DP standard slave/PROFINET IO device and if necessary to the process image (i.e. if the affected address range of the DP standard slaves is projected as consistency range in a process image). You require "DPWR_DAT" because you can only write a maximum of four continuous bytes using the transfer commands that access the I/O or process image output. If required, also write consistent data via the process image output. Refer to the related documentation to find out if your CPU supports this functionality. Do not use both possibilities concurrently when writing consistent data: Either use "DPWR_DAT" or write via the process image output table. For additional information on consistent data of a DP standard slave/PROFINET IO device, refer to Section "Data consistency (Page 4177)". If the DP standard slave has a modular design, you only access one module of the DP slave. CAUTION I/O access When using "DPWR_DAT", avoid accessing I/O areas that have process image partitions with OB6x connections (isochronous mode interrupts) assigned to them. If necessary, the instruction "DPRD_DAT" can also be used for a data area of 1 byte or larger. For information on the maximum length of the data, refer to the documentation of your CPU (e.g. 64 bytes for an S7-1214). Use the LADDR parameter to select the DP standard slave / PROFINET IO device. If an access error occurs on the addressed module, the error code 8090 is output. Use the RECORD parameter to define the source range of the data to be written: - The source range has to be at least as long as the outputs of the selected module. Only the outputs are transferred, the other bytes are not considered. If the source area at parameter RECORD is longer than the outputs of the configured module, only the data up to the maximum length of the outputs is transferred. If the source area at parameter RECORD is shorter than the outputs of the configured module, the error code 80B1 is output. - The following data types can be used: Byte, Char, Word, LWord, DWord, Int, UInt, USInt, SInt, LInt, ULInt, DInt, UDInt. The use of these data types in a data structure of the type ARRAY or STRUCT is also permissible. - The data type STRING is not supported. The data transfer is synchronous. Once the instruction is finished, the write process is completed. 3538 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "DPWR_DAT": Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, L or constant Hardware ID of the module to which the data is to be written. The hardware ID can be found in the properties of the module in the device view or system constants. RECORD Input VARIANT I, Q, M, D, L Source area for the user data to be written. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0000 No error occurred. 8090 You have not configured a module for the specified hardware identifier or You have ignored the restriction concerning the length of consistent data, or you have not specified a hardware identifier at parameter LADDR . 8092 A data type other than (Array of) bit string or integer was specified at the RECORD parameter. 8093 No DP module /PROFINET IO device to which you can write consistent data exists at the HW ID specified in LADDR . This error code also occurs if the DP standard slave / PROFINET IO device addressed via LADDR does not have outputs. 80A1 Access error detected while I/O devices were being accessed. 80B1 The length of the specified source range at the RECORD parameter is shorter than the outputs of the configured DP standard slave / PROFINET IO device. 80C1 The data of the previous write job have not yet been processed by the DP standard slave / PROFINET IO device. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Parameter STATUS (Page 3475) WinCC Advanced V14 System Manual, 10/2016 3539 Programming the PLC 11.4 Instructions iDevice / iSlave (S7-1200, S7-1500) RCVREC: Receive data record (S7-1200, S7-1500) Description An I-device can receive a data record from a superordinate controller. The receipt takes place in the user program with the instruction "RCVREC" (receive record). The instruction has the following operating modes: Check whether the I-device has a request for a data record receipt. Make the data record available to the output parameters. Sending an answer to the superordinate controller. You can determine the operating mode executed by the instruction using the input parameter MODE (see below). The I-device must be in the RUN or STARTUP mode. With MLEN, you specify the maximum number of bytes you want to receive. Select the destination area RECORD at least MLEN bytes long. If a data record was received (MODE=1 or MODE=2), the output parameter NEW will indicate that the data record was stored in RECORD. Note that RECORD has a sufficient length. The output parameter LEN contains the actual length of the data record received in bytes. Set CODE1 and CODE2 to zero for the positive answer to the superordinate controller. If the received data record is rejected, enter Error Code 1 in CODE1 and Error Code 2 in CODE2 of the negative answer at the superordinate controller. Note If the I-device has received a request for a data record receipt, you must recognize the delivery of this request within a certain duration. After recognition, you must send an answer to the superordinate controller within this time period. Otherwise the I-device will experience a timeout error which causes the operating system of the I-device to send a negative answer to the superordinate controller. For information on the value for the time period, refer to the specifications of your CPU. The output parameter STATUS receives the error information after the occurrence of an error. 3540 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Operating modes You can determine the operating mode of the instruction "RCVREC" with the input parameter MODE. This step will be explained in the following table. MODE Meaning 0 Check whether a request for a data record receipt exists If a data record from a higher-level controller exists on the I-device, the instruction will only write the output parameters NEW, SLOT, SUBSLOT, INDEX and LEN. If you call the instruction several times with MODE=0, then the output parameter will only refer to one and the same request. 1 Receiving a data record for any subslot of the I-device If a data record from a superordinate controller exists on the I-device for any subslot of the I-device, the instruction will write the output parameter and transfer the data record to the parameter RECORD. 2 Receiving a data record for a specific subslot of the I-device If a data record from a superordinate controller exists on the I-device for a specific subslot of the I-device, the instruction will write the output parameter and transfer the data record to the parameter RECORD. 3 Sending a positive answer to the superordinate controller The instruction checks the request of the superordinate controller to receive a data record, accepts the existing data record and sends a positive acknowledgment to the superordinate controller. 4 Sending a negative answer to the superordinate controller The instruction checks the request of the superordinate controller to receive a data record, rejects the existing data record and sends a negative acknowledgment to the superordinate controller. Enter the reason for the rejection in the input parameters CODE1 and CODE2. Note After the receipt of a data record (NEW=1) you must call "RCVREC" twice to ensure complete processing. You must do this in the following order: First call with MODE=1 or MODE=2 Second call with MODE=3 or MODE=4 Parameters The following table shows the parameters of the "RCVREC" instruction: Parameter Declaration Data type Memory area Description MODE Input INT I, Q, M, D, L or con stant Mode F_ID Input HW_SUB MODULE I, Q, M, D, L or con stant Subslot in the transfer area of the I-device for the data record to be received (only relevant for MODE=2). The high word is always set to zero. MLEN Input INT* I, Q, M, D, L or con stant Maximum length of the data record to be re ceived in bytes CODE1 Input BYTE I, Q, M, D, L or con stant "0" (for MODE=3) and/or Error Code 1 (for MODE=4) CODE2 Input BYTE I, Q, M, D, L or con stant "0" (for MODE=3) and/or Error Code 2 (for MODE=4) WinCC Advanced V14 System Manual, 10/2016 3541 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description NEW Output BOOL I, Q, M, D, L MODE=0: New data record was received MODE=1 or 2: Data record was transferred to RECORD STATUS Output DWORD I, Q, M, D, L Error information SLOT Output HW_SUB MODULE I, Q, M, D, L Identical to F_ID SUBSLOT Output HW_SUB MODULE I, Q, M, D, L Identical to F_ID INDEX Output UINT I, Q, M, D, L Number of the data record received LEN Output UINT I, Q, M, D, L Length of the data record received RECORD InOut VARIANT I, Q, M, D, L Destination area for the data record received. Note: Note that for S7-300 CPUs, the parame ter RECORD always requires the full specifica tion of the DB parameters (for example, P#DB13.DBX0.0 Byte 100) The omission of an explicit DB number is illegal for S7-300 CPUs and leads to an error message in the user pro gram. * Use the data type UINT in the STL programming language. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS For interpretation of the STATUS parameter, refer to section: Parameter STATUS (Page 3475) PRVREC: Make data record available (S7-1200, S7-1500) Description An I-device can receive a request from a superordinate controller to make a data record available. The I-device makes the data record available in the user program with the instruction "PRVREC" (provide record). The instruction has the following operating modes: Check whether the I-device has a request for making a data record available. Transfer the requested data record to the superordinate controller. Sending an answer to the superordinate controller. You can determine the operating mode executed by the instruction using the input parameter MODE (see below). The I-device must be in the RUN or STARTUP mode. Enter the maximum number of bytes the data record to be sent should have with LEN. Select the destination area RECORD at least LEN bytes long. 3542 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If a request to make a data record available exists, (MODE=0), the output parameter NEW will be set to TRUE. If the request for making a data record available is accepted, write RECORD for the positive answer to the superordinate controller with the requested data record and write zero for CODE1 and CODE2. If the request for making a data record available is to be rejected, enter the negative answer to the superordinate controller in Error Code 1 of the CODE1 and in Error Code 2 of theCODE2. Note If the I-device has received a request for making a data record available, you must recognize the delivery of this request within a certain time period. After recognition, you must send an answer to the superordinate controller within this time period. Otherwise the I-device will experience a timeout error which causes the operating system of the I-device to send a negative answer to the superordinate controller. For information on the value for the time period, refer to the specifications of your CPU. The output parameter STATUS receives the error information after the occurrence of an error. Operating modes You can determine the operating mode of the instruction "PRVREC" with the input parameter MODE. This step will be explained in the following table. MODE Meaning 0 Check whether a request for making a data record available exists If a request from a higher-level controller for making a data record available exists on the I-device, the instruction will only write the output parameters NEW, SLOT, SUBSLOT, INDEX and RLEN. If you call the instruction several times with MODE=0, then the output parameter will only refer to one and the same request. 1 Receiving a request for making a data record available for any subslot of the I-device If such a request from a superordinate controller for any subslot of the I-device exists on the I-device, the in struction will write the output parameter. 2 Receiving a request for making a data record available for a specific subslot of the I-device If such a request from a superordinate controller for a specific subslot of the I-device exists on the I-device, the instruction will write the output parameter. 3 Make the data record available and send a positive answer to the superordinate controller The instruction checks the request of the superordinate controller to make a data record available, makes the request data record available to RECORD and sends a positive acknowledgement to the superordinate controller. 4 Sending a negative answer to the superordinate controller The instruction checks the request of the superordinate controller to make a data record available, rejects this request and sends a negative acknowledgement to the superordinate controller. Enter the reason for the rejection in the input parameters CODE1 and CODE2. WinCC Advanced V14 System Manual, 10/2016 3543 Programming the PLC 11.4 Instructions Note After the receipt of a request (NEW=1) you must call the instruction twice to ensure complete processing. You must do this in the following order: First call with MODE=1 or MODE=2 Second call with MODE=3 or MODE=4 Parameters The following table shows the parameters of the "PRVREC" instruction: Parameter Declaration Data type Memory area Description MODE Input INT I, Q, M, D, L or con stant Mode F_ID Input HW_SUB MODULE I, Q, M, D, L or con stant Subslot in the transfer area of the I-device for the data record to be sent (only relevant for MODE=2). The high word is always set to zero. CODE1 Input BYTE I, Q, M, D, L or con stant "0" (for MODE=3) and/or Error Code 1 (for MODE=4) CODE2 Input BYTE I, Q, M, D, L or con stant "0" (for MODE=3) and/or Error Code 2 (for MODE=4) LEN Input UINT I, Q, M, D, L or con stant Maximum length of the data record to be sent in bytes NEW Output BOOL I, Q, M, D, L The new data record was requested by the su perordinate controller. STATUS Output DWORD I, Q, M, D, L Error information SLOT Output HW_SUB MODULE I, Q, M, D, L Identical to F_ID SUBSLOT Output HW_SUB MODULE I, Q, M, D, L Identical to F_ID INDEX Output UINT I, Q, M, D, L Number of the data record to be sent RLEN Output UINT I, Q, M, D, L Length of the data record to be sent RECORD InOut VARIANT I, Q, M, D, L Data record made available Note: Note that for S7-300 CPUs, the parameter RECORD always requires the full specification of the DB parameters (for example, P#DB13.DBX0.0 Byte 100) The omission of an explicit DB number is illegal for S7-300 CPUs and leads to an error message in the user program. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS For interpretation of the STATUS parameter, refer to section: Parameter STATUS (Page 3475) 3544 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PROFIBUS (S7-1200, S7-1500) DPSYC_FR: Synchronize DP slaves / Freeze inputs (S7-1500) Description You use the instruction to synchronize one or more groups of DP slaves. The function involves sending one of the control commands below, or a combination of them, to the relevant groups: SYNC (simultaneous output and freezing of output states on the DP slaves) UNSYNC (cancels the SYNC control command) FREEZE (freeze the input states on the DP slaves and read in the frozen inputs) UNFREEZE (cancels the FREEZE control command) Before you send the control commands listed above, you must assign the DP slaves to groups per configuration. You must know which DP slave is assigned to which group, with which number and know the reactions of the various groups to SYNC/FREEZE. Note Note that the control commands SYNC and FREEZE also remain valid when you perform a warm/cold restart. Please note also that you may initiate only one SYNC/UNSYNC job or only one FREEZE/ UNFREEZE job at a time. Functional description "DPSYC_FR" is an asynchronous instruction. Processing takes place across several calls. You start the job by calling "DPSYC_FR" with REQ=1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436). Identification of a job If you have triggered a SYNC/FREEZE job and called "DPSYC_FR" again before the first job was completed, the response of the instruction depends on whether the new call is for the same job. If the input parameters LADDR, GROUP and MODE match, the call is interpreted as a follow-on call. WinCC Advanced V14 System Manual, 10/2016 3545 Programming the PLC 11.4 Instructions Writing outputs of DP modules The writing of outputs of DP modules is triggered as follows: By transfer commands to the DP I/O By writing the process image of the outputs to the modules (by the operating system at the end of OB 1 or by calling the instruction "UPDAT_PO (Page 3407)") Calling the "DPWR_DAT (Page 3538)" instruction. In normal operation, the DP master transfers the output bytes cyclically (within the cycle of the PROFIBUS DP bus) to the outputs of the DP slaves. If you want to have certain output data (possibly distributed over several slaves) applied to the outputs to the process at exactly the same time, you can send the SYNC control command to the relevant DP master using the "DPSYC_FR" instruction. What are the effects of SYNC? With the SYNC control command, the DP slaves of the selected groups are switched to Sync mode. The DP master transfers the current output data and instructs the DP slaves involved to freeze their outputs. With the following output message frames, the DP slaves enter the output data in an internal buffer and the state of the outputs remains unchanged. Following each SYNC control command, the DP slaves of the selected groups apply the output data of their internal buffer to the outputs on the process. The outputs are only updated cyclically again when you send the UNSYNC control command using the "DPSYC_FR" instruction. Note If the DP slaves of the selected group(s) are not currently connected to the network or have failed when the control command was sent, they will not be switched to SYNC mode. This information will not be communicated in the return value of the instruction. Reading input data of DP modules The input data of the DP modules are read as follows: Using load commands to the DP I/O When the process image of the inputs is updated (by the operating system at the start of OB 1 or by calling the "UPDAT_PI (Page 3404)" instruction) By calling the "DPRD_DAT (Page 3536)" instruction. In normal operation, the DP master receives this input data cyclically (within the cycle of the PROFIBUS DP bus) from its DP slaves and makes them available to the CPU. If you want to have certain input data (possibly distributed over several slaves) to be read from the process at exactly the same time, send the FREEZE control command to the relevant DP master using the "DPSYC_FR" instruction. 3546 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions What are the effects of FREEZE? With the FREEZE control command, the DP slaves involved are switched to Freeze mode. The DP master instructs the DP slaves involved to freeze the current state of the inputs. It then transfers the frozen data to the input area of the CPU. Following each FREEZE control command, the DP slaves freeze the state of their inputs again. The DP master receives the current state of the inputs cyclically again after you have sent the UNFREEZE control command with the "DPSYC_FR" instruction. Note If the DP slaves of the selected group(s) are not currently connected to the network or have failed when the control command has been sent, they will not be switched to FREEZE mode. This information will not be communicated in the return value of the instruction. Data consistency Because the DPSYC_FR functions are asynchronous and can be interrupted by higher priority classes, you should make sure that the process images are consistent with the actual inputs and outputs of the I/O when using the "DPSYC_FR" instruction. This is guaranteed if you comply with the following consistency rules: Define suitable process image partitions for the "SYNC outputs" and the "FREEZE inputs" (only possible on the S7-400). Call the "UPDAT_PO (Page 3407)" instruction immediately before each first call of a SYNC job. Call the "UPDAT_PI (Page 3404)" instruction immediately after the respective last call of a FREEZE job. As an alternative: Use only direct I/O access for outputs involved in a SYNC job and for inputs involved in a FREEZE job. Do not write to these outputs when a SYNC job is active and do not read in these inputs when a FREEZE job is active. Use of DPWR_DAT and DPRD_DAT If you use the "DPWR_DAT (Page 3538)" instruction, it must be complete before you send a SYNC job for the outputs involved. If you use the "DPRD_DAT (Page 3536)" instruction, it must be complete before you send a FREEZE job for the inputs involved. Startup and "DPSYC_FR" The user alone must take responsibility for sending the SYNC and FREEZE control commands in the startup OBs. If you want the outputs of one or more groups to be in SYNC mode when the user program starts, you must initialize these outputs during startup and completely execute the "DPSYC_FR" instruction with the SYNC control command. If you want the inputs of one or more groups to be in FREEZE mode when the user program starts, you must execute the "DPSYC_FR" instruction with the FREEZE control command completely for these inputs during startup. WinCC Advanced V14 System Manual, 10/2016 3547 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DPSYC_FR" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Level-triggered control parameter REQ = 1: Trig gering of the SYNC/FREEZE job LADDR Input HW_INTER FACE I, Q, M, D, L or con stant Hardware identifier of the DP master interface BYTE I, Q, M, D, L or con stant GROUP Input The number can be taken from the properties of the DP master interface in the Network view or from the "System constants" tab of the standard tag table. Group selection Bit 0 = 1: group 1 selected Bit 1 = 1: group 2 selected : Bit 7 = 1: group 8 selected You can select several groups per job. The value B#16#0 is invalid. 3548 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description MODE Input BYTE I, Q, M, D, L or con stant Job ID (coding complies with EN 50 170 Volume 2, PROFIBUS) Bit 0: reserved (value 0) Bit 1: reserved (value 0) Bit 2: = 1: UNFREEZE will be executed = 0: no meaning Bit 3: = 1: FREEZE will be executed = 0: no meaning Bit 4: = 1: UNSYNC will be executed = 0: no meaning Bit 5: = 1: SYNC will be executed = 0: no meaning Bit 6: reserved (value 0) Bit 7: reserved (value 0) Possible values: with exactly one ID per job: - B#16#04 (UNFREEZE) - B#16#08 (FREEZE) - B#16#10 (UNSYNC) - B#16#20 (SYNC) with more than one ID per job: RET_VAL Return INT I, Q, M, D, L - B#16#14 (UNSYNC, UNFREEZE) - B#16#18 (UNSYNC, FREEZE) - B#16#24 (SYNC, UNFREEZE) - B#16#28 (SYNC, FREEZE) If an error occurs while the instruction is being exe cuted, the return value contains an error code. Make sure that you evaluate RET_VAL each time the block has been executed. BUSY Output BOOL I, Q, M, D, L BUSY=1: The SYNC/FREEZE job is not yet complete. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3549 Programming the PLC 11.4 Instructions Parameter RET_VAL Note If you access DPV1 slaves, error information of these slaves can be forwarded from the DP master to the instruction. For a description of this error information, refer to STATUS[3], STATUS (Page 3475) parameter. Error code* (W#16#...) Explanation 0000 Job completed without error. 7000 First call with REQ= 0: The job specified with LADDR , GROUP and MODE is not active; BUSY has the value "0". 7001 First call with REQ= 1. The job specified with LADDR , GROUP and MODE was triggered; BUSY has the value "1". 7002 Intermediate call (REQ irrelevant). The activated SYNC/FREEZE job is still running; BUSY has the value 1. 8090 The module selected with LADDR is not a DP master. 8093 This instruction is not permitted for the module selected with LADDR (configuration or version of the DP master). 8094 GROUP parameter is incorrect 8095 MODE parameter is incorrect 80A4 Communication on PROFIBUS disrupted. 80B0 The group selected with GROUP is not configured. 80B1 The group selected with GROUP is not assigned to this CPU. 80B2 The SYNC job specified with MODE is not permitted on the group selected with GROUP. 80B3 The FREEZE job specified with MODE is not permitted on the group selected with GROUP . 80C2 Temporary shortage of resources on the DP master: The DP master is currently processing the maximum number of jobs for a CPU. 80C3 This SYNC/UNSYNC job cannot be activated at present because only one SYNC/UNSYNC job can be triggered at a time. Check your user program. 80C4 This FREEZE/UNFREEZE job cannot be activated at present because only one FREEZE/UNFREEZE job can be triggered at a time. Check your user program. 80C5 Short circuit directly at DP interface 80C6 Job aborted due to I/O disconnection by CPU 80C7 Job aborted due to warm or cold restart on the DP master General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". 3550 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions DPNRM_DG: Read diagnostics data from a DP slave (S7-1200, S7-1500) Description You use the "DPNRM_DG" instruction to read the current diagnostic data of a DP slave in the form specified in EN 50 170 Volume 2, PROFIBUS. Refer to the following table for the basic structure of the slave diagnostic data and to the manuals of the DP slaves for further information. Byte Meaning 0 Station status 1 1 Station status 2 2 Station status 3 3 Master station number 4 Vendor ID (high byte) 5 Vendor ID (low byte) 6 ... Additional slave-specific diagnostic information The data that has been read is entered in the destination area indicated by RECORD following without error data transfer. You start the read process by assigning the value "1" to the REQ input parameter when the "DPNRM_DG" instruction is called. Functional description The read process is executed asynchronously. It can span several calls. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) Parameters The following table shows the parameters of the "DPNRM_DG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Read request LADDR Input HW_DPSLAVE I, Q, M, D, L or con stant Hardware identifier of the DP slave DINT, INT, LREAL, REAL If an error occurs while the instruction is being exe cuted, the return value contains an error code. If no error has occurred, the length of the data actually transferred is entered in RET_VAL . RET_VAL Return WinCC Advanced V14 System Manual, 10/2016 I, Q, M, D, L Note: The identifier must be specified in hexadeci mal form. For example, hardware identifier 1022 means: LADDR:=W#16#3FE. 3551 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description RECORD Output VARIANT I, Q, M, D, L Destination area for the diagnostic data that were read. Only the data type BYTE is valid. The mini mum length of the data record to be read or the destination area is 6. The maximum length of the data record to be read is 240. For standard slaves, which have a diagnostic data length of more than 240 bytes up to a maximum of 244 bytes, the first 240 bytes are trans ferred to the destination area. Then, the corre sponding overflow bit is set in the data. BUSY Output BOOL I, Q, M, D, L BUSY = 1: The reading process is not yet complete. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". You can find information on data type conversion in the different programming languages under "Overview of data type conversions (Page 2398)". Parameter RECORD The CPU evaluates the actual length of the read diagnostic data: If the length specified for RECORD is less than the number of data bytes supplied, the data is discarded. The corresponding error code is entered in RET_VAL. is greater than or equal to the number of data bytes supplied, the data is accepted in the destination area and the actual length is entered in RET_VAL as a positive value. Note You must ensure that the actual parameters of RECORD correspond in all calls belonging to a job. A job is uniquely identified by the LADDR input parameter. Standard slaves with more than 240 bytes of diagnostic data With standard slaves on which the number of standard diagnostic data is between 241 and 244 bytes, note the following points: If the length specified for RECORD is less than 240 bytes, the data is discarded and the corresponding error code is entered in RET_VAL. is greater than or equal to 240 bytes, the first 240 bytes of the standard diagnostic data is transferred to the destination area and the overflow bit is set in the data. 3552 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL If an error occurred while the function was being executed, the return value contains an error code. If no errors have occurred during data transfer, RET_VAL contains the length of the data read in bytes as a positive number. Note The amount of data read in a DP slave depends on its diagnostics status. For the evaluation of the error information of the RET_VAL parameter, refer to the following table. Error code (W#16#...) Explanation Restriction 7000 First call with REQ = 0: No data transfer active; BUSY has the value "0". - 7001 First call with REQ = 1: Data transfer triggered; BUSY has the value "1". Distributed I/O 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". Distributed I/O 8090 Address specified at parameter LADDR is invalid. - 8093 This instruction is not permitted for the module selected by means of LADDR and IOID. - 80A2 DP protocol error at layer 2 (for example, slave failure or bus problems) Distributed I/O For ET 200S, data record cannot be read in DPV0 mode. 80A3 DP protocol error with user interface/user Distributed I/O 80A4 Communication on PROFIBUS disrupted. Distributed I/O 80B0 Instruction not possible for module type. - The module does not recognize the data record. Data record number 241 not permitted. With "WR_REC (Page 3437)", data records 0 and 1 are not permitted. 80B1 The length specified in parameter RECORD is incorrect. specified length < data record length 80B2 The configured slot is not occupied. - 80B3 Actual module type does not match specified module type - 80C0 There are no diagnostic data available. - 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - 80C3 The required resources (memory, etc.) are currently occupied. - WinCC Advanced V14 System Manual, 10/2016 3553 Programming the PLC 11.4 Instructions Error code (W#16#...) Explanation Restriction 80C4 Internal temporary error. Job could not be executed. - Repeat the job. If this error occurs often, check your installation for sour ces of electrical interference. 80C5 Distributed I/O not available. 80C6 Data record transfer stopped due to priority class abort (restart or back Distributed I/O ground) General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation Distributed I/O - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Overview of data type conversions (Page 2398) DP_TOPOL: Determine topology for DP master system (S7-1500) Description You use the instruction to trigger the topology determination for a selected DP master system. Calling the instruction will address all diagnostics repeaters on a DP master system. Note The topology can only be determined for one DP master system at a time. Topology determination is the prerequisite for the detailed display of the error location if line errors occur. After configuration and after every change to the physical configuration of a DP master system, you must repeat the topology determination with "DP_TOPOL". Changes to the physical configuration are: Changes in line lengths Adding or removing stations or components with repeater function Changing station addresses If an error is reported by a diagnostics repeater, "DP_TOPOL" writes the DPR and DPRI outputs for the duration of one "DP_TOPOL pass. If errors are reported by multiple diagnostics repeaters of the selected DP master system, "DP_TOPOL" writes information on the first errorreporting diagnostics repeater to DPR and DPRI . You can read out the entire diagnostic information on the programming device or using the "DPNRM_DG (Page 3551)" instruction. If no diagnostics repeater reports an error, the DPR and DPRI outputs have the value "0". If you want to repeat a topology determination after an error occurs, you must first reset "DP_TOPOL". This is done by calling "DP_TOPOL" with REQ=0 and R=1. 3554 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Functional description "DP_TOPOL" is an asynchronous instruction. Processing takes place across several calls. You start determining the bus topology by calling "DP_TOPOL" with REQ=1 . If you want to cancel the process, call "DP_TOPOL" with R=1 . The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) Note Determining the topology may take several minutes. Identification of a job The input parameter DP_ID uniquely specifies a job. If you call "DP_TOPOL" again before the topology is discovered, the manner in which the instruction reacts depends on whether the new call involves the same job: If the DP_ID parameter matches a job that has not yet been completed, then the call is interpreted as a follow-up call. The value W#16#7002 is entered in RET_VAL. On the other hand, if another job is involved, the CPU rejects it. Parameters The following table shows the parameters of the "DP_TOPOL" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ=1: Trigger topology determination R Input BOOL I, Q, M, D, L or con stant R=1: Cancel topology determination DP_ID Input HW_IOSYS TEM I, Q, M, D, L or con stant DP master system ID of those master systems for which the topology will be determined RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. BUSY Output BOOL I, Q, M, D, L BUSY=1: Topology determination is not yet com plete. DPR Output BYTE I, Q, M, D, L PROFIBUS address of the diagnostics repeater reporting the error. DPRI Output BYTE I, Q, M, D, L Measuring segment diagnostics repeater report ing the error: Bit 0 = 1: Temporary faults on segment DP2 Bit 1 = 1: Permanent faults on segment DP2 Bit 4 = 1: Temporary faults on segment DP3 Bit 5 = 1: Permanent faults on segment DP3 You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3555 Programming the PLC 11.4 Instructions Parameter RET_VAL The "real" error information (error codes W#16#8xyz) can be divided into two classes: Temporary errors (error codes W#16#80A2 to 80A4, 80C3, 80C5): It is possible that this type of error is eliminated without user action. It is advisable to call "DP_TOPOL" again (multiple calls, if necessary). Example of a temporary error: Resources required are currently in use (W#16#80C3). Permanent errors (error codes W#16#8082, 80B0, 80B2): With this error type, you must resolve the error. A new call of "DP_TOPOL" is required once you have eliminated the error. Example of a permanent error: The DP master/CPU does not support this service. (W#16#80B0). Error code* Explanation (W#16#...) 0000 Job completed without error. 7000 First call with REQ=0. Topology determination is not triggered. BUSY has the value "0". 7001 First call with REQ=1. The request to execute topology determination was sent. BUSY has the value "1". 7002 Intermediate call (REQ irrelevant): Topology determination is not yet complete. BUSY has the value "1". 7010 You have attempted to cancel topology determination. But there is no running job with the specified DP_ID. BUSY has the value "0". 7011 First call with R=1. The cancellation of the topology determination was triggered. BUSY has the value "1". 7012 Intermediate call: The cancellation of the topology determination is not yet complete. BUSY has the value "1". 7013 Final call: The topology determination was cancelled. BUSY has the value "0". 8082 No DP master system is configured with the specified DP_ID. 80A2 Error during topology determination; for more detailed information, refer to output parameters DPR and DPRI. 80A3 Error during topology determination: Monitoring time has elapsed (timeout). 80A4 Communication on PROFIBUS disrupted. 80B0 The DP master/CPU does not support this service. 80B2 Error during topology determination: No diagnostics repeater was found at the selected DP master system. 80C3 Resources required are currently in use. Possible cause: You have initiated a second topology determi nation (only one topology determination is permitted at one time). 80C5 The DP master system is currently not available. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". 3556 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ASi (S7-1500) ASI_CTRL: Control AS-i master behavior (S7-1500) Description of ASI_CTRL (S7-1500) Description Using the instruction "ASI_CTRL", the behavior of the AS-i master is controlled from the user program of the PLC. The instruction processes the command protocol automatically. It also enables parameter assignment on SIMATIC AS-i masters and reading out information data. The functions and operation of the command interface are detailed in the manual for the AS-i master. Both centrally inserted AS-i masters and distributed AS-i masters via PROFIBUS DP are supported. Combinations with PROFINET IO (e.g. IE/PB Link PN IO) are also possible. The schematic diagram below shows the functions of the "ASI_CTRL" instruction: 6,0$7,&VWDWLRQ $6LPDVWHU 8VHUSURJUDP 6WDUW FRPPDQG $6,B&75/ Response data WinCC Advanced V14 System Manual, 10/2016 Status query Read data record STATUS Command interface 5HFHLYHEXIIHU Write data record $6LPDVWHUVWDUWDGGUHVV 6HQGEXIIHU Command no. / job data Start Command processing Start of processing at the REQ parameter. The program sends the required command to the AS-i master via the instruction "RDREC". The AS-i master processes the command. The current status of the AS-i master is stored in the input area of the binary data (logical start address). The instruction "ASI_CTRL" cyclically queries and evaluates the 4 status bits. Once command processing is complete, the command job is completed with "RDREC". Depending on the command, the data field of "RDREC" may contain the response data for the command or additional status information. 3557 Programming the PLC 11.4 Instructions Dependencies between instruction versions Version V1.3 of instruction "ASI_CTRL" requires version V1.1 of instruction "WRREC". Version V1.2 of instruction "ASI_CTRL" requires version V1.1 of instruction "WRREC". Differences in the command call between IE/ AS-i Link and DP/AS-i Links There are significant differences in how a controller exchanges commands with an AS-i master. IE/AS-i Link (PROFINET) used the data record interface. The different commands are called with either "Write data record" ("WRREC" instruction) or "Read data record" ("RDREC" instruction) by various data record numbers. DP/AS-i Links (PROFIBUS) use the command interface. All commands are called by data record number 2 with "Write data record" ("WRREC" instruction) plus "Read data record" ("RDREC" instruction). The type of command is defined by the data content in the write job. Operation of the "ASI_CTRL" instruction The instruction "ASI_CTRL" is an asynchronous function block. Processing takes place across several calls. A job is started with REQ = TRUE. The job status is displayed via the BUSY output parameters and the two central bytes of the output parameter STATUS. The BUSY parameter is set during job processing. Upon the first call, STATUS is assigned the value 00700100H. Upon all subsequent calls for this job, it is assigned the value 00700200H. When the job is complete, the result is output at the parameters DONE or ERROR. - If no errors have occurred, DONE is set. For jobs with response data from the AS-i master, this data is provided in the specified receive buffer. In such cases, the STATUS parameter also displays the volume of data supplied in bytes. For jobs without response data, the value 00000000H is entered in STATUS. - If an error occurs during job processing, ERROR is set. The content of the receive buffer is invalid in such a case. An error code is entered in the STATUS parameter for a more detailed description of the error which has occurred. Number of command calls If you use the instruction "ASI_CTRL" to send commands, you may not simultaneously send other commands to the same AS-i master with "RDREC (Page 3420)" or "WRREC (Page 3437)". This also applies to multiple calls of the instruction for the same AS-i master. The instruction "ASI_CTRL" cannot be run with interruptions. Calls therefore must not be programmed in program priority classes which interrupt each other (for example with calls in OB 1 and in OB 35). 3558 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "ASI_CTRL" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L, constant REQ = TRUE starts a new job unless a job is already in progress. No edge evaluation takes place. LADDR Input HW_IO I, Q, M, D, L, constant Hardware identifier of the AS-i master. You can obtain the address from the module properties. SD Input VARIANT I, Q, M, D, L Send buffer The parameter refers to a memory area in which the command is to be specified (see "ASi commands (Page 3561)"). RD Input VARIANT I, Q, M, D, L Receive buffer This buffer is only relevant for commands which deliver answer data. The parameter re fers to a memory area in which a command response is stored (see "ASi commands (Page 3561)"). DONE Output BOOL I, Q, M, D, L DONE = TRUE: Job completed without errors. BUSY Output BOOL I, Q, M, D, L BUSY = TRUE: Job in process. ERROR Output BOOL I, Q, M, D, L ERROR = TRUE: Job aborted with error. STATUS Output DWORD I, Q, M, D, L Job status / error code See the "STATUS parameter" description. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note LADDR, SD and RD parameters The parameters LADDR, SD and RD must not be changed in any block cycle when a job is in progress: they must remain constant. Parameter STATUS The following table shows the possible STATUS displays dependent upon DONE and ERROR. DONE BUSY ERROR STATUS Meaning 0 0 0 00700000H First call with REQ = FALSE; no active job. 0 1 0 00700100H First call with REQ = TRUE; job has started. 0 1 0 00700200H Subsequent call (REQ irrelevant); job is still in progress. 1 0 0 00000000H Job completed without errors. No response data. 1 0 0 0000xx00H Job completed without errors. Number of xx bytes of response data. 0 0 1 C0818400 Data type of formal operand RD invalid. H WinCC Advanced V14 System Manual, 10/2016 3559 Programming the PLC 11.4 Instructions DONE BUSY ERROR STATUS Meaning 0 0 1 C0818500 H Error in communication with AS-i master (incorrect address configured at the LADDR parameter). 0 0 1 C0838100 Incorrect AS-i slave address. H 0 0 1 C0838200 AS-i slave is not enabled (not in LAS). H 0 0 1 0 0 1 C0838300 H Error at the AS interface (the SD parameter may have been set too small). C0838400 The command is not valid with the current AS-i master status. H 0 0 1 C0838500 There is an AS-i slave with the address "0". H 0 0 1 0 0 1 C0838600 The AS-i slave has invalid configuration data (I/O or ID codes). H C083A100 The AS-i slave addressed has not been found at the AS interface. H 0 0 1 C083A200 There is an AS-i slave with the address "0". H 0 0 1 C083A300 0 0 1 C083A400 There is already an AS-i slave with the new address at the AS interface. H The AS-i slave address cannot be deleted. H 0 0 1 C083A500 The AS-i slave address cannot be set. H 0 0 1 0 0 1 C083A600 The AS-i slave address cannot be permanently saved. H C083A700 Error during reading of the extended ID1 code. H 0 0 1 0 0 1 0 0 1 C083A800 H The target address is not plausible (e.g. a B slave address has been used for a standard slave). C083B100 A length error has occurred during string transfer. H C083B200 A protocol error has occurred during string transfer. H 0 0 1 C083F800 Unknown job number or job parameter. H 0 0 1 C083F900 The AS-i master has detected an EEPROM error. H See also RD_REC: Read data record from I/O (Page 3530) GET_ERR_ID: Get error ID locally (Page 2690) WR_REC: Write data record to I/O (Page 3535) Difference between synchronous and asynchronous instructions (Page 2436) 3560 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ASi commands (S7-1500) Description The command interface allows the controller and AS-i master to exchange parameter assignment and information data. These commands provide the complete functionality of the M4 master profile of the AS-i master specifications. enable the AS-i master to be completely configured from the controller. Note AS-i commands supported Please see the manual of the relevant AS-i master for the AS-i commands supported and a detailed description. General structure of the send buffer The general structure of the send buffer for commands and job data is set out in the table below. The area for the command number must always be filled. The number of bytes for the job data can be found in the description of the command (see AS-i master documentation). In this case, "q" refers to the start address of the send buffer. Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Meaning q+0 Command number q+1 Job data q+2 Job data q + ... Job data General structure of the receive buffer The general structure of the receive buffer for the command response data is set out in the table below. The number of bytes for the response data depends on the command. Some commands do not return response data, and therefore only require the definition of a virtual receive buffer which is not filled with data. In this case, "n" refers to the start address of the receive buffer. Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Meaning WinCC Advanced V14 System Manual, 10/2016 n+0 Response data n+1 Response data n+2 Response data n + ... Response data 3561 Programming the PLC 11.4 Instructions NOTICE Memory areas can be overwritten If the receive buffer of the "ASI_CTRL" instruction is too short, neighboring memory areas may be overwritten. The length specified in the ANY pointer of the RD parameter when the instruction "ASI_CTRL" is called is irrelevant. The required length for the receive buffer can be found in the description of the command. The following applies for command numbers 39H, 41H, 42H, 43H and 44H: The receive buffer must be 221 bytes long (bytes 0 to 220), even if the command returns less data. Depending on the command, the highest bytes in the receive buffer may be overwritten with zero values by the AS-i master. AS-i commands A selection of possible AS-i commands is set out in the table below. Name Parameter Set_permanent_parameter Slave address, parameter Return Coding 00 H (Set_Permanent_Parameter) Get_permanent_parameter Slave address Parameter 01 H Slave address, parameter Parameter echo 02 H Slave address Parameter value 03 H (Get_Permanent_Parameter) Write_parameter (Write_Parameter) Read_parameter (Read_Parameter) Store_actual_parameters 04 H (Store_Actual_Parameters) Set_configuration_data Slave address, configuration Get_configuration_data Slave address 25 H Set configuration data Store_actual_configuration 26 H 07 H (Store_Actual_Configuration) Get_actual_configuration Slave address Configure_LPS LPS Actual configuration da 28 H ta 29 H Set_offline_mode Mode 0AH Select_auto-program Mode 0B H Set_mode Mode 0C H Change_AS-iSlave_address Address1, Address2 0D H (Change_AS-iSlave_Address) Get_AS-iSlave_status Read_lists_and_flags 3562 Slave address Error record of the AS-i slave 0F H LDS, LAS, LPS, flags 30 H WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name Parameter Get_overall_configuration Return Coding Actual configuration da 39 H ta, current parameters, LAS, flags Set_overall_configuration Overall configuration 3A H Write_parameter_list Parameter list 3C H Read_parameter_echo_list Write_CTT2_request Slave address Parameter echo list 33 H CTT2 string 44 H Version string 14 H CTT2 string Read_version_identifier Read_AS-i_slave Slave address ID code 17 H Read_AS-i_slave_extended_ID1 Slave address Extended ID1 code 37 H Write_AS-iSlave_extended_ID1 Extended ID1 code Read_AS-iSlave_extended_ID2 Slave address Extended ID2 code 38 H Read_AS-iSlave_IO Slave address I/O configuration 18 H Read_I/O_error_list 3F H LPF 3E H Write_AS-i-slave_parameter_string Slave address, parameter string 40 H Read_AS-iSlave_parameter_string Slave address Parameter string 41 H Read_AS-iSlave_ID_string Slave address ID string 42 H Read_AS-iSlave_diagnostic_string Slave address Diagnostic string 43 H Read_AS-i_line_error_counter 4A H Read_and_clear_AS-i_line_error_counter 4B H Read_AS-iSlave_error_counter Slave address 4C H Read_and_clear_AS-iSlave_error_counter Slave address 4D H Additional command for DP/ AS-i F-Link: AS-i_status/diag_of_F_slaves Status/diagnostics of all AS-i safe slaves 51 H Note Re-initializing the AS-i master command interface Another command which is not mentioned in the table is command 77 H. This call serves to reinitialize the command interface of the AS-i master. Any command which the AS-i master specified is currently processing will be terminated. As of version V2.1.20 of DP/AS-i LINK Advanced, command 0E H is also available. This call is used to release or block the ground fault monitoring function for a line. WinCC Advanced V14 System Manual, 10/2016 3563 Programming the PLC 11.4 Instructions PROFIenergy (S7-1200, S7-1500) Description of PROFIenergy (S7-1200, S7-1500) PROFIenergy PROFIenergy is a manufacturer- and device-neutral profile for energy management with PROFINET. To reduce electricity consumption during breaks in production and unplanned interruptions, it is possible to shut down equipment in a coordinated and centralized manner using PROFIenergy. 3DXVH (QHUJ\FRQVXPSWLRQ 3DXVH 7LPH The PROFINET devices/power modules are switched off via special commands in the user program of the PROFINET IO controller. No additional hardware is required. The PROFINET devices interpret the PROFIenergy commands directly. PROFIenergy controller (PE controller) The PE controller is a PLC that activates or deactivates the idle state of lower-level devices. Specific production components or complete production lines are deactivated and reactivated via the user program. Commands (e.g. "Start_Pause" and "End_Pause") are sent to the lowerlevel device using corresponding instructions (function blocks). The commands are sent via the PROFINET communication protocol. PROFIenergy entity (PE entity) The PE entity receives the PROFIenergy commands of the PE controller and executes these accordingly (for example, by returning a measured value or activating an energy saving mode). Implementation of the PE entity in a PROFIenergy-capable device is device- and manufacturerspecific. 3564 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The PE entity can, for example, be executed: Within the proxy of a submodule: The PE commands are valid for the addressed submodule and any existing lower-level submodules. Within the proxy of a module: The PE commands are valid for different submodules within the module. 3(FRQWUROOHU 352),1(7,2GHYLFH 3(FRQWUROOHU ,QWHUIDFHPRGXOH ,0 DV3(HQWLW\ 6XEPRGXOHDV3(HQWLW\ 3(FRPPDQG 352),1(7,2GHYLFH 3(FRPPDQG For networked submodules without a proxy function: The PE commands in this case are only valid for the respective submodule. PROFIenergy instructions Instructions for IO controller - The "PE_START_END (Page 3566)" instruction represents the simplest way to activate or deactivate the idle state of the PROFINET devices (PROFIenergy commands "Start_Pause" and "End_Pause"). This is done using a positive and negative signal edge in the instruction. - The "PE_CMD (Page 3571)" instruction allows you to transmit all PROFIenergy commands, including "Start_Pause" and "End_Pause". With other commands, you can query the current status of the PROFINET devices or the behavior during breaks, for example. - The instruction "PE_DS3_Write_ET200S (Page 3576)" is used to define the switching characteristic of up to 8 slots of ET 200S. The instruction is not a PROFIenergy instruction; however, it supplements the PROFIenergy functions for an ET 200S. Instruction for iDevices The "PE_I_DEV (Page 3601)" instruction allows you to implement PROFIenergy on iDevices as well. The instruction receives PROFIenergy commands on the iDevice and forwards these to the user program for processing. After processing the command, the user program calls the "PE_I_DEV (Page 3601)" instruction again in order to send the acknowledgement to the IO controller. For these replies, each command offers you a corresponding auxiliary block that supplies the response data to the instruction "PE_I_DEV (Page 3601)". WinCC Advanced V14 System Manual, 10/2016 3565 Programming the PLC 11.4 Instructions PROFIenergy commands (PE commands) The PE controller transmits PE commands to the PE entity. The PE command can be either a control command to switch a PE entity to the energy-saving mode, or a command to read a status or measured value: PI commands for control PROFIenergy supports two control commands that can be executed using either the "PE_Start_End (Page 3566)" instruction or the "PE_CMD (Page 3571)" instruction: - Start_Pause: Starting a suitable energy-saving mode (PE Energy-saving mode) - End_Pause: Exiting the energy-saving mode (switch to PE_ready_to_operate mode) PI commands for reading a status or measured value Certain condition information can be read by the control system using the following status commands with the instruction "PE_CMD (Page 3571)": - PE_Identify: Reading the list of PE commands supported by the PE entity. - PEM_Status: Reading the currently active mode of a PE entity (e.g. PE_ready_to_operate). - Query_Modes: Output of an overview of all supported energy-saving modes, including the time and energy information - Query_Measurement: Output of the measured values of a PE entity Example applications Examples for use of PROFIenergy instructions can be found in the Industry Online Support in the entry "PROFIenergy - Saving Energy with SIMATIC S7 (http:// support.automation.siemens.com/WW/view/en/41986454)". See also Service and Support (http://support.automation.siemens.com/) IO controller (S7-1200, S7-1500) PE_START_END: Start and exit energy-saving mode (S7-1200, S7-1500) Description The instruction "PE_START_END" is used to start and exit the energy-saving mode of a specified PE entity (e.g. ET 200S). The instruction "PE_START_END" is used in the PE controller, preferably when only field devices from which energy data does not need to be read out are connected to the corresponding PE devices. Alternatively, the instruction "PE_CMD (Page 3571)" can be used to read energy data. 3566 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The energy-saving modes are configured in the user program of the PE controller. On completion of the "PE_START_END" instruction, the PE entity reports its current energy-saving mode and outputs this data at parameter PE_MODE_ID. Write and read jobs of the "PE_START_END" instruction. The instruction "PE_START_END" sends a PROFIenergy command internally as a write job to the PE entity using "WRREC (Page 3437)". "PE_START_END" then waits for acknowledgment from the PE entity. The acknowledgment data record is read with the instruction "RDREC (Page 3420)" every 100 milliseconds. Until acknowledgment is received from the PE entity, the function repeats the read job for 10 seconds at intervals of 100 milliseconds. The response data of the PE entity is also read with the instruction "RDREC (Page 3420)". Below is a flowchart of the write and read jobs: 352),HQHUJ\FRQWUROOHU 352),HQHUJ\GHYLFH 3(B67$57B(1'3(B&0' 3(B,B'(9 5(4 :ULWHMRE 1(: :ULWHUHVSRQVH SRVLWLYH 5HDGMRE PV 5HDGUHVSRQVH QHJDWLYHUHVRXUFHDVVLJQHGEXV\ V 5HDGMRE V 5HDGUHVSRQVH SRVLWLYH 7LPH WinCC Advanced V14 System Manual, 10/2016 7LPH 3567 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "PE_START_END" instruction: Parameter Declaration Data type Memory area Description START Input BOOL I, Q, M, D, L or con stant Transmitting the PE command "Start_Pause" to the PE entity with the address set at param eter ID. END Input BOOL I, Q, M, D, L or con stant Transmitting the PE command "End_Pause" to the PE entity with the address set at parameter ID. ID Input HW_ SUBMODULE I, Q, M, D, L or con stant Address of the PE entity Use the hardware ID of the head module for a PROFINET IO device. Refer to the system constants of the assigned IO controller for the hardware ID. The name of the head module is composed of the name of the IO device and the suffix [Head] (example: "IO_De vice_1[Head]"). If the PE entity is an I-device, use the hardware identifier of a transfer area instead. PAUSE_TIME Input TIME I, Q, M, D, L, P or con Planned pause duration. stant Range: T#1MS to T#24D20H31M23S647MS Start value: T#0MS VALID Output BOOL I, Q, M, D, L PE command successfully sent. BUSY Output BOOL I, Q, M, D, L PE command still being processed. ERROR Output BOOL I, Q, M, D, L Error occurred during processing. The error message is output at the STATUS parameter. STATUS Output DWORD I, Q, M, D, L, P Block status / error number (see "STATUS pa rameter") PE_MODE_ID Output BYTE I, Q, M, D, L, P Identification number of energy-saving mode (energy-saving level for the duration of the pause). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3568 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter PAUSE_TIME The parameter PAUSE_TIME is used to set the default duration of the energy-saving period at the PE entity. The PE entity checks whether the pause period is of sufficient length and whether it can be implemented. The minimum pause duration (Time_min_Pause) must be greater than the sum of the times the device needs to switch to energy-saving mode (Time_to_Pause) and to switch back to operating mode (Time_to_Operate). 3(BUHDG\B WRBRSHUDWH 3(BHQHUJ\B VDYLQJBPRGH 6WDUWB3DXVH 7LPHBWRB3DXVH (QGB3DXVH 7LPHBPLQBOHQJWKBRIBVWD\ 7LPHBWRB2SHUDWH W 7LPHBPLQB3DXVH ET 200S checks whether the scheduled pause duration is greater than or equal to the minimum pause duration (PM-E_Pause_Min) saved on the ET 200S. This is fixed at 10 seconds. If a shorter pause is used, the power modules (PM-E) of the ET 200S will remain on. The module does not switch back on automatically at the end of the pause; it remains in OFF mode until the "END" command is sent. This prevents uncoordinated switch-on, which can cause undesired peak loads. Parameter STATUS Error information is output at the STATUS output parameter. If it is interpreted as ARRAY[1...4] of BYTE, the error information has the following structure: Field element Name Meaning STATUS[1] Function_Num Cause of the error B#16#00: No error B#16#DE: Error while reading the data record B#16#DF: Error while writing the data record B#16#C0: Error message caused by the instruction or the communication instructions "RDREC (Page 3420)" and "WRREC (Page 3437)" used internally. STATUS[2] Error_Decode Location of the error ID 80: DPV1 error as defined in IEC 61158-6 or application-specific FE: DP/PNIO profiles - PROFIenergy-specific error WinCC Advanced V14 System Manual, 10/2016 3569 Programming the PLC 11.4 Instructions Field element Name Meaning STATUS[3] Error_Code_1 Error ID When Error_Decode = 80: - 80: Simultaneous positive edge at the input parameters START and END. - 81: Length conflict at the CMD_PARAM and CMD_PARAM_LEN parameters. - 82-8F: Other error messages (reserved) When Error_Decode = FE: STATUS[4] Error_Code_2 - 01: "Service Request ID" invalid - 02: Incorrect "Request_Reference" - 03: "Modifier" invalid - 04: "Data Structure Identifier RQ" invalid - 05: "Data Structure Identifier RS" invalid - 06: "PE energy-saving modes" are not supported - 07: "Response" is too long (maximum transmissible length exceeded) - 08: "Count" invalid - 50: No suitable "energy mode" is available. - 51: Time value specified is not supported. - 52: "PE_Mode_ID" invalid - 53: No switch to "PE energy-saving mode" because the device is in operation - 54: Function not available at this time. Wrong device configured or incorrect setup. - 55 to FF: Reserved Manufacturer-specific extension of the error ID Note Error messages of the instructions RDREC and WRREC The instruction "PE_START_END" uses the instructions "WRREC (Page 3437)" and "RDREC (Page 3420)" for communication. Error messages for these instructions are output in the field elements STATUS[1] to STATUS[4]. Please see the description of the corresponding STATUS (Page 3475) parameter for an explanation of the error codes of the "WRREC (Page 3437)" and "RDREC (Page 3420)" instructions. See also Description of PROFIenergy (Page 3564) Difference between synchronous and asynchronous instructions (Page 2436) 3570 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PE_CMD: Start and exit energy-saving mode / Read out status information (S7-1200, S7-1500) Description The instruction "PE_CMD" is used in the PE controller to start or terminate a pause in the energy-saving mode in the PE entity. Additional information and energy measurements are also read out from a PE entity using "PE_CMD". The instruction is best used with PE controllers with assigned PE devices to which field devices are connected from which energy measurements are to be read out. If this is not the case, the instruction "PE_START_END (Page 3566)" can also be used to start and end the pauses. Transfer of the PROFIenergy commands (PE commands) The instruction "PE_CMD" transfers a PROFIenergy command to a PE entity. The instruction can also be used if additional commands are to be added to the PROFIenergy profile in future. The commands which can be used with the current PROFIenergy profile are listed in the description of the CMD and CMD_MODIFIER parameters (see the "CMD and CMD_MODIFIER parameters" table). The individual PE commands which are transferred to the PE entity using the instruction are assigned defined "Service_Request_IDs". The Service_Request_IDs 01 to 05 and 16 are assigned at the CMD parameter. The two PE commands 04 (Query_Modes) and 16 (Query_Measurement) are defined in more detail with the CMD_MODIFIER parameter. Additional values are transferred at the CMD_PARA parameter for individual PE commands (see the description of the individual PE commands). The parameter CMD_PARA_LEN defines the length of the data at the parameter CMD_PARA. The commands are transferred without plausibility test. The response data of the PE entity is saved to the RESPONSE_DATA data area that is addressed by VARIANT pointer (for information about the response frame contents, refer to the description of the respective PE command). Write and read jobs of the "PE_CMD" instruction. The instruction "PE_CMD" uses "WRREC (Page 3437)" internally to transmit a PROFIenergy command as a write job to the PE entity. "PE_CMD" then waits for the acknowledgment from the PE entity. The acknowledgment data record is read with the instruction "RDREC (Page 3420)" every 100 milliseconds. Until acknowledgment is received from the PE entity, the function repeats the read job for 10 seconds at intervals of 100 milliseconds. The response data of the PE entity is also read with the instruction "RDREC (Page 3420)". Below is a flowchart of the write and read jobs: WinCC Advanced V14 System Manual, 10/2016 3571 Programming the PLC 11.4 Instructions 352),HQHUJ\FRQWUROOHU 352),HQHUJ\GHYLFH 3(B67$57B(1'3(B&0' 3(B,B'(9 5(4 :ULWHMRE 1(: :ULWHUHVSRQVH SRVLWLYH 5HDGMRE PV 5HDGUHVSRQVH QHJDWLYHUHVRXUFHDVVLJQHGEXV\ V 5HDGMRE V 5HDGUHVSRQVH SRVLWLYH 7LPH 7LPH Parameter The following table shows the parameters of the "PE_CMD" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Starts transferring the PE command upon a positive edge. ID Input HW_ SUBMODULE I, Q, M, D, L or con stant Address of the PE entity Use the hardware ID of the head module for a PROFINET IO device. Refer to the system constants of the assigned IO con troller for the hardware ID. The name of the head module is composed of the name of the IO device and the suffix [Head] (example: "IO_Device_1[Head]"). If the PE entity is an I-device, use the hardware identifier of a transfer area in stead. 3572 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area CMD Input BYTE I, Q, M, D, L, P or con Service-Request-ID of the PROFIenergy stant command in accordance with the PRO FIenergy profile (see "CMD and CMD_MODIFIER parameters"). Description Further service request IDs are possible following extensions of the PROFIenergy profile. CMD_MODIFIER Input BYTE I, Q, M, D, L, P or con PROFIenergy sub-command stant (only when CMD=3 or CMD=16, see "CMD and CMD_MODIFIER parameters") Further sub-commands are possible fol lowing extensions of the PROFIenergy profile. CMD_PARA Input VARIANT I, Q, M, D, L Parameters for the PE commands: Get mode: PE_mode_ID Get measurement values: List of Measurement_Ids The complete Service Data Request is entered. CMD_PARA_LEN Input INT I, Q, M, D, L, P or con The actual length of the command param stant eters (<= length defined in CMD_PARA; is verified by the instruction). RESPONSE_DATA InOut VARIANT I, Q, M, D, L PROFIenergy information May be complete response frame includ ing block header, depending on the com mand. Note: If the buffer is too small, only the number of bytes which is specified in the VARIANT pointer will be entered. VALID Output BOOL I, Q, M, D, L Command successfully sent. BUSY Output BOOL I, Q, M, D, L Command still being processed. ERROR Output BOOL I, Q, M, D, L Error occurred during processing. STATUS Output DWORD I, Q, M, D, L Block status / error number (see "STA TUS parameter"): You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters CMD and CMD_MODIFIER CMD CMD_ MODIFIER PROFIenergy command Description 01 0 Start_Pause (Page 3591) Start energy-saving mode or switch to a different energysaving mode. 02 0 End_Pause (Page 3591) End energy-saving mode. WinCC Advanced V14 System Manual, 10/2016 3573 Programming the PLC 11.4 Instructions CMD CMD_ MODIFIER PROFIenergy command Description 03 1 Query_Modes - List of energysaving modes (Page 3592) Output the energy-saving modes supported. 2 Query_Modes - Get mode (Page 3593) Output attributes of the energy-saving mode currently ena bled. 04 0 PEM_Status (Page 3595) Query status of energy-saving mode. 05 0 PE_Identify (Page 3597) Read out the number and description of PE commands sup ported. 16 1 Query_Measurement Get_Measurement_List (Page 3597) List of measured values supported by the PE entity. 2 Query_Measurement Get_Measurement_Values (Page 3600) Output the measured values of the PE entity. Parameter STATUS Error information is output at the STATUS output parameter. If it is interpreted as ARRAY[1...4] of BYTE, the error information has the following structure: Field element Name Meaning STATUS[1] Function_Num Cause of the error B#16#00: No error B#16#DE: Error while reading the data record B#16#DF: Error while writing the data record B#16#C0: Error message from the internal communication instructions "RDREC (Page 3420)" and "WRREC (Page 3437)". STATUS[2] Error_Decode Location of the error ID 80: DPV1 error as defined in IEC 61158-6 or application-specific FE: DP/PNIO profiles - PROFIenergy-specific error 3574 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Field element Name Meaning STATUS[3] Error_Code_1 Error ID When Error_Decode = 80: - 81: Length conflict at the CMD_PARA and CMD_PARA_LEN parameters, or the maximum data record length (4095 bytes) was exceeded. - 82-8F: Other error messages (reserved) When Error_Decode = FE: STATUS[4] Error_Code_2 - 01: "Service Request ID" invalid - 02: Incorrect "Request_Reference" - 03: "Modifier" invalid - 04: "Data Structure Identifier RQ" invalid - 05: "Data Structure Identifier RS" invalid - 06: "PE energy-saving modes" are not supported - 07: "Response" is too long (maximum transmissible length exceeded) - 08: "Count" invalid - 50: A suitable energy-saving mode (energy mode) is not available. - 51: Time value specified is not supported. - 52: "PE_Mode_ID" invalid Manufacturer-specific extension of the error ID Note Error messages of the instructions RDREC and WRREC The instruction "PE_CMD" uses the instructions "WRREC (Page 3437)" and "RDREC (Page 3420)" for communication. Error messages for these instructions are output in the field elements STATUS[1] to STATUS[4]. Please see the description of the corresponding STATUS (Page 3475) parameter for an explanation of the error codes of the "WRREC (Page 3437)" and "RDREC (Page 3420)" instructions. See also Description of PROFIenergy (Page 3564) Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3575 Programming the PLC 11.4 Instructions PE_DS3_Write_ET200S: Set power module switching behavior (S7-1200, S7-1500) Description The instruction "PE_DS3_Write_ET200S" sends basic settings for power module switching behavior to the ET 200S. The switching behavior of up to 8 slots in the ET 200S (e.g. for power modules) is defined with the instruction "PE_DS3_Write_ET200S". Note This instruction is not part of the PROIenergy profile but instead supplements SIMATIC-specific functions. Parameter The following table shows the parameters of the "PE_DS3_Write_ET200S" instruction: Parameter Declaration Data type Memory area Description ENABLE Input BOOL I, Q, M, D, L or con stant A positive edge triggers the transfer of the data record. Transfer the data record again follow ing voltage OFF/ON. ID Input HW_SUBMOD ULE I, Q, M, D, L or con stant Address of the ET 200S Accept the address from the hardware config uration. SLOT_NO_X Input INT I, Q, M, D, L, P or con Slot number of switchable power module X. stant FUNC_X Input INT I, Q, M, D, L, P or con Function of the module in this slot. Use the pa stant rameter FUNC_X to define the switching be havior of the PM-E (power module of the ET 200S): FALSE: - With "PAUSE_START": -No effect on PM-E -PM-E remains on - With "PAUSE_STOP": -Switches PM_E back on TRUE: - With "PAUSE_START": -Switches PM_E off - With "PAUSE_STOP": -Switches PM-E back on BUSY Output BOOL I, Q, M, D, L Transfer not yet complete. DONE Output BOOL I, Q, M, D, L Transfer completed without errors. ERROR Output BOOL I, Q, M, D, L Transfer completed with error. STATUS Output DWORD I, Q, M, D, L, P Error number (see STATUS parameter of the instruction "PE_Start_End (Page 3566)") 3576 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". See also Description of PROFIenergy (Page 3564) Difference between synchronous and asynchronous instructions (Page 2436) PE_WOL: Starting and stopping energy-saving mode via WakeOnLan (S7-1200, S7-1500) Description PE_WOL (S7-1200, S7-1500) Description The "PE_WOL" instruction sends the PROFIenergy commands "Start_Pause" and "End_Pause" to multiple PROFIenergy-enabled devices in the PROFINET I/O systems. Multiple PE devices can be coordinated via the instruction provided that the PE devices support the "Wake on LAN" function over a UDP connection. The "PE_WOL" instruction can only be executed on a CPU with and integrated Ethernet interface. This CPU should be able to load blocks with a size of approx. 400 KB. If this CPU is connected via an Ethernet CP, it is not possible to use the block with PROFINET I/O systems. The instruction "PE_WOL" is executed asynchronously. The "PE_WOL" instruction only supports devices with a device number lower than 256. Devices with a higher device number are not taken into account. Definition: Wake on LAN Using Wake on LAN, deactivated devices can be reactivated through the receipt of a special Ethernet packet. For this procedure to work, the data processing equipment must have a network controller that is capable of receiving such a packet. This packet (Magic PacketTM) has a special format. It contains the MAC address of the network adapter 15 times. Selection of devices The devices are selected using the user data block at the parameter PENERGY (Type: "PE_PLUS"). The user DB represents the database for processing multiple devices. Prior to initialization of "PE_WOL", you must store at least the following information in the user DB: ID of the PROFINET I/O system Data of the connection which is used for "Wake On LAN". WinCC Advanced V14 System Manual, 10/2016 3577 Programming the PLC 11.4 Instructions Port number which is used for "Wake On LAN". For each device - Pause time (PauseTime) - Switching of the device to the PE_SLEEP_MODE (EnableSleep) You initialize the "PE_WOL" instruction with the COM_RST parameter. The jobs stored in the user DB are processed one after the other after initialization. The graphic below illustrates how the PE command "Start_Pause" is transmitted to several devices: 8VHUGDWDEORFN ,QVWDQFH'% Diag. addr. Start bit End bit 8081 8082 1 0 0 0 8081 8083 8048 ... 1 1 ... 0 0 ... 8048 3(B:2/ Diag. Adr. 8083 (1) Step 1: The bit "CmdStartPause" of the devices to be shut down is set to "1" by the user. (2) Step 2: The diagnostic addresses of the devices to be shut down (CmdStartPause = "1") are linked to the queue. (3) Step 3: The bit "CmdStartPause" is reset automatically once the jobs have been linked. (4) Step 4: The instruction "PE_WOL" processes the jobs as soon as they are linked. A PROFIenergy command "CmdStartPause" or "CmdEndPause" can be sent for all recognized devices in the PROFINET IO system via the START and END parameters. The status of the job processing as well as possible errors during processing are output by the STATUS parameter. Operation of the instruction using the user DB The instruction "PE_WOL" can only be operated via the user DB. A basic procedure applies in this case: 1. Selection of the command to be executed for a device: - START_PAUSE ("CmdStartPause" in user DB) - ENDE_PAUSE ("CmdEndPause" in user DB) - UPDATE_STATUS ("CmdUpdateStatus" in user DB) 2. Setting the bit for updating ("Update" in the header of the user DB) At least one CPU cycle should pass with an "Update" = False between two updates; otherwise, edge detection cannot be guaranteed. 3578 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Prioritizing the PE commands The graphic below shows the chronological sequence of three possible commands. CmdStartPause CmdEndPause CmdUpdateStatus Update These are processed one after the other, regardless of whether the previous command call was successful or completed with an error. Only one command is executed if you set two commands, such as "CmdEndPause" and "CmdUpdateStatus" simultaneously. There is a prioritization within the block: The command "CmdStartPause" has the highest priority and is therefore always executed if selected. The command "CmdEndPause" has the second highest priority. The command "CmdUpdateStatus" has the lowest priority. If all three commands are set at the same time, the commands that are not executed remain preselected. In this case, the next rising edge executes the next command. Parameters The following table shows the parameters of the "PE_WOL" instruction: Parameter Declaration Data type Memory area Description COM_RST (Page 3580) Input BOOL I, Q, M, D, L Resets the block and performs a re-initialization. As long as True is set here, the initialization is started but not yet fully completed. Only the falling edge continues the initialization and switches to the normal operating mode after initializa tion. START (Page 3581) Input BOOL I, Q, M, D, L A rising edge performs a "CmdStartPause" PROFIe nergy command for all detected devices that support this function. END (Page 3582) Input BOOL I, Q, M, D, L A rising edge performs a "CmdEndPause" PROFIe nergy command for all detected devices that support this function. WinCC Advanced V14 System Manual, 10/2016 3579 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description PENERGY (Page 3582) InOut PE_PLUS D Pointer to the user DB that contains the database for processing multiple devices. STATUS (Page 3587) Output DWORD I, Q, M, D, L Status/error number for the current status of the in struction (see "STATUS parameter"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". See also Difference between synchronous and asynchronous instructions (Page 2436) Parameter COM_RST (S7-1200, S7-1500) Sequence of the initialization routine You start the initialization of the "PE_WOL" instruction with the COM_RST parameter. The following flow diagram shows the initialization routine. START Resetting the job queue Clean Queue Config Devices No. of Devices >0 Reading the configured devices of the PROFINET I/O system Yes Dev. Diag. No Order ID Determining the diagnostic addresses Reading the OrderID User DB END (Error) 3580 Connection setup Setup of the WoL connection PE_Identify Identification of the supported PE commands for each device END (Initialized) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter START (S7-1200, S7-1500) Sequence of the CmdStartPause command The flow diagram shows the internally used functions and interaction with a device when executing the CmdStartPause command. 8VHU'% &RQWUROOHU 3(B:2/ 'HYLFH 67$57 /LVWRIGHYLFHVZLWK 'LDJ,' 3DXVHB7LPH :R/ 6WDUWB3DXVHB%LW $GGLWLRQDOLQIRUPDWLRQ LQWKH'% 7LPHBWRBRSHUDWH 7LPHBPLQB3DXVH 3(B0RGHB,' :DNHB8SB0HWKRG :DNHB8SB'DWDB/HQJW :DNHB8SB'DWD (QDEOH6OHHS <HV 1R 6OHHSPRGH VHOHFWHG" <HV 1R 'HYLFHLV SUHSDULQJ UHVSRQVH 5HVSRQVH 7LPHBWRBRSHUDWH 7LPHBPLQB3DXVH :DNHB8SB0HWKRG %DFNXSUHVSRQVH 3DXVHB7LPH ! 7LPHBPLQB 3DXVH ,QIRBVOHHSBPRGH <HV 6WDUWBVOHHSBPRGH %DFNXSUHVSRQVH 'HYLFHLQ 3(B6/((3B02'( 1R 6WDUWB3DXVH %DFNXSUHVSRQVH 4XHU\6WDWXV 'HYLFHLQDQ (1(5*<B6$9,1*B 02'( 3(0B6WDWXV 5HVSRQVH 'HYLFHLQDQ (1(5*<B6$9,1*B 02'( (1' WinCC Advanced V14 System Manual, 10/2016 3581 Programming the PLC 11.4 Instructions Parameter END (S7-1200, S7-1500) Sequence of the CmdEndPause command The flow diagram shows the internally used functions and interaction with a device when executing the CmdEndPause command. 8VHU'% 'HYLFH &RQWUROOHU 3(B:2/ 67$57 /LVWRIGHYLFHVZLWK 'LDJ,' 3DXVHB7LPH :R/ 6WDUWB3DXVHB%LW 3(B0RGH 6OHHS0RGH <HV 0DJLF3DFNHW YLD7&20 'HIDXOW3RUW 1R (QGB3DXVH $GGLWLRQDOLQIRUPDWLRQ LQWKH'% (QGB3DXVH %DFNXSUHVSRQVH 7LPHBWRBRSHUDWH 7LPHBPLQB3DXVH 3(B0RGHB,' :DNHB8SB0HWKRG :DNHB8SB'DWDB/HQJW :DNHB8SB'DWD 'HYLFHLQ 6OHHSBPRGH :DLW772 3(0B6WDWXV 'HYLFHLQ (QHUJ\BVDYLQJBPRGH B[ 'HYLFHLQ 5HDG\BWRBRSHUDWHBP RGH %DFNXSUHVSRQVH (1' PENERGY parameter (S7-1200, S7-1500) Data block at the PENERGY parameter The user DB for the "PE_WOL" PROFIenergy instruction represents a data base for processing multiple devices. 3582 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The data block is usually divided into two parts. These are: Header 110 bytes Device section for a maximum of 256 devices each with 100 bytes (Device). These include: - Device-specific data (Device) - PROFIenergy-specific data (PE) - Data for the job processing (Task) - User data (UserData) The data block operates with optimized access. Connection parameter "Connection" The "PE_WOL" instruction reserves a connection resource in the area of "Open User Communication". This is used as a UDP connection. The following parameters must be defined in the data block for this: Connection ID ("Connection.id" parameter) The connection ID is an integer within the range of 1 to 4095. It is used to identify the communication resources allocated by the firmware, for example the send and receive buffers. The connection ID must be unique throughout the CPU. Port number that is used for the "Wake on LAN" function ("Header.PortNo" parameter) Number of the UDP port via which a "Wake On LAN" packet is sent. These port numbers are part of the communication resources, which are identified and provided by the firmware through the connection ID. The default setting for port 2189 used here is currently not assigned by IANA. The port number is transferred to the connection configuration and applied to parameter "Connection.local_tsap_id[1]". The port number and the length of the remote port are defined using parameters "Connection.rem_tsap_id[1]" and "Connection.rem_tsap_id_LEN" and must be assigned manually. WinCC Advanced V14 System Manual, 10/2016 3583 Programming the PLC 11.4 Instructions Structure of the data block The data block has the following structure: Name Header Update (1) Data type Offset Comment PE_HEADER - Header information BOOL - Signal for indicating a change in the data area. True= indicates a change by the user. False = indicates the application of changes. Initialized BOOL - Signal indicating the completed initialization. True=Initialization finished. False= indicates that the block is not initialized. LinkUp BOOL - Indicates successful configuration of the Ethernet interface. True=interface ready for use. False=interface not yet configured. LinkDown BOOL - Indicates an unconfigured interface. True=interface is not yet configured. False=interface is currently being configured or is now configured. PROFINET_ID (1) INT - ID of the PROFINET I/O system Reserved ARRAY [1..37] OF BYTE - Reserved LastDeviceID INT - Contains the highest Device-ID in this PROFINET I/O sys tem. PortNo (1) WORD - Port number that is used for the "Wake on LAN" function (default= 2189). Connection TCON_Param - Contains the connection configuration of the "Wake on LAN" connection. 3584 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name BLOCK_LENGTH ID (1) CONNECTION_TYPE (1) ACTIVE_EST (1) LOCAL_DEVICE_ID Data type Offset Comment UInt - Length of the structure (always B#16#40). CONN_OUC - Connection ID USINT - Connection type (UDP = B#16#13) BOOL - Active connection establishment (always passive for UDP) USINT - Contains the interface ID (CPU dependent) LOCAL_TSAP_ID_LEN USINT - Contains the length in bytes of the own/local UDP port REM_SUBNET_ID_LEN USINT - Unused (always B#16#00) REM_STADDR_LEN (1) USINT - Contains the length of the remote IP address or B#16#00. REM_TSAP_ID_LEN USINT - Contains the length in bytes of the remote UDP port. The length specification must be entered manually. NEXT_STADDR_LEN (1) USINT - Contains the length of the default router address (not rele vant). LOCAL_TSAP_ID (1) ARRAY[1..16] OF BYTE - Contains your own local port number. The value is applied from parameter PortNo during initialization. REM_SUBNET_ID (1) ARRAY[1..6] OF USINT - Unused (always B#16#00) REM_STADDR (1) ARRAY[1..6] OF USINT - Contains the remote IP address. REM_TSAP_ID (1) ARRAY[1..16] OF BYTE - Contains the remote UDP port number. The port number must be entered manually. NEXT_STADDR (1) ARRAY[1..6] OF BYTE - Irrelevant SPARE (1) WORD - ARRAY[1..256] OF PE_DEVICE - Array of devices (1) (1) (1) Device Device (1) PE_DEV - Contains data for each device DeviceID HW_DEVICE - Hardware identifier of the device. Assigned by the hard ware configuration. PE_EntityID HW_IO - Hardware identifier of the PROFIenergy entity. Assigned by the hardware configuration. MACAdr ARRAY[1..6] OF BYTE - Contains the MAC address of the device. IPAdr ARRAY[1..4] OF BYTE - Contains the IP address of the device. OrderID_MxLen Byte - Contains the maximum length of the OrderID. OrderId_ActLen Byte Contains the actual length of the OrderID. OrderID_Data ARRAY[1..20] OF CHAR Contains the OrderID of the device. PE WinCC Advanced V14 System Manual, 10/2016 PE_PE - PROFIenergy-specific data. 3585 Programming the PLC 11.4 Instructions Name ModeID Result Data type Offset Comment BYTE - PE_MODE_ID according to PROFIenergy specification. BYTE - PE ErrorCode according to PROFIenergy specification. (1) TIME - Contains the idle time in ms. TimeToPause TIME - Contains the time it takes for the device to go into Pause mode. TimeToOperate TIME - Contains the time it takes for the device to go into operating mode. MinSleepTime TIME - Contains the minimum time of the device in PE_SLEEP_MODE. SleepToOperate TIME - Contains the time it takes for the device to go from PE_SLEEP_MODE into operating mode. StatusOperate BOOL - Indicates the operating mode of the device. StatusPause BOOL - Indicates the Pause mode of the device. StatusSleep BOOL - Indicates the PE_SLEEP_MODE of the device. StatusTransitOK BOOL - Indicates the transition from one energy state to another. StatusInTransit BOOL - Indicates a current state transition. StatusTransitNOK BOOL - Indicates that the state change was not successful. StatusError BOOL - Indicates an error with the device. StatusRetryEx BOOL - Indicates an unsuccessful execution of a command. No more attempts will be made to execute this command. CmdStartPause (1) BOOL - Places a START_PAUSE command for this device in the queue. CmdEndPause (1) BOOL - Places a END_PAUSE command for this device in the queue. CmdUpdateStatus (1) BOOL - Places a PEM_STATUS command for this device in the queue. EnableSleep (1) BOOL - Allows PE_SLEEP_MODE for this device. PauseTime True= device should go to PE_SLEEP_MODE if idle time is sufficient False=device may not go into PE_SLEEP_MODE. Services UserData Task 3586 (2) WORD - Shows all supported PROFIenergy services. ARRAY[1..24] OF BYTE - User-defined data PE_TASK - Job processing WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name Data type Offset Comment Cmd BYTE - Internal bits for job processing CmdJ BYTE - Internal bits for job processing TimeStart BOOL - Starts a delay time. TimeStarted BOOL - The delay time has just started. TimeDone BOOL - Shows the expiration of the delay time. Done BOOL - Indicates that this job has been completed. DelayedCmd BOOL - Indicates that a delayed command is still pending. IsV1_0 BOOL - Indicates that this device is a Spec. V1.0 device. IsWakeOnLAN BOOL - Indicates that this device is woken up by "Wake On LAN". RetryCount BYTE - Repetition counter for PE_COMMANDS Duration TIME - Contains the value for the delay in ms. StartTime TIME - Contains the start time for the delay time. MachineState INT - Contains the internal status of the job. (1) To be filled in by the user. (2) Available for use by the user. Parameter STATUS (S7-1200, S7-1500) Parameter STATUS The output value at the STATUS parameter is divided into three areas: Bits 31 to 24: MESSAGE Bits 23 to 16: LOCATION Bits 15 to 0: INFORMATION You can learn the meaning of each error code for the three areas in the following tables: Table 11-40 Possible values for MESSAGE Error code Description (W#16#...) 00 No error. 50 Instruction initialized. 51 Determining configuration of the PROFINET I/O system. 52 The instruction could not determine any configured devices in the PROFINET I/O system. 53 Determining the logical addresses of configured devices. 54 Reading interface information out of the devices. 55 Determining I&M data (data record 0 only) of the configured devices. 56 Configuring PROFINET interface for sending the "Wake on LAN" MagicPaketTM via UDP. 57 Determining PROFIenergy capabilities of the connected devices. 62 Invalid PROFINET I/O system ID detected. The causative number is displayed in the INFORMATION field. WinCC Advanced V14 System Manual, 10/2016 3587 Programming the PLC 11.4 Instructions Error code Description (W#16#...) 70 The instruction is initiated and processing jobs. The value in the INFORMATION field contains the number of currently active jobs. 80 The instruction has lost the initialization during processing of jobs. This generally occurs when either the instance DB or the user DB has been reloaded. FF Unknown error has occurred. Table 11-41 Possible values for LOCATION Error code Description (W#16#...) 00 The instruction is either not initialized or it is idle. 70 The instruction is waiting for jobs. 71 The instruction has appended a job to the job list. 72 The instruction is preparing to send a job. 73 The instruction is sending a job to a device. 74 The instruction is waiting for a response from the device. 75 The instruction is evaluating the response of the device. 76 The instruction is removing the job from the job list. FF Unknown error has occurred. Table 11-42 Possible values for INFORMATION Error code Description (W#16#...) 0000 No additional information available and no jobs active. 0001 -00FF 1 - 255 jobs are currently being processed. 7000 Re-initialization with COM_RST started but not yet completed. 8001 Error at 1st parameter 8002 Error at 2nd parameter 8003 Error at 3rd parameter 8004 Error at 4th parameters 8005 Error at 5th parameter This error is reported if there is no interconnection or an invalid interconnection to the user DB. Possible causes: The user DB is too small. The user DB is write-protected. There is no user DB in the RAM. The user DB is invalid for the employed CPU. 3588 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code Description (W#16#...) 8085 to 80CE Error when configuring the connection. The error messages of the internally used TCON instruction are output. The description of the error messages can be found in the table for the STATUS (Page 4258) parameter. 8100 An attempt has been made to place more than the maximum of 256 possible jobs. This is a temporary error, which is resolved by completing a few jobs. The placed jobs are not accepted and must be placed again. 8200 An attempt was made to send an invalid or an unsupported PROFIenergy command (PE_COMMAND). 8400 Connection ID outside the permitted range. Initialization aborted. Check the ID of the connection configuration for "Wake on LAN". See data block at parameter PENERGY > Header > Connection > ID. 84xx A communication error has occurred. The number of the device that generated the error is output to "xx". 85xx An error has been returned from device xx. The number of the device that generated the error is output to "xx". 8600 The requested wake-up method is currently not supported. FFFF Unknown error has occurred. See also PENERGY parameter (Page 3582) PROFIenergy commands (S7-1200, S7-1500) Structure of the message frames (S7-1200, S7-1500) Structure of the response frame in accordance with the PROFIenergy profile The table below shows the basic structure of the response frame in accordance with the PROFIenergy profile. The response frame consists of a general section (Header) and a specific section (Service Data Response). The contents of the specific section of the response frame can be found in the description of the relevant PROFIenergy command. Block definition Attributes Value Data type BlockHeader BlockType 801 hex WORD BlockLength WORD BlockVersionHigh 1 hex BYTE BlockVersionLow 0 hex BYTE WinCC Advanced V14 System Manual, 10/2016 Description Number of bytes without consideration of the fields BlockType and BlockLength. 3589 Programming the PLC 11.4 Instructions Block definition Attributes Value Data type Description Response Header Service_Request_ID 1hex to FF hex BYTE ID of the PI command executed. The ID of the PE command processed by the PE entity is returned in the response frame: 01: Start_Pause 02: End_Pause 03: Query_Modes 04: PEM_Status 05: PE_Identify 06 to 09: Reserved 16: Query_Measurement 11 to CF: Reserved D0 to FF: Manufacturer-specific Service Header Response Request_Reference 1hex to FF hex BYTE Unique number to identify the query/re sponse pair (returned by the server in the response). Status 1hex to FF hex BYTE Information whether or not the PI command was executed: 00: Reserved 01: Completed 02: Completed with error 03: Data incomplete 04 to CF: Reserved D0 to FF: Depends on the Service_Request_ID Data_Structure_ Identifier_RS 1hex to FF hex BYTE 00: Reserved 01 to FF: Data structure depends on the Service_Request_ID 0xFF - Error Service Data Re sponse Depends on the Service-Request-ID: For the service request IDs, see the CMD and CMD_MODIFIER parameters of the instruction "PE_CMD (Page 3571)". The specific contents of the response frame can be found in the description of the PE command (see for example the "Start_Pause (Page 3591)" command). 3590 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PI Command "Start_Pause" (S7-1200, S7-1500) Description Use the PE command "Start_Pause" to start the energy-saving mode. The command Start_Pause can be used to: Switch the PE from "ready" state (PE_ready_to_operate) to an energy-saving mode (PE_energy_saving_mode). The PE entity can automatically switch between the energy-saving modes. Energy consumption can increase or decrease when you switch energy-saving mode. Calling the PI command "Start_Pause" The command "Start_Pause" is called with the instruction "PE_CMD (Page 3571)" with the following parameters: Parameter Value Description CMD 1 Call of PE command "Start_Pause". CMD_MODIFIER 0 There are no additional specifications of the command call for command "Start_Pause". CMD_PARA_LEN 4 Length of the CMD_PARA parameter of 4 bytes. CMD_PARA VARIANT VARIANT pointer to the value for "Pause_Time" (TIME). Response frame (Service Data Response) The following response frame data of the PE entity is written to the data block that is referenced at parameter RESPONSE_DATA (see instruction "PE_CMD (Page 3571)"): Attribute Value Data type Description PE_Mode_ID 1 to 255 BYTE Identification number of the energy-saving mode Reserved 0 BYTE - PI Command "End_Pause" (S7-1200, S7-1500) Description The PE command "End_Pause" is used to end the energy-saving mode of the PE entity. WinCC Advanced V14 System Manual, 10/2016 3591 Programming the PLC 11.4 Instructions Calling the PE command "End_Pause" The command "End_Pause" is called with the instruction "PE_CMD (Page 3571)" with the following parameters: Parameter Value Description CMD 2 Call of PE command "End_Pause". CMD_MODIFIER 0 There are no additional specifications of the command call for command "End_Pause". CMD_PARA_LEN 0 Length of the CMD_PARA parameter of 0 bytes. CMD_PARA irrelevant - Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description Time_to_operate - DWORD Expected time it takes to switch to the "PE_ready_to_operate" mode. PI command "Query_modes" - "List_Energy_Saving_Modes" (S7-1200, S7-1500) Description Use PE command "Query_modes" and sub-command (modifier) "List_Energy_Saving_Modes" to output all energy-saving modes (PE_Mode_ID) supported by the PE entity. The query result is written in the form of a response frame to the data block referenced by theRESPONSE_DATA parameter. Calling the PE command "Query_modes" - "List_Energy_Saving_Modes" The command "List_Energy_Saving_Modes" is called with the instruction "PE_CMD (Page 3571)" with the following parameters: 3592 Parameter Value Description CMD 3 Call of PE command "Query_modes". CMD_MODIFIER 1 Specification of the command call: Select the sub-command "List_Energy_Saving_Modes" to output the number and types of energy-saving modes supported. CMD_PARA_LEN 0 Length of the CMD_PARA parameter of 0 bytes. CMD_PARA irrelevant - WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description Number_of_PE_ Mode_IDs 1 BYTE The number of energy-saving modes. PE_Mode_IDs - Array [...] of BYTE Array with the IDs of the supported energysaving modes. The meaning of the individu al IDs depends on the PE entity. PI command "Query_modes" - "Get_Mode" (S7-1200, S7-1500) Description You use the PE command "Query_modes" and the sub-command (modifier) "Get_Mode" to output the attributes of the energy-saving mode which is currently enabled. Calling the PE command "Query_modes" - "Get_Mode" The call of the command with the instruction "PE_CMD" occurs with the following parameters: Parameter Value Description CMD 3 Call of the PE command "Query_modes" CMD_MODIFIER 2 Specification of the command call: Select the sub-command "Get_Mode" to output the status of the mode which is currently enabled CMD_PARA_LEN 1 Length of the CMD_PARA parameter of 1 byte CMD_PARA VARIANT VARIANT pointer to the value for PE_MODE_ID WinCC Advanced V14 System Manual, 10/2016 3593 Programming the PLC 11.4 Instructions Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description PE_Mode_ID 0 "PE_power_off" mode BYTE ID of the energy-saving mode currently en abled 1...254 Energy-saving mode of the PE entity (manufacturer-specific) 255 "PE_ready_to_operate" mode PE_Mode_Attributes Bit 0: BYTE = 0: Only static energy consumer and time values are available. = 1: Dynamic energy consumer and time values are available. Bit 1 to 7: Reserved Time_min_Pause 1 Time difference without date DWORD Minimum pause time for the PI mode. The minimum pause time is the sum of the val ues of the following attributes: Time_to_Pause Time_to_operate Time_min_length_of_stay See the description "PAUSE_TIME param eter" of the instruction "PE_START_END: Start and exit energy-saving mode (Page 3566)". Time_to_Pause 1 Time difference without date DWORD Switch off time: Duration from call of ener gy-saving mode to start of energy-saving mode (transition duration of PE_ready_to_operate to PE_energy_sav ing_mode). The switch-off time depends on the PE entity. Time_to_operate 1 Time difference without date DWORD Switch-on time: Duration of the transition from energy-saving mode (PE_ener gy_saving_mode) to ready to operate mode (PE_ready_to_operate). The PE entity calculates the duration dy namically in the output operation. Time_min_length_ of_stay 1 DWORD Minimum duration of the energy-saving mode in the PE entity Time_max_length_ of_stay 1 DWORD Maximum duration of the energy-saving mode in the PE entity Mode_Power_ Consumption 2 REAL Power consumption of the PE entity in ac tive energy-saving mode Unit: kW 3594 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Attribute Value Energy_ Consumption_ to_pause 2 Data type Description REAL Energy consumption of the PE entity dur ing transition from ready-to-operate mode (PE_ready_to_operate) to energy-saving mode (PE_energy_saving_mode) Unit: kWh Energy_ Consumption_ to_operate 2 REAL Energy consumption of the PE entity dur ing transition from energy-saving mode (PE_energy_saving_mode) to ready-tooperate mode (PE_ready_to_operate) Unit: kWh 1 If the duration is infinite, 0xFFFFFFFF is output. If the duration is zero, "0" is output. 2 If the data for energy and power consumption by the PE entity is not defined, "0.0" is output as value. PI command "PEM_Status" (S7-1200, S7-1500) Description The PE command "PEM_Status" is used to query the status of a PE entity energy-saving mode that is currently enabled. Calling the PE command "PEM_Status" The command "PEM_Status" is called with the instruction "PE_CMD" with the following parameters: Parameter Value Description CMD 4 Call of PE command "PEM_Status". CMD_MODIFIER 0 There are no other specifications of the command call for command "PEM_Status". CMD_PARA_LEN 0 Length of the CMD_PARA parameter of 0 bytes. CMD_PARA irrelevant - WinCC Advanced V14 System Manual, 10/2016 3595 Programming the PLC 11.4 Instructions Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description PE_Mode_ID_ Source 0 "PE_power_off" mode BYTE Mode of the PE entity before a PE com mand is sent. BYTE Mode of the PE entity after a PE com mand is executed. DWORD Switch-on time: Duration of the transition from energy-saving mode (PE_ener gy_saving_mode) to ready to operate mode (PE_ready_to_operate). 1 to 254 Energy-saving mode of the PE entity (manufacturer-specific) 255 "PE_ready_to_operate" mode PE_Mode_ID_ Destination 0 "PE_power_off" mode 1 to 254 Energy-saving mode of the PE entity (manufacturer-specific) 255 "PE_ready_to_operate" mode Time_to_operate Time difference without date The PE entity calculates the duration dy namically during output. Remaining_time_to_ destination Mode_Power_ Consumption Time difference without date DWORD Remaining time to switch to another mode. REAL Power consumption of the PE entity in ac tive energy-saving mode. Unit: kW Energy_ Consumption_ to_Destination REAL Energy consumption for the current PI transition Energy_ Consumption_ to_operate REAL Energy consumption of the PE entity dur ing transition from energy-saving mode (PE_energy-saving mode) to ready-to-op erate mode (PE_ready_to_operate) Unit: kWh Unit: kWh 3596 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PI command "PE_Identify" (S7-1200, S7-1500) Description The PE command "PE_Identify" is used to read out the number and description of PE commands supported by the PE entity. The number of specific commands supported depends on the PE entity. As PE_Identify is itself a PE command, at least three supported PE commands are output for a positive response: Start_Pause, End_Pause and PE_Identify. Call of the PE command "PE_Identify" The command "PE_Identify" is called with the instruction "PE_CMD (Page 3571)" with the following parameters: Parameter Value Description CMD 5 Call of the command "PE_Identify". CMD_MODIFIER 0 There are no other specifications of the command call for command "PE_Identify". CMD_PARA_LEN 0 Length of the CMD_PARA parameter of 0 bytes. CMD_PARA Irrelevant - Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description Count 1 6 BYTE Number of supported PROFIenergy commands Start_Pause 1 BYTE First PE command supported (Service_Request_ID) End_Pause 2 BYTE ... Query_Modes 3 BYTE ... PEM_Status 4 BYTE ... PE_Identify 5 BYTE ... Query_Measurement 16 BYTE Last PE command supported (Service_Request_ID) The number of commands supported is manufacturer-specific and depends on the PE entity used. When all 6 PE commands are supported, the values given are an example of a response frame. 1 PI Command "Query_Measurement" - "Get_Measurement_list" (S7-1200, S7-1500) Description Use the PE command "Query_Measurement" and sub-command (modifier) "Get_measurement_list" to query the specific measured values supported by the PE entity. The supported measured values are output as a list in the data block referenced by the RESPONSE_DATA parameter. WinCC Advanced V14 System Manual, 10/2016 3597 Programming the PLC 11.4 Instructions Calling the PE command "Query_Measurement" - "Get_Measurement_list" The command is called with the instruction "PE_CMD (Page 3571)" with the following parameters: Parameter Value Description CMD 16 Call of the command "Query_Measurement". CMD_MODIFIER 1 Specification of the command call: Select the sub-command "Get_Measure ment_List" to output a list of supported measured values. CMD_PARA_LEN 0 Length of the CMD_PARA parameter of 0 bytes. CMD_PARA irrelevant - Response frame (Service Data Response) The following data of the PE entity response frame is written to the data block referenced at the RESPONSE_DATA parameter (see "PE_CMD (Page 3571)"): Attribute Value Data type Description Count - BYTE Number of measurement IDs reserved - BYTE Measurement_ID - WORD First supported Measurement_ID The Measurement_ID is manufac turer-specific. For more information, refer to the manual of the re spective PE entity. Accuracy_Domain - BYTE See "accuracy domain" table. Accuracy_Class - BYTE See "accuracy classes" table. Range - REAL Specifies the scale end value of the measured value (only for accu racy domain 1). The attribute range uses the same unit as defined using attribute Measurement_ID (only one unit is used for each Measurement_ID). Measurement_ID - WORD Last supported Measurement_ID Accuracy_Domain - BYTE See "accuracy domain" table. Accuracy_Class - BYTE See "accuracy classes" table. Range - REAL Specifies the scale end value of the measurement value (only for accuracy domain 1). The attribute range uses the same unit as de fined using attribute Measurement_ID (only one unit is used for each Measurement_ID). ... ... Accuracy domains Accuracy domain Description 0 Reserved 1 The accuracy deviation is output in percentages of the scale end value. The percentage of the pos sible deviation is divided into accuracy classes (see table: Accuracy classes of the accuracy domains 1 and 2). 3598 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Accuracy domain Description 2 The accuracy deviation is output in percentages of the current measurement value. The percentage of the possible deviation is divided into accuracy classes (see table: Accuracy classes of the accuracy domains 1 and 2). 3 The measuring accuracy adheres to the standard IEC 61557-12. The function performance classes for performance measurement and monitoring devices (PMD) without external sensors, and the system performance classes for PMD with external sensors, are coded as set out in the "Accuracy classes of accuracy domain 3" table. 4 The entry of the accuracy adheres to the standard EN 50470-3, chapter 8 (see also table: Accuracy classes of accuracy domain 4). Accuracy classes Table 11-43 Accuracy classes of the accuracy domains 1 and 2 Accuracy class Meaning Accuracy class Meaning 0 1 2 3 4 5 6 7 8 Reserved 0.01% 0.02% 0.05% 0.1% 0.2% 0.5% 1% 1.5% 9 10 11 12 13 14 15 >15 2% 2.5% 3% 5% 10% 20% >20% Not defined Table 11-44 Accuracy classes of accuracy domain 3 Accuracy class Meaning Accuracy class Meaning 0 1 2 3 4 5 6 7 8 Reserved 0,02 0,05 0,1 0,2 0,5 1 1,5 2 9 10 11 12 13 14 >13 2,5 3 5 10 20 20% Not defined Table 11-45 Accuracy classes of accuracy domain 4 Accuracy class Meaning WinCC Advanced V14 System Manual, 10/2016 0 1 2 3 4 5 6 >7 Reserved 0,5 1,0 1,5 2,0 2,5 3,0 Not defined 3599 Programming the PLC 11.4 Instructions PI Command "Query_Measurement" - "Get_Measurement_values" (S7-1200, S7-1500) Description Use the PE command "Query_Measurement" and sub-command (modifier) "Get_measurement_values" to output a list of measured values supported by the PE entity. The measured values are output as a list in the data block referenced by the RESPONSE_DATA parameter. Calling the PE command "Query_Measurement" - "Get_Measurement_values" The command is called with the instruction "PE_CMD (Page 3571)" with the following parameters: Parameter Value Description CMD 16 Call of the command "Query_Measurement". CMD_MODIFIER 2 Specification of the command call: Select the command "Get_Measurement_Val ues" to output a list of supported measurement values. CMD_PARA_LEN 0 Depends on the number of measurement values. The length of the parameters results from the attribute count and the sum of the lengths of the attributes for the transferred measurement values. CMD_PARA VARIANT VARIANT pointer to data structure with list of measured values to be queried (see "CMD_PARA parameter"). Parameter CMD_PARA The structure specified with the VARIANT pointer at the CMD_PARA parameter must have the following setup: Attribute Value Data type Description Count - BYTE Number of measured values (Measurement-IDs) reserved 0 BYTE Not used Measurement_ID - WORD First measured value queried - WORD Last measured value queried ... Measurement_ID Response frame (Service Data Response) The following response frame data of the PE entity is written to the data block that is referenced at parameter RESPONSE_DATA (see "PE_CMD (Page 3571)"): Attribute Value Data type Description Count - BYTE Number of measured values (Measurement-IDs) reserved 0 BYTE Not used Length_of_Structure 2 to 65535 WORD Length of the structure in bytes 3600 1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Attribute Value Measurement_Da ta_Structure_ID 1 = simple value BYTE Data type Description Measurement_ID 0 to 65535 WORD ID of the supported measurement value. Status_of_ Measurement_Value 1 to 3 BYTE Status of the measurement value: Defines the following structure. 1: Valid 2: Not supported 3: Invalid Transmission_Da ta_Type - REAL End_of_demand - TOD Optional time stamping with data type TimeOfDay. Length_of_Structure - WORD Length of the structure in bytes Measurement_Da ta_Structure_ID - BYTE Defines the following structure. Measurement_ID - WORD ID of the supported measurement value. Status_of_Measure ment_Value - BYTE Status of the measurement value: ... 1: Valid 2: Not supported 3: Invalid Transmission_Da ta_Type - REAL End_of_demand - TOD Optional time stamping with data type TimeOfDay. If the data length of the measurement values queried exceeds the size of the PDU (Protocol Data Unit) of the protocol layer, the data will not be completely transferred and only the supported measurement values will be output. 1 iDevice / iSlave (S7-1200, S7-1500) PE_I_DEV: Control PROFIenergy commands in the I-Device (S7-1200, S7-1500) Description The instruction "PE_I_DEV" is used to process the PROFIenergy profile in the intelligent IO device (iDevice). The instruction "PE_I_DEV" is called cyclically by the user program of the iDevice and receives all PROFIenergy commands. The PROFIenergy response is generated by configuring an auxiliary block. The response in the pause is fully programmable. The response data must be provided within 10 seconds; otherwise, "State conflict 0x80B5" will occur at the STATUS parameter of the instruction in the IO controller. Note: The functions are executed by the firmware in a standard PROFIenergy-compatible IO device such as the ET 200S. No specific knowledge of the PROFIenergy standard is required to use the instruction. WinCC Advanced V14 System Manual, 10/2016 3601 Programming the PLC 11.4 Instructions PROFIenergy auxiliary blocks (PE auxiliary blocks) The PE auxiliary blocks are used to generate the response frame. Enter the response data (in plain text) at the input parameters of the relevant block. For each PROFIenergy command, there is a corresponding auxiliary block for a positive response: - PE command "Start_Pause": PE_Start_RSP (Page 3606) - PE command "End_Pause": PE_End_RSP (Page 3607) - PE command "Query_modes" - "List_Energy_Saving_Modes": PE_List_Modes_RSP (Page 3609) - PE command "Query_modes" - "Get_Mode": PE_Get_Mode_RSP (Page 3610) - PE command "PEM_Status": PE_PEM_Status_RSP (Page 3612) - PE command "PE_Identify": PE_Identify_RSP (Page 3613) - PE command "Query_Measurement" - "Get_Measurement_list": PE_Measurement_List_RSP (Page 3615) - PE command "Query_Measurement" - "Get_Measurement_values": PE_Measurement_Value_RSP (Page 3616) Irrespective of the PROFIenergy command, there is an additional shared auxiliary block for a negative response (see PE_Error_RSP (Page 3605)). Interconnection of the auxiliary blocks The instruction "PE_I_DEV" and the auxiliary blocks are coordinated. Some of the parameters are simply interconnected. The diagram below shows which of the parameters need to be interconnected. 3(B,B'(9 3(DX[LOLDU\EORFN ,1,' ,1&0'VSHFLILF SDUDPHWHUV ,15(6(7 (YDOXDWLRQDQG UHVSRQVHE\ XVHU 287&0' 8VHU 287&0'B02',),(5 ,Q2XW&0'B3$5$ 287(5525 287,1'(; 28767$786 ,Q2XW$&7,9$7( 287(5525 8VHU 28767$786 ,19$/,' 2871(: ,Q2XW'$7$B(5525563 287&0' 287&0'B02',),(5 ,Q2XW9$/,' ,13(B,B'(9B1(: ,Q2XW'$7$B(5525563 ,1&0' ,1&0'B02',),(5 ,QWHUFRQQHFWLRQHVVHQWLDO 3602 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "PE_I_DEV": Parameter Declaration Data type Memory area Description RESET Input BOOL I, Q, M, D, L or con stant Resets the instruction. ID Input HW_SUBMOD ULE I, Q, M, D, L or con stant Address of the transfer area, which is supplied in the IO controller with the data for PROFIe nergy. The hardware identifier can be found in the system constants. VALID Input BOOL I, Q, M, D, L or con stant The response data for the PROFIenergy con troller is ready and can be sent. CMD_PARA Output VARIANT I, Q, M, D, L Parameters for: Get mode: PE_mode_ID Get measurement values: List of Measurement_IDs (list of IDs of the tags to be read; either one tag or multiple tags may be read at any given time). Maximum length: 234 bytes Note: With S7-1200 the pointer must not refer ence 64-bit data types (in other words not the data types LWORD, LINT und ULINT). DATA_ER RORRSP InOut VARIANT I, Q, M, D, L Pointer to the data area containing the ac knowledgment data for the PROFIenergy con troller. This must correspond to the pointer which is also used with the auxiliary blocks. Note: With S7-1200 the pointer must not refer ence 64-bit data types (in other words not the data types LWORD, LINT und ULINT). INDEX Output INT I, Q, M, D, L Data record number of the PROFIenergy re cord (set at 0x80A0) CMD Output INT I, Q, M, D, L Service-Request-ID of the PROFIenergy com mand in accordance with the PROFIenergy profile (see "CMD and CMD_MODIFIER pa rameters"). Further PE commands (Service-Request-IDs) are possible following extensions of the PRO FIenergy profile. CMD_ MODIFIER Output INT I, Q, M, D, L PROFIenergy sub-command: Only when CMD=3 or CMD=16; see "CMD and CMD_MODIFIER parameters". For all other commands: "0". Further sub-commands are possible following extensions of the PROFIenergy profile. NEW Output WinCC Advanced V14 System Manual, 10/2016 BOOL I, Q, M, D, L New data available from the PROFIenergy controller. 3603 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Command completed with error. STATUS Output DWORD I, Q, M, D, L Error information (see "STATUS parameter"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". CMD and CMD_MODIFIER parameters CMD CMD_ MODIFIER PROFIenergy command Description 01 0 Start_Pause Start energy-saving mode or switch to a different energysaving mode. 02 0 End_Pause End energy-saving mode. 03 1 Query_Modes - List energy saving Modes Output the energy-saving modes supported. 2 Query_Modes - Get Mode Output attributes of the energy-saving mode currently ena bled. 04 0 PEM_Status Query status of energy-saving mode. 05 0 PE_Identify Read out the number and description of PE commands sup ported. 16 1 Query_Measurement Get_Measurement_List List of measured values supported by the PE entity. 2 Query_Measurement Get_Measurement_Values Output of the measured values of the PE entity. STATUS parameter Error information is output at the STATUS output parameter. If it is interpreted as ARRAY[1...4] of BYTE, the error information has the following structure: Field element Name Meaning STATUS[1] Function_Num Cause of the error B#16#00: No error B#16#DE: Error while reading the data record B#16#DF: Error while writing the data record B#16#C0: Error message from the "PE_I_DEV" instruction or the internally used "PRVREC (Page 3542)" and "RCVREC (Page 3540)" communication instructions. STATUS[2] Error_Decode Location of the error ID 80: DPV1 error as defined in IEC 61158-6 or application-specific STATUS[3] Error_Code_1 Error ID (when Error_Decode = 80): B1: Write length error (error in write length or insufficient length information on the data type VARIANT). STATUS[4] 3604 Error_Code_2 For PROFINET errors: Output of IO controller error message If no PROFINET error has occurred, the value in STATUS[4] = "0". WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Error messages of the "PRVREC" and "RCVREC" instructions The "PE_I_DEV" instruction uses the "PRVREC (Page 3542)" and "RCVREC (Page 3540)" instructions for communication. Error messages for these instructions are output in the field elements STATUS[1] to STATUS[4]. For the meaning of the error codes of the "PRVREC" and "RCVREC" instructions, see the description of the corresponding STATUS (Page 3475) parameter. See also WRREC: Write data record (Page 3437) RDREC: Read data record (Page 3420) Description of PROFIenergy (Page 3564) Auxiliary blocks of the instruction PE_I_DEV (S7-1200, S7-1500) PE_Error_RSP: Generate negative answer to command (S7-1200, S7-1500) Description The auxiliary block "PE_Error_RSP" (Response with failure) generates a negative response if the command requested is not supported (either in general or temporarily). Response generation does not depend on the command requested. Parameter The following table shows the parameters of the "PE_Error_RSP" auxiliary block: Parameter Declaration Data type Memory area PE_I_DEV_NEW Input BOOL I, Q, M, D, L or con The parameter must be interconnected with stant the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". Description ERROR_CODE Input BYTE I, Q, M, D, L or con Error number stant ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. WinCC Advanced V14 System Manual, 10/2016 3605 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy con troller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. ERROR Output BOOL I, Q, M, D, L "0": No error Minimum length: 244 bytes "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_Start_RSP: Generate answer to command at start of pause (S7-1200, S7-1500) Description The auxiliary block "PE_Start_RSP" (Start Pause) generates the response to the PE command Start_Pause (Page 3591). The instruction returns the energy-saving mode to which the device has switched (PE_MODE_ID parameter). If the response differs depending on the length of the pause, you can return this fact in the feedback on the energy-saving mode (PE_Mode_ID = 1 for a brief pause, PE_Mode_ID = 2 for a longer pause, etc.). Parameter The following table shows the parameters of the "PE_Start_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NE W Input BOOL I, Q, M, D, L or con The parameter must be interconnected with stant the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con Service-Request-ID of the PROFIenergy com stant mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. 3606 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area PE_MODE_ID Input BYTE I, Q, M, D, L or con PE mode that the process assumes stant Description ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy con troller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D ERROR Output BOOL I, Q, M, D, L Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_End_RSP: Generate answer to command at end of pause (S7-1200, S7-1500) Description The auxiliary block "PE_End_RSP" generates the response to the PE command End_Pause (Page 3591). To switch from the current mode to "Ready_To_Operate" mode, the time required is returned as response. WinCC Advanced V14 System Manual, 10/2016 3607 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "PE_End_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NEW Input BOOL I, Q, M, D, L or constant The parameter must be interconnected with the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or constant Service-Request-ID of the PROFIenergy com mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. Time_to_Operate Input DWORD I, Q, M, D, L or constant Time required to switch from the current mode to "Ready_To_Operate". ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy con troller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes ERROR Output BOOL I, Q, M, D, L STATUS Output WORD I, Q, M, D, L "0": No error "1": Error occurred. "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3608 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PE_List_Modes_RSP: Generate queried energy savings modes as answer (S7-1200, S7-1500) Description The auxiliary block "PE_List_Modes_RSP" generates the response to the PE command List_Energy_Saving_Modes (Page 3592). The response generated includes the number and the IDs of energy-saving modes supported. Parameter The following table shows the parameters of the "PE_List_Modes_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NEW Input BOOL I, Q, M, D, L or con The parameter must be interconnected with the stant NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con Service-Request-ID of the PROFIenergy com stant mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. CMD_MODIFIER Input INT I, Q, M, D, L or con PROFIenergy sub-command (evaluated only if stant CMD=3, or CMD=16). The parameter must be interconnected with the CMD_MODIFIER output parameter of the "PE_I_DEV" instruction. Number_of_PE_ Mode_IDs Input BYTE I, Q, M, D, L or con Number of energy-saving modes supported. stant Permitted values: 1 to 254 PE_MODE_ID Input VARIANT I, Q, M, D, L Points to the area in which the IDs of the energysaving modes supported (PE_Mode_ID) are stor ed. Valid range: 1 to 254. ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruction. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" in struction. The auxiliary block sets the parameter once the response data for the PROFIenergy controller is available and ready for transmission. WinCC Advanced V14 System Manual, 10/2016 3609 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. ERROR Output BOOL I, Q, M, D, L Minimum length: 244 bytes "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_Get_Mode_RSP: Generate queried energy data as answer (S7-1200, S7-1500) Description The auxiliary block "PE_Get_Mode_RSP" generates the response to the command Get_Mode (Page 3593). The response frame contains the time, performance, or energy data of an energy-saving mode. Parameters The following table shows the parameters of the "PE_Get_Mode_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NEW Input BOOL I, Q, M, D, L or con The parameter must be interconnected with stant the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con Service-Request-ID of the PROFIenergy com stant mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. CMD_MODIFIER Input INT I, Q, M, D, L or con PROFIenergy sub-command (evaluated only if stant CMD=3, or CMD=16). The parameter must be interconnected with the CMD_MODIFIER out put parameter of the "PE_I_DEV" instruction. PE_Mode_ID Input BYTE I, Q, M, D, L or con ID of the energy-saving mode currently ena stant bled. PE_Mode_Attributes Input BYTE I, Q, M, D, L or con Additional information regarding energy saving stant mode 3610 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Time_min_Pause Input DWORD I, Q, M, D, L or con Minimum pause duration for this PE energystant saving mode. Description This is the sum of the following three parame ters: Time_to_Pause Time_to_operate Time_min_length_of_stay Time_to_Pause Input DWORD I, Q, M, D, L or con Time between the edge at the START param stant eter (see "PE_I_DEV (Page 3601)") and the re quested PE energy-saving mode being reached. Time_to_Operate Input DWORD I, Q, M, D, L or con Maximum switch-on time to "PE_ready_to_op stant erate". The "Time_to_operate" parameter can be used directly for the relevant calculations. The value may be a static maximum, or be cal culated dynamically by the PE entity. Time_min_Lenght_ of_stay Input DWORD I, Q, M, D, L or con Minimum dwell time of the PE entity in this PE stant mode. Time_max_Lenght_o f_stay Input DWORD I, Q, M, D, L or con Maximum dwell time of the PE entity in this PE stant mode. Mode_Power_ Consumption Input DWORD I, Q, M, D, L or con Energy consumption in the current PE mode in stant [kW]. Energy_Consum_ to_Pause Input DWORD I, Q, M, D, L or con Energy consumption from "PE_ready_to_oper stant ate" to the current PE mode in [kWh]. Energy_Consum_ to_operate Input DWORD I, Q, M, D, L or con Energy consumption from the current PE mode stant to "PE_ready_to_operate" in [kWh]. ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy controller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes WinCC Advanced V14 System Manual, 10/2016 3611 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_PEM_Status_RSP: Generate PEM status as answer (S7-1200, S7-1500) Description The auxiliary block "PE_PEM_Status_RSP" generates the response to the command PEM_Status (Page 3595). Parameter The following table shows the parameters of the "PE_PEM_Status_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NEW Input BOOL I, Q, M, D, L or con stant The parameter must be interconnected with the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con stant Service-Request-ID of the PROFIenergy com mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. PE_MODE_ID_ Source Input BYTE I, Q, M, D, L or con stant Source and Destination for PEM_STATUS. PE_MODE_ID_ Destination Input BYTE I, Q, M, D, L or con stant 0x00: PE_POWER_OFF Values: 0x01 - 0xFE: manufacturer-specific 0xFF: PE_READY_TO_OPERATE Time_to_Operate 1 Input DWORD I, Q, M, D, L or con stant Maximum switch-on time to "PE_ready_to_oper ate". Time_to_operate" can be used directly for the relevant calculations. The value may be a static maximum, or be calculated dynamically by the PE entity. Remaining_time_ to_destination1 Input DWORD I, Q, M, D, L or con stant Optional: Time remaining until the requested PE mode. Dynamic value or static maximum value Mode_Power_ Consumption2 Input DWORD I, Q, M, D, L or con stant Energy consumption in the current PE mode in [kW]. 3612 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description Energy_ Consumption_ to_Destination2 Input DWORD I, Q, M, D, L or con stant Energy consumption in the time until the reques ted PE mode in [kW]. Energy_ Consumption_ to_operate2 Input DWORD I, Q, M, D, L or con stant Energy consumption from the current PE mode to "PE_ready_to_operate" in [kWh]. ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruction. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" in struction. The auxiliary block sets the parameter once the response data for the PROFIenergy controller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D ERROR Output BOOL I, Q, M, D, L Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range 1 If the time period is unlimited, the maximum value "0xFFFFFFFF" can be specified. If the time period is "Zero", "0x00" can be used. 2 If no energy consumption value has been defined, "0.0" can be specified. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_Identify_RSP: Generate supported PROFIenergy commands as answer (S7-1200, S7-1500) Description The auxiliary block "PE_Identify_RSP" generates the response to the command PE_Identify (Page 3597). In the response to the command, specify which PROFIenergy commands are supported. Please note that PE_IDENTIFY is itself a PE command and has to be included in the response. WinCC Advanced V14 System Manual, 10/2016 3613 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "PE_Identify_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NE W Input BOOL I, Q, M, D, L or con stant The parameter must be interconnected with the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con stant Service-Request-ID of the PROFIenergy com mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. Start_Pause Input BOOL I, Q, M, D, L or con stant One parameter for each of the relevant PRO FIenergy commands: End_Pause Input BOOL I, Q, M, D, L or con stant 0: PE command is not supported Query_Modes Input BOOL I, Q, M, D, L or con stant PEM_Status Input BOOL I, Q, M, D, L or con stant PE_Identify Input BOOL I, Q, M, D, L or con stant Query_ Measurement Input BOOL I, Q, M, D, L or con stant ACTIVATE InOut BOOL I, Q, M, D, L 1: PE command is supported The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy con troller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes 3614 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_Measurement_List_RSP: Generate list of supported measured values as answer (S7-1200, S7-1500) Description The auxiliary block "PE_Measurement_List_RSP" generates the response to the command Get_measurement_list (Page 3597). In the response, specify which measured values (Measurement-IDs) are supported. Parameter The following table shows the parameters of the "PE_Measurement_List_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NE W Input BOOL I, Q, M, D, L or con stant The parameter must be interconnected with the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con stant Service-Request-ID of the PROFIenergy com mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. CMD_MODIFI ER Input INT I, Q, M, D, L or con stant PROFIenergy sub-command (evaluated only if CMD=3, or CMD=16). The parameter must be interconnected with the CMD_MODIFIER output parameter of the "PE_I_DEV" instruc tion. Count Input BYTE I, Q, M, D, L or con stant Number of measured values supported (meas urement IDs) Measurement_ List Input VARIANT D Pointer to the array with the Measurement_IDs supported. For information on the structure of the array in accordance with the PROFIenergy profile, see: PI Command "Query_Measurement" "Get_Measurement_list" (Page 3597) WinCC Advanced V14 System Manual, 10/2016 3615 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruc tion. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block sets the parameter once the response data for the PROFIenergy con troller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes ERROR Output BOOL I, Q, M, D, L "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". PE_Measurement_Value_RSP: Generate queried measured values as answer (S7-1200, S7-1500) Description The auxiliary block "PE_Measurement_Value_RSP" generates the response to the command Get_measurement_values (Page 3600). In the response, return the values of the requested measurements. 3616 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "PE_Measurement_Value_RSP" auxiliary block: Parameter Declaration Data type Memory area Description PE_I_DEV_NE W Input BOOL I, Q, M, D, L or con stant The parameter must be interconnected with the NEW output parameter of the "PE_I_DEV (Page 3601)" instruction. The auxiliary block is processed if the parameter value is set to "1". CMD Input INT I, Q, M, D, L or con stant Service-Request-ID of the PROFIenergy com mand The parameter must be interconnected with the CMD output parameter of the "PE_I_DEV (Page 3601)" instruction. CMD_MODIFI ER Input INT I, Q, M, D, L or con stant PROFIenergy sub-command (evaluated only if CMD=3, or CMD=16). The parameter must be interconnected with the CMD_MODIFIER output parameter of the "PE_I_DEV" instruction. Count Input BYTE I, Q, M, D, L or con stant Number of measured values (Measurement_Val ues). Measure ment_Values Input VARIANT D Pointer to the array with the measured values (Measurement_IDs). For information on the structure of the array in accordance with the PROFIenergy profile, see PI Command "Query_Measurement" - "Get_Meas urement_values" (Page 3600) ACTIVATE InOut BOOL I, Q, M, D, L The instruction copies the input parameters to the DATA_ERROR_RSP data area at a rising edge at input ACTIVATE. The parameter is then reset by the instruction. The parameter must be set within 10 seconds after a rising edge is detected at parameter NEW of the "PE_I_DEV (Page 3601)" instruction. VALID InOut BOOL I, Q, M, D, L The parameter must be interconnected with the VALID input of the "PE_I_DEV (Page 3601)" in struction. The auxiliary block sets the parameter once the response data for the PROFIenergy controller is available and ready for transmission. DATA_ ERRORRSP InOut VARIANT D Pointer on the data area in which the response data is stored. The parameter is identical to the pointer for DATA_ERRORRSP of the "PE_I_DEV (Page 3601)" instruction. The ad dressed data area contains the complete PRO FIenergy frame. Minimum length: 244 bytes WinCC Advanced V14 System Manual, 10/2016 3617 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L "0": No error "1": Error occurred. STATUS Output WORD I, Q, M, D, L "0": No error "0x80B1": Error in VARIANT setting, e.g. incorrect range You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Module parameter assignment (S7-1500) Writing and reading data records (S7-1500) Principle Some modules have a write-only system data area to which your program can transfer data records. This area contains data records with numbers from 0 to a maximum of 240. Not every module contains all of the data records (see following table). Modules can also have a system data area. From your program, you have read-access only to the system data area. This area contains data records with numbers from 0 to a maximum of 240. Not every module contains all of the data records (see following table). Note There are modules that have both system data areas. These are physically separate areas and the only thing they have in common is their logical structure. Write-only system data area The following table shows the structure of the write-only system data area. This table also shows how the permitted size of the individual data records and which instructions can be used to write them. Data record number Contents Size Can be written with instruc tion 0 Parameter - WR_DPARM (Page 3629) 1 Parameter - WR_DPARM (Page 3629) 2 to 127 User data Each 240 bytes WR_DPARM (Page 3629) WR_REC (Page 3535) 128 to 240 Parameter Each 240 bytes WR_DPARM (Page 3629) WR_REC (Page 3535) 3618 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Read-only system data area The following table shows the structure of the read-only system data area. This table also shows the permitted size of the individual data records and which instructions can be used to read them. Data record Contents Size Can be read with instruction 0 Module-specific diagnos tics data (set as standard for the entire system) 4 bytes RD_REC (Page 3530) 1 Channel-specific diagnostics data 4 to 220 Bytes RD_REC (Page 3530) number (incl. data record 0) 2 to 127 User data Each 240 bytes RD_REC (Page 3530) 128 to 240 Diagnostics data Each 240 bytes RD_REC (Page 3530) System resources If you start several asynchronous data record transfers one after the other with only short intervals between them, the allocation of system resources by the operating system ensures that all the jobs are executed and that they do not interfere with each other. If the limits of the system resources are reached, this is indicated in RET_VAL. You remedy this temporary error situation by repeating the job. The maximum number of "simultaneously" active jobs of a single instruction type depends on the CPU. RD_DPAR: Read module data record (S7-1500) Description You use the instruction to read the data record with the number INDEX of the addressed component from the configured system data. This may be a module in a central rack or a distributed component (PROFIBUS DP or PROFINET IO). The value TRUE for the output parameter VALID indicates that the data record was successfully transferred to the destination area RECORD. In this case, the LEN output parameter contains the length of the read data in bytes. If an error has occurred during transfer of the data record, this is indicated by the output parameter ERROR . In this case, the output parameter STATUS contains the error information. Note Information about the data records For information on the data record numbers and the data record structure, refer to the product manual for the relevant module. WinCC Advanced V14 System Manual, 10/2016 3619 Programming the PLC 11.4 Instructions Functional description The "RD_DPAR" instruction works asynchronously, that is, its execution extends over multiple calls. You start the data record transfer by calling "RD_DPAR" with REQ = 1. The output parameter BUSY and bytes 2 and 3 of the output parameter STATUS show the status of the job. Bytes 2 and 3 of STATUS match the output parameter RET_VAL of the instructions that operate asynchronously. See also: Difference between synchronous and asynchronous instructions (Page 2436) The transfer of the data record is complete when the output parameter BUSY has the value FALSE. Parameter The following table shows the parameters of the "RD_DPAR" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Read request LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module (e.g. input module). The number is assigned automatically and is stored in the properties of the module under "HW identifier" (e.g. "Input 0 - 15 > HW identi fier"). INDEX Input INT I, Q, M, D, L or con stant Data record number RECORD InOut VARIANT I, Q, M, D, L Destination area for the read data record VALID Output BOOL I, Q, M, D, L New data record was received and is valid BUSY Output BOOL I, Q, M, D, L BUSY = 1: The job is not yet complete. ERROR Output BOOL I, Q, M, D, L ERROR = 1: An error occurred during the read ing process. STATUS Output DWORD I, Q, M, D, L Call ID (bytes 2 and 3) or error code Byte 1: B#16#00, if no error. Otherwise function ID from DPV1-PDU: In the case of error for data record reading B#16#DE, in the case of error for data record writing B#16#DF. If no DPV1 protocol element is used: B#16#C0. Byte 4: Manufacturer-specific error ID extension LEN Output INT I, Q, M, D, L Length of the read data record information You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3620 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS Error code* Explanation Restriction 0000 No error - 7000 First call with REQ=0: No data transfer active; BUSY has the value "0". - (W#16#...) 7001 First call with REQ=1: Data transfer triggered; BUSY has the value "1". Distributed I/O 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". Distributed I/O 8090 Address specified at parameter LADDR is invalid. - 8092 A data type other than (Array of) bit string or integer was specified at the RECORD parameter. - 8093 This instruction is not valid for the module selected with LADDR. - 80A1 Negative acknowledgment during sending of data record to module (module defective or unplugged during sending). - 80A2 DP protocol error at layer 2, possible hardware/interface error in DP slave. Distributed I/O 80A3 DP protocol error at user interface/user. Distributed I/O 80A4 Communication problem on com bus. Error occurs between CPU and external DP interface module 80B0 Instruction for module type not possible, or module does not recognize the data record. - 80B1 The length of the data record to be sent is incorrect. - 80B2 The configured slot is not occupied. - 80B3 Actual module type does not correspond to specified module type. - 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - 80C3 The required resources (memory, etc.) are occupied at this time. 80C4 Internal temporary error. Job could not be executed. - Repeat the job. If this error occurs often, check your installation for sources of electrical interference. 80C5 Distributed I/O not available or deactivated. Distributed I/O 80C6 Data record transfer cancelled due to priority class abort (restart or background). Distributed I/O 80D0 There is no entry for the module. - 80D1 The data record number is not configured for the module (data record numbers > 241 are rejected). - 80D2 The module cannot be assigned parameters according to its type iden tifier. WinCC Advanced V14 System Manual, 10/2016 3621 Programming the PLC 11.4 Instructions Error code* Explanation Restriction The data record is static. - (W#16#...) 80D5 General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you read the complete parameter data record of a digital input module. Create nine tags in a global data block for storing the data and the structure "record". (You will find the organization of the structure below.) Create the following local tags in the FB. Create the tags "#modeBYTE" or "#modeBOOLS" as an AT construct. Interconnect the parameters of the "RD_DPAR" instruction as follows. 3622 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To convert the tag, interconnect the "Mode_Channel0" tag as follows You create an input module and read the hardware ID in the properties of the input module. You store the hardware identifier via the input parameter LADDR ("laddr"). When the input parameter REQ ("start") returns the signal state "TRUE", the "RD_DPAR" instruction is started. Via the input parameter LADDR ("laddr") the instruction "RD_DPAR" calls the module. Using the input parameter INDEX ("dataRecNbr") the data record with the number "128" of the module is called. During several calls the "RD_DPAR" instruction reads out the data record and saves the data record using the parameter RECORD ("record"). The length of the read data record is stored using the output parameter LEN ("lengthRec"). According to the value of the input parameter MLEN ("maxLen"), has the value "0" the data record information that is to be read is unlimited. During processing the output parameter BUSY ("busy") is set to "TRUE" and VALID ("checkedValid") to "FALSE". A successful reading result ("checkedValid" to "TRUE") is not output until processing is complete. The block status is displayed at the output parameter STATUS ("status"). Processing takes place without errors. WinCC Advanced V14 System Manual, 10/2016 3623 Programming the PLC 11.4 Instructions The data record 128 contains the parameter information of all channels of the module. The value "2" of the tag "ByteOfDataRec" relates to the length of the data per channel. It also provides information on the status and the operating mode. Excerpt of the read data record up to channel 1: For a more detailed explanation of the data of the data record 128 convert the BYTE values to a bit string. Here an example of the operating mode of the channel 0: Since bits 1 and 2 are set to "TRUE" the channel 0 has an input delay of 3.2 ms. You will find the explanation of the structure of the parameter data record or the channel in the device manual of the module. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also RD_DPARM: Read data record from configured system data (Page 3627) Overview of the types of data records (Page 3413) 3624 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RD_DPARA: Read module data record asynchronously (S7-1500) Description You use the instruction to read the data record with the number RECNUM of a selected module from the configured system data. The read data record is entered in the destination area defined by the parameter RECORD . Note Information about the data records For information on the data record numbers and the data record structure, refer to the product manual for the relevant module. Functional description The "RD_DPARA" instruction works asynchronously, that is, its execution extends over multiple calls. You start the reading process by calling the instruction with REQ = 1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) Parameters The following table shows the parameters of the "RD_DPARA" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Read request LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module (e.g. input module). The number is assigned automatically and is stored in the properties of the module under "HW identifier" (e.g. "Input 0 - 15 > HW iden tifier"). RECNUM Input BYTE I, Q, M, D, L or con stant Data record number (permitted values: 0 to 240) RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. If no error occurred during the transmission, the following cases are distinguished: RET_VAL contains the length of the actually read data record in bytes if the destination area is larger than the read data record. RET_VAL contains "0" if the length of the read data record is equal to the length of the destination area. WinCC Advanced V14 System Manual, 10/2016 3625 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description BUSY Output BOOL I, Q, M, D, L BUSY = 1: The job is not yet complete. RECORD Output VARIANT I, Q, M, D, L Destination area for the data record read. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation Restriction 0000 No error - 7000 First call with REQ=0: No data transfer active; BUSY has the value 0. - 7001 First call with REQ=1: Data transfer triggered; BUSY has the value "1". Distributed I/O 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". Distributed I/O 8090 Specified logical base address invalid. - 8092 A data type other than (Array of) bit string or integer was specified at the RECORD parameter. - 8093 This instruction is not valid for the module selected with LADDR. - 80A1 Negative acknowledgment during sending of data record to module (module defective or unplugged during sending). - 80A2 DP protocol error at layer 2, possible hardware/interface error in DP slave. Distributed I/O 80A3 DP protocol error at user interface/user. Distributed I/O 80A4 Communication on PBUS+ disrupted - 80B0 Instruction for module type not possible, or module does not recognize the data record. - 80B1 The length of the data record to be sent is incorrect. With RD_DPARM (Page 3627): The destination area spanned by RECORD is too short. - 80B2 The configured slot is not occupied. - 80B3 Actual module type does not correspond to specified module type. - 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - (W#16#...) 80C3 The required resources (memory, etc.) are occupied at this time. 80C4 Internal temporary error. Job could not be executed. - Repeat the job. If this error occurs often, check your installation for sources of electrical interference. 80C5 Distributed I/O not available or deactivated. Distributed I/O 80C6 Data record transfer cancelled due to priority class abort (restart or background). Distributed I/O 3626 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation Restriction 80D0 There is no entry for the module. - 80D1 The data record number is not configured for the module (data record numbers > 241 are rejected). - 80D2 The module cannot be assigned parameters according to its type iden tifier. 80D5 The data record is static. (W#16#...) General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". RD_DPARM: Read data record from configured system data (S7-1500) Use Note Restriction on use The "RD_DPARM" instruction is only intended for the migration from S7-300/400 CPUs to S7-1500 CPUs. In all other cases, use the "RD_DPARA" instruction. Description You use instruction to read the data record with the number RECNUM of the addressed module from the configured system data. The read data record is entered into the destination area spanned by the RECORD parameter. Note Information about the data records For information on the data record numbers and the data record structure, refer to the product manual for the relevant module. Functional description The "RD_DPARM" instruction works asynchronously, that is, its execution extends over multiple calls. The job status is indicated by the output parameter RET_VAL. See also: Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3627 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RD_DPARM" instruction: Parameter Declaration Data type Memory area Description IOID Input BYTE I, Q, M, D, L or con stant Address area identifier: B#16#54 = Peripheral input (PI) B#16#55 = Peripheral output (PQ) If the module is a mixed module, the area iden tifier of the lower address must be specified. If the addresses are identical, specify B#16#54. LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module (e.g. input module). The number is assigned automatically and is stored in the properties of the module under "HW identifier" (e.g. "Input 0 - 15 > HW identi fier"). RECNUM Input BYTE I, Q, M, D, L or con stant Data record number (permitted values: 0 to 240) RET_VAL Return INT I, Q, M, D, L Length of the data record read in bytes if the read data record fits in the destination area and no error occurred in the transfer. If an error occurs while the instruction is being executed, the return value contains an error code. RECORD Output VARIANT I, Q, M, D, L Destination area for the data record read. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation Restriction 0000 No error - 7001 First call: Data transfer started Distributed I/O 7002 Intermediate call: Data transfer already active Distributed I/O 8090 Specified logical base address invalid. - 8092 A type other than BYTE is specified in the VARIANT reference at the RECORD parameter. - 8093 This instruction is not valid for the module selected with LADDR. - 80A1 Negative acknowledgment when sending the data record to the module (the module was removed or became defective during transfer). - 80A2 DP protocol error at layer 2, possibly hardware/interface fault in DP slave. Distributed I/O 80A3 DP protocol error with user interface/user. Distributed I/O 80A4 Communication on PBUS+ disrupted - (W#16#...) 3628 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation Restriction 80B0 Instruction for module type not possible, or module does not recognize the data record - 80B1 The destination area spanned by RECORD is too short. - 80B2 The configured slot is not occupied. - 80B3 Actual module type does not match specified module type - 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - 80C3 The required resources (memory, etc.) are occupied at this time. - 80C4 Internal temporary error. Job could not be executed. - (W#16#...) Repeat the job. If this error occurs often, check your installation for sources of electrical interference. 80C5 Distributed I/O not available or deactivated 80C6 Data record transfer stopped due to priority class abort (restart or back Distributed I/O ground) 80D0 There is no entry for the module. - 80D1 The data record number is not configured for the module (data record numbers > 241 are rejected). - 80D2 The module cannot be assigned parameters according to its type iden tifier. 80D5 The data record is static. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation Distributed I/O - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WR_DPARM: Transfer data record (S7-1500) Description You use the instruction "WR_DPARM" to transfer the data record with the number RECNUM from the configuration data to the addressed module. The data record can be static or dynamic. Note Information about the data records For information on the data record numbers and the data record structure, refer to the product manual for the relevant module. WinCC Advanced V14 System Manual, 10/2016 3629 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "WR_DPARM" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Write request LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the module (e.g. input module). The number is assigned automatically and is stored in the properties of the module under "HW identifier" (e.g. "Input 0 - 15 > HW identi fier"). RECNUM Input BYTE I, Q, M, D, L or con stant Data record number RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. BUSY Output BOOL I, Q, M, D, L BUSY = 1: The writing process is not yet com plete. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation Restriction 0000 No error - 7000 First call with REQ=0: No data transfer active; BUSY has the value 0. - (W#16#...) 7001 First call with REQ=1: Data transfer triggered; BUSY has the value "1". Distributed I/O 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". Distributed I/O 8090 Address specified at parameter LADDR is invalid. - 8093 This instruction is not valid for the module selected with LADDR. - 80A1 Negative acknowledgment during sending of data record to module (module defective or unplugged during sending). - 80A2 DP protocol error at layer 2, possible hardware/interface error in DP slave. Distributed I/O 80A3 DP protocol error at user interface/user. Distributed I/O 80A4 Communication on PBUS+ disrupted - 80B0 Instruction for module type not possible, or module does not recognize the data record. - 80B1 The length of the data record to be sent is incorrect. - 80B2 The configured slot is not occupied. - 3630 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Explanation Restriction 80B3 Actual module type does not correspond to specified module type. - 80C1 The data of the previous write job on the module for the same data record has not yet been processed by the module. - 80C2 The module is currently processing the maximum possible number of jobs for a CPU. - 80C3 The required resources (memory, etc.) are occupied at this time. 80C4 Internal temporary error. Job could not be executed. (W#16#...) - Repeat the job. If this error occurs often, check your installation for sources of electrical interference. 80C5 Distributed I/O not available or deactivated. Distributed I/O 80C6 Data record transfer cancelled due to priority class abort (restart or background). Distributed I/O 80D0 There is no entry for the module. - 80D1 The data record number is not configured for the module (data record numbers > 241 are rejected). - 80D2 The module cannot be assigned parameters according to its type iden tifier. 80D5 The data record is static. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation - * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) Interrupts (S7-1200, S7-1500) ATTACH: Attach an OB to an interrupt event (S7-1200, S7-1500) Description You use the instruction "ATTACH" to assign an organization block (OB) to a hardware interrupt event. You enter the symbolic or numeric name of the organization block in the OB_NR parameter. This will then be assigned to the event specified in the EVENT parameter. You select the hardware interrupt event at the EVENT parameter. Hardware interrupt events already generated are listed in the PLC tags under "System constants". WinCC Advanced V14 System Manual, 10/2016 3631 Programming the PLC 11.4 Instructions If the event in the EVENT parameter occurs following error-free execution of the "ATTACH" instruction, the organization block in the OB_NR parameter will be called and its program executed. With the ADD parameter, you specify whether previous assignments of the organization block to other events should be canceled or retained. If the ADD parameter has the value "0", the existing assignments will be replaced by the current assignment. Hardware interrupt events Hardware interrupts can be used if events are not pending long enough. They react to these during runtime. Each hardware interrupt can be assigned to hardware interrupt OBs. These OBs contain the reaction to a particular event. Hardware interrupts can be created for different events. Examples for this are: The detection of rising or falling edges for digital inputs. Violation of defined low and high limits for analog inputs. External reset, overflow/underflow, direction reversal etc. for high-speed counters. Functional principle Each hardware interrupt can be assigned to a hardware interrupt OB, which is placed in the queue for processing when the hardware interrupt event occurs. The assignment of OB and event can occur during configuration or at runtime: To assign an event to an OB during configuration, select a hardware interrupt OB for an event in the hardware configuration under "Hardware interrupts". Use the ATTACH instruction to make the assignment during runtime. The assignment of event and hardware interrupt OB is made via the EVENT and OB_NR parameters. Parameters The following table shows the parameters of the "ATTACH" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_ATT I, Q, M, D, L or constant Organization block (numbers up to 32767 are supported.) EVENT Input EVENT_ATT I, Q, M, D, L or constant Hardware interrupt event to be assigned to the OB. The hardware interrupt event must first be enabled in the hardware device configura tion for inputs or high-speed counters. ADD Input BOOL I, Q, M, D, L or constant Effects on previous assignments: ADD=0 (default): This event replaces all previous event assignments for this OB. ADD=1: This event is added to the previous event assignments for this OB. RET_VAL 3632 Return INT I, Q, M, D, L Status of the instruction WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0 No error 8090 OB does not exist 8091 OB is incorrect type 8093 Event does not exist * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you assign a hardware interrupt OB (OB40) to a created hardware interrupt event. Requirements: You create an input module (DI) and configure a hardware interrupt event for a positive edge under "Properties > Inputs 0-15 > ... > Channel 0". The following hardware ID of the configured hardware interrupt event is stored at the input parameter EVENT ("event"). Data storage Create nine tags in a global data block for storing the data. You store the number of the OB to be assigned (OB40) with the input parameter OB_NR ("obNbr") of the instruction "ATTACH". WinCC Advanced V14 System Manual, 10/2016 3633 Programming the PLC 11.4 Instructions To call the hardware interrupt event, you create a tag table with a PLC tag (address "I0.0"). Interconnection Interconnect the parameters of the instruction as follows. Interconnect the PLC tag as follows to call the hardware interrupt event. Network 2: Network 3: 3634 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To reset, interconnect "testValue2" and "SLI_ATTACH_force" as follows. Network 4: Create the following interconnection in OB40: Processing When the normally open contact ("start") supplies the signal state "TRUE", the "ATTACH" instruction is executed and the event is assigned to the OB. With the value "FALSE" of the input parameter ADD ("add"), the event replaces all previous event assignments for OB40. The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. When the normally open contact ("signal") in network 2 supplies the signal state "TRUE", the PLC tag "SLI_ATTACH_force" is set to the signal state "TRUE" and OB40 is executed. While OB40 is being called, the value of "testValue1" is transferred to "testValue2". When the normally open contacts ("start" and "signal") supply the signal state "FALSE", the values of "testValue2" and "SLI_ATTACH_force" are reset in network 4. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3635 Programming the PLC 11.4 Instructions DETACH: Detach an OB from an interrupt event (S7-1200, S7-1500) Description You use this instruction to cancel the existing assignment of an organization block to one or more hardware interrupt events during runtime. You enter the symbolic or numeric name of the organization block in the OB_NR parameter. This assignment to the event specified in the EVENT parameter will be canceled. If you have selected an individual hardware interrupt event at the EVENT parameter, the assignment of the OB to this hardware interrupt event is cancelled. All other currently existing assignments remain active. You can select an individual hardware interrupt event using the drop-down list of the operand placeholder. If you have not selected a hardware interrupt event, all the events currently assigned to this OB_NR organization block are separated. Parameters The following table shows the parameters of the "DETACH" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_ATT I, Q, M, D, L or constant Organization block (numbers up to 32767 are supported.) EVENT Input EVENT_ATT I, Q, M, D, L or constant Hardware interrupt event RET_VAL Return INT I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0 No error 1 No assignment exists (warning) 8090 OB does not exist 8091 OB has incorrect type 8093 Event does not exist * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you assign a hardware interrupt event to a hardware interrupt OB (OB41), and dissolve the assignment. 3636 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements: A hardware interrupt OB (OB41 with the name "SLI_iOB_DETACH") has already been created. You create an input module (DI) and configure a hardware interrupt event for a positive edge under "Properties > Inputs 0-15 > ... > Channel 1". The following hardware ID of the configured hardware interrupt event ("Rising edge 1") is stored at the input parameter EVENT ("event"). Data storage: Create ten tags in a global data block for storing the data. You store the number of the OB to be assigned (OB41) with the input parameter OB_NR ("obNbr") of the instructions "ATTACH" and "DETACH". To call the hardware interrupt event, you create a tag table with a PLC tag (address "I1.0"). WinCC Advanced V14 System Manual, 10/2016 3637 Programming the PLC 11.4 Instructions Interconnection: To call the instructions, create an FB ("SLI_FB_DETACH"). Network 1: Interconnect the parameters of the "ATTACH" instruction as follows. Network 2: Interconnect the PLC tag as follows to call the hardware interrupt event. Network 3: You forward the call of the hardware interrupt event as follows. Network 4: Interconnect the parameters of the "DETACH" instruction as follows. Network 5: To reset, interconnect "testValue2" and "SLI_DETACH_event" as follows. 3638 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Create the following interconnection in OB41: Processing When the normally open contact ("startAttach") supplies the signal state "TRUE", the "ATTACH" instruction is executed and the event is assigned to OB41. With the value "FALSE" of the input parameter ADD ("add"), the event replaces all previous event assignments for OB41. The output parameter RET_VAL ("retValAtt") indicates that processing took place without errors. When the normally open contact ("signal") in network 2 supplies the signal state "TRUE", the hardware interrupt event ("SLI_DETACH_event") is set to "TRUE". The OB41 is called and the value of "testValue1" is transferred to "testValue2" in OB41. As long as the hardware interrupt event returns the signal state "TRUE", the OB41 is called and displayed in network 3 by the coil ("scannedSignal"). WinCC Advanced V14 System Manual, 10/2016 3639 Programming the PLC 11.4 Instructions When "testValue1" and "testValue2" supply the same value, the instruction "DETACH" is executed and the event is separated from OB41. The output parameter RET_VAL ("retValDet") indicates that processing took place without errors. When the tag "startAttach" supplies the signal state "FALSE", the values of "testValue2" and the PLC tag are reset in network 5. You can find additional information and the program code for the above-named example here:Sample Library for Instructions (Page 2434) 3640 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Cyclic interrupt (S7-1200, S7-1500) SET_CINT: Set cyclic interrupt parameters (S7-1200, S7-1500) Description You use this instruction to set the parameters for a cyclic interrupt OB. The start time for a cyclic interrupt OB is generated from the respective time interval of the OB and the phase offset. The time interval of an OB is the interval at which the OB is periodically called. For example, if the time interval is 100 s, the OB will be called every 100 s during program execution. The phase offset is a time interval by which the call of a cyclic interrupt OB is offset. You can use the phase offset to process low priority organization blocks in a precise time base. If the OB does not exist or if the time interval used is not supported, a corresponding error alarm is output in the RET_VAL parameter. A time interval in the CYCLE parameter of "0" means that the OB will not be called. Functional description If a lower priority OB and a higher priority OB are called in the same time interval, the lower priority OB will only be called once the higher priority OB has been executed. The call time for the lower priority OB can be offset according to the length of time to execute the higher-priority OB. 2%FDOOZLWKRXWSKDVHRIIVHW 581 W W W W W W W W 2% +LJKHUSULRULW\ 2% /RZHUSULRULW\ If a phase offset is configured for the lower priority OB and the phase offset is greater than the current execution time of the respective higher priority OB, then the block will be called in a fixed time base. WinCC Advanced V14 System Manual, 10/2016 3641 Programming the PLC 11.4 Instructions 2%FDOOZLWKSKDVHRIIVHW 581 W W W W W W W 2% +LJKHUSULRULW\ W 2% /RZHUSULRULW\ 3KDVHRIIVHW Parameters The following table shows the parameters of the "SET_CINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_CYCLIC I, Q, M, D, L or constant OB number (<32768) CYCLE Input UDINT I, Q, M, D, L or constant Time interval in microseconds PHASE Input UDINT I, Q, M, D, L or constant Phase offset RET_VAL Return INT I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#....) 0 No error 8090 OB does not exist or is of the wrong type 8091 Incorrect time interval 8092 Incorrect phase offset 80B2 No event assigned to OB * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for cyclic interrupt functions (Page 3644). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). 3642 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions QRY_CINT: Query cyclic interrupt parameters (S7-1200, S7-1500) Description You can use this instruction to query the current parameters of a cyclic interrupt OB. The cyclic interrupt OB is identified using the OB_NR parameter. The values of the queried cyclic interrupt parameters correspond to those at the time the "QRY_CINT" instruction is executed. Parameters The following table shows the parameters of the "QRY_CINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_CYCLIC (INT) I, Q, M, D, L or constant OB number (<32768) or symbolic address ing via the name of the OB (e.g. OB_MyOB) CYCLE Output UDINT I, Q, M, D, L Time interval in microseconds PHASE Output UDINT I, Q, M, D, L Phase offset STATUS Output WORD I, Q, M, D, L Status of the cyclic interrupt: Bit 0 to bit 4: see parameter STATUS Other bits: Always "0" RET_VAL Return INT I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS Bit Value Meaning 0 0 Not used (always "0"). 1 0 The cyclic interrupt is enabled. 1 The cyclic interrupt is delayed. 0 The cyclic interrupt is not enabled or has expired. 1 The cyclic interrupt is enabled. 3 0 Not used (always "0"). 4 0 An OB with the specified number does not exist. 1 An OB with the specified number exists. 2 Other bits Not used (always "0"). WinCC Advanced V14 System Manual, 10/2016 3643 Programming the PLC 11.4 Instructions Parameter RET_VAL If an error occurs, the relevant error code is displayed in the RET_VAL parameter and the STATUS parameter is set to "0". Error code* Description (W#16#....) 0 No error. 8090 OB does not exist or is of the wrong type 80B2 No result assigned to OB. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for cyclic interrupt functions (Page 3644). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). Program example for cyclic interrupt functions (S7-1200, S7-1500) Introduction In the following example, you read the phase and the cycle time of a cyclic interrupt OB (OB31) and set a new cycle time. The OB31 has the following defaults: Requirements To call, create an OB31. Create twelve tags in a global data block for storing the data. 3644 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To call the instructions, create an FB ("SLI_FB_SET_CINT"). To transfer data, create the following local tags in the FB "SLI_FB_SET_CINT". Interconnect parameters Create the following interconnections in the FB "SLI_FB_SET_CINT": Network 1: Interconnect the parameters of the "QRY_CINT" instruction as follows. Network 2: Interconnect the parameters of the "SET_CINT" instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3645 Programming the PLC 11.4 Instructions Network 3: To evaluate the status information, create an FC "SLI_itemiseStatus_CINT" and call it in network 3 of the FB. In FC "SLI_itemiseStatus_CINT": Interconnect the bits of the tag "qryStatusBool" according to the following schema with the structure "itemiseStatus". Create the following interconnections in OB31. Result of "QRY_CINT" The number of the OB to be called (OB31) is stored with the input parameter OB_NR ("obNbr") of the instructions "QRY_CINT" and "SET_CINT". 3646 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions When the normally open contact ("executeQry") supplies the signal state "TRUE", the "QRY_CINT" instruction is executed and the data of OB31 is read. The cycle time is output at the output parameter CYCLE ("qryCycle"). The phase offset is output at the output parameter PHASE ("qryPhase"). The output parameter STATUS ("qryStatus") displays the status of OB31. The output parameter RET_VAL ("returnValueQry") indicates that processing is taking place without errors. Result of "SET_CINT" When the normally open contact ("executeSet") supplies the signal state "TRUE", the "SET_CINT" instruction is executed. A new cycle time is transferred to OB31 with the input parameter CYCLE ("setCycle") of the instruction "SET_CINT". The value "0" is stored as phase offset at the input parameter PHASE ("setPhase"). The output parameter RET_VAL ("returnValueSet") indicates that processing took place without errors. WinCC Advanced V14 System Manual, 10/2016 3647 Programming the PLC 11.4 Instructions After execution of the instruction "SET_CINT", OB31 retains the new cyclic interrupt data until STOP of the CPU. After the execution, you can set the normally open contact ("executeSet") to the signal state "FALSE" once again. The default properties of OB31 are not affected by the execution of "SET_CINT". Result of the OB31 When the normally open contact ("executeSet") supplies the signal state "TRUE", an IEC timer "TP" is started in OB31. The IEC timer stops after 2 minutes. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3648 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Time-of-day interrupt (S7-1200, S7-1500) SET_TINT: Set time-of-day interrupt (S7-1500) Description The instruction "SET_TINT" is used to set the start data and time of the time-of-day interrupt organization blocks from the user program, without having to make settings in the hardware configuration. Enter the number of the time-of-day interrupt-OBs at the parameter OB_NR for which you would like to set the start date and the time-of-day. Use the parameter SDT and PERIOD to specify when and how often the time-of-day interrupt OB should be called: - One-time call: Enter the date and the time-of-day at the parameter SDT. Use the value "0" at parameter PERIOD. - Repeated call: Enter the date and the time-of-day of the first call at the parameter SDT. Use the parameter PERIOD to define the time interval in which subsequent calls of the OBs should take place. Observe the following when setting the start date and start time: The date and the time-of-day specification at the parameter SDT refers to the system time. The seconds and milliseconds specification is ignored and set to "0" at the start time. Only the starting date days 1, 2, ... 28 are possible if you want to specify a monthly time-ofday interrupt OBs. This restriction prevents skipping the monthly call (e.g. 30-day months or in February). The setting "end of the month" (W#16#2001) can be used at the parameter PERIOD as an alternative to the 29th 30th and the 31st of the month. After setting the time-of-day interrupt with "SET_TINT" it still must be activated with the instruction "ACT_TINT". Note Additional information about time-of-day interrupt OBs Other special features for the use of time-of-day interrupt OBs can be found in the descriptions of the organization blocks of the respective CPU: For the S7-1200: Time-of-day interrupt OBs (Page 1000) For the S7-1500: AUTOHOTSPOT The settings at the parameters SDT and PERIOD coincide with the settings for time-of-day interrupt in the properties of the time-of-day interrupt OBs. WinCC Advanced V14 System Manual, 10/2016 3649 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "SET_TINT" instruction: Parameters Declaration Data type Memory area Description OB_NR Input OB_TOD I, Q, M, D, L or con stant Number of the time-of-day interrupt OBs The numbers 10 to 17 are available for the time-of-day interrupt OBs. An OB number starting with 123 can also be assigned as an alternative. The OB number is displayed in the program block folder and in the system constants. SDT Input DT D, L or constant Start date and start time PERIOD Input WORD I, Q, M, D, L or con stant Execution intervals from the starting point SDT to: W#16#0000 = single execution W#16#0201 = once every minute W#16#0401 = once hourly W#16#1001 = once daily W#16#1201 = once weekly W#16#1401 = once monthly W#16#1801 = once yearly W#16#2001 = at month's end RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the actual parameter of RET_VAL contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Error at the parameter OB_NR (no time-of-day interrupt OB addressed). 8091 Error at the parameter SDT (invalid date and time-of-day specification). 8092 Incorrect input at the parameter PERIOD. 80A1 The set start time is in the past. This error code only occurs at PERIOD = W#16#0000. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". 3650 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example You can find the example here: Program example for time-of-day interrupt functions (Page 3657). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). See also ACT_TINT: Enable time-of-day interrupt (Page 3654) SET_TINTL: Set time-of-day interrupt (S7-1200, S7-1500) Description The instruction "SET_TINTL" is used to set the start data and time of the time-of-day interrupt organization blocks from the user program, without having to make settings in the hardware configuration. Enter the number of the time-of-day interrupt-OBs at the parameter OB_NR for which you would like to set the start date and the time-of-day. Use the parameter SDT and PERIOD to specify when and how often the time-of-day interrupt OB should be called: - One-time call: Enter the date and the time-of-day at the parameter SDT. Use the value "0" at parameter PERIOD. - Repeated call: Enter the date and the time-of-day of the first call at the parameter SDT. Use the parameter PERIOD to define the time interval in which subsequent calls of the OBs should take place. Use the parameter LOCAL to select whether the time specified at the parameter SDT refers to the local time or the system time. With the ACTIVATE parameter, you specify when the settings made for the organization block are to be applied: - ACTIVATE = true: The settings made are applied directly. - ACTIVATE = false: The settings are applied only after "ACT_TINT (Page 3654)" is called: Observe the following when setting the start date and start time: The seconds and milliseconds specification is ignored and set to "0" at the start time. Only the starting date days 1, 2, ... 28 are possible if you want to specify a monthly time-ofday interrupt OBs. This restriction prevents skipping the monthly call (e.g. 30-day months or in February). The setting "end of the month" (W#16#2001) can be used at the parameter PERIOD as an alternative to the 29th 30th and the 31st of the month. WinCC Advanced V14 System Manual, 10/2016 3651 Programming the PLC 11.4 Instructions Please observe the following during the use of local time: Changeover from daylight saving to standard time: When calling time-of-day interrupt organization blocks with a start time within the second hour during changeover from daylight saving time to standard time, also use a time-delay interrupt during the first hour of the time changeover. Changeover from standard to daylight saving time: If you specify the skipped hour as the time-of-day for the daylight saving time changeover day, the error code 16#8091 will be output at a single execution (PERIOD = W#16#0000). Note Additional information about time-of-day interrupt OBs Other special features for the use of time-of-day interrupt OBs can be found in the descriptions of the organization blocks of the respective CPU: For the S7-1200: Time-of-day interrupt OBs (Page 1000) For the S7-1500: AUTOHOTSPOT The settings at the parameters SDT and PERIOD coincide with the settings for time-of-day interrupt in the properties of the time-of-day interrupt OBs. Parameters The following table shows the parameters of the "SET_TINTL" instruction: Parameters Declaration Data type Memory area Description OB_NR Input OB_TOD I, Q, M, D, L or con stant Number of the time-of-day interrupt OBs The numbers 10 to 17 are available for the time-of-day interrupt OBs. An OB number starting with 123 can also be assigned as an alternative. The OB number is displayed in the program block folder and in the system constants. SDT Input DTL D, L or constant Start date and start time LOCAL Input BOOL I, Q, M, D, L or con stant true: Use local time PERIOD Input WORD I, Q, M, D, L or con stant Execution intervals from the starting point SDT to: false: Use system time W#16#0000 = single execution W#16#0201 = Once every minute W#16#0401 = once hourly W#16#1001 = once daily W#16#1201 = once weekly W#16#1401 = once monthly W#16#1801 = once yearly W#16#2001 = at month's end 3652 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description ACTIVATE Input BOOL I, Q, M, D, L or con stant true: Set and activate the time-of-day interrupt false: Set the time-of-day interrupt and activate only at call of "ACT_TINT (Page 3654)" RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the actual parameter of RET_VAL contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Error at the parameter OB_NR (no time-of-day interrupt OB addressed). 8091 Error at the parameter SDT (invalid date and time-of-day specification). 8092 Incorrect input at the parameter PERIOD. 80A1 The set start time is in the past. This error code only occurs at PERIOD = W#16#0000. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". CAN_TINT: Cancel time-of-day interrupt (S7-1200, S7-1500) Description The instruction "CAN_TINT" is used to delete the start date and time of a specified time-of-day interrupt organization block. This deactivates the time-of-day interrupt, and the organization block is no longer called. If you want to reuse the time-of-day interrupt, the start time must be reset (instruction "SET_TINTL (Page 3651)" or "SET_TINT (Page 3649)"). After this, you must reactivate the time-of-day interrupt: If you use the instruction "SET_TINT (Page 3649)" or "SET_TINTL (Page 3651)" with parameter ACTIVE=false to set the time-of-day interrupt, call "ACT_TINT (Page 3654)". By using the instruction "SET_TINTL (Page 3651)" you can also activate the time-of-day interrupt directly with the parameter ACTIVE=true. WinCC Advanced V14 System Manual, 10/2016 3653 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "CAN_TINT" instruction: Parameters Declaration Data type Memory area Description OB_NR Input OB_TOD I, Q, M, D, L or constant Number of the time-of-day interrupt OB, whose starting date and time-of-day are to be deleted. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is be ing executed, the actual parameter of RET_VAL contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Error at the parameter OB_NR. 80A0 No starting date/time-of-day defined for the affected time-of-day interrupt OB. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for time-of-day interrupt functions (Page 3657). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). ACT_TINT: Enable time-of-day interrupt (S7-1200, S7-1500) Description The instruction "ACT_TINT" is used to activate a time-of-day interrupt organization block from the user program. A prerequisite for the execution of the instruction is that the starting date and time-of-day are already set for the time-of-day interrupt OB. 3654 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "ACT_TINT" instruction: Parameters Declaration Data type Memory area Description OB_NR Input OB_TOD I, Q, M, D, L or con stant Number of the time-of-day interrupt OBs The numbers 10 to 17 are available for the time-of-day interrupt OBs. An OB number starting with 123 can also be assigned as an alternative. The OB number is displayed in the program block folder and in the system constants. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the actual parameter of RET_VAL contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Error at the parameter OB_NR (no time-of-day interrupt OB addressed). 80A0 Start date and time-of day not set for the relevant time-of-day interrupt OB. 80A1 The activated time is in the past. If the time-of-day interrupt is to be executed only once, only this error occurs. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for time-of-day interrupt functions (Page 3657). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). QRY_TINT: Query status of time-of-day interrupt (S7-1200, S7-1500) Description You can use this instruction to display the status of a time-of-day interrupt organization block in the STATUS output parameter. WinCC Advanced V14 System Manual, 10/2016 3655 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "QRY_TINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_TOD I, Q, M, D, L or constant Number of the time-of-day interrupt OB whose status is queried The OB number is displayed in the program block folder and in the system constants. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is be ing executed, the actual parameter of RET_VAL contains an error code. STATUS Output WORD I, Q, M, D, L Status of the time-of-day interrupt (see be low) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Error at the parameter OB_NR. Possible causes: Exception: Status message "0" on bit 4 (no OB with this number created). The value at the parameter OB_NR is not an OB number (<1 or > 32767) supported by the CPU. The OB number does not address a time-of-day interrupt OB. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Parameter STATUS If an error occurs (see RET_VAL parameter), "0" is output in the STATUS parameter. Bit Value Meaning 0 Always "0" Irrelevant 1 0 The time-of-day interrupt is enabled. 1 The time-of-day interrupt is disabled. 0 Time-of-day interrupt is not activated or has elapsed. 1 The time-of-day interrupt is activated. 0 An OB with an OB number as specified at OB_NR parameter does not exist. 1 An OB with an OB number as specified at OB_NR parameter does exist. 0 The time-of-day interrupt is based on the system time 1 The time-of-day interrupt is based on the local time 2 4 6 Other 3656 Always "0" WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example You can find the example here: Program example for time-of-day interrupt functions (Page 3657). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). Program example for time-of-day interrupt functions (S7-1200, S7-1500) Introduction In the following example, you read the status of a time-of-day interrupt OB (OB10), and set a start time as well as the call frequency. Once OB10 has been started, disable OB10 once again. The OB10 has the following defaults: Requirements Create fourteen tags and a structure in a global data block for storing the data. WinCC Advanced V14 System Manual, 10/2016 3657 Programming the PLC 11.4 Instructions To transfer data, also create the following local tags in an FB ("SLI_FB_SET_TINT"). Interconnect parameters Create the following interconnections in the FB "SLI_FB_SET_TINT": Network 1: Interconnect the parameters of the "QRY_TINT" instruction as follows. Network 2: To read the date (system time) and define the start time of OB10, create an FC "SLI_retrievetime_TINT" and call it in network 2 of the FB. In FC "SLI_retrievetime_TINT": Interconnect the parameters as follows. "RD_SYS_T" reads the system time. Use "T_ADD" to add 5 minutes to the system time. Network 3: Interconnect the parameters of the "SET_TINT" instruction as follows. 3658 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 4: Interconnect the parameters of the "ACT_TINT" instruction as follows. Network 5: Interconnect the parameters of the "CAN_TINT" instruction as follows. Network 6: Interconnect the parameters that are to be reset with the execution of "CAN_TINT" as follows. Network 7: To evaluate the status information, create an FC "SLI_itemiseStatus_TINT" and call it in network 7 of the FB. WinCC Advanced V14 System Manual, 10/2016 3659 Programming the PLC 11.4 Instructions In FC "SLI_itemiseStatus_TINT": Interconnect the bits of the tag "qryStatusBool" according to the following schema with the structure "itemiseStatus". Create the following interconnections in OB10. Result of "QRY_TINT" The instructions receive the number of the OB to be called (OB10) with the input parameter OB_NR ("obNbr"). Network1: When the normally open contact ("executeQry") supplies the signal state "TRUE", the "QRY_TINT" instruction is executed and the data of OB10 is read. The output parameter STATUS ("#statWord") displays the status of OB10. The output parameter RET_VAL ("returnValueQry") indicates that processing is taking place without errors. With a MOVE instruction, the status ("#statWord") is transferred as an Array of BOOL ("#statBool") to the tag "qryStatusBool". 3660 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of "SET_TINT" Network 3: When the normally open contact ("executeSet") supplies the signal state "TRUE", the "SET_TINT" instruction is executed. The input parameter SDT ("startDateTime") transfers the defined start time (see Network 2) to OB10. "Every minute" (value "16#0201") is stored as call frequency at the input parameter PERIOD ("periodOfExecute"). The output parameter RET_VAL ("returnValueSet") indicates that processing took place without errors. The execution of SET_TINT sets the coil ("executeAct") to "TRUE" and the instruction "ACT_TINT" is executed in network 4. Result of "ACT_TINT" Network 4: The instruction "ACT_TINT" activates OB10. The output parameter RET_VAL ("returnValueAct") indicates that processing took place without errors. The reset ("executeSet") in the signal state "TRUE" automatically ends the execution of the SET_TINT instruction and therefore also the execution of the ACT_TINT instruction. Note After execution of the instruction "SET_TINT", OB10 retains the new call data until STOP of the CPU. The default properties of OB10 are not affected by the execution of the instruction "SET_TINT". WinCC Advanced V14 System Manual, 10/2016 3661 Programming the PLC 11.4 Instructions Result of the OB10 With each call of OB10, the instruction "ADD" is executed and the tag "testCurrCount" is incremented by "1". OB10 is called (according to the value of "periodOfExecute") once every minute. Result of "CAN_TINT" Network 5: When OB10 is set and enabled ("#statWord" has the value "16#0014"), the comparator supplies the signal state "TRUE" and CAN_TINT can be executed. When the normally open contact ("executeCan") supplies the signal state "TRUE", the "CAN_TINT" instruction is executed. The instruction disables OB10 and deletes the call data of OB10 set with SET_TINT. The output parameter RET_VAL ("returnValueCan") indicates that processing took place without errors. The execution of CAN_TINT sets the coil ("#statMem") to "TRUE" and network 6 is executed. 3662 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of the reset Network 6: When the normally open contact ("#statMem") supplies the signal state "TRUE", the tag "testCurrCount" is reset to the value "0" with the instruction "MOVE". Reset ("executeCan") in the signal state "TRUE" also automatically ends the execution of the instruction "CAN_TINT". Result of the status information "qryStatusBool" The FB "SLI_itemiseStatus_TINT" is called in network 7. The significant bits of the tag "qryStatusBool" are evaluated and output as Boolean tags with plain-text name. When a tag of the structure "itemiseStatus" supplies the signal state "TRUE", its statement is correct. Additional information You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Time-delay interrupt (S7-1200, S7-1500) Using time-delay interrupts (S7-1200, S7-1500) Definition After you have called the "SRT_DINT (Page 3664)" instruction, the operating system generates an interrupt after the specified delay time has elapsed. The configured time-delay interrupt OB is called. Prerequisites for the call Before a time-delay interrupt can be called by the operating system, the following conditions must be met: The time-delay interrupt OB must be started by the "SRT_DINT (Page 3664)" instruction. The time-delay interrupt OB must not be deselected during configuration. The time-delay interrupt OB must exist in the CPU. Purpose of the instructions "SRT_DINT", "CAN_DINT" and "QRY_DINT" You use the instructions to Start time-delay interrupts ("SRT_DINT (Page 3664)") Cancel time-delay interrupts ("CAN_DINT (Page 3666)") Query time-delay interrupts ("QRY_DINT (Page 3666)") WinCC Advanced V14 System Manual, 10/2016 3663 Programming the PLC 11.4 Instructions Effects on the time-delay interrupt The following table lists a number of different situations and explains the effect they have on a time-delay interrupt. If ... and ... Then ... A time-delay interrupt is started (by calling "SRT_DINT (Page 3664)") The time-delay interrupt has already started, The delay time is overwritten; the time-delay interrupt is started again. The time-delay interrupt OB does not exist at the time of the call, The operating system generates a priority class error (calls OB 85). If OB 85 does not exist, the CPU changes to STOP. The interrupt is started in a startup OB and the delay time elap ses before the CPU changes to RUN, The call of the time-delay interrupt OB is delayed until the CPU is in RUN mode. The delay time has elapsed, A previously started time-de lay interrupt OB is still being executed, The operating system generates a time error (calls OB 80). If OB 80 does not exist, the CPU changes to STOP. Response to warm restart and cold restart During a warm restart or a cold restart, all the time-delay interrupt settings made in the user program by means of instructions are cleared. Starting in a startup OB A time-delay interrupt can be started in a startup OB. Two conditions must be satisfied to call the time-delay OB: The delay time must have elapsed. The CPU must be in the RUN mode. If the delay time has elapsed and the CPU is not yet in the RUN mode, the time-delay interrupt OB call is delayed until the CPU is in RUN mode. The time-delay interrupt OB is then called before the first instruction in OB Main [OB 1] is executed. SRT_DINT: Start time-delay interrupt (S7-1200, S7-1500) Description The instruction "SRT_DINT" is used to start a time-delay interrupt, which calls a time-delay interrupt OB after the expiry of the delay time specified at the parameter DTIME. The delay time is started when a negative edge is generated at the EN enable input. The signal state of enable input EN must be "0" during delay time countdown. If the delay time countdown is interrupted, the OB configured in the OB_NR parameter is not executed. 3664 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Accuracy The maximum time between the call of the "SRT_DINT" instruction and the start of the timedelay interrupt OB is one millisecond longer than the configured delay time, provided that no interruption events delay the call. Parameters The following table shows the parameters of the "SRT_DINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_DELAY (INT) I, Q, M, D, L or constant Number of the OB to be executed after a delay time DTIME Input TIME I, Q, M, D, L or constant Delay time (1 to 60000 ms) You can realize longer times, for example, by using a counter in a time-delay inter rupt OB. SIGN Input WORD I, Q, M, D, L or constant Identifier that appears when the time-de lay interrupt OB is called in the start event information of the OB. RET_VAL Return INT I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error 8090 Incorrect parameter OB_NR 8091 Incorrect parameter DTIME General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for time-delay interrupt functions (Page 3668). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3665 Programming the PLC 11.4 Instructions CAN_DINT: Cancel time-delay interrupt (S7-1200, S7-1500) Description You use this instruction to cancel a started time-delay interrupt and, thus, also cancel the call of the time-delay interrupt OB that is executed after the configured delay time. You specify the number of the organization block whose call is to be canceled in the OB_NR parameter. Parameters The following table shows the parameters of the "CAN_DINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_DELAY (INT) I, Q, M, D, L or constant Number of the OB whose call will be can celed RET_VAL Return INT I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error 8090 Incorrect parameter OB_NR 80A0 Time-delay interrupt has not started. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for time-delay interrupt functions (Page 3668). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). QRY_DINT: Query time-delay interrupt status (S7-1200, S7-1500) Description The instruction "QRY_DINT" is used to query the status of the time-delay interrupt. 3666 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "QRY_DINT" instruction: Parameter Declaration Data type Memory area Description OB_NR Input OB_DELAY (INT) I, Q, M, D, L or con stant Number of the OB whose status is being quer ied. RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the actual parameter of RET_VAL contains an error code. The value "0" is dis played in the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status of the time-delay interrupt, see following table. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS Bit Value Meaning 0 0 Irrelevant 1 0 Time-delay interrupt is enabled by the operating system. 1 Time-delay interrupt is disabled. 0 Time-delay interrupt is not activated or has elapsed. 2 1 Time-delay interrupt is activated. 3 - - 4 0 Time-delay interrupt OB with the specified number does not exist. 1 Time-delay interrupt OB with the specified number exists. Other bits Always "0" Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 Incorrect information in the OB_NR parameter General error infor mation See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for time-delay interrupt functions (Page 3668). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3667 Programming the PLC 11.4 Instructions Program example for time-delay interrupt functions (S7-1200, S7-1500) Introduction In the following example, you read the status of a time-delay interrupt OB (OB20), and set a new delay time and start or disable OB20. Requirements Create eleven tags and a structure in a global data block for storing the data. To transfer data, also create the following local tags in an FB ("SLI_FB_SRT_DINT"). Interconnect parameters Create the following interconnections in the FB "SLI_FB_SRT_DINT": Network 1: Interconnect the parameters of the "QRY_DINT" instruction as follows. 3668 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Interconnect the parameters of the "SRT_DINT" instruction as follows. Network 3: Interconnect the parameters of the "CAN_DINT" instruction as follows. Network 4: Interconnect the parameters that are to be reset with the execution of "CAN_DINT" as follows. Network 5: To evaluate the status information, create an FC "SLI_itemiseStatus_DINT" and call it in network 5 of the FB. WinCC Advanced V14 System Manual, 10/2016 3669 Programming the PLC 11.4 Instructions In FC "SLI_itemiseStatus_DINT": Interconnect the bits of the tag "qryStatusBool" according to the following schema with the structure "itemiseStatus". Create the following interconnections in OB20. Result of "QRY_DINT" The instructions receive the number of the OB to be called (OB20) with the input parameter OB_NR ("obNbr"). Network 1: When the normally open contact ("executeQry") supplies the signal state "TRUE", the "QRY_DINT" instruction is executed and the data of OB20 is read. The output parameter STATUS ("#statWord") displays the status of OB20. The output parameter RET_VAL ("returnValueQry") indicates that processing is taking place without errors. With a MOVE instruction, the status ("#statWord") is transferred as an Array of BOOL ("#statBool") to the tag "qryStatusBool". 3670 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of "SRT_DINT" Network 2: When the normally open contact ("executeSrt") supplies the signal state "TRUE", the "SRT_DINT" instruction is executed. The input parameter DTIME ("delayTime") transfers the time delay to OB20 and OB20 is enabled. The selected identifier (value "16#0001") to be output with the execution of OB20 is stored at the input parameter SIGN ("sign"). The identifier is shown in the start event information of OB20. The output parameter RET_VAL ("returnValueSrt") indicates that processing took place without errors. When the normally open contact ("executeSrt") supplies the signal state "FALSE", the timer of OB20 is started. As soon as the delay time has expired, OB20 is executed once. Result of the OB20 With each call of OB20, the instruction "ADD" is executed and the tag "testCurrCount" is incremented by "1". OB20 is called only once after expiration of the delay time defined with SRT_DINT. After it has been called, OB20 is once again "disabled". WinCC Advanced V14 System Manual, 10/2016 3671 Programming the PLC 11.4 Instructions Result of "CAN_DINT" Network 3: As long as OB20 is set and enabled ("#statWord" has the value "16#0014"), the comparator returns the signal state "TRUE" and CAN_DINT can be executed. When the normally open contact ("executeCan") supplies the signal state "TRUE", the "CAN_DINT" instruction is executed. The instruction disables OB20 and deletes the set call data of OB20. The output parameter RET_VAL ("returnValueCan") indicates that processing took place without errors. The execution of CAN_DINT sets the coil ("#statMem") to "TRUE" and network 4 is executed. Result of the reset Network 4: When the normally open contact ("#statMem") supplies the signal state "TRUE", the tag "testCurrCount" is reset to the value "0" with the instruction "MOVE". Reset ("executeCan") in the signal state "TRUE" also automatically ends the execution of the instruction "CAN_DINT". Result of the status information "qryStatusBool" The FB "SLI_itemiseStatus_DINT" is called in network 7. The significant bits of the tag "qryStatusBool" are evaluated and output as Boolean tags with plain-text name. When a tag of the structure "itemiseStatus" supplies the signal state "TRUE", its statement is correct. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3672 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Synchronous errors (S7-1500) Mask synchronous error events (S7-1500) Introduction Synchronous errors are programming and access errors. Such errors occur as a result of programming with incorrect operand areas or numbers, or incorrect addresses. Masking these synchronous errors means the following: Masked synchronous errors do not trigger an error OB call and do not lead to a programmed alternative reaction. The CPU "records" the masked errors that have occurred in an error status register. Masking is carried out by calling the "MSK_FLT (Page 3679)" instruction. Unmasking errors means canceling a previously set mask and clearing the corresponding bit in the event status register of the current priority class. Masking is canceled as follows: By calling the "DMSK_FLT (Page 3680)" instruction. Once the current priority class has been completed. If an error event occurs after it has been unmasked, the operating system will start the associated error OB. You can use the "READ_ERR (Page 3680)" instruction to read the masked errors that have occurred. Note Regardless of masking or unmasking of the error events for the S7-1500, the error event is entered in the diagnostic buffer and the group error LED of the CPU lights up. WinCC Advanced V14 System Manual, 10/2016 3673 Programming the PLC 11.4 Instructions Handling errors in general Different actions are possible if programming and I/O area access errors occur in a user program: You can program an error OB that is called by the operating system when the corresponding error occurs. You can disable the error OB call individually for each priority class. If an error of this type occurs in the priority class, the CPU does not change to STOP in this case. The CPU enters the error in an error register. From this entry, however, you do not recognize when or how often this error has occurred. 6\QFKURQRXVHUURU 1R (UURUPDVNHG" <HV &DOORIDQHUURU2% &38 VZLWFKHVWR6723LIWKH HUURU2%LVQRWSURJUDP PHG %ORFNLQJWKHFDOORIDQ HUURU2% &38GRHVQRW VZLWFKWR6723ZKHQDQ HUURURFFXUV 7KHGHVLUHGUHVSRQVHWR DQHUURULVSURJUDPPHGLQ WKH2% $QHUURUHYHQWLVUHFRUGHG LQWKHHYHQWVWDWXV UHJLVWHU Synchronous errors are assigned to a particular bit pattern known as the error filter. You can find this error filter in the input and output parameters of the "MSK_FLT (Page 3679)", "DMSK_FLT (Page 3680)", and "READ_ERR (Page 3680)" instructions. Synchronous errors are divided into programming and access errors which you can mask in two error masks. The error filters are illustrated in the following figures. 3674 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Programming error filter The following figure shows the bit pattern of the error filter for programming errors. The error filter for the programming errors is available in the "PRGFLT_..." parameters (see below "Programming errors, Low-Word" or "Programming errors, High-Word"). %LWQR ; ; ; ; ; ; ; %&'FRQYHUVLRQHUURU $UHDOHQJWKHUURUZKHQUHDGLQJ $UHDOHQJWKHUURUZKHQZULWLQJ $UHDHUURUZKHQUHDGLQJ $UHDHUURUZKHQZULWLQJ 7LPHUQXPEHUHUURU &RXQWHUQXPEHUHUURU $OLJQPHQWHUURUZKHQUHDGLQJ $OLJQPHQWHUURUZKHQZULWLQJ %LWQR ; ; ; ; ; :ULWHHUURUGDWDEORFN :ULWHHUURULQVWDQFHGDWDEORFN %ORFNQXPEHUHUURU'% %ORFNQXPEHUHUURU', %ORFNQXPEHUHUURU)& %ORFNQXPEHUHUURU)% '%QRWORDGHG )&QRWORDGHG 6)&QRWORDGHG )%QRWORDGHG 6)%QRWORDGHG /HJHQG ; 1RWUHOHYDQW The non-relevant bits "x" are set to "0" for the input and output parameters of the instructions "MSK_FLT (Page 3679)", "DMSK_FLT (Page 3680)", "READ_ERR (Page 3680)". WinCC Advanced V14 System Manual, 10/2016 3675 Programming the PLC 11.4 Instructions Access error mask The following figure shows the bit pattern of the error mask for access errors. The error mask for access errors is located in the parameters ACCFLT_... /RZ ZRUG %LWQR ; ; ; ; ; ; ; ; ; ; ; ; ; ; ,2DFFHVVHUURUZKHQUHDGLQJ ,2DFFHVVHUURUZKHQZULWLQJ +LJK ZRUG /HJHQG %LWQR ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; 1RWUHOHYDQW Example: The following figure shows how the low word of the error mask for access errors appears with all masked errors. As input parameter for "MSK_FLT (Page 3679)" As output parameter for "MSK_FLT (Page 3679)" ,QSXW SDUDPHWHU %LWQR 0DVNHGHUURUV 2XWSXW SDUDPHWHU /HJHQG 3676 %LWQR ; ; ; ; ; ; ; ; ; ; ; ; ; ; 0DVNHGHUURUV ; 1RWUHOHYDQW 1RWPDVNHG 0DVNHG WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Programming error low word The following table lists the errors assigned to the low word of the error filter for programming errors. The possible causes of the errors are also listed. Error Event ID (W#16#...) Possible cause of error BCD conversion error 2521 The value to be converted is not a BCD number (e.g. 5E8). Area length error when reading 2522 An addressed operand is not located entirely within the possible operand range. Example: MW 320 should be read although the memory area is only 256 bytes long. Area length error when writing 2523 An addressed operand is not located entirely within the possible operand range. Example: A value should be written to MW 320 although the memory area is only 256 bytes long. Area error when reading 2524 An incorrect range identifier for the operand was specified during indirect, overlapping range addressing. Example: Correct: LAR1 P#E 12.0 L W[AR1, P#0.0] Incorrect: LAR1 P#12.0 L W[AR1, P#0.0] The area error is reported during this operation. Area error when writing 2525 An incorrect range identifier for the operand was specified during indirect, overlapping range addressing. Example: Correct: LAR1 P#E 12.0 T W[AR1, P#0.0] Incorrect: LAR1 P#12.0 T W[AR1, P#0.0] The area error is reported during this operation. Timer number error (not imple mented with the S7-1500) 2526 A non-existent timer is accessed. Example: SI T [MW 0] with MW 0 = 129; the timer 129 should be started although there are only 128 timers available. Counter number error (not imple mented with the S7-1500) WinCC Advanced V14 System Manual, 10/2016 2527 A non-existent counter is accessed. Example: ZV Z [MW 0] with MW 0 = 600; the counter 600 is accessed although only 512 counters are available. 3677 Programming the PLC 11.4 Instructions Error Event ID (W#16#...) Possible cause of error Alignment error when reading 2528 A byte, word or double word operand with a bit address 0 is addressed. Example: Correct: LAR1 P#M12.0 L B[AR1, P#0.0] Incorrect: LAR1 P#M12.4 L B[AR1, P#0.0] Alignment error when writing 2529 A byte, word or double word operand with a bit address 0 is addressed. Example: Correct: LAR1 P#M12.0 T B[AR1, P#0.0] Incorrect: LAR1 P#M12.4 T B[AR1, P#0.0] Programming error high word The following table lists the errors assigned to the high word of the error filter for programming errors. The possible causes of the errors are also listed. Error Event ID (W#16#...) Possible cause of error Write error data block 2530 The data block to be written to is write-protected. Write error instance data block 2531 The instance data block to be written to is write-protected. Block number error DB 2532 The number of the data block is greater than the highest permissible number. Block number error DI 2533 The number of the instance data block is greater than the highest per missible number. Block number error FC 2534 The number of a called function (FC) is greater than the highest permis sible number. Block number error FB 2535 The number of a called function block (FB) is greater than the highest permissible number. DB not loaded 253A The data block is not loaded. Instruction not loaded 253C to 253F The instruction to be called is not loaded. Access error The following table contains the errors that are assigned to the error mask for access errors. The possible causes of the errors are also listed. Error Event ID (W#16#...) Possible cause of error I/O access error when reading 2942 The address in the I/O area has no assigned signal module. I/O access error when writing 2943 Access to this I/O area was not acknowledged within the specified module monitoring time (timeout). 3678 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MSK_FLT: Mask synchronous error events (S7-1500) Description You use the instruction to control the reaction of the CPU to synchronous errors. This is done by masking the respective synchronous errors (for error filters, see Mask synchronous error events (Page 3673)). When you call "MSK_FLT", you mask the synchronous errors in the current priority class. If you set individual bits of the synchronous error filter to "1" in the input parameters, other bits that were set previously retain their value of "1". You obtain new error filters that you read out using the output parameters. The synchronous errors you have masked do not call an OB but are simply entered in an error register. You read the event status register with the instruction "READ_ERR (Page 3680)". Parameters The following table shows the parameters of the instruction "MSK_FLT": Parameter Declaration Data type Memory area Description PRGFLT_SET_MASK Input DWORD I, Q, M, D, L or constant Programming error to be masked ACCFLT_SET_MASK Input DWORD I, Q, M, D, L or constant Access error to be masked RET_VAL Return INT I, Q, M, D, L Error information PRGFLT_MASKED Output DWORD I, Q, M, D, L Masked programming errors ACCFLT_MASKED Output DWORD I, Q, M, D, L Masked access errors You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 None of the errors were already masked. 0001 At least one of the errors was already masked. Nevertheless, the other errors will be masked. - General error information See also: Getting error ID locally with GetErrorID (Page 3251) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3679 Programming the PLC 11.4 Instructions DMSK_FLT: Unmask synchronous error events (S7-1500) Description You use the instruction to unmask the errors masked with "MSK_FLT (Page 3679)". To do this, you must set the corresponding bits of the error filter to "1" in the input parameters. With the "DMSK_FLT" call, you unmask the corresponding synchronous errors of the current priority class. At the same time, the queried entries are cleared in the error register. You read out the new error filters using the output parameters. Parameters The following table shows the parameters of the instruction "DMSK_FLT": Parameter Declaration Data type Memory area Description PRGFLT_RE SET_MASK Input DWORD I, Q, M, D, L or constant Programming errors to be unmasked ACCFLT_RE SET_MASK Input DWORD I, Q, M, D, L or constant Access errors to be unmasked RET_VAL Return INT I, Q, M, D, L Error information PRGFLT_MASKE D Output DWORD I, Q, M, D, L Still masked programming errors ACCFLT_MASKE D Output DWORD I, Q, M, D, L Still masked access errors You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Description 0000 All specified errors were unmasked. 0001 At least one of the errors was not masked. Nevertheless, the other errors will be unmasked. - General error information See also: GET_ERR_ID: Get error ID locally (Page 3251) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". READ_ERR: Read out event status register (S7-1500) Description You use the instruction to read the error register. The structure of the error register corresponds to that of the programming and access error masks, which you can program as input parameters with "MSK_FLT (Page 3679)" and "DMSK_FLT (Page 3680)". 3680 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions In the input parameters, you enter the synchronous errors you want to read from the error register. When you call "READ_ERR", you read the required entries from the error register and at the same time clear these entries. The error register contains information that tells you which of the masked synchronous errors in the current priority class occurred at least once. If a bit is set, this means that the corresponding masked synchronous error occurred at least once. Parameters The following table shows the parameters of the instruction "READ_ERR": Parameter Declaration Data type Memory area Description PRGFLT_QUERY Input DWORD I, Q, M, D, L or constant Query programming error ACCFLT_QUERY Input DWORD I, Q, M, D, L or constant Query access error RET_VAL Return INT I, Q, M, D, L Error information PRGFLT_CLR Output DWORD I, Q, M, D, L Programming errors that occurred ACCFLT_CLR Output DWORD I, Q, M, D, L Access errors that occurred You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 All queried errors are masked. 0001 At least one of the queried errors is not masked. - General error information See also: Getting error ID locally with GetErrorID (Page 3251) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Asynchronous error event (S7-1200, S7-1500) DIS_IRT: Disable interrupt event (S7-1500) Description The instruction "DIS_IRT" is used to disable the processing of new interrupts and asynchronous error events. Disabling means that if an interrupting event occurs, the operating system of the CPU reacts as follows: It neither calls an interrupt OB nor an asynchronous error OB, nor does it trigger the normal reaction if an interrupt OB or asynchronous error OB is not programmed. WinCC Advanced V14 System Manual, 10/2016 3681 Programming the PLC 11.4 Instructions If you disable interrupts and asynchronous error events, this remains in effect for all priority classes. The disable is only canceled with the instruction "EN_IRT (Page 3683)" or by a warm or a cold restart. Note Remember that when you program the "DIS_IRT" instruction, all interrupts that occur will be discarded. Parameters The following table shows the parameters of the "DIS_IRT" instruction: Parameter Declaration Data type Memory area Description MODE Input BYTE I, Q, M, D, L or constant Specifies which interrupts and asynchro nous errors are disabled. OB_NR Input INT I, Q, M, D, L or constant OB number RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value contains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter MODE MODE (B#16#...) Meaning 00 All newly occurring interrupts and asynchronous error events are disabled (with the exception of the pro gramming error and the error during direct access to I/O data and the Motion Control OBs). Assign the value "0" to the OB_NR parameter. Entries continue to be made in the diagnostics buffer. 01 All newly occurring events belonging to a specified interrupt class are disabled. Identify the interrupt class by specifying it as follows: Time-of-day interrupts: 10 Time-delay interrupts: 20 Cyclic interrupts: 30 Process interrupts: 40 Interrupts for DPV1: 50 Synchronous cycle interrupt: 60 Redundancy error interrupts: 70 Asynchronous error interrupts: 80 Entries continue to be made in the diagnostics buffer. 02 3682 All new occurrences of a specified interrupt are disabled. You designate the interrupt using the OB number. Entries continue to be made in the diagnostics buffer. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 The OB_NR input parameter contains an invalid value. 8091 The MODE input parameter contains an invalid value. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". EN_IRT: Enable interrupt event (S7-1500) Description You use the instruction to enable the processing of new interrupts and asynchronous error events that you have previously disabled with the "DIS_IRT (Page 3681)" instruction. This means that if an interrupt event occurs, the CPU operating system reacts in one of the following ways: It calls an interrupt OB or asynchronous error OB. or it triggers the specified reaction if an interrupt OB or asynchronous error OB is not programmed. Parameters The following table shows the parameters of the "EN_IRT" instruction: Parameter Declaration Data type Memory area Description MODE Input BYTE I, Q, M, D, L or constant Specifies which interrupts and asynchronous error events will be ena bled. OB_NR Input INT I, Q, M, D, L or constant OB number RET_VAL Return INT I, Q, M, D, L If an error occurs while the instruction is being executed, the return value con tains an error code. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3683 Programming the PLC 11.4 Instructions Parameter MODE MODE Meaning 0 All newly occurring interrupts and asynchronous error events are enabled with the exception of the programming error and the error during direct access to I/O data and the Motion Control OBs. 1 All newly occurring events belonging to a specified interrupt class are enabled. Identify the interrupt class by specifying it as follows: Time-of-day interrupts: 10 Time-delay interrupts: 20 Cyclic interrupts: 30 Process interrupts: 40 Interrupts for DPV1: 50 Synchronous cycle interrupt: 60 Redundancy error interrupts: 70 Asynchronous error interrupts: 80 2 All newly occurring events of a specified interrupt are enabled. You designate the interrupt using the OB number. Parameter RET_VAL Error code* Description (W#16#...) 0000 No error occurred. 8090 The OB_NR input parameter contains an invalid value. 8091 The MODE input parameter contains an invalid value. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". DIS_AIRT: Delay execution of higher priority interrupts and asynchronous error events (S7-1200, S7-1500) Description You use "DIS_AIRT" to delay the processing of interrupt OBs whose priority are higher than the priority of the current organization block. You can call "DIS_AIRT" multiple times in an organization block. The "DIS_AIRT" calls are counted by the operating system. Processing is delayed more and more each time "DIS_AIRT" is executed. To cancel a delay, you must execute the "EN_AIRT (Page 3685)" instruction. The processing delay applies until the number of executions of "EN_AIRT (Page 3685)" matches the number of calls of "DIS_AIRT" or the current OB has been worked through. You query the number of delays in the RET_VAL parameter of the "DIS_AIRT instruction". If the value in the RET_VAL parameter is "0", there are no delays. 3684 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DIS_AIRT" instruction: Parameter Declaration Data type Memory area Description RET_VAL Return INT I, Q, M, D, L Number of delays You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Return value Description n "n" shows the number of processing delays, i.e., the number of DIS_AIRT calls, after the instruction is completed. If n = 0, interrupt handling is first enabled again; see EN_AIRT (Page 3685). EN_AIRT: Enable execution of higher priority interrupts and asynchronous error events (S7-1200, S7-1500) Description You use "EN_AIRT" to enable processing of organization blocks when interrupts occur that have been delayed by the "DIS_AIRT (Page 3684)" instruction. When "EN_AIRT" is executed, you cancel a processing delay that was registered by the operating system when "DIS_AIRT (Page 3684)" was called. To cancel all delays, the number of "EN_AIRT" executions must be equal to the number of "DIS_AIRT (Page 3684)" calls. Example: You have called "DIS_AIRT (Page 3684)" five times. As a result, the processing is also delayed five times. After this, you must call the "EN_AIRT" instruction five times in order to cancel all five delays. In the EN_AIRT parameter of the "EN_AIRT" instruction, you query the number of interrupt delays that have not yet been enabled after the execution of "RET_VAL". The value "0" in the RET_VAL parameter means that all delays enabled by "DIS_AIRT (Page 3684)" have been cancelled. Parameters The following table shows the parameters of the "EN_AIRT" instruction: Parameter Declaration Data type Memory area Description RET_VAL Return INT I, Q, M, D, L Number of configured delays You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3685 Programming the PLC 11.4 Instructions Parameter RET_VAL Return value/ Description Error code* (W#16#...) n "n" shows the number of processing delays that are not yet enabled after the instruction is completed. If n = 0, interrupt handling is first enabled again. 8080 Although the interrupt processing was already enabled, the function was called again. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Alarms (S7-1200, S7-1500) Program_Alarm: Generate program alarm with associated values (S7-1500) Description The instruction "Generate program alarm with associated values" monitors a signal and on a signal change at the parameterSIG generates a program alarm (for definition, see also: AUTOHOTSPOT). An incoming program alarm is generated with a signal change from 0 to 1 and an outgoing program alarm is generated with a signal change from 1 to 0. The program alarm is triggered synchronously to program execution. You can append up to ten associated values to the program alarm at the parametersSD_i (0 i 10). The associated values are detected at the time of signal change at parameter SIG and assigned to the program alarm. For more information on configuring associated values, refer to the following sections: AUTOHOTSPOT, AUTOHOTSPOT. Each incoming or outgoing alarm is assigned a time stamp: The current system time of the PLC when the signal change occurs is used by default (default value at the TIMESTAMP parameter). If you wish to specify a different time stamp, you can create one at the parameter TIMESTAMP. The time value must always be specified in system time (i.e. UTC) as this is the time used for time synchronization throughout the plant. If an alarm is to be time-stamped with a local time, a conversion module, which converts the local time to system time, must be connected in series. This is the only way to make sure that the time stamp is shown properly in the alarm display. To use the current system time of the CPU, set the TIMESTAMP parameter to its default value (LDT#1970-01-01-00:00:00.0). 3686 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Call of the instruction "Generate program alarm with associated values" Call the instruction only in a function block (FB). The block is processed synchronously. An alarm is triggered as soon as the block is exited. If there is an error during processing, an error code is output. Once the instruction has been inserted in the FB, a multi-instance of the data type "Program_Alarm" is created in the "Static" section of the block interface. Choose any name for this multi-instance in the dialog which appears. It is also the name of the program alarm. Finally, add the parameters of the instruction in line with your requirements (see the "Parameters" table). Configuring the program alarm The program alarm settings are displayed in the "Properties" window when you select the name of the program alarm in the "Static" section or in the network of the FB. Select the alarm class, priority, etc. and edit the alarm text. The settings that are made here can be edited in the project tree. To do this, open the "Alarms" tab under "PLC supervisions & alarms"; in it open the "Program alarms" tab. All existing program alarms are then displayed in the "Alarm types" table. WinCC Advanced V14 System Manual, 10/2016 3687 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the instruction "Generate program alarm with associated values": Parameter Declaration Data type Memory area Description SIG Input BOOL I, Q, M, D, L, T, C or constant The signal to be monitored. Positive signal edge: An incoming program alarm is generated Negative signal edge: An outgoing program alarm is generated TIMESTAMP Input LDT M, D, L or constant This parameter is used to as sign an alarm a time stamp, for example, from an input signal with a distributed stamp. The time value must always be specified in sys tem time (i.e. UTC), as this is the time used for time syn chronization throughout the plant. "Not assigned" means that the system time of the CPU will be used as the interrupt time stamp when a signal change occurs (default). Any system time input will be used as the interrupt time stamp when a signal change occurs. Note: If an interrupt is to be time-stamped with a local time, a conversion module must be connected in series to convert the local time to system time. This is the only way to make sure that the time stamp is shown correct ly in the interrupt display. SD_i Input VARIANT I, Q, M, D, L i-th associated value (1 i 10) You can use binary numbers, integers, floating-point num bers, or character strings as associated values. 3688 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description Error Output BOOL I, Q, M, D, L Status parameter Error Error = TRUE indicates that an error has occurred during processing. The possible er ror cause is displayed at the Status parameter. Status Output WORD I, Q, M, D, L Status parameter Status Display of error information (see "Error and Status pa rameters"). You can find additional information on valid data types under "See also". Error and Status parameters The following table contains all specific error information that is output via the Error and Status parameters. Error Status* Explanation 0 0000 No error, or the instruction was not processed because there was no signal edge at the parameter SIG. 1 0085 "Only information" alarm type 1 8001 Invalid static alarm information 1 8002 No valid static alarm information 1 8004 Maximum size of 512 bytes reached for the associated values of the alarm. 1 8005 A positive signal edge is pending at parameter SIG and there is still an alarm pending which has not yet been acknowledged. 1 8007 Outgoing alarm which was not preceded by an incoming alarm. 1 8087 Static alarms are deactivated. 1 8089 Alarm is too long. 1 80Ax The SD_i parameter has an invalid value. 1 80C1 The CPU does not generate any alarms at this time because initialization rou tines are running (this is the case after download in RUN, for example). Try again later. 1 80C2 The maximum number of alarms per time unit has been sent. Try again later. 1 80C3 All dynamic alarm instances are being used. Try again later. 1 80C4 Alarm is output and is not overwritten. Try again later. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you generate a program alarm with associated value for a signal change. Create one tag in a global data block for storing the signal value to be monitored. WinCC Advanced V14 System Manual, 10/2016 3689 Programming the PLC 11.4 Instructions The instruction is called in a function block. Create four parameters for the function block for interconnection of the instruction. Interconnect the parameters of the instruction as follows. Call the function block in an OB. 3690 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions A PLC alarm is generated automatically when the instruction is created. Open the PLC supervisions & alarms dialog and select the alarm to be edited in the Program alarms tab. Create the alarm text, including two key words. Note: If you right-click in the text box, you can insert a key word, tag, or text list. As a result of the character sequence "@1%s@", the value of parameter SD_1 ("#MyStaticText") is read out and output as a character string. See also: AUTOHOTSPOT If parameter SIG ("CreateAlarm") has the signal state "TRUE", the PLC alarm is output. At output parameter STATUS ("OUTPUT_Status"), the value "0001" indicates that a signal change has occurred. Then, it is indicated that no further processing is taking place (the value is "0000"). At parameter SD_1 ("#MyStaticText"), the associated value of the PLC alarm is output. A time stamp can be transferred to parameter TIMESTAMP. If not interconnected, parameter TIMESTAMP outputs the local time of the CPU clock. At output parameter ERROR ("OUTPUT_Error"), it is indicated that the processing of the instruction was error-free. WinCC Advanced V14 System Manual, 10/2016 3691 Programming the PLC 11.4 Instructions Use the web server of the CPU, for example, to output the PLC alarm. The following is necessary in order to use the web server: The web server must be activated in the CPU settings. Use the Internet browser to open the Web server (via the IP address of the CPU) and log on in the Web server menu. The CPU outputs the alarm text as long as the signal being monitored ("CreateAlarm") supplies the value "TRUE". You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) Example You can find a detailed application example in the Siemens Industry Online Support (https:// support.industry.siemens.com/cs/document/98210758?dti=0&lc=en-WW). See also Overview of the valid data types (Page 2131) 3692 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Get_AlarmState: Output alarm status (S7-1500) Description Use the instruction "Output alarm status" to output the alarm status of a program alarm. There are three possible alarm statuses: Incoming Outgoing Acknowledged The output of the alarm status always refers to a program alarm that was created using the instruction "Generate program alarm with associated values". The program alarm is selected with the Alarm input parameter. Specify the instance DB of the instruction "Generate program alarm with associated values" at the parameter Alarm. The alarm status is returned in a byte via the AlarmState output parameter. The meaning of the individual bits is shown in the following figure: $6B67$7(B,1)2 9 7 7 2* 2& $* $& 6 $ODUPVWDWXV 6 ,QFRPLQJ 6 2XWJRLQJ $ODUPVWDWXV $& ,QFRPLQJDODUPZDVDFNQRZOHGJHG $* 2XWJRLQJDODUPZDVDFNQRZOHGJHG 6LJQDO2YHUIORZ 2& 2YHUIORZGXHWRLQFRPLQJDODUPV 2* 2YHUIORZGXHWRRXWJRLQJDODUPV 5HVHUYHG 6WDWXVRIDODUPLQIRUPDWLRQ 9 $ODUPLQIRUPDWLRQLQYDOLG 9 $ODUPLQIRUPDWLRQYDOLG The execution status of the instruction is shown with the output parameters Error and STATUS. WinCC Advanced V14 System Manual, 10/2016 3693 Programming the PLC 11.4 Instructions Parameters The following table lists the parameters of the instruction "Output alarm status": Parameter Declaration Data type Memory area Description Alarm Input ALARM_BASE D Instance of the instruction "Generate program alarm with associated values" Alarm.Messagetype = Alarm_AP, the the bit Ac has either the signal status 0 or 1 and the bit Ag has the signal status 1 - not active: 0x86 (1000 0110) - active/not acknowledged: 0x85 (1000 0101) - active/acknowledged: 0x87 (1000 0111) - outgoing/not acknowledged: 0x84 (1000 0100) Alarm.Messagetype = Notify_AP, the the bit Ac has either the signal status 0 or 1 and the bit Ag has the signal status 1 - not active: 0x86 (1000 0110) - active: 0x85 (1000 0101) Alarm.Messagetype = Inforeport_AP, the bits Ac and Ag both have the signal status 1 - Static: 0x86 (1000 0110) If the alarm is not active or it is an Inforeport, bit S has the signal status 0. AlarmState 3694 Output BYTE I, Q, M, D, L Status of the alarm as a bit array WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description Error Output BOOL I, Q, M, D, L Status parameter 0: No error 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy STA TUS to a free data area. You can find additional information on valid data types under "See also". Parameter STATUS Error code* (W#16#...) Explanation 8001 Invalid static alarm instance 8002 ID of the alarm is invalid 8003 No active alarms within the alarm class Alarm_AP: The alarm is outgoing and acknowledged. Notify_AP: The alarm is outgoing. Inforeport Bit V is set to signal status 0. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you output the alarm status of a program alarm. Create four tags in a global data block for storing the data. The "Get_AlarmState" instruction is called together with the "Program_Alarm" instruction in a function block. Create four parameters for the function block for interconnection of the instructions. WinCC Advanced V14 System Manual, 10/2016 3695 Programming the PLC 11.4 Instructions Interconnect the parameters of the instructions as follows. Call the function block in an OB. A PLC alarm is generated automatically when the "Program_Alarm" instruction is created. Open the PLC alarms dialog and select the alarm to be processed on the Program alarms tab. Create the alarm text, including two key words. Select the following settings for the alarm. The alarm belongs to the alarm class "Notify_AP". 3696 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If input parameter SIG ("CreateAlarm") of the "Program_Alarm" instruction has the signal state "TRUE", the PLC alarm is output. In the case of the "Get_AlarmState" instruction, the following occurs: The PLC alarm is communicated to the "Get_AlarmState" instruction using input parameter ALARM. At output parameter AlarmState ("AS_statusBYTE"), it is indicated that the alarm corresponding to the alarm class "Notify_AP" is active. At output parameters ERROR ("outputERROR") and STATUS ("outputSTATUS"), it is indicated that the processing of the instruction is proceeding error-free. For the output of the PLC alarm, use the web server of the CPU. You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434) Example You will find a detailed application example in the Siemens Industry Online Support. (https:// support.industry.siemens.com/cs/document/98210758?dti=0&lc=en-WW) See also Overview of the valid data types (Page 2131) Program_Alarm: Generate program alarm with associated values (Page 3686) Gen_UsrMsg: Generate user diagnostic alarms (S7-1200, S7-1500) Description You use the "Gen_UsrMsg" instruction to generate an alarm that is entered in the diagnostic buffer. You use the Mode parameter to select whether an incoming or an outgoing alarm is to be generated: When Mode = 1: Create an incoming alarm. When Mode = 2: Create an outgoing alarm. Regardless of whether an incoming or outgoing alarm is generated, the alarm always has the attribute "Information only". The entry in the diagnostic buffer is created synchronously. Alarm transmission is asynchronous. WinCC Advanced V14 System Manual, 10/2016 3697 Programming the PLC 11.4 Instructions If an error occurs during the execution of an instruction, it is output via the parameter RET_VAL. Content of the alarm The content of the alarm is defined with a text list: Specify the text list you want to use with the parameter TextListID. For this purpose, open the dialog "PLC alarm text lists" in the project navigation. Show the column "ID" in the dialog "Text lists". Apply the ID at the parameter TextListID. Use the parameter TextID to select the text list entry you want to write in the diagnostic buffer. For this purpose select an entry from the "Text lists entries" dialog by applying a number from the columns "Range from / range to" at the parameter TextID. The same number must be used from both the "Range from" and "Range to" columns for the text list entry. Additional information about text lists can be found here: Text lists (Page 435) Defining associated values New associated values to be added to the alarm are defined in the text list entry: Associated values are defined by adding the following information in the text list entry: @<No. of the associated value><Element type><Format specification>@ Use the system data type AssocValues to specify which associated value is added when generating the alarm. Additional information on the structure of associated values can be found here: AUTOHOTSPOT Parameters The following table shows the parameters of the "Gen_UsrMsg" instruction: Parameter Declaration Data type Memory area Description Mode Input UInt I, Q, M, D, L or con Parameters for selecting the stant status of the alarm: 1: incoming alarm 2: outgoing alarm TextID Input UInt I, Q, M, D, L or con ID of the text list entry that stant should be used for the alarm text. TextListID Input UInt I, Q, M, D, L or con ID of the text list that contains stant text list entry. Ret_Val Return Int I, Q, M, D, L Error code of the instruction. AssocValues InOut VARIANT D, L Pointer to the system data type AssocValues that allows you to define the associated values. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3698 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter AssocValues Use the system data type AssocValues to define which associated values will be sent. A maximum of 8 associated values are possible. The structure of the system data type is created by entering the data type "AssocValues" as a data block. The associated values are selected by entering the numbers of the associated values for the parameters Value[x]. Note the following: The values for TextID and TextListID are treated by the instruction as the associated values to be sent. As a result, "1" and "2" are already assigned as numbers for addressing associated values. Do not use the numbers "1" or "2" to address associated values. Address the associated value at parameter Value [1] as number "3", at parameter Value [2] as number "4", and so forth. Byte Parameter Data type Start value Description Number of the associ ated value 0..1 Value[1] UINT 0 First associ ated value of the alarm. 3 2..3 Value[2] UINT 0 Second associ 4 ated value of the alarm. 4..5 Value[3] UINT 0 ... 5 6..7 Value[4] UINT 0 ... 6 8..9 Value[5] UINT 0 ... 7 10..11 Value[6] UINT 0 ... 8 12..13 Value[7] UINT 0 ... 9 14..15 Value[8] UINT 0 Eighth associ ated value of the alarm. 10 Parameter RET_VAL The following table contains all specific error information that is output via the RET_VAL parameter. Error code* (W#16#...) Explanation 0000 No error 8080 Value in the Mode parameter is not supported. 80C1 Resource bottleneck due to too many parallel calls. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you generate an alarm that is entered in the diagnostic buffer. WinCC Advanced V14 System Manual, 10/2016 3699 Programming the PLC 11.4 Instructions Create five tags and an "AssocValues" structure (with the AssocValues data type) in a global data block for storing the data. Interconnect the parameters of the instruction as follows. Use the "Text lists" entry to create a Text list and a Text list entry for the alarm. Apply the ID of the text list at parameter TextListID ("myLIST"). Apply the ID (Range ...) of the text list entry at parameter TextID ("myTEXT"). Assign the alarm parameters as follows. If the normally open contact ("execute") supplies the signal state "TRUE", the "Gen_UsrMsg" instruction is executed. According to the value of parameter Mode ("myMODE"), an incoming 3700 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions alarm is generated. The alarm to be output is made known to the instruction using parameters TextListID ("myLIST") and TextID ("myTEXT"). The associated values of the alarm are transferred using parameter AssocValues ("AssocValues"). When the alarm is generated, the character string "@5I%6d@" contained in the alarm text is interpreted as follows: The associated value with the number "5" is read out in the INT data type. The number corresponds to parameter Value[3] of the "AssocValues" structure. The associated value is output as a decimal number. The decimal number is limited to six places. At output parameter Ret_Val ("returnValue"), it is indicated that the processing of the instruction was error-free. For the output of the alarm, for a CPU of the S7-1500 series, open the entry "Online & Diagnostics > Diagnostic buffer". You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Example You will find a detailed application example in the Siemens Industry Online Support (https:// support.industry.siemens.com/cs/document/98210758?dti=0&lc=en-WW). WinCC Advanced V14 System Manual, 10/2016 3701 Programming the PLC 11.4 Instructions Get_Alarm: Read pending alarm (S7-1500) Description Using the "Read pending alarms" instruction, you can log on for alarms generated in the user program and copy an incoming or outgoing alarm to a referenced data block. This allows you to pass on for example alarms as a STRING to a master computer. When you call the instruction with the "OperateMode = 1" and log on with this, you have to specify at least one or more display classes at the input "DispClassNr". After logging on no more alarms are lost either incoming or outgoing. The alarms are processed sequentially, starting with the oldest alarm. They are read out and stored in a data block in the CPU. You can then forward the data, e.g. using the instruction "TSEND_C", to a master computer. The instruction operates asynchronously and therefore avoids long runtimes of the function block "Get_Alarm [FB702]" that could lead to a cycle overflow. The instruction must be called recurrently in a cycle organization block and in a period of 100 ms up to maximum 1 second; otherwise, the instruction is logged off after 3 minutes. As a result of the logoff, no more alarms can be read out. In the following cases, you need to log on the instruction again using the input "OperateMode = 1": After automatic logoff because the function block "Get_Alarm [FB702]" is called too rarely. When the operating mode changes from "STOP" > "RUN". As soon as you change existing alarm configurations, such as the Program_Alarm or ProDiag, the instruction automatically logs off. You can use the instruction for alarms from the following areas: ProDiag System diagnostics GRAPH Program_Alarm Motion Control Note CPU property "Central alarm management in the PLC" If you do not enable the CPU property "Central alarm management in the PLC" in the device configuration, only the IDs of the alarm text fields are output instead of the alarm texts (alarm text, information text and additional alarm texts 1 - 9). 3702 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the instruction Read pending alarm": Parameter Declara tion Data type Memory area Description EN *) Input BOOL I, Q, M, D, L Enable input Output BOOL I, Q, M, D, L Enable output Input BYTE I, Q, M, D, L There are three possible values: ENO *) Operate Mode 1: Logon 2: Read out data 3: Logoff DataMode Input BYTE I, Q, M, D, L There are four different possible values: 0: Only the column titles are read out (Producer-ID, ID_1, ID_2, Prio, Timestamp, State) 1: The column headers and the alarm text is read out including associated values. 2: The column headers, the alarm text including associated values and the information text are read out. 3: The column headers, the alarm text including associated values, the information text and the additional alarm texts are read out. Dis pClassNr (Display class number) Input AR I, Q, M, D, L RAY[0..31 ] of UINT You can define up to 32 different display classes: 0 ... 16: User-defined display classes that can be set on the HMI device 257: System diagnostics 259: Security If you do not use the parameter, all display classes are reported. Lcid (Lo cal ID) Input UDINT I, Q, M, D, L There are different possible values: 0: All languages 1: First language with the lowest LC number 2: First language plus second language with the second lowest LC number 3: All languages or: Enter the exact LC number to select a specific language. Data WinCC Advanced V14 System Manual, 10/2016 InOut "AlarmDa I, Q, M, D, L ta" Destination area for the alarm data that was read. Alarm text structure from the PLC data type "AlarmData" according to the value at the "Data Mode" parameter. 3703 Programming the PLC 11.4 Instructions Parameter Declara tion Data type Memory area Description Data Ready BOOL I, Q, M, D, L Output Status parameter: 0: No data is available. 1: The data is available. The data is valid until the next call of the instruction. Therefore, it must be processed in the same program cycle, e.g. using a move instruction. Busy Output BOOL I, Q, M, D, L Status parameter: 0: The execution of the instruction has not yet been started or the asynchronous processing was completed. Additional information on the processing status can be found in the STATUS parameter. 1: Execution of the instruction not yet complete Further entries exist Error Output BOOL I, Q, M, D, L Status parameter: 0: No error 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. Init Output BOOL I, Q, M, D, L Status parameter: 0: No action necessary. 1: - For Mode 1: Logon was successful. - For Mode 2: The saved data is no longer valid due to reconfiguration. A new logon is required. This may be necessary in the following situations: The CPU changes from "STOP" mode to "RUN" mode. The alarm text structure was changed. You have logged on. Status Output WORD I, Q, M, D, L Error and status information *): The enable input EN and the enable output ENO are only visible in the programming languages LAD and FBD. 3704 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Status The following table shows the meaning of the values of the Status parameter: Status code* (W#16#...) Explanation 0000 No error 0001 New data is available. 8001 The value at parameter OperateMode is invalid. 8002 The Data parameter has the wrong data type. 8003 The Lcid parameter is invalid or a language selected with the Lcid parameter is not loaded. 8085 You did not specify a display class when you logged on. The instruction was logged off during the reconfiguration of supervisions (ProDiag). Automatic logoff because the function block "Get_Alarm [FB702]" is called too rarely. 80C5 The processing of the instruction is not yet completed. Please try again later. * The error codes can be displayed as integer or hexadecimal values in the program editor. For infor mation on switching the display formats, refer to "See also". PLC data type "AlarmData" The PLC data type "AlarmData" reflects the structure of an alarm. Name Data type Default value Description ProducerID UINT 0 There are different possible values: 0: Program_Alarm 4: System diagnostics 5: Standard Motion Control (T-CPU) 6: Security (for example, false login) 7: SINUMERIK 8: GRAPH 9: ProDiag ID_1 UINT 0 Alarm ID ID_2 UINT 0 ID of the alarm runtime instance This ID is also displayed in the alarm editor. This ID is an internal range ID that is significant for ProDiag and sequencers: In ProDiag, it is the supervision ID. In a sequencer, it is the step number. For the "Program_Alarm" instruction the ID is 0, and it has no significance for system diagnostics. WinCC Advanced V14 System Manual, 10/2016 PRIO UINT 0 Priorities: 0 to 16 TimeStamp LDT DT#1970-01-0 Time stamp 1-0:0:0.000000 000 3705 Programming the PLC 11.4 Instructions Name Data type Default value Description State BYTE 16#0 Status parameter: 0: Outgoing 1: Incoming LC_ID ARRAY[0..2] of UINT Returns the value that is specified at the input "Lcid": 0: All languages 1: First language with the lowest LC number 2: First language plus second language with the second lowest LC number 3: All languages or: Enter the exact LC number to select a specific language. AlarmText ARRAY[0..2] of WSTRING Alarm text with up to 254 characters (508 bytes). If the text is longer, it is truncated at 251 characters, for example WSTRING#'Meld... . InfoText ARRAY[0..2] of WSTRING Information text AddText_1 9 ARRAY[0..2] of WSTRING Additional text 1 - 9 Example You will find the example here: Program example for Get_Alarm & Ack_Alarms - Part 1 (Page 3708). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Overview of the valid data types (Page 2131) Ack_Alarms: Acknowledge alarms (S7-1500) Description You can use the "Acknowledge alarms" instruction to acknowledge all incoming and outgoing alarms in your program code with a single command. The instruction is called as soon as there is a positive signal edge either at the enable input EN (LAD / FBD) or as a preceding logic operation (STL / SCL), and the value = 1 is set at the MODE parameter. The instruction operates asynchronously and therefore avoids long runtimes of the function block "Ack_Alarms [FB701]" that could lead to a cycle overflow. The CPU acknowledges all incoming and outgoing alarms and informs all HMI devices about this acknowledgment. Any pending alarms on the displays disappear as soon as they "went out". In each case, only one acknowledgment (max. 100 alarms requiring acknowledgment) can be carried out at the same time. If additional alarms are pending, the next 100 alarms requiring acknowledgment will be confirmed automatically. 3706 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction can also be used for ProDiag supervision alarms. Parameters The following table shows the parameters of the instruction "Acknowledge alarms": Parameter Declara tion Data type Memory area Description EN *) Input BOOL I, Q, M, D, L Enable input Output BOOL I, Q, M, D, L Enable output Input BYTE I, Q, M, D, L There are two different possible values: ENO *) MODE 0: The instruction is not executed. 1: Confirm all alarms. All active alarms that can be confirmed are confirmed. ERROR Output BOOL I, Q, M, D, L Status parameter: 0: No error 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, D, L Error and status information *): The enable input EN and the enable output ENO are only visible in the programming languages LAD and FBD. Parameter STATUS The following table shows the meaning of the values of the STATUS parameter: Status code* (W#16#...) Explanation 0000 No error 7001 No error occurred and the next 100 alarms requiring acknowledgment will be confirmed. 8001 The value at parameter MODE is invalid. 80C5 A confirmation process is already running. Please try again later. * The error codes can be displayed as integer or hexadecimal values in the program editor. For infor mation on switching the display formats, refer to "See also". Example You will find the example here: Program example for Get_Alarm & Ack_Alarms - Part 1 (Page 3708). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3707 Programming the PLC 11.4 Instructions See also Overview of the valid data types (Page 2131) Program example for Get_Alarm & Ack_Alarms (S7-1200, S7-1500) Program example for Get_Alarm & Ack_Alarms - Part 1 (S7-1200, S7-1500) Introduction In the following example, you collect all alarms of the CPU 1 (S7-1500) and save the alarms. You then use a programmed connection to the CPU 2 (S7-1500) to send the alarms (in abbreviated form; in PLC data type "rcvGetAlarm") from CPU 1 to CPU 2. You also save the alarms on CPU 2. In the first part of the programming example for Get_Alarm and Ack_Alarms, you deal with the requirements and interconnection of the parameters. The results and the procedure for the connection are described here: Program example for Get_Alarm & Ack_Alarms - Part 2 (Page 3725). Note Size of the memory arrays for the alarms The memory arrays for the alarms ("alarmStorage" and "rcvdStorage") can hold up to 16 alarms when configured as described. If you want to change the memory size, you must change the array size and the maximum value "maxPosition". &38 &38 *HWB$ODUP 76(1'B& 75&9B& FXUU5HFRUG VHQG6WUXFW WUFY6WUXFW UFY*HW$ODUP UFY*HW$ODUP DODUP'DWD 3708 DODUP6WRUDJH >[@ UFYG6WRUDJH >[@ 6*HW$ODUP UFY*HW$ODUP WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements for a programmed connection You create two CPUs (S7-1500) and connect the CPUs with each other over PROFINET. You do not assign parameters to the connection. Note By setting a low protection level under Properties > Protection of the CPU, you ensure that read and write access is permitted. CPU 1: Program requirements Creating PLC tags You need the following PLC tags for the transfer and storage of alarms: You need "SGetAlarm" to save the alarms, including information about the current read loss You need "rcvGetAlarm" to transfer the alarms over TSEND_C. WinCC Advanced V14 System Manual, 10/2016 3709 Programming the PLC 11.4 Instructions Storage of data Create the following structures and tags for storing the data in a global data block ("SLI_gDB_GAalarm"). For parameter assignment of TSEND_C: For parameter assignment of Get_Alarm: 3710 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions As part of the "GetAlarm" structure for saving the alarms in the memory array: For parameter assignment of Ack_Alarms: ProDiag alarm Create three tags in a global data block ("SLI_gDB_testAlarm_GAA") for a test scenario. Create the following rule in the global data block to trigger a ProDiag alarm. To do so, open the global data block > the properties of the "startPump" tag > Supervisions. CPU 2: Program requirements Creating PLC tags Create the PLC tag "rcvGetAlarm" as described for CPU 1. WinCC Advanced V14 System Manual, 10/2016 3711 Programming the PLC 11.4 Instructions Storage of data Create the following structures and tags for storing the data in a global data block ("SLI_gDB_trcv_GAA"). CPU 1: FB "SLI_FB_send_GAA" - Interconnect parameters Create the FB "SLI_FB_send_GAA" to set up the connection between CPU 1 and CPU 2 and data transfer. Create the following local tags in the FB. 3712 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions In the FB, you use: Interconnections for canceling ("TSEND_C.stop") the data transfer. Interconnections for starting ("#do2") the data transfer. Interconnections to initiate a new data transfer ("#initiateSending", "#do"). The instruction "TSEND_C" for connection establishment and data transfer. Note Interconnection of the input parameter CONNECT of the "TSEND_C" instruction To interconnect the input parameter CONNECT, open the wizard of the "TSEND_C" instruction with "Properties > Configuration". Make the following settings for the connection of TSEND_C: Access point: Select the CPUs using the drop-down list. Interface, subnet and address are entered automatically. Connection data: Use the drop-down list and the selection "New" to create one data block per CPU. This data block is required for storing the connection data. The name of the data block can be freely selected for each CPU (communication partner). Select the connection type "TCP" and the configuration mode "Use program block". These settings set up an Ethernet connection with the "TCP" protocol and as programmed connection. You enter a freely selected connection ID. Use a connection ID that has not already been assigned. You enter a value for the partner port. The value must be >=2000. Additional information on the configuration of TSEND_C (Page 4205) is available here: Program example for send functions (Page 4228). Additional information on setup and interconnections of the FB "SLI_FB_send_GAA" is available in the program code of the example in the Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3713 Programming the PLC 11.4 Instructions CPU 1: FC "SLI_FC_switchMode_GAA" - Interconnect parameters You use the FC "SLI_FC_switchMode_GAA" to control the "Get_Alarm" instruction. Create the following local tags in the FC. Create the following interconnections in the FC. Network 1: To start the processing of Get_Alarm, create the following interconnections. Network 2: To start the processing of Get_Alarm, create the following interconnections (Part 2). Network 3: For login of Get_Alarm, create the following interconnections. 3714 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 4: To switch to the "Read" mode of Get_Alarm, create the following interconnections. Network 5: To process the "Read" mode of Get_Alarm, create the following interconnections. WinCC Advanced V14 System Manual, 10/2016 3715 Programming the PLC 11.4 Instructions Network 6: To process the "Read" mode of Get_Alarm, create the following interconnections (Part 2). 3716 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 7: To end the processing of Get_Alarm, create the following interconnections. Network 8: To end the processing of Get_Alarm, create the following interconnections (Part 2). Network 9: To end the processing of Get_Alarm, create the following interconnections (Part 3). WinCC Advanced V14 System Manual, 10/2016 3717 Programming the PLC 11.4 Instructions CPU 1: FB "SLI_FB_saveAlarms_GAA" - Interconnect parameters You create the FB "SLI_FB_saveAlarms_GAA" to copy the alarms to the memory array "GetAlarm.alarmStorage". Create the following local tags in the FB. Create the following interconnections in the FB. Network 1: The copying of alarms to the memory array "GetAlarm.alarmStorage" is decided as follows: 3718 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: To save the cell number of the memory array used last and to count the alarms, create the following interconnections. Network 3: Incrementing or resetting the cell number of the memory array is decided as follows: WinCC Advanced V14 System Manual, 10/2016 3719 Programming the PLC 11.4 Instructions Network 4: To save the success when copying to the memory array, create the following interconnections. Network 5: To end the processing of SLI_FB_saveAlarms_GAA, create the following interconnections. 3720 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Interconnect parameters You create the FB "SLI_FBCall_GetAlarm_AckA" for the following purposes: To call and modify Get_Alarm To call the blocks for copying and send processes. To call Ack_Alarms. Create the following local tags in the FB. Create the following interconnections in the FB. Network 1: Interconnect the parameters of the "SLI_FB_send_GAA" function block as follows. Network 2: Interconnect the parameters of the "SLI_FC_switchMode_GAA" FC as follows. WinCC Advanced V14 System Manual, 10/2016 3721 Programming the PLC 11.4 Instructions Network 3: Interconnect the parameters of the "Get_Alarm" instruction as follows. Network 4: Interconnect the parameters of the "SLI_FB_saveAlarms_GAA" function block as follows. 3722 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 5: Create the following interconnections to test the ProDiag alarms. Network 6: Interconnect the parameters of the "Ack_Alarms" instruction as follows. CPU 2: FB "SLI_FB_rcvdAlarms_GAA" - Interconnect parameters You create the FB "SLI_FB_rcvdAlarms_GAA" to copy the alarms to the memory array "GetAlarm.rcvdStorage". The setup and interconnections are similar to those of the FB "SLI_FB_saveAlarms_GAA". Additional information on setup and interconnections of the FB "SLI_FB_rcvdAlarms_GAA" is available in the program code of the example in the Sample Library for Instructions (Page 2434). CPU 2: FB "SLI_FBCall_trcv_GAA" - Interconnect parameters You create the FB "SLI_FBCall_trcv_GAA" to call and process TRCV_C as well as all subsequent processes. Create the following local tags in the FB. WinCC Advanced V14 System Manual, 10/2016 3723 Programming the PLC 11.4 Instructions Create the following interconnections in the FB. Network 1: Interconnect the parameters of the "TRCV_C" instruction as follows. Configure the CONNECT parameter of TRCV_C using the TRCV_C wizard. Additional information on the configuration of TRCV_C (Page 4219) is available here: Program example for send functions (Page 4228). Network 2: To save the status if a TRCV_C error occurs, interconnect the parameter as follows. Network 3: Interconnect the parameters of the "SLI_FB_rcvdAlarms_GAA" function block as follows. 3724 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Results and procedure The results and the procedure for the communication connection are described here: Program example for Get_Alarm & Ack_Alarms - Part 2 (Page 3725). Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Program example for Get_Alarm & Ack_Alarms - Part 2 (S7-1200, S7-1500) Introduction In the second part of the program example for Get_Alarm and Ack_Alarms, you will become familiar with the results of the configuration and the ProDiag alarm. The requirements and the interconnection of the parameters is available here: Program example for Get_Alarm & Ack_Alarms - Part 1 (Page 3708). Procedure for connection setup between CPU 1 and CPU 2 Observe the order of the action steps: 1. For CPU 2, change the tag "TRCV_C.start" to "TRUE". 2. For CPU 2, change the tag "TRCV_C.comControl" to "TRUE". 3. For CPU 1, change the tag "TSEND_C.start" to "TRUE". 4. For CPU 1, change the tag "TSEND_C.comControl" to "TRUE". Procedure for disconnection of CPU 1 and CPU 2 Observe the order of the action steps: 1. For CPU 1, change the tag "TSEND_C.stop" to "TRUE". 2. For CPU 2, change the tag "TRCV_C.start" to "FALSE". 3. For CPU 2, change the tag "TRCV_C.comControl" to "FALSE". WinCC Advanced V14 System Manual, 10/2016 3725 Programming the PLC 11.4 Instructions 4. For CPU 1, change the tag "TSEND_C.start" to "FALSE" and the tag "TSEND_C.stop" to "FALSE". 5. For CPU 1, change the tag "TSEND_C.comControl" to "FALSE". Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 1 If the normally open contact ("TSEND_C.start") supplies the signal state "TRUE", the "TSEND_C" instruction is started. When the input parameter CONNECT ("TSEND_C.comControl") supplies the signal state "TRUE", the "TSEND_C" instruction creates a communication connection between CPU 1 and CPU 2. Successful transfer of the data record (#sendStruct) is indicated by the output parameter DONE ("TSEND_C.done") with the signal state "TRUE" ("TSEND_C.status has the value "0000"). After transmitting the data record (#sendStruct) to CPU 2, the communication connection continues to be monitored (status "7004"). If the normally open contact ("TSEND_C.stop") supplies the signal state "TRUE", the "TSEND_C" instruction is stopped. Additional information on the operating principle of TSEND_C (Page 4205) and TRCV_C (Page 4219) is available here: Program example for send functions (Page 4228). Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 2 If the normally open contact ("GetAlarm.start") supplies the signal state "TRUE", the "Get_Alarm" instruction is started. For this purpose, the "Get_Alarm" instruction is called in mode 1 ("GetAlarm.operateMode.value") and then changes to mode 2. After it has been processed, the tag "GetAlarm.start" is automatically reset to "FALSE". If the normally open contact ("GetAlarm.stop") supplies the signal state "TRUE", the "Get_Alarm" instruction is stopped. For this purpose, the "Get_Alarm" instruction is called in 3726 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions mode 3 ("GetAlarm.operateMode.value") and then changes to inactivity (mode 0). A requirement for the stop command is successful logon of Get_Alarm ("GetAlarm.operateMode.Logon_done" is "TRUE"). After it has been processed, the tag "GetAlarm.stop" is automatically reset to "FALSE". The success state of the processed mode of Get_Alarm is recorded: "GetAlarm.operateMode.Logon_done" is "TRUE" = mode 1 was completed successfully. "GetAlarm.operateMode.ReadData_ready" is "TRUE" = mode 2 is set. Get_Alarm is ready to read. "GetAlarm.operateMode.ReadData_active" is "TRUE" = Get_Alarm is in mode 2 and busy reading the data. "GetAlarm.operateMode.Logoff_done" is "TRUE" = mode 3 was completed successfully. Note Unintentional log off of Get_Alarm When Get_Alarm is logged off in mode 2, the output parameter INIT ("GetAlarm.initiateLogin") returns the signal state "TRUE". This event is counted as read loss ("GetAlarm.currReadLoss") in FC "SLI_FC_switchMode_GAA" and the (INOUT) parameter MODE2REINIT ("GetAlarm.check.anew") of "SLI_FC_switchMode_GAA" is set to "TRUE". This results in a reset of the tags "GetAlarm.dataReady" and "GetAlarm.initiateLogin" and the "Get_Alarm" instruction is automatically restarted in mode 1. Afterwards Get_Alarm is once again ready to read in mode 2. WinCC Advanced V14 System Manual, 10/2016 3727 Programming the PLC 11.4 Instructions Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 3 When the input parameter OPERATEMODE ("GetAlarm.operateMode.value") shows the value "2", the "Get_Alarm" instruction reads all alarms of CPU 1. For this purpose, the respective alarm is recorded at the input parameter DATA ("GetAlarm.currRecord"). The signal state "TRUE" at the output parameter DATAREADY ("#dataReady") indicates a new alarm. Because the value of "#dataReady" (as well as that of "#initiate") is only set for one cycle, the status is saved with the tag "GetAlarm.dataReady". When the output parameter INIT ("#initiate") returns the signal state "TRUE" in mode 2, Get_Alarm was logged off and must be logged on again. See the note on network 2. In mode 1, "#initiate" / "GetAlarm.initiateLogin" shows the successful logon. In case of an error, the status of Get_Alarm ("GetAlarm.status") is saved with the tags "GetAlarm.memErrStatus" and "GetAlarm.memErr", and Get_Alarm is set to mode 3 to log off. When Get_Alarm is to be logged off and no error occurs ("GetAlarm.status" has the value "16#0000"), logoff is saved through "GetAlarm.operateMode.Logoff_done" with the value "TRUE". 3728 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The input parameter DATAMODE ("GetAlarm.outputMode") with the value "16#03" specifies that the alarms are read out completely (with all information). The input parameter DISPCLASSNR is not connected. This means Get_Alarm reads all display classes. The input parameter LCID ("GetAlarm.languageCodeID") with the value "0" specifies that all language versions of alarms should be read. Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 4 Under the following conditions, the currently read alarm ("GetAlarm.currRecord") as well as the read losses counted until then ("GetAlarm.currReadLoss") are saved as a combined data record in the memory array "GetAlarm.alarmStorage": "GetAlarm.dataReady" returns the signal state "TRUE". This means Get_Alarm has read a new alarm. In addition, the data record of the read alarm ("GetAlarm.currRecord") is not empty. Its alarm text is checked for this reason. Next, the position used ("#posForAlarm") is saved in the memory array "GetAlarm.alarmStorage" in the global tag "GetAlarm.posForAlarm". In addition, the alarms are counted and the current value is recorded with the global tag "GetAlarm.countAlarms". The position information ("#posForAlarm") is incremented so that a new alarm can be saved in a different cell in the memory array. A requirement for incrementing is that the limit of the memory array ("GetAlarm.maxPositon") is not exceeded. When the limit is exceeded, this fact WinCC Advanced V14 System Manual, 10/2016 3729 Programming the PLC 11.4 Instructions is noted ("GetAlarm.limitReach") and the position information ("#posForAlarm") is set to the value "0". Any subsequent alarms would therefore overwrite old alarm entries in the memory array with this setting. Successful copying is noted in the tag "GetAlarm.savingDone". The "GetAlarm.initiateSending" tag is set to initiate subsequent sending of the alarm. At the end of processing of "SLI_FB_saveAlarms_GAA", the tag "GetAlarm.dataReady" (and local tags) is reset to "FALSE". The program of "SLI_FB_saveAlarms_GAA" is only processed again when "GetAlarm.dataReady" returns the value "TRUE". Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 5 When the normally open contact ("startPump") and the normally closed contact ("closeValve") return the signal state "TRUE", the configured ProDiag alarm is triggered. Get_Alarm reads the alarm and saves it in the assigned tag ("GetAlarm.currRecord"). In network 4, the alarm is subsequently copied to the memory array ("GetAlarm.alarmStorage"). 3730 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 1 (data transmission) When the tag "GetAlarm.initiateSending" returns the signal state "TRUE", the saved position ("GetAlarm.posForAlarm") is transferred in the memory array of a local tag with the same name ("#posForAlarm") and the command is forwarded for a new data transfer. The "#initiateSending" tag is set to "TRUE". If, in addition, no error is signaled and TSEND_C is signaled as busy ("TSEND_C.error" and "TSEND_C.busy" are "FALSE"), the respective alarm ("GetAlarm.alarmStorage[..]") is transferred in abbreviated form to the structure "#sendStruct". If no stop command ("TSEND_C.stop" to "TRUE") was given, the tag "TSEND_C.start" is set to "TRUE". The start command for data transmission ("TSEND_C.start" is "TRUE") sends the abbreviated alarm ("#sendStruct") to CPU 2 over multiple cycles. Result of CPU 1: FB "SLI_FBCall_GetAlarm_AckA" - Network 6 If the normally open contact ("AckAlarm.start") supplies the signal state "TRUE", the "Ack_Alarms" instruction is started. According to the value "1" of the input parameter MODE ("#acknowledge"), Ack_Alarms acknowledges all active alarms. Processing in the example takes place without errors ("AckAlarm.error" is "FALSE" and "AckAlarm.status" has the value "16#0000"). To view the confirmations, use an HMI device or the Web server of the CPU. Result of CPU 2: FB "SLI_FBCall_trcv_GAA" - Network 1 If the normally open contact ("TRCV_C.start") supplies the signal state "TRUE", the "TRCV_C" instruction is started. When the input parameter CONNECT ("TRCV_C.comControl") supplies the signal state "TRUE", the "TRCV_C" instruction creates a communication connection between CPU 2 and CPU 1. Successful transfer of the data record (#trcvStruct) is indicated by the output parameter DONE ("TRCV_C.done" and "TRCV_C.dataReceived") with the signal state "TRUE" ("TRCV_C.status has the value "0000"). After transmitting the data record (#trcvStruct) to CPU 2, the communication connection continues to be monitored and TRCV_C is ready to receive (status "7006"). The length in Byte of the actually transmitted data record is detected with the output parameter RCVD_LEN ("TRCV_C.rcvLen"). WinCC Advanced V14 System Manual, 10/2016 3731 Programming the PLC 11.4 Instructions Additional information on the operating principle of TSEND_C (Page 4205) and TRCV_C (Page 4219) is available here: Program example for send functions (Page 4228). Result of CPU 2: FB "SLI_FBCall_trcv_GAA" - Network 2 If the normally open contact ("TRCV_C.error") returns the signal state "TRUE", the status ("TRCV_C.status") of the error is saved ("TRCV_C.memErrStatus"). Result of CPU 2: FB "SLI_FBCall_trcv_GAA" - Network 3 An alarm is saved in the memory array "GetAlarm.rcvdStorage" under the following conditions: "TRCV_C.dataReceived" returns the signal state "TRUE". This means a new data record was sent to TRCV_C. In addition, the new received data record (#trcvStruct) is not empty. 3732 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Next, the position used ("#posForAlarm") is saved in the memory array "GetAlarm.rcvdStorage" in the global tag "GetAlarm.posForAlarm". In addition, the alarms are counted and the current value is recorded with the global tag "GetAlarm.countAlarms". The position information ("#posForAlarm") is incremented so that a new alarm can be saved in a different cell in the memory array. A requirement for incrementing is that the limit of the memory array ("GetAlarm.maxPositon") is not exceeded. When the limit is exceeded, this fact is noted ("GetAlarm.limitReach") and the position information ("#posForAlarm") is set to the value "0". Any subsequent alarms would therefore overwrite old alarm entries in the memory array with this setting. Successful copying is noted in the tag "GetAlarm.savingDone". At the end of processing of "SLI_FB_rcvdAlarms_GAA", the tag "TRCV_C.dataReceived" (and local tags) is reset to "FALSE". The program of "SLI_FB_rcvdAlarms_GAA" is only processed again when "TRCV_C.dataReceived" returns the value "TRUE". Part 1 of the program example The requirements and the interconnection of the parameters is available here: Program example for Get_Alarm & Ack_Alarms - Part 1 (Page 3708). Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3733 Programming the PLC 11.4 Instructions Diagnostics (S7-1200, S7-1500) RD_SINFO: Read current OB start information (S7-1200, S7-1500) Description You use the instruction "RD_SINFO" to read the start information of the last OB called that has not yet been completely executed, and of the last startup OB started. There is no time stamp in either case. If the call is in OB 100, OB 101 or OB 102, two identical start information messages will be returned. Parameter The following table shows the parameters of the "RD_SINFO" instruction: Parameter Declaration Data type Memory area Description RET_VAL Return INT I, Q, M, D, L Error information TOP_SI Output VARIANT D, L Start information of the current OB START_UP_SI Output VARIANT D, L Start information of the startup OB last started You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". SDTs of the TOP_SI parameter The following table shows the possible SDTs for the TOP_SI parameter: Organization blocks (OB) System data types (SDT) Any SI_classic 592 SI_none 593 ProgramCycleOB SI_ProgramCycle 594 TimeOfDayOB SI_TimeOfDay 595 TimeDelayOB SI_Delay 596 CyclicOB SI_Cyclic 597 ProcessEventOB SI_HWInterrupt 598 SI_HWInterrupt_Extended 616 SI_Submodule 601 SynchronousCycleOB SI_SynchCycle 602 IOredundancyErrorOB SI_IORedundancyError 604 CPUredundancyErrorOB SI_CPURedundancyError 605 TimeErrorOB SI_TimeError 606 ProfileEventOB System data type numbers StatusEventOB UpdateEventOB 3734 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Organization blocks (OB) System data types (SDT) System data type numbers DiagnosticErrorOB SI_DiagnosticInterrupt 607 PullPlugEventOB SI_PlugPullModule 608 PeripheralAccessErrorOB SI_AccessError 609 RackStationFailureOB SI_StationFailure 610 ServoOB SI_Servo 611 IpoOB SI_Ipo 612 StartupOB SI_Startup 613 ProgrammingErrorOB SI_ProgIOAccessError 614 IOaccessErrorOB SDTs of the START_UP_SI parameter The following table shows the possible SDTs for the START_UP_SI parameter: System data types (SDT) System data type numbers SI_classic 592 SI_none 593 SI_Startup 613 Structures The following tables set out the meaning of the structure elements of the individual structures: Table 11-46 SI_classic structure Structure element Data type Description EV_CLASS BYTE Bits 0 to 3: Event ID Bits 4 to 7: Event class EV_NUM BYTE Event number PRIORITY BYTE Priority class number (Meaning of B#16#FE: OB not available or disabled or cannot be started in cur rent operating mode) NUM BYTE OB number TYP2_3 BYTE Data ID 2_3: Identifies the information entered in ZI2_3 TYP1 BYTE Data ID 1: Identifies the information entered in ZI1 ZI1 WORD Additional information 1 ZI2_3 DWORD Additional information 2_3 WinCC Advanced V14 System Manual, 10/2016 3735 Programming the PLC 11.4 Instructions Table 11-47 SI_none structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) 16#FE = Optimized start information Table 11-48 SI_ProgramCycle structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 1 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Initial_Call BOOL For OB_Class = 1, 30, 52, 61, 65 Remanence BOOL For OB_Class = 1 Table 11-49 SI_TimeOfDay structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 10 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) CaughtUp BOOL For OB_Class = 10 SecondTime BOOL For OB_Class = 10 Table 11-50 SI_Delay structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 20 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Sign WORD For OB_Class = 20 3736 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-51 SI_Cyclic structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 30 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Initial_Call BOOL For OB_Class = 1, 30, 52, 61, 65 Event_Count INT For OB_Class = 30, 51, 52, 61, 65, 91, 92 16#FE = Optimized start information Table 11-52 SI_HWInterrupt structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 40 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_IO For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 USI WORD For OB_Class = 40 IChannel USINT For OB_Class = 40 EventType BYTE For OB_Class = 40 Table 11-53 Structure SI_HWInterrupt_Extended Structure element Data type Byte Description SI_Format USINT 0 16#FF = No information OB_Class USINT := 40 1 OB class for "No information" or "Optimized start information" OB_Nr UINT 2 OB number (1 ... 32767) LADDR HW_IO 4 For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 USI WORD 6 For OB_Class = 40 IChannel USINT 8 For OB_Class = 40 EventType BYTE 9 For OB_Class = 40 PointAddr DWORD 12 For OB_Class = 40 16#FE = Optimized start information Table 11-54 SI_Submodule structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_IO For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 WinCC Advanced V14 System Manual, 10/2016 3737 Programming the PLC 11.4 Instructions Structure element Data type Description Slot UINT For OB_Class = 55, 56, 57 Specifier WORD For OB_Class = 55, 56, 57 Table 11-55 SI_SynchCycle structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 61 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Initial_Call BOOL For OB_Class = 1, 30, 52, 61, 65 PIP_Input BOOL For OB_Class = 61, 91, 92 PIP_Output BOOL For OB_Class = 61, 91, 92 IO_System USINT For OB_Class = 61, 91, 92 Event_Count INT For OB_Class = 30, 51, 52, 61, 65, 91, 92 SyncCycleTime LTIME Calculated cycle time Table 11-56 SI_IORedundancyError structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 70 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_ANY For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 Event_Class BYTE For OB_Class = 70, 83, 85, 86 Fault_ID BYTE For OB_Class = 70, 80, 83, 85, 86 Table 11-57 SI_CPURedundancyError structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 72 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Switch_Over BOOL For OB_Class = 72 3738 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-58 SI_TimeError structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 80 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Fault_ID BYTE For OB_Class = 70, 80, 83, 85, 86 Csg_OBnr OB_ANY For OB_Class = 80 Csg_Prio UINT For OB_Class = 80 16#FE = Optimized start information Table 11-59 SI_DiagnosticInterrupt structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 82 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) IO_State WORD For OB_Class = 82 LADDR HW_ANY For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 Channel UINT For OB_Class = 82 MultiError BOOL For OB_Class = 82 16#FE = Optimized start information Table 11-60 SI_PlugPullModule structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 83 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_IO For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 Event_Class BYTE For OB_Class = 70, 83, 85, 86 Fault_ID BYTE For OB_Class = 70, 80, 83, 85, 86 Table 11-61 SI_AccessError structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 85 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_IO For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 Event_Class BYTE For OB_Class = 70, 83, 85, 86 WinCC Advanced V14 System Manual, 10/2016 3739 Programming the PLC 11.4 Instructions Structure element Data type Description Fault_ID BYTE For OB_Class = 70, 80, 83, 85, 86 IO_Addr UINT For OB_Class = 85 IO_LEN UINT For OB_Class = 85 Table 11-62 SI_StationFailure structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 86 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LADDR HW_IO For OB_Class = 40, 51, 55, 56, 57, 70, 82, 83, 85, 86, 91, 92 Event_Class BYTE For OB_Class = 70, 83, 85, 86 Fault_ID BYTE For OB_Class = 70, 80, 83, 85, 86 16#FE = Optimized start information Table 11-63 SI_Servo structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 91 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) 16#FE = Optimized start information Initial_Call BOOL For OB_Class = 1, 30, 52, 61, 65 PIP_Input BOOL For OB_Class = 61, 91, 92 PIP_Output BOOL For OB_Class = 61, 91, 92 IO_System USINT For OB_Class = 61, 91, 92 Event_Count INT For OB_Class = 30, 51, 52, 61, 65, 91, 92 Synchronous BOOL Table 11-64 SI_Ipo structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT := 92 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) Initial_Call BOOL For OB_Class = 1, 30, 52, 61, 65 PIP_Input BOOL For OB_Class = 61, 91, 92 PIP_Output BOOL For OB_Class = 61, 91, 92 IO_System USINT For OB_Class = 61, 91, 92 16#FE = Optimized start information 3740 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Structure element Data type Description Event_Count INT For OB_Class = 30, 51, 52, 61, 65, 91, 92 Reduction UINT For OB_Class = 92 Table 11-65 SI_Startup structure Structure element Data type Description SI_Format USINT 16#FF = No information 16#FE = Optimized start information OB_Class USINT := 100 OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) LostRetentive BOOL For OB_Class = 100 LostRTC BOOL For OB_Class = 100 Table 11-66 SI_ProgIOAcessError structure Structure element Data type Description SI_Format USINT 16#FF = No information OB_Class USINT OB class for "No information" or "Optimized start information" OB_Nr UINT OB number (1 ... 32767) BlockNr UINT For OB_Class = 121, 122 Reaction USINT For OB_Class = 121, 122 Fault_ID BYTE For OB_Class = 121, 122 BlockType USINT For OB_Class = 121, 122 Area USINT For OB_Class = 121, 122 DBNr DB_ANY For OB_Class = 121, 122 Csg_OBNr OB_ANY For OB_Class = 121, 122 Csg_Prio USINT For OB_Class = 121, 122 Width USINT For OB_Class = 121, 122 16#FE = Optimized start information Note If this was created with the block property "Standard, the structure elements specified for the SI_classic structure are identical in content to the temporary tags of an OB. Note, however, that temporary tags of the individual OBs can have different names and different data types. Also note that the call interface of each OB includes additional information regarding the date and the time of the OB request. Bits 4 to 7 of the EV_CLASS structure element contain the event class. The following values are possible here: 1: Start events from standard OBs 2: Start events from synchronous error OBs 3: Start events from asynchronous error OBs WinCC Advanced V14 System Manual, 10/2016 3741 Programming the PLC 11.4 Instructions The PRIORITY structure element supplies the priority class belonging to the current OB. Apart from these two elements, NUM is also relevant. NUM contains the number of the current OB or the startup OB that was started last. Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 8081 Start information of the current OB does not correspond to the specified system data type 8083 Start information of the last startup OB started does not correspond to the specified system data type Example OB 80 is the OB that was called last and that has not yet been completely processed and OB 100 is the start-up OB that was started last. The following table shows the assignment between the structure elements of the TOP_SI parameter of the "RD_SINFO" instruction and the associated local tags of OB 80. TOP_SI structure element Data type OB 80 - Associated local tag Data type EV_CLASS BYTE OB80_EV_CLASS BYTE EV_NUM BYTE OB80_FLT_ID BYTE PRIORITY BYTE OB80_PRIORITY BYTE NUM BYTE OB80_OB_NUMBR BYTE TYP2_3 BYTE OB80_RESERVED_1 BYTE TYP1 BYTE OB80_RESERVED_2 BYTE ZI1 WORD OB80_ERROR_INFO WORD ZI2_3 DWORD OB80_ERR_EV_CLASS BYTE OB80_ERR_EV_NUM BYTE OB80_OB_PRIORITY BYTE OB80_OB_NUM BYTE The following table shows the assignment between the structure elements of the START_UP_SI parameter of the "RD_SINFO" instruction and the associated local tags of OB 100. START_UP_SI structure element Data type OB 100 - Local tag Data type EV_CLASS BYTE OB100_EV_CLASS BYTE EV_NUM BYTE OB100_STRTUP BYTE PRIORITY BYTE OB100_PRIORITY BYTE NUM BYTE OB100_OB_NUMBR BYTE TYP2_3 BYTE OB100_RESERVED_1 BYTE TYP1 BYTE OB100_RESERVED_2 BYTE 3742 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions START_UP_SI structure element Data type OB 100 - Local tag Data type ZI1 WORD OB100_STOP WORD ZI2_3 DWORD OB100_STRT_INFO DWORD Example In the following example, you read out the start information of the program cycle OB that was last called and the startup OB of the CPU that was last started. Create three tags in a global data block for storing the data. Call the "RD_SINFO" instruction in an OB1. Interconnect the parameters of the "RD_SINFO" instruction as follows. Use only one OB for the CPU, for the example. When the input parameter EN returns the signal state "TRUE", the "RD_SINFO" instruction is started. The instruction "RD_SINFO" reads the start information of the last called program cycle OB (OB1) and outputs this at the output parameter TOP_SI ("SI_ProgrammCycle"). Start information of the startup OB that was last started is output at the output parameter START_UP_SI ("SI_Startup"). According to the value of the parameter "SI_Format", OB1 uses optimized start information. In addition, the class of the OB ("OB_Class") and the assigned number of the OB ("OB_Nr") are read out. No number ("OB_Nr" with the value "0") is read out for the startup OB ("SI_Startup"), because no startup OB is used by the CPU. In addition, standard values ("SI_Format", "OB_Class") are displayed for the startup OB. The output parameter RET_VAL ("returnValue") indicates that the processing of the example is taking place without errors (the value is "0"). WinCC Advanced V14 System Manual, 10/2016 3743 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). RT_INFO: Read out runtime statistics (S7-1500) Description Use the "RT_INFO" instruction to generate statistics on the runtime of specific organization blocks, communication or the user program. Use the MODE parameter to select the information to be output: MODE 1 to 3 return the data on the runtime of a specific organization block whose number was specified at the OB parameter. MODE 10 and 11 measure over a time period of 1 s and return the mean value of the percentage of total runtime used by higher-priority OBs (MODE 10) or mean value of the percentage of total runtime used by communication (MODE 11). MODE 20 and 21 return the percentages of the runtime allotted to communication and the user program for the last program cycle. MODE 23 to 25 output the shortest, longest, and current cycle time of the user program. MODE 30 to 32 return data on configured settings of the user program. All measurements are started once again when the CPU transitions from startup to RUN. 3744 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RT_INFO" instruction: Parameter Declaration Data type Memory area Description MODE Input UINT I, Q, M, D, L or con stant Use the MODE parameter to select the in formation you want to read out (see table "MODE parameter"). OB Input OB_ANY I, Q, M, D, L or con stant Use the OB parameter to select the OB for which you want to read out information. RET_VAL Return INT I, Q, M, D, L Error information (see " RET_VAL parame ter"). INFO InOut VARIANT I, Q, M, D, L Pointer to the area to which the read data is to be written. The data type required for IN FO depends on the MODE parameter (see table "MODE parameter"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter MODE The following table shows which information is returned for the values at the MODE parameter. MODE (deci mal) Description Note Value at Data type OB param of INFO eter Available as of CPU version 1 Runtime of a specific OB OB num ber LTIME S7-1500 V1.5 2 Maximum runtime of a spe cific OB The runtime information always refers to the specified OB. Processes, such as in terruptions by OBs of a higher priority or communication, are not included. OB num ber LTIME S7-1500 V1.5 LTIME S7-1500 V1.5 3 Minimum runtime of a specif You can use the instruction "RUNTIME" to OB num measure the runtime of the entire program. ber ic OB WinCC Advanced V14 System Manual, 10/2016 3745 Programming the PLC 11.4 Instructions MODE (deci mal) Description Note Value at Data type OB param of INFO eter Available as of CPU version 10 Mean value of the percent age of total runtime used by higher-priority OBs Averaging takes place over a time period of 1 s. Not rele vant UINT S7-1500 V1.5 Not rele vant UINT S7-1500 V1.5 Not rele vant UINT S7-1500 V1.7 If the cycle time is too low (< 1 millisecond), the calculation cannot be performed. In this case, the last cycle with a duration of at least one millisecond is evaluated. By assigning a minimum cycle time in the CPU properties, you can prevent cycle times from falling below 1 ms. Not rele vant UINT S7-1500 V1.7 The times correspond to the "Cycle times measured" values in the "Cycle time" dia log of the TIA Portal. You open the dialog using Online & Diagnostics > Diagnostics > Cycle time. Not rele vant LTIME S7-1500 V1.7 Not rele vant LTIME S7-1500 V1.7 Not rele vant LTIME S7-1500 V1.7 The runtime of all OBs used in the user program with a higher priority than cyclical program OBs is output (Pro gramCycle). These usually include all OB types except startup OBs. The CPU determines which OBs can be used and their priority. This information is in cluded in the basic chapters on programming. 11 Mean value of the percent age of total runtime used by communication The percentage of communi cation processes in the total runtime of the user program is output. 20 Identical to MODE 10 except that the evaluation is based on the last program cycle executed. 21 Identical to MODE 11 except that the evaluation is based on the last program cycle executed. 23 Longest cycle time Duration of the longest cycle since the last transition from STOP to RUN. 24 Shortest cycle time Duration of the shortest cycle since the last transition from STOP to RUN. 25 Current/last cycle time Duration of the last cycle. 3746 If the cycle time is too high (> 1 second), the calculation is not performed. The instruction outputs the value 65535 (0xFFFF). WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MODE (deci mal) Description Note 30 Cycle monitoring time The times correspond to the "Configured Not rele cycle time" values in the "Cycle time" dialog vant of the TIA Portal. You open the dialog using Online & Diagnostics > Diagnostics > Cy cle time. LTIME S7-1500 V1.5 Not rele vant LTIME S7-1500 V1.5 Not rele vant UINT S7-1500 V1.5 Maximum permitted duration of the CPU program. If the cycle time exceeds the cycle monitoring time, the CPU goes to STOP or calls a time error OB. 31 Output of the configured min imum cycle time for the user program. If a minimum cycle time has been assigned in the CPU properties, the op erating system delays the start of the new cycle until the minimum cycle time has been reached. 32 Output of the configured maximum communication load as a percentage The specification of the percentage of the cycle load allotted to communication is made in the CPU properties under "Com munication load". Value at Data type OB param of INFO eter Available as of CPU version Parameter RET_VAL The following table shows the meaning of the values of the RET_VAL parameter: Error code* (W#16#...) Explanation 0 No error 8080 Value at the MODE parameter is not supported. 8081 Organization block selected at OB parameter does not exist in the user program. 8092 Selected MODE parameter is not supported by this CPU version. 80C3 Insufficient resources. Try to call the instruction again at a later time. 8452 Data type at INFO parameter is incorrect. Check whether the correct data type was selected depending on the MODE parameter. Example In the following example, you read out the runtime of a cycle organization block. Create four tags in a global data block for storing the data. WinCC Advanced V14 System Manual, 10/2016 3747 Programming the PLC 11.4 Instructions Interconnect the parameters of the instruction as follows. Create a new block of type "Program cycle". Specify the OB number at the OB parameter. Enter "1" (read out runtime of a particular OB) at the MODE parameter. Specify a tag with the data type LTIME at the INFO parameter ("infoData" in this case). Specify a tag with the data type INT at the RET_VAL parameter to output the error messages of the instruction. After calling the instruction, the currently measured runtime is written to the "infoData" tag. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3748 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions LED: Read LED status (S7-1200, S7-1500) Description You can use the "LED" instruction to read out the status (e.g., "On" or "Off") of a particular module LED. With the LADDR parameter, you address the CPU or the interface. With the LED parameter, you select the module LED whose current status is read out using the instruction. The RET_VAL parameter outputs the status of the selected LED when the instruction is called. Depending on the LED selected, only certain status information can be displayed. For example, some LEDs have only one color. Refer to the hardware documentation of the respective module for information on the possible statuses of a particular LED. Parameters The following table shows the parameters of the "LED" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, L or constant Hardware identifier of the CPU or interface The number is assigned automatically and is stored in the properties of the CPU or interface in the hardware configuration (CPU name + Common). LED Input UINT I, Q, M, D, L or con stant Identification number of the LED: 1: STOP/RUN 2: ERROR 3: MAINT (maintenance) 4: Redundant 5: Link (green) 6: Rx/Tx (yellow) RET_VAL Return INT I, Q, M, D, L Status of LED You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3749 Programming the PLC 11.4 Instructions Parameter RET_VAL RET_VAL Description 0 to 9 LED status: 0 = LED does not exist or status information not available 1 = Permanently switched off 2 = Color 1 (e.g., for LED STOP/RUN: green) permanently ON 3 = Color 2 (e.g., for LED STOP/RUN: orange) permanently ON 4 = Color 1 flashing at 2 Hz 5 = Color 2 flashing at 2 Hz 6 = Colors 1 and 2 flashing alternately at 2 Hz 7 = LED is active, color 1 8 = LED is active, color 2 9 = LED does not exist or status information not available For reasons of compatibility, ENO is set to FALSE for this value of RET_VAL. 8091 Hardware component addressed using the LADDR parameter is not available. 8092 A hardware component was addressed with the LADDR parameter that does not return the required information. 8093 The identification number specified at the LED parameter is not defined. 80Bx The CPU specified in the LADDR parameter does not support the "LED" instruction. Example In the following example, you read out the status of the CPU LED. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. The HW identifier of the CPU is made known to the "LED" instruction through parameter LADDR ("myLADDR"). The CPU LED to be monitored is made known through parameter LED ("myLED"). The status of the CPU LED (STOP/RUN) is queried. If the CPU is placed in RUN operating mode from STOP, the value "6" (green and orange alternating) is indicated at output 3750 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions parameter RET_VAL ("returnValue"). Then, the value "2" (permanently green) is indicated as the LED status ("returnValue"). Note: The meaning of the colors for the STOP/RUN LED are as follows: Color Meaning Red STOP Green RUN Alternating green and orange The CPU is loading Alternating red and green Program processing is running Additional information on the meaning of the LED colors can be found in the hardware description of the CPU. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Get_IM_Data: Reading identification and maintenance data (S7-1200, S7-1500) Description The "Get_IM_Data" instruction reads the identification and maintenance data (I&M) data from a device. Use the LADDR parameter to select the device from which you want to read the I&M via the hardware identifier. The IM_TYPE parameter is used to select the data that is read out via the instruction: IM_TYPE = 0: I&M 0 data The I&M 0 data are the device-specific basic information of a device and contain information such as the manufacturer ID, order number, serial number and the hardware and firmware version. Only read access is possible to the I&M 0 data. The information is also displayed in the TIA Portal with the "Online & Diagnostics" view of a device. IM_TYPE = 11: I&M 1 data from the parameter assignment data of the CPU The I&M 1 data contain a functional description of the device and the location designation. i.e. the information about how the device is designated within the plant. WinCC Advanced V14 System Manual, 10/2016 3751 Programming the PLC 11.4 Instructions IM_TYPE = 12: I&M 2 data from the parameter assignment data of the CPU The I&M 2 data includes the date of installation, i.e. the information about when the device was installed in the plant. IM_TYPE = 13: I&M 3 data from the parameter assignment data of the CPU The I&M 3 data contains additional information about the installed device. The additional information is free text and is assigned as desired. The I&M data read is written to the addressed area defined at the DATA parameter. The execution status of the read job is displayed via the BUSY, DONE, ERROR output parameters and the two middle bytes of the STATUS output parameter. Definition: Identification and maintenance data (I&M) Identification and maintenance (I&M) data refers to information stored in a module, which assists you in checking the plant configuration, locating hardware changes in a plant and eliminating errors. Identification data (I-data) is static information about a device that can only be read. Maintenance data (M-data) refers to plant-dependent information, such as the installation location or date. Maintenance data are created during configuration and written to the module. Parameters The following table shows the parameters of the "Get_IM_Data" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, D, L or con Hardware ID of the device The number is as stant signed automatically and is stored in the proper ties of the device or in the hardware configura tion. IM_TYPE Input UINT I, Q, M, D, L or con Identification and maintenance data number stant Possible values: 0: I&M 0 data 11: I&M 1 data from the parameter assignment data of the CPU 12: I&M 2 data from the parameter assignment data of the CPU 13: I&M 3 data from the parameter assignment data of the CPU DATA InOut VARIANT I, Q, M, D, L Area for storing the read identification and main tenance data (see below). DONE Output BOOL I, Q, M, D, L The instruction was executed successfully. The I&M data were transferred to the DATA parame ter. 3752 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description BUSY Output BOOL I, Q, M, D, L Status parameter 0: Execution of the instruction completed or not yet started. 1: Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, D, L Status parameter 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the duration of one call. To display it, therefore, copy STATUS to a free data area. You can find more information on the data types in "Overview of the valid data types (Page 2131)". Parameter DATA for I&M 0 data Use an array (ARRAY of BYTE) or a special data structure to store the I&M 0 data: If you address an array (ARRAY of BYTE) at parameter DATA, the read I&M 0 data is copied as a byte sequence to DATA. If the addressed array is longer than the read data, the unneeded bytes are filled with zeros. The following "IM0_Data" structure can also be used at the DATA parameter for I&M 0 data: WinCC Advanced V14 System Manual, 10/2016 Parameter Data type Bytes Description Manufacturer_ID UINT 2 Manufacturer ID (e.g. "42" for SIE MENS) Order_ID CHAR[20] 20 Order number Serial_Number CHAR[16] 16 Serial number Hardware_Revision UNIT 2 Hardware revision Software_Revision STRUCT 4 Firmware revision Type CHAR 1 - Functional USInt 1 - Bugfix USInt 1 - Internal USInt 1 - Revision_Counter UINT 2 Revision counter Profile_ID UNIT 2 Profile Profile_Specific_Type UNIT 2 Device class IM_Version UNIT 2 I&M version I&M_Supported UNIT 2 I&M data (I&M 0-I&M 4) supported at the device end 3753 Programming the PLC 11.4 Instructions If a different data type is used at the DATA parameter, the STATUS parameter outputs error code 8093. DATA parameter for I&M 1, I&M 2, and I&M 3 data Use a string (STRING), an array (ARRAY of CHAR/BYTE) or a data structure (STRUCT) to store the I&M data: If you address a string (STRING data type) at the the DATA parameter, the length of the string automatically adjusts the length of the read I&M data (up to 254 characters). If you address a data structure (ARRAY of CHAR/BYTE or STRUCT) a the DATA parameter, the I&M data read are written to the individual components of the data type used. If the addressed data structure is longer than the read data, the remaining components are filled with zeros. If you crate a data structure with a STRUCT data type at the DATA parameter, use a data block without optimized block access (see category "Attributes" of the block properties). If a data type other than STRING, ARRAY of BYTE/CHAR or STRUCT is used at the DATA parameter, the STATUS parameter generates error code 8093. Note Additional information about I&M data You can find more information about I&M data, for example, on the PROFIBUS & PROFINET International websites (link: http://www.profibus.com (http://www.profibus.com)). Parameter STATUS Error code* (W#16#...) Description 0 No error 7000 No job in progress. 7001 First call of the asynchronous instruction "Get_IM_Data". Execution of the instruction not yet complete (BUSY = 1, DONE = 0). 7002 Additional call of the asynchronous instruction "Get_IM_Data". Execution of the instruction not yet complete (BUSY = 1, DONE = 0). 8091 The device addressed at the LADDR parameter does not exist. 8092 LADDR addresses a device that does not support the output of the I&M data. 8093 Data type at the DATA parameter is not supported. 80B1 No valid data available. (Either the I&M data is not supported by the (sub)module or you have not configured I&M data for this device.) 80B2 Invalid value at the IM_TYPE parameter or the selected IM_TYPE is not supported by the CPU or the ad dressed device. 80C3 Maximum of 10 parallel executions of the instances exceeded: Avoid more than 10 parallel calls. Repeat the call at a later time, as this is a temporary error. 3754 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* (W#16#...) Description 8752 The memory area specified at the DATA parameter is too small to store all the I&M data. The read I&M data are stored only up to the maximum length of the specified memory area. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you read out the IM0 data of an S7-1500 CPU. The IM0 data are the basic information of a device and contain information such as the manufacturer ID, order number, serial number and the hardware and firmware version. Create four tags and a structure with the IM0_Data data type in a global data block for storing the IM0 data. You can assign any name to the structure ("MyPLC_IM_Data") in this case. Enter the hardware identifier of the CPU at the LADDR parameter. The hardware identifier uniquely identifies the product. To determine the hardware identifier of your CPU, open the PLC tag table and the System constants tab. Then, search for the CPU in the Name column. The associated value is the hardware identifier that you enter at the LADDR parameter. Once the instruction is successfully executed, the IM0 data is written to the data block. WinCC Advanced V14 System Manual, 10/2016 3755 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) 3756 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions GET_NAME: Read out name of an IO device or a DP slave (S7-1200, S7-1500) Description The instruction "GET_NAME" reads out the name of an IO device or a DP slave. The name is displayed in the network view and in the properties of the IO device or the DP slave. The following screenshot shows this using an IO device as example. You select the IO device or the DP slave by using the hardware identifier of the PROFINET IO system or the DP master system (at the LADDR parameter) and the device number of the IO device or the PROFIBUS address of the DP slave (STATION_NR parameter). After the instruction has been executed successfully, the name of the IO device or the DP slave is written to the area addressed with the DATA parameter. The name that is read depends on the type of IO device: For a DP slave or IO device, the name of the head module is output. For an I-slave or I-device, the name of the interface module is output. The name of the interface is output for an HMI panel. The name of the interface module is output for a PC station. The name of the Device Access Point (DAP) is displayed (name of the interface or head module) for GSD devices. The length of the name is output at the LEN parameter. If the name is longer than the area specified at the DATA parameter, only that section which corresponds to the maximum length of the addressed area will be written. WinCC Advanced V14 System Manual, 10/2016 3757 Programming the PLC 11.4 Instructions The maximum length for a name is 128 characters. Note Name of the CPU readout (Version 1.1) If you assign a "0" at each of the parameters LADDR and STATION_NR the instruction will output the name of the CPU. Parameters The following table shows the parameters of the "GET_NAME" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IOSYSTEM I, Q, M, D, L or con stant Hardware identifier of the PROFINET IO or DP master system. The number is taken from the system constants or the properties of the PRO FINET IO system or DP master system. STATION_NR Input UINT I, Q, M, D, L or con stant Device number of the PROFINET IO device or PROFIBUS address of the DP slave. This num ber is displayed in the network view and in the properties of the IO device or the DP slave. DATA InOut VARIANT I, Q, M, D, L Pointer to the area to which the name is written. DONE Output BOOL I, Q, M, D, L The instruction was executed successfully. The name of the IO device or the DP slave was transferred to the area at the DATA parameter. BUSY Output BOOL I, Q, M, D, L Status parameter 0: Execution of the instruction complete. 1: Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, D, L Status parameter 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS parameter. LEN Output DINT I, Q, M, D, L Length of the name of the IO device or the DP slave (number of characters). STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the duration of one call. To display the status, therefore, copy STATUS to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3758 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS Error code* (W#16#...) Explanation 0 No error 7000 No job in progress. 7001 First call of the asynchronous instruction "GET_NAME". Execution of the instruction not yet complete (BUSY = 1, DONE = 0). 7002 Additional call of the asynchronous instruction "GET_NAME". Execution of the instruction not yet complete (BUSY = 1, DONE = 0). 8090 The hardware identifier specified at the LADDR parameter does not exist in the project. 8092 The value at the LADDR parameter does not address a PROFINET IO system or a DP master system. 8093 Instruction does not support data type at the DATA parameter. 8095 Device number (STATION_NR parameter) does not exist in the selected PROFINET IO system or does not address an IO device. PROFIBUS address (STATION_NR parameter) does not exist in the selected DP master system. 80B1 The CPU used does not support the instruction. 80C3 Temporary resource error: The CPU is currently processing the maximum possible number of simultaneous block calls. "GET_NAME" cannot be executed until at least one of the block calls is finished. 8852 The area specified at the DATA parameter is too short for the full name of the IO device or the DP slave. The name will be written up to the maximum possible length. To read the full name, use a longer data area at the DATA parameter. The area must have at least as many characters as there are at the LEN parameter. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example The following example shows how you can read out the station name of a HMI panel. Configuration of the HMI panel: The HMI panel with the station name "HMI_IO-Device" is created in the network view and assigned to the same PROFINET IO system as the CPU. The operating mode "IO device" was activated in the properties of the hardware configuration for the HMI panel and the CPU was assigned as the IO controller. The device number "20" assigned in the properties under "Ethernet addresses". WinCC Advanced V14 System Manual, 10/2016 3759 Programming the PLC 11.4 Instructions Assigning parameters to the instruction "GET_NAME": The hardware ID (258) of the IO system was specified at the parameter LADDR. The device number (20) of the HMI panel was specified at the parameter STATION_NR. A tag was connected with the data type STRING of a data block at the parameter DATA. PLC tags (memory area, flags) were defined for the output parameters of the instruction. Execution of the instruction: After execution of the instruction, the name of the station of the HMI panels (HMI_IO-Device) is written into the data block at the parameter DATA. The number of characters of the name is output (13) at the parameter LEN. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3760 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions GetStationInfo: Read information of an IO device (S7-1200, S7-1500) Description You can use the "GetStationInfo" instruction to read information of a PROFINET IO device. The instruction also enables you to read the information of an IO device located in a lowerlevel IO system (connected via CP/CM). The IO device is addressed via the hardware identifier of the station at the LADDR parameter. The hardware identifier is displayed in the "Devices & Networks" view in the station properties. Use the MODE parameter to select the information to be read. At the DATA parameter, specify the data area to which the read address data will be written. For storing the IP address, use the "IF_CONF_v4" structure. For storing the MAC address, use the "IF_CONF_MAC" structure. Enable reading of the address data using the REQ control parameter. This requires the IO device to be accessible. The execution status of the read job is displayed via the BUSY, DONE, ERROR output parameters and the STATUS output parameter. Note Address the IO device using only the hardware identifier of the station The station, the IO device and PROFINET interface have their own hardware identifier. Use only the hardware identifier of the station for the "GetStationInfo" instruction. If a PROFINET interface is addressed via the LADDR parameter, for example, the address data is not read and the 8092 error code is generated. To read the address data of an integrated PROFINET interface or a CM/CP in the central configuration, use the "RDREC" instruction. Parameters The following table shows the parameters of the "GetStationInfo" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L Control parameter Request Activates the reading of the information with REQ = "1". LADDR Input HW_DEVICE I, Q, M, D, L or constant Hardware identifier of the station of the IO device The number is taken from the proper ties of the station in the Network view or from the "System constants" tab of the default tag table. DETAIL WinCC Advanced V14 System Manual, 10/2016 Input HW_SUB MODULE I, Q, M, D, L or constant The DETAIL parameter is not used. Leave the parameter unconnected. 3761 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description MODE Input UINT I, Q, M, D, L or constant Selection of address data to be read: MODE = 1: Address parameter according to IPv4 (S7-1500 CPUs as of firmware version V1.1) MODE = 2: MAC address (S7-1500 CPUs as of firmware version V1.5) DATA InOut VARIANT D, L Pointer to the area to which the ad dress data of the IO device is written. Use the "IF_CONF_v4" structure for MODE = 1 and the "IF_CONF_MAC" structure for MODE = 2. DONE Output BOOL I, Q, M, D, L The instruction was executed success fully. The address data was transferred to the DATA parameter. BUSY Output BOOL I, Q, M, D, L Status parameter 0: Execution of the instruction complete. 1: Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, D, L Status parameter 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the dura tion of one call. To display the status, you should therefore copy STATUS to a free data area. You can find more information on the data types in "Overview of the valid data types (Page 2131)". Parameter DATA Use the "IF_CONF_v4" structure at the DATA parameter to store the address parameter according to IPv4. Byte 3762 Parameter Data type Start value Description 0 ... 1 Id UINT 30 ID of the "IF_CONF_v4" structure. 2 ... 3 Length UNIT 18 Length of data read in BYTE. 4 ... 5 Mode UNIT 0 Not relevant for the "GetStationInfo" instruc tion (left at "0"). WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Byte Parameter Data type 6 ... 9 InterfaceAddress ARRAY [1..4] of BYTE Start value Description - IP address of the IO device in the format IP_V4, e.g. for 192.168.3.10: addr[1] = 192 addr[2] = 168 addr[3] = 3 addr[4] = 10 10 ... 13 SubnetMask ARRAY [1..4] of BYTE - Subnet mask of the IO device in the format IP_V4, e.g. for 255.255.255.0: addr[1] = 255 addr[2] = 255 addr[3] = 255 addr[4] = 0 14 ... 17 DefaultRouter ARRAY [1..4] of BYTE - IP address of the router in the format IP_V4, e.g. for 192.168.3.1: addr[1] = 192 addr[2] = 168 addr[3] = 3 addr[4] = 1 Use the "IF_CONF_MAC" structure at parameter DATA for storing the MAC address. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 3 ID of the "IF_CONF_MAC" structure. 2 ... 3 Length UNIT 12 Length of data read in BYTE. 4 ... 5 Mode UNIT 0 Not relevant for the "GetStationInfo" instruc tion (left at "0"). 6 ... 11 ARRAY [1..6] of BYTE - MAC address of the IO device, e.g. for 08-00-06-12-34-56 MACAddress Mac[1] = 8 Mac[2] = 0 Mac[3] = 6 Mac[4] = 12 Mac[5] = 34 Mac[6] = 56 Parameter STATUS WinCC Advanced V14 System Manual, 10/2016 Error code* (W#16#...) Explanation 0 No error 7000 No job in progress. 7001 First call of the asynchronous instruction "GetStationInfo". Execution of the instruction not yet complete (BUSY = 1, DONE = 0). 3763 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 7002 Additional call of the asynchronous instruction "GetStationInfo". Execution of the in struction not yet complete (BUSY = 1, DONE = 0). 8080 Value at the MODE parameter is not supported. 8090 The hardware identifier specified at the LADDR parameter is not configured. 8092 The LADDR parameter does not address a PROFINET IO device. 8093 Invalid data type at the DATA parameter. 80A0 Requested information is not read. 80C0 Addressed IO device is not reachable. 80C3 The maximum number of simultaneous calls of the "GetStationInfo" instruction (10 in stances) has been reached. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example Below, you use the GetStationInfo" instruction to read the IP address data of an IO device and write the information to a data block. The IP address data includes the IP address, subnet mask and (if used) the address data of the router. The instruction is executed on the IO controller and reads the IP address information of a lowerlevel IO device (an ET200MP in this example). Create five tags and a structure with the IF_CONF_v4 data type in a global data block for storing the address data. Assign any name to the structure (in this case "IP_Address"). 3764 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Then call the "GetStationInfo" instruction: You use the IF_CONF_v4 structure at the DATA parameter. Enter the hardware identifier of the IO device at the LADDR parameter. The hardware identifier uniquely identifies the product. To determine the hardware identifier of your IO device, open the PLC tag table and the System constants tab. Then, search for the device in the Name column and for the Hw_Device" in the Data type column. The associated value is the hardware identifier that you enter at the LADDR parameter. Select "1" (read address parameters according to IPv4) for the MODE parameter. You start reading the address data with REQ= 1 (TRUE). Once the instruction is successfully executed, the IP address data is written to the data block. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3765 Programming the PLC 11.4 Instructions GetChecksum: Read out checksum (S7-1200, S7-1500) Description The "GetChecksum" instruction reads the checksum of a group of objects. The objects are selected with the parameter "Scope". Note Generation of the checksum for blocks There are differences between standard and safety blocks in terms of the generation of the checksum. You can find additional information in the help for the STEP 7 Safety option package. Parameter The following table shows the parameters of the "GetChecksum" instruction: Parameter Declaration Data type Description Scope Input UINT With the Scope parameter, you select the ob jects for which you want to read out the check sum: 1: Standard blocks (i.e. no safety blocks) 2: Safety blocks 3: Text lists Range (hidden) Input UINT "Range" must have the value 0. Subrange (hid den) Input UINT "Subrange" must have the value 0. Done Output BOOL The instruction was executed successfully. The checksum was transferred to the Checksum pa rameter. Busy Output BOOL Status parameter 0: Execution of the instruction complete. 1: Execution of the instruction not yet complete. Error Output BOOL Status parameter 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the "Status" parameter. 3766 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Description Status Output WORD Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy STATUS to a free data area. Checksum InOut VARIANT Checksum The "Checksum" parameter must point to a tag of the data type ARRAY[0..7] of BYTE; unused bytes are set to 0. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter "Status" Error code* (W#16#...) Explanation 0 No error 7001 First call: Generation of the checksum initiated 7002 Intermediate call: Generation of the checksum already active 8080 Invalid value of the "Scope" parameter 8081 The "Range" parameter is not supported in this firmware version and must have the value 0. 8082 The "Subrange" parameter is not supported in this firmware version and must have the value 0. 8091 The "GetChecksum" instruction is not supported by the CPU. 8852 The tag to which the "Checksum" parameter points has the wrong data type. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Comparison of PLC programs based on checksums (Page 4833) DeviceStates: Read module status information in an IO system (S7-1200, S7-1500) Description You use the instruction "DeviceStates" to query specific status information for all modules in an IO system, which means: Either for all IO devices in a PROFINET IO system Or for all DP slaves in a DP master system The Boolean value that is output indicates the modules to which the selected status applies. For example, read out which IO devices are currently disabled in a PROFINET IO system. Information is also displayed as to whether the status information to be read applies to at least one of the IO devices or DP slaves. WinCC Advanced V14 System Manual, 10/2016 3767 Programming the PLC 11.4 Instructions The instruction can be called in a cyclic OB as well as in an interrupt OB (e.g. OB82 - diagnostic interrupt). Parameters The following table shows the parameters of the "DeviceStates" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IOSYSTEM I, Q, M, L or constant MODE Input UINT I, Q, M, D, L or constant Selection of status information to be read (see description below) RET_VAL Return INT I, Q, M, D, L Status of instruction (see description be low) STATE InOut VARIANT I, Q, M, D, L Buffer for status of the IO devices or the DP slaves (see description below) Hardware identifier of the PROFINET IO or DP master system (see description be low) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter LADDR You select the PROFINET IO or DP master system at the LADDR parameter by means of the hardware identifier. The hardware identifier is available: Either in the Network view of the properties of the PROFINET IO or DP master system. Or in the PLC tag table in the listed system constants with the data type HW_IOSYSTEM. Parameter MODE You use the MODE parameter to read out status information. You can read out one of the following status information items for the entire PROFINET IO or DP master system: 1: IO devices/DP slaves are configured 2: IO devices/DP slaves are faulty 3: IO devices/DP slaves are disabled 4: IO devices/DP slaves exist 5: IO devices/DP slaves for which a problem has occurred. For example: - Maintenance demanded or recommended - Not accessible - Not available - Error occurred 3768 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATE With the STATE parameter, the status of the IO devices/DP slaves that was selected with the MODE parameter is output. If the status selected using MODE applies to an IO device/DP slave, the following bits are set to "1" at the STATE parameter: Bit 0 = 1: Group display. The bit n of at least one IO device/DP slave was set to "1". Bit n = 1: The status selected with MODE applies to the IO device/DP slave. - With a PROFINET IO system, bit n corresponds to the device number of the respective IO device (see properties of the PROFINET interface in the device view and network view) - With a PROFIBUS DP system, bit n corresponds to the PROFIBUS address of the DP slave (see properties of the DP slave in the device view and network view) Use "BOOL" or "Array of BOOL" as data type: To only output the bit for group display of the status information, you can use the data type BOOL at the STATE parameter. To output the status information for all IO devices/DP slaves, use Array of BOOL with the following length: - With PROFINET IO system: 1024 bits - With DP master system: 128 bits Parameter RET_VAL Error code* Description (W#16#...) 0 No error 8091 Hardware identifier of the LADDR parameter does not exist. Check (for example, in the system constants) whether the value for LADDR exists in the project. 8092 LADDR does not address a PROFINET IO or DP master system. 8093 Invalid data type at the STATE parameter. 80B1 Instruction "DeviceStates" is not supported by the CPU. 80B2 The selected MODE parameter is not supported by the used CPU for the IO system specified in the LADDR parameter. 8452 The complete status information does not fit in the tag configured in the STATE parameter. Note: When the tag configured at STATE is checked for adequate field length, the CountOfElements instruc tion is called. This counts the fill elements when the data type VARIANT points to an Array of BOOL; with an Array [0...120] of BOOL e.g. 128 is determined as the field length. This has the consequence that the error code W#16#8452 is only returned by DeviceStates when the number of field elements you have set plus the number of fill elements created by the CPU falls below the value 1024 or 128 * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3769 Programming the PLC 11.4 Instructions Example - Reading out the presence of IO devices in the PROFINET IO master system In the following example, you query the existence of IO devices in an IO system. The IO system consists of two CPUs of the S7-1500 series. The "PLC_14" CPU will contain the program, including the "DeviceStates" instruction. The "PLC_13" CPU will be configured as an IO device. In the "PLC_14" CPU: Create three tags and a "mySTATE" structure (with the Array of BOOL data type) in a global data block for storing the data. In the "PLC_14" CPU: The instruction is called in a cyclic OB. Interconnect the parameters of the instruction as follows. In the "PLC_13" CPU: Set up this CPU "PLC_13" as an IO device using the CPU properties. The IO device receives the device number 1. 3770 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions An IO system is displayed in the Network view. In the "PLC_14" CPU: The HW identifier of the IO system is made known to the "DeviceStates" instruction through parameter LADDR ("myLADDR"). According to the value "4" of parameter MODE ("myMODE"), the IO system is searched for IO devices. At parameter STATE ("mySTATE"), the presence is output for the IO devices (based on the value of parameter MODE). Bit 0 serves as a group value and indicates that IO devices are present. Bit 1 indicates that the IO device with the device number 1 is present. The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3771 Programming the PLC 11.4 Instructions Example - Reading the faulty stations of a PROFINET IO master system A PROFINET IO system consists of 4 IO devices with the device numbers 1, 2, 3 and 4. The IO device with number 2 is faulty. The instruction "DeviceStates" is executed for the PROFINET IO system with MODE = 2 (faulty/ not faulty). The following bits are set in the STATE parameter: Bit 0 = 1: A fault exists for at least one of the IO devices. Bit 1 = 0: IO device with device number 1 is not faulty. Bit 2 = 1: IO device with device number 2 is faulty. Bit 3 = 0: IO device with device number 3 is not faulty. Bit 4 = 0: IO device with device number 4 is not faulty. Bit 5 = 0: Irrelevant Bit 6 = 0: Irrelevant ... Example - Reading the faulty stations of a PROFIBUS DP master system A DP master system consists of 4 DP slaves with the PROFIBUS addresses 3, 4, 5 and 6. The DP slave with address 4 is faulty. The instruction "DeviceStates" is executed for the DP master system with MODE = 2 (faulty/ not faulty). The following bits are set in the STATE parameter: Bit 0 = 1: A fault exists for at least one of the DP slaves. Bit 1 = 0: Irrelevant Bit 2 = 0: Irrelevant Bit 3 = 0: DP slave with address 3 is not faulty. Bit 4 = 1: DP slave with address 4 is faulty. Bit 5 = 0: DP slave with address 5 is not faulty. Bit 6 = 0: DP slave with address 6 is not faulty. Bit 7 = 0: Irrelevant Bit 8 = 0: Irrelevant ... ModuleStates: Read module status information of a module (S7-1200, S7-1500) Description You can use the "ModuleStates" instruction to read the status information of the modules of a PROFINET IO device or PROFIBUS DP slave. 3772 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The Boolean value that is output indicates the modules to which the selected status applies. You can, for example, read which modules are currently disabled in a PROFINET IO device. Information is also displayed as to whether the status information to be read applies to at least one of the modules. The instruction can be called in a cyclic OB as well as in an interrupt OB (e.g. OB82 - diagnostic interrupt). Parameters The following table shows the parameters of the "ModuleStates" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_DEVICE I, Q, M, D, L or con stant Hardware identifier of the station (see descrip tion below) MODE Input UINT I, Q, M, D, L or con stant Selection of module status information to be read (see description below) RET_VAL Return INT I, Q, M, D, L Status of instruction (see description below) STATE InOut VARIANT I, Q, M, D, L Buffer for the module status (see description below) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter LADDR You select the IO device or the DP slave at the LADDR parameter by means of the hardware identifier of the station. The hardware identifier is available: Either in the network view of the properties of the IO device station or DP slave station. Or in the PLC tag table for the listed system constants with the data type HW_DEVICE (for an IO device) or with the data type HW_DPSLAVE (for a DP slave). Parameter MODE You use the MODE parameter to read out status information. One of the following status information items can be read for the modules: 1: Modules are configured 2: Modules are faulty 3: Modules are disabled WinCC Advanced V14 System Manual, 10/2016 3773 Programming the PLC 11.4 Instructions 4: Modules exist 5: There is a problem in the modules. For example: - Maintenance demanded or recommended - Not accessible - Not available - Error occurred Parameter STATE The STATE parameter outputs the status of the modules selected with the MODE parameter. If the status selected using MODE applies to a module, the following bits are set to "1": Bit 0 = 1: Group display. The bit n of at least one module was set to "1". Bit n = 1: The status selected with MODE applies to the module in slot n-1 (example: bit 3 = slot 2). Use "BOOL" or "Array of BOOL" as data type: To only output the bit for group display of the status information, use the BOOL data type at the STATE parameter. To output the status information for all modules, use Array of BOOL with a length of 128 bits. Parameter RET_VAL Error code* Description (W#16#...) 0 No error 8091 Hardware identifier of the LADDR parameter does not exist. Check (for example, in the system constants) whether the value for LADDR exists in the project. 8092 LADDR does not address an IO device or DP slave. 8093 Invalid data type at the STATE parameter. 80B1 The instruction "ModuleStates" is not supported by the CPU. 80B2 The selected MODE parameter is not supported by the used CPU for the IO device/the DP slave in the LADDR parameter. 8452 The complete status information does not fit in the tag configured in the STATE parameter. Note: When the tag configured at STATE is checked for adequate field length, the CountOfElements instruction is called. This counts the fill elements when the data type VARIANT points to an Array of BOOL; with an Array [0...120] of BOOL e.g. 128 is determined as the field length. This has the consequence that the error code W#16#8452 is only returned by ModuleStates when the number of field elements you have set plus the number of fill elements created by the CPU falls below the value 128 * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". 3774 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example In the following example, you query the existence of modules of a PROFINET IO device. The IO system consists of two CPUs of the S7-1500 series. The "PLC_14" CPU will contain the program, including the "ModuleStates" instruction. The "PLC_13" CPU will be configured as an IO device. In the "PLC_14" CPU: Create three tags and a "mySTATE" structure (with the Array of BOOL data type) in a global data block for storing the data. In the "PLC_14" CPU: The instruction is called in a cyclic OB. Interconnect the parameters of the instruction as follows. In the "PLC_13" CPU: Set up this CPU "PLC_13" as an IO device using the CPU properties. WinCC Advanced V14 System Manual, 10/2016 3775 Programming the PLC 11.4 Instructions An IO system is displayed in the Network view. In the "PLC_14" CPU: A module is located in slot 1 of the IO device. In the "PLC_14" CPU: The HW identifier of the IO device is made known to the "ModuleStates" instruction through parameter LADDR ("myLADDR"). According to the value "4" of parameter MODE ("myMODE"), the IO device is searched for modules. At parameter STATE ("mySTATE"), the presence is output for the modules (based on the value of parameter MODE) . Bit 0 serves as a group value and indicates that modules are present. Bit 2 indicates that a module is present in slot 1. The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. 3776 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Example An IO device contains 4 modules in slots 1 to 4. The module in slot 2 is faulty. The instruction "ModuleStates" is executed for the IO device with MODE = 2 (faulty/not faulty). The following bits are set in the STATE parameter: Bit 0 = 1: A fault exists for at least one module. Bit 1 = 0: Slot number 0 (used by IO device) Bit 2 = 0: Module in slot number 1 is not faulty. Bit 3 = 1: Module in slot number 2 is faulty. Bit 4 = 0: Module in slot number 3 is not faulty. Bit 5 = 0: Module in slot number 4 is not faulty. Bit 6 = 0: Irrelevant Bit 7 = 0: Irrelevant GEN_DIAG: Generate diagnostics information (S7-1500) Description The "GEN_DIAG" instruction generates diagnostics information for hardware components from other manufacturers for use in TIA Portal diagnostics. The GSD(GSDL/GSDML) file supplied by the manufacturer must first be installed before the instruction can be used. WinCC Advanced V14 System Manual, 10/2016 3777 Programming the PLC 11.4 Instructions The instruction generates all diagnostic events (including those for maintenance). Use the LADDR parameter to select the hardware component for which you want to generate a diagnostic event. Use the MODE parameter to specify whether the event is to be outgoing or incoming. Use the DiagEvent parameter to define the diagnostic event in the DiagnosticDetail structure. When you define a tag at the DiagEvent parameter, the structure is created automatically in the local interface of the block. The diagnostics information is provided synchronously. Diagnostics information transfer and alarm output are asynchronous. NOTICE Failsafe-specific errors messages are not valid If you define failsafe-specific diagnostics information at the DiagEvent parameter, the instruction will check this information and output the error code 80A1. Parameters The following table shows the parameters of the "GEN_DIAG" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_ANY I, Q, M, D, L or con stant Identification number of the hardware compo nent MODE Input UINT I, Q, M, D, L or con stant Selection of incoming/outgoing information: 1: The diagnostic event specified is an incoming event 2: The diagnostic event specified is an outgoing event 3: All diagnostic events are outgoing. There are therefore no hardware component faults (green diagnostics symbol). The DiagEvent parameter is not evaluated when MODE = 3. DiagEvent InOut DiagnosticDetail L, D Specifies the diagnostic event (see "DiagEvent parameter"). RET_VAL Return INT I, Q, M, D, L Status of instruction / error message (see "RET_VAL parameter") You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3778 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter DiagEvent The structure DiagnosticDetail is a system data type for specifying the diagnostic event. Its structure is as follows: Parameter Data type Description DiagnosticDe Struct tail Channe lInfo WORD Channel properties (0...7) ALID UINT Local ID of the alarm. The ID uniquely identifies the alarm. TextID UINT ID of an alarm text in a text list. Channel UINT Number Manufacturer-specific channel number (0x0000 -- 0x7FFF) Addval_0 DWORD Placeholder for additional information The value / list of values depends on the connection error. TextID2 UINT Texts for CPU response (mode, OB calls, etc.). LADDR HW_ANY Identical to the LADDR parameter. TextLis tId UINT 0: No text list 0: ID of the text list Channel UINT Direction 0000: Irrelevant FFF1: Input FFF2: Output FFF3: Input/Output Addval_1 DWORD Placeholder for additional information on the channel error (depends on the GSD file). For channel error types, see also: IEC 61158 (PROFINET IO Type 10 and PROFIBUS DP Type 3). Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error 8080 Value in the MODE parameter is not supported. 8090 Identification for hardware component not available at the LADDR parameter. 8091 Diagnostics information cannot be generated for the hardware component addressed at the LADDR param eter. 80A1 Content of the DiagnosticsDetail structure at the DiagEvent parameter is invalid or inconsistent. Failsafe-specific diagnostics information defined at the DiagEvent parameter (not valid). 80A4 Hardware component addressed cannot be accessed. 80C1 Insufficient resources for parallel execution. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3779 Programming the PLC 11.4 Instructions GET_DIAG: Read diagnostic information (S7-1200, S7-1500) Description The "GET_DIAG" instruction is used to read the diagnostic information of a hardware component. The hardware component is selected with the parameter LADDR. With the MODE parameter, you select which diagnostic information is read. Parameters The following table shows the parameters of the "GET_DIAG" instruction: Parameter Declaration Data type Memory area Description MODE Input UINT I, Q, M, D, L or constant Use the MODE parameter to select which diagnostics data is output. LADDR Input HW_ANY (WORD) I, Q, M, L or constant Hardware ID of the hardware component RET_VAL Return INT I, Q, M, D, L Status of the instruction CNT_DIAG Output UINT I, Q, M, D, L Reserved (always "0"). DIAG InOut VARIANT I, Q, M, D, L Diagnostic information corresponds to the selected mode, see table below DETAIL InOut VARIANT I, Q, M, D, L Parameter is hidden. Do not use this pa rameter! You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3780 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter MODE Depending on the value at the MODE parameter, different diagnostic data is output at the DIAG, CNT_DIAG and DETAIL output parameters. MODE Description DIAG CNT_DIAG 0 Output of all supported diagnostic in formation for a hardware component as DWORD, where Bit X=1 indicates that mode X is supported. Bits of the DWORD data type: 0 Bit 0 = 1: MODE 0 is supported Bit 1 = 1: MODE 1 is supported Bit 2 = 1: MODE 2 is supported Bits 3 to 31: Not relevant 1 Output of the diagnostic status of the addressed hardware component. Structure DIS (see below for de scription): 0 MaintenanceState ComponentStateDetail OwnState IOState OperatingState 2 Output of the status of all subordinate components of the addressed hard ware component. Structure DNN (see below for de scription): 0 SubordinateState SubordinateIOState DNNmode DIS structure With parameter MODE = 1, the diagnostic information is output in accordance with the DIS structure. In this case, enter the system data type "DIS" as data type for the tag declaration. Note Determining the OperatingState When determining the OperatingState, you need to select LADDR = 52 (hardware identifier of CPUExecUnit). WinCC Advanced V14 System Manual, 10/2016 3781 Programming the PLC 11.4 Instructions The following table shows the meaning of the individual parameter values. Parameter Data type Value MaintenanceState DWORD Enum 3782 Description 0 Good 1 The hardware component is disabled. 2 - 3 - 4 - 5 Maintenance required 6 Maintenance demanded 7 Error 8 Status unknown / error in higher-level hardware component 9 - 10 Inputs/outputs are not available. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Value Description ComponentState Detail DWORD Bit array Status: Bit 0 to 15: Status of the hardware component Bit 16 to 31: Status of the CPU 0 to 2 (Enum) Additional information: 0: No additional information 1: Transfer not permitted 3 Bit 3 = 1 if at least one qualified diagnostics is available 4 Bit 4 = 1: Maintenance required for at least one channel or the component 5 Bit 5 = 1: Maintenance demanded for at least one channel or the component 6 Bit 6 = 1: Error in at least one channel or the component 7 to 10 (Enum) 0: Own - Hardware component is available 1: Application Ready Pending - No I/O access 2: Locked by Superordinated - No access to hardware component 3: Locked by IOController - No access to hardware component 4: Locked by IOSupervisor - No access to hardware component 11 to 14 (Enum) 0 (bit 11 = 0, bit 12 = 0, bit 13 = 0, bit 14 = 0): OK - The correct element exists. 1 (bit 11 = 1, bit 12 = 0, bit 13 = 0, bit 14 = 0): Substitute - The element was replaced by a compatible element. 2 (bit 11 = 0, bit 12 = 1, bit 13 = 0, bit 14 = 0): Wrong The element was replaced by an incompatible element (The element is reachable, but not ready for operation.). 3 (bit 11 = 1, bit 12 = 1, bit 13 = 0, bit 14 = 0): No Submodule - The element does not exist. 15 Reserved (always "1"). 16 to 31 Status information for modules generated by the CPU: Bit 16 = 1: Submodule or module disabled Bit 17 = 1: CiR operation active Bit 18 = 1: Input not available Bit 19 = 1: Output not available Bit 20 = 1: Overflow diagnostics buffer Bit 21 = 1: Diagnostics not available Bit 22 = 1: Partial device failure (with PNIO for Shared iDevices) Bit 23 - 31: Reserved (always 0) WinCC Advanced V14 System Manual, 10/2016 3783 Programming the PLC 11.4 Instructions Parameter Data type Value Description OwnState UINT Enum Maintenance status 0 Good 1 Disabled 2 Maintenance required 3 Maintenance demanded 4 Error 5 Not accessible 6 Diagnostic status unknown 7 IO not available - Inputs/outputs are not available. Bit array I/O status of the hardware component IOState WORD Bit 0 = 1: Good Bit 1 = 1: Disabled Bit 2 = 1: Maintenance required Bit 3 = 1: Maintenance demanded Bit 4 = 1: Error Bit 5 = 1: Not accessible Bit 6 = 1: Qualified Bit 6 = 1 if at least one qualified diagnostics is available Bit 7 = 1: Not accessible Inputs/outputs are not available. 3784 8 to 14 Reserved (always = 0) Bit 15: Network/hard ware fault S7-1200: Reserved (always = 0) S7-1500: If bit 4 = 1 or bit 5 = 1: - Bit 15 = 0: Network error - Bit 15 = 1: Hardware error WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Value OperatingState UINT Enum Description 0 Not Supported - for I/O modules OperatingState always has the value 0. 1 STOP / firmware update 2 STOP / Memory reset 3 STOP / self start 4 STOP 5 Memory reset 6 Startup 7 - 8 RUN 9 - 10 HOLD 11 - 12 - 13 DEFECTIVE 14 - 15 De-energized 16 CiR 17 STOP without ODIS 18 RUN ODIS 19 Resetting to factory settings 20 STOP / no memory card DNN structure With parameter MODE = 2, the diagnostic information details are output in accordance with the DNN structure. In this case, enter the system data type "DNN" as data type for the tag declaration. The following table shows the meaning of the individual parameter values. Parameter Data type Value Description SubordinateState UINT Enum Status of the subordinate component (see parameter OwnState of the DIS structure) SubordinateIOState WORD Bitarray Status of the inputs and outputs of the subordinate component (see parameter IO State of the DIS structure) DNNmode WORD Bitarray Bit 0 = 0: Diagnostics enabled Bit 0 = 1: Diagnostics disabled Bit 1 to 15: Reserved WinCC Advanced V14 System Manual, 10/2016 3785 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Description (W#16#...) 0 No error n The data area at the DETAIL parameter is too small. Not all details of the diagnostics data are output. 8080 Value in the MODE parameter is not supported. 8081 Type at the DIAG parameter is not supported with the selected mode (parameter MODE). 8082 Type at the DETAIL parameter is not supported with the selected mode (parameter MODE). 8090 LADDR does not exist 80C1 Insufficient resources for parallel execution. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you read out the diagnostic information of a CPU. Create four tags and a "myDIAG" structure (with the DIS data type) in a global data block for storing the data. Interconnect the parameters of the instruction as follows. 3786 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The HW identifier of the CPU is made known to the "GET_DIAG" instruction through parameter LADDR ("myLADDR"). According to the value "1" of parameter MODE ("diagMODE"), the following applies: The instruction reads the status of the addressed hardware object (of the CPU). At parameter DIAG ("myDIAG"), the diagnostic information is output in a structure (DIS data type). To understand the diagnostic information, the hex values must be converted to binary code. At parameter DIAG ("myDIAG"), the following is indicated: MaintenanceState: According to the value "0", the CPU requires no maintenance. ComponentStateDetail: According to the hex value "0000_8000", bit 15 is active. OwnState: According to the value "0", no fault has occurred. IOState: According to the hex value "0001", there is no maintenance required. OperatingState: Outputs "0". The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. At output parameter CNT_DIAG ("CountDiagDetails"), it is indicated that "0" diagnostic details of parameter DETAIL have been output. Note: For example, you could individually read out bit 3 (channel diagnostics yes/no) from the ComponentStateDetail tag. Address the bit as follows: ComponentStateDetail.%X3 Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3787 Programming the PLC 11.4 Instructions Pulse (S7-1200) CTRL_PWM: Pulse-width modulation (S7-1200) Description The "CTRL_PWM" instruction is used to enable and disable a pulse output supported by the CPU using the software. Enter the hardware ID of the pulse generator that you want to control with the instruction at the input PWM. When the bit in the ENABLE input of the instruction is set, the pulse output is enabled. - If ENABLE has a value of TRUE the pulse generator will generate a pulse with the properties defined in the device configuration. - When the bit in the ENABLE input is reset or the CPU changes to STOP, the pulse output is disabled and no more pulses are generated. BUSY always has the value of FALSE for S7-1200 since S7-1200 activates the pulse generator if the instruction "CTRL_PWM" is executed. When the EN enable input has signal state "1" and no errors have occurred during execution of the instruction, the enable output ENO is set. Note Use of the force table for PWM and PTO Digital inputs and outputs that are used for PWM and PTO cannot be forced. Digital inputs and outputs that were assigned via device configuration are not controlled by either the force table or the watch table. Note Process image of PTO/PWM outputs Do not use PTO/PWM outputs in the process image (for example, for access in the user program, for online functions or in the HMI). The update rate of the process image is much slower than the rate of the signal changes. The display in the process image therefore does not reflect the signal flow. Requirement A prerequisite for the correct execution of the instruction is that the specified pulse generator is activated in the hardware configuration. Open the properties of the module in the device view. Go to "Pulse generators (PTO/PWM)", open the desired PTO/PWM and activate the function the "Activate this pulse generator" under "General". 3788 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Go to "Assigning parameters" and set the Pulse options. Note Pulse output parameters are assigned exclusively in the device configuration and not using the "CTRL_PWM" instruction. Any change of parameters that is intended to have an effect on the CPU must therefore be made while the CPU is in STOP mode. Changing the duration of the pulse is an exception. Changing the pulse duration from the user program The pulse duration setting made in the dialog "Pulse options" can be changed from the user program. The value set for "Initial pulse duration" is written in the output bytes of the pulse generator. The start address and the end address are displayed in the properties of the pulse generator under "I/O-addresses". To change the pulse duration, write the desired values in the output word address specified in the device configuration. Example: A value of 500 (decimal) is used for the "Initial pulse duration". The start address of the PTO/PWM is "1000" and the end address is "1001". The binary value of "0000000111110100" (=500 decimal) is written in both of the output bytes. - Start address (AB1000): 0000_0001 (BIN) - End address (AB1001): 1111_0100 (BIN) Please note that the pulse duration always depends on the parameters set for the Pulse duration format (hundredths, thousandths, ...). Parameters The following table shows the parameters of the "CTRL_PWM" instruction: Parameter Declaration Data type Memory area Description PWM Input HW_PWM I, Q, M, D, L or con stant Hardware ID of the pulse generator The hardware ID can be found in the properties of the pulse generator in the Device view. The hardware IDs of the pulse generators are also listed in the system constants. ENABLE Input BOOL I, Q, M, D, L or con stant The pulse output is enabled when ENABLE = TRUE and disabled when ENABLE = FALSE. BUSY Output BOOL I, Q, M, D, L Processing status STATUS Output WORD I, Q, M, D, L Status of the instruction (see below). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3789 Programming the PLC 11.4 Instructions Parameter STATUS Error code* (W#16#...) Description 0 No errors 80A1 Hardware ID of the pulse generator is invalid. 80D0 Pulse generator with the specified hardware ID is not activated. Activate the pulse generator in the CPU properties under "Pulse generators (PTO/PWM)". * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Overview of the CPU properties (Page 960) CTRL_PTO: Output a pulse sequence with a preset frequency (S7-1200) Description The "CTRL_PTO" instruction makes a pulse sequence available to you with a preset frequency. For this you do not require an axis DB of a technological object. Requirement The use of the "CTRL_PTO" instruction does not require an activated pulse generator. You activate this in the hardware configuration as well as selecting the signal type. You need to specify the pulse generator at the "PTO" parameter and set the "REQ" parameter to TRUE. Note Using a PLC pulse generator At any one time a pulse generator can only be used by one instruction. Note Use of the force table with PWM and PTO Digital inputs and outputs that are used for PWM and PTO cannot be forced. Digital inputs and outputs that were assigned via the device configuration are not controlled by either the force table or the watch table. Note Process image of PTO/PWM outputs Do not use PTO/PWM outputs in the process image (for example, for access in the user program, for online functions or in the HMI). The update rate of the process image is much slower than the rate of the signal changes. The display in the process image therefore does not reflect the signal flow. 3790 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "CTRL_PTO" instruction: Parameter Declaration Data type Description REQ Input BOOL REQ=1: Sets the frequency of the pulse generator to the value of FREQUENCY REQ=1 and FREQUENCY=0: Deactivates the pulse generator PTO Input HW_PTO REQ=0: No change at pulse generator Hardware identifier of the pulse generator This can be taken from the properties of the pulse generator in the device view or the list of system constants. FREQUEN CY Input UDINT Frequency of the pulse sequence to be output in Hz DONE Output BOOL Status parameter with the following values: 0: Job not yet started or still in progress 1: Job completed without error BUSY Output BOOL Processing status Since the S7-1200 enables the pulse generator when the "CTRL_PTO" in struction is executed, BUSY always has the value FALSE with the S7-1200. ERROR Output BOOL Status parameter 0: No error 1: An error occurred during execution of the instruction. STATUS Output WORD Status of the instruction (see below) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter Status Error code* (W#16#...) Explanation 0 No error 8090 The pulse generator with the specified hardware ID is already being used. 8091 Range exceeded for the "FREQUENCY" parameter; for more detailed information, refer to the manual. 80A1 The PTO parameter does not address a hardware ID of a pulse generator. 80D0 The pulse generator with the specified hardware ID is not activated. Activate the pulse generator in the CPU properties under "Pulse generators (PTO/PWM)". 80D1 The pulse generator with the specified hardware ID does not have the "PTO" property. Select "PTO" in the hardware configuration. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3791 Programming the PLC 11.4 Instructions Recipes and data logging (S7-1200, S7-1500) Recipe functions (S7-1200, S7-1500) Recipe functions - overview (S7-1200, S7-1500) Description With the instructions "RecipeExport" and "RecipeImport" you transfer recipe data from a recipe data block to a CSV file on the memory card of the CPU ("RecipeExport") from a CSV file on the memory card of the CPU to a recipe data block ("RecipeImport") Note Service life of memory cards The service life of memory cards is limited. Additional information is available here: AUTOHOTSPOT Protection of recipe data The instructions "RecipeExport" and RecipeImport" are not suitable for applications in which special protection is necessary for the recipe data. For higher protection of the data use the recipe functions of HMI. Position of the recipe data block with "RecipeExport" The data block with the recipe data exported with "RecipeExport" can be located in work or load memory. If the data block is both in the work memory and in the load memory, the values from the work memory are used. Delimiters You can use different delimiters to separate the row values in the recipe. Note that if you open the CSV file with the exported recipe data, for example in Excel, commas can be replaced by periods and vice versa. The reason for this is that different languages use different decimal separators. This can have an effect when importing CSV files. The following convention applies for "RecipeImport"; the first detected possible delimiter is assumed to be the delimiter for all values of a table row. Example 1: If a semicolon is detected as the first delimiter, during import it is assumed that the semicolon is used as the delimiter for all further values. As the decimal delimiter with a value of the type REAL, a comma is then used. Example 2: If a comma is detected as the first delimiter, during import it is assumed that the comma is used as the delimiter for all further values. As the decimal delimiter with a value of the type REAL, a period is then used. 3792 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If the recipe data record contains a character string, make sure that the character string does not contain the delimiter you are using. With character strings, also make sure that they do not contain any control characters that specify a line break (with ASCII: LF, CR LF, CR). Note: Spaces and tabs are not used as delimiters. These lead to error code 80B2 during import. Note Asynchronous processing of the recipe functions Because the recipe functions are executed asynchronously, you must keep the data in the source area consistent until the DONE parameter or the ERROR parameter changes to the value "1". RecipeExport: Exporting recipes (S7-1200, S7-1500) Description The "RecipeExport" instruction exports the recipe data from a data block to a CSV file in the load memory. With S7-1500 CPUs, the DB that is to be exported can be located either in the work memory or in the load memory. If the data block is in both the work memory and the load memory, the values from the work memory are exported. For S7-1200 CPUs, the DB to be exported must be present in the load memory. The CSV file is created in the load memory. For S7-1500 CPUs, this is the memory card; for S7-1200 CPUs the internal or external load memory (if a memory card is present). During the export, the CSV file is created in the "Recipes" folder in the main directory of the load memory. The name of the data block is used as file name of the created CSV file. If a CSV file with an identical name already exists, it is overwritten during the export. Each recipe data record generates a line in the CSV file. These lines have the following structure: The first line contains the "Index" entry and the name of the recipe components. Each additional line contains the number of the recipe data record (index) and the associated components. When you take the data types of the recipe DB, the maximum size of a data record is 5000 bytes. If this is exceeded, the error code W#16#8092 is returned. This restriction to 5000 bytes also applies to the size of the header; any characters in the DB exceeding this limit are truncated, and the process continues with the first recipe data record. The S7-1200 CPUs also monitor the number of columns. These must not exceed 255 (whereby the index column is not counted). Functional description The export is triggered by the "REQ" parameter. The BUSY parameter is set to "1" during the export. After the execution of the instruction, BUSY is reset to "0" and the completion of the operation is indicated with "1" at the DONE parameter. WinCC Advanced V14 System Manual, 10/2016 3793 Programming the PLC 11.4 Instructions If an error occurs during execution, this is signaled by the parameters ERROR and STATUS. Parameters The following table shows the parameters of the "RecipeExport" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L, T, C or constant Control parameter REQUEST: Activates the export on a rising edge. (T and C are only available in LAD and FBD with S7-1500) RECIPE_DB InOut VARIANT D Pointer to the recipe data block. For informa tion on the structure of the data block, refer to: Structure of a recipe DB (Page 3798) DONE Output BOOL I, Q, M, D, L Status parameter 0: Job not yet started or still executing. 1: Job executed without errors. BUSY Output BOOL I, Q, M, D, L Status parameter 0: The instruction is not executed. 1: The instruction is executed. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error. 1: An error has occurred, STATUS supplies detailed information on the type of error. STATUS Output WORD I, Q, M, D, L Status parameter See the "STATUS" parameter table. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS Error code* (W#16#...) Explanation 0 No error occurred 7000 No job processing active 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8090 File name of the CSV file contains invalid characters. The file name of the CSV file is identical to the name of the data block. 8091 The data structure referenced by RECIPE_DB cannot be processed or the number of data columns in a S7-1200 CPU is greater than 255. 8092 Data structure at RECIPE_DB parameter exceeds 5000 bytes. 80B3 Insufficient memory space on the memory card or the internal load memory. 80B4 The memory card is write-protected. 3794 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 80B6 With (S7-1200 CPUs only) attribute "Save only in load memory", the recipe data block is not activated. 80C0 CSV files is temporarily locked. 80C1 Recipe data block temporarily disabled. 80C3 Too few resources * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for recipe functions (Page 3801). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) RecipeImport: Importing recipes (S7-1200, S7-1500) Description The "RecipeImport" instruction imports the recipe data from a CSV file of the load memory into the data block at the RECIPE_DB parameter. For S7-1500 CPUs, the CSV file is on the memory card; for S7-1200 CPUs, it is in the internal or external load memory (if a memory card is present). The values in the data block are overwritten in the process. With S7-1500 CPUs, the DB to which the recipe data is to be imported can be located either in the work memory or in the load memory. If it is in both the work memory and the load memory, the values are imported to the data block located in the work memory. For S7-1200 CPUs, the DB into which the recipe data is to be imported must be located in the load memory. Note the following when importing the CSV file: The CSV file must be located in the "Recipes" directory of the load memory. The name of the CSV file must match the name of the data block at the RECIPE_DB parameter. Each line of the CSV file corresponds to one recipe data record. The first line (header) of the CSV file contains the name of the recipe components (see also: Structure of a recipe DB (Page 3798)). The first line is ignored completely during the import. The names of the recipe components in the CSV file and the data block are not synchronized during the import, and the number of entries is also irrelevant. In each case the first value in each line of the CSV file is the index number of the recipe. The individual recipes are imported in the order of the index. For this, the index in the CSV file has to be in ascending order and may contain no gaps (if this is not the case, the error message 80B0 is output at the STATUS parameter. WinCC Advanced V14 System Manual, 10/2016 3795 Programming the PLC 11.4 Instructions The CSV file may not contain more recipe data records than provided for in the data block. The maximum number of data records is indicated by the array limits in the data block. If a value of the CSV file does not fit in the associated data type of the DB, the import is rejected. If necessary, character strings are truncated after their maximum permissible length. If the data type in the DB is BOOL type, an S7-1500 CPU accepts all integer values. The value 1 is then set to TRUE and all other values are set to FALSE. An S7-1200 CPU accepts only the values 0 and 1, all other values are rejected. Functional description The import is triggered by the "REQ" parameter. The BUSY parameter is set to "1" during the import. After the execution of the instruction, BUSY is reset to "0" and the completion of the operation is indicated with "1" at the DONE parameter. If an error occurs during execution, this is signaled by the parameters ERROR and STATUS. Parameters The following table shows the parameters of the "RecipeImport" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L, T, C or constant Control parameter REQUEST: Activates the import on a positive edge. (T and C are only available in LAD and FBD with S7-1500) RECIPE_DB InOut VARIANT D Pointer to the recipe data block. For informa tion on the structure of the data block, refer to: Structure of a recipe DB (Page 3798) DONE Output BOOL I, Q, M, D, L Status parameter 0: Job not yet started or still executing. 1: Job executed without errors. BUSY Output BOOL I, Q, M, D, L Status parameter 0: The instruction is not executed. 1: The instruction is executed. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error. 1: An error has occurred, STATUS supplies detailed information on the type of error. STATUS Output WORD I, Q, M, D, L Status parameter See the "STATUS" parameter table. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3796 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS Error code* (W#16#...) Explanation 0 No error occurred 7000 No job processing active 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8090 The file name contains invalid characters. 8092 No matching CSV file found for the import. Possible cause: The name of the CSV file does not match the name of the recipe DB. 80C0 CSV file is temporarily locked. 80C1 Recipe data block is temporarily locked. 80B0 Numbering in the index of the CSV file is not continuous, not ascending or exceeds the maximum number (array limit) in the data block. 80B1 Structure of the recipe data block and the CSV file do not match: The CSV file contains too many fields. 80B2 Structure of the recipe data block and the CSV file do not match: The CSV file contains too few fields. 80B6 With (S7-1200 CPUs only) attribute "Save only in load memory", the recipe data block is not activated. 80C3 Too few resources 80D0 +n Structure of the recipe data block and the CSV file do not match: Data type in field n does not match (n<=46). 80FF Structure of the recipe data block and the CSV file do not match: Data type in field n does not match (n>46). * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for recipe functions (Page 3801). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3797 Programming the PLC 11.4 Instructions Structure of a recipe DB (S7-1200, S7-1500) Introduction The following sections describes the structure of a recipe DB based on a simple example. The recipe DB consists of five data records, three of which are used. The fourth and fifth data records are left free for later expansions. Each data record contains one recipe, which is made up of the recipe name and eight ingredients. product name water barley wheat hops yeast wa terTmp mashT mp mash Time QTest Pils 10 9 3 280 39 40 30 100 0 Lager 10 9 3 150 33 50 30 120 0 BlackB eer 10 9 3 410 47 60 30 90 1 Not_use d 0 0 0 0 0 0 0 0 0 Not_use d 0 0 0 0 0 0 0 0 0 Structure of the recipe data block The recipe data are implemented as follows in a global data block: The template for all recipes is the PLC data type "Beer_Recipe" with the recipe components "procutname", "water", etc. with the corresponding data types. In a global data block, the PLC data type is used as Array [1.. 5] of "Beer_Recipe". The array limits (1 to 5 in this case) indicate the maximum number of recipes that the DB may contain. The values for the recipe components are added as start value in the data block. The global DB is interconnected with the instruction via the InOut parameter RECIPE_DB. 3798 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Exporting to CSV file After the execution of the "RecipeExport (Page 3793)" instruction the data of the DB are written to a CSV file with the following structure: Recipe_DB.csv index,productname,water,barley,wheat,hops,yeast,waterTmp,mashTmp,mashTime,QTest 1,"Pils",10,9,3,280,39,40,30,100,0 2,"Lager",10,9,3,150,33,50,30,120,0 3,"BlackBeer",10,9,3,410,47,60,30,90,1 4,"Not_used",0,0,0,0,0,0,0,0,0 5,"Not_used",0,0,0,0,0,0,0,0,0 Display in Excel The CSV file can be opened in Excel to make reading and editing easier. If the commas are not recognized as separators when you open the file, use the Excel import function to output the data in structured form: Editing the CSV file The CSV file is uploaded to the PC/programming device by means of the Web server and edited. After editing, the modified file can be reloaded in the CPU. You must delete the existing CSV file for this. You can use the "RecipeImport (Page 3795)" instruction to re-import the modified data from the CSV file into the data block. Note that the modified data must still be compatible with the data block. In other words: No changes may be made to the structure in the table (for example, by adding ingredients in a new column). If you add data records to the file, make sure when importing into the data block that the array limits through which you specify the maximum number of data records correspond to at least the number of data records. An index is automatically generated during export to the CSV file. If you create additional data records, add consecutive index numbers accordingly. The values in the table cells must correspond to the data types used in the data block with respect to format as well as length. - Example 1: If INT data type was used in the data block, use only integers in the table. - Example 2: If SINT data type was used in the data block, use only integers with the values -128 to +127 in the table. Always keep in mind the permitted data types and data areas as listed in the table below when you make changes in the table. WinCC Advanced V14 System Manual, 10/2016 3799 Programming the PLC 11.4 Instructions Data type Format Note Floatingpoint num bers LReal +9.9999999999999E+999 Always written exponentially Real +9.9999999E+99 Always written exponentially Signed inte gers LInt +9999999999999999999 Value range of signed integers: -9223372036854775808 .. +9223372036854775807 DInt +9999999999 Value range of integers: -2147483648 to +2147483647 Int +99999 Value range of integers: -32768 to +32767 SInt +999 Value range of integers: -128 to +127 ULInt +99999999999999999999 Value range of integers: 0 to +18446744073709551615 UDInt +9999999999 Value range of integers: 0 to +4294967295 Unsigned in tegers Binary num bers Date and time 3800 UInt +99999 Value range of integers: 0 to +65535 USInt +999 Value range of integers: 0 to +255 LWord +99999999999999999999 Value range of integers: 0 to +18446744073709551615 DWord +9999999999 Value range of integers: 0 to +4294967295 Word +99999 Value range of integers: 0 to +65535 Byte +999 Value range of integers: 0 to +255 Bool 9 Value range: 0 or 1 LTIME dddddd:hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds TIME hhh:mm:ss.999 ISO format with milliseconds S5TIME hhh:mm:ss.999 ISO format with milliseconds LDT YYYY-MM-DD hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds DTL YYYY-MM-DD hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds DT YYYY-MM-DD hh:mm:ss.999 ISO format with milliseconds DATE YYYY-MM-DD ISO format LTime_Of_ Day hh:mm:ss.999_999_999 ISO format TOD hh:mm:ss.999 ISO format WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Data type Characters WString Format Note "abcd" Character string inside double quotation marks. When a recipe DB is imported, the double quotation marks may be omitted. Current length A character string of data type WString consists of elements of the WChar data type. When a recipe DB is exported, the contents of characters of the WChar data type are limited to 16#FF (example: 16#1255 is changed to 16#55). String "abcd" WChar "a" Individual character inside double quotation marks. When a recipe DB is imported, the double quotation marks may be omitted. When a recipe DB is exported, the contents of char acters of the WChar data type are limited to 16#FF (example: 16#1255 is changed to 16#55). Char "a" Individual character inside double quotation marks. When a recipe DB is imported, the double quotation marks may be omitted. Character string inside double quotation marks. When a recipe DB is imported, the double quotation marks may be omitted. Current length Example program for recipe functions (S7-1200, S7-1500) In the following example, you export the recipe data from a data block (recipe DB) to a CSV file and import new recipe data into the data block. Requirements As the template for the recipe data create a PLC data type "Beer_Recipe" an. To store all recipe data records, create a recipe DB. You will find further information on creating a recipe DB in "Structure of a recipe DB (Page 3798)". WinCC Advanced V14 System Manual, 10/2016 3801 Programming the PLC 11.4 Instructions To store the data for the interconnection, create twelve tags in a global data block. To display and store a CSV file, use the Web server of the CPU. In order to use the web server and theCSV file, the following is necessary: The web server must be activated in the CPU settings. A user profile with the Web server properties of the CPU must be set up with the following settings: - The user must be able to read files. - The user must be able to write/delete files. Interconnection of the parameters The instructions are called in a function block. Network 1: Interconnect the parameters of the "RecipeExport" instruction as follows. 3802 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 3: Interconnect the parameters of the "RecipeImport" instruction as follows. Network 2 and 4: Since the parameters STATUS ("expSTATUS" and "impSTATUS") are only valid for one cycle, record the parameters with a "MOVE" instruction. At the output parameters OUT1 ("outputErr_EXP" or "outputErr_IMP") output the status in case of an error. Interconnect the parameters in network 2 as follows. WinCC Advanced V14 System Manual, 10/2016 3803 Programming the PLC 11.4 Instructions Interconnect the parameters in network 4 as follows. "RecipeExport" instruction The recipe DB to be exported needs to be interconnected at the RECIPE_DB parameter. If the REQ ("expREQ") parameter has the signal status "TRUE" export is started. From the data of the recipe DB, a CSV file is generated and stored in the recipe folder in the CPU memory. At output parameter STATUS ("expSTATUS") it is displayed that a signal change has taken place. Then, it is indicated that no further processing is taking place (the value is "7000"). At output parameter ERROR ("expERROR"), it is indicated that the processing of the instruction was error-free. 3804 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions "RecipeImport" instruction The recipe DB to be imported needs to be interconnected at the RECIPE_DB parameter. If the REQ ("impREQ") parameter has the signal status "TRUE" export is started. In the existing recipe DB, all the recipe data is loaded from the corresponding CSV file-that is located in the recipe folder of the CPU memory. At output parameter STATUS ("impSTATUS") it is displayed that a signal change has taken place. Then, it is indicated that no further processing is taking place (the value is "7000"). At output parameter ERROR ("impERROR"), it is indicated that the processing of the instruction was error-free. WinCC Advanced V14 System Manual, 10/2016 3805 Programming the PLC 11.4 Instructions Displaying and saving the CSV file Opening the Web server Use the Internet browser to open the Web server (via the IP address of the CPU) and log on in the Web server menu. Via the "File browser" tab open the "Recipes" folder in the CPU memory. The CPU outputs the CSV file as soon as the "RecipeExport" instruction executes. To have the current status of the CSV file displayed, click on the "Update automatically" button. Below the function is displayed as "On". 3806 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Editing the CSV file To edit the CSV file, you have the following options: You open the CSV file in the Web server. You save the CSV file on the PG/PC. - Note: To be able to load the edited CSV file from the PC in the CPU memory: First delete the CSV file with the same name in the CPU memory - After editing, load the CSV file in the CPU memory using the Web server. Changing component values during runtime To change component values of the recipe DB during runtime (e.g. Recipe_DB.Product[4]) use a watch table. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3807 Programming the PLC 11.4 Instructions Data logging (S7-1200, S7-1500) Data logging - Overview (S7-1200, S7-1500) Saving process values The data logging instructions are used in the user program to save process values to data logs. Data logs can be saved on the Memory Card (MC) or in the internal load memory. The data logs are saved in CSV format (Comma Separated Value). NOTICE Special characters in character strings If you use character strings within the data log, it is strongly recommended that you do not use the delimiter of the CSV file within these character strings. If you ignore this recommendation, opening the CSV file e.g. with MS Excel may lead to problems. Instead of the delimiter of the CSV file, use a different character such as "-", "/" or the space " ". Also the character that indicates the end of a character string and CR andLF are special characters in a character string. They are not handled correctly by the instructions and cause problems. The data types are converted into a character string according to the following rules: Data type Format Note Floatingpoint num bers LReal +9.9999999999999E+999 Always written exponentially Real +9.9999999E+99 Always written exponentially Signed inte gers LInt +9999999999999999999 Value range of signed integers: -9223372036854775808 .. +9223372036854775807 DInt +9999999999 Value range of integers: -2147483648 to +2147483647 Int +99999 Value range of integers: -32768 to +32767 SInt +999 Value range of integers: -128 to +127 ULInt +99999999999999999999 Value range of integers: 0 to +18446744073709551615 UDInt +9999999999 Value range of integers: 0 to +4294967295 UInt +99999 Value range of integers: 0 to +65535 USInt +999 Value range of integers: 0 to +255 LWord +99999999999999999999 Value range of integers: 0 to +18446744073709551615 DWord +9999999999 Value range of integers: 0 to +4294967295 Word +99999 Value range of integers: 0 to +65535 Byte +999 Value range of integers: 0 to +255 Bool 9 Value range: 0 or 1 Unsigned in tegers Binary num bers 3808 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Data type Date and time Characters Format Note LTIME dddddd:hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds TIME hhh:mm:ss.999 ISO format with milliseconds S5TIME hhh:mm:ss.999 ISO format with milliseconds LDT YYYY-MM-DD hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds DTL YYYY-MM-DD hh:mm:ss. 999_999_999 ISO format with milliseconds, microseconds and nanoseconds DT YYYY-MM-DD hh:mm:ss.999 ISO format with milliseconds DATE YYYY-MM-DD ISO format LTime_Of_ Day hh:mm:ss.999_999_999 ISO format TOD hh:mm:ss.999 ISO format WString "abcd" Character string inside double quotation marks The current length is padded with spaces up to the maximum length. A character string of data type WString consists of elements of the WChar data type. When a data log is saved, the contents of characters of the WChar data type are limited to 16#FF (example: 16#1255 is changed to 16#55). String "abcd" Character string inside double quotation marks The current length is padded with spaces up to the maximum length. WChar "a" Individual character inside double quotation marks. When a data log is saved, the contents of characters of the WChar data type are limited to 16#FF (example: 16#1255 is changed to 16#55). Char "a" Individual character inside double quotation marks The data logging instructions are used in your program to create or open a data log, to write an entry and to close the data log file. WARNING Runtime of the data logging instructions The conditions specified below slow down the data logging instructions. This effect becomes stronger with the growing size and number of data logging files. Large file size of the data log file Large number of data log files on the memory card Simultaneous access to a log file by the Web server The runtime of some data logging instructions is not typically impaired by the size and number of data logs (e.g. "DataLogWrite"); the instructions "DataLogCreate", "DataLogNewFile", "DataLogClear" and "DataLogOpen", on the other hand, show the behavior described. WinCC Advanced V14 System Manual, 10/2016 3809 Programming the PLC 11.4 Instructions Note Data logging instructions with which data is transferred Because the data logging functions are executed asynchronously, you must keep the data in the source area consistent until the DONE parameter or the ERROR parameter changes to the value "1". You decide by the creation of the data buffer which program values are stored in the data log during the creation of the data buffer. The data buffer is used as a memory for new data log entries. New values have to be written to the buffer before "DataLogWrite (Page 3826)" is called. During execution of the "DataLogWrite (Page 3826)" instruction, data is written from the buffer to a data log record. &38 3/& '$7$ 'DWDORJV 'RZQORDG FVY :HEVHUYHU 0HPRU\ FDUG :HEEURZVHU 'DWDORJ LQVWUXFWLRQV 3URFHVVYDOXHV Data log files can be copied to the PC as follows: If the PROFINET interface is connected to the PC, you use a Web browser to access the data logs via the Web server. The CPU can be in RUN or STOP mode for this. If the CPU is in "RUN" mode, the program continues running while the Web server is transferring data. If there is a memory card in the CPU, you can remove this card and insert it into a standard slot for SD (Secure Digital) cards or MMC (MultiMediaCard) cards on a PC or programming device. Use File Manager to transfer the data log files from the memory card to the PC. When you remove the memory card, the CPU goes to "STOP". 3810 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Service life of memory cards The service life of memory cards is limited. Additional information is available here: AUTOHOTSPOT Properties of the data log Writing of the data records of a data log is carried out in accordance with the principle of a ring buffer. New data records are added until the maximum number of data records is reached (RECORD parameter). The next data record then overwrites the "oldest" data record of the data log. If you want to prevent data records from being overwritten, use the "DataLogNewFile (Page 3831)" instruction to create a new data log file based on the current data log. New data records are then written into the new data log. Creating data logs With the "DataLogCreate (Page 3813)" instruction, you can create a new data log file in the ""\DataLogs" directory of the load memory. The name assigned at the NAME parameter is the designation for the data log and is also used as the file name for the CSV file. The file is stored in the directory "DataLogs". The block parameter DATA determines the data buffer for the new data log object and the columns and data types in the data log. The columns and data types of a data record in the data log are determined by the elements of the structure declaration or array declaration of this data buffer. Each element of a structure or of an array corresponds to a column in a line in the data log. You use the HEADER block parameter to assign a header text in the header to each column. The "DataLogCreate (Page 3813)" instruction returns an ID. This ID is used by the other data logging instructions as a reference for the created data log. Opening data logs You use the instruction "DataLogOpen" (S7-1200 and S7-1500) to open an existing data log on the memory card. A data log must be open before you can write new data records to it. Data log opens automatically when you execute the instructions "DataLogCreate (Page 3813)" and "DataLogNewFile (Page 3831)". WinCC Advanced V14 System Manual, 10/2016 3811 Programming the PLC 11.4 Instructions Up to 10 data logs can be open simultaneously. The data log to be opened can be selected using the ID or name of the data log. If you specify the ID and the name of the data log in the ID and NAME parameters, respectively, the data log will be identified based on the ID. The data log name will not be compared. If you select the data log using the parameter NAME and specify 0 as the ID, the ID belonging to the data log will be displayed in the ID parameter when you open the data log. If you select the data log using the ID parameter and no name is specified, the name will be displayed in the NAME parameter when the data log is opened. You use the MODE parameter to specify whether the data records of the data log are to be deleted upon opening. You can run a consistency check for "DataLogOpen (S7-1500). Writing to data logs A data log must be open ("DataLogOpen (Page 3820)" instruction) before a data record can be written to a data log. The "DataLogWrite (Page 3826)" instruction writes a data record to the data log. Closing data logs With the "DataLogClose (Page 3828)" instruction, you close and open data log. You select the data log using the ID parameter. The data log is closed automatically when the CPU switches to STOP and upon restart. Deleting data logs You use the instruction "DataLogDelete (Page 3830)" (S7-1500) to delete a data log file from the memory card. The data log and the data records it contains can only be deleted if the log was created with the instruction "DataLogCreate (Page 3813)". Select the data log to be deleted using the NAME and ID parameters. The ID parameter is evaluated first. If there is a data log with the relevant ID, the NAME parameter will not be 3812 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions evaluated. If the value "0" is used at the ID parameter, a value with the data type STRING must be used at the NAME parameter. Note Deleting data logs on the memory card You can copy data logs from a memory card using a PC card reader, but you must not change them or delete them using a PC card reader. In addition to the data log instructions, the use of a Web server is recommended to display, download (copy) and delete data logs. Calling the file system of the memory card in the file Explorer directly brings with it the risk that you accidentally delete or change data log or other system files so that a file becomes damaged or the memory card becomes unusable. Changes to data logs on the memory card that you made outside the PLC have the effect POWER ON time of the PLC is increased. Clearing data logs You use the instruction "DataLogClear (Page 3824)" (S7-1500) to delete all the data records in an existing data log. The instruction does not delete the optional header of the CSV file (see the description of the HEADER parameter of the instruction "DataLogCreate (Page 3813)"). You use the ID parameter to select the data log whose data records are to be deleted. Before you can delete data records, the data log must be open. New file for data logs You use the instruction "DataLogNewFile (Page 3831)" (S7-1200) or "DataLogTypedNewFile (Page 3833)" (S7-1500) to create a new data log with the same properties as an existing data log. This allows the contents of an existing data log to be retained. When called, the instruction creates a new data log on the memory card or in the internal load memory with the name defined at the NAME parameter. You use the ID parameter to specify the ID of the old data log whose properties you want to apply to the new data log. The ID of the new data log is then output via the ID parameter. You specify the file size of the new data log with the RECORDS parameter of the instruction. You can run a consistency check for "DataLogTypedNewFile (Page 3833)" (S7-1500). DataLogCreate: Create data log (S7-1200, S7-1500) Description With the "DataLogCreate" instruction you create a data log. The data log is saved on the memory card or in the internal load memory in the directory "\DataLogs". The amount of data that is stored in a data log is dependent on the available space on the memory card or the storage space in the internal load memory of the CPU used. The maximum size of the generated CSV file is 500,000,000 bytes for S7-1200 CPUs, 1,000,000,000 bytes for S7-1500 CPUs. WinCC Advanced V14 System Manual, 10/2016 3813 Programming the PLC 11.4 Instructions You specify the maximum number of data records that is stored in a data log in the RECORDS parameter. When the specified maximum number of data records in the data log is reached, the oldest data record is overwritten. To avoid overwriting of existing data records, use the "DataLogNewFile (Page 3831)" instruction. The instruction is used to create a new data log with the same structure when the number specified at the RECORDS parameter is reached (return value 1 at the STATUS parameter of the "DataLogWrite (Page 3826)" instruction). The data records are then saved in the new data log. You specify the name for the data log in the NAME parameter. The data log is created in CSV (Comma Separated Value) format. With the HEADER parameter, you create an (optional) header for the data log. Once the data log is created, it is opened automatically. This means that data can be written. Parameters The following table shows the parameters of the "DataLogCreate" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction (T and C are only available in LAD and FBD with S7-1500) RECORDS FORMAT Input Input UDInt UInt The data log is created with a rising edge at the parameter REQ. I, Q, M, L, D or con stant Maximum number of data records in the data log I, Q, M, L, D or con stant Data format: If the "DataLogWrite (Page 3826)" instruction writes more records than specified in this parameter, the oldest record is overwritten. 0: Internal (not supported) 1: CSV (Comma separated values) TIMESTAMP Input UInt I, Q, M, L, D or con stant Time stamp: 0: No time stamp 1: Date and time The extra columns in the header are automatically added if time-stamping is activated. 3814 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description NAME Input VARIANT L, D Name of the data log The specified name is also used as a file name for the csv file. With S7-1200 CPUs. the following restrictions apply to name of the data log: The name must not be longer than 35 characters. All ASCII characters between 0x20 and 0x7E are permitted with the exception of \ ' / " : ; [ ] | =.*?<> With S7-1500 CPUs. the following restrictions apply to name of the data log: The name must not be longer than 55 characters. The following characters are permitted: 0 ... 9, a ... z, A ... Z as well as - and _ ID InOut DWORD I, Q, M, L, D Object ID of the data log (only output) The ID of the data log is required for further data logging instructions to address the created data log. HEADER InOut VARIANT D Header of the data log (optional) The parameter is hidden after the instruction is add ed. The header is written as the first line in the CSV file. DATA InOut VARIANT D Pointer to the data structure that is written as data record when executing the "DataLogWrite (Page 3826)" instruction. DONE Output BOOL I, Q, M, L, D Status parameter: 0: Processing not yet complete. 1: Processing of instruction finished successfully. BUSY Output BOOL I, Q, M, L, D Status parameter: 0: Processing of the instruction has not started, completed, or canceled. 1: Processing of the instruction is in progress. ERROR Output BOOL I, Q, M, L, D Status parameter: 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, L, D Detailed status information: Detailed error and status information is output at the parameter STATUS. The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. WinCC Advanced V14 System Manual, 10/2016 3815 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter HEADER The HEADER parameter is a VARIANT pointer to a data block that defines a header for the CSV file (header). The header is always the first line in the CSV file representation. The header preset using HEADER is transferred to the CSV file. Here there is no check as to whether it is consistent with the remainder of the data log. In particular, there is no check whether the number of columns separated by commas matches the number of data columns. A STRING, Array of BYTE, or Array of CHAR data type can be used for the individual column names. When the STRING data type is used, the length is limited to 254 bytes. When the Array of BYTE and Array of CHAR are used, 5000 elements are possible. If no header is to be created, do not specify a value in the HEADER parameter. Parameter DATA The DATA parameter is a VARIANT pointer to a structure or an array in a data block. An element of a structure or an array corresponds to a column in the data log with a specific data type. Note the following when creating the data block: Normally, the number of columns matches the number of columns defined in the HEADER parameter. This is however not stipulated. Each element of the structure or the array corresponds to a column entry in the CSV file. Therefore, no nesting structures (STRUCT in STRUCT) may be used when using the data type STRUCT. However the use of arrays within a data type is permitted STRUCT with the following exception: Arrays whose elements are of the data type "PLC data type (UDT)" are not permitted. The data structure can contain up to 256 elements. If there are more than 256 elements, error code 8C52 is output at the STATUS parameter. The tags of the data block can be set as retentive or non-retentive tags. However, the retentivity setting must be the same for all tags of the data block. Parameter STATUS (S7-1200) Error code* Description (W#16#...) 0 No errors. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogCreate instructions has already been reached. 8090 Invalid file name (see description of the NAME parameter). 3816 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 8093 Data log already exists. 8097 The length of the file exceeds the limitation of the file system or the CPU-specific limitation. 80A2 Write error returned from file system. 80B2 Maximum number of data logs exceeded or data log resources used up 80B3 Insufficient memory space on the memory card. 80B4 The memory card is write-protected. 80C0 Access currently not possible. 80C1 Too many data logs are open. 8253 The RECORDS parameter has an invalid value. 8353 Invalid format selection 8453 Invalid time stamp 8B24 Invalid assignment at parameter HEADER (for example: points to local memory). 8B51 Impermissible data type at parameter HEADER or length exceeds the maximum size. 8C24 Invalid assignment at parameter DATA (for example: points to local memory). 8C51 Impermissible data type at parameter DATA / data structure cannot be used. 8C52 Structure at the parameter DATA contains more than 256 elements. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Parameter STATUS (S7-1500) Error code* Description (W#16#...) 0 No errors. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 8070 The maximum number of simultaneously active DataLogCreate instructions has already been reached. 8090 Invalid file name (see description of the NAME parameter). 8091 "NAME" parameter is not a string. 8093 Data log already exists. 8097 The length of the file exceeds the limitation of the file system or the CPU-specific limitation. 80A2 Write error returned from file system. 80B2 Maximum number of data logs exceeded or data log resources used up 80B3 Insufficient memory space on the memory card. 80B4 The memory card is write-protected. 80C0 Access currently not possible. 80C1 Too many data logs are open. 8253 The RECORDS parameter has an invalid value. 8353 Invalid format selection. 8453 Invalid time stamp. 8B24 Invalid assignment at parameter HEADER (for example: points to local memory). 8B51 Impermissible data type at parameter HEADER or length exceeds the maximum size. WinCC Advanced V14 System Manual, 10/2016 3817 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 8C24 Invalid assignment at parameter DATA (for example: points to local memory). 8C51 Impermissible data type at parameter DATA / data structure cannot be used. 8C52 Structure at the parameter DATA contains more than 256 elements. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, a simple data log is created with a time stamp and three process values. Tags in the global data block The values for the input parameters of the data log are stored in the global data block "DataLogDB": DataLogName (String): The tag contains the name of the data log which is also used as the file name for the CSV file. DataLogID (DInt): The ID of the data log is written in this tag when the instruction is called. - The ID is automatically assigned by the instruction. - Use the tag "DataLogID" in other DataLog instructions in order to address this data log. MyHeader (String): This tag contains the header of the data log, i.e. the column headings for the process values. MyData (Struct): The tag contains the three process values that are written in the data log. Each time a record is written (instruction "DataLogWrite (Page 3826)") the current values are written in a new record. Calling the "DataLogCreate" instruction The instruction is called with the following input parameters: REQ (BOOL): When REQ = "1" the data log is created. RECORD (3): A maximum of three data records can be written in the data log. Thereafter, the oldest data record is overwritten. 3818 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions FORMAT (1): The data log is created as a CSV file. TIMESTAMP (1): Enabled: Two additional columns are automatically created (date and time) for the data log. The current time stamp is written in the data record each time "DataLogWrite (Page 3826)" is executed. NAME (VARIANT): Pointer to the tag "DataLogName" in the data block "DataLogDB". ID (VARIANT): Pointer to the tag "DataLogID" in the data block "DataLogDB" (output only). HEADER (VARIANT): Pointer to the tag "MyHeader" in the data block "DataLogDB". DATA (VARIANT): Pointer to the tag "MyData" in the data block "DataLogDB". Readout of the data log via the web server You read out the created data log with the web server: Activate the web server in the properties of the CPU. The authorization "...to read files" must be activated for the web server in order to readout the data log. You can access the web server via the Internet browser by entering the IP address of the CPU as a URL. Under "Filebrowser" the directory "\DataLogs" was automatically created which contains the data log. The DataLog only contains one entry "//END" if the instruction "DataLogWrite (Page 3826)" has still not been executed. The first data record is written after the initial execution of "DataLogWrite (Page 3826)". WinCC Advanced V14 System Manual, 10/2016 3819 Programming the PLC 11.4 Instructions Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also Data logging - Overview (Page 3808) Difference between synchronous and asynchronous instructions (Page 2436) DataLogOpen: Open data log (S7-1200, S7-1500) DataLogOpen: Open data log (S7-1200) Description You use the "DataLogOpen" instruction to open an existing data log on the memory card. To write new data records to the data log, a data log must be open. Data log opens automatically when you execute the instructions "DataLogCreate (Page 3813)" and "DataLogNewFile (Page 3831)". Up to 10 data logs can be open simultaneously. The data log to be opened can be selected using the ID or name of the data log. If you specify the ID and the name of the data log in the ID and NAME parameters, respectively, the data log will be identified based on the ID. The data log name will not be compared. If you select the data log using the parameter NAME and specify 0 as the ID, the ID belonging to the data log will be displayed in the ID parameter when you open the data log. If you select the data log using the ID parameter and no name is specified, the name will be displayed in the NAME parameter when the data log is opened. You use the MODE parameter to specify whether the data records of the data log are to be deleted upon opening. 3820 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DataLogOpen" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D or con stant Execution of the instruction upon a rising edge. MODE Input UInt I, Q, M, L, D or con stant Mode for opening the data log: MODE= "0" Data records of the data log are retained MODE= "1" Data records of the data log are deleted, but the header is retained NAME Input VARIANT L, D (File) name of the data log. ID InOut DWORD I, Q, M, L, D Object ID of the data log. DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* (W#16#...) Description 0 No errors. 2 Warning: Data log file has already been opened by this application. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogOpen instructions has already been reached. 8090 There are inconsistencies between the data log definition and existing data log data. 8091 A data type other than String was used at the NAME parameter. 8092 Data log does not exist. 80B4 The memory card is write-protected. WinCC Advanced V14 System Manual, 10/2016 3821 Programming the PLC 11.4 Instructions Error code* (W#16#...) Description 80C1 Too many files open. The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Data logging - Overview (Page 3808) Difference between synchronous and asynchronous instructions (Page 2436) DataLogOpen: Open data log (S7-1500) Description You use the "DataLogOpen" instruction to open an existing data log on the memory card. A data log must be open to write new data records to it. Data log opens automatically when you execute the instructions "DataLogCreate (Page 3813)" and "DataLogNewFile (Page 3831)". Up to 10 data logs can be open simultaneously. The data log to be opened can be selected using the ID or name of the data log. If you specify the ID and the name of the data log in the ID and NAME parameters, respectively, the data log will be identified based on the ID. The data log name will not be compared. If you select the data log using the parameter NAME and specify 0 as the ID, the ID belonging to the data log will be displayed in the ID parameter when you open the data log. If you select the data log using the ID parameter and no name is specified, the name will be displayed in the NAME parameter when the data log is opened. You use the MODE parameter to specify whether the data records of the data log are to be deleted upon opening. The parameter DATA enables a consistency check between the data log to be opened and the definition of the data log of the instruction "DataLogCreate (Page 3813)". A check is made as to whether the data type of the DATA parameter is identical to the data type of "DataLogCreate". If this is not the case, the error code W#16#8090 is output at the STATUS parameter. 3822 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DataLogOpen" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction upon a rising edge. (T and C are only available in LAD and FBD with S7-1500) MODE Input UInt I, Q, M, L, D or con stant Mode for opening the data log: MODE= "0" Data records of the data log are retained MODE= "1" Data records of the data log are deleted, but the header is retained NAME Input VARIANT L, D (File) name of the data log. ID InOut DWORD I, Q, M, L, D Object ID of the data log. DATA InOut VARIANT D With consistency check: Pointer to the data area at the DATA parameter of the "DataLogCreate (Page 3813)" instruction. DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* (W#16#...) Description 0 No errors. 2 Warning: Data log file has already been opened by this application. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogOpen instructions has already been reached. WinCC Advanced V14 System Manual, 10/2016 3823 Programming the PLC 11.4 Instructions Error code* (W#16#...) Description 8090 Data types inconsistent. The data log at parameter ID uses different data types than specified at parameter DATA. 8091 A data type other than String was used at the NAME parameter. 8092 Data log does not exist. 80B4 The memory card is write-protected. 80C1 Too many files open. The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Data logging - Overview (Page 3808) Difference between synchronous and asynchronous instructions (Page 2436) DataLogClear: Empty data log (S7-1200, S7-1500) Description The "DataLogClear" instruction deletes all data records in an existing data log. The instruction does not delete the optional header of the CSV file (see the description of the HEADER parameter of the instruction "DataLogCreate (Page 3813)"). You use the ID parameter to select the data log whose data records will be deleted. Requirement Before you can delete data records, the data log must be open (see "DataLogOpen (Page 3820) instruction"). 3824 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DataLogClear" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction upon a rising edge. (T and C are only available in LAD and FBD with S7-1500) ID InOut DWORD I, Q, M, D, L Object ID of the data log DONE Output BOOL I, Q, M, D, L Instruction was executed successfully. BUSY Output BOOL I, Q, M, D, L Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, D, L 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output at the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter STATUS Error code* (W#16#...) Explanation 0000 No error. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8080 The data log file selected with the ID parameter is not processed by the "DataLogClear" instruction. 8092 Data log does not exist. 80A2 Write error signaled back by the file system. 80B0 Data log is not open. 80B4 The memory card is write-protected. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Data logging - Overview (Page 3808) Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3825 Programming the PLC 11.4 Instructions DataLogWrite: Write data log (S7-1200, S7-1500) Description With the "DataLogWrite" instruction you write a data record into an existing data log. With the ID parameter you select the data log into which the data record is to be written. To create a new data record, the data log must be open. The instruction creates a new data record in the format that was specified in the DATA parameter when the data log was created. Before calling the "DataLogWrite" instruction, transfer the data to the tag that you interconnected at the DATA parameter of the "DataLogCreate" instruction. When the "DataLogWrite" instruction is executed, the transferred data is copied to the data log. NOTICE Data log data loss when the power supply to the CPU is interrupted If the power supply is interrupted during execution of the "DataLogWrite" instruction, the data record to be transferred is lost. Parameters The following table shows the parameters of the "DataLogWrite" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction upon a rising edge. (T and C are only available in LAD and FBD with S7-1500) ID InOut DWORD I, Q, M, L, D Object ID of the data log DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3826 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS (S7-1200) Error code* Description (W#16#...) 0 No errors 0001 Last possible data record created at the end of the file. Creating another data record will overwrite an older data record. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogWrite instructions has already been reached. 8092 Data log does not exist. 80A2 Write error signaled back by the file system. 80B0 Data log is not open. 80B3 Insufficient memory space on the memory card. 80B4 The memory card is write-protected. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Parameter STATUS (S7-1500) Error code* Description (W#16#...) 0 No errors 0001 Last possible data record created at the end of the file. Creating another data record will overwrite an older data record. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 8070 The maximum number of simultaneously active DataLogWrite instructions has already been reached. 8092 Data log does not exist. 80A2 Write error signaled back by the file system. 80B0 Data log is not open. 80B3 Insufficient memory space on the memory card. 80B4 The memory card is write-protected. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 3827 Programming the PLC 11.4 Instructions See also Data logging - Overview (Page 3808) Difference between synchronous and asynchronous instructions (Page 2436) DataLogClose: Close data log (S7-1200, S7-1500) Description With the "DataLogClose" instruction, you close an open data log. You select the data log using the ID parameter. Note Closing data logs automatically The data log is closed automatically when the CPU goes to STOP or if there is a restart. Parameters The following table shows the parameters of the "DataLogClose" instruction: Parameters Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execute function on a rising edge. (T and C are only available in LAD and FBD with S7-1500) ID InOut DWORD I, Q, M, L, D Object ID of the data log DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS parameter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3828 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS (S7-1200) Error code* Description (W#16#...) 0 No errors 1 Data log is not open 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8092 Data log does not exist. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Parameter STATUS (S7-1500) Error code* Description (W#16#...) 0 No errors 1 Data log is not open 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 8070 Complete internal instance memory is assigned. 8092 Data log does not exist. 80B4 The memory card is write-protected. 80C0 Access currently not possible. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3829 Programming the PLC 11.4 Instructions DataLogDelete: Delete data log (S7-1200, S7-1500) Description You use the "DataLogDelete" instruction to delete a data log file from the memory card. The data log and the data records it contains are only deleted if they were created with the "DataLogCreate" or "DataLogNewFile" instruction. Parameters The following table shows the parameters of the "DataLogDelete" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction upon a rising edge. (T and C are only available in LAD and FBD with S7-1500) NAME Input VARIANT L, D File name of the data log DELFILE Input BOOL I, Q, M, D, L or con stant 0: Data log is retained. 1: Data log is deleted. ID InOut DWORD I, Q, M, D, L Object ID of the data log DONE Output BOOL I, Q, M, D, L Instruction was executed successfully. BUSY Output BOOL I, Q, M, D, L Deletion of the data log is not yet complete. ERROR Output BOOL I, Q, M, D, L 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output at the STATUS parameter. STATUS Output WORD I, Q, M, D, L Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters NAME and ID Select the data log to be deleted using the NAME and ID parameters. The ID parameter is evaluated first. If there is a data log with the relevant ID, the NAME parameter will not be evaluated. If the value "0" is used at the ID parameter, a value with the data type STRING must be used at the NAME parameter. 3830 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8091 A data type other than STRING is being used at the NAME parameter. 8092 Data log does not exist. 80A2 Write error signaled back by the file system. 80B4 The memory card is write-protected. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also DataLogCreate: Create data log (Page 3813) Difference between synchronous and asynchronous instructions (Page 2436) DataLogNewFile: Data log in new file (S7-1200, S7-1500) DataLogNewFile: Data log in new file (S7-1200) Description With the "DataLogNewFile" instruction you create a new data log with the same properties as an already existing data log. This allows the contents of an existing data log to be retained. When called, the instruction creates a new data log on the memory card or in the internal load memory with the name defined at the NAME parameter. You use the ID parameter to specify the ID of the old data log whose properties you want to apply to the new data log. The ID of the new data log is then output via the ID parameter. You specify the file size of the new data log with the RECORDS parameter of the instruction. Once the new data log is created, it is opened automatically. This means that data can be written. WinCC Advanced V14 System Manual, 10/2016 3831 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DataLogNewFile" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D or con stant Execution of the instruction upon a rising edge. RECORDS Input UDInt I, Q, M, L, D or con stant Number of data records in the data log. NAME Input VARIANT L, D File name of the new data log. ID InOut DWORD I, Q, M, L, D Object ID of the data log In: ID of the existing data log Out: ID of the new data log DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS param eter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#...) 0 No errors. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogNewFile instructions has already been reached. 8090 Invalid file name. 8091 Data type at parameter NAME is not STRING. 8092 Source data log does not exist. 8093 New data log already exists. 8097 File length exceeds the file system limit. 80A0 Data types inconsistent. The data log at parameter ID uses different data types than specified at parameter DATA. 80A2 Write error signaled back by the file system. 80B2 Maximum number of data logs exceeded or data log resources used up 3832 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 80B3 Load memory not sufficient. 80B4 The memory card is write-protected. 80C1 Too many files open. 8253 The RECORDS parameter has an invalid value. The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) DataLogNewFile: Data log in new file (S7-1500) Description With the "DataLogNewFile" instruction you create a new data log with the same properties as an already existing data log. This allows the contents of an existing data log to be retained. When called, the instruction creates a new data log on the memory card or in the internal load memory with the name defined at the NAME parameter. You use the ID parameter to specify the ID of the old data log whose properties you want to apply to the new data log. The ID of the new data log is then output via the ID parameter. You specify the file size of the new data log with the RECORDS parameter of the instruction. The parameter DATA enables a consistency check between the new data log to be created and the definition of the data log of the instruction "DataLogCreate (Page 3813)". A check is made as to whether the data type of the DATA parameter is identical to the data type of "DataLogCreate". If this is not the case, the error code W#16#80A0 is output at the STATUS parameter. Once the new data log is created, it is opened automatically. This means that data can be written. WinCC Advanced V14 System Manual, 10/2016 3833 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "DataLogNewFile" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, L, D, T, C or constant Execution of the instruction upon a rising edge. (T and C are only available in LAD and FBD with S7-1500) RECORDS Input UDInt I, Q, M, L, D or con stant Number of data records in the data log. NAME Input VARIANT L, D File name of the new data log. ID InOut DWORD I, Q, M, L, D Object ID of the data log In: ID of the existing data log Out: ID of the new data log DATA InOut VARIANT D Data type for consistency check DONE Output BOOL I, Q, M, L, D Instruction was executed successfully. BUSY Output BOOL I, Q, M, L, D Execution of the instruction not yet complete. ERROR Output BOOL I, Q, M, L, D 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS param eter. STATUS Output WORD I, Q, M, L, D Status parameter The parameter is only set for the duration of one call. To display the status, you should therefore copy the STATUS parameter to a free data area. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#...) 0 No errors. 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8070 The maximum number of simultaneously active DataLogNewFile instructions has already been reached. 8090 Invalid file name 8091 Data type at parameter NAME is not STRING. 8092 Source data log does not exist. 8093 New data log already exists. 8097 The length of the file exceeds the limitation of the file system or the CPU-specific limitations. 3834 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 80A0 Data types inconsistent. The data log at parameter ID uses different data types than specified at parameter DATA. 80A2 Write error signaled back by the file system. 80B2 Maximum number of data logs exceeded or data log resources used up 80B3 Load memory not sufficient. 80B4 The memory card is write-protected. 80C0 Access currently not possible. 80C1 Too many files open. 8253 The RECORDS parameter has an invalid value. The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Example program for working with data logs (Page 3835). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) Example program for working with data logs (S7-1200, S7-1500) Introduction The following example program shows the main functions of the data log instructions. For detailed information about individual instructions, open the corresponding help description using the corresponding links. General notes on using data logs The data log created is automatically opened when the "DataLogCreate" and "DataLogNew" instructions are executed. Data logs are automatically closed after the CPU switches from RUN to STOP or after a restart of the CPU. For the "DataLogWrite" instruction to be executed, the data log must be open. For S7-1200 CPUs, a maximum of eight data logs can be open simultaneously. For S7-1500 CPUs, a maximum of ten data logs can be open simultaneously. WinCC Advanced V14 System Manual, 10/2016 3835 Programming the PLC 11.4 Instructions Example program The contents of the data logs are defined in a data block (DB) in this example. The DB is used to create a data log (DataLogCreate (Page 3813)) and to provide process values for writing a data record (DataLogWrite (Page 3826)). The three entries of the structure "MyData" are used as process values: MyCount, MyTemerature and MyPressure. In the data block, these three values are stored temporarily and then transferred with the "DataLogWrite (Page 3826)" instruction to a data log as a data record. A data record is composed later from the following six entries: 1. The data record number (assigned automatically) 2. The date (assigned automatically when "1" is used for DataLogCreate at the TIMESTAMP parameter). 3. The time of day (assigned automatically when "1" is used for DataLogCreate at the TIMESTAMP parameter). 4. The current value of "MyCount" from the "MyData" structure. 5. The current value of "MyTemperature" from the "MyData" structure. 6. The current value of "MyPressure" from the "MyData" structure. Network 1: A rising edge at REQ starts the creation of the data log with the DataLogCreate (Page 3813) instruction. 3836 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Acquire the DONE output of DataLogCreate (Page 3813), because it is only valid for one cycle. Network 3: A rising edge triggers the point in time at which new process values are stored in the MyData structure. This step is used to store the desired process values temporarily in the data block. Network 4: Once the execution of DataLogCreate (Page 3813) is complete, (DONE parameter =1, see Network 1), the EN input of DataLogWrite (Page 3826) is set. The reason for this is that a generation process extends over several cycles and must be completed in order for a write operation to be performed. Writing is triggered for a data record by a rising edge at the REQ input. WinCC Advanced V14 System Manual, 10/2016 3837 Programming the PLC 11.4 Instructions Network 5: Close the data log after the last data record has been written. The data log was created for 5 data records (see Network 1). That means, after 5 data records, 0001 is output on the DataLogWrite (Page 3826) instruction at the STATUS parameter (last possible data record created at the end of the file. Creating another data record overwrites an older data record). In this case, the REQ input is set and the DataLogClose (Page 3828) instruction is executed. When the data log is closed, no more data records are written. Network 6: The data log must be opened again with the DataLogOpen (Page 3822) instruction in order to write a data record again at a later time. If another data record is written with DataLogWrite (Page 3826) after this, the oldest data record is overwritten. Network 7: If you do not want to overwrite the older data records, you can use the DataLogNewFile (Page 3833) instruction to create a new data log with the same structure. To do this, enter the ID of the existing data log whose structure you want to copy at the ID parameter of the instruction. Once the DataLogNewFile (Page 3833) instruction has been executed, a new and unique ID value for the new data log is assigned. 3838 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note that the call for DataLogNewFile (Page 3833) also extends over several cycles. Therefore, similar to the DataLogCreate (Page 3813) instruction, you should also query the DONE bit to prevent premature execution of DataLogWrite (Page 3826) (see Networks 1, 2 and 4). Result Opening of written data via the web server The data logs created with the example program are displayed via the web server. To do this, open the Web server using an Internet browser and open the "\DataLogs" directory. Note If you are logged on with editing rights, only the "Delete" and "Rename" options are available. You assign the rights in the hardware configuration in the web server properties of the CPU. WinCC Advanced V14 System Manual, 10/2016 3839 Programming the PLC 11.4 Instructions Contents of the CSV files "5" is set as the maximum number of data records when creating the data log with the DataLogCreate instruction. If this number is not exceeded, all written data records are included in the data log. If another data record is added to this, the oldest data record (Record 1) is overwritten. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also DataLogClear: Empty data log (Page 3824) DataLogDelete: Delete data log (Page 3830) Data block functions (S7-1200, S7-1500) CREATE_DB: Create data block (S7-1200, S7-1500) Description The "CREATE_DB" instruction is used to create a new data block in the load and/or work memory. The instruction "CREATE_DB" does not change the checksum of the user program. A data block that was only generated in the work memory has the following properties: After a memory reset or POWER OFF / POWER ON this block no longer exists. When loading or when there is a STOP-RUN transition, its content remains unchanged. 3840 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Number of the data block The data block created is assigned a number from the range defined at the LOW_LIMIT (low limit) and UP_LIMIT (high limit) parameters. "CREATE_DB" assigns the smallest possible number from the specified range to the DB. You cannot assign the numbers of the DBs already contained in the user program. To create a DB with a specific number, enter the same number for the high and low limit of the range to be specified. If a DB with the same number already exists in the work memory and/ or load memory, or if the DB exists as a copied version, the instruction will be terminated and an error message will be generated at the RET_VAL parameter. Start values of the data block The SRCBLK parameter is used to define start values for the DB that is to be created. The SRCBLK parameter is a pointer to a DB or a DB area from which you apply the start values. The DB addressed at the SRCBLK parameter must have been generated with standard access ("Optimized block access" attribute disabled). If the area specified at the SRCBLK parameter is larger than the DB generated, the values up to the length of the DB generated will be applied as start values. If the area specified at the SRCBLK parameter is smaller than the DB generated, the remaining values will be filled with "0". To ensure data consistency, you must not change this data area while "CREATE_DB" is being executed (which means as long as the BUSY parameter has the value TRUE). Note SRCBLK points to a TEMP tag TEMP tags of standard blocks are located in the temporary local data area. A reference in SRCBLK to a TEMP tag therefore results in the value 80A3 (the data block at the SRCBLK parameter was not created with standard access) being output as RET_VAL. Functional description The "CREATE_DB" instruction works asynchronously. Processing takes place across several calls. You start the job by calling "CREATE_DB" with REQ = 1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3841 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "CREATE_DB" instruction: Parameter Declara tion Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Level-triggered control parameter "request to activate" REQ = 1: Request to generate the data block LOW_LIMIT Input UINT I, Q, M, D, L or con stant Low limit of the range for the assignment of a DB number. The smallest possible number is 60000. UP_LIMIT Input UINT I, Q, M, D, L or con stant High limit of the area used by "CREATE_DB" to assign a number to your DB (largest possible DB number: 60999) COUNT Input UDINT I, Q, M, D, L or con stant The count value specifies the number of bytes which you want to reserve for the DB generated. The number of bytes must be an even number. The maximum length is 65534 bytes. 3842 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declara tion Data type Memory area Description ATTRIB Input BYTE I, Q, M, D, L or con stant You use the first 4 bits of the byte at parameter ATTRIB to define the properties of the data block *: Bit 0 = 0: Attribute "Only store in load memory" is not set. Bit 0 = 1: Attribute "Only store in load memory" is set. With this setting, the DB takes up no space in the work memory and is not included in the program. The DB cannot be accessed with bit commands. When bit 0 = 1, the selection for bit 2 is irrelevant. To ensure compatibility with STEP 7 V5.x, bits 0 and 3 must be considered together (see below). Bit 1 = 0: Attribute "Data block write-protected in the device" is not set. Bit 1 = 1: Attribute "Data block write-protected in the device" is set. Bit 2 = 0: DB is retentive (only for DBs generated in the load and in the work memory). The DB is regarded as retentive if at least one value has been set as retentive. Bit 2 = 1: DB is not retentive Retentivity is not supported with DBs that are only stored in load memory or only in the work memory. If you call the "CRE ATE_DB" instruction with one of the two combinations "retentive and only load memory" or "retentive and only work memory" the DB to be generated will not be marked as retentive. Bit 3 = 0: Creation of the DB either in the load memory or in the work memory (selection using bit 0, see above) Bit 3 = 1: Creation of the DB both in the load memory and in the work memory (bit 0 irrelevant) To ensure compatibility with STEP 7 V5.x, bits 0 and 3 must be used in combination. When bit 3 = 1, bit 0 is irrelevant. Bit 0 Bit 3 DB generation 0 0 In work memory only 1 0 In load memory only Irrele vant 1 Work and load memory Bit 4 = 0 - No start values specified (input values at the SRCBLK parameter will be ignored). Bit 4 = 1 - Specify start values (values correspond to the DB addressed by the SRCBLK parameter). SRCBLK Input VAR IANT D Pointer to the data block whose values will be used to initialize the data block to be generated. RET_VAL Return INT I, Q, M, D, L Error information BUSY Output BOOL I, Q, M, D, L BUSY = 1: The process is not yet complete. DB_NUM Output DB_DY I, Q, M, D, L N (UINT) Number of the DB created. * The properties selected here correspond to the attributes in the properties of a data block. WinCC Advanced V14 System Manual, 10/2016 3843 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Description 0000 No error 0081 The destination area is greater than the source area. The source area is written completely to the destination area. The remaining bytes of the destination area remain unchanged. 7000 First call with REQ = 0: No data transfer active; BUSY has the value "0". 7001 First call with REQ = 1: Data transfer triggered; BUSY has the value "1". 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". 8081 The source area is larger than the destination area. The complete destination area is written. The remaining bytes of the source area are ignored. 8092 The "Create data block" function is currently unavailable because The "Compress user memory" function is currently active. The maximum number of blocks on your CPU has already been reached. 8093 No data block or a data block that is not in the work memory is specified for the SRCBLK parameter. 8094 An invalid value was specified at parameter ATTRIB. 80A1 DB number error: The number is "0" The number exceeds the CPU-specific high limit for DB numbers Low limit > high limit 80A2 DB length error: The length is "0" The length is an odd number The length is greater than permitted by the CPU 80A3 The data block at the SRCBLK parameter was not created with standard access. 80B1 There is no DB number free. 80B2 Insufficient free memory available. 80B4 The memory card is write-protected. 80BB Not enough load memory. 80C3 The maximum number of simultaneously active "CREATE_DB" instructions has already been reached. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You will find the example here: Program example for CREATE functions (Page 3858). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). 3844 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions READ_DBL: Read from data block in the load memory (S7-1200, S7-1500) Description With the instruction, you copy a DB or an area of a DB in load memory (Micro Memory Card) to the data area of a destination DB. The destination data block must be runtime-relevant, which means it must not be created with the Only store in load memory attribute. The content of the load memory is not changed during the copy process. To ensure data consistency, you must not change the destination area while "READ_DBL" is being executed (i.e., as long as the BUSY parameter has the value TRUE). The following restrictions apply to the SRCBLK and DSTBLK parameters (source and destination blocks): Valid for standard memory areas: If you want to interconnect a parameter of VARIANT data type (source or destination area) with a tag of BOOL data type or an ARRAY of BOOL, you have the following options: - You can address it symbolically Example: Parameter SRCBLK: "Data_block".myArray - You can address it absolutely with help of the ANY pointer. However, you must note that the specified length of the area must be divisible by 8, or the instruction will otherwise not be executed. Example: Parameter SRCBLK: P#DB123.DBX456.0 BOOL 1000 For a VARIANT pointer of type STRING, the length must be equal to 1. The source and destination blocks must have been created with the same block access, i.e. both must use either the "Optimized" or "Standard" access type. When the source and target DB blocks have optimized access, you must not use the STRUCT data type. Note "READ_DBL" is processed asynchronously and is therefore, it is not suitable for frequent (or cyclic) reading of tags in the load memory. Once started, a job is always completed. If the maximum number of simultaneously active "READ_DBL" instructions is reached and you call "READ_DBL" once again at this time in a priority class having higher priority, error code W#16#80C3 will be returned. Consequently it does not make sense to restart the high-priority job right away. Functional description The "READ_DBL" instruction works asynchronously. Processing takes place across several calls. You start the job by calling "READ_DBL" with REQ = 1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 3845 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "READ_DBL" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Read request SRCBLK Input VARIANT D Pointer to data block in the load memory that is to be read from RET_VAL Return INT I, Q, M, D, L Error information BUSY Output BOOL I, Q, M, D, L BUSY = 1: The reading process is not yet com plete. DSTBLK Output VARIANT D Pointer to the data block in the work memory that is written to You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error 0081 The destination area is greater than the source area. The source area is written completely to the desti nation area; the remaining bytes of the destination area will not be changed. 7000 First call with REQ = 0: No data transfer active; BUSY has the value "0". 7001 First call with REQ=1: Data transfer triggered; BUSY has the value "1". 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". 8x51 Note: This error code is only for S7-1200 CPUs. Data type error in the data block. 8081 The source area is larger than the destination area. The complete destination area is written. The remaining bytes of the source area are ignored. 8082 Destination DB type different from source DB type (optimized/standard access). The destination and source DB were both created with optimized access. You have, however, used structures with the destination and source DB that lead to a different arrangement of the data when compiled. (Note: Use UDTs instead.) 8093 Note: This error code is only for S7-1500 CPUs. No data block or a data block that is not in the work memory is specified for the DSTBLK parameter. 80B1 Note: This error code is only for S7-1500 CPUs. At parameter SRCBLK, only data blocks that are located in the load memory are permitted. 8xB1 Note: This error code is only for S7-1200 CPUs. No data block is specified for the SRCBLK parameter, or the data block specified there is not a load memory object. 80B4 DSTBLK points to a DB with F-attribute (that must not be written) 8xC0 Note: This error code is only for S7-1200 CPUs. The destination DB is currently being processed by another instruction or a communication function. 3846 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 80C3 The maximum number of simultaneously active "READ_DBL" instructions has already been reached. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you read out the contents of a DB in the load memory to a DB in the work memory. To store the data for the interconnection, create three tags in a global data block. To store the send data, create two global data blocks with three tags each of the INT data type. For receive data in the load memory: For receive data in the work memory: Interconnect the parameters of the "READ_DBL" instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3847 Programming the PLC 11.4 Instructions If the normally open contact ("execute") supplies the signal state "TRUE", the "READ_DBL" instruction is executed. The DB is stored in the load memory with the input parameter SRCBLK ("DB54321"). The DB is stored in the work memory with the output parameter DSTBLK ("DB12345"). The instruction "READ_DBL" calls the data to be transferred in the load memory (SRCBLK) and reads the data in the work memory (DSTBLK). The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also GET_ERR_ID: Get error ID locally (Page 3251) WRIT_DBL: Write to data block in the load memory (S7-1200, S7-1500) Description The instruction "WRIT_DBL" is used to transfer the contents of a DB or a DB area from the work memory to a DB or a DB area in the load memory (Micro Memory Card). The source DB must be runtime-relevant, which means it must not be created with the Only store in load memory attribute. Note Start value behavior during "Upload from device" The start values that you changed with the "WRIT_DBL" instruction are lost when you perform the "Upload from device" action. To ensure data consistency, it is not permitted to change the source range while "WRIT_DBL" is being executed (i.e., as long as the BUSY parameter has the value TRUE). The following restrictions apply to the SRCBLK and DSTBLK parameters (source and destination blocks): For a VARIANT pointer of type BOOL, the length must be divisible by 8. For a VARIANT pointer of type STRING, the length must be equal to 1. The source and destination blocks must have been created with the same block access, i.e. both must use "Optimized block access" or optimized access must be disabled for both. When the source and target DB blocks have optimized access, you must not use the STRUCT data type. 3848 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The "WRIT_DBL" instruction does not change the checksum of the user program if you write a DB that was created using an instruction. However, when a loaded DB is written, the first entry in this DB changes the checksum of the user program. Note "WRIT_DBL" is not suitable for frequent (or cyclical) writing of tags in the load memory. This is because the memory card technology limits the number of write accesses that can be made to a memory card. Functional description The "WRIT_DBL" instruction works asynchronously. Processing takes place across several calls. You start the job by calling "WRIT_DBL" with REQ=1. The output parameters RET_VAL and BUSY indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436) Parameters The following table shows the parameters of the "WRIT_DBL" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant REQ = 1: Write request SRCBLK Input VARIANT D Pointer to the DB in the work memory that is to be read from RET_VAL Return INT I, Q, M, D, L Error information BUSY Output BOOL I, Q, M, D, L BUSY = 1: The writing process is not yet com plete. DSTBLK Output VARIANT D Pointer to the data block in the load memory that is written to You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Description (W#16#...) 0000 No error 0081 The destination area is greater than the source area. The source area is written completely to the destination area; the remaining bytes of the destination area will not be changed. 7000 First call with REQ = 0: No data transfer active; BUSY has the value "0". 7001 First call with REQ = 1: Data transfer triggered; BUSY has the value "1". 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". WinCC Advanced V14 System Manual, 10/2016 3849 Programming the PLC 11.4 Instructions Error code* Description (W#16#...) 8051 Note: This error code is only for S7-1200 CPUs. Type error data block. 8251 Note: This error code is only for S7-1200 CPUs. Data type error in the source DB 8551 Note: This error code is only for S7-1200 CPUs. Data type error in the target DB 8081 The source area is larger than the destination area. The complete destination area is written. The remaining bytes of the source area are ignored. 8082 Note: This error code is only for S7-1500 CPUs. Destination DB type different from source DB type (optimized/non-optimized access). The destination and source DB were both created with optimized access. You have, however, used structures with the destination and source DB that lead to a different arrangement of the data when compiled. (Note: Use UDTs instead.) 8093 Note: This error code is only for S7-1500 CPUs. No data block or a data block that is not in the work memory is specified for the SRCBLK parameter. 80B1 Note: This error code is only for S7-1500 CPUs. At parameter DSTBLK, only data blocks that are located in the load memory are permitted. 82B1 Note: This error code is only for S7-1200 CPUs. No data block is specified for the SRCBLK parameter. 85B1 Note: This error code is only for S7-1200 CPUs. For parameter DSTBLK, no data block is specified or the data block specified there is not in the load memory. 80B4 The memory card is write-protected. DB with F-attribute must not be read. 80BB Insufficient load memory available. 82C0 Note: This error code is only for S7-1200 CPUs. The source DB is currently being processed by another instruction or a communication instruction. 85C0 Note: This error code is only for S7-1200 CPUs. The destination DB is currently being processed by another instruction or a communication instruction. 80C3 The maximum number of simultaneously active "WRIT_DBL" instructions has already been reached. General error codes See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you transfer the contents of a DB in the work memory to a DB in the load memory. To verify successful transfer to the DB, read the contents in another DB in the work memory. To store the data for the interconnection, create five tags in a global data block. 3850 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To store the data to be transmitted, create three global data blocks with one "myData" tag each (Array of INT data type): A DB for send data in the work memory (SLI_srcDB_WRIT_DBL). A DB for receive data in the load memory (SLI_dstDB_WRIT_DBL). A DB for receive data in the work memory (SLI_finDB_WRIT_DBL). Interconnect the parameters of the "WRIT_DBL" instruction as follows. Interconnect the parameters of the "READ_DBL" instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3851 Programming the PLC 11.4 Instructions "WRIT_DBL" instruction: If the normally open contact ("execute") supplies the signal state "TRUE", the "WRIT_DBL" instruction is executed. The DB is stored in the work memory with the input parameter SRCBLK ("SLI_srcDB_WRIT_DBL.myData"). The DB is stored in the load memory with the output parameter DSTBLK ("SLI_dstDB_WRIT_DBL.myData"). The "WRIT_DBL" instruction calls the data to be transferred in the work memory (SRCBLK) and writes the data to the required location in the load memory (DSTBLK). The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. "READ_DBL" instruction: When processing of WRIT_DBL took place without errors and the normally open contact ("execute") supplies the signal state "TRUE", the "READ_DBL" instruction is executed. The DB is stored in the load memory with the input parameter SRCBLK ("SLI_dstDB_WRIT_DBL.myData"). The DB for the receive data is stored with the output parameter DSTBLK ("SLI_finDB_WRIT_DBL.myData"). The "READ_DBL" instruction calls the data to be transferred in the load memory (SRCBLK) and reads the data at the required location in the work memory (DSTBLK). The output parameter RET_VAL ("readRetVal") indicates that processing took place without errors. 3852 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The DB for the receive data in the work memory (SLI_finDB_WRIT_DBL) displays the transmitted data. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). ATTR_DB: Read data block attribute (S7-1200, S7-1500) Description You use the instruction "ATTR_DB" to obtain information about a data block (DB) located in the work memory of the CPU. The instruction determines the attributes set at the ATTRIB parameter for the DB selected. The length cannot be read out for data blocks with optimized access and data blocks that are only in load memory. In these cases, the DB_LENGH parameter has the value "0". Do not apply ATTR_DB to data blocks with optimized access and activated memory reserve. Do not read out the data blocks for Motion Control with the "ATTR_DB" instruction. The error code 80B2 is output for this. WinCC Advanced V14 System Manual, 10/2016 3853 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "ATTR_DB" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or constant REQ = 1: Request to read block attributes DB_NUM BER Input DB_ANY I, Q, M, D, L or constant Number of the DB to be tested RET_VAL Output INT I, Q, M, D, L Error information UDINT I, Q, M, D, L Number of data bytes which the selected DB contains. DB_LENGTH Output "0" for data blocks with optimized access and data blocks that are only in load memory. ATTRIB Output BYTE I, Q, M, D, L DB properties: Bit 0*= 0: Attribute "Only store in load memory" is not set. Bit 0*= 1: Attribute "Only store in load memory" is set. Bit 1 = 0: Attribute "Data block write-protected in the device" is not set. Bit 1 = 1: Attribute "Data block write-protected in the device" is set. If bit 0 = 1, then bit 2 is irrelevant and gets the value 1. Bit 2 = 0: Retentive - The DB is regarded as retentive if at least one value has been set as retentive. Bit 2 = 1: Not retentive - The complete DB is not retentive. Bit 3*= 0: The DB is either in the load memory (bit 0 = 1) or in the work memory (bit 0 = 0). Bit 3*= 1: The DB is generated in both the load and the work memory * The relationship between bit 0 and bit 3 is explained in the parameters of the instruction "CREATE_DB: Create data block (Page 3840)". You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0000 No error occurred. 80A1 Error in input parameter DB_NUMBER: the actual parameter selected Is "0" Is greater than the maximum permitted DB number for the CPU used. 80B1 3854 The DB with the specified number does not exist on the CPU. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 80B2 Data blocks of Motion Control technology objects cannot be read with the "ATTR_DB" instruction. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you read the status of a data block. You create a DB with a "myData" tag (Array[0..3] of INT data type). For standard access, disable optimized data access in the DB properties. To store the data for the interconnection, create four tags in a global data block. To better evaluate the value of the output parameter ATTRIB, create two local tags. Note Create AT data type 1. Create the first tag ("stattAttByte") with the BYTE data type. 2. Create the second tag ("stattAttBool") and enter AT"stattAttByte" as data type. 3. Then enter the Array of Bool data type for the second tag. WinCC Advanced V14 System Manual, 10/2016 3855 Programming the PLC 11.4 Instructions Interconnect the parameters of the "ATTR_DB" instruction as follows. If the normally open contact ("startAttr") supplies the signal state "TRUE", the "ATTR_DB" instruction is executed. The number of the DB to be evaluated is stored with the input parameter DB_NUMBER ("SLI_srcDB_ATTR_DB"). The "ATTR_DB" instruction calls the DB based on the number and outputs its status at the output parameter ATTRIB ("#statAttrByte"). The length of the read data (4 INT) of the data block in BYTE (value "8") is output at the output parameter DB_LENGTH ("readLenByte"). The hexadecimal value of the output parameter ATTRIB is converted into a bit string by means of the local tags and transferred with the "MOVE" instruction to the "readAttrBool" tag. The bit string "0011" means: The DB exists not only in the load memory. The DB is not write-protected. The DB is not retentive. The DB is generated in both the load and the work memory. The output parameter RET_VAL ("attrRetVal") indicates that processing took place without errors. 3856 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). DELETE_DB: Delete data block (S7-1200, S7-1500) Description You use the instruction "DELETE_DB" to delete a data block (DB) that was created from the user program by calling the instruction "CREATE_DB (Page 3840)". If the data block was not created with "CREATE_DB", the error code W#16#80B5 is output at the RET_VAL parameter. The selected data block is not deleted immediately, but rather at the cycle control point after execution of the cycle OB. Functional description The "DELETE_DB" instruction works asynchronously. Processing takes place across several calls. You start the interrupt transfer by calling the instruction with REQ = 1. Output parameter BUSY and bytes 2 and 3 of output parameter RET_VAL show the status of the job. When the output parameter BUSY has the value FALSE, the deletion of the data block is completed. Parameters The following table shows the parameters of the "DELETE_DB" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or constant REQ =1: Request to delete the DB with the num ber in the DB_NUMBER parameter DB_NUMBER Input UINT I, Q, M, D, L or constant Number of the DB to be deleted RET_VAL Output INT I, Q, M, D, L Error information (see "RET_VAL parameter") BUSY Output BOOL I, Q, M, D, L BUSY =1: The process is not yet complete. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0000 No error occurred. 7000 First call with REQ = 0: No data transfer active; BUSY has the value "0". 7001 First call with REQ = 1: Data transfer triggered; BUSY has the value "1". WinCC Advanced V14 System Manual, 10/2016 3857 Programming the PLC 11.4 Instructions Error code* (W#16#...) Explanation 7002 Intermediate call (REQ irrelevant): Data transfer already active; BUSY has the value "1". 80A1 Error in input parameter DB_NUMBER: The value at the parameter is "0". The value at the parameter is greater than the maximum permitted DB number for the CPU used. 80B1 The DB with the specified number does not exist on the CPU. 80B4 The DB cannot be deleted because the memory card of the CPU is write-protected. 80B5 The DB was not created using "CREATE_DB". 80BB Not enough load memory. 80C3 The "Delete a DB" function cannot be executed at this time due to a temporary resource bottleneck. General error information See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example You can find the example here: Program example for CREATE functions (Page 3858). You can find additional information and the program code for the above named example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) Program example for CREATE functions (S7-1200, S7-1500) Introduction In the following example, you create a DB in the load memory, read its contents, and then delete the DB. 3858 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements Create a global DB ("SLI_srcDB_CREATE_DB") to serve as a template for the new DB. The properties of the DB are as follows. To store the data for the interconnection, create 14 tags in a global data block ("SLI_gDB_CREATE_DB"). WinCC Advanced V14 System Manual, 10/2016 3859 Programming the PLC 11.4 Instructions To store the data, also create six local tags in an FB. Create the tags "#setAttByte" and "#setAttBool" as an AT construct. Interconnect parameters Network 1: Interconnect the tag "setAttrBool" with the local tag "#setAttBool". Network 2: Interconnect the parameters of the "CREATE_DB" instruction as follows. 3860 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 3: To store the number of the newly created DB, create the following interconnections. Network 4: To end the execution of CREATE_DB once again, create the following interconnections. Network 5: Interconnect the parameters of the "READ_DBL" instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3861 Programming the PLC 11.4 Instructions Network 6: To end the execution of READ_DBL once again, create the following interconnections. Network 7: Interconnect the parameters of the "DELETE_DB" instruction as follows. Network 8: To end the execution of DELETE_DB once again, create the following interconnections. 3862 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of network 1 With an AT construct, the properties ("setAttrBool") stored in the Array of BOOL data type(#statAttBool) are converted into BYTE (#statAttByte) and stored. Result of network 2 - "CREATE_DB" instruction If the normally open contact ("startCreate") supplies the signal state "TRUE", the "CREATE_DB" instruction is executed. According to the input parameter COUNT ("setLenByte"), a new DB with a length of 8 bytes is created in the process. The number of the DB that is to be created is specified with the input parameter LOW_LIMIT ("lowLim") or UP_LIMIT ("hiLim"). The properties (in BYTE) with which the DB is to be created are stored at the input parameter ATTR ("#statAttByte"). The DB is to be created only in the load memory and filled with defined contents. A DB is stored at the input parameter SRCBLK ("SLI_srcDB_CREATE_DB.myData") to serve as template for the contents of the new DB. The output parameter RET_VAL ("CreateRetVal") indicates that processing took place without errors. The instruction "CREATE_DB" remains inactive after its execution ("createRetVal" has the value 16#7000"). The number of the new DB is briefly output at the end of the execution at the output parameter DB_NUM ("#nbrNewDB"). WinCC Advanced V14 System Manual, 10/2016 3863 Programming the PLC 11.4 Instructions Result of network 3 When processing of CREATE_DB took place without errors, "createRetVal" has the value "16#0000". As a result, the number ("#nbrNewDB") of the DB is stored in the "memNbrNewDB" tag. 3864 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result of network 4 When CREATE_DB at the ENO parameter ("#tempCreate") supplies the signal state "TRUE", the interconnection of network 4 is active. In addition, when processing of CREATE_DB took place without errors, the reset ("startCreate") is set to "TRUE" and the execution of CREATE_DB is ended. Result of network 5 - "READ_DBL" instruction The following preconditions exist for executing READ_DBL: CREATE_DB is inactive ("createRetVal" has the value "16#7000"). CREATE_DB has created a new DB whose number was stored ("memNbrNewDB" has a value > 0). If the normally open contact ("startRead") supplies the signal state "TRUE", the "READ_DBL" instruction is executed. The newly created DB is referenced in the load memory with the input parameter SCRBLK. The DB is referenced in the work memory ("SLI_srcDB_CREATE_DB.readData") with the output parameter DSTBLK. The "READ_DBL" WinCC Advanced V14 System Manual, 10/2016 3865 Programming the PLC 11.4 Instructions instruction calls the data to be transferred in the load memory (SCRBLK) and reads the data at the required location in the work memory (DSTBLK). The output parameter RET_VAL ("rdblRetVal") indicates that processing took place without errors. The transferred data is displayed for the DB in the work memory ("SLI_srcDB_CREATE_DB.readData"). Result of network 6 When READ_DBL at the ENO parameter ("#tempRead") supplies the signal state "TRUE", the interconnection of network 6 is active. In addition, when processing of READ_DBL is complete, the reset ("startRead") is set to "TRUE" and the execution of READ_DBL is ended. Result of network 7 - "DELETE_DB" instruction The following preconditions exist for executing DELETE_DB: CREATE_DB is inactive ("createRetVal" has the value "16#7000"). CREATE_DB has created a new DB whose number was stored ("memNbrNewDB" has a value > 0). If the normally open contact ("startDelete") supplies the signal state "TRUE", the "DELETE_DB" instruction is executed. The newly created DB is referenced based on its 3866 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions number with the input parameter DB_NUMBER ("memNbrNewDB"). The "DELETE_DB" instruction deletes the newly created DB. The output parameter RET_VAL ("deleteRetVal") indicates that processing took place without errors. Result of network 8 When DELETE_DB at the ENO parameter ("#tempRead") supplies the signal state "TRUE", the interconnection of network 8 is active. In addition, when processing of DELETE_DB is complete, the reset ("startDelete") is set to "TRUE" and the execution of DELETE_DB is ended. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). Addressing (S7-1200, S7-1500) Instructions for address conversion (S7-1200, S7-1500) Description There are different options for addressing a module (IO address, hardware identifier, slot). You can convert the address data with the following instructions: GEO2LOG: Determine hardware identifier from slot (Page 3868) LOG2GEO: Determine slot from hardware identifier (Page 3871) LOG2MOD: Determine the hardware identifier from addressing of STEP 7 V5.5 SPx (Page 3873) IO2MOD: Determine hardware identifier from an IO address (Page 3874) RD_ADDR: Determine IO addresses from the hardware identifier (Page 3877) The following instructions are supported in addition for migrated projects: GEO_LOG: Determine hardware identifier from slot (Page 3880) LOG_GEO: Determine slot from hardware identifier (Page 3882) RD_LGADR: Determine IO addresses from the hardware identifier (Page 3883) GADR_LGC: Determine hardware identifier from slot and offset in the user data address area (Page 3885) LGC_GADR: Determine slot from hardware identifier (Page 3886) WinCC Advanced V14 System Manual, 10/2016 3867 Programming the PLC 11.4 Instructions Type of address conversion The figure below shows which instruction runs which address conversion. 1DPH 7\SH *(2/2* 6)& /2**(2 6)& /2*02' 6)& ,202' 6)& 5'B$''5 6)& *(2B/2* )& /2*B*(2 )& 5'B/*$'5 )& *$'5B/*& )& /*&B*$'5 )& ,2DGGUHVV HV +DUGZDUHLGHQWLILHU 6ORW GEO2LOG: Determine hardware identifier from slot (S7-1200, S7-1500) Description You use the "GEO2LOG" instruction to determine hardware identifier based on slot information that you define using the system data type GEOADDR. Depending on the type of hardware you define at the parameter HWTYPE the following information is evaluated from the other parameters GEOADDR: When HWTYPE = 1 (IO system): - Only IOSYSTEM is evaluated. The other parameters of GEOADDR are not taken into consideration. - The hardware identifier of the IO system is output. When HWTYPE = 2 (IO device): - IOSYSTEM and STATION are evaluated. The other parameters of GEOADDR are not taken into consideration. - The hardware identifier of the IO device is output. 3868 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions With HWTYPE = 4 (module): - IOSYSTEM, STATION and SLOT are evaluated. The SUBSLOT parameter of GEOADDR is not taken into consideration. - The hardware identifier of the module is output. With HWTYPE = 5 (submodule): - All parameters of GEOADDR are evaluated. - The hardware identifier of the submodule is output. The AREA parameter of the GEOADDR system data type is not evaluated. Parameters The following table shows the parameters of the "GEO2LOG" instruction: Parameter Declaration Data type Memory area Description GEOADDR Input VARIANT D, L Pointer to the structure of the GEOADDR sys tem data type. The system data type contains the slot infor mation from which the hardware ID is deter mined. See also: System data type GEOADDR (Page 3879) RET_VAL Return INT I, Q, M, D, L Output of error information. LADDR Output HW_ANY I, Q, M, D, L Hardware identifier of the assembly or the module. The number is automatically assigned and is stored in the properties in the hardware config uration. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error occurred. 8091 Invalid value for in GEOADDR for HWTYPE. 8094 Invalid value for in GEOADDR for IOSYSTEM. 8095 Invalid value for in GEOADDR for STATION. 8096 Invalid value for in GEOADDR for SLOT. 8097 Invalid value for in GEOADDR for SUBSLOT. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 3869 Programming the PLC 11.4 Instructions Example In the following example, you determine the hardware ID of the CPU based on the slot information. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. If the normally open contact ("execute") supplies the signal state "TRUE", the "GEO2LOG" instruction is executed. The slot information is stored in the input parameter GEOADDR ("geoAddr"). The instruction "GEO2LOG" calls the hardware ID for a module (HWTYPE with the value "4") of the central controller (IOSYSTEM with the value "0") in the rack "0" (value of STATION), in slot "1" (value of SLOT). The determined hardware ID of the local component of the CPU is displayed at the output parameter LADDR ("laddr"). The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. 3870 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also Instructions for address conversion (Page 3867) LOG2GEO: Determine slot from hardware identifier (S7-1200, S7-1500) Description You use the "LOG2GEO" instruction to determine the module slot belonging to a hardware identifier. Parameters The following table shows the parameters of the "LOG2GEO" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_ANY I, Q, M, D, L or con stant Hardware identifier of the module whose slot you want to find. The hardware ID is assigned automatically and is stored in the properties of the module in the hardware configuration and the system con stants. RET_VAL Output INT I, Q, M, D, L Output of error information. GEOADDR InOut VARIANT D, L Pointer to the GEOADDR system data type. The slot information is written in the system data type GEOADDR. See also: System data type GEOADDR (Page 3879) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3871 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error occurred. 8090 The address specified at the LADDR parameter is invalid. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you determine the slot information of an input module based on the hardware ID. Create four tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. If the normally open contact ("execute") supplies the signal state "TRUE", the "LOG2GEO" instruction is executed. The hardware ID of the input module is stored with the input parameter LADDR ("laddr"). The instruction "LOG2GEO" calls the slot information of the input module using the hardware ID. The determined slot information of the input module is displayed at the output parameter GEOADDR ("geoAddr"). A module (HWTYPE with the value "4") of the central controller (IOSYSTEM with the value "0") in the rack "0" (value of STATION), in slot "2" (value of SLOT) is determined. 3872 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). LOG2MOD: Determine the hardware identifier from addressing of STEP 7 V5.5 SPx (S7-1500) Description You use the "LOG2MOD" instruction to determine the hardware identifier for an IO (sub)module from the addressing of STEP 7 5.5 SPx (IO data address or diagnostic address). The hardware identifier is used at the LADDR input parameter for addressing of various instructions. Convert the addressing parameters from STEP 7 5.5 SPx by calling "LOG2MOD" beforehand. Parameter The following table shows the parameters of the "LOG2MOD" instruction: Parameter Declaration Data type Memory area Description IOID Input BYTE I, Q, M, D, L or con stant Identifier of the address area as in STEP 7 5.5 SPx: B#16#00: Bit15 of ADDR specifies whether an input (Bit15=0) or output address (Bit15=1) exists. B#16#54= Peripheral input (PI) B#16#55= Peripheral output (PQ) ADDR Input WORD I, Q, M, D, L or con stant Logical address of the IO data of the module as offset (corresponding addressing in STEP 7 5.5 SPx) or diagnostic address. RET_VAL Return INT I, Q, M, D, L Error code of the instruction. HWID Output HW_IO I, Q, M, D, L Determined hardware identifier of the IO (sub)module. WinCC Advanced V14 System Manual, 10/2016 3873 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error occurred. 8093 Specified address is not used by any hardware components. Specified value at IOID parameter is invalid. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". IO2MOD: Determine hardware identifier from an IO address (S7-1200, S7-1500) Description The "IO2MOD" instruction determines the hardware identifier of the module from an IO address (I, Q, PI, PQ) of a module. Enter the IO address at the ADDR parameter. - If a series of IO addresses is used at this parameter, only the first address is evaluated to determine the hardware identifier. - If the first address is correctly specified, the length for the address specification at the ADDR parameter is of no significance. - If an address area is used that encompasses several modules or unused addresses, the hardware identifier of the first module can also be determined. - If no IO address of a module is specified at parameter ADDR, the error code 8090 is output at parameter RET_VAL. Note Input of IO address in SCL In SCL, you do not program using the I/O access ID "%QWx:P". In this case, use the symbolic tag name or the absolute address in the process image. 3874 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "IO2MOD" instruction: Parameter Declaration Data type Memory area Description ADDR Input VARIANT I, Q IO address (I, Q, PI, PQ) within a module. Make sure that slice access is not used for the parameter ADDR. If this is the case, incorrect values are output at the LADDR parameter. RET_VAL Return INT I, Q, M, D, L Error code of the instruction. LADDR Output HW_IO I, Q, M, D, L Determined hardware identifier (logical ad dress) of the IO module. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error occurred. 8090 IO address specified at ADDR parameter is not used by any hardware component. 8092 Invalid data type used at parameter ADDR (for example, WCHAR or WSTRING). * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you determine the hardware ID of an input module based on an IO address. Create a PLC tag in a tag table to read the hardware ID. Create three tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. WinCC Advanced V14 System Manual, 10/2016 3875 Programming the PLC 11.4 Instructions If the normally open contact ("execute") supplies the signal state "TRUE", the "IO2MOD" instruction is executed. The IO address to be localized is transmitted with the input parameter ADDR ("SLI_IOtest"). The "IO2MOD" instruction calls the IO address and reads the input module. The determined hardware ID of the input module is displayed at the output parameter LADDR ("ioLaddr"). The output parameter RET_VAL ("returnValue") indicates that processing took place without errors. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 3876 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RD_ADDR: Determine IO addresses from the hardware identifier (S7-1200, S7-1500) Description The "RD_ADDR" instruction determines the length and the start address of the inputs or outputs based on the hardware identifier of a sub(module). Use the LADDR parameter to select the input or output module based on the hardware identifier. The following output parameters are used depending on whether it is an input module or output module: - In the case of an input module the determined values are output at the PIADDR and PICOUNT parameters. - In the case of an output module the determined values are output at the PQADDR and PQCOUNT parameters. The PIADDR and PQADDR parameters each contain the start address of the I/O addresses of the module. The PICOUNT and PQCOUNT parameters each contain the number of bytes of the inputs our outputs (1 byte for 8 inputs/outputs, 2 bytes for 16 inputs/outputs). Note Determining the IO addresses with packed addresses of an ET200 With packed addresses of an ET200. the first module of the pack group returns all addresses. For the other modules, the following is output with the PIADDR and PQADDR parameters: with PROFINET as address "0" with PROFIBUS as address "0" In addition, the error code W#16#8090 is output. For the number of bytes of the inputs and outputs (parameters PICOUNT and PQCOUNT), "0" is output in each case. Parameter The following table shows the parameters of the "RD_ADDR" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, D, L or con stant Hardware identifier of the (sub)module. RET_VAL Return INT I, Q, M, D, L Error code of the instruction. PIADDR Output UDINT I, Q, M, D, L Start address of the input module. PICOUNT Output UINT I, Q, M, D, L Number of bytes of the inputs. PQADDR Output UDINT I, Q, M, D, L Start address of the output module. PQCOUNT Output UINT I, Q, M, D, L Number of bytes of the outputs. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3877 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* (W#16#...) Explanation 0 No error occurred. 8090 Hardware identifier of the module at the LADDR parameter is invalid. * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". Example In the following example, you determine the length and start address of the inputs in an input module based on the hardware ID. Create seven tags in a global data block for storing the data. Interconnect the parameters of the instruction as follows. If the normally open contact ("executeRead") supplies the signal state "TRUE", the "RD_ADDR" instruction is executed. The hardware ID of the input module is stored with the input parameter LADDR ("readLaddr"). The instruction "RD_ADDR" determines the input module using the hardware ID and reads the length of the inputs and start address. 3878 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The determined start address is displayed at the output parameter PIADDR ("piAddr"). The number of bytes of the inputs is displayed at the output parameter PICOUNT ("piCount"). The output parameter RET_VAL ("readRetVal") indicates that processing took place without errors. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). System data type GEOADDR (S7-1200, S7-1500) Geographical address The system data type GEOADDR contains the geographical address of a module, i.e. the slot information. Geographical address for PROFINET IO For PROFINET IO the geographical address was composed of the ID of the PROFINET IO system, the device number, the slot number and the submodule (if a sub-module is used). Geographical address for PROFIBUS DP For PROFIBUS DP, the geographical address consists of the ID of the DP master system, the station number and the slot number. The slot information of the modules can be found in the hardware configuration of each module. System data type GEOADDR If you enter "GEOADDR" as the data type in a data block, the structure GEOADDR is automatically created. WinCC Advanced V14 System Manual, 10/2016 3879 Programming the PLC 11.4 Instructions The system data type GEOADDR has the following structure: Parameter name Data type GEOADDR STRUCT HWTYPE UINT Description Hardware type: 1: IO system (PROFINET/PROFIBUS) 2: IO device/DP slave 3: Rack 4: Module 5: Submodule If a hardware type is not supported by the instruction, a HWTYPE "0" is output. AREA UINT Area ID: 0 = CPU 1 = PROFINET IO 2 = PROFIBUS DP 3 = AS-i IOSYSTEM UINT PROFINET IO system (0=central unit in the rack) STATION UINT Number of the rack if area identifier AREA = 0 (central module). SLOT UINT Slot number SUBSLOT UINT Number of the submodule. This parameter has the value "0" if no submodule is available or can be plugged. Station number if area identifier AREA > 0. Legacy (S7-1200, S7-1500) GEO_LOG: Determine hardware identifier from slot (S7-1500) Description The corresponding module slot of a signal module is known. Use the "GEO_LOG" instruction to determine the corresponding hardware identifier of the module from this. 3880 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "GEO_LOG" instruction: Parameter Declaration Data type Memory area Description MASTER Input INT I, Q, M, D, L or con stant Area ID: 0, if the slot is located in a centralized configuration. 1 to 32: DP master system ID of the associated field device if the slot is located in a field device on PROFIBUS 100 to 115: PROFINET IO system ID of the associated field device if the slot is located in a field device on PROFINET STATION Input INT I, Q, M, D, L or con stant If MASTER = 0: Number of the rack If MASTER > 0: Station number of the field device SLOT Input INT I, Q, M, D, L or con stant Slot number SUBSLOT Input INT I, Q, M, D, L or con stant Number of the submodule. If no submodule exists or can be inserted SUBSLOT must have the value "0". RET_VAL Return INT I, Q, M, D, L Error information LADDR Output HW_IO I, Q, M, D, L Hardware identifier of the module You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred. 8094 No subnet was configured with the specified SUBNETID . 8095 Illegal value for STATION parameter 8096 Illegal value for SLOT parameter 8097 Illegal value for SUBSLOT parameter. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Instructions for address conversion (Page 3867) WinCC Advanced V14 System Manual, 10/2016 3881 Programming the PLC 11.4 Instructions LOG_GEO: Determine slot from hardware identifier (S7-1500) Description You use the "LOG_GEO" instruction to determine the module slot belonging to a hardware identifier. Parameters The following table shows the parameters of the "LOG_GEO" instruction: Parameter Declaration Data type Memory area Description LADDR Input HW_IO I, Q, M, D, L or constant Hardware identifier of the module for which the slot is to be determined. RET_VAL Return INT I, Q, M, D, L Error information AREA Output INT I, Q, M, D, L The area ID indicates how the remaining output parameters are to be interpreted: 0: central device 2: PROFIBUS DP / PROFINET IO MASTER Output INT I, Q, M, D, L With AREA = 0: 0: If the slot is located in one of the racks (central device). With AREA = 2: 1 to 32: DP master system ID of the associated field device if the slot is located in a field device on PROFIBUS 100 to 115: PROFINET IO system ID of the associated field device if the slot is located in a field device on PROFINET STATION Output INT I, Q, M, D, L With MASTER = 0: Number of the rack With MASTER > 0: Station number of the field device SLOT Output INT I, Q, M, D, L Slot number SUBSLOT Output INT I, Q, M, D, L Number of the submodule OFFSET Output INT I, Q, M, D, L The OFFSET parameter is not output by the instruction (always "0"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 3882 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* (W#16#...) Explanation 0000 No error occurred. 8090 Specified logical address invalid General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Instructions for address conversion (Page 3867) RD_LGADR: Determine IO addresses from the hardware identifier (S7-1200, S7-1500) Description Based on the hardware identifier, you can determine the IO addresses of a module, a central submodule or a submodule for PNIO and DP slaves with the "RD_LGADR" instruction. You can specify the hardware ID of the submodule at the LADDR parameter. The addresses are written to the PEADDR and PAADDR parameters is ascending order. - For an input module, only the PEADDR parameter is written. For an output module, the PAADDR parameter is written. - An Array of WORD is used to store the addresses in each case. The number of addresses is output at the PECOUNT parameter (for an input module) and PACOUNT parameter (for an output module). Note Description of the boxes PEADDR and PAADDR In PEADDR or PAADDR only as many addresses are entered as are returned (This number is entered in PECOUNT or PACOUNT). Addresses of earlier RD_LGADR-calls located behind the currently returned addresses are retained; they must not be evaluated in the current call. WinCC Advanced V14 System Manual, 10/2016 3883 Programming the PLC 11.4 Instructions Note Determining the IO addresses with packed addresses of an ET200 With packed addresses of an ET200. the first module of the pack group returns all addresses. For the other modules, the following is output with the PEADDR and PAADDR parameters: with PROFINET as address "0" with PROFIBUS as address "0" In addition, the error code W#16#8090 is output. For the number of bytes of the inputs and outputs (parameters PECOUNT and PACOUNT), "0" is output in each case. Parameters The following table shows the parameters of the "RD_LGADR" instruction: Parameter Declaration Data type Memory area IOID Input BYTE I, Q, M, D, L or constant Is not evaluated Description LADDR Input HW_ANY I, Q, M, D, L or constant Hardware identifier of the module or the sub module. RET_VAL Return INT I, Q, M, D, L Error information PEADDR Output ANY I, Q, M, D, L Field for the PI addresses with the Array of WORD data type PECOUNT Output INT I, Q, M, D, L Number of returned PI addresses PAADDR Output ANY I, Q, M, D, L Field for the PQ addresses with the Array of WORD data type PACOUNT Output INT I, Q, M, D, L Number of returned PQ addresses You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code Explanation (W#16#...) 0000 No error occurred. 8090 Specified hardware identifier is invalid 80A0 Error in the output parameter PEADDR: The data type of the array elements is not WORD. 80A1 Error in the output parameter PAADDR: The data type of the array elements is not WORD. 80A2 Error in the output parameter PEADDR: The specified array does not accommodate all the logical addresses. 80A3 Error in the output parameter PAADDR: The specified array does not accommodate all the logical addresses. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation 3884 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Instructions for address conversion (Page 3867) GADR_LGC: Determine hardware identifier from slot and offset in the user data address area (S7-1500) Description You use the "GADR_LGC" instruction to determine the hardware identifier of a signal module. The hardware identifier is determined from the module slot and the offset in the user data address area of the module. Note Restriction on use The "GADR_LGC" instruction cannot be used for modules behind gateways (e.g., IE/PB link). Use the "GEO2LOG" instruction instead. Parameters The following table shows the parameters of the "GADR_LGC" instruction: Parameter Declaration Data type Memory area Description SUBNETID Input BYTE I, Q, M, D, L or constant Area ID: 0: If the slot is located in the central module 1 to 32: DP master system ID of the corresponding distributed I/O system if the slot is in a distributed I/O device. 100 to 115: PROFINET IO system ID of the associated field device if the slot is located in a field device on PROFINET RACK Input WORD I, Q, M, D, L or constant Number of the rack, if area identifier is 0 Device number of the distributed I/O device if the area identifier > 0 SLOT Input WORD I, Q, M, D, L or constant Slot no. SUBSLOT Input BYTE I, Q, M, D, L or constant Irrelevant SUBADDR Input WORD I, Q, M, D, L or constant Offset in the user data address area of the module RET_VAL Return INT I, Q, M, D, L Error information IOID Output BYTE I, Q, M, D, L The IOID output parameter is not written (al ways "0"). LADDR Output HW_MOD ULE I, Q, M, D, L Hardware identifier of the module You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 3885 Programming the PLC 11.4 Instructions Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred. 8094 No subnet was configured with the specified SUBNETID . 8095 Illegal value for RACK parameter. 8096 Illegal value for SLOT parameter. 8098 Illegal value for SUBADDR parameter. General error in See also: GET_ERR_ID: Get error ID locally (Page 2690) formation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Instructions for address conversion (Page 3867) LGC_GADR: Determine slot from hardware identifier (S7-1500) Description You use the "LGC_GADR" instruction to determine the module slot belonging to a hardware identifier. Note Restriction on use The "LGC_GADR" instruction cannot be used for modules behind gateways (e.g., IE/PB link). Use the "LOG2GEO" instruction instead. Parameters The following table shows the parameters of the "LGC_GADR" instruction: Parameter Declaration Data type Memory area Description IOID Input BYTE I, Q, M, D, L or constant Is not evaluated. LADDR Input HW_MOD ULE I, Q, M, D, L or constant Hardware identifier of the module RET_VAL Return INT I, Q, M, D, L Error information AREA Output BYTE I, Q, M, D, L The area ID indicates how the remaining output parameters are to be interpreted: 0: Central module 2: PROFIBUS DP 3886 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description RACK Output WORD I, Q, M, D, L Rack number: With central module (AREA= 0): - Rack number For PROFIBUS DP (AREA=2): SLOT Output WORD I, Q, M, D, L - Low byte: Station number - High byte: DP master system ID Slot number: With central module (AREA= 0): - Slot number For PROFIBUS DP (AREA=2): - SUBADDR Output WORD I, Q, M, D, L Slot no. in the station Is not output (always "0"). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameter RET_VAL Error code* Explanation (W#16#...) 0000 No error occurred. 8090 Specified logical address invalid 8093 This instruction is not permitted for the module selected by the parameters IOID and LADDR . General error infor See also: GET_ERR_ID: Get error ID locally (Page 2690) mation * The error codes in the program editor are displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Instructions for address conversion (Page 3867) WinCC Advanced V14 System Manual, 10/2016 3887 Programming the PLC 11.4 Instructions 11.4.1.5 Technology (S7-1200, S7-1500) S7-1200 Motion Control (S7-1200) S7-1200 Motion Control as of V6 (S7-1200) MC_Power (S7-1200) MC_Power: Enable, disable axis as of V6 (S7-1200) Description The Motion Control instruction "MC_Power" enables or disables an axis. Requirements The positioning axis technology object has been configured correctly. There is no pending enable-inhibiting error. Override response Execution of "MC_Power" cannot be aborted by a Motion Control command. Disabling the axis (input parameter "Enable" = FALSE) aborts all Motion Control commands for the associated technology object in accordance with the selected "StopMode". Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Enable INPUT BOOL FALSE TRUE The axis is enabled. FALSE All current jobs are interrupted in accordance with the "StopMode" configured. The axis is stopped and disabled. StartMode INPUT INT 1 0 Enable positioning axis not position-controlled *) 1 Enable positioning axis position-controlled *) *) This parameter is ignored when a positioning axis with PTO (Pulse Train Output) drive is used. The parameter initially takes effect when the positioning axis is enabled (Enable changes from FALSE to TRUE) and when the axis is enabled after successful acknowledgment of an interrupt that caused the axis to be disabled. 3888 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description StopMode INPUT INT 0 0 Emergency stop If a request to disable the axis is pending, the axis brakes at the configured emergency deceleration. The axis is disabled after reaching standstill. 1 Immediate stop If a request to disable the axis is pending, this set point zero is output and the axis is disabled. The axis is braked depending on the configuration in the drive, and is brought to a standstill. With drive connection via PTO (Pulse Train Output): When you disable the axis, the pulse output is stop ped with a frequency-dependent deceleration: Output frequency 100 Hz Deceleration: max. 30 ms Output frequency < 100 Hz Deceleration: 30 ms up to max. 1.5 s at 2 Hz 2 Emergency stop with jerk control If a request to disable the axis is pending, the axis brakes at the configured emergency deceleration. If the jerk control is activated, the configured jerk is taken into account. The axis is disabled after reach ing standstill. Status OUTPUT BOOL FALSE Status of axis enable FALSE The axis is disabled. The axis does not execute Motion Control com mands and does not accept any new commands (exception: MC_Reset command) For drive connection via PTO (Pulse Train Output): The axis is not homed. Upon disabling, the status does not change to FALSE until the axis reaches a standstill. TRUE The axis is enabled. The axis is ready to execute Motion Control com mands. Upon axis enabling, the status does not change to TRUE until the signal "Drive ready" is pending. If the "Drive ready" drive interface was not configured in the axis configuration, the status changes to TRUE immediately. Busy OUTPUT BOOL FALSE TRUE MC_Power" is active. Error OUTPUT BOOL FALSE TRUE An error occurred in Motion Control instruction "MC_Power" or in the associated technology object. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" WinCC Advanced V14 System Manual, 10/2016 3889 Programming the PLC 11.4 Instructions Note If the axis is switched off due to an error, it will be enabled again automatically after the error has been eliminated and acknowledged. This requires that the input parameter "Enable" has retained the value TRUE during this process. Enabling an axis with configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameters "StartMode" and "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The enable output for "Drive enabled" changes to TRUE to enable the power to the drive. The CPU waits for the "Drive ready" signal of the drive. When the "Drive ready" signal is available at the configured ready input of the CPU, the axis is enabled. The output parameter "Status" and the variable of the technology object <axis name>.StatusBits.Enable indicate the value TRUE. Enabling an axis without configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameters "StartMode" and "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The axis is enabled. The output parameter "Status" and the variable of the technology object <axis name>.StatusBits.Enable indicate the value TRUE. Disabling an axis To disable an axis, you can follow the steps described below: 1. Bring the axis to a standstill. You can identify when the axis is at a standstill in the variable of the technology object <axis name>.StatusBits.StandStill. 2. Set input parameter "Enable" to FALSE after standstill is reached. 3. If output parameters "Busy" and "Status" and variable of technology object <axis name>.StatusBits.Enable indicate the value FALSE, disabling of the axis is complete. See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) 3890 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_Halt: Stop axis as of V6 (Page 3899) Configuration - Standstill signal (PROFIdrive and analog drive connection only) (Page 6674) Move the axis without position control for servicing (Page 6757) WinCC Advanced V14 System Manual, 10/2016 3891 Programming the PLC 11.4 Instructions MC_Power: Function chart as of V6 (S7-1200) Function chart $[LVB (QDB )% )% 0&B3RZHU 0&B5HVHW $[LV (QDEOH 6WDUW0RGH 6WRS0RGH 6WDWXV %XV\ (UURU (UURU,' (UURU,QIR )% 6WDWXVB %XV\B (UURUB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ (UURU (UURU,' (UURU,QIR 'RQHB %XV\B (QDB W 6WDWXVB W W ([HB W 'RQHB W %XV\B W 'ULYH(QDEOHG W 'ULYH5HDG\ W %XV\B (UURUB )% 'ULYH,QWHUIDFH W An axis is enabled and then disabled again. When the drive has signaled "Drive ready" back to the CPU, the successful enable can be read out via "Status_1". Following an axis enable, an error has occurred that caused the axis to be disabled. The error is eliminated and ac knowledged with "MC_Reset". The axis is then enabled again. The exact end of the signals depends on the selected drive and the StopMode. 3892 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Reset (S7-1200) MC_Reset: Acknowledge fault, restart technology object as of V6 (S7-1200) Description Motion Control instruction "MC_Reset" can be used to acknowledge "Operating error with axis stop" and "Configuration error". The errors that require acknowledgment can be found in the "List of ErrorIDs and ErrorInfos" under "Remedy". The axis configuration can be downloaded to the work memory after a download in RUN mode. Requirements The positioning axis technology object has been configured correctly. The cause of a pending configuration error requiring acknowledgment has been eliminated (for example, acceleration in positioning axis technology object has been changed to a valid value). Override response The MC_Reset command cannot be aborted by any other Motion Control command. The new MC_Reset command does not abort any other active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Restart INPUT BOOL FALSE TRUE Download the axis configuration from the load mem ory to the work memory. The command can only be executed when the axis is disabled. Refer to the notes on Download to the CPU. FALSE Acknowledges pending errors Done OUTPUT BOOL FALSE TRUE Error has been acknowledged. Busy OUTPUT BOOL FALSE TRUE The command is being executed Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" WinCC Advanced V14 System Manual, 10/2016 3893 Programming the PLC 11.4 Instructions Acknowledging an error requiring acknowledgment with MC_Reset To acknowledge an error, follow these steps: 1. Check the requirements indicated above. 2. Start the acknowledgment of the error with a rising edge at input parameter "Execute". 3. If output parameter "Done" indicates the value TRUE and tag of technology object <Axis name>.StatusBits.Error the value FALSE, the error has been acknowledged. See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_Home (S7-1200) MC_Home: Home axes, set reference point as of V6 (S7-1200) Description Motion Control instruction "MC_Home" is used to match the axis coordinates to the real, physical drive position. Homing is required for absolute positioning of the axis. The following types of homing can be executed: Active homing (Mode = 3) The homing procedure is executed automatically. Passive homing (Mode = 2) During passive homing, the "MC_Home" Motion Control instruction does not carry out any homing motion. The traversing motion required for this must be implemented by the user via other Motion Control instructions. When the homing switch is detected, the axis is homed. Direct homing absolute (Mode = 0) The current axis position is set to the value of parameter "Position". 3894 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Direct homing relative (Mode = 1) The current axis position is offset by the value of parameter "Position". Absolute encoder adjustment relative (Mode = 6) The current axis position is offset by the value of parameter "Position". Absolute encoder adjustment absolute (Mode = 7) The current axis position is set to the value of parameter "Position". Mode 6 and 7 can only be used with drives with an analog interface and PROFIdrive drive. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. No MC_CommandTable command may be active upon start with Mode = 0, 1, or 2. Override response The override response depends on the selected mode: Mode = 0, 1, 6, 7 The MC_Home command cannot be aborted by any other Motion Control command. The MC_Home command does not abort any active Motion Control commands. Positionrelated motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 2 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 2, 3 The new MC_Home command aborts the following active Motion Control command: MC_Home command Mode = 2 Position-related motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 3 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3895 Programming the PLC 11.4 Instructions The new MC_Home command aborts the following active Motion Control commands: MC_Home command Mode = 2, 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Position INPUT REAL 0.0 Mode = 0, 2, and 3 Absolute position of axis after completion of the homing operation Mode = 1 Correction value for the current axis position Limit values: -1.0e12 Position 1.0e12 3896 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Mode INPUT INT 0 Homing mode 0 Direct homing (absolute) New axis position is the position value of parameter "Position". 1 Direct homing (relative) New axis position is the current axis posi tion + position value of parameter "Posi tion". 2 Passive homing Homing according to the axis configura tion. Following homing, the value of pa rameter "Position" is set as the new axis position. 3 Active homing Homing procedure in accordance with the axis configuration. Following homing, the value of parameter "Position" is set as the new axis position. 6 Absolute encoder adjustment (relative) The current axis position is offset by the value of parameter "Position". The calcu lated absolute value offset is stored reten tively in the CPU. (<AxisName>.Status Sensor.AbsEncoderOffset) 7 Absolute encoder adjustment (absolute) The current axis position is set to the value of parameter "Position". The calculated absolute value offset is stored retentively in the CPU. (<AxisName>.StatusSen sor.AbsEncoderOffset) Done OUTPUT BOOL FALSE TRUE Command completed Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "Error Info". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" REAL 0.0 Display of the position at which the technology object was homed (valid when "Done" = TRUE) ReferenceMarkPo OUTPUT sition WinCC Advanced V14 System Manual, 10/2016 3897 Programming the PLC 11.4 Instructions Resetting the "Homed" status The "Homed" status of a technology object (<Axis name>.StatusBits.HomingDone) is reset under the following conditions: Drive connection via PTO (Pulse Train Output): - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Disabling of axis by the "MC_Power" Motion Control instruction - Changeover between automatic mode and manual control - After POWER OFF -> POWER ON of the CPU - After CPU restart (RUN-STOP -> STOP-RUN) Technology objects with incremental actual values: - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Error in the encoder system, or encoder failure - Restart of the technology object - After POWER OFF POWER ON of the CPU - Memory reset - Modification of the encoder configuration Technology objects with absolute actual values: - Errors in the sensor system/encoder failure - Replacement of the CPU - Modification of the encoder configuration - Restoration of the CPU factory settings - Transfer of a different project to the controller Homing an axis To home the axis, follow these stops: 1. Check the requirements indicated above. 2. Provide the necessary input parameters with values and start the homing operation with a rising edge at input parameter "Execute". 3. If output parameter "Done" and technology object variable <axis name>.StatusBits.HomingDone indicate the value TRUE, homing is complete. The reference position can be taken from the <axis name>.ReferenceMarkPosition variable. See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) 3898 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_Halt (S7-1200) MC_Halt: Stop axis as of V6 (S7-1200) Description The "MC_Halt" Motion Control instruction stops all movements and brings the axis to a standstill with the configured deceleration. The standstill position is not defined. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_Halt command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_Halt command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command WinCC Advanced V14 System Manual, 10/2016 3899 Programming the PLC 11.4 Instructions MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Done OUTPUT BOOL FALSE TRUE Zero velocity reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) Move the axis without position control for servicing (Page 6757) 3900 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Halt: Function chart as of V6 (S7-1200) Function chart )% )% 0&B0RYH9HORFLW\ $[LVB ([HB IDOVH WUXH $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW 3RVLWLRQ&RQWUROOHG (UURU,QIR 0&B+DOW ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB )% ([HB ,Q9HOB W %XV\B W $ERUWB W W )% ([HB 'RQHB W %XV\B W $ERUWB W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 The axis is braked by an MC_Halt command until it comes to a standstill. The axis standstill is signaled via "Done_2". While an MC_Halt command is braking the axis, this command is aborted by another motion command. The abort is signaled via "Abort_2". WinCC Advanced V14 System Manual, 10/2016 3901 Programming the PLC 11.4 Instructions MC_MoveAbsolute (S7-1200) MC_MoveAbsolute: Absolute positioning of axis as of V6 (S7-1200) Description The "MC_MoveAbsolute" Motion Control instruction starts an axis positioning motion to move it to an absolute position. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. The axis is homed. Override response The MC_MoveAbsolute command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveAbsolute command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Positionin gAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge 3902 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Position INPUT REAL 0.0 Absolute target position Limit values: -1.0e12 Position 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the tar get position to be approached. Limit values: Start/stop velocity Velocity maximum velocity Direction INPUT INT 1 Motion direction of the axis Is only evaluated with "modulo" enabled. "Technology object > Configuration > Extended parameters > Mod ulo > Enable Modulo" Parameter is ignored with PTO axes. 0 The sign for the speed ("Velocity" parame ter) determines the motion direction. 1 Positive direction (Target position is approached in a positive direction) 2 Negative direction (Target position is approached in a negative direction) 3 Shortest distance (Starting from the current position, the tech nology selects the shortest distance to the target position) Done OUTPUT BOOL FALSE TRUE Absolute target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) WinCC Advanced V14 System Manual, 10/2016 3903 Programming the PLC 11.4 Instructions MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) Configuration - Modulo (PROFIdrive/analog drive connection only) (Page 6651) 3904 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveAbsolute: Function chart as of V6 (S7-1200) Function chart )% )% 0&B0RYH$EVROXWH 0&B0RYH$EVROXWH $[LVB ([HB $[LV 'RQH ([HFXWH %XV\ 3RVLWLRQ &RPPDQG$ERUWHG (UURU 9HORFLW\ 'LUHFWLRQ (UURU,' (UURU,QIR )% ([HB 'RQHB %XV\B $ERUWB )% ([HB 'RQHB %XV\B 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 3RVLWLRQ 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B W W W W W W W 9HORFLW\ $[LVB W 3RVLWLRQ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 WinCC Advanced V14 System Manual, 10/2016 3905 Programming the PLC 11.4 Instructions An axis is moved to absolute position 1000.0 with an MC_MoveAbsolute command. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveAbsolute command, with target position 1500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveAbsolute command is aborted by another MC_MoveAbsolute command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity to the new target position 1500.0. When the new target position is reached, this is signaled via "Done_2". MC_MoveRelative (S7-1200) MC_MoveRelative: Relative positioning of axis as of V6 (S7-1200) Description The "MC_MoveRelative" Motion Control instruction starts a positioning motion relative to the start position. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveRelative command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveRelative command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command 3906 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Positionin gAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Distance INPUT REAL 0.0 Travel distance for the positioning operation Limit values: -1.0e12 Distance 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the dis tance to be traveled. Limit values: Start/stop velocity Velocity maximum velocity Done OUTPUT BOOL FALSE TRUE Target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) WinCC Advanced V14 System Manual, 10/2016 3907 Programming the PLC 11.4 Instructions MC_MoveRelative: Function chart as of V6 (S7-1200) Function chart )% )% 0&B0RYH5HODWLYH $[LV ([HFXWH 'LVWDQFH 9HORFLW\ $[LVB ([HB 0&B0RYH5HODWLYH 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'LVWDQFH 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B )% ([HB W %XV\B W 'RQHB W $ERUWB W )% ([HB W %XV\B 'RQHB 9HORFLW\ $[LVB W W 3RVLWLRQ $[LVB W W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 3908 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The axis is moved by an MC_MoveRelative command by the distance ("Distance") 1000.0. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveRelative command, with travel distance 500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveRelative command is aborted by another MC_MoveRelative command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity by the new distance ("Distance") 500.0. When the new target position is reached, this is signaled via "Done_2". MC_MoveVelocity (S7-1200) MC_MoveVelocity: Move axis at set velocity as of V6 (S7-1200) Description Motion control instruction "MC_MoveVelocity" moves the axis constantly at the specified velocity. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response MC_MoveVelocity can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveVelocity command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3909 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Velocity INPUT REAL 10.0 Velocity specification for axis motion Limit values: Start/stop velocity |Velocity maximum velocity (Velocity = 0.0 is permitted) Direction INPUT INT 0 Direction specification 0 Direction of rotation corresponds to the sign of the value in parameter "Velocity" 1 Positive direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) 2 Negative direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) Current INPUT BOOL FALSE Maintain current velocity FALSE "Maintain current velocity" is deactivated. The values of parameters "Velocity" and "Di rection" are used. TRUE "Maintain current velocity" is activated. The values in parameters "Velocity" and "Direc tion" are not taken into account. When the axis resumes motion at the current velocity, the "InVelocity" parameter returns the value TRUE. PositionControlled INPUT BOOL TRUE FALSE Non position-controlled operation TRUE Position-controlled operation The parameter applies as long as the MC_MoveVe locity command is executed. After this, the setting of MC_Power applies again. This parameter is ignored when a PTO axis is used. InVelocity OUTPUT BOOL FALSE TRUE "Current" = FALSE: The velocity specified in parameter "Velocity" was reached. "Current" = TRUE: The axis travels at the current velocity at the start time. Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". 3910 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" Note PLCopen Version 2.0 The Motion Control instruction "MC_MoveVelocity" is compatible to PLCopen Version 2.0 as of V4. The "InVelocity" and "Busy" parameters show their status regardless of the "Execute" parameter until the command is overridden or stopped by an error. For more information, refer to the section " Tracking active commands. Behavior with zero setpoint velocity (Velocity = 0.0) An MC_MoveVelocity command with "Velocity" = 0.0 (such as an MC_Halt command) aborts active motion commands and stops the axis with the configured deceleration. When the axis comes to a standstill, output parameter "InVelocity" indicates TRUE for at least one program cycle. "Busy" indicates the value TRUE during the deceleration process and changes to FALSE together with "InVelocity". If parameter "Execute" = TRUE is set, "InVelocity" and "Busy" are latched. When the "MC_MoveVelocity" command is started, status bit "SpeedCommand" is set in the technology object. Status bit "ConstantVelocity" is set upon axis standstill. Both bits are adapted to the new situation when a new motion command is started. See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) WinCC Advanced V14 System Manual, 10/2016 3911 Programming the PLC 11.4 Instructions MC_MoveVelocity: Function chart as of V6 (S7-1200) Function chart )% )% 0&B0RYH9HORFLW\ 0&B0RYH9HORFLW\ $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW 3RVLWLRQ&RQWUROOHG (UURU,QIR $[LVB ([HB IDOVH WUXH ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR ,Q9HOB %XV\B )% ([HB W %XV\B ,Q9HOB W W $ERUWB W )% ([HB %XV\B W W ,Q9HOB W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 An active MC_MoveVelocity command signals via "InVel_1" that its target velocity has been reached. It is then aborted by another MC_MoveVelocity command. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. An active MC_MoveVelocity command is aborted by another MC_MoveVelocity command prior to reaching its target velocity. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. 3912 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveJog (S7-1200) MC_MoveJog: Move axis in jog mode as of V6 (S7-1200) Description Motion control instruction "MC_MoveJog" moves the axis constantly at the specified velocity in jog mode. You use this Motion Control instruction, for example, for testing and commissioning purposes. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveJog command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveJog command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3913 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object JogForward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the positive direction at the velocity specified in pa rameter "Velocity". JogBackward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the negative direction at the velocity specified in pa rameter "Velocity". If both parameters are simultaneously TRUE, the axis stops with the configured deceleration. An error is indicated in param eters "Error", "ErrorID", and "ErrorInfo". Velocity INPUT REAL 10.0 Preset velocity for jog mode Limit values: Start/stop velocity velocity maximum velocity PositionControlled INPUT BOOL TRUE FALSE Non position-controlled operation TRUE Position-controlled operation The parameter applies as long as the MC_MoveJog command is executed. After this, the setting of MC_Power applies again. This parameter is ignored when a PTO axis is used. InVelocity OUTPUT BOOL FALSE TRUE The velocity specified in parameter "Veloci ty" was reached. Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) 3914 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_MoveJog: Function chart as of V6 (S7-1200) Function chart )% 0&B0RYH-RJ $[LV ,Q9HORFLW\ -RJ)RUZDUG %XV\ -RJ%DFNZDUG &RPPDQG$ERUWHG (UURU 9HORFLW\ 3RVLWLRQ&RQWUROOHG (UURU,' $[LVB -RJB) -RJB% WUXH ,Q9HOB %XV\B (UURU,QIR )% -RJB) W -RJB% W ,Q9HOB %XV\B W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 The axis is moved in the positive direction in jog mode via "Jog_F". When the target velocity 50.0 is reached, this is signaled via "InVel_1". After "Jog_F" is reset, the axis is braked to a standstill. The axis is moved in the negative direction in jog mode via "Jog_B". When the target velocity -50.0 is reached, this is signaled via "InVel_1". When "Jog_B" is set, the value at parameter "Velocity" changes to 25.0. "InVel_1" is reset and the axis is braked. When the new target velocity -25.0 is reached, this is signaled via "InVel_1". After "Jog_B" is reset, the axis is braked to a standstill. WinCC Advanced V14 System Manual, 10/2016 3915 Programming the PLC 11.4 Instructions MC_CommandTable (S7-1200) MC_CommandTable: Run axis commands as motion sequence as of V6 (S7-1200) Description The Motion Control instruction "MC_CommandTable" combines multiple individual axis control commands in one movement sequence. "MC_CommandTable" is available for axes with drive connection via PTO (Pulse Train Output). Requirements The positioning axis technology object has been inserted and correctly configured. The drive is connected via PTO (Pulse Train Output). The command table technology object has been inserted and correctly configured. The axis is enabled. Override response The MC_CommandTable command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_CommandTable command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The active Motion Control command is canceled by the start of the first "Positioning Relative", "Positioning Absolute", "Velocity set point" or "Halt" command. 3916 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object CommandTa ble INPUT TO_Com mandTable - Command table technology object Execute INPUT BOOL FALSE Command table start with positive edge StartStep INPUT INT 1 Defines the step at which the execution of the command table should begin Limit values: 1 StartStep EndStep EndStep INPUT INT 32 Defines the step up to which the execution of command table should take place Limit values: StartStep EndStep 32 Done OUTPUT BOOL FALSE TRUE Command table has been successfully executed Busy OUTPU BOOL FALSE TRUE The command table is being executed CommandA borted OUTPUT BOOL FALSE TRUE The command table was canceled by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand table. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" CurrentStep OUTPUT INT 0 Step in command table currently being executed StepCode OUTPUT WORD 16#0000 User-defined numerical value / bit pattern of the step cur rently being executed See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) WinCC Advanced V14 System Manual, 10/2016 3917 Programming the PLC 11.4 Instructions MC_ChangeDynamic (S7-1200) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (S7-1200) Description Motion Control instruction "MC_ChangeDynamic" allows you to change the following settings of the axis: Change the ramp-up time (acceleration) value Change the ramp-down time (deceleration) value Change the emergency stop ramp-down time (emergency stop deceleration) value Change the smoothing time (jerk) value For the effectiveness of the change, refer to the description of the tag. Requirements The positioning axis technology object has been configured correctly. Override response A MC_ChangeDynamic command cannot be aborted by any other Motion Control command. A new MC_ChangeDynamic command does not abort any active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge ChangeR ampUp INPUT BOOL FALSE TRUE RampUp Time INPUT REAL 5.00 Time (in seconds) to accelerate axis from standstill to config ured maximum velocity without jerk limit. Change ramp-up time in line with input parameter "RampUpTime" The change will influence the tag <Axis name>. Config.Dy namicDefaults.Acceleration. For the effectiveness of the change, refer to the description of this tag. ChangeR ampDown INPUT BOOL FALSE TRUE Change ramp-down time to correspond to input pa rameter "RampDownTime" Ramp DownTime INPUT REAL 5.00 Time (in seconds) to decelerate axis from the configured maximum velocity to standstill without jerk limiter. The change will influence the tag <Axis name>. Config.Dy namicDefaults.Deceleration . For the effectiveness of the change, refer to the description of this tag. ChangeE mergency 3918 INPUT BOOL FALSE TRUE Change emergency stop ramp-down time in line with input parameter "EmergencyRampTime" WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Emergen cyRamp Time INPUT REAL 2.00 Time (in seconds) to decelerate the axis from configured maximum velocity to standstill without jerk limiter in emer gency stop mode. The change will influence the tag <Axis name>. Config.Dy namicDefaults.EmergencyDeceleration . For the effective ness of the change, refer to the description of this tag. Change JerkTime INPUT BOOL FALSE TRUE Change smoothing time according to the input pa rameter "JerkTime" JerkTime INPUT REAL 0.25 Smoothing time (in seconds) used for the axis acceleration and deceleration ramps The change will influence the tag <Axis name>. Config.Dy namicDefaults.Jerk . For the effectiveness of the change, re fer to the description of this tag. Done OUTPUT BOOL FALSE TRUE The changed values have been written to the tech nology data block. The description of the tags will show when the change becomes effective. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" Note At the input parameters "RampUpTime", "RampDownTime", "EmergencyRampTime" and "JerkTime", values can be entered which exceed the admissible limits of the resulting parameters: "Acceleration", "Deceleration", "Emergency stop deceleration" and "Jerk". Ensure that your inputs are within the valid range, taking into consideration the equations and limits in section "Dynamic". See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) WinCC Advanced V14 System Manual, 10/2016 3919 Programming the PLC 11.4 Instructions MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_ReadParam (S7-1200) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (S7-1200) Description The Motion Control instruction "MC_ReadParam" enables continuous reading of motion data and status messages of an axis. The current value of the corresponding tags is determined at the start of the command. The following motion data and status messages can be read: As of technology version V4: - Setpoint position of the axis - Setpoint and actual velocity of the axis - Current distance of axis from target position - Target position of the axis Additional as of technology version V5: - Actual position of the axis - Actual velocity of the axis - Current following error - Drive status - Encoder status - Status bits - Error bits Requirements The positioning axis technology object has been configured correctly. Override response A MC_ReadParam command cannot be aborted by any other Motion Control command. A new MC_ReadParam command does not abort any active Motion Control commands. 3920 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Enable INPUT BOOL FALSE TRUE Read the tag specified with the "Parameter" and store the value in the destination address specified with "Value". FALSE Do not update assigned motion data Parameter INPUT VARIANT (RE AL) - VARIANT pointer to the value to be read. The following tags are permitted: <Axis name>.Position <Axis name>.Velocity <Axis name>.ActualPosition <Axis name>.ActualVelocity <Axis name>.StatusPositioning.<Tag name> <Axis name>.StatusDrive.<Tag name> <Axis name>.StatusSensor.<Tag name> <Axis name>.StatusBits.<Tag name> <Axis name>.ErrorBits.<Tag name> The description of the tags named and the tag structures can be found in the Appendix AUTOHOTSPOT. Value INOUT VARIANT (RE AL) - VARIANT pointer to the target tag or destination address to which the read value is to be written. Valid OUTPUT BOOL FALSE TRUE The read value is valid. FALSE The read value is invalid. Busy OUTPUT BOOL FALSE TRUE The command is being executed Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) WinCC Advanced V14 System Manual, 10/2016 3921 Programming the PLC 11.4 Instructions MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) MC_WriteParam (S7-1200) MC_WriteParam: Write tag of positioning axis as of V6 (S7-1200) Description Motion Control instruction "MC_WriteParam" enables the writing of tags of the positioning axis technology object in the user program. In contrast to the value assignment of the tags in the user program, "MC_WriteParam" can also change values of read-only tags. You can learn about the tags, the conditions under which they can be written and the time at which they take effect in the description of the technology object tags (Page 6782). Requirements The positioning axis technology object has been configured correctly. To write tags that are read-only in the user program, the axis must be disabled. Tags whose change requires a restart cannot be written with "MC_WriteParam". Override response A MC_WriteParam command cannot be aborted by any other Motion Control command. A new MC_WriteParam command does not abort any active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Parameter INPUT VARIANT (BOOL, INT, DINT, UDINT, REAL) - VARIANT pointer to the technology object tags (Page 6782) positioning axis (desti nation address) to be written Value INPUT VARIANT (BOOL, INT, DINT, UDINT, REAL) - VARIANT pointer to the value to be written (source address) Execute INPUT BOOL FALSE Start of the command with a positive edge Done OUTPUT BOOL FALSE TRUE Value was written Busy OUTPUT BOOL FALSE TRUE The command is being execu ted Error OUTPUT BOOL FALSE TRUE An error occurred during exe cution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". 3922 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description ErrorID OUTPUT WORD 16#0000 Error ID (Page 6758) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6758) for parameter "ErrorID" See also List of ErrorIDs and ErrorInfos (technology objects as of V6) (Page 6758) MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) Tags of the positioning axis technology object as of V6 (Page 6782) S7-1200 Motion Control V4...5 (S7-1200) MC_Power (S7-1200) MC_Power: Enable, disable axis V4...5 (S7-1200) Description The Motion Control instruction "MC_Power" enables or disables an axis. Requirements The positioning axis technology object has been configured correctly. There is no pending enable-inhibiting error. Override response Execution of "MC_Power" cannot be aborted by a Motion Control command. WinCC Advanced V14 System Manual, 10/2016 3923 Programming the PLC 11.4 Instructions Disabling the axis (input parameter "Enable" = FALSE) aborts all Motion Control commands for the associated technology object in accordance with the selected "StopMode". Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Enable INPUT BOOL FALSE TRUE The axis is enabled. FALSE All current jobs are interrupted in accordance with the "StopMode" configured. The axis is stopped and disabled. StopMode INPUT INT 0 0 Emergency stop If a request to disable the axis is pending, the axis brakes at the configured emergency deceleration. The axis is disabled after reaching standstill. 1 Immediate stop If a request to disable the axis is pending, this set point zero is output and the axis is disabled. The axis is braked depending on the configuration in the drive, and is brought to a standstill. With drive connection via PTO (Pulse Train Output): When you disable the axis, the pulse output is stop ped with a frequency-dependent deceleration: Output frequency 100 Hz Deceleration: max. 30 ms Output frequency < 100 Hz Deceleration: 30 ms up to max. 1.5 s at 2 Hz 2 Emergency stop with jerk control If a request to disable the axis is pending, the axis brakes at the configured emergency deceleration. If the jerk control is activated, the configured jerk is taken into account. The axis is disabled after reach ing standstill. 3924 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Status OUTPUT BOOL FALSE Status of axis enable FALSE The axis is disabled. The axis does not execute Motion Control com mands and does not accept any new commands (exception: MC_Reset command). For drive connection via PTO (Pulse Train Output): The axis is not homed. Upon disabling, the status does not change to FALSE until the axis reaches a standstill. TRUE The axis is enabled. The axis is ready to execute Motion Control com mands. Upon axis enabling, the status does not change to TRUE until the signal "Drive ready" is pending. If the "Drive ready" drive interface was not configured in the axis configuration, the status changes to TRUE immediately. Busy OUTPUT BOOL FALSE TRUE "MC_Power" is active. Error OUTPUT BOOL FALSE TRUE An error occurred in Motion Control instruction "MC_Power" or in the associated technology object. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" Note If the axis is switched off due to an error, it will be enabled again automatically after the error has been eliminated and acknowledged. This requires that the input parameter "Enable" has retained the value TRUE during this process. Enabling an axis with configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameter "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The enable output for "Drive enabled" changes to TRUE to enable the power to the drive. The CPU waits for the "Drive ready" signal of the drive. When the "Drive ready" signal is available at the configured ready input of the CPU, the axis is enabled. The output parameter "Status" and the tag of the technology object <Axis name>.StatusBits.Enable indicate the value TRUE. WinCC Advanced V14 System Manual, 10/2016 3925 Programming the PLC 11.4 Instructions Enabling an axis without configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameter "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The axis is enabled. The output parameter "Status" and the tag of the technology object <Axis name>.StatusBits.Enable indicate the value TRUE. Disabling an axis To disable an axis, you can follow the steps described below: 1. Bring the axis to a standstill. You can identify when the axis is at a standstill in the tag of the technology object <Axis name>.StatusBits.StandStill. 2. Set input parameter "Enable" to FALSE after standstill is reached. 3. If output parameters "Busy" and "Status" and tag of technology object <Axis name>.StatusBits.Enable indicate the value FALSE, disabling of the axis is complete. See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_Power: Function chart V4...5 (Page 3927) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) 3926 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Power: Function chart V4...5 (S7-1200) Function chart $[LVB (QDB )% )% 0&B3RZHU 0&B5HVHW $[LV (QDEOH 6WRS0RGH 6WDWXV %XV\ (UURU (UURU,' (UURU,QIR )% 6WDWXVB %XV\B (UURUB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ (UURU (UURU,' (UURU,QIR 'RQHB %XV\B (QDB W 6WDWXVB W W ([HB W 'RQHB W %XV\B W 'ULYH(QDEOHG W 'ULYH5HDG\ W %XV\B (UURUB )% 'ULYH,QWHUIDFH W An axis is enabled and then disabled again. When the drive has signaled "Drive ready" back to the CPU, the successful enable can be read out via "Status_1". Following an axis enable, an error has occurred that caused the axis to be disabled. The error is eliminated and ac knowledged with "MC_Reset". The axis is then enabled again. See also MC_Power: Enable, disable axis V4...5 (Page 3923) WinCC Advanced V14 System Manual, 10/2016 3927 Programming the PLC 11.4 Instructions MC_Reset (S7-1200) MC_Reset: Acknowledge fault, restart technology object V4...5 (S7-1200) Description Motion Control instruction "MC_Reset" can be used to acknowledge "Operating error with axis stop" and "Configuration error". The errors that require acknowledgment can be found in the "List of ErrorIDs and ErrorInfos" under "Remedy". The axis configuration can be downloaded to the work memory after a download in RUN mode. Requirements The positioning axis technology object has been configured correctly. The cause of a pending configuration error requiring acknowledgment has been eliminated (for example, acceleration in positioning axis technology object has been changed to a valid value). Override response The MC_Reset command cannot be aborted by any other Motion Control command. The new MC_Reset command does not abort any other active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Restart INPUT BOOL FALSE TRUE Download the axis configuration from the load mem ory to the work memory. The command can only be executed when the axis is disabled. Refer to the notes on Download to the CPU (Page 6714). FALSE Acknowledges pending errors Done OUTPUT BOOL FALSE TRUE Error has been acknowledged. Busy OUTPUT BOOL FALSE TRUE The command is being executed Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" 3928 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Acknowledging an error requiring acknowledgment with MC_Reset To acknowledge an error, follow these steps: 1. Check the requirements indicated above. 2. Start the acknowledgment of the error with a rising edge at input parameter "Execute". 3. If output parameter "Done" indicates the value TRUE and tag of technology object <Axis name>.StatusBits.Error the value FALSE, the error has been acknowledged. See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) Download to CPU (Page 6714) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) WinCC Advanced V14 System Manual, 10/2016 3929 Programming the PLC 11.4 Instructions MC_Home (S7-1200) MC_Home: Home axis, set home position V4...5 (S7-1200) Description Motion Control instruction "MC_Home" is used to match the axis coordinates to the real, physical drive position. Homing is required for absolute positioning of the axis. The following types of homing can be executed: Active homing (Mode = 3) The homing procedure is executed automatically. Passive homing (Mode = 2) During passive homing, the "MC_Home" Motion Control instruction does not carry out any homing motion. The traversing motion required for this must be implemented by the user via other Motion Control instructions. When the homing switch is detected, the axis is homed. Direct homing absolute (Mode = 0) The current axis position is set to the value of parameter "Position". Direct homing relative (Mode = 1) The current axis position is offset by the value of parameter "Position". Absolute encoder adjustment relative (Mode = 6) The current axis position is offset by the value of parameter "Position". Absolute encoder adjustment absolute (Mode = 7) The current axis position is set to the value of parameter "Position". Requirements The positioning axis technology object has been configured correctly. The axis is enabled. No MC_CommandTable command may be active upon start with Mode = 0, 1, or 2. Override response The override response depends on the selected mode: Mode = 0, 1, 6, 7 The MC_Home command cannot be aborted by any other Motion Control command. The MC_Home command does not abort any active Motion Control commands. Positionrelated motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 2 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 2, 3 3930 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The new MC_Home command aborts the following active Motion Control command: MC_Home command Mode = 2 Position-related motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 3 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_Home command aborts the following active Motion Control commands: MC_Home command Mode = 2, 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Position INPUT REAL 0.0 Mode = 0, 2, and 3 Absolute position of axis after completion of the homing operation Mode = 1 Correction value for the current axis position Limit values: -1.0e12 Position 1.0e12 WinCC Advanced V14 System Manual, 10/2016 3931 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Mode INPUT INT 0 Homing mode 0 Direct homing (absolute) New axis position is the position value of parameter "Position". 1 Direct homing (relative) New axis position is the current axis posi tion + position value of parameter "Posi tion". 2 Passive homing Homing according to the axis configura tion. Following homing, the value of pa rameter "Position" is set as the new axis position. 3 Active homing Homing procedure in accordance with the axis configuration. Following homing, the value of parameter "Position" is set as the new axis position. 6 Absolute encoder adjustment (relative) The current axis position is offset by the value of parameter "Position". The calcu lated absolute value offset is stored reten tively in the CPU. (<AxisName>.Status Sensor.AbsEncoderOffset) 7 Absolute encoder adjustment (absolute) The current axis position is set to the value of parameter "Position". The calculated absolute value offset is stored retentively in the CPU. (<AxisName>.StatusSen sor.AbsEncoderOffset) Done OUTPUT BOOL FALSE TRUE Command completed Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "Error Info". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" 3932 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Resetting the "Homed" status The "Homed" status of a technology object (<Axis name>.StatusBits.HomingDone) is reset under the following conditions: Drive connection via PTO (Pulse Train Output): - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Disabling of axis by the "MC_Power" Motion Control instruction - Changeover between automatic mode and manual control - After POWER OFF -> POWER ON of the CPU - After CPU restart (RUN-STOP -> STOP-RUN) Technology objects with incremental actual values: - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Error in the encoder system, or encoder failure - Restart of the technology object - After POWER OFF POWER ON of the CPU - Memory reset - Modification of the encoder configuration Technology objects with absolute actual values: - Errors in the sensor system/encoder failure - Replacement of the CPU - Modification of the encoder configuration - Restoration of the CPU factory settings - Transfer of a different project to the controller Homing an axis To home the axis, follow these stops: 1. Check the requirements indicated above. 2. Provide the necessary input parameters with values and start the homing operation with a rising edge at input parameter "Execute". 3. If output parameter "Done" and technology object tag <Axis name>.StatusBits.HomingDone indicate the value TRUE, homing is complete. See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_Power: Enable, disable axis V4...5 (Page 3923) WinCC Advanced V14 System Manual, 10/2016 3933 Programming the PLC 11.4 Instructions MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_Halt (S7-1200) MC_Halt: Stop axis V4...5 (S7-1200) Description The "MC_Halt" Motion Control instruction stops all movements and brings the axis to a standstill with the configured deceleration. The standstill position is not defined. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_Halt command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command 3934 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The new MC_Halt command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Done OUTPUT BOOL FALSE TRUE Zero velocity reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_Halt: Function chart V4...5 (Page 3936) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) WinCC Advanced V14 System Manual, 10/2016 3935 Programming the PLC 11.4 Instructions MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_Halt: Function chart V4...5 (S7-1200) Function chart $[LVB ([HB )% )% 0&B0RYH9HORFLW\ 0&B+DOW $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB )% ([HB ,Q9HOB W %XV\B W $ERUWB W W )% ([HB 'RQHB W %XV\B W $ERUWB W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 3936 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The axis is braked by an MC_Halt command until it comes to a standstill. The axis standstill is signaled via "Done_2". While an MC_Halt command is braking the axis, this command is aborted by another motion command. The abort is signaled via "Abort_2". See also MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute (S7-1200) MC_MoveAbsolute: Absolute positioning of axis V4...5 (S7-1200) Description The "MC_MoveAbsolute" Motion Control instruction starts an axis positioning motion to move it to an absolute position. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. The axis is homed. Override response The MC_MoveAbsolute command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveAbsolute command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command WinCC Advanced V14 System Manual, 10/2016 3937 Programming the PLC 11.4 Instructions MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Positionin gAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Position INPUT REAL 0.0 Absolute target position Limit values: -1.0e12 Position 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the tar get position to be approached. Limit values: Start/stop velocity Velocity maximum velocity Done OUTPUT BOOL FALSE TRUE Absolute target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_MoveAbsolute: Function chart V4...5 (Page 3939) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) 3938 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_MoveAbsolute: Function chart V4...5 (S7-1200) Function chart )% )% 0&B0RYH$EVROXWH 0&B0RYH$EVROXWH $[LVB ([HB $[LV ([HFXWH 3RVLWLRQ 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR )% ([HB 'RQHB %XV\B $ERUWB )% ([HB 'RQHB %XV\B 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 3RVLWLRQ 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B W W W W W W W 9HORFLW\ $[LVB W 3RVLWLRQ $[LVB WinCC Advanced V14 System Manual, 10/2016 W 3939 Programming the PLC 11.4 Instructions The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 An axis is moved to absolute position 1000.0 with an MC_MoveAbsolute command. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveAbsolute command, with target position 1500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveAbsolute command is aborted by another MC_MoveAbsolute command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity to the new target position 1500.0. When the new target position is reached, this is signaled via "Done_2". See also MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative (S7-1200) MC_MoveRelative: Relative positioning of axis V4...5 (S7-1200) Description The "MC_MoveRelative" Motion Control instruction starts a positioning motion relative to the start position. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveRelative command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command 3940 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The new MC_MoveRelative command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Positionin gAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Distance INPUT REAL 0.0 Travel distance for the positioning operation Limit values: -1.0e12 Distance 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the dis tance to be traveled. Limit values: Start/stop velocity Velocity maximum velocity Done OUTPUT BOOL FALSE TRUE Target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_MoveRelative: Function chart V4...5 (Page 3943) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) WinCC Advanced V14 System Manual, 10/2016 3941 Programming the PLC 11.4 Instructions MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) 3942 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveRelative: Function chart V4...5 (S7-1200) Function chart )% )% 0&B0RYH5HODWLYH $[LV ([HFXWH 'LVWDQFH 9HORFLW\ $[LVB ([HB 0&B0RYH5HODWLYH 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'LVWDQFH 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B )% ([HB W %XV\B W 'RQHB W $ERUWB W )% ([HB W %XV\B 'RQHB 9HORFLW\ $[LVB W W 3RVLWLRQ $[LVB W W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 WinCC Advanced V14 System Manual, 10/2016 3943 Programming the PLC 11.4 Instructions The axis is moved by an MC_MoveRelative command by the distance ("Distance") 1000.0. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveRelative command, with travel distance 500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveRelative command is aborted by another MC_MoveRelative command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity by the new distance ("Distance") 500.0. When the new target position is reached, this is signaled via "Done_2". See also MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity (S7-1200) MC_MoveVelocity: Move axis at set velocity V4...5 (S7-1200) Description Motion control instruction "MC_MoveVelocity" moves the axis constantly at the specified velocity. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response MC_MoveVelocity can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveVelocity command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command 3944 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Velocity INPUT REAL 10.0 Velocity specification for axis motion Limit values: Start/stop velocity |Velocity maximum velocity (Velocity = 0.0 is permitted) Direction INPUT INT 0 Direction specification 0 Direction of rotation corresponds to the sign of the value in parameter "Velocity" 1 Positive direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) 2 Negative direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) Current INPUT BOOL FALSE Maintain current velocity FALSE "Maintain current velocity" is deactivated. The values of parameters "Velocity" and "Di rection" are used. TRUE "Maintain current velocity" is activated. The values in parameters "Velocity" and "Direc tion" are not taken into account. When the axis resumes motion at the cur rent velocity, the "InVelocity" parameter re turns the value TRUE. InVelocity OUTPUT BOOL FALSE TRUE "Current" = FALSE: The velocity specified in parameter "Velocity" was reached. "Current" = TRUE: The axis travels at the current velocity at the start time. Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" WinCC Advanced V14 System Manual, 10/2016 3945 Programming the PLC 11.4 Instructions Note PLCopen Version 2.0 The Motion Control instruction "MC_MoveVelocity" is compatible to PLCopen Version 2.0 as of V4. The "InVelocity" and "Busy" parameters show their status regardless of the "Execute" parameter until the command is overridden or stopped by an error. For more information, refer to the section " Tracking active commands (Page 6730). Behavior with zero setpoint velocity (Velocity = 0.0) An MC_MoveVelocity command with "Velocity" = 0.0 (such as an MC_Halt command) aborts active motion commands and stops the axis with the configured deceleration. When the axis comes to a standstill, output parameter "InVelocity" indicates TRUE for at least one program cycle. "Busy" indicates the value TRUE during the deceleration process and changes to FALSE together with "InVelocity". If parameter "Execute" = TRUE is set, "InVelocity" and "Busy" are latched. When the "MC_MoveVelocity" command is started, status bit "SpeedCommand" is set in the technology object. Status bit "ConstantVelocity" is set upon axis standstill. Both bits are adapted to the new situation when a new motion command is started. See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_MoveVelocity: Function chart V4...5 (Page 3947) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) 3946 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveVelocity: Function chart V4...5 (S7-1200) Function chart )% )% 0&B0RYH9HORFLW\ 0&B0RYH9HORFLW\ $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR $[LVB ([HB ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR ,Q9HOB %XV\B )% ([HB W %XV\B ,Q9HOB $ERUWB W W W )% ([HB %XV\B ,Q9HOB W W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 An active MC_MoveVelocity command signals via "InVel_1" that its target velocity has been reached. It is then aborted by another MC_MoveVelocity command. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. An active MC_MoveVelocity command is aborted by another MC_MoveVelocity command prior to reaching its target velocity. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. WinCC Advanced V14 System Manual, 10/2016 3947 Programming the PLC 11.4 Instructions See also MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog (S7-1200) MC_MoveJog: Move axis in jog mode V4...5 (S7-1200) Description Motion control instruction "MC_MoveJog" moves the axis constantly at the specified velocity in jog mode. You use this Motion Control instruction, for example, for testing and commissioning purposes. Requirements The positioning axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveJog command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveJog command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command 3948 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object JogForward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the positive direction at the velocity specified in pa rameter "Velocity". JogBackward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the negative direction at the velocity specified in pa rameter "Velocity". If both parameters are simultaneously TRUE, the axis stops with the configured deceleration. An error is indicated in param eters "Error", "ErrorID", and "ErrorInfo". Velocity INPUT REAL 10.0 Preset velocity for jog mode Limit values: Start/stop velocity velocity maximum velocity InVelocity OUTPUT BOOL FALSE TRUE The velocity specified in parameter "Veloci ty" was reached. Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_MoveJog: Function chart V4...5 (Page 3950) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) WinCC Advanced V14 System Manual, 10/2016 3949 Programming the PLC 11.4 Instructions MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_MoveJog: Function chart V4...5 (S7-1200) Function chart )% 0&B0RYH-RJ $[LVB -RJB) -RJB% $[LV ,Q9HORFLW\ -RJ)RUZDUG %XV\ -RJ%DFNZDUG &RPPDQG$ERUWHG (UURU 9HORFLW\ (UURU,' (UURU,QIR ,Q9HOB %XV\B )% -RJB) W -RJB% W ,Q9HOB %XV\B W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 The axis is moved in the positive direction in jog mode via "Jog_F". When the target velocity 50.0 is reached, this is signaled via "InVel_1". After "Jog_F" is reset, the axis is braked to a standstill. The axis is moved in the negative direction in jog mode via "Jog_B". When the target velocity -50.0 is reached, this is signaled via "InVel_1". When "Jog_B" is set, the value at parameter "Velocity" changes to 25.0. "InVel_1" is reset and the axis is braked. When the new target velocity -25.0 is reached, this is signaled via "InVel_1". After "Jog_B" is reset, the axis is braked to a standstill. 3950 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable (S7-1200) MC_CommandTable: Run axis commands as motion sequence V4...5 (S7-1200) Description The Motion Control instruction "MC_CommandTable" combines multiple individual axis control commands in one movement sequence. "MC_CommandTable" is available for axes with drive connection via PTO (Pulse Train Output). Requirements The positioning axis technology object has been inserted and correctly configured. The drive is connected via PTO (Pulse Train Output). The command table technology object has been inserted and correctly configured. The axis is enabled. Override response The MC_CommandTable command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_CommandTable command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3951 Programming the PLC 11.4 Instructions The active Motion Control command is canceled by the start of the first "Positioning Relative", "Positioning Absolute", "Velocity set point" or "Halt" command. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object CommandTa ble INPUT TO_Com mandTable - Command table technology object Execute INPUT BOOL FALSE Command table start with positive edge StartStep INPUT INT 1 Defines the step at which the execution of the command table should begin Limit values: 1 StartStep EndStep EndStep INPUT INT 32 Defines the step up to which the execution of command table should take place Limit values: StartStep EndStep 32 Done OUTPUT BOOL FALSE TRUE Command table has been successfully executed Busy OUTPU BOOL FALSE TRUE The command table is being executed CommandA borted OUTPUT BOOL FALSE TRUE The command table was canceled by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand table. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" CurrentStep OUTPUT INT 0 Step in command table currently being executed StepCode OUTPUT WORD 16#0000 User-defined numerical value / bit pattern of the step cur rently being executed See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) 3952 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_ChangeDynamic (S7-1200) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (S7-1200) Description Motion Control instruction "MC_ChangeDynamic" allows you to change the following settings of the axis: Change the ramp-up time (acceleration) value Change the ramp-down time (deceleration) value Change the emergency stop ramp-down time (emergency stop deceleration) value Change the smoothing time (jerk) value For the effectiveness of the change, refer to the description of the tag (Page 6890). Requirements The positioning axis technology object has been configured correctly. Override response A MC_ChangeDynamic command cannot be aborted by any other Motion Control command. A new MC_ChangeDynamic command does not abort any active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_SpeedAxis - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge ChangeR ampUp INPUT BOOL FALSE TRUE RampUp Time INPUT REAL 5.00 Time (in seconds) to accelerate axis from standstill to config ured maximum velocity without jerk limit. Change ramp-up time in line with input parameter "RampUpTime" The change will influence the tag <Axis name>. Config.Dy namicDefaults.Acceleration. For the effectiveness of the change, refer to the description of this tag. ChangeR ampDown INPUT WinCC Advanced V14 System Manual, 10/2016 BOOL FALSE TRUE Change ramp-down time to correspond to input pa rameter "RampDownTime" 3953 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Ramp DownTime INPUT REAL 5.00 Time (in seconds) to decelerate axis from the configured maximum velocity to standstill without jerk limiter. The change will influence the tag <Axis name>. Config.Dy namicDefaults.Deceleration . For the effectiveness of the change, refer to the description of this tag. ChangeE mergency INPUT BOOL FALSE TRUE Change emergency stop ramp-down time in line with input parameter "EmergencyRampTime" Emergen cyRamp Time INPUT REAL 2.00 Time (in seconds) to decelerate the axis from configured maximum velocity to standstill without jerk limiter in emer gency stop mode. The change will influence the tag <Axis name>. Config.Dy namicDefaults.EmergencyDeceleration . For the effective ness of the change, refer to the description of this tag. Change JerkTime INPUT BOOL FALSE TRUE Change smoothing time according to the input pa rameter "JerkTime" JerkTime INPUT REAL 0.25 Smoothing time (in seconds) used for the axis acceleration and deceleration ramps The change will influence the tag <Axis name>. Config.Dy namicDefaults.Jerk . For the effectiveness of the change, re fer to the description of this tag. Done OUTPUT BOOL FALSE TRUE The changed values have been written to the tech nology data block. The description of the tags will show when the change becomes effective. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" Note At the input parameters "RampUpTime", "RampDownTime", "EmergencyRampTime" and "JerkTime", values can be entered which exceed the admissible limits of the resulting parameters: "Acceleration", "Deceleration", "Emergency stop deceleration" and "Jerk". Ensure that your inputs are within the valid range, taking into consideration the equations and limits in section "Dynamic (Page 6657)". See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) Changing the configuration of dynamics in the user program (Page 6663) Changing the homing configuration in the user program (Page 6671) Tags of the positioning axis technology object V4...5 (Page 6890) MC_Power: Enable, disable axis V4...5 (Page 3923) 3954 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_ReadParam (S7-1200) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (S7-1200) Description The Motion Control instruction "MC_ReadParam" enables continuous reading of motion data and status messages of an axis. The current value of the corresponding tags is determined at the start of the command. The following motion data and status messages can be read: As of technology version V4: - Setpoint position of the axis - Setpoint and actual velocity of the axis - Current distance of axis from target position - Target position of the axis Additional as of technology version V5: - Actual position of the axis - Actual velocity of the axis - Current following error - Drive status - Encoder status - Status bits - Error bits WinCC Advanced V14 System Manual, 10/2016 3955 Programming the PLC 11.4 Instructions Requirements The positioning axis technology object has been configured correctly. Override response A MC_ReadParam command cannot be aborted by any other Motion Control command. A new MC_ReadParam command does not abort any active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Enable INPUT BOOL FALSE Parameter INPUT VARIANT (RE AL) - TRUE Read the tag specified with the "Parameter" and store the value in the destination address specified with "Value". FALSE Do not update assigned motion data VARIANT pointer to the value to be read. The following tags are permitted: <Axis name>.Position <Axis name>.Velocity <Axis name>.ActualPosition <Axis name>.ActualVelocity <Axis name>.StatusPositioning.<Tag name> <Axis name>.StatusDrive.<Tag name> <Axis name>.StatusSensor.<Tag name> <Axis name>.StatusBits.<Tag name> <Axis name>.ErrorBits.<Tag name> The description of the tags named and the tag structures can be found in the Appendix Tags of the positioning axis technology object V4...5 (Page 6890). Value INOUT VARIANT (RE AL) - VARIANT pointer to the target tag or destination address to which the read value is to be written. Valid OUTPUT BOOL FALSE TRUE The read value is valid. FALSE The read value is invalid. Busy OUTPUT BOOL FALSE TRUE The command is being executed Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) 3956 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_WriteParam: Write tag of positioning axis V4...5 (Page 3957) S7-1200 Motion Control V1...3 (Page 3959) MC_WriteParam (S7-1200) MC_WriteParam: Write tag of positioning axis V4...5 (S7-1200) Description Motion Control instruction "MC_WriteParam" enables the writing of tags of the positioning axis technology object in the user program. In contrast to the value assignment of the tags in the user program, "MC_WriteParam" can also change values of read-only tags. You can learn about the tags, the conditions under which they can be written and the time at which they take effect in the description of the technology object tags (Page 6890). Requirements The positioning axis technology object has been configured correctly. To write tags that are read-only in the user program, the axis must be disabled. Override response A MC_WriteParam command cannot be aborted by any other Motion Control command. A new MC_WriteParam command does not abort any active Motion Control commands. WinCC Advanced V14 System Manual, 10/2016 3957 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Parameter INPUT VARIANT (BOOL, INT, DINT, UDINT*, REAL) - VARIANT pointer to the technology object tag (Page 6890) positioning axis (destina tion address) to be written - VARIANT pointer to the value to be written (source address) *) as of V5 Value INPUT VARIANT (BOOL, INT, DINT, UDINT*, REAL) *) as of V5 Execute INPUT BOOL FALSE Start of the command with a positive edge Done OUTPUT BOOL FALSE TRUE Value was written Busy OUTPUT BOOL FALSE TRUE The command is being execu ted Error OUTPUT BOOL FALSE TRUE An error occurred during exe cution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) MC_Power: Enable, disable axis V4...5 (Page 3923) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) MC_Home: Home axis, set home position V4...5 (Page 3930) MC_Halt: Stop axis V4...5 (Page 3934) MC_MoveAbsolute: Absolute positioning of axis V4...5 (Page 3937) MC_MoveRelative: Relative positioning of axis V4...5 (Page 3940) MC_MoveVelocity: Move axis at set velocity V4...5 (Page 3944) MC_MoveJog: Move axis in jog mode V4...5 (Page 3948) MC_CommandTable: Run axis commands as motion sequence V4...5 (Page 3951) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) MC_ReadParam: Continuously read motion data of a positioning axis V4...5 (Page 3955) Tags of the positioning axis technology object V4...5 (Page 6890) S7-1200 Motion Control V1...3 (Page 3959) 3958 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions S7-1200 Motion Control V1...3 (S7-1200) MC_Power (S7-1200) MC_Power: Enable, disable axis V1...3 (S7-1200) Description The Motion Control instruction "MC_Power" enables or disables an axis. Requirements The axis technology object has been configured correctly. There is no pending enable-inhibiting error. Override response Execution of "MC_Power" cannot be aborted by a Motion Control command. Disabling the axis (input parameter "Enable" = FALSE) aborts all Motion Control commands for the associated technology object in accordance with the selected "StopMode". Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Enable INPUT BOOL FALSE TRUE Motion Control attempts to enable the axis. FALSE All current jobs are interrupted in accordance with the "StopMode" configured. The axis is stopped and disabled. StopMode INPUT INT 0 0 Emergency stop If a request to disable the axis is pending, the axis brakes at the configured emergency stop decelera tion. The axis is disabled after reaching standstill. 1 Immediate stop If a request to disable the axis is pending, this axis is disabled without deceleration. The pulse output is stopped immediately. 2 Emergency stop with jerk control If a request to disable the axis is pending, the axis brakes at the configured emergency stop decelera tion. If the jerk control is activated, the configured jerk is taken into account. The axis is disabled after reaching standstill. WinCC Advanced V14 System Manual, 10/2016 3959 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description Status OUTPUT BOOL FALSE Status of axis enable FALSE The axis is disabled. The axis does not execute Motion Control com mands and does not accept any new commands (exception: MC_Reset command). The axis is not homed. Upon disabling, the status does not change to FALSE until the axis reaches a standstill. TRUE The axis is enabled. The axis is ready to execute Motion Control com mands. Upon axis enabling, the status does not change to TRUE until the signal "Drive ready" is pending. If the "Drive ready" drive interface was not configured in the axis configuration, the status changes to TRUE immediately. Busy OUTPUT BOOL FALSE TRUE "MC_Power" is active. Error OUTPUT BOOL FALSE TRUE An error occurred in Motion Control instruction "MC_Power" or in the associated technology object. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" Note If the axis is switched off due to an error, it will be enabled again automatically after the error has been eliminated and acknowledged. This requires that the input parameter "Enable" has retained the value TRUE during this process. Enabling an axis with configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameter "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The enable output for "Drive enabled" changes to TRUE to enable the power to the drive. The CPU waits for the "Drive ready" signal of the drive. When the "Drive ready" signal is available at the configured Ready input of the CPU, the axis is enabled. The output parameter "Status" and the tag of the technology object <Axis name>.StatusBits.Enable indicate the value TRUE. 3960 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Enabling an axis without configured drive interface To enable the axis, follow these steps: 1. Check the requirements indicated above. 2. Initialize input parameter "StopMode" with the desired value. Set the input parameter "Enable" to TRUE. The axis is enabled. The output parameter "Status" and the tag of the technology object <Axis name>.StatusBits.Enable indicate the value TRUE. Disabling an axis To disable an axis, you can follow the steps described below: 1. Bring the axis to a standstill. You can identify when the axis is at a standstill in the tag of the technology object <Axis name>.StatusBits.StandStill. 2. Set input parameter "Enable" to FALSE after standstill is reached. 3. If output parameters "Busy" and "Status" and the tag of technology object <Axis name>.StatusBits.Enable indicate the value FALSE, disabling of the axis is complete. See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_Power: Function chart V1...3 (Page 3962) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) WinCC Advanced V14 System Manual, 10/2016 3961 Programming the PLC 11.4 Instructions MC_Power: Function chart V1...3 (S7-1200) Function chart $[LVB (QDB )% )% 0&B3RZHU 0&B5HVHW $[LV (QDEOH 6WRS0RGH 6WDWXV %XV\ (UURU (UURU,' (UURU,QIR )% 6WDWXVB %XV\B (UURUB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ (UURU (UURU,' (UURU,QIR 'RQHB %XV\B (QDB W 6WDWXVB W W ([HB W 'RQHB W %XV\B W 'ULYH(QDEOHG W 'ULYH5HDG\ W %XV\B (UURUB )% 'ULYH,QWHUIDFH W An axis is enabled and then disabled again. When the drive has signaled "Drive ready" back to the CPU, the successful enable can be read out via "Status_1". Following an axis enable, an error has occurred that caused the axis to be disabled. The error is eliminated and ac knowledged with "MC_Reset". The axis is then enabled again. See also MC_Power: Enable, disable axis V1...3 (Page 3959) 3962 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_Reset (S7-1200) MC_Reset: Acknowledge fault, restart technology object V1...3 (S7-1200) Description Motion Control instruction "MC_Reset" can be used to acknowledge "Operating error with axis stop" and "Configuration error". The errors that require acknowledgement can be found in the "List of ErrorIDs and ErrorInfos" under "Remedy". From version V3.0, the axis configuration can be downloaded to the work memory in RUN operating mode. Requirements The axis technology object has been configured correctly. The cause of a pending configuration error requiring acknowledgement has been eliminated (for example, acceleration in positioning axis technology object has been changed to a valid value). Override response The MC_Reset command cannot be aborted by any other Motion Control command. The new MC_Reset command does not abort any other active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Restart INPUT BOOL FALSE (From version V3.0) TRUE Download the axis configuration from the load mem ory to the work memory. The command can only be executed when the axis is disabled. Refer to the notes on Download to the CPU (Page 6714). FALSE Acknowledges pending errors Done OUTPUT BOOL FALSE TRUE Error has been acknowledged. Busy OUTPUT BOOL FALSE TRUE The command is being executed. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" WinCC Advanced V14 System Manual, 10/2016 3963 Programming the PLC 11.4 Instructions Acknowledging an error requiring acknowledgement with MC_Reset To acknowledge an error, follow these steps: 1. Check the requirements indicated above. 2. Start the acknowledgement of the error with a rising edge at input parameter "Execute". 3. If output parameter "Done" indicates the value TRUE and tag of technology object <Axis name>.StatusBits.Error the value FALSE, the error has been acknowledged. See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) Download to CPU (Page 6714) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) MC_Home (S7-1200) MC_Home: Home axis, set home position V1...3 (S7-1200) Description Motion Control instruction "MC_Home" is used to match the axis coordinates to the real, physical drive position. Homing is required for absolute positioning of the axis. The following types of homing can be executed: Active homing (Mode = 3) The homing procedure is executed automatically. Passive homing (Mode = 2) During passive homing, the "MC_Home" Motion Control instruction does not carry out any homing motion. The traversing motion required for this must be implemented by the user via other Motion Control instructions. When the homing switch is detected, the axis is homed. 3964 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Direct homing absolute (Mode = 0) The current axis position is set to the value of parameter "Position". Direct homing relative (Mode = 1) The current axis position is offset by the value of parameter "Position". Requirements The axis technology object has been configured correctly. The axis is enabled. No MC_CommandTable command may be active upon start with Mode = 0, 1, or 2. Override response The override response depends on the selected mode: Mode = 0, 1 The MC_Home command cannot be aborted by any other Motion Control command. The MC_Home command does not abort any active Motion Control commands. Positionrelated motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 2 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 2, 3 The new MC_Home command aborts the following active Motion Control command: MC_Home command Mode = 2 Position-related motion commands are resumed after homing according to the new homing position (value at input parameter: "Position"). Mode = 3 The MC_Home command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_Home command aborts the following active Motion Control commands: MC_Home command Mode = 2, 3 MC_Halt command MC_MoveAbsolute command WinCC Advanced V14 System Manual, 10/2016 3965 Programming the PLC 11.4 Instructions MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Position INPUT REAL 0.0 Mode = 0, 2, and 3 Absolute position of axis after completion of the homing operation Mode = 1 Correction value for the current axis position Limit values: -1.0E+12 Position 1.0E+12 Mode INPUT INT 0 Homing mode 0 Direct homing absolute New axis position is the position value of parameter "Position". 1 Direct homing relative New axis position is the current axis posi tion + position value of parameter "Posi tion". 2 Passive homing Homing according to the axis configura tion. Following homing, the value of pa rameter "Position" is set as the new axis position. 3 Active homing Homing procedure in accordance with the axis configuration. Following homing, the value of parameter "Position" is set as the new axis position. Done OUTPUT BOOL FALSE TRUE Command completed Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "Error Info". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" 3966 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Axis homing is lost under the following conditions: Disabling of axis by the "MC_Power" Motion Control instruction Changeover between automatic mode and manual control Upon start of active homing. After successful completion of the homing operation, axis homing is again available. After POWER OFF -> POWER ON of the CPU After CPU restart (RUN-STOP -> STOP-RUN) Homing an axis To home the axis, follow these stops: 1. Check the requirements indicated above. 2. Initialize the necessary input parameters with values, and start the homing operation with a rising edge at input parameter "Execute" 3. If output parameter "Done" and technology object tag <Axis name>.StatusBits.HomingDone indicate the value TRUE, homing is complete. See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) WinCC Advanced V14 System Manual, 10/2016 3967 Programming the PLC 11.4 Instructions MC_Halt (S7-1200) MC_Halt: Stop axis V1...3 (S7-1200) Description The "MC_Halt" Motion Control instruction stops all movements and brings the axis to a standstill with the configured deceleration. The standstill position is not defined. Requirements The axis technology object has been configured correctly. The axis is enabled. Override response The MC_Halt command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_Halt command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Done OUTPUT BOOL FALSE TRUE Zero velocity reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. 3968 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_Halt: Function chart V1...3 (Page 3970) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) WinCC Advanced V14 System Manual, 10/2016 3969 Programming the PLC 11.4 Instructions MC_Halt: Function chart V1...3 (S7-1200) Function chart )% )% 0&B0RYH9HORFLW\ $[LVB ([HB $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR 0&B+DOW ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB )% ([HB ,Q9HOB W %XV\B W $ERUWB W W )% ([HB 'RQHB W %XV\B W $ERUWB W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 The axis is braked by an MC_Halt command until it comes to a standstill. The axis standstill is signaled via "Done_2". While an MC_Halt command is braking the axis, this command is aborted by another motion command. The abort is signaled via "Abort_2". 3970 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute (S7-1200) MC_MoveAbsolute: Absolute positioning of axis V1...3 (S7-1200) Description The "MC_MoveAbsolute" Motion Control instruction starts an axis positioning motion to move it to an absolute position. Requirements The axis technology object has been configured correctly. The axis is enabled. The axis is homed. Override response The MC_MoveAbsolute command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveAbsolute command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3971 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Position INPUT REAL 0.0 Absolute target position Limit values: -1.0e12 Position 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the tar get position to be approached. Limit values: Start/stop velocity Velocity maximum velocity Done OUTPUT BOOL FALSE TRUE Absolute target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_MoveAbsolute: Function chart V1...3 (Page 3973) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) 3972 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveAbsolute: Function chart V1...3 (S7-1200) Function chart )% )% 0&B0RYH$EVROXWH 0&B0RYH$EVROXWH $[LVB ([HB $[LV ([HFXWH 3RVLWLRQ 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR )% ([HB 'RQHB %XV\B $ERUWB )% ([HB 'RQHB %XV\B 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 3RVLWLRQ 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B W W W W W W W 9HORFLW\ $[LVB W 3RVLWLRQ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 WinCC Advanced V14 System Manual, 10/2016 3973 Programming the PLC 11.4 Instructions An axis is moved to absolute position 1000.0 with an MC_MoveAbsolute command. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveAbsolute command, with target position 1500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveAbsolute command is aborted by another MC_MoveAbsolute command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity to the new target position 1500.0. When the new target position is reached, this is signaled via "Done_2". See also MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative (S7-1200) MC_MoveRelative: Relative positioning of axis V1...3 (S7-1200) Description The "MC_MoveRelative" Motion Control instruction starts a positioning motion relative to the start position. Requirements The axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveRelative command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveRelative command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command 3974 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Distance INPUT REAL 0.0 Travel distance for the positioning operation Limit values: -1.0e12 Distance 1.0e12 Velocity INPUT REAL 10.0 Velocity of axis This velocity is not always reached on account of the configured acceleration and deceleration and the dis tance to be traveled. Limit values: Start/stop velocity Velocity maximum velocity Done OUTPUT BOOL FALSE TRUE Target position reached Busy OUTPUT BOOL FALSE TRUE The command is being executed. CommandAborted OUTPUT BOOL FALSE TRUE During execution the command was aborted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_MoveRelative: Function chart V1...3 (Page 3976) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) WinCC Advanced V14 System Manual, 10/2016 3975 Programming the PLC 11.4 Instructions MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) MC_MoveRelative: Function chart V1...3 (S7-1200) Function chart )% )% 0&B0RYH5HODWLYH 0&B0RYH5HODWLYH $[LV ([HFXWH 'LVWDQFH 9HORFLW\ $[LVB ([HB 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B $ERUWB $[LVB ([HB $[LV ([HFXWH 'LVWDQFH 9HORFLW\ 'RQH %XV\ &RPPDQG$ERUWHG (UURU (UURU,' (UURU,QIR 'RQHB %XV\B )% ([HB W %XV\B W 'RQHB W $ERUWB )% ([HB W W %XV\B 'RQHB 9HORFLW\ $[LVB W 3976 W 3RVLWLRQ $[LVB W W WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 The axis is moved by an MC_MoveRelative command by the distance ("Distance") 1000.0. When the axis reaches the target position, this is signaled via "Done_1". When "Done_1" = TRUE, another MC_MoveRelative command, with travel distance 500.0, is started. Because of the response times (e.g., cycle time of user program, etc.), the axis comes to a standstill briefly (see zoomed-in detail). When the axis reaches the new target position, this is signaled via "Done_2". An active MC_MoveRelative command is aborted by another MC_MoveRelative command. The abort is signaled via "Abort_1". The axis is then moved at the new velocity by the new distance ("Distance") 500.0. When the new target position is reached, this is signaled via "Done_2". See also MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity (S7-1200) MC_MoveVelocity: Move axis at set velocity V1...3 (S7-1200) Description Motion control instruction "MC_MoveVelocity" moves the axis constantly at the specified velocity. Requirements The axis technology object has been configured correctly. The axis is enabled. Override response MC_MoveVelocity can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3977 Programming the PLC 11.4 Instructions The new MC_MoveVelocity command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge Velocity INPUT REAL 10.0 Velocity specification for axis motion Limit values: Start/stop velocity |Velocity maximum velocity (Velocity = 0.0 is permitted) Direction INPUT INT 0 Direction specification 0 Direction of rotation corresponds to the sign of the value in parameter "Velocity" 1 Positive direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) 2 Negative direction of rotation (The sign of the value in parameter "Veloci ty" is ignored) Current INPUT BOOL FALSE Maintain current velocity FALSE "Maintain current velocity" is deactivated. The values of parameters "Velocity" and "Di rection" are used. TRUE "Maintain current velocity" is activated. The values in parameters "Velocity" and "Direc tion" are not taken into account. When the axis resumes motion at the cur rent velocity, the "InVelocity" parameter re turns the value TRUE. InVelocity OUTPUT BOOL FALSE TRUE "Current" = FALSE: The velocity specified in parameter "Velocity" was reached. "Current" = TRUE: The axis travels at the current velocity at the start time. Busy 3978 OUTPUT BOOL FALSE TRUE The command is being executed WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" Behavior with zero setpoint velocity (Velocity = 0.0) An MC_MoveVelocity command with "Velocity" = 0.0 (such as an MC_Halt command) aborts active motion commands and stops the axis with the configured deceleration. When the axis comes to a standstill, output parameter "InVelocity" indicates TRUE for at least one program cycle. "Busy" indicates the value TRUE during the deceleration process and changes to FALSE together with "InVelocity". If parameter "Execute" = TRUE is set, "InVelocity" and "Busy" are latched. When the "MC_MoveVelocity" command is started, status bit "SpeedCommand" is set in the technology object. Status bit "ConstantVelocity" is set upon axis standstill. Both bits are adapted to the new situation when a new motion command is started. See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_MoveVelocity: Function chart V1...3 (Page 3980) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) WinCC Advanced V14 System Manual, 10/2016 3979 Programming the PLC 11.4 Instructions MC_MoveVelocity: Function chart V1...3 (S7-1200) Function chart )% )% 0&B0RYH9HORFLW\ 0&B0RYH9HORFLW\ $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR $[LVB ([HB ,Q9HOB %XV\B $ERUWB $[LVB ([HB $[LV ,Q9HORFLW\ ([HFXWH %XV\ 9HORFLW\ &RPPDQG$ERUWHG (UURU 'LUHFWLRQ (UURU,' &XUUHQW (UURU,QIR ,Q9HOB %XV\B )% ([HB W %XV\B ,Q9HOB W W $ERUWB W )% ([HB %XV\B W W ,Q9HOB W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 10.0 An active MC_MoveVelocity command signals via "InVel_1" that its target velocity has been reached. It is then aborted by another MC_MoveVelocity command. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. An active MC_MoveVelocity command is aborted by another MC_MoveVelocity command prior to reaching its target velocity. The abort is signaled via "Abort_1". When the new target velocity 15.0 is reached, this is signaled via "InVel_2". The axis then continues moving at the new constant velocity. 3980 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog (S7-1200) MC_MoveJog: Move axis in jog mode V1...3 (S7-1200) Description Motion control instruction "MC_MoveJog" moves the axis constantly at the specified velocity in jog mode. You use this Motion Control instruction, for example, for testing and commissioning purposes. Requirements The axis technology object has been configured correctly. The axis is enabled. Override response The MC_MoveJog command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_MoveJog command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command WinCC Advanced V14 System Manual, 10/2016 3981 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object JogForward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the positive direction at the velocity specified in pa rameter "Velocity". JogBackward INPUT BOOL FALSE As long as the parameter is TRUE, the axis moves in the negative direction at the velocity specified in pa rameter "Velocity". If both parameters are simultaneously TRUE, the axis stops with the configured deceleration. An error is indicated in param eters "Error", "ErrorID", and "ErrorInfo". Velocity INPUT REAL 10.0 Preset velocity for jog mode Limit values, instruction version V1.0: Start/stop velocity |Velocity maximum velocity Limits, instruction version V2.0: Start/stop velocity velocity maximum velocity InVelocity OUTPUT BOOL FALSE TRUE The velocity specified in parameter "Veloci ty" was reached. Busy OUTPUT BOOL FALSE TRUE The command is being executed CommandAborted OUTPUT BOOL FALSE TRUE During execution, the command was abor ted by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the command. The cause of the error can be found in parameters "ErrorID" and "ErrorIn fo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_MoveJog: Function chart V1...3 (Page 3983) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) 3982 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MC_MoveJog: Function chart V1...3 (S7-1200) Function chart )% 0&B0RYH-RJ $[LVB -RJB) -RJB% $[LV ,Q9HORFLW\ -RJ)RUZDUG %XV\ -RJ%DFNZDUG &RPPDQG$ERUWHG (UURU 9HORFLW\ (UURU,' (UURU,QIR ,Q9HOB %XV\B )% -RJB) W -RJB% W ,Q9HOB %XV\B W W 9HORFLW\ $[LVB W The following values were configured in the configuration window Dynamics > General: Acceleration: 10.0 Deceleration: 5.0 The axis is moved in the positive direction in jog mode via "Jog_F". When the target velocity 50.0 is reached, this is signaled via "InVelo_1". After " Jog_F" is reset, the axis brakes again until it comes to a standstill. The axis is moved in the negative direction in jog mode via "Jog_B". When the target velocity 50.0 is reached, this is signaled via "InVelo_1". After " Jog_B" is reset, the axis brakes again until it comes to a standstill. See also MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) WinCC Advanced V14 System Manual, 10/2016 3983 Programming the PLC 11.4 Instructions MC_CommandTable (S7-1200) MC_CommandTable: Run axis commands as motion sequence V2...3 (S7-1200) Description The Motion Control instruction "MC_CommandTable" combines multiple individual axis control commands in one movement sequence. Requirements The axis technology object has been inserted in V2 and correctly configured. The command table technology object has been inserted and correctly configured. The axis is enabled. Override response The MC_CommandTable command can be aborted by the following Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The new MC_CommandTable command aborts the following active Motion Control commands: MC_Home command Mode = 3 MC_Halt command MC_MoveAbsolute command MC_MoveRelative command MC_MoveVelocity command MC_MoveJog command MC_CommandTable command The active Motion Control command is cancelled by the start of the first "Positioning Relative", "Positioning Absolute", "Velocity set point" or "Halt" command. 3984 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object CommandTa ble INPUT TO_Com mandTable_1 - Command table technology object Execute INPUT BOOL FALSE Command table start with positive edge StartStep INPUT INT 1 Defines the step at which the execution of the command table should begin Limit values: 1 StartStep EndStep EndStep INPUT INT 32 Defines the step up to which the execution of command table should take place Limit values: StartStep EndStep 32 Done OUTPUT BOOL FALSE TRUE Command table has been successfully executed Busy OUTPU BOOL FALSE TRUE The command table is being executed. CommandA borted OUTPUT BOOL FALSE TRUE The command table was cancelled by another command. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand table. The cause of the error can be found in parameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" CurrentStep OUTPUT INT 0 Step in command table currently being executed StepCode OUTPUT WORD 16#0000 User-defined numerical value / bit pattern of the step cur rently being executed See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (Page 3986) WinCC Advanced V14 System Manual, 10/2016 3985 Programming the PLC 11.4 Instructions MC_ChangeDynamic (S7-1200) MC_ChangeDynamic: Change dynamic settings of axis V2...3 (S7-1200) Description Motion Control instruction "MC_ChangeDynamic" allows you to change the following settings of the axis: Change the ramp-up time (acceleration) value Change the ramp-down time (deceleration) value Change the emergency stop ramp-down time (emergency stop deceleration) value Change the smoothing time (jerk) value For the effectiveness of the change, refer to the description of the tag (Page 6874). Requirements The axis technology object has been inserted in Version V2. The axis technology object has been configured correctly. Override response A MC_ChangeDynamic command cannot be aborted by any other Motion Control command. A new MC_ChangeDynamic command does not abort any active Motion Control commands. Parameters Parameter Declaration Data type Default value Description Axis INPUT TO_Axis_1 - Axis technology object Execute INPUT BOOL FALSE Start of the command with a positive edge ChangeR ampUp INPUT BOOL FALSE TRUE RampUp Time INPUT REAL 5.00 Time (in seconds) to accelerate axis from standstill to config ured maximum velocity without jerk limit. Change ramp-up time in line with input parameter "RampUpTime" The change will influence the tag <Axis name>. Config.Dy namicDefaults.Acceleration. For the effectiveness of the change, refer to the description of this tag. ChangeR ampDown INPUT BOOL FALSE TRUE Change ramp-down time in line with input parame ter "RampDownTime" Ramp DownTime INPUT REAL 5.00 Time (in seconds) to decelerate axis from the configured maximum velocity to standstill without jerk limiter. The change will influence the tag <Axis name>. Config.Dy namicDefaults.Deceleration . For the effectiveness of the change, refer to the description of this tag. 3986 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Default value Description ChangeE mergency INPUT BOOL FALSE TRUE Emergen cyRamp Time INPUT REAL 2.00 Time (in seconds) to decelerate the axis from configured maximum velocity to standstill without jerk limiter in emer gency stop mode. Change emergency stop ramp-down time in line with input parameter "EmergencyRampTime" The change will influence the tag <Axis name>. Config.Dy namicDefaults.EmergencyDeceleration . For the effective ness of the change, refer to the description of this tag. Change JerkTime INPUT BOOL FALSE TRUE Change smoothing time according to the input pa rameter "JerkTime" JerkTime INPUT REAL 0.25 Smoothing time (in seconds) used for the axis acceleration and deceleration ramps The change will influence the tag <Axis name>. Config.Dy namicDefaults.Jerk . For the effectiveness of the change, re fer to the description of this tag. Done OUTPUT BOOL FALSE TRUE The changed values have been written to the tech nology data block. The description of the tags will show when the change becomes effective. Error OUTPUT BOOL FALSE TRUE An error occurred during execution of the com mand. The cause of the error can be found in pa rameters "ErrorID" and "ErrorInfo". ErrorID OUTPUT WORD 16#0000 Error ID (Page 6840) for parameter "Error" ErrorInfo OUTPUT WORD 16#0000 Error info ID (Page 6840) for parameter "ErrorID" Note At the input parameters "RampUpTime", "RampDownTime", "EmergencyRampTime" and "JerkTime", values can be entered which exceed the admissible limits of the resulting parameters: "Acceleration", "Deceleration", "Emergency stop deceleration" and "Jerk". Please note the equations and limits in "Axis technology object" -> "Configuring the technology object" -> "Dynamics" and ensure that the values you input are within the valid range. See also Overview of the Motion Control statements (Page 6720) S7-1200 Motion Control V4...5 (Page 3923) ErrorIDs and ErrorInfos (Page 6840) Tag of the axis technology object V1...3 (Page 6874) MC_Power: Enable, disable axis V1...3 (Page 3959) MC_Reset: Acknowledge fault, restart technology object V1...3 (Page 3963) MC_Home: Home axis, set home position V1...3 (Page 3964) MC_Halt: Stop axis V1...3 (Page 3968) MC_MoveAbsolute: Absolute positioning of axis V1...3 (Page 3971) MC_MoveRelative: Relative positioning of axis V1...3 (Page 3974) WinCC Advanced V14 System Manual, 10/2016 3987 Programming the PLC 11.4 Instructions MC_MoveVelocity: Move axis at set velocity V1...3 (Page 3977) MC_MoveJog: Move axis in jog mode V1...3 (Page 3981) MC_CommandTable: Run axis commands as motion sequence V2...3 (Page 3984) High-speed counters (S7-1200) CTRL_HSC: Control high-speed counters (S7-1200) Parameters Parameter Declaration Data type Memory area Description EN INPUT BOOL I, Q, M, D, L, T, C Enable input ENO OUTPUT BOOL I, Q, M, D, L Enable output HSC INPUT HW_HSC I, Q, M or constant Hardware address of the high-speed counter (HW-ID) DIR INPUT BOOL I, Q, M, D, L or constant Enables the new count direction (see NEW_DIR) CV INPUT BOOL I, Q, M, D, L or constant Enables the new count value (see NEW_CV) RV INPUT BOOL I, Q, M, D, L or constant Enables the new reference value (see NEW_RV) PERIOD INPUT BOOL I, Q, M, D, L or constant Enables the new period of a frequen cy measurement (see NEW_PERI OD) NEW_DIR INPUT INT I, Q, M, D, L or constant Count direction loa ded when DIR = TRUE. NEW_CV INPUT DINT I, Q, M, D, L or constant Count value loaded when CV = TRUE. NEW_RV INPUT DINT I, Q, M, D, L or constant Reference value loaded when RV = TRUE. NEW_PERIOD INPUT INT I, Q, M, D, L or constant Period of the fre quency measure ment loaded when PERIOD = TRUE. BUSY OUTPUT BOOL I, Q, M, D, L Processing status * STATUS OUTPUT WORD I, Q, M, D, L Status of the opera tion * With a high-speed counter in the CPU or in the signal board, the BUSY parameter always has the value 0. 3988 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Description With the "Control high-speed counter" instruction, you can make parameter settings and control the high-speed counters supported by the CPU by loading new values into the counter. Execution of the instruction requires that a high-speed counter to be controlled is enabled. You cannot execute multiple "Control high-speed counter" instructions simultaneously in the program for a given high-speed counter. You can load the following parameter values into a high-speed counter using the "Control highspeed counter" instruction: Count direction (NEW_DIR): The count direction defines whether a high-speed counter counts up or down. The count direction is defined by the following values at the NEW_DIR input: 1 = up, -1 = down. A change to the count direction with the "Control high-speed counter" instruction is only possible when direction control is set in the parameters by the program. The count direction specified at the NEW_DIR input is loaded into a high-speed counter when the bit at the DIR input is set. Count value (NEW_CV): The count value is the initial value at which a high-speed counter starts counting. The count value can be in the range -2147483648 to 2147483647. The count value specified at the NEW_CV input is loaded into a high-speed counter when the bit at the CV input is set. Reference value (NEW_RV): You can compare the reference value with the current counter value to trigger an alarm. Similar to the counter value, the reference value can be in the range -2147483648 to 2147483647. The reference value specified at the NEW_RV input is loaded into a high-speed counter when the bit at the RV input is set. Period of the frequency measurement (NEW_PERIOD): The period of the frequency measurement is specified by the following values at the NEW_PERIOD input: 10 = 0.01s, 100 = 0.1s, 1000 = 1s. The time period can be updated if the "Measure frequency" function for the specified highspeed counter is configured. The time period specified at the NEW_PERIOD input is loaded into a high-speed counter when the bit at the PERIOD input is set. The "Control high-speed counter" instruction is only executed if the signal state at the EN input is "1". The ENO enable output is set only when the EN enable input has signal state "1" and no errors occur during execution of the operation. When inserting the "Control high-speed counter" instruction, an instance data block is created in which the operation data is saved. STATUS parameter At the STATUS output, you can query whether errors occurred during execution of the "Control high-speed counter" instruction. The following table shows the meaning of the values output at the STATUS output: WinCC Advanced V14 System Manual, 10/2016 Error code (hexadecimal) Description 0 No error 80A1 Hardware identifier of the high-speed counter invalid 3989 Programming the PLC 11.4 Instructions Error code (hexadecimal) Description 80B1 Count direction (NEW_DIR) invalid 80B2 Count value (NEW_CV) invalid 80B3 Reference value (NEW_RV) invalid 80B4 Period of the frequency measurement (NEW_PERIOD) invalid 80C0 Multiple access to the high-speed counter 80D0 The high-speed counter (HSC) is not enabled in the CPU hardware configuration. See also Events and OBs (Page 952) CTRL_HSC_EXT: Control high-speed counter (extended) (S7-1200) Parameters Parameters Declaration Data type Memory area Description EN INPUT BOOL I, Q, M, D, L, T, C Enable input ENO OUTPUT BOOL I, Q, M, D, L Enable output HSC INPUT HW_HSC I, Q, M or constant Hardware address of the high-speed counter (HW-ID) CTRL INOUT VARIANT M, D Use of a system da ta type (SDT) DONE OUTPUT BOOL I, Q, M, D, L Feedback after suc cessful processing instruction BUSY OUTPUT BOOL I, Q, M, D, L Processing status ERROR OUTPUT BOOL I, Q, M, D, L Feedback for faulty processing of the instruction STATUS OUTPUT WORD I, Q, M, D, L Status of the opera tion Description With the "Control high-speed counter (extended)" instruction, you can control and assign parameters to the high-speed counters supported by the CPU via the software by loading new values into the counters. Execution of the instruction requires that a high-speed counter to be controlled is enabled. You cannot execute multiple "Control high-speed counter (extended)" instructions simultaneously in the program for a given high-speed counter. The "Control high-speed counter (extended)" instruction is only executed if the signal state at the EN input is "1". As long as the operation is executing, the bit at the BUSY output is set. Once the operation has executed completely, the bit at the BUSY output is reset. 3990 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The ENO enable output is set only when the EN enable input has signal state "1" and no errors occur during execution of the operation. When the "Control high-speed counter (extended)" instruction is inserted, an instance data block is created in which the operation data is saved. Using the system data type HSC_Period The "Control high-speed counter (extended)" instruction supports the system data type SDT 381 "HSC_Period" for the period measurement. The "HSC_Period" data type corresponds to an HSC that is configured for the "Period" operating mode. The CTRL_HSC_EXT instruction offers program access to the number of input pulses across a specified measuring interval. This instruction allows the calculation of the period between the input pulses with a resolution in the nanosecond range. Byt e Parameters Declara tion Data type Description 0... 3 Elapsed Time OUT UDINT Time between the rising edges of Edge_Count 4... 7 EdgeCount OUT UDINT Number of the rising edges within the Elapsed_Time. 8.0 EnHSC If Edge_Count = 0, the Elapsed_Time is the time since the last rising edge. IN BOOL Use as an enable input via gate control: FALSE: Measurement stopped TRUE: Measurement enabled 8.6 EnPeriod IN BOOL Update of the period FALSE: No update TRUE: Update period 10 .. NewPeriod . 11 IN INT Interval of the period measurement in milliseconds. Permissible values are 10, 100 and 1000. ElapsedTime specifies the time in nanoseconds between the last counter events of consecutive measuring intervals. If no counter events occurred during a measuring interval, ElapsedTime outputs the accumulated time since the last counter event. ElapsedTime has a range of 0 to 4,294,967,280 nanoseconds (0x0000 0000 to 0xFFFF FFF0). The return value 4,294,967,295 (0xFFFF FFFF) signals that a period overflow has occurred. An overflow indicates that the period between two pulse edges exceeds 4.295 seconds and that the period cannot be calculated with this instruction. The values from 0xFFFF FFF1 to 0xFFFF FFFE are reserved. EdgeCount outputs the number of counter events received during the measuring interval. The period can only be calculated if the value of EdgeCount is greater than zero. If ElapsedTime is either 0 (no input pulses received) or OR 0xFFFF FFFF (period overflow), EdgeCount is not valid. If EdgeCount is valid, calculate the period in nanoseconds by using the following formula: Period = ElapsedTime/EdgeCount The calculated period value is a mean value from time periods of all the pulses that occur during the measuring interval. If the period of an incoming pulse is greater than the measuring interval (10, 100 or 1000 ms), the period calculation requires several measuring intervals. The following figures show examples of the period measurement with the instruction: WinCC Advanced V14 System Manual, 10/2016 3991 Programming the PLC 11.4 Instructions Example 1: Multiple Counting Events in a Measurement Interval PV 0HDVXUHPHQW,QWHUYDO QGLQWHUUXSW (W WW VDYHW VWLQWHUUXSW 6DYHW UGLQWHUUXSW (W WWVDYHW &RXQWLQJ(YHQWV +:&DSWXUHRI7LPH W W W W W W W W W W W W W 6)%&DOOV (W(ODSVHG7LPH (F(GJH&RXQW (W (F (W (F (W WW (F (W WW (F Example 2: Zero and One Counting Events in Multiple Measurement Intervals PV 0HDVXUHPHQW,QWHUYDO QGLQWHUUXSW VWLQWHUUXSW 6DYHW UGLQWHUUXSW (W WW VDYHW &RXQWLQJ(YHQWV +:&DSWXUHRI7LPH W W 6)%&DOOV (W (F (W(ODSVHG7LPH (F(GJH&RXQW (W (F (W PV (F (W WW (F 5XOHV ,I(W WKHSHULRGLVLQYDOLG (OVH3HULRG (W(F STATUS parameter At the STATUS output, you can query whether errors occurred during execution of the "Control high-speed counter (extended)" instruction. The following table shows the meaning of the values output at the STATUS output: 3992 Error code (hexadecimal) Description 0 No error 80A1 Hardware identifier of the high-speed counter invalid 80C0 Multiple access to the high-speed counter 80D0 The high-speed counter (HSC) is not enabled in the CPU hardware configuration. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID Control (S7-1200, S7-1500) PID_Compact (S7-1200, S7-1500) New features of PID_Compact (S7-1200, S7-1500) PID_Compact V2.3 Response of the output value when switching from "Inactive" operating mode to "Automatic mode" The new option IntegralResetMode = 4 was added and defined as default. With IntegralResetMode = 4, the integral action is automatically pre-assigned when switching from "Inactive" operating mode to "Automatic mode" so that a control deviation results in a jump of the output value with identical sign. Initialization of the integral action in automatic mode The integral action can be initialized in automatic mode with the tags OverwriteInitialOutputValue and PIDCtrl.PIDInit. This simplifies the use of PID_Compact for override controls. PID_Compact V2.2 Use with S7-1200 As of PID_Compact V2.2, the instruction with V2 functionality can also be used on S7-1200 with firmware version 4.0 or higher. PID_Compact V2.0 Reaction to error The reaction to error has been completely overhauled. PID_Compact now reacts in a more fault-tolerant manner in the default setting. This reaction is set when copying PID_Compact V1.X from an S7-1200 CPU to an S7-1500 CPU. NOTICE Your system may be damaged. If you use the default setting, PID_Compact remains in automatic mode when the process value limits are exceeded. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. Use ErrorAck to acknowledge the errors and warnings without restarting the controller or clearing the integral action. Switching operating modes no longer clears errors that are no longer pending. You can configure the reaction to error with SetSubstituteOutput and ActivateRecoverMode. Substitute output value You can configure a substitute output value that is to be output if an error occurs. WinCC Advanced V14 System Manual, 10/2016 3993 Programming the PLC 11.4 Instructions Switching the operating mode You specify the operating mode at the Mode in/out parameter and use a rising edge at ModeActivate to start the operating mode. The sRet.i_Mode tag has been omitted. Multi-instance capability You can call up PID_Compact as multi-instance DB. No technology object is created in this case and no parameter assignment interface or commissioning interface is available. You must assign parameters for PID_Compact directly in the multi-instance DB and commission it via a watch table. Startup characteristics The operating mode specified at the Mode parameter is also started on a falling edge at Reset and during a CPU cold restart, if RunModeByStartup = TRUE. ENO characteristics ENO is set depending on the operating mode. If State = 0, then ENO = FALSE. If State 0, then ENO = TRUE. Setpoint value specification during tuning You configure the permitted fluctuation of the setpoint during tuning at the CancelTuningLevel tag. Value range for output value limits The value 0.0 no longer has to fall within the output value limits. Pre-assigning the integral action Using the tags IntegralResetMode and OverwriteInitialOutputValue, you can determine the pre-assignment of the integral action when switching from "Inactive" operating mode to "Automatic mode". Switching a disturbance variable on You can switch a disturbance variable on at the Disturbance parameter. Default value of PID parameters The following default settings have been changed: - Proportional action weighting (PWeighting) from 0.0 to 1.0 - Derivative action weighting (DWeighting) from 0.0 to 1.0 - Coefficient for derivative delay (TdFiltRatio) from 0.0 to 0.2 Renaming tags The static tags have been given new names that are compatible with PID_3Step. PID_Compact V1.2 Manual mode on CPU startup If ManualEnable = TRUE when the CPU starts, PID_Compact starts in manual mode. A rising edge at ManualEnable is not necessary. Pretuning If the CPU is switched off during pretuning, pretuning starts again when the CPU is switched back on. 3994 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID_Compact V1.1 Manual mode on CPU startup When the CPU starts up, PID_Compact only switches to manual mode with a rising edge at ManualEnable. Without rising edge, PID_Compact starts in the last operating mode in which ManualEnable was FALSE. Reaction to reset A rising edge at Reset resets the errors and warnings and clears the integral action. A falling edge at Reset triggers a switchover to the most recently active operating mode. Default of process value high limit The default value of r_Pv_Hlm has been changed to 120.0. Monitoring the sampling time - An error is no longer output when the current sampling time is 1.5 x current mean value or when the current sampling time is 0.5 x current mean value. The sampling time may deviate much more in automatic mode. - PID_Compact is compatible with FW, V2.0 or higher. Access to tags The following tags can now be used in the user program. - i_Event_SUT - i_Event_TIR - r_Ctrl_Ioutv Troubleshooting PID_Compact now outputs the correct pulses when the shortest ON time is not equal to the shortest OFF time. Compatibility with CPU and FW (S7-1200, S7-1500) The following table shows which version of PID_Compact can be used on which CPU. CPU FW PID_Compact S7-1200 V4.2 or higher V2.3 V2.2 V1.2 V4.0 to V4.1 V2.2 V1.2 V3.x V1.2 V1.1 V2.x V1.2 V1.1 V1.x WinCC Advanced V14 System Manual, 10/2016 V1.0 3995 Programming the PLC 11.4 Instructions CPU FW PID_Compact S7-1500 V2.0 or higher V2.3 V2.2 V2.1 V2.0 V1.5 to V1.8 V2.2 V2.1 V2.0 V1.1 V2.1 V2.0 V1.0 V2.0 PID_Compact V2 (S7-1200, S7-1500) Description of PID_Compact V2 (S7-1200, S7-1500) Description The PID_Compact instruction provides a PID controller with integrated tuning for actuators with proportional action. The following operating modes are possible: Inactive Pretuning Fine tuning Automatic mode Manual mode Substitute output value with error monitoring For a more detailed description of the operating modes, see the State parameter. 3996 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID algorithm PID_Compact is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The PID algorithm operates according to the following equation: 1 y = Kp [ (b * w - x) + T * s (w - x) + I TD * s a * TD * s + 1 (c * w - x) Symbol Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value ] TI Integral action time TD Derivative action time a Derivative delay coefficient (derivative delay T1 = a x TD) c Derivative action weighting Block diagram of PID_Compact ,QSXWB3(5 &53B,1 6FDOH ,QSXW3HU2Q ,QSXW:DUQLQJB+ ,QSXW:DUQLQJB/ ,QSXW 6HWSRLQW 39B$/50 3,'7 $QWL:LQGXS /LPLW ,19 ,QYHUW&RQWURO 2XWSXW 'LVWXUEDQFH 6WDWH 0DQXDO9DOXH /LPLW &53B287 3:0 WinCC Advanced V14 System Manual, 10/2016 2XWSXWB3(5 2XWSXWB3:0 3997 Programming the PLC 11.4 Instructions Block diagram of PIDT1 with anti-windup 6HWSRLQW Z E $QWL:LQGXS /,0,7 , .3 \ F 6FDOHG,QSXW [ '7 Call PID_Compact is called in the constant time scale of a cycle interrupt OB. If you call PID_Compact as a multi-instance DB, no technology object is created. No parameter assignment interface or commissioning interface is available. You must assign parameters for PID_Compact directly in the multi-instance DB and commission it via a watch table. Download to device The actual values of retentive variables are only updated when you download PID_Compact completely. Downloading technology objects to device (Page 6468) Startup When the CPU starts up, PID_Compact starts in the operating mode that is saved in the Mode in/out parameter. To switch to "Inactive" operating mode during startup, set RunModeByStartup = FALSE. 3998 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Reaction to error In automatic mode and during commissioning, the reaction to error depends on the SetSubstituteOutput and ActivateRecoverMode variables. In manual mode, the reaction is independent of SetSubstituteOutput and ActivateRecoverMode. If ActivateRecoverMode = TRUE, the reaction additionally depends on the error that occurred. SetSubstitu teOutput ActivateReco Configuration editor verMode > output value > Set Output to Reaction Not relevant FALSE Zero (inactive) Switch to "Inactive" mode (State = 0) FALSE TRUE Current output value while error is pending The value 0.0 0 is transferred to the actuator. Switch to "Substitute output value with error moni toring" mode (State = 5) The current output value is transferred to the ac tuator while the error is pending. TRUE TRUE Substitute output value while error is pending Switch to "Substitute output value with error moni toring" mode (State = 5) The value at SubstituteOutput is transferred to the actuator while the error is pending. In manual mode, PID_Compact uses ManualValue as output value, unless ManualValue is invalid. If ManualValue is invalid, SubstituteOutput is used. If ManualValue and SubstituteOutput are invalid, Config.OutputLowerLimit is used. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. ErrorBits is reset by a rising edge at Reset or ErrorAck. Mode of operation of PID_Compact V2 (S7-1200, S7-1500) Monitoring process value limits You specify the high limit and low limit of the process value in the Config.InputUpperLimit and Config.InputLowerLimit tags. If the process value is outside these limits, an error occurs (ErrorBits = 0001h). You specify a high and low warning limit of the process value in the Config.InputUpperWarning and Config.InputLowerWarning tags. If the process value is outside these warning limits, a warning occurs (Warning = 0040h), and the InputWarning_H or InputWarning_L output parameter changes to TRUE. Limiting the setpoint You specify a high limit and low limit of the setpoint in the Config.SetpointUpperLimit and Config.SetpointLowerLimit tags. PID_Compact automatically limits the setpoint to the process value limits. You can limit the setpoint to a smaller range. PID_Compact checks whether this range falls within the process value limits. If the setpoint is outside these limits, the high or low limit is used as the setpoint, and output parameter SetpointLimit_H or SetpointLimit_L is set to TRUE. The setpoint is limited in all operating modes. WinCC Advanced V14 System Manual, 10/2016 3999 Programming the PLC 11.4 Instructions Limiting the output value You specify a high limit and low limit of the output value in the Config.OutputUpperLimit and Config.OutputLowerLimit tags. Output, ManualValue and SubstituteOutput are limited to these values. The output value limits must match the control logic. The valid output value limit values depend on the Output used. Output -100.0 to 100.0% Output_PER -100.0 to 100.0% Output_PWM 0.0 to 100.0% Rule: OutputUpperLimit > OutputLowerLimit Note Use with two or more actuators PID_Compact is not suitable for use with two or more actuators (for example, in heating/cooling applications), because different actuators need different PID parameters to achieve a good control response. Use PID_Temp for applications with two actuators acting in opposite directions. Substitute output value In the event of an error, PID_Compact can output a substitute output value that you define at the SubstituteOutput tag. The substitute output value must be within the output value limits. Monitoring signal validity The values of the following parameters are monitored for validity when used: Setpoint Input Input_PER Disturbance ManualValue SubstituteOutput Output Output_PER Output_PWM 4000 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Monitoring of the sampling time PID_Compact Ideally, the sampling time is equivalent to the cycle time of the calling OB. The PID_Compact instruction measures the time interval between two calls. This is the current sampling time. On every switchover of operating mode and during the initial startup, the mean value is formed from the first 10 sampling times. Too great a difference between the current sampling time and this mean value triggers an error (Error = 0800h). The error occurs during tuning if: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value The error occurs in automatic mode if: New mean value >= 1.5 x old mean value New mean value <= 0.5 x old mean value If you deactivate the sampling time monitoring (CycleTime.EnMonitoring = FALSE), you can also call PID_Compact in OB1. You must then accept a lower control quality due to the deviating sampling time. Sampling time of the PID algorithm The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_Compact are executed at every call. If you use Output_PWM, the accuracy of the output signal is determined by the ratio of the PID algorithm sampling time to the cycle time of the OB. The cycle time should be at least 10 times the PID algorithm sampling time. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. For cooling and discharge control systems, it may be necessary to invert the control logic. PID_Compact does not work with negative proportional gain. If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. The control logic is also taken into account during pretuning and fine tuning. Input parameters of PID_Compact V2 (S7-1200, S7-1500) Table 11-67 Parameter Data type Default Description Setpoint REAL 0.0 Setpoint of the PID controller in automatic mode Input REAL 0.0 A tag of the user program is used as source for the process value. If you are using parameter Input, then Config.InputPer On = FALSE must be set. WinCC Advanced V14 System Manual, 10/2016 4001 Programming the PLC 11.4 Instructions Parameter Data type Default Description Input_PER INT 0 An analog input is used as the source of the process value. If you are using parameter Input_PER, then Config.In putPerOn = TRUE must be set. Disturbance REAL 0.0 Disturbance variable or precontrol value ManualEnable BOOL FALSE A FALSE -> TRUE edge activates "manual mode", while State = 4, Mode remains unchanged. As long as ManualEnable = TRUE, you cannot change the operating mode via a rising edge at ModeActivate or use the commissioning dialog. A TRUE -> FALSE edge activates the operating mode that is specified by Mode. We recommend that you change the operating mode using ModeActivate only. ManualValue REAL 0.0 Manual value This value is used as the output value in manual mode. Values from Config.OutputLowerLimit to Config.Outpu tUpperLimit are permitted. ErrorAck BOOL FALSE FALSE -> TRUE edge ErrorBits and Warning are reset. Reset BOOL FALSE Restarts the controller. FALSE -> TRUE edge - Switch to "Inactive" mode - ErrorBits and Warnings are reset. As long as Reset = TRUE, - PID_Compact remains in "Inactive" mode (State = 0). - You cannot change the operating mode with Mode and ModeActivate or ManualEnable. - You cannot use the commissioning dialog. TRUE -> FALSE edge ModeActivate 4002 BOOL FALSE - If ManualEnable = FALSE, PID_Compact switches to the operating mode that is saved in Mode. - If Mode = 3, the integral action is treated as configured with the tag IntegralResetMode. FALSE -> TRUE edge PID_Compact switches to the operating mode that is saved in the Mode parameter. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Output parameters of PID_Compact V2 (S7-1200, S7-1500) Table 11-68 Parameter Data type Default Description ScaledInput REAL 0.0 Scaled process value The "Output", "Output_PER", and "Output_PWM" outputs can be used concurrently. Output REAL 0.0 Output value in REAL format Output_PER INT 0 Analog output value Output_PWM BOOL FALSE Pulse-width-modulated output value The output value is formed by by variable On and Off times. SetpointLimit_H BOOL FALSE If SetpointLimit_H = TRUE, the absolute setpoint high limit is reached (Setpoint Config.SetpointUpperLimit). SetpointLimit_L BOOL FALSE InputWarning_H BOOL FALSE If InputWarning_H = TRUE, the process value has reached or exceeded the warning high limit. InputWarning_L BOOL FALSE If InputWarning_L = TRUE, the process value has reached or fallen below the warning low limit. State INT 0 The State parameter (Page 4013) shows the current oper ating mode of the PID controller. You can change the oper ating mode using the input parameter Mode and a rising edge at ModeActivate. The setpoint is limited to Config.SetpointUpperLimit . If SetpointLimit_L = TRUE, the absolute setpoint low limit has been reached (Setpoint Config.SetpointLowerLimit). The setpoint is limited to Config.SetpointLowerLimit . State = 0: Inactive State = 1: Pretuning State = 2: Fine tuning State = 3: Automatic mode State = 4: Manual mode State = 5: Substitute output value with error monitoring Error BOOL FALSE If Error = TRUE, at least one error message is pending in this cycle. ErrorBits DWORD DW#16#0 The ErrorBits parameter (Page 4017) shows which error messages are pending. ErrorBits is retentive and is reset upon a rising edge at Reset or ErrorAck. WinCC Advanced V14 System Manual, 10/2016 4003 Programming the PLC 11.4 Instructions In/out parameters of PID_Compact V2 (S7-1200, S7-1500) Table 11-69 Parameter Data type Default Description Mode INT 4 At Mode, specify the operating mode to which PID_Compact is to switch. Options are: Mode = 0: Inactive Mode = 1: Pretuning Mode = 2: Fine tuning Mode = 3: Automatic mode Mode = 4: Manual mode The operating mode is activated by: Rising edge at ModeActivate Falling edge at Reset Falling edge at ManualEnable Cold restart of CPU if RunModeByStartup = TRUE Mode is retentive. A detailed description of the operating modes can be found in Parameters State and Mode V2 (Page 4013). See also Parameters State and Mode V2 (Page 4013) 4004 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Static tags of PID_Compact V2 (S7-1200, S7-1500) You must not change tags that are not listed. These are used for internal purposes only. Tag Data type Default Description IntegralResetMode INT Up to V2.2: 1, The IntegralResetMode V2 tag (Page 4021) determines how the integral actionPIDCtrl.IntegralSum is pre-as signed when switching from "Inactive" operating mode to "Automatic mode". This setting only works for one cycle. V2.3 or high er: 4 Options are: IntegralResetMode = 0: Smooth IntegralResetMode = 1: Delete IntegralResetMode = 2: Hold IntegralResetMode = 3: Pre-assign IntegralResetMode = 4: Like setpoint change (only for PID_Compact with version 2.3) OverwriteInitialOutputValue REAL 0.0 If one of the following conditions is met, the integral ac tion PIDCtrl.IntegralSum is pre-assigned automatically as if Output = OverwriteInitialOutputValue in the previ ous cycle: IntegralResetMode = 3 when switching from "Inactive" operating mode to "Automatic mode". TRUE -> FALSE edge at parameter Reset and parameter Mode = 3 PIDCtrl.PIDInit = TRUE in "Automatic mode" (available as of PID_Compact version 2.3) RunModeByStartup BOOL TRUE Activate operating mode at Mode parameter after CPU restart If RunModeByStartup = TRUE, PID_Compact starts in the operating mode saved in the Mode parameter after CPU startup. If RunModeByStartup = FALSE, PID_Compact remains in "Inactive" mode after CPU startup. LoadBackUp BOOL FALSE If LoadBackUp = TRUE, the last set of PID parameters is reloaded. The set was saved prior to the last tuning. LoadBackUp is automatically set back to FALSE. PhysicalUnit INT 0 Unit of measurement of the process value and setpoint, e.g., C, or F. PhysicalQuantity INT 0 Physical quantity of the process value and setpoint, e.g., temperature. ActivateRecoverMode BOOL TRUE The Tag ActivateRecoverMode V2 (Page 4019) deter mines the reaction to error. Warning DWORD 0 Tag Warning V2 (Page 4021) shows the warnings since Reset = TRUE or ErrorAck =TRUE. Warning is retentive. Progress REAL 0.0 Progress of tuning as a percentage (0.0 - 100.0) CurrentSetpoint REAL 0.0 CurrentSetpoint always displays the current setpoint. This value is frozen during tuning. WinCC Advanced V14 System Manual, 10/2016 4005 Programming the PLC 11.4 Instructions Tag Data type Default Description CancelTuningLevel REAL 10.0 Permissible fluctuation of setpoint during tuning. Tuning is not canceled until: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel SubstituteOutput REAL 0.0 Substitute output value When the following conditions are met, the substitute output value is used: An error has occurred in automatic mode. SetSubstituteOutput = TRUE ActivateRecoverMode = TRUE SetSubstituteOutput BOOL TRUE If SetSubstituteOutput = TRUE and ActivateRecover Mode = TRUE, the substitute output value configured is output as long as an error is pending. If SetSubstituteOutput = FALSE and ActivateRecover Mode = TRUE, the actuator remains at the current out put value as long as an error is pending. If ActivateRecoverMode = FALSE, SetSubstituteOutput is not effective. If SubstituteOutput is invalid (ErrorBits = 20000h), the substitute output value cannot be output. Config.InputPerOn BOOL TRUE If InputPerOn = TRUE, the Input_PER parameter is used. If InputPerOn = FALSE, the Input parameter is used. Config.InvertControl BOOL FALSE Invert control logic If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. Config.InputUpperLimit REAL 120.0 High limit of the process value Input and Input_PER are monitored to ensure adher ence to this limit. At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). This pre-assignment ensures that an error is no longer signaled due to a violation of the "Process value high limit". Only a wire-break and a short-circuit are recog nized and PID_Compact reacts according to the config ured reaction to error. InputUpperLimit > InputLowerLimit Config.InputLowerLimit REAL 0.0 Low limit of the process value Input and Input_PER are monitored to ensure adher ence to this limit. InputLowerLimit < InputUpperLimit 4006 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Config.InputUpperWarning REAL 3.402822e+38 Warning high limit of the process value Description If you set InputUpperWarning outside the process value limits, the configured absolute process value high limit is used as the warning high limit. If you configure InputUpperWarning within the process value limits, this value is used as the warning high limit. InputUpperWarning > InputLowerWarning InputUpperWarning InputUpperLimit Config.InputLowerWarning REAL -3.402822e +38 Warning low limit of the process value If you set InputLowerWarning outside the process value limits, the configured absolute process value low limit is used as the warning low limit. If you configure InputLowerWarning within the process value limits, this value is used as the warning low limit. InputLowerWarning < InputUpperWarning InputLowerWarning InputLowerLimit Config.OutputUpperLimit REAL 100.0 High limit of output value For details, see OutputLowerLimit OutputUpperLimit > OutputLowerLimit Config.OutputLowerLimit REAL 0.0 Low limit of output value For Output and Output_PER, the range of values from -100.0 to +100.0, including zero, is valid. At -100.0, Out put_PER = -27648; at +100.0, Output_PER = 27648. For Output_PWM, the value range 0.0 to +100.0 applies. The output value limits must match the control logic. OutputLowerLimit < OutputUpperLimit Config.SetpointUpperLimit REAL 3.402822e+38 High limit of setpoint If you configure SetpointUpperLimit outside the process value limits, the configured process value absolute high limit is used as the setpoint high limit. If you configure SetpointUpperLimit within the process value limits, this value is used as the setpoint high limit. Config.SetpointLowerLimit REAL -3.402822e +38 Low limit of the setpoint If you set SetpointLowerLimit outside the process value limits, the configured process value absolute low limit is used as the setpoint low limit. If you set SetpointLowerLimit within the process value limits, this value is used as the setpoint low limit. Config.MinimumOnTime REAL 0.0 Config.MinimumOffTime REAL 0.0 The minimum ON time of the pulse width modulation in seconds is rounded to MinimumOnTime = nxCycleTime.Value The minimum OFF time of the pulse width modulation in seconds is rounded to MinimumOffTime = nxCycleTime.Value WinCC Advanced V14 System Manual, 10/2016 4007 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.InputScaling.UpperPointIn REAL 27648.0 Scaling Input_PER high Input_PER is converted to percent based on the two value pairs UpperPointOut, UpperPointIn and Lower PointOut, LowerPointIn. Config.InputScaling.LowerPointIn REAL 0.0 Scaling Input_PER low Input_PER is converted to percent based on the two value pairs UpperPointOut, UpperPointIn and Lower PointOut, LowerPointIn. Config.InputScaling.UpperPointOut REAL 100.0 Scaled high process value Input_PER is converted to percent based on the two value pairs UpperPointOut, UpperPointIn and Lower PointOut, LowerPointIn. Config.InputScaling.LowerPointOut REAL 0.0 Scaled low process value Input_PER is converted to percent based on the two value pairs UpperPointOut, UpperPointIn and Lower PointOut, LowerPointIn. CycleTime.StartEstimation BOOL TRUE If CycleTime.StartEstimation = TRUE, the automatic determination of the cycle time is started. Cycle Time.StartEstimation = FALSE once measurement is complete. CycleTime.EnEstimation BOOL TRUE If CycleTime.EnEstimation = TRUE, the PID_Compact sampling time is calculated. If CycleTime.EnEstimation = FALSE, the PID_Compact sampling time is not calculated and you need to correct the configuration of CycleTime.Value manually. CycleTime.EnMonitoring BOOL TRUE If CycleTime.EnMonitoring = FALSE, the PID_Compact sampling time is not monitored. If it is not possible to execute PID_Compact within the sampling time, no er ror (ErrorBits=0800h) is output and PID_Compact does not switch to "Inactive" mode. CycleTime.Value REAL 0.1 PID_Compact sampling time in seconds CycleTime.Value is determined automatically and is usually equivalent to the cycle time of the calling OB. CtrlParamsBackUp.Gain REAL 1.0 Saved proportional gain You can reload values from the CtrlParamsBackUp structure with LoadBackUp = TRUE. CtrlParamsBackUp.Ti REAL 20.0 Saved integral action time [s] CtrlParamsBackUp.Td REAL 0.0 Saved derivative action time [s] CtrlParamsBackUp.TdFiltRatio REAL 0.2 Saved derivative delay coefficient CtrlParamsBackUp.PWeighting REAL 1.0 Saved proportional action weighting factor CtrlParamsBackUp.DWeighting REAL 1.0 Saved derivative action weighting factor CtrlParamsBackUp.Cycle REAL 1.0 Saved sampling time of PID algorithm 4008 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.SUT.CalculateParams BOOL FALSE The properties of the controlled system are saved dur ing tuning. If SUT.CalculateParams = TRUE, the pa rameters for pretuning are recalculated according to these properties. This enables you to change the pa rameter calculation method without having to repeat controller tuning. SUT.CalculateParams is set to FALSE after the calcu lation. PIDSelfTune.SUT.TuneRule INT 0 Methods used to calculate parameters during pretuning: SUT.TuneRule = 0: PID according to Chien, Hrones and Reswick SUT.TuneRule = 1: PI according to Chien, Hrones and Reswick PIDSelfTune.SUT.State INT 0 The SUT.State tag indicates the current phase of pre tuning: State = 0: Initialize pretuning State = 100: Calculate the standard deviation State = 200: Find the point of inflection State = 9900: Pretuning successful State = 1: Pretuning not successful PIDSelfTune.TIR.RunIn BOOL FALSE With the RunIn tag, you can specify that fine tuning can also be performed without pretuning. RunIn = FALSE Pretuning is started when fine tuning is started from inactive or manual mode. If the requirements for pretuning are not met, PID_Compact reacts as if RunIn = TRUE. If fine tuning is started from automatic mode, the system uses the existing PID parameters to control to the setpoint. Only then will fine tuning start. If pretuning is not possible, PID_Compact switches to the mode from which tuning was started. RunIn = TRUE The pretuning is skipped. PID_Compact tries to reach the setpoint with minimum or maximum output value. This can produce increased overshoot. Fine tuning then starts automatically. RunIn is set to FALSE after fine tuning. PIDSelfTune.TIR.CalculateParams BOOL FALSE The properties of the controlled system are saved dur ing tuning. If TIR.CalculateParams = TRUE, the param eters for fine tuning are recalculated according to these properties. This enables you to change the parameter calculation method without having to repeat controller tuning. TIR.CalculateParams is set to FALSE after the calcula tion. WinCC Advanced V14 System Manual, 10/2016 4009 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.TuneRule INT 0 Methods used to calculate parameters during fine tun ing: TIR.TuneRule = 0: PID automatic TIR.TuneRule = 1: PID fast TIR.TuneRule = 2: PID slow TIR.TuneRule = 3: Ziegler-Nichols PID TIR.TuneRule = 4: Ziegler-Nichols PI TIR.TuneRule = 5: Ziegler-Nichols P PIDSelfTune.TIR.State INT 0 The TIR.State tag indicates the current phase of fine tuning: State = -100 Fine tuning is not possible. Pretuning will be performed first. State = 0: Initialize fine tuning State = 200: Calculate the standard deviation State = 300: Attempt to reach setpoint State = 400: Attempt to reach setpoint with existing PID parameters (if pretuning was successful) State = 500: Determine oscillation and calculate parameters State = 9900: Fine tuning successful State = 1: Fine tuning not successful PIDCtrl.IntegralSum REAL 0.0 Current integral action PIDCtrl.PIDInit BOOL FALSE PIDCtrl.PIDInit is available as of PID_Compact version 2.3. If PIDCtrl.PIDInit = TRUE in "Automatic mode", the in tegral action PIDCtrl.IntegralSum is pre-assigned auto matically as if Output = OverwriteInitialOutputValue in the previous cycle. This can be used for a AUTOHOT SPOT. Retain.CtrlParams.Gain REAL 1.0 Active proportional gain To invert the control logic, use the Config.InvertControl tag. Negative values at Gain also invert the control logic. We recommend you use only InvertControl to set the control logic. The control logic is also inverted if Inver tControl = TRUE and Gain < 0.0. Gain is retentive. Retain.CtrlParams.Ti REAL 20.0 CtrlParams.Ti > 0.0: Active integral action time CtrlParams.Ti = 0.0: Integral action is deactivated Ti is retentive. Retain.CtrlParams.Td REAL 0.0 CtrlParams.Td > 0.0: Active derivative action time CtrlParams.Td = 0.0: Derivative action is deactivated Td is retentive. 4010 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.TdFiltRatio REAL 0.2 Active derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. TdFiltRatio is retentive. Retain.CtrlParams.PWeighting REAL 1.0 Active proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. PWeighting is retentive. Retain.CtrlParams.DWeighting REAL 1.0 Active derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. DWeighting is retentive. Retain.CtrlParams.Cycle REAL 1.0 Active sampling time of the PID algorithm CtrlParams.Cycle is calculated during tuning and roun ded to an integer multiple of CycleTime.Value. Cycle is retentive. Note Change the tags listed in this table in "Inactive" mode to prevent malfunction of the PID controller. WinCC Advanced V14 System Manual, 10/2016 4011 Programming the PLC 11.4 Instructions See also Tag ActivateRecoverMode V2 (Page 4019) Tag Warning V2 (Page 4021) Downloading technology objects to device (Page 6468) Changing the PID_Compact V2 interface (S7-1200, S7-1500) The following table shows what has changed in the PID_Compact instruction interface. PID_Compact V1 PID_Compact V2 Change Input_PER Input_PER Data type from Word to Int Disturbance New ErrorAck New ModeActivate New Output_PER Output_PER Data type from Word to Int Error ErrorBits Renamed Error New Mode New RunModeByStartup Function sb_RunModeByStartup IntegralResetMode OverwriteInitialOutputValue New SetSubstituteOutput New CancelTuningLevel New SubstituteOutput New The following table shows which variables have been renamed. 4012 PID_Compact V1.x PID_Compact V2 sb_GetCycleTime CycleTime.StartEstimation sb_EnCyclEstimation CycleTime.EnEstimation sb_EnCyclMonitoring CycleTime.EnMonitoring sb_RunModeByStartup RunModeByStartup si_Unit PhysicalUnit si_Type PhysicalQuantity sd_Warning Warning sBackUp.r_Gain CtrlParamsBackUp.Gain sBackUp.r_Ti CtrlParamsBackUp.Ti sBackUp.r_Td CtrlParamsBackUp.Td sBackUp.r_A CtrlParamsBackUp.TdFiltRatio sBackUp.r_B CtrlParamsBackUp.PWeighting sBackUp.r_C CtrlParamsBackUp.DWeighting sBackUp.r_Cycle CtrlParamsBackUp.Cycle sPid_Calc.r_Cycle CycleTime.Value WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID_Compact V1.x PID_Compact V2 sPid_Calc.b_RunIn PIDSelfTune.TIR.RunIn sPid_Calc.b_CalcParamSUT PIDSelfTune.SUT.CalculateParams sPid_Calc.b_CalcParamTIR PIDSelfTune.TIR.CalculateParams sPid_Calc.i_CtrlTypeSUT PIDSelfTune.SUT.TuneRule sPid_Calc.i_CtrlTypeTIR PIDSelfTune.TIR.TuneRule sPid_Calc.r_Progress Progress sPid_Cmpt.r_Sp_Hlm Config.SetpointUpperLimit sPid_Cmpt.r_Sp_Llm Config.SetpointLowerLimit sPid_Cmpt.r_Pv_Norm_IN_1 Config.InputScaling.LowerPointIn sPid_Cmpt.r_Pv_Norm_IN_2 Config.InputScaling.UpperPointIn sPid_Cmpt.r_Pv_Norm_OUT_1 Config.InputScaling.LowerPointOut sPid_Cmpt.r_Pv_Norm_OUT_2 Config.InputScaling.UpperPointOut sPid_Cmpt.r_Lmn_Hlm Config.OutputUpperLimit sPid_Cmpt.r_Lmn_Llm Config.OutputLowerLimit sPid_Cmpt.b_Input_PER_On Config.InputPerOn sPid_Cmpt.b_LoadBackUp LoadBackUp sPid_Cmpt.b_InvCtrl Config.InvertControl sPid_Cmpt.r_Lmn_Pwm_PPTm Config.MinimumOnTime sPid_Cmpt.r_Lmn_Pwm_PBTm Config.MinimumOffTime sPid_Cmpt.r_Pv_Hlm Config.InputUpperLimit sPid_Cmpt.r_Pv_Llm Config.InputLowerLimit sPid_Cmpt.r_Pv_HWrn Config.InputUpperWarning sPid_Cmpt.r_Pv_LWrn Config.InputLowerWarning sParamCalc.i_Event_SUT PIDSelfTune.SUT.State sParamCalc.i_Event_TIR PIDSelfTune.TIR.State sRet.i_Mode sRet.i_Mode has been omitted. The operating mode is changed using Mode and ModeActivate. sRet.r_Ctrl_Gain Retain.CtrlParams.Gain sRet.r_Ctrl_Ti Retain.CtrlParams.Ti sRet.r_Ctrl_Td Retain.CtrlParams.Td sRet.r_Ctrl_A Retain.CtrlParams.TdFiltRatio sRet.r_Ctrl_B Retain.CtrlParams.PWeighting sRet.r_Ctrl_C Retain.CtrlParams.DWeighting sRet.r_Ctrl_Cycle Retain.CtrlParams.Cycle Parameters State and Mode V2 (S7-1200, S7-1500) Correlation of the parameters The State parameter shows the current operating mode of the PID controller. You cannot change the State parameter. With a rising edge at ModeActivate, PID_Compact switches to the operating mode saved in the Mode in-out parameter. WinCC Advanced V14 System Manual, 10/2016 4013 Programming the PLC 11.4 Instructions When the CPU is switched on or switches from Stop to RUN mode, PID_Compact starts in the operating mode that is saved in the Mode parameter. To leave PID_Compact in "Inactive" mode, set RunModeByStartup = FALSE. Meaning of values State / Mode Description of operating mode 0 Inactive In "Inactive" operating mode, the output value 0.0 is always output, regardless of Config.OutputUpperLimit and Config.OutputLowerLimit. Pulse width modulation is off. 1 Pretuning The pretuning determines the process response to a jump change of the output value and searches for the point of inflection. The PID parameters are calculated from the maximum rate of rise and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. Pretuning requirements: Inactive (State = 0), manual mode (State = 4), or automatic mode (State = 3) ManualEnable = FALSE Reset = FALSE The process value must not be too close to the setpoint. |Setpoint - Input| > 0.3 * | Config.InputUpperLimit - Config.InputLowerLimit| and |Setpoint - Input| > 0.5 * |Setpoint| The setpoint and the process value lie within the configured limits. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel Before the PID parameters are recalculated, they are backed up and can be reactivated with LoadBackUp. The controller switches to automatic mode following successful pretuning. If pretuning is unsuccessful, the switchover of the operating mode is dependent on ActivateRecoverMode. The phase of pretuning is indicated with PIDSelfTune.SUT.State. 4014 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State / Mode Description of operating mode 2 Fine tuning Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are recalculated based on the amplitude and frequency of this oscillation. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_Compact automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel Before the PID parameters are recalculated, they are backed up and can be reactivated with LoadBackUp. Requirements for fine tuning: No disturbances are expected. The setpoint and the process value lie within the configured limits. ManualEnable = FALSE Reset = FALSE Automatic (State = 3), inactive (State = 0) or manual (State = 4) mode Fine tuning proceeds as follows when started from: Automatic mode (State = 3) Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_Compact controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive (State = 0) or manual mode (State = 4) If the requirements for pretuning are met, pretuning is started. The determined PID parameters will be used for control until the control loop has stabilized and the requirements for fine tuning have been met. If the process value for pretuning is already too near the setpoint or PIDSelfTune.TIR.RunIn = TRUE, an attempt is made to reach the setpoint with the minimum or maximum output value. This can produce increased overshoot. Only then will fine tuning start. The controller switches to automatic mode following successful fine tuning. If fine tuning is unsuccessful, the switchover of the operating mode is dependent on ActivateRecoverMode. The "Fine tuning" phase is indicated with PIDSelfTune.TIR.State. 3 Automatic mode In automatic mode, PID_Compact corrects the controlled system in accordance with the parameters specified. The controller switches to automatic mode if one the following requirements is fulfilled: Pretuning successfully completed Fine tuning successfully completed Changing of the Mode in-out parameter to the value 3 and a rising edge at ModeActivate. The switchover from automatic mode to manual mode is only bumpless if carried out in the commissioning editor. The ActivateRecoverMode tag is taken into consideration in automatic mode. WinCC Advanced V14 System Manual, 10/2016 4015 Programming the PLC 11.4 Instructions State / Mode Description of operating mode 4 Manual mode In manual mode, you specify a manual output value in the ManualValue parameter. You can also activate this operating mode using ManualEnable = TRUE. We recommend that you change the operating mode using Mode and ModeActivate only. The switchover from manual mode to automatic mode is bumpless. Manual mode is also possible when an error is pending. 5 Substitute output value with error monitoring The control algorithm is deactivated. The SetSubstituteOutput tag determines which output value is output in this operating mode. SetSubstituteOutput = FALSE: Last valid output value SetSubstituteOutput = TRUE: Substitute output value You cannot activate this operating mode using Mode = 5. In the event of an error, it is activated instead of "Inactive" operating mode if all the following conditions are met: Automatic mode (Mode = 3) ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode is effective. As soon as the errors are no longer pending, PID_Compact switches back to automatic mode. ENO characteristics If State = 0, then ENO = FALSE. If State 0, then ENO = TRUE. Automatic switchover of operating mode during commissioning Automatic mode is activated following successful pretuning or fine tuning. The following table shows how Mode and State change during successful pretuning. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter n 4 1 Pretuning successfully completed n 3 3 Automatic mode is started Pretuning is started PID_Compact automatically switches the operating mode in the event of an error. The following table shows how Mode and State change during pretuning with errors. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter Pretuning is started 4016 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Cycle no. Mode State Action n 4 1 Pretuning canceled n 4 4 Manual mode is started If ActivateRecoverMode = TRUE, the operating mode that is saved in the Mode parameter is activated. At the start of pretuning or fine tuning, PID_Compact has saved the value of State in the Mode in/out parameter. PID_Compact therefore switches to the operating mode from which tuning was started. If ActivateRecoverMode = FALSE, the system switches to "Inactive" operating mode. See also Output parameters of PID_Compact V2 (Page 4003) Parameter ErrorBits V2 (S7-1200, S7-1500) If several errors are pending simultaneously, the values of the ErrorBits are displayed with binary addition. The display of ErrorBits = 0003h, for example, indicates that the errors 0001h and 0002h are pending simultaneously. In manual mode, PID_Compact uses ManualValue as output value. The exception is Errorbits = 10000h. ErrorBits Description (DW#16#...) 0000 There is no error. 0001 The "Input" parameter is outside the process value limits. Input > Config.InputUpperLimit or Input < Config.InputLowerLimit If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact remains in automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. 0002 Invalid value at "Input_PER" parameter. Check whether an error is pending at the analog input. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact outputs the configured substitute output value. As soon as the error is no longer pending, PID_Compact switches back to automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. 0004 Error during fine tuning. Oscillation of the process value could not be maintained. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0008 Error at start of pretuning. The process value is too close to the setpoint. Start fine tuning. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact cancels the tuning and switches to the operating mode that is saved in the Mode parameter. WinCC Advanced V14 System Manual, 10/2016 4017 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 0010 The setpoint was changed during tuning. You can set the permitted fluctuation of the setpoint at the CancelTuningLevel tag. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0020 Pretuning is not permitted during fine tuning. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact remains in fine tuning mode. 0080 Error during pretuning. Incorrect configuration of output value limits. Check whether the limits of the output value are configured correctly and match the control logic. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0100 Error during fine tuning resulted in invalid parameters. If ActivateRecoverMode = TRUE before the error occurred, PID_Compact cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0200 Invalid value at "Input" parameter: Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact outputs the configured substitute output value. As soon as the error is no longer pending, PID_Compact switches back to automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. 0400 Calculation of output value failed. Check the PID parameters. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact outputs the configured substitute output value. As soon as the error is no longer pending, PID_Compact switches back to automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. 0800 Sampling time error: PID_Compact is not called within the sampling time of the cyclic interrupt OB. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact remains in automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. If this error occurred during simulation with PLCSIM, see the notes under AUTOHOTSPOT. 1000 Invalid value at "Setpoint" parameter: Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact outputs the configured substitute output value. As soon as the error is no longer pending, PID_Compact switches back to automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Compact switches to the operating mode that is saved in the Mode parameter. 10000 Invalid value at ManualValue parameter. Value has an invalid number format. If ActivateRecoverMode = TRUE before an error occurred, PID_Compact uses SubstituteOutput as the output value. As soon as you specify a valid value in ManualValue, PID_Compact uses it as the output value. 4018 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 20000 Invalid value at SubstituteOutput tag. Value has an invalid number format. PID_Compact uses the output value low limit as the output value. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_Compact switches back to automatic mode. 40000 Invalid value at Disturbance parameter. Value has an invalid number format. If automatic mode was active and ActivateRecoverMode = TRUE before the error occurred, Disturbance is set to zero. PID_Compact remains in automatic mode. If pretuning or fine tuning mode was active and ActivateRecoverMode = TRUE before the error occurred, PID_Compact switches to the operating mode saved in the Mode parameter. If Disturbance in the current phase has no effect on the output value, tuning is not be canceled. Tag ActivateRecoverMode V2 (S7-1200, S7-1500) The ActivateRecoverMode tag determines the reaction to error. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. Automatic mode NOTICE Your system may be damaged. If ActivateRecoverMode = TRUE, PID_Compact remains in automatic mode even if there is an error and the process limit values are exceeded. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. WinCC Advanced V14 System Manual, 10/2016 4019 Programming the PLC 11.4 Instructions ActivateReco verMode Description FALSE PID_Compact automatically switches to "Inactive" mode in the event of an error. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. TRUE If errors occur frequently in automatic mode, this setting has a negative effect on the control response, because PID_Compact switches between the calculated output value and the substitute output value at each error. In this case, check the ErrorBits parameter and eliminate the cause of the error. If one or more of the following errors occur, PID_Compact stays in automatic mode: 0001h: The "Input" parameter is outside the process value limits. 0800h: Sampling time error 40000h: Invalid value at parameter Disturbance. If one or more of the following errors occur, PID_Compact switches to "Substitute output value with error monitoring" mode: 0002h: Invalid value at Input_PER parameter. 0200h: Invalid value at Input parameter. 0400h: Calculation of output value failed. 1000h: Invalid value at Setpoint parameter. If the following error occurs, PID_Compact switches to "Substitute output value with error monitoring" mode and moves the actuator to Config.OutputLowerLimit: 20000h: Invalid value at SubstituteOutput tag. Value has an invalid number format. This characteristics are independent of SetSubstituteOutput. As soon as the errors are no longer pending, PID_Compact switches back to automatic mode. Pretuning and fine tuning ActivateReco verMode Description FALSE PID_Compact automatically switches to "Inactive" mode in the event of an error. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. TRUE If the following error occurs, PID_Compact remains in the active mode: 0020h: Pretuning is not permitted during fine tuning. The following errors are ignored: 10000h: Invalid value at ManualValue parameter. 20000h: Invalid value at SubstituteOutput tag. When any other error occurs, PID_Compact cancels the tuning and switches to the mode from which tuning was started. Manual mode ActivateRecoverMode is not effective in manual mode. 4020 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Warning V2 (S7-1200, S7-1500) If several warnings are pending simultaneously, the values of the Warning tag are displayed with binary addition. The display of warning 0003h, for example, indicates that the warnings 0001h and 0002h are pending simultaneously. Warning Description (DW#16#....) 0000 No warning pending. 0001 The point of inflection was not found during pretuning. 0004 The setpoint was limited to the configured limits. 0008 Not all the necessary controlled system properties were defined for the selected method of calculation. Instead, the PID parameters were calculated using the TIR.TuneRule = 3 method. 0010 The operating mode could not be changed because Reset = TRUE or ManualEnable = TRUE. 0020 The cycle time of the calling OB limits the sampling time of the PID algorithm. Improve results by using shorter OB cycle times. 0040 The process value exceeded one of its warning limits. 0080 Invalid value at Mode. The operating mode is not switched. 0100 The manual value was limited to the limits of the controller output. 0200 The specified rule for tuning is not supported. No PID parameters are calculated. 1000 The substitute output value cannot be reached because it is outside the output value limits. The following warnings are deleted as soon as the cause is eliminated: 0001h 0004h 0008h 0040h 0100h All other warnings are cleared with a rising edge at Reset or ErrorAck. IntegralResetMode V2 tag (S7-1200, S7-1500) The IntegralResetMode tag determines how the integral action PIDCtrl.IntegralSum is preassigned: When switching from "Inactive" operating mode to "Automatic mode" With edge TRUE -> FALSE at parameter Reset and parameter Mode = 3 WinCC Advanced V14 System Manual, 10/2016 4021 Programming the PLC 11.4 Instructions This setting only works for one cycle and is only effective if the integral action is activated (Retain.CtrlParams.Ti > 0.0 tag). IntegralReset Mode Description 0 Smooth The value of PIDCtrl.IntegralSum is pre-assigned so that the switchover is bumpless, which means "Au tomatic mode" starts with the output value = 0.0 (parameter Output) and there is no jump of the output value regardless of the control deviation (setpoint - actual value). 1 Delete We recommend setting the weighting of the proportional action (Retain.CtrlParams.PWeighting) to 1.0 if this option is used. The value of PIDCtrl.IntegralSum is deleted. Any control deviation will cause a jump change of the output value. The direction of the output value jump depends on the configured weighting of the proportional action (Retain.CtrlParams.PWeighting tag) and the control deviation: Proportional action weighting = 1.0: Output value jump and control deviation have identical signs. Example: If the actual value value is smaller than the setpoint (positive control deviation), the output value jumps to a positive value. Proportional action weighting < 1.0: For large control deviations, the output value jump and control deviation have identical signs. Example: If the actual value is much smaller than the setpoint (positive control deviation), the output value jumps to a positive value. For small control deviations, the output value jump and control deviation have different signs. Example: If the actual value value is just below the setpoint (positive control deviation), the output value jumps to a negative value. This is usually not desirable, because it results in a temporary increase in the control deviation. The smaller the configured weighting of the proportional action, the greater the control deviation must be to receive an output value jump with identical sign. We recommend setting the weighting of the proportional action (Retain.CtrlParams.PWeighting) to 1.0 when this option is used. Otherwise, you may experience the undesirable behavior described for small control deviations. Alternatively, you can also use IntegralResetMode = 4. This option guarantees identical signs of the output value jump and control deviation independent of the configured weighting of the pro portional action and the control deviation. 2 Hold The value of PIDCtrl.IntegralSum is not changed. You can define a new value using the user program. 3 Pre-assign The value of PIDCtrl.IntegralSum is automatically pre-assigned as if Output = OverwriteInitialOutputValue in the last cycle. 4 Like setpoint change (only for PID_Compact with version 2.3) The value of PIDCtrl.IntegralSum is automatically pre-assigned so that a similar output value jump results as for a PI controller in automatic mode in case of a setpoint change from the current actual value to the current setpoint. Any control deviation will cause a jump of the output value. Output value jump and control deviation have identical signs. Example: If the actual value value is smaller than the setpoint (positive control deviation), the output value jumps to a positive value. This is independent of the configured weighting of the proportional action and the control deviation. 4022 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If IntegralResetMode is assigned a value outside the valid value range, PID_Compact behaves as with the pre-assignment of IntegralResetMode: PID_Compact up to V2.2: IntegralResetMode = 1 PID_Compact V2.3 and higher: IntegralResetMode = 4 All statements made above regarding the sign of the output value jump are based on a normal control logic (Config.InvertControl = FALSE tag). With an inverted control logic (Config.InvertControl = TRUE), the output value jump will have a reverse sign. Sample program for PID_Compact (S7-1200, S7-1500) In the following example, you are controlling temperature values with the technology object of the instruction "PID_Compact". The temperature values are simulated based on a block which simulates a delay element of the third order (PT3 element). The PID parameters of the technology object can be set automatically via the pretuning. VHWSRLQW 3,'B&RPSDFW 6HWSRLQW &RQWUROOHUV RXWSXW9DOXH 0DQLSXODWHG YDULDEOH 6/,B352&B& LQSXW9DOXH 3URFHVV 3URFHVVYDOXH 3URFHVVYDOXH Data storage Create seven tags in a global data block for storage of the interconnection data. Interconnection of the parameters You call the following interconnections in a cyclic interrupt OB. Network 1: You interconnect the parameters of the instruction "PID_Compact" as follows. WinCC Advanced V14 System Manual, 10/2016 4023 Programming the PLC 11.4 Instructions Network 2: You interconnect the parameters of the block simulating the temperature values "SLI_PROC_C" as follows. 4024 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Technology object You configure the technology object with the properties of the instruction "PID_Compact" or by using the path Technology object > Configuration. The controller type and the input/output parameters are important for the example. With the controller type, you make a preselection for the unit of the value to the controlled. In this example, "Temperature" with the unit "C" is used as controller type. The parameters of the "PID_Compact" are already interconnected with global tags. Therefore, the information on use of the parameters Input and Output is sufficient. WinCC Advanced V14 System Manual, 10/2016 4025 Programming the PLC 11.4 Instructions Procedure for starting the control After the download to the CPU the PID_Compact is in manual mode with manual value 0.0. To start the control, follow these steps: 1. Open the Commissioning of the technology object "SLI_Tech_PID_Compact". 2. Click the "Start" button in the "Measurement" area. Measurement starts and PID_Compact can be activated. 3. Pretuning is selected. Click the "Start" button in the "Tuning mode" area. A pretuning is performed. The PID parameters are automatically adjusted to the process. After the completion of the pretuning PID_Compact switches to automatic mode. Note Alternative to start PID_Compact Alternatively, you can switch PID_Compact to automatic mode in the "Online status of controller" area with the "Stop PID_Compact" / "Start PID_Compact" without pretuning. In this case the controller uses default values for the PID parameters and shows a worse controller behavior for the application case. Procedure for stopping control To stop and exit PID_Compact and the program, follow these steps: 1. Click the "Stop PID_Compact" button in the technology object "SLI_Tech_PID_Compact" in the "Online status of controller" area. The instruction "PID_Compact" exits the control and outputs the value "0.0" as manipulated variable. 2. Click the "Stop" button in the "Measurement" area. 3. To set the process value immediately to the value "0.0", follow these steps: In the block "SLI_OB_PID_Compact", set the "resetAll" tag to the value "TRUE", and then to the value "FALSE". 4026 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions "PID_Compact" instruction The setpoint for the temperature that is to be controlled is specified at the parameter Setpoint ("setpoint"). The control is started when the instruction "PID_Compact" was started with the technology object. The instruction "PID_Compact" outputs a manipulated variable at the output parameter Output ("outputValue"). The process value of the temperature is transferred to the instruction "PID_Compact" with the input parameter Input ("inputValue"). The instruction "PID_Compact" adjusts the manipulated variable ("outputValue") depending on the history of the difference between setpoint ("setpoint") and process value ("inputValue") . The process is repeated so that the process value ("inputValue") approaches the setpoint ("setpoint") through the manipulated variable ("outputValue"). The current operating mode of the instruction "PID_Compact" is displayed at the output parameter State ("state"). After pretuning (the value of "state" is "1"), the PID_Compact switches to automatic mode (the value is "3"). The output parameter Error ("error") currently shows that no error is pending. The output parameter ErrorBits ("errorBits") provides information on the error type in case of error. If an error occurs, this can be acknowledged in the technology object, in the optimization status area with the "ErrorAck" button. "SLI_PROC_C" block The "SLI_PROC_C" block simulates the process value ("inputValue") of the rising temperature of a plant. The block "SLI_PROC_C" contains the manipulated variable of the controller ("outputValue) and simulates the temperature behavior of the process. This temperature is fed as process value ("inputValue") into the controller. WinCC Advanced V14 System Manual, 10/2016 4027 Programming the PLC 11.4 Instructions A change in the values of the "resetAll" tag (of the comRst parameter) has the following effects: Parameter comRst ("re The instruction "PID_Compact" is setAll") running The instruction "PID_Compact" was stopped comRst ("resetAll") re mains set to the value "FALSE" The "SLI_PROC_C" block outputs a new process value ("inputValue") based on a manipulated variable ("outputValue"). The "SLI_PROC_C" block does not receive a manipulated variable > "0.0", but it still outputs a new process value > "0.0". comRst ("resetAll"): Change from "FALSE" to the value "TRUE" Both manipulated variable ("output The output process value ("inputVal Value") and output process value ("in ue") / the temperature of the putValue") are reset to "0.0". "SLI_PROC_C" block is reset to "0.0". comRst ("resetAll"): Change from "TRUE" to the value "FALSE" Temperature control starts again. The output process value / the tem perature ("inputValue") remains "0.0". Program code You can find additional information about the program code for the above-named example under the keyword "Sample Library for Instructions". 4028 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions CPU processing time and memory requirement PID_Compact V2.x (S7-1200, S7-1500) CPU processing time Typical CPU processing times of the PID_Compact technology object as of Version V2.0, depending on CPU type. CPU Typ. CPU processing time PID_Compact V2.x CPU 1211C V4.0 300 s CPU 1215C V4.0 300 s CPU 1217C V4.0 300 s CPU 1505S V1.0 45 s CPU 1510SP-1 PN V1.6 85 s CPU 1511-1 PN V1.5 85 s CPU 1512SP-1 PN V1.6 85 s CPU 1516-3 PN/DP V1.5 50 s CPU 1518-4 PN/DP V1.5 4 s Memory requirement Memory requirement of an instance DB of the PID_Compact technology object as of Version V2.0. Memory requirement of the instance DB of PID_Compact V2.x Load memory requirement Approx. 12000 bytes Total work memory requirement 788 bytes Retentive work memory requirement 44 bytes PID_Compact V1 (S7-1200) Description of PID_Compact V1 (S7-1200) Description The PID_Compact instruction provides a PID controller with integrated tuning for automatic and manual mode. Call PID_Compact is called in the constant interval of the cycle time of the calling OB (preferably in a cyclic interrupt OB). WinCC Advanced V14 System Manual, 10/2016 4029 Programming the PLC 11.4 Instructions Download to device The actual values of retentive tags are only updated when you download PID_Compact completely. Downloading technology objects to device (Page 6468) Startup At the startup of the CPU, PID_Compact starts in the operating mode that was last active. To retain PID_ Compact in "Inactive" mode, set sb_RunModeByStartup = FALSE. Monitoring of the sampling time PID_Compact Ideally, the sampling time is equivalent to the cycle time of the calling OB. The PID_Compact instruction measures the time interval between two calls. This is the current sampling time. On every switchover of operating mode and during the initial startup, the mean value is formed from the first 10 sampling times. If the current sampling time deviates too much from this mean value, Error = 0800 hex occurs and PID_Compact switches to "Inactive" mode. PID_Compact, Version 1.1 or higher is set to "Inactive" mode during controller tuning under the following conditions: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value In automatic mode, PID_Compact, Version 1.1 or higher, is set to "Inactive" mode under the following conditions: New mean value >= 1.5 x old mean value New mean value <= 0.5 x old mean value During controller tuning and in automatic mode, PID_Compact 1.0 is set to "Inactive" operating mode under the following conditions: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value Current sampling time >= 1.5 x current mean value Current sampling time <= 0.5 x current mean value Sampling time of the PID algorithm The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_Compact are executed at every call. 4030 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID algorithm PID_Compact is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The following equation is used to calculate the output value. 1 [ (b * w - x) + T * s y = Kp (w - x) + I TD * s a * TD * s + 1 (c * w - x) Symbol Description y Output value Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time a Derivative delay coefficient (T1 = a x TD) ] Derivative action time c Derivative action weighting Block diagram of PID_Compact ,QSXWB3(5 &53B,1 6FDOH EB,QSXWB3(5B2Q ,QSXW:DUQLQJB+ ,QSXW:DUQLQJB/ ,QSXW 6HWSRLQW 39B$/50 3,'7 $QWL:LQGXS /LPLW ,19 EB,QY&WUO 2XWSXW 0DQXDO(QDEOH 0DQXDO9DOXH /LPLW &53B287 3:0 WinCC Advanced V14 System Manual, 10/2016 2XWSXWB3(5 2XWSXWB3:0 4031 Programming the PLC 11.4 Instructions Block diagram of PIDT1 with anti-windup E 6HWSRLQW Z $QWL:LQGXS /,0,7 , .3 \ F 6FDOHG,QSXW [ '7 Reaction to error If errors occur, they are output in parameter Error, and PID_Compact changes to "Inactive" mode. Reset the errors using the Reset parameter. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. For cooling and discharge control systems, it may be necessary to invert the control logic. PID_Compact does not work with negative proportional gain. If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. The control logic is also taken into account during pretuning and fine tuning. See also Controller type (Page 6508) Input parameters of PID_Compact V1 (S7-1200) Table 11-70 Parameter Data type Default Description Setpoint REAL 0.0 Setpoint of the PID controller in automatic mode Input REAL 0.0 A variable of the user program is used as source for the process value. If you are using parameter Input, then sPid_Cmpt.b_In put_PER_On = FALSE must be set. 4032 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Input_PER WORD W#16#0 Analog input as the source of the process value If you are using parameter Input_PER, then sPid_Cmpt.b_In put_PER_On = TRUE must be set. ManualEnable BOOL FALSE A FALSE -> TRUE edge selects "Manual mode", while State = 4, sRet.i_Mode remains unchanged. A TRUE -> FALSE edge selects the most recently active operating mode, State =sRet.i_Mode A change of sRet.i_Mode will not take effect during ManualEnable = TRUE. The change of sRet.i_Mode will only be considered upon a TRUE -> FALSE edge at ManualEnable . PID_Compact V1.2 und PID_Compact V1.0 If at start of the CPU ManualEnable = TRUE, PID_Compact starts in manual mode. A rising edge (FALSE > TRUE) at ManualEnable is not necessary. PID_Compact V1.1 At the start of the CPU, PID_Compact only switches to manual mode with a rising edge (FALSE->TRUE) at ManualEnable . Without rising edge, PID_Compact starts in the last operating mode in which Manua lEnable was FALSE. ManualValue REAL 0.0 Manual value This value is used as the output value in manual mode. Reset BOOL FALSE The Reset parameter (Page 4043) restarts the controller. Output parameters of PID_Compact V1 (S7-1200) Table 11-71 Parameter Data type Default Description ScaledInput REAL 0.0 Output of the scaled process value Outputs "Output", "Output_PER", and "Output_PWM" can be used concurrently. Output REAL 0.0 Output value in REAL format Output_PER WORD W#16#0 Analog output value Output_PWM BOOL FALSE Pulse-width-modulated output value SetpointLimit_H BOOL FALSE The output value is formed by minimum On and Off times. If SetpointLimit_H = TRUE, the setpoint absolute high limit is reached. The setpoint in the CPU is limited to the configured setpoint absolute high limit. The configured process value absolute high limit is the de fault for the setpoint high limit. If you set sPid_Cmpt.r_Sp_Hlm to a value within the process value limits, this value is used as the setpoint high limit. SetpointLimit_L BOOL FALSE If SetpointLimit_L = TRUE, the setpoint absolute low limit has been reached. In the CPU, the setpoint is limited to the configured setpoint absolute low limit. The configured process value absolute low limit is the default setting for the setpoint low limit. If you set sPid_Cmpt.r_Sp_Llm to a value within the process value limits, this value is used as the setpoint low limit. WinCC Advanced V14 System Manual, 10/2016 4033 Programming the PLC 11.4 Instructions Parameter Data type Default Description InputWarning_H BOOL FALSE If InputWarning_H = TRUE, the process value has reached or excee ded the warning high limit. InputWarning_L BOOL FALSE If InputWarning_L = TRUE, the process value has reached or fallen below the warning low limit. State INT 0 The State parameter (Page 4039) shows the current operating mode of the PID controller. To change the operating mode, use variable sRet.i_Mode. State = 0: Inactive State = 1: pretuning State = 2: fine tuning State = 3: Automatic mode State = 4: Manual mode Error DWORD W#16#0 The Error parameter (Page 4042) indicates the error messages. Error = 0000: No error pending. Static tags of PID_Compact V1 (S7-1200) You must not change tags that are not listed. These are used for internal purposes only. Table 11-72 Tag Data type Default Description sb_GetCycleTime BOOL TRUE If sb_GetCycleTime = TRUE, the automatic determi nation of the cycle time is started. CycleTime.StartEs timation = FALSE once measurement is complete. sb_EnCyclEstimation BOOL TRUE If sb_EnCyclEstimation = TRUE, the PID_Compact sampling time is not monitored. sb_EnCyclMonitoring BOOL TRUE If sb_EnCyclMonitoring = FALSE, the PID_Compact sampling time is not monitored. If it is not possible to execute PID_Compact within the sampling time, an 0800 error is not output and PID_Compact does not change to "Inactive" mode. sb_RunModeByStartup BOOL TRUE Activate Mode after CPU restart If sb_RunModeByStartup = FALSE, the controller will remain inactive after a CPU startup. After a CPU startup and if sb_RunModeByStartup = TRUE, the controller will return to the most recently active operating mode. si_Unit INT 0 Unit of measurement of the process value and set point, e.g., C, or F. si_Type INT 0 Physical quantity of the process value and setpoint, e.g., temperature. sd_Warning DWORD DW#16#0 Variable sd_warning (Page 4044) displays the warn ings generated since the reset, or since the last change of the operating mode. sBackUp.r_Gain REAL 1.0 Saved proportional gain You can reload values from the sBackUp structure with sPid_Cmpt.b_LoadBackUp = TRUE. 4034 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description sBackUp.r_Ti REAL 20.0 Saved integral action time [s] sBackUp.r_Td REAL 0.0 Saved derivative action time [s] sBackUp.r_A REAL 0.0 Saved derivative delay coefficient sBackUp.r_B REAL 0.0 Saved proportional action weighting factor sBackUp.r_C REAL 0.0 Saved derivative action weighting factor sBackUp.r_Cycle REAL 1.0 Saved sampling time of PID algorithm sPid_Calc.r_Cycle REAL 0.1 Sampling time of the PID_Compact instruction r_Cycle is determined automatically and is usually equivalent to the cycle time of the calling OB. sPid_Calc.b_RunIn BOOL FALSE b_RunIn = FALSE Pretuning is started when fine tuning is started from inactive or manual mode. If the requirements for pretuning are not met, PID_Compact reacts as if b_RunIn = TRUE. If fine tuning is started from automatic mode, the system uses the existing PID parameters to control to the setpoint. Only then will fine tuning start. If pretuning is not possible, PID_Compact switches to "Inactive" mode. b_RunIn = TRUE The pretuning is skipped. PID_3Compact tries to reach the setpoint with minimum or maximum output value. This can produce increased overshoot. Fine tuning then starts automatically. b_RunIn is set to FALSE after fine tuning. sPid_Calc.b_CalcParamSUT BOOL FALSE The parameters for pretuning will be recalculated if b_CalcParamSUT = TRUE. This enables you to change the parameter calculation method without hav ing to repeat controller tuning. b_CalcParamSUT is set to FALSE after the calculation. sPid_Calc.b_CalcParamTIR BOOL FALSE The parameters for fine tuning will be recalculated if b_CalcParamTIR = TRUE. This enables you to change the parameter calculation method without hav ing to repeat controller tuning. b_CalcParamTIR will be set to FALSE after calcula tion. sPid_Calc.i_CtrlTypeSUT INT 0 Methods used to calculate parameters during pretun ing: i_CtrlTypeSUT = 0: PID according to Chien, Hrones and Reswick i_CtrlTypeSUT = 1: PI according to Chien, Hrones and Reswick WinCC Advanced V14 System Manual, 10/2016 4035 Programming the PLC 11.4 Instructions Tag Data type Default Description sPid_Calc.i_CtrlTypeTIR INT 0 Methods used to calculate parameters during fine tun ing: i_CtrlTypeTIR = 0: PID automatic i_CtrlTypeTIR = 1: PID fast i_CtrlTypeTIR = 2: PID slow i_CtrlTypeTIR = 3: Ziegler-Nichols PID i_CtrlTypeTIR = 4: Ziegler-Nichols PI i_CtrlTypeTIR = 5: Ziegler-Nichols P sPid_Calc.r_Progress REAL 0.0 Progress of tuning as a percentage (0.0 - 100.0) sPid_Cmpt.r_Sp_Hlm REAL +3.402822e +38 High limit of setpoint If you configure sPid_Cmpt.r_Sp_Hlm outside the proc ess value limits, the configured process value absolute high limit is used as the setpoint high limit. If you set sPid_Cmpt.r_Sp_Hlm within the process val ue limits, this value is used as the setpoint high limit. sPid_Cmpt.r_Sp_Llm REAL -3.402822e +38 Low limit of the setpoint If you set sPid_Cmpt.r_Sp_Llm outside the process value limits, the configured process value absolute low limit is used as the setpoint low limit. If you set sPid_Cmpt.r_Sp_Llm within the process val ue limits, this value is used as the setpoint low limit. sPid_Cmpt.r_Pv_Norm_IN_1 REAL 0.0 Scaling Input_PER low Input_PER is converted to percent based on the two value pairs r_Pv_Norm_OUT_1, r_Pv_Norm_IN_1 and r_Pv_Norm_OUT_2, r_Pv_Norm_IN_2 from the sPid_Cmpt structure. sPid_Cmpt.r_Pv_Norm_IN_2 REAL 27648.0 Scaling Input_PER high Input_PER is converted to percent based on the two value pairs r_Pv_Norm_OUT_1, r_Pv_Norm_IN_1 and r_Pv_Norm_OUT_2, r_Pv_Norm_IN_2 from the sPid_Cmpt structure. sPid_Cmpt.r_Pv_Norm_OUT_1 REAL 0.0 Scaled low process value Input_PER is converted to percent based on the two value pairs r_Pv_Norm_OUT_1, r_Pv_Norm_IN_1 and r_Pv_Norm_OUT_2, r_Pv_Norm_IN_2 from the sPid_Cmpt structure. sPid_Cmpt.r_Pv_Norm_OUT_2 REAL 100.0 Scaled high process value Input_PER is converted to percent based on the two value pairs r_Pv_Norm_OUT_1, r_Pv_Norm_IN_1 and r_Pv_Norm_OUT_2, r_Pv_Norm_IN_2 from the sPid_Cmpt structure. sPid_Cmpt.r_Lmn_Hlm REAL 100.0 Output value high limit for output parameter "Output" sPid_Cmpt.r_Lmn_Llm REAL 0.0 Low output value limit for output parameter "Output" sPid_Cmpt.b_Input_PER_On BOOL TRUE If b_Input_PER_On = TRUE, then parameter In put_PER is used. If b_Input_PER_On = FALSE, then parameter Input is used. 4036 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description sPid_Cmpt.b_LoadBackUp BOOL FALSE Activate the back-up parameter set. If an optimization has failed, you can reactivate the previous PID param eters by setting this bit. sPid_Cmpt.b_InvCtrl BOOL FALSE Invert control logic With b_InvCtrl = TRUE, an increasing control deviation causes a reduction in the output value. sPid_Cmpt.r_Lmn_Pwm_PPTm REAL 0.0 The minimum ON time of the pulse width modulation in seconds is rounded to r_Lmn_Pwm_PPTm = r_Cycle or r_Lmn_Pwm_PPTm = n*r_Cycle sPid_Cmpt.r_Lmn_Pwm_PBTm REAL 0.0 The minimum OFF time of the pulse width modulation in seconds is rounded to r_Lmn_Pwm_PBTm = r_Cycle or r_Lmn_Pwm_PBTm = n*r_Cycle sPid_Cmpt.r_Pv_Hlm REAL 120.0 High limit of the process value At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). An error is no longer reported for a violation of the "Process value high limit". Only a wire-break and a short-circuit are recognized and the PID_Compact switches to "Inactive" mode. r_Pv_Hlm > r_Pv_Llm sPid_Cmpt.r_Pv_Llm REAL 0.0 Low limit of the process value r_Pv_Llm < r_Pv_Hlm sPid_Cmpt.r_Pv_HWrn REAL +3.402822e +38 Warning high limit of the process value If you set r_Pv_HWrn outside the process value limits, the configured process value absolute high limit is used as the warning high limit. If you configure r_Pv_HWrn within the process value limits, this value is used as the warning high limit. r_Pv_HWrn > r_Pv_LWrn r_Pv_HWrn r_Pv_Hlm sPid_Cmpt.r_Pv_LWrn REAL -3.402822e +38 Warning low limit of the process value If you set r_Pv_LWrn outside the process value limits, the configured process value absolute low limit is used as the warning low limit. If you configure r_Pv_LWrn within the process value limits, this value is used as the warning low limit. r_Pv_LWrn < r_Pv_HWrn r_Pv_LWrn r_Pv_LWrn sPidCalc.i_Ctrl_IOutv REAL 0.0 Current integral action sParamCalc.i_Event_SUT INT 0 Variable i_Event_SUT (Page 4045) indicates the cur rent phase of "pretuning": sParamCalc.i_Event_TIR INT 0 Variable i_Event_TIR (Page 4045) indicates the cur rent phase of "fine tuning": WinCC Advanced V14 System Manual, 10/2016 4037 Programming the PLC 11.4 Instructions Tag Data type Default Description sRet.i_Mode INT 0 The operating mode is changed edge-triggered. The following operating mode is enabled on a change to i_Mode = 0: "Inactive" mode (controller stop) i_Mode = 1: "Pretuning" mode i_Mode = 2: "Fine tuning" mode i_Mode = 3: "Automatic" mode i_Mode = 4: "Manual" mode i_Mode is retentive. sRet.r_Ctrl_Gain REAL 1.0 Active proportional gain Gain is retentive. sRet.r_Ctrl_Ti REAL 20.0 r_Ctrl_Ti > 0.0: Active integral action time r_Ctrl_Ti = 0.0: Integral action is deactivated r_Ctrl_Ti is retentive. sRet.r_Ctrl_Td REAL 0.0 r_Ctrl_Td > 0.0: Active derivative action time r_Ctrl_Td = 0.0: Derivative action is deactivated r_Ctrl_Td is retentive. sRet.r_Ctrl_A REAL 0.0 Active derivative delay coefficient r_Ctrl_A is retentive. sRet.r_Ctrl_B REAL 0.0 Active proportional action weighting r_Ctrl_B is retentive. sRet.r_Ctrl_C REAL 0.0 Active derivative action weighting r_Ctrl_C is retentive. sRet.r_Ctrl_Cycle REAL 1.0 Active sampling time of the PID algorithm r_Ctrl_Cycle is calculated during tuning and rounded to an integer multiple of r_Cycle. r_Ctrl_Cycle is retentive. Note Change the tags listed in this table in "Inactive" mode to prevent malfunction of the PID controller. "Inactive" mode is forced by setting the "sRet.i_Mode" tag to "0". See also Downloading technology objects to device (Page 6468) 4038 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters State and sRet.i_Mode V1 (S7-1200) Correlation of the parameters The State parameter indicates the current operating mode of the PID controller. You cannot modify the State parameter. You need to modify the sRet.i_Mode tag to change the operating mode. This also applies when the value for the new operating mode is already in sRet.i_Mode. First set sRet.i_Mode = 0 and then sRet.i_Mode = 3. Provided the current operating mode of the controller supports this change, State is set to the value of sRet.i_Mode. When PID_Compact automatically switches the operating mode, the following applies: State ! = sRet.i_Mode. Examples: Successful pretuning State = 3 and sRet.i_Mode = 1 Error State = 0 and sRet.i_Mode remains at the same value, e.g sRet.i_Mode = 3 ManualEnalbe = TRUE State = 4 and sRet.i_Mode remain at the previous value, for example, sRet.i_Mode = 3 Note You wish to repeat successful fine tuning without exiting automatic mode with i_Mode = 0. Setting sRet.i_Mode to an invalid value such as 9999 for one cycle has no effect on State. Set Mode = 2 in the next cycle. You can generate a change to sRet.i_Mode without first switching to "inactive" mode. WinCC Advanced V14 System Manual, 10/2016 4039 Programming the PLC 11.4 Instructions Meaning of values State / sRet.i_Mode Description of the operating mode 0 Inactive The controller is switched off. The controller was in "inactive" mode before pretuning was performed. The PID controller will change to "inactive" mode when running if an error occurs or if the "Deactivate con troller" icon is clicked in the commissioning window. 1 Pretuning The pretuning determines the process response to a jump of the output value and searches for the point of inflection. The optimized PID parameters are calculated as a function of the maximum rate of rise and dead time of the controlled system. Pretuning requirements: The controller is in inactive mode or manual mode ManualEnable = FALSE The process value must not be too close to the setpoint. |Setpoint - Input| > 0.3 * |sPid_Cmpt.r_Pv_Hlm - sPid_Cmpt.r_Pv_Llm| and |Setpoint - Input| > 0.5 * |Setpoint| The setpoint may not be changed during pretuning. The higher the stability of the process value, the easier it is to calculate the PID parameters and increase precision of the result. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. PID parameters are backed up before they are recalculated and can be reactivated with sPid_Cmpt.b_Load BackUp. There is a change to automatic mode following successful pretuning and to "inactive" mode following unsuc cessful pretuning. The phase of pretuning is indicated with Tag i_Event_SUT V1 (Page 4045). 4040 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State / sRet.i_Mode Description of the operating mode 2 Fine tuning Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are optimized based on the amplitude and frequency of this oscillation. The differences between the process response during pretuning and fine tuning are analyzed. All PID parameters are recalculated on the basis of the findings. PID parameters from fine tuning usually have better master control and disturbance behavior than PID pa rameters from pretuning. PID_Compact automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. PID parameters are backed up before they are recalculated and can be reactivated with sPid_Cmpt.b_Load BackUp. Requirements for fine tuning: No disturbances are expected. The setpoint and the process value lie within the configured limits. The setpoint may not be changed during fine tuning. ManualEnable = FALSE Automatic (State = 3), inactive (State = 0) or manual (State = 4) mode Fine tuning proceeds as follows when started in: Automatic mode (State = 3) Start fine tuning in automatic mode if you wish to improve the existing PID parameters using controller tuning. PID_Comact will regulate using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive (State = 0) or manual (State = 4) mode If the requirements for pretuning are met, pretuning is started. The PID parameters established will be used for adjustment until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. If pretuning is not possible, PID_Compact will change to "Inactive" mode. An attempt is made to reach the setpoint with a minimum or maximum output value if the process value for pretuning is already too near the setpoint or sPid_Calc.b_RunIn = TRUE. This can produce increased overshoot. The controller will change to "automatic mode" after successfully completed "fine tuning" and to "inactive" mode if "fine tuning" has not been successfully completed. The "Fine tuning" phase is indicated with Tag i_Event_TIR V1 (Page 4045). WinCC Advanced V14 System Manual, 10/2016 4041 Programming the PLC 11.4 Instructions State / sRet.i_Mode Description of the operating mode 3 Automatic mode In automatic mode, PID_Compact corrects the controlled system in accordance with the parameters specified. The controller changes to automatic mode if one the following conditions is fulfilled: Pretuning successfully completed Fine tuning successfully completed Change of variable sRet.i_Mode to the value 3. After CPU startup or change from Stop to RUN mode, PID_Compact will start in the most recently active operating mode. To retain PID_Compact in "Inactive" mode, set sb_RunModeByStartup = FALSE. 4 Manual mode In manual mode, you specify a manual output value in the ManualValue parameter. This operating mode is enabled if sRet.i_Mode = 4, or at the rising edge on ManualEnable. If ManualEnable changes to TRUE, only State will change. sRet.i_Mode will retain its current value. PID_Compact will return to the previous operating mode upon a falling edge at ManualEnable. The change to automatic mode is bumpless. See also Output parameters of PID_Compact V1 (Page 4033) Pretuning (Page 6518) Fine tuning (Page 6520) "Manual" mode (Page 6521) Tag i_Event_SUT V1 (Page 4045) Tag i_Event_TIR V1 (Page 4045) Parameter Error V1 (S7-1200) If several errors are pending simultaneously, the values of the error codes are displayed with binary addition. The display of error code 0003, for example, indicates that the errors 0001 and 0002 are pending simultaneously. Error Description (DW#16#...) 0000 There is no error. 0001 The "Input" parameter is outside the process value limits. Input > sPid_Cmpt.r_Pv_Hlm or Input < sPid_Cmpt.r_Pv_Llm You cannot move the actuator again until you eliminate the error. 0002 Invalid value at "Input_PER" parameter. Check whether an error is pending at the analog input. 0004 Error during fine tuning. Oscillation of the process value could not be maintained. 0008 Error at start of pretuning. The process value is too close to the setpoint. Start fine tuning. 0010 The setpoint was changed during tuning. 0020 Pretuning is not permitted in automatic mode or during fine tuning. 4042 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Error Description (DW#16#...) 0080 Incorrect configuration of output value limits. Check whether the limits of the output value are configured correctly and match the control logic. 0100 Error during tuning resulted in invalid parameters. 0200 Invalid value at "Input" parameter: Value has an invalid number format. 0400 Calculation of output value failed. Check the PID parameters. 0800 Sampling time error: PID_Compact is not called within the sampling time of the cyclic interrupt OB. If this error occurred during simulation with PLCSIM, see the notes under AUTOHOTSPOT. 1000 Invalid value at "Setpoint" parameter: Value has an invalid number format. See also Output parameters of PID_Compact V1 (Page 4033) Parameter Reset V1 (S7-1200) The response to Reset = TRUE depends on the version of the PID_Compact instruction. Reset response PID_Compact V.1.1 or higher A rising edge at Reset triggers a change to "Inactive" mode; errors and warnings are reset and the integral action is deleted. A falling edge at Reset triggers a change to the most recently active operating mode. If automatic mode was active before, the integral action is pre-assigned in such a way that the switchover is bumpless. 5HVHW W PV LB0RGH W PV 6WDWH WinCC Advanced V14 System Manual, 10/2016 W PV Activation Error Reset 4043 Programming the PLC 11.4 Instructions Reset response PID_Compact V.1.0 A rising edge at Reset triggers a change to "Inactive" mode; errors and warnings are reset and the integral action is deleted. The controller is not reactivated until the next edge at i_Mode. 5HVHW W PV LB0RGH W PV 6WDWH W PV Activation Error Reset Tag sd_warning V1 (S7-1200) If several warnings are pending, the values of variable sd_warning are displayed by means of binary addition. The display of warning 0003, for example, indicates that the warnings 0001 and 0002 are also pending. sd_warning Description (DW#16#....) 0000 No warning pending. 0001 The point of inflection was not found during pretuning. 0002 Oscillation increased during fine tuning. 0004 The setpoint was outside the set limits. 0008 Not all the necessary controlled system properties were defined for the selected method of calculation. The PID parameters were instead calculated using the "i_CtrlTypeTIR = 3" method. 0010 The operating mode could not be changed because ManualEnable = TRUE. 0020 The cycle time of the calling OB limits the sampling time of the PID algorithm. Improve results by using shorter OB cycle times. 0040 4044 The process value exceeded one of its warning limits. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following warnings are deleted as soon as the cause is dealt with: 0004 0020 0040 All other warnings are cleared with a rising edge at Reset. Tag i_Event_SUT V1 (S7-1200) i_Event_SUT Name 0 SUT_INIT Description Initialize pretuning 100 SUT_STDABW Calculate the standard deviation 200 SUT_GET_POI Find the point of inflection 9900 SUT_IO 1 SUT_NIO Pretuning successful Pretuning not successful See also Static tags of PID_Compact V1 (Page 4034) Parameters State and sRet.i_Mode V1 (Page 4039) Tag i_Event_TIR V1 (S7-1200) i_Event_TIR Name -100 TIR_FIRST_SUT 0 TIR_INIT Description Fine tuning is not possible. Pretuning will be executed first. Initialize fine tuning 200 TIR_STDABW Calculate the standard deviation 300 TIR_RUN_IN Attempt to reach the setpoint 400 TIR_CTRLN Attempt to reach the setpoint with the existing PID parameters (if pretuning has been successful) 500 TIR_OSZIL 9900 TIR_IO 1 TIR_NIO Determine oscillation and calculate parameters Fine tuning successful Fine tuning not successful See also Static tags of PID_Compact V1 (Page 4034) Parameters State and sRet.i_Mode V1 (Page 4039) WinCC Advanced V14 System Manual, 10/2016 4045 Programming the PLC 11.4 Instructions PID_3Step (S7-1200, S7-1500) New features of PID_3Step (S7-1200, S7-1500) PID_3Step V2.3 As of PID_3Step Version 2.3 the monitoring and limiting of the travel time can be deactivated with Config.VirtualActuatorLimit = 0.0. PID_3Step V2.2 Use with S7-1200 As of PID_3Step V2.2, the instruction with V2 functionality can also be used on S7-1200 with firmware version 4.0 or higher. PID_3Step V2.0 Reaction to error The reaction to ActivateRecoverMode = TRUE has been completely overhauled. PID_3Step reacts in a more fault tolerant manner in the default setting. NOTICE Your system may be damaged. If you use the default setting, PID_3Step remains in automatic mode even if the process value limits are exceeded. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. You use the ErrorAck input parameter to acknowledge the errors and warnings without restarting the controller or clearing the integral action. Switching operating modes does not acknowledge errors that are no longer pending. Switching the operating mode You specify the operating mode at the Mode in/out parameter and use a positive edge at ModeActivate to start the operating mode. The Retain.Mode tag has been omitted. The transition time measurement can no longer be started with GetTransitTime.Start, but only with Mode = 6 and a positive edge at ModeActivate. Multi-instance capability You can call up PID_3Step as multi-instance DB. No technology object is created in this case and no parameter assignment interface or commissioning interface is available. You must assign parameters for PID_3Step directly in the multi-instance DB and commission it via a watch table. Startup characteristics The operating mode specified at the Mode parameter is also started on a negative edge at Reset and during a CPU cold restart, if RunModeByStartup = TRUE. 4046 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ENO characteristics ENO is set depending on the operating mode. If State = 0, then ENO = FALSE. If State 0, then ENO = TRUE. Manual mode The Manual_UP and Manual_DN input parameters no longer function as edge-triggered parameters. Edge-triggered manual mode continues to be possible using the ManualUpInternal and ManualDnInternal tags. In "Manual mode without endstop signals" (Mode = 10), the endstop signals Actuator_H and Actuator_L are ignored even though they are activated. Default value of PID parameters The following default settings have been changed: - Proportional action weighting (PWeighting) from 0.0 to 1.0 - Derivative action weighting (DWeighting) from 0.0 to 1.0 - Coefficient for derivative delay (TdFiltRatio) from 0.0 to 0.2 Limiting of motor transition time You configure the maximum percentage of the motor transition time that the actuator will travel in one direction in the Config.VirtualActuatorLimit tag. Setpoint value specification during tuning You configure the permitted fluctuation of the setpoint during tuning at the CancelTuningLevel tag. Switching a disturbance variable on You can switch a disturbance variable on at the Disturbance parameter. Troubleshooting If the endstop signals are not activated (ActuatorEndStopOn = FALSE), ScaledFeedback is determined without Actuator_H or Actuator_L. PID_3Step V1.1 Manual mode on CPU startup If ManualEnable = TRUE when the CPU starts, PID_3Step starts in manual mode. A positive edge at ManualEnable is not necessary. Reaction to error The ActivateRecoverMode tag is no longer effective in manual mode. Troubleshooting The Progress tag is reset following successful tuning or transition time measurement. WinCC Advanced V14 System Manual, 10/2016 4047 Programming the PLC 11.4 Instructions Compatibility with CPU and FW (S7-1200, S7-1500) The following table shows which version of PID_3Step can be used on which CPU. CPU FW PID_3Step S7-1200 V4.2 or higher V2.3 V2.2 V1.1 V4.0 to V4.1 V2.2 V1.1 V3.x V1.1 V1.0 V2.x V1.1 V1.0 S7-1500 V1.x - V2.0 or higher V2.3 V2.2 V2.1 V2.0 V1.5 to V1.8 V2.2 V2.1 V2.0 V1.1 V2.1 V2.0 V1.0 V2.0 CPU processing time and memory requirement PID_3Step V2.x (S7-1200, S7-1500) CPU processing time Typical CPU processing times of the PID_3Step technology object as of Version V2.0, depending on CPU type. 4048 CPU Typ. CPU processing time PID_3Step V2.x CPU 1211C V4.0 410 s CPU 1215C V4.0 410 s CPU 1217C V4.0 410 s CPU 1505S V1.0 50 s CPU 1510SP-1 PN V1.6 120 s CPU 1511-1 PN V1.5 120 s CPU 1512SP-1 PN V1.6 120 s CPU 1516-3 PN/DP V1.5 65 s CPU 1518-4 PN/DP V1.5 5 s WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Memory requirement Memory requirement of an instance DB of the PID_3Step technology object as of Version V2.0. Memory requirement of the instance DB of PID_3Step V2.x Load memory requirement Approx. 15000 bytes Total work memory requirement 1040 bytes Retentive work memory requirement 60 bytes PID_3Step V2 (S7-1200, S7-1500) Description of PID_3Step V2 (S7-1200, S7-1500) Description You use the PID_3Step instruction to configure a PID controller with self tuning for valves or actuators with integrating behavior. The following operating modes are possible: Inactive Pretuning Fine tuning Automatic mode Manual mode Approach substitute output value Transition time measurement Error monitoring Approach substitute output value with error monitoring Manual mode without endstop signals For a more detailed description of the operating modes, see the State parameter. WinCC Advanced V14 System Manual, 10/2016 4049 Programming the PLC 11.4 Instructions PID algorithm PID_3Step is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The PID algorithm operates according to the following equation: 1 [ y = K p * s * (b * w - x) + Symbol 4050 TI * s (w - x) + TD * s a * TD * s + 1 (c * w - x) ] Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time TD Derivative action time a Derivative delay coefficient (derivative delay T1 = a x TD) c Derivative action weighting WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Block diagram without position feedback ,QSXW:DUQLQJB+ 39B$/50 ,QSXW:DUQLQJB/ ,QSXW3HU2Q &53B,1 ,QSXWB3(5 $QWL:LQGXS 6FDOH ,QSXW )DF 3,'7 $QWL:LQGXS ,QW Y /LPLW 6HWSRLQW ' 'LVWXUEDQFH 2XWSXW3HU2Q 2XWSXW3HU2Q /LPLW 0DQXDO(QDEOH 0DQXDO9DOXH )$& 5RFB/LP 2XWSXW8SSHU/LPLW 2XWSXW/RZHU/LPLW 6WDWH 0DQXDOB'1 &53B287 0DQXDOB83 2XWSXWB3(5 $GHDGB% 6WDWH 0DQXDO83,QWHUQDO 7KU6WS 0DQXDO'1,QWHUQDO 0DQXDOB83 3XOVH2XW 6WDWH 2XWSXWB83 2XWSXWB'1 0DQXDOB'1 6WDWH WinCC Advanced V14 System Manual, 10/2016 4051 Programming the PLC 11.4 Instructions Block diagram with position feedback ,QSXW:DUQLQJB+ 39B$/50 ,QSXW3HU2Q ,QSXWB3(5 &53B,1 ,QSXW:DUQLQJB/ 6FDOH $QWL:LQGXS ,QSXW ,QW 3,'7 $QWL:LQGXS 6HWSRLQW )DF /LPLW /LPLW 6WDWH 9 ' 'LVWXUEDQFH 0DQXDO9DOXH )HHGEDFN3HU2Q )HHGEDFNB3(5 &53B,1 6FDOH )HHGEDFN 0DQXDOB83 2XWSXW8SSHU/LPLW 2XWSXW/RZHU/LPLW $GHDGB% &53B287 2XWSXWB3(5 0DQXDOB83 6WDWH 0DQXDO83,QWHUQDO 7KU6WS 6WDWH 0DQXDOB'1 2XWSXW3HU2Q 0DQXDO'1,QWHUQDO 6WDWH 3XOVH2XW 2XWSXWB83 2XWSXWB'1 0DQXDOB'1 6WDWH 4052 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Block diagram of PIDT1 with anti-windup E 6HWSRLQW Z '7 F ' . 3 \ 'HDGB% 7L , 6FDOHG,QSXW [ )DF7W $QWL:LQGXS Call PID_3Step is called in the constant time scale of a cycle interrupt OB. If you call PID_3Step as a multi-instance DB, no technology object is created. No parameter assignment interface or commissioning interface is available. You must assign parameters for PID_3Step directly in the multi-instance DB and commission it via a watch table. Download to device The actual values of retentive tags are only updated when you download PID_3Step completely. Downloading technology objects to device (Page 6468) Startup When the CPU starts up, PID_3Step starts in the operating mode that is saved in the Mode in/ out parameter. To leave PID_3Step in "Inactive" mode, set RunModeByStartup = FALSE. WinCC Advanced V14 System Manual, 10/2016 4053 Programming the PLC 11.4 Instructions Reaction to error In automatic mode and during commissioning, the reaction to error depends on the ErrorBehaviour and ActivateRecoverMode tags. In manual mode, the reaction is independent of ErrorBehaviour and ActivateRecoverMode. If ActivateRecoverMode = TRUE, the reaction additionally depends on the error that occurred. ErrorBe haviour ActivateReco verMode Configuration editor > actuator setting > Set Output to Reaction FALSE FALSE Current output value Switch to "Inactive" mode (State = 0) The actuator remains in the current posi tion. FALSE TRUE Current output value while er Switch to "Error monitoring" mode ror is pending (State = 7) The actuator remains in the current posi tion while the error is pending. TRUE FALSE Substitute output value Switch to "Approach substitute output val ue" mode (State = 5) The actuator moves to the configured substitute output value. Switch to "Inactive" mode (State = 0) The actuator remains in the current posi tion. TRUE TRUE Substitute output value while error is pending Switch to "Approach substitute output val ue with error monitoring" mode (State = 8) The actuator moves to the configured substitute output value. Switch to "Error monitoring" mode (State = 7) In manual mode, PID_3Step uses ManualValue as output value, unless the following errors occur: 2000h: Invalid value at Feedback_PER parameter. 4000h: Invalid value at Feedback parameter. 8000h: Error during digital position feedback. You can only change the position of the actuator with Manual_UP and Manual_DN, not with ManualValue. The Error parameter indicates whether an error has occurred in this cycle. The ErrorBits parameter shows which errors have occurred. ErrorBits is reset by a rising edge at Reset or ErrorAck. See also Parameters State and Mode V2 (Page 4070) Parameter ErrorBits V2 (Page 4075) Configuring PID_3Step V2 (Page 6523) 4054 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Mode of operation of PID_3Step V2 (S7-1200, S7-1500) Monitoring process value limits You specify the high limit and low limit of the process value in the Config.InputUpperLimit and Config.InputLowerLimit tags. If the process value is outside these limits, an error occurs (ErrorBits = 0001h). You specify a high and low warning limit of the process value in the Config.InputUpperWarning and Config.InputLowerWarning tags. If the process value is outside these warning limits, a warning occurs (Warning = 0040h), and the InputWarning_H or InputWarning_L output parameter changes to TRUE. Limiting the setpoint You specify a high limit and low limit of the setpoint in the Config.SetpointUpperLimit and Config.SetpointLowerLimit tags. PID_3Step automatically limits the setpoint to the process value limits. You can limit the setpoint to a smaller range. PID_3Step checks whether this range falls within the process value limits. If the setpoint is outside these limits, the high or low limit is used as the setpoint, and output parameter SetpointLimit_H or SetpointLimit_L is set to TRUE. The setpoint is limited in all operating modes. Limiting the output value You specify a high limit and low limit of the output value in the Config.OutputUpperLimit and Config.OutputLowerLimit tags. The output value limits must be within "Low endstop" and "High endstop". High endstop: Config.FeedbackScaling.UpperPointOut Low endstop: Config.FeedbackScaling.LowerPointOut Rule: UpperPointOut OutputUpperLimit > OutputLowerLimit LowerPointOut The valid values for "High endstop" and "Low endstop" depend upon: FeedbackOn FeedbackPerOn OutputPerOn WinCC Advanced V14 System Manual, 10/2016 OutputPerOn FeedbackOn FeedbackPerOn LowerPointOut UpperPointOut FALSE FALSE FALSE Cannot be set (0.0%) Cannot be set (100.0%) FALSE TRUE FALSE -100.0% or 0.0% 0.0% or +100.0% FALSE TRUE TRUE -100.0% or 0.0% 0.0% or +100.0% TRUE FALSE FALSE Cannot be set (0.0%) Cannot be set (100.0%) TRUE TRUE FALSE -100.0% or 0.0% 0.0% or +100.0% TRUE TRUE TRUE -100.0% or 0.0% 0.0% or +100.0% 4055 Programming the PLC 11.4 Instructions If OutputPerOn = FALSE and FeedbackOn = FALSE, you cannot limit the output value. Output_UP and Output_DN are then reset upon Actuator_H = TRUE or Actuator_L = TRUE. If endstop signals are also not present, Output_UP and Output_DN are reset after a travel time of Config.VirtualActuatorLimit x Retain.TransitTime/100. As of PID_3Step Version 2.3 the monitoring and limiting of the travel time can be deactivated with Config.VirtualActuatorLimit = 0.0. The output value is 27648 at 100% and -27648 at -100%. PID_3Step must be able to completely close the valve. Note Use with two or more actuators PID_3 Step is not suitable for use with two or more actuators (for example, in heating/cooling applications), because different actuators need different PID parameters to achieve a good control response. Substitute output value If an error has occurred, PID_3Step can output a substitute output value and move the actuator to a safe position that is specified in the SavePosition tag. The substitute output value must be within the output value limits. Monitoring signal validity The values of the following parameters are monitored for validity when used: Setpoint Input Input_PER Input_PER Feedback Feedback_PER Disturbance ManualValue SavePosition Output_PER Monitoring the PID_3Step sampling time Ideally, the sampling time is equivalent to the cycle time of the calling OB. The PID_3Step instruction measures the time interval between two calls. This is the current sampling time. On every switchover of operating mode and during the initial startup, the mean value is formed from the first 10 sampling times. Too great a difference between the current sampling time and this mean value triggers an error (ErrorBits = 0800h). 4056 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The error occurs during tuning if: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value The error occurs in automatic mode if: New mean value >= 1.5 x old mean value New mean value <= 0.5 x old mean value If you deactivate the sampling time monitoring (CycleTime.EnMonitoring = FALSE), you can also call PID_3Step in OB1. You must then accept a lower control quality due to the deviating sampling time. Sampling time of the PID algorithm The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_3Step are executed at every call. Measuring the motor transition time The motor transition time is the time in seconds the motor requires to move the actuator from the closed to the opened state. The actuator is moved in one direction for a maximum time of Config.VirtualActuatorLimit x Retain.TransitTime/100. PID_3Step requires the motor transition time to be as accurate as possible for good controller results. The data in the actuator documentation contains average values for this type of actuator. The value for the specific actuator used may differ. You can measure the motor transition time during commissioning. The output value limits are not taken into consideration during the motor transition time measurement. The actuator can travel to the high or the low endstop. The motor transition time is taken into consideration in the calculation of the analog output value as well as in the calculation of the digital output values. It is mainly required for correct operation during auto-tuning and the anti-windup behavior. You should therefore configure the motor transition time with the value that the motor requires to move the actuator from the closed to the opened state. If no relevant motor transition time is in effect in your process (e.g. with solenoid valves), so that the output value has a direct and full effect on the process, use PID_Compact instead. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. For cooling and discharge control systems, it may be necessary to invert the control logic. PID_3Step does not work with negative proportional gain. If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. The control logic is also taken into account during pretuning and fine tuning. WinCC Advanced V14 System Manual, 10/2016 4057 Programming the PLC 11.4 Instructions See also Configuring PID_3Step V1 (Page 6540) Changing the PID_3Step V2 interface (S7-1200, S7-1500) The following table shows what has changed in the PID_3Step instruction interface. PID_3Step V1 PID_3Step V2 Change Input_PER Input_PER Data type from Word to Int Feedback_PER Feedback_PER Data type from Word to Int Disturbance New Manual_UP Manual_UP Function Manual_DN Manual_DN Function ErrorAck New ModeActivate New Output_PER Data type from Word to Int ManualUPInternal New ManualDNInternal New CancelTuningLevel New VirtualActuatorLImit New Output_PER Config.Loadbackup Loadbackup Renamed Config.TransitTime Retain.TransitTime Renamed and retentivity added GetTransitTime.Start Replaced by Mode and ModeActivate SUT.CalculateSUTPar ams SUT.CalculateParams Renamed SUT.TuneRuleSUT SUT.TuneRule Renamed TIR.CalculateTIRParams TIR.CalculateParams Renamed TIR.TuneRuleTIR TIR.TuneRule Renamed Retain.Mode Mode Function Declaration of static for in-out parameters Input parameters of PID_3Step V2 (S7-1200, S7-1500) Table 11-73 Parameter Data type Default Description Setpoint REAL 0.0 Setpoint of the PID controller in automatic mode Input REAL 0.0 A tag of the user program is used as source for the process value. If you are using parameter Input, then Config.InputPer On = FALSE must be set. Input_PER INT 0 An analog input is used as the source of the process value. If you are using parameter Input_PER, then Config.InputPer On = TRUE must be set. 4058 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Actuator_H BOOL FALSE Digital position feedback of the valve for the high endstop If Actuator_H = TRUE, the valve is at the high endstop and is no longer moved towards this direction. Actuator_L BOOL FALSE Digital position feedback of the valve for the low endstop If Actuator_L = TRUE, the valve is at the low endstop and is no longer moved towards this direction. Feedback REAL 0.0 Position feedback of the valve If you are using parameter Feedback, then Config.Feedback PerOn = FALSE must be set. Feedback_PER INT 0 Analog position feedback of a valve If you are using parameter Feedback_PER, then Config.Feed backPerOn = TRUE must be set. Feedback_PER is scaled based on the tags: Config.FeedbackScaling.LowerPointIn Config.FeedbackScaling.UpperPointIn Config.FeedbackScaling.LowerPointOut Config.FeedbackScaling.UpperPointOut Disturbance REAL 0.0 Disturbance variable or precontrol value ManualEnable BOOL FALSE A FALSE -> TRUE edge activates "manual mode", while State = 4, Mode remains unchanged. As long as ManualEnable = TRUE, you cannot change the operating mode via a rising edge at ModeActivate or use the commissioning dialog. A TRUE -> FALSE edge activates the operating mode that is specified by Mode. We recommend that you change the operating mode using ModeActivate only. ManualValue REAL 0.0 In manual mode, the absolute position of the valve is specified. ManualValue is only evaluated if you are using Output_PER, or if position feedback is available. Manual_UP BOOL FALSE Manual_UP = TRUE The valve is opened even if you are using Output_PER or a position feedback. The valve is no longer moved if the high endstop has been reached. See also Config.VirtualActuatorLimit Manual_UP = FALSE If you are using Output_PER or a position feedback, the valve is moved to ManualValue. Otherwise, the valve is no longer moved. If Manual_UP and Manual_DN are set to TRUE simultaneously, the valve is not moved. WinCC Advanced V14 System Manual, 10/2016 4059 Programming the PLC 11.4 Instructions Parameter Data type Default Description Manual_DN BOOL FALSE Manual_DN = TRUE The valve is closed even if you are using Output_PER or a position feedback. The valve is no longer moved if the low endstop has been reached. See also Config.VirtualActuatorLimit Manual_DN = FALSE If you are using Output_PER or a position feedback, the valve is moved to ManualValue. Otherwise, the valve is no longer moved. ErrorAck BOOL FALSE FALSE -> TRUE edge ErrorBits and Warning are reset. Reset BOOL FALSE Restarts the controller. FALSE -> TRUE edge - Switch to "Inactive" mode - ErrorBits and Warnings are reset. As long as Reset = TRUE, - PID_3Step remains in "Inactive" mode (State = 0). - You cannot change the operating mode with Mode and ModeActivate or ManualEnable. - You cannot use the commissioning dialog. TRUE -> FALSE edge ModeActivate BOOL FALSE - If ManualEnable = FALSE, PID_3Step switches to the operating mode that is saved in Mode. - If Mode = 3, the integral action is treated as configured with the tag IntegralResetMode. FALSE -> TRUE edge PID_3Step switches to the operating mode that is saved in the Mode parameter. Output parameters of PID_3Step V2 (S7-1200, S7-1500) Table 11-74 Parameter Data type Default Description ScaledInput REAL 0.0 Scaled process value ScaledFeedback REAL 0.0 Scaled position feedback For an actuator without position feedback, the position of the actuator indicated by ScaledFeedback is very imprecise. Sca ledFeedback may only be used for rough estimation of the current position in this case. Output_UP BOOL FALSE Digital output value for opening the valve If Config.OutputPerOn = FALSE, the Output_UP parameter is used. 4060 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Output_DN BOOL FALSE Digital output value for closing the valve If Config.OutputPerOn = FALSE, the Output_DN parameter is used. Output_PER INT 0 Analog output value If Config.OutputPerOn = TRUE, Output_PER is used. Use Output_PER if you are using a valve as actuator which is triggered via an analog output and controlled with a continuous signal, e.g. 0...10 V or 4...20 mA. The value at Output_PER corresponds to the target position of the valve, e.g. Output_PER = 13824, when the valve is to be opened by 50%. SetpointLimit_H BOOL FALSE If SetpointLimit_H = TRUE, the absolute setpoint high limit is reached (Setpoint Config.SetpointUpperLimit). SetpointLimit_L BOOL FALSE If SetpointLimit_L = TRUE, the absolute setpoint low limit has been reached (Setpoint Config.SetpointLowerLimit). InputWarning_H BOOL FALSE If InputWarning_H = TRUE, the process value has reached or exceeded the warning high limit. InputWarning_L BOOL FALSE If InputWarning_L = TRUE, the process value has reached or fallen below the warning low limit. State INT 0 The State parameter (Page 4070) shows the current operating mode of the PID controller. You can change the operating mode using the input parameter Mode and a rising edge at ModeActivate. The setpoint is limited to Config.SetpointUpperLimit . The setpoint is limited to Config.SetpointLowerLimit . State = 0: Inactive State = 1: Pretuning State = 2: Fine tuning State = 3: Automatic mode State = 4: Manual mode State = 5: Approach substitute output value State = 6: Transition time measurement State = 7: Error monitoring State = 8: Approach substitute output value with error monitoring State = 10: Manual mode without endstop signals Error BOOL FALSE If Error = TRUE, at least one error message is pending in this cycle. ErrorBits DWORD DW#16#0 The ErrorBits parameter (Page 4075) shows which error mes sages are pending. ErrorBits is retentive and is reset upon a rising edge at Reset or ErrorAck. See also Parameters State and Mode V2 (Page 4070) Parameter ErrorBits V2 (Page 4075) WinCC Advanced V14 System Manual, 10/2016 4061 Programming the PLC 11.4 Instructions In/out parameters of PID-3Step V2 (S7-1200, S7-1500) Table 11-75 Parameter Data type Default Description Mode INT 4 At the Mode parameter, you specify the operating mode to which PID_3Step is to switch. Options are: Mode = 0: Inactive Mode = 1: Pretuning Mode = 2: Fine tuning Mode = 3: Automatic mode Mode = 4: Manual mode Mode = 6: Transition time measurement Mode = 10: Manual mode without endstop signals The operating mode is activated by: Rising edge at ModeActivate Falling edge at Reset Falling edge at ManualEnable Cold restart of CPU if RunModeByStartup = TRUE Mode is retentive. A detailed description of the operating modes can be found in Parameters State and Mode V2 (Page 4070). Static tags of PID_3Step V2 (S7-1200, S7-1500) You must not change tags that are not listed. These are used for internal purposes only. Tag Data type Default Description ManualUpInternal BOOL FALSE In manual mode, each rising edge opens the valve by 5% of the total control range or for the duration of the minimum motor transition time. ManualUpInternal is only evaluated if you are not using Out put_PER or a position feedback. This tag is used in the commis sioning dialog. ManualDnInternal BOOL FALSE In manual mode, every rising edge closes the valve by 5% of the total control range or for the duration of the minimum motor transition time. ManualDnInternal is only evaluated if you are not using Out put_PER or position feedback. This tag is used in the commissioning dialog. ActivateRecoverMode BOOL TRUE The ActivateRecoverMode V2 (Page 4078) tag determines the re action to error. RunModeByStartup BOOL TRUE Activate operating mode at Mode parameter after CPU restart If RunModeByStartup = TRUE, PID_3Step starts in the operating mode saved in the Mode parameter after CPU startup. If RunModeByStartup = FALSE, PID_3Step remains in "Inactive" mode after CPU startup. LoadBackUp 4062 BOOL FALSE If LoadBackUp = TRUE, the last set of PID parameters is reloaded. The set was saved prior to the last tuning. LoadBackUp is automat ically set back to FALSE. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description PhysicalUnit INT 0 Unit of measurement of the process value and setpoint, e.g., C, or F. PhysicalQuantity INT 0 Physical quantity of the process value and setpoint, e.g., tempera ture ErrorBehaviour BOOL FALSE If ErrorBehaviour = FALSE and an error has occurred, the valve stays at its current position and the controller switches directly to "Inactive" or "Error monitoring" mode. If ErrorBehaviour = TRUE and an error occurs, the actuator moves to the substitute output value and only then switches to "Inactive" or "Error monitoring" mode. If the following errors occur, you can no longer move the valve to a configured substitute output value. 2000h: Invalid value at Feedback_PER parameter. 4000h: Invalid value at Feedback parameter. 8000h: Error during digital position feedback. 20000h: Invalid value at SavePosition tag. Warning DWORD DW#16# 0 The Warning tag (Page 4070) shows the warnings since Reset = TRUE or ErrorAck =TRUE. Warning is retentive. Cyclic warnings (for example, process value warning) are shown until the cause of the warning is removed. They are automatically deleted once their cause has gone. Non-cyclic warnings (for exam ple, point of inflection not found) remain and are deleted like errors. SavePosition REAL 0.0 Substitute output value If ErrorBehaviour = TRUE, the actuator is moved to a position that is safe for the plant when an error occurs. As soon as the substitute output value has been reached, PID_3Step switches the operating mode according to ActivateRecoverMode. CurrentSetpoint REAL 0.0 Currently active setpoint. This value is frozen at the start of tuning. CancelTuningLevel REAL 10.0 Permissible fluctuation of setpoint during tuning. Tuning is not can celed until: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel Progress REAL 0.0 Progress of tuning as a percentage (0.0 - 100.0) Config.InputPerOn BOOL TRUE If InputPerOn = TRUE, the Input_PER parameter is used. If Input PerOn = FALSE, the Input parameter is used. Config.OutputPerOn BOOL FALSE If OutputPerOn = TRUE, the Output_PER parameter is used. If Out putPerOn = FALSE, the Ouput_UP and Output_DN parameters are used. Config.InvertControl BOOL FALSE Invert control logic If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. Config.FeedbackOn BOOL FALSE If FeedbackOn = FALSE, a position feedback is simulated. Position feedback is generally activated when Feedback On = TRUE. WinCC Advanced V14 System Manual, 10/2016 4063 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.FeedbackPerOn BOOL FeedbackPerOn is only effective when FeedbackOn = TRUE. FALSE If FeedbackPerOn = TRUE, the analog input is used for the position feedback (Feedback_PER parameter). If FeedbackPerOn = FALSE, the Feedback parameter is used for the position feedback. Config.ActuatorEndStopOn BOOL FALSE If ActuatorEndStopOn = TRUE, the digital position feedback Actua tor_L and Actuator_H are taken into consideration. Config.InputUpperLimit REAL 120.0 High limit of the process value Input and Input_PER are monitored to ensure adherence to this limit. At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). An error is no longer signaled due to a violation of the "Process value high limit". Only a wire-break and a short-circuit are recognized and PID_3Step reacts according to the configured reaction to error. InputUpperLimit > InputLowerLimit Config.InputLowerLimit REAL 0.0 Low limit of the process value InputLowerLimit < InputUpperLimit Config.InputUpperWarning REAL +3.40282 Warning high limit of the process value 2e+38 If you set InputUpperWarning outside the process value limits, the configured absolute process value high limit is used as the warning high limit. If you configure InputUpperWarning within the process value limits, this value is used as the warning high limit. InputUpperWarning > InputLowerWarning InputUpperWarning InputUpperLimit Config.InputLowerWarning REAL -3.40282 2e+38 Warning low limit of the process value If you set InputLowerWarning outside the process value limits, the configured absolute process value low limit is used as the warning low limit. If you configure InputLowerWarning within the process value limits, this value is used as the warning low limit. InputLowerWarning < InputUpperWarning InputLowerWarning InputLowerLimit Config.OutputUpperLimit REAL 100.0 High limit of output value For details, see OutputLowerLimit Config.OutputLowerLimit REAL 0.0 Low limit of output value If OutputPerOn = TRUE or FeedbackOn = TRUE, the range of val ues from -100% to +100%, including zero, is valid. At -100%, Out put = -27648; at +100% Output = 27648 If OutputPerOn = FALSE, the range of values from 0% to 100% is valid. The valve is completely closed at 0% and completely opened at 100%. Config.SetpointUpperLimit REAL +3.40282 High limit of setpoint 2e+38 If you set SetpointUpperLimit outside the process value limits, the configured absolute process value high limit is preassigned as the setpoint high limit. If you configure SetpointUpperLimit within the process value limits, this value is used as the setpoint high limit. 4064 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Config.SetpointLowerLimit REAL Description Low limit of the setpoint 3.402822 If you set SetpointLowerLimit outside the process value limits, the e+38 configured absolute process value low limit is preassigned as the setpoint low limit. If you set SetpointLowerLimit within the process value limits, this value is used as the setpoint low limit. Config.MinimumOnTime REAL 0.0 Minimum ON time Minimum time in seconds for which the servo drive must be switched on. Config.MinimumOnTime is only effective if Output_UP and Out put_DN are used (Config.OutputPerOn = FALSE). Config.MinimumOffTime REAL 0.0 Minimum OFF time Minimum time in seconds for which the servo drive must be switched off. Config.MinimumOffTime is only effective if Output_UP and Out put_DN are used (Config.OutputPerOn = FALSE). Config.VirtualActuatorLimit REAL 150.0 If all the following conditions have been satisfied, the actuator is moved in one direction for the maximum period of VirtualActuator Limit x Retain.TransitTime/100 and the warning 2000h is output: Config.OutputPerOn = FALSE Config.ActuatorEndStopOn = FALSE Config.FeedbackOn = FALSE If Config.OutputPerOn = FALSE and Config.ActuatorEndStopOn = TRUE or Config.FeedbackOn = TRUE, only the warning 2000h is output. If Config.OutputPerOn = TRUE, VirtualActuatorLimit is not taken into consideration. As of PID_3Step Version 2.3 the monitoring and limiting of the travel time can be deactivated with Config.VirtualActuatorLimit = 0.0. Config.InputScaling.Upper PointIn REAL Config.InputScaling.Lower PointIn REAL Config.InputScaling.Upper PointOut REAL Config.InputScaling.Lower PointOut REAL WinCC Advanced V14 System Manual, 10/2016 27648.0 Scaling Input_PER high Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 0.0 Scaling Input_PER low Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 100.0 Scaled high process value Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 0.0 Scaled low process value Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 4065 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.FeedbackScaling.Up perPointIn REAL Scaling Feedback_PER high Config.FeedbackScaling.Low erPointIn REAL Config.FeedbackScaling.Up perPointOut REAL Config.FeedbackScaling.Low erPointOut REAL GetTransitTime.InvertDirec tion BOOL 27648.0 Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 0.0 Scaling Feedback_PER low Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 100.0 High endstop Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 0.0 Low endstop Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. FALSE If InvertDirection = FALSE, the valve is fully opened, closed, and then reopened in order to determine the valve transition time. If InvertDirection = TRUE, the valve is fully closed, opened, and then closed again. GetTransitTime.SelectFeed back BOOL FALSE If SelectFeedback = TRUE, then Feedback_PER, or Feedback is taken into consideration in the transition time measurement. If SelectFeedback = FALSE, then Actuator_H and Actuator_L are taken into consideration in the transition time measurement. GetTransitTime.State INT 0 Current phase of the transition time measurement State = 0: Inactive State = 1: Open valve completely State = 2: Close valve completely State = 3: Move valve to target position (NewOutput) State = 4: Transition time measurement successfully completed State = 5: Transition time measurement canceled GetTransitTime.NewOutput REAL 0.0 Target position for transition time measurement with position feed back The target position must be between "High endstop" and "Low end stop". The difference between NewOutput and ScaledFeedback must be at least 50% of the permissible control range. CycleTime.StartEstimation BOOL TRUE If StartEstimation = TRUE, the measurement of the PID_3Step sam pling time is started. CycleTime.StartEstimation = FALSE once measurement is complete. CycleTime.EnEstimation BOOL TRUE If EnEstimation = TRUE, the PID_3Step sampling time is calculated. If CycleTime.EnEstimation = FALSE, the PID_3Step sampling time is not calculated and you need to correct the configuration of Cycle Time.Value manually. 4066 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description CycleTime.EnMonitoring BOOL If EnMonitoring = TRUE, the PID_3Step sampling time is monitored. If it is not possible to execute PID_3Step within the sampling time, the error 0800h is output and the operating mode is switched. Acti vateRecoverMode and ErrorBehaviour determine which operating mode is switched to. TRUE If EnMonitoring = FALSE, the PID_3Step sampling time is not moni tored, the error 0800h is not output, and the operating mode is not switched. CycleTime.Value REAL 0.1 PID_3Step sampling time in seconds CycleTime.Value is determined automatically and is usually equiv alent to the cycle time of the calling OB. CtrlParamsBackUp.SetByUser BOOL FALSE Saved value of Retain.CtrlParams.SetByUser You can reload values from the CtrlParamsBackUp structure with LoadBackUp = TRUE. CtrlParamsBackUp.Gain REAL 1.0 Saved proportional gain CtrlParamsBackUp.Ti REAL 20.0 Saved integration time in seconds CtrlParamsBackUp.Td REAL 0.0 Saved derivative action time in seconds CtrlParamsBackUp.TdFiltRa tio REAL 0.2 Saved derivative delay coefficient CtrlParamsBackUp.PWeight ing REAL 1.0 Saved proportional action weighting CtrlParamsBackUp.DWeight ing REAL 1.0 Saved derivative action weighting CtrlParamsBackUp.Cycle REAL 1.0 Saved sampling time of PID algorithm in seconds CtrlParamsBackUp.Input DeadBand REAL 0.0 Saved dead band width of the control deviation PIDSelfTune.SUT.Calculate Params BOOL FALSE The properties of the controlled system are saved during tuning. If CalculateParams = TRUE, the PID parameters are recalculated on the basis of these properties. The PID parameters are calculated using the method set in TuneRule. CalculateParams is set to FALSE following calculation. PIDSelfTune.SUT.TuneRule INT 1 Methods used to calculate parameters during pretuning: SUT.TuneRule = 0: PID fast I SUT.TuneRule = 1: PID slow I SUT.TuneRule = 2: Chien, Hrones and Reswick PID SUT.TuneRule = 3: Chien, Hrones, Reswick PI SUT.TuneRule = 4: PID fast II SUT.TuneRule = 5: PID slow II PIDSelfTune.SUT.State INT 0 The SUT.State tag indicates the current phase of pretuning: State = 0: Initialize pretuning State = 50: Determine start position without position feedback State = 100: Calculate the standard deviation State = 200: Find the point of inflection State = 300: Determine the rise time State = 9900: Pretuning successful State = 1: Pretuning not successful WinCC Advanced V14 System Manual, 10/2016 4067 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.RunIn BOOL With the RunIn tag, you can specify that fine tuning can also be performed without pretuning. FALSE RunIn = FALSE Pretuning is started when fine tuning is started from inactive or manual mode. If fine tuning is started from automatic mode, the system uses the existing PID parameters to control to the setpoint. Only then will fine tuning start. If pretuning is not possible, PID_3Step switches to the mode from which tuning was started. RunIn = TRUE The pretuning is skipped. PID_3Step attempts to reach the setpoint with the minimum or maximum output value. This can produce increased overshoot. Only then will fine tuning start. RunIn is set to FALSE after fine tuning. PIDSelfTune.TIR.Calculate Params BOOL FALSE The properties of the controlled system are saved during tuning. If CalculateParams = TRUE, the PID parameters are recalculated on the basis of these properties. The PID parameters are calculated using the method set in TuneRule. CalculateParams is set to FALSE following calculation. PIDSelfTune.TIR.TuneRule INT 0 Methods used to calculate parameters during fine tuning: TIR.TuneRule = 0: PID automatic TIR.TuneRule = 1: PID fast TIR.TuneRule = 2: PID slow TIR.TuneRule = 3: Ziegler-Nichols PID TIR.TuneRule = 4: Ziegler-Nichols PI TIR.TuneRule = 5: Ziegler-Nichols P PIDSelfTune.TIR.State INT 0 The TIR.State tag indicates the current phase of fine tuning: State = -100 Fine tuning is not possible. Pretuning will be performed first. State = 0: Initialize fine tuning State = 200: Calculate the standard deviation State = 300: Attempt to reach the setpoint with the maximum or minimum output value State = 400: Attempt to reach the setpoint with existing PID parameters (if pretuning was successful) State = 500: Determine oscillation and calculate parameters State = 9900: Fine tuning successful State = 1: Fine tuning not successful Retain.TransitTime REAL 30.0 Motor transition time in seconds Time in seconds the actuating drive requires to move the valve from the closed to the opened state. TransitTime is retentive. 4068 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.SetByUser BOOL If SetByUser = FALSE, the PID parameters are determined auto matically and PID_3Step operates with a dead zone at the output value. The dead band width is calculated during tuning on the basis of the standard deviation of the output value and saved in Re tain.CtrlParams.OutputDeadBand. FALSE If SetByUser = TRUE, the PID parameters are entered manually and PID_3 Step operates without a dead zone at the output value. Re tain.CtrlParams.OutputDeadBand = 0.0 SetByUser is retentive. Retain.CtrlParams.Gain REAL 1.0 Active proportional gain To invert the control logic, use the Config.InvertControl tag. Negative values at Gain also invert the control logic. We recommend you use only InvertControl to set the control logic. The control logic is also inverted if InvertControl = TRUE and Gain < 0.0. Gain is retentive. Retain.CtrlParams.Ti REAL 20.0 Ti > 0.0: Active integration time in seconds Ti = 0.0: Integral action is deactivated Ti is retentive. Retain.CtrlParams.Td REAL 0.0 Td > 0.0: Active derivative action time in seconds Td = 0.0: Derivative action is deactivated Td is retentive. Retain.CtrlParams.TdFiltRatio REAL 0.2 Active derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. TdFiltRatio is retentive. Retain.CtrlParams.PWeighting REAL 1.0 Active proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. PWeighting is retentive. WinCC Advanced V14 System Manual, 10/2016 4069 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.DWeight ing REAL Active derivative action weighting 1.0 The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. DWeighting is retentive. Retain.CtrlParams.Cycle REAL 1.0 Retain.CtrlParams.InputDead Band REAL 0.0 Active sampling time of PID algorithm in seconds, rounded to an integer multiple of the cycle time of the calling OB. Cycle is retentive. Dead band width of the control deviation InputDeadBand is retentive. Note Change the tags listed in this table in "Inactive" mode to prevent malfunction of the PID controller. See also Parameters State and Mode V2 (Page 4070) Tag ActivateRecoverMode V2 (Page 4078) Downloading technology objects to device (Page 6468) Parameters State and Mode V2 (S7-1200, S7-1500) Correlation of the parameters The State parameter shows the current operating mode of the PID controller. You cannot change the State parameter. With a rising edge at ModeActivate, PID_3Step switches to the operating mode saved in the Mode in-out parameter. When the CPU is switched on or switches from Stop to RUN mode, PID_3Step starts in the operating mode that is saved in the Mode parameter. To leave PID_3Step in "Inactive" mode, set RunModeByStartup = FALSE. 4070 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Meaning of values State Description of operating mode 0 Inactive The controller is switched off and no longer changes the valve position. 1 Pretuning The pretuning determines the process response to a pulse of the output value and searches for the point of inflection. The PID parameters are calculated from the maximum rate of rise and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. Pretuning requirements: The motor transition time has been configured or measured. Inactive (State = 0), manual mode (State = 4), or automatic mode (State = 3) ManualEnable = FALSE Reset = FALSE The setpoint and the process value lie within the configured limits. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher as compared to the noise. This is most likely the case in operating modes "Inactive" and "manual mode". The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel Before the PID parameters are recalculated, they are backed up and can be reactivated with LoadBackUp. The controller switches to automatic mode following successful pretuning. If pretuning is unsuccessful, the switchover of operating mode is dependent on ActivateRecoverMode and ErrorBehaviour. The pretuning phase is indicated with the SUT.State tag. WinCC Advanced V14 System Manual, 10/2016 4071 Programming the PLC 11.4 Instructions State Description of operating mode 2 Fine tuning Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are recalculated based on the amplitude and frequency of this oscillation. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_3Step automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel The PID parameters are backed up before fine tuning. They can be reactivated with LoadBackUp. Requirements for fine tuning: The motor transition time has been configured or measured. The setpoint and the process value lie within the configured limits. ManualEnable = FALSE Reset = FALSE Automatic (State = 3), inactive (State = 0) or manual (State = 4) mode Fine tuning proceeds as follows when started from: Automatic mode (State = 3) Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_3Step controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive (State = 0) or manual mode (State = 4) If the requirements for pretuning are met, pretuning is started. The determined PID parameters will be used for control until the control loop has stabilized and the requirements for fine tuning have been met. If PIDSelfTune.TIR.RunIn = TRUE, pretuning is skipped and an attempt is made to reach the setpoint with the minimum or maximum output value. This can produce increased overshoot. Fine tuning then starts automatically. The controller switches to automatic mode following successful fine tuning. If fine tuning is unsuccessful, the switchover of operating mode is dependent on ActivateRecoverMode and ErrorBehaviour. The fine tuning phase is indicated with the TIR.State tag. 3 Automatic mode In automatic mode, PID_3Step controls the controlled system in accordance with the parameters specified. The controller switches to automatic mode if one the following requirements is fulfilled: Pretuning successfully completed Fine tuning successfully completed Changing of the Mode in-out parameter to the value 3 and a rising edge at ModeActivate. The switchover from automatic mode to manual mode is only bumpless if carried out in the commissioning editor. The ActivateRecoverMode tag is taken into consideration in automatic mode. 4072 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State Description of operating mode 4 Manual mode In manual mode, you specify manual output values in the Manual_UP and Manual_DN parameters or Man ualValue parameter. Whether or not the actuator can be moved to the output value in the event of an error is described in the ErrorBits parameter. You can also activate this operating mode using ManualEnable = TRUE. We recommend that you change the operating mode using Mode and ModeActivate only. The switchover from manual mode to automatic mode is bumpless. Manual mode is also possible when an error is pending. 5 Approach substitute output value This operating mode is activated in the event of an error, if Errorbehaviour = TRUE and ActivateRecoverMode = FALSE.. PID_3Step moves the actuator to the substitute output value and then switches to "Inactive" mode. 6 Transition time measurement The time that the motor needs to completely open the valve from the closed condition is determined. This operating mode is activated when Mode = 6 and ModeActivate = TRUE is set. If endstop signals are used to measure the transition time, the valve will be opened completely from its current position, closed completely, and opened completely again. If GetTransitTime.InvertDirection = TRUE, this behavior is inverted. If position feedback is used to measure the transition time, the actuator will be moved from its current position to a target position. The output value limits are not taken into consideration during the transition time measurement. The actuator can travel to the high or the low endstop. 7 Error monitoring The control algorithm is switched off and no longer changes the valve position. This operating mode is activated instead of "Inactive" mode in the event of an error. All the following conditions must be met: Automatic mode (Mode = 3) Errorbehaviour = FALSE ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode (Page 4078) is effective. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. 8 Approach substitute output value with error monitoring This operating mode is activated instead of "approach substitute output value" mode when an error occurs. PID_3Step moves the actuator to the substitute output value and then switches to "error monitoring" mode. All the following conditions must be met: Automatic mode (Mode = 3) Errorbehaviour = TRUE ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode (Page 4078) is effective. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. 10 Manual mode without endstop signals The endstop signals are not taken into consideration, even though Config.ActuatorEndStopOn = TRUE. The output value limits are not taken into consideration. Otherwise, PID_3Step behaves the same as in manual mode. WinCC Advanced V14 System Manual, 10/2016 4073 Programming the PLC 11.4 Instructions ENO characteristics If State = 0, then ENO = FALSE. If State 0, then ENO = TRUE. Automatic switchover of operating mode during commissioning Automatic mode is activated following successful pretuning or fine tuning. The following table shows how Mode and State change during successful pretuning. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter Pretuning is started n 4 1 Pretuning successfully completed n 3 3 Automatic mode is started PID_3Step automatically switches the operating mode in the event of an error. The following table shows how Mode and State change during pretuning with errors. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter n 4 1 Pretuning canceled n 4 4 Manual mode is started Pretuning is started If ActivateRecoverMode = TRUE, the operating mode that is saved in the Mode parameter is activated. At the start of transition time measurement, pretuning, or fine tuning, PID_3Step saved the value of State in the Mode in/out parameter. PID_3Step therefore switches to the operating mode from which transition time measurement or tuning was started. If ActivateRecoverMode = FALSE, "Inactive" or "Approach substitute output value" mode is activated. Automatic switchover of operating mode after transition time measurement If ActivateRecoverMode = TRUE, the operating mode that is saved in the Mode parameter is activated after successful transition time measurement. If ActivateRecoverMode = FALSE, the system switches to "Inactive" operating mode after successful transition time measurement. 4074 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Automatic switchover of operating mode in automatic mode PID_3Step automatically switches the operating mode in the event of an error. The following diagram illustrates the influence of ErrorBehaviour and ActivateRecoverMode on this switchover of operating mode. ,QDFWLYH (UURUPRQLWRULQJ (UURU%HKDYLRXU )$/6( $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU )$/6( $FWLYDWH5HFRYHU0RGH 758( $XWRPDWLFPRGH (UURU%HKDYLRXU 758( $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU 758( $FWLYDWH5HFRYHU0RGH 758( $SSURDFKVXEVWLWXWHRXWSXWYDOXH $SSURDFKVXEVWLWXWHRXWSXWYDOXH ZLWKHUURUPRQLWRULQJ Automatic switchover of operating mode in the event of an error Automatic switchover of operating mode once the current operation has been completed. Automatic switchover of operating mode when error is no longer pending. See also Tag ActivateRecoverMode V2 (Page 4078) Parameter ErrorBits V2 (Page 4075) Parameter ErrorBits V2 (S7-1200, S7-1500) If several errors are pending simultaneously, the values of the ErrorBits are displayed with binary addition. The display of ErrorBits = 0003h, for example, indicates that the errors 0001h and 0002h are pending simultaneously. WinCC Advanced V14 System Manual, 10/2016 4075 Programming the PLC 11.4 Instructions If there is a position feedback, PID_3Step uses ManualValue as output value in manual mode. The exception is Errorbits = 10000h. ErrorBits Description (DW#16#...) 0000 There is no error. 0001 The "Input" parameter is outside the process value limits. Input > Config.InputUpperLimit or Input < Config.InputLowerLimit If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step remains in automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 0002 Invalid value at "Input_PER" parameter. Check whether an error is pending at the analog input. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode. As soon as the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 0004 Error during fine tuning. Oscillation of the process value could not be maintained. If ActivateRecoverMode = TRUE before the error occurred, PID_3Step cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0010 The setpoint was changed during tuning. You can set the permitted fluctuation of the setpoint at the CancelTuningLevel tag. If ActivateRecoverMode = TRUE before the error occurred, PID_3Step cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0020 Pretuning is not permitted during fine tuning. If ActivateRecoverMode = TRUE before the error occurred, PID_3Step remains in fine tuning mode. 0080 Error during pretuning. Incorrect configuration of output value limits. Check whether the limits of the output value are configured correctly and match the control logic. If ActivateRecoverMode = TRUE before the error occurred, PID_3Step cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0100 Error during fine tuning resulted in invalid parameters. If ActivateRecoverMode = TRUE before the error occurred, PID_3Step cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0200 Invalid value at "Input" parameter: Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode. As soon as the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 4076 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 0400 Calculation of output value failed. Check the PID parameters. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode. As soon as the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 0800 Sampling time error: PID_3Step is not called within the sampling time of the cyclic interrupt OB. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step remains in automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. If this error occurred during simulation with PLCSIM, see the notes under AUTOHOTSPOT. 1000 Invalid value at "Setpoint" parameter: Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode. As soon as the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 2000 Invalid value at Feedback_PER parameter. Check whether an error is pending at the analog input. The actuator cannot be moved to the substitute output value and remains in its current position. In manual mode, you can change the position of the actuator only with Manual_UP and Manual_DN, and not with ManualValue. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 4000 Invalid value at Feedback parameter. Value has an invalid number format. The actuator cannot be moved to the substitute output value and remains in its current position. In manual mode, you can change the position of the actuator only with Manual_UP and Manual_DN, and not with ManualValue. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. WinCC Advanced V14 System Manual, 10/2016 4077 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 8000 Error during digital position feedback. Actuator_H = TRUE and Actuator_L = TRUE. The actuator cannot be moved to the substitute output value and remains in its current position. Manual mode is not possible in this state. In order to move the actuator from this state, you must deactivate the "Actuator endstop" (Config.Actua torEndStopOn = FALSE) or switch to manual mode without endstop signals (Mode = 10). If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. If pretuning, fine tuning, or transition time measurement mode and ActivateRecoverMode = TRUE were active before the error occurred, PID_3Step switches to the operating mode that is saved in the Mode parameter. 10000 Invalid value at ManualValue parameter. Value has an invalid number format. The actuator cannot be moved to the manual value and remains in its current position. Specify a valid value in ManualValue or move the actuator in manual mode with Manual_UP and Man ual_DN. 20000 Invalid value at SavePosition tag. Value has an invalid number format. The actuator cannot be moved to the substitute output value and remains in its current position. 40000 Invalid value at Disturbance parameter. Value has an invalid number format. If automatic mode was active and ActivateRecoverMode = TRUE before the error occurred, Disturbance is set to zero. PID_3Step remains in automatic mode. If pretuning or fine tuning mode was active and ActivateRecoverMode = TRUE before the error occurred, PID_3Step switches to the operating mode saved in the Mode parameter. If Disturbance in the current phase has no effect on the output value, tuning is not be canceled. The error has no effect during transition time measurement. Tag ActivateRecoverMode V2 (S7-1200, S7-1500) The ActivateRecoverMode tag determines the reaction to error. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. NOTICE Your system may be damaged. If ActivateRecoverMode = TRUE, PID_3Step remains in automatic mode even if the process limit values are exceeded. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. 4078 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Automatic mode ActivateReco verMode Description FALSE In the event of an error, PID_3Step switches to "Inactive" or "Approach substitute output value" mode. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. TRUE If errors occur frequently in automatic mode, this setting has a negative effect on the control response, because PID_3Step switches between the calculated output value and the substitute output value at each error. In this case, check the ErrorBits parameter and eliminate the cause of the error. If one or more of the following errors occur, PID_3Step stays in automatic mode: 0001h: The "Input" parameter is outside the process value limits. 0800h: Sampling time error 40000h: Invalid value at Disturbance parameter. If one or more of the following errors occur, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode: 0002h: Invalid value at Input_PER parameter. 0200h: Invalid value at Input parameter. 0400h: Calculation of output value failed. 1000h: Invalid value at Setpoint parameter. If one or more of the following errors occur, PID_3Step can no longer move the actuator: 2000h: Invalid value at Feedback_PER parameter. 4000h: Invalid value at Feedback parameter. 8000h: Error during digital position feedback. 20000h: Invalid value at SavePosition tag. Value has an invalid number format. The characteristics are independent of ErrorBehaviour. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. Pretuning, fine tuning, and transition time measurement ActivateReco verMode Description FALSE In the event of an error, PID_3Step switches to "Inactive" or "Approach substitute output value" mode. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. The controller changes to "Inactive" mode after successful transition time measurement. TRUE If the following error occurs, PID_3Step remains in the active mode: 0020h: Pretuning is not permitted during fine tuning. The following errors are ignored: 10000h: Invalid value at ManualValue parameter. 20000h: Invalid value at SavePosition tag. When any other error occurs, PID_3Step cancels the tuning and switches to the mode from which tuning was started. Manual mode ActivateRecoverMode is not effective in manual mode. WinCC Advanced V14 System Manual, 10/2016 4079 Programming the PLC 11.4 Instructions See also Static tags of PID_3Step V2 (Page 4062) Parameters State and Mode V2 (Page 4070) Tag Warning V2 (S7-1200, S7-1500) If several warnings are pending simultaneously, their values are displayed with binary addition. The display of warning 0005h, for example, indicates that the warnings 0001h and 0004h are pending simultaneously. Warning Description (DW#16#...) 0000 No warning pending. 0001 The point of inflection was not found during pretuning. 0004 The setpoint was limited to the configured limits. 0008 Not all the necessary controlled system properties were defined for the selected method of calculation. Instead, the PID parameters were calculated using the TIR.TuneRule = 3 method. 0010 The operating mode could not be changed because Reset = TRUE or ManualEnable = TRUE. 0020 The cycle time of the calling OB limits the sampling time of the PID algorithm. Improve results by using shorter OB cycle times. 0040 The process value exceeded one of its warning limits. 0080 Invalid value at Mode. The operating mode is not switched. 0100 The manual value was limited to the limits of the controller output. 0200 The specified rule for tuning is not supported. No PID parameters are calculated. 0400 The transition time cannot be measured because the actuator settings do not match the selected meas uring method. 0800 The difference between the current position and the new output value is too small for transition time measurement. This can produce incorrect results. The difference between the current output value and new output value must be at least 50% of the entire control range. 1000 The substitute output value cannot be reached because it is outside the output value limits. 2000 The actuator was moved in one direction for longer than Config.VirtualActuatorLimit x Retain.TransitTime. Check whether the actuator has reached an endstop signal. The following warnings are deleted as soon as the cause is eliminated: 0001h 0004h 0008h 0040h 0100h 2000h All other warnings are cleared with a rising edge at Reset or ErrorAck. 4080 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID_3Step V1 (S7-1200) Description PID_3Step V1 (S7-1200) Description You use the PID_3Step instruction to configure a PID controller with self tuning for valves or actuators with integrating behavior. The following operating modes are possible: Inactive Pretuning Fine tuning Automatic mode Manual mode Approach substitute output value Transition time measurement Approach substitute output value with error monitoring Error monitoring For a more detailed description of the operating modes, see the State parameter. WinCC Advanced V14 System Manual, 10/2016 4081 Programming the PLC 11.4 Instructions PID algorithm PID_3Step is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The following equation is used to calculate the output value. 1 [ y = K p * s * (b * w - x) + Symbol 4082 TI * s (w - x) + TD * s a * TD * s + 1 (c * w - x) ] Description y Output value Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time a Derivative delay coefficient (T1 = a x TD) TD Derivative action time c Derivative action weighting WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Block diagram without position feedback ,QSXW:DUQLQJB+ 39B$/50 ,QSXW:DUQLQJB/ ,QSXW3HU2Q ,QSXWB3(5 &53B,1 )DF ,QSXW 6HWSRLQW $QWL:LQGXS 6FDOH ,QW 3,'7 $QWL:LQGXS Y /LPLW 2XWSXW3HU2Q 0DQXDO(QDEOH 0DQXDO9DOXH )$& 5RFB/LP 2XWSXW3HU2Q &53B287 /LPLW 2XWSXWB3(5 $GHDGB% 0DQXDO(QDEOH 0DQXDOB83 7KU6WS 0DQXDOB'1 2XWSXWB83 3XOVH2XW 2XWSXWB'1 WinCC Advanced V14 System Manual, 10/2016 4083 Programming the PLC 11.4 Instructions Block diagram with position feedback 39B$/50 ,QSXW:DUQLQJB+ ,QSXW:DUQLQJB/ ,QSXW3HU2Q ,QSXWB3(5 ,QW ,QSXW 6HWSRLQW $QWL:LQGXS 6FDOH &53B,1 /LPLW 3,'7 $QWL:LQGXS )DF /LPLW ; 0DQXDO(QDEOH 9 0DQXDO9DOXH )HHGEDFN3HU2Q )HHGEDFNB3(5 6FDOH &53B,1 )HHGEDFN 2XWSXW3HU2Q &53B287 0DQXDO(QDEOH 0DQXDOB83 $GHDGB% 2XWSXWB3(5 7KU6WS 0DQXDOB'1 3XOVH2XW 2XWSXWB83 2XWSXWB'1 4084 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Block diagram of PIDT1 with anti-windup E 6HWSRLQW Z '7 F ' . 3 \ 'HDGB% , 7L 6FDOHG,QSXW [ )DF7W $QWL:LQGXS Call PID_3Step is called in a constant time interval of the cycle time of the calling OB (preferably in a cyclic interrupt OB). Download to device The actual values of retentive tags are only updated when you download PID_3Step completely. Downloading technology objects to device (Page 6468) Startup At the startup of the CPU, PID_3Step starts in the operating mode that was last active. To leave PID_3Step in "Inactive" mode, set RunModeByStartup = FALSE. Reaction to error If errors occur, these are output in the Error parameter. You configure the reaction of PID_3Step using the ErrorBehaviour and ActivateRecoverMode tags. WinCC Advanced V14 System Manual, 10/2016 ErrorBe haviour ActivateReco verMode Actuator setting configuration Reaction Set Output to 0 FALSE Current output value 0 TRUE Current output value while er Switch to "Error monitoring" mode ror is pending (Mode = 7) Switch to "Inactive" mode (Mode = 0) 4085 Programming the PLC 11.4 Instructions ErrorBe haviour ActivateReco verMode Actuator setting configuration Reaction Set Output to 1 FALSE Substitute output value Switch to "Approach substitute output val ue" mode (Mode = 5) Switch to "Inactive" mode (Mode = 0) 1 TRUE Substitute output value while error is pending Switch to "Approach substitute output val ue with error monitoring" mode (Mode = 8) Switch to "Error monitoring" mode (Mode = 7) The ErrorBits parameter shows which errors have occurred. See also Parameter State and Retain.Mode V1 (Page 4099) Parameter ErrorBits V1 (Page 4106) Configuring PID_3Step V1 (Page 6540) Operating principle PID_3Step V1 (S7-1200) Monitoring process value limits You specify the high limit and low limit of the process value in the Config.InputUpperLimit and Config.InputLowerLimit tags. If the process value is outside these limits, an error occurs (ErrorBits = 0001hex). You specify a high and low warning limit of the process value in the Config.InputUpperWarning and Config.InputLowerWarning tags. If the process value is outside these warning limits, a warning occurs (Warnings = 0040hex), and the InputWarning_H or InputWarning_L output parameter changes to TRUE. Limiting the setpoint You specify a high limit and low limit of the setpoint in the Config.SetpointUpperLimit and Config.SetpointLowerLimit tags. PID_3Step automatically limits the setpoint to the process value limits. You can limit the setpoint to a smaller range. PID_3Step checks whether this range falls within the process value limits. If the setpoint is outside these limits, the high or low limit is used as the setpoint, and output parameter SetpointLimit_H or SetpointLimit_L is set to TRUE. The setpoint is limited in all operating modes. 4086 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Limiting the output value You specify a high limit and low limit of the output value in the Config.OutputUpperLimit and Config.OutputLowerLimit tags. The output value limits must be within "Low endstop" and "High endstop". High endstop: Config.FeedbackScaling.UpperPointOut Low endstop: Config.FeedbackScaling.LowerPointOut Rule: UpperPointOut OutputUpperLimit > OutputLowerLimit LowerPointOut The valid values for "High endstop" and "Low endstop" depend upon: FeedbackOn FeedbackPerOn OutputPerOn OutputPerOn FeedbackOn FeedbackPerOn LowerPointOut UpperPointOut FALSE FALSE FALSE Cannot be set (0.0%) Cannot be set (100.0%) FALSE TRUE FALSE -100.0% or 0.0% 0.0% or +100.0% FALSE TRUE TRUE -100.0% or 0.0% 0.0% or +100.0% TRUE FALSE FALSE Cannot be set (100.0%) Cannot be set (100.0%) TRUE TRUE FALSE -100.0% or 0.0% 0.0% or +100.0% TRUE TRUE TRUE -100.0% or 0.0% 0.0% or +100.0% If OutputPerOn = FALSE and FeedbackOn = FALSE, you cannot limit the output value. The digital outputs are reset with Actuator_H = TRUE or Actuator_L = TRUE, or after a travel time amounting to 110% of the motor transition time. The output value is 27648 at 100% and -27648 at -100%. PID_3Step must be able to completely close the valve. Therefore, zero must be included in the output value limits. Note Use with two or more actuators PID_3 Step is not suitable for use with two or more actuators (for example, in heating/cooling applications), because different actuators need different PID parameters to achieve a good control response. Substitute output value If an error has occurred, PID_3Step can output a substitute output value and move the actuator to a safe position that is specified in the SavePosition tag. The substitute output value must be within the output value limits. WinCC Advanced V14 System Manual, 10/2016 4087 Programming the PLC 11.4 Instructions Monitoring signal validity The values of the following parameters are monitored for validity: Setpoint Input Input_PER Feedback Feedback_PER Output Monitoring the PID_3Step sampling time Ideally, the sampling time is equivalent to the cycle time of the calling OB. The PID_3Step instruction measures the time interval between two calls. This is the current sampling time. On every switchover of operating mode and during the initial startup, the mean value is formed from the first 10 sampling times. Too great a difference between the current sampling time and this mean value triggers an error (ErrorBits = 0800 hex). PID_3Step is set to "Inactive" mode during tuning under the following conditions: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value In automatic mode, PID_3Step is set to "Inactive" mode under the following conditions: New mean value >= 1.5 x old mean value New mean value <= 0.5 x old mean value Sampling time of the PID algorithm The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_3Step are executed at every call. Measuring the motor transition time The motor transition time is the time in seconds the motor requires to move the actuator from the closed to the opened state. The maximum time that the actuator is moved in one direction is 110% of the motor transition time. PID_3Step requires the motor transition time to be as accurate as possible for good controller results. The data in the actuator documentation contains average values for this type of actuator. The value for the specific actuator used may differ. You can measure the motor transition time during commissioning. The output value limits are not taken into consideration during the motor transition time measurement. The actuator can travel to the high or the low endstop. The motor transition time is taken into consideration in the calculation of the analog output value as well as in the calculation of the digital output values. It is mainly required for correct operation during auto-tuning and the anti-windup behavior. You should therefore configure the 4088 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions motor transition time with the value that the motor requires to move the actuator from the closed to the opened state. If no relevant motor transition time is in effect in your process (e.g. with solenoid valves), so that the output value has a direct and full effect on the process, use PID_Compact instead. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. For cooling and discharge control systems, it may be necessary to invert the control logic. PID_3Step does not work with negative proportional gain. If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. The control logic is also taken into account during pretuning and fine tuning. See also Configuring PID_3Step V1 (Page 6540) PID_3Step V1 input parameters (S7-1200) Table 11-76 Parameters Data type Default Description Setpoint REAL 0.0 Setpoint of the PID controller in automatic mode Input REAL 0.0 A tag of the user program is used as source for the process value. If you are using parameter Input, then Config.InputPer On = FALSE must be set. Input_PER WORD W#16#0 An analog input is used as the source of the process value. If you are using parameter Input_PER, then Config.InputPer On = TRUE must be set. Actuator_H BOOL FALSE Digital position feedback of the valve for the high endstop If Actuator_H = TRUE, the valve is at the high endstop and is no longer moved towards this direction. Actuator_L BOOL FALSE Digital position feedback of the valve for the low endstop If Actuator_L = TRUE, the valve is at the low endstop and is no longer moved towards this direction. Feedback REAL 0.0 Position feedback of the valve If you are using parameter Feedback, then Config.Feedback PerOn = FALSE must be set. Feedback_PER WORD W#16#0 Analog position feedback of a valve If you are using parameter Feedback_PER, then Config.Feed backPerOn = TRUE must be set. Feedback_PER is scaled based on the tags: Config.FeedbackScaling.LowerPointIn Config.FeedbackScaling.UpperPointIn Config.FeedbackScaling.LowerPointOut Config.FeedbackScaling.UpperPointOut WinCC Advanced V14 System Manual, 10/2016 4089 Programming the PLC 11.4 Instructions Parameters Data type Default Description ManualEnable BOOL FALSE A FALSE -> TRUE edge selects "Manual mode", while State = 4, Retain.Mode remains unchanged. A TRUE -> FALSE edge selects the most recently active operating mode A change of Retain.Mode will not take effect during ManualEn able = TRUE. The change of Retain.Mode will only be consid ered upon a TRUE -> FALSE edge at ManualEnable . PID_3Step V1.1If ManualEnable = TRUE when the CPU starts, PID_3Step starts in manual mode. A rising edge (FALSE > TRUE) at ManualEnable is not necessary. PID_3Step V1.0 At the start of the CPU, PID_3Step only switches to manual mode with a rising edge (FALSE->TRUE) at ManualEnable . Without rising edge, PID_3Step starts in the last operating mode in which ManualEnable was FALSE. ManualValue REAL 0.0 In manual mode, you specify the absolute position of the valve. ManualValue will only be evaluated if you are using OutputPer, or if position feedback is available. Manual_UP BOOL FALSE In manual mode, every rising edge opens the valve by 5% of the total control range, or for the duration of the minimum motor transition time. Manual_UP is evaluated only if you are not using Output_PER and there is no position feedback available. Manual_DN BOOL FALSE In manual mode, every rising edge closes the valve by 5% of the total control range, or for the duration of the minimum motor transition time. Manual_DN is evaluated only if you are not us ing Output_PER and there is no position feedback available. Reset BOOL FALSE Restarts the controller. FALSE -> TRUE edge - Switch to "Inactive" mode - ErrorBits and Warning are reset - Intermediate controller values are reset (PID parameters are retained) TRUE -> FALSE edge 4090 - Change in most recent active mode - If automatic mode was active before, switchover to automatic mode is bumpless. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions PID_3Step V1 output parameters (S7-1200) Table 11-77 Parameter Data type Default Description ScaledInput REAL 0.0 Scaled process value ScaledFeedback REAL 0.0 Scaled position feedback For an actuator without position feedback, the position of the actuator indicated by ScaledFeedback is very imprecise. Sca ledFeedback may only be used for rough estimation of the cur rent position in this case. Output_UP BOOL FALSE Digital output value for opening the valve If Config.OutputPerOn = FALSE, the Output_UP parameter is used. Output_DN BOOL FALSE Digital output value for closing the valve If Config.OutputPerOn = FALSE, the Output_DN parameter is used. Output_PER WORD W#16#0 Analog output value If Config.OutputPerOn = TRUE, Output_PER is used. Use Output_PER if you are using a valve as actuator which is triggered via an analog output and controlled with a continuous signal, e.g. 0...10 V or 4...20 mA. The value at Output_PER corresponds to the target position of the valve, e.g. Output_PER = 13824, when the valve is to be opened by 50%. SetpointLimit_H BOOL FALSE If SetpointLimit_H = TRUE, the absolute setpoint high limit is reached. In the CPU, the setpoint is limited to the configured absolute setpoint high limit. The configured absolute process value high limit is the default for the setpoint high limit. If you configure Config.SetpointUpperLimit to a value within the process value limits, this value is used as the setpoint high limit. SetpointLimit_L BOOL FALSE If SetpointLimit_L = TRUE, the absolute setpoint low limit has been reached. In the CPU, the setpoint is limited to the config ured absolute setpoint low limit. The configured absolute proc ess value low limit is the default setting for the setpoint low limit. If you configure Config.SetpointLowerLimit to a value within the process value limits, this value is used as the setpoint low limit. InputWarning_H BOOL FALSE If InputWarning_H = TRUE, the process value has reached or exceeded the warning high limit. InputWarning_L BOOL FALSE If InputWarning_L = TRUE, the process value has reached or fallen below the warning low limit. WinCC Advanced V14 System Manual, 10/2016 4091 Programming the PLC 11.4 Instructions Parameter Data type Default Description State INT 0 The State parameter (Page 4099) shows the current operating mode of the PID controller. You change the operating mode with the Retain.Mode tag. State = 0: Inactive State = 1: Pretuning State = 2: Fine tuning State = 3: Automatic mode State = 4: Manual mode State = 5: Approach substitute output value State = 6: Transition time measurement State = 7: Error monitoring State = 8: Approach substitute output value with error monitoring Error BOOL FALSE If Error = TRUE, at least one error message is pending. ErrorBits DWORD DW#16#0 The ErrorBits parameter (Page 4106) indicates the error mes sages. See also Parameter State and Retain.Mode V1 (Page 4099) Parameter ErrorBits V1 (Page 4106) PID_3Step V1 static tags (S7-1200) You must not change tags that are not listed. These are used for internal purposes only. Table 11-78 Tag Data type Default Description ActivateRecoverMode BOOL TRUE The ActivateRecoverMode tag (Page 4107) determines the reaction to error. RunModeByStartup BOOL TRUE Activate Mode after CPU restart If RunModeByStartup = TRUE, the controller returns to the last ac tive operating mode after a CPU restart. If RunModeByStartup = FALSE, the controller remains inactive after a CPU restart. PhysicalUnit INT 0 Unit of measurement of the process value and setpoint, e.g., C, or F. PhysicalQuantity INT 0 Physical quantity of the process value and setpoint, e.g., tempera ture. 4092 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description ErrorBehaviour INT If ErrorBehaviour = 0 and an error has occurred, the valve stays at its current position and the controller switches directly to "Inactive" or "Error monitoring" mode. 0 If ErrorBehaviour = 1 and an error occurs, the actuator moves to the substitute output value and only then switches to "Inactive" or "Error monitoring" mode. If the following errors occur, you can no longer move the valve to a configured substitute output value. 2000h: Invalid value at Feedback_PER parameter. 4000h: Invalid value at Feedback parameter. 8000h: Error during digital position feedback. Warning DWORD DW#16# 0 The Warning tag (Page 4099) displays the warnings generated since a Reset or since the last operating mode switchover. Cyclic warnings (for example, process value warning) are shown until the cause of the warning is removed. They are automatically deleted once their cause has gone. Non-cyclic warnings (for exam ple, point of inflection not found) remain and are deleted like errors. SavePosition REAL 0.0 Substitute output value If ErrorBehaviour = 1 and an error occurs, the actuator moves to a safe position for the plant and only then switches to "Inactive" mode. CurrentSetpoint REAL 0.0 Currently active setpoint. This value is frozen at the start of tuning. Progress REAL 0.0 Progress of tuning as a percentage (0.0 - 100.0) Config.InputPerOn BOOL TRUE If InputPerOn = TRUE, the Input_PER parameter is used. If Input PerOn = FALSE, the Input parameter is used. Config.OutputPerOn BOOL FALSE If OutputPerOn = TRUE, the Output_PER parameter is used. If Out putPerOn = FALSE, the Ouput_UP and Output_DN parameters are used. Config.LoadBackUp BOOL FALSE If LoadBackUp = TRUE, the last set of PID parameters is reloaded. The set was saved prior to the last tuning. LoadBackUp is automat ically set back to FALSE. Config.InvertControl BOOL FALSE Invert control logic If InvertControl = TRUE, an increasing control deviation causes a reduction in the output value. Config.FeedbackOn BOOL FALSE If FeedbackOn = FALSE, a position feedback is simulated. Position feedback is generally activated when Feedback On = TRUE. Config.FeedbackPerOn BOOL FALSE FeedbackPerOn is only effective when FeedbackOn = TRUE. If FeedbackPerOn = TRUE, the analog input is used for the position feedback (Feedback_PER parameter). If FeedbackPerOn = FALSE, the Feedback parameter is used for the position feedback. Config.ActuatorEndStopOn WinCC Advanced V14 System Manual, 10/2016 BOOL FALSE If ActuatorEndStopOn = TRUE, the digital position feedback Actua tor_L and Actuator_H are taken into consideration. 4093 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.InputUpperLimit REAL High limit of the process value 120.0 At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). An error is no longer signaled due to a violation of the "Process value high limit". Only a wire-break and a short-circuit are recognized and PID_3Step reacts according to the configured reaction to error. InputUpperLimit > InputLowerLimit Config.InputLowerLimit REAL 0.0 Low limit of the process value Config.InputUpperWarning REAL +3.40282 Warning high limit of the process value 2e+38 If you set InputUpperWarning outside the process value limits, the configured absolute process value high limit is used as the warning high limit. InputLowerLimit < InputUpperLimit If you configure InputUpperWarning within the process value limits, this value is used as the warning high limit. InputUpperWarning > InputLowerWarning InputUpperWarning InputUpperLimit Config.InputLowerWarning REAL -3.40282 2e+38 Warning low limit of the process value If you set InputLowerWarning outside the process value limits, the configured absolute process value low limit is used as the warning low limit. If you configure InputLowerWarning within the process value limits, this value is used as the warning low limit. InputLowerWarning < InputUpperWarning InputLowerWarning InputLowerLimit Config.OutputUpperLimit REAL 100.0 High limit of output value For details, see OutputLowerLimit Config.OutputLowerLimit REAL 0.0 Low limit of output value If OutputPerOn = TRUE or FeedbackOn = TRUE, the range of val ues from -100% to +100%, including zero, is valid. At -100%, Out put = -27648; at +100%, Output = 27648 If OutputPerOn = FALSE, the range of values from 0% to 100% is valid. The valve is completely closed at 0% and completely opened at 100%. Config.SetpointUpperLimit REAL +3.40282 High limit of setpoint 2e+38 If you set SetpointUpperLimit outside the process value limits, the configured absolute process value high limit is preassigned as the setpoint high limit. If you configure SetpointUpperLimit within the process value limits, this value is used as the setpoint high limit. Config.SetpointLowerLimit REAL Low limit of the setpoint 3.402822 If you set SetpointLowerLimit outside the process value limits, the e+38 configured absolute process value low limit is preassigned as the setpoint low limit. If you set SetpointLowerLimit within the process value limits, this value is used as the setpoint low limit. 4094 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.MinimumOnTime REAL Minimum ON time 0.0 Minimum time in seconds for which the servo drive must be switched on. Config.MinimumOnTime is only effective if Output_UP and Out put_DN are used (Config.OutputPerOn = FALSE). Config.MinimumOffTime REAL 0.0 Minimum OFF time Minimum time in seconds for which the servo drive must be switched off. Config.MinimumOffTime is only effective if Output_UP and Out put_DN are used (Config.OutputPerOn = FALSE). Config.TransitTime REAL 30.0 Motor transition time Time in seconds the actuating drive requires to move the valve from the closed to the opened state. Config.InputScaling.Upper PointIn REAL Config.InputScaling.Lower PointIn REAL Config.InputScaling.Upper PointOut REAL Config.InputScaling.Lower PointOut REAL Config.FeedbackScaling.Up perPointIn REAL Config.FeedbackScaling.Low erPointIn REAL Config.FeedbackScaling.Up perPointOut REAL Config.FeedbackScaling.Low erPointOut REAL WinCC Advanced V14 System Manual, 10/2016 27648.0 Scaling Input_PER high Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 0.0 Scaling Input_PER low Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 100.0 Scaled high process value Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 0.0 Scaled low process value Input_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the InputScaling structure. 27648.0 Scaling Feedback_PER high Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 0.0 Scaling Feedback_PER low Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 100.0 High endstop Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 0.0 Low endstop Feedback_PER is converted to a percentage based on the two value pairs UpperPointOut, UpperPointIn and LowerPointOut, LowerPoin tIn of the FeedbackScaling structure. 4095 Programming the PLC 11.4 Instructions Tag Data type Default Description GetTransitTime.InvertDirec tion BOOL If InvertDirection = FALSE, the valve is fully opened, closed, and then reopened in order to determine the valve transition time. FALSE If InvertDirection = TRUE, the valve is fully closed, opened, and then closed again. GetTransitTime.SelectFeed back BOOL FALSE If SelectFeedback = TRUE, then Feedback_PER, or Feedback is taken into consideration in the transition time measurement. If SelectFeedback = FALSE, then Actuator_H and Actuator_L are taken into consideration in the transition time measurement. GetTransitTime.Start BOOL FALSE If Start = TRUE, the transition time measurement is started. GetTransitTime.State INT 0 Current phase of the transition time measurement State = 0: Inactive State = 1: Open valve completely State = 2: Close valve completely State = 3: Move valve to target position (NewOutput) State = 4: Transition time measurement successfully completed State = 5: Transition time measurement canceled GetTransitTime.NewOutput REAL 0.0 Target position for transition time measurement with position feed back The target position must be between "High endstop" and "Low end stop". The difference between NewOutput and ScaledFeedback must be at least 50% of the permissible control range. CycleTime.StartEstimation BOOL TRUE If StartEstimation = TRUE, the measurement of the PID_3Step sam pling time is started. CycleTime.StartEstimation = FALSE once measurement is complete. CycleTime.EnEstimation BOOL TRUE If EnEstimation = TRUE, the PID_3Step sampling time is calculated. CycleTime.EnMonitoring BOOL TRUE If EnMonitoring = TRUE, the PID_3Step sampling time is monitored. If it is not possible to execute PID_3Step within the sampling time, the error 0800h is output and the operating mode is switched. Acti vateRecoverMode and ErrorBehaviour determine which operating mode is switched to. If EnMonitoring = FALSE, the PID_3Step sampling time is not moni tored, the error 0800h is not output, and the operating mode is not switched. CycleTime.Value REAL 0.1 PID_3Step sampling time in seconds CycleTime.Value is determined automatically and is usually equiv alent to the cycle time of the calling OB. CtrlParamsBackUp.SetByUser BOOL FALSE Saved value of Retain.CtrlParams.SetByUser. You can reload values from the CtrlParamsBackUp structure with Config.LoadBackUp = TRUE. CtrlParamsBackUp.Gain REAL 1.0 Saved proportional gain CtrlParamsBackUp.Ti REAL 20.0 Saved integral action time CtrlParamsBackUp.Td REAL 0.0 Saved derivative action time CtrlParamsBackUp.TdFiltRa tio REAL 0.0 Saved derivative delay coefficient CtrlParamsBackUp.PWeight ing REAL 0.0 Saved proportional action weighting 4096 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description CtrlParamsBackUp.DWeight ing REAL 0.0 Saved derivative action weighting CtrlParamsBackUp.Cycle REAL 1.0 Saved sampling time of PID algorithm CtrlParamsBackUp.Input DeadBand REAL 0.0 Saved dead zone width of the control deviation PIDSelfTune.SUT.Calculate SUTParams BOOL FALSE The properties of the controlled system are saved during tuning. If CalculateSUTParams = TRUE, the PID parameters are recalculated on the basis of these properties. The PID parameters are calculated using the method set in TuneRuleSUT. CalculateSUTParams is set to FALSE following calculation. PIDSelfTune.SUT.TuneRule SUT INT 1 Methods used to calculate parameters during pretuning: TuneRuleSUT = 0: PID fast I TuneRuleSUT = 1: PID slow I TuneRuleSUT = 2: Chien, Hrones and Reswick PID TuneRuleSUT = 3: Chien, Hrones, Reswick PI TuneRuleSUT = 4: PID fast II TuneRuleSUT = 5: PID slow II PIDSelfTune.SUT.State INT 0 The SUT.State tag indicates the current phase of pretuning: PIDSelfTune.TIR.RunIn BOOL FALSE RunIn = FALSE Pretuning is started when fine tuning is started from inactive or manual mode. If fine tuning is started from automatic mode, the system uses the existing PID parameters to control to the setpoint. Only then will fine tuning start. If pretuning is not possible, PID_3Step switches to "Inactive" mode. RunIn = TRUE The pretuning is skipped. PID_3Step attempts to reach the setpoint with the minimum or maximum output value. This can produce increased overshoot. Only then will fine tuning start. RunIn is set to FALSE after fine tuning. PIDSelfTune.TIR.Calculate TIRParams BOOL FALSE The properties of the controlled system are saved during tuning. If CalculateTIRParams = TRUE, the PID parameters are recalculated on the basis of these properties. The PID parameters are calculated using the method set in TuneRuleTIR. CalculateTIRParams is set to FALSE following calculation. PIDSelfTune.TIR.TuneRule TIR INT 0 Methods used to calculate parameters during fine tuning: TuneRuleTIR = 0: PID automatic TuneRuleTIR = 1: PID fast TuneRuleTIR = 2: PID slow TuneRuleTIR = 3: Ziegler-Nichols PID TuneRuleTIR = 4: Ziegler-Nichols PI TuneRuleTIR = 5: Ziegler-Nichols P PIDSelfTune.TIR.State WinCC Advanced V14 System Manual, 10/2016 INT 0 The TIR.State tag indicates the current phase of "fine tuning": 4097 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.Mode INT A change to the value of Retain.Mode initiates a switch to another operating mode. 0 The following operating mode is enabled upon a change of Mode to: Mode = 0: Inactive Mode = 1: Pretuning Mode = 2: Fine tuning Mode = 3: Automatic mode Mode = 4: Manual mode Mode = 5: Approach substitute output value Mode = 6: Transition time measurement Mode = 7: Error monitoring Mode = 8: Approach substitute output value with error monitoring Mode is retentive. Retain.CtrlParams.SetByUser BOOL FALSE If SetByUser = FALSE, the PID parameters are determined auto matically and PID_3Step operates with a dead zone at the output value. The dead zone width is calculated during tuning on the basis of the standard deviation of the output value and saved in Re tain.CtrlParams.OutputDeadBand. If SetByUser = TRUE, the PID parameters are entered manually and PID_3 Step operates without a dead zone at the output value. Re tain.CtrlParams.OutputDeadBand = 0.0 SetByUser is retentive. Retain.CtrlParams.Gain REAL 1.0 Active proportional gain Gain is retentive. Retain.CtrlParams.Ti REAL 20.0 Ti > 0.0: Active integral action time Ti = 0.0: Integral action is deactivated Ti is retentive. Retain.CtrlParams.Td REAL 0.0 Td > 0.0: Active derivative action time Td = 0.0: Derivative action is deactivated Td is retentive. Retain.CtrlParams.TdFiltRatio REAL 0.0 Active derivative delay coefficient TdFiltRatio is retentive. Retain.CtrlParams.PWeighting REAL 0.0 Active proportional action weighting PWeighting is retentive. Retain.CtrlParams.DWeight ing REAL 0.0 Retain.CtrlParams.Cycle REAL 1.0 Active derivative action weighting DWeighting is retentive. Active sampling time of PID algorithm in seconds, rounded to an integer multiple of the cycle time of the calling OB. Cycle is retentive. Retain.CtrlParams.InputDead Band 4098 REAL 0.0 Dead zone width of the control deviation InputDeadBand is retentive. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Change the tags listed in this table in "Inactive" mode to prevent malfunction of the PID controller. "Inactive" mode is forced by setting the "Retain.Mode" tag to "0". See also Parameter State and Retain.Mode V1 (Page 4099) Tag ActivateRecoverMode V1 (Page 4107) Downloading technology objects to device (Page 6468) Parameter State and Retain.Mode V1 (S7-1200) Correlation of the parameters The State parameter shows the current operating mode of the PID controller. You cannot change the State parameter. To switch from one operating mode to another, you must change the Retain.Mode tag. This also applies when the value for the new operating mode is already in Retain.Mode. For example, set Retain.Mode = 0 first and then Retain.Mode = 3. Provided the current operating mode of the controller permits this switchover, State will be set to the value of Retain.Mode. When PID_3Step automatically switches from one operating mode to another, the following applies: State != Retain.Mode. Examples: After successful pretuning State = 3 and Retain.Mode = 1 In the event of an error State = 0 and Retain.Mode remain at the previous value, for example, Retain.Mode = 3 ManualEnalbe = TRUE State = 4 and Retain.Mode remain at the previous value, e.g., Retain.Mode = 3 Note You want, for example, to repeat successful fine tuning without exiting automatic mode with Mode = 0. Setting Retain.Mode to an invalid value such as 9999 for one cycle has no effect on State. Set Mode = 2 in the next cycle. In this way, you can generate a change to Retain.Mode without first switching to "Inactive" mode. WinCC Advanced V14 System Manual, 10/2016 4099 Programming the PLC 11.4 Instructions Meaning of values State / Re tain.Mode Description 0 Inactive The controller is switched off and no longer changes the valve position. 1 Pretuning The pretuning determines the process response to a pulse of the output value and searches for the point of inflection. The optimized PID parameters are calculated as a function of the maximum rate of rise and dead time of the controlled system. Pretuning requirements: State = 0 or State = 4 ManualEnable = FALSE The motor transition time has been configured or measured. The setpoint and the process value lie within the configured limits. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher as compared to the noise. Before the PID parameters are recalculated, they are backed up and can be reactivated with Config.Load BackUp. The setpoint is frozen in the CurrentSetpoint tag. The controller switches to automatic mode following successful pretuning and to "Inactive" mode following unsuccessful pretuning. The pretuning phase is indicated with the SUT.State tag. 4100 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State / Re tain.Mode Description 2 Fine tuning Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are tuned based on the amplitude and frequency of this oscillation. The differences between the process response during pretuning and fine tuning are analyzed. All PID parameters are recalculated from the results. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. PID_3Step automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before fine tuning. They can be reactivated with Config.LoadBackUp. The setpoint is frozen in the CurrentSetpoint tag. Requirements for fine tuning: The motor transition time has been configured or measured. The setpoint and the process value lie within the configured limits. ManualEnable = FALSE Automatic (State = 3), inactive (State = 0) or manual (State = 4) mode Fine tuning proceeds as follows when started from: Automatic mode (State = 3) Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_3Step controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive (State = 0) or manual mode (State = 4) Pretuning is always started first. The determined PID parameters will be used for control until the control loop has stabilized and the requirements for fine tuning have been met. If PIDSelfTune.TIR.RunIn = TRUE, pretuning is skipped and an attempt is made to reach the setpoint with the minimum or maximum output value. This can produce increased overshoot. Fine tuning then starts automatically. The controller switches to automatic mode following successful fine tuning. If fine tuning was not successful, the controller switches to "Inactive" mode. The fine tuning phase is indicated with the TIR.State tag. 3 Automatic mode In automatic mode, PID_3Step controls the controlled system in accordance with the parameters specified. The controller switches to automatic mode if one the following requirements is fulfilled: Pretuning successfully completed Fine tuning successfully completed Changing the Retain.Mode tag to the value 3. When the CPU is switched on or switches from Stop to RUN mode, PID_3Step starts in the most recently active operating mode. To leave PID_3Step in "Inactive" mode, set RunModeByStartup = FALSE. The ActivateRecoverMode tag is taken into consideration in automatic mode. WinCC Advanced V14 System Manual, 10/2016 4101 Programming the PLC 11.4 Instructions State / Re tain.Mode Description 4 Manual mode In manual mode, you specify manual output values in the Manual_UP and Manual_DN parameters or Man ualValue parameter. Whether or not the actuator can be moved to the output value in the event of an error is described in the ErrorBits parameter. This operating mode is enabled if Retain.Mode = 4, or on a rising edge at ManualEnable. If ManualEnable changes to TRUE, only State changes. Retain.Mode retains its current value. On a falling edge at ManualEnable, PID_3Step returns to the previous operating mode. The switchover to automatic mode is bumpless. PID_3Step V1.1 Manual mode is always possible in the event of an error. PID_3Step V1.0 Manual mode is dependent on the ActivateRecoverMode tag in the event of an error. 5 Approach substitute output value This operating mode is activated in the event of an error or when Reset = TRUE if Errorbehaviour = 1 and ActivateRecoverMode = FALSE.. PID_3Step moves the actuator to the substitute output value and then switches to "Inactive" mode. 6 Transition time measurement The time that the motor needs to completely open the valve from the closed condition is determined. This operating mode is activated when GetTransitTime.Start = TRUE is set. If endstop signals are used to measure the transition time, the valve will be opened completely from its current position, closed completely, and opened completely again. If GetTransitTime.InvertDirection = TRUE, this behavior is inverted. If position feedback is used to measure the transition time, the actuator will be moved from its current position to a target position. The output value limits are not taken into consideration during the transition time measurement. The actuator can travel to the high or the low endstop. 7 Error monitoring The control algorithm is switched off and no longer changes the valve position. This operating mode is activated instead of "Inactive" mode in the event of an error. All the following conditions must be met: Mode = 3 (automatic mode) Errorbehaviour = 0 ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode (Page 4107) is effective. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. 8 Approach substitute output value with error monitoring This operating mode is activated instead of "Approach substitute output value" mode in the event of an error. PID_3Step moves the actuator to the substitute output value and then switches to "Error monitoring" mode. All the following conditions must be met: Mode = 3 (automatic mode) Errorbehaviour = 1 ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode (Page 4107) is effective. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. 4102 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Automatic switchover of operating mode during commissioning PID_3Step automatically switches the operating mode in the event of an error. The following diagram illustrates the influence of ErrorBehaviour on the switchover of operating mode from transition time measurement, pretuning, and fine tuning modes. ,QDFWLYH (UURU%HKDYLRXU 7UDQVLWLRQWLPHPHDVXUHPHQW (UURU%HKDYLRXU (UURU%HKDYLRXU (UURU%HKDYLRXU 3UHWXQLQJ )LQHWXQLQJ (UURU%HKDYLRXU (UURU%HKDYLRXU $XWRPDWLFPRGH $SSURDFKVXEVWLWXWHRXWSXWYDOXH Automatic switchover of operating mode in the event of an error Automatic switchover of operating mode once the current operation has been completed. WinCC Advanced V14 System Manual, 10/2016 4103 Programming the PLC 11.4 Instructions Automatic switchover of operating mode in automatic mode (PID_3Step V1.1) PID_3Step automatically switches the operating mode in the event of an error. The following diagram illustrates the influence of ErrorBehaviour and ActivateRecoverMode on this switchover of operating mode. ,QDFWLYH (UURUPRQLWRULQJ (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH 758( $XWRPDWLFPRGH (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH 758( $SSURDFKVXEVWLWXWHRXWSXWYDOXH $SSURDFKVXEVWLWXWHRXWSXWYDOXH ZLWKHUURUPRQLWRULQJ Automatic switchover of operating mode in the event of an error 4104 Automatic switchover of operating mode once the current operation has been completed. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Automatic switchover of operating mode in automatic and manual modes (PID_3Step V1.0) PID_3Step automatically switches the operating mode in the event of an error. The following diagram illustrates the influence of ErrorBehaviour and ActivateRecoverMode on this switchover of operating mode. ,QDFWLYH (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURUPRQLWRULQJ (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH 758( $XWRPDWLFPRGH 0DQXDOPRGH $FWLYDWH5HFRYHU0RGH 758( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH )$/6( (UURU%HKDYLRXU $FWLYDWH5HFRYHU0RGH 758( $SSURDFKVXEVWLWXWHRXWSXWYDOXH $SSURDFKVXEVWLWXWHRXWSXWYDOXH ZLWKHUURUPRQLWRULQJ Automatic switchover of operating mode in the event of an error Automatic switchover of operating mode once the current operation has been completed. Automatic switchover of operating mode when error is no longer pending. See also Tag ActivateRecoverMode V1 (Page 4107) Parameter ErrorBits V1 (Page 4106) WinCC Advanced V14 System Manual, 10/2016 4105 Programming the PLC 11.4 Instructions Parameter ErrorBits V1 (S7-1200) If several errors are pending simultaneously, the values of the error codes are displayed with binary addition. The display of error code 0003, for example, indicates that the errors 0001 and 0002 are pending simultaneously. ErrorBits Description (DW#16#...) 0000 There is no error. 0001 The "Input" parameter is outside the process value limits. Input > Config.InputUpperLimit or Input < Config.InputLowerLimit If ActivateRecoverMode = TRUE and ErrorBehaviour = 1, the actuator moves to the substitute output value. If ActivateRecoverMode = TRUE and ErrorBehaviour = 0, the actuator stops in its current position. If ActivateRecoverMode = FALSE, the actuator stops in its current position. PID_3Step V1.1 You can move the actuator in manual mode. PID_3Step V1.0 Manual mode is not possible in this state. You cannot move the actuator again until you eliminate the error. 0002 Invalid value at "Input_PER" parameter. Check whether an error is pending at the analog input. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. 0004 Error during fine tuning. Oscillation of the process value could not be maintained. 0020 Pretuning is not permitted in automatic mode or during fine tuning. 0080 Error during pretuning. Incorrect configuration of output value limits. Check whether the limits of the output value are configured correctly and match the control logic. 0100 Error during fine tuning resulted in invalid parameters. 0200 Invalid value at "Input" parameter: Value has an invalid number format. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. 0400 Calculation of output value failed. Check the PID parameters. 0800 Sampling time error: PID_3Step is not called within the sampling time of the cyclic interrupt OB. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. If this error occurred during simulation with PLCSIM, see the notes under AUTOHOTSPOT. 1000 Invalid value at "Setpoint" parameter: Value has an invalid number format. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. 2000 Invalid value at Feedback_PER parameter. Check whether an error is pending at the analog input. The actuator cannot be moved to the substitute output value and remains in its current position. Manual mode is not possible in this state. You must deactivate position feedback (Config. FeedbackOn = FALSE) to move the actuator from this state. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. 4106 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 4000 Invalid value at Feedback parameter. Value has an invalid number format. The actuator cannot be moved to the substitute output value and remains in its current position. Manual mode is not possible in this state. You must deactivate position feedback (Config. FeedbackOn = FALSE) to move the actuator from this state. If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. 8000 Error during digital position feedback. Actuator_H = TRUE and Actuator_L = TRUE. The actuator cannot be moved to the substitute output value and remains in its current position. Manual mode is not possible in this state. In order to move the actuator from this state, you must deactivate the "Actuator endstop" (Config.Actua torEndStopOn = FALSE). If automatic mode was active before the error occurred, ActivateRecoverMode = TRUE, and the error is no longer pending, PID_3Step switches back to automatic mode. Parameter Reset V1 (S7-1200) A rising edge at Reset triggers a change to "Inactive" mode, and errors and warnings are reset. A falling edge at Reset triggers a change to the most recently active operating mode. If automatic mode was active before, switchover to automatic mode is bumpless. 5HVHW W PV 0RGH W PV 6WDWH W PV Activation Error Reset Tag ActivateRecoverMode V1 (S7-1200) The effect of the ActivateRecoverMode variable depends on the version of the PID_3Step. WinCC Advanced V14 System Manual, 10/2016 4107 Programming the PLC 11.4 Instructions Behavior in version 1.1 The ActivateRecoverMode variable determines the behavior in the event of an error in automatic mode. ActivateRecoverMode is not effective during pretuning, fine tuning and transition time measurement. ActivateReco verMode Description FALSE In the event of an error, PID_3Step switches to "Inactive" or "Approach substitute output value" operating mode. The controller is activated by a reset or a change in Retain.Mode. TRUE If errors occur frequently in automatic mode, this setting has a negative effect on the control response. In this case, check the ErrorBits parameter and eliminate the cause of the error. If one or more errors occur, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode: 0002h: Invalid value at parameter Input_PER. 0200h: Invalid value at parameter Input. 0800h: Sampling time error 1000h: Invalid value at parameter Setpoint. 2000h: Invalid value at parameter Feedback_PER. 4000h: Invalid value at parameter Feedback. 8000h: Error in digital position feedback. With errors 2000h, 4000h and 8000h, PID_3Step cannot approach the configured substitute output value. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. 4108 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Behavior in version 1.0 The ActivateRecoverMode variable determines the behavior in the event of an error in automatic and manual mode. ActivateRecoverMode is not effective during pretuning, fine tuning and transition time measurement. ActivateReco verMode Description FALSE In the event of an error, PID_3Step switches to "Inactive" or "Approach substitute output value" operating mode. The controller is activated by a reset or a change in Retain.Mode. TRUE Errors in automatic mode If errors occur frequently in automatic mode, this setting has a negative effect on the control response. In this case, check the ErrorBits parameter and eliminate the cause of the error. If one or more errors occur, PID_3Step switches to "Approach substitute output value with error monitoring" or "Error monitoring" mode: 0002h: Invalid value at parameter Input_PER. 0200h: Invalid value at parameter Input. 0800h: Sampling time error 1000h: Invalid value at parameter Setpoint. 2000h: Invalid value at parameter Feedback_PER. 4000h: Invalid value at parameter Feedback. 8000h: Error in digital position feedback. With errors 2000h, 4000h and 8000h, PID_3Step cannot approach the configured substitute output value. As soon as the errors are no longer pending, PID_3Step switches back to automatic mode. Errors in manual mode If one or more of the following errors occur, PID_3Step stays in manual mode: 0002h: Invalid value at parameter Input_PER. 0200h: Invalid value at parameter Input. 0800h: Sampling time error 1000h: Invalid value at parameter Setpoint. 2000h: Invalid value at parameter Feedback_PER. 4000h: Invalid value at parameter Feedback. 8000h: Error in digital position feedback. With errors 2000h, 4000h and 8000h, you cannot move the valve to a suitable position. See also PID_3Step V1 static tags (Page 4092) Parameter State and Retain.Mode V1 (Page 4099) WinCC Advanced V14 System Manual, 10/2016 4109 Programming the PLC 11.4 Instructions Tag Warning V1 (S7-1200) If several warnings are pending simultaneously, their values are displayed with binary addition. The display of warning 0003, for example, indicates that the warnings 0001 and 0002 are pending simultaneously. Warning Description (DW#16#...) 0000 No warning pending. 0001 The point of inflection was not found during pretuning. 0002 Oscillation increased during fine tuning. 0004 The setpoint was limited to the configured limits. 0008 Not all the necessary controlled system properties were defined for the selected method of calculation. The PID parameters were instead calculated using the TuneRuleTIR = 3 method. 0010 The operating mode could not be changed because ManualEnable = TRUE. 0020 The cycle time of the calling OB limits the sampling time of the PID algorithm. Improve results by using shorter OB cycle times. 0040 The process value exceeded one of its warning limits. 0080 Invalid value at Retain.Mode. The operating mode is not switched. 0100 The manual value was limited to the limits of the controller output. 0200 The rule used for tuning produces an incorrect result, or is not supported. 0400 Method selected for transition time measurement not suitable for actuator. The transition time cannot be measured because the actuator settings do not match the selected meas uring method. 0800 The difference between the current position and the new output value is too small for transition time measurement. This can produce incorrect results. The difference between the current output value and new output value must be at least 50% of the entire control range. 1000 The substitute output value cannot be reached because it is outside the output value limits. The following warnings are deleted as soon as the cause is eliminated: 0004 0020 0040 0100 All other warnings are cleared with a rising edge at Reset. Tag SUT.State V1 (S7-1200) SUT.Stat e Name 0 SUT_INIT 50 SUT_TPDN 4110 Description Initialize pretuning Determine start position without position feedback 100 SUT_STDABW Calculate the standard deviation 200 SUT_GET_POI Find the point of inflection 300 SUT_GET_RISETM Determine the rise time WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions SUT.Stat e Name Description 9900 SUT_IO Pretuning successful 1 SUT_NIO Pretuning not successful Tag TIR.State V1 (S7-1200) TIR.State Name Description -100 TIR_FIRST_SUT 0 TIR_INIT Fine tuning is not possible. Pretuning will be executed first. Initialize fine tuning 200 TIR_STDABW Calculate the standard deviation 300 TIR_RUN_IN Attempt to reach the setpoint with the maximum or minimum output value 400 TIR_CTRLN Attempt to reach the setpoint with the existing PID parameters (if pretuning has been successful) 500 TIR_OSZIL 9900 TIR_IO Determine oscillation and calculate parameters Fine tuning successful 1 TIR_NIO Fine tuning not successful PID_Temp (S7-1200, S7-1500) New features of PID_Temp (S7-1200, S7-1500) PID_Temp V1.1 Response of the output value on switchover from "Inactive" operating mode to "Automatic mode" The new option IntegralResetMode = 4 was added and defined as default. With IntegralResetMode = 4, the integral action is automatically pre-assigned when switching from "Inactive" operating mode to "Automatic mode" so that a control deviation results in a jump of the PID output value with identical sign. Initialization of the integral action in automatic mode The integral action can be initialized in automatic mode with the tags OverwriteInitialOutputValue and PIDCtrl.PIDInit. This simplifies the use of PID_Temp for override controls. Compatibility with CPU and FW (S7-1200, S7-1500) The following table shows which version of PID_Temp can be used on which CPU. CPU FW PID_Temp S7-1200 V4.2 or higher V1.1 V1.0 V4.1 WinCC Advanced V14 System Manual, 10/2016 V1.0 4111 Programming the PLC 11.4 Instructions CPU FW PID_Temp S7-1500 V2.0 or higher V1.1 V1.0 V1.7 to V1.8 V1.0 PID_Temp (S7-1200, S7-1500) Description of PID_Temp (S7-1200, S7-1500) Description The PID_Temp instruction provides a PID controller with integrated tuning for temperature processes. PID_Temp can be used for pure heating or heating/cooling applications. The following operating modes are possible: Inactive Pretuning Fine tuning Automatic mode Manual mode Substitute output value with error monitoring For a more detailed description of the operating modes, see the State parameter. PID algorithm PID_Temp is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The PID algorithm operates according to the following equation (control zone and dead zone deactivated): 1 y = Kp [ (b * w - x) + T * s (w - x) + I TD * s a * TD * s + 1 (c * w - x) ] The table below shows the meaning of the icons used in the equation and in the subsequent figures. Icon Description Associated parameters of the PID_Temp instruction y Output value of the PID algorithm - Kp Proportional gain Retain.CtrlParams.Heat.Gain Retain.CtrlParams.Cool.Gain CoolFactor s Laplace operator - b Proportional action weighting Retain.CtrlParams.Heat.PWeighting Retain.CtrlParams.Cool.PWeighting 4112 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Icon Description Associated parameters of the PID_Temp instruction w Setpoint CurrentSetpoint x Process value ScaledInput TI Integral action time Retain.CtrlParams.Heat.Ti TD Derivative action time Retain.CtrlParams.Cool.Ti Retain.CtrlParams.Heat.Td Retain.CtrlParams.Cool.Td a c Derivative delay coefficient (derivative delay T1 = a x TD) Retain.CtrlParams.Heat.TdFiltRatio Derivative action weighting Retain.CtrlParams.Heat.DWeighting Retain.CtrlParams.Cool.TdFiltRatio Retain.CtrlParams.Cool.DWeighting DeadZone Dead zone width Retain.CtrlParams.Heat.DeadZone Retain.CtrlParams.Cool.DeadZone ControlZone Control zone width Retain.CtrlParams.Heat.ControlZone Retain.CtrlParams.Cool.ControlZone WinCC Advanced V14 System Manual, 10/2016 4113 Programming the PLC 11.4 Instructions PID_Temp block diagram InputPEROn Scale PV_ALRM InputWarning_H Input_PER 1 InputWarning_L 0 Input z -1 sgn CtrlParams Heat.Gain Heat Ti ... Cool.Gain Cool.Ti ... SubstituteSetpointOn Setpoint SubstituteSetpoint 0 ScaledInput Limit CurrentSetpoint PIDT1 Anti Windup 1 Disturbance State Limit =3 PidOutputSum ManualValue =4 Scale OutputHeat PidOutput OffsetHeat Scale Config.Output.Heat.Select PWM PIDSelfTune.TIR. OutputOffsetHeat Split =1 FALSE 1 OutputHeat_PWM Scale Limit =2 0 OutputHeat_PER 2 Limit Split Config.ActivateCooling Scale OutputCool -1 1 0.0 0 PIDSelfTune.TIR. OutputOffsetCool Scale Config.Output.Cool.Select PWM 1 PidOutput OffsetCool FALSE 0 =1 FALSE 1 OutputCool_PWM Scale 1 0 0 4114 =2 0 OutputCool_PER 2 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Block diagram of PIDT1 with anti-windup E &XUUHQW6HWSRLQW Z &RQILJ2XWSXW+HDW 3LG8SSHU/LPLW F '7 .S \ &RQILJ2XWSXW+HDW 3LG/RZHU/LPLW &RQILJ2XWSXW&RRO 3LG/RZHU/LPLW 'HDG=RQH $QWL:LQGXS /LPLW 6FDOHG,QSXW [ , &RQWURO=RQH Call PID_Temp is called in the constant time scale of a cyclic interrupt OB. If you call PID_Temp as a multi-instance DB, no technology object is created. No parameter assignment interface or commissioning interface is available. You must assign parameters for PID_Temp directly in the multi-instance DB and commission it via a watch table. Download to device The process values of retentive tags are only updated when you download PID_Temp completely. Download technology object to device (Page 6468) Startup When the CPU starts up, PID_Temp starts in the operating mode that is saved in the Mode in/ out parameter. To switch to "Inactive" operating mode during startup, set RunModeByStartup = FALSE. WinCC Advanced V14 System Manual, 10/2016 4115 Programming the PLC 11.4 Instructions Reaction to error The behavior in the case of an error is determined by the tags SetSubstituteOutput and ActivateRecoverMode. If ActivateRecoverMode = TRUE, the behavior also depends on the error that occurred. SetSubstitu teOutput ActivateReco Configuration editor verMode > Basic settings of output > Set PidOutputSum to Reaction Not relevant FALSE Switch to "Inactive" (State = 0) mode Zero (inactive) The output value of the PID algorithm and all out puts for heating and cooling are set to 0. The scal ing of the outputs for heating and cooling is not active. FALSE TRUE Current value for error while error is pending Switch to "Substitute output value with error moni toring" mode (State = 5) The current output value is transferred to the ac tuator while the error is pending. TRUE TRUE Substitute output value while error is pending Switch to "Substitute output value with error moni toring" mode (State = 5) The value at SubstituteOutput is transferred to the actuator while the error is pending. In manual mode, PID_Temp uses ManualValue as output value, unless ManualValue is invalid. If ManualValue is invalid, SubstituteOutput is used. If ManualValue and SubstituteOutput are invalid, Config.Output.Heat.PidLowerLimit is used. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. ErrorBits is reset by a rising edge at Reset or ErrorAck. Mode of operation of PID_Temp (S7-1200, S7-1500) Monitoring process value limits You specify the high limit and low limit of the process value in the Config.InputUpperLimit and Config.InputLowerLimit tags. If the process value is outside these limits, an error occurs (ErrorBits = 0000001h). You specify a high and low warning limit of the process value in the Config.InputUpperWarning and Config.InputLowerWarning tags. If the process value is outside these warning limits, a warning occurs (Warning = 0000040h), and the InputWarning_H or InputWarning_L output parameter changes to TRUE. 4116 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Limiting the setpoint You specify a high limit and low limit of the setpoint in the Config.SetpointUpperLimit and Config.SetpointLowerLimit tags. PID_Temp automatically limits the setpoint to the process value limits. You can limit the setpoint to a smaller area. PID_Temp checks whether this area is within the process value limits. If the setpoint is outside these limits, the high or low limit is used as the setpoint, and output parameter SetpointLimit_H or SetpointLimit_L is set to TRUE. The setpoint is limited in all operating modes. Substitute setpoint You can specify a substitute setpoint at the SubstituteSetpoint tag and activate it with SubstituteSetpointOn = TRUE. In this way, you can temporarily specify the setpoint directly, for example for a slave controller in a cascade, without having to change the user program. The limits set for the setpoint also apply to the substitute setpoint. Heating and cooling With the default setting, PID_Temp only uses the outputs for heating (OutputHeat, OutputHeat_PWM, OutputHeat_PER). The output value of the PID algorithm (PidOutputSum) is scaled and output at the outputs for heating. You specify with Config.Output.Heat.Select if OutputHeat_PWM or OutputHeat_PER is calculated. OutputHeat is always calculated. With Config.ActivateCooling = TRUE, you can also activate the outputs for cooling (OutputCool, OutputCool_PWM, OutputCool_PER). Positive output values of the PID algorithm (PidOutputSum) are scaled and output at the outputs for heating. Negative output values of the PID algorithm are scaled and output at the outputs for cooling. You specify with Config.Output.Cool.Select if OutputCool_PWM or OutputCool_PER is calculated. OutputCool is always calculated. Two methods are available to calculate the PID output value with activated cooling: Cooling factor (Config.AdvancedCooling = FALSE): The output value calculation for cooling takes place with the PID parameters for heating, taking into consideration the configurable cooling factor Config.CoolFactor. This method is suitable if the heating and cooling actuators have a similar time response but different gains. If this method is selected, pretuning and fine tuning for cooling as well as the PID parameter set for cooling are not available. You can only execute the tuning for heating. PID parameter switching (Config.AdvancedCooling = TRUE): The output value calculation for cooling takes place by means of a separate PID parameter set. Based on the calculated output value and the control deviation, the PID algorithm decides whether the PID parameter for heating or cooling is used. This method is suitable if the heating and cooling actuator have different time responses and different gains. Pretuning and fine tuning for cooling are only available if this method is selected. Output value limits and scaling Depending on the operating mode, the PID output value (PidOutputSum) is calculated automatically by the PID algorithm or defined by the manual value (ManualValue) or the configured substitute output value (SubstituteOutput). WinCC Advanced V14 System Manual, 10/2016 4117 Programming the PLC 11.4 Instructions The PID output value is limited according to the configuration: If cooling is deactivated (Config.ActivateCooling = FALSE), Config.Output.Heat.PidUpperLimit is the high limit and Config.Output.Heat.PidLowerLimit the low limit. If cooling is activated (Config.ActivateCooling = TRUE), Config.Output.Heat.PidUpperLimit is the high limit and Config.Output.Cool.PidLowerLimit the low limit. The PID output value is scaled and output at the outputs for heating and cooling. Scaling can be defined separately for each output and is specified in the structures Config.Output.Heat or Config.Output.Cool with 2 value pairs each: Output Value pair Parameter OutputHeat Value pair 1 PID output value high limit (heating) Config.Output.Heat.PidUpperLimit, Scaled high output value (heating) Config.Output.Heat.Up perScaling Value pair 2 PID output value low limit (heating) Config.Output.Heat.PidLowerLimit, Scaled low output value (heating) Config.Output.Heat.Low erScaling OutputHeat_PWM Value pair 1 PID output value high limit (heating) Config.Output.Heat.PidUpperLimit, Scaled high PWM output value (heating) Config.Output.Heat.PwmUpperScaling Value pair 2 PID output value low limit (heating) Config.Output.Heat.PidLowerLimit, Scaled low PWM output value (heating) Config.Output.Heat.PwmLowerScaling OutputHeat_PER Value pair 1 PID output value high limit (heating) Config.Output.Heat.PidUpperLimit, Scaled high analog output value (heating) Config.Output.Heat.PerUpperScaling Value pair 2 PID output value low limit (heating) Config.Output.Heat.PidLowerLimit, Scaled low analog output value (heating) Config.Output.Heat.PerLowerScaling OutputCool Value pair 1 PID output value low limit (cooling) Config.Output.Cool.PidLowerLimit, Scaled high output value (cooling) Config.Output.Cool.UpperScaling Value pair 2 PID output value high limit (cooling) Config.Output.Cool.PidUpperLimit, Scaled low output value (cooling) Config.Output.Cool.LowerScaling 4118 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Output Value pair Parameter OutputCool_PWM Value pair 1 PID output value low limit (cooling) Config.Output.Cool.PidLowerLimit, Scaled high PWM output value (cooling) Config.Output.Cool.PwmUpperScaling Value pair 2 PID output value high limit (cooling) Config.Output.Cool.PidUpperLimit, Scaled low PWM output value (cooling) Config.Output.Cool.PwmLowerScaling OutputCool_PER Value pair 1 PID output value low limit (cooling) Config.Output.Cool.PidLowerLimit, Scaled high analog output value (cooling) Config.Output.Cool.PerUpperScaling Value pair 2 PID output value high limit (cooling) Config.Output.Cool.PidUpperLimit, Scaled low analog output value (cooling) Config.Output.Cool.PerLowerScaling If cooling is activated (Config.ActivateCooling = TRUE), Config.Output.Heat.PidLowerLimit must have the value 0.0. Config.Output.Cool.PidUpperLimit must always have the value 0.0. Example: Output scaling when using output OutputHeat (cooling deactivated; Config.Output.Heat.PidLowerLimit may be unequal to 0.0): 2XWSXW+HDW &RQILJ2XWSXW+HDW 8SSHU6FDOLQJ &RQILJ2XWSXW+HDW /RZHU6FDOLQJ &RQILJ2XWSXW+HDW 3LG/RZHU/LPLW 3LG2XWSXW6XP &RQILJ2XWSXW+HDW 3LG8SSHU/LPLW Example: Output scaling when using output OutputHeat_PWM and OutputCool_PER (cooling activated; Config.Output.Heat.PidLowerLimit must be 0.0): WinCC Advanced V14 System Manual, 10/2016 4119 Programming the PLC 11.4 Instructions OutputCool_PER OutputHeat_PWM Config.Output.Cool. PerUpperScaling Config.Output.Heat. PwmUpperScaling Config.Output.Heat. PwmLowerScaling Config.Output.Cool. PerLowerScaling PidOutputSum Config.Output.Heat. Config.Output.Cool. Config.Output.Heat. PidLowerLimit PidLowerLimit PidUpperLimit =Config.Output.Cool. PidUpperLimit=0.0 With the exception of the "Inactive" operating mode, the value at an output is always located between its scaled high output value and scaled low output value, for example, for OutputHeat always between Config.Output.Heat.UpperScaling and Config.Output.Heat.LowerScaling. If you want to limit the value at the associated output, you therefore have to adapt these scaling values as well. Cascading PID_Temp supports you when you use cascade control (see: Program creation (Page 6587)). Substitute output value In the event of an error, PID_Temp can output a substitute output value that you define at the SubstituteOutput tag. The substitute output value must be within the limits for the PID output value. The values at the outputs for heating and cooling resulting from the substitute output value are the result of the configured output scaling. Monitoring signal validity The values of the following parameters are monitored for validity when used: Setpoint SubstituteSetpoint Input Input_PER Disturbance ManualValue SubstituteOutput PID parameters in the structures Retain.CtrlParams.Heat and Retain.CtrlParams.Cool. 4120 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Monitoring the sampling time PID_Temp Ideally, the sampling time is equivalent to the cycle time of the cyclic interrupt OB. The PID_Temp instruction measures the time interval between two calls. This is the current sampling time. On every switchover of operating mode and during the initial startup, the mean value is formed from the first 10 sampling times. Too great a difference between the current sampling time and this mean value triggers an error (Error = 0000800h). The error occurs during tuning if: New mean value >= 1.1 x old mean value New mean value <= 0.9 x old mean value The error occurs in automatic mode if: New mean value >= 1.5 x old mean value New mean value <= 0.5 x old mean value If you deactivate the sampling time monitoring (CycleTime.EnMonitoring = FALSE), you can also call PID_Temp in OB1. You must then accept a lower control quality due to the deviating sampling time. Sampling time of the PID algorithm The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time of the cyclic interrupt OB (sampling time PID_Temp). All other functions of the PID_Temp are executed at every call. If cooling and PID parameter switching are activated, PID_Temp uses a separate sampling time of the PID algorithm for heating and cooling. In all other configurations, only the sampling time of the PID algorithm for heating is used. If you use OutputHeat_PWM or OutputCool_PWM, the sampling time of the PID algorithm is used as time period of the pulse width modulation. The accuracy of the output signal is determined by the ratio of the PID algorithm sampling time to the cycle time of the OB. The cycle time should be no more than a tenth of the PID algorithm sampling time. If the PID algorithm sampling time and thus the time period of the pulse width modulation is very high when you use OutputHeat_PWM or OutputCool_PWM, you can define a deviating shorter period duration at the Config.Output.Heat.PwmPeriode or Config.Output.Cool.PwmPeriode parameters to improve the smoothness of the process value. Control logic PID_Temp can be used for heating or heating/cooling applications and always works with normal control logic. An increase of the PID output value (PidOutputSum) is intended to increase the process value. The values at the outputs for heating and cooling resulting from the PID output value are the result of the configured output scaling. An inverted control logic or negative proportional gain are not supported. WinCC Advanced V14 System Manual, 10/2016 4121 Programming the PLC 11.4 Instructions If you only need an output value for your application in which an increase is to reduce the process value (for example, discharge control), you can use PID_Compact with inverted control logic. Input parameters of PID_Temp (S7-1200, S7-1500) Parameter Data type Default Description Setpoint REAL 0.0 Setpoint of the PID controller in automatic mode Valid range of values: Config.SetpointUpperLimit Setpoint Config.SetpointLowerLimit Config.InputUpperLimit Setpoint Config.InputLowerLimit Input REAL 0.0 Input_PER INT 0 A tag of the user program is used as source for the process value. If you are using the Input parameter, Config.InputPerOn = FALSE must be set. An analog input is used as the source of the process value. If you are using the Input_PER parameter, Config.InputPerOn = TRUE must be set. Disturbance REAL 0.0 Disturbance variable or precontrol value ManualEna ble BOOL FALSE A FALSE -> TRUE edge activates "Manual mode", whileState = 4, Mode remains unchanged. As long as ManualEnable = TRUE, you cannot change the operating mode via a rising edge at ModeActivate or use the commissioning dialog. A TRUE -> FALSE edge activates the operating mode that is specified by Mode. We recommend that you change the operating mode using Mode and Mod eActivate only. ManualValue REAL 0.0 Manual value This value is used in manual mode as PID output value (PidOutputSum). The values at the outputs for heating and cooling resulting from this manual value are the result of the configured output scaling (structures Config.Out put.Heat and Config.Output.Cool). For controllers with activated cooling output (Config.ActivateCooling = TRUE), define: a positive manual value to output the value at the outputs for heating a negative manual value to output the value at the outputs for cooling The permitted value range is determined by the configuration. Cooling output deactivated (Config.ActivateCooling = FALSE): Config.Output.Heat.PidUpperLimit ManualValue Config.Output.Heat.PidLowerLimit Cooling output activated (Config.ActivateCooling = TRUE): Config.Output.Heat.PidUpperLimit ManualValue Config.Output.Cool.PidLowerLimit ErrorAck 4122 BOOL FALSE FALSE -> TRUE edge ErrorBits and Warning are reset. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Reset BOOL FALSE Restarts the controller. FALSE -> TRUE edge - Switch to "Inactive" mode - ErrorBits and Warning are reset. As long as Reset = TRUE, - PID_Temp remains in "Inactive" mode (State = 0). - you cannot change the operating mode with Mode and ModeActivate or ManualEnable - You cannot use the commissioning dialog. TRUE -> FALSE edge ModeActi vate BOOL FALSE - If ManualEnable = FALSE, PID_Temp switches to the operating mode that is saved in Mode. - If Mode = 3 (automatic mode), the integral action is treated as configured with the tag IntegralResetMode. FALSE -> TRUE edge PID_Temp switches to the operating mode that is saved at the Mode input. Output parameters of PID_Temp (S7-1200, S7-1500) Parameter Data type Default Description ScaledInput REAL 0.0 Scaled process value OutputHeat REAL 0.0 Output value (heating) in REAL format The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Heat.PidUpperLimit, Config.Output.Heat.UpperScaling and Con fig.Output.Heat.PidLowerLimit, Config.Output.Heat.LowerScaling and output in REAL format at OutputHeat. OutputHeat is always calculated. OutputCool REAL 0.0 Output value (cooling) in REAL format The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Cool.PidUpperLimit, Config.Output.Cool.LowerScaling and Con fig.Output.Cool.PidLowerLimit, Config.Output.Cool.UpperScaling and output in REAL format at OutputCool. OutputCool is only calculated if the cooling output is activated (Config.Activa teCooling = TRUE). Outpu tHeat_PER INT 0 Analog output value (heating) The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Heat.PidUpperLimit, Config.Output.Heat.PerUpperScaling and Config.Output.Heat.PidLowerLimit, Config.Output.Heat.PerLowerScaling and output as analog value at OutputHeat_PER. OutputHeat_PER is only calculated if Config.Output.Heat.Select = 2. WinCC Advanced V14 System Manual, 10/2016 4123 Programming the PLC 11.4 Instructions Parameter Data type Default Description Output Cool_PER INT Analog output value (cooling) 0 The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Cool.PidUpperLimit, Config.Output.Cool.PerLowerScaling and Con fig.Output.Cool.PidLowerLimit, Config.Output.Cool.PerUpperScaling and out put as analog value at OutputCool_PER. OutputCool_PER is only calculated if the cooling output is activated (Con fig.ActivateCooling = TRUE) and Config.Output.Cool.Select = 2. Outpu tHeat_PWM BOOL FALSE Pulse-width modulated output value (heating) The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Heat.PidUpperLimit, Config.Output.Heat.PwmUpperScaling and Config.Output.Heat.PidLowerLimit, Config.Output.Heat.PwmLowerScaling and output as pulse-width modulated value (variable switch on and switch off times) at OutputHeat_PWM. OutputHeat_PWM is only calculated if Config.Output.Heat.Select = 1. Output Cool_PWM BOOL FALSE Pulse-width modulated output value (cooling) The PID output value (PidOutputSum) is scaled with the two value pairs Con fig.Output.Cool.PidUpperLimit, Config.Output.Cool.PwmLowerScaling and Config.Output.Cool.PidLowerLimit, Config.Output.Cool.PwmUpperScaling and output as pulse-width modulated value (variable switch on and switch off times) at OutputCool_PWM. OutputCool_PWM is only calculated if the cooling output is activated (Con fig.ActivateCooling = TRUE) and Config.Output.Cool.Select = 1. SetpointLi mit_H BOOL FALSE If SetpointLimit_H = TRUE, the absolute setpoint high limit is reached (Set point Config.SetpointUpperLimit) or Setpoint Config.InputUpperLimit. The setpoint high limit is the minimum of Config.SetpointUpperLimit and Con fig.InputUpperLimit. SetpointLimit_L BOOL FALSE If SetpointLimit_L = TRUE, the absolute setpoint low limit is reached (Setpoint Config.SetpointLowerLimit) or Setpoint Config.InputLowerLimit. The setpoint low limit is the maximum of Config.SetpointLowerLimit and Con fig.InputLowerLimit. InputWarn ing_H BOOL FALSE If InputWarning_H = TRUE, the process value has reached or exceeded the warning high limit (ScaledInput Config.InputUpperWarning). InputWarn ing_L BOOL FALSE If InputWarning_L = TRUE, the process value has reached or fallen below the warning low limit (ScaledInput Config.InputLowerWarning). State INT 0 The PID_Temp state and mode parameters (Page 4157) shows the current operating mode of the PID controller. You can change the operating mode using the input parameter Mode and a rising edge at ModeActivate. For pre tuning and fine tuning, you specify with Heat.EnableTuning and Cool.Enable Tuning whether tuning takes place for heating or cooling. State = 0: Inactive State = 1: Pretuning State = 2: Fine tuning State = 3: Automatic mode State = 4: Manual mode State = 5: Substitute output value with error monitoring 4124 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Error BOOL FALSE If Error = TRUE, at least one error message is pending in this cycle. ErrorBits DWORD DW#16#0 The PID_Temp ErrorBits parameter (Page 4166) shows the pending error messages. ErrorBits is retentive and is reset with a rising edge at Reset or ErrorAck. WinCC Advanced V14 System Manual, 10/2016 4125 Programming the PLC 11.4 Instructions In/out parameters of PID_Temp V2 (S7-1200, S7-1500) Parameter Data type Default Description Mode INT 4 At Mode, specify the operating mode to which PID_Temp is to switch. Options are: Mode = 0: Inactive Mode = 1: Pretuning Mode = 2: Fine tuning Mode = 3: Automatic mode Mode = 4: Manual mode The operating mode is activated by: Rising edge at ModeActivate Falling edge at Reset Falling edge at ManualEnable Cold restart of CPU if RunModeByStartup = TRUE For pretuning and fine tuning, you specify with Heat.EnableTuning and Cool.En ableTuning whether tuning takes place for heating or cooling. Mode is retentive. A detailed description of the operating modes can be found in State and Mode parameters (Page 4157). Master DWORD DW#16#0 Interface for cascade control If this PID_Temp instance is used as slave controller in a cascade (Config.Cas cade.IsSlave = TRUE), assign the Master parameter at the instruction call with the Slave parameter of the master controller. Example: Call of a slave controller "PID_Temp_2" with master controller "PID_Temp_1" in SCL: ---------------------------------------------------------------------------"PID_Temp_2"(Master := "PID_Temp_1".Slave, Setpoint := "PID_Temp_1".OutputHeat); ---------------------------------------------------------------------------You use this interface to exchange slave controller information about operating mode, limit and substitute setpoint with your master controller. Keep in mind that the call of the master controller has to take place before the call of the slave controller in the same cyclic interrupt OB. Assignment: Bits 0 to 15: Unassigned Bits 16 to 23 - Limit counter: A slave controller whose output value is limited increments this counter. Depending on the configured number of slaves (Config.Cascade.CountSlaves) and of the anti-windup mode (Config.Cascade.AntiWindUpMode), the master controller reacts accordingly. Bit 24 - Automatic mode of the slave controllers: TRUE, if all slave controllers are in automatic mode Bit 25 - Substitute setpoint of the slave controllers: TRUE, if a slave controller has activated the substitute setpoint (SubstituteSetpointOn = TRUE) 4126 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type Default Description Slave DWORD DW#16#0 Interface for cascade control You use this interface to exchange slave controller information about operating mode, limit and substitute setpoint with your master controller. See description of Master parameter See also PID_Temp state and mode parameters (Page 4157) Program creation (Page 6587) Cascade control with PID_Temp (Page 6585) PID_Temp static tags (S7-1200, S7-1500) You must not change tags that are not listed. These are used for internal purposes only. Tag Data type Default Description IntegralResetMode Int V1.0: 1, The IntegralResetMode tag (Page 4174) determines how the integral action PIDCtrl.IOutputOld is pre-assigned when switching from "Inactive" operating mode to "Automatic mode". V1.1 or higher: 4 This setting only works for one cycle. IntegralResetMode = 0: Smooth IntegralResetMode = 1: Delete IntegralResetMode = 2: Hold IntegralResetMode = 3: Pre-assign IntegralResetMode = 4: Like setpoint change (only for PID_Temp with version 1.1) OverwriteInitialOutputValue REAL 0.0 If one of the following conditions is met, the integral action PIDCtrl.IOutputOld is pre-assigned automatically as if PIDOut putSum = OverwriteInitialOutputValue in the previous cycle: IntegralResetMode = 3 when switching from "Inactive" operating mode to "Automatic mode" TRUE -> FALSE edge at parameter Reset and parameter Mode = 3 PIDCtrl.PIDInit = TRUE in "Automatic mode" (available as of PID_Temp version 1.1) RunModeByStartup BOOL TRUE Activate operating mode at Mode parameter after CPU restart If RunModeByStartup = TRUE, PID_Temp starts in the operating mode saved in the Mode parameter after CPU startup. If RunModeByStartup = FALSE, PID_Temp remains in "Inactive" mode after CPU startup. LoadBackUp WinCC Advanced V14 System Manual, 10/2016 BOOL FALSE If LoadBackUp = TRUE, the last set of PID parameters is re loaded from the CtrlParamsBackUp structure. The set was saved prior to the last tuning. LoadBackUp is automatically set back to FALSE. The acceptance is bumpless. 4127 Programming the PLC 11.4 Instructions Tag Data type Default Description SetSubstituteOutput BOOL TRUE Selection of the output value while an error is pending (State = 5): If SetSubstituteOutput = TRUE and ActivateRecoverMode = TRUE, the configured substitute output value SubstituteOutput is output as PID output value as long as an error is pending. If SetSubstituteOutput = FALSE and ActivateRecoverMode = TRUE, the actuator remains at the current PID output value as long as an error is pending. If ActivateRecoverMode = FALSE, SetSubstituteOutput is not effective. If SubstituteOutput is invalid (ErrorBits = 0020000h), the substitute output value cannot be output. In this case, the low limit of the PID output value for heating (Config.Output.Heat.PidLowerLimit) is used as PID output value. PhysicalUnit INT 0 Unit of measurement of the process value and setpoint, e.g., C, or F. This parameter is used for display in the editors and does not influence the control algorithm. PhysicalQuantity INT 0 Physical quantity of the process value and setpoint, e.g., tem perature. This parameter is used for display in the editors and does not influence the control algorithm. ActivateRecoverMode BOOL TRUE The ActivateRecoverMode tag determines the reaction to error. Warning DWOR D 0 The Warning tag shows the warnings since Reset = TRUE or ErrorAck =TRUE. Warning is retentive. Progress REAL 0.0 Progress of current tuning phase as a percentage (0.0 - 100.0) CurrentSetpoint REAL 0.0 CurrentSetpoint always displays the currently effective set point. This value is frozen during tuning. CancelTuningLevel REAL 10.0 Permissible fluctuation of setpoint during tuning. Tuning is not canceled until: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel 4128 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description SubstituteOutput REAL 0.0 The substitute output value is used as PID output value as long as the following conditions are met: One or more errors are pending in automatic mode for which ActivateRecoverMode is in effect SetSubstituteOutput = TRUE ActivateRecoverMode = TRUE The values at the outputs for heating and cooling resulting from the substitute output value are the result of the configured out put scaling (structures Config.Output.Heat and Config.Out put.Cool). For controllers with activated cooling output (Config.Activate Cooling = TRUE), define: a positive substitute output value to output the value at the outputs for heating a negative substitute output value to output the value at the outputs for cooling The permitted value range is determined by the configuration. Cooling output deactivated (Config.ActivateCooling = FALSE): Config.Output.Heat.PidUpperLimit SubstituteOutput Config.Output.Heat.PidLowerLimit Cooling output activated (Config.ActivateCooling = TRUE): Config.Output.Heat.PidUpperLimit SubstituteOutput Config.Output.Cool.PidLowerLimit PidOutputSum REAL 0.0 PID output value PidOutputSum displays the output value of the PID algorithm. Depending on the operating mode, it is either calculated auto matically or defined by the manual value or the configured sub stitute output value. The values at the outputs for heating and cooling resulting from the PID output value are the result of the configured output scaling (structures Config.Output.Heat and Config.Out put.Cool). The PidOutputSum is limited as defined in the configuration. Cooling output deactivated (Config.ActivateCooling = FALSE): Config.Output.Heat.PidUpperLimit PidOutputSum Config.Output.Heat.PidLowerLimit Cooling output activated (ConfigActivateCooling = TRUE): Config.Output.Heat.PidUpperLimit PidOutputSum Config.Output.Cool.PidLowerLimit WinCC Advanced V14 System Manual, 10/2016 4129 Programming the PLC 11.4 Instructions Tag Data type Default Description PidOutputOffsetHeat REAL 0.0 Offset of the PID output value heating PidOutputOffsetHeat is added to the value that results from PidOutputSum for the heating branch. Enter a positive value for PidOutputOffsetHeat to receive a positive offset at the out puts for heating. The resulting values at the outputs for heating are the result of the configured output scaling (Config.Output.Heat structure). This offset can be used for actuators which need a fixed mini mum value, for example, fans with minimum speed. PidOutputOffsetCool REAL 0.0 Offset of the PID output value cooling PidOutputOffsetCool is added to the value that results from PidOutputSum for the cooling branch. Enter a negative value for PidOutputOffsetCool to receive a positive offset at the out puts for cooling. The resulting values at the outputs for cooling are the result of the configured output scaling ( Config.Output.Cool structure). This offset can be used for actuators which need a fixed mini mum value, for example, fans with minimum speed. SubstituteSetpointOn BOOL FALSE Activates the substitute setpoint as controller setpoint. FALSE = the Setpoint parameter is used. TRUE = the SubstituteSetpoint parameter is used as setpoint SubstituteSetpointOn can be used to specify the setpoint of a slave controller in a cascade directly without having to change the user program. SubstituteSetpoint REAL 0.0 Substitute setpoint If SubstituteSetpointOn = TRUE, the SubstituteSetpoint pa rameter is used as setpoint. Valid range of values: Config.SetpointUpperLimit SubstituteSetpoint Config.Set pointLowerLimit, Config.InputUpperLimit SubstituteSet point Config.InputLowerLimit DisableCooling BOOL FALSE DisableCooling = TRUE deactivates the cooling branch for heating/cooling controllers (Config.ActivateCooling = TRUE) in Automatic mode by setting PidOutputSum to 0.0 as low limit. PidOutputOffsetCool and the output scaling for the cooling out puts remain active. DisableCooling can be used for tuning of multi-zone applica tions to temporarily deactivate the cooling branch as long as all controllers have not completed their tuning yet. This parameter is set/reset by the user manually and is not automatically reset by the PID_Temp instruction. 4130 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description AllSlaveAutomaticState BOOL FALSE If this PID_Temp instance is used as master controller in a cascade (Config.Cascade.IsMaster = TRUE), AllSlaveAutoma ticState = TRUE indicates that all slave controllers are in auto matic mode. Tuning, manual mode or automatic mode of the master con troller can only be executed accurately if all slave controllers are in automatic mode. AllSlaveAutomaticState is only determined if you interconnect the master controller and slave controller with the Master and Slave parameters. For details, see the Master parameter. NoSlaveSubstituteSetpoint BOOL FALSE If this PID_Temp instance is used as master controller in a cascade (Config.Cascade.IsMaster = TRUE), NoSlaveSubsti tuteSetpoint = TRUE indicates that no slave controller has ac tivated its substitute setpoint. Tuning, manual mode or automatic mode of the master con troller can only be executed accurately if no slave controller has activated its substitute setpoint. NoSlaveSubstituteSetpoint is only determined if you intercon nect the master controller and slave controller with the Master and Slave parameters. For details, see the Master parameter. Heat.EnableTuning BOOL TRUE Enabling of tuning for heating Heat.EnableTuning must be set for the following tunings (at the same time or prior to the start with Mode and ModeActivate): Pretuning heating Pretuning heating and cooling Fine tuning heating This parameter is not automatically reset by the PID_Temp instruction. Cool.EnableTuning BOOL FALSE Enabling of tuning for cooling Cool.EnableTuning must be set for the following tunings (si multaneously with or prior to the start with Mode and ModeAc tivate): Pretuning cooling Pretuning heating and cooling Fine tuning cooling Only effective if the cooling output and PID parameter switch ing are activated ("Config.ActivateCooling" = TRUE and "Con fig.AdvancedCooling" = TRUE). This parameter is not automatically reset by the PID_Temp instruction. Config.InputPerOn WinCC Advanced V14 System Manual, 10/2016 BOOL TRUE If InputPerOn = TRUE, the Input_PER parameter is used for detecting the process value. If InputPerOn = FALSE, the Input parameter is used. 4131 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.InputUpperLimit REAL 120.0 High limit of the process value Input and Input_PER are monitored to ensure adherence to this limit. If the limit is exceeded, an error is output and the reaction is determined by ActivateRecoverMode. At the I/O input, the process value can be a maximum of 18% higher than the nominal range (overrange). This means the limit cannot be exceeded when you use an I/O input with the pre-setting for high limit and process value scaling. When pretuning is started, the difference between high and low limit of the process value is checked to determine whether the distance between setpoint and process value meets the nec essary requirements. InputUpperLimit > InputLowerLimit Config.InputLowerLimit REAL 0.0 Low limit of the process value Input and Input_PER are monitored to ensure adherence to this limit. If the limit is undershot, an error is output and the reaction is determined by ActivateRecoverMode. InputLowerLimit < InputUpperLimit Config.InputUpperWarning REAL 3.402822e +38 Warning high limit of the process value Input and Input_PER are monitored to ensure adherence to this limit. If the limit is exceeded, a warning is output at the Warning parameter. If you set InputUpperWarning outside the process value limits, the configured absolute process value high limit is used as the warning high limit. If you configure InputUpperWarning within the process value limits, this value is used as the warning high limit. InputUpperWarning > InputLowerWarning Config.InputLowerWarning REAL -3.402822e +38 Warning low limit of the process value Input and Input_PER are monitored to ensure adherence to this limit. If the limit is undershot, a warning is output at the Warning parameter. If you set InputLowerWarning outside the process value limits, the configured absolute process value low limit is used as the warning low limit. If you configure InputLowerWarning within the process value limits, this value is used as the warning low limit. InputLowerWarning < InputUpperWarning 4132 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.SetpointUpperLimit REAL 3.402822e +38 High limit of setpoint Setpoint and SubstituteSetpoint are monitored to ensure ad herence to this limit. If the limit is exceeded, a warning is output at the Warning parameter. If you configure SetpointUpperLimit outside the process value limits, the configured absolute process value high limit is used as the setpoint high limit. If you configure SetpointUpperLimit within the process value limits, this value is used as the setpoint high limit. SetpointUpperLimit > SetpointLowerLimit Config.SetpointLowerLimit REAL -3.402822e +38 Low limit of the setpoint Setpoint and SubstituteSetpoint are monitored to ensure ad herence to this limit. If the limit is undershot, a warning is output at the Warning parameter. If you set SetpointLowerLimit outside the process value limits, the configured process value absolute low limit is used as the setpoint low limit. If you configure SetpointLowerLimit within the process value limits, this value is used as the setpoint low limit. SetpointLowerLimit < SetpointUpperLimit Config.ActivateCooling BOOL FALSE Activate cooling output Config.ActivateCooling = FALSE Only the outputs for heating are used. Config.ActivateCooling = TRUE The outputs for heating and cooling are used. If you are using the cooling output, the controller must not be configured as master controller (Config.Cascade.IsMaster must be FALSE) . WinCC Advanced V14 System Manual, 10/2016 4133 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.AdvancedCooling BOOL TRUE Method for heating/cooling Cooling factor (Config.AdvancedCooling = FALSE) The output value calculation for cooling takes place with the PID parameters for heating (Retain.CtrlParams.Heat structure) taking into consideration the configurable cooling factor Config.CoolFactor. This method is suitable if the heating and cooling actuators have a similar time response but different gains. Pretuning and fine tuning for cooling are not available when you select this method. You can only execute the tuning for heating. PID parameter switching (Config.AdvancedCooling = TRUE) The output value calculation for cooling takes place by means of a separate PID parameter set (Retain.CtrlParams.Cool structure). This method is suitable if the heating and cooling actuator have different time responses and different gains. Pretuning and fine tuning for cooling are only available when you select this method (Mode = 1 or 2, Cool.EnableTuning = TRUE). Config.AdvancedCooling is only calculated if the cooling output is activated (Config.ActivateCooling = TRUE). Config.CoolFactor REAL 1.0 Cooling factor If Config.AdvancedCooling = FALSE, Config.CoolFactor is considered as factor in the calculation of the output value for cooling. This allows different gains of heating and cooling ac tuators to be taken into account. Config.CoolFactor is not set automatically or adjusted during tuning. You must correctly configure Config.CoolFactor man ually with the ratio "heating actuator gain/cooling actuator gain". Example: Config.CoolFactor = 2.0 means that the gain of the heating actuator is twice as high as the gain of the cooling actuator. Config.CoolFactor is only effective if the cooling output is acti vated (Config.ActivateCooling = TRUE) and cooling factor is selected as method for heating/cooling (Config.AdvancedCool ing = FALSE). Config.CoolFactor > 0.0 Config.InputScaling.UpperPointIn REAL 27648.0 Scaling Input_PER high Input_PER is scaled based on the two value pairs UpperPoint Out, UpperPointIn and LowerPointOut, LowerPointIn. Only effective if Input_PER is used for process value detection (Config.InputPerOn = TRUE). UpperPointIn > LowerPointIn 4134 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.InputScaling.LowerPointIn REAL 0.0 Scaling Input_PER low Input_PER is scaled based on the two value pairs UpperPoint Out, UpperPointIn and LowerPointOut, LowerPointIn. Only effective if Input_PER is used for process value detection (Config.InputPerOn = TRUE). LowerPointIn < UpperPointIn Config.InputScaling.UpperPoint Out REAL 100.0 Scaled high process value Input_PER is scaled based on the two value pairs UpperPoint Out, UpperPointIn and LowerPointOut, LowerPointIn. Only effective if Input_PER is used for process value detection (Config.InputPerOn = TRUE). UpperPointOut > LowerPointOut Config.InputScaling.LowerPoint Out REAL 0.0 Scaled low process value Input_PER is scaled based on the two value pairs UpperPoint Out, UpperPointIn and LowerPointOut, LowerPointIn. Only effective if Input_PER is used for process value detection (Config.InputPerOn = TRUE). LowerPointOut < UpperPointOut Config.Output.Heat.Select INT 1 Selecting the output value for heating Config.Output.Heat.Select specifies which outputs are used for heating: Heat.Select = 0 - OutputHeat is used Heat.Select = 1 - OutputHeat and OutputHeat_PWM are used Heat.Select = 2 -OutputHeat and OutputHeat_PER are used Outputs that are not used are not calculated and remain at their default value. WinCC Advanced V14 System Manual, 10/2016 4135 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Heat.PwmPeriode REAL 0.0 Period duration of the pulse width modulation (PWM) for heat ing (OutputHeat_PWM output) in seconds: Heat.PwmPeriode = 0.0 The sampling time of the PID algorithm for heating (Retain.CtrlParams.Heat.Cycle) is used as period duration of the PWM. Heat.PwmPeriode > 0.0 The value is rounded off to an integer multiple of the PID_Temp sampling time (CycleTime.Value) and used as period duration of the PWM. This setting can be used to improve the smoothing of the process value with a long sampling time of the PID algorithm. The value must meet the following conditions: Config.Output.Heat.PidUpperLimit REAL 100.0 - Heat.PwmPeriode Retain.CtrlParams.Heat.Cycle, - Heat.PwmPeriode > Config.Output.Heat.MinimumOnTime - Heat.PwmPeriode > Config.Output.Heat.MinimumOffTime High limit of the PID output value for heating The PID output value (PidOutputSum) is limited to the high limit. Heat.PidUpperLimit forms a value pair together with the follow ing parameters for scaling of the PID output value (PidOutput Sum) to the outputs for heating: Heat.UpperScaling for OutputHeat Heat.PwmUpperScaling for OutputHeat_PWM Heat.PerUpperScaling for OutputHeat_PER If you want to limit the value at the associated output, you must also adjust these scaling values. Heat.PidUpperLimit > Heat.PidLowerLimit 4136 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Heat.PidLowerLimit REAL 0.0 Low limit of the PID output value for heating For controllers with deactivated cooling output (Config.Activa teCooling = FALSE), the PID output value (PidOutputSum) is limited to this low limit. For controllers with activated cooling output (Config.Activate Cooling = TRUE), the value must be 0.0. Heat.PidLowerLimit forms a value pair together with the follow ing parameters for scaling of the PID output value (PidOutput Sum) to the outputs for heating: Heat.LowerScaling for OutputHeat Heat.PwmLowerScaling for OutputHeat_PWM Heat.PerLowerScaling for OutputHeat_PER If you want to limit the value at the associated output, you must also adjust these scaling values. The permitted value range is determined by the configuration. Cooling output deactivated (Config.ActivateCooling = FALSE): Heat.PidLowerLimit < Heat.PidUpperLimit Cooling output activated (Config.ActivateCooling = TRUE): Heat.PidLowerLimit = 0.0 Config.Output.Heat.UpperScaling REAL 100.0 Scaled high output value for heating Heat.UpperScaling and Heat.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the out put value for heating (OutputHeat). The OutputHeat value is always located between Heat.Upper Scaling and Heat.LowerScaling. Heat.UpperScaling Heat.LowerScaling Config.Output.Heat.LowerScaling REAL 0.0 Scaled low output value for heating Heat.LowerScaling and Heat.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the out put value for heating (OutputHeat). The OutputHeat value is always located between Heat.Upper Scaling and Heat.LowerScaling. Heat.UpperScaling Heat.LowerScaling Config.Output.Heat.PwmUp perScaling REAL 100.0 Scaled high PWM output value for heating Heat.PwmUpperScaling and Heat.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the pulse-width modulated output value for heating (Outpu tHeat_PWM). The OutputHeat_PWM value is always located between Heat.PwmUpperScaling and Heat.PWMLowerScaling. Heat.PwmUpperScaling is only effective if OutputHeat_PWM is selected as output for heating (Heat.Select = 1) 100.0 Heat.PwmUpperScaling 0.0 Heat.PwmUpperScaling Heat.PwmLowerScaling WinCC Advanced V14 System Manual, 10/2016 4137 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Heat.PwmLo werScaling REAL 0.0 Scaled low PWM output value for heating Heat.PwmLowerScaling and Heat.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the pulse-width modulated output value for heating (Outpu tHeat_PWM). The OutputHeat_PWM value is always located between Heat.PwmUpperScaling and Heat.PwmLowerScaling. Heat.PwmLowerScaling is only effective if OutputHeat_PWM is selected as output for heating (Heat.Select = 1) 100.0 Heat.PwmLowerScaling 0.0 Heat.PwmUpperScaling Heat.PwmLowerScaling Config.Output.Heat.PerUp perScaling REAL 27648.0 Scaled high analog output value for heating Heat.PerUpperScaling and Heat.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the analog output value for heating (OutputHeat_PER). The OutputHeat_PER value is always located between Heat.PerUpperScaling and Heat.PerLowerScaling. Heat.PerUpperScaling is only effective if OutputHeat_PER is selected as output for heating (Heat.Select = 2) 32511.0 Heat.PerUpperScaling -32512.0 Heat.PerUpperScaling Heat.PerLowerScaling Config.Output.Heat.PerLo werScaling REAL 0.0 Scaled low analog output value for heating Heat.PerLowerScaling and Heat.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the analog output value for heating (OutputHeat_PER). The OutputHeat_PER value is always located between Heat.PerUpperScaling and Heat.PerLowerScaling. Heat.PerLowerScaling is only effective if OutputHeat_PER is selected as output for heating (Heat.Select = 2) 32511.0 Heat.PerLowerScaling -32512.0 Heat.PerUpperScaling Heat.PerLowerScaling Config.Output.Heat.MinimumOn Time REAL 0.0 Minimum on time of the pulse width modulation for heating (OutputHeat_PWM output) A PWM pulse is never shorter than this value. The value is rounded off to: Heat.MinimumOnTime = n x CycleTime.Value Heat.MinimumOnTime is only effective if the output for heating OutputHeat_PWM is selected (Heat.Select = 1)". 100000.0 Heat.MinimumOnTime 0.0 4138 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Heat.MinimumOff Time REAL 0.0 Minimum off time of the pulse width modulation for heating (OutputHeat_PWM output) A PWM pause is never shorter than this value. The value is rounded off to: Heat.MinimumOffTime = n x CycleTime.Value Heat.MinimumOffTime is only effective if the output for heating OutputHeat_PWM is selected (Heat.Select = 1)". 100000.0 Heat.MinimumOffTime 0.0 Config.Output.Cool.Select INT 1 Selecting the output value for cooling Config.Output.Cool.Select specifies which outputs are used for cooling: Cool.Select = 0 - OutputCool is used Cool.Select = 1 -OutputCool and OutputCool_PWM are used Cool.Select = 2 - OutputCool and OutputCool_PER are used Outputs that are not used are not calculated and remain at their default value. Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). WinCC Advanced V14 System Manual, 10/2016 4139 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Cool.PwmPeriode REAL 0.0 Period duration of the pulse width modulation for cooling (Out putCool_PWM output) in seconds: Cool.PwmPeriode = 0.0 and Config.AdvancedCooling = FALSE: sampling time of the PID algorithm for heating (Retain.CtrlParams.Heat.Cycle) is used as period duration of the PWM. Cool.PwmPeriode = 0.0 and Config.AdvancedCooling = TRUE: The sampling time of the PID algorithm for cooling (Retain.CtrlParams.Cool.Cycle) is used as period duration of the PWM. Cool.PwmPeriode > 0.0: The value is rounded off to an integer multiple of the PID_Temp sampling time (CycleTime.Value) and used as period duration of the PWM. This setting can be used to improve the smoothing of the process value with a long sampling time of the PID algorithm. The value must meet the following conditions: - Cool.PwmPeriode Retain.CtrlParams.Cool.Cycle or Retain.CtrlParams.Heat.Cycle - Cool.PwmPeriode > Config.Output.Cool.MinimumOnTime - Cool.PwmPeriode > Config.Output.Cool.MinimumOffTime Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). Config.Output.Cool.PidUpperLimit REAL 0.0 High limit of the PID output value for cooling The value must be 0.0. Cool.PidUpperLimit forms a value pair together with the follow ing parameters for scaling of the PID output value (PidOutput Sum) to the outputs for cooling: Cool.LowerScaling for OutputCool Cool.PwmLowerScaling for OutputCool_PWM Cool.PerLowerScaling for OutputCool_PER If you want to limit the value at the associated output, you must also adjust these scaling values. Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). Cool.PidUpperLimit = 0.0 4140 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Cool.PidLowerLimit REAL -100.0 Low limit of the PID output value for cooling For controllers with activated cooling output (Config.Activate Cooling = TRUE), the PID output value (PidOutputSum) is limi ted to this low limit. Cool.PidLowerLimit forms a value pair together with the follow ing parameters for scaling of the PID output value (PidOutput Sum) to the outputs for cooling: Cool.UpperScaling for OutputCool Cool.PwmUpperScaling for OutputCool_PWM Cool.PerUpperScaling for OutputCool_PER If you want to limit the value at the associated output, you must also adjust these scaling values. Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). Cool.PidLowerLimit < Cool.PidUpperLimit Config.Output.Cool.UpperScaling REAL 100.0 Scaled high output value for cooling Cool.UpperScaling and Cool.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the out put value for cooling (OutputCool). The OutputCool value is always located between Cool.Upper Scaling and Cool.LowerScaling. Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). Cool.UpperScaling Cool.LowerScaling Config.Output.Cool.LowerScaling REAL 0.0 Scaled low output value for cooling Cool.LowerScaling and Cool.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the out put value for cooling (OutputCool). The OutputCool value is always located between Cool.Upper Scaling and Cool.LowerScaling. Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). Cool.UpperScaling Cool.LowerScaling Config.Output.Cool.PwmUp perScaling REAL 100.0 Scaled high PWM output value for cooling Cool.PwmUpperScaling and Cool.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the pulse-width modulated output value for cooling (Output Cool_PWM). The OutputCool_PWM value is always located between Cool.PwmUpperScaling and Cool.PwmLowerScaling. Cool.PwmUpperScaling is only effective if the cooling output is activated (Config.ActivateCooling = TRUE) and Output Cool_PWM is selected as output for cooling (Cool.Select = 1). 100.0 Cool.PwmUpperScaling 0.0 Cool.PwmUpperScaling Cool.PwmLowerScaling WinCC Advanced V14 System Manual, 10/2016 4141 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Cool.PwmLo werScaling REAL 0.0 Scaled low PWM output value for cooling Cool.PwmLowerScaling and Cool.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the pulse-width modulated output value for cooling (Output Cool_PWM). The OutputCool_PWM value is always located between Cool.PwmUpperScaling and CoolPwm.LowerScaling. Cool.PwmLowerScaling is only effective if the cooling output is activated (Config.ActivateCooling = TRUE) and Output Cool_PWM is selected as output for cooling (Cool.Select = 1). 100.0 Cool.PwmLowerScaling 0.0 Cool.PwmUpperScaling Cool.PwmLowerScaling Config.Output.Cool.PerUp perScaling REAL 27648.0 Scaled high analog output value for cooling Cool.PerUpperScaling and Cool.PidLowerLimit form a value pair for scaling of the PID output value (PidOutputSum) to the analog output value for cooling (OutputCool_PER). The OutputCool_PER value is always located between Cool.PerUpperScaling and Cool.PerLowerScaling. Cool.PerUpperScaling is only effective if the cooling output is activated (Config.ActivateCooling = TRUE) and Output Cool_PER is selected as output for cooling (Cool.Select = 2). 32511.0 Cool.PerUpperScaling -32512.0 Cool.PerUpperScaling Cool.PerLowerScaling Config.Output.Cool.PerLo werScaling REAL 0.0 Scaled low analog output value for cooling Cool.PerLowerScaling and Cool.PidUpperLimit form a value pair for scaling of the PID output value (PidOutputSum) to the analog output value for cooling (OutputCool_PER). The OutputCool_PER value is always located between Cool.PerUpperScaling and Cool.PerLowerScaling. Cool.PerLowerScaling is only effective if the cooling output is activated (Config.ActivateCooling = TRUE) and Output Cool_PER is selected as output for cooling (Cool.Select = 2). 32511.0 Cool.PerLowerScaling -32512.0 Cool.PerUpperScaling Cool.PerLowerScaling Config.Output.Cool.MinimumOn Time REAL 0.0 Minimum on time of the pulse width modulation for cooling (OutputCool_PWM output) A PWM pulse is never shorter than this value. The value is rounded off to: Cool.MinimumOnTime = n x CycleTime.Value Cool.MinimumOnTime is only effective if the output for cooling OutputCool_PWM is selected (Cool.Select = 1). Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). 100000.0 Cool.MinimumOnTime 0.0 4142 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Output.Cool.MinimumOff Time REAL 0.0 Minimum off time of the pulse width modulation for cooling (OutputCool_PWM output) A PWM pause is never shorter than this value. The value is rounded off to: Cool.MinimumOffTime = n x CycleTime.Value Cool.MinimumOffTime is only effective if the output for cooling OutputCool_PWM is selected (Cool.Select = 1). Only effective if the cooling output is activated (Config.Activa teCooling = TRUE). 100000.0 Cool.MinimumOffTime 0.0 If you are using PID_Temp in a cascade, the master controller and slave controller exchange information via the Master and Slave parameters. You need to make the interconnection. For details, see the Master parameter. Config.Cascade.IsMaster BOOL FALSE The controller is master in a cascade and provides the slave setpoint. Set IsMaster = TRUE if you are using this PID_Temp instance as master controller in a cascade. A master controller defines the setpoint of a slave controller with its output. A PID_Temp instance can be master controller and slave controller at the same time. If the controller is used as master controller, the cooling output must be deactivated (Config.ActivateCooling = FALSE). Config.Cascade.IsSlave BOOL FALSE The controller is slave in a cascade and receives its setpoint from the master. Set IsSlave = TRUE if you are using this PID_Temp instance as slave controller in a cascade. A slave controller receives its setpoint (Setpoint parameter) from the output of its master controller (OutputHeat parame ter). A PID_Temp instance can be master controller and slave controller at the same time. Config.Cascade.AntiWindUpMode INT 1 Anti-windup behavior in the cascade Options are: Anti-windup = 0 The AntiWindUp functionality is deactivated. The master controller does not respond to the limit of its slave controllers. Anti-windup = 1 The integral action of the master controller is reduced in the ratio "Slaves in limit" to "Number of slaves" ("CountSlaves" parameter). This reduces the effects of the limitation on the control behavior. Anti-windup = 2 The integral action of the master controller is held as soon as a slave controller is in the limit. Only effective if the controller is configured as master controller (Config.Cascade.IsMaster = TRUE). WinCC Advanced V14 System Manual, 10/2016 4143 Programming the PLC 11.4 Instructions Tag Data type Default Description Config.Cascade.CountSlaves INT 1 Number of subordinate slaves Here you enter the number of directly subordinate slave con trollers which receive their setpoint from this master controller. Only effective if the controller is configured as master controller (Config.Cascade.IsMaster = TRUE). 255 CountSlaves 1 CycleTime.StartEstimation BOOL TRUE If CycleTime.EnEstimation = TRUE, CycleTime.StartEstima tion = TRUE starts automatic determination of the PID_Temp sampling time (cycle time of the calling OB). CycleTime.StartEstimation = FALSE is set once measurement is complete. CycleTime.EnEstimation BOOL TRUE If CycleTime.EnEstimation = TRUE, the PID_Temp sampling time is determined automatically. If CycleTime.EnEstimation = FALSE, the sampling time PID_Temp is not determined automatically and must be con figured correctly manually with CycleTime.Value. CycleTime.EnMonitoring BOOL TRUE If CycleTime.EnMonitoring = FALSE, the PID_Temp sampling time is not monitored. If PID_Temp cannot be executed within the sampling time, no error (ErrorBits=0000800h) is output and PID_Temp does not respond as configured with ActivateReco verMode. CycleTime.Value REAL 0.1 PID_Temp sampling time (cycle time of the calling OB) in sec onds CycleTime.Value is determined automatically and is usually equivalent to the cycle time of the calling OB. You can reload values from the CtrlParamsBackUp structure with LoadBackUp = TRUE. CtrlParamsBackUp.SetByUser BOOL FALSE Saved value of Retain.CtrlParams.SetByUser CtrlParamsBackUp.Heat.Gain REAL 1.0 Saved proportional gain for heating CtrlParamsBackUp.Heat.Ti REAL 20.0 Saved integral action time for heating in seconds CtrlParamsBackUp.Heat.Td REAL 0.0 Saved derivative action time for heating in seconds CtrlParamsBackUp.Heat.TdFiltRa REAL tio 0.2 Saved derivative delay coefficient for heating CtrlParamsBackUp.Heat.PWeight REAL ing 1.0 Saved weighting of the proportional action for heating CtrlParamsBackUp.Heat.DWeight REAL ing 1.0 Saved weighting of the derivative action for heating CtrlParamsBackUp.Heat.Cycle REAL 1.0 Saved sampling time of the PID algorithm for heating in sec onds CtrlParamsBackUp.Heat.Control Zone REAL 3.402822e +38 Saved control zone width for heating CtrlParamsBackUp.Heat.Dead Zone REAL 0.0 Saved dead zone width for heating CtrlParamsBackUp.Cool.Gain REAL 1.0 Saved proportional gain for cooling CtrlParamsBackUp.Cool.Ti REAL 20.0 Saved integral action time for cooling in seconds CtrlParamsBackUp.Cool.Td REAL 0.0 Saved derivative action time for cooling in seconds CtrlParamsBackUp.Cool.TdFiltRa REAL tio 0.2 Saved derivative delay coefficient for cooling 4144 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description CtrlParamsBackUp.Cool.PWeight REAL ing 1.0 Saved proportional action weighting factor for cooling CtrlParamsBackUp.Cool.DWeight REAL ing 1.0 Saved derivative action weighting factor for cooling CtrlParamsBackUp.Cool.Cycle REAL 1.0 Saved sampling time of the PID algorithm for cooling in sec onds CtrlParamsBackUp.Cool.Control Zone REAL 3.402822e +38 Saved control zone width for cooling CtrlParamsBackUp.Cool.Dead Zone REAL 0.0 Saved dead zone width for cooling PIDSelfTune.SUT.CalculatePar amsHeat BOOL FALSE The properties of the heating branch of the controlled system are saved during pretuning for heating. If SUT.CalculatePar amsHeat = TRUE, the PID parameters for heating (Re tain.CtrlParams.Heat structure) are recalculated on the basis of these properties. This enables you to change the parameter calculation method (PIDSelfTune.SUT.TuneRuleHeat param eter) without having to repeat the tuning. SUT.CalculateParamsHeat is set to FALSE after the calcula tion. Only possible if the pretuning was successful (SUT.ProcPar HeatOk = TRUE). PIDSelfTune.SUT.CalculatePar amsCool BOOL FALSE The properties of the cooling branch of the controlled system are saved during tuning for cooling. If SUT.CalculateParams Cool = TRUE, the PID parameters for cooling (Retain.CtrlPar ams.Cool structure) are recalculated on the basis of these properties. This enables you to change the parameter calcula tion method (PIDSelfTune.SUT.TuneRuleCool parameter) without having to repeat the tuning. SUT.CalculateParamsCool is set to FALSE after the calcula tion. Only possible if the pretuning was successful (SUT.ProcPar CoolOk = TRUE). Only effective if Config.ActivateCooling = TRUE and Config.Ad vancedCooling = TRUE. PIDSelfTune.SUT.TuneRuleHeat INT 2 Method for PID parameter calculation with pretuning for heat ing Options are: SUT.TuneRuleHeat = 0: PID according to CHR SUT.TuneRuleHeat = 1: PI according to CHR SUT.TuneRuleHeat = 2: PID for temperature processes according to CHR (results in a slower and rather asymptomatic control response with lower overshoot than SUT.TuneRuleHeat = 0) (CHR = Chien, Hrones and Reswick) Only with SUT.TuneRuleHeat = 2 is the control zone Re tain.CtrlParams.Heat.ControlZone automatically set during pretuning for heating. WinCC Advanced V14 System Manual, 10/2016 4145 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.SUT.TuneRuleCool INT 2 Method for PID parameter calculation with pretuning for cooling Options are: SUT.TuneRuleCool = 0: PID according to CHR SUT.TuneRuleCool = 1: PI according to CHR SUT.TuneRuleCool = 2: PID for temperature processes according to CHR (results in a slower and rather asymptomatic control response with lower overshoot than SUT.TuneRuleCool = 0) (CHR = Chien, Hrones and Reswick) Only with SUT.TuneRuleCool = 2 is the control zone Re tain.CtrlParams.Cool.ControlZone automatically set during pretuning for cooling. SUT.TuneRuleCool is only effective if the cooling output and PID parameter switching are activated (Config.ActivateCooling = TRUE, Config.AdvancedCooling = TRUE). PIDSelfTune.SUT.State INT 0 The SUT.State tag indicates the current phase of pretuning: State = 0: Initialize pretuning State = 100: Calculate standard deviation for heating State = 200: Calculate standard deviation for cooling State = 300: Determine point of inflection for heating State = 400: Determine point of inflection for cooling State = 500: Set heating to setpoint after reaching point of inflection State = 600: Set cooling to setpoint after reaching point of inflection State = 700: Compare efficiency of the heating actuator and cooling actuator State = 800: Heating and cooling activated State = 900: Cooling activated State = 1000: Determine delay time after switching off heating State = 9900: Pretuning successful State = 1: Pretuning not successful PIDSelfTune.SUT.ProcParHeatOk BOOL FALSE TRUE: The calculation of the process parameters for pretuning heating was successful. This tag is set during tuning. It must be TRUE for calculation of the PID parameters for heat ing. PIDSelfTune.SUT.ProcParCoolOk BOOL FALSE TRUE: The calculation of the process parameters for pretuning cooling was successful. This tag is set during tuning. It must be TRUE for calculation of the PID parameters for cool ing. 4146 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.SUT.AdaptDelay Time INT 0 The AdaptDelayTime tag determines the adaptation of the de lay time for heating at the operating point (for "Pretuning heat ing" and "Pretuning heating and cooling"). Options are: SUT.AdaptDelayTime = 0: No adaptation of delay time. The SUT.State = 1000 phase is skipped. This option results in a shorter tuning time than with SUT.AdaptDelayTime = 1. SUT.AdaptDelayTime = 1: Adaptation of the delay time to the setpoint in SUT.State = 1000 phase by switching off heating temporarily. This option results in a longer tuning time than withSUT.AdaptDelayTime = 0. It can improve the control response if the process behavior depends significantly on the operating point (non-linearity). This option should not be used for multi-zone applications with strong thermal connections. PIDSelfTune.SUT.CoolingMode INT 0 The CoolingMode tag determines the manipulated variable output to determine the cooling parameters (for pretuning heat ing and cooling). Options are: SUT.CoolingMode = 0: Switch off heating and switch on cooling after reaching the setpoint. The SUT.State = 700 phase is skipped. Phase SUT.State = 500 is followed by phase SUT.State = 900. This option can improve the control response if the gain of the cooling actuator is low compared to the gain of the heating actuator. It results in a shorter tuning time than with SUT.CoolingMode = 1 or 2. SUT.CoolingMode = 1: Switch on cooling in addition to heating after reaching the setpoint. The SUT.State = 700 phase is skipped. Phase SUT.State = 500 is followed by phase SUT.State = 800. This option can improve the control response if the gain of the cooling actuator is high compared to the gain of the heating actuator. SUT.CoolingMode = 2: After heating up to the setpoint, a decision is automatically made in phase SUT.State = 700 as to whether heating is switched off. Phase SUT.State = 500 is followed by phase SUT.State = 700 and then SUT.State = 800 or SUT.State = 900. This option requires more time than options 0 and 1. WinCC Advanced V14 System Manual, 10/2016 4147 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.RunIn BOOL FALSE Use the RunIn tag to specify the sequence of fine tuning during start from automatic mode. RunIn = FALSE If fine tuning is started from automatic mode, the system uses the existing PID parameters to control to the setpoint (TIR.State = 500 or 600). Only then will fine tuning start. RunIn = TRUE PID_Temp tries to reach the setpoint with minimum or maximum output value (TIR.State = 300 or 400). This can produce increased overshoot. Fine tuning then starts automatically. RunIn is set to FALSE after fine tuning. During start of fine tuning from Inactive or Manual mode, PID_Temp reacts as described under RunIn = TRUE. PIDSelfTune.TIR.CalculateParam BOOL sHeat FALSE The properties of the heating branch of the controlled system are saved during fine tuning for heating. If TIR.CalculatePar amsHeat= TRUE, the PID parameters for heating (Re tain.CtrlParams.Heat structure) are recalculated on the basis of these properties. This enables you to change the parameter calculation method (PIDSelfTune.TIR.TuneRuleHeat parame ter) without having to repeat the tuning. TIR.CalculateParamsHeat is set to FALSE after the calculation. Only possible if fine tuning heating was successful beforehand (TIR.ProcParHeatOk = TRUE). PIDSelfTune.TIR.CalculatePar amsCool BOOL FALSE The properties of the cooling branch of the controlled system are saved during fine tuning for cooling. If TIR.CalculatePar amsCool= TRUE, the PID parameters for cooling (Re tain.CtrlParams.Cool structure) are recalculated on the basis of these properties. This enables you to change the parameter calculation method (PIDSelfTune.TIR.TuneRuleCool parame ter) without having to repeat the tuning. TIR.CalculateParamsCool is set to FALSE after the calculation. Only possible if fine tuning cooling was successful beforehand (TIR.ProcParCoolOk = TRUE). Only effective if Config.ActivateCooling = TRUE and Config.Ad vancedCooling = TRUE 4148 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.TuneRuleHeat INT 0 Method for parameter calculation during fine tuning for heating Options are: TIR.TuneRuleHeat = 0: PID automatic TIR.TuneRuleHeat = 1: PID fast (faster control response with higher amplitudes of the output value than with TIR.TuneRuleHeat = 2) TIR.TuneRuleHeat = 2: PID slow (slower control response with lower amplitudes of the output value than with TIR.TuneRuleHeat = 1) TIR.TuneRuleHeat = 3: ZN PID TIR.TuneRuleHeat = 4: ZN PI TIR.TuneRuleHeat = 5: ZN P (ZN=Ziegler-Nichols) To be able to repeat the calculation of the PID parameters for heating with TIR.CalculateParamsHeat and TIR.TuneRule Heat = 0, 1 or 2, the previous fine tuning also has to have been executed with TIR.TuneRuleHeat = 0, 1 or 2. If this is not the case, TIR.TuneRuleHeat = 3 is used. The recalculation of the PID parameters for heating with TIR.CalculateParamsHeat and TIR.TuneRuleHeat = 3, 4 or 5 is always possible. PIDSelfTune.TIR.TuneRuleCool INT 0 Method for parameter calculation during fine tuning for cooling Options are: TIR.TuneRuleCool = 0: PID automatic TIR.TuneRuleCool = 1: PID fast (faster control response with higher amplitudes of the output value than with TIR.TuneRuleCool = 2) TIR.TuneRuleCool = 2: PID slow (slower control response with lower amplitudes of the output value than with TIR.TuneRuleCool = 1) TIR.TuneRuleCool = 3: ZN PID TIR.TuneRuleCool = 4: ZN PI TIR.TuneRuleCool = 5: ZN P (ZN=Ziegler-Nichols) To be able to repeat the calculation of the PID parameters for cooling with TIR.CalculateParamsCool and TIR.TuneRuleCool = 0, 1 or 2, the previous fine tuning also has to have been executed with TIR.TuneRuleCool = 0, 1 or 2. If this is not the case, TIR.TuneRuleCool = 3 is used. The recalculation of the PID parameters for cooling with TIR.CalculateParamsCool and TIR.TuneRuleCool = 3, 4 or 5 is always possible. Only effective if the cooling output and PID parameter switch ing are activated (ConfigActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). WinCC Advanced V14 System Manual, 10/2016 4149 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.State INT 0 The TIR.State tag indicates the current phase of "fine tuning": State = 0: Initialize fine tuning State = 100: Calculate standard deviation for heating State = 200: Calculate standard deviation for cooling State = 300: Attempting to reach setpoint for heating with two-step control using heating State = 400: Attempting to reach setpoint for cooling with two-step control using cooling State = 500: Attempting to reach setpoint for heating with PID control State = 600: Attempting to reach setpoint for cooling with PID control State = 700: Calculate standard deviation for heating State = 800: Calculate standard deviation for cooling State = 900: Determine oscillation and calculate parameters for heating State = 1000: Determine oscillation and calculate parameters for cooling State = 9900: Fine tuning successful State = 1: Fine tuning not successful PIDSelfTune.TIR.ProcParHeatOk BOOL FALSE TRUE: The calculation of the process parameters for fine tun ing heating was successful. This tag is set during tuning. It must be met for calculation of the PID parameters for heating. PIDSelfTune.TIR.ProcParCoolOk BOOL FALSE TRUE: The calculation of the process parameters for fine tun ing cooling was successful. This tag is set during tuning. It must be met for calculation of the PID parameters for cooling. 4150 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.OutputOffse tHeat REAL 0.0 Tuning offset heating of the PID output value TIR.OutputOffsetHeat is added to the value that results from PidOutputSum for the heating branch. To receive a positive offset at the outputs for heating, define a positive value for TIR.OutputOffsetHeat. The resulting values at the outputs for heating are the result of the configured output scaling (Struktur Config.Output.Heat). This tuning offset can be used in controllers with activated cooling output and PID parameter switching (Config.Activate Cooling = TRUE, Config.AdvancedCooling = TRUE) for fine tuning cooling. If the outputs for cooling are not active at the setpoint that is to be tuned (PidOutputSum > 0.0), fine tuning cooling is not possible. In this case, define a positive tuning offset heating which is greater than the PID output value (Pi dOutputSum) at the setpoint in the steady state before you start tuning. This step increases the values at the outputs for heating and activates the outputs for cooling (PidOutputSum < 0.0). Fine tuning cooling is now possible. When fine tuning is complete, TIR.OutputOffsetHeat is reset to 0.0. Major changes at TIR.OutputOffsetHeat in one step can result in temporary overshoots. Config.Output.Heat.PidUpperLimit PIDSelfTune.TIR.Outpu tOffsetHeat Config.Output.Heat.PidLowerLimit PIDSelfTune.TIR.OutputOffset Cool REAL 0.0 Tuning offset cooling of the PID output value TIR.OutputOffsetCool is added to the value that results from PidOutputSum for the cooling branch. To receive a positive offset at the outputs for cooling, define a negative value for TIR.OutputOffsetCool. The resulting values at the outputs for cooling are the result of the configured output scaling (Struktur Config.Output.Coool). This tuning offset can be used in controllers with activated cooling output (Config.ActivateCooling = TRUE) for fine tuning heating. If the outputs for heating are not active at the setpoint that is to be tuned (PidOutputSum < 0.0), fine tuning heating is not possible. In this case, define a negative tuning offset cooling which is less than the PID output value (PidOutputSum) at the setpoint in the steady state before you start tuning. This step increases the values at the outputs for cooling and acti vates the outputs for heating (PidOutputSum > 0.0). Fine tun ing heating is now possible. When fine tuning is complete, TIR.OutputOffsetCool is reset to 0.0. Major changes at TIR.OutputOffsetCool in one step can result in temporary overshoots. Config.Output.Cool.PidUpperLimit PIDSelfTune.TIR.Outpu tOffsetCool Config.Output.Cool.PidLowerLimit WinCC Advanced V14 System Manual, 10/2016 4151 Programming the PLC 11.4 Instructions Tag Data type Default Description PIDSelfTune.TIR.WaitForContro lIn BOOL FALSE Waiting with fine tuning after reaching the setpoint If TIR.WaitForControlIn = TRUE, fine tuning waits in between reaching the setpoint (TIR.State = 500 or 600) and calculation of the standard deviation (TIR.State = 700 or 800) until a FALSE -> TRUE edge is given at TIR.FinishControlIn. TIR.WaitForControlIn can be used for simultaneous fine tuning of several controllers in multi-zone applications to synchronize tuning of the individual zones. It ensures that all zones have reached their setpoints before the actual tuning starts. The in fluence of thermal connections between the zones on tuning can be reduced in this way. TIR.WaitForControlIn is only effective if fine tuning is started from automatic mode with PIDSelfTune.TIR.RunIn = FALSE. PIDSelfTune.TIR.ControlInReady BOOL FALSE If TIR.WaitForControlIn = TRUE, PID_Temp sets TIR.Contro lInReady = TRUE as soon as the setpoint has been reached and waits with additional tuning steps until a FALSE -> TRUE edge is given at TIR.FinishControlIn. PIDSelfTune.TIR.FinishControlIn BOOL FALSE If TIR.ControlInReady = TRUE, a FALSE -> TRUE edge at TIR.FinishControlIn stops the wait and fine tuning resumes. PIDCtrl.IOutputOld REAL 0.0 Integral action in last cycle PIDCtrl.PIDInit BOOL FALSE PIDCtrl.PIDInit is available as of PID_Temp version 1.1. If PIDCtrl.PIDInit = TRUE in "Automatic mode", the integral action PIDCtrl.IOutputOld is pre-assigned automatically as if PidOutputSum = OverwriteInitialOutputValue in the previous cycle. This can be used for a AUTOHOTSPOT. Retain.CtrlParams.SetByUser BOOL FALSE If the PID parameters are entered manually in the configuration editor, SetByUser = TRUE. This parameter is used for display in the editors and does not influence the control algorithm. SetByUser is retentive. Retain.CtrlParams.Heat.Gain REAL 1.0 Active proportional gain for heating Heat.Gain is retentive. Heat.Gain 0.0 Retain..CtrlParams.Heat.Ti REAL 20.0 Active integral action time for heating in seconds The integral action for heating is switched off with Heat.CtrlPar ams.Ti = 0.0. Heat.Ti is retentive. 100000.0 Heat.Ti 0.0 Retain.CtrlParams.Heat.Td REAL 0.0 Active derivative action time for heating in seconds The derivative action for heating is switched off with Heat.CtrlParams.Td = 0.0. Heat.Td is retentive. 100000.0 Heat.Td 0.0 4152 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.Heat.TdFiltRa tio REAL 0.2 Active derivative delay coefficient for heating The derivative delay coefficient delays the effect of the deriva tive action. Derivative delay = derivative action time x derivative delay co efficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Heat.TdFiltRatio is retentive. Heat.TdFiltRatio 0.0 Retain.CtrlParams.Heat.PWeight ing REAL 1.0 Active weighting of the proportional action for heating The proportional action may weaken with changes to the set point. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the proc ess value is changed. Heat.PWeighting is retentive. 1.0 Heat.PWeighting 0.0 Retain.CtrlParams.Heat.DWeight ing REAL 1.0 Active weighting of the derivative action for heating The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. Heat.DWeighting is retentive. 1.0 Heat.DWeighting 0.0 Retain.CtrlParams.Heat.Cycle REAL 1.0 Active sampling time of the PID algorithm for heating in seconds CtrlParams.Heat.Cycle is calculated during tuning and roun ded to an integer multiple of CycleTime.Value. If Config.Output.Heat.PwmPeriode = 0.0, Heat.Cycle is used as period duration of the pulse width modulation for heating. If Config.Output.Cool.PwmPeriode = 0.0 and Config.Advan cedCooling = FALSE, Heat.Cycle is used as period duration of the pulse width modulation for cooling. Heat.Cycle is retentive. 100000.0 Heat.Cycle > 0.0 WinCC Advanced V14 System Manual, 10/2016 4153 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.Heat.Control Zone REAL 3.402822e +38 Active control zone width for heating The control zone for heating is switched off with Heat.Control Zone = 3.402822e+38. Heat.ControlZone is only set automatically during pretuning heating or pretuning heating and cooling if PIDSelf Tune.SUT.TuneRuleHeat = 2 is selected as method of the pa rameter calculation. For controllers with deactivated cooling output (Config.Activa teCooling = FALSE) or controllers with activated cooling output and cooling factor (Config.AdvancedCooling = FALSE), the control zone is symmetrically located between Setpoint - Heat.ControlZone and Setpoint + Heat.ControlZone. For controllers with activated cooling output and PID parameter switching (Config.ActivateCooling = TRUE, Config.Advanced Cooling = TRUE), the control zone is located between Setpoint - Heat.ControlZone and Setpoint + Cool.ControlZone. Heat.ControlZone is retentive. Heat.ControlZone > 0.0 Retain.CtrlParams.Heat.Dead Zone REAL 0.0 Active dead zone width for heating (see PID parameters (Page 6571)) The dead zone for heating is switched off with Heat.DeadZone = 0.0. Heat.DeadZone is not set automatically or adjusted during tun ing. You must correctly configure Heat.DeadZone manually. When the dead zone is switched on, the result can be a per manent control deviation (deviation between setpoint and proc ess value). This can have a negative effect on fine tuning. For controllers with deactivated cooling output (Config.Activa teCooling = FALSE) or controllers with activated cooling output and cooling factor (Config.AdvancedCooling = FALSE), the dead zone is symmetrically located between Setpoint - Heat.DeadZone and Setpoint + Heat.DeadZone. For controllers with activated cooling output and PID parameter switching (Config.ActivateCooling = TRUE, Config.Advanced Cooling = TRUE), the dead zone is located between Setpoint - Heat.DeadZone and Setpoint + Cool.DeadZone. Heat.DeadZone is retentive. Heat.DeadZone 0.0 Retain.CtrlParams.Cool.Gain REAL 1.0 Active proportional gain for cooling Cool.Gain is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). Cool.Gain 0.0 4154 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.Cool.Ti REAL 20.0 Active integral action time for cooling in seconds The integral action for cooling is switched off with Cool.CtrlPar ams.Ti = 0.0. Cool.Ti is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). 100000.0 Cool.Ti 0.0 Retain.CtrlParams.Cool.Td REAL 0.0 Active derivative action time for cooling in seconds The derivative action for cooling is switched off with Cool.CtrlParams.Td = 0.0. Cool.Td is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). 100000.0 Cool.Td 0.0 Retain.CtrlParams.Cool.TdFiltRa tio REAL 0.2 Active derivative delay coefficient for cooling The derivative delay coefficient delays the effect of the deriva tive action. Derivative delay = derivative action time x derivative delay co efficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Cool.TdFiltRatio is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). Cool.TdFiltRatio 0.0 Retain.CtrlParams.Cool.PWeight ing REAL 1.0 Active weighting of the proportional action for cooling The proportional action may weaken with changes to the set point. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the proc ess value is changed. Cool.PWeighting is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). 1.0 Cool.PWeighting 0.0 WinCC Advanced V14 System Manual, 10/2016 4155 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.Cool.DWeight ing REAL 1.0 Active weighting of the derivative action for cooling The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. Cool.DWeighting is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). 1.0 Cool.DWeighting 0.0 Retain.CtrlParams.Cool.Cycle REAL 1.0 Active sampling time of the PID algorithm for cooling in seconds CtrlParams.Cool.Cycle is calculated during tuning and roun ded off to an integer multiple of CycleTime.. If Config.Output.Cool.PwmPeriode = 0.0 and Config.Advan cedCooling = TRUE, Cool.Cycle is used as period duration of the pulse width modulation for cooling. If Config.Output.Cool.PwmPeriode = 0.0 and Config.Advan cedCooling = FALSE, Heat.Cycle is used as period duration of the pulse width modulation for cooling. Cool.Cycle is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). 100000.0 Cool.Cycle > 0.0 4156 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Tag Data type Default Description Retain.CtrlParams.Cool.Control Zone REAL 3.402822e +38 Active control zone width for cooling The control zone for cooling is switched off with Cool.Control Zone = 3.402822e+38. Cool.ControlZone is only set automatically during pretuning cooling or pretuning heating and cooling if PIDSelf Tune.SUT.TuneRuleCool = 2 is selected as method of the pa rameter calculation. Cool.ControlZone is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). Cool.ControlZone > 0.0 Retain.CtrlParams.Cool.Dead Zone REAL 0.0 Active dead zone width for cooling (see PID parameters (Page 6571)) The dead zone for cooling is switched off with Cool.DeadZone = 0.0. Cool.DeadZone is not set automatically or adjusted during tun ing. You must correctly configure Cool.DeadZone manually. When the dead zone is switched on, the result can be a per manent control deviation (deviation between setpoint and proc ess value). This can have a negative effect on fine tuning. Cool.DeadZone is retentive. Only effective if the cooling output and PID parameter switch ing are activated (Config.ActivateCooling = TRUE and Con fig.AdvancedCooling = TRUE). Cool.DeadZone 0.0 Note Change the tags listed in this table in "Inactive" mode to prevent malfunction of the PID controller. See also PID_Temp ActivateRecoverMode tag (Page 4168) PID_Temp Warning tag (Page 4171) Multi-zone controlling with PID_Temp (Page 6591) PID_Temp state and mode parameters (S7-1200, S7-1500) Correlation of the parameters The State parameter shows the current operating mode of the PID controller. You cannot change the State parameter. WinCC Advanced V14 System Manual, 10/2016 4157 Programming the PLC 11.4 Instructions With a rising edge at ModeActivate, PID_Temp switches to the operating mode saved in the Mode in-out parameter. Heat.EnableTuning and Cool.EnableTuning specify for pretuning and fine tuning, if tuning takes place for heating or cooling. If the CPU is switched on or switches from Stop to RUN mode, PID_Temp starts in the operating mode that is saved in the Mode parameter. To leave PID_Temp in "Inactive" mode, set RunModeByStartup = FALSE. 4158 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Meaning of values State / Mode Description of operating mode 0 Inactive The following output values are output in "Inactive" mode: 0.0 as PID output value (PidOutputSum) 0.0 as output value for heating (OutputHeat) and output value for cooling (OutputCool) 0 as analog output value for heating (OutputHeat_PER) and analog output value for cooling (OutputCool_PER) FALSE as PWM output value for heating (OutputHeat_PWM) and PWM output value for cooling (OutputCool_PWM) This does not depend on the configured output value limits and scaling in the structures Config.Output.Heat and Config.Output.Cool. WinCC Advanced V14 System Manual, 10/2016 4159 Programming the PLC 11.4 Instructions State / Mode Description of operating mode 1 Pretuning The pretuning determines the process response to a jump change of the output value and searches for the point of inflection. The PID parameters are calculated from the maximum rate of rise and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_Temp offers different pretuning types depending on the configuration: Pretuning heating: A jump change is output at the output value heating, the PID parameters for heating are calculated (Retain.CtrlParams.Heat structure), and control to the setpoint then takes place in automatic mode. If the process behavior strongly depends on the operating point, an adaptation of the delay time can be activated at the setpoint with PIDSelfTune.SUT.AdaptDelayTime. Pretuning heating and cooling: A jump is output at the output value heating. As soon as the process value is close to the setpoint, a jump change is output at the output value cooling. The PID parameters for heating (Retain.CtrlParams.Heat structure) and cooling (Retain.CtrlParams.Cool structure) are calculated. Then, control to the setpoint takes place in automatic mode. If the process behavior strongly depends on the operating point, an adaptation of the delay time can be activated at the setpoint with PIDSelfTune.SUT.AdaptDelayTime. Depending on the effect of the cooling actuator compared to the heating actuator, the quality of tuning can be influenced by whether or not the heating and cooling outputs are operated simultaneously during tuning. You can specify this with PIDSelfTune.SUT.CoolingMode. Pretuning cooling: A jump change is output at the output value cooling and the PID parameters for cooling are calculated (Struktur Retain.CtrlParams.Cool). Then, control to the setpoint takes place in automatic mode. If you want to tune the PID parameters for heating and cooling, you can expect a better control response with "Pretuning heating" followed by "Pretuning cooling" rather than with "Pretuning heating and cooling". However, carrying out pretuning in two steps takes more time. General requirements for pretuning: The PID_Temp instruction is called in a cyclic interrupt OB. Inactive (State = 0), manual mode (State = 4), or automatic mode (State = 3) ManualEnable = FALSE Reset = FALSE The setpoint and the process value lie within the configured limits. Requirements for pretuning heating: Heat.EnableTuning = TRUE Cool.EnableTuning = FALSE The process value must not be too close to the setpoint. |Setpoint - Input| > 0.3 * |Config.InputUpperLimit - Config.InputLowerLimit| and |Setpoint - Input| > 0.5 * |Setpoint| The setpoint is greater than the process value. 4160 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State / Mode Description of operating mode Setpoint > Input Requirements for pretuning heating and cooling: Heat.EnableTuning = TRUE* Cool.EnableTuning = TRUE The cooling output is activated (Config.ActivateCooling = TRUE). The PID parameter switching is activated (Config.AdvancedCooling = TRUE). The process value must not be too close to the setpoint. |Setpoint - Input| > 0.3 * |Config.InputUpperLimit - Config.InputLowerLimit| and |Setpoint - Input| > 0.5 * |Setpoint| The setpoint is greater than the process value. Setpoint > Input Requirements for pretuning cooling: Heat.EnableTuning = FALSE* Cool.EnableTuning = TRUE* The cooling output is activated (Config.ActivateCooling = TRUE). The PID parameter switching is activated (Config.AdvancedCooling = TRUE). A "pretuning heating" or "pretuning heating and cooling" has been successful (PIDSelfTune.SUT.ProcParHeatOk = TRUE), if possible at the same setpoint. The process value must be close to the setpoint. |Setpoint - Input| < 0.05 * |Config.InputUpperLimit - Config.InputLowerLimit| The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. This is most likely the case in operating modes "Inactive" or "Manual mode". The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel The method for calculation of the PID parameters can be specified separately for heating and cooling with PIDSelfTune.SUT.TuneRuleHeat and PIDSelfTune.SUT.TuneRuleCool. Before the PID parameters are recalculated, they are backed up in the CtrlParamsBackUp structure and can be reactivated with LoadBackUp. After successful pretuning, the switch is made to automatic mode. After unsuccessful pretuning, the switch to the mode is determined by ActivateRecoverMode. The phase of pretuning is indicated with PIDSelfTune.SUT.State. WinCC Advanced V14 System Manual, 10/2016 4161 Programming the PLC 11.4 Instructions State / Mode Description of operating mode 2 Fine tuning Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are tuned for the operating point from the amplitude and frequency of this oscillation. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_Temp automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. PID_Temp offers different fine tuning types depending on the configuration: Fine tuning heating: PID_Temp generates an oscillation of the process value with periodic changes at the output value heating and calculates the PID parameters for heating (Struktur Retain.CtrlParams.Heat). Fine tuning cooling: PID_Temp generates an oscillation of the process value with periodic changes at the output value cooling and calculates the PID parameters for cooling (Struktur Retain.CtrlParams.Cool). Temporary tuning offset for heating/cooling controllers If PID_Temp is used as heating/cooling controller (Config.ActivateCooling = TRUE), the PID output value (PidOutputSum) at the setpoint must meet the following requirements for a process value oscillation to be generated and fine tuning to be successful: Positive PID output value for fine tuning heating Negative PID output value for fine tuning cooling If this requirement is not met, you can define a temporary offset for fine tuning which is output at the output with the opposite effect: Offset for cooling output (PIDSelfTune.TIR.OutputOffsetCool) with fine tuning heating. Define a negative tuning offset cooling which is less than the PID output value (PidOutputSum) at the setpoint in the steady state before you start tuning. Offset for heating output (PIDSelfTune.TIR.OutputOffsetHeat) with fine tuning cooling. Define a positive tuning offset heating which is greater than the PID output value (PidOutputSum) at the setpoint in the steady state before you start tuning. The defined offset is balanced by the PID algorithm so that the process value remains at the setpoint. The height of the offset allows the PID output value to be adapted correspondingly so that it fulfills the requirement mentioned above. To avoid larger overshoots of the process value when defining the offset, it can also be increased in several steps. If PID_Temp exits the fine tuning mode, the tuning offset is reset. Example for definition of an offset for fine tuning cooling: Without offset: - Setpoint = Process value (ScaledInput) = 80C - PID output value (PidOutputSum) = 30.0 - Output value heating (OutputHeat) = 30.0 - Output value cooling (OutputCool) = 0.0 Oscillation of the process value around the setpoint cannot be generated with the cooling output alone. Fine tuning would fail here. With definition of an offset for heating output (PIDSelfTune.TIR.OutputOffsetHeat) = 80.0 4162 - Setpoint = process value (ScaledInput) = 80C - PID output value (PidOutputSum) = -50.0 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions State / Mode Description of operating mode - Output value heating (OutputHeat) = 80.0 - Output value cooling (OutputCool) = -50.0 By defining an offset for the heating output, the cooling output can now create an oscillation of the process value around the setpoint. Fine tuning can now be carried out successfully. General requirements for fine tuning: The PID_Temp instruction is called in a cyclic interrupt OB. No disturbances are expected. The setpoint and the process value lie within the configured limits. The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. When the dead zone is switched on, the result can be a permanent control deviation (deviation between setpoint and actual value). This can have a negative effect on fine tuning. ManualEnable = FALSE Reset = FALSE Automatic (State = 3), inactive (State = 0) or manual (State = 4) mode Requirements for fine tuning heating: Heat.EnableTuning = TRUE Cool.EnableTuning = FALSE If PID_Temp is configured as heating/cooling controller (Config.ActivateCooling = TRUE), the heating output must be active at the operating point at which tuning is to take place (PidOutputSum > 0.0 (see tuning offset)). Requirements for fine tuning cooling: Heat.EnableTuning = FALSE Cool.EnableTuning = TRUE The cooling output is activated (Config.ActivateCooling = TRUE). The PID parameter switching is activated (Config.AdvancedCooling = TRUE) The cooling output must be active at the operating point at which tuning is to take place (PidOutputSum < 0.0 (see tuning offset)). The course of fine tuning is determined by the mode from which it is started: Automatic mode (State = 3) with PIDSelfTune.TIR.RunIn = FALSE (default) Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_Temp controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive (State = 0), manual mode (State = 4), or automatic mode (State = 3) with PIDSelfTune.TIR.RunIn = TRUE Attempts are made to reach the setpoint with the minimum or maximum output value: - with minimum or maximum output value heating for fine tuning heating - With minimum or maximum output value cooling for fine tuning cooling. This can produce increased overshoot. Fine tuning starts when the setpoint is reached. WinCC Advanced V14 System Manual, 10/2016 4163 Programming the PLC 11.4 Instructions State / Mode Description of operating mode If the setpoint cannot be reached, PID_Temp does not automatically abort tuning. The setpoint is frozen in the CurrentSetpoint tag. Tuning is canceled when: Setpoint > CurrentSetpoint + CancelTuningLevel or Setpoint < CurrentSetpoint - CancelTuningLevel The method for calculation of the PID parameters can be specified separately for heating and cooling with PIDSelfTune.TIR.TuneRuleHeat and PIDSelfTune.TIR.TuneRuleCool. Before the PID parameters are recalculated, they are backed up in the CtrlParamsBackUp structure and can be reactivated with LoadBackUp. The controller changes to automatic mode after successful fine tuning. After unsuccessful fine tuning, the switch to the mode is determined by ActivateRecoverMode. The "Fine tuning" phase is indicated with PIDSelfTune.TIR.State. 3 Automatic mode In automatic mode, PID_Temp corrects the controlled system in accordance with the parameters specified. The controller switches to automatic mode if one the following requirements is met: Pretuning successfully completed Fine tuning successfully completed Changing of the Mode in-out parameter to the value 3 and a rising edge at ModeActivate. The switchover from automatic mode to manual mode is only bumpless if carried out in the commissioning editor. The ActivateRecoverMode tag is taken into consideration in automatic mode. 4 Manual mode In manual mode, you specify a manual PID output value in the ManualValue parameter. The values at the outputs for heating and cooling resulting from this manual value are the result of the configured output scaling. You can also activate this operating mode using ManualEnable = TRUE. We recommend that you change the operating mode using Mode and ModeActivate only. The switchover from manual mode to automatic mode is bumpless. The ActivateRecoverMode tag is taken into consideration in manual mode. 5 Substitute output value with error monitoring The control algorithm is deactivated. The SetSubstituteOutput tag determines which PID output value (Pi dOutputSum) is output in this operating mode. SetSubstituteOutput = FALSE: Last valid PID output value SetSubstituteOutput = TRUE: Substitute output value (SubstituteOutput) You cannot activate this operating mode using Mode = 5. In the event of an error, it is activated instead of "Inactive" operating mode if all the following conditions are met: Automatic mode (State = 3) ActivateRecoverMode = TRUE One or more errors have occurred in which ActivateRecoverMode is effective. As soon as the errors are no longer pending, PID_Temp switches back to automatic mode. ENO characteristics If State = 0, then ENO = FALSE. 4164 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions If State 0, then ENO = TRUE. Automatic switchover of operating mode during commissioning Automatic mode is activated following successful pretuning or fine tuning. The following table shows how Mode and State change during successful pretuning. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter Pretuning is started n 4 1 Pretuning successfully completed n 3 3 Automatic mode is started PID_Temp automatically switches the operating mode in the event of an error. The following table shows how Mode and State change during pretuning with errors. Cycle no. Mode State Action 0 4 4 Set Mode = 1 1 1 4 Set ModeActivate = TRUE 1 4 1 Value of State is saved in Mode parameter Pretuning is started n 4 1 Pretuning canceled n 4 4 Manual mode is started If ActivateRecoverMode = TRUE, the operating mode that is saved in the Mode parameter is activated. When you start pretuning or fine tuning, PID_Temp has saved the value of State in the Mode in-out parameter. This means PID_Temp switches to the mode from which tuning was started. If ActivateRecoverMode = FALSE, the system switches to "Inactive" operating mode. See also Output parameters of PID_Temp (Page 4123) In/out parameters of PID_Temp V2 (Page 4126) WinCC Advanced V14 System Manual, 10/2016 4165 Programming the PLC 11.4 Instructions PID_Temp ErrorBits parameter (S7-1200, S7-1500) If several errors are pending simultaneously, the values of the ErrorBits are displayed with binary addition. The display of ErrorBits = 0000003h, for example, indicates that the errors 0000001h and 0000002h are pending simultaneously. ErrorBits Description (DW#16#...) 0000000 There is no error. 0000001 The "Input" parameter is outside the process value limits. Input > Config.InputUpperLimit or Input < Config.InputLowerLimit If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. 0000002 Invalid value at "Input_PER" parameter. Check whether an error is pending at the analog input. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp outputs the configured substitute output value. As soon as the error is no longer pending, PID_Temp switches back to automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. 0000004 Error during fine tuning. Oscillation of the process value could not be maintained. If PID_Temp is used as heating-cooling controller (Config.ActivateCooling = TRUE), to be able to generate actual value oscillation, the PID output value (PidOutputSum) at the setpoint must be positive for fine tuning heating negative for fine tuning cooling If this requirement is not met, use the tuning offsets ( PIDSelfTune.TIR.OutputOffsetCool and PIDSelf Tune.TIR.OutputOffsetHeat tags), see Fine tuning (Page 6580). If ActivateRecoverMode was = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0000008 Error at start of pretuning. The process value is too close to the setpoint or greater than the setpoint. Start fine tuning. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0000010 The setpoint was changed during tuning. You can set the permitted fluctuation of the setpoint at the CancelTuningLevel tag. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0000020 Pretuning is not permitted during fine tuning. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp remains in fine tuning mode. 0000040 Error during pretuning. Cooling could not reduce the process value. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 4166 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 0000100 Error during fine tuning resulted in invalid parameters. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0000200 Invalid value at "Input" parameter: Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp outputs the configured substitute output value. As soon as the error is no longer pending, PID_Temp switches back to automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. 0000400 Calculation of output value failed. Check the PID parameters. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp outputs the configured substitute output value. As soon as the error is no longer pending, PID_Temp switches back to automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. 0000800 Sampling time error: PID_Temp is not called within the sampling time of the cyclic interrupt OB. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. If this error occurred during simulation with PLCSIM, see the notes under AUTOHOTSPOT. 0001000 Invalid value at "Setpoint" parameter or "SubstituteSetpoint": Value has an invalid number format. If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp outputs the configured substitute output value. As soon as the error is no longer pending, PID_Temp switches back to automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. 0010000 Invalid value at ManualValue parameter. Value has an invalid number format. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp remains in manual mode and uses SubstituteOutput as PID output value. As soon as you specify a valid value in ManualValue, PID_Temp uses it as the PID output value. 0020000 Invalid value at SubstituteOutput tag. Value has an invalid number format. PID_Temp remains in the "Substitute output value with error monitoring" mode or manual mode and uses the low limit of the PID output value for heating (Config.Output.Heat.PidLowerLimit) as PID output value. As soon as you specify a valid value in SubstituteOutput, PID_Temp uses it as the PID output value. WinCC Advanced V14 System Manual, 10/2016 4167 Programming the PLC 11.4 Instructions ErrorBits Description (DW#16#...) 0040000 Invalid value at Disturbance parameter. Value has an invalid number format. If automatic mode was active and ActivateRecoverMode = TRUE before the error occurred, Disturbance is set to zero. PID_Temp remains in automatic mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. If Disturbance in the current phase has no effect on the output value, tuning is not be canceled. 0200000 Error in master in the cascade: Slaves are not in automatic mode or have activated substitute setpoint and prevent tuning of the master. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0400000 Pretuning heating is not permitted while cooling is active. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 0800000 The process value must be close to the setpoint to start pretuning cooling. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 1000000 Error at start of tuning: Heat.EnableTuning and Cool.EnableTuning are not set or do not match the con figuration. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 2000000 Pretuning cooling requires successful pretuning heating. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 4000000 Error at start of fine tuning: Heat.EnableTuning and Cool.EnableTuning must not be set simultaneously. If ActivateRecoverMode = TRUE before the error occurred, PID_Temp cancels the tuning and switches to the operating mode that is saved in the Mode parameter. 8000000 Error during calculation of the PID parameters resulted in invalid parameters. The invalid parameters are discarded and the original PID parameters are retained unchanged. We can distinguish between the following cases: If automatic mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in automatic mode. If manual mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp remains in manual mode. If pretuning or fine tuning mode was active before the error occurred and ActivateRecoverMode = TRUE, PID_Temp switches to the operating mode that is saved in the Mode parameter. PID_Temp ActivateRecoverMode tag (S7-1200, S7-1500) The ActivateRecoverMode tag determines the reaction to error. The Error parameter indicates if an error is pending. When the error is no longer pending, Error = FALSE. The ErrorBits parameter shows which errors have occurred. 4168 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Automatic mode and manual mode NOTICE Your system may be damaged. If ActivateRecoverMode = TRUE, PID_Temp remains in automatic mode or in manual mode even if there is an error and the process limit values are exceeded. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. WinCC Advanced V14 System Manual, 10/2016 4169 Programming the PLC 11.4 Instructions ActivateReco verMode Description FALSE PID_Temp switches to "Inactive" mode in the event of an error. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. TRUE Automatic mode If errors occur frequently in automatic mode, this setting has a negative effect on the control response, because PID_Temp switches between the calculated PID output value and the substitute output value at each error. In this case, check the ErrorBits parameter and eliminate the cause of the error. If one or several of the following errors occur and automatic mode was active before the error occurred, PID_Temp remains in automatic mode: 0000001h: The "Input" parameter is outside the process value limits. 0000800h: Sampling time error 0040000h: Invalid value at Disturbance parameter. 8000000h: Error during calculation of the PID parameters If one or several of the following errors occur and automatic mode was active before the error occurred, PID_Temp switches to "Substitute output value with error monitoring" mode: 0000002h: Invalid value at Input_PER parameter. 0000200h: Invalid value at Input parameter. 0000400h: Calculation of output value failed. 0001000h: Invalid value at Setpoint parameter or SubstituteSetpoint. As soon as the errors are no longer pending, PID_Temp switches back to automatic mode. If the following error occurs in "Substitute output value with error monitoring" mode, PID_Temp sets the PID output value to Config.Output.Heat.PidLowerLimit as long as this error is pending: 0020000h: Invalid value at SubstituteOutput tag. Value has an invalid number format. This behavior is independent of SetSubstituteOutput. Manual mode If one or several errors occur and manual mode was active before the error occurred, PID_Temp remains in manual mode. If the following error occurs in manual mode, as long as this error is pending, PID_Temp sets the PID output value to SubstituteOutput: 0010000h: Invalid value at ManualValue parameter. Value has an invalid number format. If the error 0010000h is pending in manual mode and the following error occurs, PID_Temp sets the PID output value to Config.Output.Heat.PidLowerLimit as long as this error is pending: 0020000h: Invalid value at SubstituteOutput tag. Value has an invalid number format. This behavior is independent of SetSubstituteOutput. 4170 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Pretuning and fine tuning ActivateReco verMode Description FALSE PID_Temp switches to "Inactive" mode in the event of an error. The controller is only activated by a falling edge at Reset or a rising edge at ModeActivate. TRUE If the following error occurs, PID_Temp remains in the active mode: 0000020h: Pretuning is not permitted during fine tuning. The following errors are ignored: 0010000h: Invalid value at ManualValue parameter. 0020000h: Invalid value at SubstituteOutput tag. When any other error occurs, PID_Temp cancels the tuning and switches to the mode from which tuning was started. PID_Temp Warning tag (S7-1200, S7-1500) If several warnings are pending simultaneously, the values of the Warning tag are displayed with binary addition. If the warning 0000003h is displayed, for example, the warnings 0000001h and 0000002h are pending simultaneously. Warning Description (DW#16#....) 0000000 No warning pending. 0000001 The point of inflection was not found during pretuning. 0000004 The setpoint was limited to the configured limits. 0000008 Not all the necessary controlled system properties were defined for the selected method of calculation. Instead, the PID parameters were calculated using the method TIR.TuneRuleHeat = 3 or TIR.TuneRule Cool = 3. 0000010 The operating mode could not be changed because Reset = TRUE or ManualEnable = TRUE. 0000020 The cycle time of the calling OB limits the sampling time of the PID algorithm. Improve results by using shorter OB cycle times. 0000040 The process value exceeded one of its warning limits. 0000080 Invalid value at Mode. The operating mode is not switched. 0000100 The manual value was limited to the limits of the PID output value. 0000200 The specified rule for tuning is not supported. No PID parameters are calculated. 0001000 The substitute output value cannot be reached because it is outside the output value limits. 0004000 The specified selection of the output value for heating and/or cooling is not supported. Only the output OutputHeat or OutputCool is used. 0008000 Invalid value at PIDSelfTune.SUT.AdaptDelayTime. The default value 0 is used. 0010000 Invalid value at PIDSelfTune.SUT.CoolingMode. The default value 0 is used. 0020000 The activation of cooling (Config.ActivateCooling tag) is not supported by the controller that is used as master (Config.Cascade.IsMaster tag). PID_Temp works as heating controller. Set the Config.ActivateCooling tag to FALSE. 0040000 Invalid value at Retain.CtrlParams.Heat.Gain, Retain.CtrlParams.Cool.Gain oder Config.CoolFactor. PID_Temp supports only positive values for proportional gain (heating and cooling) and cooling factor. Au tomatic mode remains active with PID output value 0.0. The integral component is stopped. WinCC Advanced V14 System Manual, 10/2016 4171 Programming the PLC 11.4 Instructions The following warnings are deleted as soon as the cause has been remedied or you repeat the action with valid parameters: 0000001h 0000004h 0000008h 0000040h 0000100h All other warnings are cleared with a rising edge at Reset or ErrorAck. PwmPeriode tag (S7-1200, S7-1500) If the PID algorithm sampling time (Retain.CtrlParams.Heat.Cycle or Retain.CtrlParams.Heat.Cycle) and thus the time period of the pulse width modulation is very high when you use OutputHeat_PWM or OutputCool_PWM, you can define a deviating shorter time period at the Config.Output.Heat.PwmPeriode or Config.Output.Cool.PwmPeriode parameters to improve the smoothness of the process value. Time period of the pulse width modulation at OutputHeat_PWM Time period of the PWM at output OutputHeat_PWM depending on Config.Output.Heat.PwmPeriode: Heat.PwmPeriode = 0.0 (default) The sampling time of the PID algorithm for heating (Retain.CtrlParams.Heat.Cycle) is used as time period of the PWM. Heat.PwmPeriode > 0.0 The value is rounded off to an integer multiple of the PID_Temp sampling time (CycleTime.Value) and used as time period of the PWM. The value must meet the following conditions: - Heat.PwmPeriode Retain.CtrlParams.Heat.Cycle - Heat.PwmPeriode > Config.Output.Heat.MinimumOnTime - Heat.PwmPeriode > Config.Output.Heat.MinimumOffTime 4172 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Time period of the pulse width modulation at OutputCool_PWM Time period of the PWM at output OutputCool_PWM depending on Config.Output.Cool.PwmPeriode and the method for heating/cooling: Cool.PwmPeriode = 0.0 and cooling factor (Config.AdvancedCooling = FALSE): The sampling time of the PID algorithm for heating (Retain.CtrlParams.Heat.Cycle) is used as time period of the PWM. Cool.PwmPeriode = 0.0 and PID parameter switching (Config.AdvancedCooling = TRUE): The sampling time of the PID algorithm for cooling (Retain.CtrlParams.Cool.Cycle) is used as time period of the PWM. Cool.PwmPeriode > 0.0: The value is rounded off to an integer multiple of the PID_Temp sampling time (CycleTime.Value) and used as time period of the PWM. The value must meet the following conditions: - Cool.PwmPeriode Retain.CtrlParams.Cool.Cycle or Retain.CtrlParams.Heat.Cycle - Cool.PwmPeriode > Config.Output.Cool.MinimumOnTime - Cool.PwmPeriode > Config.Output.Cool.MinimumOffTime Config.Output.Cool.PwmPeriode is only effective if the cooling output is activated (Config.ActivateCooling =TRUE). When you use PwmPeriode, the accuracy of the PWM output signal is determined by the relationship of PwmPeriode to the PID_Temp sampling time (cycle time of the OB). PwmPeriode should be at least 10 times the PID_Temp sampling time. If the sampling time of the PID algorithm is not an integer multiple of PwmPeriode, each last period of the PWM within the sampling time of the PID algorithm is extended accordingly. WinCC Advanced V14 System Manual, 10/2016 4173 Programming the PLC 11.4 Instructions Example for OutputHeat_PWM 2XWSXW W PV 2XWSXWB3:0 758( )$/6( W PV PID_Temp sampling time = 100.0 ms (cycle time of the calling cyclic interrupt OB, CycleTime.Value tag) PID algorithm sampling time = 2000.0 ms (Retain.CtrlParams.Heat.Cycle tag) Time period of the PWM for heating = 600.0 ms (Config.Output.Heat.PwmPeriode tag) IntegralResetMode tag (S7-1200, S7-1500) The IntegralResetMode tag determines how the integral action PIDCtrl.IOutputOld is preassigned: When switching from "Inactive" operating mode to "Automatic mode" With edge TRUE -> FALSE at parameter Reset and parameter Mode = 3 4174 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions This setting only works for one cycle and is only effective if the integral action is activated (Retain.CtrlParams.Heat.Ti and Retain.CtrlParams.Cool.Ti > 0.0 tags). IntegralReset Mode Description 0 Smooth The value of PIDCtrl.IOutputOld is pre-assigned so that the switchover is bumpless, which means "Auto matic mode" starts with the output value = 0.0 (parameter PidOutputSum) and there is no jump of the output value regardless of the control deviation (setpoint - process value). 1 Delete We recommend setting the weighting of the proportional action (Retain.CtrlParams.Heat.PWeighting and Retain.CtrlParams.Cool.PWeighting tags) to 1.0 if this option is used. The value of PIDCtrl.IOutputOld is deleted. Any control deviation will cause a jump of the PID output value. The direction of the output value jump depends on the active weighting of the proportional action (Re tain.CtrlParams.Heat.PWeighting and Retain.CtrlParams.Cool.PWeighting tags) and the control devia tion: Active proportional action weighting = 1.0: Output value jump and control deviation have identical signs. Example: If the process value value is smaller than the setpoint (positive control deviation), the PID output value jumps to a positive value. Active proportional action weighting < 1.0: For large control deviations, the PID output value jump and control deviation have identical signs. Example: If the process value is much smaller than the setpoint (positive control deviation), the PID output value jumps to a positive value. For small control deviations, the PID output value jump and control deviation have different signs. Example: If the process value is just below the setpoint (positive control deviation), the PID output value jumps to a negative value. This is usually not desirable, because it results in a temporary increase in the control deviation. The smaller the configured weighting of the proportional action, the greater the control deviation must be to receive a PID output value jump with identical sign. We recommend setting the weighting of the proportional action (Retain.CtrlParams.Heat.PWeighting and Retain.CtrlParams.Cool.PWeighting tags) to 1.0 when this option is used. Otherwise, you may experience the undesirable behavior described for small control deviations. Alternatively, you can also use Integra lResetMode = 4. This option guarantees identical signs of the PID output value jump and control deviation independent of the configured weighting of the proportional action and the control deviation. 2 Hold 3 Pre-assign The value of PIDCtrl.IOutputOld is not changed. You can define a new value using the user program. The value of PIDCtrl.IOutputOld is automatically pre-assigned as if PidOutputSum = OverwriteInitialOut putValue in the last cycle. 4 Like setpoint change (only for PID_Temp with version 1.1) The value of PIDCtrl.IOutputOld is automatically pre-assigned so that a similar PID output value jump results as for a PI controller in automatic mode in case of a setpoint change from the current process value to the current setpoint. Any control deviation will cause a jump of the PID output value. The PID output value jump and control deviation have identical signs. Example: If the process value value is smaller than the setpoint (positive control deviation), the PID output value jumps to a positive value. This is independent of the configured weighting of the proportional action and the control deviation. WinCC Advanced V14 System Manual, 10/2016 4175 Programming the PLC 11.4 Instructions If IntegralResetMode is assigned a value outside the valid value range, PID_Temp behaves as with the pre-assignment of IntegralResetMode: PID_Temp up to V1.0: IntegralResetMode = 1 PID_Temp as of V1.1: IntegralResetMode = 4 CPU processing time and memory requirement PID_Temp V1 (S7-1200, S7-1500) CPU processing time Typical CPU processing times of the PID_Temp technology object as of Version 1.0, depending on CPU type. CPU Typ. CPU processing time PID_Temp V1 CPU 1211C V4.1 580 s CPU 1215C V4.1 580 s CPU 1217C V4.1 580 s CPU 1505S V1.0 50 s CPU 1510SP-1 PN V1.7 130 s CPU 1511-1 PN V1.7 130 s CPU 1512SP-1 PN V1.7 130 s CPU 1516-3 PN/DP V1.7 75 s CPU 1518-4 PN/DP V1.7 6 s Memory requirement Memory requirement of an instance DB of the PID_Temp technology object as of Version V1.0. Memory requirement of the instance DB of PID_Temp V1 Load memory requirement 4176 Approx. 17000 bytes Total work memory requirement 1280 bytes Retentive work memory requirement 100 bytes WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 11.4.1.6 Communication (S7-1200, S7-1500) S7 communication (S7-1200, S7-1500) Data consistency (S7-1200, S7-1500) Definition A data block which cannot be modified by concurrent processes is called consistent data area. A data block which is larger than the consistent data area can thus be falsified as a whole during transmission. This means that a data block which belongs together and which is larger than consistent data area can consist in part of new and of old consistent data at the same time. Example An inconsistency can occur when an instruction for communication is interrupted, for example, by a hardware interrupt OB with higher priority. If the user program in this OB now changes the data that has already been partly processed by the instruction, the transferred data originates: In part from the time before the hardware interrupt was processed And in part from the time after the hardware interrupt was processed This means that these data are inconsistent (not coherent). Ensuring data consistency If the communication process can be interrupted by an interrupt OB, you must ensure that the data is transferred consistently. Make sure that only an image of the data and not the data to be transferred is not changed directly by the interrupt OB. Copy the image of the data to the transfer area of the communication instruction prior to the next data transfer. If the user program contains a communication instruction that accesses common data, access to this data area can be coordinated, for example, by means of the DONE parameter. The data consistency of the communication areas which are transferred locally with a communication instruction can therefore be ensured in the user program. In the case of S7 communication instructions "PUT (Page 4187)"/"GET (Page 4181)", the size of the consistent data areas must already be taken into consideration during programming or configuration, because a communication block is not available in the user program of the target device (server) to synchronize communication data to the user program. WinCC Advanced V14 System Manual, 10/2016 4177 Programming the PLC 11.4 Instructions For the S7-300 and C7-300 (exception: CPU 318-2 DP) the communication data are copied consistently into the user memory in blocks of 32 bytes in the cycle control point of the operating system. Data consistency is not guaranteed for larger data areas. If a defined data consistency is required, the communication data in the user program may not exceed 32 bytes (maximum of 8 bytes, depending on the version). In the S7-400 and S7-1500, on the other hand, the communication data in 462-byte blocks is not processed at the cycle control point, but in fixed time slices during the program cycle. The consistency of a tag is ensured by the system. These communication areas can then be accessed consistently using the "PUT (Page 4187)" / "GET (Page 4181)" instructions or when reading/writing tags, for example by an OP or an OS. Note Additional information on data consistency is provided in the description of the specific instructions. In the S7-1500 module series, you can change parameters during ongoing operation with the instructions of S7 communication. Changed parameters are used immediately, even if a job is still active. Both can lead to data inconsistency! To avoid data inconsistencies, you should never change parameters while a job is running. Effect on interrupt reaction times The interrupt reaction times of the CPU are slightly extended by copying the data. The greater the quantity of data which must be transferred with absolute consistency, the longer the interrupt reaction time of a system. Common parameters of instructions for S7 communication (S7-1200, S7-1500) Classification The parameters of the instructions for S7 communication can be divided into the following five categories according to their functions: 1. Control parameters are used to activate an instruction. 2. Addressing parameters are used to address the remote communication partner. 3. Send parameters point to the data areas that are to be sent to the remote partner. 4. Receive parameters point to the data areas where the data received from remote partners will be entered. 5. Status parameters are used to monitor whether the instruction has completed its task without error or for the analysis of any errors that have occurred. Control parameter Data exchange will only be activated if the appropriate control parameters have a defined value (for example, are set) when the instruction is called or when the value has undergone a specific change since the previous call (for example, a positive edge). 4178 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Addressing parameters Parameter Description ID Reference to the local connection description (specified by the configuration of the con nection). R_ID With the R_ID parameter, you specify that a send and a receive instruction belong to gether: The R_ID parameter must match in the instruction at the sending end and the instruction at the receiving end. This allows the communication of several instruction pairs via the same logic connection. R_ID must be specified in the form DW#16#wxyzWXYZ. The instruction pairs of a logical connection specified in R_ID must be unique for this connection. Note Addressing parameters ID and R_ID You can reassign the addressing parameters ID and R_ID during runtime. The new parameters are validated with each new job after the previous job has been closed. You can use the following options to reduce the number of instance DBs and therefore the work memory required: 1. With tag IDs, you can use several connections via one data instance block. 2. With tag R_IDs, you can define several pairs of sending and receiving instructions for one job with a single instance. 3. You can combine cases 1 and 2. Please note that the new parameters are valid after the last job is executed. When you activate the sending operation, the R_ID parameter in the instruction at the sending end must match its counterpart at the receiving end. Status parameter With the status parameters, you monitor whether the instruction has completed its task correctly or whether it is still active. The status parameters also indicate errors. Note The status parameters are valid for one cycle only, namely from the first command following the call until the next call. As a result, you must evaluate these parameters after each instruction cycle. WinCC Advanced V14 System Manual, 10/2016 4179 Programming the PLC 11.4 Instructions Send and receive parameters For communication instructions configured at both ends The number of the SD_i and RD_i parameters used must match at the send and receive end. The data types of the SD_i and RD_i parameters that belong together must match at the send and receive end. The amount of data to be sent according to the SD_i parameter must not exceed the range made available by the corresponding RD_i (does not apply to "BSEND (Page 4196)" / "BRCV (Page 4198)"). The RD_i parameters must (with exception of "BSEND"/"BRCV") have the identical data size. If you do not keep to the rules above, this is indicated by ERROR = 1 and STATUS = 4. Note Supplying the send and receive parameters With the VARIANT data type, send and receive parameters must always be supplied any time a communication instruction is called. It is not possible, for example, to supply the send parameters of the communication instructions at startup and to only trigger the send job in cyclic operation. User data size With the "USEND (Page 4192)", "URCV (Page 4194)", "GET (Page 4181)" and "PUT (Page 4187)" instructions, the amount of data to be transferred must not exceed a defined user data size. The maximum user data size depends on: The instruction used The communication partner. The guaranteed minimum size of the user data for an instruction with 1-4 tags is listed in the following table: Instruction Partner: S7-300 Partner: S7-400 Partner: S7-1200 Partner: S7-1500 PUT / GET 160 bytes 400 bytes 160 bytes 880 bytes USEND / URCV 160 bytes 440 bytes - 920 bytes BSEND / BRCV 32768/65534 bytes 65534 bytes - 65534 bytes with standard access 65535 bytes with optimized access Further information on the user data size can be found in the technical data of the respective CPU. 4180 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Exact user data size If the user data size specified above is insufficient you can determine the maximum byte length of the user data as follows: First read the data block size valid for communication from the following table: Local CPU Remote CPU Data block size in bytes S7-1200 Any 240 S7-1500 S7-300 240 S7-400 480 S7-1200 240 S7-1500 960 Use this value in the following table to read the maximum possible user data length in bytes as total of the parameters used. It applies for even lengths of the areas SD_i, RD_i, and ADDR_i. For each range of uneven length the maximum possible user data length is reduced by one byte. Number of SD_i, RD_i, ADDR_i parameters used Data block size Instruction 1 2 3 4 240 (S7-300) PUT/GET/ USEND 160 - - - 212 - - - 240 (S7-300 via inte PUT grated interface) GET 240 (S7-400) 480 (S7-400) 240 (S7-1200) 960 (S7-1500) 222 - - - USEND 212 - - - PUT 212 196 180 164 GET 222 218 214 210 USEND 212 - - - PUT 452 436 420 404 GET 462 458 454 450 USEND 452 448 444 440 PUT 212 196 180 164 GET 222 218 214 210 PUT 932 916 900 884 GET 942 938 934 930 USEND 932 928 924 920 GET: Read data from a remote CPU (S7-1200, S7-1500) Description With the instruction "GET", you can read data from a remote CPU. WinCC Advanced V14 System Manual, 10/2016 4181 Programming the PLC 11.4 Instructions The instruction is started on a positive edge at control input REQ: The relevant pointers to the areas to be read out (ADDR_i) are then sent to the partner CPU. The partner CPU can be in RUN or STOP mode. The partner CPU returns the data: - If the reply exceeds the maximum user data length, this is displayed with error code "2" at the STATUS parameter. - The received data is copied to the configured receive areas (RD_i) at the next call. Completion of this action is indicated by the status parameter NDR having the value "1". Reading can only be activated again after the previous reading process has been completed. Errors and warnings are output via ERROR and STATUS if access problems occurred while the data was being read or if the data type check results in an error. Changes in the data areas addressed on the partner CPU are not registered by the "GET" instruction. Requirements for using the instruction The "Permit access with PUT/GET communication from remote partner" function was activated in the properties of the partner CPU under "Protection". The blocks which you access with the "GET" instruction were created with the access type "standard". Make sure that the areas defined with the parameters ADDR_i and SD_i match in terms of number, length and data type. The area to be read (ADDR_i parameter) cannot be larger than the area for data storage (RD_i parameter). Parameters The following table shows the parameters of the "GET" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter request, activates the da ta exchange on a positive edge. ID Input WORD I, Q, M, D, L or con stant Addressing parameters for specifying the connection to the partner CPU. NDR Output BOOL I, Q, M, D, L Status parameter NDR: 0: Job not yet started or still running. 1: Job successfully completed. 4182 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Status parameters ERROR and STATUS, error code: STATUS Output WORD I, Q, M, D, L ERROR=0 STATUS has the value: - 0000H: Neither warning nor error - <> 0000H: Warning, STATUS supplies detailed information. ERROR=1 An error has occurred. STATUS supplies detailed information on the type of error. ADDR_1 InOut REMOTE ADDR_2 InOut REMOTE ADDR_3 InOut REMOTE ADDR_4 InOut REMOTE RD_1 InOut VARIANT RD_2 InOut VARIANT RD_3 InOut VARIANT RD_4 InOut VARIANT I, Q, M, D Pointers to the areas on the partner CPU that are to be read. When the REMOTE pointer accesses a DB, the DB must always be specified. Example: P#DB10.DBX5.0 Byte 10. I, Q, M, D, L Pointers to the areas on the local CPU in which the read data is entered. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS The following table contains all specific error information for the "GET" instruction that can be output via the ERROR and STATUS parameters. ERROR STATUS (decimal) Explanation 0 11 Warning: New job not active because the previous job is still busy. 0 25 Communication has started. The job is being processed. 1 1 Communication problems, for example Connection description not loaded (local or remote) Connection interrupted (for example: cable, CPU off, CP in STOP mode) Connection to partner not yet established 1 2 Negative acknowledgment from the partner device. The function cannot be executed. Response from the remote station exceeds the maximum user data length (see: Common parameters of instructions for S7 communication (Page 4178)). Access protection is activated on the partner CPU. Deactivate access protection in the CPU settings. 1 4 Error in the pointers to the data storage RD_i: Data types of the parameters RD_i and ADDR_i are not compatible with each other. The length of the area RD_i is smaller than the length of the data of the ADDR_i parameter that is to be read. 1 8 WinCC Advanced V14 System Manual, 10/2016 Access error on the partner CPU. 4183 Programming the PLC 11.4 Instructions ERROR STATUS (decimal) Explanation 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 20 Maximum number of parallel jobs exceeded. 1 W#16#80C3 (only with S7-1500) The job is currently being processed in a priority class with low priority (first call). Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). Note Data consistency Data is received consistently if you read the part of the receive area RD_i currently being used completely before initiating another job. Example In the following example use an S7 connection and in CPU 1 read out a data record of CPU 2. The data record to be sent is of the data type INT. Requirement Two CPUs of the S7-1500 series are available and connected to each other over PROFINET. The connection is not yet configured. A low protection level under "<CPU> > Properties > Protection" ensures that read and write access is permitted for the CPUs. Access with the PUT/GET instruction is permitted. Program of CPU 1 Create six tags in a global data block for storing the data of "GET". Create one tag in a global data block for storing the data record to be received. 4184 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 1: Interconnect the parameters of the "GET" instruction as follows. Network 2: Save the status for an error of GET as follows. Network 3: Save the success status of GET as follows. Configuration of GET To interconnect the input parameter ID, open the wizard of the "GET" instruction with "Properties > Configuration". Make the following settings for the connection: Section Setting Access point Select the communication partner. The remaining connection data will be entered automatically. An S7 connection is created automatically and its identifier entered at the input parameter ID. Active WinCC Advanced V14 System Manual, 10/2016 Make sure that the active connection goes out from CPU 1. 4185 Programming the PLC 11.4 Instructions Program of CPU 2 Create one tag in a global data block for storing the data record to be sent. In "Properties > Attributes" of the data block disable the optimized block access. Behavior of GET When the input parameter REQ ("start") supplies the signal state "TRUE", the "GET" instruction is started. The instruction calls up the connection data and makes contact with the communications partner of the S7 connection being used. To achieve this, the identifier of the S7 connection is stored at the input parameter ID. Via the parameter ADDR_1 the storage location of the data record of CPU 2 to be sent ("myValue") is identified. The data record ("myValue") is read out and at the parameter RD_1 the identified storage location ("readValue") is entered. Successful processing is indicated by the output parameter NDR ("done") with the signal state "TRUE" and the output parameter STATUS ("status") with the value "16#0000". Because the values of the output parameters are only displayed for the moment of their validity, save the success status in the tag "memDoneStat". The output parameter ERROR ("error") or the tag "memErrStatus" indicates that processing took place without errors. You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 4186 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Difference between synchronous and asynchronous instructions (Page 2436) PUT: Write data to a remote CPU (S7-1200, S7-1500) Description You can write data to a remote CPU with the instruction "PUT". The instruction is started on a positive edge at control input REQ: The pointers to the areas to be written (ADDR_i) and the data (SD_i) are then sent to the partner CPU. The partner CPU can be in RUN or STOP mode. The data to be sent is copied from the configured send areas ((SD_i). The partner CPU saves the sent data under the addresses supplied with the data and returns an execution acknowledgment. If no errors occur, this is indicated at the next instruction call with status parameter DONE = "1". The writing process can only be activated again after the last job is complete. Errors and warnings are output via ERROR and STATUS if access problems occurred while the data was being written or if the execution check results in an error. Requirements for using the instruction The "Permit access with PUT/GET communication from remote partner" function was activated in the properties of the partner CPU under "Protection". The blocks which you access with the "PUT" instruction were created with the access type "standard". Make sure that the areas defined with the parameters ADDR_i and SD_i match in terms of number, length and data type. The area to be written (ADDR_i parameter) must be as large as the send area (SD_i parameter). Parameters The following table shows the parameters of the "PUT" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter request, activates the data exchange on a positive edge. ID Input WORD I, Q, M, D, L or con stant Addressing parameters for specifying the con nection to the partner CPU. DONE Output BOOL I, Q, M, D, L Status parameter DONE: 0: Job not yet started or still executing 1: Job executed without errors. WinCC Advanced V14 System Manual, 10/2016 4187 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Status parameters ERROR and STATUS, er ror code: STATUS Output WORD I, Q, M, D, L ERROR=0 STATUS has the value: - 0000H: Neither warning nor error - <> 0000H: Warning, STATUS supplies detailed information. ERROR=1 An error has occurred, STATUS supplies detailed information on the type of error. ADDR_1 InOut REMOTE ADDR_2 InOut REMOTE ADDR_3 InOut REMOTE ADDR_4 InOut REMOTE I, Q, M, D Pointers to the areas on the partner CPU to which the data will be written. When the REMOTE pointer accesses a DB, the DB must always be specified. Example: P#DB10.DBX5.0 Byte 10. When transferring data structures (e.g., Struct) the data type CHAR must be used at the ADDR_i parameters. SD_1 InOut VARIANT SD_2 InOut VARIANT SD_3 InOut VARIANT SD_4 InOut VARIANT I, Q, M, D, L Pointers to the areas on the local CPU which contain the data to be sent. Only the data types BOOL, BYTE, CHAR, WORD, INT, DWORD, DINT, REAL are per mitted. When transferring data structures (e.g., Struct) the data type CHAR must be used at the SD_i parameters. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". ERROR and STATUS parameters The following table contains all specific error information for the "PUT" instruction that can be output via the ERROR and STATUS parameters. ERROR STATUS (decimal) Explanation 0 11 Warning: New job not active because the previous job is still busy. 0 25 Communication has started. The job is being processed. 1 1 Communication problems, for example Connection description not loaded (local or remote). Connection interrupted (for example, cable, CPU off, CP in STOP mode). Connection to partner not yet established. 1 2 Negative acknowledgment of partner CPU. The function cannot be executed. Access on the partner CPU was not granted. Activate the access in the CPU settings. 4188 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS (decimal) Explanation 1 4 Error in the pointers to the data storage: Data types of the parameters SD_i and ADDR_i are not compatible with each other. The length of the area SD_i is greater than the length of the data of the ADDR_i parameter that is to be written. Not possible to access SD_i. Maximum user data size exceeded. Number of the parameters SD_i and ADDR_i does not match. 1 8 Access error with the partner CPU (e.g. DB not loaded or write-protected). 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 20 Maximum number of parallel jobs exceeded. 1 W#16#80C3 (only with S7-1500) The job is currently being processed in a priority class with low priority (first call). Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). Data consistency When a send operation is activated (positive edge at REQ), the data to be sent from the send area SD_i is copied from the user program. After the block call, you can write to these areas without corrupting the current send data. Note The send operation is only complete when the DONE status parameter has the value "1". Example In the following example use an S7 connection and transfer a data record from CPU 1 to CPU 2. The data record to be sent is of the data type INT. Requirement Two CPUs of the S7-1500 series are available and connected to each other over PROFINET. The connection is not yet configured. A low protection level under "<CPU> > Properties > Protection" ensures that read and write access is permitted for the CPUs. Access with the PUT/GET instruction is permitted. Program of CPU 1 Create six tags in a global data block for storing the data of "PUT". WinCC Advanced V14 System Manual, 10/2016 4189 Programming the PLC 11.4 Instructions Create one tag in a global data block for storing the data record to be sent. Network 1: Interconnect the parameters of the "PUT" instruction as follows. Network 2: Save the status for an error of PUT as follows. Network 3: Save the success status of PUT as follows. 4190 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Configuration of PUT To interconnect the input parameter ID, open the wizard of the "PUT" instruction with "Properties > Configuration". Make the following settings for the connection: Section Setting Access point Select the communication partner. The remaining connection data will be entered automatically. An S7 connection is created automatically and its identifier entered at the input parameter ID. Active Make sure that the active connection goes out from CPU 1. Program of CPU 2 Create one tag in a global data block for storing the data record to be received. In "Properties > Attributes" of the data block disable the optimized block access. Behavior of PUT When the input parameter REQ ("start") supplies the signal state "TRUE", the "PUT" instruction is started. The instruction calls up the connection data and makes contact with the communications partner of the S7 connection being used. To achieve this, the identifier of the S7 connection is stored at the input parameter ID. At the parameter SD_1 the storage location of the data record of CPU 1 to be sent ("writeValue") is identified. At the parameter ADDR_1 the storage location ("myValue") of the data record in CPU 2 is identified. The data record ("writeValue") is transferred and indicated at the storage location of CPU 2 ("myValue"). Successful processing is indicated by the output parameter DONE ("done") with the signal state "TRUE" and the output parameter STATUS ("status") with the value "16#0000". Because the values of the output parameters are only displayed for the moment of their validity, save the success status in the tag "memDoneStat". The output parameter ERROR ("error") or the tag "memErrStatus" indicates that processing took place without errors. WinCC Advanced V14 System Manual, 10/2016 4191 Programming the PLC 11.4 Instructions You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) Other (S7-1200, S7-1500) USEND: Send data uncoordinated (S7-1500) Description The "USEND" instruction sends data to a remote partner instruction of type "URCV (Page 4194)". The sending process is carried out without coordination with the partner instruction. This means that the data transfer is carried out without acknowledgment by the partner instruction. When a send operation is activated (positive edge at REQ), the data to be sent from the send areas SD_i are copied from the user program. After the instruction call, you can write to these send areas again without corrupting the current send data. Successful completion of the send operation is indicated by the value of the DONE status parameter being set to "1". Parameters The following table shows the parameters of the "USEND" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter request, activates the data ex change on a positive edge. ID Input CONN_PRG I, Q, M, D, L, P or con Addressing parameters for specifying the con stant nection to the partner CPU. R_ID Input CONN_R_ID I, Q, M, D, L or con stant Addressing parameter R_ID for defining the in struction pairs "USEND" and "URCV". See also: Common parameters of instructions for S7 communication (Page 4178) 4192 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description DONE Output BOOL I, Q, M, D, L Status parameter 0: Job not yet started or still executing. 1: Job executed without errors. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error. 1: An error has occurred. STATUS supplies detailed information on the type of error. STATUS Output WORD I, Q, M, D, L Status parameter See "ERROR and STATUS parameters" table. SD_i (1 i 4) InOut VARIANT I, Q, M, D, L Pointer on the i-th send area. Only the BOOL data types are permitted (not permitted: bit array), BYTE, CHAR, WORD, INT, DWORD, DINT, REAL or STRUCT. The maximum user data size for SD_i parame ters depends on the partner CPU ("URCV" in struction) and on the number of parameters used. Additional information is available in: Common parameters of instructions for S7 communica tion (Page 4178) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS ERROR STATUS (decimal) Explanation 0 11 Warning: New job not active because the previous job is still busy. 0 25 Communication has started. The job is being processed. 1 1 Communication problem has occurred. Possible causes: Connection description not loaded (local or remote) Connection interrupted (for example: cable, CPU off, CP in STOP mode) Connection to partner not yet established 1 4 Errors in the send area pointers SD_i relating to the data length or the data type. Maximum user data length was exceeded. 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 18 Value at R_ID parameter already exists in the connection specified at the ID parameter (R_ID value must be unique for the connection). 1 20 Maximum number of parallel jobs exceeded. 1 W#16#80C 3 (only with S7-1500) The job is currently being processed in a priority class with lower priority (first call). Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). WinCC Advanced V14 System Manual, 10/2016 4193 Programming the PLC 11.4 Instructions See also Difference between synchronous and asynchronous instructions (Page 2436) URCV: Receive data uncoordinated (S7-1500) Description The "URCV" instruction receives data asynchronously from a remote partner instruction of type "USEND (Page 4192)" and copies this data into the configured receive areas. The instruction is ready to receive if there is a logical 1 at the EN_R input. An active job can be canceled with EN_R=0. The receive data areas are referenced by the parameters RD_1 to RD_4. Make sure that the areas defined by the parameters RD_i / RD_1 and SD_i / SD_1 (with the associated partner instruction "USEND (Page 4192)") match in terms of number and length. Successful completion of the copy operation is indicated when the value of the NDR status parameter is set to logical "1". Once the status parameter NDR has changed to "1", there will be new receive data in your receive areas (RD_i). A new block call may cause these data to be overwritten with new receive data. If you want to prevent this, call "URCV" (for example, during cyclic block processing) with the value 0 at EN_R until you have finished processing the received data. Parameters The following table shows the parameters of the "URCV" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or con stant Control parameter enabled to receive, signals ready to receive if the input is set. ID Input CONN_PR G I, Q, M, D, L, P or con Addressing parameters for specifying the connec stant tion to the partner CPU. R_ID Input CONN_R_I D I, Q, M, D, L or con stant Addressing parameter for defining the instruction pairs "USEND" and "URCV". See also: Common parameters of instructions for S7 communication (Page 4178) NDR Output BOOL I, Q, M, D, L Status parameter 0: Job not yet started or still running. 1: Job successfully completed. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error 1: An error has occurred, STATUS supplies detailed information on the type of error. 4194 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description STATUS Output WORD I, Q, M, D, L Status parameter See "ERROR and STATUS parameters" table. RD_i (1 i 4) InOut VARIANT I, Q, M, D, L Pointer to the i-th receive area: Only the BOOL data types are permitted (not per mitted: bit array), BYTE, CHAR, WORD, INT, DWORD, DINT, REAL or STRUCT. Additional information is available in: Common pa rameters of instructions for S7 communication (Page 4178) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS ERROR STATUS Explanation (decimal) 0 9 Warning: older received data were overwritten by newer received data. 0 11 Warning: The received data is already being processed in a priority class with lower priority (error can occur when copying data to the receive area). 0 25 Communication has started. The job is being processed. 1 1 Communication problem has occurred. Possible causes: Connection description not loaded (local or remote) Connection interrupted (for example: cable, CPU off, CP in STOP mode) Connection to partner not yet established 1 4 Errors in the receive area pointers RD_i relating to the data length or the data type. 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 18 Value at R_ID parameter already exists in the connection specified at the ID parameter (R_ID value must be unique for the connection). 1 19 The associated "USEND (Page 4192)" instruction sends data faster than it can be copied to the receive areas by "URCV". 1 20 Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with lower priority (first call). 1 W#16#80C 3 (only with S7-1500) Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4195 Programming the PLC 11.4 Instructions BSEND: Send data in segments (S7-1500) Description The "BSEND" instruction sends data to a remote partner instruction of type "BRCV (Page 4198)". With this type of data transfer, more data can be transported between the communication partners than is possible with all other communication instructions for configured S7 connections. In each case, the maximum data volume amounts to 65534 bytes (standard access) or 65535 bytes (optimized access) for the integrated interface and for SIMATIC Net CP. Functional description You specify the instruction pair "BSEND" and "BRCV" with the input parameter R_ID. The R_ID parameter must be identical in the related instructions. The send job is activated after the instruction is called and a positive edge is detected at control input REQ. After the call, "BSEND" is not processed in the background, which means the data can only be read within the user program. The data area to be transmitted is segmented. Each segment is sent individually to the partner. Each segment is acknowledged by the partner after the application of this segment by "BRCV (Page 4198)". If the data is segmented, "BSEND" must be called multiple times until all segments have been transferred. The data area of the data to be sent is specified by SD_1. To ensure data consistency, you may only write to the part of the currently used sending area SD_1 after the current send operation is complete. This is the case when the value of the status parameter DONE changes to "1". The length of the send data is specified by LEN based on the job. With LEN = "0", all data addressed with the SD_1 parameter is sent. If there is a positive edge at control input R, the current sending process is canceled. Due to the asynchronous data transfer, a new data transfer can only be initiated if the previous data has been fetched by a partner instruction call. When the data has been collected, the status parameter "NDR" is set in the partner instruction "BRCV". Note Migration of S7-400 user programs An S7-400 CPU interprets the parameter SD_1 as pointer and not as data area. With S7-1500, LEN may not exceed the area of SD1. This was permitted with the S7-400. Recommendation Use the maximum size for the LEN parameter (65534 bytes for the integrated interface) as size of the data area at the SD_1 parameter. 4196 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "BSEND" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter request, activates the data ex change at a positive edge R Input BOOL I, Q, M, D, L or con stant Control parameter reset, activates an abort of the cur rent data exchange at a positive edge ID Input CONN_PR G I, Q, M, D, L, P or con Addressing parameters for specifying the connection stant to the partner CPU. R_ID Input CONN_R_I D I, Q, M, D, L or con stant Addressing parameter for defining the instruction pairs "BSEND" and "BRCV (Page 4198)". See also: Common parameters of instructions for S7 communication (Page 4178) SD_1 InOut VARIANT I, Q, M, D, L Pointer to send area When transferring structures, the structures must be identical at the sending and receiving end. LEN InOut WORD I, Q, M, D, L DONE Output BOOL I, Q, M, D, L Length of the block of data to be sent in bytes. With LEN = "0", all data is sent by SD_1. Status parameter 0: Job not yet started or still executing. 1: Job executed without errors. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error. 1: An error has occurred, STATUS supplies detailed information on the type of error. STATUS Output WORD I, Q, M, D, L Status parameter See "ERROR and STATUS parameters" table. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS The following table contains all specific error information for "BSEND" that can be output via the ERROR and STATUS parameters. ERROR STATUS (decimal) Explanation 0 11 Warning: New job not active because the previous job is still busy. 0 25 Communication has started. The job is being processed. 1 1 Communication problem has occurred. Possible causes: Connection description not loaded (local or remote) Connection interrupted (for example: cable, CPU off, CP in STOP mode) Connection to partner not yet established 1 2 WinCC Advanced V14 System Manual, 10/2016 Negative acknowledgment of partner instruction. The instruction cannot be executed. 4197 Programming the PLC 11.4 Instructions ERROR STATUS (decimal) Explanation 1 3 R_ID is unknown on the connection specified by the ID or the receive block has not yet been called. 1 4 Error in the data length or data type in the send area pointer SD_1. Value for LEN is greater than area SD_1. 1 5 Reset request was executed. 1 6 Partner instruction is in DISABLED status (EN_R has the value "0"). Also check the input param eters of "BRCV (Page 4198)" for consistency with "BSEND". 1 7 "BRCV (Page 4198)" partner instruction not called since the last data transfer. 1 8 Access to remote object in the user memory was rejected: The destination area for the associated "BRCV (Page 4198)" is too small. ERROR = 1, STATUS = 4 or ERROR = 1, STATUS = 10 reported at the output parameters of "BRCV (Page 4198)". 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 18 R_ID already exists in the connection. 1 20 Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with lower priority (first call). 1 W#16#80 C3 (only with S7-1500) Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). See also Difference between synchronous and asynchronous instructions (Page 2436) BRCV: Receive data in segments (S7-1500) Description The "BRCV" instruction receives data from a remote partner instruction of type "BSEND (Page 4196)". The R_ID parameter must be identical in the related instructions. The instruction is ready to receive data (STATUS = 25) after it is called with the value "1" at control input EN_R. An active job can be canceled with EN_R=0. The maximum receive area is specified by RD_1. Data will be received consistently if you fully evaluate the part of the RD_1 receive area currently in use before calling the block again with value 1 at control input EN_R. After each received data segment, an acknowledgment is sent to the partner instruction. If there are multiple segments it will be necessary to call "BRCV" several times until all of the segments have been received. Asynchronous data receipt is indicated by STATUS = 17. The amount of data currently received is indicated at the parameter LEN. The RD_1 parameter must remain constant during the operation. Value "1" at the NDR status parameter indicates that all data segments have been received without error. The received data remains unchanged until the next call with EN_R=1. 4198 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "BRCV" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or con stant Control parameter enabled to receive, signals ready to receive if the input is set. ID Input CONN_PRG I, Q, M, D, L, P or con Addressing parameters for specifying the con stant nection to the partner CPU. R_ID Input CONN_R_ID I, Q, M, D, L or con stant Addressing parameter for defining the instruction pairs "BSEND (Page 4196)" and "BRCV". See also: Common parameters of instructions for S7 communication (Page 4178) RD_1 InOut VARIANT I, Q, M, D, L Pointer to the receive area. When transferring structures, the structures must be identical at the sending and receiving end. LEN InOut WORD I, Q, M, D, L Length of the data already received in bytes. NDR Output BOOL I, Q, M, D, L Status parameter 0: Job not yet started or still running. 1: Job successfully completed. ERROR Output BOOL I, Q, M, D, L Status parameter 0: Neither warning nor error 1: An error has occurred, STATUS supplies detailed information on the type of error. STATUS Output WORD I, Q, M, D, L Status parameter See "ERROR and STATUS parameters" table. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS The following table contains all specific error information for "BRCV" that can be output via the ERROR and STATUS parameters. ERROR STATUS (decimal) Explanation 0 17 Warning: Instruction receives data asynchronously. The LEN parameter shows the amount of data already received in bytes. 0 25 Communication has started. The job is being processed. 1 1 Communication problem has occurred. Possible causes: Connection description not loaded (local or remote) Connection interrupted (for example: cable, CPU off, CP in STOP mode) Connection to partner not yet established 1 2 Function cannot be executed (protocol error) 1 4 Error in the receive area pointer RD_1 relating to the data length or data type. The block of data sent is longer than the receive area. 1 5 Reset request received, incomplete transfer. WinCC Advanced V14 System Manual, 10/2016 4199 Programming the PLC 11.4 Instructions ERROR STATUS (decimal) Explanation 1 8 Access error in associated "BSEND (Page 4196)": After the last valid data segment has been sent, ERROR = 1 and STATUS = 4 or ERROR = 1 and STATUS = 10 is reported. 1 10 Access to the local user memory not possible (for example, access to a deleted DB). 1 18 Value at R_ID parameter already exists in the connection specified at the ID parameter (R_ID value must be unique for the connection). 1 20 Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with lower priority (first call). 1 W#16#80C 3 (only with S7-1500) Maximum number of parallel jobs exceeded. The job is currently being processed in a priority class with low priority (first call). See also Difference between synchronous and asynchronous instructions (Page 2436) Open User Communication (S7-1200, S7-1500) Data consistency (S7-1200, S7-1500) Ensuring data consistency In the S7-1500 module series, you can change parameters during ongoing operation with the instructions of the Open User Communication. Changed parameters are used immediately, even if a job is still active. Both can lead to data inconsistency! To avoid data inconsistencies, you should never change parameters while a job is running. TSEND_C: Establishing a connection and sending data (S7-1200, S7-1500) TSEND_C: Send data via Ethernet (S7-1200) Validity The following description of the "TSEND_C" instruction applies to S7-1200 CPUs with firmware version < V4.0. Description The "TSEND_C" instruction sets up and establishes a TCP or ISO-on-TCP communication connection. Once the connection has been set up and established, it is automatically maintained and monitored by the CPU. The connection description specified at the CONNECT parameter is used to set up the communication connection. 4200 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction is executed asynchronously and has the following functions: A communication connection is set up and established: The communication connection is set up and established with CONT=1. Once the connection is successfully established, the DONE parameter is set to "1" for one cycle. An existing connection is terminated and the connection which has been set up is removed when the CPU goes into STOP mode. To set up and establish the connection again, you must execute "TSEND_C" again. For information on the number of possible communication connections, refer to the technical specifications for your CPU. Sending data via an existing communication connection: You specify the send area with the DATA parameter. This includes the address and the length of the data to be sent. Do not use a data area with the data type BOOL or Array of BOOL at the DATA parameter. If you use purely symbolic values at the DATA parameter, the LEN parameter must have the value "0". The send job is executed when a rising edge is detected at the REQ parameter. With the LEN parameter, you specify the maximum number of bytes sent with a send job. When sending data (rising edge at the REQ parameter), the CONT parameter must have the value "1" in order to establish or maintain a connection. The data to be sent must not be edited until the send job is completed. If the send job executes successfully, the DONE parameter is set to "1". Signal state "1" at the DONE parameter is not confirmation that the data sent has already been read by the communication partner. Terminating the communication connection: The communication connection is terminated when the CONT parameter is set to "0" even if an ongoing data transfer is not complete yet. This does not apply if you are using an already configured connection for "TSEND_C". When setting the COM_RST parameter to "1", the currently established connection or a current data transmission can be reset at any time. This terminates the existing communication connection and a new connection is established. If data is being transferred when it executes again, this can lead to a loss of data. To enable "TSEND_C" again after the execution (DONE = 1), call the instruction once with REQ = 0. Note Support when programming connections If you select an instruction for communication TCON, TSEND_C or TRCV_C in a program block and create connections of the type TCP, UDP or ISO-on-TCP and want to assign parameters to them, you can use the support of the connection parameter assignment. You can find the connection parameter assignment the Inspector window of the program editor. WinCC Advanced V14 System Manual, 10/2016 4201 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "TSEND_C" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L Starts the send job on a rising edge. CONT Input BOOL I, Q, M, D, L Controls the communication connection: 0: Disconnect the communication connection 1: Establish and maintain the communication connection When sending data (rising edge at the REQ param eter), the CONT parameter must have the value TRUE in order to establish or maintain a connection. LEN Input UINT I, Q, M, D, L or con Maximum number of bytes to be sent with the job. stant If you use purely symbolic values at the DATA pa rameter, the LEN parameter must have the value "0". CONNECT InOut TCON_Param D DATA InOut VARIANT I, Q, M, D, L Pointer to the connection description See also: AUTOHOTSPOT Pointer to the send area containing the address and the length of the data to be sent (maximum length: 8192 bytes). When transferring structures, the structures must be identical at the sending and receiving end. COM_RST InOut BOOL I, Q, M, D, L Restarts the instruction: 0: Irrelevant 1: Complete restart of the instruction causing an existing connection to be terminated and a new connection to be established. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started. ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 4202 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of "TSEND_C". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 - - The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is specified in the STATUS parameter. 0 0 0 No new job was assigned. ERROR and STATUS parameters ERROR STATUS* Description (W#16#...) 0 0000 Job completed without error. 0 0001 The connection establishment is complete. 0 0003 The connection termination is complete. 0 7000 No job processing active. 0 7001 Start execution of the job Establish connection Wait for connection partner 0 7002 Data was sent. 0 7003 Connection is being terminated. 0 7004 Connection established and monitored, no job processing active. 1 80A0 Group error for error codes 80A1 and 80A2. 1 80A1 Connection or port already being used by user. Communication error: - The specified connection has not yet been established. - The specified connection is being terminated. Transfer via this connection is not possible. - The interface is being re-initialized. 1 80A2 Local or remote port is being used by the system. 1 80A3 Attempt being made to terminate a non-existent connection. 1 80A4 IP address of the remote endpoint of the connection is invalid, in other words, it matches the IP address of the local partner. 1 80A7 Communication error: You called the instruction with COM_RST = 1 before the send job was complete. 1 80AA A connection is currently being established with the same connection ID by another block. Repeat the job with a new rising edge at the REQ parameter. 1 80B2 The CONNECT parameter points to a data block that was generated with the attribute "Only store in load memory". WinCC Advanced V14 System Manual, 10/2016 4203 Programming the PLC 11.4 Instructions ERROR STATUS* Description (W#16#...) 1 80B3 Inconsistent parameter assignment: Group error for error codes 80A0 to 80A2, 80A4, 80B4 to 80B9. 1 80B4 When using the protocol variant ISO on TCP (connection_type = B#16#12) for the passive es tablishment of a connection (active_est = FALSE) one or both of the following conditions was violated: "local_tsap_id_len >= B#16#02" and/or "local_tsap_id[1] = B#16#E0". 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP. 1 80B6 Parameter assignment error in the connection_type parameter of the data block for connection description. 1 80B7 Error in one of the following parameters of the data block for connection description: block_length, local_tsap_id_len, rem_subnet_id_len, rem_staddr_len, rem_tsap_id_len, next_staddr_len. 1 8085 The LEN parameter is larger than the highest permitted value. 1 8086 The ID parameter within the CONNECT parameter is outside the permitted range. 1 8087 Maximum number of connections reached; no additional connection possible. 1 8088 The value at the LEN parameter does not correspond to the receive area set at the DATA pa rameter. 1 8089 The CONNECT parameter does not point to a data block. 1 8091 Maximum nesting depth exceeded. 1 809A The CONNECT parameter points to a field that does not correspond to the length of the con nection description. 1 809B The ID of the local device in the connection description does not correspond to the CPU. 1 80C3 All connection resources are in use. 1 80C4 A block with this ID is already being processed in a different priority group. Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is receiving new parameters or the connection is being established. The configured connection is currently being removed by a "TDISCON" instruction. The connection used is being terminated by a call with COM_RST= 1. 1 80C6 Remote network error. Remote partner cannot be reached. 1 8722 Parameter CONNECT: The source area is invalid. The area does not exist in the DB. 1 873A Parameter CONNECT: Access to the connection description is not possible (for example, DB does not exist). 1 877F Parameter CONNECT: Internal error. 1 8822 Parameter DATA: Invalid source area, the area does not exist in the DB. 1 8824 Parameter DATA: Area error in the VARIANT pointer. 1 8832 Parameter DATA: The DB number is too high. 1 883A Parameter CONNECT: Access to specified connection data not possible (e.g. because the DB does not exist). 1 887F Parameter DATA: Internal error, e.g. invalid VARIANT reference. 1 893A Parameter DATA: Access to send area not possible (e.g. because the DB does not exist). * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". 4204 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Error messages of the instructions "TCON", "TSEND", "T_DIAG" and "TDISCON" Internally, the "TSEND_C" instruction uses the instructions "TCON (Page 4254)", "TSEND (Page 4269)", "T_DIAG (Page 4293)", "T_RESET (Page 4291)" and "TDISCON (Page 4264)". The error messages of these instructions can also be output at the STATUS parameter. The meaning of the error codes is described in the corresponding instructions. In the event of identical error codes for internally used instructions with different meanings, the instance data block of "TSEND_C" can be used to determine which instruction output the error. See also Difference between synchronous and asynchronous instructions (Page 2436) TSEND_C: Establishing a connection and sending data (S7-1200, S7-1500) Validity The following description of the "TSEND_C" instruction is valid for: Ethernet CPU S7-1200 with firmware version V4.0 and CPU S7-1500 PROFIBUS FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL Description The "TSEND_C" instruction sets up and establishes a communications connection. Once the connection has been set up and established, it is automatically maintained and monitored by the CPU. The instruction is executed asynchronously and has the following functions: Setting up and establishing a communication connection Sending data via an existing communication connection Terminating or resetting the communication connection WinCC Advanced V14 System Manual, 10/2016 4205 Programming the PLC 11.4 Instructions Internally, the instruction "TSEND_C" uses the communication instructions TCON", "TSEND", "T_DIAG", "T_RESET" and "TDISCON". Note Support when programming connections If you select a TCON, TSEND_C or TRCV_C instruction for communication in a program block and create connections of the type TCP, UDP or ISO-on-TCP and want to assign parameters to them, you can use the support of the connection parameter assignment. You can find the connection parameter assignment in the Inspector window of the program editor. Setting up and establishing a communication connection The communication connection is set up and established with CONT=1. For information on the number of possible communication connections, refer to the technical specifications for your CPU. The connection description specified at the CONNECT parameter is used to set up the communication connection. The following connection types can be used: Programmed connections (structure of connection via "TCON"): - TCP / UDP: Connection description via the TCON_IP_v4 system data type - ISO-on-TCP: Connection description via the TCON_IP_RFC system data type - ISO: Connection description via the TCON_ISOnative system data type (for CP1543-1 only) - Telecontrol connections to SMS clients: Connection description via the TCON_PHONE system data type For this connection type, the station requires access to the mobile network via a mobile network CP. - FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL Configured connections - Specify an existing connection in the TCON_Configured system data type. An existing connection is terminated and the connection which has been set up is removed when the CPU goes into STOP mode. To set up and establish the connection again, you must execute "TSEND_C" again. Sending data via an existing communication connection The send job is executed when a rising edge is detected at the REQ parameter. As described above, the communication connection is established first. You specify the send area with the DATA parameter. This includes the address and the length of the data to be sent. Do not use a data area with the data type BOOL or Array of BOOL at the DATA parameter. With the LEN parameter, you specify the maximum number of bytes sent with a send job. If you use a send area with optimized access at the DATA parameter, the LEN parameter must have the value "0". 4206 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The data to be sent must not be edited until the send job is completed. Terminating and resetting the communication connection The communication connection is terminated when the CONT parameter is set to "0" even if an ongoing data transfer is not complete yet. This does not apply if you are using a configured connection for "TSEND_C". The connection can be reset at any time by setting the parameter COM_RST to "1". This terminates the existing communication connection and a new connection is established. If data is being transferred at this time, this can lead to data loss. Parameters The following table shows the parameters of the "TSEND_C" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L, T, C or constant Starts the send job on a rising edge. CONT Input BOOL I, Q, M, D, L Controls the communication connection: 0: Disconnect the communication connection. 1: Establish and maintain the communication connection. LEN Input UDINT I, Q, M, D, L or con Optional parameter (hidden) stant Maximum number of bytes to be sent with the job. If you use a send area with optimized access at the DATA parameter, the value "0" must be used at the LEN parameter. For FDL connections of the CM 15425, the maxi mum length is 240 bytes. In this regard, note the maximum lengths that can be processed by the connection partner. WinCC Advanced V14 System Manual, 10/2016 4207 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description CONNECT InOut VARIANT D Pointer to the structure of the connection descrip tion: Programmed connection: - For TCP or UDP, use the TCON_IP_v4 system data type. For a description, refer toAUTOHOTSPOT. - For ISO-on-TCP, use the TCON_IP_RFC system data type. For a description, refer to AUTOHOTSPOT. - For ISO, use the TCON_ISOnative system data type (for CP 15431 only). For description, refer to instruction "TCON (Page 4258)". - For connections to SMS clients, use the TCON_PHONE system data type. For a description, refer to AUTOHOTSPOT. - For FDL connections of the CM 15425, use the system data type TCON_FDL; see AUTOHOTSPOT. Configured connection: - DATA InOut VARIANT I, Q, M, D, L For existing connections, use the TCON_Configured system data type. For a description, see "System data type for configured connections" below. Pointer to the send area containing the address and the length of the data to be sent. When transferring structures, the structures must be identical at the sending and receiving end. ADDR InOut VARIANT D Hidden parameter that needs to be used, however, with UDP. In this case it contains a pointer to the system data type TADDR_Param. Store the ad dress information of the recipient (IP address and port number) in a data block with the system data type TADDR_Param. See also: Structure of the address information of the remote partner with UDP (Page 4289) COM_RST InOut BOOL I, Q, M, D, L Optional parameter (hidden) Resets the connection: 0: Irrelevant 1: The existing connection is reset. The COM_RST parameter is reset after evaluation by the "TSEND_C" instruction and should not, therefore, be interconnected statically. 4208 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Send job not yet started or still in progress. 1: Send job executed without error. This state is only displayed for one cycle. The output parameter DONE is set if an intermedi ate step was completed successfully during pro cessing (connection establishment, sending, con nection termination) and if the execution of "TSEND_C" was completed successfully. BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Send job not yet started or already completed. 1: Send job not yet completed. A new send job cannot be started. ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred during connection establishment, data transfer or connection termination. The output parameter ERROR can be set due to an error in the "TSEND_C" instruction or the commu nication instructions used internally. STATUS Output WORD I, Q, M, D, L Status of instruction (see the "ERROR and STA TUS" parameters" description). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". REQ, CONT and COM_RST parameters The parameter CONT controls the connection establishment of the "TSEND_C" instruction regardless of the REQ parameter. The behavior of the CONT parameter partially depends on whether a programmed or a configured connection is used: With CONT = "0": No data is sent (regardless of whether a programmed or a configured connection is used). When changing CONT = "0" to "1": - With a programmed connection, it is established with "TCON". - With a configured connection, it is checked with "T_DIAG". With CONT = "1": - As long as no data is sent (REQ="0"), the connection is checked with "T_DIAG". - If the internally used communication instructions signal that no connection end point exists, the connection is automatically reestablished with "TCON". When changing CONT = "1" to "0": - With a programmed connection, it is terminated with "TDISCON". - With a configured connection, it is reset with "T_RESET". WinCC Advanced V14 System Manual, 10/2016 4209 Programming the PLC 11.4 Instructions The parameter COM_RST resets the connection when changing from "0" to "1": If a connection is established, it is reset with "T_RESET" (regardless of whether a programmed or configured connection is used). If no connection is established, the setting of the parameter has no effect. The REQ and COM_RST parameters only have an effect if CONT has been set to "1". The following table shows the relationship between the REQ, CONT and COM_RST parameters: REQ CONT COM_ RST Status of the in struction Description Irrele vant 0 Irrele vant Not yet executed No job active (STATUS = 7000). Irrele vant 0 Irrele vant Initialization Connection is being terminated. The instruction is being reset. Irrele vant 0>1 Irrele vant Connection es tablishment Connection is being established. Data is not being transferred yet. 0 1 0 Connection es tablished The connection is established and is monitored with the instruction "T_DI AG". Irrele vant 1 0>1 Connection es tablished The connection is interrupted by "T_RESET" briefly and reset. 0>1 1 0 Connection es tablished Instruction starts sending. Irrele vant 1 0>1 Data is being sent Data transfer is interrupted. The connection is being reset. System data type for configured connections For configured connections at the CONNECT parameter, use the following structure for connection description to TCON_Configured: Byte Parameter Data type Start value Description 0 ... 1 InterfaceID HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to the connection (value range: 1 to 4095). 4 BYTE - Enter the connection ID of the existing connection. ConnectionType Connection type Select 254 (decimal) for a configured connection. Note For reasons of compatibility, the parameters InterfaceID and ConnectionType are part of the structure for the connection description to TCON_Configured. These parameters do not have an effect on the connection parameter assignment; only the parameter ID for the connection ID is evaluated in the connection parameter assignment. 4210 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a send job executed successfully. The ERROR parameter is set when errors occurred during execution of "TSEND_C". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: DONE BUSY ERROR Description 0 0 0 The instruction has not been executed yet (no rising edge at REQ parameter). 0 1 0 The instruction is being executed and calls the internally used communication instructions. 1 0 0 The send job was completed successfully. "0000" is output at the STATUS parameter. DONE = "1" is only displayed for one cycle. 0 0 1 The execution of the instruction or an intermediate step during processing was terminated with an error. If there is a subsequent error due to an internally used communication instruction, the error that occurred first during processing is displayed. This state is only displayed for one cycle. ERROR and STATUS parameters ERROR STATUS* Description (W#16#...) 0 0000 Send job was executed without error. 0 0001 Communication connection established. 0 0003 Communication connection closed. 0 7000 No active send job execution; no communication connection established. 0 7001 Initial call for establishing a connection. 0 7002 Second call for establishing a connection 0 7003 Communication connection is being terminated. 0 7004 Communication connection has been established and is being monitored. No send job execution active. 0 7005 Data transfer in progress. 1 80A1 Connection or port already being used by user. Communication error: - The specified connection has not yet been established. - The specified connection is being terminated. Transfer via this connection is not possible. - The interface is being re-initialized. 1 80A3 The nested "T_DIAG" instruction has reported that the connection has closed. 1 80A4 IP address of the remote endpoint of the connection is invalid or it matches the IP address of the local partner. 1 80A7 Communication error: You called the instruction with COM_RST = 1 before the send job was complete. 1 80AA A connection is currently being established with the same connection ID by another block. Repeat the job with a new rising edge at the REQ parameter. WinCC Advanced V14 System Manual, 10/2016 4211 Programming the PLC 11.4 Instructions ERROR STATUS* Description (W#16#...) 1 80B3 When using the protocol variant UDP the ADDR parameter does not contain any data. Error in the connection description The local port is already being used in a different connection description. 1 80B4 You have violated one or both of the following conditions for passive connection establishment (active_est = FALSE) when using the ISO-on-TCP protocol variant (connection_type = B#16#12): local_tsap_id_len >= B#16#02 local_tsap_id[1] = B#16#E0 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP. 1 80B6 Parameter assignment error in the connection_type parameter of the data block for connection description. 1 80B7 For system data type TCON_Param: Error in one of the following parameters of the data block for connection description: block_length, local_tsap_id_len, rem_subnet_id_len, rem_staddr_len, rem_tsap_id_len, next_staddr_len. For system data types TCON_IP_V4 and TCON_IP_RFC: IP address of the partner end point was set to 0.0.0.0. 1 8085 The LEN parameter is larger than the highest permitted value. 1 8086 The ID parameter within the CONNECT parameter is outside the permitted range. 1 8087 Maximum number of connections reached; no additional connection possible. 1 8088 The value at the LEN parameter does not correspond to the receive area set at the DATA pa rameter. 1 8089 The CONNECT parameter does not point to a data block. The CONNECT parameter does not point to a connection description. The manually created connection description has an incorrect structure for the selected connection type. 1 8091 Maximum nesting depth exceeded. 1 809A The CONNECT parameter points to a field that does not correspond to the length of the con nection description. 1 809B InterfaceID is invalid. It is either zero or it does not point to a local CPU interface or a CP. 1 80C3 All connection resources are in use. A block with this ID is already being processed in a different priority group. 1 80C4 Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is receiving new parameters or the connection is being established. The configured connection is currently being removed by a "TDISCON (Page 4264)" instruction. The connection used is being terminated by a call with COM_RST = 1. Temporarily no receive resources available at the connection partner. The connection partner is not ready to receive. 1 80C5 Connection terminated by the communication partner. LSAP of the remote connection partner is not released 4212 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* Description (W#16#...) 1 80C6 Network error: Remote partner cannot be reached. Physical interruption on PROFIBUS 1 8722 Parameter CONNECT: The source area is invalid. The area does not exist in the DB. 1 873A Parameter CONNECT: Access to the connection description is not possible (for example, be cause the DB is not available). 1 877F Parameter CONNECT: Internal error. 1 8822 Parameter DATA: Invalid source area, the area does not exist in the DB. 1 8824 Parameter DATA: Area error in the VARIANT pointer. 1 8832 Parameter DATA: The DB number is too high. 1 883A Parameter CONNECT: Access to specified connection data not possible (e.g. because the DB does not exist). 1 887F Parameter DATA: Internal error, e.g. invalid VARIANT reference. 1 893A Parameter DATA: Access to send area not possible (e.g. because the DB does not exist). * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Note Error messages of the instructions "TCON", "TSEND", "T_DIAG", "T_RESET" and "TDISCON" Internally, the "TSEND_C" instruction uses the instructions "TCON (Page 4258)", "TSEND (Page 4269)", "T_DIAG (Page 4293)", "T_RESET (Page 4291)" and "TDISCON (Page 4264)". The error messages of these instructions can also be output at the STATUS parameter. The meaning of the error codes is described in the corresponding instructions. In the event of identical error codes for internally used instructions with different meanings, the instance data block of "TSEND_C" can be used to determine which instruction output the error. Example You will find the example here: Program example for send functions (Page 4228). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4213 Programming the PLC 11.4 Instructions TRCV_C: Establishing a connection and receiving data (S7-1200, S7-1500) TRCV_C: Receive data via Ethernet (S7-1200) Validity The following description of the "TRCV_C" instruction applies to S7-1200 CPUs with firmware version < V4.0. Description The "TRCV_C" instruction is executed asynchronously and has the following functions: 1. Setting up and establishing a communication connection: "TRCV_C" sets up and establishes a TCP or ISO-on-TCP communication connection. Once the connection has been set up and established, it is automatically maintained and monitored by the CPU. The connection description specified at the CONNECT parameter is used to set up the communication connection. To establish a connection, the CONT parameter must be set to the value "1". Once the connection is successfully established, the DONE parameter is set to "1". An existing connection is terminated and the connection which has been set up is removed when the CPU goes into STOP mode. To set up and establish the connection again, you must execute "TRCV_C" again. For information on the number of possible communication connections, refer to the technical specifications for your CPU. 2. Receiving data via an existing communication connection: If the EN_R parameter is set to the value "1", receipt of data is enabled. When receiving data (rising edge at the EN_R parameter), the CONT parameter must have the value TRUE in order to establish or maintain a connection. The received data is entered in a receive area. You specify the length of the receive area either with the LEN parameter (if LEN <> 0) or with the length information of the DATA parameter (if LEN = 0) in accordance with the protocol variant used. If you use purely symbolic values at the DATA parameter, the LEN parameter must have the value "0". After data has been received successfully, the signal state at the DONE parameter is "1". If errors occur in the data transfer, the DONE parameter is set to "0". 3. Terminating the communication connection: The communication connection is terminated immediately when the CONT parameter is set to "0". 4214 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TRCV_C is executed again when the COM_RST parameter is set. This terminates the existing communication connection and a new connection is established. If data is being received when it executes again, this can lead to a loss of data. Note Support when programming connections If you select an instruction for communication TCON, TSEND_C or TRCV_C in a program block and create connections of the type TCP, UDP or ISO-on-TCP and want to assign parameters to them, you can use the support of the connection parameter assignment. You can find the connection parameter assignment the Inspector window of the program editor. Receive modes of TRCV_C The following table shows how the received data is entered in the receive area. Protocol variant Availability of data in the receive area connection_type parameter of the connection description LEN parameter TCP The data is immediately available. Hexadecimal value: B#16#11 0 (Ad-hoc mode) Integer value: 17 TCP (Receipt of data with specified length) The data is available as soon as the Hexadecimal value: B#16#11 data length specified at the LEN param Integer value: 17 eter has been fully received. ISO on TCP The data is available as soon as the Hexadecimal value: B#16#12 data length specified at the LEN param (Message-oriented da Integer value: 18 eter has been fully received. ta transfer) 1 to 8192 1 to 1452, if a CP is used. 1 to 8192, if no CP is used. TCP (Ad-hoc mode) The ad-hoc mode is only available with the TCP protocol variant. You use the ad-hoc mode to receive data with dynamic length with the "TRCV" instruction. You set ad-hoc mode by assigning the value "0" to the LEN parameter. All data types can be used for data blocks with standard access when you use ad-hoc mode. Only ARRAY of BYTE or data types with a length of 8 bits can be used for data blocks with optimized access (e.g., CHAR, USINT, SINT, etc.). The data length actually received is output at the RCVD_LEN parameter. TCP (Receipt of data with specified length) You use the value of the LEN parameter to specify the length for the data receipt. The data receipt is not complete until the length of data specified at the LEN parameter has been completely received. Only then is the data available in the receive area (DATA parameter). The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. WinCC Advanced V14 System Manual, 10/2016 4215 Programming the PLC 11.4 Instructions ISO on TCP (Message-oriented data transfer) Complete message blocks are sent via a connection with the protocol variant ISO on TCP; these are recognized as such by the recipient. When using ISO on TCP, "TRCV_C" signals data receipt as soon as the message block has been completely received. The receive area is defined by the LEN and DATA parameters. If the receive buffer (DATA parameter) is too small for the sent data, "TRCV_C" signals an error. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. Parameters The following table shows the parameters of the "TRCV_C" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L Receive enable CONT Input BOOL I, Q, M, D, L Controls the communication connection: 0: Disconnect the communication connection 1: Establish and maintain the communication connection When receiving data (rising edge at the EN_R pa rameter), the CONT parameter must have the value TRUE in order to establish or maintain a connection. LEN Input UINT I, Q, M, D, L or con Maximum length of the data to be received (maxi stant mum value: 8192 bytes). If you use purely symbolic values at the DATA parameter, the LEN parameter must have the value "0". CONNECT InOut TCON_Param D Pointer to the connection description See also: AUTOHOTSPOT DATA InOut VARIANT I, Q, M, D, L Pointer to the receive area When transferring structures, the structures must be identical at the sending and receiving end. COM_RST InOut BOOL I, Q, M, D, L Restarts the instruction: 0: Irrelevant 1: Complete restart of the instruction causing an existing connection to be terminated DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started ERROR Output BOOL I, Q, M, D, L Status parameter ERROR: 0: No error 1: Error occurred 4216 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description STATUS Output WORD I, Q, M, D, L Status of the instruction RCVD_LEN Output UINT I, Q, M, D, L Amount of data actually received in bytes You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of "TRCV_C". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 - - The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new job was assigned. ERROR and STATUS parameters ERROR STATUS* Description (W#16#...) 0 0000 Job completed without error. 0 0001 The connection establishment is complete. 0 0003 The connection termination is complete. 0 7000 No job processing active. 0 7001 Start execution of the job Establish connection Wait for connection partner 0 7002 Data is being received. 0 7003 Connection is being terminated. 0 7004 Connection established and monitored No job processing active 0 7006 Data is currently being received. 1 8085 The LEN parameter is larger than the highest permitted value. The value at the LEN or DATA parameter was changed after the first call. 1 8086 The ID parameter is outside the permitted range. 1 8087 Maximum number of connections reached; no additional connection possible 1 8088 The value at the LEN parameter does not correspond to the receive area set at the DATA parameter. WinCC Advanced V14 System Manual, 10/2016 4217 Programming the PLC 11.4 Instructions ERROR STATUS* Description (W#16#...) 1 8089 The CONNECT parameter does not point to a data block. 1 8091 Maximum nesting depth exceeded. 1 809A The CONNECT parameter points to a field that does not correspond to the length of the connection description. 1 809B The ID of the local device (local_device_id) in the connection description does not correspond to the CPU. 1 80A0 Group error for error codes W#16#80A1 and W#16#80A2. 1 80A1 Connection or port already being used by user. Communication error: - The specified connection has not yet been established. - The specified connection is being terminated. Transfer via this connection is not possible. - The interface is being re-initialized. 1 80A2 Local or remote port is being used by the system. 1 80A3 Attempt being made to re-establish an existing connection. 1 80A4 IP address of the remote endpoint of the connection is invalid, in other words, it matches the IP address of the local partner. 1 80A7 Communication error: You called the instruction with COM_RST = 1 before the send job was com plete. 1 80B2 The CONNECT parameter points to a data block that was generated with the attribute "Only store in load memory". 1 80B3 Inconsistent parameter assignment: Group error for error codes W#16#80A0 to W#16#80A2, W#16#80A4, W#16#80B4 to W#16#80B9. 1 80B4 When using the protocol variant ISO on TCP (connection_type = B#16#12) for the passive estab lishment of a connection (active_est = FALSE) one or both of the following conditions was violated: "local_tsap_id_len >= B#16#02" and/or "local_tsap_id[1] = B#16#E0". 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP. 1 80B6 Parameter assignment error in the connection_type parameter of the data block for connection description. 1 80B7 Error in one of the following parameters of the data block for connection description: block_length, local_tsap_id_len, rem_subnet_id_len, rem_staddr_len, rem_tsap_id_len, next_staddr_len. 1 80C3 All connection resources are in use. 1 80C4 Attempt being made to terminate a non-existent connection. A block with this ID is already being processed in a different priority group. Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is receiving new parameters or the connection is being established. The configured connection is currently being removed by a "TDISCON" instruction. The connection used is being terminated by a call with COM_RST= 1. 1 80C6 The remote partner cannot be reached (network error). 1 8722 Error in the CONNECT parameter: Invalid source area (area not declared in data block). 4218 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* Description (W#16#...) 1 873A Error in the CONNECT parameter: Access to connection description is not possible (no access to data block). 1 877F Error in the CONNECT parameter: Internal error 1 8922 Parameter DATA: Invalid destination area; the area does not exist in the DB. 1 8924 Parameter DATA: Area error in the VARIANT pointer. 1 8932 Parameter DATA: The DB number is too high. 1 893A Parameter CONNECT: Access to specified connection data not possible (e.g. because the DB does not exist). 1 897F Parameter DATA: Internal error, e.g. invalid VARIANT reference. 1 8A3A Parameter DATA: No access to the data area, for example because the data block does not exist. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Note Error messages of the instructions "TCON", "TRCV" and "TDISCON" Internally, the TRV_C instruction uses the "TCON (Page 4254)", "TRCV (Page 4273)" and "TDISCON (Page 4264)" instructions. The error messages of these instructions are contained in the respective descriptions. See also Difference between synchronous and asynchronous instructions (Page 2436) TRCV_C: Establishing a connection and receiving data (S7-1200, S7-1500) Validity The following description of the "TRCV_C" instruction is valid for: Ethernet: CPU S7-1200 with firmware version V4.0 or higher and CPU S7-1500 PROFIBUS: FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL Description The "TRCV_C" instruction is executed asynchronously and implements the following functions in sequence: Setting up and establishing a communication connection Receiving data via an existing communication connection Terminating or resetting the communication connection WinCC Advanced V14 System Manual, 10/2016 4219 Programming the PLC 11.4 Instructions Internally, the instruction "TRCV_C" uses the communication instructions TCON", "TRCV", "T_DIAG", "T_RESET" and "TDISCON". Note Support when programming connections If you select a TCON, TSEND_C or TRCV_C instruction for communication in a program block and create connections of the type TCP, UDP or ISO-on-TCP and want to assign parameters to them, you can use the support of the connection parameter assignment. You can find the connection parameter assignment in the Inspector window of the program editor. Setting up and establishing a communication connection The communication connection is set up and established with CONT=1. For information on the number of possible communication connections, refer to the technical specifications for your CPU. The connection description specified at the CONNECT parameter is used to set up the communication connection. The following connection types can be used: Programmed connections (structure of connection via "TCON"): - TCP / UDP: Connection description via the TCON_IP_v4 system data type - ISO-on-TCP: Connection description via the TCON_IP_RFC system data type - ISO: Connection description via the TCON_ISOnative system data type (for CP1543-1 only) - Telecontrol connections to SMS clients: Connection description via the TCON_PHONE system data type For this connection type, the station requires access to the mobile network via a mobile network CP. - FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL Configured connections - Specify an existing connection in the TCON_Configured system data type. An existing connection is terminated and the connection which has been set up is removed when the CPU goes into STOP mode. To set up and establish the connection again, you must execute "TRCV_C" again. Receiving data via an existing communication connection Receipt of data is enabled when the EN_R parameter is set to the value "1". The received data is entered in a receive area. You specify the length of the receive area either with the LEN parameter (if LEN <> 0) or with the length information of the DATA parameter (if LEN = 0), depending on the protocol variant being used. If you use purely symbolic values at the DATA parameter, the LEN parameter must have the value "0". 4220 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Receive modes of TRCV_C: TCP (Ad-hoc mode) The ad-hoc mode is only available with the TCP protocol variant. You use the ad-hoc mode to receive data with dynamic length with the "TRCV_C" instruction. You set ad-hoc mode by assigning the value "1" to the ADHOC parameter. All data types can be used for data blocks with standard access when you use ad-hoc mode. Only ARRAY of BYTE or data types with a length of 8 bits can be used for data blocks with optimized access (e.g., CHAR, USINT, SINT, etc.). The data length actually received is output at the RCVD_LEN parameter. TCP (Receipt of data with specified length) Assign the value "0" to the ADHOC parameter for receipt of data with specified length. If ad-hoc mode is disabled, the data reception is not complete until the length of data specified at the LEN parameter has been completely received. Only then is the data available in the receive area (DATA parameter). The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. ISOonTCP (Message-oriented data transfer) Complete message blocks are sent via a connection with the protocol variant ISOonTCP; these are recognized as such by the recipient. The receive area is defined by the LEN and DATA parameters. If the receive buffer (DATA parameter) is too small for the sent data, "TRCV_C" signals an error. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. The following table shows how the received data is entered in the receive area. Protocol variant Availability of data in the receive area connection_type parameter of the connection description Parameter LEN TCP The data is immediately available. Hexadecimal value: B#16#11 1 up to maximum length (depending on the CPU) (Ad-hoc mode) Integer value: 17 TCP The data is available as soon as the Hexadecimal value: B#16#11 data length specified at the LEN param Integer value: 17 eter has been fully received. 1 to 8192 The data is available as soon as the Hexadecimal value: B#16#12 (Message-oriented da data length specified at the LEN param Integer value: 18 eter has been fully received. ta transfer) 1 to 8192 FDL 1 to 240 (Receipt of data with specified length) ISOonTCP The data is available as soon as the Hexadecimal value: B#16#15 data length specified at the LEN param Decimal: 21 eter has been fully received. Terminating the communication connection The communication connection is terminated when the CONT parameter is set to "0" even if an ongoing data transfer is not complete yet. This does not apply if you are using a configured connection, however. The connection can be reset at any time by setting the parameter COM_RST to "1". This terminates the existing communication connection and a new connection is established. If data is being transferred at this time, this can lead to data loss. WinCC Advanced V14 System Manual, 10/2016 4221 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "TRCV_C" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L, T, C or constant Receive enable CONT Input BOOL I, Q, M, D, L Controls the communication connection: 0: Disconnect the communication connection. 1: Establish communication connection and maintain after receipt of data. LEN Input UDINT I, Q, M, D, L or con Maximum length of the data to be received. If you stant use a receive area with optimized access at the DATA parameter, the value "0" must be used at the LEN parameter. ADHOC Input BOOL I, Q, M, D, L or con Optional parameter (hidden) stant Use ad-hoc mode for the TCP protocol variant. CONNECT InOut VARIANT D Pointer to the connection description Programmed connection: - For TCP or UDP, use the structure TCON_IP_v4 For description, refer to:AUTOHOTSPOT - For ISO-on-TCP, use the structure TCON_IP_RFC For a description, refer to: AUTOHOTSPOT - For ISO, use the structure TCON_ISOnative (for CP 15431 only) For description, refer to instruction "TCON (Page 4258)": "Structure of the connection description according to TCON_ISOnative" - For connections to SMS clients, use the TCON_PHONE system data type. For a description, refer to AUTOHOTSPOT. - For FDL connections of the CM 15425, use the system data type TCON_FDL; see AUTOHOTSPOT. Configured connection: - DATA InOut VARIANT I, Q, M, D, L For existing connections, use the TCON_Configured system data type. For a description, see "System data type for configured connections" below. Pointer to the receive area. When transferring structures, the structures must be identical at the sending and receiving end. 4222 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ADDR InOut VARIANT D Hidden parameter that needs to be used, however, with UDP. In this case it contains a pointer to the system data type TADDR_Param. Store the ad dress information of the sender (IP address and port number) in a data block with the system data type TADDR_Param. See also: Structure of the address information of the remote partner with UDP (Page 4289) COM_RST InOut BOOL I, Q, M, D, L Optional parameter (hidden) Resets the connection: 0: Irrelevant 1: The existing connection is reset. The COM_RST parameter is reset after evaluation by the "TRCV_C" instruction and should not, there fore, be interconnected statically. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Receipt not yet started or still in progress. 1: Receipt executed without error. This state is only displayed for one cycle. The output parameter DONE is set if an intermedi ate step was completed successfully during pro cessing (connection establishment, receipt, con nection termination) and if the execution of "TRCV_C" was completed successfully. BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Receipt not yet started or already completed. 1: Receipt not yet completed. A new send job cannot be started. ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred during connection establishment, data reception or connection termination. The output parameter ERROR can be set due to an error in the "TRCV_C" instruction or the communi cation instructions used internally. STATUS Output WORD I, Q, M, D, L Status of the instruction RCVD_LEN Output UDINT I, Q, M, D, L Amount of data actually received in bytes You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4223 Programming the PLC 11.4 Instructions EN_R, CONT and COM_RST parameters The parameter CONT controls the connection establishment of the "TRCV_C" instruction regardless of the EN_R parameter. The behavior of the CONT parameter partially depends on whether a programmed or a configured connection is used: With CONT = "0": No data is received (regardless of whether a programmed or a configured connection is used). When changing CONT = "0" to "1": - With a programmed connection, it is established with "TCON". - With a configured connection, it is checked with "T_DIAG". With CONT = "1": - As long as no data is received (EN_R="0"), the connection is checked with "T_DIAG". - If the internally used communication instructions signal that no connection end point exists, the connection is automatically reestablished with "TCON". When changing CONT = "1" to "0": - With a programmed connection, it is terminated with "TDISCON". - With a configured connection, it is reset with "T_RESET". The parameter COM_RST resets the connection when changing from "0" to "1": If a connection is established, it is reset with "T_RESET" (regardless of whether a programmed or configured connection is used). If no connection is established, the setting of the parameter has no effect. The EN_R and COM_RST parameters only have an effect if CONT has been set to "1". The following table shows the relationship between the EN_R, CONT and COM_RST parameters: EN_R CONT COM_ RST Status of the in struction Description Irrele vant 0 Irrele vant Not yet executed No job active (STATUS = 7000). Irrele vant 0 Irrele vant Initialization Connection is being terminated. The instruction is being reset. Irrele vant 0>1 Irrele vant Connection es tablishment Connection is being established. Data is not being transferred yet. 0 1 0 Connection es tablished The connection is established and is monitored with the instruction "T_DI AG". Irrele vant 1 0>1 Connection es tablished The connection is interrupted by "T_RESET" briefly and reset. 0>1 1 0 Connection es tablished Instruction starts receiving. Irrele vant 1 0>1 Data is being re ceived Data transfer is interrupted. The connection is being reset. 4224 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions System data type for configured connections For configured connections at the CONNECT parameter, use the following structure for connection description to TCON_Configured: Byte Parameter Data type Start value Description 0 ... 1 InterfaceID HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to the connection (value range: 1 to 4095). 4 BYTE - Enter the connection ID of the existing connection. ConnectionType Connection type Select 254 (decimal) for a configured connection. BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of "TRCV_C". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: DONE BUSY ERROR Description 0 0 0 The instruction has not been executed yet (no rising edge at EN_R parameter). 0 1 0 The instruction is being executed and calls the internally used communication instructions. 1 0 0 The receipt has been completed successfully. "0000" is output at the parameter STATUS. DONE = "1" is only displayed for one cycle. 0 0 1 The execution of the instruction or an intermediate step during processing was terminated with an error. If there is a subsequent error due to an internally used communication instruction, the error that occurred first during processing is displayed. This state is only displayed for one cycle. ERROR and STATUS parameters ERROR STATUS Description (W#16#...) 0 0000 Receive job executed without error. 0 0001 Communication connection established. 0 0003 Communication connection closed. 0 7000 No job processing active. 0 7001 Initial call for establishing a connection. 0 7002 Second call for establishing a connection. 0 7003 Communication connection is being terminated. 0 7004 Communication connection has been established and is being monitored. No receive job process ing active. 0 7006 Data is currently being received. WinCC Advanced V14 System Manual, 10/2016 4225 Programming the PLC 11.4 Instructions ERROR STATUS Description (W#16#...) 1 8085 The LEN parameter is larger than the highest permitted value. The value at the LEN or DATA parameter was changed after the first call. 1 8086 The ID parameter is outside the permitted range. 1 8087 Maximum number of connections reached; no additional connection possible 1 8088 The value at the LEN parameter does not correspond to the receive area set at the DATA parameter. 1 8089 The CONNECT parameter does not point to a data block. The CONNECT parameter does not point to a connection description. The manually created connection description has an incorrect structure for the selected connection type. 1 8091 Maximum nesting depth exceeded. 1 809A The CONNECT parameter points to a field that does not correspond to the length of the connection description. 1 809B InterfaceID is invalid. It is either zero or it does not point to a local CPU interface or a CP. 1 80A1 Connection or port already being used by user. Communication error: - The specified connection has not yet been established. - The specified connection is being terminated. Transfer via this connection is not possible. - The interface is being re-initialized. 1 80A3 The nested "T_DIAG" instruction has reported that the connection has closed. 1 80A4 IP address of the remote endpoint of the connection is invalid or it matches the IP address of the local partner. 1 80A7 Communication error: You called the instruction with COM_RST = 1 before the send job was com plete. 1 80AA A connection is currently being established with the same connection ID by another block. Repeat the job with a new rising edge at the REQ parameter. 1 80B3 When using the protocol variant UDP the ADDR parameter does not contain any data. Error in the connection description The local port is already being used in a different connection description. 1 80B4 When using the protocol variant ISO on TCP (connection_type = B#16#12) for the passive estab lishment of a connection (active_est = FALSE) one or both of the following conditions was violated: "local_tsap_id_len >= B#16#02" and/or "local_tsap_id[1] = B#16#E0". 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP. 1 80B6 Parameter assignment error in the connection_type parameter of the data block for connection description. 1 80B7 For system data type TCON_Param: Error in one of the following parameters of the data block for connection description: block_length, local_tsap_id_len, rem_subnet_id_len, rem_staddr_len, rem_tsap_id_len, next_staddr_len. For system data types TCON_IP_V4 and TCON_IP_RFC: IP address of the partner end point was set to 0.0.0.0. 1 80C3 All connection resources are in use. A block with this ID is already being processed in a different priority group. 4226 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS Description (W#16#...) 1 80C4 Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is receiving new parameters or the connection is being established. The configured connection is currently being removed by a "TDISCON" instruction. The connection used is being terminated by a call with COM_RST = 1. 1 80C6 The remote partner cannot be reached (network error). 1 8722 Error in the CONNECT parameter: Invalid source area (area not declared in data block). 1 873A Error in the CONNECT parameter: Access to connection description is not possible (no access to data block). 1 877F Error in the CONNECT parameter: Internal error 1 8922 Parameter DATA: Invalid destination area; the area does not exist in the DB. 1 8924 Parameter DATA: Area error in the VARIANT pointer. 1 8932 Parameter DATA: The DB number is too high. 1 893A Parameter CONNECT: Access to specified connection data not possible (e.g. because the DB does not exist). 1 897F Parameter DATA: Internal error, e.g. invalid VARIANT reference. 1 8A3A Parameter DATA: No access to the data area, for example because the data block does not exist. Note Error messages of the instructions "TCON", "TRCV" and "TDISCON" Internally, the TRV_C instruction uses the "TCON (Page 4258)", "TRCV (Page 4273)" and "TDISCON (Page 4264)" instructions. The error messages of these instructions are contained in the respective descriptions. Example You will find the example here: Program example for send functions (Page 4228). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also TSEND_C: Establishing a connection and sending data (Page 4205) Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4227 Programming the PLC 11.4 Instructions Program example for send functions (S7-1200, S7-1500) Introduction In the following example, you create a programmed connection between two CPUs of the S7-1500 series and send a character string from CPU 1 to CPU 2. The character string to be sent is of the data type STRING. Requirements Two CPUs of the S7-1500 series are available and connected to each other over PROFINET. Their connection is not yet configured. A low protection level under Properties > Protection ensures that read and write access is permitted for each CPU. Program of CPU 1 Create nine tags in a global data block for storing the data of "TSEND_C". Network 1: Interconnect the parameters of the "TSEND_C" instruction as follows. Do not interconnect the input parameter CONNECT yet. 4228 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 2: Save the status for an error of TSEND_C as follows. Network 3: Save the success status of TSEND_C as follows. Configuration of TSEND_C To interconnect the input parameter CONNECT, open the wizard of the "TSEND_C" instruction with Properties > Configuration. WinCC Advanced V14 System Manual, 10/2016 4229 Programming the PLC 11.4 Instructions Make the following settings for the configuration of TSEND_C: Input field Entry Access point Select a CPU for sender and receiver using the drop-down list. Interface, subnet and address are entered automatically. Connection data Use the drop-down list and the selection "New" to create one data block per CPU. This data block is required for storing the connection data. The name of the data block can be freely selected. The active connection establishment is enabled for CPU 1 (local CPU). Connection type Select the entry "TCP". This means an Ethernet connection with the "TCP" protocol is used for connection establishment. Configuration mode Select the entry "Use program block". This means connection establishment takes place by means of a programmed connection. Connection ID You enter a freely selected connection ID for the communication connection. The connection ID must not already be assigned in the project. Partner port 4230 You enter a value for the partner port. The value must be >=2000. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Program of CPU 2 Create ten tags in a global data block for storing the data of "TRCV_C". Network 1: Interconnect the parameters of the "TRCV_C" instruction as follows. Network 2: Save the status for an error of TRCV_C as follows. Network 3: Save the success status of TRCV_C as follows. WinCC Advanced V14 System Manual, 10/2016 4231 Programming the PLC 11.4 Instructions Configuration of TRCV_C Make the following settings for the configuration of TRCV_C: Note Connection data By configuring TSEND_C, you have already created a data block ("SLI_cDB_Connector") with the stored connection data for each CPU. Instead of creating new data blocks and entering the connection data, you can simply use the created data blocks ("SLI_cDB_Connector"). For the created data blocks to be available for selection, they must still be available in the project tree under Program blocks > System blocks. 4232 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Procedure for connection establishment To establish the communication connection in RUN mode, follow these steps: 1. Change the REQ parameter to "1" for TRCV_C. 2. Change the CONT parameter to "1" for TRCV_C. 3. Change the REQ parameter to "1" for TSEND_C. 4. Change the CONT parameter to "1" for TSEND_C. Procedure for connection termination To terminate the communication connection in RUN mode, follow these steps: 1. Change the CONT parameter to "0" for TSEND_C. 2. Change the REQ parameter to "0" for TSEND_C. 3. Change the CONT parameter to "0" for TRCV_C. 4. Change the REQ parameter to "0" for TRCV_C. Behavior of CPU 1 When the input parameter REQ ("start") returns the signal state "TRUE", the "TSEND_C" instruction is started. When the input parameter CONT ("comControl") supplies the signal state "TRUE", the "TSEND_C" instruction creates a communication connection between CPU 1 and CPU 2. To do this, the connection data is retrieved with the input parameter CONNECT (or the data block "SLI_cDB_Connector"). For multiple calls, the "TSEND_C" instruction transmits the data record detected at input parameter DATA ("sendData"). After transmitting the data record to CPU 2, the communication connection continues to be monitored (status "7004"). Successful transfer of the data record is indicated by the output parameter DONE ("done") with the signal state "TRUE" and the output parameter STATUS ("status") with the value "0000". Because the values of the output parameters are only displayed for the moment of their validity, save the success status in the tag "memDoneStat". The output parameter ERROR ("error") or the tag "memErrStatus" indicates that processing is taking place without errors. WinCC Advanced V14 System Manual, 10/2016 4233 Programming the PLC 11.4 Instructions Behavior of CPU 2 When the input parameter EN_R ("start") returns the signal state "TRUE", the "TRCV_C" instruction is started. When the input parameter CONT ("comControl") supplies the signal state "TRUE", the "TRCV_C" instruction creates a communication connection between CPU 2 and CPU 1. To do this, the connection data is retrieved with the input parameter CONNECT (or the data block "SLI_cDB_Connector"). For multiple calls, the "TRCV_C" instruction receives the transmitted data record. The data record is detected at the input parameter DATA ("rcvData"). After the data record has been received by CPU 2, the communication connection continues to be monitored (status "7004"). The length in BYTE of the actually transmitted data record is detected with the output parameter RCVD_LEN ("rcvLen"). This value is only displayed during the success status. Then "0" is detected. Successful transfer of the data record is indicated by the output parameter DONE ("done") with the signal state "TRUE" and the output parameter STATUS ("status") with the value "0000". Because the values of the output parameters are only displayed for the moment of their validity, save the success status in the tag "memDoneStat" and the length in BYTE in the tag "memRcvLen". The output parameter ERROR ("error") or the tag "memErrStatus" indicates that processing is taking place without errors. Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). 4234 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TMAIL_C: Transfer email (S7-1200, S7-1500) Description of TMAIL_C (S7-1200, S7-1500) Description You can use the "TMAIL_C" instruction to send an e-mail via the Ethernet interface of the S7-1500 CPU or S7-1200 > V4.0, a communication module (CM), or a communication processor (CP). The instruction can only be used once the hardware has been configured and if the network infrastructure allows for a communication connection to the mail server. You define the content of the e-mail, and the connection data, using the following parameters: You define the recipient addresses with the parameters TO_S and CC. You define the content of the e-mail with the parameters SUBJECT and TEXT. You can define an attachment using VARIANT pointers at the ATTACHMENT and ATTACHMENT_NAME parameters. The connection data is defined, and addressing and authentication for the mail server executed, using the system data type TMail_V4, TMail_V6 or TMail_FQDN at the MAIL_ADDR_PARAM parameter. - If you are using the interface of the S7-1500 CPU, the system data type TMail_V4 must be used. In this case, the e-mail can only be sent via SMTP. - Any of the system data types can be used if you are using the interface of a CM/CP. The e-mail can then also be sent via SMTPS. You start the sending of an e-mail with an edge change from "0" to "1" for the REQ parameter. The job status is indicated by the output parameters "BUSY", "DONE", "ERROR" and "STATUS". You cannot send an SMS directly with the "TMAIL_C" instruction. Whether or not the e-mail can be forwarded by the mail server as an SMS depends on your telecommunications provider. Note Number of e-mails to be sent You can send more than one e-mail simultaneously using a PLC. When a CP 1243-8 or CP 1543-1 is used, you can only send one e-mail for each CP. When two CPs are used, parallel sending of two e-mails is possible. Operation of the instruction The "TMAIL_C" instruction works asynchronously, which means its execution extends over multiple calls. You must specify an instance when you call the instruction "TMAIL_C". WinCC Advanced V14 System Manual, 10/2016 4235 Programming the PLC 11.4 Instructions In the following cases, the connection to the mail server will be lost: If the CPU switches to STOP while "TMAIL_C" is active. If communication problems occur at the Industrial Ethernet bus. In this case, the transfer of the e-mail will be interrupted and it will not reach its recipient. The connection is also canceled once the instruction has been successfully executed and the email sent. NOTICE Changing user programs You can change the parts of your user program that directly affect calls of "TMAIL_C" only: The CPU is in "STOP" mode. No e-mail is being sent (REQ = 0 and BUSY = 0). This relates, in particular, to deleting and replacing program blocks that contain "TMAIL_C" calls or calls for the instance of "TMAIL_C". Ignoring this restriction can tie up connection resources. The automation system can change to an undefined status with the TCP/IP communication functions via Industrial Ethernet. A warm or cold restart of the CPU is required after the changes are transferred. Data consistency The TO_S, CC, SUBJECT, TEXT, ATTACHMENT and MAIL_ADDR_PARAM parameters are applied by the "TMAIL_C" instruction while it is running, which means that they may only be changed after the job has been completed (BUSY = 0). SMTP authentication Authentication refers here to a procedure for verifying identity, for example, with a password query. If you are using the S7-1500 CPU interface, the instruction "TMAIL_C" supports the SMTP authentication procedure AUTH-LOGIN which is required by most mail servers. For information about the authentication procedure of your mail server, please refer to your mail server manual or the website of your Internet service provider. Before you can use the AUTH-LOGIN authentication procedure, the "TMAIL_C" instruction requires the user name with which it is to log on to the mail server. This user name corresponds to the user name with which you set up a mail account on your mail server. It is transferred via the UserName parameter to the structure at parameter MAIL_ADDR_PARAM. If no user name is specified at the MAIL_ADDR_PARAM parameter, the AUTH-LOGIN authentication procedure is not used. The e-mail is then sent without authentication. To log on, the "TMAIL_C" instruction also requires the associated password. This password corresponds to the password you specified when you set up your mail account. It is transferred via the PassWord parameter to the structure at parameter MAIL_ADDR_PARAM. 4236 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "TMAIL_C" instruction: Parameter Declara tion Data type Memory area Description REQ Input BOOL I, Q, M, D, L, T, C or con stant Control parameter REQUEST: Activates the sending of an e-mail upon a rising edge. TO_S (Page 4240) Input STRING D, L or con stant Recipient addresses STRING with a maximum length of 240 char acters (bytes). For the e-mail address format, see the ex ample in the parameter description. CC (Page 4240) Input STRING D, L or con stant CC recipient addresses (optional) STRING with a maximum length of 240 char acters (bytes). Same e-mail address format as for the TO_S parameter. If an empty string is assigned here, the e-mail is not sent to a CC recipient. SUBJECT TEXT WinCC Advanced V14 System Manual, 10/2016 Input Input ATTACH MENT Input ATTACH MENT_NAME Input MAIL_ADDR_ PARAM (Page 4241) Input STRING STRING D, L or con stant D, L or con stant VARIANT D Subject of the e-mail STRING with a maximum length of 240 char acters (bytes). Text of the e-mail (optional) STRING with a maximum length of 240 char acters (bytes). If an empty string is assigned at this parameter, the e-mail is sent without text. E-mail attachment (optional) Reference to a byte/word/double word field (ArrayOfByte, ArrayOfWord or ArrayOfD Word) with a maximum length of 64 Kb. If no value is assigned, the e-mail is sent without an attachment. STRING D, L or con stant VARIANT D E-mail attachment name (optional) Reference to a character string with a maxi mum length of 50 characters (bytes) to de fine the file name of the attachment. If an empty string is assigned at this parameter, the attachment of the e-mail is received with a file name assigned by the e-mail receiving program. It is therefore recommended to use a defined file name. Connection parameter and address of the email server To define the connection parameters, use the structure TMail_V4, TMail_V6 or TMail_FQDN (see parameter description). 4237 Programming the PLC 11.4 Instructions Parameter Declara tion Data type Memory area Description DONE (Page 4248) Output BOOL I, Q, M, D, L Status parameter BUSY (Page 4248) Output DONE = 0: Job not yet started or still executing. DONE = 1: Job executed without errors. BOOL I, Q, M, D, L Status parameter BUSY = 0: Processing of "TMAIL_C" was terminated BUSY = 1: Sending of an e-mail is not yet complete. ERROR (Page 4248) Output BOOL I, Q, M, D, L Status parameter ERROR = 0: No error occurred. ERROR = 1: An error occurred during processing. STATUS supplies detailed information on the type of error. STATUS (Page 4249) Output WORD I, Q, M, D, L Status parameter Return value or error information of the "TMAIL_C" instruction (see parameter de scription). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Optional parameters The optional parameters CC, TEXT, and ATTACHMENT are only sent with the e-mail if the corresponding parameters contain a string of length > 0. Example You will find an example of sending e-mails with the TMAIL_CExample: Sending an e-mail with TMAIL_C (Page 4252) instruction with the following link: See also Difference between synchronous and asynchronous instructions (Page 2436) Description TMAIL_C as of version V4.0 (S7-1200, S7-1500) Introduction The instruction TMAIL_C as of version V4.0 is described below. This description does not include all details, but instead explains the differences as compared to the instruction versions < V4.0. 4238 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The handling of the required certificates is also not described here. Description You use the instruction TMAIL_C as of version V4.0 to send an e-mail using Secure Communication via the Ethernet interface of the following modules: CP 15431 V2.0 CP 1542SP1 IRC V1.0 CP 1543SP1 V1.0 CP 12427 GPRS V2, Firmware version V2.1 CP 12437 LTE V2.1 CP 12438 V2.1 The data required for the sending process including the TCP port of the email server is defined with one of the system data types TMAIL_V4_SEC or TMAIL_QDN_SEC at the parameter MAIL_ADDR_PARAM. Note Compatibility with the TMAIL_C versions < V4.0 For reasons of compatibility, you can also use the existing system data types TMAIL_V4 and TMAIL_FQDN. In this case, you can also send an email via the Ethernet interfaces of the CPU and the Ethernet interface of the CP 15431. Restrictions for the CP You must observe the following rules: You may use only one CP as email client for each TMAIL_C instance. All email servers to which emails are to be sent must be reachable via the IP network from a CP that is used as email client. If an email server is to be reached via its fully qualified domain name, the DNS servers, which are configured in the CP, must also be reachable in the IP network. WinCC Advanced V14 System Manual, 10/2016 4239 Programming the PLC 11.4 Instructions Parameters Parameter Declara tion Data type Memory area Input VARIANT D Description ... MAIL_ADDR_ PARAM (Page 4244) The data required for the send process (in cluding the connection parameters, the ad dress of the email server and the TCP port used) Select one of the following system data types for this: TMail_V4_SEC TMail_QDN_SEC ... Diagnostic options when an error occurs You have the following two diagnostic options when an error occurs: Evaluation of the STATUS parameter The same values can occur as with the instruction-versions < V4.0. Only the value W#16#8015 receives an extension. It also occurs if you specify the hardware identifier of a CPU interface at the parameter InterfaceId. Evaluation of the MS_STATUS tag in the instance data of TMAIL_C. This tag has been added in the version V4.0 of TMAIL_C. It contains both the protocol codes and their associated textual descriptions as they are defined in RFC 3207 "SMTP Service Extension for Secure SMTP over Transport Layer Security". Examples of diagnostic information in MS_STATUS: - 550 SMTP AUTH required before submission - 550 StartTLS required - 550 Requested action not taken TO_S and CC parameters (S7-1200, S7-1500) Description The TO_S and CC parameters are strings, for example, with the following content: <wenna@mydomain.com>, <ruby@mydomain.com> <admin@mydomain.com>, <judy@mydomain.com> Note the following rules when entering the parameters: A space and an opening pointed bracket "<" must be entered before each address. A closing pointed bracket ">" must be entered after each address. A comma must be entered between the addresses in TO and CC. 4240 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For runtime and memory space reasons, the "TMAIL_C" instruction does not perform a syntax check of parameter TO_S or CC. MAIL_ADDR_PARAM parameter (S7-1200, S7-1500) Description At the MAIL_ADDR_PARAM parameter, you define the connection for sending the e-mail in the structure TMail_V4, TMail_V6 or Tmail_FQDN, and save the e-mail server address and login details. The structure you use at the MAIL_ADDR_PARAM parameter depends on the format in which the e-mail server is to be addressed: TMail_V4: Addressing by IP address to IPv4. TMail_V6: Addressing by IP address to IPv6. TMail_FQDN: Addressing by fully qualified domain name (FQDN). Which structure you can use depends on the interface addressed at the InterfaceId parameter: If you want to use the "TMAIL_C" instruction with the internal interface, the TMail_V4 structure must be used at the MAIL_ADDR_PARAM parameter. If you are using a communication processor (CP) or communication module (CM), you can use all three addressing options (IPv4, IPv6 and FQDN). WinCC Advanced V14 System Manual, 10/2016 4241 Programming the PLC 11.4 Instructions Table 11-79 TMail_V4: Addressing the mail server by IP address (IPv4) Parameter Data type TMail_V4 Struct Description InterfaceId LADDR Hardware identifier of the interface ID CONN_OUC Connection ID ConnectionType BYTE Connection type. Select 16#20 as the connection type for IPv4. ActiveEstablished BOOL Status bit. Set to "1" once the connection is established. CertIndex BYTE =0: SMTP used (Simple Mail Transfer Protocol). SMTP must be used if the e-mail is being sent via the interface of an S7-1500 CPU. 0: SMTPS used to secure the connection before it is established (with CPs/CMs). WatchDogTime TIME Execution watchdog. Use this parameter to define the max imum execution time for the send operation. Note: Connection establishment can take longer (approx. one minute) if the connection is slow. When you specify the WATCH_DOG_TIME parameter, remember to allow for the time required to establish the connection. The connection is terminated once the specified time has elapsed. MailServerAddress IP_V4 IP address of the mail server. IPv4 in the following format: XXX.XXX.XXX.XXX (decimal). Example: 192.142.131.237. 4242 UserName STRING[254] Mail server login name PassWord STRING[254] Mail server password From EMAIL_ADDR E-mail sender address, which is defined using the following two STRING parameters. For example: "myname@mymail server.com". LocalPartPlusAt Sign STRING[64] Local part of sender address, including @ sign. Example: "myname@" FullQualifiedDo mainName STRING[254] Fully Qualified Domain Name (abbreviated to FQDN) of the mail server. Example: "mymailserver.com" WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-80 TMail_V6: Addressing the mail server by IP address to IPv6 Parameter Data type TMail_V6 Struct InterfaceId Description LADDR Hardware identifier of the interface ID CONN_OUC Connection ID ConnectionType BYTE Connection type. Select 16#21 as the connection type for IPv6. ActiveEstablished BOOL Status bit. Set to "1" once the connection is established. CertIndex BYTE =0: SMTP used (Simple Mail Transfer Protocol). SMTP must be used if the e-mail is being sent via the interface of an S7-1500 CPU. 0: SMTPS used to secure the connection before it is established (with CPs/CMs). You use the CertIndex parameter to specify the certificate to be used (see "Project navigation" > "Global security settings" > "Certificate manager"). WatchDogTime TIME Execution watchdog. Use this parameter to define the maxi mum execution time for the send operation. Note: Connection establishment can take longer (approx. one minute) if the connection is slow. When you specify the WATCH_DOG_TIME parameter, remember to allow for the time required to establish the connection. The connection is terminated once the specified time has elapsed. MailServerAddress IP_V6 IP address of the mail server (IPv6) in the following format: XXXX.XXXX.XXXX.XXXX.XXXX.XXXX.XXXX.XXXX (hexa decimal). The address is divided into 8 blocks of 2 bytes each (16 bytes in total). Example: 2001:db8:1f11:08d3:290:27ff:0370:2093 WinCC Advanced V14 System Manual, 10/2016 UserName STRING[254] Mail server login name PassWord STRING[254] Mail server password From EMAIL_ADDR E-mail sender address, which is defined using the following two STRING parameters. For example: "myname@mymail server.com". LocalPartPlusAt Sign STRING[64] Local part of sender address, including @ sign. Example: "myname@" FullQualifiedDo mainName STRING[254] Fully Qualified Domain Name (abbreviated to FQDN) of the mail server. Example: "mymailserver.com" 4243 Programming the PLC 11.4 Instructions Table 11-81 TMail_FQDN: Addressing the mail server via the FQDN Parameter Data type TMail_V6 Struct Description TMail_FQDN LADDR Hardware identifier of the interface ID CONN_OUC Connection ID ConnectionType BYTE Connection type. Select 16#22 as the connection type for FQDN. ActiveEstablished BOOL Status bit. Set to "1" once the connection is established. CertIndex BYTE =0: SMTP used (Simple Mail Transfer Protocol). SMTP must be used if the e-mail is being sent via the interface of an S7-1500 CPU. 0: SMTPS used to secure the connection before it is established (with CPs/CMs). You use the CertIndex parameter to specify the certificate to be used (see "Project navigation" > "Global security settings" > "Certificate manager"). WatchDogTime TIME Execution watchdog. Use this parameter to define the maxi mum execution time for the send operation. Note: Connection establishment can take longer (approx. one minute) if the connection is slow. When you specify the WATCH_DOG_TIME parameter, remember to allow for the time required to establish the connection. The connection is terminated once the specified time has elapsed. MailServerAddress STRING[254] FQDN (Fully Qualified Domain Name) of the mail server. The mail server is addressed using the fully qualified domain name. Example: "www.mymailserver.com." UserName STRING[254] Mail server login name PassWord STRING[254] Mail server password From Struct E-mail sender address, which is defined using the following two STRING parameters. For example: "myname@mymail server.com". LocalPartPlusAt Sign STRING[64] Local part of sender address, including @ sign. Example: "myname@" FullQualifiedDo mainName STRING[254] Fully Qualified Domain Name (abbreviated to FQDN) of the mail server. Example: "mymailserver.com" Parameter MAIL_ADDR_PARAM as of Version 4.0 of TMAIL_C (S7-1200, S7-1500) Description You use the MAIL_ADDR_PARAM parameter to specify the data required for the send process, for example the connection parameters, the address of the email server and the TCP port used. 4244 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Depending on the format in which the e-mail server is to be addressed, you use one of the following structures at the MAIL_ADDR_PARAM parameter: TMail_V4_SEC: Addressing via the IP address in IPv4 format TMail_QDN_SEC: Addressing via the fully qualified host name (FQDN) TMail_V4_SEC: Addressing of the mail server via the IP address in IPv4 format Parameter Data type TMail_V4_SEC Struct Description InterfaceId LADDR Hardware identifier of the Ethernet interface ID CONN_OUC Connection ID ConnectionType BYTE Connection type. Select 16#20 as the con nection type for IPv4. ActiveEstablishment BOOL Active/passive connection establishment. Because the CP is always the SMTP client, this parameter must be set to "1". WatchDogTime TIME Execution watchdog. Use this parameter to define the maximum execution time for the send operation. Note: Connection establishment can take longer (approx. one minute) if the connection is slow. When you specify the WatchDog Time parameter, remember to allow for the time required to establish the connection. The connection is terminated once the speci fied time has elapsed. MailServerAddress IP_V4 IP address of the mail server intrinsic in IPv4 format: XXX.XXX.XXX.XXX (decimal place). Example: 192.142.131.237. UserName STRING[254] User name. This is required if users wants to access their email inbox in order to identify themselves as the owner of the email inbox to the email provider. PassWord STRING[254] User password. This is required if users wants to access their email inbox in order to identify themselves as the owner of the email inbox to the email provider. From WinCC Advanced V14 System Manual, 10/2016 EMAIL_ADDR E-mail sender address, which is defined us ing the following two STRING parameters. For example: "myname@mymailserv er.com". LocalPartPlusAtSign STRING[64] Local part of sender address, including @ sign. Example: "myname@" FullQualifiedDomainName STRING[254] Fully Qualified Domain Name (abbreviated to FQDN) of the mail server. Example: "my mailserver.com" 4245 Programming the PLC 11.4 Instructions Parameter Data type Description RemotePort UINT TCP port of the mail server ActivateSecureConn BOOL 1: Secure SMTP connection 0: SMTP connection (non-secure). In this case, the following parameters are irrelevant. 4246 ExtTLSCapabilities BYTE Not currently used TLSServerCertRef UDINT Reference to the X.509 V3 (CA) certificate of the mail server, which is used by the TLS client to validate the authentication of the TLS server. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TMail_QDN_SEC: Addressing of the mail server via FQDN Parameter Data type TMail_QDN_SEC Struct Description InterfaceId LADDR Hardware identifier of the Ethernet interface ID CONN_OUC Connection ID ConnectionType BYTE Connection type. Select 16#22 as the con nection type for FQDN. ActiveEstablishment BOOL Active/passive connection establishment. Because the S7-CP is always the SMTP cli ent, this parameter must be set to "1". WatchDogTime TIME Execution watchdog. Use this parameter to define the maximum execution time for the send operation. Note: Connection establishment can take longer (approx. one minute) if the connection is slow. When you specify the WatchDog Time parameter, remember to allow for the time required to establish the connection. The connection is terminated once the speci fied time has elapsed. MailServerQDN STRING[254] FQDN (Fully Qualified Domain Name) of the mail server. The mail server is addressed using the fully qualified domain name, which must be end with "." Example: "www.mymailserver.com" UserName STRING[254] User name This is required if users wants to access their email inbox in order to identify themselves as the owner of the email inbox to the email provider. PassWord STRING[254] User password This is required if users wants to access their email inbox in order to identify themselves as the owner of the email inbox to the email provider. From WinCC Advanced V14 System Manual, 10/2016 EMAIL_ADDR E-mail sender address, which is defined us ing the following two STRING parameters. For example: "myname@mymailserv er.com". LocalPartPlusAtSign STRING[64] Local part of sender address, including @ sign. Example: "myname@" FullQualifiedDomainName STRING[254] Fully Qualified Domain Name (abbreviated to FQDN) of the mail server. Example: "my mailserver.com" 4247 Programming the PLC 11.4 Instructions Parameter Data type Description RemotePort UINT TCP port of the mail server ActivateSecureConn BOOL 1: Secure SMTP connection 0: Unsecured SMTP connection In this case, the following parameters are irrelevant. ExtTLSCapabilities BYTE Not currently used TLSServerCertRef UDINT Reference to the X.509 V3 (CA) certificate of the mail server, which is used by the TLS client to validate the authentication of the TLS server. DONE, BUSY and ERROR parameters (S7-1200, S7-1500) Description The output parameters DONE, BUSY and ERROR are each displayed for only one cycle if the status of the BUSY output parameter changes from "1" to "0". The following table shows the relationship between DONE, BUSY, and ERROR. Using this table, you can determine the current status of the instruction "TMAIL_C and when the sending of the e-mail is complete. 4248 DONE BUSY ER ROR Description 0 1 0 The job is being processed. 1 0 0 Job successfully completed. 0 0 1 The job ended with an error. The cause of the error can be found in the STATUS (Page 4249) parameter. 0 0 0 The "TMAIL_C" instruction was not assigned a (new) job. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STATUS parameter (S7-1200, S7-1500) Description The following table shows the return values of "TMAIL_C" at the STATUS parameter: Return value Explanation Notes STATUS* (W#16#...): 0000 The processing of "TMAIL_C" was completed without errors. Error-free completion of "TMAIL_C" does not mean that the e-mail sent will necessarily ar rive. Incorrectly entering the recipient addresses does not generate a status error of the "TMAIL_C" instruction. In this case, there is no guarantee that the e-mail will be sent to other recipients, even if these were entered correctly. WinCC Advanced V14 System Manual, 10/2016 7001 "TMAIL_C" is active (BUSY = 1). First call: Job triggered. 7002 "TMAIL_C" is active (BUSY = 1). Intermediate call: Job already active. 8xxx The processing of "TMAIL_C" was completed with an error code of the communication instructions called in ternally. For detailed information, please refer to the STATUS parameter descriptions for the "TCON (Page 4258)", "TDISCON (Page 4264)", "TSEND (Page 4269)" and "TRCV (Page 4273)" communication instruc tions. 8010 Error during connection establishment You can find further information on evaluation in the SFB_STATUS parameter of the instance data block. The error code displayed at the SFB_STATUS parameter is explained in the STATUS parameter description for the "TCON (Page 4258)" instruction. 8011 Error sending the data You can find further information on evaluation in the SFB_STATUS parameter of the instance data block. The error code displayed at the SFB_STATUS parameter is explained in the STATUS parameter description for the "TSEND (Page 4269)" instruction. 8012 Error receiving the data You can find further information on evaluation in the SFB_STATUS parameter of the instance data block. The error code displayed at the SFB_STATUS parameter is explained in the STATUS parameter description for the "TRCV (Page 4273)" instruction. 8013 Error during connection establishment You can find further information on evaluation in the SFB_STATUS parameter of the instance data block. The error code displayed at the SFB_STATUS parameter is explained in the STATUS parameter description for the TCON (Page 4258)" and "TDISCON (Page 4264)" in structions. 4249 Programming the PLC 11.4 Instructions Return value Explanation Notes STATUS* (W#16#...): 4250 8014 Establishment of a connection is not possible. You may have entered an incorrect mail server IP address (MailServerAddress (Page 4241)) or too short a time span (WatchDogTime (Page 4241)) for connection establishment. It is also possible that the CPU has no connection to the network or that the CPU configuration is incorrect. 8015 Incorrect data type for MAIL_ADDR_PARAM The only valid data types are the system data types (structures) TMail_V4, TMail_V6 and TMail_FQDN. 8016 Incorrect data type for the ATTACH MENT parameter The only valid data types are ArrayOfByte, Ar rayOfWord and ArrayOfDWord. 8017 Incorrect data length for the ATTACH Data length must be <= 65534 bytes. MENT parameter 8401 No channels available. Possible Specific error for CP 1543 cause: There is already an e-mail con nection via the CP. A second connec tion cannot be established in parallel. 8403 A TCP/IP connection to the mail server was not possible. Specific error for CP 1543 8405 Server has denied login request. Specific error for CP 1543 8406 SMTP client has detected an internal Specific error for CP 1543 SSL error or a problem with the certifi cate structure. 8407 Request to use SSL denied. Specific error for CP 1543 8408 Client unable to identify socket for es tablishing a TCP/IP connection to the mail server. Specific error for CP 1543 8409 Writing via the connection not possi ble. Possible cause: The communica tion partner has reset the connection or the connection has been lost. Specific error for CP 1543 8410 Reading via the connection not possi ble. Possible cause: The communica tion partner has reset the connection or the connection has been lost. Specific error for CP 1543 8411 E-mail could not be sent. Cause: Insuf Specific error for CP 1543 ficient memory space to execute the send operation. 8412 Configured DNS server was unable to resolve the specified domain name. Specific error for CP 1543 8413 An internal error in the DNS subsys tem prevented domain name resolu tion. Specific error for CP 1543 8414 Empty character string entered as do Specific error for CP 1543 main name. 8415 An internal error has occurred in the Specific error for CP 1543 cURL module. Execution was stopped. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Return value Explanation Notes STATUS* (W#16#...): WinCC Advanced V14 System Manual, 10/2016 8416 An internal error has occurred in the SMTP module. Execution was stop ped. Specific error for CP 1543 8417 Request to SMTP on a channel al Specific error for CP 1543 ready in use or invalid channel ID. Ex ecution was stopped. 8418 E-mail send job aborted. Possible cau Specific error for CP 1543 ses: Execution time exceeded (Watch DogTime parameter) or CP transition from start to stop. 8419 Channel interrupted and cannot be used before the connection is closed. Specific error for CP 1543 8420 Server certificate string could not be verified with CP root certificate. Specific error for CP 1543 8421 Internal error occurred. Execution was stopped. Specific error for CP 1543 82xx, 84xx, or 85xx The error message originates from the mail server and corresponds, except for the "8", to the error number of the SMTP protocol. 8450 Action not executed: Mailbox not avail Try again later. able/cannot be reached 8451 Action aborted: Local processing error Try again later. 8500 Syntax error: Error not recognized. This also includes the error when a command string is too long. This can also occur when the e-mail server does not support the LOGIN authenti cation procedure. Check the parameters of "TMAIL_C". Try to send an e-mail without authentication. To do this, replace the content of the UserName pa rameter with an empty string. If no user name is specified, the LOGIN authentication proce dure is not used. 8501 Syntax error: Incorrect input at a pa rameter Possible cause: Incorrect address at the param eters TO_S or CC (see also: TO_S and CC pa rameters (Page 4240)). 8502 Command unknown or not implemen ted Check your entries, in particular the FROM pa rameter. It may be incomplete and you may have forgotten the "@" or "." (see also: TO_S and CC parameters (Page 4240)). 8504 Command parameters not implemen ted Check your entries, in particular the FROM pa rameter. It may be incomplete and you may have forgotten the "@" (see also: TO_S and CC parameters (Page 4240)). 8535 SMTP authentication incom plete You have possibly entered an incorrect user name or incorrect password. You can find more detailed information on the SMTP error code and other error codes in the SMTP protocol on the Internet or in the error documentation of the mail server. You can also The following lines list several error co view the most recent error message from the mail server in your instance DB in the BUF des that can occur. FER1 parameter. You can find the last data sent by the "TMAIL_C" instruction under DAT EN in the instance DB. 4251 Programming the PLC 11.4 Instructions Return value Explanation Notes STATUS* (W#16#...): 8550 Mail server cannot be reached. You have no access rights. You may have entered an incorrect user name or password, or the mail server may not support your login. Another cause of error could be an incorrect entry of the domain name after the "@" or a missing "." at the TO_S, CC and FROM parameters (see also: TO_S and CC parame ters (Page 4240)). 8552 Action aborted: Assigned memory size has been exceeded Try again later. 8554 Transfer failed Try again later. 8555 Error due to incorrect entry of the email address. If multiple addresses were entered, these need to be separated by a comma. * The error codes can be displayed as integer or hexadecimal values in the program editor. For infor mation on switching the display formats, refer to "See also". Example: Sending an e-mail with TMAIL_C (S7-1200, S7-1500) Introduction The following call example shows you how the TMAIL_C instruction works. Requirements Hardware must be configured beforehand for sending e-mail and the infrastructure of the network must allow a communication connection to the mail server. In addition, you need to create two structures to supply the input parameters of TMAIL_C: One for the e-mail attachment, the other for the connection information and address data. E-mail attachment The e-mail should be sent with an attachment. Create an Array of Byte with the name "Data" in a global data block as a source for the attachment. The array will be interconnected with the ATTACHMENT input parameter at a later time. Connection information and address data 4252 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You enter the connection information of the CPU and address data of the mail server in the TMail_V4 system data type: Create a "Par1" tag with the "TMail_V4" data type in a global data block. In the following structure, enter the parameters of your CPU based on the configuration and the connection data of your mail server. For more information, refer to the description of the MAIL_ADDR_PARAM (Page 4241) input parameter. The "Par1" tag will be interconnected with the MAIL_ADDR_PARAM input parameter later. Calling the instruction Create a new function block in the SCL language with the following interfaces: InOut - Name: SendEMail - Data type: Bool Static - Name: STATUS - Data type: Word WinCC Advanced V14 System Manual, 10/2016 4253 Programming the PLC 11.4 Instructions Copy the following source code with the call for TMAIL_C to the programming window: Call TMAIL_C BEGIN IF #SendEMail = true THEN "TMAIL_C_DB"(REQ := NOT "TMAIL_C_DB".BUSY, TEXT := 'The cpu switched to run', ATTACHMENT := "MyDBMailAttachment".Data, MAIL_ADDR_PARAM := "MyDBSendMail".Par1); IF ("TMAIL_C_DB".BUSY = false) AND ("TMAIL_C_DB".DONE = false) AND ("TMAIL_C_DB".ERROR = false) THEN #SendEMail := false; END_IF; IF ("TMAIL_C_DB".DONE = false) OR ("TMAIL_C_DB".ERROR = true) THEN #STATUS := "TMAIL_C_DB".STATUS; END_IF; END_IF; Result This instruction must be called once with SendEMail = true. In the following calls, SendEMail should not be allocated when calling. SendEMail is reset by the instruction shown, as soon as an e-mail has been sent or an error has occurred during sending. If the email was not sent successfully, the STATUS parameter contains the corresponding value of the STATUS parameter from the TMAIL_C instruction. See also Description of TMAIL_C (Page 4235) Other (S7-1200, S7-1500) TCON: Establishing a communication connection (S7-1200, S7-1500) TCON: Establish communication connection (S7-1200) Validity The following description of the "TCON" instruction applies to S7-1200 CPUs with firmware version < V4.0. 4254 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Description You use the "TCON" instruction to set up and establish a communication connection. Once the connection has been set up and established, it is automatically maintained and monitored by the CPU. "TCON" executes asynchronously. The connection data specified for the CONNECT and ID parameters are used to set up the communication connection. To establish the connection, a rising edge must be detected at the REQ parameter. Once the connection is successfully established, the DONE parameter is set to "1". Note Support when programming connections If you select an instruction for communication TCON, TSEND_C or TRCV_C in a program block and create connections of the type TCP, UDP or ISO-on-TCP and want to assign parameters to them, you can use the support of the connection parameter assignment. You can find the connection parameter assignment the Inspector window of the program editor. Number of possible connections For information on the number of possible communication connections, refer to the technical specifications for your CPU. TCP and ISOonTCP connections Both communication partners call the "TCON" instruction to set up and establish the communication connection. During parameter assignment, you specify which partner is the active communication end point and which is the passive one. If the connection aborts, for example due to a line break or due to the remote communication partner, the active partner attempts to reestablish the configured connection. You do not have to call "TCON" again. This applies only if "TCON" has been executed successfully once (DONE = 1). An existing connection is terminated and the connection set up is removed when the "TDISCON (Page 4264)" instruction is executed or when the CPU changes to STOP mode. To set up and establish the connection again, you will need to execute "TCON" again. Parameters The following table shows the parameters of the "TCON" instruction: Parameter Declaration Data type REQ Input BOOL I, Q, M, D, L or con stant Starts the job to establish the connection speci fied in the ID upon a rising edge. ID Input CONN_OUC I, Q, M, D, L or con stant Reference to the assigned connection. D Pointer to the connection description CONNECT InOut TCON_Param Memory area Description Value range: W#16#0001 to W#16#0FFF See also: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 4255 Programming the PLC 11.4 Instructions Parameter Declaration Data type DONE Output BOOL Memory area I, Q, M, D, L Description Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started ERROR Output BOOL I, Q, M, D, L Status parameter ERROR: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. You use the DONE parameter to check whether or not a job has been executed successfully. The ERROR parameter is set when errors occurred during execution of "TCON". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 0 0 The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new job was assigned. ERROR and STATUS parameters ERROR STATUS* (W#16#...) Explanation 0 0000 Connection successfully established. 0 7000 No job processing active 0 7001 Start job execution, establish connection. 0 7002 Connection is being established (REQ irrelevant). 1 8085 Connection ID (ID parameter) is already being used by a configured connection. 1 8086 The ID parameter is outside the valid range. 1 8087 Maximum number of connections reached; no additional connection possible 1 8089 The CONNECT parameter does not point to a data block. 1 809A The structure at the CONNECT parameter is not supported on an integrated interface or the length is invalid or an incorrect "InterfaceID" is specified in the connection description (SDT). 4256 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* (W#16#...) Explanation 1 809B The element InterfaceId within the TCON_xxx structure does not reference a hardware identifier of a CPU or CM/CP interface or has the value "0". 1 80A0 Group error for error codes W#16#80A1 and W#16#80A2. 1 80A1 The specified connection or the port is already being used. 1 80A2 Local or remote port is being used by the system. 1 80A3 Attempt being made to re-establish an existing connection. 1 80A4 IP address of the remote endpoint of the connection is invalid, in other words, it matches the IP address of the local partner. 1 80A5 Connection ID is already in use. 1 80A7 Communication error: You executed "TDISCON (Page 4264)" before "TCON" had completed. 1 80B2 The CONNECT parameter points to a data block that was generated with the attribute "Only store in load memory". 1 80B4 You have violated one or more of the following conditions for passive connection establishment with the ISO-on-TCP protocol variant (connection_type = B#16#12): local_tsap_id_len >= B#16#02 local_tsap_id[1] = B#16#E0 With local_tsap_id_len >= B#16#03, local_tsap_id[1] is an ASCII character. local_tsap_id[1] is an ASCII character and local_tsap_id_len >= B#16#03. 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP. 1 80B6 Parameter assignment error at the connection_type parameter of the SDT TCON_Param. 1 80B7 Error in one of the following parameters of the data block for connection description: block_length, local_tsap_id_len, rem_subnet_id_len, rem_staddr_len, rem_tsap_id_len, next_staddr_len. Note: If you call TCON in TCP for the passive end, local_tsap_id_len must have the value 2 and rem_tsap_id_len the value 0. 1 80B8 Connection description of the structure element ID and the block parameter ID are not identical. 1 80C3 All connection resources are in use. 1 80C4 Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is currently receiving new parameters. The configured connection is currently being removed by a "TDISCON (Page 4264)" instruction. * The error codes in the program editor can be displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4257 Programming the PLC 11.4 Instructions TCON: Establish communication connection (S7-1200, S7-1500) Description You use the "TCON" instruction to set up and establish a communication connection. Once the connection has been set up and established, it is automatically maintained and monitored by the CPU. "TCON" executes asynchronously. The connection data specified for the CONNECT and ID parameters are used to set up the communication connection. At the CONNECT parameter, if possible, only use the predefined structures as created by the connection parameter assignment in the Inspector window of the program editor. To establish the connection, a rising edge must be detected at the REQ parameter. Once the connection is successfully established, the DONE parameter is set to "1". Note Support when programming connections If you select an instruction for communication TCON, TSEND_C or TRCV_C in a program block and wish to create and assign parameters to connections of the type TCP, UDP, ISOonTCP or FDL, you can use the support of the connection parameter assignment. You can find the connection parameter assignment in the Inspector window of the program editor. Number of possible connections For information on the number of possible communication connections, refer to the technical specifications for your CPU. Connection with TCP and ISOonTCP Both communication partners call the "TCON" instruction to set up and establish the communication connection. During parameter assignment, you specify which partner is the active communication end point and which is the passive one. If the connection aborts, for example due to a line break or due to the remote communication partner, the active partner attempts to reestablish the configured connection. You do not have to call "TCON" again. This applies only if "TCON" has been executed successfully once (DONE = 1). An existing connection is terminated and the connection set up is removed when the "TDISCON (Page 4264)" instruction is executed or when the CPU changes to STOP mode. To set up and establish the connection again, you will need to execute "TCON" again. Telecontrol connections between CP and SMS client Use the TCON_PHONE system data type for connection description in the CONNECT parameter. 4258 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For this connection type, the station requires access to the mobile network via a mobile network CP. FDL connections To set up the FDL connections of the CM 15425, see AUTOHOTSPOT. Parameter The following table shows the parameters of the "TCON" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Starts the job to establish the connection speci fied on a rising edge. ID Input CONN_OUC I, Q, M, D, L or con stant Reference to the assigned connection. CONNECT InOut VARIANT D Pointer to the connection description Value range: W#16#0001 to W#16#0FFF For TCP or UDP, use the structure TCON_IP_v4 or TCON_QDN For description, refer to: AUTOHOTSPOT or AUTOHOTSPOT For TCP or UDP using secure communication, use the structure TCON_IP_V4_SEC or TCON_QDN_SEC For description, refer to: AUTOHOTSPOT or AUTOHOTSPOT For ISO-on-TCP, use the structure TCON_IP_RFC For a description, refer to: AUTOHOTSPOT For ISO connections of the CP 15431, use the structure TCON_ISOnative. For description, refer to: "Structure of the connection description according to TCON_ISOnative" For connections to SMS clients, use the TCON_PHONE system data type. For a description, refer to AUTOHOTSPOT. For FDL connections of the CM 15425, use the system data type TCON_FDL; see AUTOHOTSPOT. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or still in progress 1: Job completed without error WinCC Advanced V14 System Manual, 10/2016 4259 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started ERROR Output BOOL I, Q, M, D, L Status parameter ERROR: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. You use the DONE parameter to check whether or not a job has been executed successfully. The ERROR parameter is set when errors occurred during execution of "TCON". The error information is output at the STATUS parameter. The instruction "TCON" generates an error message in version 3.0 if an active connection establishment to a remote partner fails. Create a rising edge at the REQ parameter to establish a connection once again. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 0 0 The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new job was assigned. Structure of the connection description according to TCON_ISOnative A connection description DB with a structure according to TCON_ISOnative is used to assign the communication connection parameters for ISO. The fixed data structure of the TCON_ISOnative contains all parameters that are required to establish the connection. Byte Parameter Data type Start value Description 0... 1 InterfaceId HW_ANY 0 Hardware identifier of the CP interface 2... 3 ID CONN_OUC 1 Reference to this connection (unique ID in the value range: 1 to 4095). 4 ConnectionType BYTE 16#16 Connection type: ISO 5 ActiveEstablished BOOL TRUE ID for the manner in which the connection is established: FALSE: Passive connection establishment TRUE: Active connection establishment 4260 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Byte Parameter Data type Start value Description 8 to 13 ARRAY [1..6] of BYTE - RemoteMacAddress MAC address of the partner end point, for example, for 00-74-41-FD-AE-84: MacAddr[1] = 00 MacAddr[2] = 74 MacAddr[3] = 41 MacAddr[4] = FD MacAddr[5] = AE MacAddr[6] = 84 14 19 LocalMacAddress ARRAY [1..6] of BYTE - MAC address of the local end point, for example, for 00-74-41-FD-AE-84: MacAddr[1] = 00 MacAddr[2] = 74 MacAddr[3] = 41 MacAddr[4] = FD MacAddr[5] = AE MacAddr[6] = 84 20 53 RemoteTSelector Struct - TSelector of the remote connection partner: Bytes 20 to 21 = TSelLength Bytes 22 to 53 = TSel[1-32] 54 87 TSelLength UINT - Value range from 0 to 32 TSel ARRAY [1..32] of BYTE - Value range in each case 0 to 255 in bytes Struct - TSelector of the remote connection partner: LocalTSelector Bytes 20 to 21 = TSelLength Bytes 22 to 53 = TSel[1-32] TSelLength UINT Value range from 0 to 32 TSel ARRAY [1..32] of BYTE - Value range in each case 0 to 255 in bytes 88 89 CrRetransmitionTime UINT - Duration until connection attempt is repeated in seconds. 90 91 DataRetransmition Time UINT 100 ms Duration until data transfer is repeated in milliseconds. 92 93 MaxRetransmition Count UINT - Maximum number of repetitions. 94 95 InactivityTime UINT - in seconds 96 97 WindowTime UINT WinCC Advanced V14 System Manual, 10/2016 in seconds 4261 Programming the PLC 11.4 Instructions ERROR and STATUS parameters ERROR STATUS* (W#16#...) Explanation 0 0000 Connection successfully established. 0 7000 No job processing active 0 7001 Start job execution, establish connection. 0 7002 Connection is being established (REQ irrelevant). 1 8085 Connection ID (ID parameter) is already being used by a configured connection. 1 8086 The ID parameter is outside the valid range. 1 8087 Maximum number of connections reached; no additional connection possible 1 8089 The CONNECT parameter does not point to a connection description or the connection descrip tion was created manually. 1 809A The structure at the CONNECT parameter is not supported on an integrated interface or the length is invalid. 1 809B The element InterfaceId within the TCON_xxx structure does not reference a hardware identifier of a CPU or CM/CP interface or has the value "0". 1 80A1 The specified connection or the port is already being used. 1 80A2 Local or remote port is being used by the system. The following ports are reserved locally: 20, 21, 80, 102, 135, 161, 162, 443, 34962, 34963, 34964 as well as the area 49152 to 65535. 1 80A3 ID is used by a connection created by the user program, which uses the same connection de scription at the CONNECT parameter. 1 80A4 IP address of the remote endpoint of the connection is invalid or it corresponds to the IP address of the local partner. 1 80A7 Communication error: You executed "TDISCON (Page 4264)" before "TCON" had completed. 1 80B4 Only with TCON_IP_RFC: The local T selector was not specified or the first byte does not contain the value 0x0E (only with a length of T selector = 2) or the local T selector starts with "SIMATIC-". 1 80B5 Only passive connection establishment is permitted for connection type 13 = UDP (parameter ActiveEstablished of the structure TCON_IP_v4 / TCON_PARAM has the value TRUE). 1 80B6 Parameter assignment error in the ConnectionType parameter of the data block for connection description. Only valid with TCON_IP_v4: 0x11, 0x0B and 0x13. Only valid with TCON_IP_RFC: 0x0C and 0x12 1 80B7 With TCON_IP_v4: TCP (active connection establishment): Remote port is "0". TCP (passive connection establishment): Local port is "0". UDP: Local port is "0". IP address of the partner end point was set to 0.0.0.0. With TCON_IP_RFC: Local (LocalTSelector) or remote (RemoteTSelector) T selector was specified with a length of more than 32 bytes. For TSelLength of the T selector (local or remote), a length greater than 32 was entered. Error in the length of the IP address of the specific connection partner. IP address of the partner end point was set to 0.0.0.0. 1 4262 80B8 Parameter ID in the local connection description (structure at CONNECT parameter) and pa rameter ID of the instruction are different. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* (W#16#...) Explanation 1 80C3 All connection resources are assigned, or ports may be dynamically used by other applications or connections. 1 80C4 Temporary communication error: The connection cannot be established at this time. The connection cannot be established because the firewalls on the connection path are not open for the required ports. The interface is currently receiving new parameters. The configured connection is currently being removed by a "TDISCON (Page 4264)" instruction. 1 80C5 The connection partner refuses to establish the connection, has terminated the connection or actively ended it. 1 80C6 The connection partner cannot be reached (network error). 1 80C7 Execution timeout. 1 80C8 Value at the ID parameter is already being used by a connection that was created using the user program. The connection uses the identical ID, but different connection settings at the parameter CONNECT. 1 80C9 Validation of the connection partner failed. The connection partner that wants to establish the connection does not match the defined partner of the structure at the CONNECT parameter. 1 80CE The IP address of the local interface is 0.0.0.0. 1 80D0 In connection with TCP and the active connection end point: The remote_qdn parameter is an empty string. In this case, no connection can be established. 1 80D1 The remote_qdn parameter is not a fully qualified domain name. The period at the end may be missing. 1 80D2 No DNS server address is configured. 1 80D3 The fully qualified domain name could not be resolved. Possible causes: The DNS server is not reachable, for example, because it has been shut down or the remote port is not reachable. An error occurred during communication with the DNS server. The DNS server returned a valid DNS answer, but the answer contained no IPv4 address. 1 80E0 Unsuitable or poor message was received. 1 80E1 Error during the handshake. Possible causes: Abort by the user Security not high enough Renewed negotiation is not supported SSL/TLS version is not supported Validation of the host name failed 1 80E2 Not supported / invalid certificate Possible cause: The time-of-day of the module concerned is not set or the module is not synchronized. Example: The default setting for the date of the module is 1/1/2012 and it was not set during commissioning. The validity period of the certificate starts on 20 August 2016 and ends on 20 August 2024. In this case, the date of the module is outside the validity period of the certificate; the certificate is invalid for the module. 1 80E3 WinCC Advanced V14 System Manual, 10/2016 Certificate was discarded. 4263 Programming the PLC 11.4 Instructions ERROR STATUS* (W#16#...) Explanation 1 80E4 No valid certification authority found. 1 80E5 Certificate expired. 1 80E6 Internal error 1 80E7 Not supported extension in X.509-V3 certificate 1 80E9 TLS server without server certificate is not supported. 1 80EA DTLS (UDP) protocol is not supported. 1 80EB A client cannot request a client certificate. 1 80EC The server cannot perform validation based on the subjectAlternateName (only clients can do this). 1 80ED TLSServerCertRef_m-ID invalid * The error codes in the program editor can be displayed as integer or hexadecimal values. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) TDISCON: Terminate communication connection (S7-1200, S7-1500) Description The "TDISCON" instruction terminates a communications connection from the CPU to a connection partner. Functional description "The TDISCON" instruction works asynchronously, which means its job processing extends over multiple calls. You start the job for terminating a connection by calling the "TDISCON" instruction with REQ = 1. After "TDISCON" has been successfully executed, the ID specified for "TCON" is no longer valid and cannot be used for sending or receiving. The job status is indicated by the output parameters BUSY and STATUS. Here, STATUS corresponds to the output parameter RET_VAL of the asynchronous instructions (see also: Difference between synchronous and asynchronous instructions (Page 2436)). The following table shows the relationship between BUSY, DONE and ERROR. Using this table, you can recognize the current status of "TDISCON" or when the establishment of the connection is completed. BUSY DONE ERROR Description 1 0 0 The job is being processed. 0 1 0 Job successfully completed. 4264 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions BUSY DONE ERROR Description 0 0 1 The job ended with an error. The cause of the error can be found in the STATUS parameter. 0 0 0 The instruction was not assigned a (new) job. Parameters The following table shows the parameters of the instruction "TDISCON": Parameter Declaration Data type Memory area S7-1200 S7-1500 I, Q, M, D, L or constant REQ Input BOOL I, Q, M, D, L or constant ID Input CONN_OU C (WORD) D, L or constant I, Q, M, D, L or constant Description Control parameter REQUEST starts the job for terminating the connection speci fied by ID. The job starts on a rising edge. Reference to the connection to be termi nated (connection ID) Range of values: W#16#0001 to W#16#0FFF DONE Output BOOL I, Q, M, D, L I, Q, M, D, L Status parameter: 0: Job not yet started or still executing. 1: Job executed without errors BUSY Output BOOL I, Q, M, D, L I, Q, M, D, L Status parameter: BUSY = 1: The job is not yet completed. BUSY = 0: The job is completed or has not started yet. ERROR Output BOOL I, Q, M, D, L I, Q, M, D, L Status parameter: ERROR=0: No error. ERROR=1: Error occurred during processing. STATUS supplies detailed information on the type of error STATUS Output WORD I, Q, M, D, L I, Q, M, D, L Status parameter: Error information (see "Parameters ER ROR and STATUS") You will find more detailed information on valid data types in "Overview of the valid data types (Page 2131)". Parameters ERROR and STATUS ERROR STATUS* (W#16#...) Explanation 0 0000 Connection terminated successfully. 0 7000 No job processing active. 0 7001 Start of job processing, connection being terminated. 0 7002 Intermediate call (REQ irrelevant), connection being terminated. WinCC Advanced V14 System Manual, 10/2016 4265 Programming the PLC 11.4 Instructions ERROR STATUS* (W#16#...) Explanation 1 8086 The ID parameter is not in the permitted value range. 1 80A3 Attempt is being made to terminate a non-existent connection or the connection is already termi nated. 1 80C4 Temporary communication error: New parameters are being assigned to the interface or the con nection is currently being established. * The error codes can be displayed as integer or hexadecimal values in the program editor. For additional information on toggling display formats, refer to "See also". TSEND: Send data via communication connection (S7-1200, S7-1500) TSEND: Send data via communication connection (S7-1200) Description The following description of the "TSEND" instruction is valid for the CPU S7-1200 to version 3.0. You use the "TSEND" instruction to send data over an existing communication connection. TSEND executes asynchronously. You specify the send area with the DATA parameter. This includes the address and the length of the data to be sent. All data types except BOOL and Array of BOOL can be used for the data to be sent. The send job is executed when a rising edge is detected at the REQ parameter. With the LEN parameter, you specify the maximum number of bytes sent with a send job. When data is transferred with TCP (streaming protocol), the "TSEND" instruction provides no information about the length of the data sent to "TRCV (Page 4273)". When data is transferred with ISO-on-TCP (message-oriented protocol), the length of the data sent is communicated to "TRCV (Page 4273)". The amount of data sent with "TSEND" as packet must also be received again at the receiving end ("TRCV (Page 4273)"): - If the receive buffer is too small for the sent data, an error occurs at the receiving end. - If the receive buffer is sufficiently large, "TRCV" returns with DONE=1 as soon as the data packet is received. The data to be sent must not be edited until the send job is completed. If the send job executes successfully, the DONE parameter is set to "1". Signal state "1" at the DONE parameter is not confirmation that the data sent has already been read by the communication partner. 4266 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "TSEND" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con Starts the send job on a rising edge. stant ID Input CONN_OUC I, Q, M, D, L or con Reference to the connection established with "TCON". stant Value range: W#16#0001 to W#16#0FFF LEN Input UINT I, Q, M, D, L or con Maximum number of bytes to be sent with the job. stant DATA InOut VARIANT I, Q, M, D Pointer to the send area containing the address and the length of the data to be sent. The address refer ences: The process image of the inputs The process image of the outputs A bit memory A data block When transferring structures, the structures must be identical at the sending and receiving end. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or still in progress 1: Job completed without error BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started. ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". LEN and DATA parameters With LEN = 0 , all the data specified with the DATA parameter is sent. If the number of bytes at the LEN parameter is larger than the length of the data to be sent that was defined with the DATA parameter, the error code 8088 is output at the STATUS parameter (see description of the STATUS parameter below). If a structure (Struct) is referenced via the DATA parameter, LEN can be shorter than the structure. In this case, only the data up to the length of the LEN parameter is transferred. With data types STRING and WSTRING, all data is transferred if the parameter LEN = 0. When LEN > 0, the length must be at least the maximum number of bytes plus two additional bytes which contain the length information. You will find more detailed information on the structure of the data types in: "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4267 Programming the PLC 11.4 Instructions The maximum number of bytes that can be transmitted is 65534. When you use structured tags from optimized DBs, the address of the structured tag should be interconnected at the DATA parameter and the parameter LEN = 0. This guarantees type-safe transmission of the entire structure if the same structure is used at the receiving end. BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of "TSEND". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 0 0 The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is specified in the STATUS parameter. 0 0 0 No new job was assigned. Note Because "TSEND" is executed asynchronously, you must keep the data in the send area consistent until the DONE parameter or the ERROR parameter changes to the value "1". ERROR and STATUS parameters ERROR STATUS* (W#16#...) Description 0 0000 Send job completed without error. 0 7000 No job processing active. 0 7001 Start of job execution, data is being sent. When processing this job, the operating system accesses the data in the DATA send area. 0 7002 1 8085 Job executing (REQ irrelevant). When processing this job, the operating system accesses the data in the DATA send area. The LEN parameter is greater than the highest permitted value (65536). DATA and LEN parameters both have the value "0". 1 8086 The ID parameter is outside the permitted address range (1..0xFFF). 1 8088 The LEN parameter is greater than the area specified in DATA. 1 80A1 Communication error: The specified connection has not yet been established. The specified connection is being terminated. Transfer via this connection is not possible. The interface is being re-initialized. 4268 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* (W#16#...) Description 1 80B3 The protocol variant (ConnectionType parameter in the connection description) is set to UDP. Use the instruction "TUSEND" with a UDP connection. 1 80C3 A block with this ID is already being processed in a different priority group. Internal lack of resources. 1 80C4 Temporary communication error: The connection cannot be established to the partner at this time. The interface is receiving new parameter settings or the connection is being established. 1 80C5 Connection terminated by the communication partner. 1 80C6 Network error. Communication partner cannot be reached. 1 80C7 Execution timeout. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) TSEND: Send data via communication connection (S7-1200, S7-1500) Description The following description of the "TSEND" instruction is valid for: Ethernet CPU S7-1200 with firmware version V4.0 and CPU S7-1500 PROFIBUS FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL You use the "TSEND" instruction to send data over an existing communication connection. TSEND executes asynchronously. You specify the send area with the DATA parameter. This includes the address and the length of the data to be sent. All data types except BOOL and Array of BOOL can be used for the data to be sent. The send job is executed when a rising edge is detected at the REQ parameter. WinCC Advanced V14 System Manual, 10/2016 4269 Programming the PLC 11.4 Instructions With the LEN parameter, you specify the maximum number of bytes sent with a send job. When data is transferred with TCP (streaming protocol), the "TSEND" instruction provides no information about the length of the data sent to "TRCV (Page 4273)". When data is transferred with ISO-on-TCP (message-oriented protocol), the length of the data sent is communicated to "TRCV (Page 4273)". The amount of data sent with "TSEND" as packet must also be received again at the receiving end ("TRCV (Page 4273)"): - If the receive buffer is too small for the sent data, an error occurs at the receiving end. - If the receive buffer is sufficiently large, "TRCV" returns with DONE=1 as soon as the data packet is received. The data to be sent must not be edited until the send job is completed. If the send job executes successfully, the DONE parameter is set to "1". Signal state "1" at the DONE parameter is not confirmation that the data sent has already been read by the communication partner. Parameter The following table shows the parameters of the "TSEND" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con Starts the send job on a rising edge. stant ID Input CONN_OUC I, Q, M, D, L or con Reference to the connection established with "TCON". stant Value range: W#16#0001 to W#16#0FFF LEN Input UDINT I, Q, M, D, L or con Maximum number of bytes that are sent with the job stant (maximum permissible value for S7-1200: 8192, max imum permissible value for S7-1500: 65536). For FDL connections of the CM 15425, the maximum length is 240 bytes. In this regard, note the maximum lengths that can be processed by the connection part ner. DATA InOut VARIANT I, Q, M, D, L Pointer to the send area containing the address and the length of the data to be sent. The address refer ences: The process image of the inputs The process image of the outputs A bit memory A data block Local data When transferring structures, the structures must be identical at the sending and receiving end. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or still in progress 1: Job completed without error BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started. 4270 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". LEN and DATA parameters With LEN = 0 , all the data specified with the DATA parameter is sent. If the number of bytes at the LEN parameter is larger than the length of the data to be sent that was defined with the DATA parameter, the error code 8088 is output at the STATUS parameter (see description of the STATUS parameter below). If a structure (Struct) is referenced via the DATA parameter, LEN can be shorter than the structure. In this case, only the data up to the length of the LEN parameter is transferred. With data types STRING and WSTRING, all data is transferred if the parameter LEN = 0. When LEN > 0, the length must be at least the maximum number of bytes plus two additional bytes which contain the length information. You will find more detailed information on the structure of the data types in: "Overview of the valid data types (Page 2131)". The maximum number of bytes that can be transmitted depends on the device. When you use structured tags from optimized DBs, the address of the structured tag should be interconnected at the DATA parameter and the parameter LEN = 0. This guarantees type-safe transmission of the entire structure if the same structure is used at the receiving end. BUSY, DONE and ERROR parameters You can check the status of the job with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the DONE parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of "TSEND". The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ERROR Description 1 0 0 The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is specified in the STATUS parameter. 0 0 0 No new job was assigned. Note Because "TSEND" is executed asynchronously, you must keep the data in the send area consistent until the DONE parameter or the ERROR parameter changes to the value "1". WinCC Advanced V14 System Manual, 10/2016 4271 Programming the PLC 11.4 Instructions ERROR and STATUS parameters ERROR STATUS* (W#16#...) Description 0 0000 Send job completed without error. 0 7000 No job processing active. 0 7001 Start of job execution, data is being sent. 0 7002 1 8085 When processing this job, the operating system accesses the data in the DATA send area. Job executing (REQ irrelevant). When processing this job, the operating system accesses the data in the DATA send area. The LEN parameter is larger than the highest permitted value. For S7-1200: 8192; for S7-1500 (TCP): 65536; for S7-1500 (FDL): 240 / 236 DATA and LEN parameters both have the value "0". 1 8086 The ID parameter is outside the permitted address range (1..0xFFF). 1 8088 The LEN parameter is greater than the area specified in DATA. 1 80A1 Communication error: The specified connection has not yet been established. The specified connection is being terminated. Transfer via this connection is not possible. The interface is being re-initialized. 1 80B1 You changed the DATA parameter before the current job finished. 1 80B3 The protocol variant (ConnectionType parameter in the connection description) is set to UDP. Use the instruction "TUSEND" with a UDP connection. 1 80C3 A block with this ID is already being processed in a different priority group. 1 80C4 Internal lack of resources. Temporary communication error: The connection cannot be established to the partner at this time. The interface is receiving new parameter settings or the connection is being established. Temporarily no receive resources available at the connection partner. The connection partner is not ready to receive. 1 80C5 Connection terminated by the communication partner. LSAP of the remote connection partner is not released 1 80C6 Network error: Remote partner cannot be reached. Physical interruption on PROFIBUS 1 80C7 Execution timeout. 1 80EE Handshake not yet completed * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) 4272 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TRCV: Receive data via communication connection (S7-1200, S7-1500) TRCV: Receive data via communication connection (S7-1200) Description The following description of the "TRCV" instruction is valid for the CPU S7-1200 up to version 3.0. You use the "TRCV" instruction to receive data over an existing communication connection. "TRCV" executes asynchronously. Receipt of data is enabled when the EN_R parameter is set to the value "1". The received data is entered in a receive area. You specify the length of the receive area either with the LEN parameter (if LEN <> 0) or with the length information of the DATA parameter (if LEN = 0), depending on the protocol variant being used. While data is being received, you cannot make changes to the DATA parameter or the defined receive area to ensure consistency of the received data. After successful receipt of data, the NDR parameter is set to the value "1". You can query the amount of data actually received at the RCVD_LEN parameter. Receive modes of "TRCV" The following table shows how the received data is entered in the receive area. Protocol variant Availability of data in the receive area connection_type* parame Parameter LEN ter of the connection de scription TCP The data is immediately available. Hexadecimal value: B#16#11 (Ad-hoc mode) 0 Integer value: 17 TCP The data is available as soon as the data (Receipt of data with speci length specified at the LEN parameter has been fully received. fied length) Hexadecimal value: B#16#11 ISO on TCP Hexadecimal value: B#16#12 1 to 1452, if a CP is used. Integer value: 18 1 to 8192, if no CP is used. (Message-oriented data transfer) The data is available as soon as the data length specified at the LEN parameter has been fully received. 1 to 8192 Integer value: 17 * See "AUTOHOTSPOT". TCP (Ad-hoc mode) The ad-hoc mode is only available with the TCP protocol variant. You use the ad-hoc mode to receive data with dynamic length with the "TRCV" instruction. You set ad-hoc mode by assigning the value "0" to the LEN parameter. All data types can be used for data blocks with standard access when you use ad-hoc mode. Only ARRAY of BYTE or data types with a length of 8 bits can be used for data blocks with optimized access (e.g., WinCC Advanced V14 System Manual, 10/2016 4273 Programming the PLC 11.4 Instructions CHAR, USINT, SINT, etc.). When ad-hoc mode is active, receipt of data is already signaled after a received byte at the NDR parameter. TCP (Receipt of data with specified length) For receipt of data with a specified length, enter the length of the data at the LEN parameter. The data receipt is not complete until the length of data specified at the LEN parameter has been completely received. Only then is the data available in the receive area (DATA parameter). The receipt of data is signaled by the NDR output parameter. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. ISO on TCP (Message-oriented data transfer) Complete message blocks are sent via a connection with the protocol variant ISO on TCP; these are recognized as such by the recipient. When using ISO on TCP, "TRCV" signals data receipt as soon as the message block has been completely received. The receive area is defined by the LEN and DATA parameters. If the receive buffer (DATA parameter) is too small for the sent data, "TRCV" signals an error. The successful receipt of data is signaled by the NDR output parameter. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. Parameter The following table shows the parameters of the "TRCV" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or con Receive enable stant ID Input CONN_OUC I, Q, M, D, L or con Reference to the connection established with stant "TCON (Page 4254)". Value range: W#16#0001 (1) to W#16#0FFF (4095) LEN Input UINT I, Q, M, D, L or con Length of the receive area in bytes (hidden). stant If you use a memory area with optimized access at the DATA parameter, the LEN parameter must have the value "0". DATA InOut VARIANT I, Q, M, D Pointer to the receive area When transferring structures, the structures must be identical at the sending and receiving end. NDR Output BOOL I, Q, M, D, L Status parameter (New Data Received): 0: Job not yet started or still in progress 1: Job completed without error BUSY Output BOOL I, Q, M, D, L Status parameter: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started 4274 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Status parameter: 0: No error. 1: An error occurred during execution of the instruction. Detailed information is output via the STATUS pa rameter. STATUS Output WORD I, Q, M, D, L Status parameter: Output of status and error information. RCVD_LEN Output UINT I, Q, M, D, L Amount of data actually received in bytes You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". LEN, DATA and RCVD_LEN parameters If LEN = 0, the received data is saved in the receive area specified at the DATA parameter. The number of bytes received is indicated at the RCVD_LEN parameter. With LEN = 0 (default setting of the LEN parameter), the length of the data to be received is defined by the DATA parameter. It is recommended that the receive area (DATA parameter) has the same size as the data to be transmitted by TSEND. If LEN has the value 0 and the sent data was transferred in segments that are smaller than the DATA receive area, the following applies. It is recommended to keep EN_R set until the associated TSEND instruction has sent all data. STATUS shows the value 7002 as long as the size of the data sent by TSEND is not equal to the size of the DATA receive area. EN_R must be set until the amount of the received data is equal to the size of the DATA receive area. If you pulse EN_R, you must do so until BUSY=0 or ERROR <> 0. The data in the DATA receive area is only valid when BUSY has the value 0. If the length specified at the LEN parameter is greater than the length of the data received at the DATA parameter, the error code 8088 is output at the STATUS parameter (see description of the STATUS) parameter in the following. If a structure (Struct) is referenced via the DATA parameter, LEN can be shorter than the structure. In this case, only the data up to the length of the LEN parameter is transferred. If the DATA parameter references a data block with optimized access, the LEN parameter must be set to "0". If a STRING data type is referenced via the DATA parameter, the length specified at the LEN parameter must be 0 or >=2 (LEN = 1 is not permitted). If a WSTRING data type is referenced via the DATA parameter, the length specified at the LEN parameter must be 0 or >=5. BUSY, NDR and ERROR parameters You can check the status of the job with the BUSY, NDR, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the NDR parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of TRCV. The error information is output at the STATUS parameter. WinCC Advanced V14 System Manual, 10/2016 4275 Programming the PLC 11.4 Instructions The following table shows the relationship between the BUSY, NDR and ERROR parameters: BUSY NDR ERROR Description 1 - - The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new job was assigned. Note Because "TRCV" is executed asynchronously, the data in the receive area is only consistent when the NDR parameter is set to the value "1". ERROR and STATUS parameters ERROR STATUS* Explanation (W#16#...) 0 0000 Job completed successfully. The current length of the received data is output at the RCVD_LEN parameter. 0 7000 Block not ready to receive. 0 7001 Block is ready to receive, receive job was activated. 0 7002 Interim call, the receive job is executing. Note: While the job is being processed, data is written to the receive area. Access to the receive area during this time may provide inconsistent data. 1 8085 The LEN parameter is larger than the highest permitted value. The value of the LEN or DATA parameter was changed after the first call. Both LEN parameters and the DATA parameter have the value "0" or LEN is longer than the maximum permitted value (65536). 1 8086 The ID parameter is outside the permitted address range (1 .. 0x0FFF). 1 8088 Receive area is too small. The value at the LEN parameter is larger than the receive area set at the DATA parameter. 1 80A1 Communication error: The specified connection has not yet been established. The specified connection is being terminated. Receive job over this connection is not possible. The connection is being re-initialized. 1 80B3 The protocol variant (connection_type parameter in the connection description) is set to UDP. Use the instruction "TURCV" with a UDP connection. 1 80C3 A block with this ID is already being processed in a different priority group. Internal lack of resources. 1 80C4 Temporary communication error: The connection cannot be established to the partner at this time. The interface is receiving new parameter settings or the connection is being established. 1 80C5 The remote partner has terminated the connection. 1 80C6 The remote partner cannot be reached (network error). 4276 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* Explanation (W#16#...) 1 80C7 Execution timeout. 1 80C9 The length of the receive area is smaller than the length of the sent data. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) TRCV: Receive data via communication connection (S7-1200, S7-1500) Description The following description of the "TSEND" instruction is valid for: Ethernet CPU S7-1200 with firmware version V4.0 and CPU S7-1500 PROFIBUS FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL You use the "TRCV" instruction to receive data over an existing communication connection. "TRCV" executes asynchronously. Receipt of data is enabled when the EN_R parameter is set to the value "1". The received data is entered in a receive area. You specify the length of the receive area either with the LEN parameter (if LEN <> 0) or with the length information of the DATA parameter (if LEN = 0), depending on the protocol variant being used. While data is being received, you cannot make changes to the DATA parameter or the defined receive area to ensure consistency of the received data. After successful receipt of data, the NDR parameter is set to the value "1". You can query the amount of data actually received at the RCVD_LEN parameter. WinCC Advanced V14 System Manual, 10/2016 4277 Programming the PLC 11.4 Instructions Receive modes of "TRCV" The following table shows how the received data is entered in the receive area. Protocol variant Parameter ADHOC TCP 1 (ad-hoc ac The data is immediately availa Hexadecimal value: tivated) ble. B#16#11 (Ad-hoc mode) Availability of data in the re ceive area connection_type parame ter of the connection de scription Integer value: 17 Parameter LEN As much data will be read as is currently available; not exceed ing the data length specified by LEN. LEN = 0 (recommen ded): Length of the re ceive area referenced by DATA TCP (Receipt of data with specified length) ISO on TCP 0 (ad-hoc deactivated) - (Message-oriented data transfer) FDL - The data is available as soon as the data length specified at the LEN parameter has been fully received. Hexadecimal value: B#16#11 The data is available as soon as the data length specified at the LEN parameter has been fully received. Hexadecimal value: B#16#12 The data is available as soon as the data length specified at the LEN parameter has been fully received. Hexadecimal value: B#16#15 Integer value: 17 Integer value: 18 S7-1200: 1 to 8192 S7-1500: 1 to 65536 S7-1200: 1 to 8192 S7-1500: 1 to 65536 1 to 240 Decimal: 21 TCP (Ad-hoc mode) The ad-hoc mode is only available with the TCP protocol variant. You use the ad-hoc mode to receive data with dynamic length with the "TRCV" instruction. You set ad-hoc mode by assigning the value "1" to the ADHOC parameter. When ad-hoc mode is active, receipt of data is already signaled after a received byte at the NDR parameter. All data types can be used for data blocks with standard access when you use ad-hoc mode. Only ARRAY of BYTE or data types with a length of 8 bits can be used for data blocks with optimized access (e.g., CHAR, USINT, SINT, etc.). TCP (Receipt of data with specified length) Assign the value "0" to the ADHOC parameter for receipt of data with specified length. If adhoc mode is disabled, the data reception is not complete until the length of data specified at the LEN parameter has been completely received. Only then is the data available in the receive area (DATA parameter). The successful receipt of data is signaled by the NDR output parameter. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. 4278 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ISO on TCP (Message-oriented data transfer) Complete message blocks are sent via a connection with the protocol variant ISO on TCP; these are recognized as such by the recipient. When using ISO on TCP, "TRCV" signals data receipt as soon as the message block has been completely received. The receive area is defined by the LEN and DATA parameters. If the receive buffer (DATA parameter) is too small for the sent data, "TRCV" signals an error. The successful receipt of data is signaled by the NDR output parameter. The actually received data length in bytes at the RCVD_LEN parameter corresponds to the data length at the LEN parameter after receipt. Parameter The following table shows the parameters of the "TRCV" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or con stant Receive enable ID Input CONN_OUC I, Q, M, D, L or con stant Reference to the connection established with "TCON". LEN Input UDINT I, Q, M, D, L or con stant Value range: W#16#0001 to W#16#0FFF Length of the receive area in bytes (hidden) Maximum value for S7-1200: 8192; maximum value for S7-1500: 65536; maximum value for CM 15425 (FDL): 240. If you use a receive area with optimized access at the DATA parameter, the LEN parameter must have the value "0". ADHOC Input BOOL I, Q, M, D, L or con stant Use ad-hoc mode for the TCP protocol variant (hid den). DATA InOut VARIANT I, Q, M, D, L Pointer to the receive area When transferring structures, the structures must be identical at the sending and receiving end. NDR Output BOOL I, Q, M, D, L Status parameter (New Data Received): 0: Job not yet started or still in progress 1: New data received BUSY Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or already completed 1: Job not yet completed. A new job cannot be started ERROR Output BOOL I, Q, M, D, L Status parameter ERROR: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction RCVD_LEN Output UDINT I, Q, M, D, L Amount of data actually received in bytes You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4279 Programming the PLC 11.4 Instructions LEN, DATA and RCVD_LEN parameters If LEN = 0, the received data is saved in the receive area specified at the DATA parameter. The number of bytes received is indicated at the RCVD_LEN parameter. With LEN = 0 (default setting of the LEN parameter), the length of the data to be received is defined by the DATA parameter. It is recommended that the receive area (DATA parameter) has the same size as the data to be transmitted by TSEND. If LEN has the value 0 and the sent data was transferred in segments that are smaller than the DATA receive area, the following applies. It is recommended to keep EN_R set until the associated TSEND instruction has sent all data. STATUS shows the value 7002 as long as the size of the data sent by TSEND is not equal to the size of the DATA receive area. EN_R must be set until the amount of the received data is equal to the size of the DATA receive area. If you pulse EN_R, you must do so until BUSY=0 or ERROR <> 0. The data in the DATA receive area is only valid when BUSY has the value 0. If the length specified at the LEN parameter is greater than the length of the data received at the DATA parameter, the error code 8088 is output at the STATUS parameter (see description of the STATUS) parameter in the following. If a structure (Struct) is referenced via the DATA parameter, LEN can be shorter than the structure. In this case, only the data up to the length of the LEN parameter is transferred. If the DATA parameter references a data block with optimized access, the LEN parameter must be set to "0". If the length of the data does not match for elementary data types, the data will not be received and the error code 8088 is output at the STATUS parameter. If a STRING data type is referenced via the DATA parameter, the length specified at the LEN parameter must be 0 or >=2 (LEN = 1 is not permitted). If a WSTRING data type is referenced via the DATA parameter, the length specified at the LEN parameter must be 0 or >=5. BUSY, NDR and ERROR parameters You can check the status of the job with the BUSY, NDR, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. With the NDR parameter, you can check whether or not a job executed successfully. The ERROR parameter is set when errors occurred during execution of TRCV. The error information is output at the STATUS parameter. The following table shows the relationship between the BUSY, NDR and ERROR parameters: BUSY NDR ERROR Description 1 - - The job is being processed. 0 1 0 The job was completed successfully. 0 0 1 The job ended with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new job was assigned. Note Because "TRCV" is executed asynchronously, the data in the receive area is only consistent when the NDR parameter is set to the value "1". 4280 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR and STATUS parameters ERROR STATUS* Explanation (W#16#...) 0 0000 Job completed successfully. The current length of the received data is output at the RCVD_LEN parameter. 0 7000 Block not ready to receive. 0 7001 Block is ready to receive, receive job was activated. 0 7002 Interim call, the receive job is executing. Note: While the job is being processed, data is written to the receive area. Access to the receive area during this time may provide inconsistent data. 1 8085 The LEN parameter is greater than the maximum permissible value (for S7-1200: 8192 bytes, for S7-1500: 65536 bytes). The value of the LEN or DATA parameter was changed after the first call. Both LEN parameters and the DATA parameter have the value "0" or LEN is longer than the maximum permissible value (for S7-1200): 8192 bytes, for S7-1500: 65536 bytes). 1 8086 The ID parameter is outside the permitted value range (1 .. 0x0FFF). 1 8088 Receive area is too small. The value at the LEN parameter is larger than the receive area set at the DATA parameter. 1 80A1 Communication error: The specified connection has not yet been established. The specified connection is being terminated. Receive job over this connection is not possible. The connection is being re-initialized. 1 80B1 You changed the DATA parameter before the current job finished. 1 80B3 The protocol variant (connection_type parameter in the connection description) is set to UDP. Use the instruction "TURCV" with a UDP connection. 1 80C3 A block with this ID is already being processed in a different priority group. Internal lack of resources. 1 80C4 Temporary communication error: The connection cannot be established to the partner at this time. The interface is receiving new parameter settings or the connection is being established. 1 80C5 The remote partner has terminated the connection. 1 80C6 The remote partner cannot be reached (network error). 1 80C7 Execution timeout. 1 80C9 The length of the receive area is smaller than the length of the sent data. 1 80EE Handshake not yet completed * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also TRCV: Receive data via communication connection (Page 4273) TCON: Establish communication connection (Page 4258) Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4281 Programming the PLC 11.4 Instructions Sending and receiving data via Ethernet (UDP) or FDL (S7-1200, S7-1500) TUSEND: Sending data (S7-1200, S7-1500) Description TUSEND supports data transfer via UDP and via FDL connections of the S71500 with CM 15425 as of V2.0 with the system data type TCON_FDL. The "TUSEND" instruction sends data to the communication partner addressed by the ADDR parameter. WARNING Data transfer via UDP When transferring data with UDP according to RFC 768, the data is transferred to the partner without acknowledgement and therefore non-securely. This means that data can be lost without this being indicated by the block. Note For sequential send operations to different partners, you only need to adjust the ADDR parameter when calling "TUSEND". You do not need to call the "TCON (Page 4254)" and "TDISCON (Page 4264)" instructions again. The UDP port must be set up at the specific partner in order for this partner to receive data. Functional description The TUSEND" instruction works asynchronously, which means its job processing extends over multiple calls. Create a rising edge at the REQ parameter to establish a connection once again. The output parameters BUSY, DONE, ERROR and STATUS indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436). The following table shows the relationship between BUSY, DONE and ERROR. Using this table, you can determine the current status of "TUSEND" or when the send process is concluded. BUSY DONE ERROR Description TRUE FALSE FALSE The job is being processed. FALSE TRUE FALSE Job successfully completed. FALSE FALSE TRUE The job ended with an error. The cause of the error can be found in the STATUS parameter. FALSE FALSE FALSE The instruction was not assigned a (new) job. 4282 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Due to the asynchronous operation of "TUSEND", make sure the data in the send area remains consistent until the DONE parameter or the ERROR parameter has the value TRUE. Parameter The following table shows the parameters of the "TUSEND" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter REQUEST starts the send job on a rising edge. The data is transferred from the area specified by DATA and LEN. ID Input CONN_OU C I, Q, M, D, L or con stant Reference to the associated connection between the user program and the communication layer of the operating system. ID must be identical to the associated parameter ID in the local connection de scription with the .TCON instruction: Value range: W#16#0001 to W#16#0FFF LEN Input UDINT I, Q, M, D, L or con stant Number of bytes to be sent with the job Value range for Ethernet/UDP: 1 to 1472 For FDL connections of the CM 15425, the maxi mum length is 240 bytes. In this regard, note the maximum lengths that can be processed by the con nection partner. DONE Output BOOL I, Q, M, D, L Status parameter DONE: 0: Job not yet started or still executing. 1: Job executed without errors. This value is only displayed for one cycle. BUSY Output BOOL I, Q, M, D, L ERROR Output BOOL I, Q, M, D, L BUSY = 1: The job is not yet complete. A new job cannot be triggered. BUSY = 0: Job is complete. Status parameter ERROR: ERROR = 1: An error occurred during processing. STATUS supplies detailed information on the type of error STATUS Output WinCC Advanced V14 System Manual, 10/2016 WORD I, Q, M, D, L Status parameter STATUS: Error information 4283 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description DATA InOut VARIANT I, Q, M, D Send area, contains address and length The address refers to: The process image of the inputs The process image of the outputs A bit memory A data block When transferring structures, the structures must be identical at the sending and receiving end. ADDR InOut VARIANT D Address information of the communication partner See also: Addressing the remote partner via TADDR_Param (Page 4289) and Addressing the re mote partner via TADDR_SEND_QDN and TADDR_RCV_IP (Page 4290) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". ERROR and STATUS parameters ERROR STATUS* Explanation (W#16#...) 0 0000 Send job completed without error 0 7000 No job processing active 0 7001 Start of job processing, data being sent Note: During this processing phase, the operating system accesses the data in the DATA send area. 0 7002 Intermediate call (REQ irrelevant), job is being processed Note: During this processing phase, the operating system accesses the data in the DATA send area. 1 8085 The LEN parameter has the value "0" or is greater than the highest permitted value. 1 8086 The ID parameter is not in the permitted value range. 0 8088 The LEN parameter is greater than the memory area specified in DATA. 1 8089 The ADDR parameter does not point to a data block with the TADDR_Param structure. 1 80A1 Communication error: The specified connection between user program and communication layer of the operating system has not yet been established. The specified connection between the user program and the communication layer of the operating system is currently being terminated. Transmission over this connection is not possible. The interface is being reinitialized. 1 80B1 You changed the DATA parameter before the current job finished. 1 80A4 IP address (at the ADDR parameter) of the remote connection end point is invalid; it may correspond to the local partner's own IP address. 4284 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions ERROR STATUS* Explanation (W#16#...) 1 80B3 The protocol variant (connection_type parameter in the connection description) is not set to UDP. Please use "TSEND (Page 4269)". Parameter ADDR: Invalid information for port no. 1 80B7 The length of the structure referenced by the parameter ADDR is not 8 bytes. 1 80C3 A block with this ID is already being processed in a different priority class. Internal lack of resources. 1 80C4 Temporary communication error: The connection between the user program and the communication layer of the operating system cannot be established at this time. New parameter settings are being assigned to the interface. Temporarily no receive resources available at the connection partner. The connection partner is not ready to receive. 1 80C5 1 80C6 Connection terminated by the communication partner. LSAP of the remote connection partner is not released Network error: Remote partner cannot be reached. Physical interruption on PROFIBUS 1 80C7 Execution timeout. 1 80D3 The fully qualified domain name could not be resolved. Possible causes: The DNS server is not reachable, for example, because it has been shut down or the remote port is not reachable. An error occurred during communication with the DNS server. The DNS server returned a valid DNS answer, but the answer contained no IPv4 address. 1 80EA - General See also: GET_ERR_ID: Get error ID locally (Page 2690) error infor mation DTLS (UDP) protocol is not supported * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4285 Programming the PLC 11.4 Instructions TURCV: Receiving data (S7-1200, S7-1500) Description The "TURCV" instruction receives data via UDP and via FDL connections of the S71500 with CM 15425 as of V2.0. After successful completion of "TURCV", the ADDR parameter will show you the address of the remote partner (the sender). WARNING Unsecured data transfer When transferring data with UDP according to RFC 768, the data is transferred to the remote partner without acknowledgement and is therefore unreliable. This means that data can be lost without this being indicated by the block. Functional description "TURCV" is an instruction works asynchronously, which means its job processing extends over multiple calls. You start the receive job by calling "TURCV" with EN_R = 1. The output parameters BUSY, DONE, ERROR and STATUS indicate the status of the job. See also: Difference between synchronous and asynchronous instructions (Page 2436). The following table shows the relationship between BUSY, NDR and ERROR. Using this table, you can determine the current status of TURCV or when the receive process is concluded. BUSY NDR ERROR Description TRUE FALSE FALSE The job is being processed. FALSE TRUE FALSE Job successfully completed. New data was received. FALSE FALSE TRUE The job ended with an error. The cause of the error can be found in the STATUS parameter. FALSE FALSE FALSE The instruction was not assigned a (new) job. Note Due to the asynchronous operation of "TURCV", the data in the receive area is only consistent when the NDR parameter has the value TRUE. 4286 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "TURCV" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or constant Control parameter enabled to receive When EN_R = 1, "TURCV" is ready to receive. The receive job is being processed. ID Input CONN_OU C I, Q, M, D, L or constant Reference to the associated connection between the user program and the communication layer of the operating sys tem. ID must be identical to the associated ID parameter in the local connection description. Value range: W#16#0001 to W#16#0FFF LEN Input UDINT I, Q, M, D, L or constant Length of the receive area in bytes: 0 (recommended) or 1 to 1472 Maximum value for CM 15425 (FDL): 240 NDR Output BOOL I, Q, M, D, L Status parameter NDR: NDR = 0: Job not yet started or still running. NDR = 1: Job successfully completed ERROR Output BOOL I, Q, M, D, L Status parameter ERROR: ERROR=1: An error occurred during processing. STATUS supplies detailed information on the type of error BUSY Output BOOL I, Q, M, D, L BUSY = 1: The job is not yet complete. A new job cannot be triggered. BUSY = 0: Job is complete. STATUS Output WORD I, Q, M, D, L Status parameter STATUS: Error information RCVD_LEN Output UDINT I, Q, M, D, L Amount of data actually received in bytes DATA InOut VARIANT I, Q, M, D, L Receive area The address references: The process image of the inputs The process image of the outputs A bit memory A data block When transferring structures, the structures must be iden tical at the sending and receiving end. ADDR InOut VARIANT D Address information of the remote partner See also: Addressing the remote partner via TADDR_Par am (Page 4289) and Addressing the remote partner via TADDR_SEND_QDN and TADDR_RCV_IP (Page 4290) You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4287 Programming the PLC 11.4 Instructions ERROR and STATUS parameters ERROR STATUS* (W#16#...) Explanation 0 0000 New data was accepted. The current length of the received data is shown in RCVD_LEN. 0 7000 Block not ready to receive 0 7001 Block is ready to receive, receive job was activated 0 7002 Intermediate call, receive job being processed Note: During this processing phase, "TURCV" writes data to the receive area. For this reason, an error could result in inconsistent data in the receive area. 1 8085 The LEN parameter is greater than the largest permitted value, or you changed the value of the LEN or DATA parameter since the first call 1 8086 The ID parameter is not in the permitted value range 1 8088 Receive area is too small Value in LEN is higher than the receive area specified by DATA 1 8089 The ADDR parameter does not point to a data block with the TADDR_Param structure. 1 80A1 Communication error: The specified connection between user program and communication layer of the operating system has not yet been established. The specified connection between the user program and the communication layer of the operating system is currently being terminated. A receive job over this connection is not possible. New parameter settings are being assigned to the interface. 1 80B1 You changed the DATA parameter before the current job finished. 1 80B3 The protocol variant (connection_type parameter in the connection description) is not set to UDP. Please use "TRCV (Page 4273)". 1 80B7 The length at ADDR parameter does not correspond to 8 bytes. 1 80C3 A block with this ID is already being processed in a different priority class. Internal lack of resources. 1 80C4 Temporary communication error: New parameter settings are being assigned to the interface. 1 80C5 The remote partner has terminated the connection. 1 80C7 Execution timeout. 1 80C9 With RFC1006 / UDP: The received data is longer than expected (size of receive buffer exceeded). 1 80EA DTLS (UDP) protocol is not supported - General er ror informa tion See also: GET_ERR_ID: Get error ID locally (Page 2690) * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also TCON: Establish communication connection (Page 4254) TDISCON: Terminate communication connection (Page 4264) 4288 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Addressing the remote partner via TADDR_Param (S7-1200, S7-1500) Overview When using a UDP connection, you can store the address information for the remote partner in the system data type TADDR_Param: With the "TUSEND (Page 4282)" instruction, you transfer the address information of the recipient at the parameter ADDR via TADDR_Param. The stored address data of the remote partner are read from the system data type by the instruction. With the "TURCV (Page 4286)" instruction, you receive the address of the sender at the parameter ADDR via TADDR_Param. The address data is written by the instruction in the system data type. Structure of the address information according to TADDR_Param The system data type TADDR_Param contains the address information of the remote partner and consists of the IP address and the port number. The system data type TADDR_Param has the following structure: Byte Parameter Data type Start value Description 0 to 3 rem_ip_addr ARRAY [1..4] of USINT B#16#00 ... IP address of the remote partner, e.g. 192.168.002.003: rem_ip_addr[1] = B#16#C0 (192) rem_ip_addr[2] = B#16#A8 (168) rem_ip_addr[3] = B#16#02 (002) rem_ip_addr[4] = B#16#03 (003) The IP address can be taken from the Devices & networks view in the interface properties of the remote partner. As an alternative these are also displayed in the properties of the UDP connection under Address details. 4 to 5 rem_port_nr UINT B#16#00 ... Remote port-number (for possible values, see: AUTOHOT SPOT): rem_port_nr[1] = high byte of the port no. in hexadecimal notation rem_port_nr[2] = low byte of port no. in hexadecimal notation The port number can be taken from the Devices & networks view in the UDP connection properties. The port number is indicated under Address details as a decimal value. Example: Port number = 2000 (decimal) / W#16#07D0 (hex adecimal) rem_port_nr[1] = 07 (high byte) rem_port_nr[2] = D0 (low byte) 6 to 7 reserved WinCC Advanced V14 System Manual, 10/2016 WORD B#16#00 ... Not used. Leave the value "0" at this parameter. 4289 Programming the PLC 11.4 Instructions Creating TADDR_Param in a data block You have the following options for creating TADDR_Param: Create a new data block and select TADDR_Param as type in the dialog "Add new data block". Open an existing data block create a new tag and enter in the column Data type TADDR_Param. A data block can contain several system data types TADDR_Param. Addressing the remote partner via TADDR_SEND_QDN and TADDR_RCV_IP (S7-1500) Overview For S7-1500 CPUs as of firmware version V2.0, you can address the recipient with its fully qualified domain name when sending data via UDP. With the instruction TUSEND at the parameter ADDR, you hereby reference a structure of the type TADDR_SEND_QDN. The receiver can return an IPv4 or an IPv6 address. With the TURCV instruction at the ADDR parameter, you therefore reference a structure of the type TADDR_RCV_IP. Only this can include both IP address types. Structure of the address information according to TADDR_SEND_QDN The system data type TADDR_SEND_QDN contains the address information of the remote partner (of the receiver) and consists of the fully qualified domain name and port number. It has the following structure: Byte Parameter 0 to 255 RemoteQDN Data type Start value Description ARRAY of STRING[1..254] - Fully qualified domain name of the partner end point, which must finish with "." Please note that the name including the concluding period must not exceed 254 characters in a SIMATIC environment. 256 to 257 RemotePort UINT B#16#00 ... Remote port-number (for possible values, see: AUTOHOT SPOT): RemotePort[1] = high byte of the port no. in hexadecimal notation RemotePort[2] = low byte of port no. in hexadecimal notation Example: Port number = 2000 (decimal) / W#16#07D0 (hex adecimal) RemotePort[1] = 07 (high byte) RemotePort[2] = D0 (low byte) 258 to 259 4290 reserved WORD W#16#00 Not used. Leave the value "0" at this parameter. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Runtime of the instruction TUSEND With each call of TUSEND, the fully qualified domain name is resolved in the IP address. As a result, the execution time of TUSEND is longer than if you address the receiver directly via its IPv4 address. Structure of the address information according to TADDR_RCV_IP The system data type TADDR_RCV_IP contains the address information of the remote partner (of the sender) and consists of the IP address, the port number and the information on whether the IP address is an IPv4 or IPv6 address. It has the following structure: Byte Parameter Data type Start value Description 0 to 15 RemoteAd dress ARRAY [1..16] of BYTE B#16#00 ... IP address of the remote partner, e.g. for the IPv4 address 192.168.002.003: RemoteAddress[1] = B#16#C0 (192) RemoteAddress[2] = B#16#A8 (168) RemoteAddress[3] = B#16#02 (002) RemoteAddress[4] = B#16#03 (003) The following applies to the IPv6 address. 16 to 17 RemotePort UINT B#16#00 ... Remote port-number (for possible values, see: AUTOHOT SPOT): RemotePort[1] = high byte of the port no. in hexadecimal notation RemotePort[2] = low byte of port no. in hexadecimal notation Example: Port number = 2000 (decimal) / W#16#07D0 (hex adecimal) RemotePort[1] = 07 (high byte) RemotePort[2] = D0 (low byte) 18 RemAddr Type BYTE B#16#00 Type of the remote address: B#16#03: IPv4 B#16#04: IPv6 19 reserved BYTE B#16#00 Not used. Leave the value "0" at this parameter. T_RESET: Resetting the connection (S7-1200, S7-1500) Description The "T_RESET" instruction terminates and then reestablishes an existing connection. WinCC Advanced V14 System Manual, 10/2016 4291 Programming the PLC 11.4 Instructions The local end points of the connection are retained. They are generated automatically: If a connection has been configured and loaded to the CPU. If a connection has been generated by the user program, for example, by calling the instruction "TCON (Page 4254)". The instruction "T_RESET" can be executed for all connection types (TCP, UDP, ISO-on-TCP, etc.). It does not matter whether the local interface of the CPU or the interface of a CM/CP was used for the connection. Once the instruction "T_RESET" has been called using the REQ parameter, the connection specified with the ID parameter is terminated and, if necessary, the data send and receive buffer cleared. Canceling the connection also cancels any data transfer in progress. There is therefore a risk of losing data if data transfer is in progress. The CPU defined as the active connection partner will then automatically attempt to restore the interrupted communication connection. You therefore do not need to call the "TCON (Page 4254)" instruction to reestablish the communication connection. The output parameters DONE, BUSY and STATUS indicate the status of the job. Parameter The following table shows the parameters of the "T_RESET" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Control parameter REQUEST starts the job for terminating the connection specified by ID. The job starts on a rising edge. ID Input CONN_OUC I, Q, M, D, L or con stant Reference to the connection to the passive partner ID being interrupted must be identical to the corresponding parameter ID in the local connection description. Range of values: W#16#0001 to W#16#0FFF DONE Output BOOL I, Q, M, D, L Status parameter DONE 0: Job not yet started or still executing. 1: Job executed without errors BUSY Output BOOL I, Q, M, D, L Status parameter BUSY 0: Job is complete. 1: The job is not yet complete. ERROR Output BOOL I, Q, M, D, L Status parameter ERROR 0: No error occurred. 1: Error occurred during processing. The STATUS parameter supplies detailed information on the type of error STATUS Output WORD I, Q, M, D, L Status parameter STATUS Error information (see "STATUS parameter" table). You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 4292 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS STATUS* (W#16#...) Explanation 0000 No error. 0001 Connection has not been established. 7000 No job processing active. 7001 Connection termination launched. 7002 Connection being terminated. 8081 Unknown connection specified at the ID parameter. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". See also Difference between synchronous and asynchronous instructions (Page 2436) T_DIAG: Checking the connection (S7-1200, S7-1500) Description You use the "T_DIAG" instruction to check the status of a connection and read further information on the local end point of this connection. The connection is referenced by the ID parameter. You can read both connection end points configured in the connection editor and programmed connection end points (e.g. with the "TCON" instruction). Temporary connection end points (for example end points created when you connect to an engineering station) cannot be diagnosed, as no connection ID is generated in this process. The connection information read is stored in a structure referenced by the RESULT parameter. The output parameter STATUS indicates whether it was possible to read the connection information. The connection information in the structure at the RESULT parameter is only valid if the "T_DIAG" instruction has been completed with STATUS = W#16#0000 and ERROR = FALSE. Connection information cannot be evaluated if an error occurs. Possible connection information Two different structures can be used to read the connection information at the RESULT parameter: The "TDiag_Status" structure only contains the most important information about a connection end point, for example the protocol used, the connection status and the number of data bytes sent or received. The structure "TDiag_StatusExt" supplies not just the most important information, but also the number of connection attempts, the reason for a connection abort, etc. WinCC Advanced V14 System Manual, 10/2016 4293 Programming the PLC 11.4 Instructions The structure and parameters of the two structures are described below (see the "TDIAG_Status and TDIAG_StatusExt structures" table). Parameters The following table shows the parameters of the "T_DIAG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Starts the instruction to check the connection specified in the ID parameter when there is a positive edge. ID Input CONN_OUC (WORD) I, Q, M, D, L or con stant Reference to the assigned connection. Value range: W#16#0001 to W#16#0FFF RESULT InOut VARIANT D Pointer to the structure in which the connection information is stored. The structure TDiag_Sta tus or TDiag_StatusExt can be used at the RE SULT parameter (for a description, see the "TDIAG_Status and TDIAG_StatusExt struc tures" table). DONE Output BOOL I, Q, M, D, L Status parameter: 0: Instruction not yet started or still in progress. 1: Instruction executed without errors. BUSY Output BOOL I, Q, M, D, L Status parameter: 0: Instruction not yet started or already completed. 1: Instruction not yet completed. A new job cannot be started. ERROR Output BOOL I, Q, M, D, L Status parameter: 0: No error. 1: Error occurred. STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Parameters BUSY, DONE and ERROR You can check the status of "T_DIAG" instruction execution with the BUSY, DONE, ERROR and STATUS parameters. The BUSY parameter indicates the processing status. You use the DONE parameter to check whether or not an instruction has been executed successfully. The ERROR parameter is set if errors occur during execution of "T_DIAG". 4294 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The following table shows the relationship between the BUSY, DONE and ERROR parameters: BUSY DONE ER ROR Description 1 - - The instruction is being processed. 0 1 0 The instruction has been executed successfully. The data in the structure referenced by RESULT are only valid if this is the case. 0 0 1 Instruction completed with an error. The cause of the error is output at the STATUS parameter. 0 0 0 No new instruction has been assigned. Parameter STATUS The following table shows the meaning of the values at the STATUS parameter: STA Explanation TUS* (W#16#. ..) 0000 The instruction "T_DIAG" has been executed successfully. The data in the structure referenced at the RESULT parameter can be evaluated. 7000 No instruction processing active. 7001 Instruction processing launched. 7002 Connection information is being read (REQ parameter irrelevant). 8086 The value at the ID parameter is outside the valid range (W#16#0001 ... W#16#0FFF). 8089 The RESULT parameter points to an invalid data type (structures TDIAG_Status and TDIAG_StatusExt only). 80A3 The ID parameter references a connection end point which does not exist. With programmed connections, this error can also occur after the "TDISCON" instruction is called. 80C4 Internal error. Access to the connection end point is temporarily unavailable. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Structures TDIAG_Status and TDIAG_StatusExt The table below details the form of the TDIAG_Status and TDIAG_StatusExt structures: From the InterfaceID to the ReceivedBytes parameter, the "TDIAG_StatusExt" and "TDIAG_Status" structures are identical. The structure TDIAG_StatusExt also includes the parameters ConnTrials to LastDisconnTimeStamp. The value of each element is only valid if the instruction has been executed without errors. If an error occurs, the content of the parameters will not change. Name Data type Description The following parameters are in both the TDIAG_Status and the TDIAG_StatusExt structure: InterfaceID HW_ANY ID CONN_OU ID of the connection diagnosed. Following a successful call, the value of this element is C identical to the parameter ID of the "T_DIAG" instruction. WinCC Advanced V14 System Manual, 10/2016 Interface ID (LADDR) of the CPU or the CM/CP. 4295 Programming the PLC 11.4 Instructions Name Data type Description ConnectionType BYTE Protocol type used for connection: 0x01: Not used. ... 0x0B: TCP protocol (IP_v4) 0x0C: ISO-on-TCP protocol (RFC1006) 0x0D: TCP protocol (DNS) 0x0E: Dial-in protocol 0x0F: WDC protocol 0x10: SMTP protocol 0x11: TCP protocol 0x12: TCP and ISO-on-TCP protocol (RFC1006) 0x13: UDP protocol 0x14: Reserved 0x15: PROFIBUS bus access protocol (FDL) 0x16: ISO 8073 transport protocol (ISO native) ... 0x20: SMTP or SMTPS protocol - based on IPv4 0x21: SMTP or SMTPS protocol - based on IPv6 0x22: SMTP or SMTPS protocol - based on FQDN (Fully Qualified Domain Name) ... 0x70: S7 connection Other: Reserved ActiveEstablished BOOL State BYTE FALSE: Locally, the passive connection end point TRUE: Locally, the active connection end point Current status of the connection end point 0x00: Not used. 0x01: Connection terminated. Temporary status, for example, after the "T_RESET" instruction is called. The system then automatically attempts to reestablish the connection. 0x02: The active connection end point is attempting to establish a connection to the remote communication partner. 0x03: The passive connection end point is waiting for establishment of the connection to the remote communication partner. 0x04: Connection established. 0x05: The connection is being terminated. This may be because the "T_RESET" or "T_DISCON" instruction has been called. Other possible reasons are protocol errors and line breaks. 0x06..0xFF: Not used. 4296 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Name Data type Description Kind BYTE Mode of the connection end point: 0x00: Not used. 0x01: Configured, static connection which has been configured and loaded to the CPU. 0x02: Configured, dynamic connection which has been configured and loaded to the CPU (not currently supported). 0x03: Programmed connection generated in the user program with the instruction "TCON". A call of the instruction "TDISCON" or a transition to CPU STOP status has destroyed the connection end point. 0x04: Temporary, dynamic connection established by the engineering station (ES) or operator station (OS), for example. (this connection type cannot currently by diagnosed as there is no ID). 0x05..0xFF: Not used. SentBytes UDINT Number of data bytes sent. ReceivedBytes UDINT Number of data bytes received. The following parameters only occur in the TDiag_StatusExt structure: ConnTrials UDINT ConnTrialsSuc cess UDINT Number of connection attempts. Once a connection has been established, ConnTrials has the value 0. If this element is not equal to 0, there are connection problems. Note: With a passive connection end point, this value is never greater than 1. Number of successful connection attempts. This element is never reset during the life cycle of a connection end point, and returns to 0 after reaching 0xFFFF FFFF. Note: This parameter is 1 if there has never been a problem in this connection. LastConnErrRea son UDINT Error ID output during the last connection attempt with errors (the error messages are identical to those at the LastDisconnReason parameter): 0x4F01: Remote connection end point cannot be reached (this error usually occurs during connection establishment). 0x4F02: Connection terminated locally. 0x4F03: Connection terminated by remote communication partner. 0x4F04: Connection terminated by a protocol error. 0x4F05: Connection terminated by a network problem detected locally. 0x4F06: Connection terminated by a network problem detected remotely. 0x4F07: Connected terminated due to timeout in protocol. 0x4F08: Incorrect parameter assignment: Connection to be established to local partner's own address. 0x4F09: Connection temporarily reset by a call of the instruction "T_RESET". 0x4F0A: Insufficient connection resources available (quantity exceeded) 0x4F0B: Internal error: Incorrect addressing parameters 0x4F0C: Internal CPU communication error 0x4F0D: Internal AS communication error between CPU and CM/CP 0x4F0E: The local TCP/UDP port (or RFC1006-T selector) specified is already in use. LastConnErrTi meStamp LDT WinCC Advanced V14 System Manual, 10/2016 Time of the last connection attempt with errors. 4297 Programming the PLC 11.4 Instructions Name Data type Description LastDisconnRea son UDINT Error ID which led to the last connection termination (the error messages are identical to those at the LastConnErrReason parameter): 0x4F01: Remote connection end point cannot be reached (this error usually occurs during connection establishment). 0x4F02: Connection terminated locally. 0x4F03: Connection terminated by remote communication partner. 0x4F04: Connection terminated by a protocol error. 0x4F05: Connection terminated by a network problem detected locally. 0x4F06: Connection terminated by a network problem detected remotely. 0x4F07: Connected terminated due to timeout in protocol. 0x4F08: Incorrect parameter assignment: Connection to be established to local partner's own address. 0x4F09: Connection temporarily reset by a call of the instruction "T_RESET". 0x4F0A: Insufficient connection resources available (quantity exceeded) 0x4F0B: Internal error: Incorrect addressing parameters 0x4F0C: Internal CPU communication error 0x4F0D: Internal AS communication error between CPU and CM/CP 0x4F0E: The local TCP/UDP port (or RFC1006-T selector) specified is already in use. LastDisconnTi meStamp LDT Time of the last connection termination. See also Difference between synchronous and asynchronous instructions (Page 2436) T_CONFIG: Configure interface (S7-1200, S7-1500) Description T_CONFIG (S7-1200, S7-1500) Description The "T_CONFIG" instruction is used for the program-controlled configuration of the integrated PROFINET interfaces of the CPU or the interface of a CP/CM. Configuration of the integrated PROFINET interfaces of the CPU With the "T_CONFIG" instruction, you can change the Ethernet address, the PROFINET device name or the IP addresses of the NTP servers for time-of-day synchronization from within the user program. The existing configuration data is overwritten. 4298 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can make the following changes: Settings for the IP protocol - IP address - Subnet mask - Router address Settings for PROFINET - Assignment of the PROFINET device name Settings for time-of-day synchronization - Assignment of the IP addresses of the NTP servers for time-of-day synchronization (only with S7-1500 and there only for the PROFINET interface [X1} of a modular CPU) These settings correspond to the configuration options under "IP protocol" and "PROFINET" in the "Ethernet addresses " dialog or the "NTP mode" in the "Time synchronization" dialog. This is displayed in the "Devices & Networks" view under the properties of the PROFINET interface. WARNING Restart of CPU after execution of the "T_CONFIG" instruction (only S7-1200 CPUs with firmware versions V2.0 to V4.1.2) The CPU is restarted after you have executed the instruction to change an IP parameter. The CPU goes to STOP mode, a warm restart is carried out and the CPU starts up again (RUN mode). Make sure that the control process is in a secure operating mode after the CPU has been restarted following execution of the instruction. Uncontrolled operation can result in serious material damage or personal injury due to malfunctions or programming errors, for example. Non-retentive data could be lost. Configuration of the PROFINET interface of a CP 1543-1 With the "T_CONFIG" instruction you can change the IPv6 address, the MAC address or the IP addresses of up to two DNS servers of the PROFINET interface of a CP 1543-1 from within the user program. The existing configuration data is overwritten. WinCC Advanced V14 System Manual, 10/2016 4299 Programming the PLC 11.4 Instructions Requirement In order to use the instruction must be explicitly specified in the hardware configuration that the assignment of IP address parameters and device name must be made by the user program. For this purpose open the properties of the PROFINET interface in the device view. In the "Ethernet addresses" or "Time synchronization" dialog, enabled the following options: - In order to change the IP address parameters with "T_CONFIG": Select the setting "IP address is set directly at the device" under "IP protocol". - In order to change the PROFINET device name with "T_CONFIG": Select the setting "PROFINET device name is set directly at the device" under "PROFINET". - To change the IP addresses of the NTP servers with "T_CONFIG". Select "Enabled time synchronization via NTP server" and specify the IP address of at least one NTP server. The configuration data must be stored in the following system data types and assigned at the parameter CONF_DATA (Page 4303): - Store the IP address, subnet mask, and the router address in the system data type IF_CONF_V4. - Store the device name in the system type IF_CONF_NOS. Observe the restrictions that exist for assigning the name of the device (see parameter CONF_DATA (Page 4303)). - Use store the IP addresses for the NTP time synchronization in the system data type IF_CONF_NTP. - Store the IPv6 address of the PROFINET interface of a CP 1543-1 in the system data type IF_CONF_IPV6. - Store the MAC address of the PROFINET interface of a CP 1543-1 in the system data type IF_CONF_MAC. - Store the IP addresses of up to two DNS servers for the PROFINET interface of a CP 1543-1 in the system data type IF_CONF_DNS. Functional description The "T_CONFIG" instruction works asynchronously, which means its execution extends over multiple calls. The configuration process is started by calling "T_CONFIG" with REQ = 1. Only one job can be active at any time. The block is edge triggered which means that after BUSY= FALSE the block must be re-called with REQ=FALSE to enable the instance. 4300 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "T_CONFIG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con Calling the instruction with REQ = 1 starts processing stant of the instruction. INTERFACE Input HW_INTER FACE I, Q, M, D, L or con Hardware identifier of the interface stant The hardware ID is displayed in the properties of the interface in the device view, and in the system con stants of the PLC tags. CONF_DATA (Page 4303) Input VARIANT D, L Pointer to the higher-level structure that contains the system data types IF_CONF_HEADER, IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC and IF_CONF_DNS (see description of the parameters CONF_DATA). DONE (Page 4309) Output BOOL I, Q, M, D, L Status parameter: BUSY (Page 4309) Output ERROR (Page 4309) Output STATUS (Page 4309) Output ERR_LOC (Page 4309) Output 0: Processing not yet complete. 1: Processing of instruction finished successfully. BOOL I, Q, M, D, L Status parameter: 0: Processing of the instruction has not started, completed or canceled yet. 1: Processing of instruction is in progress BOOL I, Q, M, D, L Status parameter: 0: No error 1: Error DWORD I, Q, M, D, L Detailed status information: Detailed error and status information in the form of an error code are output at the parameter STATUS. DWORD I, Q, M, D, L Error location: 0: Error during execution of the instruction or when assigning parameters. > 0: Errors in the structure or content of the configuration data at the parameter CONF_DATA. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Example In the following example the device name of an IO device is changed with the instruction "T_CONFIG". WinCC Advanced V14 System Manual, 10/2016 4301 Programming the PLC 11.4 Instructions Call of instruction The execution of the instruction is started with REQ=1. The hardware ID of the PROFINET interface is specified at the parameter Interface. The structure "StructConfigData" is referenced at the parameter CONF_DATA. The structure was created in the global data block "DataBlock". Parameter CONF_DATA The structure "StructConfigData" at the parameter CONF_DATA contains the following information: In the Header (IF_CONF_HEADER). SubfieldCount = 1: Indicates that only one additional structure (nos) is used below. In the structure "nos" (system data type IF_CONF_NOS) - Lenght = 11: Information on overall length of the structure NOS (5 bytes for the device name"myplc" + 6 bytes for the parameters Id, Length and Mode) Note: Instead of an absolute length, you can use the default start value (Lenght = 0) for a dynamic length. - Mode = 1: Permanent change of the device name in "myplc". - NOS[1] ... NOS[5]: Device name (1 character / byte) 4302 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also Difference between synchronous and asynchronous instructions (Page 2436) Parameter CONF_DATA (S7-1200, S7-1500) Structure of the configuration data The configuration data at the parameter CONF_DATA can be stored in a global data block or in the section "Static" of the block interface. The configuration data must be stored according to the following structure: Name Data type Description ConfData Struct Parent structure that is assigned at the parameter CONF_DATA. Header IF_CONF_HEAD The header is used to define the number of these system data types. The system data ER type IF_CONF_HEADER must always be included. IPData IF_CONF_V4 The IP address, subnet mask and router address are stored in this system data type. NoS IF_CONF_NOS The PROFINET device names are stored in this system data type. Only create IF_CONF_NOS if you also want to change the device names with "T_CONFIG". NTP IF_CONF_NTP In this system data type, use store the IP addresses of the NTP servers for time synchro nization. IP_V6 IF_CONF_V6 Store the IPv6 address of a CP 1543-1 in this system data type. MAC IF_CONF_MAC Store the MAC address of a CP 1543-1 in this system data type. DNS IF_CONF_DNS Store the IP addresses of up to two DNS servers for a CP 1543-1 in this system data type . WinCC Advanced V14 System Manual, 10/2016 4303 Programming the PLC 11.4 Instructions Create the system data types IF_CONF_HEADER, IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC and IF_CONF_DNS be entering the name of the system data type in the "Data type " column of the data block or the block interface. The name for the system data types can be freely assigned. The system data types can be combined in any order. System data type IF_CONF_Header Use the system data type IF_CONF_Header to specify the number of system data types IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC and IF_CONF_DNS that are used when executing "T_CONFIG". Byte Parameter Data type Start value Description 0 ... 1 FieldType UINT 0 Field type: Must always have the value "0". 2 ... 3 FieldId UINT 0 Error ID: Must always have the value "0". 4 ... 5 SubfieldCount UINT 0 Number of system data types IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC and IF_CONF_DNS used System data type IF_CONF_V4 The IP address, subnet mask and router address are defined with the system data type IF_CONF_V4. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 30 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 18 Length of the system data type IF_CONF_V4 The start value must be used for the length specifi cation since the parameters of IF_CONF_V4 have a fixed length and structure. 4 ... 5 Mode UINT 0 Validity of addressing: 1: Permanent validity of the configuration data 2: Temporary validity of the configuration data including the deletion of existing permanent configuration data 6 ... 9 InterfaceAddress IP_V4 * 0.0.0.0 IP address 10 - 12 SubnetMask IP_V4 * 0.0.0.0 Subnet mask 14 - 16 DefaultRouter IP_V4 * 0.0.0.0 Router address * The data type IP_V4 is a structure of 4 BYTE, which includes the respective address of the respective parameter (e.g. at parameter SubnetMask the four-digit address of the subnet mask of the IP protocol). 4304 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions System data type IF_CONF_NOS With the system data type IF_CONF_NOS you specify the station name to be assigned when the "T_CONFIG" instruction executes. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 40 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 246 Length of the system data type IF_CONF_NOS in bytes. For an absolute length, the value for the Lenght parameter consists of: - 6 bytes for the parameter Id, Length and Mode. - up to 240 bytes for the device name (parameter NOS). Example: An overall length of 10 is the result for the device name "plc1" with a length of 4 characters (=4 bytes). Use the default start value 246 at the Lenght parameter for a dynamic length. Make sure that you enter the value "0" after the name (see description for NOS parameter). WinCC Advanced V14 System Manual, 10/2016 4305 Programming the PLC 11.4 Instructions Byte Parameter Data type Start value Description 4 ... 5 Mode UINT 0 Validity of the device name change: 1: Permanent validity of the device name. 2: Temporary validity of the device name. 6 ... 244 NOS ARRAY [1...240] of Byte 0 Device name (Name of Station) You must occupy the ARRAY from the first byte. The station name is deleted if "0" is assigned as the first byte. The minimum length for the name is 2 bytes. The maximum length for a name is 240 bytes. If the device name is shorter than specified at the parameter Length then a zero byte (16#0 hex) must be entered after the actual station name (according to IEC 61185-6-10). Otherwise NOS will be rejected and the instruction "T_CONFIG" outputs the error codeDW#16#C0809400 at the parameter STATUS. If the device name is longer than specified at the parameter Length then the device name will only be written up to to specified length. The following restrictions apply for the device name: The name must be specified in ASCII code. Only lowercase letters, numbers, hyphen or dots may be used for the name. - The name may not begin or end with a hyphen. - The name may not begin with numbers. - The name may not have the form n.n.n.n (n = 0, ... 999). - The name may not begin with the string "portxyz" or "port-xyz-abcde" (a, b, c, d, e, x, y, z = 0, ... 9). A name component between two points may be up to 63 characters long. No special characters such as umlauts, brackets, underscore, slash, blank etc. The error code C080_9400 is output at the parame ter STATUS if an invalid character is used. 4306 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions System data type IF_CONF_NTP Using the system data type IF_CONF_NTP you specify the IP addresses of the NTP servers for time synchronization. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 17 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 22 Length of the system data type IF_CONF_NTP in bytes The start value must be used for the length specifi cation since the parameters of IF_CONF_NTP have a fixed length and structure. 4 ... 5 Mode UINT 2 Validity: 1: Permanent validity (not permitted) 2: Temporary validity 6 ... 9 NTP_IP[1] ... ... 18 ... 21 NTP_IP[4] ARRAY [1...4] of IP_V4 IP address of NTP server 1 IP address of NTP server 2 ... 3 ARRAY [1...4] of IP_V4 IP address of NTP server 4 System data type IF_CONF_V6 (only when using a CP 1543-1) With the system data type IF_CONF_V6 you define an IPv6 address for the interface selected with INTERFACE. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 22 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 22 Length of the system data type IF_CONF_V6 in bytes The start value must be used for the length specifi cation since the parameters of IF_CONF_V6 have a fixed length and structure. 4 ... 5 Mode UINT 0 Validity of the IPv6 address: 1: Permanent validity 2: Temporary validity 6 ... 21 InterfaceAddress IP_V6 * IPv6 address * The data type IP_V6 is a structure of 16 bytes. WinCC Advanced V14 System Manual, 10/2016 4307 Programming the PLC 11.4 Instructions System data type IF_CONF_MAC (only when using a CP 1543-1) With the system data type IF_CONF_MAC you set a MAC address for the interface selected with INTERFACE. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 3 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 12 Length of the system data type IF_CONF_MAC in bytes The start value must be used for the length specifi cation since the parameters of IF_CONF_MAC have a fixed length and structure. 4 ... 5 Mode UINT 0 Validity of MAC address: 1: Permanent validity 2: Temporary validity 6 ... 11 Mac ARRAY [1...6] of Byte MAC address Note that by changing the MAC address, connec tions can abort. System data type IF_CONF_DNS (only when using a CP 1543-1) With the system data type IF_CONF_DNS you set IP addresses of up to two DNS servers for the interface selected with INTERFACE. Byte Parameter Data type Start value Description 0 ... 1 Id UINT 16 System data type ID The start value of this parame ter must not be changed. 2 ... 3 Length UINT 14 Length of the system data type IF_CONF_DNS in bytes The start value must be used for the length specifi cation since the parameters of IF_CONF_DNS have a fixed length and structure. 4 ... 5 Mode UINT 0 Validity: 1: Permanent validity 2: Temporary validity 6 ... 9 DNS_IP1 IP_V4 IP address of DNS server 1 10 ... 13 DNS_IP2 IP_V4 IP address of DNS server 2 If only one address is to be set, the IP address of DNS server 2 must be set to 0.0.0.0. 4308 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions DONE, BUSY and ERROR parameters (S7-1200, S7-1500) Description The following table shows the relationship between BUSY, DONE and ERROR. Using this table, you can determine the current status of the instruction and when the transfer of configuration data is concluded. BUSY DONE ERROR Description TRUE FALSE FALSE The job is being processed. FALSE TRUE FALSE Job successfully completed. FALSE FALSE TRUE The job ended with an error. The cause of the error can be found in the pa rameter STATUS (Page 4309). FALSE FALSE FALSE The instruction was not assigned a (new) job. Parameter STATUS and ERR_LOC (S7-1200, S7-1500) Description The status and error messages of the instruction "T_CONFIG" are output at the parameters STATUS and ERR_LOC. The cause of the error is output at the parameter STATUS. The location of the error that occurred is output at the parameter ERR_LOC. The following options are available here: - 16#0000_0000: Error when calling the instruction (e.g. errors when assigning parameters to the instruction or in communication with the PROFINET interface). - 16#0001_0000: Error with the configuration data in the parameters of the system data type IF_CONF_HEADER. - 16#0001_000x: Error in the configuration data in the parameters of system data type IF_CONF_V4 or IF_CONF_NOS or IF_CONF_NTP or IF_CONF_V6 or IF_CONF_MAC or IF_CONF_DNS (x specifies the position of the bad sub block in the T_CONFIG structure. If the T_CONFIG structure contains, for example a sub block for the IP address and a sub block for the station name and the error is located in the sub block for the station name, ERR_LOC has the value 0001_0002.) The following table shows the possible values for the parameters STATUS and ERR_LOC: STATUS* ERR_LOC* Explanation 0000_0000 0000_0000 Order processing completed without errors. 0070_0000 0000_0000 No job processing active. 0070_0100 0000_0000 Start of the order processing. 0070_0200 0000_0000 Intermediate call (REQ irrelevant). C08x_yy00 0000_0000 General error information. See also: GET_ERR_ID: Get error ID locally (Page 2690) C080_8000 0000_0000 Error at call of the instruction: The hardware ID at the parameter Interface is invalid. WinCC Advanced V14 System Manual, 10/2016 4309 Programming the PLC 11.4 Instructions STATUS* ERR_LOC* Explanation C080_8100 0000_0000 Error at call of the instruction: The hardware ID at the parameter Interface does not address a PROFINET interface. C080_8700 0000_0000 Error at call of the instruction: Incorrect length of the data block at the parameter CONF_DATA. C080_8800 0001_0000 Error in the system data type IF_CONF_HEADER: The parameter FieldType has an invalid value. Use the value "0" for FieldType. C080_8900 0001_0000 Error in the system data type IF_CONF_HEADER: The parameter FieldId has an invalid value. Use the value "0" for FieldId. C080_8A00 0001_0000 Error in the system data type IF_CONF_HEADER: Incorrect number at the parameter SubfieldCount. Enter the correct number of system data types IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS being used. C080_8B00 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: The parameter Id has an invalid value. For IF_CONF_V4 use "30", for IF_CONF_NOS "40", for IF_CONF_NTP "17", for IF_CONF_V6 "22", for IF_CONF_MAC "3", for IF_CONF_DNS "16". Note: IF_CONF_NTP is only permitted if T_CONFIG is used on the first interface [X1] of an S7-1500 modular CPU. C080_8C00 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: Incorrect data type system used, wrong order or multiple use of a system data type. C080_8D00 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: The parameter Length has an incorrect or invalid value. C080_8E00 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: The parameter Mode has an incorrect or invalid value. With IF_CONF_V4 and IF_CONF_NOS only the values "1" (permanent) or "2" (temporary) are permitted. With IF_CONF_NTP only the value "2" (temporary) is permitted. C080_9000 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: Configuration data cannot be applied. Possible cause: With IF_CONF_V4: In the hardware configuration, the setting "Set IP address on the device" was not selected.. With IF_CONF_NOS: In the hardware configuration, the setting "Set PROFINET device name on the device" was not selected.. With IF_CONF_NTP: In the hardware configuration, the setting "Enable time synchronization via NTP server " was not selected and no IP address was set for NTP servers.. C080_9400 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: C080_9500 0001_000x Error in the system data type IF_CONF_V4, IF_CONF_NOS, IF_CONF_NTP, IF_CONF_V6, IF_CONF_MAC or IF_CONF_DNS: A parameter value is undefined or invalid. The values of two parameters are inconsistent. 4310 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STATUS* ERR_LOC* Explanation C080_C200 0000_0000 Error at call of the instruction: The configuration data can not be transferred. Possible cause: The PROFINET interface is not accessible. C080_C300 0000_0000 C080_C400 0000_0000 C080_D200 0000_0000 Error at call of the instruction: Insufficient resources (e.g., multiple calling of "T_CONFIG" with different parameters). Error at call of the instruction: Temporary communication error. Time indication for change to daylight saving time. Error at call of the instruction: Call not possible. Instruction is not supported by the selected PROFINET interface. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Changes to the communications instructions (S7-1200, S7-1500) Differences between the versions <= V3.x and >= V4.1 of the OUC library (S7-1200, S7-1500) Introduction CPU S7-1200 as of firmware version 4.1 supports new instruction versions for Open User Communication (OUC). The new instructions are included in the library with version 4.1. If you want to use this library, changes must be made to the user program, since some of the new instructions for Open User Communication behave differently. This section describes the differences in detail, especially in the call behavior of the instructions. Note Description only relevant when upgrading from the CPU S7-1200 V4.0 to S7-1200 V4.1 If you are using an S7-1500 CPU, changes between the library versions are not relevant. The same applies if you are using an S7-1200 Version 4.1 and do not convert the library for the Open User Communication to versvon <4.1. Differences between the versions <= V3.x and >= V4.1 of the Open User Communication library The following table shows the instruction that have differences between the versions <= V3.x and >= V4.1 of the Open User Communication library Click on the name of the instruction for detailed information. Instruction Version in library <= V3.x Version in library >= V4.1 (CPU FW V4.0) (CPU FW V4.1) TSEND_C (Page 4312) V2.1 V3.0 TRCV_C (Page 4314) V2.1 V3.0 TMAIL_C * V2.1 V3.0 TCON (Page 4316) V3.0 V4.0 WinCC Advanced V14 System Manual, 10/2016 4311 Programming the PLC 11.4 Instructions Instruction Version in library <= V3.x Version in library >= V4.1 (CPU FW V4.0) (CPU FW V4.1) TDISCON V2.1 V2.1 (identical to library <= V3.x) TSEND (Page 4318) V3.0 V4.0 TRCV (Page 4320) V3.0 V4.0 TUSEND (Page 4318) V3.0 V4.0 TURCV (Page 4320) V3.0 V4.0 T_RESET * V1.1 V1.2 T_DIAG * V1.1 V1.2 T_CONFIG V1.0 V1.0 (identical to library <= V3.x) * There are no differences in the versions that affect the user program. Note Changing the Open User Communication library from a version <= V3.x to a version >= V4.1 When replacing the Open User Communication library from a version <= V3.x to a version >= V4.1 you also need to replace the Modbus TCP library. Afterwards check all the instructions relevant for your program. See also Differences between the versions <= V3.x and >= V4.0 of the Modbus TCP library (Page 4450) Changes with the TSEND_C instruction (S7-1200, S7-1500) Call behavior of TSEND_C (V<3.0) Up to version 2.1 of the TSEND_C instruction, the DONE output parameter is set twice: Once when a connection is established by the internally used TCON instruction and then after a send operation by the internally used TSEND instruction. The following diagram shows the connection establishment and the sending of data with TSEND_C V2.1: 4312 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions 5(4 &217 &20B567 '21( %86< (5525 67$786 &RQQHFWLRQ [ [ [ [ [ [ [ [ [ [ [ [ [ 1RWFRQQHFWHG (VWDEOLVKHG 76(1'B&VWDWXV 1RWDFWLYH &RQQHF &RQQHF &RQQHF 6HQGLQJ 6HQGLQJ WLQJ WLQJ WLQJ 7&21'21( 7',$*'21( 6HQW &RQ QHFWHG &RQ QHFWHG 76(1''21( 6HQGLQJ 6HQGLQJ 6HQW &RQ QHFWHG 76(1''21( When setting the COM_RST parameter to "1", the current connection establishment or a current data transmission can be reset at any time. This terminates the existing communication connection and a new connection is established. Call behavior of TSEND_C (V3.0) As of the TSEND_C version, the DONE parameter is only set when data transfer has been completed by the internally used TSEND instruction (STATUS = 0000). 5(4 &217 &20B567 '21( %86< (5525 67$786 &RQQHFWLRQ [ [ [ [ [ [ [ [ [ [ [ [ [ 1RWFRQQHFWHG (VWDEOLVKHG 76(1'B&VWDWXV 1RWDFWLYH &RQQHF &RQQHF &RQQHF 6HQGLQJ 6HQGLQJ WLQJ WLQJ WLQJ 7&21'21( 7',$*'21( 6HQW &RQ QHFWHG 76(1''21( &RQ QHFWHG 6HQGLQJ 6HQGLQJ 6HQW &RQ QHFWHG 76(1''21( The existing connection is temporarily interrupted and reset when the COM_RST parameter is set to "1". However, unlike TSEND_C V2.1, the connection endpoint is retained. Note Additional protocols with TSEND_C as of version 3.0 Version 3.0 of the TSEND_C instruction also supports UDP and UDP Broadcast via the interface of the CPU and via CM/CP. WinCC Advanced V14 System Manual, 10/2016 4313 Programming the PLC 11.4 Instructions See also TSEND_C: Send data via Ethernet (Page 4200) TSEND_C: Establishing a connection and sending data (Page 4205) Changes with the TRCV_C instruction (S7-1200, S7-1500) Call behavior of TRCV_C (V<3.0) Up to version 2.1 of the TRCV_C instruction, the DONE output parameter is set after the connection is established. The STATUS output parameter does not distinguish whether the connection or the data transfer has been completed. The following diagram shows the connection establishment and the sending of data with TRCV_C V2.1: (1B5 &217 &20B567 '21( %86< (5525 67$786 [ [ [ [ [ [ [ [ [ [ &RQQHFWLRQ 1RWFRQQHFWHG 75&9B&VWDWXV 1RWDFWLYH &RQQHF &RQQHF &RQQHF 5HFHLYLQJ 5HFHLYLQJ5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ WLQJ WLQJ WLQJ (VWDEOLVKHG 7&21'21( 7',$*'21( 75&9'21( 75&9'21( The current connection establishment or a current data transmission can be reset at any time by setting the COM_RST parameter to "1". This terminates the existing communication connection and a new connection is established. 4314 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Call behavior of TRCV_C (V3.0) As of the TRCV_C version, the DONE parameter is only set when data transfer has been completed by the internally used TRCV instruction (STATUS = 0000). The completion of the connection establishment by the internally used TCON instruction is displayed by the output value 0x0001 at the STATUS parameter. (1B5 &217 &20B567 '21( %86< (5525 67$786 [ [ [ [ [ [ [ [ [ [ &RQQHFWLRQ 1RWFRQQHFWHG 75&9B&VWDWXV 1RWDFWLYH &RQQHF &RQQHF &RQQHF 5HFHLYLQJ 5HFHLYLQJ5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ WLQJ WLQJ WLQJ (VWDEOLVKHG 7&21'21( 7',$*'21( 75&9'21( 75&9'21( The existing connection is temporarily interrupted and reset when the COM_RST parameter is set to "1". However, unlike TSEND_C V2.1, the connection endpoint is retained. Note Additional protocols with TRCV_C as of version 3.0 Version 3.0 of the TRCV_C instruction also supports UDP and UDP Broadcast via the interface of the CPU and via CM/CP. Note ADHOC mode for the TCP protocol variant In accordance with the TRCV instruction, with TRCV_C up to version 2.1, ADHOC mode is activated by assigning the value "0" to the LEN parameter. As of version 3.0 of the instruction, you use the ADHOC parameter for this. You can find detailed information in the descriptions of the instructions. See also Changes with the TRCV/TURCV instructions (Page 4320) TRCV_C: Receive data via Ethernet (Page 4214) TRCV_C: Establishing a connection and receiving data (Page 4219) WinCC Advanced V14 System Manual, 10/2016 4315 Programming the PLC 11.4 Instructions Changes with the TCON instruction (S7-1200, S7-1500) Changed call behavior with connection errors Previous call behavior of TCON (V<4.0) The previous TCON instruction (V<4.0) is activated with a rising edge at the REQ input parameter. If the remote communication partner cannot be reached, the instruction sets the BUSY output parameter. An error message is not output. The following diagram shows the behavior of TCON on the part of the active connection partner. If no connection is made, the instruction is not called again. &DOO [ [ [ [ 5(4 '21( %86< (5525 67$786 5HPRWHSDUWQHU [ [ 1RWDYDLODEOH &RQQHFWHG 7&21VWDWXV 1RWDFWLYH &RQQHF WLQJ &RQQHF WLQJ &RQQHF WLQJ &RQQHF WLQJ &RQQHF WLQJ New call behavior of TCON (V4.0) The new TCON instruction is also activated with a rising edge at the REQ input parameter. Unlike before, an error message is output when the remote communication partner cannot be reached. The error can be queried and the call started again by a new edge at the REQ parameter. The following changes result for the user program: - Additional error messages of TCON that can be evaluated (see description of TCON (Page 4258)). - The connection establishment can be re-initialized via a new rising edge. To do this, query the DONE and ERROR parameters to ensure that an error is present. The following diagram shows the behavior of TCON on the part of the active connection partner. The instruction is called again after a network error (error code 80C6). 4316 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions &DOO [ [ [& [ 5(4 '21( %86< (5525 67$786 [ [ [ [ [ 1RWDYDLODEOH 5HPRWHSDUWQHU &RQQHFWHG 7&21VWDWXV 1RWDFWLYH &RQQHF WLQJ &RQQHF WLQJ &RQQHF WLQJ (UURU 1RWDFWLYH &RQQHF WLQJ &RQQHF WLQJ &RQQHF WLQJ Call behavior without communication errors If there is no connection error, the TCON versions have the same behavior. The following diagram shows the behavior of TCON on the part of the active connection partner. &DOO [ [ [ [ 5(4 '21( %86< (5525 67$786 5HPRWHSDUWQHU [ [ 1RWDYDLODEOH $YDLODEOH 1RWDFWLYH &RQQHF WLQJ &RQQHF WLQJ &RQQHFWHG 7&21VWDWXV &RQQHF WLQJ &RQ QHFWHG &RQ QHFWHG See also TCON: Establish communication connection (Page 4254) WinCC Advanced V14 System Manual, 10/2016 4317 Programming the PLC 11.4 Instructions Changes with the TSEND/TUSEND instructions (S7-1200, S7-1500) Send operation with an established connection If no delay or interruption occurs during sending, versions 3.0 and 4.0 of the TSEND/TUSEND instructions behave the same way: The instruction is started with a positive edge at the "REQ" parameter. The instruction is executed asynchronously, i.e. it must be called until the full execution is indicated by the DONE parameter. A maximum of 8 KB of data can be sent with TSEND. A maximum of 1472 bytes can be sent with TUSEND. The amounts are based on the full execution of the instruction, i.e. all required calls until the DONE parameter is set. Data transmission takes place in three steps: - The data is written from the operand area to an internal buffer (indicated by STATUS=7001). - The transmission to the remote communication partner follows. - If the transmission is successful, DONE is set to "1" and STATUS is reset to "0" (see call 5 in the diagram below). &DOO [ [ [ [ 5(4 '21( %86< (5525 67$786 [ [ /(1 PD[ .% .% ,QWHUQDO &RQQHFWHG 76(1'VWDWXV 1RWDFWLYH 6HQGLQJ 6HQGLQJ 6HQGLQJ 6HQW 1RWDFWLYH Send operation with time-delayed call If the send operation is not performed via a communication module (CM) or a communication processor (CP), versions 3.0 and 4.0 of the TSEND/TUSEND instructions behave the same way: In the following example, TSEND or TUSEND are only called once with a rising edge at the REQ parameter (see call 2 in the diagram below). If the time delay is sufficiently long and the data could be transferred, the DONE parameter is set directly to "1" in the next call (call 3 here). 4318 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions &DOO 7LPHGHOD\ 1RFDOO 5(4 '21( %86< (5525 67$786 [ [ /(1 PD[ .% .% [ [ ,QWHUQDO &RQQHFWHG 76(1'VWDWXV 1RWDFWLYH 6HQGLQJ 6HQGLQJ 6HQGLQJ 6HQW 1RWDFWLYH If the send operation is performed via a CM/CP, version 4.0 of the TSEND/TUSEND instructions behaves differently. In this case, the instruction must be called multiple times until the receipt of data is confirmed by the NDR parameter of the TRCV/TURCV instructions. Send operation with interrupted connection If the connection is interrupted during the send operation, the ERROR and STATUS parameters indicate the error and its cause. In the following example, the connection was interrupted during call number 5 and this error is indicated accordingly with the STATUS parameter. As of version 4.0 of the TSEND/TUSEND instructions, more STATUS alarms are available that can be correspondingly evaluated (see description of TSEND (Page 4269)/TUSEND (Page 4282)) . &DOO [ [ [& [ 5(4 '21( %86< (5525 67$786 /(1 PD[ &RQQHFWLRQ 76(1'VWDWXV [ [ .% .% .% ,QWHUQDO .% ,QWHUUXSWHG (VWDEOLVKHG 1RWDFWLYH 6HQGLQJ [ [ 6HQGLQJ 6HQGLQJ (UURU [ ,QWHUQDO (VWDEOLVKHG 1RWDFWLYH 6HQGLQJ 6HQGLQJ 6HQGLQJ See also TSEND: Send data via communication connection (Page 4266) WinCC Advanced V14 System Manual, 10/2016 4319 Programming the PLC 11.4 Instructions Changes with the TRCV/TURCV instructions (S7-1200, S7-1500) Receive operation with an established connection If no delay or interruption occurs during sending, version 3.0 and 4.0 of the TRCV/TURCV instructions behave the same way: A maximum of 8 KB of data can be sent with TRCV. A maximum of 1472 bytes can be received with TURCV. The amounts are based on the full execution of the instruction, i.e. all required calls until the DONE parameter is set. The instruction receives data if the EN_R parameter is set to "1". The data reception is not complete until the length of data specified at the the LEN parameter has been completely received. The length of the received data is output at the RCVD_LEN output parameter. Only then does the data in the area defined at the DATA parameter become available. &DOO (1B5 /(1 PD[ 1'5 %86< .% .% ,QWHUQDO [ [ [ [ [ [ PD[.% (5525 67$786 5&9'B/(1 &RQQHFWLRQ 75&9VWDWXV (VWDEOLVKHG 1RWDFWLYH 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 1RWDFWLYH Receive operation with time-delayed call If the send operation is not performed via a communication module (CM) or a communication processor (CP), versions 3.0 and 4.0 of the TRCV/TURCV instructions behave the same way: In the following example, TRCV or TURCV are only called once with a rising edge at the EN_R parameter (see call 2 in the diagram below). If the time delay is sufficiently long and the data could be transferred, the NDR parameter is set directly to "1" in the next call (call 3 here). 4320 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions &DOO 'HOD\ 1RFDOO (1B5 /(1 PD[ 1'5 %86< .% .% ,QWHUQDO (5525 67$786 [ [ 5&9'B/(1 &RQQHFWLRQ 75&9VWDWXV [ [ PD[N% (VWDEOLVKHG 1RWDFWLYH 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 1RWDFWLYH If the send operation is performed via a CM/CP, version 4.0 of the TSEND/TUSEND instructions behaves differently. In this case, the instruction must be called multiple times until the receipt of data is confirmed by the NDR parameter. Receive operation with interrupted connection If the connection is interrupted during receiving, the ERROR and STATUS parameters indicate the error and its cause. In the following example, call number 5 resulted in a temporary communication error, which is accordingly indicated by the STATUS parameter. &DOO [ [ [& [ (1B5 /(1 1'5 %86< (5525 67$786 [ [ .% .% ,QWHUQDO .% [ [ .% 5&9'B/(1 ,QWHUQDO (VWDEOLVKHG &RQQHFWLRQ 75&9VWDWH [ (VWDEOLVKHG 1RWDFWLYH 6HQGLQJ 6HQGLQJ 6HQGLQJ (UURU 1RWDFWLYH 6HQGLQJ 6HQGLQJ 6HQGLQJ As of version 4.0 of the TRCV/TURCV instructions, more STATUS alarms are available that can be correspondingly evaluated (see description of TRCV (Page 4277)/TURCV (Page 4286)). WinCC Advanced V14 System Manual, 10/2016 4321 Programming the PLC 11.4 Instructions Receive operation using ADHOC mode ADHOC mode is only available with the TCP protocol variant. You can use ADHOC mode to receive data of variable length with the TRCV/TURCV instruction. If ADHOC mode is active, the receipt of data is confirmed at the NDR parameter when at least one byte has been transferred. Data reception in ADHOC mode with TRCV < 3.0 (S7-1200 < V4.0) In the older version of TRCV (Page 4273), ADHOC mode was activated by setting the LEN parameter to "0". In the following example, 10 bytes of data are transferred with call 5. &DOO (1B5 /(1 PD[ 1'5 %86< $FWLYDWLRQRIWKH$'+2&PRGH (5525 67$786 5&9'B/(1 &RQQHFWLRQ 75&9VWDWXV [ [ [ [ [ [ E\WHV (VWDEOLVKHG 1RWDFWLYH 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 1RWDFWLYH Data receipt in ADHOC mode with TRCV 3.0 (S7-1200 V4.0 or S7-1500) As of version 3.0 of the TRCV instruction, ADHOC mode is activated with its own parameter (ADHOC). 4322 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions &DOO (1B5 /(1 0D[.% 0D[.% ,QWHUQDO $'+2& 1'5 %86< (5525 67$786 5&9'B/(1 &RQQHFWLRQ 75&9VWDWXV [ [ [ [ [ [ E\WHV (VWDEOLVKHG 1RWDFWLYH 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 5HFHLYLQJ 1RWDFWLYH If an error occurs during execution, as of version 4.0 of the TRCV instructions, there are more STATUS alarms available which can be evaluated accordingly. If the send operation is performed via a CM/CP, version 4.0 of the TRCV/TURCV instructions behaves differently. In this case, the instruction must be called multiple times until the receipt of data is confirmed by the NDR parameter. Web server (S7-1200, S7-1500) WWW: Synchronizing user-defined Web pages (S7-1200, S7-1500) WWW: Synchronizing user-defined web pages (S7-1200, S7-1500) Description The instruction WWW initializes the Web server of the CPU or synchronizes user-defined web pages with the user program in the CPU. User-defined web pages together with the Web server make it possible for the CPU to access freely designed web pages of the CPU with a web browser. Use script instructions (such as Javascript) and HTML code in user-defined web pages to transfer data via a web browser for further processing to the CPU and to display data from the operand area of the CPU in the web browser. Call the WWW instruction in the user program for synchronization of the user program and the Web server as well as initialization. WinCC Advanced V14 System Manual, 10/2016 4323 Programming the PLC 11.4 Instructions Initialization User-defined web pages are "packaged" in data blocks for processing by the CPU. You will have to generate appropriate data blocks from the source files (HTML files, screens, Javascript files, ...) during configuration. The Web Control DB takes on a special role (default: DB 333). It contains status and control information as well as links to additional data blocks with coded web pages. The data blocks with coded web pages are called fragment DBs. When the data block is downloaded into the CPU, the CPU does not "know" that user-defined web pages are coded inside it. The instruction "WWW" in the startup OB, for example, will inform the CPU which DB is the Web Control DB. The user-defined web pages can be accessed via a web browser after this initialization. Synchronization If you want the user program to interact with the user-defined web pages, then the instruction WWW must be used in the cyclical program part. Examples of interaction between user program and web page: Check received data Assemble and send back data to the web browser making the request In this case it must be possible to evaluate the current status information and the Web server must receive control information, such as release of a web page requested by a web browser. Parameter The following table shows the parameters of the "WWW" instruction: Parameter Declaration Data type Memory area CTRL_DB Input DB_WWW I, Q, M, D, L or constant Data block that describes the user-defined web pages (Web Control DB) RET_VAL Output INT Error information I, Q, M, D, L Description For additional information on valid data types, refer to Overview of the valid data types (Page 2131). 4324 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions RET_VAL parameter Error code Explanation (W#16#...) 0000 No error occurred. There are no web page requests that have to be released by the user program. 00xy x: indicates whether an error has occurred during initialization of the Web Control DB (CTRL_DB): x=0: No errors occurred. x=1: Error occurred. The error is coded in the byte "CTRL_DB.last_error" of the Web Control DB, see description of Web Control DB. y: Number of the pending request. Several requests are possible (e. g. requests "0" and "1" are pending: y="3". y="1": Request "0" y="2": Request "1" y="4": Request "2" y="8": Request "3" 803A The specified Web Control DB does not exist on the CPU. 8081 Incorrect version or incorrect format of the Web Control DB. 80C1 There are no resources to initialize the web application, for example, because only two or four web applications may be running. Example You will find the example here: Program example of WWW (Page 4325). You can find additional information and the program code for the example here: Sample Library for Instructions (Page 2434). See also Overview of the valid data types (Page 2131) Program example of WWW (S7-1200, S7-1500) Introduction In the following example, you synchronize a user-defined Website with the program example in a CPU S7-1500 and test the program example via a Web server. WinCC Advanced V14 System Manual, 10/2016 4325 Programming the PLC 11.4 Instructions Requirement Create nineteen tags in a global data block for storing the data. Interconnect parameters - in FB "SLI_FB_www" You create the following interconnections in an FB "SLI_FB_www": You call the FB in an OB1. Network 1: Interconnect the parameters of the "WWW" instruction as follows. Network 2: You create the program for the Website in the FC "SLI_FC_MainWebProg_www". You then call the FC "SLI_FC_MainWebProg_www" in network 2 of the FB. 4326 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Interconnecting parameters - in FC "SLI_FC_SetTOD_www" In an FC "SLI_FC_SetTOD_www" you create a program for using a time-of-day interrupt OB (OB11). You create the following interconnections: Network 1: In the FC you interconnect the following local tags with the instructions "RD_SYS_T" and "T_ADD". Network 2: This is followed by interconnecting the tags for setting the time-of-day interrupt OB. The local tag "#startDateTime" (data type "Date_And_Time") transfers the start time to the timeof-day interrupt OB. Network 3: This is followed by interconnecting the tags for activating the time-of-day interrupt OB. WinCC Advanced V14 System Manual, 10/2016 4327 Programming the PLC 11.4 Instructions Interconnecting parameters - in the OB "SLI_todOB_www" In the time-of-day interrupt OB "SLI_todOB_www" (OB11) you create the following interconnections for cyclic increasing of the tag "tankLevel". Interconnecting parameters - in the FC "SLI_FC_MainWebProg_www" You create the following interconnections in the FC "SLI_FC_MainWebProg_www". The program "SLI_FC_MainWebProg_www" allows control of a motor, a valve and the tank filling. In addition to this the output of various interrupt statuses is made possible. The program is controlled via the Web server. Network 1: You call the FC "SLI_FC_SetTOD_www" in the FC "SLI_FC_MainWebProg_www". Network 2: This is followed by interconnecting the tags for opening the valve. Network 3: This is followed by interconnecting the tags for starting the motor. Network 4: This is followed by interconnecting the tags for querying the interrupt status "1". 4328 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Networks 5 to 8: This is followed by interconnecting the tags for querying the interrupt status "2". Interconnect the tags for querying the other interrupt statuses in the same way. Network 9: This is followed by interconnecting the tags for resetting the the motor and the filling of the tank.. Network 10: This is followed by interconnecting the tags for resetting all the other values (BOOL). WinCC Advanced V14 System Manual, 10/2016 4329 Programming the PLC 11.4 Instructions Setting CPU properties Make the following settings in the CPU properties: In "... > PROFINET interface > Web server" enable the Web server access. In "CPU properties > Web server enable the Web server for the module, In the section "User administration" create a new user with read and write rights. Make the following settings in the section "User-defined Websites": - You set the "HTML file path". Note The storage path should be the same as the path of the Sample Library for Instructions (SLI). The folder name is "SLI_html". For example: "C:\TIA\_library\SLI_html". - Enter the text "index.html" for the "Standard HTML page. - For the application you enter the name "WWW sample". - Click the "Create DB" button. The Web DB (333) and the Fragment DB (334) are then created. Result for WWW If the normally open contact ("executeWWW") supplies the signal state "TRUE", the "WWW" instruction is executed. The number of the data block that describes user defined Website is stored via the the input parameter CTRL_DB ("333"). The "WWW" instruction initializes the user defined Website in the Web server of the CPU and immediately synchronizes the program example. The output parameter RET_VAL("#statInt" or "returnValueWWW") indicates that processing is taking place without errors. 4330 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Result for the Web server You call the Web server via the "Internet browser > IP of the Web server". You log in with your user name user name and -password. In the Web server in "User pages" a link to the website defined by the user is displayed. On the Website of the program example it is possible for you to output tags and transfer new values to the tags. WinCC Advanced V14 System Manual, 10/2016 4331 Programming the PLC 11.4 Instructions Functions used in the HTML document Below you will see excerpts of the functions used in the program example with which the tags are transferred to the source code in the HTML document. For each function a tag is implemented via a call in the HTML document and at the relevant location in the HTML document is used with a further call. Function To call in the HTML document Data output: <!-- AWP_In_Variable :="SLI_gDB_www".tankLevel: Name='"SLI_gDB_www".tankLevel ' --> Enumeration (value replacement): <!-- AWP_Enum_Def Name="OpValvValue" Values='0:"Closed", 1:"Opened"' --> 4332 To output in the HTML element <!-- AWP_Enum_Ref Name='"SLI_gDB_www".valveOutp ut' Enum="OpValvValue" ->:="SLI_gDB_www".valveOutput: WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Function To call in the HTML document Value change (from INT): <!-- AWP_In_Variable <form method="post" Name='"SLI_gDB_www".flowrate' action="" onsubmit="return --> check();"> <input type="text" name='"SLI_gDB_www".flowrate' size="10px"/> <input class="button1" type="submit" value="Set flowrate"/> </form> To output in the HTML element Value change (from BOOL): <!-- AWP_Enum_Def Name="ResetValue" Values='0:"Off", 1:"On"' --> <form method="post" action=""> <input class="button1" type="submit" value="Reset"/> <input type="hidden" name='"SLI_gDB_www".reset' size="34px" value="1"/> </form> Program code You can find additional information and the program code for the above-named example here: Sample Library for Instructions (Page 2434). WinCC Advanced V14 System Manual, 10/2016 4333 Programming the PLC 11.4 Instructions Communications processor (S7-1200, S7-1500) SIMATIC NET CM/CP (S7-1200, S7-1500) S7-1200 CM/CP (S7-1200, S7-1500) Telecontrol (S7-1200, S7-1500) Telecontrol instructions (S7-1200, S7-1500) TC_CON: Establish connection via the GSM network (S7-1200, S7-1500) Meaning The TC_CON instruction allows an S71200 with a CP 12427 to establish a connection of the following types: ISOONTCP Connection partner is a CP 12427. ISOONTCP connections are used only in "GPRS direct" mode. UDP Any connection partner is possible. SMS The connection partner is an SMS client. Telecontrol connection The connection partner is either a telecontrol server or another station that can be reached via the telecontrol server. A TC_CON establishes exactly one connection. Depending on the mode of the CP 1242-7 and the protocol you are using, a maximum of 3 to 5 simultaneous connections with unique IDs (see below) are supported per CP. You will find the maximum number of simultaneous connections in the performance data of the CP. The CONNECT parameter uses a data block (DB) with the structure of a system data type (SDT) for the connection description. The required connection type is defined using a connection-specific SDT "TCON_..." (see below). For each of the connection types listed above, one of the following SDTs must be assigned: TCON_IP_RFC for ISOONTCP connections TCON_IP_V4 for UDP connections TCON_PHONE for SMS connections TCON_WDC for telecontrol connections The "ActiveEstablished" parameter of these SDTs also specifies whether or not connection establishment is active or passive. 4334 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For parameter settings for these SDTs, see TCON_...: SDTs for the telecontrol connection establishment (Page 4349). The ID parameter references the GPRS connection. The ID is assigned and must be unique within the CPU. The INTERFACE parameter references the GPRS interface of the required local CP. This must be taken from STEP 7. Call interface in FBD representation 7&B&21 %22/ 5(4 %86< %22/ &211B28& ,' '21( %22/ +:B,17(5)$&( ,17(5)$&( (5525 %22/ 7&21B3DUDP &211(&7 67$786 :25' Explanation of the formal parameters The following table explains all the formal parameters for the TC_CON instruction. Parameter Declaration Data type Range of values Description REQ INPUT BOOL 0, 1 The instruction is started and the status codes initialized on a rising edge. Updating of the DONE, ERROR and STA TUS status codes when there is a positive edge. ID INPUT CONN_OUC 1...07FFh Reference to the relevant connection. The ID is assigned. The value of ID is also required by the system data type (SDT) of the CONNECT parameter. INTERFACE INPUT HW_INTER FACE CONNECT INOUT TCON_Param Reference to the interface of the local CP 12427 (see STEP 7 > CP configura tion > Telecontrol interface > "Hardware identifier") See also "TCON_...: SDTs for telecontrol connection estab lishment" Reference to a data block for connection establishment. The SDTs of the type TCON_IP_RFC, TCON_IP_V4, TCON_PHONE or TCON_WDC specify the structure of the data block suitable for the relevant con nection. In the SDTs, note the parameter "Active Established" (active / passive connection establishment). WinCC Advanced V14 System Manual, 10/2016 4335 Programming the PLC 11.4 Instructions Parameter Declaration Data type Range of values Description ENO OUTPUT BOOL 0: Error Enable output If there is a runtime error with the instruc tion, ENO = 0 is set. 1: Error-free BUSY OUTPUT BOOL 0: Execution of the instruction not started, completed or abor ted Display of the processing status of the in struction DONE OUTPUT BOOL 0: - ERROR OUTPUT BOOL 0: - Error code 1: Error For the meaning in conjunction with the parameters DONE and STATUS, refer to Codes of the instruction. 1: The instruction is executing STATUS OUTPUT This parameter indicates whether or not 1: The instruction executed suc the job was completed without errors. cessfully For the meaning in conjunction with the parameters ERROR and STATUS, refer to Codes of the instruction. WORD Status code For the meaning in conjunction with the parameters DONE and ERROR, refer to Codes of the instruction. The codes BUSY, DONE and ERROR The codes of DONE and ERROR are relevant only when BUSY = 0. BUSY DONE ERROR Meaning 0 0 0 No job being executed You will find all other code combinations of DONE and ERROR in the following table. When called, the instruction remains in the BUSY = 1 state for several seconds. In the following situations, the BUSY state = 1 can last for a longer time: On active ISO-on-TCP connections if the partner cannot be reached. On passive connections when no frame is received. The codes DONE, ERROR and STATUS The following table shows the condition codes formed based on DONE, ERROR and STATUS that must be evaluated by the user program. DONE ERROR STATUS Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active (first instruction call) 0 0 7001H Job processing started (first instruction call) 0 0 7002H Job processing already active (renewed instruction call when BUSY = 1) 0 1 8086H Illegal value for ID 0 1 8087H Maximum number of connections reached, no further connection possible 4336 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions DONE ERROR STATUS Meaning 0 1 80E3H The ID is already being used by another connection. This means for TC_SEND, TC_RECV or TC_DISCON, BUSY is currently TRUE. The status code is output when EN_R of TC_RECV is permanently TRUE. This mostly results in TC_RECV being called. Remedy for this situation: Turn EN_R off before TC_CON or TC_DISCON is called. EN_R may only be turned on again if TC_CON exe cuted free of errors. 0 1 80E6H No query in progress (instruction call not started) 0 1 80E8H Remote partner cannot be reached. Check the connection parameters. In the "GPRS direct" mode, the message is output if the partner can be reached but is not accepting a connection request. 0 1 80EBH Request temporarily denied (TC_CON has already been called with the same destination address.) 0 1 80ECH Opening the Listener Port failed: 0 1 80F2H The CP is in the wrong mode: Check the connection parameters. Telecontrol connections are permitted only in "Telecontrol" mode. ISOONTCP connections are permitted only in "GPRS direct" mode. 0 1 80F3H No free connection endpoint for sending data: Use less connections or Use less passive connections or Turn off NTP. Remember the maximum number of simultaneous connections of the CP 1242-7. 0 1 80F4H Connection endpoint cannot be generated: Repeat the call. If necessary, check the connection parameters. 0 1 80F5H Invalid connection endpoint: Connection establishment by TC_CON failed. Repeat the block call. 0 1 80F6H Format error of a parameter in the called data block (wrong length, wrong format, invalid value or phone number in TCON_Phone longer than 20 characters) Check the configuration of the "TC_CON..." SDT. TC_DISCON: Terminate connection via the GSM network (S7-1200, S7-1500) Meaning The TC_DISCON instruction on an S71200 with CP 12427 terminates an ISOONTCP, UDP, SMS or telecontrol connection that was established with the TC_CON instruction. You will find detailed information on the connection types in the description of the TC_CON instruction. TC_DISCON terminates the connection to the telecontrol server only logically. At the TCP/IP level, the connection is retained. WinCC Advanced V14 System Manual, 10/2016 4337 Programming the PLC 11.4 Instructions If you want the connection to the telecontrol server to be terminated physically, configure the connection as a "Temporary connection" in the "telecontrol server" parameter group in STEP 7. Temporary stations terminate the connection automatically after sending the data. Note Stopping the execution of further program blocks by TC_DISCON Calling up TC_DISCON ends the execution of TC_CON, TC_SEND, and TC_RECV blocks, that were called up with the same connection ID (parameter "ID") and interface ( parameter "INTERFACE"). These blocks then signal an ERROR. Do not call up TC_DISCON if TC_CON indicates "Error = 1". If TC_CON indicates "ERROR", then the connection is not established. In this case TC_DISCON must not be called. If TC_DISCON is called in this case, the connection ID ("ID") is briefly reserved, and a TC_CON called up immediately afterwards would indicate ERROR and STATUS 80E3. The ID parameter references the GPRS connection. The ID must be unique within the CPU and the same as the ID used with TC_CON. The INTERFACE parameter references the GPRS interface of the required local CP. The value must be the same as that used by TC_CON for INTERFACE. Call interface in FBD representation 7&B',6&21 %22/ 5(4 %86< %22/ &211B28& ,' '21( %22/ +:B,17(5)$&( ,17(5)$&( (5525 %22/ 67$786 :25' Explanation of the formal parameters The following table explains all the formal parameters for the TC_DISCON instruction Parameter Declaration Data type Range of values Description REQ INPUT BOOL 0, 1 The instruction is started and the status codes initialized on a rising edge. Updating of the DONE, ERROR and STA TUS status codes when there is a positive edge. ID 4338 INPUT CONN_OUC 1...07FFh Reference to the relevant connection WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type INTERFACE INPUT HW_INTER FACE ENO OUTPUT BOOL Range of values Reference to the interface of the local CP 12427 (see STEP 7 > CP configura tion > Telecontrol interface > "Hardware identifier") 0: Error 1: Error-free BUSY OUTPUT BOOL Description 0: Execution of the instruction not started, completed or abor ted Enable output If there is a runtime error with the instruc tion, ENO = 0 is set. Display of the processing status of the in struction 1: The instruction is executing DONE OUTPUT BOOL 0: - ERROR OUTPUT BOOL 0: - Error code 1: Error For the meaning in conjunction with the parameters DONE and STATUS, refer to Codes of the instruction. STATUS OUTPUT This parameter indicates whether or not 1: The instruction executed suc the job was completed without errors. cessfully For the meaning in conjunction with the parameters ERROR and STATUS, refer to Codes of the instruction. WORD Status code For the meaning in conjunction with the parameters DONE and ERROR, refer to Codes of the instruction. The codes BUSY, DONE and ERROR The codes of DONE and ERROR are relevant only when BUSY = 0. BUSY DONE ERROR Meaning 0 0 0 The instruction has not yet been called. You will find all other code combinations of DONE and ERROR in the following table. Note When called, the instruction remains in the BUSY = 1 state for several seconds. The codes DONE, ERROR and STATUS The following table shows the condition codes formed based on DONE, ERROR and STATUS that must be evaluated by the user program. DONE ERROR STATUS Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active (first instruction call) 0 0 7001H Job processing started (first instruction call) 0 0 7002H Job processing already active (renewed instruction call when BUSY = 1) WinCC Advanced V14 System Manual, 10/2016 4339 Programming the PLC 11.4 Instructions DONE ERROR STATUS Meaning 0 1 8086H Illegal value for ID 0 1 80E4H Unknown ID: No connection with this ID has been established by TC_CON. 0 1 80E6H No query in progress (instruction call not started) 0 1 80F5H Invalid connection endpoint: Connection establishment by TC_CON failed or Connection terminated by remote partner. 0 1 80F6H Format error of a parameter in the called data block (wrong length, wrong format or invalid value) Check the configuration of the "TC_CON..." SDT. TC_SEND: Send data via the GSM network (S7-1200, S7-1500) Meaning The TC_SEND instruction allows the sending of data via programmed connections of the following types: ISOONTCP connections UDP connections SMS connections The sending of SMS messages is supported only if this was set up in the STEP 7 configuration of the CP. Telecontrol connections Note Sending SMS messages to multiple recipients If you want to send an identical SMS message to several recipients, you need to establish a connection to each recipient. You will find more detailed information on the connection types in the description of the TC_CON instruction. The ID parameter references the GPRS connection. The value of ID must correspond to the value used for ID by TC_CON. The INTERFACE parameter references the GPRS interface of the required local CP. The value must be the same as that used by TC_CON for INTERFACE. The amount of data to be sent is specified with the LEN parameter. The size of the data area specified in DATA must be at least as large as the number of bytes configured for LEN. Permitted data types in the data area specified in DATA are all except BOOL and ARRAY of BOOL. The destination address (connection partner) for the data to be sent is configured in the TC_CON instruction. 4340 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Call interface in FBD representation 7&B6(1' %22/ 5(4 %86< %22/ &211B28& ,' '21( %22/ +:B,17(5)$&( ,17(5)$&( (5525 %22/ 8,17 /(1 67$786 :25' 9$5,$17 '$7$ Explanation of the formal parameters The following table explains all the formal parameters for the TC_SEND instruction. Parameter Declaration Data type Range of values Description REQ INPUT BOOL 0, 1 The instruction is started and the status codes initialized on a rising edge. Updating of the DONE, ERROR and STA TUS status codes when there is a positive edge. ID INPUT CONN_OUC INTERFACE INPUT HW_INTER FACE LEN INPUT UINT 1...07FFh Reference to the relevant connection Reference to the interface of the local CP 12427 (see STEP 7 > CP configura tion > Telecontrol interface > "Hardware identifier") 1...2048 Number of bytes of data to be sent. The value must be 1 and 2048. The value should match the size of the range of DATA. DATA INOUT VARIANT ENO OUTPUT BOOL Address reference to the send data area of the CPU * 0: Error 1: Error-free BUSY OUTPUT BOOL 0: Execution of the instruction not started, completed or abor ted Enable output If there is a runtime error with the instruc tion, ENO = 0 is set. Display of the processing status of the in struction 1: The instruction is executing DONE OUTPUT WinCC Advanced V14 System Manual, 10/2016 BOOL 0: - This parameter indicates whether or not 1: The instruction executed suc the job was completed without errors. ** cessfully For the meaning in conjunction with the parameters ERROR and STATUS, refer to Codes of the instruction. 4341 Programming the PLC 11.4 Instructions Parameter Declaration Data type Range of values Description ERROR OUTPUT BOOL 0: - Error code 1: Error For the meaning in conjunction with the parameters DONE and STATUS, refer to Codes of the instruction. STATUS OUTPUT WORD Status code For the meaning in conjunction with the parameters DONE and ERROR, refer to Codes of the instruction. * For special features of the DATA parameter for SMS texts, refer to the next section. ** After sending a frame, TC_SEND sets DONE = 1. Note the following response: The loss of an ISO-on-TCP connection is only recognized by the sender after 1 to 2 minutes. The transferred data may be lost although TC_SEND has set DONE = 1 at the sender. If an ISO-on-TCP connection is aborted after receiving a frame before TC_RECV was started, the transferred data may be lost even if TC_SEND sets DONE = 1 at the sender. Configuring SMS texts with the DATA parameter The instruction sends the data referenced by the pointer of the type VARIANT of the DATA parameter as an SMS text. If an operand of the data type STRING is referenced by DATA for SMS texts, the first two bytes are transferred with length information of the string. One option for the correct text representation of SMS messages to be sent is to convert the text string into an Array of BYTE or Array of CHAR using the conversion function Strg_TO_Chars. Strg_TO_Chars at the EN parameter is linked to the output parameter ENO by TC_SEND. For SMS texts, the CP does not support all special characters, for example umlauts (u, a etc.). The specification GSM 03.38 applies. There may be additional restrictions imposed by the GSM network provider. The codes BUSY, DONE and ERROR The codes of DONE and ERROR are relevant only when BUSY = 0. BUSY DONE ERROR Meaning 0 0 0 No job being executed You will find all other code combinations of DONE and ERROR in the following table. The codes DONE, ERROR and STATUS The following table shows the condition codes formed based on DONE, ERROR and STATUS that must be evaluated by the user program. DONE ERROR STATUS * Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active (first instruction call) 0 0 7001H Job processing started (first instruction call) 4342 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions DONE ERROR STATUS * Meaning 0 0 7002H Job processing already active (renewed instruction call when BUSY = 1) 0 1 8086H Illegal value for ID 0 1 80E0H Internal error If you send the frames directly to the telecontrol server (mode "Telecontrol"), make sure that the send cycle time is 1 second. 0 1 80E1H Timeout: Increase the value of the "Connection monitoring time" in the configuration of the CP 1242-7 or Check the connection partner. 0 1 80E4H Unknown ID: First call TC_CON. 0 1 80E6H No query in progress (instruction call not started) 0 1 80E7H Data to be sent not completely transferred: 0 1 80E8H Repeat the job. Remote partner cannot be reached. Check the connection parameters. In the "GPRS direct" mode, the message is output if the partner can be reached but is not accepting a connection request. 0 1 80E9H Connection establishment by remote partner: Check the connection partner. If necessary, terminate the connection with TC_DISCON and establish it again with TC_CON. 0 1 80EAH Error message from remote partner: Check the connection partner. Enable the "TC_RECV" instruction on the communications partner. If necessary, terminate the connection with TC_DISCON and establish it again with TC_CON. 0 1 80EFH SMS could not be sent: Check whether the destination address (telephone number of the destination subscriber) exists. Check whether the inserted SIM card allows sending of SMS. Check the length of the SMS text that was sent. SMS texts > 160 characters will not be sent. Make sure that when the data block TCON_PHONE was created, the "Standard" option was selected for block access. 0 1 80F1H Sending of SMS messages is not enabled in the STEP 7 configuration of the CP: Enalble the "Allow SMS" option in the configuration of the CP. 0 1 80F4H Connection endpoint cannot be generated: Check the connection partner. 0 1 80F5H Invalid connection endpoint: Connection establishment by TC_CON failed. or Connection terminated by remote partner: First call TC_DISCON. 0 1 80F6H Format error of a parameter in the called data block (wrong length, wrong format or invalid value): Check the configuration of the "TC_CON..." SDT. WinCC Advanced V14 System Manual, 10/2016 4343 Programming the PLC 11.4 Instructions * Further statuses that are not listed here can be found in the status display is of the "RDREC" or "WRREC" instructions in the two middle status bytes (STATUS[2], STATUS[3]). TC_RECV: Receive data via the GSM network (S7-1200, S7-1500) Meaning The TC_RECV instruction allows the reception of data via programmed connections of the following types: ISOONTCP connections SMS connections To receive SMS messages, the phone number of the sender must be configured in the STEP 7 configuration of the receiving CP (authorized phone numbers). The sender must support the CLIP function. The phone number of the connection partner must be entered in the "TCON_PHONE" SDT. Wake-up SMS messages are filtered out. Telecontrol connections Note Receiving SMS messages from different senders If you want to receive SMS messages from different senders, you have two alternatives: You configure several connections (TC_CON, TC_RECV, TC_DISCON). or You may only enter no telephone number for only one configured connection in the required data block "TCON_PHONE" in the "PhoneNumber" parameter. When receiving messages, this is then interpreted as a placeholder for all authorized connection partners. You will find more detailed information on the connection types in the description of the TC_CON instruction. The ID parameter references the GPRS connection. The value of ID must correspond to the value used for ID by TC_CON. The INTERFACE parameter references the GPRS interface of the required local CP. The value must be the same as that used by TC_CON for INTERFACE. The maximum amount of data to be received is specified with the LEN parameter. The size of the data area specified in DATA must be at least as large as the number of bytes configured for LEN. Permitted data types in the data area specified in DATA are all except BOOL and ARRAY of BOOL. The received data is interpreted as if the sending partner had used the same data types. The DB (system data type) used for the connection description of TC_RECV must differ from a DB used for TC_SEND. 4344 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Storing SMS messages Received SMS messages are stored retentively in the CP 1242-7 (25 storage spaces) and on the SIM card (varying number of storage spaces). After an SMS message has been read by TC_RECV the SMS message will be deleted from its storage space. If all of the storage spaces have been allocated and a new SMS message is received, the oldest SMS message is deleted. Call interface in FBD representation 7&B5(&9 %22/ (1B5 &211B28& ,' +:B,17(5)$&( ,17(5)$&( 8,17 9$5,$17 5&9'B/(1 8,17 %86< %22/ 1'5 %22/ /(1 (5525 %22/ '$7$ 67$786 :25' Explanation of the formal parameters The following table explains all the formal parameters for the TC_RECV instruction Parameter Declaration Data type Range of values Description EN_R INPUT BOOL 0: Data reception locked Enables / locks the reception of data. 1: Data reception enabled Block version 1.1: After setting 1 to 0, the block is inactive. Block version 1.0: After setting 1 to 0, the program block receives data again (until DONE = 0 and ERROR = 0). Note the information on the status code 80E3 of TC_CON. ID INPUT CONN_OUC INTERFACE INPUT HW_INTER FACE LEN INPUT UINT DATA INOUT VARIANT ENO OUTPUT BOOL 1...07FFh Reference to the interface of the local CP 12427 (see STEP 7 > CP configura tion > Telecontrol interface > "Hardware identifier") 1...2048 OUTPUT WinCC Advanced V14 System Manual, 10/2016 UINT (minimum) number of bytes of data to be received, maximum 2048 Address reference to the receive data area of the CPU * 0: Error 1: Error-free RCVD_LEN Reference to the relevant connection Enable output If there is a runtime error with the instruc tion, ENO = 0 is set. Number of bytes of received data 4345 Programming the PLC 11.4 Instructions Parameter Declaration Data type Range of values Description BUSY OUTPUT BOOL 0: Execution of the instruction not started, completed or abor ted Display of the processing status of the in struction 1: The instruction is executing DONE OUTPUT BOOL 0: - ERROR OUTPUT BOOL 0: - Error code 1: Error For the meaning in conjunction with the parameters DONE and STATUS, refer to Codes of the instruction. STATUS OUTPUT This parameter indicates whether or not 1: The instruction executed suc the job was completed without errors. cessfully For the meaning in conjunction with the parameters ERROR and STATUS, refer to Codes of the instruction. WORD Status code For the meaning in conjunction with the parameters DONE and ERROR, refer to Codes of the instruction. * For special features of the DATA parameter for SMS texts, refer to the next section. Configuring SMS texts with the DATA parameter The instruction references the received SMS text with the pointer of the type VARIANT of the DATA parameter to the data area of the CPU. If DATA references an operand of the data type STRING for the SMS text, the first two bytes of the SMS text will be interpreted as length information of the data type STRING and not as SMS text. One option for the correct text representation of SMS messages to be received is to convert an Array of BYTE or Array of CHAR to a text string using the conversion function Chars_TO_Strg. Chars_TO_Strg at the EN parameter is linked to the output parameter ENO of TC_RECV. For SMS texts, the CP does not support all special characters, for example umlauts (u, a etc.). The specification GSM 03.38 applies. There may be additional restrictions imposed by the GSM network provider. The codes BUSY, DONE and ERROR The codes of DONE and ERROR are relevant only when BUSY = 0. BUSY DONE ERROR Meaning 0 0 0 No job being executed You will find all other code combinations of DONE and ERROR in the following table. 4346 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The codes DONE, ERROR and STATUS The following table shows the condition codes formed based on DONE, ERROR and STATUS that must be evaluated by the user program. DONE ERROR STATUS * Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active (first instruction call) 0 0 7001H Job processing started (first instruction call) 0 0 7002H Job processing already active (renewed instruction call when BUSY = 1) 0 1 80A3H An attempt is made to re-establish an existing connection. An attempt is made to terminate a non-existent connection. 0 1 80E0H Internal error 0 1 8086H Illegal value for ID 0 1 80E4H Unknown ID: First call TC_CON. 0 1 80E6H No query in progress (instruction call not started) 0 1 80F5H Invalid connection endpoint: Connection establishment by TC_CON failed. or Connection terminated by remote partner: First call TC_DISCON. 0 1 80F6H Format error of a parameter in the called data block (wrong length, wrong format or invalid value) Check the configuration of the "TC_CON..." SDT. * Further statuses that are not listed here can be found in the status display is of the "RDREC" or "WRREC" instructions in the two middle status bytes (STATUS[2], STATUS[3]). TC_CONFIG: Transferring configuration data to a CP (S7-1200, S7-1500) Meaning With the instruction TC_CONFIG the parameters of an S7-1200 mobile wireless CP configured in STEP 7 can be changed. The configured values are not overwritten retentively. The overwritten values remain valid until TC_CONFIG is called again or until the station starts up again (cold restart after cycling power). To be able to use the function, there must already be values present in the STEP 7 basic configuration of the CP. If the STEP 7 configuration data of the CP needs to be changed permanently, the instruction needs to be called again each time the station restarts (cold restart) or a modified project must be downloaded to the station. The CONFIG parameter points to the memory area with the configuration data. The configuration data is stored in a data block (DB). The structure of the DB is specified by the system data type (SDT) IF_CONF. The configuration data to be modified on the CP is put together as necessary in blocks in IF_CONF "IF_CONF_..." for the individual parameters. WinCC Advanced V14 System Manual, 10/2016 4347 Programming the PLC 11.4 Instructions Parameters that are not intended to change as a result of the instruction are not entered in IF_CONF. They retain the value configured in STEP 7. For detailed information on settings for IF_CONF, refer to the section IF_CONF: SDT for telecontrol configuration data (Page 4354). The INTERFACE parameter references the GPRS interface of the required local CP. Call interface in FBD representation 7&B&21),* %22/ 5(4 %86< %22/ +:B,17(5)$&( ,17(5)$&( '21( %22/ (5525 %22/ 67$786 :25' 9$5,$17 &21),* Explanation of the formal parameters The following table explains all the formal parameters for the TC_CONFIG instruction Parameter Declaration Data type Range of values Description REQ INPUT BOOL 0, 1 The instruction is started and the status codes initialized on a rising edge. Updating of the DONE, ERROR and STA TUS status codes when there is a positive edge. INTERFACE INPUT HW_INTER FACE (WORD) Reference to the interface of the local CP 12427 CONFIG INOUT VARIANT See also "IF_CONF: SDT for telecontrol configuration data Reference to the memory area with the collected configuration data to be modified ENO OUTPUT BOOL 0: Error Enable output If there is a runtime error with the instruc tion, ENO = 0 is set. 1: Error-free BUSY OUTPUT BOOL DONE OUTPUT BOOL 0: Execution of the instruction not started, completed or abor ted Display of the processing status of the in struction 1: The instruction is executing 4348 0: - This parameter indicates whether or not 1: The instruction executed suc the job was completed without errors. cessfully For the meaning in conjunction with the parameters ERROR and STATUS, refer to Codes of the instruction. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Range of values Description ERROR OUTPUT BOOL 0: - Error code 1: Error For the meaning in conjunction with the parameters DONE and STATUS, refer to Codes of the instruction. STATUS OUTPUT WORD Status code For the meaning in conjunction with the parameters DONE and ERROR, refer to Codes of the instruction. The codes BUSY, DONE and ERROR The codes of DONE and ERROR are relevant only when BUSY = 0. BUSY DONE ERROR Meaning 0 0 0 No job being executed You will find all other code combinations of DONE and ERROR in the following table. The codes DONE, ERROR and STATUS The following table shows the condition codes formed based on DONE, ERROR and STATUS that must be evaluated by the user program. DONE ERROR STATUS Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active (first instruction call) 0 0 7001H Job processing started (first instruction call) 0 0 7002H Job processing already active (renewed instruction call when BUSY = 1) 0 1 80E0H Internal error (for example no value in the basic configuration of a parameter) 0 1 80E6H No query in progress (instruction call not started) 0 1 80EBH Query temporarily rejected (the CP is currently being configured by STEP 7). 0 1 80F6H Format error of a parameter in the called data block (wrong length, wrong format or invalid value) Check the "IF_CONF" SDT. 0 1 80F7H Wrong ID in the parameter fields of the configuration data: Check the "IF_CONF" SDT. TCON_...: SDTs for the telecontrol connection establishment (S7-1200, S7-1500) System data types TCON_... for telecontrol connections The four system data types TCON_... described below are used among other things for the connection description of telecontrol connections of the CP 1242-7. WinCC Advanced V14 System Manual, 10/2016 4349 Programming the PLC 11.4 Instructions TCON_PHONE is also used with the mobile wireless CPs of the S71200 for the description of a connection of Open User Communication to transfer SMS messages (TCON / TDISCON / TSEND or TSEND_C). To configure a telecontrol connection for the CP 1242-7 using the TC_CON instruction, the CONNECT parameter of the instruction is used for the connection description. The connection description is specified by the structure of the system data type (SDT). The structure of the relevant SDT contains the parameters necessary to establish the connection with the remote communications partner. For different connection types that depend on the remote communications partner, the following SDTs are used: TCON_IP_RFC for ISO-on-TCP connections to IPv4 stations with CP 12427 TCON_IP_V4 for UDP connections to IPv4 stations (sending only) TCON_PHONE for connections to SMS clients TCON_WDC for connections to telecontrol servers or stations that can be reached via the telecontrol server. The parameter assignment of the connection description is made in a data block of the same type as the SDT. Creating a DB of the type TCON_... You will need to type in the data types of the relevant DBs with the keyboard. They are not displayed in the selection list. The data types are not case-sensitive. To create a TCON_... DB, follow the steps outlined below: 1. Create a data block of the type "global DB" with block access "Standard". 2. Create an SDT in the table of the parameter configuration of the DB by assigning the name and typing in the required type (for example "TCON_IP_RFC") in the cell of the data type. The SDT and its parameters are created (see below). 3. Configure the parameters that are described below for each SDT type. Reserved bits are not displayed. 4350 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions System data type TCON_IP_RFC for connections to IPv4 stations This connection type is supported only on ISOonTCP connections to communications partners with a fixed IP address. The CP must be configured for the "GPRS direct" mode. Table 11-82 Parameters of TCON_IP_RFC Byte Parameter Data type 0 ... 1 InterfaceID HW_ANY 2 ... 3 ID CONN_OUC Initial value Description Reference to the interface of the local CP 12427 (see STEP 7 > CP configuration > Telecontrol interface > "Hardware identifier") 1...07FFh Reference to the GPRS connection. The ID is as signed and must be unique within the CPU. Here, the same value as that of the ID parameter of the TC_CON instruction must be used. 4 ConnectionType BYTE 5 ActiveEstablished BOOL W#16#0C Protocol variant 12 (Ch): ISOonTCP connection Identifier for the type of connection establishment: 0: Passive connection establishment 1: Active connection establishment 6 ... 7 - - RemoteAddress 8 ... 11 ADDR RemoteTSelector 12 ... 13 TSelLen 14 ... 45 TSel - - reserved - IP_V4 IP address of the connection partner Array [1...4] of Byte IP address of the relevant connection partner TSelector Remote T selector UINT Length of the remote T selector "RemoteTSelector" Array [1...32] of Byte any Remote transport selector of the connection When "ActiveEstablished" = 1: With active connection establishment, the T selector of the local partner must be the same as the T selector of the connection partner (passive connection establishment on the remote partner). When "ActiveEstablished" = 0 correspondingly (passive connection establishment local, active connection establishment remote) LocalTSelector 46 ... 47 TSelLen 48 ... 79 TSel TSelector Local T selector UINT Length of the local T selector "LOCAL_TSel" Array [1...32] of Byte any Local transport selector of the connection When "ActiveEstablished" = 1: With active connection establishment, the T selector of the local partner must be the same as the T selector of the connection partner (passive connection establishment on the remote partner). When "ActiveEstablished" = 0 correspondingly (passive connection establishment local, active connection establishment remote) WinCC Advanced V14 System Manual, 10/2016 4351 Programming the PLC 11.4 Instructions System data type TCON_IP_V4 for connections to IPv4 stations This connection type is supported only for sending on UDP connections to communications partners with a fixed IP address. To receive, ActiveEstablished = 0 must be set. Table 11-83 Parameters of TCON_IP_V4 Byte Parameter Data type 0 ... 1 InterfaceID HW_ANY 2 ... 3 ID CONN_OUC Initial value Description Reference to the interface of the local CP 12427 (see STEP 7 > CP configuration > Telecontrol interface > "Hardware identifier") 1...07FFh Reference to the GPRS connection. The ID is as signed and must be unique within the CPU. Here, the same value as that of the ID parameter of the TC_CON instruction must be used. 4 ConnectionType BYTE 5 ActiveEstablished BOOL W#16#0B Protocol variant 11 (Bh): UDP connection Identifier for the type of connection establishment: 0: Passive connection establishment Setting for sending and receiving data. 1: Active connection establishment Setting for sending data only. 6 ... 9 RemoteAddress ADDR 10 ... 11 RemotePort 12 ... 13 LocalPort IP_V4 IP address of the connection partner Array [1...4] of Byte The four bytes (ADDR[1] ... ADDR[4]) specify the four blocks of the IP address. UINT 1...65535 IP port of the connection partner Not relevant if ActiveEstablished = 0. UINT 1...65535 Local IP port ("0" is not permitted) Not relevant if ActiveEstablished = 1. System data type TCON_PHONE for SMS connections Note Authorized phone numbers The CP only accepts an SMS if the sending communication partner is authorized based on its phone number. These numbers are in configured for the CP in STEP 7 in the "authorized phone numbers" list. SMS text Programmed SMS texts for SMS messages to be sent are accessed using the DATA parameter of the TC_SEND instruction. The text of a received SMS message is assigned to the address area of the CPU by the DATA parameter of the TC_RECV instruction. 4352 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Table 11-84 Parameters of TCON_PHONE Byte Parameter Data type 0 ... 1 InterfaceID HW_ANY 2 ... 3 ID CONN_OUC Initial value Description Reference to the local interface (telecontrol interface or Ethernet interface of the CP > "Hardware identifier") 1...07FFh Reference to the local mobile wireless connection. The ID is assigned and must be unique within the CPU. Here, the same value as that of the ID parameter of the TC_CON instruction must be used. 4 ConnectionType BYTE 5 ActiveEstablished BOOL W#16#0E Protocol variant 14 (Eh): SMS connection Identifier for the type of connection establishment (not relevant for the CP 1242-7): 0: Passive connection establishment (not relevant here) 1: Active connection establishment 6...7 - - 8 ... 31 PhoneNumber - STRING[22] - reserviert Call number of the connection partner Permitted values: Plus character (+) and numbers Note the exact notation of the international dialing code of the relevant phone number assigned by the network provider ("+" character or zeros). Without an entry for the PhoneNumber parameter, no connection partner is specified and SMS messages can be received reception from all authorized connec tion partners. Note the following during startup: Without an entry, TC_RECV first delivers the oldest received SMS mes sage. System data type TCON_WDC for connections to telecontrol servers or remote stations You can configure the connection to the telecontrol server assigned to the S71200 or to a remote station that can be reached via the telecontrol server with TCON_WDC. The address data of the telecontrol server assigned to the CP can be found in STEP 7 in the "Telecontrol interface > Mode" tab of the CP. The telecontrol server or a remote station is addressed using the host name or the IP address. The "RemoteWdcAddress" parameter of TCON_WDC specifies the Access ID of the connection partner. Table 11-85 Parameters of TCON_WDC Byte Parameter Data type 0 ... 1 InterfaceID HW_ANY 2 ... 3 ID CONN_OUC Initial value Description Reference to the interface of the local CP 12427 (see STEP 7 > CP configuration > Telecontrol interface > "Hardware identifier") 1...07FFh Reference to the GPRS connection. The ID is as signed and must be unique within the CPU. Here, the same value as that of the ID parameter of the TC_CON instruction must be used. WinCC Advanced V14 System Manual, 10/2016 4353 Programming the PLC 11.4 Instructions Byte Parameter Data type Initial value Description 4 ConnectionType BYTE W#16#0F Protocol variant 15 (Fh): Telecontrol connection using an IP address 5 ActiveEstablished BOOL Identifier for the type of connection establishment: 0: Passive connection establishment 1: Active connection establishment 6 ... 7 - - 8 ... 11 RemoteWdcAddress - DWORD - reserved Specifies the Access ID (hex). The access ID depends on the connection partner. Connection to a remote CP: The access ID is made up of the following: - STEP 7 project number - Station number - Slot If the remote station has more than one GPRSCP and you do not want to specify the path, the last byte for the slot must be set to 0. You will find the access ID in the STEP 7 project in the "CP authentication of the CP" parameter group. Connection to the telecontrol server: Access ID = 0 To only write to the process image of the CP: Access ID = DW#16#FEEDDADA IF_CONF: SDT for telecontrol configuration data (S7-1200, S7-1500) Structure of the system data type IF_CONF for the TC_CONFIG instruction The TC_CONFIG parameter of the CONFIG instruction references the memory area containing the CP configuration data to be modified. The configuration data stored in a data block is described as a structure of the IF_CONF system data type (SDT). To be able to use the function, there must already be values present in the STEP 7 basic configuration of the CP. IF_CONF is made up of a header followed by fields that correspond to the parameters or parameter areas of the CP in the device properties of the STEP 7 project. The CP configuration data to be modified is collected together as IF_CONF fields. Parameters that will not be modified are ignored in the IF_CONF structure and remain as they were configured in the STEP 7 project. Creating the DB and the IF_CONF structures You can create the parameters of the CP within the IF_CONF DB in one or more structures each with one or more fields. 4354 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You will need to type in the data types of the fields using the keyboard. They are not displayed in the selection list. The data types are not case-sensitive. Follow the steps below to create IF_CONF: 1. Create a data block of the type "global DB" with block access "Standard". 2. Create a structure (data type "Struct") in the table of the parameter configuration of the DB. You can specify any name. 3. Under this structure add a header by assigning the name of the header and typing it in the cell of the data type "IF_CONF_Header". The header of the structure and its three parameters (see below) is created. 4. Create a field for the first parameter to be changed by typing in the required data type (for example "IF_CONF_APN") in the cell of the data type. 5. Repeat the last step for all parameters you want to change on the CP using the TC_CONFIG instruction. 6. Finally, update the number of fields in the header in the "subfieldCnt" parameter. Header of IF_CONF Table 11-86 IF_CONF_Header Byte Parameter Data type Initial value Description 0 ... 1 fieldType UINT Field type: Must always be 0. 2 ... 3 fieldId UINT Field ID: Must always be 0. 4 ... 5 subfieldCnt UINT Total number of fields contained in the structure General parameters of the parameter fields Each field has the following general parameters: Id This parameter identifies the field and must not be modified. Length This parameter indicates the length of the field. The value serves as information. Fields with strings and / or arrays have a variable length. Due to hidden bytes, the actual length of fields can be greater than the sum of the displayed parameters. Mode The following values are permitted to these parameters: Table 11-87 Values of "Mode" Value Meaning 1 Permanent validity of the configuration data 2 Temporary validity of the configuration data, including deleting of existing permanent configuration data Not relevant for the CP The permanent configuration data is replaced by the parameter fields of IF_CONF. WinCC Advanced V14 System Manual, 10/2016 4355 Programming the PLC 11.4 Instructions Field for the parameter area "GPRS access" Table 11-88 IF_CONF_APN Parameter Data type Initial value Description Id UINT 4 ID of the parameter field Length UINT Length of the parameter field in bytes: 174 Mode UINT Validity (1: permanent, 2: temporary) AccesspointGPRS STRING [98] APN: Name of the access point of the GSM network pro vider to the Internet AccesspointUser STRING [42] APN user name AccesspointPassword STRING [22] APN password Field for the parameter area "CP identification" Table 11-89 IF_CONF_Login Parameter Data type Initial value Description Id UINT 5 ID of the parameter field Length UINT Length of the parameter field in bytes: 54 Mode UINT Validity (1: permanent, 2: temporary) ModemName STRING [22] Access ID The value cannot be set. ModemPassword STRING [22] Telecontrol password (max. 20 characters) Field for the parameter area "Telecontrol server access" This field is only used when the telecontrol server is addressed with a name that can be resolved by DNS. If the telecontrol server is addressed with its IP address, the "IF_CONF_TCS_IP_V4" field is used. In STEP 7, the corresponding data is located in the "Mode" parameter area. If there is more than one telecontrol server, use the field once per server. Table 11-90 IF_CONF_TCS_Name Parameter Data type Initial value Description Id UINT 6 ID of the parameter field Length UINT Mode UINT TcsName - Length of the parameter field in bytes: 266 Validity (1: permanent, 2: temporary) - - reserved - STRING [254] Name of the telecontrol server that can be resolved by DNS RemotePort UINT Port of the telecontrol server Rank UINT Priority of the server [1, 2] 1 = first telecontrol server, 2 = second telecontrol server 4356 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Field for the parameter area "Telecontrol server access" This field is only used when the telecontrol server is addressed by its IP address. If the telecontrol server is addressed by its DNS name, the "IF_CONF_TCS_Name" field is used. In STEP 7, the corresponding data is located in the "Mode" parameter area. If there is more than one telecontrol server, use the field once per server. Table 11-91 IF_CONF_TCS_IP_v4 Parameter Data type Initial value Description Id UINT 7 ID of the parameter field Length UINT Length of the parameter field in bytes: 14 Mode UINT Validity (1: permanent, 2: temporary) RemoteAddress IP_V4 IP address of the telecontrol server RemotePort UINT Port of the telecontrol server Rank UINT Priority of the server [1, 2] 1 = first telecontrol server, 2 = second telecontrol server Field for the "Mode" parameter area In STEP 7, the corresponding data is located in the parameter areas "Mode" and Modem settings". Table 11-92 IF_CONF_GPRS_Mode Parameter Data type Initial value Description Id UINT 8 ID of the parameter field Length UINT Length of the parameter field in bytes: 10 Mode UINT Validity (1: permanent, 2: temporary) GPRSmode UINT Mode of the CP: 0 = Telecontrol 1 = GPRS direct TemporaryStation BOOL Bit 0: Temporary connection If this option is selected, the CP only establishes a tempo rary connection to send data. Once the frames have been transferred, the CP terminates the connection again. 1: activated (temporary connection) 0: deactivated (permanent connection) SMS_Enabled BOOL Bit 1: Allow SMS Selecting the option allows the S7 station to send SMS messages. 1: activated (SMS allowed) 0: deactivated (no SMS) WinCC Advanced V14 System Manual, 10/2016 4357 Programming the PLC 11.4 Instructions Field for the "SMSC" parameter In STEP 7, the corresponding data is located in the parameter area "Modem settings". Table 11-93 IF_CONF_SMS_Provider Parameter Data type Initial value Description Id UINT 10 ID of the parameter field Length UINT Length of the parameter field in bytes: 28 Mode UINT Validity (1: permanent, 2: temporary) SMSProvider STRING [20] Node number of the SMS center (SMSC) of the GSM net work provider with which the contract was signed for this station. Field for the "PIN" parameter In STEP 7, the corresponding data is located in the parameter area "Modem settings". Table 11-94 IF_CONF_PIN Parameter Data type Initial value Description Id UINT 11 ID of the parameter field Length UINT Length of the parameter field in bytes: 16 Mode UINT Validity (1: permanent, 2: temporary) Pin STRING [8] PIN of the SIM card inserted in the SIM card The parameter is not relevant if the PIN was correctly con figured. If the PIN was incorrectly configured, the correct PIN can be entered. Field for monitoring times In STEP 7, the corresponding data is located in the parameter areas "Keepalive timeout" and Operating mode". Table 11-95 IF_CONF_TC_Timeouts Parameter Data type Initial value Description Id UINT 12 ID of the parameter field Length UINT Length of the parameter field in bytes: 12 Mode UINT Validity (1: permanent, 2: temporary) KeepAliveTimeout 4358 - Reserved - (cannot be set) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Data type SendTimeout UINT RedialTimeout UINT Initial value Description Connection monitoring time: Monitoring time of the connec tion to the communications partner (seconds) Relevant in the modes "Telecontrol" and "GPRS direct" Reconnection delay: Basic value for the wait time until the next attempt to establish a connection following an unsuc cessful connection establishment. After every 3 attempts, the basic value is doubled up to a maximum of 900 s. Range of values: 10 to 600 s. Example: Basic value 20 results in the following dialing in tervals: three times 20 s, three times 40 s, three times 80 s etc. up to a maximum of 900 s. If a second telecontrol server / router is configured, the CP attempts to connect to the second partner at the 4th at tempt. If the second partner is also unreachable, the 7th time the CP attempts to connect to the first partner again. Not relevant for SMS connections Field for the "Wake up right" parameter area Table 11-96 IF_CONF_WakeupList Parameter Data type Initial value Description Id UINT 13 ID of the parameter field Length UINT Length of the parameter field in bytes: 246 Mode UINT Validity (1: permanent, 2: temporary) WakeupPhone [1...10] ARRAY [1...10] of STRING [22] Phone number subscriber authorized to wake up The asterisk (*) at the end of a call number is used a pla ceholder for direct dialing numbers. Field for the "Preferred GSM networks" parameter area Table 11-97 IF_CONF_PrefProvider Parameter Data type Initial value Description Id UINT 14 ID of the parameter field Length UINT Length of the parameter field in bytes: 46 Mode UINT Validity (1: permanent, 2: temporary) Provider [1...5] ARRAY [1...5] of STRING [6] Alternative GSM networks with priority 1 to 5 into which the CP dials. Up to 5 networks can be configured. No. 1 with highest priority, no. 5 with lowest priority. Entry of the Public Land Mobile Network (PLMN) of the network provider consisting of Mobile Country Code (MCC) and Mobile Network Code (MNC). Example (test network of Siemens AG): 26276 WinCC Advanced V14 System Manual, 10/2016 4359 Programming the PLC 11.4 Instructions Field for the "DNS configuration" parameter area Table 11-98 IF_CONF_DNS Parameter Data type Initial value Description Id UINT 16 ID of the parameter field Length UINT Length of the parameter field in bytes: 14 Mode UINT Validity (1: permanent, 2: temporary) DNS_IP [1] IP_V4 IP address of the 1st domain name system server DNS_IP [2] IP_V4 IP address of the 2nd domain name system server Field for the "Time-of-day synchronization" parameter area Table 11-99 IF_CONF_NTP Parameter Data type Initial value Description Id UINT 17 ID of the parameter field Length UINT Length of the parameter field in bytes: 24 Mode UINT Validity (1: permanent, 2: temporary) NTP_IP [1] ARRAY [1...4] of IP_V4 IP address of NTP server 1 ... ... (IP address of NTP server 2...3) NTP_IP [4] ARRAY [1...4] of IP_V4 IP address of NTP server 4 Block for activating / deactivating TeleService users SDT for activating or deactivating TeleService users already configured in the STEP 7 project of the CP. In STEP 7, the corresponding data can be found in the parameter area "TeleService settings" > "TeleService user management". Table 11-100 IF_CONF_GPRS_UserList Parameter Data type Initial value Description Id UINT 19 ID of the parameter field Length UINT Length of the parameter field in bytes: 506 Mode UINT Validity (1: permanent, 2: temporary) GPRS_User [1...10] ARRAY [1...10] of GPRS_User TeleService user no. 1 to max. no. 10 4360 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The array is formed from the parameter records for the TeleService users ("GPRS_User" [1...n]). Table 11-101 GPRS_User [n] (parameter for TeleService user) Parameter Data type Initial value Description UserName [n] STRING [22] TeleService user name Password [n] STRING [22] - The string must be empty! Diag_Allowed [n] BOOL - Reserved - (cannot be set) Teleserv_Allowed [n] BOOL Activation of the TeleService user 0 = user is deactivated 1 = user is activated FW_Load_Allowed [n] BOOL - Reserved - (cannot be set) Field for setting the parameters for TeleService access (DNS name of the server) Access data of the TeleService server (switching station). In STEP 7, the corresponding data is located in the parameter area "TeleService settings". If there is more than one TeleService server, use the field once per server. Table 11-102 IF_CONF_TS_Name Parameter Data type Initial value Description Id UINT 20 ID of the parameter field Length UINT Length of the parameter field in bytes: 266 Mode UINT Validity (1: permanent, 2: temporary) ts_name String [254] Name of the TeleService server that can be resolved by DNS RemotePort UINT Port of the engineering station Rank UINT Priority of the server [1] or [2] 1 = server 1, 2 = server 2 Field for setting the parameters for TeleService access (IP address of the server) Access data of the TeleService server (switching station). In STEP 7, the corresponding data is located in the parameter area "TeleService settings". If there is more than one TeleService server, use the field once per server. Table 11-103 IF_CONF_TS_IF_V4 Parameter Data type Initial value Description Id UINT 21 ID of the parameter field Length UINT Length of the parameter field in bytes: 14 Mode UINT Validity (1: permanent, 2: temporary) RemoteAddress IP_V4 IP address of the TeleService server WinCC Advanced V14 System Manual, 10/2016 4361 Programming the PLC 11.4 Instructions Parameter Data type RemotePort UINT Initial value Description Port of the TeleService server Rank UINT Priority of the server [1] or [2] 1 = server 1, 2 = server 2 Point-to-point (S7-1200) PORT_CFG: Configure communication parameters dynamically (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The instruction "PORT_CFG" allows dynamic configuration of communications parameters for a point-to-point communications port. You set up the original static configuration of the port in the hardware configuration. You can change this configuration by executing the "PORT_CFG" instruction. You can also use this function to save created blocks in libraries and to avoid configuration in the hardware configuration when you reuse it. With "PORT_CFG" you can influence the following communications parameter settings: Parity Baud rate Number of bits per character Number of stop bits Type and properties of flow control The changes made by the "PORT_CFG" instruction are not stored permanently on the target system. You can transfer serial data via the electrical connections RS-232 (half and full duplex) and RS-485 (half duplex). Parameters The following table shows the parameters of the "PORT_CFG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Activates the configuration change on a rising edge PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) 4362 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description PROTOCOL Input UINT I, Q, M, D, L or con stant Transmission protocol: 0: Point-to-point communication protocol 1..n: Future definition for specific transmission protocols BAUD Input UINT I, Q, M, D, L or con stant Baud rate of the port: 1: 300 baud 2: 600 baud 3: 1200 baud 4: 2400 baud 5: 4800 baud 6: 9600 baud (default) 7: 19200 baud 8: 38400 baud 9: 57600 baud 10: 76800 baud 11: 115200 baud PARITY Input UINT I, Q, M, D, L or con stant Parity of the port: 1: No parity (default) 2: Even parity 3: Odd parity 4: Mark parity 5: Space parity DATABITS Input UINT I, Q, M, D, L or con stant Bits per character: 1: 8 bits per character (default) 2: 7 bits per character STOPBITS Input UINT I, Q, M, D, L or con stant Number of stop bits: 1: 1 stop bit (default) 2: 2 stop bits FLOWCTRL Input UINT I, Q, M, D, L or con stant Data flow control: 1: None (default) 2: XON/XOFF 3: Hardware flow control (RTS always activated) 4: Hardware flow control (RTS can be deactivated during transmission) XONCHAR Input CHAR I, Q, M, D, L or con stant Indicates the character used as XON character. The character DC1 (11H) is set as default. XOFFCHAR Input CHAR I, Q, M, D, L or con stant Indicates the character used as XOFF character. The character DC3 (13H) is set as default. WAITTIME Input UINT I, Q, M, D, L or con stant Specifies the wait time for XON or CTS after the start of the transmission. The specified value must be greater than 0. 2000 mil liseconds are set as default. WinCC Advanced V14 System Manual, 10/2016 4363 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#...) 80A0 The specified protocol is invalid. 80A1 The specified baud rate is invalid. 80A2 The specified parity rate is invalid. 80A3 The specified number of bits per character is invalid. 80A4 The specified number of stop bits is invalid. 80A5 The specified type of flow control is invalid. 80A6 Incorrect value at the WAITTIME parameter When the data flow control is enabled, the value at the WAITTIME parameter must be greater than zero. 80A7 Invalid values at XONCHAR and XOFFCHAR parameters. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". SEND_CFG: Configure serial transmission parameters dynamically (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The instruction "SEND_CFG" allows dynamic configuration of serial transmission parameters for a point-to-point communications port. All the messages waiting for transfer are discarded after execution of SEND_CFG. 4364 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You set up the original static configuration of the port in the hardware configuration. You can change this configuration by executing the "SEND_CFG" instruction. You can also use this function to save created blocks in libraries and to avoid configuration in the hardware configuration when you reuse it. With "SEND_CFG" you can influence the following transmission parameter settings: Time between the activation of RTS (Request to Send) and the start of the transmission Time between the end of transmission and the deactivation of RTS Define bit times for breaks The changes made by the "SEND_CFG" instruction are not stored permanently on the target system. You can transfer serial data via the electrical connections RS-232 (half and full duplex) and RS-485 (half duplex). Parameters The following table shows the parameters of the "SEND_CFG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Activates the configuration change on a rising edge PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) RTSONDLY Input UINT I, Q, M, D, L or con stant The time that should elapse after activating RTS until the start of transmission. Valid values for this parameter are as follows: 0 (default) 0 to 65535 ms in steps of 1 ms This parameter does not apply to RS-485 modules. RTSOFFDLY Input UINT I, Q, M, D, L or con stant Time that should elapse after the end of transmission until deactivation of RTS. Valid values for this parameter are as follows: 0 (default) 0 to 65535 ms in steps of 1 ms This parameter does not apply to RS-485 modules. BREAK Input UINT I, Q, M, D, L or con stant Specifies the bit times for a break, which are sent at the start of the message. 12 bit times are set as default. A maximum of 25000 bit times can be specified. IDLELINE Input UINT I, Q, M, D, L or con stant Specifies the bit times for idle line after the break at the start of the message. 12 bit times are set as default. A maximum of 25000 bit times can be specified. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors WinCC Advanced V14 System Manual, 10/2016 4365 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#...) 80B0 The configuration of a transmission interruption is not permitted. 80B1 The specified break time exceeds the permitted maximum of 25000 bit times. 80B2 The specified time for idle line exceeds the permitted maximum of 25000 bit times. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". RCV_CFG: Configure serial receive parameters dynamically (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The instruction "RCV_CFG" allows dynamic configuration of serial receive parameters for a point-to-point communications port. You can use this instruction to configure the conditions that specify the start and end of the message to be transmitted. The receipt of messages that correspond to these conditions can be enabled by the "RCV_PTP (Page 4376)" instruction. You set up the original static configuration of the port in the properties of the hardware configuration. Execute the "RCV_CFG" instruction in your program to change the configuration. You can also use this function to save created blocks in libraries and to avoid configuration in the hardware configuration when you reuse it. The changes made by the "RCV_CFG" instruction are not stored permanently on the target system. All the messages waiting for transfer are discarded after execution of the "RCV_CFG" instruction. 4366 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RCV_CFG" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Activates the configuration change on a ris ing edge. PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) CONDITIONS Input CONDITIONS D, L Data structure defining the conditions for start and end of data transmission. DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred. STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Data type CONDITIONS You can use the CONDITIONS structure to define the start and end conditions for the message transmission. The structure CONDITIONS is included in the instance DB of the "RCV_CFG" instruction. Use the structure CONDITIONS to define the start and end conditions when the transmission of a message is complete and when the next message transfer is to start: You define the start conditions for the data transfer in the START structure. You define the end conditions for the data transfer in the END structure. You can define one or more start and end conditions for this. If you specify multiple start or end conditions these are linked by an OR logic instruction. WinCC Advanced V14 System Manual, 10/2016 4367 Programming the PLC 11.4 Instructions The following table shows the "CONDITIONS" structure: Parameters Data type Description START STRUCT Start conditions UINT Specifies the start condition (details, see below). STARTCOND The start condition can be specified as a 16-bit hexadecimal value. Possible values for the start condition are: 1: Start character 2: Any character (default) 4: Line break 8: Idle line 16: Character string 1 32: Character string 2 64: Character string 3 128: Character string 4 Multiple start conditions can also be defined at the STARTCOND parameter. The total from the values of the individual conditions is specified for this. If, for example, you want to define "Idle line" OR "Character string 1" OR "Character string 4" as start condition, the value "152" must be specified. IDLETIME UINT Specifies the maximum idle time of the line before receipt is started. Valid values for this parameter are as follows: 40 bit times (default) 0 to 2500 bit times STARTCHAR BYTE Specifies the start character. This setting is only enabled when the configured start condition is "Start character". Valid values for this parameter are as follows: 02 (STX): Default setting B#16#00 to B#16#FF SEQ[1].CTL BYTE Character string 1: Control sequence for each character You can use the bit position of the character to define which characters of the character string will be considered or ignored. To evaluate the characters, the corresponding bits have to be set. Bit 0: 1 character Bit 1: 2 characters Bit 2: 3 characters Bit 3: 4 characters Bit 4: 5 characters A character is ignored when the corresponding bit is reset. SEQ[1].STR 4368 CHAR[5] Character string 1: Start character (5 characters) SEQ[2].CTL BYTE Character string 2: Ignore/compare control sequence for each character SEQ[2].STR CHAR[5] Character string 2: Start character (5 characters) SEQ[3].CTL BYTE Character string 3: Ignore/compare control sequence for each character SEQ[3].STR CHAR[5] Character string 3: Start character (5 characters) SEQ[4].CTL BYTE Character string 4: Ignore/compare control sequence for each character SEQ[4].STR CHAR[5] Character string 4: Start character (5 characters) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Data type Description END STRUCT End conditions WinCC Advanced V14 System Manual, 10/2016 4369 Programming the PLC 11.4 Instructions Parameters ENDCOND Data type Description UINT Specifies the end condition (details, see below). The end condition can be specified as a 16-bit hexadecimal value. Possible values for the end condition are: 1: Reply timeout 2: Message timeout 4: Timeout within the character string 8: Maximum length 16: N+LEN+M; the information on the message length in integrated in the message and will be evaluated. 32: Character string 1 Multiple end conditions can also be defined at the ENDCOND parameter. The total from the values of the individual end conditions is specified for this. If, for example, you want to define the end condition "Maximum length" OR "Sequence 1", the value "40" must be specified. MAXLEN UINT Specifies the maximum number of characters in a message. Valid values* for this parameter are as follows: 1 character (default) 0 to 1024 characters This setting is only enabled if the "Maximum length" end condition is set at the ENDCOND parameter. N UINT Offset of the length field in the message Valid values for this parameter are as follows: 0 characters (default) 0 to 1024 characters This setting is only enabled if the "N+LEN+M" end condition is set at the END COND parameter. LENGTHSIZE UINT Size of the length field in bytes Valid values* for this parameter are as follows: 0 bytes (default) 1 byte 2 bytes 4 bytes This setting is only enabled if the "N+LEN+M" end condition is set at the END COND parameter. LENGTHM UINT Specifies the number of end characters that follow the length field but are not contained in the length of the message. Valid values for this parameter are as follows: 0 characters (default) 0 to 255 characters This setting is only enabled if the "N+LEN+M" end condition is set at the END COND parameter. RCVTIME UINT Specifies the maximum duration for the receipt of the first character of a message. Valid values for this parameter are as follows: 200 ms (default) 4370 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Data type Description 0 to 65535 ms in steps of 1 ms This setting is only enabled if the "Reply timeout" end condition is set at the END COND parameter. MSGTIME UINT Specifies the maximum duration of the receipt of a message. Valid values for this parameter are as follows: 200 ms (default) 0 to 65535 ms in steps of 1 ms This setting is only enabled if the "Message timeout" end condition is set at the ENDCOND parameter. CHARGAP UINT Specifies the time interval between received consecutive characters. Valid values for this parameter are as follows: 12 bit times (default) 0 to 2500 bit times This setting is only enabled if the "Timeout within the character string" end condi tion is set at the ENDCOND parameter. SEQ.CTL BYTE Character string: Control sequence for each character You can use the bit position of the character to define which characters of the character string will be considered or ignored. To evaluate the characters, the corresponding bits have to be set. Bit 0: 1 character Bit 1: 2 characters Bit 2: 3 characters Bit 3: 4 characters Bit 4: 5 characters A character is ignored when the corresponding bit is reset. SEQ.STR CHAR[5] Character string: Start character (5 characters) * These value ranges also apply to the corresponding hardware settings for specifying the end of message. Start conditions for the message receipt (STARTCOND parameter) The start of the message is recognized by the receiver if a configured start condition applies. The following conditions can be defined as start conditions for message receipt: Start character: The start of a message is recognized when a certain character occurs. This character is stored as first character of the message. All characters received before the start character are rejected. Any character: Any character can define the start of a message. This character is stored as first character of the message. Line break: The start of a message is recognized if the received data stream is interrupted for longer than one character length. WinCC Advanced V14 System Manual, 10/2016 4371 Programming the PLC 11.4 Instructions Idle line: The start of a message is recognized when the send transmission line is in the idle state for a certain time (specified in bit times) followed by renewed transmission of characters. Character string (sequence): The start of a message is recognized when a specified character sequence occurs in the data stream. You can specify up to four character sequences with up to five characters each. Example: A received hexadecimal message includes the following characters: "68 10 aa 68 bb 10 aa 16". The configured start character sequences are listed in the following table. Start character sequences will be evaluated once the first character 68H has been received successfully. After the fourth character has been received successfully (the second 68H), the start condition "1" has been met. Once the start conditions have been met, evaluation of the end conditions will start. Processing of the start character sequence can end due to different errors in parity, framing or time intervals between characters. These errors will prevent reception of the message, because the start condition has not been met. Start condition First character First character +1 First character +2 First character +3 First character +4 1 68H xx xx 68H xx 2 10H aaH xx xx xx 3 dcH aaH xx xx xx 4 e5H xx xx xx xx End conditions for the message receipt (ENDCOND parameter) The start of a message is recognized by the receiver if a configured end condition applies. The following conditions can be defined as end conditions for message receipt: Reply timeout: The receipt of messages will end when the specified maximum duration for the receipt of a character is exceeded. The maximum duration is defined at the RCVTIME parameter. The defined time starts to run down as soon at the last transmission is completed and the RCV_PTP instruction enables the receipt of the message. If no character was received within the defined time (RCVTIME), the RCV_PTP instruction reports an error. Message timeout: The receipt of messages will end when the specified maximum duration for the receipt of a message is exceeded. The maximum duration is defined at the MSGTIME parameter. The defined time starts to run down as soon as the first character of the message is received. Timeout within the character string: The receipt of messages will end when the time interval between the receipt of two consecutive characters is longer than the value at the CHARGAP parameter. Maximum length: The receipt of messages will end when the length of the message defined at the MAXLEN parameter is exceeded. 4372 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Reading message length (N+LEN+M): The receipt of messages will end when a certain message length is reached. This length is calculated by the values of the following parameters: - N: Position of the character in the message, as of which the length field begins. - LENGTHSIZE: Size of the length field in bytes - LENGTHM: Number of end characters that follow the length field. These characters are not taken into account in the evaluation of the message length. Character string: The receipt of messages will end when a defined character sequence is received. The character string can contain a maximum of five characters. For each character of the character string, you can use the bit position to define if this will be considered or ignored in the evaluation. STATUS parameter Error code* Description (W#16#...) 80C0 Error in start condition 80C1 Error in end condition No end condition defined 80C2 Receive interrupt enabled 80C3 A value that is equal to 0 or greater than 4132 was entered at the MAXLEN parameter while the "Maximum length" end condition was set. 80C4 A value that is greater than 4131 was entered at the N parameter while the "N+LEN+M" end condition was set. 80C5 A value that is equal to 0 or invalid was entered at the LENGTHSIZE parameter while the "N+LEN+M" end condition was set. 80C6 A value that is greater than 255 was entered at the LENGTHM parameter while the "N+LEN+M" end condition was set. 80C7 A message length greater than 4132 was calculated while the "N+LEN+M" end condition was set. 80C8 A value that is equal to 0 was entered at the RCVTIME parameter while the "Reply timeout" end condition was set. 80C9 A value that is equal to 0 or greater than 2500 was entered at the CHARGAP parameter while the "Timeout within a character string" end condition was set. 80CA A value that is equal to 0 or greater than 2500 was entered at the IDLETIME parameter while the "Idle line" start condition was set. 80CB All characters of the character string are marked as "Don't care" even though "Character string" is set as the end condition. 80CC All characters of the character string are marked as "Don't care" even though "Character string" is set as the start condition. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". WinCC Advanced V14 System Manual, 10/2016 4373 Programming the PLC 11.4 Instructions SEND_PTP: Transmit send buffer data (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description You use the "SEND_PTP" instruction to start the transmission of data. The "SEND_PTP" instruction does not execute the actual transmission of the data. The data of the send buffer is transmitted to the relevant point-to-point communication module (CM). The CM executes the actual transmission. Parameters The following table shows the parameters of the "SEND_PTP" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Enables the requested transmission on a rising edge of this enable input. The content of buffer is transmit ted to the point-to-point communication module (CM). PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) BUFFER Input VARIANT I, Q, M, D, L or con stant Pointer to the start address of the send buffer. Boo lean values or Array of BOOL are not supported. LENGTH Input UINT I, Q, M, D, L or con stant Length of the send buffer PTRCL Input BOOL I, Q, M, D, L or con stant This parameter selects the buffer for normal point-topoint communication or for specific Siemens proto cols implemented in the connected CM. FALSE = point-to-point operations controlled by the user program (only valid option) DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 4374 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STATUS parameter Error code* Description (W#16#...) 7000 The send operation is not active. 7001 The send operation is processing the first call. 7002 The send operation is processing subsequent calls (queries following the first call). 8080 The identifier entered for the communications port number is invalid. 8088 The length of the LENGHT parameter does not correspond to the length of data to be sent. See also: Parameters LENGHT and BUFFER. 80D0 A new send request was received while a transmission was taking place. 80D1 The transmission was interrupted because the CTS signal was not confirmed within the specified wait time. 80D2 The send request was interrupted because the communications partner (DCE) signaled that it was not willing to receive (DSR). 80D3 The send request was interrupted because the maximum size of the waiting loop was exceeded (more than 1024 Byte). * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". WinCC Advanced V14 System Manual, 10/2016 4375 Programming the PLC 11.4 Instructions LENGTH and BUFFER parameters The minimum data size that can be sent by the "PTP_SEND" instruction is one byte. The parameter BUFFER defines the size of the data to be sent. You can use neither the BOOL nor the Array of BOOL data type for the BUFFER parameter. LENGTH parameter BUFFER parameter Description LENGTH = 0 Not used The complete data is sent as defined by the BUFFER parameter. If LENGTH = 0, you do not need to specify the number of bytes trans ferred. LENGTH > 0 Elementary data type The LENGTH value must contain the byte count of this data type. Otherwise, data is not transferred and error 8088 is output. STRUCT The LENGTH value can contain a byte count that is smaller than the complete byte length of the structure. In this case, only the first LENGTH bytes are transferred. ARRAY The LENGTH value can contain a byte count that is smaller than the complete byte length of the field. In this case, only the field ele ments that fit completely in the LENGTH bytes are transferred. The LENGTH value must be a multiple of the byte count of the data elements. Otherwise, STATUS = 8088, ERROR = 1, and no data is transferred. STRING The complete memory arrangement of the character sequence for mat will be transmitted as well as the information about maximum length of the character string and the actual length of the character string. The LENGTH value must contain bytes for maximum length, actual length, and the characters of the character string. With the data type STRING, all lengths and characters have the size of one byte. If a character string is used for the BUFFER parameter, the LENGTH value must also contain two bytes for the two length fields. RCV_PTP: Enable receive messages (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description With the RCV_PTP instruction you enable receipt of a sent message. Each message must be enabled individually. The sent data is only available in the receive area when the message has been acknowledged by the relevant communications partner. 4376 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "RCV_PTP" instruction: Parameter Declaration Data type Memory area Description EN_R Input BOOL I, Q, M, D, L or con Enables receipt on a rising edge stant PORT Input PORT I, Q, M, D, L or con Identification of the communication port (HW-ID) stant BUFFER Input VARIANT I, Q, M, D, L or con Points to the start address of the receive buffer. Do not stant use a tag of the type STRING in the receive buffer. NDR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction LENGTH Output UINT I, Q, M, D, L Length of the message in the receive buffer You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#....) 80E0 Receipt of messages was terminated because the receive buffer is full. 80E1 Receipt of messages was terminated as a result of a parity error. 80E2 Receipt of messages was terminated as a result of a framing error. 80E3 Receipt of messages was terminated as a result of an overflow error. 80E4 Receipt of messages was terminated because the calculated message length (N+LEN+M) exceeds the size of the receive buffer. 8080 The identifier entered for the communications port number is invalid. 8088 A data type STRING is referenced via the BUFFER parameter. 0094 Receipt of messages was terminated because the maximum character length was received. 0095 Receipt of messages was terminated as a result of a timeout. 0096 Receipt of messages was terminated because of a timeout within the character string. 0097 Receipt of messages was terminated as a result of a reply timeout. 0098 Receipt of messages was terminated because the "N+LEN+M" length condition has been satisfied. 0099 Receipt of messages was terminated because the character string defined as the end condition was received. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". WinCC Advanced V14 System Manual, 10/2016 4377 Programming the PLC 11.4 Instructions RCV_RST: Delete receive buffer (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description With the "RCV_RST" instruction, you delete the receive buffer of a communications partner. Parameters The following table shows the parameters of the "RCV_RST" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Enables deleting of the receive buffer on a rising edge PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". SGN_GET: Query RS-232 signals (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. 4378 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Description With the "SGN_GET" instruction, you query the current state of several signals of an RS-232 communications module. Parameters The following table shows the parameters of the "SGN_GET" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Enables the query on a rising edge PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) NDR Output BOOL I, Q, M, D, L Is set for one cycle if new data are ready for sending and the instruction was executed errorfree. DTR Output BOOL I, Q, M, D, L Data terminal ready, module ready DSR Output BOOL I, Q, M, D, L Data set ready, communications partner ready RTS Output BOOL I, Q, M, D, L Send request, module ready to send CTS Output BOOL I, Q, M, D, L Clear to send, communications partner can re ceive data (reaction to RTS = ON of the module). DCD Output BOOL I, Q, M, D, L Data carrier detect, received signal level RING Output BOOL I, Q, M, D, L Ring display, display of an incoming call ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred STATUS Output WORD I, Q, M, D, L Status of the instruction You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* Description (W#16#....) 80F0 The communication module is an RS-485 module and no signals are available. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". WinCC Advanced V14 System Manual, 10/2016 4379 Programming the PLC 11.4 Instructions SGN_SET: Set RS-232 signals (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description With the "SGN_SET" instruction, you set the status of the output signals of an RS-232 communications module. Parameters The following table shows the parameters of the "SGN_SET" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con stant Activates the action on a rising edge PORT Input PORT I, Q, M, D, L or con stant Identification of the communication port (HW-ID) I, Q, M, D, L or con stant Specifies the signals to be set: SIGNAL Input BYTE Initial value: FALSE Initial value: FALSE Set 01H = RTS Set 02H = DTR Set 04H = DSR Initial value: FALSE RTS DTR DSR Input Input Input BOOL BOOL BOOL I, Q, M, D, L or con stant Send request, module ready to send I, Q, M, D, L or con stant Data terminal ready, module ready I, Q, M, D, L or con stant Data set ready (applies only to interfaces of the DCE type) Initial value: FALSE Initial value: FALSE Initial value: FALSE DONE Output BOOL I, Q, M, D, L Status parameter with the following values: 0: Job not yet started or is still executing 1: Job executed without errors Initial value: FALSE ERROR Output BOOL I, Q, M, D, L Status parameter with the following values: 0: No error 1: Error occurred Initial value: FALSE STATUS Output WORD I, Q, M, D, L Status of the instruction Initial value: 0 4380 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* (W#16#...) Description 80F0 The communication module is an RS-485 module and no signals are available. 80F1 No signals are settable because H/W flow control is enabled. 80F2 The DSR signal cannot be set because the module is a DTE device. 80F3 The DTR signal cannot be set because the module is a DCE device. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". You will find more detailed information on general error codes of the communication instructions in "General status information of the communications blocks (Page 4381)". General status information of the communications blocks (S7-1200) General information on execution status of the communications blocks The following table shows which general information can be output at the STATUS parameter of the communications blocks: Error code* Description (W#16#....) 0000 No error 7000 No job processing active. 7001 Start of job processing. Parameter BUSY = 1, DONE = 0. 7002 Intermediate call (REQ irrelevant): Instruction already active; BUSY has the value "1". 8x3A Invalid pointer at parameter x. 8070 All internal instance memories are in use. 8080 The identifier entered for the communications port is invalid 8081 Timeout, module error, internal error 8082 Parameter assignment failed because parameter assignment is currently being performed in the back ground. 8083 Buffer overflow: The CM or CB has returned a receipt message with a length that is greater than permitted by the length parameter. 8085 Error specifying the length at the LENGHT parameter. The specified length is "0" or greater than the maximum permitted value. 8090 Message length invalid, module invalid, message invalid 8091 Incorrect version in parameterization message 8092 Invalid record length in parameterization message * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4381 Programming the PLC 11.4 Instructions USS (S7-1200) Overview of USS instructions (S7-1200) Introduction The USS instructions control the operation of drives that support the universal serial interface (USS). With the USS instructions, you can communicate with more than one drive via an RS-485 connection. To do this, you require a CM 1241 RS-485 communications module or a CB 1241 RS-485 communications board. Up to three CM 1241 RS-485 modules and one CB 1241 RS-485 board can be installed in an S7-1200 CPU. Each RS-485 port can operate up to sixteen drives. The USS protocol uses a master/slave network for communication via a serial bus. The master uses an address parameter to send a message to a selected slave. A slave itself can never send without previously receiving a request. Direct exchange of messages between slaves is not possible. USS communication works in half duplex mode. The following figure shows an example of a USS network diagram: &0 56PRGXOHV 6&38 866GULYHVQHWZRUN 866GULYHVQHWZRUN 4382 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Requirements for using the USS protocol (S7-1200) General requirements for setting up a drive The use of 4 PKW words must be set up for the drives. The drives can be configured for 2, 4, 6 or 8 PZD words. The number of PZD words in the drive must correspond to the PZD_LEN input of the "USS_DRIVE (Page 4387)" instruction of the drive. The baud rate of all drives must match the baud rate of the BAUD input parameter of the "USS_PORT (Page 4386)" instruction. The drive must be set up for remote control. USS must be specified for the desired frequency value on the COM connection of the drive. 1 to 16 must be set as the drive address. This address must correspond to the address of the DRIVE input parameter of the "USS_DRIVE (Page 4387)" instruction. To control the direction of the drive, the polarity of the drive desired value must be set up. The RS-485 network must be connected correctly. Definition: PKW / PZD area The PKW area relates to the handling of the parameter-identifier-value interface. The PKW interface is not a physical interface but describes a mechanism that controls the exchange of parameters between two communications partners, in other words, reading and writing parameter values, parameter descriptions and corresponding texts and the handling of parameter changes due to spontaneous messages. All the tasks handled via the PKW interface are essentially tasks for operator control and monitoring, service and diagnostics. The PZD area includes the signals required for automation: - Control word(s), and setpoint(s) from the master to the slave - Status word(s), and actual value(s) from the slave to the master. Both areas together result in the user data field. This is transferred by the master to the slave as a job frame or by the slave to the master as a reply frame. WinCC Advanced V14 System Manual, 10/2016 4383 Programming the PLC 11.4 Instructions Description Each communication module CM 1241 RS485 supports a maximum of 16 drives. A single instance data block contains temporary memory and buffer functions for all drives in the USS network that are connected to a PtP communications module you installed. The USS instructions for these drives have shared access to the information in this data block. 866B3257 7KHGDWDEORFN866B'59B'%LVD EXIIHUWKDW\RXFDQRQO\DFFHVV LQGLUHFWO\YLDWKH866RSHUDWLRQV 866B'59B'% 866B'% 866B'59B'% 5HVHUYHGIRU 373 &20GDWD E\WHV 'ULYHGDWD 866B'59B'% 866B'59 '5,9( &056 RGHU &%56 7KHFRPPXQLFDWLRQV PRGXOHVXSSRUWVXSWR GULYHV(QWHUWR DVWKHER[LQSXWIRUWKH GULYHSDUDPHWHU 866B530 '5,9( 'ULYH 'ULYH 866B:30 '5,9( All drives (max. 16) that are connected to an RS485 port are part of the same USS network. All drives that are connected to a different RS485 port are part of a different USS network. As the S7-1200 supports up to three CM 1241 RS485 modules, you can set up up to three USS networks, each having a maximum of 16 drives, thus a total of 48 USS drives are supported. Each USS network is managed via a unique data block (three data blocks are required for three USS networks with three CM 1241 RS485 modules). All instructions that belong to a USS network must share this data block. This includes all "USS_DRIVE (Page 4387)", "USS_PORT (Page 4386)", "USS_RPM (Page 4390)", and "USS_WPM (Page 4391)" instructions for controlling all drives in a USS network. 4384 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions The instruction "USS_DRIVE (Page 4387)" is a function block (FB). When you insert the instruction "USS_DRIVE" in the editor, the "Call options" dialog will ask you to assign a DB to the instruction. - If this is the first "USS_DRIVE" instruction in this program for this USS network, you can accept the default DB assignment (or, if necessary, change the name) and the new DB will be created. - If, however, this is not the first "USS_DRIVE" instruction for this network, you must select the DB that was previously assigned to this USS network in the drop-down list in the "Call options" dialog. All "USS_PORT (Page 4386), USS_RPM (Page 4390)", and "USS_WPM (Page 4391)" instructions are functions (FCs). When you insert these FCs in the editor, no DB is assigned. Instead, you have to assign the DB in question to the USS_DB input of these instructions (double-click on the parameter field and then on the icon to display the available DBs). The instruction "USS_PORT (Page 4386)" controls communication between the CPU and the drives via the PtP communications module. Whenever this instruction is called, communication with a drive is processed. Your program must call this function quickly enough so that the drives do not report a timeout. The instruction can be called from the main program or any interrupt OB. The function block "USS_DRIVE (Page 4387)" gives your program access to a specified drive in the USS network. Its inputs and outputs correspond to the states and operating functions of the drive. If there are 16 drives in the network, "USS_DRIVE" must be called at least 16 times in your program, i.e., once for each drive. How quickly these blocks are called depends on the required speed for controlling drive functions. You can only call the instruction "USS_DRIVE" from the main program OB. CAUTION Call "USS_DRIVE", "USS_RPM", "USS_WPM" only from the main program OB. The instruction "USS_PORT" can be called from any OB, it is usually called from a time-delay interrupt OB. If the instruction "USS_PORT" is interrupted during execution, this may result in unexpected errors. The "USS_RPM" and "USS_WPM" instructions are used to read and write the operating parameters of the drive. These parameters control the internal mode of operation of the drive. A definition of these parameters can be found in the drive manual. Your program may also contain any number of these instructions; however only one read or write request can be active for a drive. You may only call the instructions "USS_RPM" and "USS_WPM" from the main program OB. Calculating the time for communication with the drive Communication with the drive is runs asynchronous to the cycle of the S7-1200. The S7-1200 runs through several cycles before communication with a drive is completed. The interval of "USS_PORT" is the time required for a drive transaction. The following table shows the minimum intervals for "USS_PORT" for each baud rate. Calling the "USS_PORT" more frequently than the "USS_PORT" interval will not increase the number of transactions. The timeout interval of the drive is the period of time available to a transaction if 3 attempts WinCC Advanced V14 System Manual, 10/2016 4385 Programming the PLC 11.4 Instructions are required to complete the transaction due to communications errors. By default, up to 2 further attempts are made for each transaction with the USS protocol. Baud rate Calculated minimum interval for calling USS_PORT (ms) Drive message interval timeout per drive (ms) 1200 790 2370 2400 405 1215 4800 212.5 638 9600 116.3 349 19200 68.2 205 38400 44.1 133 57600 36.1 109 115200 28.1 85 USS_PORT: Edit communication via USS network (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "USS_PORT" instruction handles communication over the USS network. In the program, use one "USS_PORT" instruction per PtP communications port to control the transmission to or from one drive. All USS instructions that are assigned to one USS network and one PtP communications port must use the same instance data block. Call Your program must execute the "USS_PORT" instruction often enough to prevent timeouts in the drive. You should therefore call the "USS_PORT" instruction from a cyclic interrupt OB to prevent drive timeouts and keep the most recent USS data updates available for "USS_DRIVE (Page 4387)" calls. 4386 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "USS_PORT" instruction: Parameter Declaration Data type Memory area Description PORT Input PORT D, L or constant PtP communications port identifier Constant that can be referenced within the "Con stants" tab of the default tag table. BAUD Input DINT I, Q, M, D, L or con stant Baud rate for USS communication. USS_DB InOut USS_BASE D Reference to the instance DB of the "USS_DRIVE (Page 4387)" instruction. ERROR Output BOOL I, Q, M, D, L ERROR is set to TRUE if an error occurs. A corre sponding error code will be output at the STATUS output. STATUS (Page 4393) Output WORD I, Q, M, D, L Status value of the request. It indicates the result of the cycle or initialization. Additional information is available in the "USS_Extended_Error (Page 4393)" tag for some status codes. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". USS_DRIVE: Swap data with drive (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "USS_DRIVE" instruction exchanges data with the drive by creating request messages and interpreting the drive response messages. A separate instruction must be used for each drive, but all USS instructions assigned to one USS network and one PtP communications module must use the same instance data block. You must create the DB name when you place the first "USS_DRIVE" instruction. Then reuse this DB that was created when the initial instruction was inserted. When the "USS_DRIVE" instruction is executed the first time, the drive indicated by the USS address (parameter DRIVE) is initialized in the instance DB. After this initialization, subsequent "USS_PORT (Page 4386)" instructions can start communication with the drive at this drive number. Changing the drive number requires a PLC STOP to RUN mode transition that initializes the instance DB. Input parameters are configured in the USS send buffer, and outputs are read from a "previous" valid response buffer if any exists. There is no data transmission during execution of the "USS_DRIVE" instruction. After executing "USS_PORT (Page 4386) there is communication with the drives, "USS_DRIVE" only configures the messages to be sent and evaluates data received in a previous request. WinCC Advanced V14 System Manual, 10/2016 4387 Programming the PLC 11.4 Instructions You can control the drive direction of rotation using either the DIR (BOOL) input or using the sign (positive or negative) at the SPEED_SP (REAL) input. The following table explains how these inputs work together to determine the drive direction, assuming the motor is wired for forward rotation. SPEED_SP DIR Direction of rotation of drive Value > 0 0 Reverse Value > 0 1 Forward Value < 0 0 Forward Value < 0 1 Reverse Parameters Expand the box to display all the parameters by clicking the bottom of the box. The parameter connections that are grayed are optional and do not need to be assigned. The following table shows the parameters of the "USS_DRIVE" instruction: Parameter Declaration Data type Memory area Description RUN Input BOOL I, Q, M, D, L or con stant Drive start bit: If this parameter has the value TRUE, this input enables the drive to run at the preset speed. OFF2 Input BOOL I, Q, M, D, L or con stant "Electrical stop" bit: If this parameter has the value FALSE, this bit cause the drive to coast to a stop with out braking. OFF3 Input BOOL I, Q, M, D, L or con stant Fast stop bit - If this parameter has the value FALSE, this bit causes a fast stop by braking the drive. F_ACK Input BOOL I, Q, M, D, L or con stant Fault acknowledge bit - This bit resets the fault bit on a drive. This bit is set after the fault is cleared to indi cate to the drive that it no longer needs to indicate the previous fault. DIR Input BOOL I, Q, M, D, L or con stant Drive direction control - This bit is set to indicate that the direction is forward (when SPEED_SP is positive). DRIVE Input USINT I, Q, M, D, L or con stant Drive address: This input is the address of the USS drive. The valid range is drive 1 to drive 16. PZD_LEN Input USINT I, Q, M, D, L or con stant Word length - This is the number of words of PZD data. Valid values are 2, 4, 6, or 8 words. The default is 2. SPEED_SP Input REAL I, Q, M, D, L or con stant Speed setpoint - This is the speed of the drive as a percentage of configured frequency. A positive value specifies forward direction (when DIR has the value TRUE). CTRL3 Input WORD I, Q, M, D, L or con stant Control word 3 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. Optional parameter CTRL4 Input WORD I, Q, M, D, L or con stant Control word 4 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. Optional parameter CTRL5 Input WORD I, Q, M, D, L or con stant Control word 5 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. Optional parameter 4388 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description CTRL6 Input WORD I, Q, M, D, L or con stant Control word 6 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. CTRL7 Input WORD I, Q, M, D, L or con stant Control word 7 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. Optional parameter CTRL8 Input WORD I, Q, M, D, L or con stant Control word 8 - A value written to a user-configurable parameter on the drive. The user must configure this on the drive. Optional parameter NDR Output BOOL I, Q, M, D, L New data ready - If this parameter has the value TRUE, the bit indicates that the output contains data from a new communication request. ERROR Output BOOL I, Q, M, D, L Error occurred - If this parameter has the value TRUE, this indicates that an error has occurred and the STA TUS output is valid. All other outputs are set to zero on an error. Communication errors are only reported at the ERROR and STATUS outputs of the "USS_PORT" instruction. STATUS (Page 4393) Output WORD I, Q, M, D, L Status value of the request. It indicates the result of the cycle. This is not a status word returned from the drive. RUN_EN Output BOOL I, Q, M, D, L Run enabled - This bit indicates whether the drive is running. D_DIR Output BOOL I, Q, M, D, L Drive direction - This bit indicates whether the drive is running forward. INHIBIT Output BOOL I, Q, M, D, L Drive inhibited - This bit indicates the state of the in hibit bit on the drive. FAULT Output BOOL I, Q, M, D, L Drive fault - This bit indicates that the drive has regis tered a fault. The user must eliminate the fault and then set the F_ACK bit to clear this bit. SPEED Output REAL I, Q, M, D, L Drive current speed (scaled value of drive status word 2) - The value of the speed of the drive as a percent age of configured speed. STATUS1 Output WORD I, Q, M, D, L Drive status word 1 - This value contains fixed status bits of a drive. STATUS3 Output WORD I, Q, M, D, L Drive status word 3 - This value contains a user-con figurable status word on the drive. STATUS4 Output WORD I, Q, M, D, L Drive status word 4 - This value contains a user-con figurable status word on the drive. STATUS5 Output WORD I, Q, M, D, L Drive status word 5 - This value contains a user-con figurable status word on the drive. STATUS6 Output WORD I, Q, M, D, L Drive status word 6 - This value contains a user-con figurable status word on the drive. STATUS7 Output WORD I, Q, M, D, L Drive status word 7 - This value contains a user-con figurable status word on the drive. STATUS8 Output WORD I, Q, M, D, L Drive status word 8 - This value contains a user-con figurable status word on the drive. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4389 Programming the PLC 11.4 Instructions USS_RPM: Readout parameters from the drive (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "USS_RPM" instruction reads a parameter from the drive. All USS functions that are assigned to one USS network and one PtP communications module must use the same data block. "USS_RPM" must be called from the main program OB. Parameter The following table shows the parameters of the "USS_RPM" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L Send request: If this parameter has the value TRUE, it indicates that a new read request is desired. This is ignored if the request for this parameter is already pending. DRIVE Input USINT I, Q, M, D, L or con stant Drive address: This input is the address of the USS drive. The valid range is drive 1 to drive 16. PARAM Input UINT I, Q, M, D, L or con stant Parameter number: This input specifies which drive parameter is written. The range of this parameter is 0 to 2047. See your drive manual for details on how to access any parameters above this range. INDEX Input UINT I, Q, M, D, L or con stant Parameter index: This input specifies which drive pa rameter index is to be written. This is a 16-bit value where the least significant byte is the actual index val ue with a range of (0 to 255). The most significant byte may also be used by the drive and is drive-specific. See your drive manual for additional information. USS_DB InOut USS_BASE D Reference to the instance DB that is created and ini tialized when a "USS_DRIVE" instruction is inserted in your program. DONE Output BOOL If this parameter has the value TRUE, it indicates that the VALUE output holds the previously requested read parameter value. I, Q, M, D, L This bit is set when the "USS_DRIVE" instruction rec ognizes the read response from the drive. This bit is reset when either: you request the response data via another "USS_RPM" poll or the second of the next two calls of "USS_DRIVE (Page 4387)" is executed 4390 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ERROR Output BOOL I, Q, M, D, L Error occurred - If this parameter has the value TRUE, this indicates that an error has occurred and the STA TUS output is valid. All other outputs are set to zero on an error. Communication errors are only reported at the ERROR and STATUS outputs of the "USS_PORT (Page 4386)" instruction. STATUS (Page 4393) Output WORD I, Q, M, D, L This is the status value of the request. It indicates the result of the read request. Additional information is available in the "USS_Extended_Error (Page 4393)" tag for some status codes. VALUE Output VARIANT I, Q, M, D, L This is the value of the parameter that was read and is valid only when the DONE bit has the value TRUE. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". USS_WPM: Change parameters in the drive (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "USS_WPM" instruction modifies a parameter in the drive. All USS functions that are assigned to one USS network and one PtP communications module must use the same data block. "USS_WPM" must be called from the main program OB. Note EEPROM write operations Beware of overusing the EEPROM write operation. Minimize the number of EEPROM write operations to extend the EEPROM life. Parameter The following table shows the parameters of the "USS_WPM" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L Send request: If this parameter has the value TRUE, it indicates that a new write request is desired. This is ig nored if the request for this parameter is already pend ing. DRIVE Input USINT I, Q, M, D, L or con Drive address: This input is the address of the USS stant drive. The valid range is drive 1 to drive 16. WinCC Advanced V14 System Manual, 10/2016 4391 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area PARAM Input UINT I, Q, M, D, L or con Parameter number: This input specifies which drive pa stant rameter is written. The range of this parameter is 0 to 2047. See your drive manual for details on how to ac cess any parameters above this range. INDEX Input UINT I, Q, M, D, L or con Parameter index: This input specifies which drive pa stant rameter index is to be written. This is a 16-bit value where the least significant byte is the actual index value with a range of (0 to 255). The most significant byte may also be used by the drive and is drive-specific. See your drive manual for additional information. EEPROM Input BOOL I, Q, M, D, L or con Store to drive EEPROM: If this parameter has the value stant TRUE, values written to the drive parameter will be stor ed in the drive EEPROM. If this parameter has the value FALSE, the value written is only temporarily saved and will be lost the next time the drive is switched on. VALUE Input VARIANT I, Q, M, D, L or con The value of the parameter that is to be written. It must stant be valid on the transition of REQ. USS_DB InOut USS_BASE D This is a reference to the instance DB that is created and initialized when a "USS_DRIVE (Page 4387)" in struction is inserted in your program. DONE Output BOOL If this parameter has the value TRUE, the VALUE input was written to the drive. I, Q, M, D, L Description This bit is set when the "USS_DRIVE (Page 4387)" in struction recognizes the write response from the drive. This bit is reset when either: You request the drive's confirmation that the write oper ation has been completed via another "USS_WPM" query or when the second of the next two calls of "USS_DRIVE (Page 4387)" is executed. ERROR Output BOOL I, Q, M, D, L Error occurred: If this parameter has the value TRUE, this indicates that an error has occurred and the STA TUS output is valid. All other outputs are set to zero on an error. Communication errors are only reported at the ERROR and STATUS outputs of the "USS_PORT (Page 4386)" instruction. STATUS (Page 4393) Output WORD I, Q, M, D, L This is the status value of the request. It indicates the result of the write request. Additional information is avail able in the "USS_Extended_Error (Page 4393)" tag for some status codes. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". 4392 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS of USS instructions (S7-1200) STATUS parameter The following table contains the status codes of the USS operation that are output at the STATUS output of the USS instructions: STATUS* (W#16#....) Description 0000 No error 8180 The length of the drive response did not match the characters received from the drive. The drive number where the error occurred is returned in the "USS_Extended_Error" tag. See the extended error description below this table. 8181 The parameter VALUE is not of the data type WORD, REAL, or DWORD 8182 User supplied a parameter value of the type word and received a DWORD or REAL from the drive in the response 8183 User supplied a parameter value of the type DWORD or REAL and received a word from the drive in the response 8184 Response telegram from drive had a bad checksum. The drive number where the error occurred is returned in the "USS_Extended_Error" tag. See the extended error description below this table. 8185 Illegal drive address (valid drive address range: 1-16) 8186 Speed set point out of valid range (valid speed SP range: -200% to 200%) 8187 Wrong drive number responded to the request sent. The drive number where the error occurred is returned in the "USS_Extended_Error" tag. See the extended error description below this table. 8188 Illegal PZD word length specified (valid range = 2, 4, 6 or 8 words) 8189 Illegal baud rate was specified 818A Parameter request channel is in use by another request for this drive 818B Drive has not responded to requests and retries. The drive number where the error occurred is returned in the "USS_Extended_Error" tag. See the extended error description below this table. 818C Drive returned an extended error on a parameter request operation. See the extended error description below this table. 818D Drive returned an invalid access error on a parameter request operation. See your drive manual for infor mation of why parameter access may be limited 818E Drive has not been initialized: This error code is output at "USS_RPM (Page 4390)" or "USS_WPM (Page 4391)" if the "USS_DRIVE (Page 4387)" instruction has not been called at least once for this drive. This prevents the initialization of the first cycle of "USS_DRIVE (Page 4387)" from overwriting a pending parameter read or write request since it initializes the drive as a new entry. To eliminate this error, call the "USS_DRIVE (Page 4387)" instruction for this drive. 80Ax-80Fx Specific errors returned from PtP (Point-to-Point) communication instructions called by the USS library: These error code values are not modified by the USS library and are defined in the PtP instruction descrip tions. * The error codes can be displayed as integer or hexadecimal values in the program editor. For additional information on toggling display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4393 Programming the PLC 11.4 Instructions USS_Extended_Error - USS drive extended error codes USS drives support read and write access to a drive's internal parameters. This feature allows distributed control and configuration of the drive. Drive parameter access operations can fail due to errors such as values out of range or invalid requests in a drive's current mode. The drive generates an error code that is output in the "USS_Extended_Error" variable in the instance DB of the "USS_DRIVE (Page 4387)" instruction. This error code value is only valid for the last execution of the "USS_RPM (Page 4390)" or "USS_WPM (Page 4391)" instruction. The drive error code is put into the "USS_Extended_Error" tag when the value of STATUS is hexadecimal 818C. The error code of "USS_Extended_Error" depends on the drive variant. See the drive's manual for a description of the extended error codes for read and write parameter operations. MODBUS (RTU) (S7-1200) MB_COMM_LOAD: Configure port on the PtP module for Modbus RTU (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "MB_COMM_LOAD" instruction configures a port for communication using the Modbus RTU protocol. The following hardware can be used for this: Up to three point-to-point modules (PtP) CM 1241 RS485 or CM 1241 RS232 A communications board CB 1241 RS485 in addition to this After configuration of the port, you communicate over Modbus by executing the "MB_SLAVE" or "MB_MASTER" instruction. Call "MB_COMM_LOAD" must be called once to configure the port for the Modbus RTU protocol. On completion of the configuration, the port can be used by the "MB_MASTER (Page 4397)" and "MB_SLAVE (Page 4405)" instructions. "MB_COMM_LOAD" only needs to be called again if one of the communication parameters has to be modified. Each "MB_COMM_LOAD" call deletes the communications buffer. To avoid data loss during communication, you should not call the instruction unnecessarily. One instance of "MB_COMM_LOAD" must be used to configure the port of each communication module that is used for Modbus communication. You assign a unique "MB_COMM_LOAD" instance data block for each port that you use. The S7-1200 CPU is limited to three communication modules. 4394 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions An instance data block is assigned when you insert the "MB_MASTER (Page 4397)" or "MB_SLAVE (Page 4405)" instruction. This instance data block is referenced when you specify the MB_DB parameter on the "MB_COMM_LOAD" instruction. Parameters The following table shows the parameters of the instruction "MB_COMM_LOAD": Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L Execution of the instruction upon a rising edge. PORT Input PORT I, Q, M, D, L or con stant ID of the communications port: BAUD Input UDINT I, Q, M, D, L or con stant After you have inserted the communications mod ule in the device configuration, the port ID appears in the drop-down list at the PORT box connection. This constant can also be referenced within the "Constants" tab of the tag table. Baud rate selection: 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 76800, 115200 All other values are invalid. PARITY Input UINT I, Q, M, D, L or con stant Parity selection: 0 - None 1 - Odd 2 - Even FLOW_CTRL Input UINT I, Q, M, D, L or con stant Flow control selection: 0 - (default) No flow control 1 - Hardware flow control with RTS always ON (does not apply to RS485 ports) 2 - Hardware flow control with RTS switched RTS_ON_DLY Input UINT I, Q, M, D, L or con stant RTS on-delay selection: 0 - (default) No delay of RTS active until the first character of the message is transmitted. 1 to 65535 - Delay in milliseconds of "RTS active" until the first character of the message is transmitted (does not apply to RS-485 ports). RTS delays must be used depending on the selection of FLOW_CTRL. RTS_OFF_DLY Input UINT I, Q, M, D, L or con stant RTS off-delay selection: 0 - (default) No delay after the last character transmitted until "RTS inactive" 1 to 65535 - Delay in milliseconds after the last character transmitted until "RTS inactive" (does not apply to RS-485 ports). RTS delays must be used regardless of the selection of FLOW_CTRL. WinCC Advanced V14 System Manual, 10/2016 4395 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description RESP_TO Input UINT I, Q, M, D, L or con stant Response timeout: Time in milliseconds allowed by "MB_MASTER (Page 4397)" for the slave to respond. If the slave does not respond in this time, "MB_MASTER (Page 4397)" repeats the request or terminates the request with an error if the specified number of re tries has been sent. 5 ms to 65535 ms (default = 1000 ms). MB_DB Input MB_BASE D A reference to the instance data block of the "MB_MASTER (Page 4397)" or "MB_SLAVE (Page 4405)" instructions. After you insert "MB_SLAVE (Page 4405)" or "MB_MASTER (Page 4397)" in your program, the DB identifier ap pears in the drop-down list at the MB_DB box con nection. DONE Output BOOL I, Q, M, D, L Execution of instruction completed without error. ERROR Output BOOL I, Q, M, D, L Error: 0 - No error detected 1 - Indicates that an error was detected. An error code is output in the STATUS parameter. STATUS Output WORD I, Q, M, D, L Port configuration error code You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Error code* (W#16#...) Description 0000 No error 8180 Invalid value for the port ID (wrong address for the communications module). 8181 Invalid baud rate value. 8182 Invalid parity value. 8183 Invalid flow control value. 8184 Invalid value for the timeout of the response (the time before which a timeout is reported must be at least 25 ms). 8185 Incorrect pointer in the MB_DB parameter to the instance DB of the "MB_MASTER (Page 4397)" or "MB_SLAVE (Page 4405)" instruction. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". 4396 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MB_COMM_LOAD data block tags The table below shows the public static tags in the instance DB of MB_COMM_LOAD that you can use in your program. Table 11-104 Static tags in the instance DB Tag Data type Default Description ICHAR_GAP WORD 0 Delay for the character spacing between characters. This parameter is speci fied in milliseconds and is used to increase the anticipated period between the received characters. The corresponding number of bit times for this pa rameter is added to the Modbus standard value of 35 bit times (3.5 character times). RETRIES WORD 2 The number of repeated attempts by the master before the error code 0x80C8 is returned for "No response". STOP_BITS USINT 1 Number of stop bits per character Valid values 1 and 2 MB_MASTER: Communicate via the PtP port as Modbus master (S7-1200) Description of MB_MASTER (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "MB_MASTER" instruction allows your program to communicate as a Modbus master using a port on a point-to-point module (CM) or a communications board (CB). You can access data in one or more Modbus slave devices. Before the "MB_MASTER" instruction can communicate with a port, "MB_COMM_LOAD (Page 4394)" must first execute. An instance DB is created when you insert the "MB_MASTER" instruction in your program. You specify this instance DB in the MB_DB input parameter of the "MB_COMM_LOAD (Page 4394)" instruction. Rules for Modbus master communication A port used for Modbus master requests cannot be used for "MB_SLAVE". A port can be used for one or more "MB_MASTER" calls if the same instance DB is used. The Modbus instructions do not use communication interrupt events to control the communication process. Your program must poll the "MB_MASTER" instruction for completed send and receive operations. WinCC Advanced V14 System Manual, 10/2016 4397 Programming the PLC 11.4 Instructions Calling the instruction: - Call the "MB_MASTER" instruction if possible in a cyclic program OB. The instruction can only be called in a time delay or cyclic interrupt OB. - Do not call more than one "MB_MASTER" instruction in organization blocks with different priority classes. If a "MB_MASTER" instruction executes "preemptively" from a higher priority class, the instruction may execute incorrectly. - Do not call the "MB_MASTER" instruction in a startup, diagnostics or time error OB. After a transfer has started, the EN parameter (LAD/FBD) must remain set to the value "1" until the DONE or ERROR output parameter is set to "1" by the instruction. A renewed call by the REQ parameter while the instruction is executing causes an error. After the instruction executes, the bit in the REQ parameter remains set for the time specified by the BLOCKED_PROC_TIMEOUT parameter in the instance DB. If "MB_MASTER" sends a request to a slave, make sure that "MB_MASTER" continues to execute until the response from the slave arrives. Parameters The following table shows the parameters of the "MB_MASTER" instruction: Parameters Declaration Data type Memory area Description REQ (Page 4400) Input BOOL I, Q, M, D, L Request input: MB_ADDR Input 0 - No request 1 - Request to transmit data to Modbus slave(s) UINT I, Q, M, D, L or con Modbus RTU station address: stant Default address range: 0 to 247 Extended address range: 0 to 65535 The value "0" is reserved for broadcasting a message to all Modbus slaves. Modbus function codes 05, 06, 15, and 16 are the only function codes supported for broad cast. MODE (Page 4400) Input USINT I, Q, M, D, L or con Mode selection: Specifies the type of request: Read, stant write, or diagnostics: Refer to the Modbus functions table for details. DATA_ADDR (Page 4400) Input UDINT I, Q, M, D, L or con Starting address in the slave: Specifies the starting ad stant dress of the data to be accessed in the Modbus slave. You will find the valid addresses in the Modbus functions table. DATA_LEN Input UINT I, Q, M, D, L or con Data length: Specifies the number of bits or words to be stant accessed in this request. You will find the valid lengths in the Modbus functions table. DATA_PTR (Page 4402) Input VARIANT M, D Points to the DB or bit memory address of the CPU for the data to be written or read. For a DB, this must be created with the "Standard - compatible with S7-300/400" access type. DONE Output BOOL I, Q, M, D, L 0: Transaction not completed 1: Transaction completed without error 4398 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameters Declaration Data type Memory area Description BUSY Output BOOL I, Q, M, D, L 0: No "MB_MASTER" transaction in progress 1: "MB_MASTER" transaction in progress ERROR Output BOOL I, Q, M, D, L 0: No error 1: Error, the error code is indicated by the STATUS parameter STATUS Output WORD I, Q, M, D, L Execution condition code You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". STATUS parameter Table 11-105 Communications and configuration error messages of the instruction Error code* Description (W#16#....) 0000 No error 80C8 Slave timeout. Check the baud rate, parity and the connectors on the slave. 80D1 The receiver issued a flow control request to suspend an active transmission and never re-enabled the transmission within the wait time. This error is also generated during hardware flow control if the recipient does not detect CTS within the wait time. 80D2 The send request was aborted because no DSR signal is received from the DCE. 80E0 The message was terminated because the receive buffer is full. 80E1 The message was terminated as a result of a parity error. 80E2 The message was terminated as a result of a framing error. 80E3 The message was terminated as a result of an overrun error. 80E4 The message was terminated as a result of the specified length exceeding the total buffer size. 8180 Invalid value for the port ID. 8186 Invalid Modbus station address 8188 The MODE parameter has an invalid value for a broadcast call. 8189 Invalid data address value. 818A Invalid data length value. 818B Invalid pointer to the local data source/destination: Size not correct 818C The DATA_PTR parameter has an invalid pointer. Use a pointer to a bit memory area or a DB with the "Standard - compatible with S7-300/400" access type. 8200 Port is busy processing a send request * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4399 Programming the PLC 11.4 Instructions Table 11-106 Error messages of the Modbus protocol Error code* Description (W#16#....) Response code of slave 8380 - CRC error 8381 01 Function code not supported 8382 03 Data length error 8383 02 Error in the data address or address outside the valid range of DATA_PTR 8384 > 03 Data value error 8385 03 Data diagnostic code value not supported (function code 08) 8386 - Function code of the response does not match the function code of the query. 8387 - Response from wrong slave 8388 - The response of the slave to a write call is not correct. The data sent by the slave does not match the query from the master. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter REQ (S7-1200) Description REQ = FALSE: No request REQ = TRUE: Request to transmit data to Modbus slave(s) You can control this input by means of a level-controlled or edge-controlled contact. A state machine is started every time this input is activated to ensure that another instruction "MB_MASTER" that uses the same instance DB can only issue a request when the current request has been processed. All other input states are recorded and saved internally for the current request until the reply has been received or an error has been detected. If the same instance of "MB_MASTER" is executed again with REQ input = 1 before the current request is completely processed, no subsequent transfers are made. However, if the request has been processed, a new request is issued at the time when "MB_MASTER" is executed again with REQ input = 1. DATA_ADDR and MODE parameters (S7-1200) Description You specify the start address for data access to the Modbus slave using the DATA_ADDR parameter. 4400 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions With the MODE parameter and the Modbus address, you specify the function code to be transferred to the Modbus slave. The following table shows the relationship between the MODE parameter, the function code and Modbus address range. MODE Modbus function Data length Operation and data Modbus address 0 01 1 to 2000 Read output bits: 1 to 9999 1 to 1992 (1) 1 to (1992 or 2000) bits per query 1 to 2000 Read input bits: 0 02 1 to 1992 0 03 1 to 125 1 to 124 0 04 (1) 10001 to 19999 1 to (1992 or 2000) bits per query Read holding register: 40001 to 49999 or 1 to (124 or 125) WORD per query 400001 to 465535 1 to 125 Read input WORD: 30001 to 39999 1 to 124 (1) 1 to (124 or 125) WORD per query Writing an output bit: (1) 1 05 1 1 06 1 1 15 2 to 1968 1 to 9999 One bit per query 2 to 1960 1 2 2 11 16 15 16 11 (1) Writing a holding register: 40001 to 49999 or 1 WORD per query 400001 to 465535 Writing multiple output bits: 1 to 9999 2 to (1960 or 1968) bits per query 2 to 123 Writing multiple holding registers: 40001 to 49999 or 2 to 122 (1) 2 to (122 or 123) WORD per query 400001 to 465535 1 to 1968 Writing one or more output bits: 1 to 9999 2 to 1960 (1) 1 to (1960 or 1968) bits per query 1 to 123 Writing one or more holding registers: 40001 to 49999 or 2 to 122 (1) 1 to (122 or 123) WORD per query 400001 to 465535 0 Reading out the communications status word of the slaves and the event counter: - The status word indicates execution of the instruc tion (0: is not executing; 0xFFFF: is executing). The event counter is incremented each time a message is transferred successfully. The DATA_ADDR and DATA_LEN parameters of the "MB_MASTER" instruction are ignored with this function. 80 08 1 Checking the slave status by reading the error code (0x0000): - 1 WORD per query 81 08 1 Resetting the event counter of the slave with the diagnostics code 0x000A: - 1 WORD per query 3 to 10, 12 to 79, 82 to 2555 Reserved - For the "Extended address range", the maximum data length is reduced by one byte or one WORD depending on which data type is used for the function. (1) WinCC Advanced V14 System Manual, 10/2016 4401 Programming the PLC 11.4 Instructions Parameter DATA_PTR (S7-1200) Description The DATA_PTR parameter is a pointer to a data block or bit memory from which the data should be written or read. If you use a data block, create a global data block with the "Standard - compatible with S7-300/400" access type. Data block structures for the DATA_PTR parameter These data types are valid for reading of words of Modbus addresses 30001 to 39999, 40001 to 49999, and 400001 to 465536 and also for writing of words to Modbus addresses 40001 to 49999 and 400001 to 465536. - Standard array of WORD, UINT, or INT data types (see below). - Named WORD, UINT, or INT structure where each element has a unique name and 16 bit data type. - Named complex structure where each element has a unique name and 16 bit or 32 bit data type. For reading and writing of bits of Modbus addresses 00001 to 09999 and 10001 to 19999. - Standard array of Boolean data types. - Named Boolean structure of uniquely named Boolean variables. Although not required, it is recommended that each "MB_MASTER" instruction has its own separate memory area in a global data block. The reason for this recommendation is that there is a greater possibility of data corruption if multiple "MB_MASTER" instructions are reading and writing the same area of a global data block. The memory areas for DATA_PTR do not need to be in the same global data block. You can create one data block with multiple areas for Modbus read operations, one data block for Modbus write operations, or one data block for each slave station. 4402 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Instance DB of the "MB_MASTER" instruction (S7-1200) Static variables of the instance DB The following table describes the static variables of the instance DB of the instruction that you can use in the user program. Variable Data type Description MB_STATE UINT Internal status of the Modbus instruction BLOCKED_ PROC_TIMEOUT REAL Time between completion of the instruction call and resetting the ACTIVE bit in the instance DB. The time buffer is used to avoid execution of the instruction being terminated before a job has been sent completely. The default time is 500 ms. EXTENDED_ AD DRESSING BOOL Configuring addressing: 0: Default address area (1 byte) 1: Extended address area (2 bytes) For additional information, refer to the section EXTENDED_AD DRESSING: Instance DB of the "MB_SLAVE" instruction (Page 4408) Sample program for a Modbus master (S7-1200) Networks (LAD) Network 1: Initialize parameters of the RS-485 module only once during the first cycle. Network 2: Read 100 words from the holding register of the slave. WinCC Advanced V14 System Manual, 10/2016 4403 Programming the PLC 11.4 Instructions Network 3: This is an optional network that displays the values of the first 3 words as soon as the read operation has executed. Network 4: Write 64 bits to the process image output, starting at slave address Q2.0. 4404 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MB_SLAVE: Communicate via the PtP port as Modbus slave (S7-1200) Description of MB_SLAVE (S7-1200) Note Use with CM1241 The use of this instruction with a CM1241 is possible only as of firmware version V2.1 of the module. Description The "MB_SLAVE" instruction allows your program to communicate as a Modbus slave using a port on a point-to-point module (PtP) or a communications board (CB). A Modbus RTU master can issue a request and then your program responds via "MB_SLAVE" execution. You must assign a unique instance data block when you insert the "MB_SLAVE" instruction in your program. This instance data block is used when you specify it at the MB_DB parameter of the "MB_COMM_LOAD (Page 4394)" instruction. Modbus communication function codes (1, 2, 4, 5, and 15) can read and write bits and words directly in the process image input and process image output in the target system. The following table shows the mapping of Modbus addresses to the process image in the CPU. Modbus functions of "MB_SLAVE" S7-1200 Codes Function Data area Address range Data area CPU address 01 Read bits Output 1 to 8192 Process image output Q0.0 to Q1023.7 02 Read bits Input 10001 to 18192 Process image input I0.0 to I1023.7 04 Read words Input 30001 to 30512 Process image input IW0 to IW1022 05 Write bit Output 1 to 8192 Process image output Q0.0 to Q1023.7 15 Write bits Output 1 to 8192 Process image output Q0.0 to Q1023.7 Modbus communication function codes (function codes 3, 6, 16) use a separate holding register. To do this, you can use bit memory or a data block with the "Standard - compatible with S7-300/400" access type. WinCC Advanced V14 System Manual, 10/2016 4405 Programming the PLC 11.4 Instructions You specify the type of the holding register using the MB_HOLD_REG parameter of the MB_SLAVE instruction. The following table shows the mapping of the Modbus holding register to the DB address of MB_HOLD_REG in the target system. Modbus functions of "MB_SLAVE" S7-1200 Codes Function Data area 03 Read words Holding regis ter 06 Write word Holding regis ter Holding regis ter 40001 to 49999 or DW0 to DW19998 or 400001 to 465535 DW0 to DW131068 16 Write words Address range Address in the DB Bit memory address (WORD number) (BYTE number) (BYTE number) 40001 to 49999 or DW0 to DW19998 or MW0 to CPU limit 400001 to 465535 DW0 to DW131068 40001 to 49999 or DW0 to DW19998 or 400001 to 465535 DW0 to DW131068 The table below shows the supported Modbus diagnostic functions. S7-1200 "MB_SLAVE" Modbus diagnostic functions Codes Subfunction Description 08 0000H Return query data echo test: The "MB_SLAVE" instruction returns the echo of a received data word to a Modbus master. 08 000AH Clear communication event counter: The "MB_SLAVE" instruction clears the communication event counter that is used for Modbus function 11. 11 - Get communication event counter: The "MB_SLAVE" instruction uses an internal communication event counter for recording the number of successful Modbus read and write requests that are sent to the Modbus slave. The counter is not incremented on any Function 8, Function 11, or broadcast requests. It is also not incremented on any requests that result in a communication error (for example, parity or CRC errors). The "MB_SLAVE" instruction supports broadcast write requests from Modbus masters as long as the requests include access to valid addresses. Regardless of the validity of a request, "MB_SLAVE" gives no response to a Modbus master as the result of a broadcast request. Rules of Modbus slave communication "MB_COMM_LOAD" must be executed to configure a port, before the "MB_SLAVE" instruction can communicate with this port. If a port is to respond as a slave to a Modbus master, then that port cannot be used by "MB_MASTER (Page 4397)". Only one instance of "MB_SLAVE" can be used with a given port. The Modbus instructions do not use communication interrupt events to control the communication process. Your program must control the communication process by polling the "MB_SLAVE" instruction for completed send and receive operations. The "MB_SLAVE" instruction must be executed periodically at a rate that allows it to make a timely response to incoming requests from a Modbus master. It is therefore advisable to call the instruction in a cyclic program OB. Calling the "MB_SLAVE" instruction in an interrupt OB is possible but not advisable since it can lead to long delays in execution. 4406 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Frequency of execution of "MB_SLAVE" The "MB_SLAVE" instruction must be executed periodically to receive each request from the Modbus master and to respond as required. The frequency of execution of "MB_SLAVE" is dependent upon the specified response timeout period of the Modbus master. This is illustrated in the following diagram. $'5 )& 'DWD 5HVSRQVH WLPHRXWSHULRG &5& 0DVWHUVHQGV 6WDUW &5& LQWHUYDO FKDUDFWHUWLPHV $'5 6ODYHVHQGV 5HVSRQVH GHOD\WLPH $'5 )& 'DWD 6WDUW &5& LQWHUYDO The response timeout period is the amount of time a Modbus master waits for the start of a response from a Modbus slave. This time period is not defined by the Modbus protocol, but rather by a parameter of each Modbus master. The frequency of execution (time between one execution and the next execution) of "MB_SLAVE" must be based on the particular parameters of your Modbus master. As a minimum, you should execute "MB_SLAVE" twice within the response timeout period of the Modbus master. Parameter The following table shows the parameters of the "MB_SLAVE" instruction: Parameter Declaration Data type Memory area Description MB_ADDR Input V1.0: USINT I, Q, M, D, L or con Station address of the Modbus slave (address stant range: 0 to 255) V2.0: UINT MB_HOLD_REG Input VARIANT D Pointer to the Modbus holding register DB. The DB must be created with the "Standard - compatible with S7-300/400" access type. NDR Output BOOL I, Q, M, D, L New data ready: 0: No new data 1: Indicates that new data has been written by the Modbus master DR Output BOOL I, Q, M, D, L Read data: 0: No data read 1: Indicates that data has been read by the Modbus master ERROR Output BOOL I, Q, M, D, L 0: No error detected 1: Error, a corresponding error code is output in the STATUS STATUS Output WORD I, Q, M, D, L Error code You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". WinCC Advanced V14 System Manual, 10/2016 4407 Programming the PLC 11.4 Instructions STATUS parameter STATUS* (W#16#....) Description 80C8 The specified response timeout (refer to RCVTIME or MSGTIME) is "0". 80D1 The receiver issued a flow control request to suspend an active transmission and never re-enabled the transmission within the wait time. This error is also generated during hardware flow control if the recipient does not detect CTS within the wait time. 80D2 The send request was aborted because no DSR signal is received from the DCE. 80E0 The message was terminated because the receive buffer is full 80E1 The message was terminated as a result of a parity error 80E2 The message was terminated as a result of a message frame error 80E3 The message was terminated as a result of a overrun error 80E4 The message was terminated as a result of the specified length exceeding the total buffer size 8180 Invalid value for the port ID. 8186 Invalid Modbus station address 8187 Invalid pointer to MB_HOLD_REG-DB 818C Pointer to a type safe DB type MB_HOLD_REG (must be a Classic DB type) Response code sent to Modbus master (B#16#...) 8380 No response CRC error 8381 01 Function code not supported or not supported in a broadcast 8382 03 Data length error 8383 02 Error in the data address or address outside the valid range of MB_HOLD_REG 8384 03 Data value error 8385 03 Data diagnostic code value not supported (function code 08) * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Instance DB of the "MB_SLAVE" instruction (S7-1200) Static variables of the instance DB The following table describes the static variables of the instance DB of the instruction that you can use in the user program. Your program can write values to the HR_Start_Offset and Extended_Addressing variables and control the Modbus slave operations. The other variables can be read to monitor the Modbus status. Variable Data type Description HR_Start_Offset WORD Start address of the Modbus holding register (default = " 0") Extended_ Ad dressing BOOL Configuring addressing: 0: Default address area (1 byte) 1: Extended address area (2 bytes) Request_Count 4408 WORD Total number of queries received by the slave WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Variable Data type Description Slave_Mes sage_Count WORD Number of queries sent to this specific slave Bad_CRC_Count WORD Number of received queries with CRC errors Broadcast_Count WORD Number of received broadcast queries Exception_Count WORD Number of Modbus-specific errors that require the return of an ex ception Success_Count WORD The number of requests received for this specific slave without pro tocol errors HR_Start_Offset The addresses of the Modbus holding register start at 40001 or 400001. These addresses correspond to the start address of the holding register in the target system memory. Using the HR_Start_Offset variable, you can set the offset to a different start address. Example: A holding register starts at MW 100 and has a length of 100 WORD. With an offset of 20 in the HR_Start_Offset parameter, the holding register begins at address 40021 instead of 40001. Each address below 40021 and above 400119 causes an addressing error. HR_Start_Offset = 0 HR_Start_Offset = 20 Modbus word ad S7-1200 byte ad dress dress Modbus word ad dress S7-1200 byte ad dress Minimum 40001 MW100 40021 MW100 Maximum 40099 MW198 40119 MW198 Extended_Addressing To address the Modbus slave, a single byte (default address range) or a double byte (extended address range) can be configured. Extended addressing is used to address more than 247 devices in a single network. If you decide on extended addressing, you can address a maximum of 64,000 addresses. Below, you will see a frame of Modbus function 1 as an example. Table 11-107 Slave address with one byte (byte 0) Function 1 Byte 0 Byte 1 Byte 2 Byte 3 Request Slave ad dress F code Valid response Slave ad dress F code Length Error response Slave ad dress 0x81 E code WinCC Advanced V14 System Manual, 10/2016 Start address Byte 4 Byte 5 Length of the coils Coil data 4409 Programming the PLC 11.4 Instructions Table 11-108 Slave address with two bytes (byte 0 and byte 1) Function 1 Byte 0 Byte 1 Byte 2 Byte 3 Byte 4 Request Slave address F code Valid response Slave address F code Length Start address Error response Slave address 0x81 F code Byte 5 Byte 6 Length of the coils Coil data Sample program for a Modbus slave (S7-1200) Networks (LAD) Network 1: Initialize parameters of the RS-485 module only once during the first cycle. Network 2: Check the requests of the Modbus master in every cycle. 100 words starting at MW1000 are configured for the Modbus holding register. 4410 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MODBUS (TCP) (S7-1200, S7-1500) MODBUS (TCP) Library V2.1 (S7-1200) MB_CLIENT: Communicating via PROFINET as a Modbus TCP client (S7-1200) Description of MB_CLIENT (S7-1200) Description The "MB_CLIENT" instruction communicates as a Modbus TCP client via the PROFINET connection of the S7-1200 CPU. To use the instruction, you do not require any additional hardware module. With the "MB_CLIENT" instruction, you establish a connection between the client and the server, send requests and receive responses and control connection termination of the Modbus TCP server. Parameters The following table shows the parameters of the "MB_CLIENT" instruction: Parameter Declaration Data type Description REQ (Page 4414) Input BOOL Communication request with the Modbus TCP server The REQ parameter is level-controlled. This means that as long as the input is set (REQ=true), the instruction sends communication requests. The instance DB for other clients is blocked with the communications request. Changes to the input parameters will not become effective until the server has responded or an error message has been output. If the parameter REQ is set again during an ongoing Modbus request, no additional transmission takes place afterwards. DISCONNECT (Page 4414) Input BOOL With this parameter, you control the establishment and termination of the connection to the Modbus server: 0: Establish a communications connection to the specified IP address and port number. 1: Disconnect the communication connection. No other function is executed during connection termination. The value 7003 is output at the STATUS parameter after successful connection termination. The request is sent immediately if the REQ parameter is set during connection establishment. CONNECT_ID Input UINT Unique ID to identify the connection. Each instance of the instruc tions "MB_CLIENT" and "MB_SERVER (Page 4419)" must be as signed a unique connection ID. IP_OCTET_1 Input USINT 1. Octet of the IP address* of the Modbus TCP server. IP_OCTET_2 Input USINT 2. Octet of the IP address* of the Modbus TCP server. WinCC Advanced V14 System Manual, 10/2016 4411 Programming the PLC 11.4 Instructions Parameter Declaration Data type Description IP_OCTET_3 Input USINT 3. Octet of the IP address* of the Modbus TCP server. IP_OCTET_4 Input USINT 4. Octet of the IP address* of the Modbus TCP server. IP_PORT Input UINT IP port number of the server to which the client establishes the con nection and communicates using the TCP/IP protocol (default value: 502). MB_MODE (Page 4414) Input USINT Selects the mode of the request (read, write or diagnostics). MB_DATA_ADDR (Page 4414) Input UDINT Start address of the data accessed by the "MB_CLIENT" instruction. DATA_LEN Input UINT Data length: Number of bits or words for the data access (see "MB_MODE and MB_DATA_ADDR parameters" - data length). MB_DATA_PTR (Page 4415) InOut VARIANT Pointer to the Modbus data register: The register is a buffer for the data received from the Modbus server or to be sent to the Modbus server. The pointer must reference a global data block with standard access. The number of bits addressed must be divisible by 8. DONE Out BOOL The bit at output parameter DONE is set to "1" as soon as the last job is completed without errors. BUSY Out BOOL 0: No "MB_CLIENT " job in progress 1: "MB_ CLIENT " job in progress ERROR Out BOOL 0: No error 1: Error occurred. The cause of error is indicated by the STATUS parameter. STATUS (Page 4416) Out WORD Error code of the instruction. * 8-bit long component of the 32-bit IPv4 IP address of the Modbus TCP server. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Consistent input data during an "MB_CLIENT" call When a Modbus client calls a Modbus instruction, the status of the input parameters is stored internally and then compared at the next call. The comparison is used to determine whether this particular call initialized the current request. Several "MB_CLIENT" calls can be executed if you use a common instance DB. The values of the input parameters must not be changed while an "MB_CLIENT" instance is being executed. If the input parameters are changed during execution, "MB_CLIENT" cannot be used to check whether or not the instance is currently being executed. Multiple client connections A Modbus TCP client can support several TCP connections and the maximum number of connections depends on the CPU being used. The total number of connections of one CPU, including those of the Modbus TCP clients and server must not exceed the maximum number of supported connections. Modbus TCP connections can also be shared by client and/or server connections. 4412 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions With individual client connections, remember the following rules: Each "MB_CLIENT" connection must use a unique instance DB. For each "MB_CLIENT" connection, a unique server IP address must be specified. Each "MB_CLIENT" connection requires a unique connection ID. The relevant individual connection ID must be used for each individual instance DB of the instruction. The connection ID and instance DB belong together in pairs and must be unique for each connection. Unique numbers for the IP port may or may not be required depending on the server configuration. Static tags of the instruction The following table describes the editable static tags of the instance data block of the "MB_CLIENT" instruction. Tag Data type Start value Description Blocked_Proc_Time out REAL 3.0 Wait time in seconds before the static tag ACTIVE is reset if there is a blocked Modbus instance. This can, for example, occur if a client request is output and the execution of the client function aborts be fore the request was fully executed. The maximum wait time is 55 seconds. MB_Transaction_ID WORD 1 Transaction ID of the Modbus TCP protocol. The start value of "1" should only be changed if the Modbus TCP server requires a differ ent value. MB_Unit_ID BYTE 255 Modbus device detection: A Modbus TCP server is addressed using its IP address. For this reason, the MB_UNIT_ID parameter is not used in the case of Mod bus TCP addressing. The MB_UNIT_ID parameter corresponds to the field of the slave address in the Modbus RTU protocol. If a Modbus TCP server is used as a gateway for a Modbus RTU protocol, the slave device in the serial network can be identified using MB_UNIT_ID. The MB_UNIT_ID parameter would in this case forward the request to the correct Modbus RTU slave address. Please note that some Modbus TCP devices may require the MB_UNIT_ID parameter for the initialization within a limited value range. RCV_TIMEOUT REAL 2.0 Time interval in seconds in which the "MB_CLIENT" instruction waits for a response from the server. Connected BOOL 0 Indicates whether the connection to the assigned client has been established or not: 1 = connected, 0 = not connected. See also MB_CLIENT example 1: Send several requests via a TCP connection (Page 4425) MB_CLIENT example 2: Send multiple requests via several TCP connections (Page 4426) WinCC Advanced V14 System Manual, 10/2016 4413 Programming the PLC 11.4 Instructions MB_CLIENT example 3: Coordinate several requests (Page 4427) Difference between synchronous and asynchronous instructions (Page 2436) REQ and DISCONNECT parameters (S7-1200) Description If no instance of the "MB_CLIENT" instruction is executing and if the value of the DISCONNECT parameter is "0", a new job executes if REQ=1. If there is not yet a connection, this is established during execution. If the same instance of the "MB_CLIENT" instruction executes again (DISCONNECT = 0 and REQ = 1), before the active job was executed, this is not executed on completion of the active job. A new job can only be started on completion of the active job (REQ = 1). You can monitor the status of execution with the DONE parameter. You can use this to monitor the status of execution if the "MB_CLIENT" instruction is executed sequentially. See also Description of MB_CLIENT (Page 4411) MB_MODE and MB_DATA_ADDR parameters (S7-1200) Description Instead of a function code, the "MB_CLIENT" instruction uses the MB_MODE parameter. The MB_DATA_ADDR parameter is used to specify the Modbus start address of the data you want to access. The combination of the parameters MB_MODE and MB_DATA_ADDRdefines the function code used in the current Modbus message. The following table shows the relationship between the MB_MODE parameter, the Modbus function and the address space. MB_MODE Modbus function Data length Function and data type MB_DATA_ADDR 0 01 1 to 2000 Read output bits: 1 to 9999 1 to 2000 bits per call 0 02 1 to 2000 Read input bits: 10001 to 19999 1 to 2000 bits per call 0 03 1 to 125 Read holding register: 40001 to 49999 1 to 125 WORD per call 0 04 1 to 125 Read input words: 30001 to 39999 1 to 125 WORD per call 1 05 1 Write an output bit: 1 to 9999 One bit per call 4414 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MB_MODE Modbus function Data length Function and data type MB_DATA_ADDR 1 06 1 Write a holding register: 40001 to 49999 1 15 2 to 1968 1 16 2 to 123 Write several holding registers: 2 to 123 WORD per call 40001 to 49999 2 15 1 to 1968 Write one or more output bits: 1 to 9999 1 WORD per call Write multiple output bits: 1 to 9999 2 to 1968 bits per call 1 to 1968 bits per call 2 16 1 to 123 Write one or more holding registers: 40001 to 49999 1 to 123 WORD per call 11 11 0 Read status word and event counter of server communi cation: The status word reflects the the processing status (0 - not processing, 0xFFFF - processing). The event counter is incremented each time a message is sent successfully. The MB_DATA_ADDR and MB_DATA_LEN parameters of the "MB_CLIENT" instruction are not evaluated when this function executes. 80 08 1 Check the server status with the error code 0x0000 (re turn loop test - the server sends the request back): - 1 WORD per call 81 08 1 Reset the event counter of the server with the error code 0x000A: 1 WORD per call 3 to 10, 12 to 79, 82 to 255 Reserved See also Description of MB_CLIENT (Page 4411) MB_DATA_PTR parameter (S7-1200) Description The MB_DATA_PTR parameter is a pointer to a data buffer for storing the data read from or written to the Modbus server. As the data buffer, you can use a global data block or a memory area (M). For a buffer in the memory area (M), use a pointer in the ANY format as follows: "P#bit address" "data type" "length" (example: P#M1000.0 WORD 500). WinCC Advanced V14 System Manual, 10/2016 4415 Programming the PLC 11.4 Instructions The MB_DATA_PTR parameter uses a communications buffer: For the communication functions of the "MB_CLIENT" instruction: - Reading and writing of 1 bit of data of the Modbus server addresses 00001 to 09999 and 10001 to 19999. - Reading of 16-bit WORD data of the Modbus server addresses 30001 to 39999 and 40001 to 49999. - Writing 16-bit WORD data of the Modbus server addresses 40001 to 49999. During data transmission (length: bit or WORD) from or to the global DB or the memory area (M) that you assigned with the MB_DATA_PTR parameter. If you use a data block for the buffer in the MB_DATA_PTR parameter, you will need to assign data types to the DB elements. Use the 1-bit data type BOOL for a Modbus bit address Use a 16-bit data type such as WORD, UINT, INT or REAL for a Modbus WORD address. Use a 32-bit data type (double word) such as DWORD, DINT or REAL for two Modbus WORD addresses. With MB_DATA_PTR, you can also access complex DB elements such as: - Standard arrays - Structures with unique element names - Complex structures with unique naming of the elements and data type lengths of 16 or 32 bits. The data areas for the MB_DATA_PTR parameter can also be in different global data blocks (or in different memory areas). You can, for example, use a data block for the the read jobs and another one for the write jobs or a separate data block for each "MB_CLIENT" station. See also Description of MB_CLIENT (Page 4411) Parameter STATUS (S7-1200) Parameter STATUS (general status information) STATUS* (W#16#) Description 0000 Instruction executed without errors. 7000 No call active (REQ=0). 7001 First call with REQ=1: Processing started; BUSY has the value 1. 7002 Intermediate call (REQ irrelevant). Processing already active; BUSY has the value 1. 4416 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STATUS* (W#16#) Description 7003 Connection is being terminated. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (protocol error) STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 80C8 Local - No response of the server in the defined period. Check the connection to the Modbus server. This error is only reported on completion of the config ured repeated attempts. If the "MB_CLIENT" instruction does not receive an answer with the origi nally transferred transaction ID (MB_TRANSACTION_ID tag) within the de fined period, this error code is output. 8380 Local - Received Modbus frame has incorrect format or too few bytes were re ceived. 8381 Remote 01 Function code is not supported. 8382 Local - The length of the Modbus frame in the frame header does not match the number of received bytes. The number of bytes does not match the number of actually transmitted bytes (only functions 1-4). For example, this is the case when "MB_CLIENT" requests an odd number of words, but "MB_SERVER" always sends an even number of words. The start address in the received frame does not match the saved start address (functions 5, 6, 15, 16). The number of words does not match the number of actually transmitted words (functions 15 and 16). 8383 8384 Remote 03 Invalid length specification in received Modbus frame. Check the server side. Local - Error reading or writing data or access outside the address area of MB_DA TA_PTR. Remote 02 Error reading or writing data or access outside the address area of the server Local - Invalid exception code received. A different data value was received than was originally sent by the client (functions 5, 6 and 8). Invalid status value received (function 11) 8385 Remote 03 Error in data value for function 5 Local - Diagnostics code not supported. A different subfunction code was received than was originally sent by the client (function 8). 8386 Remote 03 Diagnostics code not supported Local - Received function code does not match the one sent originally. WinCC Advanced V14 System Manual, 10/2016 4417 Programming the PLC 11.4 Instructions STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 8387 Local - The assigned connection ID is different from that used for previous requests. Only one connection ID can be used for each instance DB of the "MB_CLIENT" instruction. The error code is also output when the ID of the Modbus TCP protocol received by the server is not "0". 8388 Local - The Modbus server sent a different data length than was requested. This error occurs only when using the Modbus functions 15 or 16. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (parameter error) In addition to the errors listed in the following table, errors are also possible with the "MB_CLIENT" instruction caused by the communications instructions ("TCON", "TDISCON", "TSEND" and "TRCV"). STATUS* (W#16#) Description 80BB Invalid value at ACTIVE_EST parameter (identifier for the type of connection establishment, see T_CON_PAR AM): Only passive connection establishment permitted for server (ACTIVE_EST = FALSE). Only active connection establishment permitted for client (ACTIVE_EST = TRUE). 8188 The MB_MODE parameter has an invalid value. 8189 Invalid addressing of data at the MB_DATA_ADDR parameter. 818A Invalid data length at the MB_DATA_LEN parameter. 818B The MB_DATA_PTR parameter has an invalid pointer. You should also check the values of the MB_DA TA_ADDR (Page 4414) and MB_DATA_LEN parameters. 818C The MB_DATA_PTR (Page 4415) pointer references an an optimized data block. Either use a data block with standard access or a memory area. Timeout at parameter BLOCKED_PROC_TIMEOUT (see static tags of instruction). The limit of 55 seconds has been exceeded. 8200 A further Modbus request is currently being processed via the port. Another instance of MB_CLIENT with the same connection parameters is processing an existing Modbus request. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". 4418 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Error codes of internally used communications instructions. With the "MB_CLIENT" instruction, in addition to the errors listed in the tables, errors caused by the communication instructions ("TCON", "TDISCON", "TSEND" and "TRCV") used by the instruction can occur. The error codes are assigned via the instance data block of the "MB_CLIENT" instruction. The error codes are displayed for the respective instruction under STATUS in the Static section. The meaning of the error codes is available in the documentation of the corresponding communications instruction. See also Description of MB_CLIENT (Page 4411) MB_HOLD_REG parameter (Page 4423) MB_SERVER: Communicating via PROFINET as a Modbus TCP server (S7-1200) Description of MB_SERVER (S7-1200) Description The "MB_SERVER" instruction communicates as a Modbus TCP server via the PROFINET connection of the S7-1200 CPU. To use the instruction, you do not require any additional hardware module. The "MB_SERVER" instruction processes connection requests of a Modbus TCP client, receives requests from Modbus functions and sends responses. NOTICE Security information Note that each client of the network is given read and write access to the process image inputs and outputs and to the data block or bit memory area defined by the Modbus holding register. The option is available to restrict access to an IP address to prevent unauthorized read and write operations. Note, however, that the shared address can also be used for unauthorized access. WinCC Advanced V14 System Manual, 10/2016 4419 Programming the PLC 11.4 Instructions Parameters The following table shows the parameters of the "MB_SERVER" instruction: Parameter Declaration Data type Description DISCONNECT Input BOOL The instruction "MB_SERVER" enters into a passive connection with a partner module, which means the server responds to a TCP connection request from each requesting IP address. You can use this parameter to control when a connection request is accepted: 0: A passive connection is established when there is no communications connection. 1: Initialization of the connection termination. If the input is set, no other operations are executed. The value 7003 is output at the STATUS parameter after successful connection termination. CONNECT_ID Input UINT The parameter uniquely identifies a connection within the CPU. Each individual instance of the instructions "MB_CLIENT (Page 4411)" and "MB_SERVER" must have a unique CONNECT_ID parameter. IP_PORT Input UINT Start value = 502. The number of IP ports defines which IP port is moni tored for connection requests of the Modbus client. The following TCP port numbers must not be used for the passive con nection of the "MB_SERVER" instruction: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. MB_HOLD_REG (Page 4423) InOut VARIANT Pointer to the Modbus holding register of the "MB_SERVER" instruction: Use a global data block with standard access as holding register. The holding register contains the values that may be accessed by a Modbus client using the Modbus functions 3 (read), 6 (write) and 16 (read). NDR Output BOOL "New Data Ready": 0: No new data 1: New data written by the Modbus client written DR Output BOOL "Data Read": 0: No data read 1: Data read by the Modbus client ERROR Output BOOL If an error occurs during the call of the "MB_SERVER" instruction, the output of the ERROR parameter is set to TRUE. Detailed information about the cause of the problem is indicated by the STATUS parameter. STATUS (Page 4424) Output WORD Error code of the instruction. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Mapping of Modbus addresses to the process image The "MB_SERVER" instruction allows incoming Modbus functions (1, 2, 4, 5 and 15) direct read and write access to the process image input and output of the S7-1200 CPU (use of the data types BOOL and WORD). 4420 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions For the data transfer of the function codes 3, 6 and 16, the holding register (MB_HOLD_REG parameter) must be defined longer than one byte. The following table shows the mapping of the Modbus addresses to the process image of the CPU. Modbus function S7-1200 Code Function Data area Address space Data area CPU address 01 Read: Bits Output 1 to 02 Read: Bits Input 10001 to 8192 Process image output Q0.0 to Q1023.7 18192 Process image input I0.0 to I1023.7 04 Read: WORD Input 30001 to 30512 Process image input IW0 to IW1022 05 Write: Bits Output 15 Write: Bits Output 1 to 8192 Process image output Q0.0 to Q1023.7 1 to 8192 Process image output Q0.0 to Q1023.7 Incoming Modbus alarms with the function codes 3, 6 and 16 write to or read from the Modbus holding registers (you specify the holding registers with the MB_HOLD_REG parameter). Multiple server connections You can create multiple Server connections. This allows a single CPU to establish connections to more than one Modbus TCP client at the same time. A Modbus TCP server can support several TCP connections and the maximum number of connections depends on the CPU being used. The total number of connections of one CPU, including those of the Modbus TCP clients and server must not exceed the maximum number of supported connections. Modbus TCP connections can also be shared by client and/or server connections. In the case of Server connections, remember the following rules: Each "MB_SERVER" connection must use a unique instance DB. Each "MB_SERVER" connection must be created with a unique IP port number. Only one connection is supported for each port. Each "MB_SERVER" connection must use a unique connection ID. The relevant individual connection ID must be used for each individual instance DB of the instruction. The connection ID and instance DB belong together in pairs and must be unique for each connection. For each connection, the "MB_SERVER" instruction must be called individually. WinCC Advanced V14 System Manual, 10/2016 4421 Programming the PLC 11.4 Instructions Modbus diagnostics functions The table below contains a description of the Modbus diagnostics functions. Code Subfunction Description 08 0x0000 Echo test: The "MB_SERVER" instruction receives a data word and returns this unchanged to the Modbus master. 08 0x000A Reset event counter: The "MB_SERVER" instruction resets the event counter for communication that is used for Modbus function 11. 11 - Fetch event counter of the communication: The "MB_SERVER" instruction uses an internal event counter for communication to record the number of successfully executed read and write re quests sent to the Modbus server. The event counter is not incremented by the functions 8, 11 or broadcast requests. The same applies to requests that result in a communications error (for example parity errors or CRC errors). The broadcast function is not available for Modbus TCP because only one client/server connection can exist at any one time. Static tags of the instruction The following table describes the static tags of the instance data block of the "MB_SERVER" instruction used in the program. You can write the HR_Start_Offset tag. You can read the other tags to monitor the Modbus status. Tag Data type Start value Description HR_Start_Offset WORD 0 Assign the start address of the Modbus holding register. Request_Count WORD 0 Total number of requests received by the server. Server_Mes sage_Count WORD 0 Total number of received alarms for the relevant server. Xmt_Rcv_Count WORD 0 Counter for detecting the number of transfers during which an error oc curred. The counter is also incremented if an invalid Modbus alarm is received. Exception_Count WORD 0 Counter for detecting the number of errors specifically for Modbus cause an exception. Success_Count WORD 0 Counter for detecting the number of requests that contain no error in the transferred protocol. Connected BOOL 0 Indicates whether the connection to the assigned client has been estab lished or not: 1 = connected, 0 = not connected. Example: Addressing via static tag HR_Start_Offset The addresses of the Modbus holding register start at 40001. These addresses correspond to the address space of the CPU memory area for the holding register. You can also define the HR_Start_Offset tag so that the Modbus holding register has a start address other than 40001. Example: The holding register begins at MW100, and has a length of 100 WORD. An offset value in the HR_Start_Offset parameter means that the start address of the holding register is 4422 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions moved from 40001 to 40021. Whenever the holding register is addressed below the address 40021 and above the address 40119, this causes an error. HR_Start_Offset Address Minimum Maximum 0 Modbus address (WORD) 40001 40099 S7-1200 address MW100 MW298 Modbus address (WORD) 40021 40119 S7-1200 address MW100 MW298 20 See also MB_SERVER example: Multiple TCP connections (Page 4428) Difference between synchronous and asynchronous instructions (Page 2436) MB_HOLD_REG parameter (S7-1200) Description The MB_HOLD_REG parameter is a pointer to a data buffer for storing the data read from or written to the Modbus server. As the data buffer, you can use a global data block or a memory area (M). As pointer to a buffer in the memory area (M), use the ANY format as follows: "P#bit address" "data type" "length" (example: P#M1000.0 WORD 500). The following table shows examples of mapping Modbus addresses to the holding register for the Modbus functions 3 (read WORD), 6 (write WORD) and 16 (write several WORD). The upper limit for the number of addresses in the data block is decided by the maximum work memory of the CPU. If you use a memory area, the upper limit for the addresses is decided by the size of the memory area of the CPU. Modbus ad dresses MB_HOLD_REG parameter - examples P#M100.0 WORD 5 P#DB10.DBx0.0 WORD 5 "Recipe".ingredient 40001 MW100 DB10.DBW0 "Recipe".ingredient[1] 40002 MW102 DB10.DBW2 "Recipe".ingredient[2] 40003 MW104 DB10.DBW4 "Recipe".ingredient[3] 40004 MW106 DB10.DBW6 "Recipe".ingredient[4] 40005 MW108 DB10.DBW8 "Recipe".ingredient[5] See also Description of MB_SERVER (Page 4419) WinCC Advanced V14 System Manual, 10/2016 4423 Programming the PLC 11.4 Instructions Parameter STATUS (S7-1200) Parameter STATUS (general status information) STATUS* (W#16#) Description 0000 Instruction executed without errors. 7000 No call active (REQ=0). 7001 First call with REQ=1: Processing started; BUSY has the value 1. 7002 Intermediate call (REQ irrelevant). Processing already active; BUSY has the value 1. 7003 Connection is being terminated. * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (protocol error) STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 8380 Local - Received Modbus frame has incorrect format or too few bytes were re ceived. 8381 Remote 01 Function code is not supported. 8382 Remote 03 Error in data length 8383 Local - Error reading or writing data or access outside the address area of MB_HOLD_REG (Page 4423). Remote 02 Error reading or writing data or access outside the address area of the server Local - Invalid exception code received. 8384 A different data value was received than was originally sent by the server (functions 5, 6 and 8). Invalid status value received (function 11) 8385 Remote 03 Error in data value for function 5 Local - Diagnostics code not supported. A different subfunction code was received than was originally sent by the server (function 8). Remote 03 Diagnostics code not supported * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". 4424 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter STATUS (parameter error) STATUS* (W#16#) Description 80BB Invalid value at ACTIVE_EST parameter (identifier for the type of connection establishment, see T_CON_PARAM): Only passive connection establishment permitted for server (ACTIVE_EST = FALSE). Only active connection establishment permitted for client (ACTIVE_EST = TRUE). 8187 The MB_HOLD_REG parameter has an invalid pointer. Data area is too small. 818C The pointer at parameter MB_HOLD_REG references an optimized data block. Either use a data block with standard access or a memory area. Error due to timeout of execution (more than 55 seconds). * The error codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Note Error codes of internally used communications instructions. With the "MB_SERVER" instruction, in addition to the errors listed in the tables, errors caused by the communication instructions ("TCON", "TDISCON", "TSEND" and "TRCV") used by the instruction can occur. The error codes are assigned via the instance data block of the "MB_SERVER" instruction. The error codes are displayed for the respective instruction under STATUS in the Static section. The meaning of the error codes is available in the documentation of the corresponding communications instruction. See also Description of MB_SERVER (Page 4419) Examples (S7-1200) MB_CLIENT example 1: Send several requests via a TCP connection (S7-1200) Description Several requests of the Modbus Client can be sent via a TCP connection. To do this, use the same instance DB, the same connection ID and the same port number. Only one client can be active at any one time. After processing of a client has been completed, the next client is processed. The order of execution must be defined in the program. In the following sample program, the value of the STATUS output parameter is also copied. WinCC Advanced V14 System Manual, 10/2016 4425 Programming the PLC 11.4 Instructions Network 1: Modbus function 1 - 16 read output bits Network 2: Modbus function 2 - 32 read input bits MB_CLIENT example 2: Send multiple requests via several TCP connections (S7-1200) Description Requests from the Modbus client can be sent via different TCP connections. If you require this, use a different instance DB and a different connection ID. Use a different port number, if the connections are to the same Modbus server. If the connections are to different Modbus servers, you can freely assign the port number. 4426 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Network 1: Modbus function 4 - read input (WORD) Network 2: Modbus function 3 - read holding register (WORD) MB_CLIENT example 3: Coordinate several requests (S7-1200) Description Make sure that the individual Modbus requests are executed. You control coordination of requests with the program. The following example demonstrates how the output parameters of the first and second client request can be used to coordinate execution of the instructions. WinCC Advanced V14 System Manual, 10/2016 4427 Programming the PLC 11.4 Instructions Network 1: Modbus function 3 - read holding register (WORD) Network 2: Modbus function 3 - read holding register (WORD) MB_SERVER example: Multiple TCP connections (S7-1200) Description You can use several Modbus TCP server connections. To do this, the "MB_SERVER" instruction must be called independently for each connection. Every connection requires the following: An independent instance data block of the instruction A unique connection ID A separate IP port (on the S7-1200, only one connection is permitted per IP port) 4428 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions To optimize the performance "MB_SERVER" should be executed once per program cycle for each connection. Network 1: Connection #1 with associated IP port connection ID and instance DB Network 2: Connection #1 with associated IP port connection ID and instance DB MODBUS (TCP) (S7-1200, S7-1500) MB_CLIENT: Communicating via PROFINET as a Modbus TCP client (S7-1200, S7-1500) Description of MB_CLIENT (S7-1200, S7-1500) Description The "MB_CLIENT" instruction communicates as a Modbus TCP client via the PROFINET connection. With the "MB_CLIENT" instruction, you establish a connection between the client and the server, send Modbus requests and receive responses and control connection termination of the Modbus TCP client. For the S7-1200 with firmware version V4.0 you can use the "MB_CLIENT" instruction up to and including library version V3.1. With the S7-1200 as of firmware version V4.1 and the S7-1500, you can use the "MB_CLIENT" instruction of all library versions. The connection can take place via the local interface of the CPU or CM/CP. To use the instruction, you do not require an additional hardware module. WinCC Advanced V14 System Manual, 10/2016 4429 Programming the PLC 11.4 Instructions Multiple client connections A Modbus TCP client can support several TCP connections and the maximum number of connections depends on the CPU being used. The total number of connections of one CPU, including those of the Modbus TCP clients and server must not exceed the maximum number of supported connections. Modbus TCP connections can also be shared by "MB_CLIENT" and/ or "MB_SERVER" instances. With individual client connections, remember the following rules: Each "MB_CLIENT" connection must use a unique instance DB. For each "MB_CLIENT" connection, a unique server IP address must be specified. Each "MB_CLIENT" connection requires a unique connection ID. The relevant individual connection ID must be used for each individual instance DB of the instruction. The connection ID and instance DB belong together in pairs and must be unique for each connection. Unique numbers for the IP port may or may not be required depending on the server configuration. Parameters The following table shows the parameters of the "MB_CLIENT" instruction: Parameter Declaration Data type Description REQ (Page 4433) Input BOOL Modbus query to the Modbus TCP server The REQ parameter is level-controlled. This means that as long as the input is set (REQ=true), the instruction sends communication requests. After the Modbus query has started, the instance DB is locked for other clients. Changes to the input parameters will not become effective until the server has responded or an error message has been output. If the parameter REQ is set again during an ongoing Modbus request, no additional transmission takes place afterwards. DISCONNECT (Page 4433) Input BOOL With this parameter, you control the establishment and termination of the connection to the Modbus server: 0: Establish communications connection to the connection partner configured at the CONNECT parameter (see CONNECT parameter). 1: Disconnect the communication connection. No other function is executed during connection termination. The value 0003 is output at the STATUS parameter after successful connection termination. The Modbus request is sent immediately if the REQ parameter is set during connection establishment. MB_MODE (Page 4434) Input USINT Selects the mode of the Modbus request (read, write or diagnostics). MB_DATA_ADDR (Page 4434) Input UDINT Start address of the data accessed by the "MB_CLIENT" instruction. 4430 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Description MB_DATA_LEN Input UINT Data length: Number of bits or words for the data access (see "MB_MODE and MB_DATA_ADDR parameters" - data length). MB_DATA_PTR (Page 4436) InOut VARIANT Pointer to a data buffer for the data to be received from the Modbus server or to be sent to the Modbus server. CONNECT (Page 4436) InOut VARIANT Pointer to the structure of the connection description The following structures (system data types) can be used: TCON_IP_v4: Includes all address parameters that are required for establishing a programmed connection. When using TCON_IP_v4, the connection is established when calling the "MB_CLIENT" instruction. TCON_Configured: Includes the address parameters of a configured connection. When using TCON_Configured, an existing connection is used that was created by the CPU after download of the hardware configuration. DONE Out BOOL The bit at output parameter DONE is set to "1" as soon as the last job is completed without errors. BUSY Out BOOL 0: No Modbus request in progress 1: Modbus request being processed The output parameter BUSY is not set during connection establish ment and termination. ERROR Out BOOL 0: No error 1: Error occurred. The cause of error is indicated by the STATUS parameter. STATUS (Page 4438) Out WORD Detailed status information of the instruction. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Consistent input data during an "MB_CLIENT" call When a Modbus client instruction is called, the values of the input parameters are stored internally and then compared at the next call. The comparison is used to determine whether this particular call initialized the current request. Several "MB_CLIENT" calls can be executed if you use a common instance DB. The values of the input parameters must not be changed while an "MB_CLIENT" instance is being executed. If the input parameters are changed during execution, "MB_CLIENT" cannot be used to check whether or not the instance is currently being executed. WinCC Advanced V14 System Manual, 10/2016 4431 Programming the PLC 11.4 Instructions Static tags of the instruction The following table describes the editable static tags of the instance data block of the "MB_CLIENT" instruction. Tag Data type Start value Description Blocked_Proc_Time out REAL 3.0 Wait time in seconds before the static tag ACTIVE is reset if there is a blocked Modbus instance. This can, for example, occur if a client request is output and the execution of the client function aborts be fore the request was fully executed. The wait time must be between 0.5 s and 55 s. MB_Transaction_ID WORD 1 Transaction ID of the Modbus TCP protocol. The start value of "1" should only be changed if the Modbus TCP server requires a differ ent value. MB_Unit_ID BYTE 255 Modbus device detection: A Modbus TCP server is addressed using its IP address. For this reason, the MB_UNIT_ID parameter is not used in the case of Mod bus TCP addressing. The MB_UNIT_ID parameter corresponds to the field of the slave address in the Modbus RTU protocol. If a Modbus TCP server is used as a gateway for a Modbus RTU protocol, the slave device in the serial network can be identified using MB_UNIT_ID. The MB_UNIT_ID parameter would in this case forward the request to the correct Modbus RTU slave address. Please note that some Modbus TCP devices may require the MB_UNIT_ID parameter for the initialization within a limited value range. Use the following links to get more information on the MB_Unit_ID parameter: https://support.industry.siemens.com/cs/ww/en/view/102420337 (https://support.industry.siemens.com/cs/document/102420337/ what-is-the-function-of-the-mb_unit_id-in-the-instance-data-blockof-the-modbus-block-mb_client?dti=0&dl=en&lc=de-WW) http://support.automation.siemens.com/WW/view/en/109736516 (https://support.industry.siemens.com/cs/document/109736516/ how-do-you-clear-the-status-168382-in-the-case-of-a-modbus-tcpconnection-between-simatic-s7-1500-s7-1200-and-sentron-pacdevices?dti=0&dl=en&lc=de-WW) RCV_TIMEOUT REAL 2.0 Time interval in seconds in which the "MB_CLIENT" instruction waits for a response from the server. It must be between 0.5 s and 55 s. Connected BOOL 0 Indicates whether the connection to the assigned server has been established or not: 1 = connected, 0 = not connected. Note Tag MB_Transaction_ID The "MB_CLIENT" instruction ignores the answer of a Modbus-TCP server if the transaction ID in the answer of the Modbus-TCP server does not match the transaction ID of the job from "MB_CLIENT". 4432 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Example An example project for the Modbus TCP communication between two S7-1500 CPUs can be found in the Service and Support Portal under Entry ID 94766380 (http:// support.automation.siemens.com/WW/view/en/94766380). Two Modbus functions are used in this example. For each Modbus function, a Modbus TCP connection is established using a Modbus block pair (MB_CLIENT and MB_SERVER). )% )& :5B +ROGLQJ 5HJLVWHU >)&@ 2% )& :5B +ROGLQJ 5HJLVWHU >)&@ 0%B &/,(17 '% '$7$B &21 >'%@ 0DLQ >2%@ )% )& 5'B +ROGLQJ 5HJLVWHU >)&@ 0%B &/,(17 2% 6\VWHP EORFNV 7&3FRQQHFWLRQ ,' 0RGEXVIXQFWLRQ :ULWHPXOWLSOHKROGLQJUHJLVWHUV 'DWD EORFNV 0%B 6(59(5 '% '$7$B &21 >'%@ 0DLQ >2%@ )& 5'B +ROGLQJ 5HJLVWHU >)&@ '% '$7$B &21 >'%@ 8VHUSURJUDP 6&38 0RGEXVFOLHQW )% )% 0%B 6(59(5 '% '$7$B &21 >'%@ 7&3FRQQHFWLRQ ,' 0RGEXVIXQFWLRQ 5HDGKROGLQJUHJLVWHU 'DWD EORFNV 6\VWHP EORFNV 8VHUSURJUDP 6&38 0RGEXVVHUYHU See also Difference between synchronous and asynchronous instructions (Page 2436) REQ and DISCONNECT parameters (S7-1200, S7-1500) Description If no instance of the "MB_CLIENT" instruction is executing and if the value of the DISCONNECT parameter is "0", a new job executes if REQ=1. If there is not yet a connection, this is established during execution. If the same instance of the "MB_CLIENT" instruction executes again (DISCONNECT = 0 and REQ = 1), before the active job was executed, this is not executed on completion of the active job. A new job can only be started on completion of the active job (REQ = 1). The status of the execution is output by the output parameters. You can use it to monitor the execution status when the "MB_CLIENT" instruction is executed sequentially. WinCC Advanced V14 System Manual, 10/2016 4433 Programming the PLC 11.4 Instructions MB_MODE, MB_DATA_ADDR and MB_DATA_LEN parameters (S7-1200, S7-1500) Description The combination of the MB_MODE, MB_DATA_ADDR and MB_DATA_LEN parameters defines the Modbus function code used in the current Modbus message for the values 0 and 1 of MB_MODE: MB_MODE contains the information on whether to read or to write. MB_MODE=0: Read, MB_MODE=1: Write MB_DATA_ADDR contains the information on what is to be read or written, as well as address information from which the "MB_CLIENT" instruction calculates the remote address. MB_DATA_LEN contains the number of values to be read/written. Examples: The combination MB_MODE=1, MB_DATA_ADDR=1, MB_DATA_LEN=1 specifies the function code 05. 1 output bit is written starting from the remote address 0. The combination MB_MODE=1, MB_DATA_ADDR=1, MB_DATA_LEN=2 specifies the function code 15. 2 output bits are written starting from the remote address 0. The following applies to the values 101 to 116 from MB_MODE: MB_MODE defines the Modbus function code. MB_DATA_ADDR contains the remote address. MB_DATA_LEN contains the number of values to be read/written. Example: MB_MODE=104, MB_DATA_ADDR=17,834, MB_DATA_LEN=125 - MB_MODE=104 defines the function code 04 (read input words). - MB_DATA_ADDR=17,834 defines the remote address 17,834. - MB_DATA_LEN=125 defines that 125 values are read. The following table shows the relationship between the input parameters MB_MODE, MB_DATA_ADDR, MB_DATA_LEN of the "MB_CLIENT" instruction and the associated Modbus function. MB_MODE MB_DA TA_ADDR MB_DA TA_LEN Modbus function Function and data type 0 1 to 9,999 1 to 2,000 01 Read 1 to 2,000 output bits on the remote address 0 to 9,998 0 10,001 to 19,999 1 to 2,000 02 Read 1 to 2,000 input bits on the remote address 0 to 9,998 0 40,001 to 49,999 1 to 125 03 Read 1 to 125 holding registers on the remote address 0 to 9,998 400,001 to 465,535 Read 1 to 125 holding registers on the remote address 0 to 65,534 0 30,001 to 39,999 1 to 125 04 Read 1 to 125 input words on the remote address 0 to 9,998 1 1 to 9,999 1 05 Write 1 output bit on the remote address 0 to 9,998 4434 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions MB_MODE MB_DA TA_ADDR MB_DA TA_LEN Modbus function Function and data type 1 40,001 to 49,999 1 06 Write 1 holding register on the remote address 0 to 9,998 Write 1 holding register on the remote address 0 to 65,534 400,001 to 465,535 1 1 to 9,999 2 to 1,968 15 Write 2 to 1,968 output bits on the remote address 0 to 9,998 1 40,001 to 49,999 2 to 123 16 Write 2 to 123 holding registers on the remote address 0 to 9,998 400,001 to 465,535 Write 2 to 123 holding registers on the remote address 0 to 65,534 2 1 to 9,999 1 to 1,968 15 Write 1 to 1,968 output bits on the remote address 0 to 9,998 2 40,001 to 49,999 1 to 123 16 Write 1 to 123 holding registers on the remote address 0 to 9,998 400,001 to 465,535 11 Write 1 to 123 holding registers on the remote address 0 to 65,534 The MB_DATA_ADDR and MB_DATA_LEN parameters are not evaluated when this function is executed. 11 Read status word and event counter of the server: 80 - 1 08 81 - 1 08 101 0 to 65,535 1 to 2,000 01 Read 1 to 2,000 output bits on the remote address 0 to 65,535 102 0 to 65,535 1 to 2,000 02 Read 1 to 2,000 input bits on the remote address 0 to 65,535 103 0 to 65,535 1 to 125 03 Read 1 to 125 holding registers on the remote address 0 to 65,535 104 0 to 65,535 1 to 125 04 Read 1 to 125 input words on the remote address 0 to 65,535 105 0 to 65,535 1 05 Write 1 output bit on the remote address 0 to 65,535 106 0 to 65,535 1 06 Write 1 holding register on the remote address 0 to 65,535 115 0 to 65,535 1 to 1,968 15 Write 1 to 1,968 output bits on the remote address 0 to 65,535 116 0 to 65,535 1 to 123 16 Write 1 to 123 holding registers on the remote address 0 to 65,535 The status word reflects the the processing status (0 - not processing, 0xFFFF - processing). The event counter is incremented when the Modbus request was executed successfully. If an error occurred during execution of a Modbus function, a message is sent by the server but the event counter is not incremented. Check the server status with the diagnostic code 0x0000 (re turn loop test - the server sends the request back): 1 WORD per call Reset the event counter of the server with the diagnostic code 0x000A: 1 WORD per call 3 to 10, 12 to 79, 82 to 100, 107 to 114, 117 to 255 WinCC Advanced V14 System Manual, 10/2016 Reserved 4435 Programming the PLC 11.4 Instructions MB_DATA_PTR parameter (S7-1200, S7-1500) Description The MB_DATA_PTR parameter is a pointer to a data buffer for the data to be received from the Modbus server or to be sent to the Modbus server. As the data buffer, you can use a global data block or a memory area (M). For a buffer in the memory area (M), use a pointer in the ANY format as follows: "P#bit address" "data type" "length" (example: P#M1000.0 WORD 500). Depending on the memory area in which the data buffer is located, MB_DATA_PTR can reference different data structures: When you use a global DB with optimized access, MB_DATA_PTR can reference a tag with elementary data type or an array of elementary data types. The following data types are supported: Data type Length in bits Bool 1 Byte, SInt, USInt, Char 8 Word, Int, WChar, UInt 16 DWord, DInt, UDInt, Real 32 In such cases, all supported data types can be used for all Modbus functions. For example, MB_CLIENT can also write a received bit in a tag of the byte type to a specified address without changing other bits in this byte. Therefore, it is not necessary to have an array of bits in order to execute bit-oriented functions. If you use a bit memory address area or a global DB with standard access as memory area, there is no longer any restriction to the elementary data types for MB_DATA_PTR; MB_DATA_PTR can then also reference complex data structures such as PLC data types (UDTs) and system data types (SDTs). CONNECT parameter (S7-1200, S7-1500) Connection descriptions at CONNECT parameter Two different connection descriptions can be used for the "MB_CLIENT" instruction: Programmed connections with the structure TCON_IP_v4 The connection parameters are stored in the TCON_IP_v4 structure and the connection is set up with the call of the instruction "MB_CLIENT". Configured connections with the structure TCON_Configured The configured connection has already been established by the CPU. Use the structure TCON_Configured to specify which existing connection is to be used for the instruction. Each instance of the instruction "MB_CLIENT" requires a unique connection. Create a separate structure TCON_IP_v4 or TCON_Configured for each instance of the instruction to describe the connection. 4436 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Connection description for programmed connections Use the following structure for connection description to TCON_IP_v4 for programmed connections at the CONNECT parameter: Make sure that only connections of the type TCP are specified in the TCON_IP_v4 structure. The connection may not use the following TCP port numbers: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. Byte Parameter Data type Start value Description 0 ... 1 InterfaceID HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to this connection (value range: 1 to 4095). The parameter uniquely identifies a connection within the CPU. Each individual instance of the instruction "MB_CLI ENT" must use a unique ID. 4 ConnectionType BYTE 11 Connection type Select 11 (decimal) for TCP. Other connection types are not permitted. If another connection type (e.g. UDP) is used, a corresponding error message is output at the STATUS pa rameter of the instruction. 5 ActiveEstablished BOOL TRUE ID for the manner in which the connection is established Select TRUE for active connection establishment. 6 ... 9 RemoteAddress ARRAY [1..4] of BYTE IP address of the connection partner (Modbus server), for ex ample, for 192.168.0.1: addr[1] = 192 addr[2] = 168 addr[3] = 0 addr[4] = 1 10 ... 11 RemotePort UINT 502 Port number of the remote connection partner (value range: 1 to 49151). Use the IP port number of the server to which the client es tablishes the connection and communicates using the TCP/IP protocol (default value: 502). 12 ... 13 LocalPort UINT 0 Port number of the local connection partner: Port numbers: 1 to 49151 Any port: "0" WinCC Advanced V14 System Manual, 10/2016 4437 Programming the PLC 11.4 Instructions Note Migration of the instruction "MB_CLIENT" version 2.1 The parameters CONNECT_ID, IP_PORT and IP_OCTET_x are mapped in version 3.0 of the "MB_CLIENT" instruction in the TCON_IP_v4 structure: The parameter CONNECT_ID of the "MB_CLIENT" V2.1 instruction corresponds to the ID parameter of TCON_IP_v4. The parameter IP_PORT of the "MB_CLIENT" V2.1 instruction corresponds to the RemotePort parameter of TCON_IP_v4. The four parameters IP_OCTET_x of the "MB_CLIENT" V2.1 instruction correspond to the array of the RemoteAddress parameter of TCON_IP_v4. Connection description for configured connections For programmed connections at the CONNECT parameter, use the following structure for connection description to TCON_Configured. Make sure that only connections of the type TCP are specified in the TCON_Configured structure. The connection may not use the following TCP port numbers: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. Byte Parameter Data type Start value Description 0 ... 1 InterfaceId HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to this connection (value range: 1 to 4095). Enter the connection ID of the existing connection. 4 ConnectionType BYTE 0 Connection type Select 254 (decimal) for a configured connection. Parameter STATUS (S7-1200, S7-1500) Parameter STATUS (general status information) STATUS* (W#16#) Description 0000 Instruction executed without errors. 0001 Connection established. 0003 Connection terminated. 7000 No job active and no connection established (REQ=0). 7001 Connection establishment triggered. 7002 Intermediate call. Connection is being established. 7003 Connection is being terminated. 7004 Connection established and monitored. No job processing active. 4438 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STATUS* (W#16#) Description 7005 Data is being sent. 7006 Data is being received. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (protocol error) STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 80C8 Local - No response of the server in the defined period. Check the connection to the Modbus server. This error is only reported on completion of the config ured repeated attempts. If the "MB_CLIENT" instruction does not receive an answer with the origi nally transferred transaction ID (see static tag MB_TRANSACTION_ID) within the defined period, this error code is output. 8380 Local - Received Modbus frame has incorrect format or too few bytes were re ceived. 8381 Remote 01 Function code is not supported. 8382 Local - The length of the Modbus frame in the frame header does not match the number of received bytes. The number of bytes does not match the number of actually transmitted bytes (only functions 1-4). For example, this is the case when "MB_CLIENT" requests an odd number of words, but "MB_SERVER" always sends an even number of words. The start address in the received frame does not match the saved start address (functions 5, 6, 15, 16). The number of words does not match the number of actually transmitted words (functions 15 and 16). 8383 8384 Remote 03 Invalid length specification in received Modbus frame. Check the server side. Local - Error reading or writing data or access outside the address area of MB_DA TA_PTR (Page 4436). Remote 02 Error reading or writing data or access outside the address area of the server Local - Invalid exception code received. A different data value was received than was originally sent by the client (functions 5, 6 and 8). Invalid status value received (function 11) 8385 Remote 03 Error in data value for function 5 Local - Diagnostics code not supported. A different subfunction code was received than was originally sent by the client (function 8). Remote WinCC Advanced V14 System Manual, 10/2016 03 Diagnostics code not supported 4439 Programming the PLC 11.4 Instructions STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 8386 Local - Received function code does not match the one sent originally. 8387 Local - The protocol ID of the Modbus TCP frame received by the server is not "0". 8388 Local - The Modbus server sent a different data length than was requested. This error occurs only when using the Modbus functions 5, 6, 15 or 16. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (parameter error) STATUS* (W#16#) Description 80B6 Invalid connection type, only TCP connections are supported. 80BB Invalid value at ActiveEstablished parameter (identifier for the type of connection establishment, see CON NECT parameter (Page 4436)): Only passive connection establishment permitted for server (ActiveEstablished = FALSE). Only active connection establishment permitted for client (ActiveEstablished = TRUE). 8188 The MB_MODE parameter has an invalid value. 8189 Invalid addressing of data at the MB_DATA_ADDR parameter. 818A Invalid data length at the MB_DATA_LEN parameter. 818B The MB_DATA_PTR parameter has an invalid pointer. You should also check the values of the MB_DA TA_ADDR (Page 4436) and MB_DATA_LEN parameters. 818C Timeout at parameter BLOCKED_PROC_TIMEOUT or RCV_TIMEOUT (see static tags of instruction). BLOCKED_PROC_TIMEOUT and RCV_TIMEOUT must be between 0.5 s and 55 s. 818D The transaction ID (MB_TRANSACTION_ID tag) does not correspond to the one sent originally (see static tags of instruction). 8200 A different Modbus request is currently being processed via the port. Another instance of MB_CLIENT with the same connection parameters is processing an existing Modbus request. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Note Error codes of internally used communications instructions With the "MB_CLIENT" instruction, in addition to the errors listed in the tables, errors caused by the communication instructions ("TCON", "TDISCON", "TSEND", "TRCV", "T_DIAG" and "TRESET") used by the instruction can occur. The error codes are assigned via the instance data block of the "MB_CLIENT" instruction. The error codes are displayed for the respective instruction under STATUS in the "Static" section. The meaning of the error codes is available in the documentation of the corresponding communications instruction. 4440 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions See also GET_ERR_ID: Get error ID locally (Page 2690) MB_SERVER: Communicating via PROFINET as a Modbus TCP server (S7-1200, S7-1500) Description of MB_SERVER (S7-1200, S7-1500) Description The "MB_SERVER" instruction communicates as Modbus TCP server via a PROFINET connection. The "MB_SERVER" instruction processes connection requests of a Modbus TCP client, receives and processes Modbus requests and sends responses. For the S7-1200 with firmware version V4.0 you can use the "MB_SERVER" instruction up to and including library version V3.1. With the S7-1200 as of firmware version V4.1 and the S7-1500, you can use the "MB_SERVER" instruction of all library versions. The connection can take place via the local interface of the CPU or CM/CP. To use the instruction, you do not require an additional hardware module. NOTICE Security information Note that each client of the network is given read and write access to the process image inputs and outputs and to the data block or bit memory area defined by the Modbus holding register. The option is available to restrict access to an IP address to prevent unauthorized read and write operations. Note, however, that the shared address can also be used for unauthorized access. Multiple server connections You can create multiple Server connections. This allows a single CPU to accept connections from multiple Modbus TCP clients at the same time. A Modbus TCP server can support several TCP connections and the maximum number of connections depends on the CPU being used. The total number of connections of one CPU, including those of the Modbus TCP clients and server must not exceed the maximum number of supported connections. Modbus TCP connections can also be shared by "MB_CLIENT" and/or "MB_SERVER" instances. WinCC Advanced V14 System Manual, 10/2016 4441 Programming the PLC 11.4 Instructions In the case of Server connections, remember the following rules: Each "MB_SERVER" connection must use a unique instance DB. Each "MB_SERVER" connection must use a unique connection ID. The relevant individual connection ID must be used for each individual instance DB of the instruction. The connection ID and instance DB belong together in pairs and must be unique for each connection. For each connection, the "MB_SERVER" instruction must be called individually. Parameters The following table shows the parameters of the "MB_SERVER" instruction: Parameter Declaration Data type Description DISCONNECT Input BOOL The "MB_SERVER" instruction is used to enter into a passive connection with a partner module. The server responds to a connection request from the IP address which is entered in the SDT "TCON_IP_v4" in the CON NECT parameter. You can use this parameter to control when a connection request is ac cepted: 0: A passive connection is established when there is no communications connection. 1: Initialization of the connection termination. If the input is set, no other operations are executed. The value 0003 is output at the STATUS parameter after successful connection termination. MB_HOLD_REG (Page 4446) InOut VARIANT Pointer to the Modbus holding register of the "MB_SERVER" instruction MB_HOLD_REG must always reference a memory area that is larger than two bytes. The holding register contains the values that may be accessed by a Mod bus client using the Modbus functions 3 (read), 6 (write) and 16 (multiple write). As the holding register, use either a global data block with optimized ac cess or the memory area of the bit memories. CONNECT (Page 4446) InOut VARIANT Pointer to the structure of the connection description The following structures (SDTs) can be used: TCON_IP_v4: Includes all address parameters that are required for establishing a programmed connection. The default address is 0.0.0.0 (any IP address), but you can enter a specific IP address so that the server only responds to requests from this address. When using TCON_IP_v4, the connection is established when calling the "MB_SERVER" instruction. TCON_Configured: Includes the address parameters of a configured connection. When using TCON_Configured, the connection is established by the CPU after download of the hardware configuration. NDR Output BOOL "New Data Ready": 0: No new data 1: New data written by the Modbus client written 4442 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter Declaration Data type Description DR Output BOOL "Data Read": 0: No data read 1: Data read by the Modbus client ERROR Output BOOL If an error occurs during the call of the "MB_SERVER" instruction, the output of the ERROR parameter is set to "1". Detailed information about the cause of the problem is indicated by the STATUS parameter. STATUS (Page 4448) Output WORD Detailed status information of the instruction. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Static tags of the instruction The following table describes the static tags of the instance data block of the "MB_SERVER" instruction used in the program. You can write the HR_Start_Offset tag. You can read the other tags to monitor the Modbus status. Tag Data type Start value Description HR_Start_Offset WORD 0 Assign the start address of the Modbus holding register. Request_Count WORD 0 Total number of requests received by the server. Server_Mes sage_Count WORD 0 Total number of received alarms for the relevant server. Xmt_Rcv_Count WORD 0 Counter for detecting the number of transfers during which an error oc curred. The counter is only incremented when an invalid Modbus request is received. Exception_Count WORD 0 Counters for detecting the number of errors specifically for Modbus which cause an error message to "MB_CLIENT". Success_Count WORD 0 Event counter for detecting the number of requests that were success fully executed by the server. Connected BOOL 0 Indicates whether the connection to the assigned client has been estab lished or not: 1 = connected, 0 = not connected. Mapping of Modbus addresses to the process image The "MB_SERVER" instruction allows incoming Modbus functions (1, 2, 4, 5 and 15) direct read and write access to the process image inputs and outputs of the CPU (use of the data types BOOL and WORD). The following table shows the mapping of the Modbus addresses to the process image of the CPU. Modbus function S7-1500, S7-1200 V4.0 Function code Function Data area 01 Read: Bits Output 0 to 02 Read: Bits Input 0 04 Read: WORD Input 0 WinCC Advanced V14 System Manual, 10/2016 Address space Data area CPU address 9998 Process image output Q0.0 to Q1249.6 to 9998 Process image input I0.0 to I1249.6 to 9998 Process image input IW0 to IW19996 4443 Programming the PLC 11.4 Instructions Modbus function S7-1500, S7-1200 V4.0 05 Write: Bits Output 0 to 9998 Process image output Q0.0 to Q1249.6 15 Write: Bits Output 0 to 9998 Process image output Q0.0 to Q1249.6 Incoming Modbus requests with the function codes 3, 6, 16 and 23 write to or read from the Modbus holding register (you specify the holding register with the MB_HOLD_REG parameter). Example: Addressing via static tag HR_Start_Offset The addresses of the Modbus holding register start at 0 (from the perspective of the MB_CLIENT at 40.001). These addresses correspond to the address area of the CPU memory area for the holding register. You can also define the HR_Start_Offset tag so that the Modbus holding register has a start address other than 0. Example: The holding register begins at MW100, and has a length of 100 WORD. An offset value in the HR_Start_Offset parameter means that the start address of the holding register is moved from 0 to 20. This causes an error whenever the holding register is addressed below the address 20 and above the address 119. HR_Start_Offset Address Minimum Maximum 0 Modbus address (WORD) 0 99 CPU address MW100 MW298 Modbus address (WORD) 20 119 CPU address MW100 MW298 20 Modbus functions The following table lists all the Modbus functions that are supported by the "MB_SERVER" instruction. Function code Description 01 Read output bits 02 Read input bits 03 Read a holding register 04 Read input words 05 Write an output bit 06 Write a holding register 08 Diagnostics function: Echo test (diagnostic code 0x0000): The "MB_SERVER" instruction receives a data word and returns this unchanged to the Modbus client. Reset event counter (diagnostic code 0x000A): The "MB_SERVER" instruction resets the following event counters: "Success_Count", "Xmt_Rcv_Count", "Exception_Count", "Server_Message_Co" and "Request_Count". 4444 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Function code Description 11 Diagnostics function: Fetch event counter of the communication The "MB_SERVER" instruction uses an internal event counter for communication to record the number of successfully executed read and write requests sent to the Modbus server. The event counter is not incremented with the functions 8 or 11. The same holds true for requests that cause a communications error, for example, if a protocol error has occurred (e.g., the function code in the received Modbus request is not supported). 15 Write output bits 16 Write a holding register 23 Write a holding register and read holding register with a request Example An example project for the Modbus TCP communication between two S7-1500 CPUs can be found in the Service and Support Portal under Entry ID 94766380 (http:// support.automation.siemens.com/WW/view/en/94766380). Two Modbus functions are used in this example. For each Modbus function, a Modbus TCP connection is established using a Modbus block pair (MB_CLIENT and MB_SERVER). )% )& :5B +ROGLQJ 5HJLVWHU >)&@ 2% )& :5B +ROGLQJ 5HJLVWHU >)&@ 0%B &/,(17 '% '$7$B &21 >'%@ 0DLQ >2%@ )% )& 5'B +ROGLQJ 5HJLVWHU >)&@ 0%B &/,(17 2% 6\VWHP EORFNV 7&3FRQQHFWLRQ ,' 0RGEXVIXQFWLRQ :ULWHPXOWLSOHKROGLQJUHJLVWHUV 'DWD EORFNV 0%B 6(59(5 '% '$7$B &21 >'%@ 0DLQ >2%@ )& 5'B +ROGLQJ 5HJLVWHU >)&@ '% '$7$B &21 >'%@ 8VHUSURJUDP 6&38 0RGEXVFOLHQW )% )% 0%B 6(59(5 '% '$7$B &21 >'%@ 7&3FRQQHFWLRQ ,' 0RGEXVIXQFWLRQ 5HDGKROGLQJUHJLVWHU 'DWD EORFNV 6\VWHP EORFNV 8VHUSURJUDP 6&38 0RGEXVVHUYHU See also Difference between synchronous and asynchronous instructions (Page 2436) WinCC Advanced V14 System Manual, 10/2016 4445 Programming the PLC 11.4 Instructions MB_HOLD_REG parameter (S7-1200, S7-1500) Description The MB_HOLD_REG parameter is a pointer to a data buffer for storing the data read from or written to the Modbus server. You can use a global data block or a bit memory (M) as memory area. The high limit for the number of addresses in the data block (D) is determined by the maximum work memory of the CPU. The high limit for the number of bit memories (M) is determined by the size of the CPU memory area. The following table shows examples of mapping Modbus addresses to the holding register for the Modbus functions 3 (read WORD), 6 (write WORD), 16 (write several WORD) and 23 (write and read several words). Modbus ad dresses MB_HOLD_REG parameter - examples 0 MW100 DB10.DBW0 "Recipe".ingredient[1] 1 MW102 DB10.DBW2 "Recipe".ingredient[2] 2 MW104 DB10.DBW4 "Recipe".ingredient[3] 3 MW106 DB10.DBW6 "Recipe".ingredient[4] 4 MW108 DB10.DBW8 "Recipe".ingredient[5] CONNECT parameter (S7-1200, S7-1500) Connection descriptions at CONNECT parameter Two different connection descriptions can be used for the "MB_SERVER" instruction: Programmed connections with the structure TCON_IP_v4 The connection parameters are stored in the TCON_IP_v4 structure and the connection is set up with the call of the instruction "MB_SERVER". Configured connections with the structure TCON_Configured The configured connection has already been established by the CPU. Use the structure TCON_Configured to specify which existing connection is to be used for the instruction. Each instance of the instruction "MB_SERVER" requires a unique connection. Create a separate structure TCON_IP_v4 or TCON_Configured for each instance of the instruction to describe the connection. Connection description for programmed connections For programmed connections at the CONNECT parameter, use the following structure for connection description to TCON_IP_v4. Make sure that only connections of the type TCP are specified in the TCON_IP_v4 structure. The connection may not use the following TCP port numbers: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. 4446 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Byte Parameter Data type Start value Description 0 ... 1 InterfaceID HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to this connection (value range: 1 to 4095). The parameter uniquely identifies a connection within the CPU. Each individual instance of the instruction "MB_SERV ER" must use a unique ID. 4 ConnectionType BYTE 11 Connection type Select 11 (decimal) for TCP. Other connection types are not permitted. If another connection type (e.g. UDP) is used, a corresponding error message is output at the STATUS pa rameter of the instruction. 5 ActiveEstablished BOOL FALSE ID for the manner in which the connection is established Select FALSE for passive connection establishment. 6 ... 9 RemoteAddress ARRAY [1..4] 0.0.0.0 of BYTE IP address of the connection partner, for example, for 192.168.0.1: addr[1] = 192 addr[2] = 168 addr[3] = 0 addr[4] = 1 If the instruction "MB_SERVER" is to accept connection re quests from any connection partner, use "0.0.0.0" as IP ad dress. 10 ... 11 RemotePort UINT 0 Port number of the remote connection partner (value range: 1 to 49151). If the instruction "MB_SERVER" is to accept connection re quests from any remote partner, use "0" as port number. 12 ... 13 LocalPort UINT 502 Port number of the local connection partner (value range: 1 to 49151). The number of the IP port defines which IP port is monitored for connection requests of the Modbus client. The following TCP port numbers must not be used for the passive connection of the "MB_SERVER" instruction: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. Note Migration of the instruction "MB_SERVER" version 2.1 The parameters CONNECT_ID and IP_PORT are mapped in version 3.0 of the "MB_SERVER" instruction in the TCON_IP_v4 structure: The parameter CONNECT_ID of the "MB_SERVER" V2.1 instruction corresponds to the ID parameter of TCON_IP_v4. The parameter IP_PORT of the "MB_SERVER" V2.1 instruction corresponds to the LocalPort parameter of TCON_IP_v4. WinCC Advanced V14 System Manual, 10/2016 4447 Programming the PLC 11.4 Instructions Connection description for configured connections For configured connections at the CONNECT parameter, use the following structure for connection description to TCON_Configured. Make sure that only connections of the type TCP are specified in the TCON_Configured structure. The connection may not use the following TCP port numbers: 20, 21, 25, 80, 102, 123, 5001, 34962, 34963 and 34964. Byte Parameter Data type Start value Description 0 ... 1 InterfaceID HW_ANY - Hardware identifier of the local interface (value range: 0 to 65535). 2 ... 3 ID CONN_OUC - Reference to this connection (value range: 1 to 4095). Enter the connection ID of the existing connection. 4 ConnectionType BYTE - Connection type Select 254 (decimal) for a configured connection. Parameter STATUS (S7-1200, S7-1500) Parameter STATUS (general status information) STATUS* (W#16#) Description 0000 Instruction executed without errors. 0001 Connection established. 0003 Connection terminated. 7000 No call active (REQ=0). 7001 First call. Connection establishment triggered. 7002 Intermediate call. Connection is being established. 7003 Connection is being terminated. 7005 Data is being sent. 7006 Data is being received. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (protocol error) STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 8380 Local - Received Modbus frame has incorrect format or too few bytes were re ceived. 8381 Remote 01 Function code is not supported. 4448 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions STA TUS* (W#16#) Local and/ or remote errors Error code in the an swer from MB_SERVER (B#16#) Description 8382 Remote 03 Error in data length Invalid length specification in received Modbus frame The frame length entered in the header of the Modbus frame does not match the number of actually received bytes. The number of bytes entered in the header of the Modbus frame does not match the number of actually received bytes (functions 15 and 16). 8383 8384 Local - Error reading or writing data or access outside the address area of MB_HOLD_REG. Remote 02 Error reading or writing data or access outside the address area of the server Local - Invalid exception code received. A different data value was received than was originally sent by the server (functions 5, 6 and 8). Invalid status value received (function 11) 8385 Remote 03 Error in data value for function 5 Local - Diagnostics code not supported. A different subfunction code was received than was originally sent by the server (function 8). Remote 03 Diagnostics code not supported * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". Parameter STATUS (parameter error) STATUS* (W#16#) Description 80BB Invalid value at ActiveEstablished parameter (identifier for the type of connection establishment, see CONNECT parameter (Page 4446)): Only passive connection establishment permitted for server (active_established = FALSE). Only active connection establishment permitted for client (active_established = TRUE). 8187 The MB_HOLD_REG parameter has an invalid pointer. Data area is too small. * The status codes can be displayed as integer or hexadecimal values in the program editor. For information on switching the display formats, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4449 Programming the PLC 11.4 Instructions Note Error codes of internally used communications instructions With the "MB_SERVER" instruction, in addition to the errors listed in the tables, errors caused by the communication instructions ("TCON", "TDISCON", "TSEND", "TRCV", "T_DIAG" and "T_RESET") used by the instruction can occur. The error codes are assigned via the instance data block of the "MB_SERVER" instruction. The error codes are displayed for the respective instruction under STATUS in the "Static" section. The meaning of the error codes is available in the documentation of the corresponding communications instruction. See also GET_ERR_ID: Get error ID locally (Page 2690) MB_HOLD_REG parameter (Page 4446) Differences between the versions <= V3.x and >= V4.0 of the Modbus TCP library (S7-1200, S7-1500) Differences between the versions <= V3.x and >= V4.0 of the Modbus instructions The following differences between versions exist with the MB_SERVER/MB_CLIENT MODBUS instructions: Address parameter - In versions <= 3.x, the address data for the Modbus TCP server is specified via the input parameters "IP_x". - Versions >= 4.0 use TCON_IP_V4 and TCON_Configured system data types at the CONNECT input parameter for this purpose. If an error occurs during execution, as of version 4.0 of the Modbus instructions, there are more STATUS alarms available which can be evaluated accordingly. You can find detailed information in the instruction descriptions for MB_CLIENT (Page 4429) and MB_SERVER (Page 4441). Note Changing the Modbus TCP library from a version <= V3.x to a version >= V4.0 When you replace the Modbus TCP library from a version <= V3.x to a version >= V4.0 you also need to replace the Open User Communication library. Afterwards check all the instructions relevant for your program. 4450 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions TeleService (S7-1200) TM_MAIL: Transfer email (S7-1200) Description of TM_MAIL (S7-1200) Description The "TM_MAIL" instruction works asynchronously, in other words, its execution extends over multiple calls. You must specify an instance when you call the instruction "TM_MAIL". The attribute "retentive" may not be set in the instance. This attribute ensures that the instance is initialized when the CPU switches from STOP to RUN and that a new e-mail send job can be triggered afterwards. You start the sending of an e-mail with an edge change from "0" to "1" for the REQ parameter. The job status is indicated by the output parameters BUSY, "DONE", "ERROR", "STATUS" and "SFC_STATUS". "SFC_STATUS" corresponds in this case to the "STATUS" output parameter of the called communication blocks. The output parameters DONE, ERROR, STATUS, and SFC_STATUS are each displayed for only one cycle if the status of the BUSY output parameter changes from "1" to "0". The following table shows the relationship between BUSY, DONE, and ERROR. Using this table, you can determine the current status of the instruction "TM_MAILand when the sending of the e-mail is complete. DONE BUSY ERROR Description 0 1 0 The job is being processed. 1 0 0 Job successfully completed. 0 0 1 The job ended with an error. The cause of the error can be found in the STATUS and SFC_STATUS parameters. 0 0 0 The "TM_MAIL" instruction was not assigned a (new) job. If the CPU changes to STOP mode while "TM_MAIL" is active, the communication connection to the mail server aborts. The communication connection to the mail server will also be lost if WinCC Advanced V14 System Manual, 10/2016 4451 Programming the PLC 11.4 Instructions communication problems occur on the Industrial Ethernet bus. In this case, the transfer of the e-mail will be interrupted and it will not reach its recipient. NOTICE Changing user programs You can change the parts of your user program that directly affect calls of "TM_MAIL" only: when the CPU is in "STOP" mode or when no mail is being sent (REQ = 0 and BUSY = 0). This relates, in particular, to deleting and replacing program blocks that contain "TM_MAIL" calls or calls for the instance of "TM_MAIL". Ignoring this restriction can tie up connection resources. The automation system can change to an undefined status for the TPC/IP communication functions via Industrial Ethernet. A warm or cold restart of the CPU is required after the changes are transferred. Data consistency The ADDR_MAIL_SERVER input parameter of the instruction is taken from the "TM_MAIL" instruction again each time the sending of an e-mail is triggered. If a change is made during operation, the "new" value only becomes effective once an e-mail is triggered again. In contrast, the WATCH_DOG_TIME, TO_S, CC, FROM, SUBJECT, TEXT, ATTACHMENT, and, if applicable, USERNAME and PASSWORD parameters are taken from the "TM_MAIL" instruction while it is running, which means that they may only be changed after the job is complete (BUSY = 0) Setting the parameters of the TS Adapter IE On the TS Adapter IE, you need to specify parameters for outgoing calls in such a way as to enable the TS Adapter IE to establish a connection to the dial-up server of your service provider. If you set "When required" for connection establishment, the connection will only be established when an e-mail needs to be sent. Connection establishment can take longer (approx. one minute) for an analog modem connection. When you specify the WATCH_DOG_TIME parameter, remember to allow for the time required to establish the connection. 4452 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Parameter The following table shows the parameters of the "TM_MAIL" instruction: Parameter Declaration Data type Memory area Description REQ Input BOOL I, Q, M, D, L or con Control parameter REQUEST: Activates the sending stant of an e-mail on a rising edge. ID Input CONN_OU C (Word) D, L or constant Reference to the connection to be established. See ID parameter of the TCON (Page 4254), TDISCON (Page 4264), TSEND (Page 4269), and TRCV (Page 4273) instructions. A number that is not used for any additional instances of this instruction in the user program must be entered here. TO_S (Page 4455) Input STRING D Input parameter for receiver addresses: CC (Page 4455) Input STRING with a maximum length of 240 characters (see example call). STRING D Input parameter for CC recipient addresses (option al): STRING with a maximum length of 240 characters (see example call). If an empty string is assigned here, the e-mail is not sent to a CC recipient. SUBJECT Input STRING D Input parameter for subject of the e-mail: STRING with a maximum length of 240 characters. TEXT Input STRING D Input parameter for text of the e-mail (optional): Reference to a data string with a maximum length of 240 characters. If an empty string is assigned at this parameter, the email is sent without text. ATTACHMENT Input VARIANT I, Q, M, D, L Input parameter for e-mail attachment (optional): Ref erence to a byte/word/double word field with a maxi mum length of 65534 bytes. The specified attachment must be in the file format BIN. If no value is assigned, the e-mail is sent without an attachment. DONE Output BOOL I, Q, M, D, L BUSY Output BOOL I, Q, M, D, L DONE = 0: Job not yet started or still executing. DONE = 1: Job executed without errors. BUSY = 1: Sending of an e-mail is not yet complete. BUSY = 0: Processing of "TM_MAIL" was terminated ERROR Output BOOL I, Q, M, D, L ERROR = 1: An error occurred during processing. STATUS and SFC_STATUS supply detailed informa tion about the type of error. STATUS (Page 4456) Output WORD I, Q, M, D, L Output/status parameter STATUS: WinCC Advanced V14 System Manual, 10/2016 Return value or error information of the "TM_MAIL" instruction. 4453 Programming the PLC 11.4 Instructions Parameter Declaration Data type Memory area Description ADDR_MAIL_S ERVER Static* DWORD I, Q, M, D, L IP address input parameter of the mail server: Specify as a data word in HEX format, for example: IP address = 192.168.0.200. ADDR_MAIL_SERVER = DW#16#C0A800C8, where: 192 = 16#C0, 168 =16#A8 0 = 16#00 and 200 = 16#C8. WATCH_DOG_ TIME Static* USERNAME Static* TIME I, Q, M, D, L Input parameter for max. period of time: The "TM_MAIL" instruction should establish a con nection within the period specified by WATCH_DOG_TIME. The block is exited with an er ror if this period is exceeded. The time before the block is exited and the error is output can exceed the WATCH_DOG_TIME because connection termina tion also takes a certain amount of time. To begin with, you should set a period of 2 minutes. If you have an ISDN telephone connection, a significantly shorter pe riod can be selected. STRING D Input parameter for user name: STRING with a maximum length of 180 characters. A user name is an absolute requirement for authentica tion. PASSWORD Static* STRING D Input parameter for password: STRING with a maximum length of 180 characters. A password is an absolute requirement for authentica tion. FROM (Page 4455) Static* SFC_STATUS (Page 4456) Static* STRING D Input parameter for sender address: STRING with a maximum length of 240 characters (see example call). WORD I, Q, M, D, L Output/status parameter "SFC_STATUS": Error information of the called communication blocks. *The values of the parameter are not modified at every call of the instruction "TM_MAIL". The values are in the static param eters of the instance and are only written once at the first call of the instruction. You can find additional information on valid data types under "Overview of the valid data types (Page 2131)". Note Optional parameters The optional parameters CC, TEXT, and ATTACHMENT are only sent with the e-mail if the corresponding parameters contain a string of length > 0. 4454 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Note Parameter ATTACHMENT The specified attachment must be in the file format BIN. If text is to be transferred, you have the following options: In Windows, you link the file format BIN with a text editor. You use the Windows functions "Send to" or "Open with". SMTP authentication Authentication refers here to a procedure for ensuring an identity, for example, by a password query. The "TM_MAIL" instruction supports the SMTP authentication procedure AUTH-LOGIN that is requested by most mail servers. For information about the authentication procedure of your mail server, please refer to your mail server manual or the website of your Internet service provider. To use the AUTH-LOGIN authentication procedure, the "TM_MAIL" instruction requires the user name with which it can log onto the mail server. This user name corresponds to the user name with which you set up a mail account on your mail server. It is made available to the "TM_MAIL" instruction in the USERNAME parameter. To log on, the "TM_MAIL" instruction also requires the associated password. This password corresponds to the password you specified when you set up your mail account. It is made available to the "TM_MAIL" instruction in the PASSWORD parameter. The user name and the password are each transferred to the mail server unencrypted (BASE64-coded). If no user name is specified in the DB, the AUTH-LOGIN authentication procedure is not used. The e-mail is then sent without authentication. Example You can find a detailed application example in the Siemens Industry Online Support under the following FAQ ID: 67262019 (https://support.industry.siemens.com/cs/ww/en/view/67262019). Parameters TO_S, CC, and FROM (S7-1200) Description The TO_S, CC, and FROM parameters are strings with, for example, the following content: TO: <wenna@mydomain.com>, <ruby@mydomain.com>, CC: <admin@mydomain.com>, <judy@mydomain.com>, FROM: <admin@mydomain.com> WinCC Advanced V14 System Manual, 10/2016 4455 Programming the PLC 11.4 Instructions Note the following rules when entering the parameters: The "TO:", "CC:", and "FROM:" characters must be entered. A space and an opening pointed bracket "<" must be entered before each address. A closing pointed bracket ">" must be entered after each address. A comma must be entered after each address in TO and CC. Only one e-mail may be entered in FROM, and there must not be a comma at the end of this address Because of runtime and memory space, the "TM_MAIL" instruction does not perform any syntax check of the parameters TO_S, CC and FROM. STATUS and SFB_STATUS parameters (S7-1200) Description The return values of the "TM_MAIL" instruction can be classified as follows: W#16#0000: "TM_MAIL" was completed successfully W#16#7xxx: Status of "TM_MAIL" W#16#8xxx: An error was reported during the internal call of a communication block or from the mail server. The following table shows the return values of "TM_MAIL" except for error codes of the internally called communication blocks. Return value Return value STATUS* SFB_STATUS (W#16#...): (W#16#...): 0000 - 7001 Explanation Notes The processing of "TM_MAIL" was comple ted without error. A without error completion of "TM_MAIL" does not mean that the sent e-mail will necessarily arrive (see below - note on point 1) "TM_MAIL" is active (BUSY = 1). Initial call; job has started 7002 7002 "TM_MAIL" is active (BUSY = 1). Intermediate call; job already active 8xxx xxxx The processing of "TM_MAIL" was comple ted with an error code of the internally called communication instructions. For detailed information on the evalua tion of the SFB_STATUS parameter, refer to the descriptions of the STATUS parameter of the communication in structions. 8010 xxxx Error during connection establishment. For further information on the evalua tion of the SFB_STATUS parameter, refer to the descriptions of the STATUS parameter of the "TCON (Page 4254)" instruction. 8011 xxxx Error sending the data. For further information on the evalua tion of SFB_STATUS, refer to the de scriptions of the STATUS parameter of the "TSEND (Page 4269)" instruction. 4456 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.4 Instructions Return value Return value STATUS* SFB_STATUS Explanation Notes (W#16#...): (W#16#...): 8012 xxxx Error receiving the data. For further information on the evalua tion of SFB_STATUS, refer to the de scriptions of the STATUS parameter of the "TRCV (Page 4273)" instruction. 8013 xxxx Error during connection establishment. For further information on the evalua tion of SFB_STATUS, refer to the de scriptions of the STATUS parameter of the "TCON (Page 4254)" and "TDIS CON (Page 4264)" instructions. 8014 - Establishment of a connection is not possible. You have possibly entered an incorrect mail server IP address (ADDR_MAIL_SERVER) or a time span that is too short (WATCH_DOG_TIME) to establish the connection. It is also possible that the CPU has no connection to the network or that the CPU configuration is incor rect. 8016 - Error copying the attachment - 82xx, 84xx, or 85xx - The error message originates from the mail server and the last three digits correspond to the error number of the SMTP protocol. See point 2 in the note. The following columns list several error codes that can occur: 8450 - Action not executed: Mailbox not available/ not reachable. Try again later. 8451 - Action aborted: Local processing error Try again later. 8500 - Syntax error: Error not recognized. This also includes the error when a command string is too long. This can also be occur when the email server does not support the LOGIN au thentication procedure. Check the parameters of "TM_MAIL". Try to send an e-mail without authenti cation. To do this, replace the USER NAME parameter with an empty string. 8501 - Syntax error: Parameter or argument incor rect You have possibly entered an incorrect address in TO_S or CC. 8502 - Command unknown or not implemented. Check your entries, in particular the FROM parameter. This is possibly in complete and you have forgotten "@" or ".". 8535 - SMTP authentication incomplete. You have possibly entered an incorrect user name or incorrect password. 8550 - Mail server cannot be reached, you have no access rights. You have possibly entered an incorrect user name or password, or the mail server does not support your LOGIN. Another cause of error could be an in correct entry of the domain name after the "@" in TO_S or CC. 8552 - Action aborted: Assigned memory size has been exceeded Try again later. WinCC Advanced V14 System Manual, 10/2016 4457 Programming the PLC 11.5 Program editor Return value Return value STATUS* SFB_STATUS (W#16#...): (W#16#...): 8554 - Explanation Notes Transmission failed. Try again later. * The error codes can be displayed as integer or hexadecimal values in the program editor. For additional information on toggling display formats, refer to "See also". Note Status error 1. An incorrect entry of the recipient addresses does not generate a status error of the "TM_MAIL" instruction. In this case, there is no guarantee that the e-mail will be sent to other recipients, even if these were entered correctly. 2. You can find more detailed information on the SMTP error code and other error codes in SMTP protocol on the Internet or in the error documentation of the mail server. You can also view the most recent message from the mail server in your instance DB in the BUFFER1 parameter. If you look under "Data", you will find the data most recently sent by the "TM_MAIL" instruction. 11.5 Program editor 11.5.1 Overview of the program editor Function of the program editor The program editor is the integrated development environment for programming functions, function blocks, and organization blocks. If offers comprehensive support for programming and troubleshooting. The appearance and functionality of the program editor can vary depending on the CPU, programming language and block type used. 4458 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Structure of the program editor Using LAD as an example, the following figure shows the components of the program editor: 5 1 3 2 5 3 6 4 Toolbar Block interface "Favorites" pane in the "Instructions" task card and favorites in the program editor Programming window "Instructions" task card "Testing" task card Toolbar The toolbar allows you to access the principal functions of the program editor, such as: Show and hide absolute operands Showing and hiding favorites Skip to syntax errors WinCC Advanced V14 System Manual, 10/2016 4459 Programming the PLC 11.5 Program editor Update block calls Show and hide program status The functions available in the toolbar can vary depending on the programming language used. Block interface The block interface contains the declarations for local tags used solely within the block. The sections available depend on the block type. Favorites You can save frequently used instructions as favorites. These favorites are then displayed in the "Instructions" task card and the "Favorites" pane. You can also display favorites in the program editor using the program editor toolbar. This allows you to access your favorites even when the "Instructions" task card is not visible. Programming window The programming window is the work area of the program editor. You can enter the program code in this window. The appearance and functionality of the program window can vary depending on the programming language used. "Instructions" task card The "Instructions" task card offers you easy access to all instructions available for creating your program. The instructions are broken down by area into a number of different palettes. You can search the palettes for specific instructions. See also: Find instructions (Page 4470) You can show additional information on the instructions via the "Show column headers and additional columns" button in the task card toolbar. You can modify the arrangement of columns by clicking a column header and moving the column to the new position by means of drag-anddrop. If an instruction profile is active, the offered instructions may vary. See also: Using instruction profiles (Page 4472) 4460 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor "Testing" task card You can set settings in the "Testing" task card for troubleshooting using the program status. The functions of the "Testing" task card are only available in online mode. It contains the following panes, which are displayed depending on the selected CPU and the configured programming language of the block: CPU operator panel The CPU operator panel allows you to switch the CPU operating mode. Breakpoints You can test blocks you created in the textual programming languages STL and SCL in single step mode. To do this, set breakpoints in the program code. In the "Breakpoints" pane, you can find all breakpoints that you have set and you can activate, delete, navigate to, or set the call environment for the individual breakpoints. PLC register This pane allows you to read off the values for the PLC registers and the accumulators. Sequence control In this pane you can set the operating mode for testing sequencers for GRAPH blocks. Test settings This pane allows you to specify the test settings for the GRAPH block. Call environment This pane allows you to specify the call environment for the block. Call hierarchy In this pane, you can trace the call hierarchy of the blocks. You only see the call hierarchy during block monitoring. See also Overview of the block interface (Page 4522) Enlarging the programming window (Page 4466) 11.5.2 Using the keyboard in the program editor Navigating in the editor Function Shortcut key Open "Instructions" task card <Ctrl+Shift+C> Open "Testing" task card <Ctrl+Shift+O> Add new block <Ctrl+N> Expand all networks <Alt+F11> Collapse all networks <Alt+F12> Navigate to the next point of use of the selected block or operand <Ctrl+Shift+G> WinCC Advanced V14 System Manual, 10/2016 4461 Programming the PLC 11.5 Program editor Function Shortcut key Navigate to the previous point of use of the selected block or op <Ctrl+Shift+F> erand Navigate to the next read/write access <Alt+F8> Navigate to the previous read/write access <Alt+F9> Navigate to the definition of the selected block or operand <Ctrl+Shift+D> Navigating in the program code (LAD/FBD) Function Selected object Shortcut key Navigating between objects in the network Object in the network Arrow keys Navigate to the first element of the network Object in the network <Home> Navigate to the last element of the network Object in the network <End> Navigate to the next element of the network Object in the network <Tab> Navigate to the previous element of the network Object in the network <Shift+Tab> Insert network Any <Ctrl+R> Function Position of the cursor Shortcut key Navigating in the program code Line Arrow keys One word to the right/left Line <Ctrl+arrow keys> Cursor to start of line Line <Home> Cursor to end of line Line <End> Cursor to start of code section Line <Ctrl+Home> Cursor to end of code section Line <Ctrl+End> To the next network (STL only) Network title <Down arrow> To the next network (STL only) Line <Tab> Navigating in the program code (STL/SCL) Repeat the shortcut keys until the insertion point is in the next network. To the previous network (STL only) Network title <Up arrow> To the previous network (STL only) Line <Shift+Tab> Repeat the shortcut keys until the insertion point is in the previous network. Insert network Any <Ctrl+R> Function Selected object Shortcut key Insert normally open contact Rung <Shift+F2> Insert normally closed contact Rung <Shift+F3> Insert empty box Rung <Shift+F5> Inserting instructions (LAD) 4462 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Function Selected object Shortcut key Insert assignment Rung <Shift+F7> Insert "Open branch" Rung <Shift+F8> Insert "Close branch" Rung <Shift+F9> Function Selected object Shortcut key Insert AND logic operation Network, input or out <Shift+F2> put Insert OR logic operation Network, input or out <Shift+F3> put Insert empty box Network Insert assignment Network, input or out <Shift+F7> put Insert "Open branch" Connection line be tween two boxes Invert RLO Network, input or out <Ctrl+Shift+4> put Insert input Network, input or out <Ctrl+Shift+3> put Inserting instructions (FBD) <Shift+F5> <Shift+F8> Entering operands (LAD/FBD/GRAPH) Function Selected object Shortcut key Activate the input field for the first operand of the instruction Instruction <Return> Or <Any letters/numbers> An empty input field opens on <Return>, any letters or numbers will be entered in the input field. WinCC Advanced V14 System Manual, 10/2016 Activate input field for the operand Operand <F2> Delete operand Operand <Del> Define tag Operand <Ctrl+Shift+I> Rewire tag Operand <Ctrl+Shift+P> Rename tag Operand <Ctrl+Shift+T> Entering operands Input field for oper ands <Any letters/numbers> Confirm entry of the operand Input field for oper ands <Return> 4463 Programming the PLC 11.5 Program editor Function Selected object Shortcut key Open autocompletion Input field for oper ands <Ctrl+I> Discard current change Input field for oper ands <Esc> The input field is deactivated and the previous contents restored. Process instructions (STL/SCL) Function Selected object Shortcut key Indent line (SCL only) Line <Tab> or <Ctrl+R> Outdent line (SCL only) Line <Shift+Tab> or <Ctrl+Shift+R> Automatically formatting selected text (SCL only) <Ctrl+Shift+W> Open "Call options" dialog Cursor after block call <Return> Define tag Operand <Ctrl+Shift+I> Rewire tag Operand <CtrlShift+P> Rename tag Operand <Ctrl+Shift+T> Expand/collapse parameter list (SCL only) Operand <Ctrl+Shift+Space> Expand/collapse code section Insertion mark within the code section <Ctrl+Shift+Num+> Expand/collapse all code sections Any <Ctrl+Shift+Num*> <Ctrl+Shift+Num-> <Ctrl+Shift+Num/> Open autocompletion Any <Ctrl+I> or <Ctrl+Spacebar> Set/delete bookmarks <Ctrl+Shift+M> To the next bookmark <Ctrl+Shift+6> To the previous bookmark <Ctrl+Shift+5> Comment out selection Line <Ctrl+Shift+Y> Remove comment Line <Ctrl+Shift+U> Function Block Shortcut key Page Up/Down Navigation view, sin gle step view, se quence view, perma nent instructions <Page Up>/ Navigation view <Up arrow> Programming window of GRAPH Navigate in the navigation view <Page Down> <Down arrow> 4464 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Function Block Shortcut key Expand/collapse object Navigation view <+> or <Right arrow> <-> or <Left arrow> Switch between single step view and sequence view when a step or a transition is selected Navigation view <Return> Switch between navigation view and work area Navigation view, sin gle step view, se quence view, perma nent instructions <ALT+F6> Go to first element in a network Single step view <Home> Go to last element in a network Single step view <End> Switch to interlock Single step view <Ctrl+Home> Switch to transition Single step view <Ctrl+End> Navigate in the structure Sequence view Arrow keys Go to first step Sequence view <Home> or <Ctrl+Home> Go to last step Sequence view <End> or <Ctrl+End> Open branch Sequence view <Shift+F8> Close branch Sequence view <Shift+F9> Insert sequence end Sequence view <Shift+F7> Insert jump Sequence view <Shift+F12> Insert step and transition Sequence view <Shift+F5> Delete element Sequence view <Del> Go to first editable element Permanent instruc tions <Home> Go to next editable element Permanent instruc tions <Tab> Go to last editable element Permanent instruc tions <End> Go to previous editable element Permanent instruc tions <Shift+Tab> Jump to the start of the "Action" cell Actions <Home> Jump to the end of the "Action" cell Actions <End> Insert new action Actions <Return> Function Block Shortcut key Expand block Block overview, block <Ctrl+Shift+Num+> in the programming window Collapse block Block overview, block in the programming window Programming window of SCL WinCC Advanced V14 System Manual, 10/2016 <Ctrl+Shift+Num-> 4465 Programming the PLC 11.5 Program editor Function Block Shortcut key Expand all blocks Block overview, pro gramming window <Ctrl+Shift+Num*> Collapse all blocks Block overview, pro gramming window <Ctrl+Shift+Num/> Monitor program Function Shortcut key Set/remove breakpoint (STL, SCL) <Ctrl+Shift+F9> Step over breakpoint (STL, SCL) <Ctrl+Shift+F10> Jump to lower-level block (STL, SCL) <Ctrl+Shift+F11> Return to calling block (STL, SCL) <Ctrl+Shift+F12> Run program up to marker (cursor position) (STL, SCL) <Ctrl+F3> Display program status (SCL, STL) <Ctrl+T> Enable all breakpoints (STL, SCL) <Ctrl+Shift+F2> Disable all breakpoints (STL, SCL) <Ctrl+Shift+F3> Modify to 0 (LAD, FBD) <Ctrl+Shift+9> Modify to 1 (LAD, FBD) <Ctrl+Shift+1> Modify operand (LAD, FBD) <Ctrl+Shift+2> See also Keyboard operation in the TIA Portal (Page 300) Using project-related functions (Page 302) Arranging windows (Page 302) Editing tables (Page 308) Text editing (Page 307) 11.5.3 Enlarging the programming window Introduction The programming window is relatively small when all components of the application are shown. If the program code is large, you may find you have to rearrange the work area constantly. To avoid this problem, you can hide or minimize the display of the following components of the application and of the program editor: Project tree Task cards Block interface Favorites 4466 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Comments Networks Note You can also use the "Reduce automatically" option for the task cards, project tree, and Inspector window. These windows will then be minimized automatically when you do not need them. See also: Maximizing and minimizing the work area Hiding and showing the project tree The project tree allows you to access all areas of the project. You can hide the project tree while you are creating a program so you have more space for the programming window. To show and hide the project tree, follow these steps: 1. To hide the project tree, deselect the "Project tree" check box in the "View" menu, or click on "Collapse" on the project tree title bar. 2. To show the project tree, select the "Project tree" check box in the "View" menu or click on "Extend" on the project tree title bar. Opening and closing task cards The task cards are located at the right-hand edge of the programming window. To open or close the task cards, follow these steps: 1. To close the task cards, deselect the "Task card" check box in the "View" menu or click "Collapse" on the task cards title bar. 2. To open the task cards, select the "Task card" check box in the "View" menu or click "Expand" on the task cards title bar. Hiding and showing the block interface The block interface is shown in the upper section of the program editor. During programming you can show and hide it as required. To show and hide the block interface, follow these steps: 1. In the lower part of the interface within the window splitter, click on the Up arrow or Down arrow. Showing and hiding favorites To hide or show the favorites in the program editor, follow these steps: 1. Click the "Display favorites in the editor" button in the program editor toolbar. WinCC Advanced V14 System Manual, 10/2016 4467 Programming the PLC 11.5 Program editor Showing and hiding comments Within a block you can enter a comment for the block or for each network. These two types of comments are shown and hidden differently. To show or hide a block comment, follow these steps: 1. Click the the triangle at the start of the line with the block title. To show or hide network comments, follow these steps: 1. Click "Network comments on/off" on the program editor toolbar. Note The comments available can vary depending on the programming language used. Opening and closing networks Some programming languages use networks. You can open or close these networks as required. To open or close networks, follow these steps: 1. If you want to open a network, click the right arrow in front of the network title. If you want to close a network, click the down arrow in front of the network title. To open and close all networks, follow these steps: 1. Click "Open all networks" or "Close all networks" in the program editor toolbar. Note Networks are not used in every programming language. See also Overview of the program editor (Page 4458) Maximizing and minimizing the work area (Page 279) 11.5.4 Setting the mnemonics You can program blocks using German or international mnemonics. When you open the TIA Portal for the first time, international mnemonics is set as default. You can change the mnemonics at any time. 4468 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Procedure To set the mnemonics, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General" group in the area navigation. 3. In the "General settings" group, select the mnemonics that you want to use. The mnemonics is changed in all blocks. 11.5.5 Displaying symbolic and absolute addresses You have the following options for displaying operands in the program editor: Symbolic representation The symbolic operands are displayed in the program. The corresponding absolute addresses are shown in tooltips if you hold the mouse pointer over the operand. Absolute representation The absolute addresses are displayed in the program. The corresponding symbolic operands are displayed in tooltips. Symbolic and absolute representation Symbolic operands and absolute addresses are displayed in program. This setting only has an effect on blocks that were programmed with LAD, FBD, STL, and GRAPH. Note Note that absolute operands are not displayed for GRAPH blocks if you have disabled the option "Display absolute operands" in the "Action" column. You can set the display of operands centrally for all new blocks of the project or for individual blocks. Setting operand representation for new blocks To set the operand representation for all new blocks in the project, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "PLC programming > General" group in the area navigation. 3. Select the desired representation in the "Operand representation" drop-down list. The selected representation is enabled for all new blocks in the program. Setting operand representation for an individual block To change the representation of the operands, follow these steps: 1. Open the block in the program editor. 2. Click the "Absolute/symbolic operands" button in the program editor toolbar. Each time you click the button, the representation and the symbol on the button change. WinCC Advanced V14 System Manual, 10/2016 4469 Programming the PLC 11.5 Program editor Or: 1. Open the block in the program editor. 2. Click the small arrow next to the "Absolute/symbolic operands" button in the program editor toolbar. A drop-down list is displayed. 3. Select the required representation from the drop-down list. The symbol on the button changes. 11.5.6 Find instructions You have the option of finding specific instructions in the "Instructions" task card and then inserting them in your program. Note the following rules when entering search terms: No distinction is made between upper and lower case text. The search function considers parts of a search term. You cannot use placeholders, such as "*" and "?". If an instruction name includes underscores, the instruction is found even if you do not enter the underscore. The text in the columns "Name" and "Description" are taken into consideration in the search. Requirement A block is open. The "Instructions" task card is open. Procedure To search for a specific instruction in the "Instructions" task card, follow these steps: 1. Select a starting point for the search if you want to start the search at a specific point. If you do not select a starting point, the search starts either at the top or bottom in the task card, depending on the type of search you have selected. 2. Enter a search term in the text box of the task card toolbar. 3. Click "Search down" if you want to search the task card from top to bottom. 4. Click "Search up" if you want to search the task card from bottom to top. The first match with the search term found is displayed as the result. If you want to continue the search, click the "Search down" or "Search up" button again. If no matches are found, you will receive a corresponding message. See also Overview of the program editor (Page 4458) 4470 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor 11.5.7 Use instruction versions Basic information on instruction versions The instructions available to you for programming the user program are managed in system libraries. If a new version of a system library is installed by an update, the newer versions of the instructions of this system library may also be installed. If there are several versions for an instruction, these are listed in the "Instructions" task card after the respective instruction. If the instruction versions are not shown, you can show them via the "Show column headers and additional columns" button in the toolbar of the "Instructions" task card. You can then select the versions of the instructions to be used in the program from the dropdown-list box of the "Version" column. If you do not select any versions, the most recent versions are used. Note Please note the following: You can only ever use the same version of an instruction within a device. If you use an instruction in a know-how-protected block with a version other than the version set in the project, you can compile the know-how-protected block without a password if the interfaces of the instruction versions are identical. The next time you open the know-howprotected block, you will need to update the call for the instruction. The corresponding call is marked in red. The call is updated automatically by the system by compiling the entire program. If you change the version of an instruction that other instructions depend on, the versions of the dependent instructions are also changed. If you select a version for an instruction that can not be run on the CPU used, the instruction is shaded out. This means that you cannot use this instruction in this version with your CPU. The system block in the project tree displays the block version number in its properties; it does not have to match the instruction version number of the associated instruction in the task card. If you change the version of an instruction in the task card, you must compile the associated system block in the project tree before you update its block version number. Changes in the versions New versions can be main versions or secondary versions. New versions, such as 2.0 or 3.0, have more substantial changes to them. New main versions may therefore result in changes to the block interface. New secondary versions, such as 1.3 or 1.4, contain lesser changes or remedies to errors. Using instruction versions You can decide within a device which version of an instruction you want to use. If you select another version for an instruction, the new version is specified for all locations of use of this instruction within your program. These instructions are identified in the program by a red frame. You must then download your program to the device to use the new instruction version. WinCC Advanced V14 System Manual, 10/2016 4471 Programming the PLC 11.5 Program editor 11.5.8 Using instruction profiles 11.5.8.1 Basics of instruction profiles Introduction The TIA Portal provides you with numerous instructions that you can use to program the user program. However, you may filter out specific instructions that you do not want to use. To this end you can create instruction profiles in which you can explicitly specify the instructions to be listed in the "Instructions" task card. However, although you may create several instruction profiles in a project, only one of these profiles may be active at any given time. You can exchange instruction profiles with other users by means of shared libraries. Note Please note the following: The use of instructions that are not allowed in the active profile in a block will trigger the output of a block compilation error. Such a situation may be triggered if you drag-and-drop a block from the library to your program. Instructions of a profile that are not supported by the currently installed products are deleted from the profile the next time it is edited. If you transfer this profile to an engineering system in which these instructions are supported by the installed products, the instructions are again present in the profile but they are disabled. You can enable these instructions as required at any time. If you want to make changes to the active profile, you must recompile the blocks in the project. This is also necessary when you disable or delete the active profile or when you enable a profile. See also Creating new instruction profiles (Page 4472) Opening and editing instruction profiles (Page 4474) Activating and deactivating instruction profiles (Page 4475) Deleting instruction profiles (Page 4476) 11.5.8.2 Creating new instruction profiles Requirement The "Common data > Instruction profiles" folder is open in the project navigation. 4472 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Procedure Proceed as follows to create a new instruction profile: 1. Double-click the "Add new profile" command. The Instruction Profile Editor opens and displays the new instruction profile. All instructions are activated for the new instruction profile. 2. Edit the new instruction profile to suit your requirements. If necessary, you can rename the new instruction profile. To do this, follow these steps: 1. Right-click on the new instruction profile. 2. Select the "Rename" command in the shortcut menu. 3. Enter a name for the new instruction profile. Note The first instruction profile that you create will be used as active profile. In this case, compile all blocks in the project. If other instruction profiles are already available you must explicitly activate the new one in order to use it as active profile. You can identify the active profile by its icon in the project navigation. See also Basics of instruction profiles (Page 4472) Opening and editing instruction profiles (Page 4474) Activating and deactivating instruction profiles (Page 4475) Deleting instruction profiles (Page 4476) WinCC Advanced V14 System Manual, 10/2016 4473 Programming the PLC 11.5 Program editor 11.5.8.3 Opening and editing instruction profiles Once you have opened an instruction profile, you can edit it as follows: Activating and deactivating instructions You can explicitly specify the instructions to be allowed in the instruction profile. Note Note that dependencies exist between some instructions. As a result, it is possible that several instructions may be activated or deactivated by an action. The check box icon indicates the folders in which instructions are deactivated. Activating and deactivating instruction versions Certain instructions are available with different versions. You can explicitly specify the instruction versions to be allowed in the instruction profile. Renumbering blocks An instruction representing an internal function block (FB) or function (FC) in the system is assigned a specific block number by the system. You can replace this block number with your own block number. Within a version, there are several implementations for certain instructions. The block numbers in such instructions can only be changed for the specific implementation. Note If an instruction from the instruction profile is used in the program and the specified block number is already in use by a different block, the specified block number of the instruction will be replaced by a free block number. Requirement The "Common data > Instruction profiles" folder is open in the project navigation. Opening instruction profiles Proceed as follows to open an instruction profile: 1. Double-click the instruction profile that you want to edit. The instruction profile opens in the Instruction Profile Editor. Editing instruction profiles Proceed as follows to edit an instruction profile in the Instruction Profile Editor: 1. Select the device that you want to edit from the "Device family" drop-down list box. 2. Select the programming language for which you want to edit the instruction profile from the "Language" drop-down list box. 3. Deactivate the instructions or instruction versions that you want to exclude from the instruction profile. You can deactivate a folder to deactivate all subordinate instructions. 4474 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor 4. Activate the instructions or instruction versions that you want to allow in the instruction profile. 5. You may assign your own block numbers. Note You can assign the number up to 65535 for CPUs of the S7-1200/1500 series. For CPUs of the S7300/400 series you find the restrictions of the number ranges in the respective CPU manual. Note A new compilation process is required for all blocks in the project when you change the active profile. See also Basics of instruction profiles (Page 4472) Creating new instruction profiles (Page 4472) Activating and deactivating instruction profiles (Page 4475) Deleting instruction profiles (Page 4476) Use instruction versions (Page 4471) 11.5.8.4 Activating and deactivating instruction profiles You first need to activate an instruction profile in order to include filtering of its instructions. You can always deactivate the instruction profile to reset the instructions task card to the default scope of instructions. Note A new compilation process is required for all blocks in the project. Requirement The "Common data > Instruction profiles" folder is open in the project navigation. Activating instruction profiles Proceed as follows to activate an instruction profile: 1. Right-click on the instruction profile that you want to activate. 2. Select the "Activate profile" command from the shortcut menu. The selected instruction profile is now active. Instructions can now only be used in accordance with the settings of this profile. WinCC Advanced V14 System Manual, 10/2016 4475 Programming the PLC 11.5 Program editor Deactivating instruction profiles Proceed as follows to deactivate the instruction profile: 1. Right-click on the instruction profile that you want to deactivate. 2. Select the "Deactivate profile" command from the shortcut menu. No instruction profile is active and the "Instructions" task card once again shows all instructions that are available for use. See also Basics of instruction profiles (Page 4472) Creating new instruction profiles (Page 4472) Opening and editing instruction profiles (Page 4474) Deleting instruction profiles (Page 4476) 11.5.8.5 Deleting instruction profiles Requirement The "Common data > Instruction profiles" folder is open in the project tree. Procedure Proceed as follows to delete an instruction profile: 1. Right-click on the instruction profile that you want to delete. 2. Select the "Delete" command in the shortcut menu. Note A new compilation process is required for all blocks in the project when you delete the active profile. Result The selected instruction profile is deleted. If you deleted the active instruction profile, no more active profiles are available and the "Instructions" task card once again shows all instructions that are available for use. See also Basics of instruction profiles (Page 4472) Creating new instruction profiles (Page 4472) 4476 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Opening and editing instruction profiles (Page 4474) Activating and deactivating instruction profiles (Page 4475) 11.5.9 Using autocompletion 11.5.9.1 Basics of autocompletion Function You can use autocompletion in the program window of the program editor as an easy way to access available tags or instructions during programming. Autocompletion means a contextspecific list appears in a dialog from which you can select the tags or instructions you need. See also Using autocompletion in graphic programming languages (Page 4477) Using autocompletion in textual programming languages (Page 4478) 11.5.9.2 Using autocompletion in graphic programming languages Inserting tags using autocompletion To insert tags in graphic programming languages using autocompletion, follow these steps: 1. Select an operand of the instruction to which you wish to assign a tag. The input field for the operand opens. The autocompletion button will appear beside the input field. 2. Either click the autocompletion button or use the shortcut <Ctrl+l>. Autocompletion opens. It contains only the local and global tags, data blocks and multiple instances which are admissible for the operand in the given context. You can exit autocompletion at any time by pressing <Esc>. WinCC Advanced V14 System Manual, 10/2016 4477 Programming the PLC 11.5 Program editor 3. Select the required tag from the list. If necessary, you can also filter the list: - For example, enter the first few letters of the name of the tag or instruction you wish to insert. Autocompletion will be filtered further with each letter entered. If there is no tag or instruction starting with the letters entered, autocompletion will remain at the last match. - Enter # to access the local tags from the block interface. - Enter " to access the global tags. - Enter % to access absolute addresses. If the tag is a structured tag, a data block or a multiple instance, then an arrow is displayed at the end of the row. Click on the arrow to display the lower-level elements. You can navigate to the very last level in this way. If a structure is allowed as a data type for the operand, you can choose "None" from the list. This assigns the entire structure to the operand as a tag. Use the <Backspace> key to return to the previous level. 4. Press the <Return> key to apply the tag. See also Basics of autocompletion (Page 4477) Using autocompletion in textual programming languages (Page 4478) 11.5.9.3 Using autocompletion in textual programming languages Inserting tags and instructions using autocompletion To insert tags and instructions in textual programming languages using autocompletion, follow these steps: 1. Enter the first few letters of the name of the tag or instruction you wish to insert. If necessary, you can directly filter the kind of tags: - Enter # to access the local tags from the block interface. - Enter " to access the global tags. - Enter % to access absolute addresses. Autocompletion opens. It contains only the local and global tags, data blocks, multiple instances and instructions which are admissible at the current position. You can exit autocompletion at any time by pressing <Esc>. 2. Enter more letters of the name of the tag or instruction you wish to insert. You can use <Enter> or <Tab> to apply the tag or instruction and close autocompletion. Autocompletion will be filtered further with each letter entered. If there is no tag or instruction starting with the letters entered, autocompletion only contains the previous matches. 4478 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor 3. Select the tag or instruction required from the list. If a tag is a structured tag, a data block or a multiple instance, first select the tag, the data block or multiple instance from the autocompletion and apply the selection with <Enter>. To select the additional components of the structure, data block, or multiple instance, enter a period. Autocompletion then reopens and you can select the next component. 4. Press the <Return> key to apply the tag. See also Basics of autocompletion (Page 4477) Using autocompletion in graphic programming languages (Page 4477) 11.5.10 General settings for the PLC programming 11.5.10.1 Overview of the general settings Overview The following table shows the general settings that you can make: Group Setting Description View Operand representation Representation of the operand in the program editor. You can select between the following options: Symbolic and absolute Symbolic Absolute (only for LAD, FBD, STL and GRAPH) Tag information Additional information for the tags used is displayed in the program editor. When you select the option "Tag information with hierarchy", the comments of the higher structure levels are also dis played for structured tags. With comments Network comments are shown. Compilation Delete actual parameters on interface update Actual parameters are deleted if the as sociated formal parameters were de leted in the called block, and you run the "Update block call" function or compile the block. Default settings for new blocks IEC check The compatibility of operands in com parison operations and arithmetic oper ations are tested according to IEC rules. You have to explicitly convert non-com patible operands. WinCC Advanced V14 System Manual, 10/2016 4479 Programming the PLC 11.5 Program editor Group Setting Description Additional settings Set network title automatically Sets the title of a network based on the comment of the output parameter of the first writing instruction in the network. See also: Inserting network title (Page 4643) Show autocompletion list The autocompletion list is displayed. Mnemonics German or international designation of operations and operands Download without reinitialization Memory reserve Defines the size of reserve in volatile memory that can be used for interface extensions. Block interface / data blocks Set "Accessible from HMI/OPC UA" for Enables the option "Accessible from new elements and ARRAY data blocks. HMI" for new tags in the block interface and in data blocks. The use of this option makes sense especially when working with large amounts of data in ARRAY data blocks. See also: Basic principles for program ming of data blocks (Page 4551) Set data block elements with access type "Standard" to retentive. When this check box is selected, the "Retain" attribute is set for newly cre ated tags in data blocks with standard access. See also Overview of the block interface (Page 4522) Changing the settings (Page 4480) Permissible addresses and data types of PLC tags (Page 4595) Overview of the print settings (Page 264) Setting and canceling the IEC check (Page 2334) Using autocompletion (Page 4477) 11.5.10.2 Changing the settings Procedure To change the settings, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Change the settings. 4480 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.5 Program editor Result The change will be loaded directly, there is no need to save it explicitly. See also Overview of the general settings (Page 4479) 11.5.11 Eliminating syntax errors in the program 11.5.11.1 Basic information on syntax errors Syntax errors Below are some examples of syntax errors: Missing separators or the use of too many separators Incorrect keyword spelling Incorrect jump label spelling/notation Notation which does not match the set mnemonics (for example, "I2.3" instead of "E2.3") The use of key words as operands Identification of syntax errors Syntax errors are underlined in red or appear in red type. This identification allows you to recognise incorrect inputs at a glance and jump from error to error to eliminate them. Syntax errors are also listed in the "Info" tab of the inspector window with an error message. See also Finding syntax errors in the program (Page 4481) 11.5.11.2 Finding syntax errors in the program Procedure To find syntax errors in the program, follow these steps: 1. Select the position in the program in which you wish to look for errors. 2. Click "Go to next error" in the toolbar. The first error after the position you have selected will be marked. WinCC Advanced V14 System Manual, 10/2016 4481 Programming the PLC 11.5 Program editor You can use "Go to next error" and "Go to previous error" in the toolbar to find and correct all errors in the block. Or: 1. Open the error list in the inspector window with "Info > Syntax". All syntax errors are listed in the table with a short description of the error. 2. If there are any errors, click on the blue question mark next to the error text to obtain information on eliminating the problem. 3. Double-click the error you want to correct. The corresponding error is highlighted. See also Basic information on syntax errors (Page 4481) 11.5.12 Changing the programming language 11.5.12.1 Rules for changing the programming language Rules Observe the following rules if you want to change the programming language for a block: All CPU series: - You can only change the programming language of entire blocks. The programming language cannot be changed for individual networks. - You cannot switch blocks programmed in the programming languages SCL or GRAPH. In GRAPH blocks, however, you can change between LAD and FBD as network languages. S7-300/400: - You can only change between the programming languages LAD, FBD and STL. - You can create networks within a block using another programming language and then copy them into the desired block. - If the language of individual networks of the block cannot be changed, these networks is displayed in their original language. S7-1200/1500: - You can change between the programming languages LAD and FBD. S7-1500: - You can create STL networks within the LAD and FBD blocks. However, you cannot copy between STL and LAD/FBD. 4482 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 11.5.12.2 Change the programming language Procedure To change the programming language, follow these steps: 1. Right-click the block in the project tree. 2. Select the "Properties" command in the shortcut menu. The dialog with the properties of the block opens. 3. Select the "General" entry in the area navigation. 4. Select the new programming language in the "Language" drop-down list. 5. Confirm your selection with "OK". See also Rules for changing the programming language (Page 4482) 11.6 Creating and managing blocks 11.6.1 Creating blocks 11.6.1.1 Block folder Function You can find a "Program blocks" folder in the project tree, in which you can create and manage the following blocks: Organization blocks (OB) Function blocks (FB) Functions (FCs) Data blocks (DB) A "System blocks" subfolder containing another subfolder, "Program resources", is also created in the "Program blocks" folder the first time you drag an instruction to your program which is an internal system function block. The instance data block of the internal system function block is also pasted to the "Program resources" folder. You can copy, rename or delete such instance data blocks in the "Program resources" folder. The "Program resources" folder is deleted together with the "System blocks" folder if contains no more blocks. WinCC Advanced V14 System Manual, 10/2016 4483 Programming the PLC 11.6 Creating and managing blocks A program cycle OB is automatically generated for each device and inserted in the "Program blocks" folder. Note Moving blocks from the "Program resources" folder or to the "Program resources" folder You can move blocks between the "Program resources" folder and other folders. When moving blocks from the "Program resources" folder or to the "Program resources" folder, note the following: Moving blocks from the "Program resources" folder into another folder: When the next time the user program is compiled, the shifted instance data blocks are moved back into the "Program resources" folder. Moving by any blocks to the "Program blocks" folder: Blocks in the "Program resources" folder that are not required to run the user program are removed during the next compilation. This may cause your moved block to be deleted. See also Creating functions and function blocks (Page 4485) Creating data blocks (Page 4486) Creating organization blocks (Page 4484) Using blocks from libraries (Page 4487) 11.6.1.2 Creating organization blocks Requirement The "Program blocks" folder in the project tree is open. Procedure To create an organization block, follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Organization block (OB)" button. 3. Select the type of new organization block. 4. Enter a name for the new organization block. 5. Enter the properties of the new organization block. 6. To enter additional properties for the new organization block, click "Additional information". An area with further input fields is displayed. 7. Enter all the properties you require. 4484 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 8. Activate the "Add new and open" check box if the organization block does not open as soon as it is created. 9. Confirm your entries with "OK". Result The new organization block is created. You can find the organization block in the project tree in the "Program blocks" folder. You can assign additional parameters to some organization blocks in the inspector window or device view after they have been created. The organization block description will state whether the newly created organization block has additional parameters. See also Block folder (Page 4483) Creating functions and function blocks (Page 4485) Creating data blocks (Page 4486) Using blocks from libraries (Page 4487) Entering a block title (Page 4493) Entering a block comment (Page 4494) 11.6.1.3 Creating functions and function blocks Requirement The "Program blocks" folder in the project tree is open. Procedure To create a function (FC) or a function block (FB), follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Function block (FB)" or "Function (FC)" button. 3. Enter a name for the new block. 4. Enter the properties of the new block. 5. To enter additional properties for the new block, click "Additional information". An area with further input fields is displayed. 6. Enter all the properties you require. 7. Activate the "Add new and open" check box if the block does not open as soon as it is created. 8. Confirm your entries with "OK". WinCC Advanced V14 System Manual, 10/2016 4485 Programming the PLC 11.6 Creating and managing blocks Result The new block is created. You can find the block in the project tree in the "Program blocks" folder. See also Block folder (Page 4483) Creating organization blocks (Page 4484) Creating data blocks (Page 4486) Using blocks from libraries (Page 4487) Entering a block title (Page 4493) Entering a block comment (Page 4494) 11.6.1.4 Creating data blocks Requirement The "Program blocks" folder in the project tree is open. Procedure To create a data block, follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Select the type of the data block. You have the following options available to you: - To create a global data block, select the list entry "Global DB". - To create an ARRAY data block, select the "ARRAY DB" entry in the list. - To create an instance data block, select the function block to which you want to assign the instance data block from the list. The list contains only the function blocks that were previously created for the CPU. - To create a data block based on a PLC data type, select the PLC data type from the list. The list contains only the PLC data types that were previously created for the CPU. - To create a data block based on a system data type, select the system data type from the list. The list contains only those system data types that have already been inserted to program blocks in the CPU. 4. Enter a name for the data block. 5. Enter the properties of the new data block. 4486 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 6. If you have selected an ARRAY DB as the data block type, enter the ARRAY data type and the high limit for the ARRAY. You can change the high limit for the ARRAY at any time in the property window of the created block. The ARRAY data type cannot be changed subsequently. 7. If you have selected a block that contains monitoring as the "Type", assign a ProDiag function block to the monitoring functions. 8. To enter additional properties of the new data block, click "Additional information". An area with further input fields is displayed. 9. Enter all the properties you require. 10.Activate the "Add new and open" check box if the block does not open as soon as it is created. 11.Confirm your entry with "OK". Result The new data block is created. You can find the data block in the project tree in the "Program blocks" folder. Note Retentivity of ARRAY data blocks ARRAY data blocks and their components cannot be set retentively. See also Basic principles for programming of data blocks (Page 4551) System data types (Page 2194) Using blocks from libraries (Page 4487) 11.6.1.5 Using blocks from libraries You can save blocks in the project library or in a global library, so that you can use them more than once within a user program. You can insert the blocks as master copies or as types. See also: Library basics (Page 455) Requirement The "Libraries" task card is displayed. No write protection is set for global libraries. WinCC Advanced V14 System Manual, 10/2016 4487 Programming the PLC 11.6 Creating and managing blocks Adding blocks as master copies to the project library or to a global library To add new blocks as master copies to the project library or to a global library, follow these steps: 1. Maximize the project library or the global library. 2. Use drag-and-drop to move the block you wish to add to the library to the "Master copies" folder or any one of the "Master copies" subfolders in the project library or a global library. Do not release the left mouse button until a small plus sign appears underneath the mouse pointer. Or: 1. Copy the block you want to add as master copy. 2. Maximize the project library or the global library. 3. Right-click the "Master copies" folder or any of its subfolders. 4. Select "Paste" in the shortcut menu. Adding blocks as types to the project library or to a global library To add new blocks as types to the project library or to a global library, follow these steps: 1. Maximize the project library. 2. Drag-and-drop the block you want to add as a type into the "Types" folder or any subfolder of "Types" in the project library. Do not release the left mouse button until a small plus sign appears underneath the mouse pointer. 3. If necessary, drag the block from the "Types" folder of the project library into the "Types" folder of a global library. Or you can copy the block in the project library, and add it to a global library. Or: 1. Copy the block you want to add as type. 2. Maximize the project library. 3. Right-click the "Types" folder or any of its subfolders. 4. Select "Paste" in the shortcut menu. 5. If necessary, drag the block from the "Types" folder of the project library into the "Types" folder of a global library. Or you can copy the block in the project library, and add it to a global library. Using blocks of the project library or a global library To use a block from the project library or a global library in your project, follow these steps: 1. Maximize the project library or the global library so that you can see the block you wish to use. 2. Use a drag-and-drop operation to move the block to the CPU block folder. If the selected insertion points is not allowed, the mouse pointer will appear as a circle with a slash. 4488 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Note If you derive an instance from a type in a global library, the type is also inserted into the project library. The instance is then only linked to the type in the project library. 11.6.1.6 Copying and pasting blocks Basics of copying and pasting blocks Function You can also create new blocks by copying existing blocks and pasting the copy. Note the following principles when copying to CPUs of the same device family: You can copy organization blocks (OBs), functions (FCs), function blocks (FBs), and global data blocks (DBs) without restriction. You can copy instance data blocks only for the same function block, since the assignment to the function block cannot be changed afterwards. However, the assignment is canceled if you copy the instance data block to a different CPU. If a function block with the same name exists there, the instance data block will be assigned to this function block. If you copy the instance data block together with the function block into the other CPU, the instance data block is assigned to the copy of the function block. The various device families sometimes support different blocks, especially in the case of organization blocks. However, function blocks and functions can also be programmed on the WinCC Advanced V14 System Manual, 10/2016 4489 Programming the PLC 11.6 Creating and managing blocks various devices with different access types. Therefore, not all blocks are supported on all devices. Note the following principles when copying to a different device family: Copying to an S7-1200 CPU: - Organization blocks with "Optimized" access type can be copied to an S7-1200. If the copied OB type is supported by the S7-1200 CPU, the copied OB retains the properties of its event. You must, however, compile it again. - Although organization blocks with the "Standard" access type can be copied to an S7-1200, they are not supported by the CPU. - Function blocks (FBs), functions (FCs) and global data blocks (DBs) with "Optimized" access type can be copied to an S7-1200. However, they must be recompiled after this. - Instance data blocks: If there is a function block in the target CPU with the name that was assigned to the instance data block in the source CPU, the instance data block is assigned to the function block in the target CPU. If you copy the instance data block together with the function block to which it was assigned in the source CPU into the target CPU, the instance data block is assigned to the copy of the function block. Copying to an S7-1500 CPU: - Organization blocks with "Optimized" access type can be copied to an S7-1500. If the copied OB type is supported by the S7-1500 CPU, the copied OB retains the properties of its event. You must, however, compile it again. OB types that are not supported receive a no parking symbol. - Organization blocks with "Standard" access type can be copied to an S7-1500. If the OB derives from an S7-300/400 CPU, it receives the standard event of the corresponding OB type. If the OB derives from an S7-1200/1500 CPU, it receives the properties of its event. However, it must be compiled again. - Function blocks (FBs), functions (FCs) and global data blocks (DBs) with "Optimized" access type can be copied to an S7-1500. However, they must be recompiled after this. - Instance data blocks: If there is a function block in the target CPU with the name that was assigned to the instance data block in the source CPU, the instance data block is assigned to the function block in the target CPU. If you copy the instance data block together with the function block to which it was assigned in the source CPU into the target CPU, the instance data block is assigned to the copy of the function block. Copying to S7-300/400 CPUs: - Organization blocks can be copied as required between S7-300 and S7-400. - Although organization blocks from S7-1200/1500 CPUs can be copied to S7-300/400 CPUs, they are not supported by the target CPU. - Function blocks (FBs), functions (FCs) and global data blocks (DBs) can be copied as required between S7-300 and S7-400. - Although function blocks (FBs), functions (FCs) and global data blocks (DBs) can be copied from S7-1200/1500 CPUs to S7-300/400 CPUs, they are not supported by the target CPU. 4490 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks - Instance data blocks: If there is a function block in the target CPU with the name that was assigned to the instance data block in the source CPU, the instance data block is assigned to the function block in the target CPU. If you copy the instance data block together with the function block to which it was assigned in the source CPU into the target CPU, the instance data block is assigned to the copy of the function block. - You may be able to cop function blocks (FBs) and functions (FCs) that are programmed with LAD or FBD and contain SCL networks to S7-300/400 CPUs, but they are not supported by the target CPU. In the project tree, blocks that are not supported are indicated by the no parking symbol. Blocks with a no parking symbol cannot be edited, but only used again as copy source. Note When blocks are copied between different device families, it is possible that the copied block needs to be recompiled. This applies also to the coping of blocks between CPUs and software controllers. If the block has know-how protection, re-compilation is only possible with the correct password. Copying data With paste, all the block data is copied and forwarded to the copy. This data includes: Block interface tags All networks Comments in all existing compilations Messages defined in the block The entire program code of the copied block including the call instructions contained in the block. However, called blocks and their associated instance data blocks are not copied. Avoiding name conflicts during pasting When pasting copied blocks with identical names to already existing blocks, the following mechanisms are used to avoid name conflicts: Pasting the copied block into the same CPU: The copy of the block gets a name that is extended by a number. For example, if block "A" is copied, a possible name for the copy is "A_1". Consecutive numbering is not used, but rather the smallest free number. The copy of block "A" can also get the name "A_25", if no lower number is available. Pasting the copied block into another CPU: A dialog box opens in which you can select whether the block with the same name will be replaced or the copied block will be pasted with a duplicate designation (Name_Number). WinCC Advanced V14 System Manual, 10/2016 4491 Programming the PLC 11.6 Creating and managing blocks Note Number conflicts Number conflicts may occur, if the pasted block has the same block number as an existing block. The block number is not automatically changed during pasting. This double number may have an effect on block calls. When you copy blocks you should therefore check the block number carefully and correct duplicate block numbers manually or using the block properties. Duplicate block numbers lead to a compilation error. See also Copying blocks (Page 4492) Pasting blocks (Page 4492) Copying blocks Requirement The "Program blocks" folder is opened in the project tree. Procedure To copy a block, follow these steps: 1. Right-click the block that you want to copy. 2. Select "Copy" in the shortcut menu. Result A copy of the block is now on the clipboard and can be pasted either into the same CPU or into another one. See also Basics of copying and pasting blocks (Page 4489) Pasting blocks (Page 4492) Pasting blocks Requirement You have copied a block. 4492 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Procedure To paste a copied block and its data into a CPU, follow these steps: 1. In the project tree, open the folder structure for the CPU into which you want to paste the copied block. Note Please note that you can only paste the copied block into a CPU which supports the block programming language and type. 2. Right-click on the "Program blocks" folder. 3. Select "Paste" in the shortcut menu. - If you are pasting the block into the same CPU as the original block, "_<consecutive number>" will be appended to the name of the copy. - If you are pasting the block into a different CPU where a block of the same name already exists, the "Paste" dialog box opens. Select the required option and confirm with "OK". See also Basics of copying and pasting blocks (Page 4489) Copying blocks (Page 4492) 11.6.1.7 Entering a block title The block title is the title of the block. It is not the same thing as the block name, which was assigned when the block was created. The length of the block title is restricted to one row. You can enter the block title for open and closed blocks. Requirement A code block is available. Enter block title for open block To insert the block title in an open block, follow these steps: 1. Click on the title bar of the block in the program editor. 2. Enter the block title. Enter block title for closed blocks To insert the block title in a closed block, follow these steps: 1. Right-click the block in the project tree. 2. Select the "Properties" command in the shortcut menu. The dialog with the properties of the block opens. WinCC Advanced V14 System Manual, 10/2016 4493 Programming the PLC 11.6 Creating and managing blocks 3. Select the entry "Information" in the area navigation. 4. Enter the block title in the "Title" input field. 5. Confirm your entry with "OK". See also Creating organization blocks (Page 4484) Creating functions and function blocks (Page 4485) Entering a block comment (Page 4494) 11.6.1.8 Entering a block comment You can use the block comment to document the entire code block. For example, you can indicate the purpose of the block or draw attention to special characteristics. You can enter the block comment for open and closed blocks. Note The block comment should not exceed 32,767 Unicode characters. Requirement A code block is available. Enter block comment for open blocks To insert a block comment in an open block, proceed as follows: 1. Click the small arrow in front of the block title. The right arrow becomes a down arrow, and the comment area is displayed. 2. Click "Comment" in the comment area. The "Comment" text passage is selected. 3. Enter the block comment. Enter block comments for closed blocks To insert the block comment in a closed block, follow these steps: 1. Right-click the block in the project tree. 2. Select the "Properties" command in the shortcut menu. The dialog with the properties of the block opens. 3. Select the entry "Information" in the area navigation. 4. Enter the block comment in the "Comment" input field. 5. Confirm your entry with "OK". 4494 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks See also Creating organization blocks (Page 4484) Creating functions and function blocks (Page 4485) Entering a block title (Page 4493) 11.6.2 Specifying block properties 11.6.2.1 Basics of block properties Block properties Each block has certain properties, which you can display and edit. These properties are used amongst other things to: Identify the block Display the memory requirements and the compilation status of the block Display the time stamp Display the reference information Specify the access protection See also Overview of block properties (Page 4496) Block time stamps (Page 4499) Displaying and editing block properties (Page 4502) Setting the mnemonics (Page 4468) WinCC Advanced V14 System Manual, 10/2016 4495 Programming the PLC 11.6 Creating and managing blocks 11.6.2.2 Overview of block properties Overview The properties of the blocks are block and CPU-specific. Not all properties are therefore available for all blocks or in all CPU families. The following table gives an overview of block properties: Group Property Description General Name Unique block name within the station Constant name Name of the constant pasted for the OB in the PLC tag table Type Block type (cannot be changed) Number Block number Event class Event class of an OB (cannot be changed) Language Programming language of the block Language in networks Language used to program conditions in GRAPH blocks. Version Version of the GRAPH block Process image partition number Display of the process image partitions that are assigned to the organization block (cannot be changed) ARRAY data type Data type of an ARRAY data block (cannot be changed) ARRAY limit High limit of an ARRAY data block The "Move operations" section of the "Instructions" task card of fers options for addressing of ARRAY data blocks. Information Time stamp Compilation Title Block title Comment Block comment Version Version number of the block Family Block family name Author Name of the author, company name, department name, or other names User-defined ID ID created by the user Block Times of creation and time of change of the block (cannot be changed) Interface Time of creation of the block interface (cannot be changed) Code Code modification time (non-editable) Data Data modification time (non-editable) Load-relevant Time of the last load-relevant modification (cannot be changed) Status Details of the last compilation run (cannot be changed) Lengths Details of the block lengths (cannot be changed) Simulation Indicates whether the block can be simulated with SIMATIC S7PLCSIM Advanced for compiling. This requires the "Support sim ulation during block compilation" option to be selected in the project properties. See also: Displaying properties of the project Library compliance 4496 Indicates whether the block in the library can be used with knowhow protection. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Group Property Description Protection Protection Setting up know-how protection and copy protection for the block See also: Protecting blocks WinCC Advanced V14 System Manual, 10/2016 4497 Programming the PLC 11.6 Creating and managing blocks Group Property Description Attributes Optimized block access The tag declaration for blocks with optimized access contains only the symbolic names of the data elements. The system auto matically optimizes and manages the addresses. The CPU per formance increases and access errors, for example, from SIMAT IC HMI, are prevented. See also: AUTOHOTSPOT IEC check The compatibility of the operands in comparison operations and arithmetic operations are tested according to IEC 61131. You have to explicitly convert non-compatible operands. See also: Overview of data type conversion (Page 2332) Local error handling within block Troubleshooting inside the block with the GET_ERROR or GET_ERR_ID instruction (cannot be changed). See also: AUTOHOTSPOT Create extended status informa tion Allows you to monitor all tags in an SCL block. This option does, however, increase the program memory space required and the execution times. Check ARRAY limits Checks whether array indexes are within the range declared for an ARRAY during the runtime of an SCL block. The block enable output ENO is set to "0" if an array index is outside of the permitted range. Set ENO automatically Checks whether errors occur in the processing of certain instruc tions during the runtime of an SCL block. The block enable output ENO is set to "0" if a runtime error occurs. Create minimized DB Creates instance data blocks for GRAPH blocks of the S7-300 and S7-400 in minimized format. This option reduces the GRAPH FB memory space required, however you will only receive limited program status information. Skip steps If the transitions before and after a step become valid simultane ously in a GRAPH block, the step will not be activated and will be skipped. Acknowledge supervision alarms Any supervision error which occurs during the operation of a GRAPH block must be acknowledged before the program can continue. Permanent processing of all inter Permanently monitors all interlock conditions in a GRAPH block locks in manual operation in manual mode. 4498 Lock operating mode selection Prevents a GRAPH block operating mode being selected. Data block write-protected in the device Indicates whether the data block is read-only in the target system, and cannot be overwritten while the program is running (for data blocks only) Only store in load memory On activation the data block is stored only in the load memory, occupies no space in the work memory, and is not linked into the program. The "Move operations" section of the "Instructions" task card offers options for transferring data blocks to the work mem ory (for data blocks only). Start information Here you specify the structure of the start information of the OB for S7-1500 CPUs: either like for S7-300 and S7-400 CPUs or optimized start information. Priority Shows the priority set for organization blocks. The CPU family used and the type of the organization block determine whether you can change the priority. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Group Property Description Parameter input via registers Enables parameter input by means of registers in an STL block of S7-1500. This feature allows you to use the "Conditional call of blocks" (CC) and "Unconditional call of blocks" (UC) instruc tions in the block. Enable readback Enables you to mark individual parameters of the block for read back. The "Tag readback" function is relevant if the block is used in a CFC chart. Block representation Specifies how the block is represented in a CFC chart. Time-of-day interrupt Time-of-day interrupt Parameters of the time-of-day interrupt OB: active (yes or no), execution, start date and time, local time or system time Cyclic interrupt Cyclic interrupt Cycle time and phase shift of the cyclic interrupt OB Triggers Triggers Display of start events of the hardware interrupt OB Isochronous mode Isochronous mode Parameters of the isochronous mode interrupt OB: application cycles, automatic setting (yes or no), delay time. Also indicated is the PROFINET IO system or DP master system whose IO devices or DP slaves are assigned to the isochronous mode interrupt OB. Download without re initialization Reserve in volatile memory Defines the reserve in volatile memory that can be used for inter face extensions. The number of currently available bytes is displayed in parenthe ses. This information is updated with each compilation. Activate download without reiniti Enables definition of a reserve in retentive memory. alization for retentive tags Reserve in retentive memory Defines the reserve in retentive memory that can be used for interface extensions. The number of currently available bytes is displayed in parenthe ses. This information is updated with each compilation. See also Events and OBs (Page 952) Basics of block properties (Page 4495) Block time stamps (Page 4499) Displaying and editing block properties (Page 4502) General settings for the PLC programming (Page 4479) 11.6.2.3 Block time stamps Introduction Blocks receive a number of different time stamps which show you when the block was created and when it was last changed. These time stamps are also used for automatic consistency checks before compilation. WinCC Advanced V14 System Manual, 10/2016 4499 Programming the PLC 11.6 Creating and managing blocks Code block time stamps The following time stamps are generated for code blocks (OBs, FBs, FCs): Block: Created on, Modified on Interface: Modified on Code/data: Modified on Load-relevant: Modified on A time stamp conflict is displayed during compilation if the time stamp for the block calling is older than that of the interface for the block called. Time stamps for code blocks are updated as follows: Block: The time stamp for the last block modification is always the same as the time stamp either of the interface or of the code depending on which area was modified last. Interface: The interface time stamp is updated each time the interface is modified. Even if you manually undo a change to the interface, for example change the name back, that is also a change which updates the time stamp. However, if you undo the change using the "Undo" function, the time stamp will be reset to the value it had before the undone change. Code/data: The code time stamp is updated each time the block code is changed. Even if you manually undo a change to the code, for example remove an instruction, that is also a change which will update the time stamp. However, if you undo the change using the "Undo" function, the time stamp will be reset to the value it had before the undone change. Load-relevant: The time stamp for "Load-relevant" is updated each time a code block is changed. These changes can affect the code, the data or the interface. Global data block time stamps The following time stamps are generated for global data blocks: Block: Created on, Modified on Interface: Modified on Data: Modified on Load-relevant: Modified on Time stamp conflict is reported during compilation of a global data block based on a PLC data type if the time stamp of the global data block is older than the time stamp of the PLC data type used. The time stamps for global data blocks are updated as follows: Block: The time stamp for the last change to a global data block is always the same as the time stamp for the interface and the data. Interface and data: The interface time stamps and the data are updated each time the global data block is changed. Even if you manually undo a change, for example remove a tag, that is also a change which will update the time stamp. However, if you undo the change using the "Undo" function, the time stamps will be reset to the value they had before the undone change. Load-relevant: The time stamp for "Load-relevant" is updated each time a global data block is changed. These changes can affect the data or the interface. 4500 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Instance data block time stamps The following time stamps are generated for instance data blocks: Block: Created on, Modified on Interface: Modified on Data: Modified on Load-relevant: Modified on A time stamp conflict will be reported during compilation of an instance data block if the interface time stamps of the instance data block are not identical to those of the function block. The time stamps for instance data blocks are updated as follows: Block: The time stamp for the last change to an instance data block is always the same as the time stamp for the interface and the data. Interface and data: The interface time stamps and the data are updated each time the instance data block is changed. Even if you manually undo a change, for example cancel the tag retain setting, that is also a change which will update the time stamps. However, if you undo the change using the "Undo" function, the time stamps will be reset to the value they had before the undone change. Load-relevant: The time stamp for "Load-relevant" is updated each time an instance data block is changed. These changes can affect the data or the interface. PLC data type time stamps The following time stamps are generated for PLC data types: Block: Created on, Modified on Interface: Modified on Load-relevant: Modified on The time stamps for PLC data types are updated as follows: Block: The time stamp for the last change to a PLC data type is always the same as the interface time stamp. Interface: The interface time stamp is updated each time the PLC data type is changed. Even if you manually undo a change, for example delete the content of a PLC data type, that is also a change which will update the time stamp. However, if you undo the change using the "Undo" function, the time stamp will be reset to the value it had before the undone change. Load-relevant: The time stamp for "Load-relevant" is updated each time a PLC data type is changed. WinCC Advanced V14 System Manual, 10/2016 4501 Programming the PLC 11.6 Creating and managing blocks See also Basics of block properties (Page 4495) Overview of block properties (Page 4496) Displaying and editing block properties (Page 4502) 11.6.2.4 Displaying and editing block properties The properties of the blocks are block and CPU-specific. Not all properties are therefore available for all blocks or in all CPU families. Properties that can only be displayed are writeprotected. Displaying and editing properties of a closed block To display and edit the properties of a closed block, follow these steps: 1. Open the "Program blocks" folder in the project tree. 2. Right-click the block whose properties you want to display or edit. 3. Select the "Properties" command in the shortcut menu. The properties dialog box of the block opens. 4. In the area navigation, click a group whose properties you want to display or edit. 5. Change the relevant property. 6. Confirm your entries with "OK". Displaying and editing properties of an open block To display or edit the properties of an open block, follow these steps: 1. Select the "Inspector window" check box in the "View" menu. The Inspector window opens. 2. Click the "Properties" tab. The properties of the block are shown in the "Properties" tab of the Inspector window. 3. In the area navigation, click a group whose properties you want to display or edit. 4. Change the relevant property. Result The properties of the block will be changed. The changes are not saved until the project is saved. See also Basics of block properties (Page 4495) Overview of block properties (Page 4496) Block time stamps (Page 4499) 4502 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 11.6.3 Managing blocks 11.6.3.1 Opening blocks You can open both the blocks in the project (offline blocks) and also the blocks in the device (online blocks). To open an offline block, you have the following options: Open offline block directly You can open a block directly if the corresponding block folder is open in the project tree or in the overview window. Find and open offline block You can look for blocks within a project, a device or the "Program blocks" folder and then open them. Note the following special features when opening online blocks: You cannot edit online blocks. It is possible that another user can carry out a loading process on the selected CPU through joint parallel working on a CPU. Consequently, it can happen that the online block that you have open is deleted by the loading process if the block only exists in the device. In this case, the online block is closed and a message is displayed in the Inspector window. Open offline block directly To open an offline block directly, you have the following options: 1. Open the folder with the block you wish to open in the project tree or in the overview window. 2. Double-click on the block you wish to open. The block will open in the program editor. Find and open offline block To find an offline block and then open it, follow these steps: 1. Right-click on the project, a device, the "Program blocks" folder or a lower-level folder of "Program blocks" in the project tree. 2. In the shortcut menu select the "Open block/PLC data type" command or press the <F7> key. The "Open block/PLC data type" dialog box opens. 3. Enter the name, the address or the type of block you are looking for. The block list is filtered further with each letter entered. The block list is closed if there is no block that matches the input. You can show the complete block list at any time by clicking the button to the right of the text box. Keep in mind that there is no filtering in this case. If you want to filter for your inputs again, click the button once again. 4. In the block list, click the block you wish to open. The block is opened in the program editor and displayed as selection in the project tree. WinCC Advanced V14 System Manual, 10/2016 4503 Programming the PLC 11.6 Creating and managing blocks Open online block To open an online block directly, you have the following options: 1. Open the "Online access" folder in the project tree. 2. Click on the arrow symbol to the left of the interface to show all the objects that are arranged below the interface. 3. Double-click on the "Update accessible devices" command below the interface. All devices that are accessible via this interface are displayed. 4. Open the folder of the device that contains the block you want to open. 5. Open the "Program blocks" folder. All the device's blocks are displayed. 6. Double-click on the block you wish to open. The block will open in the program editor. See also Saving blocks (Page 4504) Closing blocks (Page 4505) Renaming blocks (Page 4505) Deleting blocks offline (Page 4506) Deleting blocks online (Page 4506) Opening know-how protected blocks (Page 4519) 11.6.3.2 Saving blocks Blocks are always saved together with the project. Faulty blocks can also be saved. This allows the error to be resolved at a convenient time. Procedure To save a block, follow these steps: 1. Select the "Save" or "Save as" command in the "Project" menu. See also: Saving projects See also Opening blocks (Page 4503) Closing blocks (Page 4505) Renaming blocks (Page 4505) Deleting blocks offline (Page 4506) Deleting blocks online (Page 4506) 4504 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 11.6.3.3 Closing blocks Procedure To close a block, follow these steps: 1. Click the "Close" button in the title bar of the program editor. Note Note that the block will not be saved on closing. See also Opening blocks (Page 4503) Saving blocks (Page 4504) Renaming blocks (Page 4505) Deleting blocks offline (Page 4506) Deleting blocks online (Page 4506) 11.6.3.4 Renaming blocks Requirement The "Program blocks" folder is opened in the project tree. Procedure To change the name of a block, follow these steps: 1. Right-click the block that you want to rename. 2. Select the "Rename" command in the shortcut menu. The block name in the project tree changes to an input field. 3. Input the new name for the block. 4. Confirm your entry with the Enter key. Result The name of the block is now changed at all points of use in the program. WinCC Advanced V14 System Manual, 10/2016 4505 Programming the PLC 11.6 Creating and managing blocks See also Opening blocks (Page 4503) Saving blocks (Page 4504) Closing blocks (Page 4505) Deleting blocks offline (Page 4506) Deleting blocks online (Page 4506) 11.6.3.5 Deleting blocks offline Requirement The "Program blocks" folder opens in the project tree. Procedure To delete a block that exists offline, proceed as follows: 1. In the project tree in the "Program blocks" folder, right-click on the block that you want to delete. 2. Select the "Delete" command in the shortcut menu. 3. Confirm the safety prompt with "Yes". The block is deleted offline from the project. Note If you are deleting organization blocks, note that events may be assigned to these blocks. If you delete such organization block the program cannot respond to parameterized events. See also Opening blocks (Page 4503) Saving blocks (Page 4504) Closing blocks (Page 4505) Renaming blocks (Page 4505) Deleting blocks online (Page 4506) 11.6.3.6 Deleting blocks online (S7-300, S7-400) Requirement The "Program blocks" folder in the project tree is open. 4506 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Procedure To delete a block that exists online, follow these steps: 1. In the "Program blocks" folder in the project tree, right-click on the block that you wish to delete from the device. 2. Select the "Delete" command from the shortcut menu. The "Delete" dialog opens. 3. Select the "Delete from device" check box. 4. Click "Yes". The block will be deleted from the device online. See also Opening blocks (Page 4503) Saving blocks (Page 4504) Closing blocks (Page 4505) Renaming blocks (Page 4505) Deleting blocks offline (Page 4506) 11.6.3.7 Deleting CPU data blocks You may delete CPU data blocks both in offline and online mode. Deleting CPU data blocks in offline mode Proceed as follows to delete a CPU data block from the offline project: 1. Right-click the CPU data blocks that you want to delete in the project navigation, "Program blocks" folder. 2. Select the "Delete" command from the shortcut menu. 3. Confirm the safety prompt with "Yes". The CPU data block is deleted from the offline project. Deleting CPU data blocks in online mode Proceed as follows to delete a CPU data block from the online project: 1. Establish an online connection to the device containing the CPU data block that you want to delete. 2. Right-click the CPU data block that you want to delete from the device in the project navigation, "Program blocks" folder. 3. Select the "Delete" command from the shortcut menu. The "Delete" dialog opens. WinCC Advanced V14 System Manual, 10/2016 4507 Programming the PLC 11.6 Creating and managing blocks 4. Select the "Delete from device" check box. 5. Click "Yes". The CPU data block is deleted from the online device. 11.6.4 Using external source files 11.6.4.1 Basics of using external source files Function The textual programming languages STL and SCL allow you to enter the program code in any ASCII editor and save it as an external source file. This enables you to perform a range of tasks, for example: Declaring tags Specify block properties Programming blocks Note For blocks to be generated from the external source file in the TIA Portal, the source file must be saved with one of the following character encodings: ANSI UTF-8 with BOM (Byte Order Mark) UTF-16 with BOM, little and big endian format UTF-32 with BOM, little and big endian format UCS2 in little and big endian format You can import these source files to your project and use them to generate blocks. You can generate a number of different blocks from one source file. Observe the following special features when generating blocks from a source file: A block that exists under the same name in the project will be overwritten. If a block was programmed with its absolute block number instead of a symbolic name in the source file and this number is already assigned by a block in the project, the new generated block is initially assigned the next free symbolic name. 4508 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks If you have not explicitly defined the access mode for a block in the external source file, the block access mode is set depending on the CPU series used: - Blocks generated for a CPU of the S7-1200/1500 series are assigned "optimized" access mode by default. - Blocks generated for a CPU of the S7-300/400 product range are assigned "standard" access mode by default. Organization blocks are the exception in this case, as they are always assigned the "standard" access mode by default, regardless of the CPU series. You have the option of changing the block access mode manually. It is possible that not all comments from the source file will be applied in the block. If you use absolute addressing in the external source file, a symbolic tag is created for each absolute address during the generation of the block. The names of these tags are made up of "Tag_" and a time stamp. This may result in relatively long tag names, which you can change manually if required. If you are using instructions in a different version in the external source file than in the target device, this may result in compilation errors. Correct the respective instructions in this case and start the compilation process once again. You can also select a different version for the target device. CPUs of the S7-300/400 series accept organization blocks with any name during import. If you import an OB with a standard name (for example, CYCL_EXC or CYC_INT5), the correct OB class is automatically assigned. If you import an OB with an unknown name, an OB 0 is created. You can change this number after the import and hereby assign the desired OB class. To change the OB number, select "Properties" in the shortcut menu. You also have the option of saving existing blocks as external source files. See also Rules for programming external source files (Page 4509) Saving blocks as external source files (Page 4510) Inserting external source files (Page 4512) Opening and editing external source files (Page 4512) Generating blocks from external source files (Page 4513) 11.6.4.2 Rules for programming external source files An external source file basically consists of continuous text. To compile the source into blocks, certain structures and syntax rules must however be adhered to. WinCC Advanced V14 System Manual, 10/2016 4509 Programming the PLC 11.6 Creating and managing blocks Syntax rules The syntax of the instructions in external source files is very similar to that in the creation of user programs in the program editor with STL or SCL. Note, however, the following additional syntax rules: Block call When calling a block, transfer the parameters in the defined order in the ASCII editor. If you do not, the comment assignments for these lines may not match. Enter the parameters in brackets. The individual parameters are separated by a comma. Upper or lower case The program editor generally disregards upper or lower case. Jump labels are an exception to this. Character string entries are also case-sensitive ("STRING" data type). Keywords are displayed in upper case. For compilation purposes, however, case is disregarded; you can therefore specify keywords in upper or lower case or a mixture of the two. Semicolon Mark the end of every instruction and every tag declaration with a semicolon. You can enter several instructions per line. Forward slashes Begin every comment with two forward slashes (//) and end the comment with the <Enter> key. Use of String constants To avoid compilation errors when using String constants, enter the text in the language of the target project. You can explicitly use the data type WSTRING for CPUs of the S7-1200/1500 series by using the prefix "WString#": Operand := WString#'<String constant>'; See also Basics of using external source files (Page 4508) Saving blocks as external source files (Page 4510) Inserting external source files (Page 4512) Opening and editing external source files (Page 4512) Generating blocks from external source files (Page 4513) 11.6.4.3 Saving blocks as external source files You have the following options for saving STL and SCL blocks as external source files: Copying a block as text Generating external source file from blocks Copying a block as text To copy a block as text and save it to an external source file, follow these steps: 1. In the project tree, right-click on the block that you want to save in an external source file. 2. Select the "Copy as text" command in the shortcut menu. 4510 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks 3. Open an external text editor. 4. Paste the copied text from the clipboard. 5. Save the file with one of the following file name extensions: - ".scl", if you want to generate a source file for an SCL block - ".stl", if you want to generate a source file for an STL block - ".DB" if you wish to generate a source file for a data block - ".UDT", if you want to generate a source file for a PLC data type Generating external source file from blocks To generate external source files from STL or SCL blocks, follow these steps: 1. In the project tree or in the overview window, select the STL or SCL blocks from which you want to generate an external source file. 2. Select the "Generate source from blocks" command from the shortcut menu. The "Generate source from blocks" dialog opens. 3. Specify a path and a name for the external source file. 4. Click "OK". You can also generate an opened STL or SCL block as external source file. To do this, follow these steps: 1. Click on the "Generate source from block" button in the program editor. The "Generate source from blocks" dialog opens. 2. Specify a path and a name for the external source file. 3. Click "OK". Result The block has been saved as an external source file. You can include this source file in a project in the TIA Portal and use it to generate other blocks. However, please note that you can use STL source files only in S7-300/400/1500 CPUs. See also Basics of using external source files (Page 4508) Rules for programming external source files (Page 4509) Inserting external source files (Page 4512) Opening and editing external source files (Page 4512) Generating blocks from external source files (Page 4513) WinCC Advanced V14 System Manual, 10/2016 4511 Programming the PLC 11.6 Creating and managing blocks 11.6.4.4 Inserting external source files Requirement An external source file is available and complies with the syntax and structure rules. The "External source files" folder is open in the project tree. Procedure Follow these steps to insert an external source file: 1. Double-click on the "Add new external file" command. The "Open" dialog box opens. 2. Navigate to and select existing external source files. 3. Confirm your selection with "Open". If there is already an external source file with this name in the project, the "Add external file" dialog opens. In this case, continue with step 4. 4. Select whether the new external source is to be renamed and inserted or whether the existing external source to be replaced. 5. Click "OK". Result The new source file will be added to the "External source files" folder. See also Basics of using external source files (Page 4508) Rules for programming external source files (Page 4509) Saving blocks as external source files (Page 4510) Opening and editing external source files (Page 4512) Generating blocks from external source files (Page 4513) 11.6.4.5 Opening and editing external source files By linking the files with the file name extensions "stl" and "scl" to an editor you will be able to open and edit external source files with these formats directly. Use Notepad as editor because other text editors may not let you open several sources at the same time. This means you do not need to insert the external source files again after editing. 4512 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.6 Creating and managing blocks Linking files with the file name extensions "stl" and "scl" file types to an editor Proceed as follows to link files with the file name extensions "stl" and "scl" to an editor: 1. Open Windows Explorer. 2. Right-click on an STL file. 3. Select "Properties" in the shortcut menu. The "Properties" dialog box opens. 4. Click "Change" in the "File type" area on the "General" tab. The "Open with" dialog box opens. 5. Select the text editor you want to link to the "stl" file type. 6. Confirm your selection with "OK". 7. Close the "Properties" dialog with "OK". 8. Repeat steps 2 to 7 with an SCL file. Opening and editing an external source file To open an external source file, follow these steps: 1. Open the "External source files" folder in the project tree. 2. Double-click on the external source file you want to open. The external source file will open in the linked editor and can be edited. See also Basics of using external source files (Page 4508) Rules for programming external source files (Page 4509) Saving blocks as external source files (Page 4510) Inserting external source files (Page 4512) Generating blocks from external source files (Page 4513) 11.6.4.6 Generating blocks from external source files Requirement The "External source files" folder is open in the project tree. An external source file is available. The external source file was saved with a permitted character encoding. WinCC Advanced V14 System Manual, 10/2016 4513 Programming the PLC 11.7 Protecting blocks Procedure To generate blocks from an external source file, follow these steps: 1. Open the external source file from which you wish to generate blocks. 2. Select the "Generate blocks from source" command in the "Edit" menu. 3. A prompt will appear telling you any existing blocks will be overwritten. 4. Confirm the safety prompt with "Yes". Result The external source file blocks will be generated and inserted in the "Program blocks" folder in the project tree. In the event of errors, information about the errors which have occurred will be displayed in the inspector window. This information, however, relates to the external source file and not to the block generated. See also Basics of using external source files (Page 4508) Rules for programming external source files (Page 4509) Saving blocks as external source files (Page 4510) Inserting external source files (Page 4512) Opening and editing external source files (Page 4512) Specifying block properties (Page 4495) 11.7 Protecting blocks 11.7.1 Protecting blocks Introduction You can use a password to protect one or more blocks of the OB, FB, FC type and global data blocks from unauthorized access. Note the following particularities: You can not manually protect instance data blocks; they depend on the know-how protection of the assigned FB. This means that when you create an instance data block for a know-how protected FB, the instance data block also receives this know-how protection. This is independent of whether you explicitly create the instance data block or if it is created by a block call. The know-how protection acts as write protection in global blocks and in instance data blocks. 4514 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.7 Protecting blocks You cannot provide ARRAY data blocks with know-how protection. The load memory requirement can be higher for know-how-protected blocks. If a block is know-how protected, only the following data is readable without the correct password: Interface parameters Input, Output, InOut, Return, Static Block title Block comment Block properties Tags of global data blocks without specification of the location of use The following actions can be performed with a know-how protected block: Copying and deleting Calling in a program Online/offline comparison Downloading WinCC Advanced V14 System Manual, 10/2016 4515 Programming the PLC 11.7 Protecting blocks The code of the block, on the other hand, is protected from unauthorized reading and modification. For S7-1200/1500 CPUs, you can also set up copy protection which binds execution of the block to the CPU or the memory card with the defined serial number. Note Please note the following: S7-1200 version 1.0 and S7-300/400 (only GRAPH and SCL blocks): If you download a know-how-protected block to a device, no restore information is loaded along with it. This means that you cannot open a know-how-protected block again even with the correct password if you upload it from the device. Only the non-protected data is compared in offline-online comparison of know-how protected blocks. You will no longer be able to access the block if you do not have the password. If you add a know-how-protected block to a library, the master copy created will also be know-how protected. You will find information on whether or not the block can be used as protected library item in the block properties under "Compilation > Library conformance". For this purpose, the block cannot use any tags from the operand areas Output (Q), Input (I), Bit memory (M), Timer function (T) or Count function (C), and cannot access data blocks. Cross references to used tags, bit memories, inputs and outputs in know-how protected blocks are not displayed even after the correct password is entered. Automatic renumbering and manual renumbering without password of know-how-protected blocks is only possible for CPUs of the series S7-1500 and S7-1200 (V4). The know-how protection must also be set with a TIA Portal version V13 SP1 or higher. If these requirements for a know-how-protected block are not met, the loadable binary component of the block is no longer up-to-date when you change the number. In this case, the block must be recompiled before loading it to a device. For know-how-protected blocks, this is only possible with the correct password. Keep this in mind particularly if you want to copy a know-how-protected block to another device in which there is already a block with the same number. Always pass on a project that includes know-how-protected blocks as a project archive or library archive. In this way, you ensure that the know-how protection cannot be bypassed. If you wish to assign know-how protection to several blocks using multiple selection, no instance data block can be included in the selection. Otherwise, it will not be possible to set know-how protection. You cannot change the know-how protection settings for an open, know-how protected block. See also Setting up and removing block copy protection (Page 4517) Setting up block know-how protection (Page 4518) Opening know-how protected blocks (Page 4519) Printing know-how protected blocks (Page 4520) Removing block know-how protection (Page 4522) 4516 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.7 Protecting blocks Changing a password (Page 4521) Archiving global libraries (Page 475) 11.7.2 Setting up and removing block copy protection (S7-1200, S7-1500) For S7-1200 /1500 CPUs, you can set up copy protection which binds execution of the block to a specific CPU or a specific memory card. The block can then only be executed if it is in the device with the set serial number. If you want to add the serial number automatically through a download process, you must specify a copy protection password. This password is queried during a download process of the block. You can change the password without having to remove the know-how protection of the block. When you change the copy protection settings or remove the copy protection, the password is retained until the next compilation process. It is important that you also know-how-protect any block for which you have set up copy protection. If you do not, anyone can reset the copy protection. Note S7-1500 and S7-1200 V2.2 and higher: If you download a copy protected block to a device that does not match the specified serial number, the entire download operation will be rejected. This means that blocks without copy protection, too, will not be downloaded. Setting up copy protection To set up copy protection for a block, follow these steps: 1. Open the block you wish to copy-protect. 2. Open the "Properties" tab in the inspector window. 3. Select "Protection" in the area navigation in the inspector window. 4. Select either "Bind to serial number of the CPU" or "Bind to serial number of the memory card" from the drop-down list in the "Copy protection" area. 5. Enter either the serial number directly or enable the option "Serial number inserted when downloading to a device or memory card" if the serial number is to be inserted automatically when you load. Continue with step 10 if you have entered the serial number directly. If the serial number is to be added automatically during the download process, you must also execute steps 6 to 9. 6. Click "Define password". The "Define password" dialog opens. 7. Enter a password in the "New password" field. 8. Enter the same password in the "Confirm password" field. 9. Confirm your entries with "OK". The status box provides the information that a copy protection password is defined. 10.You can now set up the know-how protection for the block in the "Know-how protection" area, if the block does not already have know-how protection. WinCC Advanced V14 System Manual, 10/2016 4517 Programming the PLC 11.7 Protecting blocks Removing copy protection To remove copy protection, follow these steps: 1. Open the block for which you wish to remove copy protection. 2. Open the "Properties" tab in the inspector window. 3. Select "Protection" in the area navigation in the inspector window. 4. Select "No binding" in the drop-down list in the "Copy protection" area. See also Protecting blocks (Page 4514) Setting up block know-how protection (Page 4518) Opening know-how protected blocks (Page 4519) Printing know-how protected blocks (Page 4520) Removing block know-how protection (Page 4522) Changing a password (Page 4521) 11.7.3 Setting up block know-how protection You can set up know-how protection for blocks in the devices in your project. Procedure To set up block know-how protection, follow these steps: 1. Select the blocks with no know-how protection which you want to protect. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Click "Define". The "Define password" dialog box opens. 4. Enter a password in the "New" field. 5. Enter the same password in the "Confirm" field. 6. Confirm your entries with "OK". 7. Close the "Know-how protection" dialog by clicking on "OK". Result The blocks selected will be know-how-protected. Know-how protected blocks are marked with a lock in the project tree. The password entered is valid for all blocks selected. 4518 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.7 Protecting blocks See also Protecting blocks (Page 4514) Setting up and removing block copy protection (Page 4517) Opening know-how protected blocks (Page 4519) Printing know-how protected blocks (Page 4520) Removing block know-how protection (Page 4522) Changing a password (Page 4521) 11.7.4 Opening know-how protected blocks You can only open multiple know-how protected blocks at once if they are protected with the same password. Procedure To open a know-how protected block, follow these steps: 1. Double-click on the block you wish to open. The "Access protection" dialog will open. 2. Enter the password for the know-how protected block. 3. Confirm your entry with "OK". Result The know-how protected block will open provided you have entered the correct password. However, the block will remain know-how protected. If you copy the block or add it to a library, for example, the copies will also be know-how protected. Once you have opened the block, you can edit the program code and the block interface of the block for as long as the block or TIA Portal is open. The password must be entered again the next time the block is opened. If you close the "Access protection" dialog with "Cancel", the block will open but the block code will not be displayed and you will not be able to edit the block. See also Protecting blocks (Page 4514) Setting up and removing block copy protection (Page 4517) Setting up block know-how protection (Page 4518) Printing know-how protected blocks (Page 4520) Removing block know-how protection (Page 4522) Changing a password (Page 4521) WinCC Advanced V14 System Manual, 10/2016 4519 Programming the PLC 11.7 Protecting blocks 11.7.5 Printing know-how protected blocks You can only print complete know-how protected blocks if they have been opened with the correct password. If you print a closed block or if the block was not opened with the correct password, only the non-protected block data will be printed. Procedure To print a know-how protected block in full, follow these steps: 1. Open the know-how protected block you wish to print. See also: Opening know-how protected blocks (Page 4519) 2. Select the "Print" command in the "Project" menu. The "Print" dialog will open. 3. Select the printer in the "Name" field. 4. Click "Advanced" to modify the Windows printer settings. 5. Select the documentation information set in the "Document information" drop-down list that you want to use for the frame layout. 6. Under "Print objects/area" select whether you want to print all objects or the complete area, or only a selection. 7. Under "Properties" select the print scope. - Select "All" to print the complete block. - Choose "Visible" to print all the information within the block that is visible on the screen. - Select "Compact" to print a shortened form of the block. 8. Click "Preview" to generate a print preview in advance. A print preview is created in the work area. 9. Click "Print" to start the printout. See also Protecting blocks (Page 4514) Setting up and removing block copy protection (Page 4517) Setting up block know-how protection (Page 4518) Removing block know-how protection (Page 4522) Changing a password (Page 4521) Printing project contents (Page 399) 4520 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.7 Protecting blocks 11.7.6 Changing a password Procedure To change the password, follow these steps: 1. Select the know-how protected blocks for which you want to change the password. Note You can only change the password for several blocks at once if all blocks selected have the same password. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Click the "Change" button. 4. Enter the old password in the "Old" field. 5. Enter the new password in the "New" field. 6. Enter the new password again in the "Confirm" field. 7. Confirm your entries with "OK". 8. Close the "Know-how protection" dialog by clicking on "OK". See also Protecting blocks (Page 4514) Setting up and removing block copy protection (Page 4517) Setting up block know-how protection (Page 4518) Opening know-how protected blocks (Page 4519) Printing know-how protected blocks (Page 4520) Removing block know-how protection (Page 4522) WinCC Advanced V14 System Manual, 10/2016 4521 Programming the PLC 11.8 Declaring the block interface 11.7.7 Removing block know-how protection Procedure To remove block know-how protection, follow these steps: 1. Select the blocks for which you want to remove know-how protection. Note You can only remove know-how protection for several blocks at once if all blocks selected have the same password. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Deactivate the check box "Hide code (know-how protection)". 4. Enter the password. 5. Confirm your entries with "OK". Result Know-how protection will be disabled for the blocks selected. See also Protecting blocks (Page 4514) Setting up and removing block copy protection (Page 4517) Setting up block know-how protection (Page 4518) Opening know-how protected blocks (Page 4519) Printing know-how protected blocks (Page 4520) Changing a password (Page 4521) 11.8 Declaring the block interface 11.8.1 Overview of the block interface Introduction The interface contains the declarations of local variables and constants that are used within the block. The variables are subdivided into two groups: Block parameters that form the block interface when it is called in the program. Local data that are used for storage of intermediate results. 4522 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface You use the variable declaration to define the call interface of a block in the program and the names and data types of variables and constants that you want to use in the block. The interface of function blocks also defines the structure of the instances that are assigned to the function block. Block parameters The following table shows the types of block parameters: Type Section Function Available in Input parameters Input Parameters whose values are read by the block. Functions, function blocks and some types of organization blocks Output parameters Output Parameters whose values are written by the block. Functions and function blocks In/out parameters InOut Parameters whose values are read by the block when it is called, and whose values are written again by the block after execution. Functions and function blocks Return value Return Value that is returned to the calling block. Functions Depending on the type of block opened, additional sections may be displayed. Local data The following table shows the types of local data: Type Section Function Available in Temporary local data Temp Tags that are used to store temporary inter mediate results. Temporary local data are retained for only one cycle. If you use tem porary local data, you have to make sure that the values are written within the cycle in which you want to read them. Otherwise the values will be random. Functions, function blocks and organization blocks Note: Temporary local data is not shown in instance data blocks. Static local data Static Tags that are used for storage of static inter Function blocks mediate results in the instance data block. Static data is retained until overwritten, which may be after several cycles. The names of the blocks, which are called in this code block as multiple instance, will also be stored in the static local data. Constant Constant Constants with declared symbolic names that are used within the block. Functions, function blocks and organization blocks Note: Local constants are not shown in instance data blocks. WinCC Advanced V14 System Manual, 10/2016 4523 Programming the PLC 11.8 Declaring the block interface See also Valid data types in the block interface (Page 4526) Setting the retentivity of local tags (Page 4527) Using setpoints during commissioning (Page 4587) 11.8.2 Rules for declaring the block interface 11.8.2.1 General rules for declaring the block interface Using block parameters The following rules apply to the use of block parameters within the block: Input parameters may only be read. Output parameters may only be written. In/out parameters may be read and written. Note Maximum number of parameters per block The maximum permitted number of formal parameters is sufficient for all usual application scenarios. The exact number depends on the selected data types, declaration subsections and other factors. If the maximum number is exceeded, you receive a message during the compilation process. In this case, you can combine several parameters in a structure. Assigning default values to block parameters You can assign default values to specific parameters in the function block interface. The possibility of the assignment depends on the declaration subsection and data type of the parameter. The following table shows which parameters can be assigned a default value: Parameter type Section Assignment of a default value is possible Elementary data types Structured data types Parameter types Input parameters Input X X - Output parameters Output X X - In/out parameters InOut X - Static local data Static X X - Temporary local data Temp - - - Constants Constant X - - 4524 (1) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Exception: In blocks with optimized access, you have the option to use PLC data types as default values under certain conditions. (1) Note You can find more information on permissible characters in tag names in the Siemens Industry Online Support in the following entries: When should identifiers and operands be used in "quotation marks" in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/en/view/109477857 (https:// support.industry.siemens.com/cs/ww/en/view/109477857) See also Declaring predefined actual parameters (Page 4540) 11.8.2.2 Valid data types in the block interface (S7-300, S7-400) Valid data types in the block interface in S7-300/400 The following table shows which data types you can assign to the parameters in the individual sections of the interface. Section Standard ARRAY Data types STRUCT Parameter types VOID POINTER ANY - - - X - - - - STRING DT Organization block Temp X X Constant X X Input X X X - X X Output X X - - - - - - X X - - - - - - - X - - - - (3) Function block InOut X X Static X X Temp X X Constant X X Input X X (1) X - X X Output X X (1) - - X X InOut X X - - X X Temp X X - - - X Return X X - X X X (2) (1) (3) Function WinCC Advanced V14 System Manual, 10/2016 (1) 4525 Programming the PLC 11.8 Declaring the block interface Section Standard ARRAY Data types STRUCT Parameter types VOID POINTER ANY - - - - STRING DT Constant X X (3) (1) STRING can only be defined in the standard length of 254 characters. (2) In SCL, ANY is not permitted as a function value. (3) Constants with the ARRAY or STRUCT data type are not permitted. 11.8.2.3 Valid data types in the block interface (S7-1200, S7-1500) Valid data types in the block interface in S7-1200 The following table shows which data types you can assign in the parameters in the individual sections of the interface. Section Standard ARRAY Data types STRUCT ARRAY [*] VOID VARIANT STRING / WSTRING DT Organization block Temp X X - - X Constant X X (1) (2) - - - Input X X - - X Output X X - - - InOut X X (1) X (4) - X Static X X - - - Temp X X - - X Constant X X (1) (2) - - - Input X X (1) X (4) - X Output X X (1) X (4) - X (1) X (4) Function block Function InOut X X Temp X X - X - - X X X (3) Return Constant - X - X X (1) (2) - - - You cannot make length declarations for STRING and WSTRING in these sections. STRINGs always have the standard length 254; WSTRINGs the standard length 16832. A declaration in the format MyString[3] would not be permitted. WSTRING is only permitted in blocks with optimized access in these sections. (1) (2) Constants with the ARRAY or STRUCT data type are not permitted. (3) Function values of the WSTRING data type must not be longer than 1022 characters. (4) ARRAY[*] is available in blocks with optimized access as of firmware V4.2. 4526 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Valid data types in the block interface in S7-1500 The following table shows which data types you can assign in the parameters in the individual sections of the interface. Section Standard ARRAY Data types STRUCT AR RAY[*] Parame ter types VOID DB_ANY POINT ER ANY VAR IANT - - (4) - X - X (3) X - - - - - - - STRING / WSTRING DT Organization block Temp X X Constant X X Input X X - X - X X X X Output X X - - - X - - - InOut X X (1) X(7)(8) - (4) - X X X X Static X X - - - X - - Temp X X - - - X - X Constant X X (1) (5) - - - - - - - Input X X (1) X (7) X - X X X X Output X X (1) X (7) - (1) X (7) - (1) (5) Function block (4) (3) X Function - X X X X (4) - X X X X - - (4) - X - X (3) X (6) - - X X X x - - - - - - - InOut X X Temp X X Return X X Constant X X (1) (5) (2) - You cannot make length declarations for STRING and WSTRING in these sections. STRINGs always have the standard length 254; WSTRINGs the standard length 16832. A declaration in the format MyString[3] would not be permitted. WSTRING is only permitted in blocks with optimized access in these sections. (1) (2) In SCL, ANY is not permitted as a function value. (3) ANY can only be used in blocks with standard access in the "Temp" section. (4) The "INSTANCE" parameter type is the only exception permissible in the "TEMP" and "InOut" sections. (5) Constants with the ARRAY or STRUCT data type are not permitted. (6) Function values of the WSTRING data type must not be longer than 1022 characters. (7) ARRAY[*] is available in blocks with optimized access as of firmware V2.0. (8) ARRAY[*] is only available when the "Set in IDB" attribute is not set. 11.8.2.4 Setting the retentivity of local tags Introduction Function blocks store their data in an instance. To prevent data loss in the event of power failure, you can mark the data as retentive. This data is stored in a retentive memory area. The option of setting the retentivity depends on the set access type of the function block. WinCC Advanced V14 System Manual, 10/2016 4527 Programming the PLC 11.8 Declaring the block interface Retentive behavior in blocks with standard access In blocks with standard access you cannot set the retentive behavior of individual tags. You can only define them as retentive in the assigned instance. All tags contained in the block are then considered as retentive. Retentivity for optimized block access In data blocks with optimized access you can define the retentive behavior of individual tags. For structured data type tags, the retentivity setting always applies to the entire structure. You can make no individual retentivity setting for individual elements within the structure. You cannot create retentive tags of the structured data type in the "InOut" section. In/out parameters with structured data type, for example ARRAY, STRUCT, or STRING, are always non-retentive. The following settings are available: Retentive The values of the tags or the structure are available even after a power failure. Non-retentive The values of the tags or the structure are lost in the event of a power failure. Set in IDB The retentivity can be set in the instance data block. The setting that is made in the instance data block than applies, however, centrally to all tags that are selected with "Set in IDB". See also Properties of local tags and constants (Page 4541) 4528 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface 11.8.3 Declaring the block interface 11.8.3.1 Layout of the block interface Layout of the block interface The following figure shows the structure of the block interface. The number of columns and sections varies depending on the type of block. Meaning of the columns The following table shows the meaning of the individual columns. You can show or hide the columns as required. The number of columns displayed varies depending on the CPU series and the type of the open object. Column Explanation Symbol you can click on to drag-and-drop an element to a program for use as an operand. Name Name of the element. Data type Data type of the element. Offset Relative address of a tag within the block. The column is only visible in blocks with standard access. Note: Many instructions from the SIMATIC system libraries have the "opti mized block access" property and therefore do not occupy any fixed memory addresses. No offset is displayed for these instructions, even if you use them as multi-instance in a block with standard access. WinCC Advanced V14 System Manual, 10/2016 4529 Programming the PLC 11.8 Declaring the block interface Column Explanation Default value Value with which you can preassign specific tags in the interface of the code block, or the value of a local constant. Specification of the default value is optional for tags. If you do not specify any value the predefined value for the indicated data type is used. For example, the value "false" is predefined for BOOL. The default value of a tag is applied as the start value in the corre sponding instance data block. You can replace these values with in stance-specific start values in the instance data block. Constants always have the default value declared in the block inter face. They are not shown in instance data blocks and cannot be as signed instance-specific values there. Retain Marks a tag as retentive. The values of retentive tags are retained even after the power supply is switched off. This column is only visible in the interface of the function block with optimized access. Visible in HMI engineering Indicates whether a tag is visible by default in the HMI selection list. Accessible from HMI/OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Writable from HMI/OPC UA Indicates whether the tag from HMI/OPC UA can be written during runtime. Setpoint value Marks a tag as a setpoint value Setpoint values are the values that will probably have to be fine tuned during commissioning. The column is only available in the interface of function blocks. Supervision Indicates whether Supervision has been created for process diagnos tics for the tag. Comment Comments on documentation of the element. See also Valid data types in the block interface (Page 4526) Setting the retentivity of local tags (Page 4527) Using setpoints during commissioning (Page 4587) 11.8.3.2 Declaring local tags and constants in the block interface Requirement The block interface is open. Procedure To declare a tag or constant of the elementary data type, follow these steps: 1. Select the appropriate declaration section in the interface. 2. Enter a name for the element in the "Name" column. 4530 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface 3. Enter the required data type in the "Data type" column. You will be supported by autocompletion during input. 4. For constants, enter a value in the "Default value" column. 5. Optional: Change the properties that are displayed in the other columns of the block interface. Result The element is created. Syntax check A syntax check is performed after each entry, and any errors found are displayed in red. You do not have to correct these errors immediately - you can continue editing and make any corrections later. However, you will not be able to compile the program if the tag declaration contains syntax errors. Note If you change the interface of a block, the calls of the block in the program will possibly become inconsistent. The call locations are automatically updated, if possible. If an automatic updating is not possible, the inconsistent blocks have to be updated manually. See also: Updating block calls in LAD (Page 4656) Updating block calls in FBD (Page 4713) See also Rules for declaring the block interface (Page 4524) Basic information on start values (Page 4564) Setting the retentivity of local tags (Page 4527) Hiding parameters during the block call (Page 4539) Declaring predefined actual parameters (Page 4540) Properties of local tags and constants (Page 4541) 11.8.3.3 Declaring a local tag in the program editor Requirement The program editor is open. WinCC Advanced V14 System Manual, 10/2016 4531 Programming the PLC 11.8 Declaring the block interface Procedure To declare a local tag, follow these steps: 1. Insert an instruction in your program. The "<???>", "<??.?>" or "..." strings represent operand placeholders. 2. Replace an operand placeholder with the name of the tag to be created. 3. Select the name of the element. If you want to declare multiple elements, select the names of all the elements to be declared. 4. Select the "Define tag" command in the shortcut menu. The "Define tag" dialog box opens. It displays a declaration table in which the name of the element is already entered. 5. To declare a local tag, select one of the following sections: - Local In - Local Out - Local InOut - Local Static - Local Temp 6. In the other columns, enter data type and comments. 7. Click the "Define" button to complete your entry. Result The declaration is written directly into the block interface and is valid within the entire block. Note If you change the interface of a block, the calls of the block in the program will possibly become inconsistent. The call locations are automatically updated, if possible. If an automatic updating is not possible, the inconsistent blocks have to be updated manually. See also: Updating block calls in LAD (Page 4656) Updating block calls in FBD (Page 4713) See also Editing tables (Page 308) Basic information on start values (Page 4564) Properties of local tags and constants (Page 4541) Setting the retentivity of local tags (Page 4527) 4532 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Edit table of the block interface (Page 4545) Rules for declaring the block interface (Page 4524) 11.8.3.4 Declaring tags of the ARRAY data type Requirement The block interface is open. Procedure To declare a variable the ARRAY data type, proceed as follows: 1. Select the appropriate declaration section in the interface. 2. Enter a variable name in the "Name" column. 3. In the "Data type" column, click the button for the data type selection. A list of the permissible data types is opened. 4. Select the "Array" data type. The "Array" dialog opens. 5. In the "Data type" text box, specify the data type of the array elements. 6. In the "ARRAY limits" input field, specify the high and low limit for each dimension. Example of a one-dimensional ARRAY: Array[0..3] of Bool Example of a three-dimensional ARRAY: Array[0..3, 0..15, 0..33]of Bool Example of a one-dimensional ARRAY with variable limits: Array[*]of Bool Example of a three-dimensional ARRAY with variable limits: Array[*, *, *]of Bool Example of a one-dimensional ARRAY with local constants as ARRAY limits Array[#My_local_const1..#My_local_const2]of Bool Example of a one-dimensional ARRAY with global constants as ARRAY limits Array["My_global_const1".."My_global_const1"]of Bool 7. Confirm your entry. 8. Optional: Change the properties of the variables that are displayed in the other columns of the block interface. Note Restriction when displaying ARRAY elements Depending on the amount of work memory available on your computer, the following maximum limits apply when displaying ARRAYs: RAM < 8 GB: A maximum of 10,000 rows are displayed. RAM >= 8 GB: A maximum of 40,000 rows are displayed. WinCC Advanced V14 System Manual, 10/2016 4533 Programming the PLC 11.8 Declaring the block interface Result The variable of ARRAY data type is created. See also ARRAY (Page 2177) Rules for declaring the block interface (Page 4524) Properties of local tags and constants (Page 4541) Setting the retentivity of local tags (Page 4527) 11.8.3.5 Declaring tags of STRUCT data type Requirement The block interface is open. Procedure To declare a tag of the STRUCT data type, follow these steps: 1. Select the appropriate declaration section in the interface. 2. Enter a tag name in the "Name" column. 3. Enter "Struct" in the "Data type" column. You will be supported by autocompletion during input. An empty, indented row is inserted after the new tag. 4. Insert the first structural element in the first empty row. An additional empty row is inserted after the element. 5. Select a data type for the structure element. 6. Optional: Change the properties of the structural element that is displayed in the other columns of the block interface. 7. Repeat the step 4 to 7 for all additional structure elements. It is not necessary to end the structure explicitly. The structure ends with the last element that is entered. 8. To insert a new tag after the structure, leave a blank row after the end of the structure and then start the new tag in the second empty row. Result The tag of STRUCT data type is created. 4534 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Note S7-1500: A maximum of 252 structures in one data block A maximum of 252 structures is permitted in one data block. If you need additional structures, you must restructure your program. You can, for example, create the structures in several global data blocks. See also Using autocompletion (Page 4477) Rules for declaring the block interface (Page 4524) Properties of local tags and constants (Page 4541) Setting the retentivity of local tags (Page 4527) Editing tables (Page 308) 11.8.3.6 Declare variables of the STRING and WSTRING data types Requirement The block interface is open. Procedure To declare a variable the STRING or WSTRING data type, proceed as follows: 1. Select the appropriate declaration section in the interface. 2. Enter a variable name in the "Name" column. 3. Enter "STRING" or "WSTRING" in the "Data type" column. You will be supported by autocompletion during input. 4. Optional: Specify the maximum length of the string using square brackets after the keyword STRING or WSTRING. If you do not specify a maximum length, the string has a default length of 254 characters. Example of a WSTRING with the maximum length of 4: WSTRING[4] Example of a string whose maximum length is defined by a local constant: STRING[#My_local_const1] Example of a string whose maximum length is defined by a global constant: STRING["My_global_const1"] Result The variable of the STRING or WSTRING data type is applied. WinCC Advanced V14 System Manual, 10/2016 4535 Programming the PLC 11.8 Declaring the block interface 11.8.3.7 Declaring tags based on a PLC data type Requirement A PLC data type is declared in the current CPU. Procedure To declare a tag based on a PLC data type, follow these steps: 1. Select the appropriate declaration section in the interface: 2. Enter the PLC data type in the "Data type" column. You will be supported by Autocomplete during input. Result The tag is created. Note You define the default values of tags within a PLC data type when the PLC data type is created. You cannot change these values at the point of use of the PLC data type. If you change or delete PLC data types that are used in the block interface, the interface becomes inconsistent. To remedy this inconsistency, the interface has to be updated. See also: Updating the block interface (Page 4548) See also Editing tables (Page 308) Basics of PLC data types (UDT) (Page 4620) 11.8.3.8 Declaring higher-level tags Introduction To access data areas within a declared tag, you can overlay the declared tags with an additional declaration. This provides you with the option of addressing an already declared tag with a different data type. You can, for example, address the individual bits of a tag of WORD data type with an ARRAY of BOOL. 4536 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Overlaying tags To overlay a tag with a new data type, follow these steps: 1. Open the block interface. 2. In the interface, select the tag that you want to overlay with a new data type. 3. Click "Add row" in the toolbar. A row is inserted after the tag to be overlaid. The overlaying tag must be declared in the row directly after the tag that is to be overlaid. 4. Enter a tag name in the "Name" column. 5. Enter the "AT" entry in the "Data type" column. You will be supported by Autocomplete in this step. The following is added to the entry in the "Name" column. "AT<Name of the higher-level tag>" 6. Click the data type selection button again and select the data type for the new tag. The tag is created. It points to the same data as the higher-level tag, however interprets this data with the new data type. Removing overlay To remove the overlay of a tag, follow these steps: 1. Select the overlaid tag that you want to remove. 2. Select the "Delete" command in the shortcut menu. 3. The overlay is removed. See also Editing tables (Page 308) 11.8.3.9 Declaring multi-instances Requirement The function block to be called exists in project tree and is multi-instance capable. The block interface of the calling function block is open. Declaring a multi-instance To declare a function block to be called as a multi-instance, follow these steps: 1. In the "Name" column of the "Static" section, enter a designation for the block call. 2. In the "Data type" column, enter the symbolic name for the function block to be called. WinCC Advanced V14 System Manual, 10/2016 4537 Programming the PLC 11.8 Declaring the block interface Note The program editor will declare the multi-instance automatically if you program a block call in a network and then specify in the "Call options" dialog that you want to call the block as a multiple instance. Declaring multi-instances as ARRAY To declare an ARRAY of multi-instances, follow these steps: 1. In the "Name" column of the "Static" section, enter a designation for the ARRAY. 2. Select the "Array" data type in the "Data type" column. The "Array" dialog opens. 3. In the "Data type" input field, enter the name of the function block for which an instance should be defined. The block name must be in quotation marks. 4. In the "ARRAY limits" input field, specify the high and low limit for each dimension. Example of a one-dimensional ARRAY:[0..3] Example of a three-dimensional ARRAY:[0..3, 0..15, 0..33] 5. Confirm your entry. See also Updating the block interface (Page 4548) 11.8.3.10 Declaring parameter instances Introduction The following table shows the options for declaring and using parameter instances in the block interface: Declaration Block type Application InOut FB You can then call the instance that you transfer as actual parameter within the function block. FC Input FC You have read access to the data of the instance that you transfer as actual parameter. However, you cannot call the instance from within the block. Output FC You have write access to the data of the instance that you transfer as actual parameter. How ever, you cannot call the instance from within the block. Requirement The block interface is open. 4538 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Procedure To declare a parameter instance, follow these steps: 1. Open the required section of the block interface (see table). 2. In the "Name" column, enter a designation for the in/out parameter to which the instance is transferred. 3. In the "Data type" column, enter the name of the function block for which an instance should be defined. The block name must be in quotation marks. Note Declaring parameter instances automatically The program editor will declare the parameter instance automatically if you program a block call in a network and then specify in the "Call options" dialog that you want to call the block as a parameter instance. 11.8.3.11 Hiding parameters during the block call Introduction You can hide the block parameters when calling the block in LAD or FBD. Hidden parameters are not visible initially, but can be displayed via a small arrow at the bottom edge of the call box. Two options are available for hiding a parameter: Hide The parameter is always hidden. Hide, if no parameter is assigned The parameter is hidden as long as it has not yet been interconnected. If you assign an actual parameter, the parameter is displayed at the call box. Procedure Proceed as follows to define whether a block parameter is to be displayed or hidden during the call: 1. Open the block interface. 2. Select a parameter in the block interface. 3. Open the "Properties" tab in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 4539 Programming the PLC 11.8 Declaring the block interface 4. Select the "Attributes" group in the area navigation. 5. Select one of the following options under "Visibility at block calls in LAD / FBD": - "Show" - "Hide" - "Hide, if no parameter is assigned" Result The parameter is displayed or hidden at the block call in LAD or FBD depending on the setting. If a syntax error is found during the block call, the parameter cannot be hidden. See also Wiring hidden parameters (Page 4671) Declaring predefined actual parameters (Page 4540) 11.8.3.12 Declaring predefined actual parameters Introduction You can specify during the declaration of a block parameter which actual parameter is to be used during the block call. This can be useful if you are using program blocks as library elements and want to store information about the actual parameters to be used along with the library element. In addition you have the option in LAD and FBD to hide parameters that have a valid predefined actual parameter during the block call. Hidden parameters are not visible initially, but can be displayed via a small arrow at the bottom edge of the call box. Two options are available for hiding a predefined parameter: The parameter is always hidden. The parameter is hidden as long as the predefined actual parameter is assigned. However, when a different parameter is assigned, the parameter becomes visible. Requirement The parameter is located in the section "Input", "Output" or "InOut". Procedure Proceed as follows to predefine an actual parameter: 1. Open the block interface. 2. Select a parameter in the block interface. 3. Open the "Properties" tab in the Inspector window. 4540 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface 4. Select the "Attributes" group in the area navigation. 5. Enter the required actual parameter in the "Predefined actual parameter" input box. Optional: 6. Select the "Hide" option under "Visibility at block calls in LAD / FBD". 7. As an additional option, select "Show if parameter assigned on block call is not identical to the predefined actual parameter". This option is only available if the "Hide" option was activated beforehand. Result An actual parameter is predefined. If you save the program block as a library element, it thus also contains information about the actual parameter to be used. If the library element is used in the program, a check is made to determine whether the actual parameter you have predefined can be addressed. If so, it is automatically used as the actual parameter. If the actual parameter If the actual parameter is not found in the program, a syntax error is signaled and you have to carry out the parameter assignment manually. Parameters with an invalid assignment are not hidden. See also Hiding parameters during the block call (Page 4539) 11.8.3.13 Editing the properties of local tags and constants Properties of local tags and constants Properties The table below provides an overview of the properties of local tags and constants: Group Property Description General Name Name of the element. Data type Data type of the element. Default value Value with which you can pre-assign specific tags in the interface of the code block, or the value of a local constant. Specification of the default value is optional for tags. If you do not specify any value the predefined value for the indi cated data type is used. For example, the value "false" is predefined for BOOL. The default value of a tag is applied as the start value in the corresponding instance. You can then replace these adopted values with instance-specific start values. Comment WinCC Advanced V14 System Manual, 10/2016 Comment for the element. 4541 Programming the PLC 11.8 Declaring the block interface Group Property Description Attributes Retain Marks the tag as retentive. The values of retentive tags are retained even after the power supply is switched off. This attribute is only available in the interface of the func tion block with optimized access. Visible in HMI engi neering Shows whether the tag is visible by default in the HMI selection list. Writable from HMI/ OPC UA Indicates whether the tag from HMI/OPC UA can be writ ten during runtime. Accessible from HMI/OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Please note, however, that you cannot implement general access protection for the tag with the "Accessible from HMI/OPC UA" attribute. Read or write access from other applications is possible even if the attribute is not enabled. Visibility at block calls in LAD/FBD Show: The parameter is always visible at block calls in LAD or FBD. Hide: The parameter is always hidden at block calls in LAD or FBD. The instruction box then has a small arrow on the lower edge. You can have the parameters displayed and inter connect them by clicking this arrow. Hide if no parameter is assigned: The parameter is always hidden at block calls in LAD or FBD as long as it has not yet been interconnected. If you assign an actual parameter, the parameter is displayed at the call box. 4542 Predefined actual parameter Defines a parameter that is to be used as actual parameter during the block call. Show if the as signed actual pa rameter is not identi cal with the prede fined actual parame ter The parameter is hidden at block calls in LAD or FBD as long as the predefined actual parameter has not yet been assigned. However, when a different parameter is as signed, the parameter becomes visible. This option is only active if you have selected the "Hide" parameter and have defined a predefined actual parame ter. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Group Property Description User-defined attrib utes CFC_Configurable Configurable Indicates whether a parameter is configurable in CFC. CFC_ForTest For test Indicates whether a parameter is registered for the CFC test mode. CFC_Visible Visible Indicates whether a parameter is visible in CFC. CFC_Interconnecta Interconnectable ble Indicates whether a parameter is interconnectable in CFC. CFC_EnableTa gReadback Enable tag readback CFC_Enumeration Texts Enumeration texts Indicates whether a parameter is relevant for the "Read back chart" function in CFC. Assigns a parameter to an enumeration in CFC. CFC_EngineeringU Engineering unit nit Assigns a parameter to a unit in CFC. CFC_LowLimit Low limit Defines the low limit for the parameter in CFC. CFC_HighLimit High limit Defines the high limit for the parameter in CFC. See also Setting the retentivity of local tags (Page 4527) Changing properties of local tags and constants (Page 4543) Hiding parameters during the block call (Page 4539) Declaring predefined actual parameters (Page 4540) Changing properties of local tags and constants Editing properties of an element in the block interface To edit the properties of an element in the block interface, follow these steps: 1. Open the block interface. 2. Select the required element in the table. 3. Change the entries in the columns. Editing properties of several elements in the block interface You can also simultaneously set or reset some properties for multiple selected elements. WinCC Advanced V14 System Manual, 10/2016 4543 Programming the PLC 11.8 Declaring the block interface To change one of these properties for several elements, follow these steps: 1. Open the block interface. 2. Hold down the CTRL key. 3. In the required column, select each of the table cells whose value you want to change. 4. Select the "Set <property>" or "Reset <property>" command in the shortcut menu. Editing properties in the properties window To edit the properties of an individual tag or constant, follow these steps: 1. Select an element in the table. The properties of the element are shown in the Inspector window. 2. Change the entries in the inspector window. Renaming tags directly in the program editor To rename one or more elements, follow these steps: 1. Select one or more elements in the program. 2. Select the "Rename tag" command in the shortcut menu. The "Rename tag" dialog opens. It displays a declaration table with the selected elements. 3. Change the entries in the "Name" column. 4. Confirm the input by clicking the "Change" button. Editing the data type or comment in the program editor Proceed as follows to edit the data type or tag comment in the program editor: 1. Select the name of the tag. 2. Select the "Rewire tag" command in the shortcut menu. The "Rewire tag" dialog will open. The dialog shows a declaration table. 3. Change the entry in the "Data type" or "Comment" columns. 4. Click the "Change" button to confirm the input. Effect in the program In case of a change of the name, data type or address of a tag or constant, each location of use of the tag is automatically updated in the program. 4544 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Note If you change the interface of a block, the program may become inconsistent. The inconsistencies are automatically updated, if possible. If an automatic updating is not possible, the inconsistent calls are marked in red. You than have to manually updated the inconsistencies. See also: Updating block calls in LAD (Page 4656) Updating block calls in FBD (Page 4713) See also Overview of the block interface (Page 4522) Editing tables (Page 308) Properties of local tags and constants (Page 4541) Setting the retentivity of local tags (Page 4527) Basic information on start values (Page 4564) Updating the block interface (Page 4548) Edit table of the block interface (Page 4545) Rules for declaring the block interface (Page 4524) 11.8.3.14 Edit table of the block interface Inserting table rows Procedure Proceed as follows to insert a row above the selected row: 1. Select the row in front of which you want to insert a new row. 2. Click the "Insert row" button on the toolbar of the table. Result A new row is inserted above the selected row. WinCC Advanced V14 System Manual, 10/2016 4545 Programming the PLC 11.8 Declaring the block interface See also Editing tables (Page 308) Inserting table rows Procedure Proceed as follows to insert a row below the selected row: 1. Select the row below which you want to insert a new row. 2. Click the "Add row" button on the table toolbar. Result A new empty row will be inserted below the selected row. See also Editing tables (Page 308) Deleting tags Procedure Follow the steps below to delete elements: 1. Select the row with the element to be deleted. You can also select several rows by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last row. 2. Select the "Delete" command in the shortcut menu. See also Editing tables (Page 308) Automatically filling in successive cells You can load the contents of one or several table cells into the cells below, automatically filling in the successive cells. If you automatically fill in cells in the "Name" column, a consecutive number will be appended to each name. For example, "Motor" will become "Motor_1". You can define individual or more cells as well as entire rows as source area. If less rows exist in the open table than you want to fill, then you will first have to insert additional empty rows. 4546 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface Requirement The table is open. Sufficient declaration rows are available. Procedure To automatically fill in successive cells, follow these steps: 1. Select the cells to be loaded. 2. Click the "Fill" symbol in the bottom right corner of the cell. The mouse pointer is transformed into a crosshair. 3. Keep the mouse button pressed and drag the mouse pointer downwards over the cells that you want to fill in automatically. 4. Release the mouse button. The cells are filled in automatically. 5. If entries are already present in the cells that are to be automatically filled in, a dialog appears. In this dialog you can indicate whether you want to overwrite the existing entries or insert new rows for the new tags. See also Editing tables (Page 308) Show and hide table columns You can show or hide the columns in a table as needed. Procedure To show or hide table columns, follow these steps: 1. Click a column header. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. 5. To hide or show several columns, click "More" and activate or deactivate the check box of the corresponding columns in the "Show/Hide" dialog. WinCC Advanced V14 System Manual, 10/2016 4547 Programming the PLC 11.8 Declaring the block interface Editing tags with external editors To edit individual tags in external table editors, such as Excel, you can export or import these tags using copy and paste. Note Restriction when displaying and copying ARRAY elements Depending on the amount of work memory available on your computer, the following maximum limits apply when displaying and copying ARRAYs from the block interface in an Excel table: RAM < 8 GB: A maximum of 10,000 rows are displayed and copied. RAM >= 8 GB: A maximum of 40,000 rows are displayed and copied. Requirements The block interface and an external editor are opened. Procedure To export individual tags to an external editor and import them again, follow these steps: 1. Click the "Expanded mode" button to show all elements of structured data types. 2. Select one or more tags. 3. Select "Copy" in the shortcut menu. 4. Switch to the external editor and paste the copied tags. 5. Edit the tags as required. 6. Copy the tags in the external editor. 7. Select the tags in the external editor. 8. Switch back to the block interface. 9. Select "Paste" in the shortcut menu. 11.8.4 Updating the block interface Introduction If you change or delete PLC data types or multiple instances that are used in the block interface, the interface will become inconsistent. To remedy this inconsistency, the interface has to be updated. 4548 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.8 Declaring the block interface You have two options for updating the block interface: Explicit updating of the block interface. The used PLC data types and multiple instances will be updated. The instance data blocks that belong to the block are not implicitly updated during this process. Implicit updating during compilation. All used PLC data types and multiple instances as well as the related instance data blocks will be updated. Explicit updating of the block interface To explicitly update the block interface, follow these steps: 1. Open the block interface. 2. Select the "Update" command in the shortcut menu. Implicit Updating during Compilation Proceed as follows to implicitly update all uses of PLC data types and multiple instances as well as the instance data blocks during compilation: 1. Open the project tree. 2. Select the "Program blocks" folder. 3. Select the command "Compile > Software (rebuild all blocks)" in the shortcut menu. See also Basics of PLC data types (UDT) (Page 4620) Declaring tags based on a PLC data type (Page 4536) Editing tables (Page 308) Basic information on start values (Page 4564) Properties of local tags and constants (Page 4541) Setting the retentivity of local tags (Page 4527) Updating block calls in LAD (Page 4656) Declaring multi-instances (Page 4537) Edit table of the block interface (Page 4545) Rules for declaring the block interface (Page 4524) WinCC Advanced V14 System Manual, 10/2016 4549 Programming the PLC 11.8 Declaring the block interface 11.8.5 Extending the block interface (S7-1200, S7-1500) Description In order to enable the editing of PLC programs that have already been commissioned and that are running without error on a system, CPUs of the S7-1500 series and most CPUs of the S7-1200 V4 and higher series support the option of extending the interfaces of function blocks during runtime. You can download the modified blocks without setting the CPU to STOP and without affecting the values of already loaded tags. This is a simple means of implementing program changes. This load process (download without reinitialization) will not have a negative impact on the controlled process. Principle of operation Each function block is always assigned a default memory reserve. The memory reserve is not used initially. Activate the memory reserve if you decide on loading interface changes after having compiled and downloaded the block. All tags that you subsequently declare will be saved to the memory reserve. The subsequent download does not influence any tags that are already loaded or have a negative impact on runtime. If you decide to review your program at a later time while the plant is not in operation, you are also provided an option of reworking the memory layout of individual or several blocks in a single pass. With this action, you move all tags from the reserve area to the regular area. The memory reserve is now cleared and made available for further interface extensions. Requirements This "Download without reinitialization" function is available if the following requirements are met: The project is in the "TIA Portal V12" format or a higher version. You are working with a CPU that supports "Download without reinitialization". The blocks were created in LAD, FBD, STL, or SCL. The blocks were created by the user, i.e. they are not included with the blocks delivered in your package. These blocks are assigned the optimized access attribute. Basic steps Perform the following steps if you want to extend the interface of a function block and then load the block without re-initialization. 1. All blocks have a default memory reserve of 100 bytes. You can adapt this memory reserve to suit your requirements. 2. Activate the memory reserve. 3. Extend the block interface. 4550 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks 4. Compile the block. 5. Download the block to the CPU as usual. For more information on the various steps, refer to chapter "Loading blocks (S7-1200/1500) ". Note The full scope of the "Download without reinitialization" function is only available on CPUs of the S7-1500 and S7-1200 V4 series. However, all CPU families support the option of extending the interface of function blocks and downloading newly declared tags without repercussion: You may add new tags in the "Temp" section and download these without influencing the process. You may create new tags of a structured data type in the "InOut" section and download these without influencing the process. 11.9 Programming data blocks 11.9.1 Basic principles for programming of data blocks A data block (DB) is used to save the values that are written during execution of the program. In contrast to the code block, the data block contains only tag declarations. It contains no networks or instructions. The tag declarations define the structure of the data block. Types of data blocks There are two types of data blocks: Global data blocks The global data block is not assigned to a code block. You can access the values of a global data block from any code block. A global data block contains only static tags. The structure of the global data block can be freely defined. In the declaration table for data blocks, you declare the data elements that are to contained in the global data block. Instance data blocks The instance data block is assigned directly to a function block (FB). The structure of an instance data block cannot be freely defined, but is instead determined by the interface declaration of the function block. The instance data block contains exactly those block parameters and tags that are declared there. However, you can define instance-specific values in the instance data block, for example, start values for the declared tags. WinCC Advanced V14 System Manual, 10/2016 4551 Programming the PLC 11.9 Programming data blocks ARRAY data blocks (S7-1500) ARRAY data blocks are global data blocks that consist of an ARRAY. This ARRAY can be based on any data type. For example, an ARRAY of a PLC data type (UDT) is possible. The DB contains no other elements besides the ARRAY. Because of their flat structure, ARRAY data blocks facilitate access to the ARRAY elements and their transfer to called blocks. You use ARRAY data blocks to address ARRAYs indirectly: You can determine during runtime which ARRAY DB is read or written and how large it is. The "Move operations" section of the "Instructions" task card offers options for addressing of ARRAY DBs. Note Retentivity of ARRAY data blocks ARRAY data blocks and their components cannot be set retentively. See also: Using ARRAY data blocks (Page 2121) PLC data types as a template for global data blocks PLC data types can be used as templates for the creation of global data blocks with identical data structures. You create the structure as PLC data type only once and then generate the required data blocks by assigning the PLC data type. System data types as a template for global data blocks System data types can also be used as templates for creating global data blocks with identical data structure. System data types already have a pre-defined structure. You insert the system data type in the program only once and then generate additional data blocks with an identical structure by assigning the system data type. Access modes There are two different modes of accessing data values in data blocks: Data blocks with optimized access (only S7-1200) Data blocks with optimized access have no fixed defined structure. In the declaration, the data elements are assigned only a symbolic name and no fixed address within the block. You access the data values in these block via symbolic names. The "Optimized block access" attribute is always enabled for ARRAY data blocks. Data blocks with standard access (all CPU families) Data blocks with standard access have a fixed structure. In the declaration, the data elements are assigned both a symbolic name and a fixed address within the block. You can access the data values in these blocks via symbolic names or the address. ARRAY data blocks with standard access are not possible. 4552 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Retentivity of data values To prevent data loss in the event of power failure, you can store the data values in a retentive memory area. See also Creating data blocks (Page 4486) 11.9.2 Structure of the declaration table for data blocks Structure of the declaration table for data blocks The figure below shows the structure of the declaration table for data blocks. The display will vary depending on type of block and type of access. Display of instance-specific values In instance data blocks, you can apply the already defined values from the interface of the assigned function block or define instance-specific start values. Values that are applied from the function block cannot be edited. You can replace the grayed-out values with instancespecific values. Values that were already changed instance specific are not grayed out. Meaning of the columns The following table shows the meaning of the individual columns. You can show or hide the columns as required. The number of columns displayed varies depending on the CPU series. Column Explanation Symbol you can click to move or copy the tag. You can, for example, dragand-drop the tag into a program and use it there as operand. WinCC Advanced V14 System Manual, 10/2016 Name Name of the tags. Data type Data type of the tags. 4553 Programming the PLC 11.9 Programming data blocks Column Explanation Offset Relative address of the tags. The column is only visible in data blocks with standard access. Note: Many instructions from the SIMATIC system libraries have the "optimized block access" property and therefore do not occupy any fixed memory ad dresses. No offset is displayed for these instructions, even if you use them as multi-instance in a block with standard access. Default value Default value of the tag in the interface of a higher-level code block or in a PLC data type. The values contained in the "Default value" column can only be changed in the higher-level code block or PLC data type. The values are only displayed in the data block. Start value Value that the tag should assume at startup. The default values defined in a code block are used as start values during the creation of the data block. You can then replace these adopted values with instance-specific start values. Specification of an start value is optional. If you do not specify any value, the tag assumes the default value at startup. If a default is not defined either, the default value valid for the data type is used. For example, the value "FALSE" is specified as standard for BOOL. Monitor value Current data value in the CPU. This column only appears if an online connection is available and you click "Monitor". Snapshot Shows values that were loaded from the device. Retain Marks the tag as retentive. The values of retentive tags are retained even after the power supply is switched off. Visible in HMI engi neering Shows whether the tag is visible by default in the HMI selection list. Accessible from HMI/ OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Writable from HMI/ OPC UA Indicates whether the tag from HMI/OPC UA can be written during runtime. Setpoint value Setpoint values are the values that will probably have to be fine tuned during commissioning. After commissioning, the values of these tags can be trans ferred to the offline program as start values and stored there. Supervision Indicates whether Supervision has been created for process diagnostics for the tag. Comment Comment to document the tags. See also Editing the properties of tags in data blocks (Page 4568) Using setpoints during commissioning (Page 4587) Creating data blocks (Page 4486) Creating a data structure for global data blocks (Page 4559) Basic information on start values (Page 4564) 4554 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Defining start values (Page 4564) Setting retentivity (Page 4566) 11.9.3 Creating data blocks Requirement The "Program blocks" folder in the project tree is open. Procedure To create a data block, follow these steps: 1. Double-click the "Add new block" command. The "Add new block" dialog box opens. 2. Click the "Data block (DB)" button. 3. Select the type of the data block. You have the following options available to you: - To create a global data block, select the list entry "Global DB". - To create an ARRAY data block, select the "ARRAY DB" entry in the list. - To create an instance data block, select the function block to which you want to assign the instance data block from the list. The list contains only the function blocks that were previously created for the CPU. - To create a data block based on a PLC data type, select the PLC data type from the list. The list contains only the PLC data types that were previously created for the CPU. - To create a data block based on a system data type, select the system data type from the list. The list contains only those system data types that have already been inserted to program blocks in the CPU. 4. Enter a name for the data block. 5. Enter the properties of the new data block. 6. If you have selected an ARRAY DB as the data block type, enter the ARRAY data type and the high limit for the ARRAY. You can change the high limit for the ARRAY at any time in the property window of the created block. The ARRAY data type cannot be changed subsequently. 7. If you have selected a block that contains monitoring as the "Type", assign a ProDiag function block to the monitoring functions. 8. To enter additional properties of the new data block, click "Additional information". An area with further input fields is displayed. 9. Enter all the properties you require. 10.Activate the "Add new and open" check box if the block does not open as soon as it is created. 11.Confirm your entry with "OK". WinCC Advanced V14 System Manual, 10/2016 4555 Programming the PLC 11.9 Programming data blocks Result The new data block is created. You can find the data block in the project tree in the "Program blocks" folder. Note Retentivity of ARRAY data blocks ARRAY data blocks and their components cannot be set retentively. See also Basic principles for programming of data blocks (Page 4551) System data types (Page 2194) Using blocks from libraries (Page 4487) 11.9.4 Updating data blocks Introduction Changes in the interface of a function block or a PLC data type can lead to the corresponding data blocks becoming inconsistent. These inconsistencies are marked in red in the declaration table and at the call point of the block. To remedy these inconsistencies, the data blocks must be updated. You have three options to update block calls: Explicit updating in the declaration table for data blocks. The data block is updated. Changes from the interface of the assigned function block and changes to the used PLC data types are applied. Explicit updating in the program editor. The block calls in the open block will be updated. The associated instance data block is also adjusted in the process. Implicit updating during compilation. All block calls in the program as well as the used PLC data types and the corresponding instance data blocks are updated. Explicit Updating in the Declaration Table for Data Blocks To explicitly update an individual data block, follow these steps: 1. Open the data block. 2. Select "Update interface" in the shortcut menu. 4556 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Explicit Updating in the Program Editor To update all block calls or a specific call within a block, follow these steps: 1. Open the block in the program editor. 2. Right-click on the instruction with the block call. 3. Select the "Update" command in the shortcut menu. 4. The "Interface update" dialog opens. This dialog shows the differences between the block interface in use and the changed interface of the called block. 5. If you want to update the block call, click "OK". To cancel the update, click "Cancel". Implicit Updating during Compilation To implicitly update all block calls and uses of PLC data types as well as the instance data blocks during the compiling, follow these steps: 1. Open the project tree. 2. Select the "Program blocks" folder. 3. Select the command "Compile > Software (rebuild all blocks)" in the shortcut menu. See also Changing the properties of tags in instance data blocks (Page 4570) 11.9.5 Extending data blocks (S7-1200, S7-1500) Description In order to enable the editing of PLC programs that have already been commissioned and that are running without error on a system, CPUs of the S7-1500 series and most CPUs of the S7-1200 V4 and higher series support the option of extending global data blocks during runtime. You can download the modified blocks without setting the CPU to STOP and without affecting the values of already loaded tags. This is a simple means of implementing program changes. This load process (download without reinitialization) will not have a negative impact on the controlled process. Principle of operation Each data block is always assigned a default memory reserve. The memory reserve is not used initially. Activate the memory reserve if you decide on loading interface changes after having compiled and downloaded the block. All tags that you subsequently declare will be saved to the memory reserve. A subsequent download has no impact on the values of tags that have already been loaded. WinCC Advanced V14 System Manual, 10/2016 4557 Programming the PLC 11.9 Programming data blocks If you decide to review your program at a later time while the plant is not in operation, you are also provided an option of reworking the memory layout of individual or several blocks in a single pass. With this action, you move all tags from the reserve area to the regular area. The memory reserve is now cleared and made available for further interface extensions. Requirements This "Download without reinitialization" function is available if the following requirements are met: The project is in the "TIA Portal V12" format or a higher version. You are working with a CPU that supports "Download without reinitialization". The blocks were created in LAD, FBD, STL, or SCL. The blocks were created by the user, i.e. they are not included with the blocks delivered in your package. These blocks are assigned the optimized access attribute. Basic steps Perform the following steps if you want to extend the data block and then load the block without re-initialization. 1. All blocks have a default memory reserve of 100 bytes. You can adapt this memory reserve to suit your requirements. 2. Activate the memory reserve. 3. Extend the block interface. 4. Compile the block. 5. Download the block to the CPU as usual. Reference For more information on the various steps, refer to chapter "Loading blocks (S7-1200/1500) ". 4558 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks 11.9.6 Creating a data structure for global data blocks 11.9.6.1 Declaring tags of elementary data type Requirement A global data block is open. Note You cannot change the structure of instance data blocks and of data blocks based on a PLC data type directly, since the structures of these blocks are defined by the respective function block or the PLC data type. The type of the data block is entered in the block properties. Procedure To declare a tag of the elementary data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. In the "Data type" column, click the button for the data type selection. A list of the permissible data types is opened. 3. Select the desired data type. 4. Optional: Change the properties of the tags that are displayed in the other columns. 5. Repeat steps 1 to 4 for all tags that are to be declared. See also Displaying and editing block properties (Page 4502) Declaring tags of the ARRAY data type (Page 4560) Declaring tags of STRUCT data type (Page 4561) Editing tables (Page 308) Editing the declaration table for data blocks (Page 4573) Defining start values (Page 4564) Setting retentivity (Page 4566) Online and diagnostic functions for data blocks (Page 4576) WinCC Advanced V14 System Manual, 10/2016 4559 Programming the PLC 11.9 Programming data blocks 11.9.6.2 Declaring tags of the ARRAY data type Requirement A global data block is open. Procedure To declare a tag of the ARRAY data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the "Array" data type in the "Data type" column. You will be supported by autocompletion in this step. The "Array" dialog opens. 3. In the "Data type" text box, specify the data type of the array elements. 4. In the "ARRAY limits" text box, specify the high and low limit for each dimension. Example of a one-dimensional ARRAY: ARRAY [0..3] of Bool Example of a three-dimensional ARRAY: ARRAY[0..3, 0..15, 0..33] of Bool Example of a one-dimensional ARRAY with local constants as ARRAY limits ARRAY[#My_local_const1..#My_local_const2] of Bool Example of a one-dimensional ARRAY with global constants as ARRAY limits ARRAY["My_global_const1".."My_global_const1"] of Bool 5. Confirm your entry. 6. Optional: Change the properties of the tags that are displayed in the other columns. The tag is created but remains collapsed. To expand the ARRAY, click the triangle in front of the tag. Not that you cannot expand very large ARRAYs for reasons of clarity. Note Restriction when displaying ARRAY elements Depending on the amount of work memory available on your computer, the following maximum limits apply when displaying ARRAYs: RAM < 8 GB: A maximum of 10,000 rows are displayed. RAM >= 8 GB: A maximum of 40,000 rows are displayed. Entering start values of ARRAY elements To set default start values for the individual elements of an ARRAY, follow these steps: 1. Click the triangle in front of the ARRAY data type tags. The ARRAY opens and the individual ARRAY elements are shown in separate rows. 2. Enter the required values in the "Start value" column. 4560 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks See also Defining start values (Page 4564) Setting retentivity (Page 4566) Editing the declaration table for data blocks (Page 4573) ARRAY (Page 2177) Using autocompletion (Page 4477) 11.9.6.3 Declaring tags of STRUCT data type Requirement A global data block is open. Procedure To declare a tag of the STRUCT data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter "Struct" in the "Data type" column. You will be supported by autocompletion during input. An empty, indented row is inserted after the new tag. 3. Insert the first structural element in the first empty row. An additional empty row is inserted after the element. 4. Select a data type for the structure element. 5. Optional: Change the properties of the structural element that is displayed in the other columns of the block interface. 6. Repeat the step 4 to 7 for all additional structure elements. It is not necessary to end the structure explicitly. The structure ends with the last element that is entered. 7. To insert a new tag after the structure, leave a blank row after the end of the structure and then start the new tag in the second empty row. Result The tag of STRUCT data type is created. WinCC Advanced V14 System Manual, 10/2016 4561 Programming the PLC 11.9 Programming data blocks Enter start values of structure elements To set default start values for the individual elements of a structure, follow these steps: 1. Click the triangle in front of the STRUCT data type tags. The structure opens and the individual structure elements are shown in separate rows. Note that, for reasons of clarity, you cannot expand very large structures. 2. Enter the required values in the "Start value" column. Note S7-1500: A maximum of 252 structures in one data block A maximum of 252 structures is permitted in one data block. If you need additional structures, you must restructure your program. You can, for example, create the structures in several global data blocks. See also STRUCT (Page 2175) Defining start values (Page 4564) Setting retentivity (Page 4566) Editing the declaration table for data blocks (Page 4573) Using autocompletion (Page 4477) 11.9.6.4 Declaring tags of the STRING data type Requirement A global data block is open. Procedure To declare a tag of STRING data type, proceed as follows: 1. Select the appropriate declaration section in the interface. 2. Enter a tag name in the "Name" column. 4562 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks 3. Enter "STRING" in the "Data type" column. You will be supported by autocompletion during input. 4. Optional: Specify the maximum length of the string using square brackets after the keyword STRING. If you do not specify a maximum length, the string has a default length of 254 characters. Example of a STRING with the maximum length of 4: STRING[4] Example of a string whose maximum length is defined by a local constant: STRING[#My_local_const1] Example of a STRING whose maximum length is defined by a global constant: STRING["My_global_const1"] Result The tag of STRING data type is created. 11.9.6.5 Declaring tags based on a PLC data type Requirements A global data block is open. A PLC data type is declared in the current CPU. Procedure To declare a tag based on a PLC data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the PLC data type in the "Data type" column. You will be supported by autocompletion during input. 3. Optional: Change the properties of the tags that are displayed in the other columns of the table. Result The tag is created. See also Overview of the block interface (Page 4522) Editing the declaration table for data blocks (Page 4573) Using autocompletion (Page 4477) WinCC Advanced V14 System Manual, 10/2016 4563 Programming the PLC 11.9 Programming data blocks 11.9.7 Defining start values 11.9.7.1 Basic information on start values Definition of "Start value" The start value of a tag is a value defined by you which the tag assumes after a CPU startup. The retentive tags have a special status. Their values take the defined start value only after a "cold restart". After a "warm restart", they retain their values and are not reset to the start value. Definition of "Default value" The structure of the data blocks can be derived from higher-level elements. An instance data block is based, for example, on the interface of a higher-level code block. A global data block can be based on a predefined PLC data type. In this case you can define a default value for each tag in the higher-level element. These default values are used as start values during the creation of the data block. You can then replace these values with instance-specific start values in the data block. Specification of an start value is optional. If you do not specify any value, the tag assumes the default value at startup. If a default is not defined either, the default value valid for the data type is used. For example, the value "FALSE" is specified as standard for BOOL. See also Defining start values (Page 4565) Structure of the declaration table for data blocks (Page 4553) Declaring local tags and constants in the block interface (Page 4530) Applying values from the online program as start values (Page 4590) 4564 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks 11.9.7.2 Defining start values Defining start values To define the start values for the tags of a data block, follow these steps: 1. Open the data block. The "Default value" column shows the default values that were defined for the tags in the interface of a higher-level code block or in a PLC data type. 2. Click the "Expanded mode" button to show all elements of structured data types. 3. Enter the desired start values in the "Start value" column. The value must match the data type of the tag and should not exceed the range of the data type. The start values are defined. The tag takes the defined value at startup, provided it was not declared as retentive. Resetting a tag to the default value To reset a tag for which you have defined a start value to the default value, follow these steps: 1. Select a modified value in the table. 2. Delete the value. The default value is entered. The default value is displayed. Resetting all tags to the default value To reset to the default value all tags for which you have defined an start value, follow these steps: 1. Select the "Reset start values" icon in the toolbar. The default values are transferred to the "Start value" column. Write-protected start values are not overwritten. See also Basic information on start values (Page 4564) Applying values from the online program as start values (Page 4590) Editing the declaration table for data blocks (Page 4573) WinCC Advanced V14 System Manual, 10/2016 4565 Programming the PLC 11.9 Programming data blocks 11.9.8 Setting retentivity 11.9.8.1 Retentivity of tags in data blocks Retentive behavior To prevent data loss in the event of power failure, you can mark the data as retentive. This data is stored in a retentive memory area. The options for setting the retentivity depend on the type of data block and the type of block access that is set. See also Setting retentivity in an instance data block (Page 4566) Setting retentivity in a global data block (Page 4567) 11.9.8.2 Setting retentivity in an instance data block Introduction In an instance data block, the editability of the retentive behavior depends on the type of access of the higher-level function block: Function block with standard access You can define the instance data both as retentive or non-retentive. Individual retentivity settings are not possible for individual tags. Function block with optimized access In the instance data block, you can define the retentivity settings of the tags that are selected in the block interface with "Set in IDB". With these tags also, you cannot individually set the retentive behavior for each tag. The retentivity setting has an impact on all tags that are selected in the block interface with "Set in IDB". Setting Retentivity for Standard Access To centrally set the retentivity of all tags in the data block with standard access, follow these steps: 1. Open the instance data block. 2. Select the check box in the "Retain" column of a tag. All tags are defined as retentive. 3. To reset the retentivity setting for all tags, clear the check box in the "Retain" column of a tag. All tags will be defined as non-retentive. 4566 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Setting Retentivity for Optimized Access To set the retentive behavior of the tags that are selected with "Set in IDB" in data blocks with optimized access, follow these steps: 1. Open the instance data block. 2. Select the check box in the "Retain" column of a tag. All tags selected with "Set in IDB" in the data block interface are defined as retentive. 3. To reset the retentivity setting for the tags, clear the check box in the "Retain" column of a tag. All tags selected with "Set in IDB" in the data block interface will be defined as non-retentive. See also Retentivity of tags in data blocks (Page 4566) Editing the declaration table for data blocks (Page 4573) 11.9.8.3 Setting retentivity in a global data block Introduction In a global data block, the editability of the retentive behavior depends on the type of access: Global data block with standard access You can define the data both as retentive or non-retentive. Individual retentivity settings are not possible for individual tags. Global data block with optimized access You can individually define the retentivity settings of the tags. For tags with structured data types, retentivity settings are transferred for all tag elements. Note Retentivity of ARRAY data blocks ARRAY data blocks and their components cannot be set retentively. Setting Retentivity for Standard Access To centrally set the retentivity of all tags in the data block with standard access, follow these steps: 1. Open the global data block. 2. Select the check box in the "Retain" column of a tag. All tags are defined as retentive. 3. To reset the retentivity setting for all tags, clear the check box in the "Retain" column of a tag. All tags are defined as non-retentive. WinCC Advanced V14 System Manual, 10/2016 4567 Programming the PLC 11.9 Programming data blocks Setting Retentivity for Optimized Access To individually set the retentivity of all tags in data blocks with optimized access, follow these steps: 1. Open the global data block. 2. In the "Retain" column, select the check box for the tags for which you want to set a retentive behavior. The selected tag is defined as retentive. 3. To reset the retentivity setting for the tags, clear the check box in the "Retain" column of a tag. All selected tags are defined as non-retentive. See also Retentivity of tags in data blocks (Page 4566) Editing the declaration table for data blocks (Page 4573) 11.9.9 Editing the properties of tags in data blocks 11.9.9.1 Properties of the tags in data blocks Properties The following table provides an overview of the properties of tags in data blocks: Group Property Description General Name Name of the tags. Data type Data type of the tags. Default value Default value of the tag in the interface of a higher-level code block or in a PLC data type. The values contained in the "Default value" column can only be changed in the higher-level code block or PLC data type. The values are only displayed in the data block. Start value Value that the tag should assume at CPU startup. The default values defined in a code block are used as start values during the creation of the data block. You can then replace these adopted values with instance-specific start values. Specification of an start value is optional. If you do not specify any value, the tag assumes the default value at startup. If a default is not defined either, the default value valid for the data type is used. For example, the value "FALSE" is specified as standard for BOOL. Comment 4568 Comment on the tag. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Group Property Description Attributes Retain Marks the tag as retentive. The values of retentive tags are retained even after the power supply is switched off. This attribute is only available in the interface of the func tion block with optimized access. Visible in HMI engineer Shows whether the tag is visible by default in the HMI ing selection list. Writable from HMI/OPC UA Indicates whether the tag from HMI/OPC UA can be writ ten during runtime. Accessible from HMI/ OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Please note, however, that you cannot implement general access protection for the tag with the "Accessible from HMI/OPC UA" attribute. Read or write access from other applications is possible even if the attribute is not enabled. Visibility at block calls in LAD/FBD Show: The parameter is always visible at block calls in LAD or FBD. Hide: The parameter is always hidden at block calls in LAD or FBD. The instruction box then has a small arrow on the lower edge. You can have the parameters displayed and interconnect them by clicking this arrow. Hide if no parameter is assigned: The parameter is always hidden at block calls in LAD or FBD as long as it has not yet been interconnected. If you assign an actual parameter, the parameter is displayed at the call box. Predefined actual pa rameter Defines a parameter that is to be used as actual parameter during the block call. Show if the assigned ac tual parameter is not identical with the prede fined actual parameter The parameter is hidden at block calls in LAD or FBD as long as the predefined actual parameter has not yet been assigned. However, when a different parameter is as signed, the parameter becomes visible. This option is only active if you have selected the "Hide" parameter and have defined a predefined actual parame ter. WinCC Advanced V14 System Manual, 10/2016 4569 Programming the PLC 11.9 Programming data blocks Group Property User-defined at CFC_Visible tributes CFC_Configurable Description Visible Indicates whether a parameter is visible in CFC. Configurable Indicates whether a parameter is configurable in CFC. CFC_ForTest For test Indicates whether a parameter is registered for the CFC test mode. CFC_Interconnectable Interconnectable Indicates whether a parameter is interconnectable in CFC. CFC_EnableTagRead back Enable tag readback CFC_Enumeration Texts Enumeration texts CFC_EngineeringUnit Engineering unit Indicates whether a parameter is relevant for the "Read back chart" function in CFC. Assigns a parameter to an enumeration in CFC. Assigns a parameter to a unit in CFC. CFC_LowLimit Low limit Defines the low limit for the parameter in CFC. CFC_HighLimit High limit. Defines the high limit for the parameter in CFC. See also Changing the properties of tags in instance data blocks (Page 4570) Changing the properties of tags in global data blocks (Page 4572) Setting retentivity (Page 4566) Defining start values (Page 4564) 11.9.9.2 Changing the properties of tags in instance data blocks Instance-specific tag properties Two options are available for defining the tag properties: The tag properties are applied from the interface of the assigned function block. Properties that are applied from the function block are displayed grayed out out in the columns of the declaration table. The "Name" and "Data type" properties are always applied. You define instance-specific properties. You can change some properties instance specific. Changeable values are, for example, "Comment" or "Visible in HMI". Properties that were changed instance specific are not grayed out in the columns of the declaration table. The instance-specific changes are retained, even if the interface of the higher-level function block is changed and the instance data blocks are subsequently updated. 4570 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Editing properties of an element in the declaration table To edit the properties of an element, follow these steps: 1. Open the instance data block. 2. Select the required element in the table. 3. Change the entries in the columns. Editing properties of several elements in the declaration table You can also simultaneously set or reset some properties for multiple selected elements. To change one of these properties for several elements, follow these steps: 1. Open the data block. 2. Hold down the CTRL key. 3. In the required column, select each of the table cells whose value you want to change. 4. Select the "Set <property>" or "Reset <property>" command in the shortcut menu. Editing properties in the properties window To edit the properties of an individual tag, follow these steps: 1. Select a tag in the table. 2. Select the "Properties" command in the shortcut menu. The properties window opens. It shows the properties of the tag in the "General" and "Attributes" areas. 3. Select the required area in the area navigation. 4. Change the entries in the text boxes. Reset individual properties to the default value. To reset individual tag properties to the value that was defined as default in the function block, follow these steps: 1. Select an instance-specific, modified value in the table. 2. Delete the value. The instance-specific value will be deleted and the default value from the interface of the function block entered. The default value is displayed grayed out. See also Updating data blocks (Page 4556) Properties of the tags in data blocks (Page 4568) Editing the declaration table for data blocks (Page 4573) WinCC Advanced V14 System Manual, 10/2016 4571 Programming the PLC 11.9 Programming data blocks 11.9.9.3 Changing the properties of tags in global data blocks Introduction Two options are available for defining the tag properties: The tag properties are applied from the PLC data type. Properties that are applied from the PLC data type are shown grayed out in the columns of the declaration table. The "Name" and "Data type" properties are always applied. You define specific properties. You can change some properties in the global data block. Changeable values are, for example, "Comment" or "Visible in HMI". Properties that were changed are not grayed out in the columns of the declaration table. The changes are retained, even if the PLC data type changes and the global data block is subsequently updated. Editing properties of an element in the declaration table To edit the properties of an element, follow these steps: 1. Open the global data block. 2. Select the required element in the table. 3. Change the entries in the columns. Editing properties of several elements in the declaration table You can also simultaneously set or reset some properties for multiple selected elements. To change one of these properties for several elements, follow these steps: 1. Open the data block. 2. Hold down the CTRL key. 3. In the required column, select each of the table cells whose value you want to change. 4. Select the "Set <property>" or "Reset <property>" command in the shortcut menu. Editing properties in the properties window To edit the properties of an individual tag, follow these steps: 1. Select a tag in the table. 2. Select the "Properties" command in the shortcut menu. The properties window opens. It shows the properties of the tag in the "General" and "Attributes" areas. 3. Select the required area in the area navigation. 4. Change the entries in the text boxes. 4572 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Reset individual properties to the default value. To reset individual tag properties to the value that was defined as default in the PLC data type, follow these steps: 1. Select a modified value in the table. 2. Delete the value. The default value from the PLC data type is entered. The default value is displayed grayed out. See also Properties of the tags in data blocks (Page 4568) Editing the declaration table for data blocks (Page 4573) 11.9.10 Editing the declaration table for data blocks 11.9.10.1 Inserting table rows Procedure Proceed as follows to insert a row above the selected row: 1. Select the row in front of which you want to insert a new row. 2. Click the "Insert row" button on the toolbar of the table. Result A new row is inserted above the selected row. See also Editing tables (Page 308) 11.9.10.2 Inserting table rows Procedure Proceed as follows to insert a row below the selected row: 1. Select the row below which you want to insert a new row. 2. Click the "Add row" button on the table toolbar. WinCC Advanced V14 System Manual, 10/2016 4573 Programming the PLC 11.9 Programming data blocks Result A new empty row will be inserted below the selected row. See also Editing tables (Page 308) 11.9.10.3 Deleting tags Requirements A global data block is open. Procedure To delete a tag, follow these steps: 1. Select the row with the tag to be deleted. You can also select several rows by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last row. 2. Select the "Delete" command in the shortcut menu. Note You cannot directly change the structure of instance data blocks and of global data blocks based on a PLC data type, since the structures of these blocks are defined in the higher-level object. The type of the data block is entered in the block properties. See also: Displaying and editing block properties (Page 4502) See also Editing tables (Page 308) 11.9.10.4 Automatically filling in successive cells You can load the contents of one or several table cells into the cells below, automatically filling in the successive cells. If you automatically fill in cells in the "Name" column, a consecutive number will be appended to each name. For example, "Motor" will become "Motor_1". You can define individual or more cells as well as entire rows as source area. If less rows exist in the open table than you want to fill, then you will first have to insert additional empty rows. 4574 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Requirement The table is open. Sufficient declaration rows are available. Procedure To automatically fill in successive cells, follow these steps: 1. Select the cells to be loaded. 2. Click the "Fill" symbol in the bottom right corner of the cell. The mouse pointer is transformed into a crosshair. 3. Keep the mouse button pressed and drag the mouse pointer downwards over the cells that you want to fill in automatically. 4. Release the mouse button. The cells are filled in automatically. 5. If entries are already present in the cells that are to be automatically filled in, a dialog appears. In this dialog you can indicate whether you want to overwrite the existing entries or insert new rows for the new tags. 11.9.10.5 Show and hide table columns You can show or hide the columns in a table as needed. Procedure To show or hide table columns, follow these steps: 1. Click a column header. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. 5. To hide or show several columns, click "More" and activate or deactivate the check box of the corresponding columns in the "Show/Hide" dialog. 11.9.10.6 Editing tags with external editors To edit individual tags in external table editors, such as Excel, you can export or import these tags using copy and paste. WinCC Advanced V14 System Manual, 10/2016 4575 Programming the PLC 11.9 Programming data blocks Note Restriction when displaying and copying ARRAY elements Depending on the amount of work memory available on your computer, the following maximum limits apply when displaying and copying ARRAYs from the data block editor in an Excel table: RAM < 8 GB: A maximum of 10,000 rows are displayed and copied. RAM >= 8 GB: A maximum of 40,000 rows are displayed and copied. Requirement The data block and an external editor are opened. Procedure To export and re-import individual tags by drag-and-drop operation, follow these steps: 1. Click the "Expanded mode" button to show all elements of structured data types. 2. Select one or more tags. 3. Select "Copy" in the shortcut menu. 4. Switch to the external editor and paste the copied tags. 5. Edit the tags as required. 6. Copy the tags in the external editor. 7. Switch back to the declaration table. 8. Select "Paste" in the shortcut menu. 11.9.11 Online and diagnostic functions for data blocks 11.9.11.1 Editing data blocks in online mode Introduction When you load a data block to the CPU, there are two versions of the block: An offline version in the project on your programming device An online version on the CPU Data blocks can either be located only in the load memory, only in the work memory or in both memory areas. 4576 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Start values and actual values of tags The values of the tags in the offline and online version of a data block are different because the tags in the online block can be changed by the user program during runtime. When you declare a data block, you assign a start value to the tags. The start value is the value of the tag when the data block is called for the first time. This means the tag is "initialized" with the start value. The start values of the tag are declared in the offline version of the block. When the data block is loaded to the CPU, it is transferred to the load memory with the start values. From there, the data block is loaded to the work memory of the CPU. When the block is loaded for the first time, the tags in the work memory are initialized with the declared start values. They can now be changed with the user program. The values of the tags in the work memory are referred to as "actual values". Loading changed data blocks When you make changes to a data block after initial loading, you are editing the offline version of the block. Depending on the existing conditions, subsequent loading of the data block has different effects on the actual values. Loading changes in "RUN": - If you have not made any changes to the structure of the data block, the actual values of all tags are retained. The program is processed further "bumplessly" Any changes to the start values in the offline data block are written to the load memory. They are not transferred to the CPU until the next transition from "STOP" to "RUN". - If you have changed the structure of the data block, all tags are reinitialized with their start values. Initializing the tags may have unwanted effects on the process because the process and the program may not be synchronous any longer. You can prevent this by using the memory reserve of the block. The memory reserve enables you to load data blocks in "RUN" without reinitialization. This means you can reload "bumplessly" even if you have changed the structure of the data block and have added new tags, for example. See also: AUTOHOTSPOT Loading changes in "STOP": - The start values of non-retentive tags are placed in the load memory of the CPU. The program runs with the new start values at the next transition from "STOP" to "RUN". - Retentive tags are not reinitialized. Your actual values are retained after loading in "STOP". To also reinitialize the retentive tags when loading in "STOP", select the blocks you want to load in the project tree and select the command "Compile > Software (rebuild all blocks)" in the shortcut menu. In the "Online" menu, select the command "Download and reset PLC program". The online blocks are deleted and overwritten by the new blocks. This reinitializes all tags, including the retentive tags. Editing actual values with online and diagnostic functions To manipulate actual values directly in online mode without having to reload data blocks, you can use the online and diagnostic functions of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 4577 Programming the PLC 11.9 Programming data blocks See also: Overview of the online and diagnostic functions in data blocks (Page 4578) Loading data blocks from a device You can also load data blocks from a device again. This makes sense, for example, if the original offline project is not available during servicing. Please note that the two CPU families handle the values of tags differently when loading blocks from a device: S7-1200/1500 CPUs of the S7-1200 and S7-1500 series store the start values with which a data block is loaded to the CPU in the load memory. If you load a data block from an S7-1200/1500 CPU, these start values are applied from the load memory to the offline data block again. Even if you have made value changes in the load memory during runtime by means of the "WRIT_DBL" instruction, the values originally loaded to the device are applied to the offline data block. S7-300/400 CPUs of the S7-300/400 series also store the start values with which a data block is loaded to the CPU in the load memory. However, they cannot read the values back from the load memory. If you load a data block from a device, the current monitored values are loaded from the CPU and entered in the "Start values" column in the offline data block. 11.9.11.2 Overview of the online and diagnostic functions in data blocks Overview of functions The data block editor offers different options for editing data blocks in online mode. These functions directly access the actual values of the tags in the online program. Actual values are the values which the tags have at the current time during program execution in the CPU work memory. The following table provides an overview of the online and diagnostic functions. Detailed descriptions of the individual functions can be found in the following chapters. Button - 4578 Function Description S7-300/ S7-1200/1500 400 Monitor tags on line (Page 4579) Displays the actual values which the tags currently have in the CPU. X X Modify individual actual values (Page 4580) Modifies individual tags immediately and once only to specific values in the declaration table. The CPU then uses these values as actual values in the online program. X X Create a snap shot of the actual values (Page 4582) Saves the actual values present at the current time as snapshot in the offline project. The snapshot always captures the actual values of all tags of the data block. X X Reinitialize actual values with a snapshot (Page 4584) Loads the snapshot to the CPU as actual values. The CPU then uses these values as actual values in the online program. - S7-1200 V4.1 and higher S7-1500 V1.7 and higher WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Button Function Description S7-300/ S7-1200/1500 400 Apply snapshot Copies the snapshot to the start values in the offline program. values as start val The program runs with the new start values at the next transition ues (Page 4586) from STOP to RUN. X X X X You can copy all start values or only the start values of the tags identified as "setpoint". Reinitialize actual values with start values (Page 4581) Reinitializes the actual values of tags. The start values are written directly to the CPU work memory. You can copy all actual values or only the actual values of the tags identified as "setpoint". See also Initializing setpoint values in the online program (Page 4589) Applying values from the online program as start values (Page 4590) Editing data blocks in online mode (Page 4576) Using setpoints during commissioning (Page 4587) Defining start values (Page 4564) 11.9.11.3 Monitoring tags You can monitor the actual values of the tags in the CPU directly in the declaration table. Requirement An online connection is available. The data block has been loaded to the CPU. The program execution is active (CPU in "RUN"). The data block is open. Procedure To monitor the tags, follow these steps: 1. Start monitoring by clicking the "Monitor all" button. The additional "Monitor value" column is displayed in the table. This shows the current data values. See also: Structure of the declaration table for data blocks (Page 4553) 2. End monitoring by clicking the "Monitor all" button again. WinCC Advanced V14 System Manual, 10/2016 4579 Programming the PLC 11.9 Programming data blocks See also Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.4 Modifying tags You can modify an individual tag in the data block to a specific value. The CPU then uses this value as the actual value in the online program. DANGER Danger when changing tag values Changing the tag values while the plant is operating can cause serious damage to property or injury to persons if there are functional disturbances or program errors. Make sure that no dangerous situations can arise before you modify the tags. Requirement An online connection to the CPU is available. The data block whose tags you wish to modify is identical offline and online. The data block is open. Procedure To modify an individual tag in the data block, follow these steps: 1. Start monitoring by clicking the "Monitor all" button. The additional "Monitor value" column is displayed in the table. This shows the current data values. 2. Select the tag to be modified. 3. Select "Modify operand" in the shortcut menu. The "Modify operand" dialog opens. 4. Enter the required value in the "Control word" text box. If there is a snapshot, the value is already entered as default. 5. Confirm your entries with "OK". Result The tag will have the specified value once when you execute the modify job. The job is executed immediately and is not tied to the next cycle control point. 4580 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks See also Introduction to modifying tags (Page 4943) Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.5 Loading start values as actual values You can load the start values from the offline program to the CPU as actual values. The start values are loaded directly to the CPU work memory. The tags in the online block are reinitialized, and the CPU uses the new values as actual values in the online program. No distinction is made between retentive and non-retentive values. You can copy all actual values or only the actual values of the tags identified as "setpoint". You can quickly bring the controlled process into a defined state this way. You cannot reinitialize the following types of data blocks: Data blocks that are part of a reference project Fail-safe data blocks Data blocks generated by the CPU Data blocks with the attribute "Only store in load memory" Data blocks that only exist online You can execute this function in "RUN" mode as well as "STOP" mode. DANGER Danger when changing tag values Changing the tag values while the plant is operating can cause serious damage to property or injury to persons if there are functional disturbances or program errors. If the volume of data to be transmitted is too large, the values may be transmitted in several cycles. If the program accesses tags before all values are completely transmitted, there is a risk that inconsistent value combinations may be created and processed. Copying the values of elementary data types may also take several cycles. These values are potentially invalid until they have been completely transmitted. Dangerous states may occur if the program accesses these values before they have been completely transmitted. To prevent dangerous states from occurring, please note the following: Make sure that the plant is in a safe state before you overwrite the actual values. Make sure that the program does not read or write the affected data during transmission. You may want to use the "Modify tag" function in the watch table or in the DB editor as an alternative. WinCC Advanced V14 System Manual, 10/2016 4581 Programming the PLC 11.9 Programming data blocks Requirement You are using an S7-1200 V4.1 or higher or an S7-1500 V1.7 or higher. An online connection to the CPU is available. The data blocks whose actual values you want to reinitialize are identical offline and online. Reinitializing actual values of an open block To reinitialize all actual values or only the setpoints of a block with start values, follow these steps: 1. Open the data block. 2. Click the "Load start values as actual values > All values" button. Or: 1. Open the data block. 2. Click the "Load start values as actual values > Only setpoints" button. Reinitializing actual values of multiple blocks To reinitialize all actual values of multiple blocks in one step, proceed as follows: 1. Select multiple blocks or the entire block folder in the project tree. 2. Select the "Load start values as actual values" command in the shortcut menu. Result The actual values in the online program are reinitialized with the start values. The maximum number of tags that can be initialized is dependent on the CPU. If there are too many tags, an alarm informs you about this. In this case, you can insert the tags in a watch table and initialize them using the "Modify" function in the watch table. See also Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.6 Creating a snapshot of the actual values You can save the actual values of the tags of one or more data blocks as snapshot. Actual values are the values which the tags have at the current time during program execution in the CPU work memory. A snapshot cannot be created for data blocks that are stored only in the load memory and are not integrated in the program. 4582 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks You have the following options for creating a snapshot: Create a snapshot of an open data block Create a snapshot of several selected data blocks A snapshot is also created automatically when you download a block or a program from the device. CAUTION Creating the snapshot The values in the snapshot may originate in several cycles. Requirement An online connection to the CPU is available. The data blocks for which you want to create a snapshot are identical offline and online. Procedure To create a snapshot of an open data block, follow these steps: 1. Open the data block. 2. Click "Snapshot". To create a snapshot of several selected data blocks, follow these steps: 1. Select the blocks in the project tree. You can select the blocks individually or select devices, groups or folders in the project tree which include the data blocks. 2. In the shortcut menu, select "Snapshot of the current values" or select the menu command "Online > Snapshot of the current values". Result The latest monitored values will be applied in the "Snapshot" column. An alarm is shown in the Inspector window after the operation is complete. The time stamp of the snapshot is displayed above the declaration table. Note If you subsequently change the structure of the data block, the display of the current values gets lost. The "Snapshot" column will then be empty. WinCC Advanced V14 System Manual, 10/2016 4583 Programming the PLC 11.9 Programming data blocks See also Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.7 Loading snapshots as actual values You can load the snapshots from the offline program to the CPU as actual values. The values from the snapshot are loaded directly to the CPU work memory. The tags in the online block are reinitialized, and the CPU uses the new values as actual values in the online program. You can quickly bring the controlled process into a defined state this way. You cannot reinitialize the following types of data blocks with snapshots: Data blocks that are part of a reference project Fail-safe data blocks Data blocks generated by the CPU Data blocks with the attribute "Only store in load memory" Data blocks that only exist online DANGER Danger when changing tag values Changing the tag values while the plant is operating can cause serious damage to property or injury to persons if there are functional disturbances or program errors. Make sure that the plant is in a safe state before you overwrite the actual values. Make sure that the program does not read or write the affected data during transmission. You may want to use the "Modify tag" function in the watch table or in the DB editor as an alternative. Dependencies on the CPU mode You can execute this function in "RUN" mode as well as "STOP" mode. The table below shows the reactions of the CPU in the different modes: 4584 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Action System reaction Consequences for the online program Overwrite actual values in "RUN" mode The values of all DB tags are overwritten in the current program. No distinction is made between retentive and non-reten tive values. Changing the actual values can result in inconsisten cies between the program and the actual process. If the volume of data to be transmitted is too large, the values may be transmitted in several cycles. If the program accesses tags before all values are completely transmitted, there is a risk that inconsis tent value combinations may be created and pro cessed. Copying the values of elementary data types may also take several cycles. These values are potentially invalid until they have been completely transmitted. Dangerous states may occur if the program access es these values before they have been completely transmitted. Overwrite actual values in "STOP" mode Only the actual values of the retentive Because only the retentive data from the snapshot is tags are overwritten by the snapshot. transmitted, there is a risk that inconsistent value Non-retentive tags are initialized with combinations may be created and processed. their start values during the transition from "STOP" to "RUN". The values from the snapshot are not taken into consider ation. Requirement You are using an S7-1200 V4.1 or higher or an S7-1500 V1.7 or higher. An online connection to the CPU is available. The data blocks whose actual values you want to reinitialize are identical offline and online. A snapshot of the data blocks has been created. Reinitializing actual values of an open block To reinitialize all actual values of a block with snapshots, follow these steps: 1. Open the data block. 2. Click "Load snapshots as actual values". Reinitializing actual values of multiple blocks To reinitialize the actual values of multiple blocks in one step, follow these steps: 1. Select multiple blocks or the entire block folder in the project tree. 2. Select the "Load snapshots as actual values" command in the shortcut menu. Result The actual values in the online program are reinitialized with the values from the snapshot. WinCC Advanced V14 System Manual, 10/2016 4585 Programming the PLC 11.9 Programming data blocks See also Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.8 Copying the snapshot to the start values You can copy the snapshot to the start values in the offline program. The program runs with the new start values at the next transition from "STOP" to "RUN". You can copy all start values, the start values of the retentive tags or only the start values of the tags identified as "setpoint". Note that the values from the snapshot are always copied. There is no check to determine whether all values originate from the same cycle. Write-protected start values are not overwritten. You have the following basic options for applying the values: Applying the values of an open data block You can apply all values or only the values of the tags marked as "setpoint" as start values in an open data block. Applying the values of multiple blocks in the project tree You can either apply all values, all setpoints or all retentive values as start values in the project tree. Requirement A snapshot has been created for the data block. Procedure To apply the snapshots as start values in a data block, follow these steps: 1. Open a data block. 2. In the toolbar, click "Copy snapshots to start values > All values". Or: 1. Open a data block. 2. In the toolbar, click "Copy snapshots to start values > Only setpoints". 4586 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks To apply the monitored values of multiple data blocks in the project tree, follow these steps: 1. Select the blocks in the project tree. 2. Then select one of the following commands in the shortcut menu: - "Copy snapshots to start values > All values" - "Copy snapshots to start values > Only setpoints" - "Copy snapshots to start values > Only retain values" Result The values from the "Snapshot" column are applied to the "Start value" column. The new start values are stored in the offline program. Note Applying values of individual tags You can also apply the values of individual tags from the "Snapshot" column to the "Start values" column. Use the "Copy" and "Paste" commands from the shortcut menu to copy the values and insert them in the "Start value" column. Note that only the values that are currently located in the visible area of the table are copied. See also Overview of the online and diagnostic functions in data blocks (Page 4578) 11.9.11.9 Using setpoints during commissioning Basic information on adjusting setpoints during commissioning Introduction During commissioning of a plant, data values have to be frequently adjusted in order to optimally adapt the program to the general operating conditions on site. To this end, you can use the online and diagnostic functions of the declaration table for data blocks. To use the functions, first define specific tags as "setpoints" in the program. Setpoints are the values that will probably have to be fine-tuned during commissioning. The following table provides an overview of the functions for tuning values during commissioning. Detailed descriptions of the individual functions can be found in the following chapters. In addition, there are also the general functions for monitoring and controlling the data block: Overview of the online and diagnostic functions in data blocks (Page 4578) WinCC Advanced V14 System Manual, 10/2016 4587 Programming the PLC 11.9 Programming data blocks Button Function Description Initialize setpoints in "RUN" mode (Page 4589) This function enables you to change the values of individual tags online to quickly determine the optimum tag values. Apply values from the online program as start values to the offline program (Page 4590) When you have determined the optimum tag values, you can apply these as start values in the offline program. This allows you to ensure that the program starts with the optimized values the next time it is loaded. See also Marking data as values that can be set (Page 4588) Marking data as values that can be set You can mark specific tags in the program as "Setpoints". Setpoints are the values that will probably have to be fine-tuned during commissioning. Rules You can mark tags as "setpoints" in the following block types: In function blocks (FB), but only in the "Static" section in global data blocks (DB) in PLC data types (UDT) In the case of PLC data types, however, the setting is only effective if the UDT is used in the "Static" section of a function block or data block. It is not possible to define setpoints in the following block types: In data blocks based on a PLC data type and in instance data blocks. These inherit the setting from the higher-level FB or UDT. You cannot mark tags as "setpoints" in ARRAY data blocks. You also cannot mark tags as "setpoints" at the call point of a multi-instance. You have to make the setting in the interface of the function block that is called as multiple instance. You cannot change the "setpoint" marking in know-how-protected blocks. To do so, you must first remove the know-how protection. Requirement A function block, a global data block or a PLC data type (UDT) is open. 4588 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Procedure To mark a tag as "setpoint", follow these steps: 1. Select a tag from the "Static" section. 2. Select the check box in the "Setpoint" column. - You cannot define the higher-level element of a structure or a PLC data type as "setpoint". You have to make the setting for the lower-level elements individually. - In the case of ARRAYs, you can only mark the higher-level element as "setpoint". The lower-level elements inherit the setting. - For ARRAYs of STRUCT, you can only mark the elements below the first structure as setpoints. The elements of other structures inherit the setting. Result The tags are marked as setpoints. During commissioning, these tags can be initialized online. You do not need to set the CPU to "STOP" mode; it can remain in "RUN". In addition, the current tag values can be transferred as start values to the offline program and saved there. See also Overview of the online and diagnostic functions in data blocks (Page 4578) Online and diagnostic functions for data blocks (Page 4576) Defining start values (Page 4564) Initializing setpoint values in the online program Basics on initializing setpoints You can initialize all tags marked as "setpoints" with new values in the online program. At the same time, the start values will be loaded from the offline program to the online program. The CPU remains in "RUN" mode. All tags that are marked as setpoints are initialized once at the next cycle control point. This applies both to retentive and non-retentive tags. The program execution is then continued with the new tag values. DANGER Danger when changing tag values Changing the tag values while the plant is operating can cause serious damage to property or injury to persons if there are functional disturbances or program errors. Make sure that no dangerous situations can arise before you reinitialize the setpoints. WinCC Advanced V14 System Manual, 10/2016 4589 Programming the PLC 11.9 Programming data blocks Requirement An online connection to the CPU exists. The structure of the data block is identical offline and online. One or more tags are marked as "setpoints". Procedure To initialize all setpoints of the data block, follow these steps: 1. Open a global data block or an instance data block. 2. Enter the required values in the "Start value" column. The start values must correspond to the indicated data type. 3. Click the "Load start values as actual values > Only setpoints" button. Result The setpoints in the online program are initialized with the start values from the offline program at the next cycle control point. The maximum number of tags that can be initialized is dependent on the CPU. If too many setpoints are marked, an alarm informs you about this. In this case, you can insert the tags in a watch table and initialize them using the "Modify" function in the watch table. See also Overview of the online and diagnostic functions in data blocks (Page 4578) Applying values from the online program as start values In order to apply tag values from the online program to the offline program as start values, first create a snapshot of the tag values from the online program. You can then apply them to the offline program. Note that the values from the snapshot are always copied. There is no check to determine whether all values originate from the same cycle. Write-protected start values are not overwritten. You have the following basic options for applying the values: Applying the setpoints of an open data block Applying the setpoints of multiple blocks in the project tree Requirement An online connection to the CPU is available. As least one data block has been loaded to the CPU. 4590 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.9 Programming data blocks Procedure To apply all setpoints as start values in a data block, follow these steps: 1. Open the data block. 2. Start monitoring by clicking the "Monitor all" button. The "Monitor value" column is displayed in the table. This shows the current data values. 3. In the toolbar, click "Snapshot". The actual values are applied in the "Snapshot" column. 4. In the toolbar, click "Copy snapshots to start values > Only setpoints". The values from the "Snapshot" column are applied to the "Start values" column. To apply the monitored values of multiple data blocks in the project tree, follow these steps: 1. Select the blocks in the project tree. 2. Select the "Snapshot" command in the shortcut menu. The actual values of all selected blocks are applied in the "Snapshot" column. An alarm is shown in the Inspector window after the operation is complete. 3. Next, select the command "Copy snapshot values as start values > Only setpoints" in the shortcut menu. The values from the "Snapshot" column are applied to the "Start value" column. Result The new start values are stored in the offline program. Note Applying values of individual tags You can also apply the values of individual tags that were not marked as setpoints beforehand from the "Snapshot" column to the "Start values" column. Use the "Copy" and "Paste" commands from the shortcut menu to copy the values and insert them in the "Start value" column. Note that only the values that are currently located in the visible area of the table are copied. See also Basic information on start values (Page 4564) Defining start values (Page 4565) Overview of the online and diagnostic functions in data blocks (Page 4578) Online and diagnostic functions for data blocks (Page 4576) WinCC Advanced V14 System Manual, 10/2016 4591 Programming the PLC 11.10 Declaring PLC tags 11.10 Declaring PLC tags 11.10.1 Overview of PLC tag tables Introduction PLC tag tables contain the definitions of the PLC tags and symbolic constants that are valid throughout the CPU. A PLC tag table is created automatically for each CPU used in the project. You can create additional tag tables and use these to sort and group tags and constants. In the project tree there is a "PLC tags" folder for each CPU of the project. The following tables are included: "All tags" table Standard tag table Optional: Other user-defined tag tables All tags The "All tags" table gives an overview of all PLC tags, user constants and system constants of the CPU. This table cannot be deleted or moved. Standard tag table There is one standard tag table for each CPU of the project. It cannot be deleted, renamed or moved. The default tag table contains PLC tags, user constants and system constants. You can declare all PLC tags in the default tag table, or create additional user-defined tag tables as you want. User-defined tag tables You can create multiple user-defined tag tables for each CPU to group tags according to your requirements. You can rename, gather into groups, or delete user-defined tag tables. Userdefined tag tables can contain PLC tags and user constants. See also Structure of the PLC tag tables (Page 4593) 4592 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.2 Structure of the PLC tag tables Introduction Each PLC tag table contains a tab for tags and a tab for user constants. The default tag table and the "All tags" table also have a "System constants" tab. Structure of the "PLC tags" tab In the "Tags" tab you declare the global PLC tags that you require in the program. The following figure shows the tab structure. The number of columns shown may vary. The following table shows the meaning of the individual columns. The number of columns shown may vary. You can show or hide the columns as required. Column Explanation Symbol you can click on to drag-and-drop a tag to a program for use as an operand. Name Unique name for the constants throughout the CPU. Data type Data type of the tags. Address Tag address. Retain Marks the tag as retentive. The values of retentive tags are retained even after the power supply is switched off. Visible in HMI engineering Shows whether the tag is visible by default in the operand selection of HMI. Accessible from HMI/OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Writable from HMI/OPC UA Indicates whether the tag from HMI/OPC UA can be written during runtime. Supervision Indicates whether Supervision has been created for process diag nostics for the tag. Monitor value Current data value in the CPU. This column only appears if an online connection is established and you select the "Monitor all" button. Tag table Shows which tag table includes the tag declaration. This column is only available in the "All tags" table. Comment WinCC Advanced V14 System Manual, 10/2016 Comment to document the tags. 4593 Programming the PLC 11.10 Declaring PLC tags Structure of the "User constants" and "System constants" tabs In the "User constants" you define symbolic constants that are valid throughout the CPU. The constants required by the system are shown in the "Systems constants" tab. System constants can be hardware IDs, for example, which can be used for identification of modules. The following figure shows the structure of both tabs. The number of columns shown may vary. The following table shows the meaning of the individual columns. You can show or hide the columns as required. Column Explanation Symbol you can click to move a tag into a network via a drag-anddrop operation for use as an operand. Name Unique name for the constants throughout the CPU. Data type Data type of the constants Value Value of the constants Tag table Shows which tag table includes the constant declaration. This column is only available in the "All tags" table. Comment Comments to document the tags. See also Hardware data types (Page 2196) Overview of PLC tag tables (Page 4592) Show and hide table columns (Page 4616) Editing tables (Page 308) 4594 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.3 Rules for PLC tags 11.10.3.1 Valid names of PLC tags Permissible characters The following rules apply to the use of names for PLC tags: Letters, numbers, special characters are permitted. The use of reserved keywords is not recommended. Quotation marks are not permitted as a component of the tag name. Unique tag names The names of the PLC tags must be unique throughout the CPU, even if the tags are located in different tag tables of a CPU. A name that is already used for a block, another PLC tag or a constant within the CPU, cannot be used for a new PLC tag. The uniqueness check does not differentiate between use of small and capital letters. If you enter an already assigned name another time, a sequential number is automatically appended to the second name entered. For example, if you enter the name "Motor" a second time, the second entry is changed to "Motor(1)". Unique table names The names of the PLC tag tables must also be unique throughout the CPU. A unique name is automatically suggested when user-defined PLC tag tables are being created. Note You can find more information on permissible characters in tag names in the Siemens Industry Online Support in the following entries: When should identifiers and operands be used in "quotation marks" in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/en/view/109477857 (https:// support.industry.siemens.com/cs/ww/en/view/109477857) See also Permissible addresses and data types of PLC tags (Page 4595) Entering a PLC tag declaration (Page 4601) 11.10.3.2 Permissible addresses and data types of PLC tags The addresses of PLC tags are made up of the particulars of the operand area and the address within this area. WinCC Advanced V14 System Manual, 10/2016 4595 Programming the PLC 11.10 Declaring PLC tags The addresses must be unique throughout the CPU. If you enter an address that is already assigned to another tag, the address will be highlighted at both places in yellow and an error message will be issued. Operand areas The following table shows the possible operand areas. The available data types depend on the CPU you use: Operand area Interna tional mnemon ics German mnemon ics I E Explanation Input bit Data type BOOL Format I x.y Address area: S7-1200 S7-300/400 S7-1500 0.0..1023.7 0.0..65535.7 0.0..32767.7 - - 0.0..32760.0 0..1023 0..65535 0..32767 E x.y I IB E EB Input (64-bit) Input byte LWORD, LINT, ULINT, LTIME, LTOD, LDT, LREAL, PLC data type I x.0 BYTE, CHAR, SINT, USINT, PLC data type IB x E x.0 EB y IW EW Input word WORD, INT, IW x UINT, DATE, EW y WCHAR, S5TIME, PLC data type 0..1022 0..65534 0..32766 ID ED Input double word DWORD, ID x DINT, ED y UDINT, RE AL, TIME, TOD, PLC da ta type 0..1020 0..65532 0..32764 Q A Output bit BOOL 0.0..1023.7 0.0..65535.7 0.0..32767.7 - - 0.0..32760.0 0..1023 0..65535 0..32767 Q x.y A x.y Q QB 4596 A AB Output (64bit) LWORD, LINT, ULINT, LTIME, LTOD, LDT, LREAL, PLC data type Q x.0 Output byte BYTE, CHAR, SINT, USINT, PLC data type QB x A x.0 AB y WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags Operand area Explanation Interna tional mnemon ics German mnemon ics QW AW Output word QD AD M Data type Format Address area: S7-1200 S7-300/400 S7-1500 WORD, INT, QW x UINT, DATE, AW y WCHAR, S5TIME, PLC data type 0..1022 0..65534 0..32766 Output dou ble word DWORD, QD x DINT, AD y UDINT, RE AL, TIME, TOD, PLC da ta type 0..1020 0..65532 0..32764 M Memory bit BOOL M x.y 0.0..8191.7 0.0..65535.7 0.0..16383.7 M M Bit memory (64-bit) LREAL M x.0 0.0..8184.0 - 0.0..16376.0 M M Bit memory (64-bit) LWORD, LINT, ULINT, LTIME, LTOD, LDT M x.0 - - 0.0..16376.0 MB MB Memory byte BYTE, CHAR, SINT, USINT MB x 0..8191 0..65535 0..16383 MW MW Memory word WORD, INT, UINT, DATE, WCHAR, S5TIME MW x 0..8190 0..65534 0..16382 MD MD Memory dou ble word DWORD, DINT, UDINT, RE AL, TIME, TOD MD x 0..8188 0..65532 0..16380 T T Time function (for S7-300/400 only) Timer Tn - 0..65535 0..2047 C Z Counter func tion (for S7-300/400 only) Counter Zn - 0..65535 0..2047 WinCC Advanced V14 System Manual, 10/2016 Cn 4597 Programming the PLC 11.10 Declaring PLC tags Addresses The following table shows the possible addresses of tags: Data type Address Example BOOL Tags with BOOL data type are addressed with a byte number and a bit number. The numbering of the bytes begins at 0 for each operand range. The numbering of the bits is from 0 to 7. A 1.0 BYTE, CHAR, SINT, USINT Tags with BYTE, CHAR, SINT, and USINT data type are addressed with a byte number. MB 1 WORD, INT, UINT, DATE, WCHAR, S5TIME Tags with WORD, INT, UINT, DATE, S5TIME data type consist of two bytes. They are addressed with the number of the lowest byte. IW 1 DWORD, DINT, UDINT, RE AL, TIME, TOD Tags with DWORD, DINT, UDINT, REAL, TIME, TOD data type con AD 1 sist of four bytes. They are addressed with the number of the lowest byte. LWORD, LINT, ULINT, LTIME, LTOD, LDT, LREAL Tags of data type LWORD, LINT, ULINT, LTIME, LTOD, LDT, and LREAL consist of eight bytes. They are addressed with it number 0 and the number of the lower byte. I 1.0 Mnemonics used The addresses that you enter in the PLC tag table are automatically adapted to the set mnemonics. See also Setting the mnemonics (Page 4468) Valid names of PLC tags (Page 4595) Overview of the valid data types (Page 2131) Entering a PLC tag declaration (Page 4601) 11.10.4 Creating and managing PLC tag tables 11.10.4.1 Creating a PLC tag table You can created multiple user-defined PLC tag tables in a CPU. Each tag table must have have a unique name throughout the CPU. 4598 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags Requirement The project view is open. Procedure To created a new PLC tag table, follow these steps: 1. Open the "PLC tags" folder under the CPU in the project tree. 2. Double-click the "Add new tag table" entry. A new PLC tag table with the default name "TagTable_x" is created. 3. Select the PLC tag table in the project tree. 4. Select the "Rename" command in the shortcut menu. 5. Type in a name that is unique throughout the CPU. Result A new PLC tag table is created. You can now declare tag and constants in this table. See also Overview of PLC tag tables (Page 4592) Structure of the PLC tag tables (Page 4593) Declaring PLC tags (Page 4601) Declaring global constants (Page 4607) Editing PLC tags with external editors (Page 4617) 11.10.4.2 Grouping PLC tag tables You can gather the user-defined tag tables of the CPU into groups. You cannot, however, move the standard tag table and the "All tags" table into a group. Requirement Multiple user-defined tag tables are contained in the "PLC tags" folder of the CPU. Procedure To gather multiple PLC tag tables into a group, follow these steps: 1. Select the "PLC tags" folder under the CPU in the project tree. 2. Select the "Insert > Group" menu command. A new group with the standard name "Group_x" is inserted. 3. Select the newly inserted group in the project tree. 4. Select the "Rename" command in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 4599 Programming the PLC 11.10 Declaring PLC tags 5. Assign the new group a unique name throughout the CPU. 6. Drag to the new group the tables you want to group together. Result The tag tables are gathered in the new group. See also Overview of PLC tag tables (Page 4592) Structure of the PLC tag tables (Page 4593) Declaring PLC tags (Page 4601) Declaring global constants (Page 4607) 11.10.4.3 Opening the PLC tag table Procedure To open the PLC tag table in a CPU, proceed as follows: 1. Open the "PLC tags" folder under the CPU in the project tree. 2. Double-click the PLC tag table in the folder. 3. Select the desired tab in the upper corner. Result The PLC tag table associated with the CPU opens. You can declare the required tags and constants. See also Overview of PLC tag tables (Page 4592) Structure of the PLC tag tables (Page 4593) Declaring PLC tags (Page 4601) Declaring global constants (Page 4607) 4600 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.5 Declaring PLC tags 11.10.5.1 Entering a PLC tag declaration Declaring tags in the PLC tag table Requirement The "Tags" tab of the PLC tag table is open. Procedure To define PLC tags, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the required data type in the "Data type" column. You will be supported by autocompletion during input. An address corresponding to the data type is automatically appended. 3. Optional: Click on the arrow key in the "Address" column and enter an operand identifier, an operand type, an address and a bit number in the dialog which then opens. 4. Optional: Enter a comment in the "Comments" column. 5. Repeat steps 1 to 4 for all the tags you require. See also: Permissible addresses and data types of PLC tags (Page 4595) Syntax check A syntax check is performed automatically after each entry, and any errors found are displayed in red. You do not have to correct these errors immediately - you can continue editing and make any corrections later. As long as the tag declaration contains syntax errors and the tag is used in the program, you will not be able to compile the program. See also Editing PLC tags with external editors (Page 4617) Using autocompletion (Page 4477) Valid names of PLC tags (Page 4595) Declaring PLC tags in the program editor (Page 4602) Editing PLC tag tables (Page 4614) Structure of the PLC tag tables (Page 4593) Editing tables (Page 308) WinCC Advanced V14 System Manual, 10/2016 4601 Programming the PLC 11.10 Declaring PLC tags Declaring PLC tags in the program editor Requirement The program editor is open. Procedure To declare operands as global PLC tags, follow these steps: 1. Insert an instruction in your program. The "<???>", "<??.?>" or "..." strings represent operand placeholders. 2. Replace an operand placeholder with the name of the PLC tag to be created. 3. Select the tag name. If you want to declare multiple PLC tags, select the names of all the tags to be declared. 4. Select the "Define tag" command in the shortcut menu. The "Define tag" dialog box opens. This dialog displays a declaration table in which the name of the tag is already entered. 5. Click the arrow key in the "Section" column and select one of the following entries: - Global Memory - Global Input - Global Output 6. In the other columns, enter the address, data type, and comments. See also: Permissible addresses and data types of PLC tags (Page 4595) 7. If the CPU contains multiple PLC tag tables, you can use an entry in the "PLC tag table" column to indicate in which table the tag is to be inserted. If you make no entry in the column, the new tag will be inserted in the default tag table. 8. Click the "Define" button to complete your entry. Result The tag declaration is written to the PLC tag table and is valid for all blocks in the CPU. See also Valid names of PLC tags (Page 4595) Editing tables (Page 308) Declaring tags in the PLC tag table (Page 4601) Using autocompletion (Page 4477) 4602 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.5.2 Setting the retentivity of PLC tags Retentive behavior of PLC tags Retentive PLC tags Each CPU has a memory area whose content remains available even after the supply voltage has been switched off. This area is referred to as retentive memory area. To avoid data loss during power failure, you can save specific PLC tags to this memory area. You specify the retain setting of PLC tags in the PLC tag table. Depending on the CPU family, the retentive memory area can accommodate various type of PLC tags. The following table provides an overview of the options of the various CPUs: CPU type Retentive bit memories Retentive SIMATIC timers Retentive SIMATIC counters S7-300/400 series - - S7-1200 series - - S7-1500 series See also Setting the retentive behavior of PLC tags (Page 4603) Setting the retentive behavior of PLC tags Introduction In the PLC tag table you can specify the width of the retentive memory area for PLC tags. All tags with addresses in this memory area are then designated as retentive. You can recognize the retentivity setting of a tag by the check mark set in the "Retain" column of the PLC tag table. Requirement The "PLC tags" tab of the PLC tag table is open. Procedure To define the width of the retentive memory area for PLC tags, follow these steps: 1. On the toolbar, click the "Retain" button. The "Retain memory" dialog will open. 2. Specify the width of the retentive memory area by entering the number of retentive bytes, timers or counters in the input field. 3. Click the "OK" button. WinCC Advanced V14 System Manual, 10/2016 4603 Programming the PLC 11.10 Declaring PLC tags Result The width if the retentive memory area is defined. In the "Retain" column of the tag table a check mark is automatically set for all tags that are located within the retentive memory area. See also Retentive behavior of PLC tags (Page 4603) Editing tables (Page 308) 11.10.6 Grouping PLC tags for inputs and outputs in structures 11.10.6.1 Other useful information regarding structured PLC tags Use of structured PLC tags (S7-1200 V4 and higher/S7-1500) To make your program easier to view, you can group several input or output addresses in a higher-level PLC tag. The higher-level PLC tag represents a structure that contains several logically related inputs or outputs. When the block is called, you transfer the higher-level tag and thus need only an input or output parameter for all associated inputs or outputs. Principle of operation To create a structured PLC tag, you initially define a PLC data type (UDT). In it you declare the necessary data elements and specify their names and data types. Then, you switch to the PLC tag table and specify the higher-level PLC tag there. As a data type for the tag, you select your PLC data types. The system now reserves a certain number of input or output addresses starting from the start address of the higher-level tag. The number of reserved addresses depends on the length of your PLC data type. If you call a block that requires the reserved inputs or outputs for program execution, you transfer the higher-level tag as a block parameter. You can address the individual PLC tags like structure elements in the program code. A detailed description of the individual handling steps can be found in the following chapters. Application example You can use structured PLC tags in order to group the inputs or outputs of a function module. The following figure shows the schematic representation of a motor: A component was created in the "Datatype_Motor" PLC data type for each of the three inputs. The memory areas of the declared tags must not overlap. In the example, you see that the "Speed" component has the data type "Integer" and therefore must start at a word address. For this reason, the first input word has been filled with the "Dummy" fill tag. This means that "Speed" is located on the second input word. 4604 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 0RWRU 2Q 2II 6SHHG The following figure shows the higher-level "Motor" PLC tag that is based on the "Data type_Motor" data type. With the declaration of "Motor", the addresses IW0 and IW1 are reserved on the input module. The following figure shows the transfer of the "Motor" PLC tag as an input parameter of the "Motor_Control" block. You can address the individual components of the tag in the "Motor_Control" block. Addressing Description "Motor" Addressing the higher-level PLC tag. "Motor".On Addressing a component of a structured PLC tag. "Motor".On:P Addressing an I/O input or output (PI or PQ). WinCC Advanced V14 System Manual, 10/2016 4605 Programming the PLC 11.10 Declaring PLC tags Rules for use of structured PLC tags Note the following rules when creating and using structured PLC tags. Structured PLC tags can be used in the "Inputs" and "Outputs" operand areas. Structured tags are not permitted in the bit memory address area. Structured PLC tags cannot be addressed from HMI. Observe the following rules when creating the PLC data type that is to serve as the basis for a PLC tag: The memory areas of the individual elements must not overlap. See also: Permissible addresses and data types of PLC tags (Page 4595) Do not group inputs and outputs in one PLC data type but create different PLC data types for inputs and outputs. Do not group inputs or outputs from different modules in a PLC data type because it is not guaranteed that the process images of the modules are updated synchronously. In the lower-level PLC data types, all data types are permitted except for "STRING" and "WSTRING". See also Creating structured PLC tags (Page 4606) 11.10.6.2 Creating structured PLC tags Rules Note the following rules when creating structured PLC tags: Use separate PLC data types for the "Inputs" and "Outputs" operand areas. Structured tags are not permitted in the bit memory address area. Do not group inputs or outputs from different modules in a PLC data type because it is not guaranteed that the process images of the modules are updated synchronously. Procedure To create a structured PLC tag, follow these steps: 1. Double-click the "Add new data type" command in the "PLC data types" folder in the project tree. A new declaration table for creating a PLC data type will be created and opened. 2. Declare all the necessary components in the PLC type. All data types except for "STRING" and "WSTRING" are permitted. 4606 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 3. Select the PLC data type in the project tree and select the "Compile > Software (only changes)" command from the shortcut menu. The PLC data type is compiled and can then be used in the PLC tag table. Even when you make changes to existing PLC data types, you must recompile the program. This updates all locations of use of the PLC data type. 4. Open a PLC tag table within the same CPU. 5. Declare a new tag or select an existing tag. 6. In the "Data type" column, select the PLC data type and assign it to the PLC tag. The PLC tag receives the structure of the PLC data type. A suitable address is assigned automatically. Structured PLC tags always start at word addresses. The highest structure element is displayed without its subelements in the table. Note Assignment rules and default values For the declaration of the PLC data type, note that the memory areas of the individual tags must not overlap. For example, tags of data type "Integer" must start at a word limit. If necessary, insert "fill tags" to prevent overlaps. See also: Permissible addresses and data types of PLC tags (Page 4595) It is not possible to assign default values for the individual components. Values that you enter in the "Default value" column are not evaluated. Tags of data types "DT" and "DTL" may therefore contain invalid values. See also Other useful information regarding structured PLC tags (Page 4604) Declaring PLC tags (Page 4601) 11.10.7 Declaring global constants 11.10.7.1 Rules for global user constants Permitted characters Names of global constants may consist of the following characters: Letters, numbers, special characters are permitted. Quotation marks are not permitted. WinCC Advanced V14 System Manual, 10/2016 4607 Programming the PLC 11.10 Declaring PLC tags Unique constant names The names of global constants must be unique throughout the CPU, even if the constants are located in different tag tables of a CPU. A name that is already used for a block, a PLC tag or another constant within the CPU, cannot be used for new constant. The uniqueness check does not differentiate between use of small and capital letters. If you enter an already assigned name another time, a sequential number is automatically appended to the second name entered. For example, if you enter the name "Motor" a second time, the second entry is changed to "Motor(1)". Permitted data types For constants, all data types supported by the CPU are permitted, with the exception of structured data types. Permitted values You can select any value from the value range of the specified data type as constant value. For information on the value ranges, refer to the "Data types" chapter. See also: AUTOHOTSPOT See also Declaring global constants (Page 4609) 11.10.7.2 Rules for global system constants Definition System constants are global constants, unique throughout the CPU, that are required and automatically created by the system. System constants can, for example, be used to address and identify hardware objects. Rules System constants are assigned automatically when components are inserted in the device or network view, and entered in the default tag table ("System constants" tab). A system constant is created for each module, but also for each submodule. An integrated counter, for example, therefore receives a system constant as well. System constants consist of a symbolic name and a numeric HW identifier and cannot be changed. Names of system constants The names of the system constants are structured hierarchically. They consist of a maximum of four hierarchical levels, each of which is separated by a tilde "~". Based on the name, you can therefore recognize the "path" to the relevant hardware module. 4608 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags Example A system constant with the name "Local~PROFINET_interface_1~Port_1" designates Port 1 of the PROFINET interface 1 of the local CPU. See also Instructions for address conversion (Page 3867) 11.10.7.3 Declaring global constants Introduction You declare constants in the "User constants" tab of a PLC tag table. During declaration you have to to enter a symbolic name, a data type and a fixed value for each constant. You can select any value from the value range of the specified data type as constant value. For information on the value ranges, refer to the "Data types" chapter. See also: AUTOHOTSPOT Procedure To declare constants, follow these steps: 1. Open a PLC tag table. 2. Open the "User constants" tab. The constants table opens. 3. Enter a constant name in the "Name" column. 4. Enter the required data type in the "Data type" column. You will be supported by autocompletion during input. 5. Enter a constant value in the "Value" column; this constant value must be valid for the selected data type. 6. If you want, enter comments on the constants in the "Comments" column. The entry of a comment is optional. 7. If you want to declare additional constants, place the cursor in the next row and repeat steps 3 to 6. Syntax check A syntax check is performed automatically after each entry, and any errors found are displayed in red. You do not have to correct these errors immediately - you can continue editing and make any corrections later. As long as the tag declaration contains syntax errors and the constant is used in the program, you will not be able to compile the program. WinCC Advanced V14 System Manual, 10/2016 4609 Programming the PLC 11.10 Declaring PLC tags See also Opening the PLC tag table (Page 4600) Inserting a table row in the PLC tag table (Page 4614) Structure of the PLC tag tables (Page 4593) Rules for global user constants (Page 4607) Editing tables (Page 308) Using autocompletion (Page 4477) 11.10.8 Editing properties 11.10.8.1 Editing the properties of PLC tags Properties of PLC tags Overview The following table provides an overview of the properties of PLC tags. The display of properties may vary depending on the CPU type. Group Property Description General Name A unique name within the CPU. Data type Data type of the tags. Address Tag address. Retain Shows whether the tag is in the retentive memory area. Comment Comment on the tag. Date created Time when the tag was created (cannot be changed). Last modified Time when the tag was last changed (cannot be changed). History Application Visible in HMI engineer Shows whether the tag is visible by default in the HMI ing selection list. Accessible from HMI/ OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Writable from HMI/OPC UA Indicates whether the tag from HMI/OPC UA can be writ ten during runtime. See also Editing the properties of PLC tags (Page 4611) 4610 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags Editing the properties of PLC tags Editing properties in a PLC tag table To edit the properties of one or more tags, follow these steps: 1. In the project tree, double-click the PLC tag table that contains the tags. The PLC tag table opens. 2. Change the entries in the columns. Editing addresses in the program editor To edit the address of a tag in the program editor, follow these steps: 1. Select the tag name. 2. Select the "Rewire tag" command in the shortcut menu. The "Rewire tag" dialog will open. The dialog shows a declaration table. 3. Enter the new address in the "Address" column. 4. Click the "Change" button to confirm the input. Editing names in the program editor To edit the name of a tag in the program editor, follow these steps: 1. Select the tag name. 2. Select the "Rename tag" command in the shortcut menu. The "Rename tag" dialog opens. The dialog shows a declaration table. 3. Enter the new name in the "Name" column. 4. Click the "Change" button to confirm the input. Effect in the program In the case of a change of the tag's name, data type or address, each location of use of the tag is automatically updated in the program. See also Properties of PLC tags (Page 4610) WinCC Advanced V14 System Manual, 10/2016 4611 Programming the PLC 11.10 Declaring PLC tags 11.10.8.2 Editing properties of global constants Properties of global constants Overview The following table gives an overview of the properties of constants: Group Property Description General Name A unique name within the table Data type Data type of the constants Value Value that you defined for the constants. This value must be compatible with the declared data type. See also: AUTOHOTSPOT Comment History Comment on the constants Date created Time when the constant was created (cannot be changed) Last modified Time when the constant was last changed (cannot be changed) Editing properties of global constants Editing properties in a PLC tag table To edit the properties of one or more constants, follow these steps: 1. In the project tree, double-click the PLC tag table that contains the constants. The PLC tag table opens. 2. Open the "User constants" tab. 3. Change the entries in the "Name", "Data type", "Value", or "Comments" column. Effect in the program In the case of a change of a constant's name, data type or value, each location of use of the constant is automatically updated in the program. See also Editing tables (Page 308) 4612 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.9 Monitoring of PLC tags 11.10.9.1 Monitoring of PLC tags You can monitor the current data values of the tags on the CPU directly in the PLC tag table. Requirement An online connection to the CPU exists or is possible. Procedure To monitor the data values, proceed as follows: 1. Open a PLC tag table. 2. Start monitoring by clicking the "Monitor all" button. - If no online connection to the CPU exists, this is established. - Monitoring is started with the trigger setting "Permanent". - The additional "Monitor value" column is displayed in the table. This shows the current data values. - The symbol for the forcing of tags is displayed if a tag is currently being forced. 3. End the monitoring by clicking the "Monitor all" button again. Note Editing PLC tags during the monitoring of tags If the editing of tags is started and the PLC tag table is edited, for example by adding new tags, the monitoring is re-started after editing is complete. Note You also have the option of copying PLC tags to a monitor or force table so that you can monitor, control or force them in the table. See also Structure of the PLC tag tables (Page 4593) Introduction to testing with the watch table (Page 4923) Introduction for testing with the force table (Page 4951) Copying entries in the PLC tag table (Page 4614) WinCC Advanced V14 System Manual, 10/2016 4613 Programming the PLC 11.10 Declaring PLC tags 11.10.10 Editing PLC tag tables 11.10.10.1 Inserting a table row in the PLC tag table Procedure Proceed as follows to insert a row above the selected row: 1. Select the row in front of which you want to insert a new row. 2. Click the "Insert row" button on the toolbar of the table. Result A new row is inserted above the selected row. See also Editing tables (Page 308) 11.10.10.2 Copying entries in the PLC tag table You can copy PLC tags within a table or to other tables. Procedure To copy a tag, follow these steps: 1. Select the tags you want to copy. You can also select several tags by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last tag. 2. Select "Copy" in the shortcut menu. 3. Position the insertion pointer at the location where you want to insert the tags. 4. Select "Paste" in the shortcut menu. Or 1. Select the tag. 2. Hold down the left mouse button. 3. At the same time, press <Ctrl>. 4. Drag the tag to the destination. 4614 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags Result The tag is copied to the destination. If there is a name conflict, a number is automatically appended to the tag name. For example, "Tag" becomes "Tag(1)". All other properties of the tag remain unchanged. See also Editing tables (Page 308) 11.10.10.3 Deleting entries in the PLC tag table Procedure Follow the steps below to delete elements: 1. Select the row with the element to be deleted. You can also select several rows by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last row. 2. Select the "Delete" command in the shortcut menu. See also Editing tables (Page 308) 11.10.10.4 Sorting rows in the PLC tag tables You can sort the rows in the tables alphanumerically by name, data type, or address. Procedure To sort the table rows, follow these steps: 1. Select the column by which you want to sort. 2. Click the column header. The column will be sorted in order of increasing values. An up arrow shows the sort sequence. 3. In order to change the sort sequence, click the arrow. The column will be sorted in order of decreasing values. A down arrow shows the sort sequence. 4. To restore the original sequence, click a third time on the column header. See also Editing tables (Page 308) WinCC Advanced V14 System Manual, 10/2016 4615 Programming the PLC 11.10 Declaring PLC tags 11.10.10.5 Automatically filling in cells in the PLC tag table You can load the contents of one or several table cells into the cells below, automatically filling in the successive cells. If you automatically fill in cells in the "Name" column, a consecutive number will be appended to each name. For example, "Motor" will become "Motor_1". If you fill the cells in the column "Address" automatically, the addresses will be increased depending on the indicated data type. Procedure To automatically fill in successive cells, follow these steps: 1. Select the cells to be loaded. 2. Click the "Fill" symbol in the bottom right corner of the cell. The mouse pointer is transformed into a crosshair. 3. Keep the mouse button pressed and drag the mouse pointer downwards over the cells that you want to fill in automatically. 4. Release the mouse button. The cells are filled in automatically. If entries are already present in the cells that are to be automatically updated, a dialog appears in which you can indicate whether you want to overwrite the existing entries or whether you want to insert new rows for the new tags. See also Editing tables (Page 308) 11.10.10.6 Show and hide table columns You can show or hide the columns in a table as needed. Procedure To show or hide table columns, follow these steps: 1. Click a column header. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. 5. To hide or show several columns, click "More" and activate or deactivate the check box of the corresponding columns in the "Show/Hide" dialog. See also Editing tables (Page 308) 4616 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags 11.10.10.7 Editing PLC tags with external editors Basics for importing and exporting Introduction You can export PLC tag tables to a standardized XLSX format for editing with external table editors. Similarly, you can import PLC tag tables created with external table editors to the TIA Portal. Overwriting existing PLC tags and constants during import Existing entries of the same name will be overwritten during import if they have the same name as the entries that will be imported. Link to existing objects References to PLC tags or constants that already exist in the project are updated automatically during import. The update is executed based on the name of the PLC tags and constants. See also Format of the export file (Page 4617) Exporting PLC tags (Page 4618) Importing PLC tags (Page 4619) Format of the export file Introduction During the export of PLC tag tables, a standardized XSLX format will be generated that you can edit with external table editors. This format is also expected during the import of tables. Format of the export file The sheet is always named "PLCTags". This sheet can contain the displayed columns. The sorting order of columns can vary. The sheet does not necessarily have to include all columns. During import, the following values will be identified by a <no value> entry. The names of the column headers are also clearly defined and are always expected in English. WinCC Advanced V14 System Manual, 10/2016 4617 Programming the PLC 11.10 Declaring PLC tags The following table specifies the contents expected for the individual columns: Element Description Name Name of the tags Path Group and name of the PLC tag table Data Type The notation of the data type corresponds to the notation used in the PLC tag table. Logical Address The address can be specified with German or in ternational mnemonics. Comment Free-form comments Hmi Visible The value TRUE or FALSE is expected. Hmi Accessible The value TRUE or FALSE is expected. See also Basics for importing and exporting (Page 4617) Exporting PLC tags (Page 4618) Importing PLC tags (Page 4619) Exporting PLC tags Requirement A PLC tag table is open. Procedure To export PLC tags and constants, follow these steps: 1. In the PLC tag table, click the "Export" button. The "Export to Excel" dialog opens. 2. Select the path to which you want to save the export file. 3. Select whether to export tags and/or constants. 4. Click the "OK" button. Result The export file will be generated. Errors and warnings generated during export are indicated in the "Info" tab of the Inspector window. 4618 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.10 Declaring PLC tags See also Basics for importing and exporting (Page 4617) Format of the export file (Page 4617) Importing PLC tags (Page 4619) Importing PLC tags Requirement A table exists and it conforms to format specifications. Procedure To import a PLC tag table, follow these steps: 1. Open the "All tags" table. 2. Click the "Import" button. The "Import from Excel" dialog opens. 3. Select whether to import PLC tags and/or constants. 4. Select the table you want to import. 5. Click the "OK" button. Result The PLC tag table will be imported. Errors and warnings generated during export are indicated in the "Info" tab of the Inspector window. See also Basics for importing and exporting (Page 4617) Format of the export file (Page 4617) Exporting PLC tags (Page 4618) Editing individual PLC tags with external editors To edit individual PLC tags in external editors outside the TIA portal, you can export or import these tags using copy and paste. However, you cannot copy structured tags to an editor. Requirement A PLC tag table and an external editor are opened. WinCC Advanced V14 System Manual, 10/2016 4619 Programming the PLC 11.11 Declaring PLC data types (UDT) Procedure To export and import individual PLC tags, follow these steps: 1. Select one or more PLC tags. 2. Select "Copy" in the shortcut menu. 3. Switch to the external editor and paste the copied tags. 4. Edit the tags as required. 5. Copy the tags in the external editor. 6. Switch back to the PLC tag table. 7. Select "Paste" in the shortcut menu. Note You also have the option of export or importing PLC tags as mass data. See also: Editing PLC tags with external editors (Page 4617) 11.11 Declaring PLC data types (UDT) 11.11.1 Basics of PLC data types (UDT) Description PLC data types (UDT) are data structures that you define for the entire CPU, that you can edit centrally and and that can be used multiple times within the program. All location of use are updated automatically. The structure of a PLC data type is made up of several components, each of which can contain different data types. You define the type of component in the declaration of the PLC data type (UDT). You can use the PLC data types to implement a data exchange between multiple blocks through block interfaces. PLC data types always end at WORD limits. Using a PLC data type You can declare PLC data types as the type when creating data blocks. Based on this type you can create a number of data blocks, all of which have the same data structure. These data blocks can be adapted by entering different actual values for the corresponding task. For instance, create a PLC data type for a recipe for blending paints. You can then assign this data type to several data blocks, each of which contains other quantity information. The following figure shows this application: 4620 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC '%%/8( 8'75HFLSH SO '%/,*+7B%/8( 7H P 3/&GDWDW\SH DW H IR U 11.11 Declaring PLC data types (UDT) 7H P SOD W H IR U '%3853/( PLC data types can be used for the following applications: PLC data types can be used as data types for tags in the tag declaration of logic blocks or in data blocks. PLC data types can be used as templates for the creation of global data blocks with identical data structures. PLC data types can be used in S7-1200 and S7-1500 as a template for the creation of structured PLC tags. Nesting depth and potential number of PLC data types PLC data types can be nested to a depth of 8. This nesting depth is independent of the CPU used. You can create up to 65534 PLC data types for a CPU of the S7-1200 or S7-1500 series. Each of these PLC data types can include up to 252 components. WinCC Advanced V14 System Manual, 10/2016 4621 Programming the PLC 11.11 Declaring PLC data types (UDT) Additional information on the PLC data types Note You can find more information on the PLC data types here: You can find general information on the PLC data type here: PLC data types (UDT) (Page 2170) Creating PLC data types (Page 4624) AUTOHOTSPOT Programming the structure of PLC data types (Page 4626) You can find programming recommendations for the PLC data types here: Using PLC data types (UDT) (Page 2104) Using the DB_ANY data type (Page 2093) How can you address tags of the data type PLC data type in the data blocks? Addressing PLC data types (UDT) (Page 2174) How can you declare tags that are based on a PLC data type in the block interface? Declaring tags based on a PLC data type (Page 4536) How can you program tags that are based on a PLC data type in the data block? Declaring tags based on a PLC data type (Page 4563) How can you compare PLC data types in your program? Comparing PLC data types (Page 4860) Comparing PLC tags (Page 4832) CMP ==: Equal (Page 2523) How can you address PLC tags of the data type PLC data type? Creating structured PLC tags (Page 4606) Permissible addresses and data types of PLC tags (Page 4595) How can you program the parameter transfer of PLC data types at a block call? AUTOHOTSPOT 4622 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) Note You can find more information on the PLC data types in the Siemens Industry Online Support in the following contributions: How can you initialize structures in optimized memory areas at the S7-1500 in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/ww/de/view/78678760 (https:// support.industry.siemens.com/cs/ww/en/view/78678760) How do you create a PLC data type (UDT) at an S7-1500 control system? https://support.industry.siemens.com/cs/ww/de/view/67599090 (https:// support.industry.siemens.com/cs/ww/en/view/67599090) How is the specific application of own PLC data types (UDT) effected in STEP 7 (TIA Portal)? https://support.industry.siemens.com/cs/de/de/view/67582844 (https:// support.industry.siemens.com/cs/de/en/view/67582844) Why should complete structures be transferred at a block call for S7-1500 instead of many individual components? https://support.industry.siemens.com/cs/ww/de/view/67585079 (https:// support.industry.siemens.com/cs/ww/en/view/67585079) See also https://www.youtube.com/watch?v=4jggNgvPisw (https://www.youtube.com/watch? v=4jggNgvPisw) 11.11.2 Structure of the declaration table for PLC data types Structure of the declaration table for PLC data types The figure below shows the structure of the declaration table for PLC data types. WinCC Advanced V14 System Manual, 10/2016 4623 Programming the PLC 11.11 Declaring PLC data types (UDT) Meaning of the columns The following table shows the meaning of the individual columns. You can show or hide the columns as required. The number of columns displayed varies depending on the CPU series. Column Explanation Symbol you can click to move or copy the tag. Name Name of the tags. Data type Data type of the tags. Default value Value with which you predefine the tag in the declaration of the PLC data type. Specification of the default value is optional. If you do not specify any value the predefined value for the indicated data type is used. For example, the value "false" is predefined for BOOL. Visible in HMI en gineering Shows whether the tag is visible by default in the HMI selection list. Accessible from HMI/OPC UA Indicates whether HMI/OPC UA can access this tag during runtime. Writable from HMI/ Indicates whether the tag from HMI/OPC UA can be written during runtime. OPC UA Setpoint value Setpoint values are the values that will probably have to be fine tuned during com missioning. After commissioning, the values of these tags can be transferred to the offline program as start values and stored there. Comment Comment to document the tags. See also Creating PLC data types (Page 4624) Show and hide table columns (Page 4633) Using setpoints during commissioning (Page 4587) 11.11.3 Creating PLC data types Requirement The "PLC data types" folder opens in the project tree. Procedure To create a PLC data type, proceed as follows: 1. In the "PLC data types" folder, click the "Add new data type" command. A new declaration table for creating a PLC data type will be created and opened. 2. Select the PLC data type and select the "Rename" command in the shortcut menu. 3. Enter the name of the PLC data type. 4624 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) Result The new PLC data type is created. You can find the PLC data type in the project tree in the "PLC data types" folder. See also Structure of the declaration table for PLC data types (Page 4623) Basics of PLC data types (UDT) (Page 4620) 11.11.4 Delete PLC data types Requirement The PLC data type you want to delete is not open. Procedure To delete a PLC data type, follow these steps: 1. In the project tree, open the "PLC data types" folder. 2. Select the PLC data type to be deleted. You can also select several PLC data types by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last data type. 3. Select the "Delete" command in the shortcut menu. Note If you delete a PLC data type, the blocks that use the data type will become inconsistent. These inconsistencies are marked in red in the block used. To remedy these inconsistencies, the data blocks have to be updated. See also Updating the block interface (Page 4548) Updating data blocks (Page 4556) WinCC Advanced V14 System Manual, 10/2016 4625 Programming the PLC 11.11 Declaring PLC data types (UDT) 11.11.5 Renumbering PLC data types For performance reasons, PLC data types are processed internally with numbers. If there are number conflicts, these are resolved automatically. But this is not possible for a PLC data type which is used by a know-how protected block. The block must be recompiled when you change the number of the PLC data type which results in a password prompt for the know-how protected block. You can bypass this step by setting up a separate numbering scheme for your PLC data types. Use numbers greater than 5000. Procedure To change the default number of a PLC data type, follow these steps: 1. Open the project library in the "Libraries" task card. 2. Drag the compilable PLC data type to the "Types" folder. The "Add type" dialog opens. 3. Enter the properties of the new type. 4. Click "OK" to confirm. 5. Right-click the PLC data type in the project library and select the "Edit type" command from the shortcut menu. 6. Click "OK" to confirm your selection of the instance. The library view opens. 7. Close the library view. The extension "in test" is now added to the name of the PLC data type. 8. Right-click the PLC data type and select the "Properties" command from the shortcut menu. 9. Select the "General" group in the area navigation. You can now edit the number of the PLC data type. 10.Change the number of the PLC data type. 11.Click "OK" to confirm. 12.Right-click the PLC data type in the project library and select the "Release version" command from the shortcut menu. The PLC data type has a new number. The assigned number is retained even if the type of the PLC data type is revoked. 11.11.6 Programming the structure of PLC data types 11.11.6.1 Declaring tags of elementary data type Requirement A PLC data type is open. 4626 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) Procedure To declare a tag, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the required data type in the "Data type" column. You will be supported by autocompletion during input. 3. Optional: Change the properties of the tags that are displayed in the other columns. 4. Repeat steps 1 to 3 for all tags that are to be declared. See also Editing tables (Page 308) Editing the declaration table for PLC data types (Page 4631) 11.11.6.2 Declaring tags of the ARRAY data type Requirement A PLC data type is open. Procedure To declare a tag of the ARRAY data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the "Array" data type in the "Data type" column. You will be supported by autocompletion in this step. The "Array" dialog opens. 3. In the "Data type" text box, specify the data type of the array elements. 4. In the "ARRAY limits" text box, specify the high and low limit for each dimension. Example of a one-dimensional ARRAY: [0..3] Example of a three-dimensional ARRAY: [0..3, 0..15, 0..33] 5. Confirm your entry. 6. Optional: Change the properties of the tags that are displayed in the other columns. Note You cannot define specific default values for ARRAY elements. You can, however, assign them start values at the usage point in the data block. WinCC Advanced V14 System Manual, 10/2016 4627 Programming the PLC 11.11 Declaring PLC data types (UDT) Note Restriction when displaying ARRAY elements Depending on the amount of work memory available on your computer, the following maximum limits apply when displaying ARRAYs: RAM < 8 GB: A maximum of 10,000 rows are displayed. RAM >= 8 GB: A maximum of 40,000 rows are displayed. See also Structure of the declaration table for PLC data types (Page 4623) ARRAY (Page 2177) Using autocompletion (Page 4477) 11.11.6.3 Declaring tags of STRUCT data type Requirements A PLC data type is open. Procedure To declare a tag of the STRUCT data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter "Struct" in the "Data type" column. You will be supported by autocompletion during input. An empty, indented row is inserted after the new tag. 3. Insert the first structural element in the first empty row. An additional empty row is inserted after the element. 4. Select a data type for the structure element. 5. Optional: Change the properties of the structural element that is displayed in the other columns. 6. Repeat steps 3 to 5 for all additional structure elements. It is not necessary to end the structure explicitly. The structure ends with the last element that is entered. 7. To insert a new tag after the structure, leave a blank row after the end of the structure and then start the new tag in the second empty row. Result The tag of STRUCT data type is created. 4628 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) See also STRUCT (Page 2175) Structure of the declaration table for PLC data types (Page 4623) Using autocompletion (Page 4477) 11.11.6.4 Declaring tags based on a different PLC data type Requirements A global data block is open. A PLC data type is declared in the current CPU. Procedure To declare a tag based on a different PLC data type, follow these steps: 1. Enter a tag name in the "Name" column. 2. Enter the PLC data type in the "Data type" column. You will be supported by autocompletion during input. Result The tag is created. Note You define the default values of tags within a PLC data type when the PLC data type is created. You cannot change these values at the point of use of the PLC data type. See also Basics of PLC data types (UDT) (Page 4620) Structure of the declaration table for PLC data types (Page 4623) Using autocompletion (Page 4477) WinCC Advanced V14 System Manual, 10/2016 4629 Programming the PLC 11.11 Declaring PLC data types (UDT) 11.11.7 Editing tag properties in PLC data types 11.11.7.1 Properties of tags in PLC data types Properties The following table gives an overview of tag properties in PLC data types: Group Property Description General Name Name of the tags. Data type Data type of the tags. Default value Default value of the tag in the interface of a higher-level code block or in a PLC data type. The values contained in the "Default value" column can only be changed in the higher-level code block or PLC data type. The values are only displayed in the data block. Start value Not relevant in PLC data types Comment Comment on the tag. Attributes Retain Not relevant in PLC data types User-defined at tributes CFC_Visible Visible Indicates whether a parameter is visible in CFC. CFC_Configurable Configurable CFC_ForTest For test Indicates whether a parameter is configurable in CFC. Indicates whether a parameter is registered for the CFC test mode. CFC_Interconnectable Interconnectable CFC_EnableTagRead back Enable tag readback CFC_Enumeration Texts Enumeration texts CFC_EngineeringUnit Engineering unit Indicates whether a parameter is interconnectable in CFC. Indicates whether a parameter is relevant for the "Read back chart" function in CFC. Assigns a parameter to an enumeration in CFC. Assigns a parameter to a unit in CFC. CFC_LowLimit Low limit CFC_HighLimit High limit Defines the low limit for the parameter in CFC. Defines the high limit for the parameter in CFC. 4630 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) See also Changing the properties of tags in PLC data types (Page 4631) Basics of PLC data types (UDT) (Page 4620) Structure of the declaration table for PLC data types (Page 4623) 11.11.7.2 Changing the properties of tags in PLC data types Editing general properties in the declaration table To edit the general properties of one or more tags, follow these steps: 1. Open the PLC data type. 2. Change the entries in the columns. Editing detailed properties in the properties window To edit the detailed properties of an individual tag, follow these steps: 1. Select a tag in the table. 2. Select the "Properties" command in the shortcut menu. The inspector window shows the properties of the tag in the "General" and "Attributes" areas. 3. Select the required area in the area navigation. 4. Change the entries in the text boxes. See also Updating the block interface (Page 4548) Updating data blocks (Page 4556) 11.11.8 Editing the declaration table for PLC data types 11.11.8.1 Inserting table rows Procedure Proceed as follows to insert a row above the selected row: 1. Select the row in front of which you want to insert a new row. 2. Click the "Insert row" button on the toolbar of the table. WinCC Advanced V14 System Manual, 10/2016 4631 Programming the PLC 11.11 Declaring PLC data types (UDT) Result A new row is inserted above the selected row. 11.11.8.2 Inserting table rows Procedure Proceed as follows to insert a row below the selected row: 1. Select the row below which you want to insert a new row. 2. Click the "Add row" button on the table toolbar. Result A new empty row will be inserted below the selected row. 11.11.8.3 Deleting tags Procedure Follow the steps below to delete elements: 1. Select the row with the element to be deleted. You can also select several rows by clicking on them one after the other while holding down the <Ctrl> key or by pressing and holding down <Shift> and clicking on the first and last row. 2. Select the "Delete" command in the shortcut menu. See also Updating the block interface (Page 4548) Updating data blocks (Page 4556) 11.11.8.4 Automatically filling in successive cells You can load the contents of one or several table cells into the cells below, automatically filling in the successive cells. If you automatically fill in cells in the "Name" column, a consecutive number will be appended to each name. For example, "Motor" will become "Motor_1". You can define individual or more cells as well as entire rows as source area. If less rows exist in the open table than you want to fill, then you will first have to insert additional empty rows. 4632 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.11 Declaring PLC data types (UDT) Requirement The table is open. Sufficient declaration rows are available. Procedure To automatically fill in successive cells, follow these steps: 1. Select the cells to be loaded. 2. Click the "Fill" symbol in the bottom right corner of the cell. The mouse pointer is transformed into a crosshair. 3. Keep the mouse button pressed and drag the mouse pointer downwards over the cells that you want to fill in automatically. 4. Release the mouse button. The cells are filled in automatically. 5. If entries are already present in the cells that are to be automatically filled in, a dialog appears. In this dialog you can indicate whether you want to overwrite the existing entries or insert new rows for the new tags. 11.11.8.5 Show and hide table columns You can show or hide the columns in a table as needed. Procedure To show or hide table columns, follow these steps: 1. Click a column header. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. 5. To hide or show several columns, click "More" and activate or deactivate the check box of the corresponding columns in the "Show/Hide" dialog. WinCC Advanced V14 System Manual, 10/2016 4633 Programming the PLC 11.12 Creating LAD programs 11.12 Creating LAD programs 11.12.1 Basic information on LAD 11.12.1.1 LAD programming language Overview of the Ladder Logic (LAD) programming language LAD is a graphical programming language. The representation is based on circuit diagrams. The program is mapped in one or more networks. A network contains a power rail on the left where the rungs originate. The binary signal scans are arranged in the form of contacts on the rungs. The serial arrangement of the elements on a rung creates a series connection; arrangement on simultaneous branches creates a parallel connection. Complex functions are represented by boxes. Example of networks in LAD The following figure shows a LAD network with two normally open contacts, one normally closed contact and one coil: 1HWZRUN 6WDUW 6WRS &RLO &RLO 11.12.1.2 Overview of the LAD elements LAD elements A LAD program consists of separate elements that you can arrange in series or parallel on the power rail of a network. Most program elements must be supplied with tags. There is at least one rung from the power rail. Network programming starts at the left edge of the rung. You can expand the power rail by several rungs and branches. For example, the following figure shows elements of a LAD network: 4634 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 1) Power rail 2) Rung 3) Branch 4) Contact 5) Coil 6) Box Power rail Each LAD network consists of a power rail that contains at least one rung. A network can be extended by adding additional rungs. You can use branches to program parallel connections in the specific rungs. Contacts You can use contacts to create or interrupt a current-carrying connection between two elements. The current is relayed from left to right. You can use contacts to query the signal state or the value of an operand and control it depending on the result of the current flow. The following types of contact are available to you in a LAD program: Normally open contact: Normally open contacts forward the current if the signal state of a specified binary operand is "1". Normally closed contacts: Normally closed contacts forward the current if the signal state of a specified binary operand is "0". Contact with additional function: Contacts with additional function forward the current if a specific condition is met. With these contacts you can also execute an additional function, such as an RLO edge detection and a comparison. WinCC Advanced V14 System Manual, 10/2016 4635 Programming the PLC 11.12 Creating LAD programs Coils You can use coils to control binary operands. Coils can set or reset a binary operand depending on the signal state of the result of logic operation. The following types of coils are available to you in a LAD program: Standard coils: Standard coils set a binary operand if current flows in the coil. The "Assignment" instruction is an example of a standard coil. Coils with additional function: These coils have additional functions in addition to the evaluation of the logic operation result. Coils for RLO edge detection and program control are examples of coils with additional function. Boxes Boxes are LAD elements with complex functions. The empty box is an exception. You can use the empty box as a placeholder in which you can select the required instruction. The following types of boxes are available to you in a LAD program: Boxes without EN/ENO mechanism: A box is executed depending on the signal state at the box inputs. The error status of the processing cannot be queried. Boxes with EN/ENO mechanism: A box is only executed if the enable input "EN" carries the signal state "1". If the box is processed correctly, the "ENO" enable output has signal state "1". If an error occurs during the processing, the "ENO" enable output is reset. Calls of code block are also shown in the network as boxes with EN/ENO mechanism. See also Rules for the use of LAD elements (Page 4646) 4636 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.2 Settings for LAD 11.12.2.1 Overview of the settings for LAD Overview The following table shows the settings that you can make: Group Setting Description Font Font size Font size in program editor View Layout Compact or wide Changes the vertical spacing between operands and other objects (such as op erand and contact). The change be comes visible once the block is reop ened. Operand field With absolute information Additional display of the absolute ad dresses Maximum width Maximum number of characters that can be entered horizontally in the oper and field. This setting recalculates the layout of the networks. Maximum height Maximum number of characters that can be entered vertically in the operand field. This setting recalculates the layout of the networks. See also Changing the settings (Page 4637) 11.12.2.2 Changing the settings Procedure To change the settings, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Change the settings. Result The change will be loaded directly, there is no need to save it explicitly. WinCC Advanced V14 System Manual, 10/2016 4637 Programming the PLC 11.12 Creating LAD programs See also Overview of the settings for LAD (Page 4637) 11.12.3 Working with networks 11.12.3.1 Using networks Function The user program is created in the block within networks. For a code block to be programmed, it must contain at least one network. To achieve a better overview of the user program, you can also subdivide your program into several networks. You have the option to insert networks for the textual programming languages SCL and STL in LAD and FBD blocks, and then use instructions in these programming languages. Depending on the CPU you are using, you can insert networks for the following programming languages: S7-300/400: STL networks S7-1200: SCL networks S7-1500: STL and SCL networks The programming editor always adapts to the network that currently has the focus. This means that you have access to the SCL instructions as well as the SCL functions when programming an SCL network. Note You cannot access the blocks that contain SCL networks via the Openness interface. EN/ENO mechanism in blocks with different network languages You can also use the EN/ENO mechanism in blocks with different network languages. Each programming language displays the error status differently: SCL has an "ENO" tag that stores the error status and can be queried. Direct access to this tag is only possible with SCL. LAD/FBD/STL have no special tag for "ENO". However, you can read the error status for STL from the BR bit, and query it via the RET coil for LAD/FBD. 4638 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs The following rules apply to reading out the error status for the entire block: The last network in the block is a LAD/FBD network: If you do not use RET coils, the error status is "TRUE" by default. The last network in the block is an STL network: The BR bit determines the error status. The BR bit can be edited in STL networks using the BR tab. The last network in the block is an SCL network: The "ENO" tag determines the error status of the block. See also Inserting networks (Page 4639) Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.2 Inserting networks You can either insert a network of the same programming language or a network for a textual programming language in an LAD or FBD block. Keep in mind, however, that not all CPU types support all textual languages. Requirement An LAD or FBD block is open. Insert LAD or FBD network To insert a new network, follow these steps: 1. Select the network after which you want to insert a new network. 2. Select the "Insert network" command in the shortcut menu. Insert STL or SCL network To insert a new network, follow these steps: 1. Select the network after which you want to insert a new network. 2. Select the "Insert STL network" or "Insert SCL network" command in the shortcut menu. Result A new, empty network is inserted in the block in the corresponding programming language. WinCC Advanced V14 System Manual, 10/2016 4639 Programming the PLC 11.12 Creating LAD programs See also Using networks (Page 4638) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.3 Selecting networks Requirements A network is available. Selecting a network To select a network, follow these steps: 1. Click the title bar of the network that you want to select. Selecting several networks Proceed as follows to select several individual networks: 1. Press and hold down the <Ctrl> key. 2. Click all the networks that you want to select. To select several successive networks, follow these steps: 1. Press and hold down the <Shift> key. 2. Click the first network that you want to select. 3. Click the last network that you want to select. The first and last networks and all those in between are selected. See also Using networks (Page 4638) Inserting networks (Page 4639) Copying and pasting networks (Page 4641) Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) 4640 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.4 Copying and pasting networks Copied networks can be pasted within the block or in another block. Networks that were created in LAD or FBD can also be inserted in blocks of the respective other programming language. Requirement A network is available. Procedure To copy and paste a network, follow these steps: 1. Select the network or networks to be copied. 2. Select "Copy" in the shortcut menu. 3. Select the network after which you want to paste in the copied network. 4. Select "Paste" in the shortcut menu. See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.5 Deleting networks Requirement A network is available. WinCC Advanced V14 System Manual, 10/2016 4641 Programming the PLC 11.12 Creating LAD programs Procedure To delete a network, follow these steps: 1. Select the network that you want to delete. 2. Select the "Delete" command in the shortcut menu. See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) Expanding and collapsing networks (Page 4642) Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.6 Expanding and collapsing networks Requirements A network is available. Opening and closing a network To open a network, follow these steps: 1. Click on the right arrow in the network title bar. To close a network, follow these steps: 1. Click on the down arrow in the network title bar. Opening and closing all networks To open and close all networks, follow these steps: 1. In the toolbar, click "Open all networks" or "Close all networks". See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) 4642 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Deleting networks (Page 4641) Inserting network title (Page 4643) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.7 Inserting network title The network title is the header of a network. The length of the network title is limited to one line. You can enter the title manually or set it automatically. When you set it automatically, you can do this for individual networks or use the settings to specify that the network title is always set automatically. For automatic insertion of the network title, the comment of the operand in one of the following instructions in the network is evaluated: Assignment Set output Reset output The instruction that is listed first in the network is used. The network title is only inserted automatically when the following conditions are fulfilled: The network does not have a title yet. The operand of the instruction used for the comment has a comment. Note Note the following restrictions for automatic insertion of the network title: The network title is not adapted if you change the comment of the operand at a later time. The network title is not adapted if you change the operand of the instruction. The network title is only set by the writing instructions listed above. If the operand is of the data type array, the comment of the array is used and not the comments of the array elements. Comments of invalid operands are not taken into consideration. Entering the network title manually To enter a network title, follow these steps: 1. Click on the title bar of the network. 2. Enter the network title. WinCC Advanced V14 System Manual, 10/2016 4643 Programming the PLC 11.12 Creating LAD programs Setting the network title automatically To specify that the network titles are always set automatically, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Select the "Set network title automatically" check box in the "Additional settings" group. The network titles are set automatically as of this time if the conditions listed above are fulfilled. To set an individual network title automatically, follow these steps: 1. Right-click "Network <Number of the network>" in the title bar of a network. 2. Select the "Set network title automatically" command in the shortcut menu. The title of the selected network is set based on the comment of the operand if the conditions listed above are fulfilled. See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) Entering a network comment (Page 4644) Navigating networks (Page 4645) 11.12.3.8 Entering a network comment You can use network comments to provide comments on the program contents of individual networks. For example, you can indicate the function of the network or draw attention to special characteristics. Requirement A network is available. Procedure To enter a network comment, follow these steps: 1. Click on the right arrow before the network title. 2. If the comment area is not visible, click "Network comments on/off" in the toolbar. The comment area is displayed. 4644 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 3. Click "Comment" in the comment area. The "Comment" text passage is selected. 4. Enter the network comment. See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) Inserting network title (Page 4643) Navigating networks (Page 4645) 11.12.3.9 Navigating networks You can navigate straight to a specific position within a block. Procedure To navigate to a specific position within a block, follow these steps: 1. Right-click in the code area of the programming window. 2. Select the "Go to > Network/line" command in the shortcut menu. The "Go to" dialog will open. 3. Enter the network to which you want to navigate. 4. Enter the line number of the network to which you want to navigate. 5. Confirm your entry with "OK". Result The relevant line will be displayed if this is possible. If the network or line requested does not exist, the last existing network or the last existing line in the network requested will be displayed. See also Using networks (Page 4638) Inserting networks (Page 4639) Selecting networks (Page 4640) Copying and pasting networks (Page 4641) WinCC Advanced V14 System Manual, 10/2016 4645 Programming the PLC 11.12 Creating LAD programs Deleting networks (Page 4641) Expanding and collapsing networks (Page 4642) Inserting network title (Page 4643) Entering a network comment (Page 4644) 11.12.4 Inserting LAD elements 11.12.4.1 Rules for the use of LAD elements Rules Note the following rules when inserting LAD elements: Every LAD network must terminate with a coil or a box. However, the following LAD elements must not be used to terminate a network: - Comparator boxes - Instructions for positive and negative RLO edge detection The starting point of the branch for a box connection must always be the power rail. Logic operations or other boxes can be present in the branch before the box. Only contacts can be inserted into simultaneous branches with preceding logic operations. The contact for negating the result of logic operation (-|NOT|-) is an exception here. The contact for negating the result of logic operation, as well as coils and boxes, can be used in simultaneous branches if they originate directly from the power rail. Constants (e.g. TRUE or FALSE) cannot be assigned to normally closed or normally open contacts. Instead, use operands of the BOOL data type. Only one jump instruction can be inserted in each network. Only one jump label can be inserted in each network. Instructions with positive or negative edge detection may not be arranged directly at the left margin of the rung as they requires a prior logic operation. Placement rules for S7-1200/1500 CPUs The following table sets out the instructions that can only be positioned at the end of the network: Instruction 4646 Mnemonics Name Preceding logic operation re quired SET_BF Set bit field No RESET_BF Reset bit field No JMP Jump if RLO = 1 No JMPN Jump if RLO = 0 Yes WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Mnemonics Name Instruction Preceding logic operation re quired JMP_LIST Define jump list No SWITCH Jump distributor No RET Return No Placement rules for S7-300/400 CPUs The following table sets out the instructions that can only be positioned at the end of the network: Mnemon ics Name Instruction Preceding logic operation re quired S Set output Yes R Reset output Yes SP Start pulse timer Yes SE Start extended pulse timer Yes SD Start on-delay timer Yes SS Start retentive on-delay timer Yes SF Start off-delay timer Yes SC Set counter value Yes CU Count up Yes CD Count down Yes JMP Jump if RLO = 1 No JMPN Jump if RLO = 0 Yes RET Return No OPN Open global data block No OPNI Open instance data block No CALL Call block No SAVE Save RLO in BR bit No MCRA Enable MCR range No MCRD Disable MCR range No MCR< Open MCR ranges No MCR> Close MCR ranges No Note Calling blocks with binary inputs in S7-300/400 CPUs The following FAQ describes the special features when calling blocks with binary inputs: FAQ 13988019: What should you watch out for when programming nested FB/FC calls with binary inputs in FBD? (Page 4648) WinCC Advanced V14 System Manual, 10/2016 4647 Programming the PLC 11.12 Creating LAD programs See also Overview of the LAD elements (Page 4634) FAQ 13988019 (https://support.industry.siemens.com/cs/de/de/view/13988019) 11.12.4.2 Prohibited interconnections in LAD Power flow from right to left No branches can be programmed that could result in a power flow in the reverse direction. , , , , , , 4 ,PSHUPLVVLEOHUDWHRIIORZ , , Short-circuit No branches may be programmed that would cause a short-circuit. , , , 4 6KRUWFLUFXLWLPSHUPLVVLEOH Logic operations The following rules apply to logic operations: Only Boolean inputs can be combined with preceding logic operations. Only the first Boolean output can be combined with a further logic operation. Only one complete logical path can exist per network. Paths that are not connected can be linked. See also Rules for the use of LAD elements (Page 4646) 4648 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.4.3 Inserting LAD elements using the "Instructions" task card Requirement A network is available. Procedure To insert a LAD element into a network using the "Instructions" task card, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to the LAD element that you want to insert. 3. Use drag-and-drop to move the element to the desired place in the network. If the element is an internal system function block (FB), the "Call options" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Or: 1. Select the point in the network at which you want to insert the element. 2. Open the "Instructions" task card. 3. Double-click on the element you want to insert. If the element is an internal system function block (FB), the "Call options" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Result The selected LAD element is inserted with placeholders for the parameters. 11.12.4.4 Inserting LAD elements using an empty box Requirement A network is available. Procedure To insert an LAD element into a network using an empty box, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to "General > Empty box" in the "Basic instructions" palette. WinCC Advanced V14 System Manual, 10/2016 4649 Programming the PLC 11.12 Creating LAD programs 3. Use a drag-and-drop operation to move the "Empty box" element to the desired place in the network. 4. Position the cursor over the triangle in the top right-hand corner of the empty box. A drop-down list is displayed. 5. Select the required LAD element from the drop-down list. If the element is an internal system function block (FB), the "Call option" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Result The empty box is changed to the respective LAD element. Placeholders are inserted for the parameters. 11.12.4.5 Selecting the data type of a LAD element Selecting a data type Introduction Some instructions can be executed with several different data types. If you use one of these instructions in the program, you have to specify a valid data type for the instruction at the specific point in the program. For some instructions, you have to select the data types for the inputs and outputs separately. Note The valid data type (BOOL) for the tags on the enable input EN and the enable output ENO is predefined by the system and cannot be changed. The valid data types for an instruction are listed in the instruction drop-down list. You specify the data type of the instruction by selecting an entry from the drop-down list. If the data type of an operand differs from the data type of the instruction and cannot be converted implicitly, the operand is displayed in red and a rollout with the corresponding error message appears. 4650 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Data type selection of mathematical instructions Some mathematical instructions provide you with the option of having the data type automatically set corresponding to the data types of the operand. In the drop-down list for data type selection, these instructions have the entry "Auto" in addition to the actual data types. If you select this entry and then allocate the first operand, the data type of the operand is selected as data type for the instruction. The entry in the drop-down list changes to "Auto (<Data type>)", e.g. "Auto (Real)". If you allocate additional operands, the automatically set data type of the instruction is adjusted according to the following criteria: You supply all other operands with tags of the same data type: The data type of the instruction is not changed. You supply all other operands with tags whose data type is smaller than the data type of the instruction: The data type of the instruction is not changed. For the operand with the smaller data type, an implicit conversion is conducted if necessary. You supply an additional operand with a tag whose data type is greater than the data type of the instruction: The data type of the instruction is changed to the larger data type. An implicit conversion is performed, if necessary, for operands that deviate from the newly set data type of the instruction. Each change in the data type of an operand can result in a change of the data type of the instruction. Other operands may possibly be implicitly converted as a result. Operands for which an implicit conversion is performed are marked with a gray square. Note Please also observe the information on data type conversion for your device and, in particular, the notes on the IEC check. See also: Data type conversion (Page 2332) See also Defining the data type of an instruction (Page 4651) Defining the data type of an instruction Introduction Some instructions can be executed with several different data types. When you insert such instructions into your program, you must specify the data type for these instructions at the actual point in the program. WinCC Advanced V14 System Manual, 10/2016 4651 Programming the PLC 11.12 Creating LAD programs Specifying the data type by means of the drop-down list To define the data type of an instruction using the drop-down list, follow these steps: 1. Insert the instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. Click the triangle in the upper corner of the drop-down list. The drop-down list will open to display the data types valid for the instruction. 3. Select a data type from the drop-down list. The selected data type is displayed. 4. If the instruction has two drop-down lists, select the data type for the instruction inputs in the left-hand drop-down list and the data type for the instruction outputs in the right-hand drop-down list. Specifying data type by assigning tags To define the data type of an instruction by assigning tags, follow these steps: 1. Insert the instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. At an input or output, specify a valid tag, the data type of which is to be applied as the instruction data type. The data type of the tag is displayed in the drop-down list. 3. Enter a valid tag at an input and a valid tag at an output if data types need to be defined for both the inputs and outputs of the instruction. The tag specified at the input determines the data type of the inputs; the tag specified at the output determines the data type of the outputs of the instruction. Automatically specifying the data type of mathematical instructions To automatically specify the data type for mathematical instructions, follow these steps: 1. Insert the mathematical instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. Select the "Auto" entry from the drop-down list. 3. Enter a valid tag at an input or output. The data type of the tag is applied as data type of the instruction. The entry in the dropdown list changes to "Auto (<Data type>)". See also: Selecting a data type (Page 4650) See also Selecting a data type (Page 4650) 4652 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.4.6 Using favorites in LAD Adding LAD elements to Favorites Requirement A block is open. The multipane mode is set for the "Instructions" task card or the Favorites are also displayed in the editor. Procedure To add SCL instructions to the Favorites, follow these steps: 1. Open the "Instructions" task card. 2. Maximize the "Basic instructions" pane. 3. Navigate in the "Basic instructions" pane to the instruction that you want to add to the Favorites. 4. Drag-and-drop the instruction into the "Favorites" pane or into the Favorites area in the program editor. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Removing LAD elements from Favorites (Page 4654) Overview of the program editor (Page 4458) Inserting LAD elements using favorites Requirement A block is open. Favorites are available. Procedure To insert an instruction into a program using Favorites, follow these steps: 1. Drag-and-drop the desired instruction from Favorites to the desired position. WinCC Advanced V14 System Manual, 10/2016 4653 Programming the PLC 11.12 Creating LAD programs Or: 1. Select the position in the program where you want to insert the instruction. 2. In the Favorites, click on the instruction you want to insert. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Removing LAD elements from Favorites (Page 4654) Overview of the program editor (Page 4458) Removing LAD elements from Favorites Requirement A code block is open. Procedure To remove instructions from Favorites, follow these steps: 1. Right-click on the instruction you want to remove. 2. Select the "Remove instruction" command in the shortcut menu. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Adding LAD elements to Favorites (Page 4653) Inserting LAD elements using favorites (Page 4653) Overview of the program editor (Page 4458) 4654 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.4.7 Insert block calls in LAD Inserting block calls using a drag-and-drop operation You can insert calls for existing functions (FC) and function blocks (FB) using a drag-and-drop operation from the project tree. If you call function blocks from other function blocks, you can either call them as a single instance, multi-instance or parameter instance. See also: AUTOHOTSPOT Requirement A network is available. The block that is to be called is available. Inserting a call of a function (FC) To insert a call of a function (FC) into a network using a drag-and-drop operation, follow these steps: 1. Drag the function from the project tree to the required network. Inserting a call for a function block (FB) To insert a call for a function block (FB), follow these steps: 1. Drag the function block from the project tree to the required network. The "Call options" dialog opens. 2. In the dialog, enter whether you want to call the block as a single, multi or parameter instance. - If you click on the "Single instance" button, you will have to enter a name in the "Name" text box for the data block that you want to assign to the function block. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions in the "ProDiag FB" text box. - If you click on the "Multi-instance" button, you will have to enter the name of the tag in the "Name in the interface" text box; this is the name that you use to enter the called function block as a static tag in the interface of the calling block. - If you click on the "Parameter instance" button, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 3. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions. 4. Confirm your entries with "OK". Result The function or the function block is inserted with its parameters. You can then assign the parameters. WinCC Advanced V14 System Manual, 10/2016 4655 Programming the PLC 11.12 Creating LAD programs See also: AUTOHOTSPOT Note If when calling a function block you specify an instance data block that does not exist, it will be created. See also Updating block calls in LAD (Page 4656) Changing the instance type (Page 4658) Updating block calls in LAD If interface parameters of a called block are changed, the block call can no longer be executed correctly. You can avoid such inconsistent block calls by updating the block calls. You have the following options for updating the block calls: Explicit updating of all inconsistent block calls in the program editor. The inconsistent block calls within the open block are updated. The following actions are carried out in the process: - New parameters are added. - Deleted parameters are removed if they are not connected. - Renamed parameters get the new parameter names. Explicit updating of a block call in the program editor. The "Interface update" dialog is displayed. In this dialog, you have the option of changing the connection of the operands of the new interface. The inconsistent call of this block is then updated. The following actions are carried out in the process: - New parameters are added. - Deleted parameters are removed if they are not connected. - Renamed parameters get the new parameter names. Implicit updating during compilation. All block calls in the program as well as the used PLC data types will be updated. Note that when you call functions (FCs) before the next compilation process, all new formal parameters must be supplied with actual parameters. Updating all inconsistent block calls in the program editor To open all block calls in a block, follow these steps: 1. Open the calling block in the program editor. 2. Click "Update inconsistent block calls" in the toolbar. 4656 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Updating a specific block call in the program editor To update a specific block call in the program editor, follow these steps: 1. Open the calling block in the program editor. 2. Right-click on the block call that you want to update. 3. Select the "Update" command in the shortcut menu. The "Interface update" dialog opens. This dialog shows the differences between the block interface in use and the changed interface of the called block. 4. If necessary, change the connection of the operands. To do this, you have the following options: - You can use either a drag-and-drop operation or a cut/copy-and-paste operation to move the operand from the old interface to the new interface. - You can delete an operand. - You can rename an operand. - You can specify a new operand via autocompletion. 5. Click "OK" to update the block call. If you want to cancel the update, click "Cancel". Note Note that the "Update block call" command is only available provided you did not previously update all block calls in the editor with the "Update inconsistent block calls" command. Update block calls during compilation Follow these steps to update all block calls and uses of PLC data types during compilation implicitly: 1. Open the project tree. 2. Select the "Program blocks" folder. 3. Select the command "Compile > Software (rebuild all blocks)" in the shortcut menu. See also Inserting block calls using a drag-and-drop operation (Page 4655) Changing the instance type (Page 4658) Changing the block call You have the option of changing the called block for a block call. But keep in mind that no new instance data blocks are created, for example, when changing from a function (FC) to a function block (FB). WinCC Advanced V14 System Manual, 10/2016 4657 Programming the PLC 11.12 Creating LAD programs Procedure To change the called block of a block call, follow these steps: 1. Click on the name of the called block within the block call and press the <F2> key. Or doubleclick the name of the called block. A text box opens, and the name of the currently called block is selected. 2. Enter the name of the block you want to call or select a block in the autocompletion. 3. If you want to call an FB, create a new instance data block, if necessary, and specify it as operand. Changing the instance type Instance type There are two ways of calling function blocks: As a single instance As a multiple instance As parameter instance See also: AUTOHOTSPOT You can modify a defined instance type at any time. Requirement The user program contains a block call. Procedure To change the instance type of a function block, follow these steps: 1. Open the code block and select the block call. 2. Select the "Change instance" command in the shortcut menu. The "Call options" dialog opens. 3. Click on the button "Single instance", "Multi-instance" or "Parameter instance". - If you select the "Single instance" instance type, enter a name for the data block that is to be assigned to the function block. - If you select "Multiple instance" as the instance type, enter in the "Name in the interface" text field the name of the tag with which the called function block is to be entered as a static tag in the interface of the calling block. - If you select "Parameter instance" as the instance type, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 4. Confirm your entries with "OK". 4658 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Note The previous instances are not deleted automatically. See also Inserting block calls using a drag-and-drop operation (Page 4655) Updating block calls in LAD (Page 4656) 11.12.4.8 Inserting complex LAD instructions Using the "Calculate" instruction (S7-1200, S7-1500) Requirement A network is available. Procedure Proceed as follows to use the "Calculate" instruction: 1. Open the "Instructions" task card. 2. Navigate to "Math functions > CALCULATE" in the "Basic instructions" pane. 3. Use drag-and-drop to move the element to the desired place in the network. The instruction "Calculate" will be inserted for the data type with a placeholder expression and question mark. 4. Enter the data type for the calculation. 5. Enter the operands for the calculation. Note The calculation is run with the inputs of the "Calculate" instruction. If you want to use constants you must also insert appropriate inputs for them. 6. Click on the "Edit 'Calculate' instruction" button to replace the placeholder expression with the correct expression. The "Edit 'Calculate' instruction" dialog will open. WinCC Advanced V14 System Manual, 10/2016 4659 Programming the PLC 11.12 Creating LAD programs 7. Enter the required expression in the "OUT:= " text box. Note In the "Example" area you can find an example of a valid expression and possible instructions that you can use. To determine a value with the help of Pythagoras' theorem, for example, enter "OUT := SQRT (SQR (IN1) + SQR (IN2))". 8. Confirm your entry with "OK". See also CALCULATE: Calculate (Page 2555) 11.12.4.9 Using free-form comments Basic information on using free-form comments in LAD Introduction Free-form comments allow you to add comments to the source code for graphic programming languages similar to line comments for textual languages. Free-form comments can be used for the following elements: Boxes Coils See also Inserting free-form comments (Page 4660) Editing free-form comments (Page 4661) Deleting free-form comments (Page 4662) Inserting free-form comments Requirement A network with instructions is available. 4660 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Procedure To insert a free comment on an instruction, proceed as follows: 1. If necessary, activate the "Free-form comments on/off" button in the toolbar. 2. Right-click on the instruction for which you want to insert a free-form comment. 3. Select the "Insert comment" command in the shortcut menu. A comment box with a standard comment opens. The comment box is connected by an arrow to the corresponding instruction. 4. Enter the required comment in the comment box. See also Basic information on using free-form comments in LAD (Page 4660) Editing free-form comments (Page 4661) Deleting free-form comments (Page 4662) Editing free-form comments Introduction Free-form comments can be edited as follows: Changing the comment text Changing the position and size of the comment box Attaching a comment to another element Showing and hiding free comments Changing the comment text To change the text of free-form comments, follow these steps: 1. Click on the comment box. 2. Enter the desired text. Changing the position of the comment box To change the positioning of the comment box, follow the steps below: 1. Left-click the comment box and keep the mouse button pressed. 2. Drag the comment box to the desired location. WinCC Advanced V14 System Manual, 10/2016 4661 Programming the PLC 11.12 Creating LAD programs Changing the size of the comment box To change the size of the comment box, follow the steps below: 1. Click on the comment box. 2. Drag the comment box on the move handle in the lower right corner to the desired size. Attaching a comment to another element To attach a free-form comment to another element, follow these steps: 1. Left-click the point of the arrow that links the comment box with the instruction and keep the mouse button pressed. 2. Drag the arrow to the element to which you want to attach the comment. Possible insertion points are marked with a green square. 3. Release the mouse button. Showing and hiding free comments To show or hide a free-form comments, follow these steps: 1. Click the "Free-form comment on/off" button in the toolbar. See also Basic information on using free-form comments in LAD (Page 4660) Inserting free-form comments (Page 4660) Deleting free-form comments (Page 4662) Deleting free-form comments Procedure To delete a free-form comment, proceed as follows: 1. Right-click on the free-form comment that you want to delete. 2. Select the "Delete" command in the shortcut menu. See also Basic information on using free-form comments in LAD (Page 4660) Inserting free-form comments (Page 4660) Editing free-form comments (Page 4661) 4662 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.5 Editing LAD elements 11.12.5.1 Selecting LAD elements You can select several individual elements or all elements in a network. Requirement LAD elements are available Selecting several individual LAD elements To select several individual LAD elements, follow these steps: 1. Press and hold down the <Ctrl> key. 2. Click on all the LAD elements you wish to select. 3. Now release the <Ctrl> key. Selecting all LAD elements in a network To select all LAD elements in a network, follow these steps: 1. Go to the network whose elements you wish to select. 2. Select the "Select all" command in the "Edit" menu or press <Ctrl A>. See also Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.2 Copying LAD elements Requirement An LAD element is available. WinCC Advanced V14 System Manual, 10/2016 4663 Programming the PLC 11.12 Creating LAD programs Procedure To copy a LAD element, follow these steps: 1. Right-click the LAD element that you want to copy. 2. Select "Copy" in the shortcut menu. Result The LAD element will be copied and saved to the clipboard. See also Selecting LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.3 Cutting LAD elements Requirement An LAD element is available. Cutting To cut a LAD element, follow these steps: 1. Right-click the LAD element that you want to cut. 2. Select "Cut" in the shortcut menu. Result The LAD element will be cut and saved to the clipboard. See also Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Pasting an LAD element from the clipboard (Page 4665) 4664 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.4 Pasting an LAD element from the clipboard Requirement An LAD element is available. Procedure To paste an LAD element from the clipboard, follow these steps: 1. Copy a LAD element or cut a LAD element. 2. Right-click the point in the network where you want to paste the element. 3. Select "Paste" in the shortcut menu. See also Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.5 Replacing LAD elements You can easily exchange LAD elements with other LAD elements of the same type. This has the advantage that the parameters are retained and need not be entered again. For example, you can exchange normally open contacts and normally closed contacts or RS FlipFlop and SR FlipFlop. Requirements A network with at least one LAD element is present. WinCC Advanced V14 System Manual, 10/2016 4665 Programming the PLC 11.12 Creating LAD programs Procedure To replace an LAD element with another LAD element, follow these steps: 1. Select the LAD element that you want to replace. 2. Position the cursor over the triangle in the top right-hand corner of the LAD element. A drop-down list is displayed. 3. From the drop-down list, select the LAD element that you want to use to replace the existing LAD element. See also Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.6 Inserting additional inputs and outputs in LAD elements (S7-1200, S7-1500) Introduction You can expand LAD elements which execute commutative arithmetic instructions by adding additional inputs. Such elements are, for example, the instructions "Add" (ADD) and "Multiply" (MUL). You can expand the MOVE and DEMUX instruction boxes by adding additional outputs. Requirement An LAD element is available that permits the insertion of additional inputs and outputs. Inserting an additional input To add an additional input to the box of a LAD element, follow these steps: 1. Right-click on an existing input of the LAD element. 2. Select "Insert input" in the shortcut menu. An additional input is added to the box of the LAD element. Or: 1. Click on the yellow star symbol beside the last input in the instruction box. An additional input is added to the box of the LAD element. 4666 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Inserting an additional output To add an additional output to the box of a LAD element, follow these steps: 1. Right-click on an existing output of the LAD element. 2. Select "Insert output" from the shortcut menu. An additional output is added to the box of the LAD element. Or: 1. Click on the yellow star symbol beside the last input in the instruction box. An additional output is added to the box of the LAD element. See also Inserting LAD elements (Page 4646) Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.7 Removing inputs and outputs (S7-1200, S7-1500) Introduction Inputs and outputs which you have added to an instruction can be removed. Requirement An LAD element is available to which you have added additional inputs and outputs. Remove input To remove an input, follow these steps: 1. Select the input that you want to remove. 2. Select the "Delete" command in the shortcut menu. The input of the LAD element is removed. WinCC Advanced V14 System Manual, 10/2016 4667 Programming the PLC 11.12 Creating LAD programs Remove output To remove an output, follow these steps: 1. Select the output that you want to remove. 2. Select the "Delete" command in the shortcut menu. The output of the LAD element will be removed. See also Inserting LAD elements (Page 4646) Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Enabling and disabling the EN/ENO mechanism (Page 4668) Deleting LAD elements (Page 4669) 11.12.5.8 Enabling and disabling the EN/ENO mechanism (S7-1500) In LAD and FBD, certain instructions have an enable output ENO and thus use the EN/ENO mechanism. This allows you to query runtime errors in instructions and react to them. In order to increase the performance of the CPU, the EN/ENO mechanism is disabled in the default setting. This means that you are not initially able to react to runtime errors of the instruction using the ENO value. However, you can enable the EN/ENO mechanism again at any time, if required. You can enable the EN/ENO mechanism individually for each instruction in order to generate the ENO. If you enable the EN/ENO mechanism for an instruction, other instructions that you subsequently add to your program are also inserted with the EN/ENO mechanism enabled. You can disable the EN/ENO mechanism again at any time if you do not want to use the evaluation of ENO for an instruction. Further instructions that you subsequently add to your program will then be inserted without the EN/ENO mechanism. See also: Basics of the EN/ENO mechanism Activating the EN/ENO mechanism Proceed as follows to activate the EN/ENO mechanism of an instruction: 1. In your program, right-click the instruction at which you want to activate the EN/ENO mechanism. 2. Select the "Generate ENO" command from the shortcut menu. The ENO value is again generated for the instruction. Other instructions are inserted with the enable output. 4668 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Deactivating the EN/ENO mechanism Proceed as follows to deactivate the EN/ENO mechanism of an instruction: 1. In your program, right-click the instruction at which you want to deactivate the EN/ENO mechanism. 2. Select the "Do not generate ENO" command from the shortcut menu. The ENO value is no longer generated for the instruction. Other instructions are inserted without enable output. See also Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) Removing inputs and outputs (Page 4667) Deleting LAD elements (Page 4669) 11.12.5.9 Deleting LAD elements Requirement An LAD element is available. Procedure To delete a LAD element, follow these steps: 1. Right-click the LAD element that you want to delete. 2. Select the "Delete" command in the shortcut menu. See also Inserting LAD elements (Page 4646) Selecting LAD elements (Page 4663) Copying LAD elements (Page 4663) Cutting LAD elements (Page 4664) Pasting an LAD element from the clipboard (Page 4665) Replacing LAD elements (Page 4665) Inserting additional inputs and outputs in LAD elements (Page 4666) WinCC Advanced V14 System Manual, 10/2016 4669 Programming the PLC 11.12 Creating LAD programs Removing inputs and outputs (Page 4667) Enabling and disabling the EN/ENO mechanism (Page 4668) 11.12.6 Inserting operands into LAD instructions 11.12.6.1 Inserting operands The character strings "<???>", "<??.?>" and "..." are inserted as placeholders for the parameters when an LAD element is inserted. The "<???>" and "<??.?>" strings displayed in red indicate parameters that need to be connected. The "..." string displayed in black indicates parameters that may be connected. "<??.?>" stands for Boolean placeholders. In addition, LAD elements can have the following different I/Os for the parameters: Orange I/Os: Only tags or constants can be interconnected at this I/O. Black I/Os: Boolean input or output to which other elements can be connected upstream or downstream. Note If you position the cursor over the placeholder, the expected data type will be displayed. Requirement An LAD element is available. Procedure To connect the parameters of a LAD element, follow these steps: 1. Double-click the placeholder of the parameter. An entry field opens, and the placeholder is selected. 2. Enter the appropriate parameter. Note If you enter the absolute address of a parameter that has already been defined, this absolute address will be changed to the symbolic name of the parameter as soon as the input is confirmed. If you have not yet defined the parameter, a new tag with this absolute address and the default name "Tag_<n>" will be entered in the PLC tag table. When you confirm your input, the absolute address will be replaced with the symbolic name "Tag_<n>". 3. Confirm the parameter with the Enter key. 4. If you have not yet defined the parameter, you can define it directly in the program editor using the shortcut menu. See also: Declaring PLC tags in the program editor (Page 4602) Declaring local tags in the program editor (Page 4531) 4670 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Or drag from it the PLC tag table: 1. In the project tree, select the "PLC tags" folder or open the PLC tag table. 2. If you have opened the PLC tag table, drag the symbol from the first column of the desired tag to the appropriate place in your program. If you have not opened the PLC tag table yet, open the detail view now. Drag the desired tag from the detail view to the appropriate place in your program. Or drag from it the block interface: 1. Open the block interface. 2. Drag the required operand from the block interface to the instruction window. Result If the syntax is error-free, the displayed parameter is black. The editor then jumps to the next placeholder. If there is an error in the syntax, the cursor stays in the entry field and a corresponding error message is displayed in the status line. If you press the Enter key again, the entry field is closed and the faulty entry is displayed in red italics. See also Using autocompletion (Page 4477) 11.12.6.2 Wiring hidden parameters Introduction If an instruction contains hidden parameters, the instruction box has a small arrow on the lower edge. You can recognize hidden parameters by their white font. You can show and wire the hidden parameters at any time. Showing or hiding hidden parameters To show or hide hidden parameters, follow these steps: 1. Click on the down arrow at the bottom edge of the instruction box to show hidden parameters. 2. Click on the up arrow at the bottom edge of the instruction box to hide hidden parameters. WinCC Advanced V14 System Manual, 10/2016 4671 Programming the PLC 11.12 Creating LAD programs Wiring hidden parameters To wire parameters, follow these steps: 1. Wire the hidden parameters like normally visible parameters. Its visibility may change due to the interconnection of the parameter: - The parameter is visible if you have selected the "Hide, if no parameter is assigned" option in the properties. - The parameter remains hidden if you have selected the "Hide" option in the properties. See also Hiding parameters during the block call (Page 4539) 11.12.6.3 Displaying or hiding variable information Introduction You can display the following information about the tags to be used in the Program editor: Name of the tag Address of the tag Simple or hierarchical comments for tag documentation The information is taken from the block interface for local tags and DB tags and from the PLC tag table for tags that are valid CPU-wide. You can display the tag information either for all the blocks or for individually opened blocks. If you display the tag information for all the blocks, the tag information for all the blocks currently opened and opened in future is shown. You can hide the tag information at any time again. If you have hidden the tag information for all blocks, you can display it again for individual blocks that are open. When you select the display of tag information with hierarchical comments, the comments of the higher structure levels are also displayed for structured tags. The comments are shown in brackets after the tag comment; the comments of the individual levels are separated by a dot. If there is no comment for a tag on a structure level, it is not displayed. This is indicated by two successive dots. Displaying or hiding tag information for all the blocks Proceed as follows to display or hide the tag information for all the blocks: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 4672 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 3. If you want to display the tag information, select the "Show" option or the "Tag information with hierarchical comments" option in the drop-down list, depending on whether you want to display simple or hierarchical comments. 4. If you want to hide the tag information, select the option "Collapse" in the "Tag information" drop-down list. The tag information is displayed or hidden for all the blocks. When you open additional blocks, the tag information is displayed or hidden depending on the selected setting. Displaying or hiding tag information for an opened block Proceed as follows to display or hide the tag information for an opened block: 1. If you want to display the tag information, select the "Show tag information" option or the "Tag information with hierarchical comments" option in the "Shows the tag information" drop-down list, depending on whether you want to display simple or hierarchical comments. 2. If you want to hide the tag information, select the option "Hide tag information" in the "Shows the tag information" drop-down list. The tag information is displayed or hidden. 11.12.7 Branches in LAD 11.12.7.1 Basic information on branches in LAD Definition You use branches to program parallel circuits with the Ladder Logic (LAD) programming language. Branches are inserted in the main rung. You can insert several contacts into the branch and thus achieve a parallel circuit of series connections. This allows you to program complex ladder logic. The figure below shows an example of the use of branches: 6 02725 5 6 6 MOTOR carries signal 1, if one of the following conditions is fulfilled: Signal 1 is pending on S2 or S4 Signal 0 is pending on S5. WinCC Advanced V14 System Manual, 10/2016 4673 Programming the PLC 11.12 Creating LAD programs See also Rules for branches in LAD (Page 4674) Inserting branches into the LAD network (Page 4674) Closing branches in the LAD network (Page 4675) Deleting branches in LAD networks (Page 4676) 11.12.7.2 Rules for branches in LAD Rules The following rules apply to simultaneous branches: A simultaneous branch can only be inserted if the main branch already contains an LAD element. Simultaneous branches are opened downwards or are connected directly to the power rail. They are terminated upwards. Simultaneous branches are opened after the selected LAD element. Simultaneous branches are terminated after the selected LAD element. To delete a simultaneous branch, you must delete all LAD elements of this branch. When the last LAD element is removed from the branch, the rest of the branch is also removed. You can only insert a coil in a parallel connection when the parallel connection starts directly at the power rail. See also Basic information on branches in LAD (Page 4673) Inserting branches into the LAD network (Page 4674) Deleting branches in LAD networks (Page 4676) Closing branches in the LAD network (Page 4675) 11.12.7.3 Inserting branches into the LAD network You can create several branches in a network. Requirement A network is available. The network contains elements. 4674 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Procedure To insert a new branch in a network, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to "General > Open branches" in the "Simple instructions" palette. 3. Use drag-and-drop to move the element to the desired place in the network. If you want to connect the new branch directly to the power rail, drag the element to the power rail. See also Basic information on branches in LAD (Page 4673) Rules for branches in LAD (Page 4674) Deleting branches in LAD networks (Page 4676) 11.12.7.4 Closing branches in the LAD network Branches must be closed again at suitable places. If necessary, branches will be arranged so that they do not cross each other. Requirement A branch is available. Procedure To close an open branch, follow these steps: 1. Select the open branch. 2. Press and hold down the left mouse button. A dashed line will appear as soon as the cursor is moved. 3. Drag the dashed line to a suitable place on the network. Permissible connections are indicated by green lines. 4. Release the left mouse button. See also Basic information on branches in LAD (Page 4673) Rules for branches in LAD (Page 4674) WinCC Advanced V14 System Manual, 10/2016 4675 Programming the PLC 11.12 Creating LAD programs 11.12.7.5 Deleting branches in LAD networks Requirement A branch is available. Procedure To delete a branch, follow these steps: 1. Select the connection line that links the branch to the main branch. 2. Select the "Delete" command in the shortcut menu. See also Basic information on branches in LAD (Page 4673) Rules for branches in LAD (Page 4674) Inserting branches into the LAD network (Page 4674) 11.12.8 Crossings in LAD 11.12.8.1 Basic information on crossings in LAD Definition A crossing is a place in a LAD network where one branch is closed and at the same time another branch is opened. 7DJ,QB 7DJ,QB 7DJ,QB 7DJ,QB 7DJ2XW &URVVLQJ "TagOut" receives signal 1, if the following two conditions are met: "TagIn_1" or "TagIn_3" has signal 1 "TagIn_2" or "TagIn_4" has signal 0 11.12.8.2 Inserting crossings You can insert crossings in a LAD network by creating connections between the main branch and an additional branch or between different branches. 4676 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Requirements A branch is available. Procedure To insert a new crossing in an LAD network, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to "General > Open branches" in the "Simple instructions" palette. 3. Drag the element behind the existing branch. 4. Insert any element into the open branch. 5. Click the arrow of the open branch after the inserted element. 6. Hold down the left mouse button and drag the dashed connecting line to the main branch. 7. Release the left mouse button. See also Rearranging crossings (Page 4677) Deleting crossings (Page 4678) Inserting branches into the LAD network (Page 4674) 11.12.8.3 Rearranging crossings Requirement A crossing is available. Procedure To rearrange a connection, follow these steps: 1. Select the connection line that defines the crossings in the respective branches. 2. Select the "Delete" command in the shortcut menu. 3. Open the "Instructions" task card. 4. Navigate to "General > Open branches" in the "Simple instructions" palette. 5. Use a drag-and-drop operation to move the element to the place in the network where you want to insert the new crossing. 6. Click on the arrow for the open branch. 7. Hold down the left mouse button and drag the dashed connecting line to the subsidiary branch in which you wish to insert the new crossing. 8. Release the left mouse button. WinCC Advanced V14 System Manual, 10/2016 4677 Programming the PLC 11.12 Creating LAD programs See also Inserting crossings (Page 4676) Deleting crossings (Page 4678) 11.12.8.4 Deleting crossings Requirement A crossing is available. Procedure To delete a crossing, follow these steps: 1. Select the connection line that defines the crossings in the respective branches. 2. Select the "Delete" command in the shortcut menu. See also Inserting crossings (Page 4676) Rearranging crossings (Page 4677) 11.12.9 Rungs in LAD 11.12.9.1 Basic information on rungs in LAD Using rungs The program is mapped in one or more networks. A network contains a power rail on the left where one or more rungs originate. The binary signal scans are arranged in the form of contacts on the rungs. The serial arrangement of the elements on a rung creates a series connection; arrangement on simultaneous branches creates a parallel connection. A rung is closed by a coil or a box in which the result of logic operation will be written. The figure below shows an example of the use of several rungs within a network: 4678 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 6WDUW6ZLWFKB/HIW 02725B21 6 6WDUW6ZLWFKB5LJKW 6WRS6ZLWFKB/HIW 02725B21 5 6WRS6ZLWFKB5LJKW Rules Remember the following rules when using several rungs: Connections are not permitted between rungs. Only one jump instruction is permissible per network. The positioning rules for jump instructions remain valid. Running rungs Rungs and networks are executed from top to bottom and from left to right. This means that the first instruction in the first rung of the first network is processed first. All instructions of this rung are then processed. After this come all other rungs of the first network. The next network is processed only after all rungs have first been run. Differences between branches and rungs The difference between branches and rungs is that the rungs are independent branches that can also stand in a different network. Branches, on the other hand, permit the programming of a parallel connection. See also Insert rung (Page 4679) Deleting a rung (Page 4680) 11.12.9.2 Insert rung Requirement A block is open. A network is available. WinCC Advanced V14 System Manual, 10/2016 4679 Programming the PLC 11.12 Creating LAD programs Procedure To insert a new rung in a network, proceed as follows: 1. Insert any coil on the power rail. A new rung will be inserted and the coil positioned at the end of the rung. 2. Insert additional instructions in the new rung. See also Basic information on rungs in LAD (Page 4678) Deleting a rung (Page 4680) 11.12.9.3 Deleting a rung Requirement A rung is available. Procedure To delete a rung, proceed as follows: 1. Hold down the left mouse button and draw a frame around the rung. At the same time, make sure that you select all instructions. Alternatively, you can hold down the <Shift> key and select the first the last instruction of the rung. 2. Right-click on one of the instructions in the rung. 3. Select the "Delete" command in the shortcut menu. See also Basic information on rungs in LAD (Page 4678) Insert rung (Page 4679) 4680 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.10 LAD programming examples 11.12.10.1 Example of controlling a conveyor belt Controlling a conveyor belt The following figure shows a conveyor belt that can be activated electrically. There are two pushbuttons at the beginning of the conveyor belt: S1 for START and S2 for STOP. There are also two pushbuttons at the end of the conveyor belt: S3 for START and S4 for STOP. It is possible to start and stop the conveyor belt from either end. 6 6 26WDUW 26WRS 6 6 26WDUW 26WRS 02725B21 Implementation The following table shows the definition of the tags used: Name Declaration Data type Description StartPushbutton_Left (S1) Input BOOL Start pushbutton on the left side of the conveyor belt StopPushbutton_Left (S2) Input BOOL Stop pushbutton on the left side of the conveyor belt StartPushbutton_Right (S3) Input BOOL Start pushbutton on the right side of the convey or belt StopPushbutton_Right (S4) Input BOOL Stop pushbutton on the right side of the convey or belt MOTOR_ON Output BOOL Turn on the conveyor belt motor The following networks show the LAD programming for solving this task: Network 1: The conveyor belt motor is switched on when start pushbutton "S1" or "S3" is pressed. WinCC Advanced V14 System Manual, 10/2016 4681 Programming the PLC 11.12 Creating LAD programs 6WDUW3XVKEXWWRQB/HIW 02725B21 6 6WDUW3XVKEXWWRQB5LJKW Network 2: The conveyor belt motor is switched off when stop pushbutton "S2" or "S4" is pressed. 6WRS3XVKEXWWRQB/HIW 02725B21 5 6WRS3XVKEXWWRQB5LJKW See also Basic information on LAD (Page 4634) Settings for LAD (Page 4637) Working with networks (Page 4638) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Branches in LAD (Page 4673) Crossings in LAD (Page 4676) Rungs in LAD (Page 4678) Example of detecting the direction of a conveyor belt (Page 4683) Example of detecting the fill level of a storage area (Page 4685) Example of calculating an equation (Page 4688) Example of controlling room temperature (Page 4690) 4682 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.10.2 Example of detecting the direction of a conveyor belt Detecting the direction of a conveyor belt The detected running direction of the belt is indicated by a RIGHT arrow or a LEFT arrow. If additional conveyed material is approaching PEB1 from the right or PEB2 from the left, the displayed arrow is initially switched off until, after both photoelectric barriers are passed, the running direction can be detected again and the corresponding arrow displayed. For the solution of the task, 2 edge memory bits are needed that detect the signal change from "0" to "1" at the two photoelectric barriers. 3(% 3(% Implementation The following table shows the definition of the tags used: Name Declaration Data type Description PEB1 Input BOOL Photoelectric barrier 1 PEB2 Input BOOL Photoelectric barrier 2 RIGHT Output BOOL Display during move ment to right LEFT Output BOOL Display during move ment to left CM1 Input BOOL Edge bit memory 1 CM2 Input BOOL Edge bit memory 2 The following networks show the LAD programming for solving this task: Network 1: If the signal state changes from "0" to "1" (positive edge) at photoelectric barrier "PEB1" and, at the same time, the signal state at "PEB2" is "0", the object on the belt is moving to the left. 3(% 3 &0 3(% /()7 6 5,*+7 5 Network 2: WinCC Advanced V14 System Manual, 10/2016 4683 Programming the PLC 11.12 Creating LAD programs If the signal changes from "0" to "1" (positive edge) at photoelectric barrier "PEB2" and, at the same time, the signal state at "PEB1" is "0", the object on the belt is moving to the right. 3(% 3 &0 3(% 5,*+7 6 /()7 5 See also Basic information on LAD (Page 4634) Settings for LAD (Page 4637) Working with networks (Page 4638) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Branches in LAD (Page 4673) Crossings in LAD (Page 4676) Rungs in LAD (Page 4678) Example of controlling a conveyor belt (Page 4681) Example of detecting the fill level of a storage area (Page 4685) Example of calculating an equation (Page 4688) Example of controlling room temperature (Page 4690) 4684 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs 11.12.10.3 Example of detecting the fill level of a storage area Detecting the fill level of a storage area The following figure shows a system with two conveyor belts and a temporary storage area between them. Conveyor belt 1 delivers packages to the storage area. A photoelectric barrier at the end of conveyor belt 1 near the storage area detects how many packages are delivered to the storage area. Conveyor belt 2 transports packages from the temporary storage area to a loading dock where they are loaded onto trucks. A photoelectric barrier at the storage area exit detects how many packages leave the storage area to be transported to the loading dock. Five display lamps indicate the capacity of the temporary storage area. 'LVSOD\SDQHO 6WRUDJHDUHD HPSW\ 6WRUDJHDUHD QRWHPSW\ LQFRPLQJ SDFNDJHV 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO RXWJRLQJ SDFNDJHV 7HPSRUDU\ VWRUDJHDUHD IRU SDFNDJHV &RQYH\RUEHOW &RQYH\RUEHOW 3KRWRHOHFWULFEDUULHU 3KRWRHOHFWULFEDUULHU Implementation The following table shows the definition of the tags used: WinCC Advanced V14 System Manual, 10/2016 Name Declaration Data type Description PEB1 Input BOOL Photoelectric barrier 1 PEB2 Input BOOL Photoelectric barrier 2 RESET Input BOOL Reset counter LOAD Input BOOL Adjust the current coun ter value to the value of the PV parameter. MAX STORAGE AREA FILL AMOUNT Input INT Maximum possible number of packages in the storage area PACKAGECOUNT Output INT Number of packages in the storage area (cur rent count value) 4685 Programming the PLC 11.12 Creating LAD programs Name Declaration Data type Description STOCK_PACKAGES Output BOOL Is set when the current count value is greater than or equal to the val ue of the "MAX STOR AGE AREA FILL AMOUNT" tag. STOR_EMPTY Output BOOL Display lamp: Storage area empty STOR_NOT_EMPTY Output BOOL Display lamp: Storage area not empty STOR_50%_FULL Output BOOL Display lamp: Storage area 50 % full STOR_90%_FULL Output BOOL Display lamp: Storage area 90 % full STOR_FULL Output BOOL Display lamp: Storage area full VOLUME_50 Input INT Comparison value: 50 packages VOLUME_90 Input INT Comparison value: 90 packages VOLUME_100 Input INT Comparison value: 100 packages The following networks show the LAD programming for activating the lamps: Network 1: When a package is delivered to the storage area, the signal state at "PEB1" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB1", the "Up" counter is enabled, and the current count value of "PACKAGECOUNT" is increased by one. When a package is delivered from the storage area to the loading dock, the signal state at "PEB2" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB2", the "Down" counter is enabled, and the current count value of "PACKAGECOUNT" is decreased by one. If there are no packages in the storage area ("PACKAGECOUNT" = "0"), the "STOR_EMPTY" tag is set to signal state "1", and the "Storage area empty" lamp is switched on. The current count value can be reset to "0" if the "RESET" tag is set to signal state "1". If the "LOAD" tag is set to signal state "1", the current count value is set to the value of the "MAX STORAGE AREA FILL AMOUNT" tag. As long as the current count value is greater than or equal to the value of the "MAX STORAGE AREA FILL AMOUNT" tag, the "STOCK_PACKAGES" tag supplies the signal state "1". 4686 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs &78'B'% &78' 3(% 3(% 5(6(7 &8 ,17 672&.B3$&.$*(6 48 &' 4' 6725B(037< 5 &9 3$&.$*(&2817 /2$' /' 0$;6725$*( 39 $5($),//$02817 Network 2: As long as there are packages in the storage area, the "STOR_NOT_EMPTY" tag is set to signal state "1", and the "Storage area not empty" lamp is switched on. 6725B(037< 6725B127B(037< Network 3: If the number of packages in the storage area is greater than or equal to 50, the "Storage area 50 % full" lamp switches on. 3$&.$*(&2817 3$&.$*(&2817 ! ,17 ,17 92/80(B 92/80(B 6725BB)8// Network 4: If the number of packages in the storage area is greater than or equal to 90, the "Storage area 90% full" lamp switches on. 3$&.$*(&2817 3$&.$*(&2817 ! ,17 ,17 92/80(B Network 5: 3$&.$*(&2817 6725BB)8// 92/80(B 6725B)8// ! If the number of packages in the storage area reaches 100, the lamp for the "Storage area ,17 switches on. full" message 92/80(B WinCC Advanced V14 System Manual, 10/2016 4687 Programming the PLC 11.12 Creating LAD programs See also Basic information on LAD (Page 4634) Settings for LAD (Page 4637) Working with networks (Page 4638) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Branches in LAD (Page 4673) Crossings in LAD (Page 4676) Rungs in LAD (Page 4678) Example of controlling a conveyor belt (Page 4681) Example of detecting the direction of a conveyor belt (Page 4683) Example of calculating an equation (Page 4688) Example of controlling room temperature (Page 4690) 11.12.10.4 Example of calculating an equation Calculating an equation The following program example shows you how to solve equations of the following type with the LAD programming language: X= ((A + B) x C) / D You can always solve this equation with mathematical operations. To do so, you can use the instructions "ADD", "MUL" and "DIV". If you are using a CPU of the S7-1200 or S7-1500 series, you can also use the instruction "CALCULATE". Depending on the data type you choose, different mathematical operations are available for this instruction which can be combined with one another. Implementation with the instructions "ADD", "MUL" and "DIV" You want to calculate the following equation: RESULT = ((A + B) x 15) / E The following table shows the definition of the tags used: 4688 Name Data type Comment A INT First value for addition B INT Second value for addition C INT First intermediate result 15 INT Multiplier D INT Second intermediate result WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs Name Data type Comment E INT Divisor RESULT INT End result The following network shows the LAD programming for calculating the equation: (1 $ ,1 % ,1 ',9 ,17 08/ ,17 $'' ,17 (1 (12 287 & ,1 & ,1 (1 (12 287 ' ,1 ' ( ,1 (12 287 5(68/7 The value of operand "A" is added to the value of operand "B". The sum is stored in operand "C". The value of operand "C" is multiplied by "15". The multiplication result is stored in operand "D". The value stored in operand "D" is then divided by the value of operand "E". The end result is saved in the "RESULT" operand. Implementation with the instruction "CALCULATE" (S7-1200/1500 only) You want to calculate the following equation: RESULT = ((5 + 10) x 4) / 6 The following table shows the definition of the tags used: Name Declaration Data type Comment Value A Input INT First value for ad dition 5 B Input INT Second value for addition 10 C Input INT Multiplier 4 D Input INT Divisor 6 RESULT Output INT End result 10 To program the equation with the instruction "CALCULATE", follow these steps: 1. Drag the instruction "CALCULATE" from the "Instructions" task card to an LAD network. 2. You can select the data type INT for the instruction from the "<???>" drop-down list. 3. Interconnect the tags declared in the block interface with the inputs and outputs of the instruction box. 4. Click the "Calculator" icon on the top right corner of the instruction box to enter the equation to be calculated. The dialog "Edit 'Calculate' instruction" opens. 5. Enter the following expression in the "OUT:=" field: ((IN1 + IN2) * IN4) / IN3 The equation is displayed in the instruction box. The following network shows the result in the LAD programming language: WinCC Advanced V14 System Manual, 10/2016 4689 Programming the PLC 11.12 Creating LAD programs &$/&8/$7( ,17 7DJB,QSXW 7DJB2XWSXW (12 (1 ,1,1 ,1 ,1 $ ,1 % ,1 & ,1 ' ,1 287 5(68/7 If the "Tag_Input" has signal state "1", the instruction is executed. The value of operand "A" is added to the value of operand "B". The subtotal is multiplied by "C" and then divided by the value of the "D" operand. The end result is saved in the "RESULT" operand. See also Basic information on LAD (Page 4634) Settings for LAD (Page 4637) Working with networks (Page 4638) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Branches in LAD (Page 4673) Crossings in LAD (Page 4676) Rungs in LAD (Page 4678) Example of controlling a conveyor belt (Page 4681) Example of detecting the direction of a conveyor belt (Page 4683) Example of detecting the fill level of a storage area (Page 4685) Example of controlling room temperature (Page 4690) 11.12.10.5 Example of controlling room temperature Controlling room temperature In a cold room, the temperature must be maintained below zero degrees Celsius. A sensor is used to check for any temperature fluctuations. If the temperature rises above zero degrees Celsius, the cooling system switches on for a preset time. The "Cooling system on" lamp is lit during this time. 4690 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.12 Creating LAD programs The cooling system and the lamp are turned off if one of the following conditions is met: The sensor reports a temperature fall below zero degrees Celsius. The preset cooling time has elapsed. The "STOP" pushbutton is pressed. If the preset cooling time has expired and the temperature in the cold room is still too high, the cooling system can be restarted with the "RESET" pushbutton. 6723 7(03(5$785( 6(1625 &22/,1* 6<67(0 /$03 5(6(7 Implementation The following table shows the definition of the tags used: Name Declaration Data type Comment Sensor Input BOOL Temperature sensor signal RESET Input BOOL Restart STOP Input BOOL The cooling system is switched off. MaxCoolTime - TIME Preset cooling time This tag is defined in the "DB_Cool" data block. CurrCoolTime - TIME Currently elapsed cool ing time This tag is defined in the "DB_Cool" data block. Cooling system Output BOOL The cooling system is switched on. Lamp Output BOOL The lamp for the "Cool ing system on" mes sage is switched on. TempVariable Temp BOOL Temporary tag This tag stores the sig nal state of the IEC tim er TP. The following network shows the LAD programming for controlling room temperature: Network 1: WinCC Advanced V14 System Manual, 10/2016 4691 Programming the PLC 11.12 Creating LAD programs 73B'% 73 7LPH 6HQVRU 5(6(7 '%B&RRO 0D[&RRO7LPH 7HPS9DULDEOH ,1 4 37 (7 '%B&RRO &XUU&RRO7LPH Network 2: 7HPS9DULDEOH 6723 6HQVRU &RROLQJV\VWHP /DPS When the temperature in the cold room rises above zero degrees Celsius, the signal state at the "Sensor" operand switches from "0" to "1" (positive signal edge). In the case of a positive signal edge at the IN input of the timer function, the preset cooling time is started and the "TempVariable" receives the signal state "1". The signal state "1" of the "TempVariable" causes the cooling system as well as the display lamp to be turned on in network 2. The "Sensor", "Cooling system" and "Lamp" outputs must be programmed in network 2, because program only one coil can be programmed at the Q output of the timer function. If the temperature in the cold room falls below zero degrees Celsius, the signal state of the sensor switches back to "0". This switches the cooling system and lamp off. If the sensor does not signal a temperature drop, the cooling system and lamp are switched off after the preset cooling time has elapsed, at the latest. In this case, the cooling process can be restarted with the "RESET" pushbutton. Pressing and releasing the pushbutton generates a new positive signal edge at the IN input that restarts the cooling system. The cooling system and the display lamp can be turned off with the "STOP" pushbutton at any time. See also Basic information on LAD (Page 4634) Settings for LAD (Page 4637) Working with networks (Page 4638) Inserting LAD elements (Page 4646) Editing LAD elements (Page 4663) Inserting operands into LAD instructions (Page 4670) Branches in LAD (Page 4673) Crossings in LAD (Page 4676) Rungs in LAD (Page 4678) Example of controlling a conveyor belt (Page 4681) Example of detecting the direction of a conveyor belt (Page 4683) 4692 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Example of detecting the fill level of a storage area (Page 4685) Example of calculating an equation (Page 4688) 11.13 Creating FBD programs 11.13.1 Basic information on FBD 11.13.1.1 FBD programming language Overview of the Function Block Diagram (FBD) programming language FBD is a graphical programming language. The representation is based on electronic circuit systems. The program is mapped in one or more networks. A network contains one or more logic operation paths. The binary signal scans are linked by boxes. The representation of the logic is based on the graphical logic symbols used in Boolean algebra. Example of networks in FBD The following figure shows an FBD network with AND and OR boxes and an assignment: 1HWZRUN 2SHUDQG 2SHUDQG ! 2XWSXW 6WRS See also Working with networks (Page 4696) 11.13.1.2 Overview of the FBD elements FBD elements An FBD program consists of separate elements that are linked by means of a binary signal flow. Most program elements must be supplied with tags. A FBD network is programmed from left to right. For example, the following figure shows elements of an FBD network: WinCC Advanced V14 System Manual, 10/2016 4693 Programming the PLC 11.13 Creating FBD programs 1) Binary function 2) Standard box 3) Complex box Binary functions You can use binary functions to query binary operands and to combine their signal states. The following operations are examples of binary functions: "AND operation", "OR operation" and "EXCLUSIVE OR operation". Standard boxes: You can use standard boxes to control binary operands, perform RLO edge detection or execute jump functions in the program. Standard boxes generally have only one single input. Complex boxes Complex boxes represent program elements with complex functions. The empty box is an exception. You can use the empty box as a placeholder in which you can select the required instruction. 4694 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs The following types of boxes are available to you in an FBD program: Complex boxes without EN/ENO mechanism: A box is executed independently of the signal state at the box inputs. The error status of the processing cannot be queried. Complex boxes with EN/ENO mechanism: A box is only executed if the enable input "EN" has the signal state "1". If the box is processed correctly, the "ENO" enable output has signal state "1". If an error occurs during processing, the "ENO" output is reset. If the EN enable input is not interconnected, the box is always executed. Calls of code block are also shown in the network as complex boxes with EN/ENO mechanism. 11.13.2 Settings for FBD 11.13.2.1 Overview of the settings for FBD Overview The following table shows the settings that you can make: Group Setting Description Font Font size Font size in program editor View Layout Compact or wide Changes the vertical spacing between operands and other objects (such as op erand and contact). The change be comes visible once the block is reop ened. Operand field With absolute information Additional display of the absolute ad dresses Maximum width Maximum number of characters that can be entered horizontally in the oper and field. This setting recalculates the layout of the networks. Maximum height Maximum number of characters that can be entered vertically in the operand field. This setting recalculates the layout of the networks. See also Changing the settings (Page 4696) WinCC Advanced V14 System Manual, 10/2016 4695 Programming the PLC 11.13 Creating FBD programs 11.13.2.2 Changing the settings Procedure To change the settings, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Change the settings. Result The change will be loaded directly, there is no need to save it explicitly. See also Overview of the settings for FBD (Page 4695) 11.13.3 Working with networks 11.13.3.1 Using networks Function The user program is created in the block within networks. For a code block to be programmed, it must contain at least one network. To achieve a better overview of the user program, you can also subdivide your program into several networks. You have the option to insert networks for the textual programming languages SCL and STL in LAD and FBD blocks, and then use instructions in these programming languages. Depending on the CPU you are using, you can insert networks for the following programming languages: S7-300/400: STL networks S7-1200: SCL networks S7-1500: STL and SCL networks The programming editor always adapts to the network that currently has the focus. This means that you have access to the SCL instructions as well as the SCL functions when programming an SCL network. Note You cannot access the blocks that contain SCL networks via the Openness interface. 4696 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs EN/ENO mechanism in blocks with different network languages You can also use the EN/ENO mechanism in blocks with different network languages. Each programming language displays the error status differently: SCL has an "ENO" tag that stores the error status and can be queried. Direct access to this tag is only possible with SCL. LAD/FBD/STL have no special tag for "ENO". However, you can read the error status for STL from the BR bit, and query it via the RET coil for LAD/FBD. The following rules apply to reading out the error status for the entire block: The last network in the block is a LAD/FBD network: If you do not use RET coils, the error status is "TRUE" by default. The last network in the block is an STL network: The BR bit determines the error status. The BR bit can be edited in STL networks using the BR tab. The last network in the block is an SCL network: The "ENO" tag determines the error status of the block. See also Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.2 Inserting networks You can either insert a network of the same programming language or a network for a textual programming language in an LAD or FBD block. Keep in mind, however, that not all CPU types support all textual languages. Requirement An LAD or FBD block is open. Insert LAD or FBD network To insert a new network, follow these steps: 1. Select the network after which you want to insert a new network. 2. Select the "Insert network" command in the shortcut menu. Insert STL or SCL network To insert a new network, follow these steps: 1. Select the network after which you want to insert a new network. 2. Select the "Insert STL network" or "Insert SCL network" command in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 4697 Programming the PLC 11.13 Creating FBD programs Result A new, empty network is inserted in the block in the corresponding programming language. See also Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.3 Selecting networks Requirements A network is available. Selecting a network To select a network, follow these steps: 1. Click the title bar of the network that you want to select. Selecting several networks Proceed as follows to select several individual networks: 1. Press and hold down the <Ctrl> key. 2. Click all the networks that you want to select. To select several successive networks, follow these steps: 1. Press and hold down the <Shift> key. 2. Click the first network that you want to select. 3. Click the last network that you want to select. The first and last networks and all those in between are selected. See also Using networks (Page 4696) Inserting networks (Page 4697) Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 4698 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.3.4 Copying and pasting networks Copied networks can be pasted within the block or in another block. Networks that were created in LAD or FBD can also be inserted in blocks of the respective other programming language. Requirement A network is available. Procedure To copy and paste a network, follow these steps: 1. Select the network or networks to be copied. 2. Select "Copy" in the shortcut menu. 3. Select the network after which you want to paste in the copied network. 4. Select "Paste" in the shortcut menu. See also Using networks (Page 4696) Inserting networks (Page 4697) Selecting networks (Page 4698) Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.5 Deleting networks Requirement A network is available. Procedure To delete a network, follow these steps: 1. Select the network that you want to delete. 2. Select the "Delete" command in the shortcut menu. See also Using networks (Page 4696) Inserting networks (Page 4697) WinCC Advanced V14 System Manual, 10/2016 4699 Programming the PLC 11.13 Creating FBD programs Selecting networks (Page 4698) Copying and pasting networks (Page 4699) Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.6 Expanding and collapsing networks Requirements A network is available. Opening and closing a network To open a network, follow these steps: 1. Click on the right arrow in the network title bar. To close a network, follow these steps: 1. Click on the down arrow in the network title bar. Opening and closing all networks To open and close all networks, follow these steps: 1. In the toolbar, click "Open all networks" or "Close all networks". See also Using networks (Page 4696) Inserting networks (Page 4697) Selecting networks (Page 4698) Copying and pasting networks (Page 4699) Deleting networks (Page 4699) Inserting network title (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.7 Inserting network title The network title is the header of a network. The length of the network title is limited to one line. You can enter the title manually or set it automatically. When you set it automatically, you can do this for individual networks or use the settings to specify that the network title is always set automatically. 4700 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs For automatic insertion of the network title, the comment of the operand in one of the following instructions in the network is evaluated: Assignment Set output Reset output The instruction that is listed first in the network is used. The network title is only inserted automatically when the following conditions are fulfilled: The network does not have a title yet. The operand of the instruction used for the comment has a comment. Note Note the following restrictions for automatic insertion of the network title: The network title is not adapted if you change the comment of the operand at a later time. The network title is not adapted if you change the operand of the instruction. The network title is only set by the writing instructions listed above. If the operand is of the data type array, the comment of the array is used and not the comments of the array elements. Comments of invalid operands are not taken into consideration. Entering the network title manually To enter a network title, follow these steps: 1. Click on the title bar of the network. 2. Enter the network title. Setting the network title automatically To specify that the network titles are always set automatically, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Select the "Set network title automatically" check box in the "Additional settings" group. The network titles are set automatically as of this time if the conditions listed above are fulfilled. To set an individual network title automatically, follow these steps: 1. Right-click "Network <Number of the network>" in the title bar of a network. 2. Select the "Set network title automatically" command in the shortcut menu. The title of the selected network is set based on the comment of the operand if the conditions listed above are fulfilled. WinCC Advanced V14 System Manual, 10/2016 4701 Programming the PLC 11.13 Creating FBD programs See also Using networks (Page 4696) Inserting networks (Page 4697) Selecting networks (Page 4698) Copying and pasting networks (Page 4699) Deleting networks (Page 4699) Expanding and collapsing networks (Page 4700) Entering a network comment (Page 4702) Navigating networks (Page 4703) 11.13.3.8 Entering a network comment You can use network comments to provide comments on the program contents of individual networks. For example, you can indicate the function of the network or draw attention to special characteristics. Requirement A network is available. Procedure To enter a network comment, follow these steps: 1. Click on the right arrow before the network title. 2. If the comment area is not visible, click "Network comments on/off" in the toolbar. The comment area is displayed. 3. Click "Comment" in the comment area. The "Comment" text passage is selected. 4. Enter the network comment. See also Using networks (Page 4696) Inserting networks (Page 4697) Selecting networks (Page 4698) Copying and pasting networks (Page 4699) Deleting networks (Page 4699) Expanding and collapsing networks (Page 4700) 4702 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Inserting network title (Page 4700) Navigating networks (Page 4703) 11.13.3.9 Navigating networks You can navigate straight to a specific position within a block. Procedure To navigate to a specific position within a block, follow these steps: 1. Right-click in the code area of the programming window. 2. Select the "Go to > Network/line" command in the shortcut menu. The "Go to" dialog will open. 3. Enter the network to which you want to navigate. 4. Enter the line number of the network to which you want to navigate. 5. Confirm your entry with "OK". Result The relevant line will be displayed if this is possible. If the network or line requested does not exist, the last existing network or the last existing line in the network requested will be displayed. See also Using networks (Page 4696) Inserting networks (Page 4697) Selecting networks (Page 4698) Copying and pasting networks (Page 4699) Deleting networks (Page 4699) Expanding and collapsing networks (Page 4700) Inserting network title (Page 4700) Entering a network comment (Page 4702) WinCC Advanced V14 System Manual, 10/2016 4703 Programming the PLC 11.13 Creating FBD programs 11.13.4 Inserting FBD elements 11.13.4.1 Rules for the use of FBD elements Rules Note the following rules when inserting FBD elements: An FBD network can consist of several elements. All elements of a logic path must be linked to each other according to IEC 61131-3. Standard boxes (flip flops, counters, timers, math operations, etc.) can be added as output to boxes with binary logic operations (for example, AND, OR). Comparison boxes are excluded from this rule. Only Boolean inputs in an instruction can be combined with preceding logic operations. Only the bottom Boolean output in an instruction can be combined with an additional logic operation. Enable input EN or enable output ENO can be connected to boxes, but this is not mandatory. Constants (for example, TRUE or FALSE) cannot be assigned to binary logic operations. Instead, use tags of the BOOL data type. Only one jump instruction can be inserted in each network. Only one jump label can be inserted in each network. Instructions for positive or negative RLO edge detection may not be arranged right at the left of the network as this requires a prior logic operation. Placement rules for S7-1200/1500 CPUs The following table sets out the instructions that can only be positioned at the end of the network: Instruction 4704 Mnemonics Name Preceding logic operation re quired SET_BF Set bit field No RESET_BF Reset bit field No JMP Jump if RLO = 1 No JMPN Jump if RLO = 0 Yes JMP_LIST Define jump list No SWITCH Jump distributor No RET Return No WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Placement rules for S7-300/400 CPUs The following table sets out the instructions that can only be positioned at the end of the network: Mnemon ics Name Instruction Preceding logic operation re quired S Set output Yes R Reset output Yes SP Start pulse timer Yes SE Start extended pulse timer Yes SD Start on-delay timer Yes SS Start retentive on-delay timer Yes SF Start off-delay timer Yes SC Set counter value Yes CU Count up Yes CD Count down Yes JMP Jump if RLO = 1 No JMPN Jump if RLO = 0 Yes RET Return No OPN Open global data block No OPNI Open instance data block No CALL Call block No SAVE Save RLO in BR bit No MCRA Enable MCR range No MCRD Disable MCR range No MCR< Open MCR ranges No MCR> Close MCR ranges No Note Calling blocks with binary inputs in S7-300/400 CPUs The following FAQ describes the special features when calling blocks with binary inputs: FAQ 13988019: What should you watch out for when programming nested FB/FC calls with binary inputs in FBD? (https://support.industry.siemens.com/cs/de/de/view/13988019) 11.13.4.2 Inserting FBD elements using the "Instructions" task card Requirement A network is available. WinCC Advanced V14 System Manual, 10/2016 4705 Programming the PLC 11.13 Creating FBD programs Procedure To insert FBD elements into a network using the "Instructions" task card, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to the FBD element that you want to insert. 3. Use drag-and-drop to move the element to the desired place in the network. If the element is an internal system function block (FB), the "Call options" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Or: 1. Select the point in the network at which you want to insert the element. 2. Open the "Instructions" task card. 3. Double-click on the element you want to insert. If the element is an internal system function block (FB), the "Call options" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Result The selected FBD element is inserted with dummy entries for the parameters. See also Rules for the use of FBD elements (Page 4704) 11.13.4.3 Inserting FBD elements using an empty box Requirement A network is available. Procedure To insert FBD elements into a network using an empty box, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to "General > Empty box" in the "Basic instructions" palette. 3. Use a drag-and-drop operation to move the "Empty box" element to the desired place in the network. 4706 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 4. Position the cursor over the triangle in the top right-hand corner of the empty box. A drop-down list is displayed. 5. Select the desired FBD element from the drop-down list. If the element is an internal system function block (FB), the "Call options" dialog opens. In this dialog, you can determine if the data of the inserted element is to be stored in a single, multi or parameter instance. If you select "Single instance", you can find the new instance data block once it is created in the "Program resources" folder of the project tree under "Program blocks > System blocks". You can find multi-instances in the block interface in the "Static" section and parameter instances in the "InOut" section. Result The empty box is changed to the respective FBD element. Placeholders are inserted for the parameters. 11.13.4.4 Selecting the data type of an FBD element Selecting a data type Introduction Some instructions can be executed with several different data types. If you use one of these instructions in the program, you have to specify a valid data type for the instruction at the specific point in the program. For some instructions, you have to select the data types for the inputs and outputs separately. Note The valid data type (BOOL) for the tags on the enable input EN and the enable output ENO is predefined by the system and cannot be changed. The valid data types for an instruction are listed in the instruction drop-down list. You specify the data type of the instruction by selecting an entry from the drop-down list. If the data type of an operand differs from the data type of the instruction and cannot be converted implicitly, the operand is displayed in red and a rollout with the corresponding error message appears. WinCC Advanced V14 System Manual, 10/2016 4707 Programming the PLC 11.13 Creating FBD programs Data type selection of mathematical instructions Some mathematical instructions provide you with the option of having the data type automatically set corresponding to the data types of the operand. In the drop-down list for data type selection, these instructions have the entry "Auto" in addition to the actual data types. If you select this entry and then allocate the first operand, the data type of the operand is selected as data type for the instruction. The entry in the drop-down list changes to "Auto (<Data type>)", e.g. "Auto (Real)". If you allocate additional operands, the automatically set data type of the instruction is adjusted according to the following criteria: You supply all other operands with tags of the same data type: The data type of the instruction is not changed. You supply all other operands with tags whose data type is smaller than the data type of the instruction: The data type of the instruction is not changed. For the operand with the smaller data type, an implicit conversion is conducted if necessary. You supply an additional operand with a tag whose data type is greater than the data type of the instruction: The data type of the instruction is changed to the larger data type. An implicit conversion is performed, if necessary, for operands that deviate from the newly set data type of the instruction. Each change in the data type of an operand can result in a change of the data type of the instruction. Other operands may possibly be implicitly converted as a result. Operands for which an implicit conversion is performed are marked with a gray square. Note Please also observe the information on data type conversion for your device and, in particular, the notes on the IEC check. See also: Data type conversion (Page 2332) See also Defining the data type of an instruction (Page 4708) Defining the data type of an instruction Introduction Some instructions can be executed with several different data types. When you insert such instructions into your program, you must specify the data type for these instructions at the actual point in the program. 4708 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Specifying the data type by means of the drop-down list To define the data type of an instruction using the drop-down list, follow these steps: 1. Insert the instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. Click the triangle in the upper corner of the drop-down list. The drop-down list will open to display the data types valid for the instruction. 3. Select a data type from the drop-down list. The selected data type is displayed. 4. If the instruction has two drop-down lists, select the data type for the instruction inputs in the left-hand drop-down list and the data type for the instruction outputs in the right-hand drop-down list. Specifying data type by assigning tags To define the data type of an instruction by assigning tags, follow these steps: 1. Insert the instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. At an input or output, specify a valid tag, the data type of which is to be applied as the instruction data type. The data type of the tag is displayed in the drop-down list. 3. Enter a valid tag at an input and a valid tag at an output if data types need to be defined for both the inputs and outputs of the instruction. The tag specified at the input determines the data type of the inputs; the tag specified at the output determines the data type of the outputs of the instruction. Automatically specifying the data type of mathematical instructions To automatically specify the data type for mathematical instructions, follow these steps: 1. Insert the mathematical instruction at the required point in the program using drag-and-drop. The entry "???" (undefined) is displayed in the drop-down list of the inserted instruction. 2. Select the "Auto" entry from the drop-down list. 3. Enter a valid tag at an input or output. The data type of the tag is applied as data type of the instruction. The entry in the dropdown list changes to "Auto (<Data type>)". See also: Selecting a data type (Page 4707) See also Selecting a data type (Page 4707) WinCC Advanced V14 System Manual, 10/2016 4709 Programming the PLC 11.13 Creating FBD programs 11.13.4.5 Using favorites in FBD Adding FBD elements to Favorites Requirement A block is open. The multipane mode is set for the "Instructions" task card or the Favorites are also displayed in the editor. Procedure To add SCL instructions to the Favorites, follow these steps: 1. Open the "Instructions" task card. 2. Maximize the "Basic instructions" pane. 3. Navigate in the "Basic instructions" pane to the instruction that you want to add to the Favorites. 4. Drag-and-drop the instruction into the "Favorites" pane or into the Favorites area in the program editor. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Removing FBD elements from Favorites (Page 4711) Overview of the program editor (Page 4458) Inserting FBD elements using favorites Requirement A block is open. Favorites are available. Procedure To insert an instruction into a program using Favorites, follow these steps: 1. Drag-and-drop the desired instruction from Favorites to the desired position. 4710 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Or: 1. Select the position in the program where you want to insert the instruction. 2. In the Favorites, click on the instruction you want to insert. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Overview of the program editor (Page 4458) Removing FBD elements from Favorites (Page 4711) Removing FBD elements from Favorites Requirement A code block is open. Procedure To remove instructions from Favorites, follow these steps: 1. Right-click on the instruction you want to remove. 2. Select the "Remove instruction" command in the shortcut menu. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Adding FBD elements to Favorites (Page 4710) Inserting FBD elements using favorites (Page 4710) Overview of the program editor (Page 4458) WinCC Advanced V14 System Manual, 10/2016 4711 Programming the PLC 11.13 Creating FBD programs 11.13.4.6 Inserting block calls in FBD Inserting block calls using a drag-and-drop operation You can insert calls for existing functions (FC) and function blocks (FB) using a drag-and-drop operation from the project tree. If you call function blocks from other function blocks, you can either call them as a single instance, multi-instance or parameter instance. See also: AUTOHOTSPOT Requirement A network is available. The block that is to be called is available. Inserting a call of a function (FC) To insert a call of a function (FC) into a network using a drag-and-drop operation, follow these steps: 1. Drag the function from the project tree to the required network. Inserting a call for a function block (FB) To insert a call for a function block (FB), follow these steps: 1. Drag the function block from the project tree to the required network. The "Call options" dialog opens. 2. In the dialog, enter whether you want to call the block as a single, multi or parameter instance. - If you click on the "Single instance" button, you will have to enter a name in the "Name" text box for the data block that you want to assign to the function block. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions in the "ProDiag FB" text box. - If you click on the "Multi-instance" button, you will have to enter the name of the tag in the "Name in the interface" text box; this is the name that you use to enter the called function block as a static tag in the interface of the calling block. - If you click on the "Parameter instance" button, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 3. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions. 4. Confirm your entries with "OK". Result The function or the function block is inserted with its parameters. You can then assign the parameters. 4712 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs See also: AUTOHOTSPOT Note If when calling a function block you specify an instance data block that does not exist, it will be created. See also Updating block calls in FBD (Page 4713) Changing the instance type (Page 4715) Updating block calls in FBD If interface parameters of a called block are changed, the block call can no longer be executed correctly. You can avoid such inconsistent block calls by updating the block calls. You have the following options for updating the block calls: Explicit updating of all inconsistent block calls in the program editor. The inconsistent block calls within the open block are updated. The following actions are carried out in the process: - New parameters are added. - Deleted parameters are removed if they are not connected. - Renamed parameters get the new parameter names. Explicit updating of a block call in the program editor. The "Interface update" dialog is displayed. In this dialog, you have the option of changing the connection of the operands of the new interface. The inconsistent call of this block is then updated. The following actions are carried out in the process: - New parameters are added. - Deleted parameters are removed if they are not connected. - Renamed parameters get the new parameter names. Implicit updating during compilation. All block calls in the program as well as the used PLC data types will be updated. Note that when you call functions (FCs) before the next compilation process, all new formal parameters must be supplied with actual parameters. Updating all inconsistent block calls in the program editor To open all block calls in a block, follow these steps: 1. Open the calling block in the program editor. 2. Click "Update inconsistent block calls" in the toolbar. WinCC Advanced V14 System Manual, 10/2016 4713 Programming the PLC 11.13 Creating FBD programs Updating a specific block call in the program editor To update a specific block call in the program editor, follow these steps: 1. Open the calling block in the program editor. 2. Right-click on the block call that you want to update. 3. Select the "Update" command in the shortcut menu. The "Interface update" dialog opens. This dialog shows the differences between the block interface in use and the changed interface of the called block. 4. If necessary, change the connection of the operands. To do this, you have the following options: - You can use either a drag-and-drop operation or a cut/copy-and-paste operation to move the operand from the old interface to the new interface. - You can delete an operand. - You can rename an operand. - You can specify a new operand via autocompletion. 5. Click "OK" to update the block call. If you want to cancel the update, click "Cancel". Note Note that the "Update block call" command is only available provided you did not previously update all block calls in the editor with the "Update inconsistent block calls" command. Update block calls during compilation Follow these steps to update all block calls and uses of PLC data types during compilation implicitly: 1. Open the project tree. 2. Select the "Program blocks" folder. 3. Select the command "Compile > Software (rebuild all blocks)" in the shortcut menu. See also Inserting block calls using a drag-and-drop operation (Page 4712) Changing the instance type (Page 4715) Changing the block call You have the option of changing the called block for a block call. But keep in mind that no new instance data blocks are created, for example, when changing from a function (FC) to a function block (FB). 4714 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Procedure To change the called block of a block call, follow these steps: 1. Click on the name of the called block within the block call and press the <F2> key. Or doubleclick the name of the called block. A text box opens, and the name of the currently called block is selected. 2. Enter the name of the block you want to call or select a block in the autocompletion. 3. If you want to call an FB, create a new instance data block, if necessary, and specify it as operand. Changing the instance type Instance type There are two ways of calling function blocks: As a single instance As a multiple instance As parameter instance See also: AUTOHOTSPOT You can modify a defined instance type at any time. Requirement The user program contains a block call. Procedure To change the instance type of a function block, follow these steps: 1. Open the code block and select the block call. 2. Select the "Change instance" command in the shortcut menu. The "Call options" dialog opens. 3. Click on the button "Single instance", "Multi-instance" or "Parameter instance". - If you select the "Single instance" instance type, enter a name for the data block that is to be assigned to the function block. - If you select "Multiple instance" as the instance type, enter in the "Name in the interface" text field the name of the tag with which the called function block is to be entered as a static tag in the interface of the calling block. - If you select "Parameter instance" as the instance type, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 4. Confirm your entries with "OK". WinCC Advanced V14 System Manual, 10/2016 4715 Programming the PLC 11.13 Creating FBD programs Note The previous instances are not deleted automatically. See also Inserting block calls using a drag-and-drop operation (Page 4712) Updating block calls in FBD (Page 4713) 11.13.4.7 Inserting complex FBD instructions Using the "Calculate" instruction (S7-1200, S7-1500) Requirement A network is available. Procedure Proceed as follows to use the "Calculate" instruction: 1. Open the "Instructions" task card. 2. Navigate to "Math functions > CALCULATE" in the "Basic instructions" pane. 3. Use drag-and-drop to move the element to the desired place in the network. The instruction "Calculate" will be inserted for the data type with a placeholder expression and question mark. 4. Enter the data type for the calculation. 5. Enter the operands for the calculation. Note The calculation is run with the inputs of the "Calculate" instruction. If you want to use constants you must also insert appropriate inputs for them. 6. Click on the "Edit 'Calculate' instruction" button to replace the placeholder expression with the correct expression. The "Edit 'Calculate' instruction" dialog will open. 4716 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 7. Enter the required expression in the "OUT:= " text box. Note In the "Example" area you can find an example of a valid expression and possible instructions that you can use. To determine a value with the help of Pythagoras' theorem, for example, enter "OUT := SQRT (SQR (IN1) + SQR (IN2))". 8. Confirm your entry with "OK". See also CALCULATE: Calculate (Page 2865) 11.13.4.8 Using free-form comments Basic information on using free comments in FBD Introduction Free-form comments allow you to add comments to the source code for graphic programming languages similar to line comments for textual languages. Free-form comments can be used for all non-binary boxes. See also Inserting free-form comments (Page 4717) Editing free-form comments (Page 4718) Deleting free-form comments (Page 4719) Inserting free-form comments Requirement A network with instructions is available. Procedure To insert a free comment on an instruction, proceed as follows: 1. If necessary, activate the "Free-form comments on/off" button in the toolbar. 2. Right-click on the instruction for which you want to insert a free-form comment. WinCC Advanced V14 System Manual, 10/2016 4717 Programming the PLC 11.13 Creating FBD programs 3. Select the "Insert comment" command in the shortcut menu. A comment box with a standard comment opens. The comment box is connected by an arrow to the corresponding instruction. 4. Enter the required comment in the comment box. See also Basic information on using free comments in FBD (Page 4717) Editing free-form comments (Page 4718) Deleting free-form comments (Page 4719) Editing free-form comments Introduction Free-form comments can be edited as follows: Changing the comment text Changing the position and size of the comment box Attaching a comment to another element Showing and hiding free comments Changing the comment text To change the text of free-form comments, follow these steps: 1. Click on the comment box. 2. Enter the desired text. Changing the position of the comment box To change the positioning of the comment box, follow the steps below: 1. Left-click the comment box and keep the mouse button pressed. 2. Drag the comment box to the desired location. Changing the size of the comment box To change the size of the comment box, follow the steps below: 1. Click on the comment box. 2. Drag the comment box on the move handle in the lower right corner to the desired size. 4718 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Attaching a comment to another element To attach a free-form comment to another element, follow these steps: 1. Left-click the point of the arrow that links the comment box with the instruction and keep the mouse button pressed. 2. Drag the arrow to the element to which you want to attach the comment. Possible insertion points are marked with a green square. 3. Release the mouse button. Showing and hiding free comments To show or hide a free-form comments, follow these steps: 1. Click the "Free-form comment on/off" button in the toolbar. See also Basic information on using free comments in FBD (Page 4717) Inserting free-form comments (Page 4717) Deleting free-form comments (Page 4719) Deleting free-form comments Procedure To delete a free-form comment, proceed as follows: 1. Right-click on the free-form comment that you want to delete. 2. Select the "Delete" command in the shortcut menu. See also Basic information on using free comments in FBD (Page 4717) Inserting free-form comments (Page 4717) Editing free-form comments (Page 4718) 11.13.5 Editing FBD elements 11.13.5.1 Selecting FBD elements You can select several individual elements or all elements in a network. WinCC Advanced V14 System Manual, 10/2016 4719 Programming the PLC 11.13 Creating FBD programs Requirement FBD elements are available Selecting several individual FBD elements To select several individual FBD elements, follow these steps: 1. Press and hold down the <Ctrl> key. 2. Click on all the FBD elements you wish to select. 3. Now release the <Ctrl> key. Selecting all FBD elements in a network To select all FBD elements in a network, follow these steps: 1. Go to the network whose elements you wish to select. 2. Select the "Select all" command in the "Edit" menu or press <Ctrl+A>. See also Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.2 Copying FBD elements Requirement An FBD element is available. Procedure To copy an FBD element, follow these steps: 1. Right-click the FBD element that you want to copy. 2. Select "Copy" in the shortcut menu. 4720 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Result The FBD element will be copied and saved to the clipboard. See also Selecting FBD elements (Page 4719) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.3 Cutting FBD elements Requirement An FBD element is available. Cutting To cut an FBD element, follow these steps: 1. Right-click the FBD element that you want to cut. 2. Select "Cut" in the shortcut menu. Result The FBD element will be cut and saved to the clipboard. See also Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) WinCC Advanced V14 System Manual, 10/2016 4721 Programming the PLC 11.13 Creating FBD programs 11.13.5.4 Pasting an FBD element from the clipboard Requirement An FBD element is available. Procedure To paste an FBD element from the clipboard, follow these steps: 1. Copy an FBD element or cut an FBD element. 2. Right-click the point in the network where you want to paste the element. 3. Select "Paste" in the shortcut menu. See also Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.5 Replacing FBD elements You can easily exchange FBD elements with other FBD elements of the same type. This has the advantage that the parameters are retained and need not be entered again. For example, you can exchange OR and AND, RS-FlipFlop and SR-FlipFlop, comparison functions or jump instructions. Requirements A network with at least one FBD element is present. 4722 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Procedure To replace an FBD element with another FBD element, follow these steps: 1. Select the FBD element that you want to replace. If elements compatible with the selected FBD element are available, a triangle will appear in the upper right-hand corner of the element. 2. Position the cursor above the triangle of the FBD element. A drop-down list is displayed. 3. From the drop-down list, select the FBD element that you want to use to replace the existing FBD element. See also Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.6 Adding additional inputs and outputs to FBD elements (S7-1200, S7-1500) Introduction You can expand several FBD elements with additional inputs that execute arithmetic or binary operations. Such elements are, for example, the instructions "Add" (ADD), "Multiply" (MUL), AND or OR. You can expand the "MOVE value" (MOVE) and "Demultiplex" (DEMUX) instruction boxes by adding additional outputs. The name of the new inputs and outputs is comprised of the type of inserted element and a consecutive number. The name of a new input is may be "IN2"; the name of a new output may be "OUT2". Requirements An FBD element is available that permits the insertion of additional inputs and outputs. WinCC Advanced V14 System Manual, 10/2016 4723 Programming the PLC 11.13 Creating FBD programs Inserting an additional input To add an additional input to the box of an FBD element, follow these steps: 1. Right-click on an existing input of the FBD element. 2. Select "Insert input" in the shortcut menu. An additional input is added to the box of the FBD element. Or: 1. Click on the yellow star symbol beside the last input in the instruction box. An additional input is added to the box of the FBD element. Inserting an additional output To add an additional output to the box of an FBD element, follow these steps: 1. Right-click on an existing output of the FBD element. 2. Select "Insert output" from the shortcut menu. An additional output is added to the box of the FBD element. Or: 1. Click on the yellow star symbol beside the last output of the instruction box. An additional output is added to the box of the FBD element. See also Inserting FBD elements (Page 4704) Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.7 Removing instruction inputs and outputs (S7-1200, S7-1500) Introduction Inputs and outputs which you have added to an instruction can be removed. Requirement An FBD element is available, which you have expanded with additional inputs or outputs. 4724 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs Remove input To remove an input, follow these steps: 1. Select the input that you want to remove. 2. Select the "Delete" command in the shortcut menu. The input of the FBD element is removed. Remove output To remove an output, follow these steps: 1. Select the output that you want to remove. 2. Select the "Delete" command in the shortcut menu. The output of the FBD element will be removed. See also Inserting FBD elements (Page 4704) Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Enabling and disabling the EN/ENO mechanism (Page 4725) Deleting FBD elements (Page 4726) 11.13.5.8 Enabling and disabling the EN/ENO mechanism (S7-1500) In LAD and FBD, certain instructions have an enable output ENO and thus use the EN/ENO mechanism. This allows you to query runtime errors in instructions and react to them. In order to increase the performance of the CPU, the EN/ENO mechanism is disabled in the default setting. This means that you are not initially able to react to runtime errors of the instruction using the ENO value. However, you can enable the EN/ENO mechanism again at any time, if required. You can enable the EN/ENO mechanism individually for each instruction in order to generate the ENO. If you enable the EN/ENO mechanism for an instruction, other instructions that you subsequently add to your program are also inserted with the EN/ENO mechanism enabled. You can disable the EN/ENO mechanism again at any time if you do not want to use the evaluation of ENO for an instruction. Further instructions that you subsequently add to your program will then be inserted without the EN/ENO mechanism. See also: Basics of the EN/ENO mechanism WinCC Advanced V14 System Manual, 10/2016 4725 Programming the PLC 11.13 Creating FBD programs Activating the EN/ENO mechanism Proceed as follows to activate the EN/ENO mechanism of an instruction: 1. In your program, right-click the instruction at which you want to activate the EN/ENO mechanism. 2. Select the "Generate ENO" command from the shortcut menu. The ENO value is again generated for the instruction. Other instructions are inserted with the enable output. Deactivating the EN/ENO mechanism Proceed as follows to deactivate the EN/ENO mechanism of an instruction: 1. In your program, right-click the instruction at which you want to deactivate the EN/ENO mechanism. 2. Select the "Do not generate ENO" command from the shortcut menu. The ENO value is no longer generated for the instruction. Other instructions are inserted without enable output. See also Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Deleting FBD elements (Page 4726) 11.13.5.9 Deleting FBD elements Requirement An FBD element is available. Procedure To delete an FBD element, follow these steps: 1. Right-click the FBD element that you want to delete. 2. Select the "Delete" command in the shortcut menu. 4726 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs See also Inserting FBD elements (Page 4704) Selecting FBD elements (Page 4719) Copying FBD elements (Page 4720) Cutting FBD elements (Page 4721) Pasting an FBD element from the clipboard (Page 4722) Replacing FBD elements (Page 4722) Adding additional inputs and outputs to FBD elements (Page 4723) Removing instruction inputs and outputs (Page 4724) Enabling and disabling the EN/ENO mechanism (Page 4725) 11.13.6 Inserting operands in FBD instructions 11.13.6.1 Inserting operands The character strings "<???>", "<??.?>" and "..." are inserted as placeholders for the parameters when a FBD element is inserted. The "<???>" and "<??.?>" strings displayed in red indicate parameters that need to be connected. The "..." string displayed in black indicates parameters that may be connected. "<??.?>" stands for Boolean placeholders. In addition, FBD elements can have the following different I/Os for the parameters: Orange I/Os: Only tags or constants can be interconnected at this I/O. Black I/Os: Boolean input or output to which other elements can be connected upstream or downstream. Note To display the available data types in a tooltip, move the cursor over the placeholder. Requirement An FBD element is available. WinCC Advanced V14 System Manual, 10/2016 4727 Programming the PLC 11.13 Creating FBD programs Procedure To connect the parameters of an FBD element, follow these steps: 1. Click the placeholder of the parameter. An input field is opened. 2. Enter the corresponding parameters, for example a PLC tag, a local tag or a constant. Note If you enter the absolute address of a parameter that has already been defined, this absolute address will be changed to the symbolic name of the parameter as soon as the input is confirmed. If you have not yet defined the parameter, a new tag with this absolute address and the default name "Tag_1" will be entered in the PLC tag table. When you confirm your input, the absolute address will be replaced with the symbolic name "Tag_1". 3. Confirm the parameter with the Enter key. 4. If you have not yet defined the parameter, you can define it directly in the program editor using the shortcut menu. See also: "Declaring PLC tags in the program editor (Page 4602)". Or drag from it the PLC tag table: 1. In the project tree, select the "PLC tags" folder and open the PLC tag table. 2. If you have opened the PLC tag table, drag the desired tag to the corresponding location in your program. If you have not opened the PLC tag table yet, open the detail view now. Drag the desired tag from the detail view to the appropriate place in your program. Or drag from it the block interface: 1. Open the block interface. 2. Drag the desired operand from the block interface to the corresponding location in your program. Result If the syntax is error-free, the displayed parameter is black. If there is an error in the syntax, the cursor stays in the input field and a corresponding error message is displayed in the inspector window in the "Info > Syntax" register. See also Using autocompletion (Page 4477) 4728 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.6.2 Wiring hidden parameters Introduction If an instruction contains hidden parameters, the instruction box has a small arrow on the lower edge. You can recognize hidden parameters by their white font. You can show and wire the hidden parameters at any time. Showing or hiding hidden parameters To show or hide hidden parameters, follow these steps: 1. Click on the down arrow at the bottom edge of the instruction box to show hidden parameters. 2. Click on the up arrow at the bottom edge of the instruction box to hide hidden parameters. Wiring hidden parameters To wire parameters, follow these steps: 1. Wire the hidden parameters like normally visible parameters. Its visibility may change due to the interconnection of the parameter: - The parameter is visible if you have selected the "Hide, if no parameter is assigned" option in the properties. - The parameter remains hidden if you have selected the "Hide" option in the properties. See also Hiding parameters during the block call (Page 4539) 11.13.6.3 Displaying or hiding variable information Introduction You can display the following information about the tags to be used in the Program editor: Name of the tag Address of the tag Simple or hierarchical comments for tag documentation The information is taken from the block interface for local tags and DB tags and from the PLC tag table for tags that are valid CPU-wide. You can display the tag information either for all the blocks or for individually opened blocks. If you display the tag information for all the blocks, the tag information for all the blocks currently opened and opened in future is shown. WinCC Advanced V14 System Manual, 10/2016 4729 Programming the PLC 11.13 Creating FBD programs You can hide the tag information at any time again. If you have hidden the tag information for all blocks, you can display it again for individual blocks that are open. When you select the display of tag information with hierarchical comments, the comments of the higher structure levels are also displayed for structured tags. The comments are shown in brackets after the tag comment; the comments of the individual levels are separated by a dot. If there is no comment for a tag on a structure level, it is not displayed. This is indicated by two successive dots. Displaying or hiding tag information for all the blocks Proceed as follows to display or hide the tag information for all the blocks: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. If you want to display the tag information, select the "Show" option or the "Tag information with hierarchical comments" option in the drop-down list, depending on whether you want to display simple or hierarchical comments. 4. If you want to hide the tag information, select the option "Collapse" in the "Tag information" drop-down list. The tag information is displayed or hidden for all the blocks. When you open additional blocks, the tag information is displayed or hidden depending on the selected setting. Displaying or hiding tag information for an opened block Proceed as follows to display or hide the tag information for an opened block: 1. If you want to display the tag information, select the "Show tag information" option or the "Tag information with hierarchical comments" option in the "Shows the tag information" drop-down list, depending on whether you want to display simple or hierarchical comments. 2. If you want to hide the tag information, select the option "Hide tag information" in the "Shows the tag information" drop-down list. The tag information is displayed or hidden. 11.13.7 Branches in FBD 11.13.7.1 Basic information on branches in FBD Definition You can use the Function Block Diagram (FBD) programming language to program parallel branches. This is done using branches that are inserted between the boxes. You can insert additional boxes within the branch and in this way build up complex function block diagrams. The figure below shows an example of the use of branches: 4730 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 6 6 ! /()7 5 6 5,*+7 6 See also Rules for branches in FBD (Page 4731) Inserting branches in FBD networks (Page 4731) Deleting branches in FBD networks (Page 4732) 11.13.7.2 Rules for branches in FBD Rules The following rules apply to the use of branches in FBD: Branches are opened downward. Branches can be inserted only between FBD elements. To delete a branch, you must delete all FBD elements, including the branch itself. If you delete the connection between two branches, the FBD elements of the interrupted branch will be positioned freely in the network. See also Basic information on branches in FBD (Page 4730) Inserting branches in FBD networks (Page 4731) Deleting branches in FBD networks (Page 4732) 11.13.7.3 Inserting branches in FBD networks Requirement A network is available. WinCC Advanced V14 System Manual, 10/2016 4731 Programming the PLC 11.13 Creating FBD programs Procedure To insert a new branch in a network, follow these steps: 1. Open the "Instructions" task card. 2. Navigate to "General > Branch" in the "Basic instructions" palette. 3. Drag the element from the "Elements" pane to the a required location on a connection line between two boxes. See also Rules for branches in FBD (Page 4731) Basic information on branches in FBD (Page 4730) Deleting branches in FBD networks (Page 4732) 11.13.7.4 Deleting branches in FBD networks Requirement A branch is available. Procedure To delete a branch, follow these steps: 1. Select the connection line that links the branch to the main branch. 2. Select the "Delete" command in the shortcut menu. Result The branch is now deleted. Boxes connected to the deleted branch are placed freely within the network. See also Rules for branches in FBD (Page 4731) Basic information on branches in FBD (Page 4730) Inserting branches in FBD networks (Page 4731) 4732 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.8 Logic paths in FBD 11.13.8.1 Basic information on logic paths in FBD Use of logic paths The user program will be mapped in one or more networks. The networks can contain one or more logic paths on which the binary signals are arranged in the form of boxes. The following figure shows an example of the use of several logic paths within a network: 6WDUW6ZLWFKB/HIW ! 02725B21 6 6WDUW6ZLWFKB5LJKW 6WRS6ZLWFKB/HIW ! 02725B21 6WRS6ZLWFKB5LJKW 5 Rules Remember the following rules when using logic paths: Connections are not permitted between logic paths. Only one jump instruction is permissible per network. The positioning rules for jump instructions remain valid. Executing logic paths Logic paths are executed from top to bottom and from left to right. This means that the first instruction in the first logic path of the first network is executed first. All instructions of this logic path are then executed. After this come all other logic paths of the first network. The next network is executed only after all logic paths have first been executed. When jumps are used the regular execution of the logic paths is circumvented and the instruction is executed at the jump destination. Differences between branches and logic paths The difference between branches and logic paths is that the logic paths are independent branches that can also stand in a different network. Branches, on the other hand, permit the programming of a parallel connection and have a common preceding logic operation. See also Inserting a logic path (Page 4734) Deleting a logic operation path (Page 4734) WinCC Advanced V14 System Manual, 10/2016 4733 Programming the PLC 11.13 Creating FBD programs 11.13.8.2 Inserting a logic path Requirement A block is open. A network is available. Procedure To insert a new logic path in a network, follow these steps: 1. Insert any instruction in a network in such a way that it has no connection to existing instructions. A new logic path is inserted. 2. Insert an assignment at the end of the new logic path. 3. Insert additional instructions in the new logic path. See also Basic information on logic paths in FBD (Page 4733) Deleting a logic operation path (Page 4734) 11.13.8.3 Deleting a logic operation path Requirement A logic path is available. Procedure To delete a logic path, proceed as follows: 1. Hold down the left mouse button and draw a frame around the logic path. At the same time, make sure that you select all instructions of the logic path. Alternatively, you can hold down the <Shift> key and select the first the last instruction of the logic path. 2. Right-click on one of the instructions in the logic path. 3. Select the "Delete" command in the shortcut menu. See also Basic information on logic paths in FBD (Page 4733) Inserting a logic path (Page 4734) 4734 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.9 FBD programming examples 11.13.9.1 Example of controlling a conveyor belt Controlling a conveyor belt The following figure shows a conveyor belt that can be activated electrically. There are two pushbuttons at the beginning of the conveyor belt: S1 for START and S2 for STOP. There are also two pushbuttons at the end of the conveyor belt: S3 for START and S4 for STOP. It is possible to start and stop the conveyor belt from either end. 6 6 26WDUW 26WRS 6 6 26WDUW 26WRS 02725B21 Implementation The following table shows the definition of the tags used: Name Declaration Data type Description StartPushbutton_Left (S1) Input BOOL Start pushbutton on the left side of the conveyor belt StopPushbutton_Left (S2) Input BOOL Stop pushbutton on the left side of the conveyor belt StartPushbutton_Right (S3) Input BOOL Start pushbutton on the right side of the convey or belt StopPushbutton_Right (S4) Input BOOL Stop pushbutton on the right side of the convey or belt MOTOR_ON Output BOOL Turn on the conveyor belt motor The following networks show the FBD programming for solving this task: Network 1: The conveyor belt motor is switched on when start pushbutton "S1" or "S3" is pressed. WinCC Advanced V14 System Manual, 10/2016 4735 Programming the PLC 11.13 Creating FBD programs 6WDUW3XVKEXWWRQB/HIW ! 02725B21 6 6WDUW3XVKEXWWRQB5LJKW Network 2: The conveyor belt motor is switched off when stop pushbutton "S2" or "S4" is pressed. 6WRS3XVKEXWWRQB/HIW ! 02725B21 6WRS3XVKEXWWRQB5LJKW 5 See also Basic information on FBD (Page 4693) Settings for FBD (Page 4695) Working with networks (Page 4696) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Branches in FBD (Page 4730) Logic paths in FBD (Page 4733) Example of detecting the direction of a conveyor belt (Page 4737) Example of detecting the fill level of a storage area (Page 4739) Example of calculating an equation (Page 4743) Example of controlling room temperature (Page 4745) 4736 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.9.2 Example of detecting the direction of a conveyor belt Detecting the direction of a conveyor belt The detected running direction of the belt is indicated by a RIGHT arrow or a LEFT arrow. If additional conveyed material is approaching PEB1 from the right or PEB2 from the left, the displayed arrow is initially switched off until, after both photoelectric barriers are passed, the running direction can be detected again and the corresponding arrow displayed. For the solution of the task, 2 edge memory bits are needed that detect the signal change from "0" to "1" at the two photoelectric barriers. 3(% 3(% Implementation The following table shows the definition of the tags used: Name Declaration Data type Description PEB1 Input BOOL Photoelectric barrier 1 PEB2 Input BOOL Photoelectric barrier 2 RIGHT Output BOOL Display during move ment to right LEFT Output BOOL Display during move ment to left CM1 Input BOOL Edge bit memory 1 CM2 Input BOOL Edge bit memory 2 The following networks show the FBD programming for solving this task: Network 1: If the signal state changes from "0" to "1" (positive edge) at photoelectric barrier "PEB1" and, at the same time, the signal state at "PEB2" is "0", the object on the belt is moving to the left. WinCC Advanced V14 System Manual, 10/2016 4737 Programming the PLC 11.13 Creating FBD programs 3(% 3 &0 3(% /()7 6 5,*+7 5 Network 2: If the signal changes from "0" to "1" (positive edge) at photoelectric barrier "PEB2" and, at the same time, the signal state at "PEB1" is "0", the object on the belt is moving to the right. 3(% 3 &0 3(% 5,*+7 6 /()7 5 See also Basic information on FBD (Page 4693) Settings for FBD (Page 4695) Working with networks (Page 4696) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Branches in FBD (Page 4730) Logic paths in FBD (Page 4733) Example of controlling a conveyor belt (Page 4735) Example of detecting the fill level of a storage area (Page 4739) Example of calculating an equation (Page 4743) Example of controlling room temperature (Page 4745) 4738 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.9.3 Example of detecting the fill level of a storage area Detecting the fill level of a storage area The following figure shows a system with two conveyor belts and a temporary storage area between them. Conveyor belt 1 delivers packages to the storage area. A photoelectric barrier at the end of conveyor belt 1 near the storage area detects how many packages are delivered to the storage area. Conveyor belt 2 transports packages from the temporary storage area to a loading dock where they are loaded onto trucks. A photoelectric barrier at the storage area exit detects how many packages leave the storage area to be transported to the loading dock. Five display lamps indicate the capacity of the temporary storage area. 'LVSOD\SDQHO 6WRUDJHDUHD HPSW\ 6WRUDJHDUHD QRWHPSW\ LQFRPLQJ SDFNDJHV 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO RXWJRLQJ SDFNDJHV 7HPSRUDU\ VWRUDJHDUHD IRU SDFNDJHV &RQYH\RUEHOW &RQYH\RUEHOW 3KRWRHOHFWULFEDUULHU 3KRWRHOHFWULFEDUULHU Implementation The following table shows the definition of the tags used: WinCC Advanced V14 System Manual, 10/2016 Name Declaration Data type Description PEB1 Input BOOL Photoelectric barrier 1 PEB2 Input BOOL Photoelectric barrier 2 RESET Input BOOL Reset counter LOAD Input BOOL Adjust the current coun ter value to the value of the PV parameter. MAX STORAGE AREA FILL AMOUNT Input INT Maximum possible number of packages in the storage area PACKAGECOUNT Output INT Number of packages in the storage area (cur rent count value) 4739 Programming the PLC 11.13 Creating FBD programs Name Declaration Data type Description STOCK_PACKAGES Output BOOL Is set when the current count value is greater than or equal to the val ue of the "MAX STOR AGE AREA FILL AMOUNT" tag. STOR_EMPTY Output BOOL Display lamp: Storage area empty STOR_NOT_EMPTY Output BOOL Display lamp: Storage area not empty STOR_50%_FULL Output BOOL Display lamp: Storage area 50 % full STOR_90%_FULL Output BOOL Display lamp: Storage area 90 % full STOR_FULL Output BOOL Display lamp: Storage area full VOLUME_50 Input INT Comparison value: 50 packages VOLUME_90 Input INT Comparison value: 90 packages VOLUME_100 Input INT Comparison value: 100 packages The following networks show the FBD programming for activating the lamps: Network 1: When a package is delivered to the storage area, the signal state at "PEB1" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB1", the "Up" counter is enabled, and the current count value of "PACKAGECOUNT" is increased by one. When a package is delivered from the storage area to the loading dock, the signal state at "PEB2" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB2", the "Down" counter is enabled, and the current count value of "PACKAGECOUNT" is decreased by one. If there are no packages in the storage area ("PACKAGECOUNT" = "0"), the "STOR_EMPTY" tag is set to signal state "1", and the "Storage area empty" lamp is switched on. The current count value can be reset to "0" if the "RESET" tag is set to signal state "1". If the "LOAD" tag is set to signal state "1", the current count value is set to the value of the "MAX STORAGE AREA FILL AMOUNT" tag. As long as the current count value is greater than or equal to the value of the "MAX STORAGE AREA FILL AMOUNT" tag, the "STOCK_PACKAGES" tag supplies the signal state "1". 4740 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs &78'B'% &78' ,17 3(% &8 3(% &' 5 4' 6725B(037< /' &9 3$&.$*(&2817 672&.B3$&.$*(6 0$;6725$*( $5($),// 39 $02817 48 5(6(7 /2$' Network 2: As long as there are packages in the storage area, the "STOR_NOT_EMPTY" tag is set to signal state "1", and the "Storage area not empty" lamp is switched on. 6725B127B(037< 6725B(037< Network 3: If the number of packages in the storage area is greater than or equal to 50, the "Storage area 50 % full" lamp switches on. ! ,17 3$&.$*(&2817 ,1 92/80(B ,1 ,17 3$&.$*(&2817 ,1 92/80(B 6725BB)8// ,1 Network 4: If the number of packages in the storage area is greater than or equal to 90, the "Storage area 90% full" lamp switches on. WinCC Advanced V14 System Manual, 10/2016 4741 Programming the PLC 11.13 Creating FBD programs ! ,17 3$&.$*(&2817 ,1 92/80(B ,1 ,17 6725BB)8// 3$&.$*(&2817 ,1 92/80(B ,1 Network 5: If the number of packages in the storage area reaches 100, the lamp for the "Storage area full" message switches on. ! ,17 3$&.$*(&2817 ,1 92/80(B 6725B)8// ,1 See also Basic information on FBD (Page 4693) Settings for FBD (Page 4695) Working with networks (Page 4696) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Branches in FBD (Page 4730) Logic paths in FBD (Page 4733) Example of controlling a conveyor belt (Page 4735) Example of detecting the direction of a conveyor belt (Page 4737) Example of calculating an equation (Page 4743) Example of controlling room temperature (Page 4745) 4742 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs 11.13.9.4 Example of calculating an equation Calculating a complex equation The following program example shows you how to solve equations of the following type with the FBD programming language: X= ((A + B) x C) / D You can always solve this equation with mathematical operations. To do so, you can use the instructions "ADD", "MUL" and "DIV". If you are using a CPU of the S7-1200 or S7-1500 series, you can also use the instruction "CALCULATE". Depending on the data type you choose, different mathematical operations are available for this instruction which can be combined with one another. Implementation with the instructions "ADD", "MUL" and "DIV" You want to calculate the following equation: RESULT = ((A + B) x 15) / E The following table shows the definition of the tags used: Name Data type Comment A INT First value for addition B INT Second value for addition C INT First intermediate result 15 INT Multiplier D INT Second intermediate result E INT Divisor RESULT INT End result The following network shows the FBD programming for calculating the equation: $'' ,17 (1 $ ,1 287 % ,1 (12 08/ ,17 & (1 & ,1 287 ,1 (12 ',9 ,17 ' (1 ' ,1 287 ( ,1 (12 5(68/7 The value of operand "A" is added to the value of operand "B". The sum is stored in operand "C". The value of operand "C" is multiplied by "15". The multiplication result is stored in operand "D". The value stored in operand "D" is then divided by the value of operand "E". The end result is saved in the "RESULT" operand. WinCC Advanced V14 System Manual, 10/2016 4743 Programming the PLC 11.13 Creating FBD programs Implementation with the instruction "CALCULATE" (S7-1200/1500 only) You want to calculate the following equation: RESULT = ((5 + 10) x 4) / 6 The following table shows the definition of the tags used: Name Declaration Data type Comment Value A Input INT First value for ad dition 5 B Input INT Second value for addition 10 C Input INT Multiplier 4 D Input INT Divisor 6 RESULT Output INT End result 10 To program the equation with the instruction "CALCULATE", follow these steps: 1. Drag the instruction "CALCULATE" from the "Instructions" task card to an FBD network. 2. You can select the data type INT for the instruction from the "<???>" drop-down list. 3. Interconnect the tags declared in the block interface with the inputs and outputs of the instruction box. 4. Click the "Calculator" icon on the top right corner of the instruction box to enter the equation to be calculated. The dialog "Edit 'Calculate' instruction" opens. 5. Enter the following expression in the "OUT:=" field: ((IN1 + IN2) * IN4) / IN3 The equation is displayed in the instruction box. The following network shows the result in the FBD programming language: &$/&8/$7( ,17 7DJB,QSXW (1 ,1,1 ,1 ,1 $ ,1 % ,1 & ,1 287 5(68/7 ' ,1 (12 7DJB2XWSXW If the "Tag_Input" has signal state "1", the instruction is executed. The value of operand "A" is added to the value of operand "B". The subtotal is multiplied by "C" and then divided by the value of the "D" operand. The end result is saved in the "RESULT" operand. 4744 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.13 Creating FBD programs See also Basic information on FBD (Page 4693) Settings for FBD (Page 4695) Working with networks (Page 4696) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Branches in FBD (Page 4730) Logic paths in FBD (Page 4733) Example of controlling a conveyor belt (Page 4735) Example of detecting the direction of a conveyor belt (Page 4737) Example of detecting the fill level of a storage area (Page 4739) Example of controlling room temperature (Page 4745) 11.13.9.5 Example of controlling room temperature Controlling room temperature In a cold room, the temperature must be maintained below zero degrees Celsius. A sensor is used to check for any temperature fluctuations. If the temperature rises above zero degrees Celsius, the cooling system switches on for a preset time. The "Cooling system on" lamp is lit during this time. The cooling system and the lamp are turned off if one of the following conditions is met: The sensor reports a temperature fall below zero degrees Celsius. The preset cooling time has elapsed. The "Stop" pushbutton is pressed. If the preset cooling time has expired and the temperature in the cold room is still too high, the cooling system can be restarted with the "RESET" pushbutton. 6723 7(03(5$785( 6(1625 WinCC Advanced V14 System Manual, 10/2016 &22/,1* 6<67(0 /$03 5(6(7 4745 Programming the PLC 11.13 Creating FBD programs Implementation The following table shows the definition of the tags used: Name Declaration Data type Comment Sensor Input BOOL Temperature sensor signal RESET Input BOOL Restart STOP Input BOOL The cooling system is switched off. MaxCoolTime - TIME Preset cooling time This tag is defined in the "DB_Cool" data block. CurrCoolTime - TIME Currently elapsed cool ing time This tag is defined in the "DB_Cool" data block. Cooling system Output BOOL The cooling system is switched on. Lamp Output BOOL The lamp for the "Cool ing system on" mes sage is switched on. TempVariable Temp BOOL Temporary tag This tag stores the sig nal state of the IEC tim er TP. The following network shows the FBD programming for controlling room temperature: Network 1: 73B'% 73 7LPH 6HQVRU 5HVHW ,1 (7 '%B&RROLQJ &XUU&RRO7LPH 7HPS9DULDEOH '%B&RROLQJ 0D[&RRO7LPH 37 4 Network 2: 7HPS9DULDEOH 6HQVRU &RROLQJV\VWHP/DPS 6WRS When the temperature in the cold room rises above zero degrees Celsius, the signal state at the "Sensor" operand switches from "0" to "1" (positive signal edge). In the case of a positive signal edge at the IN input of the timer function, the preset cooling time is started and the "TempVariable" receives the signal state "1". The signal state "1" of the "TempVariable" causes 4746 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs the cooling system as well as the display lamp to be turned on in network 2. The "Sensor", "Cooling system" and "Lamp" outputs must be programmed in network 2, because program only one coil can be programmed at the Q output of the timer function. If the temperature in the cold room falls below zero degrees Celsius, the signal state of the sensor switches back to "0". This switches the cooling system and lamp off. If the sensor does not signal a temperature drop, the cooling system and lamp are switched off after the preset cooling time has elapsed, at the latest. In this case, the cooling process can be restarted with the "RESET" pushbutton. Pressing and releasing the pushbutton generates a new positive signal edge at the IN input that restarts the cooling system. The cooling system and the display lamp can be turned off with the "STOP" pushbutton at any time. See also Basic information on FBD (Page 4693) Settings for FBD (Page 4695) Working with networks (Page 4696) Inserting FBD elements (Page 4704) Editing FBD elements (Page 4719) Inserting operands in FBD instructions (Page 4727) Branches in FBD (Page 4730) Logic paths in FBD (Page 4733) Example of controlling a conveyor belt (Page 4735) Example of detecting the direction of a conveyor belt (Page 4737) Example of detecting the fill level of a storage area (Page 4739) Example of calculating an equation (Page 4743) 11.14 Creating SCL programs 11.14.1 Basics of SCL 11.14.1.1 Programming language SCL Programming language SCL SCL (Structured Control Language) is a high-level programming language based on PASCAL. The language is based on DIN EN 61131-3 (international IEC 1131-3). WinCC Advanced V14 System Manual, 10/2016 4747 Programming the PLC 11.14 Creating SCL programs The standard standardizes programming languages for programmable logic controllers. The SCL programming language fulfills the PLCopen Basis Level of ST language (Structured Text) defined in this standard. Language elements SCL also contains higher programming languages in addition to the typical elements of the PLC, such as inputs, outputs, timers or memory bits. Expressions Value assignments Operators Program control SCL provides convenient instructions for controlling the program allowing you, for example, to create program branches, loops or jumps. Application SCL is therefore particularly suitable for the following areas of application: Data management Process optimization Recipe management Mathematical / statistical tasks 11.14.1.2 Expressions Description Expressions are calculated during the runtime of the program and return a value. An expression consists of operands (such as constants, tags or function calls) and optionally out of operators (such as *, /, + or -). Expressions can be linked together or nested within each other by operators. Evaluation order The evaluation of the expression occurs in a specific order that is defined by the following factors: Priority of the operators involved Left-to-right order Brackets 4748 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Types of expressions The following expression types are available depending on the operator: Arithmetic expressions Arithmetic expressions consist of either a numerical value or combine two values or expressions with arithmetic operators. Relational expressions Relational expressions compare the values of two operands and yield a Boolean value. The result is TRUE if the comparison is true, and FALSE if it is not met. Logical expressions Logical expressions combine two operands with logical operators (AND, OR, XOR) or negating operands (NOT). How expressions are used You can use the result of an expression in different ways: As a value assignment for a tag As as a condition for a control instruction As a parameter for a calling a block or instruction See also Operators and operator precedence (Page 4758) Arithmetic expressions (Page 4749) Relational expressions (Page 4752) Logical expressions (Page 4757) 11.14.1.3 Arithmetic expressions Description Arithmetic expressions consist of either a numerical value or combine two values or expressions with arithmetic operators. Arithmetic operators can process the data types that are allowed in the CPU in use. If two operands are involved in the operation, the data type of the result is determined based on the following criteria: If both operands are integers with sign and have different lengths, the result receives the data type of the longer integer (e. g. INT + DINT = DINT). If both operands are integers without sign and have different lengths, the result receives the data type of the longer integer (e. g. USINT + UDINT = UDINT). If one operand is an integer with sign and the other integer is an operand without sign, the result receives the next larger data type with sign that covers the integer without sign (e. g. SINT + USINT = INT). You can only execute an operation with such operands if the IEC check is not set. WinCC Advanced V14 System Manual, 10/2016 4749 Programming the PLC 11.14 Creating SCL programs If one operand is an integer and the other operand is a floating-point number, the result receives the data type of the floating-point number (e. g. INT + REAL = REAL). If both operands are floating-point numbers and have different lengths, the result receives the data type of the longer floating-point number (e. g. REAL + LREAL = LREAL). The data type of the result of an operation that involves operands of the data type groups "Times" and "Date and time" can be found in the table in section "Data types of arithmetic expressions". You cannot use data types of the data type groups "Times" and "Date and time" when the IEC check is set. Data types of arithmetic expressions The following table shows the data types you can use in arithmetic expressions: Operation Operator 1st operand 2nd operand Result Power ** Integer/floating-point number Integer/floating-point number Floating-point number Unary plus + Integer/floating-point number - Integer/floating-point number TIME, LTIME Unary minus - Integer/floating-point number TIME, LTIME - TIME, LTIME Multiplication Division Modulo func tion 4750 * / MOD Integer/floating-point number TIME, LTIME Integer/floating-point number Integer/floating-point number Integer/floating-point number TIME, LTIME Integer TIME, LTIME Integer/floating-point number Integer/floating-point number (not equal 0) Integer/floating-point number TIME, LTIME Integer TIME, LTIME Integer Integer Integer WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Operation Operator 1st operand 2nd operand Result Addition + Integer/floating-point number Integer/floating-point number Integer/floating-point number TIME TIME TIME TIME DINT TIME LTIME TIME, LTIME LTIME LTIME LINT LTIME TOD TIME TOD TOD DINT TOD LTOD TIME, LTIME LTOD LTOD LINT LTOD DATE LTOD DTL DATE TOD S7-300/400: DT S7-1200/1500: DTL Subtraction - DT TIME DT LDT TIME, LTIME LDT DTL TIME, LTIME DTL Integer/floating-point number Integer/floating-point number Integer/floating-point number TIME TIME TIME TIME DINT TIME LTIME TIME, LTIME LTIME LTIME LINT LTIME TOD TIME TOD TOD DINT TOD TOD TOD TIME LTOD TIME, LTIME LTOD LTOD LINT LTOD LTOD LTOD LTIME DATE DATE S7-300/400/1200: TIME 1) S7-1500: LTIME DT TIME DT DT DT TIME LDT TIME, LTIME LDT DTL TIME, LTIME DTL DTL DTL S7-1200: TIME S7-1500: LTIME 1) Combinations between nanoseconds and milliseconds are not possible within expressions. For additional information on valid data types, refer to "See also". WinCC Advanced V14 System Manual, 10/2016 4751 Programming the PLC 11.14 Creating SCL programs Example The following example shows an arithmetic expression: SCL "MyTag1":= "MyTag2" * "MyTag3"; See also Expressions (Page 4748) Operators and operator precedence (Page 4758) 11.14.1.4 Relational expressions Description Relational expressions compare the values or the data types of two operands and yield a Boolean value. The result is TRUE if the comparison is true, and FALSE if it is not met. Relational operators can process the data types that are allowed in the CPU in use. The data type of the result always is BOOL. Note the following rules when forming relational expressions: All tags are comparable within the following data type groups: - Integers/floating-point numbers - Binary numbers - String With the following data types/data groups, only tags of the same type can be compared: - TIME, LTIME - Date and time - PLC data types - ARRAY - STRUCT - Tag to which ANY is pointing - Tag to which VARIANT is pointing The comparison of STRINGs takes place according to the character encoding in the character set that is set in Windows. The comparison of WSTRINGs takes place according to the character encoding in UTF-16. The length of the tags and the numerical value of each character are used for the comparison. S5TIME tags are not permitted as comparison operands. An explicit conversion from S5TIME to TIME or LTIME is necessary. 4752 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Comparison of floating-point numbers When floating-point numbers are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. The special bit patterns of invalid floating-point numbers (NaN) that are the outcome of undefined results (e.g. root of -1) are not comparable. This means if one of the operands has the value NaN, the comparison expression "==: Equal" as well as "<>: Not equal" has the result FALSE. Comparison of character strings The individual characters are compared by means of their code (for example, 'a' is greater than 'A') during the comparison of the strings. The comparison is performed from left to right. The first character to be different decides the result of the comparison. The following table shows examples of "==" comparison of strings: <Operand1> <Operand2> RLO of the instruction 'AA' 'AA' 1 'Hello World' 'HelloWorld' 0 'AA' 'aa' 0 'aa' 'aaa' 0 The following table shows examples of "<>" comparison of strings: <Operand1> <Operand2> RLO of the instruction 'AA' 'aa' 1 'Hello World' 'HelloWorld' 1 'AA' 'AA' 0 'aa' 'aaa' 1 You can also compare individual characters of a string. The number of the character to be compared is specified in square brackets next to the operand name. "MyString[2]", for example, compares the second character of the "MyString" string. Comparison of timers, date and time Bit patterns of invalid timers, date and times, e.g. DT#2015-13-33-25:62:99.999_999_999, cannot be compared. This means if one of the operands has an invalid value, the instruction "==: Equal" as well as "<>: Not equal" has the result FALSE. Not all times can be compared directly with each other, such as S5TIME. In this case they are implicitly converted into another time so that they can be compared, for example to TIME. If you want to compare dates and times of different data types, the value of the smaller date or time data type is implicitly converted into the larger date or time data type. This means the two date and time data types DATE and DTL, for example, are compared on the basis of DTL. When the implicit conversions fail, the comparison result is FALSE. WinCC Advanced V14 System Manual, 10/2016 4753 Programming the PLC 11.14 Creating SCL programs Comparison of structures Note Availability of comparison of structures The option to compare structures is available for a CPU of the S7-1200 series as of firmware version >= 4.2, and for a CPU of the S7-1500 series as of firmware version >= 2.0. You can compare the values of two structured operands with each other when both tags are of the same structure data type. When structures are compared, the operands to be compared must have the same data type regardless of the setting for the IEC Check. An exception are the comparisons in which one of the operands is a VARIANT or an ANY. If the data type is not yet known the the program is created, you can use the VARIANT data type. In this case you can also compare the operands with a structured tag of any data type. You can also compare two tags of the data type VARIANT or ANY with each other. The following data types are possible: PLC data type STRUCT Tag to which ANY is pointing Tag to which VARIANT is pointing The following requirements must be met so that the two tags of the data type ARRAY can be compared with each other: The elements must each have the same data type. The two ARRAYs must have the same dimension. All dimensions must have the same number of elements. The exact ARRAY limits do not have to match. Note ARRAY of BOOL When you compare two operands of the data type ARRAY of BOOL with each other and the number of elements cannot be divided by 8, the fill bits are compared as well. This may have an effect on the comparison result. The table below shows an example of a comparison of structures for "==: Equal": <Operand1> Tag of data type A <PLC data type> 4754 <Operand2> Tag value Tag of data type A <PLC data type> RLO of the instruc tion Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs <Operand1> <Operand2> Tag of data type A <PLC data type> Tag value Tag of data type B <PLC data type> RLO of the instruc tion Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 Tag of data type A <PLC data type> Tag value VARIANT (supplied with tag of data type A) Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 0 1 The table below shows an example of a comparison of structures for "<>: Not equal": <Operand1> <Operand2> Tag of data type A <PLC data type> Tag value Tag of data type A <PLC data type> RLO of the instruc tion Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 Tag of data type A <PLC data type> Tag value Tag of data type B <PLC data type> Tag value BOOL FALSE BOOL TRUE INT 2 INT 3 Tag of data type A <PLC data type> Tag value VARIANT (supplied with tag of data type A) Tag value BOOL FALSE BOOL FALSE INT 2 INT 2 0 1 0 When comparing two anonymous structures, the comparison result returns the signal state "0", except when the anonymous structures are elements of the same ARRAY. WinCC Advanced V14 System Manual, 10/2016 4755 Programming the PLC 11.14 Creating SCL programs Data types of relational expressions The following table shows the data types/data type groups you can use in relational expressions: Operation Operator 1st operand 2nd operand Result Compare for equal, not equal =, <> Integer/floatingpoint number Integer/floatingpoint number BOOL Bit strings Bit strings BOOL String String BOOL TIME, LTIME TIME, LTIME BOOL Date and time Date and time BOOL VARIANT/ANY VARIANT/ANY BOOL Any data type (but must correspond to the data type with which the VARIANT is sup plied) VARIANT/ANY BOOL VARIANT/ANY Any data type BOOL PLC data type PLC data type BOOL ARRAY of <data type> with fixed and variable AR RAY limits ARRAY of <data type> with fixed and variable AR RAY limits BOOL STRUCT STRUCT BOOL Integer/floatingpoint number Integer/floatingpoint number BOOL Bit strings Bit strings BOOL Compare for less than, less thanequal to, greater than, greater than or equal to <, <=, >, >= (S7-1200/1500 on (S7-1200/1500 on ly) ly) String String BOOL TIME, LTIME TIME, LTIME BOOL Date and time Date and time BOOL Example The following example shows a relational expression: SCL IF a > b THEN c:= a; IF A > 20 AND B < 20 THEN C:= TRUE; IF A<>(B AND C) THEN C:= FALSE; 4756 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Note The comparison for STRING and DT are executed internally in the S7-300/400 by extended instructions. The following operands are not permitted for these functions: Parameter of a FC In-out parameter of an FB of type STRUCT or ARRAY Note Comparing the hardware data types HW_IO and HW_DEVICE If you want to compare the two data types, you must first create a tag of data type HW_ANY in the "Temp" section of the block interface and then copy the LADDR (of data type HW_DEVICE) to the tag. It is then possible to compare HW_ANY and HW_IO. See also Expressions (Page 4748) Operators and operator precedence (Page 4758) 11.14.1.5 Logical expressions Description Logical expressions combine two operands with logical operators AND OR XOR or negating operands NOT. Logical operators can process the data types that are allowed in the CPU in use. The result of a logical expression is of BOOL data type, if both operands are of BOOL data type. If at least one of both operands is a bit string, then the result is also a bit string and is determined by the type of the highest operand. For example, when you link a BYTE type operand to a WORD type operand, the result is type WORD. To link a BOOL type operand with a bit string, you must first explicitly convert it to a bit string. Data types of logical expressions The following table shows the data types you can use in logical expressions: Operation Operator 1st operand 2nd operand Result Negation (gener ate one's comple ment) NOT BOOL - BOOL Bit string - Bit string AND logic opera tion AND or & BOOL BOOL BOOL Bit string Bit string Bit string BOOL BOOL BOOL Bit string Bit string Bit string OR logic operation OR WinCC Advanced V14 System Manual, 10/2016 4757 Programming the PLC 11.14 Creating SCL programs Operation Operator 1st operand 2nd operand Result EXCLUSIVE OR logic operation XOR BOOL BOOL BOOL Bit string Bit string Bit string Example The following example shows a logical expression: SCL IF "MyTag1" AND NOT "MyTag2" THEN c := a; MyTag := ALPHA OR BETA; See also Expressions (Page 4748) Operators and operator precedence (Page 4758) SCL programming examples (Page 4801) 11.14.1.6 Operators and operator precedence Operators and their order of evaluation Expressions can be linked together or nested within each other by operators. The order of evaluation for expressions depends on the precedence of operators and brackets. The following basic rules apply: Arithmetic operators are evaluated before relational operators and relational operators are evaluated before logical operators. Operators with no precedence are evaluated according to their occurrence from left to right. Value assignments are evaluated from right to left. Operations in brackets are evaluated first. The following table provides an overview of the operators and their precedence: Operator Operation Precedence + (Page 4749) Unary plus 2 - (Page 4749) Unary minus 2 ** (Page 4749) Power 3 Arithmetic expressions 4758 * (Page 4749) Multiplication 4 / (Page 4749) Division 4 MOD (Page 4749) Modulo function 4 + (Page 4749) Addition 5 - (Page 4749) Subtraction 5 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Operator Operation Precedence += (Page 4749), -= (Page 4749), *= (Page 4749), /= (Page 4749) Combined value assignments 11 < (Page 4752) Less than 6 > (Page 4752) Greater than 6 <= (Page 4752) Less than or equal 6 >= (Page 4752) Greater than or equal 6 = (Page 4752) Equal 7 <> (Page 4752) Not equal 7 NOT (Page 4757) Negation 3 AND (Page 4757) or & (Page 4757) Boolean AND 8 XOR (Page 4757) Exclusive OR 9 OR (Page 4757) Boolean OR 10 ( ) (Page 4748) Brackets 1 := (Page 4759) Assignment 11 Relational expressions Logical expressions Miscellaneous operations 11.14.1.7 Value assignments Definition You can use a value assignment to assign the value of an expression to a tag. On the left side of the assignment is the tag that takes the value of the expression on the right. The name of a function can also be specified as an expression. The function is called by the value assignment and returns its function value to the tag on the left. The data type of value assignment is defined by the data type of the tag on the left. The data type of the expression on the right must match this type. WinCC Advanced V14 System Manual, 10/2016 4759 Programming the PLC 11.14 Creating SCL programs You have the following options for programming value assignments: Single value assignments In case of single value assignments, an expression or tag is assigned to a single tag only: Example: a := b; Multiple value assignments In case of multiple value assignments, multiple assignments can be executed with one instruction. Example: a := b := c; This corresponds to the following notation: b := c; a := b; Combined value assignments In case of combined value assignments, you can combine the operators "+", "-", "*" and "/" with the assignment operator: Example: a += b; This corresponds to the following notation: a := a + b; You can also assign combined value assignments multiple times: a += b += c *= d; This corresponds to the following sequence of assignments: c := c * d; b := b + c; a := a + b; Value assignments for STRUCT data type or PLC data types An entire structure can be assigned to another if the structures are identically organized and the data types as well as the names of the structural components match. You can assign a tag, an expression or another structural element to an individual structural element. Value assignments for the ARRAY data type An entire ARRAY can be assigned to another ARRAY if both the data types of the ARRAY elements as well as the ARRAY limits match. You can assign a tag, an expression or another ARRAY element to an individual ARRAY element. Value assignments for the STRING data type An entire STRING can be assigned to another STRING. You can assign another STRING element to an individual STRING element. Value assignment for data type WSTRING (S7-1200/1500) An entire WSTRING can be assigned to another WSTRING. You can assign another WSTRING element to an individual WSTRING element. 4760 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Value assignments for the ANY data type You can assign a tag with the ANY data type only to the following objects: Input parameters or temporary local data of FBs that also have the data type ANY. Temporary local data of FCs that also have the data type ANY. Note that you can only point to memory areas with "standard" access mode with the ANY pointer. Value assignments for the POINTER data type You cannot use POINTER in value assignments in SCL. Examples The following table shows examples of single value assignments: SCL "MyTag1" := "MyTag2"; (* Assignment of a tag*) "MyTag1" := "MyTag2" * "MyTag3"; (* Assignment of an expression*) "MyTag" := "MyFC"(); (* Call for a function that assigns its function value to the "MyTag" tag*) #MyStruct.MyStructElement := "MyTag"; (* Assignment of a tag to a structure element*) #MyArray[2] := "MyTag"; (* Assignment of a tag to an ARRAY element*) "MyTag" := #MyArray[1,4]; (* Assignment of an ARRAY element to a tag*) #MyString[2] := #MyOtherString[5]; (* Assignment of a STRING element to another STRING element*) The following table shows examples of multiple value assignments: SCL WinCC Advanced V14 System Manual, 10/2016 "MyTag1" := "MyTag2" := "MyTag3"; (* Assignment of a tag*) "MyTag1" := "MyTag2" := "MyTag3" * "MyTag4"; (* Assignment of an expression*) "MyTag1" := "MyTag2" := "MyTag3 := "MyFC"(); (* Call of a function that assigns its function value to the tags "MyTag1", "MyTag1" and "MyTag1" *) #MyStruct.MyStructElement1 := #MyStruct.MyStructElement2 := "MyTag"; (* Assignment of a tag to two structure elements*) #MyArray[2] := #MyArray[32] := "MyTag"; (* Assignment of a tag to two ARRAY elements*) "MyTag1" := "MyTag2" := #MyArray[1,4]; (* Assignment of an ARRAY element to two tags*) #MyString[2] := #MyString[3]:= #MyOtherString[5]; (* Assignment of a STRING element to two STRING elements*) 4761 Programming the PLC 11.14 Creating SCL programs The following table shows examples of combined value assignments: SCL "MyTag1" += "MyTag2"; (* "MyTag1" and "MyTag2" are added and the result of the addition is assigned to "MyTag1".*) "MyTag1" -= "MyTag2" += "MyTag3"; (* "MyTag2" and "MyTag3" are added. The result of the addition is assigned to ""MyTag2"" and then subtracted from "MyTag1". The result is assigned to "MyTag1".*) #MyArray[2] += #MyArray[32] += "MyTag"; (* The ARRAY element "MyArray[32]" is added to "MyTag". The result is assigned to "MyArray[32]". The two ARRAY elements are then added and the result is assigned to the ARRAY element "MyArray[2]". The data types must be compatible for this operation.*) #MyStruct.MyStructElement1 /= #MyStruct.MyStructElement2 *= "MyTag"; (* The structure element "MyStructElement2" is multiplied by "MyTag". The result is assigned to "MyStructElement2". The structure element "MyStructElement1" is then divided by "MyStructElement2" and the result is assigned to "MyStructElement1". The data types must be compatible for this operation.*) See also Operators and operator precedence (Page 4758) 11.14.2 Settings for SCL 11.14.2.1 Overview of the settings for SCL Overview The following tables show the settings you can make for SCL: Editor settings Group Setting Description View Keyword highlighting Notation used to represent the keywords of the programming language. You can choose between uppercase and lowercase letters or a notation corresponding to the conventions of the Pascal programming language. 4762 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Default settings for new blocks If you create new blocks, the following settings are set as default values. You can change these in the block properties at a later point in time. Group Setting Description Compile Create extended status information Allows all tags in a block to be monitored. The memory require ments of the program and execution times increase, however, with this option. Check ARRAY limits1) Checks at runtime whether array indices are within the declared range for an ARRAY. If an array index exceeds the permissible range, the enable output ENO of the block is set to "0". Set ENO automatically Checks at runtime whether errors occur in the processing of certain instructions. If a runtime error occurs, the enable output ENO of the block is set to "0". For CPUs of the S7-300/400 series: When the ARRAY limits are violated, the enable output ENO is set to FALSE. 1) For CPUs of the S7-1200/1500 series: When the ARRAY limits are violated, the enable output ENO is not set to FALSE. See "Addressing ARRAYs (Page 2182)" for error query options. See also Changing the settings (Page 4763) 11.14.2.2 Changing the settings Procedure To change the settings, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. Change the settings. Result The change will be loaded directly, there is no need to save it explicitly. See also Overview of the settings for SCL (Page 4762) WinCC Advanced V14 System Manual, 10/2016 4763 Programming the PLC 11.14 Creating SCL programs 11.14.3 The programming window of SCL 11.14.3.1 Overview of the programming window Function The programming window is the work area, where you enter the SCL program. The following figure shows the programming window of SCL: The programming window consists of the following sections: Section Meaning Sidebar Line numbers You can set bookmarks and breakpoints in the sidebar. Outline view Code area Display of the absolute operands The line numbers are displayed to the left of the program code. The outline view highlights related code sections. You edit the SCL program in the code area. This table shows the assignment of symbolic operands to absolute addresses. See also Customizing the programming window (Page 4765) Formatting SCL code (Page 4766) Expanding and collapsing sections of code (Page 4767) Navigate to definitions (Page 4768) Using bookmarks (Page 4769) 4764 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 11.14.3.2 Customizing the programming window Introduction You can customize the appearance of the programming window and the program code in the following way: By setting the font, size and color By setting the tab spacing By displaying the line numbers By showing or hiding the absolute operands Setting the font, size and color To set the font, size and color, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General > Script/text editors" group. 3. Select the desired font and font size or choose a font color for the individual language elements. Setting the tab spacing To provide a better overview of the program, lines are indented according to syntax. Define the depth of indentation with the tab spacing. To set the tab spacing, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General > Script/text editors" group. 3. Set the tab spacing. Show line numbers To display the line numbers, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "General > Script/text editors" group. 3. Select the "Show line numbers" option. Show or hide the absolute operands You can show the assignment of symbolic and absolute operands in a table next to the program code, if required. WinCC Advanced V14 System Manual, 10/2016 4765 Programming the PLC 11.14 Creating SCL programs To hide or show the display of the absolute operands, follow these steps: 1. Click the "Absolute/symbolic operands" icon in the toolbar. The display of the absolute operands appears. 2. To move the display, click the table and drag it to the desired position while holding down the mouse button. 3. To change the width of the table, click on the right or left table border and drag it to the right or left while holding down the mouse button. See also Overview of the programming window (Page 4764) Formatting SCL code (Page 4766) Expanding and collapsing sections of code (Page 4767) Navigate to definitions (Page 4768) Using bookmarks (Page 4769) 11.14.3.3 Formatting SCL code Introduction To make the program clearer, you can indent or outdent individual lines manually or format code sections. Note the following information about formatting code sections: The type of formatting is based on the general settings for indents, but at least the line or the section is always indented. If you selected the setting "Smart", unnecessary spaces within the SCL instruction are also removed. Only syntactically correct code sections can be formatted. If you place the insertion point in the first or last line of an instruction for program control, for example in an IF instruction in the line with the "IF", the entire instruction is formatted. If you select text, only the selected text is formatted. Indenting or outdenting lines To indent or outdent individual lines, follow these steps: 1. Click on the line you want to indent or outdent. 2. Press the "Indent text", "Outdent text" button into the toolbar of the programming editor. Note You can set the width of the indent in "Options > Settings". 4766 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Formatting code sections To format code sections, follow these steps: 1. Select the text that you want to format or place the insertion point in the appropriate line. 2. Select the "Format selected text automatically" button into the toolbar of the programming editor. See also Overview of the programming window (Page 4764) Customizing the programming window (Page 4765) Expanding and collapsing sections of code (Page 4767) Overview of the script and text editor settings (Page 263) Navigate to definitions (Page 4768) Using bookmarks (Page 4769) 11.14.3.4 Expanding and collapsing sections of code Introduction SCL instructions can span several lines. Examples for this are program control instructions or block calls. Such instructions that belong together are identified as follows: An outline view between the display line number and the program code marks the entire code section. When you select the opening keyword, the closing keyword is automatically highlighted. To improve clarity, you can expand or collapse sections of code that belong together in the outline display. The selected outline display is retained when you close the block or the project so that, the next time you open the block, the sections of code are displayed in exactly the same way as they were when you closed it. Procedure To expand or collapse the code section, follow these steps: 1. Click the minus sign in the outline view. The code section closes. 2. Click the plus sign in the outline view. The code section opens. See also Overview of the programming window (Page 4764) Customizing the programming window (Page 4765) WinCC Advanced V14 System Manual, 10/2016 4767 Programming the PLC 11.14 Creating SCL programs Formatting SCL code (Page 4766) Navigate to definitions (Page 4768) Using bookmarks (Page 4769) 11.14.3.5 Navigate to definitions You can use elements in your program code that were defined in other editors, for example, tags or data blocks (DBs) of called function blocks (FBs). To view the definition instances in the corresponding editors, you can specifically navigate to these instances. Procedure To navigate to the definition of a code element, follow these steps: 1. Right-click on the code element. 2. Select the "Go to > Definition" command in the shortcut menu. The editor in which the code element was defined opens and the definition instance is displayed. Or: 1. Press and hold down the <Ctrl> key. 2. Move the mouse pointer over your program code. If the mouse pointer moves across a code element whose definition can be displayed, it is shown as underlined and the name of the element turns into a link. 3. Click on the link. The editor in which the code element was defined opens and the definition instance is displayed. See also Overview of the programming window (Page 4764) Customizing the programming window (Page 4765) Formatting SCL code (Page 4766) Expanding and collapsing sections of code (Page 4767) Using bookmarks (Page 4769) 4768 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 11.14.3.6 Using bookmarks Basics of bookmarks Function You can use bookmarks to mark program locations in extensive programs so that you can find them quickly later if they need revising. Bookmarks are displayed in the sidebar of the programming window. You can navigate between multiple bookmarks within a block using menu commands. Bookmarks are saved with the project and are therefore available for anyone who wants to edit the block. However, they are not loaded to a device. Bookmarks are not evaluated when blocks are compared. See also Setting bookmarks (Page 4769) Navigating between bookmarks (Page 4770) Deleting bookmarks (Page 4770) Setting bookmarks Requirement The SCL block is open. Procedure To set a bookmark, follow these steps: 1. Right-click on the desired line in the sidebar. 2. Select the "Bookmarks > Set" command in the shortcut menu. Or: 1. Click on the line in which you want to place the bookmark. 2. Click the "Set/delete bookmark" button in the toolbar. Or: 1. Hold down the <Ctrl> key. 2. Click on the line in the sidebar in which you want to place the bookmark. Result A bookmark is placed in the program code. WinCC Advanced V14 System Manual, 10/2016 4769 Programming the PLC 11.14 Creating SCL programs See also Basics of bookmarks (Page 4769) Navigating between bookmarks (Page 4770) Deleting bookmarks (Page 4770) Navigating between bookmarks Requirement Several bookmarks are set in a block. Procedure To navigate between bookmarks, follow these steps: 1. Set the insertion cursor in the program code. 2. In the "Edit" menu, select the "Go to > Next bookmark" or "Go to > Previous bookmark" command. Or: 1. Set the insertion cursor in the program code. 2. In the toolbar of the programming editor, click the "Go to next bookmark", "Go to previous bookmark" button. Or: 1. Click in the sidebar. 2. Select the "Bookmarks > Next" or "Bookmarks > Previous" command in the shortcut menu. Result The line with the bookmark is highlighted. See also Basics of bookmarks (Page 4769) Setting bookmarks (Page 4769) Deleting bookmarks (Page 4770) Deleting bookmarks You can delete individual bookmarks or all bookmarks from the block or the CPU. 4770 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Deleting individual bookmarks To delete an individual bookmark, follow these steps: 1. Right-click in the sidebar on the line in which you want to delete the bookmark. 2. Select the "Bookmarks > Remove" command in the shortcut menu. Or: 1. Click on the line in which you want to delete the bookmark. 2. In the "Edit" menu, select the "Bookmarks > Remove" command. Or: 1. Click on the line in which you want to delete the bookmark. 2. Click the "Set/delete bookmark" button in the toolbar. Deleting all bookmarks from the block To delete all bookmarks from the block, follow these steps: 1. Right-click in the sidebar. 2. Select the "Bookmarks > Delete all from block" command in the shortcut menu. Or: 1. In the "Edit" menu, select the "Bookmarks > Delete all from block" command. See also Basics of bookmarks (Page 4769) Setting bookmarks (Page 4769) Navigating between bookmarks (Page 4770) 11.14.4 Working with regions 11.14.4.1 Using regions Function In SCL, you can structure your program code in regions. This improves the clarity of your program because you combine related parts of the program and can expand and collapse regions as needed. A region overview is available for fast navigation in the regions. The region overview appears next to the program window and can be displayed or hidden as needed. The following figure shows the region overview and the programming window: WinCC Advanced V14 System Manual, 10/2016 4771 Programming the PLC 11.14 Creating SCL programs The region overview also shows the regions in which there are syntax errors. This allows you to quickly navigate to faulty code positions and rectify errors. To summarize a program part in a region, enclose it with the keywords "REGION" and "END_REGION". Depending on your settings in the keyword highlighting, the notation of the keywords can also be "region" and "end_region" or "Region" and "End_Region". The keywords are automatically converted to the notation that corresponds to the current setting. To find "REGION" and "END_REGION" keywords that belong together, click either "REGION" or "END_REGION". Both keywords are highlighted in color as a result. You can give each region a name. This has the following advantages: The name is also visible when a region is collapsed. This allows you to keep an overview of your program code. You can identify the regions in the region overview more easily and navigate to specific regions. Specifying a name is optional. Syntax Use the following syntax to combine the program parts into regions: REGION <Name> <Instructions> END_REGION 4772 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Note the following information when using regions: The keywords "REGION" and "END_REGION" must be at the start of a line. Only spaces are allowed before the keywords. All characters after the keyword "END_REGION" are considered to be a comments and therefore have no effect on the execution of the program. All instructions must be completed within a region. You also have the option to nest regions. However, make sure that regions within other regions are successfully completed: REGION <Name> <Instructions> REGION <Name> <Instructions> END_REGION <Instructions> REGION <Name> REGION <Instructions> END_REGION REGION <Name> <Instructions> END_REGION END_REGION END_REGION See also Inserting regions (Page 4773) Copying and inserting regions (Page 4774) Navigating in regions (Page 4776) Deleting regions (Page 4777) 11.14.4.2 Inserting regions You have the following two ways to insert regions in your program code: You can insert regions manually via the keyboard. You can insert regions via the "Instructions" task card. WinCC Advanced V14 System Manual, 10/2016 4773 Programming the PLC 11.14 Creating SCL programs Inserting regions manually via the keyboard To insert a region into your program code manually via the keyboard, follow these steps: 1. Place the cursor at the position where you want to insert a region. 2. Enter the keyword "REGION". Note Depending on your settings in the keyword highlighting, the notation of the keywords can also be "region" and "end_region" or "Region" and "End_Region". The keywords are automatically converted to the notation that corresponds to the current setting. 3. Enter a name for the region. This step is optional. 4. Place the cursor at the end of the region. 5. Enter the keyword "END_REGION". The corresponding program code is combined in a region that you can expand and collapse. The new region is visible in the region overview. If you have not assigned a name, it is indicated in the region overview with the name "Unnamed". Inserting regions via the "Instructions" task card To insert a region in your program code via the "Instructions" task card, proceed as follows: 1. Open the "Instructions" task card. 2. Navigate to "Control Panel > REGION". 3. Drag the instruction REGION to the position in your program code at which you want to insert a region. Alternatively, you can also place the cursor at the required position first and insert the instruction "REGION" by double-clicking. An empty region is inserted at the corresponding position. The new region is visible in the region overview and the placeholder "_name_" is used as name. 4. Replace the placeholder "_name_" with the required name or delete the placeholder if you do not want to assign a name. If you have assigned no name, the new region appears in the region overview with the name "Unnamed". See also Using regions (Page 4771) Copying and inserting regions (Page 4774) Navigating in regions (Page 4776) Deleting regions (Page 4777) 11.14.4.3 Copying and inserting regions You can also copy regions and their contents and insert them back into your program code. 4774 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Procedure To copy regions and their contents, follow these steps: 1. Open the region overview. 2. Right-click the region you want to copy and select the "Copy" command from the shortcut menu. 3. Place the cursor at the position in your program code at which you want to insert the region. 4. Insert the region either via the "Insert" shortcut menu command or via the key combination <Ctrl+V> in your program code. The copied region is inserted expanded together with its contents into your program code. In addition, the region is inserted in the region overview. 5. If necessary, assign a new name for the inserted region. Or: 1. Select the region in the program window. The region can be expanded or collapsed. 2. Copy the region either via the shortcut menu "Copy" or the key combination <Ctrl+C>. 3. Place the cursor at the position in your program code at which you want to insert the region. 4. Insert the region either via the "Insert" shortcut menu command or via the key combination <Ctrl+V> in your program code. The copied region is inserted expanded together with its contents into your program code. In addition, the region is inserted in the region overview. 5. If necessary, assign a new name for the inserted region. See also Using regions (Page 4771) Inserting regions (Page 4773) Navigating in regions (Page 4776) Deleting regions (Page 4777) WinCC Advanced V14 System Manual, 10/2016 4775 Programming the PLC 11.14 Creating SCL programs 11.14.4.4 Navigating in regions You can use the region overview to navigate quickly in the regions. The region overview displays all regions that exist in your program code. In addition, it offers the following functions: Synchronizing the display of the regions in the region overview and in the programming window: You can specify whether expanding and collapsing regions affects only the region overview or the programming window, or both. Expanding and collapsing an individual region: You can expand and collapse individual regions in either the region overview or in the programming window. If you have switched on synchronization, the region is expanded or collapsed in both windows. Expanding or collapsing all regions: You can expand or collapse all regions simultaneously either in the region overview or in the programming window. If you have switched on synchronization, the regions are expanded or collapsed in both windows. Synchronizing the display of the regions in the region overview and in the programming window To define the synchronization of the display for the regions in the region overview and in the programming window, proceed as follows: 1. Open the region overview. 2. To switch on the synchronization of the display, click "Synchronization on/off" on the toolbar in the region overview. The button for the synchronization is displayed as active. 3. To switch off the synchronization of the display, click "Synchronization on/off" on the toolbar in the region overview. The button for the synchronization is displayed as inactive. Expanding and collapsing an individual region To expand or collapse an individual region, follow these steps: 1. Open the region overview. 2. In the region overview, right-click on the region that you want to expand or collapse. 3. Select the command "Expand" or "Collapse" in the shortcut menu. Or: 1. Open the region overview. 2. In the region overview, select the region that you want to expand or collapse. 3. Press the shortcut <Ctrl+Shift+Num+> to expand or <Ctrl+Shift+Num-> to collapse. Or: 1. In the programming window, place the cursor in the region that you want to expand or collapse. 2. Press the shortcut <Ctrl+Shift+Num+> to expand or <Ctrl+Shift+Num-> to collapse. 4776 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Depending on the synchronization settings, the region is either expanded or collapsed in the region overview or in the programming window or in both windows. Expanding or collapsing all regions: To expand or collapse all regions simultaneously, follow these steps: 1. Open the region overview. 2. To expand all regions, click "Expand all" on the toolbar in the region overview. 3. To collapse all regions, click "Collapse all" on the toolbar in the region overview. Or: 1. Open the region overview. 2. Select any region in the region overview. 3. To expand all regions, press the shortcut <Ctrl+Shift+Num*>. 4. To collapse all regions, press the shortcut <Ctrl+Shift+Num/>. Or: 1. Place the cursor in the programming window. 2. To expand all regions, press the shortcut <Ctrl+Shift+Num*>. 3. To collapse all regions, press the shortcut <Ctrl+Shift+Num/>. Depending on the synchronization settings, all regions are either expanded or collapsed in the region overview or in the programming window or in both windows. See also Using regions (Page 4771) Inserting regions (Page 4773) Copying and inserting regions (Page 4774) Deleting regions (Page 4777) 11.14.4.5 Deleting regions You can remove regions from program code at any time. WinCC Advanced V14 System Manual, 10/2016 4777 Programming the PLC 11.14 Creating SCL programs Procedure To delete a region, proceed as follows: 1. In your program code, remove the keyword "REGION" and the name of the region if you have assigned a name. 2. Delete the corresponding keyword "END_REGION" in your program code. The region is deleted from the program code and the region overview. Note As soon as you have removed either the keyword "REGION" or "END_REGION" from the program code, you can in each case recognize the respective associated keyword by the fact that it is marked with a red line for a syntax error. See also Using regions (Page 4771) Inserting regions (Page 4773) Copying and inserting regions (Page 4774) Navigating in regions (Page 4776) 11.14.5 Entering SCL instructions 11.14.5.1 Rules for SCL instructions Instructions in SCL SCL recognizes the following types of instructions: Value assignments Value assignments are used to assign a tag a constant value, the result of an expression or the value of another tag. Instructions for program control Instructions for program control are used to implement program branches, loops or jumps. Additional instructions from the "Instructions" task card The "Instructions" task card offers a wide selection of standard instructions that you can use in your SCL program. Block calls Block calls are used to call up subroutines that have been placed in other blocks and to further process their results. 4778 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Rules You need to observe the following rules when entering SCL instructions: Instructions can span several lines. Each instruction ends with a semicolon (;). No distinction is made between upper and lower case. Comments serve only for documentation of the program. They do not affect the program execution. Examples The following examples shows the various types of instructions: SCL // Example of a value assignment "MyTag":= 0; // Example of a block call "MyDB"(); // Example of a program control instruction WHILE "Counter" < 10 DO "MyTAG" := "MyTag" + 2; END_WHILE; See also Basics of SCL (Page 4747) 11.14.5.2 Entering SCL instructions manually Requirement An SCL block is open. Procedure To enter SCL instructions, follow these steps: 1. Enter the syntax of the instruction using the keyboard. You are supported by the auto-complete function when performing this task. It offers all the instructions and operands that are allowed at the current location. 2. Select the required instruction or the desired operand from the auto-complete function. If you select an instruction that requires specification of operands, placeholders for the operands are inserted into the program. The placeholders for the operands are highlighted in yellow. The first placeholder is selected. 3. Replace this placeholder with an operand. 4. Use the <TAB> key to navigate to all other placeholders and replace them with operands. WinCC Advanced V14 System Manual, 10/2016 4779 Programming the PLC 11.14 Creating SCL programs Note You can also drag-and-drop a defined operand from the PLC tag table or from the block interface into the program. To replace an operand that has already been inserted, hover the mouse pointer briefly over the operand to be replaced before releasing the mouse button. This selects the operand and when you release the mouse button it is replaced by the new operand. Result The instruction is inserted. The programming editor performs a syntax check. Incorrect entries are displayed in red and italics. In addition, you also receive a detailed error message in the inspector window. See also Using autocompletion in textual programming languages (Page 4478) Expanding and reducing the parameter list (Page 4796) Data type conversion for S7-1200 (Page 2332) 11.14.5.3 Inserting SCL instructions using the "Instructions" task card The "Instructions" task card offers a wide selection of instructions that you can use in your SCL program. The SCL-specific instructions for program control are available in the "Instructions" task card. Requirement An SCL block is open. Procedure To insert SCL instructions into a program using the "Instructions" task card, follow these steps: 1. Open the "Instructions" task card. 2. To insert the instruction, select one of the following steps: - Navigate to the SCL instruction you want to insert and drag-and-drop it to the required line in the program code. The insertion location is highlighted by a green rectangle. - Select the location in the program code where you want to insert the instruction and then double-click on the instruction you want to insert. The instruction is inserted in the program. The placeholders for the operands are highlighted in yellow. A light yellow indicates the optional parameters that you do not necessarily have to interconnect. A darker yellow indicates the mandatory parameters that you must interconnect. The first placeholder is selected. 4780 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 3. Replace this placeholder with an operand. You can also drag a tag from the interface or the PLC tag table with drag-and-drop to the placeholder. 4. Use the <TAB> key to navigate to all other placeholders and replace them with operands. Result The instruction is inserted. The programming editor performs a syntax check. Incorrect entries are displayed in red and italics. In addition, you also receive a detailed error message in the inspector window. See also Using autocompletion in textual programming languages (Page 4478) Expanding and reducing the parameter list (Page 4796) Data type conversion for S7-1200 (Page 2332) 11.14.5.4 Defining the data type of an SCL instruction Basic information on the data types of SCL instructions Introduction The SCL instructions that you employ for block programming use specific data types to calculate function values. Certain SCL instructions only support the use of a specific data type. You cannot change the data type for these instructions. However, most of the SCL instructions support the use of different data types. We differentiate between the following two types of such instructions: Instructions for which the data type of the function value is determined by the data type of the input parameters. This is the case for most instructions. Instructions with default data type. The instructions listed in the following table are of this type. You will have to change the default data type if this is incompatible with the data type of the input parameter used. You can always change the data type based on the following syntax: _<data type> SCL instructions with default data type The following table lists the SCL instructions with default data types: WinCC Advanced V14 System Manual, 10/2016 Instruction Default data type CEIL DINT DECO DWORD FLOOR DINT NORM_X REAL 4781 Programming the PLC 11.14 Creating SCL programs Instruction Default data type PEEK BYTE SCALE_X INT TRUNC DINT CONCAT STRING T_DIFF TIME See also Changing the data type of an SCL instruction (Page 4782) Example for changing the data type of an SCL instruction (Page 4783) Changing the data type of an SCL instruction Procedure Proceed as follows to insert an SCL instruction and change its data type: 1. Insert the instruction at the required point in the program using drag-and-drop. 2. Specify the operands for the instruction. The data type of the function value is specified based on the input parameters, or the default data type of the instruction is used. 3. Append the "_<data type>" string to the instruction name. "<data type>" represents the data type you need for the instruction. See also Basic information on the data types of SCL instructions (Page 4781) Example for changing the data type of an SCL instruction (Page 4783) Modifying the data types of IEC timers and IEC counters IEC timers and IEC counters are internal system function blocks and require an instance data block. You can create the instance data blocks either as single or multi-instance. The data type of the instance data block is determined according to the associated instruction. For CPUs of the S7-1200 and S7-1500 series, you can, however execute the instructions with different data types, depending on your requirements. If the newly set data type of the instance data block does not match the data type of the input parameter, an implicit conversion takes place if possible. If the conversion is not possible, you will receive an error message. 4782 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Procedure To change the data type of an IEC timer or IEC-counter instance data block, proceed as follows: 1. Open the block in which you call the IEC timer or IEC counter. Depending on the instance type of the instance data block, there is a green-bordered box before (multi-instance) or after (single instance) the name of the instance data block. 2. Click the green-bordered box. A drop-down list box with the valid data types for the instance data block is opened. 3. Select the desired data type. Example for changing the data type of an SCL instruction Changing the default data type of the "Decode" instruction (DECO) Data type DWORD is set as default if you insert the "Decode" instruction in the program. "Tag_Result" := DECO(IN := "Tag_Value"); Modify the program code as follows to convert the data type from DWORD to BYTE: "Tag_Result_BYTE" := DECO_BYTE(IN := "Tag_Value"); See also Basic information on the data types of SCL instructions (Page 4781) Changing the data type of an SCL instruction (Page 4782) 11.14.5.5 Displaying or hiding tag information Introduction Regardless of whether the operands are represented in absolute or symbolic form, you can show and hide simple or hierarchical comments used to document global tags. This information is taken from the PLC tag table. You can display the tag information either for all the blocks or for individually opened blocks. If you display the tag information for all the blocks, the tag information for all blocks currently opened and opened in future is shown. You can hide the tag information at any time again. If you have hidden the tag information for all blocks, you can display it again for individual ones that you have opened. If you select the display of tag information with hierarchical comments, the comments of the higher structure levels of structured tags will also be displayed. The display is in brackets after the comment of the tags; the comments of the individual levels are separated by a period. If there is no comment at a structure level for a tag, it is omitted in the display and this is recognizable because there are two periods. WinCC Advanced V14 System Manual, 10/2016 4783 Programming the PLC 11.14 Creating SCL programs Displaying or hiding tag information for all blocks Follow the steps below to display or hide the tag information for all blocks: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. In the area navigation, select the "PLC programming" group. 3. If you want to show the tag information, either select the "Expand" option in the "Tag information" drop-down list or the "Tag information with hierarchy" depending on whether you want to display simple or hierarchical comments. 4. If you want to hide the tag information, select the "Collapse" option in the "Tag information" drop-down list. The tag information is displayed or hidden for all blocks. When you open further blocks, the tag information is displayed or hidden depending on the selected setting. Displaying or hiding tag information for an opened block Follow the steps below to display or hide the tag information for an opened block: 1. If you want to show the tag information, either select the "Show tag information" option in the "Shows the tag information" drop-down list or the "Tag information with hierarchy" depending on whether you want to display simple or hierarchical comments. 2. If you want to hide the tag information, select the "Hide tag information" option in the "Hides tag information" drop-down list. The tag information is displayed or hidden. 11.14.5.6 Using Favorites in SCL Adding SCL instructions to the Favorites Requirement A block is open. The multipane mode is set for the "Instructions" task card or the Favorites are also displayed in the editor. Procedure To add SCL instructions to the Favorites, follow these steps: 1. Open the "Instructions" task card. 2. Maximize the "Basic instructions" pane. 3. Navigate in the "Basic instructions" pane to the instruction that you want to add to the Favorites. 4. Drag-and-drop the instruction into the "Favorites" pane or into the Favorites area in the program editor. 4784 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Overview of the program editor (Page 4458) Inserting SCL instructions using Favorites (Page 4785) Removing SCL instructions from the Favorites (Page 4786) Inserting SCL instructions using Favorites Requirement A block is open. Favorites are available. Procedure To insert an instruction into a program using Favorites, follow these steps: 1. Drag-and-drop the desired instruction from Favorites to the desired position. Or: 1. Select the position in the program where you want to insert the instruction. 2. In the Favorites, click on the instruction you want to insert. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Overview of the program editor (Page 4458) Adding SCL instructions to the Favorites (Page 4784) Removing SCL instructions from the Favorites (Page 4786) WinCC Advanced V14 System Manual, 10/2016 4785 Programming the PLC 11.14 Creating SCL programs Removing SCL instructions from the Favorites Requirement A code block is open. Procedure To remove instructions from Favorites, follow these steps: 1. Right-click on the instruction you want to remove. 2. Select the "Remove instruction" command in the shortcut menu. Note To additionally display the Favorites in the program editor, click the "Display favorites in the editor" button in the program editor toolbar. See also Overview of the program editor (Page 4458) Adding SCL instructions to the Favorites (Page 4784) Inserting SCL instructions using Favorites (Page 4785) 4786 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 11.14.5.7 Insert block calls in SCL Basic information on the block call in SCL Calling function blocks Syntax of a call The following syntax is used to call a function block as a single or multi-instance: Single instance: - If the function block originates from the project: <DBName> (Parameter list) - If the function block originates from the "Instructions" task card: <DB name>.<Instruction name> (Parameter list) or <Instruction name> (Parameter list) Multi-instance <#Instance name> (Parameter list) Calling as single instance or multi-instance Function blocks can be called either as a single instance or a multi-instance. Calling as a single instance The called function block stores its data in a data block of its own. Calling as a multi-instance The called function block stores its data in the instance data block of the calling function block. For additional information on the types of calls, refer to "See also". Recursive block calls You have the option of calling a block recursively. This means a block can call itself again. Keep in mind that the call depth is limited to 24 and that you cannot use multi-instances. Parameter list If you call another code block from a SCL block, you can supply the formal parameters of the called block with actual parameters. The specification of the parameters has the form of a value assignment. This value assignment enables you to assign values (actual parameters) to the parameters you have defined in the called block. The formal parameters of the called code block are listed in brackets directly after the call. Input and in-out parameters have the assignment identifier ":=", output parameters have the WinCC Advanced V14 System Manual, 10/2016 4787 Programming the PLC 11.14 Creating SCL programs assignment identifier "=>". A placeholder placed after the parameter shows the required data type and the type of the parameter. Rules for supplying parameters The following rules apply to supplying parameters: Constants, tags and expressions can be used as actual parameters. The assignment order is not of importance. The data types of formal and actual parameters match. You can also select data types for the actual parameter for which implicit data type conversion into the data type of the formal parameter is possible. The individual assignments are separated by commas. If the called block has only one parameter, it is sufficient to specify the actual parameter in the brackets. The formal parameter need not be specified. See also Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) Examples for calling a function block in SCL (Page 4790) Calling functions Syntax of a call The following syntax is used to call a function: <Function name> (Parameter list); //Standard call <Operand>:=<Function name> (Parameter list); // Call in an expression Function value Functions that provide a return value can be used in any expression in place of an operand in SCL. For this reason, the return value is also known as the "function value" in SCL. The call options of functions depend on whether the function returns a function value to the calling block. The function value is defined in the RET_VAL parameter. If the RET_VAL parameter is of the VOID data type, then the function will not return a value to the calling block. If the RET_VAL parameter has another data type, then the function returns a function value of this data type. In SCL, all data types are permitted for the RET_VAL parameter except ANY, ARRAY, STRUCT and VARIANT, as well as the parameter types TIMER and COUNTER. 4788 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Call options There are two possibilities for calling functions in SCL: Standard call for functions with and without a function value With a standard call, the results of the function is made available as an output and in-out parameter. Call in an expression for functions with a function value Functions that return a function value can be used in any expression in place of an operand, for example, a value assignment. The function calculates the function value, which has the same name as the function and returns it to the calling block. There the value replaces the function call. Following the call, the results of the function is made available as a function value or as an output and in-out parameter. Recursive block calls You have the option of calling a block recursively. This means a block can call itself again. Keep in mind that the call depth is limited to 24 and that you cannot use multi-instances. Parameter list If you call another code block from a SCL block, you need to supply the formal parameters of the called block with actual parameters. The specification of the parameters has the form of a value assignment. This value assignment enables you to assign values (actual parameters) to the parameters you have defined in the called block. The formal parameters of the called code block are listed in brackets directly after the call. Input and in-out parameters have the assignment identifier ":=", output parameters have the assignment identifier "=>". A gray placeholder placed after the parameter shows the required data type and the type of the parameter. Rules for supplying parameters The following rules apply to supplying parameters to functions: All parameters of the function must be supplied. The assignment order is not of importance. Constants, tags and expressions can be used as actual parameters. The data types of formal and actual parameters match. You can also select data types for the actual parameter for which implicit data type conversion into the data type of the formal parameter is possible. The individual assignments are separated by commas. If the called block has only one parameter, it is sufficient to specify the actual parameter in the brackets. The formal parameter need not be specified. When you call functions in SCL, you cannot use the release mechanism via EN. Use an IF statement instead to call functions conditionally. WinCC Advanced V14 System Manual, 10/2016 4789 Programming the PLC 11.14 Creating SCL programs See also Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) Examples for calling functions in SCL (Page 4791) Examples for calling a function block in SCL Calling as a single instance The following example shows the call of an FB as a single instance: SCL // Call as a single instance "MyDB" (MyInput:=10, MyInout:= "Tag1"); Result After the call is executed, the value determined for the "MyInout" in/out parameter is available in "Tag1" in the "MyDB" data block. Calling as a multi-instance The following example shows the call of an FB as a multi-instance: SCL // Call as a multi-instance #MyFB (MyInput:= 10, MyInout:= "Tag1"); Result After the "#MyFB" block is executed, the value determined for the "MyInout" in/out parameter is made available in "Tag1" in the data block of the calling code block. See also Calling function blocks (Page 4787) Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) 4790 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Examples for calling functions in SCL Standard call The following example shows a standard function call: SCL // Standard function call "MyFC" (MyInput := 10, MyInOut := "Tag1"); Result After the "MyFC" block is executed, the value determined for the "MyInOut" in/out parameter is available in "Tag1" in the calling block and needs to be further processed there. Call in a value assignment The following example shows a function call in a value assignment: SCL (*Call in a value assignment, a function value was defined for "MyFC" *) #MyOperand := "MyFC" (MyInput1 := 3, MyInput2 := 2, MyInput3 := 8.9, MyInOut := "Tag1"); Result The function value of "MyFC" is transferred to "#MyOperand". Call in an arithmetic expression The following example shows a function call in an arithmetic expression: SCL (*Call in a mathematical expression, a function value was defined for "MyFC" *) #MyOperand := "Tag2" + "MyFC" (MyInput1 := 3, MyInput2 := 2, MyInput3 := 8.9); Result The function value of "MyFC" will be added to "Tag2" and the result will be transferred to "MyOperand". WinCC Advanced V14 System Manual, 10/2016 4791 Programming the PLC 11.14 Creating SCL programs See also Calling functions (Page 4788) Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) Manually inserting block calls You can insert calls for functions (FCs) and function blocks (FBs). Function blocks can be called either as a single, multi or parameter instance. See also: AUTOHOTSPOT Inserting a call for a function (FC) Proceed as follows to insert a function call: 1. Enter the function name. 2. Confirm your entry with the Return key. 3. Select the "Show all parameters" command from the context menu or press the key combination <Ctrl+Shift+space bar>. Alternatively, you can click "Expands/collapses the parameter list of block calls" in the function bar. The syntax for the function call including the parameter list is added to the SCL program. The placeholders for the actual parameters are highlighted in yellow. The first placeholder is selected. 4. Replace this placeholder with an actual parameter. You can also drag a tag from the interface or the PLC tag table with drag-and-drop to the placeholder. 5. Use the <TAB> key to navigate to all other placeholders and replace them with actual parameters. You can navigate to the previous placeholder with <Shift + TAB>. Inserting a call for a function block (FB) To insert a call for a function block (FB), follow these steps: 1. Enter the name of the function block. 2. Enter an opening parenthesis "(". The "Call options" dialog opens. 3. Confirm your entries with "OK". The syntax for the function block call including the parameter list is added to the SCL program. The placeholders for the actual parameters are highlighted in yellow. The first placeholder is selected. 4792 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 4. In the dialog, enter whether you want to call the block as a single, multi or parameter instance. - If you click the "Single instance" button, enter a name for the data block that will be assigned to the call in the entry field "Name". - If you click the "Multi-instance" button, in the "Name in the interface" field, enter the name of the tag with which the called function block will be entered as a static tag in the interface of the calling block. - If you click on the "Parameter instance" button, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 5. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions. 6. Replace this placeholder with an actual parameter. You can also drag a tag from the interface or the PLC tag table with drag-and-drop to the placeholder. 7. Use the <TAB> key to navigate to all other placeholders and replace them with actual parameters. You can navigate to the previous placeholder with <Shift + TAB>. Result The block call is inserted. If you specify an instance data block that does not exist when calling a function block, it is created. See also Updating block calls (Page 4795) Expanding and reducing the parameter list (Page 4796) Basic information on the block call in SCL (Page 4787) Using autocompletion in textual programming languages (Page 4478) Inserting block calls with drag-and-drop You can insert calls for existing functions (FC) and function blocks (FB) using a drag-and-drop operation from the project tree. Function blocks can be called either as a single, multi or parameter instance. See also: AUTOHOTSPOT Requirement The function to be called (FC) or the function block (FB) to be called is present. WinCC Advanced V14 System Manual, 10/2016 4793 Programming the PLC 11.14 Creating SCL programs Inserting a call for a function (FC) To insert a function call using drag-and-drop, follow these steps: 1. Drag the function from the project tree into the program. The syntax for the function call including the parameter list is added to the SCL program. The placeholders for the actual parameters are highlighted in yellow. The first placeholder is selected. 2. Replace this placeholder with an actual parameter. You can also drag a tag from the interface or the PLC tag table with drag-and-drop to the placeholder. 3. Use the <TAB> key to navigate to all other placeholders and replace them with actual parameters. You can navigate to the previous placeholder with <Shift + TAB>. Inserting a call for a function block (FB) To insert a call for a function block (FB) using drag-and-drop, follow these steps: 1. Drag the function block from the project tree and drop it into the program. The "Call options" dialog opens. 2. In the dialog, enter whether you want to call the block as a single, multi or parameter instance. - If you click the "Single instance" button, enter a name for the data block that will be assigned to the call in the entry field "Name". - If you click the "Multi-instance" button, in the "Name in the interface" field, enter the name of the tag with which the called function block will be entered as a static tag in the interface of the calling block. - If you click on the "Parameter instance" button, enter the name of the in/out (InOut) parameter to which the instance should be passed during runtime in the "Name in the interface" text box. 3. If you call a block that contains monitoring, assign a ProDiag function block to the monitoring functions. 4. Confirm your entries with "OK". The syntax for the function block call including the parameter list is added to the SCL program. The placeholders for the actual parameters are highlighted in yellow. The first placeholder is selected. 5. Replace this placeholder with an actual parameter. You can also drag a tag from the interface or the PLC tag table with drag-and-drop to the placeholder. 6. Use the <TAB> key to navigate to all other placeholders and replace them with actual parameters. You can navigate to the previous placeholder with <Shift + TAB>. Result The block call is inserted. If you specify an instance data block that does not exist when calling a function block, it is created. 4794 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs See also Updating block calls (Page 4795) Expanding and reducing the parameter list (Page 4796) Basic information on the block call in SCL (Page 4787) Using autocompletion in textual programming languages (Page 4478) Updating block calls If interface parameters of a called block are changed, the block call can no longer be executed correctly. You can avoid such inconsistent block calls by updating the block calls. You have the following options for updating the block calls: Explicit updating of all inconsistent block calls in the programming editor. The inconsistent block calls within the open block are updated. The following actions are carried out in the process: - New parameters are added. Please note, however, that the parameters are hidden for function blocks (FBs) and the parameters are supplied via the corresponding instance data block (DB). If required, you can show the parameters using the shortcut menu command "Show all parameters". - Deleted parameters are not removed. If necessary, expand the parameter list to remove deleted parameters manually. - Renamed parameters get the new parameter names. Explicit updating of a block call in the programming editor. The inconsistent call of this block is updated at all call locations. The following actions are carried out in the process: - New parameters are added. - Deleted parameters are not removed. If necessary, expand the parameter list to remove deleted parameters manually. - Renamed parameters get the new parameter names. Implicit updating during compilation. All block calls in the program as well as the used PLC data types will be updated. Make sure that you manually remove deleted parameters before the compilation process and supply all new formal parameters with actual parameters when you call functions. Updating all inconsistent block calls in the programming editor To update all block calls in a block, follow these steps: 1. Open the calling block in the programming editor. 2. Click "Update inconsistent block calls" in the toolbar. All inconsistent calls are updated. If necessary, supply new formal parameters of functions (FCs) with actual parameters. WinCC Advanced V14 System Manual, 10/2016 4795 Programming the PLC 11.14 Creating SCL programs Updating a specific block call in the programming editor To update a specific block call in the programming editor, follow these steps: 1. Open the calling block in the programming editor. 2. Right-click on the block call that you want to update. 3. Select the "Update block call" command in the shortcut menu. 4. If parameters were added, enter the values for the new block parameters. Note Note that the "Update block call" command is only available as long as you did not previously update all block calls in the editor with the "Update inconsistent block calls" command. Updating block calls during compilation To implicitly update all block calls and uses of PLC data types during compilation, follow these steps: 1. Open the project tree. 2. Select the "Program blocks" folder. 3. Select the "Compile > Software (rebuild all blocks)" command in the shortcut menu. See also Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) Expanding and reducing the parameter list (Page 4796) 11.14.5.8 Expanding and reducing the parameter list In SCL, if you call blocks or insert instructions that are system-internal function blocks, the syntax and the parameter list with the placeholders for the actual parameters are inserted in the SCL program. To make the program code easier to read, the unused optional parameters are removed from the parameter list when you edit other instructions. You can restore these at any time. You can also explicitly reduce the parameter list when you have finished assigning the parameters. Expanding the parameter list To expand the parameter list, follow these steps: 1. Right-click in the block call or the instruction. 2. Select the "Expand parameter list" command from the shortcut menu or press the key combination <Ctrl+Shift+Space bar>. The parameter list is displayed in full again. 4796 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Reducing the parameter list To reduce the parameter list, follow these steps: 1. Right-click in the block call or the instruction. 2. Select the "Reduce parameter list" command from the shortcut menu or press the key combination <Ctrl+Shift+Space bar>. All unused optional parameters are hidden. See also Entering SCL instructions manually (Page 4779) Inserting SCL instructions using the "Instructions" task card (Page 4780) Manually inserting block calls (Page 4792) Inserting block calls with drag-and-drop (Page 4793) 11.14.5.9 Insert pragmas (S7-1200, S7-1500) You have the option of assigning validities to your program code using pragmas. To do this, enclose the program code with pragma keywords. Optionally, you can assign parameters to further define the content. Pragmas can be expanded and collapsed as needed. The general syntax for pragmas is as follows: {PRAGMA_BEGIN 'Param1', 'Param2', ... , 'ParamN'} //Programcode {PRAGMA_END} Pragmas can also be nested. However, make sure that pragmas within other pragmas are successfully completed. Note Pragmas are currently evaluated only in SiVArc. The "SIVARC" parameter and another parameter must be assigned. For more information, refer to the SiVArc help. Procedure To insert a pragma, follow these steps: 1. Place the cursor at the position where you want to insert a pragma. 2. Enter "{ PRAGMA_BEGIN". 3. Enter any number of parameters in single quotation marks. This step is optional. 4. Enter "}". WinCC Advanced V14 System Manual, 10/2016 4797 Programming the PLC 11.14 Creating SCL programs 5. Place the cursor at the end of the program code that you want to enclose with the pragma. 6. Enter "{ PRAGMA_END}". The corresponding program code is combined in a pragma. 11.14.5.10 Inserting comments Commenting program code You have various options for commenting SCL programs: Line comment A line comment starts with "//" and extends to the end of the line. Comment section A comment section is started with "(* and completed by "*)". It can span several lines. Inserting a line comment To insert line comments, follow these steps: 1. Type "//" at the position where you want to place the comment. This does not have to be the beginning of the line. 2. Enter the comment text. Inserting a comment section To insert a comment section, follow these steps: 1. Type "(*" at the position where you want to place the comment. This does not have to be the beginning of the line. 2. Enter the comment text. 3. Complete the comment with "*)". Disabling one or more lines with comments To disable program code with comments, follow these steps: 1. Select the code lines you want to comment out. 2. Click the "Comment selection" button in the editor. "//" is inserted at the beginning of the line in the selected lines. The code that follows is interpreted as a comment. If lines already containing a line comment are disabled, "//" is inserted as well. If these lines are enabled again, the original comments are retained. 4798 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Enabling comment lines To enable lines that have been commented out to be enabled as code again, proceed as follows: 1. Select the code lines you want to enable. 2. Click the "Remove comment" button in the editor. The "//" mark for line comments at the beginning of the line is removed. Example The following code contains comment sections and line comments (************************************************************************************* A description of the instructions that follow can be placed here **************************************************************************************) IF "MyVal1" > 0 THEN //No division by 0 "MyReal" := "MyVal2" (* input value *) / "MyVal1" (* measured value *); END_IF; //Data type conversion "MyInt" := REAL_TO_INT("MyReal"); See also Commenting out program code (Page 2131) (*...*): Insert a comment section (Page 3236) 11.14.6 Editing SCL instructions 11.14.6.1 Selecting instructions You can select individual instructions or all instructions of a block. Requirement An SCL block is open. Selecting individual instructions To select individual instructions, follow these steps: 1. Set the insertion mark before the first character that you want to select. 2. Press and hold down the left mouse button. 3. Move the cursor to a position after the last character that you want to select. 4. Release the left mouse button. WinCC Advanced V14 System Manual, 10/2016 4799 Programming the PLC 11.14 Creating SCL programs Selecting all the instructions of a program To select all instructions, follow these steps: 1. In the "Edit" menu, select the "Select All" command or use the keyboard shortcut <Ctrl+A>. Note When you select the opening keyword of an instructing, the closing keyword is automatically highlighted. 11.14.6.2 Copying, cutting and pasting instructions Copying an instruction To copy an instruction, follow these steps: 1. Select the instruction you want to copy. 2. Select "Copy" in the shortcut menu. Cutting an instruction To cut an instruction, follow these steps: 1. Select the instruction you want to cut. 2. Select the "Cut" command in the shortcut menu. Inserting an instruction from the clipboard To insert an instruction from the clipboard, follow these steps: 1. Copy or cut an instruction. 2. Click on the position at which you want to insert the instruction. 3. Select "Paste" in the shortcut menu. 11.14.6.3 Deleting instructions Requirement An SCL block is open. 4800 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs Procedure To delete an instruction, follow these steps: 1. Select the instruction you want to delete. 2. Select the "Delete" command in the shortcut menu. 11.14.7 SCL programming examples 11.14.7.1 Example of controlling a conveyor belt Controlling a conveyor belt The following figure shows a conveyor belt that can be activated electrically. There are two pushbuttons at the beginning of the conveyor belt: S1 for START and S2 for STOP. There are also two pushbuttons at the end of the conveyor belt: S3 for START and S4 for STOP. It is possible to start and stop the conveyor belt from either end. 6 6 26WDUW 26WRS 6 6 26WDUW 26WRS 02725B21 Implementation The following table shows the definition of the tags used: WinCC Advanced V14 System Manual, 10/2016 Operand Declaration Data type Description StartPushbutton_Left (S1) Input BOOL Start pushbutton on the left side of the conveyor belt StopPushbutton_Left (S2) Input BOOL Stop pushbutton on the left side of the conveyor belt StartPushbutton_Right (S3) Input BOOL Start pushbutton on the right side of the convey or belt StopPushbutton_Right (S4) Input BOOL Stop pushbutton on the right side of the convey or belt 4801 Programming the PLC 11.14 Creating SCL programs Operand Declaration Data type Description MOTOR_ON Output BOOL Turn on the conveyor belt motor MOTOR_OFF Output BOOL Turn off the conveyor belt motor The following SCL program shows how to implement this task: SCL IF "StartPushbutton_Left_S1" OR "StartPushbutton_Right_S3" THEN "MOTOR_ON" := 1; "MOTOR_OFF" := 0; END_IF; IF "StopPushbutton_Left_S2" OR "StopPushbutton_Right_S4" THEN "MOTOR_ON" := 0; "MOTOR_OFF" := 1; END_IF; The conveyor belt motor is switched on when start pushbutton "StartPushbutton_Left_S1" or "StartPushbutton_Right_S3" is pressed. The conveyor belt motor is switched off when stop pushbutton "StopPushbutton_Left_S2" or "StopPushbutton_Right_S4" is pressed. See also Logical expressions (Page 4757) Basics of SCL (Page 4747) Settings for SCL (Page 4762) The programming window of SCL (Page 4764) Entering SCL instructions (Page 4778) Editing SCL instructions (Page 4799) 4802 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 11.14.7.2 Example of detecting the direction of a conveyor belt Detecting the direction of a conveyor belt The detected running direction of the belt is indicated by a RIGHT arrow or a LEFT arrow. If additional conveyed material is approaching PEB1 from the right or PEB2 from the left, the displayed arrow is initially switched off until, after both photoelectric barriers are passed, the running direction can be detected again and the corresponding arrow displayed. For the solution of the task, 2 edge memory bits are needed that detect the signal change from "0" to "1" at the two photoelectric barriers. 3(% 3(% Implementation The following table shows the definition of the tags used: Name Declaration Data type Description Photoelectric barrier PEB1 Input BOOL Photoelectric barrier 1 Photoelectric barrier PEB2 Input BOOL Photoelectric barrier 2 RIGHT Output BOOL Display for movement to the right LEFT Output BOOL Display for movement to the left Auxiliary flag PEB1 Input BOOL Edge bit memory 1 Auxiliary flag PEB2 Input BOOL Edge bit memory 2 The following SCL program shows how to implement this example: SCL // Program code for left running IF "Photolelectric barrier PEB1" = 1 AND "Auxiliary flag PEB2" = 0 THEN "Auxiliary flag PEB1" := 1; // Set auxiliary flag for PEB1 "LEFT" := 0; // Switch off arrow display left "RIGHT" := 0; // Switch off arrow display right END_IF; WinCC Advanced V14 System Manual, 10/2016 4803 Programming the PLC 11.14 Creating SCL programs SCL IF "Auxiliary flag PEB1" = 1 AND "Photoelectric barrier PEB2" = 1 THEN // The conveyor belt is running to the left "LEFT" = 1; "RIGHT" := 0; END_IF; IF "LINKS" = 1 AND "Photoelectric barrier PEB2" = 0 THEN // Reset auxiliary flag for PEB1 "Auxiliary flag PEB1" = 0 END_IF; SCL // Program code for right running IF "Photolelectric barrier PEB2" = 1 AND "Auxiliary flag PEB1" = 0 THEN "Auxiliary flag PEB2" := 1; // Set auxiliary flag for PEB2 "LEFT" := 0; // Switch off arrow display left "RIGHT" := 0; // Switch off arrow display right END_IF; IF "Auxiliary flag PEB2" = 1 AND "Photoelectric barrier PEB1" = 1 THEN // The conveyor belt is running to the right "LEFT" = 0; "RIGHT" := 1; END_IF; IF "RIGHT" = 1 AND "Photoelectric barrier PEB1" = 0 THEN // Reset auxiliary flag for PEB2 "Auxiliary flag PEB2" := 0; END_IF; If the photoelectric barrier "PEB1" has signal state "1" and the photoelectric barrier "PEB2" has signal state "0" at the same time, the object on the belt is moving to the left. If the photoelectric barrier "PEB2" has signal state "1" and the photoelectric barrier "PEB1" has signal state "0" at the same time, the object on the belt is moving to the right. The displays for a movement to the left or right will be turned off when the signal state at both photoelectric barriers is "0". See also Logical expressions (Page 4757) Basics of SCL (Page 4747) Settings for SCL (Page 4762) The programming window of SCL (Page 4764) Entering SCL instructions (Page 4778) Editing SCL instructions (Page 4799) 4804 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs 11.14.7.3 Example of detecting the fill level of a storage area Detecting the fill level of a storage area The following figure shows a system with two conveyor belts and a temporary storage area between them. Conveyor belt 1 delivers packages to the storage area. A photoelectric barrier at the end of conveyor belt 1 near the storage area detects how many packages are delivered to the storage area. Conveyor belt 2 transports packages from the temporary storage area to a loading dock where they are loaded onto trucks. A photoelectric barrier at the storage area exit detects how many packages leave the storage area to be transported to the loading dock. Five display lamps indicate the capacity of the temporary storage area. 'LVSOD\SDQHO 6WRUDJHDUHD HPSW\ 6WRUDJHDUHD QRWHPSW\ LQFRPLQJ SDFNDJHV 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO 6WRUDJHDUHD IXOO RXWJRLQJ SDFNDJHV 7HPSRUDU\ VWRUDJHDUHD IRU SDFNDJHV &RQYH\RUEHOW &RQYH\RUEHOW 3KRWRHOHFWULFEDUULHU 3KRWRHOHFWULFEDUULHU Implementation The following table shows the definition of the tags used: WinCC Advanced V14 System Manual, 10/2016 Name Declaration Data type Description PEB1 Input BOOL Photoelectric barrier 1 PEB2 Input BOOL Photoelectric barrier 2 RESET Input BOOL Reset counter LOAD Input BOOL Adjust the current coun ter value to the value of the PV parameter. MAX STORAGE AREA FILL AMOUNT Input INT Maximum possible number of packages in the storage area PACKAGECOUNT Output INT Number of packages in the storage area (cur rent count value) 4805 Programming the PLC 11.14 Creating SCL programs Name Declaration Data type Description STOCK_PACKAGES Output BOOL Is set when the current count value is greater than or equal to the val ue of the "MAX STOR AGE AREA FILL AMOUNT" tag. STOR_EMPTY Output BOOL Display lamp: Storage area empty STOR_NOT_EMPTY Output BOOL Display lamp: Storage area not empty STOR_50%_FULL Output BOOL Display lamp: Storage area 50 % full STOR_90%_FULL Output BOOL Display lamp: Storage area 90 % full STOR_FULL Output BOOL Display lamp: Storage area full VOLUME_50 Input INT Comparison value: 50 packages VOLUME_90 Input INT Comparison value: 90 packages VOLUME_100 Input INT Comparison value: 100 packages The following SCL program shows how to implement this example: When a package is delivered to the storage area, the signal state at "PEB1" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB1", the "Up" counter is enabled, and the current count value of "PACKAGECOUNT" is increased by one. When a package is delivered from the storage area to the loading dock, the signal state at "PEB2" switches from "0" to "1" (positive signal edge). On a positive signal edge at "PEB2", the "Down" counter is enabled, and the current count value of "PACKAGECOUNT" is decreased by one. If there are no packages in the storage area ("PACKAGECOUNT" = "0"), the "STOR_EMPTY" tag is set to signal state "1", and the "Storage area empty" lamp is switched on. The current count value can be reset to "0" if the "RESET" tag is set to signal state "1". If the "LOAD" tag is set to signal state "1", the current count value is set to the value of the "MAX STORAGE AREA FILL AMOUNT" tag. As long as the current count value is greater than or equal to the value of the "MAX STORAGE AREA FILL AMOUNT" tag, the "STOCK_PACKAGES" tag supplies the signal state "1". SCL "VOLUME_50" := 5; // Preassigning of the comparison value to 50 packages (for the test only 5 packages) "VOLUME_90" := 9; // Preassigning of the comparison value to 90 packages (for the test only 9 packages) "VOLUME_100" := 10; // Preassigning of the comparison value to 100 packages (for the test only 10 packages) "MAX STORAGE AREA FILL AMOUNT" := 10; // Preassigning of the maximum amount in storage area to 100 packages (for the test only 10 packages) 4806 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.14 Creating SCL programs SCL "IEC_Counter_0_DB".CTUD(CU := "PEB1", CD := "PEB2", R := "RESET", LD := "LOAD", PV := "MAX STORAGE AREA FILL AMOUNT", QU => "STOCK_PACKAGES", QD => "STOR_EMPTY", CV => "PACKAGECOUNT"); As long as the storage area contains packages, the "Storage area not empty" lamp is switched on. SCL "STOR_NOT_EMPTY" := NOT "STOR_EMPTY" If the number of packages in the storage area is lower than 50%, the lamps for the alarms "Storage area 50% full", "Storage area 90% full" and "Storage area full" switch off. SCL IF "PACKAGECOUNT" < "VOLUME_50" THEN "STOR_50%_FULL" := 0; "STOR_90%_FULL" := 0; "STOR_FULL" := 0; END_IF; If the number of packages in the storage area is greater than or equal to 50 %, the "Storage area 50 % full" lamp switches on. SCL IF "PACKAGECOUNT" >= "VOLUME_50" AND "PACKAGECOUNT <= "VOLUME_90" THEN "STOR_50%_FULL" := 1; "STOR_90%_FULL" := 0; "STOR_FULL" := 0; END_IF; If the number of packages in the storage area is greater than or equal to 90 %, the "Storage area 90 % full" lamp switches on. The display lamp for 50 % full also remains on. SCL IF "PACKAGECOUNT" >= "VOLUME_90" AND "PACKAGECOUNT < "VOLUME_100" THEN "STOR_50%_FULL" := 1; "STOR_90%_FULL" := 1; "STOR_FULL" := 0; END_IF; WinCC Advanced V14 System Manual, 10/2016 4807 Programming the PLC 11.15 Compiling and loading blocks If the number of packages in the storage area reaches 100 %, the lamp for the "Storage area full" message switches on. The display lamps for 50 % and 90 % full also remain on. SCL IF "PACKAGECOUNT" >= "VOLUME_100" THEN "STOR_50%_FULL" := 1; "STOR_90%_FULL" := 1; "STOR_FULL" := 1; END_IF; See also Basics of SCL (Page 4747) Settings for SCL (Page 4762) The programming window of SCL (Page 4764) Entering SCL instructions (Page 4778) Editing SCL instructions (Page 4799) 11.15 Compiling and loading blocks 11.15.1 Compiling blocks 11.15.1.1 Basic information on compiling blocks Introduction A user program must first be compiled before the CPU can execute it. You need to recompile your program each time you make a change. The following procedures take place during compilation: The user program is checked for syntax errors. Unneeded instructions are removed from the user program. All the block calls within the compiled blocks are checked. In case of changes to the interface of called blocks, errors will be shown in the "Compilation" tab of the information window. You have to correct these errors first. 4808 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks The blocks must be numbered uniquely in the user program. If more than one block has the same number, the blocks with number conflicts are renumbered automatically during compilation. A block will not be renumbered in the following cases: - The block was selected either individually or as part of a multiselection for the compilation. - The number assignment is set to "manual" in the properties of the block. Number conflicts that cannot be resolved by automatic renumbering must be corrected manually. Note the messages in the Inspector window for this. Note Renumbering know-how-protected blocks Automatic renumbering and manual renumbering without password of know-how-protected blocks is only possible for CPU of the series S7-1500 and S7-1200 (V4). The know-how protection must also be set with a TIA Portal version V13 SP1 or higher. Finally, the user program is compiled into a code that can be read by the CPU. Compilation methods You can start compilation in the following windows or editors: Compiling blocks in the project tree Serves to compile individual blocks or the simultaneous compilation of one or several blocks in the "Program blocks" folder. Compiling blocks in the program editor This is intended for compilation of a single open block. Compiling blocks in the call or dependency structure Used to compile individual blocks. See also: Call structure (Page 4871), Dependency structure (Page 4877) Compilation options If you are compiling blocks in project tree, you have further options: Software (only changes) All program changes of the selected blocks are compiled. If you have selected a block folder, all program changes to the bocks contained in the folder are compiled. Software (compile all blocks) All blocks are compiled. This is recommended for the first compilation and after major revisions. Software (reset memory reserve) All tags declared in the reserve area of the interface of selected blocks are moved to the standard area of the interface. Memory reserve is now available for further interface extensions. Note This option is only available for CPUs of the S7-1500 and S7-1200 V4 and higher series. WinCC Advanced V14 System Manual, 10/2016 4809 Programming the PLC 11.15 Compiling and loading blocks Consistency check Changing the interfaces of blocks called or PLC data types used can result in inconsistencies between calling blocks and called blocks or between the PLC data types and the global data blocks which use these PLC data types. To avoid such inconsistencies in the user program, the system performs an automatic consistency check before each compilation process. The time stamps are compared and compilation is then either carried out or canceled depending on the results of the comparison. The calling block can only be compiled if the time stamps of the interfaces of the called blocks are older than those of the calling block. A global data block based on a PLC data type can only be compiled correctly if the time stamp of the global data block is newer than the time stamp of the PLC data type used. The instance data block can only be compiled correctly if the interface time stamps for the interface of the instance data block are identical to those of the assigned function block. If the compilation process is cancelled, an alarm is displayed in the inspector window. Update the block calls in the relevant blocks and the PLC data types in the global data blocks and then restart compilation. The consistency check also finds know-how protected blocks which cannot be compiled. The corresponding messages will also be shown in the inspector window. If you start loading immediately instead of first compiling, the blocks selected will be automatically compiled and the block call and global data blocks implicitly updated. Please note the following differences between the CPU families: S7-1200/1500: All blocks affected are loaded to ensure no inconsistencies can arise. S7-300/400: Only the block selected is loaded. See also Compiling blocks in the project tree (Page 4810) Compiling blocks in the program editor (Page 4812) Correcting compilation errors (Page 4812) Block time stamps (Page 4499) Updating block calls in LAD (Page 4656) Updating block calls in FBD (Page 4713) Compiling project data (Page 369) 11.15.1.2 Compiling blocks in the project tree You can compile one block, multiple blocks or all of the blocks in the project tree. For CPUs of the S7-1500 and S7-1200 V4 series, you can also reset the memory layout of blocks with memory reserve by running a compilation. For more information on memory reserve, refer to chapter "Loading blocks (S7-1200/1500) > Loading block changes without reinitialization". 4810 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Requirement The project tree is open. Compiling one or more blocks in the project tree To compile multiple blocks in the project tree, follow these steps: 1. Open the "Program blocks" folder in project tree. 2. Select the blocks you want to compile. 3. Select the "Compile > Software (only changes)" command from the shortcut menu. Compiling all blocks in the project tree To compile all blocks in the "Program blocks" folder in project tree, follow these steps: 1. Select the "Program blocks" folder in the project tree. 2. You can select one of two different options for the compilation: - If you want to compile only the changes since the last compilation, select the "Compile > Software (only changes)" command in the shortcut menu. - If you want to compile all blocks completely, select the "Compile > Software (compile all blocks)" command in the shortcut menu. Resetting memory layout (S7-1500/S7-1200 V4) Proceed as follows to reset the memory layout of blocks: 1. Select the "Program blocks" folder, or specific blocks in this folder. 2. Select the "Compile > Software (Reset memory reserve)" command from the shortcut menu. Result The code for the blocks will be generated if the consistency check has been successful. Instance data blocks generated by the system which are no longer needed will be deleted. The message under "Info > Compilation" in the inspector window reports whether the compilation was successful. See also Basic information on compiling blocks (Page 4808) Compiling blocks in the program editor (Page 4812) Correcting compilation errors (Page 4812) Finding syntax errors in the program (Page 4481) WinCC Advanced V14 System Manual, 10/2016 4811 Programming the PLC 11.15 Compiling and loading blocks 11.15.1.3 Compiling blocks in the program editor Note Note that the block is recompiled even if you have not made any changes and the time stamp of the block is modified. Requirement The block to be compiled is open. Procedure To compile a block in the program editor, follow these steps: 1. Right-click in the instruction window of the programming editor. 2. Select the "Compile" command in the shortcut menu. Result The code for the block is generated. Instance data blocks generated by the system which are no longer needed will be deleted. The message under "Info > Compilation" in the inspector window reports whether the compilation was successful. See also Basic information on compiling blocks (Page 4808) Compiling blocks in the project tree (Page 4810) Correcting compilation errors (Page 4812) 11.15.1.4 Correcting compilation errors In the Inspector window in "Info > Compile", you can see whether any compilation was successful or whether errors were detected in the program. If errors occur, you will need to correct them and then start the compilation again. Procedure To correct errors following compilation, follow these steps: 1. Open the error list in the Inspector window with "Info > Compile". 2. If there is one, click on the blue question mark next to the error text for information on remedying errors. 3. Double-click the error you want to correct. The corresponding error is highlighted. 4812 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks 4. Correct the error. 5. Restart compilation. See also Basic information on compiling blocks (Page 4808) Compiling blocks in the program editor (Page 4812) Compiling blocks in the project tree (Page 4810) 11.15.2 Downloading blocks for S7-1200/1500 (S7-1200, S7-1500) 11.15.2.1 Introduction to downloading blocks (S7-1200, S7-1500) Downloading blocks to device So that the CPU can execute the user program, the program must first be compiled and then downloaded to the device. Loading into the device can be started through different methods: By using the commands in the "Online" menu By using the shortcut menu By using the "Load" button in the toolbar Depending on the selected object (such as individual blocks in the programming editor, the complete block folder or the connected CPU in the project navigation) and the command selected, you can load the following components: Hardware and software (only changes) Hardware configuration Software (only changes) Software (all) During the loading operation, all information that is required for the reconstruction of the program, including symbolic information such as the names and comments for code and data blocks, is also loaded in the current project language. If you change the project language, you must therefore re-load the program. The symbolic information is not loaded to the work memory, but rather to the load memory. After the data has been loaded from a device, the symbolic information is available again in your program, which increases the readability of your program code. Please note, however, that loading to and from a device is not a substitute for storing data in an offline project, as watch tables or multi-language capability of projects cannot be reproduced by loading to and from a device. After loading from a device, you can only display all data from know-how-protected blocks by entering the correct password. WinCC Advanced V14 System Manual, 10/2016 4813 Programming the PLC 11.15 Compiling and loading blocks Note No valid hardware configuration available If no valid hardware configuration was found on the CPU while loading the software, the existing hardware is loaded as well during a "Download to device". Please note that, in this case, hardware components are also loaded during the download, even though you executed the command for loading software. Note To avoid inconsistencies between calling and called blocks, all blocks affected are compiled and loaded after each global change, such as a change in the block interface. Note S7-1200 Version 1.0 If you download an element of your project to the CPU, for example a program block, a data block or the hardware configuration, the CPU runs a cold restart the next time it changes to RUN mode. Apart from deleting the inputs, initializing the outputs and deleting the non-retentive memory, cold restart also deletes the retentive memory areas. All subsequent changes from STOP to RUN are warm restarts in which the retentive memory is not deleted. Note S7-1500 The load memory of S7-1500 series CPUs is on the SIMATIC memory card. Therefore, a SIMATIC memory card absolutely must be inserted in order to operate the CPU. Uploading blocks from device You can load the blocks of a device to your project. This is necessary, for example, if you want to edit blocks that only exist in this device. You have the option of loading either all available blocks (organization blocks, function blocks, functions and data blocks) and global PLC tags or individual blocks to the project. Note Loading CPU S7-300/400 When loading from a device, please note that alarm information may be lost and that this could lead to errors during compilation. 4814 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Uploading blocks from or downloading blocks to a memory card Memory cards are plug-in cards used with an S7-1200 series CPU, for example, to replace the load memory of a device. In the case of S7-1500 series CPUs, they contain the load memory. Only the SIMATIC memory card from Siemens can be used for devices of the S7-1200 and S7-1500 series. To use a memory card as load memory, you must download the user program or individual blocks to a memory card. You can just as well upload blocks from a memory card back into the project. Note S7-1200 Note the following when uploading to or downloading from a memory card: If the CPU contains no previous program and you insert an empty memory card in the CPU the program will be loaded from the PG/PC to the memory card and not to the CPU. If you insert an empty memory card prior to the startup of the CPU, the program that is on the CPU will be transferred automatically to the memory card. The program on the CPU will then be deleted. If you insert a memory card with a program in the CPU prior to the startup of the CPU and the CPU already contains a program, the program on the memory card will be executed and not the program on the CPU. The program on the CPU will be deleted. Loading GRAPH function blocks If you load a GRAPH function block together with its instance data block, the processing of the sequencer starts over at the initial step. As a result, problems may occur when synchronizing the sequencer with the process. You can avoid these problems by switching off the sequencer before loading. Downloading changes without reinitialization It often proves necessary to edit or expand a PLC program that was already commissioned and that is running on the plant without error. Such operations should be performed without causing any major interruptions of current operations. S7-1500 therefore offers the option of extending the interfaces of function or data blocks during runtime and loading the modified blocks without setting the CPU to STOP or affecting the value of tags that are already loaded. This is a simple means of implementing program changes. This load process (download without reinitialization) will not have a negative impact on the controlled process. WinCC Advanced V14 System Manual, 10/2016 4815 Programming the PLC 11.15 Compiling and loading blocks Effects of a load operation on the tag values of a data blocks When data blocks are downloaded to a device in STOP mode, the next transition of the device to RUN affects the current tag values as follows: Tags not marked as being retentive retain their defined start values. Retentive tags of the S7-1200 only retain their values if the following conditions are met: - You loaded the data block by means of "Download to device > Software (changes only)". - You made no changes to the DB structure. Otherwise the retentive tags will also retain their defined start values. Retentive tags of the S7-1500 only retain their values if the following conditions are met: - You loaded the data block by means of "Download to device > Software (changes only)". - You made no changes to the structure of the data block or modified it within the memory reserve. Otherwise the retentive tags will also retain their defined start values. Loading blocks with synchronization In team engineering, it is possible for several users to work on one project with several engineering systems at the same time and access one S7-1500 CPU. To ensure consistency within the shared project, it is necessary to synchronize the changed data prior to loading so that nothing gets overwritten unintentionally. If differences are determined between the online and offline data management within the shared project during loading that were caused by a different engineering system, automatic synchronization of the data to be loaded is offered during loading. In this case, the "Synchronization" dialog displays the data to be synchronized with the current status (online-offline comparison) and the possible actions. The following options are available for synchronization: Application case Recommendation Synchronization One or more blocks on the CPU (online) are more recent than in the engineering system (offline). These blocks should be downloaded from the CPU to the engineering system before loading. Automatic synchronization is possible: One or more new blocks have been cre These blocks should be downloaded ated and exist only in the CPU (online). from the CPU to the engineering system before loading. Automatic synchronization is possible: One or more blocks on the CPU have been deleted. 4816 The blocks in the engineering system are updated prior to loading. The new blocks are added prior to the download in the engineering system. The blocks should also be deleted prior Automatic synchronization is not possi to the download in the engineering sys ble. tem. The blocks deleted on the CPU should be manually deleted in the offline project in the engineering system. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Application case Recommendation Synchronization One or more blocks on the CPU and in the engineering system are different. These blocks with competing changes must be adapted manually. You decide in this case which changes you are go ing to accept. Automatic synchronization is not possi ble: This is the case when a different user has changed blocks to which you have also made corrections and has already downloaded them to the CPU. If the blocks on the CPU are to be re tained, you should accept these blocks prior to download from the CPU to your engineering system. The affected blocks on the CPU or in the engineering system must be adapted manually. One of the existing block ver sions (online or offline) will be overwrit ten in the process. If the blocks that you have changed are to be applied, you can continue with the download without synchronization. There are differences in the hardware configuration on the CPU (online) and in the engineering system (offline). Differences in the hardware configura tion must be adapted manually. You de cide in this case which hardware config uration you are going to accept. Automatic synchronization is not possi ble: If the existing hardware configuration on the CPU is to be retained, you should apply these in your engineering system prior to loading. One of the existing hardware configura tions (online or offline) will be overwrit ten in the process. The hardware configuration must be adapted manually. If you want to apply the changed hard ware configuration, you can continue with the download without synchroniza tion. You can use the "Force download to device" command to download blocks without synchronization, if desired. Loading I&M data in PROFINET IO devices to load your modules When loaded in a device, you can load I&M data in PROFINET IO devices and their modules in addition to the above-mentioned components. 11.15.2.2 Downloading blocks in the "RUN" operating mode to the device (S7-1200, S7-1500) Basics on downloading blocks in the "RUN" operating mode When you download modified blocks to the device, it is not always necessary to switch the device to the "STOP" operating mode. Prior to a download operation, the Engineering System checks whether the device must be stopped before downloading. The result of this check is displayed in the "Load preview" dialog. If it is necessary to change to the "STOP" operating mode, you cannot continue the download process until you have stopped the CPU. If the requirements are met, you can also download a modified program or program parts to a CPU in "RUN" operating mode. The quantity structures may be exceeded for very complex programs which prevents a download in "RUN". In this case you must first create the prerequisites for a download in "RUN". WinCC Advanced V14 System Manual, 10/2016 4817 Programming the PLC 11.15 Compiling and loading blocks Tips: Use a memory card with sufficient capacity. Select a CPU with sufficient work memory. If necessary, reduce the number of downloaded objects (blocks, constants, PLC tags, data types). If you cannot download all objects at once, proceed in several steps and download a smaller number of objects in each step. Note Actual parameters are not overwritten by a download process in the "RUN" operating mode. Changes to the actual parameters will not become effective until the next time you change the operating mode from "STOP" to "RUN". Downloading changes in "RUN" The table below shows which program and configuration changes can be downloaded in "RUN" operating mode, sorted by CPU family and taking into consideration the firmware versions of the CPUs. Explanations on the table: "RUN": Change can be downloaded in "STOP" operating mode as well as in "RUN" operating mode to the CPU. "RUN (< 57)": The CPU can integrate up to 56 new or modified objects/blocks in one program cycle. If you download more objects/blocks, they are integrated in several successive program cycles. If you want to download all objects/blocks consistently, you must set the CPU to "STOP" operating mode. This number depends on the setting for S7-300 CPUs with configuration option "Process mode/test mode". "RUN (Init)": Change can be downloaded in "RUN" operating mode; downloaded data blocks are re-initialized. "STOP": Change can only be downloaded in "STOP" operating mode. "STOP (Reset)": Change can only be downloaded in "STOP" operating mode; all data including retentive data is reset. S7-300 S7-400 S7-1200 V4.0 and higher S7-1500 Action/type of change Download possible in mode ... Modified properties of HW components. This includes changes to comments in the HW configuration. STOP STOP STOP STOP Added HW components STOP STOP STOP STOP New/revised text lists (messages) RUN RUN STOP RUN (V1.1 and higher) 4818 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks S7-300 S7-400 S7-1200 V4.0 and higher S7-1500 Action/type of change Download possible in mode ... Revised comments (new, revised, de leted) with the exception of comments in the HW configuration - - RUN RUN Number of blocks downloaded at the same time RUN (<17) RUN (<57) RUN (<21) RUN (all) Download PLC program to the device and reset STOP (Reset) STOP (Reset) STOP (Reset) STOP (Reset) New OB RUN RUN STOP RUN Modified OB: Code changes RUN RUN RUN RUN OB with modified properties RUN RUN STOP RUN Deleted OB RUN RUN STOP RUN New FB/FC/DB/User Data Type (UDT) RUN RUN RUN RUN Deleted FB/FC/DB/User Data Type (UDT) RUN RUN RUN RUN Revised FB/FC: Code change RUN RUN RUN RUN Revised FB/FC: Interface change* STOP STOP RUN RUN Modified DB: Modified property ("Only store in load memory" attribute changed) STOP STOP RUN (Init) RUN (Init) Modified DB (memory reserve not ena bled): Name/type of tags modified, tags added or deleted ** RUN (Init) RUN (Init) RUN (Init) RUN (Init) Modified DB (memory reserve enabled): New tag added** - - RUN RUN Modified User Data Type (UDT) STOP STOP RUN (Init) RUN (Init) Add new PLC tags (timer, counter, bit memory) RUN RUN RUN RUN Modified retentivity settings (timer, coun ter, bit memory, DB area) STOP STOP STOP STOP - - STOP (e.g., cycle time change) Motion Control technology objects: Changes to MC Servo cycle clock, change from free-running to cyclical (and vice ver sa). Changes to the HW interface of the TO * If the interface change results in structural changes at the instance DB, see "Modified DB...". ** For the effect of download of data block changes to the data block content, see section "Downloading data blocks to the CPU" WinCC Advanced V14 System Manual, 10/2016 4819 Programming the PLC 11.15 Compiling and loading blocks Download of changes in "RUN" with older CPU firmware versions The table below shows which changes you can download in "RUN" operating mode, in particular, for which older CPU firmware versions. S7-1200 S7-1200 V1.0 - 2.1 V2.2 - V3.0 Action/type of change Download possible in mode ... Modified properties of HW components. STOP STOP Added HW components STOP STOP New/revised text lists (messages) STOP STOP This includes changes to comments in the HW configuration. Revised comments (new, revised, deleted) with the exception of com STOP ments in the HW configuration RUN Number of blocks downloaded at the same time STOP RUN (<11) Download PLC program to the device and reset STOP (Reset) STOP (Reset) New OB STOP STOP Modified OB: Code changes STOP RUN OB with modified properties (e.g., cycle time change) STOP STOP Deleted OB STOP STOP New FB/FC/DB/User Data Type (UDT) STOP RUN Deleted FB/FC/DB/User Data Type (UDT) STOP RUN Revised FB/FC: Code change STOP RUN Revised FB/FC: Interface change STOP STOP Modified DB: Modified property ("Only store in load memory" attribute changed) STOP STOP Modified DB (memory reserve not enabled): Name/type of tags modi fied, tags added or deleted STOP STOP Modified User Data Type (UDT) STOP STOP Add new PLC tags (timer, counter, bit memory) STOP STOP Modified retentivity settings (timer, counter, bit memory, DB area) STOP STOP Downloading data blocks to the CPU Depending on the conditions, the download of new or modified data blocks has an effect on the actual values in the data block: Download new data blocks Download structurally modified data blocks (memory reserve not enabled) 4820 Actual values in the new data blocks are set to start values. Actual values of added tags in the structurally modified data blocks are set to start values. WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Download structurally modified data blocks (memory reserve enabled) The following actual values are retained: Actual values of tags outside the memory reserve Actual values of tags that were not modified within the memory reserve Actual values of added tags within the memory reserve are set to start values. Download of simply modified data blocks (no Actual values are retained. structural modification) Additional information Additional information on download of block extensions without re-initialization and download of modified values for data blocks is available at "See also". See also Downloading blocks from program editor to device (Page 4821) Downloading blocks from the project tree to the device (Page 4823) Downloading project data to a device (Page 372) 11.15.2.3 Downloading blocks from program editor to device (S7-1200, S7-1500) Requirement The block to be downloaded is open. WinCC Advanced V14 System Manual, 10/2016 4821 Programming the PLC 11.15 Compiling and loading blocks Procedure To download a block from the program editor to the device, follow these steps: 1. Right-click in the instruction window of the programming editor. 2. Select the "Download to device" command in the shortcut menu. - If you have not already established an online connection, the "Extended download to device" dialog opens. In this case, set all parameters required for the connection and click "Load". - You can save your preferred connection parameters as default under "Options > Settings > Online & Diagnostics". When you first load with new connection parameters, a query is automatically displayed whether you want to store it as a default setting. Click "Yes", if you want to save the current connection parameters as default. - You have the option of showing all compatible devices by selecting the corresponding option and clicking the "Start search" command. You can also open the "Extended download to device" dialog explicitly via the "Online" menu. See also: Establishing and terminating an online connection - If you have already specified an online connection, then the project data is compiled if necessary and the "Load preview" dialog opens. This dialog displays alarms and proposes actions necessary for loading. 3. Check the alarms and, where necessary, enable the actions in the "Action" column. As soon as downloading becomes possible, the "Load" button is enabled. Note Actions Performing the proposed actions during ongoing plant operation can cause serious damage to property or injury to persons if there are functional faults or program errors. Make sure that no dangerous situations can arise before you start the actions. Note To avoid inconsistencies between calling and called blocks, download all affected blocks each time you make global changes, such as changes in the block interface. Select the "Consistent download" action. 4. Click "Load". If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are needed for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. Click "Continue download" in order to download the block. The "Load results" dialog then opens and shows you the status and the actions after the download operation. 5. If you want to start the modules again directly after downloading, select the "Start all" check box. 6. To close the "Load results" dialog box, click "Finish". 4822 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Result The code for the block will be downloaded to the device. If the changes affect additional blocks, these will be compiled and also downloaded to the device. Blocks that only exist online in the device are deleted. Existing CPU data blocks are retained, however. Inconsistencies between the blocks in the user program are avoided by loading all blocks affected and deleting the unneeded blocks in the device. The messages under "Info > General" in the Inspector window show whether the downloading process was successful. See also Downloading blocks from the project tree to the device (Page 4823) Downloading project data to a device (Page 372) Downloading blocks in the "RUN" operating mode to the device (Page 4817) 11.15.2.4 Downloading blocks from the project tree to the device (S7-1200, S7-1500) In the project tree you can download one block, multiple blocks or all blocks to a device. Downloading one or more blocks from the project tree to the device To download one block or multiple blocks to the device from the project tree, follow these steps: 1. Open the "Program blocks" folder in project tree. 2. Select the blocks you want to download. 3. Select the "Download to device > Software (only changes)" command from the shortcut menu. - If you have not already established an online connection, the "Extended download to device" dialog opens. In this case, set all parameters required for the connection and click "Load". - You can save your preferred connection parameters as default under "Options > Settings > Online & Diagnostics". You will be prompted as such when you download new connection parameters for the first time. Select "Yes", if you want to save the current connection parameters as default. - You have the option of showing all compatible devices by selecting the corresponding option and clicking the "Start search" command. You can also open the "Extended download to device" dialog explicitly via the "Online" menu. See also: Go online and Go offline - If you have already specified an online connection, then the project data is compiled if necessary and the "Load preview" dialog opens. This dialog displays alarms and proposes actions necessary for loading. WinCC Advanced V14 System Manual, 10/2016 4823 Programming the PLC 11.15 Compiling and loading blocks 4. Check the alarms and, where necessary, enable the actions in the "Action" column. Note Performing the proposed actions during ongoing plant operation can cause serious damage to property or injury to persons if there are functional faults or program errors. Make sure that no dangerous situations can arise before you start the actions. As soon as downloading becomes possible, the "Load" button is enabled. 5. Click "Load". If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are needed for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. Click "Continue download" in order to download the block. The "Load results" dialog then opens and shows you the status and the actions after the download operation. 6. If you want to start the modules again directly after downloading, select the "Start all" check box. 7. To close the "Load results" dialog box, click "Finish". Downloading blocks from the project tree to the device To download all blocks in the "Program blocks" folder to the device from the project tree, follow these steps: 1. Select the "Program blocks" folder in the project tree. 2. Select the "Download to device" submenu in the shortcut menu. 3. If you only want to download the changes since the last download, select the "Software (only changes)" option. If all blocks are to be fully loaded and all values are to be reset to their start values, select "Download PLC program to the device and reset". - If you have not already established an online connection, the "Extended download to device" dialog opens. In this case, set all parameters required for the connection and click "Load". You have the option of showing all compatible devices by selecting the corresponding option and clicking the "Start search" command. You can also open the "Extended download to device" dialog with the "Online" menu. See also: Go online and Go offline - If you have already specified an online connection, then the project data is compiled if necessary and the "Load preview" dialog opens. This dialog displays alarms and proposes actions necessary for loading. 4. Check the alarms and, where necessary, enable the actions in the "Action" column. Note Performing the proposed actions during ongoing plant operation can cause serious damage to property or injury to persons if there are functional faults or program errors. Make sure that no dangerous situations can arise before you start the actions. As soon as downloading becomes possible, the "Load" button is enabled. 4824 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks 5. Click "Load". If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are needed for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. Click "Continue download" in order to download the block. The "Load results" dialog then opens and shows you the status and the actions after the download operation. 6. If you want to start the modules again directly after downloading, select the "Start all" check box. 7. To close the "Load results" dialog box, click "Finish". Result The code for the blocks is downloaded to the device. If the changes affect additional blocks, these will be compiled and also downloaded to the device. Blocks that only exist online in the device are deleted. Inconsistencies between the blocks in the user program are avoided by loading all blocks affected and deleting the unneeded blocks in the device. The messages under "Info > General" in the Inspector window show whether the downloading process was successful. See also Downloading blocks from program editor to device (Page 4821) Downloading project data to a device (Page 372) Downloading blocks in the "RUN" operating mode to the device (Page 4817) 11.15.2.5 Uploading blocks from device (S7-1200, S7-1500) You can load either all the blocks or only individual blocks from a device to your project. Note Please note the following: Please note that when you load individual blocks, no tags or other required blocks to which you may refer are loaded together with the individual blocks. During the loading operation, references to tags and blocks are reassigned where possible based on the names. After the loading operation, check whether these assignments are correct. When loading from a device to an empty project, any existing folder structures for blocks and objects from libraries might not be loaded. S7-1500: When GRAPH function blocks are loaded from a device to your project, the stepspecific alarm texts for the interlock and supervision alarms are not loaded. S7-1500: The start values that you have changed with the instruction "WRIT_DBL: Write to data block in the load memory" will be lost during execution of the action "Upload from device". WinCC Advanced V14 System Manual, 10/2016 4825 Programming the PLC 11.15 Compiling and loading blocks Requirement The online and offline versions of the blocks to be loaded differ or the blocks only exist online. Loading all blocks from a device To load all blocks from a device, follow these steps: 1. Establish an online connection with the device from which you want to load the blocks. See also: Establishing and terminating an online connection 2. In the project tree, select the device folder from which you want to load blocks. 3. In the "Online" menu, select the "Upload from device" command. The "Upload preview" dialog box opens. This dialog displays alarms and proposes actions necessary for loading. 4. Check the alarms and, where necessary, enable the actions in the "Action" column. As soon as loading becomes possible, the "Upload from device" button is enabled. 5. Click the "Upload from device" button. The loading operation is performed. Loading individual blocks from a device To load individual blocks from a device, follow these steps: 1. Establish an online connection with the device from which you want to load the blocks. See also: Establishing and terminating an online connection 2. In the project tree, select the blocks that you want to load from the device. 3. In the "Online" menu, select the "Upload from device" command. The "Upload preview" dialog box opens. This dialog displays alarms and proposes actions necessary for loading. 4. Check the alarms and, where necessary, enable the actions in the "Action" column. As soon as loading becomes possible, the "Upload from device" button is enabled. 5. Click the "Upload from device" button. The loading operation is performed. Result The blocks will be loaded from the device to the project. You can edit them as normal, recompile them and load them to the device again. 11.15.2.6 Downloading blocks to a memory card (S7-1200, S7-1500) Requirement The memory card is marked as a program card. The "Program blocks" folder of the memory card is open. 4826 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.15 Compiling and loading blocks Procedure To download blocks to a memory card, follow these steps: 1. Open the "Program blocks" folder of the device in the project tree. 2. Select the blocks you want to download to the memory card. 3. Drag the blocks in project tree to the "Program blocks" folder of the memory card. You can also copy the blocks and add them to the memory card. If necessary, the blocks are compiled. The "Load preview" dialog then opens. This dialog displays alarms and proposes actions necessary for loading. 4. Check the alarms and, where necessary, enable the actions in the "Action" column. 5. As soon as downloading becomes possible, the "Load" button is enabled. 6. Click the "Load" button. If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are needed for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. Click "Continue download" to download the block. The "Load results" dialog then opens and shows you the status and the actions after the download operation. 7. Click "Finish". Or: 1. In the project tree, select the blocks that you want to upload. 2. Select the "Card reader/USB memory > Write to memory card" command in the "Project" menu. The "Select memory card" dialog opens. 3. Select a memory card which is compatible with the CPU. A button with a green check mark is activated at the bottom of the dialog. 4. Select the button with the green check mark. If necessary, the project data are compiled. The "Load preview" dialog then opens. This dialog displays alarms and proposes actions necessary for loading. 5. Check the alarms and, where necessary, enable the actions in the "Action" column. As soon as downloading becomes possible, the "Load" button is enabled. 6. Click the "Load" button. If there is a need for synchronization, the system automatically displays the "Synchronization" dialog. This dialog displays messages and suggests actions that are needed for the synchronization. You have the option of performing these actions or forcing the download without synchronization by clicking "Force download to device". If you have performed the suggested actions, you will be asked whether you want to continue with the download. Click "Continue download" to download the block. The "Load results" dialog then opens and shows you the status and the actions after the download operation. 7. Click "Finish". WinCC Advanced V14 System Manual, 10/2016 4827 Programming the PLC 11.15 Compiling and loading blocks Result The blocks are downloaded to the memory card. If the changes affect additional blocks, these will also be downloaded to the memory card. Blocks that exist only on the memory card are deleted. Inconsistencies between the blocks in the user program are avoided by downloading all affected blocks and the deleting of the non-required blocks on the memory card. The messages under "Info > General" in the Inspector window show whether the downloading process was successful. See also Uploading blocks from a memory card (Page 4828) Accessing memory cards (Page 440) 11.15.2.7 Uploading blocks from a memory card (S7-1200, S7-1500) You can only upload all blocks from one memory card back into your project. Requirement The memory card is displayed. See also: Accessing memory cards (Page 440) Procedure To upload blocks from a memory card to your project, follow these steps: 1. In the project tree, drag the folder of the memory card to the folder of the device in the project. You can also copy the memory card and insert it in the device. The "Upload preview" dialog box opens. This dialog displays alarms and proposes actions necessary for loading. 2. Check the alarms and, where necessary, enable the actions in the "Action" column. The "Upload from device" button will be enabled as soon as uploading becomes possible. 3. Click on the "Upload from device" button. See also Downloading blocks to a memory card (Page 4826) 11.15.2.8 Switching off the sequencer prior to loading a GRAPH DB (S7-1500) You can specify the switching off of the sequencer prior to loading an instance data block either globally or during the load operation. 4828 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Globally switching off the sequencer To switch off the sequencer globally for each loading operation of an instance data block, follow these steps: 1. Select the "Settings" command in the "Options" menu. The "Settings" window is displayed in the work area. 2. Select the "PLC programming > GRAPH" group in the area navigation. 3. Select the "Turn off sequence before downloading DB" check box. For future loading operations, the sequencer is switched off prior to loading of the instance data block. Switching off the sequencer during the loading operation To switch off the sequencer during the loading operation, follow these steps: 1. Load the GRAPH function block to the device. During the loading operation, the "Load preview" dialog opens. This dialog displays alarms and suggests the required actions for loading. If the instance data block must be loaded together with the GRAPH function block, the "Load preview" dialog suggests the action "Turn off sequence before downloading the DB". 2. Select the "Turn off sequence before downloading DB" check box. 11.16 Comparing PLC programs 11.16.1 Basic information on comparing PLC programs 11.16.1.1 Introduction to comparing PLC programs Function You can compare the following objects of a PLC program in order to detect any differences: Code blocks with other code blocks Data blocks with other data blocks PLC tags of a PLC tag table with the PLC tags of another PLC tag table PLC data types with other PLC data types WinCC Advanced V14 System Manual, 10/2016 4829 Programming the PLC 11.16 Comparing PLC programs Types and levels of comparison Two different basic types of comparison can be used: Online/offline comparison The objects in the project are compared with the objects of the corresponding online device. An online connection to the device is necessary for this comparison. Offline/offline comparison The offline/offline comparison allows you to compare objects from two devices that are either in the same project or in different projects. As a comparison device, a device can be dragged from a library onto the right drop area. Please note that you cannot carry out an unlimited number of comparisons at the same time, but only one comparison per comparison type (online/offline or offline/offline). You can choose between the following levels of comparison depending on how in-depth an object comparison you require: Compare editor Detailed comparison When you start a comparison, you will first receive an overview in the compare editor. For some comparison objects, you can then start a detailed comparison in which the objects compared will be opened side-by-side, each in its own program editor instance. Any differences will be highlighted. The table below gives an overview of the types and levels of comparison you can apply for each object: Object Online/offline Offline/offline Compare editor Detailed compari son Compare editor Detailed comparison LAD block X X X X FBD block X X X X STL block1 X X X X SCL block X X X X GRAPH block2 X X4 X X5 Global data block X X X X Instance data block X X X X PLC tags - - X X PLC data type X4 X4 X X 34 Legend: X: available -: not available : STL is not available for S7-1200 1 : GRAPH is not available for S7-1200 2 : not for S7-1200 older than version 2.0 3 : not for S7-300/400 4 : only comparable with a GRAPH block from the same CPU family 5 4830 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Note Please note the following: You cannot perform a detailed comparison for know-how protected blocks. If the detail comparison detects differences only with respect to the data types of local tags, with offline being an interrupt data type (C_ALARM C_ALARM_S C_ALARM_8 C_ALARM_8P C_ALARM_T C_AR_SEND C_NOTIFY C_NOTIFY_8P) and online a DWORD, this difference is not marked as such. You cannot run a detailed comparison for types and master copies from libraries. Comparing PLC programs based on checksums In addition to the comparison options listed above, TIA Portal gives provides you the option of a simple checksum comparison: The system automatically determines a checksum for the entire PLC program. Based on this checksum, you can easily determine whether two PLC programs are identical. See also: Comparing PLC programs based on checksums (Page 4833) See also Basics of project data comparison (Page 379) Comparing blocks and PLC data types (Page 4831) Comparing PLC tags (Page 4832) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Performing detailed block comparisons (Page 4835) 11.16.1.2 Comparing blocks and PLC data types Assignment criteria The blocks and PLC data blocks to be compared are assigned to each other on the basis of the following criteria: Blocks: - Online/offline comparison: Addresses, e.g. FB100 or DB100 - Offline/offline comparison: Symbolic names of the blocks PLC data types: PLC data types are assigned to each other by name WinCC Advanced V14 System Manual, 10/2016 4831 Programming the PLC 11.16 Comparing PLC programs Comparison When comparing blocks and PLC data types, checksums are formed for specific properties that serve as the basis for comparison. Some of these properties are grouped into categories in the Comparison Editor. No checksums are available with an online/offline comparison for CPUs of the S7-300/400 series; the time stamp is evaluated in this case. Basically, the time stamp is issued as information for an online/offline comparison for all CPUs as a separate category. After performing the comparison, you can use actions to define what is to be done about the differences. You can also start a detailed comparison for blocks. The versions of a block compared are opened beside each other and the differences are highlighted. See also Introduction to comparing PLC programs (Page 4829) Comparing PLC tags (Page 4832) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Performing detailed block comparisons (Page 4835) 11.16.1.3 Comparing PLC tags Introduction The device PLC tag tables will also be shown in the comparison editor if you carry out an offline/ offline comparison. The PLC tag tables are assigned to each by name and you can see at a glance whether the PLC tag tables are available in both devices. If necessary, you can also perform a detailed comparison for a PLC tag table. You obtain the overall status of the all PLC tags with an online/offline comparison of CPUs of the S7-1200/1500 series: See also Introduction to comparing PLC programs (Page 4829) Comparing blocks and PLC data types (Page 4831) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Performing detailed block comparisons (Page 4835) 4832 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs 11.16.1.4 Comparison of PLC programs based on checksums Introduction PLC programs are automatically identified with unique checksums during compilation. Based on this checksum, you can identify your program and determine whether two PLC programs are identical. Because the checksum is loaded to the CPU together with the PLC program, it can also serve as important information in case of a service call. You can, for example, easily determine whether the program that is currently running on the CPU is the same program you loaded some time ago or if it has been changed in the meantime. The original program does not need to be installed on your programming device (PG) in this case. Creation of the system diagnostics blocks PLC programs are automatically given a unique checksum during compilation. If the next compilation run detects that the PLC program has been changed, the program is given a new checksum. If the PLC program has not changed but is still compiled again, the checksum remains the same. The checksum also remains unchanged when you make changes and undo them. The check takes place every time the PLC program is compiled, for example, when you select a CPU or a block folder and use the menu command "Compile > Software". Two checksums are generated: Checksum for software: A checksum is generated across all blocks in the block folder. - Blocks that are not called in the program but exist in the block folder are also included in the checksum. - Safety blocks and safety PLC data types (UDT) are not taken into consideration. - Changes to watch tables or force tables do not change the checksum. - Data blocks that are created or modified during runtime, for example, by the instructions "WRIT_DBL", "CREAT_DB" and "DELETE_DB", do not influence the formation of the checksum. Checksum for text lists: A checksum is generated for all text lists in the project. Loading the checksum The checksum is loaded to the CPU together with the PLC program and is available in the online program. During download from the CPU, the checksum is not applied to the offline project because it is generated again automatically during the next compilation. Evaluating the checksum The checksum is displayed in the CPU properties (Properties > General > Checksums). From there, you can apply it manually to your documents. The "GetChecksum" extended instruction is available to read out the checksum while the program is running. WinCC Advanced V14 System Manual, 10/2016 4833 Programming the PLC 11.16 Comparing PLC programs See also GetChecksum: Read out checksum (Page 3766) 11.16.2 Comparing blocks 11.16.2.1 Comparing blocks in the compare editor You have the following options for comparing blocks in the compare editor: Online/offline comparison The blocks in the project are compared with the blocks of the selected device. Automatic offline/offline comparison All blocks of the selected devices are compared offline. Manual offline/offline comparison The selected blocks of the devices are compared offline. Carrying out an online/offline comparison of blocks To perform an online/offline comparison, follow these steps: 1. Select a device in the project tree that allows online/offline comparison. 2. Select the "Compare > Offline/online" command in the shortcut menu. 3. If you have not already established an online connection to this device, the "Go online" dialog opens. In this case, set all the necessary parameters for the connection and click "Connect". The online connection is established and the compare editor opens. 4. Open the "Program blocks" folder. You can identify the status based on the symbols in the status and action area. You can define certain actions depending on the status of the objects. Note, however, that you can only perform actions in one direction in a synchronization action. Performing an automatic offline/offline comparison of blocks To perform an automatic offline/offline comparison of blocks, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. Open the "Program blocks" folder. You can identify the status of the objects based on the symbols in the status and action area. You can define certain actions depending on the status of the objects. When you select an object, the object's properties and the corresponding object of the assigned device are clearly shown in the properties comparison. 4834 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs You can drag any other device to the drop area at any time to perform further comparisons. Carrying out a manual offline/offline comparison of blocks To perform a manual offline/offline comparison of blocks, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. In the status and action area, click on the button for switching between automatic and manual comparison. 5. Select the objects that you want to compare. The properties comparison is displayed. You can identify the status of the objects based on the symbols. You can define certain actions depending on the status of the objects. You can drag any other device to the drop area at any time to perform further comparisons. See also Basics of project data comparison (Page 379) Introduction to comparing PLC programs (Page 4829) Using the compare editor (Page 384) Performing detailed block comparisons (Page 4835) Comparing PLC tags (Page 4858) Comparing PLC data types (Page 4860) 11.16.2.2 Performing detailed block comparisons Start a detailed comparison for LAD/FBD/STL/SCL blocks You can start a detailed comparison for blocks. The versions of a block compared are opened beside each other and the differences highlighted. Note Please note the following: For blocks that are created in the programming language SCL, the detail comparison is not available for S7-1200 series CPUs with a version older than 2.0. S7-1500: It is possible that another user can carry out a loading process on the CPU through joint parallel working on a CPU. If the currently compared block is changed or deleted by this loading process, the detailed comparison is terminated and a message is displayed. In this case, re-start the detailed comparison, if required. WinCC Advanced V14 System Manual, 10/2016 4835 Programming the PLC 11.16 Comparing PLC programs Starting detailed comparisons using the compare editor To start a detailed comparison for a block using the compare editor, follow these steps: 1. First, perform an online/offline or an offline/offline comparison. The compare editor opens. 2. In the compare editor, select the block for which you want to perform a detailed comparison. 3. Click "Start detailed comparison" in the toolbar or select the "Start detailed comparison" from the shortcut menu. Starting detailed comparisons in the program editor For the comparison type online/offline, you can start the detailed comparison directly in the program editor. To do this, follow these steps: 1. Open the block for which you wish to carry out a detailed comparison. 2. Establish an online connection. See also: Go online and Go offline Note Please note that the block must be available online in order for you to be able to start the detailed comparison for the block within the programming editor. 3. Click "Detailed comparison" in the toolbar. 4. Confirm the dialog for closing the block with "Yes". Result One instance of the program editor will be opened for each version of the block compared and the two instances are displayed side by side. Any differences will be highlighted. See also Basic information on comparing PLC programs (Page 4829) Carrying out offline/offline comparisons (Page 382) Carrying out an online/offline comparison (Page 382) Using the compare editor (Page 384) Visualization of the comparison result for LAD/FBD (Page 4838) Visualization of the comparison result for STL (Page 4842) Visualization of the comparison result for SCL (Page 4845) Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) 4836 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Start detailed comparison for GRAPH blocks (S7-300, S7-400, S7-1500) You can start a detailed comparison for GRAPH blocks. The versions of a block compared are opened beside each other and the differences highlighted. The following comparison methods are available for GRAPH blocks: Compare sequence Complete sequencers are compared with each other in this mode. A detailed comparison for a GRAPH block always starts in the "Compare sequence" comparison mode. This means the comparison starts at the beginning of the sequencer and the differences between the sequencers are displayed. If there are structural differences between the sequencers, the comparison results are only displayed up to the first structural difference. Compare selection You can use the "Compare selection" comparison mode to compare any areas with each other. This means you can compare sections of the sequencer which are downstream from a structural difference in the sequence. You can toggle at random between both comparison modes. Note S7-1500: It is possible that another user can carry out a loading process on the CPU through joint parallel working on a CPU. If the currently compared block is changed or deleted by this loading process, the detailed comparison is terminated and a message is displayed. In this case, re-start the detailed comparison, if required. Procedure To start a detailed comparison, follow these steps: 1. First, perform an online/offline or an offline/offline comparison between the two devices. The compare editor opens. 2. In the compare editor, select the GRAPH block for which you want to perform a detailed comparison. Note The manual comparison is also available for an offline/offline comparison. It lets you select any GRAPH block in the comparison editor for the comparison. 3. Click "Start detailed comparison" in the toolbar. One instance of the program editor is opened for each version of the GRAPH blocks compared and the two instances are displayed side by side. Any differences will be highlighted. The comparison takes place in the "Compare sequence" mode. 4. To compare specific areas within the displayed sequencers, select the step from which you want to start the comparison in each sequencer. 5. Click "Comparison mode" in the toolbar. The comparison mode changes to "Compare selection" and the comparison result is updated. The sequencers are compared as of the selected steps. The compared substrings are highlighted. WinCC Advanced V14 System Manual, 10/2016 4837 Programming the PLC 11.16 Comparing PLC programs 6. To compare other areas, select the steps which are to serve as starting point for the comparison. 7. Click "Update the comparison result" in the toolbar. Note When you change the comparison mode, you are also updating the comparison results at the same time. If you stay in "Compare selection" mode, you must manually update the comparison results every time you change the starting point. 8. To compare the complete sequencers once again, click "Comparison mode" in the toolbar. Each time you click "Comparison mode" you are changing the comparison mode. You can also open the drop-down list with the arrow and select the required mode from the list. See also Basic information on comparing PLC programs (Page 4829) Carrying out offline/offline comparisons (Page 382) Carrying out an online/offline comparison (Page 382) Using the compare editor (Page 384) Visualization of the comparison result for GRAPH (Page 4848) Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) Visualization of the comparison result Visualization of the comparison result for LAD/FBD Introduction The detailed comparison allows you to identify the exact places where versions of a block differ. The following color coding allows you to find these places as quickly as possible: The lines where there are differences are highlighted in gray. Differing operands and instructions are highlighted in green. If the number of networks differs, pseudo-networks are added to allow the display of identical networks to be synchronized. These pseudo-networks are highlighted in gray and contain the text "No corresponding network found" in the title bar of the network. Pseudonetworks cannot be edited. For the sake of clarity, not all the differences are highlighted but rather the first difference of an operation in each case. For example, if all the inputs in an instruction with multiple inputs are different in the offline and online versions of the block, only the first input is highlighted as a difference. You can resolve this difference and update the comparison list. The next input will then be highlighted as a difference. 4838 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs The number of differences highlighted within a network therefore depends on the number of instructions. Structure of the detailed comparison The following figure shows an example of the online/offline detailed comparison for the LAD programming language: Toolbar of the detailed comparison for LAD Reference block Compared block Comparison result in the Inspector window The following figure shows an example of the online/offline detailed comparison for the FBD programming language: WinCC Advanced V14 System Manual, 10/2016 4839 Programming the PLC 11.16 Comparing PLC programs Toolbar of the detailed comparison for FBD Reference block Compared block Comparison result in the Inspector window Note Display of the symbolic names of the online version of the block is only possible for S7-1200 and S7-1500. 4840 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Toolbar of the detailed comparison With the toolbar, you can access the following functions: General functions - Insert network - Delete network - Insert row - Add row - Open all networks - Close all networks Comparison-specific functions - Position on first difference - Position on previous difference - Position on next difference - Position on last difference - Synchronize scrolling between editors - Update comparison results Reference block The reference block is displayed in the left window. In an online/offline comparison, the reference block is the offline version of the block. Compared block The compared block is displayed in the right window. In an online/offline comparison, the compared block is the online version of the block. Comparison result in the Inspector window The differences are displayed in the form of a table in the "Info > Comparison result" tab of the Inspector window. Double-click on a row to navigate to the corresponding difference in the block. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) WinCC Advanced V14 System Manual, 10/2016 4841 Programming the PLC 11.16 Comparing PLC programs Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) Visualization of the comparison result for STL (S7-300, S7-400, S7-1500) Introduction The detailed comparison allows you to identify the exact places where versions of a block differ. The following color coding allows you to find these places as quickly as possible: The lines where there are differences are highlighted in gray. Differing operands and instructions are highlighted in green. If the number of networks differs, pseudo-networks are added to allow the display of identical networks to be synchronized. These pseudo-networks are highlighted in gray and contain the text "No corresponding network found" in the title bar of the network. Pseudonetworks cannot be edited. 4842 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Structure of the detailed comparison The following figure shows an example of the online/offline detailed comparison for the STL programming language: Toolbar of the detailed comparison for STL Reference block Compared block Comparison result in the Inspector window Note The display of the symbolic names of the online version of the block is only possible for S7-1500. WinCC Advanced V14 System Manual, 10/2016 4843 Programming the PLC 11.16 Comparing PLC programs Toolbar of the detailed comparison With the toolbar, you can access the following functions: General functions - Insert network - Delete network - Insert row - Add row - Open all networks - Close all networks Comparison-specific functions - Position on first difference - Position on previous difference - Position on next difference - Position on last difference - Synchronize scrolling between editors - Update comparison results Reference block The reference block is displayed in the left window. In an online/offline comparison, the reference block is the offline version of the block. Compared block The compared block is displayed in the right window. In an online/offline comparison, the compared block is the online version of the block. Comparison result in the Inspector window The differences are displayed in the form of a table in the "Info > Comparison result" tab of the Inspector window. Double-click on a row to navigate to the corresponding difference in the block. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) 4844 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) Visualization of the comparison result for SCL Introduction The detailed comparison allows you to identify the exact places where versions of a block differ. The following color coding allows you to find these places as quickly as possible: The lines where there are differences are highlighted in gray. Differing operands and instructions are highlighted in green. Note The online/offline detailed comparison is not available for the CPU families S7-300/400 and for S7-1200 with a version less than 2.0. WinCC Advanced V14 System Manual, 10/2016 4845 Programming the PLC 11.16 Comparing PLC programs Structure of the detailed comparison The following figure shows an example of the online/offline detailed comparison for the SCL programming language: Toolbar of the detailed comparison for SCL Reference block Compared block Comparison result in the Inspector window Note The display of the symbolic name of the online version of the block is only possible for S7-1200 and S7-1500. 4846 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Toolbar of the detailed comparison With the toolbar, you can access the following functions: General functions - Insert row - Add row Comparison-specific functions - Position on first difference - Position on previous difference - Position on next difference - Position on last difference - Synchronize scrolling between editors - Update comparison results Reference block The reference block is displayed in the left window. In an online/offline comparison, the reference block is the offline version of the block. Compared block The compared block is displayed in the right window. In an online/offline comparison, the compared block is the online version of the block. Comparison result in the Inspector window The differences are displayed in the form of a table in the "Info > Comparison result" tab of the Inspector window. Double-click on a row to navigate to the corresponding difference in the block. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) WinCC Advanced V14 System Manual, 10/2016 4847 Programming the PLC 11.16 Comparing PLC programs Visualization of the comparison result for GRAPH (S7-300, S7-400, S7-1500) Introduction The detailed comparison allows you to identify the exact places where versions of a block differ. When you start a detailed comparison for a GRAPH block, navigation is opened first. Use the dividers to toggle between the navigation and the currently set view. You can select other views with the toolbar of the detailed comparison. The result of the comparison is indicated by the comparison symbols. See also: Overview of the comparison editor (Page 384) Structure of the detailed comparison The following figure shows an example for the navigation view with an online/offline detailed comparison for the GRAPH programming language: 4848 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Toolbar of the detailed comparison for GRAPH Reference block Compared block Navigation toolbar Dividers Comparison result in the Inspector window The following figure shows an example for the sequence view with an online/offline detailed comparison for the GRAPH programming language: Toolbar of the detailed comparison for GRAPH Reference block Compared block Dividers WinCC Advanced V14 System Manual, 10/2016 4849 Programming the PLC 11.16 Comparing PLC programs Comparison result in the Inspector window Note If there are structural differences between the blocks, the comparison results are only displayed up to the first structural difference in the sequence view. The following figure shows an example for the single step view with an online/offline detailed comparison for the GRAPH programming language: Toolbar of the detailed comparison for GRAPH Reference block Compared block Dividers 4850 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Comparison result in the Inspector window Note The result of the comparison refers to the complete network Differences within the networks are not identified. The following figure shows an example for the view of permanent instructions with an online/ offline detailed comparison for the GRAPH programming language: Toolbar of the detailed comparison for GRAPH Reference block Compared block Dividers WinCC Advanced V14 System Manual, 10/2016 4851 Programming the PLC 11.16 Comparing PLC programs Comparison result in the Inspector window Note The result of the comparison refers to the complete network Differences within the networks are not identified. The following figure shows an example for the alarm view with an online/offline detailed comparison for the GRAPH programming language: Toolbar of the detailed comparison for GRAPH Reference block Compared block Dividers Comparison result in the Inspector window 4852 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Toolbars With the toolbar of the detailed comparison, you can access the following functions: General functions - Change to permanent pre-instructions - Change to sequence view - Change to single step view - Change to permanent post-instructions - Change to alarm view - Add sequence - Delete sequence - Insert network - Delete network - Insert row - Add row - Open all networks - Close all networks Comparison-specific functions - Position on first difference - Position on previous difference - Position on next difference - Position on last difference - Synchronize scrolling between editors - Update comparison results - Select the comparison mode The navigation has its own toolbar with the following functions: Zoom in or zoom out of elements within the navigation Synchronize navigation Reference block The reference block is displayed in the left window. In an online/offline comparison, the reference block is the offline version of the block. Compared block The compared block is displayed in the right window. In an online/offline comparison, the compared block is the online version of the block. WinCC Advanced V14 System Manual, 10/2016 4853 Programming the PLC 11.16 Comparing PLC programs Dividers You can click the dividers to toggle quickly between the navigation and the current view. Comparison result in the Inspector window The differences are displayed in the form of a table in the "Info > Comparison result" tab of the Inspector window. Double-click on a row to navigate to the corresponding difference in the block. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) Start detailed comparison for GRAPH blocks (Page 4837) Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) Navigating in the detailed comparison Requirement You have run a detailed comparison. Navigate to the differences To navigate to a difference between the two blocks, follow these steps: 1. Open the list of results for the detailed comparison under "Info > Comparison result" in the Inspector window. 2. Double-click a difference. The difference is selected in both editors. 4854 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Or: 1. Click one of the following navigation buttons on the toolbar: - Position on first difference Navigates to the first difference in the block, and displays the difference in both editors. - Position on previous difference Navigates to the previous difference starting from the current position, and displays the difference in both editors. - Position on next difference Navigates to the next difference starting from the current position, and displays the difference in both editors. - Position on last difference Navigates to the last difference in the block, and displays the difference in both editors. Switching off/on the synchronization of the vertical scrolling between the editors The scrolling for both editors is synchronized to ensure that the corresponding networks are visible parallel to each other during vertical scrolling. You can switch this mode off and on. To do this, follow these steps: 1. To switch off synchronized scrolling, click the "Synchronize scrolling between editors" button in the toolbar. 2. To switch on synchronized scrolling again, click the "Synchronize scrolling between editors" button one more time in the toolbar. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) Start detailed comparison for GRAPH blocks (Page 4837) Visualization of the comparison result for LAD/FBD (Page 4838) Visualization of the comparison result for STL (Page 4842) Visualization of the comparison result for SCL (Page 4845) Visualization of the comparison result for GRAPH (Page 4848) Changing blocks during the detailed comparison (Page 4856) Updating comparison results (Page 4857) WinCC Advanced V14 System Manual, 10/2016 4855 Programming the PLC 11.16 Comparing PLC programs Changing blocks during the detailed comparison While you are carrying out the detailed comparison, you can make changes to the blocks that are being compared. Remember the following: Online/offline comparison: You can change only the offline block. Offline/offline comparison: You can change only the offline block in the left-hand area. After a block change, it may be necessary to manually update the comparison result in the comparison editor to ensure that the comparison status is displayed correctly. You can then specify actions to synchronize the objects. Note You cannot change SCL blocks manually. However, you can apply changes from one block to the other block. In this regard, note the following points: You cannot apply any changes in an online block. You can only apply changes in an offline block if this is not write-protected. This is the case, for example, if the blocks of the detailed comparison come from different CPUs. It is then also possible to apply the changes to the block in the right-hand area. Changing LAD, FBD or STL blocks To change LAD, FBD or STL blocks, follow these steps: 1. Change the block in the left-hand area according to your requirements. 2. If necessary, click on "Update comparison results" in the toolbar. Changing GRAPH blocks To change a GRAPH block, follow these steps: 1. Switch to sequence view by clicking "Sequence view" between the two blocks. 2. Change the block in the left-hand area according to your requirements. 3. If necessary, click on "Update comparison results" in the toolbar. 4856 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Changing SCL blocks To apply a change from one block to another one, follow these steps: 1. In the sidebar of the block from which you want to apply a change to another block, click on the arrow in the corresponding line. The line is inserted in the other block and the arrow buttons are removed. Note The colors of the arrows mean the following: Gray: The changes cannot be applied to the other block, as the other block is either an online block or write-protected. Blue: The changes are applied from an offline block to the other block. Orange: The changes are applied from an online block to the other block. 2. If necessary, click on "Update comparison results" in the toolbar. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) Start detailed comparison for GRAPH blocks (Page 4837) Visualization of the comparison result for LAD/FBD (Page 4838) Visualization of the comparison result for STL (Page 4842) Visualization of the comparison result for SCL (Page 4845) Visualization of the comparison result for GRAPH (Page 4848) Navigating in the detailed comparison (Page 4854) Updating comparison results (Page 4857) Updating comparison results As soon as you change an object, the comparison results are no longer valid and must be updated. Requirement You have run a detailed comparison. WinCC Advanced V14 System Manual, 10/2016 4857 Programming the PLC 11.16 Comparing PLC programs Procedure To update the comparison results, follow these steps: 1. Click "Update the comparison result" in the toolbar. See also Basic information on comparing PLC programs (Page 4829) Carrying out an online/offline comparison (Page 382) Carrying out offline/offline comparisons (Page 382) Using the compare editor (Page 384) Start a detailed comparison for LAD/FBD/STL/SCL blocks (Page 4835) Start detailed comparison for GRAPH blocks (Page 4837) Visualization of the comparison result for LAD/FBD (Page 4838) Visualization of the comparison result for STL (Page 4842) Visualization of the comparison result for SCL (Page 4845) Visualization of the comparison result for GRAPH (Page 4848) Navigating in the detailed comparison (Page 4854) Changing blocks during the detailed comparison (Page 4856) 11.16.3 Comparing PLC tags You have the following options for comparing PLC tags: Automatic offline/offline comparison in the compare editor The PLC tag tables of the selected devices are compared offline. Manual offline/offline comparison in the compare editor The selected PLC tag tables of the devices are compared offline. Detailed comparison Use the detailed comparison to determine differences within the PLC tag tables. Performing automatic offline/offline comparison in the compare editor To perform an automatic offline/offline comparison of PLC tag tables, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 4858 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. Open the "PLC tags" folder. You can identify the status of the PLC tag tables based on the symbols in the status and action area. You can define certain actions depending on the status. You can drag any other device to the drop area at any time to perform further comparisons. Performing manual offline/offline comparison in the compare editor To perform a manual offline/offline comparison of PLC tag tables, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. In the status and action area, click on the button for switching between automatic and manual comparison. 5. Select the PLC tag tables that you want to compare. The properties comparison is displayed. You can identify the status based on the symbols. You can drag any other device to the drop area at any time to perform further comparisons. Running a detailed comparison To start a detailed comparison for a PLC tag table, follow these steps: 1. Perform an automatic or manual offline/offline comparison. 2. For an automatic offline/offline comparison in the compare editor, select the PLC tag table for which you want to run a detailed comparison. Note that two PLC tag tables must be selected for comparison for a manual offline/offline comparison. 3. Click the "Start detailed comparison" button in the toolbar. A separate compare editor opens. All existing PLC tags of the selected PLC tag tables are displayed depending on the settings of the compare editor. User and system constants are not shown, however. You can identify the status of the PLC tags based on the symbols. You can define certain actions depending on the status of the PLC tags. See also Introduction to comparing PLC programs (Page 4829) Comparing PLC data types (Page 4860) Using the compare editor (Page 384) Comparing blocks (Page 4834) WinCC Advanced V14 System Manual, 10/2016 4859 Programming the PLC 11.16 Comparing PLC programs 11.16.4 Comparing PLC data types You have the following options for comparing PLC data types: Online/offline comparison (S7-1200/1500 only) The PLC data types in the project are compared with the PLC data types of the selected device. Automatic offline/offline comparison in the compare editor The PLC data types of the selected devices are compared offline. Manual offline/offline comparison in the compare editor The selected PLC data types of the devices are compared offline. Detailed comparison Use the detailed comparison to determine differences between PLC data types. Performing online/offline comparison of PLC data types To perform an online/offline comparison, follow these steps: 1. Select a device in the project tree that allows online/offline comparison. 2. Select the "Compare > Offline/online" command in the shortcut menu. If you have not already established an online connection to this device, the "Go online" dialog opens. In this case, set all the necessary parameters for the connection and click "Connect". The online connection is established and the compare editor opens. 3. Open the "PLC data types" folder. You can identify the status based on the symbols in the status and action area. When you select an object, the properties of the PLC data type and the corresponding PLC data type of the assigned device are displayed in the properties comparison. Performing automatic offline/offline comparison in the compare editor To perform an automatic offline/offline comparison of PLC tag tables, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. Open the "PLC data types" folder. You can identify the status of the PLC tag tables based on the symbols in the status and action area. You can define certain actions depending on the status. You can drag any other device to the drop area at any time to perform further comparisons. 4860 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.16 Comparing PLC programs Performing manual offline/offline comparison in the compare editor To perform a manual offline/offline comparison of PLC data types, follow these steps: 1. Select a device in the project tree that allows offline/offline comparison. 2. Select the "Compare > Offline/offline" command in the shortcut menu. The compare editor opens and the selected device is displayed in the left area. 3. Drag-and-drop an additional device to the drop area of the right pane. The device to be compared can originate from the same project, a reference project or the library. 4. In the status and action area, click on the button for switching between automatic and manual comparison. 5. Select the PLC data types that you want to compare. The properties comparison is displayed. You can identify the status based on the symbols. You can drag any other device to the drop area at any time to perform further comparisons. Running a detailed comparison To start a detailed comparison for a PLC data type, follow these steps: 1. Perform an offline/offline comparison. You can also perform an online/offline comparison for CPUs of the S7-1200/1500 series. 2. For an automatic offline/offline comparison in the compare editor, select the PLC data type for which you want to run a detailed comparison. Note that two PLC data types must be selected for comparison with a manual offline/offline comparison. 3. Click the "Start detailed comparison" button in the toolbar. The two PLC data types are opened next to each other so that you can easily identify the differences. See also Introduction to comparing PLC programs (Page 4829) Using the compare editor (Page 384) Comparing blocks (Page 4834) Comparing PLC tags (Page 4858) WinCC Advanced V14 System Manual, 10/2016 4861 Programming the PLC 11.17 Displaying program information 11.17 Displaying program information 11.17.1 Overview of available program information Program information The program information of a user program contains the view specified in the following table. View Application Assignment list (Page 4863) Provides an overview of the address bits for the I, Q, and M memory areas already allocated within the user program. Also indicates if an address has been allocated by access from an S7 program or if the address has been assigned to a SIMATIC S7 module. Call structure (Page 4871) Shows the call structure of the blocks within the user program and provides an overview of the blocks used and their relationships. Dependency structure (Page 4877) Shows the list of blocks used in the user program. A block is shown at the first level and blocks that call or use this block are indented below it. In con trast to the call structure, instance blocks are listed separately. Resources (Page 4883) Shows the hardware resources of the CPU for ob jects (OB, FC, FB, DB, user-defined data types and PLC tags), for CPU memory areas and for the existing I/O modules. Displaying several views simultaneously You can generate and display several views for one or more user programs to facilitate testing and changing your user program. Displaying multiple views, for example, enables you to: Display all program information for a user program next to one another Compare different user programs 4862 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.2 Displaying an assignment list 11.17.2.1 Introduction to the assignment list Program information in the assignment list The assignment list shows if an address has been allocated by access from an S7 program or if the address has been assigned to a SIMATIC S7 module. It is therefore an important basis for locating errors or changes in the user program. In the assignment list, you have a CPU-specific overview of which bit is used in which byte of the memory areas listed below: Input (I) Output (O) Bit memory (M) Timer (T) Counter (C) I/O (P) Display of the assignment list The assignment list of inputs, outputs, and bit memory is displayed in several separate work windows. Filters You can filter the display within the assignment list. You can use predefined filters or create your own. Displaying cross-reference information You have the option of displaying cross-reference information for selected addresses in the assignment list. You can display the cross-references for a selected address in the Inspector window using the "Cross-reference information" shortcut menu command. The command "Tools > Crossreferences" allows you to also open the cross-reference list for the selected object. Displaying the PLC tag table You can open the PLC tag table from the assignment list and edit the properties of the tags used. To do this select an address of the assignment list and select the "Open editor" command in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 4863 Programming the PLC 11.17 Displaying program information Enabling the display of retentivity You can enable and disable the display of the retentive state of bit memory by selecting the "Hide/show retain area" toolbar button. See also Symbols in the assignment list (Page 4865) Layout of the assignment list (Page 4864) 11.17.2.2 Layout of the assignment list Layout of the assignment list Depending on the CPU, the assignment list is displayed in several work windows with the following operands. For S7-300/400 and S7-1500 CPUs: Inputs Outputs Bit memories Timers Counters For S7-1200 CPUs: Inputs Outputs Bit memories Displaying inputs, outputs, bit memory, timers and counters It shows all operands used and their assignment in the S7 program. For all displayed operands, each line in the assignment list is dedicated to a byte of the memory area, in which the corresponding eight bits from 7 to 0 are labeled according to their access. Afterwards, a "bar" indicates whether access is made by a byte (B), word (W) or double word (D). You can find an explanation of the symbols in the assignment list here: (Page 4865) See also Introduction to the assignment list (Page 4863) 4864 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.2.3 Symbols in the assignment list Meaning of the symbols in the assignment list The following table shows the meaning of the symbols in the assignment list: Symbol Meaning Indicates the address assignment in the selected state. Indicates the address assignment in the non-selected state. Indicates that a pointer start address and a tag address access the same address range and that they are selected. Indicates that a pointer start address and a tag address access the same address range and that they are not selected. Indicates the pointer assignment in the selected state. Indicates the pointer assignment in the non-selected state. Indicates that the byte is in use with byte access and the corre sponding tag is selected. The shortcut menu allows you to display cross-reference information for the selected variables as well as the PLC tag table. Indicates that the byte is in use with byte access and the corre sponding tag is not selected. Indicates that the byte is in use with word access and the corre sponding tag is selected. The shortcut menu allows you to display cross-reference information for the selected variables as well as the PLC tag table. Indicates that the byte is in use with word access and the corre sponding tag is not selected. Indicates that the byte is in use with double word access and the corresponding tag is selected. The shortcut menu allows you to dis play cross-reference information for the selected variables as well as the PLC tag table. Indicates that the byte is in use with double word access and the corresponding tag is not selected. Background color: gray Indicates that a byte is in use with byte, word or double word access and that the address is also in use by the hardware. The gray back ground color indicates overlapping memory access. Background color: yellow Indicates that the address is not in use by the hardware. Indicates that the memory area has been defined as system mem ory. Indicates that the memory area has been defined as clock memory. WinCC Advanced V14 System Manual, 10/2016 4865 Programming the PLC 11.17 Displaying program information See also Layout of the assignment list (Page 4864) Introduction to the assignment list (Page 4863) 11.17.2.4 Displaying an assignment list Requirement A project has been created with programmed blocks. Procedure Proceed as follows to display the assignment list: 1. Select the "Program blocks" folder or one or more of the blocks it contains. 2. Select the "Assignment list" command in the "Tools" menu. Result The assignment list for the selected program is displayed. View options in the assignment list Refer to view respective view options that are set to display the desired information in the assignment list. See also Setting the view options for the assignment list (Page 4866) Layout of the assignment list (Page 4864) 11.17.2.5 Setting the view options for the assignment list Introduction The following view options are available for the assignment list: Used addresses: When this check box is activated, the addresses, I/Os and pointers used in the program are displayed. Free hardware addresses: When this check box is activated, only the free hardware addresses are displayed. 4866 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information Requirement A project has been created with programmed blocks. The assignment list is open. Procedure Proceed as follows to set the view options for the assignment list: 1. Click on the arrow of the symbol ("View options") in the task bar. The view options for the assignment list are opened. Check marks are set in front of the activated view options. 2. If you want to activate or deactivate a view option, click on the respective check box and set or remove the check mark. Result The view options are set and the desired information is displayed in the assignment list. 11.17.2.6 Filter options in the assignment list Filter settings You can define your own filter settings for the assignment list. The following options are available for defining filters: Display all addresses of the address areas specified. Display of single, defined addresses from the selected address area, for example, "0" and "200". Display of complete areas from the selected address area, for example, "0 - 256". WinCC Advanced V14 System Manual, 10/2016 4867 Programming the PLC 11.17 Displaying program information The following table provides an overview of all available options: Selection in the Selection Symbol Meaning Address area All CPU-dependent displayed ad dresses (I, O, M, T, C) can be acti vated as they are by default, or in dividual address areas can be acti vated. Check box is activated Only the activated address areas (I, O, M, T, C) are shown in the assignment list. Filter area Show assignment for all addresses * Displays the assignment of all addresses of the enabled ad dress areas (I, Q, M). Show assignment for selected ad dresses, for example, for the inputs "IB 0" and "IB 256" Assignments of selected ad dresses for the activated ad dress areas (I) are shown. Show assignment for selected areas, for example, for the inputs "IB 0 to IB 100" and "IB 200 to IB 256". 11.17.2.7 0;256 Separate individual addresses and areas by a semicolon. 0-100;200-256 Contiguous areas should be connected by a hyphen. Assignments of selected areas for the activated address areas (I) are shown. Defining filters for assignment list Requirement A project has been created with programmed blocks. The assignment list is open. Defining filter Proceed as follows to define a filter for the assignment list: 1. Click on the symbol ("Filter") in the task bar. The "Assignment List Filter" dialog opens. 2. Click on the symbol ("Create new filter") in the task bar. A new filter is created with the name "Filter_1". The check boxes for all addresses (inputs, outputs, memory bits, timers and counters) are activated by default for the filter. 3. If you want to change the name of the filter, click on the drop-down list in the task bar and enter a new filter name. 4. Deactivate the check boxes of addresses that are not to be affected by the filter. 4868 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 5. Enter one of the following options in the filter area of the activated address: - Show all addresses used = "*" - Show single, defined addresses, for example, IB 0" and IB 25 = "0.25". Individual addresses and address areas are separated by commas or semicolons. - Show complete address areas, for example, IB 0 to IB 256 = "0-256". Complete address areas should be connected by a hyphen. 6. Confirm your entries with "OK". The newly defined filter is shown in the task bar of the assignment list under the specified name. Delete filter Proceed as follows to delete a filter: 1. Click on the symbol ("Filter") in the task bar. The filter dialog for the assignment list opens. 2. In the drop-down list of the task bar, select the filter you want to delete. 3. Click on the symbol ("Delete selected filter") in the task bar. The selected filter is deleted. See also Filter options in the assignment list (Page 4867) Displaying an assignment list (Page 4866) Introduction to the assignment list (Page 4863) 11.17.2.8 Filtering an assignment list Requirement A project has been created with programmed blocks. The assignment list is open. Procedure 1. Click on the arrow on the drop-down list. The available filter are displayed. 2. Select the desired filter. WinCC Advanced V14 System Manual, 10/2016 4869 Programming the PLC 11.17 Displaying program information Result The assignment list is filtered according to the settings of the selected filter. Note The filter settings are saved when the project is closed. 11.17.2.9 Defining retentive memory areas for bit memories Introduction In the assignment list you can define the width of the retentive memory area for bit memories. The content of tags which are addressed in retentive memory is retained after power off and at the STOP to RUN transition after power on. The display of retentive bit memories can be enabled and disabled in the assignment list. If their display is enabled, retentive bit memories are identified by an icon in the "Address" column. Requirement The assignment list is open. Procedure Proceed as follows to define the width of the retentive memory area for bit memories: 1. Click "Retain" in the toolbar. The "Retain memory" dialog will open. 2. Starting at the count of 0, define the width of the retentive memory area by entering the last byte of this area in the input field. Watch out for any addresses of tags already assigned to the retentive area. 3. Load the block to the target system. Select the "Program blocks" folder in the Project tree and select the "Download to device" submenu in the shortcut menu. Result The width of the retentive memory area is defined. If enabled in the assignment list, an icon will indicate the retentive state of all tags in the "Address" column. 4870 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.2.10 Enabling the display of retentive bit memories Introduction In the assignment list you can enable and disable the display of retentive bit memories. The retentive bit memories are identified by means of an icon in the "Address" column if the display of retentivity is enabled. Requirement The assignment list is open. Procedure Proceed as follows to enable and disable the display of retentive bit memories: 1. Click "Display/hide retentivity" in the toolbar. Result The retentive tags are identified by means of an icon in the "Address" column of the bit memory area if the display of retentivity is enabled. The icons in the "Address" column are hidden if the display of retentivity is disabled. 11.17.3 Displaying the call structure 11.17.3.1 Introduction to the call structure Call structure The call structure describes the call hierarchy of the blocks within an S7 program. It provides an overview of: The blocks used Jumps to the places of use of the blocks Dependencies between blocks Local data requirements of the blocks Status of the blocks WinCC Advanced V14 System Manual, 10/2016 4871 Programming the PLC 11.17 Displaying program information Information in the call structure Displaying the call structure provides you with a list of the blocks used in the user program. The first level of the call structure is highlighted in color and shows the blocks that are not called by any other block in the program. Organization blocks are always shown on the first level of the call structure. Functions, function blocks and data blocks are only shown on the first level if they are not called by an organization block. When a block calls other blocks or functions, they are listed indented under the calling block. Instructions and blocks are shown in the call structure only if they are called by a block. Note Please note that no call structure is displayed for know-how-protected blocks. View options The following view options are available for the call structure: Show conflicts only: When this check box is activated, only conflicts within the call structure are displayed. Group multiple calls together: When this check box is activated, several block calls are grouped together. The number of block calls is displayed in the "Call frequency" column. The links to the various call locations are offered in a drop-down list in the "Details" column. Displaying the block calls You can display the block calls in a block by clicking on the arrow in front of the block title. To display the call information of all blocks, click on the "Expand list" icon in the toolbar. You can hide the total overview by clicking the "Collapse list" icon. Displaying cross-reference information You can display the cross-reference information for a block in the Inspector window by rightclicking on the relevant block and selecting the "Cross-reference information" command from the shortcut menu. To open the "Cross-references" view, click the "Cross-references" command in the shortcut menu. Displaying blocks in the program editor You can open the program editor from the call structure and edit blocks there. To do this, select the required block in the call structure and select the "Open" command in the shortcut menu. 4872 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information Displaying deleted blocks The rows belonging to deleted blocks are identified by an icon. Note Please note that any existing local data can only be displayed or updated after a block is compiled. See also Symbols in the call structure (Page 4873) 11.17.3.2 Symbols in the call structure Meaning of the symbols in the call structure The following table shows the meaning of the symbols in the call structure: Symbol Meaning Indicates an organization block (OB). Indicates a function block (FB). Indicates a function (FC). Indicates a data block (DB). Indicates that the block is declared as a multiinstance. The object has an interface dependency to an object connected to the left. Indicates that the block needs to be compiled again. Indicates that the data block needs to be compiled again. Indicates that the object is not available. Indicates that the interface causes a time stamp conflict. Indicates that the variable causes a time stamp conflict. Indicates that the block is not called directly or indirectly from an OB. Indicates that an object has know-how protection. WinCC Advanced V14 System Manual, 10/2016 4873 Programming the PLC 11.17 Displaying program information Symbol Meaning Indicates that the block is normally called recursively. Indicates that a tag declaration in the interface has a recursive dependency: Scenario 1: FB1 calls FB2 and this then calls FB1. The instance data blocks of these FBs have a recursion in the interface. Scenario 2: A multiple instance FB uses the instance DB of its parent FB as a global DB. 11.17.3.3 Layout of the call structure Layout of the call structure The view of the call structure consists of the following columns: Column Content/meaning Call structure Shows an overview of the blocks called If the viewing option "Group multiple calls together" is ena bled, several block calls are grouped together and the "Num ber of calls" column is displayed. Call type (!) Shows the type of call, for example recursive block call. Address Shows the absolute address of the block. With a function block, the absolute address of the corresponding instance data block is also shown. Call frequency Indicates the number of multiple calls of blocks. Details Shows the network or interface of the calling block. All infor mation are offered as a link in this column. With this link, you can jump to the location of the block call in the program editor. If the viewing option "Group multiple calls together" option is enabled, the calls are grouped together and are available as links in a drop-down list. Local data (in path) Indicates the local data requirement of the full path. Blocks with optimized access have higher local data require ments because the information for the symbolic addressing is stored with them. Please note that any existing local data can only be displayed or updated after compiling a block. Local data (for blocks) Show the local data requirements of the block. Blocks with optimized access have higher local data require ments because the information for the symbolic addressing is stored with them. Please note that any existing local data can only be displayed or updated after compiling a block. See also Symbols in the call structure (Page 4873) Introducing the consistency check in the call structure (Page 4876) 4874 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.3.4 Displaying the call structure Requirement A project has been created with blocks. Procedure Proceed as follows to display the call structure: 1. Select the "Program blocks" folder or one or more of the blocks it contains. 2. Select the "Call structure" command in the "Tools" menu. Result The call structure for the selected program is displayed. Note Please note that any existing local data can only be displayed or updated after compiling a block. See also Setting the view options for the call structure (Page 4875) 11.17.3.5 Setting the view options for the call structure Introduction The following view options are available for the call structure: Show conflicts only: Only the blocks causing conflicts within the call structure are displayed if this check box is activated. The following blocks cause conflicts: - Blocks executing any calls with older or newer code time stamps. - Blocks calling a block with modified interface. - Blocks using a tag with modified address and/or data type. - Block called neither directly, nor indirectly by an OB. - Blocks calling a block which no longer exists. Group multiple calls together: When this viewing option is enabled, several block calls and data block accesses are grouped together. The number of block calls is displayed in the "Call frequency" column. The links to the various call locations are offered in a drop-down list in the "Details" column. WinCC Advanced V14 System Manual, 10/2016 4875 Programming the PLC 11.17 Displaying program information Requirement A project has been created with programmed blocks. The call structure is open. Procedure Proceed as follows to set the view options for the call structure: 1. Click on the arrow of the symbol ("View options") in the task bar. The view options for the call structure opens. Check marks are set in front of the activated view options. 2. If you want to activate or deactivate a view option, click on the respective check box and set or remove the check mark. Result The view options are set and the required information is displayed in the call structure. 11.17.3.6 Introducing the consistency check in the call structure Consistency check Changing the time stamp of a block during or after the program is generated can lead to time stamp conflicts, which in turn cause inconsistencies among the blocks that are calling and being called. Using the consistency check The "Consistency check" function is used to visualize inconsistencies when time stamp conflicts occur. Whe the consistency check is performed, the inconsistent blocks are shown in the call structure and marked with the correspoinding symbols. Most time stamp and interface conflicts can be rectified by recompiling the blocks. If compilation fails to clear up inconsistencies you can use the link in the "Details" column to go to the source of the problem in the program editor and manually eliminate any inconsistencies. The blocks marked in red must be recompiled. See also Symbols in the call structure (Page 4873) 4876 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.3.7 Checking block consistency in the call structure Requirement A project has been created with programmed blocks. The call structure is open. Procedure Proceed as follows to check the block consistency: 1. Click on the symbol ("Consistency check") in the task bar. The block consistency is checked. Blocks found to be inconsistent are marked accordingly by a symbol. 2. If a block is inconsistent, click on the arrow in front of the block title in the call structure. The inconsistent blocks are displayed. The exact problem locations are listed as links in the "Details" column. 3. Click on the respective link in the "Details" column to jump to the location in the block requiring correction. 4. Check and correct the inconsistencies in the blocks. 5. Recompile the blocks by selecting the required blocks and clicking on the command "Compile" in the shortcut menu. 6. Download the corrected blocks to the target system by clicking the command "Download to device" in the shortcut menu. Result The block consistency is checked. The inconsistencies in the blocks are corrected. The corrected blocks are loaded to the target system. See also Symbols in the call structure (Page 4873) 11.17.4 Displaying the dependency structure 11.17.4.1 Introduction to the dependency structure Introduction The dependency structure shows the dependencies each block in the program has to other blocks. WinCC Advanced V14 System Manual, 10/2016 4877 Programming the PLC 11.17 Displaying program information Information in the dependency structure Displaying the dependency structure provides you with a list of the blocks used in the user program. A block is shown at the far left, and blocks that call or use this block are indented below it. The dependency structure also shows the status of the individual blocks using symbols. Objects that cause a time stamp conflict and could lead to an inconsistency in the program are marked with various symbols. The dependency structure is an extension of the cross-reference list for objects. View options The following view options are available for the dependency structure: Show conflicts only: When this check box is activated, only the conflicts within the dependency structure are displayed. Group multiple calls together: When this check box is activated, several block calls are grouped together. The number of block calls is shown numerically in the "Dependency structure" column. The links to the various call locations are offered in a drop-down list in the "Details" column. Displaying the dependencies Clicking on the arrow in front of the block title displays the blocks that call or use this block. To display the dependencies of all blocks, click the "Expand list" icon in the toolbar. You can hide the total overview by clicking the "Collapse list" icon. Displaying cross-reference information You can display the cross-reference information for a block in the Inspector window by rightclicking on the relevant block and selecting the "Cross-reference information" command from the shortcut menu. To open the "Cross-references" view, click the "Cross-references" command in the shortcut menu. Displaying blocks in the program editor You can open the program editor from the dependency structure and edit blocks there. To do this, select the required block in the dependency structure and select the "Open" command in the shortcut menu. 4878 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.4.2 Layout of the dependency structure Layout of the dependency structure The view of the dependency structure consists of the following columns: Column Content/meaning Dependency It indicates the dependencies between each block and the other blocks in the program. Call type (!) Shows the type of call, for example recursive block call. Address Shows the absolute address of the block. Call frequency Indicates the number of multiple calls of blocks. Details Shows the network or interface of the called block. All infor mation are offered as a link in this column. With this link, you can jump to the location of the block call in the program editor. If the viewing option "Group multiple calls together" option is enabled, the calls are grouped together and are available as links in a drop-down list. See also Symbols in the dependency structure (Page 4879) 11.17.4.3 Symbols in the dependency structure Meaning of the symbols in the dependency structure The following table shows the meaning of the symbols in the dependency structure: Symbol Meaning Indicates an organization block (OB). Indicates a function block (FB). Indicates a function (FC). Indicates a data block (DB). The object has an interface dependency to an object connected to the left. Indicates that the block needs to be compiled again. Indicates that the data block needs to be compiled again. Indicates that there is an inconsistency with this object. WinCC Advanced V14 System Manual, 10/2016 4879 Programming the PLC 11.17 Displaying program information Symbol Meaning Indicates that an object has know-how protection. Indicates that a tag declaration in the interface has a recursive dependency: Scenario 1: FB1 calls FB2 and this then calls FB1. The instance data blocks of these FBs have a recursion in the interface. Scenario 2: A multiple instance FB uses the instance DB of its parent FB as a global DB. 11.17.4.4 Displaying the dependency structure Requirement A project has been created with programmed blocks. Procedure Proceed as follows to display the dependency structure: 1. Select the block folder or one or more of the blocks contained therein. 2. Select the "Dependency structure" command in the "Tools" menu. Result The dependency structure for the selected program is displayed. See also Setting the view options for the dependency structure (Page 4881) 4880 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information 11.17.4.5 Setting the view options for the dependency structure Introduction The following view options are available for the dependency structure: Show conflicts only: When this check box is activated, only the conflicts within the dependency structure are displayed. The following blocks cause conflicts: - Blocks executing any calls with older or newer code time stamps. - Blocks called by a block with modified interface. - Blocks using a tag with modified address and/or data type. - Block called neither directly, nor indirectly by an OB. Group multiple calls together: When this check box is activated, several block calls are grouped together. The number of block calls is shown in the relevant column. The links to the various call locations are offered in a drop-down list in the "Details" column. Requirement A project has been created with programmed blocks. The dependency structure is open. Procedure Proceed as follows to set the view options for the dependency structure: 1. Click on the arrow of the symbol ("View options") in the task bar. The view options for the dependency structure are opened. Check marks are set in front of the activated view options. 2. If you want to activate or deactivate a view option, click on the respective check box and set or remove the check mark. Result The view options are set and the required information is displayed in the dependency structure. 11.17.4.6 Introducing the consistency check in the dependency structure Consistency check WinCC Advanced V14 System Manual, 10/2016 4881 Programming the PLC 11.17 Displaying program information Changing the time stamp of a block during or after the program is generated can lead to time stamp conflicts, which in turn cause inconsistencies among the blocks that are calling and being called. Using the consistency check The "Consistency check" function is used to visualize inconsistencies. Whe the consistency check is performed, the inconsistent blocks are shown in the dependency structure and marked with the correspoinding symbols. Most time stamp and interface conflicts can be rectified by recompiling the blocks. If compilation fails to clear up inconsistencies you can use the link in the "Details" column to go to the source of the problem in the program editor and manually eliminate any inconsistencies. The blocks marked in red must be recompiled. See also Layout of the dependency structure (Page 4879) Symbols in the dependency structure (Page 4879) 11.17.4.7 Checking block consistency in the dependency structure Requirement A project has been created with programmed blocks. The dependency structure is open. Procedure Proceed as follows to check the block consistency: 1. Click on the symbol ("Consistency check") in the task bar. The block consistency is checked. Blocks found to be inconsistent are marked accordingly by a symbol. 2. If a block is inconsistent, click on the arrow in front of the block title in the dependency structure. The inconsistent blocks are displayed. The exact problem locations are listed as links in the "Details" column. 3. Check and correct the inconsistencies in the blocks. 4. Recompile the blocks by selecting the required blocks and clicking on the command "Compile" in the shortcut menu. 5. Download the corrected blocks to the target system by clicking the command "Download to device" in the shortcut menu. 4882 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information Result The block consistency is checked. The inconsistencies in the blocks are corrected. The corrected blocks are loaded to the target system. See also Symbols in the dependency structure (Page 4879) 11.17.5 Displaying CPU resources 11.17.5.1 Introducing resources Introduction The "Resources" tab indicates the hardware resources of the configured CPU for: the used programming objects, the assignment of the different memory areas within the CPU and the assigned inputs and outputs of the existing input and output modules. Information provided in the "Resources" tab The resources tab provides an overview of the hardware resources. The display in this tab depends on the CPU which you are using. The following information is displayed: the programming objects used in the CPU (e.g. OB, FC, FB, DB, data types and PLC tags) the memory areas available on the CPU (load memory, work memory - divided into code work memory and data work memory depending on the CPU -, retentive memory), their maximum size and utilization by the programming objects stated above the I/O of modules which can be configured for the CPU (I/O modules, digital input modules, digital output modules, analog input modules, and analog output modules), including the I/ O already in use. WinCC Advanced V14 System Manual, 10/2016 4883 Programming the PLC 11.17 Displaying program information Display of the maximum available load memory The maximum size of available load memory can be selected from a drop-down list box in the "Total" row of the "Load memory" column. Note Displaying the allocated load memory in the CPU Note that the sum of the allocated load memory cannot be precisely determined if not all blocks are compiled. In this case, a preceding ">" in front of the sum indicates that the amount of allocated space may be greater than that shown because uncompiled blocks are not taken into account in the total. Display of the maximum available work memory The maximum size of available work memory is displayed in the "Work memory" column or in the "Code work memory" and "Data work memory" columns in the "Total" row. Display of the maximum available retentive memory The maximum size of available retentive memory can be selected from a drop-down list box in the "Total" row of the "Retentive memory" column. Note Retentive memory data All bit memories and data blocks specified as retentive will be integrated in the calculation of the retentive data. Updating the display in the "Resources" tab Click the "Update view" toolbar button to update the display of objects. Benefits of the display in the "Resources" tab The "Resources" tab of the program information dialog provides a detailed list of all objects and of the corresponding memory area used. The tab also indicates shortage of resources and helps to avoid such states. Blocks which are not compiled can be identified as their size is indicated by a question mark. 4884 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information See also Layout of the "Resources" tab (Page 4885) Displaying resources (Page 4886) Selecting the maximum load memory available (Page 4887) 11.17.5.2 Layout of the "Resources" tab Layout of the "Resources" tab in the program information The view of the "Resources" tab consists of the following columns: Column Content/meaning Objects The "Details" area provides an overview of the programming objects available in the CPU, including their memory assign ments. Load memory Displays the maximum load memory resources of the CPU as a percentage and as absolute value. The values displayed under "Total" provide information on the maximum memory available in the load memory. The values displayed under "Used" provide information on the memory actually used in the load memory. If a value is displayed in red, the available memory capacity has been exceeded. Work memory or code and data work memory Displays the maximum work memory resources of the CPU as a percentage and as absolute value. The work memory depends on the CPU and is divided into "Code work memory" and "Data work memory" for a CPU from the S7-400 or S7-1500 series, for example. The values displayed under "Total" provide information on the maximum memory available in the work memory. The values displayed under "Used" provide information on the memory space actually used in the work memory. If a value is displayed in red, the available memory capacity has been exceeded. Retentive memory Displays the maximum resources for retentive memory in the CPU as a percentage and as absolute value. The values displayed under "Total" provide information on the maximum memory available in the retentive memory. The values displayed under "Used" provide information on the memory actually used in the retentive memory. If a value is displayed in red, the available memory capacity has been exceeded. WinCC Advanced V14 System Manual, 10/2016 4885 Programming the PLC 11.17 Displaying program information Column Content/meaning I/O Displays the I/Os which are available on the CPU, including their module-specific availability in the next columns. The values displayed at "Configured" provide information about the maximum number of I/O available. The values displayed under "Used" provide information on the actually used inputs and outputs. DI / DQ / AI / AQ Displays the number of configured and used inputs/outputs: DI = Digital inputs DQ = Digital outputs AI = Analog inputs AQ = Analog outputs The values displayed at "Configured" provide information about the maximum number of I/O available. The values displayed under "Used" provide information on the actually used inputs and outputs. See also Displaying resources (Page 4886) Selecting the maximum load memory available (Page 4887) Introducing resources (Page 4883) 11.17.5.3 Displaying resources Introduction The memory use shows you which space is allocated to specific objects in the CPU. Note Displaying the allocated load memory in the CPU Note that the sum of the allocated load memory cannot be precisely determined if not all blocks are compiled. In this case, a preceding ">" in front of the sum indicates that the amount of allocated space may be greater than that shown because uncompiled blocks are not taken into account in the total. Requirement A project with programmed blocks has been created. 4886 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.17 Displaying program information Procedure Proceed as follows to display the resources of the respective CPU memory areas: 1. Select the block folder below the relevant CPU, or one or several of the blocks contained therein. 2. Select the "Resources" command in the "Tools" menu. Result The memory resources of the assigned CPU are displayed. 11.17.5.4 Selecting the maximum load memory available Requirement A project with programmed blocks has been created. Procedure Proceed as follows to display the available maximum of load memory resources: 1. Select the block folder below the relevant CPU, or one or several of the blocks contained therein. 2. Select the "Resources" command in the "Tools" menu. 3. In the dialog that is displayed, open the drop-down list in the "Total" field of the "Load memory" column by clicking the icon. 4. Select a corresponding value for the CPU used by clicking it in the drop-down list box. Result The "Total" field displays the selected maximum memory resources. Note Display of maximum memory resources If a value is displayed in red for the maximum memory resources, the available memory capacity has been exceeded. In this case, adapt the memory capacity as described above. WinCC Advanced V14 System Manual, 10/2016 4887 Programming the PLC 11.18 Displaying cross-references 11.18 Displaying cross-references 11.18.1 General information about cross references Introduction The cross-reference list provides an overview of the use of objects and devices within the user program. You can see which objects are interdependent, what relationships they have with one another and where the individual objects are located. You can also jump directly to the reference location of an object. Uses of cross-references The cross-reference list offers you the following advantages: When creating and changing a program, you retain an overview of the devices and objects used such as the blocks, operands and tags etc. You can see whether the object uses other objects or is used by itself. From the cross-references, you can jump directly to the reference location of the selected object. During a program test or when troubleshooting, you are informed of the following, for example: - In which block and by which command is an operand processed. - Which tag is used how and where. - Which block is called by which other block. - Cross-reference information for subordinate and higher-level structures. As part of the project documentation, the cross-references provide a comprehensive overview of all operands, memory areas, blocks, tags, screens etc. used. Note Objects displayed in the cross-reference list Which objects you can display in the cross-reference list depends on the installed products. See also Structure of the cross-reference list (Page 4889) Displaying the cross-reference list (Page 4893) Displaying cross-references in the Inspector window (Page 4902) 4888 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references 11.18.2 Structure of the cross-reference list Introduction The cross-reference list enables the display of reference objects and lower-level objects for a source object selected in the project tree. The source object is the object displayed first in the cross-reference list. The display of the cross-references for an object is project- and device-specific. You can also have multiple cross-reference lists open at the same time. Structure of the cross-reference list When you have selected a source object and open the cross-reference list, the objects are displayed as follows: The source object and all the lower-level objects of this source object and the associated references are structured in a standard view. The source object is the object for which you have opened the cross-references and is displayed as the first object in a row with a gray background. Lower-level objects are marked with a preceding blue square. If lower-level objects also have reference objects, they are displayed with a gray background in the object column and in an hierarchical structure. If an object is used several times, it is also displayed several times. The "Add new source object" button is displayed at the end of a filled cross-reference list. When you click on this button, you can add a new object to the cross-reference list. The source object and the lower-level object are collapsed in the Inspector window. Lowerlevel objects with reference objects are show with a gray background in the object column. Example The graphic below shows an example of the structure of the cross-reference list to a source object: WinCC Advanced V14 System Manual, 10/2016 4889 Programming the PLC 11.18 Displaying cross-references Display of the newly added source objects in the cross-reference list Objects which were inserted using the "Add new source object" button are displayed as follows: They are always at the end of the cross-reference list and are automatically expanded. They are initially displayed independently of the selected filter setting. Newly added objects are correctly sorted and the filter settings displayed accordingly after an update or when another filter is used. Columns in the cross-reference list The cross-reference list has the following structure: Column Content/meaning Object Displays the name of the source object which was selected when the cross-reference list was opened, with all lower-level objects and the associated reference objects. Reference location Shows the reference location of the objects, e.g. a network. Reference type Shows the relationship between the source object and the referenced objects: "Uses": The source object uses this object "Used by": The source object is used by this object "Type/instance": The source object is a type or an instance of the referenced object "Contains": The source object contains the reference object (with HMI objects) "Belongs to": The source object belongs to the reference object (with HMI objects) "Defines": The source object defines this object. "Defined by": The source object is defined by this object. As Shows additional information about objects, e.g., that a tag is used by several devices. Access Shows the type of access, e.g. whether access to the operand is read access (R) and/or write access (W). Address Shows the address of the relevant object. Type Shows the type and the language used to create the object. Device Shows the associated device name, e.g. "CPU_1". Path Displays the path of the object in the project tree with specification of folders and groups. Comment Displays comments on individual objects, if available. See also General information about cross references (Page 4888) Displaying the cross-reference list (Page 4893) 4890 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references 11.18.3 Settings in the cross-reference list Settings in the cross-reference list Settings can be made in the cross-reference list using the buttons in the toolbar and the selection of pre-defined filter settings. Settings using the buttons in the cross-reference list The following settings can be made using the buttons: "Update" button Updates the contents displayed in the open cross-reference list. When you press this button, the displayed contents of the cross-reference list are updated with the current contents from the associated project. Automatic update is not carried out within the cross-reference list if data management has changed in the project. "Expand all" button Expands the entries in the current cross-reference list by opening all lower-level objects. "Collapse all" button Reduces the entries in the current cross-reference list by closing the lower-level objects. "Save window settings" button Saves the current window settings in the cross-reference list. This includes, for example, the columns displayed, the width of the columns and the arrangement of the columns. The relevant filter settings in the cross-reference list are not saved. Filter settings in the cross-reference list You have the possibility of selecting predefined filters for displaying objects. You have the following options for filter selection, which relate to source objects: Show objects with references: This setting shows all the lower-level objects below the source object with existing references. It is the default setting whenever the cross-reference list is opened. Show objects without references: This setting shows all the lower-level objects below the source object without references. These non-referenced objects are assigned the entry "no references available" in the column "Reference location". Lower-level elements without references are also displayed if their parent objects contain references. Show unused objects: This setting shows all the lower-level but unused objects below the source object. These unused objects are assigned the entry "Object is not used" in the column "Reference location". Show all objects: This setting shows all the lower-level objects below the source object with or without references. WinCC Advanced V14 System Manual, 10/2016 4891 Programming the PLC 11.18 Displaying cross-references You have the following options for filter selection, which relate to reference objects: Show only "uses": This setting only shows the used reference objects with the reference type "Uses", "Belongs to" and "Type instance". Show only "used by": This setting shows all the reference objects with the reference type "Used by", "Type instance" or "Contains". Show only local references: This setting only shows local references which belong to a specific device (e.g. to CPU_1). Sorting in the cross-reference list The entries are displayed in alphabetical order, depending on the associated object, the associated device and the object type. Associated objects are displayed one after another. The following sorting criteria are applied: For source objects: Sorting by object type, object name and number For referenced objects: Sorting by assignment to device, object name and number Note No sorting by name if more than 10,000 objects are displayed Please note that no sorting by name can take place if more than 10,000 objects are displayed in the cross-reference list. In this case, a banner text notifies you that no sorting is currently available for the displayed objects. If you click the link in the banner text, you can enable sorting by name. A dialog box is then displayed which informs you about the progress of the sorting. Display of columns in the cross-reference list The columns displayed in the cross-reference list can be customized using the shortcut menu. The shortcut menu offers the following options: Showing or hiding selected columns Displaying all existing columns Optimizing the column width for the selected column or for all columns. Note Showing or hiding selected columns The columns "Object" and "Reference location" cannot be hidden in the cross-reference list. You can save the settings you made by using the "Save window settings" button. 4892 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references Adding new objects to the cross-reference list You have the following options for inserting new source objects in an existing cross-reference list: By clicking the "Add new source object" button which is displayed at the end of the crossreference list. Note Multiple insertion of identical objects If you insert an identical object multiple times in the cross-reference list, the duplicates are automatically removed after the next update. 11.18.4 Displaying the cross-reference list Introduction Depending on the object selected in the project tree, all the cross-references belonging to this source object are displayed. Alternatively, you have the following option to open the cross-reference list: Select the "Cross-reference" command from the "Tools" menu. Select "Cross-references" in the shortcut menu. Click on the icon for cross-references in the toolbar. Select an object in the project tree and click "F11". The cross-references for the relevant selected object and for all the lower-level objects below it are always displayed. The display of the cross-references for an object is project- and device-specific. You can also have multiple cross-reference lists open at the same time. Note Displaying cross-references Which objects you can display in the cross-reference list depends on the installed products. If more than 50 objects were selected, these are collapsed in the cross-reference list. If fewer than 50 objects were selected, these are expanded in the cross-reference list. Requirements You have created a project which contains objects with references. WinCC Advanced V14 System Manual, 10/2016 4893 Programming the PLC 11.18 Displaying cross-references Displaying cross-references Proceed as follows to display cross-references in the cross-reference list: 1. In the project tree, select the required object and open the cross-references, e.g. using the shortcut menu. 2. The cross-reference list for the selected object is opened. - The relevant selected object is the "source object" and is at the top in the "Object" column. - In the column "Reference location", you can see the locations at which the objects shown in the cross-reference list can be used. - "Used by" and "Used", for example, show the relations between the objects in the "Reference type" column. 3. To jump to the reference location of the relevant object, click on the corresponding link. 4. You can perform the following actions using the buttons in the toolbar: - Update cross-reference list - Defining filters for the cross-reference list - Collapse entries - Expand entries - Saving settings for the cross-reference list - Check if overlapping accesses are available in the currently opened cross-reference list. - Display of the overlapping accesses in a separate area below the project window 5. You can sort the entries in the "Object" column, for example, in ascending or descending order by clicking on the corresponding column header. See also General information about cross references (Page 4888) Structure of the cross-reference list (Page 4889) 11.18.5 Sorting the cross-reference list Introduction Sorting for the displayed source and reference objects is executed by default for the crossreference list. 4894 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references This sorting is also displayed accordingly in the Inspector window. Note No sorting by name if more than 10,000 objects are displayed Please note that no sorting by name is possible if more than 10,000 objects are displayed in the cross-reference list. In this case, a banner text notifies you that no sorting is currently available for the displayed objects. If you click the link in the banner text, you can switch on the sorting. A dialog box is then displayed which informs you about the progress of the sorting. Sorting criteria for displaying cross-references Sorting takes place according to the following criteria: For source objects and assigned objects: By object type: The source objects are ordered by their object type and displayed together. By name: In alphanumeric order For reference objects: By device: The reference objects for a device are displayed together. By object type: The reference objects are ordered by their object type and displayed together. By name: In alphanumeric order For the reference location: By name: In alphanumeric order Requirements You have created a project which contains objects with references. Sorting the cross-reference list To sort the cross-reference list when more than 10,000 objects are displayed, follow these steps: 1. To sort the cross-reference list by name, click the link in the displayed banner text. Result: A dialog notifies you about the progress in sorting the cross-references. 2. The displayed objects are also shown sorted by name after the completion of the sorting process. WinCC Advanced V14 System Manual, 10/2016 4895 Programming the PLC 11.18 Displaying cross-references 11.18.6 Filtering the cross-reference list Introduction You can use various filter settings, which can be selected via the drop-down list in the toolbar, to display the cross-references. The filter options shown in the upper area are applicable for the displayed source objects, the filter objects in the lower area are used for the reference objects. These filter selections are also displayed accordingly in the Inspector window. The following filter options are available: Show objects with references (default): This setting shows all the lower-level objects below the source object with existing references. It is the default setting whenever the cross-reference list is opened. Show objects without references: This setting shows all the lower-level objects below the source object without references. These non-referenced objects are assigned the entry "no references available" in the column "Reference location". Lower-level elements without references are also displayed if their parent objects contain references. Show unused objects: This setting shows all the lower-level but unused objects below the source object. These unused objects are assigned the entry "Object is not used" in the column "Reference location". Show all objects: This setting shows all the lower-level objects below the source object with or without references. Show only "uses": This setting only shows the used objects. Show only "used by": This setting shows all the objects which are used by other objects with the reference type "Used by", "Type instance" or "Contains". Show only local references: This setting only shows local references which belong to a specific device (e.g. to CPU_1). Requirements You have created a project which contains objects with references. Filtering the cross-reference list To filter the cross-reference list, follow these steps: 1. Select the required source object and open the associated cross-reference list using the "Cross-references" shortcut menu command. 2. In the opened cross-reference list, select the required filter setting via the drop-down list. 4896 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references Result The selected filter setting is applied for the objects displayed in the cross-reference list. 11.18.7 Printing the cross-reference list Introduction In the print preview, you can view and print out the project documentation contents shown in the cross-reference list. The "Project" > "Print preview" and "Project" > "Print" commands are available for this purpose in the TIA Portal. The following rules apply to printing out: The cross-reference list is always expanded and printed with all existing columns (including the hidden columns). The set filter criteria are applied at the same time. The column width is automatically optimized. Any overlapping accesses displayed are not printed. Regardless of which object is selected in the cross-reference list, the printout always starts with the displayed source object. Note Printing an empty cross-reference list If the cross-reference list selected for printing contains no entries, an empty cross-reference list is printed out. A cross-reference list which is printed out without contents contains the note "There are no entries in cross reference list". Requirements You have created a project which contains objects with references. Printing the cross-reference list To print the cross-reference list, follow these steps: 1. Select an object from the cross-reference list and start the print preview via the "Project" > "Print preview" command. 2. Make sure that you print out the required cross-reference list and select the required options. 3. Start the printout using the "Project" > "Print" command. 4. In the following dialog box, select the required print options and click "OK". WinCC Advanced V14 System Manual, 10/2016 4897 Programming the PLC 11.18 Displaying cross-references Result The selected cross-reference list is printed out with the set print options. 11.18.8 Adding a new object to the cross-reference list Introduction Depending on the selected object, all cross-references belonging to this source object are displayed when the cross-reference list is opened. You have the following options for inserting new source objects in an existing cross-reference list: By clicking the "Add new source object" button which is displayed at the end of the crossreference list. Requirement You have created a project which contains objects with references. Adding a new object to the cross-reference list To add new objects to the cross-reference list, follow these steps: 1. Open an existing cross-reference list. 2. Click the "Add new source object" button and enter the required object. When an existing object is inserted, you are supported by the intelligent pre-selection. Note Multiple insertion of identical objects If you insert an identical object multiple times in the cross-reference list, the duplicates are automatically removed after the next update. Note Functionality for newly added source objects Note that the "Undo and redo operations" functionality is not available for newly added source objects. Result The newly added object is displayed as last object in the cross-reference list. The current filter selection is applied to the newly added object only after the next update. 4898 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references 11.18.9 Show overlapping accesses in the cross-reference list Introduction The overlapping access to a selected object can be displayed in a second window in the lower part of the cross-reference list. The display of the overlapping access cannot be saved and is no longer available after the cross-reference list is opened again. Definition Overlapping access for tags and structured tags is determined based on the absolute addresses. We refer to "overlapping access" if the address for a tag or structured tag is partly or completely in the address space of the associated source object. Note Displaying "overlapping access" Overlapping access is only displayed for a single selected source object or lower-level source object in the cross-reference list. If several objects are selected in the cross-references shown, no overlapping access is displayed. WinCC Advanced V14 System Manual, 10/2016 4899 Programming the PLC 11.18 Displaying cross-references Example The following graphic shows the cross-reference list with the display of the overlapping access for "Tag_1": Requirement A project has been created which contains objects with overlapping access. Showing overlapping access in the cross-reference list Proceed as follows to display overlapping access in the cross-reference list: 1. Open the cross-reference list and click the "Show overlapping accesses" button in the toolbar. Result: All objects that have overlapping access are marked with the corresponding overlapping access symbol in the "Object" column. 2. In the upper part of the cross-reference list, select a marked object and call the "Show overlapping accesses" command via the shortcut menu. Result: The overlapping access to the selected object is displayed in a second window with the header "Overlapping accesses of: <ObjectName>". 4900 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.18 Displaying cross-references Note Display of the overlapping access The display of the overlapping access cannot be saved and is no longer shown after the crossreference list is opened again. To show the overlapping access again, perform the steps described above. 11.18.10 Restoring cross-references after project upgrade. Introduction After a project upgrade to a higher TIA Portal version, you have the option of recreating the associated cross-reference information for the updated project. This happens automatically at the end of the upgrade process. The current project is opened after this and the cross-references are then available again. You are notified if the cross-reference information is inconsistent or incomplete. A banner text with a link to additional information is displayed when the cross-reference list is opened. In this case, you can reorganize the cross-reference information yourself. Requirements You have performed a project upgrade and received the message that the cross-reference information is inconsistent or incomplete. Recreate the cross-reference information To create new cross-references, follow these steps: 1. To restore the cross-references, click the link in the displayed message. Alternatively, you can also call and execute the command via "Options" > "Settings" > "General" > "Cross-references". The settings for the TIA Portal then open under "Cross-references". 2. Click the displayed button "Recreate the cross-reference information" to start the process. 3. When the restoration has been completed, check the message in the Inspector window to see if the process was successful. If the process was successful, you receive a message which you must confirm with "OK". If the process was not successful, you receive an error message. 4. In the cross-reference list, click the "Update" button to close the displayed banner again. Result The new cross-reference information for the selected project was created. WinCC Advanced V14 System Manual, 10/2016 4901 Programming the PLC 11.18 Displaying cross-references 11.18.11 Displaying cross-references in the Inspector window Introduction The Inspector window displays cross-reference information about an object you have selected in the "Info > Cross-references" tab. If you select an object in any editor in the TIA Portal, the associated reference to the selected object is shown in this tab. Displaying cross-references in the Inspector window To display cross-reference information in the Inspector window, follow these steps: 1. Select the required object (e.g. in the project tree or in the program editor) and click "Show cross reference list" in the shortcut menu. Result: The references to the selected object are displayed in the Inspector window in the "Info" > "Cross-references" tab. Note Please note that only the cross-reference information for supported objects can be shown in the Inspector window If, for example, you have selected a folder, you will not receive any cross-reference information for this. Structure The Inspector window displays the cross-reference information in tabular format. The cross-reference list has the following structure: Column Content/meaning Object Displays the name of the source object which was selected when the cross-reference list was opened, with all lower-level objects and the associated reference objects. Reference location Shows the reference location of the objects, e.g. a network. Reference type Shows the relationship between the source object and the referenced objects: "Uses": The source object uses this object "Used by": The source object is used by this object "Type/instance": The source object is a type or an instance of the referenced object "contains": The source object contains the reference object (with HMI objects) "belongs to": The source object belongs to the reference object (with HMI objects) 4902 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Column Content/meaning As Shows additional information about objects, e.g. that a tag is used by several devices. Access Shows the type of access, e.g. whether access to the operand is read access (R) and/or write access (W). Address Shows the address of the relevant object. Type Shows the type and the language used to create the object. Device Shows the associated device name, e.g. "CPU_1". Path Displays the path of the object in the project tree with specification of folders and groups. Comment Displays comments on individual objects, if available. 11.19 Testing the user program 11.19.1 Basics of testing the user program Functions You have the option of testing the running of your user program on the device. You can then monitor signal states and values of tags and can assign values to tags to simulate certain situations in the running of the program. Requirement There must be an executable program loaded on the device. Test options The following test options are available: Testing with program status The program status allows you to monitor the running of the program. You can display the values of operands and the results of logic operations (RLO) allowing you to recognize and fix logical errors in your program. Testing in single step mode (S7-300/400 only) You can test blocks you created in STL or SCL in the single step mode. You do this by setting breakpoints in the program code at which program execution stops. You can then continue to run the program one step at a time. Within a CPU, you can test either with program status or in single step mode. You cannot, however, use both test options at the same time within a CPU. WinCC Advanced V14 System Manual, 10/2016 4903 Programming the PLC 11.19 Testing the user program Testing with the watch table With the watch table, you can monitor and modify the current values of individual tags in the user program or on a CPU. You can assign values to individual tags for testing and run the program in a variety of different situations. You can also assign fixed values to the I/O outputs of a CPU in STOP mode, for example to check the wiring. Testing with the force table With the force table, you can monitor and force the current values of individual tags in the user program or on a CPU. When you force, you overwrite individual tags with specified values. This allows you to test your user program and run through various situations. When forcing, make sure that you keep to the necessary safety measures for forcing (Page 4969)! See also Introduction to testing with program status (Page 4904) Introduction to testing with the watch table (Page 4923) Introduction for testing with the force table (Page 4951) 11.19.2 Testing with program status 11.19.2.1 Introduction to testing with program status Program status function You can monitor the execution of the program by displaying the program status. This shows you the values of the individual operands and their results of logic operations. This allows you to check whether the components of the automation system are being correctly controlled. The display of the program execution in the program status can differ slightly, depending on the CPU series used. Testing with program status for S7-300/400 During testing with program status, the CPU cycle time can become extended because the recording of the data affects the duration of the programmed instructions. During execution of the following test functions, an alarm is displayed once for each online session indicating that there is a risk of a timeout: During testing with call conditions During testing with breakpoints 4904 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program You can only perform these test functions after you have acknowledged the alarm. Note With older CPUs from the S7-300/400 CPU series, you will need to change the operating response using the hardware configuration and then load the hardware configuration to the device. You have the option to set the "Process operation" or "Test mode" operating response. Testing with program status for S7-1200/1500 When you run the "Testing with program status" function with a CPU from the S7-1500 series, the cycle time can increase significantly when monitoring loops due to the fast program execution. The CPU may go to STOP, especially when it exceeds the configured cycle clock for interrupt OBs or the configured maximum cycle time. Note To avoid a possible STOP in the CPU, ensure that no programmed loops are displayed in the active monitoring window during "Testing with program status". Alternatively, you can also increase the maximum permissible cycle time of the CPU. Restrictions with the "Program status" function The monitoring of loops can increase the cycle time significantly, depending in each case on the number of tags to be monitored and on the actual number of loops processed. To ensure that the cycle time is influenced as little as possible, the "Program status" function is restricted as described below: For CPUs from the S7-300/400 series: The status display of a programmed loop is stopped at the return point. For CPUs from the S7-1200/1500 series: The monitoring of loops is deactivated by default. If required, monitoring can be activated via the shortcut menu. If the monitoring of loops is enabled with an S7-1200 CPU, the program status for the area is not displayed after a loop that is processed multiple times. In this case, move the visible editor window to the area after the loop so that the monitor values are displayed again. WARNING Testing with program status A test with the "Program status" function can cause serious damage to property or injury to persons if malfunctions or program errors occur. Make sure that no dangerous situations can arise before you conduct a test with the "Program status" function. WinCC Advanced V14 System Manual, 10/2016 4905 Programming the PLC 11.19 Testing the user program Recommended procedure if there is a risk of a timeout If there is a risk of a timeout during monitoring with program status, you are alerted by the system with a corresponding alarm. To continue monitoring, you have to acknowledge the alarm with "Yes". In this case, you also have the following option to avoid exceeding the maximum permissible cycle time during testing with program status: Reduce the size of the editor window so that fewer tags are displayed and thus fewer tags are monitored. Monitor the required tags within the watch table. 11.19.2.2 Setting the call environment Basics of the call environment Function You can define the call environment for block monitoring and for breakpoints. With this, you specify the conditions for recording the program status of a block or for stopping program execution at a breakpoint. Specification of the call environment for block monitoring Alternatively, you can activate one of the following options to specify the call environment: No condition defined If no other option was selected this option is the default. Instance data block The program status of a function block will then only be recorded when you call the function block with the selected instance data block. Call path The program status of a block will then only be recorded when you call the block with a specific block or from a specific path. Manually adapted call path You can enter the desired call environment manually in this field. The "Transfer to 'adjusted manually'" button is used to transfer the content selected under "Call environment", which you can edit further if required. The program status of a block will then only be recorded when you call the block with a specific block or from a specific path. Specification of the call environment for breakpoints You can also specify a separate condition for each breakpoint. If you do not specify the call environment, the program status of a block call is selected at random and recorded within the call structure and program execution is always interrupted at the relevant breakpoint. You should therefore always specify the call environment if you want to display the program status for a specific call. 4906 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program See also Setting the call environment for block monitoring (Page 4907) Setting the call environment for block monitoring By setting the call environment, you can specify when the program status of a block is recorded. The section "Setting the call environment for breakpoints" describes how to set the call environment for breakpoints. Requirement The block is open. Specifying the call environment To set the call environment, follow these steps: 1. Open the "Testing" task card. 2. Click "Change" in the "Call environment" pane. The "Call environment of the block" dialog opens. 3. Select the condition you want to apply. See also: Basics of the call environment (Page 4906) 4. Confirm your selection with "OK". Result The selected call environment is displayed in the "Testing" task card within the "Call environment" pane. The program status is now carried out in accordance with the set call environment. Changing the call environment Proceed as follows to change the call environment: 1. Open the "Testing" task card. If a call environment is already set, this is displayed in the "Call environment" pane. 2. Click "Change" in the "Call environment" pane. The "Call environment of the block" dialog opens. 3. Select the condition you want to apply. See also: Basics of the call environment (Page 4906) 4. Confirm your selection with "OK". WinCC Advanced V14 System Manual, 10/2016 4907 Programming the PLC 11.19 Testing the user program Result The selected call environment is displayed in the "Testing" task card within the "Call environment" pane. The program status is now carried out in accordance with the set call environment. See also Basics of the call environment (Page 4906) Introduction to testing with program status (Page 4904) 11.19.2.3 Switching test with program status on/off You can monitor all blocks by switching on the program status of the block. This function is available to you for all code blocks, regardless of the programming language used. For blocks that were programmed with LAD, FBD or SCL you can also enable the program status from a specific position or for a specific selection. You can switch on the program status for an open block directly, or open a block from the calling block and view the program status. Note Note the following: The resources for testing with program status are limited. If there are not enough resources for an additional test, the tests that are already running are terminated. It is possible that another user can carry out a loading process on the selected CPU through joint parallel working on a CPU. It is therefore possible in the following cases that you can either not start the test with program status or that a running test is terminated: - Through the loading process the block for which you want to start or already have carried out the test with program status is loaded. - You use an instance data block as the call environment for the test with program status and the block changes structurally through the loading process, e.g. by renumbering. - You use a call path as the test condition for the test with program status and a block within the call path changes through the loading process. If a running test is terminated, a corresponding message is displayed in the Inspector window. Requirement Code block: The code of the offline block is identical with the code of the online block. In this case the "Code time stamps" of the blocks are identical. Data block: The structure of the offline block is identical with the structure of the online block. In this case the "Interface time stamps" of the blocks are identical. 4908 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Switching the program status on or off directly in the block To switch the program status for a block on or off directly in the block, follow these steps: 1. Open the block for which you wish to switch on the program status. 2. Click "Monitoring on/off" in the toolbar. If you have not already established an online connection, the "Go online" dialog opens. In this dialog, you can establish an online connection. See also: Establishing and terminating an online connection 3. Click "Monitoring on/off" in the toolbar again to switch the program status off. Switching on or off program status starting at a specific point in a network To start the program status for LAD and FBD at a specific point, follow these steps: 1. Open the block for which you wish to switch on the program status. 2. Click "Monitoring on/off" in the toolbar. 3. Right-click on the tag you want program status to start from. 4. Select "Modify > "Monitor from here" in the shortcut menu. 5. Click "Monitoring on/off" in the toolbar again to switch the program status off. To start the program status in SCL at a specific point, follow these steps: 1. Open the block for which you wish to switch on the program status. 2. Click "Monitoring on/off" in the toolbar. 3. Select the tag from which you want to start the program status. 4. After this, click "Display program status from the selected line" in the toolbar. 5. Click "Monitoring on/off" in the toolbar again to switch the program status off. 6. To make matters clearer, you can use the shortcut menu commands "Open" and "Close" or "Open all" and "Close all" to expand or collapse individual or all closed code sections within the block. Switching on or off program status for selected tags To start the program status for LAD and FBD for selected tags, follow these steps: 1. Open the block for which you wish to switch on the program status. 2. Click "Monitoring on/off" in the toolbar. 3. Select the tags for which you want to start the program status. 4. Select "Modify > Monitor selection" in the shortcut menu. 5. Click "Monitoring on/off" in the toolbar again to switch the program status off. WinCC Advanced V14 System Manual, 10/2016 4909 Programming the PLC 11.19 Testing the user program Switching on program status from the calling block To switch on the program status for a block from the calling block (e.g. OB1), follow these steps: 1. Open the calling block. 2. Right-click on the block call. 3. Select the command "Open and monitor" in the shortcut menu. The block will open in the program editor. An online connection is established and the program status is displayed. The calling block is set in the call path. Result If you enable the display of the program status, an online connection is established and the program status is displayed. When you turn off the display of the program status, you can terminate the online connection at the same time. The call path of the block is shown under the block interface. If necessary, you can change the call environment in the "Call environment" section at the right-hand edge at "Test" and "Options". In the case of CPUs of the S7-1200/1500 series the "Call hierarchy" is displayed additionally on the right-hand edge. You can open the calling block by clicking the link. 11.19.2.4 Monitoring loops Introduction to monitoring loops If you display the program status, you can monitor the execution of the program with a block. This provides you with an overview of the values of the individual operands and the results of the logic operations and you can check whether the components of the automation system are correctly controlled. If the values are shown in a lighter, less saturated font, these values do not come from the current cycle. Note The monitoring of loops can increase the cycle time of the CPU significantly, depending in each case on the number of tags to be monitored and on the actual number of loops processed. Special rules apply to loop monitoring, depending on the specific CPU and the programming language that are used. Rules for loop monitoring (S7-300/400) To ensure that the cycle time is influenced as little as possible, the "Program status" function is restricted as follows during the monitoring of loops with CPU from the S7-300/400 family in all programming languages: The status display of a programmed loop is stopped at the return point. 4910 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Rules for loop monitoring in STL (S7-1500) The display of the program status within programmed loops is disabled by default during the monitoring of loops in STL. To avoid any lengthening of the cycle time, no values are displayed for the tags within loops between the "Label" and the associated "Loop" instruction. If you are monitoring an STL block with programmed loops, a tooltip informs you that the monitoring of loops is currently disabled and can be enabled if required via the shortcut menu. Note Please note that only those loops that are programmed within a network are recognized. Enabling/disabling the monitoring of loops in STL (S7-1500) To enable the monitoring of loops in STL, follow these steps: 1. Open the STL block that you want to monitor. 2. Click "Monitoring on/off" in the toolbar. If you have not already established an online connection, the "Go online" dialog opens. In this dialog, you can establish an online connection. See also: Establishing and terminating an online connection 3. Enable the monitoring within the program editor with the shortcut menu command "Monitoring" > "Monitor loops". 4. Confirm the next prompt with "Yes". Result: The monitoring of loops is enabled for the entire block and is active until monitoring of loops is once again disabled or the online connection to the CPU is terminated. 5. Click "Monitoring on/off" in the toolbar again to switch the program status off. Rules for loop monitoring in SCL (S7-1200/1500) The display of the program status within programmed loops is disabled by default during the monitoring of loops in SCL. This affects the instructions "FOR", "WHILE" and REPEAT-UNTIL": To avoid any lengthening of the cycle time, no values are displayed for the tags within these instructions. If you are monitoring an SCL block with programmed loops, a tooltip informs you that the monitoring of loops is currently disabled and can be enabled if required via the shortcut menu. Enabling/disabling the monitoring of loops in SCL (S7-1200/1500) To enable the monitoring of loops in SCL, follow these steps: 1. Open the SCL block that you want to monitor. 2. Click "Monitoring on/off" in the toolbar. If you have not already established an online connection, the "Go online" dialog opens. In this dialog, you can establish an online connection. See also: Establishing and terminating an online connection WinCC Advanced V14 System Manual, 10/2016 4911 Programming the PLC 11.19 Testing the user program 3. Right-click within the loop, in the column "value, for example, and enable monitoring with the shortcut menu command "Monitor loops". 4. Confirm the next prompt with "Yes". Result: The monitoring of loops is enabled for the entire block and is active until monitoring of loops is once again disabled or the online connection to the CPU is terminated. 5. Click "Monitoring on/off" in the toolbar again to switch the program status off. 11.19.2.5 Monitoring structures Introduction to monitoring structures You can monitor the execution of the program with a block. This provides you with an overview of the values of the individual operands and the results of the logic operations and you can check whether the components of the automation system are correctly controlled. As of TIA Portal V14, it is also possible to monitor structured PLC tags. Special rules apply to monitoring structures, depending on the specific CPU that is used, the programming language that is used, and the properties of the relevant structures. Rules for monitoring structures (S7-1200/1500) During the monitoring of structures, the values of a structured PLC tag are displayed in the program editor and in the Inspector window, with the following exception: It is not possible to monitor structures whose elements have adjustable retentivity properties. To display the monitor values for a structure, you must first enable monitoring via the shortcut menu. Displaying the monitor values for structures in the Inspector window If the monitoring of structures is enabled and a structure tag is selected in the program editor, the associated monitor values are displayed in the Inspector window in the tab "Diagnostics" > "Monitor values". The Inspector window is structured as follows: The "Name" column shows the selected structure tag with the lower-level elements on the first step open. If you click the name of the structure tag, the program editor jumps to this tag's point of use. The "Data type" column shows the associated data type. The "Value" columns shows the associated monitor values. If dashes are shown here instead of values, the monitoring of loops is disabled. In this case, enable the monitoring of loops again by means of the shortcut menu in the program editor. Columns "Value - IN" and "Value - OUT": These columns with the corresponding values are only displayed if the selected structure is used as InOut parameter. If the monitor values are displayed in a font with only 50 % saturation, this means that these vales are not from the current cycle. 4912 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program The monitor values displayed in the Inspector window use the same call path that is set as default for the block. The table with monitor values displayed in the Inspector window can be copied to an Excel file. If it is not possible to display any monitor values in the Inspector window, you will receive information that these are not available. Procedure for monitoring structures To enable the monitoring of structures, follow these steps: 1. Open the block in the program editor. 2. Click "Monitoring on/off" in the toolbar. If you have not already established an online connection, the "Go online" dialog opens. In this dialog, you can establish an online connection. See also: Establishing and terminating an online connection 3. If the structure to be monitored is located in a loop, first enable the monitoring of loops. See also: Monitoring loops (Page 4910) 4. Right-click on a structure and enable the monitoring of structures by means of the shortcut menu command "Monitoring" > "Monitor values". Result: The selected structure tag is displayed in the Inspector window in the tab "Diagnostics" > "Monitor values" is open up to the first level with the current values displayed. 5. If required, open the still closed elements of the structure, to display all lower-level elements and their values. 6. Click "Monitoring on/off" in the toolbar again to switch the program status off. Note Monitoring a structure within an array Click directly behind the closing bracket to select the relevant structure for monitoring. See also Monitoring loops (Page 4910) 11.19.2.6 Editing blocks during the program test If you edit blocks while they are being monitored, monitoring will be interrupted and you will be able to edit the block offline. If the block is not available offline in the project, you will first have to load it from the device to the project. After editing the block, you will also have to compile and download it again. WinCC Advanced V14 System Manual, 10/2016 4913 Programming the PLC 11.19 Testing the user program Procedure To edit blocks while these are being monitored, follow these steps: 1. Edit the block as necessary. Monitoring is interrupted and the block is switched offline mode assuming it exists offline. 2. If the block does not exist offline, load it to the project from the device. 3. Compile the block. See also: AUTOHOTSPOT 4. Download the block to the device. See also: AUTOHOTSPOT Result The block now contains your modifications both online and offline. The online connection is reestablished and monitoring continues. 11.19.2.7 Modifying tags during monitoring During monitoring, you have the option to modify tags immediately and once to the following values: Modify to 1 Modifies tags of the "Bool" data type to the value "True". Modify to 0 Modifies tags of the "Bool" data type to the value "False" Modify operand You can enter a modify value for tags that do not belong to the "Bool" data type. Note that you cannot modify peripheral inputs, for example, via TagName:P. Procedure To modify tags during monitoring, follow these steps: 1. Right-click on the tag you want to modify. 2. Select one of the following commands in the shortcut menu: - "Modify > Modify to 1" - "Modify > Modify to 0" - "Modify > Modify operand" 3. If you select "Modify operand", the "Modify operand" dialog opens. Enter the value you require in the "Modify value" box and confirm with "OK". 4914 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 11.19.2.8 Switching display formats in the program status Introduction The display formats for tags depend on the respective tag type. During monitoring, you have the option of switching the current display format by means of the shortcut menu. The possible display formats for a tag are offered in a list. This is useful, for example, when you need a hexadecimal display in order to search for a hexadecimal error code. Procedure To switch the display format, follow these steps: 1. Open the desired block in the programming editor. 2. Switch on the program status by clicking "Monitoring on/off" in the toolbar. If you have not already established an online connection, the "Go online" dialog opens. In this dialog, you can establish an online connection. 3. Select the tags you want to monitor. 4. Select "Modify > Monitor selection" in the shortcut menu to start monitoring this tag. 5. Select the desired tag at the corresponding block output and then select the desired display format in the shortcut menu, for example, "Modify > Display format > Hexadecimal". Result The display format for the selected tag is shown in hexadecimal form. Note Switching display format during monitoring Please note that it is not possible to switch the display format for unconnected outputs, as no monitoring value is output in this case. 11.19.2.9 Examples of program status display Program status display for LAD programs Displays in program status The display of the program status is updated cyclically. The following figure shows an example of the program status display for LAD: WinCC Advanced V14 System Manual, 10/2016 4915 Programming the PLC 11.19 Testing the user program Representation of the program status You can recognize the status of individual instructions and lines of a network quickly based on the color and type of lines and symbols. The following table shows the relationship between representation and status: Representation Status Green solid Satisfied Blue dashed Not satisfied Gray solid Unknown or not executed Black Not interconnected Lines or parameters in a frame with a saturation of 100 % Value is current Lines or parameters in a frame with a saturation of 50 % Value originates from an earlier cycle. The point in the program was not executed in the current cycle. Program status display for FBD programs Displays in program status The display of the program status is updated cyclically. The following figure shows an example of the program status display for FBD: 4916 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Representation of the program status You can recognize the status of individual instructions and lines of a network quickly based on the color and type of lines and symbols. The following table shows the relationship between representation and status: Representation Status Green solid Satisfied Blue dashed Not satisfied Gray solid Unknown or not executed Black Not interconnected Lines or parameters in a frame with a saturation of 100 % Value is current Lines or parameters in a frame with a saturation of 50 % Value originates from an earlier cycle. The point in the program was not executed in the current cycle. The values of the operands are displayed above the relevant operand name in a gray box. Note Program status display for outputs which are not interconnected Please note that a monitor value cannot be displayed for outputs which are not interconnected. Program status display for STL programs (S7-300, S7-400, S7-1500) Displays in program status The display of the program status is updated cyclically and shown in tables. The tables are shown directly next to the STL program. You can read the program status for each line of the program. The display depends on the CPU in use (S7-300, S7-400, or S7-1500). The tables to be displayed in the program status always contain the following information: RLO The "RLO" column shows the result of logic operation for each line of program. You can recognize the value of the RLO based on the background color of the table cell. Here, green means an RLO of 1 and lilac an RLO of 0. Value The current value of the operand is shown in the "Value" column. Extra The "Extra" column shows additional information depending on the particular operation, for example, relevant status bits for mathematical instructions, time or count values for timers and counters or memory addresses for indirect addressing. The following figure shows an example of the program status display of a CPU S7-300 under STL: WinCC Advanced V14 System Manual, 10/2016 4917 Programming the PLC 11.19 Testing the user program Program status display for SCL programs Displays in program status The display of the program status is updated cyclically and shown in a table. The table is displayed immediately beside the SCL program and you can see the program status for each line of the program. The table contains the following information: Tag names Value You can move the table to the left or right at any time. 4918 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program The following figure shows an example of the program status display for SCL: Explanation on monitoring in SCL If the code of the line is not executed, the tag name is displayed in the values table in gray text. The current values of the tags are displayed in the last column. If no values can be displayed for a tag, the corresponding cell has a yellow background and three question marks are shown. In this case, select the "Create extended status information" check box in the properties of the block and download the block to the device again. All values are then displayed. In the first column, you can see the name of the tag for which the current value is being displayed. If the line includes the "IF", "WHILE" or "REPEAT" instruction, the result of the instruction is displayed in the line as "True" or "False". If the line contains more than one tag, the value of the first tag is displayed. In both cases, all tags of these lines are displayed with their values in a separate list as soon as you select a line. If you place the cursor in a tag in the program code, this is shown in bold face in the list. You can also display the other tags of a line explicitly by clicking the arrow right located in front of lines containing more than one tag. Program status display for GRAPH programs (S7-300, S7-400, S7-1500) Displays in program status For GRAPH programs you can have the program status displayed in sequence view and in single step view and for the permanent instructions. The program status display of permanent instructions corresponds to the program status display for LAB/FBD programs. The display of the program status is updated cyclically. WinCC Advanced V14 System Manual, 10/2016 4919 Programming the PLC 11.19 Testing the user program The following table shows the relationship between representation and status: Representation Area Status Green Step, sequencer There are no faults. Light green Step, sequencer There are no faults. The values are from elapsed cycles. Condition The transition is fulfilled. Red Step, sequencer There is a supervision error. Yellow Step, sequencer There is an interlock error. Black Condition The transition is not fulfilled. The following figures show examples of the display for the program status in the sequence view: Step 2 contains a supervision error. The transition for switching from step 2 to step 3 is fulfilled. 4920 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Step 2 contains an interlock error. The transition for switching to step 3 is fulfilled. The figure below shows an example of the display for the program status in the single step view of a S7-300: WinCC Advanced V14 System Manual, 10/2016 4921 Programming the PLC 11.19 Testing the user program The step does not contain an interlock error. The subsequent transition is not satisfied. 4922 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 11.19.3 Testing with the watch table 11.19.3.1 Introduction to testing with the watch table Overview The following functions are available in the watch table: Monitoring tags This allows the current values of the individual tags of a user program or a CPU to be displayed on the programming device or PC. Monitoring tags You can use this function to assign fixed values to the individual tags of a user program or CPU. Modifying is also possible with Test with program status . "Enable peripheral outputs" and "Modify now" These two functions enable you to assign fixed values to individual peripheral outputs of a CPU in the STOP mode. You can also use them to check your wiring. Monitoring and modifying tags The following tags can be monitored and modified: Inputs, outputs, and bit memories Contents of data blocks Content of UDTs I/O Team engineering in the watch table As of TIA Portal V13 SP1, within the framework of team engineering with an S7-1500 CPU with firmware version >= 1.7, several Engineering Systems can access the CPU online simultaneously, for example to monitor and modify tags and download blocks. If you use this function, make sure that you keep to the requirements and rules that apply to team engineering as explained in the information system in "Using Team Engineering" in the section "Shared commissioning of projects". Possible applications The advantage of the watch table is that a variety of test environments can be stored. This enables you to reproduce tests during commissioning or for service and maintenance purposes. See also Layout of the watch table (Page 4924) Basic mode and expanded mode in the watch table (Page 4925) WinCC Advanced V14 System Manual, 10/2016 4923 Programming the PLC 11.19 Testing the user program Icons in the watch table (Page 4926) Creating and editing watch tables (Page 4927) 11.19.3.2 Layout of the watch table Introduction A watch table contains the tags you defined for the entire CPU. A "Watch and force tables" folder is automatically generated for each CPU created in the project. You create a new watch table in this folder by selecting the "Add new Watch table" command. Layout of the watch table The columns displayed in the watch table depend on the mode you are working in: basic mode or expanded mode. The following additional columns are shown in expanded mode: Monitor with trigger Modify with trigger The names of the columns can also be changed dynamically based on the action. Meaning of the columns The following table shows the meaning of the individual columns in basic mode and expanded mode: Mode Column Basic mode Meaning Identifier column Name Name of the inserted tag Address Address of the inserted tag Display format Selected display format Monitor value Values of the tags, depending on the selected display for mat. Modify value Value with which the tag is modified. Select the tag to be modified by clicking the corresponding check box. The following additional col umns are shown in expan ded mode: Comment Comment for documentation of the tags Monitor with trigger Display of selected monitoring mode Modify with trigger Display of selected modify mode See also Icons in the watch table (Page 4926) 4924 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 11.19.3.3 Basic mode and expanded mode in the watch table Difference between basic mode and expanded mode in the watch table Depending on the mode specified, the watch table displays different columns and column headings that can be used to perform different actions. You will find a detailed list of the columns in Layout of the watch table (Page 4924). Switching between basic mode and expanded mode You have the following options of toggling between the basic and expanded mode: Click the icon "Show/hide advanced setting columns". Click this icon again to return to the basic mode. Or: In the "Online" menu, select the "Expanded mode" check box. Deactivate this check box to return to the basic mode. Functionality in expanded mode The following functionality is only possible in expanded mode: Monitor with trigger Modify with trigger Enable peripheral outputs Monitor peripheral inputs Modify peripheral outputs NOTICE Danger of a time-out while monitoring peripheral inputs and controlling peripheral outputs Note that the monitoring of peripheral inputs and the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. See also Setting the monitoring and modify mode (Page 4938) WinCC Advanced V14 System Manual, 10/2016 4925 Programming the PLC 11.19 Testing the user program 11.19.3.4 Icons in the watch table Meaning of the icons The following table shows the meaning of the icons in the watch table: Icon Meaning Identifies a table inside the project tree as a watch table. Shows information in the identifier column. Inserts a row before the selected row. Inserts a row after the selected row. Modifies the addresses of all selected tags immediately and once. This command is executed once and as quickly as possible without reference to a defined trigger point in the user program. Modifies the addresses of all selected tags with reference to a defined trig ger point in the user program. Disables the command output disable of the peripheral outputs. You can then modify the peripheral outputs when the CPU is in STOP mode. Displays all columns of expanded mode. If you click this icon again, the columns of expanded mode will be hidden. Displays all modify columns. If you click this icon again, the modify columns will be hidden. Starts monitoring of the visible tags in the active watch table. The default setting for the monitoring mode in basic mode is "permanent". In expanded mode, you can set defined trigger points for the monitoring of tags. Starts monitoring of the visible tags in the active watch table. This command is executed immediately and the tags are monitored once. Displays the check box for the selection of tags to be modified. Indicates that the value of the selected tag has been modified to "1". Indicates that the value of the selected tag has been modified to "0". Indicates that the address is being used multiple times. Indicates that the substitute value is being used. Substitute values are val ues that are output to the process in case of signal output module faults or are used instead of a process value in the user program in case of signal input module faults. The substitute values can be assigned by the user (e.g., retain old value). Indicates that the address is blocked because it is already being modified. Indicates that the address cannot be modified. Indicates that the address cannot be monitored. Indicates that an address is being forced. Indicates that an address is being partly forced. 4926 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Icon Meaning Indicates that an associated I/O address is being fully or partly forced. Indicates that an address cannot be fully forced. Example: It is indeed pos sible to force the address QW0:P, but it is not possible to force the address QD0:P since this address area is eventually not available on the CPU. Indicates that a syntax error occurred. Indicates that the address is selected but at the moment e.g. has not yet been modified. See also Layout of the watch table (Page 4924) 11.19.3.5 Creating and editing watch tables Creating a watch table Introduction The watch table allows you to monitor and modify tags in the user program. Once you have created a watch table, you can save it, duplicate it, and print it and use it again and again to monitor and modify tags. Requirement A project is open. Procedure To create a watch table, follow these steps: 1. Click "Project view" in the status bar. The project view is displayed. 2. In the project tree, double-click the CPU for which you want to create a watch table. 3. Double-click the "Watch and force tables" folder and then the "Add new watch table" command. A new watch table is added. 4. In the "Name" column or in the "Address" column, enter the name or the absolute address for the tags that you want to monitor or modify. 5. You can select a display format from the drop-down list in the "Display format" column if you want to change this default setting. 6. Now decide whether you want to monitor or modify the entered tags and, if applicable, enter the desired values for modifying. WinCC Advanced V14 System Manual, 10/2016 4927 Programming the PLC 11.19 Testing the user program Opening a watch table Requirement A watch table has been created. Procedure To open a watch table, follow these steps: 1. Open the "Watch and force tables" folder below the desired CPU. 2. Double-click on the required watch table in the folder. Result The selected watch table opens. Copying and pasting a watch table Requirement A watch table has been created. Procedure To copy a watch table, follow these steps: 1. Right-click the watch table that you want to copy. 2. In the context menu, select "Copy". 3. In the project tree, open the folder structure for the CPU in which you want to paste the copied watch table. 4. Right-click on the "Watch and force tables" folder. 5. In the context menu, select "Paste". 6. Alternatively, you can select the entire contents of the watch table and Drag & Drop it onto another watch table. Result A copy of the selected watch table is placed in the "Watch and force tables" folder of the relevant CPU. 4928 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Saving a watch table Prerequisite A watch table has been created. Procedure To save a watch table, follow these steps: 1. In the project tree select the watch table you want to save. 2. If you wish to change the preset name of the table, select the "Rename" command in the context menu and enter a new name for the table. 3. In the "Project" menu, select "Save". Note that this save operation will save the entire project. Result The contents of the watch table and the project are saved. Note You can reuse saved watch tables to monitor and modify tags when retesting your program. 11.19.3.6 Entering tags in the watch table Basic information on entering tags in the watch table Recommended procedure Select the tags whose values you want to monitor or modify, and enter them in the watch table. When entering tags into the watch table, please note that these tags must be previously defined in the PLC tag table. When entering tags, work from the outside to the inside. This means that you start by entering the tags for the inputs in the watch table. Then, you enter the tags that are affected by the inputs or that affect the outputs. Finally, you enter the tags for the outputs. Example of filling out a watch table Enter the absolute address to be monitored or modified in the "Address" column. Enter the symbolic name for the tag in the "Name" column. WinCC Advanced V14 System Manual, 10/2016 4929 Programming the PLC 11.19 Testing the user program Select the display format you require from the drop-down list in the "Display format" column, if you do not want to use the default setting. Now decide whether you want to monitor or modify the entered tags. Enter the desired values for modifying as well as a comment in the corresponding columns of the watch table. Create comment row If required, you can create a comment row by entering the string "//" in the "Name" column. Syntax check When you enter the tags in the watch table, the syntax of each cell is checked when you exit the cell. Incorrect entries are marked in red. Note When you place the mouse pointer in a cell marked in red, brief information is displayed with additional notes on the error. See also Permitted operands for the watch table (Page 4930) Permissible modify values for the watch table (Page 4931) Permitted operands for the watch table Permissible operands for the watch table The following table shows the operands that are permitted for the watch table: Permitted operand Example of data type Example (International mnemon ics) Input/output/bit memory BOOL I1.0, Q1.7, M10.1 Input/output/bit memory BYTE I0.0:P; Q0.0:P IB1/QB10/MB100 IB1:P; QB1:P Input/output/bit memory WORD IW1; QW10; MW100 IW2:P; QW3:P Input/output/bit memory DWORD ID4; QD10; MD100 ID2:P; QD1:P 4930 Timers TIMER T1 Counters COUNTER C1 Data block BOOL DB1.DBX1.0 Data block BYTE DB1.DBB1 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Permitted operand Example of data type Example (International mnemon ics) Data block WORD DB1.DBW1 Data block DWORD DB1.DBD1 Note Please observe the following notes to work with the watch table. You cannot enter "DB0..." because it is used by the system! Peripheral outputs can be modified but not monitored. Peripheral inputs can be monitored but not modified. NOTICE Danger of a time-out while monitoring peripheral inputs and controlling peripheral outputs Note that the monitoring of peripheral inputs and the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. See also Basic information on entering tags in the watch table (Page 4929) Overview of the valid data types (Page 2131) Permissible modify values for the watch table Entry of modify values in the watch table The following table shows the operands that are permitted for the entry of modify values in the watch table: Table 11-109 Bit operands WinCC Advanced V14 System Manual, 10/2016 Possible bit operands Example for permitted modify values I1.0 True M1.7 False Q1.0 0 Q1.1:P 1 DB1.DBX1.1 2#0 M1.6 2#1 4931 Programming the PLC 11.19 Testing the user program Table 11-110 Byte operands Possible byte operands Example for permitted modify values IB1 2#0011_0011 MB12 B#16#1F QB10 1F QB11:P 'a' DB1.DBB1 10 Table 11-111 Word operands Possible word operands Example for permitted modify values IW1 2#0011_0011_0011_0011 MW12 W#16#ABCD MW14 ABCD QW10 B#(12, 34) QW12:P 12345 DB1.DBW1 'ab' MW16 S5T#9s_340ms MW18 C#123 MW9 D#2006-12-31 Table 11-112 Double word operands Possible double word operands Example for permitted modify values ID1 2#0011_0011_0011_0011_0011_0011_0011_0011 QD10 Dw#16#abcdef10 QD12:P ABCDEF10 DB1.DBD2 b#(12,34,56,78) MD8 L#-12 MD12 L#12 MD16 123456789 MD20 123456789 MD24 T#12s_345ms MD28 Tod#1:2:34.567 MD32 P#e0.0 Table 11-113 Timers 4932 Possible operands of the "Tim er" type Permitted control values Explanation T1 0 ms Time value in milliseconds (ms) T12 20 ms Time value in milliseconds (ms) WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Possible operands of the "Tim er" type Permitted control values Explanation T14 12400 ms Time value in milliseconds (ms) T16 S5t#12s300ms Time value 12s 300 ms Table 11-114 Counters Possible operands of the "Counter" type Permitted control values C1 0 C14 20 C16 C#123 Notes on timers and counters Timers Note Modifying a timer influences only the value, not the status. Timer T1 can be modified to the value "0", but the result of logic operation for A T1 is not changed. The time sequences "s5t" and "s5time" can be written in both lower-case and upper-case characters. Counters Note Modifying a counter influences only the value, not the status. Counter C1 can be changed to the value "0", but the result of the logic operation for A C1 is not changed. Overview of the display formats Display formats in the watch table The display format you select specifies the representation of a tag value. When entering the address a display format is automatically preset. If you want to change this, you can select a display format from the drop-down list in the "Display formats" column. The drop-down list only offers the display formats which are valid for this data type. The display format that appears first in the list is the pre-selected format. WinCC Advanced V14 System Manual, 10/2016 4933 Programming the PLC 11.19 Testing the user program Example The following table shows the 32-bit data types permitted for all CPU families in the watch table and their possible display formats: 4934 Data type Possible display formats BOOL Bool, Hex, BCD, Octal, Bin, Dec, Dec+/- BYTE Hex, BCD, Octal, Bin, Dec, Dec+/-, Character WORD Hex, BCD, Octal, Bin, Dec, Dec+/-, Dec_Sequence, Character, Uni code_Character, SIMATIC_Time, Date, Counter DWORD Hex, BCD, Octal, Bin, Dec, Dec+/-, Dec_Sequence, Character, Uni code_Character, Floating-point number, Time of day, Timer SINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character INT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, SIMATIC_Time, Counter, Date DINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Timer USINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character UINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, SIMATIC_Time, Counter, Date UDINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Timer REAL Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Charac ter,Dec, Dec+/-, Dec_Sequence, Time of day, Timer DATE Date, Dec, Hex, Bin TIME_OF_DAY Time of day, Dec, Hex, Bin TIME Timer, Hex, Bin, Dec, Dec+/- DATE_AND_TIME Date and time, TIMER SIMATIC_Time, Hex, BCD, Bin CHAR Character, Hex, BCD, Octal, Bin, Dec, Dec+/- WCHAR Unicode_Character, Character, Hex, BCD, Octal, Bin, Dec, Dec+/- STRING Character string WSTRING Unicode_character string POINTER Pointer, Hex COUNTER Counter, Hex, BCD, Bin S5TIME SIMATIC_Time, Hex, BCD, Bin WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program For the S7-1200 CPU family, all 32-bit data types are permitted (see table above), as well as the 64-bit data type LREAL with the following possible display formats: Data type Possible display formats LREAL In a project created with TIA Portal < V12: Floating-point number Note: The display of LREAL is limited to 13 digits plus exponent. LREAL In a project created with TIA Portal >= V12: Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Sequence, Time of day, Time, Date and time Note: The display of LREAL is limited to 13 digits plus exponent. For the S7-1500 CPU family, in addition to 32-bit data types, the 64-bit data types listed in the table are also permitted with the following possible display formats: Data type Possible display formats LWORD Hex, Octal, BCD, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Se quence, Floating-point number, Time of day, Time, Date and time LINT Dec+/-, Dec, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Time, Date and time ULINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Time, Date and time LREAL Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Sequence, Time of day, Time, Date and time LTIME Timer, Dec+/-, Dec, Hex, Bin LTOD Time of day, Dec, Hex, Bin LDT Date and time, Dec, Hex, Bin For more information, refer to the description of the valid data types (Page 2131). Note Rounding of floating-point numbers In the watch table, floating-point numbers are stored as binary numbers in IEEE format. Because not every floating point number (real, longreal) that can be displayed on the user interface can be mapped to the IEEE format, there is a possibility that floating-point numbers will be rounded. If a rounded floating-point number in the watch table is copied and, in turn, inserted in another input field, the rounding may cause a slight difference. WinCC Advanced V14 System Manual, 10/2016 4935 Programming the PLC 11.19 Testing the user program Note Only symbolic addressing is possible In the watch table, LongDataTypes such as LWORD or LREAL can only be addressed symbolically. Selecting the display format for tags Procedure To select the display format of the tags, follow these steps: 1. Enter the desired address in the watch table. 2. Click the desired cell in the "Display format" column, and open the drop-down list. The permissible display formats are shown in the drop-down list. 3. Select the desired display format from the drop-down list. Note If the selected display format cannot be applied, then the last selected display format will be displayed automatically. See also Overview of the valid data types (Page 2131) Creating and editing comment lines Basic principles of comment lines In addition to the row related comments in the comment column, you can now also create complete comment lines to enhance the structure of the watch table. The contents of the comment line are stored in the "Languages & Resources" folder in the "Project texts" tab and can be compiled in other project languages. Creating comment lines To create comment lines, follow these steps: 1. Open the watch table and enter the required addresses. 2. To create a comment line, enter the character string "//" in the "Name" column. No comment lines can be created in the other columns. 4936 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 3. Enter the required comment in the comment line. The entered comment is shown in green. 4. To show all comments you entered, double-click "Project texts" in the project tree under "Languages & Resources". 5. If you are working in multi-lingual projects and want your comment to be translated into other languages, you can set the project languages required in addition to the editing language in the project tree under "Languages & Resources > Project languages". Deleting comment lines To delete comment lines, follow these steps: 1. Open a watch table containing comment lines. 2. Delete the entire comment including the introductory string "//", if you no longer required this. 3. Alternatively, delete only the introductory string "//". In this case the existing comment is retained and is displayed in the "Comment" column in the watch table. Note Deleting comment lines When you delete comment lines the project languages and any existing translations for these comments are also deleted. 11.19.3.7 Monitoring tags in the watch table Introduction to monitoring tags in the watch table Introduction The watch table allows you to monitor the tags of the configured input and output modules in the CPU, depending on the monitoring and modify mode (Page 4938) selected. To monitor tags, an online connection to the CPU must exist. NOTICE Danger of a time-out while monitoring peripheral inputs Note that the monitoring of peripheral inputs can result in a time-out. The CPU assumes the "STOP" mode. WinCC Advanced V14 System Manual, 10/2016 4937 Programming the PLC 11.19 Testing the user program Options for monitoring tags The following options are available for monitoring tags: Monitor now This command starts the monitoring of the visible tags in the active watch table immediately and once only. Monitor all This command starts the monitoring of all visible tags in the active watch table, depending on the selected watch mode: - In basic mode, the monitoring mode is set to "permanent" by default. - In expanded mode, you can specify defined trigger points for the monitoring of tags. Note If the monitoring mode is changed while in expanded mode and then a switch is made to basic mode, the monitoring mode set before will also be applied in basic mode. CPU-specific limitations when monitoring tags The following CPU-specific differences exist: CPU S7-300/400: CPUs from this family can only monitor the first 30 characters of a string. CPU S7-1200/1500: CPUs from this family can monitor a string up to the total size of 254 characters. Setting the monitoring and modify mode Introduction By selecting the monitoring and modify mode, you specify the trigger point and the duration of the tag monitoring in the watch table and the force table. Possible monitoring and modify modes (duration of monitoring or modifying) The following monitoring and modifying modes are available: 4938 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Trigger Execution CPU status Duration Permanent Permanent RUN Will be executed until the user stops the action or the online connection to the CPU is inter rupted. During monitoring: The inputs are monitored at the end of the cycle and the outputs at the start of the cycle. During modify: The inputs are modified at the start of the cycle and the outputs at the end of the cycle. Permanently, at start of scan cycle Permanently, at start of scan cycle RUN Will be executed until the user stops the action or the online connection to the CPU is inter rupted. Permanently, at end of scan cycle Permanently, at end of scan cycle RUN Will be executed until the user stops the action or the online connection to the CPU is inter rupted. Permanently, at transition to STOP Permanently, at transition from RUN to STOP RUN > STOP Will be executed until the user stops the action or the online connection to the CPU is inter rupted. Once only, at start of scan cycle Once only, at start of scan cycle RUN Ends automatically after being executed once. Once only, at end of scan cy Once only, at end of scan cycle cle RUN Ends automatically after being executed once. Once only, at transition to STOP STOP > RUN Ends automatically after being executed once. Once only, at transition from RUN to STOP Special features when using "Permanent" mode The "Permanent" mode is executed differently for the monitoring and modifying of tags. Monitoring: The inputs are monitored at the end of the cycle and the outputs at the start of the cycle. Modifying: The inputs are modified at the start of the cycle and the outputs at the end of the cycle. Selecting the trigger point The trigger points "Beginning of scan cycle", "End of scan cycle", and "Switch to stop" specify the time at which the tags are to be read from the CPU or updated in the CPU. The following diagram shows the position of these trigger points: WinCC Advanced V14 System Manual, 10/2016 4939 Programming the PLC 11.19 Testing the user program 3URFHVVLPDJHLQSXW 7ULJJHUSRLQW$WVWDUWRIVFDQF\FOH 2% 7ULJJHUSRLQW$WWUDQVLWLRQIURP 581WR6723 7ULJJHUSRLQW$WHQGRIVFDQF\FOH 3URFHVVLPDJHRXWSXW Position of the trigger points From the position of the trigger points, it follows that: Modifying of inputs is only appropriate at the beginning of the scan cycle (corresponding to the beginning of the user program OB 1), because otherwise the process image input is updated again after modifying and is thus overwritten. Modifying of outputs is only appropriate at the end of the scan cycle (corresponding to the end of the user program OB 1), because otherwise the process image output can be overwritten by the user program. The modified value is displayed in the "Monitor value" column, provided that monitoring is active and the modified value is not overwritten by the user program. Monitoring tags When tags are being modified, the following applies to the trigger points: If you have specified the modify mode as "once only", you will receive an alarm if the selected tags cannot be modified. In "permanent" modify mode, you do not receive an alarm. Note regarding the "Modify now" command You can modify the values of selected tags immediately using the "Online > Modify >Modify now" command. This command is executed once only and as quickly as possible without reference to a defined position (trigger point) in the user program. This function is used mainly for modifying when the CPU is in STOP mode. 4940 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program "Monitor all" command for tags Introduction The "Monitor all" command allows you to start monitoring the visible tags in the active watch table. The default setting for the monitoring mode in basic mode of the watch table is "permanent". In expanded mode, you can specify defined trigger points for the monitoring of tags. In this case, the tags are monitored with reference to the specified trigger points. NOTICE Danger of a time-out while monitoring peripheral inputs Note that the monitoring of peripheral inputs can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. Procedure To execute the "Monitor all" command, follow these steps: 1. Enter the tags to be monitored and the corresponding addresses in the watch table. 2. Switch to expanded mode by clicking the icon "Show/hide advanced setting columns" in the toolbar. 3. If you want to change the default monitoring mode for a tag, click the appropriate cell in the "Monitor with trigger" column and select the desired monitoring mode from the drop-down list. 4. Click the "Monitor all" icon in the toolbar. Result The tags of the active watch table are monitored using the monitoring mode selected. See also Icons in the watch table (Page 4926) Basic mode and expanded mode in the watch table (Page 4925) Entering tags in the watch table (Page 4929) WinCC Advanced V14 System Manual, 10/2016 4941 Programming the PLC 11.19 Testing the user program "Monitor now" command for tags Introduction The "Monitor now" command starts the monitoring of tags immediately without reference to defined trigger points. The tag values are read out once only and displayed in the watch table. NOTICE Danger of a time-out while monitoring peripheral inputs Note that the monitoring of peripheral inputs can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. Procedure To execute the "Monitor now" command, follow these steps: 1. Enter the tags to be monitored and the corresponding addresses in the watch table. 2. Click the "Monitor now" icon in the toolbar. Result The tags of the active watch table are monitored immediately and once only. See also Icons in the watch table (Page 4926) Basic mode and expanded mode in the watch table (Page 4925) Entering tags in the watch table (Page 4929) 4942 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 11.19.3.8 Modifying tags in the watch table Introduction to modifying tags Introduction The watch table allows you to modify the tags of the configured input and output modules in the CPU, depending on the monitoring and modify mode (Page 4938) selected. To monitor the tags, an online connection to the CPU must exist. DANGER Danger when modifying: Serious personal injury and material damage can result from changes in the tags or addresses during plant operation in the event of malfunctions or program errors! Make sure that dangerous conditions cannot occur before you execute the "Modify" function. NOTICE Danger of a time-out while controlling peripheral outputs Note that the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. NOTICE Danger due to modifying an identical operand in parallel with different modify values in more than one watch table When working with more than one watch table, avoid modifying identical operands permanently multiple times with different modify values. If an identical operand is modified permanently with different modify values at the same time in different watch tables, all watch tables will display the last modified value, because the modify value assigned last will be used in this case. WinCC Advanced V14 System Manual, 10/2016 4943 Programming the PLC 11.19 Testing the user program Options for modifying tags The following options are available for modifying tags: Modify to "0" This command modifies the selected address to the modify value "0". Modify to "1" This command modifies the selected address to the modify value "1". Modify once only and immediately This command modifies all selected addresses in the active watch table "once only and immediately". Modify with trigger This command modifies all selected addresses in the active watch table using the monitoring and modify mode (Page 4938) selected. The "Modify with trigger" function is only available in expanded mode. You will not receive an alarm indicating whether or not the selected addresses were actually modified with the specified value. You should use the "Modify once only and immediately" function if you require such a confirmation. Enable peripheral outputs This command disables the command output disable. This function can only be executed in expanded mode, when the CPU is in STOP and the option Force (Page 4968) of tags is not enabled. If desired, deactivate this function in the force table. Note When modifying, note the following: Modifying of tags cannot be undone. Modify tags to "0" Introduction You can assign one-time values to tags independent of the monitoring and modify mode and modify them. The modify command is executed as fast as possible, similar to a "Trigger now" command, without reference to a defined position in the user program. DANGER Danger when modifying: Serious personal injury and material damage can result from changes in the tags or addresses during plant operation in the event of malfunctions or program errors! Make sure that dangerous conditions cannot occur before you execute the "Modify" function. 4944 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program NOTICE Danger of a time-out while controlling peripheral outputs Note that the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. Procedure To modify tags to "0", follow these steps: 1. Enter the desired address in the watch table. 2. Select the "Online > Modify > Modify to 0" command in order to modify the selected address with the specified value. Result The selected address is modified to "0". Note When modifying, note the following: Modifying can not be undone! Modify tags to "1" Introduction You can assign one-time values to tags independent of the monitoring and modify mode and modify them. The modify command is executed as fast as possible, similar to a "Trigger now" command, without reference to a defined position in the user program. DANGER Danger when modifying: Serious personal injury and material damage can result from changes in the tags or addresses during plant operation in the event of malfunctions or program errors! Make sure that dangerous conditions cannot occur before you execute the "Modify" function. WinCC Advanced V14 System Manual, 10/2016 4945 Programming the PLC 11.19 Testing the user program NOTICE Danger of a time-out while controlling peripheral outputs Note that the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. Procedure To modify tags to "1", follow these steps: 1. Enter the desired address in the watch table. 2. Select the "Online > Modify > Modify to 1" command in order to modify the selected address with the specified value. Result The selected address is modified to "1". Note When modifying, note the following: Modifying can not be undone! "Modify now" command for tags Introduction You can assign one-time values to tags independent of the monitoring and modify mode and modify them immediately. The modify command is executed as fast as possible, similar to a "Trigger now" command, without reference to a defined position in the user program. DANGER Danger when modifying: Serious personal injury and material damage can result from changes in the tags or addresses during plant operation in the event of malfunctions or program errors! Make sure that dangerous conditions cannot occur before you execute the "Modify" function. 4946 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program NOTICE Danger of a time-out while controlling peripheral outputs Note that the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. Procedure To modify tags immediately, follow these steps: 1. Enter the desired addresses and modify values in the watch table. 2. Select the addresses to be modified by selecting the check boxes for modifying in the column after the "Modify value". A yellow triangle appears behind the selected check box, indicating that the address is now selected for modifying but has not yet been modified. 3. Select the "Online > Modify > Modify once and now" command in order to immediately modify the selected address once only with the specified value. Result The selected addresses are modified immediately and once only. Note When modifying, note the following: Modifying can not be undone! WinCC Advanced V14 System Manual, 10/2016 4947 Programming the PLC 11.19 Testing the user program "Modify with trigger" command for tags Introduction You can assign values to addresses dependent on the defined monitoring and modify mode and modify them. The modify command is executed as specified in the monitoring and modify mode, with reference to the defined trigger position in the user program. DANGER Danger when modifying: Serious personal injury and material damage can result from changes in the tags or addresses during plant operation in the event of malfunctions or program errors! Make sure that dangerous conditions cannot occur before you execute the "Modify" function. NOTICE Danger of a time-out while controlling peripheral outputs Note that the controlling of peripheral outputs in the watch table can result in a time-out. The CPU assumes the "STOP" mode. Requirements A watch table has been created. An online connection to the CPU exists. The watch table has to be in expanded mode. Procedure To modify tags "with trigger", follow these steps: 1. Enter the desired addresses and modify values in the watch table. 2. Select the addresses to be modified by selecting the check boxes for modifying in the column after the "Modify value". A yellow triangle appears behind the selected check box, indicating that the address is now selected for modifying but has not yet been modified. 3. Switch to expanded mode using the icon "Show/hide advanced settings columns" in the toolbar or the "Online > Expanded mode" command. The "Monitor with trigger" and "Modify with trigger" columns are displayed. 4948 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program 4. In the "Modify with trigger" column, select the desired modify mode from the drop-down list box. The following options are available: - Permanent - Permanently, at start of scan cycle - Once only, at start of scan cycle - Permanently, at end of scan cycle - Once only, at end of scan cycle - Permanently, at transition to STOP - Once only, at transition to STOP 5. Start modifying using the "Online > Modify > Modify with trigger" command. 6. Confirm the prompt with "Yes" if you want to start modifying with trigger. Result The selected tags are modified using the selected monitoring and modify mode. The yellow triangle is no longer displayed. Note When modifying, note the following: Modifying can not be undone! Enable peripheral outputs Introduction The "Enable peripheral outputs" function deactivates the command output disable of the peripheral outputs. You can then modify the peripheral outputs when the CPU is in STOP mode. This function is available in the watch table in "Expanded mode" only. DANGER Danger when enabling the peripheral outputs: Attention, the enabling of the peripheral outputs can cause serious personal injury and material damage! Make certain that dangerous conditions cannot occur before you execute the "Enable peripheral outputs" function. Prerequisites A watch table has been created. An online connection to the CPU exists. WinCC Advanced V14 System Manual, 10/2016 4949 Programming the PLC 11.19 Testing the user program The CPU is in STOP mode before you can enable the peripheral outputs. The watch table has to be in expanded mode. The option Force (Page 4968) of tags must not be enabled. Note "Enable peripheral outputs" function This function is possible only in STOP mode. The function is exited by an operating state change of the CPU and by the termination of the online connection. While the function is enabled, forcing is not possible. Procedure To enable the peripheral outputs in STOP mode, follow these steps: 1. Enter the desired addresses and modify values in the watch table. 2. Select the addresses to be modified by selecting the check boxes for modifying in the column after the "Modify value". A yellow triangle appears behind the selected check box, indicating that the address is now selected for modifying but has not yet been modified. 3. Switch to expanded mode using the icon "Show/hide advanced settings columns" in the toolbar or the "Online > Expanded mode" command. The "Monitor with trigger" and "Modify with trigger" columns are displayed. 4. Change the relevant CPU to STOP using the operator panel. 5. Right-click to open the shortcut menu and select "Enable peripheral outputs". 6. Confirm the prompt with "Yes" if you want to unlock the command output disable for the peripheral outputs. 7. Modify the peripheral outputs using the "Online > Modify > Modify now" command. Result The peripheral outputs are modified with the selected modify values. The yellow triangle is no longer displayed. 4950 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Enabling the peripheral outputs The "Enable peripheral outputs" function remains active until: The "Enable peripheral outputs" command is deactivated again via the shortcut menu or via the "Online > Modify > Enable peripheral outputs" command. The CPU is no longer in STOP mode. The online connection is terminated. Note When modifying, note the following: Modifying can not be undone! 11.19.4 Testing with the force table 11.19.4.1 Introduction for testing with the force table Overview You can use the force table to assign permanent values to individual tags of the user program. This action is referred to as "forcing". The following functions are available in the force table: Monitoring tags This allows the current values of the individual tags of a user program or a CPU to be displayed on the programming device or PC. Tags can be monitored with or without a trigger condition. Forcing tags This function lets you assign a fixed value to individual I/O tags of the user program. Monitoring and forcing tags The monitoring and forcing of tags is always dependent on the operand scope of the CPU used. The following tags can be monitored: Inputs, outputs, and bit memories Contents of data blocks Peripheral inputs The following tags can be forced: Peripheral inputs Peripheral outputs WinCC Advanced V14 System Manual, 10/2016 4951 Programming the PLC 11.19 Testing the user program Example Independent of the CPU used, only I/O can be forced, such as: "Tag_1":P or "QW0:P" or "IW0:P". Note that "Tag_1":P must not be the symbolic name of a bit memory. Possible applications One advantage of the force table is that you can simulate different test environments and overwrite tags in the CPU with a permanent value. This enables you to intervene in the ongoing process for regulating purposes. See also Layout of the force table (Page 4953) Basic mode and expanded mode in the force table (Page 4954) Icons in the force table (Page 4955) Open and edit force table (Page 4956) 11.19.4.2 Safety precautions when forcing tags Safety precautions when forcing tags Because the forcing function allows you to intervene permanently in the process, observance of the following notices is essential: DANGER Prevent personal injury and material damage! Note that an incorrect action when executing the "Force" function can: Harm persons or pose a health hazard. Cause damage to machinery or the entire plant. 4952 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program CAUTION Prevent personal injury and material damage! Before you start the "Force" function, you should ensure that no one else is currently executing this function on the same CPU. Forcing can only be stopped by clicking the "Stop forcing" icon or using the "Online > Force > Stop forcing" command. Closing the active force table does not stop the forcing! Forcing can not be undone! Review the differences between " modifying tags" (Page 4943) and "forcing tags" (Page 4968). If a CPU does not support the "Force" function, the relevant icons cannot be selected. If the function "Enable peripheral outputs" is active on your CPU, then forcing is not possible on this CPU. If desired, deactivate this function in the watch table. 11.19.4.3 Layout of the force table Introduction In the force table, enter the CPU-wide tags that you have defined and selected and which are to be forced in the allocated CPU. Only peripheral inputs and peripheral outputs can be forced. For each CPU created in the project, a force table will automatically be created in the "Watch and force tables" folder. Only one force table can be allocated to a CPU. This force table displays all the addresses forced in the allocated CPU. Layout of the force table The columns displayed in the force table depend on the mode you are working in: basic mode or expanded mode. In expanded mode the "Monitor with trigger" column is also displayed. WinCC Advanced V14 System Manual, 10/2016 4953 Programming the PLC 11.19 Testing the user program Meaning of the columns The following table shows the meaning of the individual columns in basic mode and expanded mode: Mode Column Basic mode Meaning Identification column Name Name of the inserted tag Address Address of the inserted tag Display format Selected display format Monitor value Values of the tags, dependent on the selected display for mat. Force value ("Force") The following additional col umn is shown in expanded mode: Value with which the tag is forced. Select the tag to be forced by activating the corresponding check box. Comment Comment for documentation of the tags Monitor with trigger Display of selected monitoring mode See also Icons in the force table (Page 4955) Basic mode and expanded mode in the force table (Page 4954) 11.19.4.4 Basic mode and expanded mode in the force table Difference between basic mode and expanded mode in the force table In expanded mode the "Monitor with trigger" column is also displayed in the force table. You will find a detailed list of the columns under Layout of the force table (Page 4953). Switching between basic mode and expanded mode You have the following options of toggling between the basic and expanded mode: Click the icon "Show/hide advanced setting columns". Click this icon again to return to the basic mode. Or: In the "Online" menu, select the "Expanded mode" check box. Deactivate this check box to return to the basic mode. 4954 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Functionality in expanded mode The following functionality is only possible in expanded mode: Monitor with trigger Monitor peripheral inputs 11.19.4.5 Icons in the force table Meaning of the icons The following table shows the meaning of the icons in the force table: Icon Meaning Identifies a table inside the project tree as a force table. Identification column Inserts a row before the selected row. Inserts a row after the selected row. Displays all columns of expanded mode. If you click this icon again, the col umns of the expanded mode will be hidden. Updates all operands and values currently being forced on the CPU in the open force table. Starts forcing for all addresses of the selected tags. If forcing is already run ning, the previous action is replaced without interruption. Stops forcing of addresses in the force table. Starts monitoring of the visible tags in the force table. The default setting for monitoring in basic mode is "permanent". In expanded mode an additional column is shown and you can set certain trigger points for monitoring tags. Starts monitoring of the visible tags in the force table. This command is exe cuted immediately and the tags are monitored once. Displays the check box for the selection of tags to be forced. Indicates that an address cannot be fully forced. Example: It is possible to force the address QW0:P, but it is not possible to force the address QD0:P because this address area is potentially not available on the CPU. Indicates that an address cannot be monitored. Indicates that an address is being forced. Indicates that an address is being partly forced. Indicates that the associated peripheral address is being forced. Indicates that a syntax error occurred. Indicates that the address is selected but has not been forced yet. WinCC Advanced V14 System Manual, 10/2016 4955 Programming the PLC 11.19 Testing the user program Icon Meaning Indicates that the selected tag was monitored for the value "1". Indicates that the selected tag was monitored for the value "0". Indicates that the address is being used more than once. Indicates that a substitute value is being used. Substitute values are values that are output to the process in case of signal output module faults or are used instead of a process value in the user program in case of signal input module faults. The substitute values can be assigned by the user (e.g., retain old value). See also Layout of the force table (Page 4953) 11.19.4.6 Open and edit force table Display force table Introduction You cannot create a new force table; one force table already exists for each CPU. It is permanently allocated to this CPU and cannot be copied or duplicated. Requirements A project with an allocated CPU has to be open. Displaying a force table The force table is always displayed below a CPU in the "Watch and force tables" folder. Open force table Requirements A project with an allocated CPU must be created. Procedure Proceed as follows to open a force table: 1. Open the "Watch and force tables" folder below the desired CPU. 2. Double-click the "Force table" in this folder. 4956 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Result The selected force table opens. Save force table Requirements A project with an allocated CPU has been created. Procedure Proceed as follows to save a force table: 1. Enter the desired changes in the force table. 2. Select the "Save" command in the "Project" menu or click the "Save project" icon in the toolbar. Note that this save operation will save the entire project. Result The contents of the force table and the associated project are saved. Note You cannot rename a force table. 11.19.4.7 Entering tags in the force table Basic principles for entering tags in the force table Recommended procedure Select the tags whose values you want to monitor or force, and enter them in the force table. When entering tags in the force table, please note that these tags must be previously defined in the PLC tag table. Example of filling out a force table You can enter the absolute address that is to be forced or monitored in the "Address" column or you can enter the symbolic name of the tag in the "Name" column. Select the display format you require from the drop-down list in the "Display format" column, if you do not want to use the default setting. WinCC Advanced V14 System Manual, 10/2016 4957 Programming the PLC 11.19 Testing the user program Now you have to decide whether you want to monitor or force the entered tags. Enter the required force value and a comment in the appropriate columns of the force table. Note that only peripheral inputs and peripheral outputs can be forced and review the Safety precautions when forcing tags (Page 4969). Create comment line If required, you can create a comment row by entering the string "//" in the "Name" column. Syntax check When you enter tags in the force table, the syntax of each cell will be checked when you exit the cell. Incorrect entries are marked in red. Note When you place the mouse pointer in a cell marked in red, brief information is displayed with additional notes on the error. Permitted operands for the force table Permitted operands for the force table The following table shows the operands that are permitted for forcing in the force table: Permitted operand Example of data type Example (International mnemon ics) Peripheral input/peripheral output BOOL I0.0:P; Q0.0:P Peripheral input/peripheral output BYTE IB1:P; QB1:P Peripheral input/peripheral output WORD IW2:P; QW3:P Peripheral input/peripheral output DWORD ID2:P; QD1:P The following table shows the operands that are permitted for monitoring in the force table: Permitted operand Example of data type Example (International mnemon ics) Input/output/bit memory BOOL I1.0, Q1.7, M10.1 I0.0:P Input/output/bit memory BYTE IB1/QB10/MB100 IB1:P Input/output/bit memory WORD IW1; QW10; MW100 IW2:P 4958 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Permitted operand Example of data type Example (International mnemon ics) Input/output/bit memory DWORD ID4; QD10; MD100 Timers TIMER T1 Counters COUNTER C1 Data block BOOL DB1.DBX1.0 Data block BYTE DB1.DBB1 Data block WORD DB1.DBW1 Data block DWORD DB1.DBD1 ID2:P Note You cannot enter "DB0..." because it is used by the system! Permitted force values for the force table Entering force values in the force table The following table shows the operands that are permitted for entering force values in the force table: Table 11-115 Bit operands Possible bit operands Example for permitted force values I1.0:P True I1.1:P False Q1.0P 0 Q1.1:P 1 I2.0:P 2#0 I2.1:P 2#1 Table 11-116 Byte operands WinCC Advanced V14 System Manual, 10/2016 Possible byte operands Example for permitted force values IB1:P 2#00110011 IB2:P B#16#1F QB14:P 1F QB10:P 'a' IB3:P 10 4959 Programming the PLC 11.19 Testing the user program Table 11-117 Word operands Possible word operands Example for permitted force values IW0:P 2#0011001100110011 IW2:P W#16#ABCD QW10:P ABCD QW12:P B#(12, 34) IW4:P 'ab' IW6:P 12300 IW8:P S5T#9S_300ms IW10:P C#123 IW12:P D#2006-12-31 Table 11-118 Double word operands Possible double word operands Example for permitted force values ID0:P 2#00110011001100110011001100110011 ID4:P 1.2 QD10:P 1.234.e4 QD14:P Dw#16#abcdef10 ID8:P 16#ABCDEF10 ID12:P b#(12,34,56,78) ID16:P L#-12 ID20:P L#12 ID24:P 123456789 ID28:P 123456789 ID32:P T#12s300ms ID36:P Tod#14:20:40.645 ID40:P P#e0.0 Overview of the display formats Display formats in the force table The display format you select specifies the representation of a tag value. When entering the address a display format is automatically preset. If you want to change this, you can select a display format from the drop-down list in the "Display formats" column. The drop-down list only offers the display formats which are valid for this data type. The display format that appears first in the list is the pre-selected format. 4960 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Example The following table shows the 32-bit data types permitted for all CPU families in the force table and their possible display formats: Data type WinCC Advanced V14 System Manual, 10/2016 Possible display formats BOOL Bool, Hex, BCD, Octal, Bin, Dec, Dec+/- BYTE Hex, BCD, Octal, Bin, Dec, Dec+/-, Character WORD Hex, BCD, Octal, Bin, Dec, Dec+/-, Dec_Sequence, Character, SIMAT IC_Time, Date, Unicode_Character, Counter DWORD Hex, BCD, Octal, Bin, Dec, Dec+/-, Dec_Sequence, Character, Floating-point number, Time of day, Timer, Unicode_Character SINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character INT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, SIMATIC_Time, Counter, Date DINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Timer USINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character UINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, SIMATIC_Time, Counter, Date UDINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Timer REAL Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Sequence, Time of day, Timer DATE Date, Dec, Hex, Bin TIME_OF_DAY Time of day, Dec, Hex, Bin TIME Timer, Hex, Bin, Dec, Dec+/- DATE_AND_TIME Date and time, TIMER SIMATIC_Time, Hex, BCD, Bin CHAR Character, Hex, BCD, Octal, Bin, Dec, Dec+/- WCHAR Unicode_Character, Character, Hex, BCD, Octal, Bin, Dec, Dec+/- STRING Character string WSTRING Unicode_character string POINTER Pointer, Hex COUNTER Counter, Hex, BCD, Bin S5TIME SIMATIC_Time, Hex, BCD, Bin 4961 Programming the PLC 11.19 Testing the user program For the S7-1200 CPU family, all 32-bit data types are permitted (see table above), as well as the 64-bit data type LREAL with the following possible display formats: Data type Possible display formats LREAL In a project created with TIA Portal < V12: Floating-point number Note: The display of LREAL is limited to 13 digits plus exponent. LREAL In a project created with TIA Portal >= V12: Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Sequence, Time of day, Time, Date and time Note: The display of LREAL is limited to 13 digits plus exponent. For the S7-1500 CPU family, in addition to 32-bit data types, the 64-bit data types listed in the table are also permitted with the following possible display formats: Data type Possible display formats LWORD Hex, Octal, BCD, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Se quence, Floating-point number, Time of day, Time, Date and time LINT Dec+/-, Dec, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Time, Date and time ULINT Dec, Dec+/-, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec_Se quence, Time of day, Time, Date and time LREAL Floating-point number, Hex, BCD, Octal, Bin, Character, Unicode_Character, Dec, Dec+/-, Dec_Sequence, Time of day, Time, Date and time LTIME Timer, Dec+/-, Dec, Hex, Bin LTOD Dec, Hex, Bin, Time of day LDT Dec, Hex, Date and time, Bin For more information, refer to the description of the valid data types (Page 2131). Note Rounding of floating-point numbers In the force table, floating-point numbers are stored as binary numbers in IEEE format. Because not every floating point number (real, longreal) that can be displayed on the user interface can be mapped to the IEEE format, there is a possibility that floating-point numbers will be rounded. If a rounded floating-point number in the force table is copied and, in turn, inserted in another input field, the rounding may cause a slight difference. 4962 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Note Only symbolic addressing is possible In the force table, LongDataTypes such as LWORD or LREAL can only be addressed symbolically. Selecting the display format for tags Procedure To select the display format of the tags, follow these steps: 1. Enter the desired address in the force table. 2. Click the desired cell in the "Display format" column, and open the drop-down list. The permitted display formats are shown in the drop-down list. 3. Select the desired display format from the drop-down list. Note If the selected display format cannot be applied, then the last selected display format will be displayed automatically. Creating and editing comment lines Basic principles of comment lines In addition to the row-related comments in the comment column, you can now also create complete comment lines to enhance the structure of the force table. The contents of the comment line are stored in the "Languages & Resources" folder in the "Project texts" tab and can be compiled in other project languages. Creating comment lines To create comment lines, follow these steps: 1. Open the force table and enter the required addresses. 2. To create a comment line, enter the character string "//" in the "Name" column. No comment lines can be created in the other columns. WinCC Advanced V14 System Manual, 10/2016 4963 Programming the PLC 11.19 Testing the user program 3. Enter the required comment in the comment line. The entered comment is shown in green. 4. To show all comments you entered, double-click "Project texts" in the project tree under "Languages & Resources". 5. If you are working in multi-lingual projects and want your comment to be translated into other languages, you can set the project languages required in addition to the editing language in the project tree under "Languages & Resources > Project languages". Deleting comment lines To delete comment lines, follow these steps: 1. Open a force table containing comment lines. 2. Delete the entire comment including the introductory string "//", if you no longer require this. 3. Alternatively, delete only the introductory string "//". In this case the existing comment is retained and is displayed in the "Comment" column in the force table. Note Deleting comment lines When you delete comment lines the project languages and any existing translations for these comments are also deleted. 11.19.4.8 Monitoring tags in the force table Introduction to monitoring tags in the force table Introduction Use the force table to monitor the tags of the configured input and output modules in the CPU, dependent on the monitoring mode (Page 4965) you have selected. An online connection to the CPU must exist to monitor tags. 4964 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Options for monitoring tags The following options are available for monitoring tags: Monitor all This command starts the monitoring of all visible tags in the active force table, dependent on the selected monitoring mode: - In basic mode, the monitoring mode is set to "permanent" by default. - In expanded mode, you can specify defined trigger points for the monitoring of tags. Note If the monitoring mode is changed while in expanded mode and then a switch is made to basic mode, the monitoring mode set before will also be applied in basic mode. Monitor now This command starts the monitoring of the visible tags in the active force table immediately and once only. CPU-specific limitations when monitoring tags The following CPU-specific differences exist: CPU S7-300/400: CPUs from this family can only monitor the first 30 characters of a string. CPU S7-1200: CPUs from this family can monitor a string up to the total size of 254 characters. Setting the monitoring mode in the force table Introduction By selecting the monitoring mode, you specify the trigger point and the duration of tag monitoring in the force table. Possible monitoring mode (duration of monitoring) The following selection options are available: Permanent Once only, at start of scan cycle Once only, at end of scan cycle Permanently, at start of scan cycle Permanently, at end of scan cycle Once only, at transition to STOP Permanently, at transition to STOP WinCC Advanced V14 System Manual, 10/2016 4965 Programming the PLC 11.19 Testing the user program Special features when using "Permanent" mode The "Permanent" mode is executed as follows for the monitoring of tags: The inputs are monitored at the end of the cycle and the outputs at the start of the cycle. Selecting the trigger point The trigger points "Beginning of scan cycle", "End of scan cycle", and "Switch to stop" specify the time at which the tags are to be read from the CPU or updated in the CPU. The following diagram shows the position of these trigger points: 3URFHVVLPDJHLQSXW 7ULJJHUSRLQW$WVWDUWRIVFDQF\FOH 2% 7ULJJHUSRLQW$WWUDQVLWLRQIURP 581WR6723 7ULJJHUSRLQW$WHQGRIVFDQF\FOH 3URFHVVLPDJHRXWSXW "Monitor all" command for tags Introduction Use the "Monitor all" command to start monitoring the visible tags in the active force table. In basic mode of the force table, the default setting for the monitoring mode is "permanent". In expanded mode, you can specify defined trigger points for the monitoring of tags. In this case, the tags are monitored with reference to the specified trigger points. Requirements An online connection to the CPU exists. 4966 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Procedure To execute the "Monitor all" command, follow these steps: 1. Enter the tags to be monitored and the corresponding addresses in the force table. 2. Switch to expanded mode by clicking the icon "Show/hide advanced setting columns" in the toolbar. 3. If you want to change the default monitoring mode for a tag, click the appropriate cell in the "Monitor with trigger" column and select the desired monitoring mode from the drop-down list. 4. Click the "Monitor all" icon in the toolbar. Result The tags of the active force table will be monitored using the set monitoring mode. "Monitor now" command for tags Introduction The "Monitor now" command starts the monitoring of tags immediately without reference to defined trigger points. The tag values are read out only once and displayed in the force table. Requirements An online connection to the CPU exists. Procedure To execute the "Monitor now" command, follow these steps: 1. Enter the tags to be monitored and the corresponding addresses in the force table. 2. Click the "Monitor now" icon in the toolbar. Result The tags of the active force table are monitored immediately and once only. WinCC Advanced V14 System Manual, 10/2016 4967 Programming the PLC 11.19 Testing the user program 11.19.4.9 Forcing tags in the force table Introduction to forcing tags Introduction You can use the force table to assign permanent values to individual tags of the user program. This action is referred to as forcing. Only peripheral inputs and peripheral outputs can be forced. To use the forcing function, you must have an online connection to the CPU and the utilized CPU must support this functionality. If you open a force table in the "Watch and force tables" folder below a CPU on which a force job is already running, you will first be prompted to update the display of the forced operand. Forcing or stopping forcing in the open force table is only possible following this command. Possible applications By permanently assigning defined values to tags, you can specify defined default settings for your user program and, thus, test the programmed functions. Forcing is possible in basic mode and in expanded mode (Page 4954). Caution when forcing tags Before forcing, make sure that you review the safety precautions for this procedure (Page 4969). DANGER Prevent personal injury and material damage! Remember that an incorrect action when executing the "Force" function can: Harm persons or pose a health hazard. Cause damage to machinery or the entire plant. Options for forcing tags The following options are available for forcing tags: Force to "0" This command forces the selected address in the CPU to the force value "0". Force to "1" This command forces the selected address in the CPU to the force value "1". 4968 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Force all This command starts the forcing of enabled addresses in the active force table or replaces an existing force job without interruption. Stop forcing This command stops the forcing of all addresses in the active force table. Constraints when forcing tags Note the following constraints when forcing: Forcing is always dependent on the operand scope of the CPU used. In principle, only peripheral inputs and peripheral outputs can be forced. If the function "Enable peripheral outputs" is active on your CPU, then forcing is not possible. If desired, deactivate this function in the watch table. Unique aspects when forcing tags Note that forcing of tags will overwrite values in the CPU and will continue even after the online connection to the CPU is terminated. Stop forcing Terminating the online connection is not sufficient to stop the forcing operation! To stop forcing, you must select the "Online > Force > Stop forcing" command. Only then will the tags that are visible in the active force table no longer be forced. Stop forcing of individual tags The "Online > Force > Stop forcing" command always applies to all tags displayed in the force table. To stop forcing individual tags, you must clear the check mark for forcing of these tags in the force table and restart forcing using the "Online > Force > Force all" command. Safety precautions when forcing tags Safety precautions when forcing tags Because the forcing function allows you to intervene permanently in the process, observance of the following notices is essential: DANGER Prevent personal injury and material damage! Note that an incorrect action when executing the "Force" function can: Harm persons or pose a health hazard. Cause damage to machinery or the entire plant. WinCC Advanced V14 System Manual, 10/2016 4969 Programming the PLC 11.19 Testing the user program CAUTION Prevent personal injury and material damage! Before you start the "Force" function, you should ensure that no one else is currently executing this function on the same CPU. Forcing can only be stopped by clicking the "Stop forcing" icon or using the "Online > Force > Stop forcing" command. Closing the active force table does not stop the forcing! Forcing can not be undone! Review the differences between " modifying tags" (Page 4943) and "forcing tags" (Page 4968). If a CPU does not support the "Force" function, the relevant icons cannot be selected. If the function "Enable peripheral outputs" is active on your CPU, then forcing is not possible on this CPU. If desired, deactivate this function in the watch table. Updating forced operands Introduction If a force job is already running on a CPU, after opening the force table, you first need to make sure that the operands and values currently being forced on the CPU are displayed in the force table. The command "Online" > "Force" > "Update forced operands" updates all operands and values currently being forced on the CPU in the open force table. "Force" or "Stop forcing" in the open force table is only possible following this command. Caution when forcing tags Before forcing, make sure you are familiar with the safety precautions when forcing tags (Page 4969). DANGER Prevent personal injury and material damage! Remember that an incorrect action when executing the "Force" function can: Harm persons or pose a health hazard. Cause damage to machinery or the entire plant. 4970 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Requirement An online connection to the CPU is possible. A force job is currently running on the CPU being used. Procedure To update the forced operands and values, follow these steps: 1. Open a force table. 2. Establish an online connection to the CPU. 3. Confirm the "Update forced operands" dialog that follows with "Yes". Result All forced operands in the open force table are updated with the relevant values. A red "F" is displayed in the first column indicating which operands are being forced. This enables the "Force all" and "Stop forcing" buttons and you can select these functions. Note When forcing, note the following: Forcing cannot be undone! Terminating the online connection does not stop the forcing function! To stop forcing, the forced address must be visible in the active force table. Force tags to "0" Introduction You can use the force function to assign permanent values to individual tags of a user program. WinCC Advanced V14 System Manual, 10/2016 4971 Programming the PLC 11.19 Testing the user program Caution when forcing tags Before forcing, you must review the safety precautions when forcing tags (Page 4969). DANGER Prevent personal injury and material damage! Note that an incorrect action when executing the "Force" function can: Pose a risk to the life or health of persons. Cause damage to machinery or the entire plant. Requirements An online connection to the CPU exists. The utilized CPU supports the force function. The "Enable peripheral outputs" function is not enabled on the CPU on which the tags are to be forced. If desired, deactivate this function in the watch table. Procedure To force tags to "0", follow these steps: 1. Open the force table. 2. Enter the desired address in the force table. 3. Select the "Online > Force> Force to 0" command in order to force the selected address with the specified value. 4. Confirm the next dialog with "Yes". Result The selected address is forced to "0". The yellow triangle is no longer displayed. A red "F" is displayed in the first column, for example, indicating that the tag is being forced. Stop forcing To stop forcing, follow these steps: 1. Open the force table. 2. Select the "Online > Force > Stop forcing" command. 3. Confirm the next dialog with "Yes". 4972 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Result Forcing of the selected values is stopped. The red "F" in the first column is no longer displayed. The yellow triangle reappears behind the check box again to indicate that the address is selected for forcing but is not being forced at the moment. Note When forcing, note the following: Forcing cannot be undone! Terminating the online connection does not stop the forcing! To stop forcing, the forced address must be visible in the active force table. Force tags to "1" Introduction You can use the force function to assign permanent values to individual tags of a user program. Caution when forcing tags Before forcing, you must review the safety precautions when forcing tags (Page 4969). DANGER Prevent personal injury and material damage! Note that an incorrect action when executing the "Force" function can: Endanger the life or health of personnel Cause damage to machinery or the entire plant. Requirements An online connection to the CPU exists. The utilized CPU supports the force function. The "Enable peripheral outputs" function is not enabled on the CPU on which the tags are to be forced. If desired, deactivate this function in the watch table. WinCC Advanced V14 System Manual, 10/2016 4973 Programming the PLC 11.19 Testing the user program Procedure To force tags to "1", follow these steps: 1. Open the force table. 2. Enter the desired address in the force table. 3. Select the "Online > Force> Force to 1" command in order to force the selected address with the specified value. 4. Confirm the next dialog with "Yes". Result The selected address is forced to "1". The yellow triangle is no longer displayed. A red "F" is displayed in the first column, for example, indicating that the tag is being forced. Stop forcing To stop forcing, follow these steps: 1. Open the force table. 2. Select the "Online > Force > Stop forcing" command. 3. Confirm the next dialog with "Yes". Result Forcing of the selected values is stopped. The red "F" in the first column is no longer displayed. The yellow triangle reappears behind the check box again to indicate that the address is selected for forcing but is not being forced at the moment. Note When forcing, note the following: Forcing cannot be undone! Terminating the online connection does not stop the forcing! To stop forcing, the forced address must be visible in the active force table. "Force all" command for tags Introduction You can use the force function to assign permanent values to individual tags of a user program. If forcing is already active, this forcing operation is replaced without interruption by the "Online > Force > Force all" command. Any forced addresses that are not selected will no longer be forced. 4974 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Caution when forcing tags Before forcing, you must review the safety precautions when forcing tags (Page 4969). DANGER Prevent personal injury and material damage! Note that an incorrect action when executing the "Force" function can: Pose a risk to the life or health of persons. Cause damage to machinery or the entire plant. Requirements An online connection to the CPU exists. The utilized CPU supports the force function. The "Enable peripheral outputs" function is not enabled on the CPU on which the tags are to be forced. If desired, deactivate this function in the watch table. Procedure To force tags with the "Online > Force > Force all" command, follow these steps: 1. Open the force table. 2. Enter the desired addresses and force values in the force table. 3. Select the addresses to be forced by selecting the check boxes for forcing in the column after the "Force value". A yellow triangle appears behind the selected check box, indicating that the address is selected for forcing but is not being forced at the moment. 4. Select the "Online > Force> Force all" command in order to force the selected addresses with the specified values. 5. Confirm the next dialog with "Yes". Result The selected addresses are forced to the specified values. The yellow triangle is no longer displayed. A red "F" is displayed in the first column, for example, indicating that the tag is being forced. WinCC Advanced V14 System Manual, 10/2016 4975 Programming the PLC 11.19 Testing the user program Stop forcing To stop forcing, follow these steps: 1. Open the force table. 2. Select the "Online > Force > Stop forcing" command. 3. Confirm the next dialog with "Yes". Result Forcing of the selected addresses is stopped. The red "F" in the first column is no longer displayed. The yellow triangle reappears behind the check box again to indicate that the address is selected for forcing but is not being forced at the moment. Note When forcing, note the following: Forcing cannot be undone! Terminating the online connection does not stop the forcing! To stop forcing, the forced address must be visible in the active force table. 11.19.4.10 Stop forcing tags Stop forcing all tags Introduction Note the following before you stop forcing tags: Stopping forcing cannot be undone! Terminating the online connection does not stop the forcing! To stop forcing, the forced address must be visible in the active force table. 4976 WinCC Advanced V14 System Manual, 10/2016 Programming the PLC 11.19 Testing the user program Caution when forcing tags Before forcing, you must review the safety precautions when forcing tags (Page 4969). DANGER Prevent personal injury and material damage! Note that an incorrect action when stopping the "Force" function can: Pose a risk to the life or health of persons. Cause damage to machinery or the entire plant. Requirements Tags are forced in a force table. An online connection to the CPU exists. The utilized CPU supports the force function. The "Enable peripheral outputs" function is not enabled on the CPU on which the tags are to be forced. If desired, deactivate this function in the watch table. Procedure Proceed as follows to stop forcing all tags : 1. Open the force table. 2. Select the "Online > Force > Stop forcing" command in order to stop forcing the displayed addresses. 3. Confirm the "Stop forcing" dialog with "Yes". Result The forcing of all tags is stopped. The red "F" in the first column is no longer displayed. The yellow triangle reappears behind the check box again to indicate that the address is flagged for forcing but is not being forced at the moment. Stop forcing individual tags Introduction Note the following before you stop forcing tags: Stopping forcing cannot be undone! Terminating the online connection does not stop the forcing! To stop forcing, the forced address must be visible in the active force table. WinCC Advanced V14 System Manual, 10/2016 4977 Programming the PLC 11.19 Testing the user program Caution when forcing tags Before forcing, you must review the safety precautions when forcing tags (Page 4952). DANGER Prevent personal injury and material damage! Note that an incorrect action when stopping the "Force" function can: Pose a risk to the life or health of persons. Cause damage to machinery or the entire plant. Requirements Tags are forced in a force table. An online connection to the CPU exists. The utilized CPU supports the force function. The "Enable peripheral outputs" function is not enabled on the CPU on which the tags are to be forced. If desired, deactivate this function in the watch table. Procedure Proceed as follows to stop forcing individual tags : 1. Open the force table. 2. Deactivate the check boxes for the addresses that are no longer to be forced. 3. Reselect the "Online > Force" command. Result Forcing of the disabled addresses will be stopped. The red "F" in the first column is no longer displayed. The yellow triangle reappears behind the check box again to indicate that the address is flagged for forcing but is not being forced at the moment. 4978 WinCC Advanced V14 System Manual, 10/2016 12 Visualizing processes 12.1 Creating screens 12.1.1 Basics 12.1.1.1 Elements and basic settings Screen basics (Basic Panels, Panels, RT Advanced) Introduction In WinCC you create screens that an operator can use to control and monitor machines and plants. When you create your screens, the object templates included support you in visualizing processes, creating images of your plant, and defining process values. Application example The figure shows a screen that was created in WinCC. With the help of this screen, the operator can operate and monitor the mixing station of a fruit juice manufacturing system. Fruit juice base is supplied from various tanks to a mixing unit. The screen indicates the fill level of the tanks. 7DQNV 0L[HU Screen design Insert an object you need to represent a process into your screen. Configure the object to correspond to the requirements of your process. WinCC Advanced V14 System Manual, 10/2016 4979 Visualizing processes 12.1 Creating screens A screen may consist of static and dynamic elements. Static elements such as text or graphic objects do not change their status in runtime. The tank labels (W, K, Z, A) shown in this example of a mixing unit are static elements. Dynamic elements change their status based on the process. Visual current process values as follows: - From the memory of the PLC - From the memory of the HMI device in the form of alphanumeric displays, trends and bars. Input fields on the HMI device are also considered dynamic objects. The fill level values of the tanks in our example of a mixing plant are dynamic objects. Process values and operator inputs are exchanged between the controller and the HMI device via tags. Screen properties The screen layout is determined by the features of the HMI device you are configuring. It corresponds with the layout of the user interface of this device. If the set HMI device has function keys, the screen shows these function keys. Other properties such as the screen resolution, fonts and colors are also determined by the characteristics of the selected HMI. Function keys A function key is a key on the HMI device to which you can assign one or several functions in WinCC. The functions are triggered as soon as the operator presses the key on the HMI device. A function key can be assigned global or local functions: Global function keys always trigger the same action, regardless of the currently displayed screen. Local function keys trigger different actions depending on the currently displayed screen on the HMI device. This assignment applies only to the screen in which you have defined the function key. Navigation You configure a screen navigation to enable the operator to call a screen on the HMI device in Runtime. The "Screen" editor is used to configure buttons for calling other screens. You use the "Global Screen" editor to configure globally assigned function keys. See also Steps (Page 4985) Basics on working with templates (Page 4990) Task cards (Page 4982) 4980 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Device-dependent functional scope of screens (Page 4981) Overview of objects (Page 5025) Basics on dynamizing screens (Page 5106) Basics on working with layers (Page 5142) Basics on libraries (Page 6113) Basics on faceplates (Page 5148) Bar (Page 5193) Basics on screen navigation (Page 5180) Basics on text lists (Page 5084) Basic principles of graphics lists (Page 5095) Device-dependent functional scope of screens Introduction The functions of an HMI device determine the display of the device in WinCC and the scope of functions of the editors. The following screen properties are determined by the functions of the selected HMI device: Device layout Screen resolution Number of colors Fonts Objects available Device layout The device layout of a screen forms the image of the HMI device in your configuration. The device layout of the screen shows all the function keys available on the HMI device, for example. Screen resolution The screen resolution is determined by the different display dimensions of the various operator panels. You can only change the screen resolution if you configure the "WinCC Runtime Advanced" or "WinCC Runtime Professional" HMI device. Number of colors You can assign colors to the screen objects. The number of possible colors is determined by the color depth and specific colors supported on the selected HMI device. WinCC Advanced V14 System Manual, 10/2016 4981 Visualizing processes 12.1 Creating screens Fonts You can customize the appearance of the texts in all the screen objects that contain static or dynamic text. How to highlight individual texts in a screen. Select the font, font style and size, and set additional effects such as underscoring, for example. The settings for the text markups such as font style and effects always refer to the entire text of a screen object. That is, you can display the complete title in bold format, but not its individual characters or words, for example. Objects available Some of the screen objects can not be configured globally for all HMI devices. These screen objects are not displayed in the "Tools" task card. For a KTP 1000 touch panel unit you can not configure a slider, for example. See also Screen basics (Page 4979) Task cards Introduction The following task cards are available in the "Screens" editor: Toolbox: Display and operating objects Animations: Templates for dynamic configuration 4982 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout: Aid for customizing the display Libraries: Administration of the project library and of the global libraries Note WinCC Basic The "Animations" task card is not available in WinCC Basic. Toolbox The "Toolbox" task card contains objects in different panes: Basic objects Elements Controls User controls (optional) Graphics You paste objects from the palettes into your screens by drag&drop or a double click. The objects available for selection are determined by the features of the HMI device you are configuring. The following icons are used to change the display mode: Icon Meaning Displays the objects as a list. Displays the objects as a graphic. Animations The "Animations" task card contains the possible dynamizations of a screen object in the palettes. You paste the animations to a screen object by drag&drop or a double click from the "Movements", "Display" and "Tag Binding" palettes. Layout The "Layout" task card contains the following panes for displaying objects and elements: Layers: Serves to manage screen object layers The layers are displayed in a tree view and contain information about the active layer and the visibility of all layers. Grid: You specify whether you want to align the objects to a grid or to other objects and set the grid size for a grid. Objects out of range: Objects that lie outside the visible area are displayed with name, position and type. WinCC Advanced V14 System Manual, 10/2016 4983 Visualizing processes 12.1 Creating screens Libraries The "Libraries" task card show the following libraries in separate panes: Project library: The project library is stored together with the project. Global library: The global library is stored in a separate file in the specified path on your configuration PC. See also Moving the view (Page 4984) Zooming the view (Page 4985) Screen basics (Page 4979) Moving the view Introduction To display only a section of the entire screen in the work area, use the editor: icon of the "Screens" Requirement A screen is open. The view shows only a screen section. Procedure To move the view: 1. Click the icon at the bottom right corner of the work area and press the left mouse button. A miniature view of the full screen is shown. An orange frame shows the currently selected area. 2. Hold down the mouse button and drag the frame to the desired area. Note The screen is scrolled when you drag a screen object from the visible to a currently hidden section. See also Task cards (Page 4982) 4984 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Zooming the view Introduction To view a small screen section in closer detail, use the zoom tool to magnify the screen in the working area. The maximum zoom amounts to 800%. You can zoom with the toolbar in the work area or with the "Layout > Zoom" task card. There are different ways to increase the screen, for example, with the zoom factor or by adapting the work area to the height of the screen. Requirement The screen is opened. Procedure Proceed as follows to zoom a view with the selection frame: 1. Click the toolbar button. 2. Use the mouse to draw a selection frame in the screen. After you have released the mouse button, the section enclosed by the selection frame is zoomed to fit the complete work area. Alternatively, use the slider in the lower right-hand corner of the screen. Result The selected screen section is magnified. See also Task cards (Page 4982) 12.1.1.2 Working with screens Steps (Basic Panels, Panels, RT Advanced) Steps To create screens, you need to take the following initial steps: Plan the structure of the process visualization: Number of screens and their layout Example: Subprocesses are visualized in separate screens, and merged in a master screen. Define your screen navigation control strategies. WinCC Advanced V14 System Manual, 10/2016 4985 Visualizing processes 12.1 Creating screens Adapt the templates and the global screen. You define objects centrally and assign function keys for example. Create the screens. Use the following options of efficient screen creation: - Working with libraries - Working with layers - Working with faceplates See also Creating a new screen (Page 4986) Managing screens (Page 4987) Defining the start screen of the project (Page 4988) Screen basics (Page 4979) Creating a new screen (Basic Panels, Panels, RT Advanced) Introduction Create screens to display processes in your system. Requirement The project has been created. The Inspector window is open. 4986 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Double-click "Screens > Add New Screen" in the project navigation. The screen is generated in the project and appears in your view. The screen properties are shown in the Inspector window. 2. Enter a meaningful name for the screen. 3. Configure the screen properties in the Inspector window: - Specify whether and on which template the screen is based. - Set the "Background Color" and the "Screen Number." - Specify a documenting text under "Tooltip". - Specify the layers to be displayed under "Layers" in the engineering system. - Select dynamic screen update under "Animations." - Select "Events" to define which functions you want to execute in Runtime when you call and exit the screen or at other events. Note Not all HMI devices support the "Visibility" animation. Result You created the screen in your project. You can now paste objects and control elements from the "Tools" task card and assign function keys in further work steps. See also Steps (Page 4985) Managing screens (Basic Panels, Panels, RT Advanced) Introduction You can move screens within a project to other groups, or copy, rename, and delete them. Moving screens in a group 1. Select the "Screens" folder in the project tree. 2. Select the "Add group" command from the shortcut menu. A folder called "Group_x" is inserted. 3. Select the screen in the project tree. 4. Drag-and-drop the screen to the required group. The screen is moved into this group. WinCC Advanced V14 System Manual, 10/2016 4987 Visualizing processes 12.1 Creating screens Copy screen 1. Select the screen in the project tree. 2. Select the "Copy" command in the shortcut menu to copy the screen to the clipboard. 3. In the project tree, select the screen insert position. 4. Select "Paste" from the shortcut menu to insert the screen. A copy of the screen is inserted. A consecutive number is appended to the name of the original in the copy. Alternatively, press <Ctrl> while you drag the screen to the required position. Note If you copy a screen with interconnected template for several devices and projects, the template will also be copied. Any existing matching template is not used. This holds particularly true when you copy the screens with drag-and-drop. Rename screen 1. Select the screen in the project tree. 2. Select "Rename" from the shortcut menu. 3. Type in a new name. 4. Press <Enter>. As an option, use the <F2> function key to rename the screen. Delete screen 1. Select the screen in the project tree. 2. Select "Delete" from the shortcut menu. The screen and all its objects are deleted from the current project. See also Steps (Page 4985) Defining the start screen of the project (Basic Panels, Panels, RT Advanced) Introduction The start screen is the initial screen opened at the start of project in Runtime. You can define a different start screen for each one of the HMI devices. Beginning at this start screen, the operator calls the other screens. 4988 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Requirement The project contains the screen you want to use as the start screen. Procedure 1. Double-click "Runtime settings > General" in the project tree. 2. Select the desired screen as "Start screen". Alternatively select a screen in the project tree and select "Use as start screen" in the shortcut menu. Result The start screen opens on the HMI at the start of Runtime. See also Steps (Page 4985) WinCC Advanced V14 System Manual, 10/2016 4989 Visualizing processes 12.1 Creating screens Changing the screen resolution (RT Advanced) You change the screen resolution in the Runtime settings of the HMI device. The screen resolution can be configured for the following HMI devices: RT Advanced Configuring a fixed screen resolution 1. Open the Runtime settings of the HMI device. 2. Select the screen resolution under "General > Screen > Screen resolution". 12.1.1.3 Working with templates Basics on working with templates (Basic Panels, Panels, RT Advanced) Introduction Configure the objects in a template which are to be displayed in all screens based on this template. Note the following rules: A screen must not be based on a template. A screen is only based on one template. 4990 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens You can create several templates for one device. A template cannot be based on another template. Objects for a template You determine functions and objects in the template which are to apply for all screens based on this template: Assignment of function keys: You also assign the function keys in the template for HMI devices with function keys. This assignment overwrites a possible global assignment. Permanent areas: Some devices support a permanent area for all screens in the top area of the screen. In contrast to the template, the permanent area occupies an area of the screen for itself alone. Operator controls: You can paste all screen objects which you also use for a screen into a template. Application examples You want to assign the ActivateScreen" function to a function key in the template. The operator uses this key to switch to another screen in runtime. This configuration applies to all screens that are based on this template. A graphic with your company logo can be added to the template. The logo appears on all screens that are based on this template. Note If an object from the template has the same position as an object in the screen, the template object is covered. See also Managing templates (Page 4993) Creating a new template (Page 4994) Global screen (Page 4991) Screen basics (Page 4979) Using a template in the screen (Page 4996) Configuring permanent areas in the template (Page 4995) Global screen (Basic Panels, Panels, RT Advanced) Introduction You define global elements for all screens of an HMI device independently of the used template. WinCC Advanced V14 System Manual, 10/2016 4991 Visualizing processes 12.1 Creating screens Function keys For HMI devices with function keys you assign the function keys globally in the "Global Screen" editor. This global assignment applies for all screens of the HMI device. Proceed as follows to assign function keys locally in screens or templates: 1. Click the function key in your screens or templates. 2. Deactivate "Properties > Properties > General > Use Global Assignment" in the inspection window. Indicator and control objects for alarms The "Alarm window" and "Alarm indicator" objects that are available as global objects are configured within the "Global screen" editor. The "Alarm window" and "Alarm indicator" are always shown in the foreground. For Comfort Panels you also have the possibility of configuring a "System diagnostic view" in the global screen. Note If you have configured a permanent area in a template, do not position the alarm window and alarm indicator in the area of the permanent area. Otherwise, the alarm window and the alarm indicator will not be displayed in Runtime. However, the permanent area is not visible in the "Global screen" editor. 4992 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Order of configuration of screens The following order applies for the configuration: The global screen comes before screens and templates Screens come before templates 7HPSODWH 6FUHHQ 6FUHHQ *OREDOVFUHHQ 6\VWHP /D\HU /D\HU /D\HU The system layer is not configurable. This contains input dialog boxes alarms from the operating system the direct keys for touch panels See also Basics on working with templates (Page 4990) Managing templates (Basic Panels, Panels, RT Advanced) Introduction You can move, copy, rename, and delete templates within a project in the Project window. Moving a template into a group 1. Select the templates in the project navigation "Screen management > Templates". 2. Select "Add group" in the shortcut menu. A folder called "Group_x" is inserted. WinCC Advanced V14 System Manual, 10/2016 4993 Visualizing processes 12.1 Creating screens 3. Select the template in the project navigation. 4. Drag-and-drop the template to the required group. The template is moved to this group. Copying templates 1. Select the template in the project navigation. 2. Select "Copy" in the shortcut menu. 3. Select the position in the project navigation where you want to paste the template. 4. Select "Paste" from the shortcut menu to insert the template. A unique name is assigned automatically to the copy. Alternatively, you can hold down the <Ctrl> key, and drag the template into position. Deleting a template 1. In the project navigation, select the template to be deleted. 2. Select "Delete" in the shortcut menu. The template, and all its objects are deleted from the current project. Assigning a template to a screen 1. In the project navigation, select the screen to which you want to assign the template. 2. In the Inspector window, select "Properties > Properties > General". 3. Select the desired template under "Template." The selected template and all the objects contained in it are assigned to the screen. See also Basics on working with templates (Page 4990) Creating a new template (Basic Panels, Panels, RT Advanced) Introduction In a template, you can centrally modify objects and function keys. Changes to an object or of a function key assignment in the template are applied to the object in all the screens which are based on this template. Note HMI device dependency Function keys are not available on all HMI devices. 4994 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Requirement The project has been created. The Inspector window is open. Procedure 1. Select "Screen management > Templates" in the project tree and then double-click "Add new template". The template is created in the project, and appears in your view. The properties of the template are displayed in the Inspector window. 2. Define the name of the template under "Properties > Properties > General" in the Inspector window. 3. Specify the layers in the engineering system that are displayed under "Properties >Properties >Layers" in the Inspector window. 4. Add the necessary objects from the "Tools" task card. 5. Configure the function keys. Result The template is created in your project. See also Basics on working with templates (Page 4990) Configuring permanent areas in the template (Panels, RT Advanced) Introduction In the permanent area, you configure objects which are visible in all screens. In contrast to the template, the permanent area occupies an area of the screen for itself alone. You configure permanent areas in the "Permanent areas" editor or in a screen. The default height of the permanent area is "0". The maximum height is the maximum height of the screen minus 10 pixels. Configuring permanent areas 1. Double-click in the project tree under "Screen management > Permanent areas". The permanent area is created in the project and displayed in the work area. The properties of the permanent area are displayed in the Inspector window. 2. Configure the desired objects within the permanent area. WinCC Advanced V14 System Manual, 10/2016 4995 Visualizing processes 12.1 Creating screens Configuring permanent areas in a screen To configure a permanent area, follow these steps: 1. Open a template for a HMI device with a permanent area. 2. Using the mouse (cursor form: downwards. ), drag the top edge of the editable screen area 3. Configure the desired objects within the permanent area. Result The content of the permanent area is shown on every screen and in the template. The area above this line is now used as a permanent area in all the screens of the HMI device. Objects already configured in the screens are moved down by the height of the permanent area. See also Basics on working with templates (Page 4990) Using a template in the screen (Basic Panels, Panels, RT Advanced) Introduction You use a template in the screen. All the objects configured in the template are also available in the screen. Requirement A template has been created. A screen has been created. 4996 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure Proceed as follows to use a template in a screen: 1. Double click a screen in the project tree. The screen opens in the work area. 2. Open "Properties > Properties > General" in the inspector window. 3. Select a template that is to be applied to the screen under "Template". Show template in screen When you edit a screen, you can show an existing template in the screen. Proceed as follows to show a template in the screen: 1. Activate "Extras > Settings > Visualization > Show template in screens" in the menu. Result The screen is based on the selected template. All objects which you have configured in the template are available in the screen. The template is displayed in the screen. See also Basics on working with templates (Page 4990) 12.1.1.4 Working with pop-up screens Basics on working with pop-up screens (Panels, RT Advanced) Introduction You use the pop-up screen to configure a screen for additional content, for example, object settings. The pop-up screen is displayed on top of the current screen as soon as you call a system function. Only one pop-up screen at a time is displayed in a screen. Note Device dependency of the "Pop-up screen" object The "Pop-up screen" object is only available for KTP Mobile Panels, Comfort Panels and RT Advanced. Use You configure a button in the screen and assign the "ShowPopupScreen" or "ShowPopupScreenSizable" function in order to display a pop-up screen with a defined size. WinCC Advanced V14 System Manual, 10/2016 4997 Visualizing processes 12.1 Creating screens When operating the button, a pop-up screen is opened or closed. In the pop-up screen, you make the settings. Size You have the option to configure pop-up screens that are larger than the screen size: Horizontal, up to maximum double the width Vertical, up to maximum six times the height Objects in the pop-up screen You configure the following objects in the pop-up screen: Basic objects, such as lines and polygon-based objects Elements, such as buttons Controls, such as trend view or alarm view Faceplates Note You cannot configure alarm windows, system diagnostics windows and alarm indicators in the pop-up screen. Softkeys and hotkeys are not supported in the "Pop-up screen" object. Note Objects in the pop-up screen as well as the pop-up screen itself do not support access with VB scripting. Creating a new pop-up screen (Panels, RT Advanced) Introduction A new pop-up screen is created in Project tree > Screen management. The size of a pop-up screen is defined in the properties. Requirements The project has been created. The Inspector window is open. 4998 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Creating a new pop-up screen 1. Double-click "Screen management > Pop-up screens > Add new pop-up screen" in the project tree. The pop-up screen is generated in the project and is displayed in the work area. The pop-up screen properties are displayed in the Inspector window. 2. Define the name of the pop-up screen under "Properties > Properties > General" in the Inspector window. 3. Specify the layers in the engineering system that are displayed under "Properties >Properties >Layers" in the Inspector window. 4. Define the height and width of the pop-up screen under "Properties > Properties > Layout" in the Inspector window. 5. Define the color for the scroll arrows and the sizing handle in the scroll bar in "Properties > Properties > Scroll bar" in the Inspector window. 6. Add the necessary objects from the "Tools" task card. 7. Configure the function keys. Note You cannot address the "Pop-up screen" object and the objects configured in it with VB scripts. Note Objects and controls can be dynamized in the pop-up screen. The pop-up screen itself does not support dynamization. Result You have created a new pop-up screen in which you have configured objects and functions. Managing pop-up screens (Panels, RT Advanced) Introduction You can move, copy, rename, and delete pop-up screens within a project in the Project window. Moving pop-up screens in a group 1. Select "Screen management > Pop-up screens" in the project tree. 2. Select "Add group" in the shortcut menu. A folder called "Group_x" is inserted. 3. Select the pop-up screen in the project tree. 4. Drag-and-drop the pop-up screen to the required group. The pop-up screen is moved into this group. WinCC Advanced V14 System Manual, 10/2016 4999 Visualizing processes 12.1 Creating screens Copying pop-up screen 1. Select the pop-up screen in the project tree. 2. Select "Copy" from the shortcut menu. 3. In the project tree, select the pop-up screen insert position. 4. Select "Paste" in the shortcut menu. A unique name is assigned automatically to the copy. Deleting pop-up screen 1. Select the pop-up screen you want to delete in the project tree. 2. Select "Delete" in the shortcut menu. The pop-up screen and all its objects are deleted from the current project. Using the pop-up screen (Panels, RT Advanced) Introduction You configure the system function to open a pop-up screen at the event of an operating object. The linked system function is executed when the event occurs in runtime. Note You configure a button to open a pop-up screen in a slide-in screen. If the configured position of the pop-up screen is outside the slide-in screen, the slide-in screen is closed when the pop-up screen closes. Requirements A pop-up screen has been configured. A screen is open. The Inspector window is open. Procedure 1. Configure a button. 2. Click "Properties > Events" in the Inspector window. 3. Select an event, for example, "Click". 4. Click on "Add function" in the table. 5. Select the "ShowPopupScreen" system function. 5000 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result The pop-up screen opens when the operator clicks the button in runtime. 12.1.1.5 Working with slide-in screens Basics on working with slide-in screens (Panels, RT Advanced) Introduction The "Slide-in screen" object provides quick navigation between the start screen and the slidein screens containing additional configured contents stored outside the start screen. Navigation is supported by the multi-touch functions. The configurable handles appearing at the edges of the start screen provide quick access to the stored slide-in screens. The size of the slide-in screens depends on the HMI device used. Note Device dependency of the "Slide-in screen" object The "Slide-in screen" object is only available for KTP Mobile Panels, Comfort Panels and RT Advanced. Application The "Slide-in screen" is used to configure up to four slide-in screens for additional contents and operator controls, for example, a virtual keyboard or a system dialog. By default, the following slide-in screens are set up for each device: "Slide-in screen top": appears at the top of the start screen in Runtime "Slide-in screen bottom": appears at the bottom of the start screen in Runtime "Slide-in screen left": appears at the left of the start screen in Runtime "Slide-in screen right": appears at the right of the start screen in Runtime It is possible to configure objects in each of these slide-in screens. Note It is not possible to delete the default slide-in screens or to set up your own slide-in screens. WinCC Advanced V14 System Manual, 10/2016 5001 Visualizing processes 12.1 Creating screens Objects in the slide-in screen You configure the following objects in the slide-in screen: Basic objects, such as lines and polygon-based objects Elements, such as buttons Controls, such as trend view or alarm view Faceplates Note Objects in the slide-in screen as well as the slide-in screen itself do not support access with VB scripting. Note Release buttons and locked operator controls cannot be configured in the slide-in screen. Softkeys and hotkeys are not supported in the slide-in screen. See also Configuring slide-in screens (Page 5002) Configuring slide-in screens for devices without multi-touch function (Page 5004) Using slide-in screens (Page 5005) Configuring slide-in screens (Panels, RT Advanced) Introduction By default, four slide-in screens are preset for each device in the project tree under "Screen management > Slide-in screens". For each of these slide-in screens, you configure the size, the layout and the handle for operation in Runtime using the properties. Requirement The project has been created. An HMI device has been created. The Inspector window is open. 5002 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring properties for slide-in screens 1. Select the slide-in screen you wish to configure in the project tree under "Screen management > Slide-in screens. The slide-in screen properties are displayed in the Inspector window. Note The names of all slide-in screens are write-protected and cannot be changed. 2. Define the background color of the slide-in screen in the "Background color" selection list of the "Properties > Properties > General" Inspector window. 3. Define the grid color of the slide-in screen in the "Grid color" selection list. 4. Enable the "Activate" check box. 5. Specify the layers in the engineering system that are displayed under "Properties >Properties >Layers" in the Inspector window. 6. Define the height and width of the slide-in screen in "Properties > Properties > Layout" in the Inspector window: - Define the height only for "Slide-in screen top" and "Slide-in screen bottom". - Define the width only for "Slide-in screen left" and "Slide-in screen right". Note If you do not need all four slide-in screens, enable the slide-in screens relevant to you only. If you do not need any slide-in screens, leave the "Activate" check box empty for all four slidein screens. Note Slide-in screens cannot be deleted nor copied to a different HMI device. However, it is possible to copy the objects configured in a slide-in screen to another slide-in screen. Configuring handles for slide-in screens 1. Define the color of the first line of the handle in the "Lines" area of the "Color" selection list under "Properties > Properties > Handle" in the Inspector window. 2. Define the color of the second line of the handle in the "Alternative color" selection list. 3. Define the color for the operable area of the handle in the "Color" selection list under "Operable area". 4. Select one of the following options from the "Visibility" area: - "Hide handle automatically" (activated by default) - "Always show handle" - "Never show handle" WinCC Advanced V14 System Manual, 10/2016 5003 Visualizing processes 12.1 Creating screens Note When selecting the "Hide handle automatically" option, the handle only becomes visible once the user clicks the operable area. You select the "Never display handle" option when the slide-in screen is configured using the "ShowSlideInScreen" system function. Note You are notified by a warning if a handle which is configured as visible covers a configured object in a screen, such as a button, completely or partially. Note The following dimensions are defined for the handle: The width of a handle for the "Slide-in screen top" and "Slide-in screen bottom" objects is one-third of the screen length. The height of a handle for the "Slide-in screen left" and "Slide-in screen right" objects is one-third of the screen width. Result You have configured the properties of the slide-in screens and the handle for operation in Runtime. See also Basics on working with slide-in screens (Page 5001) Configuring slide-in screens for devices without multi-touch function (Page 5004) Configuring slide-in screens for devices without multi-touch function (Panels, RT Advanced) Introduction You use the "ShowSlideInScreen" system function to make the slide-in screens available on devices without multi-touch functions, for example Key Panels. You link this system function to buttons. Buttons are used to navigate between the start screen and the slide-in screens. Requirement The project has been created. An HMI device has been created. A screen is open. The Inspector window is open. 5004 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Drag the "Button" object to the screen from the toolbox. Note Navigation in Runtime is much easier if the buttons for operating the slide-in screens are created directly in the start screen. 2. Enter a suitable text of any length for the button. 3. In the Inspector window, select "Properties > Events > Click". The "Function list" dialog box is opened. 4. Select the "ShowSlideInScreen" system function from the "Keyboard operation for screen objects" group. 5. Assign the ID of the slide-in screen appearing in runtime when the button is operated to the "ShowSlideInScreen" function: - "Slide-in screen left" - "Slide-in screen top" - "Slide-in screen right" - "Slide-in screen bottom" 6. Assign the appropriate mode to the "ShowSlideInScreen" function: - "Toggle" - "Off" - "On" Result You have configured the slide-in screens for operation on devices without multi-touch function. When clicking on the respective button in the screen in Runtime, the slide-in screen behaves in accordance with the configuration. See also Basics on working with slide-in screens (Page 5001) Configuring slide-in screens (Page 5002) Using slide-in screens (Panels, RT Advanced) Introduction In slide-in screens, you configure additional contents and operator controls, for example, navigation buttons, an alarm view or a trend view. WinCC Advanced V14 System Manual, 10/2016 5005 Visualizing processes 12.1 Creating screens Requirements The project has been created. An HMI device has been created. A slide-in screen is open. The Inspector window is open. Procedure 1. Add the necessary objects from the "Tools" task card to the slide-in screen. 2. Configure the function keys. Note You cannot address the "Slide-in screen" object and the objects configured in it with VB scripts. Note Objects and controls can be dynamized in the slide-in screens. The slide-in screens as such do not support dynamization. Result You have configured objects and functions in the slide-in screen. See also Basics on working with slide-in screens (Page 5001) 12.1.1.6 Working with styles and style sheets Basics on working with styles (Basic Panels, Panels, RT Advanced) Introduction The style editor is a global editor. You define a uniform appearance for display and operating elements in the style editor. In this way, you harmonize the display of objects in Runtime. The style editor offers predefined styles. Additional predefined styles are available for download at Siemens Industry Online Support (http://support.automation.siemens.com/WW/view/en/ 91174767). You can choose one of the predefined styles or create your own style. You use the style editor independently of devices and projects. 5006 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Views in the style editor Objects are grouped in the style editor according to their main visual features. The following groups are available: Buttons, lines, and polygon-based objects Text-based objects Trend-based objects, such as trend view, graphic or value-based objects, such as value table. Style items You use a style item to define the appearance of a screen object within a style. You can design several objects of the same type differently in one style. You define, for example, different style items for simple buttons and navigation buttons. You create and manage style items in the style editor. Style sheets You use style sheets to configure the same properties for a group of objects. In a style sheet you can, for example, define the width and background color of table headers for all tablebased objects. Style sheets are divided into predefined types depending on the included properties, for example, buttons, limits, table headers. You use style sheets to define the design of shared object properties. Some special object properties are not included in style sheets. You use styles to design all objects of a project with visual consistency. Managing styles and style sheets You create and edit styles and style sheets in the project library. To get a better overview of types in expansive libraries, you save styles and style sheets in folders with meaningful names. You should also assign meaningful names to the styles and style sheets you create yourself. WinCC Advanced V14 System Manual, 10/2016 5007 Visualizing processes 12.1 Creating screens Support of styles in faceplates Styles and style items can be assigned to faceplate instances. However, there is no direct connection between the faceplate types and styles, so selection and preview of a style item in the faceplate editor is not possible. To assign a style item to a faceplate, enter the name of the style item under "Style item appearance". The configured style item is used in the instance of a faceplate, provided the name of the style item exists in the style used. Ensure that the name is written correctly. See also Displaying predefined styles (Page 5009) Defining a style (Page 5009) Managing styles (Page 5011) Using style items (Page 5014) 5008 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Displaying predefined styles (Basic Panels, Panels, RT Advanced) Introduction In the "Style" editor, you see predefined styles and create your own styles for representing display and operating objects in Runtime. Open "Styles" editor 1. Double-click "Common data" in the project navigation. 2. Click the "Styles" editor. The editor opens. Note Style editor in the project navigation The style editor is only visible in the project navigation if a device that supports styles, e.g., Comfort Panels, is created in the project. 3. The standard styles are displayed in the work area of the "Style" editor: WinCC Light WinCC Dark WinCC Fresh WinCC Wireframe. Result The settings for the groups and individual objects are displayed in the work area. You will assign predefined styles or define your own styles in the next steps. Predefined styles are write-protected and cannot be changed. See also Managing styles (Page 5011) Defining a style (Page 5009) Defining a style (Basic Panels, Panels, RT Advanced) Introduction In the "Styles" editor, you see predefined styles. Predefined styles are write-protected and cannot be changed. In addition, you have the option of defining your own styles and applying them to individual objects, groups, and even projects. WinCC Advanced V14 System Manual, 10/2016 5009 Visualizing processes 12.1 Creating screens Defining a style 1. Open the "Common data" folder in the project navigation. 2. Open the "Style" editor. 3. Click "Add" in the "Styles" area. A new style is created. The library view opens. The version of the type is displayed in the "Types" folder. The version 0.0.1 has the status "in progress". 4. In the Inspector window, select the colors, borders and other settings for individual objects. 5. In order to activate the new style, select the current version "in progress" and select "Release version" in the shortcut menu. The new style appears in the "Styles" editor. 5010 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result You have added a new style which can be applied to objects or projects. Defining a style based on a predefined style 1. Open the "Common data" folder in the project navigation. 2. Open the "Style" editor. 3. Select a predefined style in the work area. 4. Select the "Duplicate type" command in the shortcut menu. The "Duplicate type" dialog opens. 5. Overwrite the suggested name with a meaningful name. 6. In the "Comment" column, enter a description of the style, e.g. the intended use. 7. Click "OK" to confirm your input. 8. Select the created type in the project library. 9. Select "Edit new type" in the shortcut menu. The library view opens. The version of the type is displayed in the "Types" folder. The version 0.0.2 has the status "in progress". 10.Configure the type as required. 11.Select the "Release version" command from the shortcut menu of the edited version. Result They have configured a new style based on the predefined style of WinCC. See also Displaying predefined styles (Page 5009) Managing styles (Basic Panels, Panels, RT Advanced) Deleting a style You can delete styles that you have defined yourself. 1. Open the "Common data" folder in the project navigation. 2. Open the "Style" editor. 3. Select the style in the work area that you want to delete. Note You cannot delete the predefined styles of WinCC. 4. Select the "Delete" command in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 5011 Visualizing processes 12.1 Creating screens The style is deleted. Editing a style You can edit styles that you have defined yourself. 1. Open the project library. 2. Select the released version of the style that you want to change. 3. Select "Edit type" in the shortcut menu. A new version "in progress" is created. 4. Make the required changes in the Inspector window. 5. Select the "Release version" command from the shortcut menu of the edited version to put the changes into effect. The changes made take effect. Determining a standard style for a project A project can be assigned a standard style to achieve a visual conformity of all display objects in the project. 1. Open the "Common data" folder in the project navigation. 2. Open the "Style" editor. 3. Activate a style in the work area. The activated style is used as standard style in the project. When you add a device to the project, this device uses the standard style. Changing the style for a specific device Within a project, you change the style for a specific device. 1. Open the "Runtime settings" editor of the HMI device. 2. Select a device style under "General". The selected style is applied to the device. If the device style is not assigned, the device uses the standard style of the project. See also Displaying predefined styles (Page 5009) 5012 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Adjusting the font size to the device size (Basic Panels, Panels, RT Advanced) Introduction You define the size of the device to whose objects you want to apply a style in the style editor. This means you specify device-dependent font sizes in a style. All font sizes are automatically adapted to the device size by selecting a specific reference size. The table below shows the device sizes and the reference font sizes in pixels: Device size Font size in pixels 4" display 15 px 7" display 17 px 9" display 15 px 12" display 19 px 15" display 19 px 19" display 17 px 22" display 21 px WinCC RT Advanced 17 px Activating automatic adjustment of font sizes 1. Double-click the "Runtime settings" editor in the project window. 2. Click "General". 3. Activate the option "Adjust font size in style" under "General > Screen". Automatic adjustment of font sizes to the device size was activated in a style. WinCC Advanced V14 System Manual, 10/2016 5013 Visualizing processes 12.1 Creating screens Adjusting font size in a device style 1. Open the corresponding style for editing in the project library. 2. Select the reference size of the HMI device in the work area. All font sizes in the style are automatically adjusted to the selected device size. Using style items (Basic Panels, Panels, RT Advanced) Introduction You use style items to change the style of a screen object without changing the entire device style. You can, for example, define types of buttons with the help of different style items that are to receive the same appearance in one or several devices. You define style items in the style editor. Adding a new style item 1. Open the project library. 2. Select the released version of the style that you want to change. 3. Select "Edit type" in the shortcut menu. A new version "in progress" is created. 4. Select the object that you want to use in a different style. 5014 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 5. Click the plus sign next to the object name. A new style item has been created. You can also select "Duplicate style item" in the shortcut menu of the object. 6. Make the required changes in the inspector window. 7. Assign a meaningful name to the new style item under "Properties > Miscellaneous > Object > Name". 8. Release the version of the style. Deleting a style item You can delete style items that you have defined yourself. 1. Open the project library. 2. Select the style that includes the style item. 3. Open the "in progress" version. 4. Select the style item that you want to delete in the work area. 5. Select the "Delete" command in the shortcut menu. Note You cannot rename or delete predefined WinCC style items. The style item is deleted. WinCC Advanced V14 System Manual, 10/2016 5015 Visualizing processes 12.1 Creating screens Specifying a style item for an object If you have configured additional style items for an object in the device style, you can use the predefined style item for a screen object. 1. Open "Properties > Styles/Designs > Settings". 2. Enable the option "Use style/design". 3. Select the predefined style item under "Style item appearance". The object is displayed as selected style item. Basics on working with style sheets (Basic Panels, Panels, RT Advanced) Introduction Some screen objects have the same properties which can be configured similarly. These general properties are grouped in style sheets. You can configure several properties for several objects simultaneously and consistently by using style sheets. Types of style sheets Style sheets are divided into several predefined categories. Each category contains a specific number of common properties shared by different objects. Select the required category when you create a style sheet. A style sheet can only be applied to objects for which the corresponding category is defined. The table below shows the available categories and objects that can be configured with them. Category/Objects Polylines/ Lines Text-based ob jects Buttons Value-based objects Table-based objects Diagrams Button - - X - X X Object body X - - X X X Diagram body - - - - - X Focus and selec tion - X X - X X 5016 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Category/Objects Polylines/ Lines Text-based ob jects Buttons Value-based objects Table-based objects Diagrams Limits - X - X - - Labels - - - X - - Scale - - - X - - Table body - - - - X X Table header - - - - X X Text field - X - - - - Use of style sheets You apply a style sheet to a style item when editing a style. The properties configured in the style sheet are transferred to the style item. To apply a style sheet to a style item, drag the required style sheet from the task card to the style item in the work area using drag-and-drop. Managing style sheets Style sheets are library types. You manage style sheets in the project library. Style sheet categories are available in the project library in the "Style sheets > Categories" task card during style editing. The style sheets that are available for a style sheet type are available in the "Style sheets > Visual attributes" task card. The task card includes predefined style sheets as well as style sheets you have created yourself and released. Creating a new style sheet (Basic Panels, Panels, RT Advanced) Introduction You configure the properties for several objects of a similar type in a style sheet. Create new style sheet 1. Open the project library. 2. Click the "Add new type" button. The "Add new type" dialog opens. 3. Select the option "HMI style sheet" in the dialog. WinCC Advanced V14 System Manual, 10/2016 5017 Visualizing processes 12.1 Creating screens 4. Select the type of the style sheet. 5. Assign a meaningful name to the style sheet. 6. Click "OK" to confirm your input. The new style sheet was created. Create new style sheet based on a style To automatically configure the properties for similar screen objects when editing a style, create a new style sheet based on properties of a style item that have already been configured. 1. Select the style item you want to use to create a style sheet. 2. Select "Create new style sheet" in the shortcut menu. 3. Select the category for the style sheet in the submenu. The "Add type" dialog opens. 5018 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 4. Assign a meaningful name to the style sheet. 5. Click "OK" to confirm. The new style sheet based on a style was created and has been added to the "Style sheets > Visual attributes" task card. The properties in the style sheet were applied from the selected style item. The properties of the style sheet not included in the selected style have been assigned default values. Managing style sheets (Basic Panels, Panels, RT Advanced) Introduction You edit, copy and delete the style sheets in the project library. You can also open, copy, create and delete style sheets with the commands in the shortcut menu of the "Style sheets > Categories" task card. Edit style sheet You can edit style sheets that you have created yourself. 1. Open the project library. 2. Select the released version of the style sheet that you want to change. 3. Select "Edit type" in the shortcut menu. A new version "in progress" is created. 4. Make the required changes in the Inspector window. 5. Select the "Release version" command from the shortcut menu of the edited version to put the changes into effect. The changes made take effect. Delete style sheet You can delete style sheets that you have defined yourself. 1. Open the project library. 2. Select the style sheet that you want to delete in the project library. Note You cannot delete the predefined style sheets of WinCC. Note You cannot delete the style sheet which includes an "in progress" type. To delete the style sheet, start by releasing all versions of the style sheet. 3. Select the "Delete" command in the shortcut menu. The style sheet is deleted. WinCC Advanced V14 System Manual, 10/2016 5019 Visualizing processes 12.1 Creating screens Copy style sheet 1. Open the project library. 2. Select the style sheet that you would like to copy. 3. Select "Duplicate type" in the shortcut menu. 4. Overwrite the suggested name with a meaningful name. 5. In the "Comment" column, enter a description of the style sheet, for example, the intended use. 6. Click "OK" to confirm your input. The required style sheet was copied and stored in the same folder. Using style sheets (Basic Panels, Panels, RT Advanced) Introduction You are using a style sheet while editing a style in the style editor. Style sheets are objectspecific and are only applied to style items with which they are compatible. Only a released version of a style sheet can be applied to a style item. You have the following options to use a style sheet: To design the selected style item, drag the style sheet to a style item in the style editor. To design several style items of a group, drag the style sheet to a group of style items. To design all style items of the style which are compatible with the style sheet, drag the style sheet to an empty area in the style editor. Requirement You have created a style. A version of the style is opened "in progress". 5020 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Apply style sheet to style item 1. Select the style sheet category in the "Style sheets > Categories" task card. 2. Select the required style sheet in the "Style sheets > Visual attributes" task card. 3. Drag the selected style sheet to a style item with drag&drop. When you drop the style sheet on the style item, the style item applies the settings from the style sheet. Note There is no connection between the style item and the used style sheet. When you change the style sheet, the changes are not automatically applied in the style item. Apply the style sheet again to make the changes to the style sheet effective in the style item. Note Style sheets are not linked with screen objects. Unused or outdated style sheet versions are deleted by cleaning up or versioning the library. Result You have applied a style sheet to a style item in a style. WinCC Advanced V14 System Manual, 10/2016 5021 Visualizing processes 12.1 Creating screens 12.1.2 Working with objects and object groups 12.1.2.1 Working with objects Overview of objects (Basic Panels) Introduction Objects are graphics elements which you use to design the screens of your project. The "Tools" task card contains all objects that can be used for the HMI device. Display the Task Card with menu command "View" by activating the "Task Card" option. The toolbox contains various palettes, depending on the currently active editor. If the "Screens" editor is open, the toolbox contains the following palettes: "Basic objects" The basic objects include basic graphic objects such as "Line", "Circle", "Text field" or "Graphic view". "Elements" The elements include basic operator controls, e.g. "I/O field", "Button" or "Gauge". "Controls" The controls provide advanced functions. They also represent process operations dynamically, for example Trend view and Recipe view. 5022 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens "Graphics" Graphics are broken down into subjects in the form of a directory tree structure. The various folders contain the following graphic illustrations: - Machine and plant areas - Measuring equipment - Operator controls - Flags - Buildings You can create links to your own graphic folders. The external graphics are located in these folders and subfolders. They are displayed in the toolbox and incorporated into the project using links. "Libraries" task card In addition to the display and operating elements, the library objects are available. They are located within the palettes of the "Libraries" task card. A library contains preconfigured objects such as graphics of pipes, pumps, or preconfigured buttons. You can also integrate multiple instances of library objects into your project without having to reconfigure them. The WinCC software package includes libraries, e.g. "HMI Buttons & Switches". You can also store customized objects, and faceplates in user libraries. Faceplates are objects that you create from existing screen objects, and for which you define the configurable properties. Note HMI device dependency Some of the toolbox objects are either available with restricted functionality, or not at all. This depends on the HMI device you are configuring. Unavailable properties of an object are displayed as deactivated, and cannot be selected. Basic objects Symbol WinCC Advanced V14 System Manual, 10/2016 Object Instructions "Line" - "Ellipse" - "Circle" - "Rectangle" - "Text field" One or more lines of text. The font and layout are adjustable. "Graphic view" Displays graphics from external graphic programs, and inserts OLE objects. The following graphic formats can be used: "*.emf", "*.wmf", "*.dib", "*.bmp", "*.jpg", "*.jpeg", "*.gif" and "*.tif". 5023 Visualizing processes 12.1 Creating screens Elements Symbol Object Instructions "I/O field" Outputs the values of a tag, and/or writes values to a tag. You can define limits for the tag values shown in the I/O field. To hide the operator input in runtime, configure "Hidden input". "Button" Executes a function list, or a script as configured. "Symbolic I/O field" Outputs the values of a tag, and/or writes values to a tag. A text from a text list is displayed in relation to the tag value. "Graphic I/O field" Outputs the values of a tag, and/or writes values to a tag. A graphic from a graphics list is displayed in relation to the tag value. "Date/time field" Outputs the system date and time, or the time and date from a tag. This allows the operator to enter new values. The display format is adjustable. "Bar" The bar represents a value from the PLC in the form of a scaled bar graph. "Switch" Toggles between two defined states. You can label a switch with text, or a graphic. Controls Symbol Object Description "Alarm view" Shows currently pending alarms or alarm events from the alarm buffer or alarm log. "Trend view" Represents multiple curves with values from the PLC, or from a log. "User view" Allows an administrator to administer users on the HMI device. It also allows an operator without administrator rights to change his password. "HTML Browser"1) Displays HTML pages. "Recipe view" Displays data records, and allows them to be edited. "System diagnostics view" Provides an overview of all devices capable of diag nostics. Displays errors in the plant. Available for Basic Panels 2nd Generation. 1) See also Overview of objects (Page 5025) Designing an object (Page 5042) 5024 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Overview of objects (Panels, RT Advanced) Introduction Objects are graphics elements which you use to design the screens of your project. The "Toolbox" task card contains all objects that can be used for the HMI device. Display the Task Card with menu command "View" by activating the "Task Card" option. The toolbox contains various palettes, depending on the currently active editor. If the "Screens" editor is open, the toolbox contains the following palettes: "Basic objects" The basic objects include basic graphic objects such as "Line", "Circle", "Text field" or "Graphic view". "Elements" The elements include basic control elements, e.g. "I/O field", "Button" or "Gauge". "Controls" The controls provide advanced functions. They also represent process operations dynamically, for example Trend view and Recipe view. "Graphics" Graphics are broken down into subjects in the form of a directory tree structure. The various folders contain the following graphic illustrations: - Machine and plant areas - Measuring equipment - Operator controls - Flags - Buildings You can create links to your own graphic folders. The external graphics are located in these folders and subfolders. They are displayed in the toolbox and incorporated into the project using links. "Libraries" task card In addition to the display and operating objects, the library objects are available. They are located within the palettes of the "Libraries" task card. A library contains preconfigured objects such as graphics of pipes, pumps, or preconfigured buttons. You can also integrate multiple instances of library objects into your project without having to reconfigure them. The WinCC software package includes libraries, e.g. "HMI Buttons & Switches". You can also store customized objects, and faceplates in user libraries. Faceplates are objects that you create from existing screen objects, and for which you define the configurable properties. Note HMI device dependency Some of the toolbox objects are either available with restricted functionality, or not at all. This depends on the HMI device you are configuring. Unavailable properties of an object are displayed as deactivated, and cannot be selected. WinCC Advanced V14 System Manual, 10/2016 5025 Visualizing processes 12.1 Creating screens Basic objects Icon Object Instructions "Line" - "Polyline" The polyline is an open object. Even if the start and end points have the same coordinates, the area they enclose cannot be filled in. If you want to fill a polygon, select the "Polygon" object. "Polygon" - "Ellipsis" - "Circle" - "Rectangle" - "Text field" One or more lines of text. The font and layout are adjustable. "Graphic view" Displays graphics from external graphic programs, and inserts OLE objects. The following graphic formats can be used: "*.emf", "*.wmf", "*.dib", "*.bmp", "*.jpg", "*.jpeg", "*.gif" and "*.tif". Elements Icon Object Instructions "I/O field" Outputs the values of a tag, and/ or writes values to a tag. You can define limits for the tag values shown in the I/O field. To hide the operator input in run time, configure "Hidden input". 5026 "Button" Executes a list of functions, or a script as configured. "Symbolic I/O field" Outputs the values of a tag, and/ or writes values to a tag. A text from a text list is displayed in re lation to the tag value. "Graphic I/O field" Outputs the values of a tag, and/ or writes values to a tag. A graph ic from a graphics list is dis played in relation to the tag value. "Date/time field" Outputs the system date and time, or the time and date from a tag. This allows the operator to enter new values. The display format is adjustable. "Bar" The bar represents a value from the PLC in the form of a scaled bar graph. "Charge condition" Shows the charge condition of the battery for Mobile Wireless WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Icon Object Instructions "Switch" Toggles between two defined states. You can label a switch with text, or a graphic. "Slider" Displays a current value from the PLC, or sends a numeric value to the PLC. "Symbol library" Used to add screen objects based on controls of the same name. "Effective range name" Shows the name of the effective range. "Effective range name (RFID)" Displays the name of the effec tive range (RFID). "Effective range signal" Indicates how accurately the Mo bile Panel Wireless is positioned within an effective range. "WLAN reception" Indicates how good the WLAN radio connection is. "Gauge" Displays numeric values. The appearance of the gauge is adjustable. "Zone name" Displays the name of the zone. "Zone signal" Indicates how accurately the Mo bile Panel Wireless is positioned within a zone. "Clock" Displays the system time in ana log or digital format. Controls Icon Object Description "Alarm view" Shows currently pending alarms or alarm events from the alarm buffer or alarm log. "Trend view" Represents multiple curves with values from the PLC, or from a log. "User view" Allows an administrator to administer users on the HMI device. It also allows an operator without administrator rights to change his password. WinCC Advanced V14 System Manual, 10/2016 "HTML browser" Displays HTML pages. "Camera view"1) Displays pictures from a connected network camera. "PDF view" Displays PDF documents. "Watch table" This function gives the operator direct read / write ac cess from the HMI device to individual address areas in the connected SIMATIC S7. 5027 Visualizing processes 12.1 Creating screens Icon 1) Object Description "Sm@rtClient view" Allows an operator to monitor and maintain a connec ted device remotely. "Recipe view" Displays data records, and allows them to be edited. "f(x) trend view" Represents the values of a tag as a function of another tag. "System diagnostics view" Provides an overview of all diagnostics capable devi ces. Displays errors in the plant. "PLC code view"2) Displays the PLC programs which have been program med in the LAD or FBD programming languages. "GRAPH overview"3) Shows the current program status for executed steps of the PLC sequencer. "ProDiag overview"3) Indicates the current state of operand monitoring. "Media Player" Media files are shown in the media player. Available for Comfort Panels and KTP Mobile Panels (as of device version V13). Available for WinCC Runtime Advanced (as of device version V14) and Comfort Panels and KTP Mobile Panels (as of device version V14 with a display size > 4''). 2) Available for WinCC Runtime Advanced, Comfort Panels and KTP Mobile Panels (as of device version V14) 3) See also Basics on groups (Page 5071) Overview of keyboard access (Page 5078) Screen basics (Page 4979) Example: Configuring a rectangle (Page 5081) Storing an external image in the graphics library (Page 5068) Managing external graphics (Page 5067) External graphics (Page 5065) Repositioning and resizing multiple objects (Page 5062) Selecting multiple objects (Page 5060) Inserting multiple objects of the same type (stamping) (Page 5058) Flashing (Page 5042) Flipping objects (Page 5041) Rotating objects (Page 5039) Showing objects outside the screen area (Page 5039) Moving an object forwards or backwards (Page 5038) 5028 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Aligning objects (Page 5036) Resizing objects (Page 5034) Positioning an object (Page 5032) Deleting an object (Page 5031) Inserting an object (Page 5030) Overview of objects (Page 5022) Options for editing objects Introduction Objects are graphics elements which you use to design the screens of your project. You have the following options for editing objects: Copying, pasting or deleting objects using the shortcut menu If you copy an object in a screen and the screen already includes an object of the same name, the name of the object is changed. Maintaining the standard size of the objects you are inserting or customizing their size on insertion. Moving an object in front of or behind other objects Rotating objects Mirroring objects Defining the tab sequence for objects Stamping: Inserting several objects of the same type Selecting several objects simultaneously Repositioning and resizing multiple objects You can assign external graphics to objects, e.g. in the Graphic View. You can view only the images you have previously stored in the graphic browser of your WinCC project. You can save graphics in the graphic browser: - Via drag & drop from the "Graphics" object group to the working area - As graphic files in the following formats: *.bmp, *.dib, *.ico, *.emf, *.wmf, *.gif, *.tif, *.jpeg or *.jpg - As an OLE object You either create a new OLE object or save an existing graphic file as an OLE object. To save an OLE object, an OLE-compatible graphics program must be installed on the configuration computer. WinCC Advanced V14 System Manual, 10/2016 5029 Visualizing processes 12.1 Creating screens Inserting an object Introduction In the "Screens" or "Reports" editor, insert the objects to the "Toolbox" task card. Use the mouse to drag the objects into the work area. You either keep the objects in their original size, or scale them up or down when you paste them. In addition, you can copy or move objects via the clipboard from one editor to another, for example to transfer a screen object to a report. Alternatively, you can also use the mouse instead of the clipboard for copying and moving: Copying: <Ctrl + Drag&Drop> Moving: Drag&drop Note Basic Panels The "Reports" editor is not available for Basic Panels. Requirement The "Tools" task card is open. Inserting objects in their standard size 1. In the "Toolbox" task card, select the desired graphic object or the desired graphic in the WinCC graphics folder. When you move the cursor across the work area, it turns into a crosshair with an appended object icon. 2. Click the location in the work area where you want to insert the object or graphic. The object is inserted with its standard size at the desired position in the work area. Alternatively, double-click the object in the "Toolbox" task card. Copying an object 1. Select the desired object. 2. Select "Copy" in the shortcut menu. 3. Click the desired location and select "Paste" in the shortcut menu. WinCC inserts a copy of the object at the desired location. You can only change the properties that are appropriate for the relevant context. Example: In the "Screens" editor, you can set for I/O fields and the mode for input and output. In the "Reports" editor, the mode is set to "Output". Original and copy are not interconnected and are configured independently from one another. 5030 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Inserting lines 1. Select the desired graphic object in the "Tools" task card. 2. Click on a location in the work area. A line in the standard size is inserted. Inserting a polygon or polyline 1. Select the desired object "Polyline" or "Polygon" in the "Tools" task card. 2. Click on a location in the work area. This fixes the starting point of the object. 3. Click another location in the work area. A corner point is set. 4. For every additional corner point, click on the corresponding location in the work area. 5. Double-click on a location in the work area. The last corner point is set. This fixes all the points of the polygon or polyline. Note Basic Panels The "Polyline" and "Polygon" objects are not available for Basic Panels. Note If you want to insert several objects of the same type, use the "Stamp" function. This avoids having to reselect the object in the "Tools" task card every time before inserting it. To do so, select the icon in the toolbar of the "Tools" task card. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Deleting an object Introduction You can delete objects individually or with a multiple selection. Requirement You have opened the work area containing at least one object. WinCC Advanced V14 System Manual, 10/2016 5031 Visualizing processes 12.1 Creating screens Procedure 1. Select the object that you want to delete. To delete multiple objects, keep the <Shift> key pressed and select the objects to be deleted one after the other. Alternatively, drag and maximize an area around the desired objects with the mouse. 2. Select "Delete" from the shortcut menu. Result The selected objects are deleted. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Positioning an object Introduction When you select an object, it is enclosed by a rectangle with resizing handles. This rectangle is the rectangle which surrounds the object. The position of an object is defined by the coordinates of the top left corner of the rectangle surrounding the object. Note If the position is outside the work area the object is not displayed in Runtime. Position and align You have the possibility of having a grid displayed in the work area. You have three options for easier positioning of objects: "Snap to grid" When you resposition objects, they are automatically snapped and pasted to the grid. If you hold down the <Alt> key, the object is no longer snapped to the grid. "Snap to objects" When you reposition objects, they are displayed with help lines. You can use other objects for orientation during positioning. "None": You position the objects in any position. 5032 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens You activate and deactivate the grid and options as follows: In the "Options > Settings > Visualization > Screens" menu In the "Layout > Grid" task card Requirement You have opened the work area containing at least one object. Procedure 1. Select the object you want to move. The selected object is framed by a rectangle with resizing handles. 2. Left-click the object and keep the mouse button pressed. 3. Move the mouse pointer onto the new position. The contour of the object moves with the mouse and displays the new position for the object. The object initially remains at its original position. 4. Now release the mouse button. The object is moved into the position indicated by the contour of the selection rectangle. Alternative procedure 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the X and Y values for the position under "Position & Size". Result The object appears at its new position. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) WinCC Advanced V14 System Manual, 10/2016 5033 Visualizing processes 12.1 Creating screens Resizing objects Introduction When you select an object, it is enclosed by a rectangle with handles. You have the following options of resizing an object: Drag the handles using the mouse. Modify the "Size" property in the Inspector window. Requirement You have opened the work area containing at least one object. Procedure 1. Select the object you want to resize. The selection rectangle appears. The following figure shows a selected object: 2. Drag a resizing contact of the rectangle to a new position. The size of the object changes. - The size of the object is aligned to the grid pattern, provided the "Snap to grid" function is set. - Press <ALT> to disable this function while you drag the object. In order to scale the object proportionally, keep the <Shift> key pressed while changing the size with the mouse. Alternative procedure 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the size of the object under "Position & Size". Harmonizing the object size 1. Select the objects. or or 2. Now, click one of the following buttons: The size of the selected objects is matched to each other. 5034 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens The following screen shows how the selected objects are adapted to the height of the reference object: Icon Description Aligns the selected objects to the width of the reference object. Aligns the selected objects to the height of the reference object. Aligns the selected objects to the width and height of the reference object. Result The object now appears with its new size. See also Overview of objects (Page 5025) Designing an object (Page 5042) WinCC Advanced V14 System Manual, 10/2016 5035 Visualizing processes 12.1 Creating screens Aligning objects Procedure 1. Select the objects via multiple selection. 2. Specify an object as the reference object. 3. Select the desired command in the toolbar or the shortcut menu - see table below. The selected objects will be aligned. Aligning objects flush The selected objects will be aligned flush to the reference object. Icon Description Aligns the selected objects to the left edge of the reference object. Aligns the selected objects to the vertical center axis of the reference object. Aligns the selected objects to the right edge of the reference object. Aligns the selected objects to the upper edge of the reference object. Aligns the selected objects to the horizontal center axis of the reference object. Aligns the selected objects to the lower edge of the reference object. Centers the selected objects to the center points of the reference object. Centers the selected objects vertically in the screen. Snap to object When you reposition objects, they are displayed with help lines. You can use other objects for orientation during positioning. If you are working with the keyboard, press the Alt key. When you move the selected object with the arrow keys, the next anchor point is displayed. Distributing objects evenly You need at least three selected objects. A reference object is not required. 1. Select the objects. 2. Click one of the buttons "Distribute horizontally equal" or "Distribute vertically equal". The selected objects are distributed at equal distances. 5036 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens The following screen shows how you align the vertical spacing of the selected objects: Icon Description Aligns the horizontal distance between the objects. The position of the objects on the extreme left and right side remains unchanged. All other objects are distributed evenly between them. Aligns the vertical distance between the objects. The position of the objects at the extreme top and bottom (right and left) remains un changed. All other objects are distributed evenly between them. See also Overview of objects (Page 5025) Designing an object (Page 5042) Moving objects with keyboard shortcuts Introduction You can move the objects in the screen by using shortcut keys or select them by type. Controlling objects with the keyboard Function Keyboard shortcut Moves the selected screen object to the left to the first available vertical alignment position. <Alt+Shift+Left> Moves the selected screen object to the right to the first available verti <Alt+Shift+Right> cal alignment position. WinCC Advanced V14 System Manual, 10/2016 Moves the selected screen object up to the first available horizontal alignment position. <Alt+Shift+Up> Moves the selected screen object down to the first available horizontal alignment position. <Alt+Shift+Down> Selects all screen objects of this type. <Ctrl+Shift+A> Selects all objects that support the use styles. <Ctrl+Shift+D> 5037 Visualizing processes 12.1 Creating screens Moving an object forwards or backwards Introduction You can use the "Order" functions in the shortcut menu of a selected object or in the toolbar to move a selected object in front of or behind other objects within an object layer. Note ActiveX controls are always positioned in front of an object layer (.NET property). Requirement You have opened a screen which contains a layer with multiple objects. Procedure 1. Select the object you want to move forward or backward. 2. Select the "Sort" command and one of the following commands from the shortcut menu: Icon Description Moves the selected object before all the other objects of the same layer Moves the selected object to the lowest position in the same layer Moves the selected object up by one position Moves the selected object down by one position Alternative procedure 1. Open the "Layers" palette of the "Layout" task card. 2. Navigate to the required object. 3. Hold down the mouse button, and drag the object in the tree topology to the required position in the layer. 4. Now release the mouse button. Result The object is moved up or down. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) 5038 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Showing objects outside the screen area Introduction If you assign objects to positions that are outside the configurable area, these objects will be hidden. The functions of the "Objects outside the visible area" palette in the "Layout" task card are used to move these objects back into the screen. Requirement You have opened a screen which contains objects that are outside the configurable area. The "Layout" task card is open. Procedure 1. Open the "Layout > Objects outside the area" task card. This displays a list of objects that are outside the configurable area. 2. Select the the object which you want to move back into the screen from the list. 3. Select "Move to screen" in the object shortcut menu. Alternatively open the "Layout > Layer" task card. Objects outside the area are indicated by the icon. If you click this icon, the object is moved back into the screen. Result The objects are moved to the configurable area. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Rotating objects Introduction You can rotate a suitable object clockwise or counterclockwise around its center axis in steps of 90. Note Not all the objects can be rotated. Some objects that can be rotated in screens cannot be rotated in reports. WinCC Advanced V14 System Manual, 10/2016 5039 Visualizing processes 12.1 Creating screens You can also rotate multiple objects using the multiple selection function. Certain WinCC objects such as buttons cannot be rotated. The alignment of elements in an object will change in a rotated object. The following figure shows how a rectangle and an ellipse behave under the different commands for rotating an object: rWRWKHULJKW rWRWKHOHIW rWRWKHULJKW [rWRWKHULJKW Requirement You have opened the work area containing at least one object. Procedure 1. Select the object that you want to rotate. 2. Click one of the following toolbar icons: , to rotate the object clockwise around its center point. The angle of rotation is 90. , to rotate the object counterclockwise around its center point. The angle of rotation is 90. , to rotate the object clockwise by 180. Result The object is shown at its new angle. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) 5040 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Flipping objects Introduction You can flip an object along its vertical or horizontal center axis. The alignment of elements in an object will change when you flip an object. The following figure shows how a rectangle and an ellipse behave under the different commands for flipping an object. KRUL]RQWDO YHUWLFDO KRUL]RQWDOYHUWLFDO Requirement You have opened a screen which contains at least one object. Procedure 1. Select the object that you want to flip. 2. Click the "Flip" command in the shortcut menu and select one of the options displayed: - , to flip the selected object along its vertical center axis. - , to flip the selected object along its horizontal center axis. Result The object is shown at its flipped position. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) WinCC Advanced V14 System Manual, 10/2016 5041 Visualizing processes 12.1 Creating screens Flashing (Panels, RT Advanced) Introduction You want an object to flash in Runtime. Requirement You have opened the work area containing at least one object. Procedure 1. Select the object that you want to flash. 2. In the Inspector window, select the type "Standard enabled" under "Properties > Properties > Flashing". Result The object flashes in runtime. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Designing an object Introduction You design the border and background of an object. Requirements A line has been created in a screen. Procedure 1. Select the line on your screen. 2. In the Inspector window, select "Properties > Properties > Appearance": 3. Select "Dash" as the style. 4. To display the dashed line in two colors, select the line width "1". 5. Select the setting "Arrow" in the "Line ends" area. 5042 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result The line is displayed in two colors as a dashed line. The end of the line is an arrow. See also Overview of objects (Page 5022) Inserting an object (Page 5030) Deleting an object (Page 5031) Positioning an object (Page 5032) Resizing objects (Page 5034) Aligning objects (Page 5036) Moving an object forwards or backwards (Page 5038) Showing objects outside the screen area (Page 5039) Rotating objects (Page 5039) Flipping objects (Page 5041) Flashing (Page 5042) Inserting multiple objects of the same type (stamping) (Page 5058) Selecting multiple objects (Page 5060) Repositioning and resizing multiple objects (Page 5062) Managing own controls (Page 5062) External graphics (Page 5065) Managing external graphics (Page 5067) Storing an external image in the graphics library (Page 5068) Designing the fill pattern Introduction WinCC lets you design the background color and the fill pattern of an object. The design options change in the Inspector window depending on object for which you are making the filling pattern. For certain objects, you can not only define the color, but also a transparent background or a background with a color gradient. Note Device-specific nature of the properties The fill style that is available depends on the object and the HMI device used. WinCC Advanced V14 System Manual, 10/2016 5043 Visualizing processes 12.1 Creating screens Requirement The object has been created and selected. Designing the background color of an object 1. In the Inspector window, select "Properties > Properties > Appearance". 2. Select a color for the background of the object, for example, yellow. The object is filled with the selected color. 5044 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Designing the fill pattern of an object 1. In the Inspector window, select "Properties > Properties > Appearance". 2. To define a transparent background for the object, select transparent. You can find information about designing a fill pattern with a color gradient in the section Defining color gradients (Page 5054). The object is shown as transparent. You can optionally set the fill pattern in the Inspector window under "Properties > Properties > Fill Pattern". See also Defining color gradients (Page 5054) Configuring ranges Introduction As of WinCC V14, you have the option of defining up to five value ranges for the "Gauge", "Bar" and "Slider" objects and configuring them centrally in a process tag. This means you can, for example, distinguish between different operating states with different colors. To display the ranges defined in the tag in the screen object, activate the option "Display ranges of tags" in the Inspector window under "Properties > Limits/Ranges". This setting is not available for display with inner scale, for example, the option "Layout with inner bar" must be cleared for the bar. WinCC Advanced V14 System Manual, 10/2016 5045 Visualizing processes 12.1 Creating screens You define the following five ranges: Limit/range Use Upper 2 Displays the high danger range. Upper 1 Displays the high warning range. Normal Displays the normal range. Lower 1 Displays the low warning range. Lower 2 Displays the low danger range. Limits/ranges You specify limits for numerical values to restrict the value range. This range is defined by a high limit and a low limit. You specify the use and color of ranges as well as the maximum and minimum values at the screen object. /LPLWV 0D[LPXP +LJK +LJK /RZ /RZ 0LQLPXP 5DQJHV +LJK +LJK 1RUPDO /RZ /RZ Additional information on limits is available under "Defining limits for a tag". Requirements You have created at least one tag. You have defined four ranges at the tag. You have created the screen object. Configuring ranges 1. Specify the tag that defines the ranges for the screen object under "Properties > General > Process tag". 2. If necessary, specify the values for maximum and minimum. 5046 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Select the option "Display ranges of tags" under "Properties > Limits/Ranges". 4. Specify which ranges are displayed in the object. 5. You can change the default colors for the ranges, if required. Result You have configured ranges in a screen object. The ranges are displayed in different configured colors in Runtime. WinCC Advanced V14 System Manual, 10/2016 5047 Visualizing processes 12.1 Creating screens Formatting text in an object Introduction Some objects, for example, the I/O field, support text within the object. You have several options to align text. Configuring the distance from the object border 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the value "5" for the left border, for example. The text is aligned five pixels from the left border of the object. Aligning the text position 1. In the Inspector window, select "Properties > Properties > Text format". 2. Select the horizontal alignment, for example, centered. 3. Select the vertical alignment, for example, top. The text is shown at the top center in the object. Defining the text orientation 1. In the Inspector window, select "Properties > Properties > Text format". 2. Select the orientation of the text, for example, vertical, right. The text flow is shown from bottom to top. Formatting graphics in an object Introduction WinCC lets you insert graphics into some objects and format them. You can change the size, orientation and distances of a graphic to the object border. You change the properties of the graphic in the Inspector window of the relevant object. Requirement The selected object is in graphic mode. The selected object contains at least one graphic. Resizing a graphic 1. In the Inspector window, select "Properties > Properties > Layout". 2. Select "No stretching of picture" or "Stretch picture". The contained graphic is displayed in its original size or stretched to the size of the object. 5048 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note To adjust the object size to the contained graphic, select "Fit object to contents". Aligning a graphic horizontally and vertically 1. In the Inspector window, select "Properties > Properties > Layout". 2. To determine the horizontal position of the graphic, select "Right", for example. 3. To determine the vertical position of the graphic, select "Top", for example. The graphic is then shown at the top right of the object. Defining the distance from the object border 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the value for the distance to the object border, for example, "20" for the top border. The graphic is shown with a distance of 20 pixels to the top border of the object. Icon Description Sets the distance from the left border of the object. Sets the distance from the right border of the object. Sets the distance from the top border of the object. Sets the distance from the bottom border of the object. WinCC Advanced V14 System Manual, 10/2016 5049 Visualizing processes 12.1 Creating screens Connecting tags and text lists in the text (RT Advanced) Introduction Comfort Panels and WinCC Runtime Advanced give you the option to add output fields for tags or entries to a text list for the following objects: Symbolic I/O field Text field Note The symbolic I/O field supports the connection of tags and text list entries in the "Two states" mode. Requirement The object has been created and selected Connecting tags in a text field 1. Open "Properties > Properties > General" in the inspector window. 2. Open the shortcut menu of the input field. 3. Select the command "Insert parameter field ...". A dialog opens. 4. Select the tag and the format in which you want to display the tag. 5. Confirm your entries. 5050 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens The name of the connected tag is displayed in the text field of the object. Connecting the text list 1. Open "Properties > Properties > General" in the inspector window. 2. Open the shortcut menu of the input field. 3. Select the command "Insert text list field ...". A dialog opens. 4. Select the text list from which a text entry is displayed. 5. Confirm your entries. The reference to the text list entry is displayed in the text field of the object. Note The number of references to text list entries that in turn include references to text list entries or tags is limited to three layers. Designing a border Introduction WinCC offers various properties for designing display and operating objects. The I/O field example below shows the possible settings for designing borders. You change the appearance in the Inspector window of the relevant object. Designing a border 1. Open "Properties > Properties > Appearance". 2. Select the width of the border, e.g. "5". 3. Select the style of the border, e.g. double line. 4. Select the foreground color. 5. Select the background color. WinCC Advanced V14 System Manual, 10/2016 5051 Visualizing processes 12.1 Creating screens &RORU )RUHJURXQGFRORU %DFNJURXQGFRORU :LGWK &RUQHUUDGLXV Figure 12-1 "Double line" border style Border style The figure below shows a border in "3D style". The figure below shows a border in "Solid" style. Note Device-specific nature of the properties The border style that is available depends on the object and the HMI device used. 5052 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Designing table-based objects Introduction WinCC offers various properties for designing display and operating objects. You change the properties of table-based objects in the Inspector window of the relevant object. Designing colors Select the colors for font, selections and areas under "Properties > Properties > Appearance". 7DEOHKHDGHU )RUHJURXQGFRORU $OWHUQDWLYHFRORU Figure 12-2 Selecting table properties Designing the border of the table header 1. In the Inspector window, open "Properties > Properties > Table header border". 2. Select "Solid", for example, as the style. 3. Select 5, for example, as the "Width". 4. Select red, for example, as a foreground color. The border of the table header is shown with a red border and width of 5 pixels. With "Solid" border style, only the foreground color is visible. Colors and color gradient in the table header 1. Select the table-based object in the screen. 2. In the Inspector window, open "Properties > Properties > Table header fill pattern". 3. Select the fill pattern, for example "Horizontal gradient". 4. Select a background color, for example, blue, under "Gradient". 5. Activate "Gradient 1". 6. Select a color for "Gradient 1", for example, white. 7. Select a "Width" for the color gradient, for example, 12. 8. Activate Gradient 2. 9. Select a color for Gradient 2, for example, yellow. 10.Select a "Width" for the color gradient, for example, 10 WinCC Advanced V14 System Manual, 10/2016 5053 Visualizing processes 12.1 Creating screens The table header is displayed with a color gradient. Defining color gradients Introduction For the objects in WinCC, color gradients can be specified as background for various surfaces. Change the category in the Inspector window, depending on which surface you fill with a color gradient. The procedure remains the same. The following section describes how to configure the color gradient of buttons. Horizontal color gradient with two colors 1. Select an object with buttons, for example, a button. 2. In the Inspector window, select "Properties > Properties > Fill Pattern". 3. Select "Fill Pattern > Horizontal gradient". 4. Select a background color for the vertical color gradient, for example, orange. 5. Activate "Gradient 1". 6. Select a "Color" for Gradient 1, for example, red. 7. Select a "Width" for Gradient 1, for example, "10". The background of the button is displayed in orange. For the horizontal color gradient, Gradient 1 is shown from the left border. Gradient 1 is 10 pixels wide. Vertical color gradient with three colors 1. Select a button in the screen. 2. In the Inspector window, select "Properties > Properties > Fill Pattern". 3. Select the "Vertical gradient" background. 4. Select a background color under "Gradient", for example, orange. 5. Activate "Gradient 1". 6. Select a color for "Gradient 1", for example, red. 7. Select a "Width" for the color gradient, for example, 8. 8. Activate Gradient 2. 5054 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 9. Select a color for Gradient 2, for example, yellow. 10.Select a "Width" for the color gradient, for example, 10. Color Gradient 1 Background color Color Gradient 2 For the vertical color gradient, Gradient 1 is shown from top to bottom. Gradient 1 is 8 pixels wide. The background of the button is displayed in orange. Gradient 2 is shown at the bottom border. Gradient 2 is 10 pixels wide. Specifying scroll bars You can use the scroll bars for navigation in the table-based objects: Use the scroll arrows to scroll line by line either up or down or from left to right in the view. Use the scroll box in the scroll bar to scroll slowly to the required position in an object. Click on the scroll box to navigate quickly in the object through a large volume of data. Note On HMI devices with keys, you can move the scroll bar with arrow keys. In pop-up screens, use <ALT>+<arrow key> to scroll. In WinCC version V14 and higher, you can configure different colors for the scroll bars. Scrolling in controls Two scroll display options are available under "Runtime settings > Screens > Scrolling in controls": Scroll bar with scroll arrows for devices with device version V14 or higher The scroll bar is displayed in the screen object with scroll arrows and scroll box. Scroll indicator A scroll indicator is shown in the screen object In the Engineering System, you can see the scroll preview in all controls with the exception of HTML browser, PDF display and NC partial program display. Note The display of scroll indicators is not supported in the PLC code display or in the pop-up screens. WinCC Advanced V14 System Manual, 10/2016 5055 Visualizing processes 12.1 Creating screens Showing all data The scroll bars are used to display content in limited space on the screen. Please remember in configuration that the scroll bars themselves take up space in the control. The width and height of the scroll bars vary depending on the screen resolution. If you configure a control to display just a few lines, the scroll bars may cover the content in runtime. To avoid hiding the data, take account of the scroll bars in configuration. Note When configuring the user display, avoid the setting "Fit object to contents". This setting calculates the object size in runtime automatically and cannot be changed. Configuring scroll bar colors You can configure the color of the scroll bar in conjunction with other colors for certain objects. The scroll bar arrows and scroll box are shown in the text color of the table The scroll bar background color is the alternative color of the table Note In the objects graphic I/O field, HTML browser, PDF display and file browser, the scroll bar colors cannot be changed. 5056 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Example This example shows the configuration of scroll bar colors for an alarm view. 1. Open "Properties > Properties > Appearance". 2. Select a color for the table foreground, for example "blue" for the scroll arrows and the scroll box in the scroll bar. 3. Select the alternative color, for example "yellow" for the even rows in the table and the background of the scroll bar. The scroll bar is displayed in the configured colors. Using predefined styles Introduction You can assign predefined styles to objects and faceplates in Runtime. You can change the background color of the display and operating elements using predefined styles. In this way, you harmonize the display in Runtime. WinCC Advanced V14 System Manual, 10/2016 5057 Visualizing processes 12.1 Creating screens Requirement The "Tools" task card is open. Setting predefined styles 1. Select the object that you want to insert in the "Toolbox" task card. 2. Select one of the following options in the "Toolbox" task card: - "Classic default values" to use the default style - "Dark default values" to use the dark color scheme - "Light default values" to use the light color scheme - "Use device style/design" to use the settings from the current device design 3. Insert the required object in the work area. The object is displayed in the selected style. 4. The objects are created in the selected style as long as the style remains activated in the toolbar. To return to the default style, select the "Default" option in the toolbar. See also Working with styles and style sheets (Page 5006) Inserting multiple objects of the same type (stamping) Introduction WinCC offers the possibility to "stamp" several objects of the same type directly one after the other, i.e. paste without having to reselect the object every time. In addition you have the possibility of multiplying an object that has already been inserted. Requirement The "Tools" task card is open. 5058 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Inserting several objects of one type 1. Select the object that you want to insert in the "Tools" task card. 2. Click the icon in the toolbar of the "Tools" task card. The "Stamp" function is activated. 3. To insert the object with its standard size, click the relevant insertion position in the work area. To insert the object with another size, position the mouse pointer at the desired location in the work area. Press the left mouse button and drag the object to the required size. The object is inserted in the work area as soon as you release the mouse button. 4. Repeat step 3 to insert further objects of the same type. 5. Click the icon again. The "Stamp" function is deactivated. Note You can copy existing objects using the drag-and-drop +<CTRL> function. The existing object is not moved in this case. You paste a copy of this object into the new position instead. Inserting and multiplying an object 1. Insert the desired object from the "Tools" task card. 2. Press the <Ctrl> key and position the cursor on one of the handles displayed in the figure shown below. 0XOWLSOLFDWLRQ LQKRUL]RQWDO GLUHFWLRQ 0XOWLSOLFDWLRQ LQYHUWLFDO GLUHFWLRQ 0XOWLSOLFDWLRQ LQYHUWLFDODQG KRUL]RQWDO GLUHFWLRQ 3. Drag the handles to the right and/or down while keeping the left mouse button pressed. 4. The object is multiplied depending on available space if you keep moving the cursor. WinCC Advanced V14 System Manual, 10/2016 5059 Visualizing processes 12.1 Creating screens Result You have pasted and stamped an object in a screen. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Selecting multiple objects Introduction Select all objects you want to align with each other or to change global properties. This procedure is called "multiple selection." The Inspector window shows all the properties of the selected objects. You now have several options of selecting multiple objects: Draw a selection frame around the objects. Hold down the <Shift> key, and click the required objects. Selection frame of a multiple selection The selection frame surrounds all objects of a multiple selection. The selection frame is comparable with the rectangle that surrounds an individual object. The selection frame is not visible. When you have made your multiple selection, the following frame is displayed: The reference object is indicated by the rectangle around it. The other selected objects are indicated by a dashed-line frame. Specifying a reference object The reference object is the object upon which the other objects are oriented. The reference object is framed by a rectangle with handles. The following figure shows a reference object with two other selected objects: 5060 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens You have the following options to specify the reference object: Select the objects via multiple selection. The object selected first is then the reference object. Draw a selection frame around the objects. The reference object compiled automatically. If you wish to specify a different object within the selection as the reference object, click on the desired object. This action does not cancel your multiple selection. Requirement You have opened the work area containing at least two objects. Selecting multiple objects with a selection frame 1. Position the mouse pointer in the work area close to one of the objects to be selected. 2. Hold down the mouse button, and draw a selection frame around the objects to be selected. Or: 1. Hold down the <Shift> key. 2. Click the relevant objects, working in succession. All the selected objects are identified by frames. The object selected first is identified as reference object. Note To remove an object from the multiple selection, press <SHIFT>, hold it down and then click the relevant object once again. Result Multiple objects are selected. One of those is identified as the reference object. You can now perform the following steps: Changing the object properties of all the objects Resizing all the objects by the same ratio, by dragging the selection frame to increase or reduce the size Moving all the objects in one group Aligning the objects to the reference object See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) WinCC Advanced V14 System Manual, 10/2016 5061 Visualizing processes 12.1 Creating screens Repositioning and resizing multiple objects Possible modifications After you have selected multiple objects, you edit them: Shift using the mouse - To change the absolute position of the marked objects, position the mouse pointer over an object, and shift the multiple selection with the mouse button pressed. - To resize all the objects by the same ratio, grab the resizing handles of the reference object. Move over the work area with the icons of the toolbar - Change the position of the marked objects with respect to each other - Align the height and width of the marked objects Moving with the shortcut menu commands of the work area - Change the position of the marked objects with respect to each other - Align the height and width of the marked objects See also Overview of objects (Page 5025) Designing an object (Page 5042) Managing own controls (RT Advanced, RT Professional) Introduction You can use your own controls in the WinCC editions "WinCC Advanced" and "WinCC Professional". Add standardized or user-defined controls in the "Toolbox > My Controls" task card. All the ActiveX controls registered in the operating system and the .Net controls on your system are available for use in WinCC. ActiveX controls ActiveX controls are operator controls from any providers, which can be used by other programs over a defined OLE-based interface. .Net controls .Net controls are operator controls from any providers based on the Microsoft .Net Framework. Custom .Net controls .Net controls are operator controls from any providers based on the Microsoft .Net Framework. When you intend to run external controls in your WinCC project, you need to verify that these run on the HMI device you are configuring. If you are using controls from third parties, you 5062 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens must first of all add these to the "My controls" palette before you copy the project to different PCs. Note Only the simple .Net controls are supported by the TIA Portal. XAML controls, for example, WPF (Windows Presentation Foundation) controls, are not supported in the TIA Portal. If you use any controls that are not included in the product package (for example, from third parties), errors may occur, for example, reduced performance or system crashes. The user of such control software is alone responsible for any problems caused by its use. We therefore advise you to closely examine such elements prior to their use. Requirements The required ActiveX control is installed in the PC's operating system. The desired .Net control is available on the PC in an assembly. A screen is open. The "Toolbox" task card is open. WinCC Advanced V14 System Manual, 10/2016 5063 Visualizing processes 12.1 Creating screens Adding a new control to the "My controls" group 1. Open "Toolbox > My controls" in the "Toolbox" task card. 2. Select "Select objects" from the shortcut menu. A dialog opens. This contains all the controls available on the system. Controls that already exist in the "Toolbox" task card are identified by a check mark. 3. Select the desired tab, e.g. ActiveX controls. 4. Activate the required control. 5. Confirm your selection with "OK". Inserting a custom .Net control in the "My controls" group 1. Select the "Custom .Net controls" tab. The list is empty the first time you select the tab. 2. Click the "..." button. 5064 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Select the folder in which the assembly is contained. 4. Select a file. 5. Click "Open." All the available controls are displayed in the "Custom .Net controls" tab. 6. Activate the required .Net control. 7. Confirm your selection with "OK". Note .Net controls in Runtime Advanced If you have incorporated a .Net control in your project as "Custom .Net control", you have to copy the files belonging to these controls to the installation directory of WinCC Runtime, e.g. "C:\ProgramFiles\Siemens\Automation\WinCC RT Advanced". Otherwise, the control cannot be loaded in Runtime. Result The control now appears in the "Toolbox > My controls" task card and can be configured in a screen. Removing a control from the "My controls" group 1. Select "Delete" from the shortcut menu for the control concerned. The control is removed from the "My controls" group. Synchronization of the ActiveX controls Changes to properties of ActiveX controls are only saved if the control synchronizes the OCXState property correctly in the case of changes. For controls such as "Microsoft Date and Time Picker Control" that do not synchronize the OCXState property correctly, the changes are discarded after the screen is closed, during compilation or after the migration. See also Designing an object (Page 5042) External graphics Introduction You can use graphics created with an external graphic program in WinCC. To use these graphics you store them in the graphic browser of the WinCC project. WinCC Advanced V14 System Manual, 10/2016 5065 Visualizing processes 12.1 Creating screens You can save graphics in the graphic browser: When you drag-and-drop graphics objects from the "Graphics" pane into the work area, these are stored automatically in the graphic browser. The graphic names are numbered in the order of their creation, for example, "Graphic_1." Use the <F2> function key to rename the graphic. As a graphic file with the following formats: *.bmp, *.ico, *.emf, *.wmf, *.gif, *.tif, *.png, *.jpeg or *.jpg As an OLE object that is embedded in WinCC and is linked to an external graphic editor. In the case of an OLE link, you open the external graphic editor from WinCC. The linked object is edited using the graphic editor. An OLE link only works if the external graphic editor is installed on your PC, and supports OLE. Use of graphics from the graphic browser Graphics from the graphic browser are used in your screens: In a Graphic view In a graphics list As labeling for a button/function key Transparent graphics In WinCC you also use graphics with a transparent background. When a graphic with a transparent background is inserted into a graphic object of WinCC, the transparency is replaced by the background color specified for the graphic object. The selected background color is linked firmly with the graphic. If you use the graphic in another graphic object of WinCC, this object is displayed with the same background color as the graphic object that was configured first. If you want to use the graphic with different background colors, include this graphic in the graphic browser again under a different name. The additional background color is configured when the graphic is used at the corresponding graphic object of WinCC. Managing graphics An extensive collection of graphics, icons and symbols is installed with WinCC, for example: In the Toolbox window of the "Graphic" pane the graphic objects are structured by topic in the "WinCC graphics folder." The link to the WinCC graphics folder cannot be removed, edited or renamed. The "Graphics" pane is also used to manage the external graphics. The following possibilities are available: Creating links to graphics folders The external graphic objects in this folder, and in the subfolders, are displayed in the toolbox and are thus integrated in the project. Editing folder links You open the program required for editing of the external graphic in WinCC. 5066 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Managing external graphics Introduction External graphics that you want to use in WinCC are managed in the "Screens" editor by using the "Tools" task card in the "Graphics" pane. Requirement The "Screens" editor is open. The "Tools" task card is open. The graphics are available. The graphics have the following formats: *.bmp, *.ico, *.emf, *.wmf, *.gif, *.tif, *.jpeg or *.jpg Creating a folder link 1. Click "My graphics folder." 2. Select "Link" in the shortcut menu. The "Create link to folder" dialog is opened. The dialog suggests a name for the folder link. 3. Edit the name as required. Select the path containing the graphic objects. 4. Click "OK" to confirm your input. The new folder link is added to the "Graphics" object group. The external graphics that are located in the target folder and in sub-folders are displayed in the toolbox. Editing folder links 1. Select the folder link to edit. 2. Select the "Edit link..." command from the shortcut menu. The "Create link to folder" dialog is opened. 3. Edit the name and path of the folder link as required. 4. Click "OK" to confirm your input. WinCC Advanced V14 System Manual, 10/2016 5067 Visualizing processes 12.1 Creating screens Renaming the folder link 1. Select the folder link to rename. 2. Select "Rename" from the shortcut menu. 3. Assign a name to the new folder link. Removing a folder link 1. Select the folder link you want to delete. 2. Select "Remove" in the shortcut menu. Edit external graphics 1. Select the graphic you want to edit. 2. Select the "Edit graphic" command from the shortcut menu. This opens the screen editor associated with the graphic object file. Editing graphics folders from WinCC 1. Select the graphic you want to edit. 2. Select the "Open parent folder" command from the shortcut menu. The Windows Explorer opens. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) Storing an external image in the graphics library Introduction To display graphics that have been created in an external graphics program in your screens, you will first have to store these graphics in the graphics browser of the WinCC project. Requirement A screen has been created. A Graphic View is inserted in the screen. The Inspector window of the Graphic view is open. To store an external graphic in the image browser: A graphic is available. 5068 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens To store an OLE object in the browser: An OLE-compatible graphics program is installed on your configuration computer. Save graphics file 1. Open the Windows Explorer. 2. Select the graphic that you want to store. 3. Drag-and-drop the graphic into the graphic browser. Creating and saving a new graphic as an OLE object 1. Select the Graphic view on your screen. 2. In the Inspector window, select "Properties > Properties > General": 3. Open the graphic selection list. 4. Click . 5. The "Insert object" dialog box opens. Note In addition, the dialog "External application running..." will open. The dialog will not close until you exit the external application. 6. From the "Insert object" dialog box, select "New" and an object type. The settings in "Settings > "OLE settings" determine which object types are shown. 7. Click "OK." The associated graphic program is opened. When you are finished creating graphics, end the graphic programming software with "File > Close" or "File > Close & return to WinCC." The graphic will be stored in the graphic programming software standard format and added to the graphic browser. Inserting created graphics in WinCC Note A new graphic object created as OLE object may not be directly accepted in WinCC when you save it to an external graphics program. 1. Reopen the dialog for inserting a graphic. 2. From the "Insert object" dialog box, select "Create from file." 3. Click the "Browse" button. 4. Navigate to the created graphic and select it. WinCC Advanced V14 System Manual, 10/2016 5069 Visualizing processes 12.1 Creating screens Saving an existing graphic object as an OLE object 1. In the Inspector window, select "Properties > Properties > General": 2. Open the graphic selection list. 3. Click . 4. The "Insert object" dialog box opens. Note In addition, the dialog "External application running..." will open. The dialog will not close until you exit the external application. 5. From the "Insert object" dialog box, select "Create from file." 6. Click the "Browse" button. 7. Use the dialog to help you navigate to the folder in which the graphic file is saved. Note To import graphics files, note the following size restrictions: *.bmp, *.tif, *.emf, *.wmf 4 MB *.jpg, *.jpeg, *.ico, *.gif "*1 MB Result The image file is now stored in your image browser. It is shown in a screen with a Graphic view , or is added as a list element in an image list. You can double-click OLE objects in your library to open them for editing in the corresponding graphic editor. When you have finished editing graphics, end the graphic programming software with "File > Close" or "File > Close & return to WinCC." The changes are applied to WinCC. See also Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Designing an object (Page 5042) 5070 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 12.1.2.2 Working with object groups Basics on groups Introduction Groups are several objects that are grouped together with the "Group" function. You edit a group in the same way as any other object. Overview WinCC offers the following methods for editing multiple objects: Multiple selection Grouping objects Editing mode To edit an individual object in a group, select the object in the "Layout > Layers" task card. Alternatively select "Group > Edit group" in the object group's shortcut menu. Hierarchical groups You add further objects or groups to extend a group. The group is enlarged by the new objects and is structured hierarchically in main and sub-groups. Such hierarchical groups must be broken up in stages. You also break up the group in the same order in which you grouped the objects or groups. It takes exactly the same number of steps to break up these hierarchical groups as it did to create them. Rectangle surrounding the object Only one surrounding rectangle is now displayed for the whole group. The surrounding rectangles of all objects are displayed for a multiple selection on the other hand. Layers All objects of a group are located in the same layer. Properties of a group A group has its own properties, such as authorization. If you set a property at a group, all objects of the group inherit this setting. If the same property is configured differently at an object in the group, the value of the property at the object and not the value in the group applies in Runtime. WinCC Advanced V14 System Manual, 10/2016 5071 Visualizing processes 12.1 Creating screens See also Grouping objects (Page 5072) Ungroup (Page 5073) Adding objects to a group (Page 5074) Removing objects from the group (Page 5075) Editing an object in a group (Page 5076) Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Grouping objects Introduction The "Group" command combines multiple objects to form a group. You can change the size and position of the group. The following rules apply: The system automatically adapts the position coordinates of the grouped objects when you reposition the group. The relative position of the grouped objects to the group is not affected. The system automatically adapts the height and width of the grouped objects in proportion to a change of the group size. To change the size of the group proportionately, hold down the <Shift> key and drag the rectangle around the object until has the required size. Note To create a hierarchical group, organize the individual groups like objects. Requirement You have opened a screen which contains at least two objects. Creating object groups 1. Select all the objects you want to organize in a group. 2. Select the command "Group > Group" from the shortcut menu. The objects of the group are displayed with a rectangle around the objects. Grouping objects within a group 1. Select the group you want to edit. 2. Select the command "Group > Edit group" from the shortcut menu. The group that you are editing is highlighted by a red frame. 5072 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Select the objects of a group that you want to combine into a subgroup. 4. Select the command "Group > Group" from the shortcut menu. A subgroup with the objects is created. Adding objects into an existing group 1. Select the group to which you want to add objects. 2. Press the <Shift> key and select the object you want to add to the group. 3. Select the "Group > Add to group" command from the shortcut menu. The object is added to this group. Alternative procedure You can also edit groups in the "Layout" task card. Using drag-and-drop you can also easily edit nested groups in the "Layers" pane. Result The selected objects are combined in a group. The multiple selection rectangle becomes the rectangle surroundings the objects in the group. The handles are shown only for the group. The group in in the active layer. See also Basics on groups (Page 5071) Example: Configuring a rectangle (Page 5081) Ungroup Introduction Select the "Ungroup" command to split a group into the original object fractions. Requirement You have opened a screen that contains a group. Ungroup 1. Select the group. 2. Select the "Group > Ungroup" command from the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 5073 Visualizing processes 12.1 Creating screens Ungrouping a group within a group 1. Select the higher-level group. 2. Select the command "Group > Edit group" from the shortcut menu. The group that you are editing is highlighted by a red frame. 3. Select the lower-level group. 4. Select the "Group > Ungroup" command from the shortcut menu. Result The lower-level group is ungrouped. The objects are assigned to the next higher group. Alternative procedure You can also edit groups in the "Layout" task card. Using drag-and-drop you can also easily edit nested groups in the "Layers" pane. See also Basics on groups (Page 5071) Example: Configuring a rectangle (Page 5081) Adding objects to a group Introduction The "Add objects to group" command is used to add objects to a group, without ungrouping it first. Requirements A screen with one group and at least one other object is opened. Procedure 1. Select the group. 2. Press the <Shift> key and select the object you want to add to the group. 3. Select the "Group > Add to group" command from the shortcut menu. Result The group consists of the original objects, and the newly-added objects. The added objects are arranged at the front of the group. 5074 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Alternative procedure You can also edit groups in the "Layout" task card. Using drag&drop you can also easily edit hierarchical groups in the "Layers" palette. See also Basics on groups (Page 5071) Example: Configuring a rectangle (Page 5081) Removing objects from the group Introduction You use the "Remove objects from group" command to remove individual objects from a group, without ungrouping it first. You do not have to remove the object from the group to edit an object in a group. You can edit the objects of a group individually. Requirement You have opened a screen that contains a group. Removing objects from a group To remove an object from a group: 1. Select the group. 2. Select the command "Group > Edit group" from the shortcut menu. The group you want to edit is highlighted by a red frame. 3. Select all objects in the group that you want to remove from the group. 4. Select the "Group > Remove from group" command from the shortcut menu. The objects are removed from the group. Note If there are only two objects in the group, the menu command "Remove from group" is not available. WinCC Advanced V14 System Manual, 10/2016 5075 Visualizing processes 12.1 Creating screens Deleting objects from a group To remove an object from the group, and from the screen: 1. Select the group. 2. Select the command "Group > Edit group" from the shortcut menu. The group you want to edit is highlighted by a red frame. 3. Select the objects in the group that you want to delete. 4. Select "Delete" from the shortcut menu. Note If there are only two objects in the group, the menu command "Delete" is not available. Alternative procedure You can also edit groups in the "Layout" task card. Using drag-and-drop you can also easily edit nested groups in the "Layers" pane. See also Basics on groups (Page 5071) Example: Configuring a rectangle (Page 5081) Editing an object in a group Introduction You can edit the objects of a group individually. Requirement You have opened a screen that contains a group. 5076 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Editing grouped objects 1. Select the group. The properties of the group are displayed in the Inspector window. 2. Change the position and size of the grouped objects in "Properties > Properties >Layout." 3. Change the name of the group in "Properties > Properties > Miscellaneous." Modifying the properties of an object within a group 1. Select the group. 2. Select the object whose properties you want to change in the Inspector window. The properties of the object are displayed. 3. Change the object properties. Note The dynamization of properties for all objects of the group which have these properties is not possible in a group. You can only dynamize the properties of the objects associated with a group for each object itself. WinCC Advanced V14 System Manual, 10/2016 5077 Visualizing processes 12.1 Creating screens Result Although you have edited the object, it is still an element of the group. These changes do not affect the other objects of the group. See also Basics on groups (Page 5071) Example: Configuring a rectangle (Page 5081) 12.1.2.3 Configuring the keyboard access Overview of keyboard access (Basic Panels, Panels, RT Advanced) Introduction For keyboard units without a mouse, the operator activates control objects using the <Tab> key. You can set up keyboard input to make the process easier to run, and to make sure that the operator enters all the necessary values. If you are using the keyboard, use the <Tab> key to activate the objects in a certain order, and to enter the necessary values. For HMI devices without key, you can simulate the <Tab> key by configuring the "SimulateSystemKey" system function to a function key. Operator authorizations and operator control enables If you configure an object for operator input with the <Tab> key, the object must have both an operator authorization, and an operator control enable. Editing the tab sequence The tab sequence is determined automatically when the control objects are created. The numbers of the tab sequence are assigned in the sequence in which the libraries are created. It makes sense to change the tab sequence in the following cases: The operator changes directly to a specific control object. The screen requires a specific sequence Change to the tab sequence mode to change the tab sequence. In this mode, the tab sequence number is displayed at the top left of the control objects. The tab sequence numbers of hidden objects are also shown. The distribution of these numbers is edited using the mouse. Note Other functions are not available in the tab sequence mode. 5078 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Setting the tab sequence order (Page 5080) Defining the operator authorization and operator control enable for an object (Page 5079) Overview of objects (Page 5025) Example: Configuring a rectangle (Page 5081) Defining the operator authorization and operator control enable for an object Introduction If you configure an object for operator input with the <Tab> key, the object must have both an operator authorization, and an operator control enable. Requirement You have opened a screen which contains at least one object. Procedure 1. Select the object. 2. Select "Properties > Properties > Security" in the Inspector window. 3. Select the operator authorization under "Authorization." 4. Activate the authorization to operate. Result The operator can use the <Tab> key in Runtime to select the object. See also Overview of keyboard access (Page 5078) Example: Configuring a rectangle (Page 5081) WinCC Advanced V14 System Manual, 10/2016 5079 Visualizing processes 12.1 Creating screens Setting the tab sequence order Introduction All operable objects can be reached in runtime with the <Tab> key. You use the "Tab sequence" command to define the order in which the operator can activate objects in runtime. Note You cannot reach objects with the "Output" or "Two states" mode in runtime with the <Tab> key. You can operate the screen in runtime: Using the <Tab> key Using the mouse Using a configured hotkey Requirement The active screen contains operable objects. No object is selected. The objects have been enabled for use in runtime, and have operator authorization. Procedure 1. Select "Edit tab sequence" in the "Edit" menu. Tab sequence mode is activated. The tab sequence number is displayed for all objects that can be used. The tab sequence number is also displayed for hidden objects. 2. Use edit the tab sequence mode, click the accessible objects in the order in which you want them to be activated using <Tab> in runtime. The following figure shows how the tab sequence is defined in the screen. In runtime, the <Tab> key first activates the alarm view (number 1), then the I/O field (number 2), and then the button (number 3): 5080 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. To exclude a screen object from the tab sequence, press the key combination <Shift+Ctrl> and click on the desired object. The tab sequence number is no longer displayed in the screen object. The screen object is now excluded from the tab sequence. The remaining tab sequence numbers are automatically decreased by 1. 4. To reenter an excluded screen object in the tab sequence, repeat step 3. The screen object entered as the first object in the tab sequence. Result The operator selects the objects in the specified order in Runtime with the <Tab> key. Note Changes after upgrades to a new software version If you have configured a tab sequence in screens with faceplates in an older WinCC version, you should check the tab sequence of these screens after an upgrade to a newer WinCC version. The tab sequence may have been changed in both the screen and the faceplate. See also Overview of keyboard access (Page 5078) Example: Configuring a rectangle (Page 5081) 12.1.2.4 Examples Example: Configuring a rectangle Task In this example you configure a rectangle: Color = red Black frame 2 pixels wide Position = (20, 20) Size = (100,100) Changing the color of the rectangle To change the color of the rectangle: 1. Select the rectangle. 2. Define the background color in "Properties > Properties > Appearance > Background > Color" in the Inspector window. 3. Select "Solid" as the fill pattern. WinCC Advanced V14 System Manual, 10/2016 5081 Visualizing processes 12.1 Creating screens 4. Define the color for the border in "Properties > Properties > Appearance > Border > Color" in the Inspector window. 5. Enter the value "2" for "width". 6. Select "Solid" as the "Style". Interim result The rectangle is red and has a black frame with a width of two pixels. Repositioning and resizing the rectangle To change the position and size of the rectangle: 1. Select the rectangle. 2. In the Inspector window, select "Properties > Properties > Layout". 3. Set "20" for the both the X and Y coordinates under "Position & Size". 4. Set "100" for the height and for the width. Result The rectangle is positioned at the coordinates (20, 20), and has a width and height of 100 pixels. 5082 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Example: Inserting and configuring a rectangle (Page 5083) Example: Inserting a rectangle (Page 5083) Overview of objects (Page 5025) Example: Inserting a rectangle Task In this example, you insert and rename a rectangle. Do not use the special characters ?, ", /, \, *, <, > for the name. Requirement A screen is open. The Inspector window is open. The "Tools" task card is open. Procedure 1. Click the "Basic objects" palette in the "Tools" task card. 2. Drag the "Rectangle" object into the screen. 3. In the Inspector window, select "Properties > Properties > Miscellaneous". 4. Type in the new name "MyRectangle". Result The rectangle is now inserted and named "MyRectangle". The rectangle has the default properties of the "rectangle" object. See also Example: Configuring a rectangle (Page 5081) Example: Inserting and configuring a rectangle Task In this example, you insert a rectangle in a screen. You can configure the following properties: Name = "MyRectangle" Position = (20, 20) Size = (100,100) WinCC Advanced V14 System Manual, 10/2016 5083 Visualizing processes 12.1 Creating screens Color = red Black frame 2 pixels wide Principle The rectangle is a closed object which can be filled with a color or pattern. The height and width of a rectangle can be adjusted to allow its horizontal and vertical alignment. Overview Carry out the following steps in order to create a rectangle: Inserting a rectangle Configuring a rectangle See also Example: Configuring a rectangle (Page 5081) 12.1.3 Working with text lists and graphics lists 12.1.3.1 Working with text lists Basics on text lists Introduction Texts are assigned to the values of a tag in a text list. Assign the text list to a symbolic I/O field for example in the configuration. This supplies the text to be displayed to the object. The text lists are created in the ""Text List" editor. You configure the interface between the text list and a tag at the object that uses the text list. The selection of objects that can have a text list assigned depends on the Runtime. 5084 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Application The text list is used, for example, to display a drop-down list in a symbolic I/O field. If the symbolic I/O field is a display field, the associated texts will differ according to the value of the configured tags. If the symbolic I/O field is an input field, the configured tag assumes the associated value when the operator selects the corresponding text in Runtime. Note Display of tag values without text The display of tag values to which no text has been assigned depends on the Runtime: The display and operating element remains empty. Three asterisks *** are displayed. Ranges for the text list Three types are available for the text lists: Value/Range This setting assigns text entries from the text list to integer values or value ranges of a tag. You can select the number of text entries as needed. The maximum number of entries depends on the HMI device you are using. You specify a default value which is shown if the value of the tag lies outside the defined range. Bit (0, 1) This setting assigns text entries from the text list to two states of a binary tag. You can create a text entry for each state of the binary tag. Bit number (0 - 31) This setting assigns a text entry from the text list to each bit of a tag. The maximum number of text entries is 32. This form of text list can be used, for example, in a sequence control when processing a sequence in which only one bit of the used tag may be set. You influence the behavior of the bit number (0 - 31) with the set bit of the least significance and a default value. Multilingual texts You can configure multiple languages for the texts in a text list. The texts will then be displayed in the set language in Runtime. To this purpose you set the languages in the Project window under "Language support > Project languages." Configuration steps The following steps are necessary to display texts in a symbolic I/O field for example: 1. Creating the text list 2. Assignment of the texts to values or value ranges of a text list 3. Assignment of a text list in the display object, for example, to the symbolic I/O field WinCC Advanced V14 System Manual, 10/2016 5085 Visualizing processes 12.1 Creating screens See also Creating a text list (Page 5086) Assigning texts and values to an area text list (Page 5087) Assigning texts and values to a bit text list (Page 5089) Assigning texts and values to a bit number text list (Page 5090) Configuring objects with a text list (Page 5093) Screen basics (Page 4979) Creating a text list Introduction The text list allows you to assign specific texts to values and to output these in Runtime, for example in a symbolic I/O field. The type of symbolic I/O field can be specified, for example as a pure input field. The following types of list are available: Value/Range Bit Bit Number Procedure 1. Double-click "Text and graphics lists" in the project window. 2. Open the "Text lists" tab. 3. Click "Add" in the "Text lists" table. The Inspector window of the text list is open. 5086 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 4. Assign a name to the text list that indicates its function. 5. Select the text list type under "Selection": - Value/Range: Text from the text list is displayed when the tag has a value that lies within the specified range. - Bit (0,1): A text from the text list is displayed when the tag has the value 0. A different text from the text list is displayed when the tag has the value 1. - Bit number (0-31): Text from the text list is displayed when the tag has the value of the assigned bit number. 6. Enter a comment for the text list. Note You should not use semicolons in the texts in a text list in WinCC Runtime Professional. The semicolon is a control character and is automatically deleted from a text. Result A text list is created. See also Basics on text lists (Page 5084) Assigning texts and values to an area text list (Basic Panels, Panels, RT Advanced) Introduction For each area text list you specify which texts are displayed at which value range. Requirement The "Text and graphics list" editor is open. The "Text lists" tab is open. An area text list has been created and selected. WinCC Advanced V14 System Manual, 10/2016 5087 Visualizing processes 12.1 Creating screens Procedure 1. Click "Add" in the "Text list entries" table. The Inspector window for this list entry opens. 2. Select the setting "Range" in "Properties > Properties > General > Value" in the Inspector window. - Enter the value "1" for "Min" for example. - Enter the value "20" for "Max" for example. - For "Text", enter the text that is displayed in Runtime if the tag is within the specified value range. Note Use a maximum of 320 characters for the text. 3. Click "Add" in the "Text list entries" table. A second list entry is created. 4. Select the setting "Range" in "Properties > Properties > General > Value" in the Inspector window. - Enter the value "21" for "Min" for example. - Enter the value "40" for "Max" for example. - For "Text", enter the text that is displayed in Runtime when the tag is within the specified value range. 5. If required, activate the "default entry". The entered text is always displayed when the tag has an undefined value. Only one default entry is possible per list. Result An area text list is created. Texts have been assigned to the possible value ranges. 5088 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Basics on text lists (Page 5084) Notes for bit number text list (Page 5092) Assigning texts and values to a bit text list Introduction For each text list, you specify which text is displayed at which bit value. Requirement The "Text and graphics list" editor is open. The "Text lists" tab is open. A bit text list has been created and selected. Procedure 1. Click "Add" in the "Text list entries" table. The Inspector window for this list entry opens. 2. Select the setting "Single value" in "Properties > Properties > General > Value" in the Inspector window. - Enter "0" for "Value." - Enter the text which is displayed in Runtime under "Text" if the bit tag is set to "0". 3. Click "Add" in the "Text list entries" table. A second list entry is created. 4. Select the setting "Single value" in "Properties > Properties > General > Value" in the Inspector window. - Enter "1" under "Value." - Enter the text which is to be displayed in Runtime under "Text" if the bit tag is set to "1". WinCC Advanced V14 System Manual, 10/2016 5089 Visualizing processes 12.1 Creating screens Note Use a maximum of 320 characters for the text. Use a maximum of 255 characters and no semicolons for the text in WinCC Runtime Professional. Result A bit text list is created. Texts that appear in Runtime are assigned to the possible values "0" and "1". See also Basics on text lists (Page 5084) Assigning texts and values to a bit number text list Introduction For each bit number text list you specify which texts are displayed at which bit number. Requirement The "Text and graphics list" editor is open. The "Text lists" tab is open. A bit number text list has been created and selected. 5090 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click "Add" in the "Text list entries" table. The Inspector window for this list entry opens. 2. Select the setting "Single value" in "Properties > Properties > General > Value" in the Inspector window. - Enter "10", for example, for "Value". - Under "Text", enter the text that is displayed in Runtime when the tag has the value "10". 3. If required, activate the "default entry". The entered text is always displayed when the tag has an undefined value. Only one default entry is possible per list. 4. Create further list entries for additional bit numbers of the same text list. Note Use a maximum of 320 characters for the text. Use a maximum of 255 characters and no semicolons for the text in WinCC Runtime Professional. Note Bit selection for text lists The output of the text list depends on the "Bit selection for text and graphics lists" option in the Runtime settings. Use this option to specify that the bit selection for text lists should be used on your HMI device. When you enable the option, the text displayed is the one configured for the set bit with the least significance. When you disable this option, only the text that has been configured for the set bit is displayed . Result A bit number text list is created. Texts that appear in Runtime are assigned to the specified bit numbers. WinCC Advanced V14 System Manual, 10/2016 5091 Visualizing processes 12.1 Creating screens See also Basics on text lists (Page 5084) Notes for bit number text list Introduction The bit number (0 - 31) range assigns a text entry from the list to each bit of a tag. If the option "Bit selection for text and graphic lists" is disabled in the Runtime settings and no default value is set, the following standard behavior applies: If only 1 bit is configured of all set bits, the stored text is displayed for the configured bit. In the following example, only the set bit with significance "4" is configured. Text 2 is displayed. Significance 7 6 5 4 3 2 1 0 Set bits 0 0 1 1 0 1 0 0 Configured - Text 3 - Text 2 Text 1 - - - If no bit is set or when several configured bits are set, no text is displayed. Default value Define a default value to prevent an empty display. A configured default value is displayed in the following cases: The option "Bit selection for text and graphic lists" is disabled. No bit or several configured bits are set in the tag. The option "Bit selection for text and graphic lists" is enabled and no bit is set or a text is not configured for the set bit with the least significance. Displaying the default value 1. Enable the text for the default entry in the "Default" column of the "Text list entries" table. The value "Default entry" appears in the "Value" column of the text entry. 2. You can also select the "Default" option under "Properties > General" in the inspector window. Set bit with the least significance If no text is configured for the set bit with the least significance and if no default value is set, nothing is displayed. If a default value is configured, the default value is displayed. If no text is configured for the set bit with the least significance and if no default value is set, nothing is displayed. If a default value is configured, the default value is displayed. To only display the text for the set bit with the least significance, enable the "Bit selection for text and graphic lists" option in the "Runtime settings" editor. 5092 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens This setting is deselected by default to maintain downward compatibility. The setting is valid for all text lists of the HMI device. Multiline text list entries Use the <SHIFT>+<RETURN> shortcut to enter a line break in the text entry. Line breaks are represented by the "" paragraph mark. Multiline text list entries are only output in symbolic output fields as well as on buttons with multiple lines. In all other cases, multiline texts are displayed with the paragraph mark. Configuring objects with a text list (Basic Panels, Panels, RT Advanced) Introduction The output value and value application for text lists are specified in the display and operating object that displays the texts of the text list in Runtime. The properties of these objects are configured as required. Requirement A text list is created. You have created a tag. The "Screens" editor is open. A screen with a symbolic I/O field is open. The object is edited. WinCC Advanced V14 System Manual, 10/2016 5093 Visualizing processes 12.1 Creating screens Procedure 1. Select the text list which you want to have displayed in Runtime in "Properties > Properties > General > Text list" in the Inspection window. 2. Select the setting "Output" as the "Mode". Note Runtime dependency Different field types are available for a symbolic I/O field depending on the Runtime. 3. Select the tag the value of which determines the display in the symbolic I/O field as "Tag". Result The defined texts of the text list are displayed in the symbolic I/O field in Runtime when the tag has the specified value. See also Basics on text lists (Page 5084) 5094 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 12.1.3.2 Working with graphics lists Basic principles of graphics lists Introduction The possible values of a tag are assigned to specific graphics in a graphics list. During configuration, you can create a graphics list for a button or a graphic I/O field. This supplies the graphics to be displayed to the object. The graphics lists are created with the "Text and graphics list" editor. You configure the interface between the graphics list and a tag at the object that uses the graphics list. The availability of the graphics list is determined by the HMI device used. Application You can configure the graphics list for the following situations: Drop-down list with a graphic I/O field State-specific graphic for a button The graphics in a graphics list can be configured as multilingual. The graphics will then be displayed in the set language in Runtime. Graphic sources Graphics can be added to the graphics list from the following sources: By selecting from a graphic browser By selecting an existing file You can use the following file types: *.bmp, *.ico, *.emf, *.wmf, *.gif, *.tiff, *.png, *.jpeg and *.jpg. By creating a new file Function If the graphic I/O field is a display field, the associated graphics will differ according to the value of the configured tags. If the graphic I/O field is an input field, the configured tag assumes the associated value when the operator selects a graphic in Runtime. WinCC Advanced V14 System Manual, 10/2016 5095 Visualizing processes 12.1 Creating screens Ranges for the graphics list Three types are available for the graphics lists: Value/Range This setting assigns graphic entries from the graphics list to integer values or value ranges of a tag. You can select the number of graphic entries as needed. The maximum number of entries depends on the HMI device you are using. You specify a default value which is shown if the value of the tag lies outside the defined range. Bit (0, 1) This setting assigns graphic entries from the graphics list to two states of a binary tag. You can create a graphic entry for each state of the binary tag. Bit number (0 - 31) This setting assigns a graphic entry from the graphics list to each bit of a tag. The maximum number of graphic entries is 32. This form of graphics list can be used, for example, in a sequence control when processing a sequence in which only one bit of the used tag may be set. You influence the behavior of the bit number (0 - 31) with the set bit of the least significance and a default value. Configuration steps The following tasks are required to display graphics, for example, in a graphic I/O field: 1. Creating the graphics list 2. Assignment of the graphics to values or value ranges of a graphics list 3. Assignment of a graphics list in the display object, for example, the graphic I/O field See also Creating a graphics list (Page 5096) Assigning a graphic and values to an area graphics list (Page 5098) Assigning graphics and values to a bit graphics list (Page 5100) Assigning graphics and values to a bit number graphics list (Page 5101) Configuring objects with a graphics list (Page 5104) Screen basics (Page 4979) Creating a graphics list (Basic Panels, Panels, RT Advanced) Introduction The graphics list allows you to assign specific graphics to variable values and to output these in a graphic IO field in Runtime. You can specify the type of graphic I/O field, for example as a pure output field. 5096 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Double-click "Text and graphics lists" in the project window. 2. Open the "Graphics lists" tab. 3. Click "Add" in the "Graphics lists" table. The Inspector window of the graphics list will open up. 4. Assign a name to the graphics list that indicates its function. 5. Select the graphics list type "Bit number (0 - 31)" for example under "Select". 6. Enter a comment for the graphics list. Result A graphics list of the type "Range (0 - 31)" is created. WinCC Advanced V14 System Manual, 10/2016 5097 Visualizing processes 12.1 Creating screens See also Basic principles of graphics lists (Page 5095) Assigning a graphic and values to an area graphics list Introduction For each area graphics list you specify which graphics are displayed at which value range. Requirement The "Text and graphics list" editor is open. The "Graphics list" tab is open. An area graphics list has been created and selected. 5098 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click "Add" in the "Graphics list entries" table. The Inspector window for this list entry opens. 2. Select the settings "Range" in "Properties > Properties > General > Value" in the Inspector window: - Enter the value "1" for "Min" for example. - Enter the value "20" for "Max" for example. - Select a graphic that is displayed in Runtime when the tag is within the specified value range. Note As an alternative to the drop-down menu, you can insert graphics from libraries or from your file system: 1. Select a graphic in the library or in your file system. 2. Drag-and-drop the graphic into the "Graphics list entries > Graphic" table. 3. Click "Add" in the "Graphics list entries" table. A further list entry is created. WinCC Advanced V14 System Manual, 10/2016 5099 Visualizing processes 12.1 Creating screens 4. Select the settings "Single value" in "Properties > Properties > General > Value" in the Inspector window: - Enter the value "21" for example. - Select a graphic which is displayed in Runtime if the bit "21" is set in the tag. 5. If required, activate the "default entry". The graphic is always displayed when the tag has an undefined value. Only one default entry is possible per list. Result An area graphics list is created. Graphics that appear in Runtime are assigned to the possible values. See also Basic principles of graphics lists (Page 5095) Assigning graphics and values to a bit graphics list (Basic Panels, Panels, RT Advanced) Introduction For each graphics list you specify which graphic is displayed at which bit value. Requirement The "Text and graphics list" editor is open. The "Graphics list" tab is opened. A bit graphics list has been created and selected. 5100 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click "Add" in the "Graphics list entries" table. The Inspector window for this list entry opens. 2. Select the settings "Single value" in the inspector window "Properties > Properties > General > Value": - Enter "0" as the value. - Select a graphic which is displayed in Runtime if the bit "0" is set in the tag. Note As an alternative to the drop-down menu, you can insert graphics from libraries or from your file system: 1. Select a graphic in the library or in your file system. 2. Drag-and-drop the graphic into the "Graphics list entries > Graphic" table. 3. Click "Add" in the "Graphics list entries" table. A new list entry is created. 4. Select "Properties > Properties > General > Value > Single value": in the Inspector window. - Enter "1" as the value. - Select a graphic which is displayed in Runtime if the bit "1" is set in the tag. Result A bit graphics list is created. Graphics that appear in Runtime are assigned to the values "0" and "1". See also Basic principles of graphics lists (Page 5095) Assigning graphics and values to a bit number graphics list (Basic Panels, Panels, RT Advanced) Introduction For each bit number graphics list you specify which graphics are displayed at which bit number. WinCC Advanced V14 System Manual, 10/2016 5101 Visualizing processes 12.1 Creating screens Requirement The "Text and graphics list" editor is open. The "Graphics list" tab is open. A bit number graphics list has been created and selected. Procedure 1. Click "Add" in the "Graphics list entries" table. The Inspector window for this list entry opens. 2. Select the settings "Single value" in the Inspector window "Properties > Properties > General > Value": - Enter the value "1" for example. - Select a graphic which is displayed in Runtime if the bit "0" is set in the tag. Note As an alternative to the drop-down menu, you can insert graphics from libraries or from your file system: 1. Select a graphic in the library or in your file system. 2. Drag-and-drop the graphic into the "Graphics list entries > Graphic" table. 3. If required, activate the "default entry". The graphic is always displayed when the tag has an undefined value. Only one default entry is possible per list. 4. Create further list entries for additional bit numbers of the same graphics list. 5102 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note Bit selection for graphic lists The output of the graphic list depends on the "Bit selection for text and graphics lists" option in the Runtime settings. Use this option to specify that the bit selection for graphic lists should be used on your HMI device. When you enable the option, the graphic displayed is the one configured for the set bit with the least significance. When you disable this option, the graphic that has been configured only for the set bit is displayed. Result A bit number graphics list is created. Graphics that appear in Runtime are assigned to the specified bit numbers. See also Basic principles of graphics lists (Page 5095) Notes for bit number graphics list Introduction The bit number (0 - 31) range assigns a graphic entry from the list to each bit of a tag. If the option "Bit selection for text and graphic lists" is disabled in the Runtime settings and no default value is set, the following standard behavior applies: If only 1 bit is configured of all set bits, the stored graphic is displayed for the configured bit. In the following example, only the set bit with significance "4" is configured. Graphic 2 is displayed. Significance 7 6 5 4 3 2 1 0 Set bits 0 0 1 1 0 1 0 0 Configured - Graphic 3 - Graphic 2 Graphic 1 - - - If no bit is set or when several bits are set that are also configured, only the cactus graphic is displayed. Default value Define a default value to prevent an empty display. A configured default value is displayed in the following cases: The option "Bit selection for text and graphic lists" is disabled. No bit or several configured bits are set in the tag. The option "Bit selection for text and graphic lists" is enabled and no bit is set or a graphic is not configured for the set bit with the least significance. WinCC Advanced V14 System Manual, 10/2016 5103 Visualizing processes 12.1 Creating screens Displaying the default value 1. Enable the graphic for the default entry in the "Default" column of the "Graphics list entries" table. The value "Default entry" appears in the "Value" column of the entry. 2. You can also select the "Default" option under "Properties > General" in the inspector window. Set bit with the least significance When "Bit selection for text and graphic lists" is enabled, the graphic displayed is the one configured for the set bit with the least significance. If no graphic is configured for the set bit with the least significance and if no default value is set, the cactus graphic is displayed. If a default value is configured, the graphic configured for the default value is displayed. To only display the graphic for the set bit with the least significance, enable the "Bit selection for text and graphic lists" option in the "Runtime settings" editor. This setting is deselected by default to maintain downward compatibility. The setting is valid for all graphic lists of the HMI device. Configuring objects with a graphics list Introduction The output value and value application for graphics list are specified in the display and operating object that displays the graphics of the graphics list in Runtime. The properties of these objects are configured as required. Requirement A graphics list is created. The values have been defined. Graphics have been assigned to the values. You have created a tag. The "Screens" editor is open. A screen with a graphics I/O field is open. The object is edited. 5104 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Select the graphics list the graphics of which you want to have displayed in Runtime in "Properties > Properties > General > Graphics list" in the Inspector window. 2. Select the "Input/output" setting for "Mode". Note Runtime dependency Different field types are available for a graphic I/O field depending on the Runtime. 3. As "Tag", select the tag whose values are defined by the display in the graphic I/O field. Result The defined graphics of the graphics list are displayed in the graphic I/O field in Runtime when the tag has the specified value. See also Basic principles of graphics lists (Page 5095) WinCC Advanced V14 System Manual, 10/2016 5105 Visualizing processes 12.1 Creating screens 12.1.4 Dynamizing screens 12.1.4.1 Basics on dynamizing screens Basics on dynamizing screens (Basic Panels) Dynamizing objects In WinCC you dynamize objects to map your system and show processes on HMI devices. You implement dynamizations by Animations Tags System functions One example is the mapping of a tank, the liquid level of which rises or falls in relation to a process value. The options for dynamization depend on the object involved. When you copy an object, its dynamization functions are included. See also Configuring a new animation (Page 5112) System functions (Page 5696) User-defined functions (Page 5698) Runtime scripting (Page 5695) Basics on dynamizing screens (Page 5106) Screen basics (Page 4979) Dynamization in the inspector window (Page 5107) Dynamization in the inspector window (Page 5109) Basics on dynamizing screens (Panels, RT Advanced) Dynamizing objects In WinCC you dynamize objects to map your system and show processes on HMI devices. You implement dynamizations by Animations System functions 5106 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Tags Local scripts One example is the mapping of a tank, the liquid level of which rises or falls in relation to a process value. The options for dynamization depend on the object involved. When you copy an object, its dynamization functions are included. See also Basics on dynamizing screens (Page 5106) Dynamization in the inspector window (Basic Panels) Introduction Basically, you can dynamize all the screen objects which you have configured in a screen. Which dynamization possibilities and which events are available depends on the device and the selected object. Animations WinCC helps you to implement dynamization using predefined animations. If you want to animate an object, first configure the desired animation in the object's inspector window. Then adapt the animation to the requirements of your project. The selection of the supported animations depends on the HMI device and the selected object. You choose between the following types of animation: Layout: Appearance, visibility Movements: direct, diagonal, horizontal and vertical movement Variable binding You can configure the "Variable binding" type of animation several times for one object. You configure animations in the "Properties > Animations" inspector window. WinCC Advanced V14 System Manual, 10/2016 5107 Visualizing processes 12.1 Creating screens Events Operable objects also react to events, such as a mouse click. You configure a function list with system functions on an event. The system functions are processed as a reaction to the triggered event. You configure events in the "Properties > Events" inspector window. You will find further information in "Working with function lists". 5108 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Basics on dynamizing screens (Page 5106) Dynamization in the inspector window Introduction Basically, you can dynamize all the screen objects which you have configured in a screen. Which dynamization possibilities and which events are available depends on the device and the selected object. The inspector window offers you the possibilities for dynamization of screen objects in three tabs. Property list With the window. button you go to the properties list in the "Properties > Properties" inspector In the property list, you set any dynamization for the individual object properties using tags or local C and VB scripts. You can, for example, dynamically change the background color of an object. In the "Dynamic Value" column you can dynamize the object property of a tag, a C-script or a VB-script. Whether an object property can be dynamized is indicated in the Property list by means of the background color: Light gray: Can be dynamized Dark gray: Cannot be dynamized Any animations you have already configured will also appear in the object property list, where you can edit the animations. The following table shows you how to sort the property list: Sort by alphabet Sort by category With the WinCC Advanced V14 System Manual, 10/2016 button you return to the property pages in the inspector window. 5109 Visualizing processes 12.1 Creating screens Animations You have two different options for animating objects. You configure animations in the inspector window under "Properties > Animations", in the "Animations" task card. WinCC helps you to implement dynamization using predefined animations. If you want to animate an object, first configure the desired animation with the tools of the toolbox or in the object's inspector window. Then customize the animation in the Inspector window to suit the requirements of your project. The selection of the supported animations depends on the device and the selected object. You choose between the following types of animation: Tag binding Layout: Appearance, control enable, visibility Movements: direct, diagonal, horizontal and vertical movement Property animation Note HMI device dependency The "Control enable" animation is not available for every HMI device. You can configure the "Tag binding" and "Property animation" types of animation several times for one object. You configure animations in the "Properties > Animations" inspector window. 5110 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Events Operator control enabled objects also react to events, such as a mouse click. You configure a function list with system functions or local scripts on an event. The system functions or the local script are processed as a reaction to the triggered event. You configure events in the "Properties > Events" inspector window. WinCC Advanced V14 System Manual, 10/2016 5111 Visualizing processes 12.1 Creating screens You will find further information in "Working with function lists". See also Basics on dynamizing screens (Page 5106) 12.1.4.2 Dynamization with animations Configuring a new animation Introduction Use predefined animations to dynamize screen objects. Requirement You have opened a screen which contains at least one dynamic object. The Inspector window is open. The toolbox window is displayed. Procedure in the inspector window 1. In the Inspector window, select "Properties > Animations". 2. Select the animation you want to use. 3. Click the button. Procedure in the "Animations" task card. 1. Open the object group containing the required animation in the "Animations" task card. 2. Drag the animation onto the object that you want to make dynamic. Alternatively you select the object in the screen and double click the desired animation in the "Animation" task card. Result The animation appears in the Inspector window of the object. You configure the animation in the following steps. In the animations overview the green arrow indicates which animation is already configured. The configured animation opens in the inspector window when you click the green arrow. 5112 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Basics on dynamizing screens (Page 5106) Animations in multiple selection (Page 5125) Animations of object groups (Page 5123) Animations of object groups (Page 5122) Configuring animation with tag connection (Page 5121) Dynamizing the visibility of an object (Page 5119) Dynamization of the control enable state of an operating element (Page 5118) Configuring direct movement (Page 5117) Configuring movements (Page 5115) Dynamizing the appearance of an object (Page 5113) Dynamizing the appearance of an object Introduction The appearance of a screen object is controlled by changing the value of a tag in runtime. When the tag adopts a certain value, the screen object changes its color or flashing characteristics according to the configuration. WinCC Advanced V14 System Manual, 10/2016 5113 Visualizing processes 12.1 Creating screens Type Areas or single values of the tag are observed in Runtime depending on the selection. The appearance of the object changes according to the configuration. Note "Multiple bits" selection If you use the "Multiple bits" option, also select "Bit selection for appearance" option in the runtime settings under "Screens > General". Requirement A screen is open. A dynamic object is contained and selected in the screen. The Inspector window is open. The toolbox window is displayed. Procedure 1. In the Inspector window, select "Properties > Animations". The animations available for the selected object are displayed. 2. Select the animation "Appearance" and click the The parameters of the animation are displayed. button. 3. Select a tag in "Tag > Name". 4. Select "Type > Range" for example. 5. Click "Add" in the table. 6. Enter the tag interval "0 - 20" in the "Range" column for example. 7. For "Foreground color" and "Background color", select the color the object is to acquire in Runtime when the tag reaches the interval. 5114 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 8. Select a flashing mode for the object from the "Flashing" list. 9. Repeat steps 5 to 8 to create another tag interval, e.g. "21 - 60". Result In Runtime, the flashing response, and color of the object change dynamically according to the process value returned in the tag. See also Configuring a new animation (Page 5112) Configuring movements Introduction You can configure dynamic objects in such a way that they move on a certain track. The movement is controlled via tags. The object moves every time the tag is updated. You can only program one type of movement for each object. Requirement You have created a tag. You have opened a screen which contains at least one dynamic object. The Inspector window is open. The toolbox window is displayed. WinCC Advanced V14 System Manual, 10/2016 5115 Visualizing processes 12.1 Creating screens Procedure 1. Select the screen object you want to control dynamically. The object properties are displayed in the Inspector window. 2. In the Inspector window, select "Properties > Animations". The animations available for the selected object are displayed. 3. Select "Horizontal movement" and click the button. The parameters of the animation are displayed. A transparent copy of the object is shown in the work area, which is connected to the source object by means of an arrow. 4. Select a tag for control of movement. 5. Move the object copy to the relevant destination. The system automatically enters the pixel values of the final position in the Inspector window. 6. Customize the range of values for the tag as required. Result In Runtime, the object moves in response to every change in value of the tag that is used to control the movement. The direction of movement corresponds to the configured type of movement "horizontal". Note You configure vertical and diagonal movements similar to horizontal movements 5116 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Configuring a new animation (Page 5112) Configuring direct movement Introduction The object is moved respectively in x direction and y direction with "Direct movement". Two tags define the number of pixels by which the object moves from its original static start position. Requirement Two tags are set up. You have opened a screen which contains at least one dynamic object. The Inspector window is open. The toolbox window is displayed. Configuring "Direct movement" 1. Select the screen object you want to control dynamically. The object properties are displayed in the Inspector window. 2. In the Inspector window, select "Properties > Animations". 3. Select "Direct movement" and click the button. The parameters of the animation are displayed. 4. Select a tag for the X position with which the movement in x direction is controlled. 5. Select a tag for the Y position with which the movement in y direction is controlled. WinCC Advanced V14 System Manual, 10/2016 5117 Visualizing processes 12.1 Creating screens Result In Runtime, the object moves in response to every change in value of the tag that is used to control the movement. See also Configuring a new animation (Page 5112) Dynamization of the control enable state of an operating element (Panels, RT Advanced, RT Professional) Introduction You can dynamically change the usability of an operating element. The object either can, or cannot be used in Runtime, depending on the value of a tag. You can use this dynamic control to restrict operator access to an operating element to specific situations, such as for maintenance. Requirement You have created a tag. A screen with an operating element is open. The Inspector window is open. The toolbox window is displayed. Procedure 1. Select the operating element in the screen that you want to control dynamically. The object properties are displayed in the Inspector window. 2. In the Inspector window, select "Properties > Animations". The animations available for the selected object are displayed. 5118 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Select "Control enable" and click the button. The parameters of the animation are displayed. 4. Select a tag. 5. Activate "Range". - For "From:" enter e.g. the value "0" - For "To:" enter e.g. the value "100" 6. Activate "Control enable > Activated". Result The screen object is operator control enabled in Runtime depending on the tag value: The object becomes operator control enabled when the tag value is between 0 and 100. The object is not operator control enabled if the tag value is outside the range. See also Configuring a new animation (Page 5112) Dynamizing the visibility of an object (Panels, RT Advanced, RT Professional) Introduction Dynamization of the "Visibility" property allows you to output an alarm to your screen, which is triggered when the tag value exceeds a critical range, for example. The alarm is cleared when the tag value returns to the non-critical range. The "Simple recipe view" and "Simple alarm view" objects are always visible. WinCC Advanced V14 System Manual, 10/2016 5119 Visualizing processes 12.1 Creating screens Requirement You have created a tag. You have opened a screen containing an object that you want to show or hide in Runtime. The Inspector window is open. Procedure 1. Select the screen object you want to control dynamically. The object properties are displayed in the Inspector window. 2. In the Inspector window, select "Properties > Animations". The animations available for the selected object are displayed. 3. Select "Visibility" and click the button. The parameters of the animation are displayed. 4. Select a tag. 5. Activate "Range". 6. Select, for example, "from 20" and "to 40" 7. Activate "Visible". Result The screen object is shown or hidden in Runtime depending on the tag value. If the tag value matches the configured range between 20 and 40, the screen object is shown. If the tag value is outside the configured range, the screen object is hidden. See also Configuring a new animation (Page 5112) 5120 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring animation with tag connection (Panels, RT Advanced, RT Professional) Introduction When you object property an object property with a tag, the object property is changed in Runtime depending on the tag value. The following example shows the tag binding in the "Properties > Animations" inspector window. If you have configured tag binding it is also visible in the property list or in the property pages in the inspector window. Requirement An object with the property to be dynamized is selected. You have created a tag. The Inspector window is open. Procedure 1. Select the screen object whose properties you want to control dynamically. The object properties are displayed in the Inspector window. 2. In the Inspector window, select "Properties > Animation". The animations available for the selected object are displayed. 3. Select "Tag connection" and click the button. The parameters of the animation are displayed. 4. Select the object property that you want to dynamize in "Properties > Animation > Tag binding > Property > Name", e.g. "Background color". 5. Select a tag. WinCC Advanced V14 System Manual, 10/2016 5121 Visualizing processes 12.1 Creating screens Result You have dynamized the "Background color" property with a tag. The background color of the screen object changes in Runtime depending on which value the tag adopts. See also Configuring a new animation (Page 5112) Animations of object groups (Basic Panels) Applying animations to object groups The inspector window shows all objects of a group and their possible animations. The animation types which are supported by all objects in the group are also listed separately. If you configure an animation for an object group, this animation will apply to all individual objects that support this animation. The animation of nested groups is not supported. 5122 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Application example The "horizontal movement" animation is configured for the object of an object group. The "direct movement" animation is configured for the whole object group. Only the animation of the object group i.e. "direct movement" is executed in Runtime. This also applies for object groups within object groups. Only the animation of the group on the top layer is listed. See also Configuring a new animation (Page 5112) Animations of object groups (Panels, RT Advanced, RT Professional) Changing animations of object groups The inspector window shows all objects of a group and their possible animations. The animation types which are supported by all objects in the group are also listed separately. If you configure an animation for an object group, this animation will apply to all individual objects that support this animation. WinCC Advanced V14 System Manual, 10/2016 5123 Visualizing processes 12.1 Creating screens Application example The "horizontal movement" animation is configured for the object of an object group. The "direct movement" animation is configured for the whole object group. Both animation types are executed in runtime. This also applies for object groups within object groups. See also Configuring a new animation (Page 5112) 5124 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Animations in multiple selection Changing animations for multiple objects For a multiple selection, the animations that are configured for the reference object appear in the Inspector window. You can change the animations as usual. The changes will apply to all the objects in the multiple selection that support the configured animation. This means that even objects for which you have not yet configured an animation will have the reference object's animation. Application example Select a button, and a circle at the same time. The button is the reference object. The "Appearance" animation is already configured for the button, so it appears in the Inspector window of the multiple selection. When you activate "Properties > Animations >Appearance > Flashing" in the inspector window, the settings of the "Appearance" animation apply for the button and for the circle. Configuring new animations for multiple objects If you configure a new animation for the objects of a multiple selection, this animation will apply to all selected objects that support the configured animation. If the new animation replaces an existing animation, a security prompt appears. Application example You select a circle, and a rectangle. The "Diagonal movement" animation is already configured for the circle. You configure the "Horizontal movement" animation for the multiple selection. This animation applies to the rectangle since no animation of the Movement type is yet configured for it. For the circle, you are asked to confirm that you want to replace the existing "Diagonal movement" animation with the new "Horizontal movement" animation. See also Configuring a new animation (Page 5112) 12.1.4.3 Dynamizing with system functions Basic on events Introduction Screen objects react to events. You configure a function list with system functions on the events of an object. WinCC Advanced V14 System Manual, 10/2016 5125 Visualizing processes 12.1 Creating screens Events Which events and system functions are available depends on the object used. If the operator activates a screen object for example, the configured system function is executed. You can find additional information under "Basics on the function list". See also Basics of the function list (Page 5700) Basics on dynamizing screens (Page 5106) Example: Configuring a button for language switching (Page 5127) Configure system function on the "Click" event (Page 5126) Configure system function on the "Click" event (Basic Panels) Introduction You configure a function list on an object event. The linked system function is executed when the event occurs in runtime. Requirements A screen is open. A button has been created in the screen. The inspector window is open. Procedure 1. Select the button. 2. Click "Properties> Events" in the Inspector window. 3. Select the "Click" event. 4. Click "Add function" in the table. 5. Select the "ShowAlarmWindow" system function. Result The alarm window opens in the screen if the operator clicks the button in runtime. See also Basics of the function list (Page 5700) Basic on events (Page 5125) 5126 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Example: Configuring a button for language switching Introduction In this example, you configure a button that can be used to toggle between multiple runtime languages during runtime. Requirements You have completed the "Configuring a button in multiple languages" example. The "Screen_1" screen is open. The button on the screen has been selected. Procedure 1. In the Inspector window, select "Properties > Events > Press". 2. Click on "Add function" in the table. 3. Select the "SetLanguage" system function and the "Switch" setting. Result You have assigned the button the function "SetLanguage". Pressing the button during runtime will switch the runtime language. The runtime languages are switched in the order specified by the number sequence in the "Languages and fonts" editor. See also Basic on events (Page 5125) Button (Page 5270) 12.1.5 Working with function keys 12.1.5.1 Working with function keys Introduction The function key is a physical key on your HMI device and its functions can be configured. A function list can be configured for the events "Key pressed" and "Release key". WinCC Advanced V14 System Manual, 10/2016 5127 Visualizing processes 12.1 Creating screens A function key can be assigned global or local functions. Note Availability for specific HMI devices Function keys are not available on all HMI devices. Global function keys Global function keys always trigger the same action, regardless of the displayed screen. Global function keys are configured in the "Global Screen" editor. The global assignment applies for all the screens of the set HMI device. Global function keys reduce programming considerably, because there is no need to assign these global keys to each individual screen. Local function keys in screens Local function keys in screens can trigger a different action in each screen. This assignment applies only to the screen in which you have defined the function key. Within a screen, a function key has only one function assignment, either a global or local one. The project planner specifies which assignment has priority. Note If a screen with local function keys is overlapped by an alarm view or an alarm window, then the function keys are still active in runtime. This may happen in particular on HMI devices with a small display. Local function keys in templates Local functions keys that are assigned in templates are valid for all the screens based on this template. They can trigger a different action in every screen. Function keys for templates are assigned in the template of the "Screens" editor. Within a template, a function key has only one function assignment, either a global or local one. The project planner specifies which assignment has priority. Hotkey assignment You can assign hotkeys, such as buttons, to control objects. The available hotkeys depend on the HMI device. Note The function key has a local or global action assigned to it. If the function key also has a hotkey assigned to it, then the hotkey function will be executed in Runtime. 5128 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Graphics When a function key is placed directly next to the display, you can assign a graphic to it to make the function of the function key more clear. Display of assignment Table 12-1 The following table shows which symbols display the assignment of the function keys: Function key Description Not assigned Global assignment Assigned locally in the template Local assignment Local assignment (local assignment of the template overwrites global assign ment) Local assignment (local assignment overwrites global assignment) Local assignment (local assignment overwrites local assignment of the template) Local assignment (local assignment overwrites local assignment of the tem plate, which already overwrites global assignment) Assigning buttons with screen navigation Note Basic Panels The "Screen Navigation" editor is not available for Basic Panels. WinCC Advanced V14 System Manual, 10/2016 5129 Visualizing processes 12.1 Creating screens 12.1.5.2 Assigning function keys globally Introduction You define the global assignment of a function key in the "Global Screen" editor. The global assignment applies to all screens of the set HMI device. Note Availability for specific HMI devices Function keys are not available on all HMI devices. Requirement You have opened the project. The Inspector window is open. Procedure Proceed as follows to assign a screen-based function to a function key: 1. To open the "Global Screen" editor, double-click "Global Screen" in the "Screen management" group of the Project window. 2. Select the desired function key. The properties of the function key are shown in the Inspector window. 3. Under "General", configure a graphic and an operator authorization for the function key. 4. Configure a function list for the required event under "Events". 5130 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result If a local assignment does not overwrite the global assignment, the assignment of the function key changes in all the screens of the set HMI device in accordance with your entry. See also Working with function keys (Page 5127) 12.1.5.3 Local assignment of function keys Introduction Function keys are assigned globally and locally. A local assignment of the function keys is only valid for the screen or the template in which it was defined. The following local function keys are available: Local function keys of a screen Different functions are assigned to the function key for each screen. This assignment applies only to the screen in which you have defined the function key. Local function keys of a template You assign the function keys in a template. The assignment applies to all the screens that are based on this template and are not overwritten by a local assignment in a screen. A local assignment overwrites the global assignment of a function key. Note Availability for specific HMI devices Function keys are not available on all HMI devices. Using existing assignments The option for using existing assignments is referred to as follows in the Inspector window: In a template: "Use global assignment" In a screen: - Screen based on a template: "Use local template" - Screen not based on a template: "Use global assignment" The "Use local template" option includes the use of the local assignment in the template and the global assignment. Requirement You have opened the screen or the template in which you want to assign a function key locally. The Inspector window is open. WinCC Advanced V14 System Manual, 10/2016 5131 Visualizing processes 12.1 Creating screens Procedure Proceed as follows: 1. Select the desired function key in the screen or in the template. The properties of the function key are shown in the Inspector window. 2. Click "General" in the Inspector window. 3. Disable the "Use local template" or "Use global assignment" option. 4. Under "General", configure a graphic and an operator authorization for the function key. 5. Configure a function list for the required event under "Events". Result The function key is assigned the configured function in the screen or in the template. See also Working with function keys (Page 5127) 12.1.5.4 Assigning a function to a function key Introduction A function key can have two states: Pressed: Defined by the "Key pressed" event. Released: Defined by the "Release key" event. 5132 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Both of these events are configured in the Inspector window of the function key. You can assign any event a function list which contains system functions or scripts. Execution of this function list is event-driven in runtime. Note Availability for specific HMI devices Function keys are not available on all HMI devices. Note Basic Panels Scripts are not available for Basic Panels. Requirement To assign the function key a global function: The "Global Screen" editor is open. To assign the function key a local function: The screen in which you want to assign a function key is open. If you want to assign a function key locally in a template: The template in which you want to assign a function key is open. The Inspector window is open. Procedure Proceed as follows: 1. Select the function key you want to define. The properties of the function key are shown in the Inspector window. 2. Configure the function list for the desired result in the Inspector window under "Properties" in the "General" group. Result The function list is executed in runtime when the operator presses or releases the function key. See also Working with function keys (Page 5127) WinCC Advanced V14 System Manual, 10/2016 5133 Visualizing processes 12.1 Creating screens 12.1.5.5 Assigning operator authorization for a function key Introduction In WinCC you can assign an operator authorization for a function key in runtime. This allows you to restrict access to the function keys to specific persons or operator groups when you configure your project. Only authorized personnel can then change important parameters and settings in runtime. You configure access protection in order to avoid operator errors and increase plant or machine security. Note Availability for specific HMI devices Function keys are not available on all HMI devices. Requirement The user groups have been defined. To protect a global function key: The "Global Screen" editor is open. If you want to protect a local function key of a screen or of a template: The screen or the template which contains the function key is open. The Inspector window is open. 5134 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure Proceed as follows: 1. Select the relevant function key. The properties of the function key are shown in the Inspector window. 2. Click "General" in the Inspector window. 3. In the "Authorization" list, select the user group you want to allow runtime access to the function key. Result The operator authorization is configured. See also Working with function keys (Page 5127) WinCC Advanced V14 System Manual, 10/2016 5135 Visualizing processes 12.1 Creating screens 12.1.5.6 Assigning a graphic to a function key Introduction In order to make the function of a key more clear, you can insert a graphic in the screen alongside the function key. Graphics can only be assigned to function keys that border the screen margin of the HMI device. Note HMI device dependency Function keys are not available on all HMI devices. Note Assigning graphics to a function key A graphic can only be assigned to a function key if the bottom edge of the permanent window does not conceal the area of the function key graphic. Requirement To assign a graphic to a global function key: The "Global Screen" editor is open. If you want to assign a graphic to a local function key in a screen or template: The screen or the template that contains the corresponding function key is open. The Inspector window is open. You have created the graphic for the function key. 5136 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure Follow these steps: 1. Select the relevant function key. The properties of the function key are shown in the Inspector window. 2. Click "General" in the inspector window. WinCC Advanced V14 System Manual, 10/2016 5137 Visualizing processes 12.1 Creating screens 3. Click in the "Graphic" area of the list. The graphic browser of your WinCC project appears. The pane on the left side shows the external graphics which are stored in the browser. The pane on the right side shows you a preview of the graphic you have selected in the browser. Using the and icons, you can display the collection either in form of thumbnails or as a list. In order to open and edit OLE objects with the associated graphics program, double-click on the object. 4. In the browser click the desired graphic or store the relevant graphic in the graphic browser. The graphic preview is shown in the right pane. 5. Click "Select" to add the graphic to the screen. Click "Clear" to remove the graphic from the screen. Result The graphic is displayed next to the function key. See also Working with function keys (Page 5127) 12.1.5.7 Configuring LED tags Requirements An HMI device with key operation has been created. You have created an LED tag. The global screen is open. 5138 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click an F-key of the HMI device. 2. In the Inspector window, click "Properties > Properties > General". 3. Select a tag under "LED tag" in the "General > Settings" area. 4. Under "Bit" enter the correct bit number. The correct bit number depends on the HMI device and the input and output assignments on the HMI device. Assignment of inputs and outputs The exact assignment of inputs and outputs can be found under: PROFINET IO direct keys: AUTOHOTSPOT PROFIBUS DP direct keys: AUTOHOTSPOT WinCC Advanced V14 System Manual, 10/2016 5139 Visualizing processes 12.1 Creating screens 12.1.5.8 Example: Using function keys for screen navigation Task In this example you create a local function key in a screen. When the operator presses this function key, a screen change to a predefined screen is triggered, for example "Boiler 2". Note Availability for specific HMI devices Function keys are not available on all HMI devices. Requirement The screen in which you want to assign the function key is open. You have created the "Boiler 2" screen. The Inspector window is open. Procedure Proceed as follows to use the "ActivateScreen" function: 1. Select the desired function key. The properties of the function key are shown in the Inspector window. 2. Click "General." 3. To overwrite a global assignment, disable the "Use local template" option. 4. Click "Key pressed" under "Events". 5140 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 5. Select the "ActivateScreen" system function from the list. The "ActivateScreen" function appears in the "Function list" dialog box, including the "Screen name" and "Object number" parameters. 6. Select the "Boiler 2" screen from the "Screen name" list. Result The operator changes to the "Boiler 2" screen in runtime by pressing the selected function key. See also Working with function keys (Page 5127) WinCC Advanced V14 System Manual, 10/2016 5141 Visualizing processes 12.1 Creating screens 12.1.6 Working with layers 12.1.6.1 Basics on working with layers Layers Use layers in order to achieve differentiated editing of the objects in a screen. A screen consists of 32 layers that you can give any names. If you assign objects to the layers, you thereby define the screen depth. Objects of layer 0 are located at the screen background, while objects of layer 31 are located in the foreground. The objects of a single layer are also arranged hierarchically. When you create a screen, the object inserted first is located at the rear within the layer. Each further object is placed one position towards the front. You can shift objects forwards and backwards within a layer. Principle of the layer technique Always one layer of the 32 layers is active. New objects you add to the screen are always assigned to the active layer. The number of the active level is displayed in the inspector window of the screen and in the "Layout > Layers" task card. When you open a screen, all 32 layers of the screen are displayed. You can hide all the layers except for the active layer in the inspector window of the screen and in the "Layout > Layers" task card. You then explicitly edit objects of the active layer. In the tree view of the "Layers" palette in the "Layout" task card, you administer layers and objects with drag-and-drop and the context menu. Application examples Use layers, for example, in the following cases: To hide the labeling of objects when editing, To hide objects, e.g. alarm windows, while configuring other objects 5142 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Screen basics (Page 4979) Renaming layers (Page 5146) Showing and hiding layers (Page 5145) Setting the active layer (Page 5144) Moving objects on layers (Page 5143) 12.1.6.2 Moving objects on layers Introduction By default, a new object is inserted on the active layer. You can, however, assign an object to another layer at a later time. Requirement A screen with an object is open. The Inspector window is open. Procedure 1. Select the object in the screen. The object properties are displayed in the Inspector window. 2. Enter the layer to which you want to move the object in "Properties > Properties > Miscellaneous > Layer" in the Inspector window. Alternatively, select the object from the "Layout" task card and drag it to the required layer. Changing the order of objects 1. Select the object in the screen. The object properties are displayed in the Inspector window. 2. To move the object to the front or back, select the "Order" > "Move backward" or "Move forward" command from the shortcut menu. Alternatively, use the or button in the toolbar. Result The object is assigned to the selected layer, and positioned at the top of the layer. See also Setting the active layer (Page 5144) Showing and hiding layers (Page 5145) WinCC Advanced V14 System Manual, 10/2016 5143 Visualizing processes 12.1 Creating screens Renaming layers (Page 5146) Basics on working with layers (Page 5142) 12.1.6.3 Setting the active layer Introduction The screen objects are always assigned to one of the 32 layers. There is always an active layer in the screen. New objects you add to the screen are always assigned to the active layer. The number of the active layer is indicated in the "Layer" toolbar. The active layer is indicated by the icon in the "Layout > Layers" task card. Layer 0 is the active layer when you start programming. You can activate a different layer during configuration, if necessary. Requirement You have opened a screen which contains at least one object. The Inspector window of the active screen is open. Procedure 1. Click "Properties > Properties > Layers" in the Inspector window of the current screen. 2. Enter the layer number in "Settings > Active layer". Alternative procedure 1. Select "Layout > Layers" in the "Layout" task card. 2. Select the "Set to active" command from the shortcut menu of a layer. Result The layer with the specified number is now active. See also Moving objects on layers (Page 5143) Basics on working with layers (Page 5142) 5144 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 12.1.6.4 Showing and hiding layers (Basic Panels, Panels, RT Advanced) Introduction You can show or hide the layers of a screen as required. You specify the layers that are shown in the Engineering System. When you open a screen, all the layers are always shown. Requirement The screen is opened. The "Layout" task card is open. Procedure 1. Select the layer that you want to hide or show in the "Layout > Layers" task card. 2. Click one of the icons next to the corresponding layer: - A shown layer is hidden - A hidden layer is shown Note The active layer cannot be hidden. WinCC Advanced V14 System Manual, 10/2016 5145 Visualizing processes 12.1 Creating screens Alternative procedure 1. Click in an area of the screen that does not contain an object. The screen properties are shown in the Inspector window. 2. In the Inspector window, select "Properties > Properties > Layers": 3. In the list, disable the levels you wish to hide. If you activate "All ES layers" for a layer, the objects in this layer will be shown in the Engineering System. Result The layers are shown according to your settings. See also Moving objects on layers (Page 5143) Basics on working with layers (Page 5142) 12.1.6.5 Renaming layers Introduction When you create a screen, the 32 layers are numbered consecutively by default. To improve clarity, you can rename the layers to suit your requirements. Requirement The screen is opened. 5146 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click in an area of the screen that does not contain an object. The screen properties are shown in the Inspector window. 2. In the Inspector window, select "Properties > Properties > Layers". 3. Enter the new layer name. Result The layer is displayed with the new name. See also Moving objects on layers (Page 5143) Basics on working with layers (Page 5142) WinCC Advanced V14 System Manual, 10/2016 5147 Visualizing processes 12.1 Creating screens 12.1.7 Working with faceplates 12.1.7.1 Basics on faceplates Basics on faceplates (Panels, RT Advanced, RT Professional) Introduction Faceplates are a configured group of display and operating objects that you manage and change centrally in a library. You can use a faceplate in several projects as required. The faceplates are stored in the project library. Use You use faceplates to create individually configured display and operating objects. You can use faceplates several times in the project or in different projects. All instances of a faceplate in the project are changed centrally. This reduces the configuration effort. Types and instances Faceplates are based on a type-instance model to support the central changeability. You create central properties for an object in types. The instances represent local points of use of the types. Faceplate type You create a display and operating object according to your requirements and store it in the project library. The instances are bound to the respective faceplate type. If you change a property of a faceplate type, the property is saved centrally and also changed in all instances. In the faceplate type, you define the properties that can be changed on the faceplate. You edit a faceplate type in the "Faceplates" editor. Faceplate The faceplate is an instance of the faceplate type. You use a faceplate in screens as a display and operating object. You configure the variable properties of the faceplate type on the instance. You assign the tags of your project to the faceplate, for example. If you configure properties on the faceplate, you overwrite the properties of the faceplate type. The changes on the faceplate are saved at the point of use and have no effect on the faceplate type. To reset the variable properties at the faceplate to the properties of the faceplate type, select "Reset instance" in the shortcut menu. The figure below shows the relationships between the faceplate type and the faceplate. The background color of the I/O field is configured in the faceplate type in such a way that every instance can change the property. Blue is used as the background color in the faceplate type. You use yellow as the background color in the faceplate. 5148 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens When you change the background color in the faceplate type, this has no effect on the faceplate because the "Background color" property is assigned on an instance-specific basis. See also Faceplate editor (Page 5150) Creating a faceplate type (Page 5153) Screen basics (Page 4979) Basics of dynamizing faceplates (Page 5172) Example: Configuring a faceplate (Page 5173) Device dependency of faceplates (Panels, RT Advanced, RT Professional) Device dependency of faceplates Not all HMI devices support every display and operating object. The screen objects that are not available in the respective HMI device are not displayed when using the faceplate. Independent of the device, all properties are offered for the configuration during the generation of faceplates. When using a faceplate in a screen, only the properties supported by the configured device are available. The following devices support faceplates: Runtimes WinCC Runtime Advanced WinCC Runtime Professional Comfort Panels KTP 400 KP 400 TP 700 KP 700 TP 900 KP 900 WinCC Advanced V14 System Manual, 10/2016 5149 Visualizing processes 12.1 Creating screens TP 1200 KP 1200 TP 1500 KP 1500 TP 1900 TP 2200 Panels TP 277 OP 277 Mobile Panels Mobile Panel 277 Mobile Panel 277 IWLAN V2 Mobile Panel 277F IWLAN V2 Mobile Panel 277F IWLAN (RFID Tag) Mobile Panel KTP 400F Mobile Panel KTP 700 Mobile Panels KTP 700F Mobile Panel KTP 900 Mobile Panel KTP 900F Multi Panels MP 277 MP 377 Faceplate editor (Panels, RT Advanced, RT Professional) Open Create faceplate types and edit them in the library view. 5150 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout The library view for faceplate types consists of several editors, e.g. "Screens" and "Tags" which are arranged in the work area and the configuration area. Work area In the work area, place the objects contained in the faceplate type as you usually do in the "Screens" editor. You can remove objects, or use the "Toolbox" task card to add new objects. Note Faceplates cannot be rotated or mirrored. WinCC Advanced V14 System Manual, 10/2016 5151 Visualizing processes 12.1 Creating screens Configuration section Properties The static and dynamic properties are identified as follows: - The symbol identifies a dynamic property. Dynamic implementation of this property, using tags or text and graphic lists. - The symbol identifies a static property. You change only the values of a static property. Note Device dependency of static properties Static properties are only available for panels and RT Advanced. You define the faceplate type properties in the "Properties" tab. You use the following two lists for this: - The "Contained objects" list This list includes the properties of the objects contained in the faceplate type. These properties can only be configured in the faceplate type in the "Faceplate" editor. - The "Interface" list contains the properties and tags of the faceplate type. The "Interface" list consists of the pre-defined category "Dynamic properties" and user-defined categories. Events You define the faceplate type events in the "Events" tab. You use the following two lists for this: - The "Contained objects" list contains the events of the objects embedded in the faceplate type. - The "Interface" list contains the events of the faceplate. You create links between the two lists using a drag and drop operation. Tags You can also create faceplate tags on the "Tags" tab. The tags are only available within the faceplate type. You can interconnect the faceplate type tags directly with an object contained in the faceplate type. Scripts You configure scripts for the faceplate type in the "Scripts" tab. In the script, you can call system functions or program new functions to convert values, for example. The scripts are only available within the faceplate type. They work with VB Script code. Note The "Scripts" tab is not available for Runtime Professional. Text lists You can also create and edit texts lists for the faceplate type in the "Text lists" tab. These text lists are only available within the faceplate type. You can interconnect the text lists of the faceplate type directly with an object contained in the faceplate type, such as a symbolic I/O field. 5152 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Graphic lists If necessary, you can also create graphics lists for the faceplate type in the "Graphics lists" tab. These graphic lists are only available within the faceplate type. You can interconnect the graphic lists of the faceplate type directly with an object contained in the faceplate type, e.g. a graphic I/O field. User texts The "User text" tab shows the contained user text of the opened faceplate type, for example entries from text lists. You can enter the compilations for the individual project languages directly in the "User text" tab. See also Basics on faceplates (Page 5148) Example: Configuring a faceplate (Page 5173) 12.1.7.2 Creating and managing faceplates Creating a faceplate type (Panels, RT Advanced, RT Professional) Introduction Faceplate types are display and operating objects which are made up of several objects, e.g. controller modules. Requirements You have opened a screen which contains multiple objects. Procedure in the project view 1. Select all the objects that you need for the faceplate type. 2. Select the "Create faceplate type" command in the shortcut menu of the multiple selection. A dialog opens. 3. Enter a name for the faceplate. 4. If necessary, add a comment or change the version number. Result The library view opens. Two versions of the type are displayed in the "types" folder. Version 0.0.1 has been released and contains the currently selected objects. The 0.0.2 version has the status "in progress". Edit the faceplate type in version 0.0.2 as required. WinCC Advanced V14 System Manual, 10/2016 5153 Visualizing processes 12.1 Creating screens Procedure in the library view 1. The library view is open. 2. Select the "Add new type" command in the shortcut menu of the project library. A dialog opens. 3. Select the runtime for which the faceplate type is to be available. An empty faceplate type is created. 4. Drag-and-drop the objects from the "Toolbox" task card to the work area of the faceplate type. Result The new faceplate type is created and displayed under the selected name in the project library. The faceplate type is assigned the status "in progress" and the version 0.0.1. See also Configuring a faceplate type (Page 5155) Configuring a tag in the faceplate type (Page 5160) Configuring an event in the faceplate type (Page 5161) Configuring scripts in the faceplate type (Page 5163) Creating an instance of the faceplate type (Page 5170) Editing a faceplate type (Page 5167) Basics on faceplates (Page 5148) Example: Configuring a faceplate (Page 5173) Editing the category and property of a faceplate type (Page 5159) Configuring a graphics list in the faceplate type (Page 5165) Configuring text lists in the faceplate type (Page 5164) Removing faceplate from faceplate type (Page 5171) Resizing a faceplate (Page 5169) 5154 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring a faceplate type (Panels, RT Advanced, RT Professional) Introduction In the configuration area of the "Faceplates" editor you define which properties and process values of the objects contained in the faceplate can be configured in the "Properties" tab. Note For tooltip texts configured for objects in the faceplate to be displayed in Runtime, insert the property "Tooltip text" as faceplate property. Note Independent of the device, all properties are offered for the configuration during the generation of faceplates. When using a faceplate in a screen, only the properties supported by the configured device are available. Requirements The faceplate is generated and is displayed in the "Faceplate" editor. The "Properties" tab is open in the configuration area. Procedure 1. To create a new property, click the "Add property" A new property is displayed in the "Interface" list. button in the interface list. 2. To create a new category, click the "Add category" button in the interface list. A new category including a new property is displayed in the "Interface" list. WinCC Advanced V14 System Manual, 10/2016 5155 Visualizing processes 12.1 Creating screens 3. Click the name of the property and assign a name, for example, "Color". 4. Select the data type. Note Property names of the faceplates in RT Professional Note the following rules when entering property names of the faceplates: The name must start with a letter. The name can contain alphanumeric characters and the underscore. The name may not contain more than 255 characters. Do not use any UNICODE characters (for example, Chinese characters). Note Using user data types (UDTs) in faceplates in RT Professional If an element of a faceplate is assigned as data type of the user data type (UDT), the following rule applies: The length of the name of a property of the faceplate together with the length of the name of the lower-level element of the "User Data Type" (UDT) data type must not exceed 126 characters. 5156 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Interim result You have created a new property. 1. Click an object in the "Contained objects" list. 2. Select a property, e.g. "Appearance > Background color". 3. Move the property from the "Contained objects" list to the desired property in the "Interface" list by drag&drop. The connection is displayed as a colored line. The system assigns the same data type to the property in the "Interface" list as that of the property in the "Contained objects" list. To change the data type, select the data type from the data types of the connected property. 4. Repeat step 3 to connect other properties of the contained properties with the interface. Note The property from the "Contained objects" list must be in concordance with the data type of the already connected property of the "Interface" list. Deleting a connection 1. Click the connection that you wish to delete. 2. In the shortcut menu select the "Delete" command or use the <DEL> key. The connection is deleted. Interconnecting user data types with faceplates As of V13 SP1, you can use the HMI user data types and the PLC user data types as properties of the faceplates. WinCC Advanced V14 System Manual, 10/2016 5157 Visualizing processes 12.1 Creating screens You interconnect the HMI user data types and the PLC user data types with the faceplates using interface properties by connecting the faceplates with the structural elements of the interface properties. To set the HMI user data types and the PLC user data types as properties of the faceplates, follow these steps: 1. Select the user data type in the selection list under "Type". 2. In the Inspector window under "Properties > Properties > General", select the interface property of the faceplate in the "Tag" selection list. The faceplate is interconnected with the user data type. 5158 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result You have created a new property or a new category with a property. You have connected the property of the interface with a property of the contained objects. If you use an instance of the faceplate type in a screen, you configure the properties of the faceplate which you have created in the "Interface" list. Note Device dependency of static properties Static properties are only available for panels and RT Advanced. You work with dynamic properties in RT Professional. See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) Editing the category and property of a faceplate type (Panels, RT Advanced, RT Professional) Deleting a property in the "Interface" list 1. Select "Edit faceplate" in the shortcut menu. The "Faceplates" editor is open. 2. Select the property which you want to delete in the "Interface" list. 3. Select "Delete" in the shortcut menu. The property is deleted from the "Interface" list. Existing connections to the contained objects are deleted. All linked faceplates lose their instance-specific property. Deleting a category in the "Interface" list 1. Select "Edit faceplate" in the shortcut menu. The "Faceplates" editor is open. 2. Select the category which you want to delete in the "Interface" list. 3. Select "Delete" in the shortcut menu. The category including the properties is deleted from the "Interface" list. Existing connections to the contained objects are deleted. All linked faceplates lose their instance-specific properties. Moving a property to another category 1. Select a property in the "Interface" list. 2. Move the property to a new category by "drag&drop". You have moved the property to a new category. WinCC Advanced V14 System Manual, 10/2016 5159 Visualizing processes 12.1 Creating screens Changing the data type of a property 1. Select a property in the "Interface" list. 2. Click the second column of the drop-down list. 3. Select a data type. You have changed the data type of the property in the "Interface" list. See also Creating a faceplate type (Page 5153) Configuring a tag in the faceplate type (Panels, RT Advanced, RT Professional) Introduction You connect a tag in the faceplate type directly with the properties of the objects contained in the faceplate type. The tags in the faceplate type are a central means of defining dynamic properties in the faceplate type. The tags of a faceplate type have limited functionality. The "Tags" tab of the configuration area has the same structure as the "Tags" editor. Note Use of the "." or "@" character in names of tags in faceplate types is not permitted. Do not use the special characters in the tag names in faceplates. Array elements for faceplates In the following situations, you may not assign an array element or a multiplex tag that is interconnected with a faceplate to a property of a screen object: The property is configured in a faceplate as parameter of a system function. System functions or scripts are assigned in the faceplate to events of the property. Requirements The library view is open. The faceplate type is created and has the "in progress" status. The "Tags" tab is open in the configuration area. 5160 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure 1. Click "Add" in the "HMI tags" table. A new tag is created in the faceplate type. 2. Open "Properties > Events" in the inspector window if necessary. You configure the "Value change" event on the tag for example. 3. In the work area, select the object to which you want to assign this tag, e.g. an I/O field. 4. Select the tag in the inspector window of the I/O field "Properties > Properties > General > Process > Tag". Note Only tags of the faceplate type are displayed in the object list in the "Faceplates" editor. Result You have created a tag in the faceplate type. You are using the tag in the faceplate for scripting, for example. See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) Configuring an event in the faceplate type (Panels, RT Advanced) Introduction In the configuration area of the "Faceplates" editor you define which events of the objects contained in the faceplate can be configured in the "Events" tab. You configure a function list on the events of the faceplate in the "Screens" editor. Requirement The library view is open. The faceplate type is created and has the "in progress" status. The "Events" tab of the configuration area is open. Procedure 1. Click an object in the "Contained objects" list. 2. Select an event, e.g. "Activate". WinCC Advanced V14 System Manual, 10/2016 5161 Visualizing processes 12.1 Creating screens 3. Move the event from the "Contained objects" list to a new category in the "Interface" list. The new event is displayed in the "Interface" list. The connection appears as a colored line. 4. Double-click the event and, if required, change the name of the event. Result You have created an event in the faceplate type. if you use an instance of the faceplate type, you will only be offered the configured events in the inspector window. You configure a function list on the event in the faceplate. See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) 5162 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring scripts in the faceplate type (Panels, RT Advanced) Introduction In the configuration area of the "Faceplates" editor you create scripts which you only use within a faceplate type. You can only refer to tags of the faceplate type or properties of the contained objects within the script. The script is used as a copy in the instance of the faceplate type. Requirement The library view is open. The faceplate type is created and has the "in progress" status. Faceplate tags or dynamic properties have been created. Procedure 1. Click the "Scripts" tab in the configuration area of the faceplate. 2. Double click "Faceplate scripts > Add VB script". 3. Write the program code. 4. Press the shortcut keys <CTRL+J> to Include tags of the faceplate type in the script. The object list opens. 5. Click "HMI tags". All tags of the faceplate type are displayed in the object list. 6. Select a tag and confirm the selection. 7. Press the shortcut keys <CTRL+J> to use properties of the faceplate type in the script. The object list opens. 8. Click "Properties". All dynamic properties of the "Interface" list for the faceplate type are displayed in the object list. Result You have created a script in the faceplate type. The instance of the faceplate type uses a copy of the script. The script is executed in runtime depending on the configuration. See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) WinCC Advanced V14 System Manual, 10/2016 5163 Visualizing processes 12.1 Creating screens Configuring text lists in the faceplate type (Panels, RT Advanced, RT Professional) Introduction In a faceplate type, you connect a text list with an object included in the faceplate type. Text is assigned to the values of a tag in a text list. The text list is used, for example, to display a selection list in a symbolic I/O field contained in the faceplate type. The interface between the text list and a tag of the faceplate type is configured at the object that uses the text list. Requirements The library view is open. The faceplate type is created and has the "in progress" status. The "Text list" tab is open in the configuration range. A tag has been created in the faceplate type. Procedure 1. Click "Add" in the "Text lists" table. A new text list is created in the faceplate type. 2. Assign a name to the text list that indicates its function. 3. Select the text list type, e.g. "Value/Range" under "Select". 4. Click "Add" in the "Text list entries" table. 5. Define the values or range of values for the text list. 6. Enter a text for every value range which is displayed in Runtime when the tag is within the specified value range. 7. Select an object, e.g. a symbolic I/O field, in the work area of the faceplate type. 8. In the Inspector window of the object, enable "Properties > Properties > General > Label > Text list". 9. Select the "Text list" from the selection list. 10.Select a tag of the faceplate type under "Process > Tag". Result You have created a text list in the faceplate type. This text list is linked to an object contained in the faceplate type. You have configured a faceplate type tag at the object. See also Creating a faceplate type (Page 5153) 5164 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring a graphics list in the faceplate type (Panels, RT Advanced, RT Professional) Introduction In a graphics list, specific graphics are assigned to possible values of a tag. In a faceplate type, you connect a graphics list with an object included in the faceplate type. Graphics are assigned to the values of a tag in a graphics list. For example, the graphics list is used to display a selection list in a graphic I/O field contained in the faceplate type. The interface between the graphics list and a tag of the faceplate type is configured at the object that uses the graphics list. Requirements The library view is open. The faceplate type is created and has the "in progress" status. The "Graphics list" tab is open in the configuration range. A tag has been created in the faceplate type. Procedure 1. Click "Add" in the "Graphics lists" table. A new graphics list is created in the faceplate type. 2. Assign a functional name to the graphics list. 3. Select a graphics list type, e.g. "Range (... - ...)", under "Selection". 4. Click "Add" in the "Graphics list entries" table. A new entry is created in the list. 5. Define the values or range of values for the graphics list. 6. Select a graphic for every value or value range which is displayed in runtime when the tag is within the specified value range. 7. Select an object, e.g. a graphic I/O field, in the work area of the faceplate type. 8. Activate "Properties > Properties > General > Contents > Graphics list" in the object's Inspector window. 9. Select the "Graphics list" from the selection list. 10.Select a tag of the faceplate type in "Process > Tag". Result You have created a graphics list in the faceplate type. This graphics list is linked to an object contained in the faceplate type. You have configured a faceplate type tag at the object. See also Creating a faceplate type (Page 5153) WinCC Advanced V14 System Manual, 10/2016 5165 Visualizing processes 12.1 Creating screens Translating texts directly in the faceplate type (Panels, RT Advanced, RT Professional) Translating texts If you use several languages in your project, you can translate individual texts directly. As soon as you change the language of the software user interface, the translated texts are available in the selected language. Requirements A project is open. You have opened the "Faceplates" editor. You have created a faceplate type. The faceplate type contains at least one object with text, e.g. a text field. Procedure Proceed as follows to translate individual texts: 1. Open the "Tasks" task card. 2. Click the button under "Languages & Resources > Editing language". The "Project languages" editor opens. 3. Activate at least two project languages. 4. Open the "Texts" tab in the "Faceplates" editor. A list with the texts in the project is displayed in the work area. There is a separate column for each project language. 5. Click on the 5166 button in the toolbar to group identical texts together. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 6. To hide texts that do not have a translation, click on the button in the toolbar. 7. Click on an empty column and enter the translation. Result You have translated individual texts in the "Texts" tab of the faceplate type. The texts will then be displayed in the runtime language. Editing a faceplate type (Panels, RT Advanced, RT Professional) Introduction All faceplate types in the project library have a status. You create a faceplate type in the "in progress" status. You can edit the faceplate types as required in this status. When editing is complete, release the faceplate type. Requirement A faceplate type has been created. The faceplate type has the version 0.0.1. and the status "in progress". The "Library" task card or the library view is open. Enable faceplate type 1. Select version 0.01 of the faceplate type in the project library. 2. Select "Release version" in the shortcut menu. You have released version 0.0.1 of the faceplate type. Edit faceplate type 1. Select, for example, the released version 0.0.1 of a faceplate type in the project library. 2. Select "Edit faceplate type" in the shortcut menu. The library view opens. The new version 0.0.2 of the faceplate type has been created. The faceplate type has the "In progress" status. Restoring the last version of the faceplate type The last released version of the faceplate type is version 0.0.2. Edit the faceplate type. A new version 0.0.3 is created and the "in progress" status is assigned to it. 1. Select the faceplate type from the project library. 2. Select "Discard changes and restore type" in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 5167 Visualizing processes 12.1 Creating screens All changes to the faceplate type since the last enabling operation are rejected. The faceplate type is enabled again and has the version 0.0.2. See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) Duplicating faceplate type Introduction You can duplicate a released faceplate type and a released version of the faceplate type in the project library. Requirement A faceplate type has been created. The faceplate type is released and no version of the faceplate type has the "in progress" status. The "Libraries" task card or the library view is open. Duplicating faceplate type 1. Select a released faceplate type from the project library. 2. Select "Duplicate faceplate type" in the shortcut menu. A dialog opens. 3. Enter a name for the new faceplate type. 4. If necessary, add a comment or change the version number. The new faceplate type is in the same folder as the original. Duplicating a version of a faceplate type 1. Select a released version of a faceplate type in the project library. 2. Select "Duplicate faceplate type" in the shortcut menu. A dialog opens. 3. Enter a name for the new faceplate type. 4. If necessary, add a comment or change the version number. The new faceplate type is in the same folder as the original. 5168 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Editing a faceplate type (Page 5167) Creating a faceplate type (Page 5153) Resizing a faceplate (Panels, RT Advanced) Introduction In the faceplate type, specify the response of the faceplate when it is resized. Requirements A faceplate type has been created. You have opened the "Faceplates" editor. The Inspector window is open. Specifying the response to resizing 1. Activate "Properties > Properties > Layout > Fit to size > Auto-size". 2. Select the "Fixed aspect ratio" setting, for example. This setting retains the aspect ratio when you resize the faceplate. 3. Click the faceplate in the "Libraries" task card. 4. Select "Release version" in the shortcut menu. Result You have specified how the faceplate responds when its size in a screen is changed. You can change the response for a particular faceplate. Select a faceplate in the screen. Select the required setting in "Properties > Properties > Layout > Characteristics" in the Inspector window. See also Creating a faceplate type (Page 5153) WinCC Advanced V14 System Manual, 10/2016 5169 Visualizing processes 12.1 Creating screens Creating an instance of the faceplate type (Panels, RT Advanced, RT Professional) Introduction The faceplate type is stored in the project library. If you use the faceplate type in a screen, you create an instance of the faceplate type. Note Note that a faceplate is always configured for a particular class of HMI devices. For example, you cannot use a faceplate type that is configured for "RT Professional" in a screen on an "RT Advanced" HMI device. Note The number of faceplate instances per screen is not limited. However, you should be aware of the fact that the number of faceplate instances used, or the use of scripts in the faceplate instances, will have an impact on performance. Requirement A screen is open. The "Libraries" task card is opened. The project library is open and it contains at least one faceplate type. Note Faceplate types are also stored in global libraries. When you add a faceplate type from the global library to the screen, the system automatically saves a copy of it to the project library. The Inspector window is open. Procedure 1. Move the desired faceplate type from a library to the screen by drag&drop. Result You have created an instance of the faceplate type. The instance is given the version number of the most recently released type. Configure the properties of the faceplate in the Inspector window as required. To dynamize the faceplate, open the interface in the Inspector window. 5170 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Creating a faceplate type (Page 5153) Example: Configuring a faceplate (Page 5173) Removing faceplate from faceplate type (Panels, RT Advanced, RT Professional) Introduction Cancel application, to remove specified instances from the update of the faceplate type. Requirement A faceplate type has been created. The faceplate must be used in a minimum of one screen. Disconnect the faceplate object from faceplate type. 1. Select a faceplate on the screen. 2. In the shortcut menu, select "Disconnect faceplate object from faceplate type". Result The faceplate is independent of the associated faceplate type. Changes to the faceplate type are not updated in the faceplate. See also Creating a faceplate type (Page 5153) WinCC Advanced V14 System Manual, 10/2016 5171 Visualizing processes 12.1 Creating screens 12.1.7.3 Dynamizing faceplates Basics of dynamizing faceplates (Panels, RT Advanced, RT Professional) Use You can dynamically control events and properties of faceplates in two ways: Dynamically controlling faceplates You configure the events or dynamic properties individually for the application point on the faceplate. To do this, define in the "Faceplates" editor that these properties and events are configurable in the faceplate. To dynamize the faceplates in the "Screens" editor, use the scripts and tags that are created in the project. Dynamizing the faceplate type You dynamize the objects which are contained in the faceplate type in the "Faceplates" editor. You configure the individual objects as in the "Screens" editor. Tags and scripts are available in the "Faceplates" editor to dynamize properties and events. You do not have access to the tags and scripts of the project within the faceplate. Every faceplate created with the faceplate type has the same preconfigured dynamization. You can edit this dynamic control only in the "Faceplates" editor. Note Dynamization of instances of a faceplate type in a group You are using the instance of a faceplate type in an object group. The properties of the instance are also displayed as properties of the group. Any dynamization with tags, scripts or animations of the group is not displayed in Runtime. Animation WinCC provides preconfigured dynamic control in the "Animations" task card. You use animations to dynamize faceplates and faceplate types. See also Basics on faceplates (Page 5148) Example: Configuring a faceplate (Page 5173) Dynamizing faceplates (Panels, RT Advanced, RT Professional) Introduction You dynamize a faceplate in exactly the same way as you dynamize an object from the "Tools" task card. You connect the dynamic properties of the faceplate in the "Screens" editior with a tag or a script which supplies values to the property in runtime. You Include tags and scripts which you have created in the project for the faceplate. 5172 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Requirements A faceplate is inserted in the screen. Procedure 1. Select the faceplate. 2. In the Inspector window, open "Properties > Animation". The animations available for the selected object are displayed. 3. Select "Horizontal movement" and click the button. The parameters of the animation are displayed. A transparent copy of the object is shown in the work area, which is connected to the source object by means of an arrow. 4. Select a tag for control of movement. 5. Move the object copy to the relevant destination. The system automatically enters the pixel values of the final position in the Inspector window. 6. Customize the range of values for the tag as required. Result In Runtime, the object moves in response to every change in value of the tag that is used to control the movement. The direction of movement corresponds to the configured type of movement "horizontal". 12.1.7.4 Examples of faceplates Example: Configuring a faceplate Introduction In this example you create a faceplate in which you can convert the value of a length measuring system from kilometers into meters. The length in meters is displayed in an output field. Procedures overview The example is divided into the following steps: 1. Creating a faceplate type 2. Configuring a faceplate type 3. Creating a script in the faceplate type 4. Connecting a script with the contained objects of the faceplate type 5. Creating a faceplate and connecting with a tag WinCC Advanced V14 System Manual, 10/2016 5173 Visualizing processes 12.1 Creating screens See also Basics on faceplates (Page 5148) Example: Creating an instance of the faceplate type (Page 5178) Example: Configuring included objects (Page 5178) Example: Creating a script in the faceplate type (Page 5176) Example: Configuring a faceplate type (Page 5175) Example: Creating a faceplate type (Page 5174) Example: Creating a faceplate type Task You create a faceplate type. Requirement A screen is open. The toolbox window is displayed. Settings For the example you require objects with the following settings: Object Object name Properties Text field Label_Meter Text: Meter I/O field Output_Meter Mode: Output Button KM_to_Meter Text OFF: Convert Procedure 1. In the toolbox, click the individual objects and drag&drop the objects into the screen. 2. Set the properties as shown above. 3. Select all objects. 4. Select the "Create faceplate type" command in the shortcut menu of the multiple selection. The "Add type" window opens. 5. Enter "KMtoMeter" as type name. Result The faceplate type appears in the project library under the name "KMtoMeter". The faceplate type is assigned the "in progress" status. 5174 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Example: Configuring a faceplate (Page 5173) Example: Configuring a faceplate type Job You create the dynamic property and tag of the faceplate type. Creating a new property 1. Click "Properties" in the configuration area of the faceplate. 2. In the "Interface" list, click the icon "Add property". A new property is added to the "Interface" list. 3. Double click the name of the property and enter "KMToMeter". 4. Click the selection list and select the data type "Int". Interim result The "KMToMeter" property is displayed in the "Interface" list. The symbol identifies the dynamic property. The property will be linked to a tag in the next step. Creating a tag in the faceplate type 1. Click "Tags" in the configuration area. 2. Click "Add" in the "HMI tags" table. A new tag is added to the table. The inspector window of the tag is opened. 3. In the Inspector window, select "Properties > Properties > General": 4. Enter "BB_Tag" as the name. Select the "Int" data type. Result The "KMToMeter" property and the "BB_Tag" of the faceplate type are created in the configuration area of the "Faceplates" editor. WinCC Advanced V14 System Manual, 10/2016 5175 Visualizing processes 12.1 Creating screens See also Example: Configuring a faceplate (Page 5173) Example: Creating a script in the faceplate type (Panels, RT Advanced) Task You create a script that converts the value of a length measuring system from kilometers to meters. Procedure 1. Click "Scripts > Faceplate scripts" in the configuration area. 2. Double click "Add VB script". 3. Press the shortcut keys <CTRL+J>. The object list opens. 4. Click "HMI tags". The faceplate tag "BB_Tag" is displayed in the object list. 5. Select the faceplate type tag "BB_Tag". Confirm the selection. 6. Insert an "=" sign. 7. Press the shortcut keys <CTRL+J>. The object list is opened. 5176 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 8. Click "Properties." The dynamic property "KMtoMeter" is displayed in the object list. 9. Select the "KMToMeter" dynamic property. Confirm the selection. 10.Enter "*1000" at the end of the code. This corresponds to the conversion factor from kilometers to meters. 11.Enter the name "Script_1" under "Properties > Properties > General >Setting > Name" in the Inspector window. Result The script has been created in the faceplate type. If you use the "KMtoMeter" faceplate type in a screen, you assign a tag to the "KMtoMeter" property. The value of this tag is multiplied by factor 1000 and assigned to the tag of the faceplate type "BB_Tag" as a new value. In this way you supply values to the tags of the faceplate type. See also Example: Configuring a faceplate (Page 5173) WinCC Advanced V14 System Manual, 10/2016 5177 Visualizing processes 12.1 Creating screens Example: Configuring included objects Task You connect the included objects in the faceplate "KMtoMeter" to a faceplate tag and a faceplate script. You connect the I/O field with the "BB_Var" tag of the faceplate type. You connect the "Click" event for a button to the script "Script_1". Requirement The faceplate is displayed in the "Faceplates" editor. Interconnecting I/O field with a tag 1. Select the "Output_Meter" I/O field in the faceplate. 2. Connect the I/O field with the faceplate tag "BB_Tag" in the "General > Process > Tag" inspector window. Connecting an event to a faceplate script 1. Select the "KM_to_Meter" button in the faceplate. 2. Select "Script_1" in the inspector window under "Events > Click". Result The I/O field is connected with the tag of the faceplate type. The button is connected with the script of the faceplate type. If you click the button of the faceplate during runtime, the script is executed. The value of the tag of the faceplate is output in the I/O field. See also Example: Configuring a faceplate (Page 5173) Example: Creating an instance of the faceplate type Task You insert the faceplate type "KMtoMeter" in a screen and assign a tag to the dynamic property "KMtoMeter". 5178 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Requirement The "Screens" editor is open. A new screen has been created. Settings For the example you require a tag with the following settings: Name PLC connection Type Kilometer No ULong Procedure 1. Create the HMI tag "Kilometer" with the settings named above. 2. Open the "project library" in the "Libraries" task card. 3. Move the "KMtoMeter" faceplate type into the screen by drag&drop. 4. Click "Properties > Properties > Interface" in the Inspector window. The table shows all the properties which you can dynamize in the faceplate. 5. Click the "Dynamization" column in the "KMtoMeter" line. 6. Select "HMI tag". 7. Click the "..." button. 8. Select the tag "Kilometer" from the object list. 9. Confirm the selection. WinCC Advanced V14 System Manual, 10/2016 5179 Visualizing processes 12.1 Creating screens Result The dynamic property "KMtoMeter" is linked with the "Kilometer" tag. During runtime the dynamic property is supplied with values of the "Kilometer" tag. The values are multiplied by factor 1000 in the script of the faceplate type and assigned to the tag in the faceplate as a new value. See also Example: Configuring a faceplate (Page 5173) 12.1.8 Configuring screen navigation 12.1.8.1 Basics on screen navigation (Basic Panels, Panels, RT Advanced) Types of navigation for the screen change For a production process consisting of multiple subprocesses, you will configure multiple screens. You have the following options to enable the operator to switch from one screen to the next in Runtime: Assign buttons to screen changes Configuring screen changes at local function keys Procedure Before you create a screen change, define the plant structure and derive from it the screen changes that you want to configure. Create the start screen under "Runtime Settings > General > Start screen". See also Screen basics (Page 4979) Assigning screen change to function key (Page 5182) Assigning screen change to button (Page 5181) 5180 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 12.1.8.2 Assigning screen change to button (Panels, RT Advanced, RT Professional) Introduction Configure a button in the screen to switch between the screens on the HMI device during operation. Note If you have set the "Visibility" of animations to "Hidden" in the Inspector window of a screen, this screen cannot be called up in Runtime. Requirements You have created the project. You have created the "Screen_2" screen. "Screen_1" is created. Procedure 1. Double-click "Screen_1" in the project navigation. The screen is displayed in the work area. 2. Move "Screen_2" from the project tree to the open screen by drag&drop. A button with the name "Screen_1" is inserted. 3. In the Inspector window, select "Properties > Events > Click". The "ActivateScreen" system function is displayed in the "Function list". 4. At the "Object number" attribute, define, if required, the tab sequence number of the object on which the focus is to be set after a screen change. You can also specify a tag that contains the object number. WinCC Advanced V14 System Manual, 10/2016 5181 Visualizing processes 12.1 Creating screens Alternative procedure 1. Move a button from the "Tools" task card to "Screen2" by drag&drop. 2. In the Inspector window, select "Properties > Events > Click". 3. Select the "ActivateScreen" system function. 4. Select "Screen_2" for the "Screen number". Result The operator goes to "Screen_1 with the button in Runtime. If you have specified an object number, the object with this object number has the focus following a screen change. See also Basics on screen navigation (Page 5180) 12.1.8.3 Assigning screen change to function key Introduction Configure a screen change function key in the screen to switch between the screens on the HMI device during operation. Note If you have set the "Visibility" of animations to "Hidden" in the inspector window of a screen, this screen cannot be called up in Runtime. Requirements You have created a project. You have created the "Screen_2" screen. You have created the "Screen_1" screen. Procedure 1. Double click "Screen_1" in the project tree. The screen is displayed in the work area. 2. Move "Screen_2" from the project tree to a function key, e.g. "F2". The configured function key displays a yellow triangle. 3. Click "Properties > Events > Press key" in the inspector window. The "ActivateScreen" system function is displayed. 5182 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result The operator goes to the specified "Screen_2" with function key "F2" in Runtime. See also Basics on screen navigation (Page 5180) 12.1.9 Display and operating elements 12.1.9.1 Device dependency of the objects Objects for Basic Panels (Basic Panels) Availability of display and operating objects for Basic Panels Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and operating objects for the Basic Panels. On devices with the device version earlier than V13, configure simple display objects. On devices with the device version V13 or later, configure table-based display objects. Overview KP300 Basic KTP400 Basic KTP700 Basic PN KP400 Basic KTP600 Basic KTP900 Basic KTP1000 Basic TP1500 Basic KTP700 Basic DP KTP1200 Basic PN KTP1200 Basic DP Bar Yes Yes Yes Yes User view Yes Yes Yes Date/time field Yes Yes Yes Yes Yes I/O field Yes Yes Yes Yes Yes Ellipse Yes Yes Yes Yes Yes Graphic view Yes Yes Yes Yes Yes Graphic I/O field Yes Yes Yes Yes Yes Help indicator Yes No No No No HTML browser No No Yes No Yes Circle Yes Yes Yes Yes Trend view Yes Yes Yes 1) 1) Yes Yes Yes 1) Yes 1) Yes 1) Yes 1) Line Yes Yes Yes Yes Yes Alarm view Yes Yes Yes 1) Yes 1) Yes 1) Alarm window WinCC Advanced V14 System Manual, 10/2016 5183 Visualizing processes 12.1 Creating screens KP300 Basic KTP400 Basic KTP700 Basic PN KP400 Basic KTP600 Basic KTP900 Basic KTP700 Basic DP KTP1000 Basic TP1500 Basic KTP1200 Basic PN KTP1200 Basic DP Alarm indicator Yes Yes Yes Yes Yes Rectangle Yes Yes Yes Yes Yes Recipe view Yes Yes Yes 1) Yes 1) Yes 1) Button Yes Yes Yes Yes Yes Switch Yes Yes Yes Yes Yes Symbolic I/O field Yes Yes Yes Yes Yes System diagnostic view Yes Yes Yes 1) Yes 1) Yes 1) Text field Yes Yes Yes Yes Yes 1) The objects are displayed on the panels as table-based objects. See also Objects for Panels (Page 5184) Objects for Comfort Panels (Page 5186) Objects for Multi Panels (Page 5188) Objects for Mobile Panels (Page 5189) Objects for WinCC Runtime Advanced (Page 5191) Objects for Panels (Panels) Availability of display and operating objects for Panels Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and operating objects for the Panels. Overview OP 73 OP 77A TP 177A OP 77B TP 177B TP 277 OP 177B OP 277 Bar Yes Yes Yes Yes Yes User view Simple Simple Simple Yes Yes Watch table No No No Yes Yes Date/time field Yes Yes Yes Yes Yes I/O field Yes Yes Yes Yes Yes Ellipse No No Yes Yes Yes f(x) trend view No No No No No Function key only on keyboard units 5184 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens OP 73 OP 77A TP 177A OP 77B Graphic view Yes Yes OP 277 Yes Yes Graphic I/O field Yes Yes Yes No No No No No Help indicator Yes No No No No HTML browser No No No No No Circle No No Yes Yes Yes Trend view No No Yes Yes Yes Charge condition No No No No No Illuminated pushbutton No No No No No Line No No Yes Yes Yes Media Player No No No No No Alarm view Alarm window Simple Simple Simple Yes Yes Alarm indicator Simple No Simple Yes Yes Polygon No No No Yes Yes Polyline No No No Yes Yes Rectangle No No Yes Yes Yes Recipe view No Simple Simple Yes Yes Button Yes Yes Yes Yes Yes Switch Yes 2) Yes 2) Yes 2) Yes Yes Slider No No No Yes Yes Key switch No No No No No Sm@rtClient view No No No Yes Yes Symbol library No No No Yes Yes Symbolic I/O field Yes Yes Yes Yes Yes System diagnostic view No No No No No System diagnostics win dow No No No No No Text field Yes Yes Yes Yes Yes Clock No No No No No Effective range signal No No No No No Effective range name No No No No No Effective range name (RFID) No No No No No WLAN reception No No No No No Gauge No No Yes Yes Yes Zone name No No No No No Zone signal No No No No No WinCC Advanced V14 System Manual, 10/2016 1) Yes TP 277 OP 177B Handwheel 1) Yes Yes TP 177B 1) 5185 Visualizing processes 12.1 Creating screens 1) 2) Only two different graphics can be used. Only the "Switch with text" and "Switch with graphic" types can be used. See also Objects for Basic Panels (Page 5183) Objects for Comfort Panels (Panels) Availability of display and operating elements for Comfort Panels Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and control objects on Comfort Panels. Overview KP400 Comfort KP700 Comfort KP900 Comfort KTP400 Com fort TP700 Comfort TP900 Comfort KP1200 Com KP1500 Com fort fort Bar Yes Yes Yes Yes Yes Yes User view Yes Yes Yes Yes Yes Yes Watch table Yes Yes Yes Yes Yes Yes Date/time field Yes Yes Yes Yes Yes Yes I/O field Yes Yes Yes Yes Yes Yes Ellipse Yes Yes Yes Yes Yes Yes f(x) trend view Yes Yes Yes Yes Yes Yes Function key only on keyboard units Graphic view Yes Yes Yes Yes Yes Yes Graphic I/O field Yes Yes Yes Yes Yes Yes GRAPH over view Yes Yes Yes Yes Yes Yes Handwheel No No No No No No Help indicator No No No No No No HTML browser No Yes Yes Yes Yes Yes Camera view Yes Yes Yes Yes Yes Yes Circle Yes Yes Yes Yes Yes Yes Trend view Yes Yes Yes Yes Yes Yes Charge condi tion No No No No No No Illuminated pushbutton No No No No No No 5186 TP1200 Com TP1500 Com fort fort TP1900 Comfort TP2200 Comfort WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens KP400 Comfort KP700 Comfort KP900 Comfort KTP400 Com fort TP700 Comfort TP900 Comfort KP1200 Com KP1500 Com fort fort Line Yes Yes Yes Yes Yes Yes Media Player Yes Yes Yes Yes Yes Yes Alarm view Alarm window Yes Yes Yes Yes Yes Yes Alarm indicator Yes Yes Yes Yes Yes Yes PDF viewer Yes Yes Yes Yes Yes Yes TP1200 Com TP1500 Com fort fort TP1900 Comfort TP2200 Comfort PLC code view No Yes Yes Yes Yes Yes Polygon Yes Yes Yes Yes Yes Yes Polyline Yes Yes Yes Yes Yes Yes ProDiag over view Yes Yes Yes Yes Yes Yes Rectangle Yes Yes Yes Yes Yes Yes Recipe view Yes Yes Yes Yes Yes Yes Button Yes Yes Yes Yes Yes Yes Switch Yes Yes Yes Yes Yes Yes Slider Yes Yes Yes Yes Yes Yes Key switch No No No No No No Sm@rtClient view Yes Yes Yes Yes Yes Yes Symbol library Yes Yes Yes Yes Yes Yes Symbolic I/O field Yes Yes Yes Yes Yes Yes System diag nostic view Yes Yes Yes Yes Yes Yes System diag nostics window Yes Yes Yes Yes Yes Yes Text field Yes Yes Yes Yes Yes Yes Clock Yes Yes Yes Yes Yes Yes Effective range signal No No No No No No Effective range name No No No No No No Effective range name (RFID) No No No No No No WLAN reception No No No No No No Gauge Yes Yes Yes Yes Yes Yes Zone name No No No No No No Zone signal No No No No No No WinCC Advanced V14 System Manual, 10/2016 5187 Visualizing processes 12.1 Creating screens See also Objects for Basic Panels (Page 5183) Objects for Multi Panels (Panels) Availability of display and operating elements for Multi Panels Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and control objects for the Multi Panels. Overview MP 177 MP 277 MP 377 Bar Yes Yes Yes User view Yes Yes Yes Watch table Yes Yes Yes Date/time field Yes Yes Yes I/O field Yes Yes Yes Ellipse Yes Yes Yes f(x) trend view No No No Function key only on keyboard units Graphic view Yes Yes Yes Graphic I/O field Yes Yes Yes Handwheel No No No Help indicator No No No HTML browser No No No Circle Yes Yes Yes Trend view Yes Yes Yes Charge condition No No No Illuminated pushbutton No No No Line Yes Yes Yes Media Player No No Yes Alarm view Alarm window Yes Yes Yes Alarm indicator Yes Yes Yes Polygon Yes Yes Yes Polyline Yes Yes Yes Rectangle Yes Yes Yes Recipe view Yes Yes Yes Button Yes Yes Yes Switch Yes Yes Yes Slider Yes Yes Yes 5188 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens MP 177 MP 277 MP 377 Key switch No No No Sm@rtClient view Yes Yes Yes Symbol library Yes Yes Yes Symbolic I/O field Yes Yes Yes System diagnostic view No No No System diagnostics window No No No Text field Yes Yes Yes Clock Yes Yes Yes Effective range signal No No No Effective range name No No No Effective range name (RFID) No No No WLAN reception No No No Gauge Yes Yes Yes Zone name No No No Zone signal No No No See also Objects for Basic Panels (Page 5183) Objects for Mobile Panels (Panels) Availability of display and operating elements for Mobile Panels Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and control objects for the Mobile Panels. Overview Mo bile Panel 177 DP Mo bile Panel 177 PN Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP700 Mobile KTP400F Mobile KTP700F Mobile KTP900 Mobile KTP900F Mobile Bar Yes Yes Yes Yes Yes Yes Yes Yes User view Yes Yes Yes Yes Yes Yes Yes Yes Watch table Yes Yes Yes Yes Yes Yes Yes Yes Date/time field Yes Yes Yes Yes Yes Yes Yes Yes I/O field Yes Yes Yes Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5189 Visualizing processes 12.1 Creating screens Mo bile Panel 177 DP Mo bile Panel 177 PN Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP700 Mobile KTP400F Mobile KTP700F Mobile KTP900 Mobile KTP900F Mobile Ellipse Yes Yes Yes Yes Yes Yes Yes Yes f(x) trend view No No No No No No Yes Yes Function key Yes Yes Yes Yes Yes Yes Yes Yes Graphic view Yes Yes Yes Yes Yes Yes Yes Yes Graphic I/O field Yes Yes Yes Yes Yes Yes Yes Yes GRAPH overview No No No No No No Yes Yes Handwheel Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) No No Help indicator No No No No No No No No HTML browser No No No No No No Yes Yes Camera view No No No No No No Yes Yes Circle Yes Yes Yes Yes Yes Yes Yes Yes Trend view Yes Yes Yes Yes Yes Yes Yes Yes Charge condition No No No Yes Yes Yes No Illuminated push button Yes Line Yes Yes Yes Yes Yes Yes Yes Yes Media Player No No No No No No No No Alarm view Alarm window Yes Yes Yes Yes Yes Yes Yes Yes Alarm indicator Yes Yes Yes Yes Yes Yes Yes Yes PDF viewer No No No No No No Yes Yes PLC code view No No No No No No Yes No Polygon Yes Yes Yes Yes Yes Yes Yes Yes Polyline Yes Yes Yes Yes Yes Yes Yes Yes ProDiag overview No No No No No No Yes No Rectangle Yes Yes Yes Yes Yes Yes Yes Yes Recipe view Yes Yes Yes Yes Yes Yes Yes Yes Button Yes Yes Yes Yes Yes Yes Yes Yes Switch Yes Yes Yes Yes Yes Yes Yes Yes Slider Yes Yes Yes Yes Yes Yes Yes Yes Key switch Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Sm@rtClient view No Yes Yes Yes Yes Yes Yes Yes Symbol library Yes Yes Yes Yes Yes Yes Yes Yes Symbolic I/O field Yes Yes Yes Yes Yes Yes Yes Yes 5190 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes 1) Yes No 1) Yes 1) WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Mo bile Panel 177 DP Mo bile Panel 177 PN Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP700 Mobile KTP400F Mobile KTP700F Mobile KTP900 Mobile KTP900F Mobile System diagnos tic view No No No No No No Yes Yes System diagnos tics window No No No No No No Yes Yes Text field Yes Yes Yes Yes Yes Yes Yes Yes Clock No No Yes Yes Yes Yes Yes Yes Effective range signal No No No No Yes No No No Effective range name No No No No Yes No No No Effective range name (RFID) No No No No No Yes No No WLAN reception No No No Yes Yes Yes No No Gauge Yes Yes Yes Yes Yes Yes Yes Yes Zone name No No No Yes Yes No No No Zone signal No No No Yes Yes No No No 1) optional operator control See also Objects for Basic Panels (Page 5183) Objects for WinCC Runtime Advanced (RT Advanced) Availability of display and operating elements for WinCC Runtime Advanced Only the objects which can be used for the device you are configuring will be shown in the object window. The following table shows the availability of indicator and control objects for WinCC Runtime Advanced. Overview WinCC Runtime Advanced Bar Yes User view Yes WinCC Advanced V14 System Manual, 10/2016 5191 Visualizing processes 12.1 Creating screens WinCC Runtime Advanced Watch table Yes Date/time field Yes I/O field Yes Ellipse Yes f(x) trend view Yes Function key No Graphic view Yes Graphic I/O field Yes GRAPH overview Yes Handwheel No Help indicator No HTML browser Yes Camera view No Circle Yes Trend view Yes Charge condition No Illuminated pushbutton No Line Yes Media Player No Alarm view Alarm window Yes Alarm indicator Yes PDF viewer Yes PLC code view Yes Polygon Yes Polyline Yes ProDiag overview Yes Rectangle Yes Recipe view Yes Switch Yes Button Yes Slider Yes Key switch No Sm@rtClient view Yes Symbol library Yes Symbolic I/O field Yes System diagnostic view Yes System diagnostics window Yes Text field Yes Clock Yes Effective range signal No 5192 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens WinCC Runtime Advanced Effective range name No Effective range name (RFID) No WLAN reception No Gauge Yes Zone name No Zone signal No See also Objects for Basic Panels (Page 5183) PDF view (Page 5250) 12.1.9.2 Objects Bar (Basic Panels, Panels, RT Advanced) Use The tags are displayed graphically using the "Bar" object. The bar graph can be labeled with a scale of values. Layout In the Inspector window, you customize the settings for the position, shape, style, color, and font types of the object. You can adapt the following properties in particular: Color transition: Specifies the change in color display when limit values are exceeded. Displaying the limit lines / limit markers: Shows the configured limit as a line or marker. Define bar segments: Defines the gradations on the bar scale. Define scale gradation: Defines the subdivisions, scale markings and intervals of a bar scale. WinCC Advanced V14 System Manual, 10/2016 5193 Visualizing processes 12.1 Creating screens Color transition You define how the color change is represented in "Properties > Properties > Appearance" in the Inspector window. Color transition Description "Segmented" If a particular limit was reached, the bar changes color segment by segment. With segment by segment representation, you visualize, for example, which limits are exceeded by the displayed value. "Entire bar" If a particular limit was reached, the entire bar changes color. Displaying limit lines and limit markers You display the configured limit in the bar as a line or marking in Runtime using the "Lines" and "Markings" property: 1. In the Inspector window, select "Properties > Properties > Appearance": 2. Activate "Lines" and "Markings". Define bar segments Use the "Subdivisions" property to define the number of segments into which the bar is divided by the main gradations on the scale. Use the "Interval" property to divide the distance between the main gradations. The value appears as the difference in value between two adjacent main gradations: 1. In the Inspector window, select "Properties > Properties > Scales": 2. Activate "Show scale." 3. Select the corresponding value for "Settings > Subdivisions". 4. Select the corresponding value for "Settings > Marks label". 5. Select the corresponding value for "Large interval > Interval". Configuring limits/ranges You can represent limits and ranges in different colors. Define the colors in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Limits/Ranges". 2. Activate the limits/ranges that are to be displayed in Runtime 3. If necessary, change the default colors for the limits/ranges. 5194 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note If you select the option "Show ranges of tags", you can display up to five ranges in a slider with values that can be specified via a process tag. You define the values for the ranges with a process tag, which you interconnect with the screen object. The "Show ranges of tags" option is available for Comfort Panels, KTP Mobile Panels and RT Advanced. Note If the "Show ranges of tags" option is enabled, the setting "Color gradient Segmented" under "Properties > Appearance > Bar" has no effect in Runtime. See also Device dependency of the objects (Page 5183) User view (as of V13) (Basic Panels, Panels, RT Advanced) Application The "User view" object is used to set up and administer users and authorizations. The user view is used, for example, to create new users in Runtime and assign them to a user group. On HMI devices with device version V13 or later, the table-based user view is available for managing users and authorizations. WinCC Advanced V14 System Manual, 10/2016 5195 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Number of lines: Specifies the maximum number of visible entries. Columns moveable: Specifies whether the operator can change the sequence of columns in Runtime. In addition, you set the borders, the fill pattern and the colors of the table header in the Inspector window. Number of lines The number of lines in the user view displayed in Runtime is specified in the Inspector window. The setting for the number of lines is only effective if "Fit object to contents" is active. 1. Click "Properties > Properties > View" in the Inspector window. 2. Enter an integer value under "Number of lines". 3. Click "Properties > Properties > Layout" in the Inspector window. 4. Select "Fit object to contents". Columns moveable The operator can change the sequence of columns in Runtime with the "Columns moveable" property. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Activate "Columns moveable". Column width In the Inspector window, you can change the width of columns displayed in runtime. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Enter integer values for the column width under "Columns". Note The "Password" column is a dynamic column: it adapts to the outer dimensions of the object so that the object content occupies the entire width. The column width you assign is applied as the minimum size. In a dynamic column, the minimum size is changed; however, the width is displayed dynamically to fill the display. 5196 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens User view, simple Application The "User view" object is used to set up and administer users and authorizations. Note Do not use the user view in a group. Note The "Simple user view" object cannot be operated dynamically with a script. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Number of lines: Specifies the maximum number of visible entries. Number of lines The number of lines in the user view displayed in Runtime is specified in the Inspector window. The setting for the number of lines is only effective if the property "Fit object to contents" is active. 1. In the Inspector window, select "Properties > Properties > View". 2. Enter an integer value under "Number of lines". 3. In the Inspector window, activate "Properties > Properties > Layout". 4. Select "Fit object to contents". WinCC Advanced V14 System Manual, 10/2016 5197 Visualizing processes 12.1 Creating screens Display in Runtime The appearance depends on the authorizations: All users on the HMI device are displayed in the User view to the administrator or to a user with administrator authorizations. For a user without administrator rights, only the user's own entry is shown. Operation Depending on the configuration you can: Manage users, e.g. create, delete. Change existing user data. Export or import user data. Note The number is limited to 100 users and one PLC user on an HMI device. This restriction does not apply to PCs. On a PC, the maximum number of users is restricted by the physical memory. User view, advanced Application The "User view" object is used to set up and administer users and authorizations. The user view is used, for example, to create new users in Runtime and assign them to a user group. Note Configure only one user view at a time in one screen on the HMI devices TP 177A 6", TP 177A 6" (Portrait), OP 73 and OP 77A. Otherwise, a corresponding error message appears during generation. Advanced user view Depending on the HMI devices, the extended or simple user view is available for administration of users and authorizations. 5198 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Changing the view type On HMI devices with a display size larger than 6 ", you can configure both the advanced user view and a simplified user view. The view type is only available for configuration on devices up to device version V13. Proceed as follows to configure the appropriate user view: 1. Click "Properties > Properties > Layout > Mode" in the Inspector window. 2. Select "Simplified" or "Advanced". Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Number of lines: Specifies the maximum number of visible entries. Columns moveable: Specifies whether the operator can change the sequence of columns in Runtime. Number of lines The number of lines in the user view displayed in Runtime is specified in the Inspector window. The setting for the number of lines is only effective if "Fit object to contents" is active. 1. Click "Properties > Properties > View" in the Inspector window. 2. Enter an integer value under "Number of lines". 3. Click "Properties > Properties > Layout" in the Inspector window. 4. Select "Fit object to contents". Columns moveable The operator can change the sequence of columns in Runtime with the "Columns movable" property. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Activate "Columns moveable". This option is only available at the complex user view. WinCC Advanced V14 System Manual, 10/2016 5199 Visualizing processes 12.1 Creating screens See also Configuring a user view (Page 5675) User view (Page 5674) Creating users (Page 5675) Device dependency of the objects (Page 5183) Watch table (Panels, RT Advanced) Use The "Watch table" object is used to configure an editor that will allow you to process single address areas of a SIMATIC S7 in runtime. Note The "Watch table" object is enabled for the following PLCs: SIMATIC S7-300 SIMATIC S7-400 Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: PLC type: Specifies the PLC type in the object for which the address area is output in runtime. Operator controls: Specifies the controls of the object. 5200 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Visible columns: Specifies the displayed columns in Runtime. Columns moveable: Specifies whether the operator can change the sequence of columns in Runtime. Operator controls Set the control elements that you can use to control the "Watch table" object in runtime under "Properties > Properties > Display" in the "Settings" area of the inspector window. Function This button refreshes the display in the status value column. Use this button to accept the new value in the control value column. The control value is then written to the PLC. Visible columns The columns that are displayed in runtime are specified in the Inspector window in the "General" group in the "Visible columns" area. Column Description "Connection" The PLC of which the address areas are displayed. "Type" "DB number" "Offset" "Bit" The address area of the operand. "Data type" "Format" The data type of the operand. "Status value" The value that was read from the specified address of the operand. "Control value" The value written to the specified address of the operand. Sequence of columns The operator can use the "Column ordering" property to change the sequence of columns in runtime. 1. Select "Properties > Properties > Columns" in the Inspector window. 2. Activate "Properties of columns > Sequence of columns". System functions Two system functions are available for updating the values in the watch table and transferring the values to the PLC: StatusSteuernLeseWerte StatusSteuernSchreibeWerte WinCC Advanced V14 System Manual, 10/2016 5201 Visualizing processes 12.1 Creating screens See also Device dependency of the objects (Page 5183) Date/time field Application The "Date/time field" object shows the system time and the system date. The appearance of the "Date/time field" depends on the language set on the HMI device. Layout In the Inspector window, you customize the position, style, colors and font types of the object. You can adapt the following properties in particular: Display system time: Specifies that the system time is displayed. Include tag: Specifies that the time of the connected tag is displayed. Long date/time format: This setting defines the format displayed for the data and time. Display system time The time displayed in the "Date/time field" on the HMI device is specified in the Inspector window. 1. In the Inspector window, select "Properties > Properties > General". 2. Select "Format > System time". Using tags The time of the interconnected tag is displayed in the date/time field. 1. In the Inspector window, select "Properties > Properties > General". 2. In the "Format" area, select a tag with the "DateTime" data type, e.g. an internal tag. Long date/time format Visualization of the date and time is specified in the "Format" area under "General" in the Inspector window. 5202 Option Description "Enabled" Date and time are displayed in full, e.g. "Sunday, December 31, 2000 10:59:59 AM" "Disabled" Date and time are displayed in short form, e.g. "12/31/2000 10:59:59 AM" WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Behavior during operation When the operator ignores the syntax when entering values, or enters illegal values, the system rejects these. Instead, the original value (plus the time that has elapsed in the meantime) appears in the date/time field and a system event is displayed on the HMI device. See also Example: 2. Configuring a Date/time field (Page 6054) Device dependency of the objects (Page 5183) I/O field Application The "I/O field" object is used to enter and display process values. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Mode: Specifies the response of the object in Runtime. Display format: Specifies the display format in the I/O field for input and output of values. Hidden input: Specifies whether the input value is displayed normally or encrypted during input. Note Reports In reports, I/O fields only output data. "Output" mode is preset. Properties for configuring input are not available, e.g. "hidden input". Mode The response of the I/O field is specified in the Inspector window in "Properties > Properties > General > Type". WinCC Advanced V14 System Manual, 10/2016 Mode Description "Input" Values can only be input into the I/O field in Runtime. "Input/output" Values can be input and output in the I/O field in Runtime. "Output" The I/O field is used for the output of values only. 5203 Visualizing processes 12.1 Creating screens Layout The "display format" for the input and output of values is specified in "Properties > Properties > General > Format" in the Inspector window. Layout "Binary" Input and output of values in binary form "Date" Input and output of date information. The format depends on the language setting on the HMI device. "Date/time" Input and output of date and time information. The format depends on the lan guage setting on the HMI device. "Decimal" Input and output of values in decimal form "Hexadecimal" Input and output of values in hexadecimal form "Time" Input and output of times. The format depends on the language setting on the HMI device. "Character string" Input and output of character strings. Note Data formats Not all data formats are available for selection for Runtime Professional. Hidden input In Runtime the input can be displayed normally or encrypted, for example for hidden input of a password. A "*" is displayed for every character during hidden input. The data format of the value entered cannot be recognized. 1. In the Inspector window, select "Properties > Properties > Response": 2. Select "Hidden input". Avoid overlaps in output fields If several I/O fields are configured as output fields with a transparent background in a screen, these I/O fields may overlap. The transparent part of the one field covers the digits of the other field. This may cause display problems in Runtime. In order to avoid such overlaps, set the borders of the I/O fields to zero in the object properties under "Properties > Properties > Appearance". Select "Properties > Properties > Layout > Fit object to contents." Limits Under "Properties > Properties > Limits" in the Inspector window, set the colors for the values that violate the high or low limits. You define the limits via the properties of a tag. In Runtime Professional you can specify if the colors should be used. When there is a limit violation during Runtime, the background color of the I/O field changes according to your configuration, even if the I/O field is in "Input" mode. 5204 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens In Runtime Professional, you can also define the limit range for the entry in the I/O field via "Properties > Properties > Limits". If you enter a numeric value outside this limit, it is not applied; for example, 80 with a limit of 78. In this case, the HMI device generates a system event, if an alarm window is configured. The original value is displayed again. Decimal places for numerical values The configuration engineer can define the number of decimal places for a numerical input field. The number of decimal places is checked when you enter a value in this type of I/O field. Decimal places in excess of the limit are ignored. Empty decimal places are filled with "0". Behavior when switching between input fields When you change to another input field within the same screen, and the screen keyboard appears, the "Exit field" event is not executed for the previous field unless you close the screen keyboard. See also Using multiple tags simultaneously in a screen (Page 5322) Ellipse Application The "Ellipse" is an enclosed object that can be filled with a color or pattern. Layout In the Inspector window you can customize the settings for the object position, geometry, style, frame and color. You can adapt the following properties in particular: Horizontal radius: Specifies the horizontal radius of the elliptical object. Vertical radius: Specifies the vertical radius of the elliptical object. Horizontal radius The horizontal radius of the "Ellipse" object is specified in the Inspector window. The value is entered in pixels. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter a value between 0 and 2500 under "Horizontal." WinCC Advanced V14 System Manual, 10/2016 5205 Visualizing processes 12.1 Creating screens Vertical radius The vertical radius of the "Ellipse" object is specified in the Inspector window. The value is entered in pixels. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter a value between 0 and 2500 at "Vertical." See also Rotating objects (Page 5039) Flipping objects (Page 5041) Device dependency of the objects (Page 5183) f(x) trend view (Panels, RT Advanced) Application You use the "f(x) trend view" object to represent the values of a tag as a function of another tag. This means that you can present temperature trends as a function of the pressure, for example. Layout In the Inspector window, you customize the position, geometry, style, colors and font types of the object. You can adapt the following properties in particular: Adding and configuring trends Configuring a diagram Window settings Persistence Toolbar 5206 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring trends You create and configure trends in the Inspector window "Properties > Properties > Properties > Trend". 1. Select the data supply for the trend in the "Data source" column. - "Logging tag": The trend view is supplied with values from a data log. - "Tags": The trend view is supplied with current values from the PLC. The values are constantly updated. 2. Configure the area of the trend display under "Data area". - "Time span": You define the time range using a starting time and a following time span. - "End time": You define the time range using a starting time and an end time. - "Measuring points": You define the time range using a starting time and a number of measuring points. 3. Configure the value range of the trend display under "X axis" and "Y axis". 4. Under "Limits", configure the colored marking of specific values, .e.g. high and low limit, uncertain status. Configuring a diagram Configure the display of several trends under "Properties > Properties > Appearance": Common diagram or separate diagrams Common or separate axes Writing direction of all trends Toolbar In Runtime, the operator controls of the f(x) trend view are defined in the "Properties > Properties > Toolbar" Inspector window. The following operator controls are available for the f(x) trend view: Button Name Function Zoom +/- Increases or decreases the size of the trends in the trend window. Increase the size of the trends by left-clicking with the mouse. Hold down <Shift> and left-click to decrease the size of the trends. Zoom area Increases the size of any section of the trend window. Specify an area in the trend window by using the mouse. This area of the trend window is enlarged. Zoom X axis Increases or decreases the size of the X axis in the trend window. Enlarge the X axis by left-clicking with the mouse. Hold down <Shift> and left-click to decrease the size of the X axis. Zoom Y axis Increases or decreases the size of the Y axis in the trend window. Enlarge the Y axis by left-clicking with the mouse. Hold down <Shift> and left-click to decrease the size of the Y axis. Trend area Shift the trends in the trend window along the X axis and Y axis by using this button. WinCC Advanced V14 System Manual, 10/2016 5207 Visualizing processes 12.1 Creating screens Button Name Function Axis area Shift the trends in the trend window along the value axis by using this button. Original view Switches from the magnified trend view back to the normal view. Start/stop Stops and starts the trend update. The values are buffered and up dated as soon as you start trend update again. Ruler Determines the coordination of a point of the trend. The order of the buttons is fixed. The operator can set up individual key assignments, and shortcuts for every button on the toolbar. See also Bar (Page 5193) Trend view (Page 5226) Device dependency of the objects (Page 5183) Graphic view Application The "Graphic view" object is used to display graphics. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Graphic: Specifies the graphic file that is displayed in the object. Adjust graphic: Specifies the automatic size stretching for objects with graphics. Transparent color: Specify whether or not the transparent color is used for the graphic. 5208 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Inserting graphics Use the following image formats in the "Graphic Display" object: *.bmp, *.tif, *.png, *.ico, *.emf, *.wmf, *.gif, *.jpg or *.jpeg. You may also use graphics as OLE objects in the Graphic view . 1. Click "Properties > Properties > General" in the Inspector window. 2. Select the graphic that you wish to insert. The graphic preview is shown in the right pane. You have the option to create the graphic from a file using the button. new graphic from an OLE object using the button, or to create a 3. Click "Apply" to insert the graphic in the Graphic view . Adjust graphic Whether a graphic displayed in a Graphic view is stretched to the size of the Graphic view in runtime is specified in the Inspector window. Option Description "No auto-sizing" The size is not automatically adapted in Runtime. "Fit graphic to object size" The graphic is automatically adapted to the object size in Runtime. "Fit object size to graphic" Graphic display is adapted to the largest used graphic and other graphics are stretch ed. "Adjust object size to graphic" Graphic display is adapted to the largest used graphic but the other graphics retain their original size. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select the required size adjustment for the graphic. WinCC Advanced V14 System Manual, 10/2016 5209 Visualizing processes 12.1 Creating screens Transparent color This property defines whether the transparent color is used for the graphic to be displayed. 1. Click "Properties > Properties > Appearance" in the Inspector window: 2. Select "Background > Transparent". 3. Select a transparent color. Note When using bitmaps in WinCC screens the "Transparent color" setting demands a high character performance in the layout on the panel. Visualization performance is enhanced by disabling the "Transparent" setting in the properties of the relevant display object. This restriction applies in particular when bitmaps are used as background image. Note Basic Panels The "Transparent" property is not available for Basic Panels. Note If the selected transparent color of the graphics is not shown properly despite an enabled "Transparent" property, the color in the graphics is not entirely consistent with the selected color. For example, the selected transparent color [R=255;G=255;B=255] looks almost exactly like the color in the graphic that is expected to be transparent [R=255;G=251;B=255]. In this case, the graphics used in the object must be reedited. Under "Project Navigation > Languages & Resources > Graphics", select the graphic that you want to display transparently. From the shortcut menu of the default graphic, select the "Edit" command and fill in the background of the graph with the desired color that appears transparent in the screen. Save the graphic. See also Options for editing objects (Page 5029) Storing an external image in the graphics library (Page 5068) Device dependency of the objects (Page 5183) Graphic I/O field (Basic Panels, Panels, RT Advanced) Application The "Graphic I/O field" object can be used to configure a list for display and selection of graphic files. 5210 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Scroll bar type: Specifies the graphic layout of the scroll bar. Mode: Specifies the response of the object in Runtime. Note Scroll bar The "Scroll bar > Type" property is available for Panels and Runtime Advanced up to device version V12. Note Reports Graphic I/O fields output exclusively graphics in reports. "Output" mode is preset. Properties for configuring the selection of graphics are not available, e.g. "scroll bar". Note Border You can configure the width and the style of the border of a graphic I/O field in the "Two states" mode. Mode The response of the "Graphic I/O field" object is specified under "Properties > Properties > General > Type > Mode" in the Inspector window. Mode Description "Input" The "Graphic I/O field" object is only used to select graphics. "Input/output" The "Graphic I/O field" object is used to select and display graphics. "Output" The "Graphic I/O field" object is used to display graphics only. "Two states" The "Graphic I/O field" object is only used to display graphics and can have a maximum of two states. You use no graphics list but insert one graphic each for the "ON" and "OFF" state. Adjust graphic Whether a graphic displayed in a graphic I/O field is stretched to the size of the view in Runtime is specified in the Inspector window. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select the required size adjustment for the graphic. WinCC Advanced V14 System Manual, 10/2016 5211 Visualizing processes 12.1 Creating screens Scroll bar type The response for the graphic representation of the scroll bar is specified under "Properties > Properties > Appearance > Scroll Bar > Type" in the Inspector window. Type Description "Permanent" The scroll bar is always visible. "No scrollbar" The scroll bar is not visible. "Visible after clicking" The scroll bar is made visible by a mouse click. Behavior during operation If the graphic I/O field displays a cactus image, a graphic to be output for a specific value has not been defined in the project. The contents of the graphic I/O field change color to show that it is now activated. The frame in 3D is only shown graphically in an output field. See also Symbolic I/O field (Page 5282) Device dependency of the objects (Page 5183) GRAPH overview (Panels, RT Advanced, RT Professional) Use The "GRAPH Overview" object is used to display the current program status for executed steps of the GRAPH sequencer. Errors during execution of a program are displayed directly at the corresponding step. The following information is displayed in the "GRAPH Overview" object: Name and status of the function block Status of initial and simultaneous steps Number and name of the first step currently executed step Operating mode for running the GRAPH sequencer Note The "GRAPH Overview" object cannot be used in faceplates or in the global screen. 5212 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note Device dependency of the "GRAPH Overview" object The "GRAPH Overview" object is available for RT Advanced, RT Professional, Comfort Panels and KTP Mobile Panels. Layout In the Inspector window, you customize the position, style, colors and font types of the object. You can adapt the following properties in particular: Assigned GRAPH DB tag Buttons on the toolbar Operating mode Four operating modes are available for running the GRAPH sequence: Auto (default setting) - Automatically switches to the next step when the transition is fulfilled. TAP - Automatically switches to the next step when the transition is fulfilled and there is an edge change from "0" to "1" at the T_PUSH parameter. TOP - Automatically switches to the next step when the transition is fulfilled or there is an edge change from "0" to "1" at the T_PUSH parameter. Manual - The next step is not automatically enabled when the transition is fulfilled. The steps can be selected and deselected manually. Note You set the operating mode by modifying the interface parameters of the GRAPH block in your control program. In WinCC Runtime Professional, you have the option of editing the name of the operating mode that is displayed in the GRAPH overview. Configuring a compact view You can also configure the GRAPH overview compactly without the buttons of the toolbar or the operating mode display, which was already possible in WinCC Professional prior to version V14. To display the GRAPH overview compactly in single-line compatibility mode, select the "Singleline mode" option under "Properties > Appearance > Options". WinCC Advanced V14 System Manual, 10/2016 5213 Visualizing processes 12.1 Creating screens Symbols You specify the symbols that are displayed in the GRAPH Overview in the Inspector window under "Properties > Appearance > Options". The following symbols are available for GRAPH Overview: Icon Name Function Error Indicates that an error has occurred during the execution of a step. Initial step Indicates that the currently executing step is the first step in the GRAPH block. Simultaneous step Shows that there are other simultaneous steps in the GRAPH block in addition to the current one. Buttons You specify the buttons that are displayed in the GRAPH Overview under "Properties > Toolbar > General". Button Name Function Next step Jumps to the next step, if the GRAPH block contains more than four steps. Last step Jumps to the first step of the sequencer when the final step has been reached. Alarm view Opens the configured alarm view with the error message in Panels and RT Advanced. Opens the configured alarm view with the error message in RT Professio nal. PLC code view Opens the configured PLC code view. Display the current program status A PLC including a GRAPH instance data block has been created and contains at least one PLC tag which is visible in and accessible from the HMI. 1. In the Inspector window, select "Properties > Properties > General". 2. Open the selection button under the "Assigned GraphDB tag" property. The "Add new object" dialog opens. 3. Select the corresponding PLC in the "Program blocks" folder. 4. Select the corresponding PLC tag of the GRAPH instance data block. 5. You can dynamize the properties in the "GRAPH Overview" object using tags and colorcode the states. You can find a detailed description of dynamizing a property in the section AUTOHOTSPOT. 5214 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note If no connection exists between the HMI device and the selected PLC, a connection is set up automatically. In addition, an HMI tag is created which is connected to the PLC tag. See also Supervising machinery and plants with ProDiag (Page 6074) Configuring a GRAPH overview (Page 6085) Basics on dynamizing screens (Page 5106) Options for editing objects (Page 5029) Device dependency of the objects (Page 5183) Handwheel (Panels) Application The object "Handwheel" is a control element for some SIMATIC Mobile Panels. You can enter incremental values in Runtime using the "HandWheel" object. Layout You can set the following property in the Inspector window: Tag: Specifies the tags to which the "HandWheel" object is linked. WinCC Advanced V14 System Manual, 10/2016 5215 Visualizing processes 12.1 Creating screens Tag Global assignment The "Tag" property is specified in the template for the global assignment of the "HandWheel" object. There is only one template for each HMI device. 1. In the Inspector window, select "Properties > Properties > General": 2. Select a tag from the selection list under "Settings > Tag". Local assignment The "HandWheel" object is assigned to another tag. To do so you configure a function that assigns the tag to the handwheel in Runtime. Example for configuration to a button: 1. Open the screen in which the "HandWheel" object is assigned to another tag. 2. Drag the "Button" object from the toolbox to the screen. Select the button on your screen. 3. Click "Properties > Events > Click" in the Inspector window. 4. The "Function list" dialog box opens. Click the first line of the function list. The list of system functions and scripts available in the project appears. 5. Select the system function "SetTagToHandWheel" from the "Other functions" group. Select a tag from the combo box at "Value". Note The Mobile Panel may ignore the change of the value in the PLC made at another location while the handwheel is being operated. The value is the PLC is overwritten again. See also Illuminated pushbutton (Page 5229) Device dependency of the objects (Page 5183) Help indicator (Basic Panels) Application The object "help indicator" is available for the HMI devices OP 73 and KP300 Basic. If a a tooltip exists for the selected object, the help indicator is displayed during runtime. If a tooltip was configured for the opened screen, the help indicator always remains visible. You configure the object "help indicator" exclusively in the global screen. 5216 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout You can adapt the following properties in the Inspector window: Position: Determines the position of the object "Help indicator." Position You can use this property to set the position of the object "Help indicator." 1. Select the object "Help indicator" in the template. 2. In the Inspector window, select "Properties > Properties > Layout". 3. Enter a value for X and Y. You can also use the cursor keys to position the selected object. If you have configured a screen object at this position, the visible help indicator covers the screen object. The help indicator is covered only by incoming system alarms and dialogs. See also Device dependency of the objects (Page 5183) HTML browser (Basic Panels, Panels, RT Advanced) Use The "HTML Browser" object is designed for the visualization of simple HTML pages. This function allows you to draw up machine-specific descriptions which are stored centrally and which can then be displayed from different HMI devices. Note Switching the functionality of the HTML Browser to that of a file explorer by one of the following methods, for example, is not authorized in the context of WinCC: Entering a folder or drive, for example "\" or "C:", or Connecting to an FTP server, for example "ftp://" One reason is to prevent inadvertent changes to files, their deletion or execution. When configuring, ensure that the operator can only enter valid Internet addresses, for example, by using symbolic I/O fields. Configure a password-protected input for service purposes. WinCC Advanced V14 System Manual, 10/2016 5217 Visualizing processes 12.1 Creating screens Note Only one instance of the HTML Browser is supported per screen for Panels to preserve memory space. If you move quickly from a slide-in-screen to a pop-up screen and an HTML browser is configured in both screens, the second HTML browser will not open. Wait two seconds after closing the slide-in screen until the handle is no longer visible and then open the pop-up screen. Layout Customize the object position and size in the Inspector window. In particular, you can customize the following property: URL: Specifies which Internet address is opened in the HTML Browser. Tag for URL: Specifies the tag which sets the Internet address. Address The Internet address is specified in "Properties > Properties > General >URL" in the Inspector window. Note For Basic Panels 2nd Generation: If you want to load a website from a USB flash drive to your HMI device, the address in the "URL" field must begin with the prefix "\media\usb\". Example: You want to load the html5.htm web page from the USB device USB_XY. Enter "\media\usb\USB_XY\html5.htm" in the Inspector window. Browser type (RT Advanced as of V13 SP1) You can select the browser type in Runtime Advanced as of version V13 SP1. Specify the type of the Web browser under "Properties > Properties > General > HTML browser type" in the Inspector window. 5218 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Two options are available: Web browser based on WebKit engine without Active X support Note Dialogs from websites are not supported in the WebKit browser. "Yes" or "OK" is always set as answer instead. Web browser based on Internet Explorer with Active X support Note If Internet Explorer does not load the website, use the WebKit browser without Active X support. Basic procedure 1. Create an internal tag of the "String" data type, for example, InternetAddress, in the "Tag" editor. 2. Insert the "HTML Browser" object in the screen in the "Screens" editor. 3. In the Inspector window, select "Properties > Properties > General". 4. At "Tag for the URL", select the "InternetAddress" tag from the selection list. 5. Insert an I/O field in the screen in the "Screens" editor. 6. In the Inspector window of the IO field "Properties > Properties > General > Tag for URL", select the "InternetAddress" tag from the selection list. The HTML Browser opens the relevant page after the operator has entered an address in the I/O field. WinCC Advanced V14 System Manual, 10/2016 5219 Visualizing processes 12.1 Creating screens Operator controls Operator controls are configured buttons in the process screen or softkeys on the HMI device. The "HTML Browser" object does not have its own operator controls. Assign the system functions used to control the "HTML Browser" object to your configured operator controls, such as buttons. 1. For example, drag the "Button" object to the screen from the toolbox. 2. Input a text of any length or select a graphic, for example Update. 3. In the Inspector window, select "Properties > Events > Click". The "Function list" dialog opens. 4. The system functions for controlling the "HTML Browser" object can be found in the list of system functions in the "Keyboard operation for screen objects" group. Select a function from the list, for example, HTMLBrowserRefresh. 5. Select the object name of the HTML Browser in which the command will be executed from the "Screen object" list. Defining the website selection To define the website selection that is provided in the HTML browser, you can define a number of allowed URL addresses. You define a String or Wstring type tag or for the "Tag for URL" property of the HTML browser that can be filled with the predefined URL addresses in the following ways: Using the "SetTag" system function, which you configure on a button Using an I/O field Note Any website can be accessed by entering the address in an I/O field. To restrict the selection of permitted websites, use the provision of the pre-defined URL addresses via a system function or a script. Via a script (Panels and RT Advanced only) Via the PLC Displaying SIMOTION PLC websites in the HTML browser If the SIMOTION PLC websites are not displayed correctly in the HTML browser, add "/basic" after the website URL to display the websites in basic mode. 5220 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Comments The functional scope of the HTML Browser is limited in comparison to the Internet Explorer: The HTML Browser will only show pure HTML pages. VBScript, Java, JavaScript, Flash and ActiveX controls are not supported. Set up the HTML pages for display in the HTML Browser by using a text editor or using a simple HTML editor. Links to embedded files, for example *.pdf or *.xls, are not supported. Queries and dialogs that are conducted during the access of, for example protected pages are not supported. When accessing protected pages, enter your user name and password in the URL: <http://username:password@servername> (e.g. "http:// Administrator:Admin123@192.168.0.199"). Note The object "HTML Browser" supports dynamization. If you select the HTML browser type "Web browser, based on a WebKit engine", only the tag connection is available for dynamization under "Address". Note For Basic Panels 2nd Generation and Comfort Panels: The object "HTML Browser" does not support proxy settings. This means the "HTML Browser" object cannot access URLs that require a change of the proxy settings. Note HTML browser in "Scroll indicator" mode If you have specified the "Scroll indicator" scroll mode in "Runtime settings > Screens > Scrolling in controls", it may occur that some websites are not correctly displayed. See also Web browser of WebKit engine: Overview (Page 6350) Camera view (Panels) Use You use the "Camera view" object to configure the camera view which outputs screens for the operator in runtime from a connected network camera. WinCC Advanced V14 System Manual, 10/2016 5221 Visualizing processes 12.1 Creating screens Monitoring with the help of the network camera lends itself for situations in which the operator has limited visibility of the plant or cannot get close to the machines. The operator can then respond to any problem much faster to remedy its cause. The camera view can be configured in the following screens: In a screen In a template In a slide-in screen In a pop-up screen Note Device dependency of the "Camera view" object The "Camera view" object is available for Comfort Panels and KTP Mobile Panels (as of device version V13). Note Only one camera view may be in operation in runtime at the time. Note Use the "Camera view" object only with network cameras. Make sure that the connected network camera is located in a secure network with known devices and IP addresses. For more information on security, go to: http://www.siemens.com/industrialsecurity 5222 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout You enter the information on the source of the video stream as well as position and size of the camera view in the Inspector window. You can adapt the following properties in particular: URL for the source of the video stream: - Camera URL: Specifies a static URL which is only entered during configuration. - Camera URL tag: Specifies a dynamic URL which the operator can change later in runtime. Transmission protocol: Specifies the transmission protocol by which the data exchange between the panel and the network camera takes place. Position and size of the camera view: Specifies position and size of the camera view as well as the aspect ratio and size of the displayed video stream. Specifying URL for the source of the video stream 1. Insert the camera view in the screen in the "Screens" editor. The camera view is found in the task card "Tools" > "Controls". 2. Click "Properties > Properties > General > Media" in the Inspector window. 3. Enter the static camera URL in the "Camera URL" field, for example, "rtsp:// user:password@192.168.56.208" for a Siemens camera. The address of the network camera is available in the network camera manual. Note The camera URL always starts with "rtsp://" and must only include permitted characters. If you enter characters that are not permitted or if the URL does not start with "rtsp://", the camera cannot be operated in runtime. The operator will receive an error message in the "Camera view" to indicate the problem. The following characters of the US ASCII character set are permitted: 0123456789 A...Z a...z !#$%&()*+,'-_./:;<=>?@ [\]_{|}~^(") 4. Assign a tag to the camera view under "Camera URL tag" in the Inspector window. The tag must be of the data type "String" for external tags and "WString" for internal tags. When you assign a tag to the camera view, the user can change the source of the video stream in runtime. Note If you leave the "Camera URL tag" field blank, the static URL is used in runtime. If you enter information in the "Camera URL" and "Camera URL tag" field, the dynamic URL is used in runtime. WinCC Advanced V14 System Manual, 10/2016 5223 Visualizing processes 12.1 Creating screens Specifying the transmission protocol 1. Click "Properties > Properties > General > Media" in the Inspector window. 2. Specify the transmission protocol with the "Use UDP instead of TCP" check box. The selection of the protocol depends on the protocol types which your network camera supports. Information on supported protocols is available in the network camera manual. In most cases, a TCP connection has reliable synchronization with the camera view. Specifying position and size of the camera view 1. Click "Properties > Properties > General > Layout" in the Inspector window. 2. Enter the size of the object under "Camera view" in the "Position & Size" area. To achieve the best picture quality of the video stream, enter the physical resolution of the network camera as size of the camera view. The recommended setting "Keep video size" is selected by default in the "Fit to size" area. The "Keep aspect ratio" check box is disabled and cannot be selected. 3. To keep the aspect ratio of the video stream, disable "Keep video size". The "Keep aspect ratio" check box is automatically selected. Note The screen is not scaled when you keep the size of the video stream. The screen size of the network camera is output 1:1 by the camera view. If the camera view is smaller than the selected resolution of the network camera, only a corresponding section of the camera screen is output by the camera view. If the camera view is greater than the selection solution of the network camera, any blank spaces are displayed as black horizontal or vertical margins. Any blank spaces are output as black horizontal or vertical margins by the camera view when you keep the aspect ratio of the video stream. Note When you disable the "Keep video size" and "Keep aspect ratio" check boxes, the camera screen may be distorted. Result You have configured a camera view which can be used for monitoring the plant in runtime. Note You cannot configure system functions for the camera view. Note When you test a project with the simulator, a black screen with a camera symbol is output. 5224 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens See also Device dependency of the objects (Page 5183) Circle Application The "Circle" object is a closed object which can be filled with a color or pattern. Layout In the Inspector window you can customize the settings for the object position, geometry, style, frame and color. You can adapt the following properties in particular: Radius: Specifies the size of the circle. Radius The radius of the "Circle" object is specified in the Inspector window. The value is entered in pixels. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter a value between 0 and 2500 in the "Radius" area. See also Device dependency of the objects (Page 5183) WinCC Advanced V14 System Manual, 10/2016 5225 Visualizing processes 12.1 Creating screens Trend view (Panels, RT Advanced) Application The trend view is meant for the graphical representation of tag values from the current process or from a log in form of trends. Layout In the Inspector window, you customize the position, geometry, style, color, and font types of the object. You can adapt the following properties in particular: Display value table, ruler and grid: Specifies whether a value table, a ruler or a grid is displayed in addition to the coordinate system to improve legibility. Toolbars: Defines the display of the operator controls. Display value table, ruler and grid For improved legibility a value table, a ruler and a grid can be displayed in Runtime. 1. Activate "Properties > Properties > Appearance > Show ruler". 2. Activate "Properties > Properties > Table > Show table". 3. Activate "Properties > Properties > Table > Show grid". 5226 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Toolbars The layout of the operator controls is defined in the "Properties > Properties > Toolbar" inspector window. Note Basic Panels Because archiving with Basic Panels is only possible for devices as of the 2nd Generation, the operator controls are not available on all Basic Panels. Toolbar button Brief description Description "Go to start" Scroll to the current value of the trend. "Zoom in" Reduces the displayed time slice. "Zoom out" Zooms into the displayed time section. "Ruler backward" Moves the ruler back. "Ruler forward" Moves the ruler forward. "Backward" Scrolls back one display width. "Forward" Scrolls forward one display width. "Ruler" Shows or hides the ruler. The ruler displays the X-val ue associated with a Y-value. "Start/stop" Stops trend recording or continues trend recording. Operation on Basic Panels and devices with small display size The trend view buttons are not displayed on Basic Panels and HMI devices with a display size of less than 6". You can operate the trend view using the function keys of the HMI device that are assigned corresponding system functions. Displaying column headers The layout of the table in the trend view depends on the view settings in the Control Panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Appearance" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. Consistency test If warnings or errors are displayed in the output window during a consistency check in connection with trend views, clicking "Go to Error/Tag" on the shortcut menu will not always take you to the exact error position. In some cases only the trend view is shown as cause of error. WinCC Advanced V14 System Manual, 10/2016 5227 Visualizing processes 12.1 Creating screens Adding, configuring, and removing trends The trends of the trend view are managed in the Inspector window under "Properties > Properties > Trend". You can copy trends between different trend views. See also Configuring trend displays for values from the PLC (Page 5387) Trends (Page 5384) Outputting tag values in screens (Page 5386) Configuring trend display for values from the PLC (Basic) (Page 5382) Device dependency of the objects (Page 5183) Charge condition (Panels, RT Advanced) Application The object "Charging condition" is a control element for some SIMATIC Mobile Panels. The "Charging condition" object indicates the charging status of the battery. Charge the battery in good time. Alternatively, you can replace the battery with a spare battery. Layout Symbol Description Charging condition Battery is charged >20 % Battery must be charged <20 % and >6 % Battery is weak <6% Operation The object is for display only and cannot be controlled by the operator. See also Effective range name (Page 5293) Effective range name (RFID) (Page 5296) Effective range signal (Page 5297) WLAN reception (Page 5299) Zone name (Page 5302) 5228 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Zone signal (Page 5303) Device dependency of the objects (Page 5183) Illuminated pushbutton (Panels) Application The object "Illuminated pushbutton" is a control element for some SIMATIC Mobile Panels. The LEDs can be activated by the PLC. The illuminated LED signals the operator in Runtime that the illuminated pushbutton has to be pressed. The illuminated pushbutton is configured in the global screen. Layout You can adapt the following properties in the Inspector window: Tag: Specifies the tag in which the status of the illuminated pushbutton is written. LED assignment: Specifies the assignment of the LED to the bit in the LED tag. WinCC Advanced V14 System Manual, 10/2016 5229 Visualizing processes 12.1 Creating screens Tag The "Tag" property is used to specify the global assignment of the "Illuminated pushbutton" object in the global screen. Note Notes on configuring The current status of the illuminated pushbutton is written to the tag when Runtime is started and whenever the button is pressed. This may cause inconsistencies between the status of the illuminated pushbutton and the illuminated pushbutton tags. 1. If the tag has a connection to the PLC, the current value is transferred from the PLC to the tag after establishment of communication. The tag that contains the current status of the key is overwritten by this process. The illuminated pushbutton tag may therefore no longer reflect the current value of the illuminated pushbutton, for example if the Mobile Panel is switched off while the illuminated pushbutton is pressed. 2. If the illuminated pushbutton is pushed before communication to the PLC could be established (for example after a device start-up), it may not be possible to send the value of the illuminated pushbutton tag to the PLC. In this case the value of the tag in the PLC is different from the current status of the key. Carry out the following configuration steps so that the illuminated pushbutton always reflects the actual state. Basic procedure 1. Specify the connection to the PLC in the "Connections" editor. Activate the "Coordination" area pointer to ensure that the life bit is available to the PLC side. 2. Open the "HMI tags" editor and create three tags. - Internal tag: Pushbutton_State - External tag: BufferTag - External tag: Pushbutton_PLC 5230 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Open the Inspector window of the "Pushbutton_State" tag. 4. In the Inspector window, select "Properties > Events > Value change". Click the first line of the function list. The list opens, showing the system functions available in the project. 5. Select the "SetTag" system function. - Select the "Pushbutton_PLC" tag at "Tag (output)". - Select the "Pushbutton_State" tag at "Value". The value of the "Pushbutton_PLC" tag is written to the PLC with the "Pushbutton_PLC" tag. A program in the PLC evaluates the life bit. If communication is established, the current value is written to the "Pushbutton_PLC" tag from the PLC. The "BufferTag" is required to transfer the current position of the pushbutton to the PLC. 6. Open the Inspector window of the "BufferTag" tag. 7. In the Inspector window, select "Properties > Events > Value change". 8. Click the first line of the function list. The list opens, showing the system functions available in the project. 9. Select the "SetTag" system function. - Select the "Pushbutton_PLC" tag at "Tag (output)". - Select the "Pushbutton_State" tag at "Value". After establishing communication the current value is written to the "BufferTag" from the PLC. The "SetTag" system function is executed by the value change in the auxiliary tag. The system function re-allocates the value of the "Pushbutton_State" tag to the "Pushbutton_PLC" tag. 10.Open the global screen in the "Screen navigation" editor. WinCC Advanced V14 System Manual, 10/2016 5231 Visualizing processes 12.1 Creating screens 11.Select the illuminated key on the global screen. 12.Select the tag "Pushbutton_State" in "Properties > Properties > General > Settings >Tag" in the Inspector window. If you press the illuminated pushbutton, the value is written to the "Pushbutton_PLC" tag. LED assignment To actuate the LED an LED tag or an array tag must be set up in the PLC and specified as an LED tag during configuration. The LED tag is specified at "LED tag" in the "Settings" area in the "General" group. With "LED bit" the allocated bit is given. When the bit is set the following states of the LED can be realized in runtime. Bit n+1 Bit n LED function 0 0 Off 0 1 Fast flash 1 0 Slow flash 1 1 On permanently See also Handwheel (Page 5215) Device dependency of the objects (Page 5183) Line Application The "Line" object is an open object. The line length and gradient slope are defined by the height and width of the rectangle enclosing the object. Layout In the Inspector window, you customize the settings for the object position, shape, style, and color. You can adapt the following properties in particular: Line style Line start and end 5232 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Line style The representation of the line is specified under "Properties > Properties > Appearance" in the Inspector window. The line is shown without interruption if you select "Solid", for example. Note The line styles available depend on the selected HMI device. Line start and end The start and end points of the line are specified under "Properties > Properties > Appearance > Line ends" in the Inspector window. Use arrow point, for example, as start and end point. The available start and end points depend on the device. See also Device dependency of the objects (Page 5183) Media Player (Panels, RT Advanced, RT Professional) Use In Runtime, the Media Player is used to play multimedia files. The Media Player is only available for the following devices: MP 377 Comfort Panels RT Professional WinCC Advanced V14 System Manual, 10/2016 5233 Visualizing processes 12.1 Creating screens Note Playing videos on Comfort Panels You can play video sequences on Comfort Panels in the "Media Player" screen object. You can find more detailed information on playing videos on the Internet under: http://support.automation.siemens.com (entry ID 62101921) Layout You can set the following properties in the Inspector window: Display status bar: Determines whether to display the status bar. Display operator controls: specifies the operator controls in Runtime. Show tracker: establishes, whether a slider is available for the operation. Operator controls The operator controls that can be used to control the Media Player in Runtime are specified in the Inspector window under "Properties > Properties > Appearance > Elements". Number of replays (Comfort Panels and MP 377) To play the file multiple times, select number of playbacks under "Properties > Properties > General > Number of replays". Select a value from 0 to 2,147,483,647. Supported file formats (Comfort Panels and MP 377) The following audio formats are supported by Media Player: Moving Picture Experts Group standard 1, Layer 1, 2, 3 (.mpa, .mp2, .mp3) Waveform Audio (.wav) The following video formats are supported by Media Player: Moving Picture Experts Group standard 1 (.mpg, .mpeg, .mpv, .mpe) Advanced Streaming Format (.asf) Windows Media Video Format (.wmv) Audio-Video Interleaved (.avi) Note Media Player does not support the creation and management of favorites. If you create favorites before closing the Media Player, they will not reappear when you open it again. 5234 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note The Media Player cannot be operated using the keyboard. You cannot simulate the Media Player. A static screen appears in the simulation window instead of the Media Player. Supported file formats (RT Professional) The following file formats are supported by Media Player: graphics file formats (.gif, .bmp, .jpg, .jpeg, .png) Moving Picture Experts Group standard 1 (.mpg, .mpeg, .mp4) QuickTime Movie (.mov, .qt) Advanced Streaming Format (.asf) Windows Media Video Format (.wmv) Audio Video Interleave (.avi) Note Requirements for video files To play video files in the Windows Server 2008 R2 SP1 and 2012 R2, install the Microsoft feature "Desktop Experience". You will find more detailed information on this topic on the Internet in the Microsoft documentation. Note Playing back multimedia files in the control depends on the video and audio codecs installed on the PC, as well as on the file format. Note Data loss when copying the project If you copy the project to another PC, keep the following in mind: Files indicated in the WinCC Media Control are not copied along with the other files if they are dynamically linked and no UNC path is specified. You have to load the files into the project again. See also Device dependency of the objects (Page 5183) WinCC Advanced V14 System Manual, 10/2016 5235 Visualizing processes 12.1 Creating screens Alarm view (as of V13) (Basic Panels, Panels, RT Advanced) Use Advanced alarm view is used to display alarms on the HMI device. On HMI devices with device version V13 or later, the advanced table-based alarm view is available for managing alarms. Alarm line The alarm line allows display of the most current pending alarm in Runtime. The following figure shows an alarm line: How to configure the alarm line: 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select "Mode > Alarm line". Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. Note The fonts available for selection depend on the fonts you have configured in the Runtime settings under "Language & font" and the fonts supported by your HMI device. You can adapt the following properties in particular: Toolbar: Defines the operator controls of the alarm view. Alarm classes: This setting defines which alarm classes are displayed in the alarm view. Columns: Specifies the displayed columns in Runtime. Columns moveable: Specifies whether the sequence of columns can be changed in Runtime. Identification of alarm classes: To be able to distinguish various alarm classes, they are identified in the first column of the alarm view. 5236 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Filter: Defines that only alarms that contain a specific character string will be displayed in the alarm text. Define display area: This setting specifies the date from which alarms are displayed in the alarm view. Sorting by date/time possible: Specifies whether the alarms can be sorted in Runtime by date and time. Note If you have different alarm classes output, these will be initially sorted into alarm classes in Runtime, and then by the time at which the alarm occurred. Operator controls The operator controls that can be used to control the alarm view in Runtime are specified in the Inspector window under "Properties > Properties > Toolbar". The following table shows the operator controls in the alarm view and their function: Button Name Function "Tooltip" Displays a tooltip for an alarm. "Acknowledge" Acknowledges an alarm. "Loop-in-alarm" If a screen change is configured, the display switches to a screen containing information about the alarm. Select alarm classes 1. Click "Properties > Properties > General" in the Inspector window. 2. Under "Alarm classes", activate the alarm classes to be displayed in the alarm view in Runtime. Access protection in Runtime You can configure access protection in the "Properties > Security" group in the properties of the alarm view. A logged-on user with the required authorization can acknowledge and edit alarms using the operator controls in the alarm view. If the logged-on user does not have the required authorization, or if no user is logged in, pressing the "Acknowledge" or "Edit" buttons or double-clicking an alarm line opens the logon dialog. Define columns Define the columns to be displayed in the alarm view in Runtime in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Activate the columns that are to be displayed in Runtime under "Visible columns". WinCC Advanced V14 System Manual, 10/2016 5237 Visualizing processes 12.1 Creating screens Sequence of columns If this property is enabled, the column sequence in the alarm view can be changed in Runtime. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Column properties > Columns moveable". Sorting If this property is enabled, the alarms displayed in the alarm view in Runtime can be sorted by date and time. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Column properties > Sorting by date/time possible". Filter alarms This property is used to define that only alarms that contain a configured string in the alarm text will be displayed in Runtime for the extended alarm view. 1. In the Inspector window, select "Properties > Properties > Filter. 2. In the "Filter string" field, enter the desired term for filtering. Alternatively, you can configure a filter tag using the "Filter tag" field. The contents of the filter tag serve as the filter criterion in Runtime. Identify alarm classes An icon is displayed in the first column of the alarm view. This symbol allows the alarm to be allocated to an alarm class. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Visible columns > Alarm class name". 3. Open the "HMI alarms" editor and click on the "Alarm classes" tab. 4. Specify an icon for use to identify the alarms of this alarm class for an alarm class in the "Display name" column. Note The "alarm view" object cannot be grouped. Set colors for alarm classes You have the option of having alarms of selected alarm classes shown in different colors in Runtime. You set the background colors of the alarms in the "HMI alarms" editor. 1. Open the "HMI alarms" editor and click on the "Alarm classes" tab. 2. Set the colors for alarms under "Properties > Properties > Colors". 5238 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 3. Depending on the HMI device, also change the flashing characteristics if required. 4. Under "Runtime settings > Alarms > General", select the "Colors of alarm classes" option to have alarms shown in the defined colors in the alarm view. Define display area You select a tag which defines the time from which alarms should be displayed. The following data types are permitted: External tags: Date, Date_and_Time, Time_of_Day Internal tags: DateTime To define the display area, proceed as follows: 1. Click "Properties > Properties > Display" in the Inspector window. 2. Define the tag in which the time is specified under "Control tag for display area". Switch to PLC code view You configure the "ActivatePLCCodeView" system function on a button to enable the jump from a monitoring alarm in the display to the affected program code in the PLC code view. In the alarm view, you define a control tag that you use to give the button dynamic properties. Control tag is used to evaluate whether the entry point of the selected monitoring signal is possible in the PLC code view. To define the control tag, proceed as follows: 1. Click "Properties > Properties > Display" in the Inspector window. 2. Specify a Boolean tag under "Properties > Display > Control tag for PLC code view" that will control the jump from the last active ProDiag alarm or GRAPH alarm to the PLC code view. You have the option make the button dynamic using animations, for example, so that the button changes color with an incoming alarm. Displaying column headers The layout of the alarm view is dependent on the view settings in the control panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Layout tab" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. Alarm view, simple (Basic Panels, Panels, RT Advanced) Application Alarms are indicated in the Alarm view or in the Alarm window of the HMI device. The following screen contains a simple alarm view: WinCC Advanced V14 System Manual, 10/2016 5239 Visualizing processes 12.1 Creating screens Note The "Single alarm view" object cannot be operated dynamically with a script. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. Note The fonts available for selection depend on the fonts you have configured in the Runtime settings under "Language & font" and the fonts supported by your HMI device. You can adapt the following properties in particular: Operator controls: Defines the operator controls of the alarm view. Alarm classes: This setting defines which alarm classes are displayed in the alarm view. Columns: Specifies the displayed columns in Runtime. Note If you have different alarm classes output, these will be initially sorted into alarm classes in Runtime, and then by the time at which the alarm occurred. 5240 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Operator controls The operator controls that can be used to control the alarm display in Runtime are specified in the Inspector window under "Display > Settings". The following table shows the operator controls in the alarm view, and what they do: Button Function "Info text" Displays info text for an alarm. "Acknowledge" Acknowledges an alarm. "Loop-In-Alarm" If a screen change is configured, the display switches to a screen containing information about the alarm. Select alarm classes 1. Click "Properties" in the Inspector window. 2. Under "Alarm classes", activate the alarm classes to be displayed in the alarm view in Runtime. Define columns Define the columns to be displayed in the alarm view in Runtime in the Inspector window. 1. In the Inspector window, click "Properties > Columns". 2. Activate the columns that are to be displayed in Runtime under "Columns". Displaying column headers The layout of the alarm view is dependent on the view settings in the control panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Layout tab" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. Note In the engineering system you can dynamically control the visibility of an object, for example, in the "Animations" group of the Inspector window. In Runtime, the "Simple alarm view" does not support animations. If you have configured an animation and, for example, wish to perform a consistency check of the project, then an error alarm is issued in the Output window. WinCC Advanced V14 System Manual, 10/2016 5241 Visualizing processes 12.1 Creating screens Alarm view, advanced (Panels, RT Advanced) Alarm view Alarms are indicated in the Alarm view or in the Alarm window of the HMI device. The following screen contains an alarm view with no content: Alarm line The alarm line allows display of the most current pending alarm in Runtime. The following figure shows an alarm line: How to configure the alarm line: 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select "Mode > Alarm line". Changing the view type On HMI devices with a display size larger than 6 ", you can configure both the advanced alarm view and a simplified alarm view. The view type is only available for configuration on devices up to device version V13. 5242 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Proceed as follows to configure the simplified user view: 1. Click "Properties > Properties > Layout > Mode" in the Inspector window. 2. Select "Simplified". Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. Note The fonts available for selection depend on the "Language and fonts" you have configured in the device settings and the fonts your HMI device supports. You can adapt the following properties in particular: Operator controls: Defines the operator controls of the alarm view. Alarm classes: This setting defines which alarm classes are displayed in the alarm view. Columns: Specifies the displayed columns in Runtime. Sequence of columns: Specifies whether the sequence of columns can be changed in Runtime. Identification of alarm classes: To be able to distinguish various alarm classes, they are identified in the first column of the alarm view. Filter: Defines that only alarms that contain a specific character string will be displayed in the alarm text. Enable sorting: Specifies whether the alarms can be sorted in Runtime by date and time. Define display area: This setting specifies the date from which alarms are displayed in the alarm view. Note If you have different alarm classes output, these will be initially sorted into alarm classes in Runtime, and then by the time at which the alarm occurred. Operator controls The operator controls that can be used to control the alarm view in Runtime are specified in the Inspector window under "Properties > Properties > Display > Settings". The following table shows the operator controls in the alarm view, and what they do: WinCC Advanced V14 System Manual, 10/2016 Button Function "Tooltip" Displays a tooltip for an alarm. "Acknowledge" Acknowledges an alarm. "Loop-In-Alarm" If a screen change is configured, the display switches to a screen containing information about the alarm. 5243 Visualizing processes 12.1 Creating screens Select alarm classes 1. Click "Properties > Properties > General" in the Inspector window. 2. Under "Alarm classes", activate the alarm classes to be displayed in the alarm view in Runtime. Access protection in Runtime Configure access protection in the "Properties > Security" group in the properties of the alarm view. If a logged-on user has the required authorization, he can acknowledge and edit alarms using the operator controls in the alarm view. If the logged-on user does not have the required authorization, or if no user is logged in, pressing the "Acknowledge" or "Edit" buttons or doubleclicking an alarm line opens the logon dialog. Define columns Define the columns to be displayed in the alarm view in Runtime in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Activate the columns that are to be displayed in Runtime under "Columns". Sequence of columns If this property is enabled, the column sequence in the alarm view can be changed in Runtime. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Column properties > Column order". Enable sorting If this property is enabled, the alarms displayed in the alarm view in Runtime can be sorted by date and time. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Column properties > Sorting by date/time possible". Filter alarms This property is used to define that only alarms that contain a configured string in the alarm text will be displayed in Runtime for the extended alarm view. 1. In the Inspector window, select "Properties > Properties > Filter. 2. Enter the required term for filtering in the field "Filter string". Alternatively, you configure a filter tag using the field "Filter tag". The contents of the filter tag serve as the filter criterion in Runtime. 5244 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Identify alarm classes An icon is displayed in the first column of the alarm view. This symbol allows the alarm to be allocated to an alarm class. 1. In the Inspector window, select "Properties > Properties > Columns". 2. Select "Columns > Alarm class". 3. Open the "Alarms" editor, and click the "Alarm classes" tab. 4. Specify an icon for use to identify the alarms of this alarm class for an alarm class in the "Display name" column. Note The "alarm view" object cannot be grouped. Specifying colors for alarm classes You have the option to display alarms of the selected alarm classes in different colors in Runtime. You specify the background colors of the alarms in the "HMI alarms" editor. 1. Open the "HMI alarms" editor, and click the "Alarm classes" tab. 2. Define the colors for alarms under "Properties > Properties > Colors". 3. To show alarms in the alarm view in the defined colors, activate the option "Alarm classes colors" under "Runtime settings > Alarms > General". Define display area You select a tag which defines the time from which alarms should be displayed. The following data types are permitted: External tags: Date, Date_and_Time, Time_of_Day Internal tags: DateTime To define the display area, proceed as follows: 1. Click "Properties > Properties > Display" in the Inspector window. 2. Define the tag in which the time is specified under "Control tag for the display area". Configuration behavior Displaying column headers The layout of the alarm view is dependent on the view settings in the control panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Layout tab" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. WinCC Advanced V14 System Manual, 10/2016 5245 Visualizing processes 12.1 Creating screens Displaying the buttons for operation The alarm view in the HMI devices OP 73, OP 77A and TP 177A has a button which displays the alarm text in a separate window. This button is not shown during configuration. The display of the buttons for using the alarm view depends on the configured size. You should check on the HMI device whether all necessary buttons are available. See also Alarm window (Page 5246) Alarm indicator (Page 5249) Configuring an alarm view for active alarms (Page 5437) Device dependency of the objects (Page 5183) Alarm window (Basic Panels, Panels, RT Advanced) Application Alarms are indicated in the Alarm view or in the Alarm window of the HMI device. The layout and operation of the Alarm window are similar to that of the Alarm view. The Alarm window has the following characteristics that are the same as in the Alarm view: Alarm window Alarm line: The alarm line is not available on Basic Panels. The Alarm window is configured in the "Global screen" editor. The alarm window is not assigned to any screen. Depending on the configuration the alarm window is opened when an alarm that belongs to a specific alarm class is active. Based on the configuration, it is not closed until the alarm is acknowledged. Note In the engineering system you dynamize, for example, the visibility of an object in "Properties > Animations" in the inspector window. In Runtime, the "Simple alarm window" object does not support animations. If you have configured an animation and, for example, wish to perform a consistency check of the project, then an error alarm is issued in the Output window. 5246 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Simple alarm window The simple alarm window is available on Basic Panels with a device version prior to V13 to display the alarms. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You configure the Alarm window in the same way as the Alarm view. In addition you adapt the following properties: Fixed alarm window: Specifies that the Alarm window retains the focus after a screen change. Window: You define the operator input and response of the Alarm window in Runtime. Note If you have different alarm classes output, these will be initially sorted into alarm classes in Runtime, and then by the time at which the alarm occurred. Operator controls The operator controls that can be used to control the alarm view in Runtime are specified in the inspector window under "Properties >Display > Settings". The following table shows the operator controls in the Alarm window, and what they do: WinCC Advanced V14 System Manual, 10/2016 Button Function "Tooltip" Displays a tooltip for an alarm. "Acknowledge" Acknowledges an alarm. "Loop-In-Alarm" If a screen change is configured, the display switches to a screen containing information about the alarm. 5247 Visualizing processes 12.1 Creating screens Access protection in Runtime Configure access protection under "Properties > Properties > Security" in the inspector window of the alarm view. If a logged-on user has the required authorization, he can acknowledge and edit alarms using the operator controls in the alarm view. If the logged-in user does not have the required authorization, or if no user is logged in, clicking the "Acknowledge" or "Edit" buttons or double-clicking an alarm line opens the login dialog box. Note Basic Panels Access protection is not available for Basic Panels. Activating the focus of the Alarm window Select the following option so that the Alarm window does not lose the focus after a screen change: 1. In the Inspector window, select "Properties > Properties > Mode". 2. Enable "Label". Window Define the response of the Alarm window under "Properties > Properties > Mode > Window" in the inspector window. The following table shows the possible properties: Option Function Automatic display The Alarm window is automatically displayed when a system event oc curs, for example. Closable The window closes again after a set time has elapsed. You define the display duration in the alarm settings. Modal The Alarm window is linked to a confirmation, such as: Alarm must be acknowledged. If the modal alarm window has the focus, the buttons in the screen behind it cannot be used. The functions configured on a func tion key are carried out. Sizeable You can change the size of the Alarm window in Runtime. See also Alarm view, advanced (Page 5242) Alarm indicator (Page 5249) Configuring an alarm window (Page 5444) Device dependency of the objects (Page 5183) 5248 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Alarm indicator (Basic Panels, Panels, RT Advanced) Application The alarm indicator is a graphic symbol that shows current errors or errors that need to be acknowledged, depending on the configuration. The alarm indicator is configured in the "Global screen" editor. The following figure shows an alarm indicator: Alarm indicator OP 73 A "simple" alarm indicator is available for the HMI OP 73. The following diagram shows the alarm indicator for the OP 73 HMI devices: The "simple" alarm indicator shows alarms to be acknowledged or alarms which have already been acknowledged and have not yet gone. Only the position can be defined for the "simple" alarm indicator. The alarm indicator is displayed on the device at the selected position. If you have configured a screen object at this position, the visible alarm indicator covers the screen object. The alarm indicator is covered by system dialogs, such as the login dialog, Help dialog, and alarm windows. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Alarm classes: Establishes the alarm classes where the alarm indicator is displayed. Operator control in Runtime: Defines the operator actions in Runtime that cause the Alarm window to open. Alarm classes You define which alarm classes are shown with an alarm indicator in "General > Alarm classes" in the Inspector window. Alarm classes, such as "Warnings" or "Errors". Define operator control in Runtime 1. Select the alarm indicator in the screen. 2. Click "Events > Click" or "Click when flashing" in the Inspector window. 3. The "function list" opens. Click the first line of the function list. The list of system functions, and scripts available in the project opens. WinCC Advanced V14 System Manual, 10/2016 5249 Visualizing processes 12.1 Creating screens 4. Select the "ShowAlarmWindow". system function under "Alarms." 5. Under "object name" select the name of the Alarm window from the selection list. Under "Layout", define whether the Alarm window should be visible, hidden, or should toggle between the two states. See also Alarm view, advanced (Page 5242) Alarm window (Page 5246) Configuring an alarm indicator (Page 5445) Device dependency of the objects (Page 5183) PDF view (Panels, RT Advanced) Use Using the object "PDF view" you project a PDF view on which the operator can open and display documents in PDF format in runtime. The documents in PDF format are located in the internal or external memory of the respective HMI device in this case. The PDF view supports the PDF version 1.7. You can configure the PDF view in the following: In a screen In a template In a slide-in screen In a pop-up screen Note The "PDF view" object may be configured multiple times in a project. However, a maximum of one PDF view may be active at the same time. 5250 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note Device dependency of the "PDF view" object The "PDF view" object is only available for KTP Mobile Panels, Comfort Panels and RT Advanced. Note Only one "PDF view" object may be inserted per screen. Layout You provide information about the position and size of the PDF view in the Inspector window. You can adapt the following properties in particular: File name: Specifies the PDF file that opens by default in the PDF view. File name tag: Specifies the tag that opens any PDF file. Basic procedure 1. Create an internal tag of data type "String" in the "Tag" editor, for example, "PDFFile". 2. Insert the PDF view in the screen of the "Screens" editor. The PDF view is available in the "Tools > Controls" task card. 3. In the Inspector window, select "Properties > Properties > General". 4. Enter the file name of the PDF file that opens by default in runtime in "File name". You can also leave the "File name" field blank. 5. For "File name tag", select the "PDFFile" tag from the selection list. 6. Insert an I/O field in the screen in the "Screens" editor. 7. In the Inspector window of the I/O field "Properties > Properties > General > Tag" select the "PDFFile" tag from the selection list. 8. Assign the PDF view the "PDFFile" tag under "File name tag" in the Inspector window. 9. Create a text field for the label in the configured I/O field, for example, "PDF path". If the operator enters the file name along with the path in the I/O field, the PDF view opens the file in question. Operator controls Operator controls are configured buttons in the process picture or softkeys on the HMI device for operating the object. The "PDF view" object does not have its own operator controls. Configure operator controls yourself, for example, buttons, and link the operator controls with system functions. 1. For example, drag the "Button" object to the screen from the toolbox. 2. Enter a text of any length. WinCC Advanced V14 System Manual, 10/2016 5251 Visualizing processes 12.1 Creating screens 3. In the Inspector window, select "Properties > Events > Click". The "Function list" dialog box is opened. 4. The system functions for operation of the PDF view are available in the list of system functions in the group "Keyboard operation for screen objects". From the list select a function, for example, "PDFZoomIn". 5. From the "Screen object" list, select the object name of the PDF view in which the command is executed. System functions The following system functions are available for the "PDF view" object: System function Description "PDFZoomIn" Zooms in one zoom level "PDFZoomOut" Zooms out one zoom level "PDFGotoNextPage" Moves to the next page "PDFGotoPrevious Page" Moves to the previous page "PDFGotoFirstPage" Moves to the first page "PDFGotoLastPage" Moves to the last page "PDFFitToWidth" Fits the display to fit the width of the PDF view window "PDFFitToHeight" Fits the display to the height of the PDF view window "PDFZoomOriginal" Changes the display to the original size "PDFScrollUp" Scrolls up "PDFScrollDown" Scrolls down "PDFScrollLeft" Scrolls to the left "PDFScrollRight" Scrolls to the right "PDFGotoPage" Moves to the specified page Note Scrolling on all HMI devices also works with multi-touch operation. The figure below shows a PDF view with the configured operator controls: 5252 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Comments Compared to Adobe Acrobat, the PDF view has limited functionality: The PDF view does not support links. The PDF view supports zoom levels 25% to 200%. Note The "PDF view" object cannot be addressed by using VB scripting. Note A lot of RAM may be needed to display and browse through large PDF files. In such cases, the system event 130000 "Not enough RAM" is displayed. See also Device dependency of the objects (Page 5183) WinCC Advanced V14 System Manual, 10/2016 5253 Visualizing processes 12.1 Creating screens PLC code view (Panels, RT Advanced) Use The "PLC Code View" object is used to display the current program status of user programs which have been programmed in the LAD, FBD or GRAPH programming languages. Errors during execution of a GRAPH sequencer are displayed directly at the corresponding step. The PLC code view is divided into the following areas: Header The header shows the PLC name, the FB name, as well as the number and name of the network in Runtime. Information area The PLC network is graphically represented in the information area in Runtime. Symbol table The symbol table shows the symbolic names of the operands, absolute addresses of the operands and corresponding comments. Toolbar The toolbar shows the buttons available in the PLC code view in Runtime. Note The "PLC Code View" object cannot be used in faceplates, in the global screen, in pop-up screens and slide-in screens. 5254 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note Device dependency of the "PLC code view" object The "PLC code view" object is available for RT Advanced, Comfort Panels and KTP Mobile Panels with 7" display size or more. Layout You change the settings for the position, style, colors, and fonts of the object in the Inspector window. You also, importantly, adjust the toolbar buttons here. To change the order of columns in the symbol table in Runtime, select the "Reorder columns" option under "Properties > Layout > Column settings". Toolbar The operator controls with which the PLC code view is operated in Runtime are configured under "Properties > Properties > Toolbar > Buttons" in the Inspector window. Operator control Designation Function "Symbol area" Shows the symbol area. "Previous network" Navigates to the previous network "Next network" Navigates to the next network "Zoom in" Enlarges the information area. "Zoom out" Reduces the information area. "Detail" Shows the detail view. "Step mode" Switches between manual and automatic step se lection for the active step. "Transition/Interlock" Switches between the transition and interlock net work views. Configuring the PLC code view 1. Drag-and-drop the PLC Code View from the toolbox view. 2. Click "Properties > Properties > Toolbar" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5255 Visualizing processes 12.1 Creating screens 3. Select the buttons that you require in Runtime, for example: Next network, Previous network, Step mode. 4. If required, configure the button display, e.g. background color or fill pattern. 5. In the Inspector window, select "Properties > Properties > Columns". 6. Select the columns that you require in the device view for Runtime. 7. Customize the column headers or order if necessary. 8. Select an authorization for operation in "Properties > Properties > Security". Controlling the PLC code view with the keyboard To control the PLC code view with the keyboard, proceed as follows: 1. Press the <Tab> key repeatedly until the focus is on the desired button. You can use the <Shift + Tab> shortcut keys to navigate back to the previous button. 2. Press <Enter>. The command is executed. Operation with the touch screen Scrolling by dragging in the symbol table of the PLC code view is not supported. To scroll horizontally and vertically in the symbol table, use the scroll bars and the scroll arrows. Properties of a PLC in Runtime If a PLC is connected to the PLC code view in WinCC and Runtime is active, changing the name of the PLC will trigger errors. Therefore, do not change the PLC name, the IP address, or other properties of the HMI connection. Addressing tags in the "PLC code view" object The "PLC code view" object only supports symbolic addressing of tags. If the operand is not addressed symbolically, the network with the operand cannot be displayed and an error message is generated. Displaying time-value constants When time-value constants are displayed, the time is shown in the format "Hours/Minutes/ Seconds/" in the PLC code view, depending on the input configured in the Engineering System. For example, a constant "150 s" specified in the Engineering System appears in Runtime as "2 min 30 s". See also Supervising machinery and plants with ProDiag (Page 6074) Configuring the PLC code view (Page 6088) Configuring the PLC code view (Page 6088) 5256 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Supported instructions (Page 6093) Supported data types (Page 6097) Options for editing objects (Page 5029) Device dependency of the objects (Page 5183) Polygon (Panels, RT Advanced, RT Professional) Application The "Polygon" is a closed object which you can fill with a background color. Layout In the Inspector window, you customize the settings for the object position, shape, style, and color. In particular, you can customize the following property: Geometry: Modifies, deletes or adds corners. Geometry The corner points are numbered in the order of their creation. You can change, delete, or add more corner points: 1. In the Inspector window, select "Properties > Properties > Layout". 2. Select the required corner point in the "Geometry" area. Input a value at "X position " and "Y position ". 3. To add a corner point, click the 4. To delete a corner point, click the button. button. Alternative procedure You can also change, delete, or add new corner points using the mouse: 1. Select the object. Position the mouse cursor on the desired corner. The mouse cursor changes to a crosshair. 2. Drag the corner to the desired position while holding down the mouse button. 3. Right-click the position at which you want to insert the corner point. Select "Add point" from the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 5257 Visualizing processes 12.1 Creating screens Configuring Rotation in runtime You configure the "Polygon" object so that it rotates about a reference point in runtime. The rotation in runtime is only possible for devices with Runtime Professional. Enter the values for the angle of rotation using Degrees as the unit. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter values for the following attributes in the "Rotation" area. - X - Y - Angle See also Polyline (Page 5258) Device dependency of the objects (Page 5183) Polyline (Panels, RT Advanced, RT Professional) Application The "Polyline" is an open object. Use the "Polygon" object if you want to fill the object with color. Layout In the Inspector window, you customize the settings for the object position, shape, style, and color. You can adapt the following properties in particular: Line start and end: Specifies the type of line start and line end. Geometry: Modifies, deletes or adds corners. Line start and end You define the start point and the end point of the line under "Properties > Properties >"Appearance" in the Inspector window. Use arrow point, for example, as start and end point. The available start and end points depend on the device. 5258 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Geometry The corner points are numbered in the order of their creation. You can change, delete, or add more corner points: 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select the required corner point in the "Geometry" area. Input a value at "X position" and "Y position". 3. To add a corner point, click the 4. To delete a corner point, click the button. button. Alternative procedure You can also change, delete, or add new corner points using the mouse: 1. Select the object. Position the mouse cursor on the desired corner. The mouse cursor changes to a crosshair. 2. Drag the corner to the desired position while holding down the mouse button. Configuring rotation in Runtime You configure the "Polyline" object so that it rotates about a reference point in Runtime. The rotation in Runtime is only possible for devices with Runtime Professional. Enter the values for the angle of rotation using Degrees as the unit. 1. Click "Layout" in the Inspector window. 2. Enter values for the following attributes in the "Rotation" area. - X - Y - Angle See also Polygon (Page 5257) WinCC Advanced V14 System Manual, 10/2016 5259 Visualizing processes 12.1 Creating screens ProDiag overview (Panels, RT Advanced, RT Professional) Use The "ProDiag overview" object provides an overview of the current status of the configured monitoring in Runtime. When an error occurs, the type of error and the error category are determined in the ProDiag overview. You can navigate directly to the error message in an alarm view and have the affected program code shown in the PLC code view. Note The "ProDiag overview" object cannot be used in faceplates or in the global screen. Note Device dependency of the "ProDiag overview" object The "ProDiag overview" object is available for RT Advanced, RT Professional, Comfort Panels and KTP Mobile Panels. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Displayed buttons Names and colors for categories Names and colors for monitoring types Configuring the ProDiag overview A CPU and a ProDiag FB are created. 1. In the Inspector window, select "Properties > Properties > General". 2. Open the selection button under the "Tag" property. 3. Select the status tag of ProDiag FB. Alternatively, drag the status tag from the detail view and drop it at the desired point of use. 4. Under "Output > Categories", define the names and colors for the categories. 5. Under "Output > Monitoring types", define the names and colors for the monitoring categories. 6. Select an authorization for operation under "Properties > Properties > Security". 5260 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring a compact view You can configure the ProDiag overview in a compact view. Disable the display of categories and monitoring types under "Properties > Appearance > Options". Disable all buttons under "Properties > Toolbar > General". Monitoring types and categories You can display a maximum of eight categories and six types of monitoring in the "ProDiag overview" object. The pre-defined categories and monitor types are available: Designation Categories E Error W Warning I Info Rename the categories C4 to C8, which are created by default, according to your requirements. Designation Monitoring type O Operand error I Interlock error R Reaction error A Action error P Position error M Alarm You can change the display symbols of monitoring types and categories at any time under "Output" in the Inspector window. Symbols You specify the symbols that are displayed in the ProDiag overview in the Inspector window under "Properties > Appearance > Options". The following symbols are available for ProDiag overview: Icon WinCC Advanced V14 System Manual, 10/2016 Name Function Help Opens the user-defined tooltip. Info Displays the information for monitoring. Error Indicates that an error has occurred. 5261 Visualizing processes 12.1 Creating screens "Alarm view" button To display the "Alarm view" in the ProDiag overview, select the "Show alarm window button" property under "Properties > Toolbar > General". Button Name Function Alarm view Opens the configured alarm view with the error message. Deactivated display If there is a faulty connection to the controller during runtime, the object "ProDiag overview" is displayed grayed-out (unavailable). This deactivated display can be due to the following: The controller is deactivated The configured ProDiag program block was removed from the control program The controller is in stop mode As soon as the cause of the error is removed and the connection reestablished, the ProDiag overview shows the current online status of the monitoring during runtime. See also Supervising machinery and plants with ProDiag (Page 6074) Basics of supervision with ProDiag (Page 6074) Configuring the ProDiag overview (Page 6080) Basics of supervising operands (Page 6075) Options for editing objects (Page 5029) Device dependency of the objects (Page 5183) Rectangle Application The "Rectangle" is a closed object which you can fill with a color. 5262 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Corner radius: Specifies the horizontal and vertical distance between the corner of the rectangle and the start point of a rounded corner. Corner radius The corners of the "Rectangle" object can be rounded to suit your requirements. When the properties "X" and "Y" are set to the 100 % value, the rectangle is displayed as an ellipse. As soon as one of the properties has the value 0%, a normal rectangle without a rounded corner is shown. 1. Click "Properties > Properties > Layout" in the inspector window. 2. Enter a value for "X" in the "Corner radius" area. The input value is the percentage proportion of half the width of the rectangle. 3. Enter a value for "Y" in the "Corner radius" area. The input value is the percentage proportion of half the height of the rectangle. See also Rotating objects (Page 5039) Flipping objects (Page 5041) Device dependency of the objects (Page 5183) Recipe view (as of V13) (Basic Panels, Panels, RT Advanced) Application The "Recipe view" object is used to display recipes on the HMI device. Note Device dependency of the "Advanced recipe view" object The "Advanced recipe view" object is available on the HMI devices Basic Panels 2nd Generation, Comfort Panels, Mobile Panels with the device version V13. WinCC Advanced V14 System Manual, 10/2016 5263 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Toolbar: Defines the operator controls of the recipe view. Display number: Defines whether the number of the recipe and the number of the recipe data record is displayed. Label: Sets the label for the name of the recipe and the recipe data record. Operator controls The operator controls with which the recipe view is operated in Runtime are configured under "Properties > Properties > Buttons" in the Inspector window. In the simple recipe view the operating elements are based on the functions of the menu. Operator control 5264 Description "Tooltip" Calls up the configured tooltip for the selected recipe. "Add data record" Creates a new recipe data record in the recipe. "Delete data record" Deletes the selected data record. "Rename" Changes the name of selected data record. "Save" Saves the modified record with its current name. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Operator control Description "Save as..." Saves the modified record with a new name. "Write to PLC" Sends the current value to the PLC. "Read from PLC" Reads the current value from the PLC. "Synchronize recipe tags" Compares the values of the selected data record with the values on the PLC. Display number Specifies whether the number of the recipe and the number of the recipe data record are displayed in Runtime. The number of the recipe uniquely identifies the recipe in the project. 1. Click "Properties > Properties > View" in the Inspector window. 2. Select "Display > Display numbers". Display label Use this property to specify the name to be shown for recipes and data records in the recipe view. 1. Click "Properties > Properties > Label" in the Inspector window. 2. Select "Display labels". 3. Enter the labels for the recipe and the recipe data record. Behavior during configuration Displaying column headers The layout of the recipe view is dependent on the view settings in the control panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Appearance" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. WinCC Advanced V14 System Manual, 10/2016 5265 Visualizing processes 12.1 Creating screens Recipe view, simple (Basic Panels, Panels, RT Advanced) Application The "Recipe view" object is used to display and modify recipes. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Toolbar: Specifies the menu commands of the recipe view. Toolbar The menu items with which the recipe view is operated in Runtime are configured under "Properties > Properties > Toolbar" in the Inspector window. Menu command Description "Tooltip" Calls up the configured tooltip for the selected recipe. "Add data record" Creates a new recipe data record in the recipe. "Delete data record" Deletes the selected data record. "Save" Saves the modified record with its current name. "Save as" Saves the modified record with a new name. "Write to PLC" Sends the current value to the PLC. "Read from PLC" Reads the current value from the PLC. "Rename" Specifies that the "Rename" button is shown. "Forward" Specifies that the menu buttons are visible. "Back" Specifies that the "Back" button is shown. See also Objects for Basic Panels (Page 5183) 5266 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Recipe view, advanced (Basic Panels, Panels, RT Advanced) Advanced recipe view The "Recipe view" object is used to display and modify recipes. The advanced or the simple user view is available depending on the HMI device Changing the view type On HMI devices with a display larger than 6", both the advanced and the simplified recipe view can be used to manage and process recipes. The view type is only available for configuration on devices up to device version V13. Note Do not use the simple recipe view in a group. WinCC Advanced V14 System Manual, 10/2016 5267 Visualizing processes 12.1 Creating screens Configuring the simple recipe view: 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select "Mode > Display type > Simplified". Note Behavior for Runtime Professional, Runtime Advanced and Panels In the Engineering System you can dynamically control the visibility of an object, for example, in the "Animations" tab of the Inspector window. In Runtime, the "Simple recipe view" does not support animations. If you have configured an animation and, for example, want to check the consistency of the project, an error alarm is displayed in the Output window. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Operator controls: Defines the operator controls of the recipe view. Display number: Defines whether the number of the recipe and the number of the recipe data record is displayed. Operator controls The operator controls with which the recipe view is operated in Runtime are configured under "Properties > Properties > Buttons" in the Inspector window. In the simple recipe view the operating elements are based on the functions of the menu. Operator control Description "Tooltip" Calls up the configured tooltip for the selected rec ipe. "Add data record" Creates a new recipe data record in the recipe. "Delete data record" Deletes the selected data record. "Save" Saves the modified record with its current name. "Save as" Saves the modified record with a new name. "Synchronize recipe tags" Compares the values of the selected data record with the values on the PLC. "Write to PLC" Sends the current value to the PLC. "Read from PLC" Reads the current value from the PLC. Display number Specifies whether the number of the recipe and the number of the recipe data record are displayed in Runtime. The number of the recipe uniquely identifies the recipe in the project. 1. Click "Properties > Properties > View" in the Inspector window. 2. Select "Display > Display numbers". 5268 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuration behavior Displaying column headers The layout of the recipe view is dependent on the view settings in the control panel. Depending on the setting, the column headers may be truncated. This setting is found under "Display > Appearance" in the control panel. To display column headers correctly, set the display in "Windows and buttons" to "Windows Classic" style. This behavior only occurs during configuration. The column headers are displayed correctly in Runtime. See also User view, simple (Page 5197) Description of the advanced recipe view (prior to V13) (Page 5568) Display of recipes (Page 5540) Configuring the Advanced Recipe View (Page 5604) Device dependency of the objects (Page 5183) Switch (Basic Panels, Panels, RT Advanced) Application The "Switch" object is used to configure a switch that is used to switch between two predefined states in runtime. The current state of the "Switch" object can be visualized with either a label or a graphic. The following figure shows a "Switch" type switch. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. In particular, you can customize the following property: Type: Defines the graphic representation of the object. WinCC Advanced V14 System Manual, 10/2016 5269 Visualizing processes 12.1 Creating screens Type Button visualization is specified at "Properties > Properties > General >Type" in the Inspector window. Type Description "Switch" The two states of the "Switch" are displayed in the form of a switch. The position of the switch indicates the current state. The state is changed in runtime by sliding the switch. You specify the direction of movement of the switch in "Switch orientation" with this type. "Switch with text" The switch is shown as a button. The current state is visualized with a label. In runtime click on the button to actuate the switch. "Switch with graphic" The switch is shown as a button. The current state is visualized with a graphic. In runtime click on the button to actuate the switch. Note Basic Panels The "Switch" type is not available for Basic Panels. See also Elements (Page 5983) Overview of objects (Page 5025) Device dependency of the objects (Page 5183) Button Application The "Button" object allows you to configure an object that the operator can use in Runtime to execute any configurable function. 5270 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Mode: Defines the graphic representation of the object. Text / Graphic: Defines whether the Graphic view is static or dynamic. Define hotkey: Defines a key, or shortcut that the operator can use to actuate the button. Note You can only define a hotkey for HMI devices with keys. Mode The button display is defined in "Properties > Properties > General >Mode" in the Inspector window. Mode Description "Invisible" The button is not visible in Runtime. "Text" The button is displayed with text. This text explains the function of the button. "Graphic" The button is displayed with a graphic. This graphics represents the function of the button. "Graphics or text" The button is displayed with text or graphics. If the graphics cannot be displayed, the corresponding text is displayed. "Graphics and text" The button is displayed with text and graphics. Different options are available depending on the device. Text / Graphic The "Mode" property settings are used to define whether the display is static or dynamic. The display is defined in "Properties > Properties > General >Text" or "Graphic" in the Inspector window. You can, for example, select the following options for the "Graphic" or "Text" type. Type Option Description "Graphic" "Graphic" Use "Graphic when button is "not pressed"" to specify a graphic displayed in the button for the "OFF" state. Use "Graphic when button is "pressed"" to specify a graphic for the "ON" state. "Text" "Graphics list" The graphic in the button depends on the state. The corresponding entry from the graphics list is displayed depending on the state. "Text" Use "Text when button is "not pressed"" to specify the text displayed in the button for the "OFF" state. Use "Text when button is "pressed"" to specify text for the "ON" state. "Text list" WinCC Advanced V14 System Manual, 10/2016 The text in the button depends on the state. The entry from the text list corresponding to the state is displayed. 5271 Visualizing processes 12.1 Creating screens Note You cannot use text lists and graphics lists in buttons in WinCC Runtime Professional. Define hotkey In the Inspector window, a key or key combination is defined that the operator can use to control the button in Runtime. 1. In the Inspector window, select "Properties > Properties > General". 2. Select a key or key combination from the selection list in the "Hotkey" area. See also Example: Configuring a button for language switching (Page 5127) Example: Configuring a button with logon dialog box (Page 5686) Example: Configuring a button with access protection (Page 5690) Device dependency of the objects (Page 5183) Slider Use Process values are monitored and adapted within a defined range with the "Slider" object. The monitored range is visualized in the form of a slider. By adjusting the slider, you intervene in the process and correct the displayed process value. Note Do not configure a system function at the "Change" event for a regulated project if it is used to execute a GMP-relevant action. Instead configure the system functions at the "Value change" event of the tags in order to reduce the number of user actions. 5272 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can, in particular, adapt the following properties as required: Maximum Value and Minimum Value: Specifies the top and bottom values of the scale. Display current value: Specifies whether the current position of the controller appears below the slider. Display of bars: The sliders above and below the bar can be hidden. Maximum Value and Minimum Value The top and bottom end values of the scale are specified in the Inspector window. 1. In the Inspector window, activate "Properties > Properties > General". 2. Enter a number at "Maximum scale value" and "Minimum scale value". If you select a tag as the end value of the scale, the number will be no longer available. Configuring limits/ranges You can display limits and ranges in different colors. You define the colors in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Limits/Ranges". 2. Activate the limits/ranges that are to be displayed in runtime. 3. You can change the default colors for the ranges, if required. Note When you select the option "Show ranges from tag", you can display up to five ranges in the slider whose values are specified by means of a process tag. You define the values for the ranges with a process tag, which you interconnect with the screen object. The option "Show ranges from tag" is available for Comfort Panels, KTP Mobile Panels and RT Advanced. WinCC Advanced V14 System Manual, 10/2016 5273 Visualizing processes 12.1 Creating screens Display current value Specify that the value of the current position is displayed below the slider in the Inspector window. 1. In the Inspector window, activate "Properties > Properties > Layout". 2. Select "Show current value." Display bar The bar can be hidden. 1. In the Inspector window, activate "Properties > Properties > Layout". 2. Deactivate "Display bar". Behavior during operation The displayed value on the slider control may deviate from the actual value of the associated tag in the following circumstances: The value range (minimum and maximum value) configured for the slider control does not correspond to the configured limits for the slider control tag. An invalid password has been entered for a password-protected slider control. See also Device dependency of the objects (Page 5183) Key switch Application The object "KeySwitch" is an optional control element for the SIMATIC Mobile Panel. In runtime, the key switch is used to lock functions that can be triggered from the Mobile Panel. You configure the object "key switch" object in the "global screen" or in a template. Layout You can set the following properties in the Properties view: Tag: Specifies the tag in which the position of the key switch is written. 5274 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Tag The "Tag" property is used to specify the "Key switch" object assignment in the global screen or template. Note Notes on configuring When starting runtime and every time the key is pressed the current position of the key switch is written to the tag. In doing so it can cause inconsistencies between the position of the key switch and the key switch tags. 1. If the tag has a process connection, the current value is transferred from the PLC to the tag after establishment of communication. The tag that contains the current position of the key is overwritten by this process. It can be that the key switch tag no longer reflects the current value of the key switch, e.g. if the Mobile Panel is switched off while the key is being turned. 2. If the key switch is pressed before communication with the PLC has been established (e.g. after a device start-up), it may not be possible to send the value of the key switch tag to the PLC. In this case the value of the tag in the PLC is different from the current position of the key. A specific configuration is required to make sure that the key switch tag reflects the actual position of the key switch at all times. See the instructions below for the basic procedure. Basic procedure 1. Specify the connection to the PLC in the "Connections" editor. Activate the "Coordination" area pointer to ensure that the life bit is available to the PLC side. 2. Create three tags in the "Tag" editor. - Internal tag: Position_Keyswitch - External tag: Auxiliary tag - External tag: Keyswitch_PLC WinCC Advanced V14 System Manual, 10/2016 5275 Visualizing processes 12.1 Creating screens 3. Open the Inspector window of the "Position_KeySwitch" tag. 4. In the Inspector window, select "Properties > Events > Value change". 5. Click the first line of the function list. The list opens, showing the system functions available in the project. 6. Select the "SetTag" system function. - Select the "Keyswitch_PLC" tag at "Tag (output)". - Select the "Position_Keyswitch" tag at "Value". The value of the "Keyswitch_PLC" tag is written to the PLC with the "Position_Keyswitch" tag. A program in the PLC evaluates the life bit. If communication is established, the current value is written to the "Keyswitch_PLC" tag from the PLC. 7. Open the Inspector window of the "Auxiliary tag" tags. 8. In the Inspector window, select "Properties > Events > Value change". 9. Click the first line of the function list. The list opens, showing the system functions available in the project. 5276 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens 10.Select the "SetTag" system function. - Select the "Keyswitch_PLC" tag at "Tag (output)". - Select the "Position_Keyswitch" tag at "Value". After establishing communication the current value is written to the "Auxiliary Tag" from the PLC. The "SetTag" system function is executed by the value change in the auxiliary tag. The system function re-allocates the value of the "Position_Keyswitch" tag to the "Keyswitch_PLC". 11.Open the global screen or a template in the "Screen navigation" editor. 12.Select the key switch in the screen. 13.Select the "Position_KeySwitch" tag in the Inspector window under "Properties > Properties > General > Settings > Tag". If you actuate the key switch, the value is written to the "Position_KeySwitch" tag. See also Field of application of the Mobile Panel Wireless (Page 6002) WinCC Advanced V14 System Manual, 10/2016 5277 Visualizing processes 12.1 Creating screens Sm@rtClient view (Panels, RT Advanced) Application The "Sm@rtClient View" object is used to configure a network connection to the remote monitoring and remote maintenance of a connected unit. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Connect on start: Establishes whether when opening the Sm@rtClient view the connection to the HMI device is automatically created which should be remote-controlled. Shared use_ Specifies that an HMI device is shared by several Sm@rtClient Views. Local cursor: Specifies whether the cursor data is transferred separately in order to increase the performance. Use cursor key scroll: For keyboard devices places the control of the horizontal and vertical scroll with the cursor keys. Show controls: Establishes whether additional fields exist for entering the address and password. Allow menu: Specifies whether the shortcut menu is enabled to control the Sm@rtClient view. Connection type: Establishes the expected transfer speed for the remote monitoring. Scaling: Specifies whether the Sm@rtClient view can be zoomed in or out. Connect on start Establishes whether when opening the Sm@rtClient view the connection to the HMI device is automatically created which is remote-controlled. 1. In the Inspector window, select "Properties > Properties > General". 2. Select "View > Connect on start". 5278 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Shared use Define whether the HMI device can be used by several Sm@rtClient views under "Properties > Properties > General > View > Shared". Shared use Enabled HMI devices on which remote control is activated can access the remote HMI device and control the process. Only one HMI device can be active at a time in this case. A different HMI device can only assume control when there has been no activity on the active HMI device for a specified period of time. Disabled Only one HMI device can use the remote control at any given time. The activities can be followed on the other HMI devices. Depending on the settings on the Sm@rtServer the following options are available if another HMI device logs on: The HMI device is rejected. The active HMI device is disconnected and the new HMI device is connected. Local cursor If this property is set, then the cursor data is transferred separately. 1. In the Inspector window, select "Properties > Properties > General". 2. Select "View > Local cursor". Display extended objects If this property is set then there are additional fields for inputting the address and password. For the fields to be shown the "Connect on start" option is not activated. 1. In the Inspector window, select "Properties > Properties > General". 2. Select "View > Show enhanced objects". Allow menu If this property is set, then a shortcut menu to control the Sm@rtClient view is opened in Runtime. When operating using the mouse, the left mouse key must remain depressed for a few seconds for the shortcut menu to open. 1. In the Inspector window, select "Properties > Properties > General". 2. Select "View > Allow Menu". Connection type The "Connection type" property establishes the expected transfer speed for the remote monitoring. WinCC Advanced V14 System Manual, 10/2016 5279 Visualizing processes 12.1 Creating screens Set the connection type at "Connection type" under "Properties > Properties > General > Connection type" in the Inspector window. Connection type LAN Connection via network Slow Connection with a low transfer speed Medium speed Connection with a medium transfer speed Modem Connection via an analog modem Very slow Connection with a very low transfer speed Scaling If this property is set, then via "Client scale factor" and "Server scale" you can reduce or enlarge the Sm@rtClient view on the HMI device. 1. In the Inspector window, select "Properties > Properties > Scaling". 2. Select "Scaling > Scaling". 3. Enter the values for the scaling under "Client scale factor" and "Server scale factor". Behavior during operation If the program cannot resolve the dynamic address of a Sm@rtClient view after a screen change, the system connects to the configured server using the static address of the server. If a tag is now set using the dynamic address, you can make a second connection to this server. As a remedy preset the tags of the dynamic address for example by means of a script. See also Device dependency of the objects (Page 5183) Symbol library (Panels, RT Advanced, RT Professional) Application The "Symbol library" object contains a large collection of ready-to-use icons. These icons are used to represent systems and plant areas in screens. 5280 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Select icon: Specifies which library object will be used. Fill style: Specifies the graphic design of the object. Flip: Specifies the flip type of the library object. Rotate: Specifies the angle around which the library object is rotated. Fixed aspect ratio Defines whether the aspect ratio is maintained if the size is changed. Select symbol Select the icon at "Properties > Properties > General" in the Inspector window. Fill style Specify the design of the library object at "Properties > Properties > Appearance > Style" in the Inspector window. 1 "Hollow" The library object is displayed in outline. 2 "Solid" Black lines remain as outlines. Elements of the icon with a different color are displayed as a main color. 3 "Original" The screen object will not be changed. 4 "Shaded" Black lines remain as outlines. Elements of the symbol in other colors are displayed as brightness levels of a main color. At the TP 177B mono and OP 177B mono HMI devices the library object is displayed as an outline. "Hollow" is set as the default value for the fill style. If you change the setting from "hollow" to "original" or "shaded" then the color of the display on the configuration computer will deviate from that on the HMI device. This deviation is caused by the different color resolutions. You may also use a graphic object from the "Graphics" object group. The graphic objects are structured by topic and by depth of color in the "WinCC graphics folder." WinCC Advanced V14 System Manual, 10/2016 5281 Visualizing processes 12.1 Creating screens Flip and rotate The content of the screen flips around the horizontal or vertical central axis of the icon. The icon can be flipped horizontally, vertically or simultaneously horizontally and vertically. The screen content rotates around the central point of the icon. The symbol is rotated clockwise in increments of 90, 180, or 270 degrees. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select the mirroring mode at "Orientation > Mirror image". 3. Select the angle of rotation at "Orientation > Rotate". Fixed aspect ratio The smaller page of the library object defines the maximum size of the symbol. If you change the size of the library object unproportionally, the symbol is still scaled proportionally. Proceed as follows to configure a fixed aspect ratio: 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select "Form > Fixed aspect ratio". Behavior during operation The possibility of operating the mouse is indicated in Runtime by the cursor symbol changing, depending on the configuration. Operation feedback, e.g. by means of a color change, does not take place. See also Device dependency of the objects (Page 5183) Symbolic I/O field (Basic Panels, Panels, RT Advanced) Application The "Symbolic I/O field" object can be used to configure a selection list for input and output of texts in Runtime. 5282 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Mode: Specifies the response of the object in Runtime. Text list: Specifies the text list that is linked to the object. Button for selection list: Specifies that the object has a button to open the selection list. Note Reports In reports, symbolic I/O fields only output data. "Output" mode is preset. Properties for configuring the selection of graphics are not available, e.g. "button for selection list". Mode The response of the symbolic I/O field is specified in the Inspector window in "Properties > Properties > General > Type". Mode Description "Output" The symbolic I/O field is used to output values. "Input" The symbolic I/O field is used to input values. "Input/output" The symbolic I/O field is used for the input and output of values. "Two states" The symbolic I/O field is used only to output values and has a maximum of two states. The field switches between two predefined texts. This is used, for ex ample, to visualize the two states of a valve: closed or open. Note The behavior possible for the symbolic I/O field depends on the Runtime. Text list In the Inspector window, you specify which text list is linked to the symbolic I/O field. 1. In the Inspector window, select "Properties > Properties > General". 2. Under "Contents" open the selection list for "Text list". 3. Select a text list. WinCC Advanced V14 System Manual, 10/2016 5283 Visualizing processes 12.1 Creating screens Button for selection list The "Button for selection list" property is used to display a button for opening the selection list. 1. Select "Properties > Properties > Layout" in the Inspector window. 2. Select "Response > Button for selection list". Note Basic Panels The "Button for selection list" option is not available for Basic Panels. Behavior during operation The selection list of the symbolic I/O field displays an empty text line if a corresponding entry was not defined in the project. The active state is indicated on the HMI device by changing the color of contents of the symbolic I/O field. See also Graphic I/O field (Page 5210) Connecting tags and text lists in the text (Page 5050) Device dependency of the objects (Page 5183) System diagnostics view (Basic Panels) Introduction The system diagnostics view offers you an overview of all the available devices in your plant. You navigate directly to the cause of the error and to the relevant device. You have access to all diagnostics-capable devices which you have configured in the "Devices & networks" editor. Application The system diagnostics view enables you to achieve the maximum level of detail of the diagnostics data. A precise diagnosis is possible, as all the available data is displayed. You have the system status of the entire plant at one glance. 5284 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Views in the system diagnostics view A simple system diagnostics view is available on Basic Panels with a device version prior to V13. The advanced system diagnostics view is available on Basic Panels with a device version of V13 or later. Three different views are available in the system diagnostics view. Device view Diagnostic buffer view Detail view Device view The device view of the system diagnostics view shows all the available connections in tabular form. Double-clicking a connection opens the detail view. The device view is only displayed if more than one connection has been created in the "Devices & Networks" editor. Diagnostic buffer view In the diagnostic buffer view, the current data from the diagnostic buffer is displayed. WinCC Advanced V14 System Manual, 10/2016 5285 Visualizing processes 12.1 Creating screens Detail view The detail view shows detailed information on the selected connection. You cannot sort error texts in the detail view. The detail view is only available if there is an integrated connection to an S7-1200 or S7-1500. Layout You change the settings for the position, geometry, style, color, and font of the object in the Inspector window. You can adapt the following properties in particular: Lines per entry: Specifies the number of lines that are shown for an entry. Configuring the system diagnostics view 1. Drag-and-drop the system diagnostics view from the toolbox. 2. In the Inspector window, select "Properties > Layout". 3. Enter a number under "Lines per entry", i.e. 5. 4. Select an authorization for operation in "Properties > Properties > Security". See also System diagnostic view (Page 5286) Configuring system diagnostics objects (Page 6064) Basic Panel basics (Page 6057) System diagnostic view (Panels, RT Advanced) Introduction The system diagnostics view offers you an overview of all the available devices in your plant. You navigate directly to the cause of the error and to the relevant device. You have access to all diagnostics-capable devices which you have configured in the "Devices & networks" editor. 5286 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Application The system diagnostics view enables you to achieve the maximum level of detail of the diagnostics data. A precise diagnosis is possible, as all the available data is displayed. You have the system status of the entire plant at one glance. Four different views are available in the system diagnostics view. Device view Detail view Diagnostic buffer view Distributed I/O view Note The "System diagnostics view" object cannot be used in faceplates. Layout You change the settings for the position, geometry, style, color, and font of the object in the Inspector window. You can adapt the following properties in particular: Columns: Defines the elements of the device view and detail view. Show split view: Specifies that the device view and the detail view are shown simultaneously. WinCC Advanced V14 System Manual, 10/2016 5287 Visualizing processes 12.1 Creating screens Configuring the system diagnostics view 1. Drag-and-drop the system diagnostics view from the toolbox. 2. You define the start view for the system diagnostics view under "Properties > Properties > General > Mode". 3. In the Inspector window, select "Properties > Properties > Columns". 4. Select the columns that you require in the device view for Runtime, for example, Operating mode, Name, Slot. 5. Select the columns which you need in the detail view for runtime, e.g., Operating mode, Name, Address. 6. Select the columns that you require in the diagnostic buffer view, e.g., Status, Name, Rack. 7. Customize the column headers, if necessary. 8. Enter "IP" for "Address", for example. The column header "IP" is displayed in the device view in Runtime. 9. Rename other elements if necessary. 10.Select an authorization for operation in "Properties > Properties > Security". Showing device view and detail view in a single display You can split the system diagnostics view and allow the device and detail view to be shown in the same window. 1. In the Inspector window, click "Properties > Properties > Layout". 2. Activate "Show split view". Symbols in the system diagnostics view Icon Function Device in operation Device cannot be accessed Errors in device Input/output data are not available Device deactivated Maintenance required Maintenance recommended Superimposed symbol Shows the subordinate status Current configuration 5288 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Icon Function Stop e.g. Update, Boot, Own initialization Stop See also System diagnostics window (Page 5289) System diagnostics view (Page 5284) Device dependency of the objects (Page 5183) Basics on Panels and Runtime Advanced (Page 6060) Configuring system diagnostics objects (Page 6064) System diagnostics window (Panels, RT Advanced) Introduction The system diagnostics window offers you an overview of all the available devices in your plant. You navigate directly to the cause of the error and to the relevant device. You have access to all diagnostics-capable devices which you have configured in the "Devices & networks" editor. The system diagnostics window is only available in the global screen. Application The system diagnostics window enables you to achieve the maximum level of detail of the diagnostics data. A precise diagnosis is possible, as all the available data is displayed. You have the system status of the entire plant at one glance. WinCC Advanced V14 System Manual, 10/2016 5289 Visualizing processes 12.1 Creating screens Four different views are available in the system diagnostics window. Device view Detail view Diagnostic buffer view Distributed I/O view Note The "System diagnostics window" object cannot be used in faceplates. Layout You change the settings for the position, geometry, style, color, and font of the object in the Inspector window. You can adapt the following properties in particular: Columns: Defines the elements of the device view and detail view. Table headers: Specifies the table headers of the view. Window: Specifies whether the system diagnostics window can be closed, for example. Configuring the system diagnostics window 1. Drag and drop the system diagnostics view from the toolbox into the global screen. 2. You define the start view for the system diagnostics window under "Properties > Properties > General > Mode". 3. In the Inspector window, select "Properties > Properties > Columns". 4. Select the columns that you require in the device view for Runtime, e.g., Operating mode, Name, Slot. 5. Select the columns that you require in the detail view for Runtime, e.g., Operating mode, Name, Plant designation. 6. To change a column header, click in the field and (for example) enter "IP" for "Address". The column header "IP" is displayed in the device view in Runtime. 7. Rename other elements if necessary. 8. To be able to close the system diagnostics window in Runtime, select "Properties > Properties > Window > Closable" in the Inspector window. Icons in the system diagnostics window Button Function Device in operation Device cannot be accessed Errors in device 5290 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Button Function Device deactivated Input/output data are not available Maintenance required Maintenance recommended Superimposed symbol Shows the subordinate status Current configuration Stop e.g. Update, Boot, Own initialization Stop System diagnostics window: Show wire break error You have activated wire break diagnostics for a module. The error text is displayed in the system diagnostics window when a wire break error occurs. You can see the error text and possible causes of the error in the module detail view. Output of the channel number of the affected channel is not supported. See also System diagnostic view (Page 5286) Device dependency of the objects (Page 5183) Basics on Panels and Runtime Advanced (Page 6060) Configuring system diagnostics objects (Page 6064) Text field Application The "Text field" is a closed object which you can fill with a color. WinCC Advanced V14 System Manual, 10/2016 5291 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Text: Specifies the text for the text field. Size of text field: Defines whether the size of the object is adapted to the space required by the largest list entry. Text Specify the text for the text field in the Inspector window. 1. In the Inspector window, select "Properties > Properties > General". 2. Enter a text. For texts over several lines you can set a line break by pressing the key combination <Shift + Enter>. Size of text field In the Inspector window, you can define whether the size of the object is adapted to the space required by the largest list entry. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Activate "Resize > Fit to contents". See also Connecting tags and text lists in the text (Page 5050) Device dependency of the objects (Page 5183) Clock Application The "Clock" object displays the date and time. 5292 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Analog display: Specifies whether the clock is shown as an analog clock or digital clock. Display clock dial: Specifies whether hour marks of the analog clock will be displayed. Width and length of hands: Specifies the width and length of the hands. Analog display In the Inspector window you can specify whether the clock is displayed as an analog or digital clock. The digital clock shows both the time and the date. The display format depends on the language set on the HMI device. 1. In the Inspector window, select "Properties > Properties > General": 2. Activate "Analog". Display dial In the Inspector window you can specify whether hour marks will be displayed. 1. In the Inspector window, select "Properties > Properties > General": 2. Activate "Analog". 3. Activate "Show dial". Width and length of hands The width of the second hand, minute hand and hour hand is set for the analog display. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter values for "width" and "length". The values for the length are interpreted as a percentage of the size of the clock. The value for the length of the second hand influences the radius of the dial at the same time. See also Device dependency of the objects (Page 5183) Effective range name (Panels, RT Advanced) Use The "Effective range name" object is a operator control for some SIMATIC Mobile Panels. The "Effective range name" object shows the names of the effective range in which the HMI device is located and also the logon status. WinCC Advanced V14 System Manual, 10/2016 5293 Visualizing processes 12.1 Creating screens Layout Symbol Meaning Description Logon status Acknowledgement but ton has no effect Within the "MixingAxisControl" effective range It is not possible to log on to the effective range Acknowledgement but ton functions Within the "MixingAxisControl" effective range Logged on to effective range Acknowledgement but ton has no effect Within the "MixingAxisControl" effective range Logon to the effective range is rejected because a different HMI device is already logged on. Note: When using the "Override" mode: Although no other HMI device is still logged on to the effective range, logon is rejec ted because the override switch is still set. Acknowledgement but ton has no effect Outside of each effective range Note: You can only log on within the effective range In the Inspector window "Properties > Properties > Security", assign an authorization to log on to a machine in runtime. Logon requirements The HMI device is located within the effective range. No HMI device is logged on to this effective range. Logon procedure 1. Click on the "Effective range name" object. The "Effective range logon" dialog box opens. 2. Read the ID from the machine or plant to be operated. 3. Enter the ID you read. 4. Confirm your entries by clicking "OK". Result If the ID and effective range match, the HMI device is logged on to the effective range. Successful logon is signaled by an icon on green background. No other HMI device can log on to this effective range. 5294 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Requirement for logging off The HMI device is logged on to this effective range. Logoff procedure Before you leave the effective range or runtime, you must log off from the effective range first. If you leave the effective range without logging off, a warning appears. 1. Click on the "Effective range name" object. The "Effective range logoff" dialog box opens. 2. Confirm logoff with "Yes". Result The HMI device is no longer logged into the effective range. Other HMI devices can now log on to this effective range. Note Do not deactivate the "Override" mode again unless you logon a different HMI device. See also Charge condition (Page 5228) Effective range signal (Page 5297) WLAN reception (Page 5299) Zone name (Page 5302) Zone signal (Page 5303) Configuring the effective range name (Page 6035) Device dependency of the objects (Page 5183) WinCC Advanced V14 System Manual, 10/2016 5295 Visualizing processes 12.1 Creating screens Effective range name (RFID) (Panels, RT Advanced) Use The "Effective range name (RFID)" object is a operator control for some SIMATIC Mobile Panels. The "Effective range name (RFID)" object shows the name of the effective range (RFID) in which the HMI device is located and also the logon status. Note RFID tags in the plant area RFID tags may only be attached in demarcated areas which are secured by additional protective measures, e.g. protective fencing. Layout Symbol Meaning Description Logon status Acknowledgement but ton has no effect Within the effective range (RFID) "MixingAxisCon trol" It is not possible to log on to the effective range (RFID) Acknowledgement but ton functions Within the effective range (RFID) "MixingAxisCon trol" Logon to effective range (RFID) running Acknowledgement but ton functions Within the effective range (RFID) "MixingAxisCon trol" Logged on to the effective range (RFID) In the "Properties > Properties > Security" category of the Inspector window, you can assign an authorization for the user group that logs on to the effective range (RFID) during runtime. Logon requirements The HMI device is located within the effective range (RFID). The machine is demarcated by additional protective measures. No HMI device is logged on to this effective range (RFID). Logon procedure 1. Click on the "Effective range name (RFID)" object. The "Effective range logon" dialog box opens. 2. Read the ID from the machine or plant to be operated. 3. Enter the ID you read. 4. Confirm your entries by clicking "OK". 5296 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Result If the ID and effective range (RFID) match, the HMI device is logged on to the machine. Successful logon is signaled by an icon on green background. No other HMI device can log on to this effective range (RFID) or the machine. Logoff requirements The HMI device is logged on to this effective range (RFID). Logoff procedure Before you exit the effective range (RFID) or runtime, you must first log off from the effective range (RFID). If you exit the effective range (RFID) without logging off, a local rampdown is executed. 1. Click on the "Effective range name (RFID)" object. The "Effective range (RFID) - logoff" dialog box opens. 2. Confirm logoff with "Yes". Result The HMI device is no longer logged into the effective range (RFID) or machine. Other HMI devices can now log on to this effective range (RFID). See also Charge condition (Page 5228) WLAN reception (Page 5299) Configuring the effective range name (RFID) (Page 6039) Device dependency of the objects (Page 5183) Effective range signal (Panels, RT Advanced) Application The "Effective range signal" object is a control element for some SIMATIC Mobile Panels. The "Effective range signal" object indicates how accurately the Mobile Panel Wireless is positioned within an effective range. WinCC Advanced V14 System Manual, 10/2016 5297 Visualizing processes 12.1 Creating screens Layout Symbol Description Within an effective range When leaving an effective range When entering an effective range Outside of each effective range Override function is activated: Within a special security range of the effective range The "Effective range name" object indicates which effective range this concerns. Override function An effective range, e.g. "robots" is formed outwardly through transponders. However, within a special protection zone, e.g. "robot cells", the effective range is not formed by transponders, but by alternative restrictions e.g. by railings and a door. The operator initially logs on to the effective range. An operator who enters the restricted and secure zone "robot cells" must press an additional switch to activate the override function: The effective range is allocated and can no longer be established by the transponder. Therefore, the quality does not play a role and is no longer displayed. The HMI device remains logged into the effective range. Other HMI devices can no longer logon to this effective range. Calculating the signal quality The quality within an effective range depends, as follows, on the measured distance: In the center of the effective range the quality is 100%. On the transponder and on the border of the effective range, the quality is 0%. Operation The object is for display only and cannot be controlled by the operator. See also Charge condition (Page 5228) Effective range name (Page 5293) WLAN reception (Page 5299) Zone name (Page 5302) Zone signal (Page 5303) 5298 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Configuring additional Mobile Wireless objects (Page 6036) Device dependency of the objects (Page 5183) WLAN reception (Panels, RT Advanced) Application The "WLAN reception" object is a control element for some SIMATIC Mobile Panels. The "WLAN reception" object displays the signal strength of the WLAN wireless connection. In addition, the signal strength is measured and displayed by means of 5 bars. Layout Symbol Meaning Signal strength No wireless connection No signal Very poor wireless connection =<20 % Poor wireless connection >20 % =<40 % Wireless connection OK >40 % =<60 % Good wireless connection >60 % =<80 % Very good wireless connection >80 % Operation The object is for display only and cannot be controlled by the operator. See also Charge condition (Page 5228) Effective range name (Page 5293) Effective range name (RFID) (Page 5296) Effective range signal (Page 5297) Zone name (Page 5302) Zone signal (Page 5303) WinCC Advanced V14 System Manual, 10/2016 5299 Visualizing processes 12.1 Creating screens Configuring additional Mobile Wireless objects (Page 6036) Device dependency of the objects (Page 5183) Gauge Use The "Gauge" object shows numeric values in the form of an analog gauge. For example, a glance in Runtime is enough to note that the boiler pressure is in the normal range. Note The gauge is for display only and cannot be controlled by the operator. Configure system functions that are performed at value changes in the tag properties at the "Value change" event and not at the "Change" event of the gauge. If your project is to comply with Good Manufacturing Practices, and the system function performs a GMP-relevant action. e.g. increasing a GMP-relevant tag, every value change of the tag used at the gauge is interpreted as a user action. Layout In the Inspector window, you customize the position, geometry, style, color and font types of the object. You can adapt the following properties in particular: Display peak value pointer: Specifies whether the actual measurement range is indicated with a slave pointer. Maximum Value and Minimum Value: Specifies the top and bottom values of the scale. Start value of the danger range and start value of the warning range: Specifies the scale value from which the danger range and the warning range start. Display normal range: Specifies whether the normal range is shown in color on the scale. Color of individual ranges: Different operating modes, such as normal range, warning range and danger range, are shown in different colors so that the operator can distinguish them easily. 5300 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Note The use of many differently sized "Gauge" objects can reduce the performance in Runtime. With "Gauge", avoid minimally different heights and widths, for example, 48 pixels, 49 pixels, 51 pixels, etc. Use the same sizes instead. Display peak value The "Display peak value" property can be used to activate a marker function for the maximum and minimum pointer movement in Runtime. The actual measurement range is shown with a slave pointer. 1. In the Inspector window, activate "Properties > Properties > Appearance > Show peak values". Maximum Value and Minimum Value You can set the top and bottom end values of the scale in the Inspector window. 1. In the Inspector window, select "Properties > Properties > General". 2. Enter a number under "Process > Maximum scale value" and for "Minimum scale value". If you select a tag as the end value of the scale, the number will be no longer available. Note Ensure that the minimum value is always less than the maximum value, especially if you make the minimum value or maximum value dynamic through a tag. If the minimum value is greater than the maximum value, no adjustment is made to the scale end values. Start value of the danger range and start value of the warning range Define the scale value at which the danger range and the warning range start in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Limits/Ranges". 2. Enter the start value for the danger range in "Upper 2" and the start value for the warning range in "Upper 1". 3. Select "start value of danger range" and "start value of warning range" to display the ranges on the scale. Normal range visible In the Inspector window, define whether to show the normal range in color. 1. In the Inspector window, select "Properties > Properties > Limits/Ranges". 2. Select "Normal". WinCC Advanced V14 System Manual, 10/2016 5301 Visualizing processes 12.1 Creating screens Color of individual ranges You can display the normal range, the danger range and the warning range in different colors. Define the color in the Inspector window. 1. In the Inspector window, select "Properties > Properties > Limits/Ranges". 2. Select a color from the color palette for the three areas. Note The following restrictions apply for HMI devices with Windows CE up to version 5.0: The three ranges (normal / warning / danger) are not visualized in different colors in Runtime. Note When you select the option "Show ranges from tag", you can display up to five ranges in the gauge whose values are specified by means of a process tag. You define the values for the areas with a process tag, which you interconnect with the screen object. The option "Show ranges from tag" is available for Comfort Panels, KTP Mobile Panels and RT Advanced. See also Device dependency of the objects (Page 5183) Zone name (Panels, RT Advanced) Application The "Zone name" object is a control element for some SIMATIC Mobile Panels. The "Zone name" object shows the names of the zone in which the HMI device is located. Layout Symbol Meaning Description The "On entry" and "On exit" events of the zone Within the "MixingPlant" zone and the zone ID can be used in the configuration. - 5302 Outside of each zone WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.1 Creating screens Procedure for "On entry" event 1. In the "Zones" or "Zones and effective ranges" editor, configure the function "ActivateScreen" on the "On entry" event. Procedure with zone ID 1. Select an internal tag as the "Zone ID / Connection point ID" in the "Runtime settings > General" editor. 2. Animate the visibility of an object, e.g. "I/O field" via the internal tag. Operation The object is for display only and cannot be operated. See also Charge condition (Page 5228) Effective range name (Page 5293) Effective range signal (Page 5297) WLAN reception (Page 5299) Zone signal (Page 5303) Device dependency of the objects (Page 5183) Zone signal (Panels, RT Advanced) Application The "Zone signal" object is a control element for some SIMATIC Mobile Panels. The "Zone signal" object indicates how well the Mobile Panel is still in a zone. Compared to the "WLAN reception" object, it is not the signal strength that is measured, it is calculated from the distance. Layout Symbol Meaning Quality Within one zone >=15 % When leaving a zone When entering a zone <15 % and >0 % Outside of each zone =0 % The "Zone name" object indicates which zone this concerns. WinCC Advanced V14 System Manual, 10/2016 5303 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Calculating the signal quality The quality of the signal within a zone depends, as follows, on the measured distance: In the centre of the zone the quality is 100%. To the rear towards the transponder and to the front away from the transponder, the quality starts to diminish linearly. On the transponder and on the border of the zone, the quality is 0%. Operation The object is for display only and cannot be operated. See also Charge condition (Page 5228) Effective range name (Page 5293) Effective range signal (Page 5297) WLAN reception (Page 5299) Zone name (Page 5302) Device dependency of the objects (Page 5183) 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 12.2.1 Basics (Basic Panels, Panels, RT Advanced) 12.2.1.1 Basics of tags (Basic Panels, Panels, RT Advanced) Introduction Process values are forwarded in runtime using tags. Process values are data which is stored in the memory of one of the connected automation systems. They represent the status of a plant in the form of temperatures, fill levels or switching states, for example. Define external tags for processing the process values in WinCC. WinCC works with two types of tag: External tags Internal tags The external tags form the link between WinCC and the automation systems. The values of external tags correspond to the process values from the memory of an automation system. The value of an external tag is determined by reading the process value from the memory of 5304 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) the automation system. It is also possible to rewrite a process value in the memory of the automation system. ([WHUQDOWDJ 3URFHVVYDOXH :LQ&& $XWRPDWLRQV\VWHP Internal tags do not have a process link and only convey values within the WinCC. The tag values are only available as long as runtime is running. Tags in WinCC For external tags, the properties of the tag are used to define the connection that the WinCC uses to communicate with the automation system and form of data exchange. Tags that are not supplied with values by the process - the internal tags - are not connected to the automation system. In the tag's "Connection" property, this is identified by the "Internal tag" entry. You can create tags in different tag tables for greater clarity. You then directly access the individual tag tables in the "HMI tags" node in the project tree. The tags from all tag tables can be displayed with the help of the table "Show all tags". With structures you bundle a number of different tags that form one logical unit. Structures are project-associated data and are available for all HMI devices of the project. You use the "Types" editor in the project library to create and edit a structure. See also Creating external tags (Page 5314) Manage tags (Page 5318) Tag Limits (Page 5327) Indirect addressing of tags (Page 5344) Internal Tags (Page 5312) Basics on arrays (Page 5348) Basics on user data types (Page 5353) Cycle basics (Page 5361) Trends (Page 5384) Overview of HMI tag tables (Page 5306) Addressing external tags (Page 5309) Basic principles for data logging (Page 5363) WinCC Advanced V14 System Manual, 10/2016 5305 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) External tags (Page 5307) Outputting tag values in screens (Basic) (Page 5382) 12.2.1.2 Overview of HMI tag tables (Basic Panels, Panels, RT Advanced) Introduction HMI tag tables contain the definitions of the HMI tags that apply across all devices. A tag table is created automatically for each HMI device created in the project. In the project tree there is an "HMI tags" folder for each HMI device. The following tables can be contained in this folder: Default tag table User-defined tag tables Table of all tags In the project tree you can create additional tag tables in the HMI tags folder and use these to sort and group tags and constants. You can move tags to a different tag table using a dragand-drop operation or with the help of the "Tag table" field. Activate the "Tags table" field using the shortcut menu of the column headings. Default tag table There is one default tag table for each HMI device of the project. It cannot be deleted or moved. The default tag table contains HMI tags and, depending on the HMI device, also system tags. You can declare all HMI tags in the standard tags table or, as necessary, additional userdefined tables of tags. User-defined tag tables You can create multiple user-defined tag tables for each HMI device in order to group tags according to your requirements. You can rename, gather into groups, or delete user-defined tag tables. To group tag tables, create additional subfolders in the HMI tags folder. All tags The "All tags" table shows an overview of all HMI tags and system tags of the HMI device in question. This table cannot be deleted, renamed or moved. This table also contains the "Tags table" column, which indicates the tag table of where a tag is included. Using the "Tags table" field, the assignment of a tag to a tags table can be changed. With devices for Runtime Professional, the table "All tags" contain an additional tab "System tags". The system tags are created by the system and used for internal management of the project. The names of the system tags begin with the "@" character. System tags cannot be deleted or renamed. You can evaluate the value of a system tag, but cannot modify it. 5306 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Additional tables The following tables are also available in an HMI tag table: Discrete alarms Analog alarms Logging tags With the help of these tables you configure alarms and logging tags for the currently selected HMI tag. Discrete alarms table In the "Discrete alarms" table, you configure discrete alarms to the HMI tag selected in the HMI tag table. When you configure a discrete alarm, multiple selection in the HMI tag table is not possible. You configure the discrete alarms for each HMI tag separately. Analog alarms table In the "Analog alarms" table, you configure analog alarms to the HMI tag selected in the HMI tag table. When you configure an analog alarm, multiple selection in the HMI tag table is not possible. You configure the analog alarms for each HMI tag separately. Logging tags table In the "Logging tags" table, you configure logging tags to the HMI tag selected in the HMI tag table. When you configure a logging tag, multiple selection in the HMI tag table is not possible. You configure the logging tags for each HMI tag separately. The "Logging tags" table is only available if the HMI device used supports logging. If WinCC Runtime Professional is used, you can also assign several log tags to a tag. With the other HMI devices, you can only assign one log tag to a tag. See also Basics of tags (Page 5304) 12.2.1.3 External tags (Basic Panels, Panels, RT Advanced) Introduction External tags allow communication (data exchange) between the components of an automation system, for example, between an HMI device and a PLC. Principle An external tag is the image of a defined memory location in the PLC. You have read and write access to this storage location from both the HMI device and from the PLC. WinCC Advanced V14 System Manual, 10/2016 5307 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Since external tags are the image of a storage location in the PLC, the applicable data types depend on the PLC which is connected to the HMI device. If you write a PLC control program in STEP 7, the PLC tags created in the control program will be added to the PLC tag table. If you want to connect an external tag to a PLC tag, access the PLC tags directly via the PLC tag table and connect them to the external tag. Data types All the data types which are available at the connected PLC are available at an external tag in WinCC. Information about data types which are available for connection to other PLCs can be found in the documentation about the respective communication drivers. See "AUTOHOTSPOT" for additional information. Note As well as external tags, area pointers are also available for communication between the HMI device and PLC. You can set up and enable the area indicators in the "Connections" editor. Central tag management in STEP 7 You can connect also connect DB instances of user-defined PLC data types (UDT) to the HMI tags. The PLC data type and the corresponding DB instances are created and updated centrally in STEP 7. In WinCC, you can use the following sources as PLC tag (DB instances): Data block elements that use a UDT as data type Data block instances of a UDT The data type is taken from STEP 7 and is not converted to an HMI data type. The access type is always "Symbolic access". Depending on the release for WinCC in STEP 7, elements and structured elements of the PLC data type are applied to WinCC. Elements of a structured UDT are applied and displayed in the PLC tag table if the instance-specific properties "Visible in HMI" and "Accessible from HMI" have been set. Note Accessing PLC data types Access to PLC data types is only available in conjunction with SIMATIC S7-1200 or S7-1500. Synchronization with PLC tags A variety of options for synchronizing external tags with the PLC tags are available in the Runtime settings under "Settings for tags". When you perform synchronization, you have the option of automatically applying the tag names of the PLC to external tags and reconnecting the existing tags. 5308 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) The generated tag name is derived from the position of the data value in the hierarchical structure of the data block. Update of tag values For external tags, the current tag values are transmitted in Runtime via the communication connection between WinCC and the connected automation systems and then saved in the runtime memory. Next, the tag value will be updated to the set cycle time. For use in the runtime project, WinCC accesses tag values in the runtime memory that were read from the PLC at the previous cycle time. As a result, the value in the PLC can already change while the value from the runtime memory is being processed. Note PLC array elements in conjunction with S7-1200 or S7-1500 The index of the PLC array elements can begin with any number. In WinCC, indexing always starts with 0. A PLC tag "Array [1..3] of Int", for example, is mapped to "Array [0..2] of Int" in WinCC. When you access an array in a script, pay attention to the correct indexing. See also Basics of tags (Page 5304) 12.2.1.4 Addressing external tags (Basic Panels, Panels, RT Advanced) Introduction The options for addressing external tags depend on the type of connection between WinCC and the PLC in question. A distinction must be made between the following connection types: Integrated connection Connections of devices which are within a project and were created with the "Devices & Networks" editor are referred to as integrated connections. Non-integrated connection Connections of devices which were created with the "Connections" editor are referred to as non-integrated connections. It is not necessary that all of the devices be within a single project. The connection type can also be recognized by its icon. Integrated connection Non-integrated connection You can find additional information in the section "AUTOHOTSPOT". WinCC Advanced V14 System Manual, 10/2016 5309 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Addressing with integrated connections An integrated connection offers the advantage that you can address a tag both symbolically and absolutely. For symbolic addressing, you select the PLC tag via its name and connect it to the HMI tag. The valid data type for the HMI tag is automatically selected by the system. You have to distinguish between the following cases when you address elements in data blocks: Symbolic addressing of data blocks with optimized access and standard access: During the symbolic addressing of a data block with optimized access and standard access, the address of an element in the data block is dynamically assigned and is automatically adopted in the HMI tag in the event of a change. You do not need to compile the connected data block or the WinCC project for this step. For data blocks with optimized access, only symbolic addressing is available. For symbolic addressing of elements in a data block, you only need to recompile and reload the WinCC project in case of the following changes: If the name or the data type of the linked data block element or global PLC tag has changed. If the name or the data type of the higher level structure node of a linked element in the data block element or global PLC tag has changed. If the name of the connected data block has changed. Symbolic addressing is currently available with the following PLCs: SIMATIC S7-1200 SIMATIC S7-1500 Symbolic addressing is also available if you have an integrated link. You can also use absolute addressing with an integrated connection. You have to use absolute addressing for PLC tags from a SIMATIC S7-300/400 PLC. If you have connected an HMI tag with a PLC tag and the address of the PLC tag changes, you only have to recompile the control program to update the new address in WinCC. Then you recompile the WinCC project and load it onto the HMI device. In WinCC, symbolic addressing is the default method. To change the default setting, select the menu command "Options > Settings". Select "Visualization > Tags" in the "Settings" dialog. If required, disable the "Symbolic access" option. 5310 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) The availability of an integrated connection depends on the PLC used. The following table shows the availability: PLC Integrated connection Comments S7-300/400 Yes The linking of tags is not checked in Runtime. If the tag address changes in the PLC and the HMI device is not compiled again and loaded, the change is not registered in runtime. S7-1200 Yes A validity check of the tag connection is per formed in runtime during symbolic addressing. If an address is changed in the PLC, the change is registered and an error message is issued. In the case of absolute addressing, the behavior de scribed for the S7-300/400 applies. S7-1500 Yes A validity check of the tag connection is per formed in runtime during symbolic addressing. If an address is changed in the PLC, the change is registered and an error message is issued. In the case of absolute addressing, the behavior de scribed for the S7-300/400 applies. Create an integrated connection in the "Devices & Networks" editor. If the PLC is contained in the project and integrated connections are supported, you can then also have the connection created automatically. To do this, when configuring the HMI tag, simply select an existing PLC tag to which you want to connect the HMI tag. The integrated connection is then automatically created by the system. Addressing with non-integrated connections In the case of a project with a non-integrated connection, you always configure a tag connection with absolute addressing. Select the valid data type yourself. If the address of a PLC tag changes in a project with a non-integrated connection during the course of the project, you also have to make the change in WinCC. The tag connection cannot be checked for validity in Runtime, an error message is not issued. A non-integrated connection is available for all supported PLCs. Symbolic addressing is not available in a non-integrated connection. With a non-integrated connection, the control program does not need to be part of the WinCC project. You can perform the configuration of the PLC and the WinCC project independently of each other. For configuration in WinCC, only the addresses used in the PLC and their function have to be known. See also Basics of tags (Page 5304) WinCC Advanced V14 System Manual, 10/2016 5311 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 12.2.1.5 Internal Tags (Basic Panels, Panels, RT Advanced) Introduction Internal tags do not have any connection to the PLC. Internal tags transport values within the HMI device. The tag values are only available as long as runtime is running. Principle Internal tags are stored in the memory of the HMI device. Therefore, only this HMI device has read and write access to the internal tags. You can create internal tags to perform local calculations, for example. You can use the HMI data types for internal tags. Availability depends on the HMI device being used. The following HMI data types are available: HMI data type Data format Array One-dimensional array Bool Binary tag DateTime Date/time format DInt Signed 32-bit value Int Signed 16-bit value LReal Floating-point number 64-bit IEEE 754 Real Floating-point number 32-bit IEEE 754 SInt Signed 8-bit value UDnt Unsigned 32-bit value UInt Unsigned 16-bit value USInt Unsigned 8-bit value WString Text tag, 16-bit character set See also Basics of tags (Page 5304) 12.2.1.6 User-defined PLC data types (UDT) (Basic Panels, Panels, RT Advanced) Overview You can connect with the HMI tags and DB instances of user-defined PLC data types (UDT). The PLC data type and the corresponding DB instances are created and updated centrally in STEP 7. In WinCC, you can use the following sources as PLC tag (DB instances): Data block elements that use a UDT as data type Instance data blocks of a UDT 5312 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) The data type is taken from STEP 7 and is not converted into an HMI data type. The access type is always "Symbolic access". Elements of a PLC data type You have access to the following elements in WinCC with a structured PLC data type: Elements that have been released for WinCC in STEP 7. Elements whose data types are supported in WinCC. Note Invalid elements of a PLC data type in WinCC Invalid elements generate an error in WinCC. If you disable the "Accessible from HMI" option for the corresponding elements of the associated PLC data type in STEP 7, these elements are excluded in WinCC. Naming conventions The following characters are invalid in the name of the PLC data type and generate an error in WinCC: Period: "." Brackets: "(" and ")" Properties The properties of the PLC data type and its elements are adopted in WinCC. Depending on the data type used, the properties are read-only or can be written to in WinCC. If you change the connection of the PLC data type in WinCC, all elements of the PLC data type are deleted and the properties of the newly connected PLC tag are used. In WinCC, you have access to STEP 7 comments on elements of the PLC data type. You have limited access to properties in WinCC for the following elements of PLC data types: Elements of the data type "Struct" PLC data type Multidimensional arrays Array of complex data types except "DTL" Mapping of the data type "DTL" If a PLC data type contains elements of the data type "DTL", these elements are mapped in WinCC without lower-level elements. The data type "DTL" turns into "DateTime" in WinCC. WinCC Advanced V14 System Manual, 10/2016 5313 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Tags with elements of the "DTL" data type Tags that use the "DTL" data type element by element can only be used as read-only with symbolic addressing, e.g. with SIMATIC S7 1200 and SIMATIC S7 1500. With absolute addressing, write access is also possible. 12.2.2 Working with Tags (Basic Panels, Panels, RT Advanced) 12.2.2.1 Creating tags (Basic Panels, Panels, RT Advanced) Creating external tags (Basic Panels, Panels, RT Advanced) Introduction You can access an address in the PLC via a PLC tag using an external tag. The following options are available for addressing: Symbolic addressing Absolute Addressing You can find further details on symbolic addressing in section "Addressing external tags (Page 5309)". If possible, use symbolic addressing when configuring a tag. You create tags either in the standard tag table or in a tag table you defined yourself. Requirement You have opened the project. A connection to the PLC is configured. The Inspector window is open. Procedure To create an external tag, proceed as follows: 1. Open the "HMI tags" folder in the project tree and double-click the standard tag table. The tag table open. Alternatively, create a new tag table and then open it. 2. In the "Name" column, double-click "Add" in the tag table. A new tag is created. 3. Select the "Properties > Properties >General" category in the Inspector window and, if required, enter a unique tag name in the "Name" field. The tag name must be unique throughout the device. 4. If required, select the "Display name" field to enter a name to be displayed in Runtime. The name to be displayed is language-specific and can be translated for the required Runtime languages. The display name is available for Basic Panels, Panels and Runtime Advanced. 5314 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 5. Select the connection to the required PLC in the "Connection" box. If the connection you require is not displayed, you must first create the connection to the PLC. You create the connection to a SIMATIC S7 PLC in the "Devices & Networks" editor. You create the connection to external PLCs in the "Connections" editor. If the project contains the PLC and supports integrated connections, you can also have the connection created automatically. To do this, when configuring the HMI tag, simply select an existing PLC tag to which you want to connect the HMI tag. The integrated connection is then automatically created by the system. 6. If you are working with an integrated connection, click the button in the "PLC tag" field button to confirm the and select an already created PLC tag in the object list. Click the selection. Alternatively, use the autocomplete to select a PLC tag for an integrated connection. If you select a PLC tag from the autocomplete list, it is entered in the input path. The elements of the PLC tags are displayed in the autocomplete list. If you have selected a PLC tag that can be connected to the HMI tags, the PLC tag is connected to the HMI tags. 7. If you are working with a non-integrated connection, enter the address from the PLC in the "Address" field. The "PLC tag" field remains empty. 8. Configure the other properties of the tag in the inspector window. You can also configure all tag properties directly in the tag table. To view hidden columns, activate the column titles using the shortcut menu. You can also create new tags alternatively directly at the application point, e.g. on an I/O field. To do this, click the button in the object list. You then configure the new tag in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5315 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Result An external tag has been created and linked to a PLC tag or an address in the PLC. Alternative procedure You can also create external HMI tags by dragging and dropping data block elements or global PLC tags in an HMI tag table. See also Creating internal tags (Page 5316) Creating multiple tags (Page 5317) Basics of tags (Page 5304) Addressing external tags (Page 5309) Manage tags (Page 5318) Tag Limits (Page 5327) Indirect addressing of tags (Page 5344) Creating internal tags (Basic Panels, Panels, RT Advanced) Introduction You must at least set the name and data type for internal tags. Select the "Internal tag" item, rather than a connection to a PLC. For documentation purposes, it is a good idea to enter a comment for every tag. Requirement You have opened the project. Procedure 1. Open the "HMI tags" folder in the project tree and double-click the entry "Standard tag table". The tag table opens. Alternatively, create and then open a new tag table. 2. Double-click "Add" in the "Name" column of the tag table. A new tag is created. 3. If the Inspector window is not open, select the "Inspector window" option in the "View" menu. 4. Select the "Properties > Properties >General" category in the Inspector window and, if required, enter a unique tag name in the "Name" field. This tag name must be unique throughout the project. 5316 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 5. If required, select the "Display name" field to enter a name to be displayed in Runtime. The name to be displayed is language-specific and can be translated for the required Runtime languages. The display name is available for Basic Panels, Panels and Runtime Advanced. 6. Select "Internal tag" as the connection in the "Connection" field. 7. Select the required data type in the "Data type" field. 8. In the "Length" field, you must specify the maximum number of characters to be stored in the tag according to the selected data type. The length is automatically defined by the data type for numerical tags. 9. As an option, you can enter a comment regarding the use of the tag. To do so, click "Properties > Properties > Comment" in the Inspector window and enter a text. You can also configure all tag properties directly in the tag table. To view hidden columns, activate the column titles using the shortcut menu. You can also create new tags alternatively directly at the application point, e.g. on an I/O field. Click the button in the object list. You can then configure the new tag in the Properties window that opens. Result An internal tag is created. You can now use this in your project. In additional steps you can configure the tag, for example, by setting the start value and limits. See also Creating external tags (Page 5314) Creating multiple tags (Basic Panels, Panels, RT Advanced) Introduction In a tag table, you create additional identical tags by automatically filling the rows of the table below a tag. The tag names are incremented automatically when filling in automatically. You can also use the auto fill function to fill table cells below a tag with a single tag property and thus modify the corresponding tags. If you apply the automatic filling in to already filled cells of a tab table, you will be asked whether you want to overwrite the cells or insert new tags. If you do not want to overwrite already configured tags, activate insert mode. Activate insert mode by keeping the <Ctrl> key pressed during insertion. Already existing entries in the tag table are moved down if insert mode is activated. WinCC Advanced V14 System Manual, 10/2016 5317 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Requirement You have opened the project. A tag table is open. The tag which is to serve as a template for other tags is configured. Procedure 1. If you want to create new tags, mark in the "Name" column the tag that should be used as a template for the new tags. If you want to copy a property of a tag to the tags below it, select the cell which contains this property. The selected cell will be highlighted in color and a small blue square will appear in its bottom right corner. If you move the mouse over this square, the cursor will change to a black cross. 2. Hold down the mouse button and drag this square over the cells below that you wish to fill automatically. The marking will be extended to cover this area. 3. Now release the mouse button. All of the marked cells will be filled automatically. New tags will be created in all empty cells in the marked area. Result Depending on which cells were selected, the function may automatically fill individual properties or create new tags. See also Creating external tags (Page 5314) 12.2.2.2 Editing tags (Basic Panels, Panels, RT Advanced) Manage tags (Basic Panels, Panels, RT Advanced) Introduction You can always rename, copy or delete tags. When a tag is renamed, the new name must be unique for the whole device. If you use the "Copy" command to copy a tag to the clipboard, the objects and references linked to the tag are copied as well. If you use the "Insert" command to add a tag to another device, the tag will be added without the connected references. Only the object name of the reference will be inserted. If a reference 5318 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) of the same name and valid properties exists in the target system, the existing reference will then be connected to the copied tag. If you copy a tag, some of the objects linked to the tag are copied as well. The following objects are copied: Logging tags Cycles Alarms If you add the copied tag to another device, the tag is added together with the linked objects. Requirements The tag which you wish to rename, copy or delete must exist. The tag table containing the tag is open. Renaming tags Note The connection to the tags can be interrupted in Runtime under the following conditions during renaming: HMI tag is used in a type, for example, to dynamize an object property via a script. One or more instances of the type are used in the project. Project is in Runtime. After the renaming, execute the command "Compile > Software (only changes)". Solution: Exit Runtime and rename the tag. Execute the "Compile > Software (rebuild all)" command. 1. In the "Name" field, select the tag in the tag table. 2. Select "Rename" from the shortcut menu. 3. Type in a new name. The tag appears under its new name. Copying tags 1. Select one or more tags in the tag table. 2. Select "Copy" from the shortcut menu. 3. Click on the point at which you want to insert the tag. For example, click another tag table in the same device or the tag table in a second device. 4. Select "Paste" from the shortcut menu. The tag is inserted as described above. WinCC Advanced V14 System Manual, 10/2016 5319 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Deleting a tag 1. Select one or more tags in the tag table. 2. Select the "Cross-reference" command from the "Tools" menu. In the "Cross-reference" editor, check to see where the tags are used. In this manner, you can see what impact the deletion of the tag will have on your project. 3. Select "Delete" in the pop-up menu of the tag. All marked tags will be deleted. Note If you want a warning to be output during compiling when HMI tags are deleted in screens, clear the "Do not check deleted HMI tags in screens" check box under "Runtime settings > General > Compiler options". If this option is not activated, the affected field with the deleted tag is marked as invalid. Export and import of tags WinCC gives you the option to export and import tags. With Export and Import, you have the option to export tags from one project and import them into another project. There is also the option to create larger numbers of tags outside of WinCC, edit them and subsequently import into any WinCC project. See AUTOHOTSPOT for additional information. See also Edit tags (Page 5320) Configuring multiple tags simultaneously (Page 5321) Using multiple tags simultaneously in a screen (Page 5322) Basics of tags (Page 5304) Synchronizing tags (Page 5326) Creating external tags (Page 5314) Edit tags (Basic Panels, Panels, RT Advanced) Introduction You can modify tags at any time to adapt them to changed requirements in the project. 5320 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Edit tags You have the following options to change the configuration of a tag: You open the tag table in which the tag is contained. Open the tag table "Show all tags". You open the Inspector window of a tag with the "Edit" button in the object selection on the display and operating object. In the tag tables, you can perform such tasks as comparing and adjusting the properties of multiple tags or sorting the tags by their properties. You can change the properties either directly in the table or in the Inspector window. If you change a tag property and this change causes a conflict with another property, it will be highlighted in color to draw your attention to this fact. If you link the tag with another controller, for example, which does not support the set data type, this property is highlighted in color. See also Manage tags (Page 5318) Configuring multiple tags simultaneously (Basic Panels, Panels, RT Advanced) Introduction In WinCC, you can assign the same properties to multiple tags in a single operation. This facilitates efficient programming. Requirement You created the tags you want to configure. The tag table is open. The Inspector window is open. Procedure 1. In the tag table, select all the tags that you want to configure at the same time. If the selected property is identical for all the tags, the setting for this property will appear in the Inspector window. The associated field will remain blank otherwise. 2. You can define the shared properties in the Inspector window or directly in the tag table. if you change a property commonly on several tags, only this one property is changed. The other properties of the tag remain unchanged. Result All marked tags will be reconfigured. To edit tag properties which differ from one tag to the other, simply clear the multiple selection. WinCC Advanced V14 System Manual, 10/2016 5321 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Manage tags (Page 5318) Using multiple tags simultaneously in a screen (Basic Panels, Panels, RT Advanced) Introduction In WinCC, you can create multiple I/O fields that are linked with tags in one screen in a single operation. This facilitates efficient programming. Requirement Several tags are set up. A screen is open. 5322 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure 1. In the project tree, select the required tag table under "HMI tags". 2. Select the detail view at the bottom of the project tree. The detail view shows the tags that exist in the selected tag group. WinCC Advanced V14 System Manual, 10/2016 5323 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 3. Mark the tags in the detail window. 4. Drag the tags to the screen. For each tag, this creates an I/O field that is connected to the tag. Note When you move a PLC tag from the detail window to the work area by drag&drop, a network and a connection are created additionally in the "Devices & Networks" editor. See also Manage tags (Page 5318) Settings for synchronization (Basic Panels, Panels, RT Advanced) Introduction In WinCC, you can map the location of a data value in the structure of a data block in the WinCC tag name. To do this, you synchronize the WinCC tags with the connected PLC tags. If necessary, the PLC name is set as a prefix. You configure the name matching based on the requirements of your project set under "Runtime Settings > Settings for Tags". WinCC offers you several options for this. You specify whether the names are matched and the conditions for this to occur during synchronization. 5324 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Settings for tags To avoid conflicts within complex tag types that you configure under "Settings for tags", the delimiters of the path statement from STEP 7 are replaced in WinCC similar to name matching: Compatibility mode In compatibility mode, an underscore is set between the names of the data block and the element name of the first hierarchy level. The delimiters in the lower hierarchy levels are retained. When you enable this option, all other options are disabled. Replace delimiter Depending on your selection, the delimiters of all hierarchy levels are replaced during synchronization. PLC prefix The PLC name is set as a prefix to the WinCC tag name. You set the option for each HMI connection. Note Duplicate tag names If the newly generated tag name is already in use, a number is added in parentheses, for example, Datablock_1_Static_2{1}(1). Example The "PLC1" controller contains the structured data block "DB1". The "Db1.a[1].b.c[3]" data block element is used in a picture. Depending on your settings, the WinCC tag name is generated as follows: WinCC tag name Selected option Db1_a[1].b.c[3] Compatibility mode Plc1.Db1.a[1].b.c[3] PLC prefix Db1;a(1);b;c(3) Dot and parenthesis replaced with ; ( ) Plc1_Db1_a{10}_b_c{3} Dot and parenthesis replaced with _ { } Comment PLC prefix Db1.a[1].b.c[3] Delimiter replaced without character se The tag name is enclosed in quotes at lection the point of use in the picture: "Db1.a[1].b.c[3]" See also Synchronizing tags (Page 5326) WinCC Advanced V14 System Manual, 10/2016 5325 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Synchronizing tags (Basic Panels, Panels, RT Advanced) Introduction To synchronize the PLC and HMI tags, WinCC offers the following options: Synchronizing tags with or without name matching between PLC and WinCC The following options are available for this: Link tags with addresses in the PLC This procedure is suitable, for example, if changes were made to the connection between the HMI device and the PLC and the tag connections were lost. The function can also be used if you have configured the control program and HMI project separately. Requirement External HMI tags have been created. PLC tags have been created. An HMI connection to a PLC in the project has been established. Procedure To synchronize HMI tags with PLC tags, follow these steps: 1. In the project tree, select the directory that contains the tags in question. 2. Select "Connect HMI tags to matching PLC tags" from the shortcut menu. A dialog opens. 3. Select the option you want to use. If you want to synchronize the tags without name matching, disable "Replace WinCC tag name with PLC tag name". If you want to connect HMI tags new with absolute access, select "Data type and absolute address match". 4. Confirm with "Synchronize". The system searches for a suitable PLC tag according to the selected option. 5326 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Result The external HMI tags are synchronized with the PLC tags. If you have selected the option "Data type and absolute address match", the tag connection is established as soon as a suitable PLC tag is found. If you have selected a different option, the WinCC tags are updated accordingly and the PLC tag names are applied in WinCC. See also Manage tags (Page 5318) Settings for synchronization (Page 5324) 12.2.2.3 Configuring Tags (Basic Panels, Panels, RT Advanced) Tag Configuration Basics (Basic Panels, Panels, RT Advanced) Tag Limits (Basic Panels, Panels, RT Advanced) Introduction You can restrict the value ranges with limits for numerical tags. Principle You can specify a value range defined by a high limit and a low limit for numerical tags. You configure four limit values that limit the value range. Using the limits Upper 2 and Lower 2 , you specify the maximum and minimum value for the value range. The limits Upper 1 and Lower 1 specify the threshold values at which the normal range is exceeded or undershot. Limit Use Upper 2 Specifies the maximum value. Upper 1 Specifies the value at which the normal range is exceeded. Lower 1 Specifies the value at which the normal range is undershot. Lower 2 Specifies the minimum value. If the operator enters a value for the tag that is outside the configured value range, the input is rejected. The value is not accepted. You configure a function list when configuring for WinCC Advanced V14 System Manual, 10/2016 5327 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Runtime Advanced and Panels. When the tag value leaves the value range, the function list is processed. Note If you want to output an analog alarm when a limit is violated, configure the respective tag in the "Analog alarms" tab. You can also configure the analog alarm in the "HMI alarms" editor. The values for output of an analog alarm depend on the configured tag limits. Application example Use the limits to warn the operator when the value of a tag enters a critical range, for example. See also Defining Limits for a Tag (Page 5328) Start value of a tag (Page 5329) Defining the start value of a tag (Page 5330) Updating the Tag Value in Runtime (Page 5331) Linear scaling of a tag (Page 5331) Applying linear scaling to a tag (Page 5333) Connecting a tag to another PLC (Page 5333) Basics of tags (Page 5304) Address multiplexing (Page 5334) Configuring address multiplexing with absolute addressing (Page 5337) Configuring address multiplexing with symbolic addressing (Page 5340) Creating external tags (Page 5314) Defining Limits for a Tag (Basic Panels, Panels, RT Advanced) Introduction For numerical tags, you can specify a value range by defining a low and high limit as well as the threshold values. For Runtime Advanced and Panels you can configure the system to process a function list whenever a tag value drops below or exceeds its configured value range. Requirements The tag for which you want to set the limits is created. The Inspector window with the properties for this tag is open. 5328 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure To define limits for a tag, proceed as follows: 1. In the Inspector window, select "Properties > Properties > Range". If you want to define one of the limits as a constant value, select "Constant" using the button. Enter a number in the relevant field. If you want to define one of the limits as a tag value, select "HMI tag" using the button. Use the object list to define the tag for the limit. 2. To set additional limits for the tag, repeat step 1 with the appropriate settings. Alternative procedure You can also configure the limits directly in the tag table. To view hidden columns, activate the column titles using the shortcut menu. Configuring a function list for Runtime Advanced and Panels When you configure Runtime Advanced and Panels, you can have a function list called up if a high or low limit is violated. 1. If you want to start a function list when the value drops below the value range, click "Properties > Events > On falling below" in the Inspector window. Create a function list in this dialog. 2. If you want to start a function list when the value exceeds the value range, click "Properties > Events > On exceeding" in the Inspector window. Create a function list in this dialog. Result You have set a value range defined by the limits for the selected tag. If the value range is exceeded or undershot, a function list may be carried out. See also Tag Limits (Page 5327) Start value of a tag (Basic Panels, Panels, RT Advanced) Value of a tag at start of Runtime You can configure a start value for numeric tags and tags for date/time values. The tag will be preset to this value when Runtime starts. In this way, you can ensure that the tag has a defined status when Runtime starts. For external tags, the start value will be displayed on the HMI device until it is overwritten by the PLC or by input. If no start value was configured, the tag contains the value "0" when starting Runtime. In WinCC Runtime Professional you can enter a tag value in place of the start value on a tag with the "String" data type. The tag value is saved in the "Project texts" editor and is multilingual. WinCC Advanced V14 System Manual, 10/2016 5329 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) After the text has been translated, it is displayed in Runtime as a language-dependent start value. Application example You can assign a default value to an I/O field. Enter the desired default value as start value for the tag that is linked to the I/O field. See also Tag Limits (Page 5327) Defining the start value of a tag (Basic Panels, Panels, RT Advanced) Introduction In WinCC you can configure a start value for a numeric tag and a tag for date/time values which this adopts at Runtime start. Requirement You have created the tag for which you want to define a start value. The Inspector window with the tag properties is open. Procedure To configure a start value, proceed as follows: 1. In the Inspector window select "Properties > Properties > Values." 2. Enter the desired "Start value." Alternative procedure You can also configure the start value directly in the tag table. To view hidden columns, activate the column titles using the shortcut menu. Result The start value you selected for the tag is transferred to the project. See also Tag Limits (Page 5327) 5330 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Updating the Tag Value in Runtime (Basic Panels, Panels, RT Advanced) Introduction Tags contain process values which change while Runtime is running. Value changes are handled differently at internal and external tags. Principle When Runtime starts, the value of a tag is equal to its start value. Tag values change in Runtime. In Runtime, you have the following options for changing the value of a tag: A value change in an external tag in the PLC. By input, for example, in an I/O field. By running a system function, such as "SetValue." A value assignment in a script. Updating the Value of External Tags The value of an external tag is updated as follows: Cyclic in operation If you select the "Cyclic in operation" acquisition mode, the tag is updated in Runtime while it is displayed in a screen or is logged. The acquisition cycle determines the update cycle for tag value updates on the HMI device. You can either choose a default acquisition cycle or define a user-specific cycle. Cyclic continuous If you select the "Cyclic continuous" acquisition mode, the tag will be updated continuously in Runtime, even if it is not in the currently-open screen. This setting is activated for tags that are configured to trigger a function list when their value changes, for example. Only use the "Cyclic continuous" setting for tags that must truly be updated. Frequent read operations increase communication load. On demand If you select the "On demand" acquisition mode, the tag is not updated cyclically. It will only be updated on demand using the "UpdateTag" system function, for example, or by a script. See also Tag Limits (Page 5327) Linear scaling of a tag (Basic Panels, Panels, RT Advanced) Introduction Numeric data types can be processed with linear scaling. The process values in the PLC for an external tag can be mapped onto a specific value range in the project. WinCC Advanced V14 System Manual, 10/2016 5331 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Principle To apply linear scaling to a tag, you must specify one value range on the HMI device and one on the PLC. The value ranges will be mapped to each other linearly. 3/& ,QFKHV FP +0,GHYLFH As soon as data from the HMI device is written to an external tag, it will be automatically mapped to the value range of the PLC. As soon as data from the HMI device is read from the external tag, a corresponding transformation will be performed in the other direction. Note You can also use the system functions "LinearScaling" and "InvertLinearScaling" to automatically convert process values. Application example The user enters length dimensions in centimeters but the PLC is expecting inches. The entered values are automatically converted before they are forwarded to the controller. Using linear scaling, the value range [0 to 100] on the PLC can be mapped onto the value range [0 to 254] on the HMI device. See also Tag Limits (Page 5327) 5332 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Applying linear scaling to a tag (Basic Panels, Panels, RT Advanced) Introduction To apply linear scaling to a tag, you must specify one value range on the HMI device and one on the PLC. The value ranges will be mapped to each other linearly. Requirement The external tag to which linear scaling is to be applied must exist. The Inspector window with the properties for this tag is open. Procedure To apply linear scaling to a tag, follow these steps: 1. In the Inspector window select "Properties > Properties > Linear scaling." 2. Click on "Enable" to switch on linear scaling. Using this option, you can temporarily switch off linear scaling for testing purposes, for example. Settings which were made earlier for linear scaling remain unchanged. 3. In the "PLC" area, enter the start and end values of the value range to be applied to the process values on the PLC. 4. In the "HMI device" area, enter the end and start values of the value range to be applied to the process values on the HMI device. Result In Runtime the data will be automatically mapped from one value range to the other. Note You can also use the "LinearScaling" and "InvertLinearScaling" system functions to automatically convert process values. See also Tag Limits (Page 5327) Connecting a tag to another PLC (Basic Panels, Panels, RT Advanced) Introduction In WinCC, you can change the PLC connection of a tag at any time. This is needed when you change the configuration of your plant, for example. WinCC Advanced V14 System Manual, 10/2016 5333 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Depending on the PLC selected, you may need to modify the configuration of the tag. The tag properties which must be changed will be highlighted in color. Requirement The external tag, whose connection you wish to change, must already exist. The connection to the PLC must already exist. The Properties window for this tag is open. Procedure To change the PLC connection of a tag, proceed as follows: 1. In the Inspector window select "Properties > Properties > General." 2. Select the new connection in the "Connection" field. The tag properties that you must change will be highlighted in color in the tag table and in the Inspector window. 3. Change all highlighted properties of the tag to suit the requirements of the new PLC. Result The external tag is connected to the new PLC. See also Tag Limits (Page 5327) Address multiplexing (Basic Panels, Panels, RT Advanced) Introduction Using address multiplexing, you can use a single tag to access a multitude of memory locations within the PLC's address range. You read and write to the addresses without defining a tag for each individual address. The square brackets indicate address multiplexing. Multiplexing with absolute addressing When using multiplexing with absolute addressing, you configure tags as placeholders for the address in the PLC to be addressed. If you want to access, for example, an address of the format "%DBx.DBWy", the expression for multiplexing is as follows: "%DB[HMITag1].DBW[HMITag2]" In Runtime, you supply the tag "HMITag1" with the required value for the data block you want to address. 5334 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) In Runtime, you supply the tag "HMITag2" with the required address from the data block. Tags are supplied with values, for example, with the help of values from the PLC or via a script. Multiplexing with absolute addresses is supported for the following PLCs and communication drivers. SIMATIC S7-300/400 SIMATIC S7-1200 SIMATIC S7-1500 Multiplexing with absolute addresses is not available for data blocks with optimized access. Multiplexing with symbolic addressing When multiplexing with symbolic addressing, you access various array elements of an array tag in a data block of the connected controller by means of a multiplex tag and an index tag. First, connect an element of the desired array tags in a data block to the multiplex tags in the HMI device. Then replace the array index (leftmost in the symbolic address) with the index tag. If you want to access, for example, the various elements of the array tag "Arraytag_1" in the data block "Datablock_1", the expression for symbolic addressing is as follows: "Datablock_1.Arraytag_1["HMITag_1"] You control the access to the index of the array elements with the HMI tag "HMITag_1". In Runtime, you supply the tag with the index of the array element that you want to access. Multiplexing with symbolic addressing is only available if the following components support symbolic addressing: HMI device PLC Communication driver Symbolic addressing is supported by the following communication drivers: SIMATIC S7-1200 SIMATIC S7-1500 Structured HMI tags with user-defined PLC data types (UDT) and arrays can be used for multiplexing with symbolic addressing. Multiplexing is possible under the following conditions: The path of the connected PLC tag includes at least one array index. The array, which is left in the path of the PLC tags, is one-dimensional. If there are multiple arrays in the path of the PLC tags, only the array at the far left is available for multiplexing. The index tag must be of the "USInt", "UInt", "UDInt", "SInt", "Int" or "DInt" data type. The following figure shows multiplexing with symbolic addressing using a structured HMI tag with custom PLC data types (UDT). The data block element "db1.udt3Arr[0]" is linked to the WinCC Advanced V14 System Manual, 10/2016 5335 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) HMI tag "db1_udt3Arr{0}". Symbolic addressing of the HMI tag "db1_udt3Arr{0}" is multiplexed by the "index" HMI tag: The following tags can not be used as index tags for multiplexing with symbolic addressing: HMI tags that are not of the "USInt", "UInt", "UDInt", "SInt", "Int" or "DInt" data type HMI tags that are already multiplexed Array elements HMI tags that are elements of structured HMI tags Note In Runtime, the first array element is always addressed with the index value "0". Have your array element in the data blocks also start with the index "0". Note You can export the HMI tags that are used for multiplexing with symbolic addressing to MS Excel. You can also import such HMI tags from MS Excel into an HMI tag table that contains all HMI tags of the HMI device. See also Tag Limits (Page 5327) 5336 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Configuring address multiplexing with absolute addressing (Basic Panels, Panels, RT Advanced) Introduction When using address multiplexing, you can efficiently access different addresses in the PLC with the help of a small number of tags. Instead of the absolute address in the PLC, you use tags in order to be able to change the address in Runtime. Requirement The tag for address multiplexing is created and connected to the PLC. The Properties window for this tag is open. Procedure 1. Select the tag for address multiplexing in the tag table, and select "Properties > Properties > General" in the Inspector window. The general properties of the tag are displayed. 2. Select the "Int" data type for this example. 3. Select the access type "Absolute addressing". WinCC Advanced V14 System Manual, 10/2016 5337 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 4. Click the selection button in the "Address" field. The address dialog opens. 5. Click the selection button in the "DB number" field and select the entry "HMI tag". 5338 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 6. In the "DB number" field, click the button and select a tag for the DB number in the object list. Or create a new tag with the help of the object list. Accept the tag by clicking the button. 7. Repeat steps 3 and 4 for the "Address" field and configure a further tag for calling the address area in the data block. The selection options in the Address dialog depend on the selected data type of the multiplex tag. The Address dialog offers only address settings that can be configured with the selected data type. Result In runtime, the multiplex tag is used to access the memory location corresponding to the address currently found in the tag. You control access to the data block with the tag in the DB number field. You control access to the address in the selected data block with the tag in the "Address" field. Note The value in the memory location will only be read at the next update cycle for the addressed tag. If, for example, you use a multiplex tag in a script, do not attempt to access contents of the memory location directly after changing it. WinCC Advanced V14 System Manual, 10/2016 5339 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Tag Limits (Page 5327) Configuring address multiplexing with symbolic addressing (Basic Panels, Panels, RT Advanced) Introduction When using address multiplexing, you can efficiently access different addresses in the PLC with the help of a small number of tags. Instead of the symbolic address in the PLC, you use tags in order to be able to change the address in Runtime. Requirement The tag for address multiplexing is created. The Properties window for this tag is open. A data block with an array tag is created in the connected PLC. The data block was compiled. 5340 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure 1. Select the tag for address multiplexing in the tag table, and select "Properties > Properties > General" in the Inspector window. The general properties of the tag are displayed. 2. Select the connection to the PLC via the "Connection" field. 3. Select the access type "Symbolic access". WinCC Advanced V14 System Manual, 10/2016 5341 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 4. Navigate to the data block of the PLC via the "PLC tag" field and select an array element of the array tag. 5. Click the selection button in the "Address" field. The address dialog opens. 6. Click the selection button in the "Index tag" field and select the entry "HMI tag". 7. In the "Index tag" field, click the button and select a tag for the array index in the object list. Or create a new tag with the help of the object list. Accept the tag by clicking the button. Result In Runtime, the array element whose index value is contained in the index tag is accessed. 5342 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Indirect addressing of tags (Page 5344) Tag Limits (Page 5327) Making characters available for HMI tags of the type WString/WChar (Panels, RT Advanced) Introduction In tags of the type WString or WChar, you specify the strings that can be displayed with specific fonts. Only those characters that are used in texts in the configuration are transferred to the Basic Panels and Comfort Panels via the configuration. Therefore, it is possible that characters that are displayed via tags of the WString or WChar type are not displayed. The Tahoma and Courier New fonts are fully pre-installed on the Comfort Panels. The Tahoma font is fully pre-installed on the Basic Panels. The characters of most languages can be displayed with the Tahoma font. The characters of the Chinese, Taiwanese, Japanese and Korean languages cannot be displayed with Tahoma. WinCC Runtime Advanced supports all fonts that are installed on the configuration PC and the Runtime PC. If you want to use a different font, install it on the configuration PC and the Runtime PC. For Comfort Panels, it is possible to load the complete font to the HMI device via ProSave. For Basic Panels, it is not possible to install fonts via ProSave. Therefore, the characters must always be contained in the configured texts. Basics For Comfort Panels, you can download the following fonts to the HMI device with the additional ProSave options: SimSun for the input of strings in Chinese (PRC), Chinese (Singapore), English, German, Italian, French and Spanish. Gulim for the input of strings in Korean. MS PGothic for the input of strings in Japanese. You can find additional information on the topic of "Loading Asian fonts via ProSave" under Loading Asian fonts to the HMI device (Page 6377). Note "Chinese Traditional" (Taiwan, Hong Kong, Macao) You need the "MingLiU" font to display traditional Chinese characters for Taiwan, Hong Kong and Macao. It is not possible to load this font to the Comfort Panels via the ProSave options. The SimSun and Tahoma fonts cannot be used to display traditional Chinese characters. Therefore, the traditional Chinese characters that occur in WStrings/WChars must be contained in the configured texts on Comfort Panels. WinCC Advanced V14 System Manual, 10/2016 5343 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Using characters as configured texts in screens To use fonts that are not installed on an HMI device in Runtime, provide the characters as configured texts in a screen: 1. Create a new screen. 2. Insert a text box. 3. In the properties of the text box, set a font that contains characters that you wish to use later. 4. Insert the characters of the font that you wish to use later into the text box. After the project is compiled, you can use the characters configured in the text in HMI tags of the type WString/WChar. Special configuration options (Basic Panels, Panels, RT Advanced) Indirect addressing of tags (Panels, RT Advanced) Principle In multiplexes, a type of indirect addressing, the tag used is first determined at runtime. A list of tags is defined for the multiplex tag. The relevant tag is selected from the list of tags in runtime. The selection of the tag depends on the value of the index tag. In Runtime, the system first reads the value of the index tag. Then the tag which is specified in the corresponding place in the tag list is accessed. Application example Using indirect addressing, you could configure the following scenario: The operator selects one of several machines from a selection list. Depending on the operator's selection, data from the selected machine will be displayed in an output field. To configure such a scenario, configure the index tag for a symbolic I/O field. Configure the multiplex tag at an I/O field. Configure the tag list of the multiplex tag to reflect the structure of the selection list. If the operator selects another machine, the value of the index tag will change. The selection field then displays the content of the tag that is pointed to in the tag list in the multiplex tag by the new index value. See also Addressing tags indirectly (Page 5345) Using tags to trigger functions (Page 5346) Defining the acquisition cycle for a tag (Page 5347) Basics of tags (Page 5304) 5344 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Configuring address multiplexing with symbolic addressing (Page 5340) Creating external tags (Page 5314) Addressing tags indirectly (Panels, RT Advanced) Introduction With indirect addressing, the tag used is first determined at runtime. Instead of a single tag, a list of tags is defined. The list entries consist of an index value and the name of the tag to be used. You can control which entry in the tag list is accessed using an index tag. Note Data type of the index tags If you use tags in the tag list with different data types, the properties of the largest data type are used. If you use tags of the INT and REAL data types, for example, the values are shown in floating point numbers. Requirement The tag which you wish to address indirectly must already exist. The index tag must exist. The tags which will be contained in the tag list must already exist. The Inspector window with the tag properties is open. Procedure To address tags indirectly, proceed as follows: 1. In the Inspector window select "Properties > Properties > Multiplexing". 2. Select the "Multiplexing" option to activate indirect addressing. Using this option, you can temporarily switch off indirect addressing for testing purposes, for example. Settings which were made earlier for indirect addressing remain unchanged. 3. Select an "Index tag" or define a new tag using the object list. 4. Click the first entry in the "Tags" column in the tag list. 5. Select a tag as a list entry or define a new tag using the object list. The entry in the "Index" column will be generated automatically. 6. Repeat step 5 for all tags that you wish to add to the tag list. 7. If necessary, you can use drag-and-drop to change the order of the entries in the list. Result In runtime, the system will dynamically access the tag in the tag list which has the same index value as the value currently in the index tag. WinCC Advanced V14 System Manual, 10/2016 5345 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Indirect addressing of tags (Page 5344) Using tags to trigger functions (Panels, RT Advanced) Introduction You can use the values of variables as the triggering event for an action in runtime. To start an action in Runtime, configure a function list for a tag. Include one or more system functions or VB scripts in the function list. The function list is processed when the configured event occurs. The following events are available for a tag: Change in value of the tag Function list processing is triggered by each change in the value of the variable. When the tag is defined as an array tag, the function list is processed whenever an array element changes. Violation of the tag's high limit The function list is processed when the high limit is violated. Violation of the tag's low limit The function list is processed when the low limit is violated. Requirement The tag whose value you wish to use as an event already exists. The Inspector window with the properties for this tag is open. Procedure To configure a tag with a function list, proceed as follows: 1. Under "Properties > Events >" in the Inspector window, select the event for which you want to create a function list. The function list associated with the selected event is shown. 2. Click "<Add function>". The second table column contains a selection button. 3. Click the selection button and select a system function. 4. Define the parameter values. Alternatively, select a script to run in the function list, rather than a system function. The "VB scripts" entry is only displayed if there is a script available in the project. Result If the configured event occurs in Runtime, the function list or the script is processed. 5346 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Indirect addressing of tags (Page 5344) Defining the acquisition cycle for a tag (Basic Panels, Panels, RT Advanced) Introduction The value of an external tag can be changed in Runtime by the PLC to which the tag is linked. To ensure that the HMI device is informed of any changes in tag values by the PLC, the values must be updated on the HMI. The value is updated at regular intervals while the tag is displayed in the process screen or is logged. The interval for regular updates is set with the acquisition cycle. The update can also be made continuous. Requirement You have created the tag for which you want to define an acquisition cycle. The Inspector window with the tag properties is open. Procedure To configure an acquisition cycle for a tag, follow these steps: 1. In the Inspector window select "Properties > Properties > General." 2. If you want to update the tag at regular intervals as long as it is being displayed on the screen or logged, select "Cyclic in operation" as the acquisition mode. Or: If you want to update the tag at regular intervals even though it is not being displayed on the screen or logged, select "Cyclic continuous" as the acquisition mode. The "Cyclic continuous" setting is selected for a tag, for example, that has a function list configured for a change of its value and that is not directly visible in a screen. 3. Select the required cycle time in the "Acquisition cycle" field or define a new acquisition cycle using the object list. Alternatively, you can configure the acquisition cycle directly in the work area of the tag table. To view hidden columns, activate the column titles using the shortcut menu. Note Only use the "Cyclic continuous" acquisition mode for tags that really have to be continuously updated. Frequent read operations generate a heavy communication load. WinCC Advanced V14 System Manual, 10/2016 5347 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Note For structured HMI tags, the acquisition mode can be selected for the respective structured HMI tag as well as their individual subordinate elements. The acquisition mode of the elements of the array tag cannot be changed. The elements of the array tag is automatically assigned to the acquisition mode of the higher-level array tag. When the acquisition mode of structured HMI tags is changed, it is applied to all subordinate elements. This means changing the acquisition mode may overwrite subordinate elements. Result The configured tag is updated in Runtime with the selected acquisition cycle. See also Indirect addressing of tags (Page 5344) 12.2.3 Working with arrays (Basic Panels, Panels, RT Advanced) 12.2.3.1 Basics on arrays (Basic Panels, Panels, RT Advanced) Definition An array is a data list with data elements of a uniform data type. This data list is referred to as array tag or array for short. The data elements are referred to as array elements. The individual array elements can be addressed by one or multiple integer indices. The properties of each array element are mainly identical and can be configured centrally at the array tag. Advantages Many similar array elements can be combined in a structured manner with only one array tag. You can specify the shared properties of similar array elements centrally at the array tag. You can then generally use each individual array element as individual tag with the same data type in the configuration. 5348 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Restrictions When using arrays on HMI devices, RT Advanced and RT Professional, the following restrictions apply: An array can only contain one dimension. Multi-dimensional arrays of the PLCs are mapped to individual tags on the HMI systems. Only elementary data types without additional substructure can be used as data type of an array. This means that only scalable arrays are supported. The lower index of an array must begin with "0". The indices are moved accordingly for other low limits on the PLCs. Unlike individual tags, scalable arrays do not support ranges, linear scaling or tag multiplexing. Application examples Array tags can be used in the following situations: To group process values in profile trends: You map process values to trends which are acquired at different points in time, for example. To access specific values which are grouped in trends: For example, display all recorded values of the profile trend by gradually increasing the index tag. To configure discrete alarms with successive bit number. To save the complete machine data records in a recipe. Tag count with arrays Scalable arrays on HMI devices and RT Advanced are counted as one tag. In RT Professional, each array element contained is counted separately. Multi-dimensional arrays of the PLCs are mapped to individual tags of the same data type and are counted as such. Structured arrays of the PLC are mapped to individual tags with the corresponding data type and are counted as such. Special features On HMI devices as well as in RT Advanced, all array elements are always read or written at once by the PLC when an element of a scalable array is accessed (except arrays of String/ WString). In RT Professional, the array elements are always read and written individually to and from the PLC. Example for HMI devices and RT Advanced: An array tag which consists of 100 array elements of data type "Real" was configured. If an array element with a length of 4 bytes changes, 100 x 4 bytes are written to the PLC. WinCC Advanced V14 System Manual, 10/2016 5349 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) WARNING Increased system load and performance losses Due to the simultaneous transmission of all array elements of a scalable array, writing to the PLC, in particular, takes longer when accessing an element of a larger array than writing a tag with the same data type. Take this into consideration when designing the communication. Also note that, with scalable arrays, reading entire array tags by the PLC is usually faster than the sum of read accesses to the same number of elementary tags of the same data type. CAUTION Data inconsistency at array tags If the value of a single element must be changed in a scalable array tag, the entire array is read, changed and rewritten as a complete array. Changes to other array elements carried out in the meantime in the PLC are overwritten during rewriting. You should always prevent the HMI device and the PLC from concurrently writing values to the same array tag. Use synchronous transfer of recipe data records, for example, to synchronize an array tag with the PLC. Note Array tags as list entry of multiplex tags You can use the array tags of the Char or WChar data type just like the tags of the String data type. The use of an array tag of the Char or WChar data type as list entry of a multiplex tag in the "HMI tags" editor is not supported. Use in scripts To maintain performance, always use internal arrays in scripts to change scalable arrays. 1. Copy the PLC array to the internal array at the start of the script. 2. No load is placed on communication to the PLC while the script processes the internal array. CAUTION Data inconsistency at array tags If the value of a single element must be changed in an array tag, the whole array is read, changed and rewritten as a complete array. Changes to other array elements carried out in the meantime in the PLC are overwritten during rewriting. You should always prevent the HMI device and the PLC from concurrently writing values to the same array tag. Use synchronous transfer of recipe data records, for example, to synchronize an array tag with the PLC. 5350 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Basics of tags (Page 5304) Creating array tags (Page 5351) Examples of arrays (Page 5352) Basic Panel (Page 6389) Basic Panel 2nd Generation (Page 6392) Panel (Page 6396) Mobile Panel (Page 6399) Multi Panel (Page 6405) Comfort Panel (Page 6408) WinCC Runtime Advanced (Page 6414) 12.2.3.2 Creating array tags (Basic Panels, Panels, RT Advanced) Introduction Create an array tag to configure a large number of tags of the same data type. The array elements are saved to a consecutive address space. You can create an array tag as an internal tag or as an external tag. Note Connecting HMI tags to PLC array tags If you want to create an array tag as an external tag, first configure an array tag in a data block of the connected PLC. You then connect the array tag to an HMI tag. Note HMI array tags of the following data types are only supported with PLC array tags: Char WChar String WString Creating HMI array tags To create an array tag, follow these steps: 1. Open the HMI tag table. 2. Double click <Add> in the "Name" column of the HMI tag table. A new HMI tag is created. WinCC Advanced V14 System Manual, 10/2016 5351 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Configuring HMI array tags 1. Click in the Data type column of the HMI tag table and select the "Array" data type. 2. Click in the data type column. The dialog box for configuring the array is opened. 3. Select the desired data type for the array tag in the "Data type" field. 4. Define the number of array elements in the "Array limits" field. The lower limit must begin with "0". 5. Click . The settings for the array are saved. 6. As with tags with elementary data types, you still need to assign the address of the array tag in the PLC. 7. Save the project. Result An array tag is created. The properties of the array elements are inherited from the parent array tag. See also Basics on arrays (Page 5348) 12.2.3.3 Examples of arrays (Basic Panels, Panels, RT Advanced) Introduction Array tags combine a large number of tags, e.g. 100 array elements. 5352 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) The common properties of array elements of the same kind can be defined centrally in the array tag. In the configuration, you then use each individual array element as an individual tag with the same data type. However, array elements cannot be used as parameters in function lists. You use array tags as complete arrays in the following places: In the "Alarms" editor In the "Recipes" editor For address multiplexing In function lists Examples You can drag a PLC array tag straight from the PLC tag table to the HMI tag table. Alternatively, you can configure an array tag separately with the corresponding number of array elements to handle multiple tags of the same data type. The individual array elements can be accessed indirectly by means of an index tag, for example. Use these index tags to operate and monitor the array elements. See also Basics on arrays (Page 5348) 12.2.4 Working with user data types (Panels, RT Advanced) 12.2.4.1 Basics on user data types (Panels, RT Advanced) Introduction With user data types you bundle a number of different tags that form one logical unit. You create a user data type as a type and use instances of this type in the project. User data types are project-associated data and are available for all HMI devices of the project. User data types differ in their association to a family of devices. User data types are available for the following families of devices: WinCC Runtime Advanced and Panels WinCC Runtime Professional WinCC also supports the connection of PLC data types (UDTs) and user data types to HMITags. WinCC Advanced V14 System Manual, 10/2016 5353 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) User data types also differ in their applicability with a specific communication driver. User data types are available for the following communication drivers: SIMATIC S7-300/400 SIMATIC S7-1200 SIMATIC S7-1500 Create user data types and user data type elements in the project library. Principle For example, the different conditions of a motor can be described using 6 unique Boolean tags. If the overall condition should be described with a single tag, this tag can be created based on a user data type. For each of the individual Boolean tags you create a user data type element in the user data type. This user data type can then be assigned complete to a faceplate for the motor. The created and released version of user data type is displayed at the tag in the "Data type" selection field. The configured properties of a user data type are used in the instances of the user data type. If required, you change individual properties directly at the point of use, e.g. at a tag. Changing a property at the tag does not affect the user data type created. NOTICE Availability of user data types The connection of user data types to faceplates is only supported in WinCC Runtime Advanced and Panels. License regulation in Runtime If you use external tags of the "User data type" data type in a faceplate instance, each user data type element is counted as a tag in Runtime. Example You have created two screens in the "Screens" editor: Screen_1 and Screen_2. 5354 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 3 instances of a faceplate type are inserted in Screen_1. 4 instances of a faceplate type are inserted in Screen_2. Each faceplate instance is connected to an external tag of the "User data type" data type. The user data type includes 10 user data type elements. Screen 1: 3 faceplate instances * 10 user data type elements corresponds to 30 external tags = 30 PowerTags. Screen 2: 4 faceplate instances * 10 user data type elements corresponds to 40 external tags = 40 PowerTags. In Runtime, 70 PowerTags are counted together for both screens. This also applies to the user data type elements that are not required. See also Basics of tags (Page 5304) Creating tags with a user data type data type (Page 5359) Managing versions of user data types (Page 5358) Creating user data type elements (Page 5357) Creating a user data type (Page 5355) 12.2.4.2 Creating a user data type (Panels, RT Advanced) Introduction You create a user data type in the project library. Requirement A project is open. The "Libraries" task card is displayed or the library view is open. Procedure To create a user data type, follow these steps: 1. Click the "Libraries" task card. 2. Double-click the "Project library" item. The folder structure of the project library is open. WinCC Advanced V14 System Manual, 10/2016 5355 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 3. Click the "Create new type" button. A dialog opens. 4. Click the "HMI UDT" button in the dialog. 5. In the "Specify device for the new type" area select the HMI device on which the user data type is used. 6. Enter a descriptive name in the "Name" field. 7. Click "OK" to apply your settings. The user data type is created. The library view opens. Result A user data type with the configured properties is created. Version 0.0.1 of the user data type is created and receives the status "in progress". Create the required user data type elements in the next step. Before you use the version of user data types, for example at a tag, the version must be released. 5356 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Basics on user data types (Page 5353) Managing versions of user data types (Page 5358) 12.2.4.3 Creating user data type elements (Panels, RT Advanced) Introduction You define user data type elements in the library view. You add or delete elements in the "HMI user data types" table in the work area. Requirement The library view is open. A user data type is created and opened in the editor. Procedure 1. Select a communication driver for the user data type. If you select the <Internal communication> entry, you can only assign the user data type to the internal tags as the data type. If a connection to a PLC is selected as the communication driver, the user data type can only be assigned to tags with a connection to this PLC as the data type. The communication type set applies to all user data type elements of a user data type. In a user data type for the"WinCC Runtime Professional" family of devices, you can define for each user data type element whether the configured driver is used for control or internal communication. 1. Double-click "Add" in the "Name" column of the table. A new user data type element is added to the user data type. 2. Assign a name. 3. Select the required data type in the "Data Type" field. 4. Create as many user data type elements as you need. 5. You configure the user data type elements in the "Properties" group in the Inspector window. Alternatively, you can configure the properties of the user data type elements directly in the table. To view hidden columns, activate the column titles using the shortcut menu. Result You have added elements to version 0.0.1 of the user data type. The version 0.0.1 has the status "in progress". To use the version in the project, release the version in the next step. WinCC Advanced V14 System Manual, 10/2016 5357 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Basics on user data types (Page 5353) 12.2.4.4 Managing versions of user data types (Panels, RT Advanced) Introduction All user data types have at least one version. When a user data type is created, a version is created at the same time and this version has the status "in progress". You can edit the user data type in this status as required. When the editing is complete, you release the version of the user data type. Requirement You have created a user data type. The user data type has the version 0.0.1. and the status "In progress". The "Libraries" task card or the library view is open. Releasing a version 1. Select the version 0.0.1 of the user data type in the project library. 2. Select "Release version" in the shortcut menu. A dialog opens. 3. If necessary, change the properties of the version: - Enter a name for the type in the "Name" field. - In the "Version" field, define a main and an intermediate version number for the version to be released. - To clean up version management of the type, enable "Delete unused type versions from the library". You have released version 0.0.1 of the user data type. Editing a version 1. Select, for example, the released version 0.0.1 of a user data type in the project library. 2. Select "Edit type" in the shortcut menu. The library view opens. The new version 0.0.2 of the user data type is created. The version has the status "in progress". Restoring the last version of a user data type The last released version of the user data type is version 0.0.2. 5358 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) You edit the user data type. A new version of the user data type, 0.0.3, is generated and receives the status "In progress". 1. Select the version of the user data type in the project library. 2. Select "Discard changes and restore version" in the shortcut menu. Alternatively 1. If you have opened a version for editing, click "Discard changes and restore version" in the toolbar. The version is deleted. All changes to the user data type since the last release operation are discarded. The user data type is released again and has version 0.0.2. Deleting user data type If you delete a user data type, all instances and master copies of this user data type are deleted as well. The same is true for HMI tags that use an HMI user data type. To delete a user data type, follow these steps: 1. In the project library, under "Types", select the user data type you want to delete. 2. Select "Delete" from the shortcut menu. See also Basics on user data types (Page 5353) Creating a user data type (Page 5355) 12.2.4.5 Creating tags with a user data type data type (Panels, RT Advanced) Introduction When a tag is created, you assign the version of user data type as a data type. In the "Tag" editor you can create internal tags or tags with a link to a PLC. A tag has access to all user data type versions that use the same communication driver as the tag itself. In connection with a PLC, a user data type can only be used if the absolute addressing is selected. Requirement A user data type with a user data type element is created. The user data type is enabled. The tag table is open. The Inspector window with the tag properties is open. WinCC Advanced V14 System Manual, 10/2016 5359 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure To create a tag of the "User data type" data type, follow these steps: 1. In the "Name" column, double-click "Add" in the tag table. A new tag is created. 2. In the Inspector window select "Properties > Properties > General". 3. Enter a unique tag name in the "Name" field. 4. Select the connection to the required PLC in the "Connection" box. 5. Select the desired version of the user data type in the "Data type" field. The selected connection determines which user data types will be displayed. For internal tags, only user data type versions of the <Internal user data type> type are available. For tags with a connection to a PLC, only those user data types that have a link to a PLC can be accessed. 6. Enter the address of the PLC that you want to access with the external tags in the "Address" field of the "Settings" area. The specified address must always point to the start data bit, for example, <DB1.DBX0.0>. 5360 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Result You have created a tag of the "User data type" data type. In additional steps you can configure the tag, for example, by setting the start value and limits. With tags of the "User data type" data type, you can connect the dynamic properties of a faceplate instance, which then supplies these properties with values in Runtime. If you wish to change the properties of a user data type tag, you must change the properties of the user data type element. Properties such as "Start value", "Use substitute value" or " Linear scaling" can be changed in the employed instances of the user data type. See also Basics on user data types (Page 5353) 12.2.5 Working with cycles (Basic Panels, Panels, RT Advanced) 12.2.5.1 Cycle basics (Basic Panels, Panels, RT Advanced) Introduction Cycles are used to control actions that regularly occur in runtime. Common applications are the acquisition cycle, the logging cycle and the update cycle. You can also define your own cycles in addition to those already provided in WinCC. Principle In Runtime, actions that are performed regularly are controlled by cycles. Typical applications for cycles: Acquisition of external tags The acquisition cycle determines when the HMI device will read the process value of an external tag from the PLC. Set the acquisition cycle to suit the rate of change of the process values. The temperature of an oven, for example, changes much more slowly than the speed of an electrical drive. Do not set the acquisition cycle too low, since this will unnecessarily increase the communication load of the process. Logging process values The logging cycle determines when a process value is saved in the logging database. The logging cycle is always an integer multiple of the acquisition cycle. The smallest possible value for the cycle depends on the HMI device that will be used in your project. For most HMIs, this value is 100 ms. The values of all other cycles are always an integer multiple of the smallest value. WinCC Advanced V14 System Manual, 10/2016 5361 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) If the cycles provided in WinCC do not meet the needs of your project, you can define your own cycles using the "Cycles" editor. User-defined cycles must always be an integer multiple of the smallest value. Note Device dependency You cannot configure self-defined cycle times for Basic Panels. Application example You can use cycles for the following tasks: To regularly log a process. To draw attention to maintenance intervals. See also Basics of tags (Page 5304) Defining cycles (Page 5362) 12.2.5.2 Defining cycles (Panels, RT Advanced) Introduction Use cycles to control actions that are run at regular intervals in Runtime. You can also define your own cycles in addition to those already provided in WinCC. Requirement You have opened the project. Procedure 1. Double-click the "Cycles" entry in the project navigation. The "Cycles" editor opens. 2. In the "Name" column of the "Cycles" editor, double-click "Add". A new cycle time is created. 3. Enter a unique name in the "Name" field. 4. Select the desired cycle unit. 5362 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 5. Select the desired value for the cycle time. The available selection of values varies depending on the cycle unit selected. The smallest possible value for the cycle depends on the HMI device that will be used in your project. For most HMIs, this value is 100 ms. The available values are always an integer multiple of this value. 6. As an option, you can enter a comment regarding the use of the cycle. Result The cycle you configured is created and beside the default cycles in WinCC for use during configuration. See also Cycle basics (Page 5361) 12.2.6 Logging tags (Basic Panels, Panels, RT Advanced) 12.2.6.1 Basic principles for data logging (Panels, RT Advanced) Introduction Data logging is used to collect, process and log process data from an industrial system. When you analyze the logged process data, you can extract important business and technical information regarding the operational state of the system. Application of the data logging You can use data logging to analyze error statuses and to document the process. By analyzing data logs, you can extract the information necessary to allow you to optimize maintenance cycles, increase product quality and ensure that quality standards are met. See also Data logging (Page 5364) Logging Tags (Page 5365) Basics of tags (Page 5304) WinCC Advanced V14 System Manual, 10/2016 5363 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 12.2.6.2 Data logging in Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced) Basics (Basic Panels, Panels, RT Advanced) Data logging (Basic Panels, Panels, RT Advanced) Introduction Data is information that is collected during the process and saved in the memory of one of the connected automation systems. They represent the status of a plant in the form of temperatures, fill levels or switching states, for example. You define tags for acquiring and editing the process values in WinCC. External tags are used in WinCC to collect process values and to access a memory address in the connected automation system. Internal tags are not linked to any process and are only available at the associated HMI device. Principle The values of external and internal tags can be saved in data logs. Create a logging tag for every tag and specify the log in which it is saved. Data logging is controlled via cycles and events. Logging cycles are used to ensure continuous acquisition and storage of the tag values. You can also trigger data logging in response to events, such as the change in value of a tag. Define these settings independently for each logging tag. 7DJ /RJJLQJWDJ 7DJ /RJJLQJWDJ 7DJ /RJJLQJWDJ 7DJ /RJJLQJWDJ 'DWDORJ 'DWDORJ $ODUP $ODUP $ODUPORJ $ODUP $ODUP The tag values to be logged are compiled, processed and saved in the data log in Runtime. The HMI device you are using determines where the data log is saved. You can further process the saved data in other programs for analysis purposes, for example. 5364 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Logging methods WinCC supports the following logging methods: Circular log Segmented circular log Circular log which sends a system alarm when it is full Circular log which executes system functions when it is full. Outputting logged data In runtime, you can output the logged tag values as trends in the process screens. See also Basic principles for data logging (Page 5363) Storage locations of logs (Page 5532) Working with Data Logs (Basic Panels, Panels, RT Advanced) Logging Tags (Basic Panels, Panels, RT Advanced) Introduction In Runtime, you store tag values in logs. You can then analyze the logged data at a later date. You define the following conditions for logging a tag: The log tag, through which the values of the connected tag are logged. The data log in which the tag is stored. The cycle or the event with which the tag is stored. The value range within which the tag is stored. Note You use data logging mainly to log the values of external tags. You can also log the values of internal tags. WinCC Advanced V14 System Manual, 10/2016 5365 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Principle Several steps come together during data logging: Creating and configuring the data log When you create a data log, you define the following settings: - General settings, such as name, size and storage location - Runtime start characteristics - Behavior when the log is full Configuring the logging of tags For every log tag, specify a data log in which the values of the connected tags and other information are logged, such as the time of logging. When and how often the values of a log tag are logged are also defined. You have the following options: - "On demand": The tag values are logged by calling the "LogTag" system function. - "On change": The tag values are logged as soon as the HMI device detects a change in the value of the tag. - "Cyclic": The tag values are logged at regular intervals. You can supplement the default cycles in WinCC with your own cycles based on the default cycles. The smallest value that can be set is 1 s. All other values are integer multiples of this value. You can also restrict the logging of values within or outside a tolerance band. In this way, the logging of values within a relevant range of values is restricted. Note the following points if you want to log a tag on demand: - Do not log this type of tag in a segmented circular log in which tags are logged in a continuous cycle or in response to changes. Background: - If logging takes place on demand only rarely, the log segment will be filled by cyclicallylogged values, for example, and the next log segment will be created. If you then attempt to access the tag that was logged on demand, it will not be possible to display the tag since it is the current log segment that is accessed in Runtime. To remedy this, you should create a separate data log for tags that are logged only rarely. Further processing logged tag values You can analyze the logged tag values directly in your project, such as in a trend view, or in another user program, such as Excel. See also Creating a data log (Page 5367) Managing logging behavior when Runtime starts (Page 5368) Controlling the Logging in relation to the Fill Level (Page 5369) Logging process values (Page 5370) Triggering a system function when log is full (Page 5372) 5366 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) System functions for logs (Page 5373) Basic principles for data logging (Page 5363) Configuring logging tags (Page 5380) Configuring a checksum for a log (Page 5374) Evaluating the checksum of log data (Page 5376) Creating a data log (Basic Panels, Panels, RT Advanced) Introduction Data logs are used to store values from external and internal tags in runtime. When you create a log, you must give it a name and define its size and storage location. In addition you can enter comments for each log. Requirement A project is open. The Inspector window is open. Procedure To create a data log, proceed as follows: 1. Double-click on the "Historical Data" entry in the project tree. The editor for data logs and alarm logs opens. 2. Open the "Data logs" tab and double-click "Add" in the "Name" column of the "Data logs" editor. A new data log is created. 3. In the Inspector window select "Properties > Properties > General." 4. Enter a unique name for the log in the "Name" field. 5. Define the number of data records to be logged in each log in the "Number of data records per log" field. The size of a log is calculated as follows: The number of items * the length of each tag value to be logged. In the Inspector window, the maximum size that the log can reach if the currently selected number of data records is observed is displayed beneath the "Number of data records" input field. 6. In the "Storage location" field you select where the log entries are saved. 7. Depending on the selected "Storage location", you either select the "Path" or the "Name of the data source". 8. If necessary, enter a descriptive text in the "Comment" category to document your configuration. Alternatively you can configure log properties directly in the "Data log" editor. To view hidden columns, activate the column titles using the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 5367 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Result The data log is created. You can now configure tags so that their values are stored in this log. To continue the log configuration, perform the following steps: Define the restart characteristics of the log when Runtime is started. Define how the log should behave when it is full. Configure a function list for the "Overflow" event. See also Logging Tags (Page 5365) Managing logging behavior when Runtime starts (Basic Panels, Panels, RT Advanced) Introduction When you configure a log, you define the restart characteristics of the log when Runtime is started. You define whether the logging should start when Runtime starts in the log properties. You can also define whether an existing log will be continued or overwritten. You define the restart characteristics separately for each log. Requirement You have created a log. The "Historical Data" editor is open. The Inspector window with the log properties is open. Procedure To configure the restart characteristics of a data log, proceed as follows: 1. Select the log for which you want to define the restart characteristics in the "Historical Data" editor. 2. In the Inspector window select "Properties > Properties > Restart behavior". 3. If you want logging to start when Runtime starts, enable the "Enable logging at runtime start" option in the "Logging" area. You can also start logging in Runtime using the "StartLogging" system function, for example. 4. Select the restart behavior of the log in the "Log handling at restart" area. - The logged values are deleted and logging is started again with the option "Reset log". - The option "Append data to existing log" is used to append the values to be logged to the existing log. 5368 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Alternatively you can configure the restart characteristics of a log directly in the "Historical Data" editor. To view hidden columns, activate the column titles using the shortcut menu. Result Logging will start in runtime according to your settings. See also Logging Tags (Page 5365) Controlling the Logging in relation to the Fill Level (Basic Panels, Panels, RT Advanced) Introduction The size of a log is determined by the number of entries. You use the logging method to determine how the log responds when it is full. Logging methods The following logging methods are available: Circular log When the configured log size has been reached, the oldest entries are deleted. When the configured log size has been reached, approximately 20% of the oldest entries are deleted. It is therefore not possible to display all the configured entries. During configuration, select an appropriate size for the circulation log. Alternatively, configure a segmented circular log. Segmented circular log In a segmented circular log, multiple log segments of the same size are filled in succession. When all logs are completely full, the oldest log is overwritten. Log that sends a system alarm when it is full When a defined level is reached, such as 90 %, a system alarm is triggered. When the log is 100% full, new tag values are not logged. Log with level-dependent triggering of an event. When the log is completely full, the "Overflow" event is triggered. Configure a function list for the event that will be carried out when the "Overflow" event occurs. When the configured size of the log is reached, new tag values are not logged. The following system functions are available for further processing of full logs: For further details, refer to System functions for logs (Page 5373). Requirement You have created a log. The "Historical Data" editor is open. The Inspector window with the log properties is open. WinCC Advanced V14 System Manual, 10/2016 5369 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure 1. Select the log for which you want to define the logging method in the "Historical Data" editor. 2. Select "Properties > Properties > Logging method" in the Inspector window and select the required logging method. 3. If you have selected the "Segmented circular log" type, enter the number of log segments. If you selected a log with the "Display system alarm on" setting, specify the level as a percentage at which a system alarm is to be triggered. If you selected the "Trigger event" setting, configure the function list in the "Events" group. Alternatively you can configure the logging method directly in the "Historical Data" editor table. To view hidden columns, activate the column titles using the shortcut menu. The "Overflow" event is not available in the editor table. You must therefore configure the function list in the Inspector window. Result The selected log responds according to the settings in Runtime. See also Logging Tags (Page 5365) System functions for logs (Page 5373) Logging process values (Basic Panels, Panels, RT Advanced) Introduction You can save the process values of a tag in a data log in Runtime. You define the following conditions for logging a tag: The log tag, through which the values of the connected tag are logged. In which log the values are stored The conditions under which the values are stored If only process values for a certain range of values are stored To log the tag values, assign a logging tag to an HMI tag. The logging tag is stored in the data log and logs the values of the connected HMI tag. You can configure logging tags directly in the "HMI tags" editor. The " HMI tags" editor contains the "Logging tags" editing table. 5370 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) If the view of the "Logging tags" table is minimized, click the arrow button below the tag table. Figure 12-3 The "Logging tags" table is displayed. Requirement The data log has been created. The tag for which you wish to configure the logging must already exist. The "Tags" editor is open. The "Logging tags" table is displayed. The Inspector window with the tag properties is open. Procedure To log process values in a tag, proceed as follows: 1. Select a tag in the tag table. 2. Double-click "Add" in the "Name" field in the "Logging tags" table. A new logging tag is created; it is given the same name as the associated HMI tag. 3. Select the data log in which the values of the tags are to be logged under "Properties > Properties > General" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5371 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 4. Select "Properties > Properties > Logging type" in the Inspector window and select the log type for logging. - "Cyclic": The tag values are logged in accordance with the set logging cycle. - "On change": The tag values are logged, as soon as the operator device detects a change in value. - "On demand": The tag values are logged by calling the "LogTag" system function. 5. If you want to log tag values cyclically, select a cycle time in the "Logging cycle" area. Alternatively, you can define your own cycle using the object list. The smallest value that can be set is 1 s. All other values are integer multiples of this value. 6. If you only want to log tag values outside or inside a defined value range, select "Properties > Properties > Deadband for logging" in the Inspector window. Define the values for the high and low limits. If you want to configure a dynamic limit, select "HMI tag" using the selection button. In the second field, select the tag that contains the limit. If you want to configure a fixed limit, select "Constant." Enter the limit value in the second field. If you want to leave a limit undefined, select "None". 7. Under "Scope", specify whether tag values are to be logged only if they are within the defined limits or only if they are outside the defined limits. Alternatively, you can configure the logging of a tag directly in the "Logging tags" editor table. To view hidden columns, activate the column titles using the shortcut menu. You can also fully configure a logging tag in the "Historical Data" editor. Result The process values of the configured tag are logged in Runtime according to the selected settings. Note To have the tag values actually logged in runtime, you must ensure that the data log is started. Logging can be started automatically at start up or by means of a system function. To automatically start the log, use the setting in the log Properties window. See also Logging Tags (Page 5365) Triggering a system function when log is full (Basic Panels, Panels, RT Advanced) Introduction You can select a logging method that executes a function list as soon as the log is full. 5372 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Application example You can use system functions, for example, to swap the data from a full log file out to another log before the full log is overwritten. You can then continue to process the transferred data in another program. Assign the "CopyLog" system function to the "Overflow" event accordingly. Requirement A log with the "Trigger event" logging method is created. The "Data log" editor is open. The Inspector window with the data log properties is open. Procedure To configure a system function for the "Overflow" event, proceed as follows: 1. Select the required log in the table in the "Data Log" editor. 2. In the Inspector window select "Properties > Events > Overflow." The function list will open. 3. Double-click "Add function" and select the desired system function. 4. Configure the required parameters of the selected system function. Result During runtime, the function list will be executed as soon as the log is full. See also Logging Tags (Page 5365) System functions for logs (Basic Panels, Panels, RT Advanced) System functions The following system functions are available for logging: Function name How it works ArchiveLogFile This function moves or copies a log to another storage location for longterm archiving. Use the system function if you want to move the Audit Trail, for example, from a local storage medium to the server. With Audit Trails, always use the "Move log (hmiMove)" mode, otherwise you will be violating the FDA guideline by duplicating the data stored. WinCC Advanced V14 System Manual, 10/2016 LogTag Saves the value of the given tags in the given data log. Use the system function to log a process values at a specific time. StartLogging Starts the logging process in the specified log. You can interrupt logging in Runtime by calling the "StopLogging" system function. 5373 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Function name How it works StopLogging Stops the logging process in the specified log. To resume logging in Run time, select the "StartLogging" system function. ClearLog Deletes all entries in the specified log. StartNextLog Stops the logging process in the specified log. Logging is continued in the log segment that has been configured for the given log. CloseAllLogs Closes all logs. The connection between WinCC and the log files or log database is terminated. You can use this system function, for example, to enable hot-swapping of the storage medium on the HMI device without exiting the Runtime software. OpenAllLogs Opens all logs to resume logging. The connection between WinCC and the log files or log database is restored. CopyLog Copies the contents of the specified log to another log. See also Logging Tags (Page 5365) Configuring a checksum for a log (Basic Panels, Panels, RT Advanced) Introduction In a regulated project, you have the option of assigning a checksum to the log data of an data log or alarm log. This checksum can be used during plant operation to determine if the data of this log has subsequently changed. Note Device dependency The "Checksum" option is only available for display and HMI devices which support "Configuration conforms to GMP". Requirements GMP compliant configuration is enabled. A data log or alarm log has been created. 5374 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure Proceed as follows to configure a data log or alarm log for the use of a checksum: 1. Open the data log or alarm log in the corresponding log editor. 2. In the "Storage location" box, select "File - CSV (ASCII)" or "File - TXT (Unicode)". 3. Under "Properties > Properties > Logging method" in the Inspector window, select the option "Display system event at" or "Trigger event". 4. In the editor table, activate the option "Enable checksum". 5. In the editor table, activate the option "Enable logging at runtime start". Columns that are not displayed are activated with the shortcut menu of the column title. 6. Save the project. Result The log data of the log is assigned a checksum in runtime. See also Logging Tags (Page 5365) Evaluating the checksum of log data (Page 5376) WinCC Advanced V14 System Manual, 10/2016 5375 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Evaluating the checksum of log data (Basic Panels, Panels, RT Advanced) Introduction If you have configured a data log or alarm log with generation of a checksum, you can check if the log data has subsequently changed. Note Device dependency The "Checksum" option is only available for display and HMI devices which support "Configuration conforms to GMP". The DOS program "HmiCheckLogIntegrity" is available for checking the integrity of the log data. The "HmiCheckLogIntegrity" program supports verification of the following files: Log files of alarm logs, data logs, and Audit in CSV format Log files of alarm logs, data logs, and Audit in TXT format Recipe data records in CSV format Recipe data records in TXT format You can find the "HmiCheckLogIntegrity.exe" program in the installation directory of WinCC under the folder "WinCC Runtime Advanced", for example <C:\Program Files\Siemens \Automation WinCC Runtime Advanced>. Note Audit Trail and Log with Checksum Before you update WinCC with a Service Pack or a new version, exit and save the Audit Trail or the logs using checksum. After WinCC is updated, the audit trail or logs will be continued with new files using checksum. Make sure that the logs are started at a defined state with the new version. Procedure 1. Copy the file to be checked from the HMI device to your configuration computer. 2. Open a command line prompt with "Start > Programs > Accessories > Command Prompt". 3. Enter the path to "HmiCheckLogIntegrity.exe" followed by a space in the command line prompt. After the space, enter the storage location of the file to be checked within quotation marks. 5376 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 4. Press <Enter>. 5. The check is performed. When the checked data are consistent, the "Consistency check succeeded" message appears. When the checked data are inconsistent, the "Consistency check failed" message appears. Information about the first inconsistent line in the file is also displayed. Note If there are spaces in the path to the "HmiCheckLogIntegrity.exe" program, you need to specify the path in quotation marks. You can also check the integrity of the log data with the AuditViewer. See also Logging Tags (Page 5365) Configuring a checksum for a log (Page 5374) Log response to language switching in runtime (Basic Panels, Panels, RT Advanced) Introduction In the "Device Settings" editor, select the language to be used for writing to logs in runtime. WinCC Advanced V14 System Manual, 10/2016 5377 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Requirements The languages used in your project are activated in the "Project languages" editor, for example, "German (Germany)" and "English (USA)" . Procedure 1. Open the "Languages and fonts" editor. 2. Activate the runtime language, for example, "German (Germany)" and "English (USA)". 3. Set the "Language switch order": - German 0 - English 1 With "0", German is specified as the "Startup language". 4. Open the "Device settings" editor. 5. Select "Startup language" in the "Settings for Runtime" area. Result The project starts after it is transferred. German is specified as the "Startup language" with "Language switch order". The logs are now written in German. During runtime, the operator switches the runtime language to English. The logs will still to be written in German. The operator closes runtime. Due to the previously performed language switch, the next time the system starts the "startup language" is English. Since English is the startup language, the logs are now written in English. The logging language remains English even when the language is switched again in runtime until runtime is closed once again. If you use another option instead of "Startup language" to select the language, the logs are always written in the same language. This is true regardless of the language selected by the operator in runtime. Direct access to the ODBC log database (Advanced) (Panels, RT Advanced) Overview The storage location of a log can be a database or a file. The database is addressed by means of its "Data source name" (DSN). Select the database to be used in WinCC as follows: Select the database from the Windows Start menu under "Settings > Control panel > ODBC Data Sources". In your configuration, specify the "Data source name" (DSN) instead of a directory name as storage path for log data. With the DSN, you are referencing the database and the storage location. The entire functional scope of the database is available for additional processing and evaluation of log data. 5378 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Application The data source sets up the connection to the database. Create the data source on the same PC on which the Runtime software is stored. Then enter the DSN configured on this PC when you create a log in WinCC. The ODBC interface allows you to use other programs, such as MS Access or MS SQL Server, to access the database directly. In addition, you can use the "StartProgram" system function to configure program calls, e.g. MS Access, on the HMI device. Runtime is not interrupted while you configure such calls. Setting up the ODBC data source (Panels, RT Advanced) Introduction To store process values or alarms in the log database in Runtime, set up the ODBC data source. Requirement A log database has been created. You create the log database using the SQL Enterprise Manager. You can find more detailed information on how to do this from Microsoft. Procedure To set up an ODBC data source, follow these steps: 1. In Control Panel, open "Administrative Tools" and select "Data Sources (ODBC)". The "ODBC Data Source Administrator" dialog is opened. 2. Click "User DSN > Add". 3. Select the "SQL-Server and click on "Finish". 4. In the dialog that follows, enter a name for the User DSN and the SQL-Server and click on "Next". 5. In the dialog that follows, define the logon procedure for the SQL database and click on "Next". 6. Activate "Change the default database to". 7. Select the database you have created and click on "Next". 8. In the dialog that follows, click "Finish". WinCC Advanced V14 System Manual, 10/2016 5379 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Logging tags in the "Historical Data" editor (Basic Panels, Panels, RT Advanced) Configuring logging tags (Basic Panels, Panels, RT Advanced) Introduction You can also create and edit logging tags in the "Historical Data" editor in WinCC. You also directly edit the properties of logging tags in the "Historical Data" editor. Note If you delete, move or copy in the "Historical Data" editor, the changes also take effect in the tag table. Requirement The "Data logs" tab is open in the "Historical Data" editor. A data log has been created. Procedure Proceed as follows to configure a logging tag in the "Historical Data" editor: 1. Select an existing data log in the "Data logs" table of the editor. Alternatively, double-click on "Add..." in the "Name" column to create a new data log. 2. Double-click "Add ..." in the "Name" column of the editor "Logging tags" table. 3. Enter a unique name for the logging tag in the "Name" field. 5380 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 4. In the "Process tag" field, click on the selection button and select the process tag for logging in the object list. 5. Select the desired trigger mode in the "Log type" field: - "Cyclic": The tag values are logged in accordance with the set logging cycle. - "On change": The tag values are logged, as soon as the operator device detects a change in value. - "On demand": The tag values are logged by calling the "LogTag" system function. 6. If you want to log tag values cyclically, select the desired cycle time in the "Logging cycle" area. Alternatively, you can define your own cycle using the object list. The smallest value that can be set is 1 s. All other values are integer multiples of this value. 7. Configure additional parameters for logging in the table of the editor or in the Inspector window. Result The configured logging tag is created in the "Historical Data" editor and is also displayed in the tag table. See also Logging Tags (Page 5365) WinCC Advanced V14 System Manual, 10/2016 5381 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 12.2.7 Displaying Tags (Basic Panels, Panels, RT Advanced) 12.2.7.1 Displaying tags with Basic Panels (Basic Panels) Outputting tag values in screens (Basic) (Basic Panels) Introduction In runtime you can output tag values in the screens of the operator device in the form of a trend. A trend is a graphic representation of the values that a tag takes during runtime. Use the "Trend display" graphic object to represent it. Process values for the trend display are loaded by the PLC from the ongoing process. The values to be displayed are determined individually within a fixed, configurable cycle. Cyclically-triggered trends are suitable for representing continuous curves, such as the changes in the operating temperature of a motor. Displayed values You will need to configure a trend view in a screen so that tag values are displayed on the HMI device. When configuring the trend view, specify which tag values are to be displayed. You can control the updating of the trend display by defining the cycle time. See also Configuring trend display for values from the PLC (Basic) (Page 5382) Basics of tags (Page 5304) Configuring trend display for values from the PLC (Basic) (Basic Panels) Introduction You use a trend view to graphically represent values that a tag assumes during the process. Requirement A screen is open. The Inspector window with the trend view properties is open. 5382 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Procedure To configure a trend view, follow these steps: 1. Add the "Trend view" object from the toolbox in the "Control" group to the screen. 2. Select the "Trend" category from the "Properties" group in the Inspector window and doubleclick "<Add>" in the "Name" column. 3. Assign a name to the trend in the "Name" column. 4. In the "Style" column, use the selection button to open the "Style" dialog and select the style of the line. 5. Select the number of trend values in the "Trend values" column. WinCC Advanced V14 System Manual, 10/2016 5383 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 6. In the "Settings" column, use the selection button to open the "Data source" dialog and select the tags to supply the trend with values. Specify the cycle for reading the tags from the PLC. 7. You can make other settings in the dialogs of the Inspector window. For example, you can select the "Display table" option in the "Table" category to display a value table beneath the trend view. Note If you hold down the <CTRL> key and double-click the trend view, the trend view is activated. You set the column width and the position of the columns in the table header of the values table in active mode. In order to activate the trend view the zoom factor has to be set to 100 %. Result In runtime, the values of the selected tags are displayed in the configured trend view. See also Outputting tag values in screens (Basic) (Page 5382) 12.2.7.2 Displaying tags with Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced) Trends (Basic Panels, Panels, RT Advanced) Introduction A trend is a graphic representation of the values that a tag takes during runtime. In order to display trends, configure a trend view in a screen of your project. To configure the trend view, specify a trend type for the values to be displayed. Log: For displaying the logged values of a tag Cyclical real time: For time-triggered display of values 5384 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Bit-triggered real time: For event-triggered display of values Bit-triggered buffer: For event-triggered display with buffered data acquisition Displaying logged values In Runtime, the trend view displays the values of a tag from a data log. The trend shows the logged values in a particular window in time. The operator can move the time window in Runtime to view the desired information from the log. 7LPHVORWLQWKH WUHQGYLHZ $X[LOLDU\OLQH Pulse-triggered trends The values to be displayed are determined individually with a definable time pattern. Cyclicallytriggered trends are suitable for representing continuous curves, such as the changes in the operating temperature of a motor. Bit-triggered trends The values to be displayed are event-driven by setting a defined bit in "Trend transfer" tags. The bit is reset after reading has been completed. Bit-triggered trends are useful for displaying fast-changing values, such as the injection pressure for producing plastic parts. Bit-triggered trends with buffered data acquisition When you set buffered data acquisition, the values to be displayed are buffered in the PLC and read in bit-triggered as a block. These trends are suitable for displaying rapid changes when the course of the trend as a whole is interesting and not so much the individual values. You configure a switch buffer in the PLC so it can continue to write the new values while the trend buffer is being read. The switch buffer ensures that the PLC does not overwrite values while the operator devices reads the values for the trend. The switch between the trend buffer and the switch buffer functions as follows: WinCC Advanced V14 System Manual, 10/2016 5385 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Whenever the bit assigned to the trend is set in the "Trend transfer 1" tag, all the values are read simultaneously from the trend buffer and are displayed as a trend on the HMI device. The bit in "Trend Transfer 1" is reset after reading has been completed. While the operator device is reading the tag values from the trend buffer, the PLC writes the new tag values into the switch buffer. When the bit which is assigned to the trend is set in the "Trend transfer 2" tag , all the trend values are read from the switch buffer and displayed at the operator device. While the operating device is reading the switch buffer, the PLC writes again to the trend buffer. :ULWH 7UHQG EXIIHU :ULWH 6ZLWFKEXIIHU %LWLQ7UHQGWUDQVIHU %LWLQ7UHQGWUDQVIHU 7UHQG EXIIHU :ULWH 6ZLWFKEXIIHU 7UHQG EXIIHU 6ZLWFKEXIIHU 5HDG 5HDG %LWLQ7UHQGWUDQVIHU %LWLQ7UHQGWUDQVIHU %LWLQ7UHQGWUDQVIHU %LWLQ7UHQGWUDQVIHU 7LPH Outputting tag values in screens (Basic Panels, Panels, RT Advanced) Introduction In runtime you can output tag values in the screens of the operator device in the form of a trend. The process values are loaded by the PLC from the current process or from a log database. 5386 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Displayed values You will need to configure a trend view in a screen so that tag values are displayed on the HMI device. When configuring the trend view, specify which tag values are to be displayed. The following options are available: Current values from the PLC Writing of the trend is continued with individual values from the PLC. The following trigger types are available for display in real time: - Bit-triggered real time: The time of the update can be controlled by setting a bit. Bittriggered trends are normally used to visualize rapidly changing values. One example might be the injection pressure in the production of plastic parts. - Cyclical real time: You control the update time with a cycle. Cyclically-triggered trends are suitable for representing continuous curves, such as the changes in the operating temperature of a motor. - Bit-triggered buffer: The trend contains values that were stored in a buffer in the period between two reads from the PLC. Use this format pattern if the course of the trend as a whole is more interesting than the individual values. Logged tag values In runtime, the trend view displays the values of a tag from a data log. The following trigger type is available to display logged tag values: - Data log: The trend shows the logged values in a particular window in time. To obtain the requested information from the archive, the operator uses the corresponding operator controls in the screen or in the trend view. Configuring trend displays for values from the PLC (Basic Panels, Panels, RT Advanced) Introduction You use a trend view to graphically represent values that a tag assumes during the process. Requirement A screen is open. Procedure To configure a trend view, follow these steps: 1. Add the "Trend view" object from the toolbox in the "Controls" group to the screen. 2. Select "Properties . Properties > Trend" in the Inspector window and double-click "Add" in the "Name" field. A new trend is created. 3. If required, enter a unique name for the trend in the "Name" field. 4. In the "Style" column, use the selection button to open the "Style" dialog and select the style of the line. 5. Select the number of trend values in the "Trend values" column. WinCC Advanced V14 System Manual, 10/2016 5387 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) 6. In the "Trend type" column, select the required trend type. The following entries are available: - "Bit-triggered real time" - "Cyclical real time" - "Bit-triggered buffer" - "Data log" 7. In the "Settings source" column, use the selection button to open the "Data source" dialog and select the tags to supply the trend with values. If you selected the "Cyclical real time" trend type, specify a cycle for reading the tags from the PLC. Only for bit-triggered trends: - Under "Bit", specify which bit of the "Trend request" tag and of the "Trend transfer" tags are to be assigned to the trend. Select a different value for each trend. - Enter a tag under "Trend request" which contains at least as many bits as trends are to be displayed in the trend view. The status of the bits of these tags specifies which trend is currently being displayed at the operator device. Only for the trend type "Bit-triggered real time": - Enter a tag under "Trend transfer" which contains at least as many bits as trends are to be displayed in the trend view. The status of the bits of these tags specifies for which trend values are to be read from the PLC. Only for the trend type "Bit-triggered buffer": - Enter a buffer tag for the switch buffer. The tags have to be of the same type and of the same length as the trend tag. - Enter a tag each under "Trend transfer 1" and "Trend transfer 2" which contains at least as many bits as trends are to be displayed in the trend view. The status of these tag bits specifies the trend for which values will be read from the PLC. "Trend transfer 1" controls reading from the trend buffer; "Trend transfer 2" controls reading from the switch buffer. 8. You can make other settings in the dialogs of the Inspector window. For example, you can select the "Display table" option in the "Table" category to display a value table beneath the trend view. Note If you hold down the <CTRL> key and double-click the trend view, the trend view is activated. You can set the column width and the position of the columns in active mode in the values table. In order to activate the trend view the zoom factor has to be set to 100 %. Result In runtime, the values of the selected tags are displayed in the configured trend view. 5388 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Configuring a trend view for a data log (Basic Panels, Panels, RT Advanced) Introduction You can use a trend view to display logged tag values in Runtime. The trend view shows the logged tag values in a particular window in time. To obtain the requested information from the archive, the operator uses the corresponding operator controls in the screen or in the trend view. Application example At the end of a shift, for example, an operator wants information about the process carried out during the shift. Requirement A data log has been created. A screen is open. The Inspector window with the trend view properties is open. Procedure To configure a trend view to display values from a data log, follow these steps: 1. Add the "Trend view" object from the toolbox in the "Controls" group to the screen. 2. Select "Properties . Properties > Trend" in the Inspector window and double-click "Add" in the "Name" field. A new trend is created. 3. If required, enter a unique name for the trend in the "Name" field. 4. In the "Style" column, use the selection button to open the "Style" dialog and select the style of the line. 5. In the "Trend type" column, select the trend type "Data log". 6. In the "Settings" column, use the selection button to open the "Data source" dialog; select the data log and the tags to supply the trend with values. 7. You can make other settings in the dialogs of the Inspector window. For example, you can select the "Display table" option in the "Table" category to display a value table beneath the trend view. Note If you hold down the <CTRL> key and double-click the trend view, the trend view is activated. You can set the column width and the position of the columns in active mode in the values table. In order to activate the trend view the zoom factor has to be set to 100 %. Result In runtime, the logged values of the selected tags are displayed in the configured trend view. WinCC Advanced V14 System Manual, 10/2016 5389 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) See also Representing path trends in the trend view (Page 5392) The structure of a *.CSV file with tags (Basic Panels, Panels, RT Advanced) Introduction In the *.csv (comma-separated value) file format, the "Name" and "Value" table columns of the entry are separated by semicolons. Each table row ends with a line break. Example of a *.CSV file The example shows a file with logged tag values: "VarName";"TimeString";"VarValue";"Validity";"Time_ms" "Var_107";"01.04.98 11:02:52";66,00;1;35886460322,81 "Var_108";"01.04.98 11:02:55 AM";60.00;1;35886460358.73 "Var_109";"01.04.98 11:02:57 AM";59.00;1;35886460381.22 Structure of a log file in *.csv format The following values are entered in the individual columns of a log file: Parameters Description VarName Name of the tag from WinCC Time string Time stamp as a STRING, e.g. readable data format VarValue Value of the tag Validity Validity: 1 = value is valid 0 = an error occurred (e.g. interrupted connection) Time_ms Specify a time stamp as a decimal value (see below for conversion). Only needed to display the tag values in a trend. 5390 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) Conversion of the time stamp decimal value If the value needs to be processed using a different program, proceed as follows: 1. Divide Time_ms by 1,000,000. Example: : 36343476928:1 000 000 = 36343,476928 2. The whole number portion (36344) is the date calculated from 31.12.1899. Example: 36343 results in 02.07.1999 You can now convert the time stamp value to days in Excel by assigning a corresponding format from the "Date" group to the cells, which contain the time stamp. Result: 37986 results in 31.12.2003 3. The value after the comma (0,476928) indicates the time: - Multiply the value (0.476928) by 24 to obtain the hours (11.446272). - Multiply the remainder (0.446272) by 60 results in the minutes (26.77632). - Multiply the remainder (0.77632) by 60 results in the seconds (46.5792). Result 11:26:46.579 This conversion is supported by Microsoft Excel, for example. See also Representing path trends in the trend view (Page 5392) Accessing the ODBC log database directly (Basic Panels, Panels, RT Advanced) Introduction The storage location of a log can be a database or a file. The database is addressed by means of its "Data source name" (DSN). Select the database you want to use in WinCC from the Windows Start menu under "Settings > Control panel > ODBC Data Sources". To store log data, specify the DSN, rather than a directory name during configuration. With the DSN, you are referencing the database and the storage location. Application The entire functional scope of the database is available for additional processing and evaluation of log data. Principle The data source establishes the connection to the database. You create the data source on the same computer that contains the Runtime software. Then enter the DSN configured here when you create a log in WinCC. The ODBC interface allows you to use other programs, such as MS Access or MS SQL Server, to access the database directly. WinCC Advanced V14 System Manual, 10/2016 5391 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) With the "StartProgram" system function, you can also configure a program call (to MS Access, for example) on the HMI device. This does not interrupt Runtime. Representing path trends in the trend view (Basic Panels, Panels, RT Advanced) Introduction To visualize two-dimensional traverse paths of a machine prior to execution, for example, you can use the f(x) trend view. Implementation The basis for the implementation is a data log in which the coordinates are saved with an identical time stamp. The following figure shows the components involved: The basis for representation of value pairs in the f(x) trend view is a data log archive that reads the calculated value pairs from a CSV file. The time stamps of each value pair are identical, for example, "01/01/2010 00:00:00". The data records in the CSV file contain the logging tags with the calculated values. You can calculate the values in the PLC, for example, and store them in two data blocks. Then you can use a VB script, for example, to create the CSV file. The data source for the trend is the data log. The following settings are relevant for the configuration of the data area: The time range must exactly match the time stamps from the CSV file The number of "measuring points" must exactly match the number of data records in the CSV file. 5392 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) VB script for creating a CSV file The following VB script generates "Input_X" and "Input_Y" from the values of the HMI tags. The HMI tags have the "Array (0..10) of Real" data type. WinCC Advanced V14 System Manual, 10/2016 5393 Visualizing processes 12.2 Working with Tags (Basic Panels, Panels, RT Advanced) '########################################################################### ' Location of date log and name of data log which are used in f(x) control Dim ObjFileName, ObjFilePath ' Name of data log ObjFileName = "TrendControl_f(x)0.csv" ' File location for data log ObjFilePath = "\Storage Card SD\" '########################################################################### ' create objects to edit files and use file system Dim ObjFile, ObjFileSystem Set ObjFile = CreateObject("FileCtl.File") Set ObjFileSystem = CreateObject("FileCtl.Filesystem") '########################################################################### ' Write header into the new data log ObjFile.LinePrint(Chr(34)&"VarName"&Chr(34)&";"&Chr(34)&"TimeString"&Chr(34)&";"&Chr(34)&" VarValue"&Chr(34)&";"&Chr(34)&"Validity"&Chr(34)&";"&Chr(34)&"Time_ms"&Chr(34)) If Err.Number <> 0 Then ShowSystemAlarm "Error: Cannot write to data log. " & Err.Number & " " & Err.Description Err.Clear OpenAllLogs TrendControl = 3 Exit Function End If '########################################################################### ' Write entries into data log ' Adapt loop counter to length of archive and array of data tag Dim ObjLoopCount ObjLoopCount = 10 ' last element of array Dim ObjIndex, ObjTime, ObjTimeStamp For ObjIndex = 0 To ObjLoopCount ' Calculate time stamp ' 40179000000 = 01.01.2010 00:00:00 ObjTime = ObjIndex/(60*60*24)*1000 ObjTimeStamp = 40179000000 + ObjTime ' Write x element to log Dim Objx Objx = SmartTags("Input_X")(ObjIndex) ObjFile.LinePrint(Chr(34)&"Temp_x"&Chr(34)&";"&Chr(34)&"01.01.2010 00:00:00"&Chr(34)&";"&Objx&";1;"&ObjTimeStamp) ' Write y element to log Dim Objy Objy = SmartTags("Input_Y")(ObjIndex) ObjFile.LinePrint(Chr(34)&"Temp_y"&Chr(34)&";"&Chr(34)&"01.01.2010 00:00:00"&Chr(34)&";"&Objy&";1;"&ObjTimeStamp) Next ' Write line counter to log Dim ObjLineCount ObjLineCount = 41 ObjFile.LinePrint(Chr(34)&"$RT_COUNT$"&Chr(34)&";"&ObjLineCount&";;;;") 5394 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms '########################################################################### ' Close new log ObjFile.close Set ObjFile = Nothing Set ObjFileSystem = Nothing See also Configuring a trend view for a data log (Page 5389) The structure of a *.CSV file with tags (Page 5390) 12.3 Working with alarms 12.3.1 Basics 12.3.1.1 Alarm Logging in WinCC (Basic Panels) Introduction The alarm system allows you to display and record operating states and faults on the HMI device that are present or occur in a plant. An alarm may have the following content: N Time o. 5 Date 12:50:24 24.02. :590 2007 Alarm text Status Alarm class Boiler pressure above high limit. Incoming Outgoing Warning: Color Red Alarm system in WinCC The alarm system processes a variety of alarm types. The alarm procedures can be broken down into system-defined alarms and user-defined alarms: User-defined alarms are used to monitor the plant process. System-defined alarms monitor the HMI device. The detected alarm events are displayed on the HMI device. Targeted access to the alarms combined with supplementary information about individual alarms ensures that faults are localized and cleared quickly. This reduces stoppages or even prevents them altogether. The following figure shows the alarm system structure: WinCC Advanced V14 System Manual, 10/2016 5395 Visualizing processes 12.3 Working with alarms 6\VWHPGHILQHGDODUPV 8VHUGHILQHGDODUPV +0,GHYLFH 1RQH &RQILJXUDWLRQ LQ:LQ&& 12.3.1.2 +0,GHYLFH $QDORJDODUP 6\VWHPDODUPV 'LVFUHWHDODUP Alarm Logging in WinCC (Panels, RT Advanced) Introduction Alarm logging allows you to display and record operating states and faults on the HMI device that are present or occur in a plant. An alarm may have the following content: N Time of o. day 5 Date 12:50:24 24.02. :590 2007 Alarm text Status Alarm class Boiler pressure above high limit. Incoming Outgoing Warning: Color Red Alarm Logging in WinCC Alarm logging processes various alarm procedures used by the PLC and the HMI device. The alarm procedures can be broken down into system-defined alarms and user-defined alarms: User-defined alarms serve to monitor the plant. System-defined alarms are used to monitor the HMI device or the PLC. 5396 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms The detected alarm events are displayed on the HMI device. You can use the alarm logging system to log alarms from the ongoing process. Targeted access to the alarms combined with supplementary information about individual alarms ensures that faults are localized and cleared quickly. This reduces stoppages or even prevents them altogether. The types of system-defined controller alarms depend on the controller used. The following figure shows the structure of the alarm logging system for communication with the SIMATIC S7-300/400 controllers: 6\VWHPGHILQHGDODUPV6 +0,GHYLFH &RQWUROOHU 6GLDJQRVWLFDODUPV 6,0$7,&66,027, 21 1RQH &RQILJXUDWLRQ LQ:LQ&& 6\VWHPHYHQWV 8VHUGHILQHGDODUPV +0,GHYLFH &RQWUROOHU 6\VWHPGLDJQRVWLF DODUPV &RQWUROOHUDODUPV $QDORJDODUP &RQWUROOHUDODUPV 'LVFUHWHDODUP The following figure shows the structure of the alarm logging system for communication with the SIMATIC S7-1500 controllers: WinCC Advanced V14 System Manual, 10/2016 5397 Visualizing processes 12.3 Working with alarms 6\VWHPGHILQHGDODUPV6 +0,GHYLFH &RQWUROOHU 8VHUGHILQHGDODUPV +0,GHYLFH &RQWUROOHU 6\VWHPGLDJQRVWLFDODUPV 6\VWHPHYHQWV 12.3.1.3 1RQH &RQILJXUDWLRQ LQ:LQ&& &RQWUROOHUDODUPV $QDORJDODUP &RQWUROOHUDODUPV 'LVFUHWHDODUP Alarm Procedures Overview of the alarm types (Basic Panels) Introduction The alarm types serve various purposes for monitoring the plant. The alarms from the individual alarm types are configured and triggered in different ways. Select the relevant tab in the "HMI alarms" editor to configure alarms based on the individual alarm types. Alarm types in WinCC WinCC supports the following alarm types: 5398 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms User-defined alarms Analog alarms - Analog alarms are used to monitor limit violations. Discrete alarms - Discrete alarms are used to monitor states. System-defined alarms System events - System events belong to the HMI device and are imported into the project. - System events monitor the HMI device. Overview of the alarm types (Panels, RT Advanced) Introduction The alarm types serve various purposes for monitoring the plant. The alarms from the individual alarm types are configured and triggered in different ways. Select the relevant tab in the "HMI alarms" editor to configure alarms based on the individual alarm types. Alarm types in WinCC WinCC supports the following alarm types: User-defined alarms Analog alarms - Analog alarms are used to monitor limit violations. Discrete alarms - Discrete alarms are used to monitor states. Controller alarms - You configure controller alarms in STEP 7. - You continue to process the controller alarms in WinCC. Note Device dependency The controller alarm is not supported on all HMI devices. WinCC Advanced V14 System Manual, 10/2016 5399 Visualizing processes 12.3 Working with alarms System-defined alarms System-defined controller alarms - System-defined controller alarms consist of diagnostic alarms (SIMATIC S7) and system errors (SFM) - System-defined controller alarms are used to monitor the PLC. Note Device dependency System-defined controller alarms are not supported on all HMI devices. System events - System events belong to the HMI device and are imported into the project. - System events monitor the HMI device. User-defined alarms Analog alarms Description Analog alarms signal limit violations during the process. Example The speed of the mixer in a fruit juice mixing plant must not be too high or too low. You can configure analog alarms to monitor the speed of the mixer. If the high or low limit for the speed of the mixer is violated, an alarm is output on the HMI device containing the following alarm text, for example: "Mixer speed is too low". Discrete alarms Description Discrete alarms indicate a status in the current process. Example A fruit juice mixing plant consists of several tanks containing the ingredients. To ensure the correct mixing ratio of water, fruit concentrate, sugar, and flavoring, the valves in the intakes open and close at the right moment. This operation should be monitored. You configure a suitable discrete alarm for all the valve states. If a valve on one of the four tanks opens or closes, an alarm is displayed, such as "Water valve closed". The operator can thus monitor whether the plant is producing correctly. 5400 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms PLC alarms (Panels, RT Advanced, RT Professional) Example of an alarm CPU operating mode switch to Stop Description The configuration engineer creates a custom controller alarm in STEP 7. The PLC status values, such as time stamp and process values, are mapped in the controller alarm. If controller alarms are configured in STEP 7, accept them into the integrated WinCC operation as soon as a connection is established to the PLC. Note Automatic update of new or modified controller alarms on the HMI device When controller alarms are configured in STEP 7 and a connection to an S7-1500 controller with firmware version 2.0 (or later) is established, the controller alarms are sent to the HMI devices of device version V14. After changes of the controller alarms, the HMI device configuration must no longer be transferred. In STEP 7, the controller alarm is assigned to an alarm class. You can import this alarm class with the controller alarm as a common alarm class. Types of controller alarms SIMATIC S7 supports different types of controller alarms. WinCC supports different types of controller alarms according to which Runtime is used. Controller alarms for multiple HMI devices If a PLC is connected to multiple HMI devices, the project engineer assigns display classes to the controller alarms in STEP7. The display classes determine the allocation to the HMI device. You can activate the display classes for your HMI device that are to be displayed on it. In this case, only the controller alarms from this display class will be displayed on the HMI device. Up to 17 display classes are possible. See also Editing controller alarms (Page 5429) Sending and automatically updating complete alarm from the controller to the HMI device (Page 5484) WinCC Advanced V14 System Manual, 10/2016 5401 Visualizing processes 12.3 Working with alarms System-defined Alarms System events (Basic Panels) Examples for alarms "An online connection to the PLC is established." Description A system alarm indicates the status of the system, plus communication errors between the HMI device and system. Under "Runtime settings > Alarms" you specify how long a system alarm is shown on the HMI device. Support The reference contains a list of the possible system events, along with the cause and possible remedies. If you contact online support because of a system alarm on the HMI device, you will need the alarm number and tags used in the system alarm. System events (Panels, RT Advanced, RT Professional) Examples of alarms "Overflow of the buffer for printing lines in text mode" "No printer is installed or a default printer has not been set up." Description A system event indicates the system status, including errors in the communication between the HMI device and system. The system events depend on the HMI device. You can load system events in the "HMI alarms" editor from a an *.xml file. Support The reference contains a list of the possible system events, along with the cause and possible remedies. When contacting Online Support because of a system event on the HMI device, you need the event number and tags used in the system event. 5402 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms System-defined controller alarms (Panels, RT Advanced) Example of an alarm Valve open due to overpressure Description System-defined controller alarms are installed with STEP 7 and are only available if WinCC is operated in the STEP 7 environment. WinCC processes system-defined controller alarms of the type "SIMATIC S7 diagnostic alarm". S7 diagnostic alarms show states and events in the SIMATIC S7 controllers. You only have read access to S7 diagnostic alarms. The system assigns the alarms to the "Diagnostics" alarm class. The available properties of the alarm, for example, the number of the alarm group, are accepted without changes. S7 diagnostic alarms are not acknowledged or reported. They are for signaling purposes only. See also Enabling system-defined controller alarms (Page 5430) 12.3.1.4 Alarm states Introduction An alarm assumes various alarm states in Runtime. The user analyzes and reports on the process execution with reference to the alarm states. Note Device dependency Reporting and logging are not available for all HMI devices. WinCC Advanced V14 System Manual, 10/2016 5403 Visualizing processes 12.3 Working with alarms Description Every alarm has an alarm status. The alarm states are made up of the following events: Incoming The condition for triggering an alarm is satisfied. The alarm is displayed, such as "Boiler pressure too high". Outgoing The condition for triggering an alarm is no longer satisfied. The alarm is no longer displayed as the boiler was vented. Acknowledge The operator acknowledges the alarm. Alarms without acknowledgment The following table shows the alarm states for alarms that do not have to be acknowledged: Status Description Incoming The condition for an alarm is satisfied. Outgoing The condition for an alarm is no longer satisfied. Alarms with acknowledgment The following table shows the alarm states for alarms that have to be acknowledged: Status Description Incoming The condition for an alarm is satisfied Outgoing, not acknowledged The condition for an alarm is no longer satisfied. The operator has not acknowledged the alarm. Outgoing, and subsequently acknowledged The condition for an alarm is no longer satisfied. The operator has acknowledged the alarm after this time. Incoming, acknowledged The condition for an alarm is satisfied. The operator has ac knowledged the alarm. Outgoing, but acknowledged first The condition for an alarm is no longer satisfied. The operator acknowledged the alarm while the condition was still satisfied. Each occurrence of these states can be displayed and logged on the HMI device and a protocol printed. Note The display text for the states of an alarm is language-specific and configuration-specific. 5404 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 12.3.1.5 Alarm classes Basics on alarm classes (Basic Panels) Introduction Many alarms occur in a plant. These are all of different importance. You can assign the alarms of your project to alarm classes to clearly show the user which of the alarms are most important. Description The alarm class defines how an alarm is displayed. The alarm class specifies if and how the user has to acknowledge alarms of this alarm class. A new alarm class with mandatory acknowledgment is generated in WinCC. Note The choice of display modes for alarm classes depends on the options on your HMI device. Examples of how to use alarm classes The alarm "Speed of fan 1 in upper tolerance range" has alarm class "Warnings". The alarm is displayed with a white background. The alarm does not have to be acknowledged. The alarm "Speed of fan 2 has exceeded upper warning range" is assigned to the "Errors" alarm class. The alarm is displayed with a red background and flashes at high frequency in runtime. The alarm is displayed until the user acknowledges it. Using alarm classes Use the following alarm classes to define the state machines and display of alarms for your project: Predefined alarm classes You cannot delete predefined alarm classes and edit them only to a limited extent. Predefined alarm classes have been created for each HMI device under "HMI alarms > Alarm classes". Custom alarm classes You can create new alarm classes under "HMI alarms > Alarm classes", configure how you want the alarms to be displayed, and define an acknowledgment model for alarms of this alarm class. The possible number of user-defined alarm classes depends on the Runtime used in your project. WinCC Advanced V14 System Manual, 10/2016 5405 Visualizing processes 12.3 Working with alarms Note Alarm classes from STEP 7 If an HMI device is connected to the controller, alarm classes from STEP 7 will also be displayed in WinCC. Display of system-defined controller alarms is not supported by Basic panels. See also Predefined alarm classes (Page 5407) Creating alarm classes (Page 5415) Using project-wide alarm classes (Page 5416) Basics on alarm classes (Panels, RT Advanced, RT Professional) Introduction Many alarms occur in a plant. These are all of different importance. You can assign the alarms of your project to alarm classes to clearly show the user which of the alarms are most important. Description The alarm class defines how an alarm is displayed. The alarm class specifies if and how the user has to acknowledge alarms of this alarm class. A new alarm class with mandatory acknowledgment is generated in WinCC. Note The choice of display modes for alarm classes depends on the options on your HMI device. Examples of how to use alarm classes The alarm "Speed of fan 1 in upper tolerance range" has alarm class "Warnings". The alarm is displayed with a white background. The alarm does not have to be acknowledged. The alarm "Speed of fan 2 has exceeded upper warning range" is assigned to the "Errors" alarm class. The alarm is displayed with a red background and flashes at high frequency in runtime. The alarm is displayed until the user acknowledges it. 5406 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Using alarm classes Use the following alarm classes to define the state machines and display of alarms for your project: Predefined alarm classes You cannot delete predefined alarm classes and edit them only to a limited extent. Predefined alarm classes have been created for each HMI device under "HMI alarms > Alarm classes". Custom alarm classes You can create new alarm classes under "HMI alarms > Alarm classes", configure how you want the alarms to be displayed, and define an acknowledgment model for alarms of this alarm class. The possible number of custom alarm classes depends on which runtime is used in your project. Common alarm classes Common alarm classes are displayed under "Shared data > Alarm classes" in the project tree and can be used for the alarms of an HMI device. Common alarm classes originate in the alarm configuration of STEP 7. If needed, you can create additional common alarm classes in WinCC. See also Predefined alarm classes (Page 5407) Creating alarm classes (Page 5415) Using project-wide alarm classes (Page 5416) Predefined alarm classes Predefined alarm classes The following alarm classes already created in WinCC for every HMI device: Alarm classes for user-defined alarms "Warnings" The "Warnings" alarm class is designed to show irregular statuses and routines in the process. Users do not acknowledge alarms from this alarm class. "Errors" The "Errors" alarm class is intended to show critical or dangerous states or limit violations in the process. The user must acknowledge alarms from this alarm class. WinCC Advanced V14 System Manual, 10/2016 5407 Visualizing processes 12.3 Working with alarms Alarm classes for system-defined alarms "System" The "System" alarm class contains alarms that display states of the HMI device and the PLCs. Alarms of the "System" alarm class belong to the system alarms. "Diagnosis Events" The "Diagnosis Events" alarm class contains alarms that display states and events in SIMATIC S7 controllers. Users do not acknowledge alarms from this alarm class. Note Device dependency The "Diagnosis Events" alarm class is not available for all HMI devices. "Safety Warnings" The "Safety Warnings" alarm class contains alarms for fail-safe operation. Users do not acknowledge alarms from this alarm class. Alarms of the "Safety Warnings" alarm class belong to the system alarms. Note Device dependency The "Safety Warnings" alarm class is not available for all HMI devices. See also Basics on alarm classes (Page 5406) Creating alarm classes (Page 5415) Using project-wide alarm classes (Page 5416) 12.3.1.6 Acknowledgement Acknowledging alarms Introduction To make sure that an alarm was registered by the plant operator, configure this alarm so that it is displayed until acknowledged by the operator. Alarms that display critical or hazardous states in the process have to be acknowledged. 5408 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Description The acknowledgment of an alarm is an event that is logged and reported. Acknowledging an alarm changes the alarm status from "Incoming" to "Acknowledged". When the operator acknowledges an alarm, the operator confirms that he or she has processed the status that triggered the alarm. Note HMI device dependency Reporting and logging are not available for all HMI devices. Triggering acknowledgment of an alarm In Runtime, you trigger alarm acknowledgments in various ways: Acknowledgement by the authorized user at the HMI device Automatic acknowledgment by the system without operator action, e.g. by means of - Tags - PLC - System functions in function lists or scripts Note HMI device dependency Scripts are not available for all HMI devices. Acknowledging alarms that belong together To make the alarm system clearer and easier to use in Runtime, you can configure an alarm group. You can acknowledge all alarms belonging to this alarm group in a single pass. Acknowledgment by the PLC Discrete alarms will be automatically acknowledged by the PLC, if necessary. The acknowledgment is triggered by a bit in the "Acknowledgment tag PLC". You define the bit and tag at the configuration stage. WinCC Advanced V14 System Manual, 10/2016 5409 Visualizing processes 12.3 Working with alarms Acknowledgment of an alarm on the HMI device In Runtime, the user acknowledges an alarm in one of the following ways, depending on the configuration: Using the acknowledgment button <ACK> on the HMI device Using the button in the alarm view Using configured function keys or buttons in screens Note Acknowledgment button <ACK> on the HMI device To ensure that critical alarms are processed only by authorized users, protect the "ACK" button on the HMI devices, including the operating controls and display objects of the alarms. Use the appropriate operator authorization for this. Note HMI device dependency The acknowledgement key <ACK> is not available on all HMI devices. Reaction to the acknowledgment of alarms of an alarm group Alarm acknowledgment by the operator You acknowledge the alarm of an alarm group, for example, using the <ACK> acknowledgment key or a function key. All alarms of the alarm group are acknowledged. Alarm acknowledgment by the controller The controller sets a tag bit to acknowledge the alarm of an alarm group. The respective alarm is acknowledged. Acknowledgement Model (Basic Panels, Panels, RT Advanced) Overview You define the state machines for an alarm class. Alarms that are assigned to this alarm class will be acknowledged on the basis of these state machines. The following state machines are used in WinCC: Alarm without acknowledgment This alarm comes and goes without having to be acknowledged. There is no visible response from the system. Alarm with simple acknowledgment This alarm must be acknowledged as soon as the event that triggers the alarm occurs. The alarm remains pending until it is acknowledged. 5410 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 12.3.1.7 Alarm groups (Basic Panels, Panels, RT Advanced) Introduction Many alarms from different areas and processes occur in a plant. You can compile associated alarms into alarm groups. Alarm groups You can use the alarm groups to monitor the parts of the plant and to acknowledge the associated alarms together as required. Alarm groups can contain alarms from different alarm classes. You only assign alarms that require acknowledgment to alarm groups. Using alarm groups It is a good idea to compile alarm groups for alarms such as the following: Alarms that are caused by the same fault. Alarms of the same type Alarms from a machine unit, such as "Fault in drive XY" Alarms from an associated part of the process, such as "Fault in cooling water supply" Display in Runtime In Runtime, the "Alarm group" column displays the number of the alarm group to which the alarm belongs. See also Configuring Alarm Groups (Page 5419) 12.3.1.8 Alarm number (Basic Panels, Panels, RT Advanced) Assigning alarm numbers The system assigns unique alarm numbers within an alarm type. Note When adapting alarm numbers, observe the uniqueness of the alarm number within an alarm type. WinCC Advanced V14 System Manual, 10/2016 5411 Visualizing processes 12.3 Working with alarms 12.3.2 Working with Alarms 12.3.2.1 Alarm components and properties Overview You configure the components of alarms in WinCC. The following table shows the basic components of alarms: Alarm Alarm class number Time Date of day Warn 1 ing 11:09 :14 06.08.2 IO 007 Maximum speed reached 2 Sys tem 11:25 :58 06.08.2 I 007 Switch to "Online" mode 0 110001 Alarm status Alarm text Alarm Tooltip Trigger tag Limit This alarm is ... speed_1 27 This alarm is ... PLC-Varia ble_1 - group Alarm class Alarm classes, such as "Warnings" or "Errors". The alarm class defines the following for an alarm: State machine Appearance in Runtime (e.g. color) Logging Note Device dependency Logging is not available for all HMI devices. Alarm number An alarm is identified by a unique alarm number. The alarm number is assigned by the system. You can change the alarm number to a sequential alarm number, if necessary, to identify alarms associated in your project. Time and date Every alarm has a time stamp that shows the time and date at which the alarm was triggered. Alarm status An alarm has the events "Incoming," "Outgoing," "Acknowledge." For each event, a new alarm is output with the current status of the alarm. 5412 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Alarm text The alarm text describes the cause of the alarm. The alarm text can contain output fields for current values. The values you can insert depend on the Runtime in use. The value is retained at the time at which the alarm status changes. Alarm group The alarm group bundles individual alarms. Tooltip You can configure a separate tooltip for each alarm; the user can display this tooltip in Runtime. Trigger tag Each alarm is assigned a tag as trigger. The alarm is output when this trigger tag meets the defined condition, e.g. when its state changes or it exceeds a limit. Limit Analog alarms indicate limit violations. Depending on the configuration, WinCC outputs the analog alarm as soon as the trigger tag exceeds or undershoots the limit value. See also Output of a tag value in the alarm text (Page 5426) Alarm states (Page 5403) Basics on alarm classes (Page 5406) Alarm groups (Page 5411) 12.3.2.2 Configuring Alarms Overview of alarm configuration tasks (Basic Panels) Steps to configure alarms Configuring alarms in WinCC involves the following steps: 1. Edit and create alarm classes You use the alarm class to define how an alarm will be displayed in runtime and to define the state machines for it. 2. Creating tags in the "HMI tags" editor - Configure the tags for your project. - You create range values for the tags. WinCC Advanced V14 System Manual, 10/2016 5413 Visualizing processes 12.3 Working with alarms 3. Creating tags in the "HMI alarms " editor - Create custom alarms and assign these the tag to be monitored, alarm classes, alarm groups, and other properties. - You can also assign system functions or scripts to the alarm events. 4. Output of configured alarms To output configured alarms, configure an alarm view or an alarm window in the "Screens" editor. Additional configuration tasks Additional tasks may be necessary for configuring alarms, depending on the requirements of your project: 1. Creating alarm groups You assign the alarms of your project to alarm groups according to their association, such as by the cause of the problem (power failure) or source of the error (Motor 1). 2. Configuring Loop-In-Alarm A Loop-In-Alarm is configured in order to change to a screen containing relevant information on an alarm received. Overview of alarm configuration tasks (Panels, RT Advanced, RT Professional) Steps to configure alarms Configuring alarms in WinCC involves the following steps: 1. Edit and create alarm classes You use the alarm class to define how an alarm will be displayed in runtime and to define the state machines for it. 2. Creating tags in the "HMI tags" editor - Configure the tags for your project. - You create range values for the tags. 1. Creating tags in the "HMI alarms " editor - Create custom alarms and assign these the tag to be monitored, alarm classes, alarm groups, and other properties. - You can also assign system functions or scripts to the alarm events. 2. Output of configured alarms To output configured alarms, configure an alarm view or an alarm window in the "Screens" editor. 5414 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Additional configuration tasks Additional tasks may be necessary for configuring alarms, depending on the requirements of your project: Activating and editing system events You can import system events when you initially open the "System events" tab in the "HMI alarms" editor. On completion of the import, you can edit the system events. Activating and editing controller alarms For integrated operation of a project in STEP 7, specify the controller alarms to be displayed on your HMI device in the alarm settings. Creating alarm groups Assign the alarms of your project to alarm groups based on their relation, e.g. by error cause (e.g. "power failure"), or by error source (e.g. "Motor 1"). Configuring Loop-In-Alarm Configure a Loop-In-Alarm in order to change to a screen that contains information about an incoming alarm. Configuring Alarm Classes Creating alarm classes (Basic Panels, Panels, RT Advanced) Introduction Create alarm classes in the "Alarm classes" tab of the "HMI alarms" editor. Some default alarm classes are already created for every project. You can create additional custom alarm classes. You can create up to 32 alarm classes. Requirement The "HMI alarms" editor is open. The Inspector window is open. Procedure To create an alarm class, proceed as follows: 1. Click the "Alarm classes" tab. The predefined and existing custom alarm classes are displayed. The following table lists the predefined alarm classes: WinCC Advanced V14 System Manual, 10/2016 5415 Visualizing processes 12.3 Working with alarms 1. Double-click "<Add>" in the table. A new alarm class is created. Each new alarm class is automatically assigned a static ID. The properties of the new alarm class are shown in the Inspector window. 2. Configure the alarm class under "Properties > Properties >General" in the Inspector window. - Enter a "Name" and the "Display name". - Depending on the HMI device, you can also activate logging, or automatic sending of emails. 3. Define the state machines for the alarm class under "Properties > Properties > Acknowledgment" in the Inspector window. 4. Change the default text under "Properties > Properties > Status texts" in the Inspector window. This text indicates the status of an alarm in Runtime. 5. Change the default colors under "Properties > Properties > Colors" in the Inspector window. Depending on the HMI device, also change the flashing characteristics. These settings define how alarms from this alarm class are displayed in Runtime. Note To display the alarm classes in color in Runtime, the "Use alarm class colors" option must be activated. In the project navigation, enable "Runtime settings > Alarms > General > Use alarm class colors" accordingly. See also Predefined alarm classes (Page 5407) Basics on alarm classes (Page 5406) Using project-wide alarm classes (Panels, RT Advanced, RT Professional) Introduction Project-wide alarm classes are displayed under "Shared data > Alarm classes" in the project navigation. Create additional common alarm classes in WinCC. Controller alarms are assigned to common alarm classes. If you work with controller alarms, common alarm classes are automatically loaded in WinCC. Requirements You have created a project. 5416 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Creating project-wide alarm class To create a project-wide alarm class, proceed as follows: 1. Double-click "Shared data > Alarm classes" in the project navigation. The "Project-wide message classes" editor opens in the work area. 2. To create a project-wide message class, double-click in the first empty line of the table editor. 3. Specify the name and display name of the alarm class. 4. Select "With acknowledgment" if the alarm class requires acknowledgment. Assign alarms to a common alarm class Proceed as follows to assign an analog or discrete alarm to a common alarm class: 1. In the "HMI alarms" editor, select the alarm that you want to assign to the common alarm class. 2. Click "General" in the Inspector window. 3. Click "Shared data > Alarm classes" in the project navigation. 4. Select the common alarm class in the detail view. WinCC Advanced V14 System Manual, 10/2016 5417 Visualizing processes 12.3 Working with alarms 5. Drag-and-drop the alarm class to the "Alarm class" selection box or "Alarm class" column in the work area of the Inspector window of the alarm. The system creates a new alarm class that is linked to the common alarm class. The new name of the common alarm class is displayed in the "Alarm class" area of the Inspector window of the alarm. The display name of the common alarm class is activated for the alarm class in your project. 6. Click the "Alarm Class" tab. 7. Check to see whether the display name of the common alarm class is displayed in WinCC. 8. You can change the object name of the alarm class. 5418 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Alternative procedure To assign an alarm to a common alarm class, proceed as follows: 1. Click the "Alarm Classes" tab. The alarm classes are displayed. 2. Click "Shared data > Alarm classes" in the project navigation. The following table shows the common alarm classes: 3. Select the common alarm class in the detail view. 4. Drag-and-drop the alarm class to the "Alarm classes" tab of the "HMI alarms" editor The system creates a new alarm class that is linked to the common alarm class. The new name of the new alarm class in your project is displayed in the "Alarm class" tab. 5. Open the tab with the alarm procedure for the required alarm. 6. Under "General" in the Inspector window, select the alarm and the alarm class linked to the common alarm class. Note Deleting a common alarm class If you delete a common alarm class, the linked alarm class is maintained. If necessary, link the alarm class with another common alarm class or use it as WinCC alarm class. See also Predefined alarm classes (Page 5407) Basics on alarm classes (Page 5406) Configuring Alarm Groups (Basic Panels, Panels, RT Advanced) Introduction Create alarm groups on the "Alarm Groups" tab in the "HMI alarms" editor. An alarm group is a compilation of single alarms. You assign alarms in an alarm group by association, such as cause of the problem or source of the error. If you acknowledge an alarm from this alarm group in Runtime, all other alarms in the alarm group are acknowledged automatically. WinCC Advanced V14 System Manual, 10/2016 5419 Visualizing processes 12.3 Working with alarms Requirement You have created a project. The "HMI alarms" editor is open. The Inspector window is open. Creating a new alarm group 1. Click the "Alarm Groups" tab. The existing alarm groups are displayed. 2. In the work area of the table, double-click "<Add>" in the first free row. A new alarm group is created. 3. You can overwrite the proposed "Name". Result An alarm group is created. For the group acknowledgment of alarms in Runtime, assign the associated alarms that require acknowledgment to an alarm group. Configuring discrete alarms (Basic Panels, Panels, RT Advanced) Introduction Discrete alarms triggered by the PLC indicate status changes in a plant. They indicate the opened or closed state of a valve, for example. The following sections describes the configuration procedures in the "HMI alarms" editor. You can also configure discrete alarms in the "HMI tags" editor. Requirements The "HMI alarms" editor is open. The Inspector window is open. You have created the required alarm classes and alarm groups. Procedure To configure a discrete alarm, proceed as follows: 1. Open the "Discrete alarms" tab. 2. To create a new discrete alarm, double-click in the work area on "<Add>". A new discrete alarm is created. 5420 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 3. To configure the alarm, select "Properties > Properties >General" in the Inspector window: - Enter an alarm text as event text. Use the functions of the shortcut menu to format the text on a character-by-character basis, or to insert output fields for HMI tags, or texts from the text lists. - You can renumber the alarm. - Select the alarm class and the alarm group, if necessary. 4. In the Inspector window, select the tag and the bit that triggers the alarm under "Properties > Properties > Trigger". Note the following information: - Use the data types "Int" or "UInt" to select an HMI tag. - When you select a PLC tag, use the data types "Int" or "Word". The input and output area of a PLC tag is unsuitable as trigger. - Use trigger tag bits only for alarms. - Do not use trigger tags for anything else. - If you want to acknowledge the alarm via the PLC, use this tag also as PLC acknowledgment tag. Note Note the method used to count bits in the utilized PLC when specifying the bit. For more information, refer to the "Communication" section in the PLC Online Help. Note If the object does not yet exist in the selection list, create it directly in the object list and change its properties later. Status-dependent alarm texts To display a different text independent of the alarm status, link a text list to the alarm text. You control the text list with a tag. Additional settings for discrete alarms Creating a tooltip To configure a tooltip for the alarm, follow these steps: Enter your text under "Properties > Properties > Tooltip". WinCC Advanced V14 System Manual, 10/2016 5421 Visualizing processes 12.3 Working with alarms Configuring event-driven tasks To configure event-driven tasks, such as a loop-in alarm, follow these steps: 1. Select the discrete alarm. 2. Select "Properties > Events" in the Inspector window and configure a new function list for the relevant event. See also Configuring trigger for alarm acknowledgment (Page 5453) Output of a tag value in the alarm text (Page 5426) Formatting alarm text (Page 5425) Configuring loop-in alarm (Page 5431) Configuring analog alarms (Basic Panels, Panels, RT Advanced) Introduction Analog alarms indicate limit violations. For example, if the speed of a motor drops below a certain value, an analog alarm is triggered. Requirements The "HMI alarms" editor is open. The Inspector window is open. You have created the required alarm classes and alarm groups. Procedure To configure an analog alarm, proceed as follows: 1. Click the "Analog alarms" tab. 2. To create a new analog alarm, double-click in the table on "<Add>". A new analog alarm is created. 5422 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 3. To configure the alarm, select "Properties > Properties >General" in the Inspector window: - Enter an alarm text as event text. Format the text character-for-character using the shortcut menu. Using the shortcut menu, you can insert output fields for HMI tags, or text from text lists. - You can renumber the alarm. - Select the alarm class and the alarm group, if necessary. 4. Configure the tag that triggers the alarm under "Properties > Properties > Trigger > Settings". Do not use trigger tags for anything else. Configure limit values for an analog alarm 1. In the Inspector window, click the Limit > Value". button under "Properties > Properties > Trigger > - To use a constant as limit value, select "Constant". Enter the required limit value. - To use a tag as limit value, select "HMI tag". The button appears. Use this button to select the tag you want to use. Note If the required tag does not exist in the selection list yet, create it in the object list and change its properties later. 2. Select the mode: - "Higher": The alarm is triggered when the limit is exceeded. - "Lower": The alarm is triggered when the limit is undershot. Optional settings for analog alarms Setting the delay time WinCC Advanced V14 System Manual, 10/2016 5423 Visualizing processes 12.3 Working with alarms To set the delay time, proceed as follows: Enter a time period in the Inspector window under "Properties > Properties> Trigger > Settings > Delay". The alarm is only triggered when the trigger condition is still present after the delay time has elapsed. Setting the deadband Note If a process value fluctuates around the limit, the alarm associated with this fault may be triggered multiple times. To prevent this from happening, configure a deadband or delay time. To enter the deadband, follow these steps: 1. Under "Properties > Properties> Trigger > Deadband > Mode", select the change in alarm status for which the deadband is to be taken into account. 2. Enter a constant value under "Value". 3. To define the deadband value as a percentage of the limit, set the "in %" check box. Automatic reporting To print the alarms continuously: Select the "Activate" option under "Properties > Properties > Miscellaneous > Report." Note Device dependency Reporting is not available for all HMI devices. Creating a tooltip To configure a tooltip for the alarm, follow these steps: Select "Properties > Properties > Tooltip" in the Inspector window and enter your text. Configuring event-driven tasks To configure event-driven tasks, such as a loop-in alarm, follow these steps: 1. Select the analog alarm. 2. Select "Properties > Events" in the Inspector window and configure a new function list for the relevant event. 5424 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms See also Configuring trigger for alarm acknowledgment (Page 5453) Output of a tag value in the alarm text (Page 5426) Formatting alarm text (Page 5425) Configuring loop-in alarm (Page 5431) Formatting alarm text (Basic Panels, Panels, RT Advanced) Introduction The alarm texts can be formatted or special characters inserted in the alarm texts to emphasize specific events or processes. Requirement The "HMI alarms" editor is open. An alarm has been created. Formatting alarm texts To format an alarm text, proceed as follows: 1. Select the alarm to edit. 2. In the Inspector window, select the characters to format under "Properties > Properties > General > Alarm text". 3. Select the formatting from the shortcut menu, e.g. "Underscored" or "Uppercase". The selected characters are displayed in Runtime with the selected formatting. Note It is not possible to underline tags and text list entries. Note Displaying special characters in alarm texts When configuring alarm texts, a fixed character set is used in the Engineering System. This character set allows you to use numerous special characters in alarm texts. Language-dependent fonts are used in runtime to display the texts, for example MS PGothic, SimSun. The fonts used in runtime do not support all special characters. As a result, some special characters are not displayed in runtime. WinCC Advanced V14 System Manual, 10/2016 5425 Visualizing processes 12.3 Working with alarms Removing format settings To remove all text formats, proceed as follows: 1. In the Inspector window, select the characters whose formatting you want to remove in the alarm text. 2. Select "Delete formatting characters" from the shortcut menu. The selected characters are displayed in unformatted notation in Runtime. Output of a tag value in the alarm text (Basic Panels, Panels, RT Advanced) Introduction In WinCC, you can insert output fields into the alarm text which display the content of tags. Requirements The "HMI alarms" editor is open. The alarm is selected. Output of a tag value in the alarm text To insert an output field for a tag value in the alarm text, proceed as follows: 1. Place the cursor onto the required position in the event text. 2. Select "Insert tag output field" in the shortcut menu. 3. Open the object list under "Tag" and select a tag. You can also create the tag in the object list. 4. Under "Format", specify the length of the output field and the format for tag value output in the alarm text. Configure an output field of sufficient size. Otherwise, the tag content is not output to the full extent in the alarm. 5. Click to save your entries. WinCC inserts a placeholder for the output field into the alarm text: "<tag: n, [tag name]>" whereby n = text string length. Editing output field properties To edit the properties of an output field, proceed as follows: Double-click on the output field in the alarm text and edit the settings. Deleting an output field from the alarm text To delete an output field from the alarm text, proceed as follows: Select the output field in the alarm text and then select the "Delete" command from the shortcut menu. 5426 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Note The sequence of the tag output fields in the alarm text depends on the language. The sequence of the Runtime language is used for logging alarms to a CSV log file. Changing the tag of an output field in one language causes the modified output field to appear at the end of the alarm text in all other languages. This changes the sequence of the output fields in the log. Device dependency Logging is not available for all HMI devices. Output of texts from a text list in an alarm (Basic Panels, Panels, RT Advanced) Introduction Text lists are used to create dynamic alarm texts. For example, you can configure the output of both states of a discrete alarm in an alarm text. Insert a corresponding output field in the alarm text and specify the tag that returns the search key for the text list. Requirements A text list is created. The "HMI alarms" editor is open The alarm is selected Output of a text list value in an alarm text To insert an output field for a value from a text list in the alarm text, proceed as follows: 1. Place the cursor at the required position in the alarm text. 2. Select "Insert text list output field" command from the shortcut menu. 3. Select the text list under "Text list". 4. Open the object list under "Tag" and select the tag that returns the search key for the text list. You can also create the tag in the object list. 5. Define the length of the output field under "Format". Configure an output field of sufficient size so that the complete text from the text list is displayed in the alarm. 6. Click on the icon to save your entries. WinCC inserts a placeholder for the output field into the alarm text: ""<textlist: n, [textlist name]>" whereby n = text string length. WinCC Advanced V14 System Manual, 10/2016 5427 Visualizing processes 12.3 Working with alarms Editing output field properties To edit the properties of an output field, proceed as follows: Double-click on the output field in the alarm text and edit the settings. Deleting text list from the alarm text To delete an output field from the alarm text, proceed as follows: Select the output field in the alarm text and then select the "Delete" command from the shortcut menu. Editing System Events (Panels, RT Advanced) Editing system events When you open the "System events" tab in the "HMI alarms" editor, WinCC prompts you to import or update the system events. Import the system events and specify the display period. You cannot delete or create new system events. You can only edit the alarm text with system events. Requirements You have imported the system events. Specifying the display period To determine the display period, proceed as follows: 1. Double-click "Runtime settings" in the project navigation. 2. Enter a value under "Alarms > System events > Display period". This value specifies a time in seconds during which the system events are displayed on the HMI device. If you want to display system events permanently, enter "0". Changing the alarm text To change the alarm text of a system event, follow these steps: 1. Open the "HMI alarms" editor and then click the "System events" tab. 2. Select the system event that you want to edit. 1. Change the alarm text under "Properties > Properties > Properties > General" in the Inspector window. Note If you change an alarm text for a system event that contains a placeholder, leave the number of placeholders unchanged. A placeholder may be a "%1". 5428 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Configuring event-driven tasks The "Incoming" event is available for certain system events, depending on the HMI device. To configure event-driven tasks, proceed as follows: 1. Select the system event. 2. Select "Properties > Properties > Incoming" in the inspector window and configure a function list. Editing controller alarms (Panels, RT Advanced, RT Professional) Introduction Controller alarms are configured in STEP 7. Controller alarms are available in WinCC running in a STEP 7 environment. In WinCC you only edit the properties of controller alarms that are specific to an HMI device. Different properties of a controller alarm can be edited, depending on the HMI device and PLC. You can filter the displayed controller alarms for your project using the display classes that were configured on the PLC for controller alarms. Note When "Automatic update" is set for controller alarms for the connection to the S7-1500 controller, you cannot edit the properties of the respective controller alarms. The controller alarms are not displayed in the "HMI alarms" editor in this case. Requirements The connection was established to the PLC. Alarms were configured in STEP 7. Editing controller alarms Proceed as follows to edit controller alarms: 1. Double-click "HMI alarms" in the project navigation. The "HMI alarms" editor is opened. 2. Open the "Controller alarms" tab. 3. Select the alarm that you want to change in the work area. 4. Make your changes. Depending on the HMI device, it may not be possible to display or enable some of the controller alarm properties. WinCC Advanced V14 System Manual, 10/2016 5429 Visualizing processes 12.3 Working with alarms Editing SIMATIC S7 alarms You can edit these controller alarms in the STEP 7 alarm configuration system. Proceed as follows: 1. Select the alarm that you want to change in the work area. 2. Select "Open in alarm editor of the PLC" from the shortcut menu. The STEP 7 alarm configuration system is opened. 3. Make your changes. Filtering the controller alarm using display classes To filter controller alarms by display classes, proceed as follows: 1. Click "Runtime settings > Alarms" in the project navigation under your HMI device. One or several connections to a PLC are shown in "Contoller alarms". 2. Select the display classes whose controller alarms you want to display for the connection. Result Only those controller alarms whose display class you have enabled for your HMI device will be displayed on the "Controller alarms" tab of the "HMI alarms" editor. See also PLC alarms (Page 5401) Sending and automatically updating complete alarm from the controller to the HMI device (Page 5484) Enabling system-defined controller alarms (Panels, RT Advanced) Enabling system-defined controller alarms To activate system-defined controller alarms of the type "SIMATIC S7 diagnostic alarm" for your HMI device, follow these steps: 1. Select "Runtime settings > Alarms" in the project navigation. The alarm settings open. 2. Under "System events" select the check box "S7 diagnostic alarms (number)". 5430 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 3. To display the system events with alarm text, activate "Show text". 4. To display these alarms in Runtime, configure an alarm view or an alarm window that displays alarms from the "Diagnosis Events" alarm class. Note For HMI devices with small display units, specify to display only the alarm number for system-defined controller alarms. Note The procedure described above can only be applied to connections with SIMATIC S7-300/400 controllers for system-defined controller alarms of the type "SIMATIC S7 diagnostic alarm". See also System-defined controller alarms (Page 5403) Configuring loop-in alarm Introduction A Loop-In-Alarm is configured in order to change to a screen containing relevant information on an alarm received. Requirement The screen called by the Loop-In-Alarm has been created. The "HMI alarms" editor is open. Procedure To configure a Loop-In-Alarm for an alarm, proceed as follows: 1. Click the tab that contains the alarm for which you want to configure the Loop-In-Alarm. 2. Select the alarm. 3. In the Inspector window, select "Properties > Events > Loop-In-Alarm". WinCC Advanced V14 System Manual, 10/2016 5431 Visualizing processes 12.3 Working with alarms 4. Select the "ActivateScreen" system function. 5. Select the screen called by the Loop-In-Alarm as parameter. Note To configure the Loop-In-Alarm for an alarm view with an "alarm line" format, use a button with the following system functions: "EditAlarm" for HMI devices with keys "AlarmViewEditAlarm" for HMI devices without keys The system functions trigger the "Loop-In-Alarm" event. The alarm line has no buttons. Result If you click on the "Loop-In-Alarm" button of the alarm view in Runtime, a screen is opened with information on the selected alarm. See also Configuring discrete alarms (Page 5420) Configuring analog alarms (Page 5422) Alarms in the "HMI tags" Editor Configuring discrete alarms Introduction In WinCC, you can create and edit discrete and analog alarms, including the trigger tags, in the "HMI tags" editor. Note If you delete, move or copy objects in the "HMI tags" editor, the changes also take effect in the "HMI alarms" editor. 5432 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Requirements The "HMI tags" editor is open. Procedure To configure a discrete alarm, proceed as follows: 1. To create a tag, click on "<Add>" in the table at the top of the work area. A new tag is created. 2. Configure an internal or external tag as required. - Use the data types "Int" or "UInt" to select an HMI tag. - When you select a PLC tag, use the data types "Int" or "Word". The input and output area of a PLC tag is unsuitable as trigger. 3. Select the tag at the top of the work area. 4. Click on "<Add>" in the table on the "Discrete alarms" tab at the bottom of the work area. A new discrete alarm is created for the tag. If you have selected the incorrect data type, the tag will be marked in the discrete alarm. 5. Configure the discrete alarm in the Inspector window: - Enter the alarm text under "Properties > Properties > General > Alarm text". You can also insert output fields into the alarm text. - Select an alarm class. - Select the trigger bit of the tag that triggers the discrete alarm under "Properties > Trigger". 6. You can create additional discrete alarms to monitor the tags. Note A tag is monitored using only one alarm type. You should therefore create either analog alarms or discrete alarms for a tag. Result The configured discrete alarms are created in the "HMI tags" editor and displayed in the "HMI alarms" and "HMI tags" editors. Configuring analog alarms Introduction In WinCC, create the discrete and analog alarms, including the trigger tags, in the "HMI tags" editor. You can also edit the alarms as in the "HMI alarms" editor. You can create up to two range values for a tag. You monitor these limits with analog alarms. WinCC Advanced V14 System Manual, 10/2016 5433 Visualizing processes 12.3 Working with alarms Requirements The "HMI tags" editor is open. Procedure To configure an analog alarm in the "HMI tags" editor, proceed as follows: 1. To create a tag, click on "<Add>" in the table at the top of the work area. A new tag is created. 2. Configure an internal or external tag as required. 3. In the Inspector window, configure the range values of the tags under "Properties > Properties > Range": - Select whether to use a "Constant" or an "HMI tag" as limit value for your range values. The object list opens when you select "HMI tag". Select the tag you want to use. 1. Click the "Analog Alarms" tab at the bottom of the work area. Create an analog alarm for both range values. 2. Select an analog alarm and configure it in the Inspector window: - Enter the alarm text under "Properties > Properties > General > Alarm text". - You can also insert output fields into the alarm text. - You can change the default alarm class. 3. Configure the analog alarms as in the "HMI alarms" editor. 4. Complete the configuration of all analog alarms. Note A tag is monitored using only one alarm type. You should therefore create either analog alarms or discrete alarms for a tag. Result The configured analog alarms are created in the "HMI tags" editor and displayed in the "HMI alarms" and "HMI tags" editors. 5434 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 12.3.2.3 Configuring the Outputting of Alarms Overview of configuring alarm output Steps to complete when configuring alarm output You configure the alarm output in WinCC in the following steps: 1. Create alarm view Use the display and control objects in the "Screens" editor to display alarms in Runtime. You can also configure an alarm view for logged alarms. 2. Configure acknowledgment In the "Screens" editor, you can set the operator action that will trigger the acknowledgment. 3. Configure reporting You can create reports in the "Reports" editor to print alarms in Runtime. In the "Scheduler", "Screens", "HMI alarms" or "HMI tags" editors, you define when and how the printing of a report is triggered. Note Device dependency Reporting and logging are not available for all HMI devices. Note Note that only ASCII characters are supported when printing alarms directly in Runtime. Additional configuration tasks Additional tasks may be necessary for configuring alarm views, depending on the requirements of your project: 1. Setting up authorizations To make sure only authorized operators process the alarms, assign authorizations for the alarm view and the function keys of the HMI device. 2. Configuring the filtering of the alarm view You configure the filtering of the alarms in Runtime in the "Screens" editor. You can also configure alarm views that only display selected alarms. 3. Configure operator input alarms Configure the operator input alarms on the operator controls of the HMI device in the "Screens" editor. A preconfigured operator input alarm is output for an operator action. An operator input is, e.g. the acknowledgment of an alarm. WinCC Advanced V14 System Manual, 10/2016 5435 Visualizing processes 12.3 Working with alarms Displaying alarms (Basic Panels, Panels, RT Advanced) Options for displaying alarms on the HMI device WinCC offers the following options for displaying alarms on the HMI device: Alarm view The alarm view is configured in a screen. More than one alarm can be displayed simultaneously, depending on the configured size. You can configure multiple alarm views with different contents. Alarm window The Alarm window is configured in the "Global screen" editor. The alarm window can display multiple alarms at the same time, depending on the configured size. An event can trigger closing and reopening of the alarm window. To hide it during configuration, create an alarm window on its own level. Additional signals Alarm indicator The alarm indicator is a configurable, graphical icon. When an alarm comes in, the alarm indicator is displayed on the HMI device. You configure the alarm indicator in the "Global screen" editor. The alarm indicator has two states: - Flashing: At least one alarm that requires acknowledgment is pending. - Static: The alarms are acknowledged but at least one of them has not gone out yet. The alarm indicator also displays the number of pending alarms according to the HMI device. E-mail notification To inform someone other than the operator, such as an engineer, when an alarm with a specific alarm class arrives, assign the alarm class to an e-mail address. Note Device dependency E-mail notification is not available for all HMI devices. System functions You can configure a list of functions for the event associated with an alarm. These functions must be executed in Runtime when the event occurs. Use system functions for alarms in WinCC to control the alarm view or the alarm window other than via the toolbar. 5436 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Displaying the predefined alarm classes in Runtime The following table shows the symbols used to display the predefined alarm classes in the alarm view: Alarm class Displayed icon "Diagnosis Events" S7 "Errors" ! "System" $ "Warnings" <No symbol> See also Configuring an alarm view for active alarms (Page 5437) Configuring an alarm window (Page 5444) Configuring an alarm indicator (Page 5445) Configuring alarm filtering (Page 5446) Displaying Logged Alarms (Page 5449) System functions for alarms (Page 5488) Configuring an alarm view Configuring an alarm view for active alarms (Basic Panels, Panels, RT Advanced) Introduction Current alarms are displayed in Runtime in an alarm view or alarm window. Requirement A screen is open in the "Screen" editor. The "Tools" task card is open. WinCC Advanced V14 System Manual, 10/2016 5437 Visualizing processes 12.3 Working with alarms Configuring alarms for the alarm view To specify the alarms that will be shown in the alarm view, proceed as follows: 1. Insert an "Alarm view" object from the "Tools" task card into the screen. 2. Select the alarm view. - In the Inspector window, select "Properties > Properties > General > View > Current alarm states". Set whether to display alarms with and/or without mandatory acknowledgment. 5438 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms - To display all alarms in the alarm buffer, enable "Alarm buffer". WinCC Advanced V14 System Manual, 10/2016 5439 Visualizing processes 12.3 Working with alarms 3. In the table, activate the alarm classes to be displayed in the alarm view. 4. Under ""Properties > Properties > View > Control tag for display area", define the tag that returns the date as of which the alarms will be displayed. Note Device dependency The "Control tag for display area" property is not available for all HMI devices. 5440 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Configuring the layout of the alarm view To specify how the alarms are shown in the alarm view, proceed as follows. 1. Under "Properties > Properties > Layout > Settings > Lines per alarm" in the Inspection window, specify the number of lines to display for each alarm. 2. In "Properties > Properties > View", select the control elements that are available on the HMI device. 3. Configure the columns under "Properties > Properties > Columns": - Under "Visible columns" select the columns to be output in the alarm view. - Under "Properties Column", define the properties of the columns. - Under "Sort", select the sorting order of the alarms. Note Select the "Edit" command in the shortcut menu for the alarm view to activate the alarm view. You can set the column width and position in active mode. To enable the alarm view, set the zoom factor to 100 %. The alarm view is deactivated as soon as you deselect the object in the screen. Result Alarms of various alarm classes are output in the alarm view during runtime. WinCC Advanced V14 System Manual, 10/2016 5441 Visualizing processes 12.3 Working with alarms See also Creating alarm classes (Page 5415) Configuring an alarm window (Page 5444) Configuring an alarm view for the S7 diagnostic alarms (Panels, RT Advanced) Introduction To display S7 diagnostic alarms, configure an alarm view or alarm window for the predefined "Diagnosis Events alarm class. Activate the diagnostic alarms accordingly in the Runtime settings of your HMI device. Note Device dependency The "Diagnosis Events" alarm class is not available for all HMI devices. System-defined controller alarms of the type "SIMATIC S7 diagnostic alarm" can be activated for your HMI device only for connections with a SIMATIC S7-300/400 controller. Requirements An alarm view or alarm window is configured in the "Screens" editor A connection to a SIMATIC S7-300/400 controller has been established. Configuring the display of S7 diagnostic alarms To configure the display of S7 diagnostic alarms, follow these steps: 1. Select "Runtime settings > Alarms" in the project navigation. 2. Under "System events" select the check box "S7 diagnostic alarms (number)". 3. To display the S7 diagnostic alarms with text, activate "With event text". 4. Open the screen with the alarm view and select the alarm view. 5442 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 5. In the Inspector window, select "Properties > Properties > General > Display > Alarm class "Diagnosis Events". 6. Continue to configure the alarm view as for the display of current alarms. Result In Runtime the alarm view displays the S7 diagnostic alarms of the controller. Configuring an alarm view for logged alarms Introduction In Runtime, logged alarms are displayed in an alarm view or alarm window. Requirements An alarm view or alarm window is configured in the "Screens" editor An alarm log was created in the "Log" editor. The alarms are assigned the "loggable" attribute in the "HMI alarms" editor. WinCC Advanced V14 System Manual, 10/2016 5443 Visualizing processes 12.3 Working with alarms Configuring an alarm view for logged alarms To configure an alarm view for logged alarms, proceed as follows: 1. Open the screen with the alarm view and select the alarm view. 2. In the Inspector window, select "Properties > Properties > General > Alarm log". 3. Click the "...." button and select the alarm log. 4. Continue to configure the alarm view as for the display of current alarms. Result In Runtime, the logged alarms are output in the alarm view. Configuring an alarm window (Basic Panels, Panels, RT Advanced) Introduction The alarm window displays current alarms. The alarm window is configured in the "Global screen" editor. The alarm window is not assigned to any screen. Depending on the configuration the alarm window is opened when an alarm that belongs to a specific alarm class is active. Depending on the configuration, it is not closed until the alarm is acknowledged. The HMI device can still be used, even if alarms are pending and displayed. An alarm window is displayed and configured like an alarm view. To hide an alarm window during configuration, create it on its own level. Requirement The "Global Screen" editor is open. The "Tools" task card is displayed. The Inspector window is open. Procedure Proceed as follows to configure an alarm window: 1. Insert an "Alarm window" object from the "Tools" task card into the global screen. 2. Configure the alarm window like an alarm view. 3. Under "Properties > Properties > Mode > Window" in the Inspector window, select how the alarm window reacts and is operated in Runtime. - Activate "Modal" if the alarm window is to retain the focus in Runtime after a screen change. This option is important, as switching back and forth between the screen and different windows with <Ctrl+TAB> is not supported. 5444 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Result During runtime, the alarms of the selected alarm class are displayed in the alarm window. See also Configuring an alarm view for active alarms (Page 5437) Creating alarm classes (Page 5415) Configuring an alarm indicator (Basic Panels, Panels, RT Advanced) Introduction The alarm indicator uses a warning triangle to indicate that alarms are pending or require acknowledgment. If an alarm of the configured alarm class occurs, the alarm indicator is displayed. The alarm indicator has two states: Flashing: At least one alarm that requires acknowledgment is pending. Static: At least one of the acknowledged alarms has not gone out yet. During configuration, specify whether Runtime has to open an alarm window when you operate the alarm indicator. Requirement The "Global Screen" editor is open. The "Tools" task card is open. The Inspector window is open. Procedure Proceed as follows to configure the alarm indicator: 1. Insert the "Alarm view" object from the "Tools" task card into the work area. 2. Select the alarm indicator. WinCC Advanced V14 System Manual, 10/2016 5445 Visualizing processes 12.3 Working with alarms 3. Under "Properties > Properties > General" in the Inspector window, select the alarm classes to be displayed by the alarm view. Specify whether to display pending and/or acknowledged alarms in the alarm view. 4. Under "Properties > Event", assign the system function "ShowAlarmWindow" to an event of the alarm view. Note If you have configured a permanent area in the screen or template, do not position the alarm window and alarm view in the vicinity of the permanent area. Otherwise, the alarm window and the alarm view will not be displayed in Runtime. However, the permanent area is not visible in the "Global screen" editor. Result The alarm view is displayed if alarms from the selected alarm class are pending or need to be acknowledged in Runtime. The alarm window opens when the user operates the alarm view. Configuring alarm filtering (Panels, RT Advanced) Introduction You can filter the display of alarms in the enhanced alarm view. The criterion is always a character string. There are two ways to filter the alarm view: A fixed criterion is configured in WinCC. In Runtime, all alarms that contain the complete character string in the alarm text are displayed. You filter the alarm view in Runtime. In Runtime, a filter tag sets the relevant character string in the alarm view by means of an I/O field, e.g. as described below. The filter affects the display in the alarm view. All alarms in the alarm buffer are retained. 5446 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Requirement The alarm view has been configured. The screen with the alarm view is open. The Inspector window is open. Configuring filters for a fixed character string 1. Select the alarm view. 2. In the Inspector window, select "Properties > Properties > Alarm filter". 3. Enter a filter string in "Filter string". Result Only those alarms are displayed in Runtime that contain the complete character string from the filter in the alarm text. Configuring filters for a variable character string 1. Select the alarm view. 2. In the Inspector window, select "Properties > Properties > Filter". WinCC Advanced V14 System Manual, 10/2016 5447 Visualizing processes 12.3 Working with alarms 3. Select a tag from "Filter tag". The tag must be of the "String" type. 4. In the screen, configure an I/O field for entering the filter string in Runtime. - In the Inspector window, select "Properties > Properties > General > Format > Display format > String". - To link the I/O field to the alarm view, select "Process" to set the filter tag you selected for the alarm view. Result If you enter a string in the I/O field in Runtime, the alarm view only displays alarms that contain the complete string in their alarm text. 5448 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms If a permanently configured character string and a filter tag were configured, the alarms will be filtered in Runtime according to the content of the filter tag. If the filter tag is blank, the permanently configured character string is used as the filter. Note Filtering is not possible for the following alarm views: Simple alarm view Alarm line Alarm window Alarm view for logged alarms Displaying Logged Alarms (Panels, RT Advanced) Introduction You display logged alarms in Runtime in an alarm view. The alarm view shows the content of an alarm log. Application For example, you want to view information about the process at the end of a shift. Requirements An alarm log has been created. A screen is open. The Inspector window is open. Procedure Proceed as follows to configure an alarm view to output an alarm log: 1. Configure an alarm view in a screen. 2. Under "Properties > Properties > General > Display > Alarm log"" in the Inspector window, select the required alarm log. You can always create a new alarm log. WinCC Advanced V14 System Manual, 10/2016 5449 Visualizing processes 12.3 Working with alarms Result During runtime, the alarms logged in the selected alarm log appear in the Alarm view. Note In runtime, the alarm texts logged are not displayed but rather the alarm texts in the current project. The logged alarm texts are only intended for external evaluation of the log file. If the alarm log displayed was configured differently, the alarm texts displayed may not correspond with those logged. Reporting Alarms (Panels, RT Advanced) Overview WinCC can report on all alarms that occur in the system. The following options are available: Output an alarm sequence report In Runtime, the standard printer of the HMI device will continuously print each alarm and any changes in its status. Output of an alarm report You configure an alarm report in the "Reports" editor and specify when it is output in Runtime: - For event-driven output, configure an object that is assigned the "PrintReport" system function. The object can be a button or tag. - For time-driven output, create a "Print job" in the scheduler. Assign an alarm report to the job. Note In the alarm report, specify whether to output current or logged alarms. Requirements A printer was configured on the HMI device. 5450 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Activating continuous alarm reporting To activate continuous reporting of alarms, follow these steps: 1. Double-click "Runtime settings" in the project navigation. 2. Select "Alarms > General > Report". Result The latest alarms are output at the printer of the HMI device. WinCC Advanced V14 System Manual, 10/2016 5451 Visualizing processes 12.3 Working with alarms Excluding an alarm from reporting To exclude specific alarms from reporting, proceed as follows: 1. Open the "HMI alarms" editor. 2. Select the alarm to exclude from reporting on the tab of the selected alarm type. 3. In the Inspector window, disable "Properties > Properties > Miscellaneous > Report". Result WinCC does not output these alarms currently on the connected printer. See also Working with reports (Page 5618) 12.3.2.4 Acknowledging alarms Configuring alarm acknowledgment by means of alarm class (Basic Panels, Panels, RT Advanced) Introduction To configure an alarm with alarm acknowledgment, assign it to an alarm class with the "Alarm with single acknowledgment" state machine. Requirement The "HMI alarms" editor is open. The required alarm class has been created. The required alarm has been created. 5452 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Selecting the state machines for an alarm class The state machine for a predefined alarm class has already been set. You can only set the state machines for user-defined alarm classes. Proceed as follows: 1. In the "HMI alarms" editor, click the "Alarm class" tab and select the alarm class. 2. Select the required acknowledgment model under "Properties > Properties > Acknowledgment" in the Inspector window. Assign alarms to an alarm class requiring acknowledgment Proceed as follows to assign an alarm to an alarm class requiring acknowledgment. 1. In the "HMI alarms" editor, click the tab for the alarm type and select the alarm. 2. Under "Properties > Properties > General" in the Inspector window, select the alarm class of the alarm. Result The alarm will not disappear in Runtime until it is acknowledged by the operator. Configuring trigger for alarm acknowledgment (Basic Panels, Panels, RT Advanced) Introduction You always specify the acknowledgment requirement for an alarm using the alarm class. Then the operator acknowledges the alarm using the "ACK" function key of the HMI device or the "Acknowledgment" button of the alarm view. The following options are also available to trigger acknowledgment: Configuring a button to acknowledge an alarm Acknowledgment of a Discrete Alarm by the PLC Requirements The "HMI alarms" editor is open. The required alarm class has been created. The required alarm has been created. An alarm view and a button are created in the "Screens" editor. WinCC Advanced V14 System Manual, 10/2016 5453 Visualizing processes 12.3 Working with alarms Configuring a button to acknowledge an alarm To configure a button for acknowledging an alarm, proceed as follows: 1. Select the button in the "Screens" editor. 2. Under "Properties > Events" in the Inspector window, assign the "AlarmViewAcknowledgeAlarm" system function to the "Click" event. 3. Select the alarm view as parameter. Acknowledgment of a Discrete Alarm by the PLC 1. In the "HMI alarms" editor, click the "Discrete alarm" tab and select the discrete alarm. 2. In the Inspector window, select the tag and the bit that acknowledges the PLC alarm under "Properties > Properties > Acknowledgment > PLC". Acknowledging alarms in an alarm group The various acknowledgment options have the following effect in alarm groups: Operator acknowledges the alarm You acknowledge the alarm of an alarm group, for example, using the <ACK> acknowledgment key or a function key. All alarms of the alarm group are acknowledged. The PLC acknowledges the alarm The alarm of an alarm group is acknowledged by setting a bit in the tag. Only the alarm to be acknowledged is acknowledged. 5454 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Sending alarm acknowledgments to the PLC (Basic Panels, Panels, RT Advanced) Requirement The "HMI alarms" editor is open. The required alarm has been created and assigned to an alarm class requiring acknowledgment. Note You cannot send the acknowledgment of analog alarms to the PLC. Sending alarm acknowledgments to the PLC To configure that acknowledgment of an alarm is sent to the PLC, follow these steps: 1. In the "HMI alarms" editor, click the "Discrete alarm" tab and select the discrete alarm. 2. In the Inspector window, select "Properties > Properties > Acknowledgment". 3. Under "HMI", select the tag and the bit set by the alarm acknowledgment function. Note The HMI device and PLC only have read access to the acknowledgment tag memory area. Result If the operator acknowledges the alarm in Runtime, the operating step is forwarded to the PLC. 12.3.3 Logging Alarms (Basic Panels, Panels, RT Advanced) 12.3.3.1 Alarm Logging Basics (Basic Panels, Panels, RT Advanced) Introduction An alarm log is used to record project alarms. Note Alarm logging is not available for every HMI device. WinCC Advanced V14 System Manual, 10/2016 5455 Visualizing processes 12.3 Working with alarms Configuration steps To log an alarm, follow these configuration steps: 1. Creating an alarm log You define the following properties for the alarm log: - Logging method Behavior of the log when reaching a specific fill level - Storage location and file format - Log size - Runtime start characteristics 2. Assigning an alarm log to an alarm class You can log the alarms from multiple alarm classes in an alarm log. 3. Assigning an alarm to a loggable alarm class 4. Configure display of logged alarms in an alarm view Content of the alarm log All states are logged for configured alarms. The following three entries, for example, are stored in the log for an alarm that requires acknowledgment: 04.08.2007 10:00:25:520, analog alarm, ID5, K, error, fill level exceeded by 10% 04.08.2007 10:01:20:442, analog alarm, ID5, Q, error, fill level exceeded by 10% 04.08.2007 10:01:30:112, analog alarm, ID5, G, error, fill level exceeded by 10% In the example, the alarm states are identified by the following letters: K = Incoming Q = Acknowledged G = Outgoing All data belonging to an alarm is stored in the alarm log, including configuration data such as the alarm class, time stamp, and alarm text. The potential number of logged alarms depends on the data medium used. You can further process the logged alarms in other programs for analysis purposes, for example. Note Alarm text and point of error are only logged if you have configured such a setting in the log properties. Logged alarms that contain alarm text and the point of error exceed the estimated size of the configured alarms. Check to see whether the specified storage location still has sufficient space. Note The time stamp of a logged alarm is always specified in standard UTC format (Universal Time Coordinated). 5456 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Logging methods The logging method determines how the alarm log responds when the configured size is reached. WinCC supports the following logging methods: Circular log When the configured log size has been reached, the oldest entries are deleted. When the configured log size has been reached, approximately 20% of the oldest entries are deleted. It is therefore not possible to display all the configured entries. During configuration, select an appropriate size for the circulation log. Alternatively, configure a segmented circular log. Segmented circular log In a segmented circular log, multiple single logs of the same size are filled in succession. When all logs are completely full, the oldest log is overwritten. Log with level-dependent system alarm When a defined level is reached, such as 90 %, a system alarm is triggered. When the configured size of the log has been reached, new alarm events are not logged. Log with level-dependent execution of system functions When the log is completely full, the "Overflow" event is triggered. You configure a function list for the event. When the configured size of the log has been reached, new alarm events are not logged. Displaying logged data On the HMI device, the logged data is displayed in an alarm view that is configured for this purpose. See also Checksums for logs in regulated projects (Page 5466) Configuring alarm buffer overflow (Page 5461) 12.3.3.2 Creating an alarm log (Basic Panels, Panels, RT Advanced) Introduction In Runtime, you save alarms to the alarm logs. Specify the alarm log in the alarm class. An alarm log contains the alarms of several alarm classes. Create the alarm log in the "Logs" editor. When creating an alarm log, define the following parameters: Name Size Storage location Runtime start characteristics Log type Advanced content Checksum WinCC Advanced V14 System Manual, 10/2016 5457 Visualizing processes 12.3 Working with alarms You can also enter comments for each log. Requirement The "Alarm log" tab is open in the "Log" editor. The Inspector window is open. Procedure To create an alarm log, proceed as follows: 1. Double-click "<Add>" in the table. A new alarm log is created. 2. Under "Properties > Properties > General" in the Inspector window, enter a unique name for the alarm log. 3. Under "Number of data records per log", define the number of alarms to be saved to a log file. The approximate space required on the storage medium is displayed. Memory space requirements will increase accordingly if you log alarm texts with tag values. 4. In the "Storage location" field you select where the log entries are saved. 5. Depending on the selected "Storage location", you either select the "Path" or the "Name of the data source". 5458 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 6. To determine if audit trail data were changed at a later time, activate "Properties > Properties > General > Checksum". Note Device dependency The "Checksum" option is only available for display and HMI devices which support "Configuration conforms to GMP". 7. If necessary, enter a descriptive text in the "Comment" category to document your configuration. Result The alarm log is created. You can assign one or several alarm classes to this alarm log. See also Managing logging behavior when Runtime starts (Page 5468) Controlling the Logging in relation to the Fill Level (Page 5469) 12.3.3.3 Logging Alarms (Basic Panels, Panels, RT Advanced) Overview To log alarms, follow these steps: Create an alarm log. Assign the created alarm log to an alarm class. Assign the alarm class with the created alarm log to an alarm. In the Runtime settings specify the language in which you want to write the logs. You evaluate logged alarms. You can analyze the logged alarms directly in your WinCC project, such as in an alarm view, or in another user program, such as Microsoft Excel. Note Tag fields in the alarm text The sequence of tag fields in the alarm text is language dependent. The sequence of the Runtime language is used for logging alarms to a "*.csv" log file. Changing the tag of an output field in one language causes the modified output field to appear at the end of the alarm text in all other languages. This means the sequence of the output fields in the log file can change. WinCC Advanced V14 System Manual, 10/2016 5459 Visualizing processes 12.3 Working with alarms Requirements You have created an alarm log. The "HMI alarms" editor is open. Assigning an alarm log to an alarm class To assign the alarm log to an alarm class, proceed as follows: 1. Open the "Alarm classes" tab in the "HMI alarms" editor. 2. Select the required alarm class. 3. Under "Properties > Properties > General > Log" in the Inspector window, select the alarm log. Assign alarm to an alarm class To assign an alarm to the alarm class, proceed as follows: 1. In the "HMI alarms" editor, open the "Analog alarms" tab, or the "Discrete alarms" tab. 2. Select the required alarm. 3. Under "Properties > Properties > General > Alarm class" in the Inspection window, select the alarm class for which the alarm log was configured. Result The alarm is saved to the configured alarm log. 12.3.3.4 Configuring an alarm view for logged alarms (Basic Panels, Panels, RT Advanced) Introduction In Runtime, logged alarms are displayed in an alarm view or alarm window. Requirements An alarm view or alarm window is configured in the "Screens" editor An alarm log was created in the "Log" editor. The alarms are assigned the "loggable" attribute in the "HMI alarms" editor. Configuring an alarm view for logged alarms To configure an alarm view for logged alarms, proceed as follows: 1. Open the screen with the alarm view and select the alarm view. 2. In the Inspector window, select "Properties > Properties > General > Alarm log". 5460 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 3. Click the "...." button and select the alarm log. 4. Continue to configure the alarm view as for the display of current alarms. Result In Runtime, the logged alarms are output in the alarm view. 12.3.3.5 Configuring alarm buffer overflow (Basic Panels, Panels, RT Advanced) Introduction The size of the alarm buffer depends on the type of HMI device. In WinCC, specify the percentage of the alarm buffer to be deleted on alarm buffer overflow. Requirements You have created a project. Procedure To configure the response to an alarm buffer overflow, follow these steps: 1. Double-click "Runtime settings" in the project navigation under your HMI device. 2. Under "Alarms > General > Buffer clearance in percent upon buffer overflow", enter a value between 1 and 100. This value specifies the percentage of the alarm buffer that is deleted on alarm buffer overflow. Result If data in the alarm buffer exceeds the resources of alarm buffer memory, the configured percentage of data will be deleted from the oldest alarms in the alarm buffer. Note You cannot check the alarm buffer overflow separately by alarm method. You can use the "ClearAlarmBuffer" system function to delete specific alarms of specific alarm classes from the alarm buffer. See also Alarm Logging Basics (Page 5455) WinCC Advanced V14 System Manual, 10/2016 5461 Visualizing processes 12.3 Working with alarms 12.3.3.6 Direct access to the ODBC log database (Panels, RT Advanced) Overview The storage location of a log can be a database or a file. The database is addressed by means of its "Data source name" (DSN). Select the database to be used in WinCC as follows: Select the database from the Windows Start menu under "Settings > Control panel > ODBC Data Sources". In your configuration, specify the "Data source name" (DSN) instead of a directory name as storage path for log data. With the DSN, you are referencing the database and the storage location. The entire functional scope of the database is available for additional processing and evaluation of log data. Application The data source sets up the connection to the database. Create the data source on the same PC on which the Runtime software is stored. Then enter the DSN configured on this PC when you create a log in WinCC. The ODBC interface allows you to use other programs, such as MS Access or MS SQL Server, to access the database directly. In addition, you can use the "StartProgram" system function to configure program calls, e.g. MS Access, on the HMI device. Runtime is not interrupted while you configure such calls. 12.3.3.7 Setting up the ODBC data source (Panels, RT Advanced) Introduction To store process values or alarms in the log database in Runtime, set up the ODBC data source. Requirement A log database has been created. You create the log database using the SQL Enterprise Manager. You can find more detailed information on how to do this from Microsoft. Procedure To set up an ODBC data source, follow these steps: 1. In Control Panel, open "Administrative Tools" and select "Data Sources (ODBC)". The "ODBC Data Source Administrator" dialog is opened. 2. Click "User DSN > Add". 5462 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 3. Select the "SQL-Server and click on "Finish". 4. In the dialog that follows, enter a name for the User DSN and the SQL-Server and click on "Next". 5. In the dialog that follows, define the logon procedure for the SQL database and click on "Next". 6. Activate "Change the default database to". 7. Select the database you have created and click on "Next". 8. In the dialog that follows, click "Finish". 12.3.3.8 Configuring a checksum for a log (Basic Panels, Panels, RT Advanced) Introduction In a regulated project, you have the option of assigning a checksum to the log data of an data log or alarm log. This checksum can be used during plant operation to determine if the data of this log has subsequently changed. Note Device dependency The "Checksum" option is only available for display and HMI devices which support "Configuration conforms to GMP". Requirements GMP compliant configuration is enabled. A data log or alarm log has been created. Procedure Proceed as follows to configure a data log or alarm log for the use of a checksum: 1. Open the data log or alarm log in the corresponding log editor. 2. In the "Storage location" box, select "File - CSV (ASCII)" or "File - TXT (Unicode)". WinCC Advanced V14 System Manual, 10/2016 5463 Visualizing processes 12.3 Working with alarms 3. Under "Properties > Properties > Logging method" in the Inspector window, select the option "Display system event at" or "Trigger event". 4. In the editor table, activate the option "Enable checksum". 5. In the editor table, activate the option "Enable logging at runtime start". Columns that are not displayed are activated with the shortcut menu of the column title. 6. Save the project. Result The log data of the log is assigned a checksum in runtime. See also Checksums for logs in regulated projects (Page 5466) 12.3.3.9 Evaluating the checksum of log data (Basic Panels, Panels, RT Advanced) Introduction If you have configured a data log or alarm log with generation of a checksum, you can check if the log data has subsequently changed. Note Device dependency The "Checksum" option is only available for display and HMI devices which support "Configuration conforms to GMP". The DOS program "HmiCheckLogIntegrity" is available for checking the integrity of the log data. 5464 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms The "HmiCheckLogIntegrity" program supports verification of the following files: Log files of alarm logs, data logs, and Audit in CSV format Log files of alarm logs, data logs, and Audit in TXT format Recipe data records in CSV format Recipe data records in TXT format You can find the "HmiCheckLogIntegrity.exe" program in the installation directory of WinCC under the folder "WinCC Runtime Advanced", for example <C:\Program Files\Siemens \Automation WinCC Runtime Advanced>. Note Audit Trail and Log with Checksum Before you update WinCC with a Service Pack or a new version, exit and save the Audit Trail or the logs using checksum. After WinCC is updated, the audit trail or logs will be continued with new files using checksum. Make sure that the logs are started at a defined state with the new version. Procedure 1. Copy the file to be checked from the HMI device to your configuration computer. 2. Open a command line prompt with "Start > Programs > Accessories > Command Prompt". 3. Enter the path to "HmiCheckLogIntegrity.exe" followed by a space in the command line prompt. After the space, enter the storage location of the file to be checked within quotation marks. WinCC Advanced V14 System Manual, 10/2016 5465 Visualizing processes 12.3 Working with alarms 4. Press <Enter>. 5. The check is performed. When the checked data are consistent, the "Consistency check succeeded" message appears. When the checked data are inconsistent, the "Consistency check failed" message appears. Information about the first inconsistent line in the file is also displayed. Note If there are spaces in the path to the "HmiCheckLogIntegrity.exe" program, you need to specify the path in quotation marks. You can also check the integrity of the log data with the AuditViewer. See also Checksums for logs in regulated projects (Page 5466) 12.3.3.10 Checksums for logs in regulated projects (Basic Panels, Panels, RT Advanced) Checksums in regulated projects With WinCC you configure regulated projects as required by FDA guidelines, if necessary. Use the "Audit" option to create regulated projects. 5466 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms In regulated projects you supply a checksum for the logged data of an alarm log. The operator will use this checksum during operation of the plant to see if the data of an alarm log have been changed. For the checksum to be clear, it starts with the first line of an alarm log and integrates the previous lines when continuously generating the checksum. This means a checksum can only be generated for the following logs: Log that sends a system alarm when it is full Log with execution of system functions when log is full. Generation of a checksum is also available for alarm logs that are saved as files of the "*.csv" or "*.txt" (Unicode) format. If you want to continue an existing log without checksum as one with checksum, a backup copy of the existing log is created in the "*.keep" file format. A new log with checksums is created. To maintain the validity of checksums, the following limitations apply when using the system function "CopyLog": You cannot copy a log without checksums into a log with checksums. You cannot copy a log with checksums into a log without checksums. See also Alarm Logging Basics (Page 5455) Configuring a checksum for a log (Page 5463) Evaluating the checksum of log data (Page 5464) 12.3.3.11 Log response to language switching in runtime (Basic Panels, Panels, RT Advanced) Introduction In the Runtime settings of your HMI device, select the language to be used for writing to logs in runtime. Requirement The languages used in your project are activated in the "Project languages" editor, for example, "German (Germany)" and "English (USA)" . Procedure To determine the startup language, follow these steps: 1. Select "Runtime settings > Language and fonts" in the project navigation. 2. Activate the runtime language, for example, "German (Germany)" and "English (USA)". WinCC Advanced V14 System Manual, 10/2016 5467 Visualizing processes 12.3 Working with alarms 3. Set the "Language switch order". Use 0 to determine the startup language, for example: - German 0. - English 1 With "0", German is specified as the "Startup language". 4. Select "Runtime settings > General" in the project navigation. 5. Select the "Logs > Logging language > Startup language". Result The project starts after it is transferred. German is specified as the "Startup language" with "Language switch order". The logs are now written in German. During runtime, the operator switches the runtime language to English. The logs will still to be written in German. The operator closes runtime. Due to the previously performed language switch, the next time the system starts the "startup language" is English. Since English is the startup language, the logs are now written in English. The logging language remains English even when the language is switched again in runtime until runtime is closed once again. If you use another option instead of "Startup language" to select the language, the logs are always written in the same language. This is true regardless of the language selected by the operator in runtime. See also Sending and automatically updating complete alarm from the controller to the HMI device (Page 5484) 12.3.3.12 Managing logging behavior when Runtime starts (Basic Panels, Panels, RT Advanced) Introduction When you configure a log, you define the restart characteristics of the log when Runtime is started. You define whether the logging should start when Runtime starts in the log properties. You can also define whether an existing log will be continued or overwritten. You define the restart characteristics separately for each log. Requirement You have created a log. The "Historical Data" editor is open. The Inspector window with the log properties is open. 5468 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Procedure To configure the restart characteristics of a data log, proceed as follows: 1. Select the log for which you want to define the restart characteristics in the "Historical Data" editor. 2. In the Inspector window select "Properties > Properties > Restart behavior". 3. If you want logging to start when Runtime starts, enable the "Enable logging at runtime start" option in the "Logging" area. You can also start logging in Runtime using the "StartLogging" system function, for example. 4. Select the restart behavior of the log in the "Log handling at restart" area. - The logged values are deleted and logging is started again with the option "Reset log". - The option "Append data to existing log" is used to append the values to be logged to the existing log. Alternatively you can configure the restart characteristics of a log directly in the "Historical Data" editor. To view hidden columns, activate the column titles using the shortcut menu. Result Logging will start in runtime according to your settings. 12.3.3.13 Controlling the Logging in relation to the Fill Level (Basic Panels, Panels, RT Advanced) Introduction The size of a log is determined by the number of entries. You use the logging method to determine how the log responds when it is full. Logging methods The following logging methods are available: Circular log When the configured log size has been reached, the oldest entries are deleted. When the configured log size has been reached, approximately 20% of the oldest entries are deleted. It is therefore not possible to display all the configured entries. During configuration, select an appropriate size for the circulation log. Alternatively, configure a segmented circular log. Segmented circular log In a segmented circular log, multiple log segments of the same size are filled in succession. When all logs are completely full, the oldest log is overwritten. WinCC Advanced V14 System Manual, 10/2016 5469 Visualizing processes 12.3 Working with alarms Log that sends a system alarm when it is full When a defined level is reached, such as 90 %, a system alarm is triggered. When the log is 100% full, new tag values are not logged. Log with level-dependent triggering of an event. When the log is completely full, the "Overflow" event is triggered. Configure a function list for the event that will be carried out when the "Overflow" event occurs. When the configured size of the log is reached, new tag values are not logged. The following system functions are available for further processing of full logs: For further details, refer to AUTOHOTSPOT. Requirement You have created a log. The "Historical Data" editor is open. The Inspector window with the log properties is open. Procedure 1. Select the log for which you want to define the logging method in the "Historical Data" editor. 2. Select "Properties > Properties > Logging method" in the Inspector window and select the required logging method. 3. If you have selected the "Segmented circular log" type, enter the number of log segments. If you selected a log with the "Display system alarm on" setting, specify the level as a percentage at which a system alarm is to be triggered. If you selected the "Trigger event" setting, configure the function list in the "Events" group. Alternatively you can configure the logging method directly in the "Historical Data" editor table. To view hidden columns, activate the column titles using the shortcut menu. The "Overflow" event is not available in the editor table. You must therefore configure the function list in the Inspector window. Result The selected log responds according to the settings in Runtime. 12.3.4 Using Alarms in Runtime 12.3.4.1 Alarms in Runtime (Basic Panels) Alarms Alarms indicate events and states on the HMI device which have occurred in the system, in the process or on the HMI device itself. A status is reported when it is received. 5470 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms An alarm could trigger one of the following alarm events: Incoming Outgoing Acknowledge Loop-in-alarm The configuration engineer defines which alarms must be acknowledged by the user. An alarm may contain the following information: Date Time Alarm text Location of fault Status Alarm class Alarm number Alarm group Alarm classes Alarms are assigned to various alarm classes. "Warnings" Alarms of this class usually indicate states of a plant such as "Motor switched on". Alarms in this class do not require acknowledgement. "Errors" Alarms in this class must always be acknowledged. Error alarms normally indicate critical errors within the plant such as "Motor temperature too high". "System" System alarms indicate states or events which occur on the HMI device. System alarms provide information on occurrences such as operator errors or communication faults. Custom alarm classes The properties of this alarm class must be defined in the configuration. Alarm buffer Alarm events are saved to an internal buffer. The size of this alarm buffer depends on the HMI device type. Alarm view The alarm view shows selected alarms or alarm events from the alarm buffer. Whether alarm events have to be acknowledged or not is specified in your configuration. WinCC Advanced V14 System Manual, 10/2016 5471 Visualizing processes 12.3 Working with alarms Alarm window The alarm window is not assigned to any screen. Depending on the configuration the alarm window is opened when an alarm that belongs to a specific alarm class is active. You can configure the order in which the alarms are displayed. You can choose to display the alarms in ascending or descending order of their occurrence. The alarm window can also be set to indicate the exact location of the fault, including the date and time of the alarm event. By means of configuration, the display can be filtered in such a way that only alarms that contain a specific character string will be shown. Alarm indicator The alarm indicator is a graphic symbol that is displayed on the screen when an alarm of the specified alarm class is activated. The alarm indicator can have one of two states: Flashing: At least one unacknowledged alarm is pending. Static: The alarms are acknowledged but at least one of them is not yet deactivated. The number indicates the number of queued alarms. 12.3.4.2 Alarms in Runtime (Panels, RT Advanced) Alarms Alarms indicate events and states on the HMI device which have occurred in the system, in the process or on the HMI device itself. A status is reported when it is received. An alarm could trigger one of the following alarm events: Incoming Outgoing Acknowledge The configuration engineer defines which alarms must be acknowledged by the user. An alarm may contain the following information: Date Time Alarm text Location of fault Status Alarm class Alarm number Alarm group 5472 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Alarm classes Alarms are assigned to various alarm classes. "Warnings" Alarms of this class usually indicate states of a plant such as "Motor switched on". Alarms in this alarm class do not require acknowledgment. "Errors" Alarms in this class must always be acknowledged. Error alarms normally indicate critical errors within the plant such as "Motor temperature too high". "System" System alarms indicate states or events which occur on the HMI device. System alarms provide information on occurrences such as operator errors or communication faults. "Diagnosis Events" SIMATIC diagnostic alarms show states and events in the SIMATIC S7 controller. "Safety Warnings" The "Safety Warnings" alarm class shows alarms for fail-safe operation. Users do not acknowledge alarms from this alarm class. STEP 7 alarm classes The alarm classes configured in STEP 7 are also available to the HMI device. Custom alarm classes The properties of this alarm class are defined in the configuration. Alarm buffer Alarm events are saved to an internal buffer. The size of this alarm buffer depends on the HMI device type. Alarm report When alarm logging is enabled in the project, alarms are output directly to the printer. You can set the logging function separately for each alarm. Printing of such an alarm is initiated when the "incoming" and "outgoing" alarm events are generated. The output of alarms of the "System" alarm class to a printer must be initiated by means of the corresponding alarm buffer. This outputs the content of the alarm buffer to the printer. To be able to initiate this print function, you need to configure an operating element in the project. Alarm log Alarm events are stored in an alarm log, provided this log file is configured. The capacity of the log file is limited by the storage medium and system limits. WinCC Advanced V14 System Manual, 10/2016 5473 Visualizing processes 12.3 Working with alarms Alarm view The alarm view shows selected alarms or events from the alarm buffer or alarm log. Whether alarm events have to be acknowledged or not is specified in your configuration. By means of configuration, the display can be filtered in such a way that only alarms that contain a specific character string in their alarm text are shown. Alarm window The alarm window is not assigned to any screen. Depending on the configuration the alarm window is opened when an alarm that belongs to a specific alarm class is active. Depending on the configuration, it is not closed until the alarm is acknowledged. You can configure the order in which the alarms are displayed. At the first position, the current, or the oldest alarm will be displayed. The alarm window can also be set to indicate the exact location of the fault, including the date and time of the alarm event. By means of configuration, the display can be filtered in such a way that only alarms that contain a specific character string in their alarm text are shown. Alarm indicator The alarm indicator is a graphic symbol that is displayed on the screen when an alarm of the specified alarm class is activated. The alarm indicator can have one of two states: Flashing: At least one unacknowledged alarm is pending. Static: The alarms are acknowledged but at least one of them is not yet deactivated. The number indicates the number of queued alarms. 12.3.4.3 Using the Alarm Window or Alarm View (Panels, RT Advanced) Alarm window, alarm view in Runtime (Panels, RT Advanced) Application Alarms are indicated in the alarm view or in the alarm window on the HMI device. The layout and operation of the alarm window correspond to that of the alarm view. The alarm window is not assigned to any screen. Depending on the configuration the alarm window is opened when an alarm that belongs to a specific alarm class is active. Depending on the configuration, it is not closed until the alarm is acknowledged. 5474 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Layout Depending on the configuration, in the alarm view different columns with information regarding an alarm or an alarm event are displayed. If a filter is configured, only alarms that contain a specific string in the alarm text will be displayed. To differentiate between the different alarm classes, the first column in the alarm view contains an icon: Symbol Alarm class ! "Errors" Empty "Warnings" depends on the configuration Custom alarm classes $ "System" S7 "Diagnosis Event" !! "Safety Warnings" Operation You use the alarm view as follows, depending on how it is configured: Change the order of the columns. Change the order in which the alarms are displayed. Acknowledging alarms Editing alarms Operator controls The buttons have the following functions: Button Function Displaying a tooltip for an alarm Loop-In-Alarm Changes to the screen that contains information about the error event Acknowledge alarm Operation behavior Linked alarm window for touch panels When configuring the alarm window for keyboard units, enable the "Connected" (modal) property under "Properties > Mode". This ensures that the alarm window does not defocus during screen changes. Switching back and forth between the screen and different windows with <Ctrl+TAB> is not supported. If the linked alarm window has the focus, then the buttons WinCC Advanced V14 System Manual, 10/2016 5475 Visualizing processes 12.3 Working with alarms in the screen behind it cannot be operated. The functions configured on a function key are carried out. Changing the order of the displayed alarms When you click on the column, first of all alarms requiring acknowledgment are sorted according to date and time. Then those alarms that do not require acknowledgment are sorted according to date and time. Using the Alarm Window, Alarm View (Panels, RT Advanced) Introduction As an alternative to using the mouse, you can operate the alarm view and the alarm window using the <TAB> key on your HMI device. This allows you to select the button and the most recently selected alarm in the alarm view. Depending on the configuration, you can also operate the alarm view via the function keys. Operation using the mouse 1. Select the alarm to be edited. 2. Click the button whose function you want to run. Operation using the keyboard 1. Press the <Tab> key until the list of displayed alarms is selected in the alarm view. 2. Click on the alarm to be edited. Use the <Up> and <Down> keys accordingly. 3. Press the <Tab> key until the button whose function you wish to use is selected. 4. Press <Enter>. Change the order of the columns 1. Select the column header, such as the "Date" column header. 2. While holding down the mouse button, drag the column header to the column header "Time". The "Date" column is in front of the "Time" column. Change the sorting You can sort the list according to date or time. 1. Click on the corresponding column header. The list is sorted in descending or ascending order according to this criterion. 2. Click the same column header again to reverse the sort order. 5476 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Acknowledge alarm 1. Click on the alarm to be edited. 2. Click the button. Loop-In-Alarm trigger 1. Click on the alarm to be edited. 2. Click the button. The screen containing information about the alarm is displayed. Note If you trigger a Loop-In-Alarm during an unacknowledged alarm, it is acknowledged automatically. Displaying configured tooltip 1. Click on the alarm concerned. 2. Click the button. The tooltip configured for the alarm is displayed. 12.3.4.4 Using the Simple Alarm Window, Alarm View Basic alarm view, alarm window in Runtime (Basic Panels, Panels, RT Advanced) Application The simple alarm view shows selected alarms or alarm events from the alarm buffer. The layout and operation of the simple alarm window correspond to that of the simple alarm view. Note The "Single alarm view" object is not assigned dynamic functions by means of scripting. In the Engineering System, for example, dynamize the visibility of an object in the "Animations" tab of the Inspector window. In Runtime, the "Simple alarm view" does not support animations. If you configured an animation and, for example, run a consistency check on the project, an error alarm is displayed in the output window. WinCC Advanced V14 System Manual, 10/2016 5477 Visualizing processes 12.3 Working with alarms Layout Depending on the configuration, in the alarm view different columns with information regarding an alarm or an alarm event are displayed. To differentiate between the different alarm classes, the first column in the alarm view contains an icon: Icon Alarm class ! "Errors" empty "Warnings" depends on the configuration Custom alarm classes $ "System" Operation You use the alarm view as follows, depending on how it is configured: Acknowledging alarms Editing alarms Control elements The buttons have the following functions: Button Function Acknowledge alarm Loop-In-Alarm Changes to the screen that contains information about the error event 5478 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Button Function Displaying a tooltip for an alarm Displays the full text of the selected alarm in a separate window, namely the alarm text window In the alarm text window, you can view alarm texts that exceed the space available in button. the Alarm view. Close the alarm text window with the Scrolls one alarm up. Scrolls one page up in the alarm view. Scrolls one page down in the alarm view. Scrolls one alarm down. Format of the control elements The display of the buttons for using the simple alarm view depends on the configured size. You should therefore check on the HMI device whether all the required buttons are available. Basic alarm view, using the alarm window (Basic Panels, Panels, RT Advanced) Introduction As an alternative to using the mouse, you can operate the simple alarm view using the <TAB> key on your HMI device. This allows you to select the button and the most recently selected alarm in the alarm view. Depending on the configuration, you can also operate the alarm view via the function keys. Operation using the mouse 1. Select the alarm to be edited. 2. Click the button whose function you want to run. Operation using the keyboard 1. Press the <Tab> key until the list of displayed alarms is selected in the alarm view. 2. Click on the alarm to be edited. Use the <Up> and <Down> keys accordingly. 3. Press the <Tab> key until the button whose function you wish to use is selected. 4. Press <Enter>. Acknowledge alarm 1. Select the alarm to be acknowledged. 2. Click the WinCC Advanced V14 System Manual, 10/2016 button. 5479 Visualizing processes 12.3 Working with alarms Loop-In-Alarm trigger 1. Select the alarm to be edited. 2. Click the button. The screen containing information about the alarm is displayed. Calling the infotext 1. Select the alarm to be edited. 2. Click the button. 3. To close the window for displaying the operator note, press the combination <Alt+F4>. 12.3.4.5 button or use the key Using the Alarm Indicator Alarm indicator in Runtime (Basic Panels, Panels, RT Advanced) Application The alarm indicator is displayed if alarms of the specified alarm class are pending or require acknowledgment. Layout The alarm indicator can have one of two states: Flashing: At least one unacknowledged alarm is pending. Static: The alarms are acknowledged but at least one of them is not yet deactivated. The number indicates the number of queued alarms. Operation Depending on the configuration, when operating the alarm indicator an alarm window is opened. The icons from the symbol library can only be operated with a mouse or touch screen. Note Device dependency Operation with mouse is not available for all HMI devices. 5480 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Operating the alarm indicator using the mouse (Panels, RT Advanced) Operation using the mouse 1. Click on the alarm indicator with the mouse pointer. Depending on the configuration, the Alarm window is open. 2. Click to close the alarm window. The Alarm window can be opened again by clicking on the alarm indicator. 12.3.4.6 Acknowledging alarms (Basic Panels, Panels, RT Advanced) Introduction You can acknowledge alarms in Runtime according to your project configuration settings. You can acknowledge alarms as follows: Using the display and control object buttons Using the "ACK" key on your HMI device Using individually-configured function keys or buttons If an operator authorization is configured for an individual control, the alarms can only be acknowledged by authorized users. To automatically acknowledge alarms in Runtime, use the system functions and scripts, plus the "Acknowledgment by the PLC" option. Note Device dependency Scripts are not available for all HMI devices. Acknowledgment variants You acknowledge individual alarms or multiple alarms together in Runtime. They are distinguished as follows: Single acknowledgment Acknowledgment of an alarm using a button or a function key. Acknowledge alarm groups Acknowledgment of all the alarms of an alarm group using a button or a function key. Requirement An alarm is displayed on the HMI device. WinCC Advanced V14 System Manual, 10/2016 5481 Visualizing processes 12.3 Working with alarms Procedure To acknowledge an alarm, proceed as follows: 1. Select the alarm. 2. If you are using an alarm view or an alarm window, click the button. 3. If you are using a simple alarm view or a simple alarm window, click the button. 4. Press the "ACK" button on your HMI device to acknowledge an alarm in an alarm line. Note Device dependency The extended alarm view or alarm window and the alarm line are not available for all HMI devices. Result The alarm status changes to "Acknowledged". If the condition for triggering an alarm no longer applies, the alarm status also changes to "Outgoing", and it is no longer displayed on the HMI device. 12.3.4.7 Filtering Alarms (Panels, RT Advanced) Introduction The alarm view in Runtime does not contain a control element for entering filter criteria. To provide this functionality, configure an I/O field using the "Screens" editor. Requirements A filter has been configured for the alarm view. An I/O field for entering the criterion is displayed. Alarms are displayed in Runtime. Enable filter 1. Enter the filter string in the I/O field. 2. Confirm your input. The alarm view displays only those alarms that are contained in the specified character string. Thereby this distinguishes between upper and lower case letters. Disable filter 1. Delete the string from the I/O field that is used to filter the alarm view. 2. Confirm your input. All alarms are displayed in the alarm view once more. 5482 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 12.3.5 Displaying security events 12.3.5.1 Displaying security events on the HMI device (Panels, RT Advanced, RT Professional) Introduction You can also view security events on the HMI device for existing alarms from WinCC. Security events are, for example, an attack on a device over the network or a change of the protection level for communication between the controller and the HMI device. Security events are detected by the controller and forwarded to the HMI devices. The security events are displayed in the alarm log on the HMI devices. A configuration or activation of the security events functionality is not necessary within the controller. Security events are automatically detected by the controller. Restrictions You can display security events from the following controllers on the HMI device: SIMATIC S7-1200 SIMATIC S7-1500 Note Device dependency The security events of controllers are not displayed on Basic Panels and Basic Panels 2nd Generation. Configuring the display of security events The following steps are required to display security events on the HMI device: Selection of controller alarms Creation of an alarm log for controller alarms For more detailed information about configuration, see:Configuring the display of security events (Page 5483) 12.3.5.2 Configuring the display of security events (Panels, RT Advanced, RT Professional) Requirements A HMI connection is established between the HMI device and PLC. WinCC Advanced V14 System Manual, 10/2016 5483 Visualizing processes 12.3 Working with alarms Procedure 1. Open the "Runtime settings" of the HMI device. 2. Enable the "Security events" function under "Alarms". Note The "Security events" function is deactivated by default and must be activated for each HMI connection. 3. Create a new alarm log in the "Log" editor under "Alarm logs". 4. Open an HMI screen. 5. Create an alarm view. Result The security events are displayed in the alarm log. See also Displaying security events on the HMI device (Page 5483) 12.3.6 Sending complete alarm from the controller to the HMI device 12.3.6.1 Sending and automatically updating complete alarm from the controller to the HMI device (Panels, RT Advanced) Basics In addition to alarms in WinCC, you can configure controller alarms in STEP 7 and show them on your HMI device. When controller alarms are configured in STEP 7, a connection to an S7-1500 controller is established, and controller alarms are currently pending, the controller alarms are automatically updated and sent to the HMI devices after alarm changes (e.g. change of the alarm text). This will save you time because you do not have to load configuration changes of the alarms to the HMI device separately. The HMI device does not need to exit Runtime operation when the alarms are changed. The following controller alarms can be sent to the HMI device: System diagnostics ProDiag alarms Program alarms The controller alarms can be sent completely to the HMI devices with device version V14 if the corresponding settings are configured in the controller and on the HMI device. The option "Automatic update" must be activated on the HMI device for the respective connection under 5484 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms "Runtime settings Alarms > Controller alarms". For additional information on the settings, refer to Configuring automatic update of controller alarms on the HMI device (Page 5486). Device dependency The controller alarms of the following controller are sent automatically and completely to the HMI device when they occur: SIMATIC S7-1500 (firmware version 2.0 and higher) Basic Panels and Basic Panels 2nd Generation do not support controller alarms. For Basic Panels and Basic Panels 2nd Generation as well as HMI devices with a device version before V14, configuration changes of the alarms must be loaded to the controller and the HMI device. When "Automatic update" is deactivated in the HMI device, configuration changes of the alarms must be loaded to the controller and the HMI device. Note When upgrading a project to the TIA Portal version V14, the transfer of controller alarms to the HMI device is deactivated under the "Runtime settings" of the HMI device because the connection between the HMI device and the respective controller was created in an older TIA Portal version. Language settings For alarms to be displayed in the correct language on the HMI device, the same three languages or fewer must be configured for the alarms in the controller and on the HMI device. You may have to coordinate the language selection with the configuration engineer. If different languages are configured on the HMI device and in the controller, the HMI device shows the text "###Text missing###" rather than the controller alarms during operation. Note If you want to use more than three languages simultaneously on the HMI device, you must deactivate the option for automatic update of the controller alarms. Otherwise, "##Text missing##" is displayed instead of the controller alarms for the fourth and any additional language. Special considerations for Asian fonts When using Asian languages, only the Asian characters that were used in configuring the HMI device are loaded to the HMI device during the transfer. If the texts are sent directly from the controller to the HMI device, you may encounter display problems. You can load the complete Asian font to the HMI device in these cases. For more information, refer to Loading Asian fonts to the HMI device (Page 6377). WinCC Advanced V14 System Manual, 10/2016 5485 Visualizing processes 12.3 Working with alarms Notes and rules Modified texts that you load to the controller are displayed immediately on the HMI device when the controller alarm has already been triggered. The following applies to alarms that are displayed in the alarm log: - The alarm log includes alarms in the set language. This language is set during configuration of the HMI device under "Runtime settings > General > Logs > Logging language". Regardless of whether you set a specific language for logging of the controller alarms in the alarm log or select the default language, the respective language must also be activated in the controller. When you specify startup language, this can lead to mixed languages in the alarm log in conjunction with the "Automatic update" option. Additional information on language selection of the log in Runtime is available at Log response to language switching in runtime (Page 5467). - The check box "Log event text and error location" must be selected for the respective alarm log under "Properties > Properties > Logging method" so that the logged controller alarms are displayed in the alarm view or in the alarm window. See also Editing controller alarms (Page 5429) PLC alarms (Page 5401) 12.3.6.2 Configuring automatic update of controller alarms on the HMI device (Panels, RT Advanced, RT Professional) Introduction The option "Automatic update" is selected by default for all connections between the S7-1500 controllers (firmware version 2.0) and the HMI devices with the device version V14. If the connection between an HMI device and an S7-1500 controller was created in a TIA Portal version before V14, the option "Automatic update" is deactivated even after upgrading the project to version V14. You can configure automatic updating of the controller alarms later for this connection. Requirements There is an HMI connection between the HMI device and an S7-1500 controller (firmware version 2.0 or later) or a compatible device (for example, WinAC 1500). Controller and HMI device have at least version 14 or later. "Central alarm management" is activated in the controller (automatic updating was activated for the controller). Controller alarms were configured in STEP 7. An alarm view or an alarm window was configured on the HMI device. 5486 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms The alarm classes associated with the controller alarms are selected in the alarm view or in the alarm window. The same three languages (or fewer) are configured in the controller and on the HMI device for alarms. Procedure 1. Open the "Runtime settings" of the HMI device. One or more connections to controllers are displayed under "Alarms > Controller alarms". 2. Activate the "Automatic update" option for the respective connection for which you want to display the controller alarms. The "Automatic update" function must be activated separately for each connection. Note If the languages configured for the controller differ from those for the HMI device, the alarms cannot be displayed in Runtime. Instead, the alarm "##Text missing##" is displayed. Note If you want to use more than three languages simultaneously on the HMI device, you must deactivate the "Automatic update" option. Otherwise, the alarm "##Text missing##" is displayed instead of the controller alarms for the fourth and any additional language. Result In Runtime, the controller alarms are displayed in the alarm view. See also Sending and automatically updating complete alarm from the controller to the HMI device (Page 5484) WinCC Advanced V14 System Manual, 10/2016 5487 Visualizing processes 12.3 Working with alarms 12.3.7 Reference 12.3.7.1 System functions for alarms System functions System functions are predefined functions you can use to implement many tasks in runtime, even with no programming knowledge. You use system functions in a function list or in a script. Note Device dependency Scripts are not available for all HMI devices. The table shows all the system functions available for displaying and editing alarms. 5488 System function Effect EditAlarm Triggers the Loop-In-Alarm event for the selected alarm or for the last selected alarm in case of mul tiple selection. ClearAlarmBuffer Deletes alarms from the alarm buffer on the HMI device. ClearAlarmBufferProtoolLegacy Function such as "ClearAlarmBuffer". This system function has been retained to ensure compatibility and uses the old ProTool numbering. AlarmViewUpdate Updates the alarm view. AlarmViewEditAlarm Triggers the event Loop-In-Alarm for all alarms se lected in the specified alarm view. AlarmViewAcknowledgeAlarm Acknowledges the alarms that are selected in the specified alarm view. AlarmViewShowOperatorNotes Displays the configured tooltip for the alarm selec ted in the specified alarm view. AcknowledgeAlarm Acknowledges all selected alarms. SetAlarmReportMode Switches the automatic reporting of alarms on the printer on or off. ShowAlarmWindow Hides or shows the alarm window on the HMI de vice. ShowSystemEvent Displays the value of the delivered parameter as a system event on the HMI device. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Note Device dependency The following system functions are not available for all HMI devices: SetAlarmReportMode AlarmViewUpdate ShowSystemEvent 12.3.7.2 Alarm events (Basic Panels, Panels, RT Advanced) Alarm events and their display and control objects In Runtime, the following alarm events are triggered by their display and control objects. You can configure a function list for every event. Object Configurable events Alarms Incoming Outgoing Acknowledge Loop-In-Alarm Alarm view Enabling Disable Selection changed Alarm indicator Click Click when flashing Note Device dependency The following events in the alarm view are not available for all HMI devices: Enabling Disable Selection changed Click Click when flashing WinCC Advanced V14 System Manual, 10/2016 5489 Visualizing processes 12.3 Working with alarms 12.3.7.3 System functions for logs (Panels, RT Advanced, RT Professional) System functions The following system functions are available for logging: 12.3.7.4 Function name Function method ArchiveLogFile This function moves or copies a log to another storage location for longterm archiving. Use the system function, for example, to move the audit trail from a local storage medium to the server. When handling audit trails, always use the "Move log (hmiMove)" mode in order to avoid noncompliance with FDA guidelines as a result of redundant data storage. LogTag Saves the value of the given tags in the given data log. Use the system function to log a process values at a specific time. StartLogging Starts the logging process in the specified log. You can interrupt logging in Runtime by calling the "StopLogging" system function. StopLogging Stops the logging process in the specified log. To resume logging in Run time, select the "StartLogging" system function. ClearLog Deletes all entries in the specified log. StartNextLog Stops the logging process in the specified log. Logging is continued in the sequential log that has been configured for the specified log file. CloseAllLogs Closes all logs. The connection between WinCC and the log files or log database is terminated. You can use this system function, for example, to enable hot-swapping of the storage medium on the HMI device without exiting the Runtime software. OpenAllLogs Opens all logs to resume logging. The connection between WinCC and the log files or log database is recovered. CopyLog Copies the contents of the specified log to another log. Structure of *.csv files that contain alarms (Panels, RT Advanced, RT Professional) Introduction You can save an alarm log as a file in "*.csv" format. CSV stands for Comma Separated Value. In this format, the table columns that contain the names and the value of the entry are separated by semicolons. Each table row terminates with a line break. Example of a log file in *.csv format This example shows a file with logged alarms: "Time_ms";"MsgProc";"StateAfter";"MsgClass";"MsgNumber";"Var1";...;"Var8";"TimeString";" MsgText";"PLC"37986550590,27;1;1;3;110001;"";...;"";"30.06.99 13:12:51";"Change to operating mode 'online'";37986550682,87;1;1;3;140010;"";...;"";"30.06.99 13:12:59";"Connection established: PLC_1, Station 2, Rack 0, Position 2"; 5490 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Structure of a log file in *.csv format The following values are entered in the log file columns: Parameters WinCC Advanced V14 System Manual, 10/2016 Description Time_ms Specify a time stamp as a decimal value ( see below for conversion) Msg_Proc Alarm procedures: 0 = Unknown alarm procedure 1 = System event 2 = Alarm bit procedure (operating alarms) 3 = Alarm number procedure ALARM_S 4 = Diagnostic event 7 = Analog alarm procedure 100 = Alarm bit procedure (fault alarms) State after Alarm event: 0 = Incoming/Outgoing 1 = Incoming 2 = Incoming/Acknowledged/Outgoing 3 = Incoming/Acknowledged 4 = All alarms in the PLC were deleted with SFC106 or after PLC STOP/RUN an alarm is pending 6 = Incoming/Outgoing/Acknowledged Msg_Class Alarm class: 0 = No alarm class 1 = "Errors" 2 = "Warnings" 3 = "System" 4 = "Diagnostic Events" 64 ... = user-configured alarm classes Msg Number Alarm number Var1 to Var8 Value of the trigger tag as a STRING Time string Time stamp, as STRING in legible data format Msg text Alarm in a readable STRING PLC Alarm localization (relevant PLC) 5491 Visualizing processes 12.3 Working with alarms Conversion of the time stamp decimal value To further process the time stamp value using a different program, proceed as follows: 1. Divide Time_ms by 1,000,000. Example: 37986476928 : 1,000,000 = 37986.476928 2. The whole number portion (37986) is the date calculated from 12/31/1899. In Excel you can now convert the time stamp into days. To do this, assign to the cell that contains the time stamp, a respective format form the "Date" group. Result: 37986 results in 12/31/2003 3. The value after the point (0.476928) indicates the time: - Multiply the value (0.476928) by 24 to obtain the hours (11.446272). - Multiply the remainder (0.446272) by 60 results in the minutes (26.77632). - Multiply the remainder (0.77632) by 60 results in the seconds (46.5792). Result 11:26:46.579 This conversion is supported by Microsoft Excel, for example. 12.3.7.5 System events Basics on system events (Basic Panels, Panels, RT Advanced) System events System events on the HMI device provide information about internal states of the HMI device and PLC. The following overview illustrates when a system event occurs and how to eliminate the cause of error. Note HMI device dependency Some of the system events described in this section apply to the individual HMI devices based on their scope of functions. Note System events are output in an alarm view. System events are output in the language currently set on your HMI device. The time format (AM/PM or 24-hour format) is based on the selected language. If there is no translation of the alarm texts in this language, English or Russian is selected as a replacement language and displays the appropriate time format. 5492 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms System event parameters System events may contain encrypted parameters. The parameters are of relevance when troubleshooting because they provide a reference to the source code of the Runtime software. These parameters are output after the "Error code:" 9999 - Global alarm (Panels, RT Advanced) Meaning of the system event The most important system events are listed below. Table 12-2 9999 - Global alarm Number Effect/cause Remedy 9999 The system start was interrupted. Check the power supply and cable connections. Check the following: Check the system settings. Line voltage Check the configurations and conversions. Cable connections If the error occurs repeatedly, contact the hotline! System settings Configurations Conversions 10000 - Printer alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-3 10000 - Printer alarms Number Effect/cause Solution 10000 The print job could not be started or was canceled due to an unknown error. Faulty printer setup. Or: No authorization is available for accessing the net work printer. The power supply was interrupted during data trans fer. Check the printer settings, cable connections and the power supply. Set up the printer once again. Obtain a network printer authorization. If the error persists, contact the hotline! 10001 No printer is installed or a default printer has not been set up. Install a printer and/or select it as the default printer. 10002 The buffer for printing graphics is full. Up to two graphics are buffered. Allow more time between print jobs. 10003 Graphics can now be buffered again. -- 10004 The buffer for printing lines in text mode (e.g. alarms) Allow more time between print jobs. is full. Up to 1000 lines are buffered. WinCC Advanced V14 System Manual, 10/2016 5493 Visualizing processes 12.3 Working with alarms Number Effect/cause Solution 10005 Text lines can now be buffered again. -- 10006 The Windows printing system reports an error. Refer to the output text and the error ID to determine the possible causes. Nothing is printed or the printing is incorrect. If necessary, repeat the action. 20000 - Global script alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. The system events are divided into different ranges. Table 12-4 20000 - Global script alarms Number Effect/causes 20010 An error has occurred in the specified script line. Ex Select the specified script line in the configuration. En ecution of the script was therefore aborted. Note the sure that the tags used are of the allowed types. For system event that may have occurred prior to this. system functions, verify the correct number of parame ters and the parameter types. 20011 An error has occurred in a script that was called by the specified script. Execution of the script was therefore aborted in the called script. Note the system event that may have occurred prior to this. In the configuration, select the script that has been called directly or indirectly by the specified script. Ensure that the tags used are of the allowed types. For system functions, verify the correct number of pa rameters and the parameter types. 20012 Inconsistent configuration data. The script could therefore not be generated. Recompile the configuration data. 20013 Incorrect installation of the scripting component of WinCC Runtime. Therefore, no scripts can be exe cuted. Reinstall WinCC Runtime on your PC. Recompile your project using the "Compile > Software (rebuild all)" command from the context-sensitive menu and then download the project to the HMI device. 20014 The system function returns a value that is not writ ten in any return tag. Select the specified script in the configuration. Check whether the script name has been assigned a value. 20015 Too many successive scripts have been triggered in Check what is triggering the scripts. Extend the times, short intervals. When more than 20 scripts are e.g. the acquisition cycle of the tag initiating the script. queued for processing, any subsequent scripts are rejected. In this case, the script indicated in the alarm is not executed. 5494 Solution WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 30000 - Alarms errors when using system functions (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. The system events are divided into different ranges. Table 12-5 30000 - Alarms errors when using system functions Number Effect/causes Remedy 30010 The tag could not accept the function result, e.g. when it has exceeded the value range. Check the tag types of the system function parameters. 30011 A system function could not be executed because the function was assigned an invalid value or type in the parameter. Check the parameter value and tag type of the invalid parameter. If a tag is used as a parameter, check its value. 30012 A system function could not be executed because the function was assigned an invalid value or type in the parameter. Check the parameter value and tag type of the invalid parameter. If a tag is used as a parameter, check its value. 40000 - Linear scaling alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. The system events are divided into different ranges. Table 12-6 40000 - Linear scaling alarms Number Effect/causes Remedy 40010 The system function could not be executed since the parameters could not be converted to a common tag type. Check the parameter types in the configuration. 40011 The system function could not be executed since the parameters could not be converted to a common tag type. Check the parameter types in the configuration. WinCC Advanced V14 System Manual, 10/2016 5495 Visualizing processes 12.3 Working with alarms 50000 - Data server alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. The system events are divided into different ranges. Table 12-7 50000 - Data server alarms Number Effect/causes Remedy 50000 The HMI device is receiving data faster than it is ca -pable of processing. Therefore, no further data is accepted until all current data have been processed. Data exchange then resumes. 50001 Data exchange has been resumed. -- 60000 - Win32 function alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-8 60000 - Win32 function alarms Number Effect/causes 60000 This alarm is generated by the "ShowSystemEvent" -system function. The text to be displayed is transfer red to the function as a parameter. 60010 The file could not be copied in the direction defined because one of the two files is currently open or the source/target path is not available. It is possible that the Windows user has no access rights to one of the two files. Restart the system function or check the paths of the source/target files. Under Windows: Users executing WinCC Runtime must be granted access to the files. 60011 An attempt was made to copy a file to itself. It is possible that the Windows user has no access rights to one of the two files. Check the path of the source/target file. In Windows with NTFS: Users executing WinCC Run time must be granted access to the files. 5496 Solution WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 70000 - Win32 function alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-9 70000 - Win32 function alarms Number Effect/causes Remedy 70010 The application could not be started because it could Check whether the application exists in the specified not be found in the path specified or there is insuffi path or close other applications. cient memory space. 70011 The system time could not be modified. The error message only appears in connection with area pointer "Date/time PLC". Possible causes: Check the time that is to be set. Under Windows: Users running WinCC Runtime must be granted the right to set the system time of the oper An invalid time was transferred in the job mailbox. ating system. The Windows user has no right to modify the system time. If the first parameter in the system event is displayed with the value 13, the second parameter indicates the byte containing the incorrect value. 70012 Error when executing the system function "StopRun Close all programs currently running. time" with the "Runtime and operating system" op Now close Windows. tion. Windows and WinCC Runtime are not closed. The error may have been generated because other programs cannot be closed. 70013 The system time could not be modified because an Check the time which is to be set. invalid value was entered. An incorrect delimiter may have been used. 70014 The system time could not be modified. Possible causes: An invalid time was transferred. The Windows user has no right to modify the system time. Check the time that is to be set. Under Windows: Users running WinCC Runtime must be granted the right to set the system time of the oper ating system. Windows rejects the setting request. 70015 The system time could not be read because Win dows rejects the reading function. -- 70016 An attempt was made to select a screen by means of a system function or job. This is not possible be cause the configured screen number does not exist. Or: A screen could not be generated due to insuffi cient system memory. Check the screen number in the system function or job against the screen numbers configured. Assign the number to a screen if necessary. Or: The screen is blocked. Check the details for the screen call and whether the screen is blocked for specific users. Or: Screen call has not been executed correctly. 70017 Date/time is not read from the area pointer because the address set in the PLC is either not available or has not been set up. Change the address or set up the address in the PLC. 70018 Acknowledgment that the password list has been successfully imported. -- WinCC Advanced V14 System Manual, 10/2016 5497 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 70019 Acknowledgment that the password list has been successfully exported. -- 70020 Acknowledgment for activation of alarm reporting. -- 70021 Acknowledgment for deactivation of alarm reporting. -- 70022 Acknowledgment to starting the Import Password List action. -- 70023 Acknowledgment to starting the Export Password List action. -- 70024 The tag value range was exceeded during system function execution. No calculation of the system function. Check and correct the calculation. 70025 The tag value range was exceeded during system function execution. No calculation of the system function. Check and correct the calculation. 70026 No other screens are stored in the internal screen memory. No other screens can be selected. -- 70027 The backup of the RAM file system has been started. -- 70028 RAM file system backup is complete. The files from the RAM have been copied to the Flash memory. Following a restart, these saved files are copied back to the RAM file system. -- 70029 Backup of the RAM file system has failed. No backup copy of the RAM file system has been made. Check the settings in the "Control Panel > OP" dialog and save the RAM file system using the "Save Files" button in the "Persistent Storage" tab. 70030 The parameters configured for the system function Compare the parameters configured for the system are faulty. function with the parameters configured for the PLCs The connection to the new PLC was not established. and correct them as necessary. 70031 The PLC configured in the system function is not an Compare the S7 PLC name parameter configured for S7 PLC. the system function with the parameters configured for The connection to the new PLC has not been estab the PLC and correct them as necessary. lished. 70032 The object configured with this number in the tab sequence is not available in the selected screen. The screen changes but the focus is set to the first object. 70033 An e-mail could not be sent because a TCP/IP con Check the network connection to the SMTP server and nection to the SMTP server no longer exists. re-establish it if necessary. This system event is only generated at the first failed attempt. All subsequent unsuccessful attempts to send an e-mail will no longer generate a system event. The event is only generated again if an e-mail has been successfully sent in the meantime. The central e-mail component in WinCC Runtime attempts to connect to the SMTP server at regular intervals (1 minute) in order to transmit the remaining e-mails. 70034 Following a disruption, the TCP/IP connection to the SMTP server was successfully re-established. The queued e-mails are then sent. 5498 Check the number of the tab sequence and correct it if necessary. -- WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 70036 No SMTP server for sending e-mails is configured. An attempt to connect to an SMTP server therefore fails and it is not possible to send e-mails. WinCC Runtime generates the system event at the first attempt to send an e-mail. Configure an SMTP server: 70037 An e-mail could not be sent for unknown reasons. The contents of the e-mail are discarded. Check the e-mail parameters (recipient etc.). 70038 The SMTP server has rejected the sending or for warding of an e-mail because the domain of the re cipient is unknown to the server or because the SMTP server requires authentication. The contents of the e-mail are discarded. Check the domain of the recipient address or disable the authentication on the SMTP server if possible. SMTP authentication is currently not used in WinCC Runtime. 70039 The syntax of the e-mail address is incorrect or con Check the e-mail address of the recipient. tains invalid characters. The contents of the e-mail are discarded. 70040 The syntax of the e-mail address is incorrect or con -tains illegal characters. 70041 The import of the user management has been abor Check your user administration or download it again to ted due to an error. the panel. Nothing has been imported. 70042 The range of values of the tag was exceeded while executing the system function. In the WinCC Engineering System using "Device settings > Device settings" In the Windows CE operating system using "Control Panel > Internet Settings > E-mail > SMTP Server" Check and correct the calculation. The system function was not calculated. 70043 The range of values of the tag was exceeded while executing the system function. Check and correct the calculation. The system function was not calculated. 70044 An error occurred while sending the e-mails. The e- Check the SMTP settings and the error message in the mails were not sent. system event. 70045 Cannot load a file required for encrypting the e-mail. Update the operating system and Runtime. 70046 The server does not support encryption. 70047 The SSL versions of the HMI device and SMTP serv Contact your network administrator or the operator of er may not be compatible. the SMTP server. Select an SMTP server that supports encryption. 80000 - Log alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-10 80000 - Log alarms Number Effect/causes 80001 The log specified is filled to the size defined (in per You swap out the file or table by executing a `move' or cent) and must be stored elsewhere. `copy' function. 80002 A line is missing in the specified log. WinCC Advanced V14 System Manual, 10/2016 Remedy -- 5499 Visualizing processes 12.3 Working with alarms Number Effect/causes 80003 The copying process for logging was not successful. -In this case, it is advisable to check any subsequent system events, too. 80006 Since logging is not possible, this causes a perma nent loss of the functionality. 80009 A copying action has been completed successfully. -- 80010 An incorrect storage location was entered in WinCC and causes permanent loss of functionality. Configure the storage location for the respective log again and restart the system when the full functionality is required. 80012 Log entries are stored in a buffer. If the values are read to the buffer faster than they can be physically written (using a hard disk, for example), overloading may occur and recording is then stopped. Archive fewer values. Or: Increase the logging cycle. 80013 The overload status no longer exists. Archiving re sumes the recording of all values. -- 80014 The same action was triggered twice in quick suc cession. Since the process is already in operation, the action is only carried out once. -- 80015 This system event is used to report DOS or database -errors to the user. 80016 The logs are separated by system function "Close AllLogs" and the incoming entries exceed the de fined buffer size. All buffer entries are deleted. 80017 The number of incoming entries cause a buffer over Stop the copy action. flow. This can be caused, for example, by several copying actions being activated at the same time. All copy jobs in the buffer are deleted. 80019 The connection between WinCC and all log files was shut down, for example, after execution of the "CloseAllLogs" system function. Entries are written to the buffer and written to the logs when the connection is recovered. There is no connection to the storage location and the storage medium can be changed. 80020 The maximum number of simultaneously copy oper Wait until the current copying actions have been com ations has been exceeded. Copying is not executed. pleted, then restart the last copy action. 80021 An attempt was made to delete a log which is still Wait until the current copying actions have been com busy with a copy action. Deletion has not been exe pleted, then restart the last action. cuted. 80022 An attempt was made to use system function "Start In the project, check SequenceLog" to start a sequence log for a log whether the "StartSequenceLog" system function which is not configured as sequence log. No se was properly configured. quence log file is created. if the tag parameters are properly provided with data on the HMI device. 5500 Remedy In the case of databases, check whether the correspond ing data source exists and start up the system again. Reconnect the logs. -- WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 80023 An attempt was made to copy a log to itself. The log is not copied. In the project, check whether the "CopyLog" system function was properly configured. if the tag parameters are properly provided with data on the HMI device. 80024 In your configuration, you specified that the "Copy Log" system function should not allow copying if the destination log already contains data ("Mode" pa rameter). The log is not copied. Edit the "CopyLog" system function in your configura tion, if necessary. Before you initiate the system func tion, delete the destination log file. 80025 You have canceled the copy operation. Data written up to this point are retained. The target log file (if configured) was not deleted. The cancellation is reported by an error entry $RT_ERR$ at the end of the target log. -- 80026 This alarm is output after all logs are initialized. Val -ues are written to the logs from then on. No entries are written to the logs before this time has expired, irrespective of the active state of WinCC Runtime. 80027 The internal Flash memory has been specified as Configure "Storage Card" or network path as the storage the storage location for a log. This is not permissible. location. No values are written to this log and the log file is not created. 80028 The alarm serves as status report indicating that the logs are currently being initialized. No values are logged until the alarm 80026 is output. 80029 The number of logs specified in the alarm could not Evaluate the additional system events related to this be initialized. Initialization of logs was finished. alarm. Check the configuration, the ODBC (Open Data The faulty log files are not available for logging jobs. base Connectivity), and the specified drive. 80030 The structure of the existing log file does not match the expected structure. Logging is stopped for this log. Delete the existing log data manually, in advance. 80031 The log in CSV format is corrupted. The log cannot be used. Delete the faulty file. 80032 Logs can be configured with events. These are trig gered as soon as the log is full. Assuming WinCC Runtime is started and the log is already full, the event would never be triggered. The specified log is full and no longer accepts data. Close WinCC Runtime, delete the log, and restart WinCC Runtime. Or: Configure a button which contains the same actions as the event and press it. 80033 "System Defined" is set in the data log file as the data source name. This causes an error. No data is written to the database logs, whereas the logging to the CSV logs works. Reinstall SQL Sever 2005 Express. 80034 An error has occurred in the initialization of the logs. An attempt has been made to create the tables as a backup. This action was successful. A backup copy of the tables of the corrupted log file was generated and the cleared log restarted. No action is necessary. However, it is recommended to save the backup files or delete them in order to make the space available again. 80035 An error has occurred in the initialization of the logs. An attempt has been made to create backups of the tables and this has failed. No logging or backup has been performed. It is recommended to save the backups or to delete them in order to release memory. WinCC Advanced V14 System Manual, 10/2016 -- 5501 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 80044 The export of a log was interrupted because Run time was closed or due to a power failure. At the restart of Runtime, it was detected that the export must be resumed. The export resumes automatically. 80045 The export of a log was interrupted due to an error The export is repeated automatically. Check: in the connection to the server or at the server itself. The connection to the server. If the server is running. If there is enough free space on the server. 80046 The destination file or the associated directory could not be created on the server. Check whether there is enough space on the server and it you have permission to create the log file. 80047 The log could not be read while exporting it. Check whether the storage medium is correctly inserted. 80049 The log could not be renamed while preparing to export it. The job can not be completed." Check whether the storage medium is correctly inserted and if there is sufficient space on the medium. 80050 The log which shall be exported is not closed. The job can not be completed. Make sure to call the "CloseAllLogs" system function before using the "ExportLog" system function. Change the configuration as required. 80051 The log to be copied contains an invalid checksum. The log was not copied. Select a log with a valid checksum. The selected log may have been manipulated. 80052 The log cannot be read. Check the log and the specified path. 80053 The closed log cannot be read. Open the log. 90000 - FDA alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-11 90000 - FDA alarms Number Effect/causes Solution 90024 No operator actions can be logged due to lack of space on the storage medium for log. The operator action will therefore not be executed. Provide more storage space by inserting a blank storage medium, or backup the log files to the server using the "ExportLog" function. 90025 No user actions can be logged because of error state of the archive. Therefore the user action will not be executed. Check whether the storage medium is correctly inserted. 90026 No operator actions can be logged because the log is closed. The operator action will therefore not be executed. Before further operator actions are carried out, the log must be reopened with the help of system function "OpenAllLogs". Change the configuration as required. 90028 The password you entered is incorrect. Enter the correct password. 5502 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes 90029 Runtime was closed during ongoing operation (per Ensure that you are using the correct storage medium. haps due to a power failure) or a storage medium in use is incompatible with Audit Trail. An Audit Trail is not suitable if it belongs to another project or has already been logged. Solution It could also be that archiving was not stopped be fore automatic execution of the "CloseAllArchives" function was started (e.g. by the task scheduler). 90030 Runtime was closed during ongoing operation (per -haps due to a power failure). 90031 Runtime was closed during ongoing operation (per -haps due to a power failure). 90032 Running out of space on the storage medium for log. Provide more storage space by inserting a blank storage medium, or backup the log files to the server using the "ExportLog" function. 90033 No more space on the storage medium for log. As of now, no more operator actions requiring logging will be executed. 90039 You do not have the necessary authorization to per Adapt or upgrade your authorizations. form this action. 90040 Audit Trail is switched off because of a forced user action. 90041 A user action which has to be logged has been exe A user action requiring logging should only be possible cuted without a logged on user. with permission. Change the configuration by setting a required authorization for the input object. 90044 A user action which has to be confirmed was Repeat the user action if necessary. blocked, because there is another user action pend ing. 90048 The Audit Trail cannot be printed while data rele vant to the audit is being logged. Stop logging by calling system function "StopLogging". 90049 Access to required file is not possible. Check the network connection or the storage medium. 90056 The recipe was not imported because the file con tains no checksum. Select a file with a checksum. The recipe was not imported because the file con tains an invalid checksum. The selected file may have been manipulated. Select a file with a valid checksum. 90057 WinCC Advanced V14 System Manual, 10/2016 Provide more storage space by inserting a blank storage medium, or backup the log files to the server using the "ExportLog" function. Reactivate the "Audit Trail" with the help of system func tion "StartLog". You can also disable checksum verification by calling system function "ImportDataRecords". 5503 Visualizing processes 12.3 Working with alarms 110000 - Offline function alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-12 110000 - Offline function alarms Number Effect/causes Remedy 110000 The operating mode was changed. "Offline" mode is now set. -- 110001 The operating mode was changed. "Online" mode is now set. -- 110002 The operating mode was not changed. Check the connection to the PLCs. Check whether the address range for the "Coordination" area pointer is present in the PLC. 110003 The operating mode of the specified PLC was -changed by the "SetConnectionMode" system func tion. The "offline" operating mode is now set. 110004 The operating mode of the specified PLC was -changed by the "SetConnectionMode" system func tion. The "online" operating mode is now set. 110005 An attempt was made to use the "SetConnection Switch the complete system to "online" mode and repeat Mode" system function to set the specified PLC to execution of the system function. "online" mode, although the entire system is in "off line" mode. This changeover is not allowed. The PLC remains in "offline" mode. 110006 The content of the "project ID" area pointer does not match the project ID configured in WinCC. The WinCC Runtime is therefore terminated. Check: the project ID entered on the PLC. the project ID entered in WinCC. 120000 - Trend alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-13 120000 - Trend alarms Number Effect/causes Remedy 120000 The trend is not displayed because you configured an incorrect axis to the trend or an incorrect trend. Change the configuration. 120001 The trend is not displayed because you configured an incorrect axis to the trend or an incorrect trend. Change the configuration. 120002 The trend is not displayed because the tag assigned attempts to access an invalid PLC address. Check whether the data area for the tag is available on the PLC, whether the configured address is correct, or whether the value range for the tag is correct. 5504 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 130000 - System information alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-14 130000 - System information alarms Number Effect/causes Solution 130000 The action was not executed. Close all other programs. Delete files no longer required from the hard disk. 130001 The action was not executed. Delete files no longer required from the hard disk. 130002 The action was not executed. Close all other programs. 130003 No data medium found. The operation is canceled. Delete files no longer required from the hard disk. Check the following conditions, for example: Access to the correct data carrier? Is a data carrier inserted? 130004 The data carrier is write-protected. The operation is canceled. Check whether the correct data medium is being ac cessed. Remove the write-protection if necessary. 130005 The file is read only. The operation is canceled. Check whether the correct file is being accessed. Change the file attributes. 130006 No access to the file. The operation is canceled. Check the following conditions, for example: Is the correct file being accessed? Does the file exist? Is another action preventing concurrent access to the file? 130007 The network connection is interrupted. Records cannot be saved or read via the network connection. 130008 No storage card available. Check the network connection and eliminate the cause of error. Insert the storage card. The specified records cannot be saved to or read from Storage Card. 130009 The specified folder does not exist on the storage card. Insert the storage card. The files stored in this directory are not backed up after switching off the HMI device. 130010 The maximum nesting depth can be exhausted when, for example, value changes in a script initiate the call of an infinite number of further scripts. Check the configuration. The configured functionality is not provided. 130013 No storage card available. Insert the storage card. The specified records cannot be saved to or read from Storage Card. WinCC Advanced V14 System Manual, 10/2016 5505 Visualizing processes 12.3 Working with alarms 140000 - Connection alarms: Connection + device (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-15 140000 - Connection alarms: Connection + device Number Effect/causes Remedy 140000 An online connection to the PLC is established. -- 140001 The online connection to the PLC was shut down. -- 140003 No tag update or write operations are executed. Check whether the connection is up and the PLC is switched on. In the Control Panel, check the set parameters using the "Set PG/PC interface" function. Restart the system. 140004 No tag update or write operations are executed due to an incorrect access point, or incorrect module configuration. Check the connection and whether the PLC is switched on. Check the access point or the module configuration (MPI, PPI, PROFIBUS) in the Control Panel with "Set PG/ PC interface". Restart the system. 140005 No tag update or write operations are executed due to an incorrect HMI device address (possibly too high). Use a different address for the HMI device. Check the connection and whether the PLC is switched on. Check the parameters set in the "Set PG/PC interface" dialog of the Control Panel. Restart the system. 140006 No tag update or write operations are executed due to an incorrect baud rate setting. Select a different baud rate in WinCC (according to mod ule, profile, communication peer, etc.). 140007 An incorrect bus profile prevents tag updates or write operations (see %1). The following parameters cannot be written to the registry database: 1: Tslot 2: Tqui 3: Tset 4: MinTsdr 5: MaxTsdr 6: Trdy 7: Tid1 8: Tid2 9: Gap factor 10: Retry limit Check the custom bus profile. Check the connection and whether the PLC is switched on. Check the parameters set in the "Set PG/PC interface" dialog of the Control Panel. Restart the system. 5506 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 140008 An incorrect baud rate prevents tag updates or write operations. The following parameters cannot be en tered in the registry database. 0: general error 1: incorrect version 2: Profile cannot be entered in the registry database. 3: Subnet type cannot be entered in the registry database. 4: Target rotation time cannot be entered in the registry database. 5: Highest address (HSA) is incorrect. Check whether the connection is up and the PLC is switched on. In the Control Panel, check the set parameters using the "Set PG/PC interface" function. Restart the system. 140009 No tag updates or write operations because the S7 communication module was not found. To reinstall the module, open the Control Panel and se lect "Set PG/PC interface". 140010 No S7 communication partner found because the PLC is shut down. DP/T: The option "PG/PC is the only master" is not set in the Control Panel under "Set PG/PC interface". Switch on the PLC. DP/T: If only one master is connected to the network, disable "PG/PC is the only master" in "Set PG/PC interface". If several masters are connected to the network, enable these. Do not change any settings, for this will cause bus errors. 140011 No tag updates or write operations because com munication is down. Check the connection and whether the communication partner is switched on. 140012 Initialization error (e.g. if WinCC Runtime was closed in Task Manager). Or: Another application (e.g. STEP 7) with different bus parameters is active and the driver cannot be star ted with the new bus parameters (baud rate, for ex ample). Restart the HMI device. Or: Start WinCC Runtime and then start your other applica tions. 140013 The MPI cable is disconnected and, therefore, there is no power supply. Check the connections. 140014 The configured bus address is in use by another application. Change the HMI device address in the PLC configura tion. 140015 Incorrect baud rate Correct the parameters. Or: Incorrect bus parameters (e.g. HSA) Or: OP address > HSA or: Incorrect interrupt vector (in terrupt not registered by the driver) 140016 The hardware does not support the configured in terrupt. Change the interrupt number. 140017 The set interrupt is in use by another driver. Change the interrupt number. 140018 SIMOTION Scout disabled the consistency check. Only a corresponding note appears. In SIMOTION Scout, reactivate the consistency check and once again download the project to the PLC. 140019 SIMOTION Scout is downloading a new project to the PLC. Connection to the PLC is canceled. Wait until the end of the reconfiguration. 140020 Mismatch of the PLC and project (FWX file) ver sions. The connection to the PLC is canceled. The following remedies are available: Download the current version to the PLC using SIMO TION Scout. Recompile the project using WinCC ES, close WinCC Runtime, and restart with the new configuration. WinCC Advanced V14 System Manual, 10/2016 5507 Visualizing processes 12.3 Working with alarms Number Effect/causes 140021 Setup of the connection to the PLC failed. Incorrect Select the "Access password" area in the "Connections" configuration of the "Access password" for the con editor to check the password entered for the connection nection to the PLC. to the PLC. Remedy Assign the correct password. The "Password" for the connection to the PLC is as signed in the "Security" area of the PLC properties. 140022 Setup of the connection to the PLC failed. Incorrect configuration of the access password for the connection to the PLC. 140023 140025 Error during time synchronization: Unable to read system time of PLC %1. Setup of the connection to the PLC failed. Select the "Access password" area in the "Connections" editor to check the password entered for the connection to the PLC. The "Password" for the connection to the PLC is as signed in the "Security" area of the PLC properties. Check whether the PLC is switched on. Select the "Access password" area in the "Connections" editor to check the password entered for the connection to the PLC. Enable the access password in the PLC display. The access password of the PLC is disabled in the PLC display. 160000 - Connection alarms: OPC: Connection (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-16 160000 - Connection alarms: OPC: Connection Number Effect/causes Solution 160000 No more data is read or written. Possible causes: Check whether the cable is plugged in and the PLC is OK, and whether the correct port is used. The cable connection is interrupted. The PLC does not respond or has failed, etc. Restart the system if the system event persists. The wrong port is used for the connection. System overload 160001 The connection is recovered because the cause of the interruption has been eliminated. -- 160010 No connection to the server because the server ID (CLS-ID) cannot be determined. Check access rights. Values cannot be read or written. 160011 No connection to the server because the server ID (CLS-ID) cannot be determined. Check the following conditions, for example: Values cannot be read or written. Correct station name? Correct server name? Is the server registered? 5508 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 160012 No connection to the server because the server ID (CLS-ID) cannot be determined. Check the following conditions, for example: Values cannot be read or written. Correct station name? Correct server name? Is the server registered? Note for advanced users: Interpret the value from HRESULT. 160013 The specified server was started as InProc server. This has not been released and may lead to unde fined behavior because the server is running in the same process area as WinCC Runtime. Configure the server as OutProc Server or Local Server. 160014 Only one OPC server project can be started on a PC/MP. An alarm is output after an attempt was made to start a second project. Do not start a second project with OPC server function ality on the computer. The second project has no OPC server functionality and cannot be located as an OPC server by external sources. 170000 - S7 dialog alarms (Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-17 170000 - S7 dialog alarms Number Effect/causes Solution 170000 S7 diagnostics events are not displayed because it is not possible to log on to the S7 diagnostics at this device. The service is not supported. -- 170001 The S7 diagnostics buffer cannot be viewed be cause communication with the PLC is shut down. Set the PLC to online mode. 170002 The S7 diagnostics buffer cannot be viewed be cause reading of the diagnostics buffer (SSL) was canceled with an error. -- 170003 An S7 diagnostic alarm cannot be visualized. The system returns internal error %2. -- 170004 An S7 diagnostic alarm cannot be visualized. The system returns an internal error of error class %2, error number %3. -- 170007 It is not possible to read the S7 diagnostics buffer (SSL) because this operation was canceled with an internal error of class %2 and error code %3. -- WinCC Advanced V14 System Manual, 10/2016 5509 Visualizing processes 12.3 Working with alarms 180000 - General alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-18 180000 - General alarms Number Effect/causes Solution 180000 A component/OCX received configuration data with a version ID which is not supported. Install a newer component. 180001 System overload because too many actions are run Several remedies are available: ning in parallel. Certain actions can be executed, Generate alarms at a slower rate (polling). while others are discarded. Initiate scripts and functions at greater intervals. If the alarm appears more frequently: Restart the HMI device. 180002 The screen keyboard could not be activated. Possi Reinstall WinCC Runtime. ble causes: "TouchInputPC.exe" was not registered due to faul ty Setup. Note Alarms without additional information Alarm 180003 is not described since the alarm text contains all the necessary information. 190000 - Tag alarms (Basic Panels, Panels, RT Advanced) Meaning of the system events The most important system events are listed below. Table 12-19 190000 - Tag alarms Number Effect/causes Remedy 190000 It is possible that the tag is not updated. -- 190001 The tag is updated after the cause of the last error -state has been eliminated (recovery of normal oper ation). 190002 The tag is not updated because communication with the PLC is down. 190004 The tag is not updated because the address config Check the configuration. ured for this tag does not exist. 190005 The tag is not updated because the configured PLC type does not exist for this tag. Check the configuration. 190006 The tag is not updated because it is not possible to map the PLC type in the data type of the tag. Check the configuration. 5510 Select system function "SetOnline" to enable communi cation. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 190007 The tag value is not modified because the connec tion to the PLC is interrupted or the tag is offline. Set online mode or reconnect to the PLC. 190008 The configured tag limits were violated due to one of the following events: Observe the configured or current tag limits. Value input System function Script 190009 An attempt was made to assign this tag a value that Observe the range of values for the data type of the tags. is outside the valid range of values for this data type. For example, input of the value 260 for a byte tag, or input of the value -3 for an unsigned word tag. 190010 190011 The rate at which values are written to the tag is too high (e.g. initiated in a script loop). Values will be lost because buffer capacity is limited to 100 operations. The following remedies are available: Extend the interval between multiple write actions. Do not use an array tag longer than 6 words when configuring an acknowledgment on the HMI device using "HMI acknowledgment tag". Possible cause 1: The value entered could not be written to the con figured PLC tag because the high or low limit was exceeded. Note that the value entered must be within the range of values of the control tag. The system discarded the entry and restored the original value. Possible cause 2: The connection to the PLC was interrupted. 190012 It is not possible to convert a value from a source format to a target format, for example: Check the connection to the PLC. Check the range of values, or the data type of the tag. An attempt is being made to write a counter value that is outside the valid, PLC-specific range of val ues. A tag of the type Integer should be assigned a value of the type string. 190013 You entered a string that exceeds the tag length. The string is truncated automatically to a valid length. WinCC Advanced V14 System Manual, 10/2016 Always enter strings that do not exceed the valid tag length. 5511 Visualizing processes 12.3 Working with alarms 190100 - Area pointer alarms (Basic Panels, Panels, RT Advanced) 190100 - Area pointer alarms The most important system events are listed below. Number Effect/causes Remedy 190100 The area pointer is not updated because the ad dress configured for this pointer does not exist. Type 1 Warnings 2 Errors 3 PLC acknowledgment 4 HMI device acknowledgment 5 LED image 6 Trend request 7 Trend transfer 1 8 Trend transfer 2 No.: Consecutive number displayed in WinCC ES. Check the configuration. 190101 The area pointer is not updated because it is not possible to map the PLC type to the area pointer type. Parameter type and no.: see alarm 190100 -- 190102 The area pointer is updated after the cause of the last error state has been eliminated (recovery of normal operation). Parameter type and no.: See alarm 190100. -- 200000 - PLC coordination alarms (Basic Panels, Panels, RT Advanced) 200000 - PLC coordination alarms The most important system events are listed below. Number Effect/causes Remedy 200000 Coordination is not executed because the address configured in the PLC does not exist/is not set. Change the address or set up the address in the PLC. 200001 Coordination is canceled because the write access Change the address or set the address in the PLC at an to the address configured in the PLC is not possible. area which allows write access. 200002 Coordination is not carried out at the moment be cause the address format of the area pointer does not match the internal storage format. 200003 Coordination can be executed again because the -last error state is eliminated (return to normal oper ation). 5512 Internal error WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Remedy 200004 The coordination may not be executed. -- 200005 No more data is read or written. Possible causes: Ensure that the cable is plugged in and the PLC is op erational. Restart the system if the system event persists. The cable connection is interrupted. The PLC does not respond or has failed, etc. System overload 200100 - Area pointer alarms project ID (Basic Panels, Panels, RT Advanced) 200100 - Area pointer alarms project ID The most important system events are listed below. Number Effect/causes Remedy 200101 The project ID of the area pointer cannot be de Check the configuration. scribed. No entry possible. 200102 Error in the type conversion. Check the type conversion. 200103 The project ID of the area pointer is updated as the cause of the last error state has been elimi nated (recovery of normal operation). -- 200104 Unknown error Check the Configuration HMI tags HMI alarms System alarms Controller alarms If the error occurs repeatedly, contact the hotline! 200105 The online connection to the PLC was interrup ted. The connection is interrupted. Check the following conditions, for example Are the access correct? Correct server name? Correct station name? Is the server registered? Is the configuration correct? WinCC Advanced V14 System Manual, 10/2016 5513 Visualizing processes 12.3 Working with alarms 210000 - PLC job alarms (Basic Panels, Panels, RT Advanced) 210000 - PLC job alarms The most important system events are listed below. Number Effect/causes Remedy 210000 Jobs are not processed because the configured address does not exist/has not been set up in the PLC. Change the address or set up the address in the PLC. 210001 Jobs are not processed because read/write ac cess to the configured address is not possible in the PLC. Change the address, or set up the address in a PLC area at which read/write access is possible. 210002 Jobs are not executed because the address for Internal error mat of the area pointer does not match the inter nal storage format. 210003 The job buffer is processed again because the last error status has been eliminated (recovery of normal operation). -- 210004 The job buffer is possibly not going to be pro cessed. -- 210005 A job mailbox with invalid number was initiated. Check the PLC program. 210006 An error occurred while executing the job mail box. As a result, the control job is not executed. Observe the next/previous system event. Check the parameters of the control job. Recompile the configuration data. 220000 - WinCC communication driver alarms (Basic Panels, Panels, RT Advanced) 220000 - WinCC communication driver alarms The most important system events are listed below. Number Effect/causes Remedy 220001 The tag is not downloaded because write access to data type Bool/Bit is not supported by the sublevel communication driver/HMI device. Change the configuration. 220002 The tag is not downloaded because write access Change the configuration. to data type Byte is not supported by the suble vel communication driver/HMI device. 220003 The communications driver could not be loaded. The driver might not be installed. Install the driver by reinstalling WinCC Runtime. 220004 Communication is down and no update data is transferred because the cable is not connected or defective etc. Check the connection. 220005 Communication is up. -- 220006 The connection between the specified PLC and the specified port is active. -- 5514 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes 220007 The connection to the specified PLC is interrup Check the following: ted at the specified port. Is the cable plugged in? Remedy Is the PLC OK? Is the right port being used? Is your configuration OK (port parameters, protocol settings, PLC address)? Restart the system if the system event persists. 220008 The communication driver cannot access or open the specified port. This port might be in use by another application, or a port that does not exist on the target device is being used. Close all applications that access the port and restart the computer. Use another port that exists in the system. No communication with the PLC. 220009 The communication path is either empty, incom Enter the communication path in the correct format. plete or has an invalid format. 230000 - Screen object alarms (Basic Panels, Panels, RT Advanced) 230000 - Screen object alarms The most important system events are listed below. Number Effect/causes Solution 230000 The value entered could not be used. The system Enter a practical value, or delete a user that is no discards this entry and restores the previous val longer required. ue. Possible causes: The range of values is exceeded. You entered invalid characters The valid maximum number of users has been exceeded. 230002 The user currently logged on does not have the necessary authorization, so the system discards the entry and restores the previous value. Log on as user with appropriate authorization. 230003 Change to the specified screen failed because this screen is not available/configured. The cur rent screen remains selected. Configure the screen and check the selection func tion. 230005 The range of values of the tag has been excee ded in the I/O field. The original tag value is retained. Observe the range of values for the tag when enter ing a value. 230100 During navigation in the Web browser, the sys tem returned a message which may be of interest to the user. The Web browser continues to run but may not (fully) show the new page. Navigate to another page. WinCC Advanced V14 System Manual, 10/2016 5515 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 230200 The HTTP channel connection was interrupted due to an error. This error is explained in detail by another system event. Data is no longer exchanged. Check the network connection. Check the server configuration. 230201 The HTTP channel connection is set up. Data is exchanged. -- 230202 WININET.DLL has detected an error. Usually, this error occurs if it is not possible to connect to the server, or the server denies a connection be cause the client lacks proper authorization. An unknown server certificate may also be the cause if the connection is encrypted by means of SSL. The alarm text provides details. This text is always in the language of the Win dows installation because it is returned by the Windows OS. Process values are no longer exchanged. The part of the alarm returned by the Windows OS might not be displayed, e.g. "An error has occurred". WININET.DLL returns the following error: Number: 12055 Text:HTTP: <no error text available>." Depending on the cause: When an attempt to connect fails, or a timeout occurs: Check the network connection and the network. Check the server address. Check whether the WebServer is actually running on the target station. Incorrect authorization: The configured user name and/or password do not match the entries on the server. Set consistent data. If the server certificate is rejected: Certificate signed by an unknown CA ( ): Ignore this point, or install a certificate that has been signed with one of the root certificates known to the client station. The date of the certificate is invalid: Ignore this point, or install a certificate with valid date on the server. Invalid CN (Common Name or Computer Name): Ignore this point, or install a certificate with a name that corresponds to the server address. 230203 Although a connection can be made to the serv er, the HTTP server refused to connect. Possible causes: WinCC Runtime does not run on the server On 503 Service unavailable error: Check whether WinCC Runtime is running on the server and whether the HTTP channel is supported. The HTTP channel is not supported (503 Service unavailable). Other errors can only occur if the Webserver does not support the HTTP channel. The lan guage of the alarm text depends on the Webserv er. Data is not exchanged. 230301 Internal error. An English text explains the error -in more detail. The error may be caused by insuf ficient memory. OCX does not work. 230302 The name of the remote server cannot be re solved. An attempt to connect has failed. 5516 Check the configured server address. Check whether the DNS service is available on the network. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 230303 The remote server is not running on the ad dressed computer. incorrect server address. An attempt to connect has failed. Check the configured server address. Check whether the remote server is running on the target computer. 230304 The remote server on the addressed computer is incompatible with VNCOCX. An attempt to connect failed. Use a compatible remote server. 230305 Authentication has failed due to incorrect pass word. An attempt to connect failed. Configure the correct password. 230306 Error in the connection to the remote server. This may occur as a result of network problems. An attempt to connect failed. Check whether the network cable is plugged in, or whether there are network problems. 230307 The connection to the remote server was shut down. Possible causes: -- The remote server was shut down The user instructed the server to close all connections. The connection is cancelled. 230308 This alarm provides information on the connec tion status. An attempt is made to connect. -- Note Alarms without additional information Alarms 230400-230409 and 230500-230501 are not described since the alarm text contains all the necessary information. 240000 - Authorization alarms (Panels, RT Advanced) 240000 - Authorization alarms The most important system events are listed below. Number Effect/causes Solution 240000 WinCC Runtime is running in demo mode. You have no authorization, or your authorization is corrupted. Install the authorization. 240001 WinCC Runtime is running in demo mode. You configured too many tags for the installed version. Load an adequate authorization / powerpack. 240002 WinCC Runtime is running with time-limited emergency authorization. Restore the full authorization. WinCC Advanced V14 System Manual, 10/2016 5517 Visualizing processes 12.3 Working with alarms Number Effect/causes 240004 Error when reading the emergency authorization. Restart WinCC Runtime. Install or repair the authori WinCC Runtime is running in demo mode. zation (see Commissioning Instructions for Software Protection). Solution 240005 Automation License Manager has detected an internal system error. Possible causes: Restart the HMI device/PC. If this procedure does not solve the problem, remove and then reinstall Automa tion License Manager. Corrupted file Faulty installation No free memory space for Automation License Manager, or similar. 250000 - S7 Status/Force alarms (Panels, RT Advanced) 250000 - S7 Status/Force alarms The most important system events are listed below. Number Effect/causes Solution 250000 The tag in the specified line in "Status Force" is not updated because the address configured for this tag is not available. Check the set address and then verify that the ad dress is set up in the PLC. 250001 The tag in the specified line in "Status Force" is not updated because the PLC type configured for this tag does not exist. Check the set address. 250002 The tag in the specified line in "Status Force" is not updated because it is not possible to map the PLC type in the tag type. Check the set address. 250003 An attempt to connect to the PLC failed. The tags Check the connection to the PLC. Check that the PLC are not updated. is switched on and is online. 260000 - Password system alarms (Basic Panels, Panels, RT Advanced) 260000 - Password system alarms The most important system events are listed below. Number Effect/causes Solution 260000 An unknown user or an unknown password has been entered in the system. The current user is logged off from the system. Log on to the system as a user with a valid password. 260001 The logged in user does not have sufficient au thorization to execute the protected functions on the system. Log on to the system as a user with sufficient author ization. 260002 This alarm output when the "TrackUserChange" system function is triggered. -- 260003 The user has logged off from the system. -- 5518 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 260004 The user name entered into the user view al ready exists in the user management. Select another user name because user names have to be unique in the user management. 260005 The entry is discarded. Enter a shorter user name. 260006 The entry is discarded. Use a shorter or longer password. 260007 The logoff time entered is outside the valid range Enter a logon timeout value between 0 and 60 mi from 0 to 60 minutes. nutes. The new value entered is discarded and the orig inal value is retained. 260008 An attempt was made in WinCC to read a PTProRun.pwl file created with ProTool V 6.0. Reading of the file was canceled due to incom patibility of the format. -- 260009 You have attempted to delete the user "Admin istrator" or "PLC User". These users are fixed components of the user management and can not be deleted. If you need to delete a user, because perhaps you have exceeded the maximum number permitted, de lete another user. 260012 The password entries in the "Change Password" You have to log on to the system again. Then enter dialog and in the confirmation field do not match. the identical password twice to be able to change the The password is not changed. User will be log password. ged off. 260013 The password entered in the "Change Pass word" dialog is invalid because it is already in use. The password is not changed. User will be log ged off. You have to log on to the system again. Then enter a new password that has not been used before. 260014 You have tried to log on with an incorrect pass word three times in a row. You will be locked out and assigned to group no. 0. You can log on to the system with your correct pass word. Only an administrator can change the assign ment to a group. 260024 The password you entered does not meet the necessary security guidelines. Enter a password that contains at least one number. 260025 The password you entered does not meet the necessary security guidelines. Enter a password that comprises at least three char acters. 260026 The password you entered does not meet the necessary security guidelines. Enter a password that contains at least one special character. 260028 Upon system start-up, an attempt to log on, or Check the connection to the SIMATIC Logon Server when trying to change the password of a SIMAT and its configuration; for example: IC log-on user, the system attempts to access 1. Port number the SIMATIC Logon Server. 2. IP address If attempting to log on, the new user is not logged 3. Server name in. If a different user was logged on before, then 4. Functional transfer cable. this user is logged off. Or use a local user. 260030 The SIMATIC Logon user could not change his password on the SIMATIC Logon Server. The new password is possibly noncompliant with password rules set on the server, or the user is not authorized to change his password. Log in again and choose a different password. Check the password rules on the SIMATIC Logon Server. The old password remains and the user is log ged off. WinCC Advanced V14 System Manual, 10/2016 5519 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 260033 The action change password or log on user could not be carried out. Check the connection to the SIMATIC Logon Server and its configuration; for example: 1. Port number 2. IP address 3. Server name 4. Functional transfer cable Or use a local user. 260034 The last logon operation has not yet ended. A user action or a logon dialog can therefore not be called. Wait until the logon operation is complete. The logon dialog is not opened. The user action is not executed. 260035 The last attempt to change the password was not completed. A user action or a logon dialog can therefore not be called. Wait until the procedure is complete. The logon dialog is not opened. The user action is not executed. 260036 There are insufficient licenses on the SIMATIC Logon Sever. The logon is not authorized. Check the licensing on the SIMATIC Logon Server. 260037 There is no license on the SIMATIC Logon Sev Check the licensing on the SIMATIC Logon Server. er. A logon is not possible. It is not possible to log on via the SIMATIC Logon Server, only via a local user. 260040 The system attempts to access the SIMATIC Check connection to the domain and its configuration Logon Server upon system start-up or when try in the Runtime security settings editor. ing to change the password. Or use a local user. If attempting to log on, the new user is not logged in. If a different user was logged on before, then this user is logged off. 260043 It was not possible to log the user on to the SI MATIC Logon Server. The user name or the password could be incorrect or the user does not have sufficient rights to log on. Try again. If necessary, check the password data on the SIMATIC Logon Server. The new user is not logged in. If a different user was logged on before, then this user is logged off. 260044 It was not possible to log the user on to the SI Check the user data on the SIMATIC Logon Server. MATIC Logon Server as his account is blocked. The new user is not logged in. If a different user was logged on before, then this user is logged off. 260045 The SIMATIC Logon user is not associated to any or several groups. The new user is not logged in. If a different user was logged on before, then this user is logged off. 5520 Check user data on the SIMATIC Logon Server and the configuration in your WinCC project. A user may only be assigned to one group. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Note Alarms without additional information Alarms 260010, 260011, 260015-260023, 260029, 260031, 260032, 260038, 260039, 260041, 260042 and 260048 are not described since the alarm text contains all the necessary information. 270000 - System alarms (Basic Panels, Panels, RT Advanced) 270000 - System Alarms The most important system events are listed below. Number Effect/causes Remedy 270000 The alarm does not indicate the tag because it is accessing an invalid address in the PLC. Check whether the data area for the tag exists on the PLC, whether the configured address is correct, and whether the value range for the tag is correct. 270001 There is a device-specific limit as to how many -alarms may be queued for viewing (see the op erating instructions). This limit has been excee ded. The view no longer contains all the alarms. However, all alarms are written to the alarm buf fer. 270002 The view shows alarms of a log for which there is no data in the current project. Placeholders are output for the alarms. 270003 The service cannot be set up because too many Reduce the number of HMI devices which want to use devices want to access this service. the service. A maximum of four devices can execute this ac tion. 270004 Access to the persistent alarm buffer is not pos If the problems persist at the next restart, contact Cus sible. Alarms cannot be restored or backed up. tomer Support (delete Flash). 270005 Persistent alarm buffer corrupted: Alarms cannot If the problems persist at the next restart, contact Cus be restored. tomer Support (delete Flash). 270006 Project modified: Alarms cannot be restored from the persistent alarm buffer. The project was compiled and downloaded again to the HMI device. The error should no longer occur at the next restart of the HMI device. 270007 A configuration problem is preventing you from the restoring the data (e.g. a DLL was deleted, or unknown directory). Update the operating system and download your project again to the HMI device. WinCC Advanced V14 System Manual, 10/2016 Delete old log data, if necessary. 5521 Visualizing processes 12.3 Working with alarms 280000 - Alarms SIMATIC 505 DP Communication Driver (CSP) Alarms SIMATIC 505 DP Communication Driver (CSP) The most important system events are listed below. Number Effect/causes Solution 280000 The connection between the controller and port is active. -- 280001 The connection to the PLC at the port is inter rupted. Check the following: Is the cable plugged in? Is the controller active? Is the correct port being used? Is the configuration OK? 280002 The parameters of the controller are correct, the XSUB and .REC files are available. -- 280003 The parameters of the controller are correct, the XSUB and .REC files are not available. Download the XSUB and .REC files to the controller. The controller is in STOP mode. Verify that the controller is in STOP mode. The communication cable between HMI device and controller is disconnected. Check the following: 280004 The controller is in STOP mode. The communication cable between operating unit and controller Mode of the controller (Run/STOP) 290000 - Recipe system alarms (Basic Panels, Panels, RT Advanced) 290000 - Recipe system alarms The most important system events are listed below. Number Effect/causes Solution 290000 The recipe tag could not be read or written. It is assigned the start value. The alarm can be entered in the alarm buffer for up to four more faulty tags. After that, alarm 290003 is output. Check the configuration to see whether the address has been set up in the PLC. 290001 An attempt was made to assign the recipe tag a value that is outside the valid range of values for this type. The alarm can be entered in the alarm buffer for up to four more faulty tags if necessary. After that, alarm 290004 is output. Observe the range of values for the tag type. 290002 It is not possible to convert a value from a source format to a target format. The alarm can be entered in the alarm buffer for up to four more faulty recipe tags if necessary. After that, alarm 290005 is output. Check the range of values or type of the tag. 5522 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes 290003 This alarm is output after alarm 290000 was trig Check the configuration to see whether the tag ad gered more than five times. dresses have been set up in the PLC. In this case, no further separate alarms are gen erated. Solution 290004 This alarm is output after alarm 290001 was trig Observe the range of values for the tag type. gered more than five times. In this case, no further separate alarms are gen erated. 290005 This alarm is output after alarm 290002 was trig Check the range of values or type of the tag. gered more than five times. In this case, no further separate alarms are gen erated. 290006 The limits configured for the tag have been ex ceeded by the values entered. 290007 There is a difference between the source and Remove the specified recipe tag in the specified rec target structure in the recipe currently being pro ipe from your configuration. cessed. The source structure contains an addi tional recipe tag that is not available in the target structure and cannot be assigned. The value is discarded. 290008 There is a difference between the source and Insert the specified recipe tag into the source struc target structure in the recipe currently being pro ture. cessed. The target structure contains an addi tional recipe tag that is not available in the source structure. The recipe tag specified is assigned its start val ue. 290010 The storage location configured for the recipe is invalid. Possible causes: Invalid characters, write protection, data carrier out of space or not available. Check the configured storage location. 290011 A data record of the specified number does not exist. Check the source for the number (constant or tag val ue). 290012 A recipe of the specified number does not exist. Check the source for the number (constant or tag val ue). 290013 An attempt was made to save a data record un The following remedies are available: der a data record number that already exists. Check the source for the number (constant or tag The operation is not executed. value). Observe the configured or current tag limits. First, delete the data record. Modify the "Overwrite" function parameter. 290014 The specified import file was not found. Check the following: The file name Ensure that the file is in the specified directory. 290020 Check back to verify that the download of data -records from the HMI device to the PLC has star ted. 290021 Check back to verify that the download of re -cords from the HMI device to the PLC was com pleted. WinCC Advanced V14 System Manual, 10/2016 5523 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 290022 Check back to indicate that the download of data records from the HMI device to the PLC was canceled due to an error. Check the following conditions in the configuration: Are the tag addresses configured in the PLC? Does the recipe number exist? Does the data record number exist? Is the "Overwrite" function parameter set? 290023 Check back to verify that the download of data -records from the PLC to the HMI device has star ted. 290024 Check back to verify that the download of data records from the PLC to the HMI device was completed. --- 290025 Check back to indicate that the download of data records from the PLC to the HMI device was canceled due to an error. Check the following conditions in the configuration: Are the tag addresses configured in the PLC? Does the recipe number exist? Does the data record number exist? Is the "Overwrite" function parameter set? 290026 An attempt was made to read/write a data record that is not free at present. This error can occur if recipes were configured for download with synchronization. 290027 Unable to connect to the PLC at present. As a Check the connection to the PLC. result, the data record cannot be read or written. Possible causes: No hardware connection to the PLC (no cable plugged in, cable is defect), or the PLC is switch ed off. 290030 This alarm is output after you selected screen Reload the data record from the storage location, or which contains a recipe view in which a data re retain the current values. cord is already selected. 290031 While saving, it was detected that a data record with the specified number already exists. Overwrite the data record, or cancel the action. 290032 During the export of data records, a file with the specified name was found. Overwrite the file, or cancel the process. 290033 Confirmation prompt before deleting data re cords. -- 290040 A data record error with error code %1 that can not be described in more detail occurred. The action is canceled. It is possible that the mailbox was not installed correctly on the PLC. Check the storage location, the data record, the "Data record" area pointer, and the connection to the PLC. Restart the action after a short waiting time. If the error persists, contact Customer Support. For ward the relevant error code to Customer Support. 290041 A data record or file cannot be saved because the storage location is out of sufficient space. Delete files no longer required. 290042 An attempt was made to execute several recipe actions simultaneously. The last action is not executed. Retrigger the action after a short waiting time. 290043 Confirmation prompt before saving data records. -- 290044 The database for the recipe was corrupted and will be deleted. 5524 Set the mailbox status to zero. -- WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms Number Effect/causes Solution 290050 A check back indicates that the export of data records was started. -- 290051 A check back indicates successful completion of the export of data records. -- 290052 A check back indicates that the export of data records was canceled due to an error. Ensure that the structure of the data records at the storage location and the current recipe structure on the HMI device are identical. 290053 A check back indicates that the import of records was started. -- 290054 A check back indicates successful completion of the import of data records. -- 290055 A check back indicates that the import of data records was canceled due to an error. Ensure that the structure of the data records at the storage location and the current recipe structure on the HMI device are identical. 290056 Error when reading/writing the value in the speci Check the specified row/column. fied row/column. The action was canceled. 290057 The tags of the recipe specified were toggled -from "offline" to "online" mode. Each change of a tag in this recipe is now imme diately transferred to the PLC. 290058 The tags of the specified recipe were toggled -from "online" to "offline" mode. Modifications to tags in this recipe are no longer immediately transferred to the PLC but must be transferred there explicitly by downloading a da ta record. 290059 A check back indicates that the specified record was successfully saved. -- 290060 A check back indicates that the specified data record memory was cleared. -- 290061 A check back indicates that deletion of the data record memory was canceled due to an error. -- 290062 The data record number exceeds the maximum of 65536. This data record cannot be created. Select another number. 290063 This occurs when you execute system function "ExportDataRecords" while the "Overwrite" pa rameter is set to "No". An attempt was made to save a recipe under a file name that already exists. The export is canceled. Check the parameters of the "ExportDataRecords" system function. 290064 A check back indicates that the deletion of data records was started. -- 290065 A check back indicates successful completion of the deletion of data records. -- 290066 Confirmation prompt before deleting data re cords. -- 290068 Confirmation prompt for deletion of the selected recipe data records. -- WinCC Advanced V14 System Manual, 10/2016 5525 Visualizing processes 12.3 Working with alarms Number Effect/causes 290069 Confirmation prompt for deletion of all recipe da -ta records. Solution 290070 The data record specified was not found in the import file. Check the source of the data record number, or the data record name (constant, or tag value). 290071 When the editing data record values, you en tered a value that is below the low limit of the recipe tag. The entry is discarded. Enter a value within the recipe tag limits. 290072 When editing data record values, you entered a Enter a value within the recipe tag limits. value that exceeds the high limit of the recipe tag. The entry is discarded. 290073 An action (e.g. saving a record) failed for an un -known reason. The error corresponds to status alarm IDS_OUT_CMD_EXE_ERR in the large recipe view. 290074 While saving, a data record with the specified number but with different name was found. Overwrite the record, change the record number or cancel the action. 290075 A data record of this name already exists. The data record is not saved. Select a different data record name. 290110 The default values could not be set due to an error. -- 290111 The recipes subsystem cannot be used. Recipe views have no content and recipe-specific func tions will not be executed. Download the project to the device again, including the recipes (the corresponding check box in the down load dialog must be check marked). Possible causes: Error when loading the recipes. The recipe structure was changed in the ES. The recipes were not included in the latest project download. This means that the new configuration data no longer matches the old recipes on the device. Note Alarms without additional information Alarms 290067 and 290076-290109 are not described since the alarm text contains all the necessary information. 5526 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.3 Working with alarms 300000 - Alarm_S alarms (Panels, RT Advanced) 300000 - Alarm_S alarms The most important system events are listed below. Number Effect/causes Solution 300000 Faulty configuration of process monitoring (e.g. Change the PLC configuration. using PDiag or S7-Graph): More alarms are queued than specified in the specifications of the CPU. No further ALARM_S alarms can be man aged by the PLC and reported to the HMI devi ces. 300001 ALARM_S is not registered on this PLC. Select a controller that supports the ALARM_S serv ice. Note Alarms without additional information Alarms 300100-300102 are not described since the alarm text contains all the necessary information. 310000 - Reporting alarms (Panels, RT Advanced) 310000 - Reporting alarms The most important system events are listed below. Number Effect/causes Solution 310000 An attempt is being made to print too many re ports in parallel. Only one log file can be output to the printer at a given time; the print job is therefore rejected. Wait until the previous active log was printed. Repeat the print job if necessary. 310001 An error occurred on triggering the printer. The Evaluate the additional system events related to this report is either not printed or printed with errors. alarm. Repeat the print job if necessary. 330000 - Interaction alarms (Panels, RT Advanced) 330000 - Interaction alarms The most important system events are listed below. Number Effect/causes Solution 330022 Too many open dialogs on the HMI device. Close all dialogs you do not require on the HMI device. WinCC Advanced V14 System Manual, 10/2016 5527 Visualizing processes 12.3 Working with alarms Note Alarms without additional information Alarms 330001-330021, 330023-330070 are not described since the alarm text contains all the necessary information. 340000 - Alarms info text 340000 - Alarms info text Note Alarms without additional information Alarms 340001-340005 are not described since the alarm text contains all the necessary information. 350000 - PROFIsafe alarms (Panels, RT Advanced) 350000 - PROFIsafe alarms The most important system events are listed below. Number Effect/causes Solution 350000 PROFIsafe packets were not received within the specified time. There is a communication problem with the FCPU. Check the WLAN connection. 350001 PROFIsafe packets were not received within the specified time. There is a communication problem with the FCPU. RT is terminated. Check the WLAN connection. The PROFIsafe connection is set up again. 350002 Internal error. Internal error Runtime is terminated. 350003 Check back for indicating the connection setup to the F-CPU. -- The Emergency-Off buttons are active immedi ately. 350004 PROFIsafe communication was set up and the connection was shut down. Runtime can be terminated. -- The Emergency-Off buttons are deactivated im mediately. 5528 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) Number Effect/causes Solution 350005 Incorrect address configured for the F-Device. A PROFIsafe connection cannot be set up. Check and modify the address of the F-Device in WinCC ES. 350006 The project was started. At the start of the project, check the proper function of the ACK buttons. Press the two ACK buttons successively in the "Ac knowledge" and "Panic" positions. 350008 You configured an incorrect number of failsafe buttons. Modify the number of failsafe buttons in the project. A PROFIsafe connection cannot be set up. 350009 The device is in Override mode. Exit the override mode. It may no longer be possible to detect the loca tion because transponder detection fails. 350010 Internal error: The device has no failsafe buttons. Return the device to Siemens. Worldwide contact partners 380000 - Alarms Sm@rtServer (Panels, RT Advanced, RT Professional) 380000 - Alarms Sm@rtServer Note Alarms without additional information Alarms 380000-380100 are not described since the alarm text contains all the necessary information. 12.4 Working with logs (Basic Panels, Panels, RT Advanced) 12.4.1 Working with logs for Runtime Advanced and Panels (Basic Panels, Panels, RT Advanced) 12.4.1.1 Log Basics (Basic Panels, Panels, RT Advanced) Introduction WinCC provides the following types of log for logging process data for HMI Runtime: Data logs Alarm logs A data log is used to log process data from an industrial plant. An alarm log is used to log alarms that occur in the monitored process. WinCC Advanced V14 System Manual, 10/2016 5529 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) Principle The two types of log both have roughly the same structure and largely work in the same way. They are very clear and easy to configure. With both types of log you define the same properties for the log. The same logging methods are also available for both types of log. The following logging methods are available: Circular log If a circular log is totally full, the oldest entries are overwritten. Segmented circular log In a segmented circular log, multiple single logs of the same size are filled in succession. When all log segments are filled, the oldest log segment is overwritten. Log with level-dependent system alarm A system alarm is triggered when a defined level is reached. Log with level-dependent triggering of an event The "Overflow" event is triggered when the log is full. The "Overflow" event triggers a system function. 12.4.1.2 Properties of Logs (Basic Panels, Panels, RT Advanced) Introduction You define the properties of a data log in the "Data logs" editor. You define the properties of an alarm log in the "Alarm log" editor. The properties of the data log and alarm log are configured in the same way. You configure the properties either directly in the table of the respective editor or in the log properties of the Inspector window. General properties Name You can assign any name to the log. The name must contain at least one letter or one number. Storage location The storage location specifies where the log is saved. The HMI device determines which storage locations are available. 5530 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) Size The size of a log depends on the type of log and the selected settings. - Size of a data log The size of a data log is calculated as follows: The number of items * the length of each tag value to be logged. In the "Properties" window, the maximum size that the log accepts for retention of the currently selected number of data records is displayed in the input field "Number of data records". The maximum log size is limited by the volume of the storage medium. - Size of an alarm log The size of an alarm log is calculated from the number of data records and the approximate size of an entry. The size of an entry depends on whether the alarm text and the associated tag values are to be logged as well. Restart characteristics Under Restart characteristics you can specify that the logging starts when Runtime starts. Check the "Enable logging at runtime start" check box. You can also control the behavior when Runtime starts. Enable "Reset log" if you want to overwrite existing logged data with the new data. Select the "Append data to existing log" option if you want to retain the existing logged data. This setting adds the data to be logged to an existing log. See "AUTOHOTSPOT" and "AUTOHOTSPOT" for more details. Note You can use system functions to control the restarting of a log in Runtime. Automatic log entries In Runtime, the following log entries are created as standard: Entry File format Log type Meaning $RT_DIS$ Any Data log Indicates that the connection to the log was interrupted at this point in time. (A bold line is shown in the trend view for this time period.) $RT_OFF$ Any Data log Indicates that Runtime was shut down at this point in time. (No line is shown in the trend view for this time period.) $RT_ERR$ Any Data log Alarm log $RT_COUNT AuditTrail1 (The log copy was not fully created.) *.CSV Data log *. TXT Alarm log This entry was created at the end of the log and serves to increase the system perform ance when Runtime starts. AuditTrail1 1 WinCC Advanced V14 System Manual, 10/2016 Indicates in the destination log that a copy op eration was not successful or was interrupted. The "AuditTrail" logging method is not available for all HMI devices. 5531 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) See also Storage locations of logs (Page 5532) 12.4.1.3 Storage locations of logs (Basic Panels, Panels, RT Advanced) Storage location of a log When you configure a log in WinCC, the available storage locations depend on the HMI device you are using. HMI devices Alarms Supported logs Tags Audit Trail Supported storage locations Supported stor age locations Basic Panels1 No No No - - Basic Panels 2nd Generation2 Yes Yes No a TXT file (Unicode) USB memory (at USB port) Panels3 Yes Yes Yes a CSV file (ASCII) Storage card (SD) RDB file Network drive a TXT file (Unicode) Comfort Panels4 Yes Yes Yes a CSV file (ASCII) Storage card (SD) RDB file Storage card a TXT file (Unicode) (USB) Network drive Multi Panels5 Yes Yes Yes a CSV file (ASCII) RDB file Storage card (MMC) a TXT file (Unicode) Storage card (USB) Network drive Mobile Panels6 Yes Yes Yes a CSV file (ASCII) RDB file Storage card (MMC) a TXT file (Unicode) Storage card (USB) Network drive 5532 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) HMI devices Alarms Supported logs Tags Audit Trail Supported storage locations Supported stor age locations Mobile Panels 2nd Generation7 Yes Yes Yes a CSV file (ASCII) Storage card (SD) PC systems with Runtime Advanced Yes RDB file USB memory (at a TXT file (Unicode) USB port) Network drive Yes Yes a CSV file (ASCII) Local file system Database Network drive RDB file a TXT file (Unicode) 1 KP 300, KP 400, KTP 1000, TP 1500 2 KTP 400, KTP 700, KTP 900, KTP 1200 3 TP 277 and OP 277 only 4 All HMI devices from the device list 5 MP 277 and MP 377 only 6 Mobile Panel 277 only 7 KTP 400F Mobile, KTP 700 Mobile, KTP 900 Mobile - including fail-safe versions Note Logging on network drives Do not log alarms, tags and Audit Trail directly on a network drive. Power supply can be interrupted at any time. This means there is no guarantee for a reliable operation of logs and audit trails. Save the logs on your local hard drive or a local storage card. Use the system function "ArchiveLogFile" to save the logs long-term on a network drive. This step ensures reliable operation. Syntax examples for storage locations Storage card storage location: <\Storage Card MMC\My_Archives\TagLogs>: Saves the archive on the MMC storage card to the subdirectory "My_Archives\TagLogs". Local file system storage location: <C:\My_File_Folder\My_Archives\Machine_1>: Saves the log on the local hard disk drive C: in the subdirectory "My_File_Folder\My_Archives\Machine_1" Network drive storage location: <\\ArchiveServer\My_File_Folder\My_Archives\Machine_1>: Saves the archive on the "ArchiveServer" server to the subdirectory "My_File_Folder\My_Archives\Machine_1". WinCC Advanced V14 System Manual, 10/2016 5533 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) Naming conventions The log names must be unambiguous in a project. The name of a log must always be unique, regardless of whether different storage locations are selected for the log. Note The characters which can be used in the name of the data source depend on the storage location. The \ / * ? : " < > | characters are not allowed at the following locations: File - RDB File - CSV (ASCII) File - TXT (Unicode) If the "Database" storage location is used, the following characters may be used: a-z A-Z 0-9 _@#$ The characters _ @ # $ cannot be used as the first character of a name. Note Only applies to Basic Panels 2nd Generation Unicode characters are not supported for the log names and the log paths. File - CSV (ASCII) Data is saved to a CSV file in standard ASCII format. If you want to read or evaluate logged data without using WinCC Runtime, use the "CSV file" storage location. Note Double quotation marks or multiple characters are not permitted as list separators for the "CSV file" storage location. You can find the settings for list separators under "Start > Settings > Control Panel > Regional and Language Options". Note Logging tags of the "BOOL" data type Boolean values are logged as digits: 0 (False) corresponds to the log entry 0 1 (True) corresponds to the log entry -1 File - TXT (Unicode) Data is stored in Unicode. 5534 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.4 Working with logs (Basic Panels, Panels, RT Advanced) This file format supports all characters that can be used in WinCC and WinCC Runtime. For editing, you will need software that can save files in Unicode, such as Notepad. Note Use "File - TXT (Unicode)" as the storage location to log Asian languages. File - RDB Data is saved with quick access in a proprietary database. If you require maximum read performance in Runtime, use the "RDB file" storage location. Database Data is saved to a database which is set up for ODBC access by the PC administrator. Log with checksum (Audit Trail) The following files are generated under special circumstances: *.keep 1. If a log is started without checksum and will be continued with a checksum. 2. If you update WinCC with a service pack or a new version and the Audit Trail or the log is continued with the checksum. The content of the keep file will remain the same when compared with the original csv file or txt file. *.bak If WinCC Runtime has determined a serious, irregular problem in the file. See also Data logging (Page 5364) Properties of Logs (Page 5530) WinCC Advanced V14 System Manual, 10/2016 5535 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.1 Basics (Basic Panels, Panels, RT Advanced) 12.5.1.1 Definition and applications (Basic Panels, Panels, RT Advanced) Introduction Recipes are collections of related data, for example, machine parameterizations or production data. Note Restrictions for recipes Recipes are not available on the HMI device OP 73: Examples: Machine parameter settings that are needed to convert production to a different product variant. Product components that result in different compositions for different end products. A recipe has a fixed data structure. The structure of a recipe is defined during configuration. A recipe contains recipe data records. These differ in terms of their values, but not their structure. Recipes are stored on the HMI device or on an external storage medium. Recipe data records are always transferred complete and in a single pass between the HMI device and the PLC. In addition, production data can be imported in runtime, in the form of a CSV file. Note Restrictions for Import / Export It is not possible to export or import the recipes for the following HMI devices: Basic Panels OP 77A OP 177A TP 177A (Portrait) Complete recipe data, but not single recipe data records, can be exported and imported using ProSave in CSV format and transferred to the HMI device. Thereby, Runtime is interrupted. 5536 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Using recipes Recipes can be used in the following situations: Manual production You select the required recipe data and display it on the HMI device. You modify the recipe data as required and save it on the HMI device. You transfer the recipe data to the PLC. Automatic production The control program starts transfer of the recipe data between the PLC and HMI device. You can also start the transfer from the HMI device. Production is then implemented automatically. It is not essential to display or modify the data. Teach-in mode You optimize production data that was optimized manually on the system, e.g. axis positions or filling volumes. The values thus determined are transferred to the HMI device and saved in a recipe data record. You can then transfer the saved recipe data back to the PLC at a later date. Entering and modifying the recipe data You enter the data in the individual recipe data records and modify it as required. The following options are available: Data entry during configuration If the production data exists already, you enter the data in the "Recipes" editor during recipe configuration. Entering the data in Runtime If you have to frequently modify production data, you can do this directly in Runtime as follows: - Enter the data directly on the HMI device. - Set the parameters directly on the machine. You then transfer the data from the PLC to the HMI device and save it in the recipe. WinCC Advanced V14 System Manual, 10/2016 5537 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.1.2 Examples for using recipes (Basic Panels, Panels, RT Advanced) Recipes are used in the manufacturing industry and mechanical engineering, for example. The following recipes show typical applications which you can implement with the recipe function of WinCC: Machine parameter assignment One field of application for recipes is the assignment of machine parameters in the manufacturing industry: A machine cuts wooden boards to a certain size and drills holes. The guide rails and drill have to be moved to new positions according to the board size. The required position data are stored as data records in a recipe. You reassign the machine parameters using "Teach in" mode if, for example, a new board size is to be processed. You transfer the new position data directly from the PLC to the HMI device and save it as a new data record. Batch production Batch production in the food processing industry represents another field of application for recipes: A filling station in a fruit juice plant produces juice, nectar, and fruit drinks in a variety of flavors. The ingredients are always the same, differing only in their mixing ratios. Each flavor corresponds to a recipe. Each mixing ratio corresponds to a data record. All of the required data for a mixing ratio can be transferred to the machine control at the touch of a button. 12.5.1.3 Recipe structure (Basic Panels, Panels, RT Advanced) Introduction The basic structure of a recipe is illustrated with reference to the filling station in a fruit juice plant. There may be several different recipes in an HMI device. A recipe can be compared to an index card box that contains several index cards. The index card box contains several variants for manufacturing a product family. All the data for each manufacturing variant is contained on a single index card. Example: In a soft drinks production plant, a recipe is needed for different flavors. Drink variants include fruit juice drink, juice and nectar. 5538 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Recipe The recipe contains all the recipe data records for the different drink variants. -XLFH :DWHU 6XJDU )ODYRU &RQFHQWUDWH 5 30 23 80 5HFLSHGDWDUHFRUG 1HFWDU :DWHU 6XJDU )ODYRU &RQFHQWUDWH 15 35 20 70 5HFLSHHOHPHQW 5HFLSH Recipe data records Each index card represents a recipe data record needed to manufacture a product variant. Recipe entries Each index card in a drawer has the same structure. All the index cards contain fields for the different ingredients. Each field corresponds to a recipe entry. All the records of a recipe thus contain the same entries. The records differ, however, in the value of the individual entries. Example: All the drinks contain the following ingredients: Water Concentrate Sugar Flavoring The records for juice drink, fruit juice or nectar differ, however, in the quantity of sugar used in production. WinCC Advanced V14 System Manual, 10/2016 5539 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.1.4 Display of recipes (Basic Panels, Panels, RT Advanced) Introduction You can display recipes in the following ways: Recipe view Recipe screen Input in the recipe view and recipe screen You change the values of a recipe in the recipe screen or recipe view and thus modify the manufacturing process or a machine. The recipe view and recipe screen can perform the same functions when using recipes. They differ in the following respects: Display options Operation Possibility of transferring data between the PLC and the HMI device Recipe view The recipe view is suitable for viewing simple recipes. The recipe view is an off-the-shelf WinCC display and operator control object for managing recipe data records. The recipe view is always part of a screen. The recipe view shows recipe data records in tabular form. You adapt the appearance and the possible operations to suit your specific needs. 5540 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) If you are editing recipes with a recipe view in your project, the values are saved in recipe data records. The values are not transferred between the HMI device and PLC until you use the relevant operator control object. Recipe screen The recipe screen is an individual screen that contains: Input fields for recipe variables Operator control objects for using the recipes, e.g. "SaveDataRecord" :DWHU O &RQFHQWUDWH O 6XJDU NJ )ODYRULQJ O 5HFLSHQDPH 2UDQJH 1R 'DWDUHFRUGQDPH 1HFWDU 1R 6DYH 'DWDIURPWKH3/& /RDG 'DWDWR3/& The recipe screen is suitable in the following situations: Large recipes Allocation of recipe fields to the graphic display of the relevant plant area Breakdown of the recipe data into several screens Note The values of recipe variables are transferred between the PLC and recipe screen at the following times depending on the configuration: Immediately after modification When a relevant operator control object is used Synchronizing recipe view and recipe screen There may be differences in Runtime between the values displayed in the recipe view and the values saved in the associated tags when you edit recipes in both a recipe view and a recipe screen. To prevent this, you must synchronize the recipe data record values with the values of the recipe tags. A complete recipe data record will always be saved or synchronized. Note Recipe tags can only be synchronized in the advanced recipe view. Synchronization only takes place if the "Synchronize recipe view and recipe tags" setting is activated for the recipe. WinCC Advanced V14 System Manual, 10/2016 5541 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.1.5 Transferring recipe data records (Basic Panels, Panels, RT Advanced) Flow of data in recipes The following picture illustrates the flow of data in recipes: +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 6\QFKURQL]LQJ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 5HFLSHWDJ 5HFLSH VFUHHQ 7HDFKLQPRGH 3/& ([WHUQDO VWRUDJHPHGLXP Interaction between the components There is interaction between the following components at runtime: Recipe view / recipe screen On the HMI device, recipes are displayed and edited in the recipe view or in a recipe screen: - The recipe data records from the internal memory of the HMI device are displayed and edited in the recipe view. - The values of the recipe tags are displayed and edited in the recipe screen. You synchronize the values displayed in the recipe view with the values of recipe tags according to the configuration. HMI device recipe memory Recipes are saved in the form of recipe data records in the HMI device's recipe memory. Recipe tags The recipe tags contain recipe data. When you edit recipes in a recipe screen, the recipe values are stored in recipe tags. The point at which the values of the recipe tags are exchanged with the PLC depends on the configuration. Note You can synchronize the recipe tags with the recipe data records so that the same values are saved in both. 5542 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Loading and saving recipe data Complete recipe data records are loaded from or saved to the recipe memory on the HMI device in the recipe view. +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 6\QFKURQL]LQJ 5HFLSH VFUHHQ 5HFLSHWDJ The values of the recipe data record are loaded from the recipe memory to the recipe tags in the recipe screen. When they are saved, the values of the recipe tags are saved to a recipe data record in the recipe memory. Transferring the recipe values between the HMI device and the PLC Complete recipe data records are transferred between the recipe view and PLC. +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 6\QFKURQL]LQJ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 5HFLSHWDJ 5HFLSH VFUHHQ 7HDFKLQPRGH 3/& WinCC Advanced V14 System Manual, 10/2016 5543 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The following transfers are possible between the recipe screen and PLC, depending on the configuration: Transferring recipe data records between recipe view and recipe tags Immediate transfer of individual modified values between the recipe tags and PLC. The following settings are needed in the recipe in order to do this: - "Synchronizing recipe view and recipe tags" is activated. - "Manual transfer of individual modified values (teach-in mode)" is deactivated. Recipe data records can be transferred directly between the HMI device and PLC. In these situations, the display on the HMI device is not essential. Exporting and importing recipe data records Recipe data records are exported from the HMI device recipe memory and are saved to a CSV file on the external storage medium. The records can be reimported from the storage medium to the recipe memory. +0,GHYLFH 5HFLSHPHPRU\ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ ([WHUQDO VWRUDJHPHGLXP The following external storage media may be used, depending on the HMI device: No storage medium, for example, for basic panels Memory card USB stick Hard disk 5544 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.1.6 Configuration of recipes (Basic Panels, Panels, RT Advanced) Introduction Recipes are configured differently according to the intended use: If you are editing recipes with a recipe view in your project, the values are only saved in recipe data records. If you are editing recipes in a recipe screen in your project, the values are saved in recipe tags. The following possible settings determine how the recipe data records, recipe tags and PLC all interact. "Synchronizing recipe view and recipe tags" deactivated The data in a data record is only displayed and can only be edited in the recipe view. If you use data outside the recipe view, they are not synchronized with the recipe view. "Synchronizing recipe view and recipe tags" activated There may be differences in Runtime between the values displayed in the recipe view and the values saved in the associated tags when you edit recipes in both a recipe view and a recipe screen. To prevent this, you must synchronize the recipe data record values with the values of the recipe tags. +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 6\QFKURQL]LQJ 5HFLSHWDJ 5HFLSH VFUHHQ 7HDFKLQPRGH 3/& Note Recipe tags can only be synchronized in the advanced recipe view. WinCC Advanced V14 System Manual, 10/2016 5545 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The values of the recipe view and the associated recipe tags are not synchronized automatically. The recipe tags and the recipe view are not synchronized until you use the operating element with the "RecipeViewSynchronizeDataRecordWithTags" function. "Synchronize recipe view and recipe tags" activated and "Manual transfer of individual modified values (teach-in mode)" activated With this setting, modified recipe values are not synchronized immediately between the recipe tags in the recipe screen of the HMI device,and PLC. There must be an operating element with the "SetDataRecordToPLC" and "GetDataRecordFromPLC" functions present in order to synchronize the values. If recipe values are changed in the controller, the modified values are displayed immediately in the recipe screen if you use the operating element with the "GetDataRecordFromPLC" function. "Synchronize recipe view and recipe tags" activated and "Manual transfer of individual modified values (teach-in mode)" deactivated With this setting, modified recipe values are synchronized immediately between the recipe tags on the HMI device and PLC. When you change recipe values in the recipe screen, these changes are applied immediately by the PLC and immediately influence the process. If recipe values are changed in the PLC, the changed values are displayed immediately in the recipe screen. 12.5.1.7 Special features of some devices (Basic Panels, Panels, RT Advanced) +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 6\QFKURQL]LQJ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 5HFLSHWDJ 7HDFKLQPRGH 3/& 5546 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Basic panels, OP 77A, TP 177A and TP 177A (Portrait) respond differently to the other HMI devices in the following respects: Only the simple recipe view is supported. Recipe tags are always synchronized with the recipe view (see figure above): When the operator changes a value of the recipe element in recipe view, the value of the associated recipe tag will also change. Recipe tags are not automatically transferred between the PLC and HMI device when they are modified. Recipe tags are always transferred manually in teach-in mode. There must be an operator control object with the "SetDataRecordToPLC" and "GetDataRecordFromPLC" functions present in order to synchronize the values with the PLC. Note Restrictions for recipe tags Generally, in Basic Panels and OP77A, TP177A (Portrait) recipe tags cannot be used, except in a recipe. Note Restrictions for Import / Export It is not possible to export or import the recipes for the following HMI devices: Basic Panels OP 77A OP 177A TP 177A (Portrait) Complete recipe data, but not single recipe data records, can be exported and imported using ProSave in CSV format and transferred to the HMI device. Thereby, Runtime is interrupted. NOTICE Data loss with several recipe views in the screen Applies only to Basic Panels, OP73, OP77A, TP177A and TP177A (Portrait): If two or more recipe views show the same recipe in a screen, you have a conflict when accessing the data. The result is data loss and unpredictable status of recipe data. Make sure the operators do not select and edit the same recipe in different recipe views. Display only one recipe in a recipe view. Display a different recipe in each recipe view. WinCC Advanced V14 System Manual, 10/2016 5547 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Interaction between the components There is interaction between the following components at runtime: Recipe view Recipes are displayed and edited in the recipe view on the HMI device. The recipe data records from the internal memory of the HMI device are displayed and edited in the recipe view. HMI device recipe memory Recipes are saved in the form of recipe data records in the HMI device's recipe memory. Recipe tags The recipe tags contain the values of recipe elements. 12.5.1.8 Synchronization of recipe data records with the PLC (Basic Panels, Panels, RT Advanced) Overview When recipe data records are transferred between the HMI device and PLC, both communication peers access common communication areas on the other peer. Recipe data records are always transferred directly. The values of the tags are written directly to or read directly from the configured addresses without being placed on the clipboard. Data transfer types There are two ways to transfer recipe data records between the HMI device and PLC: Transfer without coordination Coordinated transfer via the "Data record" area pointer. Note Coordinated transfer Transfer with coordinated transfer is used to prevent the uncontrolled overwriting of data in either direction in your control program. Requirements for coordinated transfer The following requirements apply to coordinated transfer: The "Data record" area pointer must be set up for the required connection in the "Communication > Connections" editor. In the properties of the recipe "Coordinated transfer of data records" is activated. The connection to the PLC is specified in the properties of the recipe with which the HMI device coordinates the transfer. 5548 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Coordinated transfer In the case of coordinated transfer, both the PLC and the HMI device set the status bits in the shared data compartment. Coordinated transfer of recipe data records can be a useful solution in the following cases: The PLC is the "active partner" for the transfer of recipe data records. The PLC evaluates information about the recipe number and name, as well as the recipe data record number and name. The transfer of recipe data records is started by the following PLC jobs: - "Set_data_record_in_PLC" - "Get_data_record_from_PLC" 12.5.1.9 "Recipes" editor (Basic Panels, Panels, RT Advanced) Introduction You can create, configure and edit recipes, recipe entries and recipe data records in the "Recipes" editor. The "Recipes" editor also allows you to enter values in recipe data records. Structure of the "Recipes" editor You create recipes in the top part of the table editor. You can also configure them there or in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5549 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The bottom part of the table editor has the following tabs: Elements Define the recipe elements of the selected recipe using the table cells provided here. You can move recipe elements within the table with the shortcut menu commands, "Up" and "Down". Data records Define the values of the data records of the selected recipe using the table cells provided here. You can then configure the selected recipe, the recipe element or the recipe data record in the Inspector window. You will find further notes on configuring the components of a recipe under "Configuring Recipes". Recipe settings The following settings are available for recipes: 5550 Setting Description Name of the recipe This is a unique identification for the recipe within the HMI device. Display name Appears in the recipe view, for example, in Runtime. You can configure dis play names in multiple languages. Assign descriptive names or designations which the operator can associate directly with a recipe, e.g. "fruit juice drink". Recipe number This is a unique identification for the recipe within the HMI device. Version Information about the recipe. The date and time of the last change to the recipe is set by default. Path Defines the storage location for recipes. The recipes are stored as a file. Size type [fixed] The recipe data records are limited to a predetermined number by default. Number of data re cords [fixed] Maximum number of data records in a recipe in Runtime. The number is limi ted by the recipe memory of the HMI device. Communication type [fixed] The recipe data records are written directly to the addresses of the recipe tags and read from there. Tooltip Tooltip for the recipe which is shown to the operator in Runtime. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Note Path The storage location depends on the storage media available on the HMI device. Basic Panels and OP77A, TP177A (Portrait) These HMI devices have no external memory. Recipes are always saved in the internal Flash memory. The "Path" setting is therefore not available. Recipe element settings You can make the following settings on the "Elements" tab: Setting Description Name of the recipe element Identifies a recipe element uniquely within the recipe. Enter meaningful names or labels that you can allocate uniquely, such as axis labels on a machine or ingredients such as "Flavoring". Display name Appears in the recipe view, for example, in Runtime. You can configure display names in multiple languages. Assign meaningful names or des ignations which the operator can associate directly, e.g. "fruit juice fla voring". Recipe tag An assigned tag in Runtime stores the current value of the recipe ele ment in the recipe data record. Data type Data type of the recipe tag. Data length [fixed] Data length of the recipe tag, depending on the data type. Text list Text is assigned to a value or range of values in a text list. You can display this text in an output field, for example. The assigned recipe tag must have the data type of a number. The tag value must be within the range of values of the text list. WinCC Advanced V14 System Manual, 10/2016 Default value This is used as the default entry when you create a new recipe data record. Minimum value [fixed] The smallest representable value of a number-based recipe tag, de pending on the type of data. Maximum value [fixed] The largest representable value of a number-based recipe tag, depend ing on the type of data. Decimal places Determines how many places a decimal number is rounded to, e.g. 3 decimal places and vice versa by what power of ten an integer value is multiplied, e.g. 1,000. Tooltip Tooltip about the recipe element which is shown to the operator in Run time. 5551 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Recipe data record settings You can make the following settings on the "Data records" tab: Setting Description Name of the recipe data re cord Identifies a recipe data record uniquely within the recipe. Display name Appears in the recipe view, for example, in Runtime. You can configure display names in multiple languages. Assign meaningful names or product numbers which the operator can associate directly with a prod uct, e.g. "yellow fruit juice E231". Recipe data record number Identifies a recipe data record uniquely within the recipe. Recipe elements 1 to n You can store various values for each recipe element even during con figuration. Together with the values of the other recipe elements, a val ue always forms a recipe data record. You can store multiple recipe data records. If enabled in the transfer settings, the recipe data records are transfer red to the HMI device when downloading the project and existing data records on the HMI device are overwritten. Comment Comment about the recipe data record 12.5.2 Recipes in runtime (Basic Panels, Panels, RT Advanced) 12.5.2.1 Recipe screen and recipe view (Basic Panels, Panels, RT Advanced) Basics on the recipe screen (Basic Panels, Panels, RT Advanced) Introduction The recipe screen contains an individual screen form for entering the recipes. The screen form contains I/O fields and other display and operator control objects. The recipe functionality is implemented with system functions, e.g. for saving recipe data records. The picture below contains an example of a recipe screen: 5552 :DWHU O &RQFHQWUDWH O 6XJDU NJ )ODYRULQJ O 5HFLSHQDPH 2UDQJH 1R 'DWDUHFRUGQDPH 1HFWDU 1R 6DYH 'DWDIURPWKH3/& /RDG 'DWDWR3/& WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Note Availability Basic Panels and OP73A, OP77A, TP177A (Portrait) do not support any recipe screens. Designing recipe screens Configuring a recipe screen allows you to customize the display. You can spread large recipes over several screens according to topic and display them clearly using features such as graphical display and operator control objects. Spreading recipes over several screens according to topic - You can spread recipe data records containing lots of entries across several screens. For example, for each plant area you can configure a screen containing the associated screen forms for the recipe data records. Spreading recipes over several screens is useful for HMI devices with small displays as they avoid having to scroll through tables in Runtime. Visual machine simulation You can visually simulate your machine in a screen using graphical screen objects. This enables you to display parameter settings more clearly by positioning I/O fields immediately next to machine elements such as axes or guide rails. which produces a direct relationship between the values and the machine. Synchronizing recipe values To enter recipe data record values outside the advanced recipe view in the configured I/O fields, activate "Synchronize recipe view and recipe tags" under "Properties > Synchronization" in the recipe properties. The "Synchronize recipe view and recipe tags" option is not available for the simple recipe view. Figure 12-4 WinCC Advanced V14 System Manual, 10/2016 Recipes_Synchronization_Advanced 5553 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Transferring recipe values automatically If the entered recipe values must be immediately transferred to the connected PLC in Runtime, deactivate "Manual transfer of individual modified values (teach-in mode)" under "Properties > Options". Configure the "SetRecipeTags" system function if you want to enable and disable the immediate transfer of entered recipe values in Runtime. System functions The system functions for loading, saving and transferring recipe data records and recipes are located in the "Recipes" group. The following system functions are available for operator control of a recipe screen: ImportDataRecords ExportDataRecords LoadDataRecord GetDataRecordFromPLC ClearDataRecord SaveDataRecord SetDataRecordToPLC SetDataRecordTagsToPLC SetRecipeTags GetDataRecordTagsFromPLC The following system functions are available for operator control of the recipe view when it is being used in the recipe screen: RecipeViewSaveDataRecord RecipeViewSaveAsDataRecord RecipeViewSynchronizeDataRecordWithTags RecipeViewClearDataRecord RecipeViewNewDataRecord RecipeViewGetDataRecordFromPLC RecipeViewSetDataRecordToPLC RecipeViewRenameDataRecord RecipeViewShowOperatorNotes RecipeViewMenu (for simple recipe view only) RecipeViewOpen (for simple recipe view only) RecipeViewBack (for simple recipe view only) 5554 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) See also Recipe view basics (Page 5555) Recipe view basics (Basic Panels, Panels, RT Advanced) Introduction The recipe view is a WinCC display and operating object. The recipe view is used to display, edit and manage data records. The layout of the recipe views is dependent on the device and the device version. HMI devices with simple recipe view HMI device Type Basic Panels KP300 Basic mono PN KP400 Basic color PN KTP400 Basic mono PN KTP400 Basic color PN KTP400 Basic mono PN Portrait KTP400 Basic color PN Portrait KTP600 Basic KTP1000 Basic TP1500 Basic Panels OP 77A OP 77B TP 177A TP 177A Portrait TP 177B 1) OP 177B 1) TP 277 1) OP 277 1) 1) The simple recipe view display can be changed to the advanced recipe view HMI devices with advanced recipe view prior to device version V13 HMI device Type Panels TP 177B 1) OP 177B 1) TP 277 1) OP 277 1) Multi Panels MP 177 MP 277 MP 377 WinCC Advanced V14 System Manual, 10/2016 5555 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) HMI device Type Mobile Panels Panel 177 Panel 277 Panel 277 IWLAN V2 Panel 277F IWLAN V2 Panel 277F IWLAN (RFID Tag) 1) The advanced recipe view display can be changed to the simple recipe view HMI devices with advanced recipe view as of device version V13 HMI device Type Basic Panels KTP400 Basic PN KTP400 Basic PN Portrait KTP700 Basic KTP900 Basic KTP1200 Basic Comfort Panels KP400 Comfort KTP400 Comfort KP700 Comfort TP700 Comfort KP900 Comfort TP900 Comfort KP1200 Comfort TP1200 Comfort KP1500 Comfort TP1500 Comfort TP1900 Comfort TP2200 Comfort Mobile Panels KTP400F Mobile KTP700 Mobile KTP700F Mobile KTP900 Mobile KTP900F Mobile See also Basics on the recipe screen (Page 5552) Example of creating a recipe (Page 5607) 5556 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.2.2 Simple recipe view (Basic Panels, Panels, RT Advanced) Description of the simple recipe view (Basic Panels, Panels, RT Advanced) Recipe view The simple recipe view is a display and operating object that is used to manage recipe data records. The recipe view shows recipe data records in tabular form. The buttons and information displayed in the columns are adjustable. The values displayed or entered in the recipe view are saved in recipe data records. The recipe data record displayed can be written to the PLC and values read in from the PLC using buttons. Layout of the display The simple recipe view consists of the following display areas: Recipe list Data record list Element list This application is illustrated below: -XLFH %HYHUDJH 1HFWDU In the simple recipe view, each area is shown separately on the HMI device. You can use the shortcut menu to operate each of these display areas. The simple recipe view always begins with the recipe list. Operation You have the following options for using the simple recipe view, according to the configuration: Create, change, copy or delete recipe data records Read recipe data records from the PLC or transfer to the PLC WinCC Advanced V14 System Manual, 10/2016 5557 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Using the display area and shortcut menu Toggle between the display areas and the shortcut menus to operate the simple recipe views. Table 12-20 Operation of the display area Button Key Function <Enter> The next lowest display area is opened, i.e. the data record list or the element list. <Esc> The previous display area opens. <INS> Creates a new data record for the selected recipe if the list of recipes or recipe data records is displayed. Then changes to the list of recipe element. Requirement: "Properties >General > Processing mode" is activated. The button can be simulated with the "Key SimulateSystem Key" function even on devices without keys. <DEL> Deletes the selected recipe data record in the list of recipe data records. Requirement: "Properties >General > Processing mode" is activated. <Up>/<Down> Selects the previous/next entry. <Pg Up>/<Pg Down> Moves the display up or down one page. <Home>/<End> Selects the first/last entry. The first/last entry is selected. Table 12-21 Operation of the shortcut menu Button Key Function <Right> The shortcut menu of the display area opens. <Esc> The menu is closed. The display area opens. Input of the number of the menu command The menu command is executed. Shortcut menus of the simple recipe view You can click the button in each display area to call up a selection of commands. The command selection lists those commands that are available in the current display area. A number is assigned to each command. The command is executed when you enter this number. Alternatively select the command and press the <Return> key. 5558 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Shortcut menus in the recipe list Menu command Function New A new recipe data record is created for the selected recipe. If a start value is configured, it is displayed in the input field. Display tooltip The tooltip configured for the recipe is displayed. Open The record list of the selected recipe opens. Shortcut menus of the recipe data record list Menu command Function New Creates a new recipe data record. If a start value is configured, it is shown in the input field. Delete The displayed record is deleted. Save as The selected data record is saved under a different name. A dialog box opens where you can enter the name. Rename Renames the selected data record. A dialog box opens where you can enter the name. Open The element list of the selected data record opens. Previous The recipe list opens. Shortcut menus of the recipe element list Menu command Function Save The selected data record with the recipe element is saved. To PLC The displayed values of the selected data record are transferred from the HMI device to the PLC. From PLC The recipe values from the PLC are displayed in the recipe view of the HMI device. Save as The data record is saved under a new name. A dialog box opens where you can enter the name. Display tooltip The tooltip configured for the recipe element is displayed. Rename The selected recipe element is renamed. A dialog box opens where you can enter the name. Previous The data record list opens. Shortcut menus in the data record list Note HMI device dependency The following menu commands are configured in Basic Panels and in OP 77A, TP 177A, TP 177A (Portrait) and TP 177B. WinCC Advanced V14 System Manual, 10/2016 5559 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Menu command Function To PLC The displayed values of the selected data record are transferred from the HMI device to the PLC. From PLC The recipe values from the PLC are displayed in the recipe view of the HMI device. Updating and displaying values Note Processed recipe data record is changed in the background Only applies for Basic Panels: If an operator has changed a recipe data record and a PLC job wants to read or write any recipe data record of this recipe, the PLC job is stopped and a system alarm is output. On the other hand, the changed value is displayed immediately if only the PLC job and no operator has changed recipe data. Does not apply for Basic Panels: If an operator has changed a recipe data record and a PLC job has changed values of the recipe data record concerned, the recipe view is not updated automatically. To update the recipe view, reselect the relevant recipe data record. See also Recipe view basics (Page 5555) Configuration options of the simple recipe view (Page 5560) Configuration options of the simple recipe view (Basic Panels, Panels, RT Advanced) The response of the simple recipe view can be defined in the recipe view inspector window. Some devices, for example basic panels, only support the simple recipe view. Please note the following for devices with a simple recipe view: 1. In the Inspector window, under "Properties > Display > Mode", select "Simple view" as "View type". 2. The "Properties > Simple view" area contains additional properties only applicable to the simple recipe view. 3. All other properties are also applicable to the advanced recipe view. 5560 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Displaying recipe data record values only To display the recipe data in a recipe view for checking only, proceed as follows: 1. Deselect "Edit mode" in the "General" group. You cannot create, rename, edit or delete recipe data. Writing a recipe data record number or name to a tag A tag to each recipe data record can be configured in the advanced recipe view. Depending on the "String" or "Int" data type of the tag, the name or number of the recipe data record is stored in the tag. Conversely, the tag can also be used to select a recipe data record by entering the corresponding value. For example, the tag can be transferred as a parameter for a system function. Follow these steps: 1. Enter a tag of the "Int" type in the field "Tag", under "Properties > General > Recipe data record". The number of the recipe data record is stored in a tag. WinCC Advanced V14 System Manual, 10/2016 5561 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Configuring an event on the recipe view Note Events and buttons The "Events" register is faded out when a minimum of one button is enabled. To configure an event on the recipe view, follow these steps: 1. Select the recipe view that was added to the screen in the "Screens" editor. The properties of the recipe view are displayed in the Inspector window. 2. Deactivate all buttons under "Properties > Toolbar" and "Properties > Simple view". 3. In the Inspector window, under "Properties > Events", click the event to be configured, e.g. "Enable". 4. Configure a function list for the event. The function list is processed when the operator enables the recipe view. 5562 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Animation properties of the recipe view To configure an animation of a recipe view, proceed as follows: 1. Select the recipe view that was added to the screen in the "Screens" editor. The properties of the recipe view are displayed in the Inspector window. 2. Click under "Properties > Animations" in the Inspector window. 3. Link a tag to one or more of the following properties. - X-Position and y-Position - Design: Colors, flashing - Operability - Visibility In the "Animations> Overview" area, all animations are summarized in tabular form. Under "Animations> Tag links > Tag linkage", as well as visibility and position a tag can also be linked to height and width. Note Animations and buttons If all buttons are not disabled, an error message appears whilst compiling the project for windows-CE HMI devices. Constraints on the simple recipe view The following functions are not possible in the simple recipe view: Synchronizing recipe view and recipe tags Writing a recipe number / name to a tag Display status bar Display data record number Display label Display table WinCC Advanced V14 System Manual, 10/2016 5563 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) See also Recipe view basics (Page 5555) Description of the simple recipe view (Page 5557) Configuration of recipes (Page 5545) Using the simple recipe view (Basic Panels, Panels, RT Advanced) Controlling the simple recipe view with mouse or touchpad To control the simple recipe view with mouse or touchpad, proceed as follows: 1. Select the desired recipe from the recipe view. 2. Click the button. The shortcut menu is opened. 3. Select the desired menu command. The menu command is executed. Controlling the simple recipe view with the keyboard To control the simple recipe view with the keyboard, proceed as follows: 1. Press the <Tab> key until the simple recipe view is selected. 2. Select the desired recipe with the cursor keys. 3. Press <Right>. The shortcut menu is opened. 4. Press the <Down> key until the desired menu command is selected. 5. Press <Enter> to confirm the command. Key shortcuts for the simple recipe view The following key shortcuts are activated for the simple recipe view in Runtime if "Activate keyboard operation" is enabled in the ES. Key shortcut Effect Menu command <Insert> Generates a new recipe data record New <Del> Deletes the recipe data record displayed. Delete Operating the recipe view with function keys The recipe view can be operated with function keys, for example if the HMI device does not have touch functionality. You can assign functions such as "SaveDataRecord" to the function keys on the HMI device. 5564 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) See also Recipe view basics (Page 5555) Managing recipe data records (Basic Panels, Panels, RT Advanced) Administration of recipe data records You have the following options for managing the simple recipe view, according to the configuration: Creating new recipe data records Copy recipe data records Edit recipe data records Delete recipe data records Creating new recipe data records To create a new recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to create a new recipe data record. 2. Select the "New" command from the shortcut menu for the recipe list. A new data record with the next available number will be created. The element list of the new recipe data record opens. 3. Enter values for the elements of the recipe data record. The configuration data may already contain default values for the recipe data record. 4. Select the "Save" command from the shortcut menu for the element list. The dialog "Save as" opens. 5. Enter the name and number of the recipe data record. 6. Click the "OK" button. The data record is saved under the new name. If the recipe data record already exists, a dialog is opened. In this dialog, specify whether the existing data record is to be overwritten. Copying a recipe data record To copy a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to copy an existing recipe data record. 2. On the HMI device, select the recipe data record of which you want to save a copy. 3. Select the "Save As" command from the shortcut menu for the data record list. The dialog "Save as" opens. The recipe data record is automatically given the next free recipe data record number. 4. Under name, enter the name of the record. 5. Click the "OK" button. WinCC Advanced V14 System Manual, 10/2016 5565 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Modifying a recipe data record To change a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to edit an existing recipe data record. 2. Select the recipe data record that you want to edit on the HMI device. 3. Select the recipe data record. The element list of the recipe data record is displayed. 4. Replace the old values with new ones. 5. Select the "Save" command from the shortcut menu for the element list. Deleting a recipe data record To delete a recipe data record, proceed as follows: 1. Select the recipe on the HMI device from which you want to delete an existing recipe data record. 2. Select the recipe data record that you want to delete on the HMI device. 3. Select the "Delete" command from the shortcut menu for the data record list. 4. Confirm this security prompt to delete the data record. See also Recipe view basics (Page 5555) Read recipe data record from PLC (Basic Panels, Panels, RT Advanced) Introduction In Runtime, you can change values directly in the plant that are also stored in recipes in the HMI device. This applies if a valve was opened further directly in the plant than was specified in the recipe. The values of the recipe data records saved in the HMI device possibly no longer match the values in the PLC. You can read the values of the recipe tags from the PLC and write them to a recipe data record. The read values are written to the recipe data record that is currently displayed on the HMI device. Procedure To read a recipe data record from the PLC, proceed as follows: 1. Open the recipe on the HMI device. The data record list opens. 2. Select the element list of the recipe data record to which you want to apply the values from the PLC. 5566 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 3. Select the "From PLC" command from the shortcut menu for the element list. The values are read from the PLC and displayed in the current recipe data record. 4. If you want to save the values, select the "Save" or "Save As" command. Result The values are read from the PLC, visualized on the HMI device and saved to the recipe data record. Note Basic Panels With Basic Panels, the "From PLC" menu command can also be configured for the data record list. In this case, you can also select the "From PLC" menu command in the data record list. See also Recipe view basics (Page 5555) Transferring a recipe data record to the PLC (Basic Panels, Panels, RT Advanced) Introduction For the values of a data record that was changed in the recipe view to take effect, you must transfer the values to the PLC. The values displayed in the recipe view are always transferred to the PLC. Procedure To transfer a recipe data record to the PLC, proceed as follows: 1. Open the recipe you want to use. The data record list opens. 2. Select the element list of the recipe data record whose values you want to transfer to the PLC. 3. Select the "To PLC" command from the shortcut menu for the element list. Result The values of the recipe data record are transferred to the PLC. WinCC Advanced V14 System Manual, 10/2016 5567 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Note Basic Panels With Basic Panels, the "From PLC" menu command can also be configured for the data record list. In this case, you can also select the "From PLC" menu command in the data record list. See also Recipe view basics (Page 5555) Synchronization of recipe data records with the PLC (Page 5548) Transferring recipe data records (Page 5542) 12.5.2.3 Advanced recipe view (prior to V13) (Basic Panels, Panels, RT Advanced) Description of the advanced recipe view (prior to V13) (Panels, RT Advanced) Recipe view The advanced recipe view is a display and operating object that is used to manage recipe data records. The recipe view shows recipe data records in tabular form. The buttons, headers and information displayed in the columns can be set. The values displayed or entered in the recipe view are saved in recipe data records. The layout of the recipe views is dependent on the device and the device version. Application The recipe view is used to display, edit and manage data records. 5568 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Layout of the display The figure below shows an example of the advanced recipe view on an HMI device prior to device version V13. Operation Depending on the configuration you can: Create, edit, copy or delete recipe data records Read recipe data records from or transfer to the PLC Synchronize recipe data records with the associated recipe tags Operating elements The following operating elements can be configured in the recipe view: Operating ob Key combination ject Function The configured tooltip is displayed. <Ctrl+Spacebar> Creates a new recipe data record. If a start value is configured, it is shown in the input field. <Ctrl+Enter> WinCC Advanced V14 System Manual, 10/2016 Saves the displayed values of the recipe data record. The storage location is predefined by the project. 5569 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Operating ob Key combination ject Function <Ctrl+*> The recipe data record is saved under a different name regardless of the recipe view. A dialog box opens where you can enter the name. <Ctrl+Del> Deletes the recipe data record displayed. <Ctrl+=> The system always updates the current value of the recipe view with the up-to-date recipe tag value. When the value shown in the recipe view is more recent than the current recipe tag value, the system writes this value to the recipe tag. "Synchronize recipe view and recipe tags" must be activated in the recipe properties before this function can be used. <Ctrl+Down Ar row> The values of the set recipe data record displayed in the recipe view are transferred to the PLC. <Ctrl+Up Arrow> The recipe values from the PLC are displayed in the recipe view. Updating and displaying values If values of the corresponding recipe data record are changed by a job mailbox, the recipe view is not updated automatically. The values are changed in the background. To update the recipe view, reselect the relevant recipe data record. See also Recipe view basics (Page 5555) Using the advanced recipe view (Page 5573) Managing recipe data records (Page 5574) Synchronizing recipe data record (Page 5576) Reading recipe data records from the PLC (Page 5577) Transferring a recipe data record to the PLC (Page 5577) Configuration options of the advanced recipe view (Page 5570) Configuration options of the advanced recipe view (Panels, RT Advanced) You can specify the behavior of the advanced recipe view in the Inspector window of the recipe view. The layout of the recipe views is dependent on the device and the device version. Please note the following for devices with an advanced recipe view: 1. In the Inspector window under "Properties > Display > Mode", select "Advanced view" as the "View type". 2. The "Properties > Simple view" area contains properties only applicable to the simple recipe view. 3. All other properties apply to the advanced recipe view. 5570 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Displaying a recipe To only allow access to the recipe data records of a specific recipe in a screen, follow these steps: 1. Enter the required recipe or select an existing recipe in the "Recipe" field under "Properties > General". 2. When a recipe is entered in the "Recipe" field, you will have to enable the "Selection list" if you want to display the recipe name in runtime. The selected recipe appears in the recipe view. Writing a recipe number or name and recipe data record number or name to a tag Both the recipe and the recipe data record can each be configured to a tag in the recipe view. Depending on the "String" or "Int" data type of the tag, the name or number of the recipe or recipe data record is stored in the tag. Conversely, the tag can be used to select the recipe or recipe data record by entering the corresponding value. For example, the tag can be transferred as a parameter for a system function. Follow these steps: 1. Enter a tag of the "String" type in the field "Recipe tag", under "Properties > General > Recipe". 2. Enter a tag of the "Int" type in the field "Tag", under "Properties > General > Recipe data record". The name of the recipe and the number of the recipe data record are each stored in a tag. WinCC Advanced V14 System Manual, 10/2016 5571 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Using the recipe view as a drop-down list To use the recipe view as a selection field for recipes and recipe data records in a recipe screen, follow these steps: 1. Select the tag for the recipe name under "General > Recipe > Recipe tag". 2. Select the tag for the recipe data record name under "General > Recipe data record >Tag". 3. Disable the "Editing mode". You cannot create, rename, edit or delete recipe data. 4. In order to select recipes, enable "Display selection list" and make sure that no recipe is selected under "Properties > General > Recipe". 5. Deactivate all buttons under "Properties > Toolbar". Configuring an event on the recipe view To configure an event on the recipe view, follow these steps: 1. Select the recipe view that was added to the screen in the "Screens" editor. The properties of the recipe view are displayed in the Inspector window. 2. In the Inspector window, click the event you want to configure under "Properties > Events". 3. Configure a function list for the selected event. The function list is processed when the configured event occurs. See also Recipe view basics (Page 5555) Description of the advanced recipe view (prior to V13) (Page 5568) Configuration of recipes (Page 5545) 5572 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Using the advanced recipe view (Basic Panels, Panels, RT Advanced) Introduction You can control the recipe view using both mouse or touchpad or with the keyboard. The layout of the recipe views is dependent on the device and the device version. Controlling the recipe view with mouse or touchpad To control the recipe view with mouse or touchpad, proceed as follows: 1. Select the recipe you want to use. The records for the recipe are displayed. 2. Click on the data record you wish to edit. 3. Click the button whose function you want to run. Controlling the recipe view with the keyboard To control the recipe view with the keyboard, proceed as follows: 1. Press the <Tab> key until the cursor reaches the field for selecting the recipe. 2. Press <Enter>. The drop-down list box for the recipes opens. 3. Select a recipe. You navigate between the next or previous entry in the list by using the cursor keys <Left>, <Right>, <Up> and <Down>. 4. Select a data record. 5. Press the <Tab> key until the operator control object you wish to use is selected. Alternatively you can control the recipe view using certain key combinations. Operating the recipe view with function keys The recipe view can be operated with function keys, for example if the HMI device does not have touch functionality. You can assign functions such as "SaveDataRecord" to the function keys on the HMI device. WinCC Advanced V14 System Manual, 10/2016 5573 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Key shortcuts for the advanced recipe view The following key shortcuts are activated for the advanced recipe view in Runtime if "Activate keyboard operation" is enabled in the ES. Keys Effect Menu command Button <HELP> Calls up the configured tooltip for the se lected recipe. Tooltip <Ctrl+Space bar> Generates a new recipe data record. Any configured start value is displayed in the input field. Add data record <Ctrl+Enter> Saves the modified record with its current name. Save <Ctrl+*> Saves the modified record with a new name. Save as <Ctrl+Del> Deletes the recipe data record displayed. Delete data record <Ctrl+=> Compares the values of the selected data record with the values on the PLC. Synchronize recipe tags shortcut Any value in the recipe view which is more recent compared to the current recipe tag value is written to the recipe tag. <Ctrl+Down Arrow> Sends the current value to the PLC. Write to PLC <Ctrl+Up Ar row> Reads the current value from the PLC. Read from PLC Screen change If you change to another screen and have not yet saved changes to the recipe data in the recipe view, you will be prompted to save the recipe data. The recipe name and the name of the recipe data record are displayed to show which recipe data have not been saved yet. See also Description of the advanced recipe view (prior to V13) (Page 5568) Example of creating a recipe (Page 5607) Managing recipe data records (Basic Panels, Panels, RT Advanced) Administration of recipe data records You have the following options for managing recipe data records, according to the configuration: Creating new recipe data records Copy recipe data records 5574 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Edit recipe data records Delete recipe data records Creating new recipe data records To create a new recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to create a new recipe data record. 2. Click or press <Ctrl+Spacebar>. A new recipe data record with the next available number is created. If you change the new data record number to an existing data record number, the existing data record is overwritten. 3. Enter values for the elements of the data record. The elements of the recipe data record can be assigned default values depending on the configuration. 4. Click or press <Ctrl+*>. The dialog "Save as" opens. 5. Enter a name for the data record. 6. Click "OK" to confirm your input. The data record is saved under the new name. If the recipe data record already exists, a dialog is opened. In this dialog, specify whether the existing data record is to be overwritten. Copying a recipe data record To copy a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to copy an existing recipe data record. 2. Select the recipe data record that you want to copy on the HMI device. 3. Click in the recipe view or press <Ctrl+*>. The dialog "Save as" opens. 4. Enter a name for the data record. 5. Click "OK" to confirm your input. Modifying a recipe data record To change a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to edit an existing recipe data record. 2. Select the recipe data record that you want to edit on the HMI device. 3. Replace the old values with new ones. 4. Click WinCC Advanced V14 System Manual, 10/2016 in the recipe view or press <Ctrl+Enter>. 5575 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Deleting a recipe data record To delete a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to delete an existing recipe data record. 2. Select the recipe data record that you want to delete on the HMI device. 3. Click in the recipe view or press <Ctrl+Del>. See also Description of the advanced recipe view (prior to V13) (Page 5568) Example of creating a recipe (Page 5607) Synchronizing recipe data record (Basic Panels, Panels, RT Advanced) Introduction Differences between the following values may occur during runtime: The values displayed in the recipe view The actual values of the recipe tags Depending on the configuration, the values displayed in the recipe view are synchronized with the recipe tags. Synchronization encompasses all tags of a recipe data record. Note Changed tag name The tag and the value of the recipe data record cannot be associated if you have renamed the tag you want to synchronize. The tags in question are not synchronized. Note Recipe tags can only be synchronized in the advanced recipe view. Requirement A recipe data record is displayed in the recipe view. The values of recipe tags were modified by teaching, for example. Procedure To synchronize a recipe data record, proceed as follows: Click 5576 in the recipe view or press <Ctrl+=>. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The system always updates the current value of the recipe view with the up-to-date recipe tag value. When the value shown in the recipe view is more recent than the current recipe tag value, the system writes this value to the recipe tag. See also Description of the advanced recipe view (prior to V13) (Page 5568) Example of creating a recipe (Page 5607) Synchronization of recipe data records with the PLC (Page 5548) Reading recipe data records from the PLC (Basic Panels, Panels, RT Advanced) Introduction In runtime, you can change values directly in the plant that are also stored in recipes in the HMI device. This applies for example if a valve was opened right at the plant wider than specified in the recipe. The values of the recipe data records saved in the HMI device may then possibly no longer match the values in the PLC. You can read the values of the recipe tags from the PLC and write them to a recipe data record. The values read are written to the recipe data record that is currently displayed on the HMI device. Procedure Proceed as follows to read a recipe data record from the PLC: 1. Select the recipe on the HMI device. 2. On the HMI device, select the recipe data record whose values you want to read from the PLC. 3. Click in the recipe view or press <Ctrl+Up Arrow>. See also Description of the advanced recipe view (prior to V13) (Page 5568) Example of creating a recipe (Page 5607) Transferring a recipe data record to the PLC (Basic Panels, Panels, RT Advanced) Introduction For the values of a data record that was changed in the recipe view to take effect, you must transfer the values to the PLC. The values displayed in the recipe view are always transferred to the PLC. WinCC Advanced V14 System Manual, 10/2016 5577 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Procedure Proceed as follows to transfer a recipe data record to the PLC: 1. Select the recipe on the HMI device. 2. On the HMI device, select the recipe data record whose values you want to transfer to the PLC. 3. Click in the recipe view or press <Ctrl+Down Arrow>. See also Description of the advanced recipe view (prior to V13) (Page 5568) Example of creating a recipe (Page 5607) Synchronization of recipe data records with the PLC (Page 5548) Transferring recipe data records (Page 5542) 12.5.2.4 Advanced recipe view (as of V13) (Basic Panels, Panels, RT Advanced) Description of advanced recipe view (as of V13) (Basic Panels, Panels, RT Advanced) Introduction The advanced recipe view is a display and operating object that is used to manage recipe data records. The recipe view shows recipe data records in tabular form. The buttons, headers and information displayed in the columns can be set. The values displayed or entered in the recipe view are saved in recipe data records. The layout of the recipe views is dependent on the device and the device version. Application The recipe view is used to display, edit and manage data records. 5578 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Layout of the display The figure below shows an example of the advanced recipe view on an HMI device, device version V13 or later. Operation Depending on the configuration you can: Create, edit, copy or delete recipe data records Read recipe data records from or transfer to the PLC Synchronize recipe data records with the associated recipe tags Operator controls The following operating elements can be configured in the recipe view: Operator con Keyboard shortcut trols WinCC Advanced V14 System Manual, 10/2016 Function <HELP> The configured tooltip is displayed. <Ctrl+Spacebar> Creates a new recipe data record. If a start value is configured, it is shown in the input field. <Ctrl+Enter> Saves the displayed values of the recipe data record. The storage location is predefined by the project. <Ctrl+*> The recipe data record is saved under a different name regardless of the recipe view. A dialog box opens where you can enter the name. <Ctrl+Del> Deletes the recipe data record displayed. <Ctrl+Shift+T> The selected recipe data record is renamed. A dialog box opens where you can enter the name. 5579 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Operator con Keyboard shortcut trols <Ctrl+=> Function The system always updates the current value of the recipe view with the up-to-date recipe tag value. When the value shown in the recipe view is more recent than the current recipe tag value, the system writes this value to the recipe tag. "Synchronize recipe view and recipe tags" must be activated in the recipe properties before this function can be used. <Ctrl+Down Ar row> The values of the set recipe data record displayed in the recipe view are transferred to the PLC. <Ctrl+Up Arrow> The recipe values from the PLC are displayed in the recipe view. Updating and displaying values If values of the corresponding recipe data record are changed by a job mailbox, the recipe view is not updated automatically. The values are changed in the background. To update the recipe view, reselect the relevant recipe data record. See also Example of creating a recipe (Page 5607) Using the advanced recipe view (Page 5582) Managing recipe data records (Page 5584) Synchronizing recipe data record (Page 5586) Read recipe data record from PLC (Page 5587) Transferring recipe data records to the PLC (Page 5587) Recipe view basics (Page 5555) Configuration options of the advanced recipe view (V13 or higher) (Page 5580) Configuration options of the advanced recipe view (V13 or higher) (Basic Panels, Panels, RT Advanced) You can specify the behavior of the advanced recipe view in the Inspector window of the recipe view. Displaying a recipe To only allow access to the recipe data records of a specific recipe in a screen, follow these steps: 1. Enter the required recipe or select an existing recipe in the "Recipe" field under "Properties > General". 2. When a recipe is entered in the "Recipe" field, you will have to enable the "Selection list" if you want to display the recipe name in runtime. 5580 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The selected recipe appears in the recipe view. Writing a recipe number or name and recipe data record number or name to a tag Both the recipe and the recipe data record can each be configured to a tag in the recipe view. Depending on the "String" or "Int" data type of the tag, the name or number of the recipe or recipe data record is stored in the tag. Conversely, the tag can be used to select the recipe or recipe data record by entering the corresponding value. For example, the tag can be transferred as a parameter for a system function. Follow these steps: 1. Enter a tag of the "String" type in the field "Recipe tag", under "Properties > General > Recipe". 2. Enter a tag of the "Int" type in the field "Tag", under "Properties > General > Recipe data record". The name of the recipe and the number of the recipe data record are each stored in a tag. Using the recipe view as a drop-down list To use the recipe view as a selection field for recipes and recipe data records in a recipe screen, follow these steps: 1. Select the tag for the recipe name under "General > Recipe > Recipe tag". 2. Select the tag for the recipe data record name under "General > Recipe data record >Tag". 3. Disable the "Editing mode". You cannot create, rename, edit or delete recipe data. 4. In order to select recipes, enable "Display selection list" and make sure that no recipe is selected under "Properties > General > Recipe". 5. Deactivate all buttons under "Properties > Toolbar". WinCC Advanced V14 System Manual, 10/2016 5581 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Configuring an event on the recipe view To configure an event on the recipe view, follow these steps: 1. Select the recipe view that was added to the screen in the "Screens" editor. The properties of the recipe view are displayed in the Inspector window. 2. In the Inspector window, click the event you want to configure under "Properties > Events". 3. Configure a function list for the selected event. The function list is processed when the configured event occurs. See also Example of creating a recipe (Page 5607) Recipe view basics (Page 5555) Description of advanced recipe view (as of V13) (Page 5578) Configuration of recipes (Page 5545) Using the advanced recipe view (Basic Panels, Panels, RT Advanced) Introduction You can control the recipe view using both mouse or touchpad or with the keyboard. 5582 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Controlling the recipe view with mouse or touchpad To control the recipe view with mouse or touchpad, proceed as follows: 1. Select the recipe you want to use. The records for the recipe are displayed. 2. Click on the data record you wish to edit. 3. Click the button whose function you want to run. Controlling the recipe view with the keyboard To control the recipe view with the keyboard, proceed as follows: 1. Press the <Tab> key until the cursor reaches the field for selecting the recipe. 2. Press <Enter>. The drop-down list box for the recipes opens. 3. Select a recipe. You navigate between the next or previous entry in the list by using the cursor keys <Left>, <Right>, <Up> and <Down>. 4. Select a data record. 5. Press the <Tab> key until the operator control object you wish to use is selected. Alternatively you can control the recipe view using certain key combinations. Operating the recipe view with function keys The recipe view can be operated with function keys, for example if the HMI device does not have touch functionality. You can assign functions such as "SaveDataRecord" to the function keys on the HMI device. Key shortcuts for the advanced recipe view The following key shortcuts are activated for the advanced recipe view in Runtime if "Activate keyboard operation" is enabled in the ES. Keys Effect Menu command <HELP> Calls up the configured tooltip for the se lected recipe. Tooltip <Ctrl+Space bar> Generates a new recipe data record. Any configured start value is displayed in the input field. Add data record <Ctrl+Enter> Saves the modified record with its current name. Save <Ctrl+*> Saves the modified record with a new name. Save as <Ctrl+Del> Deletes the recipe data record displayed. Delete data record <Ctrl+Shift +T> Changes the name of selected data record. Rename data record Button shortcut WinCC Advanced V14 System Manual, 10/2016 5583 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Keys Effect Menu command Button Compares the values of the selected data record with the values on the PLC. Synchronizing recipe view and recipe tags shortcut <Ctrl+=> Any value in the recipe view which is more recent compared to the current recipe tag value is written to the recipe tag. This function is only available if enabled in the ES. <Ctrl+Down Arrow> Sends the current value to the PLC. Write to PLC <Ctrl+Up Ar row> Reads the current value from the PLC. Read from PLC Screen change If you change to another screen and have not yet saved changes to the recipe data in the recipe view, you will be prompted to save the recipe data. The recipe name and the name of the recipe data record are displayed to show which recipe data have not been saved yet. See also Description of advanced recipe view (as of V13) (Page 5578) Managing recipe data records (Basic Panels, Panels, RT Advanced) Administration of recipe data records You have the following options for managing recipe data records, according to the configuration: Creating new recipe data records Copy recipe data records Edit recipe data records Delete recipe data records Rename recipe data records Creating new recipe data records To create a new recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to create a new recipe data record. 2. Click or press <Ctrl+Spacebar>. A new recipe data record with the next available number is created. If you change the new data record number to an existing data record number, the existing data record is overwritten. 5584 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 3. Enter values for the elements of the data record. The elements of the recipe data record can be assigned default values depending on the configuration. 4. Enter a name for the data record. 5. Click on the button or press the keyboard shortcut <Ctrl+Enter>. Alternatively, click on the button to save the data record or press the keyboard shortcut <Ctrl+*>. The "Save as" dialog opens. Enter the name for the data record and confirm your entries with "OK". 6. The data record is saved under the new name. If the recipe data record already exists, a dialog is opened. In this dialog, specify whether the existing data record is to be overwritten. Copying a recipe data record To copy a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to copy an existing recipe data record. 2. Select the recipe data record that you want to copy on the HMI device. 3. Click in the recipe view or press <Ctrl+*>. The dialog "Save as" opens. 4. Enter a name for the data record. 5. Click "OK" to confirm your input. Modifying a recipe data record To change a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to edit an existing recipe data record. 2. Select the recipe data record that you want to edit on the HMI device. 3. Replace the old values with new ones. 4. Click in the recipe view or press <Ctrl+Enter>. Deleting a recipe data record To delete a recipe data record, proceed as follows: 1. Select the recipe on the HMI device in which you want to delete an existing recipe data record. 2. Select the recipe data record that you want to delete on the HMI device. 3. Click WinCC Advanced V14 System Manual, 10/2016 in the recipe view or press <Ctrl+Del>. 5585 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Renaming recipe data records Proceed as follows to rename a recipe data record: 1. Select the recipe on the HMI device in which you want to rename an existing recipe data record. 2. Select the recipe data record that you want to rename on the HMI device. 3. Click in the recipe view or press <Ctrl+Shift+T>. 4. Enter a new name in the dialog window. See also Description of advanced recipe view (as of V13) (Page 5578) Synchronizing recipe data record (Basic Panels, Panels, RT Advanced) Introduction Differences between the following values may occur during runtime: The values displayed in the recipe view The actual values of the recipe tags Depending on the configuration, the values displayed in the recipe view are synchronized with the recipe tags. Synchronization encompasses all tags of a recipe data record. Note Changed tag name The tag and the value of the recipe data record cannot be associated if you have renamed the tag you want to synchronize. The tags in question are not synchronized. Note Recipe tags can only be synchronized in the advanced recipe view. Requirement A recipe data record is displayed in the recipe view. The values of recipe tags were modified by teaching, for example. Procedure To synchronize a recipe data record, proceed as follows: Click 5586 in the recipe view or press <Ctrl+=>. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) The system always updates the current value of the recipe view with the up-to-date recipe tag value. When the value shown in the recipe view is more recent than the current recipe tag value, the system writes this value to the recipe tag. See also Description of advanced recipe view (as of V13) (Page 5578) Synchronization of recipe data records with the PLC (Page 5548) Read recipe data record from PLC (Basic Panels, Panels, RT Advanced) Introduction In runtime, you can change values directly in the plant that are also stored in recipes in the HMI device. This applies for example if a valve was opened right at the plant wider than specified in the recipe. The values of the recipe data records saved in the HMI device may then possibly no longer match the values in the PLC. You can read the values of the recipe tags from the PLC and write them to a recipe data record. The values read are written to the recipe data record that is currently displayed on the HMI device. Procedure Proceed as follows to read a recipe data record from the PLC: 1. Select the recipe on the HMI device. 2. On the HMI device, select the recipe data record whose values you want to read from the PLC. 3. Click in the recipe view or press <Ctrl+Up Arrow>. See also Description of advanced recipe view (as of V13) (Page 5578) Transferring recipe data records to the PLC (Basic Panels, Panels, RT Advanced) Introduction For the values of a data record that was changed in the recipe view to take effect, you must transfer the values to the PLC. The values displayed in the recipe view are always transferred to the PLC. WinCC Advanced V14 System Manual, 10/2016 5587 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Procedure Proceed as follows to transfer a recipe data record to the PLC: 1. Select the recipe on the HMI device. 2. On the HMI device, select the recipe data record whose values you want to transfer to the PLC. 3. Click in the recipe view or press <Ctrl+Down Arrow>. See also Description of advanced recipe view (as of V13) (Page 5578) Synchronization of recipe data records with the PLC (Page 5548) Transferring recipe data records (Page 5542) 12.5.2.5 Exporting and importing recipe data (Basic Panels, Panels, RT Advanced) Exporting and importing recipe data records (Panels, RT Advanced) Introduction You can either export recipe data records to a CSV file for editing in MS Excel, for example, or import them from a CSV file. Recipe export and import depends on the configuration of the device and the device version. List separators A list separator is used to separate the data records during importing and exporting. The list separator used as the default depends on the setting for formats and numbers in the operating system. Select "Start > Settings > Control Panel > Regional and Language Options". If you want to import or export recipe data records, do not use this list separator in the display name of the recipe data records. The following operating elements can, for example, be configured for using the export/import function: Selection field for the recipe Selection field for the recipe data record Operating element with the "ExportDataRecords" functionality Operating element with the "ImportDataRecords" functionality 5588 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Exporting a recipe data record Proceed as follows to export a recipe data record to a CSV file: 1. Select the relevant recipe and recipe data record from the selection boxes. 2. Click the control element with the "ExportDataRecords" functionality. Importing recipe data records To import a recipe data record, proceed as follows: 1. Select the relevant recipe and recipe data record from the selection boxes. 2. Click the control element with the "ImportDataRecords" functionality. Display after import of recipes If you open the recipe view during the import of recipe data, only the recipe data that is already completely imported will be displayed. The recipe view is not automatically updated following a data import. In order to have a complete view of all the recipe data, do not open the recipe view until the system reports that the recipe data has been imported successfully. Alternatively, you can update the recipe view after successful completion of the import process. Restrictions on import/export It is not possible to export or import the recipes for the following HMI devices: Basic Panels OP 77A OP 177A TP 177A (Portrait) Note Exporting and importing with ProSave to CSV format Individual recipe data records cannot be exported or imported to CSV format with ProSave. Only complete recipe data can be exported and imported to CSV format with ProSave and transferred to the HMI device. Runtime is paused while this is done. See also Response of the recipe view in Runtime (Page 5590) WinCC Advanced V14 System Manual, 10/2016 5589 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Reactions to modifications of the recipe structure (Basic Panels, Panels, RT Advanced) Introduction Different recipe structures can occur in the following situations: In the event of changes during commissioning When work is carried out on the machine by the machine manufacturer (retrofit) When CSV files are imported, the structure of the CSV file can differ from the recipe structure. Nevertheless, you can still use any recipe data records already created. NOTICE When a tag is renamed, the assignment is lost. Effects Handle any structural differences as follows: If the old recipe data record or the CSV file contains additional values, these values will be discarded. If the old recipe data record or the CSV file contains values of the wrong data type, the configured default value will be used in the recipe data record. Example: The recipe data record contains values that show the tank contents and were input as floating point numbers. However, the corresponding recipe tag expects an integer value. In this case, the system discards the transferred value and the configured default value is used. If the old recipe data record or the CSV file contains too few values, the configured default value will also be used in the recipe data record. See also Description of the advanced recipe view (prior to V13) (Page 5568) Description of advanced recipe view (as of V13) (Page 5578) Recipe view basics (Page 5555) Response of the recipe view in Runtime (Basic Panels, Panels, RT Advanced) Screen change If you change to another screen and have not yet saved changes to the recipe data in the recipe view, you will be prompted to save the recipe data. The recipe name and the name of the recipe data record are displayed to show which recipe data have not been saved yet. 5590 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Create, change, copy or delete recipe data records If you attempt to create a new recipe data record and a recipe data record already exists, a system alarm will appear on screen. Operating the recipe view with function keys The Recipe view can be operated with function keys, e.g. if the HMI device does not have touch functionality. You can assign functions such as "SaveDataRecord" to the function keys on the HMI device. Display after import of recipe data Note Availability Import and export of recipe data is not available for Basic Panels and OP77A, TP177A (Portrait). If you open the recipe view during the import of recipe data, only the recipe data that is already completely imported will be displayed. The recipe view is not automatically updated with a data import. In order to have a complete view of all the recipe data, do not open the recipe view until the system prompts you that the recipe data has been imported successfully. Alternatively, update the recipe view after successful completion of the import procedure. Updating tag for recipes and recipe data records Note Availability Tags for recipes and recipe data records are not available for Basic Panels and OP77A, TP177A (Portrait). The current recipe data record or its number can be saved to a tag, depending on the configuration. The tag will be updated under the following conditions: The recipe data record has been loaded. The screen with the recipe view was not exited during loading. This operation may take some time. See also Exporting and importing recipe data records (Page 5588) Description of the advanced recipe view (prior to V13) (Page 5568) Description of advanced recipe view (as of V13) (Page 5578) Recipe view basics (Page 5555) WinCC Advanced V14 System Manual, 10/2016 5591 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.3 Configuring Recipes (Basic Panels, Panels, RT Advanced) 12.5.3.1 Creating and Editing Recipes (Basic Panels, Panels, RT Advanced) General configuration procedure (Basic Panels, Panels, RT Advanced) Carry out the following configuration steps when you create a new recipe: Step Description 1 Define the structure of the recipe. 2 Create tags according to the recipe structure. Assign process names to these tags. 3 Create the recipe. 4 Enter the required properties for the recipe: Language-dependent view name of the recipe "Coordinated transfer of data records" option Not for Basic Panels: Recipe storage location "Synchronize recipe view and recipe tags" option "Manual transfer of individual modified values (teach-in mode)" option 5 Create the recipe elements and enter the required properties: Language-dependent view name of the recipe elements Tag binding of the recipe elements Standard values and decimal places (power of ten) for the recipe elements 6 Create the recipe data records. Enter the language-specific display names for the recipe data records. 7 Configure a screen with recipe view or a recipe screen. Note Basic Panels and OP77A, TP177A (Portrait) The selection of the storage location is not available for these devices. The recipes are always saved in the internal Flash memory. Recipe tags cannot be used outside a recipe, e.g. not in I/O fields, not in alarms as trigger tags, not in systems functions as parameters, etc. Note Restrictions recipe view and recipe image Only the simple recipe view is available in Basic Panels and OP77A, TP177A. Recipe images are not available in Basic Panels and OP73, OP77A, TP177A (Portrait). 5592 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Creating a new recipe (Basic Panels, Panels, RT Advanced) Introduction To create a complete recipe, start by creating a new recipe, assign the corresponding recipe elements and then define the associated values in a recipe data record. Note Character strings that can be imported Recipe data that contains semicolons or commas cannot be imported. Only ever used character strings without semicolons or commas for recipes and recipe data records. Requirement The tags for the recipe have been created. The "Recipes" editor is open. Creating a recipe Proceed as follows to create a recipe: 1. Click "Add" in the first free row of the table in the "Recipes" editor. The new recipe is created and displayed on a line. 2. Enter a descriptive name for the recipe under "Name" in the "General" area. This name identifies the recipe unambiguously within the project. 3. Select "Display name" to enter the language-specific name to be displayed in runtime. 4. Select a recipe number in "Number". The number identifies the recipe unambiguously within the HMI device. The recipe is automatically assigned a version that indicates the date and time of the last change. As an alternative, you can enter specific information relating to the recipe. WinCC Advanced V14 System Manual, 10/2016 5593 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 5. Specify the storage location for recipe data records in "Data medium". The options offered depend on the specific HMI device used. Note Basic Panels and OP77A, TP177A (Portrait) The selection of the storage location is not available for these devices. The recipes are always saved in the internal Flash memory. Recipe tags cannot be used outside a recipe, e.g. not in I/O fields, not in alarms as trigger tags, not in systems functions as parameters, etc. 6. Enter a tooltip that is shown to the operator in runtime. 7. To compare recipe tags which are configured in I/O fields with the recipe view in Runtime, activate "Synchronize recipe view and recipe tags" in the Inspector window under "Properties > Synchronization". Note Basic Panels and OP77A, TP177A (Portrait) Because the recipe tags cannot be additionally used in I/O fields in screens for Basic Panels, the "Synchronize recipe view and recipe tags" is not available; you will also not be able to use the "Manual transfer of individual modified values (teach-in mode)" option. 8. Deactivate "Manual transfer of individual modified values (teach-in mode)" to specify that the recipe tags are automatically transferred to the PLC when editing the I/O fields. 9. Activate "Coordinated transfer of data records" to monitor the transfer of recipe data in Runtime using area pointers. 10.Select the appropriate connection to the PLC for coordinated transfer under "Synchronize with". Create recipe element To create recipe elements, proceed as follows: 1. Click the "Elements" tab. 2. Click "Add" in the first free line of the table editor. A new recipe element is created. 3. Enter a descriptive name for the element under "Name". The name identifies the element uniquely within the recipe. 5594 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 4. Enter a language-specific display name for the element under "Display name". The display name appears in the recipe view, for example, in runtime. 5. Select the tag you want to link to the recipe element under "Tag". The value of the recipe data element is saved in Runtime in this tag, which is stored in a recipe data record. 6. Enter a tooltip. The tooltip is shown to the operator in Runtime. 7. Under "Default value", enter the value that you want to use as the default entry when you create a new recipe data record. 8. To assign text to a value or range of values, select the relevant text list here. The assigned recipe tag must have the data type of a number. The tag value must be within the range of values of the text list. The text stored in the text list is displayed in an output field, for example, in Runtime. 9. Determine exactly how many places a decimal number is rounded to in the "Decimal places" column, e.g. 3 decimal places and vice versa by what power of ten an integer value is multiplied, e.g. 1,000. Examples for 3 decimal places: Entering "5" for a recipe element with the "Integer" data type gives the value "5000". Entering "5.6789" for a recipe element with the "Real" data type gives the value "5.679". 10.Create as many recipe entries as needed for the recipe. The maximum number of recipe entries possible depends on the HMI device being used. WinCC Advanced V14 System Manual, 10/2016 5595 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Create recipe data record with known recipe values To create recipe elements, proceed as follows: 1. Click the "Data records" tab. 2. Click "Add" in the first free line of the table editor. A new recipe data record is created. The recipe data record has a separate column for every recipe element created in the recipe. 3. Enter a descriptive name under "Name". The name identifies the data record uniquely within the recipe. 4. Enter a language-specific name under "Display name". The display name appears in the recipe view, for example, in runtime. 5. Enter a recipe data record number under "Number". The recipe data record number identifies the recipe data record uniquely within the recipe. 6. If you already know the recipe values at the configuration stage, you can enter the relevant value for each recipe element. 7. Create as many data records as you need for the recipe. 5596 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Enter the values in runtime The following options are available for entering values in the recipe data records at runtime: Transfer data directly from the PLC (Teach-in mode) Import of values from a CSV file Input values on the HMI device Note Basic Panels and OP77A, TP177A (Portrait) The import of values is not available for these devices. Result The complete recipe is configured. Recipe data records with date or time stamp If you use date or time data, make sure that the system setting for time and date on the configuring computer match those on the target system. Example: You load a recipe data record on the target system at 13:55 in which 14 h is stored as the processing time. If it is already 14:05 on the target computer, the recipe will not be processed. If an operator processes the recipe, change information will not written back correctly into the database. After loading to the target system, check the recipes with date or time stamps on the target system. Editing a recipe (Basic Panels, Panels, RT Advanced) Purpose You want to modify, extend or delete parts of a recipe. Requirement You have created at least one recipe. The "Recipes" editor is open. Changing recipe settings To change the recipe settings, proceed as follows: 1. Select the recipe that you want to change in the "Recipes" editor. The Inspector window opens. 2. Change the recipe configuration in the Inspector window. You change recipe elements and recipe data records in the same way. WinCC Advanced V14 System Manual, 10/2016 5597 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Change recipe values To change recipe values, proceed as follows: 1. Select the recipe whose values you want to change. 2. Click the "Data records" tab. 3. Enter the new values in the value columns. Adding a recipe element To add more recipe elements to a recipe, proceed as follows: 1. Select the recipe to which you want to add more elements in the "Recipes" editor. 2. Click the "Elements" tab. 3. Click "Add" in the first free line. The recipe element is created. 4. Configure the recipe element. You add recipe data records in the same way. Managing recipes (Basic Panels, Panels, RT Advanced) Requirement You have created a recipe with recipe elements and recipe data record. The "Recipes" editor is open. Renaming recipes We distinguish between internal names and display names for recipes, recipe entries and recipe data records. To rename recipe elements, proceed as follows: 1. Select the recipe that you want to rename. The Inspector window opens. 2. Select the "Rename" command from the shortcut menu. 3. Enter the new name. You rename recipe elements and recipe data records on the relevant tab in the same way. Note The view names in the "Recipes" editor can also be renamed under "Languages & Resources > Project Texts". This possibility is useful when you have already configured in several languages for example. 5598 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Copying and pasting recipes To copy and paste recipes, proceed as follows: 1. Select the recipe that you want to copy. 2. Select the "Copy" command from the shortcut menu. 3. Select the "Paste" command from the shortcut menu in the first free table row. The copied recipe is pasted into the table. The recipe elements and recipe data records are also copied in the appropriate tab with the recipe. You also copy the recipe elements and recipe data records on the appropriate tab in the same way. If a recipe data record of the same name already exists, the name of the copied recipe data record is extended by one digit. This ensures that the name is unique. Recipe data records can only be copied or pasted within the same recipe. Deleting a recipe To delete a recipe, proceed as follows: 1. Select the recipe that you want to delete. 2. Select the "Delete" command from the shortcut menu. The recipe is deleted. You delete recipe elements and recipe data records on the relevant tab in the same way. Note When a recipe is deleted, the recipe data records contained in the recipe are also deleted. Note When you delete a recipe element, the associated values in the recipe data records are also deleted. The assigned tags are retained. Importing recipes into the configuration and exporting them (Basic Panels, Panels, RT Advanced) Introduction You can export recipes as a CSV file and import them again into the configuration. Application case Recipe data is exported for long-term storage and backup on a computer. In order to unify and distribute recipe data, export the recipe data to an HMI device. Change the CSV file in Microsoft Excel and import the CSV file to all HMI devices that require the same recipe data. WinCC Advanced V14 System Manual, 10/2016 5599 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) You want to exchange recipe data between different projects. You change the recipe data in Runtime. To transfer the modified recipe data to WinCC ES, export the recipe data records in Runtime and copy the CSV file to the configuring computer. There you import the CSV file containing the recipe data records into the recipe. And in the opposite direction, you transfer the modified recipe data records to the HMI device in WinCC ES in Runtime. Requirement You have created the recipe. The structures of the exported CSV file and the recipe in WinCC ES match; name, number and data type of the recipe elements are identical. The "Recipes" editor is open. Any semicolons or commas in the import file are used as separators only. Importing CSV files To import recipe data records into a recipe, proceed as follows: 1. Select the row which contains the desired recipe in the "Recipes" tab. 2. Select the "Import recipe data" command from the shortcut menu. The "Import" dialog box opens. 3. To select the desired CSV file, go to "File name". 4. Under "Strategy", specify whether a recipe data record with the same recipe number in WinCC ES should be overwritten. 5600 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 5. Specify the list separator and decimal separator under "Data separation". The list separator separates individual recipe elements in the CSV file. The decimal separator separates integers and decimal places. Note Use the same list separator for import as in the CSV file for export. 6. Click "Import" to start the operation. Result The recipe will be amended by recipe data records from the CSV file that have not yet been entered. If the option is selected, existing recipe data records will be overwritten. An error message is shown in the "Info" of the Inspector window if the structure of the recipe does not match the structure of the CSV file. Exporting CSV files 1. Select the row which contains the recipe to export in the "Recipes" tab. 2. Select the "Export recipe data" command from the shortcut menu. The "Export" dialog box opens. 3. Under "File name", specify the path of the CSV file. 4. Select all recipe data records under "Selection content", or restrict the selection to specific record numbers of the recipe data. WinCC Advanced V14 System Manual, 10/2016 5601 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 5. Specify the list separator and decimal separator under "Data separation". The list separator separates individual recipe elements in the CSV file. The decimal separator separates integers and decimal places. 6. Click "Export" to start the operation. Result The configuration is exported as a CSV file. 12.5.3.2 Configuring the display of recipes (Basic Panels, Panels, RT Advanced) Configuring the simple recipe view (Basic Panels, Panels, RT Advanced) Requirement The recipe has been created. The "Screens" editor is open. The screen has been created and opened. NOTICE Data loss with several recipe views in the screen Applies only to Basic Panels, OP73, OP77A, TP177A and TP177A (Portrait): If two or more recipe views show the same recipe in a screen, you have a conflict when accessing the data. The result is data loss and unpredictable status of recipe data. Make sure the operators do not select and edit the same recipe in different recipe views. Display only one recipe in a recipe view. Display a different recipe in each recipe view. Procedure To configure a simple recipe view, proceed as follows: 1. Paste the recipe view into the screen. You will find the recipe view under "Controls" in the "Tools" task card. 2. Only in devices which also support the extended recipe view: Activate "Simple view" under "Properties > Display > Mode". 5602 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 3. If you want to display only the recipe data records of a specific recipe in the recipe view, select the specific recipe under "Properties > General > Recipe". 4. If you only want to display the recipe data in the recipe view, deactivate "Processing mode" in the "Recipe data record" area. 5. You can define additional options for the recipe view under "Properties > Appearance" and "Properties > Layout". 6. Under "Properties" > Toolbar" specify which menu commands are available in the recipe view in Runtime. WinCC Advanced V14 System Manual, 10/2016 5603 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Result The simple recipe view is configured. You can use the recipe view to display and edit recipe data during runtime. Deactivation of the editing mode in "Properties > Properties > General" has no impact on the toolbar icons. The buttons activated under "Properties > Toolbar" can still be used even if editing mode is disabled. Configuring the Advanced Recipe View (Panels, RT Advanced) Requirement The recipe has been created. The "Screens" editor is open. The screen has been created and opened. Procedure To configure an advanced recipe view, proceed as follows: 1. Paste the recipe view into the screen. The recipe view is found in the task card "Tools" > "Controls". 2. Select "Properties > Display > Mode > Advanced view" in the Inspector window. 5604 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 3. Select the required settings from the "General" group in the Inspector window. - If you want to display only the recipe data records for a particular recipe in the recipe view, select the recipe under "Recipe" in the "Recipes" area. - If you want to save the recipe name or the recipe number in a tag, select the tag under "Recipe tag" in the "Recipe" area. - If you want to save the recipe data record name or number in a tag, select the tag under "Tag" in the "Recipe data record" area. - If you only want to display the recipe data in the recipe view, deselect "Edit mode". - If you only want to use the recipe view to select recipes, disable "Display table" under "Properties > Table". 4. You can define additional options for the recipe view under "Properties > Appearance" and "Properties > Layout". 5. If you want to change the label in the recipe view, enter a suitable text under "Properties" > "Label". 6. Under "Properties" > Toolbar" specify which buttons are available in the recipe view in Runtime. Note If you select the "Edit" command in the context menu of the recipe view, the recipe view becomes active. To activate the recipe view, the zoom factor must be set to 100%. You can set the column width and the position of the "Entry name" and "Value" columns in active mode. WinCC Advanced V14 System Manual, 10/2016 5605 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Result The recipe view is configured. You can use the recipe view to display and edit recipe data during runtime. Deactivation of the editing mode in "Properties > Properties > General" has no impact on the toolbar icons. The buttons you activated in "Properties > Toolbar" can still be used even if editing mode is disabled. Configuring a recipe screen (Panels, RT Advanced) Introduction The recipe screen is a screen in which you configure a customized screen form in the "Screens" editor. You create the screen form from input/output fields and other display and operator control objects. System functions are used to configure the recipe functionality, such as saving recipe data records. Note Availability Recipe screens cannot be created for basic panels and OP73, OP77A and TP177A (Portrait). Application You can spread recipe data records containing lots of entries across several screens. For example, for each plant you can configure a screen containing the associated screen forms for the recipe data records. You can visually simulate your machine in a screen using graphical screen objects. This enables you to display parameter settings more clearly by positioning I/O fields immediately next to machine elements, such as axes or guide rails. You can use this to produce a direct reference between the values and the machine. Requirement You have created the recipe. The "Screens" editor is open. Procedure To configure a recipe screen, proceed as follows: 1. Configure the screen and create the I/O fields for the input mask of the recipe. You can create multiple screens to suit the size and complexity of the recipe. 2. Configure the I/O fields with the tags you have linked to the recipe element. 3. Configure I/O fields for selecting recipes and recipe data records. 5606 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Alternatively: 1. Configure a recipe view as a selection list for recipe data records and recipes. 2. Hide the buttons that are not required in the recipe view. 3. Configure the system functions for editing recipe data records on the configured control elements. Control elements are configured buttons in the screen or function keys on the HMI device. You will find the system functions for editing recipe data records under "Recipes" and "Keyboard operation for screen objects". Result The recipe screen is created. 12.5.4 Examples (Basic Panels, Panels, RT Advanced) 12.5.4.1 Example of creating a recipe (Basic Panels, Panels, RT Advanced) Task In this example, you create three recipes for a fruit juice mixing machine. The fruit juice mixing machine produces drinks with "orange", "apple" and "tropical" flavors. You create a recipe for each flavor. Each recipe contains a recipe data record for the following mixing ratios: Beverage Nectar Juice Settings The settings relate to an HMI device which is connected to a SIMATIC S7-300 or SIMATIC S7-400. In this example, you will need the following tags, recipes, recipe entries and recipe data records: Tags: WinCC Advanced V14 System Manual, 10/2016 Name PLC connection Address Type Liter water Yes DB 120, DBW 0 Integer Liter concentrate Yes DB 120, DBW 4 Integer Kilo sugar Yes DB 120, DBW 8 Integer Gram flavoring Yes DB 120, DBW 12 Integer 5607 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Recipes: Orange Apple Tropical Recipe entries: Recipe element Associated tag Liter water Liter water Liter concentrate Liter concentrate Kilo sugar Kilo sugar Gram flavoring Gram flavoring Recipe data records for drink, nectar and juice: Data record name Liter water Liter concentrate Kilo sugar Gram flavoring Beverage 30 70 45 600 Nectar 50 50 10 300 Juice 5 95 3 100 Procedure To create a recipe, proceed as follows: 1. Create the following tags with the settings specified above: "LiterWater", "LiterConcentrate", "KiloSugar" and "GramFlavoring". 2. Create the "Orange", "Apple" and "Tropical" recipes with the settings indicated above. Create the recipe entries in each recipe. 5608 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 3. Not for Basic Panels: Configure each recipe so that you can synchronize the recipe data records between the recipe screen and recipe view. The values of the recipe tags should not be transferred automatically to the PLC. You will have to make the following settings in the Properties dialog for the recipe concerned: Under "Properties > Options": - Activate the "Synchronize recipe view and recipe tags" option. - Activate the "Manual transfer of individual modified values (teach-in mode)" option. 4. Create the data records indicated above in each recipe. Enter the values indicated above in each of the data records. Result The "Orange", "Apple" and "Tropical" recipes have been created. See also Configuration options of the advanced recipe view (V13 or higher) (Page 5580) 12.5.4.2 Example of configuring a recipe screen (Panels, RT Advanced) Task In this example, you create a recipe screen for the visualization of values of the fruit juice mixing machine. You use a recipe view to select the recipes and their associated recipe data records. You should be able to use the following functions with the buttons: "Load" Button The selected recipe data record is loaded from the recipe memory on the HMI device and displayed in the recipe screen. "Save" Button The displayed recipe tags are saved in the recipe memory of the HMI device. WinCC Advanced V14 System Manual, 10/2016 5609 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) "Data to PLC" button The displayed tags are transferred to the PLC. "Data from PLC" button The current recipe data record in the PLC is transferred to the recipe variables and displayed on the HMI device. Requirement The "Creating a recipe" sample application has been carried out. You have created and opened the "Fruit juice mixing plant" screen. Settings In this example, you need the following tags and buttons with the indicated settings: Tags: Name PLC connection Type RecipeNumber No Integer Data record number No Integer Labeling Configured event System function Load Click LoadDataRecord Save Click SaveDataRecord Data to PLC Click SetDataRecordTagsToPLC Data from PLC Click GetDataRecordTagsFromPLC Buttons: 5610 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Procedure To configure a recipe screen, proceed as follows: 1. Drag-and-drop the "Liter water", "Liter concentrate", "Kilo sugar" and "Gram flavoring" tags from the object view to the "Fruit juice mixing machine" process screen. Four IO fields are created and linked by the specified tags. 2. Add a recipe view containing selection fields for the recipe name and data record name only. Make the following settings in the Inspector window for the recipe view: - Select the "Advanced view" display type under "General". - Deselect "Edit mode" under "Properties > General" and "Display table" under "Properties > Table". - Connect the "Recipe tag" field to the "RecipeNumber" tag. - Connect the "Tag" field to the "DataRecordNumber" tag. - Disable all the buttons under "Properties > Buttons". 3. Assign the above settings to four buttons. Transfer each "Recipe number" and "Data record number" tag as a parameter for the recipe number and recipe data record number. Result You can select the recipe and the associated recipe data record from the recipe view and modify the recipe values at runtime. You can load, save and transfer the recipe data records using the buttons. 12.5.4.3 Scenario for Entering Recipe Data Records in Runtime (Panels, RT Advanced) Objective You want to enter production data on the HMI device without disturbing the process that is currently underway. Therefore, the production data should not be transferred to the PLC. Requirement The recipe has been created. The recipe has the following settings: - "Synchronizing recipe view and recipe tags" is activated or deactivated. - If "Synchronize recipe view and recipe tags" is activated, "Manual transfer of individual modified values (teach-in mode)" has to be activated. This will prevent the recipe tags being transferred automatically between the HMI device and PLC. A recipe screen or a screen with recipe view is available. There is an operating element for saving the recipe data records. WinCC Advanced V14 System Manual, 10/2016 5611 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Sequence +0,GHYLFH 5HFLSHPHPRU\ 5HFLSHYLHZ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 6\QFKURQL]LQJ 5HFLSHWDJ 5HFLSH VFUHHQ 7HDFKLQPRGH 3/& 1. Enter the production data in the recipe view or recipe screen. 2. Save the modified recipe data record. Transfer the recipe data to the PLC The configuration may provide operating elements for transferring recipe data to the PLC. 12.5.4.4 Scenario for a manual production sequence (Panels, RT Advanced) Objective A reading device connected to the PLC reads a bar code on the work piece to be processed. The recipe data record names correspond to the respective bar code names. This will enable the PLC to load the necessary recipe data record from the storage medium of the HMI device. The recipe data record is displayed for inspection on screen. You want to be able to correct the transferred production data online, if necessary. 5612 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) Requirement You have created the recipe. The recipe has the following settings: - "Synchronizing recipe view and recipe tags" is activated. - "Manual transfer of individual modified values (teach-in mode)" is deactivated. Note The changes are immediately transferred to the PLC There is a recipe screen available. There may also be an operating element for saving the recipe data records in the recipe screen. Sequence +0,GHYLFH 5HFLSH VFUHHQ 6\QFKURQL]LQJ 5HFLSHPHPRU\ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ 5HFLSHWDJ 7HDFKLQPRGH 3/& Behavior when the recipe view is used If the recipe view is used, it is not possible to transfer changes immediately. You must use the operating element to transfer the recipe data record to the PLC. WinCC Advanced V14 System Manual, 10/2016 5613 Visualizing processes 12.5 Working with recipes (Basic Panels, Panels, RT Advanced) 12.5.4.5 Scenario for an Automatic Production Sequence (Panels, RT Advanced) Objective You want production to be executed automatically. The production data is to be transferred directly to the PLC, either from the recipe memory in the HMI device or from an external storage medium. The screen display is not necessary. Requirement You have created the recipe. The recipe has the following settings: - "Coordinated transfer of data records" is activated. The production data is transferred to the PLC, so a coordinated transfer with the PLC in necessary to prevent the data from being accidentally overwritten. Sequence +0,GHYLFH 5HFLSHPHPRU\ 5HFLSH 5HFLSH 5HFLSH 5HFLSHQ &RRUGLQDWHGWUDQVIHU 3/& ([WHUQDOVWRUDJH PHGLXP Implementation You can control the flow of data in the following ways: The control program controls the automatic transfer via control jobs or via WinCC system functions, if necessary. The sequence is controlled via the status information in the mailbox and via return values from the functions used. One or more scripts control the automatic transfer via WinCC system functions. The sequence can be checked using the values returned by the functions used. 5614 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) You can implement the automatic production sequence with available system functions: "ImportDataRecords" This function loads data records from a *.CSV file into the recipe memory of the HMI device. "SetDataRecordToPLC" This function transfers a data record from the HMI device's recipe memory to the PLC. 12.6 Working with reports (Panels, RT Advanced) 12.6.1 Basics (Panels, RT Advanced) 12.6.1.1 Reports (Panels, RT Advanced) Introduction Reports are used to record process data and processed production cycles. You have the opportunity, for example, to create regular shift reports, output batch data, or record the production process for quality control (QC). Creating reports A report is created and edited in the "Reports" editor. In this editor, you configure the following report items: Formal appearance Specify the formal layout of the report in the Inspector window. In this window, for example, you specify the page format, page margins, title page, back page, headers, or footers for the report. Contents In the work area, specify the content of the report, for example, the alarms of a shift. To this purpose you insert the corresponding objects into the report. The modular structure lets you configure reports that suit all of your applications. Note The "Reports" editor is not available at HMI devices that do not support reporting. Report output In runtime, the configured reports are printed on the default printer of the HMI device. Reports are output to the printer in graphic mode. The use of a serial printer is not recommended because of the accumulated data volume. WinCC Advanced V14 System Manual, 10/2016 5615 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) In runtime, report output is event or time-controlled. Time-controlled: Automatic print at specific dates, times or intervals. Event-driven: Printing is initiated by specific events, e.g. click on a button, or when a limit is exceeded. For proper output, the printer must support the paper format and page layout of the report. Note The value of a tag in the report is read and output at the moment of printing. A substantial period of time may elapse between printing out the first and the last page of a report consisting of several pages. This may lead to the same tag being output with a different value on the last page than on the first page. See also Principles for preparation of reports (Page 5618) Printing reports (Page 5623) Structure of reports (Page 5616) Inserting an object (Page 5624) Printing reports (Page 5638) Audit report (Page 5639) 12.6.1.2 Structure of reports (Panels, RT Advanced) Introduction A report in WinCC consists of several sections that can be enabled or disabled, as required. 5616 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Sections of a report The following figure shows an example of the different sections of a report in the "Reports" editor. WinCC Advanced V14 System Manual, 10/2016 5617 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Title page and back page The title page contains important information about the report content. The back page is used, for example, as Impressum, on which you provide contact information of shift managers or service technicians. The title page and back page are output separately on a single page. Each of them consist of exactly one page and page breaks are not used. Detail page Configure the output of runtime data such as recipe or alarm reports on the detail pages of the report. Use the shortcut menu on the detail page to insert additional detail pages or change their order. Header and footer The header and footer are output on each detail page of the report. You typically insert the page numbers or the date in the header or footer. See also Reports (Page 5615) Principles for preparation of reports (Page 5618) 12.6.2 Working with reports (Panels, RT Advanced) 12.6.2.1 Creating and printing reports (Panels, RT Advanced) Principles for preparation of reports (Panels, RT Advanced) Introduction A report in WinCC consists of several sections that can be enabled or disabled, as required. Title page Back page Detail pages Headers and footers for the detail pages 5618 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Procedure The following figure shows the general procedure for creating a report: &UHDWHUHSRUW $VVLJQQDPH 7LWOHSDJH 2SWLRQDO 2SWLRQDO +HDGHU)RRWHU &RQILJXUHUHDU SDJH ,QVHUWDGGLWLRQDO GHWDLOSDJHV ,QVHUWUHSRUW REMHFWRQGHWDLO SDJH Q[GHWDLO SDJHV &RQILJXUHUHSRUW REMHFW &RQILJXUH3ULQW UHSRUWV\VWHP IXQFWLRQ 1) Settings depend on the report object used. Tools for the design of reports The tools that you can use to design reports are available in the "Tools" task card. For graphic design insert "basic objects", "elements" and "graphics" in the different sections of the report. For example, for a Logo in the header, separation lines and a page number in the footer. Using the "Controls" in the detail pages, configure the output of runtime data. Note The "Screens" editor provides many objects for designing a report - however, with restricted functionality. Data input properties are not available. The I/O fields in the reports, for example, serve only to output data. WinCC Advanced V14 System Manual, 10/2016 5619 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Position and size of objects Insert the objects at the position where you want them to be output in the report. The objects are output in their configured size and with the following special features: On the detail pages, configure "recipe reports" or "alarm reports" that serve to output runtime data in tabular format. The width of the table is set up automatically to fit the width of the detail page. You cannot modify the width. WinCC automatically wraps the height of the table to fit the data content for output in the report. The table can be continued on the next page. In the detail page, WinCC automatically extends tables of dynamic length to the bottom margin. The following figure shows an example of a detail page in the report and its output in Runtime: Detail page in the report Report output in Runtime Additional detail pages Use the shortcut menu on the detail page to insert additional detail pages or change their order. See also Objects in reports (Page 5638) Structure of reports (Page 5616) Administration of detail pages (Page 5622) Create a report (Panels, RT Advanced) Requirement A project with an HMI device is open. 5620 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Procedure To create a report, proceed as follows: 1. Double-click "Add new report" under "Reports" in the project navigation. A new blank report is displayed in the "Reports" editor. 2. Select the "Report properties" command in the shortcut menu of the report. 3. In the "Properties > Properties > General" area of the Inspector window, specify whether you want to configure the "Title page", "Back page", "Header" and "Footer" in the report. The report sections are updated accordingly. 4. Configure the format, the page layout, and the page margins of the report under "Properties > Properties > Layout." 5. Enter a meaningful report name under "Properties > Properties > Miscellaneous." WinCC Advanced V14 System Manual, 10/2016 5621 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 6. Design the report sections as required. Drag and drop the necessary basic objects, elements, graphic images and controls from the "Tools" task card to the required position. Alternatively, you can also copy or move objects already configured from a screen to the report. 7. Configure the objects in the Inspector window: See also Objects in reports (Page 5638) Administration of detail pages (Panels, RT Advanced) Adding a detail page 1. Open the shortcut menu of a detail page. 2. Select the command "Pages > Insert page before" or "Pages > Insert page after." Depending on the selected command, the new detail page is inserted either before or after the existing detail page. Deleting a detail page 1. Open the shortcut menu of the detail page that you want to remove. 2. Select the command "Pages > Delete detail page". The detail page is deleted. Sorting detail pages 1. Open the shortcut menu of the detail page that you want to move. 2. Select the "Pages > Move one page up" or "Pages > Move one page down" command. Depending on the selected command, the detail page is moved either upward or downward. Showing and hiding sections 1. To show or hide a specific section, click on the plus or minus sign in the title bar of the section in the working area. 2. If you want to show or hide all sections of a report, select the command "Show all pages" or "Hide all pages" in the report shortcut menu. See also Structure of reports (Page 5616) Principles for preparation of reports (Page 5618) 5622 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Printing reports (Panels, RT Advanced) Introduction In Runtime, report output is event-driven or time-driven. Event-driven output The report is output after an event was generated. Examples: A tag value changes or exceeds a limit. Alarm is incoming, outgoing or acknowledged Action by the operator, for example, clicking a button Time-driven output The report is output automatically. Examples: Once at a specified date, e.g. on December 31, 2010 At intervals, e.g. daily at 8 am, or on Mondays at 6 pm Configuration steps Configuring event-driven output: An event is configured on a button or tag with the "PrintReport" system function. Configuring time-driven output: In the scheduled tasks, configure a "Print job" task and assign it to the desired report. In the task properties, specify the time and frequency of report output. Output in Runtime On the control panel of the HMI device, the report is output to the printer that is specified as the default printer. The default printer enabled for a HMI device can be found in the "Printer list". For further information about the "Printer list", refer to the Internet page of Siemens Customer Support and the Article ID "11376409". Note When printing PDFs, keep in mind the device-specific differences. You can find additional information at: PDF (Page 6381). WinCC Advanced V14 System Manual, 10/2016 5623 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) See also Printing reports (Page 5638) Planning jobs (Page 6047) 12.6.2.2 Working with objects (Panels, RT Advanced) Inserting an object (Panels, RT Advanced) Introduction In the "Screens" or "Reports" editor, insert the objects to the "Toolbox" task card. Use the mouse to drag the objects into the work area. You either keep the objects in their original size, or scale them up or down when you paste them. In addition, you can copy or move objects via the clipboard from one editor to another, for example to transfer a screen object to a report. Alternatively, you can also use the mouse instead of the clipboard for copying and moving: Copying: <Ctrl + Drag&Drop> Moving: Drag&drop Note Basic Panels The "Reports" editor is not available for Basic Panels. Requirement The "Tools" task card is open. Inserting objects in their standard size 1. In the "Toolbox" task card, select the desired graphic object or the desired graphic in the WinCC graphics folder. When you move the cursor across the work area, it turns into a crosshair with an appended object icon. 2. Click the location in the work area where you want to insert the object or graphic. The object is inserted with its standard size at the desired position in the work area. Alternatively, double-click the object in the "Toolbox" task card. Copying an object 1. Select the desired object. 2. Select "Copy" in the shortcut menu. 3. Click the desired location and select "Paste" in the shortcut menu. 5624 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) WinCC inserts a copy of the object at the desired location. You can only change the properties that are appropriate for the relevant context. Example: In the "Screens" editor, you can set for I/O fields and the mode for input and output. In the "Reports" editor, the mode is set to "Output". Original and copy are not interconnected and are configured independently from one another. Inserting lines 1. Select the desired graphic object in the "Tools" task card. 2. Click on a location in the work area. A line in the standard size is inserted. Inserting a polygon or polyline 1. Select the desired object "Polyline" or "Polygon" in the "Tools" task card. 2. Click on a location in the work area. This fixes the starting point of the object. 3. Click another location in the work area. A corner point is set. 4. For every additional corner point, click on the corresponding location in the work area. 5. Double-click on a location in the work area. The last corner point is set. This fixes all the points of the polygon or polyline. Note Basic Panels The "Polyline" and "Polygon" objects are not available for Basic Panels. Note If you want to insert several objects of the same type, use the "Stamp" function. This avoids having to reselect the object in the "Tools" task card every time before inserting it. To do so, select the icon in the toolbar of the "Tools" task card. See also Deleting an object (Page 5626) Inserting multiple objects of the same type (stamping tool) (Page 5626) Positioning objects (Page 5628) Resizing objects (Page 5630) Moving an object forwards or backwards (Page 5629) Flipping objects (Page 5637) Reports (Page 5615) WinCC Advanced V14 System Manual, 10/2016 5625 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Deleting an object (Panels, RT Advanced) Introduction You can delete objects individually or with a multiple selection. Requirement You have opened the work area containing at least one object. Procedure 1. Select the object that you want to delete. To delete multiple objects, keep the <Shift> key pressed and select the objects to be deleted one after the other. Alternatively, drag and maximize an area around the desired objects with the mouse. 2. Select "Delete" from the shortcut menu. Result The selected objects are deleted. Inserting multiple objects of the same type (stamping tool) (Panels, RT Advanced) Introduction WinCC offers the possibility to "stamp" several objects of the same type directly one after the other, i.e. paste without having to reselect the object every time. In addition you have the possibility of multiplying an object that has already been inserted. Requirement The "Tools" task card is open. Inserting several objects of one type 1. Select the object that you want to insert in the "Tools" task card. 2. Click the icon in the toolbar of the "Tools" task card. The "Stamp" function is activated. 3. To insert the object with its standard size, click the relevant insertion position in the work area. To insert the object with another size, position the mouse pointer at the desired location in the work area. Press the left mouse button and drag the object to the required size. The object is inserted in the work area as soon as you release the mouse button. 5626 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 4. Repeat step 3 to insert further objects of the same type. 5. Click the icon again. The "Stamp" function is deactivated. Note You can copy existing objects using the drag-and-drop +<CTRL> function. The existing object is not moved in this case. You paste a copy of this object into the new position instead. Inserting and multiplying an object 1. Insert the desired object from the "Tools" task card. 2. Press the <Ctrl> key and position the cursor on one of the handles displayed in the figure shown below. 0XOWLSOLFDWLRQ LQKRUL]RQWDO GLUHFWLRQ 0XOWLSOLFDWLRQ LQYHUWLFDO GLUHFWLRQ 0XOWLSOLFDWLRQ LQYHUWLFDODQG KRUL]RQWDO GLUHFWLRQ 3. Drag the handles to the right and/or down while keeping the left mouse button pressed. 4. The object is multiplied depending on available space if you keep moving the cursor. Result You have pasted and stamped an object in a screen. WinCC Advanced V14 System Manual, 10/2016 5627 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Positioning objects (Panels, RT Advanced) Introduction When you select an object, it is enclosed by a rectangle with resizing handles. This rectangle is the rectangle which surrounds the object. The position of an object is defined by the coordinates of the top left corner of the rectangle surrounding the object. Note If the position is outside the work area the object is not displayed in Runtime. Position and align You have the possibility of having a grid displayed in the work area. You have three options for easier positioning of objects: "Snap to grid" When you resposition objects, they are automatically snapped and pasted to the grid. If you hold down the <Alt> key, the object is no longer snapped to the grid. "Snap to objects" When you reposition objects, they are displayed with help lines. You can use other objects for orientation during positioning. "None": You position the objects in any position. You activate and deactivate the grid and options as follows: In the "Options > Settings > Visualization > Screens" menu In the "Layout > Grid" task card Requirement You have opened the work area containing at least one object. Procedure 1. Select the object you want to move. The selected object is framed by a rectangle with resizing handles. 2. Left-click the object and keep the mouse button pressed. 5628 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 3. Move the mouse pointer onto the new position. The contour of the object moves with the mouse and displays the new position for the object. The object initially remains at its original position. 4. Now release the mouse button. The object is moved into the position indicated by the contour of the selection rectangle. Alternative procedure 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the X and Y values for the position under "Position & Size". Result The object appears at its new position. See also Rotating objects (Page 5636) Moving an object forwards or backwards (Panels, RT Advanced) Introduction You can use the "Order" functions in the shortcut menu of a selected object or in the toolbar to move a selected object in front of or behind other objects within an object layer. Note ActiveX controls are always positioned in front of an object layer (.NET property). Requirement You have opened a screen which contains a layer with multiple objects. Procedure 1. Select the object you want to move forward or backward. 2. Select the "Sort" command and one of the following commands from the shortcut menu: WinCC Advanced V14 System Manual, 10/2016 5629 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Icon Description Moves the selected object before all the other objects of the same layer Moves the selected object to the lowest position in the same layer Moves the selected object up by one position Moves the selected object down by one position Alternative procedure 1. Open the "Layers" palette of the "Layout" task card. 2. Navigate to the required object. 3. Hold down the mouse button, and drag the object in the tree topology to the required position in the layer. 4. Now release the mouse button. Result The object is moved up or down. See also Inserting an object (Page 5624) Resizing objects (Panels, RT Advanced) Introduction When you select an object, it is enclosed by a rectangle with handles. You have the following options of resizing an object: Drag the handles using the mouse. Modify the "Size" property in the Inspector window. Requirement You have opened the work area containing at least one object. 5630 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Procedure 1. Select the object you want to resize. The selection rectangle appears. The following figure shows a selected object: 2. Drag a resizing contact of the rectangle to a new position. The size of the object changes. - The size of the object is aligned to the grid pattern, provided the "Snap to grid" function is set. - Press <ALT> to disable this function while you drag the object. In order to scale the object proportionally, keep the <Shift> key pressed while changing the size with the mouse. Alternative procedure 1. In the Inspector window, select "Properties > Properties > Layout". 2. Enter the size of the object under "Position & Size". Harmonizing the object size 1. Select the objects. or or 2. Now, click one of the following buttons: The size of the selected objects is matched to each other. The following screen shows how the selected objects are adapted to the height of the reference object: WinCC Advanced V14 System Manual, 10/2016 5631 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Icon Description Aligns the selected objects to the width of the reference object. Aligns the selected objects to the height of the reference object. Aligns the selected objects to the width and height of the reference object. Result The object now appears with its new size. Selecting multiple objects (Panels, RT Advanced) Introduction Select all objects you want to align with each other or to change global properties. This procedure is called "multiple selection." The Inspector window shows all the properties of the selected objects. You now have several options of selecting multiple objects: Draw a selection frame around the objects. Hold down the <Shift> key, and click the required objects. Selection frame of a multiple selection The selection frame surrounds all objects of a multiple selection. The selection frame is comparable with the rectangle that surrounds an individual object. The selection frame is not visible. When you have made your multiple selection, the following frame is displayed: The reference object is indicated by the rectangle around it. The other selected objects are indicated by a dashed-line frame. 5632 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Specifying a reference object The reference object is the object upon which the other objects are oriented. The reference object is framed by a rectangle with handles. The following figure shows a reference object with two other selected objects: You have the following options to specify the reference object: Select the objects via multiple selection. The object selected first is then the reference object. Draw a selection frame around the objects. The reference object compiled automatically. If you wish to specify a different object within the selection as the reference object, click on the desired object. This action does not cancel your multiple selection. Requirement You have opened the work area containing at least two objects. Selecting multiple objects with a selection frame 1. Position the mouse pointer in the work area close to one of the objects to be selected. 2. Hold down the mouse button, and draw a selection frame around the objects to be selected. Or: 1. Hold down the <Shift> key. 2. Click the relevant objects, working in succession. All the selected objects are identified by frames. The object selected first is identified as reference object. Note To remove an object from the multiple selection, press <SHIFT>, hold it down and then click the relevant object once again. Result Multiple objects are selected. One of those is identified as the reference object. You can now perform the following steps: Changing the object properties of all the objects Resizing all the objects by the same ratio, by dragging the selection frame to increase or reduce the size WinCC Advanced V14 System Manual, 10/2016 5633 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Moving all the objects in one group Aligning the objects to the reference object Repositioning and resizing multiple objects (Panels, RT Advanced) Possible modifications After you have selected multiple objects, you edit them: Shift using the mouse - To change the absolute position of the marked objects, position the mouse pointer over an object, and shift the multiple selection with the mouse button pressed. - To resize all the objects by the same ratio, grab the resizing handles of the reference object. Move over the work area with the icons of the toolbar - Change the position of the marked objects with respect to each other - Align the height and width of the marked objects Moving with the shortcut menu commands of the work area - Change the position of the marked objects with respect to each other - Align the height and width of the marked objects Aligning objects (Panels, RT Advanced) Procedure 1. Select the objects via multiple selection. 2. Specify an object as the reference object. 3. Select the desired command in the toolbar or the shortcut menu - see table below. The selected objects will be aligned. Aligning objects flush The selected objects will be aligned flush to the reference object. Icon Description Aligns the selected objects to the left edge of the reference object. Aligns the selected objects to the vertical center axis of the reference object. Aligns the selected objects to the right edge of the reference object. Aligns the selected objects to the upper edge of the reference object. Aligns the selected objects to the horizontal center axis of the reference object. Aligns the selected objects to the lower edge of the reference object. 5634 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Icon Description Centers the selected objects to the center points of the reference object. Centers the selected objects vertically in the screen. Snap to object When you reposition objects, they are displayed with help lines. You can use other objects for orientation during positioning. If you are working with the keyboard, press the Alt key. When you move the selected object with the arrow keys, the next anchor point is displayed. Distributing objects evenly You need at least three selected objects. A reference object is not required. 1. Select the objects. 2. Click one of the buttons "Distribute horizontally equal" or "Distribute vertically equal". The selected objects are distributed at equal distances. The following screen shows how you align the vertical spacing of the selected objects: Icon Description Aligns the horizontal distance between the objects. The position of the objects on the extreme left and right side remains unchanged. All other objects are distributed evenly between them. Aligns the vertical distance between the objects. The position of the objects at the extreme top and bottom (right and left) remains un changed. All other objects are distributed evenly between them. WinCC Advanced V14 System Manual, 10/2016 5635 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Rotating objects (Panels, RT Advanced) Introduction You can rotate a suitable object clockwise or counterclockwise around its center axis in steps of 90. Note Not all the objects can be rotated. Some objects that can be rotated in screens cannot be rotated in reports. You can also rotate multiple objects using the multiple selection function. Certain WinCC objects such as buttons cannot be rotated. The alignment of elements in an object will change in a rotated object. The following figure shows how a rectangle and an ellipse behave under the different commands for rotating an object: rWRWKHULJKW rWRWKHOHIW rWRWKHULJKW [rWRWKHULJKW Requirement You have opened the work area containing at least one object. Procedure 1. Select the object that you want to rotate. 2. Click one of the following toolbar icons: , to rotate the object clockwise around its center point. The angle of rotation is 90. , to rotate the object counterclockwise around its center point. The angle of rotation is 90. , to rotate the object clockwise by 180. 5636 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Result The object is shown at its new angle. Flipping objects (Panels, RT Advanced) Introduction You can flip an object along its vertical or horizontal center axis. The alignment of elements in an object will change when you flip an object. The following figure shows how a rectangle and an ellipse behave under the different commands for flipping an object. KRUL]RQWDO YHUWLFDO KRUL]RQWDOYHUWLFDO Requirement You have opened a screen which contains at least one object. Procedure 1. Select the object that you want to flip. 2. Click the "Flip" command in the shortcut menu and select one of the options displayed: - , to flip the selected object along its vertical center axis. - , to flip the selected object along its horizontal center axis. Result The object is shown at its flipped position. See also Inserting an object (Page 5624) WinCC Advanced V14 System Manual, 10/2016 5637 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.3 Operation in Runtime (Panels, RT Advanced) 12.6.3.1 Printing reports (Panels, RT Advanced) Printing a report in Runtime If you have configured an object with the "PrintReport" system function, the operator can print out a report in Runtime. To do this, the operator uses the "Print report" button on a screen. The operator can set or change further settings for the report. The report is output to the default printer. See also Printing reports (Page 5623) Principles for preparation of reports (Page 5618) Reports (Page 5615) 12.6.4 Objects in reports (Panels, RT Advanced) 12.6.4.1 Overview (Panels, RT Advanced) Objects in the "Reports" editor Different objects are available in the "Reports" editor: Objects for formal design of a report, for example, "Page number", "Line" or "Circle" Objects for output of contents, for example, objects for alarm reports or output of recipes The next section describes report-specific objects with special properties. Simple design objects are not further explained. 5638 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.4.2 Audit report (Panels, RT Advanced) Application With the audit report, the content of the audit trail of a HMI device is output as a report. Requirements The "audit report" object is available only if the following requirements are met: The HMI device supports a GMP-compliant configuration. GMP-compliant configuration is active in the Runtime settings of the HMI device. Note that operator actions and system operations are only recorded if a corresponding log is configured. Layout In the Inspector window the position, shape, style, color and font types of the object are customized. In particular, the following can be adjusted: Visibility of the comment See also Principles for preparation of reports (Page 5618) Date/time field (Page 5640) I/O field (Page 5641) Graphic view (Page 5642) Graphic I/O field (Page 5643) Alarm report (Page 5644) Recipe report (Page 5646) Page number (Page 5647) Symbolic I/O field (Page 5648) Text field (Page 5648) Reports (Page 5615) WinCC Advanced V14 System Manual, 10/2016 5639 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.4.3 Date/time field (Panels, RT Advanced) Application The "Date/time field" object shows the system time of the HMI device or the date and / or time of a connected tag. The layout depends on the language setting on the HMI device. Layout In the Inspector window, you customize the position, shape, style, color, and font types of the object. In the "Properties > Properties > General" dialog, you can adapt the following properties in particular: Long date/time format: This setting defines the format displayed for the data and / or time. System time: Specifies whether to use the system time of the HMI device, or the data and / or time of a connected tag. Long date/time format Option Description "Enabled" Date and / or time is fully displayed, for example "Sunday, December 31, 2000 10:59:59 AM" "Disabled" Date and / or time is displayed in abbreviated form, e.g. "12/31/2000 10:59:59 AM" Option Description "Enabled" The system time of the HMI device is displayed "Disabled" The date and / or time of the connected tag is displayed System time Select a tag of the "DateTime" data type, e.g. an internal tag. Information about data types which are available for connection to other PLCs can be found in the documentation about the respective communication drivers. See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) 5640 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.4.4 I/O field Application The "I/O field" object is used to enter process values. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Display format: Specifies the format in which the values in the I/O field are output. Note The "I/O field" object is also available in "Screens" editor. In reports, the object only outputs data. Accordingly only configure the output of data for application in reports. Display format The "display format" for the output of values is specified in "Properties > Properties > General > Format", in the Inspector window. Layout "Binary" Output of values in binary form "Date" * Output of date specifications. The format depends on the language setting on the HMI device. "Date/time" * Output of date and time specifications. The format depends on the language set ting on the HMI device. "Decimal" * Output of values in decimal form. "Hexadecimal" Output of values in hexadecimal form. "Time" * Output of time specifications. The format depends on the language setting on the HMI device. "Character string" Output of strings. *: not in Runtime Professional Avoid overlaps with output fields If several I/O fields are configured as output fields with a transparent background in a report, these I/O fields may overlap. The transparent part of the one field covers the digits of the other field. This may cause display problems in the report. In order to avoid such overlaps, set the margins of the I/O fields to zero in the object properties under "Properties > Properties > Appearance". Activate "Properties > Properties > Layout > Fit object to contents." WinCC Advanced V14 System Manual, 10/2016 5641 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) 12.6.4.5 Graphic view (Panels, RT Advanced) Application The "Graphic view" object is used to display graphics. Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Graphic: Specifies the graphic file that is displayed in the object. Adjust graphic: Specifies the automatic size stretching for objects with graphics. Inserting graphics Use the following image formats in the "Graphic Display" object: *.bmp, *.tif, *.png, *.ico, *.emf, *.wmf, *.gif, *.jpg or *.jpeg. You may also use graphics as OLE objects in the Graphic view . 1. Click "Properties > Properties > General" in the Inspector window. 2. Select the graphic that you wish to insert. The graphic preview is shown in the right pane. 3. Click "Apply" to insert the graphic in the Graphic view . 5642 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Adjust graphic Whether a graphic displayed in a Graphic view is stretched to the size of the Graphic view in runtime is specified in the Inspector window. 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Select one of the following options from the "Fit to size" area: - Do not adapt automatically - Fit graphic to object size - Fit object size to graphic - Adjust object size to graphic See also Audit report (Page 5639) 12.6.4.6 Graphic I/O field (Panels, RT Advanced) Application With the "Graphic I/O field" object, the graphics of a graphics list are displayed, depending on the tag value. In the Inspector window, the tag and graphics list are configured, under "Properties > Properties > General": Note The "Graphic I/O field" object is also available in "Screens" editor. In reports, the object only outputs data. Accordingly only configure the output of data for application in reports. Layout Customize settings for color, frame, position and object size in the inspector window. In particular, the "Fit to size" is defined by specifying whether the object is adjusted to the graphics during output in the report or the graphic is adjusted in the object. See also Create a report (Page 5620) Audit report (Page 5639) Objects in reports (Page 5638) WinCC Advanced V14 System Manual, 10/2016 5643 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.4.7 Alarm report (Panels, RT Advanced) Application Use the "Alarm report" object to output alarms of the selected alarm classes from the alarm buffer or alarm log to the report. Layout In the Inspector window, you customize the position, shape, style, color, and font types of the object. You can adapt the following properties in particular: Source Alarm classes Time range Additional settings for the display Visible columns Specifying the source Under "Properties > Properties > General > Settings > Source", specify whether to display alarms from the alarm buffer, or from the alarm log. Select the alarm log in the "Alarm log" dialog. Note The "Alarm log" source is only available if the HMI device supports logs. Specifying alarm classes Under "Properties > Properties > General > Alarm classes, enable the alarm classes for the alarms output to the report. 5644 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Specifying the time range If you want to restrict alarm output to a specific time range, select the start and end tags for the time range in the "Properties > Properties > General > Time range" dialog. The tag must be of the "DateTime" type. Additional settings for the display Under "Properties > Properties > General > Settings, specify the following settings for the display in the alarm report: Under "Sorting", specify whether to start the display with the oldest or most recent alarm. Under "Lines per entry", specify the number of lines to be available for each alarm. The required number of lines depends on the following factors: - Number and width of the selected columns for the output - Font size used - Paper format of the printer Select "Visible heading" to enable the display of column headers. Select "Display milliseconds" to enable the display of milliseconds for time data. Visible columns Under ""Properties > Properties > Layout > Visible columns", enable the columns to be displayed in the alarm report. See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) WinCC Advanced V14 System Manual, 10/2016 5645 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) 12.6.4.8 Recipe report (Panels, RT Advanced) application Use the "Recipe report" object to output the elements of recipe data records in the report. Layout In the Inspector window, you customize the position, shape, style, color, and font types of the object. You can adapt the following properties in particular: Recipe Data record Format Visible entries Selecting a recipe Specify the recipes to be output in the recipe report under "Properties > Properties > General > Recipe". You can define the recipes based on their recipe name, or on a range of recipe numbers. Under "First recipe" and "Last recipe", enter a value or select a tag. You can also choose to display all recipes. Selecting a data record Under "Properties > Properties > General > Data record", specify which data records of the selected recipes are to be output in the recipe report. You can define the data records based on the data record name, or on a range of data record numbers. Under "First recipe" and "Last recipe", enter a value or select a tag. You can also choose to display all data records of the selected recipes. 5646 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) Format In the "Format" field of the "Properties > Properties > Layout > Settings" dialog, specify whether to output the data records as a table in column format or line report format. WinCC updates the preview in the detail page accordingly. Visible entries Under ""Properties > Properties > Layout > Visible entries", enable the columns to be displayed in the recipe report. Select "Show headings" to enable the display of column headers. See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) 12.6.4.9 Page number (Panels, RT Advanced) application Use the "Page number" object to output the current page number in the report. Layout In the inspector window, change the settings for color, font, position and object size. In particular, specify "Size adaptation": Fit to size Under "Properties > Properties > Layout > Fit to size", the "Fit object to content" option is used to specify whether WinCC adjusts to the object size of the field content: Enabled "Fit object to contents" option: WinCC automatically adjusts the size of the object to the configured format. The font size and field length are defined under "Properties > Properties > General > Text". The object can be moved in the working area, however, the size cannot be changed. During report output, the entire field content is output at the time of report output. Disabled "Fit object to contents" option: Customize the field size by yourself. WinCC does not resize the field for report output. It can be possible that not all content of the field is output in the report. Therefore, configure a field of sufficient size. WinCC Advanced V14 System Manual, 10/2016 5647 Visualizing processes 12.6 Working with reports (Panels, RT Advanced) See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) 12.6.4.10 Symbolic I/O field (Panels, RT Advanced) application With the "Symbolic I/O field" object, the content of a text list in reports is displayed, depending on the tag value. In the inspector window, the tag and text list is configured under "Properties > Properties > General": Layout In the inspector window, change the settings for color, frame, font, position and object size. In particular, the "Fit to size" is defined, by specifying whether the object size is adjusted to the text during output in the report or not. Note The "Symbolic I/O field" object is also available in "Screens" editor. In reports, the object only outputs data. Accordingly only configure the output of data for application in reports. See also Create a report (Page 5620) Principles for preparation of reports (Page 5618) Audit report (Page 5639) 12.6.4.11 Text field (Panels, RT Advanced) Application The "Text field" is a closed object which you can fill with a color. 5648 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Layout In the Inspector window, you customize the position, shape, style, color and font types of the object. You can adapt the following properties in particular: Text: Specifies the text for the text field. Size of text field: Defines whether the size of the object is adapted to the space required by the largest list entry. Text Specify the text for the text field in the Inspector window. 1. In the Inspector window, select "Properties > Properties > General". 2. Enter a text. For texts over several lines you can set a line break by pressing the key combination <Shift + Enter>. Size of text field In the Inspector window, you can define whether the size of the object is adapted to the space required by the largest list entry. 1. In the Inspector window, select "Properties > Properties > Layout". 2. Activate "Resize > Fit to contents". See also Audit report (Page 5639) 12.7 Configuring user administration 12.7.1 Basics 12.7.1.1 Field of application of the user administration Principle The access protection controls access to data and functions in Runtime. This feature protects your applications against unauthorized operation. Safety-related operations are already limited to specific user groups when a project is being created. To this purpose you set up users and user groups that you equip with characteristic access rights, so-called authorizations. You then configure the authorizations required for operation of safety-related objects. Operators only have access, for example, to specific operator controls. Commissioners, for example, have unlimited access in Runtime. WinCC Advanced V14 System Manual, 10/2016 5649 Visualizing processes 12.7 Configuring user administration Definition You administer users, user groups and authorizations centrally in the user administration of WinCC. You transfer users and user groups together with the project to the HMI device. The users and passwords are managed on the HMI device in the User view. Application example You configure the "Service" authorization so that only service technicians have access to the configuration parameters. You assign the authorization to the "Service technician" user group. This allows all members of this group to set the protected configuration parameters. NOTICE Access protection does not protect against incorrect operations. It is your job to ensure that only authorized personnel with appropriate training will design, commission, operate and maintain plants and machines. Access protection is not suitable for defining work routines and monitoring their observance. 12.7.1.2 Form of the user administration Introduction In case of a project in manufacturing engineering, the environment at the equipment manufacturer has to be differentiated from the environment at the end customer as plant operator. The equipment manufacturer allows users, for example Mr. Foreman, a specific access within the application or HMI device. However, a user Foreman does not exist at the end customer. The machine manufacturer cannot know the end users and the tasks they have to perform for configuration. The final users are usually set after commissioning at the end customer. 5650 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration :LQ&&:RUNEHQFK $GPLQLVWUDWRU &RQILJXUDWLRQ 8VHUJURXS 6HUYLFH7HFKQLFLDQ $XWKRUL]DWLRQV 0LOOHU (GLWUHFLSHGDWDUHFRUGV &KDQJHV\VWHPSDUDPHWHUV 6PLWKJURXS /RJSURFHVVYDOXHV )RUHPDQ 0U)RUHPDQ 3URJUDP 2SHUDWRU FRQWUROV %ORFN 3URFHVV YDOXHV 6\VWHP 5HFLSH SDUDPHWHUV /RJJLQJ Principle To minimize the work required for management, authorizations are assigned via user groups and not directly to individual users. A user group assembles configured authorizations according to common jobs. For example, all permissions required for a service job are collected in a "Service technician" group. When you create a user who should be responsible for servicing, you simply assign him to the "Service technician" group. The user view enables user administration in Runtime. Use user view to create, delete and assign an authorization to users in Runtime. The user administration separates the administration of the users from the configuration of the authorizations. This ensures flexibility at the access protection. Defaults can be set for the user administration during the configuration phase in the Engineering System. 12.7.1.3 Users Introduction You can create users in the "Users" tab of the "User administration" editor and assign them to user groups. The "Users" tab is part of the user administration in WinCC. Open To open the "Users" tab, double-click "User administration" in the project window. WinCC Advanced V14 System Manual, 10/2016 5651 Visualizing processes 12.7 Configuring user administration Work area The users are managed in the work area: You create or delete users. You assign users to user groups. Note You can assign a user to exactly one user group. Note On an HMI device the number is limited to 100 users and one PLC user. This restriction does not apply to PCs. On a PC, the maximum number of users is restricted by the physical memory. Inspector window When you select a user, you can change the password in the "General" group. Under "Automatic logoff" you can specify if the user is to be automatically logged off by the HMI device when there is no operator activity after the specified time. Backup and restore The user data is encrypted and saved on the HMI device to protect it from loss due to power failure. The users, passwords, group assignments and logoff times set up on the HMI device can be backed up and restored. This prevents you having to enter all of the data again on another HMI device. Note The currently valid user data is overwritten in the following cases: Depending on settings, the next time the project is downloaded Upon restore of a backed-up project Upon import of the user administration via an operator control. The newly downloaded or restored user data and passwords take effect immediately. Note The user data from earlier Runtime versions can be backed up and restored in the V14. The user data of the V14 cannot be restored to earlier versions. 5652 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 12.7.1.4 Users work area Introduction The "Users" work area lists the users and user groups in table form. You administrate the users and assign them to a user group. Principle The work area consists of the "Users" and "Groups" tables. The "Users" table shows the existing users. When you select a user in this table, the "Groups" table shows the user group to which the user belongs. Note For the user "Administrator", the default password is "administrator". For security reasons, you should change the password of this user. 12.7.1.5 User groups Introduction You can create users and authorizations in the "User groups" tab of the "User Administration" editor. The "User groups" tab is part of the user administration in WinCC. Open Double-click the "User administration" in the project window. Open the "User groups" tab. WinCC Advanced V14 System Manual, 10/2016 5653 Visualizing processes 12.7 Configuring user administration Work area The user groups and authorizations are managed in the work area: You create new user groups and authorizations or delete them. You assign the authorizations to the user groups. Inspector window When a user group or an authorization is selected, you can edit the name in the "General" group. You can also enter a brief description in the "Comment" group. 12.7.1.6 User groups work area Introduction The "User groups" work area shows a table of the groups and their authorizations. You administer the user groups and assign authorizations to them. Principle The work area consists of the "Groups" and "Authorizations" tables. The "Groups" table shows the existing user groups. When you select a user group in this table, the "Active" column of the "Authorizations" table shows the authorizations which were assigned to the user group. 5654 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration The number of the user group and of the authorization is assigned by the user administration. The designations and descriptions are assigned by you. The number of predefined authorizations are fixed. Authorizations that you create can be freely edited. Ensure that the assigned numbers are unique. 12.7.1.7 Settings for the user administration (Basic Panels) Introduction In the "Runtime settings > User administration" editor, configure the security settings for users and their passwords in runtime. Open Double-click the "Runtime settings" editor in the project window. Click "User administration". Work area You carry out the settings for the validity of passwords in runtime in the work area. You determine the complexity of the password, for example. Note If the password from a previous project no longer corresponds to the policy, the user is prompted to enter a new password. WinCC Advanced V14 System Manual, 10/2016 5655 Visualizing processes 12.7 Configuring user administration Effects in Runtime The security settings have the following effects in runtime, depending on the configuration. "General" group - "Enable limit for logon attempts" check box selected The number entered in the "Number of incorrect logon attempts" box defines the number of logon attempts a user is allowed before being assigned to the "Unauthorized" group. "Enable limit for logon attempts" check box not selected The user has an unlimited number of logon attempts in runtime. - "Number of incorrect logon attempts" field If you enter "4" in the field, for example, and the fourth logon attempt fails, the user is automatically assigned to the "Unauthorized" group. You can specify 1 to 9 attempts. - "Logon only with password" check box When the check box is selected, the user will be authenticated by the password. The user name is not required. To match users to passwords, you cannot configure passwords more than once. Note If the "Logon only with password" option is enabled, the system sets the passwords for users that have already been created. It is therefore recommended to always enable the "Logon only with password" option before creating users. If you transfer user data from previous device versions in which the "Logon only with password" option was disabled, there may be multiple users with identical passwords. These users are listed in the user view. However, only users whose user name comes first by alphabetical order can log on in Runtime. "Hierarchy level" group - "Group-specific rights for user administration" check box When this check box is selected, administrators only manage users whose group number is less than or equal to their own. For example, an administrator whose group number is 5 can only manage users whose group number is less than or equal to 5. This means that the administrator can assign users only to groups with a group number less than or equal to 5. 5656 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration "Password" group - "Enable password aging" checkbox selected The password expires after the number of days set in the "Validity of the password (days)" field. The "Password aging" column is selected in the "User groups" editor. This enables you to specify group-by-group, if the passwords should expire or if the password generations should be saved. Passwords never expire for groups for which password aging is not enabled. - "Prewarning time (days)" field The user is informed that the password will expire the specified number of days before the password expires. - "Password generations" field If the user changes the password, the new password must be different from the specified number of previous passwords. The number of password generations ranges from 1 to 5. "Password complexity" group - "Must include special characters" check box selected The user must enter a password containing at least one special character at any position. - "Must include number" check box selected The user must enter a password containing at least one number at any position. - "Minimum password length" field The user must enter a password with a minimum length, as specified in the "Minimum password length" field. The minimum length of the password is 3 characters. Note If the "Must include special characters" option is enabled, the system sets the passwords for users that have already been created. It is therefore recommended to always enable the "Must include special characters" option before creating users. The following special characters are permitted for passwords: -+.,/*:\"?_()=^!%'{}[]<>#$;&|@ 12.7.1.8 Settings for the user administration (Panels, RT Advanced) Introduction In the "Runtime settings > User administration" editor, configure the security settings for users and their passwords in runtime. Open Double-click the "Runtime settings" editor in the project window. Click "User administration". WinCC Advanced V14 System Manual, 10/2016 5657 Visualizing processes 12.7 Configuring user administration Work area You carry out the settings for the validity of passwords in runtime in the work area. You determine the complexity of the password, for example. Note If the password from a previous project no longer corresponds to the guideline, the user is prompted to enter a new password. 5658 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Effects in Runtime The security settings have the following effects in runtime, depending on the configuration. "General" group - "Change initial password" check box selected The user must change the administrator-assigned password when logging on for the first time. - "Change logoff time" checkbox selected Simple user rights are sufficient for changing the logoff time. The logoff time is the period after which the user administration automatically logs off a user when no operator activity is detected in the system. The logoff time for the SIMATIC Logon user corresponds to the logoff time of the default user "Administrator". Any user changes of the logoff time are logged in the Audit Trail. - "Enable limit for logon attempts" check box selected The number entered in the "Number of incorrect logon attempts" box defines the number of logon attempts a user is allowed before being assigned to the "Unauthorized" group. "Enable limit for logon attempts" check box not selected The user has an unlimited number of logon attempts in runtime. - "Number of incorrect logon attempts" field If you enter "4" in the field, for example, and the fourth logon attempt fails, the user is automatically assigned to the "Unauthorized" group. You can specify 1 to 9 attempts. - "Logon only with password" check box When the check box is selected, the user will be authenticated by the password. The user name is not required. To match users to passwords, you cannot configure passwords more than once. Note If the "Logon only with password" option is enabled, the system resets the passwords for users that have already been created. We therefore recommend that you always enable the "Logon only with password" option before creating users. If you transfer user data from previous device versions in which the "Logon only with password" option was disabled, there may be multiple users with identical passwords. These users are listed in the user view. However, only users whose user name comes first by alphabetical order can log on in Runtime. "Hierarchy level" group - "Group-specific rights for user administration" check box When this check box is selected, administrators only manage users whose group number is less than or equal to their own. For example, an administrator whose group number is 5 can only manage users whose group number is lower than or equal to 5. This means that the administrator can assign users only to groups with a group number lower than or equal to 5. WinCC Advanced V14 System Manual, 10/2016 5659 Visualizing processes 12.7 Configuring user administration "Password" group - "Enable password aging" checkbox selected The password expires after the number of days set in the "Validity of the password (days)" field. The "Password aging" column is selected in the "User groups" editor. This enables you to specify group-by-group, if the passwords should expire or if the password generations should be saved. Passwords never expire for groups for which password aging is not enabled. - "Prewarning time (days)" field The user is informed that the password will expire the specified number of days before the password expires. - "Password generations" field If the user changes the password, the new password must be different from the specified number of previous passwords. The number of password generations ranges from 1 to 5. "Password complexity" group - "Must include special characters" check box selected The user must enter a password containing at least one special character at any position. - "Must include number" check box selected The user must enter a password containing at least one number at any position. - "Minimum password length" field The user must enter a password with a minimum length, as specified in the "Minimum password length" field. The minimum length of the password is 3 characters. Note If the "Must include special characters" option is enabled, the system resets the passwords for users that have already been created. We therefore recommend that you always enable the "Must include special characters" option before creating users. The following special characters are permitted for passwords: -+.,/*:\"?_()=^!%'{}[]<>#$;&|@ "SIMATIC Logon" group - "Activate SIMATIC Logon" check box selected A connection is established to the server. Authorization is performed via SIMATIC Logon. - "Encrypted transfer" checkbox selected The data is encrypted before it is transferred to the server. 5660 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 12.7.1.9 Target groups in the user administration Principle The target groups serve as examples for different groups of persons who use the user administration. We can distinguish between the following four groups in the user administration: 1. Administrator OEM 2. Administrator RT 3. Project engineer 4. Operator As Administrator OEM, you create the user groups, users and authorizations for Runtime in the Engineering System of, for example, an equipment manufacturer. As Administrator RT, you administer users in Runtime by means of the "User view." As the project engineer, you assign the authorizations to the user groups in the Engineering System. You also configure authorizations for objects. As Operator, you log on in Runtime. You can only access a protected object if you have the required authorization. Note The Administrator RT target group already exists in the Runtime user administration as the predefined user group "Administrator group." For ease of understanding, the predefined user groups and authorizations are not used below. 12.7.2 Building up and structuring a user administration 12.7.2.1 Administering users for Runtime Creating an authorization Introduction You create an authorization and assign it to one or more user groups. Requirements The "User groups" work area is open. WinCC Advanced V14 System Manual, 10/2016 5661 Visualizing processes 12.7 Configuring user administration Procedure 1. Double-click "Add" in the "Authorizations" table. 2. Enter "Stop runtime" as the name of the authorization. 3. Enter a brief description as the "Comment". See also Creating a user group (Page 5662) Creating a user group (Basic Panels, Panels, RT Advanced) Introduction User groups are created so that you do not have to assign an authorization to every single user. You create a user group, assign authorizations and then assign users to it. Note The name of the user group has to be unique within the project. Otherwise the input is not accepted. Note Using SIMATIC Logon Ensure that the names of the user groups in Windows and WinCC are identical. Requirements The "User groups" work area is open. Procedure 1. Double-click "Add" in the "Groups" table. 2. Enter "Operators" as the "Name" of the user group. 3. Change the "Number" of the user group as required. 4. Enter "Display name" of the "Operators" user group. 5. Enter a brief description as the "Comment". In runtime, the user view shows the display name of the user group. The display name of the user group depends on the language. You can specify the name in several languages and switch between languages in runtime. 5662 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration See also Creating an authorization (Page 5661) Example: Configuring a button with logon dialog box (Page 5686) Example: Logging the logon and logoff events (Page 5687) Assigning an authorization Introduction When you allocate an authorization to a user group, all assigned users have this authorization. Requirements A "Stop runtime" authorization has been created. An "Operators" user group has been created. The "User groups" work area is open. Procedure 1. Click on the "Operators" user group in the "Groups" table. The "Authorizations" table shows all authorizations. 2. Enable the "Stop runtime" authorization in the "Authorizations" table. Note The "Stop runtime" authorization is only a designation and does not have any relation to the function "StopRuntime". You have to establish this relation yourself. To do so, configure the "StopRuntime" system functions at a button and select "Stop runtime" as the "Authorization". Creating users Introduction You create a user so that users can log on with their user names in runtime after loading to the device. WinCC Advanced V14 System Manual, 10/2016 5663 Visualizing processes 12.7 Configuring user administration As an alternative, you can create and change users by means of the "User view" in Runtime. Note Applies only to Runtime Professional: New users who want to access through a Web client or a WebUX client on the system, can only be created in the engineering system. When you create a user in Runtime with the user view, it is not possible to assign a Web startup screen to this user. This user is therefore not authorized to access the Web. Neither can existing users be granted web access rights in Runtime. In order for a created user to have authorizations you have to assign him to a user group and allocate authorizations to the user group. The logon is successful when the user name entered during the logon matches a user in Runtime. In addition, the entered password must agree with the stored password of the user. Note Note that the entry is case-sensitive. Requirements The "Users" work area is open. Procedure 1. Double-click "Add" in the "Users" table. 2. Enter "Foreman" as the user name. Note The user name must be unique within the project. Otherwise the input is not accepted. Note Do not use special characters such as / " $ % ? ' & when you enter a user name and a password. 3. Click the displayed. button in the "Password" column. A dialog box for entering the password is 4. Enter the password of the user. 5. To confirm the password enter it a second time in the lower field. 6. Close the dialog box using the icon. 7. If a user is to be logged off after a specific time period, activate "Automatic logoff". 5664 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 8. Click in the "Logoff time" column. The preset value for "Logoff time" is 5 minutes. 9. Enter a brief description as the "Comment". Assigning a user to a user group Introduction When you assign a user to a user group, the user has the authorizations of the user group. Note You have to assign a user to exactly one user group. The assignment is checked during the consistency check and generation of the project. Requirements The user "Foreman" has been created. An "Operators" user group has been created. The "Users" work area is open. Procedure 1. Click on the "Foreman" user in the "Users" table. The "Groups" table shows all user groups. 2. Activate the "Operators" user group in the "Groups" table. Managing users Introduction In the work area, you can administer users and assign them to user groups. Requirements The "Users" work area is open. Changing the user name 1. In the "Users" table, double-click the field in the "Name" column to change the user name. 2. Change the user name. 3. Confirm your entry with <Return>. Alternatively, select the user in the work area. Change the user name under "Properties > Properties > General" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5665 Visualizing processes 12.7 Configuring user administration Changing the password of the user 1. Click the button in the "Password" column of the "Users" table. A dialog for entering the password opens. 2. In the "Enter password" field, enter the new password. 3. Reenter the new password in the "Confirm password" field. 4. Confirm your entry with <Return>. Alternatively, select the user in the work area. Change the password under "Properties > Properties > General" in the Inspector window. Displaying invisible columns 1. Position the mouse cursor on the title of the "Users" table. 2. Right-click to open the shortcut menu and enable the display of the "Logoff time" column, for example. Changing the logoff time of the user 1. In the "Users" area, double-click on the field in the "Logoff time" column to change the logoff time. 2. Change the logoff time. 3. Confirm your entry with <Return>. Alternatively, select the user in the work area. Change the logoff time under "Properties > Properties > Automatic logoff" in the Inspector window. Deleting a user 1. Select the line of the user to be deleted. 2. Open the shortcut menu with the right mouse button and select the "Delete" command. Note Predefined users cannot be deleted. Managing user groups Introduction In the workplace you administer user groups and assign authorizations for use in runtime. Requirements The "User groups" work area is open. 5666 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Changing the name of the user group 1. In the "Groups" table, double-click the field in the "Name" column to change the name of the user group. 2. Change the name of the user group. 3. Confirm your entry with <Return>. Alternatively, select the user group in the work area. Change the name under "Properties > Properties > General" in the Inspector window. Note Predefined user groups cannot be deleted. Displaying invisible columns 1. Position the mouse cursor on the title of the "Users" table. 2. Right-click to open the shortcut menu and enable the display of the "Display name" column, for example. Changing the displayed name of the user group 1. In the "Groups" table, double-click the field in the "Display name" column to change the display name of the user group. 2. Change the displayed name of the user group. 3. Confirm your entry with <Return>. Alternatively, select the user group in the work area. Change the display name under "Properties > Properties > General" in the Inspector window. Deleting a user group 1. Mark the line of the user group to be deleted. 2. Open the shortcut menu with the right mouse button and select the "Delete" command. Note Predefined user groups cannot be deleted. Changing the name of the authorization 1. In the "Authorizations" table, double-click the field in the "Name" column to change the name of the authorization. 2. Change the name of the authorization. 3. Confirm your entry with <Return>. Alternatively, select the authorization in the work area. Change the name under "Properties > Properties > General" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 5667 Visualizing processes 12.7 Configuring user administration Deleting authorizations 1. Mark the line of the authorization to be deleted. 2. Open the shortcut menu with the right mouse button and select the "Delete" command. Note Predefined authorizations cannot be deleted. 12.7.2.2 Managing users on the server Central user administration using SIMATIC Logon (Panels, RT Advanced, RT Professional) Introduction To manage users and user groups for several applications or HMI devices, activate SIMATIC Logon. Principle SIMATIC Logon is a tool for system-wide user administration. If you use SIMATIC Logon, the users are centrally managed outside the application or HMI device. You configure the user groups and their permissions as you usually do with the local user administration in WinCC. You assign identical names to the user groups on the server and in WinCC. Authorizations are assigned in runtime to a user group when the names are identical. You do not have to create users in WinCC because they are taken dynamically from Windows user management during the logon process. The application or HMI device forwards each logon or password change to SIMATIC Logon for processing. Note SIMATIC Logon is a product requiring a license. For more information on SIMATIC Logon go to <http://support.automation.siemens.com>. Enter the ID "34519648" in the search field and start searching. The "SIMATIC Logon Electronic Signature" manual is available to download. 5668 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Log on process via SIMATIC Logon Service The following diagram illustrates the process that runs automatically when a user logs onto Runtime. The application opens the logon dialog box 1. Query: Login and password Logon dialog box The user enters the logon data in the logon dialog box: <Login> <Password> 2. Transfer: Logon data Logon data is verified 3. Query: Does Windows recognize the user? Applications which use SIMATIC Logon functions Logon data is verified on the local computer or in the domain 4. User authentication in progress SIMATIC Logon Service Determining user data: 5. Query: Which user data is known? Operating system User and group administration Transfer of user data: 6. Transfer: full user name, group membership, password age Verifying and transferring user data: 7. Transfer: full user name, group membership 8. Determining roles 9. Setting rights in accordance with role Results: The user can implement the role functions. See also Authentication and certificate management in SIMATIC Logon (Page 5670) WinCC Advanced V14 System Manual, 10/2016 5669 Visualizing processes 12.7 Configuring user administration Authentication and certificate management in SIMATIC Logon Introduction SIMATIC Logon (V1.5 SP3 and later) supports secure encrypted communication connections to the following device families as of device version V13 SP1 and higher: Comfort Panels KTP Mobile Panels Runtime Advanced Note HMI devices with a device version V13 or earlier can only make a non-secure / non-encrypted connection to a SIMATIC Logon server. Basics The first time a connection is made the SIMATIC Logon certificate is compared with the local certificate of the HMI device. The compared certificate is stored under "SimaticLogon\rejected". If you trust the certificate of the SIMATIC Logon server, copy the stored certificate into the local certificate store. The certificate store is located in the following path: On the PC usually under "C:\Program Files\Siemens\CoRtHmiRtm\SimaticLogon\certs" On HMI panels under "\flash\simatic\SimaticLogon\certs" When the comparison has been successfully performed can a secure encrypted connection be successfully established. You can find additional information about tested browsers on the Internet on the Customer Support pages, entry ID=109480490: https://support.industry.siemens.com/cs/document/109480490/ (https:// support.industry.siemens.com/cs/document/109480490/) See also Central user administration using SIMATIC Logon (Page 5668) Making settings on the server (Panels, RT Advanced, RT Professional) Introduction Perform the following steps on your sever to ensure correct operation of SIMATIC Logon. 5670 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Procedure 1. Install SIMATIC Logon Services. 2. Create the user group in the user administration of the operating system. 3. Create the users in the user administration of the operating system. Note Users of SIMATIC Logon must be members of a user group of the operating system. Members of a subgroup cannot be logged on. 4. Assign the new users to a group. 5. Transfer the licenses for each HMI device on the server. Note You can find more detailed information in the documentation supplied with SIMATIC Logon. Note The password policies stored on the server are valid if users are authorized by means of SIMATIC Logon. Note You can configure the logoff time for the SIMATIC Logon user with "Configure SIMATIC Logon" on the server. You set the automatic logoff time identical for all users, regardless of the panels. Logging on using SIMATIC Logon (Panels, RT Advanced) Requirements User administration exists. The groups created in WinCC agree with the Windows groups on the server. There is a server with SIMATIC Logon Service installed. WinCC Advanced V14 System Manual, 10/2016 5671 Visualizing processes 12.7 Configuring user administration Note A user may only be a member of one user group in WinCC. When a user is a member of several user groups on the server, only one of these user groups can be made known in WinCC. "Administrators" and "Users" are predefined groups in both Windows and WinCC. Any new user created in Windows is automatically a member of the "Users" group. A user will be a member of two groups if assigned to a new group, for example, to the "SL user" group. Remove this user from the "Users" group of the operating system to enable logon of this user using SIMATIC Logon. A system message in runtime always confirms the successful logon of a user on the server. Note When you use SIMATIC Logon to manage access to a panel or a device with WinCC Runtime Advanced, you must note that the characters '/' and '\' cannot be used in the names of Windows user groups or Windows users. Procedure 1. Open the "Runtime settings > User administration" editor in the Project window. 2. Select "Enable SIMATIC Logon". 3. Select "Windows domain" or "Windows computer", depending on where you administer your users. 4. Enter the name or IP address of the SIMATIC Logon server in the "Server name" text box. Note Make sure your SIMATIC Logon Server always has the same IP address if you use IP addresses. 5. Enter the port number for TCP/IP communication in the "Port number" text box. The valid range of values lies between 1024 and 49151. The preset port number is "16389" and used by SIMATIC Logon as the default. 6. Enter the Windows domain or the logon server with the user data in the "Windows domain" text box. Enter the name of the sever to access users on the logon server. Enter the name of the domain if the logon sever is in a domain and you wish to access users of the domain. Note Local Windows users are not accepted when the logon server is in a domain. 7. Activate the "Encrypted transfer" check box in order to encrypt the data before sending it to the server. 5672 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Emergency user If the server cannot be accessed, all local users that were created in WinCC user administration can also be used as emergency users. Emergency users have the rights of the user group to which they were assigned. Note For additional information, refer to the included SIMATIC Logon documentation. Can be located under: [Installation directory SIMATIC Logon] \manuals 12.7.2.3 Administering users in Runtime Users in runtime Principle You create users and user groups and assign authorizations to them. You configure objects with authorizations. After download to the HMI device, all objects which were configured with an authorization are protected against unauthorized access in Runtime. User view When you configure a user view in the Engineering System, you administer users in this user view following download to the HMI device. NOTICE Changes in the user view are effective immediately in Runtime. Changes in runtime are not updated in the engineering system. When downloading the user administration to the HMI device, all changes in the user view are overwritten after a security prompt and based on the settings. Users who have a "User administration" authorization have unlimited access to the user view. This allows them to administer all users. Any other user has only limited access to the user view for self administration. See also User view (Page 5674) WinCC Advanced V14 System Manual, 10/2016 5673 Visualizing processes 12.7 Configuring user administration User view (Panels, RT Advanced, RT Professional) Purpose You configure a user view in the engineering system to also administer the users in Runtime. Structure The user view shows the following in each line: The user The encrypted password The corresponding user group The logoff time If no user is logged on, the user view is empty. The content of the individual fields is displayed after logon. User view of an administrator When an administrator is logged on, the user view shows all the users. The administrator changes the user name and the password. The administrator creates new users and assigns them to an existing user group. User view of a user When no administrator is logged on, the user view shows only the logged-on user. Users can change their own passwords and logoff time. 5674 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration See also Users in runtime (Page 5673) Configuring a user view Introduction You configure a user view in the Engineering System to also administer users in Runtime. Requirements A screen has been created. Procedure 1. Select the "User view" object from the "Controls" category in the toolbox. 2. Drag-and-drop the "User view" object into the screen. 3. Click on "Properties > Properties" in the Inspector window. 4. Specify the appearance of the "User view". 5. You can, for example, select " "Display mode > Fit to size > Fit object to contents". Result You have created a user view in the screen. Creating users Introduction You create a user so that users can log on under their user name in runtime. As an alternative, you can create users in the engineering system and download them to the HMI device. Note Applies only to Runtime Professional: New users who want to access through a Web client or a WebUX client on the system, can only be created in the engineering system. When you create a user in Runtime with the user view, it is not possible to assign a Web startup screen to this user. This user is therefore not authorized to access the Web. Neither can existing users be granted web access rights in Runtime. WinCC Advanced V14 System Manual, 10/2016 5675 Visualizing processes 12.7 Configuring user administration The logon is successful only when the user name entered during the logon matches a user in runtime. In addition, the password entered at logon has to match that of the user. Note Note that the entry is case-sensitive. Note Do not use special characters such as / " $ % ? ' & when you enter a user name and a password. You assign the user to a user group. The user then has the authorizations of the user group. Note Runtime users must be assigned to a user group. The user group is created in the engineering system. The designation of the user group is language-dependent. Requirements The user view is open. A "Group 2" user group has been created. Procedure 1. Click "<New User>" in the user view. A dialog opens. 2. Enter "Foreman" as the user name. 3. Press the <Return> button. 4. Click "Password." 5. Enter the password of the user. 6. Press the <Return> button. The password is hidden. 7. Click in the "Group" column. 8. Select "Group 2" as the "Group". 9. Press the <Return> button. 5676 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 10.Click in the "Logoff time" column. 11.Enter the time after which the user is logged off automatically. Managing users in the user view (Panels, RT Advanced, RT Professional) Introduction If you have configured a user view in the engineering system, the users and user groups can be managed in runtime. NOTICE Changes in the user view are effective immediately in runtime. Changes in runtime are not updated in the engineering system. When downloading the user administration to the HMI device, all changes in the user view are overwritten after a security prompt and based on the settings. Requirements Runtime is enabled. A complex user view has been created. The screen with the user view is open. You have the default "User administration" authorization. Note If you do not have a "User administration" authorization, you can only change your own password and your logoff time. Changing the user name 1. Enter a new user name in the "Users" column in the user display. 2. Confirm your entry with <Return>. Note The user can then no longer log on with his previous password in runtime. If you delete the name and press <Return>, the user is deleted. WinCC Advanced V14 System Manual, 10/2016 5677 Visualizing processes 12.7 Configuring user administration Changing the password of the user Availability of complex user display in selected devices only. 1. Enter a new password in the "Password" column in the user display. 2. Confirm your entry with <Return>. Note The user can then no longer log on with his previous password in runtime. If you delete the password in the complex user view and press <Return>, the user will be deleted. Changing the logoff time of the user 1. Enter a new logoff time in the "Logoff time" column in the user display. 2. Confirm your entry with <Return>. Deleting a user 1. Click the name of the user to be deleted. 2. Delete the name. 3. Press the <Return> button. Note The user can no longer log on in runtime. Assigning a user to a different user group 1. Activate the user group field for the corresponding user. 2. Select a user group. 3. Confirm your selection with <Return>. Unlock locked out users (Basic Panels, Panels, RT Advanced) Unlock locked out users The check box "Activate limit for login attempts" is activated in the "Runtime settings > User administration". The number 3 is entered in the field "Number of invalid login attempts". If users have three failed attempts at login, e.g. by entering an incorrect password, they are assigned to the "Unauthorized" group. The user loses all authorizations. The user can still log on, but no longer has any authorizations. Only a user with administrator rights re-assigns the unauthorized user to a user group. 5678 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Exporting the user administration (Panels, RT Advanced, RT Professional) Introduction The users and user groups are transferred to the HMI device from the Engineering System. If you have configured a user view, you can administer the users at the HMI device via the user view. If a user has access to several HMI devices, the same user and the same password must be configured on each HMI device. Create a standard for user administration of the different HMI devices. Export the users and passwords on an HMI device to a storage medium, such as a floppy, memory card or a network drive. You import the users and passwords from this storage medium at all the other HMI devices. You program a function which exports the user data at a button. The system function "ExportImportUserAdministration" is not available on all HMI devices. NOTICE When exporting, the user data are encrypted and written from the HMI device to the target file. The target file is overwritten Requirements An HMI device has been created. A screen has been created. A button has been created in the screen. The Inspector window is open. Procedure 1. Click the button in the screen. 2. Click "Properties > Events > Click" in the Inspector window. 3. Click the entry "Add function" in the function list. 4. Select the "ExportImportUserAdministration" system function. 5. Select "Export" as the "Direction". When exporting, the target file is overwritten with the user data. 6. Enter the full path of the destination file as the "File name", for example "a:\test \usersview.txt". Note Ensure that the file name is written correctly. If the directory, for example "\test\", does not exist, it will be created without a prompt. WinCC Advanced V14 System Manual, 10/2016 5679 Visualizing processes 12.7 Configuring user administration Importing the user administration (Panels, RT Advanced, RT Professional) Introduction If a user has access to several HMI devices, the same user and the same password must be configured on each HMI device. Create a standard for user administration of the different HMI devices. Export the users and passwords on an HMI device to a storage medium, such as a floppy, memory card or a network drive. You import the users and passwords from this storage medium at all the other HMI devices. You configure a function which imports the user data at a command button. The system function "ExportImportUserAdministration" is not available on all HMI devices. NOTICE When importing, the user data are read in from the source file and written into the HMI device. The users and passwords currently valid in the HMI device are overwritten. The imported users and passwords are valid immediately. Requirements A screen has been created. A command button has been created in the screen. The Inspector window is open. Procedure 1. Click the button in the screen. 2. Click "Properties > Events > Click" in the Inspector window. 3. Click the entry "Add function" in the function list. 4. Select the "ExportImportUserAdministration" system function. 5. Select "Import" as the "Direction." When importing, the user data in the HMI device are overwritten. 6. Enter the full path of the source file as the "File name", for example "a:\test\usersview.txt". Note Ensure that the file name is written correctly. If the folder, for example "\test\", or the file does not exist, an error message will be displayed. 5680 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Logging on as a user (Basic Panels, Panels, RT Advanced) Introduction As a rule you log-on as a user by means of a special button. The logon dialog box is displayed to this purpose. The logon dialog box is displayed by default during access to a protected object if No user is logged on in Runtime. The logged-on user does not have the required authorization. Note The system always opens the logon dialog on the OP 73, OP 77A, TP 177A and Basic Panels HMI devices when you press an access-protected button. Requirements Under "Runtime settings > User administration" the - "Enable limit for logon attempts" check box has been selected. - The number 3 is entered in the field "Number of incorrect login attempts". The "ShowLogonDialog" system function is configured on a button called "Logon". Procedure 1. Click the "Logon" button. The logon dialog box is displayed. 2. Enter your user name as it was specified in the user administration, for example "Foreman". If someone has logged on before you, the name of the user will be displayed. 3. Enter the corresponding password. The input is concealed. Note When entering the password, note that it is case sensitive. 4. Click "OK" to close the dialog box. WinCC Advanced V14 System Manual, 10/2016 5681 Visualizing processes 12.7 Configuring user administration Note When you change the HMI device, you do not need to re-enter the password if the permitted special characters are included in the password on all HMI devices. The following special characters are permitted for passwords: ()&@$%+#^[]|*-"<>!,.;:/_=\'? ~{}$ If you switch to V14 from an older device version and prohibited special characters were used for the password, the password is deleted. You are informed about this with an error message and have to save a new password. Logon was successful If you have entered the user name "Foreman" and the entered password corresponds with the stored password, you are logged on as the user "Foreman" in Runtime. You have the authorizations of the user "Foreman". When the user "Foreman" accesses a protected object such as the "Logging" button, access to this protected object will only be authorized if the user "Foreman" has the required authorization. The programmed function is executed immediately. If you do not have the required authorization after the successful log-on, a corresponding error message is displayed. However, you remain logged on in Runtime. Logon was unsuccessful An error message is displayed. In order to maintain security, you or the user logged-on before you no longer has any authorizations. However, access to unprotected objects remains possible. The user view does not, however, show any entries. The user view and the authorizations change after the next successful log-on. If the third login attempt has failed, the user will be assigned to the "Unauthorized" group. For this reason, do not configure a user group with this display name. If the "Log off" function is called up or the logoff time of the user has expired, the user is logged off. 5682 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 12.7.2.4 Configuring access protection Access protection Introduction You configure an authorization at an object in order to protect it against access. All logged-on users who have this authorization can then access the object. If a user does not have authorization to operate an object, the logon dialog is displayed automatically. Note Several system functions are available under "User administration" so that user, password, and user group can be edited, for example, in the PLC. Configuring operating authorizations Introduction You configure the "Stop runtime" authorization on a button. Then only those users who have the appropriate authorization have access to this button, for example all the users of the "Operators" user group. This ensures that access to the command button is protected. If a logged-on user who belongs to the "Operators" user group and has the required authorizations clicks the button, runtime is stopped. An example describes in detail how to configure a command button with access protection. Requirements The "Operators" user group has been created. The "Stop runtime" authorization has been created. A screen has been created and opened. The screen contains a button. Procedure 1. Click the button in the screen. 2. Click "Properties > Properties > Security" in the Inspector window. 3. Select "Stop runtime" as the "Authorization". WinCC Advanced V14 System Manual, 10/2016 5683 Visualizing processes 12.7 Configuring user administration 4. In the Inspector window, select "Properties > Events > Click". 5. Select a system function from the function list, for example, "StopRuntime". Note The "Enable" and "Disable" events are only used to detect whether an object was selected or deselected. The events do not, however, trigger a password prompt. Do not use the "Enable"or "Disable" event if you want to configure access protection at the function call of the object. 12.7.3 Reference 12.7.3.1 Objects with access protection (Basic Panels) Introduction The following objects can be configured with an authorization: Date/time field I/O field Graphic I/O field Recipe view Switch Button Symbolic I/O field System diagnostic view 12.7.3.2 Objects with access protection (Panels, RT Advanced) Introduction The following objects can be configured with an authorization: Date/time field I/O field f(x) trend view Graphic I/O field GRAPH overview HTML browser 5684 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Alarm view Alarm window PLC code view ProDiag overview Recipe view Switch Button Slider Symbol library Symbolic I/O field System diagnostic view System diagnostic window Effective range name Effective range name (RFID) 12.7.3.3 Default user groups and authorizations (Basic Panels, Panels, RT Advanced) Principle The predefined user groups and authorizations have the following numbers: WinCC Advanced V14 System Manual, 10/2016 User group Number "Administrator group" 1 "Users" 2 Authorization Number "User administration" 1 "Monitor" 2 "Operate" 3 5685 Visualizing processes 12.7 Configuring user administration 12.7.4 Examples 12.7.4.1 Example: Configuring a button with logon dialog box Task In the following example, you configure the function "ShowLogonDialog" for a button. A different user can then log on in runtime when the shift changes, for example. In the process the user previously logged on is logged off. Note In runtime the logon dialog box is not displayed by default until you access a protected object. Either no user is logged on or the logged-on user does not have the required authorization. Requirements A screen has been created. A button has been created in the screen. Procedure 1. Click the button in the screen. 2. Click "Properties > Events > Release" in the Inspector window. 5686 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration 3. Click the entry "Add function" in the "Function list" table. 4. Select the system function "ShowLogonDialog" from the "User administration" group. Result If the user clicks on the button in runtime, the function "ShowLogonDialog" is called up. When the function "ShowLogonDialog" is called up, the logon dialog box is displayed. The user logs on with his user name and password. 12.7.4.2 Example: Logging the logon and logoff events (Basic Panels, Panels, RT Advanced) Task In the following example, you configure the function "TraceUserChange" to the event "User change". Principle The "TraceUserChange" function is called when a user logs on or off. When a function is called up, a system message with information about the corresponding user is output. This system message can be archived. When archiving, the system message is provided with a date stamp and time stamp. This ensures that you can track which user was logged on at the HMI device at which time and for how long. WinCC Advanced V14 System Manual, 10/2016 5687 Visualizing processes 12.7 Configuring user administration Requirements You have created an HMI device with Runtime Advanced. The Inspector window is open. Procedure 1. Double-click the "Scheduler" in the Project view. 2. Double-click "Add" in the table of the tasks. 3. Enter "Logon-Protocol" as the "Name". 4. Select "User change" as the "Trigger". 5. Open "Properties > Events" in the Inspector window. 6. Click the entry "Add function" in the "Function list" table. 7. Select the "TraceUserChange" system function. Result A system message is output when a user logs on or logs off. 12.7.4.3 Example: Structure of user administration Task In the following example you set up a user administration for different users and user groups. The example orientates itself to a typical requirement profile from manufacturing engineering. Principle Completely different groups of persons are involved in a plant or project. Each group of persons protects its respective data and functions against access by others. For this purpose, users are created and assigned to a user group. You can reproduce different views through user groups. Example: Organizational view: Commissioners, Operators, Shift I, Shift II Technological view: Axis control, Tool changers, Plant North, Plant South The following example orientates itself to the organizational view. Every user group has characteristic requirements regarding access protection: A user group has operating authorizations for specific application cases. A programmer changes, for example, recipe data records. In the example the users Miller, Group Smith and Foreman are created and assigned to different user groups. 5688 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Ms. Miller works as a programmer in the engineering system. The Group Smith are commissioners. Mr. Foreman is an operator. Requirements A new project has been created. The "User administration" editor is open. Procedures overview Working with user administration has the following procedure in the example: 1. Creating authorizations The planner specifies which authorizations are required for access protection. 2. Configuring authorizations: The planner specifies which objects may be operated and which functions may be executed. 3. Creating user groups and allocating authorizations: The administrator creates the user groups together with the planner. The planner uses the authorizations to specify who may operate objects and change parameters. 4. Creating users and assigning them to a user group: The administrator administers the users. Result The aim is the following structure of the user administration of users, user groups and authorizations: Users Miller Smith Foreman User groups Authorizations Roles Changing recipe re cords Changing system pa rameters Changing process pa rameters Administrator group X X X Managing x Programmer X Commissioning engi neers X Operators x X X The user "Foreman" who belongs to the "Operators" user group has access to the configured "To Recipe view" button. Note Alternatively, you can create several users as operators with different operating authorizations, for example, Operator Level 1, Operator Level 2. WinCC Advanced V14 System Manual, 10/2016 5689 Visualizing processes 12.7 Configuring user administration 12.7.4.4 Example: Creating and configuring authorizations Task The following example shows you how to create the authorizations Procedure 1. Open the "User groups" work area. 2. Double-click "Add" in the "Authorizations" table. 3. Enter "Change recipe data records" as the "Name" of the authorization. 4. Repeat steps 2 and 3 to create additional authorizations: "Change system parameters", "Change process parameters". Result 12.7.4.5 Example: Configuring a button with access protection Task In the following example you use a system function to create a button for a screen change. You protect the "To Recipe view" button against unauthorized operation. To do so, you configure the "Change recipe data records" authorization at the "To Recipe view" button. 5690 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Requirements A "Change recipe data records" authorization has been created. A "Recipes" screen has been created. A "Start" screen has been created and opened. A button has been created and marked in the "Start" screen. Procedure 1. Click "Properties > Properties > General" in the Inspector window. 2. Enter "To Recipe view" as the text. 3. Click "Properties > Events > Click" in the Inspector window. 4. Click the "Add function" entry in the first line of the "Function list" table. 5. Select the "ActivateScreen" system function in the "Screens" group. 6. Click the button in the "Screen name" field. A dialog box for selecting the screen opens. 7. Select the "Recipes" screen and use the button to close the dialog box. 8. Click "Properties > Properties > Security" in the Inspector window. 9. Select "Change recipe data records" as the "Authorization." Result WinCC Advanced V14 System Manual, 10/2016 5691 Visualizing processes 12.7 Configuring user administration Access to the "To Recipe view" button is protected. If, for example, the user "Smith" clicks the button in Runtime, the function "Recipe view" screen is called up. Prerequisite is that the user "Smith" has logged on correctly and has the required authorization. The "Recipes" screen contains a recipe view and other screen objects. If the logged-on user does not have the required authorization or if no user is logged on, the "Logon dialog box" is displayed. 12.7.4.6 Example: Creating user groups and assigning authorizations: Task In the following example you create the user groups and assign authorizations to them. Procedure 1. Open the "User groups" work area. 2. Double-click "Add" in the "Groups" table. 3. Enter "Programmer" as the "Name". 4. Repeat steps 2 and 3 to create the "Commissioner" and "Operator" user groups. 5. Click "Administrator" in the "Groups" table. 6. Activate the "Change system parameters" authorization in the "Authorizations" table. Interim result 5692 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.7 Configuring user administration Procedure 1. Click "Operator" in the "Groups" table. 2. Activate the "Change recipe data records" authorization in the "Authorizations" table. 3. Click "Commissioner" in the "Groups" table. 4. Activate the authorizations "Change recipe data records", "Change system parameters" and "Change process parameters" in the "Authorizations" table. 5. Click "Programmer" in the "Groups" table. 6. Activate the "Change recipe data records" authorization in the "Authorizations" table. Result 12.7.4.7 Example: Creating users and assigning them to a user group Task In the following example you create the users and assign user groups to them. The users are sorted alphabetically immediately after the name has been entered. Procedure 1. Open the "Users" work area. 2. Double-click "Add" in the "Users" table. WinCC Advanced V14 System Manual, 10/2016 5693 Visualizing processes 12.7 Configuring user administration 3. Enter "Miller" as the user name. 4. Click the displayed. button in the "Password" column. The dialog box for entering the password is 5. Enter "miller" as the password. 6. To confirm the password enter it a second time in the lower field. 7. Close the dialog box by using the icon. 8. Activate the "Programmer" user group in the "Groups" table. Interim result Procedure 1. Double-click "Add" in the "Users" table. 2. Enter "Smith" as the user name. 3. Click the displayed. button in the "Password" column. The dialog box for entering the password is 4. Enter "smith" as the password. 5. To confirm the password enter it a second time in the lower field. 6. Close the dialog box by using the icon. 7. Activate the "Commissioner" user group in the "Groups" table. 8. Repeat steps 2 to 6 for the user "Foreman." 9. Activate the "Operators" user group in the "Groups" table. 5694 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Result 12.8 Working with system functions and Runtime scripting 12.8.1 Basics (Panels, RT Advanced) 12.8.1.1 Runtime scripting (Panels, RT Advanced) Term definition The following terms are used in the documentation: Term WinCC Advanced V14 System Manual, 10/2016 Runtime scripting Generic term for all activities in user-defined functions. Function Generic term for system functions and user-defined functions. System functions System functions are all functions supplied with WinCC. The system functions are used either in function lists or user-defined functions. User-defined functions User-defined functions are functions written in the "Scripts" editor. For more precise specification, the term "User-defined VB function" is used in the doc umentation. VBS / VBScript Abbreviation for Visual Basic Script 5695 Visualizing processes 12.8 Working with system functions and Runtime scripting Applying Runtime scripting The following figure serves as a decision guide for programming tasks at hand: &DQLWEH LPSOHPHQWHGLQ $6" <HV $GDSWLQJ3/& SURJUDP <HV 8VLQJDV\VWHP IXQFWLRQ 1R 6\VWHPIXQFWLRQ DYDLODEOH" 1R 8VHUGHILQHG IXQFWLRQ :ULWLQJ (1' 12.8.1.2 System functions (Panels, RT Advanced) Applications You use system functions for the following: Function lists A function list is executed from top to bottom in Runtime. If a function list includes system functions with longer runtime, these are processed asynchronously. For additional information, refer to "Runtime characteristics". User-defined functions If the HMI device supports customized functions, you use system functions in combination with instructions and conditions in the code of a customized function. In this way you execute a customized function depending on a specific system state. In addition, you can evaluate return values of system functions, for example. Depending on the return value, you then perform test functions, for example, that in turn affect the user-defined function flow. Application examples of system functions Calculations, increase tag value by a defined or variable amount. Log function, e.g. to start a process value log. Settings, e.g. to switch the PLC or set a bit in the PLC. Alarms, e.g after changing the user. 5696 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Application Function list When configuring a function list, you select the system functions from a selection list that is sorted by categories: User-defined function If you are using a system function in a user-defined function, you choose it from a selection list. To open the selection list, use the key shortcut <Ctrl+Space> or click . Language dependency In the function list, the names of the system functions are dependent on the set project language. The functionality can then be recognized immediately by the project planner. You use the English name of the system function in user-defined functions. You will find the English name of the system function in the reference. Availability Which system functions are available depends on the selected HMI device. WinCC Advanced V14 System Manual, 10/2016 5697 Visualizing processes 12.8 Working with system functions and Runtime scripting HMI device replacement If you use system functions in a function list that are not available on the set HMI device, these system functions are marked in color. If you use a system function in a user-defined function which is not available on the set HMI device, a warning is issued. In addition, the respective system function will be underlined with a wavy blue line. See also System functions for logs (Page 5373) 12.8.1.3 User-defined functions (Panels, RT Advanced) Applications You use customized functions for the following for example: : Configuring an extended function list In a customized function you have the option to have customized functions and system functions executed depending on conditions or executed repeatedly. You then add the customized function to a function list. Programming new functions Customized functions are only valid in the project in which they are defined. For userdefined functions you define transfer parameters and return values, for example, for conversion of values. Properties of customized functions A customized function has the following properties: Name Parameter (optional) Return value and type (optional) Can be modified centrally has no trigger. You have to call the customoized function explicitly, e.g. in a function list. behaves like a system function Usage You create customized functions with the "Scripts" editor. See "Scripts" editor (Page 5704) for additional information. 5698 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Customized functions are saved in the project. To protect user-defined functions, set up knowhow protection. See AUTOHOTSPOT for additional information. Project tree The user-defined functions are listed in the project tree under "VB scripts". Function list The user-defined functions are listed in a function list under "VB functions". User-defined function If you are using a system function in a user-defined function, you choose it from a selection list. To open the selection list, use the key shortcut <Ctrl+Space> or click . Recursion level The recursion level in user-defined functions is limited by the stack size of the HMI device. If the number is exceeded, a system error message is output in Runtime. This means you should limit the number of recursions in a user-defined function. WinCC Advanced V14 System Manual, 10/2016 5699 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.2 Working with function lists (Panels, RT Advanced) 12.8.2.1 Basics of the function list (Panels, RT Advanced) Introduction A function list performs one or more system functions and user-defined functions when the configured event occurs. Principle The function list is configured for an event of an object, for example, for a screen object or a task. You can configure a function list precisely on every event. The events which are available depend on the selected object and the HMI device. Events occur only when the project is in Runtime. Events include: Execution of a task Pressing of a button Acknowledging an alarm Note The choice of configurable system functions in a function list is dependent on the selected HMI device. For additional information, refer to "Availability for specific devices of system functions". 5700 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.2.2 Properties of a function list (Panels, RT Advanced) Status information During configuration the project data is tested in the background. With the following causes the function list is not executed in Runtime and the incorrect entries are marked red: At least one system function or one user-defined function is not completely supplied with parameters. At least one system function or one user-defined function is contained which is not supported by the selected HMI device, e.g. by changing the device type. Processing of system functions and user-defined functions (WinCC Runtime Advanced and Panels) A function list is executed from top to bottom in Runtime. If a function list includes system functions with longer runtime, these are processed asynchronously. You can find additional information about this in the sections "Calling system functions" and "Calling user-defined functions". See also Executing a function list in Runtime (Page 5727) Processing sequence for user-defined functions and system functions (Page 5729) 12.8.2.3 Configuring a function list (Panels, RT Advanced) Introduction You configure a function list by selecting the system functions and customized functions from a drop-down list. The system functions are arranged in the selection list according to categories. You only use customized functions of a programming language in a function list. Your selection of the first user-defined function determines whether user-defined VB functions or user-defined C functions can be selected in the function list. Which programming languages are available depends on the selected HMI device. If you have created a user-defined VB function, for example, the user-defined function is available under the entry "VB functions". Requirement Object has at least one configurable event. WinCC Advanced V14 System Manual, 10/2016 5701 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure Proceed as follows to configure a function list: 1. Open the editor in which the object is located. 2. Select the object. 3. Click "Properties > Events" in the Inspector window. Choose the event for which you want to configure the function list. 4. Mark the "<Add function>" entry in the inspector window in the drop-down list. 5. Select the desired system function or the desired user-defined function from the selection list. You can also enter the name of the system function or the user-defined function. The system function or the customized function is entered in the function list. 6. If the system function or the customized function has parameters, select the appropriate values for the parameters. 7. If you want to add other system functions or user-defined functions to the function list, repeat steps 4) to 6). 5702 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Result The function list is configured. In addition, to the configured event, the status of the function list is displayed in the Inspector window. When the configured event occurs in Runtime, the function list is completed from top to bottom. 12.8.2.4 Editing a function list (Panels, RT Advanced) Introduction A function list can be edited as follows: Change the order of system functions and user-defined functions. Remove system functions or user-defined functions. Requirement The function list is configured and opened. Changing the order of a system function or a customized function 1. Select the desired system function or customized function in the function list. 2. Then click the appropriate direction arrow in the inspector window until the system function or customized function is in the desired position. Changing the order of several system functions and customized functions 1. Hold down the <Shift> key. 2. Click desired system functions or customized functions one after another with the mouse. 3. Move the selection to the desired position by drag&drop. WinCC Advanced V14 System Manual, 10/2016 5703 Visualizing processes 12.8 Working with system functions and Runtime scripting Removing a system function or customized function 1. Select the desired system function or customized function in the function list. 2. Select "Delete" in the shortcut menu. 12.8.3 Working with user-defined VB functions (Panels, RT Advanced) 12.8.3.1 "Scripts" editor (Panels, RT Advanced) Introduction The "Scripts" editor supports you in the creating of user-defined functions with functionalities such as auto-completion and syntax highlighting. You can insert code templates for frequently used instructions with the "Instructions" task card for example. Autocompletion and parameter entry The "Scripts" editor provides you context-dependent programming support with autocompletion parameter entry support. When you use system functions, the parameters of the function are shown as a tooltip. 5704 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting <Ctrl+J> The object list can be called context-specifically by using the shortcut <Ctrl+J>. Use the object list to supply values to system functions, methods, and properties: For example, you select screens, screen objects, tags, or colors. You transfer a selected object from the object list into the code by double-clicking it. Note Tags and screens can also be inserted using a drag-and-drop operation. Use, for example, drag-and-drop to assign values to parameters. <Ctrl+Space> With the key combination <Ctrl+Space> you call a list with the following contents: Constants and functions of the programming language used in the "Scripts" editor. User-defined functions System functions Integrating control characters in strings If you want to use control characters such as tabs or line breaks in strings, use the function "Chr()". Transfer the decimal ASCII code of the required control character as parameter: Example: Chr(9) returns "Tab". Chr(15) returns "SI" (Shift in). Chr(20) returns "DC4" (Device Control 4). You will find more detailed information on this VBS function on the Internet. "Instructions" task card The "Instructions" task card contains the "Code templates" and "Function list" palettes. Code templates To insert frequently used instructions, double click the desired instruction in the "Code templates" palette. Replace the space holders with the used expressions. Function list In the function list you select the system functions and user-defined functions from a dropdown list. Proceed as for configuring a function list. To transfer the function list to the code, click the "Transfer" button. The function list is automatically converted into the correct syntax. Note Not all system functions are available in the "Scripts" editor. For additional information, refer to the reference. WinCC Advanced V14 System Manual, 10/2016 5705 Visualizing processes 12.8 Working with system functions and Runtime scripting Edit functions Use the buttons of the toolbar "Advanced Edit" to make the code more readable by means of indentation and the use of comments. Bookmarks help you keep an overview, even of many lines of code. Further information regarding each button can be obtained in the accompanying direct help. Synchronization of tags and objects If you change tag names or object names in the project which you use in a user-defined function, the names are adapted automatically in the user-defined function. If you change the tag name or object name in the function, the tag names or object names are not adapted in the project. An appropriate error message is output when executing the userdefined function. Syntax highlighting Keywords in the "Scripts" editor are highlighted using different colors. Unknown words are underlined with a red wavy line. The table shows the preset colors for the most important keywords: Color Meaning Example Blue Keyword If, Then Dark violet Function FahrenheitToCelsius Chocolate System function SetTag Orange HMI tag Tag_1 Green Comment 'This is a comment' Adapting display properties When you have opened a user-defined function, you can customize the display properties in the editor. Select the "Options > Settings" menu command. Click "General > Text editors" in the "Settings" editor. For example, you can change the colors for syntax highlighting or adapt the indents for code in the work area. See also Create customized VB functions (Page 5712) 12.8.3.2 Access to HMI tags (Panels, RT Advanced) Introduction In user-defined VB functions, you have access to HMI tags which you have created in the project. Change or read the tag value with a user-defined VB function in Runtime. 5706 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting In addition, you can create local tags as counters or buffers in the user-defined VB function. You must declare each tag to avoid errors due to misspelled tags. HMI tags The user-defined VB function accesses the tag value which is saved in Runtime memory. Next, the tag value will be updated to the set cycle time. The user-defined VB function first accesses the tag values which were read at the previous cycle time. If the tag name matches the VBS name conventions in the project, you can use the HMI tag directly in the function. 'VBS_Example_03 If BeltDriveOilTemperature > 100 Then [instruction] If the tag name in the project does not match the VBS name conventions, you must reference the HMI tag using the "SmartTags list". In the following example the tag name contains the "&" character that is not permitted in accordance with the VBS name conventions: 'VBS_Example_04 SmartTags("Test&Trial")= 2005 Local tags You define local tags with the Dim instruction. You can only use local tags within user-defined VB functions. They therefore do not appear in the "HMI Tags" editor. You use a local tag in the user-defined VB function, for example, as a counter in a For instruction. 'VBS_Example_05 Dim intCount For intCount = 1 To 10 [instruction] Next Access to HMI tags with a dynamic name The user-defined VB function accesses the tag value using the tag name. You can specify the tag name in such a way that the tag name is composed at the runtime of the user-defined function. If you only call the user-defined VB function in a screen in which the HMI tag is also used elsewhere, for example in an I/O field, you should for performance reasons configure the HMI tag with "Cyclic in operation" acquisition mode. If the user-defined VB function is accessed and the HMI tag is not being used in the screen currently displayed, configure the HMI tag with "Cyclic continuous" acquisition mode. This ensures that the current value of the tag is always available. WinCC Advanced V14 System Manual, 10/2016 5707 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.3.3 Access to objects (Panels, RT Advanced) Introduction The objects of the VBS object model with the appropriate properties and methods are available in user-defined VB functions. The object properties can be read and changed in Runtime. Referencing objects In customized VB functions you reference the objects by the corresponding list. To identify the object, use its name or the position number within the list. If you access the properties of an object more often, create an object reference. You can access object properties with and without object reference. With the following instruction the first object is referenced in the "MainScreen": 'VBS_Example_01 Dim objObject 'Change to Screen "MainScreen" HMIRuntime.BaseScreenName = "MainScreen" Set objObject = HMIRuntime.Screens(1).ScreenItems(1) With the following instruction an object is referenced by its name and an object property is changed. You must have created the object with this name in the screen. 'VBS_Example_02 Dim objCircle HMIRuntime.BaseScreenName = "MainScreen" Set objCircle = HMIRuntime.Screens(1).ScreenItems("Circle_01") objCircle.BackColor = vbGreen 12.8.3.4 Calling system functions (Panels, RT Advanced) Introduction You can insert system functions in a user-defined VB function. This can be done in the following ways: With <Ctrl+Space> or with Direct input With the "Function list" palette 5708 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting With <Ctrl+Space> or with Open the list of system functions with <Ctrl+Space> or with function. and select the desired system Direct input You enter the system functions directly into the code. You use the English name of the system function. You can find the English name of the system function in the system function reference under "Syntax". The editing language setting is not taken into consideration. References to objects, e.g. screens, connections and logs are transferred in inverted commas: Calling system functions without return value in VBS SetTag "Tag1",64 Calling system functions with return value in VBS InverseLinearScaling "XValue","Tag1", 0, 1 With the "Function list" palette Select the system functions from a selection list that is sorted by categories in the "Function list" palette. Proceed as for configuring a function list. To transfer the list to the code, click the "Transfer" button. The list is automatically converted into the correct syntax. HMI device replacement The code of a customized function depends on the selected HMI device. If you use system functions in the customized function which are not supported by the selected HMI device, you receive an error message in the output window. You will find additional information under "Device dependency of system functions". See also Configuring a function list (Page 5701) 12.8.3.5 Calling user-defined VB functions (Panels, RT Advanced) Introduction You can only insert user-defined VB functions in a user-defined VB function. WinCC Advanced V14 System Manual, 10/2016 5709 Visualizing processes 12.8 Working with system functions and Runtime scripting This can be done in the following ways: With <Ctrl+Space> or with Direct input With the "Function list" palette With <Ctrl+Space> or with Open the list of user-defined VB functions with <Ctrl+Space> or with user-defined VB function. and select the desired Direct input You enter the user-defined VB function directly into the code. References to objects, e.g. screens, connections and logs are transferred in inverted commas. Function Average(ByVal Var1, ByVal Var2) Average = (Var1+Var2)*(1/2) End Function Calling user-defined VB functions without return value in VBS Average 4,10 Calling user-defined VB functions with return value in VBS Dim ValueA ValueA = Average (4,10) If you do not want to evaluate the return value, use the call as for a user-defined VB function without return value. With the "Function list" palette Select the desired user-defined VB function from a selection list in the "Function list" palette. Proceed as for configuring a function list. You will find additional information under "Configuring a function list". To transfer the list to the code, click the "Transfer" button. The list is automatically converted into the correct syntax. 5710 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.3.6 Transfer and return of values in VBS (Panels, RT Advanced) Transfer of a value The following options are available for transferring parameters. "Call by Value" - ByVal ByVal transfers the parameter value. If you transfer a tag as a parameter, the tag value is transferred to the user-defined function when the user-defined function is executed. "Call by Reference" - ByRef ByRef transfers the address of the parameter. If you transfer a tag as a parameter, the tag address is transferred to the user-defined function when the user-defined function is executed. When user-defined functions and system functions are called in user-defined functions, the parameter is transferred as ByRef. Return of a value Return values can return the result of a calculation (e.g., average value of two numbers). But a return value can also give information about whether an instruction was executed correctly. Therefore, the system functions that perform file operations such as "Delete" also have return values. For a user-defined function to return a value, you must set the "Function" type. You assign the function name to the return value in the user-defined function: To form an average value of two numbers, call the user-defined VB function Average and transfer the result to the HMI tag for example AverageValue. In a customized VB function SmartTags("AverageValue") = Average ("4", "10") In the function list You can output the value of the HMI tag AverageValue in an I/O field. WinCC Advanced V14 System Manual, 10/2016 5711 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Create customized VB functions (Page 5712) 12.8.3.7 Create customized VB functions (Panels, RT Advanced) Introduction When you create a customized VB function, you define the following settings: The name with which you call the user-defined VB function. The type of user-defined VB function. The parameters which are transferred to the user-defined VB function in Runtime. Use only the following characters for the name: "A" to "Z" "a" to "z" "0" to "9" "_" as a separator Note When you change the parameters or the function type, the change is color marked at the application point, e.g. in the function list. Procedure To create a user-defined VB function, follow these steps: 1. Open "Scripts" in the project tree. 2. Double click "Add new VB function" in the project tree under "VB scripts". The user-defined VB function is created as a new tab in the work area. The input mask for the configuration settings of the user-defined VB function opens in the Inspector window. 5712 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 3. Configure the user-defined VB function in the Inspector window "Properties > General > General". 4. Enter a descriptive "Name" for the user-defined VB function. 5. Select the "Type" of the user-defined VB function. - "Function" have a return value. - "Sub" have no return value. 6. Click "<Add>" in the "Parameters" list to add parameters. Enter the parameter name and specify the parameter type. Further information can be found in "Transfer and return of values in VBS (Page 5711)". - "ByVal" transfers the parameter value. - "ByRef" transfers the address of the parameter. 7. Enter its code in the work area. You will find further information about this in ""Scripts" Editor" (Page 5704)". Result The user-defined VB function has been created. The type, name, and function parameters are displayed in the title bar. The start and end are inserted automatically when the user-defined function is created. If you have protected the user-defined VB functions by a password, it is saved encrypted in the project. For additional information, refer to "Protecting user-defined functions". The figure below shows a user-defined VB function which converts the temperature from "Fahrenheit" to "Degrees Celsius": WinCC Advanced V14 System Manual, 10/2016 5713 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.3.8 Testing the syntax of customized functions (Panels, RT Advanced) Introduction During programming, the code is tested in the background. Syntactical errors are marked with a wavy red line. The customized function is checked for correct syntax and valid object references. Check the syntax in the "Scripts" editor to identify all the errors in the code and output the appropriate error messages. In this case, error messages generated by the script parser are output. Use a separate debugger to check customized VB functions for logical programming errors. Error types The following error types are detected in the syntax test and output in the "output window": Unknown string (e.g., not a keyword) Assignment of value to a constant The name of a local tag created with the Dim instruction is already known, e.g.: as a parameter, object, or component of the object model Syntax error Requirements Customized function is open. Procedure Proceed as follows to check the syntax: 1. Click to start the syntax check. The syntax is checked. The result of the syntax check is displayed in the Inspector window under "Info > Compilation." Syntax errors are output with the line number. 2. Correct the errors in the customized function if necessary. Special consideration in the syntax checking of customized functions Customized functions are not interpreted until in Runtime. When an HMI device is being compiled, the system checks its user-defined functions for correct syntax. However, runtime errors may occur in certain circumstances. See also Configuring a function list (Page 5701) 5714 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.3.9 Renaming customized VB functions (Panels, RT Advanced) Renaming a user-defined VB function in the project tree Proceed as follows to rename a user-defined VB function in the project tree: 1. Select the desired user-defined VB function in the project tree. 2. Select the "Rename" (F2) command in the shortcut menu of the user-defined VB function. 3. Enter a new name for the user-defined VB function. Renaming a user-defined VB function in the Inspector window Proceed as follows to rename a user-defined VB function in the Inspector window: 1. Open the user-defined VB function in the "Scripts" editor. 2. In the Inspector window, click "Properties > Properties > General". 3. Enter the new function name. Result The user-defined VB function is renamed. The application points are adapted automatically. 12.8.3.10 Executing customized VB functions (Panels, RT Advanced) Introduction In WinCC you have the following options to execute a customized function: Function list Customized VB function Calling a customized VB function in a function list 1. Add the user-defined VB function to a function list like a system function. You will find the customized VB functions in the drop-down list under "VB functions". You will find further information in "Configuring a function list (Page 5701)". 2. If the VB function has parameters, supply the parameters with static values or HMI tags. 3. If the VB function has a return value, select an HMI tag. The value to be processed is transferred to the HMI tag. WinCC Advanced V14 System Manual, 10/2016 5715 Visualizing processes 12.8 Working with system functions and Runtime scripting Calling a customized VB function in a customized VB function 1. Open the user-defined VB function in which you want to call the user-defined VB function. 2. Call the customized VB function in the syntax of the programming language. You will find further information in "Calling user-defined VB functions (Page 5709)". 3. If the VB function has a return value, assign an expression, e.g. a local tag, to the VB function. See also Configuring a function list (Page 5701) Calling system functions (Page 5708) Calling user-defined VB functions (Page 5709) 12.8.4 Protecting user-defined functions 12.8.4.1 Setting up know-how protection (Panels, RT Advanced, RT Professional) Procedure To set up know-how protection for user-defined functions, follow these steps: 1. Select the user-defined function without know-how protection that you want to protect. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Click "Define". The "Define password" dialog box opens. 4. Enter a password in the "New" field. 5. Enter the same password in the "Confirm" field. 6. Confirm your entries with "OK". 7. Close the "Know-how protection" dialog by clicking on "OK". Result The user-defined function receives know-how protection. User-defined functions with knowhow protection are marked with a lock in the project tree. The password entered is valid for all user-defined functions selected. 12.8.4.2 Opening user-defined functions with know-how protection You can only open multiple user-defined functions with know-how protection at once if they are protected with the same password. 5716 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure To create a user-defined function with know-how protection, follow these steps: 1. Double-click the user-defined function you want to open. The "Access protection" dialog will open. 2. Enter the password for the user-defined function with know-how protection. 3. Confirm your entry with "OK". Result The user-defined function with know-how protection will open provided you have entered the correct password. However, the function will remain know-how protected. Once you have opened the user-defined function, you can edit it for as long as the user-defined function or TIA portal is open. You must enter the password again the next time you open the user-defined function. If you close the "Access protection" dialog with "Cancel" or "Close", the user-defined function is opened but the code is not displayed. You cannot edit the user-defined function. 12.8.4.3 Removing know-how protection Procedure To remove the know-how protection of a user-defined function, follow these steps: 1. Select the user-defined function for which you want to remove know-how protection. Note To remove know-how protection for several user-defined functions at once, all selected user-defined functions must have the same password. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Deactivate the check box "Hide code (know-how protection)". 4. Enter the password. 5. Confirm your entries with "OK". Result Know-how protection will be disabled for the selected user-defined function. WinCC Advanced V14 System Manual, 10/2016 5717 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.4.4 Changing a password Procedure To change the password, follow these steps: 1. Select the user-defined function with know-how protection for which you want to change the password. Note To change the password for several user-defined functions at once, all selected userdefined functions must have the same password. 2. Select the command "Know-how protection" in the "Edit" menu. The "Know-how protection" dialog will open. 3. Click the "Change" button. 4. Enter the old password in the "Old" field. 5. Enter the new password in the "New" field. 6. Enter the new password again in the "Confirm" field. 7. Confirm your entries with "OK". 8. Close the "Know-how protection" dialog by clicking on "OK". 12.8.5 Debugging user-defined VB functions (Panels, RT Advanced) 12.8.5.1 Debugging user-defined VB functions (Panels, RT Advanced) Introduction Debugging allows you to test the user-defined VB functions for logical programming errors in Runtime. For example, you can test whether the proper values were transferred to the tags, and whether cancellation terms are realized correctly. The following VBScript-capable debuggers have been tested and approved: "Microsoft Script Debugger" "Microsoft Script Editor": The debugger is supplied with Microsoft Office. 5718 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting "Microsoft Script Debugger" provides the following functionality: Viewing the source code of the function you are debugging Checking the step-by-step execution of the functions Viewing and editing tags and property values Note Difference with regard to VBScript for Windows and Windows CE The debugger checks the syntax for VBScript for Windows. If the function contains a VBScript function for Windows CE, a corresponding error message is output. Some VBScript functions are different, e.g., CreateObject. You can find a list of these VBScript functions under "VBScript for Windows CE". Microsoft Script Debugger If you want to use the Microsoft Script Debugger for debugging, the English version "scd10en.exe" must be used. The German version "scd10de.exe" may not be installed. "Microsoft Script Debugger" provides the following functionality: Viewing the source code of the function you are debugging Checking the step-by-step execution of the functions Viewing and editing tags and property values Note For tips and tricks on debugging, common sources of errors, and additional information, refer to the online help for the Microsoft Script Debugger. The Microsoft Script Debugger is located in the Microsoft Download Center under the following URL: http://www.microsoft.com/downloads/Search.aspx? displaylang=en833a6a92-961e-4ce1-9069-528d22605127 Use the "Search" field to search for "Script Debugger" and select the required download. Basic procedure The debugger is only intended for identifying error locations in the user-defined VB function. For this purpose, for example, you use break points or execute the user-defined VB function step-by-step. For detailed information, refer to the documentation of the debugger you are using. In order to correct errors, you change to the "Scripts" editor in WinCC. After having recompiled and reloaded the script, you test the user-defined VB function once again using the debugger. Note Your code is displayed in the debugger, but is write-protected. You cannot edit the code directly in the debugger; you can only test the required changes. WinCC Advanced V14 System Manual, 10/2016 5719 Visualizing processes 12.8 Working with system functions and Runtime scripting Error types The following error types are distinguished when debugging: Logical error A logical error occurs when the event you are expecting does not take place, e.g., because a condition was checked incorrectly. To debug logical errors, you go through the userdefined VB function step by step. This way, you identify the portion of the user-defined VB function that is not working. Runtime error A runtime error is generated if an attempt is made to execute an invalid or faulty instruction, e.g., if a tag is not defined. To intercept runtime errors, use the "On Error Resume Next" instruction in the user-defined VB function. With this instruction, the next instruction is executed after a runtime error. You check the error code with the Err object in the next line. To stop the handling of runtime errors in the user-defined VB function again, use the "On Error Goto 0" instruction. Example for error handling Sub OnClick(ByVal Item) 'VBS27 Dim objScreenItem ' 'Activation of errorhandling: On Error Resume Next For Each objScreenItem In ScreenItems If "HMIRectangle" = objScreenItem.Type Then ' '=== Property "RoundCornerHeight" only available for RoundRectangle objScreenItem.RoundCornerHeight = objScreenItem.RoundCornerHeight * 2 If 0 <> Err.Number Then HMIRuntime.Trace objScreenItem.Name & ": no RoundedRectangle" & vbCrLf ' 'Delete error message Err.Clear End If End If Next On Error Goto 0 'Deactivation of errorhandling End Sub Screen change while debugging If you change to another screen while debugging, the user-defined VB function of the previous screen stays open but is no longer valid. The debugger could return invalid error messages in this case, as the objects called will no longer exist after the screen change. 5720 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.5.2 Integrating the debugger (Panels, RT Advanced) Installing a script debugger for WinCC A VBScript-capable debugger must be installed to search for errors in user-defined VB functions. The following VBScript-capable debuggers have been tested and released: Microsoft Script Editor by Office XP Microsoft Script Debugger: The English version "scd10en.exe" must be used. The German version "scd10de.exe" may not be installed. An installed debugger is started as follows: If a runtime error occurs during execution Via "Online > Simulate Runtime > With script debugger" WinCC Advanced V14 System Manual, 10/2016 5721 Visualizing processes 12.8 Working with system functions and Runtime scripting Microsoft Script Editor The Microsoft Office XP component "Microsoft Script Editor" contains a Script Debugger. If the default configuration was installed by Microsoft Office Setup, the "Microsoft Script Editor" component is not installed until called the first time ("Installed on First Use"). If you wish to explicitly install these components, you must specify it in the Microsoft Office setup. Select the component selection menu, click"Web Debugging" component and then select the "Run from My Computer" option. If a project is activated in WinCC via "Online > Simulate Runtime > With script debugger", a dialog containing the list of available script debuggers appears when the first user-defined function is run. Other installed script debuggers such as "Microsoft Visual Interdev" or "Microsoft Visual Studio .NET" may also appear in the list. Select "Microsoft Script Editor" and confirm your selection with "Yes". 5722 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Activate the "Script" program object in the "Step Into Remote Procedure Call" dialog and confirm your selection with "OK". WinCC Advanced V14 System Manual, 10/2016 5723 Visualizing processes 12.8 Working with system functions and Runtime scripting The "Microsoft Script Editor" is launched. The execution pauses at the first line of the first function. 5724 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Microsoft Script Debugger If a script debugger is not available, download "Microsoft Script Debugger" (scd10en.exe) free of charge from Microsoft (www.microsoft.com). It will be started automatically in WinCC once it is installed. Note The "Microsoft Script Debugger" can no longer be called or installed when another VBScriptcapable script debugger is available on your computer. 12.8.5.3 Registering Microsoft Script Debugger (Panels, RT Advanced) Introduction Under Windows 7 / Windows 8, the Microsoft Script Debugger starts in the simulation only after it has been automatically entered once in the registry as the default script debugger. Requirement Microsoft Script Debugger is installed on the configuration PC. You have administrator rights on the configuration PC. WinCC Advanced V14 System Manual, 10/2016 5725 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure 1. Open a command prompt with "Start > Run > cmd". 2. Enter the command: [File path]/Regserver, e.g.: "c:\Program Files\Microsoft Script Debugger\msscrdbg.exe/Regserver". Once the Microsoft Script Debugger has been successfully registered as the default script debugger, you will see the following entries in the registry: "HKEY_CLASSES_ROOT\CLSID\{834128A2-51F4-11D0-8F20-00805F2CD064}] (Default)="ScriptDebugSvc Class" "AppID"="{A87F84D0-7A74-11D0-B216-080000185165}" [HKEY_CLASSES_ROOT\CLSID \{834128A2-51F4-11D0-8F20-00805F2CD064}\LocalServer32] (Default)="c:\\Program Files\\Microsoft Script Debugger\\msscrdbg.exe" [HKEY_CLASSES_ROOT\CLSID\{834128A2-51F4-11D0-8F20-00805F2CD064}\ProgID] (Default)="ScriptDebugSvc.ScriptDebugSvc.1" [HKEY_CLASSES_ROOT\CLSID \{834128A2-51F4-11D0-8F2000805F2CD064}\VersionIndependentProgID] (Default)="ScriptDebugSvc.ScriptDebugSvc" The "LocalServer32" file path must point to the installation folder of Microsoft Script Debugger. If you have installed Microsoft Script Debugger in a different folder, adapt the path information. Result You have registered the Microsoft Script Debugger as the default script debugger. The Microsoft Script Debugger now starts automatically when Runtime is started. 12.8.5.4 Starting and stopping the debugger (Panels, RT Advanced) Requirement VBScript-capable debugger (e.g., MS Script Debugger) and WinCC Runtime are installed on the configuration PC. Project is open. Starting the debugger To start the debugger, proceed as follows: 1. Select the HMI device and then select the "Online > Simulation > With script debugger" menu command. The Runtime software searches for debuggers installed on the configuration PC. 2. If several debuggers are found click on the one required. 5726 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Or: 1. Click "Start > Run". 2. Enter the following command: "HmiRtm /ScriptDebug /<ProjectFile>". Further information about the project file can be found in "Starting Runtime Advanced and Panels (Page 6319)". Or: 1. Select the "debug" command in the project file shortcut menu in the Windows Explorer. Result The debugger is connected automatically with the runtime software. Stopping the debugger The debugger is not closed automatically when you close the Runtime software. Therefore, close the debugger separately. 12.8.6 Runtime behavior in Runtime (Panels, RT Advanced) 12.8.6.1 Executing a function list in Runtime (Panels, RT Advanced) Principle A function list is executed from top to bottom in Runtime. A distinction is made between synchronous and asynchronous execution, so that no waiting periods ensue during execution. The distinction is made by the system by evaluating the different runtimes of the system functions. User-defined functions are always executed synchronously independent of the runtime. If a system function returns an error status, the execution of the function list is cancelled. Synchronous execution During synchronous execution, the system functions in a function list are executed one after the other. The previous system function must be finished before the next system function can be executed. Asynchronous execution System functions that perform file operations such as saving and reading have a longer runtime than system functions that, for example, set a tag value. Therefore, system functions with longer runtimes are executed asynchronously. For example, while a system function is writing a recipe data record to a storage medium, the next system function is already being executed. Due to the parallel execution of system functions, waiting periods at the HMI device are avoided. WinCC Advanced V14 System Manual, 10/2016 5727 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.6.2 Executing user-defined functions in Runtime (Panels, RT Advanced) Principle Only one user-defined function at a time is executed in Runtime. If several user-defined functions are waiting to be executed, they are lined up in a queue and executed one after the other. Note A loop in a user-defined function therefore blocks the execution of the other functions in the queue even if the functions were initiated asynchronously. WinCC supports a maximum nesting depth of eight user-defined functions. Note that the nesting depth is not checked. Note If a user-defined function is configured for the "Runtime stop" event, the only system functions that may be used in this user-defined function are those which are available at the "Runtime stop" event. Ensure that the ending of the Runtime is not interfered with by the execution of the user-defined function. Note Configuration of user-defined functions During configuration make sure that not too many user-defined functions are activated at the same time. Avoid a continuous system load of 100%. User-defined functions are processed at a lower priority so as not to interfere with the display of values and operability. If system utilization is extreme, the user-defined functions to be executed are therefore first only reserved for execution. The maximum size of the reservation list is dependent on the HMI device and is limited by the maximum permitted number of userdefined functions. For additional information, see the performance features. If more userdefined functions are activated at one time than can be reserved, excess calls are discarded and a system alarm displayed. HMI device changeover If you use system functions in a customized function which are not available on the set HMI device, you get a warning. In addition, the corresponding system function in the user-defined function will be underlined with a wavy blue line. See also Runtime Stop (Page 5999) 5728 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.6.3 Processing sequence for user-defined functions and system functions (Panels, RT Advanced) WARNING Adherence to the expected processing sequence for user-defined functions and system functions in Runtime cannot always be guaranteed. This fact may lead to unexpected operating states. Please note the following description in which the correlations are explained. Instructions for a solution are available under "Remedy". Use of user-defined functions for events It is not always possible to adhere to the processing sequence for user-defined functions and system functions expected in the configuration, for example, when the processing of a userdefined function lasts beyond the trigger time of a subsequent event. In this case, system functions that are configured for the following event may be executed before the system functions that were configured with the user-defined function for the same event. Background User-defined functions are arranged in a low-priority queue. The queue is processed in sequence. If system functions and user-defined functions are configured for an event, all system functions and user-defined functions configured for this event are executed in this queue. Example On a button, you have configured: Event Functions Press User-defined function (1) SetBit(Tag) (2) Release WinCC Advanced V14 System Manual, 10/2016 ResetBit(Tag) (3) 5729 Visualizing processes 12.8 Working with system functions and Runtime scripting Press A Release Release Press B Interrupts lower priority program (1) Execution time of the user-defined function (2) Execution time of system function SetBit(Tag) (3) Execution time of system function ResetBit(Tag) A: Expected execution of the user-defined function and system functions in the configuration. When you press the button, user-defined function (1) and then system function SetBit(Tag) (2) are executed. When you release the key, system function ResetBit(Tag) (3) is then executed. B: Processing of the user-defined function is not yet complete when you release the key. When you press the key, the user-defined function (1) is then executed. The execution of the user-defined function (1) is not yet complete and you have already released the key. System function ResetBit(Tag) (3) interrupts the execution of the function. In this case, system function ResetBit(Tag) (3) is executed before system function SetBit(Tag) (2). As a result, the bit remains placed. System function "SetBitWhileKeyPressed" shows the same behavior, if the system function is configured together with user-defined functions. Remedy The processing sequence of the previous Example A is adhered to, if you additionally configure a user-defined function for the "Release" event. The user-defined function does not require functionality for this purpose. Event Functions Press User-defined function (1) SetBit(Tag) (2) Release User-defined function_2 (3) ResetBit(Tag) (4) 5730 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Note Make sure that the user-defined function queue does not overflow; otherwise the system function for the following event may not be executed. An overflow is recognizable by "Overload: Script <name> is rejected" or "Adherence to the expected processing order for user-defined functions and system functions in Runtime cannot always be ensured". 12.8.6.4 Making object properties dynamic in Runtime (Panels, RT Advanced) Introduction You can use user-defined functions to access object properties of screen objects as well as tags in Runtime. If you use a user-defined function to change values of object properties, this will not affect the project data. Changes to object properties If you use a user-defined function in Runtime to change an object property of a screen element, this change will only remain effective while the screen is active. If you change to the screen, or reload the screen, the configured object properties are displayed once more. Language switching If you switch the language in Runtime, the foreign language labels are loaded from the project data. If you use a user-defined function to change texts, the texts changed by the user-defined function are overwritten again. 12.8.7 Examples (Panels, RT Advanced) 12.8.7.1 Example: Converting Fahrenheit into degrees Celsius (Panels, RT Advanced) Scheduled task In this example, create a user-defined VB function which converts the values of a temperature sensor from Fahrenheit to degrees Celsius. The temperature is displayed in an output field on the HMI device. Settings For the example you need two HMI tags and a user-defined VB function with the following settings: WinCC Advanced V14 System Manual, 10/2016 5731 Visualizing processes 12.8 Working with system functions and Runtime scripting HMI tags: Name PLC connection Type Fahrenheit Yes Real Centigrade No Real Name Type Parameters FahrenheitToCelsius Function Fahrenheit User-defined VB function: Procedure 1. Create the two HMI-tags "Fahrenheit" and "Celsius" with the settings named above. 2. Create the user-defined VB function "FahrenheitToCelsius" with the settings given above. 3. Write the following VBS code: FahrenheitToCelsius = (Fahrenheit-32) * (5/9) Interim result The HMI tags and the VB user-defined function are created. Procedure 1. Open the "HMI Tag"editor and click on the "Fahrenheit" tag. 2. Click the "Properties > Events" tab in the Inspector window. Select the "Value change" event. 5732 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 3. Configure the user-defined VB function "FahrenheitToCelsius" to the "Value change" event. 4. Select the tag "Fahrenheit" for the parameter "Fahrenheit". 5. Select the HMI-tag "Celsius" for the return value "Fahrenheit to Celsius". 6. Configure an output field in a screen and connect it with the tag "Celsius". Alternative procedure Instead of using a user-defined VB function of the "Function" type, you can also use the "Sub" type. In this case, assign the converted value directly to the HMI-tag "Celsius". SmartTags("Celsius") = (Fahrenheit-32) * (5/9) In this case the return value of the user-defined VB function is not applicable. Result When the tag value of "Fahrenheit" changes in Runtime, the user-defined VB function "Fahrenheit to Celsius" is performed. The converted temperature value is returned to the HMItag "Celsius" and displayed in the output field. 12.8.7.2 Example: Converting inches into meters (Panels, RT Advanced) Scheduled task In this example you create a user-defined VB function that converts the value of a length measuring system from inches into meters. The length in meters is displayed on the HMI device in an output field. Settings For the example you need two HMI tags and a user-defined VB function with the following settings: HMI tags: Name PLC connection Type VarInch Yes Real VarMeter No Real Name Type Parameters InchToMeter Sub Inch Customized VB function WinCC Advanced V14 System Manual, 10/2016 5733 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure 1. Create the two HMI tags "VarInch" and "VarMeter" with the above settings. 2. Create the user-defined VB function "InchToMeter" with the settings given above. 3. Write the following VBS code: VarMeter = Inch*0.0254 Interim result The tags and the user-defined VB function are created. Procedure 1. Open the "HMI tags" editor and click the "VarInch" tag. 2. Click "Properties> Events" in the Inspector window. Select the "Value change" event. 3. Configure the user-defined VB function "InchToMeter" to the "Value change" event. 4. Select the "VarInch" HMI tag for the "Inch" parameter. 5. Configure an output field in a screen and connect it with the "VarMeter" HMI tag. Result When the tag value of "VarInch" changes in Runtime, the "InchToMeter" user-defined VB function is performed. The calculated value is written into the "VarMeter" HMI tag and displayed in the output field. 5734 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.7.3 Example: Changing the operating mode on the HMI device with the current display (Panels, RT Advanced) Scheduled task In this example, you use the "SetDeviceMode" system function to switch between the "online" and "offline" modes on the HMI device. You also display the current set operating mode on the HMI device. Requirements A screen has been created. Settings For this example you require a HMI-tag and a text list with the following settings: HMI tag: Name PLC connection Type OperatingMode No Bool Name Contains Values ShowOperatingMode Bit (0/1) 1: Operating mode: "Online" Text list: 0: Operating mode: "Offline" WinCC Advanced V14 System Manual, 10/2016 5735 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure 1. Create the "OperatingMode" HMI-tag indicated above. 2. Create the "ShowOperatingMode" text list indicated above. 3. Open the screen and insert a button for which you configure the operating mode change to "online". 4. Click "Properties> Events" in the Inspector window. Select the "Press" event. 5. Configure the "SetDeviceMode" system function for the "Press" event. The system function is found in the selection list under "Settings". 6. For the "Mode" parameter, select the "Online" entry. 7. Configure the system function "SetBit" on the event "Press". The system function is found in the selection list under "Bit processing". 8. Select the HMI-tag "Operating mode" from the selection list for the parameter "Tag". 5736 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 9. Add a button in the process screen for which you configure the operating mode change to "offline". 10.Repeat steps four to seven. For the "Mode" parameter, select the "Offline" entry. Configure the system function "ResetBit" in place of the system function "SetBit." Interim result You can toggle the operating mode of the HMI device with the two buttons in Runtime. You want to display the current set operating mode in an output field on the HMI device. WinCC Advanced V14 System Manual, 10/2016 5737 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure 1. Create a "Symbolic I/O field" in the process image. Click "Properties > Properties" in the Inspector window. 2. Make the following settings in the "General" group: - Select "Output" as the "Mode". - Select the text list "Show operating mode" as "Text list". - Select "Operating mode" as "Tag". Result When you change the operating mode with the buttons, the currently set operating mode on the HMI device is always shown. 5738 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12.8.8 Reference 12.8.8.1 Function list (Panels, RT Advanced) Availability for specific devices of system functions (Panels, RT Advanced) System functions for Basic Panels Availability of system functions The following table shows the availability of the system functions on the Basic Panels. Technical data subject to change. Overview KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN User-defined functions No No No No No Logoff (Page 5831) Yes Yes Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes Yes Yes ActivateCleanScreen (Page 5970) No No Yes Yes Yes ActivatePreviousScreen (Page 5788) Yes Yes Yes Yes Yes UpdateTag (Page 5789) Yes Yes Yes Yes Yes AdjustContrast (Page 5869) Yes No Yes 1) Yes Yes Logon (Page 5831) Yes Yes Yes Yes Yes ArchiveLogFile (Page 5821) No No No No No LogTag (Page 5823) No No No No No EditAlarm (Page 5936) Yes Yes Yes Yes No ScreenObjectCursorDown (Page 5973) Yes Yes Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes Yes Yes ScreenObjectCursorLeft (Page 5977) No No No No No ScreenObjectCursorRight (Page 5975) No No No No No ScreenObjectPageDown (Page 5976) Yes Yes Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Yes Yes Encode (Page 5790) No No No No No EncodeEx (Page 5791) No No No No No Direct key (Page 5792) No No No No No DirectKeyScreenNumber (Page 5794) No No No No No WinCC Advanced V14 System Manual, 10/2016 5739 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN PrintScreen (Page 5856) No No No No No PrintReport (Page 5857) No No No No No NotifyUserAction (Page 5795) No No No No No IncreaseFocusedValue (Page 5796) Yes Yes Yes Yes No IncreaseTag (Page 5836) Yes Yes Yes Yes Yes ExportDataRecords (Page 5943) Yes Yes Yes Yes Yes ExportDataRecordsWithChecksum (Page 5945) No No No No No ExportImportUserAdministration (Page 5832) No No No No No GoToHome (Page 5979) Yes Yes Yes Yes No GoToEnd (Page 5979) Yes Yes Yes Yes No SafelyRemoveHardware (Page 5797) No No No No No HTMLBrowserStop (Page 5875) No No No No No HTMLBrowserScrollDown (Page 5876) No No No No No HTMLBrowserRefresh (Page 5876) No No No No No HTMLBrowserScrollUp (Page 5877) No No No No No HTMLBrowserForward (Page 5882) No No No No No HTMLBrowserBack (Page 5882) No No No No No HTMLBrowserZoomIn (Page 5877) No No No No No HTMLBrowserZoomOut (Page 5878) No No No No No HTMLBrowserScrollLeft (Page 5879) No No No No No HTMLBrowserScrollRight (Page 5879) No No No No No HTMLBrowserPageUp (Page 5880) No No No No No HTMLBrowserPageDown (Page 5881) No No No No No HTMLBrowserHome (Page 5881) No No No No No ImportDataRecords (Page 5948) Yes Yes Yes Yes Yes ImportDataRecordsWithChecksum (Page 5950) No No No No No InvertBit (Page 5843) Yes Yes Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes Yes Yes InvertLinearScaling (Page 5837) Yes Yes Yes Yes Yes CalibrateTouchScreen (Page 5870) No Yes Yes Yes Yes CopyLog (Page 5824) No No No No No TrendViewScrollForward (Page 5883) Yes Yes Yes Yes Yes TrendViewScrollBack (Page 5884) Yes Yes Yes Yes Yes TrendViewExtend (Page 5884) Yes Yes Yes Yes Yes TrendViewCompress (Page 5885) Yes Yes Yes Yes Yes TrendViewRulerLeft (Page 5885) Yes Yes Yes Yes Yes TrendViewRulerRight (Page 5886) Yes Yes Yes Yes Yes 5740 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN TrendViewSetRulerMode (Page 5887) Yes Yes Yes Yes Yes TrendViewStartStop (Page 5887) Yes Yes Yes Yes Yes TrendViewBackToBeginning (Page 5888) Yes Yes Yes Yes Yes LoadDataRecord (Page 5951) Yes Yes Yes Yes Yes GetUserName (Page 5833) Yes Yes Yes Yes Yes GetDataRecordFromPLC (Page 5952) Yes Yes Yes Yes Yes GetDataRecordName (Page 5954) No No No No No GetDataRecordTagsFromPLC (Page 5955) Yes Yes Yes Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes Yes Yes GetBrightness (Page 5874) No No No No No GetPassword (Page 5834) Yes Yes Yes Yes Yes GetPLCMode Yes Yes Yes Yes Yes LinearScaling (Page 5839) Yes Yes Yes Yes Yes ClearLog (Page 5825) No No No No No ClearDataRecord (Page 5956) Yes Yes Yes Yes Yes ClearDataRecordMemory (Page 5957) No No No No No ClearAlarmBuffer (Page 5936) Yes Yes Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes Yes Yes AlarmViewUpdate (Page 5938) No No No No No AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes Yes Yes OpenAllLogs (Page 5826) No No No No No OpenScreenKeyboard (Page 5973) No OpenControlPanelDialog (Page 5797) Yes OpenCommandPrompt (Page 5798) No No No No No OpenInternetExplorer (Page 5799) No No No No No OpenControlPanel (Page 5800) No No No No No No 2) Yes No 2) Yes No 2) Yes No 2) Yes 2) OpenTaskManager (Page 5972) No No No No No AcknowledgeAlarm (Page 5941) Yes Yes Yes Yes No PDFScrollDown (Page 5888) No No No No No PDFScrollUp (Page 5889) No No No No No PDFFitToWidth (Page 5890) No No No No No PDFFitToHeight (Page 5890) No No No No No PDFGoToFirstPage (Page 5891) No No No No No PDFGoToLastPage (Page 5891) No No No No No PDFGoToNextPage (Page 5892) No No No No No PDFGoToPage (Page 5893) No No No No No PDFGoToPreviousPage (Page 5893) No No No No No WinCC Advanced V14 System Manual, 10/2016 5741 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN PDFZoomIn (Page 5894) No No No No No PDFZoomOut (Page 5894) No No No No No PDFScrollLeft (Page 5895) No No No No No PDFScrollRight (Page 5896) No No No No No PDFZoomOriginal (Page 5896) No No No No No RecipeViewNewDataRecord (Page 5959) Yes Yes Yes Yes Yes RecipeViewGetDataRecordFromPLC (Page 5959) Yes Yes Yes Yes Yes RecipeViewClearDataRecord (Page 5960) Yes Yes Yes Yes Yes RecipeViewMenu (Page 5960) Yes Yes Yes Yes Yes RecipeViewOpen (Page 5961) Yes Yes Yes Yes Yes RecipeViewSetDataRecordToPLC (Page 5962) Yes Yes Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) Yes Yes Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) Yes Yes Yes Yes Yes RecipeViewSynchronizeDataRecordWith Tags (Page 5963) Yes Yes Yes Yes Yes RecipeViewRenameDataRecord (Page 5964) Yes Yes Yes Yes Yes RecipeViewShowOperatorNotes (Page 5964) Yes Yes Yes Yes Yes RecipeViewBack (Page 5965) Yes Yes Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes Yes Yes PressButton (Page 5803) Yes Yes Yes Yes No ReleaseButton (Page 5804) Yes Yes Yes Yes No ShiftAndMask (Page 5850) Yes Yes Yes Yes Yes CloseAllLogs (Page 5827) No No No No No SetDataRecordToPLC (Page 5966) Yes Yes Yes Yes Yes SetDataRecordTagsToPLC (Page 5967) Yes Yes Yes Yes Yes PageDown (Page 5978) Yes Yes Yes Yes No PageUp (Page 5978) Yes Yes Yes Yes No SendEMail (Page 5801) No No No No No SetAcousticSignal (Page 5871) No No No No No SetDisplayMode (Page 5859) No No No No No SetDeviceMode (Page 5860) Yes Yes Yes Yes Yes SetBit (Page 5852) Yes Yes Yes Yes Yes SetBitInTag (Page 5853) Yes Yes Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes Yes Yes Yes SetBacklightColor (Page 5874) Yes Yes No No No 5742 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN SetBrightness (Page 5872) No Yes Yes No No SetScreenKeyboardMode (Page 5861) No No No No No SetAlarmReportMode (Page 5858) No No No No No SetRecipeTags (Page 5968) Yes Yes Yes Yes Yes SetDaylightSavingTime (Page 5802) No No No No No SetLanguage (Page 5863) Yes Yes Yes Yes Yes SetTag (Page 5840) Yes Yes Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes Yes Yes SetWebAccess (Page 5866) No No No No No BackupRAMFileSystem (Page 5804) No No No No No SimulateSystemKey (Page 5805) Yes Yes Yes Yes No SimulateTag (Page 5806) Yes Yes Yes Yes Yes SmartClientViewRefresh (Page 5904) No No No No No SmartClientViewReadOnlyOff (Page 5904) No No No No No SmartClientViewReadOnlyOn (Page 5905) No No No No No SmartClientViewDisconnect (Page 5905) No No No No No SmartClientViewConnect (Page 5906) No No No No No SmartClientViewLeave (Page 5907) No No No No No SaveDataRecord (Page 5969) Yes Yes Yes Yes Yes StartLogging (Page 5828) No No No No No StartNextLog (Page 5829) No No No No No StartProgram (Page 5807) No No No No No StatusForceGetValues (Page 5809) No No No No No StatusForceSetValues (Page 5809) No No No No No ControlSmartServer (Page 5810) No No No No No ControlWebServer (Page 5811) No No No No No StopLogging (Page 5829) No No No No No StopRuntime (Page 5811) Yes Yes Yes Yes Yes SystemDiagnosticViewUpdatePLCBuffer Yes Yes Yes Yes Yes ActivateSystemDiagnosticsView (Page 5907) No No No No No SystemDiagnosticViewDetailView (Page 5908) Yes Yes Yes Yes Yes SystemDiagnosticsViewDiagnosticBuffer (Page 5909) No No No No No SystemDiagnosticViewDeviceView (Page 5909) No No No No No SystemDiagnosticsViewBack (Page 5910) Yes Yes Yes Yes Yes LookupText (Page 5812) No No No No No ResetTagToHandWheel (Page 5813) No No No No No SetTagToHandWheel (Page 5814) No No No No No WinCC Advanced V14 System Manual, 10/2016 5743 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN TraceUserChange (Page 5835) Yes Yes Yes Yes Yes DecreaseFocusedValue (Page 5814) Yes Yes Yes Yes No DecreaseTag (Page 5842) Yes Yes Yes Yes Yes ChangeConnection (Page 5866) Yes Yes Yes Yes Yes ChangeConnectionEIP (Page 5868) No No No No No WinACMPUpdateStartupCharacteristics (Page 5911) No No No No No WinACMPUpdateKeySwitchSetting (Page 5912) No No No No No WinACMPUpdateBUSF1LED (Page 5913) No No No No No WinACMPUpdateBUSF2LED (Page 5914) No No No No No WinACMPUpdateAverageExecTime (Page 5915) No No No No No WinACMPUpdateAverageCycleTime (Page 5916) No No No No No WinACMPUpdateEXTFLED (Page 5917) No No No No No WinACMPUpdateHMIEnableTime (Page 5918) No No No No No WinACMPUpdateINTFLED (Page 5919) No No No No No WinACMPUpdateLastCycleTime (Page 5920) No No No No No WinACMPUpdateMaximumCycleTime (Page 5921) No No No No No WinACMPUpdateMinimumCycleTime (Page 5922) No No No No No WinACMPUpdatePowerLED (Page 5923) No No No No No WinACMPUpdateSleepTime (Page 5924) No No No No No WinACMPUpdateRUNLED (Page 5925) No No No No No WinACMPUpdateSTOPLED (Page 5926) No No No No No WinACMPArchive (Page 5927) No No No No No WinACMPGetStartMode (Page 5928) No No No No No WinACMPGetVersion (Page 5928) No No No No No WinACMPClearCycleTimeBuffer (Page 5929) No No No No No WinACMPSetStartAtBoot (Page 5930) No No No No No WinACMPSetKeySwitch (Page 5930) No No No No No WinACMPSetHMIExecutionTime (Page 5931) No No No No No WinACMPSetResetMethod (Page 5931) No No No No No WinACMPSetSleeptime (Page 5932) No No No No No WinACMPSetStartMode (Page 5932) No No No No No WinACMPStartHistogram (Page 5933) No No No No No 5744 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KP300 Basic PN KP400 Basic PN KTP600 Basic PN / DP KTP1000 Basic PN / DP TP1500 Basic PN WinACMPControl (Page 5934) No No No No No WinACMPStopHistogram (Page 5935) No No No No No WinACMPRestore (Page 5935) No No No No No ShowLogonDialog (Page 5836) Yes Yes Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes Yes Yes ShowPopupScreen (Page 5817) No No No No No ShowSlideInScreen (Page 5820) No No No No No ShowSoftwareVersion (Page 5816) No No No No No ShowSystemDiagnosticsWindow (Page 5911) No No No No No ShowSystemEvent (Page 5942) No No No No No 1) 2) For KTP600 Basic mono PN only Only for editing the IP settings See also GetPLCMode (Page 5859) TerminatePROFIsafe (Page 5801) System functions for Basic Panels 2nd Generation Availability of system functions The following table shows the availability of the system functions on the Basic Panels. Technical data subject to change. Overview KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP User-defined functions No No No No Logoff (Page 5831) Yes Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes Yes ActivateCleanScreen (Page 5970) Yes Yes Yes Yes ActivatePreviousScreen (Page 5788) Yes Yes Yes Yes UpdateTag (Page 5789) Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5745 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP AdjustContrast (Page 5869) No No No No Logon (Page 5831) Yes Yes Yes Yes ArchiveLogFile (Page 5821) No No No No LogTag (Page 5823) Yes Yes Yes Yes EditAlarm (Page 5936) Yes Yes Yes Yes ScreenObjectCursorDown (Page 5973) Yes Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes Yes ScreenObjectCursorLeft (Page 5977) Yes Yes Yes Yes ScreenObjectCursorRight (Page 5975) Yes Yes Yes Yes ScreenObjectPageDown (Page 5976) Yes Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Yes Encode (Page 5790) No No No No EncodeEx (Page 5791) No No No No Direct key (Page 5792) No No No No DirectKeyScreenNumber (Page 5794) No No No No PrintScreen (Page 5856) No No No No PrintReport (Page 5857) No No No No NotifyUserAction (Page 5795) No No No No IncreaseFocusedValue (Page 5796) Yes Yes Yes Yes IncreaseTag (Page 5836) Yes Yes Yes Yes ExportDataRecords (Page 5943) Yes Yes Yes Yes ExportDataRecordsWithChecksum (Page 5945) No No No No ExportImportUserAdministration (Page 5832) No No No No GoToHome (Page 5979) Yes Yes Yes Yes GoToEnd (Page 5979) Yes Yes Yes Yes SafelyRemoveHardware (Page 5797) Yes Yes Yes Yes HTMLBrowserStop (Page 5875) Yes Yes Yes Yes HTMLBrowserScrollDown (Page 5876) Yes Yes Yes Yes HTMLBrowserRefresh (Page 5876) Yes Yes Yes Yes HTMLBrowserScrollUp (Page 5877) Yes Yes Yes Yes HTMLBrowserZoomIn (Page 5877) Yes Yes Yes Yes HTMLBrowserZoomOut (Page 5878) Yes Yes Yes Yes HTMLBrowserScrollLeft (Page 5879) Yes Yes Yes Yes HTMLBrowserScrollRight (Page 5879) Yes Yes Yes Yes HTMLBrowserPageUp (Page 5880) Yes Yes Yes Yes HTMLBrowserPageDown (Page 5881) Yes Yes Yes Yes HTMLBrowserHome (Page 5881) Yes Yes Yes Yes HTMLBrowserForward (Page 5882) Yes Yes Yes Yes HTMLBrowserBack (Page 5882) Yes Yes Yes Yes ImportDataRecords (Page 5948) Yes Yes Yes Yes 5746 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP ImportDataRecordsWithChecksum (Page 5950) No No No No InvertBit (Page 5843) Yes Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes Yes InvertLinearScaling (Page 5837) Yes Yes Yes Yes CalibrateTouchScreen (Page 5870) Yes Yes Yes Yes CopyLog (Page 5824) No No No No TrendViewScrollForward (Page 5883) Yes Yes Yes Yes TrendViewScrollBack (Page 5884) Yes Yes Yes Yes TrendViewExtend (Page 5884) Yes Yes Yes Yes TrendViewCompress (Page 5885) Yes Yes Yes Yes TrendViewRulerLeft (Page 5885) Yes Yes Yes Yes TrendViewRulerRight (Page 5886) Yes Yes Yes Yes TrendViewSetRulerMode (Page 5887) Yes Yes Yes Yes TrendViewStartStop (Page 5887) Yes Yes Yes Yes TrendViewBackToBeginning (Page 5888) Yes Yes Yes Yes LoadDataRecord (Page 5951) Yes Yes Yes Yes GetUserName (Page 5833) Yes Yes Yes Yes GetDataRecordFromPLC (Page 5952) Yes Yes Yes Yes GetDataRecordName (Page 5954) No No No No GetDataRecordTagsFromPLC (Page 5955) Yes Yes Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes Yes GetBrightness (Page 5874) No No No No GetPassword (Page 5834) No 1) No 1) No 1) No 1) AUTOHOTSPOT Yes Yes Yes Yes LinearScaling (Page 5839) Yes Yes Yes Yes ClearLog (Page 5825) Yes Yes Yes Yes ClearDataRecord (Page 5956) Yes Yes Yes Yes ClearDataRecordMemory (Page 5957) No No No No ClearAlarmBuffer (Page 5936) Yes Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes Yes AlarmViewUpdate (Page 5938) No No No No AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes Yes OpenAllLogs (Page 5826) Yes Yes Yes Yes OpenScreenKeyboard (Page 5973) No OpenControlPanelDialog (Page 5797) Yes OpenCommandPrompt (Page 5798) No No No No OpenInternetExplorer (Page 5799) No No No No OpenControlPanel (Page 5800) No No No No WinCC Advanced V14 System Manual, 10/2016 No 2) Yes No 2) Yes No 2) Yes 2) 5747 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP OpenTaskManager (Page 5972) No No No No PDFScrollDown (Page 5888) No No No No PDFFitToWidth (Page 5890) No No No No PDFFitToHeight (Page 5890) No No No No PDFScrollUp (Page 5889) No No No No PDFGoToFirstPage (Page 5891) No No No No PDFGoToLastPage (Page 5891) No No No No PDFGoToNextPage (Page 5892) No No No No PDFGoToPreviousPage (Page 5893) No No No No PDFGoToPage (Page 5893) No No No No PDFZoomIn (Page 5894) No No No No PDFZoomOut (Page 5894) No No No No PDFScrollLeft (Page 5895) No No No No PDFScrollRight (Page 5896) No No No No PDFZoomOriginal (Page 5896) No No No No AcknowledgeAlarm (Page 5941) Yes Yes Yes Yes RecipeViewNewDataRecord (Page 5959) Yes Yes Yes Yes RecipeViewGetDataRecordFromPLC (Page 5959) Yes Yes Yes Yes RecipeViewClearDataRecord (Page 5960) Yes Yes Yes Yes RecipeViewMenu (Page 5960) Yes Yes Yes Yes RecipeViewOpen (Page 5961) Yes Yes Yes Yes RecipeViewSetDataRecordToPLC (Page 5962) Yes Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) Yes Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) Yes Yes Yes Yes RecipeViewSynchronizeDataRecordWithTags (Page 5963) Yes Yes Yes Yes RecipeViewRenameDataRecord (Page 5964) Yes Yes Yes Yes RecipeViewShowOperatorNotes (Page 5964) Yes Yes Yes Yes RecipeViewBack (Page 5965) Yes Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes Yes PressButton (Page 5803) Yes Yes Yes Yes ReleaseButton (Page 5804) Yes Yes Yes Yes ShiftAndMask (Page 5850) Yes Yes Yes Yes CloseAllLogs (Page 5827) Yes Yes Yes Yes SetDataRecordToPLC (Page 5966) Yes Yes Yes Yes SetDataRecordTagsToPLC (Page 5967) Yes Yes Yes Yes PageDown (Page 5978) Yes Yes Yes Yes PageUp (Page 5978) Yes Yes Yes Yes SendEMail (Page 5801) No No No No 5748 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP SetAcousticSignal (Page 5871) No No No No SetDisplayMode (Page 5859) No No No No SetDeviceMode (Page 5860) Yes Yes Yes Yes SetBit (Page 5852) Yes Yes Yes Yes SetBitInTag (Page 5853) Yes Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes Yes Yes SetBacklightColor (Page 5874) No No No No SetBrightness (Page 5872) Yes Yes Yes Yes SetScreenKeyboardMode (Page 5861) No No No No SetAlarmReportMode (Page 5858) No No No No SetRecipeTags (Page 5968) Yes Yes Yes Yes SetDaylightSavingTime (Page 5802) No No No No SetLanguage (Page 5863) Yes Yes Yes Yes SetTag (Page 5840) Yes Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes Yes SetWebAccess (Page 5866) No No No No BackupRAMFileSystem (Page 5804) No No No No SimulateSystemKey (Page 5805) Yes Yes Yes Yes SimulateTag (Page 5806) Yes Yes Yes Yes SmartClientViewRefresh (Page 5904) No No No No SmartClientViewReadOnlyOff (Page 5904) No No No No SmartClientViewReadOnlyOn (Page 5905) No No No No SmartClientViewDisconnect (Page 5905) No No No No SmartClientViewConnect (Page 5906) No No No No SmartClientViewLeave (Page 5907) No No No No SaveDataRecord (Page 5969) Yes Yes Yes Yes StartLogging (Page 5828) Yes Yes Yes Yes StartNextLog (Page 5829) No No No No StartProgram (Page 5807) No No No No StatusForceGetValues (Page 5809) No No No No StatusForceSetValues (Page 5809) No No No No ControlSmartServer (Page 5810) No No No No ControlWebServer (Page 5811) No No No No StopLogging (Page 5829) Yes Yes Yes Yes StopRuntime (Page 5811) Yes Yes Yes Yes ActivateSystemDiagnosticsView (Page 5907) No No No No SystemDiagnosticViewUpdatePLCBuffer Yes Yes Yes Yes SystemDiagnosticsViewDetailView (Page 5908) Yes Yes Yes Yes SystemDiagnosticsViewDiagnosticBuffer (Page 5909) No No No No SystemDiagnosticViewDeviceView (Page 5909) No No No No WinCC Advanced V14 System Manual, 10/2016 5749 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP SystemDiagnosticsViewBack (Page 5910) Yes Yes Yes Yes LookupText (Page 5812) No No No No ResetTagToHandWheel (Page 5813) No No No No SetTagToHandWheel (Page 5814) No No No No TraceUserChange (Page 5835) Yes Yes Yes Yes DecreaseFocusedValue (Page 5814) Yes Yes Yes Yes DecreaseTag (Page 5842) Yes Yes Yes Yes ChangeConnection (Page 5866) Yes Yes Yes Yes ChangeConnectionEIP (Page 5868) No No No No WinACMPUpdateStartupCharacteristics (Page 5911) No No No No WinACMPUpdateKeySwitchSetting (Page 5912) No No No No WinACMPUpdateBUSF1LED (Page 5913) No No No No WinACMPUpdateBUSF2LED (Page 5914) No No No No WinACMPUpdateAverageExecTime (Page 5915) No No No No WinACMPUpdateAverageCycleTime (Page 5916) No No No No WinACMPUpdateEXTFLED (Page 5917) No No No No WinACMPUpdateHMIEnableTime (Page 5918) No No No No WinACMPUpdateINTFLED (Page 5919) No No No No WinACMPUpdateLastCycleTime (Page 5920) No No No No WinACMPUpdateMaximumCycleTime (Page 5921) No No No No WinACMPUpdateMinimumCycleTime (Page 5922) No No No No WinACMPUpdatePowerLED (Page 5923) No No No No WinACMPUpdateSleepTime (Page 5924) No No No No WinACMPUpdateRUNLED (Page 5925) No No No No WinACMPUpdateSTOPLED (Page 5926) No No No No WinACMPArchive (Page 5927) No No No No WinACMPGetStartMode (Page 5928) No No No No WinACMPGetVersion (Page 5928) No No No No WinACMPClearCycleTimeBuffer (Page 5929) No No No No WinACMPSetStartAtBoot (Page 5930) No No No No WinACMPSetKeySwitch (Page 5930) No No No No WinACMPSetHMIExecutionTime (Page 5931) No No No No WinACMPSetResetMethod (Page 5931) No No No No WinACMPSetSleeptime (Page 5932) No No No No WinACMPSetStartMode (Page 5932) No No No No WinACMPStartHistogram (Page 5933) No No No No WinACMPControl (Page 5934) No No No No 5750 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 Basic PN KTP700 Basic PN / DP KTP900 Ba sic PN KTP1200 Basic PN / DP WinACMPStopHistogram (Page 5935) No No No No WinACMPRestore (Page 5935) No No No No ShowLogonDialog (Page 5836) Yes Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes Yes ShowPopupScreen (Page 5817) No No No No ShowSlideInScreen (Page 5820) No No No No ShowSoftwareVersion (Page 5816) No No No No ShowSystemDiagnosticsWindow (Page 5911) No No No No ShowSystemEvent (Page 5942) No No No No 1) 2) Not available for devices as of device version V14.0 Only for editing the IP settings System functions for Panels (Panels) Availability of system functions The following table shows the availability of the system functions on the Panels. Technical data subject to change. Overview OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 User-defined functions No No No No No Yes Logoff (Page 5831) Yes Yes Yes Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes Yes Yes Yes ActivateCleanScreen (Page 5970) No No No Yes Yes 4) Yes 2) ActivateSystemDiagnosticsView (Page 5907) No No No No No No ActivatePreviousScreen (Page 5788) Yes Yes Yes Yes Yes Yes UpdateTag (Page 5789) Yes Yes No Yes Yes Yes AdjustContrast (Page 5869) Yes Yes Yes Yes Yes No Logon (Page 5831) Yes Yes Yes Yes Yes Yes ArchiveLogFile (Page 5821) No No No No No Yes LogTag (Page 5823) No No No No No Yes WinCC Advanced V14 System Manual, 10/2016 5751 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 EditAlarm (Page 5936) Yes Yes Yes No Yes Yes 1) ScreenObjectCursorDown (Page 5973) Yes Yes Yes Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes Yes Yes Yes ScreenObjectCursorLeft (Page 5977) Yes Yes Yes Yes Yes Yes ScreenObjectCursorRight (Page 5975) Yes Yes Yes Yes Yes Yes ScreenObjectPageDown (Page 5976) Yes Yes Yes Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Yes Yes Yes Encode (Page 5790) No No Yes No Yes Yes EncodeEx (Page 5791) No No Yes No Yes Yes DirectKey (Page 5792) No No No No Yes Yes 2) DirectKeyScreenNumber (Page 5794) No No No No Yes Yes 2) PrintScreen (Page 5856) No No Yes No Yes Yes PrintReport (Page 5857) No No Yes No Yes Yes NotifyUserAction (Page 5795) No No No No No IncreaseFocusedValue (Page 5796) Yes Yes Yes No Yes IncreaseTag (Page 5836) Yes Yes Yes Yes Yes Yes ExportDataRecords (Page 5943) No No Yes No Yes Yes ExportDataRecordsWithChecksum (Page 5945) No No No No No Yes ExportImportUserAdministration (Page 5832) No No Yes No Yes Yes GoToHome (Page 5979) Yes Yes Yes No Yes 1) Yes 1) GoToEnd (Page 5979) Yes Yes Yes No Yes Yes 1) SafelyRemoveHardware (Page 5797) No No No No Yes 5) No HTMLBrowserStop (Page 5875) No No No No No No HTMLBrowserRefresh (Page 5876) No No No No No No Yes 1) 1) Yes 1) HTMLBrowserForward (Page 5882) No No No No No No HTMLBrowserBack (Page 5882) No No No No No No ImportDataRecords (Page 5948) No No Yes No Yes Yes ImportDataRecordsWithChecksum (Page 5950) No No No No No Yes InvertBit (Page 5843) Yes Yes Yes Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes Yes Yes Yes InvertLinearScaling (Page 5837) Yes Yes Yes Yes Yes Yes CalibrateTouchScreen (Page 5870) No No No Yes Yes Yes 2) 5752 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 CopyLog (Page 5824) No No No No No Yes TrendViewScrollForward (Page 5883) No No No Yes Yes Yes TrendViewScrollBack (Page 5884) No No No Yes Yes Yes TrendViewExtend (Page 5884) No No No Yes Yes Yes TrendViewCompress (Page 5885) No No No Yes Yes Yes TrendViewRulerLeft (Page 5885) No No No Yes Yes Yes TrendViewRulerRight (Page 5886) No No No Yes Yes Yes TrendViewSetRulerMode (Page 5887) No No No Yes Yes Yes TrendViewStartStop (Page 5887) No No No Yes Yes Yes TrendViewBackToBeginning (Page 5888) No No No Yes Yes Yes LoadDataRecord (Page 5951) No No No No Yes Yes GetUserName (Page 5833) Yes Yes Yes Yes Yes Yes GetDataRecordFromPLC (Page 5952) No No No No Yes Yes GetDataRecordName (Page 5954) No No No No Yes Yes GetDataRecordTagsFromPLC (Page 5955) No No No No Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes Yes Yes Yes GetBrightness (Page 5874) No No No No No No GetPassword (Page 5834) Yes Yes Yes Yes Yes Yes LinearScaling (Page 5839) Yes Yes Yes Yes Yes Yes ClearLog (Page 5825) No No No No No Yes ClearDataRecord (Page 5956) No No No No Yes Yes ClearDataRecordMemory (Page 5957) No No No No Yes Yes ClearAlarmBuffer (Page 5936) Yes Yes Yes Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes No Yes Yes AlarmViewUpdate (Page 5938) No No Yes No Yes Yes AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes Yes Yes Yes OpenAllLogs (Page 5826) No No No No No Yes OpenScreenKeyboard (Page 5973) No No No No No Yes OpenControlPanelDialog (Page 5797) No No No No No No WinCC Advanced V14 System Manual, 10/2016 5753 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 OpenCommandPrompt (Page 5798) No No No No No Yes OpenInternetExplorer (Page 5799) No No No No Yes 3) Yes OpenControlPanel (Page 5800) No No No No Yes Yes OpenTaskManager (Page 5972) No No No No No AcknowledgeAlarm (Page 5941) Yes Yes Yes No Yes RecipeViewNewDataRecord (Page 5959) No Yes Yes Yes Yes Yes RecipeViewGetDataRecord FromPLC (Page 5959) No Yes Yes Yes Yes Yes RecipeViewClearDataRecord (Page 5960) No Yes Yes Yes Yes Yes RecipeViewMenu (Page 5960) No Yes Yes Yes Yes Yes RecipeViewOpen (Page 5961) No Yes Yes Yes Yes Yes RecipeViewSetDataRecordToPLC (Page 5962) No Yes Yes Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) No Yes Yes Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) No Yes Yes Yes Yes Yes RecipeViewSynchronizeDataRe cordWithTags (Page 5963) No No No No Yes Yes RecipeViewRenameDataRecord (Page 5964) No Yes Yes Yes Yes Yes RecipeViewShowOperatorNotes (Page 5964) No Yes Yes Yes Yes Yes RecipeViewBack (Page 5965) No Yes Yes Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes Yes Yes Yes PressButton (Page 5803) Yes Yes Yes No Yes Yes ReleaseButton (Page 5804) Yes Yes Yes No Yes Yes 1) ShiftAndMask (Page 5850) Yes Yes Yes Yes Yes Yes CloseAllLogs (Page 5827) No No No No No Yes SetDataRecordToPLC (Page 5966) No No No No Yes Yes SetDataRecordTagsToPLC (Page 5967) No No No No Yes Yes PageDown (Page 5978) Yes Yes Yes No Yes 1) 4) Yes 1) PageUp (Page 5978) Yes Yes Yes No yes 1).4) Yes 1) SendEMail (Page 5801) No No No No Yes 3) Yes SetAcousticSignal (Page 5871) No No No No No No SetDisplayMode (Page 5859) No No No No No No SetDeviceMode (Page 5860) Yes Yes Yes Yes Yes Yes SetBit (Page 5852) Yes Yes Yes Yes Yes Yes 5754 Yes 1) 4) Yes 1) WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 SetBitInTag (Page 5853) Yes Yes Yes Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes Yes Yes Yes Yes SetBacklightColor (Page 5874) No No No No No No SetBrightness (Page 5872) No No No No No No SetScreenKeyboardMode (Page 5861) No No No No No Yes SetAlarmReportMode (Page 5858) No No Yes No Yes Yes SetRecipeTags (Page 5968) No No No No Yes Yes SetDaylightSavingTime (Page 5802) No No No No No No SetLanguage (Page 5863) Yes Yes Yes Yes Yes Yes SetTag (Page 5840) Yes Yes Yes Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes Yes Yes Yes SetWebAccess (Page 5866) No No No No Yes Yes BackupRAMFileSystem (Page 5804) No No No No No No SimulateSystemKey (Page 5805) No No Yes No Yes 1) 4) Yes 1) SimulateTag (Page 5806) Yes Yes Yes Yes Yes Yes SmartClientViewRefresh (Page 5904) No No No SmartClientViewReadOnlyOff (Page 5904) No No SmartClientViewReadOnlyOn (Page 5905) No SmartClientViewDisconnect (Page 5905) SmartClientViewConnect (Page 5906) No Yes 3) Yes No No Yes 3) Yes No No No Yes 3) Yes No No No No Yes 3) Yes No No No No Yes 3) Yes SmartClientViewLeave (Page 5907) No No No No Yes 3) Yes SaveDataRecord (Page 5969) No No No No Yes Yes StartLogging (Page 5828) No No No No No Yes StartNextLog (Page 5829) No No No No No Yes StartProgram (Page 5807) No No No No No Yes Yes StatusForceGetValues (Page 5809) No No No No Yes StatusForceSetValues (Page 5809) No No No No Yes ControlSmartServer (Page 5810) No No No No ControlWebServer (Page 5811) No No No StopLogging (Page 5829) No No StopRuntime (Page 5811) Yes Yes LookupText (Page 5812) No ResetTagToHandWheel (Page 5813) No WinCC Advanced V14 System Manual, 10/2016 Yes Yes 3) Yes No Yes 3) Yes No No No Yes Yes Yes Yes Yes No Yes No Yes Yes No No No No No 5755 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 SetTagToHandWheel (Page 5814) No No No No No No TraceUserChange (Page 5835) Yes Yes Yes Yes Yes DecreaseFocusedValue (Page 5814) Yes Yes Yes No yes DecreaseTag (Page 5842) Yes Yes Yes Yes Yes Yes ChangeConnection (Page 5866) Yes Yes Yes Yes Yes Yes Yes 1)4) Yes 1) ChangeConnectionEIP (Page 5868) No No No No No No WinACMPUpdateControllerForStar No tAtBoot (Page 5911) No No No No No WinACMPUpdateKeySwitchSetting (Page 5912) No No No No No No WinACMPUpdateBUSF1LED (Page 5913) No No No No No No WinACMPUpdateBUSF2LED (Page 5914) No No No No No No WinACMPUpdateAverageExec Time (Page 5915) No No No No No No WinACMPUpdateAverageCycle Time (Page 5916) No No No No No No WinACMPUpdateEXTFLED (Page 5917) No No No No No No WinACMPUpdateHMIEnableTime (Page 5918) No No No No No No WinACMPUpdateINTFLED (Page 5919) No No No No No No WinACMPUpdateLastCycleTime (Page 5920) No No No No No No WinACMPUpdateMaximumCycle Time (Page 5921) No No No No No No WinACMPUpdateMinimumCycle Time (Page 5922) No No No No No No WinACMPUpdatePowerLED (Page 5923) No No No No No No WinACMPUpdateSleepTime (Page 5924) No No No No No No WinACMPUpdateRUNLED (Page 5925) No No No No No No WinACMPUpdateSTOPLED (Page 5926) No No No No No No WinACMPArchive (Page 5927) No No No No No No WinACMPGetStartMode (Page 5928) No No No No No No WinACMPGetVersion (Page 5928) No No No No No No WinACMPClearCycleTimeBuffer (Page 5929) No No No No No No 5756 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 WinACMPSetStartAtBoot (Page 5930) No No No No No No WinACMPSetKeySwitch (Page 5930) No No No No No No WinACMPSetHMIEnableTime (Page 5931) No No No No No No WinACMPSetResetMethod (Page 5931) No No No No No No WinACMPSetSleepTime (Page 5932) No No No No No No WinACMPSetStartMode (Page 5932) No No No No No No WinACMPStartHistogram (Page 5933) No No No No No No WinACMPControl (Page 5934) No No No No No No WinACMPStopHistogram (Page 5935) No No No No No No WinACMPRestore (Page 5935) No No No No No No ShowLogonDialog (Page 5836) Yes Yes Yes Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes Yes Yes Yes ShowSoftwareVersion (Page 5816) No No No No No Yes ShowSystemDiagnosticsWindow (Page 5911) No No No No No No ShowSystemAlarm (Page 5942) No No Yes No Yes Yes 1) 2) 3) 4) 5) Only with keyboard units Only with touch screen devices Only with PROFINET Bus (PN devices) Only for TP 177B Only for TP 177B 4" PN/DP System functions for Multi Panels (Panels) Availability of system functions The following table shows the availability of the system functions on the Multi Panels. Technical data subject to change. WinCC Advanced V14 System Manual, 10/2016 5757 Visualizing processes 12.8 Working with system functions and Runtime scripting Overview MP 177 MP 277 MP 377 User-defined functions No Yes Yes Logoff (Page 5831) Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes ActivateCleanScreen (Page 5970) Yes 2) Yes 2) Yes 2) ActivatePreviousScreen (Page 5788) Yes Yes Yes UpdateTag (Page 5789) Yes Yes Yes AdjustContrast (Page 5869) No No No Logon (Page 5831) Yes Yes Yes ArchiveLogFile (Page 5821) No Yes Yes LogTag (Page 5823) No Yes EditAlarm (Page 5936) No Yes ScreenObjectCursorDown (Page 5973) Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes ScreenObjectPageDown (Page 5976) Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Encode (Page 5790) Yes Yes Yes EncodeEx (Page 5791) Yes DirectKey (Page 5792) Yes DirectKeyScreenNumber (Page 5794) Yes 1) Yes Yes 2) Yes 2) Yes 2) Yes 2) Yes 2) PrintScreen (Page 5856) Yes Yes Yes PrintReport (Page 5857) Yes Yes Yes 2) Yes No NotifyUserAction (Page 5795) No Yes Yes IncreaseFocusedValue (Page 5796) Yes 1) Yes 1) Yes 1) IncreaseTag (Page 5836) Yes Yes Yes ExportDataRecords (Page 5943) Yes Yes Yes ExportDataRecordsWithChecksum (Page 5945) Yes Yes Yes ExportImportUserAdministration (Page 5832) Yes Yes Yes GoToHome (Page 5979) Yes 1) Yes 1) Yes 1) GoToEnd (Page 5979) Yes Yes Yes 1) 1) 1) SafelyRemoveHardware (Page 5797) Yes Yes Yes HTMLBrowserStop (Page 5875) No No No HTMLBrowserRefresh (Page 5876) No No No HTMLBrowserForward (Page 5882) No No No HTMLBrowserBack (Page 5882) No No No ImportDataRecords (Page 5948) Yes Yes Yes ImportDataRecordsWithChecksum (Page 5950) No Yes Yes 5758 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting MP 177 MP 277 MP 377 InvertBit (Page 5843) Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes InvertLinearScaling (Page 5837) Yes CalibrateTouchScreen (Page 5870) Yes CopyLog (Page 5824) No Yes Yes TrendViewScrollForward (Page 5883) Yes Yes Yes Yes 2) Yes Yes 2) Yes 2) TrendViewScrollBack (Page 5884) Yes Yes Yes TrendViewExtend (Page 5884) Yes Yes Yes TrendViewCompress (Page 5885) Yes Yes Yes TrendViewRulerLeft (Page 5885) Yes Yes Yes TrendViewRulerRight (Page 5886) Yes Yes Yes TrendViewSetRulerMode (Page 5887) Yes Yes Yes TrendViewStartStop (Page 5887) Yes Yes Yes TrendViewBackToBeginning (Page 5888) Yes Yes Yes LoadDataRecord (Page 5951) Yes Yes Yes GetUserName (Page 5833) Yes Yes Yes GetDataRecordFromPLC (Page 5952) Yes Yes Yes GetDataRecordName (Page 5954) Yes Yes Yes GetDataRecordTagsFromPLC (Page 5955) Yes Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes GetBrightness (Page 5874) No No No GetPassword (Page 5834) Yes Yes Yes LinearScaling (Page 5839) Yes Yes Yes ClearLog (Page 5825) No Yes Yes ClearDataRecord (Page 5956) Yes Yes Yes ClearDataRecordMemory (Page 5957) Yes Yes Yes ClearAlarmBuffer (Page 5936) Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes AlarmViewUpdate (Page 5938) Yes Yes Yes AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes OpenAllLogs (Page 5826) No Yes Yes OpenScreenKeyboard (Page 5973) No Yes Yes OpenControlPanelDialog (Page 5797) No No No OpenCommandPrompt (Page 5798) No Yes Yes OpenInternetExplorer (Page 5799) No Yes Yes OpenControlPanel (Page 5800) Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5759 Visualizing processes 12.8 Working with system functions and Runtime scripting MP 177 MP 277 MP 377 OpenTaskManager (Page 5972) No Yes Yes AcknowledgeAlarm (Page 5941) Yes 1) Yes 1) Yes 1) RecipeViewNewDataRecord (Page 5959) Yes Yes Yes RecipeViewGetDataRecordFromPLC (Page 5959) Yes Yes Yes RecipeViewClearDataRecord (Page 5960) Yes Yes Yes RecipeViewMenu (Page 5960) Yes Yes Yes RecipeViewOpen (Page 5961) Yes Yes Yes RecipeViewSetDataRecordToPLC (Page 5962) Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) Yes Yes Yes RecipeViewSynchronizeDataRecord WithTags (Page 5963) Yes Yes Yes RecipeViewRenameDataRecord (Page 5964) Yes Yes Yes RecipeViewShowOperatorNotes (Page 5964) Yes Yes Yes RecipeViewBack (Page 5965) Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes PressButton (Page 5803) Yes Yes Yes ReleaseButton (Page 5804) Yes Yes Yes ShiftAndMask (Page 5850) Yes Yes Yes CloseAllLogs (Page 5827) No Yes Yes SetDataRecordToPLC (Page 5966) Yes Yes Yes SetDataRecordTagsToPLC (Page 5967) Yes Yes Yes PageDown (Page 5978) Yes 1) Yes 1) Yes 1) PageUp (Page 5978) Yes 1) Yes 1) Yes 1) SendEMail (Page 5801) Yes Yes Yes SetAcousticSignal (Page 5871) No Yes SetDisplayMode (Page 5859) No No No SetDeviceMode (Page 5860) Yes Yes Yes SetBit (Page 5852) Yes Yes Yes SetBitInTag (Page 5853) Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes 1) Yes 1) SetBacklightColor (Page 5874) No No No SetBrightness (Page 5872) No No No Yes Yes SetScreenKeyboardMode (Page 5861) No 5760 2) Yes 2) WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting MP 177 MP 277 MP 377 SetAlarmReportMode (Page 5858) Yes Yes Yes SetRecipeTags (Page 5968) Yes Yes Yes SetDaylightSavingTime (Page 5802) No Yes Yes SetLanguage (Page 5863) Yes Yes Yes SetAndGetBrightness (Page 5873) No No Yes3) SetTag (Page 5840) Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes SetWebAccess (Page 5866) Yes Yes Yes BackupRAMFileSystem (Page 5804) No Yes SimulateSystemKey (Page 5805) No Yes SimulateTag (Page 5806) Yes Yes Yes SmartClientViewRefresh (Page 5904) Yes Yes Yes SmartClientViewReadOnlyOff (Page 5904) Yes Yes Yes SmartClientViewReadOnlyOn (Page 5905) Yes Yes Yes SmartClientViewDisconnect (Page 5905) Yes Yes Yes SmartClientViewConnect (Page 5906) Yes Yes Yes SmartClientViewLeave (Page 5907) Yes Yes Yes SaveDataRecord (Page 5969) Yes Yes Yes StartLogging (Page 5828) No Yes Yes StartNextLog (Page 5829) No Yes Yes StartProgram (Page 5807) Yes Yes Yes StatusForceGetValues (Page 5809) Yes Yes Yes StatusForceSetValues (Page 5809) Yes Yes Yes ControlSmartServer (Page 5810) Yes Yes Yes Yes 1) Yes 1) ControlWebServer (Page 5811) Yes Yes Yes StopLogging (Page 5829) No Yes Yes StopRuntime (Page 5811) Yes Yes Yes ActivateSystemDiagnosticsView (Page 5907) No No No LookupText (Page 5812) Yes Yes Yes ResetTagToHandWheel (Page 5813) No No No SetTagToHandWheel (Page 5814) No No No TraceUserChange (Page 5835) Yes Yes Yes DecreaseFocusedValue (Page 5814) Yes 1) Yes 1) Yes 1) DecreaseTag (Page 5842) Yes Yes Yes ChangeConnection (Page 5866) Yes Yes Yes ChangeConnectionEIP (Page 5868) No No No Yes Yes WinACMPUpdateControllerForStartAt Yes Boot (Page 5911) WinCC Advanced V14 System Manual, 10/2016 5761 Visualizing processes 12.8 Working with system functions and Runtime scripting MP 177 MP 277 MP 377 WinACMPUpdateKeySwitchSetting (Page 5912) Yes Yes Yes WinACMPUpdateBUSF1LED (Page 5913) Yes Yes Yes WinACMPUpdateBUSF2LED (Page 5914) Yes Yes Yes WinACMPUpdateAverageExecTime (Page 5915) Yes Yes Yes WinACMPUpdateAverageCycleTime (Page 5916) Yes Yes Yes WinACMPUpdateEXTFLED (Page 5917) Yes Yes Yes WinACMPUpdateHMIEnableTime (Page 5918) Yes Yes Yes WinACMPUpdateINTFLED (Page 5919) Yes Yes Yes WinACMPUpdateLastCycleTime (Page 5920) Yes Yes Yes WinACMPUpdateMaximumCycleTime (Page 5921) Yes Yes Yes WinACMPUpdateMinimumCycleTime (Page 5922) Yes Yes Yes WinACMPUpdatePowerLED (Page 5923) Yes Yes Yes WinACMPUpdateSleepTime (Page 5924) Yes Yes Yes WinACMPUpdateRUNLED (Page 5925) Yes Yes Yes WinACMPUpdateSTOPLED (Page 5926) Yes Yes Yes WinACMPArchive (Page 5927) Yes Yes Yes WinACMPGetStartMode (Page 5928) Yes Yes Yes WinACMPGetVersion (Page 5928) Yes Yes Yes WinACMPClearCycleTimeBuffer (Page 5929) Yes Yes Yes WinACMPSetStartAtBoot (Page 5930) Yes Yes Yes WinACMPSetKeySwitch (Page 5930) Yes Yes Yes WinACMPSetHMIEnableTime (Page 5931) Yes Yes Yes WinACMPSetResetMethod (Page 5931) Yes Yes Yes WinACMPSetSleepTime (Page 5932) Yes Yes Yes WinACMPSetStartMode (Page 5932) Yes Yes Yes WinACMPStartHistogram (Page 5933) Yes Yes Yes WinACMPControl (Page 5934) Yes Yes Yes WinACMPStopHistogram (Page 5935) Yes Yes Yes 5762 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting MP 177 MP 277 MP 377 WinACMPRestore (Page 5935) Yes Yes Yes ShowLogonDialog (Page 5836) Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes ShowSoftwareVersion (Page 5816) No Yes Yes ShowSystemDiagnosticsWindow (Page 5911) No No No ShowSystemAlarm (Page 5942) Yes Yes Yes 1) 2) 3) Only with keyboard units Only with touch screen devices Only with MP 377 Touch daylight readable System functions for Comfort Panels (Panels) Availability of system functions The following table shows the availability of the system functions on the Comfort Panels. Technical data subject to change. Overview KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 User-defined functions Yes Yes Yes Logoff (Page 5831) Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes Yes Yes ActivatePLCCodeViewer (Page 5897) No ActivateCleanScreen (Page 5970) Yes Yes No ActivatePreviousScreen (Page 5788) Yes Yes Yes UpdateTag (Page 5789) Yes Yes Yes AdjustContrast (Page 5869) No No No Logon (Page 5831) Yes Yes Yes ArchiveLogFile (Page 5821) Yes Yes Yes LogTag (Page 5823) Yes Yes Yes EditAlarm (Page 5936) Yes No Yes WinCC Advanced V14 System Manual, 10/2016 1) 5763 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 ScreenObjectCursorDown (Page 5973) Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes ScreenObjectCursorLeft (Page 5977) No Yes Yes ScreenObjectCursorRight (Page 5975) Yes Yes No ScreenObjectPageDown (Page 5976) Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Encode (Page 5790) Yes Yes Yes EncodeEx (Page 5791) Yes Yes Yes DirectKey (Page 5792) Yes 1) Yes No DirectKeyScreenNumber (Page 5794) Yes Yes No PrintScreen (Page 5856) Yes Yes Yes PrintReport (Page 5857) Yes Yes Yes NotifyUserAction (Page 5795) Yes Yes Yes 1) IncreaseFocusedValue (Page 5796) Yes No Yes IncreaseTag (Page 5836) Yes Yes Yes ExportDataRecords (Page 5943) Yes Yes Yes ExportDataRecordsWithChecksum (Page 5945) Yes Yes Yes ExportImportUserAdministration (Page 5832) Yes Yes Yes GoToHome (Page 5979) Yes No Yes GoToEnd (Page 5979) Yes No Yes SafelyRemoveHardware (Page 5797) Yes Yes Yes HTMLBrowserStop (Page 5875) No Yes Yes HTMLBrowserScrollDown (Page 5876) No Yes Yes HTMLBrowserRefresh (Page 5876) No Yes Yes HTMLBrowserScrollUp (Page 5877) No Yes Yes HTMLBrowserForward (Page 5882) No Yes Yes HTMLBrowserBack (Page 5882) No Yes Yes HTMLBrowserZoomIn (Page 5877) No Yes Yes HTMLBrowserZoomOut (Page 5878) No Yes Yes HTMLBrowserScrollLeft (Page 5879) No Yes Yes HTMLBrowserScrollRight (Page 5879) No Yes Yes 5764 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 HTMLBrowserPageDown (Page 5881) No Yes Yes HTMLBrowserPageUp (Page 5880) No Yes Yes HTMLBrowserHome (Page 5881) No Yes Yes ImportDataRecords (Page 5948) Yes Yes Yes ImportDataRecordsWithChecksum (Page 5950) Yes Yes Yes InvertBit (Page 5843) Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes InvertLinearScaling (Page 5837) Yes Yes Yes CalibrateTouchScreen (Page 5870) Yes 1) Yes No CopyLog (Page 5824) Yes Yes Yes TrendViewScrollForward (Page 5883) Yes Yes Yes TrendViewScrollBack (Page 5884) Yes Yes Yes TrendViewExtend (Page 5884) Yes Yes Yes TrendViewCompress (Page 5885) Yes Yes Yes TrendViewRulerLeft (Page 5885) Yes Yes Yes TrendViewRulerRight (Page 5886) Yes Yes Yes TrendViewSetRulerMode (Page 5887) Yes Yes Yes TrendViewStartStop (Page 5887) Yes Yes Yes TrendViewBackToBeginning (Page 5888) Yes Yes Yes LoadDataRecord (Page 5951) Yes Yes Yes GetUserName (Page 5833) Yes Yes Yes GetDataRecordFromPLC (Page 5952) Yes Yes Yes GetDataRecordName (Page 5954) Yes Yes Yes GetDataRecordTagsFromPLC (Page 5955) Yes Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes GetBrightness (Page 5874) Yes Yes Yes GetPassword (Page 5834) No No No 2) GetPLCMode Yes Yes Yes LinearScaling (Page 5839) Yes Yes Yes ClearLog (Page 5825) Yes Yes Yes ClearDataRecord (Page 5956) Yes Yes Yes ClearDataRecordMemory (Page 5957) Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 2) 2) 5765 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 ClearAlarmBuffer (Page 5936) Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes AlarmViewUpdate (Page 5938) Yes Yes Yes AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes OpenAllLogs (Page 5826) Yes Yes Yes OpenScreenKeyboard (Page 5973) Yes Yes Yes OpenFileBrowser (Page 5971) Yes Yes Yes OpenControlPanelDialog (Page 5797) Yes Yes Yes OpenCommandPrompt (Page 5798) Yes Yes Yes OpenInternetExplorer (Page 5799) Yes Yes Yes OpenControlPanel (Page 5800) Yes Yes Yes OpenTaskManager (Page 5972) Yes Yes Yes AcknowledgeAlarm (Page 5941) Yes No Yes PDFScrollDown (Page 5888) Yes Yes Yes PDFScrollUp (Page 5889) Yes Yes Yes PDFFitToWidth (Page 5890) Yes Yes Yes PDFFitToHeight (Page 5890) Yes Yes Yes PDFGotoFirstPage (Page 5891) Yes Yes Yes PDFGotoLastPage (Page 5891) Yes Yes Yes PDFGotoNextPage (Page 5892) Yes Yes Yes PDFGotoPage (Page 5893) Yes Yes Yes PDFGotoPreviousPage (Page 5893) Yes Yes Yes PDFZoomIn (Page 5894) Yes Yes Yes PDFZoomOut (Page 5894) Yes Yes Yes PDFScrollLeft (Page 5895) Yes Yes Yes PDFScrollRight (Page 5896) Yes Yes Yes PDFZoomOriginal (Page 5896) Yes Yes Yes PLCCodeViewDetails (Page 5899) No Yes Yes PLCCodeViewNextNetwork (Page 5900) No Yes Yes PLCCodeViewShowStepMode (Page 5900) No Yes Yes PLCCodeViewSymbols (Page 5901) No Yes Yes 5766 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 PLCCodeViewTransitionInterlock (Page 5901) No Yes Yes PLCCodeViewZoomIn (Page 5902) No Yes Yes PLCCodeViewZoomOut (Page 5903) No Yes Yes PLCCodeViewPreviousNetwork (Page 5903) No Yes Yes RecipeViewNewDataRecord (Page 5959) Yes Yes Yes RecipeViewGetDataRecordFromPLC (Page 5959) Yes Yes Yes RecipeViewClearDataRecord (Page 5960) Yes Yes Yes RecipeViewMenu (Page 5960) Yes Yes Yes RecipeViewOpen (Page 5961) Yes Yes Yes RecipeViewSetDataRecordToPLC (Page 5962) Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) Yes Yes Yes RecipeViewSynchronizeDataRecord WithTags (Page 5963) Yes Yes Yes RecipeViewRenameDataRecord (Page 5964) Yes Yes Yes RecipeViewShowOperatorNotes (Page 5964) Yes Yes Yes RecipeViewBack (Page 5965) Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes PressButton (Page 5803) Yes Yes Yes ReleaseButton (Page 5804) Yes Yes Yes ShiftAndMask (Page 5850) Yes Yes Yes CloseAllLogs (Page 5827) Yes Yes Yes SetDataRecordToPLC (Page 5966) Yes Yes Yes SetDataRecordTagsToPLC (Page 5967) Yes Yes Yes PageDown (Page 5978) Yes No Yes PageUp (Page 5978) Yes No Yes SendEMail (Page 5801) Yes Yes Yes SetAcousticSignal (Page 5871) Yes 1) Yes No SetDisplayMode (Page 5859) No No No WinCC Advanced V14 System Manual, 10/2016 5767 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 SetDeviceMode (Page 5860) Yes Yes Yes SetBit (Page 5852) Yes Yes Yes SetBitInTag (Page 5853) Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes Yes SetBacklightColor (Page 5874) No No No SetBrightness (Page 5872) Yes Yes Yes SetScreenKeyboardMode (Page 5861) Yes Yes Yes SetPLCMode (Page 5863) Yes Yes Yes SetAlarmReportMode (Page 5858) Yes Yes Yes SetRecipeTags (Page 5968) Yes Yes Yes SetDaylightSavingTime (Page 5802) Yes Yes Yes SetLanguage (Page 5863) Yes Yes Yes SetTag (Page 5840) Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes SetWebAccess (Page 5866) Yes Yes Yes BackupRAMFileSystem (Page 5804) Yes Yes Yes SimulateSystemKey (Page 5805) Yes No Yes SimulateTag (Page 5806) Yes Yes Yes SmartClientViewRefresh (Page 5904) Yes Yes Yes SmartClientViewReadOnlyOff (Page 5904) Yes Yes Yes SmartClientViewReadOnlyOn (Page 5905) Yes Yes Yes SmartClientViewDisconnect (Page 5905) Yes Yes Yes SmartClientViewConnect (Page 5906) Yes Yes Yes SmartClientViewLeave (Page 5907) Yes Yes Yes SaveDataRecord (Page 5969) Yes Yes Yes StartLogging (Page 5828) Yes Yes Yes StartNextLog (Page 5829) Yes Yes Yes StartProgram (Page 5807) Yes Yes Yes StatusForceGetValues (Page 5809) Yes Yes Yes StatusForceSetValues (Page 5809) Yes Yes Yes ControlSmartServer (Page 5810) Yes Yes Yes ControlWebServer (Page 5811) Yes Yes Yes StopLogging (Page 5829) Yes Yes Yes StopRuntime (Page 5811) Yes Yes Yes 5768 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 ActivateSystemDiagnosticsView (Page 5907) Yes Yes Yes SystemDiagnosticViewUpdatePLC Buffer (Page 5908) Yes Yes Yes SystemDiagnosticViewDetailView (Page 5908) Yes Yes Yes SystemDiagnosticViewDiagnostic Buffer (Page 5909) Yes Yes Yes SystemDiagnosticViewDeviceView (Page 5909) Yes Yes Yes SystemDiagnosticViewBack (Page 5910) Yes Yes Yes LookupText (Page 5812) Yes Yes Yes ResetTagToHandWheel (Page 5813) No No No SetTagToHandWheel (Page 5814) No No No TraceUserChange (Page 5835) Yes Yes Yes DecreaseFocusedValue (Page 5814) Yes No Yes DecreaseTag (Page 5842) Yes Yes Yes ChangeConnection (Page 5866) Yes Yes Yes WinACMPUpdateControllerForStar tAtBoot (Page 5911) No No No WinACMPUpdateKeySwitchSetting (Page 5912) No No No WinACMPUpdateBUSF1LED (Page 5913) No No No WinACMPUpdateBUSF2LED (Page 5914) No No No WinACMPUpdateAverageExecTime (Page 5915) No No No WinACMPUpdateAverageCycleTime (Page 5916) No No No WinACMPUpdateEXTFLED (Page 5917) No No No WinACMPUpdateHMIEnableTime (Page 5918) No No No WinACMPUpdateINTFLED (Page 5919) No No No WinACMPUpdateLastCycleTime (Page 5920) No No No WinACMPUpdateMaximumCycle Time (Page 5921) No No No WinCC Advanced V14 System Manual, 10/2016 5769 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP400 KP400 TP700 TP900 TP1200 TP1500 TP1900 TP2200 KP700 KP900 KP1200 KP1500 WinACMPUpdateMinimumCycle Time (Page 5922) No No No WinACMPUpdatePowerLED (Page 5923) No No No WinACMPUpdateSleepTime (Page 5924) No No No WinACMPUpdateRUNLED (Page 5925) No No No WinACMPUpdateSTOPLED (Page 5926) No No No WinACMPArchive (Page 5927) No No No WinACMPGetStartMode (Page 5928) No No No WinACMPGetVersion (Page 5928) No No No WinACMPClearCycleTimeBuffer (Page 5929) No No No WinACMPSetStartAtBoot (Page 5930) No No No WinACMPSetKeySwitch (Page 5930) No No No WinACMPSetHMIEnableTime (Page 5931) No No No WinACMPSetResetMethod (Page 5931) No No No WinACMPSetSleepTime (Page 5932) No No No WinACMPSetStartMode (Page 5932) No No No WinACMPStartHistogram (Page 5933) No No No WinACMPControl (Page 5934) No No No WinACMPStopHistogram (Page 5935) No No No WinACMPRestore (Page 5935) No No No ShowLogonDialog (Page 5836) Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes ShowPopupScreen (Page 5817) Yes Yes Yes ShowSlideInScreen (Page 5820) Yes Yes Yes ShowSoftwareVersion (Page 5816) Yes Yes Yes ShowSystemDiagnosticsWindow (Page 5911) Yes Yes Yes ShowSystemAlarm (Page 5942) Yes Yes Yes 5770 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 1) 2) Only on KTP 400 Comfort Not available for devices as of device version V14.0 and higher See also ChangeConnectionEIP (Page 5868) System functions for Mobile Panels (Panels) Availability of system functions The following table shows the availability of the system functions on the mobile panels. Technical data subject to change. Overview Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile User-defined functions No No Yes Yes Yes Yes Logoff (Page 5831) Yes Yes Yes Yes Yes Yes ActivateScreen (Page 5786) Yes Yes Yes Yes Yes Yes ActivateScreenByNumber (Page 5787) Yes Yes Yes Yes Yes Yes ActivatePLCCodeViewer (Page 5897) No No No No Yes Yes ActivateCleanScreen (Page 5970) No No No No No No ActivatePreviousScreen (Page 5788) Yes Yes Yes Yes Yes Yes UpdateTag (Page 5789) Yes Yes Yes Yes Yes Yes AdjustContrast (Page 5869) Yes Yes No No No No Logon (Page 5831) Yes Yes Yes Yes Yes Yes ArchiveLogFile (Page 5821) No No Yes Yes Yes Yes LogTag (Page 5823) No No Yes Yes Yes Yes EditAlarm (Page 5936) Yes Yes Yes Yes Yes Yes ScreenObjectCursorDown (Page 5973) Yes Yes Yes Yes Yes Yes ScreenObjectCursorUp (Page 5974) Yes Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5771 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile ScreenObjectPageDown (Page 5976) Yes Yes Yes Yes Yes Yes ScreenObjectPageUp (Page 5976) Yes Yes Yes Yes Yes Yes ScreenObjectCursorLeft (Page 5977) Yes Yes Yes Yes Yes Yes ScreenObjectCursorRight (Page 5975) Yes Yes Yes Yes Yes Yes Encode (Page 5790) Yes Yes Yes Yes Yes Yes EncodeEx (Page 5791) Yes Yes Yes Yes Yes Yes DirectKey (Page 5792) Yes Yes Yes Yes Yes Yes DirectKeyScreenNumber (Page 5794) Yes Yes Yes Yes Yes Yes PrintScreen (Page 5856) No Yes Yes Yes Yes Yes PrintReport (Page 5857) No Yes Yes Yes Yes Yes NotifyUserAction (Page 5795) No No Yes Yes Yes Yes IncreaseFocusedValue (Page 5796) Yes Yes Yes Yes Yes Yes IncreaseTag (Page 5836) Yes Yes Yes Yes Yes Yes ExportDataRecords (Page 5943) Yes Yes Yes Yes Yes Yes ExportDataRecordsWithCheck sum (Page 5945) No No Yes Yes Yes Yes ExportImportUserAdministration (Page 5832) Yes Yes Yes Yes Yes Yes GoToHome (Page 5979) Yes Yes Yes Yes Yes Yes GoToEnd (Page 5979) Yes Yes Yes Yes Yes Yes SafelyRemoveHardware (Page 5797) No No Yes Yes Yes Yes HTMLBrowserStop (Page 5875) No No No Yes Yes Yes HTMLBrowserScrollDown (Page 5876) No No No Yes Yes Yes HTMLBrowserRefresh (Page 5876) No No No Yes Yes Yes HTMLBrowserScrollUp (Page 5877) No No No Yes Yes Yes HTMLBrowserZoomIn (Page 5877) No No No Yes Yes Yes HTMLBrowserZoomOut (Page 5878) No No No Yes Yes Yes HTMLBrowserScrollLeft (Page 5879) No No No Yes Yes Yes 5772 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile HTMLBrowserScrollRight (Page 5879) No No No Yes Yes Yes HTMLBrowserPageDown (Page 5881) No No No Yes Yes Yes HTMLBrowserPageUp (Page 5880) No No No Yes Yes Yes HTMLBrowserHome (Page 5881) No No No Yes Yes Yes HTMLBrowserForward (Page 5882) No No No Yes Yes Yes HTMLBrowserBack (Page 5882) No No No Yes Yes Yes ImportDataRecords (Page 5948) Yes Yes Yes Yes Yes Yes ImportDataRecordsWithCheck sum (Page 5950) No No Yes Yes Yes Yes InvertBit (Page 5843) Yes Yes Yes Yes Yes Yes InvertBitInTag (Page 5845) Yes Yes Yes Yes Yes Yes InvertLinearScaling (Page 5837) Yes Yes Yes Yes Yes Yes CalibrateTouchScreen (Page 5870) Yes Yes Yes Yes Yes Yes CopyLog (Page 5824) No No Yes Yes Yes Yes TrendViewScrollForward (Page 5883) Yes Yes Yes Yes Yes Yes TrendViewScrollBack (Page 5884) Yes Yes Yes Yes Yes Yes 1) TrendViewExtend (Page 5884) Yes Yes Yes Yes Yes Yes TrendViewCompress (Page 5885) Yes Yes Yes Yes Yes Yes TrendViewRulerLeft (Page 5885) Yes Yes Yes Yes Yes Yes TrendViewRulerRight (Page 5886) Yes Yes Yes Yes Yes Yes TrendViewSetRulerMode (Page 5887) Yes Yes Yes Yes Yes Yes TrendViewStartStop (Page 5887) Yes Yes Yes Yes Yes Yes TrendViewBackToBeginning (Page 5888) Yes Yes Yes Yes Yes Yes LoadDataRecord (Page 5951) Yes Yes Yes Yes Yes Yes GetUserName (Page 5833) Yes Yes Yes Yes Yes Yes GetDataRecordFromPLC (Page 5952) Yes Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5773 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile GetDataRecordName (Page 5954) Yes Yes Yes Yes Yes Yes GetDataRecordTagsFromPLC (Page 5955) Yes Yes Yes Yes Yes Yes GetGroupNumber (Page 5834) Yes Yes Yes Yes Yes Yes GetBrightness (Page 5874) No No No Yes Yes Yes GetPassword (Page 5834) Yes Yes Yes No No No 2) ClearLog (Page 5825) No No Yes Yes Yes Yes ClearDataRecord (Page 5956) Yes Yes Yes Yes Yes Yes ClearDataRecordMemory (Page 5957) Yes Yes Yes Yes Yes Yes ClearAlarmBuffer (Page 5936) Yes Yes Yes Yes Yes Yes ClearAlarmBufferProTool (Page 5937) Yes Yes Yes Yes Yes Yes AlarmViewUpdate (Page 5938) Yes Yes Yes Yes Yes Yes AlarmViewLoopInAlarm (Page 5939) Yes Yes Yes Yes Yes Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes Yes Yes Yes Yes Yes AlarmViewShowOperatorNotes (Page 5940) Yes Yes Yes Yes Yes Yes OpenAllLogs (Page 5826) No No Yes Yes Yes Yes OpenFileBrowser (Page 5971) No No No Yes Yes Yes OpenScreenKeyboard (Page 5973) No No Yes Yes Yes Yes OpenCommandPrompt (Page 5798) No No Yes Yes Yes Yes OpenControlPanelDialog (Page 5797) No No No Yes Yes Yes OpenInternetExplorer (Page 5799) No Yes Yes Yes Yes Yes 2) 2) OpenTaskManager (Page 5972) No No Yes Yes Yes Yes OpenControlPanel (Page 5800) No Yes 1) No Yes/No 3) Yes/No 3) AcknowledgeAlarm (Page 5941) Yes Yes Yes Yes Yes Yes PDFScrollDown (Page 5888) No No No Yes Yes Yes PDFScrollUp (Page 5889) No No No Yes Yes Yes PDFFitToWidth (Page 5890) No No No Yes Yes Yes PDFFitToHeight (Page 5890) No No No Yes Yes Yes PDFGotoFirstPage (Page 5891) No No No Yes Yes Yes PDFGotoLastPage (Page 5891) No No Yes Yes Yes 5774 No No WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile PDFGotoNextPage (Page 5892) No No No Yes Yes Yes PDFGotoPage (Page 5893) No No No Yes Yes Yes PDFGotoPreviousPage (Page 5893) No No No Yes Yes Yes PDFZoomIn (Page 5894) No No No Yes Yes Yes PDFZoomOut (Page 5894) No No No Yes Yes Yes PDFScrollLeft (Page 5895) No No No Yes Yes Yes PDFScrollRight (Page 5896) No No No Yes Yes Yes PDFZoomOriginal (Page 5896) No No No Yes Yes Yes PLCCodeViewDetails (Page 5899) Yes Yes Yes No Yes Yes PLCCodeViewNextNetwork (Page 5900) Yes Yes Yes No Yes Yes PLCCodeViewShowStepMode (Page 5900) Yes Yes Yes No Yes Yes PLCCodeViewSymbols (Page 5901) Yes Yes Yes No Yes Yes PLCCodeViewTransitionInter lock (Page 5901) Yes Yes Yes No Yes Yes PLCCodeViewZoomIn (Page 5902) Yes Yes Yes No Yes Yes PLCCodeViewZoomOut (Page 5903) Yes Yes Yes No Yes Yes PLCCodeViewPreviousNetwork (Page 5903) Yes Yes Yes No Yes Yes RecipeViewNewDataRecord (Page 5959) Yes Yes Yes Yes Yes Yes RecipeViewGetDataRecord FromPLC (Page 5959) Yes Yes Yes Yes Yes Yes RecipeViewClearDataRecord (Page 5960) Yes Yes Yes Yes Yes Yes RecipeViewMenu (Page 5960) Yes Yes Yes Yes Yes Yes RecipeViewOpen (Page 5961) Yes Yes Yes Yes Yes Yes RecipeViewSetDataRecord ToPLC (Page 5962) Yes Yes Yes Yes Yes Yes RecipeViewSaveDataRecord (Page 5962) Yes Yes Yes Yes Yes Yes RecipeViewSaveAsDataRecord (Page 5963) Yes Yes Yes Yes Yes Yes RecipeViewSynchronizeDataR ecordWithTags (Page 5963) Yes Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5775 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile RecipeViewRenameDataRe cord (Page 5964) Yes Yes Yes Yes Yes Yes RecipeViewShowOperator Notes (Page 5964) Yes Yes Yes Yes Yes Yes RecipeViewBack (Page 5965) Yes Yes Yes Yes Yes Yes ResetBit (Page 5846) Yes Yes Yes Yes Yes Yes ResetBitInTag (Page 5848) Yes Yes Yes Yes Yes Yes PressButton (Page 5803) Yes Yes Yes Yes Yes Yes ReleaseButton (Page 5804) Yes Yes Yes Yes Yes Yes ShiftAndMask (Page 5850) Yes Yes Yes Yes Yes Yes CloseAllLogs (Page 5827) No No Yes Yes Yes Yes SetDataRecordToPLC (Page 5966) Yes Yes Yes Yes Yes Yes SetDataRecordTagsToPLC (Page 5967) Yes Yes Yes Yes Yes Yes PageDown (Page 5978) Yes Yes Yes Yes Yes Yes PageUp (Page 5978) Yes Yes Yes Yes Yes Yes SendEMail (Page 5801) No Yes Yes Yes Yes Yes SetAcousticSignal (Page 5871) No No No Yes Yes Yes SetDisplayMode (Page 5859) No No No No No No SetDeviceMode (Page 5860) Yes Yes Yes Yes Yes Yes SetBit (Page 5852) Yes Yes Yes Yes Yes Yes SetBitInTag (Page 5853) Yes Yes Yes Yes Yes Yes SetBitWhileKeyPressed (Page 5855) Yes Yes Yes Yes Yes Yes SetBacklightColor (Page 5874) No No No No No No SetBrightness (Page 5872) No No No Yes Yes Yes SetScreenKeyboardMode (Page 5861) No No No Yes Yes Yes SetAlarmReportMode (Page 5858) No No Yes Yes Yes Yes SetRecipeTags (Page 5968) Yes Yes Yes Yes Yes Yes SetDaylightSavingTime (Page 5802) No No Yes Yes Yes Yes SetLanguage (Page 5863) Yes Yes Yes Yes Yes Yes SetTag (Page 5840) Yes Yes Yes Yes Yes Yes SetConnectionMode (Page 5864) Yes Yes Yes Yes Yes Yes SetWebAccess (Page 5866) No Yes Yes Yes Yes Yes 5776 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile BackupRAMFileSystem (Page 5804) No No Yes Yes Yes Yes SimulateSystemKey (Page 5805) Yes Yes Yes Yes Yes Yes SimulateTag (Page 5806) Yes Yes Yes Yes Yes Yes SmartClientViewRefresh (Page 5904) No Yes Yes Yes Yes Yes SmartClientViewReadOnlyOff (Page 5904) No Yes Yes Yes Yes Yes SmartClientViewReadOnlyOn (Page 5905) No Yes Yes Yes Yes Yes SmartClientViewDisconnect (Page 5905) No Yes Yes Yes Yes Yes SmartClientViewConnect (Page 5906) No Yes Yes Yes Yes Yes SmartClientViewLeave (Page 5907) No Yes Yes Yes Yes Yes SaveDataRecord (Page 5969) Yes Yes Yes Yes Yes Yes StartLogging (Page 5828) No No Yes Yes Yes Yes StartNextLog (Page 5829) No No Yes Yes Yes Yes StartProgram (Page 5807) No No Yes Yes Yes Yes StatusForceGetValues (Page 5809) Yes Yes Yes Yes Yes Yes StatusForceSetValues (Page 5809) Yes Yes Yes Yes Yes Yes ControlSmartServer (Page 5810) No Yes Yes Yes Yes Yes ControlWebServer (Page 5811) No Yes Yes Yes Yes Yes StopLogging (Page 5829) No No Yes Yes Yes Yes StopRuntime (Page 5811) Yes Yes Yes Yes Yes Yes LookupText (Page 5812) Yes Yes Yes Yes Yes Yes ActivateSystemDiagnosticsView (Page 5907) No No No Yes Yes Yes ResetTagToHandWheel (Page 5813) Yes Yes Yes No No No SetTagToHandWheel (Page 5814) Yes Yes Yes No No No TraceUserChange (Page 5835) Yes Yes Yes No No No DecreaseFocusedValue (Page 5814) Yes Yes Yes Yes Yes Yes DecreaseTag (Page 5842) Yes Yes Yes Yes Yes Yes WinCC Advanced V14 System Manual, 10/2016 5777 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile ChangeConnection (Page 5866) Yes Yes Yes Yes Yes Yes ChangeConnectionEIP (Page 5868) No No No No No No WinACMPUpdateControllerFor StartAtBoot (Page 5911) No No No No No No WinACMPUpdateKeySwitchSet No ting (Page 5912) No No No No No WinACMPUpdateBUSF1LED (Page 5913) No No No No No No WinACMPUpdateBUSF2LED (Page 5914) No No No No No No WinACMPUpdateAverageExec Time (Page 5915) No No No No No No WinACMPUpdateAverageCycle No Time (Page 5916) No No No No No WinACMPUpdateEXTFLED (Page 5917) No No No No No No WinACMPUpdateHMIEnable Time (Page 5918) No No No No No No WinACMPUpdateINTFLED (Page 5919) No No No No No No WinACMPUpdateLastCycle Time (Page 5920) No No No No No No WinACMPUpdateMaximumCy cleTime (Page 5921) No No No No No No WinACMPUpdateMinimumCy cleTime (Page 5922) No No No No No No WinACMPUpdatePowerLED (Page 5923) No No No No No No WinACMPUpdateSleepTime (Page 5924) No No No No No No WinACMPUpdateRUNLED (Page 5925) No No No No No No WinACMPUpdateSTOPLED (Page 5926) No No No No No No WinACMPArchive (Page 5927) No No No No No No WinACMPGetStartMode (Page 5928) No No No No No No WinACMPGetVersion (Page 5928) No No No No No No WinACMPClearCycleTimeBuff er (Page 5929) No No No No No No 5778 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Mobile Mobile Panel 177 Panel DP 177 PN Mobile Panel 277 Mobile Panel 277 IWLAN Mobile Panel 277 F IWLAN KTP400F KTP700 Mobile / Mobile KTP700F Mobile KTP900 Mo bile / KTP900F Mo bile WinACMPSetStartAtBoot (Page 5930) No No No No No No WinACMPSetKeySwitch (Page 5930) No No No No No No WinACMPSetHMIEnableTime (Page 5931) No No No No No No WinACMPSetResetMethod (Page 5931) No No No No No No WinACMPSetSleepTime (Page 5932) No No No No No No WinACMPSetStartMode (Page 5932) No No No No No No WinACMPStartHistogram (Page 5933) No No No No No No WinACMPControl (Page 5934) No No No No No No WinACMPStopHistogram (Page 5935) No No No No No No WinACMPRestore (Page 5935) No No No No No No ShowLogonDialog (Page 5836) Yes Yes Yes Yes Yes Yes ShowOperatorNotes (Page 5815) Yes Yes Yes Yes Yes Yes ShowAlarmWindow (Page 5942) Yes Yes Yes Yes Yes Yes ShowPopupScreen (Page 5817) No No No Yes Yes Yes ShowSlideInScreen (Page 5820) No No No Yes Yes Yes ShowSoftwareVersion (Page 5816) No No Yes Yes Yes Yes ShowSystemDiagnosticsWind ow (Page 5911) No No No Yes Yes Yes ShowSystemAlarm (Page 5942) Yes Yes Yes Yes Yes Yes 1) 2) 3) Only for Mobile Panel 277, Mobile Panel 277 IWLAN Not available for devices as of device version V14.0 and higher Not for F Panels See also LinearScaling (Page 5839) WinCC Advanced V14 System Manual, 10/2016 5779 Visualizing processes 12.8 Working with system functions and Runtime scripting System functions for Runtime Advanced (RT Advanced) Availability of system functions The following table shows the availability of the system functions for WinCC RT Advanced. Technical data subject to change. Overview WinCC RT Advanced User-defined functions Yes Logoff (Page 5831) Yes ActivateScreen (Page 5786) Yes ActivateScreenByNumber (Page 5787) Yes ActivatePLCCodeViewer (Page 5897) Yes ActivateCleanScreen (Page 5970) Yes ActivatePreviousScreen (Page 5788) Yes UpdateTag (Page 5789) Yes AdjustContrast (Page 5869) No Logon (Page 5831) Yes ArchiveLogFile (Page 5821) Yes LogTag (Page 5823) Yes EditAlarm (Page 5936) Yes ScreenObjectCursorDown (Page 5973) Yes ScreenObjectCursorUp (Page 5974) Yes ScreenObjectCursorLeft (Page 5977) Yes ScreenObjectCursorRight (Page 5975) Yes ScreenObjectPageDown (Page 5976) Yes ScreenObjectPageUp (Page 5976) Yes Encode (Page 5790) Yes EncodeEx (Page 5791) Yes DirectKey (Page 5792) No DirectKeyScreenNumber (Page 5794) No PrintScreen (Page 5856) Yes PrintReport (Page 5857) Yes NotifyUserAction (Page 5795) Yes IncreaseFocusedValue (Page 5796) Yes IncreaseTag (Page 5836) Yes ExportDataRecords (Page 5943) Yes ExportDataRecordsWithChecksum (Page 5945) No ExportImportUserAdministration (Page 5832) Yes GoToHome (Page 5979) Yes 5780 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting WinCC RT Advanced GoToEnd (Page 5979) Yes SafelyRemoveHardware (Page 5797) No HTMLBrowserStop (Page 5875) Yes HTMLBrowserScrollDown (Page 5876) Yes HTMLBrowserRefresh (Page 5876) Yes HTMLBrowserScrollUp (Page 5877) Yes HTMLBrowserZoomIn (Page 5877) Yes HTMLBrowserZoomOut (Page 5878) Yes HTMLBrowserScrollLeft (Page 5879) Yes HTMLBrowserScrollRight (Page 5879) Yes HTMLBrowserPageDown (Page 5881) Yes HTMLBrowserPageUp (Page 5880) Yes HTMLBrowserHome (Page 5881) Yes HTMLBrowserForward (Page 5882) Yes HTMLBrowserBack (Page 5882) Yes ImportDataRecords (Page 5948) Yes ImportDataRecordsWithChecksum (Page 5950) Yes InvertBit (Page 5843) Yes InvertBitInTag (Page 5845) Yes InvertLinearScaling (Page 5837) Yes CalibrateTouchScreen (Page 5870) No CopyLog (Page 5824) Yes TrendViewScrollForward (Page 5883) Yes TrendViewScrollBack (Page 5884) Yes TrendViewExtend (Page 5884) Yes TrendViewCompress (Page 5885) Yes TrendViewRulerLeft (Page 5885) Yes TrendViewRulerRight (Page 5886) Yes TrendViewSetRulerMode (Page 5887) Yes TrendViewStartStop (Page 5887) Yes TrendViewBackToBeginning (Page 5888) Yes LoadDataRecord (Page 5951) Yes GetUserName (Page 5833) Yes GetDataRecordFromPLC (Page 5952) Yes GetDataRecordName (Page 5954) Yes GetDataRecordTagsFromPLC (Page 5955) Yes GetGroupNumber (Page 5834) Yes GetBrightness (Page 5874) No GetPassword (Page 5834) No 1) LinearScaling (Page 5839) Yes ClearLog (Page 5825) Yes WinCC Advanced V14 System Manual, 10/2016 5781 Visualizing processes 12.8 Working with system functions and Runtime scripting WinCC RT Advanced ClearDataRecord (Page 5956) Yes ClearDataRecordMemory (Page 5957) No ClearAlarmBuffer (Page 5936) Yes ClearAlarmBufferProTool (Page 5937) Yes AlarmViewUpdate (Page 5938) Yes AlarmViewLoopInAlarm (Page 5939) Yes AlarmViewAcknowledgeAlarm (Page 5940) Yes AlarmViewShowOperatorNotes (Page 5940) Yes OpenAllLogs (Page 5826) Yes OpenScreenKeyboard (Page 5973) Yes OpenControlPanelDialog (Page 5797) No OpenCommandPrompt (Page 5798) No OpenInternetExplorer (Page 5799) No OpenControlPanel (Page 5800) No OpenTaskManager (Page 5972) Yes AcknowledgeAlarm (Page 5941) Yes PDFScrollDown (Page 5888) Yes PDFScrollUp (Page 5889) Yes PDFFitToWidth (Page 5890) Yes PDFFitToHeight (Page 5890) Yes PDFGotoFirstPage (Page 5891) Yes PDFGotoLastPage (Page 5891) Yes PDFGotoNextPage (Page 5892) Yes PDFGotoPage (Page 5893) Yes PDFGotoPreviousPage (Page 5893) Yes PDFZoomIn (Page 5894) Yes PDFZoomOut (Page 5894) Yes PDFScrollLeft (Page 5895) Yes PDFScrollRight (Page 5896) Yes PDFZoomOriginal (Page 5896) Yes PLCCodeViewDetails (Page 5899) Yes PLCCodeViewNextNetwork (Page 5900) Yes PLCCodeViewShowStepMode (Page 5900) Yes PLCCodeViewSymbols (Page 5901) Yes PLCCodeViewTransitionInterlock (Page 5901) Yes PLCCodeViewZoomIn (Page 5902) Yes PLCCodeViewZoomOut (Page 5903) Yes PLCCodeViewPreviousNetwork (Page 5903) Yes RecipeViewNewDataRecord (Page 5959) Yes RecipeViewGetDataRecordFromPLC (Page 5959) Yes RecipeViewClearDataRecord (Page 5960) Yes 5782 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting WinCC RT Advanced RecipeViewMenu (Page 5960) Yes RecipeViewOpen (Page 5961) Yes RecipeViewSetDataRecordToPLC (Page 5962) Yes RecipeViewSaveDataRecord (Page 5962) Yes RecipeViewSaveAsDataRecord (Page 5963) Yes RecipeViewSynchronizeDataRecordWithTags (Page 5963) Yes RecipeViewRenameDataRecord (Page 5964) Yes RecipeViewShowOperatorNotes (Page 5964) Yes RecipeViewBack (Page 5965) Yes ResetBit (Page 5846) Yes ResetBitInTag (Page 5848) Yes PressButton (Page 5803) Yes ReleaseButton (Page 5804) Yes ShiftAndMask (Page 5850) Yes CloseAllLogs (Page 5827) Yes SetDataRecordToPLC (Page 5966) Yes SetDataRecordTagsToPLC (Page 5967) Yes PageDown (Page 5978) Yes PageUp (Page 5978) Yes SendEMail (Page 5801) Yes SetAcousticSignal (Page 5871) No SetDisplayMode (Page 5859) Yes SetDeviceMode (Page 5860) Yes SetBit (Page 5852) Yes SetBitInTag (Page 5853) Yes SetBitWhileKeyPressed (Page 5855) Yes SetBacklightColor (Page 5874) No SetBrightness (Page 5872) No SetScreenKeyboardMode (Page 5861) Yes SetAlarmReportMode (Page 5858) Yes SetRecipeTags (Page 5968) Yes SetDaylightSavingTime (Page 5802) Yes SetLanguage (Page 5863) Yes SetTag (Page 5840) Yes SetConnectionMode (Page 5864) Yes SetWebAccess (Page 5866) Yes BackupRAMFileSystem (Page 5804) No SimulateSystemKey (Page 5805) Yes SimulateTag (Page 5806) Yes SmartClientViewRefresh (Page 5904) Yes SmartClientViewReadOnlyOff (Page 5904) Yes WinCC Advanced V14 System Manual, 10/2016 5783 Visualizing processes 12.8 Working with system functions and Runtime scripting WinCC RT Advanced SmartClientViewReadOnlyOn (Page 5905) Yes SmartClientViewDisconnect (Page 5905) Yes SmartClientViewConnect (Page 5906) Yes SmartClientViewLeave (Page 5907) Yes SaveDataRecord (Page 5969) Yes StartLogging (Page 5828) Yes StartNextLog (Page 5829) Yes StartProgram (Page 5807) Yes StatusForceGetValues (Page 5809) Yes StatusForceSetValues (Page 5809) Yes ControlSmartServer (Page 5810) Yes ControlWebServer (Page 5811) Yes StopLogging (Page 5829) Yes StopRuntime (Page 5811) Yes ActivateSystemDiagnosticsView (Page 5907) Yes LookupText (Page 5812) Yes ResetTagToHandWheel (Page 5813) No SetTagToHandWheel (Page 5814) No TraceUserChange (Page 5835) Yes DecreaseFocusedValue (Page 5814) Yes DecreaseTag (Page 5842) Yes ChangeConnection (Page 5866) Yes ChangeConnectionEIP (Page 5868) Yes WinACMPUpdateControllerForStartAtBoot (Page 5911) No WinACMPUpdateKeySwitchSetting (Page 5912) No WinACMPUpdateBUSF1LED (Page 5913) No WinACMPUpdateBUSF2LED (Page 5914) No WinACMPUpdateAverageExecTime (Page 5915) No WinACMPUpdateAverageCycleTime (Page 5916) No WinACMPUpdateEXTFLED (Page 5917) No WinACMPUpdateHMIEnableTime (Page 5918) No WinACMPUpdateINTFLED (Page 5919) No WinACMPUpdateLastCycleTime (Page 5920) No WinACMPUpdateMaximumCycleTime (Page 5921) No WinACMPUpdateMinimumCycleTime (Page 5922) No WinACMPUpdatePowerLED (Page 5923) No WinACMPUpdateSleepTime (Page 5924) No WinACMPUpdateRUNLED (Page 5925) No WinACMPUpdateSTOPLED (Page 5926) No WinACMPArchive (Page 5927) No WinACMPGetStartMode (Page 5928) No 5784 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting WinCC RT Advanced WinACMPGetVersion (Page 5928) No WinACMPClearCycleTimeBuffer (Page 5929) No WinACMPSetStartAtBoot (Page 5930) No WinACMPSetKeySwitch (Page 5930) No WinACMPSetHMIEnableTime (Page 5931) No WinACMPSetResetMethod (Page 5931) No WinACMPSetSleepTime (Page 5932) No WinACMPSetStartMode (Page 5932) No WinACMPStartHistogram (Page 5933) No WinACMPControl (Page 5934) No WinACMPStopHistogram (Page 5935) No WinACMPRestore (Page 5935) No ShowLogonDialog (Page 5836) Yes ShowOperatorNotes (Page 5815) Yes ShowAlarmWindow (Page 5942) Yes ShowPopupScreen (Page 5817) Yes ShowSlideInScreen (Page 5820) Yes ShowSoftwareVersion (Page 5816) Yes ShowSystemDiagnosticsWindow (Page 5911) Yes ShowSystemAlarm (Page 5942) Yes 1) Not available for devices as of device version V14.0 and higher System functions (Panels, RT Advanced) Other functions (Panels, RT Advanced) ActivateScreen (Panels, RT Advanced) Description Performs a screen change to the given screen. Use the "ActivateScreenByNumber" system function to change from the root screen to the permanent area or vice versa. Use in the function list ActivateScreen (Screen name, Object number) WinCC Advanced V14 System Manual, 10/2016 5785 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions ActivateScreen (Screen_name, Object_number) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Screen name Name of the screen to which you change. Object number The operator control element which receives the focus in the given screen after the screen change. The number of the operator control element is to be determined using the tabulator sequence during configuration. When "0" is specified: If the focus is in the permanent area when the system function is called up, the permanent area maintains the focus. If the focus is in the root screen when the system function is called up, the first operator control element in the given screen receives the focus. Note If the "Reach margin" event is assigned to the "ActivateScreen" system function, only the value "0" is valid for the "Object number" parameter. The active object is not defined by the object number, but rather by the X position it had prior to the screen change. Example The following program code activates "Screen_2" with the ActivateScreen function, for example, when you click a button. Sub ActivateScreen_2() 'User-defined code '' i. e. when pressing a button ActivateScreen "Screen_2",0 See also ActivateScreenByNumber (Page 5787) Availability for specific devices of system functions (Page 5739) 5786 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting ActivateScreenByNumber (Panels, RT Advanced) Description Performs a screen change to a screen depending on a tag value. The screen is identified by its screen number. Use in the function list ActivateScreenByNumber (Screen number, Object number) Use in user-defined functions ActivateScreenByNumber (Screen_number, Object_number) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Screen number Tag which contains the screen number of the destination screen. When a change from the root screen to the permanent area is desired, specify "0" or "-1": 0 = Change from root screen to permanent area. -1 = Change from permanent area to root screen Object number The number of the screen object which receives the focus in the given screen after the screen change. The number of the operator control element is to be determined using the tabulator sequence during configuration. When "0" is specified: If the focus is in the permanent area when the system function is called up, the permanent area maintains the focus. If the focus is in the root screen when the system function is called up, the first operator control element in the given screen receives the focus. See also ActivateScreen (Page 5785) Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5787 Visualizing processes 12.8 Working with system functions and Runtime scripting ActivatePreviousScreen (Panels, RT Advanced) Description Performs a screen change to the screen which was activated before the current screen. The screen change is not performed if no screen was activated beforehand. The last 10 screens that were called up are saved. A system alarm is output when you change to a screen which is no longer saved. Note If you want to use the system function, the screen to which you change has to be used in the navigation structure. Use in the function list ActivatePreviousScreen Use in user-defined functions ActivatePreviousScreen Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) UpdateTag (Panels, RT Advanced) Description Reads the current value of the tag with the specified Update ID from the PLC. Use in the function list UpdateTag (Update ID) 5788 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Update ID Update ID assigned to the tag that will be updated. See also Logoff (Page 5831) Availability for specific devices of system functions (Page 5739) Encode (Panels, RT Advanced) Description Adapts the "String" data type of a tag for transfer to the automation system (AS). The tag of WinCC data type "String" is converted into the AS data type "Array of byte". The result is written to a tag. Use in the function list Encode (Byte array, String, Coding) Use in user-defined functions Encode (Byte_array, String, Encoding) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Byte array The tag that contains the converted value. Note The Byte array must be twice the size of the string length + 2. The Byte array must contain 242 array elements if the string has a length of 120 characters. Characters are either truncated or not converted if the size is insufficient. WinCC Advanced V14 System Manual, 10/2016 5789 Visualizing processes 12.8 Working with system functions and Runtime scripting String The tag of data type "String" that is converted. Encode 0 (hmiEncodeUTF16LE) - String is encoded in UTF16LE (Unicode 16 Little Endian). See also Availability for specific devices of system functions (Page 5739) EncodeEx (Panels, RT Advanced) Description Adapts the "String" data type of a tag for transfer to the automation system (AS). The tag of WinCC data type "String" is converted into the AS data type "Array of byte". The result is written to a tag. By contrast to the Encode system function, you can define the Line break parameter. Using the Line break parameter you can delete line breaks or replace these with predefined characters. Use in the function list EncodeEx (Byte-Array, String, Encoding, Line break) Use in user-defined functions EncodeEx (Byte_array, String, Encoding, Line_break) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Byte array The tag that contains the converted value. Note The byte array must be twice the size of the string length +2. If the string has a length of 120 characters, the byte array must contain 242 array elements. Characters are either truncated or not converted if the size is insufficient. String The tag of data type "String" that is converted. 5790 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Encoding 0 (hmiEncodeUTF16LE) - String is encoded in UTF16LE (Unicode 16 Little Endian). Line break All line breaks are either deleted or replaced with predefined characters. Do not replace line breaks if set as the default value. 0 (replace with "\r\n' (0x000D, 0x000A)) - the line break is replaced with "\r\n". 1 (replace with "\n' (0x000A)) - the line break is replaced with "\n". 2 (do not replace) - the line break is not replaced. 3 (remove line breaks) - the line breaks are removed. See also Availability for specific devices of system functions (Page 5739) DirectKey (Panels, RT Advanced) Description Allows rapid operation of keys on an HMI device without having communication caused delays occur. Use this system function, for example. to set bits in the I/O area of a SIMATIC S7 directly from the HMI device. Note If you have integrated WinCC in SIMATIC STEP 7 and have configured a DP area in SIMATIC STEP 7: When the button on which the system function was configured is activated, a bit is set in the IO area of the CPU. Releasing the button resets the bit. Notes on configuring the system function When a button is configured with the "DirectKey" system function, a fixed area of the touch display is reserved for DirectKey operation. Screen objects that are above the button with the "DirectKey" system function in this area in runtime will hide the button visually. However, the screen objects do not interfere with the triggering of the "DirectKey" system function. Note If an external application, such as Pocket Internet Explorer or Control Panel is started, it will run in the foreground and Runtime is placed in the background. The bit for the "DirectKeyScreenNumber" function is no longer set and the keys or buttons which are assigned the "DirectKey" function no longer to trigger the associated bit in the PLC. WinCC Advanced V14 System Manual, 10/2016 5791 Visualizing processes 12.8 Working with system functions and Runtime scripting WARNING Triggering the "DirectKey" system function by mistake will endanger personnel or result in damage to the machine. In order to avoid this danger, the following must be observed: When the process screen is configured, the button with the "DirectKey" system function must not be covered by a screen object. The dynamic positioning or display (release) of a screen object in relation to process values must not cover the button with the "DirectKey" system function in runtime. Note Please observe this guideline during configuration. Check also existing configurations and adjust them immediately. In the following cases, the covering of a button with the "DirectKey" system function does not lead to the problems described above: Operation of the alarm window Operation of the Recipe view Cancellation of the screen saver Use of the screen keyboard Running the "ActivateCleanScreen" system function Actions of DP direct-keys in offline operation When the "ChangeConnection" system function is performed with the "Offline" parameter on the HMI device, the connection to the specified PLC is disconnected. Note Please note the following on the SIMATIC STEP 7 side as well as the WinCC side: The DP DirectKeys are still active in this case. If you activate a button with the "DirectKey" system function in "Offline" operating mode or activate the DirectKey on a keyboard device, the corresponding bit is set in the PLC. Use in the function list DirectKey (Bit) Use in user-defined functions - 5792 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Bit Specifies the bit which is set. Depending on the HMI device, the bit numbers 0 to 31 or 0 to 39 are possible. Application example Objective You want to set bits in the IO area of a SIMATIC S7 directly from the HMI device using a button. Requirement WinCC integrated in SIMATIC STEP 7 is installed. During operation, the HMI device is coupled to a SIMATIC S7 through PROFIBUS-DP. WinCC integrated was installed when you compiled your project. The bit area for DirectKeys is determined in SIMATIC STEP 7. For configuration see the "Communication" user's manual. Notes on configuring Configure the button to be used as the DirectKey. Assign the "DirectKey" system function to the button. As a parameter, enter the number of the bit which is set when the key is pressed. Procedure on HMI device When the DirectKey is touched, the bit is set, and reset when the key is released or the screen is exited. See also Availability for specific devices of system functions (Page 5739) DirectKeyScreenNumber (Panels, RT Advanced) Description Sets the bit within the given bit area of a DirectKey and transfers it to the S7 controller to which the HMI device is connected. This ensures unambiguous allocation of a control bit to screen number at all times. WinCC Advanced V14 System Manual, 10/2016 5793 Visualizing processes 12.8 Working with system functions and Runtime scripting Without the use of the system function, the S7 controller must distinguish the respective functionality by means of the screen number. This delays the updating of the screen number after a screen change. Note If an external application, such as Pocket Internet Explorer or Control Panel is started, it will run in the foreground and Runtime is placed in the background. Nevertheless, the bit for the "DirectKeyScreenNumber" function is set and the keys or buttons with the configured "DirectKey" function continue to trigger the associated bit in the PLC. Use in the function list DirectKeyScreenNumber (Bit) Use in user-defined functions - Parameters Bit Specifies the bit which is set. Depending on the HMI device, the bit numbers 0 to 31 or 0 to 39 are possible. See also Availability for specific devices of system functions (Page 5739) NotifyUserAction (Panels, RT Advanced) Description This system function is used to log user actions that are not automatically logged in the audit trail. You can also use this system function to require the user to enter an acknowledgment or an electronic signature and a comment for the operator action. Requirement for the use of the system function is that the GMP-compliant configuration is activated under "Runtime settings". If you use the "NotifyUserAction" system function in a function, the debugger may open if you cancel your input by clicking "Cancel". To compensate for this reaction, you can use the "On Error Resume Next" statement in a function. With this instruction, the next instruction is executed after a runtime error. If you use the "On Error Resume Next" statement, output of system events is also suppressed. 5794 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list NotifyUserAction (Confirmation type, Mandatory commenting, Category, Object name, Description) Use in user-defined functions NotifyUserAction (Confirmation_type, Mandatory_commenting, Category, Object_name, Description) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Confirmation type Establishes how the action must be confirmed 0 = (None): No confirmation required, an entry is created in the audit trail 1 = (Acknowledgement): Acknowledgment, the user must acknowledge the action; an entry is created in the audit trail 2 = (Digital Signature): Electronic signature, a dialog window opens in which the user must enter his electronic signature - an entry is created in the audit trail Mandatory commenting Establishes if the user has to enter a comment. The comment is logged in the audit trail. 0 = (True): True; a dialog window opens in which the user must enter a comment 1 = (False): False; no mandatory commenting Category Category or class name of the modified object Object name Name of the modified object Description Text which describes the archiving user action. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5795 Visualizing processes 12.8 Working with system functions and Runtime scripting IncreaseFocusedValue (Panels, RT Advanced) Description Adds the given value to the value of the tag which is connected to the input field (drop-down list, graphic selection list, slider bar) which has the current focus. This system function can only be used for function keys. Use in the function list IncreaseFocusedValue (Value) Use in user-defined functions - Parameters Value The value which is added to the tag value. See also Availability for specific devices of system functions (Page 5739) SafelyRemoveHardware (Panels) Description Checks whether there is read or write access to the external storage medium. If there is no access, the external storage medium can be removed without data loss. Use in the function list SafelyRemoveHardware(Path, Result) Use in user-defined functions SafelyRemoveHardware(Path, Result) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5796 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Result The tag in which the result is entered. TRUE : The storage medium can be removed safely. A corresponding system alarm will be output. FALSE : The storage medium cannot be removed safely. A corresponding system alarm will be output. Path Path of storage medium, e.g. \Storage Card USB\ See also Availability for specific devices of system functions (Page 5739) OpenControlPanelDialog (Panels, RT Advanced) Description Opens a dialog that you can use to edit selected Control Panel settings. This system function lets you set the following on the HMI device: Properties and value of the IP address User identification on the network WinCC Internet settings Note Project security The "OpenControlPanelDialog" system function is used to bypass the SecureMode on the HMI device. Take the corresponding precautions to ensure the security of your project. Use in the function list OpenControlPanelDialog (Dialog) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5797 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Dialog Sets the Control Panel dialog to be opened. PROFINET_X1: Setting of the IP address and Ethernet parameters PROFINET_X3: Setting of the IP address and Ethernet parameters; only for Comfort Panel KP 1500, TP 1500; TP1900, TP2200 WinCC Internet settings: Setting for Web Server, e-mail notification, provided the HMI device supports these functions Network ID: Setting for identification on the network, provided the HMI device supports these functions See also Availability for specific devices of system functions (Page 5739) OpenCommandPrompt (Panels, RT Advanced) Description Opens a Windows system prompt. This function is used, e.g., to copy files or to call up another application. Use in the function list OpenCommandPrompt Use in user-defined functions OpenCommandPrompt Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) 5798 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting OpenInternetExplorer (Panels, RT Advanced) Description Opens the Internet Explorer on the HMI device. If the Internet Explorer is already open, it will be closed and reopened when you call the system function. Note The Internet Explorer saves data temporarily in the DRAM file system of the HMI device, e.g. the last web sites that were be called up. This data can be saved using the "BackupRAMFileSystem" system function so that it is still available when the HMI device is restarted. Use in the function list OpenInternetExplorer (Start page) Use in user-defined functions OpenInternetExplorer (Start_page) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Start page The page which is loaded when Internet Explorer is started, e.g. "www.siemens.com". See also Availability for specific devices of system functions (Page 5739) OpenControlPanel (Panels, RT Advanced) Description Opens the window that displays the Windows CE control panel. You cannot use this system function on a PC. This system function enables you to set the following on the Windows CE-based HMI device: Select printer Select transfer properties WinCC Advanced V14 System Manual, 10/2016 5799 Visualizing processes 12.8 Working with system functions and Runtime scripting Configure screen saver Configure flash memory Note No backup or restore during Runtime Backup and restore functions may only be executed if Runtime has been terminated. Otherwise, this could result in undesired effects, such as display errors. Use in the function list OpenControlPanel Use in user-defined functions OpenControlPanel Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters -- TerminatePROFIsafe (Panels, RT Advanced) Description Disconnects the PROFIsafe connection for fail-safe operation between a KTP Mobile Panel and the PLC. After execution of the system function "TerminatePROFIsafe", the connector of the KTP Mobile Panel can be removed from the PLC without the system signaling an error. Use in the function list TerminatePROFIsafe Use in user-defined functions TerminatePROFIsafe Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters -- 5800 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting SendEMail (Panels, RT Advanced) Description Sends an e-mail from the HMI device to the given addressee. This system function is used, for example, when, in the case of service, the alarm is to be passed on directly to the service technician. Note To send alarms as e-mails, the HMI system must have an e-mail client at its disposal. Use in the function list SendEMail (Address, Subject, Text, Return address) Use in user-defined functions SendEMail (Address, Subject, Text, Return_address) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Address The e-mail address of the addressee. Subject The subject line of the e-mail. Text The text sent in the e-mail. Return address The e-mail address to which the addressee of this e-mail should send the reply. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5801 Visualizing processes 12.8 Working with system functions and Runtime scripting SetDaylightSavingTime (Panels, RT Advanced) Description The system function "SetDaylightSavingTime" changes the setting of the HMI device from daylight saving to standard time and vice versa. Time settings will take place immediately following system function. Note The "SetDaylightSavingTime" system function does not support time zones without daylight saving time. Note Windows 7 The system function "SetDaylightSavingTime" is not supported for PC-based HMI devices under Windows 7. Use in the function list SetDaylightSavingTime(DaylightSavingTime) Use in user-defined functions SetDaylightSavingTime (Daylight_saving_time) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Daylight Saving Time Determines whether Daylight Saving Time is set on the HMI device: 0 = Daylight Saving Time is not activated 1 = Daylight Saving Time is activated See also Availability for specific devices of system functions (Page 5739) 5802 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting PressButton (Panels, RT Advanced) Description You configure the system function to the function keys of an HMI device. The system function "PressButton" triggers the function that is assigned to the event "PressKey" at the specified screen object. Use this system function when you want to operate a button in a screen with a function key of the HMI device, for example. Note The "PressButton" and "ReleaseButton" system functions must always be configured together. If you configure the "PressButton" system function on the "Press key" event for a function key, the "ReleaseButton" system function is configured on the "Release" event for the same function key. Use in the function list PressButton (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object on which the event is triggered. See also Availability for specific devices of system functions (Page 5739) ReleaseButton (Panels, RT Advanced) Description The system function can only be configured on the function keys of an HMI device and triggers the "Release button" event at the specified screen object. WinCC Advanced V14 System Manual, 10/2016 5803 Visualizing processes 12.8 Working with system functions and Runtime scripting Use this system function when you want to operate a button in a screen with a function key of the HMI device, for example. Note The "PressButton" and "ReleaseButton" system functions must always be configured together. If you configure the "PressButton" system function on the "Press key" event for a function key, then the "ReleaseButton" system function is configured on the "Release key" event for the same function key. Use in the function list ReleaseButton (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object on which the event is triggered. See also Availability for specific devices of system functions (Page 5739) BackupRAMFileSystem (Panels, RT Advanced) Description Backs up the RAM file system in the memory medium of the HMI device. After restarting the HMI device, the data is automatically reloaded in the RAM file system. Applications such as the Internet Explorer save data (e.g. the last web sites called up) temporarily to the DRAM file system of the HMI device. Use in the function list BackupRAMFileSystem Use in user-defined functions BackupRAMFileSystem Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5804 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter -- See also Availability for specific devices of system functions (Page 5739) SimulateSystemKey (Panels, RT Advanced) Description Simulates the behavior of a system key. Use this system function if a system key, such as the "ACK" key, "Input" key or the number pad is not available on the HMI device. Use in the function list SimulateSystemKey (System key) Use in user-defined functions - Parameters System key System key whose behavior is to be simulated. System key "+/-" With the SimulateSystemKey system function, the system key "+/-" is only supported for the following HMI devices: KP300 Basic KP400 Basic KTP400 Basic mono PN KTP400 Basic color PN KTP400 Basic color PN Portrait KTP600 Basic mono PN KTP600 Basic color PN KTP600 Basic color DP KTP700 Basic PN / DP KTP900 Basic PN WinCC Advanced V14 System Manual, 10/2016 5805 Visualizing processes 12.8 Working with system functions and Runtime scripting KTP1000 Basic PN KTP1000 Basic DP KTP1200 Basic PN / DP Comfort Panels Use the system keys "+" and "-" separately for all other HMI devices. See also Availability for specific devices of system functions (Page 5739) SimulateTag (Panels, RT Advanced) Description Simulates the behavior of tags and dynamic objects such as text lists, without having the HMI device connected to a PLC. You can, for example, configure the system function to the "Loaded" event of a screen. This system function is used, for example, to demonstrate the functionality of a project. Only tags of the data type Integer can be used for simulation. Tags of the data types Integer and Double Integer, however, can be used with OP 73, OP 77A, TP 177A. Note If you use the system function "SimulateTag" with a short cycle time on a Basic Panel, the HMI device may be overloaded. Use in the function list SimulateTag (Tag, Cycle, Maximum value, Minimum value, Value) Use in user-defined functions - Parameter Tag The tag whose value is changed. Cycle The factor by which the basic cycle of 200 milliseconds is multiplied. The cycle defines when the tag value is changed by the specified value. Possible cycles between 1 and 32767. 5806 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Maximum value The maximum value that the tag can assume during simulation. The maximum value must be greater than the minimum value but less than / equal to 32767. Minimum value The minimum value that the tag can assume during simulation. The minimum value must be lower than the maximum value but greater than / equal to -32768. Value The value by which the tag value is changed during each cycle. Possible values between -32768 and 32767. A positive value increases the tag value. When the maximum value is reached, the tag value is set to the minimum value after the next update cycle. A negative value reduces the tag value. When the minimum value is reached, the tag value is set to the maximum value after the next update cycle. See also Availability for specific devices of system functions (Page 5739) StartProgram (Panels, RT Advanced) Description Starts the specified program on the HMI device. The runtime software continues running in the background. Alarms continue to be output and data continues to be updated. When the given application is exited, the screen which was active during the performance of the system function is displayed on the HMI device. This system function is used, for example, to edit recipe data records in MS Excel on the HMI device. Note If Windows CE is installed on the HMI device, during the configuration it must be checked whether the desired application can be started with this system function. This system function allows all applications to be started which can be started in the "Execute" dialog of Windows CE. The application to be started must be installed on the HMI device. Use in the function list StartProgram (Program name, Program parameters, Display mode, Wait for program to end) WinCC Advanced V14 System Manual, 10/2016 5807 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions StartProgram (Program_name, Program_parameters, Display_mode, Wait_for_program_to_end) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Program name Name and path of the program which is started. Upper and lower case are taken into account in this parameter. Note If the path contains spaces, the program can only be started correctly if the path is specified in inverted commas, e.g. "C:\Program Files\START\start.exe". Program parameters The parameters you transfer at the start of the program, for example a file that is opened after the start of the program. The description of the necessary parameters is found in the documentation of the program to be started. Display mode Determines how the program window is displayed on the HMI device: 0 (hmiShowNormal) = Normal 1 (hmiShowMinimized) = Minimized 2 (hmiShowMaximized) = Maximized 3 (ShowMinimizedAndInactive) = Minimized and inactive Wait for program to end Determines whether there is a change back to the project after the called up program has ended: 0 (hmiNo) = No: No change to project 1 (hmiYes) = Yes: Change to project Note The "Wait for program to end" parameter is only available for Runtime Advanced and Panels. See also Availability for specific devices of system functions (Page 5739) 5808 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting StatusForceGetValues (Panels, RT Advanced) Description Starts or stops the updating of values in the watch table. The values are read from the PLC connected to the HMI device until the update is stopped. Note As long as the values are updated, no entries are possible in the input fields of the watch table. Use in the function list StatusForceGetValues (Screen object) Use in user-defined functions - Parameters Screen object Name of the watch table to which data from the PLC is written. See also Watch table (Page 5200) Availability for specific devices of system functions (Page 5739) StatusForceSetValues (Panels, RT Advanced) Description Writes the values from the watch table to the PLC to which the HMI device is connected. Use in the function list StatusForceSetValues (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5809 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the watch table from which data is written to the PLC. See also Watch table (Page 5200) Availability for specific devices of system functions (Page 5739) ControlSmartServer (Panels, RT Advanced) Description Starts or stops the Sm@rtServer. Use in the function list ControlSmartServer (Mode) Use in user-defined functions ControlSmartServer (Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Mode Specifies whether the Sm@rtServer is started or stopped. -1 (hmiToggle) = Toggle: Toggles between the two modes 0 (hmiStop) = Stop: Sm@rtServer is stopped 1 (hmiStart) = Start: Sm@rtServer is started See also Availability for specific devices of system functions (Page 5739) ControlWebServer (Panels, RT Advanced) Description Starts or stops the Web server. 5810 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ControlWebServer (Mode) Use in user-defined functions ControlWebServer (Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Mode Specifies whether the Web server is started or stopped. -1 (hmiToggle) = Toggle: Toggles between the two modes 0 (hmiStop) = Stop: The Web server is stopped. 1 (hmiStart) = Start: The Web server is started. See also Availability for specific devices of system functions (Page 5739) StopRuntime (Panels, RT Advanced) Description Exits the runtime software and thereby the project running on the HMI device. Use in the function list StopRuntime (Mode) Use in user-defined functions StopRuntime (Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Mode Determines whether the operating system is shut down after exiting runtime. 0 (hmiStopRuntime) = Runtime: Operating system is not shut down WinCC Advanced V14 System Manual, 10/2016 5811 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 (hmiStopRuntimeAndOperatingSystem) = Runtime and operating system: The operating system is shut down (not possible with WinCE) Example The following program code shuts down Runtime and the operating system. { //Stop runtime and shutdown StopRuntime (hmiStopRuntimeAndOperationSystem); } The saved return value can be processed in the following code. See also Availability for specific devices of system functions (Page 5739) LookupText (Panels, RT Advanced) Description Identifies an entry from a text list. The result depends on the value and on the selected runtime language. The result is saved to a tag of data type "String". Use in the function list LookupText (Output text, Index, Language, Text list) Use in user-defined functions LookupText (Output_text, Index, Language, Text_list) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Output text The tag to which the result is written. Index The tag that defines the value of the list entry. 5812 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Language Defines the runtime language in which the list entry is identified. Runtime language Language code as per VBScript reference, for example, "de-DE" for German (Germany) or "en-US" for English (United States of America). The selection depends on the activated runtime languages. Tag The tag that contains the language. Enter the runtime language as decimal value of the country ID, for example, 1031 for German - Standard, 1033 for English - USA. Details are available in the VBScript basics, "Locale identifier (LCID) diagram". Integer The number that corresponds to the order of runtime languages for language switching. The selection depends on the activated runtime languages, for example, "0" for the language that appears when you first start runtime. You can find more information under the topic of "Languages in Runtime". Text list Defines the text list. The list entry is read from the text list. See also Availability for specific devices of system functions (Page 5739) ResetTagToHandWheel (Panels, RT Advanced) Description Separates the tag that is connected with the operating element handwheel, and reconnects the handwheel with the global tags. Use in the function list ResetTagToHandWheel Use in user-defined functions - Parameters -- See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5813 Visualizing processes 12.8 Working with system functions and Runtime scripting SetTagToHandWheel (Panels, RT Advanced) Description Connect the tag with the operating device handwheel If the handwheel is operated, the tag value changes. The connection can be reset using the "ResetTagToHandWheel" system function. Use in the function list SetTagToHandWheel (Value) Use in user-defined functions - Parameters Value Tag names which are connected to the operating device handwheel. See also Availability for specific devices of system functions (Page 5739) DecreaseFocusedValue (Panels, RT Advanced) Description Subtracts the specified value from the value of the tag which is connected to the screen object and currently has the focus. This system function can only be used for function keys. Use in the function list DecreaseFocusedValue (Value) Use in user-defined functions - Parameters Value The value which is subtracted from the tag value. 5814 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) ShowOperatorNotes (Panels, RT Advanced) Application Displays the tooltip configured for the selected object. If the system function is configured on a function key, the tooltip for the screen object that currently has the focus is displayed. If a tooltip is configured for the screen itself, you can switch to this text by pressing <Enter> or by double-clicking on the help window. If the system function is configured on a button, only the tooltip for the current screen is displayed. If a tooltip is configured on the button itself, initially only the tooltip for the button is displayed. You can press <Enter> or double-click on the help window to switch to the tooltip for the current screen. Note No other screen object can be used while the help window is open. To use the screen object, close the help window. Closing the help window You can close the help window in the following ways: Using the keys: By pressing the <HELP> key again By pressing the <ESC> key Using the touch screen: By pressing the button Use in the function list ShowOperatorNotes (Layout) Use in user-defined functions ShowOperatorNotes (Display_mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5815 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Display mode Determines whether the configured tooltip is hidden or shown: 0 (hmiOff) = Off: Configured tooltip is hidden 1 (hmiOn) = On: Configured tooltip is shown -1 (hmiToggle) = Toggle: Toggles between the two modes See also Availability for specific devices of system functions (Page 5739) ShowSoftwareVersion (Panels, RT Advanced) Description Hides or shows the version number of the runtime software. Use this system function if during servicing, for example, you required the version of the runtime software used. Use in the function list ShowSoftwareVersion (Display mode) Use in user-defined functions ShowSoftwareVersion (Display_mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Display mode Determines whether the version number is shown: 0 (hmiOff) = Off: Version number is not shown 1 (hmiOn) = On: Version number is shown -1 (hmiToggle) = Toggle: Toggles between the two modes See also Availability for specific devices of system functions (Page 5739) 5816 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting ShowPopupScreen (Panels, RT Advanced) Description Opens the pop-up-screen, for example, when a button is pressed. You can enter a constant value or assign a tag as coordinates. If the configured pop-up screen is not visible or only partially visible, the coordinates are set to 0.0. Regardless of the size of the permanent area, the start position of the coordinates is always 0.0. Use in the function list ShowPopupScreen (Name of the screen, X coordinate, Y coordinate, Display mode, Animation, Animation speed) Use in user-defined functions ShowPopupScreen (Name of the Screen, X coordinate, Y coordinate, Display mode, Animation, Animation speed) Parameters Name of the screen Specifies the name of the pop-up screen that appears in Runtime when a button is pressed. X coordinate Position of the pop-up screen in the current screen on the X axis Y coordinate Position of the pop-up screen in the current screen on the X axis Display mode Specifies the mode for the pop-up screen: Switching Off On Animation Specifies the direction from which the pop-up screen is shown: Off Left Top Right WinCC Advanced V14 System Manual, 10/2016 5817 Visualizing processes 12.8 Working with system functions and Runtime scripting Bottom Animation speed Specifies the speed at which the pop-up screen is shown: Slow Medium Fast See also System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) ShowPopupScreenSizable (Panels, RT Advanced) Description Opens the pop-up screen with a defined size. You can open a pop-up screen in a different size with this system function; the scroll bars are displayed for navigating in the content of the pop-up screen. You can enter a constant value or assign a tag as coordinates. If the configured pop-up screen is not visible or only partially visible, the coordinates are set to 0.0. Regardless of the size of the permanent area, the start position of the coordinates is always 0.0. You also define the displayed width and height of the pop-up screen, which can deviate from the sizes of the configured pop-up screen. The scroll bars are displayed in the pop-up screen in this case. Note Operation on HMI devices with keys You scroll in pop-up screens using the keyboard shortcut <ALT>+<arrow key>. 5818 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Display only one scroll bar If you specify only one of the sizes smaller than the size of the configured pop-up screen in the parameters of the system function, the two scroll bars are displayed in the pop-up screen. You have two options to configure only one scroll bar in the pop-up screen: Reduce the width/height of the configured pop-up screen by the size of the device-specific scroll bar. Specify a value that corresponds to the actual size of the pop-up screen for one of the size parameters and add the device-specific size of the scroll bar. You specify the value for the other size as needed. Example: You want to open a pop-up screen with the configured size of 500 x 420 in the size 500 x 300 with a vertical scroll bar. Specify the value 534 for the width parameter which corresponds to the actual width of the configured pop-up screen plus the size of the scroll bar of 34. Enter the value 300 for the height. The pop-up screen is opened in the size 500 x 300 in Runtime and only the vertical scroll bar is displayed. Device type (version V14) Width Height HMI devices with 4" display Comfort Panels with 19" display 25 25 27 27 34 34 Runtime Advanced HMI devices with 9" display Comfort Panels with 15" display Comfort Panels with 22" display HMI devices with 7" display HMI devices with 12" display Use in the function list ShowPopupScreenSizable (Name of the screen, X coordinate, Y coordinate, Width, Height, Display mode, Animation, Animation speed) Use in user-defined functions ShowPopupScreenSizable (Name of the Screen, X coordinate, Y coordinate, Width, Height, Display mode, Animation, Animation speed) Parameters Name of the screen Specifies the name of the pop-up screen that appears in Runtime when a button is pressed. X coordinate Position of the pop-up screen in the current screen on the X axis Y coordinate Position of the pop-up screen in the current screen on the X axis WinCC Advanced V14 System Manual, 10/2016 5819 Visualizing processes 12.8 Working with system functions and Runtime scripting Width Specifies the width of the pop-up screen. The maximum width must not exceed the screen width of the configured HMI device. Height Specifies the height of the pop-up screen. The maximum height must not exceed the screen width of the configured HMI device. Display mode Specifies the mode for the pop-up screen: Switching Off On Animation Specifies the direction from which the pop-up screen is shown: Off Left Top Right Bottom Animation speed Specifies the speed at which the pop-up screen is shown: Slow Medium Fast ShowSlideInScreen (Panels, RT Advanced) Description Calls the slide-in screen, for example, when operating a button. Use in the function list ShowSlideinScreen (screen name, mode) Use in user-defined functions ShowSlideInScreen (SlideInScreen_name, Mode) 5820 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Screen name Specifies the slide-in screen that appears in Runtime when a button is pressed: Top Slide-in screen Bottom Slide-in screen Left Slide-in screen Right Slide-in screen Mode Specifies the mode for the slide-in screen: Switching Off On See also System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) Logs (Panels, RT Advanced) ArchiveLogFile (Panels, RT Advanced) Description This system function moves or copies a log to another storage location for long-term logging. With Audit Trails, always use the "Move" (hmiMove)" mode, otherwise you will be violating the FDA guideline by duplicating the data stored. Prior to "ArchiveLogFile" always run the system function "CloseAllLogs". After this system function, run the "OpenAllLogs" system function. In "Copy log" mode, the logs are not reopened until the log has been successfully copied, or unless a timeout occurs during the copy process. In "Move log" mode, the logs to be moved are renamed and the new logs are opened immediately. To move the renamed logs, a job is submitted which attempts to move them every 300 seconds if the server cannot be reached. The job is also retained after Runtime is restarted until it is executed. WinCC Advanced V14 System Manual, 10/2016 5821 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ArchiveLogFile (Log type, Log, Directory name, Mode) Use in user-defined functions ArchiveLogFile (Log_type, Log, Directory_name, Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: 0 (hmiTagArchive) = Data log 1 (miAlarmArchive) = Alarm log 2 (hmiAudittrailArchive) = Audit trail log available for GMP compliant projects. Additional information is available under "Activating GMP-compliant configuration". Log Name of the log being archived. Directory name Path for saving the log. Mode 0 (hmiCopy) = Copy log 1 (hmiMove) = Move log Application example You want to move a log file from a local storage medium to the server in order to generate a backup copy of this file at cyclic intervals. Notes on configuring Set up a task in the scheduler which is executed at a specific time on a daily basis. Configure the following function list for the task: 5822 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Procedure on HMI device All log files will be closed. The log file you specified is moved to the server. All closed log files will be opened again. See also Availability for specific devices of system functions (Page 5739) LogTag (Panels, RT Advanced) Description Saves the value of the given tags in the given data log. This system function is used to archive a process value at a certain point in time. Use in the function list LogTag (Tag) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5823 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Tag The tag whose value is logged. The tag is stored in the log which is configured for the specified tag. See also System functions for Basic Panels (Page 5739) Availability for specific devices of system functions (Page 5739) CopyLog (Panels, RT Advanced) Description Copies the contents of a log to another log. Tag values can only be copied to other data logs and alarms only to other alarm logs, however. Note If you copy a log using the "CopyLog" system function, it is possible that external applications will be unable to read certain country-specific special characters in the logged message text of the log copy. This does not apply to WinCC Runtime. WinCC Runtime can read the copied log files without errors. Note 80% of the log entries are copied when copying the circular logs. 20% of entries are not copied because the space is reserved for buffer overflow by default. Use in the function list CopyLog (Log type, Destination log, Source log, Mode, Delete source log) Use in user-defined functions CopyLog (Log_type, Destination log, Source_log, Mode, Delete_source_log) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: 0 (hmiTagArchive) = Data log 5824 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 (hmiAlarmArchive) = Alarm log Destination log Name of the log into which the entries are copied (Destination log). Source log Name of the log from which the entries are copied (Source log). Mode Determines what is done with copied entries in the destination log: 0 (hmiOverwrite) = Overwrite: Existing entries are overwritten. 2 (hmiAppend) = Append: The entries are inserted at the end of the destination log. When the configured size of the log has been reached, the destination log is treated like a circular log. Delete source log Determines whether the source log is deleted after copying. 0 (hmiNo) = No: Is not deleted. 1 (hmiYes) = Yes: Is deleted. See also Storage locations of logs (Page 5532) Availability for specific devices of system functions (Page 5739) ClearLog (Panels, RT Advanced) Description Deletes all data records in the given log. Use in the function list ClearLog (Log type, Log) Use in user-defined functions ClearLog (Log_type, Log) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: WinCC Advanced V14 System Manual, 10/2016 5825 Visualizing processes 12.8 Working with system functions and Runtime scripting 0 (hmiTagArchive) = Data log 1 (hmiAlarmArchive) = Alarm log 2 (hmiAudittrailArchive) = Audit trail log Available for GMP-compliant projects Additional information is available under "Activating GMP-compliant configuration". Log Name of the log from which all entries are deleted. See also Availability for specific devices of system functions (Page 5739) OpenAllLogs (Panels, RT Advanced) Description Reestablishes the connection between WinCC and the logs. Logging can be continued. Note Run the "StartLogging" system function in order to restart logging. Use in the function list OpenAllLogs Use in user-defined functions OpenAllLogs Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- Application example You are in runtime and want to change the data medium on which the process values are logged. Notes on configuring Configure the "StopLogging" and "CloseAllLogs" system functions on the "Close Archive" button. 5826 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Configure the "OpenAllLogs" and "StartLogging" system functions on the "Open Archive" button. As parameter transfer the respective name of the log that is to be stopped and started. Procedure on HMI device When the button "Close Archive" is pressed, the specified log is stopped and all open logs are closed. The data medium can be changed. You open all logs with the "Open Archive" button. Logging will be continued in the specified log. See also Availability for specific devices of system functions (Page 5739) CloseAllLogs (Panels, RT Advanced) Description Disconnects the connection between WinCC and all logs. Use in the function list CloseAllLogs Use in user-defined functions CloseAllLogs Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- Application example You are in runtime and want to change the data medium on which the process values are logged. Notes on configuring Configure the "CloseAllLogs" system function on the "Close Archive" button. Configure the "OpenAllLogs" and "StartLogging" system functions on the "Open Archive" button. As parameter transfer the respective name of the log that is to be stopped and started. Procedure on HMI device WinCC Advanced V14 System Manual, 10/2016 5827 Visualizing processes 12.8 Working with system functions and Runtime scripting When you press the "Close Archive" button, the opened logs are closed. The data medium can be changed. The logging continues during the change of the data medium. The process values to be logged are cached. You open all logs with the "Open Archive" button. The logging process will continue in the specified log. The buffered process values are later added to the log. See also Availability for specific devices of system functions (Page 5739) StartLogging (Panels, RT Advanced) Description Starts the logging of data or alarms in the specified log. The function can also be applied to audit trails. You can interrupt logging at runtime using the "StopLogging" system function. Use in the function list StartLogging (Log type, Log) Use in user-defined functions StartLogging (Log_type, Log) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: 0 (hmiTagArchive) = Data log 1 (hmiAlarmArchive) = Alarm log 2 (hmiAudittrailArchive) = Audit trail Log Name of the log which is started. See also Managing logging behavior when Runtime starts (Page 5368) Availability for specific devices of system functions (Page 5739) 5828 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting StartNextLog (Panels, RT Advanced) Description Stops the logging of data or alarms for the given log. Logging is continued in the next log of the segmented circular log you configured for the specified log. If you did not configure a segmented circular log for the specified log, the system function has no effect. Use in the function list StartNextLog (Log type, Log) Use in user-defined functions StartNextLog (Log_type, Log) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: 0 (hmiTagArchive) = Data log 1 (hmiAlarmArchive) = Alarm log Log Name of the log for which the logging is stopped and continued in the next log. See also Availability for specific devices of system functions (Page 5739) StopLogging (Panels, RT Advanced) Description Stops the logging of process values or alarms in the specified log. The function can also be applied to audit trails. WinCC Advanced V14 System Manual, 10/2016 5829 Visualizing processes 12.8 Working with system functions and Runtime scripting The "StartLogging" system function is used to resume logging at runtime. Note When logging is stopped, a connection between WinCC and the log files or log database still exists. Use the "CloseAllLogs" system function to disconnect this connection. Use in the function list StopLogging (Log type, Log) Use in user-defined functions StopLogging (Log_type, Log) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Log type Determines the type of log: 0 (hmiTagArchive) = Data log 1 (hmiAlarmArchive) = Alarm log 2 (hmiAudittrailArchive) = Audit trail Log Name of the log that is stopped. Application example You are in runtime and want to change the data medium on which the process values are logged. Notes on configuring Configure the "StopLogging" and "CloseAllLogs" system functions on the "Close Archive" button. Configure the "OpenAllLogs" and "StartLogging" system functions on the "Open Archive" button. As parameter transfer the respective name of the log that is to be stopped and started. Procedure on HMI device When the button "Close Archive" is pressed, the specified log is stopped and all open logs are closed. The data medium can be changed. The "Open Archive" button opens all logs and continues logging in the specified log. 5830 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) User administration (Panels, RT Advanced) Logoff (Panels, RT Advanced) Description Logs off the current user on the HMI device. Use in the function list Logoff Use in user-defined functions Logoff Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) Logon (Panels, RT Advanced) Description Logs on the current user on the HMI device. Use in the function list Logon (Password, User name) Use in user-defined functions Logon (Password, User_name) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5831 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Password The tag from which the password for the user logging on is read. If the user is logged on, the password in the tag is deleted. User name The tag from which the user name for the user logging on is read. See also Availability for specific devices of system functions (Page 5739) ExportImportUserAdministration (Panels, RT Advanced) Description Exports all users of the user administration of the currently active project to the given file or imports the users from the given file into the currently active project. Users, their passwords and rights are saved in the user administration. All users are overwritten when importing. The imported users are valid immediately. Note Exporting and importing of the user administration from V14 is not supported on HMI devices with a Runtime version older than V14. Use in the function list ExportImportUserAdministration (File name, Direction) Use in user-defined functions ExportImportUserAdministration (File_name, Direction) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5832 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter File name Name of the file which contains the passwords or to which the passwords are written. Enter the file location and the file extension (*.txt), for example, "C:\TEMP\Passwords.txt". Note If a storage card is used as file location, specify the file location as follows: "\StorageCard \<FileName". Direction Specifies whether passwords are exported or imported: 0 (hmiExport) = Export: Passwords are exported. 1 (hmiImport) = Import: Passwords are imported. See also Availability for specific devices of system functions (Page 5739) GetUserName (Panels, RT Advanced) Description Writes the user name of the user currently logged on to the HMI device in the given tag. If the given tag has a control connection, the user name is also available in the PLC connection. This system function makes it possible, for example, to implement a user-dependent release of certain functionalities. Use in the function list GetUserName (Tag) Use in user-defined functions GetUserName (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Tag The tag to which the user name is written. WinCC Advanced V14 System Manual, 10/2016 5833 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) GetGroupNumber (Panels, RT Advanced) Description Reads the number of the group to which the user logged on to the HMI device belongs, and writes it to the given tag. Use in the function list GetGroupNumber (Tag) Use in user-defined functions GetGroupNumber (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Tag The tag to which the number of the group is written. See also Availability for specific devices of system functions (Page 5739) GetPassword (Panels, RT Advanced) Description Writes the password of the user currently logged on to the HMI device in the given tag. Note Make sure that the value of the given tag is not displayed in another place in the project. Note The passwords of SIMATIC Logon users cannot be read. 5834 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Note The "GetPassword" system function is not available for devices as of device version 14.0.0.0. If this system feature is used in a project older than version V14, it is removed after migration to V14. The event linked to the system function is thereby invalidated. The "GetPassword" system function appears to be faulty in the configuration. A warning is generated during compiling. The "GetPassword" system function is no longer included in the compiled Runtime project. Use in the function list GetPassword (Tag) Use in user-defined functions GetPassword (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Tag The tag to which the password is written. See also System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) TraceUserChange (Panels, RT Advanced) Description Outputs a system event that shows which user is currently logged in on the HMI device. This system function can only be used in the Scheduler. Use in the function list TraceUserChange Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5835 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters -- See also Availability for specific devices of system functions (Page 5739) ShowLogonDialog (Panels, RT Advanced) Description Opens a dialog on the HMI device with which the user can log on to the HMI device. Use in the function list ShowLogonDialog Use in user-defined functions - Parameters -- See also Availability for specific devices of system functions (Page 5739) Calculation (Panels, RT Advanced) IncreaseTag (Panels, RT Advanced) Description Adds the given value to the value of the tags. X=X+a Note The system function uses the same tag as input and output values. When this system function is used to convert a value, help tags must be used. You can use the "SetTag" system function to assign the tag value to the auxiliary tags. 5836 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting If you configure the system function on the events of an alarm and the tag is not being used in the current screen, it is not ensured that the actual value of the tags is being used in the PLC. You can improve the situation by setting the "Cyclic continuous" acquisition mode. Use in the function list IncreaseTag (Tag, Value) Use in user-defined functions IncreaseTag (Tag, Value) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Tag The tag to which the given value is added. Value The value that is added. See also SetTag (Page 5840) Availability for specific devices of system functions (Page 5739) InvertLinearScaling (Panels, RT Advanced) Description Assigns a value to the tag X, which is calculated from the value of the given tag Y using the linear function X = (Y - b) / a. The tags X and Y must not be identical. This system function is the inverse of the "LinearScaling" system function. Note The tags X and Y must not be identical. If a tag is to be converted into itself, a auxiliary tag must be used. The "SetTag" system function can be used to assign the value of the tags to be converted to the auxiliary tags. WinCC Advanced V14 System Manual, 10/2016 5837 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list InvertLinearScaling (X, Y, b, a) Use in user-defined functions InvertLinearScaling (X, Y, b, a) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters X The tag which is assigned the value calculated from the linear equation. Y The tag that contains the value used for calculation. b The value which is subtracted. a The value through which is divided. Example The following program code assigns a value to the varX tag by means of the InverseLinearScaling function. { BYTE BYTE BYTE BYTE varX; Yvalue = 10; bvalue = 3; avalue = 4; //Inverse linear scaling InverseLinearScaling (varX, Yvalue, bvalue, avalue); printf ("varX = %d\r\n, varX); ... } The saved return value can be processed in the following code. See also Availability for specific devices of system functions (Page 5739) 5838 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting LinearScaling (Panels, RT Advanced) Description Assigns a value to the tag Y, which is calculated from the value of the given tag X using the linear function Y= (a *X) + b. The inverse of this function is the "InvertLinearScaling" system function. Note The tags X and Y must not be identical. If a tag is to be converted into itself, a auxiliary tag must be used. The "SetTag" system function can be used to assign the value of the tags to be converted to the auxiliary tags. Use in the function list LinearScaling (Y, a, X, b) Use in user-defined functions LinearScaling (Y, a, X, b) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Y The tag which is assigned the value calculated from the linear equation. a The value with which is multiplied. X The tag that contains the value used for calculation. b The value that is added. WinCC Advanced V14 System Manual, 10/2016 5839 Visualizing processes 12.8 Working with system functions and Runtime scripting Example The following program code uses the LinearScaling function to assign a value to the Yvar tag. { BYTE BYTE BYTE BYTE Yvar; Xvalue = 10; bvalue = 3; avalue = 4; // linear scaling LinearScaling ( Yvar, avalue, Xvalue, bvalue); printf ("Yvar = %d\r\n, Yvar); ... } The saved return value can be processed in the following code. See also Availability for specific devices of system functions (Page 5739) SetTag (Panels, RT Advanced) Description Assigns a new value to the given tag. Note This system function can be used to assign strings and numbers, depending on the type of tag. Use in the function list SetTag (Tag, Value) Use in user-defined functions SetTag (Tag, Value) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5840 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Tag The tag to which the given value is assigned. Value The value which the given tag is assigned. Note The "SetTag" system function is only executed after a connection has been established. Example The following program code uses the SetTag function to set the value of the gs_tag_bit tag to TRUE and saves the return value to the ok tag. { BOOL ok; BOOL bvalue; //Set the tag to true ok = SetTag("gs_tag_bit", TRUE); //error handling if(ok) { // succeeded printf ( "Function has run through.\r\n" ); bvalue = GetTagBit("gs_tag_bit"); printf ("Value of gs_tag_bit: %d\r\n", bvalue); } else { // failed printf ( "Error - function failed." ); } ... } The saved return value can be processed in the following code. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5841 Visualizing processes 12.8 Working with system functions and Runtime scripting DecreaseTag (Panels, RT Advanced) Description Subtracts the given value from the tag value. X=X-a Note The system function uses the same tag as input and output values. When this system function is used to convert a value, auxiliary tags must be used. The auxiliary tags are assigned to the tag value with the "SetTag" system function. If you configure the system function on the events of an alarm and the tag is not being used in the current screen, it is not ensured that the actual value of the tags is being used in the PLC. You can improve the situation by setting the "Cyclic continuous" acquisition mode. Use in the function list DecreaseTag (Tag, Value) Use in user-defined functions DecreaseTag (Tag, Value) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Tag The tag from which the given value is subtracted. Value The value which is subtracted. See also Availability for specific devices of system functions (Page 5739) 5842 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Bit processing (Panels, RT Advanced) InvertBit (Panels, RT Advanced) Description Inverts the value of the given tag of the "Bool" type: If the tag has the value of 1 (TRUE), it will be set to 0 (FALSE). If the tag has the value of 0 (FALSE), it will be set to 1 (TRUE). Use in the function list InvertBit (Tag) Use in user-defined functions InvertBit (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Tag The tag whose bit is set. WinCC Advanced V14 System Manual, 10/2016 5843 Visualizing processes 12.8 Working with system functions and Runtime scripting Example The following program code inverts the value of the Boolean tag bStatus and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, strResult Set myTag = SmartTags("bStatus") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Get current value bValue=myTag.Value 'Save current value bSaved=bValue 'Invert Bit InvertBit(myTag) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult //Programming language: C { BOOL bStatus = 0; BOOL bSaved = bStatus; //Invert variable invertBit(bStatus); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatus, bSaved); ... } See also Availability for specific devices of system functions (Page 5739) 5844 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting InvertBitInTag (Panels, RT Advanced) Description Inverts a bit in the given tag: If the bit in the tag has the value of 1 (TRUE), it will be set to 0 (FALSE). If the bit in the tag has the value of 0 (FALSE), it will be set to 1 (TRUE). After changing the given bit, the system function transfers the entire tag back to the PLC. It is not checked whether other bits in the tags have changed in the meantime. Operator and PLC have read-only access to the indicated tag until it is transferred back to the PLC. Note If the PLC supports BOOL tags, do not use this system function. Use the "InvertBit" system function instead. Use in the function list InvertBitInTag (Tag, Bit) Use in user-defined functions InvertBitInTag (Tag, Bit) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Tag The tag in which the given bit is set. Bit The number of the bit that is set. When this system function is used in a user-defined function, the bits in a tag are counted from right to left. The counting begins with 0. WinCC Advanced V14 System Manual, 10/2016 5845 Visualizing processes 12.8 Working with system functions and Runtime scripting Example The following program code inverts a bit at the specified bitposition in the bStatusWord tag and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, bitposition, strResult Set myTag = SmartTags("bStatusWord") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Get current value bValue=myTag.Value 'Save current value bSaved=bValue 'Invert Bit in position bitposition=2 InvertBit(myTag, bitposition) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult //Programming language: C { BYTE bStatusWord; BYTE bsaved = bStatusWord; BYTE bitposition = 2; //Invert bit in bitposition InvertBitInTag (bStatusWord, bitposition); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatusWord, bsaved); ... } See also Availability for specific devices of system functions (Page 5739) ResetBit (Panels, RT Advanced) Description Sets the value of a "Bool" type tag to 0 (FALSE). 5846 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ResetBit (Tag) Use in user-defined functions ResetBit (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Tag The BOOL type tag which is set to 0 (FALSE). Example The following program code sets the value of the Boolean tag bStatus to 0 by means of the ResetBit function and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, strResult Set myTag = SmartTags("bStatus") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Set value bValue=1 myTag.Value=bValue 'Save current value bSaved=bValue 'Reset Bit ResetBit(myTag) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult WinCC Advanced V14 System Manual, 10/2016 5847 Visualizing processes 12.8 Working with system functions and Runtime scripting //Programming language: C { BOOL bStatus = 1; BOOL bSaved = bStatus; //Reset bit ResetBit (bStatus); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatus, bSaved); ... } See also ResetBitInTag (Page 5848) Availability for specific devices of system functions (Page 5739) ResetBitInTag (Panels, RT Advanced) Description Sets a bit in the specified tag to 0 (FALSE). After changing the given bit, the system function transfers the entire tag back to the PLC. It is not checked whether other bits in the tags have changed in the meantime. Operator and PLC have read-only access to the indicated tag until it is transferred back to the PLC. Note If the PLC supports BOOL tags, do not use this system function. Use the "ResetBit" system function instead. Use in the function list ResetBitInTag (Tag, Bit) Use in user-defined functions ResetBitInTag (Tag, Bit) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5848 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Tag The tag in which a bit is set to 0 (FALSE). Bit The number of the bit that is set to 0 (FALSE). When this system function is used in a user-defined function, the bits in the specified tag will be counted from right to left independent of the PLC used. The counting begins with 0. Example The following program code sets a bit to 0 at the specified bitposition in the bStatusWord tag and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, bitposition, strResult Set myTag = SmartTags("bStatusWord") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Save current value bValue=myTag.Value bSaved=bValue 'Reset Bit bitposition=2 ResetBit(myTag, bitposition) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult //Programming language: C { BYTE bStatusWord; BYTE bSaved = bStatusWord; BYTE bitposition = 2; //Reset bit in bitposition ResetBitInTag (bStatusWord, bitposition); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatusWord, bSaved); ... } WinCC Advanced V14 System Manual, 10/2016 5849 Visualizing processes 12.8 Working with system functions and Runtime scripting See also ResetBit (Page 5846) Availability for specific devices of system functions (Page 5739) ShiftAndMask (Panels, RT Advanced) Description This system function converts the input bit pattern of the source tags into an output bit pattern of the target tags. This involves bit shifting and masking. Note If the source and target tag have a different number of bits, using the system function in the target tag can result in a violation of the value range. Use in the function list ShiftAndMask (Source tag, Target tag, Bits to shift, Bits to mask) Use in user-defined functions ShiftAndMask (Source_tag, Target_tag, Bits_to_shift, Bits_to_mask) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Source tag The tag includes the input bit pattern. Integer-type tags, e.g. "Byte", "Char", "Int", "UInt", "Long" and "ULong" are permitted. Example: The actual value 72 is set at the 16-bit integer source tag: 0000000001001000. Target tag The output bit pattern is saved in the tag. Integer type tags, e.g. "Byte", "Char", "Int", "UInt", "Long" and "ULong" are permitted. Example: The shifted input bit pattern is multiplied by the bit mask, with bit-by-bit logical AND operation: 0000000000001001. The resultant decimal value "8" is saved to the target tag. Please note the following: The source and target tags have the same number of bits. The number of bits to shift is less than the number of bits in the source tag and target tag. Bits to mask does not have more bits than the source tag and the target tag. 5850 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Bits to shift Number of bits by which the input bit pattern is shifted right. A negative value shifts the input bit pattern to the left. Example: "Bits to shift" has the value "+3". The input bit pattern is shifted right by three bits when the system function is called: 0000000000001001. Bits to the left are padded with "0". Three bits are truncated on the right. The new decimal value is "9". Note The left bit is "1" in a source tag of the data type with negative signed integer. This sign bit is padded with "0" when the bits are shifted right. The sign changes to "+". Bits to mask An integer serves as bit mask. The bit pattern is used to multiply the shifted input bit pattern. Example: Integer "2478" with the bit pattern "0000100110101110". You can enter the bit mask in three different ways: Hexadecimal: First enter the prefix "0h" or "0H", followed by an optional space for better readability. Then group the bit pattern in blocks of four (0000)(1001)(1010)(1110) and set each block in hexadecimal code: (0)(9)(A)(E). Only the characters 0-9, A-F, a-f are allowed: "0h 09AE". Binary: First enter the prefix "0b" or "0B", followed by an optional space for better readability. Then group the binary bit pattern into blocks of four 0000 1001 1010 1110 with spaces in between as a check. Only the characters "0" or "1" are allowed: "0b 0000 1001 1010 1110". Decimal: Enter the value "2478" directly, without a prefix. Note If you change the device version of the target HMI device after configuration (e.g."13.1.0" to "13.0.0" or vice versa), you must check and test the parameters of this system function. You can use the "Char" and "Word" data types for the "Source tag" and "Target tag" parameters as of device version 13.1.0. In the device versions before 13.1.0, these parameters must be assigned other data types: Use "SInt" instead of "Char" Use "Int" instead of "Word" Otherwise, there may be unwanted effects, for example incorrect or unexpected behavior of the configured system functions. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5851 Visualizing processes 12.8 Working with system functions and Runtime scripting SetBit (Panels, RT Advanced) Description Sets the value of a "Bool" type tag to 1 (TRUE). Use in the function list SetBit (Tag) Use in user-defined functions SetBit (Tag) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Tag The BOOL type tag which is set to 1 (TRUE). Example The following program code sets the value of the Boolean tag bStatus to 1 by means of the SetBit function and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, strResult Set myTag = SmartTags("bStatus") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Set value bValue=0 myTag.Value=bValue 'Save current value bSaved=bValue 'Set Bit SetBit(myTag) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult 5852 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting //Programming language: C { BOOL bStatus = 0; BOOL bSaved = bStatus; //Set bit SetBit (bStatus); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatus, bSaved); ... } See also Availability for specific devices of system functions (Page 5739) SetBitInTag (Panels, RT Advanced) Description Sets a bit in the given tag to 1 (TRUE). After changing the given bit, the system function transfers the entire tag back to the PLC. It is not checked whether other bits in the tags have changed in the meantime. Operator and PLC have read-only access to the indicated tag until it is transferred back to the PLC. Note If the PLC supports BOOL tags, do not use this system function. Use the "SetBit" system function instead. Use in the function list SetBitInTag (Tag, Bit) Use in user-defined functions SetBitInTag(Tag, Bit) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Tag The tag in which a bit is set to 1 (TRUE). WinCC Advanced V14 System Manual, 10/2016 5853 Visualizing processes 12.8 Working with system functions and Runtime scripting Bit The number of the bit that is set to 1 (TRUE). When this system function is used in a user-defined function, the bits in the specified tag will be counted from right to left independent of the PLC used. The counting begins with 0. Note The guaranteed update of the tags used with actual process values is absolutely conditional in terms of reliable functionality. You should therefore configure the tag in an I/O field or assign the system function to a screen object, such as a button. If you have configured a short event such as the activation of an alarm for the system function you can only access the actual process values by setting the tag for continuous reading. Example The following program code sets a bit to 1 at the specified bitposition in the bStatusWord tag and outputs the result along with the original bSaved value. 'Programming language: VB Dim myTag Dim myOutputField Dim bValue, bSaved, bitposition, strResult Set myTag = SmartTags("bStatusWord") Set myOutputField=HMIRuntime.Screens("MyScreen").ScreenItems("objTextField") 'Save current value bValue=myTag.Value bSaved=bValue 'Set Bit in tag bitposition=2 SetBitInTag(myTag, bitposition) bValue=myTag.Value 'Output result old and new value: strResult="Old Value: "&bSaved &Chr(13)&"New Value: "&bValue myOutputField.Text=strResult 5854 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting //Programming language: C { BYTE bStatusWord; BYTE bSaved = bStatusWord; BYTE bitposition = 2; //Reset bit in bitposition SetBitInTag (bStatusWord, bitposition); //print current and saved value printf ("Current value: %d\r\n, Saved value: %d\r\n",bStatusWord, bSaved); ... } See also SetBit (Page 5852) Availability for specific devices of system functions (Page 5739) SetBitWhileKeyPressed (Panels, RT Advanced) Description Sets the bit of the given tag to 1 (TRUE) as long as the user keeps the configured key pressed. After changing the given bit, the system function transfers the entire tag back to the PLC. It is not checked whether other bits in the tags have changed in the meantime. Operator and PLC have read-only access to the indicated tag until it is transferred back to the PLC. You should only access tags of the BOOL type with this system function to avoid problems with overlapping access to the same tag. Note All functions on the event "Release" are performed immediately by means of a screen change configured for a key, even if the key is kept pressed. If the "SetBitWhileKeyPressed" system function is configured for a function key, the bit will be reset immediately following a screen change. This action is necessary since the key assignments change after the screen change. If the PLC supports BOOL tags, do not use this system function. Use the "SetBit" system function instead. Use in the function list SetBitWhileKeyPressed (Tag, Bit) WinCC Advanced V14 System Manual, 10/2016 5855 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Tag The tag in which a bit is temporarily set to 1 (TRUE). Use only tags of the type BOOL, as far as allowed by the PLC. Bit The number of the bit that is temporarily set to 1 (TRUE). Note The guaranteed update of the tags used with actual process values is absolutely conditional in terms of reliable functionality. You should therefore configure the tag in an IO field, or assign the function to a screen element such as a button. If you configured a short event such as the activation of an alarm for the function you can only access the actual process values by setting the tag for continuous reading. See also SetBit (Page 5852) Availability for specific devices of system functions (Page 5739) Printing (Panels, RT Advanced) PrintScreen (Panels, RT Advanced) Description Prints the screen currently being displayed on the HMI device from the printer which is connected to the HMI device. Opened windows are also printed. Note The printer settings are taken over from the current settings in the Windows operation system. Use in the function list PrintScreen 5856 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions PrintScreen Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) PrintReport (Panels, RT Advanced) Description Prints the given report from the printer which is connected to the HMI device. The report is printed in the language which is set on the HMI device. Note If runtime is closed whilst log data are being printed using the system function, the report will cease to be supplied with data as soon as runtime stops. Use in the function list PrintReport (Report) Use in user-defined functions PrintReport (Report) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5857 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Report Name of the report to be printed. Note If you have set up via the "Function list" dialog box a new report for the "PrintReport" function, when compiling, the following warning appears: "The report "Report_1" has no printed pages." In order to remedy the warning, open the "Report_1" via the project view and recompile the project. See also Availability for specific devices of system functions (Page 5739) SetAlarmReportMode (Panels, RT Advanced) Description Switches the automatic reporting of alarms on the printer on or off. Use in the function list SetAlarmReportMode (Mode) Use in user-defined functions SetAlarmReportMode (Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Mode Determines whether alarms are reported automatically on the printer: 0 (hmiDisablePrinting) = Reporting off: Alarms are not printed automatically. 1 (hmiEnablePrinting) = Reporting On: Alarms are printed automatically. -1 (hmiToggle) = Toggle: Toggles between the two modes. See also Availability for specific devices of system functions (Page 5739) 5858 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Settings (Panels, RT Advanced) GetPLCMode (Panels, RT Advanced) Description Evaluates the current state of the connected PLC. The system function "GetPLCMode" can only be configured for the following PLCs: SIMATIC S7-1200 SIMATIC S7-1500 Use in the function list GetPLCMode (Connection, Mode) Use in user-defined functions - Parameters Connection Connection of PLC and HMI device. Mode Evaluates the state of the connected PLC. 8: RUN = The PLC program is being executed. 4: STOP = The PLC program has been interrupted. Select a suitable user variable for the evaluation. SetDisplayMode (Panels, RT Advanced) Description Changes the settings of the screen in which the runtime software runs. The runtime software runs in full-screen mode as default. The Windows task switch is disabled. Use in the function list SetDisplayMode (Layout) Use in user-defined functions SetDisplayMode (Display mode) WinCC Advanced V14 System Manual, 10/2016 5859 Visualizing processes 12.8 Working with system functions and Runtime scripting Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Display mode Determines the settings for the screen in which the runtime software runs. 1 (hmiScreenFull): Full-screen: Title bar of the screen is not visible 2 (hmiScreenMaximized): Maximized 3 (hmiScreenRestore): Restore: The last used screen setting is used. This layout can only be used when the window is displayed minimized or maximized. 4 (hmiScreenMinimized): Minimized 5 (hmiScreenAutoAdjust): Automatic: The size of the window is set so that all screen objects in it will be visible. 6 (hmiScreenOnTop): Foreground; either the window appears in the foreground or the program icon associated with the window flashes on the taskbar depending on the Windows setting. The setting can be changed in the Windows configuration and applies to all Windows applications. See also Availability for specific devices of system functions (Page 5739) SetDeviceMode (Panels, RT Advanced) Description Toggles the operating mode on the HMI device. The following types of operation are possible: "Online", "Offline" and "Loading". Use in the function list SetDeviceMode (Operating mode) Use in user-defined functions SetDeviceMode (Operating_mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5860 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Operating mode Determines the operating mode of the HMI device: 0 (hmiOnline) = online: The connection to the PLC is established. The configured connection status is always set in this process. The states that were last used in Runtime are not considered. 1 (hmiOffline) = offline: The connection to the PLC is disconnected. 2 (hmiTransfer) = Load: A project can be transferred from the configuration computer to the HMI device. Note If you use a PC as an HMI device, the runtime software will be exited when you switch operating mode after "Load". See also SetConnectionMode (Page 5864) Availability for specific devices of system functions (Page 5739) SetScreenKeyboardMode (Panels, RT Advanced) Description Enables or disables the automatic display of the screen keyboard on the HMI device. This system function is also used to prevent the display of the screen keyboard, e.g. because an external keyboard is connected to the HMI device. Note To enable the "SetScreenKeyboardMode" ("SetScreenKeyboardMode") system function on an HMI other than a Touch Panel device, set the "Use on-screen keyboard" check box in the "Runtime settings" dialog of the device settings. Use in the function list SetScreenKeyboardMode (Mode) Use in user-defined functions SetScreenKeyboardMode (Mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5861 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Mode Determines whether the screen keyboard is hidden or shown: 0 (hmiOff) = Off: Screen keyboard is hidden 1 (hmiOn) = On: Screen keyboard is shown -1 (hmiToggle) = Toggle: Toggles between the two modes. See also Availability for specific devices of system functions (Page 5739) SetPLCDateTime (Panels, RT Advanced) Description Changes the data and the time of the linked PLC The system function "SetPLCDateTime" can only be configured for the following PLCs: SIMATIC S7-1200 SIMATIC S7-1500 Use in the function list SetPLCDateTime (connection, time) Use in user-defined functions - Parameters Connection Connection of PLC and HMI device. Time Transfers the date and the time of the HMI device to the PLC. The PLC applies the date and the time of the HMI device. 5862 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting SetPLCMode (Panels, RT Advanced) Description Switches the operating mode of the PLC to one of the following states: RUN STOP The system function "SetPLCMode" can only be configured for the following PLCs: SIMATIC S7-1200 SIMATIC S7-1500 Use in the function list SetPLCMode (connection, mode) Use in user-defined functions - Parameters Connection Connection of PLC and HMI device. Mode Specifies the operating mode of the PLC: 8: RUN = The controller is set to the RUN state. The control program is executed. 4: STOP = The controller is set to the STOP state. The PLC program is interrupted. See also SystemDiagnosticViewUpdatePLCBuffer (Page 5908) SetLanguage (Panels, RT Advanced) Description Toggles the language on the HMI device. All configured text and system events are displayed on the HMI device in the newly set language. Use in the function list SetLanguage (Language) WinCC Advanced V14 System Manual, 10/2016 5863 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions SetLanguage (Language) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Language Determines which language is set on the HMI device. The following specifications are possible: -1 (hmiToggle) = Toggle: Changes to the next language. The sequence is determined during configuration in the "Project languages" editor. Number you have defined under "Languages and fonts" in the "Runtime Settings" editor. Changes to the language with the given number. Language you have defined under "Languages and fonts" in the "Runtime Settings" editor. Language abbreviation in accordance with the VBScript5 reference: This changes to the language corresponding to the specified language code, e.g. "de-DE" for German (Germany) or "en-US" for English (United States). An overview of the language abbreviations is available in the basic information of VBScript under the topic "Area diagram-ID (LCID) Diagram". See also Availability for specific devices of system functions (Page 5739) SetConnectionMode (Panels, RT Advanced) Description Connects or disconnects the given connection. Note A connection to the PLC cannot be established until the "Online" operating mode has been set on the HMI device. Use the "SetDeviceMode" system function for this purpose. If the connection is loaded in "Offline" mode, the connection is closed again each time the mode switches to "Offline". To re-establish the connection after switching to "Online" mode, set the connection again to "Online" mode. Use in the function list SetConnectionMode (Mode, Connection) 5864 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions SetConnectionMode (Mode, Connection) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Mode Determines whether a connection to the PLC is established or disconnected: 0 (hmiOnline) = online: Connection is established. 1 (hmiOffline) = offline: Connection is disconnected. Connection The PLC to which the HMI device is connected. You specify the name of the PLC in the connection editor. Multiple use of the system function in a user-defined function If you use the "SetConnectionMode" system function for different connections, it may be possible that not all system functions are executed correctly. Proceed as follows to prevent this situation: 1. Create a "BOOL" type tag with the start value "0". 2. Configure the "SetConnectionMode" system function on the "Value change" event of the HMI tags. If you want to disconnect three connections, for example, you must configure the system function three times. 3. In the user-defined function, apply the "InvertBit" system function to the HMI tag. Application example Two typical application examples for this system function are as follows: Test As long as no PLC is connected to the HMI device, no error messages will be output during the test on the HMI device. If the HMI device is connected to a PLC, the connection to the PLC can be established by pressing a key. Commissioning Several PLCs are to be configured for a system. At first, all PLCs except one are configured "Offline". After commissioning of the first PLC, the connection to each of the other PLCs is established by pressing a key. In this way, the other PLCs are started up one after another. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5865 Visualizing processes 12.8 Working with system functions and Runtime scripting SetWebAccess (Panels, RT Advanced) Description Determines the access mode to the runtime application using the Internet. Use in the function list SetWebAccess (Access mode) Use in user-defined functions - Parameters Access mode Determines the access mode to the runtime application: -1 (hmiToggle) = Toggle: Toggles between the two modes. 0 (hmiReadOnly) = Read-only. 1 (hmiReadWrite) = Read-write. See also Availability for specific devices of system functions (Page 5739) ChangeConnection (Panels, RT Advanced) Description Disconnects the connection to the PLC currently in use and establishes a connection to a PLC with another address. The newly connected PLC must belong to the same device class (S7-300, S7-400, etc). Note When changing to another address, ensure that the address is not already being used by another HMI device. The follows address types are supported: IP address MPI address 5866 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting The follows PLC types are supported: SIMATIC S7 300/400 SIMATIC S7 1200 (device version up to V11) SIMATIC S7-NC SIMOTION Use in the function list ChangeConnection (Connection, Address, Slot, Rack) Use in user-defined functions ChangeConnection (Connection, Address, Slot, Rack) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Connection Name of the connection that is disconnected. The name is set during configuration, for example, in the "Connections" editor. Address MPI/PROFIBUS or IP address of the PLC to which the connection will be established. Note Set the address by means of a tag. The objects list displays the tags of all data types. Select only tags of the following data types: Ethernet connection: "String" data type MPI connection: "Int" data type Slot Slot of the PLC to which the connection will be established. Rack Rack of the PLC to which the connection will be established. Application example You want to operate one HMI device on several machines. Configure a controller in the project. When changing the PLC, the connection to the PLC in use is disconnected. Then the connection to the new PLC with other address parameters is reestablished. All tags in this connection are now updated from the new controller. WinCC Advanced V14 System Manual, 10/2016 5867 Visualizing processes 12.8 Working with system functions and Runtime scripting The PLC which you have indicated when creating the project will be used as default. 1. Enter the name and address of the PLC in the "Connections" editor. 2. Configure a button in the process screen. 3. Configure the "ChangeConnection" system function on the "Press" event. 4. Enter the name of the connection and address of the PLC as parameters. See also Availability for specific devices of system functions (Page 5739) ChangeConnectionEIP (Panels, RT Advanced) Description Terminates the connection to the Allan Bradley controller currently in use and establishes a connection to another Allan Bradley controller in Runtime. "EIP" stands for "Ethernet/IP". The newly connected controller must belong to the same device class (Allen Bradley). For the connection to be established, the CPU type of the controller to be connected must match the CPU type of the controller already connected, for example, both controllers have the CPU type "SLC/Micrologix PLC". Note When changing to another address, ensure that the address is not already being used by another HMI device. The follows address types are supported: IP address Use in the function list ChangeConnectionEIP (Connection, Address, Communication path) Use in user-defined functions ChangeConnectionEIP (Connection, Address, Communication Path) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Connection Name of the connection that is disconnected. The name is set during configuration, for example, in the "Connections" editor. 5868 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Address IP address of the controller to which the connection is being established. Note Set the address by means of a tag. The objects list displays the tags of all data types. Select only tags of the following data type "String". Note The stored IP address must consist of 4 decimal numbers with the value range 0 to 255. Communication path CIP path from the Ethernet module to the controller to which the connection is being established. You specify the communication path either with a String tag or an HMI tag of the "String" data type. Application example You want to operate one HMI device on several machines. To do so, you configure a PLC in the project. When changing the PLC, the connection to the PLC in use is disconnected. Then the connection to the new PLC with other address parameters is reestablished. All tags of this connection are now updated from the new PLC. 1. Enter the name and address of the PLC in the "Connections" editor. 2. Configure a button in the process screen. 3. Configure the "ChangeConnectionEIP" system function on the "Press" event. 4. Enter the name of the connection and address of the PLC as parameters. See also System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Runtime Advanced (Page 5780) Functions of the display (Panels, RT Advanced) AdjustContrast (Panels, RT Advanced) Description Changes the contrast of the display one level on the HMI device. WinCC Advanced V14 System Manual, 10/2016 5869 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list AdjustContrast (Adjust) Use in user-defined functions - Parameters Adjust Specifies how the contrast is changed: 0 (hmiDecrease) = Decrease: Decreases the contrast one level. 1 (hmiIncrease) = Increase: Increases the contrast one level. Application example Objective One button each for increasing and decreasing the screen contrast is desired. Notes on configuring Configure two buttons and configure the "AdjustContrast" system function on the "Press" event. The parameters "Increase" and "Decrease" are allocated. Procedure on HMI device When one of the two buttons is pressed in runtime, the contrast is increased or decreased one level. See also Logoff (Page 5831) Availability for specific devices of system functions (Page 5739) CalibrateTouchScreen (Panels, RT Advanced) Description Calls a program for calibrating the touch screen. During the calibration process, there is a prompt to touch five positions on the screen display. Touch the screen display within 30 seconds, to confirm the calibration process. If the calibration is not completed within this time span, the calibration settings are discarded. The user prompt is in English. Use this system function the first time you start the HMI device. 5870 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list CalibrateTouchScreen Use in user-defined functions CalibrateTouchScreen Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -Note The CalibrateTouchScreen system function cannot be simulated. See also Availability for specific devices of system functions (Page 5739) SetAcousticSignal (Panels, RT Advanced) Description Configures the acoustic feedback of touch screen operation on the HMI device. Note The configuration that was set at Switch off is reestablished when restarting the HMI device. Use in the function list SetAcousticSignal (Volume) Use in user-defined functions SetAcousticSignal (Volume) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5871 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Volume Determines whether and how loud an acoustic signal is emitted: -1 (hmiToggle) = Toggle: Toggles the emission of the acoustic signal as follows: Muted > Quiet > Loud. 0 (hmiMuted) = Mute: no acoustic signal 1 (hmiQuiet) = Quiet: quiet acoustic signal 2 (hmiLoud) = Loud: loud acoustic signal See also Availability for specific devices of system functions (Page 5739) SetBrightness (Panels, RT Advanced) Description Determines the brightness of the display. Note The configuration that is set in the Control Panel / Start Center will be reestablished when you restart the HMI device. For Basic Panels 2nd Generation, Mobile Panels and Comfort Panels: The value for the system function "SetBrightness" can be set between 0% and 100%. The set value is transferred to the HMI device. The brightness settings on the HMI device can be viewed and edited in "Start Center > Settings > Display". The HMI devices support a brightness setting between 10% and 100%. If the system function "SetBrightness" is assigned a value of 0%, the display of the HMI device is switched off by default in Runtime. If the operator touches the display, the display switches to the previous brightness setting. If the system function "SetBrightness" is assigned a value between 1% and 10% and the operator opens the display settings in the Start Center, brightness is reset to 10%. Use in the function list SetBrightness (value) Use in user-defined functions SetBrightness (Value) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5872 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameter Value New value for the brightness. See also Availability for specific devices of system functions (Page 5739) SetAndGetBrightness (Panels, RT Advanced) Description Determines the brightness of the MP 377 Touch daylight readable display. The brightness value can be interpreted as absolute or relative to the current value. Note The configuration that is set in the Control Panel will be reestablished when you restart the HMI device. Use in the function list SetAndGetBrightness (Brightness, Mode, Current value) Use in user-defined functions SetAndGetBrightness (Brightness, Mode, Actual brightness) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Brightness New value for the brightness. Mode Specifies if the new brightness value is set as absolute or relative to the current value. Current value Tag in which the current brightness value is stored. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5873 Visualizing processes 12.8 Working with system functions and Runtime scripting SetBacklightColor (Panels, RT Advanced) Description Defines the background lighting of the button. Note The configuration that was set at Switch off is reestablished when restarting the HMI device. Use in the function list SetBacklightColor (Value) Use in user-defined functions - Parameters Value Defines the background lighting of the button: 0 (hmiWhite) = White: No color 1 (hmiGreen) = Green: Green color 2 (hmiYellow) = Yellow: Yellow color 3 (hmiRed) = Red: Red color See also Availability for specific devices of system functions (Page 5739) GetBrightness (Panels, RT Advanced) Description Reads the value of the brightness. Use in the function list GetBrightness (Brightness) 5874 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions GetBrightness (Brightness) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Brightness The tag to which the value is written. See also Availability for specific devices of system functions (Page 5739) Functions of the HTML browser (Panels, RT Advanced) HTMLBrowserStop (Panels, RT Advanced) Description Performs the function "Stop" the HTML browser. Use in the function list HTMLBrowserStop (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is performed. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5875 Visualizing processes 12.8 Working with system functions and Runtime scripting HTMLBrowserScrollDown (Panels, RT Advanced) Description Scrolls down in the HTML browser. Use in the function list HTMLBrowserScrollDown (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserRefresh (Panels, RT Advanced) Description Performs the function "Refresh" of the HTML browser. Use in the function list HTMLBrowserRefresh (Screen object) Use in user-defined functions - 5876 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Object name of the HTML browser in which the command is performed. See also Availability for specific devices of system functions (Page 5739) HTMLBrowserScrollUp (Panels, RT Advanced) Description Scrolls up in the HTML browser. Use in the function list HTMLBrowserScrollUp (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) HTMLBrowserZoomIn (Panels, RT Advanced) Description Zooms in one zoom level in the HTML browser display. Use in the function list HTMLBrowserZooomIn (Screen object) WinCC Advanced V14 System Manual, 10/2016 5877 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserZoomOut (Panels, RT Advanced) Description Zooms out one zoom level in the HTML browser display. Use in the function list HTMLBrowserZoomOut (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) 5878 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting HTMLBrowserScrollLeft (Panels, RT Advanced) Description Scrolls left in the HTML browser. Use in the function list HTMLBrowserScrollLeft (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserScrollRight (Panels, RT Advanced) Description Scrolls right in the HTML browser. Use in the function list HTMLBrowserScrollRight (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5879 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserPageUp (Panels, RT Advanced) Description Results in a page-by-page, upward cursor movement in the HTML browser. Use in the function list HTMLBrowserPageUp (screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) 5880 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting HTMLBrowserPageDown (Panels, RT Advanced) Description Results in a page-by-page, downward cursor movement in the HTML browser. Use in the function list HTMLBrowserPageDown (screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserHome (Panels, RT Advanced) Description Switches to the start page stored for the HTML browser. Use in the function list HTMLBrowserHome (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5881 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Object name of the HTML browser in which the command is executed. See also System functions for Runtime Advanced (Page 5780) System functions for Comfort Panels (Page 5763) System functions for Mobile Panels (Page 5771) System functions for Basic Panels 2nd Generation (Page 5745) Availability for specific devices of system functions (Page 5739) HTMLBrowserForward (Panels, RT Advanced) Description Performs the function "Forward" of the HTML browser. Use in the function list HTMLBrowserForward (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is performed. See also System functions for Comfort Panels (Page 5763) Availability for specific devices of system functions (Page 5739) HTMLBrowserBack (Panels, RT Advanced) Description Performs the "Back" function of the HTML browser. 5882 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list HTMLBrowserBack (Screen object) Use in user-defined functions - Parameters Screen object Object name of the HTML browser in which the command is performed. See also Availability for specific devices of system functions (Page 5739) Functions of the trend view (Panels, RT Advanced) TrendViewScrollForward (Panels, RT Advanced) Description Scrolls forward one display width in the Trend view. Use in the function list TrendViewScrollForward (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which is scrolled forward. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5883 Visualizing processes 12.8 Working with system functions and Runtime scripting TrendViewScrollBack (Panels, RT Advanced) Description Scrolls back one display width in the trend view. Use in the function list TrendViewScrollBack (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which is scrolled back. See also Availability for specific devices of system functions (Page 5739) TrendViewExtend (Panels, RT Advanced) Description Reduces the time period which is displayed in the trend view. Use in the function list TrendViewExtend (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which the displayed time period is reduced. See also Availability for specific devices of system functions (Page 5739) 5884 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting TrendViewCompress (Panels, RT Advanced) Description Increases the time period which is displayed in the trend view. Use in the function list TrendViewCompress (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which the displayed time period is increased. See also Availability for specific devices of system functions (Page 5739) TrendViewRulerLeft (Panels, RT Advanced) Description Moves the read-line backwards (to the left) in the trend view. Note In order to be able to move the read-line, the read-line must have been switched on. This is done using the "TrendViewSetRulerMode" system function. Use in the function list TrendViewRulerLeft (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5885 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the trend view in which the read-line is moved backwards. See also TrendViewSetRulerMode (Page 5887) Availability for specific devices of system functions (Page 5739) TrendViewRulerRight (Panels, RT Advanced) Description Moves the read-line forwards (to the right) in the trend view. Note In order to be able to move the read-line, the read-line must have been switched on. This is done using the "TrendViewSetRulerMode" system function. Use in the function list TrendViewRulerRight (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which the read-line is moved forward. See also TrendViewSetRulerMode (Page 5887) Availability for specific devices of system functions (Page 5739) 5886 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting TrendViewSetRulerMode (Panels, RT Advanced) Description Hides or shows the read-line in the trend view. The read-line displays the Y value belonging to the X value. Note To ensure that the ruler is displayed, you have to activate the setting "Show ruler" in the trend view properties. Use in the function list TrendViewSetRulerMode (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which the read-line is hidden or shown. See also TrendViewRulerRight (Page 5886) TrendViewRulerLeft (Page 5885) Availability for specific devices of system functions (Page 5739) TrendViewStartStop (Panels, RT Advanced) Description Stops the trend recording or continues the trend recording in the trend view. Use in the function list TrendViewStartStop (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5887 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the trend view in which the recording of the trend is started or stopped. See also Availability for specific devices of system functions (Page 5739) TrendViewBackToBeginning (Panels, RT Advanced) Description Scrolls back to the beginning of the display range in the trend view. Use in the function list TrendViewBackToBeginning (Screen object) Use in user-defined functions - Parameters Screen object Name of the trend view in which you scroll to the beginning of the display range. See also Availability for specific devices of system functions (Page 5739) Functions of the PDF view (Panels, RT Advanced) PDFScrollDown (Panels, RT Advanced) Description Scrolls down in the PDF file in the PDF view. Use in the function list PDFScrollDown (Screen object) 5888 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFScrollUp (Panels, RT Advanced) Description Scrolls up in the PDF file in the PDF view. Use in the function list PDFScrollUp (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5889 Visualizing processes 12.8 Working with system functions and Runtime scripting PDFFitToWidth (Panels, RT Advanced) Description Fits the display of the PDF file to the height of the PDF view window. Use in the function list PDFFitToWidth (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFFitToHeight (Panels, RT Advanced) Description Fits the display of the PDF file to the height of the PDF view window. Use in the function list PDFFitToHeight (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. 5890 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFGotoFirstPage (Panels, RT Advanced) Description Switches to the first page of the PDF file in the PDF view. Use in the function list PDFGotoFirstPage (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFGotoLastPage (Panels, RT Advanced) Description Switches to the last page of the PDF file in the PDF view. Use in the function list PDFGotoLastPage (Screen object) WinCC Advanced V14 System Manual, 10/2016 5891 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFGotoNextPage (Panels, RT Advanced) Description Switches to the next page of the PDF file in the PDF view. Use in the function list PDFGotoNextPage (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) 5892 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting PDFGotoPage (Panels, RT Advanced) Description Switches to the entered page of the PDF file in the PDF view. Use in the function list PDFGotoPage (Screen object, Page ) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. Page Page in the PDF document that is displayed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFGotoPreviousPage (Panels, RT Advanced) Description Switches to the previous page of the PDF file in the PDF view. Use in the function list PDFGotoPreviousPage (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5893 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFZoomIn (Panels, RT Advanced) Description Zooms in one zoom level in the display of the PDF file in the PDF view. Use in the function list PDFZoomIn (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFZoomOut (Panels, RT Advanced) Description Zooms out one zoom level in the display of the PDF file in the PDF view. 5894 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list PDFZoomOut (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFScrollLeft (Panels, RT Advanced) Description Scrolls to the left in the PDF file in the PDF view. Use in the function list PDFScrollLeft (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) WinCC Advanced V14 System Manual, 10/2016 5895 Visualizing processes 12.8 Working with system functions and Runtime scripting System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFScrollRight (Panels, RT Advanced) Description Scrolls to the right in the PDF file in the PDF view. Use in the function list PDFScrollRight (Screen object) Use in user-defined functions - Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) PDFZoomOriginal (Panels, RT Advanced) Description Switches the display of the PDF file in the PDF view to the original size. Use in the function list PDFZoomOriginal (Screen object) Use in user-defined functions - 5896 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the PDF view in which the command is executed. See also System functions for Mobile Panels (Page 5771) System functions for Comfort Panels (Page 5763) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) Functions of the PLC code view (Panels, RT Advanced) ActivatePLCCodeViewer (Panels, RT Advanced) Description Performs a screen change to the given screen with the PLC code view. The PLC code view shows the program code of the relevant network. You configure the ActivatePLCCodeView system function at the "Click PLC code view button" event of a GRAPH overview or at an event of a button. Screen change from the GRAPH overview You configure the system function at the "Click PLC code view button" event in a GRAPH overview to display the GRAPH step sequencer in the PLC code view. If no error is pending, the sequence of the GRAPH step sequencer is displayed. If an error occurs, the faulty step is displayed in the PLC code view after jump of the faulty step. If multiple errors have occurred, the first faulty step of the sequencer is displayed after the jump. If you have corrected the error, the next faulty step is automatically displayed in the view. In the detail view, the transition or the interlock is displayed depending on the type of error. Screen change from an alarm You configure the system function at an event of a button. When the button is pressed in Runtime, the system function checks whether the alarm selected last in the configured alarm view is a supervision alarm or a GRAPH alarm. If a jump is possible for this alarm, the configured PLC code view is opened with the corresponding program code. The jump from an alarm in the alarm view to the PLC code view is made possible for the following supervision alarms: With global supervisions, only for interlock supervisions (Interlock) With local supervisions, for all basic supervisions at input parameters You can find more information on supervisions in the section "Programming PLC > Supervising machinery and plants with ProDiag". WinCC Advanced V14 System Manual, 10/2016 5897 Visualizing processes 12.8 Working with system functions and Runtime scripting The jump to the PLC code view is possible for all GRAPH alarms. After the jump, the GRAPH sequencer and the faulty step are displayed in the PLC code view. The jump in connection with the alarm buffer or the alarm log is not supported. Use in the function list ActivatePLCCodeView(Screen name, Screen object) Use in user-defined functions ActivatePLCCodeView (Screen_name, Object_name) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Note Use of the system function "ActivatePLCCodeView" in a VB script has no effect at a GRAPH overview. Parameters Screen name Name of the screen that contains the PLC code view. Note Screen change to a pop-up screen or a slide-in screen is not supported. Screen object Object name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewMoveScrollBar (Panels, RT Advanced) Description Moves the scroll bar in the PLC code view. This system function provides you with the option of accessing up to six scroll bars in specific drawing areas. 5898 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list PLCCodeViewMoveScrollBar (Screen object, Area, Direction) Use in user-defined functions - Parameters Screen object Name of the PLC code view. Area Area in which the scroll bar is moved: Drawing area Symbol table Detail view Direction Direction in which the scroll bar is moved Left Right Top Bottom See also Availability for specific devices of system functions (Page 5739) PLCCodeViewDetails (Panels, RT Advanced) Description Shows the detail view in the selected PLC code view. Use in the function list PLCCodeViewDetails (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5899 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewNextNetwork (Panels, RT Advanced) Description Navigates to the next network in the PLC code view. Use in the function list PLCCodeViewNextNetwork (Screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewShowStepMode (Panels, RT Advanced) Description Switches between manual and automatic step selection of the active step in the PLC Code View. Use in the function list PLCCodeViewShowStepMode (screen object) 5900 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewSymbols (Panels, RT Advanced) Description Displays the detail view in the select PLC code view Use in the function list PLCCodeViewSymbols (Screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewTransitionInterlock (Panels, RT Advanced) Description Toggles between the display of transition and interlock networks in the PLC code view. WinCC Advanced V14 System Manual, 10/2016 5901 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list PLCCodeViewTransitionInterlock (Screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewZoomIn (Panels, RT Advanced) Description Zooms in the view of the network in the network area of the PLC Code View. Use in the function list PLCCodeViewZoomIn (screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code view. See also Availability for specific devices of system functions (Page 5739) 5902 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting PLCCodeViewZoomOut (Panels, RT Advanced) Description Zooms out the view of the network in the network area of the PLC code view. Use in the function list PLCCodeViewZoomOut (screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code viewer. See also Availability for specific devices of system functions (Page 5739) PLCCodeViewPreviousNetwork (Panels, RT Advanced) Description Navigates to the previous network in the PLC code view. Use in the function list PLCCodeViewPreviousNetwork (Screen object) Use in user-defined functions - Parameters Screen object Name of the PLC code view. WinCC Advanced V14 System Manual, 10/2016 5903 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) Functions of the SmartClient display (Panels, RT Advanced) SmartClientViewRefresh (Panels, RT Advanced) Description Updates the contents displayed in the Sm@rtClient view. Use in the function list SmartClientViewRefresh (Screen object) Use in user-defined functions - Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) SmartClientViewReadOnlyOff (Panels, RT Advanced) Description Sets read-only access to "Off" in the Sm@rtClient view. This setting allows a distant HMI device to be operated. The "SmartClientViewReadOnlyOn" system function is used to switch read-only access on again. Use in the function list SmartClientViewReadOnlyOff (Screen object) Use in user-defined functions - 5904 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) SmartClientViewReadOnlyOn (Panels, RT Advanced) Description Sets read-only access to "On" in the Sm@rtClient view. This setting allows a distant HMI device to be monitored only. The "SmartClientViewReadOnlyOff" system function is used to switch read-only access off again. Use in the function list SmartClientViewReadOnlyOn (Screen object) Use in user-defined functions - Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) SmartClientViewDisconnect (Panels, RT Advanced) Description Executes the "Disconnect" command in the Sm@rtClient view. This system function is used when the integrated button of the screen object should not be used. WinCC Advanced V14 System Manual, 10/2016 5905 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list SmartClientViewDisconnect (Screen object) Use in user-defined functions - Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) SmartClientViewConnect (Panels, RT Advanced) Description Executes the "Connect" command in the Sm@rtClient view. This system function is used when the integrated button of the screen object should not be used. The Sm@rtClient view establishes a connection with the configured HMI device. Use in the function list SmartClientViewConnect (Screen object) Use in user-defined functions - Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) 5906 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting SmartClientViewLeave (Panels, RT Advanced) Description Exits the Sm@rtClient view and returns to operation of the HMI device. The connection to the HMI device configured in the smart client view is retained. Use in the function list SmartClientViewLeave (Screen object) Use in user-defined functions - Parameters Screen object Name of the Sm@rtClient view in which the command is triggered. See also Availability for specific devices of system functions (Page 5739) Functions of the System Diagnostics view (Panels, RT Advanced) ActivateSystemDiagnosticsView (Panels, RT Advanced) Description Activates the system diagnostics view. The system diagnostics view shows the detail view of the device concerned. Use in the function list ActivateSystemDiagnosticsView (Screen name, Screen object) Use in user-defined functions ActivateSystemDiagnosticsView (Screen_name, Object_name) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". WinCC Advanced V14 System Manual, 10/2016 5907 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen name Name of the screen contained in the system diagnostics view. Screen object Object name of the system diagnostics view. See also Availability for specific devices of system functions (Page 5739) SystemDiagnosticViewUpdatePLCBuffer (Panels, RT Advanced) Description Refreshes the data from the diagnostics buffer of the PLC in the system diagnostics view. Use in the function list SystemDiagnosticViewUpdatePLCBuffer (screen object) Use in user-defined functions - Parameters Screen object Name of the system diagnostics view. See also Availability for specific devices of system functions (Page 5739) SystemDiagnosticViewDetailView (Panels, RT Advanced) Description The detail view returns detailed information about the selected connection and errors pending. Use in the function list SystemDiagnosticViewDetailView (screen object) 5908 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the system diagnostics view that is switched to the detail view. See also Availability for specific devices of system functions (Page 5739) SystemDiagnosticViewDiagnosticBuffer (Panels, RT Advanced) Description Opens a view in a system diagnostics for displaying the current data of the diagnostics buffer. Use in the function list SystemDiagnosticViewDiagnosticBuffer (screen object) Use in user-defined functions - Parameters Screen object Name of the system diagnostics view that is switched to the detail view. See also Availability for specific devices of system functions (Page 5739) SystemDiagnosticViewDeviceView (Panels, RT Advanced) Description Opens a view in a system diagnostics for displaying all available connections. Use in the function list SystemDiagnosticViewDeviceView (screen object) WinCC Advanced V14 System Manual, 10/2016 5909 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the system diagnostics view. See also Availability for specific devices of system functions (Page 5739) SystemDiagnosticViewBack (Panels, RT Advanced) Description Changes in a system diagnostics to the higher-level view. The function opens the device view if the diagnostics buffer view is set in the system diagnostics view. The function opens the diagnostics buffer view if the detail view is displayed in the system diagnostics view. Use in the function list SystemDiagnosticViewBack (screen object) Use in user-defined functions - Parameters Screen object Name of the system diagnostics view. See also Availability for specific devices of system functions (Page 5739) 5910 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting ShowSystemDiagnosticsWindow (Panels) Description Hides or shows the system diagnostic window on the HMI device. The system diagnostic view is only available in the global screen for Comfort Panels and for WinCC Runtime Advanced. Use in the function list ShowSystemDiagnosticsWindow (Screen object) Use in user-defined functions ShowSystemDiagnosticsWindow (Target_Object_name) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Screen object Name of the system diagnostic window which is hidden or shown. See also Availability for specific devices of system functions (Page 5739) Functions for WinAC MP (Panels, RT Advanced) WinACMPUpdateControllerForStartAtBoot (Panels) Description Reads whether WinAC MP is automatically started after startup of the HMI device. The LED display of the "StartAtBoot" button is updated. Use in the function list WinACMPUpdateControllerForStartAtBoot(Start at boot, Action) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5911 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Start at boot The tag that contains the value. Action Determines whether the display is updated: 0 (SwitchOff) = Off: LED display is gray. WinAC MP is not started on startup of the HMI device. 1 (SwitchOn) = On: LED display has the color "cyan". WinAC MP is started automatically on startup of the HMI device. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateKeySwitchSetting (Panels) Description Updates the status display of the position of the mode selector switch. Use in the function list WinACMPUpdateKeySwitchSetting (Key switch, Action) Use in user-defined functions - 5912 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Key switch The tag that contains the value of the key switch: 0 (MRES) = MRES: PLC memory reset 1 (STOP) = STOP: STOP mode 3 (RUN) = RUN: RUN mode Action Determines whether the status display will be updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateBUSF1LED (Panels) Description Updates the status display of the BUSF1 LED tag. Use in the function list WinACMPUpdateBUSF1LED(BUSF1, Action) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5913 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters BUSF1 The tag that contains the value of the status display. 0 = Off 1 = Slow flashing 2 = Quick flashing 3 = On Action Defines whether the status display of the BUSF1 LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateBUSF2LED (Panels) Description Updates the status display of the BUSF2 LED tag. Use in the function list WinACMPUpdateBUSF2LED(BUSF2, Action) 5914 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters BUSF2 The tag that contains the value of the status display. 0 = Off 1 = Slow flashing 2 = Quick flashing 3 = On Action Defines whether the status display of the BUSF2 LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateAverageExecTime (Panels) Description Updates the display of the average OB 1 execution time. The OB 1 execution time will be displayed in milliseconds. WinCC Advanced V14 System Manual, 10/2016 5915 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list WinACMPUpdateAverageExecTime(Cycle time, Action) Use in user-defined functions - Parameters Cycle time Tag that contains the value of the average OB 1 execution time. Action Determines whether the display is updated: 0 (SwitchOff) = Off: Display is not updated. 1 (SwitchOn) = On: Display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateAverageCycleTime (Panels) Description Updates the display of the average cycle time. The cycle time is displayed in milliseconds. Use in the function list WinACMPUpdateAverageCycleTime(Cycle time, Action) 5916 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Cycle time The tag that contains the value of the average cycle time. Action Determines whether the display is updated: 0 (SwitchOff) = Off: Display is not updated. 1 (SwitchOn) = On: Display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateEXTFLED (Panels) Description Updates the status display of the EXTF LED tag. Use in the function list WinACMPUpdateEXTFLED(EXTF, Action) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5917 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters EXTF The tag that contains the value of the status display. 0 = Off 1 = Slow flashing 2 = Quick flashing 3 = On Action Defines whether the status display of the EXTF LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateHMIEnableTime (Panels) Description Updates the value of the HMI Enable Time from WinAC MP (in ms). Use in the function list WinACMPUpdateHMIEnableTime(HMI Enable time, Action) 5918 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters HMI Enable time The tag that contains the value of the HMI Enable Time. Action Determines whether the value is updated: 0 (SwitchOff) = Off: Value is not updated. 1 (SwitchOn) = On: Value is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateINTFLED (Panels) Description Updates the status display of the INTF LED tag. Use in the function list WinACMPUpdateINTFLED(INTF, Action) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5919 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters INTF The tag that contains the value of the status display. 0 = Off 1 = Slow flashing 2 = Quick flashing 3 = On Action Defines whether the status display of the INTF LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateLastCycleTime (Panels) Description Updates the display of the last cycle time. The cycle time is displayed in milliseconds. Use in the function list WinACMPUpdateLastCycleTime (Cycle time , Action) 5920 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Cycle time The tag that contains the value of the last cycle time. Action Determines whether the display is updated: 0 (SwitchOff) = Off: Display is not updated. 1 (SwitchOn) = On: Display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateMaximumCycleTime (Panels) Description Updates the display of the longest cycle time. The cycle time is displayed in milliseconds. Use in the function list WinACMPUpdateMaximumCycleTime(Cycle time, Action) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5921 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Cycle time The tag that contains the value of the longest cycle time. Action Determines whether the display is updated: 0 (SwitchOff) = Off: Display is not updated. 1 (SwitchOn) = On: Display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. WinACMPUpdateMinimumCycleTime (Panels) Description Updates the display of the shortest cycle time. The cycle time is displayed in milliseconds. Use in the function list WinACMPUpdateMinimumCycleTime (Cycle Time, Action) Use in user-defined functions - Parameters Cycle time The tag that contains the value of the shortest cycle time. 5922 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Action Determines whether the display is updated: 0 (SwitchOff) = Off: The display is not updated. 1 (SwitchOn) = On: The display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdatePowerLED (Panels) Description Updates the status display ON/OFF of the Power LED tag. Use in the function list WinACMPUpdatePowerLED (Power, Action) Use in user-defined functions - Parameters Power The tag that contains the value of the status display. 0 = Off 1 = Slow flashing WinCC Advanced V14 System Manual, 10/2016 5923 Visualizing processes 12.8 Working with system functions and Runtime scripting 2 = Quick flashing 3 = On Action Determines whether the status display ON/OFF is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateSleepTime (Panels) Description Updates the value of the HMI Enable Time from WinAC MP (in ms). Use in the function list WinACMPUpdateSleepTime(SleepTime, Action) Use in user-defined functions - Parameters SleepTime The tag that contains the value. 5924 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Action Determines whether the value is updated: 0 (SwitchOff) = Off: Value is not updated. 1 (SwitchOn) = On: Value is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateRUNLED (Panels) Description Updates the status display of the RUN LED tag. Use in the function list WinACMPUpdateRUNLED(RUN, Action) Use in user-defined functions - Parameters RUN The tag that contains the value of the status display. 0 = Off 1 = Slow flashing WinCC Advanced V14 System Manual, 10/2016 5925 Visualizing processes 12.8 Working with system functions and Runtime scripting 2 = Quick flashing 3 = On Action Defines whether the status display of the RUN LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPUpdateSTOPLED (Panels) Description Updates the status display of the STOP LED tag. Use in the function list WinACMPUpdateSTOPLED (STOP, Action) Use in user-defined functions - Parameters STOP The tag that contains the value of the status display. 5926 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 0 = Off 1 = Slow flashing 2 = Quick flashing 3 = On Action Defines whether the status display of the STOP LED tag is updated: 0 (SwitchOff) = Off: Status display is not updated. 1 (SwitchOn) = On: Status display is updated. Notes on configuring You configure this system function on the "Loaded" event or on the "Cleared" event of a screen. Note the following during configuration: System function on the "Loaded" event Set the "Update" parameter to "On". System function on the "Cleared" event Set the "Update" parameter to "Off". If you call the system function repeatedly in a screen, always use the same tag. Otherwise, only the last activated tag will be updated. If you want to configure all system functions with the prefix "WinACMPUpdate" in a screen, each system function is only permitted once per screen. See also Availability for specific devices of system functions (Page 5739) WinACMPArchive (Panels) Description Saves the current STEP 7 user program, the current system configuration and the current values of the DBs in a log file. Use in the function list WinACMPArchive (File name) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5927 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters File name Name of the log file in which the data is saved. Enter the file location and the file extension (*.wld), for example, "\flash\AddOn\WinACMP\Default.wld ". See also Availability for specific devices of system functions (Page 5739) WinACMPGetStartMode (Panels) Description Reads in the 'desired' operating state after startup of the HMI device of WinAC MP. Use in the function list WinACMPGetStartMode (Start mode, Action) Use in user-defined functions - Parameters Start mode The tag that defines the value of the operating mode. Action Determines whether the operating mode is read out: 0 (SwitchOff) = Off: Operating mode is not read out. 1 (SwitchOn) = On: Operating mode is read out. See also Availability for specific devices of system functions (Page 5739) WinACMPGetVersion (Panels) Description Reads out the value of the version number of WinAC MP. 5928 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list WinACMPGetVersion (Version, Action) Use in user-defined functions WinACMPGetVersion (Version, Action) Can be used if the configured device supports user-defined functions. For more information, refer to AUTOHOTSPOT. Parameters Version The tag that contains the value. Action Determines whether the version number is read out: 0 (SwitchOff) = Off: Version number is not read out. 1 (SwitchOn) = On: Version number is read out. See also Availability for specific devices of system functions (Page 5739) WinACMPClearCycleTimeBuffer (Panels) Description Clears the cycle time data of the histogram. Use in the function list WinACMPClearCycleTimeBuffer Use in user-defined functions - Parameters -- See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5929 Visualizing processes 12.8 Working with system functions and Runtime scripting WinACMPSetStartAtBoot (Panels) Description Determines whether or not WinAC MP is started automatically after startup of the HMI device. Use in the function list WinACMPSetStartAtBoot (Start at boot) Use in user-defined functions WinACMPSetStartAtBoot (Start at boot) Can be used if the configured device supports user-defined functions. For more information, refer to AUTOHOTSPOT. Parameters Start at boot Specifies whether WinAC MP is started automatically. 0 (StartAtBootOff) = Off: WinAC MP is not started on startup of the HMI device. 1 (StartAtBootOn) = On: WinAC MP is started automatically on startup of the HMI device. See also Availability for specific devices of system functions (Page 5739) WinACMPSetKeySwitch (Panels) Description Sets the mode selector switch to RUN or STOP and is also used for memory reset. Use in the function list WinACMPSetKeySwitch(Key switch) Use in user-defined functions - 5930 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Key switch Defines the position of the key switch: 0 (MRES) = MRES: PLC memory reset 1 (STOP) = STOP: STOP mode 3 (RUN) = RUN: RUN mode See also Availability for specific devices of system functions (Page 5739) WinACMPSetHMIEnableTime (Panels) Description Sets the value of the HMI Enable Time. Use in the function list WinACMPSetHMIEnableTime(HMI Enable time) Use in user-defined functions - Parameters HMI Enable time The tag that contains the value. See also Availability for specific devices of system functions (Page 5739) WinACMPSetResetMethod (Panels) Description Sets the restart method, either cold restart (CRST) or warm restart (WRST). Use in the function list WinACMPSetRestartMethod (Restart behavior) WinCC Advanced V14 System Manual, 10/2016 5931 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Restart characteristics Defines the restart action: 0 (WarmRestart) = Warm restart: A warm restart is performed. 1 (ColdRestart) = Cold restart: A cold restart is performed. See also Availability for specific devices of system functions (Page 5739) WinACMPSetSleepTime (Panels) Description Sets the value of the HMI Execution Time of WinAC MP. Use in the function list WinACMPSetSleeptime (SleepTime) Use in user-defined functions - Parameters Sleep time The tag that contains the value. See also Availability for specific devices of system functions (Page 5739) WinACMPSetStartMode (Panels) Description Sets the operating mode of WinAC MP after startup of the HMI device. 5932 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list WinACMPSetStartMode (Start mode) Use in user-defined functions WinACSetStartMode (Autostart) Can be used if the configured device supports user-defined functions. For more information, refer to AUTOHOTSPOT. Parameters Start mode Defines whether the Autostart function of WinAC MP is activated. 0 (AutoStartOff) = Off: After startup, WinAC MP remains in the STOP operating mode. 1 (AutoStartOn) = On: After startup, WinAC MP changes to the operating mode it was in before it was closed. See also Availability for specific devices of system functions (Page 5739) WinACMPStartHistogram (Panels) Description Starts the cyclic sending of histogram values and updates the display. The histogram shows the percentual distribution of the measured cycle times. Use in the function list WinACMPStartHistogram (Update, Percentage, Cycle time, Y axis, ID) Use in user-defined functions - Parameters Action Defines whether WinAC returns histogram values: 0 (SwitchOff) = Off: The cyclic sending of the histogram values is not started. The display is not updated. WinCC Advanced V14 System Manual, 10/2016 5933 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 (SwitchOn) = On: The cyclic sending of the histogram values is started. The display is updated. Percent Percentage of the cycles which are performed during the recorded cycle times. Cycle time Histogram of cycle times. Y-axis bounds Maximum value of Y axis ID Histogram ID See also Availability for specific devices of system functions (Page 5739) WinACMPControl (Panels) Description Starts or stops WinAC MP. Use in the function list WinACMPControl (WinAC) Use in user-defined functions - Parameters WinAC Determines whether WinAC MP is started or stopped. 0 (ShutdownWinACMP) = Stop: WinAC MP is stopped. 1 (StartWinACMP) = Start: WinAC MP is started. See also Availability for specific devices of system functions (Page 5739) 5934 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting WinACMPStopHistogram (Panels) Description Stops the cyclic sending of histogram data and deletes the history data. Use in the function list WinACMPStopHistogram (ID) Use in user-defined functions - Parameters ID Histogram ID See also Availability for specific devices of system functions (Page 5739) WinACMPRestore (Panels) Description Loads the STEP 7 user program, the system configuration and the DBs from a log file. Use in the function list WinACMPRestore (File name) Use in user-defined functions - Parameters File name Name of the log file in which the data is saved. Enter the file location and the log file, for example, ""\flash\AddOn\WinACMP\Default.wld ". WinCC Advanced V14 System Manual, 10/2016 5935 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) Alarms (Panels, RT Advanced) EditAlarm (Panels, RT Advanced) Description Triggers the "Edit" event for the selected alarm or, with multiple selection, the last selected alarm. If the alarms to be edited have not yet been acknowledged, the acknowledgment takes place automatically when this system function is called up. This system function can only be used for function keys. Use in the function list EditAlarm Use in user-defined functions EditAlarm Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) ClearAlarmBuffer (Panels, RT Advanced) Description Deletes alarms from the alarm buffer on the HMI device. Note Alarms which have not yet been acknowledged are also deleted. 5936 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ClearAlarmBuffer (Alarm class number) Use in user-defined functions ClearAlarmBuffer (Alarm_class_number) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Alarm class number Determines which alarms are to be deleted from the alarm buffer: 0 (hmiAll) = All alarms 1 (hmiAlarms) = Alarms of alarm class "Error" 2 (hmiEvents) = Alarms of alarm class "Warning" 3 (hmiSystem) = Alarms of alarm class "System event" 4 (hmiS7Diagnosis) = Alarms of alarm class "S7 diagnostic alarm" Note Device dependency Alarms of alarm class "Diagnosis Events" are not available on Basic Panels. See also Availability for specific devices of system functions (Page 5739) ClearAlarmBufferProTool (Panels, RT Advanced) Description The system function exists to ensure compatibility. It has the same functionality as the "ClearAlarmBuffer" system function, but uses the old ProTool numbering. Use in the function list ClearAlarmBufferProTool (Alarm class number) WinCC Advanced V14 System Manual, 10/2016 5937 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions ClearAlarmBufferProtoolLegacy (Alarm_class_number) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Alarm class number Alarm class number whose messages are to be deleted: -1 (hmiAllProtoolLegacy) = All alarms/events 0 (hmiAlarmsProtoolLegacy) = Alarms of alarm class "Errors" 1 (hmiEventsProtoolLegacy) = Alarms of alarm class "Warnings" 2 (hmiSystemProtoolLegacy) = Alarms of alarm class "System" 3 (hmiS7DiagnosisProtoolLegacy) = Alarms of alarm class "Diagnosis Events" Note Device dependency Alarms of alarm class "Diagnosis Events" are not available on Basic Panels. See also Availability for specific devices of system functions (Page 5739) AlarmViewUpdate (Panels, RT Advanced) Description Updates the enhanced alarm view. Use in the function list AlarmViewUpdate (Screen object) Use in user-defined functions - Parameters Screen object Name of the alarm view which is updated. 5938 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) AlarmViewLoopInAlarm (Panels, RT Advanced) Description Triggers the "Loop-in-Alarm" event for all alarms selected in the given alarm view. This system function is used when the integrated button of the ActiveX control should not be used. You can configure a system function for the "Loop-in-Alarm" event in turn. For example, it is possible to change to the process screen in which the alarm appeared. Note If the alarms to be edited have not yet been acknowledged, the acknowledgment takes place automatically when this system function is called up. Use in the function list AlarmViewLoopInAlarm (Screen object) Use in user-defined functions - Parameters Screen object Name of the alarm view in which the event is triggered. Note The HMI devices listed below do not support this system function for the "screen" object: OP 73, OP 77A, TP 177A. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5939 Visualizing processes 12.8 Working with system functions and Runtime scripting AlarmViewAcknowledgeAlarm (Panels, RT Advanced) Description Acknowledges the alarms selected in the given alarm view. This system function is used when the integrated button of the ActiveX control should not be used. Use in the function list AlarmViewAcknowledgeAlarm (Screen object) Use in user-defined functions - Parameters Screen object Name of the alarm view in which the event is triggered. Note The HMI devices listed below do not support this system function for the "screen" object: OP 73, OP 77A, TP 177A. See also Availability for specific devices of system functions (Page 5739) AlarmViewShowOperatorNotes (Panels, RT Advanced) Description Displays the configured tooltip of the alarm selected in the given alarm view. Use in the function list AlarmViewShowOperatorNotes (Screen object) Use in user-defined functions - 5940 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the alarm view in which the event is triggered. Note The HMI devices listed below do not support this system function for the "screen" object: OP 73, OP 77A, TP 177A. See also Availability for specific devices of system functions (Page 5739) AcknowledgeAlarm (Panels, RT Advanced) Description Acknowledges all selected alarms. This system function is used when the HMI device does not have an ACK key or when the integrated key of the alarm view should not be used. This system function can only be used for function keys. Use in the function list AcknowledgeAlarm Use in user-defined functions AcknowledgeAlarm Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5941 Visualizing processes 12.8 Working with system functions and Runtime scripting ShowAlarmWindow (Panels, RT Advanced) Description Hides or shows the alarm window on the HMI device. Use in the function list ShowAlarmWindow (Object name, Display mode) Use in user-defined functions ShowAlarmWindow (Object_name, Display_mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Object name Name of the alarm view which is hidden or shown. Display mode Determines whether the alarm window is hidden or shown: 0 (hmiOff) = Off: Alarm view is hidden 1 (hmiOn) = On: Alarm view is shown -1 (hmiToggle) = Toggle: Toggles between the two modes See also Availability for specific devices of system functions (Page 5739) ShowSystemAlarm (Panels, RT Advanced) Description Displays the value of the parameter passed as a system event to the HMI device. Use in the function list ShowSystemAlarm (Text/value) Use in user-defined functions ShowSystemAlarm (Text/value) 5942 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Text/Value The text or the value, which was output as a system alarm. See also Availability for specific devices of system functions (Page 5739) Recipes (Panels, RT Advanced) ExportDataRecords (Panels, RT Advanced) Description Exports one or all data records of a recipe to a CSV file. One file is created per recipe. Use in the function list ExportDataRecords (Recipe number/name, Data record number/name, File name, Overwrite, Output status message, Processing status) Use in user-defined functions ExportDataRecords (Recipe_number/name,Data_record number/name, File_name, Overwrite, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Recipe number/name Number or name of the recipe from which the data records are exported. Specify "0" if recipe data records are to be exported from all available recipes. Data record number/name Number or name of the recipe data record to be exported. Specify "0" if all recipe data records are to be exported. WinCC Advanced V14 System Manual, 10/2016 5943 Visualizing processes 12.8 Working with system functions and Runtime scripting File name Name of the CSV file to which the recipe data records are exported. Enter the storage location and the file extension (*.csv), for example "C:\TEMP\Orange.csv", for Basic Panels "\USB_X60.1\Orange.csv". Note Storage of the CSV file Does not apply for Basic Panels: If a storage card is used as storage location, specify the storage location as follows: "\StorageCard\<FileName>". If you only enter one file name and no path, the file will be saved in a system directory, for example, "C:\Documents and Settings\[User]". When only one path for the export is specified, the file name is automatically created from the respective recipe name. It is a requirement that the folder "D:\Temp\", for example, has been created. If the folder "D:\Temp" has not been created, the folder name will be used as the prefix of the file name, Temp_Recipe names.csv. Overwrite Determines whether an existing CSV file with the same name is overwritten: 0 (hmiOverwriteForbidden) = No: CSV file will not be overwritten. The export process will not be carried out. 1 (hmiOverwriteAlways) = Yes: CSV file is overwritten without a prompt for confirmation. 2 (hmiOverwriteWithPrompting) = With confirmation: CSV file is not overwritten until confirmed. Output status message Determines whether a status message is output after the export: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Export format of the recipe data records If ".csv" is chosen as a file extension for the export file, then only valid characters from the ANSI character set will be supported. This also applies to separators in decimal numbers and list elements. The separators used are defined in the country/regional settings of the operating system of the exporting computer. 5944 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Does not apply for Basic Panels: You may also set "Unicode text" (".txt") format for the export file. This file format supports the WinCC and WinCC Runtime character set. Again, the separators used are specified in the country/regional settings of the operating system of the exporting computer. This file format always uses tab separators in list elements. The corresponding file import function also supports the ".csv" and ".txt" (Unicode) file formats. Application example You want to export all data records using a key. Notes on configuring Configure the "ExportDataRecords" system function on the "Press" event for the desired key. Transfer the following parameters: Recipe number/name = 1 Data record number/name = 0 File name = c:\temp\orange.csv, for Basic Panels "\USB_X60.1\orange.csv" Overwrite = 1 Output status message = 1 Tags can also be specified in place of the constants. Depending on the configuration, the operator can enter the desired values in the I/O field or read from the PLC. In this way, the operator can determine which recipe data records are exported. Procedure on HMI device As soon as the key is activated, the system function is triggered. The constants or tags are evaluated. All data records of Recipe 1 are exported to the orange.csv file. If the file already exists, it will be overwritten. After exporting the data records, a system alarm is output. See also Availability for specific devices of system functions (Page 5739) ExportDataRecordsWithChecksum (Panels, RT Advanced) Description Exports one or all data records of a recipe to a CSV file and generates a checksum for each line in the file. One file is created per recipe. WinCC Advanced V14 System Manual, 10/2016 5945 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ExportDataRecordsWithChecksum (Recipe number/name, Data record number/name, File name, Overwrite, Output status message, Processing status) Use in user-defined functions ExportDataRecordsWithChecksum (Recipe_number/name, Data_record number/name, File_name, Overwrite, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe from which the data records are exported. Specify "0" if recipe data records are to be exported from all available recipes. Data record number/name Number or name of the recipe data record to be exported. Specify "0" if all recipe data records are to be exported. File name Name of the CSV file to which the recipe data records are exported. Enter the path and the file extension e.g. "C:\TEMP\Orange.CSV". If a storage card is used as storage location, specify the storage location as follows: "\StorageCard\<File name>". If you define only a file name without specifying a path, the file is saved to the directory from which Runtime was started. If write access to this directory is not enabled in the Windows 7 operating system, the file is saved to the "VirtualStore" folder of the user directory. When only one path for the export is specified, the file name is automatically created from the respective recipe name. This requires, for example, that the directory "D:\Temp\" has been created. If the directory "D:\Temp" does not exist, the directory name is used as the prefix for the file name, Temp_Recipe names.csv. Overwrite Determines whether an existing CSV file with the same name is overwritten: 0 (hmiOverwriteForbidden) = No: CSV file will not be overwritten. The export process will not be carried out. 1 (hmiOverwriteAlways) = Yes: CSV file is overwritten without a prompt for confirmation. 2 (hmiOverwriteWithConfirmation) = With confirmation: CSV file is not overwritten until confirmed. Output status message Determines whether a status message is output after the export: 0 (hmiOff) = Off: Status message is not output. 5946 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Export format of the recipe data records If ".csv" is chosen as a file extension for the export file, then only valid characters from the ANSI character set will be supported. This also applies to separators in decimal numbers and list elements. The separators used are defined in the country/regional settings of the operating system of the exporting computer. You may also set "Unicode text" (".txt") format for the export file. This file format supports the WinCC and WinCC Runtime character set. Again, the separators used are specified in the country/regional settings of the operating system of the exporting computer. This file format always uses tab separators in list elements. The corresponding file import function also supports the ".csv" and ".txt" (Unicode) file formats. Application example Using a key, you want to export all data records and assign a checksum. Notes on configuring Configure the "ExportDataRecordsWithChecksum" system function on the "Press" event for the desired key. Transfer the following parameters: Recipe number/name = 1 Data record number/name = 0 File name = c:\temp\orange.csv Overwrite = 1 Output status message = 1 Tags can also be specified in place of the constants. Depending on the configuration, the operator can enter the desired values in the I/O field or read from the PLC. In this way, the operator can determine which recipe data records are exported. Procedure on HMI device As soon as the key is activated, the system function is triggered. The constants or tags are evaluated. All data records of Recipe 1 are exported to the orange.csv file and assigned checksums. If the file already exists, it will be overwritten. After exporting the data records, a system message is output. WinCC Advanced V14 System Manual, 10/2016 5947 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) ImportDataRecords (Panels, RT Advanced) Description Imports one or all data records of a recipe from a CSV file. When a path is specified, all records of the given directory are imported. Use in the function list ImportDataRecords (File name, Data record number/name, Overwrite, Output status message, Processing status) Use in user-defined functions ImportDataRecords (File_name, Data_record number/name, Overwrite, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters File name Name of the CSV file from which the recipe data records are imported. Enter the storage location and the file extension (*.csv), for example, "C:\TEMP\Orange.csv", for Basic Panels "\USB_X60.1\Orange.csv". Note Does not apply for Basic Panels: If a storage card is used as file location, specify the file location as follows: "\StorageCard\<FileName". Data record number/name Number or name of the recipe data record to be imported. Specify "0" if all recipe data records are to be imported. Overwrite Determines whether existing recipe data records are to be overwritten: 0 (hmiOverwriteForbidden) = No: Recipe data records are not overwritten. The import process will not be carried out. 1 (hmiOverwriteAlways) = Yes: Recipe data records are overwritten without prompting. 5948 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 2 (hmiOverwriteWithPrompting) = With confirmation: Recipe data records are not overwritten until confirmed. Output status message Determines whether a status message is output after the import: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Configurable objects Object Event Tag Value change Upper limit exceeded Lower limit violated Function key (global) Release Press Function key (local) Release Press Screen Loaded Cleared Screen object Press Release Click Change (or toggle for switch) Switch on Switch off Enable Disable Scheduler Time expired See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5949 Visualizing processes 12.8 Working with system functions and Runtime scripting ImportDataRecordsWithChecksum (Panels, RT Advanced) Description Imports one or all data records of a recipe from a CSV file with a checksum and verifies the checksum. Use in the function list ImportDataRecordsWithChecksum (File name, Data record number/name, Overwrite, Output status message, Processing status, verify checksum) Use in user-defined functions ImportDataRecordsWithChecksum (File_name, Data_record number/name, Overwrite, Output_status_message, Processing_status, Verify_Checksum) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter File name Name of the CSV file from which the recipe data records are imported. Enter the path and the file extension, for example, "C:\TEMP\Orange.CSV". If a storage card is used as storage medium, specify the storage location as follows: "\StorageCard\<File name>". If you specify a directory instead of an individual CSV file, all files in the specified directory will be imported. Data record number/name Number or name of the recipe data record to be imported. Specify "0" if all recipe data records are to be imported. Overwrite Determines whether existing recipe data records are to be overwritten: 0 (hmiOverwriteForbidden) = No: Recipe data records are not overwritten. The import process will not be carried out. 1 (hmiOverwriteAlways) = Yes: Recipe data records are overwritten without prompting. 2 (hmiOverwriteWithConfirmation) = With confirmation: Recipe data records are not overwritten until confirmed. Output status message Determines whether a status message is output after the import: 0 (hmiOff) = Off: Status message is not output. 5950 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example to delay execution of other system functions, until this system function has been successfully completed. 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Verify checksum Determines if the checksum should be verified during import: 0 (hmiFalse) = No: Checksum is not verified. 1 (hmiTrue) = Yes: Checksum is verified. See also Availability for specific devices of system functions (Page 5739) LoadDataRecord (Panels, RT Advanced) Description Loads the given recipe data record from the memory medium of the HMI device in the recipe tags. This system function is used, for example, to display a recipe data record in the recipe screen. Activate the "Synchronize recipe view and recipe tags" option in the synchronization settings of the recipe. If this option is deactivated, the system function has no effect. Use in the function list LoadDataRecord (Recipe number/name, Data record number/name, Processing status) Use in user-defined functions LoadDataRecord (Recipe_number/name, Data_record_number/name, Confirmation, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe from which a recipe data record is loaded. WinCC Advanced V14 System Manual, 10/2016 5951 Visualizing processes 12.8 Working with system functions and Runtime scripting Data record number/name Number or name of the recipe data record to be loaded. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) GetDataRecordFromPLC (Panels, RT Advanced) Description Transfers the selected recipe data record from the PLC to the storage medium of the HMI device. Use in the function list GetDataRecordFromPLC (Recipe number/name, Data record number/name, Overwrite, Output status message, Processing status) Use in user-defined functions GetDataRecordFromPLC (Recipe_number/name, Data_record_number/name, Overwrite, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe from which recipe data records are transferred. Data record number/name Number or name of the recipe data record which is transferred from the PLC to the data medium of the HMI device. Overwrite Determines whether an existing recipe data record with the same name is overwritten: 5952 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 0 (hmiOverwriteForbidden) = No: Recipe data record is not overwritten. The transfer process will not be carried out. 1 (hmiOverwriteAlways) = Yes: Recipe data record is overwritten without prompting. 2 (hmiOverwriteWithPrompting) = With confirmation: Recipe data record is not overwritten until confirmed. Output status message Determines whether a status message is output after the transfer: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Application example You want to transfer a data record from the PLC to the data medium of the HMI device using a key. Notes on configuring Configure the "GetDataRecordFromPLC" system function on the "Press" event for the desired key. Transfer the following parameters: Recipe number/name = 1 Data record number/name = 1 Overwrite = 1 Output status message = 1 Tags can also be specified in place of the constants. Depending on the configuration, the operator can enter the desired values in the I/O field or read from the PLC. In this way, the operator can determine which recipe data record is transferred from the PLC. Procedure on HMI device As soon as the key is activated, the system function is triggered. The constants or tags are evaluated and the first data record of Recipe 1 is transferred from the PLC to the data medium of the HMI device. If the recipe data record already exists, it will be overwritten. A system message is output after the transfer. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5953 Visualizing processes 12.8 Working with system functions and Runtime scripting GetDataRecordName (Panels, RT Advanced) Description Writes the name of the given recipe and recipe data record to the given tags. Note If the recipe or the recipe data record do not exist, wildcards ("###") are written to the tags. Note Only internal tags or external tags are supported as tags. Use in the function list GetDataRecordName (Recipe number, Data record number, Recipe name, Data record name, Processing status) Use in user-defined functions GetDataRecordName (Recipe_number, Data_record_number, Recipe_name, Data_record_name, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number Number of the recipe whose name is written to the given tag. Data record number Number of the recipe data record whose name is written to the given tag. Recipe name The tag to which the recipe name is written. The tag must be of the STRING type. Data record name The tag to which the name of the recipe data record is written. The tag must be of the STRING type. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 5954 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. Application example You want to output the names of the displayed recipes and the name of the displayed recipe data record on the HMI device. Configure the following tags: RecNumber" of type INTEGER RecDataNumber" of type INTEGER RecName" of type STRING RecDataName" of type STRING Configure a recipe view with the tags "RecNumber" for the recipe number and "RecDataNumber" for the data record number. Configure the "GetDataRecordName" system function on the "Press" event for a button and pass the following parameters: Recipe number: RecNumber Data record number: RecDataNumber Recipe name: RecName Data record name: RecDataName Configure two output fields and connect these to the "RecName" and "RecDataName" tags. Select a recipe and a data record number from the recipe view. As soon as the button is activated, the system function is triggered and the name of the recipe and the recipe data record are displayed in both output fields. See also Availability for specific devices of system functions (Page 5739) GetDataRecordTagsFromPLC (Panels, RT Advanced) Description Transfers the values of the recipe data record loaded in the PLC to the corresponding recipe tags. This system function is used, for example, during teach-in mode on a machine. Use in the function list GetDataRecordTagsFromPLC (Recipe number/name, Processing status) WinCC Advanced V14 System Manual, 10/2016 5955 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions GetDataRecordTagsFromPLC (Recipe_number/name, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe data record whose values are written from the PLC to the tags. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) ClearDataRecord (Panels, RT Advanced) Description Deletes a recipe data record. Several data records can be deleted from one or more recipes. Use in the function list ClearDataRecord (Recipe number/name, Data record number/name, Confirmation, Output status message, Processing status) Use in user-defined functions ClearDataRecord Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". 5956 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Recipe number/name Number or name of the recipe from which recipe data records are deleted. "0" is specified if you want to delete recipe data records from all available recipes. Data record number/name Number or name of the recipe data record to be deleted. "0" is specified if you want to delete all recipe data records. Confirmation Determines whether the operator should confirm the deletion: 0 (hmiOff) = Off: Deletion is begun without confirmation. 1 (hmiOn) = On: The starting of the deletion process must be confirmed. Output status message Determines whether a status message is output after the deletion: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) ClearDataRecordMemory (Panels, RT Advanced) Description Deletes all recipes data records from the specified storage medium. Use in the function list ClearDataRecordMemory (Storage location, After confirmation, Output status message, Processing status) WinCC Advanced V14 System Manual, 10/2016 5957 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions ClearDataRecordMemory (Storage_location, Confirmation, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Storage location Determines the storage location: 0 (hmiFlashMemory) = Flash memory: Internal flash memory of the HMI device 1 (hmiStorageCard) = Storage card 2 (hmiStorageCard2) = Storage card 3 (hmiStorageCard3) = Storage card MultiMediaCard 4 (hmiStorageCard4) = Storage card With confirmation Determines whether the operator should confirm the deletion: 0 (hmiOff) = Off: Deletion is begun without confirmation. 1 (hmiOn) = On: The starting of the deletion process must be confirmed. Output status message Determines whether a status message is output after the deletion: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) 5958 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting RecipeViewNewDataRecord (Panels, RT Advanced) Description Creates a new data record in the given recipe view. Use in the function list RecipeViewNewDataRecord (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the new recipe data record is created. See also Availability for specific devices of system functions (Page 5739) RecipeViewGetDataRecordFromPLC (Panels, RT Advanced) Description Transfers the data record that is currently loaded in the PLC to the HMI device and displays it in the recipe view. Use in the function list RecipeViewGetDataRecordFromPLC (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the recipe data record from the PLC is displayed. WinCC Advanced V14 System Manual, 10/2016 5959 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) RecipeViewClearDataRecord (Panels, RT Advanced) Description Deletes the data record which is currently displayed in the recipe view. Use in the function list RecipeViewClearDataRecord (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the displayed recipe data record is deleted. See also Availability for specific devices of system functions (Page 5739) RecipeViewMenu (Panels, RT Advanced) Description Opens the menu of the specified simple recipe view. Only use this system function at a simple recipe view. Use in the function list RecipeViewMenu (Screen object) Use in user-defined functions - 5960 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the recipe view in which the menu is to be opened. See also Availability for specific devices of system functions (Page 5739) RecipeViewOpen (Panels, RT Advanced) Description Displays the data record values in the given recipe view or changes to the next selection field. The system function has no effect if the selection field for the recipe data record values is displayed on the HMI device. Operation sequence of the selection lists in runtime: Recipe name Data record name RecipeDataRecordValues This system function is used when a simple recipe view has been configured. In the simple recipe view, only one selection list is displayed at a time on the HMI device. Use the "RecipeViewBack" system function to display the previous selection list. Use in the function list RecipeViewOpen (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the command is triggered. See also RecipeViewBack (Page 5965) Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5961 Visualizing processes 12.8 Working with system functions and Runtime scripting RecipeViewSetDataRecordToPLC (Panels, RT Advanced) Description Transfers the recipe data record which is currently displayed in the recipe view to the PLC. Use in the function list RecipeViewSetDataRecordToPLC (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view from which the recipe data record is transferred to the connected PLC. See also Availability for specific devices of system functions (Page 5739) RecipeViewSaveDataRecord (Panels, RT Advanced) Description Saves the recipe data record which is currently displayed in the recipe view. Use in the function list RecipeViewSaveDataRecord (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the recipe data record is saved. See also Availability for specific devices of system functions (Page 5739) 5962 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting RecipeViewSaveAsDataRecord (Panels, RT Advanced) Description Saves the data record currently being displayed in the recipe view under a new name. Use in the function list RecipeViewSaveAsDataRecord (Screen object) Use in user-defined functions - Parameters Screen object Saves the data record currently being displayed in the recipe view under a new name and/or new number. See also Availability for specific devices of system functions (Page 5739) RecipeViewSynchronizeDataRecordWithTags (Panels, RT Advanced) Description Synchronizes the values of the data record which is currently displayed in the recipe view with their recipe tags. Only use this system function at an advanced recipe view. During synchronization, all values of the data record are written to their recipe tags. Use in the function list RecipeViewSynchronizeDataRecordWithTags (Screen object) Use in user-defined functions - WinCC Advanced V14 System Manual, 10/2016 5963 Visualizing processes 12.8 Working with system functions and Runtime scripting Parameters Screen object Name of the recipe view in which the values are synchronized with their tags. Note The OP 77A and TP 177A HMI devices do not support this function for the screen object. See also Availability for specific devices of system functions (Page 5739) RecipeViewRenameDataRecord (Panels, RT Advanced) Description Renames the selected data record in the given recipe view. Use in the function list RecipeViewRenameDataRecord (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the recipe data record is renamed. See also Availability for specific devices of system functions (Page 5739) RecipeViewShowOperatorNotes (Panels, RT Advanced) Description Displays the configured tooltip of the specified recipe view. 5964 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list RecipeViewShowOperatorNotes (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view whose configured tooltip is displayed. See also Availability for specific devices of system functions (Page 5739) RecipeViewBack (Panels, RT Advanced) Description Returns to the previous selection list in the given recipe view. The system function has no effect if the selection field for the recipe is displayed on the HMI device. Operation sequence of the selection lists in runtime: Recipe name Data record name RecipeDataRecordValues This system function is used when a simple recipe view has been configured. In the simple recipe view, only one selection list is displayed at a time on the HMI device. Use the "RecipeViewOpen" system function to display the recipe data record values or the next selection field. Use in the function list RecipeViewBack (Screen object) Use in user-defined functions - Parameters Screen object Name of the recipe view in which the command is triggered. WinCC Advanced V14 System Manual, 10/2016 5965 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) SetDataRecordToPLC (Panels, RT Advanced) Description Transfers the given recipe data record directly from the data medium of the HMI device to the PLC with which the HMI device is connected. Note The values of the recipe data record don't need to be displayed on the HMI device. Use in the function list SetDataRecordToPLC (Recipe number/name, Data record number/name, Output status message, Processing status) Use in user-defined functions SetDataRecordToPLC (Recipe_number/name, Data_record_number/name, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe from which recipe data record is transferred to the PLC. Data record number/name Number or name of the recipe data record to be transferred to the PLC. Output status message Determines whether a status message is output after the transfer: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 5966 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) SetDataRecordTagsToPLC (Panels, RT Advanced) Description Transfers the values of the recipe tags to the PLC. The recipe tags contain the values of the data record which is displayed on the HMI device. Use in the function list SetDataRecordTagsToPLC (Recipe number/name, Processing status) Use in user-defined functions SetDataRecordTagsToPLC (Recipe_ number/name, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe from which recipe data record is transferred to the PLC. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5967 Visualizing processes 12.8 Working with system functions and Runtime scripting SetRecipeTags (Panels, RT Advanced) Description Changes the status of the recipe tags from "Online" to "Offline" and vice versa. This system function is used, for example, when recipe data record values are fine tuned when starting up a machine. Use in the function list SetRecipeTags (Recipe number/name, Status, Output status message, Processing status) Use in user-defined functions SetRecipeTags (Recipe_number/name, Status, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Recipe number/name Number or name of the recipe in which the recipe data record is saved. Status Determines the status of the recipe tags: 0 (hmiOnline) = Online: Value changes of the recipe tags are transferred immediately to the PLC connected to the HMI device. 1 (hmiOffline) = Offline: Value changes to the recipe tags are only transferred to the PLC connected to the HMI device when, for example, the "SetDataRecordTagsToPLC" system function is executed. Output status message Determines whether a status message is output after saving: 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. 5968 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) SaveDataRecord (Panels, RT Advanced) Description Saves the current values of the recipe tags as data record to the memory medium of the HMI device. This system function is used, for example, to save a recipe data record in the recipe screen. Use in the function list SaveDataRecord (Recipe number/name, Data record number/name, Overwrite, Output status message, Processing status) Use in user-defined functions SaveDataRecord (Recipe_number/name, Data_record_number/name, Overwrite, Output_status_message, Processing_status) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameters Recipe number/name Number or name of the recipe to which a recipe data record is saved. Data record number/name Number or name of the recipe data record to be saved. A new data record will be created if no record of this name or number was found in the recipe, independent of the value at the "Overwrite" parameter. Overwrite Specifies whether an existing data record is overwritten: 0 (hmiOverwriteForbidden) = No: The recipe data record is not overwritten, the data record is not saved. 1 (hmiOverwriteAlways) = Yes: The recipe data record is overwritten without a prompt for confirmation. 2 (hmiOverwriteWithConfirmation) = With confirmation: The recipe data record is overwritten only with confirmation by the user. Output status message Determines whether a status message is output after saving: WinCC Advanced V14 System Manual, 10/2016 5969 Visualizing processes 12.8 Working with system functions and Runtime scripting 0 (hmiOff) = Off: Status message is not output. 1 (hmiOn) = On: Status message is output. Processing status Returns the processing status of the system function. You can use the return value, for example, to delay execution of other system functions until this system function has been successfully completed: 2 = System function is being performed. 4 = System function was successfully completed. 12 = System function was not performed because an error has occurred. See also Availability for specific devices of system functions (Page 5739) System (Panels, RT Advanced) ActivateCleanScreen (Panels, RT Advanced) Description Activates the clean screen on the HMI device. The display of the HMI device is disabled for the given time period. When the display of the HMI device is deactivated, it can be cleaned without triggering touch functions by mistake. Use in the function list ActivateCleanScreen (Time period) Use in user-defined functions -- Parameters Time period Time period for which the display is disabled. The time remaining is displayed as a progress bar. 5970 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Value range in seconds from 10 through 300. Note The system function ActivateCleanScreen cannot be simulated. See also Logoff (Page 5831) Availability for specific devices of system functions (Page 5739) OpenFileBrowser (Panels, RT Advanced) Description Opens a file browser dialog. Depending on the mode the user can select a file or a folder. Use in the function list OpenFileBrowser (Mask, Output Folder, File, Navigation Back, Navigation Up, New folder, Path, Status) Use in user-defined functions - Parameters Mask Sets a mask for filtering the displayed files. This parameter is only evaluated in "File" mode. The filter criteria must be delimited by ; semicolon. Example: *.htm;*.html Start folder Specifies the folder with which the file selection dialog starts. File Specifies the mode in which the dialog is opened. 0 = folder search mode 1 = file search mode WinCC Advanced V14 System Manual, 10/2016 5971 Visualizing processes 12.8 Working with system functions and Runtime scripting Navigation Back Specifies whether or not the "Back" button is activated. This button offers simple navigation to the last folder you opened. Navigation Up Specifies whether or not the "Up" button is activated. This button offers simple navigation to the parent folder. New folder Specifies whether or not the button can be used to create a new folder. Path Contains the path name of the last folder opened after you close the dialog. Status Returns information about the dialog closing mode -1 = dialog was canceled 0 = dialog was closed with "OK". OpenTaskManager (Panels, RT Advanced) Description Shows the task manager. The task manager allows changing to other open applications on the HMI device. Note The appearance of the task manager depends on the operating system installed. Use in the function list OpenTaskManager Use in user-defined functions OpenTaskManager Can be used if the configured device supports user-defined scripts. For additional information, refer to "Device dependency". Parameter -- 5972 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) Keyboard (Panels, RT Advanced) OpenScreenKeyboard (Panels, RT Advanced) Description Hides or shows the screen keyboard. The screen keyboard remains open until the screen keyboard is explicitly closed. In this way, the screen keyboard can also be used in other applications. Use in the function list OpenScreenKeyboard (Display mode) Use in user-defined functions OpenScreenKeyboard (Display_mode) Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter Display mode Specifies whether the window is opened minimized or maximized with the screen keyboard: 0 (hmiScreenKeyboardMinimized) = Minimized 1 (hmiScreenKeyboardMaximized) = Maximized See also Availability for specific devices of system functions (Page 5739) Keyboard operation for screen objects (Panels, RT Advanced) ScreenObjectCursorDown (Panels, RT Advanced) Description Results in a line-by-line, downward cursor movement in the table of the specified screen object. WinCC Advanced V14 System Manual, 10/2016 5973 Visualizing processes 12.8 Working with system functions and Runtime scripting The system function can be used for the following screen objects: User view Alarm view Recipe view NC subprogram display PLC code view Use in the function list ScreenObjectCursorDown (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object in which the key function is triggered. See also Availability for specific devices of system functions (Page 5739) ScreenObjectCursorUp (Panels, RT Advanced) Description Results in a line-by-line, upward cursor movement in the table of the specified screen object. The system function can be used for the following screen objects: User view Alarm view Recipe view NC subprogram display PLC code view Use in the function list ScreenObjectCursorUp (Screen object) 5974 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions - Parameters Screen object Name of the screen object in which the key function is triggered. See also Availability for specific devices of system functions (Page 5739) ScreenObjectCursorRight (Panels, RT Advanced) Description Results in a line-by-line, cursor movement to the right in the specified screen object. Use in the function list ScreenObjectCursorLeft (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object in which the command is executed. See also System functions for Basic Panels (Page 5739) System functions for Basic Panels 2nd Generation (Page 5745) System functions for Panels (Page 5751) System functions for Mobile Panels (Page 5771) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5975 Visualizing processes 12.8 Working with system functions and Runtime scripting ScreenObjectPageDown (Panels, RT Advanced) Description Results in a page-by-page, downward cursor movement in the table of the specified screen object. The system function can be used for the following screen objects: User view Alarm view Recipe view NC subprogram display Use in the function list ScreenObjectPageDown (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object in which the key function is triggered. See also Availability for specific devices of system functions (Page 5739) ScreenObjectPageUp (Panels, RT Advanced) Description Results in a page-by-page, upward cursor movement in the table of the specified screen object. The system function can be used for the following screen objects: User view Alarm view Recipe view NC subprogram display 5976 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in the function list ScreenObjectPageUp (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object in which the key function is triggered. See also Availability for specific devices of system functions (Page 5739) ScreenObjectCursorLeft (Panels, RT Advanced) Description Results in a line-by-line, cursor movement to the left in the specified screen object. Use in the function list ScreenObjectCursorLeft (Screen object) Use in user-defined functions - Parameters Screen object Name of the screen object in which the command is executed. See also System functions for Basic Panels (Page 5739) System functions for Basic Panels 2nd Generation (Page 5745) System functions for Panels (Page 5751) System functions for Mobile Panels (Page 5771) System functions for Runtime Advanced (Page 5780) Availability for specific devices of system functions (Page 5739) WinCC Advanced V14 System Manual, 10/2016 5977 Visualizing processes 12.8 Working with system functions and Runtime scripting PageDown (Panels, RT Advanced) Description Executes the key function <Pagedown> on the HMI device. This system function can only be used for function keys. Use in the function list PageDown Use in user-defined functions PageDown Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter - See also Availability for specific devices of system functions (Page 5739) PageUp (Panels, RT Advanced) Description Executes the key function <PageUp> on the HMI device. This system function can only be used for function keys and tasks with a time trigger. Use in the function list PageUp Use in user-defined functions PageUp Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter - 5978 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting See also Availability for specific devices of system functions (Page 5739) GoToHome (Panels, RT Advanced) Description Executes the key function <Home> on the HMI device. This system function is used when the HMI device does not have this functionality by default. The system function can only be used for the following function keys. Use in the function list GoToHome Use in user-defined functions GoToHome Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) GoToEnd (Panels, RT Advanced) Description Executes the key function <End> on the HMI device. This system function is used when the HMI device does not have this functionality by default. The system function can only be used for the following function keys. Use in the function list GoToEnd WinCC Advanced V14 System Manual, 10/2016 5979 Visualizing processes 12.8 Working with system functions and Runtime scripting Use in user-defined functions GoToEnd Can be used if the configured device supports user-defined functions. For additional information, refer to "Device dependency". Parameter -- See also Availability for specific devices of system functions (Page 5739) 12.8.8.2 Events (Basic Panels, Panels, RT Advanced) Overview (Basic Panels) Editors (Basic Panels) Introduction The following table shows which events occur in which editor. Technical data subject to change. Icon Editor Screens HMI alarms HMI tags Scheduler 1 Cleared (Page 5991) X -- -- -- 2 Activate (Page 5991) -- -- -- -- 3 Change (Page 5992) -- -- -- -- 4 Loaded (Page 5992) X -- -- -- 5 Execute (Page 5992) -- -- -- X 6 Selection changed (Page 5992) -- -- -- -- 7 On exceeding (Page 5993) -- -- X -- 8 On falling below (Page 5993) -- -- X -- 9 When dialog is opened (Page 5993) -- -- -- X 10 When dialog is closed (Page 5993) -- -- -- X 11 User change (Page 5994) -- -- -- X 5980 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 12 Screen change (Page 5994) -- -- -- X 13 Deactivate (Page 5994) -- -- -- X 14 Double-click (Page 5995) -- -- -- -- 15 Press (Page 5995) -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- 18 Outgoing (Page 5996) -- X -- -- 19 Incoming (Page 5996) -- X -- -- 20 Click (Page 5996) -- -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- 22 Loop-in alarm (Page 5997) -- X -- -- 23 Release (Page 5997) -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- X 25 Acknowledge (Page 5998) -- X -- -- 26 Reach margin (Page 5998) -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- X 28 Press key (Page 5999) -- -- -- -- 29 Release key (Page 5999) -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- 31 Switch OFF (Page 6000) -- -- -- -- 32 Switch ON (Page 6000) -- -- -- -- 33 Low free storage space (Page 6001) -- -- -- -- 34 Free space critically low (Page 6001) -- -- -- -- 35 Value change (Page 6001) -- -- X -- 36 Time expired (Page 6001) -- -- -- -- Basic objects (Basic Panels) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object Line Ellipse Circle Rectangle WinCC Advanced V14 System Manual, 10/2016 5981 Visualizing processes 12.8 Working with system functions and Runtime scripting Icon Object Text field Graphic view 1 Cleared (Page 5991) -- -- -- -- -- -- 2 Activate (Page 5991) -- -- -- -- -- -- 3 Change (Page 5992) -- -- -- -- -- -- 4 Loaded (Page 5992) -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- 6 Selection changed (Page 5992) -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- 8 On falling below (Page 5993) -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- 13 Deactivate (Page 5994) -- -- -- -- -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- 15 Press (Page 5995) -- -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- 19 Incoming (Page 5996) -- -- -- -- -- -- 20 Click (Page 5996) -- -- -- -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- 23 Release (Page 5997) -- -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- 25 Acknowledge (Page 5998) -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- -- -- 31 Switch OFF (Page 6000) -- -- -- -- -- -- 32 Switch ON (Page 6000) -- -- -- -- -- -- 33 Low free storage space (Page 6001) -- -- -- -- -- -- 34 Free space critically low (Page 6001) -- -- -- -- -- -- 35 Value change (Page 6001) -- -- -- -- -- -- 36 Time expired (Page 6001) -- -- -- -- -- -- 5982 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Elements (Basic Panels) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object IO field Button Symbolic IO field Graphic IO field Date/time field Bar Switch 1 Cleared (Page 5991) -- -- -- -- -- -- -- 2 Activate (Page 5991) X X X X -- -- X 3 Change (Page 5992) -- X X -- -- -- X 4 Loaded (Page 5992) -- -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- -- 6 Selection changed (Page 5992) -- -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- -- 8 On falling below (Page 5993) -- -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- -- 13 Deactivate (Page 5994) X X X X -- -- X 14 Double-click (Page 5995) -- -- -- -- -- -- -- 15 Press (Page 5995) -- X -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- -- 19 Incoming (Page 5996) -- -- -- -- -- -- -- 20 Click (Page 5996) -- X -- -- -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- -- 23 Release (Page 5997) -- X -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- -- 25 Acknowledge (Page 5998) -- -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- -- WinCC Advanced V14 System Manual, 10/2016 5983 Visualizing processes 12.8 Working with system functions and Runtime scripting 27 Runtime Stop (Page 5999) -- -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- -- -- -- 31 Switch OFF (Page 6000) -- -- -- -- -- -- X 32 Switch ON (Page 6000) -- -- -- -- -- -- X 33 Low free storage space (Page 6001) -- -- -- -- -- -- -- 34 Free space critically low (Page 6001) -- -- -- -- -- -- -- 35 Value change (Page 6001) -- -- -- -- -- -- -- 36 Time expired (Page 6001) -- -- -- -- -- -- -- Controls (Basic Panels) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object Alarm view/alarm window Alarm indicator Trend view User view Recipe view Auxiliary indicator 1 Cleared (Page 5991) -- -- -- -- -- -- 2 Activate (Page 5991) X -- X X -- -- 3 Change (Page 5992) -- -- -- -- -- -- 4 Loaded (Page 5992) -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- 6 Selection changed (Page 5992) -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- 8 On falling below (Page 5993) -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- 13 Deactivate (Page 5994) X -- X X -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- 5984 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 15 Press (Page 5995) -- -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- 19 Incoming (Page 5996) 20 Click (Page 5996) -- X -- -- -- -- 21 Click when flashing (Page 5997) -- X -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- 23 Release (Page 5997) -- -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- 25 Acknowledge (Page 5998) -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- -- -- 31 Switch OFF (Page 6000) -- -- -- -- -- -- 32 Switch ON (Page 6000) -- -- -- -- -- -- 33 Low free storage space (Page 6001) -- -- -- -- -- -- 34 Free space critically low (Page 6001) -- -- -- -- -- -- 35 Value change (Page 6001) -- -- -- -- -- -- 36 Time expired (Page 6001) -- -- -- -- -- -- Overview (Panels, RT Advanced) Editors (Panels, RT Advanced) Introduction The following table shows which events occur in which editor. Technical data subject to change. Icon Editor Screens HMI alarms HMI tags Logs Scheduler Audit Trail WinCC Advanced V14 System Manual, 10/2016 5985 Visualizing processes 12.8 Working with system functions and Runtime scripting 1 Cleared (Page 5991) X -- -- -- -- -- 2 Activate (Page 5991) -- -- -- -- -- -- 3 Change (Page 5992) -- -- -- -- -- -- 4 Loaded (Page 5992) X -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- X -- 6 Selection changed (Page 5992) -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- X -- -- -- 8 On falling below (Page 5993) -- -- X -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- X -- 10 When dialog is closed (Page 5993) -- -- -- -- X -- 11 User change (Page 5994) -- -- -- -- X -- 12 Screen change (Page 5994) -- -- -- -- X -- 13 Deactivate (Page 5994) -- -- -- -- -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- 15 Press (Page 5995) -- -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- 18 Incoming (Page 5996) -- X -- -- -- -- 19 Outgoing (Page 5996) -- X -- -- -- -- 20 Click (Page 5996) -- -- -- -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- X -- -- -- -- 23 Release (Page 5997) -- -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- X -- 25 Acknowledge (Page 5998) -- X -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- X -- 28 Press key (Page 5999) -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- X -- -- 31 Switching (Page 6000) -- -- -- -- -- -- 32 Switch OFF (Page 6000) -- -- -- -- -- -- 33 Switch ON (Page 6000) -- -- -- -- -- -- 34 Low free storage space (Page 6001) -- -- -- X -- X 35 Free space critically low (Page 6001) -- -- -- X -- X 36 Value change (Page 6001) -- -- X -- -- -- 37 Time expired (Page 6001) -- -- -- -- -- -- 5986 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Basic objects (Panels, RT Advanced) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object Line Polyline Polygon Ellipse Circle Rectangle Text field Graphic view 1 Cleared (Page 5991) -- -- -- -- -- -- -- -- 2 Activate (Page 5991) -- -- -- -- -- -- -- -- 3 Change (Page 5992) -- -- -- -- -- -- -- -- 4 Loaded (Page 5992) -- -- -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- -- -- 6 Selection changed (Page 5992) -- -- -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- -- -- 8 On falling below (Page 5993) -- -- -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- -- -- 13 Deactivate (Page 5994) -- -- -- -- -- -- -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- -- -- 15 Press (Page 5995) -- -- -- -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- -- -- 19 Incoming (Page 5996) -- -- -- -- -- -- -- -- 20 Click (Page 5996) -- -- -- -- -- -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- -- -- 23 Release (Page 5997) -- -- -- -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- -- -- WinCC Advanced V14 System Manual, 10/2016 5987 Visualizing processes 12.8 Working with system functions and Runtime scripting 25 Acknowledge (Page 5998) -- -- -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- -- -- -- -- 31 Switching (Page 6000) -- -- -- -- -- -- -- -- 32 Switch OFF (Page 6000) -- -- -- -- -- -- -- -- 33 Switch ON (Page 6000) -- -- -- -- -- -- -- -- 34 Low free storage space (Page 6001) -- -- -- -- -- -- -- -- 35 Free space critically low (Page 6001) -- -- -- -- -- -- -- -- 36 Value change (Page 6001) -- -- -- -- -- -- -- -- 37 Time expired (Page 6001) -- -- -- -- -- -- -- -- Elements (Panels, RT Advanced) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object IO field Button Symbolic IO field Graphic IO field Date/time field Bar Switch Symbol library Slider Gauge Clock 1 Cleared (Page 5991) -- -- -- -- -- -- -- -- -- -- -- 2 Activate (Page 5991) X X X X -- -- X X X -- -- 3 Change (Page 5992) -- X X -- -- -- X -- X X -- 4 Loaded (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 6 Selection changed (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 5988 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 8 On falling below (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- -- -- -- -- -- 13 Deactivate (Page 5994) X X X X -- -- X X X -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- -- X -- -- -- 15 Press (Page 5995) -- X -- -- -- -- -- X -- -- -- 16 On Finish Input (Page 5995) X X X -- -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 19 Incoming (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 20 Click (Page 5996) -- X -- -- -- -- -- X -- -- -- 21 Click when flashing (Page 5997) -- -- -- -- -- -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- -- -- -- -- -- 23 Release (Page 5997) -- X -- -- -- -- -- X -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 25 Acknowledge (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- -- -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- -- -- -- -- -- 29 Release key (Page 5999) -- -- -- -- -- -- -- -- -- -- -- 30 Overflow (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 31 Switching (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 32 Switch OFF (Page 6000) -- -- -- -- -- -- X -- -- -- -- 33 Switch ON (Page 6000) -- -- -- -- -- -- X -- -- -- -- 34 Low free storage space (Page 6001) -- -- -- -- -- -- -- -- -- -- X 35 Free space critically low (Page 6001) -- -- -- -- -- -- -- -- -- -- X 36 Value change (Page 6001) -- -- -- -- -- -- -- -- -- -- -- 37 Time expired (Page 6001) -- -- -- -- -- -- -- -- -- -- -- Controls (Panels, RT Advanced) Introduction The following table shows which events occur on which objects. Technical data subject to change. Icon Object Alarm view/alarm window Alarm indicator Trend view WinCC Advanced V14 System Manual, 10/2016 5989 Visualizing processes 12.8 Working with system functions and Runtime scripting Icon Object User view HTML browser Status/Force Sm@rtClient view Recipe view f(x) trend view System diagnostics view / system diagnostics window Function key 1 Cleared (Page 5991) -- -- -- -- -- -- -- -- -- -- -- 2 Activate (Page 5991) X -- X X X X X X -- X -- 3 Change (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 4 Loaded (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 5 Execute (Page 5992) -- -- -- -- -- -- -- -- -- -- -- 6 Selection changed (Page 5992) X -- -- -- -- -- -- -- -- -- -- 7 On exceeding (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 8 On falling below (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 9 When dialog is opened (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 10 When dialog is closed (Page 5993) -- -- -- -- -- -- -- -- -- -- -- 11 User change (Page 5994) -- -- -- -- -- -- -- -- -- -- -- 12 Screen change (Page 5994) -- -- -- -- -- -- -- -- -- -- -- 13 Deactivate (Page 5994) X -- X X X X X X -- -- -- 14 Double-click (Page 5995) -- -- -- -- -- -- -- -- -- -- -- 15 Press (Page 5995) -- -- -- -- -- -- -- -- -- -- -- 16 On Finish Input (Page 5995) -- -- -- -- -- -- -- -- -- -- 17 Press ESC twice (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 18 Outgoing (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 19 Incoming (Page 5996) -- -- -- -- -- -- -- -- -- -- -- 20 Click (Page 5996) -- X -- -- -- -- -- -- -- -- -- 21 Click when flashing (Page 5997) -- X -- -- -- -- -- -- -- -- -- 22 Loop-in alarm (Page 5997) -- -- -- -- -- -- -- -- -- -- -- 23 Release (Page 5997) -- -- -- -- -- -- -- -- -- -- -- 24 Alarm buffer overflow (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 25 Acknowledge (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 26 Reach margin (Page 5998) -- -- -- -- -- -- -- -- -- -- -- 27 Runtime Stop (Page 5999) -- -- -- -- -- -- -- -- -- -- -- 28 Press key (Page 5999) -- -- -- -- -- -- -- -- -- -- X 29 Release key (Page 5999) -- -- -- -- -- -- -- -- -- -- X 30 Overflow (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 31 Switching (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 5990 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting 32 Switch OFF (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 33 Switch ON (Page 6000) -- -- -- -- -- -- -- -- -- -- -- 34 Low free storage space (Page 6001) -- -- -- -- -- -- -- -- -- -- -- 35 Free space critically low (Page 6001) -- -- -- -- -- -- -- -- -- -- -- 36 Value change (Page 6001) -- -- -- -- -- -- -- -- -- -- -- 37 Time expired (Page 6001) -- -- -- -- -- -- -- -- -- -- -- Events (Basic Panels, Panels, RT Advanced) Cleared (Basic Panels, Panels, RT Advanced) Description Occurs when the active screen on the HMI device is cleared. Note Please note that the availability of the event is dependent upon the HMI device and object type. Activate (Basic Panels, Panels, RT Advanced) Description Occurs when the user selects a display or operating object using the configured tab sequence. Note Note that the availability of the event depends on the HMI device and object type. Note If the user e.g. clicks a button with the mouse, the "Click" event is triggered. Users wishing to trigger the "Enable" event must select the button using the tab key. The "Enable" event is only used to detect whether an object was selected. The event does not trigger a password prompt. For this reason, do not use the "Enable" event if you want to configure access protection on the function call of the object. WinCC Advanced V14 System Manual, 10/2016 5991 Visualizing processes 12.8 Working with system functions and Runtime scripting Change (Basic Panels, Panels, RT Advanced) Description Occurs if the status of a display and operator control object changes. The status of an object changes if, for example, the user presses the key. Note Note that the availability of the event depends on the HMI device and object type. Loaded (Basic Panels, Panels, RT Advanced) Description Occurs when all configured display and operating objects are loaded in the active screen after a screen change. Note Please note that the availability of the event is dependent upon the HMI device and object type. Note Enable a screen change to ensure that the connection with the control is established after switch-on. Execute (Basic Panels, Panels, RT Advanced) Description Occurs when the scheduled task has been executed. Selection changed (Basic Panels, Panels, RT Advanced) Description Occurs when the user changes the selection. Note Please note that the availability of the event is dependent upon the HMI device and object type. 5992 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting On exceeding (Basic Panels, Panels, RT Advanced) Description Occurs when the high limit of a tag is exceeded. Note Note that the availability of the event depends on the HMI device and object type. On falling below (Basic Panels, Panels, RT Advanced) Description Occurs when the low limit of a tag is undershot. Note Note that the availability of the event depends on the HMI device and object type. When dialog is opened (Basic Panels, Panels, RT Advanced) Description The event is triggered when a modal dialog opens. Note Please note that the availability of the event depends on the HMI device and object type. When dialog is closed (Basic Panels, Panels, RT Advanced) Description The event is triggered when a modal dialog closes. Note Please note that the availability of the event depends on the HMI device and object type. WinCC Advanced V14 System Manual, 10/2016 5993 Visualizing processes 12.8 Working with system functions and Runtime scripting User change (Basic Panels, Panels, RT Advanced) Description Occurs when a user logs off at an HMI device or another user logs on at the HMI device. Note Please note that the availability of the event is dependent upon the HMI device and object type. Screen change (Basic Panels, Panels, RT Advanced) Description Occurs when all configured display and operating objects are loaded in the screen after a screen change. Use the "Loaded" event if you want to perform other system functions during a screen change to a certain screen. Note Please note that the availability of the event is dependent upon the HMI device and object type. Deactivate (Basic Panels, Panels, RT Advanced) Description Occurs when the user takes the focus from a display and operating object. A screen object can be disabled using the configured tab order or by performing another action with the mouse. Note Please note that the availability of the event is dependent upon the HMI device and object type. Note System functions or user-defined functions on the "Deactivate" event of a screen are not executed when a screen is being closed. The "Deactivate" event is only used to detect whether an object was deselected. The event does not trigger a password prompt. For this reason, do not use the "Deactivate" event if you want to configure access protection on the function call of the object. 5994 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Double-click (Basic Panels, Panels, RT Advanced) Description Occurs when the user double-clicks on an object from the symbol library. Note Please note that the availability of the event is dependent upon the HMI device and object type. Press (Basic Panels, Panels, RT Advanced) Description Occurs when the user clicks on a button with the left mouse button, presses <RETURN> or <SPACE>. Also occurs when the user right-clicks on an object of the symbol library. Note Please note that the availability of the event is dependent upon the HMI device and object type. On Finish Input (Basic Panels, Panels, RT Advanced) Description Triggered when you confirm input at an I/O field by pressing ENTER, or by mouse click, or by touch screen operation. The "On Finish Input" event is also started if the value of a tag does not change, for example, if a value is exceeded, or if a user cancels the dialog to acknowledge a tag (Audit option package) that has to be acknowledged. The event is not triggered, on the other hand, by user logon or by input fields configured with an authorization. Note Note that the availability of the event depends on the HMI device and object type. WinCC Advanced V14 System Manual, 10/2016 5995 Visualizing processes 12.8 Working with system functions and Runtime scripting Press ESC twice (Basic Panels, Panels, RT Advanced) Description Occurs when the user presses the <ESC> key twice at the HMI device. Note Note that the availability of the event depends on the HMI device and object type. Outgoing (Basic Panels, Panels, RT Advanced) Description Occurs when an alarm is deactivated. Note Please note that the availability of the event depends on the HMI device and object type. Incoming (Basic Panels, Panels, RT Advanced) Description Occurs when an alarm is triggered and displayed in the alarm view. Note Please note that the availability of the event depends on the HMI device and object type. Click (Basic Panels, Panels, RT Advanced) Description Occurs if the user clicks a display and operating object with the mouse or touches the touch display with a finger. 5996 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting In case you click the incorrect object, prevent processing of configured function list as follows: Move the mouse pointer away from the object while keeping the mouse button pressed. Release the mouse button as soon as the mouse pointer leaves the object. The function list will then not be processed. On touch displays, the display must be touched with the finger until a reaction occurs, e.g., a screen change. Note Please note that the availability of the event is dependent upon the HMI device and object type. Click when flashing (Basic Panels, Panels, RT Advanced) Description Occurs when the user clicks a flashing alarm indicator with the mouse or touches it with a finger. Note Note that the availability of the event depends on the HMI device and object type. Loop-in alarm (Basic Panels, Panels, RT Advanced) Description Occurs as soon as the user selects an alarm in the alarm view and then clicks on the "LoopIn-Alarm" button or double clicks on the alarm. For the "Loop-In-Alarm" event, you configure system functions, such as a change to the screen in which the alarm occurred. You cannot configure local scripts for the "Loop-In-Alarm" event in Runtime Professional. Note Please note that the availability of the event is dependent upon the HMI device and object type. Release (Basic Panels, Panels, RT Advanced) Description Occurs when the user releases a button. WinCC Advanced V14 System Manual, 10/2016 5997 Visualizing processes 12.8 Working with system functions and Runtime scripting This even does not occur, as long as the button remains pressed. Note Please note that the availability of the event is dependent upon the HMI device and object type. Alarm buffer overflow (Basic Panels, Panels, RT Advanced) Description Occurs when the configured size of the alarm buffer is reached. Note Please note that the availability of the event is dependent upon the HMI device and object type. Acknowledge (Basic Panels, Panels, RT Advanced) Description Occurs when the user acknowledges an alarm. Note Please note that the availability of the event is dependent upon the HMI device and object type. Reach margin (Basic Panels, Panels, RT Advanced) Description Occurs when the user reaches the beginning or the end of a scrollable area. Note Note that the availability of the event depends on the HMI device and object type. Note A user-defined function must not be configured for the "Boundary reached" event. 5998 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Configurable objects The event can only be configured on the <Up> and <Down> keys, or on the keys on which you have configured the "ScreenObjectPageUp" or "ScreenObjectPageDown" system functions. Runtime Stop (Basic Panels, Panels, RT Advanced) Description Occurs when the user exits the Runtime software on the HMI device. Note Please note that the availability of the event is dependent upon the HMI device and object type. Note A user-defined function must not be configured for the "Runtime stop" event. Press key (Basic Panels, Panels, RT Advanced) Description Occurs when the user presses a function key. Note Please note that the availability of the event is dependent upon the HMI device and object type. Release key (Basic Panels, Panels, RT Advanced) Description Occurs when the user releases a function key. Note Note that the availability of the event depends on the HMI device and object type. WinCC Advanced V14 System Manual, 10/2016 5999 Visualizing processes 12.8 Working with system functions and Runtime scripting Overflow (Basic Panels, Panels, RT Advanced) Description Occurs when the configured size of the log is reached. You use the log type "Trigger event". Note Please note that the availability of the event is dependent upon the HMI device and object type. Switching (Basic Panels, Panels, RT Advanced) Description Occurs when the user toggles a display and operating object, e.g. a switch from "ON" to "OFF". Note Please note that the availability of the event is dependent upon the HMI device and object type. Switch OFF (Basic Panels, Panels, RT Advanced) Description Occurs when the user moves the display and operating object "Switch" to the OFF position. Note Note that the availability of the event depends on the HMI device and object type. Switch ON (Basic Panels, Panels, RT Advanced) Description Occurs when the user moves the display and operating object "Switch" to the ON position. Note Note that the availability of the event depends on the HMI device and object type. 6000 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.8 Working with system functions and Runtime scripting Low free storage space (Basic Panels, Panels, RT Advanced) Description This event is triggered if the storage space available on the medium to which the Audit Trail is less than the configured minimum. Free space critically low (Basic Panels, Panels, RT Advanced) Description This event is triggered if the storage medium to which an Audit Trail is saved provides insufficient storage space due to hardware restrictions. Value change (Basic Panels, Panels, RT Advanced) Description Occurs when the value of a tag or the value of an array element changes. The value change of a tag is triggered by the PLC or by the user, e.g. when a new value is entered. No event is output if a system function changes the value. Note Please note that the availability of the event depends on the HMI device and object type. Time expired (Basic Panels, Panels, RT Advanced) Description Occurs when the time configured in the scheduler expires. Note Please note that the availability of the event is dependent upon the HMI device and object type. WinCC Advanced V14 System Manual, 10/2016 6001 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.8.8.3 WinCC Advanced V14 - Programming reference WinCC VB-Scripting You can find a detailed description of VB-Scripting in the "WinCC Advanced V14 Programming reference" manual. 12.9 Mobile Panels (Panels, RT Advanced) 12.9.1 Basics (Panels, RT Advanced) 12.9.1.1 Field of application of the Mobile Panel Wireless (Panels, RT Advanced) Introduction The Mobile Panel Wireless enables you to move through the plant without restrictions and with or without security technology. You can operate and monitor moving machine parts or the entire plant depending on the situation. You can plan, configure, simulate and extend wireless networks quickly and reliably. The Mobile Panels Wireless are based on standardized WLAN technology and are specially tailored to the requirements of automation. WLAN area A WLAN area is the area of the plant in which the HMI device communicates with the PLC over a wireless local area network. The wireless coverage of the network has a sufficient signal strength in this area. The WLAN of a plant is formed by the radio area of one or more Access Points. Access Point The Access Point serves as a gateway between the wireless and hard-wired network. The HMI device communicates with an Access Point via WLAN. You can operate the different machines or plants without annoying cables. The HMI device is connected to a network in which it communicates with a PLC via the access point. Effective range Safety-related operator input is only possible in a limited part of a WLAN area upstream of a machine or plant known as the effective range. One exception to this rule is the emergency stop, which works in the entire WLAN area. 6002 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) The configured effective ranges are stored in the HMI device. The HMI device can only log on to a machine within the effective range. This also requires there no other HMI device is logged on in the same effective range. To ensure clear logon and machine operator inputs, one effective range must not overlap another effective range. Tags Effective ranges are formed by the spatial assignment of tags to a machine or plant. Tags create a geometrical space which is relevant for logon to a machine. After logon you operate the machine using acknowledgement buttons. A distinction is made between two types of tags: Transponder RFID tag Transponder After successful logon to a machine, the spanned geometrical area will be monitored. The distance between the HMI device and the transponder can only be measured if the two devices are in the reception range of each other. When you leave the effective range, safety-related operator input of the machine with acknowledgment buttons is prevented. Zones in the transponder system Zones are configurable objects within a transponder system. A zone is defined by the maximum distance from one or more transponders. In a hard-wired Mobile Panel, the length of the connection cable defines a zone around a connection box. Zones are operating areas in which safety-related operator input is not possible. To enter a zone, you have to configure a screen change to the correct process picture. RFID tag After successful logon to a machine, the spanned geometrical area is not monitored. Monitoring therefore calls for an additional organizational measure, for example: a light barrier or a protective fence. The protection area is separated from the plant by a security system. The protection area is the area in the plant in which you operate one or more machines in fail-safe operation. One or more RFID Tags are distributed within protection zones. The protection area is not a configurable object. WinCC Advanced V14 System Manual, 10/2016 6003 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.1.2 How does the transponder system work? (Panels, RT Advanced) Overview To give a basic understanding of all this, the following section describes the interaction between: HMI device Zone Effective range Transponder Note You should always assign administrator rights or set up encryption to protect the project containing a Mobile Panel Wireless for fail-safe operation against unauthorized access. 6004 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Principle of operation in the transponder system 1 Access Point 2 WLAN of the Access Point 3 PLC 4 Plant 5 Effective range "Robot 1" with a transponder 6 Effective range "Robot 2" with two transponders 7 Zone "Zone 1" with a transponder 8 Radio area of the HMI device 9 HMI device Example: A screen change is configured for "Zone 1". Transponder1 is assigned to the "Robot 2" effective range. The operator enters the radio cone of the transponder to receive the transponder ID. WinCC Advanced V14 System Manual, 10/2016 6005 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) To log onto the machine "Robot 2", the operator presses the object "Effective range - Name". The "Effective range - Logon" dialog box opens. The operator enters the effective range ID and confirms with "OK". The dialog is closed. If the logon was successful, then the acknowledgement buttons will be active. The HMI device measures the distance from the transponder which is less than the configured distance of the effective range. Result: The operator is logged onto the machine "Robot 2". The operating element "Effective range Name" is green and shows the name of the effective range "Robot 2". If the HMI device is logged onto the effective range, then the following will apply: The operator may not leave the effective range without logging off. If the operator leaves the effective range without logging off for more than 30 seconds, a local rampdown will occur. No other HMI device can log onto the machine. To log off from the machine, the operator presses the operating element "Effective range Name". A logoff dialog is displayed. The operator confirms the dialog. After successful logoff, another operator can log on to the machine "Robot2". When the operator enters "Zone 1", a screen change will take place. 12.9.1.3 How does the RFID system work? (Panels, RT Advanced) Overview RFID stands for radio frequency identification. RFID allows wireless identification of objects without contact or visual sighting. For a basic understanding, the following section describes the interaction between: HMI device Effective range (RFID) RFID tag Note RFID Tags in the plant area You may only affix RFID Tags in restricted plant areas that are protected by additional protective measures, for example, protective railings. 6006 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Principle of operation in the RFID system Access Point WLAN of the Access Point PLC RFID tag with effective range (RFID) for logon to "Robot 1" RFID tag with effective range (RFID) for logon to "Robot 2" Plant Protective area limit of the machine "Robot1" Protective area limit of the machine "Robot2" Radio area of the HMI device HMI device Example: "RFID Tag1" is assigned to the effective range (RFID) "Robot1". An operator enters the restricted plant area. The operator manually switches to the screen with the configured operating element "Effective range - Name (RFID)". WinCC Advanced V14 System Manual, 10/2016 6007 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) At "RFID Tag1", he presses the "Scan" button. During the logon operation, the button is yellow and displays the text "Scanning...". The "Effective range - Logon" dialog box opens. The operator enters the effective range (RFID) ID and confirms it with "OK". The dialog is closed. The "Confirmation of logon" dialog box opens. The operator confirms logon with the acknowledgment button. If logon was successful, the acknowledgement buttons are active. Result: The operator is logged on to the machine "Robot 1" and operates the machine within the protection area in fail-safe operation. The operating element "Effective range - Name (RFID)" is green and shows the name of the effective range (RFID) "Robot1". If the HMI device is logged on to the machine, the following applies: The user may not leave the protection area without logging off from the machine. If the operator leaves the protection area without logging off, a local rampdown occurs. No other HMI device can log on to this machine. To log off from the machine, the operator presses the operating element "Effective range Name (RFID)". A logoff dialog is displayed. The operator confirms the dialog. After successful logoff, another operator can log on to the machine "Robot 1". 12.9.1.4 Zones (Panels, RT Advanced) Introduction The section below applies to the following Mobile Panels: Mobile Panels Wireless, for example, Mobile Panel 277 IWLAN V2 and Mobile Panel 277F IWLAN V2 KTP Mobile Panels, wired, e.g., Mobile Panel KTP700 A "Zones" work area is only visible for these HMI devices. Note For more information refer to the operating instructions for the HMI device: Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) Open Depending on the HMI device selected, open the work area in the project window by doubleclicking on "Zones" or "Zones and effective ranges". 6008 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Work area For Mobile Panels Wireless, the "Zones" work area displays the zones that have been set up and the transponders assigned to them. For wired Mobile Panels, the "Zones" work area shows the zones that have been set up and the associated box ID of the connection box. Inspector window When a zone is selected, edit the name and display name under "General". For Mobile Panels Wireless, configure the limit of the zone around the transponder. The zone of a transponder has the events "Upon entry" and "Upon exit" With wired Mobile Panels enter the box ID of the connection box. The zone of a connection box includes the event "Connected". Configure the system function ActivateScreen" to the events. 12.9.1.5 Zones work area at transponders (Panels, RT Advanced) Introduction The "Zones" work area displays the zones and the transponders assigned to them in table format. You create a list of transponders and assign certain transponders to a zone. The limit of the zone is defined by the maximum distance from the transponders. Principle The work area consists of the "Zones" and "Transponders" tables. WinCC Advanced V14 System Manual, 10/2016 6009 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) If you select a zone in the "Zones" table, the "Transponder" table displays the following: Transponder enabled: The transponder is assigned to the selected zone. Transponder deactivated: The transponder is not yet assigned to any zone. Transponder not available: The transponder has already been assigned to another zone. To undo the assignment, switch to the relevant zone and deactivate the transponder. The zone and transponder IDs are initially assigned automatically. They can be changed, however. Please note the following: A maximum of 254 zones may be configured. The zone ID must be unique and fall within the range from 1 - 254. You can initially configure transponders without assigning them to a zone. There may be no more than 255 transponders assigned to a zone. The transponder ID must be unique and fall within the range from 1 - 65534. The transponder IDs are set on the transponder. 12.9.1.6 Zones work area on connection boxes (Panels, RT Advanced) Introduction The "Zones" work area displays the box IDs of the connection boxes and their zones in table format. You create a list of box IDs of the connection boxes and assign specific connection boxes to a zone. The limit of the zone is defined by the length of the connecting cable to your Mobile Panel. 6010 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Principle The work area consists of the "Zones" table. The box ID is set on the connection box and can be read out from the HMI device. 12.9.1.7 Effective ranges (Panels, RT Advanced) Introduction The following section applies only to the Mobile Panels Wireless that support fail-safe operation, e.g. Mobile Panel 277F IWLAN V2. The "Effective ranges" work area is only visible for these HMI devices. You set up effective ranges in order to control safety related operations. An effective range is defined by the maximum distance from one or more transponders. Note For more information refer to the operating instructions for the HMI device: Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) WinCC Advanced V14 System Manual, 10/2016 6011 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Open Open the work area in the project window by double-clicking on "Zones & effective ranges". Click the "Effective ranges" tab. Work area The "Effective ranges" work area displays the effective ranges that have been set up and the transponders assigned to them. Inspector window When an effective range is selected, you can edit the names, display names and the limits of the effective range under the "General" category. When you select a transponder, you can see both the effective range and the zone that are assigned to that transponder. You can only assign a transponder to one effective range so that the effective ranges do not overlap. 12.9.1.8 Effective ranges working area (Panels, RT Advanced) Introduction The "Effective ranges" work area displays the effective ranges and their transponders in table format. You create a list of transponders and assign certain transponders to an effective range. The limit of the effective range is defined by the maximum distance from the transponders. Principle The work area consists of the "Effective ranges" and "Transponders" tables. The HMI device calculates a checksum from the local data so that the configured effective ranges and transponders reliably match those locally on the machine. The project cannot be 6012 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) started on the HMI device unless the local checksum agrees with the checksum stored in the "Effective ranges" editor. When you select an effective range from the "Effective ranges" table, the "Transponder" table displays the following: Transponder enabled: The transponder is assigned to the selected effective range. Transponder deactivated: The transponder is not yet assigned to any effective range. Transponder not available: The transponder has already been assigned to another effective range. To undo the assignment, switch to the relevant effective range and deactivate the transponder. The zone assigned to the transponder is displayed in addition to the effective range. The effective range and transponder IDs are initially assigned automatically. They can be changed, however. Please note the following: A maximum of 127 effective ranges may be configured. The effective range ID must be unique and fall within the range from 1 - 127. The display name of an effective range must not be the same as its ID. You can initially configure transponders without assigning them to an effective range. There may be no more than 127 transponders assigned to an effective range. The transponder ID must be unique and fall within the range from 1 - 65534. The transponder IDs are set on the transponder. Effective range in Runtime To log on to the effective range in Runtime, only the display name of the effective range appears to the operator in the Runtime language. The operator reads the effective range ID in the plant and enters it on the HMI device. This ensures that the right machine operated. The acknowledgment buttons are activated after successful logon. 12.9.1.9 Effective ranges (RFID) (Panels, RT Advanced) Introduction The following section only applies to the Mobile Panel 277F IWLAN (RFID tag) which supports fail-safe operation with RFID. The "Effective ranges (RFID)" work area is only visible with these HMI devices. WinCC Advanced V14 System Manual, 10/2016 6013 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) To monitor safety-related operator inputs, you set up effective ranges (RFID). Note For more information, refer to the operating instructions of the HMI device: Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) Open Open the work area in the project window by double-clicking on "Effective ranges (RFID)". Work area The "Effective ranges (RFID)" work area displays the effective ranges that have been set up and the RFID Tags assigned to them. Inspector window When an effective range (RFID) is selected, you can edit the name, display name and ID of the effective range under the "General" category. 12.9.1.10 Work area for effective ranges (RFID) (Panels, RT Advanced) Introduction The "Effective ranges (RFID)" work area displays the effective ranges (RFID) and their RFID Tags in table format. You create a list of RFID Tags and assign specific RFID Tags to an effective range. 6014 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Principle The work area consists of the "Effective ranges (RFID)" and "RFID Tags" tables. The HMI device calculates a checksum from the local data so that the configured effective ranges (RFID) and RFID Tags reliably match those locally on the machine. The project cannot be started on the HMI device unless the local checksum agrees with the checksum stored in the "Effective ranges (RFID)" editor. When you select an effective range (RFID) in the "Effective ranges (RFID)" table, the "RFID Tags" table displays the following: RFID Tag enabled: The RFID Tag is assigned to the selected effective range (RFID). RFID Tag disabled: The RFID Tag is not yet assigned to any effective range (RFID). RFID Tag not available: The RFID Tag has already been assigned to another effective range (RFID). To undo the assignment, switch to the relevant effective range (RFID) and deactivate the RFID Tag. The IDs of the effective ranges (RFID) and RFID Tags are initially assigned automatically. They can be changed, however. Please note the following: A maximum of 127 effective ranges (RFID) may be configured. The effective range (RFID) ID must be unique and fall within the range from 1 - 127. The display name of an effective range (RFID) must not be the same as its ID. You can initially configure RFID Tags without assigning them to an effective range (RFID). A maximum of 127 RFID Tags is available to assign to an effective range (RFID). The RFID Tag ID must be unique and fall within the range 1-65534. The RFID Tag ID is written to the RFID Tag by the HMI device. WinCC Advanced V14 System Manual, 10/2016 6015 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Effective range in Runtime To log on to the effective range (RFID) in Runtime, only the display name of the effective range (RFID) is displayed to the operator in the Runtime language. The operator reads the effective range (RFID) ID in the plant and enters it on the HMI device. This ensures that the right machine operated. The acknowledgment buttons are activated after successful logon. 12.9.2 Configuring Mobile Panels V2 for fail-safe operation (up to V11 SP2) (Panels, RT Advanced) 12.9.2.1 Configuration overview (Panels, RT Advanced) Introduction Additional steps in the TIA Portal up to version V11 SP1 are necessary before configuration of the Mobile Panels V2 for fail-safe operation. This affects the following HMI devices: Mobile Panel 277F IWLAN V2 Mobile Panel 277F IWLAN (RFID Tag) Procedures overview 1. Creating PLC for fail-safe operation 2. Installing a general station description (GSD) 3. Creating a module from the GSD file 4. Creating a connection between a module from the GSD file and the PLC 5. Creating Mobile Panel V2 for fail-safe operation See also Creating Mobile Panel (Page 6022) Creating a module from the GSD file (Page 6018) Installing a general station description (GSD) (Page 6017) Creating PLC for fail-safe operation (Page 6017) Creating a connection between a module and the PLC (Page 6021) 6016 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.2.2 Creating PLC for fail-safe operation (Panels, RT Advanced) Requirement A project is open Procedure 1. Click "Add new device" in the project navigation. 2. Click "PLC" in the "Add new device" dialog. 3. Select a PLC for fail-safe operation, for example, CPU-315F-2PN/DP. The "Devices & Networks" editor opens. 4. Open the device view. 5. Select the device and click on "Device overview". 6. Select the device. 7. Click "Properties > PROFINET interface [X2] >Ethernet addresses > Interface connected with > Add new subnet" in the inspector window. 8. Enter the IP address under "IP protocol > Set IP address in the project". 9. Enter a time for "Properties > PROFINET interface [X2] > F parameter > Set default F monitoring time for F I/O of this interface". 10.Specify the properties for fail-safe operation in "Properties > Fail-safe" - "F-capability activated" - "Basis for PROFIsafe addresses" 11.Specify further properties for fail-safe operation as usual, for example, protection level. Result You have created a PLC in the project and made the settings for fail-safe operation. See also Configuration overview (Page 6016) 12.9.2.3 Installing a general station description (GSD) (Panels, RT Advanced) Introduction A GSD file (device master data file) contains all the IO device properties. The language used to describe the GSD files is GSDML (Generic Station Description Markup Language). Install a GSD file to expand the hardware catalog. WinCC Advanced V14 System Manual, 10/2016 6017 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Requirement The "Devices & Networks" editor is open. The "Network view" is open. The GSD file is available on your PC. The GSD file can be found online: GSD file of Mobile Panel V2 for fail-safe operation (http://support.automation.siemens.com/ WW/view/de/60497002) Procedure 1. Click "Options > Install general station description (GSD)". 2. In the "Install general station description" dialog, choose the directory in which the GSD files are located. 3. Select the GSD file from the list. 4. Click the "Install" button. 5. To create a log file for the installation, click on the "Save log file" button. Result You have installed the GSD file. You can find the new devices installed by means of the GSD files in the hardware catalog under "Additional field devices > PROFINET". Any problems that occur during the installation can be traced using the log file. See also Configuration overview (Page 6016) 12.9.2.4 Creating a module from the GSD file (Panels, RT Advanced) Requirements A PLC for fail-safe operation is created in the project e.g. CPU-315F-2PN/DP. The GSD file is installed. The "Network view" is opened in the "Devices & Networks" editor. Procedure 1. Open the hardware catalog. 2. Open the directory "Additional field devices > PROFINET-IO > HMI > Siemens AG > SIMATIC HMI > 277". 6018 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 3. Now open the folder of the Mobile Panel V2 for fail-safe operation whose device type you also have as hardware: - Mobile Panel 277F IWLAN V2 or - Mobile Panel 277F IWLAN V2 (RFID tag) 4. For Mobile Panel 277F IWLAN V2, select the module with the order number 6AV6645-0EC01-0AX1. WinCC Advanced V14 System Manual, 10/2016 6019 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 5. For Mobile Panel 277F IWLAN V2 (RFID tag), select the module with the order number 6AV6645-0EF01-0AX1. Note The order number of the module in the GSD file has to match the order number of the Mobile Panel V2 in the software. Figure 12-5 Left: Mobile Panel in the software. Right: Module in the GSD file 6. Drag-and-drop the desired module into the network view. 6020 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Result You have created a module from the GSD file in your project. See also PROFIsafe address (Page 6039) Configuration overview (Page 6016) 12.9.2.5 Creating a connection between a module and the PLC (Panels, RT Advanced) Requirements A PLC for fail-safe operation is created in the project e.g. CPU-315F-2PN/DP. The GSD file is installed. A module from the GSD file has been created. The "Devices & Networks" editor is open. Procedure 1. Open the "Network view". 2. Select the module and right-click on "Not assigned". The shortcut menu is opened. 3. Select "Assign new IO controller". A dialog opens. 4. Select the IO controller and confirm with OK. A connection is established. 5. Open the device view 6. Click on "Mobile277Failsafe_IO_1" in the device overview. 7. Specify the properties for fail-safe operation in the inspector window under "Properties > PROFIsafe": - "F-Source-Add" - "F-Dest-Add" 8. Click on the module in the device view. 9. Assign a name under "Properties > General > Name" in the inspector window. 10.Assign an IP address under "PROFINET interface [X1] > Ethernet addresses > IP protocol > Set IP address in the project". Result The module from the GSD file is connected to the PLC. The module adopts the settings made in the PLC for PROFIsafe and PROFINET. WinCC Advanced V14 System Manual, 10/2016 6021 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) See also Configuration overview (Page 6016) 12.9.2.6 Creating Mobile Panel (Panels, RT Advanced) Requirement The inspector window is open. A PLC for fail-safe operation is created in the project, for example, CPU-315F-2PN/DP. The GSD device is created in the project. Inserting Mobile Panel into the project. 1. Click "Add new device" in the project navigation. 2. Click on "HMI" in the "Add new device" dialog. 3. Select a Mobile Panel V2 for fail-safe operation, for example, Mobile Panel 277F IWLAN V2. The device is inserted into the project. Note Select the corresponding Mobile Panel for the module already installed from the GSD file. Defining properties 1. Open the "Devices and Networks" editor. 2. Open the "Device view". 3. Select the Mobile Panel in the work area. 4. Open "Properties > General" in the inspector window. 5. To facilitate assignment in the project, enter the name of the associated module under "Name" 6. Enter the same IP address as in the module under "Set IP address in the project". 7. Activate "Set IP address using a different method". Result Entering the same IP address as in the device enables error-free communication. Alternatively, you can set the IP address on the Mobile Panel after loading the project. See also Configuration overview (Page 6016) 6022 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.3 Configuring Mobile Panels V2 for fail-safe operation (from V12 SP1) (Panels, RT Advanced) 12.9.3.1 Configuration overview (Panels, RT Advanced) Introduction Configure fail-safe operation in the "Devices & Networks" editor of the TIA Portal, version V12 SP1 or later, for the following Mobile Panels V2: Mobile Panel 277F IWLAN V2 Mobile Panel 277F IWLAN (RFID Tag) To configure Mobile Panel V2 with device version V11, see "Configuring Mobile Panels V2 for fail-safe operation (up to V11 SP2) (Page 6016)". Procedures overview 1. Create a PLC for fail-safe operation. 2. Create a Mobile Panel V2 for fail-safe operation. 3. Create a connection between the Mobile Panel and PLC. See also Creating Mobile Panel (Page 6024) Creating PLC for fail-safe operation (Page 6023) Creating a connection between the Mobile Panel and PLC (Page 6025) 12.9.3.2 Creating PLC for fail-safe operation (Panels, RT Advanced) Requirement A project is open Procedure 1. Click "Add new device" in the project navigation. 2. Click on "Controller" in the "Add new device" dialog. 3. Select a PLC for fail-safe operation, for example CPU 315F-2 PN/DP. The "Devices & Networks" editor opens. 4. Select the device in the "Device overview". 5. Click "Properties > General > PROFINET interface [X2] >Ethernet addresses > Interface connected with > Add new subnet" in the inspector window. WinCC Advanced V14 System Manual, 10/2016 6023 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 6. Enter the IP address under "IP protocol > Set IP address in the project". 7. Enter a time for "Properties > PROFINET interface [X2] > F parameter > Default F monitoring time for F I/O of this interface". 8. Specify the properties for fail-safe operation in "Properties > Fail-safe": - "F-capability activated" - "Basis for PROFIsafe addresses" 9. Specify further properties for fail-safe operation as usual, for example, protection level. Result You have created a PLC in the project and made the settings for fail-safe operation. See also Configuration overview (Page 6023) 12.9.3.3 Creating Mobile Panel (Panels, RT Advanced) Requirement The Inspector window is open. A PLC for fail-safe operation is created in the project, for example, CPU-315F-2PN/DP. Inserting Mobile Panel into the project. 1. Click "Add new device" in the project navigation. 2. Click on "HMI" in the "Add new device" dialog. 3. Select a Mobile Panel V2 for fail-safe operation, for example, Mobile Panel 277F IWLAN V2. The device is inserted into the project. Defining properties 1. Open the "Devices and Networks" editor. 2. Select the Mobile Panel in the work area. 3. Open "Properties > General" in the inspector window. 4. To facilitate assignment in the project, enter the name of the associated module under "Name" 5. Enter the IP address under "Ethernet addresses > IP protocol > Set IP address in the project". 6024 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Result You have created a Mobile Panel for fail-safe operation in the project. See also Configuration overview (Page 6023) 12.9.3.4 Creating a connection between the Mobile Panel and PLC (Panels, RT Advanced) Requirements A PLC for fail-safe operation is created in the project e.g. CPU-315F-2PN/DP. A device has been created. The "Devices & Networks" editor is open. Procedure 1. Open the "Network view". 2. Select the Mobile Panel in the work area. 3. Select "Properties > General > Mode > IO device" in the inspector window. 4. Assign the fail-safe PLC under "Assigned IO controller". PROFINET is activated and the transfer areas of I-device communication are displayed. 5. Click "Connections" and select "HMI connection" for the connection type. The devices available for connection are highlighted in color. 6. Click on the PLC interface and drag-and-drop a connection to the interface of the HMI device. An HMI connection is created. 7. Select the Mobile Panel in the work area. 8. Configure the F parameters under "Properties > General > F parameters". To set a different F-monitoring time from that specified by the PLC, select "Manual assignment of F-monitoring time". Enter an F-monitoring time suitable for your HMI device and plant. Result The HMI device is connected to the PLC and you have made the settings for fail-safe operation. See also Configuration overview (Page 6023) WinCC Advanced V14 System Manual, 10/2016 6025 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.4 Configuring KTP Mobile Panels for fail-safe operation (Panels, RT Advanced) 12.9.4.1 Creating KTP Mobile Panel for fail-safe operation (Panels, RT Advanced) Introduction Configure fail-safe operation in the "Devices & Networks" editor for the following KTP Mobile Panels: KTP400F Mobile Panel KTP700F Mobile Panel KTP900F Mobile Panel Requirement The Inspector window is open. A PLC for fail-safe operation is created in the project, for example, CPU-1517F-2PN/DP. Inserting a mobile panel into the project 1. Click "Add new device" in the project navigation. 2. Click on "HMI" in the "Add new device" dialog. 3. Select a KTP Mobile Panel for fail-safe operation, for example, Mobile Panel KTP700F. The device is inserted into the project. Configuring fail-safe operation for the mobile panel 1. Open the network view in the "Devices & Networks" editor. 2. Select the Mobile Panel in the work area. 3. Select "Properties > General > Mode > IO device" in the inspector window. 4. Assign the fail-safe PLC under "Assigned IO controller". PROFINET is activated and the transfer areas of the I-device communication are displayed. 5. In the Inspector window, click "Activate PROFIsafe" under "Properties > General" > PROFIsafe". PROFIsafe is activated and the F-parameters are displayed under "Properties > General> PROFIsafe parameters > F-parameters". 6. To enter a new F-monitoring time, select "Manual assignment of F-monitoring time". 7. Enter an F-monitoring time suitable for your HMI device and plant. 6026 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Result The fail-safe operation of the KTP Mobile Panel is configured in WinCC. Now create the corresponding F-blocks in STEP 7 and interconnect them in the controller. The PROFIsafe address must be set on the Mobile Panel. You can find additional information on configuration and programming of fail-safe blocks in the manual "SIMATIC Safety - Configuration and Programming" of the STEP 7 documentation and in the device manual of your mobile panel. 12.9.4.2 Configuring the termination of the PROFIsafe connection (Panels, RT Advanced) Procedure Before you disconnect your Mobile Panel from a connection box, you have to terminate the connection to PROFIsafe. Use the "Disconnect PROFIsafe" system function to close the PROFIsafe connection. The system function forwards your call to the fail-safe PROFINET module. Requirements A mobile panel has been created for fail-safe operation, for example, KTP700F Mobile Panel. A screen has been created and opened. Procedure To configure the PROFIsafe the connection and disconnection, follow these steps: Configure the "Disconnect PROFIsafe" system function on a button, for example, or use it in a script. Result If you release the configured trigger for terminating the PROFIsafe connection in runtime, a dialog for ending the PROFIsafe connection opens. The user can select "Yes" or "No". 12.9.5 Working with zones on transponders (Panels, RT Advanced) 12.9.5.1 Configuring a zone in the transponder system (Panels, RT Advanced) Validity The next section applies to all Mobile Panels Wireless, e.g. Mobile Panel 277 IWLAN. WinCC Advanced V14 System Manual, 10/2016 6027 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Introduction You will have to set up a zone in order to carry out plant-specific operator control and monitoring tasks. Requirements A suitable editing language, e.g. English, must have been set in the "Project languages" editor. The "Zones" work area is open. Procedure 1. Double-click "Add..." in the "Zones" table. 2. Enter the "MixingPlant" zone in the "Name" field. 3. Enter "MixingSystem" as the "Display name" for the zone at runtime. Enter zone "1" in the "ID" field. 4. Enter "8" meters as the zone "Limit". 5. Double-click "Add..." in the "Transponders" table. 6. Enter "Transponder 1" as the "Name" of the transponder. 7. Enter transponder "1" in the "ID" field. Then set transponder IDs on the transponder. 8. Enable the assignment of "Transponder 1". "Transponder 1" is assigned to the "MixingPlant" zone. 9. Repeat steps 6 to -9 accordingly for "Transponder 2". "Transponder 2" is assigned to the "MixingPlant" zone. 6028 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Result The "MixingPlant" zone is configured as two conical areas arranged at a distance of 8 meters, regardless of the effective ranges: one area around "Transponder 1" and one around "Transponder 2". The display name designates the zone in the set editing language. An overview of the display names can be found in the "Project texts" editor. 12.9.5.2 Displaying the screen on entering a zone (Panels, RT Advanced) Introduction Configure a screen change when entering and leaving the zone. Requirements A Mobile Panel which supports zones has been created, for example, Mobile Panel 277 IWLAN. The "MixingPlant" zone is configured. The "Plant_1" screen has been created and opened. The "MixingPlant_1" screen has been created and opened. The "Zones" work area is open. Procedure 1. Select the "MixingPlant" zone from the "Zones" table. 2. Click "Properties> Events" in the Inspector window. 3. Click the event "On entry". WinCC Advanced V14 System Manual, 10/2016 6029 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 4. Select the "ActivateScreen" system function in the "function list". 5. Select "MixingPlant_1" as the "Screen name". 6. Click the event "On exit". 7. Select the "ActivateScreen" system function in the function list. 8. Select "Plant_1" as the "Screen name". Result The "MixingPlant_1" screen is displayed on the HMI device when you enter the "MixingPlant" zone. When you exit the zone, the "Plant_1" screen appears once more. 12.9.5.3 Displaying an object in relation to the zone (Panels, RT Advanced) Validity The following example is independent of the WLAN and applies to all Mobile Panels. Introduction You configure an I/O field that is only visible within a specific zone. Requirements A Mobile Panel which supports zones has been created, for example, Mobile Panel 277 IWLAN. The "Zone_id" variable of the "Int" data type has been created. A "Plant_1_Overview" screen has been created. Procedure 1. Open the "Runtime Settings > General" editor. 2. Select the "Zone_id" tag as the "ID Zone/ Effective range". 3. Open the screen "Plant_1_Overview". 4. Drag and drop the "I/O box" object from the toolbox into the screen. 5. Click "Properties > Animations" in the Inspector window. 6. Click "Layout > Visibility." 7. Select "Zone_id" as the "tag". 8. Select "from" 1 "to" 1 as the "Range". 9. Enable "Visible". 6030 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Result The IO field is only visible at runtime under the following conditions: The hard-wired Mobile Panel is connected to a connection box with ID = 1. The Mobile Panel Wireless is located in a zone with ID = 1, for example, the "MixingPlant" zone. 12.9.6 Working with zones on connection boxes (Panels, RT Advanced) 12.9.6.1 Configuring the zone of a connection box (Panels, RT Advanced) Validity The following section applies to all KTP Mobile Panels, for example, Mobile Panel KTP700. Introduction You will have to set up a zone in order to carry out plant-specific operator control and monitoring tasks. Requirements A suitable editing language, e.g. English, must have been set in the "Project languages" editor. The "Zones" work area is open. Procedure 1. Double-click "Add..." in the "Zones" table. 2. Enter the box ID of your connection box for "ID". 3. Enter the "MixingPlant" zone in the "Name" field. WinCC Advanced V14 System Manual, 10/2016 6031 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 4. Enter "MixingSystem" as the "Display name" for the zone at runtime. 5. Repeat these steps for all required connection boxes in the project. Result The "MixingPlant" zone is configured. The range of the zone is defined by the length of the connecting cable of the Mobile Panel. The display name designates the zone in the set editing language. An overview of the display names can be found in the "Project texts" editor. 12.9.6.2 Configuring a screen for connection to connection box (Panels, RT Advanced) Introduction You configure the screen that is displayed when a Mobile Panel is connected to a connection box. Requirements A Mobile Panel which supports zones has been created, for example, Mobile Panel KTP700. The "MixingPlant" zone is configured. The "Plant_1" screen has been created and opened. 6032 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) The "MixingPlant_1" screen has been created and opened. The "Zones" work area is open. Procedure 1. Select the "MixingPlant" zone from the "Zones" table. 2. Click "Properties> Events" in the Inspector window. 3. Click on the "Connected" event. 4. Select the "ActivateScreen" system function in the "function list". 5. Select "MixingPlant_1" as "Screen name". Result When you connect your Mobile Panel to the connection box of the "MixingPlant" zone, the "MixingPlant_1" screen appears on the display of the HMI device. 12.9.7 Working with effective ranges (transponders) (Panels, RT Advanced) 12.9.7.1 Overview (Panels, RT Advanced) Introduction The following configuration guide describes the steps needed to set up an effective range for fail-safe operation on a Mobile Panel Wireless. Procedures overview 1. Configuring the effective range: You configure the "MixingAxisControl" effective range as a conical area around "Transponder1 " at a distance of 5 meters. 2. Configuring the name of the effective range: To ensure logon to the effective range, configure the object "Effective range - Name". 3. Configuring additional effective range objects: Configure additional objects for displaying the position and signal strength within an effective range. 4. Set parameters for loading: - PROFIsafe communication - WLAN network - Power management - Interface WinCC Advanced V14 System Manual, 10/2016 6033 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 5. Configure the data channel 6. Configure network operation 7. Set the transponder 8. Commissioning effective ranges 9. Switching on and Testing the HMI device 10.Start loading manually 11.Acknowledging the effective range at the plant: You acknowledge the effective ranges and their transponders. 12.Determine the checksum 13.Load the project once again with checksum: Enter the checksum you have determined in the project and load the project once again. 14.Test effective range Note For detailed information on items 5 to 14, refer to the operating instructions of the HMI device. Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) 12.9.7.2 Configuring an effective range (transponder) (Panels, RT Advanced) Introduction You set up an effective range in order to control safety related operator input upstream of a machine or plant. Requirements A suitable editing language, e.g. English, must have been set in the "Project languages" editor. The "Zones & effective ranges" work area is open. The "Effective ranges" tab is open. Procedure 1. Double-click "Add..." in the "Effective Ranges" table. 2. Enter "MixingAxisControl" as the "Name" of the effective range. 3. Enter "Mixing_axis_PLC" as the "Display name" for the effective range at runtime. 4. Enter effective range "1" in the "ID" field. Make sure that the effective range ID matches the ID on the machine. 6034 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 5. Enter "5" meters as the "Limit" of the effective range. 6. Double-click "Add..." in the "Transponders" table. 7. Enter "Transponder 1" as the "Name" of the transponder. 8. Enter transponder "1" in the "ID" field. Then set transponder IDs on the transponder. 9. Enable the assignment of "Transponder 1". "Transponder 1" is assigned to the "MixingAxisControl" effective range. Result You configure the "MixingAxisControl" effective range as a conical area around "Transponder 1" at a distance of 5 meters, regardless of the zones. The display name designates the effective range in the set editing language. An overview of the display names can be found in the "Project texts" editor. 12.9.7.3 Configuring the effective range name (Panels, RT Advanced) Introduction Configure at least the "Effective range - Name" object so that an operator can log on and off a machine using an effective range. If you do not configure an effective range object for a Mobile Panel Wireless for fail-safe operation, a warning appears during generation. Requirements A screen has been created and opened. WinCC Advanced V14 System Manual, 10/2016 6035 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) Procedure 1. Select the "Effective range name" object from the "Elements" category in the toolbox. 2. Drag and drop the "Effective range - Name" object from the toolbox into the screen. Result If the operator clicks an object during runtime, he initiates logon or logoff of the HMI device to a machine that is assigned to an effective range. 12.9.7.4 Configuring additional Mobile Wireless objects (Panels, RT Advanced) Introduction Configure other objects such as the charge condition or WLAN reception in order to display further information about the effective range. Requirements A screen has been created and opened. The effective range name is configured in the screen. Procedure 1. Select the "Effective range - Signal" object from the "Elements" category in the toolbox. 2. Drag and drop the "Effective range - Signal" object from the toolbox into the screen. 3. Repeat steps 1 and 2 with the "WLAN - Reception" object. Result The "Effective range - Signal" object indicates how accurately the Mobile Panel Wireless is within an effective range. The "WLAN - Reception Quality" object displays the signal strength of the WLAN wireless connection. See also Effective range name (Page 5293) Effective range signal (Page 5297) WLAN reception (Page 5299) 6036 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.8 Working with effective ranges (RFID) (Panels, RT Advanced) 12.9.8.1 Overview (Panels, RT Advanced) Validity The next section applies only to Mobile Panels Wireless with RFID, for example, Mobile Panel 277F IWLAN (RFID Tag). Introduction The following configuration guide describes the steps required to set up an effective range (RFID) for fail-safe operation on a Mobile Panel Wireless with RFID. Procedures overview 1. Configure effective range (RFID): You configure the effective range (RFID) "MixingAxisControl". 2. Configuring the name of the effective range (RFID): To ensure logon to the effective range, configure the object "Effective range - Name (RFID)". 3. Set parameters for loading 4. Configure the data channel 5. Configure network operation 6. Install RFID Tag in the plant 7. Turn on the HMI device and enable loading mode 8. Loading a project 9. Write the suitable IDs to the RFID Tags in the plant 10.Determine the checksum 11.Load the project once again with checksum: Enter the checksum you have determined in the project and load the project once again. 12.Test effective range (RFID) Note For detailed information on items 4 to 12, refer to the operating instructions of the HMI device. Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) WinCC Advanced V14 System Manual, 10/2016 6037 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) 12.9.8.2 Configuring effective range (RFID) (Panels, RT Advanced) Introduction You set up an effective range (RFID) to control safety-related operator input upstream of a machine or plant. Requirements A suitable editing language, e.g. English, must have been set in the "Project languages" editor. The "Effective ranges (RFID)" work area is open. Procedure 1. Double-click "Add..." in the "Effective Ranges (RFID)" table. 2. Enter "MixingAxisControl" as the "Name" of the effective range (RFID). 3. Enter "MixingAxisControl" in the "Display name" field of the effective range (RFID). 4. Enter "1" in the "ID" field of the effective range (RFID). Make sure that the effective range (RFID)-ID matches the ID on the machine. 5. Double-click "Add..." in the "RFID Tag table. 6. Enter "RFID Tag 1" as the "Name" of the RFID Tag. 7. Enter "1" as the "ID" of the RFID Tag. Then set the RFID Tag-ID for the RFID Tag. 8. Enable the assignment of "RFID Tag 1". "RFID Tag 1" is assigned to the effective range (RFID) "MixingAxisControl". Result The effective range (RFID) "MixingAxisControl" is configured. 6038 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) The display name describes the effective range (RFID) in the set editing language. An overview of the display names can be found in the "Project texts" editor. 12.9.8.3 Configuring the effective range name (RFID) (Panels, RT Advanced) Introduction Configure the "Effective range - Name" object so that an operator can log on and off a machine using an effective range (RFID). If you do not configure the "Effective range-Name" object for a Mobile Panel Wireless RFID with (RFID), a warning will appear during generation. Requirements A screen has been created and opened. Procedure 1. Select the "Effective range - Name (RFID)" object from "<Elements" in the toolbox. 2. Drag and drop the "Effective range - Name (RFID)" object from the toolbox into the screen. Result If the operator clicks an object during runtime, he will initiate logon or logoff of the HMI device to a machine which has been assigned to an effective range (RFID). 12.9.9 Reference (Panels, RT Advanced) 12.9.9.1 PROFIsafe address (Panels, RT Advanced) Validity The PROFIsafe address is available for Mobile Panels Wireless and KTP F-devices. Note Additional information on fail-safe operation can be found in the operating instructions for the HMI device: Complete documentation for Mobile Wireless (http://support.automation.siemens.com/WW/ view/en/26268960) WinCC Advanced V14 System Manual, 10/2016 6039 Visualizing processes 12.9 Mobile Panels (Panels, RT Advanced) PROFIsafe address The PROFIsafe address used for fail-safe I/Os in PROFIsafe communication is unique on the entire network and on all stations. On the Mobile Panel Wireless, you create a default value in the project and load it to the HMI device. You can also store a PROFIsafe address on the HMI device. The PROFIsafe address fall within the range from 1 to 65534. The two PROFIsafe addresses (in the Engineering System and on the HMI device) are checked for formal validity. The PROFIsafe address is loaded as follows at the start of Runtime: You programmed a valid PROFIsafe address in the Control Panel. The HMI loads the PROFIsafe address set in the Control Panel. 12.9.9.2 Power Management (Panels, RT Advanced) Validity In the "Runtime Settings > Power Management" editor, configure the energy-saving mode of a Mobile Panel. Power Management The Mobile Panel Wireless can save energy in the following ways: Reduce brightness - minimal saving Switch off display - significant saving You can also indicate after how long without operator input the power management function is enabled. The communication link is maintained. The time for "Switch monitor off" is longer than the time for "Reduce brightness". 12.9.9.3 Zone ID / connection point ID (Panels, RT Advanced) Validity In the "Runtime Settings > General" configure an internal tag which, depending on the value, shows specific information on the display of the HMI device. Note Mobile Panels Wireless with RFID For Mobile Panels Wireless with RFID, the area "Zone ID / Connection point ID" is not available. 6040 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Zone ID / connection point ID This field is used to configure an internal tag that contains the following value at runtime in relation to the type of HMI device: The ID of the connection box or effective range to which the hard-wired Mobile Panel is connected. The ID of the zone in which the Mobile Panel Wireless is located. If the value is set to 255, then the HMI device is not in any zone. 12.10 Planning tasks 12.10.1 Basics 12.10.1.1 Field of application of the Scheduler Definition You can use the Scheduler to configure tasks to run independent of the screen in the background. You create tasks by linking system functions or scripts to a trigger. The linked functions will be called when the triggering event occurs. Example of an application The Scheduler is used to execute event-controlled tasks automatically. For example, you use a task to automate the following: Regular swap out of log data Printout of an alarm report when an alarm buffer overflow occurs Printout of a report at shift end Monitoring a tag Monitoring of a user change Note The availability of the listed examples is determined by the HMI device. See also Work area of the "Scheduler" editor (Page 6042) WinCC Advanced V14 System Manual, 10/2016 6041 Visualizing processes 12.10 Planning tasks 12.10.1.2 Working with tasks and triggers Introduction A task consists of a trigger and a task type. Starting a task Controlled by a trigger, the Scheduler starts the task linked to the trigger. 12.10.1.3 Work area of the "Scheduler" editor Introduction Double-click on "Scheduler" to open it in the project view. The work area shows the scheduled tasks, which consist of the trigger and the task type, for example, the function list. 6042 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Structure The work area consists of the table of jobs. The table of tasks shows specified tasks with their properties, such as triggers. You select a task type and a trigger. You assign a name and a comment to the task. The description provides a written summary of the task including the timing for the task. Inspector window The "Properties" tab of the Inspector window is split into two parts. The "Job" area lists the name of the job and the job type. The "Starting time" area shows the trigger. The area is different depending on the trigger selected. In the "Events" tab use the function list with system functions that will be executed in the task. Note You can obtain more detailed information about the elements of the user interface using the tooltips. To do so, move the mouse pointer to the relevant object or press <F1> if the object has already been selected. See also Field of application of the Scheduler (Page 6041) Triggers (Page 6044) WinCC Advanced V14 System Manual, 10/2016 6043 Visualizing processes 12.10 Planning tasks 12.10.1.4 Triggers (Basic Panels) Introduction A trigger is linked to a task and forms the triggering event which will call this task. The task is executed when the trigger occurs. Event trigger When a task is linked to a system event, the task will be triggered by the event. System events include, for example, Runtime stop, screen change, user change, etc. Each system event can only be configured once for each HMI device. Deactivating job If you do not need a certain job temporarily, deactivate the job in the Engineering System. You also use the trigger "Deactivated" to make a previously configured system event available once again. Example: Task "A" is planned with the system event "Shutdown". This system event is then no longer available for another task "B". Select "Disabled" as the trigger for task "A" to make the "Runtime stop" system event available again. Note The available triggers depend on the HMI device. See also Work area of the "Scheduler" editor (Page 6042) 12.10.1.5 Triggers (Panels, RT Advanced, RT Professional) Introduction A trigger is linked to a task and forms the triggering event which will call this task. The task is executed when the trigger occurs. Types of triggers The Scheduler recognizes different types of triggers: Acyclic triggers They consist of a specification for the date and time of day. Tasks with an acyclic trigger are performed once by the Scheduler on the specified date and at the specified time. 6044 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Cyclic triggers Tasks linked to a cyclic trigger occur regularly at a specific point in time. Standard cycle: With a standard cycle, the beginning of the first interval coincides with the start of Runtime. The length of the interval is determined by the cycle. Trigger with defined starting time: You specify a start time and a time interval. You can use cyclic triggers to perform tasks on a daily or weekly basis, for example. For example, you can select a "Weekly" trigger to specify a week as the interval. You specify the beginning of the interval with the day of the week and the time of day. Note User-defined cycles You have defined your own cycles. You can only use cycles in the Scheduler whose maximum value amounts to one hour. Event trigger When a task is linked to a system event, the task will be triggered by the event. In contrast to cyclic triggers, system events usually occur acyclically. A Runtime stop is a system event, for example. Each system event can only be configured once for each HMI device. Deactivating job If you do not need a certain job temporarily, deactivate the job in the Engineering System. You also use the trigger "Deactivated" to make a previously configured system event available once again. Example: Task "A" is planned with the "User change" system event. This system event is then no longer available for another task "B". Select "Disabled" as the trigger for task "A" to make the "User change" system event available again. Note The available triggers depend on the HMI device. WinCC Advanced V14 System Manual, 10/2016 6045 Visualizing processes 12.10 Planning tasks 12.10.1.6 Timers for cyclic triggers (Panels, RT Advanced) Timers for cyclic and acyclic triggers You have the option to change the start time of a task dynamically in Runtime. You can select an HMI variable as the timer. The value of the tag determines the start time for the task during Runtime. Note An HMI tag must be of the type "DateTime". A PLC tag must be of the type "Date and Time" or "DTL". As long as the operator does not change the tag after Runtime starts, the start time configured in the task is valid. As soon as the operator enters a change to the tag, the current value of the tag is always the start time. To reset the configured time as the start time, the operator has to enter the configured time again. 12.10.1.7 Function list (Basic Panels) Function list A trigger starts the function list. The function list is executed line by line. Each line contains a system function. You can configure exactly one function list for each task. Note The choice of configurable system functions in a function list depends on the selected trigger and the HMI device. 12.10.1.8 Function list (Panels, RT Advanced, RT Professional) Function list A trigger starts the function list. The function list is executed line by line. Each line contains a system function or a local script. You can configure exactly one function list for each task. Note The choice of configurable system functions in a function list depends on the selected trigger and the HMI device. Processing of system functions and scripts System functions and scripts in a function list are processed in Runtime sequentially from top to bottom. 6046 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks AUTOHOTSPOT Use a script with loops, conditional statements and abort conditions to program non-sequential and conditional procedures. 12.10.2 Planning jobs 12.10.2.1 Planning tasks with acyclic triggers (Panels, RT Advanced, RT Professional) Introduction You are planning a one-time Runtime stop for maintenance work. The task starts a function which requires Runtime to stop. Requirements The "Scheduler" editor is open. The Inspector window is open. Procedure 1. Click "Add..." in the table of the task area. 2. Enter "Maintenance at end of year" as the "Name." 3. Select "Once" as the "Trigger." 4. Select "31.12.2008" in the "Properties > Properties > General > on" field of the Inspector window. 5. Enter the time "18:00" in the "at" field. 6. Click "Properties > Events" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 6047 Visualizing processes 12.10 Planning tasks 7. Select the "StopRuntime" system function in the function list. 8. Select "Runtime" as the "Mode". Result The task is executed once. Runtime will be stopped at 18:00 on December 31, 2008. Note "StopRuntime" event on RT Professional Please note that the "StopRuntime" event means runtime is in the process of ending and that some functionalities are therefore no longer available. 12.10.2.2 Planning tasks with cyclic triggers Introduction You plan a job that provides a weekly printout of a report. Requirements A "Weekly report" report has been created. The "Scheduler" editor is open. The Inspector window is open. 6048 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Procedure 1. Click "Add..." in the table of the task area. 2. Enter "Weekly report printout for end of shift" as the "Name." 3. Select "Weekly" as the "Event". 4. Open the "Properties" tab in the Inspector window. 5. Select "Friday" in the "on day" field of the "Starting point" area. 6. Enter the time "18:00" in the "at" field in the "Starting point" area. 7. Click in the "Events" tab of the "Function list" on the entry "No function." 8. Select "Print/PrintReport" as the function. 9. Select "Weekly report" report. Result The task is executed weekly. The report "Weekly report" will be printed every Friday at 18:00 hours. 12.10.2.3 Planning tasks with event triggers (Basic Panels, Panels, RT Advanced) Introduction You plan a task that generates a screen change when the user changes. Requirements The "Scheduler" work area is open. You have created the "Start" screen. Procedure 1. Click "Add..." in the table of the task area. 2. Enter "Screen change at user change" as the "Name." 3. Select "User change" as the "Trigger." 4. In the Inspector window, select "Properties > Events". WinCC Advanced V14 System Manual, 10/2016 6049 Visualizing processes 12.10 Planning tasks 5. Select the "Screen/ActivateScreen" system function in the function list. 6. Select the "Start" screen in the screen name field. Result The task is executed with the "User change" event. When a new user logs on successfully, the "Start" screen is called up. 12.10.2.4 Administer task Changing the designation 1. In the work area, double-click the field in the "Name" column. 2. Change the name of the task. 3. Confirm your entry with <Return>. As an alternative, you can change the designation in the "Job > Name" box of the Inspector window. 6050 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Changing triggers 1. In the work area, mark the field in the "Trigger" column. 2. Open the drop-down list using the button and select the trigger you require. You can alternatively change the trigger in the "Starting time" area of the Inspector window. Deleting a task 1. Select one or more lines for the tasks to be deleted. 2. Open the shortcut menu with the right button and select the menu command "Delete". As an alternative, delete one or more tasks by using the <Del> button. 12.10.3 Examples 12.10.3.1 Example: Update user following change of user (Basic Panels, Panels, RT Advanced) Task Configure an I/O field which displays the logged on user. Configure a task which updates the I/O field when the logged on user changes. Requirements A "CurrentUser" tag of the "String" type is created. A screen has been created and opened. An I/O field is created in the screen. Procedure 1. Click on the "I/O field" object. 2. In the Inspector window, select "Properties > Properties > General": - Select "String" as the "Display format." - Select "CurrentUser" as the "Variable." - Select "Output" as the mode. 3. Change to the work area of the Scheduler. 4. Click "Add..." in the table of the task area. 5. Enter "CurrentUser" as the "Name". 6. Select "User change" as the "Trigger." 7. In the Inspector window, select "Properties > Events". WinCC Advanced V14 System Manual, 10/2016 6051 Visualizing processes 12.10 Planning tasks 8. Select the system function "ReadUserName" from the "User Management" group in the function list. 9. Select "CurrentUser" as the "Variable." Result When a new user logs on successfully, the "ReadUserName" function is called up. The "CurrentUser" tag is updated and displayed in the I/O field of the newly logged on user. If a user does not log on successfully, the logged on user is logged off. The I/O field continues to display the user previously logged on until a new user logs on successfully. 12.10.3.2 Example: Terminating Runtime every day Task You plan a job that terminates Runtime every day at the end of work. Requirements The "Scheduler" work area is open. Procedure 1. Click "Add..." in the table of the task area. 2. Enter "Runtime stop at end of work" as the "Name." 6052 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks 3. Select "Daily" as the "Event." 4. Open the "Properties" tab in the Inspector window. 5. Enter the time "21:00" in the "at" field in the "Starting point" area. 6. Open the "Events" tab in the Inspector window. 7. Click the "No function" entry in the "Function list". 8. Select "System functions/System/StopRuntime" as the function. Result Runtime is terminated every day at 21:00. 12.10.3.3 Example: Changing the starting point of a task in Runtime (Panels, RT Advanced) Introduction A cyclic trigger, for example "Starting daily at 18:00," is configured in the Engineering System. The time "18:00" is fixed as a constant. To change the start time in Runtime, select a tag as the "Timer." The value of the tag determines the start time of the task during Runtime. Task You plan a task that swaps out log data daily and has the "LogTime" tag as the timer. You configure a "LogTime" tag in an input field. Requirements The "DataLogSource" source log has been created as a data log. The "DataLogDestination" destination log has been created as a data log. A "ChangeLogTime" screen has been created. Procedures overview 1. Creating a timer tag: You create a tag with which you change the starting point of the log data swap in Runtime. 2. Configuring a Date/time field: The operator changes the starting point of the task by using the Date/Time field in Runtime. 3. Configure the task with a timer tag: You create a task whose start time can be changed dynamically in Runtime. WinCC Advanced V14 System Manual, 10/2016 6053 Visualizing processes 12.10 Planning tasks Result If nothing is entered in the "LogDataTimeField" input field, then the task starts daily at 18:00 by default. The log data are swapped out. If an operator enters 19:00 in the "LogDataTimeField" input field, then the log data are swapped out at 19:00. Provided the value of the tag is not changed again before the task starts. See also Example: 2. Configuring a Date/time field (Page 6054) 12.10.3.4 Example: 1. Configuring a tag for Runtime (Panels, RT Advanced) Task In the following example you configure the "LogTime" variable. Procedure 1. Open the "HMI tags" editor. 2. Click "Add..." in the table of the task area. 3. Enter "LogTime" as the "Name" of the variable. 4. Select "Internal variable" in the "Connection" column. 5. Select "DateTime" in the "Date type" column. Result A variable of the "DateTime" type has been created. 12.10.3.5 Example: 2. Configuring a Date/time field (Panels, RT Advanced) Task In the following example you configure a Date/time field. To change the starting point of the task in Runtime, link the "LogTime" variable to the Date/time field. Requirements The "LogTime" variable of the "DateTime" type has been created. The "ChangeLogTime" screen is open. 6054 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.10 Planning tasks Procedure 1. In the toolbox view, drag-and-drop a "Date/time field" from the "Basic objects" category to the screen. 2. In the Inspector window, click "Properties >Properties > General". 3. Disable the "System time." 4. Click "Variable" and select "LogTime." 5. Disable "Display date" and enable "Display time." 6. Select "Input/output" as the "Mode." 7. Click "Properties > Miscellaneous." 8. Enter "LogDataTimeField" as the "Name". Result The operator enters a time using the created date/time field. See also Example: Changing the starting point of a task in Runtime (Page 6053) 12.10.3.6 Example: 3. Configuring a swap to archive with a timer variable (Panels, RT Advanced) Task In the following example you configure a task with a timer tag with which you change the starting point of the task in Runtime. Requirements The "LogTime" tag has been created. The "DataLogSource" source log has been created as a data log. The "DataLogDestination" destination log has been created as a data log. The Scheduler work area is open. Procedure 1. Click "Add..." in the table of the task area. 2. Enter "Swap out log daily at a tag time" as the "Name". 3. Select "Daily" as the "Trigger". 4. In the Inspector window "Properties >Properties > General > at" enter the time "18:00". 5. Select the "LogTime" tag as the "Standard timer". 6. In the Inspector window, open "Properties > Events". WinCC Advanced V14 System Manual, 10/2016 6055 Visualizing processes 12.10 Planning tasks 7. Select the "System functions/Logs/CopyLog" system function in the function list. 8. Select these settings: - Select "Data log" as the "Log type". - Select "DataLogDestination" as the "Destination log". - Select "DataLogSource" as the "Source log". - Select "Overwrite" as the "Mode". - Select "Yes" for "Delete source log". Result If nothing is entered in the "LogDataTimeField" input field, then the task starts daily at 18:00 by default. The log data are swapped out. If an operator enters 19:00 in the "LogDataTimeField" input field, then the log data are swapped out at 19:00. Provided the value of the tag is not changed again before the task starts. 6056 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 12.11 Using diagnostics functions 12.11.1 Configuring system diagnostics 12.11.1.1 Basic Panel basics (Basic Panels) System diagnostics basics (Basic Panels) Introduction Using system diagnostics, you can display the messages from the diagnostic buffer of all integrated connections. System diagnostics view The system diagnostics display is an operating and display object that you use in a screen. You navigate directly to the cause of the error and the associated connection. You have access to all integrated connections that you have configured in the "Devices & networks" editor. System diagnostics views (Basic Panels) Introduction Three different views are available in the simple system diagnostic view. Device view Diagnostic buffer view Detail view Device view The device view is only displayed if more than one integrated connection has been configured. The device view shows all available connections in a table. Double-clicking a connection opens the diagnostic buffer view. WinCC Advanced V14 System Manual, 10/2016 6057 Visualizing processes 12.11 Using diagnostics functions Diagnostic buffer view The diagnostic buffer view shows the current data from the diagnostic buffer. To update the diagnostic buffer view, you click 6058 . WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Detail view The detail view gives detailed information about the selected connection and any pending errors. Check whether the data is correct in the detail view. Note Contents of the detail view The contents of the detail view are only available for integrated connections with S7-1200 and S7-1500 PLCs. Navigation buttons Button Key Function Enter key In the device view: Opens the diagnostic buffer view of the selected de vice. In the diagnostic buffer view: Opens the detail view. Esc key In the diagnostic buffer view: Opens the device view. In the detail view: Opens the diagnostic buffer view. Configured function key, e.g. F1. WinCC Advanced V14 System Manual, 10/2016 Updates the diagnostic buffer view. 6059 Visualizing processes 12.11 Using diagnostics functions 12.11.1.2 Basics on Panels and Runtime Advanced System diagnostics basics (Panels, RT Advanced) Introduction You use system diagnostics to detect problems and errors in any part of your plant. WinCC has two display and operating elements for quick error localization. For the controller to be able to transfer error messages to the system diagnostics view or the system diagnostics window, you must activate the system diagnostics in the settings for some controllers. During communication with the SIMATIC S7-1500 and SIMATIC S7-1200 PLCs, system diagnostics is automatically activated. The option "System diagnostics" is automatically activated for the respective HMI connection on the HMI device under "Runtime settings > Alarms > Controller alarms". System diagnostics view The alarm view shows the status of a PLC while the system diagnostics view gives you an overview of all devices available in your plant: You navigate directly to the cause of the error and to the relevant device. You have access to all diagnostics-capable devices which you have configured in the "Devices & networks" editor. System diagnostics window The system diagnostics window is an operating and display element that you can only use in the global screen. The functions of the system diagnostics window are no different than those of the system diagnostics view. Because the system diagnostics window is configured in the global screen, you can, for example, also specify if the object is closable in Runtime. Note System diagnostics on Basic Panels The "System diagnostics window" object is not available on Basic Panels. See also System diagnostics views (Page 6061) Enabling system diagnostics in the PLC (Page 6064) 6060 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions System diagnostics views (Panels, RT Advanced, RT Professional) Introduction There are four different views available in the system diagnostics view and the system diagnostics window. Device view Diagnostic buffer view Detail view Matrix view (for master systems, PROFIBUS, PROFINET only) Device view The device view shows all the available devices of a layer in a table. Double-clicking on a device opens either the child devices or the detail view. Symbols in the first column provide information about the current status of the device. Diagnostic buffer view In the diagnostic buffer view, the current data from the diagnostic buffer of the device is displayed. The diagnostic buffer view can only be called up in the device view. To update the diagnostic buffer view, you click WinCC Advanced V14 System Manual, 10/2016 . 6061 Visualizing processes 12.11 Using diagnostics functions Detail view The detail view gives detailed information about the selected device and the pending errors. Check whether the data is correct in the detail view. You cannot sort error texts in the detail view. 6062 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Note Contents of the detail view The contents of the detail view are only available for integrated connections with S7-1200 and S7-1500 PLCs. Distributed I/O view The distributed I/O view is available for master systems and IO systems. In this view, you can see the status of the subdevices of the system. Each element in the view shows the device name, the device type and the IP address or the PROFIBUS address. In the case of a fault, the affected element is visually highlighted: Red border indicates a fault in a lower-level element Red background indicates a fault in the element itself, for example, the device is not available. Navigation buttons Button WinCC Advanced V14 System Manual, 10/2016 Key Function Enter key Opens the child devices or the detail view if there are no child devices. Esc key Opens the parent device or the device view if there is no parent device. 6063 Visualizing processes 12.11 Using diagnostics functions Button Key Function Home key Opens the device view. Configured function key, e.g. F1. Opens the diagnostic buffer view. Only visible in the device view. Configured function key, e.g. F2. Updates the diagnostic buffer view. Note Navigation in the matrix view of Comfort Panels with function keys The Shift key is additionally used to select PNIO or PROFIBUS slaves in the matrix view. Language switching in runtime Switch over the language in runtime before you open the details view. If you switch over the runtime language while the details view is opened, you change back to the diagnostic buffer view. Open the details view again. The selected runtime language is now displayed correctly. See also System diagnostics basics (Page 6060) 12.11.1.3 Configuring system diagnostics objects Enabling system diagnostics in the PLC (RT Professional) Introduction During communication with the SIMATIC S7-1500 and SIMATIC S7-1200 PLCs, system diagnostics is automatically activated. For other PLCs, the following settings must be implemented in the PLC to enable the PLC to transfer error messages to the system diagnostics view. Requirements A PLC such as SIMATIC S7-300/400 or ET 200 has been created. The "Devices & Networks" editor is open in the "Device view". 6064 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Procedure 1. Select the PLC in the selection list. 2. Click on the PLC and select "Properties" in the shortcut menu. The properties of the PLC are displayed in the Inspector window. 3. Select "Properties > General > System diagnostics" in the Inspector window. 4. Enable "Activate system diagnostics for this CPU". 5. Select the PLC and then "Compile > Hardware configuration" in the shortcut menu. Note Special feature system diagnostic alarms SIMATIC S7-300/400 When you deactivate the display class 0 for the respective HMI connection under "Runtime settings > Alarms > Controller alarms > Display classes", the system diagnostic alarms are not transferred to the HMI device by the controller even when the "System diagnostics" option is activated in the controller and on the HMI device. Result The settings will be effective following the next compilation. The PLC can now transfer error messages to the system diagnostics display. See also System diagnostics basics (Page 6060) Adding a system diagnostics indicator (Panels, RT Advanced, RT Professional) Introduction The system diagnostics indicator is a predefined graphic symbol of the library which alerts you to errors in your system. If an error occurs, the appearance of the object changes. The library object can display two states: - No error - Error Requirement The "Libraries" task card is opened. The global library "Buttons and Switches > Master copies > DiagnosticsButtons" is open. A screen is open. A system diagnostics window has been created in the global screen. WinCC Advanced V14 System Manual, 10/2016 6065 Visualizing processes 12.11 Using diagnostics functions Procedure 1. Select the "DiagnosticsIndicator" object in the library. Note System diagnostics indicator for different device types When selecting the object ensure that you use the correct object for the device type used in the project. 2. Drag-and-drop the library object to the position in the work area where you want to insert the object. The library object is inserted. 3. Select the library object. 4. Click "Properties > Events" in the Inspector window. The system function "ShowSystemDiagnosticsWindow" is preset for the event "Click". 6066 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Result The status diagnostics indicator has been added to the project and connected with the system diagnostics window. The system diagnostics indicator changes its appearance if an error message is output in Runtime. The system diagnostics window opens when you click on the system diagnostics indicator. The system diagnostics window shows the detail view of the affected device. Configuring access protection for the system diagnostics window Configure access protection for the system diagnostics indicator to prevent unauthorized access to the system diagnostics window. 1. Select the "DiagnosticsIndicator" object in the screen. 2. Select an authorization in "Properties > Properties > Security in Runtime" in the Inspector window. A logon dialog opens when you click on the system diagnostics indicator in Runtime. The system diagnostics window does not open unless you have the required authorization. Configuring a system diagnostics window in the global screen (Panels, RT Advanced) Introduction The system diagnostics window gives you an overview of all devices available in your plant. The system diagnostics window operates like the system diagnostics view, but it is only available in the global screen. Requirements At least one PLC has been created. The option "Activate system diagnostics for this CPU" is activated on each PLC. A Comfort Panel or WinCC RT Advanced has been created. The global screen is open. The Inspector window is open. Procedure 1. Double-click the "System diagnostics window" object in the "Tools" task card. The object is added to the global screen. 2. Select "Properties > Properties > Columns > Devices/Detail view" in the Inspector window. 3. Enable the columns that you require in the device view for Runtime, for example: status, name, address. 4. Enable the properties which you require in the detail view for Runtime, for example: status, name, plant designation. WinCC Advanced V14 System Manual, 10/2016 6067 Visualizing processes 12.11 Using diagnostics functions 5. Activate the columns that you require in the diagnostic buffer view, for example, status, name. 6. Customize the column headers, if necessary. 7. Enable "Properties >Properties > Layout > Column settings > Columns moveable" to move the columns in Runtime. 8. Enable "Properties > Properties > Window > Closable" to allow the system diagnostics window to be closed in Runtime. Result The system diagnostics window has been added to the global screen. The system diagnostics window will respond to error messages in the plant and display the device affected. Configure a system diagnostics indicator in a screen to open the system diagnostics window. Configuring button as system diagnostics indicator (Panels, RT Advanced, RT Professional) Introduction Instead of using the object "DiagnosticsIndicator" from the library, you can configure a button, for example, to indicate errors in your plant. Requirements At least one PLC has been created. The option "Activate system diagnostics for this CPU" is activated on each PLC. The "Tools" task card is open. A bit graphics list has been created with two different graphics for the statuses. A screen is open. You have created a system diagnostics view. Procedure 1. Double-click the "Button" object in the "Tools" task card. A button will be added to the screen. 2. In the Inspector window, select "Properties > Properties > General > Mode > Graphic". 3. Select the bit graphics list under "Graphic > Graphics list". 4. Select the "@DiagnosticsIndicatorTag" tag under "Properties > Properties > General > Tag" in the Inspector window. Configuring system function to the button 1. Click "Properties > Events" in the Inspector window. 2. Select the "Click" event. 6068 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 3. Click on "Add function" in the table. 4. Select the "ActivateSystemDiagnosticsView" system function. 5. Select the system diagnostics view. Result You have now configured a button which will respond to error messages from the PLC. The button changes its appearance if an error message is output in Runtime. The button has two states: Error The system diagnostics view opens when you click the button. The system diagnostics view shows the detail view of the device concerned. No error The system diagnostics view opens when you click the button. The system diagnostics view shows the device view. Configuring the system diagnostic view (Panels, RT Advanced) Introduction You add a system diagnostics view to your project to get an overview of all devices available in your plant. Requirements At least one PLC has been created. The option "Activate system diagnostics for this CPU" is activated on each PLC. A Comfort Panel or WinCC RT Advanced has been created. You have created a screen. The Inspector window is open. Procedure 1. Double-click the "System diagnostics view" object in the "Tools" task card. The object is added to the screen. 2. Select "Properties > Properties > Columns > Devices/Detail view" in the Inspector window. 3. Activate the columns that you require in the device view for Runtime, e.g. Status, Name, Slot. 4. Activate the columns that you require in the detail view for Runtime, e.g. Status, Name, Plant designation. 5. Activate the columns that you require in the diagnostic buffer view, for example, Status, Name. WinCC Advanced V14 System Manual, 10/2016 6069 Visualizing processes 12.11 Using diagnostics functions 6. Enable "Properties >Properties > Layout > Column settings > Columns moveable" to move the columns in Runtime. 7. You can change the column headers under "Properties > Properties > Column headers", if necessary. Result The system diagnostics view has been added to the screen. Error for the entire plant are now displayed in the system diagnostics view in Runtime. Configuring the system diagnostic view (Basic Panels) Introduction For an overview of all integrated connections, you insert a system diagnostics view in your project. Requirements A PLC has been created. A Basic Panel has been created. An integrated connection has been created in the "Devices & Networks" editor. You have created a screen. The Inspector window is open. Procedure 1. Double-click the "System diagnostics view" object in the "Tools" task card. The object is added to the screen. 2. In the Inspector window, select "Properties > Layout". 3. Enter a number under "Lines per entry", i.e. 5. Result The system diagnostics view has been added to the screen. To obtain the latest alarms, update the diagnostic buffer. Splitting the view in system diagnostics view (Panels, RT Advanced) Introduction The system diagnostics view also offers a split view of the display. You have the option to see the devices and the associated details at a glance. 6070 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Requirements At least one PLC has been created. The option "Activate system diagnostics for this CPU" is activated on each PLC. An HMI device has been created, for example, a Comfort Panel. You have created a screen. The Inspector window is open. Procedure 1. Double-click the "System diagnostics view" object in the "Tools" task card. The object is added to the screen. 2. In the Inspector window, click "Properties > Properties > Layout". 3. Activate "Show split view". 4. Activate "Sizing > Auto-size" 5. You may also change the number of lines for the "Device view" and the "Detail view" if required. Result The system diagnostics view has been added to the screen. The system diagnostics view is split into two areas. The top area shows the device view. The bottom view shows the detail view. If you open the diagnostic buffer view, the top area displays an overview of the diagnostic buffer and the bottom area displays the details. WinCC Advanced V14 System Manual, 10/2016 6071 Visualizing processes 12.11 Using diagnostics functions Note Contents of the detail view The contents of the detail view are only available for integrated connections with S7-1200 and S7-1500 PLCs. 12.11.2 Monitoring functions for SIMATIC IPCs Hardware monitoring for SIMATIC IPCs All SIMATIC IPCs support monitoring functions. Some of the monitoring functions can be displayed in the TIA Portal if you connect to the IPC online. The diagnostics editor provides information on operating states of the following groups: Fans Temperatures 6072 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Voltages Drives/Storage media The following figure shows an overview of all groups in the diagnostics editor. You can choose between the complete view and the single view in the diagnostics editor. "Temperatures" group The "Temperatures" group displays the temperatures of different components. "Fans" group The "Fans" group indicates the status of available fans (depending on the device). The speeds are given in revolutions per minute (rpm). "Voltages" group The "Voltages" group indicates the status of the available voltage sensors (depending on the device). The voltage of the CMOS battery is monitored. This sensor provides information about whether the voltage is OK, critical or faulty. WinCC Advanced V14 System Manual, 10/2016 6073 Visualizing processes 12.11 Using diagnostics functions "Drives" group The "Drives" group indicates the status of the available drives/storage media (depending on the device). The following storage media are supported here: ATA hard disks CompactFlash cards SCSI hard disks USB hard disks or USB sticks Hard disks of an INTEL RAID adapter Information about whether each drive has S.M.A.R.T. capability and/or is a RAID drive is specified in the properties. Status information is displayed in this case. Limits High and low limits are defined for the two groups, Fans and Temperatures. The limits depend on the IPC and cannot be changed. Color code The icons next to each display object change color depending on the state of the object. The following applies to all groups: Green = OK Red = High or low limit violation or status of the object is critical. Reaction to deviations If there is a high or low limit violation or one of the groups has reached a critical state, an entry is triggered in the diagnostic buffer. At the same time, the icon color changes to red. You can find additional information on the diagnostics functions of the IPCs in SIOS Portal (https://support.industry.siemens.com/cs/de/en/view/39129913) 12.11.3 Supervising machinery and plants with ProDiag (Panels, RT Advanced, RT Professional) 12.11.3.1 Basics of supervision with ProDiag (Panels, RT Advanced, RT Professional) Introduction The TIA Portal ProDiag functionality is used for monitoring and identification of errors that occur in your plant or machine. You can use ProDiag to show the type of error, the cause of the error and the location of the error on the HMI device. 6074 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Use You can use ProDiag functions to monitor your plant and to visualize it on an HMI device. The main objective of ProDiag is the reduction of downtime and loss of production after an error occurs, and the avoidance of errors using timely warnings. Diagnostic and display objects provide specific information for the user for troubleshooting and show the processes on an HMI device on site. Principle In STEP 7, you create operand supervisions and configure the settings according to your requirements. When an error occurs, a supervision alarm is generated based on the criteria you have configured. The configured supervision instances are stored in the preset ProDiag function block. You can use the automatically generated ProDiag FBs or create and configure your own ProDiag FBs. You can use WinCC to visualize the ProDiag functions for display on an HMI device. You configure the screen objects which provide an overview of the current status of the plant and display the affected code or the step sequence when an error occurs. 12.11.3.2 Basics of supervising operands (Panels, RT Advanced, RT Professional) Supervising operands You can use a supervision to view the status of a Boolean tag. If an event occurs in your plant or machine, it triggers the configured supervision and the status of the operand is written to a ProDiag block in an error bit. The following types of supervision are available: Operand supervision Interlock monitoring Action supervision Reaction supervision Position supervision Text message Error message Categories and subcategories You can define categories and subcategories for each supervision instance. You can use eight categories to classify occurring events according to their urgency. Subcategories are used to further subdivide information. You can combine categories and subcategories in a supervision instance. You can find categories, subcategories and alarm texts for the supervision in the project tree under "Common data > Supervision settings". You can find more information about supervisions and categories in the chapter "Programming PLC > Supervising machinery and plants with ProDiag". WinCC Advanced V14 System Manual, 10/2016 6075 Visualizing processes 12.11 Using diagnostics functions Tracking a supervision in HMI Track the status of the configured supervision in WinCC using the "ProDiag overview" object. When an event occurs in your plant, the corresponding symbols of the supervision category and the type of supervision light up in the ProDiag overview. You jump directly to the error message or to the display if the affected network in the PLC code view via the configured buttons. You display the status of the GRAPH sequencer of a GRAPH data block in the object "GRAPH overview". If a GRAPH supervision error occurs in one of the steps, the error symbol in the GRAPH overview lights up and the faulty step is highlighted visually. With the object "PLC code display", you show the user program in the LAD, FBD and GRAPH programming languages on your HMI device. 12.11.3.3 Requirements and licensing (Panels, RT Advanced, RT Professional) Introduction You configure the ProDiag supervisions in the TIA Portal using STEP 7 Professional and create the screen objects for the supervision and diagnostics using WinCC. You need a license to use the ProDiag functionality and the corresponding screen objects. Software requirements To configure ProDiag supervisions, you need the following products: TIA Portal STEP 7 Professional TIA Portal WinCC - Comfort/Advanced V14 or higher or - Professional V14 or higher Hardware requirements ProDiag functionality is available for CPUs of the S7-1500 series with firmware version 2.0 or higher. The objects for the supervision and diagnostics of plants are available for the following HMI devices: Comfort Panels und KTP Mobile Panels* RT Advanced RT Professional * The "PLC code view" object is available on Comfort Panels and KTP Mobile Panels from display size 7" 6076 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Licensing of ProDiag supervisions The number of ProDiag supervisions that you configure using STEP 7 Professional is licensed. You do not need a license for the first 25 supervisions, licenses must be used for additional supervisions. Number of super visions <= 25 <= 250 <= 500 <= 750 <= 1000 > 1000 Number of licen ses None 1 2 3 4 5 Licensing of ProjDiag objects To use the objects for the diagnostics and supervision in conjunction with the ProDiag supervision in your program, you need a ProDiag license. 12.11.3.4 Visualizing supervisions (Panels, RT Advanced, RT Professional) Objects for the supervision and diagnostics of plants (Panels, RT Advanced, RT Professional) Introduction WinCC offers the following objects for displaying the current monitoring status and for fault diagnostics in the program code: ProDiag overview GRAPH overview PLC code view ProDiag overview The "ProDiag overview" object is available on Comfort Panels and KTP Mobile Panels and provides you with an overview of the current status of the configured supervisions. GRAPH overview The "GRAPH overview" object is available on Comfort Panels and KTP Panels and is used to display the current program status for executed steps of the GRAPH sequencer. PLC code view The "PLC code view" object is available on Comfort Panels and KTP Mobile Panels from display side 7" and is used to display the current program status of user programs which have been programmed in the LAD, FBD or GRAPH programming languages. WinCC Advanced V14 System Manual, 10/2016 6077 Visualizing processes 12.11 Using diagnostics functions Interaction of the objects for the supervision and diagnostics (Panels, RT Advanced) Introduction With the objects for the supervision and diagnostics of plants, you have the following options: On a HMI device, you show the status of the supervisions configured in the user program Evaluate the current alarms and display the network that causes the alarms, Display the program code on the HMI device Depending on the network, you display the following information on the HMI device: With the object "ProDiag overview" you display the current status of the ProDiag supervisions. With the object "GRAPH overview" you display the current status of the GRAPH sequencer. Interaction of ProDiag objects The figure below shows the interaction of objects for visualizing the ProDiag supervisions: :LQ&&+0,B )LJB )LJB 3UR'LDJRYHUYLHZ $ODUPYLHZ $ODUPZLQGRZ *5$3+RYHUYLHZ )LJB 3/&FRGHYLHZ 6078 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions The visualization of the ProDiag functionality on the HMI device is comprised of the following actions: 1. Display program status - Display status of the supervisions with the ProDiag overview On the HMI device the connection is established to the PLC and the connected ProDiag FB and the current status of the supervisions is displayed. The corresponding symbol in the ProDiag overview lights up as soon as an event occurs. The "Alarm view" button allows you to jump to the alarm view or alarm window showing details on the event that occurred. To find the supervision-relevant alarms more easily in the alarm view/alarm window, it is recommended to use a filter to restrict the alarm shown. - Show sequence of the GRAPH sequencer using the GRAPH overview As soon as the connection is established to the PLC, the currently executed step of the GRAPH sequencer is shown in Runtime. Navigate to the next step or to the initial step of the sequencer using the operator buttons. The "Alarm view" button allows you to jump to the alarm view or alarm window showing details on the event that occurred. The "PLC code view" allows you to jump to the PLC code view, for example, to display an error in the execution of the GRAPH sequencer. 2. Display current alarms in the alarm view or in the alarm window Alarms that occur in Runtime are display in the alarm view or in the alarm window. Note Display of alarms of "Acknowledgment" and "No Acknowledgment" alarm classes To display the supervision alarms of the system alarm classes or self-defined alarm classes in your alarm view or in your alarm window, enable the display of the these alarm classes in the Inspector window under "Properties > Properties > General". In the alarm view/alarm window the alarm classes of the supervision alarms can only be enabled after the supervisions have been configured and the PLC compiled. The system function "ActivatePLCCodeView" allows you to jump from the last active or a selected alarm to the PLC code view with the affected program code. 3. Display program code in the PLC code view As soon as the connection has been established to the PLC, the PLC code view displays the current status of the network depending on the configuration: - In Runtime, the LAD/FBD network and the program code is displayed. The symbol names, absolute addresses of the symbols and corresponding comments are show in the symbol table. - In Runtime, the GRAPH sequencer is shown. In the detail view, the transitions of the steps are displayed. You have the option of configuring a button that changes its appearance in case of an error and allows you to jump to the configured PLC code view. To do so, specify a button and configure the system function "ActivatePLCCodeView" to it. Dynamize the appearance (e.g. background color) of the button using the control tag for PLC code view that you previously connected with the alarm view, so that the button changes its color, for example, in the event of an incoming ProDiag alarm. WinCC Advanced V14 System Manual, 10/2016 6079 Visualizing processes 12.11 Using diagnostics functions Transfer of languages from CPU to HMI device In TIA Portal V14, the texts for the ProDiag functionality, such as symbol names and comments in a PLC code view and supervision alarm texts, are automatically loaded from the PLC's user program to the HMI device. In multi-lingual projects, make sure that the languages that are available in the PLC match the Runtime languages of the HMI device. The alarm texts on the HMI device can only be displayed in the desired languages if the languages match. For more information on multilingual projects, refer to "Configuring devices and networks > Additional information on configurations > Functional description of S7-1500 CPUs > Setting the operating behavior > CPU properties > Multilingual capability". Configuring the ProDiag overview (Panels, RT Advanced, RT Professional) Overview of the supervision configuration (Panels, RT Advanced, RT Professional) Introduction In TIA Portal, configure ProDiag supervision functions in your user program in STEP 7 and configure the visualization for the HMI devices in WinCC. Requirements An S7-1500 controller has been created. There is at least one Boolean tag, either in a data block, tag table or in a block interface. An HMI device has been created A screen has been created Steps for configuring the supervisions with ProDiag You configure the ProDiag functionality in the TIA Portal in the following steps: In STEP 7 1. Create ProDiag function block for supervision. 2. Define settings at the ProDiag function block. 3. Defining the ProDiag supervision settings - Specify the type of supervision - Set the delay time - You select the conditions by which a supervision signal is triggered - Define the categories and subcategories 4. Add supervision for a Boolean tag. You create either global or a local supervision for a Boolean tag. 5. Call the ProDiag function block. 6. Compile and download the project 6080 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions In WinCC 1. Insert the "ProDiag overview" object in the HMI screen. 2. Select a status tag. 3. Configure the display and the representation of the object in the settings. 4. Configuring the jump to the alarm view. In addition, you can have the program execution in the "GRAPH overview" object displayed, as well as the current program status in the "PLC code view" object. Assignment of symbols in the ProDiag overview The status tag "State" from the PLC data type "SV_FB_State" of the ProDiag function block contains the group error bits for the supervision types and categories that you visualize with the help of the ProDiag overview. You can visualize two types of group error bit in the "ProDiag overview" object: Group error bit for supervisions (All, O, I, R, A, P, Merr, Mtxt) Group error bit for categories (C1 to C6) The table below shows the assignment of the group error bits of the status tag "State" to the symbols in the ProDiag overview. ProDiag overview Elements in ProDiag FB Description All Group error bit for all supervision types, excluding message text Symbols If value of All = TRUE, at least one supervision was triggered and the symbol is visually highlighted in the ProDiag overview. SV_Types Byte for all group error bits of the su pervision types Mtxt (message text) Group error bit for all alarms - Tooltip with information on this Pro Diag overview E (Error) C1 (Category) Error W (Warning) C2 (Category) Warning Categories Group error byte for all categories. Categories WinCC Advanced V14 System Manual, 10/2016 6081 Visualizing processes 12.11 Using diagnostics functions ProDiag overview Elements in ProDiag FB Description I (Info) C3 (Category) Information C4 to C6 C4 to C6 (Category) Additional categories O O (Operand) Group error bit for operand supervi sions I I (Interlock) Group error bit for interlock supervi sions A A (Action) Group error bit for action supervisions R R (Reaction) Group error bit for reaction supervi sions P P (Position) Group error bit for position supervi sions M Merr (Message error) Group error bit for error texts Supervision types Configuring the ProDiag overview (Panels, RT Advanced, RT Professional) Introduction ProDiag overview is used to monitor your machine or system at runtime and determination of diagnostics information in the event of a fault occurring. Once you have set the status tag in the object and the connection to a ProDiag FB has been established, the status of the "State" status tag of the corresponding PLC data type is queried. In Runtime, the states of the monitored operands are represented as symbols in the ProDiag overview, similar to a traffic light colors. In WinCC, you configure the display and the representation of categories and supervision types that are displayed in the "ProDiag overview" object independent of the supervision settings in STEP7. Requirements At least one S7-1500 controller has been created. At least one supervision instance has been configured. A ProDiag FB and ProDiag DB are available. A PC station or an HMI device that supports the ProDiag functionality has been created. An HMI connection has been established between the controller and HMI device. An screen is created and the Inspector window is open. Procedure 1. In the Inspector window, select "Properties > Properties > General". 2. Open the selection button under the "Tag" property. 6082 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 3. Select the status tag of ProDiag FB. Alternatively, you can add the corresponding status tags from the detail view using dragand-drop. 4. Under "Output > Categories", define the names and colors for the supervision categories. 5. Under "Output > Monitoring types", define the names and colors for the supervision categories. 6. Under "Layout", specify which icons and buttons are to be displayed in the object. 7. Select an authorization for operation under "Properties > Properties > Security". 8. You can configure a system function to the event "Alarm view button click" under "Properties > Events" to jump from the ProDiag overview to the alarm view in Runtime. Result The ProDiag overview is inserted in the screen. The current states for supervised events are displayed in Runtime. Configuring jump to the alarm view (Panels, RT Advanced, RT Professional) Introduction After an error has occurred, you have the option of jumping directly from the ProDiag overview to an alarm window or a screen with an alarm view. Requirement You have created a screen. An alarm view or an alarm window has been created. WinCC Advanced V14 System Manual, 10/2016 6083 Visualizing processes 12.11 Using diagnostics functions The "ProDiag overview" object has been created. The Inspector window is open. Configuring the jump to the alarm view 1. Click "Properties > Events" in the Inspector window. 2. Click on the event "Click alarm view button". 3. Select the "ShowAlarmWindow" system function under "<Add function". 4. Specify the object name of the alarm window. 5. Alternatively, open the screen with the configured alarm view using the "ActivateScreen" function. Specify the screen name of the screen that contains the configured alarm view. Result When you press the "Alarm view" button in the configured ProDiag overview, the screen with the corresponding alarm view or an alarm window opens automatically. Configuring a GRAPH overview (Panels, RT Advanced, RT Professional) Displaying the status of the GRAPH sequencer (Panels, RT Advanced, RT Professional) Introduction With the help of the "GRAPH overview" object, you visualize the status of the GRAPH sequencer. Error symbol Name of the GRAPH data block Name of the currently executed step Active step of the sequencer If an error occurs in a step, the step number is highlighted in red. Operating mode 6084 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions "Step" button If the sequencer is in the last step, the "Initial step" button is displayed. "Alarm view" button Initial step symbol "PLC code view" button Simultaneous step symbol Displaying the status of the GRAPH sequencer You connect the GRAPH overview to the PLC via the GRAPH DB tag. After the connection has been established to the PLC, the object shows the step numbers of the steps of the GRAPH sequencer. The name of the currently executed step is shown below the sequencer. If there are additional simultaneous steps besides the currently executed step, the simultaneous step symbol lights up in the GRAPH overview. Depending on the application, you can switch between the four operating modes for executing the GRAPH sequencer. The currently selected mode is displayed in the GRAPH overview. If an error occurs during the execution of a step, the faulty step and the error symbol are highlighted visually. In the case of error you have the option of jumping to the alarm in the configured alarm view or of viewing the affected program in the PLC code view. Use You have the option of displaying the GRAPH overview in the standard view or in single line mode. You can, for example, configure multiple GRAPH overviews in a screen. This provides you with the overview of the current status of multiple production areas, whose supervisions are summarized in the corresponding GRAPH FBs. Configuring a GRAPH overview (Panels, RT Advanced, RT Professional) Introduction You can use the GRAPH overview to view the current program status for the executed steps of a GRAPH sequencer. WinCC Advanced V14 System Manual, 10/2016 6085 Visualizing processes 12.11 Using diagnostics functions Requirement A PLC including a GRAPH instance data block has been created. GRAPH instance data block contains at least one tag which is visible in HMI and accessible from HMI. Note The process tag you are using for the GRAPH overview must be visible in HMI and accessible from HMI. To identify the tags of the GRAPH data block as visible and accessible for HMI, open the GRAPH function block, select the block in the work area, and select "Edit > Internal parameters visible/accessible from HMI" in the menu bar. Then compile the program blocks. An HMI device has been created. You have created a screen. The Inspector window is open. Procedure 1. In the Inspector window, select "Properties > Properties > General". 2. Open the selection button under the "Assigned GraphDB tag" property. The "Add new object" dialog opens. 3. Select the corresponding PLC in the "Program blocks" folder. 4. Select the corresponding PLC tag of the GRAPH instance data block. Note If no connection was configured between the HMI device and the selected PLC, a connection is set up automatically. In addition, an HMI tag is created which is connected to the PLC tag. 6086 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 5. Under "Properties > Properties > Layout > Options", specify the symbols that are displayed in the GRAPH overview . To represent the GRAPH overview in compatibility mode without toolbar buttons and operating mode display, enable the "Single-line mode" property. 6. Under "Properties > Properties > Toolbar > General", specify the buttons that will be displayed in the object. 7. You can dynamize the properties in the "GRAPH overview" object using tags and colorcode the states. You can find a detailed description of dynamizing a property in the section Dynamizing screens (Page 5106) 8. Under "Properties > Events", you can assign system functions to the buttons in the GRAPH overview to jump to the alarm view and the PLC code view in Runtime. Result The GRAPH overview is inserted in the screen. The current status of the GRAPH step sequence is displayed in Runtime. See also Dynamizing screens (Page 5106) WinCC Advanced V14 System Manual, 10/2016 6087 Visualizing processes 12.11 Using diagnostics functions Configuring the PLC code view (Panels, RT Advanced, RT Professional) Configuring the PLC code view (Panels, RT Advanced, RT Professional) Introduction To display the PLC program networks in the LAD, FBD and GRAPH programming languages in Runtime, insert a PLC code view into your project. Requirement At least one PLC has been created. An HMI device has been created. An HMI connection has been established between the controller and HMI device. You have created a screen. The Inspector window is open. Procedure 1. Drag-and-drop the PLC code view from the toolbox view. 2. Click "Properties > Properties > Toolbar" in the Inspector window. 3. Select the buttons that you require in Runtime, for example: Next network, Previous network, Step mode. 6088 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 4. If required, configure the button display, e.g. background color and fill pattern. 5. In the Inspector window, select "Properties > Properties > Columns". 6. Adapt the column headers or change the order if necessary. 7. Select an authorization for operation in "Properties > Properties > Security". Result The PLC code view is inserted in the screen. In Runtime, PLC user programs that are programmed in the LAD, FBD or GRAPH programming languages can be displayed. Views in the PLC code view (Panels, RT Advanced, RT Professional) Introduction In the PLC code view you display various items of information about the user program: Information area Symbol table Detail view "Transition/Interlock view" Information area The information area displays the LAD/FBD program code of your user program, and/or the GRAPH sequencer of a GRAPH data block. After the connection to the PLC has been established, the network status is displayed in the information area highlighted via the program code. WinCC Advanced V14 System Manual, 10/2016 6089 Visualizing processes 12.11 Using diagnostics functions Symbol table The symbol table displays the symbols that are used in the displayed network. The three columns of the symbol table display the symbol names of the tags, the absolute address and the comments. As the comments are loaded from the user program, these are displayed in the language that is stored in the PLC. You can dynamically change the height and width of the symbol table in Runtime. Detail view The detail view is also available for displaying your GRAPH sequencer. The detail view gives detailed information about the selected network and the pending errors. In the detail view you see, for example, the transition of the first active step of the GRAPH sequencer. Open the detail view in Runtime using the "Detail view" button. 6090 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions "Transition/Interlock view" You have the option of switching between the transition and interlock views in the display of your user program. The transition/interlock view is available when the detail view is displayed. To switch between the transition/interlock views in Runtime, use the "Transition/Interlock" button. When the button is enabled the interlock network is displayed, when disabled the transition network. WinCC Advanced V14 System Manual, 10/2016 6091 Visualizing processes 12.11 Using diagnostics functions Buttons on the toolbar The table below shows the buttons on the toolbar and their meaning. Operator control 6092 Designation Function "Symbol area" Shows the symbol area. "Previous network" Navigates to the previous network "Next network" Navigates to the next network "Zoom in" Enlarges the information area. "Zoom out" Reduces the information area. "Detail" Shows the detail view. "Step mode" Switches between manual and automatic step se lection for the active step. "Transition/Interlock" Switches between the transition and interlock net work views. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Configuring a view in the PLC code view (Panels, RT Advanced) Introduction The PLC code view also provides a split view of the display to show the GRAPH sequencer. You have the option of viewing the program and the associated details at a glance. Press "Detail view" to open the detail view in Runtime. In WinCC, you can define the size ratio between the information area and the detail view. Requirement You have created a screen. A PLC code view has been created in the screen. The Inspector window is open. Define width of detail view 1. Click "Properties > Properties > Layout" in the Inspector window. 2. Specify the width of the detail view in relation to the information area using the option "GRAPH detail view width (%)". Result The PLC code view is divided in two areas to represent the GRAPH sequencer in Runtime. The left-hand area shows the GRAPH sequencer and the right-hand area shows the detail view with the transition of the active step. Supported instructions (Panels, RT Advanced, RT Professional) Introduction The "PLC code view" object supports instructions in the FBD and LAD programming languages. Instructions The following instructions are supported in the PLC code view: Bit logic operations Comparator operations Timers Counters WinCC Advanced V14 System Manual, 10/2016 6093 Visualizing processes 12.11 Using diagnostics functions Bit logic operations Instruction LAD FBD Normally closed contact 7DJB Normally open contact 7DJB Set output 7DJB 7DJB 6 Reset output 6 7DJB 7DJB 7DJB 7DJB Assignment 5 7DJB 5 7DJB 7DJB 7DJB 7DJB 7DJB NOT: Invert RLO 7DJB 127 Negated contact 7DJB 7DJB 7DJB 7DJB 7DJB 7DJB SR: Set/reset flip-flop 7DJB 7DJB 7DJB 7DJB 7DJB 7DJB 5 56 65 6 5 7DJB 7DJB 6094 4 5 RS: Reset/set flip-flop AND 65 6 7DJB 4 7DJB 4 7DJB 6 7DJB Is implemented by the corresponding in terconnection of normally closed con tacts or normally open contacts. 7DJB 5 56 6 4 7DJB 7DJB 5 6 4 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Instruction LAD OR Is implemented by the corresponding in terconnection of normally closed con tacts or normally open contacts. EXCLUSIVE OR FBD 7DJB 7DJB 7DJB Is implemented by the corresponding in terconnection of normally closed con tacts or normally open contacts. 5 ! 6 4 7DJB 7DJB 5 7DJB 6 [ 4 You can find additional information on this in the section "Programming PLC > Instructions". Comparator operations Instruction CMP ==: Equal LAD FBD 7DJB9DOXH ,17 7DJB9DOXH CMP <>: Not equal 7DJB9DOXH ! ,17 7DJB9DOXH CMP >=: Greater or equal 7DJB9DOXH ! ,17 7DJB9DOXH CMP <=: Less or equal 7DJB9DOXH ,17 7DJB9DOXH CMP >: Greater than 7DJB9DOXH ! ,17 7DJB9DOXH CMP <: Less than 7DJB9DOXH ,17 7DJB9DOXH WinCC Advanced V14 System Manual, 10/2016 ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 ! ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 ,17 7DJB9DOXH 7DJB9DOXH ,1 ,1 6095 Visualizing processes 12.11 Using diagnostics functions Note PLC code view supports the following data types for displaying the comparator: Binary numbers, integers, floating-point numbers and timers with exception of S5TIME. You can find additional information on this in the section "Programming PLC > Instructions". Timers Instruction LAD FBD TP: Generate pulse 7DJB6WDUW 7DJB3UHVHW7LPH TON: Generate on-delay 7DJB6WDUW 7DJB3UHVHW7LPH 7DJB3UHVHW7LPH TONR: Time accumulator 7DJB6WDUW 7DJB5HVHW 7DJB3UHVHW7LPH 73B'% 73 7,0( 73 7,0( ,1 4 7DJB6WDWXV 7DJB6WDUW ,1 4 37 (7 7DJB(ODSVHG7LPH 7DJB3UHVHW7LPH 37 (7 721B'% 721B'% 721 7,0( 721 7,0( ,1 4 7DJB6WDWXV 7DJB6WDUW ,1 4 37 (7 7DJB(ODSVHG7LPH 7DJB3UHVHW7LPH 37 (7 TOF: Generate off-delay 7DJB6WDUW 73B'% 72)B'% 72)B'% 72) 7,0( 72) 7,0( ,1 4 7DJB6WDWXV 7DJB6WDUW ,1 4 37 (7 7DJB(ODSVHG7LPH 7DJB3UHVHW7LPH 37 (7 7215B'% 7215B'% 7215 7,0( 7215 7,0( ,1 4 7DJB6WDWXV 7DJB6WDUW ,1 4 5 (7 7DJB(ODSVHG7LPH 7DJB5HVHW 5 (7 37 7DJB3UHVHW7LPH 7DJB6WDWXV 7DJB(ODSVHG7LPH 7DJB6WDWXV 7DJB(ODSVHG7LPH 7DJB6WDWXV 7DJB(ODSVHG7LPH 7DJB6WDWXV 7DJB(ODSVHG7LPH 37 You can find additional information on this in the section "Programming PLC > Instructions". 6096 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Counters* * Counters support the integer data types Instruction LAD FBD CTU: Count up 7DJ,QB 7DJ,QB 7DJB39 7DJ,QB 7DJB39 CTUD: Count up and down &78B'% &78 &78 ,17 ,17 &8 4 5 &9 7DJ2XW 7DJ,QB 7DJ,QB 7DJB&9 7DJB39 39 CTD: Count down 7DJ,QB &78B'% 5 &9 7DJB&9 4 7DJ2XW 39 &7'B'% &7'B'% &7' &7' ,17 ,17 &' 4 7DJ2XW 7DJ,QB /' &9 7DJ,QB 7DJB&9 /' &9 7DJB&9 7DJB39 39 4 7DJ2XW 39 &' &78'B'% &78'B'% &78' &78' ,17 7DJ,QB &8 48 &' 5 ,17 7DJ2XW 7DJ,QB&8 &8 4' 7DJ2XWB4' 7DJ,QB&' &' &9 7DJB&9 7DJ,QB 7DJ,QB 7DJ,QB /' 7DJB39 &8 39 7DJ,QB5 5 4' 7DJ2XWB4' 7DJ,QB/' /' &9 7DJB&9 7DJB39 39 48 7DJ2XWB48 You can find additional information on this in the section "Programming PLC > Instructions". Supported data types (Panels, RT Advanced, RT Professional) Supported data types The following table shows data types supported in the "PLC Code View" object and their display formats: Data type Length Format BOOL 1 bit Bool BYTE 8-bit Hex Binary numbers WinCC Advanced V14 System Manual, 10/2016 6097 Visualizing processes 12.11 Using diagnostics functions Data type Length Format WORD 16-bit Hex DWORD 32-bit Hex LWORD 64-bit Hex SINT 8-bit Dec USINT 8-bit Dec INT 16-bit Dec UINT 16-bit Dec DINT 32-bit Dec UDINT 32-bit Dec LINT 64-bit Dec ULINT 64-bit Dec REAL 32-bit Floating point number LREAL 64-bit Floating point number TIME 32-bit Time LTIME 64-bit LTime DATE 2 bytes Date TOD (TIME_OF_DAY) 4 bytes Time_Of_Day LTOD (LTIME_OF_DAY) 8 bytes LTime_Of_Day DT (DATE_AND_TIME) 8 bytes Date_And_Time LDT (DATE_AND_LTIME) 8 bytes Date_And_LTime DTL 12 bytes Date and Time Integers Floating-point numbers Timers Date and time Character (only for displaying the contents of user data types) CHAR 8-bit Character WCHAR 16-bit Unicode character STRING n + 2 ** byte Character string * Only with Boolean operands ** An operand of the STRING data type occupies two bytes more than the specified maximum length in the memory. Note You can find more information on the data types under "PLC Programming > Data Types". Note The 64-bit PLC data types LINT, ULINT and LWORD are mapped to the HMI data type LREAL in the HMI channel. A loss of accuracy can be expected when the value exceeds the size 2^50. 6098 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Correcting display problems in the PLC code view (Panels, RT Advanced, RT Professional) Introduction If an error occurs in visualizing the program code, an error message with the associated error number is output in the PLC code view. To correct the display error, first work through the recommended first measures. If the error persists, contact Customer Support. First measures for error correction Observe the following general information about troubleshooting: 1. Make sure that the current configuration was loaded onto the HMI device. 2. If you display program code in the PLC code view using a Runtime API function, check the notation and the sequence of the parameters of the call. 3. Restart Runtime on your HMI device. Notes on error messages The table below shows the error messages and the notes for correcting some specific errors in displaying the program code (if any): Error number Error message 3101, 3107, 3109, 3113, 3402, 3501, 3502, 3601, 3602, A general error occurred in determining the display data. Instructions 4000 - 4107, 4110 - 4113, 4115 4121 4200 - 4203, 4300 4604 3102 The parameters of the call are not correct. Check whether all parameters of the call were en tered in the specified order. Make sure that the in formation is complete and correct. 3103 The PLC was not found or the name of the PLC is incorrect. Check the specified PLC name. 3104 The address of the code block could not be determined. 3105 The address of the instance data block could not be determined. 3106 The block is know-how protected. 3108 The version of the Engineering System is not compatible. 4114, 4122, 4123 WinCC Advanced V14 System Manual, 10/2016 Make sure that the name of the instance data black and not the name of the function block was specified in the parameter. Make sure that the user program and the visualiza tion were configured with the corresponding version of the TIA Portal. The PLC code view with WinCC V14 only supports the configuration with the Engi neering System of the TIA Portal V14. 6099 Visualizing processes 12.11 Using diagnostics functions Error number Error message 3112 The network contains an operand that is not supported. 3117 The network language is not supported. 3201 The operand was not found. 3301 The called block was not found. 3302 No block was found in which this UDT is used. 3303 No matching entries were found, or the en tries contain data types that are not suppor ted. 3401 An error occurred in determining the data of a GRAPH block. 3114, 3110, 3111 The network contains an element that is not supported. 4103 4106 An error occurred during the calculation of the online status. 4108 The PLC name was not specified. 4109 The DB name was not specified. 4202 The ProDiag UDT was not specified. 12.11.3.5 Instructions Make sure that the specified block is a GRAPH block. Disconnect the HMI device by unplugging the net work cable. Wait a moment and then re-connect the network cable. Example: Visualization of the ProDiag functionality (Panels, RT Advanced, RT Professional) Procedures overview (Panels, RT Advanced, RT Professional) Introduction ProDiag enables you to supervise faults in your plant and display information on the supervisions on your HMI device. The following example shows you how to use objects for the supervision and diagnostics of plants in WinCC. Example In this example you configure the visualization for supervision of a conveyor belt operation. You track the movement of the production units on the conveyor belt with a ProDiag supervision that you created beforehand. You create your user program in STEP 7 and set up ProDiag supervisions for the operands. In WinCC you then configure the screens and objects required to display the program, the current program status and the output of error messages. 6100 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Configuration steps The example is divided into several steps: Creating screens - Overview screen with the ProDiag screen objects - Screen for the alarm view - Screen for the PLC code view Inserting objects in the screens - ProDiag overview for display of the ProDiag supervisions - GRAPH overview for display of the GRAPH sequencer - Alarm view for display of the ProDiag alarms - PLC code view for display of the program code in the languages LAD, FBD and GRAPH Configuring objects Interconnecting the objects to enable targeted navigation to the cause of the error in runtime. WinCC Advanced V14 System Manual, 10/2016 6101 Visualizing processes 12.11 Using diagnostics functions Requirements (Panels, RT Advanced, RT Professional) Requirements An S7-1500 controller with firmware version 2.0 or higher has been created. A user program for controlling the conveyor belt has been created. The user program contains a GRAPH function block with the motion sequence of the conveyor belt. The user program contains a ProDiag function block with the configured operand monitoring. You can find more information about creating ProDiag supervisions in the section "Programming PLC > Supervising machinery and plants with ProDiag". The HMI device TP1200 Comfort has been created. A connection has been established between the controller and your HMI device. Control program A program for the sequence of the conveyor belt and a ProDiag function block with operand monitoring was previously created in STEP 7. The following table shows the blocks and tags which are used in this example of visualization with WinCC: Name Designation/type Explanation Conv_Seq [FB] GRAPH function block Contains the program sequence for moving the conveyor belt. Conv_Seq_DB GRAPH data block Associated GRAPH instance data block. OFF_SQ Tag of the type Bool from the GRAPH data block PLC tag which is used as the process tag for displaying the status of the GRAPH sequencer. Conveyor [FB] ProDiag function block ProDiag function block contains the configured ProDiag monitoring for the operands which control the operation of the conveyor. Conveyor_DB ProDiag data block Associated ProDiag instance data block. State Tag of the type SV_FB_State from the ProDiag data block The status tag of the "SV_FB_State" PLC data type con tains the group error bits of all the supervisions that are assigned to the ProDiag function data block. Creating screens (Panels, RT Advanced, RT Professional) Introduction You will create three screens for displaying various objects to visualize the ProDiag supervisions in your plant. 6102 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Procedure 1. Open the project tree. 2. Click "Add new screen" in the Screens folder. 3. Open the shortcut menu of the screen and assign the name "Overview". 4. Create two additional screens named "Alarm" and "Program code". Result You have created an overview screen and two additional screens for visualization of the supervisions in Runtime. Inserting diagnostic objects (Panels, RT Advanced, RT Professional) Introduction To visualize the program code and the program status on your HMI device in runtime, insert the diagnostic objects into the created screens. In the GRAPH overview, you can see the currently executed steps of the GRAPH sequencer that you have configured in Runtime. ProDiag overview shows you whether a fault has occurred and a ProDiag supervision was triggered. Requirements The screens "Program code", "Overview" and "Alarm" have been created. The "Tools" task card is open. Procedure 1. Open the screen "Program code". 2. Drag-and-drop a "PLC code view" from the "Tools" task card into the screen. 3. Enter the object name "PLC code view" under "Properties > Properties > Miscellaneous > Name" in the Inspector window. 4. Open the screen "Overview". 5. Drag-and-drop the "ProDiag overview" object from the "Tools" task card into the screen. If you want to supervise multiple ProDiag blocks from your program, create a ProDiag overview for each block. 6. Enter a meaningful object name, such as "Overview_Conveyor", under "Properties > Properties > Miscellaneous > Name" in the Inspector window. 7. Drag-and-drop a "GRAPH overview" from the "Tools" task card into the screen. 8. Enter the name "GRAPH_Sequence" under "Properties > Properties > Miscellaneous > Name" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 6103 Visualizing processes 12.11 Using diagnostics functions 9. Open the screen "Alarm". 10.Drag-and-drop an alarm view from the "Tools" task card into the screen. 11.Enter the name "ProDiag_Alarm" under "Properties > Properties > Miscellaneous > Name" in the Inspector window. Result You have created objects for supervision and diagnostics in the respective screens. Objects for display of the current program status in the screen "Overview". PLC code view for display of program code in the languages LAD, FBD and GRAPH in the screen "Program code". Alarm view for display of ProDiag alarms in the screen "Alarm". Configuring diagnostic objects (Panels, RT Advanced, RT Professional) Introduction In this example, you connect the objects for visualization of program code and supervisions to your control program. You have previously created a program in STEP 7 for transportation of the production units on the conveyor belt. You have also created a ProDiag function block in which you set up the supervisions for the operands. Requirements The "Overview" screen has been created. A GRAPH overview and a ProDiag overview have been created in the screen. A ProDiag function block was created in the control program. A GRAPH instance data block "Conv_Seq_DB" was created in the control program. GRAPH instance data block "Conv_Seq_DB" contains the "OFF_SQ" tag which is visible in HMI and accessible from HMI. Procedure 1. Select the GRAPH overview. 2. Click on the selection button under "Properties> General> Process > Tag" in the Inspector window. A dialog opens. 3. Click on the GRAPH instance data block "Conv_Seq_DB" in the "Program blocks" folder. 6104 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 4. Select the PLC tag "OFF_SQ" of the GRAPH instance data block and confirm your selection. Note The process tag you are using for the GRAPH overview must be visible in HMI and accessible from HMI. To identify the tags of the GRAPH data block as visible and accessible for HMI, open the GRAPH function block, select the block in the work area, and select "Edit > Internal parameters visible/accessible from HMI" in the menu bar. Then compile the program blocks. The GRAPH instance data block and the "GRAPH overview" object are connected. 5. Select the ProDiag overview "Overview_Conveyor". 6. Click on the selection button under "Properties> General> Process > Tag" in the Inspector window. A dialog opens. WinCC Advanced V14 System Manual, 10/2016 6105 Visualizing processes 12.11 Using diagnostics functions 7. Click on the data block "Coveyor_DB" in the "Program blocks" folder. 8. Select the status tag "State" of the "Conveyor_DB" data block. The ProDiag data block and the "ProDiag overview" object are connected. Result GRAPH overview and ProDiag overview are connected to the data blocks of the control program. In Runtime, the objects show the incoming monitoring errors and the current status of the GRAPH sequencer. Configuring the alarm view for ProDiag (Panels, RT Advanced, RT Professional) Introduction In this example you configure the alarm view for display of the monitoring alarms and jump to the PLC code view with the program code. Requirements The "Alarm" screen has been created. The alarm view "ProDiag_Alarm" has been created. The PLC code view "PLC code view" is created in the "Program code" screen. 6106 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Procedure 1. Open the "Alarm" screen and select the alarm view. 2. In the Inspector window, select "Properties > General". 3. Select the alarm classes of alarms that are displayed in the alarm view, for example, the system-internal alarm classes "Acknowledgement" and "No Acknowledgement". You have the option to also display alarms of alarm classes that you have defined previously in STEP 7. 4. Specify a Boolean tag under "Properties > Display > Control tag for PLC code view" that will control the jump from the last active ProDiag alarm to the PLC code view. This tag is used to evaluate whether the jump from the selected alarm to the PLC code view is possible. 5. Drag-and-drop a button from the "Tools" task card into the "Alarm" screen. Enter the name "Program code" under "Properties > Properties > Miscellaneous > Name" in the Inspector window. 6. Select "Events > Click" in the Inspector window. WinCC Advanced V14 System Manual, 10/2016 6107 Visualizing processes 12.11 Using diagnostics functions 7. Select the "ActivatePLCCodeView" system function under "Add function". 8. Enter the screen name "Program code" and the object name "PLC code view" as parameters. 9. Under "Properties > Animations > Visibility > Tag", select the previously specified Boolean control tag for PLC code view. If the jump from the incoming ProDiag alarm to the PLC code view is possible, the "Program code" button is visible. Result You have activated the display of alarms of the defined alarm classes in the alarm view. In Runtime, the alarms of the corresponding alarm classes are displayed in the alarm view. Using the configured button, you jump to Runtime in the PLC code view with the program instance that has triggered the ProDiag alarm. Configuring the jump from the GRAPH overview (Panels, RT Advanced, RT Professional) Introduction In this step you configure the basic navigation between the GRAPH overview, the alarm view and the PLC code view. Configuring the jump from the GRAPH overview 1. Select the GRAPH overview "GRAPH_Sequence". 2. Select "Events > Alarm view button click" in the Inspector window. 3. Select the "ActivateScreen" system function under "Add function". 4. Specify the name of the "Alarm" screen that contains the alarm view. 5. Select "Events > PLC code view button click" in the Inspector window. 6108 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions 6. Select the "ActivatePLCCodeView" system function under "Add function". 7. Enter the name of the "Program code" screen and of the PLC code view "PLC code view". You have connected the GRAPH overview to the PLC code view. By clicking the "PLC code view" button, the screen with the display of the GRAPH sequencer is shown in Runtime. WinCC Advanced V14 System Manual, 10/2016 6109 Visualizing processes 12.11 Using diagnostics functions Result You monitor the current status of the sequencer using the GRAPH overview in Runtime. You have the option of viewing the GRAPH sequencer at any time in the PLC code view. In case of a fault, you use the configured buttons to jump to the corresponding alarm in the alarm view or directly to the PLC code view with display of the step sequencer. 6110 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.11 Using diagnostics functions Configuring the jump from the ProDiag overview (Panels, RT Advanced, RT Professional) Introduction In this step you configure the basic navigation between the ProDiag overview, the alarm view and the PLC code view. Configuring the jump from the ProDiag overview 1. Select the ProDiag overview "Overview_Conveyor". 2. Select "Events > Alarm view button click" in the Inspector window. 3. Select the "ActivateScreen" system function under "Add function". 4. Specify the name of the "Alarm" screen that contains the alarm view. Result You have connected the diagnostic objects to each other. You monitor the status of the ProDiag supervisions using the ProDiag overview in Runtime. In case of an error, the corresponding supervision icon is visually highlighted. WinCC Advanced V14 System Manual, 10/2016 6111 Visualizing processes 12.12 Communicating with controllers By clicking the "Alarm view" button, the screen with the alarm view and the currently pending alarms is displayed. Using the configured buttons, you jump, for example, from a ProDiag alarm to the display of the network in the PLC code view. 12.12 Communicating with controllers 12.12.1 WinCC Advanced V14 - Communication Communicating with controllers You can find a detailed description of communicating with controllers in the "WinCC Advanced V14 - Communication" manual. 6112 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 12.13 Using global functions 12.13.1 Working with libraries 12.13.1.1 Basics on libraries Introduction Store all objects you need frequently in the libraries. An object that is stored in the library only has to be configured once. It can then be used repeatedly as often as required. Library objects extend the number of available screen objects and increase the effectiveness during configuration through the multiple usage of ready-to-use objects. Your WinCC software package is supplied with comprehensive libraries that contain, for example, "Motor" or "Valve" objects. You may, however, define your own library objects. You manage libraries in the "Libraries" task card or library view. The following libraries are available: Project library Global libraries WinCC Advanced V14 System Manual, 10/2016 6113 Visualizing processes 12.13 Using global functions Note There is a symbol library in the "Tools" task card in the "Graphics" palette. Project library There is one library for each project. Objects of the project library are stored alongside with the project data and are available only for the project in which the library was created. If the project is moved to another PC, any project library created in it is also moved. To use the library object of the project library in other objects, move or copy the object into a global library. Global libraries A global library is saved independently of the project data in its own file with the extension *.aI12. A project can access several global libraries. A global library may be used concurrently in several projects. When a library object is changed by a project, this library will be changed in all projects in which these libraries are open. Library objects A library can contain all WinCC objects. Examples: Complete HMI device Screens Display and control objects including tags and functions Graphics Tags Alarms Text and graphics lists Faceplates User data types See also Displaying library objects (Page 6128) Storing an object in a library (Page 6131) Inserting a library object (Page 6132) 6114 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Creating a global library (Page 6123) Saving a global library (Page 6124) Opening a global library (Page 6125) Master copies and types (Page 6117) Screen basics (Page 4979) 12.13.1.2 Overview of the library view Function of the library view The library view combines the functionality of the "Libraries" task card and the overview window. In the library view, the elements of a library are displayed in various views. In the details view, for example, you see additional properties of the individual elements. You can also edit and version the types in the library view. WinCC Advanced V14 System Manual, 10/2016 6115 Visualizing processes 12.13 Using global functions Layout of the library view The following figure shows the components of the library view: 1 Library tree 2 Library overview 3 "Library view" button 4 "Open or close library overview" button Library tree The library tree is similar to the "Libraries" task card, apart from a few minor differences. In contrast to the task card, there is no "Elements" palette, because the elements are displayed in the library overview. In addition, you can close the library view in the library tree, or open and close the library overview. 6116 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Library overview The library overview corresponds to the overview window and displays the elements of the currently selected object in the library tree. You can display the elements in three different views. You can also perform the following actions in the library overview, for example: Copying elements Moving elements Versioning types Editing faceplates and HMI user data types Editing type instances 12.13.1.3 Master copies and types Introduction Both the "Project library" and the "Global library" contain the two folders "Master copies" and "Types". You can create or use the library objects either as a master copy or a type. Master copies Use master copies to create independent copies of the library object. Types Create instances of objects of the "Types" folder and use these in your project. The instances are bound to their respective type. Administration of the library objects You can copy and move library objects to another library. You can only copy master copies to the "Master copies" folder or any sub-folder of "Master copies". You can also only insert types in the "Types" folder or any sub-folder of "Types". See also Basics on libraries (Page 6113) State of type versions (Page 6133) WinCC Advanced V14 System Manual, 10/2016 6117 Visualizing processes 12.13 Using global functions 12.13.1.4 Libraries in WinCC Introduction The WinCC software package includes extensive libraries. Sorted by topic into folders, they contain preassembled graphic objects which you can use in screens for operation and monitoring of your plant. Global library "Buttons and Switches" The libraries "Buttons and Switches" offer a wide selection of buttons and switches. The folders divide switches and buttons into categories. The "DiagnosticsButtons" folder contains the object "System diagnostics indicator", for example. You use the "System diagnostics indicator" object for system diagnostics in your plant. Note You can only use the objects in the "DiagnosticsButtons" folder on Comfort Panels. You cannot use objects which have "Switch" in the object name or in the associated folder name in Runtime Professional. 6118 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Global library "Monitoring and Control objects" The "Monitoring and Control objects" library offers more complex display and operating objects in several designs and corresponding control lights, buttons and switches. In addition, graphics views for the designs are stored in the "Design_Backgrounds" folder; they can be used as object backgrounds for the custom extension of the scope of the library. Note You cannot use objects which have "Switch" in the object name in Runtime Professional. The same applies for the object "D5_Display_3" with the date/time field it contains. WinCC Advanced V14 System Manual, 10/2016 6119 Visualizing processes 12.13 Using global functions 12.13.1.5 Managing libraries Overview of the library management Function of the library management Master copies and types with dependencies to other library elements are subject to some functional restrictions. They can, for example, not be deleted as long as dependencies still exist. This prevents other library elements from becoming useless. The library management is used to identify the dependencies and to create an overview of the work progress. The library management offers the following functions: Display of the correlations of types and master copies If a type is referenced in other types or master copies, the correlations are displayed in the library management. You will also be able to see which library elements reference a type or a master copy. Display of points of use of types in the project Display all types that include a version with the "In test" or "In progress" status Layout of the library management The figure shows the library management, consisting of the following components: Toolbar of the library management "Types" area "Use" area 6120 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Toolbar of the library management You can perform the following tasks in the toolbar of the library management: Update view If the project was changed, you can update the view of the library management. Clean up library You can clean up the project library and global libraries. By cleaning up a library, you delete all types and type versions that are not linked to an instance in the project. Harmonize project By harmonizing a project, you adapt the names and the path structures of type uses in the project to the corresponding names and path structures of the types within a library. "Types" area The "Types" area displays the contents of the folder that you have selected in the library view. You can open or close all types by using the buttons in the toolbar of the "Types" area. You can also use the "Filter" drop-down list to filter the view and display all types with the "In test" or "In progress" status only. For each type, the types that it references are displayed. "Uses" area The "Uses" area gives you an overview of the points of use of the selected types and master copies. The "Uses" area is divided into two tabs: "Uses in the project" tab The "Uses in the project" tab is used to show the instances of type versions and their respective point of use in the project. When you select an instance, you can show the cross references of the instance in the project in the Inspector window. "Uses in the library" tab The "Uses in the library" tab is used to show all points within the library at which a type or a master copy is used. Opening library management Procedure To open the library management, follow these steps: 1. Open the library view. 2. Select a type or any folder that contains types. 3. Select the "Library management" command from the shortcut menu. Result The library management opens and the types are displayed with their versions. WinCC Advanced V14 System Manual, 10/2016 6121 Visualizing processes 12.13 Using global functions Filtering types in the library management Introduction A filter function in the library management enables you to limit the displayed types. The following filters are available: Display all types that include a version with "in progress" status Display all types that have no instances in the project Display all types that have more than one version Display all released types Requirement At least one type has been created. Filtering according to all types with pending changes 1. Select the "Types" folder in the project library. 2. Select the "Library Management" command in the shortcut menu of the "Types" folder. The library management opens. 3. Select "Types with pending changes" from the "Filter" drop-down list. The "Types" area only displays types that have the "in progress" status. Filtering for all types that have no instances in the project 1. Select the "Types" folder in the project library. 2. Select the "Library Management" command in the shortcut menu of the "Types" folder. The library management opens. 3. Select "Types not used in the project" from the "Filter" drop-down list. The "Types" area only displays types that have no instances in the project. Filtering for types with multiple versions 1. Select the "Types" folder in the project library. 2. Select the "Library Management" command in the shortcut menu of the "Types" folder. The library management opens. 3. Select "Multiple versions" from the "Filter" drop-down list. The "Types" area only displays types that have more than one version. 6122 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Filtering for all released types 1. Select the "Types" folder in the project library. 2. Select the "Library Management" command in the shortcut menu of the "Types" folder. The library management opens. 3. Select "Released types" from the "Filter" drop-down list. The "Types" area only displays types that have released versions. Filtering according by types with new versions for upgrading other types 1. Select the "Types" folder in the project library. 2. Select the "Library Management" command in the shortcut menu of the "Types" folder. The library management opens. 3. Select "Types with new versions for upgrading other types" from the "Filter" drop-down list. In the "Types" area, only types which can be potentially used as a source for the upgrading other types are displayed. See also Opening library management (Page 6121) Creating a faceplate type (Page 5153) Creating a global library Introduction In the libraries you store the configured objects that you want to use several times in your configuration. To use objects in several projects, create a global library. Requirement A project is open. The "Libraries" task card is displayed or the "Library view" is open. WinCC Advanced V14 System Manual, 10/2016 6123 Visualizing processes 12.13 Using global functions Procedure 1. Click the icon under "Global library". The "Create new global library" dialog opens. 2. Enter a name. 3. Select the path where the new library is to be stored. 4. Click "Create". Result The new library is shown in the "Global libraries" palette. The global library contains the "Types", "Master copies" and "Common data" folders. Under the "Common data" you can find reports for the global library. A folder with the name of the global library is created in the file system at the storage location of the global library. This actual library file is given the file name extension ".al12". See also Basics on libraries (Page 6113) Saving a global library Introduction A global library is stored in a separate file on your hard disk drive. The file contains the objects of the global library including the referenced objects. E.g. the reference of a tag which was configured on an I/O field is also saved in the library. WinCC prompts you to save the global libraries when you close WinCC or your project without saving. You also can store the global library during configuration, without storing the entire project. 6124 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirement You have opened a project which contains at least one library. The "Libraries" task card is displayed or the library view is open. A library has been changed. Procedure 1. Select the global library that you want to save. 2. Click the icon in the "Global library" palette. You can alternatively select the "Save Library" command in the shortcut menu. If you want to store the global library in a different folder, select "Save as" in the shortcut menu. Select the path in which you want to store the new library and enter a file name. Result The global libraries are saved under their current file name or a file name you have specified. See also Basics on libraries (Page 6113) Opening a global library Introduction In WinCC, the global libraries are stored in separate files. You can use a global library in every project. Requirement You have saved a global library. A project is open. The "Libraries" task card is displayed or the library view is open. WinCC Advanced V14 System Manual, 10/2016 6125 Visualizing processes 12.13 Using global functions Procedure 1. Click the icon in the "Global library" palette. The "Open global library" dialog box is displayed. 2. Select the path in which the library is stored. 3. Click "Open". Note To have the access to a global library from multiple projects, open the global library readonly. As soon as a global library is not opened read-only, access from other projects is blocked. Result WinCC displays the opened global library in the "Global library" palette. See also Basics on libraries (Page 6113) Displaying logs of global libraries Logs listing all changes made to the global library are created when global libraries are updated. The logs are stored together with the global library and are always available once you have opened the global library. Procedure To open the logs of a global library, follow these steps: 1. Open the global library in the "Libraries" task card or in the library view. 2. Open "Common data > Logs" in the lower-level folder. 3. Double-click the required log. The log opens in the work area. Updating a project with the contents of a library Introduction After you have edited several types in the project library, update all instances in the project to the most recent version of the types from the project library. Requirement The "Libraries" task card or the library view is open. 6126 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure 1. Select the project library. 2. Select "Update > Project" from the shortcut menu. A dialog opens. 3. Select either the entire project or individual devices for the update. 4. Select the "Delete all unused versions of affected types" check box to delete all older versions of the updated types from the project library. 5. Click "OK" to confirm. Result All instances of the types are updated in the project to the most recent version of the selected types in the project library. You can find a log of the update process in the project tree under "Common data". Updating a library with the contents of another library The following options are available for updating libraries: Updating a global library with types from another global library Updating the project library with types from a global library Each of the following elements can be selected as source for the update: An entire library Individual folders within a library Individual types Requirement To update a global library, open the library with write rights. Requirement The "Libraries" task card or the library view is open. Procedure To update a library with the contents of a different library, follow these steps: 1. Select the entire library or a folder within the library or individual types. 2. Right-click the source and select the "Update > Library" command from the shortcut menu. The "Update library" dialog box opens. WinCC Advanced V14 System Manual, 10/2016 6127 Visualizing processes 12.13 Using global functions 3. Select the type of library you want to update: - Select "Update the project library" to update the project library with types from a global library. - Select "Update a global library" if you want to update a global library. 4. Optional: Select the global library you want to update from the drop-down list. 5. Select the "Delete all unused versions of affected types" check box to delete all older versions of the updated types from the project library. 6. Click "OK" to confirm. Result Types not yet available in the target library are supplemented there with all their versions. More recent versions are added to the types that already exist in the target library. If a more recent version of a type already exists in the target library, the latest version is nevertheless copied and automatically assigned a newer version number. A log listing all performed changes to the target library is created for the update process. If you have updated the project library, you can find the log in the project tree under "Common data > Logs". If you have updated a global library, you can find the log in the "Common data > Logs" folder in the level below the global library. 12.13.1.6 Managing objects in a library Displaying library objects Introduction The libraries are displayed as file folders in the corresponding palette. The elements contained in the library are displayed in the file folder and in the "Elements" palette. Requirement At least one library object has been created in a library. The "Libraries" task card is opened. 6128 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure 1. Select the library in the corresponding palette whose library objects you want to display. 2. Click . The contained library objects are displayed in the "Elements" palette. 3. Click one of the following icons: WinCC Advanced V14 System Manual, 10/2016 6129 Visualizing processes 12.13 Using global functions Icon Description Element view in detailed mode Element view in list mode Element view in overview mode with icons When several objects are assigned to the library with a multiple selection, only one of the objects is shown in the "Elements" palette. The individual components of this element are displayed in the "Parts" palette. Show parts of the library objects 1. Select the library in the corresponding palette from which you want to view the components of an element. 2. Click . 3. The contained library objects are displayed in the "Elements" palette. 4. Select the element. The "Parts" palette shows the objects of which the element consists. Result The library objects are displayed in accordance with the configuration. The components of the faceplates are displayed. See also Basics on libraries (Page 6113) 6130 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Storing an object in a library Introduction You can store all of WinCC objects, such as screens, tags, graphic objects or alarms in your libraries. You can use drag-and-drop to move the corresponding object from the work area, project window or detail view to the library. In a library you have divided into categories, you can directly add objects to a specific category. Requirement The "Screens" editor is open. A screen object has been created in the work area of the screen. The created libraries are displayed. Procedure 1. Select the object in the work area of the "Screens" editor. 2. Drag-and-drop the object from the work area to the desired library. The mouse pointer is transformed into a crosshair with an appended object icon. Result The object is saved to the library for further use in multiple instances of your configuration. See also Basics on libraries (Page 6113) WinCC Advanced V14 System Manual, 10/2016 6131 Visualizing processes 12.13 Using global functions Inserting a library object Introduction The system always assigns the inserted library object a name which consists of the name of the object type and of a consecutive number. If the inserted object already exists, you have the option of replacing the object or of saving it under a new name. You cannot insert library objects that are not supported by the HMI device. Note If you insert a screen with interconnected template from the library, the template will also be inserted. Any existing matching template is not used. Requirement The "Libraries" task card is opened. The editor in which you want to insert the library object is open. Procedure 1. Select a library object from the library. 2. Drag-and-drop the library object to the position in the work area where you want to insert the object. The library object is inserted. Result If the object was contained in the "Copy templates" folder, you have inserted an independent copy of the library object in the editor. If the object was contained in the "Types" folder, you have inserted an instance of the library object in the editor. See also Basics on libraries (Page 6113) 6132 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 12.13.1.7 Using types and their versions State of type versions Introduction Depending on the point of use, the version of a type has different statuses. Released version The "released version" status is available for all types, regardless of the point of use. If you want to edit a released version, you must first create a new test version or an "in progress" version. Released type versions of scripts and screens can be opened and viewed at their instance. "In progress" version The "in progress" status is possible for the following types: Faceplates User data Styles Style sheets When you create a new type or a new version of a released type, the type is assigned the status "in progress". Types with the "in progress" status can be edited in the library view without the need for a reference to an instance in the project. Upon release, the compatibility of the type is tested by a consistency check. "In test" version Only versions of scripts and HMI screens have the "In test" status. When you create a new version of a type, the type is assigned the status "In test". A version with "In test" status is linked to an instance in the project. You can set only one version to "In test" for each type at a given time. A version in testing may only be linked to a single instance in the project. Therefore, it is not possible to copy an instance to the clipboard, to duplicate it or to create an additional type from the instance as long as it has "In test" status. See also Generating a script as a type (Page 6134) Generating a screen as a type (Page 6134) WinCC Advanced V14 System Manual, 10/2016 6133 Visualizing processes 12.13 Using global functions Creating a faceplate type (Page 5153) Create a new version of a type (Page 6136) Master copies and types (Page 6117) Generating a script as a type Requirement A project is open. An HMI device has been created and opened. The project tree is open. The "Libraries" task card is opened. Procedure 1. Open the "Scripts" editor in the project tree. 2. Create a new script. 3. Select the script in the project tree. 4. Drag-and-drop the script into a library in the "Libraries" task card. A dialog opens. 5. Enter a name. 6. Enter a comment. Result You have created a type version of a script in the library. The created type is stored as a released version in the library. An instance of the type is used in the project. To change the script create a new version of the script. See also State of type versions (Page 6133) Generating a screen as a type Requirement A project is open. An HMI device has been created and opened. The project tree is open. The "Libraries" task card is opened. 6134 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure 1. Open the "Screens" editor in the project tree. 2. Create a new screen. 3. Select the screen in the project tree. 4. Drag-and-drop the screen into a library in the "Libraries" task card. A dialog opens. 5. Enter a name. 6. Enter a comment. Result You have created a type of a screen in the library. The created type is stored as a released version in the library. An instance of the type is used in the project. To change the screen create a new version of the screen. See also State of type versions (Page 6133) Generating a style as a type Introduction To define a new style, add a new type in the project library. Adding a new style 1. Open the "Libraries" task card. 2. Select the "Add new type" command under "Types" in the shortcut menu of the project library. A dialog opens. 3. Select "HMI style". Result The new style is created and displayed under its selected name in the project library. The HMI style type is assigned the status "in progress" and the version 0.0.1. Creating a style sheet as a type Introduction To define a new style sheet, add a new type in the project library. WinCC Advanced V14 System Manual, 10/2016 6135 Visualizing processes 12.13 Using global functions Adding a new style sheet 1. Open the "Libraries" task card. 2. Select the "Add new type" command under "Types" in the shortcut menu of the project library. A dialog opens. 3. Select "HMI style sheet". 4. Assign a meaningful name to the style sheet. 5. Select the style sheet category from the list. Result The new style sheet is created and displayed under its selected name in the project library. The HMI style sheet type is assigned the status "in progress" and the version 0.0.1. Create a new version of a type Principle If you create a new version of a type, the point of use of the type determines the status of the newly created version. Requirement The "Libraries" task card is opened. A type has been created and released. Procedure 1. Select the released type. 2. Select "Edit type" in the shortcut menu. Result for types of faceplates, user data, and styles A new version of the type is created. The version has the status "in progress". The library view opens. Result for types of scripts and screens A dialog opens. After you have selected the settings in the dialog, the version is set to the status "In test". The instance used in the project is set to the status "In test". The library view opens. 6136 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also State of type versions (Page 6133) 12.13.2 12.13.2.1 Importing and exporting project data Introduction WinCC gives you the option of exchanging project data between the projects or copying them to external applications. Exporting and importing between projects You can export the following project data from a project and import them into another project. Recipe data records Alarms Tags Text lists Project texts Exporting and importing reduces the workload. Instead of creating new data records, you use data already created in previous projects. Editing the export file The following file formats are available for export and import depending on the editor: *.xlsx for alarms, tags, project texts and text lists *.csv for recipe data records You can edit the import file in Excel, for example. XLSX file format XLSX format is a file format for Excel tables based on the Open XML format. XLSX files are optimized for Microsoft Excel 2007. You can sort the columns as required in the XLSX file. CSV file format CSV stands for Comma Separated Value. In this format, the columns of the table that contain the names and the value of the entry are separated by semicolons. Each table row terminates with a line break. You can also open the CSV file for editing in Excel. WinCC Advanced V14 System Manual, 10/2016 6137 Visualizing processes 12.13 Using global functions Importing project data When project data is imported, the objects in the project are created. The syntax of the import file is checked during import. The accuracy of the values imported and dependencies between the imported values are not checked. Any errors found in the imported data are reported when the project is compiled. Copying in Excel format In all spreadsheet editors you can copy the content in Excel format into the buffer of your PC. Then you insert the project data in Excel format directly into any application outside the TIA Portal. To this purpose you use the corresponding command in the shortcut menu of the work area: If you select the command in the shortcut menu of the line header, the complete line is copied into the buffer. If you select the command in the shortcut menu of a cell, only the cell content is copied into the buffer. If you select several lines and select the command, all marked data are always copied into the buffer. This data exchange is only possible as an export. 12.13.2.2 Exporting recipes (Basic Panels, Panels, RT Advanced) Introduction WinCC features an export function for exporting data records from recipes. Requirements The WinCC project for the export is open. Recipes have been created in a project. The "Recipes" editor is open. 6138 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Exporting recipes 1. In the "Recipes" editor, select the recipe with the data records you want to export. 2. Click . The "Export" dialog box opens. The selected recipe is shown under "Recipe selection". 3. Under "Content selection", specify if all or only selected data records are to be exported. 4. Under "File selection", specify the file in which the recipe data is to be stored. 5. Specify the list separator and decimal separator under "Data separation". 6. Click "Export." The export will start. Result The exported data has been written to a CSV file. The CSV file will be stored in the specified directory. WinCC Advanced V14 System Manual, 10/2016 6139 Visualizing processes 12.13 Using global functions Importing recipes Introduction Recipes are identified by their name. The recipe name must therefore be unique. Open the import file in a simple text editor to check that it has the correct data structure. Specify whether or not existing data records should be overwritten by records with the same name during the import. Requirements A CSV file containing at least one recipe has been created. The WinCC project for the import is open. The "Recipes" editor is open with at least one recipe. Importing a recipe 1. In the "Recipes" editor, select the recipe with the data records you want to import. 2. Click . The "Import" dialog box opens. The selected recipe is shown under "Recipe selection". 6140 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 3. Select the file you want to import under "File selection". 4. Under "Strategy", specify if existing data records should be overwritten by records of the same name. 5. Under "Data separation", select the list separator and the decimal separator to use in the CSV file. 6. Click "Import". The import will start. Result The data records are created in the selected recipe. Depending on the setting for "Strategy", existing data records are overwritten by records with the same name from the CSV file. Existing data records with the same name will also be imported from the CSV file if you deactivate the "Overwrite existing data records" option. Format of recipe data Introduction This section describes the required format of the file for the import of recipes. The file containing the data of the recipes must be available in "*.csv" format. : Structure of recipe data The structure of the import file is fixed. The following example shows the structure of a recipe containing two recipe elements, each with two data records: List separator=<List separator>Decimal symbol=<Decimal separator><List separator><Line break> <Name of the recipe><List separator><List separator><Line break> LANGID_<ID of the language><List separator> <Display name, recipe element 1><List separator> <Display name, recipe element 2><Line break> <Number recipe><List separator> <Recipe data record number 1><List separator> <Recipe data record number 2><Line break> <Tag recipe element 1><List separator> <Recipe data record 1 value 1><List separator> <Recipe data record 2 value 1><Line break> <Tag recipe element 2><List separator> <Recipe data record 1 value 2><List separator> <Recipe data record 2 value 2><Line break> ID of the language Use the "Windows language ID" in decimal notation, e.g. "1033" for English. Additional information is available in the documentation for the Windows operating system. WinCC Advanced V14 System Manual, 10/2016 6141 Visualizing processes 12.13 Using global functions 12.13.2.3 Importing and exporting alarms Exporting alarms Introduction WinCC has an export function for alarms. Requirements The WinCC project for the export is open. Alarms have been created in the project. The "HMI alarms" editor is open. Exporting alarms 1. Click the button in "Discrete alarms" or "Analog alarms". The "Export" dialog box opens. 2. Click the "..." button and specify in which file the data are saved. 3. Specify whether you want to export "Disrete alarms" or "Analog alarms". 4. Click "Export". The export will start. Result The exported data has been written to an xlsx file. The xlsx file will be stored in the specified folder. 6142 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Importing alarms (Page 6143) Format of the analog alarm data (Page 6144) Format of the discrete alarm data (Page 6147) Importing alarms (Basic Panels, Panels, RT Advanced) Introduction Alarms are identified by their alarm number. The alarm numbers must be unique in the analog and discrete alarm types. Alarms with redundant alarm numbers will be overwritten. An alarm without an existing alarm number is created. Any empty list entries for existing alarms contained in an xlsx file will be ignored for the purposes of the import. The entries of the existing alarms remain active and will not be replaced by empty ones. Requirements An xlsx file with alarms has been created. The structure of the xlsx file meets the requirements. The WinCC project for the import is open. The "HMI alarms" editor is open. Importing alarms 1. Click the button in "Discrete alarms" or "Analog alarms". The "Import" dialog box opens. 2. Click the "..." button and select the file that you want to import. 3. Click on the "Import" button. The import will start. A progress bar indicates the progress of the import operation. Result The corresponding alarms including alarm texts are created in WinCC on the basis of the import data. Alarms relating to the import operation are displayed in the output window. A log file is saved in the source directory of the import files. The log file has the same name as the respective import file but with the "*.xml" extension. WinCC Advanced V14 System Manual, 10/2016 6143 Visualizing processes 12.13 Using global functions Check when importing the data whether there are any links to objects, for example dynamic parameters such as tags. These parameters must be available in all languages to be imported. If an object with the same name already exists, the existing object is used. If no object of the same name yet exists, create an object with the relevant name or create a new link. Note The syntax of the import file is checked during xlsx file import. The meaning of the properties or dependencies between the properties is not checked. It is possible to assign an alarm a trigger tag of the incorrect type, such as String. An error will be reported during compilation. See also Exporting alarms (Page 6142) Format of the discrete alarm data (Page 6147) Format of the analog alarm data (Basic Panels, Panels, RT Advanced) Introduction This chapter describes the required format of the file for the import of analog alarms. The file containing the analog alarm data must be in "*.xlsx" format. Structure of the alarm data The import file in Microsoft Excel consists of a number of worksheets: Analog alarms(Analog alarms) Limits (Limits) Each alarm is assigned a separate row in the import file. The import file with the analog alarms must be formatted as follows: 6144 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Example of the worksheet "Analog alarms" Table 12-22 Meaning of the entries List entry Meaning ID The alarm number is used to reference an alarm. The alarm number is unique. Alarms with identical alarm numbers are overwritten during import. An alarm with out an existing alarm number is created. Name Name of the analog alarm Event text [de-DE], Alarm text Displays the alarm text. The field designation contains a language ID. Alarm texts must be assigned a language ID for import. An expression with a reference ID will be added to the alarm text if the text has a dynamic parameter. Example: text <field ref="0" />. Use the ID to assign dynamic parameters to alarm texts. FeldInfo Specifies whether the alarm text contains dynamic parameters. The settings are separated by a semicolon ";". Example of dynamic parameters: Tag: <ref id = 0; type = AlarmTag; Tag = Tag1; DisplayType = Decimal; Length = 5;> Text list: <ref id = 1; type = CommonTextList; TextList = Textlist1; Tag = tag 2; Length = 5;> Class The class of an alarm determines whether or not the alarm must be acknowledged. It can also be used to determine how the alarm appears when it is displayed on the HMI device. The alarm class also determines whether and where the corre sponding alarm will be logged. Group Indicates the allocation to an alarm group. If an alarm belongs to a group with other alarms, it can be acknowledged together with these alarms of the same group in a single operation. Trigger tag Specifies the tag monitored for limit value violation. Delay time value Specifies the delay time. The alarm is not triggered until the duration of the limit value violation equals the specified delay time. WinCC Advanced V14 System Manual, 10/2016 6145 Visualizing processes 12.13 Using global functions List entry Meaning Delay time unit Specifies the time unit for the delay. Report Enables reporting of the specific alarm on a printer. True or "1" = Reporting enabled. False or "0" = Reporting disabled. Reporting must also be globally enabled in the project. Info text [de-DE], Info text The tooltip is an optional property of an alarm. Tooltips can contain additional information about the alarm. A tooltip will be displayed in a separate window on the HMI device when the operator presses the <HELP> key. The field designation contains a language ID. Example of the worksheet "Limits" Table 12-23 Meaning of the entries List entry Meaning Alarm ID Alarm number The alarm number is used to reference an alarm. The alarm number is unique. Alarms with identical alarm numbers are overwritten during import. An alarm without an existing alarm number is created. Limit mode Trigger mode Indicates the method used for monitoring the limit value. Limit type Specifies the limit that will be monitored. Both a tag and a constant can be used as limit value. Limit value Limit value Indicates the tag or constant monitored for limit violation. 6146 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions List entry Meaning Deadband mode Hysteresis mode Specifies whether and in which cases hysteresis will be used. For "Outgoing" For "Incoming" For "Incoming" and "Outgoing" Deadband in percent 0 = The value specified for "Hysteresis" is considered to be absolute. 1 = The value specified for "Hysteresis" is referred to as a percentage of the limit value. Deadband mode Hysteresis Specifies a constant as a value of the hysteresis. Note "No value" in the table Entries in the table which have the value "No value" delete the corresponding values in an existing alarm of the same name. See also Exporting alarms (Page 6142) Format of the discrete alarm data (Page 6147) Format of the discrete alarm data (Basic Panels, Panels, RT Advanced) Introduction This chapter describes the required format of the file for the import of discrete alarms. The file containing the discrete alarm data must be in "*.xlsx" format. Structure of the alarm data The import file in Microsoft Excel consists of the worksheets "Discrete alarms" (discrete alarms). Each alarm is assigned a separate row in the import file. Structure of the import file containing the discrete alarms: WinCC Advanced V14 System Manual, 10/2016 6147 Visualizing processes 12.13 Using global functions Example of the worksheet "Discrete alarms" Table 12-24 Meaning of the entries List entry Meaning ID The alarm number is used to reference an alarm. The alarm number is unique. Alarms with identical alarm numbers are overwritten during import. An alarm with out an existing alarm number is created. Name Name of the analog alarm Event text [de-DE], Alarm text Displays the alarm text. The field designation contains a language ID. For import, a language ID must be assigned to alarm text. An expression with a reference ID will be added to the alarm text if the text has a dynamic parameter. Example: text <field ref="0" />. Use the ID to assign dynamic parameters to alarm texts. FeldInfo Specifies whether the alarm text contains dynamic parameters. The settings are separated by a semicolon ";". Example of dynamic parameters: Tag: <ref id = 0; type = AlarmTag; Tag = Tag1; DisplayType = Decimal; Length = 5;> Text list: <ref id = 1; type = CommonTextList; TextList = Textlist1; Tag = tag 2; Length = 5;> Class The class of an alarm determines whether or not the alarm must be acknowledged. It can also be used to determine how the alarm appears when it is displayed on the HMI device. The alarm class also determines whether and where the corre sponding alarm will be logged. Group Indicates the allocation to an alarm group. If an alarm belongs to a group with other alarms, it can be acknowledged together with these alarms of the same group in a single operation. Trigger tag Specifies the tag containing the bit that triggers the alarm. Trigger bit Specifies the number of the bit that triggers the alarm. Acknowledge tag Specifies the tag containing the bit that is set by the operator upon acknowledg ment. Only available if the selected alarm class requires alarm acknowledgment. Acknowledgment bit Specifies the number of the bit that is set when the operator acknowledges the alarm. PLC acknowledgement tag Specifies the tag containing the bit that acknowledges the alarm of the control program. Only available if the selected alarm class requires alarm acknowledg ment. 6148 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions List entry Meaning PLC acknowledgment bit Specifies the number of the bit that acknowledges the alarm of the control program. Delay time value Specifies the delay time. The alarm is not triggered until the duration of the limit value violation equals the specified delay time. Delay time unit Specifies the time unit for the delay. Report Enables reporting of the specific alarm on a printer. True or "1" = Reporting enabled. False or "0" = Reporting disabled. Reporting must also be globally enabled in the project. Info text [de-DE], Info text The tooltip is an optional property of an alarm. Tooltips can contain additional information about the alarm. A tooltip will be displayed in a separate window on the HMI device when the operator presses the <HELP> key. The field designation contains a language ID. Note "No value" in the table Entries in the table which have the value "No value" delete the corresponding values in an existing alarm of the same name. See also Exporting alarms (Page 6142) Format of the analog alarm data (Page 6144) Importing alarms (Page 6143) 12.13.2.4 Importing and exporting tags Exporting tags Introduction WinCC has an export function for tags. Requirements The WinCC project for the export is open. Tags have been created in the project. The "HMI tags" editor is open. WinCC Advanced V14 System Manual, 10/2016 6149 Visualizing processes 12.13 Using global functions Exporting tags 1. Click on the button in the "HMI Tags" tab. The "Export" dialog box opens. 2. Click the "..." button and specify in which file the data are saved. 3. Click "Export". The export will start. Note The version number of the xlsx file with the exported tags depends on the TIA Portal version. If the xlsx file was exported from a project in WinCC V13 SP1, it has the version number 1.2. If the xlsx file was exported from a project prior to WinCC V13 SP1, it has the version number 1.1. Result The exported data has been written to an xlsx file. The xlsx file will be stored in the specified folder. See also Importing tags (WinCC V13 SP1 or higher) (Page 6150) Format of the tag data (Page 6153) Importing tags (WinCC V13 SP1 or higher) Introduction Tags are identified by the tag name. An existing tag is overwritten with the data from the xlsx file if the tag name already exists in the project. A new tag is created if the tag does not yet exist. Requirements An xlsx file with tags has been created. The structure of the xlsx file meets the requirements. The WinCC project for the import is open. 6150 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Importing tags 1. Click "HMI tags" in the project navigation. 2. Double-click "Show all tags". The "HMI tags" editor opens. 3. Click the button. The "Import" dialog box opens. 4. Click the "..." button and select the file that you want to import. 5. Click on the "Import" button. The import will start. Result The relevant tags have been created in WinCC. Alarms relating to the import operation are displayed in the output window. A log file is saved in the source directory of the import files. The log file has the same name as the respective import file but with the "*.xml" extension. Check when importing the data whether there are any links to objects, for example, dynamic parameters such as tags. If an object with the same name already exists, the existing object is used. If no object of the same name yet exists, create an object with the relevant name or create a new link. Note The syntax of the import file is checked during xlsx file import. The meaning of the properties or dependencies between the properties is not checked. It is possible to assign a tag a trigger tag of the wrong type, for example, string. An error will be reported during compilation. See also Exporting tags (Page 6149) Format of the tag data (Page 6153) WinCC Advanced V14 System Manual, 10/2016 6151 Visualizing processes 12.13 Using global functions Importing array elements and structure elements Basics Array tags and structure tags are always imported in full with all elements. The elements of the array tags and structure tags are not filled further during import. A new tag is created if the name of the structured data type corresponds to the name of an array element or structure element in the import file. Example: The import file contains an array tag called "Otto" with 10 array elements. The array elements are then called Otto[1], Otto[2], for example. If the import file contains a tag named "Otto[1]", the first element of the array tag will not be filled. Instead, a new tag will be created in the Engineering System. Importing tags (prior to WinCC V13 SP1) Introduction Tags are identified by the tag name. An existing tag is overwritten with the data from the xlsx file if the tag name already exists in the project. A new tag is created if the tag does not yet exist. The version number of the xlsx file depends on the TIA Portal version. If the xlsx file was exported from a project in WinCC V13 SP1, it has the version number 1.2. If the xlsx file was exported from a project prior to WinCC V13 SP1, it has the version number 1.1. To import files with the version number 1.2 into a project that was created prior to WinCC V13 SP1, you must prepare the files. Requirements An xlsx file with tags has been created. The structure of the xlsx file meets the requirements. The WinCC project for the import is open. Preparing files for the import 1. Open the corresponding file in Microsoft Excel. 2. Select "File > Properties > Advanced properties". The "Properties" dialog is opened. 3. Switch to the "Fit to size" task card. 4. Select "TIA_Version" in the "Properties" area. 5. Change the value in the column from "1.2" to "1.1". 6. Click the "Change" button. 6152 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 7. Click "OK". 8. Delete the right column "Synchronization" in the file. 9. Save the file. Importing tags 1. Click "HMI tags" in the project navigation. 2. Double-click "Show all tags". The "HMI tags" editor opens. 3. Click the button. The "Import" dialog box opens. 4. Click the "..." button and select the file that you want to import. 5. Click on the "Import" button. The import will start. Result The relevant tags have been created in WinCC. Alarms relating to the import operation are displayed in the output window. A log file is saved in the source directory of the import files. The log file has the same name as the respective import file but with the "*.xml" extension. Check when importing the data whether there are any links to objects, for example, dynamic parameters such as tags. If an object with the same name already exists, the existing object is used. If no object of the same name yet exists, create an object with the relevant name or create a new link. Note The syntax of the import file is checked during xlsx file import. The meaning of the properties or dependencies between the properties is not checked. It is possible to assign a tag a trigger tag of the wrong type, for example, string. An error will be reported during compilation. Format of the tag data (Basic Panels, Panels, RT Advanced) Introduction This section describes the format required for the file with tag data used for imports. The tag data file must be in "*.xlsx" format. WinCC Advanced V14 System Manual, 10/2016 6153 Visualizing processes 12.13 Using global functions Tag data structure The import file in Microsoft Excel consists of a number of worksheets: HMI Tags (HMI tags) Multiplexing (multiplex tags) Each tag is on a separate line in the import file. The import file with the tag data must have the following format: Example of the worksheet "HMI Tags" Table 12-25 Meaning of the entries List entry Meaning Name Indicates the configured name of an HMI tag. Path Specifies which folders in the project tree contain the tag. The folder structure is represented by "\" : "FolderName1\FolderName2\TagName". PLC Tag Indicates whether the tag is linked to a PLC tag. Connection Indicates the name of the connection to the PLC. Data type Specifies the data type of a tag. The data types allowed depend on the communi cation driver being used. See the "Communication" section of the documentation for additional information on the data types permitted for the various communica tion drivers. Length Specifies the length of the tag. This entry is only useful for data types with a dy namic length such as strings; it is left empty for all other data types. 6154 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions List entry Meaning Address Specifies the tag address in the PLC. The tag address must exactly match the one used in WinCC, for example, "%DB1.DBW0". The tag address is empty for internal tags. Multiplexing Specifies whether multiplexing is used. Index tag Shows the name of the index tag for multiplexing. In Runtime, the system first reads the value of the index tag. It then accesses the tag in the corresponding place in the tag list. StartValue Specifies the start value of a tag. ID tag The update ID updates the value of a tag with the aid of a function or a PLC job. The update ID must be unique within an HMI device. Coding Shows the coding method. DiplayName [de_DE] Shows the display name of an HMI tag. The field designation contains a language ID. The field designation contains a language ID. Display names must be assigned a language ID for import. Texts are imported to the corresponding project language. Acquisition mode Specifies the tag acquisition mode. Acquisition cycle Specifies the tag acquisition cycle. The acquisition cycle must correspond exactly to the one used in WinCC. The value is not language-dependent and should therefore be the same in every language. The default value is "1 s". The acquisition cycle is undefined if the tag acquisition mode is "on demand". User-defined acquisition cycles must be created beforehand as the file will other wise not be imported. High High Limit type Indicates whether the limit value "High high" is monitored by a constant, a tag or not at all. High High Limit Displays the limit value "High High". High Limit type Indicates whether the limit value "High" is monitored by a constant, a tag or not at all. High Limit Displays the limit value "High". Low Limit type Indicates whether the limit value "Low" is monitored by a constant, a tag or not at all. Low Limit Displays the limit value "Low". Low Low Limit type Indicates whether the limit value "Low Low" is monitored by a constant, a tag or not at all. Low Low Limit Displays the limit value "Low Low". Linear scaling Indicates whether linear scaling is enabled. This entry can only be used for external tags. End value PLC Specifies the end value of the PLC tag. Start value PLC Specifies the start value of the PLC tag. End value HMI Specifies the end value of the HMI tag. Start value HMI Specifies the start value of the HMI tag. WinCC Advanced V14 System Manual, 10/2016 6155 Visualizing processes 12.13 Using global functions Example of the worksheet "Multiplexing" Table 12-26 Meaning of the entries List entry Meaning Name Indicates the configured name of an HMI tag which uses indirect addressing. The HMI tag must be available in the "HMI Tags" worksheet. Index Shows the value which governs which tag is selected. Multiplex Tag Displays the tag from the tag list corresponding to the index value. Note "No value" in the table Entries in the table which have the value "No value" delete the corresponding values in an existing tag of the same name. See also Exporting tags (Page 6149) Importing tags (WinCC V13 SP1 or higher) (Page 6150) 12.13.2.5 Importing and exporting text lists Exporting text lists Introduction WinCC has an export function for text lists. 6156 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirements The WinCC project for the export is open. Text lists have been created in the project. The "Text & graphics lists" editor is open. Exporting text lists 1. Click on the button in the "TextLists" tab. The "Export" dialog box opens. 2. Click the "..." button and specify in which file the data are saved. 3. By default, texts are exported in all defined project languages. If you do not want to export specific languages, disable the unnecessary languages in the dialog. 4. Click "Export". The export will start. Result The exported data has been written to an xlsx file. The xlsx file will be stored in the specified folder. Importing text lists Introduction You then import text lists from an xlsx file to WinCC. Requirements An xlsx file with text lists has been created. The structure of the xlsx file meets the requirements. WinCC Advanced V14 System Manual, 10/2016 6157 Visualizing processes 12.13 Using global functions The WinCC project for the import is open. The "Text & graphics lists" editor is open. Importing text lists 1. Click on the button in the "Text lists" tab. The "Import" dialog box opens. 2. Select the file you want to import under "File selection". 3. Click on the "Import" button. The import will start. Result You have now imported the text lists. The relevant text lists have been created in WinCC. Alarms relating to the import operation are displayed in the output window. A log file is saved in the source directory of the import files. The log file has the same name as the respective import file but with the "*.xml" extension. Check when importing the data whether there are any links to objects, for example, dynamic parameters such as tags. If an object with the same name already exists, the existing object is used. If no object of the same name yet exists, create an object with the relevant name or create a new link. Format of text list data Introduction This section describes the format required for the file with the text lists used for imports. The text list data file must be in "*.xlsx" format. Tag data structure The import file in Microsoft Excel consists of two worksheets: TextList (Text lists) TextListEntry (Text list entry) 6158 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Each text list is assigned a separate line in the import file. The import file containing the data must be structured as follows: Example of the worksheet "TextList" Table 12-27 Meaning of the entries List entry Meaning Name Shows the name of the text list. ListRange Shows the text list range: Number = Bit number (0-31) Range = value/range (...-...) Bit = Bit (0;1) Comment Any comments on the text list. You can use up to 500 characters Example of the worksheet "TextListEntry" WinCC Advanced V14 System Manual, 10/2016 6159 Visualizing processes 12.13 Using global functions Table 12-28 Meaning of the entries List entry Meaning Name Shows the name of the text list entry. Parent Specifies the name of the corresponding text list. DefaultEntry Indicates whether the text list entry is a default entry. The default entry is always displayed when the tag has an undefined value. Value Specifies the tag integer values or value ranges which are assigned to the text entries in the text list. Text Shows the text list entry. The field designation contains a language ID. Text list entries must be assigned a language ID for import. An expression with a reference ID will be added to the text if the text list entry has a dynamic parameter. Example: text <field ref="0" />. Use the ID to assign the dynamic parameter to a text list entry. FeldInfo Specifies whether the text list contains dynamic parameters. The settings are sep arated by a semicolon ";". Example of dynamic parameters: Tag: <ref id = 0; type = CommonTagDisplayFormat; Tag = tag 1; DisplayType = Decimal; DisplayFormat = 9;> Text list: <ref id = 1; type = CommonTextList; TextList = Textliste_1; Tag = tag 2; Length = 5;> PLC tag: <ref id = 0; type = CommonControlTagDisplayFormat; DisplayType = Decimal; DisplayFormat = 9;> 12.13.2.6 Import and export of project texts Importing project texts Edit the xlsx file or send it to a translator. Import the texts once they have been translated. The foreign languages will be imported to the relevant object in the project. Note In WinCC, you only import the previously exported project texts into the same project. Importing into a different project is not supported. Requirements At least two languages have been enabled in the "Project languages" editor, for example, Italian and French. Importing project texts To import a project text file, proceed as follows: 1. Click on the arrow to the left of "Languages & resources" in the project tree. The lower-level elements will be displayed. 2. Double-click on "Project texts". The "Project texts" editor will open. 6160 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 3. Click on the button. The "Import" dialog opens. 4. Select the path and file name of the import file from the "Import file" field. 5. Activate the "Import source language" check box if you have made changes to the source language in the export file and would like to overwrite the entries in the project with the changes. 6. Click on "Import". Result You have imported the project texts. Exporting project texts Project texts are exported for translation. Texts are exported to Office Open XML files ending in ".xlsx". These files can be edited in Microsoft Excel, for example. You can exchange the file with the translators and import it back to the project as soon as it has been translated. Requirements At least two languages have been enabled in the "Project languages" editor, for example, Italian and French. Exporting project texts To export individual project texts, proceed as follows: 1. Click on the arrow to the left of "Languages & resources" in the project tree. The child elements are displayed. 2. Double-click on "Project texts". The "Project texts" editor will open. 3. Select the texts you want to export. WinCC Advanced V14 System Manual, 10/2016 6161 Visualizing processes 12.13 Using global functions 4. Click on the button. The "Export" dialog opens. 5. From the "Source language" drop-down list, select the language from which you wish to translate, for example Italian. 6. From the "Target language" drop-down list, select the language into which the texts are to be translated, for example, French. 7. Enter a file path and a file name for the export file in the "Export file" input field. 8. Click "Export". Result The texts selected in the "Project texts" editor are written to an xlsx file. The xlsx file will be stored in the specified folder. 6162 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions You can alternatively select and export all project texts from categories. Select "User texts" or "System texts" in the "Export" dialog in line with the type of texts you wish to export. In this case, export can additionally be limited by categories. Note Project texts in library objects cannot be exported. 12.13.3 Using cross-references 12.13.3.1 General information about cross references Introduction The cross-reference list provides an overview of the use of objects and devices within the project and project library. The cross-reference list can be used to show the relationships and the dependencies of objects among themselves. Uses of cross-reference list The cross-reference list offers you the following advantages: When creating and changing a program, you retain an overview of the devices, objects, tags, alarms, scripts, etc. that you have used. From the cross-references, you can jump directly to the object location of use. You can see whether the object uses other objects or is used by itself. You can learn the following when debugging: - Which objects are used in which screen and on which devices. - The alarms and recipes shown in a specific display. - The tags used in a specific alarm or object. As part of the project documentation, the cross-references provide a comprehensive overview of all object, alarms, recipes, tags and screens. For additional information on working with cross-reference lists, please refer to "Displaying cross-reference lists". 12.13.3.2 Special features when working with cross-reference lists in WinCC (Panels, RT Advanced, RT Professional) Working with cross-references in WinCC In WinCC, there are a number of special features that you must take into account when working with cross-references. WinCC Advanced V14 System Manual, 10/2016 6163 Visualizing processes 12.13 Using global functions For additional information on working with cross-reference lists, please refer to "Displaying cross-reference lists". "Change cross-reference" dialog You can change the references of tags in the properties of screen objects using the "Change object references" dialog. Using textual cross-references when working with VB scripts When working with VB scripts, you can reference tags directly with the help of textual crossreferences without having to access the SmartTags list. Adding a new object to the cross-reference list The auto-complete function only offers HMI tags for selection. Array elements of an HMI tag are not displayed in auto-complete. You can only add array elements by entering the name of an array element. Displaying cross-references in the Inspector window If you select an object in the screen and an HMI tag is being used as the process tag at the object, the object and the linked HMI tag are displayed in the cross-references. All locations of use of the object and the HMI tags are also listed. If the HMI tag is interconnected with a PLC tag or a DB tag, the locations of use of the interconnected PLC tag or DB tag are displayed. Shortcut menu in the cross-reference list The shortcut menu is object-oriented. The shortcut menu is available for each row when the "Object" column actually contains an object. 12.13.3.3 Rewiring tags in the screens Introduction You can change the references of tags in the properties of screen objects using the "Change object references" dialog. This function lets you to replace a large number of tags in various screen objects. Replacing references is useful, for example, if you have created a screen by copying and pasting and need to adapt its references. You search for and replace individual or multiple characters in the tag names. You can open the "Change object references" dialog with the command in the shortcut menu. You can open the dialog for one or more screen objects or a screen. 6164 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions The "Change object references" dialog is available for the following screens. Overview screen (permanent area) Templates Pop-up screens Slide-in screens Global screen How to replace a tag 1. Select an object in the screen that contains a tag that you want to change. 2. Select the "Change object references" command in the shortcut menu or in the "Edit" menu. The "Change object references" dialog opens. You can see the selected screen objects and the tags used in the "Object" column. 3. Enter the name or part of the name you want to find in the "Find in reference" input box. WinCC Advanced V14 System Manual, 10/2016 6165 Visualizing processes 12.13 Using global functions 4. Start the search with the "Find next" button. If a reference is found, it is highlighted in the "Reference" column. Another click on the "Find next" button continues the search process until the list has been completely searched. After this, the search process starts again from the top of the list. 5. Enter the name or part of the name you want to replace for the found name in the "Replace with" input box. 6. Click the "Replace" button to replace the selected tag. All references found are replaced by clicking the "Replace all" button. In this way, you can replace a large number of references with another reference. 7. To select a tag from the list of all tags created in the project, click on the "Replace" column. 8. To select a tag from the object list or to create a new tag, click on the "Replace" column. button in the button in the 9. Confirm your entry with "OK". The rewiring of the tags is applied in the project. Alternatively, you can enter a tag to replace the existing tag directly in the "Replace" column. You are supported by the auto-complete function in this process. Note When you search for a tag in the "Replace" column, you are supported by the auto-completion. After entering the first letter of the tag name in the "Replace", the auto-completion list contains the tags whose names contain the letters. Depending on the context, the auto-completion list only contains the tags that are permitted for the intended purpose. Note The tags shown in the column are displayed as read-only if the reference object is read-only, for example, a tag in a screen that has been stored in the library. Note It is possible to manually create a tag that does not yet exist. You create this tag at a later time. Additional options for searching You can narrow down your search by enabling the following options: Use wildcards Enter * for any number of characters. Example: You want to search for all tags starting with "HMI". Enter "HMI*" in the search key box. Enter ? for an individual character. Find whole words To search only for full names, enable the "Find whole words" option. 6166 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Replacing arrays and user-defined tags Tags with names containing the special characters . [ ] are shown in quotation marks. Array type tags and tags of user-defined data types (UDT) contain special characters to separate tags from their elements. However, they are not shown in quotation marks. To replace an array or a UDT with an HMI tag with special characters, enter the name of the HMI tag in quotation marks in the "Replace" input box. If you type the name without quotation marks, a reference to a non-existent array or UDT is created instead of a reference to the desired HMI tag with special characters. Correcting entries If an incorrect entry is made in the "Replace with" input box, the existing references can be replaced by references to non-existent tags. If you detect an incorrect entry before confirming with "OK", you can correct the error. To do this, select the "Replace" column and press the "Remove" button. Any incorrect entries in the "Reference" column are deleted. If you confirm the dialog with "OK", the affected properties of the screen objects are marked in red. Non-existent tags are highlighted in red in the "Change cross references" dialog. If the new tag does not yet exist, you must subsequently create the tag. 12.13.3.4 Textual cross-references (Panels, RT Advanced, RT Professional) Introduction Textual cross-references are cross-references that are stored as pure text. You cannot navigate to a different object with the help of textual cross-references. Such cross-references are displayed in red in the cross-reference list. Textual cross-references are created as follows: You create a textual cross-reference for a non-existent object manually by entering the object name under Property. The object used has already been deleted, and the connection to it is shown as textual cross-reference. WinCC Advanced V14 System Manual, 10/2016 6167 Visualizing processes 12.13 Using global functions Basics When references and subordinate objects of a source object are deleted, they are converted into textual cross-references. A textual cross-reference is not stored when the source object itself is deleted. Note Almost all objects, with the exception of data logs, support textual cross-references. Note Textual cross-references cannot be deleted. You can also create a textual cross-reference manually to establish a connection to a nonexistent object. This procedure can be helpful if you want to access tags directly in VB scripts without SmartTags. Note Textual cross-references for tags in RT Professional If no user data type (UDT) is assigned to a screen or the tags are referenced as user data type element with @NOP, @NOTP, @NOSP, textual cross-references appear for the tags. Using textual cross-references when working with VB scripts When working with VB scripts, you can reference tags directly with the help of textual crossreferences without having to access the SmartTags list. When you enter an object name, the script parser looks for the referenced object. 6168 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions For example: DIM x x = MyObject A reference is made to any VB script or tag that already exists under this name. If a VB script and a tag exist under this name, the script parser establishes the reference to the VB script. If neither a tag nor a VB script exists under this name, the system creates two textual crossreferences: one for the tag and one for the VB script. The first object that is created under this name (a tag or a VB script) is assigned one of the two textual cross-references. The textual cross-reference turns into an actual cross-reference. The second textual cross-reference is deleted. Note In RT Professional, only one textual cross-reference is created for the VB script, because direct addressing of tags is not possible in this context. 12.13.3.5 Invalid cross-references (Panels, RT Advanced, RT Professional) Introduction A cross-reference can become invalid as a result of certain changes to the configuration. Invalid cross-references are shown grayed out in the cross-reference list and in the Inspector window. A question mark is displayed beside the cross-reference text. Clicking on the question mark opens the online help. Invalid cross-references do not have any negative implications for your project. Basics A cross-reference can become invalid for the following reasons: A change of device type Copying a cross-reference from another HMI device to an HMI device that does not support the object in question or object property. A change to an object property or the assignment of invalid values The following objects can be invalid in the cross-reference list: Source and target object Subordinate objects and their higher-level objects Location of use WinCC Advanced V14 System Manual, 10/2016 6169 Visualizing processes 12.13 Using global functions If an object or location of use is invalid, you cannot navigate to that object or location of use. You cannot change the properties of an invalid location of use. For invalid objects, you can access the commands "Delete" and "Properties" over the shortcut menu. No other shortcut menu commands are available. No shortcut menu is available for invalid locations of use. Note Textual cross-reference invalid An object can be an invalid object and a textual cross-reference in the cross-reference list at the same time. In such a case, the invalid cross-reference is shown in red like a textual crossreference. Examples Source object invalid You have created a screen for a Comfort Panel and added a VB scripts reference to the function list. You change the device type from "SIMATIC Comfort Panel" to "SIMATIC Basic Panel". As VB scripts are not available for Basic Panels, the cross-reference for the VB script is invalid. Target object invalid For a Comfort Panel, you have created a screen that has a cross-reference to the audit trail log with the system function "ClearLog". You copy this screen to Runtime Professional. As the audit trail log is not available for Runtime Professional, the cross-reference is invalid. Property that links the source object to the target object is invalid In Runtime Professional, you have created an entry in the graphics list that has a crossreference to the "Flashing" property. You copy this graphics list to a Comfort Panel. As this property is not available on Control Panels, the cross-reference from the graphics list to the "Flashing" propery is invalid. Property invalid if source object invalid 6170 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions For a Comfort Panel, you have saved a slide-in screen that has a cross-reference to a tag over an I/O field. You change the device type from "SIMATIC Comfort Panel" to "SIMATIC Basic Panel". As the slide-in screen is not available on Basic Panels, the cross-reference is invalid. Textual cross-reference invalid You have created a tag for a Comfort Panel and linked the VB function "SetTag" to that tag. You have also created a screen that is connected to the "SetTag" VB function over the "Established" event. You delete the VB function. A textual cross-reference is created for the deleted VB function. You change the device type from "SIMATIC Comfort Panel" to "SIMATIC Basic Panel". As VB scripts are not available for Basic Panels, the textual cross-reference for the VB script is invalid. The invalid cross-reference is shown in red. 12.13.4 Managing languages 12.13.4.1 Languages in WinCC User interface language and project languages A distinction is drawn between two different language levels in WinCC: User interface language During configuration, the text in the WinCC menus and dialogs is displayed in the user interface language. The user interface language also affects the labeling of operating elements, the parameters of the system functions, the online help, etc. Project languages Project languages are all languages in which a project will later be used. Project languages are used to create a project in multiple languages. The two language levels are completely independent of one another. For example, you can create English projects at any time using a German user interface and vice versa. WinCC Advanced V14 System Manual, 10/2016 6171 Visualizing processes 12.13 Using global functions Project languages The following languages are differentiated within the project languages: Reference language The reference language is the language that you use to configure the project initially. During configuration, you select one of the project languages as the reference language. You use the reference language as a template for translations. All of the texts for the project are first created in the reference language and then translated. While you are translating the texts, you can have them displayed simultaneously in the reference language. Editing language You produce translations of the texts in the editing language. Once you have created your project in the reference language, you can translate the texts into the remaining project languages. Select a project language respectively as an edit language and edit the texts for the appropriate language variant. You can change the editing language at any time. Note When switching the project languages, the assignment to the keys on the keyboard also changes. For some languages (for example, Spanish), the operating system does not allow you to switch to the corresponding keyboard assignment. In this case, the keyboard assignment is switched to English. Runtime languages Runtime languages are those project languages that are transferred to the HMI device. You decide which project languages to transfer to the HMI device depending on your project requirements. You must provide appropriate controls so that the operator can switch between languages in runtime. See also Language settings in the operating system (Page 6172) Operating system settings for Asian languages (Page 6173) 12.13.4.2 Language settings in the operating system Introduction The configuration PC operating system settings influence WinCC language management in the following areas: Selection of project languages Regional format of dates, times, currency, and numbers Displaying ASCII characters 6172 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Project language selection A language is not available as a project language unless it is installed in the operating system. Regional format of dates, times, currency, and numbers WinCC specifies a fixed date and time format in the Date - Time field for the selected project language and runtime language. In order for dates, times, and numbers to be presented correctly in the selected editing language, this language must be set in the Regional Options in the Control Panel. Displaying ASCII characters With text output fields, the display of ASCII characters as of 128 depends on the set language and the operating system being used. If the same special characters are to be displayed on different PCs, the PCs must use the same operating system and regional settings. See also Languages in WinCC (Page 6171) Operating system settings for Asian languages (Page 6173) 12.13.4.3 Operating system settings for Asian languages Settings on Western operating systems If you want to enter Asian characters, you must activate the support for this language in the operating system. The Input Method Editor (IME) is available in Windows for configuring Asian texts. Without this editor, you can display Asian text but not edit it. For more information on the Input Method Editor, refer to the documentation for Windows. To enter Asian characters when configuring, switch to the Asian entry method in the "Input Method Editor". Switch the operating system to the appropriate language to have language-specific project texts, such as alarm texts, displayed in the simulator in Asian characters. Settings on Asian operating systems If you are configuring on an Asian operating system, you must switch to the English default input language to enter ASCII characters, for example, for object names. As the English default input language is included in the basic installation of the operating system, you do not need to install an additional input locale. WinCC Advanced V14 System Manual, 10/2016 6173 Visualizing processes 12.13 Using global functions Enable language support 1. Open the system controller. 2. Select "Regional and Language Options". 3. On the "Languages" tab, activate the check box "Install files for East Asian languages". 4. Then click on "Details" under "Text Services and Input Languages". The dialog "Text Services and Input Languages" is opened. 5. On the "Settings" tab add the required default input language under the "Installed Services". 6. Select the language of the operating system in the "Language for non-Unicode programs" area in the "Advanced" tab. See also Languages in WinCC (Page 6171) Language settings in the operating system (Page 6172) 12.13.4.4 Setting project languages Selecting the user interface language Introduction The user interface language is used for displaying menu entries, title bars, infotexts, dialog texts and other designations in the WinCC user interface. You can switch between the installed user interface languages during configuration. The labeling of the operating elements remains in the language you set when you added the object even if you change the user interface language. Procedure 1. Select "Options > Settings" in the menu. The "Settings" dialog box is opened. 2. Select the desired user interface language under "General > General settings". Result WinCC will use the selected language as user interface language. See also Enable project languages (Page 6175) Selecting the reference language and editing language (Page 6175) Languages in WinCC (Page 6171) 6174 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Enable project languages Introduction The project languages are set in the "Project languages" editor. You define which project language is to be the reference language and which the editing language. Enable project languages 1. Click on the arrow to the left of "Languages & resources" in the project tree. The lower-level elements will be displayed. 2. Double-click on "Project languages". The possible project languages will be displayed in the working area. 3. Enable the relevant project languages. Note Copying multilingual objects The copies of multilingual objects to a different project only include text objects in the project languages which are activated in the target project. Activate all project languages in the target project to include the corresponding text objects when transferring the copy. Disabling project languages 1. Disable the languages which are not relevant for the project. NOTICE If you disable a project language, all text and graphic objects you have already created in this language will be deleted from the current project. See also Selecting the user interface language (Page 6174) Selecting the reference language and editing language (Page 6175) Selecting the reference language and editing language Introduction The project languages are set in the "Project languages" editor. You define which project language is to be the reference language and which the editing language. You can change the editing language at any time. Requirements The "Project languages" editor is open. WinCC Advanced V14 System Manual, 10/2016 6175 Visualizing processes 12.13 Using global functions Several project languages have been activated. Selecting the reference language and editing language 1. Click the arrow in the drop-down list in the "General > Editing language" section. 2. Click on the required language in the drop-down list, for example, German. 3. Click on the arrow in the drop-down list in the "General > Reference language" section. 4. Click on the required language in the drop-down list, for example, English. The language selection is displayed in the list box. Result You have now selected the editing and reference languages. If you change the editing language, all future text input will be stored in the new editing language. 6176 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Selecting the user interface language (Page 6174) Enable project languages (Page 6175) 12.13.4.5 Creating one project in multiple languages Working with multiple languages Multilingual configuration in WinCC You can configure your projects in multiple languages using WinCC. There are various reasons for creating a project in multiple languages: You would like to use a project in more than one country. You create the project in multiple languages but when the HMI device is commissioned, only the language spoken by the operators at the respective site will be transferred to the HMI device. The operators of a system speak a range of different languages. Example: An HMI device is used in China, but the service personnel understand only English. Translating project texts With WinCC, you can enter project texts directly in several languages in various different editors, for example, in the "Project texts" editor. WinCC also allows you to export and import your configuration for translation purposes. This is particularly advantageous if you configure projects containing a large amount of text and want to have it translated. Language management and translation in WinCC The following editors are used to manage languages and translate texts in WinCC: Editor Short description Project languages Selection of project languages, editing language and reference lan guage. Languages and fonts Management of runtime languages and fonts used on the HMI device. Project texts Central management of configured texts in all project languages. Graphics Graphic library for managing graphics and their language-specific ver sions. See also Project text basics (Page 6178) Translating texts directly (Page 6179) Translating texts using reference texts (Page 6181) WinCC Advanced V14 System Manual, 10/2016 6177 Visualizing processes 12.13 Using global functions Exporting project texts (Page 6181) Importing project texts (Page 6183) Project text basics Texts in different languages in the project Texts that are output on display devices during processing are typically entered in the language in which the automation solution is programmed. Comments and the names of objects are also entered in this language. If operators do not understand this language, they require a translation of all operator-relevant texts into a language they understand. You can therefore translate all the texts into any language. In this way, you can ensure that anyone who is subsequently confronted with the texts in the project sees the texts in his/her language of choice. User texts and system texts In the interests of clarity, a distinction is drawn between user texts and system texts: User texts are texts created by the user. System texts are texts created automatically and which are a product of configuration in the project. The project texts are managed in the project text editor. This can be found in the project tree under "Languages & Resources > Project texts". Examples of multilingual project texts You can, for example, manage the following types of text in more than one language: Display texts Alarm texts Comments in tables Labels of screen objects Text lists Translating texts There are two ways of translating texts. Translating texts directly You can enter the translations for the individual project languages directly in the "Project texts" editor. Translating texts using reference texts You can change the editing language for shorter texts. You can enter the new texts in the editing language while the texts of the reference language are displayed. 6178 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Working with multiple languages (Page 6177) Translating texts directly (Page 6179) Translating texts using reference texts (Page 6181) Exporting project texts (Page 6181) Importing project texts (Page 6183) Translating texts directly Translating texts If you use several languages in your project, you can translate individual texts directly. As soon as you change the language of the software user interface, the translated texts are available in the selected language. Requirements You are in the project view. A project is open. You have selected at least two further project languages. WinCC Advanced V14 System Manual, 10/2016 6179 Visualizing processes 12.13 Using global functions Procedure Proceed as follows to translate individual texts: 1. Click on the arrow to the left of "Languages & resources" in the project tree. The elements below this are displayed. 2. Double-click on "Project texts". A list with the texts in the project is displayed in the work area. There is a separate column for each project language. 3. To group identical texts and translate them simultaneously, click on the " toolbar. 4. To hide texts that do not have a translation, click on the " button in the button in the toolbar. 5. Click on an empty column and enter the translation. Result You have translated individual texts in the "Project texts" editor. The texts will then be displayed in the runtime language. See also Working with multiple languages (Page 6177) Exporting project texts (Page 6181) Project text basics (Page 6178) Importing project texts (Page 6183) 6180 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Translating texts using reference texts Introduction After changing the editing language, all texts are shown in input boxes in the new editing language. If there is not yet a translation available for this language, the input boxes are empty or filled with default values. If you enter text again in an input field, this is saved in the current editing language. Following this, the texts exist in two project languages for this input field, in the previous editing language and in the current editing language. This makes it possible to create texts in several project languages. You can display existing translations for an input box in other project languages. These serve as a comparison for text input in the current editing language and they are known as the reference language. Requirement There is at least one translation into a different project language for an input field. Procedure To display the translation of an input cell in a reference language, follow these steps: 1. Select "Tasks > Languages & resources" in the task card. 2. Select a reference language from the "Reference language" drop-down list. Result The reference language is preset. If you click in a text block, translations that already exist in other project languages are shown in the "Tasks > Reference text" task card. See also Working with multiple languages (Page 6177) Project text basics (Page 6178) Exporting project texts (Page 6181) Importing project texts (Page 6183) Exporting project texts Project texts are exported for translation. Texts are exported to Office Open XML files ending in ".xlsx". These files can be edited in Microsoft Excel, for example. You can exchange the file with the translators and import it back to the project as soon as it has been translated. WinCC Advanced V14 System Manual, 10/2016 6181 Visualizing processes 12.13 Using global functions Requirements At least two languages have been enabled in the "Project languages" editor, for example, Italian and French. Exporting project texts To export individual project texts, proceed as follows: 1. Click on the arrow to the left of "Languages & resources" in the project tree. The child elements are displayed. 2. Double-click on "Project texts". The "Project texts" editor will open. 3. Select the texts you want to export. 4. Click on the 6182 button. The "Export" dialog opens. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 5. From the "Source language" drop-down list, select the language from which you wish to translate, for example Italian. 6. From the "Target language" drop-down list, select the language into which the texts are to be translated, for example, French. 7. Enter a file path and a file name for the export file in the "Export file" input field. 8. Click "Export". Result The texts selected in the "Project texts" editor are written to an xlsx file. The xlsx file will be stored in the specified folder. You can alternatively select and export all project texts from categories. Select "User texts" or "System texts" in the "Export" dialog in line with the type of texts you wish to export. In this case, export can additionally be limited by categories. Note Project texts in library objects cannot be exported. See also Working with multiple languages (Page 6177) Project text basics (Page 6178) Translating texts directly (Page 6179) Translating texts using reference texts (Page 6181) Importing project texts (Page 6183) Importing project texts Edit the xlsx file or send it to a translator. Import the texts once they have been translated. The foreign languages will be imported to the relevant object in the project. Note In WinCC, you only import the previously exported project texts into the same project. Importing into a different project is not supported. Requirements At least two languages have been enabled in the "Project languages" editor, for example, Italian and French. WinCC Advanced V14 System Manual, 10/2016 6183 Visualizing processes 12.13 Using global functions Importing project texts To import a project text file, proceed as follows: 1. Click on the arrow to the left of "Languages & resources" in the project tree. The lower-level elements will be displayed. 2. Double-click on "Project texts". The "Project texts" editor will open. 3. Click on the button. The "Import" dialog opens. 4. Select the path and file name of the import file from the "Import file" field. 5. Activate the "Import source language" check box if you have made changes to the source language in the export file and would like to overwrite the entries in the project with the changes. 6. Click on "Import". Result You have imported the project texts. See also Working with multiple languages (Page 6177) Project text basics (Page 6178) Translating texts directly (Page 6179) Translating texts using reference texts (Page 6181) Exporting project texts (Page 6181) 12.13.4.6 Using language-specific graphics "Project graphics" editor Introduction You use the "Project Graphics" editor to manage the configured graphic objects in different language versions. Multilingual projects sometimes also require language-specific versions of the graphics, for example, if the graphics contain text; cultural aspects play a role in the graphics. Opening the "Project graphics" editor Double-click in the project tree on "Languages and resources > Project graphics". 6184 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Work area The work area displays all configured graphic objects in a table. There is a separate column in the table for each project language. Each column in the table contains the versions of the graphics for one particular language. In addition, you can specify a default graphic for each graphic to be displayed whenever a language-specific graphic for a project language does not exist. Preview The preview shows you how the graphics will look on various devices. See also Storing an external image in the graphics library (Page 6186) Storing an image in the graphics library (Page 6185) Languages in WinCC (Page 6171) Storing an image in the graphics library Introduction You use the "Graphics" editor to import graphics you want to use in screens in the "Screens" editor. It also allows you to manage language-specific versions of graphics. A preview shows the graphic displays on various HMI devices. Note File names for language-dependent graphics Case is relevant in the file names of language-dependent graphics. Make sure that the format is consistent for all languages. Requirement The language-dependent versions of a graphic are available. Multiple languages have been enabled in the "Project languages" editor. The "Graphics" editor is open. Inserting graphics 1. Click "Add" in the "Graphics library" table. A dialog opens. 2. Select the required graphic file. 3. Click "Open" in the dialog box. The graphic will be imported to the project and displayed in all cells in this row in the "Graphics" editor. WinCC Advanced V14 System Manual, 10/2016 6185 Visualizing processes 12.13 Using global functions 4. Click in the corresponding cell of a language for which a language-dependent version of this graphic exists. 5. Select "Add graphic" from the shortcut menu. A dialog box opens. 6. Select the desired graphic file and click "Open." The language-dependent version is inserted in the table in place of the reference language graphic. 7. Then, in the "Default graphic" column, import a graphic to be displayed in runtime for those languages for which there is no language-specific graphic. You can also drag&drop a graphic from Windows Explorer to the relevant position in the "Graphics library" table. Displaying graphics in the HMI device preview 1. Click on a graphic in the table. 2. Select the required HMI device under "Properties > Graphics settings > Device preview" in the Inspector window. The graphic will then be displayed as it will appear in runtime on the selected HMI device. Result The graphics added are available in the "Graphics" editor. The graphic assigned to the respective editing language will be displayed during editing. The default screen will be displayed in all editing languages for which no screen has been imported. The screens assigned to the respective runtime language are displayed during runtime. The default screen is displayed in all runtime languages for which a screen has not been imported. Note If you disable a project language, all of the graphic objects you have already created in this language will be deleted from the current project. See also "Project graphics" editor (Page 6184) Storing an external image in the graphics library Introduction To display graphics that have been created in an external graphics program in your screens, you will first have to store these graphics in the graphics browser of the WinCC project. 6186 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirement Multiple languages have been enabled in the "Project languages" editor. The "Graphics" editor is open. There is a graphic in the "Graphics" editor. Creating and adding a new graphic as an OLE object 1. Click "Add" in the "Graphics library" table. A dialog box opens. 2. Navigate to the folder in which the graphic is stored. 3. Click "Open" in the dialog box. The graphic will be imported to the project and displayed in all cells in this row in the "Graphics" editor. 4. Click in the corresponding cell of a language for which a language-dependent version of this graphic exists. 5. Select "Insert object" from the shortcut menu. The "Insert object" dialog box opens. Note In addition, the dialog "External application running..." will open. The dialog will not close until you exit the external application. 6. Select "Insert object > Create new" and an object type in the dialog. 7. Click "OK." The associated graphic program is opened. 8. Close the graphics program once you have created the graphic. The graphic will be stored in the graphic programming software standard format and added to the graphic browser. Inserting created graphics in WinCC 1. Click in the corresponding cell of a language for which a language-dependent version of this graphic exists. 2. Select "Insert object" from the shortcut menu. The "Insert object" dialog box opens. Note In addition, the dialog "External application running..." will open. The dialog will not close until you exit the external application. 3. From the "Insert object" dialog box, select "Create from file." WinCC Advanced V14 System Manual, 10/2016 6187 Visualizing processes 12.13 Using global functions 4. Click the "Browse" button. 5. Navigate to the created graphic and select it. Note To import graphics files, note the following size restrictions: *.bmp, *.tif, *.emf, *.wmf 4 MB *.jpg, *.jpeg, *.ico, *.gif "*1 MB Result The OLE objects added are available in the "Graphics" editor. Versions of the graphics for the current editing language are displayed in the "Screens" editor. The default graphic is displayed in all editing languages for which no screen has been imported. The graphic is displayed in runtime in the set runtime language. The default graphic is displayed in all runtime languages for which no graphic has been imported. You can double-click OLE objects in your library to open them for editing in the corresponding graphic editor. See also "Project graphics" editor (Page 6184) 12.13.4.7 Languages in Runtime Languages and fonts in Runtime Using multiple Runtime languages You can decide which project languages are to be used in Runtime on a particular HMI device. The number of Runtime languages that are available at one time on the HMI device depends on the device. To enable the operator to switch between languages in Runtime, you need to configure a corresponding operator control. When Runtime starts, the project is displayed according to the most recent language setting. When Runtime starts the first time, the language with the lowest number in the "Order for language setting" is displayed. "Language & font" Runtime setting Configure the following under "Language & font": The project languages available as Runtime languages for the respective HMI device. The order in which the languages are switched. Default font for a Runtime language 6188 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions The license status of the fonts is also shown in the "Download font" area. If a specific license is required for a protected font, this is indicated in the "License status" column. Note Post installing fonts When a configured font on the configuration computer is missing, the project is not compiled. Re-installation is required. After installing a font, restart the TIA Portal and completely re-compile your project. Only then can the HMI device be compiled without errors. Note Runtime language in controls (RT Professional) If you have configured a control in a specific Runtime language that is not a user-interface language, it can happen that some texts, for example, system texts in the status bar, appear in the English language. Note Specify Runtime languages as input languages To enter and edit data in Runtime, configure the specified Runtime languages also as input languages for the keyboard of your PC. See also Methods for language switching (Page 6189) Enabling the runtime language (Page 6190) Setting the runtime language order for language switching (Page 6192) Setting the default font for a runtime language (Page 6193) Selecting the log language (Page 6195) Languages in WinCC (Page 6171) Methods for language switching Introduction You need to configure language switching if you want to have multiple runtime languages available on the HMI device. This is necessary to enable the operator to switch between the various Runtime languages. WinCC Advanced V14 System Manual, 10/2016 6189 Visualizing processes 12.13 Using global functions Methods for language switching You can configure the following methods for language switching: Direct language selection Each language is set by means of a separate button. In this case, you create a button for each Runtime language. Language switching The operator switches the languages using a button. Regardless of the method used, the button names must be translated into each of the languages used. You can also configure an output field that displays the current language setting. See also Languages and fonts in Runtime (Page 6188) Selecting the log language (Page 6195) Enabling the runtime language (Page 6190) Setting the runtime language order for language switching (Page 6192) Setting the default font for a runtime language (Page 6193) Enabling the runtime language Introduction The "Language & Font" editor shows all project languages available in the project. Here you select which project languages are to be available as runtime languages on the HMI device. Requirements Multiple languages have been selected in the "Project languages" editor. 6190 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure 1. Double-click on "Runtime settings" in the project tree. 2. Click on "Language & Font". 3. Select the following languages: - English - French - Italian Result You have now set three runtime languages. A number is automatically assigned to each language in the "Order" column. The enabled runtime languages are transferred with the compiled project to the HMI device. If the number of languages selected exceeds the number that can be transferred to the HMI device, the table background changes color. See also Languages and fonts in Runtime (Page 6188) Selecting the log language (Page 6195) Setting the runtime language order for language switching (Page 6192) Methods for language switching (Page 6189) WinCC Advanced V14 System Manual, 10/2016 6191 Visualizing processes 12.13 Using global functions Setting the runtime language order for language switching Introduction You specify the language order for Runtime language switching. The first time Runtime starts, the project is displayed in the language with the lowest number in the "Order" column. Requirements Multiple languages have been enabled in the "Project languages" editor. The "Language & Font" editor is open and three Runtime languages have been set in the following order: 1. English 2. Italian 3. French Procedure 1. Select the runtime language "English". 2. Click the button. The runtime language "English" is moved down a place. The number will automatically be changed to "1" in the "Order" column. Result You have changed the order of Runtime languages. The first time runtime starts, the project will be displayed in the language with the lowest number. If the language is switched, this will happen in numerical order. 6192 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Languages and fonts in Runtime (Page 6188) Selecting the log language (Page 6195) Enabling the runtime language (Page 6190) Setting the default font for a runtime language (Page 6193) Methods for language switching (Page 6189) Setting the default font for a runtime language Introduction You can specify the font used to display the texts for each runtime language on the HMI device in the "Language & Font" editor. The default font is used in all texts, such as dialog texts, for which you cannot define a specific font. WinCC offers only fonts supported by the HMI device. Note "Bold" and "Italic" fonts "Bold" and "italic" fonts are not supported on all HMI devices in Runtime. Requirements Multiple languages have been enabled in the "Project languages" editor. Three runtime languages have been enabled in the "Language & Font" editor. 1. Chinese 2. German 3. French Procedure 1. Double-click on "Runtime settings" in the project tree. 2. Click on "Language & Font". The table shows the runtime languages and fonts set. 3. Click in the "French" row in the "Default font" column. 4. Select the font to be used by default if a font cannot be selected for a given text. Result The project texts for the runtime language "French" are displayed on the HMI device in the selected font. These fonts are transferred to the HMI device during a transfer operation. WinCC Advanced V14 System Manual, 10/2016 6193 Visualizing processes 12.13 Using global functions The default font is also used for the representation of dialogs in the operating system of the HMI device. Select a smaller font as default if the full length of the dialog texts or headers is not displayed. See also Languages and fonts in Runtime (Page 6188) Selecting the log language (Page 6195) Setting the runtime language order for language switching (Page 6192) Methods for language switching (Page 6189) Standardizing font for all languages Introduction You can standardize the font for all project languages during configuration with the "Use same font for all languages" option. Requirement Multiple languages have been selected in the "Project languages" editor. Multiple languages have been selected in the "Language & font" editor. The same font is defined for the selected runtime languages under "Configured font". Procedure 1. In the "Options > Settings > Visualization > General" menu, select the "Use same font for all languages" option. Result You have enabled the option "Use same font for all languages". If you change the font of an object in one language during configuration, this font will be applied to all active languages. 6194 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Selecting the log language Introduction In the "Runtime settings > General" editor, select the language to be used for writing to logs in runtime. Requirements The languages used in your project are activated in the "Project languages" editor, for example "German" and "English" . Procedure 1. Double-click on "Runtime settings" in the project tree. 2. Click on "Language & Font". 3. Activate the runtime languages, for example, "German" and "English". 4. Specify the "order": - 1 German - 2 English 5. Click on "Runtime settings > General". 6. Select "German" for "Logs > Log language". Result After loading, the project will start in the runtime language "German". The logs are now written in German. During runtime, the operator switches the runtime language to English. The logs will still to be written in German. See also Languages and fonts in Runtime (Page 6188) Setting the default font for a runtime language (Page 6193) Setting the runtime language order for language switching (Page 6192) Methods for language switching (Page 6189) Enabling the runtime language (Page 6190) WinCC Advanced V14 System Manual, 10/2016 6195 Visualizing processes 12.13 Using global functions Specific features of Asian and Eastern languages in Runtime (Panels, Multipanels, Comfort Panels, Mobile Panels, RT Advanced) Introduction Note the following special considerations for the operation in Runtime of projects for Asian languages. Note During configuration, only use the Asian fonts that your configuration computer supports. Memory requirement for Asian character sets The memory requirement is greater when using Asian languages. Therefore look out for corresponding error messages when compiling the project. Font size for Asian character sets Use at least a font size of 10 points to display the text of projects created for Asian languages in Runtime. Asian characters will become illegible if smaller font sizes are used. This also applies to the default font in the Runtime settings under "Language & font". Text field length for Asian languages Make allowances for an appropriate length of the text fields when working on multilingual projects with Asian languages. Field contents may be partially hidden, depending on the font and the font size. 1. Open the "Properties > Appearance" text box in the Inspector window. 2. Under "Fit to size", disable the "Auto-size" option. 3. Verify the proper display in Runtime. 12.13.4.8 Example of multilingual configuration Example: Configuring a button for language switching Introduction In this example, you configure a button that can be used to toggle between multiple runtime languages during runtime. 6196 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirements You have completed the "Configuring a button in multiple languages" example. The "Screen_1" screen is open. The button on the screen has been selected. Procedure 1. In the Inspector window, select "Properties > Events > Press". 2. Click on "Add function" in the table. 3. Select the "SetLanguage" system function and the "Switch" setting. Result You have assigned the button the function "SetLanguage". Pressing the button during runtime will switch the runtime language. The runtime languages are switched in the order specified by the number sequence in the "Languages and fonts" editor. See also Example: Configuring a button in multiple languages (Page 6197) Example: Configuring a button for language switching for each runtime language (Page 6198) Languages in WinCC (Page 6171) Example: Configuring a button in multiple languages Introduction In this example, you configure a "Sprache umschalten" button in German and "Switch language" button in English. Requirements The languages "German" and "English" have been enabled in the "Project languages" editor. German has been set as editing and reference language. You have created and opened the "Screen_1" screen. The Inspector window is open. Procedure 1. Drag-and-drop a button from the "Tools" task card into the screen. The button will be added to the screen. 2. In the Inspector window, open "Properties > Properties > General". WinCC Advanced V14 System Manual, 10/2016 6197 Visualizing processes 12.13 Using global functions 3. Enter the text ""Sprache umschalten" under "Text > off". 4. Press <Enter> to confirm. The button is named. 5. Open the "Tasks" task card. 6. Select "English" under "Languages & Resources > Editing language". 7. Enter the label "Switch Language" under "Properties > Properties > General > Text > Off" in the Inspector window. Result The button name is configured in German and English language. The button name corresponding with the current Runtime language is shown in Runtime. See also Example: Configuring a button for language switching (Page 6196) Example: Configuring a button for language switching for each runtime language (Page 6198) Example: Configuring a button for language switching for each runtime language Introduction In this example, you configure a "Sprache umschalten" button in German and "Switch language" button in English. Requirements The following languages have been enabled in the "Project languages" editor - German - English - Italian All languages have been set as runtime languages in the "Runtime settings > Language & Font" editor. You have created and opened the "Screen_1" screen. Three buttons have been created on the screen: - Button_1 labelled "Deutsch" - Button_2 labelled "English" - Button_3 labelled "Italiano" The Inspector window is open. 6198 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure 1. Select "Button_1". 2. In the Inspector window, select "Properties > Events > Press". 3. Click on <Add function> in the table. 4. Select the "SetLanguage" system function. 5. Click on the "Switch" field. 6. Click on the button. 7. Select "Runtime language". The field will be highlighted in red. 8. Select "German" from the drop-down list. 9. Repeat steps 1 - 8 for the other two buttons and select the corresponding runtime language. Result You have configured three buttons for switching language in runtime. Each button will switch to a different runtime language. For example, clicking on the "English" button during runtime will switch the runtime language to English. 12.13.5 Replacing devices 12.13.5.1 Basics (Basic Panels, Panels, RT Advanced) Introduction You can use existing configurations for new devices and optimize these configurations with little manual effort. All data configured by you is retained in the configuration data. This means you do not need to copy individual objects of one device and paste them to another. WinCC Advanced V14 System Manual, 10/2016 6199 Visualizing processes 12.13 Using global functions Principle The following applies when you replace devices: Only functions supported by the new device are available. Only configuration data supported by the new device are displayed. This affects - recipes, - objects available on the screens, - available system functions, - available communication logs, etc. The number of supported objects, such as screens or tags, may be limited on the new device. If the existing objects exceed the limitations on the new device, the objects are displayed in full. The objects are, however, highlighted in color in the individual editors. An error is generated when the project data is compiled. Manual post processing is required when switching to a device with fewer features. Example: Limited number of connections All connections will be highlighted in color as invalid if fewer connections are supported on the new device than have been configured. Delete any excess connections. After an HMI device has been replaced, you should check the appearance of the configured screens. Changing the size of the display may result in changes to the position and appearance of screen objects, e.g. the recipe view and alarm view. Note If you replace a Panel and select a PC Station as your new device, for example, WinCC Runtime Advanced will automatically be moved below the PC Station in the project tree. See also Example: Replacing devices (Page 6213) Screen adjustment options (Page 6207) Key assignment when replacing devices (Page 6202) Device-specific functions (Page 6201) Basic Panel (Page 6389) Panel (Page 6396) Mobile Panel (Page 6399) Multi Panel (Page 6405) Comfort Panel (Page 6408) WinCC Runtime Advanced (Page 6414) 6200 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 12.13.5.2 Device-specific functions Device-specific functions (Basic Panels, Panels, RT Advanced) Functions dependent on the device Functions dependent on the device are implemented as follows: Colors The color is changed automatically when you switch from a device with full color display to one with a smaller color range. If you change the color manually and then change back again to a device with a larger range of colors, the reduced range of colors will be retained. Fonts Any configured font not available on a device will be replaced by a similar one or by the configured default font. The default font depends on the device selected. Character sets with different font sizes Avoid using too many different font sizes when configuring the following devices: - OP 73 - OP 77A - TP 177A A character set is downloaded to the device for each font size. Check the Inspector window during compilation to see how much of the device memory is being used by the character sets. Font size Use small Windows fonts to display the text on devices. If you use large Windows fonts, then, depending on the size of the display, the text will not be displayed in full. Using font sizes of 28 pixels or more for the OP 77A and TP 177A devices will affect device performance. The character scope is much greater for Asian languages. The use of different font sizes therefore has serious implications on the memory requirements of all devices. Use the same font type for all large characters throughout the project to ensure effective and efficient configuration. Screens and screen objects If the new device supports a different resolution than the previous device when you replace a device, there are several ways to adjust the screens. Adjust the size of the screens to the new device in the menu under "Options > Settings > Visualization > Fit to size screen". See also Example: Replacing devices (Page 6213) Basics (Page 6199) WinCC Advanced V14 System Manual, 10/2016 6201 Visualizing processes 12.13 Using global functions Key assignment when replacing devices (Panels, RT Advanced) Introduction The devices available each have different function keys. The functions configured for these keys will be mapped to the available function keys of the new device if the device is replaced. Function key mapping The function keys to the left and right of the display are mapped from top to bottom to the new device. If the new device has fewer keys, the keys it does not have are not mapped. The function keys below the display are mapped from left to right to the new device. If the new device has fewer keys, the keys it does not have are not mapped. Example: Exchange MP 377 with KP700 Comfort You have configured a function on key S3 on the MP 377. This function is triggered by F5 if the panel is replaced with an KP700 Comfort. If you use the S8 key on an MP 377, this function is no longer available when the panel is replaced with a KP700 Comfort. 6202 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Mapping K-keys K-keys are only mapped to the same K-keys in the new device, e.g. K5 to K5. If the new device has no K keys, configurations for the K keys are lost. WinCC Advanced V14 System Manual, 10/2016 6203 Visualizing processes 12.13 Using global functions If you replace a KP700 with an OP 277,for example, the F1 - F14 keys are retained. The configuration of the K keys is lost, because the KP700 has no K keys. Mapping of control keys and cursor keys The following keys are mapped only to the same keys of the new device: HELP ESC ACK ENTER PAGE UP PAGE DOWN CURSOR UP CURSOR DOWN Exception "HELP" is triggered by "SHIFT+ ESC" on OP 73. See also Key assignment when replacing devices (Page 6204) Basics (Page 6199) Screen adjustment options (Page 6207) Key assignment when replacing devices (Basic Panels) Introduction The devices available each have different function keys. The functions configured for these keys will be mapped to the available function keys of the new device if the device is replaced. 6204 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Function key mapping The function keys below the display are mapped from left to right to the new device. If the new device has fewer keys, the keys it does not have are not mapped. Note HMI devices without LED keys If you replace a device with configured LED keys with a device without LED keys in the Engineering System, runtime will not start after the project data have been transferred to the device. Delete the LED key configuration before you replace the device. Example: Replacing a KTP1000 Basic with a KTP600 Basic You have configured a function for F2 in KTP1000 Basic. This function is triggered by F2 following replacement with a KTP600 Basic. If you have used F7 in a KTP1000 Basic, this function will no longer be available if the panel is replaced with a KTP600 Basic. WinCC Advanced V14 System Manual, 10/2016 6205 Visualizing processes 12.13 Using global functions Mapping of control keys and cursor keys The following keys are mapped only to the same keys of the new device: HELP ESC ACK ENTER PAGE UP PAGE DOWN CURSOR UP CURSOR DOWN 6206 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Key assignment when replacing devices (Page 6202) 12.13.5.3 Adjusting screens to the new device Screen adjustment options (Basic Panels, Panels, RT Advanced) Introduction Select fit to size for screens before you replace a device. Fit to size is particularly important when switching devices with different display resolutions. Object adjustment to content can be prevented for objects such as graphic views or text fields. Note The objects are distorted if you replace a device with a landscape format display with a device with a portrait format display. The difference in display format can, for example, result in object labels being cut off and content not being fitted to the object. You must therefore adjust the screens to the new device once you have replaced devices. Screen adjustment when replacing devices Adjust the size of the screens to the new device in the menu under "Tools > Settings > Visualization > Resize screen". Select one of the following settings. WinCC Advanced V14 System Manual, 10/2016 6207 Visualizing processes 12.13 Using global functions None (default setting) The screens are not scaled. The objects in the screen retain their position and size. Use this setting as first test for checking of a possible exchange result because there are no rounding losses during forth and back exchange. This option may result in objects being outside the configurable area if the display of the new device is smaller than the old one. Fit to screen The position and object size are adjusted to the new display size. Resizing takes place along the x-axis and the y-axis. Graphics and font size are adjusted accordingly. Fit to height The aspect ratio is maintained and the screens are adjusted to the height of the new device. Use this option when you are replacing a device with display format 4:3, for example, with a device with widescreen. Fit to width The aspect ratio is maintained and the screens are adjusted to the width of the new device. Use this option when you are replacing a device with widescreen, for example, with a device with display format 4:3. Free scale factor You select a free scale factor for screen adjustment. You can specify a factor for the x-axis and the y-axis. Using a free scale factor of < 1 may distort the objects. Object labels may, for example, be cut off and the content may not be fitted to the object. You must therefore adjust the screens to the new device once you have replaced devices. Note The aspect ratio is not adjusted for objects with a fixed aspect ratio, for example, gauge, circle. The objects are displayed on the new device with the same aspect ratio as prior to the replacement of the device. See also Example: Adjusting screens (Page 6212) Specifying the position of screen objects (Page 6211) Fit objects to contents (Page 6209) 6208 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Basics (Page 6199) Key assignment when replacing devices (Page 6202) Fit objects to contents (Basic Panels, Panels, RT Advanced) Introduction For some objects, you can specify fit to respective content in the Inspector window, for example: Text field: fit to text content I/O field: fit to text content Symbolic I/O field: fit to text content or to text list Graphic view: fit to included graphic Fit to size for text and graphic objects Disable automatic fit to size of the individual objects in the menu under "Options > Settings > Visualization > Resize screen and screen objects > Fit to content". This results in scaling of the objects as specified under "Options > Settings > Visualization > Resize screen and screen objects". Select the objects which are not automatically fitted to size. If "Disable 'fit to size' for text objects" is activated, automatic fit to size is ignored in the text object properties. If you have activated "Fit screen to window height", the text field along with the other objects is scaled in accordance with the height of the new device. If "Disable 'fit to size' for graphic objects" is activated, automatic fit to size is ignored in the graphic object properties. If you have activated "Fit screen to window width", the graphics view along with the other objects is scaled in accordance with the width of the new device. Note The settings have no effect on screen objects whose size cannot be changed, such as alarm indicators or screen objects with a fixed aspect ratio. "Disable 'fit to size' for text objects" and "Disable 'fit to size' for graphic objects" have no effect if: - You have activated "Resize screen and screen objects > None". - You have activated "Fit screen to window width and height" and the new device has the same resolution as the current device. - You have activated "Fit screen to window height" and the new device has the same resolution as the current device. WinCC Advanced V14 System Manual, 10/2016 6209 Visualizing processes 12.13 Using global functions - You have activated "Fit screen to window width" and the new device has the same resolution as the current device. - You have selected "Resize screen and screen objects > None" and position "Top left" which means an adaptation is not necessary. Example The figure below shows the effects of automatic sizing using a graphic object with two buttons aligned as an example: Initial situation: Two buttons are aligned on a graphic object. The option "Fit object size to graphic" or "Adjust object size to graphic" is activated in the object properties of the graphic object under "Display > Sizing". Option 1: The original properties of the graphic object are to be maintained after switching the HMI device. Deactivate the option "Disable 'fit to size' for graphical objects" in the settings under "Size adaptation of objects". Effect: The graphic object retains its original size after switching the HMI device. The alignment to the buttons is lost. Option 2: The graphic object is to be placed relative to the new screen resolution after switching the HMI device. Activate the option "Disable 'fit to size' for graphical objects" in the settings under "Size adaptation of objects". The option "Fit graphic to object size" is activated automatically in the object properties of the graphic object. The two buttons are properly aligned on the graphic object even after switching the HMI device. 6210 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Specifying the position of screen objects (Page 6211) Screen adjustment options (Page 6207) Example: Adjusting screens (Page 6212) Specifying the position of screen objects (Basic Panels, Panels, RT Advanced) Introduction There are various ways to adjust the position of screen objects to the new device. Select position Adjust the position of the screen objects to the new device in the menu under "Options > Settings > Visualization > Fit to size screen > Select position". Example The following option aligns the objects with the top left edge. The following object centers the objects in the middle of the screen. See also Screen adjustment options (Page 6207) Fit objects to contents (Page 6209) Example: Adjusting screens (Page 6212) WinCC Advanced V14 System Manual, 10/2016 6211 Visualizing processes 12.13 Using global functions 12.13.5.4 Example: Replacing devices Example: Procedures overview (Panels, RT Advanced) Introduction In the following example you replace a TP177 B 6'' PN/DP with a TP700 Comfort. Procedures overview The procedure when replacing a device is as follows: 1. Adjust screens to the new device 2. Replacing devices Example: Adjusting screens (Panels, RT Advanced) Introduction Adapt the screen before you replace a device. Screen adaptation is required as the display formats are different. The TP 177B format is 320 x 240 pixels while the format of the TP700 Comfort is 800 x 480 pixels. Requirements A project is open. The TP 177B 6'' PN/DP device is used in the project. Adjusting screens 1. Open the "Options > Settings" menu. 2. Click on "Visualization > Resize screen". 6212 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 3. Activate "Fit to height". 4. Select "Disable fit to size for text objects". 5. Select "Disable fit to size for graphical objects". Result You have carried out screen adjustment in preparation for replacing devices. See also Example: Replacing devices (Page 6213) Screen adjustment options (Page 6207) Specifying the position of screen objects (Page 6211) Fit objects to contents (Page 6209) Example: Procedures overview (Page 6212) Example: Replacing devices (Panels, RT Advanced) Introduction The following example shows you how to replace a device. Requirements A project has been created and opened. The TP 177B 6'' PN/DP device is used in the project. Procedure 1. Double-click on "Devices & Networks" in the project navigation. The editor opens. 2. Click on the "TP 177B" device. 3. Select "Change Device/Version" in the device shortcut menu. A dialog opens. WinCC Advanced V14 System Manual, 10/2016 6213 Visualizing processes 12.13 Using global functions 4. Select the TP700 Comfort device. 6214 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions 5. Select the matching image for the HMI device version that suits your configuration under "Version". When you change the image, the new image is automatically transferred to the target system with the next download. All runtime files are deleted during this step. Details of hardware differences can be found in the "Compatibility information". WinCC Advanced V14 System Manual, 10/2016 6215 Visualizing processes 12.13 Using global functions 6. Click "OK". Device replacement is started. 6216 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Result You have replaced the TP 177B device used in the project. You now use the TP700 Comfort device. See also Example: Adjusting screens (Page 6212) Device-specific functions (Page 6201) Basics (Page 6199) Example: Procedures overview (Page 6212) Updating the operating system (Page 6370) Changing the device version (Page 6232) 12.13.6 Copying between devices and editors 12.13.6.1 Basics Basics Copying and pasting within an HMI device You can copy and paste objects, such as display objects, within an HMI device. If the object is already created in the editor, when the object name is inserted a number is automatically attached, in accordance with the following principle: "<Object_name>_1" is renamed to "<Object_name>_2". "<Object_name>_2" is renamed to "<Object_name>_3". WinCC Advanced V14 System Manual, 10/2016 6217 Visualizing processes 12.13 Using global functions Copying and pasting between HMI devices You can also copy and paste between HMI devices. If an object with the same name already exists, you have the following options: Note Exception to this basic rule Copying and pasting of an alarm class that has been generated from project-wide alarm class is handled differently than with this basic rule. When the copied alarm class already exists in the target HMI device within the same project, the "Paste" command is not performed. Copying user-defined folders You can create user-defined folders for editors, for example, for HMI tags, screens, etc. You can copy user-defined folders and paste them into another HMI device. The objects contained in a user-defined folder may exceed the limitations applying to the other HMI device, such as the number of supported screens. After they have been pasted, all the objects are displayed. An error is displayed when the project data is compiled. System folders cannot be copied. See also Unsupported objects and functionalities (Page 6219) Copy and paste options (Page 6219) 6218 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Copy and paste options Copy and paste options Copy and pasting individual objects simplifies configuration. WinCC offers a number of options for copying and pasting objects. Shortcut menu To copy and paste objects using the shortcut menu, proceed as follows: 1. Select an object, for example a button. 2. Select "Copy" in the shortcut menu. 3. Move the mouse cursor to the place on the screen where you want to paste the button. 4. Select "Paste" in the shortcut menu. The button will be pasted together with all properties already defined. Drag&drop To drag-and-drop objects, proceed as follows: 1. Click on "Screens > Start" in the project tree of a device. 2. Drag-and-drop the "Start" screen into the "Screens" folder of another device. 3. A dialog will appear if the second device already contains a screen with the same name. 4. Choose whether to replace or rename the existing screen. See also Basics (Page 6217) Unsupported objects and functionalities (Panels, RT Advanced) Introduction When an object is copied, all its properties and settings are transferred to the target HMI device. Unsupported objects Objects that are not supported in the target HMI device cannot be pasted. Note When you copy a screen containing objects which are not supported by the destination HMI device, the objects remain in the background. When you copy the screen again and the new device supports the objects, they are displayed again. WinCC Advanced V14 System Manual, 10/2016 6219 Visualizing processes 12.13 Using global functions Invalid objects The following objects become invalid once they have been pasted into the target HMI device: Referenced objects that do not exist in the target HMI device. Objects with settings that are not supported in the target HMI device. System functions that were configured for objects and that are not supported in the target HMI device. Invalid objects are highlighted by a color coding. Select a supported object or create a new one. If you retain an invalid object, an error will be displayed when the project data is compiled. Colors and fonts Colors and fonts are supported to varying degrees by HMI devices. When unsupported colors and fonts are pasted, they are replaced by supported colors and fonts. When you paste the same object back into the source HMI device, the original settings become active again. Alarm classes Only some of the enabled alarm classes are enabled. When you configure an alarm window, for example, in the global screen in Project_1, you copy the alarm window and paste it to the global screen in Project_2. Only some of the enabled alarm classes are enabled after pasting. This behavior applies to the following display objects: Alarm window Alarm indicator Alarm view See also Basics (Page 6217) 12.13.6.2 Copying and pasting Copying screens Introduction You copy one or more screens from the "Screens" folder and paste them into the "Screens" folder of another device. 6220 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Type and size of the displays In the case of HMI devices with keys, the available keys are displayed automatically in the screen. When a screen is copied between HMI devices, the keys are either displayed or hidden; functions configured for function keys are not transferred. If there is less space for the screen in the target HMI device than in the source HMI device, you can adjust the size of and the spacing between existing objects. Automatic fit to size for objects 1. Select "Options > Settings > Visualization > Resize screen and screen objects" in the menu. 2. Activate, for example, "Fit to height". See also Copying recipes within an HMI device (Page 6221) Copying objects with linked objects (Page 6222) Linked objects copied automatically (Page 6222) Linked objects copied automatically (Page 6223) Drag & drop from the details view (Page 6223) Copying recipes within an HMI device "Recipes" Editor You can copy recipes, recipe elements and recipe data records within each table. You copy a recipe element to another recipe. Only WinCC Runtime Professional: You can copy a recipe view element to another recipe view. If a recipe view element of the same name already exists, a conflict dialog is displayed. You can select whether to replace or rename the recipe element. You can copy recipe elements to the first empty row of the "Recipe views" editor, "Elements" tab. You can copy a recipe data record to another recipe, if the other recipe contains the same number of recipe elements. If the data types differ, the value will be copied to the target data record but it is assigned an error flag. "Tags" editor You can drag-and-drop a tag to a recipe element in the "Tag" column. The tag is linked to the recipe element. If a tag is already linked, an error message will be generated. "Screens" editor If you drag-and-drop a recipe to a screen, a new recipe display will be created and linked to the recipe. WinCC Advanced V14 System Manual, 10/2016 6221 Visualizing processes 12.13 Using global functions See also Copying screens (Page 6220) Copying objects with linked objects Introduction An object is linked to another object in the following situations, for example: You specify a tag for an alarm as a trigger tag. The alarm is the object. The tag is the linked object. You specify a connection for an external tag. The tag is the object. The connection is the linked object. The object is always fully inserted during copying and pasting. Whether or not the linked object is pasted depends on the command used to insert it. Simple pasting The linked object is not copied. The linked object is transferred and handled as follows in the target HMI device: If an object with the same name exists, the existing object with its settings is used. If no object with the same name exists, the name of the object will be displayed. The object becomes invalid. For some objects, linked objects are pasted automatically during simple pasting. See also Copying screens (Page 6220) Linked objects copied automatically (Basic Panels) Copying linked objects The following table shows the objects for which linked objects are pasted automatically in simple pasting. Object Linked object Screen Template Symbolic I/O field Text list Graphic I/O field Graphics list Graphic view Graphic Tag Alarm Cycle 6222 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Object Linked object Recipe element Text list Scheduler Triggers See also Copying screens (Page 6220) Linked objects copied automatically (Panels, RT Advanced) Copying linked objects The following table shows the objects for which linked objects are pasted automatically in simple pasting. Object Linked object Screen Cycle Template Symbolic I/O field Text list Graphic I/O field Graphics list Graphic view Graphic Tag Alarm Logging tag Cycle Log Logging tag Logging tag Log type Recipe element Text list Scheduler Triggers See also Copying screens (Page 6220) Drag & drop from the details view Introduction You can improve configuration efficiency with just a few simple measures. Below are a few examples of efficient configuration. Pasting objects to a screen from the details view You can drag objects in the details view from various different editors to other editors. WinCC Advanced V14 System Manual, 10/2016 6223 Visualizing processes 12.13 Using global functions Pasting a symbolic I/O field 1. Open a screen. 2. Click on the "Text and graphics lists" editor in the project tree. All existing text and graphics lists will be shown in the details view. 3. Click on a text list, for example, "Textlist1" in the Details view. 4. Drag-and-drop a text list from the Details view to a screen. A symbolic I/O field has been created and connected to the text list "Textlist1". Pasting a graphic I/O field 1. Open a screen. 2. Click on the "Text and graphics lists" editor in the project tree. All existing text and graphics lists will be shown in the details view. 3. Click on a graphics list in the Details view, for example "Graficlist1". 4. Drag-and-drop a graphics list from the Details view to a screen. A graphic I/O field has been created and connected to the graphics list "Graficlist1". Pasting an I/O field 1. Open a screen. 2. Click on the "HMI tags" editor in the project tree. All existing HMI tags will be shown in the Details view. 3. Click on an HMI tag in the Details view, for example "Tag1". 4. Drag-and-drop the HMI tag from the Details view to a screen. An I/O field has been created and connected to the HMI tag "Tag1". See also Copying screens (Page 6220) 12.13.6.3 Copying between different RT and ES versions Introduction You can copy and paste project data such as screens, objects or tags between projects with different WinCC versions. All configurations that are supported in the target version are retained when you copy data between projects of different WinCC versions. Configurations that are not supported by the target version are marked as invalid with a color code. 6224 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Copy of control between HMI devices from different device versions WinCC supports all configurations of a previous WinCC version. The following applies when copying within different ES versions: All the configurations that are also supported in the respective RT version are retained. Default settings are defined for configurations that are only supported in the WinCC version of the target project. Configurations that are not supported by the respective RT version are marked by color as invalid or are not displayed. All properties and settings originally defined in the source HMI device are reactivated when you copy an object back to the source HMI device unchanged. 7,$3RUWDO9[ 3URMHFW9[ 'HYLFH9[ 'HYLFH9[ 'HYLFH9[ 'HYLFH9[ $WWULEXWH $WWULEXWH $WWULEXWH The HMI device must be valid for the current Runtime version. Copying between different ES versions To copy between two TIA projects, open a second instance of the TIA Portal. You can only copy between projects that have the same ES version. The ES version of a project is indicated by the file extension *.ap<version_number>. 7,$3RUWDO 3URMHFWDS[! WinCC Advanced V14 System Manual, 10/2016 7,$3RUWDO 3URMHFWDS[! 6225 Visualizing processes 12.13 Using global functions 7,$3RUWDO 3URMHFWDS[! 7,$3RUWDO 3URMHFWDS\! 12.13.7 Using WinCC version compatibility 12.13.7.1 Basics on version compatibility (Basic Panels, Panels, RT Advanced) Introduction Edit existing projects as follows with WinCC: You edit, compile and download existing projects with the range of functions of the previous version of WinCC. You can continue to edit these projects afterwards with the previous version of WinCC. You upgrade existing projects and use the functions of the current WinCC version. Note WinCC functions While editing a project of a previous WinCC version, you can only access the functions and HMI devices of this previous WinCC version. Versions in WinCC In WinCC, you work with different version types: WinCC version The WinCC version installed on the configuration PC, for example, WinCC V12. Project version Projects are created using the WinCC version that is installed on the configuration PC. While you are editing a WinCC project from a previous version in the current WinCC version, the version ID is displayed behind the project name in the project tree. 6226 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Runtime version You can configure HMI devices with different runtime versions in WinCC. You specify the runtime version once for an HMI device. The device version must match the Runtime version. Device versions Depending on the used HMI device, the image is a combination of the operating system and / or runtime software. For each HMI device, WinCC provides various images which can be loaded onto the HMI device, if necessary, according to the configuration. The device version corresponds to a specific image. The device version must match the configuration. Compatibility of WinCC versions, Runtime versions and device versions The figure below shows the interaction of the versions in the TIA Portal: 7,$3RUWDO9 3URMHFW9 XSGDWH 5XQWLPH9 +0,GHYLFH 9 XSGDWH 7,$3RUWDO9 3URMHFW9 3URMHFW9 5XQWLPH9 5XQWLPH9 +0,GHYLFH 9 +0,GHYLFH 9 XSGDWH 3URMHFW9 5XQWLPH9 XSGDWH +0,GHYLFH 9 Creating projects After you create a new project in WinCC, open and edit it in the WinCC version in which you created it. Saving To save a project of a predecessor WinCC version in this version again, save it in the usual way. If you manually upgrade the project to your WinCC version, please note that you will no longer be able to open the project in the previous WinCC version. To save a project of the previous WinCC version in the current version, upgrade the project to your WinCC version. You can then no longer edit the project with a previous version of WinCC. WinCC Advanced V14 System Manual, 10/2016 6227 Visualizing processes 12.13 Using global functions Compiling, simulating and loading If you are using a project of a previous WinCC version, you can use your current version to generate Runtime data for this previous version. This also allows you to load HMI devices that are no longer compatible with your WinCC version. Copying within projects with different WinCC versions If objects and configurations are also available in the target version, copy these as required via the clipboard or using drag-and-drop. Opening, editing and saving projects of a previous WinCC version You can open and edit projects of previous WinCC versions as required. In doing so, you only utilize the functions of the previous WinCC version. Once you have completed editing, you can once again save and edit the project in the previous WinCC version. Compiling, downloading and simulating projects of a previous WinCC version You can compile, download and simulate projects of previous WinCC versions as required. Your current WinCC version will provide the Runtimes and device versions for the corresponding WinCC version. See also Editing projects of a previous WinCC version (Page 6228) Upgrading projects (Page 6229) Changing between device versions (Page 6231) Changing the device version (Page 6232) 12.13.7.2 Editing projects of a previous WinCC version (Basic Panels, Panels, RT Advanced) Introduction WinCC provides the option of editing projects of a previous WinCC version. While editing a project of a previous WinCC version, you can only access the functions of this version. In order to use the functions of your current WinCC version for this project, upgrade the project to your WinCC version. Note If you upgrade a project to your WinCC version, please note that you will no longer be able to open and edit the project in the previous WinCC version. 6228 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirement A project of a previous WinCC version has been created. The current WinCC version is installed on the configuration PC. Procedure Proceed as follows to edit a project of a previous WinCC version: 1. Open the project. 2. Edit the project using the functions of the previous WinCC version. 3. Save the project. 4. Compile the project. 5. Download and simulate the project. 6. You can open the project in the previous WinCC version for further editing, if required. Result The modified project data can be edited further on a different configuration PC with the previous WinCC version for further processing. The Runtime project was generated and downloaded in the corresponding Runtime version. See also Basics on version compatibility (Page 6226) 12.13.7.3 Upgrading projects Introduction If the project version is older than the WinCC version, the version ID is displayed in the project navigation. Your WinCC version also contains the previous version that you can use to edit projects as required. In order to use the functions and options of your WinCC version in a project, upgrade the project to your WinCC version. Then change your device or Runtime version(s) to match the new project version. Note WinCC version compatibility If you upgrade a project to your WinCC version, please note that you will no longer be able to edit the project with the previous version. WinCC Advanced V14 System Manual, 10/2016 6229 Visualizing processes 12.13 Using global functions Requirements The project version is a predecessor of your WinCC version. You have write access to your project drive. The project drive provides sufficient storage capacity for another project of this size. Procedure Proceed as follows to upgrade a project to your WinCC version: 1. Select the project in the project navigation. 2. Select the "Upgrade project" command from the shortcut menu of the project. A dialog opens. 3. Click "Confirm". The project closes and the progress bar is displayed. An alarm is output when the project has been upgraded. Result The project has been saved on the project drive in the previous WinCC version and with the corresponding file extension. The project is displayed on the project drive in the current WinCC version and with the corresponding file extension. The project is displayed without a WinCC version ID in the project navigation. To make use of the functions of the new WinCC version, change your device or Runtime version(s) in accordance with the new project version in the next step. See also Basics on version compatibility (Page 6226) 12.13.7.4 Upgrading a global library Introduction In order to process objects of a global library in a project, the global library must be available in the product version of the project. You can upgrade each global library from an older product version to the current product version. You are prompted accordingly when you open the global library. Requirements The version of the global library is a predecessor of your WinCC version. You have write access to your project drive. All types in the library have been released. 6230 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Note Upgrading a user library If you want to use a user library from an earlier version of WinCC, you must upgrade it. Make sure that all types of the library have been released. The library being upgraded cannot contain a type with the "in progress" status. Procedure Proceed as follows to upgrade a global library from TIA Portal V12.x or lower: 1. Open the global library. The "Upgrade global library" dialog box opens. 2. Click "OK". A copy of the global library is created and upgraded. The copy of the global library receives the name extension "_V13". The global library opens. Result The global library is stored with the appropriate file extension. See also Basics on version compatibility (Page 6226) Managing libraries (Page 6120) 12.13.7.5 Changing between device versions Selection of the device version When you configure a new HMI device, WinCC automatically selects the latest version of the device. If you want to use a device version other than the one set in WinCC, transfer an image to the HMI device. WinCC provides the images required for the supported HMI devices. Information on the device versions used in WinCC is available in the FAQs on the Internet, entry ID 21742389. NOTICE Changing the device version deletes all data on the HMI device. Data is deleted on the target system if you change the device version. For this reason, you should save existing Runtime data before changing the device version. WinCC Advanced V14 System Manual, 10/2016 6231 Visualizing processes 12.13 Using global functions HMI device configuration The following figure shows the software components of an HMI device: %DVLF3DQHO+0,GHYLFH 5XQWLPHGDWD 5XQWLPHSURMHFW (QJLQHHULQJ6\VWHP 'DWDEDFNXS &RPSLOHG :LQ&&SURMHFW 5XQWLPHVRIWZDUH 'RZQORDG ,PDJH 2SHUDWLQJV\VWHP )LUPZDUH +DUGZDUH See also Basics on version compatibility (Page 6226) Updating the operating system (Page 6370) Changing the device version (Page 6232) 12.13.7.6 Changing the device version Introduction Depending on the required Runtime version, select the suitable device version for your configuration. Note Selection of device versions The selection of available devices versions depends on the version of the project. Requirements A project has been created and opened. The project contains an HMI device. 6232 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Procedure To change the device version, follow these steps: 1. Double-click on "Devices & Networks" in the project tree. The editor opens. 2. Select the required HMI device from the device view. 3. Select "Change Device/Version" in the device shortcut menu of the HMI device. A dialog opens. 4. Select the required HMI device. 5. Select the required device version under "Version". 6. Confirm your selection with "OK". Result You have changed the device version in the WinCC project. NOTICE Changing the device version deletes all data on the HMI device. All data is deleted from the HMI device when you change the device version and compile/ download the project. You should therefore backup your Runtime data prior to the download. See also Basics on version compatibility (Page 6226) Changing between device versions (Page 6231) 12.13.8 Viewing memory card data 12.13.8.1 Basics (Basic Panels, Panels) Introduction WinCC provides you with the possibility of viewing data stored on your memory card. The function supports the use of memory cards of the HMI device and of the CPU. You have the following options: Viewing a backup (Page 6234) Renaming and deleting backups (Page 6235) Viewing HMI device images (Page 6236) WinCC Advanced V14 System Manual, 10/2016 6233 Visualizing processes 12.13 Using global functions Deleting HMI device images (Page 6238) Creating HMI device images on memory card (Page 6239) See also Viewing a backup (Page 6234) Renaming and deleting backups (Page 6235) Viewing HMI device images (Page 6236) Deleting HMI device images (Page 6238) Creating HMI device images on memory card (Page 6239) 12.13.8.2 Working with backups Viewing a backup (Basic Panels) Introduction The backup of a Basic Panel that is stored on a memory card can also be viewed in the TIA Portal. Requirements WinCC is installed. A memory card with a backup is available. The card reader is connected to the configuration PC. The project view is open. Backup on the memory card in the card reader 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" folder is displayed. 4. Open the "Online Card Data" folder 5. Click the backup to open the shortcut menu. 6. Select "Properties". 6234 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Backup on the memory card of the PLC Proceed as follows if the backup is stored on the memory card of the PLC: 1. Connect the PLC with the configuration PC. 2. Click on the PLC in the project navigation. 3. Select "Connect online" from the shortcut menu. A connection to the PLC is established. Once the PLC is connected, the "Online Card Data" folder is displayed. 4. Open the "Online Card Data" folder. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need at least read access rights in order to view the data that is stored on the memory card. 5. Click the backup to open the shortcut menu. 6. Select "Properties". Result The backup properties are displayed in a separate dialog. See also Renaming and deleting backups (Page 6235) Basics (Page 6233) Renaming and deleting backups (Basic Panels) Introduction You can rename and delete backups from a memory card in the project navigation of the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 6235 Visualizing processes 12.13 Using global functions Requirements WinCC is installed. The card reader is connected to the configuration PC. The PLC is connected online with the configuration PC. A memory card with a backup is available. The project view is open. The backup is displayed in the project navigation. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need write access rights to rename or delete memory card data. Procedure 1. Click on the backup in the project navigation. 2. Open the shortcut menu. 3. Select "Rename" to rename the file. 4. Enter a new name. 5. Select "Delete" to delete the file. Result The backup file is now renamed or deleted. See also Viewing a backup (Page 6358) Basics (Page 6357) 12.13.8.3 Working with HMI device images Viewing HMI device images Introduction The HMI device image of a Comfort Panel that is stored on a memory card can be viewed in the TIA Portal. 6236 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with the HMI device image is available. The project view is open. Procedure 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" dialog is displayed. 4. Open the "Online Card Data" folder. The available images of the HMI device are displayed in additional folders. 5. Click the required HMI device image. 6. Select "Properties" in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 6237 Visualizing processes 12.13 Using global functions Result The properties of the HMI device image are displayed in a separate dialog. See also Deleting HMI device images (Page 6238) Creating HMI device images on memory card (Page 6239) Basics (Page 6233) Deleting HMI device images Introduction You can delete the HMI device image of a Comfort Panel from a memory card in the project navigation of the TIA Portal. 6238 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with an HMI device image is available. The project view is open. The HMI device image is displayed in the project navigation. Procedure 1. Click the HMI device image in the project navigation. 2. Open the shortcut menu. 3. Select "Delete" to delete the file. Result The HMI device image is deleted. See also Viewing HMI device images (Page 6236) Basics (Page 6233) Creating HMI device images on memory card Introduction You may edit the HMI device image of a Comfort Panel without connecting the Comfort Panel to the configuration PC. Simply create the HMI device image on an external memory card or USB stick and then transfer it from there to the Comfort Panel. Requirements WinCC is installed. The card reader is connected to the configuration PC. The project view is open. Procedure 1. Insert the memory card into the card reader. 2. Click on the memory card in the project navigation. 3. Open the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 6239 Visualizing processes 12.13 Using global functions 4. Select "Create HMI OS image on memory card". A dialog opens. 5. Select an HMI device image. 6. Select the settings for the restoration. - Activate "Retain installed settings of the Control Panel" The settings you have made on the Comfort Panel are retained. - Activate "Retain installed licenses": The licenses on the Panel are retained. - Activate "Lock settings on the Panel" You can no longer change the selected settings for "Retain installed settings of the Control Panel" and "Retain installed licenses" on the Comfort Panel. Result You have created an HMI device images on memory card. You may use a USB stick instead of a memory card. 6240 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions See also Viewing HMI device images (Page 6236) Basics (Page 6233) 12.13.9 HMI device wizard basics (Basic Panels, Panels) Introduction The HMI device wizard will automatically start when you create a new HMI device in your project. HMI device wizard The HMI device wizard will guide you through each dialog step by step and help you set up a device. You use the HMI device wizard to specify the basic settings for your HMI device, such as screen layout and the connection to your PLC. WinCC Advanced V14 System Manual, 10/2016 6241 Visualizing processes 12.13 Using global functions Note When you create a device with a color display using the HMI device wizard, the graphics of the navigation buttons may be displayed in black and white. This error only occurs, however, if the new device is created with the same name as a device with a monochrome display which has been deleted in the meantime. You can avoid this error by always deleting the associated graphics in the Graphics collection whenever you delete a device from the project. Note Multiple languages in the HMI device wizard If you create multilingual screen navigation with the HMI device wizard, WinCC uses the user interface language for user-defined labels in all project languages. If the character set of the user interface language is not supported in a project language, these names will not appear in this project language, for example, with a Chinese interface language and English project language. Note Interface type of the connection If possible, the HMI device wizard makes a connection between the HMI device and controller with the default interface type of the HMI device. After configuration with the HMI device wizard, check the connection in the "Devices & Networks" editor. See also HMI device wizard basics (Page 6245) 12.13.10 Managing colors centrally 12.13.10.1 Basic principles for color management Introduction WinCC provides the option of changing the colors used in a project centrally. The "Change color reference" dialog box contains a hierarchical overview of all color-relevant properties contained in the selected object. In the display, you can navigate within the display and operating objects that are shown and thus get an overview of all colors used. Using search and filter you can specify a color selection and replace it with other colors, if necessary. 6242 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Supported objects You have access to all colors used and configured in the project with the "Change color reference" dialog. Excluded from this are colors that are used as follows: In types and instances from a library In faceplates In scripts In designs In screens with write protection 12.13.10.2 Finding and replacing colors Introduction The scope of the objects displayed in the "Change color references" dialog depends on the location at which the dialog is called. If you select an HMI device and call the dialog, all color references used on the HMI device are displayed. If you select a display object within a screen and call the dialog, only those color references that are included in the display object are displayed. Requirement You have created a project. Screens have been created. Procedure 1. Select the object that contains the required color references. 2. Select "Change object color" in the shortcut menu. A dialog opens. WinCC Advanced V14 System Manual, 10/2016 6243 Visualizing processes 12.13 Using global functions 3. Select the color that you want to change. - Click the color field in the search box. The project color selection opens. - To select a standard color or a user-defined color, click "More colors". - To use a color directly from the selected object, drag a color field from the overview table to the search box. - To select similar colors as well, set a tolerance. 4. Filter the displayed table. 5. In the table column "Replace with" select the new color for the individual properties. 6. Click "OK". 6244 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.13 Using global functions Result The new color references are configured in the selected object. 12.13.11 HMI device wizard basics (RT Advanced, RT Professional) Introduction The HMI device wizard will guide you through each dialog step by step and help you set up a device. You use the HMI device wizard to specify the basic settings for your HMI device, such as screen layout and the connection to your PLC. WinCC Advanced V14 System Manual, 10/2016 6245 Visualizing processes 12.13 Using global functions Opening the HMI device wizard 1. Add a new device to your project, for example, RT Advanced. 2. Click on the device in the project tree. 3. Select "Start the HMI device wizard" in the shortcut menu. The "HMI device wizard" opens. Note If you make changes after adding the device, such as adding a new screen, the HMI device wizard will not open again. Note When you create a device with a color display using the HMI device wizard, the graphics of the navigation buttons may be displayed in black and white. This error only occurs, however, if the new device is created with the same name as a device with a monochrome display which has been deleted in the meantime. You can avoid this error by always deleting the associated graphics in the Graphics collection whenever you delete a device from the project. Note Device dependency - quotation marks in project names WinCC Professional projects whose names are in quotation marks have not been compiled. When you create an HMI device for WinCC RT Professional, do not use quotation marks within the project name. Note Multiple languages in the HMI device wizard If you create multilingual screen navigation with the HMI device wizard, WinCC uses the user interface language for user-defined labels in all project languages. If the character set of the user interface language is not supported in a project language, these names will not appear in this project language, for example, with a Chinese interface language and English project language. See also HMI device wizard basics (Page 6241) 12.13.12 Exchanging controller data from other projects Inter-project engineering You can use the IPE (Inter Project Engineering) function to read in controller data from other TIA Portal projects and use it for configuring. IPE enables you to transfer and merge the HMI configuration and PLC programming communication into various TIA Portal projects. 6246 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 7,$3RUWDOSURMHFW ,3(ILOH ,QLWLDOL]DWLRQ RU 3URMHFWILOH 3/&GHYLFHSUR[\ You can find more information and notes on configuration under: Basics of Inter Project Engineering (IPE) 12.14 Compiling and loading 12.14.1 Establishing a connection to the HMI device Introduction To download a WinCC project to an HMI device, a properly configured connection must be set up between the configuration PC and HMI device. The connection cannot be set up, the download is cancelled. Setting up a connection between the configuration PC and HMI device 1. Check the cable connection between the HMI device and configuration PC. 2. Open the "Devices & Networks" editor in WinCC and start the network view. 3. Select the subnet in the network view and check the settings for the subnet. 4. Select the interface of the HMI device in the network view or device view and check the connection parameters in the Inspector window. 5. Switch on the HMI device and press the "Control Panel" button in the loader. The Control Panel opens. 6. Press "Transfer" twice in the Control Panel. The "Transfer Settings" dialog box opens. WinCC Advanced V14 System Manual, 10/2016 6247 Visualizing processes 12.14 Compiling and loading 7. Check the settings and then press "Advanced". The [Protocol*] Settings" dialog opens. *: The title of the dialog depends on the protocol used, for example, "PROFIBUS Settings". 8. Check the advanced settings and close the dialog with "OK". Important settings Check the connection settings and in particular the following parameters: Network and station addresses Selected transmission rate Master on the bus; as a general rule, only one master is permitted. Note Connections over Ethernet For Ethernet-based communication, check the required network settings. You can find additional information under "Readme > WinCC > Security information". If using a configurable adapter for the connection, check the adapter settings, for example, transmission rate, master on the bus. See also Loading a project (Page 6307) 12.14.2 Basic Panels (Basic Panels) 12.14.2.1 Runtime settings (Basic Panels) Runtime settings (Basic Panels) Introduction To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. Note Device dependency The options available for selection in the Runtime settings depend on the HMI device. 6248 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Overview You configure options from different areas of your project in the runtime settings: Display in Runtime - Start screen - Default template - Standard style of the project and style of the HMI device - Screen resolution - Full-screen mode - Graphic browser - Bit selection for color and flashing - Bit selection for text and graphic lists Project ID for compatibility check with the controller Logging language Remote control via Sm@rt server in the "Services" area You can find additional information on this in the WinCC online help under "Options > Sm@rt Options" Operating in Runtime - Task switching - Load additional information for debugging scripts: Object names and comments in scripts - Show limits as a tooltip - On-screen keyboard - Disable function keys - Release buttons when you leave the button - Keyboard layout and keyboard shortcuts GMP-compliant configuration You can find additional information on this in the WinCC online help under "Options > WinCC Audit". Alarms - Buffer overflow - Text of the acknowledgment group - Log - Colors of the alarm classes - Configuration of the system events - Configuration of the controller alarms WinCC Advanced V14 System Manual, 10/2016 6249 Visualizing processes 12.14 Compiling and loading User administration - Configuration of the password and logoff time - Limit for logon attempts - Hierarchy levels - Configuration of SIMATIC Logon Language and font - Available Runtime languages - Order of language switching - Default font - Download font with valid license Configuration of the OPC Unified Architecture Server Settings for synchronization of the controller and HMI tags See also Configuring the display in Runtime (Basic) (Page 6250) Configuring operation in Runtime (Basic) (Page 6252) Settings for synchronization (Page 5324) Configuring alarm buffer overflow (Page 5461) Creating alarm classes (Page 5415) Editing System Events (Page 5428) Settings for the user administration (Page 5655) Compatibility check with the controller (Page 6253) Working with logs for Runtime Advanced and Panels (Page 5529) Managing languages (Page 6171) Configuring the display in Runtime (Basic) Introduction In the Runtime settings you specify how screens, alarms and language are displayed. To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. The options available for selection depend on the HMI device. 6250 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Display on the target system In WinCC, configure the visual representation of the generated project in Runtime: Select the full-screen or window mode for the project. The window has a smaller size than the screen. In full-screen mode, the project is zoomed to the full screen. There will be no window and operator controls for this view. Click "General" in the "Settings" editor to activate the full-screen display at startup. Activate the "Full-screen mode" check box in the "Screen" field. Note Truncated view If the HMI screen does not match the configured size (in pixels), the project only appears on part of the screen in full-screen mode. Under "General > Screen", you specify whether the HMI device uses the default style of the project or another pre-defined style. Screen settings In the Runtime settings, specify the start screen and default template. You can find additional information in the online help for WinCC under "Working with screens". Language settings Logging language Under "General > Logs", you specify the language in which you want to write the logs. The selected logging language always remains the same, even if the user switches the language in Runtime. If you select "Startup language", the logging language remains the same until Runtime is stopped, even if the user has switched the language. However, the next time Runtime is started, the last configured Runtime language is used as the logging language. Runtime language Under "Language & font", you specify all Runtime languages and their display. Text entries may be truncated if you selected an unsuitable font size or style. This setting can, for example, affect the following texts: - Tooltips - Long alarm text - Text in dialogs WinCC Advanced V14 System Manual, 10/2016 6251 Visualizing processes 12.14 Compiling and loading Setting for specific screen objects Specify bit selection Under "Screens > Bit selection", you specify whether bit selection will be used on this HMI device for the following: - Text and graphics (text lists and graphic lists) - Color and flashing (appearance analysis) When you enable an option, the selection that is configured in the set bit with the least significance is displayed: When you disable an option and several bits are set, the selection that has been configured only for the set bit is displayed. Tooltips for I/O fields Under "Screens > Display", you specify whether configured limit values are displayed as tooltips in Runtime when values are entered in I/O fields. Colored objects You specify the color depth of your HMI device under "General > Screens > Color depth". As needed, you assign screen objects a colored appearance. The range of colors is determined by the color depth supported on your selected HMI device. Configuring operation in Runtime (Basic) (Basic Panels) Introduction In the Runtime settings you specify how screens are operated, and how you use keys for operation in Runtime. To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. The options available for selection depend on the HMI device. Locking task switching Depending on the HMI device, you can lock task switching on the HMI device. This will prevent the operator from opening other applications in Runtime. In the Runtime settings of the HMI device, enable the "Lock task switching" option under "General > Screen". Note Stop Runtime If you lock program switching, always configure in your project the system function "StopRuntime" for an object, e.g. a softkey or button. 6252 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Settings for data transfer to the HMI device Transferring names of the screen objects in scripts If you enable the "Load names" option under "General > Screen", the object names of the screen objects are transferred instead of coded addressing information. You need the object names, if you want to address the screen objects in a script via the object names. When you test a script in the debugger, the code becomes more comprehensible by displaying the object names. Displaying comments in scripts Under "Screens > Display", you specify whether the comments in scripts are also transferred to the HMI device. If you do not transfer the comments, you save storage space on your HMI device. If you transfer the comments, the script is more easily understood during testing in the debugger. Operation using function keys To symbolize the function of a function key for keyboard devices, you configure a graphic next to the function key in the display. Under "Screens > Function keys > User-defined pictogram size", you specify whether you want to use a graphic size that deviates from the standard size. Operation with keyboard Under "Keyboard > General > Use screen keyboard", you specify whether the screen keyboard is available on your HMI device. Under "Keyboard > General > Release button on exit", you specify whether the "Release" event is triggered when the user exits a button without releasing it. Under "Keyboard > Disable function keys in dialogs", you specify for keyboard HMI devices whether the function keys are disabled for the duration of the displayed dialog. Large dialogs can hide explanatory areas or graphics at function keys or that border function keys. Functions keys can be unintentionally pressed due to this. Compatibility check with the controller Introduction The "Project ID" area pointer is used to configure the project ID for checking the consistency of the project with the PLC. The area pointer reads the project version from the PLC. You can find additional information in the online help for WinCC under "Communicating with controllers". Compatibility check with the controller You select the project ID in the Runtime settings of the HMI device under "General > Identification > Project ID". At startup, Runtime checks whether the project ID of the project matches the PLC project version. Runtime will only start if the two values match. WinCC Advanced V14 System Manual, 10/2016 6253 Visualizing processes 12.14 Compiling and loading An area pointer "Project ID" is created for connections whose address you specify in the PLC. The value that you store at this address will become the project ID. The project ID is not available on all HMI devices. Password protection in Runtime (Basic Panels) Password protection in Runtime (Basic Panels) Overview Connection establishment in the TIA Portal can be password-protected. The configured passwords are saved in encrypted form. When transferred to the target system, the passwords are also protected from unauthorized access and cannot be read. The passwords are securely decrypted on the HMI devices in runtime. Password protection can be set up for the following connections: SIMATIC S7-1200 SIMATIC S7-1500 SIMATIC S7-1500 software controller (WinAC) PC Station 2.0 (station manager) Note The passwords become invalid if you switch to an older version. Downloading certificates The certificate for decrypting the passwords is saved in the certificate store of the HMI device. A system alarm is output if the certificate is not available. You can restore the certificate by downloading the configuration again. See also Configuring a password for transport (Page 6254) Resetting the password for transport (Page 6255) Configuring a password for transport (Basic Panels) Introduction To protect the private password key during transport, you can configure a password for transport under "Runtime settings". 6254 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Creating a password 1. Open the "Runtime settings > General" editor in the Project window. 2. Enter the password in the "Enter password" box in the "Transport password" area. 3. Confirm the password in the "Confirm password" box. Note If there was no previous password, the "Old password" box is disabled. Result You have now configured the password for transport. If a password for transport has been configured and you transfer the project to the HMI device, a dialog with a password prompt will appear once in runtime. The dialog with the password prompt also appears if the password has been changed. If the password entered is correct, the certificate is saved in the certificate store of the HMI device. See also Password protection in Runtime (Page 6254) Resetting the password for transport (Page 6255) Resetting the password for transport (Basic Panels) Introduction If you have moved the transport password, for example, you can create a new security certificate. To do so, reset the transport password. Resetting the password 1. Click the "Reset password" button. The password is reset. A new certificate without a password is generated. Note Other passwords, for example the password for the PLC, will become invalid. The next time you compile, an error message will appear telling you that these passwords are no longer valid. 2. Enter the new password and confirm it in the "Confirm password" field. Note The certificate is not password-protected until you enter a new password for transport. WinCC Advanced V14 System Manual, 10/2016 6255 Visualizing processes 12.14 Compiling and loading See also Password protection in Runtime (Page 6254) Configuring a password for transport (Page 6254) 12.14.2.2 Overview of compiling and loading projects (Basic Panels) Overview The project is compiled in the background even as you are configuring it in WinCC. This reduces the time for final compilation. When you start compilation, you create a file that can be run on the corresponding HMI device. If an error occurs during compilation, WinCC provides support in locating and correcting it. Once you have corrected any problems, you download the compiled project to the HMI devices on which the project is to run. If you are using HMI tags in your project that are connected to PLC tags, you should also compile all modified S7 blocks with the command "Compile > Software" in the shortcut menu before you compile the HMI device. Definition of terms The term "project" has two different meanings in the contexts of compilation and loading. "Project" is the WinCC project on the configuration PC. "Project" is also the Runtime project you create by compiling the configuration data of an HMI device and download to the HMI device. WinCC project: contains the configuration data of one or more HMI devices Runtime project: contains the compiled configuration data of an HMI device The figure below illustrates the link between WinCC projects and Runtime projects using the example of the "Compile and load" process: 6256 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading (6SURMHFW0L[LQJ %DVLF3DQHO 57SURMHFWV +0,B +0,B %DVLF3DQHO 6FUHHQV +0,WDJV +0,B 'RZQORDG )LOHV\VWHP +0,B 5XQWLPH 57$GYDQFHG +0,B 57$GYDQFHG 6FUHHQV +0,WDJV +0,B &RPSLOH +0,B 573URIHVVLRQDO 6FUHHQV +0,WDJV 'RZQORDG +0,B +0,B )LOHV\VWHP 5XQWLPH 573URIHVVLRQDO +0,B 'RZQORDG )LOHV\VWHP :LQ&& &RQILJXUDWLRQ3& +0,B +0,B )LOHV\VWHP 5XQWLPH +0,GHYLFHV Runtime version The Runtime version depends on the image of the configured HMI device. The Runtime version of the compiled project is displayed under "Info" in the Inspector window. 12.14.2.3 Compiling a project (Basic Panels) Introduction The changes made to the project are compiled in the background even as you are configuring a project in WinCC. Projects are compiled automatically when you load them. This ensures that the latest version of the project is loaded at all times. WinCC checks consistency of the project during compilation. The error locations in the project are listed in the Inspector window. You can jump directly to the source of the error from the entry in the Inspector window. Check and correct errors found. Scope of the compilation Configuration data is compiled in the background as soon as you start configuring an HMI device. If you compile a project manually, only the changes in the configuration made since the last compilation process are compiled in the background. You can start complete project compilation manually at any time; this may, for example, be done to test the consistency of the configured data. Requirement A project is open. WinCC Advanced V14 System Manual, 10/2016 6257 Visualizing processes 12.14 Compiling and loading Procedure Proceed as follows to compile a project: 1. If you want to compile several HMI devices at the same time, select all the relevant HMI devices with multiple selection in the project tree. 2. Compile the project: - To only compile changes in the project, select the "Compile > Software (only changes)" command from the shortcut menu of the HMI device. - To compile all project data, select the "Compile > Software (compile all)" command from the shortcut menu. Result The configuration data of all selected HMI devices is compiled. Any errors that occur during compilation are shown in the Inspector window. 12.14.2.4 Simulating projects (Basic Panels) Simulation basics (Basic Panels) Introduction You can use the simulator to test the performance of your configuration on the configuration PC. This allows you to quickly locate any logical configuration errors before productive operation. You can start the simulator as follows: In the shortcut menu of the HMI device, or in a screen: "Start simulation" Menu command "Online > Simulation > [Start|With tag simulator|With script debugger]" Under "Visualization > Simulate device" in the portal view. Requirements The simulation/runtime component is installed on the configuration PC. Field of application Use the simulator to test various functions of the operator control and monitoring system, such as: Checking limit levels and alarm outputs Consistency of interrupts Configured interrupt simulation Configured warnings 6258 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Configured error messages Check of status displays Interconnection and screen layout Simulating a project Introduction You simulate your project with one of the following two methods: Without a connected PLC You change the value of area pointers and tags in a tag simulator that is read for the simulation of WinCC Runtime. With a connected PLC without a running process You simulate your project by running it directly in Runtime. The tags and area pointers become active. This allows you to create an authentic simulation of your configured HMI device in Runtime. Note Simulation restrictions You cannot simulate the following system functions: CalibrateTouchScreen You cannot simulate the Media Player. A static screen appears in the simulation window instead of the Media Player. File access via scripts is not possible for HMI devices with Windows CE. Requirement Simulation without a connected PLC: Tags have been created Simulation with a connected PLC but no active process: A project with tags and area pointers has been created Procedure To simulate a project using the tag simulator, follow these steps: 1. Open the project on the configuration PC. 2. Select the "Online > Simulation > With tag simulator" menu command. For initial project simulation, the simulator is started with a new, empty table. The project is opened simultaneously in Runtime. Toggle between the tag simulator and Runtime using the <Alt +Tab> key combination. 3. To simulate a process value, select the corresponding "tag" from the tag simulator. The table lists all configured tags. You can simulate up to 300 tags simultaneously. 4. Select the simulation mode in the "Simulation" column. WinCC Advanced V14 System Manual, 10/2016 6259 Visualizing processes 12.14 Compiling and loading 5. Change the value of tags and area pointers in the respective columns. 6. Activate the "Start" check box to start the simulation for this tag. 7. To save the simulation, select the menu command "File > Save" and enter a descriptive name, for example, "Mixing". The file name is assigned the extension "*.cors". Result The process values are simulated in Runtime. The tag values are created at random, or incremented, depending on the simulation mode. To specify tag values, change the simulation mode to "<Display>" and enter a value at "Set value". The following figure shows a tag simulator with four tags whose values can be determined at random in a range of values from 10 to 1000: Managing simulation data If you have saved data from a previous simulation, you can open the file at a later point in time and simulate your project again. The tags and area pointers listed in the tag simulator must still be available in the project. Proceed as follows to open a simulation file: 1. Select the menu command "Online > Simulate Runtime > With tag simulator". 2. Select the menu command "File > Open" in the tag simulator. 3. Select the corresponding simulation file and click "Open". The simulator loads the stored data. Enabling and disabling tags Start and stop the simulation for each tag separately in order to facilitate the transition from offline to online engineering. Activate "Start" in the corresponding row. If a tag is activated, the simulation values are calculated and transferred to the WinCC simulator. 6260 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Deleting a tag To delete a tag from the tag simulator, follow these steps: 1. Select the cell that contains the tag name. 2. Select the "Edit > Cut" menu command. The tag is removed from the table. Working with the tag simulator (Basic Panels) About the tag simulator The tag simulator has the following columns: Column Description Tag Specifies the tags for the simulation. Data type Shows the data type of the selected tag. Current value Shows the simulated value of the defined tags. Format Specifies the selected format in which the tag values are simulated: Decimal (1, 2, 3, 4, ...) Hexadecimal (03CE, 01F3, ...) Binary (0 and 1) Write cycle Specifies the selected time interval at which the current tag values are simulated. If you enter "2", for example, the current value of the tag will be shown every 2 seconds. Simulation Shows the method by which the tag values are processed during simulation. Set value Sets the selected value for the respective tag. The simulation start with the specified value. minValue Specifies the value range of the tag. You set a minimum and maximum value for this range. The default values are -32768 for the minimum and 32767 for the maximum. maxValue Period Contains the period during which the value of the tag is repeated for the "Increment" and "Decrement" simulation modes. Start Starts simulation of the tag based on the previously entered information. Simulation modes The simulator has six different simulation modes. The configured tags are supplied with nearly realistic values during the simulation. WinCC Advanced V14 System Manual, 10/2016 Simulation mode Description Sinusoidal Changes the tag value to form a sinusoidal curve. The value is visualized as a periodic, non-linear function. Random Provides randomly generated values. The tag value is changed by means of a random function. Increment Increases the value of the tag continuously up to a specified maximum value. Begins again at the minimum after the maximum has been reached. The value trend corresponds to a positive saw-tooth curve. 6261 Visualizing processes 12.14 Compiling and loading Simulation mode Description Decrement Reduces the value of the tag continuously down to a specified minimum value. Begins again at the maximum after the minimum has been reached. The value curve corresponds to a negative saw-tooth curve. Shift bit Shifts a set bit continuously by one position. The previous position is always reset. This lets you test the alarms of an HMI device, for example. <Display> The current tag value is displayed statically. Example: Simulate tags with the "Shift bit" simulation mode Proceed as follows to simulate tags with the "Shift bit" simulation mode: 1. Open the project you want to simulate. 2. Select the menu command "Online > Simulate Runtime > With tag simulator". The tag simulator opens. 3. In the "Tag" column, select a tag from your project. 4. Select "Bin" in the "Format" column. 5. Enter the value "1" in the "Write cycle" column. 6. Select the "Shift bit" simulation mode in the "Simulation" column. 7. Enter the value "1" in the "Set value" column. 8. Enable the tag with the "Start" check box. Result The simulator tests the selected tag bit-by-bit as follows: Simulation values Byte for alarms Set start value 00000001 1. Simulation value 00000010 2. Simulation value 00000100 3. Simulation value 00001000 .... ... In Runtime you see if the desired alarm is output at a given value. Simulation restrictions (Basic Panels) Alarms with dynamic parameters If you use tags or text lists as external tags for alarms, the dynamic parameters of the alarms are not displayed. Only internal tags are enabled for the simulation of alarms in the tag simulator . You can use PLCSim to simulate dynamic parameters. 6262 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 12.14.2.5 Loading projects (Basic Panels) Overview for loading of projects (Basic Panels) Overview Delta data of the project is automatically compiled before you download it to one or several HMI devices. This always ensures that the latest version of the project is transferred. Loading a project to an HMI device The following steps are completed prior to downloading: 1. The download settings are verified. The "Extended loading" dialog box is opened automatically during the initial download of a project to an HMI device. You use this dialog to define the protocol and interface or destination path for the project in accordance with the HMI device Runtime used. You can open the "Extended download" dialog at any time with the menu command "Online > Extended download to device...". The "Load preview" dialog opens. 2. The project is compiled. Warnings and errors during compilation are displayed in the Inspector window and in the "Load preview" dialog. 3. The "Load preview" dialog shows you the following information for each HMI device: - The individual steps for loading - If the image of the target HMI device does not match the image from the configuration, a prompt is displayed asking whether you want to now change the image. NOTICE Changing the image deletes all data from the HMI device. Data is deleted on the target system if you change the image. For this reason, first back up the following data, if necessary: User administration Recipes - Presettings that take effect at loading. You can change the default settings for this download process, if necessary. - Occurring warnings (optional). You can download a project while ignoring the "warnings". The functionality may be restricted in runtime. - Occurring errors (optional). You cannot load the project. WinCC will open the invalid configuration in the corresponding editor if you double-click the error message in the Inspector window. Correct the errors and reload the project. If you are using HMI tags in your project that are connected to PLC tags, you should also compile the user program before you compile the HMI device. WinCC Advanced V14 System Manual, 10/2016 6263 Visualizing processes 12.14 Compiling and loading Loading with S7 routing Configure the S7 routing settings in the "Devices & Networks" editor in the relevant controller. The settings depend on the device configured. S7 routing supports the following protocols: MPI/PROFIBUS Ethernet Transferring Runtime add-ons Projects can contain Runtime add-ons in the form of controls or CSP (Communication Support Packages). These Runtime add-ons are automatically transferred with the project. Loading a project (Basic Panels) Introduction Before a project can run on an HMI device, you must first load it to the HMI device. During loading, you must most importantly specify whether existing data on the HMI device such as "user administration" and "recipe data" is to be overwritten. If the HMI device supports PROFINET, the name of the HMI device entered in the project tree is used as the device name for the PROFINET communication. The name is written to the HMI device during download. If a device name for the PROFINET communication has already been entered in the HMI device, it will be overwritten. As a general rule, only one project can be active in Runtime on an HMI device. An HMI device is generally configured to exit Runtime automatically when loading is started. If this is not the case, you will have to exit Runtime manually on the HMI device. If the image of the target HMI device does not match the image from the configuration, a prompt is displayed asking whether you want to now change the image. NOTICE Changing the image deletes all data from the HMI device. Data is deleted on the target system if you change the image. For this reason, first back up the following data, if necessary: User administration Recipes Controlling the transfer behavior on the HMI device As a general rule, only one project can be active in Runtime on an HMI device. An HMI device is generally configured to exit Runtime automatically when loading is started. If this is not the case, you will have to exit Runtime manually on the HMI device. 6264 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading You define how the HMI device reacts when the project is loaded in the "Start Center" under "Settings" on the HMI device: Transfer mode Effect Off The project cannot be loaded to the HMI device. Manually The project can only be loaded to the HMI device if the following requirements are met: Runtime is not running The HMI device is in "Transfer" mode. Automatic The project can always be loaded to the HMI device. If a transfer is started on the configuration PC and a project is in runtime on the HMI device, the running project is automatically closed. For Mobile Panels, this transfer mode is disabled for security reasons. Note Closing Runtime automatically After the commissioning phase, disable the automatic transfer function to prevent the HMI device from switching inadvertently to transfer mode. Transfer mode can trigger unwanted responses in the plant. In order to restrict access to the transfer settings and thus avoid unauthorized changes, enter a password in the "Start Center". Please refer to the documentation for the HMI device used for more detailed information on transfer settings. Requirements You have created an HMI device in the project. The HMI device is connected to the configuration PC. The "Start Center" has been started on the HMI device. The protocol by which the project is loaded is set on the HMI device in the "Start Center" under "Settings". Transfer mode is set as "Automatically" or "Manually" in the HMI device. Procedure Proceed as follows to load a project: 1. To download a project simultaneously to several HMI devices, select the HMI devices by means of multiple selection in the project tree. 2. Select the "Download to device > Software" command from the shortcut menu of an HMI device. WinCC Advanced V14 System Manual, 10/2016 6265 Visualizing processes 12.14 Compiling and loading 3. If the "Extended loading" dialog is open, configure the "Settings for loading". Make sure that the "Settings for loading" correspond to the "Transfer settings in the HMI device". - Select the protocol used, for example, Ethernet or HTTP. - Configure the relevant interface parameters on the configuration PC. - Make any interface-specific or protocol-specific settings required in the HMI device. - Click "Download". You can open the "Extended download" dialog at any time with the menu command "Online > Extended download to device...". The "Load preview" dialog opens. The project is compiled at the same time. The result is displayed in the "Load preview" dialog. 4. Check the displayed presettings and change them as necessary. 5. Click "Download". Result The project is loaded to all selected HMI devices. Any existing project is replaced. The data for user administration and / or recipes is replaced in accordance with the settings in the "Load preview" dialog. During the download, you can keep track of the files that are transferred. If errors or warnings occur during the download, corresponding alarms are displayed under "Info > Load" in the Inspector window. On completion of the successful download of the project, you can execute it on the HMI device. Note If the transfer is interrupted, WinCC automatically ensures that no data is lost and that existing data is deleted on the HMI device only after complete transmission. 12.14.2.6 Runtime start (Basic Panels) Starting Runtime on the HMI device (Basic Panels) Introduction On completion of the project download to the HMI device, you can start the project in Runtime. The project is saved in the HMI device to a file with the following extension: Basic Panels as well as OP 73, OP 77A and TP 177A: "*.srt" The project settings defined in the "Runtime settings" of the HMI device are activated when the project is started in Runtime. 6266 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading The programs that you can use to start projects on the HMI device are available in the Runtime installation folder. Note Closing Runtime automatically If automatic transfer is activated on the HMI device and a transfer is started on the configuration PC, the running project is automatically terminated. The HMI device then automatically switches to "Transfer" operating mode. After the commissioning phase, disable the automatic transfer function to prevent the HMI device from switching inadvertently to transfer mode. Transfer mode can trigger unwanted responses in the plant. In order to restrict access to the transfer settings and thus avoid unauthorized changes, enter a password in the "Start Center". Requirements WinCC Runtime is installed on the HMI device. The project was downloaded to the HMI device. The "Start Center" has been started. Procedure The project is stored on a panel in a folder you specify in the HMI device transfer settings. The "Start Center" application is started on a panel. The project loaded is started automatically after expiration of the configured delay. If the project does not start automatically: 1. Click on "Start" in the "Start Center" to start the loaded project. Refer to the documentation for the HMI device for additional information on startup of projects. 12.14.2.7 Error messages during loading of projects (Basic) (Basic Panels) Possible problems during the download When a project is being downloaded to the HMI device, status messages regarding the download progress are displayed in the output window. Usually, problems arising during the download of the project to the HMI device are caused by one of the following errors: Incorrect download settings on the HMI device Incorrect HMI device type in the project The HMI device is not connected to the configuration PC. The most common download failures and possible causes and remedies are listed below. WinCC Advanced V14 System Manual, 10/2016 6267 Visualizing processes 12.14 Compiling and loading The serial download is cancelled Possible remedy: Select a lower baud rate. The download is cancelled due to a compatibility conflict Possible cause Remedy The configuration PC is connected to the wrong device, e.g. a controller. Check the cabling. Correct the communication parameters. Project download fails Possible cause Remedy Connection to the HMI device cannot be establish Check the physical connection between the con ed (alarm in the output window) figuration PC and the HMI device. Check whether the HMI device is in transfer mode. Exception: Remote control The default communication driver is not listed in the Windows Device Manager. Check the device status of the COM connection in the properties window of the Device Manager. Download over MPI/DP interface fails Possible cause Remedy "Configured mode" is set on the CP, for example, if you are using the SIMATIC NET CD. Set the CP to "PG mode" using the "Set PC sta tion" application. Check the "baud rate" and "MPI address" network parameters. Download the project from WinCC to the CP. Set the CP back to "configured mode". On the programming device/PC panel, the "S7ON LINE" access point is not set to a hardware device such as CP5611 (MPI). The cause may be the in stallation of "SIMATIC NET CD 7/2001". Set the access point "S7ONLINE" on the selected device using the "PG/PC Panel" or "Set PC sta tion" application. Check the "baud rate" and "MPI address" network parameters. Download the project from WinCC to the HMI de vice. Restore the "S7ONLINE" access point to the orig inal device. The configuration is too complex 6268 Possible cause Remedy The configuration contains too many different ob jects or options for the HMI device selected. Remove all objects of a type, e.g. all graphic views. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 12.14.2.8 Adapting the project for another HMI device (Basic Panels) Introduction When you download a WinCC project to an HMI device, WinCC checks whether this is compatible with the HMI device type used in the project. If the types of HMI device do not match, you will see a message before the download starts. The download is aborted. Adapting the project for the HMI device You need to adapt the project accordingly to be able to download the project to the connected HMI device. Add a new HMI device in the project tree. Select the correct type of HMI device from the HMI device selection. Copy the configured components from the previous to the new HMI device. Copy large amounts of components directly in the project navigation and details view. For example, copy the "Screens" folder to the screens folder of the new HMI device with the help of the shortcut menu. Use the detail view to copy entries in the project tree for which the "Copy" command is not available in the shortcut menu. Select the "Recipes" entry in the project tree, for example. The recipes are displayed in the detail view. Select the recipes in the detail view and drag them to the "Recipes" entry of the new HMI device. The recipes are copied. You can also select multiple objects in the detail view. Configure the components that cannot be copied, e.g. connections, area pointers, and alarms. Save the project at various points in time. Compile the full project. When the compilation is successfully completed, download the project to the HMI device. Linking references References to linked objects are included in the copying. The references are linked again once the linked objects are copied. Example: You copy a screen in which objects are linked to tags. The tag names are entered at the individual objects after the screen is added to the new HMI device. The tag names are marked in red because the references are open. When you then copy the tags and insert them into the new HMI device, the open references are closed. The red marking for the tag names disappears. For complete references to connected objects in the PLC, you first need to configure a connection to the PLC. WinCC Advanced V14 System Manual, 10/2016 6269 Visualizing processes 12.14 Compiling and loading Using the information area When you compile the project for the HMI device, errors and warnings are displayed in the "Info" tab of the Inspector window. You can use the shortcut menu command "Go to" to go directly to the location where the error or warning can be corrected. Work through the list of errors and warnings from top to bottom. When the compilation is successfully completed, download the project to the HMI device. 12.14.2.9 Reducing the project size (Basic Panels) Introduction When loading a large-scale project to an HMI device, the memory of the HMI device may be insufficient for the project. There are several ways to reduce the size of your project. Options for reducing the project size There are several ways to reduce the size of the project and save space: Reduce the number of available Runtime languages Check whether all selected Runtime languages are actually needed. You can disable the languages that you do not need under "Runtime settings > Language & Font > Runtime language and font selection". Do not use help texts for S7 diagnostic alarms To reduce the size of the project, you can disable the download of help texts for the S7 diagnostic alarms. In order to avoid downloading the help texts to the HMI device, disable the option "Download S7 diagnostics help texts" under "Runtime settings > Alarms > General". Rebuild all software In order to optimize the project data and to clean up obsolete changes, compile the entire project using the "Compile > Software (rebuild all)" command from the shortcut menu of the HMI device. Harmonize the presentation using styles (as of WinCC V13) It is recommended to harmonize screen objects using styles. Standardize the appearance of screen objects in a project to optimize project data. Use the specified preset or customized style for the configuration of the screen objects throughout the project. Enable automatic update of PLC alarms (for S7-1500 controllers and V14 HMI devices) To save space, you can specify that the PLC alarm texts are only to be loaded in Runtime when needed. To do this, enable the "Automatic update" option under "Runtime settings > Alarms > Controller alarms". Make sure that automatic update of alarms is also enabled in the corresponding controller. The "Automatic update" option is not available on Basic Panels. The amount of space that can be saved depends on the number of PLC alarms and the number of Runtime languages. 6270 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Reduce the number of fonts loaded Check whether the number of downloaded user-defined fonts can be reduced. If necessary, configure only the standard fonts for the required Runtime languages under "Runtime settings > Language & font > Runtime language and font selection". To save space, use fewer font groups for the configuration. Reduce the size of the graphics Check the size of the graphics that you use in the project. If necessary, reduce the size of the graphics by reducing the resolution or choose a higher compression format without noticeable loss of quality for the project graphics. To keep the project size small for Basic HMI devices, harmonize the sizes of graphics used in the project. Select appropriate graphic formats for your screens: For example, use PNG images for drawings that are not vector graphics and JPEG images for photos. 12.14.2.10 Basics of operating in Runtime (Basic Panels) Overview (Basic Panels) Overview of operator control of a project Depending on the HMI device, the following options are available for the input with Basic HMI devices. Touch screen Function keys Mouse and keyboard Use the touch screen and function keys or mouse and keyboard to operate the Control Panel / Start Center or the project running on your HMI device. Note Incorrect operation A project can contain certain operations that require in-depth knowledge about the specific plant on the part of the operator. Make sure that your plant is only operated by qualified personnel. WinCC Advanced V14 System Manual, 10/2016 6271 Visualizing processes 12.14 Compiling and loading Operating options for an HMI device Depending on your HMI device, operate your plant as follows: Touch screen operation The display of the device is touch-sensitive. You operate the operating elements in the display with your finger or a stylus. Operation with control keys and function keys Control keys and function keys are integrated into the housing of the device. - Control keys have a specified function, for example, navigation or the acknowledgment of alarms. - Function keys are freely user-assignable and their function is therefore project-specific. Mouse and keyboard operation Mouse and keyboard are connected via an integrated USB port. You operate the operating objects with mouse and keyboard. Individually configured operation The configuration engineer has various options available for setting up operation. Examples of actions whose execution is always determined on a project-specific basis: Screen change Reporting Changing Runtime language There are no specific operating elements to execute certain functions. The configuration engineer specifies the project-specific execution. A screen change can be triggered with a button or a function key, for example. Information on project-specific operations can be found in the system documentation. Operation with the touch screen (Basic Panels) Overview of operation with the touch screen (Basic Panels) Use the touch screen to operate the HMI device of the project that is running on your HMI device. 6272 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Operating the touch screen NOTICE Damage to the touch screen Do not touch the touch screen with sharp or pointed objects. Avoid tapping the touch screen with hard objects, and avoid constantly using motion control. Both can significantly reduce the useful life or even cause the failure of the touch screen. Triggering unintended actions You can trigger unintended actions if you touch several operating elements at the same time. Always touch only one operating element on the screen. Operating elements are touch-sensitive symbols on the screen of the HMI device. Special features of operation using the touch screen Operation with the touch screen is characterized by the following special features: Enable To enable an operator control, touch the touch screen with your fingers or with a stylus. To generate a double-click, touch the operator control twice in rapid succession. Value input You enter numbers and letters on the touch screen with a screen keyboard. Careful operation If you touch multiple operator controls at the same time, you may trigger unintentional actions. Value input using the screen keyboard The screen keyboard is displayed as soon as you operate a screen object that requires an input. Depending on the HMI device and the configured operating element, the system displays different screen keyboards for entering numerical or alphanumerical values. The screen keyboard is hidden again when input is complete. File browser on a Windows 8 PC You can only operate the file browser dialog with a mouse, keyboard or on-screen keyboard (without using the touch function) on a Windows 8 PC with touch screen. Use the file browser dialog of the Windows operating system with the help of a script on a touch screen PC with Windows 8. Screen keyboard (Basic Panels) Layout The figure below shows the basic layout of a screen keyboard on a TP1500 Basic. WinCC Advanced V14 System Manual, 10/2016 6273 Visualizing processes 12.14 Compiling and loading Numbers Letters Operator controls The following keys are available on the screen keyboard of all HMI devices: Button Name Function Cursor left Navigates to the left Cursor right Navigates to the right Backspace Deletes a character Escape Cancels the input Enter Confirms the input Help Displays the infotext This key is only displayed when an infotext has been configured for the operator control. Screen keyboard for 2nd generation Basic Panels (Basic Panels) Layout The figure below shows the basic layout of a screen keyboard on a Basic Panel 2nd Generation. 6274 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Numbers Letters WinCC Advanced V14 System Manual, 10/2016 6275 Visualizing processes 12.14 Compiling and loading Operator controls The following keys are available on the screen keyboard of all HMI devices: Button Name Function Cursor left Navigates to the left Cursor right Navigates to the right Backspace Deletes a character Escape Cancels the input Enter Confirms the input Help Displays the infotext This key is only displayed when an infotext has been configured for the operator control. Operation with keys (Basic Panels) Overview of operation with keys (Basic Panels) Introduction Use the keys of the HMI device to operate the Control Panel / Start Center of your HMI device or the project that is running on your device. Depending on the device, control keys and function keys are available. For more detailed information, refer to the operating instructions for your HMI device. 6276 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Control keys and shortcuts (Basic Panels) Introduction The following tables list the control keys available to operate the project. Note The availability of control keys is determined by the HMI device used. You trigger functions on keyboard HMI devices either with a key or a shortcut. With shortcuts, you keep the first key pressed. Then you press the second key. Navigating in the display Key or shortcut Function Description Tabulator Selects the next operating element in the tab sequence Tabulator Selects the previous operating element in the tab sequence Cursor keys Selects the next operating element to the left, to the right, above or below the cur rent screen object Navigating in the operating element WinCC Advanced V14 System Manual, 10/2016 6277 Visualizing processes 12.14 Compiling and loading Operation of operating elements Key or shortcut Function Description ENTER key Controls buttons. Applies and ends an entry Opens a selection list Toggles between character mode and standard mode within an input field A single character is selected in character mode. In this mode, you can scroll within the character set using the cursor keys. Positioning cursor Positioning the cursor within an operating element, for example, in an I/O field Delete characters Deletes the character to the left of the current cursor position Delete characters Deletes the next character to the right of the current cursor position Cancel Deletes the input characters of a value and restores the original value Closes the active dialog. 6278 Scroll to start Scrolls to the start page of a list Scrolling back Scrolls the list back by one page Scroll to end Scrolls to the end of a list. Scrolling up Scrolls the list up by one page Open selection list Opens a selection list Accept value Accepts the value selected in the selec tion list without closing the list WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Enter shortcut Key Function Purpose Toggle (numbers/letters) Toggles the assignment from numbers to letters No LED is lit: The number assignment is enabled. Pressing the key once switches to letter assignment. The right or left LED is lit: The left or right letter assignment is enabled. Each time the key is pressed, the system toggles between the left letter assignment, the right letter assignment and the number assignment. Shift (upper/lower case) Used in shortcuts, for example, for switching to up percase letters Toggle to additional keyboard lay Some of the keys contain a blue special character out in their bottom left corner, for example, the percent sign "%". To input these characters, press the rele vant key in combination with the special character key shown on the left. General control function Used in shortcuts, for example, for navigating trend views General control function Used in shortcuts, for example for the "Watch table" screen object Function Purpose Acknowledge Acknowledges the currently displayed alarm or all alarms of an alarm group Acknowledge alarms Key The LED is lit as long as an unacknowledged alarm is active. Displaying infotext Key Function Description Displaying infotext For the selected object, opens a window with the configured infotext, for example, for an alarm or an I/O field The LED is lit if an infotext is available for the selec ted object. Key or shortcut Function Keys (Basic Panels) The assignment of the function keys (F1, F2, F3, etc.) is defined during configuration. WinCC Advanced V14 System Manual, 10/2016 6279 Visualizing processes 12.14 Compiling and loading Function keys with global function assignment A globally assigned function key always triggers the same action on the HMI device or in the PLC regardless of the screen displayed. The activation of a screen or the closing an alarm window, for example, is such an action. Function keys with local function assignment A function key with local function assignment is screen-specific and is therefore only effective within the active screen. The function of a locally assigned function key can vary from screen to screen. Within a screen, a function key has only one function assignment, either a global or local one. The project planner specifies which assignment has priority. Operating function keys Note Operating function key after screen change If you press a function key after a screen change, the associated function may be triggered in the new screen before the new screen is fully displayed. Navigating in the display (BS) (Basic Panels) Introduction You navigate on the display of your HMI device as follows: between configured screen objects within screen objects When you select a complex screen object, the cursor focus switches to the screen object and follows the tab sequence there. in tables of screen objects Procedure To navigate in the specified tab sequence, press the <TAB> key. To navigate freely between the operator controls, press the cursor keys. Depending on the configuration of your HMI device, you can also use function keys or shortcuts for navigation. When you operate your HMI device with the touch screen or with the mouse, you implicitly navigate by triggering a desired action. For this purpose, touch or click the operator control. 6280 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Result The operator controls receive the cursor focus according to the selected sequence. You can trigger an action on the selected operator control. For more detailed information, refer to the operating instructions for your HMI device. Triggering an action (Basic Panels) Introduction Triggering an action at an operator control can mean the following: A command is executed. Example: Click a button to trigger a script or to execute a predefined function. An object is enabled. Example: To enter a value, select a table cell with the <Enter> key. Requirement You have navigated to the operator control on which you want to trigger the action. The operator control has the cursor focus. Procedure Press <Enter>. Or Touch the operator control on the touch screen once or twice in rapid succession. Or Click or double-click the operator control with the mouse. Result The following results are possible: The requested command is executed. The screen keyboard is opened and/or the cursor blinks in the input area of the operator control. The element is selected and can be moved. For more detailed information, refer to the operating instructions for your HMI device. Entering a value (Basic Panels) Introduction Depending on the input format, you enter numerical or alphanumerical values in an input field. WinCC Advanced V14 System Manual, 10/2016 6281 Visualizing processes 12.14 Compiling and loading You enter these values depending on the existing hardware using the screen keyboard, the control keys of the HMI device or an external keyboard. Requirement The object is an input field or table field. The operator control is enabled. Entering a value 1. Enter the desired value. 2. To confirm the value and exit the field, press the <Enter> key. 3. To discard the value and exit the field, press the <Esc> key. Result A value is entered or discarded. You navigate as needed to the next operator control. For more detailed information, refer to the operating instructions for your HMI device. Moving operator controls (Basic Panels) Introduction In Runtime, you can move the movable operator controls of a screen object with the mouse or using the touch screen, for example, a slider or a scroll bar. Operation with the keyboard is described below. Requirement A movable operator control is selected. Procedure To move the operator control, proceed as follows depending on the operating element: - Standard for touch screen: Press the cursor keys. - Standard for keyboard devices: Press <SHIFT> and the cursor keys. - Switches: Press <ENTER> - Slider: Press <PgUp> or <PgDn> 1. To finish the movement, navigate to another screen object or operator control. 6282 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Slider procedure 1. To move the operator control, press the cursor keys. 2. To finish the movement, navigate to another screen object or operator control. Result The position of the movable operator control and the display in the screen object have changed. For more detailed information, refer to the operating instructions for your HMI device. Displaying infotext (Basic Panels) Introduction Depending on the configuration, additional information and operating instructions are available as infotext. The infotext is assigned to an operating element, an alarm or to the open screen. The infotext of an I/O field may contain, for example, information about the value to be entered. As an alternative to the <Help> key of the HMI device, use the <Help> key of the screen keyboard for input objects. Requirement An infotext is configured for the operating element, the screen or an alarm. Calling the infotext 1. Enable the desired operating element. 2. Press the <Help> key of the HMI device. The infotext for the operating element is displayed. If you are operating your input object with the touch screen, the screen keyboard opens. If the <Help> key appears, an infotext is configured for the operating element or the current screen. If there is no infotext for the selected screen object, the infotext for the current screen is displayed, if it has been configured. Use the scroll bar for long infotexts. Depending on your configuration, infotext can also be retrieved by means of a configured operating element. Switching between infotexts To switch between the infotexts of the operating elements and the screen, enable the infotext window. WinCC Advanced V14 System Manual, 10/2016 6283 Visualizing processes 12.14 Compiling and loading Hiding infotext To hide the infotext, press the <Esc> key or press the <Help> key again. Changing Runtime language (Basic Panels) Introduction The HMI device supports multilingual projects. A corresponding operating element which lets you change the language setting on the HMI device in Runtime has been configured. The project always starts with the language set in the previous session. Requirement The required language for the project is available on the HMI device. The language switching function is linked to an operating element, for example, to a button. Selecting a language You can change project languages at any time. Language-specific objects are immediately displayed on the screen in the new language when you switch languages. You can switch the language in Runtime in one of the following ways: Use a configured operating element to switch from one language to the next in a list. Use a configured operating element to directly set the required language. 12.14.2.11 Security on the HMI device (Basic Panels) Signature basics (Basic Panels) Overview The HMI device software and the runtime and device options are protected from manipulation by signatures. The device options available over ProSave are also signed. HMI device signature The validity of the HMI device signature is checked when the HMI device software is loaded. If the HMI device signature is invalid, loading of the HMI device software is canceled and an error message is output. Signature for runtime and device options 6284 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading If the signature check finds that the signature is invalid, an error message to this effect is output. An error message indicating an invalid signature is also output in ProSave. Note To allow loading of the HMI device software or the options without a signature (for versions prior to V14), you will need to switch off the signature check. For details of how to do this, see Switching off the signature check (Page 6285). Switching off the signature check (Basic Panels) Procedure 1. Press "Transfer" twice in the control panel of the HMI device. The "Transfer Settings" dialog box opens. The option "Validate signatures" is enabled by default. Note If you wish to load an older WinCC project to an HMI device, you will need to check the settings for the signature check. 2. To allow the HMI device software to be loaded without a signature or to allow the download of a trustworthy option from a third-party provider, disable the "Validate signatures" option. See also Signature basics (Page 6284) 12.14.3 Runtime Advanced and Panels (Panels, RT Advanced) 12.14.3.1 Runtime settings (Panels, RT Advanced) Runtime settings (Panels, RT Advanced) Introduction To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. Note Device dependency The options available for selection in the Runtime settings depend on the HMI device. WinCC Advanced V14 System Manual, 10/2016 6285 Visualizing processes 12.14 Compiling and loading Overview You configure options from different areas of your project in the Runtime settings: Display in Runtime - Start screen - Default template - Standard style of the project and style of the HMI device - Screen resolution - Full-screen mode - Project graphics - Bit selection for color and flashing - Bit selection for text and graphics lists Project ID for compatibility check with the controller Logging language Remote control via Sm@rt Server in the "Services" area You can find additional information on this in the WinCC online help under "Options > Sm@rt options" Operating in Runtime - Task switching - Load additional information for debugging scripts: Object names and comments in scripts - Show limits as a tooltip - Screen keyboard - Disable function keys - Release of buttons when cursor leaves the button - Keyboard layout and shortcuts GMP-compliant configuration You can find additional information on this in the WinCC online help under "Options > WinCC Audit". Alarms - Buffer overflow - Text of the acknowledgment group - Log - Colors of the alarm classes - Configuration of the system events - Configuration of the controller alarms 6286 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading User administration - Configuration of the password and logoff time - Limit for logon attempts - Hierarchy levels - Configuration of SIMATIC Logon Language and font - Available Runtime languages - Order of language switching - Default font - License status of the fonts Configuration of the OPC Unified Architecture Server Settings for synchronization of the PLC and HMI tags See also Settings for synchronization (Page 5324) Configuring alarm buffer overflow (Page 5461) Creating alarm classes (Page 5415) Editing System Events (Page 5428) Settings for the user administration (Page 5657) Configuring display in Runtime (Page 6287) Configuring operation in Runtime (Page 6289) Compatibility check with the controller (Page 6291) Reporting Alarms (Page 5450) Editing controller alarms (Page 5429) Configuring an OPC server (Page 6424) Managing languages (Page 6171) Working with logs for Runtime Advanced and Panels (Page 5529) Configuring display in Runtime Introduction In the Runtime settings, you specify how screens, alarms and language are displayed. To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. The options available for selection depend on the HMI device. WinCC Advanced V14 System Manual, 10/2016 6287 Visualizing processes 12.14 Compiling and loading Display on the target system In WinCC, configure the visual representation of the generated project in Runtime: Select the full-screen or window mode for the project. The window has a smaller size than the screen. In full-screen mode, the project is zoomed to the full screen. There will be no window and operator controls for this view. Click "General" in the "Settings" editor to activate the full-screen display at startup. Activate the "Full-screen mode" check box in the "Screen" field. Note Truncated view If the HMI screen does not match the configured size (in pixels), the project only appears on part of the screen in full-screen mode. To hide the taskbar, disable the taskbar under Windows. Under "General > Screen", you specify whether the HMI device uses the default style of the project or another pre-defined style. Language settings Logging language Under "General > Logs", you specify the language in which you want to write the logs. The selected logging language always remains the same, even if the user switches the language in Runtime. If you select "Startup language", the logging language remains the same until Runtime is stopped, even if the user has switched the language. However, the next time Runtime is started, the last configured Runtime language is used as the logging language. Runtime language Under "Language & font", you specify all Runtime languages and their display. Note "Bold" and "Italic" fonts "Bold" and "italic" fonts are not supported on all HMI devices in Runtime. Note Basic Panels, OP73, OP77A and TP177A Text entries may be truncated if you select an unfavorable font size or style. This setting may have an effect on the following text entries: Tooltips Long alarm text Text in the dialogs 6288 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Setting for specific screen objects Specify bit selection Under "Screens > Bit selection", you specify whether bit selection will be used on this HMI device for the following: - Text and graphics (text lists and graphic lists) - Color and flashing (appearance analysis) When you enable an option, the selection that is configured in the set bit with the least significance is displayed: When you disable an option and several bits are set, the selection that has been configured only for the set bit is displayed. Tooltips for I/O fields Under "Screens > Display", you specify whether configured limit values are displayed as tooltips in Runtime when values are entered in I/O fields. Colored objects You specify the color depth of your HMI device under "General > Screens > Color depth". As needed, you assign screen objects a colored appearance. The range of colors is determined by the color depth supported on your selected HMI device. Design settings in the Windows Control Panel Select the "Windows 7" design for the configuration PC and the Runtime PC in the system settings of Windows. Use this setting to ensure correct representation of the dialogs and the on-screen keyboard in Runtime. Configuring operation in Runtime (Panels, RT Advanced) Introduction In the Runtime settings you specify how screens are operated, and how you use keys for operation in Runtime. To edit the Runtime settings for your HMI device, select "Runtime settings" under your HMI device in the project tree. The options available for selection depend on the HMI device. Locking task switching Depending on the HMI device, you can lock task switching on the HMI device. This will prevent the operator from opening other applications in Runtime. In the Runtime settings of the HMI device, enable the "Lock task switching" option under "General > Screen". To use the "Lock task switching" option on a Runtime PC, disable the Aero theme in Windows 7 and Windows 8.x. To disable the Aero theme, right-click on the desktop and select WinCC Advanced V14 System Manual, 10/2016 6289 Visualizing processes 12.14 Compiling and loading "Personalize". In the "Personalization" menu, select the designs "Windows Basic" or "Windows - Classic". Note Stop Runtime If you lock program switching, always configure in your project the system function "StopRuntime" for an object, e.g. a softkey or button. Settings for data transfer to the HMI device Transferring names of the screen objects in scripts If you enable the "Load names" option under "General > Screen", the object names of the screen objects are transferred instead of coded addressing information. You need the object names if you want to address the screen objects in a script using the object names. When you test a script in the debugger, the code becomes more comprehensible through the display of object names. Displaying comments in scripts Under "Screens > Display", you specify whether the comments in scripts are also transferred to the HMI device. If you do not transfer the comments, you save storage space on your HMI device. If you transfer the comments, the script is more easily understood during testing in the debugger. Operation using function keys To symbolize the function of a function key for keyboard devices, you configure a graphic next to the function key in the display. Under "Screens > Function keys > User-defined pictogram size", you specify whether you want to use a graphic size that deviates from the standard size. Operation with keyboard Under "Keyboard > General > Use screen keyboard", you specify whether the screen keyboard is available on your HMI device. Under "Keyboard > General > Release button on exit", you specify whether the "Release" event is triggered when the user exits a button without releasing it. Under "Keyboard > Disable function keys in dialogs", you specify for key devices whether the function keys are disabled for the duration of the displayed dialog. Large dialogs can hide explanatory areas or graphics at function keys or bordering function keys. Functions keys can be unintentionally pressed due to this. 6290 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Compatibility check with the controller (Panels, RT Advanced) Introduction The "Project ID" area pointer is used to configure the project ID for checking the consistency of the project with the PLC. The area pointer reads the project version from the PLC. You can find additional information in the online help for WinCC under "Communicating with controllers". Compatibility check with the controller You select the project ID in the Runtime settings of the HMI device under "General > Identification > Project ID". At startup, Runtime checks whether the project ID of the project matches the PLC project version. Runtime will only start if the two values match. An area pointer "Project ID" is created for connections whose address you specify in the PLC. The value that you store at this address will become the project ID. The project ID is not available on all HMI devices. Setting time base (Panels, RT Advanced) Setting the time base for the time of day You set the time in the Control Panel of your HMI device. For more detailed information, refer to the operating instructions for your HMI device. Synchronize date and time with the PLC You can find additional information on this subject in the online help for WinCC under "Communicating with the PLC". WinCC Advanced V14 System Manual, 10/2016 6291 Visualizing processes 12.14 Compiling and loading Printing in Runtime (Panels, RT Advanced) Print functions Print functions available in online mode: Hardcopy You print out the currently displayed screen by means of an operator control that triggers the "PrintScreen" system function. Printing alarms Every alarm that has occurred and its state changes are reported along on a printer. Printing reports Reports are output in graphic mode. The use of a serial printer is not recommended because of the accumulated data volume. For proper output, the printer must support the paper format and page layout of the report. Note The value of a tag in the report is read and output at the moment of printing. A substantial time may elapse between printing out the first and the last page of a report consisting of several pages. This may lead to the same tag on the last page being output with a different value from that on the first page. Password protection in Runtime (Panels, RT Advanced) Password protection in Runtime: Basics (Panels, RT Advanced) Overview The connection establishment can be protected with passwords in the TIA Portal. The configured passwords are saved encrypted. The passwords are also protected against unauthorized access during transfer to the target system and cannot be read. These passwords are decrypted securely on the HMI devices in Runtime. Password protection can be created for the following connections: SIMATIC S7-1200 SIMATIC S7-1500 SIMATIC S7-1500 Software Controller (WinAC) PC Station 2.0 (station manager) SIMATIC HMI HTTP Password protection can also be created for the following system function: "SendEMail" system function 6292 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Note The passwords are deleted when you change to an older version. Download certificate The certificate for decryption of the passwords is saved in the certificate store of the HMI device. You will be informed by a system message if the certificate is not available. You restore the certificate by downloading the configuration once again. See also Resetting the password for transport (Page 6294) Configuring a password for transport (Page 6293) Configuring a password for transport (Panels, RT Advanced) Introduction To protect the private password key during transport, you can configure a password for transport under "Runtime settings". Creating a password 1. Open the "Runtime settings > General" editor in the Project window. 2. Enter the password in the "Enter password" box in the "Transport password" area. 3. Confirm the password in the "Confirm password" box. Note If there was no previous password, the "Old password" box is disabled. Result You have now configured the password for transport. If a password for transport has been configured and you transfer the project to the HMI device, a dialog with a password prompt will appear once in runtime. The dialog with the password prompt also appears if the password has been changed. If the password entered is correct, the certificate is saved in the certificate store of the HMI device. WinCC Advanced V14 System Manual, 10/2016 6293 Visualizing processes 12.14 Compiling and loading See also Password protection in Runtime: Basics (Page 6292) Resetting the password for transport (Page 6294) Resetting the password for transport (Panels, RT Advanced) Introduction If you have moved the transport password, for example, you can create a new security certificate. To do so, reset the transport password. Resetting the password 1. Click the "Reset password" button. The password is reset. A new certificate without a password is generated. Note Other passwords, for example the password for the PLC, will become invalid. The next time you compile, an error message will appear telling you that these passwords are no longer valid. 2. Enter the new password and confirm it in the "Confirm password" field. Note The certificate is not password-protected until you enter a new password for transport. See also Configuring a password for transport (Page 6293) Password protection in Runtime: Basics (Page 6292) 12.14.3.2 Overview of compiling and loading projects (Panels, RT Advanced) Overview The project is compiled in the background even as you are configuring it in WinCC. This reduces the time for final compilation. When you start compilation, you create a file that can be run on the corresponding HMI device. If an error occurs during compilation, WinCC provides support in locating and correcting it. Once you have corrected any problems, you download the compiled project to the HMI devices on which the project is to run. If the configuration PC is not connected to the HMI device, save the compiled project on a data medium of your choice. The compiled project is then transferred from a PC connected to the HMI device to the HMI device. 6294 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading If you are using HMI tags in your project that are connected to PLC tags, you should also compile all modified S7 blocks with the command "Compile > Software" in the shortcut menu before you compile the HMI device. Project The term "project" has two different meanings in the contexts of compilation and loading. "Project" is the WinCC project on the configuration PC. "Project" is also the Runtime project you create by compiling the configuration data of an HMI device and download to the HMI device. WinCC project: contains the configuration data of one or more HMI devices Runtime project: contains the compiled configuration data of an HMI device The figure below illustrates the link between WinCC projects and Runtime projects using the example of the "Compile and load" process: (6SURMHFW0L[LQJ %DVLF3DQHO 57SURMHFWV +0,B +0,B %DVLF3DQHO 6FUHHQV +0,WDJV +0,B +0,B 57$GYDQFHG 6FUHHQV +0,WDJV 'RZQORDG )LOHV\VWHP +0,B 5XQWLPH 57$GYDQFHG +0,B &RPSLOH +0,B 573URIHVVLRQDO 6FUHHQV +0,WDJV 'RZQORDG +0,B +0,B )LOHV\VWHP 5XQWLPH 573URIHVVLRQDO +0,B 'RZQORDG )LOHV\VWHP :LQ&& &RQILJXUDWLRQ3& +0,B +0,B )LOHV\VWHP 5XQWLPH +0,GHYLFHV Runtime Runtime is the software for process visualization. In Runtime, you execute the project in process mode. A distinction is made between two types of Runtime: 1. Runtime on a panel Before running a Runtime project on a panel, you have to transfer the Runtime project to the panel before startup. 2. Runtime on a PC You can execute the Runtime project directly on the configuration PC if Runtime has been installed on the configuration PC. If you want to execute the Runtime project on a different PC, you have to transfer the Runtime project to the PC before startup. WinCC Advanced V14 System Manual, 10/2016 6295 Visualizing processes 12.14 Compiling and loading Runtime version The Runtime version depends on the image of the configured HMI device. The Runtime version of the compiled project is displayed under "Info" in the Inspector window. Simulation You test your configuration with a simulation. You can start a simulation without a link to the active process. In a simulation, you test configured tags or screen changes, for example. During the simulation, the configured tags can be manipulated, activated and deactivated with the help of the tag simulator. There are two types of simulation: 1. Simulating a panel If you created a panel in your project, the panel is displayed in the simulation. With the help of this type of simulation, you can test your configuration on the HMI device without transferring the project to the panel. 2. Simulating Runtime Simulating Runtime allows you to test the project directly on the configuration PC. See also Generating a "Pack&Go" file (Page 6310) Starting Runtime Advanced and Panel Runtime (Page 6319) 12.14.3.3 Compiling a project (Panels, RT Advanced) Introduction The changes made to the project are compiled in the background even as you are configuring a project in WinCC. Projects are compiled automatically when you load them. This ensures that the latest version of the project is loaded at all times. WinCC checks consistency of the project during compilation. The error locations in the project are listed in the Inspector window. You can jump directly to the source of the error from the entry in the Inspector window. Check and correct errors found. Scope of the compilation Configuration data is compiled in the background as soon as you start configuring an HMI device. If you compile a project manually, only the changes in the configuration made since the last compilation process are compiled in the background. You can start complete project compilation manually at any time; this may, for example, be done to test the consistency of the configured data. 6296 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Requirement A project is open. Procedure Proceed as follows to compile a project: 1. If you want to compile several HMI devices at the same time, select all the relevant HMI devices with multiple selection in the project tree. 2. Compile the project: - To only compile changes in the project, select the "Compile > Software (only changes)" command from the shortcut menu of the HMI device. - To compile all project data, select the "Compile > Software (compile all)" command from the shortcut menu. Result The configuration data of all selected HMI devices is compiled. Any errors that occur during compilation are shown in the Inspector window. 12.14.3.4 Simulating projects (Panels, RT Advanced) Simulation basics (Panels, RT Advanced) Introduction You can use the simulator to test the performance of your configuration on the configuration PC. This allows you to quickly locate any logical configuration errors before productive operation. You can start the simulator as follows: In the shortcut menu of the HMI device or in a screen: "Start simulation" Menu command "Online > Simulation > [Start|With tag simulator|With script debugger]" Under "Visualization > Simulate device" in the portal view. Requirement The simulation/runtime component is installed on the configuration PC. Field of application You can use the simulator to test the following functions of the HMI system, for example: Checking limit levels and alarm outputs Consistency of interrupts WinCC Advanced V14 System Manual, 10/2016 6297 Visualizing processes 12.14 Compiling and loading Configured interrupt simulation Configured warnings Configured error messages Check of status displays See also Simulating a screen (Page 6301) WinCC Runtime Advanced simulation (Page 6298) Working with the tag simulator (Page 6301) WinCC Runtime Advanced simulation (Panels, RT Advanced) Introduction There are two different simulation modes for Runtime Advanced simulation: Device simulation Tag simulation Both types of simulation simulate the project without a direct process link to the configuration PC. Data such as logs or recipes generated during simulation are not deleted. This data is saved on the configuration PC in the paths configured in the project. Device simulation Use device simulation to simulate operator control of the HMI device. Device simulation is, for example, used to test screen switching. Tag simulation Use tag simulation to simulate the configured process tags. You can either have tag values generated automatically by a simulation table or define tag values yourself. See also Simulation basics (Page 6297) Simulating a project (Page 6299) Start debugger (Page 6303) 6298 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Simulating a project (Panels, RT Advanced) Introduction You simulate your project with one of the following two methods: Without a connected PLC You change the value of area pointers and tags in a tag simulator that is read for the simulation of WinCC Runtime. With a connected PLC without a running process You simulate your project by running it directly in Runtime. The tags and area pointers become active. This allows you to create an authentic simulation of your configured HMI device in Runtime. Note Simulation restrictions You cannot simulate the following system functions: CalibrateTouchScreen You cannot simulate the Media Player. A static screen appears in the simulation window instead of the Media Player. File access via scripts is not possible for HMI devices with Windows CE. Requirement Simulation without a connected PLC: Tags have been created Simulation with a connected PLC but no active process: A project with tags and area pointers has been created Procedure To simulate a project using the tag simulator, follow these steps: 1. Open the project on the configuration PC. 2. Select the "Online > Simulation > With tag simulator" menu command. For initial project simulation, the simulator is started with a new, empty table. The project is opened simultaneously in Runtime. Toggle between the tag simulator and Runtime using the <Alt +Tab> key combination. 3. To simulate a process value, select the corresponding "tag" from the tag simulator. The table lists all configured tags. You can simulate up to 300 tags simultaneously. 4. Select the simulation mode in the "Simulation" column. 5. Change the value of tags and area pointers in the respective columns. 6. Activate the "Start" check box to start the simulation for this tag. 7. To save the simulation, select the menu command "File > Save" and enter a descriptive name, for example, "Mixing". The file name is assigned the extension "*.cors". WinCC Advanced V14 System Manual, 10/2016 6299 Visualizing processes 12.14 Compiling and loading Result The process values are simulated in Runtime. The tag values are created at random, or incremented, depending on the simulation mode. To specify tag values, change the simulation mode to "<Display>" and enter a value at "Set value". The following figure shows a tag simulator with four tags whose values can be determined at random in a range of values from 10 to 1000: Managing simulation data If you have saved data from a previous simulation, you can open the file at a later point in time and simulate your project again. The tags and area pointers listed in the tag simulator must still be available in the project. Proceed as follows to open a simulation file: 1. Select the menu command "Online > Simulate Runtime > With tag simulator". 2. Select the menu command "File > Open" in the tag simulator. 3. Select the corresponding simulation file and click "Open". The simulator loads the stored data. Enabling and disabling tags Start and stop the simulation for each tag separately in order to facilitate the transition from offline to online engineering. Activate "Start" in the corresponding row. If a tag is activated, the simulation values are calculated and transferred to the WinCC simulator. Deleting a tag To delete a tag from the tag simulator, follow these steps: 1. Select the cell that contains the tag name. 2. Select the "Edit > Cut" menu command. The tag is removed from the table. 6300 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Simulating a screen (Panels, RT Advanced) Introduction If you have only made changes to one screen, you can temporarily specify this screen as the start screen for simulation. In this way, you can debug changes without having to modify the start screen, or opening the screen on the HMI device. Requirements You created a project that contains at least one screen. Procedure To define a screen as temporary start screen for simulation, follow these steps: 1. In the project navigation, select the image to display as the start screen in the simulation. 2. Select the "Start simulation" command from the shortcut menu of the screen. Result Project simulation is started. Instead of the configured start screen, the simulation window the screen you selected in the project navigation. See also Simulation basics (Page 6297) Working with the tag simulator (Panels, RT Advanced) About the tag simulator The tag simulator has the following columns: Column Description Tag Specifies the tags for the simulation. Data type Shows the data type of the selected tag. Current value Shows the simulated value of the defined tags. Format Specifies the selected format in which the tag values are simulated: Decimal (1, 2, 3, 4, ...) Hexadecimal (03CE, 01F3, ...) Binary (0 and 1) WinCC Advanced V14 System Manual, 10/2016 Write cycle Specifies the selected time interval at which the current tag values are simulated. If you enter "2", for example, the current value of the tag will be shown every 2 seconds. Simulation Shows the method by which the tag values are processed during simulation. 6301 Visualizing processes 12.14 Compiling and loading Column Description Set value Sets the selected value for the respective tag. The simulation start with the specified value. minValue Specifies the value range of the tag. You set a minimum and maximum value for this range. The default values are -32768 for the minimum and 32767 for the maximum. maxValue Period Contains the period during which the value of the tag is repeated for the "Increment" and "Decrement" simulation modes. Start Starts simulation of the tag based on the previously entered information. Simulation modes The simulator has six different simulation modes. The configured tags are supplied with nearly realistic values during the simulation. Simulation mode Description Sinusoidal Changes the tag value to form a sinusoidal curve. The value is visualized as a periodic, non-linear function. Random Provides randomly generated values. The tag value is changed by means of a random function. Increment Increases the value of the tag continuously up to a specified maximum value. Begins again at the minimum after the maximum has been reached. The value trend corresponds to a positive saw-tooth curve. Decrement Reduces the value of the tag continuously down to a specified minimum value. Begins again at the maximum after the minimum has been reached. The value curve corresponds to a negative saw-tooth curve. Shift bit Shifts a set bit continuously by one position. The previous position is always reset. This lets you test the alarms of an HMI device, for example. <Display> The current tag value is displayed statically. Example: Simulate tags with the "Shift bit" simulation mode Proceed as follows to simulate tags with the "Shift bit" simulation mode: 1. Open the project you want to simulate. 2. Select the menu command "Online > Simulate Runtime > With tag simulator". The tag simulator opens. 3. In the "Tag" column, select a tag from your project. 4. Select "Bin" in the "Format" column. 5. Enter the value "1" in the "Write cycle" column. 6. Select the "Shift bit" simulation mode in the "Simulation" column. 7. Enter the value "1" in the "Set value" column. 8. Enable the tag with the "Start" check box. 6302 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Result The simulator tests the selected tag bit-by-bit as follows: Simulation values Byte for alarms Set start value 00000001 1. Simulation value 00000010 2. Simulation value 00000100 3. Simulation value 00001000 .... ... In Runtime you see if the desired alarm is output at a given value. Simulation restrictions (Panels, RT Advanced) Alarms with dynamic parameters If you use tags or text lists as external tags for alarms, the dynamic parameters of the alarms are not displayed. Only internal tags are enabled for the simulation of alarms in the tag simulator . You can use PLCSim to simulate dynamic parameters. Start debugger (Panels, RT Advanced) Introduction Select the "With script debugger" script mode to test scripts. The debugger allows you to set breakpoints in the code, for example, or implement a script step by step. Requirements A debugger that supports VBS is installed on the Engineering Station, e.g. "MS Script Debugger". WinCC Runtime is installed on the Engineering Station. A project is open. Procedure 1. Select the "Online > Simulation > With script debugger" menu command. The Runtime software searches for debuggers installed on the Engineering Station. 2. If several debuggers are found, click on a selected. Result The debugger is connected automatically with the runtime software. WinCC Advanced V14 System Manual, 10/2016 6303 Visualizing processes 12.14 Compiling and loading 12.14.3.5 Loading projects (Panels, RT Advanced) Overview for loading of projects (Panels) Overview Delta data of the project is automatically compiled before you download it to one or several HMI devices. This always ensures that the latest version of the project is transferred. 6304 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Loading a project to an HMI device The following steps are completed prior to downloading: 1. The download settings are verified. The "Extended download to device" dialog box opens automatically during the initial download of a project to an HMI device. You use this dialog to define the protocol and interface or destination path for the project in accordance with the HMI device Runtime used. If the HMI device is part of a subnet, for example, you also select the subnet and the first gateway. You can open the "Extended download" dialog at any time with the menu command "Online > Extended download to device...". The "Load preview" dialog opens. 2. The project is compiled. Warnings and errors during compilation are displayed in the Inspector window and in the "Load preview" dialog. 3. The "Load preview" dialog shows you the following information for each HMI device: - The individual steps for loading - If the device version of the target HMI device does not match the configured device version, you are queried if you want to change the device version at this time. As long as the project with the selected device version of the target HMI device is not executable, you cannot start the download. NOTICE Changing the device version deletes all data on the HMI device. Data is deleted on the target system if you change the device version. For this reason, you should first back up the following data: User administration Recipes License keys With Comfort devices, the licenses can only be deleted when resetting to factory settings. Back up the license keys before you restore the factory settings. - Presettings that take effect at loading. You can change the default settings for this download process, if necessary. - Warning events (optional). You can download a project while ignoring the "warnings". The functionality may be restricted in runtime. - Error events (optional). You cannot load the project. Eliminate the errors and then reload the project. WinCC will open the invalid configuration in the corresponding editor if you double-click the error message in the Inspector window. Correct the errors and reload the project. WinCC Advanced V14 System Manual, 10/2016 6305 Visualizing processes 12.14 Compiling and loading If you are using HMI tags in your project that are connected to PLC tags, you should also compile the user program before you compile the HMI device. Note Interruption of a download If the download is interrupted, WinCC automatically ensures that no data is lost and that existing data is deleted on the HMI device only after complete transmission. Loading of projects without recipe data records You are using recipes in a project. You transfer the project to a Basic Panel without recipe data records. You may encounter inconsistencies if you have altered the structure of the recipe in the engineering system and the device already held recipe data records. Check the consistency of the data records in this case. The device will not issue a note for all structural changes. Pack&Go If you cannot establish a direct connection from the configuration PC to the HMI device, copy the compiled project to a PC that is connected to the HMI device, for example via a network. Download the project from this PC to the HMI device. Loading with S7 routing Configure the S7 routing settings in the "Devices & Networks" editor in the relevant PLC. The settings depend on the device configured. S7 routing supports the following protocols: MPI/PROFIBUS PN/IE Transferring Runtime add-ons in WinCC Projects can contain Runtime add-ons in the form of controls or CSP (Communication Support Packages). These Runtime add-ons are automatically transferred with the project. See also Loading a project (Page 6307) Generating a "Pack&Go" file (Page 6310) 6306 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Loading a project (Panels, RT Advanced) Introduction Before a project can run on an HMI device, you must first load it to the HMI device. During loading, you must most importantly specify whether existing data on the HMI device such as "user administration" and "recipe data" is to be overwritten. If the HMI device supports PROFINET, the name registered in the project tree is used for the PROFINET communication. The use of the name corresponds to the default settings of the PROFINET interface of the HMI device. For devices with more than one PROFINET interface, the name of the IE CP is automatically added to the device name with a separating period. The name is written to the HMI device during download. If a device name for the PROFINET communication has already been entered in the HMI device, it will be overwritten. You can find additional information about these settings in the information system in the "Assigning a device name and IP address" section. If the device version of the target HMI device does not match the configured device version, you are asked whether you wish to change the device version at this time. NOTICE Changing the device version deletes all data on the HMI device. Data is deleted on the target system if you change the device version. For this reason, you should first back up the following data: User administration Recipes Licenses Resetting to factory settings also deletes the license keys. Back up the license keys before you reset the system to factory settings. With Comfort devices, the licenses can only be deleted when resetting to factory settings. Back up the licenses and license keys before you reset the system to factory settings. Note Transfer to an HMI device with WinAC MP The "PN/IE" channel is not approved for the project transfer on HMI devices with WinAC MP. Use the "Ethernet" channel instead of "PN/IE" to transfer data to an HMI device that is running PLC WinAC MP. Note Transfer to an HMI device with PC station V1.0 or PC station V2.0 The version of the PC station set in the device settings of the HMI device must match the version installed on the HMI device. Additional information on configuration settings for "PC Station" on the HMI device is available in the "SIMATIC NET" documentation. WinCC Advanced V14 System Manual, 10/2016 6307 Visualizing processes 12.14 Compiling and loading Note Overwriting existing data during loading During loading, you must specify whether existing data on the HMI device is to be overwritten. By selecting the check boxes in the "Load preview" dialog you can always overwrite the following data during loading: Existing user administration data on the device Existing recipe data on the device Establishing a connection to WinCC Runtime Advanced Ensure that the device version configured in the engineering system matches the installed Runtime version; otherwise, communication when the project is loaded will not be established or will be delayed. If the device version does not match the installed Runtime version, you have the following options: 1. Change the device version configured in the engineering system. 2. Install the version of WinCC Runtime Advanced corresponding to the configured device version. Note If your HMI device is a PC, the device version of the target system is not automatically updated during the download. Verify that the configured device version corresponds to the one of the target HMI device before you compile and download your project. If necessary, install the matching Runtime version on your HMI device or change the device version manually using the properties of the HMI device. Controlling the transfer behavior on the HMI device As a general rule, only one project can be active in Runtime on an HMI device. An HMI device is generally configured to exit Runtime automatically when loading is started. If this is not the case, you will have to exit Runtime manually on the HMI device. 6308 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading You define how the HMI device reacts when the project is loaded in the "Start Center" under "Settings" on the HMI device: Transfer mode Effect Off The project cannot be loaded to the HMI device. Manually The project can only be loaded to the HMI device if the following requirements are met: Runtime is not running The HMI device is in "Transfer" mode. Automatic The project can always be loaded to the HMI device. If a transfer is started on the configuration PC and a project is in runtime on the HMI device, the running project is automatically closed. For Mobile Panels, this transfer mode is disabled for security reasons. Note Closing Runtime automatically After the commissioning phase, disable the automatic transfer function to prevent the HMI device from switching inadvertently to transfer mode. Transfer mode can trigger unwanted responses in the plant. In order to restrict access to the transfer settings and thus avoid unauthorized changes, enter a password in the "Start Center". Please refer to the documentation for the HMI device used for more detailed information on transfer settings. Requirement You have created an HMI device in the project. The HMI device is connected to the configuration PC. The "Start Center" has been started on the HMI device. The protocol by which the project is loaded is set on the HMI device in the "Start Center" under "Settings". Transfer mode is set as "Automatically" or "Manually" in the HMI device. Procedure Proceed as follows to load a project: 1. To download a project simultaneously to several HMI devices, select the HMI devices by means of multiple selection in the project tree. 2. Select the "Download to device > Software" command from the shortcut menu of an HMI device. WinCC Advanced V14 System Manual, 10/2016 6309 Visualizing processes 12.14 Compiling and loading 3. If the "Extended loading" dialog is open, configure the "Settings for loading". Make sure that the "Settings for loading" correspond to the "Transfer settings in the HMI device". - Select the protocol used, for example, Ethernet or HTTP. - Configure the relevant interface parameters on the configuration PC. - Make any interface-specific or protocol-specific settings required in the HMI device. - Click "Download". You can open the "Extended download" dialog at any time with the menu command "Online > Extended download to device...". The "Load preview" dialog opens. The project is compiled at the same time. The result is displayed in the "Load preview" dialog. 4. Check the displayed presettings and change them as necessary. 5. Click "Download". Result The project is loaded to all selected HMI devices. In WinCC V13, the project with the Runtime add-ons is loaded to the selected HMI devices. During the download, you can keep track of the files that are transferred. If errors or warnings occur during the download, corresponding alarms are displayed under "Info > Load" in the Inspector window. On completion of the successful download of the project, you can execute it on the HMI device. Note If the transfer is interrupted, WinCC V13 automatically ensures that no data is lost and that existing data is deleted on the HMI device only after complete transmission. See also Error messages during the download of projects (Page 6328) Overview for loading of projects (Page 6304) Generating a "Pack&Go" file (Panels) Introduction Create a "Pack&Go" file if you cannot connect the HMI device to the configuration PC. The "Pack&Go" file is a ZIP file containing the following data: The compiled project A program for transferring the project to the HMI device Image for the configured HMI device 6310 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Typical example of an application: An engineering company creates a project variant for a new HMI device. The project engineer of the engineering company does not have direct access to the plant. The project engineer therefore e-mails the "Pack&Go" file to his local contact. The contact unpacks the "Pack&Go" file on a PC connected to the HMI device via a network. He then transfers the project from the PC to the HMI device. Requirement You have created an HMI device in the project. Procedure To create a "Pack&Go" file, follow these steps: 1. Select the HMI device in the project tree. 2. Select the "Pack&Go" command from the menu under "Online > HMI Device maintenance". 3. The "Create Pack&Go file" opens. 4. Verify that the displayed device version corresponds with that of the target HMI device. 5. Select a protocol as transfer mode. 6. Select the storage location under "Pack&Go file" and enter the file name. 7. If necessary, specify if the "Pack&Go" file is split into several files. 8. Click "Create". Note To unzip a "Pack&Go" file which is distributed over several files, you need a compression program. The compression program integrated into the operating system is not adequate to unzip distributed files. Result The "Pack&Go" file is created and saved to the specified folder in the file system. Now copy the "Pack&Go" file to the PC connected to the HMI device. See also Downloading projects from a "Pack&Go" file to the HMI device (Page 6311) Downloading projects from a "Pack&Go" file to the HMI device (Panels) Introduction Pack&Go is a 64-bit application that can only run on a 64-bit operating system. WinCC Advanced V14 System Manual, 10/2016 6311 Visualizing processes 12.14 Compiling and loading If the TIA Portal is not installed on your PC, install Microsoft Visual C++ 2015 Redisitributable Package (x64) and .Net Framework 4.6.1 to run the Pack&Go application. You can find the Microsoft Visual C++ 2015 Redistributable Package (x64) in the Download Center of Microsoft at the following URL: http://www.microsoft.com/en-us/download/details.aspx?id=48145 You can find .Net Framework 4.6.1 at the following URL: https://www.microsoft.com/en-us/download/details.aspx?id=49982 Requirements .NET Framework with version 4.6.1 ProSave is installed on the PC The "Pack&Go" file has been stored in the file system of a PC. The PC is connected to the HMI device. The device version of the HMI device is consistent with the device version in the project Note To unzip a "Pack&Go" file which is distributed over several files, you need a compression program. The compression program integrated into the operating system is not adequate to unzip distributed files. Procedure To download the project from a "Pack&Go" file to an HMI device, follow these steps: 1. Unpack the "Pack&Go" file to a folder of your choice in the file system of the PC. 2. From the "PackNGo" subfolder of this directory, run "Siemens.Simatic.Hmi.PackNgo.exe". The "Pack'n Go" dialog opens. The settings for loading are set by default. Exception: You must select the target device if you are using an S7 USB connection. 3. Adjust the settings for loading appropriately if they differ from the interfaces or protocols available on the PC. 4. Legen Sie fest, ob die Daten der Benutzerverwaltung und der Rezepturen, die bereits auf dem Bediengerat gespeichert sind, uberschrieben werden sollen. 5. Click "Transfer". Result The connection to the HMI device is set up via the selected path. An alarm is output if the device version used in the project differs from that of HMI device. If this is the case, update the operating system on the HMI device. To update the operating system on the HMI device, you need ProSave. A prompt for operating system update will appear automatically if ProSave has been installed and the selected connection supports the update of the operating system. 6312 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading See also Generating a "Pack&Go" file (Page 6310) Updating the operating system (Page 6370) Updating the operating system on the HMI device (Page 6372) Loading via USB interface (Panels, RT Advanced) Introduction When you load a project via a USB port, connect the configuration PC and the HMI device with a USB cable. Requirements for transfer via USB The following conditions must be met to ensure successful data transfer using a USB port: Use a USB host-to-host cable, USB 2.0 standard. You have installed the provided USB driver. You can find the driver on the WinCC Product DVD under "Support\DeviceDriver\USB". The HMI device being used is based on Windows CE and has a USB port. You can find more information on the cables used and the manufacturers/suppliers in the Internet at: http://support.automation.siemens.com (http://support.automation.siemens.com/WW/ view/en/19142034) Note Driver installation To avoid problems when transferring projects, only use the USB driver provided on the WinCC Product DVD. Note Comfort HMI devices Use the mini USB port to load projects via USB with Comfort HMI devices. This driver is installed automatically. Restrictions A project can always be transferred to an HMI device. Simultaneous transfer to several HMI devices is not possible. WinCC Advanced V14 System Manual, 10/2016 6313 Visualizing processes 12.14 Compiling and loading Installing a USB driver in Windows 7 (Panels, RT Advanced) Introduction To load a project via the USB port, install the USB drivers provided on the WinCC product DVD. Note Driver installation To avoid problems when transferring projects, only use the USB driver provided on the WinCC product DVD. Note Comfort HMI devices Use the mini USB port to load projects via USB with Comfort HMI devices. This driver is installed automatically. Requirement The WinCC product DVD is available. You are using a USB host-to-host cable, USB 2.0 standard. The HMI device has a USB port. Procedure To install the USB driver under Windows 7, follow these steps: 1. Connect the USB host-to-host cable to the PC's USB port. The USB cable is detected, but the wizard for the driver installation does not find the driver. Note Connect the HMI device only when the driver has been completely installed on the PC. 2. Open the Device Manager in the Control Panel. 3. Select "Other devices > USB host-to-host cable". 4. Select "USB host-to-host cable" and then select "Update driver software..." in the shortcut menu. 5. When the "How do you want to search for driver software?" prompt appears, select "Search for driver software on the computer". 6. Click "Update driver software > Browse...". 7. Insert the WinCC product DVD as the source for driver installation. 6314 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 8. Select "Include subfolders" and then click "Next". The system will search the WinCC product DVD for the corresponding driver for the USB host-to-host cable. The drivers available on the WinCC product DVD are displayed. The wizard highlights the appropriate driver for Windows 7. 9. Check the selection and click "Next". 10.To continue with the installation, click "Hardware Installation > Continue installation". The driver is installed. 11.Click "Finish". The installation is complete. Result The driver required for the USB host-to-host cable has been installed. To load the project, now connect the HMI device to the USB cable. 12.14.3.6 Compiling and loading with Multi-User Engineering (Panels, RT Advanced) Compiling and loading with multiuser engineering (overview) (Panels, RT Advanced) Introduction When using multiuser engineering for your projects, you should take into account the response when compiling the Runtime projects and the response when downloading them to HMI devices. You can compile and download to an HMI device in both the server project view and in the local session. You can find more information about the topic of "multiuser engineering" under "Using Multiuser Engineering". Basics For HMI devices and RT Advanced, the following scenarios are possible in multiuser engineering: Compiling in the server project view Compiling in the local session Loading from the server project view Loading from the local session WinCC Advanced V14 System Manual, 10/2016 6315 Visualizing processes 12.14 Compiling and loading Note Complete download from the server project view or local session is no different to complete download in a single-user project. With a complete download, the current Runtime project is loaded from the currently active view to an HMI device. Note Compiling and downloading in a local session is no different from compiling and downloading in a single-user project. In principle, you can execute all commands for compiling and loading in multiuser engineering projects: "Software (rebuild all)" "Compile > Software (only changes)" Software (all) The term "project" The term "project" has two different meanings in the contexts of compilation and loading. "Project" is the WinCC project on the configuration PC. "Project" is also the Runtime project you create by compiling the configuration data of an HMI device and download to the HMI device. WinCC project: contains the configuration data of one or more HMI devices Runtime project: contains the compiled configuration data of one HMI device Rules The following basic rules apply to compiling and downloading in multiuser engineering: The Runtime project that has been compiled in a local session always remains local and is not uploaded to the multiuser server. It cannot be saved in the multiuser server project. Only Runtime projects compiled in the server project view can be saved in the multiuser server project. See also Compiling in the server project view (Page 6316) Compiling in the local session (Page 6317) Compiling in the server project view (Panels, RT Advanced) Basics Compiling and downloading in the server project view is no different from compiling and downloading in a single-user project. 6316 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading During the compiling of a project in the server project view, the multiuser server project is blocked. Other users cannot make changes to this server project during this time. The Runtime project compiled in the server project view is stored along with the engineering project in the central multiuser server. Blocking the multiuser server project ensures that the configuration data and the Runtime project remain in sync. Note When you compile and save in the server project view, other users obtain the Runtime project you have updated along with the engineering project when they "refresh" their local session. Other users do not have to recompile the changes you have made after an update. Example: Compiling during check-in You make changes to a tag in a local session. All prior changes have been compiled in the associated server project. If there are no compilation errors, both projects - the modified engineering project (with the modified tags) and the compiled Runtime project - are saved in the central multiuser server project with the "Save changes" command . If you skip compiling during the check-in, the project contains the changes that have been saved on the server. The next user who creates a local session from the server project or updates an existing local session must compile your two changes in addition to his or her own changes. Note Working on a shared project through multiple local sessions increases the probability of error. It is therefore recommended to compile the project at check-in and eliminate any errors that are reported during compiling. In this way, you provide the next user with a project free of errors. See also Compiling in the local session (Page 6317) Compiling and loading with multiuser engineering (overview) (Page 6315) Compiling in the local session (Panels, RT Advanced) Basics Compiling and downloading projects in the local session is no different from compiling and downloading in a single-user project. Since the local session is a copy of the server project, the first compilation status of the local session is identical to that of the server project. If the server project contains contents that are WinCC Advanced V14 System Manual, 10/2016 6317 Visualizing processes 12.14 Compiling and loading not compiled or error messages occurred during the compiling, they are transferred to the local session. Note It is recommended to compile the project at check-in and eliminate any errors that are reported during compiling. In this way, you provide the next user with a project free of errors and avoid spreading errors. Updating in the local session If you update a project in the local session, the local session - including the compilation status - is completely replaced by the content of the server project. Only the changes marked for check-in are retained in the updated local session and generate additional compiling steps in the local session. Example: Updating the local session You make changes to a tag in a local session. All prior changes have been compiled in the associated server project. You update the content of the local session by clicking the "Update" button. After the update, the local session obtains the compilation status of the server project. There are also compiling tasks for the acquisition of the modified tags. See also Compiling in the server project view (Page 6316) Compiling and loading with multiuser engineering (overview) (Page 6315) 12.14.3.7 Runtime start (Panels, RT Advanced) Starting Runtime on the configuration PC (Panels, RT Advanced) Introduction You can start a project in Runtime on the configuration PC if Runtime has been installed. The project settings defined in the "Runtime settings" of the HMI device are activated when the project is started in Runtime. Note You can only simulate HMI devices with Runtime Panels on the configuration PC. Select the "Online > Start simulation" menu command. 6318 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Note Exiting Runtime automatically If automatic transfer is activated on the HMI device and if a transfer is started on the configuration PC, the running project is automatically ended. The HMI device then switches autonomously to the "Transfer" operating mode. Deactivate automatic transfer after the commissioning phase so that the HMI device does not inadvertently go into transfer mode. Transfer mode can cause undesired reactions in the system. In order to restrict access to the transfer settings and thus avoid unauthorized changes, enter a password in the Start Center. Requirement A project is open on the configuration PC. Runtime is installed on the configuration PC. There is no project in Runtime on the configuration PC. Procedure To start runtime on the configuration PC, follow these steps: 1. Select the desired HMI device in the project navigation. 2. Select the "Online > Start Runtime" menu command. Result Runtime is started and the project is displayed on the configuration PC. See also Simulating a project (Page 6299) Starting Runtime Advanced and Panel Runtime (Panels, RT Advanced) Introduction You can start the project in Runtime as soon as you have downloaded the project to the HMI device. The project is generally started automatically on the HMI device. There may be several projects in the file system of the HMI device for HMI devices with Runtime Advanced. You can start one of these projects in Runtime. The project settings defined in the "Runtime settings" of the HMI device are activated when the project is started in Runtime. Make sure when defining the Runtime settings "Lock task WinCC Advanced V14 System Manual, 10/2016 6319 Visualizing processes 12.14 Compiling and loading switching" and "Full screen" that you will be able to stop Runtime again. You can, for example, configure a button with the system function "StopRuntime". Note Closing Runtime automatically If automatic transfer is activated on the HMI device and a transfer is started on the configuration PC, the running project is automatically terminated. The HMI device then automatically switches to "Transfer" operating mode. After the commissioning phase, disable the automatic transfer function to prevent the HMI device from switching inadvertently to transfer mode. Transfer mode can trigger unwanted responses in the plant. In order to restrict access to the transfer settings and thus avoid unauthorized changes, enter a password in the "Start Center". Requirements WinCC Runtime Advanced or Panel Runtime is installed on the HMI device. The project was downloaded to the HMI device. The "Start Center" has been started. Starting Runtime on a PC The compiled project is saved in the PC file system with the extension "*.fwc" and is freely accessible. 1. Enter the project file with complete path information in the "Start Center" under "Settings > Configuration path". 2. To start the project automatically after booting the HMI device: - Select the required delay time in seconds under "Wait until Autostart". - Add the "Start Center" application to the "Autostart" group in the Windows Start menu. 3. Click on "Start" in the "Start Center" to manually start the project in the HMI device. Starting Runtime on a panel The project is stored on a panel in a folder you specify in the HMI device transfer settings. The "Start Center" application is started on a panel. The project loaded is started automatically after expiration of the configured delay. If the project does not start automatically: 1. Click on "Start" in the "Start Center" to start the loaded project. Refer to the documentation for the HMI device for additional information on startup of projects. 6320 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Result Runtime is started on the HMI device. See also Overview of compiling and loading projects (Page 6294) Loading a project (Page 6307) Downloading projects from a "Pack&Go" file to the HMI device (Page 6311) 12.14.3.8 Viewing memory card data (Panels, RT Advanced) Basics (Panels) Introduction WinCC provides you with the possibility of viewing data stored on your memory card. The function supports the use of memory cards of the HMI device and of the CPU. You have the following options: AUTOHOTSPOT AUTOHOTSPOT AUTOHOTSPOT AUTOHOTSPOT AUTOHOTSPOT Working with backups (Panels, RT Advanced) Viewing a backup Introduction The backup of a Basic Panel that is stored on a memory card can also be viewed in the TIA Portal. Requirements WinCC is installed. A memory card with a backup is available. The card reader is connected to the configuration PC. The project view is open. WinCC Advanced V14 System Manual, 10/2016 6321 Visualizing processes 12.14 Compiling and loading Backup on the memory card in the card reader 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" folder is displayed. 4. Open the "Online Card Data" folder 5. Click the backup to open the shortcut menu. 6. Select "Properties". Backup on the memory card of the PLC Proceed as follows if the backup is stored on the memory card of the PLC: 1. Connect the PLC with the configuration PC. 2. Click on the PLC in the project navigation. 3. Select "Connect online" from the shortcut menu. A connection to the PLC is established. Once the PLC is connected, the "Online Card Data" folder is displayed. 4. Open the "Online Card Data" folder. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need at least read access rights in order to view the data that is stored on the memory card. 5. Click the backup to open the shortcut menu. 6. Select "Properties". Result The backup properties are displayed in a separate dialog. 6322 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Renaming and deleting backups Introduction You can rename and delete backups from a memory card in the project navigation of the TIA Portal. Requirements WinCC is installed. The card reader is connected to the configuration PC. The PLC is connected online with the configuration PC. A memory card with a backup is available. The project view is open. The backup is displayed in the project navigation. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need write access rights to rename or delete memory card data. Procedure 1. Click on the backup in the project navigation. 2. Open the shortcut menu. 3. Select "Rename" to rename the file. 4. Enter a new name. 5. Select "Delete" to delete the file. Result The backup file is now renamed or deleted. Working with HMI device images (Panels, RT Advanced) Viewing HMI device images (Panels, RT Advanced) Introduction The HMI device image of a Comfort Panel that is stored on a memory card can be viewed in the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 6323 Visualizing processes 12.14 Compiling and loading Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with the HMI device image is available. The project view is open. Procedure 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" dialog is displayed. 4. Open the "Online Card Data" folder. The available images of the HMI device are displayed in additional folders. 5. Click the required HMI device image. 6. Select "Properties" in the shortcut menu. 6324 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Result The properties of the HMI device image are displayed in a separate dialog. Deleting HMI device images (Panels, RT Advanced) Introduction You can delete the HMI device image of a Comfort Panel from a memory card in the project navigation of the TIA Portal. Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with an HMI device image is available. The project view is open. The HMI device image is displayed in the project navigation. WinCC Advanced V14 System Manual, 10/2016 6325 Visualizing processes 12.14 Compiling and loading Procedure 1. Click the HMI device image in the project navigation. 2. Open the shortcut menu. 3. Select "Delete" to delete the file. Result The HMI device image is deleted. Creating HMI device images on memory card (Panels, RT Advanced) Introduction You may edit the HMI device image of a Comfort Panel without connecting the Comfort Panel to the configuration PC. Simply create the HMI device image on an external memory card or USB stick and then transfer it from there to the Comfort Panel. Requirements WinCC is installed. The card reader is connected to the configuration PC. The project view is open. Procedure 1. Insert the memory card into the card reader. 2. Click on the memory card in the project navigation. 3. Open the shortcut menu. 6326 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 4. Select "Create HMI OS image on memory card". A dialog opens. 5. Select an HMI device image. 6. Select the settings for the restoration. - Activate "Retain installed settings of the Control Panel" The settings you have made on the Comfort Panel are retained. - Activate "Retain installed licenses": The licenses on the Panel are retained. - Activate "Lock settings on the Panel" You can no longer change the selected settings for "Retain installed settings of the Control Panel" and "Retain installed licenses" on the Comfort Panel. Result You have created an HMI device images on memory card. You may use a USB stick instead of a memory card. WinCC Advanced V14 System Manual, 10/2016 6327 Visualizing processes 12.14 Compiling and loading 12.14.3.9 Error messages during the download of projects (Panels, RT Advanced) Possible problems during the download When a project is being downloaded to the HMI device, status messages regarding the download progress are displayed in the output window. Usually, problems arising during the download of the project to the HMI device are caused by one of the following errors: Wrong operating system version on the HMI device Incorrect download settings on the HMI device Incorrect HMI device type in the project The HMI device is not connected to the configuration PC. The most common download failures and possible causes and remedies are listed below. The serial download is cancelled Possible remedy: Select a lower baud rate. The download is cancelled due to a compatibility conflict Possible cause Remedy Conflict between versions of the configuration soft Synchronize the operating system of the HMI de ware and the operating system of the HMI device vice with the version of the configuration software. To update the operating system on the HMI de vice, select the "Update operating system" com mand from the "Online > HMI device maintenance" menu in WinCC. You can also use ProSave. For additional information, refer to the operating instructions for the HMI device. The configuration PC is connected to the wrong device, e.g. a controller. Check the cabling. Correct the communication parameters. Project download fails Possible cause Remedy Connection to the HMI device cannot be establish Check the physical connection between the con ed (alarm in the output window) figuration PC and the HMI device. Check whether the HMI device is in transfer mode. Exception: Remote control The default communication driver is not listed in the Windows Device Manager. 6328 Check the device status of the COM connection in the properties window of the Device Manager. WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Download over MPI/DP interface fails Possible cause Remedy "Configured mode" is set on the CP, for example, if you are using the SIMATIC NET CD. Set the CP to "PG mode" using the "Set PC sta tion" application. Check the "baud rate" and "MPI address" network parameters. Download the project from WinCC to the CP. Set the CP back to "configured mode". On the programming device/PC panel, the "S7ON LINE" access point is not set to a hardware device such as CP5611 (MPI). This may be due to the installation of "SIMATIC NET CD". Set the access point "S7ONLINE" on the selected device using the "PG/PC Panel" or "Set PC sta tion" application. Check the "baud rate" and "MPI address" network parameters. Download the project from WinCC to the HMI de vice. Restore the "S7ONLINE" access point to the orig inal device. The configuration is too complex Possible cause Remedy The configuration contains too many different ob jects or options for the HMI device selected. Remove all objects of a specific type, for example all HTML browsers. Alternatively, remove options such as Sm@rtServ er or OPC server. 12.14.3.10 Reducing the project size (Panels, RT Advanced) Introduction When loading a large-scale project to an HMI device, the memory of the HMI device may be insufficient for the project. There are several ways to reduce the size of your project. Options for reducing the project size There are several ways to reduce the size of the project and save space: Reduce the number of available Runtime languages Check whether all selected Runtime languages are actually needed. You can disable the languages that you do not need under "Runtime settings > Language & Font > Runtime language and font selection". Do not use help texts for S7 diagnostic alarms To reduce the size of the project, you can disable the download of help texts for the S7 diagnostic alarms. In order to avoid downloading the help texts to the HMI device, disable the option "Download S7 diagnostics help texts" under "Runtime settings > Alarms > General". WinCC Advanced V14 System Manual, 10/2016 6329 Visualizing processes 12.14 Compiling and loading Rebuild all software In order to optimize the project data and to clean up obsolete changes, compile the entire project using the "Compile > Software (rebuild all)" command from the shortcut menu of the HMI device. Harmonize the presentation using styles (as of WinCC V13) It is recommended to harmonize screen objects using styles. Standardize the appearance of screen objects in a project to optimize project data. Use the specified preset or customized style for the configuration of the screen objects throughout the project. Enable automatic update of PLC alarms (for S7-1500 controllers and V14 HMI devices) To save space, you can specify that the PLC alarm texts are only to be loaded in Runtime when needed. To do this, enable the "Automatic update" option under "Runtime settings > Alarms > Controller alarms". Make sure that automatic update of alarms is also enabled in the corresponding controller. The "Automatic update" option is not available on Basic Panels. The amount of space that can be saved depends on the number of PLC alarms and the number of Runtime languages. Reduce the number of fonts loaded Check whether the number of downloaded user-defined fonts can be reduced. If necessary, configure only the standard fonts for the required Runtime languages under "Runtime settings > Language & font > Runtime language and font selection". To save space, use fewer font groups for the configuration. Reduce the size of the graphics Check the size of the graphics that you use in the project. If necessary, reduce the size of the graphics by reducing the resolution or choose a higher compression format without noticeable loss of quality for the project graphics. To keep the project size small for Basic HMI devices, harmonize the sizes of graphics used in the project. Select appropriate graphic formats for your screens: For example, use PNG images for drawings that are not vector graphics and JPEG images for photos. 12.14.3.11 Adapting the project for another HMI device (Panels, RT Advanced) Introduction When you download a WinCC project to an HMI device, WinCC checks whether this is compatible with the HMI device type used in the project. If the types of HMI device do not match, you will see a message before the download starts. The download is aborted. 6330 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Adapting the project for the HMI device You need to adapt the project accordingly to be able to download the project to the connected HMI device. Add a new HMI device in the project tree. Select the correct type of HMI device from the HMI device selection. Copy the configured components from the previous to the new HMI device. Copy large amounts of components directly in the project navigation and details view. For example, copy the "Screens" folder to the screens folder of the new HMI device with the help of the shortcut menu. Use the detail view to copy entries in the project tree for which the "Copy" command is not available in the shortcut menu. Select the "Recipes" entry in the project tree, for example. The recipes are displayed in the detail view. Select the recipes in the detail view and drag them to the "Recipes" entry of the new HMI device. The recipes are copied. You can also select multiple objects in the detail view. Configure the components that cannot be copied, e.g. connections, area pointers, and alarms. Save the project at various points in time. Compile the full project. When the compilation is successfully completed, download the project to the HMI device. Linking references References to linked objects are included in the copying. The references are linked again once the linked objects are copied. Example: You copy a screen in which objects are linked to tags. The tag names are entered at the individual objects after the screen is added to the new HMI device. The tag names are marked in red because the references are open. When you then copy the tags and insert them into the new HMI device, the open references are closed. The red marking for the tag names disappears. For complete references to connected objects in the PLC, you first need to configure a connection to the PLC. Using the information area When you compile the project for the HMI device, errors and warnings are displayed in the "Info" tab of the Inspector window. You can use the shortcut menu command "Go to" to go directly to the location where the error or warning can be corrected. Work through the list of errors and warnings from top to bottom. When the compilation is successfully completed, download the project to the HMI device. WinCC Advanced V14 System Manual, 10/2016 6331 Visualizing processes 12.14 Compiling and loading See also Loading a project (Page 6307) 12.14.3.12 Basics of operating in Runtime (Panels, RT Advanced) Overview (Panels, RT Advanced) Operating options for an HMI device Depending on your HMI device, operate your plant as follows: Operation with the touch screen The display of the device is touch-sensitive. You operate the operating elements in the display with your finger or a stylus. Operation with control keys and function keys Control keys and function keys are integrated into the housing of the device. - Control keys have a specified function, for example, navigation or the acknowledgment of alarms. - Function keys are freely user-assignable and their function is therefore project-specific. Mouse and keyboard operation You connect the mouse and keyboard to the HMI device and operate the operating elements in the display as with a PC. Individually configured operation The configuration engineer has various options available for setting up operation. Examples of actions whose execution is always determined on a project-specific basis: Screen change Reporting Changing Runtime language There are no specific operating elements to execute certain functions. The configuration engineer specifies the project-specific execution. A screen change can be triggered with a button or a function key, for example. Information on project-specific operations can be found in the system documentation. Operation with the touch screen (Panels, RT Advanced) Overview of operation with the touch screen (Panels, RT Advanced) Use the touch screen to operate the HMI device of the project that is running on your HMI device. 6332 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Operating the touch screen NOTICE Damage to the touch screen Do not touch the touch screen with sharp or pointed objects. Avoid tapping the touch screen with hard objects, and avoid constantly using motion control. Both can significantly reduce the useful life or even cause the failure of the touch screen. Triggering unintended actions You can trigger unintended actions if you touch several operating elements at the same time. Always touch only one operating element on the screen. Operating elements are touch-sensitive symbols on the screen of the HMI device. Special features of operation using the touch screen Operation with the touch screen is characterized by the following special features: Enable To enable an operator control, touch the touch screen with your fingers or with a stylus. To generate a double-click, touch the operator control twice in rapid succession. Value input You enter numbers and letters on the touch screen with a screen keyboard. Careful operation If you touch multiple operator controls at the same time, you may trigger unintentional actions. Value input using the screen keyboard The screen keyboard is displayed as soon as you operate a screen object that requires an input. Depending on the HMI device and the configured operating element, the system displays different screen keyboards for entering numerical or alphanumerical values. The screen keyboard is hidden again when input is complete. File browser on a Windows 8 PC You can only operate the file browser dialog with a mouse, keyboard or on-screen keyboard (without using the touch function) on a Windows 8 PC with touch screen. Use the file browser dialog of the Windows operating system with the help of a script on a touch screen PC with Windows 8. WinCC Advanced V14 System Manual, 10/2016 6333 Visualizing processes 12.14 Compiling and loading Screen keyboard (RT Advanced) Layout The following figure shows the principal structure of a screen keyboard on a Runtime Advanced HMI device. Alphanumeric screen keyboard Note Language switching Language switching in the project has no influence on the alphanumerical screen keyboard. The entry of Cyrillic or Asian characters is therefore not possible. Numerical screen keyboard 6334 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Operator controls The following keys are available on the screen keyboard of all HMI devices: Button Name Function Cursor left Navigates to the left Cursor right Navigates to the right Backspace Deletes a character Escape Cancels the input Enter Confirms the input Help Displays the infotext This key is only displayed when an infotext has been configured for the operator control. Using multi-touch functions (Panels, RT Advanced) Multi-touch operation (Panels, RT Advanced) Introduction RT Advanced supports multi-touch operation under Windows 7 and Windows 8. You operate objects on the multi-touch screens by touching them with one or two fingers. Multi-touch operation is supported by TIA Portal V13. Versions V12 or older only support single-touch operation. Requirements The used monitor must support multi-touch functions. Scrolling in lists and controls You can scroll through lists and controls by dragging the screen margin. You use horizontal dragging to move the content of the screen to the left or right. You use vertical dragging to scroll up or down in the view. An indicator appears during scrolling to indicate your position. When you drag a list diagonally on the screen, the content is moved horizontally and vertically at the same time. Horizontal scrolling is not supported in the "Trend view" object. WinCC Advanced V14 System Manual, 10/2016 6335 Visualizing processes 12.14 Compiling and loading You scroll five times faster up or down on a page when you use two fingers to drag up or down. Note Scrolling in Windows 8.1 On the multitouch HMI devices with Windows 8.1, you can scroll continuously by doubletapping on the display and then dragging. Note Current view is not persistent The position in the trend window changed by scrolling is not saved. In case of a screen change, the trend view is reset to the default setting. Zoom in and out You enlarge or reduce the view in "Trend view" and "f(x) trend view" objects by pinch-to-zoom with two fingers. Double tap to switch from the magnified trend view back to the normal view. The zooming function is limited to the time axis in the "Trend view" object. If you have enabled the option "Range > Auto-size" during configuration of the value axes in f(x) trend view, the axes are constantly calculated during zooming. Note Current view is not persistent The changes of the zoom factor are not saved. In case of a screen change, the trend view is reset to the default setting. 6336 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Supported gestures (Panels, RT Advanced) Supported gestures The following gestures are supported. Gesture Function Tap You can select a button, for exam ple, by tapping. Drag Use one finger to scroll horizontally and vertically, for example, in lists. You scroll horizontally and vertically at the same time with a vertical drag. Use two fingers to scroll up or down a page quickly. WinCC Advanced V14 System Manual, 10/2016 Scale Pinch-to-zoom to enlarge or reduce the display of the control. Double tap Double tap the display to reset the view to the default zoom factor 100%. 6337 Visualizing processes 12.14 Compiling and loading Note Operating with three of more fingers Do not use three or more fingers to operate the device. This can lead to incorrect operations. Two-hand operation of operator controls (Panels, RT Advanced) Two-hand operation of operator controls (Panels, RT Advanced) Introduction WinCC supports two-hand operation of operator controls with RT Advanced. It ensures safe operation of operator controls which are used to change critical system settings, for example, control tags with machine limits. Locked and unlocked operator controls You define specific operator controls as "locked operator controls" for two-hand operation of operator controls. Locked operator controls usually cannot be operated in runtime. The operator can only operate the locked operator controls if he presses a release button at the same time. In runtime, locked operator controls can only be accessed with the tab sequence if a release button is pressed at the same time. Locked operator controls and release buttons You can configure the following operator controls as locked operator controls: I/O field as input field or input/output field Button (visible) Button (invisible) Slider Date/time field You must configure at least one button in the screen as release button. This can be any unlocked button. Note You cannot configure operator controls or release buttons in the permanent area. 6338 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Templates with locked operator controls You can also use locked operator controls in screen templates. To lock or unlock operator controls in templates, proceed as you would with operator controls in screens. You can also implement a release button in the template. Use the same approach as for release buttons in screens. In a screen created from the template, the release buttons from the template and any release buttons of the screen are active. Display in runtime The locked operator controls are displayed as dimmed in runtime. The release buttons are optically highlighted as soon as the operator presses a locked operator control. The locked operator controls are completely visible when they are unlocked by means of the release buttons. This means you can configure the release buttons as invisible operator controls. Simulation of projects with multi-touch functions WinCC supports the simulation of configured multi-touch functions. Requirement is that your monitor supports multi-touch operation. Locking and unlocking operator controls (Panels, RT Advanced) You can lock and unlock operator controls in projects for multi-touch devices. Locked operator controls can only be operated in runtime if the operator presses a release button at the same time. You can lock and unlock individual operator controls or several operator controls simultaneously. Procedure 1. Configure operator controls of the type I/O field,button or slider. 2. Select the required operator control(s). WinCC Advanced V14 System Manual, 10/2016 6339 Visualizing processes 12.14 Compiling and loading 3. To lock the operator controls, enable the "Activate two-hand operation" option under "Properties > Properties > Security". 4. To unlock the operator controls, disable the "Activate two-hand operation" option under "Properties > Properties > Security". In runtime, locked operator controls can only be operated if a release button is pressed at the same time. Defining release button To use the locked operator controls, you must configure at least one release button (Page 6340) in the same screen. If no release button is configured, WinCC makes you aware of this fact during compilation of the project. Configuring release button in screen or template (Panels, RT Advanced) For the operator to operate locked operator controls on multi-touch devices (Page 6339), at least one release button must be configured in the same screen. If the screen is based on a template and a release button is already defined in the template, the release button from the template is automatically in effect as release button of the screen. You can then configure an additional release button in the actual screen. Requirement At least one unlocked button is configured in the screen or in the template. 6340 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Procedure 1. Select the required button of the screen or template under "Release button" under "Properties > Properties > General". Note You can also select a button from a group for this purpose. Buttons from faceplates, however, are not available. The selected button can also be displayed as invisible. It is optically highlighted in runtime when you press a locked operator control. If the screen is based on a template and a release button is already defined in this template, this button is automatically in effect as release button of the screen. Locked operator controls can only be operated in runtime if the operator presses one of the configured release buttons at the same time. Restrictions in Sm@rtServer/Client mode (Panels, RT Advanced) Multi-touch server and single-touch client The single-touch client device does not support operation by touch with two or more fingers as well as multi-touch functions. Single-touch client cannot be operated with gestures of the multi-touch Sm@rtServer. Single-touch gestures work the same way as in WinCC V12. Single-touch server and multi-touch client The single-touch server device does not support operation by touch with two or more fingers as well as multi-touch functions. Multi-touch client cannot be operated with gestures of the single-touch Sm@rtServer. WinCC Advanced V14 System Manual, 10/2016 6341 Visualizing processes 12.14 Compiling and loading Single-touch gestures work the same way as in WinCC V12. Operation with keys (Panels, RT Advanced) Overview of operation with keys (Panels, RT Advanced) Introduction Use the keys of the HMI device to operate the Control Panel / Start Center of your HMI device or the project that is running on your device. Depending on the device, control keys and function keys are available. For more detailed information, refer to the operating instructions for your HMI device. Control keys and shortcuts (Panels, RT Advanced) Introduction The following tables list the control keys available to operate the project. Note The availability of control keys is determined by the HMI device used. You trigger functions on keyboard HMI devices either with a key or a shortcut. With shortcuts, you keep the first key pressed. Then you press the second key. Navigating in the display Key or shortcut Function Description Tabulator Selects the next operating element in the tab sequence Tabulator Selects the previous operating element in the tab sequence Cursor keys Selects the next operating element to the left, to the right, above or below the cur rent screen object Navigating in the operating element 6342 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Operation of operating elements Key or shortcut Function Description ENTER key Controls buttons. Applies and ends an entry Opens a selection list Toggles between character mode and standard mode within an input field A single character is selected in character mode. In this mode, you can scroll within the character set using the cursor keys. Positioning cursor Positioning the cursor within an operating element, for example, in an I/O field Delete characters Deletes the character to the left of the current cursor position Delete characters Deletes the next character to the right of the current cursor position Cancel Deletes the input characters of a value and restores the original value Closes the active dialog. WinCC Advanced V14 System Manual, 10/2016 Scroll to start Scrolls to the start page of a list Scrolling back Scrolls the list back by one page Scroll to end Scrolls to the end of a list. Scrolling up Scrolls the list up by one page Open selection list Opens a selection list Accept value Accepts the value selected in the selec tion list without closing the list 6343 Visualizing processes 12.14 Compiling and loading Enter shortcut Key Function Purpose Toggle (numbers/letters) Toggles the assignment from numbers to letters No LED is lit: The number assignment is enabled. Pressing the key once switches to letter assignment. The right or left LED is lit: The left or right letter assignment is enabled. Each time the key is pressed, the system toggles between the left letter assignment, the right letter assignment and the number assignment. Shift (upper/lower case) Used in shortcuts, for example, for switching to up percase letters Toggle to additional keyboard lay Some of the keys contain a blue special character out in their bottom left corner, for example, the percent sign "%". To input these characters, press the rele vant key in combination with the special character key shown on the left. General control function Used in shortcuts, for example, for navigating trend views General control function Used in shortcuts, for example for the "Watch table" screen object Function Purpose Acknowledge Acknowledges the currently displayed alarm or all alarms of an alarm group Acknowledge alarms Key The LED is lit as long as an unacknowledged alarm is active. Displaying infotext Key Function Description Displaying infotext For the selected object, opens a window with the configured infotext, for example, for an alarm or an I/O field The LED is lit if an infotext is available for the selec ted object. Key or shortcut Function Keys (Panels, RT Advanced) The assignment of the function keys (F1, F2, F3, etc.) is defined during configuration. 6344 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Function keys with global function assignment A globally assigned function key always triggers the same action on the HMI device or in the PLC regardless of the screen displayed. The activation of a screen or the closing an alarm window, for example, is such an action. Function keys with local function assignment A function key with local function assignment is screen-specific and is therefore only effective within the active screen. The function of a locally assigned function key can vary from screen to screen. Within a screen, a function key has only one function assignment, either a global or local one. The project planner specifies which assignment has priority. Operating function keys Note Operating function key after screen change If you press a function key after a screen change, the associated function may be triggered in the new screen before the new screen is fully displayed. Direct keys (Advanced) (Panels, RT Advanced) Introduction Direct keys on the HMI device are used to set bits in the I/O area of a SIMATIC S7. Direct keys enable operations with short reaction times that are, for example, a jog mode requirement. Note Direct keys are still active when the HMI device is in "offline" mode. Note If you operate a function key with direct key functionality in a running project, the direct key function is always executed, independent of the current screen contents. Note You can only use direct keys when there is a connection via PROFIBUS DP or PROFINET IO. Direct keys result in additional basic load on the HMI device. WinCC Advanced V14 System Manual, 10/2016 6345 Visualizing processes 12.14 Compiling and loading Direct keys The following objects can be configured as a direct key: Buttons Function keys You can also define image numbers in the case of HMI devices with touch operation. In this way, the project engineer can configure the direct keys on an image-specific basis. For additional information on configuring direct keys, refer to "WinCC communication". Operator controls on the Mobile Panel (Panels, RT Advanced) Operator controls on the Mobile Panel The following operator controls are available to you depending on your type of mobile panel: Function keys The number and assignment of the function keys depend on the selected device type. The respective function is project-specifically assigned. Handwheel (optional) The handwheel can be turned without an end stop, and has no zero position. In a running project you enter incremental values using the handwheel. Key switch (optional) The key switch permits locking functions, which you can trigger using the HMI device. Illuminated pushbutton The function of the illuminated pushbutton is specified by the running project. For more detailed information, refer to the operating instructions for your HMI device, and to the plant documentation. Navigating in the display (BS) (Panels, RT Advanced) Introduction You navigate on the display of your HMI device as follows: between configured screen objects within screen objects When you select a complex screen object, the cursor focus switches to the screen object and follows the tab sequence there. in tables of screen objects Procedure To navigate in the specified tab sequence, press the <TAB> key. To navigate freely between the operator controls, press the cursor keys. 6346 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Depending on the configuration of your HMI device, you can also use function keys or shortcuts for navigation. When you operate your HMI device with the touch screen or with the mouse, you implicitly navigate by triggering a desired action. For this purpose, touch or click the operator control. Result The operator controls receive the cursor focus according to the selected sequence. You can trigger an action on the selected operator control. For more detailed information, refer to the operating instructions for your HMI device. Triggering an action (Panels, RT Advanced) Introduction Triggering an action at an operator control can mean the following: A command is executed. Example: Click a button to trigger a script or to execute a predefined function. An object is enabled. Example: To enter a value, select a table cell with the <Enter> key. Requirement You have navigated to the operator control on which you want to trigger the action. The operator control has the cursor focus. Procedure Press <Enter>. Or Touch the operator control on the touch screen once or twice in rapid succession. Or Click or double-click the operator control with the mouse. Result The following results are possible: The requested command is executed. The screen keyboard is opened and/or the cursor blinks in the input area of the operator control. The element is selected and can be moved. For more detailed information, refer to the operating instructions for your HMI device. WinCC Advanced V14 System Manual, 10/2016 6347 Visualizing processes 12.14 Compiling and loading Entering a value (Panels, RT Advanced) Introduction Depending on the input format, you enter numerical or alphanumerical values in an input field. You enter these values depending on the existing hardware using the screen keyboard, the control keys of the HMI device or an external keyboard. Requirement The object is an input field or table field. The operator control is enabled. Entering a value 1. Enter the desired value. 2. To confirm the value and exit the field, press the <Enter> key. 3. To discard the value and exit the field, press the <Esc> key. Result A value is entered or discarded. You navigate as needed to the next operator control. For more detailed information, refer to the operating instructions for your HMI device. Moving operator controls (Panels, RT Advanced) Introduction In Runtime, you can move the movable operator controls of a screen object with the mouse or using the touch screen, for example, a slider or a scroll bar. Operation with the keyboard is described below. Requirement A movable operator control is selected. Procedure To move the operator control, proceed as follows depending on the operating element: - Standard for touch screen: Press the cursor keys. - Standard for keyboard devices: Press <SHIFT> and the cursor keys. - Switches: Press <ENTER> - Slider: Press <PgUp> or <PgDn> 6348 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 1. To finish the movement, navigate to another screen object or operator control. Slider procedure 1. To move the operator control, press the cursor keys. 2. To finish the movement, navigate to another screen object or operator control. Result The position of the movable operator control and the display in the screen object have changed. For more detailed information, refer to the operating instructions for your HMI device. Displaying infotext (Panels, RT Advanced) Introduction Depending on the configuration, additional information and operating instructions are available as infotext. The infotext is assigned to an operating element, an alarm or to the open screen. The infotext of an I/O field may contain, for example, information about the value to be entered. As an alternative to the <Help> key of the HMI device, use the <Help> key of the screen keyboard for input objects. Requirement An infotext is configured for the operating element, the screen or an alarm. Calling the infotext 1. Enable the desired operating element. 2. Press the <Help> key of the HMI device. The infotext for the operating element is displayed. If you are operating your input object with the touch screen, the screen keyboard opens. If the <Help> key appears, an infotext is configured for the operating element or the current screen. If there is no infotext for the selected screen object, the infotext for the current screen is displayed, if it has been configured. Use the scroll bar for long infotexts. Depending on your configuration, infotext can also be retrieved by means of a configured operating element. WinCC Advanced V14 System Manual, 10/2016 6349 Visualizing processes 12.14 Compiling and loading Switching between infotexts To switch between the infotexts of the operating elements and the screen, enable the infotext window. Hiding infotext To hide the infotext, press the <Esc> key or press the <Help> key again. Changing Runtime language (Panels, RT Advanced) Introduction The HMI device supports multilingual projects. A corresponding operating element which lets you change the language setting on the HMI device in Runtime has been configured. The project always starts with the language set in the previous session. Requirement The required language for the project is available on the HMI device. The language switching function is linked to an operating element, for example, to a button. Selecting a language You can change project languages at any time. Language-specific objects are immediately displayed on the screen in the new language when you switch languages. You can switch the language in Runtime in one of the following ways: Use a configured operating element to switch from one language to the next in a list. Use a configured operating element to directly set the required language. Web browser of WebKit engine: Overview (Panels) Introduction In the "HTML browser" object, you have the option in RT Advanced to select between two Web browser types. Specify the type of the Web browser under "Properties > Properties > General > HTML browser type" in the Inspector window. Only the Web browser of the WebKit engine is available on Panels. The Web browser, which is based on a WebKit engine, offers no Active X support. 6350 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading HTML5 functions The following HTML5 standard functions are fully or partly supported by the Web browser of the WebKit engine: Parsing rules Elements Forms and fields Output Communication User interactions Performance Security History and Navigation 2D graphics Memory Animations Web applications Memory Files and file systems Note Microdata, input, peer to peer, position and orientation, video, audio, responsive images, 3D graphics, streams and web components are not supported in the Web browser of the WebKit engine. The table below shows the availability of the HTML5 functions in the Web browser of the WebKit engine in detail: Parsing rules Available <!DOCTYPE html> triggers the standard mode Yes HTML5 tokenizer Yes HTML 5 tree building Yes Parsing Inline SVG Yes Parsing Inline MathML Yes Elements Available Embedded invisible data Yes New or modified elements WinCC Advanced V14 System Manual, 10/2016 Section elements Yes Grouping content elements that belong together Partly 6351 Visualizing processes 12.14 Compiling and loading Elements Available Semantic elements of the text level Partly Interactive elements Partly Global attributes and methods Hidden attributes Yes Inserting dynamic markups Yes Forms and fields Available Field types type = text Yes type = search Yes type = tel Yes type = URL Yes type = email Yes type = date No type = month No type = week No type = time No type = datetime No type = datetime-local No type = number Yes type = range Yes type = color Yes type = checkbox Yes type = image Yes type = file Yes textarea Yes select Yes fieldset Yes datalist Yes keygen Yes output Yes progress Yes meter Yes Fields Field validation Yes Assignment of forms and controls Yes Other attributes Yes CSS sectors Yes Events Yes Forms Form validation 6352 Yes WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Output Available Full-screen support No Web notifications Yes Communication Available Server-sent events Yes Web beacons No XML HttpRequest Level 2 File upload Yes Response type Yes WebSocket Basic Socket Communication Yes ArrayBuffer and Blob Yes User interactions Available Drag-and-drop Attributes Yes Events Yes Editing HTML Editing elements Yes Editing documents Yes CSS sectors No APIs Yes Clipboard Clipboard for API and events No Spell check Spelling attributes Yes Performance Available Native binary data Yes Workers WinCC Advanced V14 System Manual, 10/2016 Web workers Yes Shared workers Yes Security Available Web Cryptography API No Content Security Policy 1.0 Yes Content Security Policy 1.1 No 6353 Visualizing processes 12.14 Compiling and loading Security Available Cross-Origin Resource Sharing Yes Cross-Document Messaging Yes Iframes Sandboxes Iframe Yes Seamless Iframe Yes Iframe with Inline contents Yes History and Navigation Available Session history Yes 2D graphics Available Canvas 2D graphics Yes 2D primitives Text input in graphics Yes Path input in graphics No Drawing an ellipse in graphics No Drawing a dashed line in graphics Yes System focus ring No Functions Hit testing No Aperture mode No Formats for image export PNG Yes JPEG Yes JPEG-XR No WebP No Animation Available window.requestAnimationFrame Yes Web applications Available Offline resources 6354 Application cache Yes Service workers No Content and scheme handlers No WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Memory Available Key value storage Session memory Yes Local storage No Database storage IndexedDB No Blob object store No ArrayBuffer object store No Web SQL database Yes Files and file systems Available Reading files Basic support for reading files Yes Creating a blob from a file Yes Creating a data URL from a blob Yes Creating an ArrayBuffer from a blob Yes Creating a blob URL from a blob Yes Accessing a file system API file system No File API: Folders and system No Additional functions Available Styles Style items No Scripts Asynchronous script execution Yes Signaling script errors in Runtime Yes Events for script execution No Base 64 encoding and decoding Yes JSON coding and decoding Yes URL API Yes MutationObserver "Yes" (pre-selected) Promises No Page visibility "Yes" (pre-selected) Text selection Yes Scrolling (Scroll into view) Yes See also HTML browser (Page 5217) WinCC Advanced V14 System Manual, 10/2016 6355 Visualizing processes 12.14 Compiling and loading 12.14.3.13 Security on the HMI device (Panels, RT Advanced) Signature basics (Panels, RT Advanced) Overview The HMI device software and the runtime and device options are protected from manipulation by signatures. The device options available over ProSave are also signed. HMI device signature The validity of the HMI device signature is checked when the HMI device software is loaded. If the HMI device signature is invalid, loading of the HMI device software is canceled and an error message is output. Signature for runtime and device options If the signature check finds that the signature is invalid, an error message to this effect is output. An error message indicating an invalid signature is also output in ProSave. Note To allow loading of the HMI device software or the options without a signature (for versions prior to V14), you will need to switch off the signature check. For details of how to do this, see Switching off the signature check (Page 6357). Download of add-ons from third parties (Panels, RT Advanced) Basics By default, download of add-ons from third parties is not permitted due to a missing signature. To enable the download of add-ons from third parties anyway, you must disable the signature check for the time of the download. For more information on the procedure, refer to Switching off the signature check (Page 6357). Note We recommend that you reactivate the signature check once you have downloaded the addons. 6356 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Switching off the signature check (Panels, RT Advanced) Procedure 1. Press "Transfer" twice in the control panel of the HMI device. The "Transfer Settings" dialog box opens. The option "Validate signatures" is enabled by default. Note If you wish to load an older WinCC project to an HMI device, you will need to check the settings for the signature check. 2. To allow the HMI device software to be loaded without a signature or to allow the download of a trustworthy option from a third-party provider, disable the "Validate signatures" option. See also Download of add-ons from third parties (Page 6356) Signature basics (Page 6356) 12.14.4 Viewing memory card data 12.14.4.1 Basics (Basic Panels, Panels) Introduction WinCC provides you with the possibility of viewing data stored on your memory card. The function supports the use of memory cards of the HMI device and of the CPU. You have the following options: Viewing a backup (Page 6358) Renaming and deleting backups (Page 6359) Viewing HMI device images (Page 6360) Deleting HMI device images (Page 6362) Creating HMI device images on memory card (Page 6362) See also Viewing a backup (Page 6358) Renaming and deleting backups (Page 6359) Viewing HMI device images (Page 6360) WinCC Advanced V14 System Manual, 10/2016 6357 Visualizing processes 12.14 Compiling and loading Deleting HMI device images (Page 6362) Creating HMI device images on memory card (Page 6362) 12.14.4.2 Working with backups (Basic Panels) Viewing a backup (Basic Panels) Introduction The backup of a Basic Panel that is stored on a memory card can also be viewed in the TIA Portal. Requirements WinCC is installed. A memory card with a backup is available. The card reader is connected to the configuration PC. The project view is open. Backup on the memory card in the card reader 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" folder is displayed. 4. Open the "Online Card Data" folder 5. Click the backup to open the shortcut menu. 6. Select "Properties". Backup on the memory card of the PLC Proceed as follows if the backup is stored on the memory card of the PLC: 1. Connect the PLC with the configuration PC. 2. Click on the PLC in the project navigation. 3. Select "Connect online" from the shortcut menu. A connection to the PLC is established. Once the PLC is connected, the "Online Card Data" folder is displayed. 6358 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 4. Open the "Online Card Data" folder. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need at least read access rights in order to view the data that is stored on the memory card. 5. Click the backup to open the shortcut menu. 6. Select "Properties". Result The backup properties are displayed in a separate dialog. See also Renaming and deleting backups (Page 6359) Basics (Page 6357) Renaming and deleting backups (Basic Panels) Introduction You can rename and delete backups from a memory card in the project navigation of the TIA Portal. Requirements WinCC is installed. The card reader is connected to the configuration PC. The PLC is connected online with the configuration PC. A memory card with a backup is available. WinCC Advanced V14 System Manual, 10/2016 6359 Visualizing processes 12.14 Compiling and loading The project view is open. The backup is displayed in the project navigation. Note Accessing a password-protected PLC When you attempt to access a PLC that is protected by a password, you will be prompted to enter the password. You need write access rights to rename or delete memory card data. Procedure 1. Click on the backup in the project navigation. 2. Open the shortcut menu. 3. Select "Rename" to rename the file. 4. Enter a new name. 5. Select "Delete" to delete the file. Result The backup file is now renamed or deleted. See also Viewing a backup (Page 6358) Basics (Page 6357) 12.14.4.3 Working with HMI device images (Panels) Viewing HMI device images (Panels) Introduction The HMI device image of a Comfort Panel that is stored on a memory card can be viewed in the TIA Portal. Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with the HMI device image is available. The project view is open. 6360 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Procedure 1. Insert the memory card into the card reader. 2. Open "SIMATIC Card Reader" in the project navigation. 3. Select the card reader drive. The "Online Card Data" dialog is displayed. 4. Open the "Online Card Data" folder. The available images of the HMI device are displayed in additional folders. 5. Click the required HMI device image. 6. Select "Properties" in the shortcut menu. Result The properties of the HMI device image are displayed in a separate dialog. WinCC Advanced V14 System Manual, 10/2016 6361 Visualizing processes 12.14 Compiling and loading See also Deleting HMI device images (Page 6362) Creating HMI device images on memory card (Page 6362) Basics (Page 6357) Deleting HMI device images (Panels) Introduction You can delete the HMI device image of a Comfort Panel from a memory card in the project navigation of the TIA Portal. Requirements WinCC is installed. The card reader is connected to the configuration PC. A memory card with an HMI device image is available. The project view is open. The HMI device image is displayed in the project navigation. Procedure 1. Click the HMI device image in the project navigation. 2. Open the shortcut menu. 3. Select "Delete" to delete the file. Result The HMI device image is deleted. See also Viewing HMI device images (Page 6360) Basics (Page 6357) Creating HMI device images on memory card (Panels) Introduction You may edit the HMI device image of a Comfort Panel without connecting the Comfort Panel to the configuration PC. 6362 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Simply create the HMI device image on an external memory card or USB stick and then transfer it from there to the Comfort Panel. Requirements WinCC is installed. The card reader is connected to the configuration PC. The project view is open. Procedure 1. Insert the memory card into the card reader. 2. Click on the memory card in the project navigation. 3. Open the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 6363 Visualizing processes 12.14 Compiling and loading 4. Select "Create HMI OS image on memory card". A dialog opens. 5. Select an HMI device image. 6. Select the settings for the restoration. - Activate "Retain installed settings of the Control Panel" The settings you have made on the Comfort Panel are retained. - Activate "Retain installed licenses": The licenses on the Panel are retained. - Activate "Lock settings on the Panel" You can no longer change the selected settings for "Retain installed settings of the Control Panel" and "Retain installed licenses" on the Comfort Panel. Result You have created an HMI device images on memory card. You may use a USB stick instead of a memory card. 6364 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading See also Viewing HMI device images (Page 6360) Basics (Page 6357) 12.14.5 Servicing the HMI device 12.14.5.1 Overview of HMI device maintenance (Basic Panels) Structure The following figure shows the software components of an HMI device and their relation to the engineering system. %DVLF3DQHO+0,GHYLFH 5XQWLPHGDWD 5XQWLPHSURMHFW (QJLQHHULQJ6\VWHP 'DWDEDFNXS &RPSLOHG :LQ&&SURMHFW 5XQWLPHVRIWZDUH 'RZQORDG ,PDJH 2SHUDWLQJV\VWHP )LUPZDUH +DUGZDUH Runtime data The Runtime data is generated during operation of the plant and stored on the HMI device. This data includes, for example, recipes and data for the user administration. This data is overwritten during loading. If required, save this data before loading a Runtime project. Runtime project The Runtime project contains the compiled configuration data for an HMI device. You download the Runtime project from WinCC to the HMI device. Runtime software and operating system Together, the Runtime software and operating system of an HMI device form the image. Various images are available for the HMI device. All images of an HMI device are available in WinCC. Depending on the configuration, download the appropriate image along with the Runtime project to the HMI device as required. WinCC Advanced V14 System Manual, 10/2016 6365 Visualizing processes 12.14 Compiling and loading Firmware and hardware The HMI device is delivered with preconfigured firmware and hardware. 12.14.5.2 Overview of HMI device maintenance tasks (Basic Panels) Structure The following figure shows the software components of an HMI device and their relation to the engineering system. 3DQHO+0,GHYLFH 5XQWLPHGDWD 5XQWLPHSURMHFW 5XQWLPHVRIWZDUH 2SHUDWLQJV\VWHP (QJLQHHULQJ6\VWHP 'DWDEDFNXS &RPSLOHG :LQ&&SURMHFW 'RZQORDG ,PDJH )LUPZDUH +DUGZDUH Runtime data The Runtime data is generated during operation of the plant and stored on the HMI device. This data includes, for example, recipes and data for the user administration. This data is overwritten during loading. If required, save this data before loading a Runtime project. Runtime project and Runtime software The Runtime project contains the compiled configuration data for an HMI device. Download the Runtime project along with the Runtime software from WinCC to the HMI device. Operating system The HMI operating system is referred to as image. Various images are available for the HMI device. All images of an HMI device are available in WinCC. Depending on the configuration, download the appropriate image along with the Runtime project to the HMI device as required. Firmware and hardware The HMI device is delivered with preconfigured firmware and hardware. 6366 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 12.14.5.3 ProSave Introduction The "ProSave" service tool is installed by default when WinCC is installed. The ProSave functions are accessed in WinCC with the menu "Online > HMI Device maintenance". Functional scope ProSave provides all of the functions you need to manage data on the HMI device: Data backup and restoration of backed-up data Operating system update for HMI devices with Windows CE or below Transferring License Keys Installing and uninstalling drivers and options as well as information on installed options and options that can be installed on an HMI device Communication settings (transferred from WinCC) See also Backup of HMI data (Page 6367) Updating the operating system (Page 6370) Transferring license keys (Page 6373) Installing and uninstalling an option (Page 6376) Overview of HMI device maintenance (Basic Panels) (Page 6365) 12.14.5.4 Backup of HMI data Introduction Regular backups of HMI device data keep downtimes to a minimum, for example, when you replace a device. You simply transfer the backup data to the HMI device, restoring the original status. Data backup with WinCC If an HMI device is connected to the configuration PC, you can back up and restore HMI device data from the configuration PC using WinCC. WinCC Advanced V14 System Manual, 10/2016 6367 Visualizing processes 12.14 Compiling and loading Scope of data backup Which data is backed up and restored depends on the type of HMI device: Complete backup Depending on the HMI device: Runtime, firmware, operating system, configuration, recipes, user administration, settings Note License Keys can only be stored only in the following HMI devices: HMI devices of the 177 series (except TP 177A) HMI devices of the 277 series HMI devices of the 377 series Mobile Panel Wireless Comfort Panel The License Keys are not saved for the following HMI devices: OP 77A all other Windows CE HMI devices Firmware/configuration Recipes only Only recipes in CSV format User administration only A backup file with the extension *.psb is generated when you backup the data of an HMI device. As a general rule, you can backup the data to any storage medium. If the HMI device is networked, you can also backup the data to a server. Note Scope of data backup for Windows CE HMI devices Data backup secures the contents of the flash memory. Alarm logs and process value logs are generally saved on the external storage medium. Alarm logs and process value logs are therefore not backed up. If necessary, back up the contents of the memory card separately. Please note the following when performing a complete data file backup and restore operation for Windows CE devices: A full backup includes all options installed. As a rule, the backup includes all options data that is still available after "POWER OFF". All data on the device, including License Keys and the operating system, are permanently deleted when you perform complete data restoration. If the data restoration was interrupted, execute the command "Reset to factory settings". Restart data restoration. Note Use interfaces with high bandwidths, e.g. USB or Ethernet to backup and restore data. 6368 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Note For Windows CE devices, you can also backup the data directly to a CF or PC card, independent of ProSave and WinCC. For additional information, refer to the relevant operating instructions. See also Backing up and restoring data of the HMI device (Page 6369) Overview of HMI device maintenance (Basic Panels) (Page 6365) 12.14.5.5 Backing up and restoring data of the HMI device Note Use the restore function for project data only on operating devices which were configured using the same configuration software. Requirement The HMI device is connected to the configuration PC The HMI device is selected in the project tree. If a server is used for data backup: The configuration PC has access to the server Backup of the data of the HMI device Proceed as follows to backup the data of the HMI device: 1. Select the "Backup" command from the "Online > HMI Device maintenance" menu. The "Create backup" dialog box opens. 2. Select the type of the PG/PC interface and the target device, and click "Create". The "SIMATIC ProSave" dialog box opens. 3. Select the data to backup for the HMI device under "Data type". 4. Enter the name of the backup file under "Save as". 5. Click "Start Backup". This starts the data backup. The backup operation takes some time, depending on the connection selected. WinCC Advanced V14 System Manual, 10/2016 6369 Visualizing processes 12.14 Compiling and loading Restoring the data of the HMI device Proceed as follows to restore the data of the HMI device: 1. Select the "Restore" command from the "Online > HMI Device maintenance" menu. The "Restore backup" dialog box opens. 2. Select the type of the PG/PC interface and the target device, and click "Load". The "SIMATIC ProSave" dialog box opens. 3. Enter the name of the backup file under "Save as". Information about the selected backup file is displayed under "File information". 4. Click "Start Restore". This starts the restoration. This operation takes some time, depending on the connection selected. Backup/Restore from the "Backup/Restore" dialog in the Start Center of the HMI device The "Backup/Restore" function is enabled for MMC, SD memory cards and USB mass storage devices. The storage media supported depend on the HMI device. Note Connections between Basic Panels and controllers If you use the "Backup/Restore" function, a maximum of two connections from Basic Panels to the following controllers are possible at any given time: SIMATIC S7-1200 SIMATIC S7-1500 For more information on this topic, refer to the device manual of the employed HMI device. See also Backup of HMI data (Page 6367) Overview of HMI device maintenance (Basic Panels) (Page 6365) 12.14.5.6 Updating the operating system Introduction Update the HMI device image if the version is incompatible with the configuration. The image version matches the device version. Update the operating system and Runtime software of the HMI device with the help of the device version. While loading the project, you may be prompted to run an automatic update of the device version, depending on the protocol used. 6370 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading Loading will then continue. Loading of the project is otherwise aborted. In this case, perform the update of the device version manually. Note A device version can only be updated on HMI devices that are not PC-based. Updating the device version Connect the HMI device to the configuration PC to update the device version. If possible, use the interface providing the highest bandwidth for this connection, e.g. Ethernet. An update of the device version via serial connection may take up to an hour. Note Transfer of operating systems for MP 377 via PROFIBUS The size of the image and the baud rates available with PROFIBUS mean image transfer with an MP 377 via PROFIBUS can take up to an hour. Updating the operating system via USB or Ethernet. "Reset to factory settings" If the operating system on the HMI device is no longer operational, update the operating system and reset the HMI device to the factory settings. Note Resetting to factory settings via Ethernet for Basic Panels You require the following to reset the HMI device to the factory settings via Ethernet: the MAC address of the HMI device the available IP address the programming device/PC interface of the configuration PC set to Ethernet TCP/IP The programming device/PC interface is configured using the control panel of the configuration PC. Select" "S7ONLINE (STEP7) -> TCP/IP" in the "Access point of the application" field. See also Updating the operating system on the HMI device (Page 6372) Overview of HMI device maintenance (Basic Panels) (Page 6365) WinCC Advanced V14 System Manual, 10/2016 6371 Visualizing processes 12.14 Compiling and loading 12.14.5.7 Updating the operating system on the HMI device If possible, you should use the interface with the highest bandwidth for this connection, such as Ethernet. Updating the operating system via a serial connection can take up to an hour. When you update the operating system, the Runtime software on the HMI device is also updated and the device version is changed. NOTICE Updating the operating system deletes all data on the HMI device When you update the operating system you delete data on the target system. For this reason, you should back up the following data beforehand: User administration Recipes Resetting to factory settings also deletes the License Keys. Back up the License Keys before you reset the system to factory settings. Requirement The HMI device is connected to the configuration PC. The HMI device is selected in the project tree. Updating the operating system Proceed as follows to update the operating system: 1. Select the "Update operating system" command from the "Online > HMI Device maintenance" menu. The "Update operating system" dialog box opens. 2. Select the type of the PG/PC interface and the target device, and click "Update". The "SIMATIC ProSave [OS-Update]" dialog opens. The path to the image is preset. 3. If required, you can select a different path for the image that you want to transfer to the HMI device. 4. Click "Update OS". This starts the update. The update operation can take time, depending on the connection selected. Resetting the HMI device to factory settings To reset the HMI device to factory settings, proceed as follows: 1. Switch off power to the HMI device. 2. Connect the HMI device to the Engineering Station. 3. Select the "Update operating system" command from the menu under "Online > HMI Device maintenance" on the configuration PC in WinCC. The "Update operating system" dialog box opens. 6372 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 4. Select the type of the PG/PC interface and the target device, and click "Update". The "SIMATIC ProSave [OS-Update]" dialog opens. The path to the image is preset. 5. If required, you can select a different path for the image that you want to transfer to the HMI device. 6. Activate "Reset to factory settings". 7. Click "Update OS". 8. To reset to factory settings, switch on the power to the HMI device again. This operation can take time. Result The operating system of the HMI device is operational and up-to-date. See also Managing licenses (Page 6374) Backing up and restoring data of the HMI device (Page 6369) Updating the operating system (Page 6370) Overview for loading of projects (Page 6304) Overview of HMI device maintenance (Basic Panels) (Page 6365) 12.14.5.8 Transferring license keys Introduction You need a license for certain WinCC Runtime options you may want to install on an HMI device. Usually, the necessary licenses supplied as "License Keys" on a data medium, e.g. USB stick. The "License Keys" can also be made available on a license server. Use "Automation License Manager" to transfer the "License Keys" to or from an HMI device. The "Automation License Manager" is included automatically when you install WinCC. NOTICE Backing up License Keys In the following cases you have to backup the "License Keys" in order to prevent deletion of the "License Keys": Prior to the update of the operating system of a Windows CE HMI device Prior to restoring the data from a full backup "License Keys" on an HMI device are backed up depending on the HMI device configuration. For more information, refer to the operating instructions of the corresponding HMI device. WinCC Advanced V14 System Manual, 10/2016 6373 Visualizing processes 12.14 Compiling and loading See also Managing licenses (Page 6374) 12.14.5.9 Managing licenses Requirement The HMI device is connected to the configuration PC or the PC running the "Automation License Manager". If you are using the configuration PC: The HMI device is selected in the project tree. Procedure To transfer license keys, follow these steps: 1. Open the "Automation License Manager". Go to the Windows Start menu and start "Automation License Manager" on a PC on which WinCC is not installed. The "Automation License Manager" starts. 2. Select the "Connect HMI device" command from the "Edit > Connect target system" menu. The "Connect target system" dialog opens. 3. Select the HMI device type in the "Device type" area. 4. Select the "Connection". 6374 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 5. Configure the "connection parameters" associated with the selected connection. 6. Click "OK". The connection to the HMI device is now set up. The connected HMI device is displayed in the left pane of "Automation License Manager". 7. Transfer the "License Keys" to the HMI device: - In the left pane, select the drive on which the "License Keys" are located. The "License Keys" are displayed on the right pane. - Select the "License Keys" - Drag-and-drop the "License Keys" to the HMI device. You can also remove License Keys from the HMI device using drag-and-drop. Alternative procedure You can also start the "Automation License Manager" from WinCC on a PC with a WinCC installation: Select the "Authorize/License" command in the "Online > HMI Device maintenance" menu. Result The "License Keys" are transferred to the HMI device. To backup the "License Keys" from the HMI device, drag-and-drop the "License Keys" from the HMI device to an available drive. WinCC Advanced V14 System Manual, 10/2016 6375 Visualizing processes 12.14 Compiling and loading See also Transferring license keys (Page 6373) Installing and uninstalling an option (Page 6376) 12.14.5.10 Installing and uninstalling an option Introduction You can install the following options on an HMI device: Additional options supplied with WinCC Options purchased in addition to WinCC Which options you can install depends on the HMI device type. Requirement The HMI device is connected to the Engineering Station, or to the PC with ProSave. The HMI device is selected in the project tree. Procedure To install an option on the HMI device, proceed as follows: 1. Select the "Options" command from the "Online > HMI Device maintenance" menu. The "Load options" dialog opens. 2. Select the type of the PG/PC interface and the target device, and click "Load". The "SIMATIC ProSave" dialog box opens. All available options and the previously installed options are displayed. 3. To display the installed options on the HMI device, click "Device status". 4. To install an option on the HMI device, select the option under "Available options" and click ">>". 5. To uninstall an option from the HMI device, select the option under "Available options" and click "<<". Result The selected options are installed on or uninstalled from the HMI device. See also Managing licenses (Page 6374) ProSave (Page 6367) 6376 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading 12.14.5.11 Loading Asian fonts to the HMI device (Panels, RT Advanced) Introduction When using Asian languages, only the Asian characters that were used in configuring the HMI device are loaded to the HMI device during the transfer. If the texts are sent directly from the controller to the HMI device as with controller alarms or with ProDiag, you may encounter display problems. You can load the complete Asian font to the HMI device in these cases. Procedure 1. Select the HMI device in the project tree. 2. Select the "Options" command from the "Online > HMI device maintenance" menu. The "Load options" dialog opens. 3. Select the type of the PG/PC interface and the target device, and click "Load". The "SIMATIC ProSave" dialog box opens. 4. Select the respective font under "Available options" and click ">>". The font is loaded to the HMI device. See also Sending and automatically updating complete alarm from the controller to the HMI device (Page 5484) Making characters available for HMI tags of the type WString/WChar (Page 5343) 12.14.6 Printer driver (Comfort Panels) 12.14.6.1 Validity (Comfort Panels) Validity This document includes a description of the enhancements made possible with optional package printer driver. Install the optional package to implement the extended functionality. The installation provides new printer drivers for several HMI devices. If necessary you can install individual printer drivers with the tool SIMATIC ProSave on your HMI device. For more details on which printer drivers are available for which HMI devices please refer to the section "Supported HMI devices". Installation Please follow the instructions in the "Installation" section to install the "Optional package printer driver V1.4". WinCC Advanced V14 System Manual, 10/2016 6377 Visualizing processes 12.14 Compiling and loading Application example You can find an application example on the subject "Printing with HMI Panels" on the internet at AUTOHOTSPOT 12.14.6.2 Supported HMI devices (Comfort Panels) Contents of the add-on package The "Add-on package printer driver V1.4" contains the following printer drivers for the specified HMI devices. The printer driver supports all printer options of the HMI device. HMI device Brother P-Touch QL 650 TD 1) Brightek WH-AB, WH-C1, WH-E19 Postscript KP400 Comfort USB USB Yes USB USB Yes USB USB Yes USB USB Yes USB USB Yes TP1900 Comfort USB USB Yes TP2200 Comfort USB USB Yes KTP400 Comfort KP700 Comfort TP700 Comfort KP900 Comfort TP900 Comfort KP1200 Comfort TP1200 Comfort KP1500 Comfort TP1500 Comfort USB: Connect printer directly to HMI device via USB port 1) Report printout only. Note Please note that Postscript is a well-known and open communication protocol and theoretically, for this reason, statements could be changed by third parties. It is recommended that the printer be connected by USB in plants where security is especially critical. 6378 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading HMI device GMW IPP 144-40 GE 2) IPP 144-40 GS 2) MP 377 USB MP 277 USB MP 177 USB TP 177B 4" USB USB: Connect printer directly to HMI device via USB port 2) Alarm report printout only. 12.14.6.3 Setting up the printer driver (Comfort Panels) Postscript (Comfort Panels) Define PostScript V1.4 as printer on the HMI device 1. Open the Control Panel. 2. Start the "Printer" application. 3. Under "Printer Language" in the "Printer Properties" dialog, select: the entry "PostScript V1.4". Note Not all printers support PostScript. Make sure that your printer supports this printer language. Select the "Draft mode" option to increase the print speed. HTML (Comfort Panels) Introduction The application "HTMLSettings.exe" is available on the desktop of the HMI device after installation of the "HMTL V1.3" printer driver. Selecting the storage location 1. Open the application "HTMLSettings.exe" on the desktop of your HMI device. 2. Open "Storage Location" in the tab. 3. Under "Primary Location", select "USB-Stick", for example, for the storage location. 4. Select the directory in which the file is to be saved after printing. WinCC Advanced V14 System Manual, 10/2016 6379 Visualizing processes 12.14 Compiling and loading Selecting the file name 1. Open the "HTMLSettings.exe" application 2. Open the "HTML File Names" tab 3. Select the settings for the names of the HTML file for the print-out. 4. Click on "Apply" to confirm your settings. 5. Select "Default" to retain the default settings for file name assignment. Selecting columns for printing reports 1. Open the "HTMLSettings.exe" application 2. Open the "Columns Attributes" tab. 3. Select an attribute in the "Available Columns" category: 4. Add this attribute to your selection with the ">>" button. 5. If required, define whether the selected attribute is to be displayed as an image or as a hyperlink in the HTML file. 6. To deselect attributes from the "Selected Columns" category, select an attribute and click the "<<" button. Selecting style sheets 1. Open the "HTMLSettings.exe" application 2. Open the "Advanced Options" tab. 3. Under "Enter Style Sheet File Path", select the storage location of the style sheets you wish to use. 4. Select the file to be used. 5. Select the directory for links. 6. Select the directory for images. Defining HTML V1.3 as printer on the HMI device 1. Open the Control Panel. 2. Start the "Printer" application. 3. Under "Printer Language" in the "Printer Properties" dialog, select: the entry "HTML V1.3". 4. Select "Draft Mode" for rapid storage of the HTML file. 6380 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.14 Compiling and loading PDF (Comfort Panels) Introduction The application "PDFSettings.exe" is available on the desktop of the HMI device after installation of the "PDF V1.3" printer driver. Selecting the storage location 1. Start the application "PDFSettings.exe" on the desktop of your HMI device. 2. Open "Storage Location" in the tab. 3. Under "Primary Location", select "USB-Stick", for example, for the storage location. 4. Select the directory in which the file is to be saved after printing. Selecting the file name 1. Open the "PDFSettings.exe" application 2. Open the "PDF File Names" tab 3. Select the settings for the names of the PDF file for the print-out. 4. Click on "Apply" to confirm your settings. 5. Select "Default" to retain the default settings for file name assignment. Define PDF V1.3 as printer on the HMI device 1. Open the Control Panel. 2. Start the "Printer" application. 3. In the "Printer Properties" dialog, select the entry "PDF V1.3" under "Printer Language:". 4. Select "Draft Mode" for rapid storage of the PDF file. Rule The table below shows the device-specific differences for printing PDFs: Mode KP700 Comfort KP1500 Comfort TP700 Comfort TP1500 Comfort KP900 Comfort TP1900 Comfort TP900 Comfort TP2200 Comfort KP1200 Comfort TP1200 Comfort WinCC Advanced V14 System Manual, 10/2016 Normal Mode 10 seconds per page 2 seconds per page Draft Mode 2-3 seconds per page 1 second per page 6381 Visualizing processes 12.14 Compiling and loading See also Printing reports (Page 5623) 12.14.6.4 Installation (Comfort Panels) Requirements ProSave is installed on the PC. Procedure 1. Double click the "PROSAVE-OPT.exe" file. 2. Select "<Setup>" in the "WinZip Self-Extractor" dialog. 3. Select the language for the installation menu. 4. Select "<Continue>" in the "Optional package printer driver setup" dialog. 5. Confirm the next box with "<Install>". 6. Confirm the "Optional package printer driver setup" message with "<Finish>". Note To transfer the printer driver to a HMI device, please follow the instructions in the chapter "Transfer of options". 12.14.6.5 Transferring the Options (Comfort Panels) Requirements The HMI device is connected to a PC on which ProSave is installed. Procedure 1. Restart ProSave on your PC. 2. Select the corresponding HMI device type in the "General" tab. 3. Select the type of connection between the HMI device and the PC. 4. Set the connection parameters. 5. Select the "Options" tab. 6. Select the desired printer driver under "Available options". 7. Set "Transfer" mode on the HMI device. If automatic transfer mode is enabled on the HMI device, the device automatically sets "Transfer" mode when a transfer is initiated. 6382 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features 8. Select ">>" on the PC to start the transfer. 9. Follow the ProSave instructions and the instructions which appear on the HMI device. During the installation of the printer driver, a status display appears indicating the progress of the operation. Result When the installation is complete, the new printer driver is displayed in ProSave in the "Installed options" area. The new printer driver can now be used on the HMI device. 12.15 Performance features 12.15.1 General technical specifications 12.15.1.1 Permitted characters Introduction The following table shows the restrictions that must be observed when allocating names and passwords. Permitted characters Names / passwords Restriction Computer names The name must start with a letter. Names of objects Do not use the characters ? " / \ * < > % Names and passwords in user view Do not use the characters ? " / \ & $ % Recipe data Do not use the characters , ; Names of alarm logs In the storage location file - RDB, file - CSV (ASCII) and file -TXT (Unicode) not the characters \ / * ? : " < > | For the storage location database, use only the characters a-z A-Z 0-9 _ @ # $ The characters _ @ # $ may not be used as the first character of a name Name of HMI tags HMI tag names may not start with the @ character Names of screens Do not use the special characters ? " / \ * < > Avoid the character . in screens for Runtime Professional: Tag names in faceplates WinCC Advanced V14 System Manual, 10/2016 Do not use the characters . @ 6383 Visualizing processes 12.15 Performance features Names / passwords Restriction Property names of the faceplates Do not use any UNICODE characters (for example, Chinese characters) in the names. The name must start with a letter. The name may not contain more than 255 characters. Names of AuditTrails Do not use any special characters Names of customized user data types as library objects (RT Professional) Do not use the special characters : ? " \\ \ * $ % " ' Names of C scripts and VB scripts as library objects The name must start with an ASCII letter, followed by an alphanumeric ASCII character or underscore. The name may not contain more than 128 characters. Names of connections Do not use spaces or special characters Name of VB functions Do not use spaces, special characters or VB keywords The name may not contain more than 128 characters. Name of Windows user groups and Win Do not use the special characters / \ dows users when using SIMATIC Logon Communication / OPC: names used Do not use either spaces or the characters . : ? " ' \ * % Note Device dependency - quotes in project name WinCC Professional projects whose names are in quotes have not been compiled. When you create an HMI device for WinCC RT Professional, do not use quotation marks within the project name. 12.15.1.2 Recommended printers Recommended printers The current list of printers recommended for use with the HMI devices is available on the Internet at: Link to the current printer list (http://support.automation.siemens.com/WW/llisapi.dll? aktprim=0&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&caller=view&extranet=standard&viewreg=WW&nodeid0 =10805558&objaction=csopen) Note All HMI devices except for a PC and Panel PC support only one printer at their USB port, even if several ports are available. See also Printer list (http://support.automation.siemens.com/WW/llisapi.dll? aktprim=0&lang=en&referer=%2fWW 6384 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features %2f&func=cslib.csinfo&siteid=csius&caller=view&extranet=standard&viewreg=WW&nodeid0 =10805558&objaction=csopen) 12.15.1.3 Printing via print server Introduction Print servers enable access to network printers. Print jobs are routed to a corresponding printer via the print server. Note Printing takes place via the print server for the following HMI devices: xP 177, Mobile Panel 177 xP 277, Mobile Panel 277, Mobile Panel 277 IWLAN, Mobile Panel 277F IWLAN Mobile Panel 277 IWLAN V2, Mobile Panel 277F IWLAN V2, Mobile Panel 277F IWLAN (RFID Tag) KTP Mobile Panels (as of device version V13) MP 377 Comfort Panels PC with WinCC Runtime Advanced Requirements The print server deploys the "RAW" mode. Note For additional information on settings, refer to the relevant print server documentation. The device is interconnected via Ethernet with the print server or with a printer featuring an integrated print server. External print servers are interconnected with a printer via USB port. The IP address and port used are identical in the "Printer Properties" of the HMI device and on the print server. WinCC Advanced V14 System Manual, 10/2016 6385 Visualizing processes 12.15 Performance features Procedure 1. Open the "Control Panel" on your HMI device. 2. Select "Printer". The "Printer Properties" dialog box opens. 3. Select a printer from the "Printer Language" selection list. 4. Select the "PrintServer" entry from the "Port" selection list. 5. Enter the IP address and the port used for communication with the printer in the "IP:Port" input field. Note Use ":" as delimiter between the IP address and the port number. For example: "192.168.56.23:9100". 6. Select any additional printer settings. Note You can also print over the network. Select the "Port" entry from the "Network:" selection list for this. In the "Network:" selection box, select the network path, consisting of the computer name and the printer name, for example "\\server12\\printer01". 12.15.1.4 Memory requirement of recipes Introduction The following calculation of memory requirements of recipes is only valid for Windows CE devices. Calculation of memory requirements The memory space required by each recipe (in KB) is derived from the sum of D1 + D2 + D3. 6386 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Valid is: D1 = (number of entries x 5 + M + 8):1024 Applies to M: M = Accumulated length of all tag names = sum of characters in all tag names (UTF8 coded, max. 255 bytes per tag name) used in the entries. D2 = [(number of data records x 12) + 4]:1024 D3 = [number of data records x (data record length + N) + 4]:1024 Applies to N: The total length of the name of the corresponding data record in all languages (max. 255 bytes per language) + overhead per data record (1 byte + number of languages * 3 bytes). D1, D2 and D3 are rounded to the next higher number. Memory requirements for using arrays The memory required by each recipe (in KB) is derived from the sum of D1 + D2 + D3. Valid is: D1 = (number of entries x 5 + M + 8):1024 Each element of the tag array used counts as a single entry. Applies to M: M = (length of the array tag name + K) x number of array elements Applies to K: K = 3: 2 to 9 elements in the array K = 4: 10 to 99 elements in the array K = 5: 100 to 999 elements in the array K = 6: 1000 to 9999 elements in the array K = 7: 10000 to 12000 elements in the array D2 = [(number of data records x 12) + 4] : 1024 D3 = [number of data records x (data record length + N) + 4] : 1024 Applies to N: The total length of the name of the corresponding data record in all languages (max. 255 bytes per language) + overhead per data record (1 byte + number of languages * 3 bytes). D1, D2 and D3 are rounded to the next higher number. Note If you use both tags and arrays in a recipe, you have to add the results of both formulas to calculate the total memory required. WinCC Advanced V14 System Manual, 10/2016 6387 Visualizing processes 12.15 Performance features 12.15.1.5 Memory requirements of recipes for Basic Panels, OP 77A, and TP 177A Introduction The following calculation of memory requirements of recipes is valid for Basic Panels, OP 77A, and TP 177A devices. Restrictions The HMI device provides 39 KB of memory space for recipes. This memory space may not be exceeded. The total memory space for recipes is calculated as follows: Total of all recipes + recipe with highest memory requirement. Each recipe may not exceed a maximum memory space of 19 KB. Calculation of memory requirements The memory space requirement of each recipe (in KB) is calculated based on the three addends D1 + D2 + D3. Valid is:: D1 = number of data records x M Rule for M (size of a data record): M = 1 x number of elements of a byte + 2 x number of elements of 2 bytes + 4 x number of elements of 4 bytes + 8 x number of elements of 8 bytes + K Rule for K (size of the string elements): K = number of string elements x (string length + 1) x 2 D2 - data record size D2 = 4 + number of languages x 8 + number of languages x (4 + 4 x number of data records + (length of the data record name + 1) x 2 x number of data records) + 8 + 8 x number of data records Or rewritten: D2 = 12 + 8 x number of data records + number of languages x (12 + number of data records x (4 + (length of the data record name +1) x 2)) D3 - shared memory D3 = 14 + number of elements Note Arrays and single elements can be calculated as described above. 6388 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features 12.15.2 Performance features of the devices 12.15.2.1 Basic Panel (Basic Panels) Basic Panel The following table helps you assess whether your project meets the performance features of the HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. Tags KP300 Ba sic KP400 Basic KTP400 Ba sic KTP600 Basic KTP1000 Basic TP1500 Basic Number of tags in the project 250 500 250 (mono) 500 (color) 500 500 500 Number of PowerTags -- -- -- -- -- -- Number of elements per array 100 100 100 100 100 100 Number of local tags -- -- -- -- -- -- Number of structures -- -- -- -- -- -- Number of structure elements -- -- -- -- -- -- Alarms KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic Number of alarm classes 32 32 32 32 32 32 Number of discrete alarms 200 200 200 200 200 200 Number of analog alarms 15 15 15 15 15 15 Length of an alarm in characters 80 80 80 80 80 80 Number of process values per alarm 8 8 8 8 8 8 Size of the alarm buffer 256 256 256 256 256 256 Number of queued alarm events 64 64 64 64 64 64 KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic Number of screens 50 50 50 50 50 50 Number of fields per screen 30 30 30 30 30 30 Screens WinCC Advanced V14 System Manual, 10/2016 6389 Visualizing processes 12.15 Performance features Number of tags per screen Number of complex objects per screen Number of array elements per screen 1) 2) 1) 2) KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 30 30 30 30 30 30 5 5 5 5 5 5 100 100 100 100 100 100 Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Array elements contained in recipes are included in the count. Recipes Number of recipes Number of elements per recipe KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 5 5 5 5 5 5 20 20 20 20 20 20 User data length in bytes per data record -- -- -- -- -- -- Number of data records per recipe 20 20 20 20 20 20 Reserved memory for data records in the internal Flash 40 KB 40 KB 40 KB 40 KB 40 KB 40 KB 1) 1) If arrays are used, each array element counts as one recipe element Logs KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic Number of logs -- -- -- -- -- -- Number of entries per log (including all log segments) 1) -- -- -- -- -- -- Number of log segments -- -- -- -- -- -- Cyclic trigger for tag logging -- -- -- -- -- -- Number of tags that can be logged per log -- -- -- -- -- -- 1) 6390 The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Trends KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 25 25 25 25 25 25 KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic Number of graphics lists 100 100 100 100 100 100 Number of text lists 150 150 150 150 150 150 Number of entries per text or graphics list 30 30 30 30 30 30 Number of graphic objects 500 500 500 500 500 500 Number of text elements 500 500 500 500 500 500 KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic -- -- -- -- -- -- KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 4 4 4 4 4 4 Number of connections based on "SIMATIC -HMI HTTP" -- -- -- -- -- KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 500 500 500 500 500 500 KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 5 5 5 5 5 5 Number of trends Text lists and graphics lists Scripts Number of scripts Communication Number of connections Help system Number of characters in a help text Languages Number of runtime languages WinCC Advanced V14 System Manual, 10/2016 6391 Visualizing processes 12.15 Performance features Scheduler Time-triggered tasks 1) 1) KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic -- -- -- -- -- -- Event-triggered tasks are not relevant for the system limits User administration KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic Number of user groups 50 50 50 50 50 50 Number of authorizations 32 32 32 32 32 32 Number of users 50 50 50 50 50 50 KP300 Ba sic KP400 Ba sic KTP400 Basic KTP600 Basic KTP1000 Basic TP1500 Basic 1024 KB 1024 KB 1024 KB 1024 KB 1024 KB 1024 KB Project Size of the project file "*.srt" See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.15.2.2 Basic Panel 2nd Generation (Basic Panels) Basic Panel 2nd Generation The following table helps you assess whether your project meets the performance features of the HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. Tags KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of tags in the project 800 800 800 800 Number of PowerTags -- -- -- -- Number of elements per array 100 100 100 100 6392 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of local tags -- -- -- -- Number of structures -- -- -- -- Number of structure elements -- -- -- -- KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of alarm classes 32 32 32 32 Number of discrete alarms 1000 1000 1000 1000 Number of analog alarms 25 25 25 25 Length of an alarm in characters 80 80 80 80 Number of process values per alarm 8 8 8 8 Size of the alarm buffer 256 256 256 256 Number of queued alarm events 64 64 64 64 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of screens 250 250 250 250 Number of fields per screen 100 100 100 100 100 100 100 100 Alarms Screens Number of tags per screen Number of complex objects per screen 1) This information is not relevant for Basic Panels 2nd Generation. Number of recipe displays per screen 10 10 10 10 Number of trend displays per screen 8 8 8 8 Number of alarm displays per screen 20 20 20 20 Number of user displays per screen 1 1 1 1 Number of system diagnostic displays per screen 5 5 5 5 Number of system functions per screen 150 150 150 150 Number of multiplex tags per screen 100 100 100 100 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of recipes 50 50 50 50 Number of elements per recipe1) 100 100 100 100 User data length in KB per data record 32 32 32 32 WinCC Advanced V14 System Manual, 10/2016 6393 Visualizing processes 12.15 Performance features Number of data records per recipe KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 100 100 100 100 256 KB 256 KB 256 KB Reserved memory for data records in the internal Flash 256 KB 1) If arrays are used, each array element counts as one recipe element Logs Number of data logs KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 1 1 1 1 Number of alarm logs 1 1 1 1 Number of entries per log (including all log segments) 10000 10000 10000 10000 Number of log segments 400 400 400 400 Number of tags that can be logged per log 10 10 10 10 Cyclic trigger for tag logging 1s 1s 1s 1s 1) 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 25 25 25 25 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of graphics lists 100 100 100 100 Number of text lists 300 300 300 300 Number of trends Text lists and graphics lists Number of entries per text or graphics list 100 100 100 100 Number of graphic objects 1000 1000 1000 1000 Number of text elements 2500 2500 2500 2500 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic -- -- -- -- Scripts Number of scripts 6394 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Communication KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of connections 4 4 4 4 Number of connections based on "SIMATIC HMI HTTP" -- -- -- -- KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 500 500 500 500 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 10 10 10 10 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic -- -- -- -- Help system Number of characters in a help text Languages Number of runtime languages Scheduler Time-triggered tasks 1) 1) Event-triggered tasks are not relevant for the system limits User administration KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic Number of user groups 50 50 50 50 Number of authorizations 32 32 32 32 Number of users 50 50 50 50 KTP400 Basic KTP700 Basic KTP900 Basic KTP1200 Basic 10 MB 10 MB 10 MB 10 MB Project Size of the project file "*.srt" WinCC Advanced V14 System Manual, 10/2016 6395 Visualizing processes 12.15 Performance features 12.15.2.3 Panel (Panels) Introduction The following tables of system limits help you assess whether your project conforms to the system limits of a given HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. Tags OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 Number of tags in the project 1000 1000 1000 500 1000 2048 Number of PowerTags -- -- -- -- - -- Number of elements per array 50 100 1000 250 1000 1000 Number of local tags -- -- 500 -- 500 1000 Number of structures -- -- -- -- -- 999 Number of structure elements -- -- -- -- -- 400 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 Number of alarm classes 32 32 32 32 32 32 Number of discrete alarms 500 1000 1000 1000 2000 4000 Number of analog alarms 3 5 50 15 50 200 Alarms Length of an alarm in characters 80 80 80 80 80 80 Number of process values per alarm 8 8 8 8 8 8 Size of the alarm buffer 150 256 256 256 256 512 Number of queued alarm events 50 64 64 64 64 250 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 Number of screens 500 500 500 250 500 500 Number of fields per screen 20 30 30 30 50 200 Number of tags per screen 20 30 30 30 50 200 Number of complex objects per screen 1) 5 5 5 5 5 10 Screens 6396 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- 5 100 5 100 300 -- 20 200 20 200 1000 User data length in bytes per data re cord -- -- 800 -- 800 4000 Number of data records per recipe -- 20 200 20 200 500 Reserved memory for data records in the internal Flash -- 40 KB 32 KB 40 KB 32 KB 64 KB Number of recipes Number of elements per recipe 1) 1) If arrays are used, each array element counts as one recipe element Logs OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- -- -- -- -- 20 Number of entries per log (including all -log segments) 1) -- -- -- -- 10000 Number of log segments -- -- -- -- -- 400 Cyclic trigger for tag logging -- -- -- -- -- 1s Number of tags that can be logged per -log -- -- -- -- 2048 Number of logs 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- -- -- 25 50 300 Number of measured values per trend -- -- -- 999 999 999 Number of trends WinCC Advanced V14 System Manual, 10/2016 6397 Visualizing processes 12.15 Performance features Text lists and graphics lists Number of graphics lists OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- -- -- 100 100 400 Number of text lists 150 300 300 300 300 500 Number of entries per text or graphics list 30 30 30 30 30 256 Number of graphic objects 500 1000 1000 1000 1000 1000 Number of text elements 1000 1000 2500 1000 2500 10000 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- -- -- -- -- 50 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 Number of connections 2 4 4 4 4 6 Number of connections based on "SI MATIC HMI HTTP" -- -- -- -- 4 8 Maximum number of connected Sm@rtClients (including a service cli ent) -- -- -- -- 2 3 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 320 320 320 320 320 320 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 5 5 5 5 5 16 Scripts Number of scripts Communication Help system Number of characters in a help text Languages Number of runtime languages 6398 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Scheduler Time-triggered tasks 1) 1) OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 -- -- 10 -- 10 48 Event-triggered tasks are not relevant for the system limits User administration OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 Number of user groups 25 50 50 50 50 50 Number of authorizations 32 32 32 32 32 32 Number of users 25 50 50 50 50 50 OP 73 OP 77A OP 77B TP 177A TP 177B OP 177B TP 277 OP 277 256 KB 320 KB 1 MB 6":512 KB 2 MB 4 MB Project Size of the project files "*.fwc", "*.srt" See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.15.2.4 Mobile Panel (Panels) Mobile Panel The following tables of system limits help you assess whether your project conforms to the system limits of a given HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. WinCC Advanced V14 System Manual, 10/2016 6399 Visualizing processes 12.15 Performance features Tags Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 1000 2048 2048 2048 2048 2048 2048 2048 Number of PowerTags -- -- -- -- -- -- -- -- Number of elements per array 1000 1000 1000 1000 1000 1000 1000 1000 Number of local tags 500 1000 1000 1000 1000 1000 1000 1000 Number of structures -- 999 999 999 999 999 999 999 Number of structure el -ements 400 400 400 400 400 400 400 Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobi leKTP700 F Mobile Number of alarm classes 32 32 32 32 32 32 32 32 Number of discrete alarms 2000 4000 4000 4000 4000 4000 4000 4000 Number of analog alarms 50 200 200 200 200 200 200 200 Length of an alarm in characters 80 80 80 80 80 80 80 80 Number of process values per alarm 8 8 8 8 8 8 8 8 Size of the alarm buffer 256 512 512 512 512 1024 1024 1024 Number of queued alarm events 250 250 250 250 500 500 500 Number of tags in the project Alarms 6400 64 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Screens Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobi leKTP700 F Mobile Number of screens 500 500 500 500 500 500 500 500 Number of fields per screen 50 200 200 200 200 50 400 400 Number of tags per screen 50 200 200 200 200 50 400 400 Number of complex objects per screen 1) 5 10 10 10 10 5 20 20 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobi leKTP700 F Mobile Number of recipes 100 300 300 300 300 300 300 300 Number of elements per recipe1) 200 1000 1000 1000 1000 1000 1000 1000 User data length in bytes per data record 800 4000 4000 4000 4000 262144 262144 262144 Number of data re cords per recipe 200 500 500 500 500 500 500 500 Reserved memory for data records in the in ternal Flash 32 KB 64 KB 64 KB 64 KB 64 KB 2 MB 2 MB 2 MB 1) WinCC Advanced V14 System Manual, 10/2016 If arrays are used, each array element counts as one recipe element 6401 Visualizing processes 12.15 Performance features Logs Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobi leKTP700 F Mobi leKTP700 F Mobile Number of logs -- 20 20 20 20 50 50 50 Number of entries per log (including all log segments) 1) -- 10000 10000 10000 10000 20000 20000 20000 Number of log seg ments -- 400 400 400 400 400 400 400 Cyclic trigger for tag logging -- 1s 1s 1s 1s 1s 1s 1s Number of tags that can be logged per log -- 2048 2048 2048 2048 2048 2048 2048 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends Number of trends Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 50 300 300 300 300 300 300 300 Text lists and graphics lists Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of graphics lists 100 400 400 400 400 500 500 500 Number of text lists 300 500 500 500 500 500 500 500 Number of entries per text or graphics list 30 256 256 256 256 500 500 500 6402 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of graphic ob 1000 jects 1000 1000 1000 1000 4000 4000 4000 Number of text ele ments 10000 10000 10000 10000 40000 40000 40000 2500 Scripts Number of scripts Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile -- 50 50 50 50 100 100 100 Communication Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of connec tions 4 6 6 6 6 8 8 8 Number of connec tions based on "SI MATIC HMI HTTP" 4 8 8 8 8 8 8 8 Maximum number of connected Sm@rtClients (includ ing a service client) 2 2 8'': 3 10": 2 8'': 3 10": 2 8'': 3 10": 2 3 3 3 Mobile Wireless Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of zones -- -- 254 254 -- 254 254 254 Number of effective ranges -- -- -- 127 -- -- -- -- Number of assigned transponders - zones -- -- 255 255 -- -- -- -- WinCC Advanced V14 System Manual, 10/2016 6403 Visualizing processes 12.15 Performance features Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of assigned transponders - effec tive ranges -- -- -- 127 -- -- -- -- Number of effective ranges (RFID) -- -- -- -- 127 -- -- -- Number of RFID tags that can be assigned to effective ranges (RFID) in a project -- -- -- -- 127 -- -- -- Help system Number of characters in a help text Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 320 320 320 320 500 500 500 Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan Mobile Panel el 277F IW 277F IWLAN LAN V2 (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 16 16 16 32 32 32 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 48 48 48 48 48 48 48 320 Languages Number of runtime lan 5 guages 16 Scheduler Mobile Panel 177 Time-triggered tasks 1) 10 1) 6404 Event-triggered tasks are not relevant for the system limits WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features User administration Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Panel 277F IW LAN V2 Mobile Panel 277F IW LAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile Number of user groups 50 50 50 50 50 50 50 50 Number of authoriza tions 32 32 32 32 32 32 32 32 Number of users 50 50 50 50 50 50 50 50 Project Size of the project file "*.fwc" Mobile Panel 177 Mobile Panel 277 Mo bile Pan el 277 IW LAN V2 Mobile Pan el 277F IW LAN V2 Mobile Panel 277F IWLAN (RFID Tag) KTP400F Mobile KTP700 Mobile / KTP700F Mobile KTP900 Mobile / KTP900F Mobile 2 MB 6 MB 6 MB 6 MB 6 MB 12 MB 12 MB 12 MB See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.15.2.5 Multi Panel (Panels) Multi Panel The following tables of system limits help you assess whether your project conforms to the system limits of a given HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. Tags MP 177 MP 277 MP 377 Number of tags in the project 1000 2048 4096 Number of PowerTags -- -- -- Number of elements per array 1000 1000 1000 Number of local tags 500 1000 2000 WinCC Advanced V14 System Manual, 10/2016 6405 Visualizing processes 12.15 Performance features MP 177 MP 277 MP 377 Number of structures -- 999 999 Number of structure elements -- 400 400 Alarms MP 177 MP 277 MP 377 Number of alarm classes 32 32 32 Number of discrete alarms 2000 4000 4000 Number of analog alarms 50 200 200 Length of an alarm in characters 80 80 80 Number of process values per alarm 8 8 8 Size of the alarm buffer 256 512 1024 Number of queued alarm events 64 250 500 MP 177 MP 277 MP 377 Number of screens 500 500 500 Number of fields per screen 50 200 400 Number of tags per screen 50 200 400 5 10 20 Screens Number of complex objects per screen 1) 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes Number of recipes Number of elements per recipe MP 177 MP 277 MP 377 100 300 500 200 1000 1000 User data length in KB per data record 0.8 4 128 Number of data records per recipe 200 500 1000 Reserved memory for data records in the in ternal Flash 32 KB 64 KB 128 KB 1) 6406 1) If arrays are used, each array element counts as one recipe element WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Logs MP 177 MP 277 MP 377 Number of logs -- 20 50 Number of entries per log (including all log segments) 1) -- 10000 50000 Number of log segments -- 400 400 Cyclic trigger for tag logging -- 1s 1s Number of tags that can be logged per log -- 2048 2048 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends MP 177 MP 277 MP 377 50 300 400 MP 177 MP 277 MP 377 Number of graphics lists 100 400 500 Number of text lists 300 500 500 Number of entries per text or graphics list 30 256 256 Number of graphic objects 1000 1000 2000 Number of text elements 2500 10000 30000 MP 177 MP 277 MP 377 -- 50 100 MP 177 MP 277 MP 377 Number of connections 4 6 6 Number of connections based on "SIMATIC HMI HTTP" 4 8 8 Maximum number of connected Sm@rtClients (including a service client) 2 6'': max. 3 10'': max. 2 12'': max. 3 15'': max. 2 19": max: 1 Number of trends Text lists and graphics lists Scripts Number of scripts Communication WinCC Advanced V14 System Manual, 10/2016 6407 Visualizing processes 12.15 Performance features Help system Number of characters in a help text MP 177 MP 277 MP 377 320 320 320 MP 177 MP 277 MP 377 5 16 16 MP 177 MP 277 MP 377 10 48 48 Languages Number of runtime languages Scheduler Time-triggered tasks 1) 1) Event-triggered tasks are not relevant for the system limits User administration MP 177 MP 277 MP 377 Number of user groups 50 50 50 Number of authorizations 32 32 32 Number of users 50 50 50 MP 177 MP 277 MP 377 2 MB 6 MB 12 MB Project Size of the project file "*.fwc" See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.15.2.6 Comfort Panel (Panels) Comfort Panel The following tables of system limits help you assess whether your project conforms to the system limits of a given HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. 6408 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. Note Graphic objects on Comfort Panels The use of 32-bit graphic objects increases memory requirements for the project file on Comfort Panels. The use of jpeg graphic objects reduces memory requirements for the project file on Comfort Panels. Tags KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of tags in the project 1024 2048 4096 4096 4096 Number of PowerTags -- -- -- -- -- Number of elements per array 1000 1000 1000 1000 1000 Number of local tags 500 1000 2000 2000 2000 Number of structures 999 999 999 999 999 Number of structure elements 400 400 400 400 400 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 Alarms TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of alarm classes 32 32 32 32 32 Number of discrete alarms 2000 4000 6000 6000 6000 Number of analog alarms 50 200 200 200 200 Length of an alarm in characters 80 80 80 80 80 Number of process values per alarm 8 8 8 8 8 WinCC Advanced V14 System Manual, 10/2016 6409 Visualizing processes 12.15 Performance features KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Size of the alarm buffer 256 1024 1024 1024 1024 Number of queued alarm events 64 500 500 500 500 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 Screens TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of screens 500 500 750 750 750 Number of fields per screen 50 400 600 600 600 Number of tags per screen 50 400 400 400 400 Number of complex objects per screen 1) 5 20 40 40 40 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of recipes 100 300 500 500 500 Number of elements per recipe1) 200 1000 2000 2000 2000 User data length in KB per data re 32 cord 256 512 512 512 Number of data records per recipe 200 500 1000 1000 1000 Reserved memory for data records 512 KB in the internal Flash 2 MB 4 MB 4 MB 4 MB 6410 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features 1) If arrays are used, each array element counts as one recipe element Logs KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of logs 10 50 50 50 50 Number of entries per log (includ ing all log segments) 1) 10000 20000 50000 50000 50000 Number of log segments 400 400 400 400 400 Cyclic trigger for tag logging 1s 1s 1s 1s 1s 2048 2048 2048 2048 Number of tags that can be logged 100 per log 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 400 400 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of trends WinCC Advanced V14 System Manual, 10/2016 50 300 400 6411 Visualizing processes 12.15 Performance features Text lists and graphics lists KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of graphics lists 100 500 500 500 500 Number of text lists 300 500 500 500 500 Number of entries per text or graphics list 30 500 500 500 500 Number of graphic objects 1000 4000 4000 4000 4000 Number of text elements 2500 40000 40000 40000 40000 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 200 200 200 TP1900 TP2200 Scripts TP1200, KP1200 TP700 Comfort Outdoor TP1500 Comfort Outdoor Number of scripts 50 100 Communication KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Number of connections 4 8 8 8 8 Number of OPC connections in cluding OPC UA 4 8 8 8 8 Number of connections based on "SIMATIC HMI HTTP" 4 8 8 8 8 Maximum number of connected Sm@rtClients (including a service client) 2 3 3 2 1 6412 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Help system KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Number of characters in a help text 500 500 500 500 500 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 Languages TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Number of runtime languages 32 32 32 32 32 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 48 48 Scheduler TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Time-triggered tasks 1) 1) WinCC Advanced V14 System Manual, 10/2016 10 48 48 Event-triggered tasks are not relevant for the system limits 6413 Visualizing processes 12.15 Performance features User administration KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Number of user groups 50 50 50 50 50 Number of authorizations 32 32 32 32 32 Number of users 50 50 50 50 50 KTP400 TP700, KP700 TP1500 TP1900 TP2200 KP400 TP900, KP900 KP1500 24 MB 24 MB Project TP1200, KP1200 TP700 Comfort Out door TP1500 Comfort Outdoor Size of the project file "*.fwc" 4 MB 12 MB 24 MB See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.15.2.7 WinCC Runtime Advanced (RT Advanced) WinCC Runtime Advanced The following tables of system limits help you assess whether your project conforms to the system limits of a given HMI device. The specified maximum values are not additive. It cannot be guaranteed that configurations running on the devices at the full system limits will be functional. In addition to the specified limits, allowances must be made for restrictions imposed by configuration memory resources. 6414 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Tags WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of tags in the project 6144 12288 Number of PowerTags 128 - 4096 128 -8192 Number of elements per array 1600 1600 Number of local tags 2048 4096 Number of structures 999 999 Number of structure elements 400 400 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of alarm classes 32 32 Number of discrete alarms 4000 6000 Number of analog alarms 500 500 Length of an alarm in characters 80 80 Number of process values per alarm 8 8 Size of the alarm buffer 1024 2048 Number of queued alarm events 500 500 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of screens 500 750 Number of fields per screen 400 600 Number of tags per screen 400 400 Number of complex objects per screen 1) 40 40 Alarms Screens 1) Complex objects include: Bars, sliders, symbol library, clock, and all objects from the Controls area. Recipes Number of recipes Number of elements per recipe 1) User data length in KB per data record WinCC Advanced V14 System Manual, 10/2016 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 999 1000 2000 2000 256 512 6415 Visualizing processes 12.15 Performance features Number of data records per recipe WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 5000 5000 Reserved memory for data records in the internal Flash -- 1) -- If arrays are used, each array element counts as one recipe element Logs WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of logs 100 100 Number of entries per log (including all log segments) 500000 500000 Number of log segments 400 400 Cyclic trigger for tag logging 1s 1s Number of tags that can be logged per log 6144 12288 1) 1) The number of entries for the "segmented circular log" logging method is the total number for all sequential logs. The product of the number of sequential logs and the number of data records per sequential log may not exceed the system limit Trends WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 800 800 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of graphics lists 500 500 Number of text lists 500 500 Number of entries per text or graphics list 3500 3500 Number of graphic objects 2000 4000 Number of text elements 30000 40000 Number of trends Text lists and graphics lists 6416 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.15 Performance features Scripts WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 200 200 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of connections 8 8 Number of OPC connections including OPC UA 8 8 Number of scripts Communication Number of connections based on "SIMATIC HMI HTTP" 16 16 Maximum number of connected Sm@rtClients (includ 4 ing a service client) 4 1) 1) Help system KTP400 TP700, KP700 TP1500 KP400 TP900, KP900 KP1500 TP1900 TP2200 TP1200, KP1200 Number of characters in a help text 1) 2) 320 1) 320 1) 320 1) 320 1) 320 1) 500 500 500 500 500 2) 2) 2) 2) 2) For devices with HMI device version 12 or lower For devices with HMI device version higher than 12 Languages Number of runtime languages WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 32 32 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 48 48 Scheduler Time-triggered tasks 1) 1) WinCC Advanced V14 System Manual, 10/2016 Event-triggered tasks are not relevant for the system limits 6417 Visualizing processes 12.16 Options User administration WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 Number of user groups 50 50 Number of authorizations 32 32 Number of users 100 100 WinCC Runtime Advanced WinCC Runtime Advanced Device version prior to 13 Device version as of 13 No limiting No limiting Project Size of the project file "*.fwc" See also S7-1200 manual (http://support.automation.siemens.com/WW/view/en/36932465/0/en) 12.16 Options 12.16.1 WinCC Advanced V14 - Options WinCC options You can find a detailed description of WinCC options in the "WinCC Advanced V14 - Options" manual. 6418 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces 12.17 Interfaces 12.17.1 OPC for Runtime Advanced (Panels, RT Advanced) 12.17.1.1 Basics (Panels, RT Advanced) OPC (Panels, RT Advanced) Introduction OPC refers to standardized manufacturer-specific software interfaces for data exchange in automation engineering. The OPC interfaces provide a standardized environment in which devices and applications from various manufacturers can be linked. OPC is based on the Windows technology COM (Component Object Model) and DCOM (Distributed Component Object Model). OPC UA (Unified Architecture) is the technology succeeding OPC. OPC UA is platformindependent and can use different reports as a communication medium. Principle of operation In WinCC, you can configure HMI devices as OPC servers or OPC clients. The particular HMI device determines which OPC servers and OPC clients are available. OPC Specifications (Panels, RT Advanced) OPC specifies interfaces to gain access to the following objects in WinCC: Process values (OPC Data Access 1.0, 2.05a) Process values (DataAccess ClientFacet (OPC UA) Process values (OPC XML-Data Access 1.01) You can find additional information about the individual OPC specifications in the Internet at the website of OPC Foundation:. www.opcfoundation.org (www.opcfoundation.org) See also Supported OPC UA services of the OPC UA client (Page 6434) WinCC Advanced V14 System Manual, 10/2016 6419 Visualizing processes 12.17 Interfaces Compatibility (Panels, RT Advanced) Support of the mentioned specifications is checked regularly by the "Compliance Test Tool" (CTT) of the OPC Foundation. Interoperability with OPC products of other manufacturers is ensured through the participation in "OPC Interoperability Workshops". The test results submitted are published on the website of the OPC Foundation. The results can be called up from there using the search term "OPC Self-Certified Products". Using OPC in WinCC (Panels, RT Advanced) Configuration option HMI devices configured with WinCC feature an OPC interface for data communication between automation devices or automation systems using the OPC communication driver. You can use an HMI device as an OPC server and/or as an OPC client. As an OPC client, the HMI device can be connected to a maximum of eight OPC servers. The software ensures up to eight client HTTP connections for an OPC XML DA server on a Multi Panel. For the exchange of data via an XML connection, some OPC XML DA clients create several HTTP connections to the OPC XML DA server. HMI device Data exchange over Operating system OPC server OPC client PC, Panel PC (with WinCC Runtime Ad vanced) DCOM or OPC UA bi nary (TCP/IP) Windows XP / 7 OPC DA server OPC DA client HMI devices with version V11.0 and V12.0: SOAP Windows CE OPC UA server (DA on OPC UA client* ly) OPC XML DA server - MP 277 MP 377 Mobile Panel 277 Comfort Panels HMI devices with version V13.0 (or higher): SOAP or OPC UA bina Windows CE ry (TCP/IP) OPC UA server (DA on OPC UA client ly) Comfort Panels Mobile Panels KTP 400F / 700(F) / 900(F) *: The OPC UA client exchanges data via TCP/IP. A communication via DCOM is only possible between HMI devices of the "PC" or the "Panel PC" type. In order for a control room PC to display the process values of Windows CE HMI devices in the plant, for example, install "OPC-XML-Gateway" on the control room PC using the WinCC Runtime Advanced Setup. The "OPC-XML-Gateway" supports the communication within the SIMATIC HMI devices family between an OPC DA client and an OPC XML DA server. The area pointer is supported by any OPC connection. 6420 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces OPC server accessibility The following table lists the available OPC servers and how you can access them: OPC server OPC server name OPC DA server OPC.SimaticHMI.CoRtHmiRTm (ProgID) OPC XML DA server http://<xxx>/soap/OpcXml (URL) 1 OPC DA server OPC.Siemens.XML (ProgID) for accessing the OPC XML DA server via the OPC XML gateway from an OPC DA client OPC UA server Server URL: opc.tcp://[HostName]:4870 <xxx>: IP address or DNS name of the HMI device : For the access of an external OPC DA XML client. 1 HMI device as OPC client To use an HMI device as an OPC client, create an "OPC" connection in the WinCC project. The OPC client accesses the tags of the OPC server over this connection. You need a separate connection for each OPC server. The following exception applies here: If you want to connect your OPC DA client to multiple panels, you only need one OPC connection to the OPC XML gateway in your project. The multiplexing of this connection to multiple OPC XML connections to individual panels takes place in the OPC XML gateway. You configure the connections to the panels using he OPC XML Manager. The following figure shows the use of an HMI device as a central operator control and monitoring device: 23&'$FOLHQW :LQ&& (WKHUQHW7&3,3 352),%86 23&;0/'$6HUYHU 6,0$7,&+0,3DQHO 23&'$VHUYHU :LQ&& 23&'$FOLHQW 23&6HUYHU 6,0$7,&6 UGSDUW\FRQWUROOHUV 6,0$7,&6 WinCC Advanced V14 System Manual, 10/2016 6421 Visualizing processes 12.17 Interfaces HMI device as OPC server An HMI device as OPC server makes the data available to other applications. The applications can run on the same HMI device or on HMI devices in the connected network environment. The following schematic diagram shows the use of MS Excel as an OPC client that displays process values of the OPC server: :LQ&& 06([FHO 23&'$&OLHQW 23&'$6HUYHU (WKHUQHW7&3,3 See also Configuring an HMI device as OPC DA server (Page 6424) Creating a connection to a WinCC OPC DA server (Page 6426) OPC XML Gateway (Page 6430) 12.17.1.2 Security concept of OPC UA (Panels, RT Advanced) Introduction The WinCC OPC UA uses the TCP/IP protocol for data exchange. Instance certificates are exchanged for authorization between WinCC OPC UA server and OPC UA client. In addition, you can encode the data transfer. Security concept The WinCC OPC UA server and each OPC UA client authorize themselves mutually by exchanging certificates. By default, the WinCC OPC UA server creates during installation a self signed instance certificate. The server sends this instance certificate to the client. You can alternatively replace this instance certificate with a project-specific instance certificate. Note Private key and own certificates If you have an own certification center, you can create your own certificates and make them available for all communication partners. In this case, delete the instance certificate created by WinCC OPC UA server. The instance certificate of the client that is allowed to communicate with the server must be stored on both the server and the client in the appropriate directory. 6422 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces Storage locations of the instance certificates The instance certificate is stored on the OPC UA server in the following path: On PCs: "\ProgramData\Siemens\CoRtHmiRTm\MiniWeb1X.X.X\SystemRoot\SSL" On Panels: "\flash\simatic\SystemRoot\SSL" The instance certificate is stored on the OPC UA client in the following path: On PCs: "ProgramData\Siemens\CoRtHmiRTm\OPC\PKI\CA\" On Panels: "flash\Simatic\SystemRoot\OPC\PKI\CA\" If you configure two OPC connections in your project, create the following directories under [...]\OPC\PKI\CA\: "Default" "!Conn_1" "!Conn_2" Each directory contains the subdirectories "certs", "rejected" and "private". Self-signed instance certificates and private keys are stored under "Default\certs" or "Default\private". The OPC-UA connections only use these certificates. The client always stores the sent server certificates first in the "rejected" directory and does not allow a connection to the server. To allow connection to the server at the client end, you need to move the certificate in question from the "rejected" directory into the "certs" directory. The server also initially stores the client certificate in the "rejected" directory under [...] \SystemRoot\SSL. To allow connection to the server at the server end, you need to move the certificate in question from the "rejected" directory into the "certs" directory under [...] \SystemRoot\SSL. Configuring the OPC UA client for the security mode If the OPC UA server is running and the OPC UA client was started with an encrypted connection, set up the communication between the OPC UA server and the OPC UA client in security mode. 1. Move the instance certificate sent from the server from the "rejected" directory to the "certs" directory on the OPC UA client. 2. Move the instance certificate sent from the client from the "rejected" directory to the "certs" directory on the OPC UA server. Once the client and the server have authorized each other, they communicate in security mode. Note If you want to use certificates of third-party vendors for the OPC UA client, stop Runtime and copy the third-party certificates and private keys into the directories "!Conn1\certs" and "! Conn1\private". Then copy the certificate from the "certs" directory into the "SSL" directory on the server. Then start Runtime again. WinCC Advanced V14 System Manual, 10/2016 6423 Visualizing processes 12.17 Interfaces Security settings The following table lists the security settings supported by the WinCC OPC UA server: SecurityPolicy None Message Security Mode None 1 Basic128Rsa15 2 None 3 Sign 4 SignAndEncrypt 5 1: The certificate exchange is switched off. Every OPC UA client can log on to the WinCC OPC UA server. 2: Certificate exchange with depth of encryption of 128 bit. 3: The data packages are exchanged after certificate check unsecured between client and server. 4: The data packages are signed with the certificates, but not encoded 5: The data packages are signed with the certificates and encoded 12.17.1.3 Configuring an OPC server (Panels, RT Advanced) Configuring an HMI device as OPC DA server (Panels, RT Advanced) Introduction Which OPC server is used depends on the HMI device: HMI devices with RT Advanced as OPC DA server HMI devices with version V11.0 and V12.0 as OPC XML DA server HMI devices with version V13.0 as OPC XML DA server The following figure shows the two methods of accessing an OPC server: 23&'$VHUYHU 23&'$FOLHQW '&20 23&*DWHZD\ 23&;0/0DQDJHU 57$GYDQFHG 57$GYDQFHG ;0/ 23&;0/'$VHUYHU 03 03 0RELOH3DQHO &RPIRUW3DQHOV 6424 :LWKGHYLFHYHUVLRQ9DQG9 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces Procedure To configure an HMI device as an OPC server, proceed as follows: 1. Open the "Runtime settings" of the HMI device in the project tree. 2. Select the "Operate as OPC server" option in the "Runtime settings" under "Services > Write/read tags". 3. Save the project. 4. Download the project to the HMI device. 5. Start runtime on the HMI device. Result The OPC server is accessible. If an OPC client connects to the OPC server, the OPC server on the HMI device is started. See also Loading a project (Page 6307) Starting Runtime Advanced and Panel Runtime (Page 6319) Using OPC in WinCC (Page 6420) Creating a connection to a WinCC OPC DA server (Page 6426) Configuring an HMI device as an OPC UA server (Panels, RT Advanced) Introduction The following HMI devices can be used as OPC UA servers: Comfort Panels RT Advanced Procedure 1. Open the "Runtime settings" of the HMI device in the project tree. 2. Select the "Operate as OPC server" option under "Service" in the "Runtime settings". 3. Configure the server settings at "OPC settings > OPC Unified Architecture Server configuration": - Change the "Port number", if required. - Activate at least one "SecurityPolicy" and the respective "Message security mode". Note Unsecured communication between client and server possible Use the "none" setting only for test and diagnostics purposes. WinCC Advanced V14 System Manual, 10/2016 6425 Visualizing processes 12.17 Interfaces 4. Save the project. 5. Download the project to the HMI device. 6. Start runtime on the HMI device. Result The OPC server is accessible. If an OPC client connects to the OPC server, the OPC server on the HMI device is started. Configuring DCOM user permissions in Windows (Panels, RT Advanced) Introduction The OPC DA client and OPC DA server are DCOM applications, whose security settings must be set in compliance with the DCOM security mechanisms: The OPC client needs launch/activation rights and access rights for the OPC DA server. The OPC DA server only needs access rights for the OPC DA client The following must be known on the PCs of the OPC DA server and the OPC DA client respectively: The user account for which the OPC DA client is executed Requirement You have administrator rights. Procedure The procedure for configuring DCOM user rights is described in the document (http:// www.opcfoundation.org/DownloadFile.aspx?CM=3&RI=326&CN=KEY&CI=282&CU=14) of the OPC-Foundation. For more information on assigning user rights, see the Windows documentation. 12.17.1.4 Configuring an OPC client (Panels, RT Advanced) Creating a connection to a WinCC OPC DA server (Panels, RT Advanced) Introduction For an HMI device to access the OPC server data of another HMI device, you need to create a connection to this OPC server in the WinCC project. Depending on the target HMI device used, either an OPC DA server or an OPC XML DA server is employed. 6426 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces The following figure shows the two methods for accessing the OPC servers of the HMI devices: 23&'$VHUYHU 23&'$FOLHQW '&20 23&*DWHZD\ 23&;0/0DQDJHU 57$GYDQFHG 57$GYDQFHG ;0/ 23&;0/'$VHUYHU 03 03 0RELOH3DQHO &RPIRUW3DQHOV :LWKGHYLFHYHUVLRQ9DQG9 If a connection to one or more OPC XML DA servers is created using an OPC XML gateway, also enter the OPC XML DA servers in the "OPC XML Manager". Requirement An HMI device is configured as an OPC server. The project on the HMI device is in runtime. For connections to a OPC XML DA server: "OPC-XML-Gateway" is installed on the configuration PC and the HMI device with the OPC client. Procedure To create a connection to an OPC server of an HMI device, follow these steps: 1. Open the "Connections" editor on the configuration PC in the WinCC project of the OPC client. 2. Create a new connection and enter a meaningful name. 3. Select the entry "OPC" as the "Communication driver". 4. Enter the communication partner under "Parameters > OPC server" in the work area: - If the connection communicates directly with the OPC server or with the OPC server on a PC-based HMI device, select the "OPC.SimaticHMI.CoRtHmiRTm" item from the list. - If the connection communicates directly with the OPC server of a Windows CE HMI device, select "OPC.Siemens.XML" from the list. - If the OPC server is installed on a remote computer, enter the computer's IP address or name under "Remote computer name". WinCC Advanced V14 System Manual, 10/2016 6427 Visualizing processes 12.17 Interfaces Result The OPC connection is configured. To access the data on the WinCC OPC DA server, create tags. See also Using OPC in WinCC (Page 6420) Configuring an HMI device as OPC DA server (Page 6424) OPC XML Gateway (Page 6430) Configuring an OPC XML Manager (Page 6431) Creating a connection to an OPC UA server (Panels, RT Advanced) Introduction The OPC UA client can access process data in the hierarchical name space of an OPC UA server. For the OPC UA client to access the process values of an OPC UA server, the OPC UA server and the OPC UA client authorize each other by exchanging certificates. In addition, you can encode the data transfer. The OPC UA client usually classifies each certificate of an OPC UA server as a "trustworthy". How an OPC UA server responds to a connection request of the OPC UA client depends on the configuration of the OPC UA server. In order to establish communication to an OPC UA server, inform yourself from the OPC UA server operator about the following: URL of the OPC UA server Security settings Required certificates Requirement URL and security settings of the OPC UA server are known. Procedure To create a connection to an OPC UA server, proceed as follows: 1. Open the "Connections" editor on the HMI device. 2. Create a new connection and enter a meaningful name. 6428 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces 3. Select the entry "OPC UA" as the "Communication driver". 4. In the work area, under "Parameters", configure the "OPC server": - Specify the "Discovery URL" of the OPC UA server or select the OPC UA server from the list. - Select the "Security policy" - Select the "Message security mode" Result The OPC UA connection is configured. You create tags to access data from the OPC UA server. See also Supported OPC UA services of the OPC UA client (Page 6434) Accessing process values of an OPC server (Panels, RT Advanced) Requirement The OPC server to be addressed is ready-to-operate and in the "running" status A connection to the OPC-Server is created Procedure To access process values of an OPC-Server via the OPC connection, follow these steps: 1. On the configuration PC in the project navigation, open the "HMI tags" editor under the HMI device that you use as an OPC client. 2. Create a tag with the same data type as the tag on the OPC server. 3. Select the OPC connection for "Connection". 4. Enter the "Address", or select the desired tag on the OPC server via the object list. Result If you launch Runtime on the HMI device, the process value from the OPC server will be written to the tag on the HMI device via the OPC connection. See also Permitted data types (OPC) (Page 6432) Access to tags with OPC (Page 6433) WinCC Advanced V14 System Manual, 10/2016 6429 Visualizing processes 12.17 Interfaces OPC XML Gateway (Panels, RT Advanced) Usage The OPC DA client uses the "OPC XML Gateway" so that the OPC DA client can communicate with the OPC XML DA server. The "OPC XML Gateway" compiles the data in the respective "language" of the corresponding standard. The "OPC XML Gateway" communicates exclusively with the OPC XML DA server which runs on an SIMATIC HMI device. Installation To install "OPC XML Gateway", activate the "OPC XML Gateway" entry during installation of WinCC runtime advanced in the component selection. To install "OPC XML Gateway" afterwards, re-execute the setup of WinCC Runtime Advanced. Proxy setting for the OPC XML Gateway The configuration settings for the OPC XML Gateway can be found in the "SOPCSRVR.ini" file in the section "[Configuration]". The OPC XML Gateway is configured by default on the PC as the HMI device, so that a proxy server configured in the Internet settings of Internet Explorer is ignored: NOPROXY=1 If this entry is set to "0", the OPC XML Gateway uses a configured proxy server for HTTP connections. You can find the "SOPCSRVR.ini" file in the folder "C:\Program Files\\Siemens\Automation \WinCC RT Advanced". Note When data is requested from an HMI device that cannot be accessed over the configured proxy server, the OPC XML Gateway uses a direct connection after a Timeout. The direct connection is set up again on every request for data and slows down OPC communication significantly. See also Configuring an OPC XML Manager (Page 6431) Using OPC in WinCC (Page 6420) 6430 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces Configuring an OPC XML Manager (Panels, RT Advanced) Introduction The OPC XML DA server, to which the OPC DA client has access, is administered in the "OPC XML Manager". The OPC XML Manager can be found in the Windows Start menu under "SIMATIC > OPC-XML-Gateway > OPC XML Manager". To enter an OPC server, you need the following information: Server prefix Any string that is used in the name of the OPC tag. Use an abbreviation of the server, for example. You can find the characters permitted for tag names in the reference. Name or IP address of the OPC XML DA server Requirement "OPC XML Manager" is open. Procedure To configure the OPC XML Manager, proceed as follows: 1. To enter a new OPC XML DA server, click on the button "Add". The "Add/Edit Webservice" dialog is opened. 2. Enter the server prefix and the name or IP address of the OPC XML DA server. 3. Close the two dialogs with "OK". Result The OPC XML DA server is entered. The OPC DA client can now access the data of the OPC XML DA server via the "OPC XML Gateway". Editing or removing an OPC server To edit or delete a configured OPC XML DA server, select the required OPC XML DA server. Then click either "Edit" or "Remove" . See also OPC XML Gateway (Page 6430) WinCC Advanced V14 System Manual, 10/2016 6431 Visualizing processes 12.17 Interfaces 12.17.1.5 Reference (Panels, RT Advanced) Permitted data types (OPC) (Panels, RT Advanced) Permitted data types The following table lists the data types supported by the WinCC OPC servers: OPC data type WinCC data type VT_BOOL BOOL VT_I1 CHAR VT_UI1 BYTE VT_I2 SHORT VT_UI2 WORD VT_UI4 DWORD VT_I4 LONG VT_R4 FLOAT VT_R8 DOUBLE VT_DATE DATE VT_BSTR STRING The following table lists the ranges of values of the OPC data types: OPC data type Range of values VT_BOOL 0 or -1 VT_I1 -128 to 127 VT_UI1 0 to 255 VT_I2 -32768 to 32767 VT_UI2 0 to 65535 VT_I4 -2147483648 to 2147483647 VT_UI4 0 to 4294967295 VT_R4 3.402823466 e-38 through 3.402823466 e+38 VT_R8 1.7976931486231e-308 to 1.7976931486231e+308 VT_Date 1 January 100 to 31 December 9999 Special features in communication with the OPC-DA server The array tag in the OPC-DA server belonging to the area pointer must be of the data type SHORT (VT_I2). Special features in communication with the OPC-XML server Array tags are not supported by OPC-XML servers. 6432 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.17 Interfaces Access to tags with OPC (Panels, RT Advanced) Introduction When accessing tags with OPC, note the following when configuring tags: Permitted characters in tag names Permitted cycle times (OPC XML) Special features of the data type "STRING" (OPC XML) Special features of the data type "Date/Time" (OPC XML) The OPC XML DA server is tested and enabled for eight connections, each with 2 groups and consisting of 35 tags. Permitted characters in tag names Only use the following characters in tag names: Letters from "a" to "z" (no umlauts) Numbers from "0" to "9" Special characters: "-" and "_" Permitted cycle times (OPC XML) OPC XML connections are designed for the exchange of small volumes of data: For this reason use cycle times that are greater than one second In general, only request a small number of tags; a maximum of 30 per screen Special features of the data type "STRING" (OPC XML) Only valid ASCII values from 0x20hex to 0x7Fhex are supported in the data type "STRING". Special features of the data type "Date/Time" (OPC XML) Values of the data type "Date/Time" are always expected as UTC (Universal Time Coordinated) by the OPC-Gateway. If a tag of the type "Date/Time" is read by the OPC client, the returned value is a time in UTC. If a value is written to the tag, the value is treated as UTC. The time including the time zone and daylight saving time are shown as "local time" on an HMI device. Example: The time zone GMT+1 and daylight saving time is set on the HMI device. OPC DA client (UTC time): 01.01.2005 16:00 Display on the HMI device (OPC server): 01.01.2005 18:00 WinCC Advanced V14 System Manual, 10/2016 6433 Visualizing processes 12.17 Interfaces Supported OPC UA services of the OPC UA client (Panels, RT Advanced) OPC UA Services support The OPC UA client supports the following OPC UA services: SecurityPolicy - Basic128Rsa15 SecurityPolicy - Basic256 SecurityPolicy - None DataAccess ClientFacet You can additional information about OPC UA services in the "OPC UA Part 3 - Address Space Model 1.01 Specification" document under "5.6". Explanation of the security settings The following table lists the security settings supported by the OPC UA client: SecurityPolicy Message Security Mode None None Basic128Rsa152 None4 Sign5 SignAndEncrypt6 Basic256 None Sign SignAndEncrypt 1 3 1: The certificate exchange is disabled. Every OPC UA client can log on to the WinCC OPC UA server. This setting can be disabled on each OPC UA server. 2: Certificate exchange with depth of encryption of 128 bit. 3: Certificate exchange with depth of encryption of 256 bit. 4: The data packages are exchanged after certificate check unsecured between client and server. 5: The data packages are signed with the certificates, but not encoded 6: The data packages are signed with the certificates and encoded Note Unsecured communication between client and server possible Use the "none" setting only for test and diagnostics purposes. For a secure communication between client and server, use in operating mode at least the following settings: SecurityPolicy: Basic128Rsa15 Message Security Mode: Sign See also Creating a connection to an OPC UA server (Page 6428) 6434 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal 12.18 Migrating to WinCC in the TIA Portal 12.18.1 Overview of the migration to WinCC in the TIA Portal Overview of the section "Migration to WinCC in the TIA Portal" SIMATIC WinCC offers a number of functional changes in the TIA Portal. Some functions differ from the functions that you know from familiar environments such as WinCC V7 or WinCC flexible. This document provides an overview of the special functions and procedures in SIMATIC WinCC in the TIA Portal. These functions and procedures are fundamentally different from the WinCC V7 and WinCC flexible version, or have a different name. 12.18.2 WinCC flexible 12.18.2.1 Libraries Libraries in WinCC flexible Libraries are a collection of pre-configured screen objects. They expand the number of available screen objects and increase engineering efficiency, because library objects are always available for reuse; there is no need to reconfigure them. WinCC Advanced V14 System Manual, 10/2016 6435 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal WinCC flexible enables you to create two library types: Project library Global library A library can contain all the WinCC flexible objects, such as screens, tags, graphic objects, or alarms. How do I configure libraries with WinCC in the TIA Portal? In WinCC, you also configure the "Project library" and the "Global library". You can no longer store any system functions in libraries, as was the case in WinCC flexible. 6436 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal Both the "Project library" and the "Global library" contain the two folders, "Copy templates" and "Types". You can create or use the library objects as a copy template, or as a type. Copy templates Use copy templates to create independent copies of the library object. Types Create instances of objects of the "Types" folder and use the instances in your project. The instances are bound to their respective type. Changes to an instance also change all other instances. Types are marked by a green triangle in the "Libraries" task card. Managing the library objects You can only copy and move library objects within the same library. For more detailed information, see: AUTOHOTSPOT 12.18.2.2 Screens and templates Screens and templates in WinCC flexible In WinCC flexible, you create screens that an operator can use to control and monitor machines and plants. When you create your screens, the object templates provided support you in visualizing your plant, displaying processes and defining process values. The project has a template for every HMI device. You can centrally configure the function keys and objects for your project in these templates. Every screen based on this template will contain the function keys and objects that you configured in the template. Changes to an object or of a function key assignment in the template are applied to the object in all the screens, which are based on this template. WinCC Advanced V14 System Manual, 10/2016 6437 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal How do I configure screens and templates with WinCC in the TIA Portal? In WinCC, you also configure "Templates" and a "Global screen" along with the "Screens". You determine functions and objects in the template which then apply to all screens based on this template. You can create multiple templates in WinCC. In the "Global screen", define the elements which are independent of the template used for all screens of an HMI device. The "Alarm window" and "Alarm indicator" objects are available for use as global objects. For HMI devices with function keys, configure the function keys in the "Global Screen" editor. You can also configure a "System Diagnostics Window" in the global screen of Comfort Panels. Excluding the controls, the screens are displayed in runtime in the following order: 6438 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal 7HPSODWH 6FUHHQ 0RQLWRU *OREDOVFUHHQ 6\VWHP /D\HU /D\HU For more detailed information, see: AUTOHOTSPOT 12.18.2.3 Scripts in faceplates Scripts in faceplates in WinCC flexible You configure a script in the "Scripts" tab of the "Faceplate configuration" dialog. This script is only available within the faceplate. Interconnect the script directly to the events of the objects contained in the faceplate, for example, with the "Click" event of a button. If you use the faceplate in a screen, a faceplate instance is generated. WinCC Advanced V14 System Manual, 10/2016 6439 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal How do I configure scripts in faceplates with WinCC in the TIA Portal? In the configuration area of the "Faceplates" editor, you create scripts that you only use within a faceplate type. In contrast to WinCC flexible, WinCC allows you to configure several scripts for a faceplate. For more detailed information, see: AUTOHOTSPOT 12.18.2.4 Synchronization of recipes How do I configure a synchronization of recipes with WinCC in the TIA Portal? You configure the synchronization of recipes in the "Recipes" editor in WinCC. A few terms have changed in WinCC as compared to WinCC flexible. Synchronization for Panels and RT Advanced 6440 WinCC Advanced V14 System Manual, 10/2016 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal To synchronize recipe tags that are configured in I/O fields with the recipe view in Runtime, activate "Synchronize recipe view and recipe tags". Deactivate "Direct transfer of individually modified values" to specify that the recipe tags are automatically transferred to the PLC when you edit the I/O fields (teach-in mode). Activate "Coordinated data transfer" to monitor the transfer of recipe data in Runtime using area pointers. For more detailed information, see: Synchronization of recipe data records with the PLC (Page 5548) 12.18.2.5 Special considerations for converting Objects with object references in the project library Two copying methods can be used in WinCC flexible. With "simple copy", a WinCC flexible screen including an IO field is copied, for example. Only the object name of a tag configured on the IO field is copied, as this is a reference. With "copy", a screen, an IO field contained there and a tag configured on the IO field together with its properties are copied. These two methods can also be used for storing an object in a library. Project libraries and the objects contained there are migrated during migration and can be used in WinCC. In WinCC, however, only one copying method is available. With regard to tags, it functions like "simple copy" in WinCC flexible. With regard to graphics, graphics lists and text lists, it functions like "copy" in WinCC flexible. If you stored objects with references to tags in a library in WinCC flexible, you must reconfigure the referenced objects when using them in WinCC. Changing the names of alarm classes In contrast to WinCC flexible, the names of the predefined alarm classes are not dependent on the user interface language currently in use. During migration, the names of the alarm classes are assigned as follows: WinCC flexible WinCC Errors Errors System System Warnings Warnings The display names of the alarm classes can be changed as necessary after migration. WinCC Advanced V14 System Manual, 10/2016 6441 Visualizing processes 12.18 Migrating to WinCC in the TIA Portal Objects with object references in the project library Two copying methods can be used in WinCC flexible. With "simple copy", a WinCC flexible screen including an IO field is copied, for example. Only the object name of a tag configured on the IO field is copied, as this is a reference. With "copy", a screen, an IO field contained there and a tag configured on the IO field together with its properties are copied. These two methods can also be used for storing an object in a library. Project libraries and the objects contained there are migrated during migration and can be used in WinCC. In WinCC, however, only one copying method is available. It functions like "simple copy" in WinCC flexible. If you have stored objects with references to other objects in a library in WinCC flexible, you must reconfigure the referenced objects when using them in WinCC. 6442 WinCC Advanced V14 System Manual, 10/2016 13 Using technology functions 13.1 PID control 13.1.1 Principles for control 13.1.1.1 Controlled system and actuators Controlled system Room temperature control by means of a heating system is a simple example of a controlled system. A sensor measures the room temperature and transfers the value to a controller. The controller compares the current room temperature with a setpoint and calculates an output value (manipulated variable) for heating control. 6HWSRLQW &RQWUROOHU 2XWSXWYDOXH $FWXDWRU +HDWLQJ 3URFHVVYDOXH 6HQVRU 7HPSHUDWXUH A properly set PID controller reaches this setpoint as quickly as possible and then holds it a constant value. After a change in the output value, the process value often changes only with a time delay. The controller has to compensate for this response. Actuators The actuator is an element of the controlled system and is influenced by the controller. Its function modifies mass and energy flows. The table below provides an overview of actuator applications. Application Actuator Liquid and gaseous mass flow Valve, shutter, gate valve Solid mass flow, e.g., bulk material Articulated baffle, conveyor, vibrator channel Flow of electrical power Switching contact, contactor, relay, thyristor Variable resistor, variable transformer, transistor WinCC Advanced V14 System Manual, 10/2016 6443 Using technology functions 13.1 PID control Actuators are distinguished as follows: Proportional actuators with constant actuating signal These elements set degrees of opening, angular positions or positions in proportion to the output value. The output value has an analog effect on the process within the control range. Actuators in this group include spring-loaded pneumatic drives, as well as motorized drives with position feedback for which a position control system is formed. An continuous controller, such as PID_Compact, generates the output value. Proportional actuators with pulse-width modulated signal These actuators are used to generate the output of pulses with a length proportional to the output value within the sampling time intervals. The actuator - e.g. a heating resistor or cooling apparatus - is switched on in isochronous mode for durations that differ depending on the output value. The actuating signal can assume unipolar "On" or "Off" states, or represent bipolar states such as "open/close", "forward/backward", "accelerate/brake". The output value is generated by a two-step controller such as PID_Compact with pulsewidth modulation. Actuators with integral action and three-step actuating signal Actuators are frequently operated by motors with an on period that is proportional to the actuator travel of the choke element. This includes elements such as valves, shutters, and gate valves. In spite of their different design, all of these actuators follow the effect of an integral action at the input of the controlled system. A step controller, such as PID_3Step. generates the output value. 13.1.1.2 Controlled systems The properties of a controlled system can hardly be influenced as these are determined by the technical requirements of the process and machinery. Acceptable control results can only be achieved by selecting a suitable controller type for the specific controlled system and adapting the controller to the time response of the controlled system. Therefore, it is is indispensable for the configuration of the proportional, integral and derivative actions of the controller to have precise knowledge of the type and parameters of the controlled system. Controlled system types Controlled systems are classified based on their time response to step changes of the output value. We distinguish between the following controlled systems: Self-regulating controlled systems - Proportional-action controlled systems - PT1 controlled systems - PT2 controlled systems Non-self-regulating controlled systems Controlled systems with and without dead time 6444 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Self-regulating controlled systems Proportional-action controlled systems In proportional-action controlled systems, the process value follows the output value almost immediately. The ratio between the process value and output value is defined by the proportional Gain of the controlled system. Examples: Gate valve in a piping system Voltage dividers Step-down function in hydraulic systems PT1 controlled systems In a PT1 controlled system, the process value initially changes in proportion to the change of the output value. The rate of change of the process value is reduced as a function of the time until the end value is reached, i.e., it is delayed. Examples: Spring damping system Charge of RC elements Water container that is heated with steam. The time constants are often identical for heating and cooling processes, or for charging and discharge characteristics. With different time constants, controlling is clearly more complex. PT2 controlled systems In a PT2 controlled system, the process value does not immediately follow a step change of the output value, i.e., it increases in proportion to the positive rate of rise and then approaches the setpoint at a decreasing rate of rise. The controlled system shows a proportional response characteristic with second order delay element. Examples: Pressure control Flow rate control Temperature control Non-self-regulating controlled systems Non-self-regulating controlled systems have an integral response. The process value approaches an infinite maximum value. Example: Liquid flow into a container Controlled systems with dead time A dead time always represents the runtime or transport time that has to expire before a change to the system input can be measured at the system output. WinCC Advanced V14 System Manual, 10/2016 6445 Using technology functions 13.1 PID control In controlled systems with dead time, the process value change is delayed by the amount of the dead time. Example: Conveyor 13.1.1.3 Characteristic values of the control section Determining the time response from the step response Time response of the controlled system can be determined based on the time characteristic of process value x following a step change of output value y. Most controlled systems are selfregulating controlled systems. \ W [ 7J ;PD[ [ W 7X W The time response can be determined by approximation using the variables Delay time Tu, Recovery time Tg and Maximum value Xmax. The variables are determined by applying tangents 6446 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control to the maximum value and the inflection point of the step response. In many situations, it is not possible to record the response characteristic up to the maximum value because the process value cannot exceed specific values. In this case, the rate of rise vmax is used to identify the controlled system (vmax = x/t). The controllability of the controlled system can be estimated based on the ratio Tu/Tg, or Tu x vmax/Xmax . Rule: Process type Tu / Tg Suitability of the controlled system for controlling I < 0,1 can be controlled well II 0.1 to 0.3 can still be controlled III > 0,3 difficult to control Influence of the dead time on the controllability of a controlled system A controlled system with dead time and recovery reacts as follows to a jump of the output value. \ W [ 7J W 7X 7W 7D Tt Dead time Tu Delay time Tg Recovery time y Output value x Process value The controllability of a self-regulating controlled system with dead time is determined by the ratio of Tt to Tg. Tt must be small compared to Tg. Rule: Tt/Tg 1 WinCC Advanced V14 System Manual, 10/2016 6447 Using technology functions 13.1 PID control Response rate of controlled systems Controlled systems can be judged on the basis of the following values: Tu < 0.5 min, Tg < 5 min = fast controlled system Tu > 0.5 min, Tg > 5 min = slow controlled system Parameters of certain controlled systems Physical quantity Temperature Controlled system Small electrically heated furnace Large electrically heated annealing furnace Large gas-heated annealing furnace Distillation tower Autoclaves (2.5 m3) High-pressure autoclaves Steam superheater Injection molding machines Extruders 5 to 15 min Up to 60 K/min. 1 to 5 min 10 to 20 min Up to 20 K/min. 0.2 to 5 min 3 to 60 min 1 to 30 K/min 1 to 7 min 40 to 60 min 0.1 to 0.5 C/s 0.5 to 0.7 min 10 to 20 min Not specified 12 to 15 min 200 to 300 min Not specified 30 s to 2.5 min 1 to 4 min 2C/s 0.5 to 3 min 3 to 30 min 5 to 20 K/min 3 to 40 min 1 to 5 min 10 to 60 min 1 C/min 0 to 5 s 0.2 to 10 s Not relevant Pipeline with liquid None None Gas pipeline None 0.1 s Not relevant Drum boiler with gas or oil firing None 150 s Not relevant Pipeline with gas Drum boiler with impact grinding mills 2 to 35 K/min 1 to 2 min 2 to 5 min Not relevant 0.6 to 1 min Not specified 0.1 to 0.3 cm/s Small electric drive None 0.2 to 10 s Not relevant Large electric drive None 5 to 40 s Not relevant Steam turbine None Not specified 50 min-1 Small generators None 1 to 5 s Not relevant Large generators None 5 to 10 s Not relevant Drum boiler Speed 13.1.1.4 0.5 to 1 min 5 to 60 min Vessel level Voltage Rate of rise vmax 1 to 6 min Room heating Pressure Recovery time Tg 0.5 to 4 min Packaging machines Flow rate Delay time Tu Pulse controller Two-step controllers without feedback Two-step controllers have the state "ON" and "OFF" as the switching function. This corresponds to 100% or 0% output. This behavior generates a sustained oscillation of process value x around setpoint w. The amplitude and duration of the oscillation increase in proportion to the ratio between the delay time Tu and recovery time Tg of the controlled system. These controllers are used mainly 6448 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control for simple temperature control systems (such as electrically directly heated furnaces) or as limit-value signaling units. The following diagram shows the characteristic of a two-step controller \ <K Z OFF Yh Control range w Setpoint [ ON The following diagram shows the control function of a two-step controller WinCC Advanced V14 System Manual, 10/2016 6449 Using technology functions 13.1 PID control [ 7J Z ; 6G 7X W \ W Response characteristic with two-step controller Tu Delay time Tg Recovery time XSd Switching difference Response characteristic without controller Two-step controllers with feedback The behavior of two-step controllers in the case of controlled systems with larger delay times, such as furnaces where the functional space is separated from the heating, can be improved by the use of electronic feedback. The feedback is used to increase the switching frequency of the controller, which reduces the amplitude of the process value. In addition, the control-action results can be improved substantially in dynamic operation. The limit for the switching frequency is set by the output level. It should not exceed 1 to 5 switches per minute at mechanical actuators, such as relays and contactors. In the case of voltage and current outputs with downstream thyristor or Triac controllers high switching frequencies can be selected that exceed the limit frequency of the controlled system by far. 6450 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Since the switching pulses can no longer be determined at the output of the controlled system, results comparable with those of continuous controllers are obtained. The output value is generated by pulse-width modulation of the output value of a continuous controller. Two-step controllers with feedback are used for temperature control in furnaces, at processing machines in the plastics, textile, paper, rubber and foodstuff industries as well as for heating and cooling devices. Three-step controllers Three-step controllers are used for heating / cooling. These controllers have two switching points as their output. The control-action results are optimized through electronic feedback structures. Fields of applications for such controllers are heating, low-temperature, climatic chambers and tool heating units for plastic-processing machines. The following diagram shows the characteristic of a three-step controller \ \ \ \ \ Z [ [ 6K y Output value, e.g. y11 = 100% heating y12 = 0% heating y21 = 0% cooling y22 = 100% cooling x Physical quantity of the process value, e.g., temperature in C w Setpoint xSh Distance between Switching Point 1 and Switching Point 2 WinCC Advanced V14 System Manual, 10/2016 6451 Using technology functions 13.1 PID control 13.1.1.5 Response to setpoint changes and disturbances Response to setpoint changes The process value should follow a setpoint change as quickly as possible. The response to setpoint changes is improved by minimizing fluctuation of the process value and the time required to reach the new setpoint. [ Z W x Process value w Setpoint Response to disturbances The setpoint is influenced by disturbance variables. The controller has to eliminate the resulting control deviations in the shortest time possible. The response to disturbances is improved by minimizing fluctuation of the process value and the time required to reach the new setpoint. [ Z W x Process value w Setpoint 6452 Influencing a disturbance variable WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Disturbance variables are corrected by a controller with integral action. A persistent disturbance variable does not reduce control quality because the control deviation is relatively constant. Dynamic disturbance variables have a more significant impact on control quality because of control deviation fluctuation. The control deviation is eliminated again only by means of the slow acting integral action. A measurable disturbance variable can be included in the controlled system. This inclusion would significantly accelerated the response of the controller. 13.1.1.6 Control Response at Different Feedback Structures Control behavior of controllers A precise adaptation of the controller to the time response of the controlled system is decisive for the controller's precise settling to the setpoint and optimum response to disturbance variables. The feedback circuit can have a proportional action (P), proportional-derivative action (PD), proportional-integral action (PI), or proportional-integral-derivative action (PID). If step functions are to be triggered by control deviations, the step responses of the controllers differ depending on their type. WinCC Advanced V14 System Manual, 10/2016 6453 Using technology functions 13.1 PID control Step response of a proportional action controller [ W \ W \ W Control deviation Output value of a continuous controller Output value of a pulse controller Equation for proportional action controller Output value and control deviation are directly proportional, meaning: Output value = proportional gain x control deviation y = GAIN x x 6454 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Step response of a PD-action controller [ W \ 70B/$* W \ W Output value of a continuous controller TM_LAG Delay of the Derivative action Control deviation Output value of a pulse controller Equation for PD-action controller The following applies for the step response of the PD-action controller in the time range: W 7' \ *$,1y;:y 70B/$* 70B/$* yH t = time interval since the step of the control deviation The derivative action generates a output value as a function of the rate of change of the process value. A derivative action by itself is not suitable for controlling because the output value only WinCC Advanced V14 System Manual, 10/2016 6455 Using technology functions 13.1 PID control follows a step of the process value. As long as the process value remains constant, the output value will no longer change. The response to disturbances of the derivative action is improved in combination with a proportional action. Disturbances are not corrected completely. The good dynamic response is advantageous. A well attenuated, non-oscillating response is achieved during approach and setpoint change. A controller with derivative action is not appropriate if a controlled system has pulsing measured quantities, for example, in the case of pressure or flow control systems. 6456 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Step response of a PI-action controller [ W \ W \ W Control deviation Output value of a continuous controller Output value of a pulse controller An integral action in the controller adds the control deviation as a function of the time. This means that the controller corrects the system until the control deviation is eliminated. A sustained control deviation is generated at controllers with proportional action only. This effect can be eliminated by means of an integral action in the controller. In practical experience, a combination of the proportional, integral and derivative actions is ideal, depending on the requirements placed on the control response. The time response of the individual components can be described by the controller parameters proportional gain GAIN, integral action time TI (integral action), and derivative action time TD (derivative action). Equation for PI-action controller WinCC Advanced V14 System Manual, 10/2016 6457 Using technology functions 13.1 PID control The following applies for the step response of the PI-action controller in the time range: \ *$,1y;:y 7,yW t = time interval since the step of the control deviation 6458 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Step response of a PID controller [ W \ 70B/$* W 7, \ W Control deviation Output value of a continuous controller Output value of a pulse controller TM_LAG Delay of the Derivative action Ti Integral action time Equation for PID controller The following applies for the step response of the PID controller in the time range: WinCC Advanced V14 System Manual, 10/2016 6459 Using technology functions 13.1 PID control \ *$,1y;:y 7,yW 7' 70B/$* yH W 70B/$* t = time interval since the step of the control deviation Response of a controlled system with different controller structures Most of the controller systems occurring in process engineering can be controlled by means of a controller with PI-action response. In the case of slow controlled system with a large dead time, for example temperature control systems, the control result can be improved by means of a controller with PID action. [ Z W PID controller w Setpoint x Process value No controller PD-action controller Controllers with PI and PID action have the advantage that the process value does not have any deviation from the setpoint value after settling. The process value oscillates over the setpoint during approach. 6460 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 13.1.1.7 Selection of the controller structure for specified controlled systems Selection of the Suitable Controller Structures To achieve optimum control results, select a controller structure that is suitable for the controlled system and that you can adapt to the controlled system within specific limits. The table below provides an overview of suitable combinations of a controller structure and controlled system. Controlled system Controller structure P PD PI PID With dead time only Unsuitable Unsuitable Suitable Unsuitable PT1 with dead time Unsuitable Unsuitable Well suited Well suited PT2 with dead time Unsuitable Suited conditionally Well suited Well suited Higher order Unsuitable Unsuitable Suited conditionally Well suited Not self-regulating Well suited Well suited Well suited Well suited The table below provides an overview of suitable combinations of a controller structure and physical quantity. Physical quantity Controller structure P PD Sustained control deviation WinCC Advanced V14 System Manual, 10/2016 PI PID No sustained control deviation Temperature For low perform Well suited ance require ments and propor tional action con trolled systems with Tu/Tg < 0,1 The most suitable controller structures for high performance requirements (ex cept for specially adapted special con trollers) Pressure Suitable, if the de lay time is incon siderable The most suitable controller structures for high performance requirements (ex cept for specially adapted special con trollers) Flow rate Unsuitable, be Unsuitable cause required GAIN range is usu ally too large Unsuitable Suitable, but inte Hardly required gral action control ler alone often bet ter 6461 Using technology functions 13.1 PID control 13.1.1.8 PID parameter settings Rule of Thumb for the Parameter Setting Controller structure Setting P GAIN vmax x Tu [ C ] PI GAIN 1.2 x vmax x Tu [ C ] PD GAIN 0.83 x vmax x Tu [ C ] TD 0.25 x vmax x Tu [ min ] TM_LAG 0.5 x TD[ min ] PID GAIN 0.83 x vmax x Tu [ C ] TI 2 x Tu [ min ] TD 0.4 x Tu [ min ] TM_LAG 0.5 x TD[ min ] PD/PID GAIN 0.4 x vmax x Tu [ C ] TI 2 x Tu [ min ] TD 0.4 x Tu [ min ] TM_LAG 0.5 x TD[ min ] Instead of vmax = x / t , you can use Xmax / Tg. In the case of controllers with PID structure the setting of the integral action time and differentialaction time is usually coupled with each other. The ratio TI / TD lies between 4 and 5 and is optimal for most controlled systems. Non-observance of the differential-action time TD is uncritical at PD controllers. In the case of PI and PID controllers, control oscillations occur if the integral action time TI has been select by more than half too small. An integral action time that is too large slows down the settling times of disturbances. One cannot expect that the control loops operate "optimally" after the first parameter settings. Experience shows that adjusting is always necessary, when a system exists that is "difficult to control" with Tu / Tg > 0.3. 13.1.2 Configuring a software controller 13.1.2.1 Overview of software controller For the configuration of a software controller, you need an instruction with the control algorithm and a technology object. The technology object for a software controller corresponds with the instance DB of the instruction. The configuration of the controller is saved in the technology object. In contrast to the instance DBs of other instructions, technology objects are not stored for the program resources, but rather under CPU > Technology objects. 6462 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Technology objects and instructions CPU Library Instruction Technology ob ject Description S7-1200 Compact PID PID_Compact V1.X PID_Compact V1.X Universal PID controller with integrated tuning S7-1200 PID_3Step V1.X PID_3Step V1.X PID controller with integrated tuning for valves S7-1500 PID_Compact V2.X PID_Compact V2.X Universal PID controller with integrated tuning S7-1200 V4.x S7-1500 PID_3Step V2.X PID_3Step V2.X PID controller with integrated tuning for valves PID_Temp V1.0 PID_Temp V1.0 Universal PID temperature controller with in tegrated tuning S7-1200 V4.x S7-1500 V1.7 S7-1200 V4.1 S7-1500/300/4 00 PID basic functions CONT_C CONT_C Continuous controller S7-1500/300/4 00 CONT_S CONT_S Step controller for actuators with integrating behavior S7-1500/300/4 00 PULSEGEN - Pulse generator for actuators with proportion al behavior S7-1500/300/4 00 TCONT_CP TCONT_CP Continuous temperature controller with pulse generator S7-1500/300/4 00 TCONT_S TCONT_S Temperature controller for actuators with in tegrating behavior TUN_EC TUN_EC Optimization of a continuous controller TUN_ES TUN_ES Optimization of a step controller PID_CP Continuous controller with pulse generator PID_ES Step controller for actuators with integrating behavior - Distribute controller calls S7-300/400 PID Self Tuner S7-300/400 S7-300/400 S7-300/400 S7-300/400 Standard PID Con PID_CP trol (PID Professio PID_ES nal optional pack age) LP_SCHED WinCC Advanced V14 System Manual, 10/2016 6463 Using technology functions 13.1 PID control CPU Library S7-300/400 Modular PID Con A_DEAD_B trol (PID Professio CRP_IN nal optional pack CRP_OUT age) DEAD_T S7-300/400 S7-300/400 S7-300/400 Instruction Technology ob ject Description - Filter interfering signal from control deviation - Scale analog input signal - Scale analog output signal - Delay output of input signal S7-300/400 DEADBAND - Suppress small fluctuations to the process value S7-300/400 DIF - Differentiate input signals over time S7-300/400 ERR_MON S7-300/400 INTEG - Integrate input signals over time S7-300/400 LAG1ST - First-order delay element S7-300/400 LAG2ND - Second-order delay element S7-300/400 LIMALARM - Report limit values S7-300/400 LIMITER - Limiting the manipulated variable S7-300/400 LMNGEN_C - Determine manipulated variable for continu ous controller S7-300/400 LMNGEN_S - Determine manipulated variable for step con troller S7-300/400 NONLIN - Linearize encoder signal S7-300/400 NORM - Scale process value physically S7-300/400 OVERRIDE - Switch manipulated variable from 2 PID con trollers to 1 actuator S7-300/400 PARA_CTL - Switch parameter sets S7-300/400 PID - PID algorithm S7-300/400 PUSLEGEN_M - Generate pulse for proportional actuators S7-300/400 RMP_SOAK - Specify setpoint according to ramp / soak S7-300/400 ROC_LIM - Limit rate of change S7-300/400 SCALE_M - Scale process value S7-300/400 SP_GEN - Specify setpoint manually S7-300/400 SPLT_RAN - Split manipulated variable range S7-300/400 SWITCH - Switch analog values S7-300/400 LP_SCHED_M - Distribute controller calls 13.1.2.2 Monitor control deviation Steps for the configuration of a software controller All SW-controllers are configured according to the same scheme: 6464 Step Description 1 Add technology object (Page 6465) 2 Configure technology object (Page 6466) 3 Call instruction in the user program (Page 6467) 4 Download technology object to device (Page 6468) 5 Commission software controller (Page 6469) 6 Save optimized PID parameters in the project (Page 6469) WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 13.1.2.3 Step Description 7 Comparing values (Page 6471) 8 Display instances of a technology object (Page 6490) Add technology objects Add technology object in the project navigator When a technology object is added, an instance DB is created for the instruction of this technology object. The configuration of the technology object is stored in this instance DB. Requirement A project with a CPU has been created. Procedure To add a technology object, proceed as follows: 1. Open the CPU folder in the project tree. 2. Open the "Technology objects" folder. 3. Double-click "Add new object". The "Add new object" dialog box opens. 4. Click on the "PID" button. All available PID-controllers for this CPU are displayed. 5. Select the instruction for the technology object, for example, PID_Compact. 6. Enter an individual name for the technology object in the "Name" input field. 7. Select the "Manual" option if you want to change the suggested data block number of the instance DB. 8. Click "Further information" if you want to add own information to the technology object. 9. Confirm with "OK". Result The new technology object has been created and stored in the project tree in the "Technology objects" folder. The technology object is used if the instruction for this technology object is called in a cyclic interrupt OB. Note You can select the "Add new and open" check box at the bottom of the dialog box. This opens the configuration of the technology object after adding has been completed. WinCC Advanced V14 System Manual, 10/2016 6465 Using technology functions 13.1 PID control 13.1.2.4 Configure technology objects The properties of a technology object on a S7-1200 CPU can be configured in two ways. In the Inspector window of the programming editor In the configuration editor The properties of a technology object on a S7-300/400 CPU can only be configured in the configuration editor. Inspector window of the programming editor In the Inspector window of the programming editor you can only configure the parameters required for operation. The offline values of the parameters are also shown in online mode. You can only change the online values in the commissioning window. To open the Inspector window of the technology object, follow these steps: 1. Open the "Program blocks" folder in the project tree. 2. Double click the block (cyclic interrupt OB) in which you open the instruction of the SWcontroller. The block is opened in the work area. 3. Click on the instruction of the SW-controller. 4. In the Inspector window, select the "Properties" and "Configuration" tabs consecutively. Configuration window For each technology object, there is a specific configuration window in which you can configure all properties. To open the configuration window of the technology object, follow these steps: 1. Open the "Technology objects" folder in the project tree. 2. Open the technology object in the project tree. 3. Double-click the "Configuration" object. Symbols Icons in the area navigation of the configuration and in the Inspector window show additional details about the completeness of the configuration: The configuration contains default values and is complete. The configuration exclusively contains default values. With these default values the use of the technology object is possible without further changes. The configuration contains values defined by the user and is complete All input fields of the configuration contain valid values and at least one default setting was changed. The configuration is incomplete or faulty At least one input field or a collapsible list contains no or one invalid value. The corresponding field or the drop-down list box has a red background. When clicked the roll-out error message indicates the cause of the error. 6466 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control The properties of a technology object are described in detail in the chapter for the technology object. 13.1.2.5 Call instruction in the user program The instruction of the software controller must be called in a cyclic interrupt OB. The sampling time of the software controller is determined by the interval between the calls in the cyclic interrupt OB. Requirement The cyclic interrupt OB is created and the cycle time of the cyclic interrupt OB is correctly configured. Procedure Proceed as follows to call the instruction in the user program: 1. Open the CPU folder in the project tree. 2. Open the "Program blocks" folder. 3. Double-click the cyclic interrupt OB. The block is opened in the work area. 4. Open the "Technology" group in the "Instructions" window and the "PID Control" folder. The folder contains all instructions for software controllers that can be configured on the CPU. 5. Select the instruction and drag it to your cyclic interrupt OB. The "Call options" dialog box opens. 6. Select a technology object or type the name for a new technology object from the "Name" list. Result If the technology object does not exist yet, it is added. The instruction is added in the cyclic interrupt OB. The technology object is assigned to this call of the instruction. WinCC Advanced V14 System Manual, 10/2016 6467 Using technology functions 13.1 PID control 13.1.2.6 Downloading technology objects to device A new or modified configuration of the technology object must be downloaded to the CPU for the online mode. The following characteristics apply when downloading retentive data: Software (changes only) - S7-1200, S7-1500: Retentive data is retained. - S7-300/400: Retentive data is updated immediately. CPU does not change to Stop. Download PLC program to device and reset - S7-1200, S7-1500: Retentive data is updated at the next change from Stop to RUN. The PLC program can only be downloaded completely. - S7-300/400: Retentive data is updated at the next change from Stop to RUN. Downloading retentive data to an S7-1200 or S7-1500 CPU Note The download and reset of the PLC program during ongoing system operation can result in serious damages or injuries in the case of malfunctions or program errors. Make sure that dangerous states cannot occur before you download and reset the PLC program. Proceed as follows to download the retentive data: 1. Select the entry of the CPU in the project tree. 2. Select the command "Download and reset PLC program" from the "Online" menu. - If you have not established an online connection yet, the "Extended download" dialog opens. In this case, set all required parameters for the connection and click "Download". - If the online connection has been defined, the project data is compiled, if necessary, and the dialog "Load preview" opens. This dialog displays messages and recommends actions necessary for download. 3. Check the messages. As soon as download is possible, the "Download" button becomes active. 4. Click on "Download". The complete PLC program is downloaded and the "Load results" dialog opens. This dialog displays the status and the actions after the download. 5. If the modules are to restart immediately after the download, select the check box "Start all". 6. Close the dialog "Download results" with "Finish". 6468 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Result The complete PLC program is downloaded to the device. Blocks that only exist online in the device are deleted. By downloading all affected blocks and by deleting any blocks in the device that are not required, you avoid inconsistencies between the blocks in the user program. The messages under "Info > General" in the Inspector window indicate whether the download was successful. 13.1.2.7 Commissioning software controller Procedure To open the "Commissioning" work area of the technology object, follow these steps: 1. Open the "Technology objects" folder in the project tree. 2. Open the technology object in the project tree. 3. Double-click the "Commissioning" object. The commissioning functions are specific for each controller and are described there. 13.1.2.8 Save optimized PID parameter in the project The software controller is optimized in the CPU. Through this, the values in the instance-DB on the CPU no longer agree with those in the project. To update the PID parameter in the project with the optimized PID parameters, proceed as follows: Requirement An online connection to the CPU is established and the CPU is in "RUN" mode. The functions of the commissioning window have been enabled by means of the "Start" button. Procedure 1. Open the CPU folder in the project tree. 2. Open the "Technology objects" folder. 3. Open a technology object. 4. Double click on "Commissioning". 5. Click on the icon "Upload PID parameters". 6. Save the project. WinCC Advanced V14 System Manual, 10/2016 6469 Using technology functions 13.1 PID control Result The currently active PID parameters are stored in the project data. When reloading the project data in the CPU, the optimized parameters are used. 13.1.2.9 Comparing values Comparison display and boundary conditions The "Compare values" function provides the following options: Comparison of configured start values of the project with the start values in the CPU and the actual values Direct editing of actual values and the start values of the project Immediate detection and display of input errors with suggested corrections Backup of actual values in the project Transfer of start values of the project to the CPU as actual values Icons and operator controls The following icons and operator controls are available: Icon Function Start value PLC matches the configured Start value project Start value PLC does not match the configured Start value project The comparison of the Start value PLC with the configured Start value project cannot be performed At least one of the two comparison values has a process-related or syntax error. Transfers actual values to the offline project Transfers updated start values in the project to the CPU (initialize setting values) Opens the "Compare values" dialog Boundary conditions The "Compare values" function is available for S7-1200 and S7-1500 without limitations. The following limitation applies to S7-300 and S7-400: In monitoring mode, an S7-300/S7-400 cannot transfer the start values to the CPU. These values cannot be displayed online with "Compare values". The actual values of the technology object are displayed and can be changed directly. 6470 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Comparing values The procedure is shown in the following using "PID Parameters" as an example. Requirements A project with a software controller is configured. The project is downloaded to the CPU. The configuration dialog is open in the project navigator. Procedure 1. Open the desired software controller in the project navigation. 2. Double-click the "Configuration" object. 3. Navigate within the configuration window to the "PID Parameters" dialog. 4. Click the icon to activate monitoring mode. The icons and operator controls (Page 6470) of the "Compare values" function are shown behind the parameters. 5. Click the desired parameter in the input box and change the parameter values manually by entering them directly. - If the background of the input box is gray, this value is a read-only value and cannot be changed. - To change the values in the "PID Parameters" dialog, enable manual entry by selecting the "Enable manual entry" check box beforehand. 6. Click the icon to open the dialog for the start values. This dialog indicates two values of the parameter: - Start value in CPU: The start value in the CPU is shown in the top part. - Start value in the project: The configured start value in the project is shown in the bottom part. 7. Enter the desired value in the input box for the project. Error detection The input of incorrect values is detected. Corrections are suggested in this case. If you enter a value with incorrect syntax, a rollout containing the corresponding error message opens below the parameter. The incorrect value is not applied. If you enter a value that is incorrect for the process, a dialog opens containing the error message and a suggested correction: Click "No" to accept this suggested correction and correct your input. Click "OK" to apply the incorrect value. WinCC Advanced V14 System Manual, 10/2016 6471 Using technology functions 13.1 PID control NOTICE Malfunctions of the controller Values incorrect for the process can result in controller malfunctions. Backing up actual values Click the project. icon to transfer the actual controller values to the start values of your configured Transferring project values to the CPU Click the icon to transfer the configured values of your project to the CPU. CAUTION Prevent personal injury and property damage! Downloading and resetting of the user program while the plant is operating may result in significant property damage and severe personal injuries in the event of malfunctions or program errors. Make sure that dangerous states cannot occur before you download and reset the user program. 6472 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 13.1.2.10 Parameter view Introduction to the parameter view The Parameter view provides you with a general overview of all relevant parameters of a technology object. You obtain an overview of the parameter settings and can easily change them in offline and online mode. "Parameter view" tab Toolbar (Page 6475) Navigation (Page 6475) Parameter table (Page 6476) Function scope The following functions are available for analyzing the parameters of the technology objects and for enabling targeted monitoring and modification. Display functions: Display of parameter values in offline and online mode Display of status information of the parameters Display of value deviations and option for direct correction Display of configuration errors Display of value changes as a result of parameter dependencies WinCC Advanced V14 System Manual, 10/2016 6473 Using technology functions 13.1 PID control Display of all memory values of a parameter: Start value PLC, Start value project, Monitor value Display of the parameter comparison of the memory values of a parameter Operator control functions: Navigation for quickly changing between the parameters and parameter structures. Text filter for faster searches for particular parameters. Sorting function for customizing the order of parameters and parameter groups to requirements. Memory function for backing up structural settings of the Parameter view. Monitoring and modifying of parameter values online. Function for saving a snapshot of parameter values of the CPU in order to capture momentary situations and to respond to them. Function for applying a snapshot of parameter values as start values. Download of modified start values to the CPU. Comparison functions for comparing parameter values with one another. Validity The Parameter view described here is available for the following technology objects: PID_Compact PID_3Step PID_Temp CONT_C (S7-1500 only) CONT_S (S7-1500 only) TCONT_CP (S7-1500 only) TCONT_S (S7-1500 only) TO_Axis_PTO (S7-1200 Motion Control) TO_Positioning_Axis (S7-1200 Motion Control) TO_CommandTable_PTO (S7-1200 Motion Control) TO_CommandTable (S7-1200 Motion Control) 6474 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Structure of the parameter view Toolbar The following functions can be selected in the toolbar of the parameter view. Icon Function Explanation Monitor all Starts the monitoring of visible parameters in the active Parameter view (online mode). Create snapshot of mon Applies the current monitor values to the "Snapshot" column and up itor values and accept dates the start values in the project. setpoints of this snap Only in online mode for PID_Compact and PID_3Step. shot as start values Initialize setpoints Transfers the start values updated in the project to the CPU. Only in online mode for PID_Compact and PID_3Step. Create snapshot of mon Applies the current monitor values to the "Snapshot" column. itor values Only in online mode. Modify all selected pa rameters immediately and once This command is executed once and as quickly as possible without reference to any particular point in the user program. Select navigation struc ture Toggles between functional navigation and data navigation. Text filter... After entry of a character string: Display of all parameters containing the specified string in one of the currently visible columns. Selection of compare values Selection of parameter values that are to be compared with one an other in online mode (Start value project, Start value PLC, Snapshot) Save window settings Saves your display settings for the Parameter view (e.g., selected navigation structure, activated table columns, etc.) Only in online mode. Only in online mode. Navigation Within the "Parameter view" tab, the following alternative navigation structures can be selected. Navigation Explanation Functional naviga tion In the functional navigation, the structure of the parameters is based on the structure in the configuration dialog ("Functional view" tab), commissioning dialog, and diagnostics dialog. The last group "Other parameters" contains all other parameters of the technology object. Data navigation In the data navigation, the structure of the parameters is based on the structure in the instance DB / technology DB. The last group "Other parameters" contains the parameters that are not contained in the instance DB / technology DB. You can use the "Select navigation structure" drop-down list to toggle the navigation structure. WinCC Advanced V14 System Manual, 10/2016 6475 Using technology functions 13.1 PID control Parameter table The table below shows the meaning of the individual columns of the parameter table. You can show or hide the columns as required. Column "Offline" = X: Column is visible in offline mode. Column "Online" = X: Column is visible in online mode (online connection to the CPU). Column Explanation Offline Online Name in functional view Name of the parameter in the functional view. X X Full name in DB Complete path of the parameter in the instance DB / technology DB. X X X X The display field is empty for parameters that are not configured via the tech nology object. The display field is empty for parameters that are not contained in the instance DB / technology DB. Name in DB Name of the parameter in the instance DB / technology DB. If the parameter is part of a structure or UDT, the prefix ". ./" is added. The display field is empty for parameters that are not contained in the instance DB / technology DB. Status of configura tion Display of the completeness of the configuration using status symbols. Compare result Result of the "Compare values" function. X see Status of configuration (offline) (Page 6484) X This column is shown if there is an online connection and the "Monitor all" button is selected. Start value project Configured start value in the project. X X X X X X Error indication if entered values have a syntax or process-related error. Default value Value that is pre-assigned to the parameter. The display field is empty for parameters that are not contained in the instance DB / technology DB. Snapshot Snapshot of the current values in the CPU (monitor values). Error indication if values have a process-related error. Start value PLC Start value in the CPU. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if values have a process-related error. Monitor value Current value in the CPU. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if values have a process-related error. Modify value Value that is to be used to change the monitor valuet. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if entered values have a syntax or process-related error. Selection for trans mission Selection of the Modify values that are to be transmitted using the "Modify all selected parameters immediately and once" button. X This column is displayed together with the "Modify value" column. 6476 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Column Explanation Offline Online Minimum value Minimum process-related value of the parameter. X X X X If the minimum value is dependent on other parameters, it is defined: Offline: By the Start value project. Online: By the Monitor values. Maximum value Maximum process-related value of the parameter. If the maximum value is dependent on other parameters, it is defined: Offline: By the Start value project. Online: By the Monitor values. Setpoint Designates the parameter as a setpoint. These parameters can be initialized online. X X Data type Data type of the parameter. X X X X Accessible from HMI Indicates whether the HMI can access this parameter during runtime. X X Visible in HMI Indicates whether the parameter is visible in the selection list of the HMI by default. X X Comment Brief description of the parameter. X X The display field is empty for parameters that are not contained in the instance DB / technology DB. Retain Designates the value as a retentive value. The values of retentive parameters are retained even after the voltage supply is switched off. See also Comparing values (Page 6470) Opening the parameter view Requirement The technology object has been added in the project tree, i.e., the associated instance DB / technology DB of the instruction has been created. Procedure 1. Open the "Technology objects" folder in the project tree. 2. Open the technology object in the project tree. 3. Double-click the "Configuration" object. 4. Select the "Parameter view" tab in the top right corner. Result The Parameter view opens. Each displayed parameter is represented by one row in the parameter table. WinCC Advanced V14 System Manual, 10/2016 6477 Using technology functions 13.1 PID control The displayable parameter properties (table columns) vary depending on whether you are working with the Parameter view in offline or online mode. In addition, you can selectively display and hide individual table columns. See also Default setting of the parameter view (Page 6478) Default setting of the parameter view Default settings To enable you to work efficiently with the Parameter view, you can customize the parameter display and save your settings. The following customizations are possible and can be saved: Show and hide columns Change column width Change order of the columns Toggle navigation Select parameter group in the navigation Selection of compare values Show and hide columns To show or hide columns in the parameter table, follow these steps: 1. Position the cursor in the header of the parameter table. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the check box for the column. 4. To hide a column, clear the check box for the column. or 1. Position the cursor in the header of the parameter table. 2. Select the "Show all columns" command in the shortcut menu if all columns of the offline or online mode are to be displayed. Some columns can only be displayed in online mode: see Parameter table (Page 6476). 6478 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Change column width To customize the width of a column so that all texts in the rows can be read, follow these steps: 1. Position the cursor in the header of the parameter table to the right of the column to be customized until the shape of the cursor changes to a cross. 2. Then double-click this location. or 1. Open the shortcut menu on the header of the parameter table. 2. Click - "Optimize column width" or - "Optimize width of all columns". If the column width setting is too narrow, the complete content of individual fields are shown if you hover the cursor briefly over the relevant field. Change order of the columns The columns of the parameter table can be arranged in any way. To change the order of the columns, follow these steps: 1. Click on the column header and use a drag-and-drop operation to move it to the desired location. When you release the mouse button, the column is anchored to the new position. Toggle navigation To toggle the display form of the parameters, follow these steps: 1. Select the desired navigation in the "Select navigation structure" drop-down list. - Data navigation - Functional navigation See also Navigation (Page 6475). Select parameter group in the navigation Within the selected navigation, you choose between the "All parameters" display or the display of a subordinate parameter group of your choice. 1. Click the desired parameter group in the navigation. The parameter table only displays the parameters of the parameter group. WinCC Advanced V14 System Manual, 10/2016 6479 Using technology functions 13.1 PID control Selection of compare values (online) To set the compare values for the "Compare values" function, follow these steps: 1. Select the desired compare values in the "Selection of compare values" drop-down list. - Start value project / Start value PLC - Start value project / Snapshot - Start value PLC / Snapshot The "Start value project / Start value PLC" option is set by default. Saving the default setting of the Parameter view To save the above customizations of the Parameter view, follow these steps: 1. Customize the Parameter view according to your requirements. 2. Click the "Save window settings" button at the top right of the Parameter view. Working with the parameter view Overview The following table provides an overview of the functions of the Parameter view in online and offline mode described in the following. Column "Offline" = X: This function is possible in offline mode. Column "Online" = X: This function is possible in online mode. 6480 Function/action Offline Online Filtering the parameter table (Page 6481) X X Sorting the parameter table (Page 6481) X X Transferring parameter data to other editors (Page 6482) X X Indicating errors (Page 6482) X X Editing start values in the project (Page 6483) X X Status of configuration (offline) (Page 6484) X Monitoring values online in the parameter view (Page 6484) X Create snapshot of monitor values (Page 6485) X Modifying values (Page 6486) X Comparing values (Page 6487) X Applying values from the online program as start values (Page 6488) X Initializing setpoints in the online program (Page 6489) X WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Filtering the parameter table You can filter the parameters in the parameter table in the following ways: With the text filter With the subgroups of the navigation Both filter methods can be used simultaneously. With the text filter Texts that are visible in the parameter table can be filtered. This means only texts in displayed parameter rows and columns can be filtered. 1. Enter the desired character string for filtering in the "Text filter..." input box. The parameter table displays only the parameters containing the character string. The text filtering is reset. When another parameter group is selected in the navigation. When navigation is changed from data navigation to functional navigation, or vice versa. With the subgroups of the navigation 1. Click the desired parameter group in the navigation, e.g., "Static". The parameter table only shows the static parameters. You can select further subgroups for some groups of the navigation. 2. Click "All parameters" in the navigation if all parameters are to be shown again. Sorting the parameter table The values of the parameters are arranged in rows. The parameter table can be sorted by any displayed column. In columns containing numerical values, sorting is based on the magnitude of the numerical value. In text columns, sorting is alphabetical. Sorting by column 1. Position the cursor in the header cell of the desired column. The background of this cell turns blue. 2. Click the column header. Result The entire parameter table is sorted by the selected column. A triangle with tip facing up appears in the column header. WinCC Advanced V14 System Manual, 10/2016 6481 Using technology functions 13.1 PID control Clicking the column header again changes the sorting as follows: Symbol "": Parameter table is sorted in ascending order. Symbol "": Parameter table is sorted in descending order. No symbol: The sorting is removed again. The parameter table assumes the default display. The "../" prefix in the "Name in DB" column is ignored when sorting. Transferring parameter data to other editors After selecting an entire parameter row of the parameter table, you can use the following: Drag-and-drop <Ctrl+C>/<Ctrl+V> Copy/Paste via shortcut menu Transfer parameters to the following editors of the TIA Portal: Program editor Watch table Signal table for trace function The parameter is inserted with its full name: See information in "Full name in DB" column. Indicating errors Error indication Parameter assignment errors that result in compilation errors (e.g., limit violation) are indicated in the Parameter view. Every time a value is input in the Parameter view, a check is made for process-related and syntax errors and the result is indicated. Bad values are indicated by: Red error symbol in the "Status of configuration" (offline mode) or "Compare result" (online mode, depending on the selected comparison type) columns and/or Table field with red background If you click the bad field, a roll-out error message appears with information of the permissible value range or the required syntax (format) Compilation error From the error message of the compiler, you can directly open the Parameter view (functional navigation) containing the parameter causing the error in situations where the parameter is not displayed in the configuration dialog. 6482 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Editing start values in the project With the Parameter view, you can edit the start values in the project in offline mode and online mode. You make value changes in the "Start value project" column of the parameter table. In the "Status of configuration" column of the parameter table, the progress of the configuration is indicated by the familiar status symbols from the configuration dialog of the technology object. Boundary conditions If other parameters depend on the parameter whose start value was changed, the start value of the dependent parameters are also adapted. If a parameter of a technology object is not editable, it is also not editable in the parameter view. The ability to edit a parameter can also depend on the values of other parameters. Defining new start values To define start values for parameters in the Parameter view, follow these steps: 1. Open the Parameter view of the technology object. 2. Enter the desired start values in the "Start value project" column. The value must match the data type of the parameter and must not exceed the value range of the parameter. The limits of the value range can be seen in the "Maximum value" and "Minimum value" columns. The "Status of configuration" column indicates the progress of the configuration with colored symbols. See also Status of configuration (offline) (Page 6484) Following adaptation of the start values and downloading of the technology object to the CPU, the parameters take the defined value at startup if they are not declared as retentive ("Retain" column). Error indication When a start value is input, a check is made for process-related and syntax errors and the result is indicated. Bad start values are indicated by: Red error symbol in the "Status of configuration" (offline mode) or "Compare result" (online mode, depending on the selected comparison type) columns and/or Red background in the "Start value project" field If you click on the bad field, a roll-out error message appears with information of the permissible value range or the necessary syntax (format) WinCC Advanced V14 System Manual, 10/2016 6483 Using technology functions 13.1 PID control Correcting bad start values 1. Correct bad start values using information from the roll-out error message. Red error symbol, red field background, and roll-out error message are no longer displayed. The project cannot be successfully compiled unless the start values are error-free. Status of configuration (offline) The status of the configuration is indicated by icons: In the "Status of configuration" column in the parameter table In the navigation structure of the functional navigation and data navigation Symbol in "Status of configuration" column Symbol Meaning The start value of the parameter corresponds to the default value and is valid. A start value has not yet been defined by the user. The start value of the parameter contains a value defined by the user. The start value is different than the default value. The start value is error-free and valid. The start value of the parameter is invalid (syntax or process-related error). The input box has a red background. When clicked, the roll-out error message indicates the cause of the error. Only for S7-1200 Motion Control: The start value of the parameter is valid but contains warnings. The input box has a yellow background. Symbol in the navigation The symbols in the navigation indicate the progress of the configuration in the same way as in the configuration dialog of the technology object. See also Configure technology objects (Page 6466) Monitoring values online in the parameter view You can monitor the values currently taken by the parameters of the technology object in the CPU (monitor values) directly in the Parameter view. Requirements There is an online connection. The technology object is downloaded to the CPU. 6484 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. Procedure . 1. Start the monitoring by clicking As soon as the Parameter view is online, the following columns are additionally displayed: - Compare result - Start value PLC - Monitor value - Modify value - Selection for transmission The "Monitor value" column shows the current parameter values on the CPU. Meaning of the additional columns: see Parameter table (Page 6476) 2. Stop the monitoring by clicking again. Display All columns that are only available online have an orange background: Values in light-orange cells can be changed. Values in cells with a dark orange background cannot be changed. Create snapshot of monitor values You can back up the current values of the technology object on the CPU (monitor values) and display them in the Parameter view. Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button is selected. Procedure To show the current parameter values, follow these steps: 1. In the Parameter view, click the "Create snapshot of monitor values" icon WinCC Advanced V14 System Manual, 10/2016 . 6485 Using technology functions 13.1 PID control Result The current monitor values are transferred once to the "Snapshot" column of the parameter table. You can analyze the values "frozen" in this way while the monitor values continue to be updated in the "Monitor values" column. Modifying values With the Parameter view, you can modify values of the technology object in the CPU. You can assign values to the parameter once (Modify value) and modify them immediately. The modify request is executed as quickly as possible without reference to any particular point in the user program. DANGER Danger when modifying: Changing the parameter values while the plant is operating may result in severe damage to property and personal injury in the event of malfunctions or program errors. Make sure that dangerous states cannot occur before you use the "Modify" function. Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button is selected. The parameter can be modified (associated field in the "Modify value" column has a lightorange background). Procedure To modify parameters immediately, follow these steps: 1. Enter the desired modify values in the "Modify values" column of the parameter table. 2. Check whether the check box for modifying is selected in the "Select for transmission" column. The modify values and associated check boxes of dependent parameters are automatically adapted at the same time. 3. Click the "Modify all selected parameters immediately and once" icon . The selected parameters are modified once and immediately with the specified values and can be monitored in the "Modify values" column. The check boxes for modifying in the 6486 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control "Selection for transmission" column are automatically cleared after the modify request is complete. Error indication When a start value is input, a check is made immediately for process-related and syntax errors and the result is indicated. Bad start values are indicated by: Red background in the "Modify value" field and If you click the bad field, a roll-out error message appears with information of the permissible value range or the necessary syntax (format) Bad modify values Modify values with process-related errors can be transmitted. Modify values with syntax errors cannot be transmitted. Comparing values You can use comparison functions to compare the following memory values of a parameter: Start value project Start value PLC Snapshot Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button WinCC Advanced V14 System Manual, 10/2016 is selected. 6487 Using technology functions 13.1 PID control Procedure To compare the start values on the various target systems, follow these steps: 1. Click the "Selection of compare values" icon . A selection list containing the comparison options opens: - Start value project - Start value PLC (default setting) - Start value project - Snapshot - Start value PLC - Snapshot 2. Select the desired comparison option. The selected comparison option is executed as follows: - A scales symbol appears in the header cells of the two columns selected for comparison. - Symbols are used in the "Compare result" column to indicate the result of the comparison of the selected columns. Symbol in "Compare result" column Symbol Meaning The compare values are equal and error-free. The compare values are not equal and error-free. At least one of the two compare values has a process-related or syntax error. The comparison cannot be performed. At least one of the two compare values is not available (e.g., snap shot). Symbol in the navigation The symbols are shown in the same way in the navigation if the comparison result applies to at least one of the parameters below the displayed navigation structure. Applying values from the online program as start values In order to apply optimized values from the CPU to the project as start values, you create a snapshot of the monitor values. Values of the snapshot marked as a "Setpoint" are then applied to the project as start values. Requirements The technology object is of type "PID_Compact" or "PID_3Step". There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button 6488 is selected. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure To apply optimized values from the CPU, follow these steps: 1. Click the "Create snapshot of monitor values and accept setpoints of this snapshot as start values" icon . Result The current monitor values are applied to the "Snapshot" column and their setpoints are copied to the "Start value project" column as new start values. Note Applying values of individual parameters You can also apply the values of individual parameters that are not marked as a setpoint from the "Snapshot" column to the "Start values project" column. To do so, copy the values and insert them into the "Start value project" column using the "Copy" and "Paste" commands in the shortcut menu. Initializing setpoints in the online program You can initialize all parameters that are marked as a "Setpoint" in the Parameter view with new values in the CPU in one step. In so doing, the start values are downloaded from the project to the CPU. The CPU remains in "RUN" mode. To avoid data loss on the CPU during a cold restart or warm restart, you must also download the technology object to the CPU. DANGER Danger when changing parameter values Changing the parameter values while the plant is operating may result in severe damage to property and personal injury in the event of malfunctions or program errors. Make sure that dangerous states cannot occur before you reinitialize the setpoints. Requirements The technology object is of type "PID_Compact" or "PID_3Step". There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. WinCC Advanced V14 System Manual, 10/2016 6489 Using technology functions 13.1 PID control The "Monitor all" button is selected. The parameters marked as a "Setpoint" have a "Start value project" that is free of processrelated and syntax errors Procedure To initialize all setpoints, follow these steps: 1. Enter the desired values in the "Start value project" column. Ensure that the start values are free of process-related and syntax errors. 2. Click the "Initialize setpoints" icon . Result The setpoints in the CPU are initialized with the start values from the project. 13.1.2.11 Display instance DB of a technology object. An instance DB, in which the parameter and static variables are saved, is created for each technology object. Procedure To display the instance DB of a technology object, proceed as follows: 1. Open the CPU folder in the project tree. 2. Open the "Technology objects" folder. 3. Highlight a technology object. 4. Select the command "Open DB editor" in the shortcut menu. 13.1.3 Using PID_Compact (S7-1200, S7-1500) 13.1.3.1 Technology object PID_Compact (S7-1200, S7-1500) The technology object PID_Compact provides a continuous PID controller with integrated optimization. You can alternatively configure a pulse controller. Both manual and automatic mode are possible. PID-Compact continuously acquires the measured process value within a control loop and compares it with the required setpoint. From the resulting control deviation, the instruction PID_Compact calculates an output value by which the process value is adapted as quickly 6490 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control and stable as possible to the setpoint. The output value for the PID controller consists of three actions: P action The proportional action of the output value increases in proportion to the control deviation. I action The integral action of the output value increases until the control deviation has been balanced. D action The derivative action increases with the rate of change of control deviation. The process value is corrected to the setpoint as quickly as possible. The derivative action will be reduced again if the rate of change of control deviation drops. The instruction PID_Compact calculates the proportional, integral and derivative parameters for your controlled system during pretuning. Fine tuning can be used to tune the parameters further. You do not need to manually determine the parameters. Additional information Overview of software controller (Page 6462) Add technology objects (Page 6465) Configure technology objects (Page 6466) Configuring PID_Compact V2 (Page 6491) Configuring PID_Compact V1 (Page 6507) 13.1.3.2 PID_Compact V2 (S7-1200, S7-1500) Configuring PID_Compact V2 (S7-1200, S7-1500) Basic settings (S7-1200, S7-1500) Introduction (S7-1200, S7-1500) Configure the following properties of the "PID_Compact" technology object under "Basic settings" in the Inspector window or in the configuration window: Physical quantity Control logic Start-up behavior after reset Setpoint (only in the Inspector window) Process value (only in the Inspector window) Output value (only in the Inspector window) WinCC Advanced V14 System Manual, 10/2016 6491 Using technology functions 13.1 PID control Setpoint, process value and output value You can only configure the setpoint, process value and output value in the Inspector window of the programming editor. Select the source for each value: Instance DB The value saved in the instance DB is used. Value must be updated in the instance DB by the user program. There should be no value at the instruction. Change via HMI possible. Instruction The value connected to the instruction is used. The value is written to the instance DB each time the instruction is called. No change via HMI possible. Controller type (S7-1200, S7-1500) Physical quantity Select the physical quantity and unit of measurement for setpoint, process value, and disturbance variable in the "Controller type" group. Setpoint, process value, and disturbance variable is displayed in this unit of measurement. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. PID_Compact does not work with negative proportional gain. Select the check box "Invert control logic" to reduce the process value with a higher output value. Examples Opening the drain valve will reduce the level of a container's contents. Increasing cooling will reduce the temperature. Startup characteristics 1. To switch to "Inactive" mode after CPU restart, clear the "Activate Mode after CPU restart" check box. To switch to the operating mode saved in the Mode parameter after CPU restart, select the "Activate Mode after CPU restart" check box. 2. In the "Set Mode to" drop-down list, select the mode that is to be enabled after a complete download to the device. After a complete download to the device, PID_Compact starts in the selected operating mode. With each additional restart, PID_Compact starts in the mode that was last saved in Mode. Example You have selected the "Activate Mode after CPU restart" check box and the entry "Pretuning" in the "Set Mode to" list. After a complete download to the device, PID_Compact starts in the 6492 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control "Pretuning" mode. If pretuning is still active, PID_Compact starts in "Pretuning" mode again after restart of the CPU. If pretuning was successfully completed and automatic mode is active, PID_Compact starts in "Automatic mode" after restart of the CPU. Setpoint (S7-1200, S7-1500) Procedure Proceed as follows to define a fixed setpoint: 1. Select "Instance DB". 2. Enter a setpoint, e.g. 80 C. 3. Delete any entry in the instruction. Proceed as follows to define a variable setpoint: 1. Select "Instruction". 2. Enter the name of the REAL variable in which the setpoint is saved. Program-controlled assignment of various values to the REAL variable is possible, for example for the time controlled change of the setpoint. Process value (S7-1200, S7-1500) PID_Compact will scale the value of the analog input to the physical quantity if you use the analog input value directly. You will need to write a program for processing if you wish first to process the analog input value. The process value is, for example, not directly proportional to the value at the analog input. The processed process value must be in floating point format. Procedure Proceed as follows to use the analog input value without processing: 1. Select the entry "Input_PER" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the address of the analog input. Proceed as follows to use the processed process value in floating point format: 1. Select the entry "Input" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the name of the variable in which the processed process value is saved. WinCC Advanced V14 System Manual, 10/2016 6493 Using technology functions 13.1 PID control Output value (S7-1200, S7-1500) PID_Compact offers three output values. Your actuator will determine which output value you use. Output_PER The actuator is triggered via an analog output and controlled with a continuous signal, e.g. 0...10V, 4...20mA. Output The output value needs to be processed by the user program, for example because of nonlinear actuator response. Output_PWM The actuator is controlled via a digital output. Pulse width modulation creates minimum ON and minimum OFF times. Procedure Proceed as follows to use the analog output value: 1. Select the entry "Output_PER (analog)" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the analog output. Proceed as follows to process the output value using the user program: 1. Select the entry "Output" in the drop-down list "Output". 2. Select "Instance DB". The calculated output value is saved in the instance data block. 3. For the preparation of the output value, use the output parameter Output. 4. Transfer the processed output value to the actuator via a digital or analog CPU output. Proceed as follows to use the digital output value: 1. Select the entry "Output_PWM" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the digital output. Process value settings (S7-1200, S7-1500) Scaling the process value (S7-1200, S7-1500) If you have configured the use of Input_PER in the basic setting, you must convert the value of the analog input to the physical quantity of the process value. The current configuration is displayed in the Input_PER display. Input_PER will be scaled using a low and high value pair if the process value is directly proportional to the value of the analog input. 6494 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure To scale the process value, follow these steps: 1. Enter the low pair of values in the "Scaled low process value" and "Low" input fields. 2. Enter the high pair of values in the "Scaled high process value" and "High" input boxes. Default settings for the value pairs are stored in the hardware configuration. To use the value pairs from the hardware configuration, follow these steps: 1. Select the PID_Compact instruction in the programming editor. 2. Interconnect Input_PER with an analog input in the basic settings. 3. Click the "Automatic setting" button in the process value settings. The existing values will be overwritten with the values from the hardware configuration. Process value limits (S7-1200, S7-1500) You must specify an appropriate absolute high limit and low limit for the process value as limit values for your controlled system. As soon as the process value violates these limits, an error occurs (ErrorBits = 0001h). Tuning is canceled when the process value limits are violated. You can configure how PID_Compact reacts to an error in automatic mode in the output value settings. Advanced settings (S7-1200, S7-1500) Monitoring process value (S7-1200, S7-1500) Configure a warning high and low limit for the process value in the "Process value monitoring" configuration window. If one of the warning limits is exceeded or undershot during operation, a warning will be displayed at the PID_Compact instruction: At the InputWarning_H output parameter if the warning high limit has been exceeded At the InputWarning_L output parameter if the warning low limit has been undershot The warning limits must be within the process value high and low limits. The process value high and low limits will be used if you do not enter values. Example Process value high limit = 98 C; warning high limit = 90 C Warning low limit = 10 C; process value low limit = 0 C WinCC Advanced V14 System Manual, 10/2016 6495 Using technology functions 13.1 PID control PID_Compact will respond as follows: Process value InputWarn ing_H InputWarn ing_L Error Bits Operating mode > 98 C TRUE FALSE 0001h Inactive or Substitute output value with error mon itoring 98 C and > 90 C TRUE FALSE 0000h Automatic mode 90 C and 10 C FALSE FALSE 0000h Automatic mode < 10 C and 0 C FALSE TRUE 0000h Automatic mode < 0 C FALSE TRUE 0001h Inactive or Substitute output value with error mon itoring In the output value settings, you can specify the reaction of PID_Compact when the process value high limit or low limit is violated. See also Parameters State and Mode V2 (Page 4013) PWM limits (S7-1200, S7-1500) The value at the output parameter Output is transformed into a pulse sequence that is output at output parameter Output_PWM by means of a pulse width modulation. Output is calculated in the PID algorithm sampling time, Output_PWM is output in the PID_Compact sampling time. The PID algorithm sampling time is determined during pretuning or fine tuning. If manually setting the PID parameters, you will also need to configure the PID algorithm sampling time. The PID_Compact sampling time is equivalent to the cycle time of the calling OB. The pulse duration is proportional to the value at Output and is always an integer multiple of the PID_Compact sampling time. 6496 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 2XWSXW W PV 2XWSXWB3:0 758( )$/6( W PV PID_Compact sampling time PID algorithm sampling time Pulse duration Break time The "Minimum ON time" and the "Minimum OFF time" are rounded to an integer multiple of the PID_Compact sampling time. A pulse or a break is never shorter than the minimum ON or OFF time. The inaccuracies this causes are added up and compensated in the next cycle. Example PID_Compact sampling time = 100 ms PID algorithm sampling time = 1000 ms Minimum ON time = 200 ms Output is a constant 15%. The smallest pulse that PID_Compact can output is 20%. In the first cycle, no pulse is output. In the second cycle, the pulse not output in the first cycle is added to the pulse of the second cycle. WinCC Advanced V14 System Manual, 10/2016 6497 Using technology functions 13.1 PID control 2XWSXW 2XWSXWB3:0 W PV 758( )$/6( W PV PID_Compact sampling time PID algorithm sampling time Minimum ON time In order to minimize operation frequency and conserve the actuator, extend the minimum ON and OFF times. If you are using "Output" or "Output_PER", you must configure the value 0.0 for the minimum ON and OFF times. Note The minimum ON and OFF times only affect the output parameter Output_PWM and are not used for any pulse generators integrated in the CPU. Output value (S7-1200, S7-1500) Output value limits In the "Output value limits" configuration window, configure the absolute limits of your output value in percent. Absolute output value limits are not violated in neither manual mode nor automatic mode. If an output value outside the limits is specified in manual mode, the effective value is limited in the CPU to the configured limits. The output value limits must match the control logic. The valid output value limit values depend on the Output used. Output -100.0 to 100.0% Output_PER -100.0 to 100.0% Output_PWM 0.0 to 100.0% 6498 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Reaction to error NOTICE Your system may be damaged. If you output "Current value while error pending " or "Substitute output value while error pending" in the event of an error, PID_Compact remains in automatic mode. This may cause a violation of the process value limits and damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. PID_Compact is preset so that the controller stays active in most cases in the event of an error. If errors occur frequently in controller mode, this default reaction has a negative effect on the control response. In this case, check the Errorbits parameter and eliminate the cause of the error. WinCC Advanced V14 System Manual, 10/2016 6499 Using technology functions 13.1 PID control PID_Compact generates a programmable output value in response to an error: Zero (inactive) PID_Compact outputs 0.0 as output value for all errors and switches to "Inactive" mode. The controller is only reactivated by a falling edge at Reset or a rising edge at ModeActivate. Current value while error is pending If the following errors occur in automatic mode, PID_Compact returns to automatic mode as soon as the errors are no longer pending. If one or more of the following errors occur, PID_Compact stays in automatic mode: - 0001h: The "Input" parameter is outside the process value limits. - 0800h: Sampling time error - 40000h: Invalid value at Disturbance parameter. If one or more of the following errors occur in automatic mode, PID_Compact switches to "Substitute output value with error monitoring" mode and outputs the last valid output value: - 0002h: Invalid value at Input_PER parameter. - 0200h: Invalid value at Input parameter. - 0400h: Calculation of output value failed. - 1000h: Invalid value at Setpoint parameter. If an error occurs in manual mode, PID_Compact continues using the manual value as the output value. If the manual value is invalid, the substitute output value is used. If the manual value and substitute output value are invalid, the output value low limit is used. If the following error occurs during a pretuning or fine tuning, PID_Compact remains in active mode: - 0020h: Pretuning is not permitted during fine tuning. When any other error occurs, PID_Compact cancels the tuning and switches to the mode from which tuning was started. As soon as no errors are pending, PID_Compact returns to automatic mode. Substitute output value while error is pending PID_Compact outputs the substitute output value. If the following error occurs, PID_Compact stays in "Substitute output value with error monitoring" mode and outputs the output value low limit: - 20000h: Invalid value at SubstituteOutput tag. For all other errors, PID_Compact reacts as described for "Current value while error is pending". See also Parameters State and Mode V2 (Page 4013) 6500 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID parameters (S7-1200, S7-1500) The PID parameters are displayed in the "PID Parameters" configuration window. The PID parameters will be adapted to your controlled system during controller tuning. You do not need to enter the PID parameters manually. The PID algorithm operates according to the following equation: 1 y = Kp [ (b * w - x) + T * s (w - x) + I Symbol TD * s a * TD * s + 1 (c * w - x) ] Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time a Derivative delay coefficient (derivative delay T1 = a x TD) TD Derivative action time c Derivative action weighting The diagram below illustrates the integration of the parameters into the PID algorithm: 6HWSRLQW Z E $QWL:LQGXS /,0,7 , .3 \ F 6FDOHG,QSXW [ '7 All PID parameters are retentive. If you enter the PID parameters manually, you must completely download PID_Compact. Downloading technology objects to device (Page 6468) WinCC Advanced V14 System Manual, 10/2016 6501 Using technology functions 13.1 PID control Proportional gain The value specifies the proportional gain of the controller. PID_Compact does not work with a negative proportional gain. Control logic is inverted under Basic settings > Controller type. Integral action time The integral action time determines the time behavior of the integral action. The integral action is deactivated with integral action time = 0.0. Derivative action time The derivative action time determines the time behavior of the derivative action. Derivative action is deactivated with derivative action time = 0.0. Derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. Derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. 6502 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID algorithm sampling time The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_Compact are executed at every call. If you use Output_PWM, the accuracy of the output signal is determined by the ratio of the PID algorithm sampling time to the cycle time of the OB. The PID algorithm sampling time corresponds to the time period of the pulse width modulation. The cycle time should be at least 10 times the PID algorithm sampling time. Rule for tuning Select whether PI or PID parameters are to be calculated in the "Controller structure" dropdown list. PID Calculates PID parameters during pretuning and fine tuning. PI Calculates PI parameters during pretuning and fine tuning. User-defined The drop-down list displays "User-defined" if you have configured different controller structures for pretuning and fine tuning via a user program. Commissioning PID_Compact V2 (S7-1200, S7-1500) Pretuning (S7-1200, S7-1500) The pretuning determines the process response to a jump change of the output value and searches for the point of inflection. The PID parameters are calculated from the maximum rate of rise and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. This is most likely the case in operating modes "Inactive" and "manual mode". The PID parameters are backed up before being recalculated. Requirement The "PID_Compact" instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE PID_Compact is in one of the following modes: "Inactive", "Manual mode", or "Automatic mode". WinCC Advanced V14 System Manual, 10/2016 6503 Using technology functions 13.1 PID control The setpoint and the process value lie within the configured limits (see "Process value monitoring" configuration). The difference between setpoint and process value is greater than 30% of the difference between process value high limit and process value low limit. The distance between the setpoint and the process value is > 50% of the setpoint. Procedure To perform pretuning, follow these steps: 1. Double-click the "PID_Compact > Commissioning" entry in the project tree. 2. Select the entry "Pretuning" in the "Tuning mode" drop-down list. 3. Click the "Start" icon. - An online connection will be established. - Value recording is started. - Pretuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon when the progress bar has reached 100% and it can be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If pretuning was performed without an error message, the PID parameters have been tuned. PID_Compact switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If pretuning is not possible, PID_Compact responds with the configured reaction to errors. See also Parameters State and Mode V2 (Page 4013) Fine tuning (S7-1200, S7-1500) Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are tuned for the operating point from the amplitude and frequency of this oscillation. All PID parameters are recalculated from the results. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_Compact automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before being recalculated. 6504 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Requirement The PID_Compact instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE The setpoint and the process value lie within the configured limits. The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. No disturbances are expected. PID_Compact is in one of the following operating modes: Inactive, automatic mode, or manual mode. Process depends on initial situation Fine tuning can be started from the following operating modes: "Inactive", "automatic mode", or "manual mode". Fine tuning proceeds as follows when started from: Automatic mode Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_Compact controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive or manual mode If the requirements for pretuning are met, pretuning is started. The determined PID parameters will be used for control until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. If pretuning is not possible, PID_Compact responds with the configured reaction to errors. An attempt is made to reach the setpoint with the minimum or maximum output value if the process value for pretuning is already too near the setpoint. This can produce increased overshoot. WinCC Advanced V14 System Manual, 10/2016 6505 Using technology functions 13.1 PID control Procedure To perform fine tuning, follow these steps: 1. Select the entry "Fine tuning" in the "Tuning mode" drop-down list. 2. Click the "Start" icon. - An online connection will be established. - Value recording is started. - The process of fine tuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon in the "Tuning mode" group when the progress bar has reached 100% and it is to be assumed that tuning is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If no errors occurred during fine tuning, the PID parameters have been tuned. PID_Compact switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If errors occurred during "fine tuning", PID_Compact responds with the configured response to errors. See also Parameters State and Mode V2 (Page 4013) "Manual" mode (S7-1200, S7-1500) The following section describes how you can use the "manual mode" operating mode in the commissioning window of the "PID_Compact" technology object. Manual mode is also possible when an error is pending. Requirement The "PID_Compact" instruction is called in a cyclic interrupt OB. An online connection to the CPU has been established and the CPU is in the "RUN" mode. 6506 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure Use "Manual mode" in the commissioning window if you want to test the controlled system by specifying a manual value. To define a manual value, follow these steps: 1. Click the "Start" icon. 2. Select the "Manual mode" check box in the "Online status of controller" area. PID_Compact operates in manual mode. The most recent current output value remains in effect. 3. Enter the manual value in the "Output" field as a % value. 4. Click the icon. Result The manual value is written to the CPU and immediately goes into effect. Clear the "Manual mode" check box if the output value is to be specified again by the PID controller. The switchover to automatic mode is bumpless. See also Parameters State and Mode V2 (Page 4013) 13.1.3.3 PID_Compact V1 (S7-1200) Configuring PID_Compact V1 (S7-1200) Basic settings (S7-1200) Introduction (S7-1200) Configure the following properties of the "PID_Compact" technology object under "Basic settings" in the Inspector window or in the configuration window: Physical quantity Control logic Start-up behavior after reset Setpoint (only in the Inspector window) Process value (only in the Inspector window) Output value (only in the Inspector window) WinCC Advanced V14 System Manual, 10/2016 6507 Using technology functions 13.1 PID control Setpoint, process value and output value You can only configure the setpoint, process value and output value in the Inspector window of the programming editor. Select the source for each value: Instance DB The value saved in the instance DB is used. Value must be updated in the instance DB by the user program. There should be no value at the instruction. Change via HMI possible. Instruction The value connected to the instruction is used. The value is written to the instance DB each time the instruction is called. No change via HMI possible. Controller type (S7-1200) Physical quantity Select the unit of measurement and physical quantity for the setpoint and process value in the "Controller type" group. The setpoint and process value will be displayed in this unit. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. PID_Compact does not work with negative proportional gain. Select the check box "Invert control logic" to reduce the process value with a higher output value. Examples Opening the drain valve will reduce the level of a container's contents. Increasing cooling will reduce the temperature. Start-up behavior after reset To change straight to the last active mode after restarting the CPU, select the "Enable last mode after CPU restart" check box. PID_Compact will remain in "Inactive" mode if the check box is cleared. 6508 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Setpoint (S7-1200) Procedure Proceed as follows to define a fixed setpoint: 1. Select "Instance DB". 2. Enter a setpoint, e.g. 80 C. 3. Delete any entry in the instruction. Proceed as follows to define a variable setpoint: 1. Select "Instruction". 2. Enter the name of the REAL variable in which the setpoint is saved. Program-controlled assignment of various values to the REAL variable is possible, for example for the time controlled change of the setpoint. Process value (S7-1200) PID_Compact will scale the value of the analog input to the physical quantity if you use the analog input value directly. You will need to write a program for processing if you wish first to process the analog input value. The process value is, for example, not directly proportional to the value at the analog input. The processed process value must be in floating point format. Procedure Proceed as follows to use the analog input value without processing: 1. Select the entry "Input_PER" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the address of the analog input. Proceed as follows to use the processed process value in floating point format: 1. Select the entry "Input" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the name of the variable in which the processed process value is saved. WinCC Advanced V14 System Manual, 10/2016 6509 Using technology functions 13.1 PID control Output value (S7-1200) PID_Compact offers three output values. Your actuator will determine which output value you use. Output_PER The actuator is triggered via an analog output and controlled with a continuous signal, e.g. 0...10V, 4...20mA. Output The output value needs to be processed by the user program, for example because of nonlinear actuator response. Output_PWM The actuator is controlled via a digital output. Pulse width modulation creates minimum ON and minimum OFF times. Procedure Proceed as follows to use the analog output value: 1. Select the entry "Output_PER (analog)" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the analog output. Proceed as follows to process the output value using the user program: 1. Select the entry "Output" in the drop-down list "Output". 2. Select "Instance DB". The calculated output value is saved in the instance data block. 3. For the preparation of the output value, use the output parameter Output. 4. Transfer the processed output value to the actuator via a digital or analog CPU output. Proceed as follows to use the digital output value: 1. Select the entry "Output_PWM" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the digital output. Process value settings (S7-1200) Configure the scaling of your process value and specify the process value absolute limits In the "Process value settings" configuration window. Scaling the process value If you have configured the use of Input_PER in the basic settings, you will need to convert the value of the analog input into the physical quantity of the process value. The current configuration will be displayed in the Input_PER display. 6510 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Input_PER will be scaled using a low and high value pair if the process value is directly proportional to the value of the analog input. 1. Enter the low pair of values in the "Scaled low process value" and "Low" input fields. 2. Enter the high pair of values in the "Scaled high process value" and "High" input boxes. Default settings for the value pairs are saved in the hardware configuration. Proceed as follows to use the value pairs from the hardware configuration: 1. Select the instruction PID_Compact in the programming editor. 2. Connect Input_PER with an analog input in the basic settings. 3. Click on the "Automatic setting" button in the process value settings. The existing values will be overwritten with the values from the hardware configuration. Monitoring process value Specify the absolute high and low limit of the process value. As soon as these limits are violated during operation, the controller switches off and the output value is set to 0%. You must enter reasonable limits for your controlled system. Reasonable limits are important during optimization to obtain optimal PID parameters. The default for the "High limit process value" is 120 %. At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). An error is no longer reported for a violation of the "High limit process value". Only a wire-break and a short-circuit are recognized and the PID_Compact switches to "Inactive" mode. WARNING If you set very high process value limits (for example -3.4*1038...+3.4*1038), process value monitoring will be disabled. Your system may then be damaged if an error occurs. See also Monitoring process value (Page 6512) PWM limits (Page 6512) Output value limits (Page 6514) PID parameters (Page 6515) WinCC Advanced V14 System Manual, 10/2016 6511 Using technology functions 13.1 PID control Advanced settings (S7-1200) Monitoring process value (S7-1200) Configure a warning high and low limit for the process value in the "Process value monitoring" configuration window. If one of the warning limits is exceeded or undershot during operation, a warning will be displayed at the PID_Compact instruction: At the InputWarning_H output parameter if the warning high limit has been exceeded At the InputWarning_L output parameter if the warning low limit has been undershot The warning limits must be within the process value high and low limits. The process value high and low limits will be used if you do not enter values. Example Process value high limit = 98 C; warning high limit = 90 C Warning low limit = 10 C; process value low limit = 0 C PID_Compact will respond as follows: Process value InputWarning_H InputWarning_L Operating mode > 98 C TRUE FALSE Inactive 98 C and > 90 C TRUE FALSE Automatic mode 90 C and 10 C FALSE FALSE Automatic mode < 10 C and 0 C FALSE TRUE Automatic mode < 0 C FALSE TRUE Inactive See also Process value settings (Page 6510) PWM limits (Page 6512) Output value limits (Page 6514) PID parameters (Page 6515) PWM limits (S7-1200) The value at the output parameter Output is transformed into a pulse sequence that is output at output parameter Output_PWM by means of a pulse width modulation. Output is calculated in the PID algorithm sampling time, Output_PWM is output in the PID_Compact sampling time. The PID algorithm sampling time is determined during pretuning or fine tuning. If manually setting the PID parameters, you will also need to configure the PID algorithm sampling time. The PID_Compact sampling time is equivalent to the cycle time of the calling OB. The pulse duration is proportional to the value at Output and is always an integer multiple of the PID_Compact sampling time. 6512 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 2XWSXW W PV 2XWSXWB3:0 758( )$/6( W PV PID_Compact sampling time PID algorithm sampling time Pulse duration Break time The "Minimum ON time" and the "Minimum OFF time" are rounded to an integer multiple of the PID_Compact sampling time. A pulse or a break is never shorter than the minimum ON or OFF time. The inaccuracies this causes are added up and compensated in the next cycle. Example PID_Compact sampling time = 100 ms PID algorithm sampling time = 1000 ms Minimum ON time = 200 ms Output is a constant 15%. The smallest pulse that PID_Compact can output is 20%. In the first cycle, no pulse is output. In the second cycle, the pulse not output in the first cycle is added to the pulse of the second cycle. WinCC Advanced V14 System Manual, 10/2016 6513 Using technology functions 13.1 PID control 2XWSXW 2XWSXWB3:0 W PV 758( )$/6( W PV PID_Compact sampling time PID algorithm sampling time Minimum ON time In order to minimize operation frequency and conserve the actuator, extend the minimum ON and OFF times. If you are using "Output" or "Output_PER", you must configure the value 0.0 for the minimum ON and OFF times. Note The minimum ON and OFF times only affect the output parameter Output_PWM and are not used for any pulse generators integrated in the CPU. See also Process value settings (Page 6510) Monitoring process value (Page 6512) Output value limits (Page 6514) PID parameters (Page 6515) Output value limits (S7-1200) In the "Output value limits" configuration window, configure the absolute limits of your output value in percent. Absolute output value limits are not violated in neither manual mode nor in automatic mode. If a output value outside the limits is specified in manual mode, the effective value is limited in the CPU to the configured limits. 6514 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control The valid output value limit values depend on the Output used. Output -100.0 to 100.0 Output_PER -100.0 to 100.0 Output_PWM 0.0 to 100.0 PID_Compact sets the output value to 0.0 if an error occurs. 0.0 must therefore always be within the output value limits. You will need to add an offset to Output and Output_PER in the user program if you want an output value low limit of greater than 0.0. See also Process value settings (Page 6510) Monitoring process value (Page 6512) PWM limits (Page 6512) PID parameters (Page 6515) PID parameters (S7-1200) The PID parameters are displayed in the "PID Parameters" configuration window. The PID parameters will be adapted to your controlled system during controller tuning. You do not need to enter the PID parameters manually. The PID algorithm operates according to the following equation: 1 y = Kp [ (b * w - x) + T * s (w - x) + I Symbol TD * s a * TD * s + 1 (c * w - x) ] Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time a Derivative delay coefficient (derivative delay T1 = a x TD) TD Derivative action time c Derivative action weighting The diagram below illustrates the integration of the parameters into the PID algorithm: WinCC Advanced V14 System Manual, 10/2016 6515 Using technology functions 13.1 PID control 6HWSRLQW Z E $QWL:LQGXS /,0,7 , .3 \ F 6FDOHG,QSXW [ '7 All PID parameters are retentive. If you enter the PID parameters manually, you must completely download PID_Compact. AUTOHOTSPOT Proportional gain The value specifies the proportional gain of the controller. PID_Compact does not work with a negative proportional gain. Control logic is inverted under Basic settings > Controller type. Integral action time The integral action time determines the time behavior of the integral action. The integral action is deactivated with integral action time = 0.0. Derivative action time The derivative action time determines the time behavior of the derivative action. Derivative action is deactivated with derivative action time = 0.0. Derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. 6516 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. Derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. PID algorithm sampling time The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the cycle time. All other functions of PID_Compact are executed at every call. If you use Output_PWM, the accuracy of the output signal is determined by the ratio of the PID algorithm sampling time to the cycle time of the OB. The PID algorithm sampling time corresponds to the time period of the pulse width modulation. The cycle time should be at least 10 times the PID algorithm sampling time. Rule for tuning Select whether PI or PID parameters are to be calculated in the "Controller structure" dropdown list. PID Calculates PID parameters during pretuning and fine tuning. PI Calculates PI parameters during pretuning and fine tuning. User-defined The drop-down list displays "User-defined" if you have configured different controller structures for pretuning and fine tuning via a user program. See also Downloading technology objects to device (Page 6468) WinCC Advanced V14 System Manual, 10/2016 6517 Using technology functions 13.1 PID control Commissioning PID_Compact V1 (S7-1200) Commissioning (S7-1200) The commissioning window helps you commission the PID controller. You can monitor the values for the setpoint, process value and output value along the time axis in the trend view. The following functions are supported in the commissioning window: Controller pretuning Controller fine tuning Use fine tuning for fine adjustments to the PID parameters. Monitoring the current closed-loop control in the trend view Testing the controlled system by specifying a manual output value All functions require an online connection to the CPU to have been established. Basic handling Select the desired sampling time in the "Sampling time" drop-down list. All values in the commissioning window are updated in the selected update time. Click the "Start" icon in the measuring group if you want to use the commissioning functions. Value recording is started. The current values for the setpoint, process value and output value are entered in the trend view. Operation of the commissioning window is enabled. Click the "Stop" icon if you want to end the commissioning functions. The values recorded in the trend view can continue to be analyzed. Closing the commissioning window will terminate recording in the trend view and delete the recorded values. See also Pretuning (Page 6518) Fine tuning (Page 6520) "Manual" mode (Page 6521) Pretuning (S7-1200) The pretuning determines the process response to a jump change of the output value and searches for the point of inflection. The tuned PID parameters are calculated as a function of the maximum slope and dead time of the controlled system. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. The PID parameters are backed up before being recalculated. 6518 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Requirement The "PID_Compact" instruction is called in a cyclic interrupt OB. ManualEnable = FALSE PID_Compact is in "inactive" or "manual" mode. The setpoint may not be changed during controller tuning. PID_Compact will otherwise be deactivated. The setpoint and the process value lie within the configured limits (see "Process value monitoring" configuration). The difference between setpoint and process value is greater than 30% of the difference between process value high limit and process value low limit. The distance between the setpoint and the process value is > 50% of the setpoint. Procedure To perform pretuning, follow these steps: 1. Double-click the "PID_Compact > Commissioning" entry in the project tree. 2. Select the entry "Pretuning" in the "Tuning mode" drop-down list. 3. Click the "Start" icon. - An online connection will be established. - Value recording is started. - Pretuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If pretuning was performed without an error message, the PID parameters have been tuned. PID_Compact switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If pretuning is not possible, PID_Compact will change to "Inactive" mode. See also Parameters State and sRet.i_Mode V1 (Page 4039) Commissioning (Page 6518) WinCC Advanced V14 System Manual, 10/2016 6519 Using technology functions 13.1 PID control Fine tuning (Page 6520) "Manual" mode (Page 6521) Fine tuning (S7-1200) Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are optimized for the operating point from the amplitude and frequency of this oscillation. All PID parameters are recalculated on the basis of the findings. PID parameters from fine tuning usually have better master control and disturbance behavior than PID parameters from pretuning. PID_Compact automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before being recalculated. Requirement The PID_Compact instruction is called in a cyclic interrupt OB. ManualEnable = FALSE The setpoint and the process value lie within the configured limits (see "Process value monitoring" configuration). The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. No disturbances are expected. The setpoint may not be changed during controller tuning. PID_Compact is in inactive mode, automatic mode or manual mode. Process depends on initial situation Fine tuning can be started in "inactive", "automatic" or "manual" mode. Fine tuning proceeds as follows when started in: Automatic mode Start fine tuning in automatic mode if you wish to improve the existing PID parameters using controller tuning. PID_Comact will regulate using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive or manual mode If the requirements for pretuning are met, pretuning is started. The PID parameters established will be used for adjustment until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. If pretuning is not possible, PID_Compact will change to "Inactive" mode. An attempt is made to reach the setpoint with a minimum or maximum output value if the process value for pretuning is already too near the setpoint. This can produce increased overshoot. 6520 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure Proceed as follows to carry out "fine tuning": 1. Select the entry "Fine tuning" in the "Tuning mode" drop-down list. 2. Click the "Start" icon. - An online connection will be established. - Value recording is started. - The process of fine tuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon in the "Tuning mode" group when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result The PID parameters will have been optimized if fine tuning has been executed without errors. PID_Compact changes to automatic mode and uses the optimized parameters. The optimized PID parameters will be retained during power OFF and a restart of the CPU. If errors occurred during "fine tuning", PID_Compact will change to "inactive" mode. See also Parameters State and sRet.i_Mode V1 (Page 4039) Commissioning (Page 6518) Pretuning (Page 6518) "Manual" mode (Page 6521) "Manual" mode (S7-1200) The following section describes how you can use the "Manual" operating mode in the commissioning window of the "PID Compact" technology object. Requirement The "PID_Compact" instruction is called in a cyclic interrupt OB. An online connection to the CPU has been established and the CPU is in the "RUN" mode. The functions of the commissioning window have been enabled via the "Start" icon. WinCC Advanced V14 System Manual, 10/2016 6521 Using technology functions 13.1 PID control Procedure Use "Manual mode" in the commissioning window if you want to test the process by specifying a manual value. To define a manual value, proceed as follows: 1. Select the check box "Manual mode" in the "Online status of the controller" area. PID_Compact operates in manual mode. The most recent current output value remains in effect. 2. Enter the manual value in the "Output" field as a % value. 3. Click the control icon . Result The manual value is written to the CPU and immediately goes into effect. Note PID_Compact continues to monitor the process value. If the process value limits are exceeded, PID_Compact is deactivated. Clear the "Manual mode" check box if the output value is to be specified again by the PID controller. The change to automatic mode is bumpless. See also Parameters State and sRet.i_Mode V1 (Page 4039) Commissioning (Page 6518) Pretuning (Page 6518) Fine tuning (Page 6520) 13.1.4 Using PID_3Step (S7-1200, S7-1500) 13.1.4.1 Technology object PID_3Step (S7-1200, S7-1500) The technology object PID_3Step provides a PID controller with tuning for valves or actuators with integral response. You can configure the following controllers: Three-point step controller with position feedback Three-point step controller without position feedback Valve controller with analog output value PID_3Step continuously acquires the measured process value within a control loop and compares it with the setpoint. From the resulting control deviation, PID_3Step calculates an 6522 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control output value through which the process value reaches the setpoint as quickly and steadily as possible. The output value for the PID controller consists of three actions: P action The proportional action of the output value increases in proportion to the control deviation. I action The integral action of the output value increases until the control deviation has been balanced. D action The derivative action increases with the rate of change of control deviation. The process value is corrected to the setpoint as quickly as possible. The derivative action will be reduced again if the rate of change of control deviation drops. The instruction PID_3Step calculates the proportional, integral and derivative parameters for your controlled system during pretuning. Fine tuning can be used to tune the parameters further. You do not need to manually determine the parameters. Additional information Overview of software controller (Page 6462) Add technology objects (Page 6465) Configure technology objects (Page 6466) Configuring PID_3Step V2 (Page 6523) Configuring PID_3Step V1 (Page 6540) 13.1.4.2 PID_3Step V2 (S7-1200, S7-1500) Configuring PID_3Step V2 (S7-1200, S7-1500) Basic settings (S7-1200, S7-1500) Introduction (S7-1200, S7-1500) Configure the following properties of the "PID_3Step" technology object under "Basic settings" in the Inspector window or in the configuration window: Physical quantity Control logic Start-up behavior after reset Setpoint (only in the Inspector window) Process value (only in the Inspector window) Output value (only in the Inspector window) Position feedback (only in the Inspector window) WinCC Advanced V14 System Manual, 10/2016 6523 Using technology functions 13.1 PID control Setpoint, process value, output value and position feedback You can only configure the setpoint, process value, output value and position feedback in the Inspector window of the programming editor. Select the source for each value: Instance DB The value saved in the instance DB is used. Value must be updated in the instance DB by the user program. There should be no value at the instruction. Change via HMI possible. Instruction The value connected to the instruction is used. The value is written to the instance DB each time the instruction is called. No change via HMI possible. Controller type (S7-1200, S7-1500) Physical quantity Select the physical quantity and unit of measurement for setpoint, process value, and disturbance variable in the "Controller type" group. Setpoint, process value, and disturbance variable is displayed in this unit of measurement. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. PID_3Step does not work with negative proportional gain. Select the check box "Invert control logic" to reduce the process value with a higher output value. Examples Opening the drain valve will reduce the level of a container's contents. Increasing cooling will reduce the temperature. Startup characteristics 1. To switch to "Inactive" mode after CPU restart, clear the "Activate Mode after CPU restart" check box. To switch to the operating mode saved in the Mode parameter after CPU restart, select the "Activate Mode after CPU restart" check box. 2. In the "Set Mode to" drop-down list, select the mode that is to be enabled after a complete download to the device. After a complete download to the device, PID_3Step starts in the selected operating mode. With each additional restart, PID_3Step starts in the mode that was last saved in Mode. Example You have selected the "Activate Mode after CPU restart" check box and the entry "Pretuning" in the "Set Mode to" list. After a complete download to the device, PID_3Step starts in the "Pretuning" mode. If pretuning is still active, PID_3Step starts in "Pretuning" mode again after 6524 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control restart of the CPU. If pretuning was successfully completed and automatic mode is active, PID_3Step starts in "Automatic mode" after restart of the CPU. Setpoint (S7-1200, S7-1500) Procedure Proceed as follows to define a fixed setpoint: 1. Select "Instance DB". 2. Enter a setpoint, e.g. 80 C. 3. Delete any entry in the instruction. Proceed as follows to define a variable setpoint: 1. Select "Instruction". 2. Enter the name of the REAL variable in which the setpoint is saved. Program-controlled assignment of various values to the REAL variable is possible, for example for the time controlled change of the setpoint. Process value (S7-1200, S7-1500) PID_3Step will scale the value of the analog input to the physical quantity if you use the analog input value directly. You will need to write a program for processing if you wish first to process the analog input value. The process value is, for example, not directly proportional to the value at the analog input. The processed process value must be in floating point format. Procedure Proceed as follows to use the analog input value without processing: 1. Select the entry "Input_PER" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the address of the analog input. Proceed as follows to use the processed process value in floating point format: 1. Select the entry "Input" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the name of the variable in which the processed process value is saved. Position feedback (S7-1200, S7-1500) Position feedback configuration depends upon the actuator used. Actuator without position feedback Actuator with digital endstop signals WinCC Advanced V14 System Manual, 10/2016 6525 Using technology functions 13.1 PID control Actuator with analog position feedback Actuator with analog position feedback and endstop signals Actuator without position feedback Proceed as follows to configure PID_3Step for an actuator without position feedback: 1. Select the entry "No Feedback" in the drop-down list "Feedback". Actuator with digital endstop signals Proceed as follows to configure PID_3Step for an actuator with endstop signals: 1. Select the entry "No Feedback" in the drop-down list "Feedback". 2. Activate the "Actuator endstop signals" check box. 3. Select "Instruction" as source for Actuator_H and Actuator_L. 4. Enter the addresses of the digital inputs for Actuator_H and Actuator_L. Actuator with analog position feedback Proceed as follows to configure PID_3Step for an actuator with analog position feedback: 1. Select the entry "Feedback" or "Feedback_PER" in the drop-down list "Feedback". - Use the analog input value for Feedback_PER. Configure Feedback_PER scaling in the actuator settings. - Process the analog input value for Feedback using your user program. 2. Select "Instruction" as source. 3. Enter the address of the analog input or the variable of your user program. Actuator with analog position feedback and endstop signals Proceed as follows to configure PID_3Step for an actuator with analog position feedback and endstop signals: 1. Select the entry "Feedback" or "Feedback_PER" in the drop-down list "Feedback". 2. Select "Instruction" as source. 3. Enter the address of the analog input or the variable of your user program. 4. Activate the "Actuator endstop signals" check box. 5. Select "Instruction" as source for Actuator_H and Actuator_L. 6. Enter the addresses of the digital inputs for Actuator_H and Actuator_L. 6526 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Output value (S7-1200, S7-1500) PID_3Step offers an analog output value (Output_PER) and digital output values (Output_UP, Output_DN). Your actuator will determine which output value you use. Output_PER The actuator is triggered via an analog output and controlled with a continuous signal, e.g. 0...10V, 4...20mA. Output_UP, Output_DN The actuator is controlled via two digital outputs. Procedure Proceed as follows to use the analog output value: 1. Select the entry "Output (analog)" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the analog output. Proceed as follows to use the digital output value: 1. Select the entry "Output (digital)" in the drop-down list "Output". 2. Select "Instruction" for Output_UP and Output_DN. 3. Enter the addresses of the digital outputs. Proceed as follows to process the output value using the user program: 1. Select the entry corresponding to the actuator in the drop-down list "Output". 2. Select "Instruction". 3. Enter the name of the variable you are using to process the output value. 4. Transfer the processed output value to the actuator by means of an analog or digital CPU output. Process value settings (S7-1200, S7-1500) Scaling the process value (S7-1200, S7-1500) If you have configured the use of Input_PER in the basic setting, you must convert the value of the analog input to the physical quantity of the process value. The current configuration is displayed in the Input_PER display. Input_PER will be scaled using a low and high value pair if the process value is directly proportional to the value of the analog input. Procedure To scale the process value, follow these steps: 1. Enter the low pair of values in the "Scaled low process value" and "Low" text boxs. 2. Enter the high pair of values in the "Scaled high process value" and "High" input boxes. WinCC Advanced V14 System Manual, 10/2016 6527 Using technology functions 13.1 PID control Default settings for the value pairs are stored in the hardware configuration. To use the value pairs from the hardware configuration, follow these steps: 1. Select the PID_3Step instruction in the programming editor. 2. Interconnect Input_PER with an analog input in the basic settings. 3. Click the "Automatic setting" button in the process value settings. The existing values will be overwritten with the values from the hardware configuration. Process value limits (S7-1200, S7-1500) You must specify an appropriate absolute high limit and low limit for the process value as limit values for your controlled system. As soon as the process value violates these limits, an error occurs (ErrorBits = 0001h). Tuning is canceled when the process value limits are violated. You can specify how PID_3Step responds to errors in automatic mode in the actuator settings. Actuator settings (S7-1200, S7-1500) Actuator (S7-1200, S7-1500) Actuator-specific times Configure the motor transition time and the minimum ON and OFF times to prevent damage to the actuator. You can find the specifications in the actuator data sheet. The motor transition time is the time in seconds the motor requires to move the actuator from the closed to the opened state. You can measure the motor transition time during commissioning. The motor transition time is retentive. If you enter the motor transition time manually, you must completely download PID_3Step. Downloading technology objects to device (Page 6468) If you are using "Output_UP" or "Output_DN", you can reduce the switching frequency with the minimum on and minimum OFF time. The on or off times calculated are totaled in automatic mode and only become effective when the sum is greater than or equal to the minimum on or OFF time. Manual_UP = TRUE or Manual_DN = TRUE in manual mode operates the actuator for at least the minimum ON or OFF time. 6528 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Reaction to error PID_3Step is preset so that the controller stays active in most cases in the event of an error. If errors occur frequently in controller mode, this default reaction has a negative effect on the control response. In this case, check the Errorbits parameter and eliminate the cause of the error. NOTICE Your system may be damaged. If you output "Current value while error pending" or "Substitute output value while error pending" in the event of an error, PID_3Step remains in automatic mode even if the process value limits are violated. This may damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. PID_3Step generates a programmable output value in response to an error: Current value PID_3Step is switched off and no longer modifies the actuator position. Current value for error while error is pending The controller functions of PID_3Step are switched off and the position of the actuator is no longer changed. If the following errors occur in automatic mode, PID_3Step returns to automatic mode as soon as the errors are no longer pending. - 0002h: Invalid value at Input_PER parameter. - 0200h: Invalid value at Input parameter. - 0400h: Calculation of output value failed. - 1000h: Invalid value at Setpoint parameter. - 2000h: Invalid value at Feedback_PER parameter. - 4000h: Invalid value at Feedback parameter. - 8000h: Error during digital position feedback. - 20000h: Invalid value at SavePosition tag. If one or more of the following errors occur, PID_3Step stays in automatic mode: - 0001h: The Input parameter is outside the process value limits. - 0800h: Sampling time error - 40000h: Invalid value at Disturbance parameter. PID_3Step remains in manual mode if an error occurs in manual mode. If an error occurs during tuning or transition time measurement, PID_3Step switches to the mode in which tuning or transition time measurement was started. Only in the event of the following error is tuning not aborted: - 0020h: Pretuning is not permitted during fine tuning. WinCC Advanced V14 System Manual, 10/2016 6529 Using technology functions 13.1 PID control Substitute output value PID_3Step moves the actuator to the substitute output value and then switches off. Substitute output value while error is pending PID_3Step moves the actuator to the substitute output value. When the substitute output value is reached, PID_3Step reacts as it does with "Current value for while error is pending". Enter the substitute output value in "%". Only substitute output values 0% and 100% can be approached precisely in the case of actuators without analog position feedback. A substitute output value not equal to 0% or 100% is approached via an internally simulated position feedback. This procedure does not, however, allow the exact approach of substitute output value. All substitute output values can be approached precisely with actuators with analog position feedback. Scaling position feedback (S7-1200, S7-1500) Scaling position feedback If you have configured the use of Feedback_PER in the basic settings, you will need to convert the value of the analog input into %. The current configuration will be displayed in the "Feedback" display. Feedback_PER is scaled using a low and high value pair. 1. Enter the low pair of values in the "Low endstop" and "Low" input boxes. 2. Enter the high pair of values in the "High endstop" and "High" input boxes. "Low endstop" must be less than "High endstop"; "Low" must be less than "High". The valid values for "High endstop" and "Low endstop" depend upon: No Feedback, Feedback, Feedback_PER Output (analog), Output (digital) Output Feedback Low endstop High endstop Output (digital) No Feedback Cannot be set (0.0%) Cannot be set (100.0%) Output (digital) Feedback -100.0% or 0.0% 0.0% or +100.0% Output (digital) Feedback_PER -100.0% or 0.0% 0.0% or +100.0% Output (analog) No Feedback Cannot be set (0.0%) Cannot be set (100.0%) Output (analog) Feedback -100.0% or 0.0% 0.0% or +100.0% Output (analog) Feedback_PER -100.0% or 0.0% 0.0% or +100.0% Output value limits (S7-1200, S7-1500) Limiting the output value You can exceed or undershoot the output value limits during the transition time measurement and with mode = 10. The output value is limited to these values in all other modes. 6530 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Enter the absolute output value limits in the "Output value high limit" and "Output value low limit" input boxes. The output value limits must be within "Low endstop" and "High endstop". If no Feedback is available and Output (digital) is set, you cannot limit the output value. Output_UP and Output_DN are then reset upon Actuator_H = TRUE or Actuator_L = TRUE. If no endstop signals are available, Output_UP and Output_DN are reset after a travel time of 150% of the motor actuating time. Advanced settings (S7-1200, S7-1500) Monitoring process value (S7-1200, S7-1500) Configure a warning high and low limit for the process value in the "Process value monitoring" configuration window. If one of the warning limits is exceeded or undershot during operation, a warning will be displayed at the PID_3Step instruction: At the InputWarning_H output parameter if the warning high limit has been exceeded At the InputWarning_L output parameter if the warning low limit has been undershot The warning limits must be within the process value high and low limits. The process value high and low limits will be used if you do not enter values. Example Process value high limit = 98 C; warning high limit = 90 C Warning low limit = 10 C; process value low limit = 0 C PID_3Step will respond as follows: Process value InputWarn ing_H InputWarn ing_L Error Bits Operating mode > 98 C TRUE FALSE 0001h As configured 98 C and > 90 C TRUE FALSE 0000h Automatic mode 90 C and 10 C FALSE FALSE 0000h Automatic mode < 10 C and 0 C FALSE TRUE 0000h Automatic mode < 0 C FALSE TRUE 0001h As configured In the actuator settings, you can configure the response of PID_3Step when the process value high limit or low limit is violated. PID parameters (S7-1200, S7-1500) The PID parameters are displayed in the "PID Parameters" configuration window. The PID parameters will be adapted to your controlled system during controller tuning. You do not need to enter the PID parameters manually. The PID algorithm operates according to the following equation: WinCC Advanced V14 System Manual, 10/2016 6531 Using technology functions 13.1 PID control 1 [ y = K p * s * (b * w - x) + Symbol TI * s (w - x) + TD * s a * TD * s + 1 (c * w - x) ] Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting w Setpoint x Process value TI Integral action time a Derivative delay coefficient (derivative delay T1 = a x TD) TD Derivative action time c Derivative action weighting The diagram below illustrates the integration of the parameters into the PID algorithm: E 6HWSRLQW Z ' . 3 \ 'HDGB% '7 F 7L , 6FDOHG,QSXW [ )DF7W $QWL:LQGXS All PID parameters are retentive. If you enter the PID parameters manually, you must completely download PID_3Step. Downloading technology objects to device (Page 6468) Proportional gain The value specifies the proportional gain of the controller. PID_3Step does not work with a negative proportional gain. Control logic is inverted under Basic settings > Controller type. 6532 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Integral action time The integral action time determines the time behavior of the integral action. The integral action is deactivated with integral action time = 0.0. Derivative action time The derivative action time determines the time behavior of the derivative action. Derivative action is deactivated with derivative action time = 0.0. Derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. Derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. PID algorithm sampling time The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the PID_3Step sampling time. All other functions of PID_3Step are executed at every call. WinCC Advanced V14 System Manual, 10/2016 6533 Using technology functions 13.1 PID control Deadband width The deadband suppresses the noise component in the steady controller state. The deadband width specifies the size of the deadband. The deadband is off if the deadband width is 0.0. Commissioning PID_3Step V2 (S7-1200, S7-1500) Pretuning (S7-1200, S7-1500) The pretuning determines the process response to a pulse of the output value and searches for the point of inflection. The tuned PID parameters are calculated as a function of the maximum slope and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. This is most likely the case in operating modes "Inactive" and "manual mode". The PID parameters are backed up before being recalculated. The setpoint is frozen during pretuning. Requirement The PID_3Step instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE The motor transition time has been configured or measured. PID_3Step is in one of the following modes: "Inactive", "Manual mode", or "Automatic mode". The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). 6534 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure To perform pretuning, follow these steps: 1. Double-click the "PID_3Step > Commissioning" entry in the project tree. 2. Select the entry "Pretuning" in the "Tuning mode" drop-down list in the working area "Tuning". 3. Click the "Start" icon. - An online connection will be established. - Value recording is started. - Pretuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If pretuning was performed without an error message, the PID parameters have been tuned. PID_3Step switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If pretuning is not possible, PID_3Step responds with the configured reaction to errors. Fine tuning (S7-1200, S7-1500) Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are tuned for the operating point from the amplitude and frequency of this oscillation. All PID parameters are recalculated from the results. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_3Step automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before being recalculated. The setpoint is frozen during fine tuning. Requirement The PID_3Step instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE The motor transition time has been configured or measured. WinCC Advanced V14 System Manual, 10/2016 6535 Using technology functions 13.1 PID control The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. No disturbances are expected. PID_3Step is in inactive mode, automatic mode or manual mode. Process depends on initial situation Fine tuning proceeds as follows when started from: Automatic mode Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_3Step controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive or manual mode Pretuning is always started first. The determined PID parameters will be used for control until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Procedure To perform fine tuning, follow these steps: 1. Select the entry "Fine tuning" in the "Tuning mode" drop-down list. 2. Click the "Start" icon. - An online connection will be established. - Value recording is started. - The process of fine tuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon in the "Tuning mode" group when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If no errors occurred during fine tuning, the PID parameters have been tuned. PID_3Step switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. 6536 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control If errors occurred during fine tuning, PID_3Step responds with the configured response to errors. Commissioning with manual PID parameters (S7-1200, S7-1500) Requirement The PID_3Step instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE The motor transition time has been configured or measured. PID_3Step is in "inactive" mode. The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). Procedure Proceed as follows to commission PID_3Step with manual PID parameters: 1. Double-click on "PID_3Step > Configuration" in the project tree. 2. Click on "Advanced settings > PID Parameters" in the configuration window. 3. Select the check box "Enable direct input". 4. Enter the PID parameters. 5. Double-click the "PID_3Step > Commissioning" entry in the project tree. 6. Establish an online connection to the CPU. 7. Load the PID parameters to the CPU. 8. Click the "Start PID_3Step" icon. Result PID_3Step changes to automatic mode and controls using the current PID parameters. See also PID parameters (Page 6531) WinCC Advanced V14 System Manual, 10/2016 6537 Using technology functions 13.1 PID control Measuring the motor transition time (S7-1200, S7-1500) Introduction PID_3Step requires the motor transition time to be as accurate as possible for good controller results. The data in the actuator documentation contains average values for this type of actuator. The value for the specific actuator used may differ. You can measure the motor transition time during commissioning if you are using actuators with position feedback or endstop signals. The output value limits are not taken into consideration during the motor transition time measurement. The actuator can travel to the high or the low endstop. The motor transition time cannot be measured if neither position feedback nor endstop signals are available. Actuators with analog position feedback Proceed as follows to measure motor transition time with position feedback: Requirement Feedback or Feedback_PER has been selected in the basic settings and the signal has been connected. An online connection to the CPU has been established. 1. Select the "Use position feedback" check box. 2. Enter the position to which the actuator is to be moved in the "Target position" input field. The current position feedback (starting position) will be displayed. The difference between "Target position" and "Position feedback" must be at least 50% of the valid output value range. 3. Click the "Start" icon. Result The actuator is moved from the starting position to the target position. Time measurement starts immediately and ends when the actuator reaches the target position. The motor transition time is calculated according to the following equation: Motor transition time = (output value high limit - output value low limit) x Measuring time / AMOUNT (target position - starting position). The progress and status of transition time measurement are displayed. The transition time measured is saved in the instance data block on the CPU and displayed in the "Measured transition time" field. When the transition time measurement is ended and ActivateRecoverMode = TRUE, PID_3Step switches to the operating mode from which the 6538 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control transition time measurement was started. If the transition time measurement is ended and ActivateRecoverMode = FALSE, PID_3Step changes to "Inactive" mode. Note Click on the icon "Upload measured transition time" to load the motor transition time measured to the project. Actuators with endstop signals Proceed as follows to measure the transition time of actuators with endstop signals: Requirement The "Endstop signals" check box in the basic settings has been selected and Actuator_H and Actuator_L are connected. An online connection to the CPU has been established. Proceed as follows to measure motor transition time with endstop signals: 1. Select the "Use actuator endstop signals" check box. 2. Select the direction in which the actuator is to be moved. - Open - Close - Open The actuator is moved first to the high endstop, then to the low endstop and then back to the high endstop. - Close - Open - Close The actuator is moved first to the low endstop, then to the high endstop and then back to the low endstop. 3. Click the "Start" icon. Result The actuator is moved in the selected direction. Time measurement will start once the actuator has reached the first endstop and will end when the actuator reaches this endstop for the second time. The motor transition time is equal to the time measured divided by two. The progress and status of transition time measurement are displayed. The transition time measured is saved in the instance data block on the CPU and displayed in the "Measured transition time" field. When the transition time measurement is ended and ActivateRecoverMode = TRUE, PID_3Step switches to the operating mode from which the transition time measurement was started. If the transition time measurement is ended and ActivateRecoverMode = FALSE, PID_3Step changes to "Inactive" mode. Cancelling transition time measurement PID_3Step switches to "Inactive" mode if you cancel transition time measurement by pressing the Stop button. WinCC Advanced V14 System Manual, 10/2016 6539 Using technology functions 13.1 PID control 13.1.4.3 PID_3Step V1 (S7-1200) Configuring PID_3Step V1 (S7-1200) Basic settings (S7-1200) Introduction (S7-1200) Configure the following properties of the "PID_3Step" technology object under "Basic settings" in the Inspector window or in the configuration window: Physical quantity Control logic Start-up behavior after reset Setpoint (only in the Inspector window) Process value (only in the Inspector window) Output value (only in the Inspector window) Position feedback (only in the Inspector window) Setpoint, process value, output value and position feedback You can only configure the setpoint, process value, output value and position feedback in the Inspector window of the programming editor. Select the source for each value: Instance DB The value saved in the instance DB is used. Value must be updated in the instance DB by the user program. There should be no value at the instruction. Change via HMI possible. Instruction The value connected to the instruction is used. The value is written to the instance DB each time the instruction is called. No change via HMI possible. Controller type (S7-1200) Physical quantity Select the unit of measurement and physical quantity for the setpoint and process value in the "Controller type" group. The setpoint and process value will be displayed in this unit. Control logic An increase of the output value is generally intended to cause an increase in the process value. This is referred to as a normal control logic. 6540 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID_3Step does not work with negative proportional gain. Select the check box "Invert control logic" to reduce the process value with a higher output value. Examples Opening the drain valve will reduce the level of a container's contents. Increasing cooling will reduce the temperature. Start-up behavior after reset To change straight to the last active mode after restarting the CPU, select the "Enable last mode after CPU restart" check box. PID_3Step will remain in "Inactive" mode if the check box is cleared. Setpoint (S7-1200) Procedure Proceed as follows to define a fixed setpoint: 1. Select "Instance DB". 2. Enter a setpoint, e.g. 80 C. 3. Delete any entry in the instruction. Proceed as follows to define a variable setpoint: 1. Select "Instruction". 2. Enter the name of the REAL variable in which the setpoint is saved. Program-controlled assignment of various values to the REAL variable is possible, for example for the time controlled change of the setpoint. Process value (S7-1200) PID_3Step will scale the value of the analog input to the physical quantity if you use the analog input value directly. You will need to write a program for processing if you wish first to process the analog input value. The process value is, for example, not directly proportional to the value at the analog input. The processed process value must be in floating point format. Procedure Proceed as follows to use the analog input value without processing: 1. Select the entry "Input_PER" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the address of the analog input. WinCC Advanced V14 System Manual, 10/2016 6541 Using technology functions 13.1 PID control Proceed as follows to use the processed process value in floating point format: 1. Select the entry "Input" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the name of the variable in which the processed process value is saved. Position feedback (S7-1200) Position feedback configuration depends upon the actuator used. Actuator without position feedback Actuator with digital endstop signals Actuator with analog position feedback Actuator with analog position feedback and endstop signals Actuator without position feedback Proceed as follows to configure PID_3Step for an actuator without position feedback: 1. Select the entry "No Feedback" in the drop-down list "Feedback". Actuator with digital endstop signals Proceed as follows to configure PID_3Step for an actuator with endstop signals: 1. Select the entry "No Feedback" in the drop-down list "Feedback". 2. Activate the "Actuator endstop signals" check box. 3. Select "Instruction" as source for Actuator_H and Actuator_L. 4. Enter the addresses of the digital inputs for Actuator_H and Actuator_L. Actuator with analog position feedback Proceed as follows to configure PID_3Step for an actuator with analog position feedback: 1. Select the entry "Feedback" or "Feedback_PER" in the drop-down list "Feedback". - Use the analog input value for Feedback_PER. Configure Feedback_PER scaling in the actuator settings. - Process the analog input value for Feedback using your user program. 2. Select "Instruction" as source. 3. Enter the address of the analog input or the variable of your user program. 6542 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Actuator with analog position feedback and endstop signals Proceed as follows to configure PID_3Step for an actuator with analog position feedback and endstop signals: 1. Select the entry "Feedback" or "Feedback_PER" in the drop-down list "Feedback". 2. Select "Instruction" as source. 3. Enter the address of the analog input or the variable of your user program. 4. Activate the "Actuator endstop signals" check box. 5. Select "Instruction" as source for Actuator_H and Actuator_L. 6. Enter the addresses of the digital inputs for Actuator_H and Actuator_L. Output value (S7-1200) PID_3Step offers an analog output value (Output_PER) and digital output values (Output_UP, Output_DN). Your actuator will determine which output value you use. Output_PER The actuator is triggered via an analog output and controlled with a continuous signal, e.g. 0...10V, 4...20mA. Output_UP, Output_DN The actuator is controlled via two digital outputs. Procedure Proceed as follows to use the analog output value: 1. Select the entry "Output (analog)" in the drop-down list "Output". 2. Select "Instruction". 3. Enter the address of the analog output. Proceed as follows to use the digital output value: 1. Select the entry "Output (digital)" in the drop-down list "Output". 2. Select "Instruction" for Output_UP and Output_DN. 3. Enter the addresses of the digital outputs. Proceed as follows to process the output value using the user program: 1. Select the entry corresponding to the actuator in the drop-down list "Output". 2. Select "Instruction". 3. Enter the name of the variable you are using to process the output value. 4. Transfer the processed output value to the actuator by means of an analog or digital CPU output. WinCC Advanced V14 System Manual, 10/2016 6543 Using technology functions 13.1 PID control Process value settings (S7-1200) Configure the scaling of your process value and specify the process value absolute limits In the "Process value settings" configuration window. Scaling the process value If you have configured the use of Input_PER in the basic settings, you will need to convert the value of the analog input into the physical quantity of the process value. The current configuration will be displayed in the Input_PER display. Input_PER will be scaled using a low and high value pair if the process value is directly proportional to the value of the analog input. 1. Enter the low pair of values in the "Scaled low process value" and "Low" input fields. 2. Enter the high pair of values in the "Scaled high process value" and "High" input boxes. Default settings for the value pairs are saved in the hardware configuration. Proceed as follows to use the value pairs from the hardware configuration: 1. Select the instruction PID_3Step in the programming editor. 2. Connect Input_PER to an analog input in the basic settings. 3. Click on the "Automatic setting" button in the process value settings. The existing values will be overwritten with the values from the hardware configuration. Monitoring process value Specify the absolute high and low limit of the process value. You must enter reasonable limits for your controlled system. Reasonable limits are important during optimization to obtain optimal PID parameters. The default for the "High limit process value" is 120 %. At the I/O input, the process value can be a maximum of 18% higher than the standard range (overrange). This setting ensures that an error is no longer signaled due to a violation of the "Process value high limit". Only a wire-break and a short-circuit are recognized and PID_3Step reacts according to the configured reaction to error. NOTICE Your system may be damaged. If you set very high process value limits (for example -3.4*1038...+3.4*1038), process value monitoring will be disabled. Your system may then be damaged if an error occurs. You need to configure useful process value limits for your controlled system. Actuator settings (S7-1200) Actuator-specific times Configure the motor transition time and the minimum ON and OFF times to prevent damage to the actuator. You can find the specifications in the actuator data sheet. 6544 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control The motor transition time is the time in seconds the motor requires to move the actuator from the closed to the opened state. The maximum time that the actuator is moved in one direction is 110% of the motor transition time. You can measure the motor transition time during commissioning. If you are using "Output_UP" or "Output_DN", you can reduce the switching frequency with the minimum on and minimum OFF time. The on or off times calculated are totaled in automatic mode and only become effective when the sum is greater than or equal to the minimum on or OFF time. A rising edge at Manual_UP or Manual_DN in manual mode will operate the actuator for at least the minimum on or OFF time. Reaction to error PID_3Step is preset so that the controller stays active in most cases in the event of an error. If errors occur frequently in controller mode, this default reaction has a negative effect on the control response. In this case, check the Errorbits parameter and eliminate the cause of the error. PID_3Step generates a programmable output value in response to an error: Current value PID_3Step is switched off and no longer modifies the actuator position. Current value for error while error is pending The controller functions of PID_3Step are switched off and the position of the actuator is no longer changed. If the following errors occur in automatic mode, PID_3Step returns to automatic mode as soon as the errors are no longer pending. - 0002h: Invalid value at Input_PER parameter. - 0200h: Invalid value at Input parameter. - 0800h: Sampling time error - 1000h: Invalid value at Setpoint parameter. - 2000h: Invalid value at Feedback_PER parameter. - 4000h: Invalid value at Feedback parameter. - 8000h: Error during digital position feedback. If one of these error occurs in manual mode, PID_3Step remains in manual mode. If an error occurs during the tuning or transition time measurement, PID_3Step is switched off. Substitute output value PID_3Step moves the actuator to the substitute output value and then switches off. Substitute output value while error is pending PID_3Step moves the actuator to the substitute output value. When the substitute output value is reached, PID_3Step reacts as it does with "Current value for while error is pending". Enter the substitute output value in "%". Only substitute output values 0% and 100% can be approached precisely in the case of actuators without analog position feedback. The actuator is moved in one direction at 110% WinCC Advanced V14 System Manual, 10/2016 6545 Using technology functions 13.1 PID control of the motor transition time to ensure the high or low endstop is reached. There endstop signals take priority. A substitute output value not equal to 0% or 100% is approached via an internally simulated position feedback. This procedure does not, however, allow the exact approach of substitute output value. All substitute output values can be approached precisely with actuators with analog position feedback. Scaling position feedback If you have configured the use of Feedback_PER in the basic settings, you will need to convert the value of the analog input into %. The current configuration will be displayed in the "Feedback" display. Feedback_PER is scaled using a low and high value pair. 1. Enter the low pair of values in the "Low endstop" and "Low" input boxes. 2. Enter the high pair of values in the "High endstop" and "High" input boxes. "Low endstop" must be less than "High endstop"; "Low" must be less than "High". The valid values for "High endstop" and "Low endstop" depend upon: No Feedback, Feedback, Feedback_PER Output (analog), Output (digital) Output Feedback Low endstop High endstop Output (digital) No Feedback Cannot be set (0.0%) Cannot be set (100.0%) Output (digital) Feedback -100.0% or 0.0% 0.0% or +100.0% Output (digital) Feedback_PER -100.0% or 0.0% 0.0% or +100.0% Output (analog) No Feedback Cannot be set (0.0%) Cannot be set (100.0%) Output (analog) Feedback -100.0% or 0.0% 0.0% or +100.0% Output (analog) Feedback_PER -100.0% or 0.0% 0.0% or +100.0% Limiting the output value You can only exceed or undershoot the output value limits during the transition time measurement. The output value is limited to these values in all other modes. Enter the absolute output value limits in the "Output value high limit" and "Output value low limit" input boxes. The output value limits must be within "Low endstop" and "High endstop". If no Feedback is available and Output (digital) is set, you cannot limit the output value. The digital outputs are reset with Actuator_H = TRUE or Actuator_L = TRUE, or after a travel time amounting to 110% of the motor transition time. 6546 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Advanced settings (S7-1200) Monitoring process value (S7-1200) Configure a warning high and low limit for the process value in the "Process value monitoring" configuration window. If one of the warning limits is exceeded or undershot during operation, a warning will be displayed at the PID_3Step instruction: At the InputWarning_H output parameter if the warning high limit has been exceeded At the InputWarning_L output parameter if the warning low limit has been undershot The warning limits must be within the process value high and low limits. The process value high and low limits will be used if you do not enter values. Example Process value high limit = 98 C; warning high limit = 90 C Warning low limit = 10 C; process value low limit = 0 C PID_3Step will respond as follows: Process value InputWarning_H InputWarning_L Operating mode > 98 C TRUE FALSE Inactive 98 C and > 90 C TRUE FALSE Automatic mode 90 C and 10 C FALSE FALSE Automatic mode < 10 C and 0 C FALSE TRUE Automatic mode < 0 C FALSE TRUE Inactive PID parameters (S7-1200) The PID parameters are displayed in the "PID Parameters" configuration window. The PID parameters will be adapted to your controlled system during controller tuning. You do not need to enter the PID parameters manually. The PID algorithm operates according to the following equation: [ y = K p * s * (b * w - x) + 1 TI * s (w - x) + Symbol Description y Output value of the PID algorithm Kp Proportional gain s Laplace operator b Proportional action weighting WinCC Advanced V14 System Manual, 10/2016 TD * s a * TD * s + 1 (c * w - x) ] 6547 Using technology functions 13.1 PID control w Setpoint x Process value TI Integral action time a Derivative delay coefficient (derivative delay T1 = a x TD) TD Derivative action time c Derivative action weighting The diagram below illustrates the integration of the parameters into the PID algorithm: E 6HWSRLQW Z '7 F ' . 3 \ 'HDGB% 7L , 6FDOHG,QSXW [ )DF7W $QWL:LQGXS All PID parameters are retentive. If you enter the PID parameters manually, you must completely download PID_3Step. AUTOHOTSPOT Proportional gain The value specifies the proportional gain of the controller. PID_3Step does not work with a negative proportional gain. Control logic is inverted under Basic settings > Controller type. Integral action time The integral action time determines the time behavior of the integral action. The integral action is deactivated with integral action time = 0.0. Derivative action time The derivative action time determines the time behavior of the derivative action. Derivative action is deactivated with derivative action time = 0.0. Derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. 6548 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. Derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. PID algorithm sampling time The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of the PID algorithm represents the time between two calculations of the output value. It is calculated during tuning and rounded to a multiple of the PID_3Step sampling time. All other functions of PID_3Step are executed at every call. Deadband width The deadband suppresses the noise component in the steady controller state. The deadband width specifies the size of the deadband. The deadband is off if the deadband width is 0.0. See also Downloading technology objects to device (Page 6468) WinCC Advanced V14 System Manual, 10/2016 6549 Using technology functions 13.1 PID control Commissioning PID_3Step V1 (S7-1200) Commissioning (S7-1200) You can monitor the setpoint, process value and output value over time in the "Tuning" working area. The following commissioning functions are supported in the curve plotter: Controller pretuning Controller fine tuning Monitoring the current closed-loop control in the trend view All functions require an online connection to the CPU to have been established. Basic handling Select the desired sampling time in the "Sampling time" drop-down list. All values in the tuning working area are updated in the selected update time. Click the "Start" icon in the measuring group if you want to use the commissioning functions. Value recording is started. The current values for the setpoint, process value and output value are entered in the trend view. Operation of the commissioning window is enabled. Click the "Stop" icon if you want to end the commissioning functions. The values recorded in the trend view can continue to be analyzed. Closing the commissioning window will terminate recording in the trend view and delete the recorded values. Pretuning (S7-1200) The pretuning determines the process response to a pulse of the output value and searches for the point of inflection. The tuned PID parameters are calculated as a function of the maximum slope and dead time of the controlled system. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. The PID parameters are backed up before being recalculated. The setpoint is frozen during pretuning. Requirement The PID_3Step instruction is called in a cyclic interrupt OB. ManualEnable = FALSE PID_3Step is in "inactive" or "manual" mode. The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). 6550 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Procedure To perform pretuning, follow these steps: 1. Double-click the "PID_3Step > Commissioning" entry in the project tree. 2. Select the entry "Pretuning" in the "Tuning mode" drop-down list in the working area "Tuning". 3. Click the "Start" icon. - An online connection will be established. - Value recording is started. - Pretuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If pretuning was performed without an error message, the PID parameters have been tuned. PID_3Step switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If pretuning is not possible, PID_3Step changes to "Inactive" mode. Fine tuning (S7-1200) Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are optimized for the operating point from the amplitude and frequency of this oscillation. All PID parameters are recalculated on the basis of the findings. PID parameters from fine tuning usually have better master control and disturbance behavior than PID parameters from pretuning. PID_3Step automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before being recalculated. The setpoint is frozen during fine tuning. Requirement The PID_3Step instruction is called in a cyclic interrupt OB. ManualEnable = FALSE The motor transition time has been configured or measured. The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). WinCC Advanced V14 System Manual, 10/2016 6551 Using technology functions 13.1 PID control The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. No disturbances are expected. PID_3Step is in inactive mode, automatic mode or manual mode. Process depends on initial situation Fine tuning proceeds as follows when started in: Automatic mode Start fine tuning in automatic mode if you wish to improve the existing PID parameters using controller tuning. PID_3Step will regulate using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive or manual mode Pretuning is always started first. The PID parameters established will be used for adjustment until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Procedure Proceed as follows to carry out "fine tuning": 1. Select the entry "Fine tuning" in the "Tuning mode" drop-down list. 2. Click the "Start" icon. - An online connection will be established. - Value recording is started. - The process of fine tuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon in the "Tuning mode" group when the progress bar has reached 100% and it is to be assumed the controller tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result The PID parameters will have been optimized if fine tuning has been executed without errors. PID_3Step changes to automatic mode and uses the optimized parameters. The optimized PID parameters will be retained during power OFF and a restart of the CPU. If errors occurred during fine tuning, PID_3Step will change to "inactive" mode. 6552 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Commissioning with manual PID parameters (S7-1200) Procedure Proceed as follows to commission PID_3Step with manual PID parameters: 1. Double-click on "PID_3Step > Configuration" in the project tree. 2. Click on "Advanced settings > PID Parameters" in the configuration window. 3. Select the check box "Enable direct input". 4. Enter the PID parameters. 5. Double-click on "PID_3Step > Commissioning" in the project tree. 6. Establish an online connection to the CPU. 7. Load the PID parameters to the CPU. 8. Click on the "Activate controller" icon. Result PID_3Step changes to automatic mode and controls using the current PID parameters. Measuring the motor transition time (S7-1200) Introduction PID_3Step requires the motor transition time to be as accurate as possible for good controller results. The data in the actuator documentation contains average values for this type of actuator. The value for the specific actuator used may differ. You can measure the motor transition time during commissioning if you are using actuators with position feedback or endstop signals. The output value limits are not taken into consideration during the motor transition time measurement. The actuator can travel to the high or the low endstop. The motor transition time cannot be measured if neither position feedback nor endstop signals are available. Actuators with analog position feedback Proceed as follows to measure motor transition time with position feedback: Requirement Feedback or Feedback_PER has been selected in the basic settings and the signal has been connected. An online connection to the CPU has been established. WinCC Advanced V14 System Manual, 10/2016 6553 Using technology functions 13.1 PID control 1. Select the "Use position feedback" check box. 2. Enter the position to which the actuator is to be moved in the "Target position" input field. The current position feedback (starting position) will be displayed. The difference between "Target position" and "Position feedback" must be at least 50% of the valid output value range. 3. Click the "Start transition time measurement" icon. Result The actuator is moved from the starting position to the target position. Time measurement starts immediately and ends when the actuator reaches the target position. The motor transition time is calculated according to the following equation: Motor transition time = (output value high limit - output value low limit) x Measuring time / AMOUNT (target position - starting position). The progress and status of transition time measurement are displayed. The transition time measured is saved in the instance data block on the CPU and displayed in the "Measured transition time" field. PID_3Step will change to "Inactive" mode once transition time measurement is complete. Note Click on the icon "Upload measured transition time" to load the motor transition time measured to the project. Actuators with endstop signals Proceed as follows to measure the transition time of actuators with endstop signals: Requirement The "Endstop signals" check box in the basic settings has been selected and Actuator_H and Actuator_L are connected. An online connection to the CPU has been established. Proceed as follows to measure motor transition time with endstop signals: 1. Select the "Use actuator endstop signals" check box. 2. Select the direction in which the actuator is to be moved. - Open - Close - Open The actuator is moved first to the high endstop, then to the low endstop and then back to the high endstop. - Close - Open - Close The actuator is moved first to the low endstop, then to the high endstop and then back to the low endstop. 3. Click the 6554 "Start transition time measurement" icon. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Result The actuator is moved in the selected direction. Time measurement will start once the actuator has reached the first endstop and will end when the actuator reaches this endstop for the second time. The motor transition time is equal to the time measured divided by two. The progress and status of transition time measurement are displayed. The transition time measured is saved in the instance data block on the CPU and displayed in the "Measured transition time" field. PID_3Step will change to "Inactive" mode once transition time measurement is complete. Cancelling transition time measurement PID_3Step will change to "Inactive" mode immediately if you cancel transition time measurement. The actuator will stop being moved. You can reactive PID-3Step in the curve plotter. 13.1.5 Using PID_Temp (S7-1200, S7-1500) 13.1.5.1 Technology object PID_Temp (S7-1200, S7-1500) The PID_Temp technology object provides a continuous PID controller with integrated tuning. PID_Temp is especially designed for temperature control and is suited for heating or heating/ cooling applications. Two outputs are available for this purpose, one each for heating and cooling. PID_Temp can also be used for other control tasks. PID_Temp is cascadable and can be used in manual or automatic mode. PID_Temp continuously acquires the measured process value within a control loop and compares it with the set setpoint. From the resulting control deviations, the instruction PID_Temp calculates the output value for heating and/or cooling which is used to adjust the process value to the setpoint. The output values for the PID controller consist of three actions: Proportional action The proportional action of the output value increases in proportion to the control deviation. Integral action The integral action of the output value increases until the control deviation has been balanced. Derivative action The derivative action increases with the rate of change of control deviation. The process value is corrected to the setpoint as quickly as possible. The derivative action will be reduced again if the rate of change of control deviation drops. The instruction PID_Temp calculates the proportional, integral and derivative parameters for your controlled system during "pretuning". "Fine tuning" can be used to tune the parameters further. You do not need to manually determine the parameters. Either a fixed cooling factor or two PID parameter sets can be used for heating-and-cooling applications. WinCC Advanced V14 System Manual, 10/2016 6555 Using technology functions 13.1 PID control Additional information Overview of software controller (Page 6462) Add technology objects (Page 6465) Configure technology objects (Page 6466) Configuring PID_Temp (Page 6556) 13.1.5.2 Configuring PID_Temp (S7-1200, S7-1500) Basic settings (S7-1200, S7-1500) Introduction (S7-1200, S7-1500) Configure the following properties of the "PID_Temp" technology object under "Basic settings" in the Inspector window or in the configuration window: Physical quantity Start-up behavior after reset Source and input of the setpoint (only in the Inspector window) Selection of the process value Source and input of the process value (only in the Inspector window) Selection of the heating output value Source and input of the heating output value (only in the Inspector window) Activation and selection of the cooling output value Source and input of the cooling output value (only in the Inspector window) Activation of PID_Temp as master or slave of a cascade Number of slaves Selection of the master (only in the Inspector window) Setpoint, process value, heating output value and cooling output value You can select the source and enter values or tags for the setpoint, process value, heating output value and cooling output value in the Inspector window of the programming editor. Select the source for each value: Instance DB: The value saved in the instance DB is used. The value must be updated by the user program in the instance DB. There should be no value at the instruction. Can be changed using HMI. Instruction: The value connected to the instruction is used. The value is written to the instance DB each time the instruction is called. Cannot be changed using HMI. 6556 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Controller type (S7-1200, S7-1500) Physical quantity Select the unit of measurement and physical quantity for the setpoint and the process value in the "Controller type" group. The setpoint and the process value are displayed in this unit. Startup characteristics 1. To switch to "Inactive"mode after CPU restart, clear the "Activate Mode after CPU restart"check box. To switch to the operating mode saved in the Mode parameter after CPU restart, select the "Activate Mode after CPU restart" check box. 2. In the "Set Mode to" drop-down list, select the mode that is to be enabled after a complete download to the device. After a complete "Download to device", PID_Temp starts in the selected operating mode. With each additional restart, PID_Temp starts in the mode that was last saved in Mode. When selecting pretuning or fine tuning, you also have to set or reset the Heat.EnableTuning and Cool.EnableTuning tags in order to choose between tuning for heating and tuning for cooling. Example: You have selected the "Activate Mode after CPU restart" check box and the "Pretuning" entry in the "Set Mode to" list. After a complete "Download to device", PID_Temp starts in the "Pretuning" mode. If pretuning is still active, PID_Temp starts in "Pretuning" mode again after restart of the CPU (heating/cooling depends on the tags Heat.EnableTuning and Cool.EnableCooling). If pretuning was successfully completed and automatic mode is active, PID_Temp starts in "Automatic mode" after restart of the CPU. Setpoint (S7-1200, S7-1500) Procedure Proceed as follows to define a fixed setpoint: 1. Select "Instance DB". 2. Enter a setpoint, e.g. 80 C. 3. Delete any entry in the instruction. Proceed as follows to define a variable setpoint: 1. Select "Instruction". 2. Enter the name of the REAL tag in which the setpoint is saved. Program-controlled assignment of various values to the REAL tag is possible, for example for the time-controlled change of the setpoint. WinCC Advanced V14 System Manual, 10/2016 6557 Using technology functions 13.1 PID control Process value (S7-1200, S7-1500) PID_Temp will scale the value of the analog input to the physical quantity if you use the analog input value directly. You will need to write a program for processing if you wish first to process the analog input value. The process value is, for example, not directly proportional to the value at the analog input. The processed process value must be in floating point format. Procedure Proceed as follows to use the analog input value without processing: 1. Select the entry "Input_PER" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the address of the analog input. Proceed as follows to use the processed process value in floating point format: 1. Select the entry "Input" in the drop-down list "Input". 2. Select "Instruction" as source. 3. Enter the name of the variable in which the processed process value is saved. Heating and cooling output value (S7-1200, S7-1500) The PID_Temp instruction provides a PID controller with integrated tuning for temperature processes. PID_Temp is suitable for heating or heating-and-cooling applications. PID_Temp provides the following output values. Your actuator will determine which output value you use. OutputHeat Heating output value (floating-point format): The output value for heating needs to be processed by the user program, for example, because of non-linear actuator response. OutputHeat_PER Analog heating output value: The actuator for heating is triggered via an analog output and controlled with a continuous signal, e.g. 0...10 V, 4...20 mA. OutputHeat_PWM Pulse-width modulated heating output value: The actuator for heating is controlled via a digital output. Pulse width modulation creates variable ON and OFF times. OutputCool Cooling output value (floating-point format): The output value for cooling needs to be processed by the user program, for example because of non-linear actuator response. OutputCool_PER Analog cooling output value: The actuator for cooling is triggered via an analog output and controlled with a continuous signal, e.g. 0...10 V, 4...20 mA. OutputCool_PWM Pulse-width modulated cooling output value: The actuator for cooling is controlled via a digital output. Pulse width modulation creates variable ON and OFF times. 6558 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control The cooling output is only available if it was activated via the "Activate cooling" check box. If the check box is cleared, the output value of the PID algorithm (PidOutputSum) is scaled and output at the outputs for heating. If the check box is selected, positive output values of the PID algorithm (PidOutputSum) are scaled and output at the outputs for heating. Negative output values of the PID algorithm are scaled and output at the outputs for cooling. You can choose between two methods for output value calculation at the output settings. Note Note: The OutputHeat_PWM, OutputHeat_PER, OutputCool_PWM, OutputCool_PER outputs are only calculated if you select these correspondingly from the drop-down list. The OutputHeat output is always calculated. The OutputCool output is calculated if the check box for cooling is selected. The "Activate cooling" check box is only available if the controller is not configured as a master in a cascade. Procedure Proceed as follows to use the analog output value: 1. Select the entry "OutputHeat_PER" or "OutputCool_PER" in the drop-down list "OutputHeat" or "OutputCool". 2. Select "Instruction". 3. Enter the address of the analog output. Proceed as follows to use the pulse-width modulated output value: 1. Select the entry "OutputHeat_PWM" or "OutputCool_PWM" in the drop-down list "OutputHeat" or "OutputCool". 2. Select "Instruction". 3. Enter the address of the digital output. Proceed as follows to process the output value using the user program: 1. Select the entry "OutputHeat" or "OutputCool" in the drop-down list "OutputHeat" or "OutpuCool". 2. Select "Instruction". 3. Enter the name of the variable you are using to process the output value. 4. Transfer the processed output value to the actuator by means of an analog or digital CPU output. WinCC Advanced V14 System Manual, 10/2016 6559 Using technology functions 13.1 PID control Cascade (S7-1200, S7-1500) If a PID_Temp instance receives its setpoint from a higher-level master controller and outputs its output value in turn to a subordinate slave controller, this PID_Temp instance is both a master controller and a slave controller simultaneously. Both configurations listed below then have to be carried out for such a PID_Temp instance. This is the case, for example, for the middle PID_Temp instance in a cascade control system with three concatenated measured variables and three PID_Temp instances. Configuring a controller as master in a cascade A master controller specifies the setpoint of a slave controller through its output. In order to use PID_Temp as master in a cascade, you have to deactivate the cooling in the basic settings. In order to configure this PID_Temp instance as a master controller in a cascade, activate the "Controller is master" check box. The selection of the output value for heating is set automatically to OutputHeat. OutputHeat_PWM and OutputHeat_PER cannot be used at a master in a cascade. Subsequently specify the number of directly subordinate slave controllers that receive their setpoint from this master controller. If no own scaling function is used when assigning the OutputHeat parameter of the master to the Setpoint parameter of the slave, it may be necessary to adapt the output value limits and the output scaling of the master to the setpoint/process value range of the slave. This can be done in the output settings of the master in the "OutputHeat / OutputCool" section. Configuring a controller as a slave in a cascade A slave controller receives its setpoint (Setpoint parameter) from the output of its master controller (OutputHeat parameter). In order to configure this PID_Temp instance as a slave controller in a cascade, activate the "Controller is slave" check box in the basic settings. Subsequently select the PID_Temp instance that is to be used as the master controller for this slave controller in the Inspector window of the programming editor. The Master and Setpoint parameters of the slave controller are interconnected with the selected master controller through this selection (the existing interconnections at these parameters are overwritten). This interconnection allows the exchange of information and the setpoint specification between master and slave. If required, the interconnection can be changed subsequently at the Setpoint parameter of the slave controller in order, for example, to insert an additional filter. The interconnection at the parameter master may not be changed subsequently. The "Controller is master" check box has to be selected and the number of slaves has to be configured correctly at the selected master controller. The master controller has to be called before the slave controller in the same cyclic interrupt OB. Additional information Additional information about program creation, configuration and commissioning when PID_Temp is used in cascade control systems is available under Cascade control with PID_Temp (Page 6585). 6560 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Process value settings (S7-1200, S7-1500) Process value limits (S7-1200, S7-1500) You must specify an appropriate absolute high limit and low limit for the process value as limit values for your controlled system. As soon as the process value violates these limits, an error occurs (ErrorBits = 0001h). Tuning is canceled when the process value limits are violated. You can specify how PID_Temp responds to errors in automatic mode in the output settings. Scale process value (S7-1200, S7-1500) If you have configured the use of Input_PER in the basic settings, you will need to convert the value of the analog input into the physical quantity of the process value. The current configuration is displayed in the Input_PER display. Input_PER is scaled using a low and high value pair if the process value is directly proportional to the value of the analog input. Procedure To scale the process value, follow these steps: 1. Enter the low pair of values in the "Scaled low process value" and "Low" input fields. 2. Enter the high pair of values in the "Scaled high process value" and "High" input fields. Default settings for the value pairs are saved in the hardware configuration. Proceed as follows to use the value pairs from the hardware configuration: 1. Select the instruction PID_Temp in the programming editor. 2. Interconnect Input_PER with an analog input in the basic settings. 3. Click on the "Automatic setting" button in the process value settings. The existing values are overwritten with the values from the hardware configuration. WinCC Advanced V14 System Manual, 10/2016 6561 Using technology functions 13.1 PID control Output settings (S7-1200, S7-1500) Basic settings output (S7-1200, S7-1500) Method for heating and cooling If cooling is activated in the basic settings, two methods are available for calculating the PID output value: PID parameter changeover (Config.AdvancedCooling = TRUE): Output value calculation for cooling is carried out by means of a separate PID parameter set. The PID algorithm decides on the basis of the calculated output value and the control deviation whether the PID parameters are used for heating or cooling. This method is suitable if the heating and cooling actuators have different time responses and different gains. Pretuning and fine tuning for cooling are only available if this method is selected. Cooling factor (Config.AdvancedCooling = FALSE): Output value calculation for cooling is effected with the PID parameters for heating under consideration of the configurable cooling factor Config.CoolFactor. This method is suitable if the heating and cooling actuators have a similar time response but different gains. If this method is selected, pretuning and fine tuning for cooling as well as the PID parameter set for cooling are not available. Only the tunings for heating can be carried out. Cooling factor If the cooling factor is selected as the method for heating/cooling, this factor is used in the calculation of the output value for cooling. This allows different gains of heating and cooling actuators to be used. The cooling factor is not set automatically or adjusted during tuning. You have to configure the correct cooling factor manually by using the ratio "Heating actuator gain/Cooling actuator gain". Example: Cooling factor = 2.0 means that the heating actuator gain is twice as high as the cooling actuator gain. The cooling factor is only effective and can only be changed if "Cooling factor" is selected as the method for heating/cooling. Reaction to error NOTICE Your system may be damaged. If you output "Current value while error is pending " or "Substitute output value while error is pending" in the event of an error, PID_Temp remains in automatic mode or in manual mode. This may cause a violation of the process value limits and damage your system. It is essential to configure how your controlled system reacts in the event of an error to protect your system from damage. 6562 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID_Temp is preset so that the controller stays active in most cases in the event of an error. If errors occur frequently in controller mode, this default reaction has a negative effect on the control response. In this case, check the ErrorBits parameter and eliminate the cause of the error. WinCC Advanced V14 System Manual, 10/2016 6563 Using technology functions 13.1 PID control PID_Temp generates a programmable output value in response to an error: Zero (inactive) At all errors, PID_Temp switches to the "Inactive" operating mode and outputs the following: - 0.0 as PID output value (PidOutputSum) - 0.0 as output value for heating (OutputHeat) and output value for cooling (OutputCool) - 0 as analog output value for heating (OutputHeat_PER) and analog output value for cooling (OutputCool_PER) - FALSE as PWM output value for heating (OutputHeat_PWM) and PWM output value for cooling (OutputCool_PWM) This is independent of the configured output value limits and the scaling. The controller is only reactivated by a falling edge at Reset or a rising edge at ModeActivate. Current value while error is pending The error response depends on the error occurring and the operating mode. If one or more of the following errors occur in automatic mode, PID_Temp stays in automatic mode: - 0000001h: The Input parameter is outside the process value limits. - 0000800h: Sampling time error - 0040000h: Invalid value at Disturbance parameter. - 8000000h: Error during the calculation of the PID parameters. If one or more of the following errors occur in automatic mode, PID_Temp switches to "Substitute output value with error monitoring" mode and outputs the last valid PID output value (PidOutputSum): - 0000002h: Invalid value at Input_PER parameter. - 0000200h: Invalid value at Input parameter. - 0000400h: Calculation of output value failed. - 0001000h: Invalid value at Setpoint or SubstituteSetpoint parameter. The values at the outputs for heating and cooling resulting from the PID output value are produced by the configured output scaling. As soon as the errors are no longer pending, PID_Temp switches back to automatic mode. If an error occurs during manual mode, PID_Temp remains in manual mode and continues to use the manual value as the PID output value. If the manual value is invalid, the configured substitute output value is used. If the manual value and substitute output value are invalid, the low limit of the PID output value for heating (Config.Output.Heat.PidLowerLimit) is used. If the following error occurs during pretuning or fine tuning, PID_Temp remains in active mode: - 0000020h: Pretuning is not permitted during fine tuning. When any other error occurs, PID_Temp cancels the tuning and switches to the mode from which tuning was started. Substitute output value while error is pending 6564 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID_Temp behaves as described at "Current value while error is pending", but outputs the configured substitute output value (SubstituteOutput) as a PID output value (PidOutputSum) in "Substitute output value with error monitoring" operating mode. The values at the outputs for heating and cooling resulting from the PID output value are produced by the configured output scaling. In the case of controllers with activated cooling output (Config.ActivateCooling = TRUE), enter: - A positive substitute output value to output the value at the outputs for heating. - A negative substitute output value to output the value at the outputs for cooling. If the following error occurs, PID_Temp stays in "Substitute output value with error monitoring" mode and outputs the low limit of the PID output value for heating (Config.Output.Heat.PidLowerLimit): - 0020000h: Invalid value at SubstituteOutput tag. Output value limits and output value scaling (S7-1200, S7-1500) Depending on the operating mode, the PID output value (PidOutputSum) is calculated automatically by the PID algorithm or by the manual value (ManualValue) or the configured substitute output value (SubstituteOutput). The PID output value is limited depending on the configuration: If the cooling is deactivated in the basic settings (Config.ActivateCooling = FALSE), the value is limited to the high limit of the PID output value (heating) (Config.Output.Heat.PidUpperLimit) and the low limit of the PID output value (heating) (Config.Output.Heat.PidLowerLimit). You can configure both limits at the horizontal axis of the scaling characteristic line in the "OutputHeat / OutputCool" section. These are displayed in the "OutputHeat_PWM / OutputCool_PWM" and "OutputHeat_PER / OutputCool_PER" sections, but cannot be changed. If the cooling is activated in the basic settings (Config.ActivateCooling = TRUE), the value is limited to the high limit of the PID output value (Config.Output.Heat.PidUpperLimit) and the low limit of the PID output value (cooling) (Config.Output.Cool.PidLowerLimit). You can configure both limits at the horizontal axis of the scaling characteristic line in the "OutputHeat / OutputCool" section. These are displayed in the "OutputHeat_PWM / OutputCool_PWM" and "OutputHeat_PER / OutputCool_PER" sections, but cannot be changed. The low limit of the PID output value (heating) (Config.Output.Heat.PidLowerLimit) and the high limit of the PID output value (cooling) (Config.Output.Cool.PidUpperLimit) cannot be changed and have to be assigned the value 0.0. WinCC Advanced V14 System Manual, 10/2016 6565 Using technology functions 13.1 PID control The PID output value is scaled and output at the outputs for heating and cooling. Scaling can be specified separately for each output and is specified across 2 value pairs each, consisting of a limit value of the PID output value and a scaling value: Output Value pair Parameter OutputHeat Value pair 1 High limit of PID output value (heating) Config.Output.Heat.PidUpperLimit, Scaled upper output value (heating) Config.Out put.Heat.UpperScaling Value pair 2 Low limit of PID output value (heating) Config.Output.Heat.PidLowerLimit, Scaled lower output value (heating) Config.Out put.Heat.LowerScaling OutputHeat_PWM Value pair 1 High limit of PID output value (heating) Config.Output.Heat.PidUpperLimit, Scaled upper PWM output value (heating) Config.Output.Heat.PwmUpperScaling Value pair 2 Low limit of PID output value (heating) Config.Output.Heat.PidLowerLimit, Scaled lower PWM output value (heating) Config.Output.Heat.PwmLowerScaling OutputHeat_PER Value pair 1 High limit of PID output value (heating) Config.Output.Heat.PidUpperLimit, Scaled upper analog output value (heating) Config.Output.Heat.PerUpperScaling Value pair 2 Low limit of PID output value (heating) Config.Output.Heat.PidLowerLimit, Scaled lower analog output value (heating) Config.Output.Heat.PerLowerScaling OutputCool Value pair 1 Low limit of PID output value (cooling) Config.Output.Cool.PidLowerLimit, Scaled upper output value (cooling) Config.Output.Cool.UpperScaling Value pair 2 High limit of PID output value (cooling) Config.Output.Cool.PidUpperLimit, Scaled lower output value (cooling) Config.Output.Cool.LowerScaling OutputCool_PWM Value pair 1 Low limit of PID output value (cooling) Config.Output.Cool.PidLowerLimit, Scaled upper PWM output value (cooling) Config.Output.Cool.PwmUpperScaling Value pair 2 High limit of PID output value (cooling) Config.Output.Cool.PidUpperLimit, Scaled lower output value (cooling) Config.Output.Cool.PwmLowerScaling 6566 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Output Value pair Parameter OutputCool_PER Value pair 1 Low limit of PID output value (cooling) Config.Output.Cool.PidLowerLimit, Scaled upper analog output value (cooling) Config.Output.Cool.PerUpperScaling Value pair 2 High limit of PID output value (cooling) Config.Output.Cool.PidUpperLimit, Scaled low analog output value (cooling) Config.Output.Cool.PerLowerScaling The low limit of PID output value (heating) (Config.Output.Heat.PidLowerLimit) has to have the value 0.0, if the cooling is activated (Config.ActivateCooling = TRUE). The high limit of PID output value (cooling) Config.Output.Cool.PidUpperLimit) must always have the value 0.0. Example: Output scaling when the OutputHeat output is used (cooling deactivated. The low limit of PID output value (heating) (Config.Output.Heat.PidLowerLimit) may be unequal to 0.0): 2XWSXW+HDW &RQILJ2XWSXW+HDW 8SSHU6FDOLQJ &RQILJ2XWSXW+HDW /RZHU6FDOLQJ &RQILJ2XWSXW+HDW 3LG/RZHU/LPLW 3LG2XWSXW6XP &RQILJ2XWSXW+HDW 3LG8SSHU/LPLW Example: Output scaling when the OutputHeat_PWM and OutputCool_PER outputs are used (cooling activated. The low limit of PID output value (heating) (Config.Output.Heat.PidLowerLimit) must be 0.0): OutputCool_PER OutputHeat_PWM Config.Output.Cool. PerUpperScaling Config.Output.Heat. PwmUpperScaling Config.Output.Heat. PwmLowerScaling Config.Output.Cool. PerLowerScaling PidOutputSum Config.Output.Heat. Config.Output.Cool. Config.Output.Heat. PidLowerLimit PidLowerLimit PidUpperLimit =Config.Output.Cool. PidUpperLimit=0.0 With the exception of the "Inactive" operating mode, the value at an output always lies between its scaled upper output value and the scaled lower output value, for example for OutputHeat WinCC Advanced V14 System Manual, 10/2016 6567 Using technology functions 13.1 PID control always between the scaled upper output value (heating) (Config.Output.Heat.UpperScaling) and the scaled lower output value (heating) (Config.Output.Heat.LowerScaling). If you want to limit the value at the associated output, you therefore have to adapt these scaling values as well. You can configure the scaling values of an output at the vertical axes of the scaling characteristic line. Each output has two separate scaling values. These can only be changed for OutputHeat_PWM, OutputCool_PWM, OutputHeat_PER and OutputCool_PER if the corresponding output is selected in the basic settings. The cooling has to be activated additionally in the basic settings at all the outputs for cooling. The trend view in the commissioning dialog box only records the values of OutputHeat and OutputCool, irrespective of the selected output in the basic settings. Therefore, if necessary, adapt the scaling values for OutputHeat/OutputCool if you use OutputHeat_PWM, or OutputHeat_PER or OutputCool_PWM if you use OutputCool_PER and want to use the trend view in the commissioning dialog. Advanced settings (S7-1200, S7-1500) Process value monitoring (S7-1200, S7-1500) Configure a warning high and low limit for the process value in the "Process value monitoring" configuration window. If one of the warning limits is exceeded or undershot during operation, a warning is displayed at the PID_Temp instruction: At the InputWarning_H output parameter if the warning high limit has been exceeded At the InputWarning_L output parameter if the warning low limit has been undershot The warning limits must be within the process value high and low limits. The process value high and low limits are used if you do not enter values. Example Process value high limit = 98 C; warning high limit = 90 C Warning low limit = 10 C; process value low limit = 0 C PID_Temp will respond as follows: Process value InputWarning_H InputWarning_L ErrorBits > 98 C TRUE FALSE 0001h 98 C and > 90 C TRUE FALSE 0000h 90 C and 10 C FALSE FALSE 0000h < 10 C and 0 C FALSE TRUE 0000h < 0 C FALSE TRUE 0001h You can configure the response of PID_Temp when the process value high limit or low limit is violated in the output settings. 6568 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PWM limits (S7-1200, S7-1500) The PID output value PidOutputSum is scaled and transformed via a pulse width modulation into a pulse train that is output at the output parameter OutputHeat_PWM or OutputCool_PWM. The "Sampling time of PID algorithm" represents the time between two calculations of the PID output value. The sampling time is used as time period of the pulse width modulation. During heating, the PID output value is always calculated in the "Sampling time of PID algorithm for heating". Calculation of the PID output value during cooling depends on the type of cooling selected in "Basic settings Output": If the cooling factor is used, the "Sampling time of PID algorithm for heating" applies. If the PID parameter changeover is used, the "Sampling time of PID algorithm for cooling" applies. OutputHeat_PWM and OutputCool_PWM are output in the sampling time PID_Temp (corresponds to the cycle time of the calling OB). The PID algorithm sampling time for heating or cooling is determined during pretuning or fine tuning. If you set the PID parameters manually, you will also need to configure the PID algorithm sampling time for heating or cooling. The PID_Temp sampling time is equivalent to the cycle time of the calling OB. The pulse duration is proportional to the PID output value and is always an integer multiple of the PID_Temp sampling time. Example for OutputHeat_PWM 3LG2XWSXW6XP W PV 2XWSXW+HDWB3:0 758( )$/6( W PV WinCC Advanced V14 System Manual, 10/2016 PID_Temp sampling time PID algorithm sampling time for heating Pulse duration Break time 6569 Using technology functions 13.1 PID control The "Minimum ON time" and the "Minimum OFF time" can be set separately for heating and cooling, rounded to an integer multiple of the PID_Temp sampling time. A pulse or a break is never shorter than the minimum ON or OFF time. The inaccuracies this causes are added up and compensated in the next cycle. Example for OutputHeat_PWM PID_Temp sampling time = 100 ms PID algorithm sampling time = 1000 ms Minimum ON time = 200 ms The PID output value PidOutputSum amounts to 15% constantly. The smallest pulse that PID_Temp can output corresponds to 20%. In the first cycle, no pulse is output. In the second cycle, the pulse not output in the first cycle is added to the pulse of the second cycle. 3LG2XWSXW6XP 2XWSXW+HDWB3:0 W PV 758( )$/6( W PV PID_Temp sampling time PID algorithm sampling time for heating Minimum ON time In order to minimize operation frequency and conserve the actuator, extend the minimum ON and OFF times. If you have selected OutputHeat/OutputCool or OutputHeat_PER/OutputCool_PER as the output in the basic settings, the minimum ON time and the minimum OFF time are not evaluated and cannot be changed. If the "Sampling time of PID algorithm" (Retain.CtrlParams.Heat.Cycle or Retain.CtrlParams.Cool.Cycle) and thus the period duration of the pulse width modulation is very high when OutputHeat_PWM or OutputCool_PWM is used, you can specify a deviating shorter period duration at the parameters Config.Output.Heat.PwmPeriode or 6570 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Config.Output.Cool.PwmPeriode in order to improve smoothness of the process value (see also PwmPeriode tag (Page 4172)). Note The minimum ON and OFF times only affect the output parameters OutputHeat_PWM or OutputCool_PWM and are not used for any pulse generators integrated in the CPU. PID parameters (S7-1200, S7-1500) The PID parameters are displayed in the "PID Parameters" configuration window. If cooling is activated in the basic settings and PID parameter changeover is selected as the method for heating/cooling in the output settings, two parameter sets are available: One for heating and one for cooling. In this case, the PID algorithm decides on the basis of the calculated output value and the control deviation whether the PID parameters for heating or cooling are used. If cooling is deactivated or the cooling factor is selected as the method for heating/cooling, the parameter set for heating is always used. During tuning, the PID parameters are adapted to the controlled system with the exception of the deadband width that has to be configured manually. PID_Temp is a PIDT1 controller with anti-windup and weighting of the proportional and derivative actions. The PID algorithm operates according to the following equation (control zone and deadband deactivated): 1 y = Kp [ (b * w - x) + T * s (w - x) + I TD * s a * TD * s + 1 (c * w - x) ] Symbol Description Associated parameters of the PID_Temp instruc tion y Output value of the PID algorithm - Kp Proportional gain Retain.CtrlParams.Heat.Gain Retain.CtrlParams.Cool.Gain CoolFactor s Laplace operator - b Proportional action weighting Retain.CtrlParams.Heat.PWeighting w Setpoint CurrentSetpoint x Process value ScaledInput TI Integral action time Retain.CtrlParams.Heat.Ti Retain.CtrlParams.Cool.PWeighting Retain.CtrlParams.Cool.Ti TD Derivative action time Retain.CtrlParams.Heat.Td Retain.CtrlParams.Cool.Td WinCC Advanced V14 System Manual, 10/2016 6571 Using technology functions 13.1 PID control Symbol Description Associated parameters of the PID_Temp instruc tion a Coefficient for derivative-action delay Retain.CtrlParams.Heat.TdFiltRatio (Derivative delay T1 = a x TD) Retain.CtrlParams.Cool.TdFiltRatio c Derivative action weighting Retain.CtrlParams.Heat.DWeighting DeadZone Deadband width ControlZone Control zone width Retain.CtrlParams.Cool.DWeighting Retain.CtrlParams.Heat.DeadZone Retain.CtrlParams.Cool.DeadZone Retain.CtrlParams.Heat.ControlZone Retain.CtrlParams.Cool.ControlZone The diagram below illustrates the integration of the parameters into the PID algorithm: E &XUUHQW6HWSRLQW Z &RQILJ2XWSXW+HDW 3LG8SSHU/LPLW F '7 .S \ &RQILJ2XWSXW+HDW 3LG/RZHU/LPLW &RQILJ2XWSXW&RRO 3LG/RZHU/LPLW 'HDG=RQH $QWL:LQGXS 6FDOHG,QSXW [ /LPLW , &RQWURO=RQH All PID parameters are retentive. If you enter the PID parameters manually, you must completely download PID_Temp (Downloading technology objects to device (Page 6468)). 6572 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID_Temp block diagram The following block diagram shows how the PID algorithm is integrated in the PID_Temp. InputPEROn Scale PV_ALRM InputWarning_H Input_PER 1 InputWarning_L 0 Input z -1 sgn CtrlParams Heat.Gain Heat Ti ... Cool.Gain Cool.Ti ... SubstituteSetpointOn Setpoint SubstituteSetpoint ScaledInput Limit 0 CurrentSetpoint PIDT1 Anti Windup 1 Disturbance State Limit =3 PidOutputSum ManualValue =4 Scale OutputHeat PidOutput OffsetHeat Scale Config.Output.Heat.Select PWM PIDSelfTune.TIR. OutputOffsetHeat Split =1 FALSE 1 OutputHeat_PWM Scale Limit =2 0 OutputHeat_PER 2 Limit Split Config.ActivateCooling Scale OutputCool -1 1 0.0 0 PIDSelfTune.TIR. OutputOffsetCool Scale Config.Output.Cool.Select PWM 1 PidOutput OffsetCool FALSE 0 =1 FALSE 1 OutputCool_PWM Scale 1 0 0 WinCC Advanced V14 System Manual, 10/2016 =2 0 OutputCool_PER 2 6573 Using technology functions 13.1 PID control Proportional gain The value specifies the proportional gain of the controller. PID_Temp does not operate with a negative proportional gain and only supports the normal control direction, meaning that an increase in the process value is achieved by an increase in the PID output value (PidOutputSum). Integral action time The integral action time determines the time behavior of the integral action. The integral action is deactivated with integral action time = 0.0. Derivative action time The derivative action time determines the time behavior of the derivative action. Derivative action is deactivated with derivative action time = 0.0. Derivative delay coefficient The derivative delay coefficient delays the effect of the derivative action. Derivative delay = derivative action time x derivative delay coefficient 0.0: Derivative action is effective for one cycle only and therefore almost not effective. 0.5: This value has proved useful in practice for controlled systems with one dominant time constant. > 1.0: The greater the coefficient, the longer the effect of the derivative action is delayed. Proportional action weighting The proportional action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Proportional action for setpoint change is fully effective 0.0: Proportional action for setpoint change is not effective The proportional action is always fully effective when the process value is changed. Derivative action weighting The derivative action may weaken with changes to the setpoint. Values from 0.0 to 1.0 are applicable. 1.0: Derivative action is fully effective upon setpoint change 0.0: Derivative action is not effective upon setpoint change The derivative action is always fully effective when the process value is changed. 6574 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control PID algorithm sampling time The controlled system needs a certain amount of time to respond to changes in the output value. It is therefore not advisable to calculate the output value in every cycle. The sampling time of "PID algorithm" represents the time between two calculations of the PID output value. It is calculated during tuning and rounded to a multiple of the PID_Temp sampling time (cycle time of the cyclic interrupt OB). All other functions of PID_Temp are executed at every call. If you use OutputHeat_PWM or OutputCool_PWM, the sampling time of the PID algorithm is used as the period duration of the pulse width modulation. The accuracy of the output signal is determined by the ratio of the PID algorithm sampling time to the cycle time of the OB. The cycle time should be a maximum of one tenth of the PID algorithm sampling time. The sampling time of the PID algorithm that is used as the period duration of the pulse width modulation at OutputCool_PWM depends on the method for heating/cooling selected in "Basic settings Output": If the cooling factor is used, the "sampling time of the PID algorithm for heating" also applies to OutputCool_PWM. If the PID parameter changeover is used, the "sampling time PID algorithm for cooling" applies as the period duration for OutputCool_PWM. If the sampling time of the PID algorithm and thus the period duration of the pulse width modulation is very high when OutputHeat_PWM or OutputCool_PWM is used, you can specify a deviating shorter period duration at the parameters Config.Output.Heat.PwmPeriode or Config.Output.Cool.PwmPeriode in order to improve smoothness of the process value. Deadband width If the process value is affected by noise, the noise can also have an effect on the output value. The output value may fluctuate considerably when controller gain is high and the derivative action is activated. If the process value lies within the deadband around the setpoint, the control deviation is suppressed so that the PID algorithm does not react and unnecessary fluctuations of the output value are reduced. The deadband width for heating is not set automatically during tuning. You have to correctly configure the deadband width manually. The deadband is deactivated by setting the deadband width = 0.0. If cooling is activated in the basic settings and PID parameter changeover is selected as the method for heating/cooling in the output settings, the deadband lies between "Setpoint deadband width (heating)" and "Setpoint + deadband width (cooling)". WinCC Advanced V14 System Manual, 10/2016 6575 Using technology functions 13.1 PID control If cooling is deactivated in the basic settings or the cooling factor is used, the deadband lies symmetrically between "Setpoint - deadband width (heating)" and "Setpoint + deadband width (heating)". 5HWDLQ&WUO3DUDPV &RRO'HDG=RQH 5HWDLQ&WUO3DUDPV +HDW'HDG=RQH 5HWDLQ&WUO3DUDPV +HDW'HDG=RQH Deadband with deactivated cooling or cooling factor (left) or activated cooling and PID parameter changeover (right). The x / horizontal axis displays the control deviation = setpoint - process value. The y / vertical axis shows the output signal of the deadband that is passed to the PID algorithm. Control zone width If the process value exits the control zone around the setpoint, the minimum or maximum output value is output. This means that the process value reaches the setpoint faster. If the process value lies within the control zone around the setpoint, the output value is calculated by the PID algorithm. The control zone width for heating or cooling is only set automatically during the pretuning, if "PID (temperature)" is selected as the controller structure for cooling or heating. The control zone is deactivated by setting the control zone width = 3.402822e+38. If cooling is deactivated in the basic settings or the cooling factor is used, the control zone lies symmetrically between "Setpoint - control zone width (heating)" and "Setpoint + control zone width (heating)". If cooling is activated in the basic settings and PID parameter changeover is selected as the method for heating/cooling in the output settings, the control zone lies between "Setpoint control zone width (heating)" and "Setpoint + control zone width (cooling)". ,QSXW 3LG2XWSXW6XP &RQILJ2XWSXW+HDW3LG/RZHU/LPLW 3LG2XWSXW6XP &RQILJ2XWSXW&RRO3LG/RZHU/LPLW 6HWSRLQW 5HWDLQ&WUO3DUDPV +HDW&RQWURO=RQH 6HWSRLQW 3LG2XWSXW6XP &RQILJ2XWSXW+HDW3LG8SSHU/LPLW 6HWSRLQW 5HWDLQ&WUO3DUDPV +HDW&RQWURO=RQH W Control zone with deactivated cooling or cooling factor. 6576 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control ,QSXW 3LG2XWSXW6XP &RQILJ2XWSXW&RRO3LG/RZHU/LPLW 6HWSRLQW 5HWDLQ&WUO3DUDPV &RRO&RQWURO=RQH 6HWSRLQW 3LG2XWSXW6XP &RQILJ2XWSXW+HDW3LG8SSHU/LPLW 6HWSRLQW 5HWDLQ&WUO3DUDPV +HDW&RQWURO=RQH W Control zone with activated cooling and PID parameter changeover. Rule for tuning Select whether PI or PID parameters are to be calculated in the "Controller structure" dropdown list. You can specify the rules for tuning for heating and for tuning for cooling separately. PID (temperature) Calculates PID parameters during pretuning and fine tuning. Pretuning is designed for temperature processes and results in a slower and rather asymptotic control response with smaller overshoots than with the "PID" option. Fine tuning is identical to the "PID" option. The control zone width is determined automatically during pretuning only if this option is selected. PID Calculates PID parameters during pretuning and fine tuning. PI Calculates PI parameters during pretuning and fine tuning. User-defined The drop-down list displays "User-defined" if you have configured different controller structures for pretuning and fine tuning via a user program or the parameter view. 13.1.5.3 Commissioning PID_Temp (S7-1200, S7-1500) Commissioning (S7-1200, S7-1500) The commissioning window helps you commission the PID controller. You can monitor the values for the setpoint, process value and the output values for heating and cooling along the time axis in the trend view. The following functions are supported in the commissioning window: Controller pretuning Controller fine tuning Use fine tuning for fine adjustments to the PID parameters. Monitoring the current closed-loop control in the trend view WinCC Advanced V14 System Manual, 10/2016 6577 Using technology functions 13.1 PID control Testing the controlled system by specifying a manual PID output value and a substitute setpoint Saving the actual values of the PID parameters to an offline project. All functions require an online connection to the CPU. The online connection to the CPU is established, if it does not exist already, and operation of the commissioning window is enabled by means of the "Monitor all" or "Start" buttons of the trend view. Operation of the trend view Select the desired sampling time in the "Sampling time" drop-down list. All the values of the trend view are updated in the selected sampling time. Click the "Start" icon in the Measurement group if you want to use the trend view. Value recording is started. The current values for the setpoint, process value and output values for heating and cooling are entered in the trend view. Click the "Stop" icon if you want to end the trend view. The values recorded in the trend view can continue to be analyzed. Closing the commissioning window will terminate recording in the trend view and delete the recorded values. Pretuning (S7-1200, S7-1500) The pretuning determines the process response to a jump change of the output value and searches for the point of inflection. The tuned PID parameters are calculated as a function of the maximum slope and dead time of the controlled system. You obtain the best PID parameters when you perform pretuning and fine tuning. The more stable the process value is, the easier it is to calculate the PID parameters and the more precise the result will be. Noise on the process value can be tolerated as long as the rate of rise of the process value is significantly higher compared to the noise. This is most likely the case in operating modes "Inactive" and "manual mode". The PID parameters are backed up before being recalculated. PID_Temp offers different pretuning types depending on the configuration: Pretuning heating A jump is output at the output value heating, the PID parameters for heating are calculated and then the setpoint is used as the control variable in automatic mode. Pretuning heating and cooling A jump is output at the output value heating. As soon as the process value is near the setpoint, a jump to the output value cooling is output. The PID parameters for heating (Retain.CtrlParams.Heat structure) and cooling (Retain.CtrlParams.Cool structure) are calculated and then the setpoint is used as the control variable in automatic mode. Pretuning cooling A jump is output at the output value cooling. The PID parameters for cooling are calculated and then the setpoint is used as the control variable in automatic mode. 6578 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control If you want to tune the PID parameters for heating and cooling, you can expect improved control response by carrying out "Pretuning heating" and subsequently "Pretuning cooling" than by carrying out "Pretuning heating and cooling". However, carrying out pretuning in two steps takes more time. General requirements The PID_Temp instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE PID_Temp is in one of the following modes: "Inactive", "Manual mode", or "Automatic mode". The setpoint and the process value lie within the configured limits (see Process value monitoring (Page 6568) configuration). Requirements for pretuning heating The difference between setpoint and process value is greater than 30% of the difference between process value high limit and process value low limit. The distance between the setpoint and the process value is greater than 50% of the setpoint. The setpoint is greater than the process value. Requirements for pretuning heating and cooling The cooling output in the "Basic settings" is activated (Config.ActivateCooling = TRUE). The PID parameter changeover in the "Basic settings of output value" is activated (Config.AdvancedCooling = TRUE). The difference between setpoint and process value is greater than 30% of the difference between process value high limit and process value low limit. The distance between the setpoint and the process value is greater than 50% of the setpoint. The setpoint is greater than the process value. Requirements for pretuning cooling The cooling output in the "Basic settings" is activated (Config.ActivateCooling = TRUE). The PID parameter changeover in the "Basic settings of output value" is activated (Config.AdvancedCooling = TRUE). "Pretuning heating" or "Pretuning heating and cooling" has been carried out successfully (PIDSelfTune.SUT.ProcParHeatOk = TRUE). The same setpoint should be used for all tunings. The difference between setpoint and process value is smaller than 5% of the difference between process value high limit and process value low limit. WinCC Advanced V14 System Manual, 10/2016 6579 Using technology functions 13.1 PID control Procedure To perform pretuning, follow these steps: 1. Double-click the "PID_Temp > Commissioning" entry in the project tree. 2. Activate the "Monitor all" button or start the trend view. An online connection will be established. 3. Select the desired pretuning entry from the "Tuning mode" drop-down list. 4. Click the "Start" icon. - Pretuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon when the progress bar ("Progress" tag) has not changed for a long period and it is to be assumed that the tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. Result If pretuning was performed without an error message, the PID parameters have been tuned. PID_Temp switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. If pretuning is not possible, PID_Temp responds with the configured reaction to errors. Fine tuning (S7-1200, S7-1500) Fine tuning generates a constant, limited oscillation of the process value. The PID parameters are tuned for the operating point from the amplitude and frequency of this oscillation. The PID parameters are recalculated from the results. PID parameters from fine tuning usually have better master control and disturbance characteristics than PID parameters from pretuning. You obtain the best PID parameters when you perform pretuning and fine tuning. PID_Temp automatically attempts to generate an oscillation greater than the noise of the process value. Fine tuning is only minimally influenced by the stability of the process value. The PID parameters are backed up before being recalculated. PID_Temp offers different fine tuning types depending on the configuration: Fine tuning heating: PID_Temp generates an oscillation of the process value with periodic changes at the output value heating and calculates the PID parameters for heating. Fine tuning cooling: PID_Temp generates an oscillation of the process value with periodic changes at the output value cooling and calculates the PID parameters for cooling. 6580 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Temporary tuning offset for heating/cooling controllers If PID_Temp is used as a heating/cooling controller (Config.ActivateCooling = TRUE), the PID output value (PidOutputSum) at the setpoint has to fulfill the following requirements so that process value oscillation can be generated and fine tuning can be carried out successfully: Positive PID output value for fine tuning heating Negative PID output value for fine tuning cooling If this condition is not fulfilled, you can specify a temporary offset for fine tuning that is output at the opposing output. Offset for cooling output (PIDSelfTune.TIR.OutputOffsetCool) at fine tuning heating. Before starting tuning, enter a negative tuning offset cooling that is smaller than the PID output value (PidOutputSum) at the setpoint in the stationary state. Offset for heating output (PIDSelfTune.TIR.OutputOffsetHeat) at fine tuning cooling Before starting tuning, enter a positive tuning offset heating that is greater than the PID output value (PidOutputSum) at the setpoint in the stationary state. The defined offset is balanced by the PID algorithm so that the process value remains at the setpoint. The height of the offset allows the PID output value to be adapted correspondingly so that it fulfills the requirement mentioned above. In order to avoid greater overshoots of the process value at specification of the offset, this can also be increased in several steps. If PID_Temp exits the fine tuning mode, the tuning offset is reset. Example: Specification of an offset for fine tuning cooling Without offset - Setpoint = Process value (ScaledInput) = 80 C - PID output value (PidOutputSum) = 30.0 - Output value heating (OutputHeat) = 30.0 - Output value cooling (OutputCool) = 0.0 Oscillation of the process value around the setpoint cannot be generated with the cooling output alone. Fine tuning would fail here. With offset for heating output (PIDSelfTune.TIR.OutputOffsetHeat) = 80.0 - Setpoint = Process value (ScaledInput) = 80 C - PID output value (PidOutputSum) = -50.0 - Output value heating (OutputHeat) = 80.0 - Output value cooling (OutputCool) = -50.0 Thanks to the specification of an offset for the heating output, the cooling output can now generate oscillation of the process value around the setpoint. Fine tuning can now be carried out successfully. WinCC Advanced V14 System Manual, 10/2016 6581 Using technology functions 13.1 PID control General requirements The PID_Temp instruction is called in a cyclic interrupt OB. ManualEnable = FALSE Reset = FALSE The setpoint and the process value lie within the configured limits (see "Process value settings" configuration). The control loop has stabilized at the operating point. The operating point is reached when the process value corresponds to the setpoint. No disturbances are expected. PID_Temp is in inactive mode, automatic mode or manual mode. Requirements for fine tuning heating Heat.EnableTuning = TRUE Cool.EnableTuning = FALSE If PID_Temp is configured as a heating-and-cooling controller (Config.ActivateCooling = TRUE), the heating output has to be active at the operating point where tuning is to be carried out. PidOutputSum > 0.0 (see tuning offset) Requirements for fine tuning cooling Heat.EnableTuning = FALSE Cool.EnableTuning = TRUE The cooling output is activated (Config.ActivateCooling = TRUE). The PID parameter changeover is activated (Config.AdvancedCooling = TRUE). The cooling output has to be active at the operating point where tuning is to be carried out. PidOutputSum < 0.0 (see tuning offset) Process depends on initial situation Fine tuning can be started from the following operating modes: "Inactive", "automatic mode", or "manual mode". 6582 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Fine tuning proceeds as follows when started from: Automatic mode with PIDSelfTune.TIR.RunIn = FALSE (default) Start fine tuning from automatic mode if you wish to improve the existing PID parameters through tuning. PID_Temp controls the system using the existing PID parameters until the control loop has stabilized and the requirements for fine tuning have been met. Only then will fine tuning start. Inactive, manual mode or automatic mode with PIDSelfTune.TIR.RunIn = TRUE An attempt is made to reach the setpoint with the minimum or maximum output value (twopoint control): - With minimum or maximum output value heating at fine tuning heating. - With minimum or maximum output value cooling at fine tuning cooling. This can produce increased overshoot. When the setpoint is reached, fine tuning is started. If the setpoint cannot be reached, PID_Temp does not abort tuning automatically. Procedure To perform fine tuning, follow these steps: 1. Double-click the "PID_Temp > Commissioning" entry in the project tree. 2. Activate the "Monitor all" button or start the trend view. An online connection will be established. 3. Select the desired fine tuning entry from the "Tuning mode" drop-down list. 4. If required (see tuning offset), specify a tuning offset and wait until the stationary state is reached again. 5. Click the "Start" icon. - The process of fine tuning is started. - The "Status" field displays the current steps and any errors that may have occurred. The progress bar indicates the progress of the current step. Note Click the "Stop" icon in the "Tuning mode" group if the progress bar ("Progress" tag) has not changed for a long period and it is to be assumed that the tuning function is blocked. Check the configuration of the technology object and, if necessary, restart controller tuning. In the following phases in particular, tuning is not aborted automatically if the setpoint cannot be reached. "Attempting to reach setpoint for heating with two-point control." "Attempting to reach setpoint for cooling with two-point control." Result If no errors occurred during fine tuning, the PID parameters have been tuned. PID_Temp switches to automatic mode and uses the tuned parameters. The tuned PID parameters will be retained during power OFF and a restart of the CPU. WinCC Advanced V14 System Manual, 10/2016 6583 Using technology functions 13.1 PID control If errors occurred during fine tuning, PID_Temp responds with the configured response to errors. "Manual" mode (S7-1200, S7-1500) The following section describes how you can use "Manual mode" in the commissioning window of the "PID_Temp" technology object. Manual mode is also possible when an error is pending. Requirement The "PID_Temp" instruction is called in a cyclic interrupt OB. An online connection to the CPU has been established. The CPU is in "RUN" mode. Procedure If you want to test the controlled system by specifying a manual value, use "Manual mode" in the commissioning window. To define a manual value, follow these steps: 1. Double-click the "PID_Temp > Commissioning" entry in the project tree. 2. Activate the "Monitor all" button or start the trend view. An online connection will be established. 3. Select the "Manual mode" check box in the "Online status of controller" area. PID_Temp operates in manual mode. The most recent current output value remains in effect. 4. Enter the manual value in the editable field as a % value. If cooling is activated in the basic settings, enter the manual value as follows: - Enter a positive manual value to output the value at the outputs for heating. - Enter a negative manual value to output the value at the outputs for cooling. 5. Click the icon. Result The manual value is written to the CPU and immediately goes into effect. Clear the "Manual mode" check box if the output value is to be specified again by the PID controller. The switchover to automatic mode is bumpless. Substitute setpoint (S7-1200, S7-1500) The following section describes how you can use the substitute setpoint in the commissioning window of the "PID_Temp" technology object. 6584 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Requirement The "PID_Temp" instruction is called in a cyclic interrupt OB. An online connection to the CPU has been established. The CPU is in "RUN" mode. Procedure If you want to use a different value as the setpoint than that specified at the "Setpoint" parameter (for example to tune a slave in a cascade), use the substitute setpoint in the commissioning window. Proceed as follows to specify a substitute setpoint: 1. Double-click the "PID_Temp > Commissioning" entry in the project tree. 2. Activate the "Monitor all" button or start the trend view. An online connection will be established. 3. Select the "Subst.Setpoint" check box in the "Online status of controller" section. The substitute setpoint (SubstituteSetpoint tag) is initialized with the most recently updated setpoint and now used. 4. Enter the substitute setpoint in the editable field. 5. Click the icon. Result The substitute setpoint is written to the CPU and immediately goes into effect. Clear the "Subst.Setpoint" check box if the value at the "Setpoint" parameter is to be used again as setpoint. The switchover is not bumpless. Cascade commissioning (S7-1200, S7-1500) Information about cascade commissioning with PID_Temp is available under Commissioning (Page 6589). 13.1.5.4 Cascade control with PID_Temp (S7-1200, S7-1500) Introduction (S7-1200, S7-1500) In cascade control, several control loops are nested within each other. In the process, slaves receive their setpoint (Setpoint) from the output value (OutputHeat) of the respective higherlevel master. A prerequisite for establishing a cascade control system is that the controlled system can be divided into subsystems, each with its own measured variable. Setpoint specification for the controlled variable is carried out at the outmost master. WinCC Advanced V14 System Manual, 10/2016 6585 Using technology functions 13.1 PID control The output value of the innermost slave is applied to the actuator and thus acts on the controlled system. The following major advantages result from the use of a cascade control system in comparison with a single-loop control system: Thanks to the additional subordinate control loops, disturbances which occur there are corrected quickly. Their influence on the controlled variable is reduced considerably. The disturbance behavior is thus improved. The subordinate control loops act in linearizing form. The negative effects of such nonlinearities on the controlled variable are thus moderated. PID_Temp offers the following functionality especially for use in cascade control systems: Specification of a substitute setpoint Exchange of status information between master and slave (for example, current operating mode) Different Anti-Wind-Up modes (response of the master to limitation of its slave) Example The following block diagram shows a cascade control system with PID_Temp using the simplified example of a chocolate melting unit: 7HPS&KRFRODWH 7HPS:DWHU 3,'B7HPSB 3,'B7HPSB ,QSXW 2XWSXW+HDW ,QSXW 2XWSXW+HDW 6HWSRLQW 2XWSXW&RRO 6HWSRLQW 2XWSXW&RRO 3,'B7HPSB 6ODYH 0DVWHU 6ODYH &KRFRODWH :DWHU 0DVWHU 6ODYH 758( ,V0DVWHU )$/6( ,V6ODYH &RXQW6ODYHV ,V0DVWHU ,V6ODYH &RXQW6ODYHV )$/6( 758( The PID_Temp_1 master compares the process value of the chocolate temperature (TempChocolate) with the setpoint specification by the user at the Setpoint parameter. Its output value OutputHeat forms the setpoint of the slave PID_Temp_2. PID_Temp_2 attempts to regulate the process value of the water-bath temperature (TempWater) to this setpoint. The output value of PID_Temp_2 acts directly on the actuator of the controlled system (heating of the water bath) and thus influences the water-bath temperature. The water-bath temperature in turn has an effect on the chocolate temperature. 6586 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control See also Program creation (Page 6587) Program creation (S7-1200, S7-1500) Observe the following points during program creation: Number of PID_Temp instances The number of different PID_Temp instances called up in a cyclic interrupt OB has to agree with the number of concatenated measured variables in the process. There are two concatenated measured variables in the example: TempChocolate and TempWater. Therefore two PID_Temp instances are required. Call sequence A master has to be called before its slaves in the same cyclic interrupt OB. The outermost master at which the user setpoint is specified is called first. The slave whose setpoint is specified by the outermost master is called next, etc. The innermost slave that acts on the actuator of the process with its output value is called last. In the example, PID_Temp_1 is called before PID_Temp_2. Interconnection of the measured variables The outermost master is interconnected with the outermost measured variable that is to be regulated to the user setpoint. The innermost slave is interconnected with the innermost measured variable that is influenced directly by the actuator. Interconnection of the measured variables with PID_Temp is carried out with the parameters Input or Input_PER. In the example, the outermost measured variable TempChocolate is interconnected with PID_Temp_1 and the innermost measured variable TempWater with PID_Temp_2. Interconnection of the output value of the master to the setpoint of the slave The output value (OutputHeat) of a master has to be assigned to the setpoint (Setpoint) of its slave. This interconnection can be carried out in the programming editor or automatically in the Inspector window of the slave in the basic settings via the selection of the master. If required, you can insert your own filter or scaling functions, for example in order to adapt the output value range of the master to the setpoint/process value range of the slave. In the example, OutputHeat of PID_Temp_1 is assigned to Setpoint of PID_Temp_2. Interconnection of the interface for information exchange between master and slave The "Slave" parameter of a master has to be assigned to the "Master" parameter of all its directly subordinate slaves (which receive their setpoint from this master). The assignment should be carried out via the interface of the Slave in order to allow the interconnection of a master with several slaves and the display of the interconnection in the Inspector window of the slave in the basic settings. This interconnection can be carried out in the programming editor or automatically in the Inspector window of the slave in the basic settings via the selection of the master. The Anti-Wind-Up functionality and the evaluation of the slave operating modes at the master can only function correctly if this interconnection is carried out. In the example, the "Slave" parameter of PID_Temp_1 is assigned to the "Master" parameter of PID_Temp_2. WinCC Advanced V14 System Manual, 10/2016 6587 Using technology functions 13.1 PID control Program code of the example using SCL (without assignment of the output value of the slave to the actuator): "PID_Temp_1"(Input:="TempChocolate"); "PID_Temp_2"(Input:="TempWater", Master := "PID_Temp_1".Slave, Setpoint := "PID_Temp_1".OutputHeat); See also PID_Temp ActivateRecoverMode tag (Page 4168) Configuration (S7-1200, S7-1500) You can carry out the configuration via your user program, the configuration editor or the Inspector window of the PID_Temp call. When using PID_Temp in a cascade control system, ensure the correct configuration of the settings specified below. If a PID_Temp instance receives its setpoint from a superior master controller and outputs its output value in turn to a subordinate slave controller, this PID_Temp instance is both a master controller and a slave controller simultaneously. Both configurations listed below have to be carried out for such a PID_Temp instance. This is the case, for example, for the middle PID_Temp instance in a cascade control system with three concatenated measured variables and three PID_Temp instances. Configuration of a master Setting in the configuration editor or In spector window DB parameter Basic settings Cascade: Explanation Config.Cascade.IsMaster = Activate "Controller is master" check box TRUE Activates this controller as a master in a cascade Basic settings Cascade: Config.Cascade.CountSlaves Number of directly subordinate slaves that re ceive their setpoint directly from this master Config.Output.Heat.Select = 0 The master only uses the output parameter Out putHeat. Number of slaves Basic settings Input/output parame ters: Selection of the output value (heating) = OutputHeat Basic settings Input/output parame ters: OutputHeat_PWM and OutputHeat_PER are de activated. Config.ActivateCooling = FALSE The cooling has to be deactivated at a master. Clear "Activate cooling" check box 6588 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control Setting in the configuration editor or In spector window DB parameter Output settings Output limits and scal Config.Output.Heat.PidLower ing OutputHeat / OutputCool: Limit, Low limit of PID output value (heating), High limit of PID output value (heating), Scaled lower output value (heating), Scaled upper output value (heating) Config.Output.Heat.PidUpper Limit, Config.Output.Heat.LowerScal ing, Explanation If no own scaling function is used when assign ing OutputHeat of the master to Setpoint of the slave, it may be necessary to adapt the output value limits and the output scaling of the master to the setpoint/process value range of the slave. Config.Output.Heat.UpperScal ing This tag is not available in the Inspector window or in the function view of the configuration editor. Config.Cascade.AntiWindUp Mode You can change it via the parameter view of the configuration editor. The Anti-Wind-Up mode determines how the in tegral action of this master is treated if directly subordinate slaves reach their output value lim its. Options are: AntiWindUpMode = 0: The AntiWindUp functionality is deactivated. The master does not react to the limitation of its slaves. AntiWindUpMode = 1 (default): The integral action of the master is reduced in the relationship "Slaves in limitation/ Number of slaves". This reduces the effects of the limitation on the control behavior. AntiWindUpMode = 2: The integral action of the master is held as soon as a slave is in limitation. Configuration of a slave Setting in the configuration editor or In spector window DB parameter Explanation Basic settings Cascade: Config.Cascade.IsSlave = TRUE Activates this controller as a slave in a cascade Select the "Controller is slave" check box Commissioning (S7-1200, S7-1500) After compiling and loading of the program, you can start commissioning of the cascade control system. Begin with the innermost slave at commissioning (implementation of tuning or change to automatic mode with existing PID parameters) and continue outwards until the outermost master has been reached. In the above example, commissioning starts with PID_Temp_2 and is continued with PID_Temp_1. WinCC Advanced V14 System Manual, 10/2016 6589 Using technology functions 13.1 PID control Tuning the slave Tuning of PID_Temp requires a constant setpoint. Therefore, activate the substitute setpoint of a slave (SubstituteSetpoint and SubstituteSetpointOn tags) to tune the slave or set the associated master to manual mode by using a corresponding manual value. This ensures that the setpoint of the slave remains constant during tuning. Tuning the master In order for a master to influence the process or to carry out tuning, all the downstream slaves have to be in automatic mode and their substitute setpoint has to be deactivated. A master evaluates these conditions through the interface for information exchange between master and slave (Master parameter and Slave parameter) and displays the current state at the AllSlaveAutomaticState and NoSlaveSubstituteSetpoint tags. Corresponding status messages are output in the commissioning editor. Status message in the commissioning editor of the master DB parameter of the master Correction One or more slaves are not in automatic mode. AllSlaveAutomaticState = FALSE, First, carry out commissioning of all downstream slaves. NoSlaveSubstituteSetpoint = TRUE Ensure that the following conditions are fulfilled before carrying out tuning or activating manual mode or automatic mode of the master: One or more slaves have activated the substitute setpoint. AllSlaveAutomaticState = TRUE, NoSlaveSubstituteSetpoint = FALSE One or more slaves are not in automatic mode and have activated the substitute setpoint. AllSlaveAutomaticState = FALSE, All downstream slaves are in automatic mode (state = 3). All downstream slaves have deactivated the substitute setpoint (SubstituteSetpointOn = FALSE). NoSlaveSubstituteSetpoint = FALSE If pretuning or fine tuning is started for a master, PID_Temp aborts tuning in the following cases and displays an error with ErrorBits = DW#16#0200000: One or more slaves are not in automatic mode (AllSlaveAutomaticState = FALSE) One or more slaves have activated the substitute setpoint (NoSlaveSubstituteSetpoint = FALSE). The subsequent operating mode changeover depends on ActivateRecoverMode. Substitute setpoint (S7-1200, S7-1500) In order to specify a setpoint, PID_Temp offers a substitute setpoint at the SubstituteSetpoint tags in addition to the Setpoint parameter. This can be activated by setting SubstituteSetpointOn = TRUE or by selecting the corresponding check box in the commissioning editor. The substitute setpoint allows you to specify the setpoint temporarily directly at the slave, for example during commissioning or tuning. In this case, the interconnection of the output value of the master with the setpoint of the slave that is required for normal operation of the cascade control system does not have to be changed in the program 6590 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control In order for a master to influence the process or to carry out tuning, the substitute setpoint has to be deactivated at all downstream slaves. You can monitor the currently effective setpoint as it is used by the PID algorithm for calculation at the CurrentSetpoint tags. Operating modes and fault response (S7-1200, S7-1500) The master or slave of a PID_Temp instance does not change the operating mode of this PID_Temp instance. If a fault occurs at one of its slaves, the master remains in its current operating mode. If a fault occurs at its master, the slave remains in its current operating mode. However, further operation of the slave then depends on the fault and the configured fault response of the master since the output value of the master is used as the setpoint of the slave: If ActivateRecoverMode = TRUE is configured at the master. and the fault does not prevent the calculation of OutputHeat, the fault does not have any effect on the slave. If ActivateRecoverMode = TRUE is configured at the master and the fault prevents the calculation of OutputHeat, the master outputs the last output value or the configured substitute output value SubstituteOutput, depending on SetSubstituteOutput. This is then used by the slave as the setpoint. PID_Temp is preconfigured so that the substitute output value 0.0 is output in this case (ActivateRecoverMode = TRUE, SetSubstituteOutput = TRUE, SubstituteOutput = 0.0). Configure a suitable substitute output value for your application or activate the use of the last valid PID output value (SetSubstituteOutput = FALSE). If ActivateRecoverMode = FALSE is configured at the master, the master changes to the "Inactive" mode when a fault occurs and outputs OutputHeat = 0.0. The slave then uses 0.0 as the setpoint. The fault response is located in the output settings in the configuration editor. 13.1.5.5 Multi-zone controlling with PID_Temp (S7-1200, S7-1500) Introduction In a multi-zone control system, several sections, so-called zones, of a plant are controlled simultaneously to different temperatures. A multi-zone control system is characterized by the mutual influence of the temperature zones through thermal coupling, i.e. the process value of one zone can influence the process value of a different zone through thermal coupling. The strength that this influence has depends on the structure of the plant and the selected operating points of the zones. Example: Extrusion plant as it is used, for example, in plastics processing. The substance mixture that passes through the extruder has to be controlled to different temperatures for optimal processing. For example, different temperatures can be required at the filling point of the extruder than at the outlet nozzle. The individual temperature zones mutually influence each other through thermal coupling. When PID_Temp is used in multi-zone control systems, each temperature zone is controlled by a separate PID_Temp instance. WinCC Advanced V14 System Manual, 10/2016 6591 Using technology functions 13.1 PID control Observe the following explanations if you want to use the PID_Temp in a multi-zone control system. Separate pretuning for heating and cooling Initial commissioning of a plant as a rule begins with the carrying out of pretuning in order to carry out initial setting of the PID parameters and control to the operating point. The pretuning for multi-zone control systems is often carried out simultaneously for all zones. PID_Temp offers the possibility of carrying out pretuning for heating and cooling in one step (Mode = 1, Heat.EnableTuning = TRUE, Cool.EnableTuning = TRUE) for controllers with activated cooling and PID parameter changeover as the method for heating/cooling (Config.ActivateCooling = TRUE, Config.AdvancedCooling = TRUE). However, it is advisable not to use this tuning for simultaneous pretuning of several PID_Temp instances in a multi-zone control system. Instead, first carry out the pretuning for heating (Mode = 1, Heat.EnableTuning = TRUE, Cool.EnableTuning = FALSE) and the pretuning for cooling (Mode = 1, Heat.EnableTuning = FALSE, Cool.EnableTuning = TRUE) separately. Pretuning for cooling should not be started until all zones have completed pretuning for heating and have reached their operating points. This reduces mutual influencing through thermal coupling between the zones during tuning. Adapting the delay time If PID_Temp is used in a multi-zone control system with strong thermal couplings between the zones, you should ensure that the adaption of the delay time is deactivated for pretuning with PIDSelfTune.SUT.AdaptDelayTime = 0. Otherwise, the determination of the delay time can be incorrect if the cooling of a zone is prevented by the thermal influence of other zones during the adapting of the delay time (heating is deactivated in this phase). Temporary deactivation of cooling PID_Temp offers the possibility of deactivating cooling temporarily in automatic mode for controllers with active cooling (Config.ActivateCooling = TRUE) by setting DisableCooling = TRUE. This ensures that this controller does not cool in automatic mode during commissioning while the controllers of other zones have not yet completed tuning of heating. The tuning could otherwise be influenced negatively by the thermal coupling between the zones. Procedure You can proceed as follows during the commissioning of multi-zone control systems with relevant thermal couplings: 1. Set DisableCooling = TRUE for all controllers with activated cooling. 2. Set PIDSelfTune.SUT.AdaptDelayTime = 0 for all controllers. 3. Specify the desired setpoints (Setpoint parameter) and start pretuning for heating (Mode = 1, Heat.EnableTuning = TRUE, Cool.EnableTuning = FALSE) simultaneously for all controllers. 6592 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.1 PID control 4. Wait until all the controllers have completed pretuning for heating. 5. Set DisableCooling = FALSE for all controllers with activated cooling. 6. Wait until the process values of all the zones are steady and close to the respective setpoint. If the setpoint cannot be reached permanently for a zone, the heating or cooling actuator is too weak. 7. Start pretuning for cooling (Mode = 1, Heat.EnableTuning = FALSE, Cool.EnableTuning = TRUE) for all controllers with activated cooling. Note Limit violation of the process value If the cooling is deactivated in automatic mode with DisableCooling = TRUE, this can cause the process value to exceed the setpoint and the process value limits while DisableCooling = TRUE. Observe the process values and intervene, if appropriate, if you use DisableCooling. Note Multi-zone control systems For multi-zone control systems, the thermal couplings between the zones can result in increased overshoots, permanent or temporary violation of limits and permanent or temporary control deviations during commissioning or operation. Observe the process values and be ready to intervene. Depending on the system, it can be necessary to deviate from the procedure described above. Synchronization of several fine tuning processes If fine tuning is started from automatic mode with PIDSelfTune.TIR.RunIn = FALSE, PID_Temp tries to reach the setpoint with PID controlling and the current PID parameters. The actual tuning does not start until the setpoint is reached. The time required to reach the setpoint can be different for the individual zones of a multi-zone control system. If you want to carry out fine tuning for several zones simultaneously, PID_Temp offers the possibility to synchronize these by waiting with the further tuning steps after the setpoint has been reached. Procedure This ensures that all the controllers have reached their setpoint when the actual tuning steps start. This reduces mutual influencing through thermal coupling between the zones during tuning. Proceed as follows for controllers for whose zones you want to carry out fine tuning simultaneously: 1. Set PIDSelfTune.TIR.WaitForControlIn = TRUE for all controllers. These controllers have to be in automatic mode with PIDSelfTune.TIR.RunIn = FALSE. 2. Specify the desired setpoints (Setpoint parameters) and start fine tuning for all controllers. WinCC Advanced V14 System Manual, 10/2016 6593 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 3. Wait until PIDSelfTune.TIR.ControlInReady = TRUE at all controllers. 4. Set PIDSelfTune.TIR.FinishControlIn = TRUE for all controllers. All controllers then start the actual tuning simultaneously. 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.1 Introduction (S7-1200) 13.2.1.1 Motion functionality of the CPU S7-1200 (S7-1200) The TIA Portal, together with the motion control functionality of the CPU S71200, supports you in controlling stepper motors and servo motors: You configure the positioning axis and command table technology objects in the TIA Portal. The CPU S7-1200 uses these technology objects to control the outputs that control the drives. In the user program you control the axis by means of Motion Control instructions and initiate motion commands of your drive. See also Hardware components for motion control (Page 6595) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) Use of the command table technology object (Page 6695) Command table technology object tools (Page 6695) http://www.automation.siemens.com/mcms/topics/en/simatic/simatic-technology/integratedfunctions/simatic-s7-1200/Pages/Default.aspx (http://www.automation.siemens.com/mcms/ topics/en/simatic/simatic-technology/integrated-functions/simatic-s7-1200/Pages/ Default.aspx) 6594 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.1.2 Hardware components for motion control (S7-1200) The representation below shows the basic hardware configuration for a motion control application with the CPU S7-1200. 6,0$7,&6 , , , , , , , , , , , , , , 6LJQDOERDUG 5816723 (5525 0$,17 ', &38& '&'&'& ' ;31/$1 372 352),1(7 $4 +6& 'ULYHVDQGHQFRGHUV CPU S7-1200 CPU S7-1200 combines the functionality of a programmable logic controller with motion control functionality for operation of drives. The motion control functionality takes over the control and monitoring of the drives. Signal board You add further inputs and outputs to the CPU with the signal boards. You can use the digital outputs as pulse generator outputs for controlling drives as required. In CPUs with relay outputs, the pulse signal cannot be output on the onboard outputs because the relays do not support the necessary switching frequencies. To be able to work with the PTO (Pulse Train Output) on these CPUs, you must use a signal board with digital outputs. You can use the analog outputs for controlling connected analog drives as required. WinCC Advanced V14 System Manual, 10/2016 6595 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PROFINET Use the PROFINET interface to establish the online connection between the CPU S7-1200 and the programming device. In addition to the online functions of the CPU, additional commissioning and diagnostic functions are available for motion control. PROFINET continues to support the PROFIdrive profile for connecting PROFIdrive capable drives and encoders. Drives and encoders Drives permit the movement of the axis. Encoders provide the actual position for the closed loop position control of the axis. The table below shows the connection possibilities for drives and encoders: Drive connection Closed/open loop control of axis Encoder connection PTO (Pulse Train Output) Position-controlled - Position-controlled Encoder on high-speed counter (HSC) (Stepper motors and servo motors with pulse interface) Analog output (AQ) Encoder on technology module (TM) Encoder on PROFINET PROFINET Position-controlled Encoder on drive Encoder on high-speed counter (HSC) Encoder on technology module (TM) Encoder on PROFINET Ordering information for CPU firmware V4.1 The order information listed below applies to the currently installed product phase (without any installed Hardware Support Packages) of the TIA Portal. Name MLFB - article number CPU 1211C DC/DC/DC 6ES7211-1AE40-0XB0 CPU 1211C AC/DC/RLY 6ES7211-1BE40-0XB0 CPU 1211C DC/DC/RLY 6ES7211-1HE40-0XB0 CPU 1212C DC/DC/DC 6ES7212-1AE40-0XB0 CPU 1212C AC/DC/RLY 6ES7212-1BE40-0XB0 CPU 1212C DC/DC/RLY 6ES7212-1HE40-0XB0 CPU 1214C DC/DC/DC 6ES7214-1AG40-0XB0 CPU 1214C AC/DC/RLY 6ES7214-1BG40-0XB0 CPU 1214C DC/DC/RLY 6ES7214-1HG40-0XB0 CPU 1214FC DC/DC/DC 6ES7214-1AF40-0XB0 CPU 1214FC DC/DC/RLY 6ES7214-1HF40-0XB0 CPU 1215C DC/DC/DC 6ES7215-1AG40-0XB0 6596 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Name MLFB - article number CPU 1215C AC/DC/RLY 6ES7215-1BG40-0XB0 CPU 1215C DC/DC/RLY 6ES7215-1HG40-0XB0 CPU 1215FC DC/DC/DC 6ES7215-1AF40-0XB0 CPU 1215FC DC/DC/RLY 6ES7215-1HF40-0XB0 CPU 1217C DC/DC/DC 6ES7217-1AG40-0XB0 Signal board DI4 x DC 24 V (200 kHz) 6ES7221-3BD30-0XB0 Signal board DI4 x DC 5 V (200 kHz) 6ES7 221-3AD30-0XB0 Signal board DQ4 x DC 24 V (200 kHz) 6ES7222-1BD30-0XB0 Signal board DQ4 x DC 5 V (200 kHz) 6ES7222-1AD30-0XB0 Signal board DI2/DQ2 x DC 24 V (20 kHz) 6ES7223-0BD30-0XB0 Signal board DI2/DQ2 x DC 24 V (200 kHz) 6ES7223-3BD30-0XB0 Signal board DI2/DQ2 x DC 5 V (200 kHz) 6ES7223-3AD30-0XB0 Signal board AQ1 x 12 bit (10 V, 0 to 20 mA) 6ES7 232-4HA30-0XB0 Use a Hardware Support Package (HSP) to install new hardware components. The hardware component will then be available in the hardware catalog. See also Motion functionality of the CPU S7-1200 (Page 6594) CPU outputs relevant for motion control (Page 6597) 13.2.2 Basics for working with S7-1200 Motion Control (S7-1200) 13.2.2.1 Stepper motor on the PTO (S7-1200) CPU outputs relevant for motion control (S7-1200) The number of usable drives depends on the number of PTOs (pulse train outputs) and the number of available pulse generator outputs. The following tables provide information about the relevant dependencies: Maximum number of PTOs 4 PTOs are available for each CPU with technology version V4. This means a maximum of 4 drives can be controlled. WinCC Advanced V14 System Manual, 10/2016 6597 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Signal type of the PTO Depending on the signal type of the PTO, 1-2 pulse generator outputs are required per PTO (drive): Signal type 1 Number of pulse generator outputs Pulse A and direction B (direction output disa bled)1 1 Pulse A and direction B 1 2 Clock up A and clock down B 2 A/B phase-shifted 2 A/B phase-shifted - quadruple 2 The direction output must be on-board or on a signal board. Usable pulse generator outputs and limit frequencies The relay variants of the CPUs can only access the pulse generator outputs of a signal board. Depending on the CPU and signal board, the following pulse signal generator outputs can be used with the following limit frequencies: On-board Q0.4 Q0.5 Q0.6 Q0.7 Q1.0 Q1.1 CPU 1211 (DC/DC/ DC) 100 kHz 100 kHz 100 kHz 100 kHz Q0.0 - - - - - - CPU 1212 (DC/DC/ DC) 100 kHz 100 kHz 100 kHz 100 kHz 20 kHz 20 kHz - - - - CPU 1214(F) (DC/DC/ DC) 100 kHz 100 kHz 100 kHz 100 kHz 20 kHz 20 kHz 20 kHz 20 kHz 20 kHz 20 kHz CPU 1215(F) (DC/DC/ DC) 100 kHz 100 kHz 100 kHz 100 kHz 20 kHz 20 kHz 20 kHz 20 kHz 20 kHz 20 kHz 100 kHz 100 kHz 100 kHz 100 kHz CPU 1217 (DC/DC/ DC) Q0.1 Q0.2 Q0.3 1 MHz 1 MHz 1 MHz 1 MHz Qx.0 Qx.1 Qx.2 Qx.3 - - - - - - Signal board DI2/DQ2 x DC24V 20kHz 20 kHz 20 kHz - - - - - - - - Signal board DI2/DQ2 x DC24V 200kHz 200 kHz 200 kHz - - - - - - - - Signal board DQ4 x DC24V 200kHz 200 kHz 200 kHz 200 kHz 200 kHz - - - - - - Signal board DI2/DQ2 x DC5V 200kHz 200 kHz 200 kHz - - - - - - Signal board DQ4 x DC5V 200kHz 200 kHz 200 kHz 200 kHz 200 kHz - - - - - - Signal board - - 100 kHz 100 kHz The low limit frequency is always 1Hz. 6598 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The pulse generator outputs can be freely assigned to the PTOs. Note If pulse generator outputs with different limit frequencies are used in accordance with the signal type, the low limit frequency is used in each case. Signal type "Pulse A and direction B" is an exception. With this type of signal, the limit frequency of the pulse generator output is always used. Note Access to pulse generator outputs via the process image The firmware takes control via the corresponding pulse generator and direction outputs if the PTO (Pulse Train Output) is selected and assigned to an axis. With this takeover of the control function, the connection between the process image and I/O output is also disconnected. Although the user has the option of writing the process image of pulse generator and direction outputs via the user program or watch table, this is not transferred to the I/O output. Accordingly, it is also not possible to monitor the I/O output via the user program or watch table. The information read reflects the value of the process image and does not match the real status of the I/O output. For all other CPU outputs that are not used permanently by the CPU firmware, the status of the I/O output can be controlled or monitored via the process image, as usual. Outputs for drive signals For motion control, you can optionally parameterize a drive interface for "Drive enabled" and "Drive ready". When using the drive interface the digital output for the drive enable and the digital input for "drive ready" can be freely selected. Acceleration/deceleration limits The following limits apply to acceleration and deceleration: Acceleration/deceleration Value Minimum acceleration/deceleration 5.0E-3 pulses/s2 Maximum acceleration/deceleration 9.5E+9 pulses/s2 Jerk limits The following limits apply to the jerk: WinCC Advanced V14 System Manual, 10/2016 Jerk Value Minimum jerk 4.0E-3 pulses/s3 Maximum jerk 1.0E+10 pulses/s3 6599 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also CPU outputs relevant for motion control (technology version V1...3) (Page 6818) How the pulse interface works (Page 6600) Relationship between the signal type and the direction of travel (Page 6600) Hardware and software limit switches (Page 6618) Jerk limit (Page 6619) Homing (Page 6620) Hardware components for motion control (Page 6595) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) How the pulse interface works (S7-1200) Depending on the settings of the stepper motor, each pulse affects the movement of the stepper motor by a specific angle. If the stepper motor is set to 1000 pulses per revolution, for example, it moves 0.36 per pulse. The speed of the stepper motor is determined by the number of pulses per time unit. 6ORZ )DVW (The statements made here also apply to servo motors with pulse interface.) See also CPU outputs relevant for motion control (Page 6597) Relationship between the signal type and the direction of travel (Page 6600) Hardware and software limit switches (Page 6618) Jerk limit (Page 6619) Homing (Page 6620) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) Relationship between the signal type and the direction of travel (S7-1200) The CPU outputs the velocity and direction of travel via two outputs. 6600 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The relationships between the configuration and direction of travel differ depending on the selected signal type. You can configure the following signal types in the axis configuration under "Basic parameters > General": "PTO (pulse A and direction B)" "PTO (clock up A and clock down B)" (as of V4) "PTO (A/B phase-shifted)" (as of V4) "PTO (A/B phase-shifted - quadruple)" (as of V4) You configure the direction under "Extended Parameters > Mechanics" in the axis configuration. If you select the "Invert direction" option, the direction logic described below for the respective signal type is inverted. PTO (pulse A and direction B) The pulse output pulses and the direction output level are evaluated for this signal type. The pulses are output via the pulse output of the CPU. The direction output of the CPU specifies the direction of rotation of the drive: 5 V/24 V at direction output positive direction of rotation 0 V at direction output negative direction of rotation The specified voltage depends on the hardware used. The indicated values do not apply to the differential outputs of CPU 1217. 3RVLWLYH WUDYHOGLUHFWLRQ 1HJDWLYH WUDYHOGLUHFWLRQ 8 99 3XOVHRXWSXW 9 W 99 'LUHFWLRQRXWSXW 9 W PTO (clock up A and clock down B) (as of V4) The pulses of one output are evaluated for this signal type. The pulse for the positive direction is output via the "Pulse output up" The pulse for the negative direction is output via the "Pulse output down" The specified voltage depends on the hardware used. The indicated values do not apply to the differential outputs of CPU 1217. WinCC Advanced V14 System Manual, 10/2016 6601 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 3RVLWLYH WUDYHOGLUHFWLRQ 1HJDWLYH WUDYHOGLUHFWLRQ 8 99 3XOVHRXWSXWXS 9 W 99 3XOVHRXWSXWGRZQ 9 W PTO (A/B phase-shifted) (as of V4) The positive edges of one output in each case are evaluated for this signal type. The pulse is output via the "Signal A" output and phase-shifted via the "Signal B" output. The phase shifting between the outputs defines the direction of rotation: Signal A leads signal B by 90 positive direction of rotation Signal B leads signal A by 90 negative direction of rotation PTO (A/B phase-shifted - quadruple) (as of V4) The positive and negative edges of both outputs are evaluated for this signal type. A pulse period has four edges with two phases (A and B). The pulse frequency at the output is therefore reduced to a quarter. The pulse is output via the "Signal A" output and phase-shifted via the "Signal B" output. The phase shifting between the outputs defines the direction of rotation: Signal A leads signal B by 90 positive direction of rotation Signal B leads signal A by 90 negative direction of rotation The specified voltage depends on the hardware used. The indicated values do not apply to the differential outputs of CPU 1217. 6602 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) SRVLWLYH GLUHFWLRQRIWUDYHO QHJDWLYH GLUHFWLRQRIWUDYHO 372 $% SKDVHVKLIWHG 9 99 6LJQDO$ 9 W 99 6LJQDO% 9 W 372 $% SKDVHVKLIWHG IRXUIROG 9 99 6LJQDO$ 9 W 99 6LJQDO% 9 W Invert direction If you select the "Invert rotation signal" option, the direction logic is inverted: PTO (pulse A and direction B) - 0 V at direction output (low level) positive direction of rotation - 5 V/24 V at direction output (high level) negative direction of rotation The specified voltage depends on the hardware used. The voltages indicated do not apply to the differential outputs of CPU 1217. PTO (clock up A and clock down B) The outputs "Pulse output down" and "Pulse output up" are swapped. WinCC Advanced V14 System Manual, 10/2016 6603 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PTO (A/B phase-shifted) The "Signal A" and "Signal B" outputs are swapped. "PTO (A/B phase-shifted - quadruple) The "Signal A" and "Signal B" outputs are swapped. See also CPU outputs relevant for motion control (Page 6597) How the pulse interface works (Page 6600) Hardware and software limit switches (Page 6618) Jerk limit (Page 6619) Homing (Page 6620) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) 13.2.2.2 PROFIdrive drive / analog drive connection (S7-1200) Drive and encoder connection (S7-1200) A drive and an encoder are assigned to a positioning axis with drive connection via PROFIdrive/ analog drive connection. Drives with PROFIdrive capability are connected by means of PROFIdrive telegrams. The setpoint is specified via PROFIdrive telegrams. Drives with analog setpoint interfaces are connected using an analog output and an optional enable signal. The setpoint is specified via an analog output. Options for connecting Drives with PROFIdrive capability are connected via the PROFINET interface of the CPU. Drives with analog setpoint interface are connected with the CPU via one of the following connections: Analog output via signal board Analog output on-board Analog output via analog output module The following connection options are available for an encoder: Encoder on the PROFIdrive drive Encoder on technology module 6604 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PROFIdrive encoder directly on PROFINET IO (With these encoders, the encoder value is always transferred via PROFIdrive telegrams per PROFIBUS or PROFINET.) Encoder on high speed counter (HSC) With this connection option, the encoder signals are connected directly to an HSC, which forms the encoder values from them. Depending on the CPU in use, up to 6 HSC encoders can be used. Maximum number of axes You can control up to a maximum of 8 drives via PROFIdrive or the analog drive connection (the number is independent of the simulation status of the axis). Automatic transfer of drive and encoder parameters in the device (S7-1200) For operation, identical reference values for the drive and encoder connections must be set in the controller and in the drive and encoder. The speed setpoint NSET and the actual speed value NACT are transferred in the PROFIdrive telegram as a percentage of the reference speed. The reference value for the speed must be set identically in the controller and in the drive. The resolution of the actual value in the PROFIdrive telegram must likewise be set identically in the controller and in the drive and encoder modules Automatic transfer of parameters For SINAMICS drives as of V4.x and PROFIdrive encoders as of product version A16, the drive and encoder parameters can be automatically transferred to the CPU. The corresponding parameters are transferred after the (re)initialization of the technology object and (re)start of the drives and the CPU. Changes in the drive configuration are transferred after restart of the drive or technology object. The successful transfer of the parameters can be verified in the controller in the variables of the <TO>.StatusDrive.AdaptionState = 1 and <TO>.StatusSensor[1].AdaptionState = 1 technology objects. Parameters The controller settings are made in the TIA Portal under "Technology object > Configuration > Basic parameters > Drive/encoder". The drive and encoder settings are made in the configuration or the respective hardware. WinCC Advanced V14 System Manual, 10/2016 6605 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The following table compares the settings in the TIA Portal and the corresponding drive/ encoder parameters: Setting in the TIA Portal Controller variable in the technology data block Drive parameter Automatic transfer Drive Telegram number Input address telegram <TO>.Actor.Interface.AddressIn Telegram number P922 - Output address telegram <TO>.Actor.Interface.AddressOut Reference speed in [1/min] <TO>.Actor.DriveParameter.Reference Speed (SINAMICS drives: P2000) X Maximum speed of motor in [1/min] <TO>.Actor.DriveParameter.MaxSpeed (SINAMICS drives: P1082) X Drive <TO>.Actor.Type - - 0 = analog drive connection 1 = PROFIdrive 2 = PTO (pulse train output) Encoder Telegram <TO>.Sensor[n].Interface.AddressIn P922 - Encoder type <TO>.Sensor[n].System P979[1] Bit0 Encoder 1 X Linear incremental 0: Rotary Linear absolute 1: Linear P979[11] Bit0 Encoder 2 Rotary incremental <TO>.Sensor[n].Type P979[5] Encoder 1 Rotary absolute 0: Incremental 1: Absolute P979[15] Encoder 2 Resolution (linear encoder) <TO>.Sensor[n].Parameter.Resolution P979[2] Encoder 1 <TO>.Sensor[n].Interface.Addressout The grid spacing is specified on the name plate of the encoder as a separation dis tance of the marks on the linear measuring system. - X P979[12] Encoder 2 Steps per revolution (rotary encoder) <TO>.Sensor[n].Parameter.StepsPerRe volution P979[2] Encoder 1 Number of bits for fine resolution XIST1 (cyclic actual encoder value, linear or ro tary encoder) <TO>.Sensor[n].Parameter.FineResolu tionXist1 P979[3] Encoder 1 Number of bits for fine resolution XIST2 (absolute encoder value, linear or rotary encoder) <TO>.Sensor[n].Parameter.FineResolu tionXist2 P979[4] Encoder 1 Differentiable encoder revolutions (rotary absolute encoder) <TO>.Sensor[n].Parameter.Determina bleRevolutions P979[5] Encoder 1 X P979[12] Encoder 2 X P979[13] Encoder 2 X P979[14] Encoder 2 X P979[15] Encoder 2 See also Configuration - Drive - PTO (Pulse Train Output) (Page 6640) Configuration - Drive - Analog drive connection (Page 6643) 6606 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Drive - PROFIdrive (Page 6644) Configuration - Encoder - Encoder on PROFINET/PROFIBUS (Page 6646) Configuration - Encoder - Encoder on high-speed counter (HSC) (Page 6648) PROFIdrive (S7-1200) PROFIdrive is the standardized standard profile for drive technology in the connection of drives and encoders via PROFINET IO. Drives and encoders that support the PROFIdrive profile are connected according to the PROFIdrive standard. Communication between controller and drive/encoder is by means of various PROFIdrive telegrams. Each of the telegrams has a standardized structure. Depending on the application, you can select the applicable telegram. Control words and status words as well as setpoints and actual values are transmitted in the PROFIdrive telegrams. Telegrams for PROFIdrive The setpoint of a positioning axis is transferred to a drive via PROFIdrive telegram 1, 2 3 or 4. The encoder value is transmitted either in a telegram together with the setpoint (telegram 3 and 4), or in a separate encoder telegram (telegram 81 or telegram 83). The following table shows the supported PROFIdrive telegrams for the assignment of drives and encoders: Telegram Brief description Standard telegrams 1 16 bit speed setpoint (NSET) 16 bit actual speed (NACT) 2 32 bit speed setpoint (NSET) 32-bit actual speed (NACT) Signs of life 3 32 bit speed setpoint (NSET) 32-bit actual speed (NACT) 1 encoder Signs of life 4 32 bit speed setpoint (NSET) 32-bit actual speed (NACT) 2 encoders Signs of life Standard telegrams encoder 81 1 encoder Signs of life 83 32-bit actual speed (NACT) 1 encoder Signs of life WinCC Advanced V14 System Manual, 10/2016 6607 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Closed loop control (S7-1200) Drives which are connected via PROFIdrive or an analog drive interface are generally operated under position control. If service is required, the axis can also be operated without position control. The position controller is a P controller with precontrol of velocity. Controller structure The following figure shows the controller structure of an S7-1200 Motion Control: &RQWUROOHU 'ULYH 3UHFRQWURO ,QWHUSRODWRU YVHWSRLQW 3UHFRQWUROYDOXH 3RVLWLRQFRQWUROOHU 6SHHGFRQWUROOHU QVHWSRLQW QDFWXDO [VHWSRLQW [DFWXDO QDFWXDO The MC-Interpolator [OB92] calculates the setpoint position for the axis. The difference between the setpoint and actual position is multiplied by the gain factor of the position controller. The resulting value is added to the precontrol value and output as setpoint speed to the drive via PROFIdrive or analog output. The encoder records the actual position of the axis and returns it to the controller via a PROFIdrive telegram or an HSC (high speed counter). Data connection PROFIdrive drive / PROFIdrive encoder (S7-1200) The data connection of PROFIdrive drives and PROFIdrive encoders occurs either directly via the PROFIdrive telegram or via a data block. Use the connection via data block if you want to influence or evaluate telegram contents in the user program for process-specific reasons. Principle of data connection directly to the drive/encoder The following simplified function chart shows the direct data connection to PROFIdrive drives and PROFIdrive encoders by means of telegrams: 6608 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 0&6HUYR >2%@ 3,32%6HUYR 0&,QWHUSRODWRU >2%@ 3,32%6HUYR 352),GULYHGULYHHQFRGHU W The organization block "MC-Servo" calculates the position controller. At the start of "MC-Servo", the input telegram of the drive or encoder is read ( -> -> ). If an organization block "MC-PreServo" was added, the telegram is read at the beginning of "MC-PreServo". At the end of "MC-Servo", the output telegram is written to the drive or encoder ( -> -> ). If an organization block "MC-PostServo" was added, the telegram is written at the end of "MC-PostServo". In every Motion application cycle, the organization block "MC-Interpolator" is called after the "MC-Servo". In "MC-Interpolator", the Motion Control instructions are evaluated, setpoints are generated for the next Motion appli cation cycle and the technology object is monitored. The process image partition "PIP OB servo" of the inputs is updated in the Motion application cycle. The process image partition "PIP OB servo" of the outputs is updated in the Motion application cycle. Telegram exchange via the I/O addresses of the controller and the drive or the encoder. PROFIdrive drive or PROFIdrive encoder Principle of data connection via data block The following simplified function chart shows the data connection to PROFIdrive drives and PROFIdrive encoders via data block: The following sections provide details on the execution. To influence or evaluate telegram contents for process-specific reasons, a data block must be connected in between as a data interface (see and ). To do this, use the organization blocks "MC-PreServo" and "MC-PostServo" to achieve a high quality of position control. In this case, the telegram exchange via the I/O addresses of the controller and the drive or the encoder has to be programmed in the user program of the "MC-PreServo" and the "MCPostServo". The organization blocks "MC-PreServo" and "MC-PostServo" can be added in the project tree with the command "Add new block". WinCC Advanced V14 System Manual, 10/2016 6609 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 0&6HUYR >2%@ 0&3UH6HUYR >2%@ 0&3RVW6HUYR >2%@ 3,32%6HUYR 0&,QWHUSRODWRU >2%@ 3,32%6HUYR 352),GULYHGULYHHQFRGHU W The "MC-PreServo" is called before the "MC-Servo". In the user program of the "MC-PreServo", transfer the content of the input telegram from the process image partition "PIP OB servo" to the data block of the data interface. In the other user program of the "MC-PreServo", the input area of the telegram can be processed or evaluated. The organization block "MC-Servo" calculates the position controller. At the start of "MC-Servo", the input telegram of the drive or encoder is read from the data block of the data interface ( -> ). At the end of "MC-Servo", the output telegram of the drive or encoder is written to the data block of the data interface ( -> ). The "MC-PostServo" is called after the "MC-Servo". In the user program of the "MC-PostServo", the output area of the telegram can be processed or evaluated. At the end of the user program of the "MC-PostServo", transfer the content of the output telegram from the data interface of the data block to the process image partition "PIP OB servo" . In every Motion application cycle, the organization block "MC-Interpolator" is called after the "MC-PostServo". In "MC-Interpolator", the Motion Control instructions are evaluated, setpoints are generated for the next Motion appli cation cycle and the technology object is monitored. The process image partition "PIP OB servo" of the inputs is updated in the Motion application cycle. The process image partition "PIP OB servo" of the outputs is updated in the Motion application cycle. Telegram exchange via the I/O addresses of the controller and the drive or the encoder. PROFIdrive drive or PROFIdrive encoder Basic procedure for the data connection via a data block To use the data connection via the data block, follow the steps described below. The data connection can be configured separately for a PROFIdrive drive and encoder. 6610 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Creating the data block for data connection The data block for the data connection must be created by the user. The data block must contain a data structure of data type "PD_TELx" for the data connection. Here, "x" stands for the telegram number of the drive or encoder configured in the device configuration. To create the data block, follow the steps described below: 1. Create a new data block of type "Global DB". 2. Select the data block in the project tree and select the shortcut menu command "Properties". 3. Under Attributes, disable the following attributes and confirm with OK "Only store in load memory" "Data block write-protected in the device" "Optimized block access" 4. Open the data block in the block editor. 5. Insert a "PD_TELx" type variable in the block editor. This variable contains the "Input" variable structure for the input area of the telegram and the "Output" variable structure for the output area of the telegram. Note "Input" and "Output" relate to the view of the closed loop position control. For example, the input area contains the actual values of the drive and the output area contains the setpoints for the drive. The data block may contain the data structures of multiple axes and encoders and other contents. Configuring data connection via a data block Proceed as decribed below for the configuration of the axis: 1. Open the configuration window "Hardware interface > Drive" or "Hardware interface > Encoder". 2. In the Data block drop-down list, select "Data block". 3. In the "Data block" field, select the previously created data block. Open this data block and select the tag name defined for the drive or encoder. Adding a PLC variable for telegram access To enable access to the input and output areas of the telegram, create the following PLC variable. For the PLC variable of the input area, follow the steps described below: 1. Open the "PLC variables" folder in the project tree and have all variables displayed. 2. Add a new variable and assign a unique name, made up for example from the name of the axis or the encoder, the telegram type and the address area. WinCC Advanced V14 System Manual, 10/2016 6611 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 3. Enter the type "PD_TELx_IN" textually in the "Data type" column. 4. Enter the telegram input address of the drive/encoder in the "Address" column. You can find the address in the device configuration of the drive or encoder. Follow the same procedure for the PLC variable of the output area and select "PD_TELx_OUT" as the data type and the telegram output address of the drive/encoder as the address. Programming MC-PreServo and MC-PostServo MC-PreServo The user program of the "MC-PreServo" must read the input area of the telegram and transfer it to the data block of the data connection. Assign the previously defined PLC tag of the input area to the tag structure "Input" of the data block in the "MC-PreServo" user program. With further instructions, you can edit the data of the tag structure "Input" of the data block before it is then transferred to "MC-Servo" and processed in MC_Servo" . MC-PostServo After it has been processed, "MC-Servo" transfers the output area of the telegram to the tag structure "Output" of the data block. The content of the tag structure "Output" of the data block must be written to the telegram output address in the "MC-PostServo" user program. Assign the "Output" tag structure of the data block to the previously defined PLC tag of the output area in the "MC-PostServo" user program. If the output area is to be modified, this must be done before the assignment instruction. NOTICE Machine damage Improper manipulation of drive and encoder telegrams may result in unwanted movements of the drive. Check your user program in regard to consistency in the drive and encoder connection. See also PROFIdrive frame (Page 6743) Configuration - Drive - PROFIdrive (Page 6644) Configuration - Encoder - Encoder on PROFINET/PROFIBUS (Page 6646) Data connection drive with analog drive connection (Page 6613) Organization Blocks for Motion Control (Page 6614) 6612 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Data connection drive with analog drive connection (S7-1200) The data connection of drives with analog drive interface can alternatively be made via a data block. Use the connection via a data block if you want to adapt the analog setpoint in the user program for process-related reasons. Principle of data connection via data block At the end of position control by MC-Servo [OB91], the setpoint of the analog drive is written to the assigned analog output. To adapt the analog setpoint for process-related reasons, a data interface via a data block must be connected in between. The setpoint of the analog drive can be edited via the MC-PostServo [OB95] organization block in the data block and can then be written to the I/O address. The MC-PostServo is called after the MC-Servo. The organization block MC-PostServo can be programmed by the user and must be added with the command "Add new block". The procedure in principle To use the data connection via the data block, follow the steps described below. The data connection can be configured separately for drives with analog drive interface and PROFIdrive encoders. You can find information on data connection of the PROFIdrive encoders in the section Data connection PROFIdrive drive / PROFIdrive encoder (Page 6608). Creating the data block for data connection The data block must be created on the user side. To create the data block, follow the steps described below: 1. Create a new data block of type "Global DB". 2. Select the data block in the project tree and select "Properties" from the shortcut menu. 3. Under Attributes, disable the following attributes and confirm with OK "Only store in load memory" "Data block write-protected in the device" "Optimized block access" 4. Open the data block in the block editor. 5. Insert a variable of the "WORD" data type in the block editor. Configuring data connection via a data block Proceed in the configuration as described below ("Analog drive connection" must be selected in the Basic parameters > General configuration window): 1. Open the configuration window Basic parameters > Drive. 2. Select the previously defined variable of the data block in the "Analog output" box. WinCC Advanced V14 System Manual, 10/2016 6613 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Set analog output address in the process image TPA OB Servo To achieve a good level of control quality, the address area of the analog output must be within the "TPA OB Servo" process image. Proceed as described below: 1. Open the module of the analog output in the device configuration. 2. Open the "General" tab 3. Select the "I/O addresses" 4. Select the organization block "MC-Servo". "TPA OB Servo" is automatically selected as the process image. 5. Assign a variable name to the analog output in the "I/O variables" tab. Program MC-PostServo Assign the variable of the data block to the variable of the analog output in the MCPostServouser program. At the end of MC-PostServo , the output area of "TPA OB Servo" is written to the I/O. WARNING Improper manipulation of the drive setpoint may endanger humans and machines. Take adequate precautions to prevent danger to humans and machines. Process response (S7-1200) Organization Blocks for Motion Control (S7-1200) Description When you create a "Positioning axis" technology object with a PROFIdrive drive or with an analog drive interface, organization blocks for processing the technology objects are created automatically. The Motion Control functionality of the technology objects creates its own execution level, and is called according to the Motion Control application cycle. The following blocks are created: MC-Servo [OB91] Calculation of the Position Controller MC-Interpolator [OB92] Evaluation of the motion control instructions, generation of setpoints and monitoring functionality The organization blocks are protected (know-how protection). The program code cannot be viewed or changed. 6614 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The frequency relationship of the two organization blocks to one another is always 1:1. MCServo [OB91] is always executed before MC-Interpolator [OB92]. You can set the Motion Control application cycle and the priority of the organization blocks according to your requirements for control quality and system load. Motion Control application cycle You can set the Motion Control application cycle, in which the MC-Servo [OB91] is called, in the properties of the organization block in "General > Cycle Time". The MC-Servo [OB91] is called cyclically with the specified "application cycle". The selected Motion Control application cycle must be long enough to be able to process all technology objects in one cycle. If the processing time of the technology objects is longer than the application cycle, overflows (Page 6616) will occur. To avoid disruptions in the program execution on the CPU, set the Motion Control application cycle depending on the number of axes used as follows: Motion Control application cycle = 2 ms + (number of position-controlled axes x 2 ms) The following table shows the resulting Motion Control application cycle as an example according to the number of position-controlled axes: Number of axes Motion Control application cycle 1 4 ms 2 6 ms 4 8 ms 8 10 ms For SINAMICS, the following should continue to apply: Motion Control application cycle (MC-Servo) SINAMICS drive process image (parameter P2048) bus clock cycle All times should be selected as integral multiples of one another. Priority You can configure the priority of the organization blocks as needed in their properties under "General > Properties > Priority": MC-Servo [OB91] Priority 17 to 26 (default value 25) MC-Interpolator [OB92] Priority 17 to 26 (default value 24) The priority of MC-Servo [OB91] must be at least one higher than the priority of the MCInterpolator [OB92]. WinCC Advanced V14 System Manual, 10/2016 6615 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) MC-PreServo [OB67] and MC-PostServo [OB95] Organization blocks MC-PreServo [OB67] and MC-PostServo [OB95] are programmable and are called in the configured application cycle. MC-PreServo [OB67] is called directly before MC-Servo [OB91]. MC-PostServo [OB95] is called directly after MC-Servo [OB91]. See also Data connection PROFIdrive drive / PROFIdrive encoder (Page 6608) Process image partition "PIP OB Servo" (S7-1200) For optimal control, assign all I/O modules used by Motion Control (e.g. for technology modules, hardware limit switches) to the process image partition "PIP OB servo". The assignment causes the I/O modules to be processed simultaneously with the technology object. Operational Sequence and Timeouts (S7-1200) When processing the Motion Control functionality, the organization blocks MC-Servo [OB91] and MC-Interpolator [OB92] are called and processed in each application cycle (processing also occurs in the STOP operating state of the CPU). The remaining cycle time is available for the processing of your user program. For error-free program execution, keep to the following rules: In each application cycle, MC-Servo [OB91] must be started and executed completely. In every application cycle, the relevant MC-Interpolator [OB92] must at least be started. The following figure shows an example of the error-free operational sequence for the processing of organization block OB1: $SSOLFDWLRQF\FOH 0&6HUYR>2%@ 6 0&,QWHUSRODWRU>2%@ 6 , 6 , W 6 , , W 2% W VWF\FOH2% QGF\FOH2% Overflows If the set application cycle is not adhered to, for example because the application cycle is too short, overflows can occur. 6616 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) An overflow of the MC-Servo [OB91], MC-Interpolator [OB92], MC_PreServo [OB67] and MC_PostServo [OB95] is entered in the diagnostic buffer of the CPU and results in setting the CPU to STOP. MC-PreServo, MC-Servo, MC-PostServo and MC-Interpolator are stopped. If necessary, you can evaluate the entry in the diagnostic buffer via a time error OB (OB80). Operating modes (S7-1200) This section examines the behavior of Motion Control in each operating mode, and in the transitions between operating modes. A general description of the operating modes can be found in system manual S7-1200. Operating modes and transitions The CPU has three operating modes: STOP, STARTUP and RUN. The following figure shows the operating modes and the operating mode transitions: 6723 67$5783 581 STOP mode In STOP mode the user program is not processed and all process outputs are disabled. Thus no Motion Control jobs are executed. The technology data blocks of the position-controlled axes are updated. STARTUP mode Before the CPU starts processing of the cyclical user program, the startup OBs are processed one time. In STARTUP mode, the process outputs are disabled. Motion Control jobs are rejected. The technology data blocks of the position-controlled axes are updated. RUN mode The user program is processed in RUN mode. In RUN mode, the Motion Control commands programmed in OB1 are called and processed cyclically (other execution levels are possible). The technology data blocks are updated. WinCC Advanced V14 System Manual, 10/2016 6617 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Operating mode transitions The following table shows the behavior of Motion Control in the transitions between the operating modes: No. Operating mode transition Behavior POWER ON STOP The CPU performs a restart of the technology objects. The technology objects are reinitialized with the values from the load memory. STOP STARTUP The technology objects are initialized with the start values of the CPU. STARTUP RUN The process outputs are enabled. RUN STOP When the CPU changes to RUN mode after STOP mode, all technology objects are disabled in accordance with the error response "remove enablement". Run ning Motion Control jobs are terminated. 13.2.2.3 Hardware and software limit switches (S7-1200) Use the hardware and software limit switches to limit the "permitted traversing range" and the "working range" of your positioning axis technology object. The relationships are shown in the following diagram: SHUPLWWHGWUDYHUVLQJUDQJH ZRUNLQJUDQJH V PHFKDQLFDO VWRS +:OLPLWVZLWFK 6:OLPLWVZLWFK 6:OLPLWVZLWFK +:OLPLWVZLWFK PHFKDQLFDO VWRS Hardware limit switches are limit switches that limit the maximum "permitted traversing range" of the axis. Hardware limit switches are physical switching elements that must be connected to interrupt-capable inputs of the CPU. Software limit switches limit the "working range" of the axis. They should fall inside the hardware limit switches relative to the traversing range. Since the positions of the software limit switches can be flexibly set, the working range of the axis can be adapted on an individual basis, depending on the current traversing profile. In contrast to hardware limit switches, software limit switches are implemented exclusively via the software and do not require their own switching elements. Hardware and software limit switches must be activated prior to use in the configuration or in the user program. Software limit switches are only active after homing the axis. See also CPU outputs relevant for motion control (Page 6597) How the pulse interface works (Page 6600) Relationship between the signal type and the direction of travel (Page 6600) 6618 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Jerk limit (Page 6619) Homing (Page 6620) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) Position limits (Page 6652) 13.2.2.4 Jerk limit (S7-1200) With the jerk limit you can reduce the stresses on your mechanics during an acceleration and deceleration ramp. The acceleration and deceleration value is not changed abruptly when the jerk limiter is active; it is gradually increased and decreased. The figure below shows the velocity and acceleration curve without and with jerk limit. Travel without jerk limit Travel with jerk limit Y Y W W D D W W The jerk limit gives a "smoothed" velocity profile of the axis motion. This ensures, for example, soft starting and braking of a conveyor belt. See also Behavior of the axis when using the jerk limit (Page 6662) CPU outputs relevant for motion control (Page 6597) How the pulse interface works (Page 6600) Relationship between the signal type and the direction of travel (Page 6600) Hardware and software limit switches (Page 6618) Homing (Page 6620) WinCC Advanced V14 System Manual, 10/2016 6619 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) 13.2.2.5 Homing (S7-1200) Homing means matching the axis coordinates of the technology object to the real, physical location of the drive. For position-controlled axes the entries and displays for the position refer exactly to these axis coordinates. Therefore, agreement between the axis coordinates and the real situation is extremely important. This step is necessary to ensure that the absolute target position of the axis is also achieved exactly with the drive. In the S7-1200 CPU, axis homing is implemented with the motion control instruction, "MC_Home". The "Homed" status is displayed in the tags of the technology object <Axis name>.StatusBits.HomingDone . The following homing modes exist: Homing modes Active homing In active homing mode, the motion control instruction "MC_Home" performs the required reference point approach. When the homing switch is detected, the axis is homed according to the configuration. Active traversing motions are aborted. Passive homing During passive homing, the "MC_Home" Motion Control instruction does not carry out any homing motion. The traversing motion required for this must be implemented by the user via other Motion Control instructions. When the homing switch is detected, the axis is homed according to the configuration. Active traversing motions are not aborted upon start of passive homing. Direct homing absolute The axis position is set regardless of the homing switch. Active traversing motions are not aborted. The value of input parameter "Position" of motion control instruction "MC_Home" is set immediately as the reference point of the axis. Direct homing relative The axis position is set regardless of the homing switch. Active traversing motions are not aborted. The following statement applies to the axis position after homing: New axis position = current axis position + value of parameter "Position" of instruction "MC_Home". 6620 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Resetting the "Homed" status The "Homed" status of a technology object (<Axis name>.StatusBits.HomingDone) is reset under the following conditions: Drive connection via PTO (Pulse Train Output): - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Disabling of axis by the "MC_Power" Motion Control instruction - Changeover between automatic mode and manual control - After POWER OFF -> POWER ON of the CPU - After CPU restart (RUN-STOP -> STOP-RUN) Technology objects with incremental actual values: - Start an "MC_Home" command for active homing (After successful completion of the homing operation, the "Homed" status is set again.) - Error in the encoder system, or encoder failure - Restart of the technology object - After POWER OFF POWER ON of the CPU - Memory reset - Modification of the encoder configuration Technology objects with absolute actual values: - Errors in the sensor system/encoder failure - Replacement of the CPU - Modification of the encoder configuration - Restoration of the CPU factory settings - Transfer of a different project to the controller See also CPU outputs relevant for motion control (Page 6597) How the pulse interface works (Page 6600) Relationship between the signal type and the direction of travel (Page 6600) Hardware and software limit switches (Page 6618) Jerk limit (Page 6619) Integration of the positioning axis technology object (Page 6631) Tools of the positioning axis technology object (Page 6634) Homing (positioning axis technology object as of V2) (Page 6665) WinCC Advanced V14 System Manual, 10/2016 6621 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.3 Guidelines on use of motion control (S7-1200) The guidelines described here present the basic procedure for using motion control with the CPU S7-1200. Requirements To use the positioning axis technology object, a project with a CPU S7-1200 must be created. Procedure Follow the steps below in the order given to use motion control with the CPU S7-1200. Use the following links for this purpose: 1. Adding a positioning axis technology object (Page 6636) 2. Working with the configuration dialog (Page 6637) 3. Download to CPU (Page 6714) 4. Function test of the axis in the commissioning window (Page 6715) 5. Programming (Page 6720) 6. Diagnostics of the axis control (Page 6739) 13.2.4 Using versions (S7-1200) 13.2.4.1 Overview of versions (S7-1200) The relationship between the relevant versions for S7-1200 Motion Control can be found in the following table: Technology version You can check the currently selected technology version in the "Instructions" task card in the folder "Technology > Motion Control" and in the "Technology object > Add new object" dialog. Select the technology version in the "Instructions" task card in the folder "Technology > Motion Control". If a technology object with an alternative version is added in the "Add new object" dialog, the technology version will also be changed. Note The selection of an alternative technology version will also affect the Motion Control Instructions version (task card). The technology objects and Motion Control instructions will only be converted to the selected version upon compilation or "Download to device". 6622 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Version of the technology object The version of a technology object can be checked in the inspector window under "Properties > General > Information" in the "Version" box. Motion Control instruction version The Motion Control instruction version can be checked in the inspector window under "Properties > General > Information" in the "Version" box. If the Motion Control instruction version used is not in line with the following compatibility list, the relevant Motion Control instructions will be highlighted in the program editor. Compatibility list Technology V1.0 CPU Technology object Motion Control Instruction V1.0, V2.0, V2.1, V2.2, V3.0 Axis V1.0 MC_Power V1.0 MC_Reset V1.0 MC_Home V1.0 MC_Halt V1.0 MC_MoveAbsolute V1.0 MC_MoveRelative V1.0 MC_MoveVelocity V1.0 MC_MoveJog V1.0 V2.0 Innovations: V2.1, V2.2, V3.0 Jerk limit Axis V2.0, Command table V2.0 MC_Power V2.0 MC_Reset V2.0 MC_Home V2.0 Command table MC_Halt V2.0 MC_ChangeDynamic MC_MoveAbsolute V2.0 MC_MoveRelative V2.0 MC_MoveVelocity V2.0 MC_MoveJog V2.0 MC_CommandTable V2.0 MC_ChangeDynamic V2.0 V3.0 Innovation: Load in RUN mode V2.2, V3.0, V4.0 Axis V3.0, Command table V3.0 MC_Power V3.0 MC_Reset V3.0 MC_Home V3.0 MC_Stop V3.0 MC_MoveAbsolute V3.0 MC_MoveRelative V3.0 MC_MoveVelocity V3.0 MC_MoveJog V3.0 MC_CommandTable V3.0 MC_ChangeDynamic V3.0 WinCC Advanced V14 System Manual, 10/2016 6623 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Technology V4.0 Innovations: MC_ReadParam MC_WriteParam Standardization of S71200 and S71500 Motion Control technology data blocks. CPU Technology object Motion Control Instruction V4.0 Positioning axis V4.0, Command table V4.0 MC_Power V4.0 MC_Reset V4.0 MC_Home V4.0 MC_Halt V4.0 MC_MoveAbsolute V4.0 MC_MoveRelative V4.0 MC_MoveVelocity V4.0 MC_MoveJog V4.0 MC_CommandTable V4.0 MC_ChangeDynamic V4.0 MC_ReadParam V4.0 MC_WriteParam V4.0 6624 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Technology V5.0 Innovations: CPU Technology object Motion Control Instruction V4.1 Positioning axis V5.0, Command table V5.0 MC_Power V5.0 Drive connection by means of PROFIdrive Analog drive connection MC_Halt V5.0 MC_MoveAbsolute V5.0 Position control for PROFIdrive/analog drive connection MC_MoveRelative V5.0 MC_MoveVelocity V5.0 Position monitoring for PROFIdrive/analog drive connection MC_MoveJog V5.0 MC_CommandTable V5.0 MC_ChangeDynamic V5.0 MC-Servo [OB91] MC_ReadParam V5.0 MC-Interpolator [OB92] V6.0 Innovations: MC-PreServo MC-PostServo Data connection directly to the SINAMICS drive or via data block Data connection directly to the analog output of a drive with analog drive connection or via a data block Transfer of drive and encoder parameters in the device for PROFIdrive drives and encoders. MC_Reset V5.0 MC_Home V5.0 MC_WriteParam V5.0 V4.2 Positioning axis V6.0, MC_Power V6.0 Command table V6.0 MC_Reset V6.0 MC_Home V6.0 MC_Halt V6.0 MC_MoveAbsolute V6.0 MC_MoveRelative V6.0 MC_MoveVelocity V6.0 MC_MoveJog V6.0 MC_CommandTable V6.0 MC_ChangeDynamic V6.0 MC_ReadParam V6.0 MC_WriteParam V6.0 Move position-controlled drives without position control for servicing purposes Simulation of positioncontrolled drives without configured or existing hardware Level selection when configuring the hardware limit switch Support PROFIdrive Telegram 4 WinCC Advanced V14 System Manual, 10/2016 6625 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Changing a technology version (Page 6626) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) Status of limit switch (Page 6630) 13.2.4.2 Changing a technology version (S7-1200) Before you can access all the benefits of a new technology version, you may need to set / modify the technology version for existing projects. Note Compatibility of the technology object tags When switching between V1...3 and V4, please see the compatibility list (Page 6626) when using tags of the technology object in the user program, monitoring tables, etc . Setting/changing a technology version To set or change the technology version, follow these steps: 1. Open the program editor (e.g., by opening the OB1). 2. In the "Instructions" task card, select the desired technology version in the "Technology > Motion Control" folder. 3. Save and compile the project. Pay attention to any error information that is displayed during compilation. Deal with the causes of the errors indicated. 4. Check the configuration of the technology objects. 5. If necessary, adapt the tag names in the following objects in line with the compatibility list. User program Watch tables Force tables HMI configuration Trace configuration See also Overview of versions (Page 6622) Status of limit switch (Page 6630) 13.2.4.3 Compatibility list of variables V1...3 <-> V4...5 (S7-1200) The technology data blocks for S7-1200 Motion Control and S7-1500 Motion Control have been standardized within the framework of the V4 technology. As of V4, this has resulted in new tags and tag names for the positioning axis and command table technology objects. 6626 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Observe the information in the following tables if you have used tags of the technology objects in the user program and you want to convert the project from V1...3 to V4 or higher (or vice versa). The tags listed in the "Automatic conversion V1...3 to V4" column are converted automatically when the project is compiled. Tag names in monitoring and force tables or the HMI or trace configuration are not converted. The following tags are new or have been adapted and may have to be corrected in the user program, watch tables, etc.: Config tags (positioning axis) Tag name V1.0 to V3.0 Tag name as of V4.0 Automatic conver sion V1..3 to V4 <Axis name>.Config.DynamicDefaults.Accel <Axis name>.DynamicDefaults.Acceleration eration Yes <Axis name>.Config.DynamicDefaults.De celeration Yes <Axis name>.DynamicDefaults.Deceleration <Axis name>.Config.DynamicDefaults.Emer <Axis name>.DynamicDefaults.EmergencyDeceleration gencyDeceleration Yes <Axis name>.Config.DynamicDefaults.Jerk <Axis name>.DynamicDefaults.Jerk Yes <Axis name>.Config.DynamicDefaults.Jer kActive Not available No <Axis name>.Config.DynamicLimits.MaxVe locity <Axis name>.DynamicLimits.MaxVelocity Yes <Axis name>.Config.DynamicLimits.MinVe locity <Axis name>.DynamicLimits.MinVelocity Yes <Axis name>.Config.General.LengthUnit <Axis name>.Units.LengthUnit Yes <Axis name>.Config.Homing.AutoReversal <Axis name>.Homing.AutoReversal Yes <Axis name>.Config.Homing.Direction <Axis name>.Homing.ApproachDirection Yes <Axis name>.Config.Homing.FastVelocity <Axis name>.Homing.ApproachVelocity Yes <Axis name>.Config.Homing.Offset <Axis name>.Sensor[1].ActiveHoming.HomePositio nOffset Yes <Axis name>.Config.Homing.SideActive Homing <Axis name>.Sensor[1].ActiveHoming.SideInput Yes <Axis name>.Config.Homing.SidePassive Homing <Axis name>.Sensor[1].PassiveHoming.SideInput Yes <Axis name>.Config.Homing.SlowVelocity <Axis name>.Homing.ReferencingVelocity Yes <Axis name>.Config.Homing.SwitchedLevel <Axis name>.Sensor[1].ActiveHoming.SwitchLevel <Axis name>.Sensor[1].PassiveHoming.SwitchLevel No <Axis name>.Config.Mechanics.InverseDir ection <Axis name>.Actor.InverseDirection Yes <Axis name>.Config.Mechanics.LeadScrew <Axis name>.Mechanics.LeadScrew Yes <Axis name>.Config.Mechanics.PulsesPer DriveRevolution <Axis name>.Actor.DriveParameter.PulsesPerDriveRe volution Yes WinCC Advanced V14 System Manual, 10/2016 The jerk is activated if the configured jerk is > 0.004 pulse/s3. 6627 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Tag name V1.0 to V3.0 Tag name as of V4.0 Automatic conver sion V1..3 to V4 <Axis name>.Config.PositionLimits_HW.Ac tive <Axis name>.PositionLimitsHW.Active Yes <Axis name>.Config.PositionLi mits_HW.MaxSwitchedLevel <Axis name>.PositionLimitsHW.MaxSwitchLevel Yes <Axis name>.Config.PositionLimits_HW.Min <Axis name>.PositionLimitsHW.MinSwitchLevel SwitchedLevel Yes <Axis name>.Config.PositionLimits_SW.Ac tive <Axis name>.PositionLimitsSW.Active Yes <Axis name>.Config.PositionLi mits_SW.MaxPosition <Axis name>.PositionLimitsSW.MaxPosition Yes <Axis name>.Config.PositionLimits_SW.Min <Axis name>.PositionLimitsSW.MinPosition Position Yes Not available <Axis name>.Actor.DirectionMode No Not available <Axis name>.Actor.Type No Not available <Axis name>.Sensor[1].ActiveHoming.Mode No Not available <Axis name>.Sensor[1].PassiveHoming.Mode No ErrorBits tags (positioning axis) Tag name V1.0 to V3.0 Tag name as of V4.0 <Axis name>.ErrorBits.HwLimitMax <Axis name>.ErrorBits.HWLimit <Axis name>.ErrorBits.HwLimitMin (Note the new status bits and the section Status of the limit switch (Page 6630).) <Axis name>.ErrorBits.SwLimitMaxExcee ded <Axis name>.ErrorBits.SWLimit Automatic conver sion V1..3 to V4 No No (Note the new status bits and the section Status of the <Axis name>.ErrorBits.SwLimitMaxReached limit switch (Page 6630).) <Axis name>.ErrorBits.SwLimitMinExceeded <Axis name>.ErrorBits.SwLimitMinReached Not available <Axis name>.ErrorBits.DirectionFault No MotionStatus tags (positioning axis) Tag name V1.0 to V3.0 Tag name as of V4.0 <Axis name>.MotionStatus.Distance <Axis name>.StatusPositioning.Distance Yes <Axis name>.MotionStatus.Position <Axis name>.Position Yes <Axis name>.MotionStatus.TargetPosition <Axis name>.StatusPositioning.TargetPosition Yes <Axis name>.MotionStatus.Velocity <Axis name>.Velocity Yes 6628 Automatic conver sion V1..3 to V4 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) StatusBits tags (positioning axis) Tag name V1.0 to V3.0 Tag name as of V4.0 Automatic conver sion V1..3 to V4 <Axis name>.StatusBits.Homing <Axis name>.StatusBits.HomingCommand Yes <Axis name>.StatusBits.SpeedCommand <Axis name>.StatusBits.VelocityCommand Yes Not available <Axis name>.StatusBits.HWLimitMaxActive No Not available <Axis name>.StatusBits.HWLimitMinActive No Not available <Axis name>.StatusBits.SWLimitMaxActive No Not available <Axis name>.StatusBits.SWLimitMinActive No Tags (command table) Tag name V1.0 to V3.0 Tag name as of V4.0 Automatic conver sion V1..3 to V4 <Command table>.Config.Command[n].Posi <Command table>.Command[n].Position tion Yes <Command table>.Config.Command[n].Ve locity <Command table>.Command[n].Velocity Yes <Command table>.Config.Command[n].Du ration <Command table>.Command[n].Duration Yes <Command table>.Config.Com mand[n].NextStep <Command table>.Command[n].NextStep Yes <Command table>.Config.Com mand[n].StepCode <Command table>.Command[n].StepCode Yes See also Overview of versions (Page 6622) Changing a technology version (Page 6626) Tags of the positioning axis technology object V4...5 (Page 6890) 13.2.4.4 Compatibility list of variables V4...5 <-> V6 (S7-1200) The technology data blocks for S7-1200 Motion Control and S7-1500 Motion Control have continued to be standardized within the framework of the V6 technology. As of V6, this has resulted in new tag names for the technology object positioning axis. Observe the information in the following tables if you have used tags of the technology objects in the user program and you want to convert the project from V4...5 to V6 or higher (or vice versa). The tags listed in the "Automatic conversion V4...5 to V6" column are converted automatically when the project is compiled. Tag names in monitoring and force tables, HMI and trace configurations are not converted. WinCC Advanced V14 System Manual, 10/2016 6629 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The following tags are new or have been adapted and may need to be corrected in the user program, monitoring tables, etc.: Config variables (positioning axis) Variable name V4.0 to V5.0 Variable name as of V6.0 <Axis name>.PositionLimitsSW.Active <Axis name>.PositionLimits_SW.Active Yes <Axis name>.PositionLimitsSW.MinPosition <Axis name>.PositionLimits_SW.MinPosition Yes <Axis name>.PositionLimitsSW.MaxPosition <Axis name>.PositionLimits_SW.MaxPosition Yes <Axis name>.PositionLimitsHW.Active <Axis name>.PositionLimits_HW.Active Yes <Axis name>.PositionLimitsHW.MinSwit chLevel <Axis name>.PositionLimits_HW.MinSwitchLevel Yes <Axis name>.PositionLimitsHW.MinSwitch Address <Axis name>.PositionLimits_HW.MinSwitchAddress Yes 13.2.4.5 Automatic conver sion V4...5 to V6 Status of limit switch (S7-1200) The status and error bits for the display of the reached limit switch have been adapted in version V4. In order to replicate the behavior of the error bits of versions V1...3, use the following logical operators: V1...3 V4 or higher <Axis name>.ErrorBits.HwLimitMin <Axis name>.ErrorBits.HWLimit AND <Axis name>.Status Bits.HWLimitMinActive <Axis name>.ErrorBits.HwLimitMax <Axis name>.ErrorBits.HWLimit AND <Axis name>.Status Bits.HWLimitMaxActive <Axis name>.ErrorBits.SwLimitMinReached <Axis name>.ErrorBits.SWLimit AND (<Axis name>.Position = <Axis name>.PositioningLimits_SW.MinPosition) <Axis name>.ErrorBits.SwLimitMinExceeded <Axis name>.ErrorBits.SWLimit AND (<Axis name>.Position < <Axis name>.PositioningLimits_SW.MinPosition) <Axis name>.ErrorBits.SwLimitMaxReached <Axis name>.ErrorBits.SWLimit AND (<Axis name>.Position = <Axis name>.PositioningLimits_SW.MaxPosition) <Axis name>.ErrorBits.SwLimitMaxExceeded <Axis name>.ErrorBits.SWLimit AND (<Axis name>.Position > <Axis name>.PositioningLimits_SW.MaxPosition) See also Overview of versions (Page 6622) Changing a technology version (Page 6626) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) 6630 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.5 Positioning axis technology object (S7-1200) 13.2.5.1 Integration of the positioning axis technology object (S7-1200) The following representation shows the relationships between the hardware and software components that are implemented when using the positioning axis technology object: &38KDUGZDUH 'ULYH 6,0$7,& 6 5816723 (5525 0$,17 , , , , , , , , , , , , , , 6LJQDOERDUG ', &38& '&'&'& ' ;31/$1 372352),GULYHDQDORJ LVPDSSHGLQWKH 7,$3RUWDO DV 3RVLWLRQLQJD[LV WHFKQRORJ\REMHFW '%[ &RQWUROOLQJ KDUGZDUH &RQILJXUDWLRQGDWD &KDQJHDEOH FRQILJXUDWLRQ GDWD &XUUHQW D[LVGDWD &XUUHQWD[LV GDWD 8VHUSURJUDP &38ILUPZDUH 6WDWXVDQGHUURULQIRUPDWLRQ RIFXUUHQWFRPPDQGV 6WDUWLQJ FRPPDQGV CPU hardware The physical drive is controlled and monitored by the CPU hardware. WinCC Advanced V14 System Manual, 10/2016 6631 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Drive The drive represents the unit of power unit and motor. You can use stepper motors and servo motors with pulse, PROFIdrive or analog interfaces. Positioning axis technology object The physical drive including mechanics is mapped in the TIA Portal as a positioning axis technology object. To do this, configure the positioning axis technology object with the following parameters: Selection of the PTOs (Pulse Train Output)/PROFIdrive drives/analog outputs to be used and configuration of the drive interface Parameter for mechanics and gear transmission of the drive (or the machine or system) Parameters for position limits and position monitoring Parameters for dynamics and homing Parameters for the control loop The configuration of the positioning axis technology object is saved in the technology object (data block). This data block also forms the interface between the user program and the CPU firmware. The current axis data is saved in the data block of the technology object at the runtime of the user program. User program You start Motion Control instructions jobs in the CPU firmware with the user program. The following jobs for controlling the axis are possible: Enable and disable axis Position axis absolutely Position axis relatively Move axis with velocity set point Run axis commands as movement sequence (technology as of V2, PTO only) Moving axes in jog mode Stop axis Reference axis; set reference point Change dynamic settings of axis Continuously read motion data of the axis Read and write variable of the axis Acknowledge error You determine the command parameters with the input parameters of the Motion Control instructions and the axis configuration. The output parameters of the instruction give you up to date information about the status and any errors of the command. Before starting a command for the axis, you must enable the axis with the Motion Control instruction "MC_Power". 6632 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) You can read out configuration data and current axis data with the variables of the technology object. You can change individual, changeable variables of the technology object (e.g. the current acceleration) from the user program. You can also change the dynamic settings of the axis with the Motion Control instruction "MC_ChangeDynamic" and write additional configuration data with "MC_WriteParam". You can read the current motion status of the axis with the Motion Control instruction "MC_ReadParam". CPU firmware The motion control jobs started in the user program are processed in the CPU firmware. When using the axis control panel, Motion Control jobs are triggered by operating the axis control panel. The CPU firmware performs the following jobs depending on the configuration: Calculate the exact motion profile for motion jobs and emergency stop situations Position control for drive connection via PROFIdrive/analog drive connection Control of the pulse and direction signal for drive connection via PTO Control of the drive enable Monitoring of the drive and the hardware and software limit switches Up to date feedback of status and error information to the Motion Control instructions in the user program Writing of current axis data into the data block of the technology object See also Tags of the positioning axis technology object as of V6 (Page 6782) CPU outputs relevant for motion control (Page 6597) Relationship between the signal type and the direction of travel (Page 6600) Tools of the positioning axis technology object (Page 6634) Hardware and software limit switches (Page 6618) Homing (Page 6620) WinCC Advanced V14 System Manual, 10/2016 6633 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.5.2 Tools of the positioning axis technology object (S7-1200) The TIA Portal provides the "Configuration", "Commissioning", and "Diagnostics" tools for the positioning axis technology object. The following representation shows the interaction of the three tools with the technology object and the drive: 'ULYH 3RVLWLRQLQJD[LVWHFKQRORJ\REMHFW '%[ &RQILJXUDWLRQGDWD &RQILJXUDWLRQ &RPPLVVLRQLQJ SDUDPHWHUV &RPPLVVLRQLQJ 6WDWXVDQG HUURULQIRUPDWLRQ 'LDJQRVWLFV Reading and writing of configuration data of the technology object Drive control via the technology object. Read the axis status for display in the axis control panel. Optimization of the position control Readout of the current status and error information of the technology object Additional telegram information is displayed for PROFIdrive drives. 6634 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration Use the "Configuration" tool to configure the following properties of the positioning axis technology object: Selection of the PTOs (Pulse Train Output)/PROFIdrive drives/analog outputs to be used and configuration of the drive interface Properties of the mechanics and the transmission ratio of the drive (or machine/plant) Properties of the position limits and the position monitoring Properties of the dynamics and the homing Parameters of the control loop Save the configuration in the data block of the technology object. Commissioning Use the "Commissioning" tool to test the function of your axis without having to create a user program. When the tool is started, the axis control panel will be displayed. The following commands are available on the axis control panel: Enabling and disabling the axis Move axis in jog mode Position axis in absolute and relative terms Home axis Acknowledge errors The dynamic values can be adjusted accordingly for the motion commands. The axis control panel also shows the current axis status. With drive connection via PROFIdrive / analog output, tuning supports you in determining the optimal gain for the control loop. Diagnostics Use the "Diagnostics" tool to keep track of the current status and error information for the axis and drive. See also CPU outputs relevant for motion control (Page 6597) Relationship between the signal type and the direction of travel (Page 6600) Integration of the positioning axis technology object (Page 6631) Hardware and software limit switches (Page 6618) Homing (Page 6620) Configuring the positioning axis technology object (Page 6637) WinCC Advanced V14 System Manual, 10/2016 6635 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Axis control panel (Page 6715) Axis - Diagnostics (Page 6739) 13.2.5.3 Adding a positioning axis technology object (S7-1200) Requirements A project with a CPU S7-1200 has been created. Procedure To add a positioning axis technology object in the project tree, follow these steps: 1. Open the "CPU > Technology objects" folder in the project tree. 2. Double-click the "Add new object" command. The "Add new object" dialog opens. 3. Select the "Motion Control" technology. 4. Open the "Motion Contro > S7-1200 Motion Control" folder. 5. Select the desired technology version in the "Version" column. 6. Select the "TO_PositioningAxis" object. 7. Enter the name of the axis in the "Name" input box. 8. To change the automatically assigned data block number, select the "Manual" option. 9. To display additional information about the technology object, click "Additional information". 10.Confirm your entry with "OK". Result The new technology object is created and saved to the "Technology objects" folder in the project tree. The organization blocks MCServo [OB91] and MCInterpolator [OB92] are automatically created in the "Program blocks" folder. The technology objects are processed in these organization blocks. The position controller is calculated in the MCServo [OB91]. The MCInterpolator [OB92] takes over the evaluation of the Motion Control instructions, the setpoint generation and the monitoring functionality. See also Guidelines on use of motion control (Page 6622) 6636 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.5.4 Configuring the positioning axis technology object (S7-1200) Working with the configuration dialog (S7-1200) You configure the properties of the technology object in the configuration window. Proceed as follows to open the configuration window of the technology object: 1. Open the group of the required technology object in the project tree. 2. Double-click the "Configuration" object. The configuration is divided into the following categories: Basic parameters The basic parameters contain all the parameters which must be configured for a functioning axis. Extended parameters The advanced parameters include parameters to adapt to your drive or your plant. Configuration window icons Icons in the area navigation of the configuration show additional details about the status of the configuration: The configuration contains default values and is complete. The configuration contains only default values. With these default values you can use the technology object without additional changes. The configuration contains user-defined or automatically adapted values and is complete. All input fields of the configuration contain valid values and at least one preset value has changed. The configuration is incomplete or incorrect At least one input field or drop-down list contains an invalid value. The corresponding field or the drop-down list is displayed on a red background. Click the roll-out error message to display the cause of the error. The configuration is valid but contains warnings For example, only one hardware limit switch is configured. Depending on the application, the lacking configuration of a hardware limit switch may result in a hazard. The corresponding field or the drop-down list is displayed on a yellow background. See also Guidelines on use of motion control (Page 6622) Basic parameters (Page 6638) Extended parameters (Page 6650) Monitor values (S7-1200) If there is an online connection to the CPU, the icon "Monitor all" configuration dialog of the technology object. WinCC Advanced V14 System Manual, 10/2016 is displayed in the 6637 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The "Monitor all" function provides the following options: Comparison of configured start values of the project with the start values in the CPU and the actual values Direct editing of actual values and the start values of the project Immediate detection and display of input errors with suggested corrections Backup of the actual values in the project by manual transfer to the start value of the project Icons and operator controls If there is an online connection to the CPU, the actual values are displayed at the parameters. In addition to the actual values of the parameters, the following symbols appear: Icon Description Start value in CPU matches the configured Start value in the project Start value in CPU does not match the configured Start value in the project A comparison of the start value in the CPU with the configured start value in the project cannot be performed because the selected CPU module does not support this compari son. The value is not comparable with any significance since it is not relevant in one of the configurations. Use the button to show the start value of the CPU and the start value of the project for the respective parameter. The actual value and the start value in the project can be changed directly and then downloaded to the CPU. The change of the actual value is transferred directly to the CPU for directly modifiable parameters. Basic parameters (S7-1200) Configuration - General (S7-1200) Configure the basic properties of the positioning axis technology object in the "General" configuration window. Axis name Define the name of the axis or the name of the positioning axis technology object in this field. The technology object is listed under this name in the project tree. 6638 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Drive Select the type of drive connection: PTO (Pulse Train Output) The drive is connected via a pulse generator output, an optional enable output and an optional ready input. Analog drive connection The drive is connected via an analog output, an encoder, an optional enable output and an optional ready input. All movements of the axis are position-controlled. PROFIdrive The drive is connected via PROFINET/PROFIBUS. Communication between controller and drive is by means of PROFIdrive telegrams. All movements of the axis are position-controlled. If you select the "Analog drive connection" or "PROFIdrive", additional elements are added to the navigation of the configuration: Encoder Modulo Position supervisions (positioning supervision, following error and standstill signal) Control loop In the additional configuration windows, you configure the encoders that are to be connected and the resulting options for position control and position monitoring. Unit of measurement position In the drop-down list, select the desired measurement unit for the dimension system of the axis. The selected measurement unit is used for further configuration of the positioning axis technology object and for displaying the current axis data. The values at the input parameters (Position, Distance, Velocity, ...) of the Motion Control instructions also refer to this measurement unit. Note Select the drive connection and the measurement unit of the position at the beginning of the axis configuration. With a subsequent change, the parameters are reset or re-initialized, which requires you to check the parameters of the configuration dialogs once again. You may have to adapt the values of the input parameters of the Motion Control instructions to the new unit of measurement in the user program. WinCC Advanced V14 System Manual, 10/2016 6639 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Simulation In the drop-down list, select whether or not the drive and the encoder are to be simulated. The simulation can be selected for the analog drive connection or for a PROFIdrive drive. The configuration of the drive and encoder hardware is not required for simulation mode (potential errors in the drive and encoder configuration are ignored). Application: The drive is simulated, for example, for commissioning and later operated with the hardware that may be configured. The "Simulation" operating mode can be controlled/changed during runtime of the user program with a download or tag (<Achsname>.Simulation.Mode). The axis must be disabled for this (Enable = FALSE). In simulation mode, setpoints are not output to the drive and actual values are not read in from the drive/encoder. Hardware limit switches and homing switches have no effect. The following table shows Motion Control instructions with adapted behavior in simulation mode. Motion Control instruction Behavior in simulation mode MC_Power The axis is enabled immediately without waiting for feedback from the drive. MC_Home Homing jobs are executed immediately without si mulated axis motion. PTO drives work without control loop. No separate simulation function is required in order to simulate a PTO drive when the PTO drive is not connected. See also CPU outputs relevant for motion control (Page 6597) Relationship between the signal type and the direction of travel (Page 6600) Configuration - General ("Axis" technology object V1...3) (Page 6822) Configuration - Drive (S7-1200) Configuration - Drive - PTO (Pulse Train Output) (S7-1200) In the "Drive" configuration window, configure the pulse generator and the enable and feedback of the drive. Hardware interface The pulses are output to the power unit of the drive by fixed assigned digital outputs. 6640 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) In CPUs with relay outputs, the pulse signal cannot be output at these outputs because the relays do not support the necessary switching frequencies. To be able to work with the PTO (Pulse Train Output) on these CPUs, you must use a signal board with digital outputs. Note The PTO requires the functionality of a high-speed counter (HSC). An internal HSC is used for this, the count of which cannot be evaluated. Pulse generator In the drop-down list, select the PTO (Pulse Train Output) to control the stepper motor or servo motor by means of pulse interface. If you have not used the pulse generators and high-speed counters elsewhere in the device configuration, the hardware interface can be configured automatically. In this case, the PTO selected in the drop-down list is displayed with a white background. If PTO (PulseTrain Output) is selected, the "Device configuration" button takes you to the parameter assignment of the pulse options in the device configuration of the CPU. This may be necessary if there is a conflict because the PTO is being used at the other end or the parameters have been changed by the user. Signal type Select the signal type in the drop-down list. The following signal types are available: PTO (pulse A and direction B) A pulse output and a direction output are used for controlling the stepper motor. PTO (clock up A and clock down B) One pulse output each for motion in positive direction and negative direction is used for controlling the stepper motor. PTO (A/B phase-shifted) Both pulse outputs for Phase A and for Phase B run at the same frequency. The period of the pulse outputs is evaluated at the drive end as a step. The phase offset between Phase A and Phase B determines the direction of the motion. PTO (A/B phase offset - quadruple) Both pulse outputs for Phase A and for Phase B run at the same frequency. All positive edges and all negative edges of Phase A and Phase B are evaluated as a step at the drive end. The phase offset between Phase A and Phase B determines the direction of the motion. WinCC Advanced V14 System Manual, 10/2016 6641 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The following table shows the parameters to be configured depending on the signal type: Signal type/parameter Description PTO (pulse A and direction B) Pulse output Select the pulse output for motion in positive direction in this field. You can select the output using a symbolic address or assign it to an absolute address. Activate direction output With this option, you enable or disable the direction output. The motion direction is restricted when you disable the direc tion output. Direction output Select the output for the direction output in this field. You can select the output using a symbolic address or assign it to an absolute address. PTO (clock up A and clock down B) Pulse output forward Select the pulse output for motion in positive direction in this field. You can select the output using a symbolic address or assign it to an absolute address. Pulse output backward Select the pulse output for motion in negative direction in this field. You can select the output using a symbolic address or assign it to an absolute address. PTO (A/B phase offset)/PTO (A/B phase offset - quadruple) Signal A Select the pulse output for Phase A signals in this field. You can select the output using a symbolic address or assign it to an absolute address. Signal B Select the pulse output for Phase B signals in this field. You can select the output using a symbolic address or assign it to an absolute address. Drive enable and feedback In this area, you configure the output for drive enable and the input for the "Drive ready" feedback of the drive: Enable output Select the enable output for the drive enable in this field. Ready input Select the ready input for the "Drive ready" feedback of the drive in this field Drive enable is controlled by Motion Control instruction "MC_Power" and enables power to the drive. The drive signals "Drive ready" to the CPU if it is ready to start executing movement after receiving the drive enable. If the drive does not have any interfaces of this type, you do not have to configure the parameters. In this case, select the value TRUE for the ready input. 6642 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Drive - Analog drive connection (S7-1200) In the "Drive" configuration window, configure the analog output and the enable and feedback of the drive. Hardware interface The speed setpoint is output to the power unit of the drive by means of permanently assigned analog outputs. Configure the inputs and outputs for the control of the drive in this area: Analog output In this field, select the PLC variable of the analog output via which the drive is controlled. When you open the autocompletion, all output addresses are displayed with 16 bits (WORD, INT, UINT). The variable of a data block with the WORD data type can be selected for data connection via a data block. You can also enter an address, for example QW20. If the address is valid, the name "Axis_1_AnalogOutput" is generated for this address and inserted in the variable table. For the address to be valid, it needs to be occupied by the appropriate data type and a HW module. Selection of enable output Select an available output as the enable output for the drive enable in this field. Selection of ready input Select the ready input for the "Drive ready" feedback of the drive in this field Drive enable is controlled by Motion Control instruction "MC_Power" and enables power to the drive. The drive signals "Drive ready" to the CPU if it is ready to start executing movement after receiving the drive enable. If the drive does not have any interfaces of this type, you do not have to configure the parameters. In this case, select the value TRUE for the ready input. Data exchange with the drive In this area, you can configure the scaling of the setpoint speed: Reference speed The reference speed of the drive is the speed, with which the drive spins when there is an output of 100% at the analog output. The reference speed must be configured in the drive, and transferred into the configuration of the technology object. The analog value that is output at 100% depends on the type of the analog output. As an example, for an analog output with 10 V, the value 10 V is output at 100%. Maximum speed In this field, specify the maximum speed of the drive. The maximum speed is limited by the drive and by the value range of the analog output. In the simplest situation, the reference speed and maximum speed are identical. Analog outputs can be overloaded by approximately 17%. If the drive permits overloading, you can use this to operate an analog output as a limit in the -117% to 117% range. Invert drive direction To invert the rotation direction of the drive, select the check box. WinCC Advanced V14 System Manual, 10/2016 6643 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Drive - PROFIdrive (S7-1200) In the "Drive" configuration window, configure the data connection and the parameters of the PROFIdrive drive. PROFIdrive drive (as of V6) Data connection In the drop-down list, select whether the data connection is to be made directly with the drive device or via an editable data block in the user program. Drive (for data connection: "Drive") In the "Drive" field, select an already configured PROFIdrive drive. Data block (for data connection: "Data block") Select a previously created data block which contains a variable structure of the data type "PD_TELx" ("x" stands for the telegram number to be used). Data exchange with the drive In this area, you can configure the data exchange between the drive and controller: Drive telegram (for data connection: "Data block" not selectable) In the drop-down list, check or select the telegram of the drive. The specification must match the device configuration of the drive. Input/output address The fields show the symbolic and absolute input and output address of the telegram. Invert drive direction To invert the rotation direction of the drive, select the check box. Automatic transfer of drive parameters in the device Select the check box if you want the drive parameters "Reference speed" and "Maximum speed" to be transferred as values from the drive configuration to the CPU. The drive parameters are transferred from the bus after the (re-)initialization of the technology object and (re)start of the drives and the CPU. Alternatively, you must synchronize the following parameters manually: - Reference speed Configure the reference speed to match the one in the configuration of the drive. On the bus, the value 16#4000 is transferred, for example, which corresponds to 100% of the reference speed. - Maximum speed Configure the maximum speed of the drive in this field. The maximum speed is obtained from the configuration of the drive. A maximum of -200% to +200% of the reference speed can be transmitted over the bus. The maximum speed can thus be twice the reference speed at maximum. Note Automatic transfer of drive parameters is only possible with SINAMICS drives as of V4.x. For this, "Drive" must be selected as the data connection in the configuration window. 6644 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Data connection PROFIdrive drive / PROFIdrive encoder (Page 6608) Automatic transfer of drive and encoder parameters in the device (Page 6605) Configuration - Encoder (S7-1200) Encoder connection (S7-1200) Depending on the selection of the encoder connection, you configure various parameters in the "Encoder" configuration window. The following encoder connections are possible: Encoder on high-speed counter (HSC) (Page 6648) PROFIdrive encoder on PROFINET/PROFIBUS (encoder on drive, encoder on technology module, PROFIdrive encoder) (Page 6646) WinCC Advanced V14 System Manual, 10/2016 6645 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Encoder - Encoder on PROFINET/PROFIBUS (S7-1200) Encoder selection In the "PROFIdrive encoder" box, select a PROFIdrive encoder on PROFINET. Data connection In the drop-down list, select whether the data connection should be established directly with the encoder or via a data block that can be edited in the user program. PROFIdrive encoder/data block Select a previously configured PROFIdrive encoder in this configuration field. The following encoders can be selected: - Connection to drive (not with analog drive connection) The encoder is connected to the drive. The encoder signals are evaluated by the drive and transmitted to the controller as part of the drive telegram (telegram 3 or 4) (the encoders of the telegrams from other drives cannot be used). The encoder is configured using the configuration of the PROFIdrive drive. - Encoder on technology module (TM) Select a previously configured technology module and the channel to be used. Only technology modules set to the "Position input for Motion Control" mode are displayed for selection. If no technology module is available for selection, change to the device configuration and add a technology module. You can identify the technology modules suitable for position detection for Motion Control in the documentation for the technology module and the catalog data. - PROFIdrive encoder on PROFINET/PROFIBUS (PROFIdrive) In the "PROFIdrive encoder" field, select a previously configured encoder on PROFINET/ PROFIBUS. Switch to the device configuration in the network view and add an encoder, in the event that no encoder is offered for selection. If "Data block" was selected for the data connection, a previously created data block containing a tag structure of data type "PD_TELx" must be selected here ("x" stands for the telegram number to be used by which the encoder is connected). Data exchange with encoder In this area, you can configure the data exchange between the encoder and controller: Encoder telegram (for data connection: "Data block" not selectable) In the drop-down list, select the telegram of the encoder. The specification must match the device configuration. Input/output address The fields show the symbolic and absolute input and output address of the telegram. 6646 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Invert encoder direction To invert the actual value of the encoder, select the check box. Automatic transfer of encoder parameters in the device Select the check box if you want to transfer the encoder parameters from the encoder configuration to the CPU. The encoder parameters are transferred from the bus after the (re-)initialization of the technology object and (re)start of the encoder and the CPU. The encoder type must be the same in the configuration of the axis and in the configuration of the drive. Note Automatic transfer of encoder parameters is only possible with PROFIdrive encoders as of product version A16. For this, "Encoder" must be selected as the data connection in the configuration window. A product version > V4.x is required to use an encoder on the SINAMICS drive. The parameters must be adjusted manually if there is no automatic transfer of encoder parameters. You can find the parameters to be synchronized in the section Automatic transfer of drive and encoder parameters in the device (Page 6605). Encoder type Set the employed encoder type in the "Encoder type" box. The following encoder types can be selected: Linear incremental Linear absolute Rotary incremental Rotary absolute Configure the various parameters depending on the selected encoder type. Depending on the selected encoder type, configure the following parameters: Encoder type/parameter Description Linear incremental Distance between two increments In this field, you configure the distance between two steps of the encoder. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). Linear absolute Distance between two increments In this field, you configure the distance between two steps of the encoder. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). Fine resolution - Bits in abs. actual value (Gn_XIST2) In this field, configure the number of reserved bits for the mul tiplication factor of the absolute value of the fine resolution (Gn_XIST2). Rotary incremental WinCC Advanced V14 System Manual, 10/2016 6647 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Encoder type/parameter Description Steps per revolution In this field, configure the number of steps that the encoder resolves per revolution. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). Rotary absolute Steps per revolution In this field, configure the number of steps that the encoder resolves per revolution. Number of revolutions In this field, configure the number of revolutions that the ab solute value encoder can detect. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). Fine resolution - Bits in abs. actual value (Gn_XIST2) In this field, configure the number of reserved bits for the mul tiplication factor of the absolute value of the fine resolution (Gn_XIST2). See also Data connection PROFIdrive drive / PROFIdrive encoder (Page 6608) Configuring technology modules for Motion Control (Page 6692) Configuration - Encoder - Encoder on high-speed counter (HSC) (S7-1200) Selection of high-speed counter (HSC) In the high-speed counter box, select the high-speed counter to which the encoder transfers the actual value. Check the filter times of the two high-speed counter digital inputs that are used. The filter times should be short enough to ensure reliable recording of the pulses. HSC interface Select the operating mode of the high-speed counter in the "Operating mode" box. 6648 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Depending on the operating mode, configure the various inputs: Operating mode/parameter Description Two-phase Clock generator forward In this field, select the input for counting up. You can select the input using a symbolic address or assign it to an absolute address. The frequency and the location (on-board, signal board) of the input are displayed next to the address box. Clock generator backward In this field, select the input for counting down. You can select the input using a symbolic address or assign it to an absolute address. The frequency and the location (on-board, signal board) of the input are displayed next to the address box. A/B counter / A/B counter quadruple Clock generator A In this field, select the input for Phase A signals. You can select the input using a symbolic address or assign it to an absolute address. The frequency and the location (on-board, signal board) of the input are displayed next to the address box. Clock generator B In this field, select the input for Phase B signals. You can select the input using a symbolic address or assign it to an absolute address. The frequency and the location (on-board, signal board) of the input are displayed next to the address box. Invert encoder direction To invert the actual value of the encoder, select the check box. Automatic transfer of encoder parameters in the device This selection is not possible when using encoders on the high-speed counter (HSC). Encoder type Select the encoder type in the "Encoder type" box. The following encoder types can be selected: Linear incremental Rotary incremental Configure the various parameters depending on the selected encoder type. Depending on the selected encoder type, configure the following parameters: Encoder type/parameter Description Linear incremental Distance between two increments In this field, you configure the distance between two steps of the encoder. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). WinCC Advanced V14 System Manual, 10/2016 6649 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Encoder type/parameter Description Rotary incremental Steps per revolution In this field, configure the number of steps that the encoder resolves per revolution. Fine resolution - Bits in incr. actual value (Gn_XIST1) In this field, configure the number of bits for fine resolution within the incremental actual value (Gn_XIST1). Extended parameters (S7-1200) Mechanics (S7-1200) Configuration - Mechanics - PTO (Pulse Train Output) (S7-1200) Configure the mechanical properties of the drive in the "Mechanics" configuration window. Pulses per motor revolution Configure the number of pulses required for one revolution of the motor in this box. Limits (independent of the selected unit of measurement): 0 < Pulse per motor revolution 2147483647 Load motion per motor revolution In this box, configure the load distance per motor revolution covered by the mechanical system of your unit. Limits (independent of the selected unit of measurement): 0.0 < Distance per revolution 1.0e12 Permitted direction of rotation (technology version as of V4) Configure this box to determine whether the mechanics of your system are to move in both directions or only in the positive or negative direction. If you have not activated the direction output of the pulse generator in the "PTO (pulse A and direction B)" mode, the selection is limited to the positive or negative direction. Invert direction You can use the "Invert direction" check box to adapt the control system to the direction logic of the drive. 6650 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The direction logic is inverted according to the selected mode of the pulse generator: PTO (pulse A and direction B) - 0 V at direction output positive direction of rotation - 5 V/24 V at direction output negative direction of rotation The specified voltage depends on the hardware used. The indicated values do not apply to the differential outputs of CPU 1217. PTO (clock up A, clock down B) The outputs "Pulse output down" and "Pulse output up" are swapped. PTO (A/B phase-shifted) The "Phase A" and "Phase B" outputs are swapped. "PTO (A/B phase-shifted - quadruple) The "Phase A" and "Phase B" outputs are swapped. Configuration - Mechanics - PROFIdrive/analog drive connection (S7-1200) Configure the mechanical properties of the drive and its encoder in the "Mechanics" configuration window. Encoder mounting type In the drop-down list, select how the encoder is mounted on the mechanism. The following encoder installation types are possible: On motor shaft External measuring system (rotary encoders only) Position parameters Depending on the selected encoder installation type, configure the following position parameters: Encoder installation type/position parameter Description On the motor shaft Load motion per motor revolution In this field, configure the load distance for one motor revolu tion. External measuring system Load motion per motor revolution In this field, configure the load distance for one motor revolu tion. Distance per encoder revolution In this field, configure the distance recorded by the external measuring system per encoder revolution. Configuration - Modulo (PROFIdrive/analog drive connection only) (S7-1200) Use the "Modulo" setting if you want to limit the traversing range to a recurring distance based on the product length / product cycle. The modulo function is only possible in position-controlled operation of the axis. WinCC Advanced V14 System Manual, 10/2016 6651 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) When "modulo" is enabled, the position value of the technology object is represented by means of a recurring modulo range. The modulo range is defined by the start value and the length. For example, to limit the position value of an axis to one full rotation, the modulo range can be defined with start value = 0 and length = 360. With an encoder resolution of 0.1/encoder step, the position value is represented in the modulo range 0.0 to 359.9. If the axis in this example moves to the position 400, the actual position 40 (400 - 360) is reached. The position of the axis is controlled with the Motion Control instruction "MC_MoveAbsolute" in the modulo function. You determine the approach direction of the target position using the input parameter "Direction". The following parameter values are available: 0: The sign for the velocity ("Velocity" parameter) determines the motion direction. 1: Target position is approached in a positive direction. 2: Target position is approached in a negative direction. 3: Starting from the current position, the technology selects the shortest distance to the target position. Enable modulo Select the "Enable modulo" check box to use a recurring reference system for the axis (for example, 0.0 to 359.9). Modulo start value In this field, define the position at which the modulo range should begin (for example, 0). Modulo length In this field, define the length of the modulo range (for example, 360). See also MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) Position limits (S7-1200) Requirements for hardware limit switches (S7-1200) Use only hardware limit switches that remain permanently switched after being approached. This switching status may only be revoked after a return to the valid travel range. 6652 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Configuration - Position limits (Page 6653) Response of the axis when position limits are triggered (Page 6655) Changing the configuration of the position limits in the user program (Page 6657) Configuration - Position limits (S7-1200) Configure the hardware and software limit switches of the axis in the "Position limits" configuration window. Enable HW limit switches Activate the function of the low and high hardware limit switch with this check box. The hardware limit switches can be used for purposes of direction reversal during a homing procedure. For details, refer to the configuration description for homing. Enable SW limit switch Activate the function of the low and high software limit switch with this check box. Note Activated software limit switches act only on a homed axis. Input low / high HW limit switch Select the digital input for the low or high hardware limit switch from the drop-down list. The input should be interrupt-capable to guarantee short response times. However, the input of PTO axes must be interrupt-capable. The digital onboard CPU inputs and the digital inputs of a plugged signal board can be selected as interrupt-capable inputs for the HW limit switches. Note The digital inputs are set to a filter time of 6.4 ms by default. If these are used as hardware limit switches, undesired decelerations may occur. If this occurs, reduce the filter time for the relevant digital inputs. The filter time can be set under "Input filter" in the device configuration of the digital inputs. WinCC Advanced V14 System Manual, 10/2016 6653 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Select level In the drop-down list, select the signal level available at the CPU when the hardware limit switch is approached. Selection of "Low level" (normally closed contact) 0 V (FALSE) at CPU input corresponds to hardware limit switch approached Selection of "High level" (normally open contact) 5 V / 24 V (TRUE) at the CPU input = hardware limit switch approached (the actual voltage depends on the hardware used) High and low software limit switch Enter the position value of the low and high software limit switch in these boxes. Limits (independent of the selected unit of measurement): -1.0e12 low software limit switch 1.0e12 -1.0e12 high software limit switch 1.0e12 The value of the high software limit switch must be greater than or equal to the value of the low software limit switch. See also Requirements for hardware limit switches (Page 6652) Response of the axis when position limits are triggered (Page 6655) Changing the configuration of the position limits in the user program (Page 6657) Configuration - Homing - Active (Page 6665) 6654 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Response of the axis when position limits are triggered (S7-1200) Behavior of axis when hardware limit switches are approached When a hardware limit switch is approached, the axis behaves differently depending on the drive connection: Drive connection via PROFIdrive / analog output When a hardware limit switch is approached, the axis is disabled and, depending on the configuration, braked at the drive and brought to a standstill. You must select the deceleration sufficiently large in the drive so that the axis stops reliably before the mechanical stop. Drive connection via PTO (Pulse Train Output) When the hardware limit switches are approached, the axis brakes to a standstill at the configured emergency deceleration. You must select the emergency deceleration sufficiently large so that the axis stops reliably before the mechanical stop. The following diagram presents the behavior of the axis after it approaches the hardware limit switches: _Y_ V SHUPLWWHGWUDYHOUDQJH V PHFKDQLFDO VWRS ORZHU +:OLPLWVZLWFK XSSHU +:OLPLWVZLWFK PHFKDQLFDO VWRS The axis brakes at the configured emergency stop deceleration (PTO) or the deceleration con figured in the drive (PROFIdrive or analog drive interface) until standstill occurs. Range in which the HW limit switches signal the status "approached". The "HW limit switch approached" error is displayed in the initiating Motion Control instruction, at "MC_Power", and in the technology object variables. Instructions for eliminating errors can be found in the Appendix under "List of ErrorIDs and ErrorInfos". WinCC Advanced V14 System Manual, 10/2016 6655 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Behavior of axis when software limit switches are reached If software limit switches are activated, an active motion is stopped at the position of the software limit switch. The axis is braked at the configured deceleration. The following diagram presents the behavior of the axis until it reaches the software limit switches: :RUNLQJUDQJH _Y_ V /RZ 6:OLPLWVZLWFK +LJK 6:OLPLWVZLWFK The axis brakes to a standstill at the configured deceleration. The "SW limit switch approached" error is displayed in the initiating Motion Control instruction, at "MC_Power", and in the technology object variables. Instructions for eliminating errors can be found in the Appendix under "List of ErrorIDs and ErrorInfos". When a software limit switch is overtraveled, the axis behaves differently depending on the drive connection: Drive connection via PROFIdrive / analog output When a software limit switch is overtraveled, the axis is disabled and, depending on the configuration, braked at the drive and brought to a standstill. Drive connection via PTO (Pulse Train Output) You can learn about the behavior of the axis when a software limit switch is overtraveled in the sections "Software limit switches in conjunction with a homing operation (Page 6750)" and "Software limit switches in conjunction with dynamic changes (Page 6755)". Use additional hardware limit switches if a mechanical endstop is located after the software limit switches and there is a risk of mechanical damage. See also Requirements for hardware limit switches (Page 6652) Configuration - Position limits (Page 6653) Changing the configuration of the position limits in the user program (Page 6657) 6656 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Changing the configuration of the position limits in the user program (S7-1200) You can change the following configuration parameters during runtime of the user program in the CPU: Hardware limit switches You can also activate and deactivate the hardware limit switches during runtime of the user program. Use the following technology object variable for this purpose: <axis name>.PositionLimits_HW.Active Refer to the description of the technology object variables (Page 6782) in the appendix for information on when changes to the configuration parameter take effect. Software limit switches You can also activate and deactivate the software limit switches and change their position values during runtime of the user program. Use the following technology object variables for this purpose: <axis name>.PositionLimits_SW.Active for activating and deactivating the software limit switches <axis name>.PositionLimits_SW.MinPosition for changing the position of the low software limit switch <axis name>.PositionLimits_SW.MaxPosition for changing the position of the high software limit switch Refer to the description of the technology object variables (Page 6782) in the appendix for information on when changes to the configuration parameters take effect. See also Compatibility list of variables V1...3 <-> V4...5 (Page 6626) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) Requirements for hardware limit switches (Page 6652) Configuration - Position limits (Page 6653) Response of the axis when position limits are triggered (Page 6655) Dynamics (S7-1200) Configuration - Dynamics - General (S7-1200) Configure the maximum velocity, the start/stop velocity, the acceleration and deceleration, and the jerk limit (positioning axis technology object as of V2) of the axis in the "General dynamics" configuration window. WinCC Advanced V14 System Manual, 10/2016 6657 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Unit of velocity limits Select the unit of measurement with which you want to set the velocity limits in the drop-down list. The unit set here depends on the unit of measurement set under "Configuration - General" and serves only for easier input. This provides the possibility, for example, to enter the maximum speed as a speed value of the motor in 1/min. Maximum velocity / Start/stop velocity Define the maximum permissible velocity and the start/stop velocity of the axis in these boxes. The start/stop velocity is the minimum permissible velocity of the axis and can only be configured for drive connection via PTO (Pulse Train Output). For drive connection via PROFIdrive or analog output, the start/stop velocity is fixed at zero. The maximum velocity when connecting via PROFdrive or analog output amounts to 1e+12 of the selected measurement unit (e.g. mm/s, /s, ...). Limits: The limits indicated below refer to the "Pulses/s" unit of measurement: Positioning axis technology object (PTO) as of V4 1 start/stop velocity 20000 (signal board 20 kHz) 1 start/stop velocity 200000 (signal board 200 kHz) 1 start/stop velocity 100000 (onboard CPU outputs 100 kHz) 1 start/stop velocity 20000 (on-board CPU outputs 20 kHz) 1 start/stop velocity 1000000 (onboard CPU outputs 1 MHz CPU 1217) 1 maximum velocity 20000 (signal board 20 kHz) 1 maximum velocity 200000 (signal board 200 kHz) 1 maximum velocity 100000 (onboard CPU outputs 100 kHz) 1 maximum velocity 20000 (on-board CPU outputs 20 kHz) 1 maximum velocity 1000000 (onboard CPU outputs 1 MHz CPU 1217) You can learn about the limits for the technology object positioning axis < V4 in the appendix Outputs of the CPU relevant for Motion Control (technology version V1...3) (Page 6818). The value of the maximum velocity must be greater or equal to the value of the start/stop velocity. The limits for other units of measurement must be converted by the user to conform to the given mechanics. Acceleration / Deceleration - Ramp-up time / Ramp-down time Set the desired acceleration in the "Ramp-up time" or "Acceleration" boxes. The desired deceleration can be set in the "Ramp-down time" or "Deceleration" boxes. The relation between the ramp-up time and acceleration and the ramp-down time and deceleration is shown in the following equations: Ramp-up time = 6658 Maximum velocity - Start/stop velocity Acceleration WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Ramp-down time = Maximum velocity - Start/stop velocity Deceleration Motion jobs started in the user program are performed with the selected acceleration / deceleration. The limits for acceleration and deceleration with drive connection via PTO (Pulse Train Output) can be found in section CPU outputs relevant for motion control (Page 6597). Note Changes to the velocity limits ("start/stop velocity" and "maximum velocity") influence the acceleration and deceleration values of the axis. The ramp-up and ramp-down times are retained. Enable jerk limit (positioning axis technology object as of V2) Enable the jerk limit with this check box. Axis acceleration and deceleration is not stopped abruptly when the jerk limit is activated; it is adjusted gently according to the set step or smoothing time. Note In coordination with S7-1500 Motion Control, the check box is no longer displayed as a parameter in the technology data block as of V4. By disabling the check box, the jerk value is set to 0.0. WinCC Advanced V14 System Manual, 10/2016 6659 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Smoothing time / jerk (positioning axis technology object as of V2) You can input the parameters of the jerk limit in the "Smoothing time" box or alternatively in the "Jerk" box. Set the desired jerk for acceleration and deceleration ramp in the "Jerk" box. Set the desired smoothing time for the acceleration ramp in the "Smoothing time" box. Note Smoothing time V2...3 The set smoothing time visible in the configuration only applies to the acceleration ramp. If the values for acceleration and deceleration differ, the smoothing time of the deceleration ramp is calculated according to the jerk of the acceleration ramp and used. (See also Behavior of the axis when using the jerk limit (Page 6662) The smoothing time of the deceleration is adapted as follows: Acceleration > deceleration The smoothing time used for the deceleration ramp is shorter than that for the acceleration ramp. Acceleration < deceleration The smoothing time used for the deceleration ramp is greater than that for the acceleration ramp. Acceleration = deceleration The smoothing times of the acceleration and deceleration ramp are equal. The relation between smoothing times and jerk is shown in the following equation: $FFHOHUDWLRQ 6PRRWKLQJWLPH DFFHOHUDWLRQUDPS 6PRRWKLQJWLPH GHFHOHUDWLRQUDPS -HUN 'HFHOHUDWLRQ -HUN Motion jobs started in the user program are performed with the selected jerk. The limits for jerk with drive connection via PTO (Pulse Train Output) can be found in section CPU outputs relevant for motion control (Page 6597). For PROFIdrive drives and drives with analog drive interface, the limit is 1E+12. See also Behavior of the axis when using the jerk limit (Page 6662) Hardware components for motion control (Page 6595) CPU outputs relevant for motion control (Page 6597) 6660 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Dynamics - Emergency stop (Page 6661) Changing the configuration of dynamics in the user program (Page 6663) Configuration - Dynamics - Emergency stop (S7-1200) Configure the emergency stop deceleration of the axis in the "Dynamics emergency stop" configuration window. In the event of an error, and when disabling the axis, the axis is brought to a standstill with this deceleration using the Motion Control instruction "MC_Power" (input parameter StopMode = 0 or 2). Velocity The velocity values configured in the "General dynamics" configuration window are once again displayed in this information area. Deceleration Set the deceleration value for emergency stop in the "Emergency deceleration" or "Emergency stop ramp-down time" field. The relation between emergency stop ramp-down time and emergency deceleration is shown in the following equation: Emergency stop = ramp-down time Maximum velocity - Start/stop velocity Emergency deceleration The specified emergency deceleration must be sufficient to bring the axis to a standstill in a timely manner in the event of an emergency (for example, when the hardware limit switch is approached prior to reaching the mechanical endstop). The configured maximum velocity of the axis must be used as a basis for selecting the emergency deceleration. Limit values: The limits indicated below refer to the "Pulses/s2" unit of measurement. As of CPU firmware V3 0.005 emergency stop deceleration 9.5E9 CPU Firmware V1...2 0.28 emergency stop deceleration 9.5E9 The limits for other units of measurement must be converted to conform to the given mechanics. The limits for jerk with drive connection via PTO (Pulse Train Output) can be found in section CPU outputs relevant for motion control (Page 6597). For PROFIdrive drives and drives with analog drive interface, the limit is 1E+12. WinCC Advanced V14 System Manual, 10/2016 6661 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Configuration - Dynamics - General (Page 6657) Changing the configuration of dynamics in the user program (Page 6663) Behavior of the axis when using the jerk limit (S7-1200) Axis acceleration and deceleration is not stopped abruptly when the jerk limit is activated; it is adjusted gently according to the set step or smoothing time. The diagram below details the behavior of the axis with and without activated jerk limit: Without jerk limit With jerk limit Y Y W W D D W W M M W W W WUX WD WUG WG W WUX WD 6662 W W WUG WG WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) t Time axis v Velocity a Acceleration j Jerk tru Rampup time ta Time taken for the axis to accelerate trd Deceleration time td Time taken for the axis to decelerate t1 Smoothing time of the acceleration ramp t2 Smoothing time of the deceleration ramp The example shows travel in which the deceleration value is twice the acceleration value . The resulting ramp-down time trd is therefore only half the length of the ramp-up time tru. Acceleration and deceleration change abruptly without a jerk limit. Acceleration and deceleration change gradually with activated jerk limiter. As the jerk applies to entire motion, the rate is the same for the increase and decrease in acceleration and deceleration. The step value j becomes infinitely high as soon as the change is made without jerk limit. The step is limited to the configured value when the jerk limit is activated. The smoothing time t1 given in the configuration applies to the acceleration ramp. The deceleration ramp smoothing time t2 is calculated from the configured jerk value and the configured deceleration. See also Configuration - Dynamics - General (Page 6657) Changing the configuration of dynamics in the user program (S7-1200) You can change the following configuration parameters during runtime of the user program in the CPU: Acceleration and deceleration You can also change the values for acceleration and deceleration during runtime of the user program. Use the following technology object variables for this purpose: <Axis name>.DynamicDefaults.Acceleration for changing acceleration <Axis name>.DynamicDefaults.Deceleration for changing deceleration Refer to the description of the technology object variables (Page 6782) in the appendix for information on when changes to the configuration parameters take effect. WinCC Advanced V14 System Manual, 10/2016 6663 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Emergency stop deceleration You can also change the value for the emergency stop deceleration during runtime of the user program. Use the following technology object variable for this purpose: <Axis name>.DynamicDefaults.EmergencyDeceleration Refer to the description of the technology object variables in the appendix for information on when changes to the configuration parameter take effect. Note After changes to this parameter, it may be necessary to adapt the positions of the hardware limit switches and other safety-relevant settings. Jerk limit You can also activate and deactivate the jerk limit at runtime of the user program and change the value for the jerk. For this, use the technology object tag <axis name>.DynamicDefaults.Jerk. For technology objects < V4, the tag <axis name>.Config.DynamicDefaults.JerkActive must be set to FALSE to change the values. The following applies to PTO axes: If you enter a value 0.004 mm/s3 for the jerk, the jerk limit is enabled with the specified value. If you enter a value < 0.004mm/s3 for the jerk, the jerk limit is disabled. For position-controlled axes, the jerk limit is disabled for a value of 0.0, and activated for values > 1e-9. Refer to the description of the technology object variables in the appendix for information on when changes to the configuration parameter take effect. See also Changing configuration of dynamic values in user program ("Axis" technology object V1...3) (Page 6829) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) Tags of the positioning axis technology object V4...5 (Page 6890) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) Configuration - Dynamics - General (Page 6657) Configuration - Dynamics - Emergency stop (Page 6661) 6664 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Homing (positioning axis technology object as of V2) (S7-1200) Configuration - Homing - Active (S7-1200) Configure the necessary parameters for active homing in the "Active homing" configuration window. Active homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 3. Select homing mode (drive connection via PROFIdrive V5 or higher only) Select one of the following homing modes: Use zero mark via PROFIdrive telegram and proximity switch Use zero mark via PROFIdrive telegram Use homing mark via digital input If you have selected drive connection via PTO (Pulse Train Output) or analog output with HSC as the encoder, the only homing mode available is "Use homing mark via digital input". WinCC Advanced V14 System Manual, 10/2016 6665 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Digital inputs In this area, you configure the homing switch: Input homing switch Select the digital input for the homing switch in this field. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a homing switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the homing switch, the home position may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the homing switch. For drive connection via PTO (Pulse Train Output): The input must be interrupt-capable. The onboard CPU inputs and the inputs of an inserted signal board can be selected as inputs for the homing switch. Select level In the drop-down list, select the level of the homing switch that is to be used for homing. Permit auto reverse at HW limit switch Activate the check box to use the hardware limit switch as a reversing cam for the homing procedure. The hardware limit switches must be enabled for the reversal of direction (at least the hardware limit switch in the direction of approach must be configured). If the hardware limit switch is reached during active homing, the axis brakes at the configured deceleration (not with the emergency stop deceleration) and reverses direction. The homing switch is then sensed in reverse direction. If the direction reversal is not active and the axis reaches the hardware limit switch during active homing, the homing procedure is aborted with an error and the axis is braked at the emergency stop deceleration. Note If possible, use one of the following measures to ensure that the machine does not travel to a mechanical endstop in the event of a direction reversal: Keep the approach velocity low. Increase the configured acceleration/deceleration. Increase the distance between the hardware limit switch and the mechanical endstop. Approach/homing direction With the direction selection, you determine the approach direction used during active homing to search for the homing switch, as well as the homing direction. The homing direction specifies the travel direction the axis uses to approach the configured end of the homing switch to carry out the homing operation. 6666 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Side of homing switch This is where you select whether the axis is to be homed on the top or bottom side of the homing switch. Approach velocity In this field, specify the velocity at which the homing switch is to be searched for during the homing procedure. Limits (independent of the selected unit of measurement): Start/stop velocity approach velocity maximum velocity Homing velocity In this field, specify the velocity at which the homing switch is to be approached for homing. Limits (independent of the selected unit of measurement): Start/stop velocity Homing velocity Maximum velocity Home position offset If the desired home position deviates from the position of the homing switch, the home position offset can be specified in this field. If the value does not equal 0, the axis executes the following actions following homing at the homing switch: 1. Move the axis at the homing velocity by the value of the home position offset 2. Upon reaching the "home position offset", the axis is at the home position that was specified in input parameter "Position" of the "MC_Home" Motion Control instruction. Limits (independent of the selected unit of measurement): -1.0e12 home position offset 1.0e12 Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Configuration - Homing - Passive (S7-1200) Configure the necessary parameters for passive homing in the "Homing - Passive" configuration window. The movement for passive homing must be triggered by the user (e.g. using an axis motion command). Passive homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 2. WinCC Advanced V14 System Manual, 10/2016 6667 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Select homing mode (drive connection via PROFIdrive V5 or higher only) Select one of the following homing modes: Use zero mark via PROFIdrive telegram and proximity switch The system checks for when the proximity switch is reached. After the proximity switch is reached and is left again in the assigned homing direction, zero mark detection is enabled via the PROFIdrive telegram. When the zero mark is reached in the pre-selected direction, then the actual position of the technology object is set to the homing mark position. Use zero mark via PROFIdrive telegram The system enables zero mark detection as soon as the actual value of the technology object moves in the assigned homing direction. When the zero mark is reached in the specified homing direction, the actual position of the technology object is set to the homing mark position. Use homing mark via digital input The system checks the state of the digital input as soon as the actual value of the axis or encoder moves in the assigned homing direction. When the homing mark is reached (setting of the digital input) in the specified homing direction, the actual position of the technology object is set to the homing mark position. If you have selected drive connection via PTO (Pulse Train Output), a homing mark via a digital input is used by default. Digital inputs In this area, you configure the homing switch: Input homing switch Select the digital input for the homing switch in this field. The input must be interruptcapable. The onboard CPU inputs and the inputs of an inserted signal board can be selected as inputs for the homing switch. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a homing switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the homing switch, the home position may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the homing switch. Select level In the drop-down list, select the level of the homing switch that is to be used for homing. Side of homing switch This is where you select whether the axis is to be homed on the top or bottom side of the homing switch. 6668 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Note If passive homing is carried out without an axis motion command (axis at a standstill), homing will be executed upon the next rising or falling edge at the homing switch. Sequence - Active homing (S7-1200) You start active homing with motion control instruction "MC_Home" (input parameter Mode = 3). The "Position" input parameter specifies the absolute home position. Alternatively, you can start active homing on the axis control panel for test purposes. The diagram below shows an example of a characteristic curve for an active home position approach with the following configuration parameters: "Homing mode" = "Use homing mark via digital input" "Approach/homing direction" = "Positive direction" "Side of homing switch" = "Top side" Value of "home position offset" > 0 Y $SSURDFKYHORFLW\ +RPLQJYHORFLW\ V 5HIHUHQFHSRLQWSRVLWLRQ 5HIHUHQFHSRLQWRIIVHW Search for homing switch (blue curve section) When active homing starts, the axis accelerates to the configured "approach velocity" and searches at this velocity for the homing switch. The tag <axis name>.StatusBits.HomingDone is set to FALSE. WinCC Advanced V14 System Manual, 10/2016 6669 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Reference point approach (red curve section) When the homing switch is detected, the axis in this example brakes and reverses, to be homed to the configured side of the homing switch at the configured homing velocity. Homing causes the tag <axis name>.StatusBits.HomingDone to change to TRUE. Travel to home position offset (green curve segment) After homing, the axis moves at the homing velocity along the path to the home position offset. There the axis is at the homing point position that was specified in input parameter "Position" of the "MC_Home" Motion Control instruction. See also Configuration - Homing - General (Axis technology object V2...3) (Page 6827) Sequence - Passive homing (S7-1200) Passive homing is started with Motion Control instruction "MC_Home" (input parameter Mode = 2). Input parameter "Position" specifies the absolute reference point position. The diagram below shows an example of a characteristic curve for passive homing with the following configuration parameters: "Side of homing switch" = "Top side" "Homing mode" = "Use homing mark via digital input" Y 7UDYHOLQSRVLWLYH GLUHFWLRQ V 7UDYHOLQQHJDWLYHGLUHFWLRQ 0RYHPHQWEHIRUHWKH UHIHUHQFHSRLQWVZLWFK 5HIHUHQFHSRLQWSRVLWLRQ 6670 0RYHPHQWEDVHGRQ UHIHUHQFHSRLQWVZLWFK WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Movement towards homing switch (red section of curve) The Motion Control instruction "MC_Home" does not itself carry out any homing motion when passive homing is started. The travel required for reaching the homing switch must be implemented by the user via other motion control instructions such as "MC_MoveRelative". The tag <axis name>.StatusBits.HomingDone remains TRUE during passive homing if the axis has already been homed. Axis homing (transition from red to green section of curve) The axis is homed when the configured side of the homing switch is reached. The current position of the axis is set to the home position. This is specified at the "Position" parameter of the "MC_Home" Motion Control instruction. The tag <axis name>.StatusBits.HomingDone will be set to "TRUE" if the axis has not been homed before. The travel previously started is not canceled. Movement beyond homing switch (green section of curve) Following homing at the homing switch, the axis continues and completes the previously started travel with the corrected axis position. Changing the homing configuration in the user program (S7-1200) With positioning axis technology object as of V2, you can change the following configuration parameters during runtime of the user program in the CPU: Passive homing You can change the end of the homing switch for passive homing during the user program runtime. Use the following technology object tag for this purpose: <Axis name>.Sensor[1].PassiveHoming.SideInput for changing the side of the homing switch <Axis name>.Sensor[1].PassiveHoming.Mode for changing the homing mode Refer to the description of the technology object tags (Page 6890) in the appendix for information on when changes to the configuration parameter take effect. Active homing You can change the direction of approach, the side of the homing switch, the approach velocity, the homing velocity, and the home position offset for active homing during the program runtime of the user program. Use the following technology object tags for this purpose: <Axis name>.Homing.AutoReversal for changing the auto reverse at the HW limit switch <Axis name>.Homing.ApproachDirection for changing the approach/homing direction WinCC Advanced V14 System Manual, 10/2016 6671 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Sensor[1].ActiveHoming.SideInput for changing the side of the homing switch <Axis name>.Homing.ApproachVelocity for changing the approach velocity <Axis name>.Homing.ReferencingVelocity for changing the homing velocity <Axis name>.Sensor[1].ActiveHoming.HomePositionOffset for changing the home position offset <Axis name>.Sensor[1].ActiveHoming.Mode for changing the homing mode Refer to the description of the technology object tags in the appendix for information on when changes to the configuration parameter take effect. See also Compatibility list of variables V1...3 <-> V4...5 (Page 6626) MC_ChangeDynamic: Change dynamic settings of axis V4...5 (Page 3953) Positioning monitoring (S7-1200) Configuration - Position monitoring (PROFIdrive and analog drive connection only) (S7-1200) In the "Position monitoring" configuration window, configure the criteria for monitoring the target position. Position monitoring monitors the behavior of the actual position at the end of the setpoint calculation. As soon as the setpoint velocity reaches the value zero, the actual position value must be located within a tolerance time in the positioning window. The actual value must not exit the positioning window during the minimum dwell time. If the actual position reaches the positioning window within the tolerance time and remains in the positioning window for the minimum dwell time, the status bit <axis name>.StatusBits.Done is set. This completes a motion command. Position monitoring does not make any distinction between how the setpoint interpolation was completed. The end of setpoint interpolation can, for example, be reached as follows: By the setpoint reaching the target position By position-controlled stopping during the motion through the Motion Control instruction "MC_Halt" In the following cases, the axis is stopped by the position monitoring and a positioning error (ErrorID 16#800F) is displayed at the Motion Control instruction: The actual value does not reach the positioning window within the tolerance time. The actual value exits the positioning window during the minimum dwell time. 6672 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Positioning window In this field, configure the size of the positioning window. Tolerance time In this field, configure the tolerance time within which the position value must reach the positioning window. Minimum dwell time in positioning window In this field, configure the minimum dwell time for which the actual position value must be located in the positioning window. Configuration - Following error (PROFIdrive and analog drive connection only) (S7-1200) In the "Following error" configuration window, you configure the permissible deviation of the actual position of the axis from the setpoint position. The following error is the difference between the setpoint position and the actual position value of the axis. The transmission times of the setpoint to the drive and of the actual value to the controller are taken into account in the calculation of the following error. The following error is monitored based on a velocity-dependent following error limit. The permissible following error depends on the setpoint velocity. A constant permissible following error can be specified for velocities lower than an adjustable velocity low limit. Above this low velocity limit, the permissible following error increases in proportion to the setpoint velocity. The maximum following error is permitted at the maximum velocity. If the permitted following error is exceeded, the axis is stopped and an error (ErrorID 16#800D) is displayed at the Motion Control instruction. Enable following error monitoring Select the check box to enable following error monitoring. When following error monitoring is enabled, the axis is stopped in the error range (orange). Maximum following error In this field, configure the following error that is permissible at maximum velocity. Following error In this field, configure the permissible following error for low velocities (without dynamic adaptation). WinCC Advanced V14 System Manual, 10/2016 6673 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Start dynamic adjustment In this field, configure the velocity above which the following error should be dynamically adapted. Above this velocity, the following error up to the maximum velocity will be adapted to the maximum following error. Maximum velocity This box shows the maximum velocity configured under "Dynamics > General". Configuration - Standstill signal (PROFIdrive and analog drive connection only) (S7-1200) In the "Standstill signal" configuration window, configure the criteria for standstill detection. To display the standstill (<Axis name>.StatusBits.StandStill), the velocity of the axis must remain in the standstill window for the minimum dwell time. Standstill window In this field, configure the size of the standstill window. Minimum dwell time in standstill window In this field, configure the minimum dwell time in the standstill window. Configuration - Control loop (PROFIdrive and analog drive connection only) (S7-1200) In the "Control loop" configuration window, configure the precontrol and the gain Kv of the position control loop. The Kv factor affects the following parameters: Positioning accuracy and stop control Uniformity of motion Positioning time The better the mechanical conditions of the axis are (high stiffness), the higher you can configure the Kv factor. This reduces the following error, and a higher dynamic response is achieved. The "Tuning (Page 6718)" function supports you in determining the optimum gain for the position control of the axis. Precontrol In this field, configure the velocity precontrol of the position control loop as a percentage. Gain (Kv factor) In this field, you configure the gain Kv of the position control loop. 6674 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Parameter view (S7-1200) Introduction to the parameter view (S7-1200) The Parameter view provides you with a general overview of all relevant parameters of a technology object. You obtain an overview of the parameter settings and can easily change them in offline and online mode. "Parameter view" tab Toolbar (Page 6475) Navigation (Page 6475) Parameter table (Page 6476) Function scope The following functions are available for analyzing the parameters of the technology objects and for enabling targeted monitoring and modification. Display functions: Display of parameter values in offline and online mode Display of status information of the parameters Display of value deviations and option for direct correction Display of configuration errors Display of value changes as a result of parameter dependencies WinCC Advanced V14 System Manual, 10/2016 6675 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Display of all memory values of a parameter: Start value PLC, Start value project, Monitor value Display of the parameter comparison of the memory values of a parameter Operator control functions: Navigation for quickly changing between the parameters and parameter structures. Text filter for faster searches for particular parameters. Sorting function for customizing the order of parameters and parameter groups to requirements. Memory function for backing up structural settings of the Parameter view. Monitoring and modifying of parameter values online. Function for saving a snapshot of parameter values of the CPU in order to capture momentary situations and to respond to them. Function for applying a snapshot of parameter values as start values. Download of modified start values to the CPU. Comparison functions for comparing parameter values with one another. Validity The Parameter view described here is available for the following technology objects: PID_Compact PID_3Step PID_Temp CONT_C (S7-1500 only) CONT_S (S7-1500 only) TCONT_CP (S7-1500 only) TCONT_S (S7-1500 only) TO_Axis_PTO (S7-1200 Motion Control) TO_Positioning_Axis (S7-1200 Motion Control) TO_CommandTable_PTO (S7-1200 Motion Control) TO_CommandTable (S7-1200 Motion Control) 6676 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Structure of the parameter view (S7-1200) Toolbar (S7-1200) The following functions can be selected in the toolbar of the parameter view. Icon Function Explanation Monitor all Starts the monitoring of visible parameters in the active Parameter view (online mode). Create snapshot of mon Applies the current monitor values to the "Snapshot" column and up itor values and accept dates the start values in the project. setpoints of this snap Only in online mode for PID_Compact, PID_3Step and PID_Temp. shot as start values Initialize setpoints Transfers the start values updated in the project to the CPU. Only in online mode for PID_Compact, PID_3Step and PID_Temp. Create snapshot of mon Applies the current monitor values to the "Snapshot" column. itor values Only in online mode. Modify all selected pa rameters immediately and once This command is executed once and as quickly as possible without reference to any particular point in the user program. Select navigation struc ture Toggles between functional navigation and data navigation. Text filter... After entry of a character string: Display of all parameters containing the specified string in one of the currently visible columns. Selection of compare values Selection of parameter values that are to be compared with one an other in online mode (Start value project, Start value PLC, Snapshot) Save window settings Saves your display settings for the Parameter view (e.g., selected navigation structure, activated table columns, etc.) Only in online mode. Only in online mode. Navigation (S7-1200) Within the "Parameter view" tab, the following alternative navigation structures can be selected. Navigation Explanation Functional naviga tion In the functional navigation, the structure of the parameters is based on the structure in the configuration dialog ("Functional view" tab), commissioning dialog, and diagnostics dialog. The last group "Other parameters" contains all other parameters of the technology object. Data navigation In the data navigation, the structure of the parameters is based on the structure in the instance DB / technology DB. The last group "Other parameters" contains the parameters that are not contained in the instance DB / technology DB. You can use the "Select navigation structure" drop-down list to toggle the navigation structure. WinCC Advanced V14 System Manual, 10/2016 6677 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Parameter table (S7-1200) The table below shows the meaning of the individual columns of the parameter table. You can show or hide the columns as required. Column "Offline" = X: Column is visible in offline mode. Column "Online" = X: Column is visible in online mode (online connection to the CPU). Column Explanation Offline Online Name in functional view Name of the parameter in the functional view. X X Full name in DB Complete path of the parameter in the instance DB / technology DB. X X X X The display field is empty for parameters that are not configured via the tech nology object. The display field is empty for parameters that are not contained in the instance DB / technology DB. Name in DB Name of the parameter in the instance DB / technology DB. If the parameter is part of a structure or UDT, the prefix ". ./" is added. The display field is empty for parameters that are not contained in the instance DB / technology DB. Status of configura tion Display of the completeness of the configuration using status symbols. Compare result Result of the "Compare values" function. X see Status of configuration (offline) (Page 6484) X This column is shown if there is an online connection and the "Monitor all" button is selected. Start value project Configured start value in the project. X X X X X X Error indication if entered values have a syntax or process-related error. Default value Value that is pre-assigned to the parameter. The display field is empty for parameters that are not contained in the instance DB / technology DB. Snapshot Snapshot of the current values in the CPU (monitor values). Error indication if values have a process-related error. Start value PLC Start value in the CPU. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if values have a process-related error. Monitor value Current value in the CPU. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if values have a process-related error. Modify value Value that is to be used to change the monitor valuet. X This column is shown if there is an online connection and the "Monitor all" button is selected. Error indication if entered values have a syntax or process-related error. Selection for trans mission Selection of the Modify values that are to be transmitted using the "Modify all selected parameters immediately and once" button. X This column is displayed together with the "Modify value" column. 6678 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Column Explanation Offline Online Minimum value Minimum process-related value of the parameter. X X X X If the minimum value is dependent on other parameters, it is defined: Offline: By the Start value project. Online: By the Monitor values. Maximum value Maximum process-related value of the parameter. If the maximum value is dependent on other parameters, it is defined: Offline: By the Start value project. Online: By the Monitor values. Setpoint Designates the parameter as a setpoint. These parameters can be initialized online. X X Data type Data type of the parameter. X X X X Accessible from HMI Indicates whether the HMI can access this parameter during runtime. X X Visible in HMI Indicates whether the parameter is visible in the selection list of the HMI by default. X X Comment Brief description of the parameter. X X The display field is empty for parameters that are not contained in the instance DB / technology DB. Retain Designates the value as a retentive value. The values of retentive parameters are retained even after the voltage supply is switched off. See also Comparing values (Page 6470) Opening the parameter view (S7-1200) Requirement The technology object has been added in the project tree, i.e., the associated instance DB / technology DB of the instruction has been created. Procedure 1. Open the "Technology objects" folder in the project tree. 2. Open the technology object in the project tree. 3. Double-click the "Configuration" object. 4. Select the "Parameter view" tab in the top right corner. Result The Parameter view opens. Each displayed parameter is represented by one row in the parameter table. WinCC Advanced V14 System Manual, 10/2016 6679 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The displayable parameter properties (table columns) vary depending on whether you are working with the Parameter view in offline or online mode. In addition, you can selectively display and hide individual table columns. See also Default setting of the parameter view (Page 6478) Default setting of the parameter view (S7-1200) Default settings To enable you to work efficiently with the Parameter view, you can customize the parameter display and save your settings. The following customizations are possible and can be saved: Show and hide columns Change column width Change order of the columns Toggle navigation Select parameter group in the navigation Selection of compare values Show and hide columns To show or hide columns in the parameter table, follow these steps: 1. Position the cursor in the header of the parameter table. 2. Select the "Show/Hide" command in the shortcut menu. The selection of available columns is displayed. 3. To show a column, select the check box for the column. 4. To hide a column, clear the check box for the column. or 1. Position the cursor in the header of the parameter table. 2. Select the "Show all columns" command in the shortcut menu if all columns of the offline or online mode are to be displayed. Some columns can only be displayed in online mode: see Parameter table (Page 6476). 6680 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Change column width To customize the width of a column so that all texts in the rows can be read, follow these steps: 1. Position the cursor in the header of the parameter table to the right of the column to be customized until the shape of the cursor changes to a cross. 2. Then double-click this location. or 1. Open the shortcut menu on the header of the parameter table. 2. Click - "Optimize column width" or - "Optimize width of all columns". If the column width setting is too narrow, the complete content of individual fields are shown if you hover the cursor briefly over the relevant field. Change order of the columns The columns of the parameter table can be arranged in any way. To change the order of the columns, follow these steps: 1. Click on the column header and use a drag-and-drop operation to move it to the desired location. When you release the mouse button, the column is anchored to the new position. Toggle navigation To toggle the display form of the parameters, follow these steps: 1. Select the desired navigation in the "Select navigation structure" drop-down list. - Data navigation - Functional navigation See also Navigation (Page 6475). Select parameter group in the navigation Within the selected navigation, you choose between the "All parameters" display or the display of a subordinate parameter group of your choice. 1. Click the desired parameter group in the navigation. The parameter table only displays the parameters of the parameter group. WinCC Advanced V14 System Manual, 10/2016 6681 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Selection of compare values (online) To set the compare values for the "Compare values" function, follow these steps: 1. Select the desired compare values in the "Selection of compare values" drop-down list. - Start value project / Start value PLC - Start value project / Snapshot - Start value PLC / Snapshot The "Start value project / Start value PLC" option is set by default. Saving the default setting of the Parameter view To save the above customizations of the Parameter view, follow these steps: 1. Customize the Parameter view according to your requirements. 2. Click the "Save window settings" button at the top right of the Parameter view. Working with the parameter view (S7-1200) Overview (S7-1200) The following table provides an overview of the functions of the Parameter view in online and offline mode described in the following. Column "Offline" = X: This function is possible in offline mode. Column "Online" = X: This function is possible in online mode. 6682 Function/action Offline Online Filtering the parameter table (Page 6481) X X Sorting the parameter table (Page 6481) X X Transferring parameter data to other editors (Page 6482) X X Indicating errors (Page 6482) X X Editing start values in the project (Page 6483) X X Status of configuration (offline) (Page 6484) X Monitoring values online in the parameter view (Page 6484) X Create snapshot of monitor values (Page 6485) X Modifying values (Page 6486) X Comparing values (Page 6487) X Applying values from the online program as start values (Page 6488) X Initializing setpoints in the online program (Page 6489) X WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Filtering the parameter table (S7-1200) You can filter the parameters in the parameter table in the following ways: With the text filter With the subgroups of the navigation Both filter methods can be used simultaneously. With the text filter Texts that are visible in the parameter table can be filtered. This means only texts in displayed parameter rows and columns can be filtered. 1. Enter the desired character string for filtering in the "Text filter..." input box. The parameter table displays only the parameters containing the character string. The text filtering is reset. When another parameter group is selected in the navigation. When navigation is changed from data navigation to functional navigation, or vice versa. With the subgroups of the navigation 1. Click the desired parameter group in the navigation, e.g., "Static". The parameter table only shows the static parameters. You can select further subgroups for some groups of the navigation. 2. Click "All parameters" in the navigation if all parameters are to be shown again. Sorting the parameter table (S7-1200) The values of the parameters are arranged in rows. The parameter table can be sorted by any displayed column. In columns containing numerical values, sorting is based on the magnitude of the numerical value. In text columns, sorting is alphabetical. Sorting by column 1. Position the cursor in the header cell of the desired column. The background of this cell turns blue. 2. Click the column header. Result The entire parameter table is sorted by the selected column. A triangle with tip facing up appears in the column header. WinCC Advanced V14 System Manual, 10/2016 6683 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Clicking the column header again changes the sorting as follows: Symbol "": Parameter table is sorted in ascending order. Symbol "": Parameter table is sorted in descending order. No symbol: The sorting is removed again. The parameter table assumes the default display. The "../" prefix in the "Name in DB" column is ignored when sorting. Transferring parameter data to other editors (S7-1200) After selecting an entire parameter row of the parameter table, you can use the following: Drag-and-drop <Ctrl+C>/<Ctrl+V> Copy/Paste via shortcut menu Transfer parameters to the following editors of the TIA Portal: Program editor Watch table Signal table for trace function The parameter is inserted with its full name: See information in "Full name in DB" column. Indicating errors (S7-1200) Error indication Parameter assignment errors that result in compilation errors (e.g., limit violation) are indicated in the Parameter view. Every time a value is input in the Parameter view, a check is made for process-related and syntax errors and the result is indicated. Bad values are indicated by: Red error symbol in the "Status of configuration" (offline mode) or "Compare result" (online mode, depending on the selected comparison type) columns and/or Table field with red background If you click the bad field, a roll-out error message appears with information of the permissible value range or the required syntax (format) Compilation error From the error message of the compiler, you can directly open the Parameter view (functional navigation) containing the parameter causing the error in situations where the parameter is not displayed in the configuration dialog. 6684 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Editing start values in the project (S7-1200) With the Parameter view, you can edit the start values in the project in offline mode and online mode. You make value changes in the "Start value project" column of the parameter table. In the "Status of configuration" column of the parameter table, the progress of the configuration is indicated by the familiar status symbols from the configuration dialog of the technology object. Boundary conditions If other parameters depend on the parameter whose start value was changed, the start value of the dependent parameters are also adapted. If a parameter of a technology object is not editable, it is also not editable in the parameter view. The ability to edit a parameter can also depend on the values of other parameters. Defining new start values To define start values for parameters in the Parameter view, follow these steps: 1. Open the Parameter view of the technology object. 2. Enter the desired start values in the "Start value project" column. The value must match the data type of the parameter and must not exceed the value range of the parameter. The limits of the value range can be seen in the "Maximum value" and "Minimum value" columns. The "Status of configuration" column indicates the progress of the configuration with colored symbols. See also Status of configuration (offline) (Page 6484) Following adaptation of the start values and downloading of the technology object to the CPU, the parameters take the defined value at startup if they are not declared as retentive ("Retain" column). Error indication When a start value is input, a check is made for process-related and syntax errors and the result is indicated. Bad start values are indicated by: Red error symbol in the "Status of configuration" (offline mode) or "Compare result" (online mode, depending on the selected comparison type) columns and/or Red background in the "Start value project" field If you click on the bad field, a roll-out error message appears with information of the permissible value range or the necessary syntax (format) WinCC Advanced V14 System Manual, 10/2016 6685 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Correcting bad start values 1. Correct bad start values using information from the roll-out error message. Red error symbol, red field background, and roll-out error message are no longer displayed. The project cannot be successfully compiled unless the start values are error-free. Status of configuration (offline) (S7-1200) The status of the configuration is indicated by icons: In the "Status of configuration" column in the parameter table In the navigation structure of the functional navigation and data navigation Symbol in "Status of configuration" column Symbol Meaning The start value of the parameter corresponds to the default value and is valid. A start value has not yet been defined by the user. The start value of the parameter contains a value defined by the user or an automatically adjusted value. The start value is different than the default value. The start value is error-free and valid. The start value of the parameter is invalid (syntax or process-related error). The input box has a red background. When clicked, the roll-out error message indicates the cause of the error. Only for S7-1200 Motion Control: The start value of the parameter is valid but contains warnings. The input box has a yellow background. The parameter is not relevant in the current configuration. Symbol in the navigation The symbols in the navigation indicate the progress of the configuration in the same way as in the configuration dialog of the technology object. See also Configure technology objects (Page 6466) Monitoring values online in the parameter view (S7-1200) You can monitor the values currently taken by the parameters of the technology object in the CPU (monitor values) directly in the Parameter view. Requirements There is an online connection. The technology object is downloaded to the CPU. 6686 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. Procedure . 1. Start the monitoring by clicking As soon as the Parameter view is online, the following columns are additionally displayed: - Compare result - Start value PLC - Monitor value - Modify value - Selection for transmission The "Monitor value" column shows the current parameter values on the CPU. Meaning of the additional columns: see Parameter table (Page 6476) 2. Stop the monitoring by clicking again. Display All columns that are only available online have an orange background: Values in light-orange cells can be changed. Values in cells with a dark orange background cannot be changed. Create snapshot of monitor values (S7-1200) You can back up the current values of the technology object on the CPU (monitor values) and display them in the Parameter view. Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button is selected. Procedure To show the current parameter values, follow these steps: 1. In the Parameter view, click the "Create snapshot of monitor values" icon WinCC Advanced V14 System Manual, 10/2016 . 6687 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Result The current monitor values are transferred once to the "Snapshot" column of the parameter table. You can analyze the values "frozen" in this way while the monitor values continue to be updated in the "Monitor values" column. Modifying values (S7-1200) With the Parameter view, you can modify values of the technology object in the CPU. You can assign values to the parameter once (Modify value) and modify them immediately. The modify request is executed as quickly as possible without reference to any particular point in the user program. DANGER Danger when modifying: Changing the parameter values while the plant is operating may result in severe damage to property and personal injury in the event of malfunctions or program errors. Make sure that dangerous states cannot occur before you use the "Modify" function. Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button is selected. The parameter can be modified (associated field in the "Modify value" column has a lightorange background). Procedure To modify parameters immediately, follow these steps: 1. Enter the desired modify values in the "Modify values" column of the parameter table. 2. Check whether the check box for modifying is selected in the "Select for transmission" column. The modify values and associated check boxes of dependent parameters are automatically adapted at the same time. 3. Click the "Modify all selected parameters immediately and once" icon . The selected parameters are modified once and immediately with the specified values and can be monitored in the "Modify values" column. The check boxes for modifying in the 6688 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) "Selection for transmission" column are automatically cleared after the modify request is complete. Error indication When a start value is input, a check is made immediately for process-related and syntax errors and the result is indicated. Bad start values are indicated by: Red background in the "Modify value" field and If you click the bad field, a roll-out error message appears with information of the permissible value range or the necessary syntax (format) Bad modify values Modify values with process-related errors can be transmitted. Modify values with syntax errors cannot be transmitted. Comparing values (S7-1200) You can use comparison functions to compare the following memory values of a parameter: Start value project Start value PLC Snapshot Requirements There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). The Parameter view of the technology object is open. The "Monitor all" button WinCC Advanced V14 System Manual, 10/2016 is selected. 6689 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Procedure To compare the start values on the various target systems, follow these steps: 1. Click the "Selection of compare values" icon . A selection list containing the comparison options opens: - Start value project - Start value PLC (default setting) - Start value project - Snapshot - Start value PLC - Snapshot 2. Select the desired comparison option. The selected comparison option is executed as follows: - A scales symbol appears in the header cells of the two columns selected for comparison. - Symbols are used in the "Compare result" column to indicate the result of the comparison of the selected columns. Symbol in "Compare result" column Symbol Meaning The compare values are equal and error-free. The compare values are not equal and error-free. At least one of the two compare values has a process-related or syntax error. The comparison cannot be performed. At least one of the two comparison values is not available (e.g. snapshot). Comparison of the value is inappropriate since it is not relevant in one of the configurations. Symbol in the navigation The symbols are shown in the same way in the navigation if the comparison result applies to at least one of the parameters below the displayed navigation structure. Applying values from the online program as start values (S7-1200) In order to apply optimized values from the CPU to the project as start values, you create a snapshot of the monitor values. Values of the snapshot marked as a "Setpoint" are then applied to the project as start values. Requirements The technology object is of type "PID_Compact" or "PID_3Step". There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). 6690 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The Parameter view of the technology object is open. The "Monitor all" button is selected. Procedure To apply optimized values from the CPU, follow these steps: 1. Click the "Create snapshot of monitor values and accept setpoints of this snapshot as start values" icon . Result The current monitor values are applied to the "Snapshot" column and their setpoints are copied to the "Start value project" column as new start values. Note Applying values of individual parameters You can also apply the values of individual parameters that are not marked as a setpoint from the "Snapshot" column to the "Start values project" column. To do so, copy the values and insert them into the "Start value project" column using the "Copy" and "Paste" commands in the shortcut menu. Initializing setpoints in the online program (S7-1200) You can initialize all parameters that are marked as a "Setpoint" in the Parameter view with new values in the CPU in one step. In so doing, the start values are downloaded from the project to the CPU. The CPU remains in "RUN" mode. To avoid data loss on the CPU during a cold restart or warm restart, you must also download the technology object to the CPU. DANGER Danger when changing parameter values Changing the parameter values while the plant is operating may result in severe damage to property and personal injury in the event of malfunctions or program errors. Make sure that dangerous states cannot occur before you reinitialize the setpoints. Requirements The technology object is of type "PID_Compact" or "PID_3Step". There is an online connection. The technology object is downloaded to the CPU. The program execution is active (CPU in "RUN"). WinCC Advanced V14 System Manual, 10/2016 6691 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The Parameter view of the technology object is open. The "Monitor all" button is selected. The parameters marked as a "Setpoint" have a "Start value project" that is free of processrelated and syntax errors Procedure To initialize all setpoints, follow these steps: 1. Enter the desired values in the "Start value project" column. Ensure that the start values are free of process-related and syntax errors. 2. Click the "Initialize setpoints" icon . Result The setpoints in the CPU are initialized with the start values from the project. Configuring technology modules for Motion Control (S7-1200) Overview (S7-1200) The following technology modules can be used as the encoder connection in S7-1200 Motion Control. ET 200MP ET 200 SP TM Count 2x24V (Page 6694) TM Count 1x24V (Page 6694) TM PosInput 2 (Page 6692) TM PosInput 1 (Page 6692) Technology modules can be used centrally or distributed in the system. However, isochronous mode is supported only with decentralized use. The following section describes how to configure the technology modules as encoder: See also TM Count 1x24V / TM Count 2x24V (Page 6694) TM PosInput 1 / TM PosInput 2 (Page 6692) TM PosInput 1 / TM PosInput 2 (S7-1200) For use with S7-1200 Motion Control, the following parameters must be configured: Configuration Technology module Technology object TM PosInput 1 / TM PosInput 2 Basic parameters > Channel 0/1 > Operating mode Axis - Select "Position input for Motion Control" mode 6692 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration Technology module Technology object TM PosInput 1 / TM PosInput 2 Axis Basic parameters > Channel 0/1 > Module parameters Basic parameters > Encoder - Select encoder and corresponding channel Signal type Select encoder type corresponding to configuration for tech nology module Incremental encoder Absolute encoder Incremental - Data exchange with encoder Absolute Telegram "DP_TEL83_STANDARD" is automatically selec ted after the selection of the encoder. Disable "Automatic transfer of encoder parameter values in the device" Select rotary or linear measuring system type Signal evaluation Select fine resolution corresponding to configuration for tech nology module Single Incremental encoder: Double Quadruple - 0 = Single - 1 = Double or - 2 = Quadruple Absolute encoder: - Enter increments per revolution 0 (= single) Rotary type: Enter increments per revolution corresponding to configuration at technology module (1:1) Linear type: Enter distance per revolution - Hardware interface > Data exchange with drive Rotary type: Enter reference speed corresponding to configuration for technology object (1:1) Enter reference speed Linear type: Configuration not relevant I/O addresses - Organization block: MC-Servo Process image: PIP OB servo Select "Isochronous mode" "-" No configuration for technology module/technology object is required for these parameters See also Overview (Page 6692) TM Count 1x24V / TM Count 2x24V (Page 6694) WinCC Advanced V14 System Manual, 10/2016 6693 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) TM Count 1x24V / TM Count 2x24V (S7-1200) For use with S7-1200 Motion Control, the following parameters must be configured: Configuration Technology module Technology object TM Count 1x24V / TM Count 2x24V Basic parameters > Channel 0/1 > Operating mode Axis - Select "Position input for Motion Control" mode Basic parameters > Channel 0/1 > Module parameters Hardware interface > Encoder - Select encoder and corresponding channel Signal type Incremental encoder Select encoder type corresponding to configuration for tech nology module - Hardware interface > Data exchange with encoder Incremental Telegram "DP_TEL83_STANDARD" is automatically selec ted after the selection of the encoder. Disable "Automatic transfer of encoder parameter values in the device" Select rotary or linear measuring system type Signal evaluation Select fine resolution corresponding to configuration for tech nology module Single 0 = Single Double Quadruple 1 = Double Enter increments per revolution Rotary type: Enter increments per revolution corresponding to configuration at technology module (1:1) 2 = Quadruple Linear type: Enter distance per increment - Hardware interface > Data exchange with drive Rotary type: Enter reference speed corresponding to configuration for technology object (1:1) Enter reference speed Linear type: Configuration not relevant I/O addresses - Organization block: MC-Servo Process image: PIP OB servo Select "Isochronous mode" See also Overview (Page 6692) TM PosInput 1 / TM PosInput 2 (Page 6692) 6694 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.6 Technology object command table (S7-1200) 13.2.6.1 Use of the command table technology object (S7-1200) The technology object "Command table" allows you to combine multiple individual axis control commands in one movement sequence. The technology object can be used as of technology version V2 for axes with drive connection via PTO (Pulse Train Output). You configure the movement sequence as a table in a configuration dialog. The motion profile of the movement sequences can be checked on a graph before the project is loaded to the CPU. The command tables created are then linked to an axis and used in the user program with the "MC_CommandTable" Motion Control instruction. You can process part or all of the command table. 13.2.6.2 Command table technology object tools (S7-1200) The "Configuration" tool is provided in the TIA Portal for the "Command Table" technology object. The representation below shows the interaction of the tool with the technology object: 7HFKQRORJLFDOREMHFW &RPPDQGWDEOH '%[ &RQILJXUDWLRQGDWD &RQILJXUDWLRQ Writing and reading the configuration of the technology object WinCC Advanced V14 System Manual, 10/2016 6695 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration Configure the following properties of the "Command Table" technology object with the "Configuration" tool: You can create one or more movement sequences by configuring individual jobs. You can configure the graphic display to check your movement sequence using an axis already configured or a configurable default axis. The movement sequence data are saved in the data block of the technology object. 13.2.6.3 Adding the technological object command table (S7-1200) Requirements A project with a CPU S7-1200 has been created. The CPU firmware version is V2.1 or higher Procedure Proceed as follows to add a "Command table" technology object in the project tree: 1. Open the "CPU > Technology objects" folder in the project tree. 2. Double-click the "Add new object" command. The "Add new object" dialog opens. 3. Select the "Motion Control" technology. 4. Open the "Motion Contro > S7-1200 Motion Control" folder. 5. Select the desired technology version in the "Version" column. 6. Select the "TO_CommandTable" object. 7. Enter the name of the command table in the "Name" input box. 8. To change the automatically assigned data block number, select the "Manual" option. 9. To display additional information about the technology object, click "Additional information". 10.Confirm your entry with "OK". Result The new technology object is created and saved to the "Technology objects" folder in the project tree. 6696 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.6.4 Configuring the command table technology object (S7-1200) Working with the configuration dialog (S7-1200) You configure the properties of the technology object in the configuration window. Proceed as follows to open the configuration window of the technology object: 1. Open the group of the required technology object in the project tree. 2. Double-click the "Configuration" object. The configuration is divided into the following categories: Basic parameters The basic parameters contain all parameters which must be configured for a functional command table. Extended parameters The extended parameters contain the parameters of the default axis or display the parameter values of the axis selected. Configuration window icons Icons in the area navigation of the configuration show additional details about the status of the configuration: The configuration contains default values and is complete. The configuration contains only default values. With these default values you can use the technology object without additional changes. The configuration contains user-defined or automatically adapted values and is complete. All input fields of the configuration contain valid values and at least one preset value has changed. The configuration is incomplete or incorrect At least one input field or drop-down list contains an invalid value. The corresponding field or the drop-down list is displayed on a red background. Click the roll-out error message to display the cause of the error. The configuration contains mutually incompatible parameter values The configuration contains parameter values that contradict each other either in size or logic. The corresponding field or the drop-down list is displayed on a yellow background. See also Guidelines on use of motion control (Page 6622) Basic parameters (Page 6698) Extended parameters (Page 6711) Monitor values (S7-1200) If there is an online connection to the CPU, the icon "Monitor all" configuration dialog of the technology object. WinCC Advanced V14 System Manual, 10/2016 is displayed in the 6697 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The "Monitor all" function provides the following options: Comparison of configured start values of the project with the start values in the CPU and the actual values Direct editing of actual values and the start values of the project Immediate detection and display of input errors with suggested corrections Backup of the actual values in the project by manual transfer to the start value of the project Icons and operator controls If there is an online connection to the CPU, the actual values are displayed at the parameters. In addition to the actual values of the parameters, the following symbols appear: Icon Description Start value in CPU matches the configured Start value in the project Start value in CPU does not match the configured Start value in the project A comparison of the start value in the CPU with the configured start value in the project cannot be performed because the selected CPU module does not support this compari son. The value is not comparable with any significance since it is not relevant in one of the configurations. Use the button to show the start value of the CPU and the start value of the project for the respective parameter. The actual value and the start value in the project can be changed directly and then downloaded to the CPU. The change of the actual value is transferred directly to the CPU for directly modifiable parameters. Basic parameters (S7-1200) Configuration - General (S7-1200) Configure the name of the technology object in the "General" configuration window. Name Define the name of the command table or the name of the "Command table" technology object in this field. The technology object is listed under this name in the project tree. See also Configuration - Command table (Page 6699) Shortcut menu commands - Command table (Page 6702) Working with the trend diagram (Page 6703) Shortcut menu commands - Curve chart (Page 6707) 6698 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Transition from "Complete command" to "Blend motion" (Page 6708) Changing the command table configuration in the user program (Page 6710) Configuration - Command table (S7-1200) Create the desired movement sequence in the "Command Table" configuration window and check the result against the graphic view in the trend diagram. Note Small deviations are possible between the time behavior and position in the trend shown and the real movement of the axis. Movements in response to software limit switches being reached are not shown. Enable warnings Activate the display of warnings in the command table with this check box. Use axis parameters of From the drop-down list, select which axis parameters are to be used for selecting the graphic view of and checking the movement sequence. Select "Default axis" if you have yet to add an axis to the "Technology object" folder or wish to use values which have not been configured in any of the available axes. You configure the properties of the default axis under "Advanced parameters". The axis parameters of the axis selected at the "Axis" parameter are used to process the command table in the user program. Column: Step Shows the step number of the command. Column: Command type In this column, select the command types which are to be used for processing the command table. Up to 32 commands can be entered. The commands will be processed in sequence. You can choose between the following entries and command types: Empty The entry serves as a placeholder for any commands to be added. The empty entry is ignored when the command table is processed. Halt Stop axis (the command only takes effect after a "Velocity set point" command) Positioning Relative Position axis relatively WinCC Advanced V14 System Manual, 10/2016 6699 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Positioning Absolute Position axis absolutely (the axis must be homed for this) Velocity set point Move axis at set velocity Wait Waits until the given period is over. Wait does not stop active travel. Separator Adds a Separator line above the selected line. The Separator line acts as a range limit for the graphic display of the trend view. Use the Separator lines if you wish to process parts of the command table. Column: Position/travel path Enter the position or travel path for the selected command in this column: Command "Positioning Relative" The command will move the axis by the given travel path. Command "Positioning Absolute" The command will move the axis by the given position. The axis must be homed for this. Separator The value given specifies the start position for the graphic display. Limit values (independent of the selected user unit): -1.0e12 position / distance -1.0e-12 1.0e-12 position / distance 1.0e12 Position / travel path = 0.0 Column: Velocity In this column, you enter the velocity for the selected command: Command "Positioning Relative" The command will move the axis at the given velocity. The given velocity will not be reached if the travel path selected is not large enough. Command "Positioning Absolute" The command will move the axis at the given velocity. The given velocity will not be reached if the target position is too close to the starting position. Command " Velocity set point" The command will move the axis at the given velocity. The given velocity will not be reached during the command if too short a runtime is selected. 6700 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Limit values (independent of the selected user unit): For the commands: "Positioning Relative" and "Positioning Absolute" - 1.0e-12 velocity 1.0e12 For the command: "Velocity set point" - -1.0e12 velocity -1.0e-12 - 1.0e-12 velocity 1.0e12 - Velocity = 0.0 Column: Duration Enter the duration of the selected command in this column: Command " Velocity set point" The command will move the axis for the specified duration. The duration includes both the acceleration phase and the constant travel phase. The next command will be processed once the duration is over. Command "Wait" Waits until the given duration is over. Limit values (independent of the selected user unit): 0.001s duration 64800s Column: Next step Select the mode of transition to the next step from the drop-down list: Complete command The command will be completed. The next command will be processed immediately. Blend motion The motion of the current command will be blended with the motion of the following command. The transition mode "Blend motion" is available with command types "Positioning Relative" and "Positioning Absolute". Motion will be blended with motions of the following command types: - Positioning Relative - Positioning Absolute - Velocity set point No blending occurs with other command types. For a detailed description of the response of the axis when a command is appended or overlapped, see section Transition from "Complete command" to "Blend motion" (Page 6708) Column: Step code Enter a numerical value / bit pattern in this column which is to be output at the "StepCode" output parameter of the "MC_CommandTable" Motion Control instruction while the command is being processed. WinCC Advanced V14 System Manual, 10/2016 6701 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Limit values: 0 code number 65535 See also Configuration - General (Page 6698) Shortcut menu commands - Command table (Page 6702) Working with the trend diagram (Page 6703) Shortcut menu commands - Curve chart (Page 6707) Transition from "Complete command" to "Blend motion" (Page 6708) Changing the command table configuration in the user program (Page 6710) Shortcut menu commands - Command table (S7-1200) The following shortcut menu commands are available in the command table: Insert empty line Adds an empty line above the selected line. This shortcut menu command can only be executed if there are enough empty lines at the end of the command table. Add empty line Adds an empty line below the selected line. This shortcut menu command can only be executed if there are enough empty lines at the end of the command table. Insert separator line Adds a separator line above the selected line. You cannot have two consecutive separator lines. Add separator line Adds a separator line below the selected line. You cannot have two consecutive separator lines, nor can you add a separator line at the end of the command table. Cut Removes the selected lines or content of the selected cell and saves them/it in the clipboard. Selected lines will be deleted and the subsequent lines of the command table shifted up. 6702 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Copy Copies the selected lines or content of the selected cell and saves them/it in the clipboard. Paste Selected lines: Pastes the lines from the clipboard into the table above the selected line. Selected cell: Pastes the content of the clipboard into the selected line. This shortcut menu command can only be executed if there are enough empty lines at the end of the command table. Replace Replaces the selected lines with the lines in the clipboard. Delete Deletes the selected lines. The lines below in the command table shift up. See also Configuration - General (Page 6698) Configuration - Command table (Page 6699) Working with the trend diagram (Page 6703) Shortcut menu commands - Curve chart (Page 6707) Transition from "Complete command" to "Blend motion" (Page 6708) Changing the command table configuration in the user program (Page 6710) Working with the trend diagram (S7-1200) The following tools and information are available in the trend view: WinCC Advanced V14 System Manual, 10/2016 6703 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Trend view and components Ruler Selecting the grid Velocity axis scale range Scroll bar, velocity axis Scroll bar time axis Ruler position marking Velocity curve Curve section of a selected command Time axis scale range Start/stop velocity Scroll bar, position axis Position axis scale range Software limit switch position Position curve Trend view Selecting separator sections If the command table consists of multiple sections separated by separators, you can select these sections in the trend view by selecting a command in the section. 6704 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Selecting commands Commands can be selected in the trend view and in the command table: Click on a point on the velocity or position curve in the trend view. The corresponding command will be highlighted in the command table. Select a command in the command table. The corresponding section of curve will be highlighted. Selecting the visible range of the trend view Follow the steps below to adjust the section of the trend view to be displayed: Select the scaling in the shortcut menu: Scale to curves: Scales the axes so the position and velocity curves are visible. Scale to curves and limits: Scales the axes so the position and velocity curves, the positions of the activated software limit switches and the minimum and maximum velocity limits are visible. The view selected will be marked in the shortcut menu with a tick. Selecting the section to be shown within the range: Figure 13-1 WinCC Advanced V14 System Manual, 10/2016 CmdTable_Scle01_new 6705 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Range which the curve values and / or limits are within. (see Selecting in the shortcut menu) Selected range to be shown in the trend window. You set the range with the margin cursor at the right-hand and left-hand margin. You set the position within range with the drag cursor. You can also define the position by clicking in range . Selecting the section to be shown with the mouse: Drag a section of the trend view by clicking and dragging with the mouse. The section of curve selected will be enlarged once you release the mouse. Undoing the last change to the section: Select the shortcut command "Undo zoom" to undo the last change to the section. Synchronizing the grid Click on the axis scales to select whether the grid is to be synchronized with the position axis or velocity axis. 6706 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Reading off curve values from the ruler Activate the ruler using the shortcut menu command "Show ruler". You can move the ruler to any point on the curves using the ruler cursor. See also Configuration - General (Page 6698) Configuration - Command table (Page 6699) Shortcut menu commands - Command table (Page 6702) Shortcut menu commands - Curve chart (Page 6707) Transition from "Complete command" to "Blend motion" (Page 6708) Changing the command table configuration in the user program (Page 6710) Shortcut menu commands - Curve chart (S7-1200) The following shortcut menu commands are available in the curve window: Zoom 100% Selects a zoom factor which will show 100% of the curve values and / or limits. Undo zoom Undoes the last zoom change. Scaling on trends Scales the axes so the position and velocity trends are visible. Scaling on trends and limits Scales the axes so the position and velocity trends, the positions of the activated software limit switches and the minimum and maximum velocity limits are visible. Show velocity limits Shows the lines of the velocity limits. WinCC Advanced V14 System Manual, 10/2016 6707 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Show software limit switches Shows the lines of the software limit switches. Show measuring ruler Fades the measuring ruler in / out Use the measuring ruler when you want to see the individual values of the trends. See also Configuration - General (Page 6698) Configuration - Command table (Page 6699) Shortcut menu commands - Command table (Page 6702) Working with the trend diagram (Page 6703) Transition from "Complete command" to "Blend motion" (Page 6708) Changing the command table configuration in the user program (Page 6710) Transition from "Complete command" to "Blend motion" (S7-1200) The charts below show the transition between movements in various different transition modes in the "Next step" column: 6708 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Motion transition with preceding positioning jobs The following diagrams show a command sequence with two motion tasks. The first command is for positioning (green). The second command is for velocity (red) or positioning (blue): Complete job Blend motion Transition from lower to higher velocity Transition from lower to higher velocity Y Y W W A job with high velocity is appended to a previous positioning job. The positioning job terminates at its target position at velocity "0". The second job starts from standstill. A job with high velocity is overlapped with a previous posi tioning job. The first positioning job terminates without stand still at its target position. The second job starts with the new velocity. Transition from higher to lower velocity Transition from higher to lower velocity Y Y W A job with low velocity is appended to a previous positioning job. The positioning job terminates at its target position at velocity "0". The second job starts from standstill. W A job with low velocity is overlapped with a previous position ing job. The first positioning job terminates without standstill at its target position. The first job starts with the new velocity. 1. Job "Positioning Relative" or "Positioning Absolute" 2. Job "Velocity set point" 2. Job "Positioning Relative" or "Positioning Absolute" WinCC Advanced V14 System Manual, 10/2016 6709 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Motion transition with preceding velocity jobs The following diagrams show a command sequence with two motion tasks. The first command is for velocity (violet). The second command is for velocity (red) or positioning (blue): Transition from lower to higher velocity Transition from higher to lower velocity Y Y W A job with a high velocity is appended to a previous velocity job. The first velocity job ends after the defined runtime. The second job starts with the new velocity. W A command with lower velocity is blended with a previous velocity command. The second job starts with the new veloc ity. 1. Job "Velocity set point" 2. Job "Velocity set point" 2. Job "Positioning Relative" or "Positioning Absolute" See also Configuration - General (Page 6698) Configuration - Command table (Page 6699) Shortcut menu commands - Command table (Page 6702) Working with the trend diagram (Page 6703) Shortcut menu commands - Curve chart (Page 6707) Changing the command table configuration in the user program (Page 6710) Changing the command table configuration in the user program (S7-1200) You can change the following configuration parameters during runtime of the user program in the CPU: Commands and corresponding values You can also change the parameters of the command table during the runtime of the user program. Use the following technology object tags for this purpose: <Table name>.Command[1..32].Type for changing the command type <Table name>.Command[1..32].Position for changing the position/travel distance 6710 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Table name>.Command[1..32].Velocity for changing the velocity <Table name>.Command[1..32].Duration for changing the duration <Table name>.Command[1..32].NextStep for changing the parameter "Next step" <Table name>.Command[1..32].StepCode for changing the step code Refer to the description of the technology object tags (Page 6926) in the appendix for information on when changes to the configuration parameters take effect. See also Compatibility list of variables V1...3 <-> V4...5 (Page 6626) Configuration - General (Page 6698) Configuration - Command table (Page 6699) Shortcut menu commands - Command table (Page 6702) Working with the trend diagram (Page 6703) Shortcut menu commands - Curve chart (Page 6707) Transition from "Complete command" to "Blend motion" (Page 6708) Extended parameters (S7-1200) Configuration - Extended parameters (S7-1200) Configure the basic properties of the chart view of the "Command table" technology object in the "Extended parameters" configuration window. Note If the default axis has been selected under "Use axis parameters of", the unit of measurement can be edited. If a configured axis has been selected, the unit of measurement for this axis will be displayed. Use axis parameters of From the drop-down list, select which axis parameters are to be used for selecting the graphic view of and checking the movement sequence. Select "Default axis" if you have yet to add an axis to the "Technology object" folder or wish to use values which have not been configured in any of the available axes. The axis parameters of the axis selected at the "Axis" parameter will be used to process the command table in the user program. WinCC Advanced V14 System Manual, 10/2016 6711 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Unit of measurement position Enter the unit of measurement for the default axis in this field. If a preconfigured axis has been selected under "Use axis parameters of", the unit of measurement configured in these parameter will be displayed. Copy axis parameters Select the direction of copy and the axis for copying the axis parameters. You can copy the axis parameters of the default axis to the selected axis or accept the axis parameters of the selected axis for the default axis. Use the "Apply configuration" button to copy the axis parameters according to your configuration. Configuration - Dynamics (S7-1200) Configure the acceleration and deceleration and the jerk limit for the default axis in the "Dynamics" configuration window. Note If the default axis has been selected under "Use axis parameters of", the following fields can be edited. If a configured axis has been selected, the values of this axis will be displayed. Acceleration / deceleration Set the desired acceleration of the default axis in the "Acceleration" field. The desired deceleration can be set in the "Deceleration" field. Motion jobs configured in the command table will be calculated with the selected acceleration / deceleration. Limit values: 1.0e-12 acceleration 1.0e12 1.0e-12 deceleration 1.0e12 Activate jerk limit Enable the jerk limit with this check box. Jerk Set the desired jerk for ramping up and ramping down in the "Jerk" field. Motion jobs configured in the command table will be calculated with the selected jerk. Limit values: 1.0e-12 jerk 1.0e12 6712 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration - Limit values (S7-1200) Configure the maximum velocity, the start/stop velocity and the software limit switches of the default axis in the "Limits" configuration window. Note If the default axis has been selected under "Use axis parameters of", the following fields can be edited. If a configured axis has been selected, the values of this axis will be displayed. Maximum velocity / Start/stop velocity Define the maximum permissible velocity and the start/stop velocity of the default axis in these boxes. The start/stop velocity is the minimum permissible velocity of the default axis. Limit values: 1.0e-12 start/stop velocity 1.0e12 Start/stop velocity = 0.0 1.0e-12 maximum velocity 1.0e12 Maximum velocity = 0.0 The value of the maximum velocity must be greater or equal to the value of the start/stop velocity. Enable software limit switches Activate the function of the low and high software limit switch with this check box. Movements in response to software limit switches being reached are not shown in the trend view. Low / high software limit switch Enter the position value of the low and high software limit switch in these boxes. Limit values: -1.0e12 low software limit switch -1.0e-12 1.0e-12 low software limit switch 1.0e12 Low software limit switch = 0.0 -1.0e12 high software limit switch -1.0e-12 1.0e-12 high software limit switch 1.0e12 High software limit switch = 0.0 The value of the high software limit switch must be greater than or equal to the value of the low software limit switch. WinCC Advanced V14 System Manual, 10/2016 6713 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.7 Download to CPU (S7-1200) The data of the Motion Control technology objects are saved in the data blocks. The conditions for downloading of "blocks" therefore apply when loading a new or modified technology object. CAUTION Possible malfunctions of the axis when loading without hardware configuration The hardware configuration is modified when the following modifications are made to the axis or encoder configuration: Modification of the pulse generator (PTO) Modification of the HW limit switch address Modification of the homing switch address Modification of the address of the PROFIdrive telegram Modification of the address of the analog output Modification of address of enable output or ready input If the modified configuration of the axis or encoder is loaded with the shortcut menu commands "Software" or "Software (all blocks)" without downloading the hardware configuration, the axis may malfunction as a result. Ensure that the current hardware configuration is downloaded to the CPU under the listed conditions. Download in CPU S7-1200 RUN mode (from firmware version V2.2) For CPU S7-1200 from firmware version V2.2, when loading in CPU RUN mode it is checked whether it is possible to load without stopping the CPU. The following conditions apply when loading data blocks in RUN mode: Data block modified values Data block modified structure Download to load memory Download to work memory Yes No Yes (as of firmware V4) Yes (as of firmware V4) When downloading with reinitialization For variables in system reserve for downloading without reinitialization No (firmware V2.2...3) No (firmware V2.2...3) New data block Yes Yes Data block deleted Yes Yes 6714 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Also note the following when deleting data blocks and downloading data blocks with reinitialization: The axis must be disabled when downloading a positioning axis technology object. When downloading a command table technology object, no MC_CommandTable command with this command table must be active (parameter "Busy" = FALSE). When downloading an MC_Power instance data block, no MC_Power instruction must be active (parameter "Busy" = FALSE). From technology version V3.0, Motion Control technology objects (data blocks) can also be downloaded in CPU RUN mode. Technology objects lower than V3.0 cannot be downloaded in CPU RUN mode. Select one of the actions described below to download the modified version of a Motion Control technology object (from version V3.0) to the work memory: Technology object positioning axis and command table Change the CPU operating mode from STOP to RUN. Technology object positioning axis Disable the axis and execute a "Restart" using the Motion Control instruction "MC_Reset". Technology object command table Ensure that the command table is not being used. Download the data block of the command table to the work memory using the extended instruction "READ_DBL". See also Guidelines on use of motion control (Page 6622) MC_Reset: Acknowledge fault, restart technology object V4...5 (Page 3928) 13.2.8 Commissioning (S7-1200) 13.2.8.1 Axis control panel (S7-1200) Use the axis control panel to move the axis in manual mode, to optimize the axis settings, and to test your system. The axis control panel can only be used if an online connection to the CPU is established. Note Response times of the axis control panel The response time during axis control panel operation depends on the communication load of the CPU. Close all other online windows of the TIA Portal to minimize the response time. You can adjust the timeout in the start dialog. WinCC Advanced V14 System Manual, 10/2016 6715 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) "Manual control" button Click "Manual control" to move the axis in manual control mode. Start by disabling the axis in the user program using Motion Control instruction "MC_Power". In "Manual control" mode, the axis control panel takes over master control for the axis functions. The user program has no influence on the axis functions until manual control is ended. CAUTION Additional axes in automatic mode The Manual control is active for one axis only. If additional axes are in automatic mode, dangerous situations may arise as a result. In this happens, disable all other axes. "Automatic mode" button Click "Automatic mode" to end the "Manual control" mode. The axis control panel passes back the master control and the axis can be controlled by the user program again. The axis must be re-enabled in the user program and homed, if required. Complete all active traversing motions before switching to automatic control; otherwise, the axis will be braked with the emergency stop deceleration. "Enable" button Click "Enable" to enable the axis in "Manual control" mode. When the axis is enabled, the axis control panel functions can be used. If the axis cannot be enabled because certain conditions are not met, note the error message in the "Error message" box. Information on eliminating errors is available in the appendix under "List of ErrorIDs and ErrorInfos". After the error has been corrected, enable the axis again. "Disable" button Click "Disable" if you want to temporarily disable the axis in "Manual control" mode. 6716 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) "Command" area Operation in the "Command" area is only possible if the axis is enabled. You can select one of the following command inputs: Jog This command is equivalent to Motion Control command "MC_MoveJog" in the user program. Positioning This command is equivalent to the Motion Control commands "MC_MoveAbsolute" and "MC_MoveRelative" in the user program. The axis must be homed for absolute positioning. Homing This command is equivalent to Motion Control command "MC_Home" in the user program. - The "Set reference point" button corresponds to Mode = 0 (direct homing absolute) - The "Active homing" button corresponds to Mode = 3 (active homing) For active homing, the homing switch must be configured in the axis configuration. The values for approach velocity, homing velocity, and reference position offset are taken from the axis configuration unchanged. Depending on the selection, the relevant boxes for entry of setpoints and the buttons for starting the command are displayed. Jerk limitation can be activated and deactivated using the "Activate jerk limit" button. By default, the jerk is applied with 10% of the configured value. This value can be changed as required. "Axis status" area If "Manual control" mode is activated, the current axis status and drive status are shown in the "Axis status" area. The current position and velocity of the axis are displayed at "Process values". Click "Acknowledge" to acknowledge all cleared errors. The "Info message" box displays advanced information about the status of the axis. "Current values" area This area displays the current position and velocity of the axis. WinCC Advanced V14 System Manual, 10/2016 6717 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Error message The "Error message" box shows the current error. In "Manual control" mode, the error entry can be deleted by pressing the "Acknowledge" button once the error is eliminated. Note Initial values for velocity, acceleration / deceleration and jerk For safety reasons, the "Velocity", "Acceleration/deceleration" and "Jerk" parameters are initialized with values equivalent to only 10% of the configured values when the axis control panel is activated. The "Jerk" parameter is only used for technology object "Axis" V2.0 and higher. The values in the configuration view displayed when you select "Extended parameters > Dynamics > General" are used for initialization. The "Velocity" parameter on the control panel is derived from the "Maximum velocity" and the "Acceleration/deceleration" parameters from "Acceleration" in the configuration. The "Velocity", "Acceleration/deceleration" and "Jerk" parameters can be changed in the axis control panel; this does not affect the values in the configuration. See also Guidelines on use of motion control (Page 6622) 13.2.8.2 Tuning (S7-1200) The movement of axes with drive connection via PROFIdrive/analog output is positioncontrolled. The "Tuning" function supports you in determining the optimal gain (Kv factor) for the control loop (Page 6674) of the axis. The axis velocity profile is recorded by means of the Trace function for this purpose for the duration of a configurable positioning movement. Then you can evaluate the recording, and adapt the gain accordingly. The "Tuning" function for the positioning axis technology object can be found in the project tree under "Technology object > Commissioning". The "Tuning" dialog is divided into the following areas: Master control Axis Optimize gain setting Trace 6718 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Note No transfer of the parameters The configured parameter values are discarded after master control is returned. Transfer the values as needed into your configuration. Start of optimization The trace is started at the same time the optimization starts. A timeout can be adapted in the start dialog for this. Master control In this area, you can take over master control of the technology object, or return it to your user program: "Activate" button With the "Activate" button, you set up an online connection to the CPU and take over master control for the selected technology object. Note the following when taking over master control: - To take over master control, the technology object must be disabled in the user program. - Until master control is returned, the user program has no influence on the functions of the technology object. Motion Control jobs from the user program to the technology object are rejected with the error ("ErrorID" = 16#8203). CAUTION Additional axes in automatic mode The master control is only applied for the selected technology object. If additional axes are in automatic mode, dangerous situations may arise as a result. In this happens, disable all other axes. "Deactivate" button With the "Deactivate" button, you return master control to your user program. Axis In this area, enable or disable the technology object for operation with the axis control panel/ tuning: "Enable" button With the "Enable" button, you enable the selected technology object. "Disable" button With the "Disable" button, you disable the selected technology object. WinCC Advanced V14 System Manual, 10/2016 6719 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Optimize gain setting You make the settings for optimization of the gain in this area: "Forward" button With the "Forward" button, you start a test step for optimization in the positive direction. "Backward" button With the "Backward" button, you start a test step for optimization in the negative direction. "Stop" button You can use the "Stop" button to end the current movement for optimization and end trace recording. "Customize dynamics" check box Select this option to adapt the acceleration and the maximum acceleration for the optimization. Acceleration In this field, you configure the acceleration for a test step. Maximum velocity In this field, you configure the maximum velocity for a test step. Measurement duration The measurement duration is recalculated and entered depending on the selected acceleration, velocity and distance. You can adapt the value of the measurement duration afterwards. Gain In this field, you configure the actual gain of the position controller (Kv). The gain takes effect when it is entered. If the gain of the position controller (Kv) is too large, this can lead to an error on the drive. Trace The Trace function is displayed in the lower area of the "Tuning" dialog. With each test step, a Trace recording of the required parameters is automatically started and displayed after completion of the test step. After master control has been returned, the Trace recording is deleted. You will find a full description of the Trace function in the section on using the trace and logic analyzer function in the TIA Portal help. 13.2.9 Programming (S7-1200) 13.2.9.1 Overview of the Motion Control statements (S7-1200) You control the axis with the user program using Motion Control instructions. The instructions start Motion Control commands that execute the desired functions. 6720 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The status of the Motion Control commands and any errors that occur during their execution can be obtained from the output parameters of the Motion Control instructions. The following Motion Control instructions are available: MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Reset: Acknowledge fault, restart technology object as of V6 (Page 3893) MC_Home: Home axes, set reference point as of V6 (Page 3894) MC_Halt: Stop axis as of V6 (Page 3899) MC_MoveAbsolute: Absolute positioning of axis as of V6 (Page 3902) MC_MoveRelative: Relative positioning of axis as of V6 (Page 3906) MC_MoveVelocity: Move axis at set velocity as of V6 (Page 3909) MC_MoveJog: Move axis in jog mode as of V6 (Page 3913) MC_CommandTable: Run axis commands as motion sequence as of V6 (Page 3916) MC_ChangeDynamic: Change dynamic settings of axis as of V6 (Page 3918) MC_ReadParam: Continuously read motion data of a positioning axis as of V6 (Page 3920) MC_WriteParam: Write tag of positioning axis as of V6 (Page 3922) See also Creating a user program (Page 6721) Programming notes (Page 6724) Behavior of the Motion Control commands after POWER OFF and restart (Page 6726) Monitoring active commands (Page 6726) Error displays of the Motion Control statements (Page 6737) 13.2.9.2 Creating a user program (S7-1200) In the section below you learn how to create a user program with the basic configuration for controlling your axis. All available axis functions are controlled using the Motion Control instructions to be inserted. Requirement The technology object has been created and configured without errors. Before creating and testing the user program, it is advisable to test the function of the axis and the corresponding parts of the system with the axis command table. WinCC Advanced V14 System Manual, 10/2016 6721 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Procedure Proceed as follows to create the user program in accordance with the principles described below: 1. In the project tree, double-click your code block (the code block must be called in the cyclic program). The code block is opened in the programming editor and all available instructions are displayed. 2. Open the "Technology" category and the "Motion Control" and "S7-1200 Motion Control" folders. 3. Use a drag-and-drop operation to move the "MC_Power" instruction to the desired network of the code block. The dialog box for defining the instance DB opens. 4. In the next dialog box, select from the following alternatives: Single instance Click "Single instance" and select whether you want to define the name and number of the instance DB automatically or manually. Multi-instance Click "Multi-instance" and select whether you want to define the name of the multi-instance automatically or manually. 5. Click "OK". The Motion Control instruction "MC_Power" is inserted into the network. Parameters marked with "<???>" must be initialized; default values are assigned to all other parameters. Parameters displayed in black are required for use of the Motion Control instruction. 6722 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 6. Select the technology object in the project tree and drag-and-drop it on <???>. After the selection of the technology object data block, the following buttons are available: Click the stethoscope icon if you want to open the diagnostics dialog for the technology object. Click the toolbox icon if you want to open the configuration view of the technology object. Click the arrow down icon to view additional parameters of the Motion Control instruction. The grayed-out parameters now visible can be used optionally. 7. Add your choice of Motion Control instructions in accordance with steps 3 to 6. Result You have created the basic configuration for axis control in the user program. WinCC Advanced V14 System Manual, 10/2016 6723 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Initialize the input parameters of Motion Control instructions in other parts of the user program to initiate the desired jobs for the "Axis" technology object. Evaluate the output parameters of the Motion Control instructions and the tags of the data block to track the initiated jobs and the status of the axis. Refer to the detailed description for details on the parameters of Motion Control instructions. See also Overview of the Motion Control statements (Page 6720) Programming notes (Page 6724) Behavior of the Motion Control commands after POWER OFF and restart (Page 6726) Monitoring active commands (Page 6726) Error displays of the Motion Control statements (Page 6737) 13.2.9.3 Programming notes (S7-1200) When creating your user program, note the following information: Cyclic call of utilized motion control instructions The current status of command execution is available via the output parameters of the motion control instruction. The status is updated with every call of the motion control instruction. Therefore, make sure that the utilized motion control instructions are called cyclically. Transfer of parameter values of a motion control instruction The parameter values pending for the input parameters are transferred with a positive edge at input parameter "Execute" when the block is called. The motion control command is started with these parameter values. Parameter values that are subsequently changed for the motion control instruction are not transferred until the next start of the motion control command. Exceptions to this are input parameters "StopMode" of motion control instruction "MC_Power" and "Velocity" of motion control instruction "MC_MoveJog". A change in the input parameter is also applied with "Enable" = TRUE or "JogForward" and "JogBackward". 6724 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Programming under consideration of the status information In a stepwise execution of motion control jobs, make sure to wait for the active command to finish before starting a new command. Use the status messages of the motion control instruction and the "StatusBits" tag of the technology object to check for completion of the active command. In the examples below, observe the indicated sequence. Failure to observe the sequence will display an axis or command error. - Axis enable with motion control instruction "MC_Power" You must enable the axis before it can take on motion jobs. Use an AND operation of tag <Axis name>.StatusBits.Enable = TRUE with output parameter Status = TRUE of motion control instruction "MC_Power" to verify that the axis is enabled. - Acknowledge error with motion control instruction "MC_Reset" Prior to starting a motion control command, errors requiring acknowledgement must be acknowledged with "MC_Reset". Eliminate the cause of the error and acknowledge the error with motion control instruction "MC_Reset". Verify that the error has been successfully acknowledged before initiating a new command. For this purpose, use an AND operation of tag <Axis name>.StatusBits.Error = FALSE with output parameter Done = TRUE of motion control instruction "MC_Reset". - Home axis with motion control instruction "MC_Home" Before you can start an MC_MoveAbsolute command, the axis must be homed. Use an AND operation of tag <Axis name>.StatusBits.HomingDone = TRUE with output parameter Done = TRUE of motion control instruction "MC_Home" to verify that the axis has been homed. Override of motion control command processing Motion control jobs for moving an axis can also be executed as overriding jobs. If a new motion control command is started for an axis while another motion control command is active, the active command is overridden by the new command before the existing command is completely executed. The overridden command signals this using CommandAborted = TRUE in the motion control instruction. It is possible to override an active MC_MoveRelative command with a MC_MoveAbsolute command. Avoiding multiple use of the same instance All relevant information of a motion control command is stored in its instance. Do not start a new command using this instance, if you want to track the status of the current command. Use different instances if you want to track the commands separately. If the same instance is used for multiple motion control commands, the status and error information of the individual commands will overwrite each other. In the user program, each axis must be called with a separate call of the Motion Control instruction "MC_Power" with a separate instance data block. Call of motion control instructions in different priority classes (run levels) Motion Control instructions with the same instance may not be called in different priority classes without interlocking. To learn how to call locked motion control instructions, refer to "Tracking commands from higher priority classes (run levels) (Page 6748)". See also Overview of the Motion Control statements (Page 6720) Creating a user program (Page 6721) Behavior of the Motion Control commands after POWER OFF and restart (Page 6726) WinCC Advanced V14 System Manual, 10/2016 6725 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Monitoring active commands (Page 6726) Error displays of the Motion Control statements (Page 6737) Tracking jobs from higher priority classes (execution levels) (Page 6748) 13.2.9.4 Behavior of the Motion Control commands after POWER OFF and restart (S7-1200) A POWER OFF or CPU-STOP aborts all active motion control jobs. All CPU outputs, including pulse and direction outputs, are reset. After a subsequent POWER ON or CPU restart (CPU RUN), the technology objects and the motion control jobs will be reinitialized. All actual data of the technology objects as well as all status and error information of the previously active motion control jobs are reset to their initial values. Before the axis can be reused, it must be enabled again using the Motion Control instruction "MC_Power". If homing is required, the axis must be homed again with Motion Control instruction "MC_Home". When an absolute encoder is used, homing is retained after POWER OFF. See also Overview of the Motion Control statements (Page 6720) Creating a user program (Page 6721) Programming notes (Page 6724) Monitoring active commands (Page 6726) Error displays of the Motion Control statements (Page 6737) 13.2.9.5 Monitoring active commands (S7-1200) Monitoring active commands (S7-1200) There are three typical groups for tracking active Motion Control commands: Motion control instructions with output parameter "Done" Motion control instruction "MC_MoveVelocity" Motion control instruction "MC_MoveJog" Motion control instructions with "Done" output parameter (S7-1200) Motion control instructions with the output parameter "Done" are started via input parameter "Execute" and have a defined conclusion (for example, with Motion Control instruction "MC_Home": Homing was successful). The command is complete and the axis is at a standstill. 6726 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The commands of the following Motion Control instructions have a defined conclusion: MC_Reset MC_Home MC_Halt MC_MoveAbsolute MC_MoveRelative MC_CommandTable (technology object as of V2) MC_ChangeDynamic (technology object as of V2) MC_WriteParam (as of technology object V4) MC_ReadParam (as of technology object V4) The output parameter "Done" indicates the value TRUE, if the command has been successfully completed. The output parameters "Busy", "CommandAborted", and "Error" signal that the command is still being processed, has been aborted or an error is pending. The Motion Control instruction "MC_Reset" cannot be aborted and thus has no "CommandAborted" output parameter. The Motion Control instruction "MC_ChangeDynamic" is completed immediately and therefore has no "Busy" or "CommandAborted" output parameters. During execution of the Motion Control command, the output parameter "Busy" indicates the value TRUE. If the command has been completed, aborted, or stopped by an error, the output parameter "Busy" changes its value to FALSE. This change occurs regardless of the signal at input parameter "Execute". Output parameters "Done", "CommandAborted", and "Error" indicate the value TRUE for at least one cycle. These status messages are latched while input parameter "Execute" is set to TRUE. The behavior of the status bits is presented below for various example situations: WinCC Advanced V14 System Manual, 10/2016 6727 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Complete execution of command If the Motion Control command has been completely executed by the time of its conclusion, this is indicated by the value TRUE in output parameter "Done". The signal status of the input parameter "Execute" influences the display duration at the output parameter "Done": "Execute" changes its value to FALSE during processing of the command ([HFXWH %XV\ 'RQH ([HFXWH %XV\ 'RQH &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU "Execute" changes its value to FALSE after completion of the command The command is started with a positive edge at the input parameter "Execute". Depending on the programming, "Exe cute" can still be reset to the value FALSE during the command, or the value TRUE can be retained until after completion of the command. While the command is active, the output parameter "Busy" indicates the value TRUE. With conclusion of the command (for example, for Motion Control instruction "MC_Home": Homing was successful), output parameter "Busy" changes to FALSE and "Done" to TRUE. If "Execute" retains the value TRUE until after completion of the command, then "Done" also remains TRUE and changes its value to FALSE together with "Execute". If "Execute" has been set to FALSE before the command is complete, "Done" indicates the value TRUE for only one execution cycle. 6728 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Abort command If the Motion Control command is aborted during execution, this is indicated by the value TRUE in output parameter "CommandAborted". The signal status of the input parameter "Execute" influences the display duration at the output parameter "CommandAborted": "Execute" changes its value to FALSE before the command is aborted. "Execute" changes its value to FALSE after the command is aborted. Abort ([HFXWH %XV\ 'RQH Abort ([HFXWH %XV\ 'RQH &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "Execute". Depending on the programming, "Exe cute" can still be reset to the value FALSE during the command, or the value TRUE can be retained until after completion of the command. While the command is active, the output parameter "Busy" indicates the value TRUE. During command execution, the command is aborted by another Motion Control command. If the command is aborted, output parameter "Busy" changes to FALSE and "CommandAborted" to TRUE. If "Execute" retains the value TRUE until after the command is aborted, then "CommandAborted" also remains TRUE and changes its value to FALSE together with "Execute". If "Execute" has been set to FALSE before the command is aborted, "CommandAborted" indicates the value TRUE for only one execution cycle. WinCC Advanced V14 System Manual, 10/2016 6729 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Error during command execution If an error occurs during execution of the Motion Control command, this is indicated by the value TRUE in the output parameter "Error". The signal status of the input parameter "Execute" influences the display duration at the output parameter "Error": "Execute" changes its value to FALSE before the error occurs "Execute" changes its value to FALSE after the error occurs Error Error ([HFXWH %XV\ 'RQH ([HFXWH %XV\ 'RQH &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "Execute". Depending on the programming, "Exe cute" can still be reset to the value FALSE during the command, or the value TRUE can be retained until after completion of the command. While the command is active, the output parameter "Busy" indicates the value TRUE. An error occurred during command execution. When the error occurs, the output parameter "Busy" changes to FALSE and "Error" to TRUE. If "Execute" retains the value TRUE until after the error occurs, then "Error" also remains TRUE and only changes its value to FALSE together with "Execute". If "Execute" has been set to FALSE before the error occurs, "Error" indicates the value TRUE for only one execution cycle. Motion control instruction MC_MoveVelocity (S7-1200) A "MC_MoveVelocity" command is started with a positive edge at the "Execute" parameter. The command objective is fulfilled when the assigned velocity is reached and the axis travels at constant velocity. When the assigned velocity is reached and maintained, this is indicated in the "InVelocity" parameter with the value TRUE. The motion of the axis can, for example, be stopped with an "MC_Halt" command. The output parameters "Busy", "CommandAborted", and "Error" signal that the command is still being processed, has been aborted or an error is pending. 6730 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) During execution of the Motion Control command, the output parameter "Busy" indicates the value TRUE. If the command has been stopped by another command or by an error, the output parameter "Busy" changes its value to FALSE. This change occurs regardless of the signal at the input parameter "Execute". The output parameters "CommandAborted" and "Error" show the value TRUE for at least one cycle. These status messages are latched while input parameter "Execute" is set to TRUE. The behavior of the status bits is presented below for various example situations: The parameterized velocity is reached If the Motion Control command has been executed by the time the parameterized velocity is reached, this is indicated by the value TRUE in output parameter "InVelocity". The parameter "Execute" has no effect on the indication duration in the "InVelocity" parameter. ([HFXWH %XV\ ,Q9HORFLW\ &RPPDQG $ERUWHG (UURU The job is started with a positive edge at the "Execute" parameter. Depending on the programming, "Execute" can be reset to the FALSE value before or after the parameterized velocity has been reached. While the job is active, the parameter "Busy" shows the value TRUE. When the assigned velocity is reached, the "InVelocity" parameter changes to TRUE. The "Busy" and "InVelocity" parameters retain the TRUE value until the "MC_MoveVelocity" command is overridden by another Motion Control command or stopped by an error. WinCC Advanced V14 System Manual, 10/2016 6731 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The command is aborted prior to reaching the parameterized velocity If the Motion Control command is aborted before the parameterized velocity is reached, this is indicated by the value TRUE in output parameter "CommandAborted". The signal status of input parameter "Execute" influences the display duration at the output parameter "CommandAborted". "Execute" changes its value to FALSE before the command is aborted. "Execute" changes its value to FALSE after the command is aborted. Abort Abort ([HFXWH %XV\ ,Q9HORFLW\ ([HFXWH %XV\ ,Q9HORFLW\ &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "Execute". Depending on the programming, "Exe cute" can still be reset to the value FALSE during the command, or the value TRUE can be retained until after the command is aborted. While the command is active, the output parameter "Busy" indicates the value TRUE. During command execution, the command is aborted by another Motion Control command. If the command is aborted, output parameter "Busy" changes to FALSE and "CommandAborted" to TRUE. If "Execute" retains the value TRUE until after the command is aborted, then "CommandAborted" also remains TRUE and changes its status to FALSE together with "Execute". If "Execute" has been reset to FALSE before the command is aborted, "CommandAborted" indicates the value TRUE for only one execution cycle. Note Under the following conditions, an abort is not indicated in output parameter "CommandAborted": The parameterized velocity has been reached, input parameter "Execute" has the value FALSE, and a new Motion Control command is initiated. 6732 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) An error has occurred prior to reaching the parameterized velocity If an error occurs during execution of the Motion Control command before the parameterized velocity has been reached, this is indicated by the value TRUE in the output parameter "Error". The signal status of the input parameter "Execute" influences the display duration at the output parameter "Error": "Execute" changes its value to FALSE before the error occurs "Execute" changes its value to FALSE after the error occurs Error Error ([HFXWH %XV\ ,Q9HORFLW\ ([HFXWH %XV\ ,Q9HORFLW\ &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "Execute". Depending on the programming, "Exe cute" can still be reset to the value FALSE during the command, or the value TRUE can be retained until after the error has occurred. While the command is active, the output parameter "Busy" indicates the value TRUE. An error occurred during command execution. When the error occurs, the output parameter "Busy" changes to FALSE and "Error" to TRUE. If "Execute" retains the value TRUE until after the error has occurred, then "Error" also remains TRUE and only changes its status to FALSE together with "Execute". If "Execute" has been reset to FALSE before the error occurs, "Error" indicates the value TRUE for only one execution cycle. Note Under the following conditions, an error is not indicated in output parameter "Error": The parameterized velocity has been reached, input parameter "Execute" has the value FALSE, and an axis error occurs (software limit switch is approached, for example). The error of the axis is only indicated in the "MC_Power" Motion Control instruction. WinCC Advanced V14 System Manual, 10/2016 6733 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Motion control instruction MC_MoveJog (S7-1200) The commands of Motion Control instruction "MC_MoveJog" implement a jog operation. The motion control commands "MC_MoveJog" do not have a defined end. The command objective is fulfilled when the parameterized velocity is reached for the first time and the axis travels at constant velocity. When the parameterized velocity is reached, this is indicated by the value TRUE in output parameter "InVelocity". The order is complete when input parameter "JogForward" or "JogBackward" has been set to the value FALSE and the axis has come to a standstill. The output parameters "Busy", "CommandAborted", and "Error" signal that the command is still being processed, has been aborted or an error is pending. During processing of the motion control command, the output parameter "Busy" indicates the value TRUE. If the command has been completed, aborted, or stopped by an error, the output parameter "Busy" changes its value to FALSE. The output parameter "InVelocity" indicates the status TRUE, as long as the axis is moving at the parameterized velocity. The output parameters "CommandAborted" and "Error" indicate the status for at least one cycle. These status messages are latched as long as either input parameter "JogForward" or "JogBackward" is set to TRUE. The behavior of the status bits is presented below for various example situations: The parameterized velocity is reached and maintained If the motion control command has been executed by the time the parameterized velocity is reached, this is indicated by the value TRUE in output parameter "InVelocity". Jog mode is controlled by input parameter "JogForward" -RJ)RUZDUG -RJ%DFNZDUG %XV\ ,Q9HORFLW\ -RJ)RUZDUG -RJ%DFNZDUG %XV\ ,Q9HORFLW\ &RPPDQG $ERUWHG &RPPDQG $ERUWHG (UURU (UURU 6734 Jog mode is controlled by input parameter "JogBackward". WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The command is started with a positive edge at the input parameter "JogForward" or "JogBackward". While the command is active, the output parameter "Busy" indicates the value TRUE. When the parameterized velocity is reached, the output parameter "InVelocity" changes to TRUE. When the input parameter "JogForward" or "JogBackward" is reset to the value FALSE, the axis motion ends. The axis starts to decelerate. As a result, the axis no longer moves at constant velocity and the output parameter "InVelocity" changes its status to FALSE. If the axis has come to a standstill, the motion control command is complete and the output parameter "Busy" changes its value to FALSE. The command is aborted during execution If the motion control command is aborted during execution, this is indicated by the value TRUE in output parameter "CommandAborted". The behavior is independent of whether or not the parameterized velocity has been reached. Jog mode is controlled by input parameter "JogForward". Jog mode is controlled by input parameter "JogBackward". Abort Abort -RJ)RUZDUG -RJ%DFNZDUG %XV\ ,Q9HORFLW\ -RJ)RUZDUG -RJ%DFNZDUG %XV\ &RPPDQG $ERUWHG (UURU ,Q9HORFLW\ &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "JogForward" or "JogBackward". While the command is active, the output parameter "Busy" indicates the value TRUE. During command execution, the command is aborted by another motion control command. If the command is aborted, output parameter "Busy" changes to FALSE and "CommandAborted" to TRUE. When the input parameter "JogForward" or "JogBackward" is reset to the value FALSE, the output parameter "Com mandAborted" changes its value to FALSE. WinCC Advanced V14 System Manual, 10/2016 6735 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Note The command abort is indicated in the output parameter "CommandAborted" for only one execution cycle, if all conditions below are met: The input parameters "JogForward" and "JogBackward" have the value FALSE (but the axis is still decelerating) and a new motion control command is initiated. An error has occurred during command execution If an error occurs during execution of the motion control command, this is indicated by the value TRUE in output parameter "Error". The behavior is independent of whether or not the parameterized velocity has been reached. Jog mode is controlled by input parameter "JogForward". Jog mode is controlled by input parameter "JogBackward". Error -RJ)RUZDUG -RJ%DFNZDUG %XV\ ,Q9HORFLW\ Error -RJ)RUZDUG -RJ%DFNZDUG %XV\ ,Q9HORFLW\ &RPPDQG $ERUWHG (UURU &RPPDQG $ERUWHG (UURU The command is started with a positive edge at the input parameter "JogForward" or "JogBackward". While the command is active, the output parameter "Busy" indicates the value TRUE. An error occurred during command execution. When the error occurs, the output parameter "Busy" changes to FALSE and "Error" to TRUE. When the input parameter "JogForward" or "JogBackward" is reset to the value FALSE, the output parameter "Error" changes its value to FALSE. 6736 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Note An error occurrence is indicated in the output parameter "Error" for only one execution cycle, if all the conditions below are met: The input parameters "JogForward" and "JogBackward" have the value FALSE (but the axis is still decelerating) and a new error occurs (software limit switch is approached, for example). 13.2.9.6 Error displays of the Motion Control statements (S7-1200) The Motion Control instructions indicate any errors in motion control commands and the technology object at the output parameters "Error", "ErrorID" and "ErroInfo" of the Motion Control instructions. Error display at output parameters "Error", "ErrorID" and "ErrorInfo" If the output parameter "Error" indicates the value TRUE, the complete command, or portions thereof, could not be executed. The cause of the error is indicated by the value in output parameter "ErrorID". Detailed information about the cause of the error is returned by the value in output parameter ErrorInfo. We distinguish between the following error classes for error indication: Operating error with axis stop (for example, "HW limit switch was approached") Operating errors with axis stop are errors that occur during runtime of the user program. If the axis is in motion, it is stopped with the configured deceleration or emergency stop deceleration, depending on the error. The errors are indicated in the error-triggering Motion Control instruction and in the Motion Control instruction "MC_Power". Operating error without axis stop (for example, "Axis is not homed") Operating errors without axis stop are errors that occur during runtime of the user program. If the axis is in motion, the motion is continued. The errors are only indicated in the Motion Control instruction which triggers the error. Configuration error in Motion Control instruction (for example "Incorrect value in parameter "Velocity") Parameterization errors occur when incorrect information is specified in the input parameters of Motion Control instructions. If the axis is in motion, the motion is continued. The errors are only indicated in the Motion Control instruction which triggers the error. Configuration error on technology object "Axis" (for example, "Value for "Acceleration" is invalid") A configuration error exists if one or more parameters are incorrectly configured in the axis configuration or if editable configuration data have been modified incorrectly during runtime of the program. An axis in motion is stopped with the configured emergency stop deceleration. The error is indicated in the error-triggering Motion Control instruction and in Motion Control instruction "MC_Power". WinCC Advanced V14 System Manual, 10/2016 6737 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Configuration error on technology object "Command table" (for example "Value for "Velocity" is invalid") There is a configuration error if one or more parameters are incorrectly set in the axis command table or if programmable configuration data have been modified incorrectly during runtime of the program. If the axis is in motion, the motion is continued. The errors are only indicated in the "MC_CommandTable" Motion Control instruction. Internal error When an internal error occurs, the axis is stopped. The errors are indicated in the errortriggering Motion Control instruction and, in some cases, in the Motion Control instruction "MC_Power". A detailed description of the ErrorIDs and ErrorInfos, as well as their remedies, is available in the Appendix (Page 6840). See also Overview of the Motion Control statements (Page 6720) Creating a user program (Page 6721) Programming notes (Page 6724) Behavior of the Motion Control commands after POWER OFF and restart (Page 6726) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) Monitoring active commands (Page 6726) 13.2.9.7 Restart of technology objects (S7-1200) Description After the CPU is switched on, or after technology objects are downloaded into the CPU, the system automatically initializes the technology objects with the start values from the technology data block. If restart-relevant changes are detected during a reload into the CPU, a restart of the technology object is automatically performed. If restart-relevant data have been changed in RUN mode by the user program, then the technology object must be reinitialized by the user in order for the changes to be used. If changes in the technology data block should also be retained after the restart of the technology object, then you must write the changes to the start value in load memory using the extended instruction "WRIT_DBL". Restart necessary If a restart of the technology object is necessary, this will be indicated under "Technology object > Diagnostics > Status and error bits > Status messages > Restart required", and in the tags of the technology object <Axis name>.StatusBits.RestartRequired. 6738 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Restarting a technology object A restart of the technology object is triggered by the user by means of the "MC_Reset" Motion Control instruction, with parameter "Restart" = TRUE. A restart resets the "Homed" status of a technology object with incremental actual values (<Axis name>.StatusBits.HomingDone). 13.2.10 Axis - Diagnostics (S7-1200) 13.2.10.1 Status and error bits (technology objects as of V4) (S7-1200) You use the "Status and error bits" diagnostic function to monitor the most important status and error messages for the axis in the TIA Portal. The diagnostic function display is available in online mode in "Manual control" mode and in "Automatic control" when the axis is active. The status error messages have the following meaning: Status messages Status message - Axis Description Enabled The axis is enabled and ready to be controlled via Motion Control commands. (Tag of technology object: <Axis name>.StatusBits.Enable) Homed The axis is homed and is capable of executing absolute positioning commands of Motion Control instruction "MC_MoveAbsolute". The axis does not have to be homed for relative positioning. Special situations: During active homing, the status is FALSE. If a homed axis undergoes passive homing, the status is set to TRUE during passive homing. (Tag of technology object: <Axis name>.StatusBits.HomingDone) Axis error An error has occurred in the "Axis" technology object. Additional information about the error is available in automatic control at the ErrorID and ErrorInfo parameters of the Motion Control instructions. In manual mode, the "Error message" box of the axis control panel displays detailed information about the cause of error. (Tag of technology object: <Axis name>.StatusBits.Error) Control panel active The "Manual control" mode was enabled in the axis control panel. The axis control panel has control priority over the "Axis" technology object. The axis cannot be controlled from the user program. (Tag of technology object: <Axis name>.StatusBits.ControlPanelActive) Restart required A modified configuration of the axis was downloaded to the load memory in CPU RUN mode. To download the modified configuration to the work memory, you need to restart the axis. Use the Motion Control instruction MC_Reset to do this. (Tag of technology object: <Axis name>.StatusBits.RestartRequired) WinCC Advanced V14 System Manual, 10/2016 6739 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Status message - Drive Description Ready The drive is ready for operation. (Tag of technology object: <Axis name>.StatusBits.DriveReady) Drive error The drive has reported an error due to loss of its "Drive ready" signal. (Tag of technology object: <Axis name>.ErrorBits.DriveFault) Status message - Motion Description Standstill The axis is at a standstill. (Tag of technology object: <Axis name>.StatusBits.StandStill) Acceleration The axis accelerates. (Tag of technology object: <Axis name>.StatusBits.Accelerating) Constant velocity The axis travels at constant velocity. (Tag of technology object: <Axis name>.StatusBits.ConstantVelocity) Deceleration The axis decelerates (slows down). (Tag of technology object: <Axis name>.StatusBits.Decelerating) Status message - Motion type Description Positioning The axis executes a positioning command of the Motion Control instruction "MC_MoveAbsolute", "MC_MoveRelative" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.PositioningCommand) Travel with velocity speci The axis executes a command with velocity specification of the Motion Control instruction fication "MC_MoveVelocity", "MC_MoveJog" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.VelocityCommand) Homing The axis executes a homing command of the Motion Control instruction "MC_Home" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.HomingCommand) Command table active The axis is controlled by Motion Control instruction "MC_CommandTable". (Tag of technology object: <Axis name>.StatusBits.CommandTableActive) Limit switch status messages Limit switch status message Description Low SW limit switch has been reached A software limit switch was reached or exceeded. High SW limit switch has been reached A hardware limit switch was reached or exceeded. Low HW limit switch was reached The low hardware limit switch was reached or exceeded. High HW limit switch was reached The high hardware limit switch was reached or exceeded. 6740 (Tag of technology object: <Axis name>.StatusBits.SWLimitMinActive) (Tag of technology object: <Axis name>.StatusBits.SWLimitMaxActive) (Tag of technology object: <Axis name>.StatusBits.HWLimitMinActive) (Tag of technology object: <Axis name>.StatusBits.HWLimitMaxActive) WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Error messages Error message Description SW limit switch has been reached A software limit switch was reached or exceeded. HW limit switch has been reached A hardware limit switch was reached or exceeded. Invalid direction of motion The motion direction of the command does not match the configured motion direction. PTO already in use A second axis is using the same PTO (Pulse Train Output) and HSC (High Speed Counter) and is enabled with "MC_Power". (Tag of technology object: <Axis name>.ErrorBits.SWLimit) (Tag of technology object: <Axis name>.ErrorBits.HWLimit) (Tag of technology object: <Axis name>.ErrorBits.DirectionFault) (Tag of technology object: <Axis name>.ErrorBits.HWUsed) Encoder Error in the encoder system. (Tag of technology object: <Axis name>.ErrorBits.SensorFault) Data exchange Error in communication with a connected device. (Tag of technology object: <Axis name>.ErrorBits.CommunicationFault) Positioning The axis was not correctly positioned at the end of a positioning motion. (Tag of technology object: <Axis name>.ErrorBits.PositionigFault) Following error The maximum permitted following error was exceeded. (Tag of technology object: <Axis name>.ErrorBits.FollowingErrorFault) Encoder values are invalid The encoder values are invalid. (Tag of technology object: <Axis name>.StatusSensor.State) Configuration error The "Axis" technology object was incorrectly configured or editable configuration data were modified incorrectly during runtime of the user program. (Tag of technology object: <Axis name>.ErrorBits.ConfigFault) Internal error An internal error has occurred. (Tag of technology object: <Axis name>.ErrorBits.SystemFault) The output window below shows the first reported and still unacknowledged error. See also StatusBits tags V4...5 (Page 6917) ErrorBits tags V4...5 (Page 6922) Diagnostics - Status and error bits ("Axis" technology object V1...3) (Page 6837) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) Motion status (Page 6742) WinCC Advanced V14 System Manual, 10/2016 6741 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.10.2 Motion status (S7-1200) Use the "Motion status" diagnostic function to monitor the motion status of the axis in the TIA Portal. The diagnostic function display is available in online mode in "Manual control" mode and in "Automatic control" when the axis is active. The displayed status information has the following meaning: Status Description Current position The "Current position" box indicates the current axis position. If the axis is not homed, the value indicates the position value relative to the enable position of the axis. (Tag of technology object: <Axis name>.Position) Current velocity The "Current velocity" box indicates the current axis velocity. (Tag of technology object: <Axis name>.Velocity) Target position The "Target position" box indicates the current target position of an active positioning command or of the axis command table. The value of the "Target position" is only valid during execution of a positioning command. (Tag of technology object: <Axis name>.StatusPositioning.TargetPosition) Remaining travel distance The "Remaining travel distance" box indicates the travel distance currently remaining for an active positioning command or the axis command table. The "Remaining travel distance" value is only valid during execution of a positioning command. (Tag of technology object: <Axis name>.StatusPositioning.Distance) See also Position tag V4...5 (Page 6890) Velocity tag V4...5 (Page 6891) StatusPositioning tags V4...5 (Page 6914) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) Position tag as of V6 (Page 6782) Velocity tag as of V6 (Page 6783) MotionStatus tags V1...3 (Page 6884) Status and error bits (technology objects as of V4) (Page 6739) 13.2.10.3 Dynamics settings (S7-1200) Use the "Dynamics settings" diagnostic function to monitor the dynamic limits of the axis in the TIA Portal. The diagnostic function display is available in online mode in "Manual control" mode and in "Automatic control" when the axis is active. The displayed status information has the following meaning: Dynamic limit Description Acceleration The "Acceleration" box indicates the currently configured acceleration of the axis. (Tag of technology object: <Axis name>.DynamicDefaults.Acceleration) Deceleration The "Deceleration" box indicates the currently configured deceleration of the axis. (Tag of technology object: <Axis name>.DynamicDefaults.Deceleration) 6742 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Dynamic limit Description Emergency deceleration The "Emergency deceleration" box indicates the currently configured emergency stop deceler ation of the axis. (Tag of technology object: <Axis name>.DynamicDefaults.EmergencyDeceleration) Jerk The "Velocity" box indicates the current axis step velocity configured. (axis technology object as of V2) (Tag of technology object: <Axis name>.DynamicDefaults.Jerk) See also DynamicDefaults tags V4...5 (Page 6905) Compatibility list of variables V1...3 <-> V4...5 (Page 6626) 13.2.10.4 PROFIdrive frame (S7-1200) The "Technology object > Diagnostics > PROFIdrive telegram" diagnostics function is used in the TIA Portal to monitor the PROFIdrive telegrams returned by the drive and encoder. The display of the Diagnostics function is available in online operation. "Drive" area This area displays the following parameters contained in the PROFIdrive telegram from the drive to the controller: Status words "SW1" and "SW2" The setpoint speed that was output to the drive (NSET) The actual speed that was signaled from the drive (NACT) "Encoder" area This area displays the following parameters contained in the PROFIdrive telegram from the encoder to the controller: Status word "G1_ZSW" The actual position value "G1_XIST1" (cyclic actual encoder value) The actual position value "G1_XIST2" (absolute value of the encoder) WinCC Advanced V14 System Manual, 10/2016 6743 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.11 Appendix (S7-1200) 13.2.11.1 Using multiple axes with the same PTO (S7-1200) Use the Motion Control functionality of the CPU S7-1200 to run multiple positioning axis technology objects with the same PTO (Pulse Train Output) and thus with the same CPU outputs. This is appropriate, for example, if different axis configurations are to be used for different production sequences via one PTO. As described below, it is possible to switch between these axis configurations as often as necessary. The following diagram presents the basic functional relationships: 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB 0&B3RZHUB,QVWDQFHB 372 3XOVH7UDLQ2XWSXW $[LVFRQILJXUDWLRQ 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB , , , , , , , , 5816723 (5525 0$,17 ', &38& '&'&'& ' 0&B3RZHUB,QVWDQFHB; 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB; , , , , , , 6,0$7,& 6 $[LVFRQILJXUDWLRQ 0&B3RZHUB,QVWDQFHB ;31/$1 $[LVFRQILJXUDWLRQ; In this example, several positioning axis technology objects, each with its own axis configuration, use the same PTO. Each axis must be called in the user program with a separate call of Motion Control instruction "MC_Power" with a separate instance data block. Only one axis at a time may use the PTO. The axis that is currently using the PTO indicates this with tag <Axis name>.StatusBits.Activated = TRUE. Switchover of the positioning axis technology object The program scheme described below shows you how to switch between different technology objects and, thus, between different axis configurations. To use the same PTO with multiple axes without error indications, only the Motion Control instructions of the axis currently being used may be called. The following diagram presents this principle using Motion Control instruction "MC_Power" as an example: 6744 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) &DOOLQDFWLYH (1 0&B3RZHUB,QVWDQFHB 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB 372 3XOVH7UDLQ2XWSXW 0&B3RZHUB,QVWDQFHB; ', &38& '&'&'& ' 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB; &DOOLQDFWLYH (1 , , , , , , 6,0$7,& 6 6WDWXV%LWV$FWLYDWHG 758( (UURU%LWV+Z8VHG )$/6( 5816723 (5525 0$,17 (QDEOH 758( (UURU )$/6( 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB (1 0&B3RZHUB,QVWDQFHB , , , , , , , , &DOODFWLYH ;31/$1 The tags of the activated axis ("Positioning axis_2" here) show the following typical indicators in the user program: <Axis name>.StatusBits.Activated = TRUE <Axis name>.ErrorBits.HWUsed = FALSE To switch from one positioning axis technology object to another, follow the steps described below. In the example, a switch is made from "Positioning axis_2" to "Positioning axis_1": 1. End any active traversing motions of activated "Positioning axis_2" 2. Disable "Positioning axis_2" with the associated Motion Control instruction "MC_Power" using input parameter Enable = FALSE 3. To verify that "Positioning axis_2" has been disabled, use an AND operation of output parameter Status = FALSE of Motion Control instruction "MC_Power" and technology object tag <Axis name>.StatusBits.Enable = FALSE. 4. Deactivate the conditional call of the Motion Control instructions for "Positioning axis_2". 5. Activate the conditional call of the Motion Control instruction for "Positioning axis_1". At the first call of the corresponding Motion Control instruction "MC_Power", "Positioning axis_2" is deactivated and "Positioning axis_1" is activated. 6. Enable "Positioning axis_1" with the associated Motion Control instruction "MC_Power" using input parameter Enable = TRUE. 7. To verify that "Positioning axis_1" has been enabled, use an AND operation of output parameter Status = TRUE of Motion Control instruction "MC_Power" and technology object tag <Axis name>.StatusBits.Enable = TRUE. It is also always possible to cyclically call all Motion Control instructions of all axes working with a single PTO. WinCC Advanced V14 System Manual, 10/2016 6745 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) &DOODFWLYH (1 0&B3RZHUB,QVWDQFHB 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB 372 3XOVH7UDLQ2XWSXW 6,0$7,& 6 6WDWXV%LWV$FWLYDWHG 758( (UURU%LWV+Z8VHG )$/6( 5816723 (5525 0$,17 (QDEOH 758( (UURU )$/6( 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB ', &38& '&'&'& ' 0&B3RZHUB,QVWDQFHB; (QDEOH )$/6( (UURU 758( 7HFKQRORJ\REMHFW 3RVLWLRQLQJD[LVB; &DOODFWLYH (1 , , , , , , (1 0&B3RZHUB,QVWDQFHB &DOODFWLYH 6WDWXV%LWV$FWLYDWHG )$/6( (UURU%LWV+Z8VHG 758( , , , , , , , , (QDEOH )$/6( (UURU 758( ;31/$1 6WDWXV%LWV$FWLYDWHG )$/6( (UURU%LWV+Z8VHG 758( When an axis is enabled (here "Positioning axis_2"), this axis becomes active. In contrast to the conditional call, the Motion Control instructions of the deactivated axes (here "Positioning axis_1" and "Positioning axis_x") indicate errors. The tags of these axes indicate the status <Axis name>.StatusBits.Activated = FALSE and <Axis name>.ErrorBits.HWUsed = TRUE. Use the conditional call of the Motion Control instructions if you want to implement the user program without error indicators. See also Tags of the positioning axis technology object V4...5 (Page 6890) Using multiple drives with the same PTO (Page 6747) Tracking jobs from higher priority classes (execution levels) (Page 6748) Special cases when using software limit switches for drive connection via PTO (Page 6750) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) 6746 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.11.2 Using multiple drives with the same PTO (S7-1200) If multiple drives are to be used, they can be run with a common PTO (Pulse Train Output) using changeover. The following diagram represents the basic circuit design: S 6,0$7,& 6 , , , , , , , , , , , , , , 6LJQDOERDUG 5816723 (5525 0$,17 ', &38& '&'&'& ' ;31/$1 3XOVHDQGGLUHFWLRQRXWSXWV 3RZHUXQLW 3RZHUXQLW The changeover between drives can be controlled, if required, by the user program via a digital output. If different axis configurations are required for the different drives, a changeover between these configurations is required for the PTO. For additional information on this topic, refer to "Using multiple axes with the same PTO (Page 6744)". See also Tags of the positioning axis technology object V4...5 (Page 6890) Using multiple axes with the same PTO (Page 6744) Tracking jobs from higher priority classes (execution levels) (Page 6748) Special cases when using software limit switches for drive connection via PTO (Page 6750) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) WinCC Advanced V14 System Manual, 10/2016 6747 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 13.2.11.3 Tracking jobs from higher priority classes (execution levels) (S7-1200) Depending on the application, it may be necessary to start Motion Control commands (for example, interrupt-controlled) in a higher priority class (execution level). The Motion Control instructions must be called at short intervals for status monitoring. Motion Control commands cannot be sufficiently closely monitored if the higher priority Motion Control commands are called only once or at too great an interval. Tracking in such cases can be carried out in the cycle OB. An instance data block that is not currently being utilized must be available for each start of a higher priority Motion Control command. Refer to the following flow chart to see how you start Motion Control commands in a higher priority class (for example, hardware interrupt OB) and continue tracking in the program cycle OB: 6748 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) F\FOH2% SURFHVV2% 6WDUWSURFHVV DODUP2% $GGLWLRQDOJHQHUDO SURJUDPFRGH 1H[WJHQHUDO SURJUDPFRGH 9DULDEOH '%[BXVHG 758(" \HV 2SHQLQJWKH0RWLRQ&RQWURO LQVWUXFWLRQVZLWK'%[ DQG([HFXWH 758( UHDGLQJVWDWXVRIRUGHU 9DULDEOH '%[BXVHG 758(" QR \HV QR 0RWLRQ&RQWURO MREILQLVKHGRUFDQFHOHG" QR 4XHULHGDOO'%V DYDLODEOH" QR \HV 2SHQLQJ0RWLRQ&RQWUROLQVWUXFWLRQ ZLWK'%[DQG([HFXWH )$/6( SUHSDUH'%IRUUHGHSOR\PHQW '%[ QH[W'% DYDLODEOH 5HVHWYDULDEOH '%[BXVHG 4XHULHGDOO'%V DYDLODEOH" \HV 1H[WJHQHUDO SURJUDPFRGH 6HWYDULDEOH '%[BXVHG 2SHQLQJWKH0RWLRQ&RQWURO LQVWUXFWLRQVZLWK'%[ DQG([HFXWH 758( VWDUWLQJRUGHU (UURU LQVXIILFLHQW'%V QR '%[ QH[W'%DYDLODEOH \HV F\FOHFNHFNSRLQW 1H[WJHQHUDO SURJUDPFRGH (QGRISURFHVV DODUP2% Depending on the frequency of the Motion Control commands you want to start, you will have to generate a sufficient number of instance data blocks. Users determine which instance data block is currently used in the DBx_used tags. WinCC Advanced V14 System Manual, 10/2016 6749 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Start of Motion Control command in the hardware interrupt OB Binary queries of the DBx_used tags (orange) are used to find an instance data block not currently in use. If such an instance data block is found, the utilized instance data block is marked as "used" (green) and the Motion Control command is started with this instance data block (blue). Any other program sections of the hardware interrupt OB are then executed, followed by a return to the program cycle OB. Tracking of started Motion Control commands in the program cycle OB All instance data blocks available in the cycle OB are checked to determine if they are currently in use by means of the DBx_used tag (violet). If an instance data block is in use (Motion Control command is being processed), the Motion Control instruction with this instance data block and input parameter Execute = TRUE is called to read out the status messages (red). If the command is complete or has been aborted, the following actions are taken next (blue green): Call of Motion Control instruction with input parameter Execute = FALSE Resetting the DBx_used tag This completes the command tracking, and the instance data block is now available for use again. See also Tags of the positioning axis technology object V4...5 (Page 6890) Using multiple axes with the same PTO (Page 6744) Using multiple drives with the same PTO (Page 6747) Special cases when using software limit switches for drive connection via PTO (Page 6750) List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) 13.2.11.4 Special cases when using software limit switches for drive connection via PTO (S7-1200) Software limit switches in conjunction with a homing operation (S7-1200) Due to unfavorably parameterized homing jobs, the braking action of the axis may be influenced at the software limit switch. Take the following examples into consideration when developing your program. 6750 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Example 1: During a travel command, a homing job (for example, Set reference point) offsets the current axis position in the direction of the software limit switch. It is still possible to bring the axis to a standstill before reaching the software limit switch: Y ROGD[LV SRVLWLRQ QHZD[LV SRVLWLRQ VRIWZDUH OLPLWVZLWFK V The green curve shows the motion without the homing job. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. A new axis position is set as a result of the homing job. The area between the old and new axis position is thus "skipped". Based on the new axis position, the axis would theoretically be stopped with the configured deceleration at a position after the software limit switch (red curve). Because braking with the configured deceleration is no longer sufficient, the axis actually follows the blue curve. Fol lowing constant motion, the axis brakes at the configured emergency stop deceleration and comes to a standstill at the position of the software limit switch. WinCC Advanced V14 System Manual, 10/2016 6751 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Example 2: During a travel command, a homing job (for example, Set reference point) offsets the current axis position in the direction of the software limit switch. In contrast to example 1, it is no longer possible to bring the axis to a standstill before reaching the software limit switch. The axis overruns the position of the software limit switch. Y ROGD[LV SRVLWLRQ QHZD[LV SRVLWLRQ V VRIWZDUH OLPLWVZLWFK The green curve shows the motion without the homing job. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. A new axis position is set as a result of the homing job. The area between the old and new axis position is thus "skipped". Based on the new axis position, the axis would theoretically be stopped with the configured deceleration at a position well after the software limit switch (red curve). Because braking with the configured deceleration is no longer sufficient, the axis actually follows the blue curve. The axis brakes with the configured emergency stop deceleration. However, the emergency stop deceleration is not sufficient to stop the axis at the position of the software limit switch. The position of the software limit switch is overrun. 6752 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Example 3: During a braking operation, a homing job (for example, Set reference point) offsets the current axis position in the direction of the software limit switch. It is still possible to bring the axis to a standstill before reaching the software limit switch: Y QHZD[LV SRVLWLRQ VRIWZDUH OLPLWVZLWFK V ROGD[LV SRVLWLRQ The green curve shows the motion without the homing job. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. A new axis position is set as a result of the homing job. The area between the old and new axis position is thus "skipped". Based on the new axis position, the axis would theoretically be stopped with the configured deceleration at a position after the software limit switch (red curve). Because braking with the configured deceleration is no longer sufficient, the axis actually follows the blue curve. Fol lowing constant motion, the axis brakes at the configured emergency stop deceleration and comes to a standstill at the position of the software limit switch. Example 4: During a braking operation, a homing job (for example, Set reference point) offsets the current axis position in the direction of the software limit switch. In contrast to example 3, it is no longer possible to bring the axis to a standstill before reaching the software limit switch. The axis overruns the position of the software limit switch. WinCC Advanced V14 System Manual, 10/2016 6753 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Y ROGD[LV SRVLWLRQ QHZD[LV SRVLWLRQ V VRIWZDUH OLPLWVZLWFK The green curve shows the motion without the homing job. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. A new axis position is set as a result of the homing job. The area between the old and new axis position is thus "skipped". Based on the new axis position, the axis would theoretically be stopped with the configured deceleration at a position well after the software limit switch (red curve). Because braking with the configured deceleration is no longer sufficient, the axis actually follows the blue curve. The axis brakes with the configured emergency stop deceleration. However, the emergency stop deceleration is not sufficient to stop the axis at the position of the software limit switch. The position of the software limit switch is overrun. See also Software limit switches and software limit switch position changes. (Page 6754) Software limit switches in conjunction with dynamic changes (Page 6755) Response of the axis when position limits are triggered (Page 6655) Software limit switches and software limit switch position changes. (S7-1200) An incorrect change in the position of the software limit switch during the runtime of the user program can abruptly reduce the distance between the current axis position and the position of the software limit switch. The axis response is similar to that described in Software limit switches in conjunction with a homing operation (Page 6750). 6754 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Software limit switches in conjunction with a homing operation (Page 6750) Software limit switches in conjunction with dynamic changes (Page 6755) Response of the axis when position limits are triggered (Page 6655) Software limit switches in conjunction with dynamic changes (S7-1200) It is possible to influence the deceleration of the axis in the area of the software limit switches in conjunction with overriding motion commands. This applies when the overriding motion command is started with a lower deceleration (tag <Axis name>.DynamicDefaults.Deceleration). Take the following examples into consideration when developing your program. Example 1: During axis motion, an active motion command is overridden by another motion command with a lower deceleration: Y UHSODFHPHQWPRWLRQ VWDUWHG VRIWZDUHOLPLW VZLWFK V The green curve shows the motion of an active command without this command being overridden. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. Based on the overriding motion command with lower deceleration, the axis would theoretically be stopped with the configured deceleration at a position after the software limit switch (red curve). Because braking with the configured deceleration of the overriding motion command is no longer sufficient, the axis actually follows the blue curve. Following a constant motion, the axis brakes at the emergency stop deceleration and comes to a standstill at the position of the software limit switch. WinCC Advanced V14 System Manual, 10/2016 6755 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Example 2: During braking of the axis, an active motion command is overridden by another motion command with a lower deceleration: Y UHSODFHPHQWPRWLRQ VWDUWHG VRIWZDUHOLPLW VZLWFK V The green curve shows the motion of an active command without this command being overridden. The axis brakes at the configured deceleration and comes to a standstill at a position before the software limit switch. Based on the overriding motion command with lower deceleration, the axis would theoretically be stopped at a position well after the software limit switch (red curve). Because braking with the configured deceleration of the overriding motion command is no longer sufficient, the axis actually follows the blue curve. Following a constant motion, the axis brakes at the emergency stop deceleration and comes to a standstill at the position of the software limit switch. See also Software limit switches in conjunction with a homing operation (Page 6750) Software limit switches and software limit switch position changes. (Page 6754) Response of the axis when position limits are triggered (Page 6655) 13.2.11.5 Reducing velocity for a short positioning duration (S7-1200) The CPU can reduce the velocity of a positioning command when the planned positioning duration is < 2 ms. The velocity of command execution will then be reduced for the entire duration. The reduced velocity (pulses per s) is calculated as follows: Reduced velocity = Number of pulses to be output * 500Hz 6756 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Velocity is not reduced if the planned positioning duration is >= 2 ms. 13.2.11.6 Dynamic adjustment of start/stop velocity (S7-1200) The configuration of your velocity limits (start/stop velocity and maximum velocity), the dynamic values (acceleration, deceleration and jerk) and the target speed of the traversing command may under certain circumstances result in the start/stop velocity being dynamically adjusted by the CPU. This is for example the case when, due to a low configured start/stop velocity, the time required for the first pulses would be longer than that possible for the entire acceleration. The first pulse is in these cases output at a greater velocity than the configured start/stop velocity. The subsequent pulses are also dynamically adjusted to ensure the acceleration process can be completed in the specified time. Ensure in the event of any pulse loss that the hardware (drive) you use is adjusted to this situation, or change the dynamic settings of your axis to avoid dynamic adjustment of the start/ stop velocity. 13.2.11.7 Move the axis without position control for servicing (S7-1200) If service is required, it may be necessary to move a PROFIdrive drive or a drive with an analog drive interface without position control. This may be the case for example with invalid or incorrect encoder values. The following Motion Control instructions influence the status of the position control: Enable position-controlled drives without position control with MC_Power Start the axis with the Motion Control instruction MC_Power StartMode = 0 in non-positioncontrolled operation. The non-position-controlled mode is in effect until another Motion Control instruction changes the status of the position control. MC_MoveVelocity MC_MoveVelocity with PositionControlled = FALSE forces non-position-controlled operation. MC_MoveVelocity with PositionControlled = TRUE forces position-controlled operation. The selected position-controlled operation is retained even after the termination of MC_MoveVelocity. MC_MoveJog MC_MoveJog with PositionControlled = FALSE forces non-position-controlled operation. MC_MoveJog with PositionControlled = TRUE forces position-controlled operation. WinCC Advanced V14 System Manual, 10/2016 6757 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The selected position-controlled operation is retained even after the termination of MC_MoveJog. MC_Home, MC_MoveRelative, MC_MoveAbsolute The Motion Control instructions MC_Home, MC_MoveRelative and MC_MoveAbsolute force position-controlled operation. The position control remains active even when the command has ended. MC_Halt The Motion Control instruction MC_Halt is executed in position-controlled and non-positioncontrolled operation. The status of the position control remains unchanged. See also MC_Power: Enable, disable axis as of V6 (Page 3888) MC_Halt: Stop axis as of V6 (Page 3899) 13.2.11.8 List of ErrorIDs and ErrorInfos (technology objects as of V6) (S7-1200) The following table lists all ErrorIDs and ErrorInfos that can be indicated in Motion Control instructions. In addition to the cause of the error, remedies for eliminating the error are also listed: Depending on the error reaction, the axis is stopped in the case of operating errors with stop of axis. The following error reactions are possible: Remove enable The setpoint zero is output and the enable is removed. The axis is braked depending on the configuration in the drive, and is brought to a standstill. Stop with emergency stop ramp Active motion commands are aborted. The axis is braked with the emergency stop deceleration configured under "Technology object > Extended parameters > Dynamics > Emergency stop ramp" without any jerk limit and brought to a standstill. Operating error with axis stop ErrorID 16#8000 ErrorIn Description fo Drive error, loss of "Drive ready" 16#000 1 6758 Remedy Error reaction - Acknowledge error with instruction "MC_Reset"; provide drive signal; restart command, if necessary WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8001 ErrorIn Description fo Remedy Low SW limit switch has been tripped 16#000 The position of the low SW limit switch E was reached with the currently config ured deceleration 16#000 The position of the low SW limit switch F was reached with the emergency stop deceleration Acknowledge the error with instruction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the SW limit switch 16#001 The position of the low SW limit switch 0 was exceeded with the emergency stop deceleration 16#8002 Remove enable High SW limit switch has been tripped 16#000 The position of the high SW limit switch E was reached with the currently config ured deceleration 16#000 The position of the high SW limit switch F was reached with the emergency stop deceleration Acknowledge the error with instruction "MC_Reset"; use a motion command to move the axis in the negative direction out of the range of the SW limit switch 16#001 The position of the high SW limit switch 0 was exceeded with the emergency stop deceleration 16#8003 Remove enable Low HW limit switch was reached 16#000 The low HW limit switch was reached. E The axis was stopped with the emer gency stop deceleration. (During an active homing procedure, the homing switch was not found) Error reaction Acknowledge the error for an enabled axis with instruction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the HW limit switch. For drive connec tion via PTO (Pulse Train Out put): Stop with emer gency stop ramp For drive connec tion via PROFI drive/analog out put: Remove enable 16#8004 High HW limit switch was reached 16#000 The high HW limit switch was reached. E The axis was stopped with the emer gency stop deceleration. (During an active homing procedure, the homing switch was not found) Acknowledge the error for an enabled axis with instruction "MC_Reset"; use a motion command to move the axis in the negative direction out of the range of the HW limit switch. For drive connec tion via PTO (Pulse Train Out put): Stop with emer gency stop ramp For drive connec tion via PROFI drive/analog out put: Remove enable WinCC Advanced V14 System Manual, 10/2016 6759 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8005 ErrorIn Description fo Remedy Error reaction PTO/HSC are already being used by another axis 16#000 1 - The axis was configured incorrectly: Correct the configuration of the PTO (Pulse Train Output) / HSC (High Speed Counter) and download it to the controller More than one axis is to run with one PTO: Another axis is using the PTO / HSC. If the current axis is to assume the control, the other axis must be disabled with "MC_Power" Enable = FALSE. (See also Using multiple axes with the same PTO (Page 6744)) 16#8006 A communication error in the control panel has occurred 16#001 A timeout has occurred 2 16#8007 16#8008 Remove enable Check the cable connection and press the "Manual control" button again The axis cannot be enabled - 16#002 Restarting 5 Wait until the axis restart is complete. 16#002 Executing loading process in RUN 6 mode Wait until the loading process is complete. Invalid direction of motion - 16#002 The selected motion direction is not al Adjust the motion direction and restart E lowed. the command. 16#002 A reversing motion is not possible with Adjust the allowed direction of rotation F the selected motion direction. in the technology object configuration under "Extended parameters > Mechanics". Restart the command. 16#8009 Reference switch/encoder zero mark not found 16#003 Error in the configuration, hardware or 3 installation of the encoder or at the homing switch. 6760 Connect a suitable device. Stop with emer gency stop ramp Check the device (I/Os). Compare the configuration of HW Config and the technology object. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#800A ErrorIn Description fo Remedy Alarm message from encoder 16#000 1 Error reaction Remove enable Check the device with regard to function, connections and I/Os. 16#003 Hardware error at encoder 4 16#003 Encoder dirty 5 16#003 Error during reading of encoder abso 6 lute value Compare the encoder type in the drive or encoder parameter P979 with the configu ration data of the technology object. 16#003 Zero mark monitoring of the encoder 7 Encoder reports error in zero mark moni toring (fault code 0x0002 in Gx_XIST2, see PROFIdrive profile). Check the plant for electromagnetic com patibility (EMC). 16#003 Encoder is in "Parking" state 8 Search for the cause of the error in the connected drive or encoder. Check whether the error message was possibly triggered by a commissioning action at the drive or encoder. 16#004 PROFIdrive: Encoder on bus failed 0 (station failure). Check the device with regard to function, connections and I/Os. 16#004 PROFIdrive: Signs of life of encoder 1 faulty. 16#800B Range violation of the position 16#003 Range violation in positive direction 9 Remove enable Home the axis to a valid actual value range. 16#003 Range violation in negative direction A 16#003 The change of the actual position in a B position control clock cycle is greater than the modulo length. WinCC Advanced V14 System Manual, 10/2016 Adjust the modulo length of the employed encoder. 6761 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#800C ErrorIn Description fo Remedy Error reaction Alarm message from drive Remove enable 16#000 1 Check the device with regard to function, connections and I/Os. 16#003 PROFIdrive: Drive signal "Control re C quested" failed. In the "Tuning" dialog box, select a smaller gain (Kv). 16#003 PROFIdrive/analog drive connection: D Drive has shut down. 16#003 PROFIdrive: Drive on bus failed (sta E tion failure) 16#003 PROFIdrive: Signs of life of drive faulty. Check the device with regard to F function, connections and I/Os. Compare the clock parameters of HW Config (PROFIBUS line, slave OM for drive or encoder) and the execution system. Tmapc and servo must be configured with the same clock cycle time. 16#800D The permitted following error was exceeded 16#000 1 Remove enable Check the configuration of the control loop. Check the direction signal of the encoder. Check the configuration of following error monitoring. 16#800E Error at the hardware limit switch 16#004 Illegal free travel direction with active 2 hardware limit switch Remove enable The programmed direction of movement is disabled due to the active hardware limit switch. Retract the axis in the opposite direction. 16#004 Hardware limit switch polarity is re 3 versed, axis cannot be freed Check the mechanical configuration of the hardware limit switch. 16#004 Both hardware limit switches are ac 4 tive, axis cannot be freed 16#800F Error in target range 16#004 Target range not reached 5 Remove enable Target range was not reached within the positioning tolerance time. Check the configuration of the position monitoring. Check the configuration of the control loop. 16#004 Exit target range again 6 The target range was exited within the minimum dwell time. Check the configuration of the position monitoring. Check the configuration of the control loop. 6762 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8010 ErrorIn Description fo Approach velocity to the homing switch / zero mark equals zero. Remove enable Homing velocity > Select zero The axis cannot occupy the PTO because it is being used by "CTRL_PTO". 16#000 1 Remove enable Approach velocity > Select zero Homing velocity for setting the home position equals zero. 16#000 Value is less than or equal to 0. A 16#8013 Remove enable Change the position of the software limit switches. 16#000 Value is less than or equal to 0. A 16#8012 Error reaction Position of the low SW limit switch is greater than that of the high SW limit switch when the axis is not a modulo axis 16#000 1 16#8011 Remedy Remove enable Select another PTO in the configuration. Operating error without axis stop ErrorID ErrorInfo 16#8200 Description Remedy Axis is not enabled 16#0001 16#8201 - Enable the axis; restart the command Axis has already been enabled by another "MC_Power" instance 16#0001 16#8202 - Enable the axis with only one "MC_Power" instance The maximum number of simultaneous motion control commands has been exceeded (max. 200 commands for drive connection via PTO (Pulse Train Output), max. 100 commands for drive con nection via PROFIdrive/analog output) 16#0001 - Reduce the number of simultaneously active com mands; restart the command A command is active if parameter "Busy" = TRUE in the Motion Control instruction. 16#8203 Axis is currently operated in "Manual control" (axis control panel) 16#0001 16#8204 - Exit "Manual control"; restart the command Axis is not homed 16#0001 16#8205 - Home the axis with instruction "MC_Home"; restart the command The axis is currently controlled by the user program (the error is only displayed in the axis control panel) 16#0013 16#8206 The axis is enabled in the user program Disable axis with instruction "MC_Power" and se lect "Manual control" again in the axis control panel Technology object not activated yet 16#0001 16#8207 WinCC Advanced V14 System Manual, 10/2016 - Enable the axis with instruction "MC_Power" Ena ble = TRUE or enable the axis in the axis control panel. Command rejected 6763 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0001 - Remedy 16#0016 Active homing is running; another homing meth Wait for active homing to finish or abort the active od cannot be started. homing with a motion command, for example, "MC_Halt". 16#0018 The axis cannot be moved with a command ta Wait until direct or passive homing is complete. ble while it is being actively or passively homed. 16#0019 The axis cannot be actively or passively homed while a command table is being processed. Wait for command table to finish or abort the com mand table with a motion command, for example, "MC_Halt". 16#0052 The specified position exceeds the numerical limit. Enter a valid position value at the Motion Control instruction. 16#0053 The axis is ramping up. Wait until the axis is ready for operation. 16#0054 Actual value is invalid To execute a "MC_Home" command, the actual values must be valid. Check the status of the actual values. The variable of the technology object <axis name>."StatusSen sor.State" must show the value 2 (valid). 16#006B 16#8208 Difference between maximum and start/stop velocity is invalid 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#8209 Correct the value; restart the command Invalid acceleration for technology object "Axis" 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#820A Correct the value; restart the command It is not possible to restart the axis 16#0013 The axis is enabled in the user program Disable the axis with the "MC_Power" instruction; restart again 16#0027 The axis is currently being operated in "Manual control" (axis control panel) Exit "Manual control"; restart again 16#002C The axis is not disabled. Disable the axis; restart the command 16#0047 The technology object is not ready for restart. Download the project again. 16#0048 Condition for restart of the technology object is not satisfied. Disable the technology object. 16#820B It is not possible to execute the command table 16#0026 16#820C 6764 Call only prohibited in position-controlled mode Enable the axis with position control with the "MC_Power" with StartMode = 1. Executing loading process in RUN mode Wait until the loading process is complete. No configuration available 16#0001 - Internal error 16#0014 The selected hardware is used by another ap plication Contact the hotline. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Block parameter error ErrorID ErrorInfo 16#8400 Description Remedy Invalid value at parameter "Position" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#8401 Correct the value; restart the command Invalid value at parameter "Distance" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity 16#0009 Value is less than the configured start/stop ve locity 16#0024 Value is less than 0 16#0030 Value has an incorrect number format or is out side the valid number range 16#8402 Correct the value; restart the command Invalid value at parameter "Velocity" of the Motion Control instruction 16#8403 Correct the value; restart the command Invalid value at parameter "Direction" of the Motion Control instruction 16#0011 The selection value is invalid 16#0011 The selection value is invalid Correct the selection value; restart the command 16#0015 Active/passive homing is not configured Correct the configuration and download it to the controller; enable the axis and restart the command 16#0017 The direction reversal is activated at the hard Activate the HW limit switch using the variable ware limit switch, despite the fact that the hard <axis name>.PositionLimits_HW.Active = ware limit switches are disabled TRUE, restart the command 16#8404 Correct the selection value; restart the command Invalid value at parameter "Mode" of the Motion Control instruction Correct the configuration and download it to the controller; enable the axis and restart the command 16#0055 Invalid mode at incremental encoder Start a homing process for an incremental encoder using parameter "Mode" = 0, 1, 2, 3. 16#0056 Invalid mode at absolute encoder Passive and active homing ("Mode" = 2, 3) are not possible for an absolute value encoder. Start a homing process for an absolute encoder us ing parameter "Mode" = 0, 1. 16#8405 Invalid value at parameter "StopMode" of the Motion Control instruction 16#0011 16#8406 The selection value is invalid Correct the selection value; enable the axis again Simultaneous forward and backward jogging is not allowed 16#0001 WinCC Advanced V14 System Manual, 10/2016 - Take steps to ensure that parameters "JogFor ward" and "JogBackward" do not have signal status TRUE simultaneously; restart the command. 6765 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8407 16#0001 16#8408 - 16#001A The specified value does not match the re quired technology object version 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block Disable the active axis; it is then possible to switch to the other axis and enable it. Correct the value; restart the command Invalid value at parameter "CommandTable" of the Motion Control instruction 16#001A The specified value does not match the re quired technology object version 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block 16#840A Correct the value; restart the command Invalid value at parameter "StartStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001D The start step is greater than the end step 16#001E Value is greater than 32 16#840B Correct the value; restart the command Invalid value at parameter "EndStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001E Value is greater than 32 16#840C Correct the value; restart the command Invalid value at parameter "RampUpTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840D Correct the value; restart the command Invalid value at parameter "RampDownTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840E Correct the value; restart the command Invalid value at parameter "EmergencyRampTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840F 6766 Remedy Invalid value at parameter "Axis" of the Motion Control instruction 16#8409 16#8410 Description Switching to another axis with instruction "MC_Power" is only permitted after disabling the active axis. Correct the value; restart the command Invalid value at parameter "JerkTime" of the Motion Control instruction Correct the value; restart the command Invalid value at parameter "Parameter" of the Motion Control instruction WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format Correct the value; restart the command 16#000B Address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0028 Data type of VARIANT pointer "Parameter" and "Value" do not match. Use a suitable data type; restart command 16#0029 VARIANT pointer "Parameter" does not point to a data block of the technology object. Correct the VARIANT pointer; restart the command 16#002A The value at the VARIANT pointer "Parameter" cannot be read. Correct the VARIANT pointer; restart the command 16#002B The value at the VARIANT pointer "Parameter" cannot be written. Correct the VARIANT pointer or value; restart the command The axis is not disabled. Disable the axis; restart the command 16#002C 16#8411 Invalid value at parameter "Value" of the Motion Control instruction 16#0002 16#8412 The value has an invalid number format Correct the value; restart the command Value at "Start Mode" parameter of the Motion Control instruction invalid 16#0011 The selection value is invalid Correct the selection value; enable the axis again Configuration error of the axis ErrorID ErrorInfo 16#8600 Description Remedy Parameter assignment of pulse generator (PTO is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication 16#8601 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Parameter assignment of the high-speed counter (HSC) is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication 16#8602 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid parameter assignment of "Enable output" 16#000B 16#8603 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid parameter assignment of "Ready input" 16#000B 16#8604 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Pulses per motor revolution" value 16#000A 16#8605 WinCC Advanced V14 System Manual, 10/2016 Value is less than or equal to zero Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Distance per revolution" value 6767 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#000A Value is less than or equal to zero 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8606 Invalid "Start/stop velocity" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0007 The start/stop velocity is greater than the maxi mum velocity 16#8607 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "maximum velocity" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8608 Invalid "Acceleration" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8609 6768 Invalid "Deceleration" value WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#860A Invalid "Emergency stop deceleration" value 16#0002 The value has an invalid number format Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#860B Value for position of the low SW limit switch is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0030 The position value of the low software limit switch is greater than that of the high software limit switch 16#860C Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Value for position of the high SW limit switch is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary WinCC Advanced V14 System Manual, 10/2016 6769 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#860D Description Remedy Invalid address of the low HW limit switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#860E Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid address of the high HW limit switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#860F Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "home position offset" value 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8610 Invalid "approach velocity" value 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity 16#0009 The velocity is less than the start/stop velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8611 6770 Invalid "Homing velocity" value WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0009 The velocity is less than the start/stop velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8612 Invalid address of the homing switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#8613 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" During active homing, direction reversal at the hardware limit switch is activated although the hard ware limit switches are not configured 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8614 Invalid "Jerk" value 16#0002 The value has an invalid number format 16#001F Value is greater than the maximum jerk 16#0020 Value is less than the minimum jerk 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8615 Value for "Unit of measurement" is invalid 16#0011 16#8616 WinCC Advanced V14 System Manual, 10/2016 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Address of homing switch is invalid (passive homing as of V4) 6771 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8617 Value of variable <axis name>.Sensor.Sensor[1].ActiveHoming.Mode is invalid 16#0011 The selection value is invalid (Valid value: 2 = Homing via digital input) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8618 Value of variable <axis name>.Sensor.Sensor[1].PassiveHoming.Mode is invalid 16#0011 The selection value is invalid (Valid value: 2 = Homing via digital input) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8619 Value of variable <axis name>.Actor.Type is invalid 16#0011 The selection value is invalid (Valid value: 2 = Connection via pulse interface) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861A Value for "Permitted direction of rotation" is invalid 16#0011 The selection value is invalid 16#002D "Both directions" not allowed when direction output is deactivated Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861B Faulty load gear factors 16#0031 16#861C 6772 Valid is invalid. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Illegal combination of data for homing with incremental encoder WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0031 Valid is invalid. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861D The set encoder mounting type is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Mounting Mode 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861E The configuration of the measuring wheel circumference of the encoder is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Parameter.DistancePerRevolution 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861F The configuration for the resolution of the linear encoder is faulty. Invalid value in <Axis name>.Sen sor.Sensor[1].Parameter.Resolution 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8620 The set fine resolution for Gn_XIST1 is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Pa rameter.FineResolutionXist1 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8621 The set fine resolution for Gn_XIST1 in <Axis name>.Sensor.Sensor[1].Parameter.FineResolutionX ist1 is not consistent with the setting in PROFIdrive parameter P979 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary WinCC Advanced V14 System Manual, 10/2016 6773 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8622 Description Remedy Invalid value for the configuration date <Axis name>.Actor.Interface.AddressIn or <Axis name>.Ac tor.Interface.AddressOut 16#0011 16#8623 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" The value set in the variable <axis name>.Sensor.Sensor[1].Type is invalid. 16#0011 16#8624 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" The set encoder system is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].System 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8625 Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.MinD wellTime 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8626 Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.Win dow 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8627 The configuration of the PROFIdrive interface of the actual value is faulty. Invalid value in <Axis name>.Sensor.Sensor[1].Interface.AddressIn or <Axis name>.Sensor.Sensor[1].Interface.Address Out 16#0011 16#8628 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Faulty controller factors 16#0030 Value has an incorrect number format or is out The value for the gain or the precontrol of the con side the valid number range trol loop is faulty. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary (<Axis name>.PositionControl.Kv, <Axis name>.PositionControl.Kpc) 16#8629 6774 Limit for standstill signal is faulty. Invalid value in <Axis name>.StandStillSignal.VelocityThreshold WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Remedy Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862A Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.Toler anceTime 16#0030 Value has an incorrect number format or is out side the valid number range Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862B Inconsistent PROFIBUS parameterization; the sum of Ti and To is greater than one DP cycle 16#0030 16#862C Value has an incorrect number format or is out Download error-free configuration to the controller; side the valid number range enable the axis again with instruction "MC_Power" Parameter of standstill monitoring is faulty. Invalid value in <Axis name>.StandStillSignal.MinDwell Time 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862D Parameter of following error monitoring is faulty. Invalid value in <Axis name>.FollowingError.Min Value 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862E Invalid value for the configuration date <Axis name>.Modulo.Length 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862F WinCC Advanced V14 System Manual, 10/2016 Invalid value for the configuration date <Axis name>.Modulo.StartValue 6775 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Remedy Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8630 Invalid value for the configuration date <Axis name>.Actor.DriveParameter.ReferenceSpeed 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8631 The set fine resolution for Gn_XIST2 is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Pa rameter.FineResolutionXist2 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8632 The number of determinable encoder revolutions is invalid. Invalid value in <Axis name>.Sensor.Sen sor[1].Parameter.DeterminableRevolutions 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8634 Parameter of the following error monitoring is faulty. Invalid value in <Axis name>.FollowingEr ror.MaxValue 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8635 Parameter of the following error monitoring is faulty. Invalid value in <Axis name>.FollowingError.Min Velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8636 6776 Controller factor is incorrect. Invalid value of the precontrol factor <Axis name>.PositionControl.Kpc WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Remedy Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8637 Invalid value for the configuration date <Axis name>.Sensor.Sensor[1].Interface.Type 16#0011 16#8638 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid value for the configuration date <Axis name>.Sensor.Sensor[1].Interface.HSC 16#0011 16#8639 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Error at the drive 16#0049 Configuration error at device Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#004A The technology needs a smaller servo clock. Internal system error. Check the project for consistency and reload it into the controller. 16#004B Device driver not initialized during ramp-up. To enable a technology object, the actuator driver must be initialized. Execute the command again later. 16#863A Communication to the drive is faulty 16#004C Configuration error at device Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004D The device driver needs a smaller servo clock. Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004E 16#863B Error in internal communication with the device Check the project for consistency and reload it into the controller. Error at encoder 16#0049 Configuration error at device Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#004A The technology needs a smaller servo clock. Internal system error. Check the project for consistency and reload it into the controller. 16#004B Device driver not initialized during ramp-up. To enable a technology object, the actuator driver must be initialized. Execute the command again later. 16#863C WinCC Advanced V14 System Manual, 10/2016 Communication with encoder is faulty 6777 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#004C Configuration error at device Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004D The device driver needs a smaller servo clock. Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004E 16#863D Error in internal communication with the device Check the project for consistency and reload it into the controller. Communication to the device (drive or encoder) is faulty 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#0055 The requested logical address is invalid. 16#0056 The requested logical output address is invalid. Check the device (I/Os). The requested logical output address is invalid. Check the topological configuration in HW Config. 16#0057 Connect a suitable device. Compare the configuration of HW Config and the technology object. 16#863E Value of variable "ControlPanel.Input.TimeOut" is invalid (axis control panel) 16#0030 Value has an incorrect number format or is out Correct the value in the variables of the technology side the valid number range object <axis name>.ControlPanel.Input.TimeOut. The value is specified in milliseconds (ms). 16#863F Invalid value for the configuration date <Axis name>.Actor.DriveParameter.MaxSpeed 16#0030 Value has an incorrect number format or is out Correct the reference value in the drive and in the side the valid number range configuration of the technology object to Actua tor.MaxSpeed/2. With analog drive connection, correct the reference value in the drive and in the configuration of the technology object to Actuator.MaxSpeed/1.17. 16#8640 6778 Error with automatic transfer of drive parameters in the device 16#0030 Value has an incorrect number format or is out Correct the value. side the valid number range 16#0059 The device is not assigned to any SINAMICS drive unit or does not support the services re quired for the adaptation. 16#005A Automatic transfer of parameters canceled due to insufficient resources. 16#005B The parameters can only be automatically trans ferred when the device is connected directly to an I/O area. Disable automatic transfer of the parameters in the device. Complete the required parameters in the axis con figuration and reload the axis configuration in the device. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#005C Maximum speed/velocity (p1082): Either the parameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. Check the causes. Disable automatic transfer of the parameters in the device if you cannot eliminate the causes. Complete the required parameters in the axis configuration and reload the axis configuration in the device. 16#005D Maximum torque/force (p1520): Either the pa rameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. 16#005E Maximum torque/force (p1521): Either the pa rameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. 16#005F Fine resolution torque/force limiting (p1544): Ei ther the parameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. 16#0060 Nominal speed/velocity (p2000): Either the pa rameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. 16#0061 Nominal torque/force (p2003): Either the param eter does not exist or its value cannot be read or is outside the permitted limits. Reading of pa rameters has been aborted due to an error sig naled by the hardware. 16#8641 Error with automatic transfer of encoder parameters in the device 16#0030 Value has an incorrect number format or is out Correct the value. side the valid number range 16#0059 The device is not assigned to any SINAMICS drive unit or does not support the services re quired for the adaptation. 16#005A Automatic transfer of parameters canceled due to insufficient resources. 16#005B The parameters can only be automatically trans ferred when the device is connected directly to an I/O area. WinCC Advanced V14 System Manual, 10/2016 Disable automatic transfer of the parameters in the device. Complete the required parameters in the axis configuration and reload the axis configuration in the device. 6779 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0062 Encoder system (r0979[1/11].0): Either a pa rameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. Check the causes. Disable automatic transfer of the parameters in the device if you cannot eliminate the causes. Complete the required parameters in the axis configuration and reload the axis configuration in the device. 16#0063 Encoder resolution (r0979[2/12]): Either a pa rameter does not exist or its value cannot be read or is outside the permitted limits. Reading of parameters has been aborted due to an error signaled by the hardware. 16#0064 Encoder fine resolution Gx_XIST1 (r0979[3/13]): Either a parameter does not exist or its value cannot be read or is outside the per mitted limits. Reading of parameters has been aborted due to an error signaled by the hard ware. 16#0065 Encoder fine resolution Gx_XIST2 (r0979[4/14]): Either a parameter does not exist or its value cannot be read or is outside the per mitted limits. Reading of parameters has been aborted due to an error signaled by the hard ware. 16#0066 Number of determinable encoder revolutions (r0979[5/15]): Either a parameter does not exist or its value cannot be read or is outside the per mitted limits. Reading of parameters has been aborted due to an error signaled by the hard ware. 16#0067 1: Illegal value for Actor.MaxSpeed (Actor.Max Adjust values. Speed greater than 2*Actor.ReferenceSpeed) Remedy: set e.g. P2000 = P1082 in drive. 16#8642 Configuration is internally adapted 16#8643 Inconsistency between the configuration of the axis and the drive configuration 16#0068 The configured telegram type is not compatible with the telegram type on the device (P922 or P2079). Synchronize the telegram type in the configuration of the axis and in the configuration of the drive. 16#0069 A function module with linear motor is set in the drive. Set rotation motor in drive. 16#8644 Inconsistency between the configuration of the axis and the encoder configuration 16#0068 The configured telegram type is not compatible with the telegram type on the device (P922 or P2079). 16#006A The encoder on the drive is not an absolute en Synchronize the encoder type in the configuration coder (P979). of the axis and in the encoder configuration. 16#8645 The maximum velocity cannot be reached with the configured drive and axis parameters. 16#0001 16#8646 6780 Synchronize the telegram type in the configuration of the axis and in the configuration of the encoder. - Adapt drive or axis configuration and load configu ration in the device. Illegal value in Sensor.Interface.Number WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Correct the value and load configuration in the de side the valid number range vice. 16#8647 Remedy Simulation is not supported for PTO axes 16#0001 - Disable simulation Configuration error of the command table ErrorID ErrorInfo 16#8700 Description Remedy Value for "Command type" in the command table is invalid 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary 16#8701 Value for "Position / travel path" in the command table is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0006 Value is outside the number range (less than -1E+12) Correct the incorrect value online and restart the command, if necessary 16#8702 Value for "Velocity" in the command table is invalid 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0009 Value is less than the configured start/stop ve locity Correct the incorrect value online and restart the command, if necessary 16#8703 Value for "Duration" in the command table is invalid 16#0002 The value has an invalid number format 16#0021 Value is greater than 64800 s 16#0022 Value is less than 0.001 s 16#8704 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary Value for "Next step" in the command table is invalid 16#0011 The selection value is invalid 16#0023 The command transition is not permitted for this command Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary WinCC Advanced V14 System Manual, 10/2016 6781 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Internal errors ErrorID ErrorInfo Description 16#8FFF Remedy Internal error 16#F0** - POWER OFF and POWER ON the CPU If this does not work, contact Customer Support. Have the following information ready: ErrorID ErrorInfo Diagnostic buffer entries 13.2.11.9 Tags of the positioning axis technology object as of V6 (S7-1200) Position tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Position Setpoint position of the axis (indicated in the configured unit of measurement) If the axis is not homed, the tag indicates the position value relative to the enable position of the axis. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Motion status (Page 6742) Tags of the positioning axis technology object V4...5 (Page 6890) Tags of the command table technology object V1...3 (Page 6924) 6782 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Velocity tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Velocity Setpoint velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Motion status (Page 6742) Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) ActualPosition tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). WinCC Advanced V14 System Manual, 10/2016 6783 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.ActualPosition Actual position of the axis (indicated in the configured unit of measurement) If the axis is not homed, the tag indicates the position value relative to the enable position of the axis. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) ActualVelocity tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.ActualVelocity Actual velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Actuator tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable 6784 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Effective Access to the variable in the user program: R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". - The variable cannot be used in the user program. Specifies when a change to the variable takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <Axis name>.Actor.Type Drive connection Positioning axis technology object as of V5: 0 = The drive is connected via an analog output. All movements of the axis are position-controlled. 1 = The drive is connected via PROFIdrive telegrams. All movements of the axis are position-controlled. 2 = The drive is connected via a pulse interface. Positioning axis technology object V4: The drive is connected via a pulse interface. Data type Start value Access Effective HMI DInt 2 R - X <Axis name>.Actor.InverseDirection Invert direction FALSE = The direction is not inverted. TRUE = The direction is inverted. Data type Start value Access Effective HMI Bool FALSE R - X WP 2 - <Axis name>.Actor.DirectionMode Permitted direction of rotation 0 = Both directions 1 = Positive direction 2 = Negative direction Data type Start value Access Effective HMI Int 0 R - X WP 2 - WinCC Advanced V14 System Manual, 10/2016 6785 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Actor.DataAdaption Automatic transfer of drive parameters in the device 0 = Disabled 1 = Enabled Data type Start value Access Effective HMI DInt 0 R - X <AxisName>.Actor.Interface.AddressIn (Positioning axis technology object as of V5) Input address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <AxisName>.Actor.Interface.AddressOut (Positioning axis technology object as of V5) Output address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.EnableDriveOutput Enable output (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.DriveReadyInput Ready input (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.PTO Pulse output (internal parameter) Data type Start value Access Effective HMI DWord 0 - - - 6786 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <AxisName>.Actor.DriveParameter.ReferenceSpeed (Positioning axis technology object as of V5) Reference value (100%) for the setpoint speed of the drive (N-set) The setpoint speed is transmitted in the PROFIdrive telegram as a standardized value from -200% to 200% of the "Refer enceSpeed". For setpoint specification via an analog output, the analog output can be operated in the range from -117% to 117%, provided the drive permits this. Data type Start value Access Effective HMI Real 3000.0 R - X <AxisName>.Actor.DriveParameter.MaxSpeed (Positioning axis technology object as of V5) Maximum value for the setpoint speed of the drive (N-set) (PROFIdrive: MaxSpeed 2 x ReferenceSpeed Analog setpoint: MaxSpeed 1.17 x ReferenceSpeed) Data type Start value Access Effective HMI Real 3000.0 R - X <Axis name>.Actor.DriveParameter.PulsesPerDriveRevolution Pulses per motor revolution Data type Start value Access Effective HMI DInt 1000.0 R - X WP 2 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Sensor[1] tags (S7-1200) Sensor[1] tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". - The variable cannot be used in the user program. WinCC Advanced V14 System Manual, 10/2016 6787 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the variable takes effect: HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <axis name>.Sensor.Sensor[1].Type Encoder type (internal parameter) 0 = incremental 1 = Absolute Data type Start value Access Effective HMI DInt 0 R - - <axis name>.Sensor.Sensor[1].InverseDirection Inversion of the actual value FALSE: Actual value is not inverted TRUE: Actual value is inverted Data type Start value Access Effective HMI Bool FALSE R - X <axis name>.Sensor.Sensor[1].System Encoder system 0 = Linear encoder 1 = Rotary encoder Data type Start value Access Effective HMI DInt 1 R - X <axis name>.Sensor.Sensor[1].MountingMode Type of encoder mounting 0 = Drive end 2 = External Data type Start value Access Effective HMI DInt 0 R - X <axis name>.Sensor.Sensor[1].DataAdaption Automatic transfer of encoder parameters in the device 0 = Disabled 1 = Enabled Data type Start value Access Effective HMI DInt 0 R - X 6788 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Sensor[1].Interface tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: - The variable cannot be used in the user program. Effective Specifies when a change to the variable takes effect. HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <axis name>.Sensor.Sensor[1].Interface.Type Encoder connection (internal parameter) 0 = PROFIdrive encoder on PROFINET 1 = Encoder on technology module (TM) 2 = Encoder on drive 4 = Encoder on high-speed counter Data type Start value Access Effective HMI DInt 4 - - - <axis name>.Sensor.Sensor[1].Interface.AddressIn Input address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <axis name>.Sensor.Sensor[1].Interface.AddressOut Output address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <axis name>.Sensor.Sensor[1].Interface.HSC High-speed counter to which the encoder transfers the actual value (internal parameter) Data type Start value Access Effective HMI DWord - - - - WinCC Advanced V14 System Manual, 10/2016 6789 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.Sensor.Sensor[1].Interface.Number Encoder number Data type Start value Access Effective HMI UDInt 1 - - - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Sensor[1].Parameter tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the variable takes effect: HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <axis name>.Sensor.Sensor[1].Parameter.Resolution Resolution of a linear encoder (offset between two encoder pulses) Data type Start value Access Effective HMI Real 0.001 R - X <axis name>.Sensor.Sensor[1].Parameter.StepsPerRevolution Increments per rotary encoder revolution Data type Start value Access Effective HMI UDInt 2048 R - X <axis name>.Sensor.Sensor[1].Parameter.FineResolutionXist1 Number of bits for fine resolution Gn_XIST1 (cyclic actual encoder value) Data type Start value Access Effective HMI UDInt 11 R - X 6790 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.Sensor.Sensor[1].Parameter.FineResolutionXist2 Number of bits for fine resolution Gn_XIST2 (absolute value of the encoder) Data type Start value Access Effective HMI UDInt 9 R - X <axis name>.Sensor.Sensor[1].Parameter.DeterminableRevolutions Number of differentiable encoder revolutions for a multi-turn absolute value encoder (For a single-turn absolute value encoder = 1; for an incremental encoder = 0) Data type Start value Access Effective HMI UDInt 1 R - X <axis name>.Sensor.Sensor[1].Parameter.DistancePerRevolution Load distance per revolution of an externally mounted encoder Data type Start value Access Effective HMI Real 100.0 R - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Sensor[1].ActiveHoming tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: RW The variable can be read and written in the user program. The variable can be written with Motion Control instruction "MC_WriteParam". R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". - The variable cannot be used in the user program. WinCC Advanced V14 System Manual, 10/2016 6791 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the variable takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<axis name>.StatusBits.Activated variable changes from FALSE TRUE), disabled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 8 For drive connection via PTO (Pulse Train Output): When an active homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <axis name>.Sensor.Sensor[1].ActiveHoming.Mode Active homing mode Positioning axis technology object as of V5: 0 = Zero mark via PROFIdrive telegram (not PTO) 1 = Zero mark via PROFIdrive telegram and proximity switch (not PTO) 2 = Homing via digital input Positioning axis technology object V4: 2 = Homing via digital input Data type Start value Access Effective HMI DInt 2 R - X WP 2 - <axis name>.Sensor.Sensor[1].ActiveHoming.SideInput End of the homing switch to which the axis is homed during active homing FALSE = Lower end TRUE = Upper end Data type Start value Access Effective HMI Bool FALSE RW 1, 8, 10 X <axis name>.Sensor.Sensor[1].ActiveHoming.DigitalInputAddress Symbolic input address of the homing switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <axis name>.Sensor.Sensor[1].ActiveHoming.HomePositionOffset Home position offset (active homing) (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RW 1, 8, 10 X 6792 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.Sensor.Sensor[1].ActiveHoming.SwitchLevel Selection of signal level that is present at the CPU input when the homing switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool TRUE RW 1, 8, 10 X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Sensor[1].PassiveHoming tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: RW The variable can be read and written in the user program. The variable can be written with Motion Control instruction "MC_WriteParam". Effective R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". - The variable cannot be used in the user program. Specifies when a change to the variable takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<axis name>.StatusBits.Activated variable changes from FALSE TRUE), disabled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 7 For drive connection via PTO (Pulse Train Output): When a passive homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The variable can be used in an HMI system (according to the access to the variable in the user program). WinCC Advanced V14 System Manual, 10/2016 6793 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.Sensor.Sensor[1].PassiveHoming.Mode Passive homing mode Positioning axis technology object as of V5: 0 = Zero mark via PROFIdrive telegram (not PTO) 1 = Zero mark via PROFIdrive telegram and proximity switch (not PTO) 2 = Homing via digital input Positioning axis technology object V4: 2 = Homing via digital input Data type Start value Access Effective HMI DInt 2 R - X WP 2 - <axis name>.Sensor.Sensor[1].PassiveHoming.SideInput End of the homing switch to which the axis is homed during passive homing FALSE = Lower end TRUE = Upper end Data type Start value Access Effective HMI Bool FALSE RW 1, 7, 10 X <axis name>.Sensor.Sensor[1].PassiveHoming.DigitalInputAddress Symbolic input address of the homing switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <axis name>.Sensor.Sensor[1].PassiveHoming.SwitchLevel Selection of level that is present at the CPU input when the homing switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool TRUE RW 1, 7, 10 X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) 6794 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Units tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Units.LengthUnit Configured unit of measurement of the parameter -1 = "Pulse" 1005 = "" (degrees) 1013 = "mm" 1010 =: "m" 1018 = "ft" 1019 = "in" Data type Start value Access Effective HMI Int 1013 R - X WP 2 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Mechanics tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". WinCC Advanced V14 System Manual, 10/2016 6795 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Mechanics.LeadScrew Distance per revolution (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10.0 R - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Modulo tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Modulo.Enable Enable modulo FALSE = Modulo conversion deactivated TRUE = Modulo conversion activated When modulo conversion is enabled, a check is made for modulo length > 0.0 Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Modulo.Length Modulo length Data type Start value Access Effective HMI Real 360.0 R - X 6796 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Modulo.StartValue Modulo start value Data type Start value Access Effective HMI Real 0.0 R - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) DynamicLimits tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.DynamicLimits.MaxVelocity Maximum velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 250.0 R - X WP 2 - <Axis name>.DynamicLimits.MinVelocity Start/stop velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10.0 R - X WP 2 - WinCC Advanced V14 System Manual, 10/2016 6797 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) DynamicDefaults tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disabled, or enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): When a MC_MoveJog command is stopped 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.DynamicDefaults.Acceleration Acceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 48.0 RW 1, 5, 6, 10 X <Axis name>.DynamicDefaults.Deceleration Deceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 48.0 RW 1, 5, 6, 10 X 6798 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.DynamicDefaults.EmergencyDeceleration Emergency stop deceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 120.0 RW 1, 5, 6, 10 X <Axis name>.DynamicDefaults.Jerk Jerk during acceleration and deceleration ramp of the axis (indicated in the configured unit of measurement) The jerk is activated if the configured jerk is greater than 0.00004 mm/s. Data type Start value Access Effective HMI Real 192.0 RW 1, 5, 10 X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) PositionLimits_SW variables as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: RW The variable can be read and written in the user program. The variable can be written with Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the variable takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<axis name>.StatusBits.Activated variable changes from FALSE TRUE), disabled, or enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): When a MC_MoveJog command is stopped 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The variable can be used in an HMI system (according to the access to the variable in the user program). WinCC Advanced V14 System Manual, 10/2016 6799 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.PositionLimits_SW.Active Activation of the software limit switches FALSE = The software limit switches are deactivated. TRUE = The software limit switches are activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 5, 6, 10 X <axis name>.PositionLimits_SW.MinPosition Position of the low software limit switch (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real -10000.0 RW 1, 5, 6, 10 X <axis name>.PositionLimits_SW.MaxPosition Position of the high software limit switch (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10000.0 RW 1, 5, 6, 10 X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) PositionLimits_HW variables as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable The start value can be overwritten by the axis configuration. Access Access to the variable in the user program: RW The variable can be read and written in the user program. The variable can be written with Motion Control instruction "MC_WriteParam". 6800 R The variable can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the variable can be written with the Motion Control instruction "MC_WriteParam". - The variable cannot be used in the user program. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the variable takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<axis name>.StatusBits.Activated variable changes from FALSE TRUE), disabled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): When a MC_MoveJog command is stopped 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The variable can be used in an HMI system (according to the access to the variable in the user program). <axis name>.PositionLimits_HW.Active Activation of the hardware limit switches FALSE = The hardware limit switches are deactivated. TRUE = The hardware limit switches are activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 5, 6, 10 X <axis name>.PositionLimits_HW.MinSwitchLevel Selection of signal level that is present at the CPU input when the low hardware limit switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool FALSE R - X WP 2 - <axis name>.PositionLimits_HW.MinSwitchAddress Symbolic input address of the low hardware limit switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <axis name>.PositionLimits_HW.MaxSwitchLevel Selection of signal level that is present at the CPU input when the high hardware limit switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool FALSE R - X WP 2 - WinCC Advanced V14 System Manual, 10/2016 6801 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <axis name>.PositionLimits_HW.MaxSwitchAddress Input address of the high hardware limit switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Homing tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 8 For drive connection via PTO (Pulse Train Output): When an active homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Homing.AutoReversal Activation of auto reverse at the hardware limit switch during active homing FALSE = Auto reversal at the hardware limit switch is deactivated. TRUE = Auto reversal at the hardware limit switch is activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 8, 10 X 6802 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Homing.ApproachDirection Approach and homing direction of axis during active homing FALSE = Negative approach direction for finding the homing switch and negative homing direction TRUE = Positive approach direction for finding the homing switch and positive homing direction Data type Start value Access Effective HMI Bool TRUE RW 1, 8, 10 X <Axis name>.Homing.ApproachVelocity Approach velocity of the axis during active homing (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 200.0 RW 1, 8, 10 X <Axis name>.Homing.ReferencingVelocity Homing velocity of the axis during active homing (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 40.0 RW 1, 8, 10 X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) PositionControl tag as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). WinCC Advanced V14 System Manual, 10/2016 6803 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.PositionControl.Kv Proportional gain in the position control ("Kv" > 0.0) Data type Start value Access Effective HMI Real 10.0 R - X WP 10 - <Axis name>.PositionControl.Kpc Velocity precontrol of the position control as a percentage Data type Start value Access Effective HMI Real 100.0 R - X WP 10 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) FollowingError tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.FollowingError.EnableMonitoring Enable following error monitoring FALSE = Following error monitoring disabled TRUE = Following error monitoring enabled Data type Start value Access Effective HMI Bool TRUE R - X 6804 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.FollowingError.MinValue Permissible following error at velocities below the value of "MinVelocity". Data type Start value Access Effective HMI Real 10.0 R - X WP 10 - <Axis name>.FollowingError.MaxValue Maximum permissible following error which may be reached at the maximum velocity. Data type Start value Access Effective HMI Real 100.0 R - X WP 10 - <Axis name>.FollowingError.MinVelocity MinValue" is permissible below this velocity and is held constant. Data type Start value Access Effective HMI Real 10.0 R - X WP 10 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) PositionMonitoring tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). WinCC Advanced V14 System Manual, 10/2016 6805 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.PositioningMonitoring.ToleranceTime Tolerance time Maximum permitted duration from reaching velocity setpoint zero until entrance into the positioning window. Data type Start value Real 1.0 Access Effective HMI R - X WP 10 - Access Effective HMI <Axis name>.PositioningMonitoring.MinDwellTime Minimum dwell time in positioning window Data type Start value Real 0.1 R - X WP 10 - Access Effective HMI R - X WP 10 - <Axis name>.PositioningMonitoring.Window Positioning window Data type Start value Real 1.0 See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) StandstillSignal tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI 6806 The tag can be used in an HMI system (according to the access to the tag in the user program). WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StandstillSignal.VelocityThreshold Velocity threshold If velocity is below this threshold, then the minimum dwell time begins. Data type Start value Access Effective HMI Real 5.0 R - X WP 10 - <Axis name>.StandstillSignal..MinDwellTime Minimum dwell time Data type Start value Access Effective HMI Real 0.01 R - X WP 10 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Simulation tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: R The tag can be read in the user program. WP For drive connection via PTO (Pulse Train Output): If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". WD BL Effective The tag can be written to the start value in the load memory with the extended instruction "WRIT_DBL". Specifies when a change to the tag takes effect. 9 HMI For drive connection via PROFIdrive/analog output: With the restart of the technology object The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Simulation.Mode Simulation mode 0: No simulation, normal operation 1: Simulation mode In simulation mode, you can simulate axes without a real drive in the CPU. Data type WinCC Advanced V14 System Manual, 10/2016 Start value Access Effective HMI 6807 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Simulation.Mode DInt 0 R - X WP 2 - WDBL 9 - See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) StatusPositioning tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.StatusPositioning.Distance Current distance of axis from target position (indicated in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute", "MC_MoveRelative", or the axis control panel. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X <Axis name>.StatusPositioning.TargetPosition Target position of the axis (indicated in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute", "MC_MoveRelative", or the axis control panel. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X 6808 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <AxisName>.StatusPositioning.FollowingError (Positioning axis technology object as of V5) Current following error of the axis (indicated in the configured unit of measurement) FollowingError = 0.0 for drive connection via PTO (Pulse Train Output). Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) StatusDrive tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.StatusDrive.InOperation Operational status of the drive FALSE = Drive not ready. Setpoints will not be executed. TRUE = Drive ready. Setpoints can be executed. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusDrive.CommunicationOK Cyclic BUS communication between controller and drive FALSE = Communication not established TRUE = Communication established Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6809 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) StatusSensor tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.StatusSensor.State Status of the encoder value 0 = Invalid 1 = Wait for status valid 2 = Valid Data type Start value Access Effective HMI DInt 0 RCCP, RP - X <Axis name>.StatusSensor.CommunicationOK Cyclic BUS communication between controller and encoder FALSE = Communication not established TRUE = Communication established Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusSensor.AbsEncoderOffset Home point offset to the value of an absolute value encoder. The value will be retentively stored in the CPU. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X 6810 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) StatusBits tags as of V6 (S7-1200) Legend Data type Data type of variable Start value Start value of variable Access Access to the variable in the user program: RCC The variable can be read in the user program and is updated at each cycle control point. P RP The variable can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding variables is determined at the start of the command. Effective Specifies when a change to the variable takes effect. HMI The variable can be used in an HMI system. <Axis name>.StatusBits.Activated Activation of the axis FALSE = The axis is not activated. TRUE = The axis is activated. It is connected to the assigned PTO (Pulse Train Output). The data of the technology data block will be updated cyclically. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Enable Enable status of the axis FALSE = The axis is not enabled. TRUE = The axis is enabled and ready to accept Motion Control commands. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HomingDone Homing status of the axis FALSE = The axis is not homed. TRUE = The axis is homed and is capable of executing absolute positioning commands. The axis does not have to be homed for relative positioning. The status is FALSE during active homing. The status remains TRUE during passive homing if the axis was already homed beforehand. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6811 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.Done Command execution on the axis FALSE = A Motion Control command is active on the axis. TRUE = A Motion Control command is not active on the axis. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Error Error status on the axis FALSE = No error is active on the axis. TRUE = An error occurred on the axis. Additional information about the error is available in automatic control at the "ErrorID" and "ErrorInfo" parameters of the Motion Control instructions. In manual mode, the "Error message" box of the axis control panel displays detailed information about the cause of error. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.StandStill Standstill of the axis FALSE = The axis is in motion. TRUE = The axis is at a standstill. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.PositioningCommand Execution of a positioning command FALSE = A positioning command is not active on the axis. TRUE = The axis is executing a positioning command of the "MC_MoveRelative" or MC_MoveAbsolute Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.VelocityCommand Execution of a command with velocity specification FALSE = A command with velocity specification is not active on the axis. TRUE = The axis is executing a motion command with velocity specification of the "MC_MoveVelocity" or MC_MoveJog Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X 6812 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.HomingCommand Execution of a homing command FALSE = A homing command is not active on the axis. TRUE = The axis is executing a homing command of the "MC_Home" Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.CommandTableActive Execution of a command table FALSE = A command table is not active on the axis. TRUE = The axis is controlled by "MC_CommandTable" Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.ConstantVelocity Constant velocity FALSE = The axis is accelerating, decelerating, or at a standstill. TRUE = The setpoint velocity has been reached. The axis is moving at constant velocity. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Accelerating Acceleration process FALSE = The axis is decelerating, moving at constant velocity, or at a standstill. TRUE = The axis is accelerating. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Decelerating Deceleration process FALSE = The axis is accelerating, moving at constant velocity, or at a standstill. TRUE = The axis is decelerating. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6813 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.ControlPanelActive Activation status of the axis control panel FALSE = "Automatic mode" is activated. The user program has control priority over the axis. TRUE = The "Manual control" mode was enabled in the axis control panel. The axis control panel has control priority over the axis. The axis cannot be controlled from the user program. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.DriveReady Operational status of the drive FALSE = The drive is not ready. Setpoints will not be executed. TRUE = The drive is ready. Setpoints can be executed. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.RestartRequired Restart of axis required FALSE = A restart of the axis is not required. TRUE = Values were modified in the load memory. To download the values to the work memory while the CPU is in RUN mode, the axis must be restarted. Use the MC_Reset Motion Control instruction to do this. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.SWLimitMinActive Status of the low software limit switch FALSE = The axis is kept within its configured work area. TRUE = The low software limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.SWLimitMaxActive Status of the high software limit switch FALSE = The axis is kept within its configured work area. TRUE = The high software limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X 6814 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.HWLimitMinActive Status of the low hardware limit switch FALSE = The axis is kept within its configured permitted traversing range. TRUE = The low hardware limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HWLimitMaxActive Status of the high hardware limit switch FALSE = The axis is kept within its configured permitted traversing range. TRUE = The high hardware limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <axis name>.StatusBits.AxisSimulation Simulation enabled FALSE = Simulation is disabled TRUE = Simulation is enabled Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <axis name>.StatusBits.NonPositionControlled Position control enabled FALSE = The axis is not in position-controlled mode. TRUE = The axis is in position-controlled mode. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) ErrorBits tags as of V6 (S7-1200) Legend Data type Data type of tag Start value Start value of tag WinCC Advanced V14 System Manual, 10/2016 6815 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.ErrorBits.SystemFault Internal system error Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.ConfigFault Incorrect configuration of the axis Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.DriveFault Error in the drive. Loss of the "Drive ready" signal. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.SWLimit Software limit switch reached or exceeded Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.HWLimit Hardware limit switch reached or exceeded Data type Start value Access Effective HMI Bool FALSE RCCP - X <Axis name>.ErrorBits.DirectionFault Impermissible motion direction Data type Start value Access Effective HMI Bool FALSE RCCP, RP, RP - X 6816 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.ErrorBits.HWUsed Another axis is using the same PTO (Pulse Train Output) and is enabled with "MC_Power". Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <AxisName>.ErrorBits.SensorFault (Positioning axis technology object as of V5) Error in the encoder system Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.CommunicationFault (Positioning axis technology object as of V5) Communication error Error in communication with a connected device. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.FollowingErrorFault (Positioning axis technology object as of V5) Maximum permitted following error exceeded Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.PositioningFault (Positioning axis technology object as of V5) Positioning error The axis was not correctly positioned at the end of a positioning motion. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) ControlPanel tags as of V6 (S7-1200) The "ControlPanel" tags do not contain any user-relevant data. These tags cannot be accessed in the user program. See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) WinCC Advanced V14 System Manual, 10/2016 6817 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Internal tags as of V6 (S7-1200) The "Internal" tags do not contain any user-relevant data. These tags cannot be accessed in the user program. See also Tags of the positioning axis technology object V4...5 (Page 6890) Tag of the axis technology object V1...3 (Page 6874) Update of the technology object tags (S7-1200) The status and error information of the axis indicated in the technology object tags is updated at each cycle control point. Changes to the values of configuration tags do not take effect immediately. For information on the conditions under which a change takes effect, refer to the detailed description of the relevant tag. 13.2.11.10 Versions V1...5 (S7-1200) CPU outputs relevant for motion control (technology version V1...3) (S7-1200) The number of usable drives depends on the CPU, the number of PTOs (pulse train outputs) and the number of available pulse generator outputs. The following tables provide information about the relevant dependencies: Maximum number of PTOs The maximum number of controllable PTOs (drives) depends on the article number of the CPU: CPU article number Number of PTOs xxxxxxx-1xx30-xxxx 2 xxxxxxx-1xx31-xxxx 4 The maximum number of controllable PTOs (drives) applies regardless of the use of a signal board. Usable pulse generator outputs The CPU provides one pulse output and one direction output for controlling a stepper motor drive or a servo motor drive with pulse interface. The pulse output provides the drive with the pulses required for motor motion. The direction output controls the travel direction of the drive. Pulse and direction outputs are permanently assigned to one another and form a pulse generator output. Onboard CPU outputs or outputs of a signal board can be used as pulse generator outputs. You select between onboard CPU outputs and outputs of the signal board during device configuration under Pulse generators (PTO/PWM) on the "Properties" tab. 6818 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The following table shows the number of usable drives per CPU or signal board: CPU Onboard Signal board DI2/DO2 x DC24V 20kHz DI2/DO2 x DC24V 200kHz DO4 x DC24V 200kHz DI2/DO2 x DC5V 200kHz DO4 x DC5V 200kHz CPU 1211C, CPU 1212C, CPU 1214C DC/DC/ DC 2 2 2 2 2 2 (MLFB - article number AC/DC/ RLY - 1 1 2 1 2 DC/DC/ RLY - 1 1 2 1 2 DC/DC/ DC 2 3 3 4 3 4 AC/DC/ RLY - 1 1 2 1 2 DC/DC/ RLY - 1 1 2 1 2 DC/DC/ DC 3 4 4 4 4 4 AC/DC/ RLY - 1 1 2 1 2 DC/DC/ RLY - 1 1 2 1 2 DC/DC/ DC 4 4 4 4 4 4 AC/DC/ RLY - 1 1 2 1 2 DC/DC/ RLY - 1 1 2 1 2 DC/DC/ DC 4 4 4 4 4 4 AC/DC/ RLY - 1 1 2 1 2 DC/DC/ RLY - 1 1 2 1 2 xxxxxxx-1xx30-xxxx) CPU 1211C (MLFB - article number xxxxxxx-1xx31-xxxx) CPU 1212C (MLFB - article number xxxxxxx-1xx31-xxxx) CPU 1214C (MLFB - article number xxxxxxx-1xx31-xxxx) CPU 1215C The following table shows the address assignment of the pulse and direction outputs: CPU S7-1200 CPU 1211C, CPU CPU 1212C, Signal CPU 1214C, board CPU1215C (DC/DC/DC) WinCC Advanced V14 System Manual, 10/2016 PTO1 outputs 1 PTO2 outputs 2 PTO3 outputs 1 PTO4 outputs 2 Pls. Dir. Pls. Dir. Pls. Dir. Pls. Dir. Ax.0 Ax.1 Ax.2 Ax.3 Ax.4 Ax.5 Ax.6 Ax.7 Ay.0 Ay.1 Ay.2 Ay.3 Ay.0 Ay.1 Ay.2 Ay.3 6819 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) CPU S7-1200 CPU 1211C, CPU CPU 1212C, Signal CPU 1214C, board CPU 1215C (AC/DC/ RLY) CPU 1211C, CPU CPU 1212C, Signal CPU 1214C, board CPU 1215C (DC/DC/ RLY) PTO1 outputs 1 PTO2 outputs 2 PTO3 outputs 1 PTO4 outputs 2 Pls. Pls. Pls. Pls. Dir. Dir. Dir. Dir. - - - - - - - - Ay.0 Ay.1 Ay.2 Ay.3 Ay.0 Ay.1 Ay.2 Ay.3 - - - - - - - - Ay.0 Ay.1 Ay.2 Ay.3 Ay.0 Ay.1 Ay.2 Ay.3 x = Initial byte address of onboard CPU outputs (default value = 0) y = Initial byte address of signal board outputs (default value = 4) If a DC/DC/DC CPU variant is used together with a DI2/DO2 signal board, the signals of the PTO1/3 can be generated via the onboard CPU outputs or via the signal board. 1 If a DC/DC/DC CPU variant is used together with a DO4 signal board, the signals for PTO1/3 or PTO2/4 can be generated via the onboard CPU outputs or via the signal board. 2 PTO3 and PTO4 are only available for CPUs with the article numbers xxxxxxx-1xx31-xxxx. Note Access to pulse generator outputs via the process image The firmware takes control via the corresponding pulse generator outputs if the PTO (Pulse Train Output) is selected and assigned to an axis. With this takeover of the control function, the connection between the process image and I/O output is also disconnected. Although the user has the option of writing the process image of pulse generator outputs via the user program or watch table, this is not transferred to the I/O output. Accordingly, it is also not possible to monitor the I/O output via the user program or watch table. The information read reflects the value of the process image and does not match the real status of the I/O output. For all other CPU outputs that are not used permanently by the CPU firmware, the status of the I/O output can be controlled or monitored via the process image, as usual. 6820 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Limit frequencies of pulse outputs The following limit frequencies apply to the pulse outputs: Pulse output Limit frequencies for technolo Limiting frequencies of gy object positioning axis V1 the technology object positioning axis V2/V3 with CPU < V3.0 Limiting frequencies of the tech nology object positioning axis V2/V3 with CPU V3.0 On-board (MLFB article number xxxxxxx-1xx30-xxxx) 2 Hz f 100 kHz 1 Hz f 100 kHz On-board (MLFB - article num ber xxxxxxx-1xx31xxxx) 2 Hz f 100 kHz (PTO 1+2) 2 Hz f 100 kHz 2 Hz f 20 kHz (PTO 3+4) (PTO 1+2) 1 Hz f 100 kHz (PTO 1+2) Signal board DI2/DO2 x DC24V 20kHz 2 Hz f 20 kHz 2 Hz f 20 kHz 1 Hz f 20 kHz Signal board DI2/DO2 x DC24V 200kHz 2 Hz f 100 kHz 2 Hz f 200 kHz 1 Hz f 200 kHz Signal board DO4 x DC24V 200kHz 2 Hz f 100 kHz 2 Hz f 200 kHz 1 Hz f 200 kHz Signal board DI2/DO2 x DC5V 200kHz 2 Hz f 100 kHz 2 Hz f 200 kHz 1 Hz f 200 kHz Signal board DO4 x DC5V 200kHz 2 Hz f 100 kHz 2 Hz f 200 kHz 1 Hz f 200 kHz 2 Hz f 100 kHz 2 Hz f 20 kHz (PTO 3+4) 1 Hz f 20 kHz (PTO 3+4) Drive signals For motion control, you can optionally parameterize a drive interface for "Drive enabled" and "Drive ready". When using the drive interface the digital output for the drive enable and the digital input for "drive ready" can be freely selected. Acceleration/deceleration limits The following limits apply to acceleration and deceleration: Acceleration/deceleration Value (CPU < V3.0) Value (CPU V3.0) Minimum acceleration/deceleration 2.8E-1 pulses/s 2 5.0E-3 pulses/s2 Maximum acceleration/deceleration 9.5E+9 pulses/s2 9.5E+9 pulses/s2 Jerk limits The following limits apply to the jerk: Jerk WinCC Advanced V14 System Manual, 10/2016 Value (CPU < V3.0) Value (CPU V3.0) Minimum jerk 4.0E-2 pulses/s3 4.0E-3 pulses/s3 Maximum jerk 1.5E+8 pulses/s 1.0E+10 pulses/s3 3 6821 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also CPU outputs relevant for motion control (Page 6597) Configuration dialogs (S7-1200) V1...3 (S7-1200) Configuration - General ("Axis" technology object V1...3) (S7-1200) Configure the basic properties of the "Axis" technology object in the "General" configuration window. Axis name: Define the name of the axis or the name of the "Axis" technology object in this box. The technology object is listed under this name in the project navigation. Hardware interface The pulses are output to the power unit of the drive by fixed assigned digital outputs. In CPUs with relay outputs, the pulse signal cannot be output on these outputs because the relays do not support the necessary switching frequencies. A signal board with digital outputs must be used to enable you to work with the PTO (Pulse Train Output) on these CPUs. Note The PTO requires the functionality of a fast counter (HSC). An HSC is used for this purpose with CPU version <V3.0. The HSC is then no longer available to the user. An internal HSC is used for this with CPU version V3.0. The count can not be evaluated from its input address. The assignment between PTO and HSC is fixed. When the user activates PTO1, it is connected to the HSC1. If the PTO2 is activated, this is connected with the HSC2. In the "Pulse generator selection" drop-down list, select the PTO (Pulse Train Output) which is to provide the pulses for controlling the stepper motors or servo motors with pulse interface. If the pulse generators and high-speed counters are not used elsewhere in the device configuration, the hardware interface can be configured automatically. In this case, the PTO selected in the drop-down list is displayed with a white background. The interfaces used are listed in the output boxes "Output source", "Pulse output", "Direction output" and "Assigned fast counter". 6822 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Proceed as follows if you wish to change the interfaces or if the PTO could not be automatically configured (entry in the "Pulse generator selection" drop-down list is highlighted in red): 1. Click on the "Device configuration" button. The pulse generator device configuration opens. Enlarge the property window of the device configuration if the configuration of the pulse generator is not visible. 2. Select the "Enable this pulse generator" check box. 3. Select the "Parameter assignment" entry in the area navigation. The "Parameter assignment" opens. 4. In the "Pulse generator as:" dropdown list select the "PTO" entry. 5. In the "Output source:" dropdown list select the "Integrated CPU output" or "Signal board output" entry. The "Signal board output" entry can only be selected for PTO1 or for PTO1 and PTO2 depending on the installed signal board. For more detailed information, see section: CPU outputs relevant for motion control (Page 6597) 6. Go back to the axis configuration. Unless the corresponding fast counter has already been used elsewhere, the PTO boxes of the "General" axis configuration are not shaded red. If this is not the case, correct the configuration based on the error messages. WinCC Advanced V14 System Manual, 10/2016 6823 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) User unit Select the desired unit for the dimension system of the axis in the dropdown list. The selected unit is used for additional configuration of the "Axis" technology object and for displaying the current axis data. The values at the input parameters (Position, Distance, Velocity, ...) of the Motion Control instructions also refer to this unit. Note Later changing of the dimension system may not be converted correctly in all the configuration windows of the technology object. In this case check the configuration of all axis parameters. The values of the input parameters of the Motion Control instructions may have to be adapted to the new unit of measurement in the user program. See also Configuration - General (Page 6638) Configuration - Homing ("Axis" technology object V1) (S7-1200) Configure the parameters for active and passive homing in the "Homing" configuration window. The homing method is set using the "Mode" input parameter of the Motion Control instruction. Here, Mode = 2 means passive homing and Mode = 3 means active homing. Reference point switch input Select the digital input for the reference point switch from the drop-down list. The input must be interrupt-capable. The onboard CPU inputs and the inputs of an inserted signal board can be selected as inputs for the reference point switch. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a reference point switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the reference point switch, the reference point may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the reference point switch. Permitting direction reversal after reaching the HW limit switch (active homing only) Activate the check box to use the hardware limit switch as a reversing cam for the homing procedure. The hardware limit switches must be activated for direction reversal. If the CPU firmware V1.0 is used, both hardware limit switches must be configured. If CPU firmware as of V2.0 is used, only the hardware limit switch in the approach direction must be configured. 6824 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) If the hardware limit switch is reached during active homing, the axis brakes at the configured deceleration (not with the emergency stop deceleration) and reverses direction. The reference point switch is then sensed in reverse direction. If the direction reversal is not active and the axis reaches the hardware limit switch during active homing, the homing procedure is aborted with an error and the axis is braked at the emergency stop deceleration. Note Use one of the following measures to ensure that the machine does not travel to a mechanical endstop in the event of a direction reversal: Keep the approach velocity low Increase the configured acceleration/deceleration Increase the distance between hardware limit switch and mechanical stop Approach / homing direction (active and passive homing) With the direction selection, you determine the "approach direction" used during active homing to search for the reference point switch, as well as the homing direction. The homing direction specifies the travel direction the axis uses to approach the configured end of the reference point switch to carry out the homing operation. Refer to the table under "Reference point switches" for the effect of the approach direction setting on passive homing. Side of the reference point switch (active and passive homing) Active homing This is where you select whether the axis is homed on the low or high end of the reference point switch. Note Depending on the start position of the axis and the configuration of the homing parameters, the homing procedure sequence can differ from the diagram in the configuration window. Passive homing With passive homing, the traversing motions for purposes of homing must be implemented by the user via motion commands. The end of the reference point switch on which homing occurs depends on the following factors: - "Approach direction" configuration - "Reference point switch" configuration - Current travel direction during passive homing The table below presents details on the effect of factors: WinCC Advanced V14 System Manual, 10/2016 6825 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Influencing factors: Configuration Configuration Approach direction Reference point switch Positive "Bottom side" Positive "Top side" Negative Negative "Bottom side" "Top side" Result: Current travel direction Homing on Reference point switch Positive direction Top side Negative direction Bottom side Positive direction Bottom side Negative direction Top side Positive direction Bottom side Negative direction Top side Positive direction Top side Negative direction Bottom side Velocity (active homing only) In this box, specify the velocity at which the reference point switch is to be searched for during the homing procedure. Limits (independent of the selected unit of measurement): Start/stop velocity approach velocity maximum velocity Homing velocity (active homing only) In this box, specify the velocity at which the axis approaches the reference point switch for homing. Limits (independent of the selected unit of measurement): Start/stop velocity Homing velocity Maximum velocity Home position offset (active homing only) If the desired home position deviates from the position of the reference point switch, the home position offset can be specified in this box. If the value does not equal 0, the axis executes the following actions following homing at the reference point switch: 1. Move the axis at the homing velocity by the value of the home position offset 2. Upon reaching the "home position offset", the axis is at the home position that was specified in input parameter "Position" of the "MC_Home" Motion Control instruction. Limits (independent of the selected unit of measurement): -1.0e12 home position offset 1.0e12 6826 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Configuration - Homing ("Axis" technology object V2...3) (S7-1200) Configuration - Homing - General (Axis technology object V2...3) (S7-1200) Configure the reference point switch input for active and passive homing in the "Homing General" configuration window. Reference point switch input Select the digital input for the homing switch from the drop-down list. The input must be interrupt-capable. The on-board CPU inputs and the inputs of an inserted signal board can be selected as inputs for the homing switch. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a homing switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the homing switch, the home position may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the homing switch. Active level In the drop-list, select the level of the homing switch that is to be used for homing. See also Sequence - Active homing (Page 6669) Configuration - Homing - Passive (Axis technology object V2...3) (S7-1200) Configure the necessary parameters for passive homing in the "Homing - Passive" configuration window. The movement for passive homing must be triggered by the user (e.g. using an axis motion command). Passive homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 2. WinCC Advanced V14 System Manual, 10/2016 6827 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Side of the homing switch This is where you select whether the axis is to be homed on the low or high end of the homing switch. Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Note If passive homing is carried out without an axis motion command (axis at a standstill), homing will be executed upon the next rising or falling edge at the homing switch. Configuration - Homing - Active (Axis technology object V2...3) (S7-1200) Configure the necessary parameters for active homing in the "Active homing" configuration window. Active homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 3. Permit auto reverse at the hardware limit switch Activate the check box to use the hardware limit switch as a reversing cam for the homing procedure. The hardware limit switches must be enabled for the reversal of direction (at least the hardware limit switch in the direction of approach must be configured). If the hardware limit switch is reached during active homing, the axis brakes at the configured deceleration (not with the emergency stop deceleration) and reverses direction. The homing switch is then sensed in reverse direction. If the direction reversal is not active and the axis reaches the hardware limit switch during active homing, the homing procedure is aborted with an error and the axis is braked at the emergency stop deceleration. Note If possible, use one of the following measures to ensure that the machine does not travel to a mechanical endstop in the event of a direction reversal: Keep the approach velocity low. Increase the configured acceleration/deceleration. Increase the distance between the hardware limit switch and the mechanical endstop. Approach/homing direction With the direction selection, you determine the approach direction used during active homing to search for the homing switch, as well as the homing direction. The homing direction specifies the travel direction the axis uses to approach the configured end of the homing switch to carry out the homing operation. 6828 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Side of the homing switch This is where you select whether the axis is to be homed on the low or high end of the homing switch. Velocity In this box, specify the velocity at which the homing switch is to be searched for during the homing procedure. Limits (independent of the selected unit of measurement): Start/stop velocity approach velocity maximum velocity Homing velocity In this box, specify the velocity at which the reference point switch is to be approached for homing. Limits (independent of the selected unit of measurement): Start/stop velocity Homing velocity Maximum velocity Home position offset If the desired home position deviates from the position of the homing switch, the home position offset can be specified in this box. If the value does not equal 0, the axis executes the following actions following homing at the homing switch: 1. Move the axis at the homing velocity by the value of the home position offset 2. Upon reaching the "home position offset", the axis is at the home position that was specified in input parameter "Position" of the "MC_Home" Motion Control instruction. Limits (independent of the selected unit of measurement): -1.0e12 home position offset 1.0e12 Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Changing configuration of dynamic values in user program ("Axis" technology object V1...3) (S7-1200) You can change the following configuration parameters during runtime of the user program in the CPU: WinCC Advanced V14 System Manual, 10/2016 6829 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Acceleration and deceleration You can also change the values for acceleration and deceleration during runtime of the user program. Use the following technology object tags for this purpose: <Axis name>.Config.DynamicDefaults.Acceleration for changing acceleration <Axis name>.Config.DynamicDefaults.Deceleration for changing deceleration Refer to the description of the technology object tags (Page 6874) in the appendix for information on when changes to the configuration parameters take effect. Emergency stop deceleration You can also change the value for the emergency stop deceleration during runtime of the user program. Use the following technology object tag for this purpose: <Axis name>.Config.DynamicDefaults.EmergencyDeceleration Refer to the description of the technology object tags in the appendix for information on when changes to the configuration parameter take effect. NOTICE After changes to this parameter, it may be necessary to adapt the positions of the hardware limit switches and other safety-relevant settings. Jerk limit (as of technology object "Axis" V2.0) You can also activate and deactivate the jerk limit at runtime of the user program and change the value for the jerk. Use the following technology object tags for this purpose: <Axis name>.Config.DynamicDefaults.JerkActive for activating and deactivating the jerk limit <Axis name>.Config.DynamicDefaults.Jerk for changing the jerk Refer to the description of the technology object tags in the appendix for information on when changes to the configuration parameter take effect. See also Changing the configuration of dynamics in the user program (Page 6663) V4 (S7-1200) Configuration - General (positioning axis technology object as of V4) (S7-1200) Configure the basic properties of the positioning axis technology object in the "General" configuration window. 6830 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Axis name Define the name of the axis or the name of the positioning axis technology object in this field. The technology object is listed under this name in the project tree. Hardware interface The pulses are output to the power unit of the drive by fixed assigned digital outputs. In CPUs with relay outputs, the pulse signal cannot be output on these outputs because the relays do not support the necessary switching frequencies. A signal board with digital outputs must be used to enable you to work with the PTO (Pulse Train Output) on these CPUs. Note The PTO requires the functionality of a high-speed counter (HSC). An internal HSC is used for this, the count of which cannot be evaluated. Selecting the pulse generator In the drop-down list, select the PTO (Pulse Train Output) which is to provide the pulses for controlling the stepper motors or servo motors with pulse interface. If the pulse generators and high-speed counters are not used elsewhere in the device configuration, the hardware interface can be configured automatically. In this case, the PTO selected in the drop-down list is displayed with a white background. "Device configuration" button This button takes you to the settings for the pulse options in the device configuration of the CPU. Signal type Select the desired signal type in the drop-down list. The following signal types are available: PTO (pulse A and direction B) A pulse output and a direction output are used for controlling the stepper motor. PTO (count up A, count down B) One pulse output each for motion in positive direction and negative direction is used for controlling the stepper motor. PTO (A/B phase offset) Both pulse outputs for Phase A and for Phase B run at the same frequency. The period of the pulse outputs is evaluated at the drive end as a step. The phase offset between Phase A and Phase B determines the direction of the motion. PTO (A/B phase offset - quadruple) Both pulse outputs for Phase A and for Phase B run at the same frequency. All positive edges and all negative edges of Phase A and Phase B are evaluated as a step at the drive end. The phase offset between Phase A and Phase B determines the direction of the motion. WinCC Advanced V14 System Manual, 10/2016 6831 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Pulse output (signal type "PTO (pulse A and direction B)") Select the desired output for the pulse output in this field. You can select the output using a symbolic address or assign it to an absolute address. Activate direction output (signal type "PTO (pulse A and direction B)") You can deactivate and activate the direction output in "pulse and direction" mode. This option enables you to limit the motion direction. Direction output (signal type "PTO (pulse A and direction B)") Select the desired output for the direction output in this field. You can select the output using a symbolic address or assign it to an absolute address. Pulse output up (signal type "PTO (count up A, count down B)") Select the desired pulse output for motions in positive direction in this field. You can select the output using a symbolic address or assign it to an absolute address. Pulse output down (signal type "PTO (count up A, count down B)") Select the desired pulse output for motions in negative direction in this field. You can select the output using a symbolic address or assign it to an absolute address. Phase A (signal types "PTO (A/B phase offset)" and "PTO (A/B phase offset - quadruple)") Select the desired pulse output for Phase A signals in this field. You can select the output using a symbolic address or assign it to an absolute address. Phase B (signal types "PTO (A/B phase offset)" and "PTO (A/B phase offset - quadruple)") Select the desired pulse output for Phase B signals in this field. You can select the output using a symbolic address or assign it to an absolute address. User unit Select the desired unit for the dimension system of the axis in the drop-down list. The selected unit is used for further configuration of the positioning axis technology object and for displaying the current axis data. 6832 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) The values at the input parameters (Position, Distance, Velocity, ...) of the Motion Control instructions also refer to this unit. Note Later changing of the dimension system may not be converted correctly in all the configuration windows of the technology object. In this case check the configuration of all axis parameters. The values of the input parameters of the Motion Control instructions may have to be adapted to the new unit of measurement in the user program. Configuration - Drive signals (positioning axis technology object V4) (S7-1200) Configure the output for drive enable and the input for the "Drive ready" feedback signal of the drive in the "Drive signals" configuration window. Drive enable is controlled by Motion Control instruction "MC_Power" and enables power to the drive. The signal is provided to the drive via the output to be configured. The drive signals "Drive ready" to the CPU if it is ready to start executing travel after receipt of drive enable. The "Drive ready" signal is reported back to the CPU via the input to be configured. If the drive does not have any interfaces of this type, you will not have to configure the parameters. In this case, select the value TRUE for the ready input. See also Configuration - Mechanics (positioning axis technology object V4) (Page 6833) Position limits (Page 6652) Dynamics (Page 6657) Homing (positioning axis technology object as of V2) (Page 6665) Configuration - Mechanics (positioning axis technology object V4) (S7-1200) Configure the mechanical properties of the drive in the "Mechanics" configuration window. Increments per motor revolution Configure the number of pulses required for one revolution of the motor in this box. Limits (independent of the selected unit of measurement): 0 < Pulse per motor revolution 2147483647 Distance per revolution In this box, configure the load distance per motor revolution covered by the mechanical system of your unit. WinCC Advanced V14 System Manual, 10/2016 6833 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Limits (independent of the selected unit of measurement): 0.0 < Distance per revolution 1.0e12 Permitted direction of rotation (technology version as of V4) Configure this box to determine whether the mechanics of your system are to move in both directions or only in the positive or negative direction. If you have not activated the direction output of the pulse generator in the "PTO (pulse A and direction B)" mode, the selection is limited to the positive or negative direction. Invert direction You can use the "Invert direction" check box to adapt the control system to the direction logic of the drive. The direction logic is inverted according to the selected mode of the pulse generator: PTO (pulse A and direction B) - 0 V at direction output positive direction of rotation - 5 V/24 V at direction output negative direction of rotation The specified voltage depends on the hardware used. The indicated values do not apply to the differential outputs of CPU 1217. PTO (count up A, count down B) The outputs "Pulse output down" and "Pulse output up" are swapped. PTO (A/B phase offset) The "Phase A" and "Phase B" outputs are swapped. "PTO (A/B phase offset - quadruple) The "Phase A" and "Phase B" outputs are swapped. See also Configuration - Drive signals (positioning axis technology object V4) (Page 6833) Relationship between the signal type and the direction of travel (Page 6600) Position limits (Page 6652) Dynamics (Page 6657) Homing (positioning axis technology object as of V2) (Page 6665) Configuration - Homing - Passive (Positioning axis technology object V4) (S7-1200) Configure the necessary parameters for passive homing in the "Homing - Passive" configuration window. The movement for passive homing must be triggered by the user (e.g. using an axis motion command). Passive homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 2. 6834 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Homing switch input Select the digital input for the homing switch from the drop-down list. The input must be interrupt-capable. The on-board CPU inputs and the inputs of an inserted signal board can be selected as inputs for the homing switch. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a homing switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the homing switch, the home position may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the homing switch. Active level In the drop-list, select the level of the homing switch that is to be used for homing. Side of the homing switch This is where you select whether the axis is to be homed on the low or high end of the homing switch. Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Note If passive homing is carried out without an axis motion command (axis at a standstill), homing will be executed upon the next rising or falling edge at the homing switch. Configuration - Homing - Active (Positioning axis technology object V4) (S7-1200) Configure the necessary parameters for active homing in the "Active homing" configuration window. Active homing is started using Motion Control instruction "MC_Home" with input parameter "Mode" = 3. WinCC Advanced V14 System Manual, 10/2016 6835 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Homing switch input Select the digital input for the homing switch from the drop-down list. The input must be interrupt-capable. The on-board CPU inputs and the inputs of an inserted signal board can be selected as inputs for the homing switch. Note The digital inputs are set to a filter time of 6.4 ms by default. When the digital inputs are used as a homing switch, this can result in undesired decelerations and thus inaccuracies. Depending on the homing velocity and extent of the homing switch, the home position may not be detected. The filter time can be set under "Input filter" in the device configuration of the digital inputs. The specified filter time must be less than the duration of the input signal at the homing switch. Active level In the drop-list, select the level of the homing switch that is to be used for homing. Allowing direction reversal at the hardware limit switch Activate the check box to use the hardware limit switch as a reversing cam for the homing procedure. The hardware limit switches must be enabled for the reversal of direction (at least the hardware limit switch in the direction of approach must be configured). If the hardware limit switch is reached during active homing, the axis brakes at the configured deceleration (not with the emergency stop deceleration) and reverses direction. The homing switch is then sensed in reverse direction. If the direction reversal is not active and the axis reaches the hardware limit switch during active homing, the homing procedure is aborted with an error and the axis is braked at the emergency stop deceleration. Note If possible, use one of the following measures to ensure that the machine does not travel to a mechanical endstop in the event of a direction reversal: Keep the approach velocity low. Increase the configured acceleration/deceleration. Increase the distance between the hardware limit switch and the mechanical endstop. Approach/homing direction With the direction selection, you determine the approach direction used during active homing to search for the homing switch, as well as the homing direction. The homing direction specifies the travel direction the axis uses to approach the configured end of the homing switch to carry out the homing operation. 6836 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Side of the homing switch This is where you select whether the axis is to be homed on the low or high end of the homing switch. Approach velocity In this box, specify the velocity at which the homing switch is to be searched for during the homing procedure. Limits (independent of the selected unit of measurement): Start/stop velocity approach velocity maximum velocity Homing velocity In this box, specify the velocity at which the homing switch is to be approached for homing. Limits (independent of the selected unit of measurement): Start/stop velocity Homing velocity Maximum velocity Home position offset If the desired home position deviates from the position of the homing switch, the home position offset can be specified in this box. If the value does not equal 0, the axis executes the following actions following homing at the homing switch: 1. Move the axis at the homing velocity by the value of the home position offset 2. Upon reaching the "home position offset", the axis is at the home position that was specified in input parameter "Position" of the "MC_Home" Motion Control instruction. Limits (independent of the selected unit of measurement): -1.0e12 home position offset 1.0e12 Home position The position configured in the Motion Control instruction "MC_Home" is used as the home position. Diagnostics - Status and error bits ("Axis" technology object V1...3) (S7-1200) You use the "Status and error bits" diagnostic function to monitor the most important status and error messages for the axis in the TIA Portal. The diagnostic function display is available in online mode in "Manual control" mode and in "Automatic control" when the axis is active. The status error messages have the following meaning: WinCC Advanced V14 System Manual, 10/2016 6837 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Status of the axis Status Description Enabled The axis is enabled and ready to be controlled via Motion Control commands. (Tag of technology object: <Axis name>.StatusBits.Enable) Homed The axis is homed and is capable of executing absolute positioning commands of Motion Control instruction "MC_MoveAbsolute". The axis does not have to be homed for relative positioning. Special situations: During active homing, the status is FALSE. If a homed axis undergoes passive homing, the status is set to TRUE during passive homing. (Tag of technology object: <Axis name>.StatusBits.HomingDone) Axis error An error has occurred in the "Axis" technology object. Additional information about the error is avail able in automatic control at the ErrorID and ErrorInfo parameters of the Motion Control instructions. In manual mode, the "Error message" box of the axis control panel displays detailed information about the cause of error. (Tag of technology object: <Axis name>.StatusBits.Error) Axis control panel en The "Manual control" mode was enabled in the axis control panel. The axis control panel has control abled priority over the "Axis" technology object. The axis cannot be controlled from the user program. (Tag of technology object: <Axis name>.StatusBits.ControlPanelActive) Restart necessary A modified configuration of the axis was downloaded to the load memory in CPU RUN operating mode. To download the modified configuration to the work memory, you need to restart the axis. Use the Motion Control instruction MC_Reset to do this. Drive status Status Description Drive ready The drive is ready for operation. (Tag of technology object: <Axis name>.StatusBits.DriveReady) Drive error The drive has reported an error due to loss of its "Drive ready" signal. (Tag of technology object: <Axis name>.ErrorBits.DriveFault) Status of the axis motion Status Description Standstill The axis is at a standstill. (Tag of technology object: <Axis name>.StatusBits.StandStill) Acceleration The axis accelerates. (Tag of technology object: <Axis name>.StatusBits.Acceleration) Constant velocity The axis travels at constant velocity. (Tag of technology object: <Axis name>.StatusBits.ConstantVelocity) Deceleration The axis decelerates (slows down). (Tag of technology object: <Axis name>.StatusBits.Deceleration) 6838 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Status of the motion mode Status Description Positioning The axis executes a positioning command of the Motion Control instruction "MC_MoveAb solute", "MC_MoveRelative" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.PositioningCommand) Travel with velocity specifica tion The axis executes a command with velocity specification of the Motion Control instruction "MC_MoveVelocity", "MC_MoveJog" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.SpeedCommand) Homing The axis executes a homing command of the Motion Control instruction "MC_Home" or the axis control panel. (Tag of technology object: <Axis name>.StatusBits.Homing) Command table active The axis is controlled by Motion Control instruction "MC_CommandTable". (as of technology object Axis V2.0) (Tag of technology object: <Axis name>.StatusBits.CommandTableActive) Error messages Error Description Lower SW limit switch was reached The lower software limit switch has been reached. (Tag of technology object: <Axis name>.ErrorBits.SwLimitMinReached) Lower SW limit switch was ex The lower software limit switch has been exceeded. ceeded (Tag of technology object: <Axis name>.ErrorBits.SwLimitMinExceeded) Upper SW limit switch was reached The upper software limit switch has been reached. (Tag of technology object: <Axis name>.ErrorBits.SwLimitMaxReached) Upper SW limit switch was ex The upper software limit switch has been exceeded. ceeded (Tag of technology object: <Axis name>.ErrorBits.SwLimitMaxExceeded) Lower HW limit switch was reached The lower hardware limit switch has been reached. Upper HW limit switch was reached The upper hardware limit switch has been reached. PTO and HSC already in use A second axis is using the same PTO (Pulse Train Output) and HSC (High Speed Counter) and is enabled with "MC_Power". (Tag of technology object: <Axis name>.ErrorBits.HwLimitMin) (Tag of technology object: <Axis name>.ErrorBits.HwLimitMax) (Tag of technology object: <Axis name>.ErrorBits.HwUsed) Configuration error The "Axis" technology object was incorrectly configured or editable configuration data were modified incorrectly during runtime of the user program. (Tag of technology object: <Axis name>.ErrorBits.ConfigFault) Internal error An internal error has occurred. (Tag of technology object: <Axis name>.ErrorBits.SystemFault) See also Status and error bits (technology objects as of V4) (Page 6739) WinCC Advanced V14 System Manual, 10/2016 6839 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorIDs and ErrorInfos (S7-1200) List of ErrorIDs and ErrorInfos (technology objects V4...5) (S7-1200) The following table lists all ErrorIDs and ErrorInfos that can be indicated in Motion Control instructions. In addition to the cause of the error, remedies for eliminating the error are also listed: Depending on the error reaction, the axis is stopped in the case of operating errors with stop of axis. The following error reactions are possible: Remove enable The setpoint zero is output and the enable is removed. The axis is braked depending on the configuration in the drive, and is brought to a standstill. Stop with emergency stop ramp Active motion commands are aborted. The axis is braked with the emergency stop deceleration configured under "Technology object > Extended parameters > Dynamics > Emergency stop ramp" without any jerk limit and brought to a standstill. Operating error with axis stop ErrorID 16#8000 ErrorIn Description fo Error reaction Drive error, loss of "Drive ready" 16#000 1 16#8001 Remedy Acknowledge error with instruction "MC_Reset"; provide drive signal; restart command, if necessary Low SW limit switch has been tripped 16#000 The position of the low SW limit switch E was reached with the currently config ured deceleration 16#000 The position of the low SW limit switch F was reached with the emergency stop deceleration Acknowledge the error with instruction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the SW limit switch 16#001 The position of the low SW limit switch 0 was exceeded with the emergency stop deceleration 16#8002 High SW limit switch has been tripped 16#000 The position of the high SW limit switch E was reached with the currently config ured deceleration 16#000 The position of the high SW limit switch F was reached with the emergency stop deceleration 16#001 The position of the high SW limit switch 0 was exceeded with the emergency stop deceleration 6840 Remove enable Acknowledge the error with instruction "MC_Reset"; use a motion command to move the axis in the negative direction out of the range of the SW limit switch Remove enable WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8003 ErrorIn Description fo Remedy Low HW limit switch was reached 16#000 The low HW limit switch was reached. E The axis was stopped with the emer gency stop deceleration. (During an active homing procedure, the homing switch was not found) Acknowledge the error for an enabled axis with instruction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the HW limit switch. Error reaction For drive connec tion via PTO (Pulse Train Out put): Stop with emer gency stop ramp For drive connec tion via PROFI drive/analog out put: Remove enable 16#8004 High HW limit switch was reached 16#000 The high HW limit switch has been Acknowledge the error for an enabled axis E reached. The axis was stopped with the with instruction "MC_Reset"; use a motion emergency stop deceleration. command to move the axis in the negative direction out of the range of the HW limit (During an active homing procedure, switch. the homing switch was not found) For drive connec tion via PTO (Pulse Train Out put): Stop with emer gency stop ramp For drive connec tion via PROFI drive/analog out put: Remove enable 16#8005 PTO/HSC are already being used by another axis 16#000 1 - The axis was configured incorrectly: Correct the configuration of the PTO (Pulse Train Output) / HSC (High Speed Counter) and download it to the controller More than one axis is to run with one PTO: Another axis is using the PTO / HSC. If the current axis is to assume the control, the other axis must be disabled with "MC_Power" Enable = FALSE. (see also Using multiple axes with the same PTO (Page 6744)) 16#8006 A communication error in the control panel has occurred 16#001 A timeout has occurred 2 16#8007 The axis cannot be enabled - 16#002 Restarting 5 Wait until the axis restart is complete. 16#002 Executing loading process in RUN 6 mode Wait until the loading process is complete. WinCC Advanced V14 System Manual, 10/2016 Remove enable Check the cable connection and press the "Manual control" button again 6841 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8008 ErrorIn Description fo Remedy Error reaction Invalid direction of motion - 16#002 The selected motion direction is not al Adjust the motion direction and restart E lowed. the command. 16#002 A reversing motion is not possible with Adjust the allowed direction of rotation F the selected motion direction. in the technology object configuration under "Extended parameters > Mechanics". Restart the command. 16#8009 Reference switch/encoder zero mark not found 16#003 Error in the configuration, hardware or 3 installation of the encoder or at the homing switch. 16#800A Stop with emer gency stop ramp Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. Alarm message from encoder 16#000 1 Remove enable Check the device with regard to function, connections and I/Os. 16#003 Hardware error at encoder 4 16#003 Encoder dirty 5 16#003 Error during reading of encoder abso 6 lute value Compare the encoder type in the drive or encoder parameter P979 with the configu ration data of the technology object. 16#003 Zero mark monitoring of the encoder 7 Encoder reports error in zero mark moni toring (fault code 0x0002 in Gx_XIST2, see PROFIdrive profile). Check the plant for electromagnetic com patibility (EMC). 16#003 Encoder is in "Parking" state 8 Search for the cause of the error in the connected drive or encoder. Check whether the error message was possibly triggered by a commissioning action at the drive or encoder. 16#004 PROFIdrive: Encoder on bus failed 0 (station failure). Check the device with regard to function, connections and I/Os. 16#004 PROFIdrive: Signs of life of encoder 1 faulty. 16#800B Range violation of the position 16#003 Range violation in positive direction 9 Remove enable Home the axis to a valid actual value range. 16#003 Range violation in negative direction A 16#003 The change of the actual position in a B position control clock cycle is greater than the modulo length. 6842 Adjust the modulo length of the employed encoder. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#800C ErrorIn Description fo Remedy Alarm message from drive Error reaction Remove enable 16#000 1 Check the device with regard to function, connections and I/Os. 16#003 PROFIdrive: Drive signal "Control re C quested" failed. In the "Tuning" dialog box, select a smaller gain (Kv). 16#003 PROFIdrive/analog drive connection: D Drive has shut down. 16#003 PROFIdrive: Drive on bus failed (sta E tion failure) 16#003 PROFIdrive: Signs of life of drive faulty. Check the device with regard to F function, connections and I/Os. Compare the clock parameters of HW Config (PROFIBUS line, slave OM for drive or encoder) and the execution system. Tmapc and servo must be configured with the same clock cycle time. 16#800D The permitted following error was exceeded 16#000 1 Remove enable Check the configuration of the control loop. Check the direction signal of the encoder. Check the configuration of following error monitoring. 16#800E Error at the hardware limit switch 16#004 Illegal free travel direction with active 2 hardware limit switch Remove enable The programmed direction of movement is disabled due to the active hardware limit switch. Retract the axis in the opposite direction. 16#004 Hardware limit switch polarity is re 3 versed, axis cannot be freed Check the mechanical configuration of the hardware limit switch. 16#004 Both hardware limit switches are ac 4 tive, axis cannot be freed 16#800F Error in target range 16#004 Target range not reached 5 Remove enable Target range was not reached within the positioning tolerance time. Check the configuration of the position monitoring. Check the configuration of the control loop. 16#004 Exit target range again 6 The target range was exited within the minimum dwell time. Check the configuration of the position monitoring. Check the configuration of the control loop. WinCC Advanced V14 System Manual, 10/2016 6843 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID 16#8010 ErrorIn Description fo Remedy Error reaction Position of the low SW limit switch is greater than that of the high SW limit switch when the axis is not a modulo axis 16#000 1 Remove enable Change the position of the software limit switches. Operating error without axis stop ErrorID ErrorInfo 16#8200 Description Remedy Axis is not enabled 16#0001 16#8201 - Enable the axis; restart the command Axis has already been enabled by another "MC_Power" instance 16#0001 16#8202 - Enable the axis with only one "MC_Power" instance The maximum number of simultaneous motion control commands has been exceeded (max. 200 commands for drive connection via PTO (Pulse Train Output), max. 100 commands for drive con nection via PROFIdrive/analog output) 16#0001 - Reduce the number of simultaneously active com mands; restart the command A command is active if parameter "Busy" = TRUE in the Motion Control instruction. 16#8203 Axis is currently operated in "Manual control" (axis control panel) 16#0001 16#8204 16#8205 - Home the axis with instruction "MC_Home"; restart the command The axis is currently controlled by the user program (the error is only displayed in the axis control panel) 16#0013 16#8206 The axis is enabled in the user program Disable axis with instruction "MC_Power" and se lect "Manual control" again in the axis control panel Technology object not activated yet 16#0001 6844 Exit "Manual control"; restart the command Axis is not homed 16#0001 16#8207 - - Enable the axis with instruction "MC_Power" Ena ble = TRUE or enable the axis in the axis control panel. Command rejected WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0016 Active homing is running; another homing meth Wait for active homing to finish or abort the active od cannot be started. homing with a motion command, for example, "MC_Halt". Remedy 16#0018 The axis cannot be moved with a command ta Wait until direct or passive homing is complete. ble while it is being actively or passively homed. 16#0019 The axis cannot be actively or passively homed while a command table is being processed. Wait for command table to finish or abort the com mand table with a motion command, for example, "MC_Halt". 16#0052 The specified position exceeds the numerical limit. Enter a valid position value at the Motion Control instruction. 16#0053 The axis is ramping up. Wait until the axis is ready for operation. 16#0054 Actual value is invalid To execute a "MC_Home" command, the actual values must be valid. Check the status of the actual values. The tag of the technology object <Axis name>."StatusSen sor.State" must show the value 2 (valid). 16#8208 Difference between maximum and start/stop velocity is invalid 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#8209 Correct the value; restart the command Invalid acceleration for technology object "Axis" 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#0013 The axis is enabled in the user program Disable the axis with the "MC_Power" instruction; restart again 16#0027 The axis is currently being operated in "Manual control" (axis control panel) Exit "Manual control"; restart again 16#002C The axis is not disabled. Disable the axis; restart the command 16#0047 The technology object is not ready for restart. Download the project again. 16#0048 Condition for restart of the technology object is not satisfied. Disable the technology object. 16#820A Correct the value; restart the command It is not possible to restart the axis 16#820B It is not possible to execute the command table 16#0026 16#820C Executing loading process in RUN mode Wait until the loading process is complete. No configuration available 16#0001 - Internal error Contact the hotline. Block parameter error ErrorID ErrorInfo 16#8400 Description Remedy Invalid value at parameter "Position" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) WinCC Advanced V14 System Manual, 10/2016 Correct the value; restart the command 6845 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8401 Description Remedy Invalid value at parameter "Distance" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#8402 Correct the value; restart the command Invalid value at parameter "Velocity" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity 16#0009 Value is less than the configured start/stop ve locity 16#0024 Value is less than 0 16#8403 Correct the value; restart the command Invalid value at parameter "Direction" of the Motion Control instruction 16#0011 16#8404 The selection value is invalid Correct the selection value; restart the command Invalid value at parameter "Mode" of the Motion Control instruction 16#0011 The selection value is invalid Correct the selection value; restart the command 16#0015 Active/passive homing is not configured Correct the configuration and download it to the controller; enable the axis and restart the command 16#0017 The direction reversal is activated at the hard Activate the HW limit switch using the tag <Axis ware limit switch, despite the fact that the hard name>.PositionLimitsHW.Active = TRUE, ware limit switches are disabled restart the command Correct the configuration and download it to the controller; enable the axis and restart the command 16#0055 Invalid mode at incremental encoder Start a homing process for an incremental encoder using parameter "Mode" = 0, 1, 2, 3. 16#0056 Invalid mode at absolute encoder Passive and active homing ("Mode" = 2, 3) are not possible for an absolute value encoder. Start a homing process for an absolute encoder us ing parameter "Mode" = 0, 1. 16#8405 Invalid value at parameter "StopMode" of the Motion Control instruction 16#0011 16#8406 16#8407 - Take steps to ensure that parameters "JogFor ward" and "JogBackward" do not have signal status TRUE simultaneously; restart the command. Switching to another axis with instruction "MC_Power" is only permitted after disabling the active axis. 16#0001 6846 Correct the selection value; enable the axis again Simultaneous forward and backward jogging is not allowed 16#0001 16#8408 The selection value is invalid - Disable the active axis; it is then possible to switch to the other axis and enable it. Invalid value at parameter "Axis" of the Motion Control instruction WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#001A The specified value does not match the re quired technology object version Correct the value; restart the command 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block 16#8409 Invalid value at parameter "CommandTable" of the Motion Control instruction 16#001A The specified value does not match the re quired technology object version 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block 16#840A Correct the value; restart the command Invalid value at parameter "StartStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001D The start step is greater than the end step 16#001E Value is greater than 32 16#840B Correct the value; restart the command Invalid value at parameter "EndStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001E Value is greater than 32 16#840C Correct the value; restart the command Invalid value at parameter "RampUpTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840D Correct the value; restart the command Invalid value at parameter "RampDownTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840E Correct the value; restart the command Invalid value at parameter "EmergencyRampTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840F Correct the value; restart the command Invalid value at parameter "JerkTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#8410 Correct the value; restart the command Invalid value at parameter "Parameter" of the Motion Control instruction 16#0002 The value has an invalid number format Correct the value; restart the command 16#000B Address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0028 Data type of VARIANT pointer "Parameter" and "Value" do not match. Use a suitable data type; restart command 16#0029 VARIANT pointer "Parameter" does not point to a data block of the technology object. Correct the VARIANT pointer; restart the command 16#002A The value at the VARIANT pointer "Parameter" cannot be read. Correct the VARIANT pointer; restart the command 16#002B The value at the VARIANT pointer "Parameter" cannot be written. Correct the VARIANT pointer or value; restart the command 16#002C The axis is not disabled. Disable the axis; restart the command WinCC Advanced V14 System Manual, 10/2016 6847 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8411 Description Remedy Invalid value at parameter "Value" of the Motion Control instruction 16#0002 The value has an invalid number format Correct the value; restart the command Configuration error of the axis ErrorID ErrorInfo 16#8600 Description Remedy Parameter assignment of pulse generator (PTO is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication 16#8601 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Parameter assignment of the high-speed counter (HSC) is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication 16#8602 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid parameter assignment of "Enable output" 16#000B 16#8603 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid parameter assignment of "Ready input" 16#000B 16#8604 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Pulses per motor revolution" value 16#000A 16#8605 Value is less than or equal to zero Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Distance per revolution" value 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#000A Value is less than or equal to zero 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8606 Invalid "Start/stop velocity" value 16#0002 16#8607 6848 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0007 The start/stop velocity is greater than the maxi mum velocity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "maximum velocity" value WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8608 Invalid "Acceleration" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8609 Invalid "Deceleration" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#860A WinCC Advanced V14 System Manual, 10/2016 Invalid "Emergency stop deceleration" value 6849 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#860B Value for position of the low SW limit switch is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0030 The position value of the low software limit switch is greater than that of the high software limit switch 16#860C Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Value for position of the high SW limit switch is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) 16#0006 Value is outside the number range (less than -1E+12) 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#860D Invalid address of the low HW limit switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#860E 16#860F 6850 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid address of the high HW limit switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "home position offset" value WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0006 Value is outside the number range (less than -1E+12) 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8610 Invalid "approach velocity" value 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity 16#0009 The velocity is less than the start/stop velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8611 Invalid "Homing velocity" value 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity 16#0009 The velocity is less than the start/stop velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8612 Invalid address of the homing switch 16#000B Invalid address 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#8613 WinCC Advanced V14 System Manual, 10/2016 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" During active homing, direction reversal at the hardware limit switch is activated although the hard ware limit switches are not configured 6851 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8614 Invalid "Jerk" value 16#0002 The value has an invalid number format 16#001F Value is greater than the maximum jerk 16#0020 Value is less than the minimum jerk 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8615 Value for "Unit of measurement" is invalid 16#0011 16#8616 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Address of homing switch is invalid (passive homing as of V4) 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8617 Value of tag <Axis name>.Sensor.Sensor[1].ActiveHoming.Mode is invalid 16#0011 The selection value is invalid (Valid value: 2 = Homing via digital input) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8618 6852 Value of tag <Axis name>.Sensor.Sensor[1].PassiveHoming.Mode is invalid WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" (Valid value: 2 = Homing via digital input) Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8619 Value of tag <Axis name>.Actor.Type is invalid 16#0011 The selection value is invalid (Valid value: 2 = Connection via pulse interface) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861A Value for "Permitted direction of rotation" is invalid 16#0011 The selection value is invalid 16#002D "Both directions" not allowed when direction output is deactivated Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861B Faulty load gear factors 16#0031 16#861C Valid is invalid. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Illegal combination of data for homing with incremental encoder 16#0031 Valid is invalid. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861D The set encoder mounting type is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Mounting Mode 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#861E The configuration of the measuring wheel circumference of the encoder is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Parameter.DistancePerRevolution 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary WinCC Advanced V14 System Manual, 10/2016 6853 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#861F Description Remedy The configuration for the resolution of the linear encoder is faulty. Invalid value in <Axis name>.Sen sor.Sensor[1].Parameter.Resolution 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8620 The set fine resolution for Gn_XIST1 is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Pa rameter.FineResolutionXist1 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8621 The set fine resolution for Gn_XIST1 in <Axis name>.Sensor.Sensor[1].Parameter.FineResolutionX ist1 is not consistent with the setting in PROFIdrive parameter P979 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8622 Invalid value for the configuration date <Axis name>.Actor.Interface.AddressIn or <Axis name>.Ac tor.Interface.AddressOut 16#0011 16#8623 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" The value set in the tag <Axis name>.Sensor.Sensor[1].Type is invalid. 16#0011 The selection value is invalid 16#0011 The selection value is invalid 16#8624 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" The set encoder system is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].System Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8625 Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.MinD wellTime 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 6854 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8626 Description Remedy Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.Win dow 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8627 The configuration of the PROFIdrive interface of the actual value is faulty. Invalid value in <Axis name>.Sensor.Sensor[1].Interface.AddressIn or <Axis name>.Sensor.Sensor[1].Interface.Address Out 16#0011 16#8628 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Faulty controller factors 16#0030 Value has an incorrect number format or is out The value for the gain or the precontrol of the con side the valid number range trol loop is faulty. Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary (<Axis name>.PositionControl.Kv, <Axis name>.PositionControl.Kpc) 16#8629 Limit for standstill signal is faulty. Invalid value in <Axis name>.StandStillSignal.VelocityThreshold 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862A Parameter of position monitoring is faulty. Invalid value in <Axis name>.PositioningMonitoring.Toler anceTime 16#0030 Value has an incorrect number format or is out side the valid number range Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862B Inconsistent PROFIBUS parameterization; the sum of Ti and To is greater than one DP cycle 16#0030 16#862C WinCC Advanced V14 System Manual, 10/2016 Value has an incorrect number format or is out Download error-free configuration to the controller; side the valid number range enable the axis again with instruction "MC_Power" Parameter of standstill monitoring is faulty. Invalid value in <Axis name>.StandStillSignal.MinDwell Time 6855 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Remedy Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862D Parameter of following error monitoring is faulty. Invalid value in <Axis name>.FollowingError.Min Value 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862E Invalid value for the configuration date <Axis name>.Modulo.Length 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#862F Invalid value for the configuration date <Axis name>.Modulo.StartValue 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8630 Invalid value for the configuration date <Axis name>.Actor.DriveParameter.ReferenceSpeed 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8631 The set fine resolution for Gn_XIST2 is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].Pa rameter.FineResolutionXist2 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8632 6856 The number of determinable encoder revolutions is invalid. Invalid value in <Axis name>.Sensor.Sen sor[1].Parameter.DeterminableRevolutions WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Remedy Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8633 The specified approach direction of the homing switch for passive homing is invalid. Invalid value in <Axis name>.Sensor.Sensor[1].PassiveHoming.Direction 16#8634 Parameter of the following error monitoring is faulty. Invalid value in <Axis name>.FollowingEr ror.MaxValue 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8635 Parameter of the following error monitoring is faulty. Invalid value in <Axis name>.FollowingError.Min Velocity 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8636 Controller factor is incorrect. Invalid value of the precontrol factor <Axis name>.PositionControl.Kpc 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8637 Invalid value for the configuration date <Axis name>.Sensor.Sensor[1].Interface.Type 16#0011 16#8638 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid value for the configuration date <Axis name>.Sensor.Sensor[1].Interface.HSC 16#0011 16#8639 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Error at the drive 16#0049 Configuration error at device Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#004A The technology needs a smaller servo clock. Internal system error. Check the project for consistency and reload it into the controller. 16#004B Device driver not initialized during ramp-up. To enable a technology object, the actuator driver must be initialized. Execute the command again later. WinCC Advanced V14 System Manual, 10/2016 6857 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#863A Description Remedy Communication to the drive is faulty 16#004C Configuration error at device Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004D The device driver needs a smaller servo clock. Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004E 16#863B Error in internal communication with the device Check the project for consistency and reload it into the controller. Error at encoder 16#0049 Configuration error at device Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#004A The technology needs a smaller servo clock. Internal system error. Check the project for consistency and reload it into the controller. 16#004B Device driver not initialized during ramp-up. To enable a technology object, the actuator driver must be initialized. Execute the command again later. 16#863C Communication with encoder is faulty 16#004C Configuration error at device Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004D The device driver needs a smaller servo clock. Connect a suitable device. Check the device (I/Os). Compare the configuration of HW Config and the technology object. 16#004E 16#863D Error in internal communication with the device Check the project for consistency and reload it into the controller. Communication to the device (drive or encoder) is faulty 16#0030 Value has an incorrect number format or is out Download error-free configuration to the side the valid number range controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#0055 The requested logical address is invalid. 16#0056 The requested logical output address is invalid. Check the device (I/Os). The requested logical output address is invalid. Check the topological configuration in HW Config. 16#0057 Connect a suitable device. Compare the configuration of HW Config and the technology object. 6858 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#863E Description Remedy Value of tag "ControlPanel.Input.TimeOut" is invalid (axis control panel) 16#0030 Value has an incorrect number format or is out Correct the value in the tags of the technology ob side the valid number range ject <Axis name>.ControlPanel.Input.TimeOut. The value is specified in milliseconds (ms). 16#863F Invalid value for the configuration date <Axis name>.Actor.DriveParameter.MaxSpeed 16#0030 Value has an incorrect number format or is out Correct the reference value in the drive and in the side the valid number range configuration of the technology object to Actua tor.MaxSpeed/2. With analog drive connection, correct the reference value in the drive and in the configuration of the technology object to Actuator.MaxSpeed/1.17. Configuration error of the command table ErrorID ErrorInfo 16#8700 Description Remedy Value for "Command type" in the command table is invalid 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary 16#8701 Value for "Position / travel path" in the command table is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0006 Value is outside the number range (less than -1E+12) Correct the incorrect value online and restart the command, if necessary 16#8702 Value for "Velocity" in the command table is invalid 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0009 Value is less than the configured start/stop ve locity Correct the incorrect value online and restart the command, if necessary 16#8703 Value for "Duration" in the command table is invalid 16#0002 The value has an invalid number format 16#0021 Value is greater than 64800 s 16#0022 Value is less than 0.001 s 16#0011 The selection value is invalid 16#0023 The command transition is not permitted for this command 16#8704 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary Value for "Next step" in the command table is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary WinCC Advanced V14 System Manual, 10/2016 6859 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Internal errors ErrorID ErrorInfo Description 16#8FFF Remedy Internal error 16#F0** - POWER OFF and POWER ON the CPU If this does not work, contact Customer Support. Have the following information ready: ErrorID ErrorInfo Diagnostic buffer entries See also Error displays of the Motion Control statements (Page 6737) Tags of the positioning axis technology object V4...5 (Page 6890) ErrorIDs and ErrorInfos (Page 6840) Using multiple axes with the same PTO (Page 6744) Using multiple drives with the same PTO (Page 6747) Tracking jobs from higher priority classes (execution levels) (Page 6748) Special cases when using software limit switches for drive connection via PTO (Page 6750) List of ErrorIDs and ErrorInfos (technology objects V2...3) (S7-1200) The following table lists all ErrorIDs and ErrorInfos that can be indicated in Motion Control instructions. In addition to the cause of the error, remedies for eliminating the error are also listed: Operating error with axis stop ErrorID ErrorInfo 16#8000 16#8001 - Acknowledge error with instruction "MC_Reset"; provide drive signal; restart command, if necessary Low SW limit switch has been tripped 16#000E 16#000F 16#0010 6860 Remedy Drive error, loss of "Drive ready" 16#0001 16#8002 Description The position of the low SW limit switch was Acknowledge the error with instruction "MC_Re reached with the currently configured decelera set"; use a motion command to move the axis in the tion positive direction out of the range of the SW limit switch The position of the low SW limit switch was reached with the emergency stop deceleration The position of the low SW limit switch was ex ceeded with the emergency stop deceleration High SW limit switch has been tripped WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description 16#000E The position of the high SW limit switch was Acknowledge the error with instruction "MC_Re reached with the currently configured decelera set"; use a motion command to move the axis in the tion negative direction out of the range of the SW limit switch The position of the high SW limit switch was 16#000F 16#0010 16#8003 Remedy reached with the emergency stop deceleration The position of the high SW limit switch was exceeded with the emergency stop deceleration Low HW limit switch was reached 16#000E The low HW limit switch was reached. The axis was stopped with the emergency stop deceler ation. (During an active homing procedure, the hom ing switch was not found) 16#8004 Acknowledge the error for an enabled axis with in struction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the HW limit switch. High HW limit switch was reached 16#000E The high HW limit switch has been reached. The axis was stopped with the emergency stop deceleration. (During an active homing procedure, the hom ing switch was not found) 16#8005 Acknowledge the error for an enabled axis with in struction "MC_Reset"; use a motion command to move the axis in the negative direction out of the range of the HW limit switch. PTO/HSC are already being used by another axis 16#0001 - The axis was configured incorrectly: Correct the configuration of the PTO (Pulse Train Output) / HSC (High Speed Counter) and download it to the controller More than one axis is to run with one PTO: Another axis is using the PTO / HSC. If the current axis is to assume the control, the other axis must be disabled with "MC_Power" Enable = FALSE. (see also Using multiple axes with the same PTO (Page 6744)) 16#8006 A communication error in the control panel has occurred 16#0012 16#8007 A timeout has occurred Check the cable connection and press the "Manual control" button again The axis cannot be enabled 16#0025 Restarting Wait until the axis restart is complete. 16#0026 Executing loading process in RUN mode Wait until the loading process is complete. Operating error without axis stop ErrorID ErrorInfo 16#8200 Description Remedy Axis is not enabled 16#0001 16#8201 - Enable the axis; restart the command Axis has already been enabled by another "MC_Power" instance 16#0001 16#8202 WinCC Advanced V14 System Manual, 10/2016 - Enable the axis with only one "MC_Power" instance The maximum number of simultaneously active Motion Control commands has been exceeded (max imum of 200 commands for all motion control technology objects) 6861 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0001 - Reduce the number of simultaneously active com mands; restart the command A command is active if parameter "Busy" = TRUE in the Motion Control instruction. 16#8203 Axis is currently operated in "Manual control" (axis control panel) 16#0001 16#8204 Exit "Manual control"; restart the command Axis is not homed 16#0001 16#8205 - Home the axis with instruction "MC_Home"; restart the command The axis is currently controlled by the user program (the error is only displayed in the axis control panel) 16#0013 16#8206 The axis is enabled in the user program Disable axis with instruction "MC_Power" and se lect "Manual control" again in the axis control panel Technology object not activated yet 16#0001 16#8207 - Enable the axis with instruction "MC_Power" Ena ble = TRUE or enable the axis in the axis control panel. Command rejected 16#0016 Active homing is running; another homing meth Wait for active homing to finish or abort the active od cannot be started. homing with a motion command, for example, "MC_Halt". 16#0018 The axis cannot be moved with a command ta Wait until direct or passive homing is complete. ble while it is being actively or passively homed. 16#0019 The axis cannot be actively or passively homed while a command table is being processed. 16#8208 Wait for command table to finish or abort the com mand table with a motion command, for example, "MC_Halt". Difference between maximum and start/stop velocity is invalid 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#8209 Correct the value; restart the command Invalid acceleration for technology object "Axis" 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#820A Correct the value; restart the command It is not possible to restart the axis 16#0013 The axis is enabled in the user program Disable the axis with the "MC_Power" instruction; restart again 16#0027 The axis is currently being operated in "Manual control" (axis control panel) Exit "Manual control"; restart again 16#820B It is not possible to execute the command table 16#0026 6862 - Executing loading process in RUN mode Wait until the loading process is complete. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Block parameter error ErrorID ErrorInfo 16#8400 Description Remedy Invalid value at parameter "Position" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#0006 Value is outside the number range (less than -1.0E+12) 16#8401 Correct the value; restart the command Invalid value at parameter "Distance" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#0006 Value is outside the number range (less than -1.0E+12) 16#8402 Correct the value; restart the command Invalid value at parameter "Velocity" of the Motion Control instruction 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity 16#0009 Value is less than the configured start/stop ve locity 16#0024 Value is less than 0 16#8403 Correct the value; restart the command Invalid value at parameter "Direction" of the Motion Control instruction 16#0011 16#8404 The selection value is invalid Correct the selection value; restart the command Invalid value at parameter "Mode" of the Motion Control instruction 16#0011 The selection value is invalid Correct the selection value; restart the command 16#0015 Active/passive homing is not configured Correct the configuration and download it to the controller; enable the axis and restart the command 16#0017 The direction reversal is activated at the hard Activate the hardware limit switch using the tag ware limit switch, despite the fact that the hard <Axis>.Config.PositionLimits_HW.Active = ware limit switches are disabled TRUE, restart the command Correct the configuration and download it to the controller; enable the axis and restart the command 16#8405 Invalid value at parameter "StopMode" of the Motion Control instruction 16#0011 16#8406 The selection value is invalid Correct the selection value; enable the axis again Simultaneous forward and backward jogging is not allowed 16#0001 16#8407 - Take steps to ensure that parameters "JogFor ward" and "JogBackward" do not have signal status TRUE simultaneously; restart the command. Switching to another axis with instruction "MC_Power" is only permitted after disabling the active axis. 16#0001 16#8408 WinCC Advanced V14 System Manual, 10/2016 - Disable the active axis; it is then possible to switch to the other axis and enable it. Invalid value at parameter "Axis" of the Motion Control instruction 6863 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#001A The specified value does not match the re quired technology object version Correct the value; restart the command 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block 16#8409 Invalid value at parameter "CommandTable" of the Motion Control instruction 16#001A The specified value does not match the re quired technology object version 16#001B The specified value does not match the re quired technology object type 16#001C The specified value is not a Motion Control tech nology data block 16#840A Correct the value; restart the command Invalid value at parameter "StartStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001D The start step is greater than the end step 16#001E Value is greater than 32 16#840B Correct the value; restart the command Invalid value at parameter "EndStep" of the Motion Control instruction 16#000A Value is less than or equal to 0. 16#001E Value is greater than 32 16#840C Correct the value; restart the command Invalid value at parameter "RampUpTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840D Correct the value; restart the command Invalid value at parameter "RampDownTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840E Correct the value; restart the command Invalid value at parameter "EmergencyRampTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. 16#840F Correct the value; restart the command Invalid value at parameter "JerkTime" of the Motion Control instruction 16#0002 The value has an invalid number format 16#000A Value is less than or equal to 0. Correct the value; restart the command Configuration error of the axis ErrorID ErrorInfo 16#8600 Remedy Parameter assignment of pulse generator (PTO is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication 16#8601 6864 Description Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Parameter assignment of the high-speed counter (HSC) is invalid 16#000B The address is invalid 16#0014 The selected hardware is used by another ap plication Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo 16#8602 Description Remedy Invalid parameter assignment of "Enable output" 16#000B 16#8603 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid parameter assignment of "Ready input" 16#000B 16#8604 The address is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Pulses per motor revolution" value 16#000A 16#8605 Value is less than or equal to zero Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Distance per revolution" value 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#000A Value is less than or equal to zero 16#8606 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Start/stop velocity" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#0007 The start/stop velocity is greater than the maxi mum velocity 16#8607 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "maximum velocity" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#8608 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "Acceleration" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#8609 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "Deceleration" value 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit 16#860A WinCC Advanced V14 System Manual, 10/2016 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "Emergency stop deceleration" value 6865 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0003 Value is higher than the high hardware limit 16#0004 Value is lower than the low hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#860B Value for position of the low SW limit switch is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#0006 Value is outside the number range (less than -1.0E+12) 16#0007 The position value of the low software limit switch is greater than that of the high software limit switch 16#860C 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#0006 Value is outside the number range (less than -1.0E+12) Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid address of the low HW limit switch 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#860E Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid address of the high HW limit switch 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#860F Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Invalid "home position offset" value 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) 16#0006 Value is outside the number range (less than -1.0E+12) 16#8610 6866 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Value for position of the high SW limit switch is invalid 16#860D 16#8611 Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "approach velocity" value 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity 16#0009 The velocity is less than the start/stop velocity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "Homing velocity" value WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0008 The velocity is greater than the maximum ve locity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0009 The velocity is less than the start/stop velocity 16#8612 Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid address of the homing switch 16#000C The address of the falling edge is invalid 16#000D The address of the rising edge is invalid 16#8613 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" During active homing, direction reversal at the hardware limit switch is activated although the hard ware limit switches are not configured 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary 16#8614 Invalid "Jerk" value 16#0002 The value has an invalid number format 16#001F Value is greater than the maximum jerk 16#0020 Value is less than the minimum jerk 16#8615 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Value for "Unit of measurement" is invalid 16#0011 The selection value is invalid Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Configuration error of the command table ErrorID ErrorInfo 16#8700 Description Remedy Value for "Command type" in the command table is invalid 16#0001 - Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary 16#8701 Value for "Position / travel path" in the command table is invalid 16#0002 The value has an invalid number format 16#0005 Value is outside the number range (greater than 1.0E+12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0006 Value is outside the number range (less than -1.0E+12) Correct the incorrect value online and restart the command, if necessary 16#8702 WinCC Advanced V14 System Manual, 10/2016 Value for "Velocity" in the command table is invalid 6867 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 The value has an invalid number format 16#0008 Value is greater than the configured maximum velocity Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0009 Value is less than the configured start/stop ve locity Correct the incorrect value online and restart the command, if necessary 16#8703 Value for "Duration" in the command table is invalid 16#0002 The value has an invalid number format 16#0021 Value is greater than 64800 s 16#0022 Value is less than 0.001 s 16#8704 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary Value for "Next step" in the command table is invalid 16#0011 The selection value is invalid 16#0023 The command transition is not permitted for this command Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online and restart the command, if necessary Internal errors ErrorID ErrorInfo 16#8FFF Description Remedy Internal error 16#F0** - POWER OFF and POWER ON the CPU If this does not work, contact Customer Support. Have the following information ready: ErrorID ErrorInfo Diagnostic buffer entries See also List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) Using multiple axes with the same PTO (Page 6744) List of ErrorIDs and ErrorInfos (technology objects V1) (S7-1200) The following table lists all ErrorIDs and ErrorInfos that can be indicated in Motion Control instructions. In addition to the cause of the error, remedies for eliminating the error are also listed: 6868 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Operating error with axis stop ErrorID ErrorInfo 16#8000 Description Remedy Drive error, loss of "Drive ready" 16#0001 16#8001 - Acknowledge error with instruction "MC_Reset"; provide drive signal; restart command, if necessary Lower SW limit switch has been tripped 16#000E 16#000F 16#0010 16#8002 The position of the lower SW limit switch was Acknowledge the error with instruction "MC_Re reached with the currently configured decelera set"; use a motion command to move the axis in the tion positive direction out of the range of the SW limit switch The position of the lower SW limit switch was reached with the emergency stop deceleration The position of the lower SW limit switch was exceeded with the emergency stop deceleration Upper SW limit switch has been tripped 16#000E 16#000F 16#0010 16#8003 The position of the upper SW limit switch was Acknowledge the error with instruction "MC_Re reached with the currently configured decelera set"; use a motion command to move the axis in the tion negative direction out of the range of the SW limit switch The position of the upper SW limit switch was reached with the emergency stop deceleration The position of the upper SW limit switch was exceeded with the emergency stop deceleration Lower HW limit switch was reached 16#000E The lower HW limit switch was reached. The axis was stopped with the emergency stop de celeration. (During an active homing procedure, the refer ence point switch was not found) 16#8004 Acknowledge the error for an enabled axis with in struction "MC_Reset"; use a motion command to move the axis in the positive direction out of the range of the HW limit switch. Upper HW limit switch was reached 16#000E The upper HW limit switch has been reached. The axis was stopped with the emergency stop deceleration. (During an active homing procedure, the refer ence point switch was not found) 16#8005 Acknowledge the error for an enabled axis with in struction "MC_Reset"; use a motion command to move the axis in the negative direction out of the range of the HW limit switch. PTO/HSC are already being used by another axis 16#0001 - The axis was configured incorrectly: Correct the configuration of the PTO (Pulse Train Output) / HSC (High Speed Counter) and download it to the controller More than one axis is to run with one PTO: Another axis is using the PTO / HSC. If the current axis is to assume the control, the other axis must be disabled with "MC_Power" Enable = FALSE. (see also Using multiple axes with the same PTO (Page 6744)) WinCC Advanced V14 System Manual, 10/2016 6869 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Operating error without axis stop ErrorID ErrorInfo 16#8200 Description Remedy Axis is not enabled 16#0001 16#8201 - Enable the axis; restart the command Axis has already been enabled by another "MC_Power" instance 16#0001 16#8202 - Enable the axis with only one "MC_Power" instruc tion The maximum number of simultaneously active Motion Control commands was exceeded (maximum of 200 commands for all motion control technology objects) 16#0001 - Reduce the number of simultaneously active com mands; restart the command A command is active if parameter "Busy" = TRUE in the Motion Control instruction. 16#8203 Axis is currently operated in "Manual control" (axis control panel) 16#0001 16#8204 - Exit "Manual control"; restart the command Axis is not homed 16#0001 16#8205 - Home the axis with instruction "MC_Home"; restart the command The axis is currently controlled by the user program (the error is only displayed in the axis control panel) 16#0001 16#8206 - Disable axis with instruction "MC_Power" and se lect "Manual control" again in the axis control panel Technology object Axis not yet enabled 16#0001 16#8207 - Enable the axis with instruction "MC_Power" Ena ble = TRUE or enable the axis in the axis control panel. Command rejected 16#0016 Active homing is running; another homing meth Wait for active homing to finish or abort the active od cannot be started. homing with a motion command, for example, "MC_Halt". The other homing type can then be star ted. Block parameter error ErrorID ErrorInfo 16#8400 16#8401 6870 Description Remedy Invalid value at parameter "Position" of the Motion Control instruction 16#0002 Number format of value is invalid 16#0005 The value is outside the number range (greater than 1e12) 16#0006 The value is outside the number range (less than -1e12) Correct the "position" value; restart the command Invalid value at parameter "Distance" of the Motion Control instruction WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 Number format of value is invalid Correct the "Distance" value; restart the command 16#0005 The value is outside the number range (greater than 1e12) 16#0006 The value is outside the number range (less than -1e12) 16#8402 Invalid value at parameter "Velocity" of the Motion Control instruction 16#0002 Number format of value is invalid 16#0008 Velocity is greater than the maximum velocity 16#0009 Velocity is less than the start/stop velocity 16#8403 Correct the "Velocity" value; restart the command Invalid value at parameter "Direction" of the Motion Control instruction 16#0011 16#8404 Invalid selection value Correct the selection value; restart the command Invalid value at parameter "Mode" of the Motion Control instruction 16#0011 Invalid selection value Correct the selection value; restart the command 16#0015 Active/passive homing is not configured Correct the configuration and download it to the controller; enable the axis and restart the command 16#0017 Axis reversal is activated at the HW limit switch, despite the fact that the hardware limit switches are disabled Activate the hardware limit switch using the tag <axis>.Config.PositionLimits_HW.Active = TRUE, restart the command Correct the configuration and download it to the controller; enable the axis and restart the command 16#8405 Invalid value at parameter "StopMode" of the Motion Control instruction 16#0011 16#8406 Invalid selection value Correct the selection value; enable the axis again Simultaneous forward and backward jogging is not allowed 16#0001 16#8407 - Take steps to ensure that parameters "JogFor ward" and "JogBackward" do not have signal status TRUE simultaneously; restart the command. Switching the axis with Motion Control instruction "MC_Power" is only permitted after disabling the axis. 16#0001 - Disable the active axis; it is then possible to switch to the other axis and enable it. Description Remedy Configuration error ErrorID ErrorInfo 16#8600 Parameter assignment of pulse generator (PTO is invalid 16#000B 16#8601 Address is invalid Correct the configuration of the PTO (Pulse Train Output) and download it to the controller Parameter assignment of the high-speed counter (HSC) is invalid 16#000B 16#8602 Address is invalid Correct the configuration of the HSC (High Speed Counter) and download it to the controller Invalid parameter assignment of "Enable output" 16#000D 16#8603 WinCC Advanced V14 System Manual, 10/2016 Address is invalid Correct the configuration and download it to the controller Invalid parameter assignment of "Ready input" 6871 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#000D Address is invalid Correct the configuration and download it to the controller 16#8604 Invalid "Pulses per motor revolution" value 16#000A 16#8605 Number format of value is invalid 16#000A Value is less than or equal to zero Correct the configuration and download it to the controller Invalid "Start/stop velocity" value 16#0002 Number format of value is invalid 16#0003 Value exceeds the hardware limit 16#0004 Value is less than the hardware limit 16#0007 The start/stop velocity is greater than the maxi mum velocity 16#8607 Correct the configuration and download it to the controller Invalid "Maximum velocity" value 16#0002 Number format of value is invalid 16#0003 Value exceeds the hardware limit 16#0004 Value is less than the hardware limit 16#8608 Correct the configuration and download it to the controller Invalid "Acceleration" value 16#0002 Number format of value is invalid 16#0003 Value exceeds the hardware limit 16#0004 Value is less than the hardware limit 16#8609 Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "Deceleration" value 16#0002 Number format of value is invalid 16#0003 Value exceeds the hardware limit 16#0004 Value is less than the hardware limit 16#860A 6872 Correct the configuration and download it to the controller Invalid "Distance per revolution" value 16#0002 16#8606 16#860B Value is less than or equal to zero Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid "Emergency stop deceleration" value 16#0002 Number format of value is invalid 16#0003 Value exceeds the hardware limit 16#0004 Value is less than the hardware limit Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Value for position of the lower SW limit switch is invalid WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) ErrorID ErrorInfo Description Remedy 16#0002 Number format of value is invalid 16#0005 The value is outside the number range (greater than 1e12) Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" 16#0006 The value is outside the number range (less than -1e12) 16#0007 The position value of the lower SW limit switch is greater than that of the upper SW limit switch 16#860C Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Value for position of the upper SW limit switch is invalid 16#0002 Number format of value is invalid 16#0005 The value is outside the number range (greater than 1e12) 16#0006 The value is outside the number range (less than -1e12) 16#860D Download error-free configuration to the controller; enable the axis again with instruction "MC_Power" Correct the incorrect value online; acknowledge error with instruction "MC_Reset" and restart the command, if necessary Invalid address of the lower HW limit switch 16#000C Address of falling edge is invalid 16#000D Address of rising edge is invalid 16#860E Correct the configuration and download it to the controller Invalid address of the upper HW limit switch 16#000C Address of falling edge is invalid 16#000D Address of rising edge is invalid 16#860F Correct the configuration and download it to the controller Invalid "home position offset" value 16#0002 Number format of value is invalid 16#0005 The value is outside the number range (greater than 1e12) 16#0006 The value is outside the number range (less than -1e12) 16#8610 Correct the configuration and download it to the controller Invalid "approach velocity" value 16#0002 Number format of value is invalid 16#0008 Velocity is greater than the maximum velocity 16#0009 Velocity is less than the start/stop velocity 16#8611 Correct the configuration and download it to the controller Invalid "Homing velocity" value 16#0002 Number format of value is invalid 16#0008 Velocity is greater than the maximum velocity 16#0009 Velocity is less than the start/stop velocity 16#8612 Correct the configuration and download it to the controller Invalid address of the reference point switch 16#000C Address of falling edge is invalid 16#000D Address of rising edge is invalid 16#8613 Correct the configuration and download it to the controller During active homing, direction reversal at the hardware limit switch is activated although the hard ware limit switches are not configured 16#0001 WinCC Advanced V14 System Manual, 10/2016 - Correct the configuration and download it to the controller 6873 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Internal errors ErrorID ErrorInfo 16#8FFF Description Remedy Internal error 16#F0** - POWER OFF and POWER ON the CPU If this does not work, contact Customer Support. Have the following information ready: ErrorID ErrorInfo Diagnostic buffer entries See also List of ErrorIDs and ErrorInfos (technology objects V4...5) (Page 6840) Using multiple axes with the same PTO (Page 6744) Tag of the axis technology object V1...3 (S7-1200) Config tags V1...3 (S7-1200) Config.General tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.Config.General.PTO Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWORD DW#16#00000000 - - - 6874 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.General.HSC Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWORD DW#16#00000000 - - - <Axis name>.Config.General.LengthUnit ("Axis" technology object as of V2.0) The unit of measurement for the parameter selected in the configuration: 1013 = "mm" 1010 =: "m" 1019 = "in" 1018 = "ft" 1005 = "" (degrees) -1 = "Pulse" Data type Start value Access Effective HMI Int 1013 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.DriveInterface tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.Config.DriveInterface.EnableOutput Tags cannot be evaluated in the user program. Data type Start value Access Effective HMI - - - - - WinCC Advanced V14 System Manual, 10/2016 6875 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.DriveInterface.ReadyInput Tags cannot be evaluated in the user program. Data type Start value Access Effective HMI - - - - - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.Mechanics tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.Config.Mechanics.PulsesPerDriveRevolution Increments per motor revolution Data type Start value Access Effective HMI DInt L#1000 R - X <Axis name>.Config.Mechanics.LeadScrew Distance per revolution (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 1.0E+001 R - X <Axis name>.Config.Mechanics.InverseDirection Invert direction Data type Start value Access Effective HMI Bool FALSE R - X 6876 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.DynamicLimits tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.Config.DynamicLimits.MinVelocity Start/stop velocity of axis (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 1.0E+001 R - X <Axis name>.Config.DynamicLimits.MaxVelocity Maximum velocity of axis (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 2.5E+002 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.DynamicDefaults tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. WinCC Advanced V14 System Manual, 10/2016 6877 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Effective HMI Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Specifies when a change to the tag takes effect. 1 When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE -> TRUE), disabled, or enabled 2 When axis is enabled 5 The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable or active MC_Home command is started (Mode = 3). 6 When a MC_MoveJog command is stopped The tag can be used in an HMI system. <Axis name>.Config.DynamicDefaults.Acceleration Acceleration of axis (specified in the configured dimension unit) Data type Start value Access Effective HMI Real 4.8E+001 RW 5 CPU Firmware V1.0 X 1, 5, 6 CPU firmware as of V2.0 <Axis name>.Config.DynamicDefaults.Deceleration Deceleration of axis (specified in the configured dimension unit) Data type Start value Access Effective HMI Real 4.8E+001 RW 5, 6 CPU Firmware V1.0 X 1, 5, 6 CPU firmware as of V2.0 <Axis name>.Config.DynamicDefaults.EmergencyDeceleration Emergency stop deceleration of axis (specified in the configured dimension unit) Data type Start value Access Effective HMI Real 1.2E+002 RW 2, 5, 6 CPU Firmware V1.0 X 1, 5, 6 CPU firmware as of V2.0 <Axis name>.Config.DynamicDefaults.JerkActive ("Axis" technology object as of V2.0) TRUE = the jerk limit is activated Data type Start value Access Effective HMI Bool FALSE RW 1, 5 X 6878 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.DynamicDefaults.Jerk ("Axis" technology object as of V2.0) Jerk during axis acceleration and deceleration ramp (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 1.92E+002 RW 1, 5 X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.PositionLimits_SW tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective HMI Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Specifies when a change to the tag takes effect. 1 When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE -> TRUE), dis abled, or enabled 4 Upon the next start of a Motion Control command after a standstill of the axis. The axis standstill can be checked with tag <Axis name>. StatusBits.Standstill. 5 The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable or active MC_Home command is started (Mode = 3). The tag can be used in an HMI system. <Axis name>.Config.PositionLimits_SW.Active TRUE = The software limit switches are activated Data type Start value Access Effective HMI Bool FALSE RW 4 CPU Firmware V1.0 X 1, 5, 6 CPU firmware as of V2.0 <Axis name>.Config.PositionLimits_SW.MinPosition Position of lower software limit switch (specified in the configured unit of measurement) Data type WinCC Advanced V14 System Manual, 10/2016 Start value Access Effective HMI 6879 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.PositionLimits_SW.MinPosition Real -1.0E+004 RW 4 CPU Firmware V1.0 1, 5, 6 CPU firmware as of V2.0 X <Axis name>.Config.PositionLimits_SW.MaxPosition Position of upper software limit switch (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 1.0E+004 RW 4 CPU Firmware V1.0 X 1, 5, 6 CPU firmware as of V2.0 See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.PositionLimits_HW tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective HMI Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Specifies when a change to the tag takes effect. 1 When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE -> TRUE), dis abled, or enabled 3 After axis enable (the axis must have previously been at a standstill). The axis standstill can be checked with tag <Axis name>. StatusBits.Standstill. 4 Upon the next start of a Motion Control command after a standstill of the axis. The axis standstill can be checked with tag <Axis name>. StatusBits.Standstill. 5 The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable or active MC_Home command is started (Mode = 3). The tag can be used in an HMI system. <Axis name>.Config.PositionLimits_HW.Active TRUE = The hardware limit switches are active. Data type 6880 Start value Access Effective HMI WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.PositionLimits_HW.Active Bool FALSE RW 3, 4 CPU Firmware V1.0 1, 5, 6 CPU firmware as of V2.0 X <Axis name>.Config.PositionLimits_HW.MinSwitchedLevel TRUE = 24 V at CPU input corresponds to lower hardware limit switch approached FALSE = 0 V at CPU input corresponds to lower hardware limit switch approached Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Config.PositionLimits_HW.MinFallingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWord DW#16#00000000 - - - <Axis name>.Config.PositionLimits_HW.MinRisingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWord DW#16#00000000 - - - <Axis name>.Config.PositionLimits_HW.MaxSwitchedLevel TRUE = 24 V at CPU input corresponds to upper hardware limit switch approached FALSE = 0 V at CPU input corresponds to upper hardware limit switch approached Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Config.PositionLimits_HW.MaxFallingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWord DW#16#00000000 - - - <Axis name>.Config.PositionLimits_HW.MaxRisingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWord DW#16#00000000 - - - WinCC Advanced V14 System Manual, 10/2016 6881 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Config.Homing tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective HMI Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Specifies when a change to the tag takes effect. 1 When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE -> TRUE), dis abled, or enabled 7 When a passive homing command is started 8 When an active homing command is started The tag can be used in an HMI system. <Axis name>.Config.Homing.AutoReversal TRUE = Direction reversal at hardware limit switch enabled (active homing) FALSE = Direction reversal at hardware limit switch disabled (active homing) Data type Start value Access Effective HMI Bool TRUE R - Technology object "Ax X is" V1.0 RW 1, 8 Technology object "Ax is" V2.0 <Axis name>.Config.Homing.Direction TRUE = Positive approach direction to search for reference point switch and positive homing direction (active homing) FALSE = Negative approach direction to search for reference point switch and positive homing direction (active homing) Data type Start value Access Effective Bool TRUE R - Technology object "Ax X is" V1.0 RW 1, 8 Technology object "Ax is" V2.0 6882 HMI WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.Homing.SideActiveHoming ("Axis" technology object as of V2.0) TRUE = Homing on high end of the reference point switch (active homing) TRUE = Homing on lower end of the reference point switch (active homing) Data type Start value Access Effective HMI Bool TRUE RW 1, 8 X <Axis name>.Config.Homing.SidePassiveHoming ("Axis" technology object as of V2.0) TRUE = Homing on high end of the reference point switch (passive homing) TRUE = Homing on lower end of the reference point switch (passive homing) Data type Start value Access Effective HMI Bool TRUE RW 1, 7 X <Axis name>.Config.Homing.RisingEdge (as of technology object "Axis" V1.0) TRUE = Homing with negative signal edge of the reference point switch (active homing) FALSE = Homing with positive signal edge of the reference point switch (active homing) For information on the effect of the tag on passive homing, refer to the description in "Configuration - Homing". Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Config.Homing.Offset Home position offset /specified in the configured unit of measurement (active homing) Data type Start value Access Effective Real 0.0 R - Technology object "Ax X is" V1.0 1, 8 Technology object "Ax is" V2.0 RW HMI <Axis name>.Config.Homing.FastVelocity Approach velocity / specified in the configured unit of measurement (active homing) Data type Start value Access Effective HMI Real 2.0E+002 R - Technology object "Ax X is" V1.0 RW 1, 8 Technology object "Ax is" V2.0 <Axis name>.Config.Homing.SlowVelocity Homing velocity / specified in the configured unit of measurement (active homing) Data type WinCC Advanced V14 System Manual, 10/2016 Start value Access Effective HMI 6883 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Config.Homing.SlowVelocity Real 4.0E+001 R - Technology object "Ax X is" V1.0 RW 1, 8 Technology object "Ax is" V2.0 <Axis name>.Config.Homing.FallingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective HMI DWord DW#16#00000000 - - - HMI <Axis name>.Config.Homing.RisingEvent Tag cannot be evaluated in the user program. Data type Start value Access Effective DWord DW#16#00000000 - - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) MotionStatus tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.MotionStatus.Position Current position of the axis (specified in the configured unit of measurement) If the axis is not homed, the tag indicates the position value relative to the enable position of the axis. Data type Start value Access Effective HMI Real 0.0 R - X 6884 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.MotionStatus.Velocity Current velocity of the axis (specified in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 R - X <Axis name>.MotionStatus.Distance Current distance to the target position of the axis (specified in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute" or "MC_MoveRelative" or of the axis com mand table. Data type Start value Access Effective HMI Real 0.0 R - X <Axis name>.MotionStatus.TargetPosition Target position of axis (specified in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute" or "MC_MoveRelative" or of the axis command table. Data type Start value Access Effective HMI Real 0.0 R - X See also Motion status (Page 6742) Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) StatusBits tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.StatusBits.Activated TRUE = The axis is activated. It is connected to the assigned PTO (Pulse Train Output). The data of the technology data block will be updated cyclically. Data type Start value Access Effective HMI Bool FALSE R - X WinCC Advanced V14 System Manual, 10/2016 6885 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.Enable TRUE = The axis is enabled and ready to take on Motion Control commands. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.HomingDone TRUE = The axis is homed and is capable of executing absolute positioning commands. The axis does not have to be homed for relative positioning. The status is FALSE during active homing. The status remains TRUE during passive homing if the axis has already been homed. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.Done TRUE = No Motion Control command is active on the axis. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.Error TRUE = An error occurred in the axis technology object. Detailed information about the error is available in automatic mode in the "ErrorID" and "ErrorInfo" parameters of the Motion Control instructions. In manual mode, the "Error message" box of the axis control panel displays detailed information about the cause of error. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.StandStill TRUE = The axis is at a standstill. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.PositioningCommand TRUE = The axis is executing a positioning command. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.SpeedCommand TRUE = The axis is executing a travel command at predefined velocity. Data type Start value Access Effective HMI Bool FALSE R - X 6886 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.Homing TRUE = The axis is executing a homing command of the "MC_Home" Motion Control instruction or axis command table. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.CommandTableActive TRUE = The axis is controlled by Motion Control instruction "MC_CommandTable". Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.ConstantVelocity TRUE = The axis travels at constant velocity. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.Acceleration TRUE = The axis accelerates. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.Deceleration TRUE = The axis decelerates (slows down). Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.ControlPanelActive TRUE = The "Manual control" mode has been enabled in the axis command table. The axis command table has control priority over the "Axis" technology object. The axis cannot be controlled from the user program. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.StatusBits.DriveReady TRUE = The drive is ready. Data type Start value Access Effective HMI Bool FALSE R - X WinCC Advanced V14 System Manual, 10/2016 6887 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.RestartRequired TRUE = Values were modified in the load memory. To download the values in the CPU RUN operating mode to the work memory, you need to restart the axis. Use the Motion Control instruction MC_Reset to do this. Data type Start value Access Effective HMI Bool FALSE R - X See also Status and error bits (technology objects as of V4) (Page 6739) Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) ErrorBits tags V1...3 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.ErrorBits.SystemFault TRUE = Internal system error. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.ConfigFault TRUE = Incorrect configuration of axis. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.DriveFault TRUE = The drive has reported an error due to loss of its "Drive ready" signal. Data type Start value Access Effective HMI Bool FALSE R - X 6888 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.ErrorBits.SwLimitMinReached TRUE = The lower software limit switch has been reached. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.SwLimitMinExceeded TRUE = The lower software limit switch has been exceeded. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.SwLimitMaxReached TRUE = The upper software limit switch has been reached. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.SwLimitMaxExceeded TRUE = The upper software limit switch has been exceeded. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.HwLimitMin TRUE = The lower hardware limit switch has been approached. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.HwLimitMax TRUE = The upper hardware limit switch has been approached. Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.ErrorBits.HwUsed TRUE = A second axis is using the same PTO (Pulse Train Output) and is enabled with "MC_Power". Data type Start value Access Effective HMI Bool FALSE R - X WinCC Advanced V14 System Manual, 10/2016 6889 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Status and error bits (technology objects as of V4) (Page 6739) Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Internal tags V1...3 (S7-1200) The "Internal" tags contain no user-relevant data; these tags cannot be accessed in the user program. See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) ControlPanel tags V1...3 (S7-1200) The "ControlPanel" tags contain no user-relevant data; these tags cannot be accessed in the user program. See also Tags of the positioning axis technology object as of V6 (Page 6782) Tags of the positioning axis technology object V4...5 (Page 6890) Update of the technology object tags (S7-1200) The status and error information of the axis indicated in the technology object tags is updated at each cycle control point. The change in values of editable configuration tags does not take effect immediately. For information on the conditions under which a change takes effect, refer to the detailed description of the relevant tag. Tags of the positioning axis technology object V4...5 (S7-1200) Position tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag 6890 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Position Setpoint position of the axis (indicated in the configured unit of measurement) If the axis is not homed, the tag indicates the position value relative to the enable position of the axis. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Motion status (Page 6742) Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Velocity tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Velocity Setpoint velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6891 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Motion status (Page 6742) Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) ActualPosition tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.ActualPosition Actual position of the axis (indicated in the configured unit of measurement) If the axis is not homed, the tag indicates the position value relative to the enable position of the axis. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) ActualVelocity tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). 6892 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.ActualVelocity Actual velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Actuator tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". - The tag cannot be used in the user program. Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Actor.Type Drive connection Positioning axis technology object as of V5: 0 = The drive is connected via an analog output. All movements of the axis are position-controlled. 1 = The drive is connected via PROFIdrive telegrams. All movements of the axis are position-controlled. 2 = The drive is connected via a pulse interface. Positioning axis technology object V4: The drive is connected via a pulse interface. Data type Start value Access Effective HMI DInt 2 R - X Access Effective HMI <Axis name>.Actor.InverseDirection Invert direction FALSE = The direction is not inverted. TRUE = The direction is inverted. Data type WinCC Advanced V14 System Manual, 10/2016 Start value 6893 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Actor.InverseDirection Bool FALSE R - X WP 2 - Access Effective HMI R - X WP 2 - <Axis name>.Actor.DirectionMode Permitted direction of rotation 0 = Both directions 1 = Positive direction 2 = Negative direction Data type Start value Int 0 <AxisName>.Actor.Interface.AddressIn (Positioning axis technology object as of V5) Input address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <AxisName>.Actor.Interface.AddressOut (Positioning axis technology object as of V5) Output address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.EnableDriveOutput Enable output (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.DriveReadyInput Ready input (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Actor.Interface.PTO Pulse output (internal parameter) Data type Start value Access Effective HMI DWord 0 - - - 6894 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <AxisName>.Actor.DriveParameter.ReferenceSpeed (Positioning axis technology object as of V5) Reference value (100%) for the setpoint speed of the drive (N-set) The setpoint speed is transmitted in the PROFIdrive telegram as a standardized value from -200% to 200% of the "Refer enceSpeed". For setpoint specification via an analog output, the analog output can be operated in the range from -117% to 117%, provided the drive permits this. Data type Start value Access Effective HMI Real 3000.0 R - X WP 2 - <AxisName>.Actor.DriveParameter.MaxSpeed (Positioning axis technology object as of V5) Maximum value for the setpoint speed of the drive (N-set) (PROFIdrive: MaxSpeed 2 x ReferenceSpeed Analog setpoint: MaxSpeed 1.17 x ReferenceSpeed) Data type Start value Access Effective HMI Real 3000.0 R - X WP 2 - <Axis name>.Actor.DriveParameter.PulsesPerDriveRevolution Pulses per motor revolution Data type Start value Access Effective HMI DInt 1000.0 R - X WP 2 - See also Tag of the axis technology object V1...3 (Page 6874) Tags of the positioning axis technology object as of V6 (Page 6782) Sensor[1] tags (S7-1200) Sensor[1] tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. WinCC Advanced V14 System Manual, 10/2016 6895 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Sensor[1].Type Encoder type (internal parameter) 0 = incremental 1 = Absolute Data type Start value Access Effective HMI DInt 0 - - - <Axis name>.Sensor[1].InverseDirection Inversion of the actual value FALSE: Actual value is not inverted TRUE: Actual value is inverted Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Sensor[1].System Encoder system 0 = Linear encoder 1 = Rotary encoder Data type Start value Access Effective HMI DInt 1 R - X <Axis name>.Sensor[1].MountingMode Type of encoder mounting 0 = Drive end 2 = External Data type Start value Access Effective HMI DInt 0 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) 6896 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Sensor[1].Interface tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Sensor[1].Interface.Type Encoder connection (internal parameter) 0 = PROFIdrive encoder on PROFINET 1 = Encoder on technology module (TM) 2 = Encoder on drive 4 = Encoder on high-speed counter Data type Start value Access Effective HMI DInt 4 - - - <Axis name>.Sensor[1].Interface.AddressIn Input address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Sensor[1].Interface.AddressOut Output address for the PROFIdrive telegram (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Sensor[1].Interface.HSC High-speed counter to which the encoder transfers the actual value (internal parameter) Data type Start value Access Effective HMI DWord - - - - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) WinCC Advanced V14 System Manual, 10/2016 6897 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Sensor[1].Parameter tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Sensor[1].Parameter.Resolution Resolution of a linear encoder (offset between two encoder pulses) Data type Start value Access Effective HMI Real 0.001 R - X <Axis name>.Sensor[1].Parameter.StepsPerRevolution Increments per rotary encoder revolution Data type Start value Access Effective HMI UDInt 2048 R - X <Axis name>.Sensor[1].Parameter.FineResolutionXist1 Number of bits for fine resolution Gn_XIST1 (cyclic actual encoder value) Data type Start value Access Effective HMI UDInt 11 R - X <Axis name>.Sensor[1].Parameter.FineResolutionXist2 Number of bits for fine resolution Gn_XIST2 (absolute value of the encoder) Data type Start value Access Effective HMI UDInt 9 R - X <Axis name>.Sensor[1].Parameter.DeterminableRevolutions Number of differentiable encoder revolutions for a multi-turn absolute value encoder (For a single-turn absolute value encoder = 1; for an incremental encoder = 0) Data type Start value Access Effective HMI UDInt 1 R - X 6898 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Sensor[1].Parameter.DistancePerRevolution Load distance per revolution of an externally mounted encoder Data type Start value Access Effective HMI Real 100.0 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Sensor[1].ActiveHoming tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". - The tag cannot be used in the user program. Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 8 For drive connection via PTO (Pulse Train Output): When an active homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). WinCC Advanced V14 System Manual, 10/2016 6899 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Sensor[1].ActiveHoming.Mode Active homing mode Positioning axis technology object as of V5: 0 = Zero mark via PROFIdrive telegram (not PTO) 1 = Zero mark via PROFIdrive telegram and proximity switch (not PTO) 2 = Homing via digital input Positioning axis technology object V4: 2 = Homing via digital input Data type Start value Access Effective HMI DInt 2 R - X WP 2 - <Axis name>.Sensor[1].ActiveHoming.SideInput End of the homing switch to which the axis is homed during active homing FALSE = Lower end TRUE = Upper end Data type Start value Access Effective HMI Bool FALSE RW 1, 8, 10 X <Axis name>.Sensor[1].ActiveHoming.DigitalInputAddress Symbolic input address of the homing switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Sensor[1].ActiveHoming.HomePositionOffset Home position offset (active homing) (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 0.0 RW 1, 8, 10 X <Axis name>.Sensor[1].ActiveHoming.SwitchLevel Selection of signal level that is present at the CPU input when the homing switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool TRUE RW 1, 8, 10 X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) 6900 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Sensor[1].PassiveHoming tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". - The tag cannot be used in the user program. Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 7 For drive connection via PTO (Pulse Train Output): When a passive homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Sensor[1].PassiveHoming.Mode Passive homing mode Positioning axis technology object as of V5: 0 = Zero mark via PROFIdrive telegram (not PTO) 1 = Zero mark via PROFIdrive telegram and proximity switch (not PTO) 2 = Homing via digital input Positioning axis technology object V4: 2 = Homing via digital input Data type Start value Access Effective HMI DInt 2 R - X WP 2 - <Axis name>.Sensor[1].PassiveHoming.SideInput End of the homing switch to which the axis is homed during passive homing FALSE = Lower end TRUE = Upper end Data type Start value Access Effective HMI Bool FALSE RW 1, 7, 10 X WinCC Advanced V14 System Manual, 10/2016 6901 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Sensor[1].PassiveHoming.DigitalInputAddress Symbolic input address of the homing switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.Sensor[1].PassiveHoming.SwitchLevel Selection of level that is present at the CPU input when the homing switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool TRUE RW 1, 7, 10 X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Units tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Units.LengthUnit Configured unit of measurement of the parameter -1 = "Pulse" 1005 = "" (degrees) 1013 = "mm" 1010 =: "m" 1018 = "ft" 1019 = "in" Data type 6902 Start value Access Effective HMI WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Units.LengthUnit Int 1013 R - X WP 2 - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Mechanics tag V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Mechanics.LeadScrew Distance per revolution (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10.0 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Modulo tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. WinCC Advanced V14 System Manual, 10/2016 6903 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Modulo.Enable Enable modulo FALSE = Modulo conversion deactivated TRUE = Modulo conversion activated When modulo conversion is enabled, a check is made for modulo length > 0.0 Data type Start value Access Effective HMI Bool FALSE R - X <Axis name>.Modulo.Length Modulo length Data type Start value Access Effective HMI Real 360.0 R - X <Axis name>.Modulo.StartValue Modulo start value Data type Start value Access Effective HMI Real 0.0 R - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) DynamicLimits tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access 6904 Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect: 2 For drive connection via PTO (Pulse Train Output): When axis is enabled HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.DynamicLimits.MaxVelocity Maximum velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 250.0 R - X WP 2 - <Axis name>.DynamicLimits.MinVelocity Start/stop velocity of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10.0 R - X WP 2 - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) DynamicDefaults tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". WinCC Advanced V14 System Manual, 10/2016 6905 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disabled, or enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): When a MC_MoveJog command is stopped 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.DynamicDefaults.Acceleration Acceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 48.0 RW 1, 5, 6, 10 X <Axis name>.DynamicDefaults.Deceleration Deceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 48.0 RW 1, 5, 6, 10 X <Axis name>.DynamicDefaults.EmergencyDeceleration Emergency stop deceleration of the axis (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 120.0 RW 1, 5, 6, 10 X <Axis name>.DynamicDefaults.Jerk Jerk during acceleration and deceleration ramp of the axis (indicated in the configured unit of measurement) The jerk is activated if the configured jerk is greater than 0.00004 mm/s. Data type Start value Access Effective HMI Real 192.0 RW 1, 5, 10 X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) 6906 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PositionLimitsSW tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): When a MC_MoveJog command is stopped 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.PositionLimitsSW.Active Activation of the software limit switches FALSE = The software limit switches are deactivated. TRUE = The software limit switches are activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 5, 6. 10 X <Axis name>.PositionLimitsSW.MinPosition Position of the low software limit switch (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real -10000.0 RW 1, 5, 6, 10 X <Axis name>.PositionLimitsSW.MaxPosition Position of the high software limit switch (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 10000.0 RW 1, 5, 6, 10 X WinCC Advanced V14 System Manual, 10/2016 6907 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) PositionLimitsHW tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". Effective R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". - The tag cannot be used in the user program. Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 2 For drive connection via PTO (Pulse Train Output): When axis is enabled 5 For drive connection via PTO (Pulse Train Output): The next time an MC_MoveAbsolute, MC_MoveRelative, MC_MoveVelocity, MC_MoveJog, MC_Halt, MC_CommandTable, or active MC_Home command is started (Mode = 3) 6 For drive connection via PTO (Pulse Train Output): 10 For drive connection via PROFIdrive/analog output: When a MC_MoveJog command is stopped With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.PositionLimitsHW.Active Activation of the hardware limit switches FALSE = The hardware limit switches are deactivated. TRUE = The hardware limit switches are activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 5, 6, 10 X 6908 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.PositionLimitsHW.MinSwitchLevel Selection of signal level that is present at the CPU input when the low hardware limit switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool FALSE R - X WP 2 - <Axis name>.PositionLimitsHW.MinSwitchAddress Symbolic input address of the low hardware limit switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - <Axis name>.PositionLimitsHW.MaxSwitchLevel Selection of signal level that is present at the CPU input when the high hardware limit switch is reached FALSE = Low level (Low-active) TRUE = High level (High-active) Data type Start value Access Effective HMI Bool FALSE R - X WP 2 - <Axis name>.PositionLimitsHW.MaxSwitchAddress Input address of the high hardware limit switch (internal parameter) Data type Start value Access Effective HMI VREF - - - - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Homing tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RW The tag can be read and written in the user program. The tag can be written with Motion Control instruction "MC_WriteParam". WinCC Advanced V14 System Manual, 10/2016 6909 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect: 1 For drive connection via PTO (Pulse Train Output): When axis is activated (<Axis name>.StatusBits.Activated tag changes from FALSE TRUE), disa bled, or enabled 8 For drive connection via PTO (Pulse Train Output): When an active homing command is started 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.Homing.AutoReversal Activation of auto reverse at the hardware limit switch during active homing FALSE = Auto reversal at the hardware limit switch is deactivated. TRUE = Auto reversal at the hardware limit switch is activated. Data type Start value Access Effective HMI Bool FALSE RW 1, 8, 10 X <Axis name>.Homing.ApproachDirection Approach and homing direction of axis during active homing FALSE = Negative approach direction for finding the homing switch and negative homing direction TRUE = Positive approach direction for finding the homing switch and positive homing direction Data type Start value Access Effective HMI Bool TRUE RW 1, 8, 10 X <Axis name>.Homing.ApproachVelocity Approach velocity of the axis during active homing (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 200.0 RW 1, 8, 10 X <Axis name>.Homing.ReferencingVelocity Homing velocity of the axis during active homing (indicated in the configured unit of measurement) Data type Start value Access Effective HMI Real 40.0 RW 1, 8, 10 X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) 6910 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PositionControl tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.PositionControl.Kv Proportional gain in the position control ("Kv" > 0.0) Data type Start value Access Effective HMI Real 10.0 R - X WP 10 - <Axis name>.PositionControl.Kpc Velocity precontrol of the position control as a percentage Data type Start value Access Effective HMI Real 100.0 R - X WP 10 - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) FollowingError tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". WinCC Advanced V14 System Manual, 10/2016 6911 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.FollowingError.EnableMonitoring Enable following error monitoring FALSE = Following error monitoring disabled TRUE = Following error monitoring enabled Data type Start value Access Effective HMI Bool TRUE R - X <Axis name>.FollowingError.MinValue Permissible following error at velocities below the value of "MinVelocity". Data type Start value Access Effective HMI Real 10.0 R - X WP 10 - <Axis name>.FollowingError.MaxValue Maximum permissible following error which may be reached at the maximum velocity. Data type Start value Real 100.0 Access Effective HMI R - X WP 10 - Access Effective HMI R - X WP 10 - <Axis name>.FollowingError.MinVelocity MinValue" is permissible below this velocity and is held constant. Data type Start value Real 10.0 See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) 6912 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) PositionMonitoring tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.PositioningMonitoring.ToleranceTime Tolerance time Maximum permitted duration from reaching velocity setpoint zero until entrance into the positioning window. Data type Start value Access Effective HMI Real 1.0 R - X WP 10 - <Axis name>.PositioningMonitoring.MinDwellTime Minimum dwell time in positioning window Data type Start value Access Effective HMI Real 0.1 R - X WP 10 - <Axis name>.PositioningMonitoring.Window Positioning window Data type Start value Access Effective HMI Real 1.0 R - X WP 10 - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) WinCC Advanced V14 System Manual, 10/2016 6913 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) StandstillSignal tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Effective Access to the tag in the user program: R The tag can be read in the user program. WP If the axis is disabled (MC_Power.Status = FALSE), the tag can be written with the Motion Control instruction "MC_WriteParam". Specifies when a change to the tag takes effect: 10 For drive connection via PROFIdrive/analog output: With the next call of the MC-Servo [OB91] HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.StandstillSignal.VelocityThreshold Velocity threshold If velocity is below this threshold, then the minimum dwell time begins. Data type Start value Real 5.0 Access Effective HMI R - X WP 10 - <Axis name>.StandstillSignal..MinDwellTime Minimum dwell time Data type Start value Access Effective HMI Real 0.01 R - X WP 10 - See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) StatusPositioning tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP 6914 The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.StatusPositioning.Distance Current distance of axis from target position (indicated in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute", "MC_MoveRelative", or the axis control panel. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X <Axis name>.StatusPositioning.TargetPosition Target position of the axis (indicated in the configured unit of measurement) The value of the tag is only valid during execution of a positioning command with "MC_MoveAbsolute", "MC_MoveRelative", or the axis control panel. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X <AxisName>.StatusPositioning.FollowingError (Positioning axis technology object as of V5) Current following error of the axis (indicated in the configured unit of measurement) FollowingError = 0.0 for drive connection via PTO (Pulse Train Output). Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Motion status (Page 6742) Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) StatusDrive tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. WinCC Advanced V14 System Manual, 10/2016 6915 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). <Axis name>.StatusDrive.InOperation Operational status of the drive FALSE = Drive not ready. Setpoints will not be executed. TRUE = Drive ready. Setpoints can be executed. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusDrive.CommunicationOK Cyclic BUS communication between controller and drive FALSE = Communication not established TRUE = Communication established Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) StatusSensor tags V5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the axis configuration. Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect: HMI The tag can be used in an HMI system (according to the access to the tag in the user program). 6916 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusSensor.State Status of the encoder value 0 = Invalid 1 = Wait for status valid 2 = Valid Data type Start value Access Effective HMI DInt 0 RCCP, RP - X <Axis name>.StatusSensor.CommunicationOK Cyclic BUS communication between controller and encoder FALSE = Communication not established TRUE = Communication established Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusSensor.AbsEncoderOffset Home point offset to the value of an absolute value encoder. The value will be retentively stored in the CPU. Data type Start value Access Effective HMI Real 0.0 RCCP, RP - X See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) StatusBits tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. WinCC Advanced V14 System Manual, 10/2016 6917 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.Activated Activation of the axis FALSE = The axis is not activated. TRUE = The axis is activated. It is connected to the assigned PTO (Pulse Train Output). The data of the technology data block will be updated cyclically. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Enable Enable status of the axis FALSE = The axis is not enabled. TRUE = The axis is enabled and ready to accept Motion Control commands. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HomingDone Homing status of the axis FALSE = The axis is not homed. TRUE = The axis is homed and is capable of executing absolute positioning commands. The axis does not have to be homed for relative positioning. The status is FALSE during active homing. The status remains TRUE during passive homing if the axis was already homed beforehand. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Done Command execution on the axis FALSE = A Motion Control command is active on the axis. TRUE = A Motion Control command is not active on the axis. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Error Error status on the axis FALSE = No error is active on the axis. TRUE = An error occurred on the axis. Additional information about the error is available in automatic control at the "ErrorID" and "ErrorInfo" parameters of the Motion Control instructions. In manual mode, the "Error message" box of the axis control panel displays detailed information about the cause of error. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X 6918 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.StandStill Standstill of the axis FALSE = The axis is in motion. TRUE = The axis is at a standstill. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.PositioningCommand Execution of a positioning command FALSE = A positioning command is not active on the axis. TRUE = The axis is executing a positioning command of the "MC_MoveRelative" or MC_MoveAbsolute Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.VelocityCommand Execution of a command with velocity specification FALSE = A command with velocity specification is not active on the axis. TRUE = The axis is executing a motion command with velocity specification of the "MC_MoveVelocity" or MC_MoveJog Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HomingCommand Execution of a homing command FALSE = A homing command is not active on the axis. TRUE = The axis is executing a homing command of the "MC_Home" Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.CommandTableActive Execution of a command table FALSE = A command table is not active on the axis. TRUE = The axis is controlled by "MC_CommandTable" Motion Control instruction. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6919 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.ConstantVelocity Constant velocity FALSE = The axis is accelerating, decelerating, or at a standstill. TRUE = The setpoint velocity has been reached. The axis is moving at constant velocity. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Accelerating Acceleration process FALSE = The axis is decelerating, moving at constant velocity, or at a standstill. TRUE = The axis is accelerating. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.Decelerating Deceleration process FALSE = The axis is accelerating, moving at constant velocity, or at a standstill. TRUE = The axis is decelerating. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.ControlPanelActive Activation status of the axis control panel FALSE = "Automatic mode" is activated. The user program has control priority over the axis. TRUE = The "Manual control" mode was enabled in the axis control panel. The axis control panel has control priority over the axis. The axis cannot be controlled from the user program. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.DriveReady Operational status of the drive FALSE = The drive is not ready. Setpoints will not be executed. TRUE = The drive is ready. Setpoints can be executed. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X 6920 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.StatusBits.RestartRequired Restart of axis required FALSE = A restart of the axis is not required. TRUE = Values were modified in the load memory. To download the values to the work memory while the CPU is in RUN mode, the axis must be restarted. Use the MC_Reset Motion Control instruction to do this. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.SWLimitMinActive Status of the low software limit switch FALSE = The axis is kept within its configured work area. TRUE = The low software limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.SWLimitMaxActive Status of the high software limit switch FALSE = The axis is kept within its configured work area. TRUE = The high software limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HWLimitMinActive Status of the low hardware limit switch FALSE = The axis is kept within its configured permitted traversing range. TRUE = The low hardware limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.StatusBits.HWLimitMaxActive Status of the high hardware limit switch FALSE = The axis is kept within its configured permitted traversing range. TRUE = The high hardware limit switch was reached or exceeded. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6921 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Status and error bits (technology objects as of V4) (Page 6739) Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) ErrorBits tags V4...5 (S7-1200) Legend Data type Data type of tag Start value Start value of tag Access Access to the tag in the user program: RCC The tag can be read in the user program and is updated at each cycle control point. P RP The tag can be read with the Motion Control instruction "MC_ReadParam". The current value of the corresponding tags is determined at the start of the command. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Axis name>.ErrorBits.SystemFault Internal system error Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.ConfigFault Incorrect configuration of the axis Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.DriveFault Error in the drive. Loss of the "Drive ready" signal. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.SWLimit Software limit switch reached or exceeded Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X 6922 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.ErrorBits.HWLimit Hardware limit switch reached or exceeded Data type Start value Access Effective HMI Bool FALSE RCCP - X <Axis name>.ErrorBits.DirectionFault Impermissible motion direction Data type Start value Access Effective HMI Bool FALSE RCCP, RP, RP - X <Axis name>.ErrorBits.HWUsed Another axis is using the same PTO (Pulse Train Output) and is enabled with "MC_Power". Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <AxisName>.ErrorBits.SensorFault (Positioning axis technology object as of V5) Error in the encoder system Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.CommunicationFault (Positioning axis technology object as of V5) Communication error Error in communication with a connected device. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.FollowingErrorFault (Positioning axis technology object as of V5) Maximum permitted following error exceeded Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X <Axis name>.ErrorBits.PositioningFault (Positioning axis technology object as of V5) Positioning error The axis was not correctly positioned at the end of a positioning motion. Data type Start value Access Effective HMI Bool FALSE RCCP, RP - X WinCC Advanced V14 System Manual, 10/2016 6923 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) See also Status and error bits (technology objects as of V4) (Page 6739) Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) ControlPanel tags V4...5 (S7-1200) The "ControlPanel" tags do not contain any user-relevant data. These tags cannot be accessed in the user program. See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Internal tags V4...5 (S7-1200) The "Internal" tags do not contain any user-relevant data. These tags cannot be accessed in the user program. See also Tags of the positioning axis technology object as of V6 (Page 6782) Tag of the axis technology object V1...3 (Page 6874) Update of the technology object tags (S7-1200) The status and error information of the axis indicated in the technology object tags is updated at each cycle control point. Changes to the values of configuration tags do not take effect immediately. For information on the conditions under which a change takes effect, refer to the detailed description of the relevant tag. Tags of the command table technology object V1...3 (S7-1200) Config.Command.Command[1 ... 32] tags V1...3 (S7-1200) Legend Data type Data type of the tag Start value Start value of tag The start value can be overwritten by the configuration of the command table. 6924 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) Access Access to the tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change in the tag takes effect. HMI The tag can be used in an HMI system. <Command table>.Config.Command.Command[x].Type Command type 0 = "Empty" command 2 = "Hold" command 5 = "Relative positioning" command 6 = "Absolute positioning" command 7 = "Velocity setpoint" command 151 = "Wait" command Data type Start value Access Effective HMI Int 0 RW - X Access Effective HMI RW - X <Command table>. Config.Command.Command[x].Position Command target position / travel path Data type Start value Real <Command table>. Config.Command.Command[x].Velocity Command velocity Data type Start value Access Effective HMI Real 0.0 RW - X <Command table>. Config.Command.Command[x].Duration Command duration Data type Start value Access Effective HMI Real 0.0 RW - X <Command table>. Config.Command.Command[x].BufferMode Value for command "Next step" 0 = "Complete command" 1 = "Blend movement" Data type Start value Access Effective HMI Int 0 RW - X WinCC Advanced V14 System Manual, 10/2016 6925 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Command table>. Config.Command.Command[x].StepCode Command step code Data type Start value Access Effective HMI Word 0 RW - X See also Tag of the command table technology object V4...5 (Page 6926) Tag of the command table technology object V4...5 (S7-1200) Command[1...32] tags as of V4 (S7-1200) Legend Data type Data type of tag Start value Start value of tag The start value can be overwritten by the configuration of the command table. Access Access to the tag in the user program: RW The tag can be read and written in the user program. R The tag can be read in the user program. - The tag cannot be used in the user program. Effective Specifies when a change to the tag takes effect. HMI The tag can be used in an HMI system. <Command table>.Command[n].Type Command type 0 = "Empty" command 2 = "Hold" command 5 = "Relative positioning" command 6 = "Absolute positioning" command 7 = "Velocity setpoint" command 151 = "Wait" command Data type Start value Access Effective HMI Int 0 RW - X <Command table>.Command[n].Position Target position/traversing distance of the command Data type Start value Access Effective HMI Real 0.0 RW - X 6926 WinCC Advanced V14 System Manual, 10/2016 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) <Axis name>.Command[n].Velocity Command velocity Data type Start value Access Effective HMI Real 0.0 RW - X <Command table>.Command[n].Duration Command duration Data type Start value Access Effective HMI Real 0.0 RW - X <Command table>.Command[n].NextStep Mode for the transition to the next command 0 = "Complete command" 1 = "Blend movement" Data type Start value Access Effective HMI Int 0 RW - X <Command table>.Command[n].StepCode Command step code Data type Start value Access Effective HMI Word 0 RW - X See also Tags of the command table technology object V1...3 (Page 6924) WinCC Advanced V14 System Manual, 10/2016 6927 Using technology functions 13.2 Using S7-1200 Motion Control (S7-1200) 6928 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.1 14 Displaying accessible devices Accessible devices are all devices connected to an interface of the programming device / PC that are turned on. Devices that allow only restricted configuration using the currently installed products or that cannot be configured at all can also be displayed. To speed up the display in large networks with many network devices, the PROFINET device names are displayed in a slightly adapted form for PROFINET devices. Unicode-specific characters in the PROFINET device name are converted into ASCII-compatible characters using the Punycode method (according to RFC 3492). Displaying accessible devices in the project tree To display accessible devices at an interface of the programming device / PC, follow these steps: 1. Open the "Online access" folder in the project tree. 2. Click on the arrow to the left of the interface to show all the objects arranged below the interface. 3. Double-click "Update accessible devices" below the interface. You can see the progress of the search in the status bar. If you have found the desired device before the search is completed, you can cancel the search. To do this, click on the cross to the right of the progress bar. All network devices that are accessible over the selected interface are displayed. 4. Optional: Select the interface in the project tree. Then open the overview window in the detail view to display more details for the respective devices. More details include, for example, the device type, the MAC address or the configured device name. The detailed display of the devices in the overview window can take some time in networks with many devices because each individual device must submit the details. Displaying accessible devices in a table To display accessible devices in an easy to read table, follow these steps: 1. Select the "Accessible devices" command in the "Online" menu. The "Accessible devices" dialog is displayed. 2. Select the type of interface from the "Type of the PG/PC interface" drop-down list. 3. Select the required interface of the programming device / PC from the "PG/PC interface" drop-down list. WinCC Advanced V14 System Manual, 10/2016 6929 Using online and diagnostics functions 14.2 Changing the device configuration online 4. Click the "Start Search" button. The accessible devices at the selected interface of the programming device/PC are displayed in the table. The connection line between PG/PC and the network is displayed as a solid line in the graphic. If no devices are accessible at an interface, the connection line is displayed as a dashed line. 5. To go to a device in the project tree, select the device from the list of accessible devices and click the "Show" button. The interface to which the selected device is connected is shown as selected in the project tree. Displaying additional information about the devices in the project tree To display additional information on the individual accessible devices in the project tree, follow these steps: 1. Click on the arrow to the left of one of the accessible devices in the project tree. All data available online, for example blocks and system data, is displayed for known devices. Devices that you cannot be edited directly at this point are grayed out. If additional editing options are available for a device with the shortcut menu, the device is shown in black text. See also Changing the device configuration online (Page 6930) Default setting online connection data (Page 6934) Overview window (Page 292) 14.2 Changing the device configuration online You can assign parameters to some devices, preferably in small hardware setups, directly online. You do not need to create a project or have offline data to do this. In this way, you can quickly and easily change the device configuration. You do not need to compile the hardware configuration or perform a download. Depending on the device, either all changes become active immediately or they are written to the device only after confirmation. Requirement The device must support online parameter assignment. You can learn whether or not your specific devices support this function in the device manual. The device must be connected to the PG/PC and available in the list of accessible devices. 6930 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.3 Connecting devices online Procedure To change the device configuration online, follow these steps: 1. Show the accessible devices on the interface via which the device is connected. To learn how to show the accessible devices, see the chapter "Showing accessible devices (Page 6929)". 2. Expand the device to display the lower-level elements. 3. Double-click the "Parametrize device" item. A configuration page for the device opens in the work area. 4. Make all required settings. With some devices, the new settings take effect immediately. 5. Optionally, depending on the device: Click on the "Upload to device" button. The settings are transferred to the device. 14.3 Connecting devices online 14.3.1 General information about online mode Online mode In online mode, there is an online connection between your programming device / PC and one or more devices. An online connection between the programming device/PC and the device is required, for example, for the following tasks: Testing user programs Displaying and changing the operating mode of the CPU Displaying and setting the date and time of day of the CPU Displaying module information Comparing blocks Hardware diagnostics Before you can establish an online connection, the programming device/PC and the device must be physically or remotely connected. As an alternative, some devices support a simulation mode. In this case, a connection to the device is simulated via the PLCSIM virtual interface. After establishing a connection, you can use the Online and Diagnostics view or the "Online tools" task card to access the data on the device. The current online status of a device is WinCC Advanced V14 System Manual, 10/2016 6931 Using online and diagnostics functions 14.3 Connecting devices online indicated by an icon to the right of the device in the project tree. You will find the meaning of the individual status icons in the relevant tooltip. Note Some online functions depend on the scope of the installed software or whether a project is open. Standby or hibernation of the programming device / PC If the programming device / PC is changed to the standby or hibernation mode when there is an online connection, all online connections are terminated. When the programming device / PC wakes up from hibernation, the online connections are not automatically re-established. Note that suddenly terminating an online connection can lead to loss of data or a connected device may interrupt program execution. Performing an LED flash test In many online dialogs you can perform an LED flash test, if the device connected online supports this feature. If you select the "Flash LED" check box, an LED flashes on the currently selected device. This feature is useful, for example, when you are not sure which device in the hardware configuration corresponds to the station currently selected in the software. Read any additional information and learn about the possible limitations to the LED flash test in the respective device documentation. See also View in online mode (Page 6933) Overview of the online and diagnostic settings (Page 264) 6932 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.3 Connecting devices online 14.3.2 View in online mode Online displays After the online connection has been established successfully, the user interface changes. If a device is unavailable, this is indicated by a symbol. The following figure shows a device connected online and the corresponding user interface: The title bar of the active window gets an orange background as soon as at least one of WinCC Advanced V14 System Manual, 10/2016 the devices currently displayed in the editor has been successfully connected online. If one or more devices are unavailable, a symbol for a broken connection appears in the title bar of the editor. The title bars of inactive windows for the relevant station now have an orange line below them. An orange, pulsing bar appears at the right-hand edge of the status bar. If the connection has been established but is functioning incorrectly, an icon for an interrupted connection is displayed instead of the bar. You will find more information on the error in "Diagnostics" in the Inspector window. In addition, the status line indicates if there is an online connec tion to the SIMATIC hardware via the TIA Portal Cloud Connector. 6933 Using online and diagnostics functions 14.3 Connecting devices online The left column in the project tree indicates the diagnostics status for hardware objects in online mode through symbols. The right column in the project tree indicates the comparison status for software objects in online mode through symbols. A comparison of the online and offline state is performed automatically. Differences between online and offline objects are displayed in the form of symbols. The "Diagnostics > Device information" area is brought to the foreground in the Inspector window. Online connection abort The online mode and its display are retained as long as at least one device is connected online. If the online connection of one or more devices breaks, the TIA Portal remains in online mode. The display of the TIA Portal changes to offline mode only when there is no longer an online connection for any device. Online connection via the TIA Portal Cloud Connector If you use the TIA Portal in a virtual environment, you have the opportunity to create an online connection via the TIA Portal Cloud Connector to SIMATIC hardware that is connected to a user device. If the online connection is made via the TIA Portal Cloud Connector, the following symbol is displayed in the status bar: You can find instructions on how to use the TIA Portal in a virtual environment (private cloud) on the installation disk in the directory "Documents\Readme\<language directory>". You can open the PDF document "TIAPortalCloudConnectorHowTo<Sprachkennung>.pdf" here. See also General information about online mode (Page 6931) Basics of project data comparison (Page 379) 14.3.3 Default setting online connection data If you prefer to use a specific network interface of your programming device/PC to establish an online connection, you can preset this interface. The specified connection path is then already selected in the dialogs for online connection. Procedure To specify a default connection path, follow these steps: 1. Select the "Settings" command in the "Options" menu. The settings of the TIA Portal are opened. 2. Select the "Online & Diagnostics" entry in the area navigation. 6934 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.3 Connecting devices online 3. In the "Preset connection path for online access" area, specify the type of the PG/PC interface as well as the interface itself. 4. Select the "Use preset connection path for online access" check box. See also Establishing or changing an online connection (Page 6935) Displaying accessible devices (Page 6929) Downloading project data to a device (Page 372) Online access (Page 6947) Overview of the online and diagnostic settings (Page 264) 14.3.4 Establishing or changing an online connection To use the online functions of a device, specify the connection path the first time you establish the connection. Requirement At least one PG/PC interface is installed and is physically connected to a device, for example, with an Ethernet cable. As an alternative, it is also possible to establish virtual online connections using PLCSIM. Procedure To establish or change an online connection, follow these steps: 1. Select one or more devices for the online connection in the project tree. 2. Select the "Go online" command in the "Online" menu. - If the device has already been connected online, the online connection is automatically established using the previously specified connection path. - If there was no previous connection or if the device address is not located in the same subnet of the programming device/PC, the "Go online" dialog opens. If you want to change a specified connection path, select the "Extended go online" command instead in the "Online" menu. The "Go online" dialog box is opened again in this case. WinCC Advanced V14 System Manual, 10/2016 6935 Using online and diagnostics functions 14.3 Connecting devices online 3. Select the connection path: - Select the type of interface from the "Type of the PG/PC interface" drop-down list. - Select the interface of your programming device/PC from the "PG/PC interface" dropdown list. No selection is necessary if you have already defined a programming device/PC interface in the settings. - Select the interface or the subnet for the connection from the "Connection to interface/ subnet" drop-down list. Select a direct connection if no S7 gateway is connected in between. Select the matching subnet for the connection to the programming device or PC if the device can be accessed via an S7 gateway. Select the item "Try all interfaces" if the device has several interfaces and you do not know by which of the interfaces the device is connected to the programming device/PC. If you selected an MPI or PROFIBUS subnet, the bus parameters configured in the programming device/PC interface are applied at this point. - If the device is accessible via a gateway, select the gateway that connects the two subnets involved in the "1st gateway" drop-down list. 4. Optional: If no devices can be accessed by the selected connection path, a dashed connecting line is displayed between the programming device/PC and the device. This is the case, for example, when the device is connected with the network by a NAT router. To display all devices that are switched on and connected to an interface of the programming device/PC, select the entry "Show accessible devices" from the drop-down list and click "Start search" again. 5. Optional: You have two options to access the device despite a different subnet: Use the two options in administered networks only after consultation with the administrator. - Assign a static address to the programming device/PC interface under Windows. - During the creation of the online connection, an additional IP address in the same subnet as the device is temporarily assigned to the interface of the programming device/PC. Click "Go online" and confirm the next prompt. 6. Click the "Start search" button. Devices which can be reached by the set connection path are displayed in the table of the target devices. The connection line in the graphic on the left is displayed as solid. 7. Optional: Run a flash test. Select the "Flash LED" check box on the left in the graphic. You use the flash test to check that you have selected the correct device. The flash test is not supported by all devices. 8. Select the target device in the table and confirm the selection with "Go online". The online connection to the selected target device is established. Result After the online connection has been established, the title bars of the editors change to orange. An orange progress bar is also shown in the title bar of an editor and in the status bar. In the project tree, status symbols show the difference between online and offline objects. The set connection path is stored for future connection attempts. 6936 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.3 Connecting devices online With automatic assignment of the programming device/PC address the dialog reappears when the computer is restarted. The connection must be re-established in this case. Note Undoing actions You cannot undo actions once you have established an online connection. Note Using direct connections or subnets An online connection between programming device/PC and connected devices is possible either via direct connection or via subnet. Simultaneous connection of the devices over different subnets is not possible if these are physically connected through the same interface. Simultaneous connections to different subnets are only possible through routed connections. Simultaneous connection of devices through a subnet and through direct connections using the same interface is not possible. See also Overview of the online and diagnostic settings (Page 264) Default setting online connection data (Page 6934) Canceling an online connection (Page 6937) Connecting online with several devices (Page 6938) View in online mode (Page 6933) Assigning a temporary IP address (Page 6954) Influence of user rights (Page 310) 14.3.5 Canceling an online connection Procedure To terminate the existing online connection, follow these steps: 1. Select the device for which you want to disconnect the online connection in the project tree. 2. Select the "Go offline" command in the "Online" menu. The online connection is disconnected. WinCC Advanced V14 System Manual, 10/2016 6937 Using online and diagnostics functions 14.3 Connecting devices online Note Undoing actions You cannot undo actions once you have disconnected an online connection. See also Establishing or changing an online connection (Page 6935) 14.3.6 Connecting online with several devices You can establish an online connection to several devices at the same time without needing to select individual devices previously in the network view. Requirement No device must be selected At least one PG/PC interface is installed and is physically connected to a device, for example with an Ethernet cable. As an alternative, it is also possible to establish a virtual online connection using PLCSIM or a remote connection. Procedure To establish an online connection to several devices at the same time, follow these steps: 1. Select the project in the project tree. 2. Select the "Go online" command in the "Online" menu. The "Select device for opening the online connection" dialog opens with a table of all available devices. 3. Select the devices to which you want to establish an online connection in the "Go online" column. 4. Click the "Go online" button. Result Without any further prompt for confirmation, a connection is established to all selected devices if a connection was already established to the selected devices at least once. If there was no previous online connection, the "Go online" dialog opens. In this case, first configure the online connection as described in the section "Go online and Go offline (Page 6935)". See also Establishing or changing an online connection (Page 6935) Assigning a temporary IP address (Page 6954) 6938 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU 14.3.7 Disconnecting online connections of multiple devices You can disconnect the online connections to multiple devices at one time without needing to select individual devices beforehand in the network view. Requirement No device is selected. There is currently an online connection to at least one device. Procedure To terminate the online connections to multiple devices at one time, follow these steps: 1. Select the "Go offline" command in the "Online" menu. The "Select devices" dialog opens with a table of all available devices. 2. Select the device for which you want to terminate the online connection in the "Go offline" column. 3. Click the "Go offline" button. Result The online connection to the all the selected devices is terminated. 14.4 Creating a backup of an S7 CPU 14.4.1 Backup options for S7 CPUs You will make a number of changes to your automation system over time, for example, add new devices, replace existing devices or adapt the user program. If these changes were to result in undesirable behavior, you can restore the automation plant to an earlier version. To continue working without interruptions after replacing individual devices, you can accept existing programs and values. The CPUs offer different options for backup and restoration of the hardware configuration and software. WinCC Advanced V14 System Manual, 10/2016 6939 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU Backup options The table below provides an overview of the backup and restoration options of S7 CPUs: Use case Snapshot of the moni tored values Upload from device (software) Upload device as new station (hardware and software) Download backup from online device Restoring a specific status of a data block. Upload blocks on a CPU to the project. Upload of hardware configuration and soft ware from a device to the project. Create a complete backup of a CPU as re store point. The back up copy is consistent and cannot be changed or opened. The actual values of data blocks including time stamp are accep ted in the project. Requirement The CPU has already been created in a project. The data blocks must be identi cal online and offline. The CPU is created in the project. The device is available in the hardware cata log of TIA Portal. Any necessary HSPs or GSD files are installed. Possible in mode RUN, STOP RUN, STOP RUN, STOP STOP Possible for F-CPUs Yes Yes No Yes Backup can be edited Yes Yes Yes No Backup contents The table below shows which data you can upload and back up with which options: Snapshot of the moni tored values Upload from device (software) Upload device as new station (hardware and software) Download backup from online device Actual values of the da Snapshot is possible ta blocks Upload is possible Upload is possible Backup is possible Software blocks - Upload is possible Upload is possible Backup is possible PLC tags (tags and constants names) - Upload possible for S7-1200 and S7-1500 CPUs Upload possible for S7-1200 and S7-1500 CPUs Backup is possible Technology objects - Upload is possible Upload is possible Backup is possible Hardware configura tion - - Upload is possible Backup is possible Monitoring tables (web server) - - Upload is not possible Backup is possible Local data, bit memo ries, timers, counters and process image Snapshot is not possi ble Upload is not possible Upload is not possible Backup is possible Archives and recipes (PLC) - - - Backup is possible General data on the SI MATIC Memory Card, for example, help for program blocks or GSD files - - Backup is possible 6940 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU Special considerations during backup of actual values The "Backup from online device" type of backup backs up the actual values of the tags that are set as retentive. To ensure consistency of the retentive data, disable all write access to retentive data during the backup. Actual values of the non-retentive data are reset to their start values during a transition from STOP to RUN mode. When the CPU is backed up only the start values of non-retentive data are backed up. See also Creating a backup of a device (Page 6941) Creating a backup of a device (Page 6944) General information on loading (Page 370) Downloading project data to a device (Page 372) Downloading project data to a memory card (Page 374) Uploading project data from a device (Page 376) Loading project data from a memory card (Page 378) 14.4.2 Backing up S7-300 and S7-400 CPUs (S7-300, S7-400, PC) 14.4.2.1 Creating a backup of a device (S7-300, S7-400, PC) Backing up the software and hardware configuration of an S7-300/400 CPU If you have already downloaded a configuration to an S7-300/400 CPU, it is advisable to make a backup. You may have modified the configuration and want to test the new configuration. Before you download the new configuration to the CPU, you can create a backup of the current device state and then restore the current configuration at a later date. The backup is performed with the current values of the CPU. In the case of S7-400 CPUs with fail-safe function, the initial values are backed up. You can create as many backups as you want and store a variety of configurations for a CPU. The backups are named with the name of the CPU and the time and date of the backup. You can find the backup in the project tree under the CPU in the "Online backups" folder. The following figure shows an S7-319 CPU for which two backups were created: WinCC Advanced V14 System Manual, 10/2016 6941 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU See also Backup options for S7 CPUs (Page 6939) 14.4.2.2 Restoring the software and hardware configuration of a device (S7-300, S7-400, PC) If you have backed up the configuration of a device at an earlier point in time, you can transfer the backup back to the device. The saved configuration is then restored on the device. Requirement You must have previously configure the device and stored a backup of the device in the project. Procedure To restore older software and hardware state on a device, follow these steps: 1. Open up the folder of the device in the project tree to display the lower-level objects. 2. Open the "Online backups" folder. 3. Select the backup you want to restore. 6942 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU 4. In the "Online" menu, select the "Download to device" command. - If you had previously established an online connection, the "Load preview" dialog opens. This dialog displays alarms and recommends actions needed for the loading operation. - If you had not previously established an online connection, the "Extended download to device" dialog opens, and you must first select the interfaces via which you want to establish the online connection to the device. See also: Establishing and terminating an online connection 5. Check the alarms in the "Load preview" dialog, and select the actions in the "Action" column, if necessary. Note Performing the proposed actions during operation of the plant can cause serious damage to property or injury to persons if there are functional disturbances or program errors. 6. As soon as downloading becomes possible, the "Load" button is enabled. 7. Click the "Load" button. The backup is transferred to the device and device is restored. The "Load results" dialog then opens. In this dialog, you can check whether or not the loading operation was successful and take any further action that may be necessary. 8. Click the "Finish" button. 14.4.2.3 Backing up a device configuration (S7-300, S7-400, PC) You can back up the configuration of an S7-300/400 CPU in the TIA Portal. So you can download and test a new configuration to a device without any risk. If needed, you can restore the initial configuration of the CPU. Requirement The CPU has already been created in the project. The CPU is online. If there is no online connection yet, an online connection is established during the backup. Procedure To create a backup of the current configuration of a CPU, follow these steps: 1. Select the CPU in the project tree. 2. Select the "Backup from online device" command in the "Online" menu. Result: A backup of the entire hardware configuration and software is created. The backup is stored in the project tree in the "Name of the CPU > Online backups" folder. The backup is assigned the name of the CPU with the time and date of the backup. You can rename the backup, but you cannot make any changes to the contents of the backup. WinCC Advanced V14 System Manual, 10/2016 6943 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU 14.4.3 Backing up S7-1200 and S7-1500 CPUs (S7-1200, S7-1500, S7-1500) 14.4.3.1 Creating a backup of a device (S7-1200, S7-1500, S7-1500) Backing up the software and hardware configuration of a CPU If you have already downloaded a configuration to an S7-1200/S7-1500 CPU, it may be useful to make a backup. You may have modified the configuration and want to test the new configuration. Before you download the new configuration to the CPU, create a backup of the current device version. You can restore the current configuration at a later time. You can create as many backups as you want and store a variety of configurations for a CPU. The backups are named with the name of the CPU and the time and date of the backup. You can find the backup in the project tree under the CPU in the "Online backups" folder. The following figure shows an S7-1500 CPU for which two backups have been created: 6944 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU Scope of the backup The backup includes all data that are needed to restore a particular configuration version of a CPU. The following data is backed up, for example: Contents of the memory card Retentive memory areas for example of data blocks, counters, and bit memory Other retentive memory contents, such as IP address parameters The backup is performed with the current values of the CPU. Entries in the diagnostic buffer are not included in the backup. The current time of day is not backed up for an S7-1500 CPU. See also General information on loading (Page 370) Backup options for S7 CPUs (Page 6939) 14.4.3.2 Backing up a device configuration (S7-1200, S7-1500, S7-1500) You can back up the configuration of a CPU in the TIA Portal. So you can download and test a new configuration to a device without any risk. If needed, you can restore the initial configuration of the CPU. The CPU goes to STOP while a backup is being created. If an access level is configured for the CPU, you need the password for read access to the CPU. Requirement The CPU has already been created in the project. The device is connected to the programming device/PC directly via the PROFINET interface of the CPU. PROFIBUS interfaces of the CPU and interfaces of CMs/CPs are not supported. The CPU is online. If there is no online connection yet, an online connection is established during the backup. The CPU is in "STOP" mode. Procedure To create a backup of the current configuration of a CPU, follow these steps: 1. Select the CPU in the project tree. 2. Select the "Backup from online device" command in the "Online" menu. If necessary, you must enter the password for read access to the CPU and confirm that the CPU should enter "STOP" mode. WinCC Advanced V14 System Manual, 10/2016 6945 Using online and diagnostics functions 14.4 Creating a backup of an S7 CPU Result: A backup of the entire hardware configuration and software is created. The backup is stored in the project tree in the "Name of the CPU > Online backups" folder. The backup is assigned the name of the CPU with the time and date of the backup. You can rename the backup, but you cannot make any changes to the contents of the backup. An entry is created for each backup operation in the diagnostic buffer of the CPU. See also Restoring the configuration of a device (Page 6946) 14.4.3.3 Restoring the configuration of a device (S7-1200, S7-1500, S7-1500) If you have backed up the configuration of a device at an earlier point in time, you can transfer the backup back to the device. The saved configuration is then restored on the device. The CPU goes to STOP while a backup is being loaded to the CPU. If an access level is configured for the CPU, you need the password for write access to the CPU. WARNING Download backups with unknown content If you activate the recommended actions during download during plant operation, you can cause serious damages or injuries in case of malfunctions or program errors. Make sure that the backup contents do not include a configuration which results in unexpected plant behavior. Requirement The device is configured and a backup of the device is stored in the project. The device is connected to the programming device/PC directly via the PROFINET interface of the CPU. The CPU is in "STOP" mode. You have the password for read access to the CPU, if an access level was configured. Procedure To restore older software and hardware state on a device, follow these steps: 1. Open up the folder of the device in the project tree to display the lower-level objects. 2. Open the "Online backups" folder. 3. Select the backup you want to restore. 6946 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface 4. In the "Online" menu, select the "Download to device" command. - If you had previously established an online connection, the "Load preview" dialog opens. This dialog displays alarms and recommends actions needed for the loading operation. - If you had not previously established an online connection, the "Extended download to device" dialog opens, and you must first select the interfaces via which you want to establish the online connection to the device. See also: AUTOHOTSPOT 5. Check the alarms in the "Load preview" dialog, and select the actions in the "Action" column, if necessary. 6. As soon as downloading becomes possible, the "Load" button is enabled. 7. Click the "Load" button. The backup is transferred to the device and device is restored. The "Load results" dialog then opens. In this dialog, you can check whether or not the loading operation was successful and take any further action that may be necessary. 8. Click the "Finish" button. If necessary, you must enter the password for read access to the CPU and confirm that the CPU should enter "STOP" mode. The contents of the backup are restored on the CPU. The CPU is then restarted. 14.5 Configuring the PG/PC interface 14.5.1 Online access Online access of the project In the "Online access" folder of the project tree, you will find all active interfaces of your programming device/PC. Each interface icon provides you with information on the status. You can also display the accessible devices and display and edit the properties of an interface using the shortcut menu. The following figure shows the "Online access" folder in the project tree: WinCC Advanced V14 System Manual, 10/2016 6947 Using online and diagnostics functions 14.5 Configuring the PG/PC interface "Online access" folder in the project tree Show/hide interfaces All interfaces installed in the programming device/PC are displayed in the "Online access" folder. Use the function "Show/hide interfaces" to show or hide individual interfaces. Status display for the interfaces The current status of an interface is indicated by an icon to the right of the name. You can see the meaning of the icon in the tooltip. Updating the list of accessible devices. This function is available for each hardware interface of the programming device/PC. Software interfaces, such as a remote connection, do not offer this function. Devices connected via the respective interface with the programming device/PC The type of the device and its status are displayed by the preceding icon. Displaying or updating accessible devices You have the following options if you want to display all devices accessible online on your programming device/PC: Display of the accessible devices on a single interface of the programming device / PC in the project tree. In the project tree, you can also display additional information about the individual accessible devices. Display of the accessible devices of all interfaces in a list. See also:AUTOHOTSPOT 6948 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Overview of icons for accessible devices The accessible devices are identified with an icon according to their type and status. The following is an overview of all icons and their meaning. Icon for unidentified modules This icon is displayed whenever the identification of a module is not yet complete or when the identification of a module was not successful, for example, because the required online data could not be read. Icon for the following device types: PLCs SIMOCODE pro devices IE/PB links CPs of PC systems SCALANCE head modules S7-300 and S7-400 CPs PROFINET IO devices and PROFINET CPs SCALANCE modules and gateways that could not be identified PROFINET IO devices, encoders, switchgear, sensors and identification systems that were replaced by similar devices because these could not be identified Icon for the following device types: HMI devices PROFINET IO devices of the HMI type if these could not be identified and were therefore replaced by a similar device PROFINET IO devices of the drive type that could not be identified and were therefore replaced by a similar device PROFINET IO devices of the type development kit and network components that could not be identified and were therefore replaced by a similar device PROFINET IO devices of the type TeleService adapter that could not be identified and were therefore replaced by a similar device See also Displaying and modifying interface properties (Page 6950) 14.5.2 Basics of assigning parameters for the PG/PC interface Options for connecting to target systems If the devices of the project are connected via different subnets, you assign a suitable network access to each PG/PC interface to be able to establish online connections to the target systems. The following interfaces are automatically supported: MPI PROFIBUS Industrial Ethernet (ISO and TCP/IP) WinCC Advanced V14 System Manual, 10/2016 6949 Using online and diagnostics functions 14.5 Configuring the PG/PC interface You can make various settings for the interfaces. The following sections explain the parameter settings you can make. Note Note that changes to interface parameters have a direct influence on the operating system and the programming device / PC. Remember that some parameter settings can only be changed if you have adequate user rights. See also Setting parameters for the Industrial Ethernet interface (Page 6952) Setting parameters for the MPI and PROFIBUS interfaces (Page 6956) 14.5.3 Showing or hiding interfaces To improve clarity, it is possible to hide individual interfaces of the PG/PC in the project tree and to show them again when necessary. Procedure To show or hide individual interfaces, follow the steps below: 1. Open the "Online access" folder in the project tree. 2. Double click on the "Display/hide interfaces" icon. The "Display/hide interfaces" dialog opens. 3. Enable or disable the required interfaces in the "Display in the project tree" column. 4. Click the "Apply" button. The changes are applied. The view of the interfaces in the "Online access" folder is refreshed. 14.5.4 Displaying and modifying interface properties Introduction For each interface, you can display and, in some cases, modify properties, for example the network type, address, and status. 6950 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Procedure To open the properties, follow these steps: 1. Right-click on the required interface below "Online access" in the project tree. 2. Select the "Properties" command from the shortcut menu. A dialog containing the properties of the interface opens. On the left of the dialog, you will see the area navigation. You can view the current parameter settings in the individual entries in the area navigation and, if necessary, change them. 14.5.5 Adding interfaces You have the option of installing additional interfaces after installation of the TIA Portal. Procedure To install an interface at a later time and add it to the TIA Portal, follow these steps: 1. Install or update the drivers in the operating system once you have installed the interface hardware. 2. Close the TIA Portal if it is still open. 3. Open the Windows control panel. 4. Open the entry "Setting the PG/PC Interface" in the Control Panel. The "Setting the PG/PC Interface" dialog opens. 5. Make any necessary changes to the interface configuration and confirm them with "OK". You have to click "OK", even if you have not made any changes. 6. Restart the TIA Portal. Result The newly installed interface is now displayed in the project tree under the "Online access" folder. WinCC Advanced V14 System Manual, 10/2016 6951 Using online and diagnostics functions 14.5 Configuring the PG/PC interface 14.5.6 Setting parameters for the Ethernet interface 14.5.6.1 Setting parameters for the Industrial Ethernet interface Options in the parameter settings for the Industrial Ethernet interface When setting parameters for the Industrial Ethernet interface, you have the following options: Parameters dependent on the operating system The Industrial Ethernet interface has parameters that are set in the operating system and are valid for all connected devices. These parameter settings are only displayed here, they can, however, be changed in the network settings of the operating system. Parameters that can be set in the software Note Note that changes to interface parameters have a direct influence on the operating system and the programming device / PC. Remember that some parameter settings can only be changed if you have adequate user rights. Parameters for the Industrial Ethernet interface The following table contains an overview of the parameters of the Industrial Ethernet interface that are set by the operating system and can be changed by the user. Parameter settings that cannot be changed Parameters that can be set MAC address Fast acknowledge at the IE-PG access and for TCP/IP DHCP server activated/deactivated Timeout at the IE-PG access and for TCP/IP APIPA activated/deactivated LLDP IP address Additional, dynamic IP addresses for the network adapter Subnet mask - DNS addresses - DHCP addresses - See also Basics of assigning parameters for the PG/PC interface (Page 6949) Displaying operating system parameters (Page 6953) Connecting the PG/PC interface to a subnet (Page 6953) Setting parameters for the Ethernet interface (Page 6954) Assigning a temporary IP address (Page 6954) Managing temporary IP addresses (Page 6955) Influence of user rights (Page 310) 6952 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface 14.5.6.2 Displaying operating system parameters The Ethernet interface is part of the operating system. All parameters of the network adapter can therefore be adapted in the network settings of the operating system. You can display the following parameters in the software: Physical address of the network adapter Assignment of the IP address by a DHCP server activated or deactivated Assignment of a private IP address by the operating system activated or deactivated Current static IP address Assigned subnet mask DNS addresses DHCP addresses If you want to modify the parameter settings, please refer to the documentation of the operating system or the network adapter. Displaying current parameters of the Ethernet interface To display the current parameters of the Ethernet interface, follow these steps: 1. Select the Ethernet interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Select "Configurations > Industrial Ethernet" in the area navigation. See also Setting parameters for the Ethernet interface (Page 6954) 14.5.6.3 Connecting the PG/PC interface to a subnet If you have created several subnets, you can specify the subnet to which the Ethernet interface is connected. Procedure To select the subnet to which the Ethernet interface is connected, follow these steps: 1. Select the Ethernet interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Go to "General > Assignment" and select the subnet to which you want to connect the Ethernet interface of the programming device / PC in the "Connection to subnet" drop-down list. 4. Close the dialog with "OK". WinCC Advanced V14 System Manual, 10/2016 6953 Using online and diagnostics functions 14.5 Configuring the PG/PC interface 14.5.6.4 Setting parameters for the Ethernet interface You can adapt some parameter settings relating to the network protocol directly in the software. Requirement You must have adequate user rights. See also: Influence of user rights (Page 310). Procedure To change parameter settings relating to the network protocol, follow these steps: 1. Select the Ethernet interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Select "Configurations > IE-PG access" to adapt the protocol settings relevant for network management. - Select the "Fast acknowledge" check box to achieve faster reaction times with smaller network packets. - From the "Timeout" drop-down list, select the maximum time that can elapse before a network node is detected. 4. To activate the LLDP protocol and discover the network topology more accurately, set the "LLDP active" check box in "Configurations > LLDP". 5. Select "Configurations > TCP/IP" to adapt the TCP/IP protocol for network traffic during runtime. - Select the "Fast acknowledge" check box to achieve faster reaction times with smaller network packets. - From the "Timeout" drop-down list, select the maximum time that can elapse before there is a timeout during communication with a network node. See also Influence of user rights (Page 310) Displaying operating system parameters (Page 6953) 14.5.6.5 Assigning a temporary IP address Adding a dynamic IP address If the IP address of a device is located in a different subnet from the IP address of the network adapter, you will first need to assign an additional IP address with the same subnet address as the device. Only then is communication between the device and the programming device / PC possible. 6954 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface The assignment of an additional temporary IP address is also proposed automatically if you want to perform an online action and the current IP address of the programming device/PC is not yet in the correct subnet. A temporarily assigned IP address remains valid until the next time the programming device/ PC is restarted or until you delete it manually. Note You require adequate permissions to be able to assign a temporary IP address. See also: Influence of user rights (Page 310) See also Managing temporary IP addresses (Page 6955) 14.5.6.6 Managing temporary IP addresses If the IP address of a device is located in a different subnet from the current permanently assigned IP address of the network adapter, a suitable IP address from the subnet of the device is temporarily assigned to the network adapter. You can display all temporarily assigned addresses and delete them. Note that IP addresses that you manually assigned in the operating system are not displayed in the TIA Portal. Requirement To delete, you require adequate permissions. Procedure To display and delete temporarily assigned addresses, follow these steps: 1. Select the Ethernet interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Select "Configurations > IE-PG access". A table with the assigned IP addresses is displayed. 4. Click the "Delete project-specific IP addresses" button to delete all the IP addresses at one time. See also Influence of user rights (Page 310) 14.5.6.7 Resetting the TCP/IP configuration If you have changed the TCP/IP protocol settings, you can reset them to the defaults. WinCC Advanced V14 System Manual, 10/2016 6955 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Procedure To restore the TCP/IP configuration to the default settings, follow these steps: 1. Select the Ethernet interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Select "Configurations > TCP/IP". 4. Click the "Standard" button to reset all the settings. 14.5.7 Setting parameters for the MPI and PROFIBUS interfaces 14.5.7.1 Setting parameters for the MPI and PROFIBUS interfaces Possible parameter settings for the MPI and PROFIBUS interfaces The following parameter settings can be made for the MPI and PROFIBUS interfaces: Automatic configuration: You can use automatic detection functions to find out whether a device is connected to the PG/PC interface over PROFIBUS or MPI. Selecting a default configuration for PROFIBUS or MPI that can be adapted later. Device- and network-related settings for MPI and PROFIBUS You can set device- and network-related parameters for MPI and PROFIBUS interfaces. Device-related parameters are local settings for the interface. Network-related parameters, on the other hand, must match up on all devices. MPI interface parameters you can modify You can adapt the following default parameters for the MPI interface: Device-related parameters Network-related parameters Is only master Highest address Own address Transmission rate Timeout PROFIBUS interface parameters you can modify You can adapt the following default parameters for the PROFIBUS interface: 6956 Device-related parameters Network-related parameters Is only master Highest address Own address Transmission rate Timeout Profile WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Device-related parameters Network-related parameters Bus parameters Number of masters on bus Number of slaves on bus Note Behavior when a subnet is assigned If you permanently assign a subnet from the project to the interface, the subnet settings of the project take precedence. In this case, the settings for the respective interface cannot be changed. See also Basics of assigning parameters for the PG/PC interface (Page 6949) 14.5.7.2 Setting MPI or PROFIBUS interface parameters automatically Setting up automatic bus parameter detection If you select an interface with automatic detection of the bus parameters (for example CP 5611 (Auto)), you can connect the programming device or PC to MPI or PROFIBUS without needing to set bus parameters. At a transmission speed lower than 187.5 Kbps, you may, however, have waiting times of up to one minute. Requirement Masters that distribute bus parameters cyclically are connected to the bus. In PROFIBUS networks, the cyclic distribution of bus parameters is enabled. The interface is not assigned to a subnet. If you assign a subnet in the properties of the interface, the settings for the subnet in the project take precedence. In this case, the settings for the automatic interface configuration cannot be changed. Procedure To enable automatic bus parameter detection, follow these steps: 1. Select the interface in the project tree. 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Go to "General > Configurations > Active configuration" and select the setting "Automatic protocol detection". 4. Go to "Configurations > Auto configuration > Local settings" and select the address of the PG/PC interface in the "Own address" drop-down list. 5. If you then want to display the current bus settings, click the "Network detection" button. WinCC Advanced V14 System Manual, 10/2016 6957 Using online and diagnostics functions 14.5 Configuring the PG/PC interface See also Setting parameters for the MPI interface (Page 6958) Setting parameters for the PROFIBUS interface (Page 6960) 14.5.7.3 Setting parameters for the MPI interface Changing the parameter settings of the MPI interface The network-related parameters and bus parameters for the MPI network can be adapted. You should first select a default setting and then adapt this to the specific situation. Requirement The interface is not assigned to a subnet. If you assign a subnet in the properties of the interface, the settings for the subnet in the project take precedence. In this case, the interface configuration cannot be changed. Setting defaults for the MPI interface To adapt the parameters of the MPI interface, follow these steps: 1. Select the interface in the project tree. 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Go to "General > Assignment" and select the subnet with which you want to connect the interface in the "Connection to subnet" drop-down list. 4. Under "General > Configuration", select a default for the device and network-related parameters. The defaults are suitable for most configurations. Select one of the following settings: - Automatic protocol detection You can connect the programming device to MPI or PROFIBUS without having to set bus parameters. At a transmission speed lower than 187.5 Kbps, you may, however, have waiting times of up to one minute. Prerequisite for the automatic detection is a connection to the bus master, which distributes the bus parameters cyclically. With PROFIBUS subnets, cyclic distribution of bus parameters may not be deactivated (default PROFIBUS network setting). - MPI The "MPI" transmission protocol is selected. Typical parameters are set that are adequate for most configurations. You can change the parameters to your needs, however. - PROFIBUS The "PROFIBUS" transmission protocol is selected. Typical parameters are set that are adequate for most configurations. You can change the parameters to your needs, however. 6958 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Changing the default parameter settings To adapt the default settings to your requirements, change the parameter setting where necessary in "Configurations > MPI". You can set the following device-related parameters: Is only master An additional verification function to prevent bus disruptions when connecting the PG/PC to the network is disabled because the programming device or PC is the only master on the bus. - Do not enable this option unless you have only connected slaves to your programming device or PC. - If the "Is only master" check box is enabled, it is not possible to identify the directly connected device in the "Accessible devices" window. Own address This setting relates to the programming device or PC on which you call up the parameter settings of the interface. Set the local device address of your programming device or PC here. - This address must be unique throughout the network. - The programming device or PC is addressed using this address in the MPI network. Check This enables an additional safety function to prevent bus disruptions when connecting the PG/PC to the network. The driver checks whether the local address is already being used by another station. Active as well as passive stations are taken into consideration in this case. The driver monitors this on the PROFIBUS. The connection of the PG/PC to the network will take longer with the automatic check. To use the check, the driver must support the function. Furthermore, the "Is only master" option must not be selected. Timeout Set a higher timeout value if, for example, you have problems with long response times on the network. You can set the following network-related parameters: Highest address: Select the configured highest device address. Make sure that the same highest device address is set for all devices of a PROFIBUS or MPI network. Transfer rate: Here, you select the transmission speed to be used on the MPI network. See also Setting MPI or PROFIBUS interface parameters automatically (Page 6957) WinCC Advanced V14 System Manual, 10/2016 6959 Using online and diagnostics functions 14.5 Configuring the PG/PC interface 14.5.7.4 Setting parameters for the PROFIBUS interface Changing the parameter settings of the PROFIBUS interface The network-related parameters and bus parameters for the PROFIBUS network can be adapted more precisely. You should first select a default setting and then adapt this to the specific situation. Requirement The interface is not assigned to a subnet. If you assign a subnet in the properties of the interface, the settings for the subnet in the project take precedence. In this case, the interface configuration cannot be changed. Setting defaults for the PROFIBUS interface To adapt the parameters of the PROFIBUS interface, follow these steps: 1. Select the interface in the project tree. 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Go to "General > Assignment" and select the subnet with which you want to connect the interface in the "Connection to subnet" drop-down list. 4. Under "General > Configuration", select a default for the device and network-related parameters. The defaults are suitable for most configurations. Select one of the following settings: - Automatic protocol detection You can connect the programming device to MPI or PROFIBUS without having to set bus parameters. At a transmission speed lower than 187.5 Kbps, you may, however, have waiting times of up to one minute. Prerequisite for the automatic detection is a connection to the bus master, which distributes the bus parameters cyclically. With PROFIBUS subnets, cyclic distribution of bus parameters may not be deactivated (default PROFIBUS network setting). - MPI The "MPI" transmission protocol is selected. Typical parameters are set that are adequate for most configurations. You can change the parameters to your needs, however. - PROFIBUS The "PROFIBUS" transmission protocol is selected. Typical parameters are set that are adequate for most configurations. You can change the parameters to your needs, however. Changing the default parameter settings To adapt the default settings to your requirements, change the parameter setting where necessary in "Configurations > PROFIBUS". 6960 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface You can set the following device-related parameters: Is only master An additional verification function to prevent bus disruptions when connecting the PG/PC to the network is disabled because the programming device or PC is the only master on the bus. - Do not enable this option unless you have only connected slaves to your programming device or PC. - If the "Is only master" check box is enabled, it is not possible to identify the directly connected device in the "Accessible devices" window. Own address This setting relates to the programming device or PC on which you call up the parameter settings of the interface. Set the local device address of your programming device or PC here. - This address must be unique throughout the network. - The programming device or PC is addressed using this address in the PROFIBUS network. Check This enables an additional safety function to prevent bus disruptions when connecting the PG/PC to the network. The driver checks whether the local address is already being used by another station. Active as well as passive stations are taken into consideration in this case. The driver monitors this on the PROFIBUS. The connection of the PG/PC to the network will take longer with the automatic check. To use the check, the driver must support the function. Furthermore, the "Is only master" option must not be selected. Timeout Set a higher timeout value if, for example, you have problems with long response times on the network. You can set the following network-related parameters: Highest address: Select the configured highest device address. Make sure that the same highest station address is set for all devices of a PROFIBUS network. Transfer rate: Here, you select the transmission speed to be used on the PROFIBUS network. Profile: You have a choice of four alternatives for the PROFIBUS settings. "DP", "Standard" and "Universal (DP/FMS)" are predefined settings that you cannot change. If you select "Userdefined", you can adapt the bus parameters yourself. - If you have selected "User-defined", go to "Configurations > PROFIBUS > Bus parameters" in area navigation. - If you have selected one of the defaults (DP, Standard or Universal (DP/FMS)), you should select the "Include" check box in "Configurations > PROFIBUS > Bus parameters > Additional parameters". You can then set the number of masters and slaves on the bus. This allows a more precise calculation of the bus parameters and potential bus disruptions can be prevented. The option cannot be selected with a user-defined profile. WinCC Advanced V14 System Manual, 10/2016 6961 Using online and diagnostics functions 14.5 Configuring the PG/PC interface See also Overview of the bus parameters for PROFIBUS (Page 6962) Setting MPI or PROFIBUS interface parameters automatically (Page 6957) 14.5.7.5 Overview of the bus parameters for PROFIBUS Introduction The PROFIBUS subnet will only function problem-free if the parameters for the bus profile are matched to one another. You should therefore only change the default values if you are familiar with how to configure the bus profile for PROFIBUS. It may be possible for the bus parameters to be adjusted depending on the bus profile. The offline values of the bus parameters are always shown even if you are online and linked to the target system. The displayed parameters are valid for the entire PROFIBUS subnet. Meaning of the individual parameters Tslot: Wait-to-receive time (slot time) The wait-to-receive time (slot time) defines the maximum time the sender will wait to receive a response from the addressed partner. Max. Tsdr: maximum protocol processing time (max. station delay responder) The maximum protocol processing time defines the time after which the responding device must have processed the protocol. Min. Tsdr: minimum protocol processing time (min. station delay responder) The minimum protocol processing time specifies the minimum time required by the responding device to process the protocol. Tset: Trigger time (setup time) The trigger time is the time that may lapse between the reception of a data frame frame and the reaction to it. Tqui: Quiet time for modulator The quiet time for modulator specifies the time required to change from sending to receiving. GAP factor: GAP update factor (GAP factor) The GAP update factor specifies the number of token rotations before a new device is included in the token ring. Retry limit: maximum number repeated calls (retry limit) This parameter defines the maximum number of attempts (message frame repeats) made to reach a node. Trdy: Ready time The ready time is the time for an acknowledgment or response. Tid1: Idle time 1 Idle time 1 specifies the delay time after receiving a response. Tid2: Idle time 2 Idle time 2 specifies the delay time after sending a call without a response. 6962 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.5 Configuring the PG/PC interface Ttr: Target rotation time The target rotation time is the maximum time made available for a token rotation. During this time, all active devices (masters) receive the token once. The difference between the desired token round-trip time and the actual token round-trip time decides how much time is left for masters to send data message frames to the slaves. As the minimum target rotation time (Ttr), select a value = 5000 times the HSA (Highest Station Address). Watchdog: Watchdog The watchdog time specifies the time after which a device must be addressed. As the minimum watchdog time, select a value = 6250 times the HSA. Note If you want to create a user-defined bus profile, note that the minimum target rotation time (Ttr) should be 5000 times the HSA (highest PROFIBUS address). The minimum watchdog time should also be 6250 times the HSA. See also Setting parameters for the PROFIBUS interface (Page 6960) 14.5.7.6 Resetting the MPI or PROFIBUS configuration If you have changed the MPI or PROFIBUS protocol settings, you can reset them to the defaults. Requirement The interface is not assigned to a subnet. If you assign a subnet in the properties of the interface, the settings for the subnet in the project take precedence. In this case, the interface configuration cannot be reset to the default values. Procedure To restore the MPI or PROFIBUS configuration to the default settings, follow these steps: 1. Select the MPI/PROFIBUS interface in the project tree in "Online access". 2. Select the "Properties" command in the shortcut menu of the interface. The dialog for configuring the interface opens. 3. Select "Configurations > MPI" or "Configurations > PROFIBUS", depending on the interface properties you want to reset. 4. Click the "Standard" button to reset all the settings. WinCC Advanced V14 System Manual, 10/2016 6963 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function 14.6 Using the trace and logic analyzer function 14.6.1 Preface Purpose of the documentation The diagnostics options available with the trace and logic analyzer function are described in this documentation. Depending on the device used, the recording options can vary. Required basic knowledge In order to understand this documentation, the following knowledge is required: General knowledge in the field of automation Knowledge about the use of Windows-based computers S7-1200/1500 CPUs, ET 200SP, ET 200Pro - Knowledge of the SIMATIC industrial automation system - Knowledge of working with STEP 7 SINAMICS G120 - Knowledge of working with the drive SINAMICS S120 - Knowledge of working with the drive Validity of the documentation This documentation applies to all products of the S7-1200, S7-1500, SINAMICS G120 and SINAMICS S120 product family as of TIA Portal V14. Conventions This documentation contains pictures of the devices described. The pictures may differ slightly from the devices supplied. 6964 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Please also observe notes marked as follows: Note A note contains important information on the product described in the documentation, on the handling of the product and on the section of the documentation to which particular attention should be paid. "mySupport" With "mySupport", your personal working area, you make the most of your Industry Online Support. In "mySupport" you can store filters, favorites and tags, request CAx data and put together your personal library in the Documentation area. Furthermore, your data is automatically filled into support requests and you always have an overview of your current requests. You need to register once to use the full functionality of "mySupport". You can find "mySupport" on the Internet (https://support.industry.siemens.com/My/ww/en/). "mySupport" - Documentation In the Documentation area of "mySupport", you have the possibility to combine complete manuals or parts of them to make your own manual. You can export the manual in PDF format or in an editable format. You can find "mySupport" - Documentation on the Internet (http:// support.industry.siemens.com/My/ww/en/documentation). Further support The range of technical documentation for the individual SIMATIC products and automation systems can be found on the Internet (http://www.siemens.com/simatic-tech-doku-portal). The online catalog and the online ordering system is available on the Internet (https:// mall.industry.siemens.com). Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement - and continuously maintain - a holistic, state-of-the-art industrial security concept. Siemens' products and solutions only form one element of such a concept. Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and components should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate security measures (e.g. use of firewalls and network segmentation) in place. WinCC Advanced V14 System Manual, 10/2016 6965 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Additionally, Siemens' guidance on appropriate security measures should be taken into account. For more information about industrial security, please visit (http://www.siemens.com/ industrialsecurity). Siemens' products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer's exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under (http://www.siemens.com/industrialsecurity). 14.6.2 Description 14.6.2.1 Supported hardware If a device supports the trace and logic analyzer function, in the project tree below the device. "Traces" is offered for selection The following devices (Page 7010) support the trace and logic analyzer function: SIMATIC S7-1200 CPUs (as of firmware version V4.0) SIMATIC S7-1500, ET 200SP and ET 200Pro CPUs SIMATIC S7-1500 software controller SINAMICS G120 SINAMICS S120 SIRIUS SIMOCODE pro (with Simocode ES) SIRIUS soft starter 3RW (with Soft Starter ES) 14.6.2.2 Recording of measured values with the trace function Introduction The trace and logic analyzer function can be called in the project navigator (Page 6970) by double-clicking an entry in the "Traces" system folder. The measurements on the memory card can also be read and displayed via the diagnostic interface of the Web server. You record device tags and evaluate the recordings with the trace and logic analyzer function. Tags are, for example, drive parameters or system and user tags of a CPU. The number of installed traces is hardware-dependent. The recordings are saved on the device and, when required, can be read out with the engineering system (ES) and saved permanently. The trace and logic analyzer function is 6966 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function therefore suitable for monitoring highly dynamic processes. The recorded values are overwritten when the recording is activated again. Active recordings from the axis control panel are displayed in the "Traces" system folder as installed traces. Recordings can be added to the measurements in the curve diagram of the axis control panel or the PID via a shortcut menu command. Depending on the device (Page 7010) used, the recording options can vary. A quick start (Page 6990) for working with the trace and logic analyzer function can be found in the Operation section. The following figure shows the method of operation of the "Traces": 7UDFHFRQILJXUDWLRQ /RDGWUDFH FRQILJXUDWLRQWRWKH GHYLFH :DLWIRUWULJJHU FRQGLWLRQDQG UHFRUGGDWD 7UDQVIHUPHDVXUH PHQWWRWKH3* 'LVSOD\PDQDJH DQGVDYHPHDVXUH PHQW Trace configuration on the programming device (PG) in the TIA Portal You can specify the signals to be recorded, the duration of the recording and the trigger condition in the trace configuration. The trace configuration depends on the device and is described at the respective device (Page 7010). Transferring the trace configuration from the PG to the device You can transfer the complete trace configuration (Page 6997) to the device when an online connection is established. Waiting for the recording If the installed trace configuration is activated (Page 6998), then the recording is performed independently of the PG. The recording is started as soon as the trigger condition is satisfied. WinCC Advanced V14 System Manual, 10/2016 6967 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Transferring the measurement from the device to the PG The saving of the measurement in the project (Page 7000) stores the measurement in the opened project of the TIA Portal. The measurement can be saved at any time after completing the recording, irrespective of the time of the measurement. Evaluating, managing and saving the measurement Numerous options are available for the evaluation of the measurement in the curve diagram and in the signal table (Page 6999). Various display types are possible, for example, a bit representation for binary signals. Signal waves from different measurements can be put together as an overlay measurement and compared with each other. Measurements can also be exported and imported as a file. With the saving of the project (Page 7000) in the TIA Portal, the measurements transferred to the project are also saved. Supported TIA Portal features The following TIA Portal features are supported as of V14: Saving of trace configurations and measurements in libraries Multiuser support for trace configurations and measurements (offline data) 14.6.2.3 Trace configuration, recording, installed trace and measurement This section explains the meaning and relationships of the terms: trace configuration, recording, installed trace and measurement. Trace configuration Implement the following settings in the trace configuration: Signals to be recorded Recording conditions - Sampling - Trigger - Installed measurements (memory card) Recording A recording is performed in the device. There is only one recording for each installed trace configuration. When a new recording is started, the old recording is overwritten. An installed recording is not retentive (it is lost when the device is switched off/on) but can be saved permanently in the project as a measurement. 6968 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Installed trace An installed trace consists of a trace configuration and optionally a recording. The maximum number of installed traces depends on the device. The trace configuration is stored retentively on the device. The retentivity of the trace configuration may also be configurable depending on the device, e.g. with the S120. Measurement A measurement consists of a trace configuration and a recording, provided that recorded data is present. Each installed trace can be saved as a measurement in the project. The recording of a measurement can be viewed offline. The configuration for a measurement can be transferred to the "Traces" folder using drag & drop. Installed measurements (memory card) The folder contains measurements that are saved on the device (e.g. on the memory card). These measurements are retentive and can only be deleted by the user. The installed measurements can be transferred to the Measurements folder using drag & drop and are then saved as measurements in the project. Trace configuration with an installed trace of the same name Usually, there is a trace configuration in the project with the same name for an installed trace. When there is an online connection, this trace is displayed with the icon in the project tree. See also User interface - "Traces" project tree folder (Page 6972). Overlay measurement The overlay measurement allows a comparison and analysis of signals from different measurements with each other. The measurements can be synchronized with each other and displayed as overlay measurements. 14.6.2.4 Data storage The trace toolbar and the curve diagram also enable the transfer of the trace configuration and the viewing of the recording. The following figure is a schematic diagram of the data storage: WinCC Advanced V14 System Manual, 10/2016 6969 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function &XUYHGLDJUDP 7UDFHFRQILJXUDWLRQ ,QVWDOOHGWUDFHV 0HDVXUHPHQW ,PSRUW ([SRUW &RQILJXUDWLRQ ,PSRUW ([SRUW 3URMHFW 5HFRUGLQJ 3URMHFW Note Saving the trace configuration and measurement You save the trace configuration and measurement with the project in the TIA Portal. If you close the project without saving, the trace configurations and the measurements transferred to the project are discarded. The trace editor can be closed and reopened without loss of data until the project is closed. 14.6.3 Software user interface Display areas The user interface of the trace and logic analyzer function consists of several areas. The example in the figure below shows the division of the user interface in the TIA Portal: 6970 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function 1 2 3 4 5 Project navigator Management and creation of the trace and measurements directly in the project tree and via context menu commands. Working area WinCC Advanced V14 System Manual, 10/2016 6971 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Title bar of the working area Shows the device to which the current display belongs. Trace toolbar Buttons for managing the trace in the project and device: Activation/deactivation of installed traces Deletion of installed traces Transfer of trace configurations and measurements between the device and the project Export of trace configurations and measurements Switchover between offline and online display Status display of the trace Display of the current status of the recording. Configuration tab Device-specific configuration of the recording duration, trigger condition and signal selection. See Device-specific descriptions (Page 7010). Diagram tab Display of the recorded values as a curve diagram and the signals from the displayed measure ment. Signal selection tab Display of all signals that are contained in the overlay measurements. "Trace" task card Display of the measurement cursor data and snapshots. Inspector window Display of general information about the trace configuration 14.6.3.1 Project navigator User interface - "Traces" project tree folder Trace configurations and installed traces are displayed in the "Traces" folder. More information about the "Traces" sub-folder is provided in the following sections. Double-click a trace to open the corresponding "Diagram" or "Configuration" tab in the working area. 6972 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Icons in the "Traces" folder The following table explains the icons in the Icon "Traces" folder: Description Add trace configuration Double-click the icon to add a new trace configuration. Trace configuration (offline) Double-click the icon to open the "Configuration" tab. Installed trace (online) The icon is only displayed when there is no offline trace configuration of the same name for the installed trace. Double-click the icon to open the "Diagram" tab. Trace configuration with an installed trace of the same name If the button is deactivated, the trace configuration from the project is displayed. The trace corresponds to a trace configuration. If the button is activated, the trace configuration from the device is displayed. The trace corresponds to an installed trace. Double-click the icon to open the "Diagram" tab. Status When there is an online connection, the status is displayed in the right-hand column of the project tree. The status is also displayed as tooltip above the respective icon. The following table shows the meaning of the icons: Icon Description Online and offline configuration are identical Online and offline configuration are different Configuration only exists online Shortcut menu commands The following table shows the shortcut menu commands for the WinCC Advanced V14 System Manual, 10/2016 "Traces" system folder: Shortcut menu command Description "Add new group" Inserts a new folder. "Add new trace" Inserts a new trace configuration and opens the configuration tab. "Import trace con figuration" Imports a trace configuration from a file. 6973 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the shortcut menu commands for trace configurations installed traces / : Shortcut menu com mand and Trace con figuration Installed trace Description "Copy" x - Copies the trace configuration of the selected ob jects to the clipboard. "Paste" x - Inserts a trace configuration or measurement from the clipboard. "Delete" x x Deletes the selected objects from the project tree or from the device. "Rename" x - Switches the selected object to the editing mode. "Export trace configu ration" x - Exports a trace configuration as a file with the exten sion "*.ttcfgx". For compatibility reasons, the "*.ttcfgx" file extension will be supported in V12, but does not contain any information about the device family. The trace configuration can also be copied device-wide. Several objects can be selected. User interface - "Measurements" project tree folder The "Measurements" folder shows the saved measurements. Icons in the "Measurements" folder The following table explains the icons in the Icon "Measurements" folder: Description Measurement (offline) Double-click the icon to open the "Diagram" tab. The configuration for a measurement can be transferred to the "Traces" folder using drag & drop. Shortcut menu commands The following table shows the shortcut menu commands for the folder: 6974 "Measurements" system Shortcut menu command Description "Add new group" Inserts a new folder. "Import measure ment" Imports a measurement from a file with the "*.ttrecx" file extension. For compatibility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the shortcut menu commands for measurements : Shortcut menu command Description "Copy" Copies the trace configuration of the selected objects to the clipboard. "Paste" Inserts a measurement from the clipboard. "Delete" Deletes the selected objects from the project tree or from the device. "Rename" Switches the selected object to the editing mode. "Generate new overlay measure ment" Generates a new overlay measurement with the selected measurements. "Export measure ment" Exports a measurement with the last saved standard view The measurement is saved with the extension "*.ttrecx" or "*.csv". For compati bility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. The measurements can also be copied device-wide. Several objects can be selected. User interface - "Installed measurements (memory card)" project tree folder The folder shows all measurements present on the memory card. The folder is only displayed when there is an online connection to the device. Drag folders or measurements contained here to the "Measurements" system folder using drag & drop. This transfers the measurements to the project. Icons in the "Traces" folder The following table explains the icons in the system folder Icon : Description Folders generated automatically with information on the recording start time The name of the folder cannot be changed. Installed measurement Double-click the icon to open the "Diagram" tab. The time stamp in the name shows the occurrence of the trigger event. Shortcut menu commands The following table shows the shortcut menu commands for the folder WinCC Advanced V14 System Manual, 10/2016 : Shortcut menu command Description "Copy" Copies the selected objects to the clipboard. "Delete" Deletes the selected objects from the project tree and from the device. 6975 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the shortcut menu commands for measurements : Shortcut menu command Description "Open" Opens the measurement in the "Diagram" tab. "Copy" Copies the selected objects to the clipboard. "Delete" Deletes the selected objects from the project tree and from the device. "Export measure ment" Exports a measurement as a file with the extension "*.ttrecx" or "*.csv". "Properties" Displays the general properties of the measurement (Page 6989). For compatibility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. Several objects can be selected. User interface - "Overlay measurements" project tree folder The system folder "Overlay measurements" shows the configured overlay measurements. Icons in the "Overlay measurements" folder The following table explains the icons in the system folder Icon "Overlay measurements": Description Add new overlay measurements Double-click the icon to add a new overlay measurement and open the "Diagram" tab. Overlay measurement Double-click the icon to open the "Diagram" tab. Shortcut menu commands The following table shows the shortcut menu commands for the system folder measurements" or for a group folder contained within this : Shortcut menu command Description "Add new group" Inserts a new folder. "Add new overlay measurement" Inserts a new overlay measurement and opens the "Diagram" tab. "Overlay The following table shows the shortcut menu commands for overlay measurements : Shortcut menu command Description "Open" Opens the selected overlay measurements in the working area. "Import measurement" Imports a measurement from a file with the "*.ttrecx" file extension. For compatibility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. "Copy" 6976 Copies the selected objects to the clipboard. WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Shortcut menu command Description "Paste" Inserts measurements, measurements from installed traces or overlay measurements from the clipboard. Multiple objects can be inserted from the clipboard if they are all of the same type. "Delete" Deletes the selected objects from the project tree or from the device. "Rename" Switches the selected object to the editing mode. "Properties" Displays the general properties for the overlay measurements. The overlay measurements can also be copied device-wide. Several objects can be selected. 14.6.3.2 Working area User interface - trace toolbar Tools are available for handling the trace via buttons. The following table shows the functions of the buttons: Icon Description Transfer the selected trace configuration to the device The selected trace configuration is transferred to the device. Transfer the selected trace configuration from the device The selected trace configuration is transferred from the device to the project. Observe on/off Change of the display between online and offline. Note Once monitor and automatic scaling are activated at the same time, no more actions can be undone using the "Undo" button. Note When an installed trace is first started the display in the curve diagram is set to automatic scaling by default. Make sure when the recording is restarted that any changes to the scaling settings are retained. Reactivate automatic scaling man ually if necessary in order to monitor the recording. Activate recording If the recording of an installed trace is repeated, then the settings relevant for the display (curve diagram and signal table) are also retained for the new recording. Note When a recording is restarted, the previously recorded values are lost. To save the recorded values, save the measurement in the project (Page 7000) before you activate the recording again. Deactivate recording Delete installed trace Deletes the selected trace from the device. WinCC Advanced V14 System Manual, 10/2016 6977 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Icon Description Transfer the selected measurement from the device to the project The measurement is added to the "Measurements" system folder. Note In order to be able to save the installed trace data as a measurement, it must first have been displayed once in the curve diagram. The recording data is loaded from the device when displayed. If necessary wait until the display is updated, as only the displayed data is trans ferred to the project in all cases. Export trace configuration Exports a trace configuration as a file with the extension "*.ttcfgx". For compati bility reasons, the "*.ttcfgx" file extension will be supported in V12, but does not contain any information about the device family. Generate a trace configuration Generates a new trace configuration from the measurement. Export measurement with the settings from the current view Exports a measurement as a file with the extension "*.ttrecx" or "*.csv". For com patibility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. Import measurement (only with overlay measurements) Imports a measurement from a file with the "*.ttrecx" file extension. For compatibility reasons, the "*.ttrec" file extension will be supported in V12, but does not contain any information about the device family. Select a measurement (only with overlay measurements) The drop down list box contains the imported measurements. Select the desired measurement to display the configuration. User interface - Configuration tab User interface - Configuration The trace configuration depends on the device and is described at the respective device (Page 7010). User interface - Diagram tab User interface - curve diagram The curve diagram displays the selected signals of a recording. Bits are shown in the lower diagram as a bit track. You can adjust the display of the signals in the signal table (Page 6982) and with the toolbar of the curve diagram. 6978 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Setting options and displays in the curve diagram The following figure shows an example of the display in the TIA Portal: The scale in the diagram applies to the selected (highlighted in gray) signal in the legend. The legend can be moved and its size can be adjusted with the mouse. The icon shows the device trigger time with a vertical line. Functions using the mouse wheel The following table shows which functions are possible in the curve diagram using the mouse wheel: Function of the mouse wheel Description Move the curve diagram vertically Turning the mouse wheel moves the display in the upper curve diagram up or down. If the signals are arranged in traces the display for the group is shifted that is located below the cursor. The cursor must be positioned above the upper curve diagram. Move the curve diagram horizontal Turning the mouse wheel with the <Shift> button pressed down ly moves the display in the curve diagram to the left or the right. The cursor must be positioned above the curve diagram. Zoom in and zoom out Turning the mouse wheel with the <Ctrl> button pressed down zooms in or out of the display in the curve diagram. The cursor position is the starting point for zooming in or out. The value axis of the lower curve diagram (bit tracks) is not affec ted. The cursor must be positioned above the curve diagram. WinCC Advanced V14 System Manual, 10/2016 6979 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Shortcut menu commands The following table shows the shortcut menu commands in the curve diagram: Shortcut menu command Description "Save diagram as image" Exports the current display in graphic format, e.g. as a bitmap. "Copy image to clipboard" Copies the current display to the clipboard. "Center measurement cursors" Positions the activated measurement cursors at a central point in the current display. "Add to measurements" Adds the displayed recording to the folder. (only axis control panel and PID) "Automatic bit track height" "Measurements" system Automatically adjusts the height of the bit tracks and thereby de termines the size of the lower curve diagram. The setting is automatically deactivated once you change the space allocation between the curve diagrams manually. Note You can change the vertical space allocation between the upper and lower curve diagram. To do this drag the time axis of the upper curve diagram up or down with the mouse. Toolbar of the curve diagram Tools are available for adapting the display via buttons. The following table shows the functions of the buttons: Icon 6980 Function Description Undo zoom Undoes the zoom function executed last. If several zoom functions have been executed, they can be undone step-by-step. Redo zoom Redoes the last undone zoom function. If several zoom functions have been undone, they can be redone stepby-step. Standard view Uses the current view as standard for this recording. If the trace recording is shown again later, the standard view is restored. Move view Moves the display with the mouse button pressed. Zoom selection Selection of an arbitrary range with the mouse button pressed. The display is scaled to the range selection. Vertical zoom selection Selection of a vertical range with the mouse button pressed. The display is scaled to the range selection. Horizontal zoom selection Selection of a horizontal range with the mouse button pressed. The display is scaled to the range selection. Zoom in Enlargement of the display. The ranges of the time axis and value axis are reduced every time the button is clicked. The curves are displayed larger. WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Icon Function Description Zoom out Reduction of the display. The ranges of the time axis and value axis are increased every time the button is clicked. The curves are displayed smaller. Display all Scales the display of the available data so that the entire time range and all values are displayed. Automatic scaling of the value axis Scaling of the display so that all values are displayed for the currently displayed time range. The relative scaling ratio between the signals may change. Note The automatic scaling of the value axis is stopped when the zoom function is activated for the value axis. This button reactivates the automatic adjustments to the min imum/maximum values. Show the overall time range Scaling of the display so that the values in the value range currently displayed are displayed for the overall time range. The value range displayed only then changes if "Display all values" is activated. Note The automatic scaling of the time axis is stopped when a zoom function is activated for the time axis. This but ton reactivates the automatic adjustments for the time range. Arrange in tracks Activate or deactivate the trace arrangement. When the trace arrangement is activated the signals are arranged among themselves with the relevant value ax es. Signal groups are displayed in the same trace. This setting does not affect the display for the bit tracks. Unit changeover of the time axis Switching the unit of the time axis The following units are adjustable: Measurement points Time (relative time related to the trigger time) Absolute time WinCC Advanced V14 System Manual, 10/2016 Display samples The samples are displayed as small circles on the curves. Display vertical measurement cursors Display of the vertical measurement cursors. The vertical position of the two measurement cursors can be moved with the mouse. The associated meas ured values and the difference of the measurement cur sors corresponding to the position are shown in the sig nal table. Display the "Measurement cursor" pane (Page 6987) in the Trace task card in order to display further information. 6981 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Icon Function Description Display horizontal measure ment cursors Display of the horizontal measurement cursors. The horizontal position of the two measurement cursors can be moved with the mouse. Display the "Measurement cursor" pane (Page 6987) in the Trace task card in order to display the values or to reposition the measurement cursor through entering the position. Display chart legend Showing or hiding of the legend in the curve diagram and the bit track labels. Align the chart legend to the left Display of the legend and the bit track labels on the left side of the curve diagram. Align the chart legend to the right Display of the legend and the bit track labels on the right side of the curve diagram. Change background color Changeover between various background colors. User interface - signal table The signal table lists the signals of the selected measurement and provides setting options for some properties. If recording data of installed traces is displayed and the settings are changed in the signal table, these settings are retained until there is a change to the offline mode. If the installed trace is added to the measurements, the current settings of the signal table are saved in the measurement. The signals can be sorted using drag-and-drop. The bits of a signal can be resorted within a signal. Setting options and displays in the signal table The following figure shows an example of the display in the TIA Portal: The following table shows the settings and displays of the recorded signals: Column Description Static display of the signal icon Selection for the display in the curve diagram The point indicates that at least one bit has been selected for display as bit track for the signal in the bit selection. "Name" Display of the signal name A click on the name of a displayed signal updates the scale in the curve diagram. "Measurement" Display of the measurement (in the "Diagram" tab only with overlay measurements) Shows the name of the measurement to which the signal belongs. 6982 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Column Description Open bit selection Individual bits can also be selected for the following data types for display as a bit track in the lower curve diagram. Byte, Word, DWord, LWord SInt, USInt, Int, UInt, DInt, UDInt, LInt, ULInt Example of an opened bit selection for the DWORD data type: Select or deselect the relevant bit for display by clicking the "Data type" Display of the data type "Address" Display of the address of the signal icon. The field remains empty with optimized / type correct tags. "Color" Display and setting option for the color of the signal "Signal group" Display or input of the signal group name for one signal group The Y-scales are scaled identically for all signals of one signal group. Enter an identical signal group name for those signals that are to be scaled identi cally. Signals can be removed from the signal group by deleting the signal group name. The signal groups can be saved via the function "Use current view as standard" (button ). Note Binary signals cannot be grouped. Gray field for chain icon Move the cursor over the gray field or the chain icon ( or to a signal group or delete the signal from the signal group. Clicking the group. chain icon adds the signal to a signal group or creates a new signal Clicking the chain icon removes the signal from the signal group. For a selected signal with signal group, the the same signal group. Input field ) to add the signal chain icon displays all signals of The input field displays the signal group name. As an alternative to the chain icon, you can assign or delete a group name via text input in this field. "Min. Y-scale" WinCC Advanced V14 System Manual, 10/2016 Display or input of the minimum value for the scaling of the signal "Max. Y-scale" Display or input of the maximum value for the scaling of the signal "Y(t1)" Display of the value at the position of the first measurement cursor "Y(t2)" Display of the value at the position of the second measurement cursor 6983 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Column Description "Y" Display of the value difference between the first and the second measurement cursor "Unit" Display of the unit (e.g. for used-based values from technology objects) "Comment" Display and input option for a comment about the signal Shortcut menu commands The following table shows the shortcut menu commands of the signal table: Shortcut menu command Description "Cut" Cannot be selected. "Copy" Copies the contents of the selected lines to the clipboard. "Paste" Cannot be selected. "Delete" Cannot be selected. "Rename" Cannot be selected "Display signal(s)" Displays the selected signals in the curve diagram. "Hide signal(s)" Hides the selected signals in the curve diagram. See also Use of the signal table (Page 7005) Using the signal group in the signal table (Page 7006) User interface - Measurements (overlay measurements) The Measurements tab displays the individual measurements and among other things provides the setting options for synchronization. Setting options and displays in the Measurements tab The following figure shows an example of the display in the TIA Portal: 6984 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the settings and displays for the measurements: Column Description Alignment of the measurements "Trigger/ measure ment point" "Time stamp (absolute time)" Alignment of the measurements in accordance with the trigger or measurement point The individual zero point for the measurement is predefined in the table under the "Alignment" column. Alignment of the measurements in accordance with their time stamp The signals are aligned in accordance with the time from the absolute time stamp. Table columns Static display of the measurement icon "Name" Display and change options for the measurement name The name must be a unique one and can be changed. "Alignment" Alignment of the measurement (only adjustable with the "Trigger/measurement point" check box activated) Determines the individual zero point for a measurement. All signals for the meas urement are displayed in relation to this zero point. The following settings are possible: Trigger First measurement point following the trigger event First measurement point Last measurement point "Offset" Offset related to the time axis Moves the measurement left or right by the offset stated on the time axis. The offset can also be transferred via the clipboard to the cell from the X value of the measurement cursor. See Align measurements precisely (overlay measure ments) (Page 7008). "Time stamp" Display of the trigger time "Comment" Display and input option for a comment about the signal Shortcut menu commands The following table shows the shortcut menu commands of the signal table: WinCC Advanced V14 System Manual, 10/2016 Shortcut menu command Description "Cut" Cannot be selected. "Copy" Copies the contents of the selected lines to the clipboard. "Paste" Cannot be selected. "Delete" Cannot be selected. "Rename" Switches the selected cell to the editing mode. 6985 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Shortcut menu command Description "Import measurement" Imports a measurement from a file, e.g. with the "*.ttrecx" file ex tension. For compatibility reasons, the "*.ttrec" file extension will be sup ported in V12, but does not contain any information about the device family. "Export measurement" Exports a measurement as a file with the extension "*.ttrecx" or "*.csv". For compatibility reasons, the "*.ttrec" file extension will be sup ported in V12, but does not contain any information about the device family. User interface - Signal selection tab (overlay measurements) User interface - Signal selection (overlay measurements) The Signal selection tab shows the signals for all measurements and allows signals that are presented in the signal table of the diagram to be preselected. Setting options and displays in the Signal selection tab. The following figure shows an example of the display in the TIA Portal: The following table shows the settings and displays for the table: Column Description Static display of the signal icon "Available in the diagram" Selection for the display in the curve diagram When the selection is activated the signal is transferred to the signal table for the curve diagram. "Measurement" Display of the measurement to which the signal belongs "Name" Display of the signal name "Data type " Display of the data type "Address" Display of the address (not for symbolic tags) "Comment" Display of a comment on the signal You will find further information on the specific settings in User interface - signal table (Page 6982). 6986 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Shortcut menu commands The following table shows the shortcut menu commands for the signal selection: Shortcut menu command Description "Copy" Copies the content of the selected lines to the clipboard. "Display selection in the signal ta ble" The selected signals are displayed in the signal table and are available in the diagram. "Remove selection from the signal table" The removed signals are not available in the diagram. Several objects can be selected. 14.6.3.3 Trace task card User interface - Measurement cursor pane The "Measurement cursor" pane shows the position of the measurement cursor in the curve diagram and the values at the intersection points. Setting options and displays of the "Measurement cursor" pane The figure below shows the "Measurement cursor" pane: WinCC Advanced V14 System Manual, 10/2016 6987 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table describes the settings and displays: Setting/display Description Horizontal measurement cursor Y1 Position of first measurement cursor The value states the position in relation to the scale of the signal currently se lected. You also have the option of specifying a new position for the measurement cursor in this entry field for moving with the mouse. Y2 Position of the second measurement cursor The value states the position in relation to the scale of the signal currently se lected. You also have the option of specifying a new position for the measurement cursor in this entry field for moving with the mouse. Y Display of the position difference between the first and the second measurement cursor Vertical measurement cursor X1 Position of first measurement cursor You also have the option of specifying a new position for the measurement cursor in this entry field for moving with the mouse. X2 Position of the second measurement cursor You also have the option of specifying a new position for the measurement cursor in this entry field for moving with the mouse. X Display of the position difference between the first and the second measurement cursor Intersection points with selected signal Y(X1) Display of the value at the position of the first measurement cursor Y(X2) Display of the value at the position of the second measurement cursor Y Display of the value difference between the first and the second measurement cursor User interface - Snapshots pane The "Snapshots" pane allows the user to save and restore different views for a measurement. A snapshot is taken of the current view in the "Diagram" tab. The snapshots are saved in the measurement with the project. Setting options and displays of the "Snapshots" pane The figure below shows the "Snapshots" pane: 6988 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the functions of the buttons: Icon Description Generate snapshot of the current view Saves the current view as a snapshot in the "Diagram" tab. The following table shows the settings and displays: Column Description Static display of the snapshot icon "Name" Display and change options for the name "Time stamp" Display of the snapshot generation time "Comment" Display and input option for a comment Several rows can be selected and deleted. Double-clicking on a row opens the measurement with the saved view in the "Diagram" tab. Shortcut menu commands The following table shows the shortcut menu commands of the table: Shortcut menu command Description "Restore snapshot" Shows the measurement with the saved view in the "Diagram" tab. "Delete" Deletes the snapshot "Rename" Switches the cell to the editing mode Several rows can be selected and deleted. 14.6.3.4 Inspector window User interface - General The "General" area shows the name of the trace configuration and input fields for the author and a comment. WinCC Advanced V14 System Manual, 10/2016 6989 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Input options and displays in General The following figure shows an example of the display in the TIA Portal: The following table shows the input fields and displays: Column Icon Description "Name" - Name of the trace configuration. "Author" - Author of the trace configuration "Comment" - Input field for a comment. You can enter a line break with <Shift+Return>. 14.6.4 Operation 14.6.4.1 Quick start This description shows the steps for a recording of the S7-1500 CPU as an example. The displayed settings can differ depending on the device. Requirement A device is configured that supports the trace and logic analyzer function. 6990 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Creating a trace The following figure shows the project tree with the "Traces" system folder below the device: Procedure: 1. Double-click the "Add new trace" entry. A new trace configuration is created and the "Configuration" tab opens in the working area. 2. Adapt the name of the trace configuration by clicking the text. Selecting signals The following figure shows the configuration of the signals: WinCC Advanced V14 System Manual, 10/2016 6991 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Procedure: 1. Select the signals to be recorded in the "Signals" area. Or: 2. Drag one or more signals, e.g. from a tag table, and drop them in the signal table. Configuring the recording cycle The following figure shows the configuration of the sampling: Procedure: 1. Configure the sampling. Configuring the trigger The following figure shows the configuration of the trigger: Procedure: 1. Configure the trigger mode and the condition for the selected trigger. 6992 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Transferring the trace configuration to the device Procedure: 1. Transfer the trace configuration to the device with the The following functions are executed: button. - An online connection is established to the device. - The trace configuration is transferred to the device. - The monitoring is activated. - The display switches to the "Diagram" tab. Activating a recording Procedure: 1. Click the button. Displaying the recording The following figure shows the curve diagram with a recording: WinCC Advanced V14 System Manual, 10/2016 6993 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Procedure: 1. Wait until the "Recording" or "Recording completed" status is displayed in the status display of the trace. 2. Switch to the "Diagram" tab. 3. Click the icon of a signal in the signal table. The individual bits of the signal are offered for display as a bit track. 4. In the signal table, select or deselect the individual signals and bits for display with the icon. Saving the measurement in the project Procedure: 1. Transfer the measurement to the project with the button. The measurement is displayed in the project tree under the folder. "Measurements" system See also User interface - trace toolbar (Page 6977) 14.6.4.2 Using the trace function - overview Requirement A device is configured in the TIA Portal that supports the trace and logic analyzer function and to which an online connection has been established. Procedure The following table shows a procedural overview with typical steps when working with the trace and logic analyzer function. Step 1 2 3 4 6994 Description Creating a trace (Page 6995) Configuring the trace (Page 7002) Transferring the trace configuration to the device (Page 6997) Activating/deactivating an installed trace (Page 6998) WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Step 5 6 7 8 9 Description Monitoring the recording (Page 6999) Saving measurements in the project (Page 7000) Displaying the recording (Page 6999) Analyze an ongoing recording (Page 6999) Compare records (overlay measurements) (Page 7007) See also Displaying a configuration (Page 6995) 14.6.4.3 Project tree Creating a trace Traces can be created in the form of trace configurations in the project navigator. The following instructions describe how you can create a trace configuration under the "Traces" system folder Procedure To create a trace configuration, proceed as follows: 1. Double-click the "Add new trace" entry. A new trace configuration is created. Displaying a configuration Requirement A trace configuration, an installed trace, a measurement or an overlay measurement is available in the "Traces" system folder. WinCC Advanced V14 System Manual, 10/2016 6995 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Procedure To display a trace configuration, proceed as follows: 1. Double-click the appropriate icon of a trace configuration, an installed trace, a measurement or an overlay measurement in the project tree. The "Configuration" or "Diagram" tab opens in the working area. 2. If required, click the "Configuration" tab for the display. Note Write protection The configuration data of an installed trace and in all measurements is displayed with write protection. See also User interface - "Traces" project tree folder (Page 6972) Displaying a diagram Requirement An installed trace, a measurement or an overlay measurement is available in the system folder. "Traces" Procedure To display a diagram, proceed as follows: 1. Double-click the appropriate icon of an installed trace, a measurement or an overlay measurement in the project tree. The "Configuration" or "Diagram" tab opens in the working area. 2. If required, click the "Diagram" tab for the display. See also User interface - "Traces" project tree folder (Page 6972) Apply overlay measurement Overlay measurements can be applied in the project tree with a comparison function for different measurements. The following instructions describe how you can create an overlay measurement under the "Overlay measurements" system folder 6996 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Requirement A device is configured that supports the trace and logic analyzer function. Procedure To apply an overlay measurement, proceed as follows: 1. Select one or more measurements in the 2. Drag the measurements to the "Measurements" system folder. "Overlay measurements" system folder. A new overlay measurement is created. Configuring objects in groups You can set up groups in system folders in the project navigator. Use this option to configure the view for multiple objects. The following instructions use measurements as an example in order to describe how to consolidate the measurements into groups. The same functionality is also available for the Traces and Overlay measurements system folders. Requirement Measurements are available in the "Measurements" system folder. Procedure Proceed as follows to configure measurements into groups: 1. Select the shortcut menu command "Add new group" by right-clicking on the "Measurements" system folder. A new group folder is created. 2. Assign a meaningful name to the new group. 3. Repeat step 1 until all required groups have been created. (Sub-groups (groups within groups) can also be created.) 4. Drag & drop the corresponding measurements to the group folder that has been created. 14.6.4.4 Working area - general Transferring the trace configuration to the device Requirement A valid trace configuration is in the "Traces" system folder. The maximum number of installed traces has not been reached yet. WinCC Advanced V14 System Manual, 10/2016 6997 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Procedure To transfer a trace configuration to the device, proceed as follows: 1. Open a valid trace configuration in the working area. 2. Click the button. Result The trace configuration is transferred to the device. Activating/deactivating an installed trace Requirement There is an online connection to the device. There is a trace in the device. The installed trace is displayed in the working area. The button is activated for viewing the displayed trace. Activating an installed trace To activate the recording for an installed trace, proceed as follows: 1. Click the button. The installed trace is activated and starts the recording according to the configured trigger condition. The trigger condition is device-specific and described in Section "Configuration" below the respective device (Page 7010). The current status of the recording is displayed in the status display of the trace. Note When a recording is restarted, the previously recorded values are lost. To save the recorded values, save the measurement in the project (Page 7000) before you activate the recording again. Deactivating an installed trace To deactivate an activated installed trace, proceed as follows: 1. Click the button. The installed trace is deactivated. The status display of the trace changes to "Inactive". 6998 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Displaying the recording Requirement There is an online connection to the device. There is a trace with recording in the device. Or: A measurement is in the "Measurements" system folder. Procedure To display the recording, proceed as follows: 1. Select an installed trace. 2. Double-click the selected trace. 3. If required, activate the button for viewing. Or: 1. Select a measurement in the "Measurements" system folder. 2. Double-click the selected measurement. Result The recording is displayed in the "Diagram" tab. See also User interface - "Traces" project tree folder (Page 6972) Analyze an ongoing recording Requirements An ongoing recording is displayed in the "Diagram" tab. Save the data currently recorded as a measurement To analyze a certain time range for an ongoing recording, follow these steps: 1. Click the button. The data recorded up to now is added to the measurements. The current recording is not affected by this and continues running uninterrupted. WinCC Advanced V14 System Manual, 10/2016 6999 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Analyze the measurement To display the saved measurement, follow these steps: 1. In the "Measurements" system folder double-click the measurement that has just been saved in order to open it The "Diagram" tab for the measurement opens in the working area. See also Displaying the recording (Page 6999) Working area - Diagram tab (Page 7003) Saving measurements in the project Requirement There is an online connection to the device. There is a trace with recording in the device. The installed trace data must have been displayed at least once in the curve diagram. The recording data is loaded from the device for the display. Procedure To save a recording in the project, proceed as follows: 1. Open the installed trace with the recorded data. 2. If required, make sure that the current data is loaded from the device by activating the button. 3. After activating the button wait until all data has been loaded and displayed. 4. Click the button. The measurement is added to the "Measurements" system folder. 5. Save the project in the TIA Portal. Note Generate measurements A measurement of an installed trace can be generated at any time. Use this functionality e.g. to save the data recorded up until this point in a recording and to analyze it as a static measurement. 7000 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Exporting and importing measurements Requirement At least one measurement is in the "Measurements" system folder for export. Exporting measurements To export a measurement, proceed as follows: 1. Right-click a measurement in the "Measurements" system folder and select the shortcut menu command "Export measurement". 2. Select a folder, a file name and a data type to save the measurement. 3. Click the "Save" button. Importing measurements To import a measurement, proceed as follows: 1. Right-click in the "Measurements" system folder and select the shortcut menu command "Import measurement". 2. Select the file e.g. of the "*.ttrecx" file type with the measurement to be imported. 3. Click the "Open" button. The imported measurement is displayed with the file name in the system folder. "Measurements" Note Export and import trace configurations The same functionality is available for exporting and importing trace configurations. Transferring the trace configuration from the device to the project Requirement There is an online connection to the device. There is a trace in the device. Procedure To transfer a trace configuration to the project, proceed as follows: 1. Open an installed trace. 2. If required, activate the 3. Click the WinCC Advanced V14 System Manual, 10/2016 button for viewing. button to transfer the trace configuration from the device. 7001 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Result The configuration is taken over as new trace configuration in the "Traces" system folder. A trace configuration of the same name is overwritten in the system folder. Deleting installed traces Requirement There is an online connection to the device. There is a trace in the device. Procedure To delete an installed trace, proceed as follows: 1. Open an installed trace. 2. If required, activate the button for viewing. 3. Click the button. A confirmation prompt opens. 4. Confirm the prompt for deletion. Or 1. Select one or more installed traces / in the project tree. 2. Press <Del> to delete the installed traces. A confirmation prompt opens. 3. If required, select an option for deletion and confirm the prompt. 14.6.4.5 Working area - Configuration tab Configuring the trace Requirement The "Configuration" tab is open in the working area. Configuring the trace In the configuration, you specify the recording and trigger conditions and select the signals to be recorded. 7002 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function See Section "Configuration" below the respective device (Page 7010). Note Saving the trace configuration You save the trace configuration with the project in the TIA Portal. If you close the project without saving, the configuration is discarded. See also Displaying a configuration (Page 6995) 14.6.4.6 Working area - Diagram tab Use of the curve diagram The curve diagram shows the signals of a recording selected in the signal table. The display area can be zoomed as required. Measurement cursors can be used to select individual values for display in the signal table. The following operating instructions describe the use of the curve diagram and of the measurement cursors as examples. Requirements An installed trace or a measurement has been selected for display. The button is activated to monitor an installed trace. The "Diagram" tab is open in the working area. Monitor an ongoing recording. To display all of the data in an ongoing recording, proceed as follows: 1. Activate "Display all" via the button. The entire time range and all values for the ongoing recording are displayed. To display a consistent time window in an ongoing recording, proceed as follows: 1. Activate "Display all" via the button. 2. Select the desired time range via the button. The trend view is updated while the scaling of the time range remains the same. WinCC Advanced V14 System Manual, 10/2016 7003 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Evaluation of a certain instant of a recording To display the values for a specific sample, proceed as follows: 1. Display the vertical measurement cursors via the button. 2. Move a measurement cursor with the mouse to the required position in the recording. The values of the signals are displayed in the signal table and in the "Measurement cursor" pane of the "Trace" task card. Evaluation of the difference between two samples To display the difference, proceed as follows: 1. Display the vertical measurement cursors via the button. 2. Move both measurement cursors with the mouse to the required samples in the recording. The values of the signals and the difference are displayed in the signal table and in the "Measurement cursor" pane of the "Trace" task card. Using horizontal measurement cursors To check whether a certain value has been reached, proceed as follows: 1. Display the horizontal measurement cursors via the button. 2. Move a measurement cursor with the mouse to the required value of the recording. The values of the measurement cursors for the selected signal are displayed in the "Measurement cursor" pane of the "Trace" task card. Moving the time range displayed Proceed as follows to move the time range displayed: 1. Select a time range via the button. 2. Move the curve to the desired time range by turning the mouse wheel with the <Shift> key pressed down. Bringing a signal into the foreground 1. Display the legend via the button. 2. Click a signal in the legend. Or: 1. Click a signal in the curve diagram. The signal is displayed in the foreground and is highlighted/selected in the signal table. The value axis is updated for the selected signal. 7004 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function See also Displaying a diagram (Page 6996) User interface - curve diagram (Page 6978) User interface - signal table (Page 6982) Use of the signal table The signal table shows the signals of an installed trace or a measurement. The preselected signals in the signal selection are displayed with an overlay measurement. You can show or hide individual signals for the display in the table and adapt the properties for the display. Individual bits can be selected for some data types and displayed as a bit track. The following operating instructions describe the operation of the signal table. Requirements An installed trace or a measurement has been opened in the "Diagram" tab. The button is activated to monitor an installed trace. For the display of individual bits as a bit track: at least one recorded signal supports the display as a bit track. Display or hide individual signals and change the color To adapt the display to suit your requirements, proceed as follows: 1. Click the icon of the respective signal in the column to select or deselect it for the display. 2. Click in the "Color" column for the respective signal and select a color. The default color for the signal changes. Bringing a signal into the foreground 1. In the signal table, select the line of the signal. The Y-scale of the signal is displayed. The signal curve is brought into the foreground in the curve diagram. Selecting individual bits for display as a bit track To display individual bits as a bit track in the lower curve diagram, proceed as follows: 1. Click the icon of a signal in the signal table. 2. Click the icon in the open bit selection of the signal. The bits are selected or deselected for display. See also Displaying the recording (Page 6999) WinCC Advanced V14 System Manual, 10/2016 7005 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Using the signal group in the signal table Individual signals can be scaled identically in a signal group, which makes it easier to compare the curve characteristics. Binary signals cannot be grouped. The following operating instructions describe how to work with the signal group. Note Saving signal groups The signal groups can be saved individually for each measurement via the "Use current view as standard" function ( button). If the signal groups and the project are not saved then the signal groups created will be lost when the "Diagram" tab is closed. Requirements An installed trace or a measurement is displayed. The button is activated to monitor an installed trace. The "Diagram" tab is open in the working area. There are at least two signals in the signal table that are not of the BOOL type. Assigning signals to a signal group To apply a signal group and assign signals to this group, proceed as follows: 1. In the signal table, select the line or cell of the required signal. 2. Click the gray field in the "Signal group" column. The sequence icon is displayed in the gray field and the name of the signal group is preassigned: 3. Click the gray fields of further signals that are to be assigned to this signal group. Or: 1. Click in the text field of the "Signal group" column for a signal to be grouped. 2. Enter a name for the group. 3. Enter the same group name in the respective text fields for further signals or select the group name via the drop-down list. The Y-scales of the grouped signals are scaled with the values of the signal that was selected first. Changes to a scale value always affect the entire group. 7006 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Removing signals from a signal group To delete the assignment of a signal to a signal group, proceed as follows: 1. Click the sequence icon for the required signal in the "Signal group" column. Or: 1. Click the text field for the required signal in the "Signal group" column. 2. Press the <Del> key. Or: 1. Select the respective text field in the "Signal group" column for several signals using the <Shift> and <Ctrl> keys. 2. Press the <Del> key. The signals are removed from the signal group or the signal group is deleted. Compare records (overlay measurements) Requirement An overlay measurement is created or is created implicitly by dragging the measurements to the system folder "Overlay measurements". See also AUTOHOTSPOT. Adding measurements for comparison To compare measurements, insert the measurements to be compared to the overlay measurements. Proceed as follows for this: 1. In the project tree drag one or more measurements from the system folder "Measurements" to the icon for the overlay measurement . Or: 1. Import saved measurements via the "Import measurement" shortcut menu command. A copy of the measurements is added to the overlay measurement. Note Changes to the settings for measurements within the overlay measurement have no impact on the original measurements. The original measurements remain unchanged. WinCC Advanced V14 System Manual, 10/2016 7007 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Select signals of the measurements for the signal table Proceed as follows to select the signals for the signal table in the "Diagram" tab: 1. Double-click on the icon for the overlay measurement in the project tree. The tabs for the overlay measurement will be displayed in the working area. 2. Click the "Signal selection" tab in the working area. The signals for all measurements are displayed in the table. 3. Activate or deactivate the signal check box for those signals that should be visible or should not be visible in the signal table. The activated signals are displayed in the signal table of the "Diagram" tab. Use of the signal table Proceed as follows to open and use the signal tables: 1. Click the "Diagram" tab in the working area. 2. Click on the "Signals" tab within the "Diagram" tab. 3. Use the signal tables as described under AUTOHOTSPOT. Align measurements Proceed as follows to align the time axis for the measurements for the comparison: 1. Click on the "Measurements" tab within the "Diagram" tab. 2. Select the alignment for the measurements via the check box. 3. Adjust the alignment and if necessary set an offset for the alignment of the individual measurements. The measurements are aligned with each other accordingly on the time axis. (The precise alignment of two measurements is described in the next section.) Use of the curve diagram Proceed as follows to open and use the curve diagram: 1. Click the "Diagram" tab in the working area. 2. Use the curve diagram as described under AUTOHOTSPOT. Align measurements precisely (overlay measurements) Requirement An overlay measurement is applied. Measurements for comparison are added to the overlay measurement. 7008 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Signals of the measurements for the signal table are selected. The "Diagram" tab for the overlay measurement opens in the working area. Align measurements precisely with position difference X Proceed as follows to align the time axis for two measurements precisely: 1. Display the vertical measurement cursors via the button. 2. Zoom into the time range, e.g. with the button until you are able to position the first measurement cursor precisely on the desired reference point for the first measurement. 3. Move the first measurement cursor with the mouse to the required position. 4. Search for the reference point for the second measurement, e.g. by switching to "Display all" with the button. 5. Zoom into the time range, e.g. with the button until you are able to position the second measurement cursor precisely on the desired reference point for the second measurement. 6. Move the second measurement cursor with the mouse to the required position. 7. Open the "Trace" task card. 8. In the "Measurement cursor" pane select the position difference value X. 9. Copy the value to the clipboard. 10.Insert the value from the clipboard into the Offset cell of the first or second measurement. Both measurements are precisely aligned with each other at the desired measurement points. Note When inserting the position difference as the offset make sure that you also adjust the leading character as necessary. Printing a recording The curve diagram supports the saving of the display as a graphic and the copying of the display to the clipboard. Also use these functions (Page 6978) for printing. WinCC Advanced V14 System Manual, 10/2016 7009 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function 14.6.5 Devices 14.6.5.1 S7-1200/1500 CPUs Recordable variables Device-dependent recording of tags The following list shows the operand areas from which tags can be recorded: Process image input Process image output Bit memory Data blocks Data types Elementary data types can be recorded. The availability of the individual data types depends on the device used: The following table lists the elementary data types: Data types Note Binary numbers BOOL - Bit strings BYTE - WORD - DWORD - LWORD 1) Symbolic name required Integers SINT - USINT - INT - UINT - DINT - UDINT - LINT 1) ULINT Symbolic name required 1) Symbolic name required Floating-point numbers REAL - LREAL Symbolic name required 1) Not supported by S7-1200. 7010 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Lifetime of the installed trace configuration and recorded values Installed trace configurations are retained after POWER OFF. The recording is activated again after the restart of the CPU. Recorded values are lost during the restart. Note Downloading a configuration to the device in the "STOP" operating state Note that after downloading a configuration in the "STOP" operating state, you must check the installed traces and, if required, reactivate them or transfer them again. Note If trigger tags that affect the address are changed, the trace configuration must also be transferred to the device again. This is the case for example, when a data block is shortened or extended or the data type is changed. Recording levels The following list shows the execution levels that can be selected for the recording cycle: Program cycle - OB 1 Time-of-day interrupt - OB 1x Time-delay interrupt - OB 2x Watchdog interrupt - OB 3x Synchronized processing cycles - OB 6x, not OB 60 MC-PreServo - OB 67 MC-Servo - OB 91 MC-Interpolator - OB 92 MC-PostServo - OB 95 Note The measured values are recorded at the end of the OB after the processing of the user program. WinCC Advanced V14 System Manual, 10/2016 7011 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Quantity structure The following table shows the maximum quantity structure that can be recorded with the trace and logic analyzer function: Device Maximum number of installed traces Maximum number of signals per trace configuration 2 16 At least 4 16 S7-1200 (as of firmware version V4.0) S7-1500 (depending on the CPU type) Example of CPU 1516-4 PN/DP Maximum of 3854 samples for 16 signals from PLC tags of the DWORD data type Maximum of 21844 samples for 16 signals from PLC tags of the BOOL data type Maximum of 58250 samples for 1 signal from a PLC tag of the BOOL data type Further information can also be found in the form of FAQs under the ID 102781176 (http:// support.automation.siemens.com/WW/view/en/102781176). CPU load through trace recording A trace recording increases the runtime of the respective recording level that can result in an execution level overflow with high utilization of the CPU. Remedy for execution level overflow: Change the trace configuration 1) Configure fewer tags and signals. 2) Then increase the number of tags and signals up to the maximum number of signals step-by-step without an execution level overflow. Select a slower recording level Software user interface of the configuration Structure of the user interface Display areas in the "Configuration" tab of the working area The settings options differ depending on the configured device. The following figure shows an example of the display in the TIA Portal: 7012 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The area navigation provides the following entries for selection: Configuration - Signals (Page 7013) - Recording conditions (Page 7014) Displaying and changing properties of a trace configuration A trace is selected in the project tree and displayed in the "Configuration" tab. The trace configuration can only be changed offline and is displayed online with the write protection. User interface - Signals The "Signals" area shows a table in which the signals to be recorded are configured for the selected trace configuration. Signals can also be inserted in the table using drag-and-drop. The signals can be sorted using drag-and-drop. Setting options and displays in "Signals" The following figure shows an example of the display in the TIA Portal: WinCC Advanced V14 System Manual, 10/2016 7013 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The following table shows the settings and displays: Column Icon Description Display of the signal icon for a selected signal. "Name" - Input field for the name or address of the signal. Examples: "Data_block_1".pressure M0.0 DB1.DBW3 - Button to open the signal selection table. The button is displayed when the table line is selected. Clicking the icon opens a table which offers possible signals for selection. The selected signal is displayed in the input field. "Data type" - Text field with display of the data type for the signal. "Address" - Input field for the address of the signal. "Color" - The field remains empty with optimized / type correct tags. Text field for display and selection of the color. Click the signal color to open the color selection dialog. "Comment" Input field for a comment on the signal. Shortcut menu commands The following table shows the shortcut menu commands of the table: Shortcut menu command Description "Cut" Cannot be selected. "Copy" Copies the contents of the selected lines to the clipboard. "Paste" Pastes the contents of the clipboard to the selected line. The existing contents are overwritten. "Delete" Deletes the selected lines from the table or deletes the content of the selected cell. "Rename" Switches the selected cell to the editing mode. Recording conditions User interface - Recording conditions The "Recording conditions" area shows the trigger condition for the selected trace configuration and in which cycle, how fast and how long the recording is made. Configuration is possible when the trace configuration is displayed in offline mode or online mode with deactivated viewing . 7014 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Setting options and displays in "Recording conditions" The following figure shows an example of the settings for the sampling in the TIA Portal: The following table explains the settings and displays: Setting/display Description "Recording time" Recording level entry field Selection of the recording time. Address of the OB text field Detailed information on the selected recording time. See Recording levels (Page 7011) "Record every" Reduction entry field Input of the reduction in relation to the reduction ratio and the unit. Reduction ratio dropdown list Selection of the reduction ratio unit The following settings are possible: "Cycle" "s" (setting option depends on the recording level selected under "recording time") Sampling time text field Display of the sampling time, taking into account the configured reduction and the selected unit (only for constant bus cycle time OBs). "Max. recording duration" Max. recording duration text field Displays the calculated maximum recording duration. The "Max. recording duration" depends on how many signals are recor ded and the data type of these signals. "Use max. recording du Set the recording duration to the maximum value. ration" When the checkbox is activated, the recording duration is set to the max imum possible recording duration. The set reduction in the "Record ev ery" input field is taken into account. The recording duration is also adap ted when additional signals are added. Further information can also be found in the form of FAQs under the ID 102781176 (http://support.automation.siemens.com/WW/view/en/ 102781176). "Recording duration" Recording duration en try field WinCC Advanced V14 System Manual, 10/2016 Input of the recording duration in relation to the selected unit. If the "Recording duration = max. recording duration" checkbox is activa ted, entries are overwritten by the value displayed in "Max. recording duration". 7015 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Setting/display Unit drop-down list Description Selection of the unit for the recording duration. The following settings are possible: "Samples" The maximum number of samples recorded is the number for which parameters are assigned under recording duration. "s" (setting option depends on the recording level selected under "recording time") Calculated recording duration text field Display of the calculated recording duration (only for constant bus cycle time OBs) The following figure shows an example of the settings for the trigger in the TIA Portal: The following table explains the settings and displays: Setting/display Description "Trigger mode" Selection of the trigger mode. Trigger mode dropdown list The following settings are possible: "Record immediately" The recording is made immediately after the device is activated. "Trigger on tag" The recording is made as soon as the installed trace is activated and the configured trigger condition is fulfilled. Text field "Trigger tag" Trigger tag entry field The "Trigger tag" specifies a signal that triggers the recording. Enter a signal. Examples: "DataBlock_1".Temperature M0.0 DB1.DBW3 See also Data types for trigger tags (Page 7019). 7016 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Setting/display Description Opens the signal selection table. Clicking the icon opens a table which offers possible signals for selection as trigger tag. The selected signal is displayed in the input field. Trigger tag address text field "Event" Display of the trigger tag address. With purely symbolic signals the field remains empty. The events that can be used on this trigger tag are offered for selection according to the data type of the trigger tag. The event can only be configured when a valid signal has been entered as trigger tag. Trigger events dropdown list Event selection for which the trigger tag is checked. Text field - "Value" The entries in the drop-down list are described in Section Trigger event (Page 7019). Configuration of the selected event. The configuration options differ depending on the format of the trigger tag and the selected event. SeeTrigger event (Page 7019). "Pre-trigger" "Pre-trigger" defines the number of samples that are already recorded before the actual trigger condition is fulfilled. If the trigger event occurs immediately or shortly after the activation of the recording, this may result in a shorter recording duration. Examples of "Recording duration (a)" = 20 samples and "Pre-trigger (b)" = 5 samples: Case 1: Trigger event occurs 50 samples after activation of the recording Actual recording duration (a) = 20 samples Case 2: Trigger event occurs 2 samples after activation of the recording Actual recording duration (a) = 17 samples Duration entry field Input of the duration in relation to the selection in the drop-down list. Unit drop-down list Selection of the unit The following settings are possible: "Samples" "s" (setting option depends on the recording level selected under "recording time") Resulting pre-trigger duration text field Display of the calculated "Pre-trigger" duration (only for recording in con stant bus cycle time OBs) The following figure shows an example of the settings for the saving of installed measurements: WinCC Advanced V14 System Manual, 10/2016 7017 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Note Available memory in the device (memory card) The memory in the device (memory card) is partly used by system-relevant functions or reserved for that purpose. Thus it is not possible for the entire memory to be used for saving measurements. For further information please refer to the Function Manual Structure and Use of the CPU Memory (https://support.industry.siemens.com/cs/us/en/view/59193101). Note Memory requirements upon restart Following a device reboot the maximum number of measurements saved in the device is the number configured under "Number of measurements". With repeated restarts note that the measurements already saved are not overwritten and the "Number of measurements" configured in the device is saved once again. The following table explains the settings and displays: Setting/display Description "Saving of installed meas urements (memory card)" Repeat measurement automatically and store in the device retentively This setting is only possible with "Trigger on tag" trigger mode. The measurements are stored on the "primary" memory card. Note Only completed measurements are saved on the device. Any recording deactivated by the user is not saved on the device. This function is available with the following firmware versions: S7-1200 as of V4.2 S7-1500 as of V2.0 "Number of measurements" Input of the number of measurements to be saved on the card. "Memory requirements" 7018 Display of the expected memory requirement for all measurements WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Setting/display Description Displaying memory usage Shows the tab with the memory usage "Behavior if number reached" Selection for the behavior once "Number of measurements" is reached The following settings are possible: "Deactivating a recording" The measurements are repeated until the "Number of measurements on the card" is reached. "Overwrite oldest recording" The measurements are saved in a ring buffer and repeated until the user deactivates the recording. Once the number of measurements exceeds the "Number of measurements on the card" the oldest measurement on the card is overwritten in each case. Note Note that write processes that are repeated frequently may damage the card. Data types for trigger tags The following table shows the supported data types for the trigger tag: Memory requirement and format of the number Data type 1 byte BOOL 8-bit integers SINT, USINT, BYTE 16-bit integers INT, UINT, WORD 32-bit integers DINT, UDINT, DWORD 64-bit integers LINT, ULINT, LWORD (not S7-1200) 32-bit floating-point numbers REAL 64-bit floating-point numbers LREAL Trigger event Depending on the selection in the drop-down list, the further settings differ for the "event". The individual events are described below. "=TRUE" Supported data types: Bit (Page 7019) The recording starts when the state of the trigger is TRUE. "=FALSE" Supported data types: Bit (Page 7019) The recording starts when the state of the trigger is FALSE. WinCC Advanced V14 System Manual, 10/2016 7019 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function "Rising edge" Supported data types: Bit (Page 7019) The recording is started when the trigger state changes from FALSE to TRUE. After activation of the installed trace, at least two cycles are required to identify the edge. "Rising signal" Supported data types: Integers and floating-point numbers (Page 7019) The recording is started when the rising value of the trigger reaches or exceeds the value configured for this event. After activation of the installed trace, at least two cycles are required to identify the edge. "Falling edge" Supported data types: Bit (Page 7019) The recording is started when the trigger state changes from TRUE to FALSE. After activation of the installed trace, at least two cycles are required to identify the edge. "Falling signal" Supported data types: Integers and floating-point numbers (Page 7019) The recording is started when the falling value of the trigger reaches or falls below the value configured for this event. After activation of the installed trace, at least two cycles are required to identify the edge. "In the range" Supported data types: Integers and floating-point numbers (Page 7019) The recording starts as soon as the value of the trigger is in the value range configured for this event. "Outside of the range" Supported data types: Integers and floating-point numbers (Page 7019) The recording starts as soon as the value of the trigger is outside the value range configured for this event. "Value change" All data types are supported. The value is checked for change when the recording is activated. The recording starts when the value of the trigger changes. This trigger event is supported as of V13 SP1. Older versions of the TIA Portal cannot interpret the trigger. Note that no explicit information is output in this case. This can occur, for example, 7020 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function when the trace is transferred from a CPU to a TIA Portal less than V13 SP1 or a trace configuration is imported. "= value" Supported data types: Integers (Page 7019) The recording starts when the value of the trigger is equal to the value configured for this event. "<> "<> value" Supported data types: Integers (Page 7019) The recording starts when the value of the trigger is not equal to the value configured for this event. "= bit pattern" Supported data types: Integers (Page 7019) The recording starts when the value of the trigger matches the bit pattern configured for this event. The following figure shows the setting options for a "bit pattern": It is possible to switch between the icons by clicking the respective button. The following table shows the icons: Icon Description Bit is not evaluated Bit is checked for FALSE Bit is checked for TRUE "<> bit pattern" Supported data types: Integers (Page 7019) WinCC Advanced V14 System Manual, 10/2016 7021 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function The recording starts when the value of the trigger does not match the bit pattern configured for this event. See also Configuring the trigger conditions (Page 7023) Configuration Trace configuration - overview The configuration of the recording conditions and the signals to be recorded is device-specific. Requirement A trace configuration has been created and opened in the working area of the "Configuration" tab. Procedure The following table shows the procedure for configuring. Step Description 1 Documentation of the configuration (optional) 2 Selecting signals (Page 7022) Enter a comment and an author for the configuration in the Inspector window. Select the signals to be recorded in the "Signals" area. 3 AUTOHOTSPOT Select a recording time, a cycle and the duration in the "Recording conditions" area. 4 Configuring the trigger conditions (Page 7023) In the "Recording conditions" area, select whether the recording is to be performed imme diately or depending on a trigger condition. 5 Configure installed measurements (memory card) (Page 7024) In the "Recording conditions" area, select whether the recording is to be saved on the device (memory card). Selecting signals Requirement A trace configuration has been created and opened. The "Signals" area is open in the "Configuration" tab. 7022 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function Procedure To configure the signals to be recorded, proceed as follows: 1. Select a signal. The following options are available: - In the "Name" column, click the button and select a tag. - Enter the symbolic tag name in the cell in the "Name" column. - Enter the address directly in the "Address" column. - Drag a signal to the table using drag-and-drop. 2. Click in the "Color" column and select a color for the display of the signal. 3. Click in the "Comment" column and enter a comment for the signal. 4. Repeat the procedure from step 1 until all the signals to be recorded have been entered in the table. Configuring the recording cycle and duration Requirement A trace configuration has been created and opened. The "Recording conditions" area is open in the "Configuration" tab. Procedure To configure the cycle and the duration of a recording, proceed as follows: 1. Click the button for the recording time. 2. Select an OB for the recording time (Page 7011). 3. Select a unit for the reduction factor in the drop-down list for "Record every". 4. Enter the factor for the reduction in the input field for "Record every". 5. Select a unit in the drop-down list for "Recording duration". 6. Specify the recording duration. The following options are available: - Enter a value for the duration in the input field for "Recording duration". - Activate the "Use max. recording duration" checkbox. Configuring the trigger conditions Requirement A trace configuration has been created and opened. The "Recording conditions" area is open in the "Configuration" tab. WinCC Advanced V14 System Manual, 10/2016 7023 Using online and diagnostics functions 14.6 Using the trace and logic analyzer function "Record immediately" trigger condition To start the recording immediately, proceed as follows: 1. Select the "Record immediately" entry in the drop-down list for "Trigger mode". The input fields for the trigger tag are hidden. "Trigger on tag" trigger condition To start the recording depending on a condition, proceed as follows: 1. Select the "Trigger on tag" entry in the drop-down list for "Trigger mode". 2. Select a trigger tag. The following options are available: - Click the button for the trigger tag and select a tag. - Enter the address or the symbolic name of the tag directly in the input field for the trigger tag. A drop-down list with events and input fields is displayed. The display depends on the data type of the tag. 3. Configure the event. 4. Select a unit for the pre-trigger in the drop-down list for "Pre-trigger". 5. In order to record a period before the trigger event, enter a value greater than 0 in the input field for the pre-trigger. Note Cyclic test of the trigger condition The trigger condition is checked in every cycle irrespective of the setting in "Record every". To reliably identify the trigger, the trigger signal must be present for at least one full cycle. Note No evaluation of the trigger during saving No new trigger can be evaluated provided that the recording is saved. Configure installed measurements (memory card) Requirement A trace configuration has been created and opened. The "Recording conditions" area is open in the "Configuration" tab. The "Trigger on tag" trigger mode is set. The firmware on the device supports the recording of an installed measurement. 7024 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Procedure Proceed as follows to save the installed measurement (on the memory card): 1. Select the "Save measurements on device (memory card)" check box. 2. Enter the number of measurements that ought to be saved on the card in the "Number of measurements" entry field. 3. Set the desired behavior once the "Number of measurements" has been reached in the "Behavior if number reached" drop-down list. 14.7 Establish remote connection with Teleservice 14.7.1 Basics of working with TeleService 14.7.1.1 Introduction to TeleService Introduction TeleService gives your controller telecommunication capability. You can manage, control and monitor distributed plants centrally by means of remote connections. Scope of functions TeleService allows you to use the range of TIA portal functions via a telephone network or an Internet connection by establishing a remote connection to a remote system. The online connection allows you to edit a remote system in the usual way with the TIA Portal. Advantages Using TeleService offers the following advantages: You can easily access even remote sections of plants and include them in a complete system. You can offer rapid help and support in the event of faults in a remote system without having to go there yourself. You can employ your resources effectively. It significantly reduces costs. It can significantly reduce plant downtimes. It improves the efficiency of your plant. See also TeleService functionality (Page 7026) WinCC Advanced V14 System Manual, 10/2016 7025 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.1.2 TeleService functionality TeleService fields of application TeleService offers the following the fields of application: Access to remote systems (remote maintenance): You can manage, control, and monitor remote systems centrally by means of remote connections. This is possible with an S7-300/400 CPU, an S7-1200 CPU and an S7-1500 CPU and a TS Adapter MPI or a TS Adapter IE. Establishing connections from and to remote systems (PG-AS remote link): You can use PRODAVE MPI V5.0 and newer to establish a remote connection to a remote system, and the communications instruction "PG_DIAL" to establish a remote connection from a remote system. This is possible with an S7-300/400 CPU and a TS Adapter MPI. Data exchange between systems (AS-AS remote link): The communications instruction "AS_DIAL" allows two automation systems to exchange process data over the telephone network. This is possible with an S7-300/400 CPU and a TS Adapter MPI. Sending a text message from a system: An automation system can send a message (SMS) via a GSM wireless modem using the communications instruction "SMS_SEND" ". This is possible with an S7-300/400 CPU and a TS Adapter MPI. Sending an email from a system An automation system can also send an email with the following communications instructions and a TS Adapter IE . - S7-300/400 CPUs (CPU S7-31x-2PN/DP or CPU 41x-3PN/D) use the instruction "AS_MAIL" - S7-1200 CPUs use the instruction "TM_MAIL" - S7-1500 CPUs use the instruction "TMAIL_C" 14.7.1.3 Telephone book at TeleService Introduction By double clicking the "phone book" folder in the project tree you open the phone book editor displaying the TeleService phone book. Each version of the TIA Portal has its own "global phone book". If a global phone book from an earlier version of the TIA Portal is found in a more recent version of the TIA Portal, you will be asked once if you want to import this phone book. This gives you the advantage of being able to import the system data from the previous version into the more recent version of the TIA Portal. 7026 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Global phone book properties The global phone book is used in TeleService to manage specific system data that are required to establish a remote connection. When you open the phone book for the first time, you will see an empty phone book with all available columns; in all other cases, the last phone book edited is displayed. You can enter any number of systems in a phone book. Systems contain the data required for establishing a remote connection, for example, the name and location of the device and the phone number to be dialed, along with all country-specific details. With VPN connections, you can enter an IP address or a DNS name instead of the phone number. The TS adapters used for establishing the connection are distinguished by color, depending on whether a TS Adapter MPI or a TS Adapter IE is used for establishing the connection. 14.7.2 Working with the phone book 14.7.2.1 Basics on working with the phone book Working with the phone book You have the following options when working with a phone book: Open phone book Save phone book Import phone book data Export phone book data Printing the phone book Use phone book data to establish a remote connection You can implement these functions simply and easily by using the buttons in the phone book toolbar. Note Access to phone books The phonebook is user specific in TeleService. However, it is not possible to access the global phone book with more than one instance of the TIA portal at the same time. See also Open phone book (Page 7029) Saving phone book (Page 7030) Exporting phone book data (Page 7032) WinCC Advanced V14 System Manual, 10/2016 7027 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Printing the phone book (Page 7033) Structure of the phone book (Page 7028) 14.7.2.2 Structure of the phone book Introduction A global phone book in TeleService is used to manage the data you require for establishing a remote connection. Once you have created the connection data and saved it in the phone book, you can access it each time you want to establish a remote connection. Structure of the phone book The integrated global phone book in TeleService contains the following columns: Column name Description Plant name Enter a name for your system. Adapter type Select the TS Adapter type used in the drop-down list: TS Adapter MPI or TS Adapter IE. Connection type Select the required connection type: Dial-up connection or VPN connection. Area code Enter the required area code. This column is only active with dial-up connections. This column cannot be edited for VPN connections. Phone number/remote address Enter the required connection data for establishing the remote connection. For dial-up connections, this can be a phone number, and for VPN connections a DNS name or an IP address. Fingerprint Enter the corresponding fingerprint for establishing a VPN connection to the TS Adapt er IE Advanced. Country Enter the country code. This column is only active with dial-up connections. This column cannot be edited for VPN connections. User name Enter the user name you have logged on under. Password Enter the password for this user name. Group Enter the group if you have carried out grouping. Company Enter the company to be contacted. Department Enter the relevant department. Street Enter the street. Town/City Enter the town or city to which the remote connection is to be established. Comment Enter a comment if required. Showing or hiding columns You can show or hide the individual columns. To do so, select the required column header and open the shortcut menu with the right mouse button. 7028 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.2.3 Symbols in the phone book Meaning of the TeleService icons The following table shows the meaning of the TeleService icons: Symbol Meaning Open the global phone book Imports a phone book Exports a phone book Establishes a remote connection Terminates the active remote connection Establishes a remote connection or terminates it Displays the connection to a TS Adapter IE in the phone book Displays the connection to a TS Adapter MPI in the phone book Adds a new row to the phone book Inserts a new row in the phone book 14.7.2.4 Manage phone book Open phone book Opening phone books To open the phone book, follow these steps: 1. In the project tree, double-click on the "Phone book" folder under "Online access" > "TeleService". 2. The phone book opens so that you can enter or edit the required system data. Inserting rows in the phone book Inserting rows in the phone book To insert a new row in the phone book, follow these steps: 1. Select the row in front of which you want to insert a new row. 2. Click the "Insert row" button in the toolbar. WinCC Advanced V14 System Manual, 10/2016 7029 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Result A new row is inserted in the phone book above the selected row. Showing and hiding columns in the phone book Showing and hiding columns To show or hide columns in the phone book, follow these steps: 1. Click a column header. 2. In the shortcut menu, select the "Show/hide columns" command. The selection of available columns is displayed. 3. To show a column, select the column's check box. 4. To hide a column, clear the column's check box. Result The respective columns are shown or hidden when displaying the phone book. Saving phone book Saving phone books When you exit the phone book editor or the TIA Portal, you are asked whether you want to save the global phone book. Click "Yes" to save the phone book. Importing phone book data Introduction It is possible to import the phone book data from an external file or from an older version of the TIA Portal. Requirement You have already created an import-capable phone book file. You have already created a phone book with an older version of the TIA Portal. 7030 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Importing phone book data from a phone book file To import phone book data from a phone book file, follow these steps: 1. Open the "TeleService" folder under "Online access" in the project tree. 2. Double-click on the "Phone book" folder. 3. Click the "Import" button in the toolbar. 4. Confirm the prompt asking if you want to save the current state of the phone book with "Yes", if applicable, and specify the location for storing the phone book in the dialog that follows. 5. If you do not want to save the current state of the phone book, answer the prompt with "No". In the subsequent dialog, select the phone book file to which the current phone book should be stored. 6. Close the dialog box with "OK". Result The imported phone book data is displayed in the global phone book. Note Defining dialing rules Dialing rules must be defined before the "area code" and "country" columns in the imported phone book can be edited for dial-up connections. To define dialing rules, follow the link in the history. Importing phone book data from an older version of the TIA Portal To import phone book data from an older version of the TIA portal, follow these steps: 1. Open the "TeleService" folder under "Online access" in the project tree. 2. Double-click on the "Phone book" folder. 3. Click the "Import" button in the toolbar. 4. Confirm the prompt asking if you want to save the current state of the phone book with "Yes", if applicable, and specify the location for storing the phone book in the dialog that follows. 5. If you do not want to save the current state of the phone book, answer the prompt with "No". 6. Enter the following path in the dialog that follows: "%appdata%\siemens\automation \TeleService\GlobalTeleServicePhoneBook.tel". 7. Close the dialog box with "OK". WinCC Advanced V14 System Manual, 10/2016 7031 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Result The phone book data imported from the older version of the TIA Portal is displayed in the global phone book. Note Defining dialing rules Dialing rules must be defined before the "area code" and "country" columns in the imported phone book can be edited for dial-up connections. To define dialing rules, follow the link in the history. See also Defining dialing rules (Page 7033) Exporting phone book data Introduction It is possible to export phone book data to an external file. Requirement You have already created a phone book under TeleService with the corresponding system data. Procedure To export the phone book data, follow these steps: 1. Open the "TeleService" folder in project tree. 2. Double-click on the "Phone book" folder. 3. Click the "Export" button in the toolbar. 4. In the next dialog box, select where the current phone book is to be exported. 5. Close the dialog box with "OK". Result The exported phone book data are saved in the specified export file. 7032 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Printing the phone book Printing phone books You can print out all or some of the data in a phone book. Proceed as follows: 1. Open the phone book. 2. Select the Project > Print menu command or click on the appropriate button in the toolbar. The "Print" dialog will open. 3. Specify whether you wish to print the complete phone book or just part of it and set all other options. 4. Start the print job with "OK". Result The phone book data is printed on the default printer. If the printout is more than one page long, an identifier is printed after the page number at the bottom right corner of the page to indicate that there is another page. The last page does not have this symbol, indicating that no more pages are to follow. Defining dialing rules Procedure To define location-specific dialing rules, follow these steps: 1. Open the "Online access" folder in the TIA Portal and select the "TeleService" folder. 2. Use the shortcut menu to access the "TeleService" properties. 3. In the dialog that follows, open the "Advanced settings" tab and activate the "Use dialing rules" option. 4. Click the "Adapt" button. 5. In the dialog that follows, enter the required location information for connection establishment. - For new locations, enter the country or region and the corresponding area code. - If required, set the correct destination code and pre-dial line for local/long-distance calls. - Select your chosen dialing mode for the location. 6. Exit the dialog by clicking "OK". 7. In the next dialog, select the location from which you wish to dial, and click "OK". WinCC Advanced V14 System Manual, 10/2016 7033 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 8. In the TeleService dialog that follows, check that the correct location appears under "Location". 9. Confirm your entries by clicking "OK". Note Modem operation on a local loop or extension You do not need to specify a pre-dial line if you operate your modem on a local loop (main telephone line). The fields for the pre-dial lines for local calls and long-distance calls must be empty. If you operate your modem on an extension, you should enter the pre-dial lines which need to be called to access a local loop. Example of the use of dialing rules The following example illustrates the use of location-specific dialing rules for the city of Karlsruhe in Germany. In the TeleService phone book, you enter the phone number "1234567", without the area code and without the country code. Result: The phone number "1234567" is always dialed, irrespective of the location of the caller. In addition to the phone number "1234567", you enter the location-specific dial parameters for the Karlsruhe area code "0721" and the country code "+49" for Germany in the TeleService phone book. Result: "1234567" is dialed from Karlsruhe. "07211234567" is dialed from other towns in Germany. "00497211234567" is dialed from other countries. Note Display in the phone book The "area code" and "country" columns in the TeleService phone book can only be edited once you have defined the dialing rules as detailed above. 7034 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.3 Remote connections as dial-up connections 14.7.3.1 Basics for establishing a dial-up connection Using a TS Adapter for dial-up connections A TS Adapter is needed for establishing a remote dial-up connection using TeleService. The TS Adapter is used to prepare an automation system for use with TeleService by connecting it to a telephone network via a modem. The TS Adapter has an integrated parameter memory in which a parameter set for TeleService operation is stored. With the function "export adapter parameter", different parameter sets can be saved in external files, and reloaded in the TS Adapter via the function "import adapter parameter". Establishing a remote dial-up connection You can choose between a number of different TS Adapters, each of which offers a different functionality and different connection options. The figure below shows two possible configurations for establishing a dial-up connection to a system with the TS Adapter IE. 76$GDSWHUb,( 2SHUDWLRQZLWKH[WPRGHP 0RGHP 0RGHP (WKHUQHW 3URJUDPPLQJGHYLFH3& $XWRPDWLRQV\VWHP 76$GDSWHUb,( 2SHUDWLRQZLWKLQWPRGHP 0RGHP 3URJUDPPLQJGHYLFH3& WinCC Advanced V14 System Manual, 10/2016 (WKHUQHW $XWRPDWLRQV\VWHP 7035 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Overview of possible TS Adapter: The TS Adapter comes in the following versions: TS Adapter II (also designated "TS Adapter MPI") TS Adapter IE Standard (also designated "TS Adapter IE") TS Adapter IE Basic (also designated "TS Adapter IE") Designation "TS Adapter" In the following pages, the designation "TS Adapter" stands for all versions. The relevant product designation is listed beside information which only applies to a specific version, for example, "TS Adapter II" or "TS Adapter IE Standard". Note For more detailed information on your TS Adapter, please refer to the documentation supplied with the TS Adapter. See also Short description of the TS adapter MPI (Page 7044) Short description of the TS adapter IE (Page 7051) Exporting adapter parameters (Page 7050) Importing adapter parameters (Page 7050) 14.7.3.2 Telephone networks and modems Supported telephone networks and modems Telephone networks which can be used TeleService can be used with digital networks (ISDN), analog networks and wireless networks (with GSM technology). This version supports a remote connection to a TS Adapter. Modem support TeleService has been implemented to be independent of the modem. This means that all standard modems which can be installed in the Windows Control Panel and are visible as modems can also be used by TeleService. The choice of modem type is determined primarily by the existing hardware of the programming device/PC and the telephone network to be used. 7036 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice The following modem types/media are supported: Modems (external modems at the COM interface, internal modems and PCMCIA cards) External ISDN adapter at the COM interface or USB interface Internal ISDN adapter with virtual COM interface (for example AVM CAPI port) External ISDN modems (ISDN adapter with integrated analog modem functionality) at the COM interface or USB interface Radio network modems with GSM technology, PCMCIA adapter card or data cable and mobile phone Gateways Gateways between the various telephone networks are in principle possible. Remote connections from an ISDN adapter to an analog modem and vice versa only function with special ISDN telephone adapters. Performance in telephone networks The data throughput of a remote connection depends on the modem and telephone network used and the quality of the telephone line. Installing the local modem Introduction If you have already installed a modem for data transfer in your operating system, this modem can also be used for TeleService. If a modem has not yet been installed for your operating system, one must be installed before you can establish a remote connection with TeleService. Procedure Proceed as follows: 1. Make sure your programming device/PC and the modem are switched off. 2. Physically connect the external modem to a COM or USB interface on your programming device/PC. You can also install an internal modem or a PCMCIA card in accordance with the manufacturer's specifications. 3. Now switch on the modem and then the programming device or the PC. WinCC Advanced V14 System Manual, 10/2016 7037 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Result Plug-and-play modems are recognized and installed automatically by the operating system. Dialogs will take you through the installation procedure. Note Modems without plug-and-play If your modem is not recognized automatically when switched on, you will have to install it yourself using the Control Panel. Please refer to the information in the documentation supplied with your modem. Connecting and configuring the remote modem Introduction A modem must also be connected to the remote system before you can work with TeleService. This modem is designated the "remote modem". Configuring the remote modem The modem receives all parameters required for operation from the TS Adapter connected. These include data for initializing the modem and settings for serial transmission between the TS Adapter and the modem. The data required for the remote modem is specified during the configuration of the TS Adapter. The modem may be internal or external depending on the TS Adapter used. How to connect a TS Adapter with an internal modem 1. Switch off the TS Adapter. 2. Connect the TS Adapter to the automation system. 3. Connect the TS Adapter to the telephone line. 4. Switch on the TS Adapter. How to connect a TS Adapter with an external modem 1. Switch off the modem. 2. Connect the TS Adapter to the automation system. 3. Connect the TS Adapter to the modem using a modem cable. 4. Connect the modem to the telephone line. 5. Switch on the modem. 6. Switch on the TS Adapter. 7038 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Note Please note the following information on configuring the remote modem: The default parameters for the modem and the serial port set in the TS Adapter should in most cases ensure successful operation; changes in the parameter assignment will only be needed in rare cases. You need only change the parameter assignment of the TS Adapter if a modem connection is not established or if factory settings are to be adapted or optimized. TS Adapter parameter assignment can be changed via either a direct or a remote connection. 14.7.3.3 Access protection for dial-up connections Access protection information Introduction When you assign the parameters for your TS adapter, you can restrict access to the parameters of the TS adapter and access to remote systems. Scope of access protection Access protection only exists for remote connections; TS adapter parameter assignment can be accessed at any time in direct connection mode. Access protection also exists in direct connection for the TS adapter IE. Access protection information The TS Adapter MPI is not delivered with access protection activated. There is a default password for the TS adapter IE. The first user who assigns the parameters for this adapter can therefore activate access protection by defining the password for a user and/or a callback number. This is a multi-level access protection with several users, each with or without administrator rights. For the TS adapter MPI there is only one adminstrator and no more than two users. For a modem connection, only an administrator can define the two users and change and, if necessary, delete their settings. Those logged in as users can only change their own passwords and their own callback numbers. However, with the TS adapter MP you can access the process of assigning parameters of the TS adapter in direct connection, without restriction. WinCC Advanced V14 System Manual, 10/2016 7039 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Advantages Access protection offers the following advantages: Unauthorized access by persons outside the system is almost impossible. The plant operator bears most of the telephone costs. TeleService callback options Callback variants The costs of a telephone connection are normally borne by the caller who establishes the dialup connection. TeleService can, however, be used so that after a short initial connection the modem connection is established again in the opposite direction, in other words initiated by the TS Adapter (callback). In this case, the plant operator bears the costs of the callback. There are two callback variants in TeleService: 1. Callback to a number specified during connection establishment. 2. Callback to a number stored on the TS Adapter. Levels of protection Introduction You can set up one of two possible levels of access protection for TeleService access to the TS Adapter. Different options are available with each protection level. Access protection options Access protection level 1: The TS Adapter is protected by the user name and password. You can access the TS Adapter via any telephone line and specify any callback number during connection establishment. Access protection level 2: The TS Adapter is protected by the user name, password, and the callback number. You can only access the TS Adapter from one telephone connection per user. The table below sets out the above conditions for the various protection levels: 7040 Level of access protec tion Administrator/User password Callback number 1 enter do not enter 2 enter enter WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Logging on to TS Adapter When you log on to the TS Adapter and after you have set up access protection, enter your user name, the corresponding password and, if desired, a callback number: Level of access protec tion Administrator/User password Callback number 1 enter do not enter or enter any callback number 2 enter do not enter If you have entered a callback number during connection establishment (access protection level 1) or stored a callback number in the TS Adapter (access protection level 2), the modem connection will be terminated and the TS Adapter will call back the given number. Setting up access protection and callback number for the TS adapter Introduction During the parameter assignment for the TS adapter MPI in TeleService, you can set up access protection and a callback number for the parameter assignment of the adapter and connection to the remote system. The following describes the parameter assignment for a TS adapter MPI. The parameter assignment of a TS adapter IE is carried out in analog. The specific method is described in the web help of this adapter. Requirement A TS Adapter MPI is connected to your computer and is displayed in the project tree under "Accessible nodes". Procedure To set up access protection for the TS adapter, proceed as follows: 1. Click on the command "Assign TS Adapter MPI parameters" in the project tree. 2. Open the "Access security" tab. 3. Enter a password for your user name and/or number that you want the modem to call back following logon. - If you are an administrator, you can change all the settings for administrators and users, and delete or create users. - If you are logged on as a user, you can only change your own settings (password and callback number). 4. Confirm all entries before exiting the dialog with "OK". 5. Click the "Yes" button to confirm the following query. WinCC Advanced V14 System Manual, 10/2016 7041 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Result The parameter assignment for the access protection and the callback number is saved in the non-volatile memory of the TS adapter MPI. Note Important points to note when setting up access protection: The settings in the "Modem" tab must correspond to the conditions at the plant if callback functionality is to be guaranteed. Entering an incorrect callback number in the role of "ADMIN" user will mean you are no longer able to access the TS Adapter MPI over a remote connection! Test the callback number before you enter it as the "ADMIN" user by calling the given callback number during connection establishment (access protection level 1). Complete a callback in TeleService Callback options Two different callback variants can be set up in TeleService. The following callback options are available: Callback to a number specified during connection establishment. Callback to a number stored on the TS Adapter Callback to a number specified during connection establishment 1. In the project tree of the TIA Portal, click the "Online access" folder. 2. Click on the "TeleService" folder it contains. 3. Double-click the "Set up/close remote connection" entry. The "Set up remote connection to the remote system" dialog opens. 4. In the "Adapter type" drop-down list, select the adapter type used. 5. Select the "dial-up connection" under "Connection type" if it is not already selected. 6. Select the modem you are using under "Local Settings". 7. Enter the phone number to be dialed in the appropriate box or open the phone book by clicking on the button behind it and take the desired phone number from the phone book. 8. Enter your user name and associated password of the TS adapter. 9. If you want a "Connection setup with callback", select the appropriate option button. 7042 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 10.Click the "Connect" button to establish the required remote connection. This button only becomes active when you have entered all the parameters needed to establish a remote connection. Any remote connection is displayed under "Status". 11.Enter the desired callback number in the dialog that follows. Result The remote connection to the desired system is made with callback. The connected system is shown with the corresponding icon in the project tree. Note This procedure is useful if the costs of the modem connection are to be borne by the plant operator and if the actual callback number is not fixed, which means callback is not always to the same receiver. It is particularly useful for mobile users. Callback to a number stored on the TS Adapter 1. Assign the parameters for the desired callback number in the TS adapter. 2. Establish a connection to the TS adapter as described above, and observe the following features: - Enter the user name and password for which the callback number parameters are assigned in the TS adapter. - The check box "Establish a connection with callback" does not have to be selected, since the callback number is already known by the TS adapter. Result Callback to a number stored on the TS adapter has been established. If a remote connection is established, the callback occurs from the remote system. Note This procedure offers the highest level of access protection. However, it does pose a risk: if the callback number stored on the TS Adapter is not correct, it will no longer be possible to access the TS Adapter over a modem connection. The device can in such a case only be put back into operation by changing the parameter settings on site. WinCC Advanced V14 System Manual, 10/2016 7043 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.3.4 TS adapter MPI Short description of the TS adapter MPI TS Adapter MPI: The designation "TS Adapter MPI" is a collective term for allTS Adapter with an MPI/DP interface. The TS Adapter MPI comes in the following versions: As TS Adapter I (parameters cannot be assigned via the TIA Portal) as TS Adapter II The table below provides a short description of the functionalities. For detailed information on your TS Adapter, please refer to the documentation supplied with your TS Adapter. TS Adapter II: Direct connection Connection via the Universal Serial Bus (USB). The firmware can be replaced. The modem is integrated or can also be connected as external mo dem. The TS Adapter II switches automatically between the modems. As long as no external modem is connected, the adapter will use the internal modem. There are two variants With internal analog modem. An external modem can also be connected to the RS232 port. With internal ISDN adapter. An external modem can also be connected to the RS232 port. Use of the designation "TS Adapter" For TeleService the designation "TS Adapter" is the generalization for all versions. The relevant product designation is listed beside information which only applies to a specific version of a TS Adapter, for example, "TS Adapter II", "TS Adapter IE Standard" or "TS Adapter IE Basic". How the TS adapter MPI works How the TS Adapter MPI Works In line with the configuration, the TS Adapter MPI connects the serial port or USB port of your programming device/personal computer (direct connection) or the serial port of a modem (modem connection) to the MPI/PROFIBUS network of your automation system. The TS Adapter MPI has a non-volatile memory. Parameters for the following functions are stored in this memory: The MPI/PROFIBUS network (network parameters) The mode of the modem used 7044 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice The serial port to the modem Access protection Default parameter assignment The TS Adapter comes with default parameter assignment. The parameters can be set and saved to the non-volatile memory of the TS adapter in a parameter assignment session. When "Direct connection" is configured, the TS Adapter will only use the network parameters for access to the MPI/PROFIBUS network. In the "Modem connection" configuration, all the parameters stored on the TS Adapter will be activated. Note For more detailed information on the configuration of your TS Adapter, please refer to the documentation supplied with it. Operating a TS adapter MPI in direct connection mode Direct connection with TS Adapter MPI The direct connection is used to assign the parameters of the TS Adapter MPI. The same configuration also allows you to go online in the TIA Portal and thereby check the assigned MPI/PROFIBUS parameters for bus compatibility. This means that (as with a PC adapter) SIMATIC S7/C7 systems can be accessed via the MPI/DP interface without an MPI/ PROFIBUS module occupying a slot for a programming device/PC. Access protection for the TS Adapter is not active in direct connection configuration. This means that the parameter assignment of the TS Adapter can be changed without any problems, for example by importing adapter parameters. Note Display of the TS Adapter MPI in the TIA Portal As soon as you have connected a TS Adapter MPI to the programming device/PC via the USB interface, the "TS Adapter" folder is displayed in the project tree in the TIA Portal. When you open the folder, you can assign the parameters of the connected TS Adapter MPI via the following dialog. Establishing the direct connection for TS Adapter MPI Direct connection mode means there is a direct connection via the TS Adapter MPI between the programming device/personal computer on which TeleService is installed and the automation system. No modem is required. WinCC Advanced V14 System Manual, 10/2016 7045 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice The figure below shows the configuration of the TS Adapter MPI with a direct connection. 76$GDSWHU,, 86% 03,'3 86%FDEOH 3URJUDPPLQJGHYLFH3& $XWRPDWLRQV\VWHP Operating a TS adapter MPI in modem connection mode Introduction to the modem connection with TS Adapter MPI This configuration allows you to dial into a remote system. To do this, you establish a remote connection to a remote system using TeleService on a telephone network. Over the established modem connection, you can then work with the selected plant as usual with the TIA Portal. Establishing a modem connection with TS Adapter MPI This connection between the programming device or PC on which TeleService is installed and the automation system in which the TS Adapter MPI is inserted in the MPI/DP interface is made through a modem route. The configuration therefore includes the programming device or PC via the telephone network and the TS Adapter MPI on the MPI/DP interface of the automation system. The figure below shows the structure of the modem connection. 7046 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 0RGHP 76$GDSWHU, 0RGHP 03,'3 $XWRPDWLRQV\VWHP 3URJUDPPLQJ GHYLFH3& 76$GDSWHU,, 2SHUDWLRQZLWKH[WPRGHP 0RGHP 03,'3 0RGHP $XWRPDWLRQV\VWHP 3URJUDPPLQJGHYLFH3& 76$GDSWHU,, 2SHUDWLRQZLWKLQWPRGHP 0RGHP 3URJUDPPLQJ GHYLFH3& 03,'3 $XWRPDWLRQV\VWHP Note Parallel operation between direct and modem connection The TS Adapter II has two connections for communication with PG/PC, both of which can be connected at the same time. At the same time, connect the USB interface with the PG/PC and the modem interface with the telephone network. In this configuration you can either use the direct or the modem connection. A parallel operation is not possible! TS adapter MPI configuration options Useful information on configuring the TS Adapter MPI The TS Adapter MPI can be configured in both direct connection mode and via an existing remote connection. The following parameter assignment options are available: Reconfiguration (Page 7048) Restoring default parameter assignment (Page 7049) Importing adapter parameters (Page 7050) Exporting adapter parameters (Page 7050) Setting up access protection (Page 7041) WinCC Advanced V14 System Manual, 10/2016 7047 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Parameter assignment Configure your TS Adapter in accordance with the documentation supplied with the TS Adapter. It will detail the exact procedure for parameter assignment. Note Please note the following when configuring the TS Adapter MPI If you change the current parameter settings when there is an established remote connection, there is a risk it will not subsequently be possible to establish a modem connection with the modified parameters. The TS Adapter MPI can in this case only be configured in direct connection mode. This means that either parameter assignment must be carried out with a programming device/personal computer at the plant location or the TS Adapter MPI must be brought to the location of the local programming device/personal computer in order to be configured. Positive acknowledgement During parameter assignment, the data is written to the non-volatile memory of the TS Adapter MPI. The parameter assignment process is not acknowledged positively until all precautions have been taken to ensure that parameter changes have been carried out correctly and will thus survive a power failure. Changes become effective for the TS Adapter MPI as follows: The serial parameters, the modem parameters and the parameters for access protection are activated once the remote connection has been terminated. The modified network parameters are activated immediately. Configuring TS adapter MPI Introduction The TS Adapter MPI can be configured in both direct connection mode and via an existing remote connection in modem connection mode. The following describes the method for assigning parameters. Requirement A TS Adapter MPI is connected to your computer and the folder "TS Adapter" is displayed in the project tree under "Online access". 7048 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Procedure To assign the parameters for the TS Adapter MPI im Direktanschluss , follow these steps: 1. Double-click the "Online access" folder in the project tree. 2. Open the required folder: - The "TS Adapter" folder for a direct connection. - For an existing remote connection, the "TeleService" folder followed by the folder with the required system name. 3. Select the command "Assign TS Adapter MPI parameters". The "Assign TS Adapter MPI parameters" dialog opens. 4. Set the required parameters in the individual tabs of the dialog. 5. Confirm your entries with "OK". Result The configured parameters are saved in the non-volatile memory of the TS Adapter MPI. Parameter assignment is then complete. Restoring default parameter assignment for TS adapter MPI Introduction You can restore the default, factory state parameters of the TS Adapter MPI. Requirement A TS Adapter MPI is connected to your computer and is displayed in the project tree under "Online access" in the "TeleService" folder. Procedure Proceed as follows to restore default parameters for the TS Adapter MPI: 1. Open the "TeleService" folder in project tree. 2. Double-click the "TS Adapter MPI" folder. 3. Select the command "Assign TS Adapter MPI parameters". The "Assign TS Adapter MPI parameters" dialog opens. 4. Click the "Reset" button under "General". 5. Confirm your entries with "OK". Result The TS Adapter MPI default parameters set on delivery are restored. WinCC Advanced V14 System Manual, 10/2016 7049 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice See also TS adapter MPI configuration options (Page 7047) Exporting adapter parameters Introduction You can export the configuration of a TS Adapter MPI to an external file. The configuration saved in this file can be imported in turn into any number of TS Adapter MPI. This can for example be useful if you want to assign identical parameters to multipleTS Adapter MPI or if you want save, document or distribute the parameter set. Requirement A TS Adapter MPI is connected to your computer and is displayed in the project tree under "Online access" in the "TeleService" folder. Procedure To export the adapter parameters of a TS Adapter MPI: 1. Open the "TeleService" folder in project tree. 2. Double-click the "TS Adapter MPI" folder. 3. Select the command "Assign TS Adapter MPI parameters". The "Assign TS Adapter MPI parameters" dialog opens. 4. Click the "Export" button. 5. A window will open in which you can select the file to which you wish to export the configuration of the TS Adapter MPI. 6. Confirm with "Save". Result The parameters of the TS Adapter MPI are saved in the specified file (*.tap). The export of the adapter parameters is now complete. Importing adapter parameters Introduction You can import the configuration of a TS Adapter MPI from a previously created export file (*.tap). The configuration saved in this file can be imported into any number of TS Adapter. This can for example be useful if you want to assign identical parameters to multiple TS Adapter MPI. 7050 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice You can import parameters locally in direct connection mode or via an existing remote connection in modem connection mode. Requirement A TS Adapter MPI is connected to your computer and is displayed in the project tree under "Online access" in the "TeleService" folder. Procedure To import the adapter parameters of a TS Adapter MPI: 1. Open the "TeleService" folder in project tree. 2. Double-click the "TS Adapter MPI" folder. 3. Select the command "Assign TS Adapter MPI parameters". The "Assign TS Adapter MPI parameters" dialog opens. 4. Click the "Import" button. 5. A dialog will open in which you can select the file to which you wish to import the configuration of the TS Adapter MPI. 6. Confirm the next dialog with "Yes". Result The parameters selected are saved in the non-volatile memory of the TS Adapter MPI. Adapter parameter import is then complete. 14.7.3.5 TS adapter IE Short description of the TS adapter IE TS Adapter IE The designation "TS Adapter IE" is a collective term for allTS Adapter with an Ethernet port. The TS Adapter IE comes in the following versions: as TS Adapter IE Standard as TS Adapter IE Basic The tables below provide a short description of the functionalities. For detailed information on your TS Adapter, please refer to the documentation supplied with it. TS Adapter IE Standard: Direct connection by means of Industrial Ethernet (IE). Firmware update possible. Modem integrated or external. The TS Adapter IE cannot automatically switch between modems like the TS Adapter II. Parameters are assigned via a Web interface. There are 2 variants: WinCC Advanced V14 System Manual, 10/2016 7051 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice TS Adapter IE Standard: With internal analog modem. An external modem can also be connected to the RS232 port. With internal ISDN adapter. An external modem can also be connected to the RS232 port. TS Adapter IE Basic: Direct connection by means of Industrial Ethernet (IE). Firmware update possible. Plug-in modules. Parameters are assigned via a Web interface. There are 4 variants: TS Adapter IE Basic MODEM: Basic device TS Adapter IE Basic with TS Module MODEM for operation on the analog telephone network. TS Adapter IE Basic ISDN: Basic device TS Adapter IE Basic with TS Module ISDN for operation on ISDN telephone systems. TS Adapter IE Basic GSM: Basic device TS Adapter IE Basic with TS Module GSM for operation on the GSM radio network. TS Adapter IE Basic RS232: Basic device TS Adapter IE Basic with TS Module RS232 for connecting an external modem. Use of the designation "TS Adapter" "TS Adapter" is used in the TeleService online help as a general designation for all versions. The relevant product designation is listed beside information which only applies to a specific version of a TS Adapter, e.g. "TS Adapter I", "TS Adapter II", "TS Adapter IE Standard" or "TS Adapter IE Basic". How the TS adapter IE works How the TS Adapter IE works The TS Adapter IE connects the telephone network or the serial port of a modem with the Industrial Ethernet of your automation system. The TS Adapter IE has a non-volatile memory. Parameters for the following functions are stored in this memory: The mode of the modem used The serial port to the modem Access protection 7052 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Default parameter assignment The TS Adapter IE comes with default parameter assignment. The parameters can be set and saved to the non-volatile memory of the TS adapter in a parameter assignment session. Note For more detailed information on the configuration of your TS Adapter, please refer to the documentation supplied with it. Connection Types Connection types of the TS Adapter IE Basic The following diagrams show the connection types possible with the TS Adapter IE Basic. Direct connection In the direct connection to the PG/PC, you can set the TS Adapter IE Basic through Ethernet. Note The operation of the TS Adapter IE Basic without a TS module is not permitted. 760RGXO 76$GDSWHU,(%DVLF 3*3& (WKHUQHW Figure 14-1 WinCC Advanced V14 System Manual, 10/2016 Direct connection 7053 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Connection to the telephone network In order to have a direct connection to the telephone network, you must connect the TS Adapter IE Basic together with one of the following TS modules: TS Module Modem TS Module ISDN 760RGXOH0RGHP 760RGXOH,6'1 76$GDSWHU,(%DVLF $XWRPDWLRQV\VWHP 0RGHP :$1 (WKHUQHW 3*3& Figure 14-2 Direct connection to the telephone network More information about the TS modules can be found in the TS Adapter modular manual. Connection to the GSM network In order to connect to the GSM network, you must operate the TS Adapter IE Basic together with this TS module: TS Module GSM 760RGXOH*60 76$GDSWHU,(%DVLF $XWRPDWLRQV\VWHP 0RGHP (WKHUQHW 3*3& Figure 14-3 Connection to the GSM network More information about the TS modules can be found in the TS Adapter modular manual. 7054 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Connection to the telephone network through an external modem For the connection to an external modem, you must operate the TS Adapter IE Basic together with this module: TS Module RS232 760RGXOH56 76$GDSWHU,(%DVLF $XWRPDWLRQV\VWHP 0RGHP :$1 0RGHP (WKHUQHW 3*3& Figure 14-4 Connection to an external modem More information about the TS modules can be found in the TS Adapter modular manual. TS Adapter IE parameter assignment options Useful information for configuring the TS Adapter IE The TS Adapter IE is configured via a Web interface. Web help associated with the parameter assignment interface is made available for the configuring the TS Adapter IE. The following parameter assignment options are available: Reconfiguration Restoring default parameter assignment Importing adapter parameters Exporting adapter parameters Note Parameter assignment Configure your TS Adapter in accordance with the documentation supplied with the TS Adapter. It will detail the exact procedure for parameter assignments. WinCC Advanced V14 System Manual, 10/2016 7055 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Parameter assignment for TS Adapter IE Introduction The TS Adapter IE can be configured in both direct connection mode and via an existing remote connection in modem connection mode. Both parameter assignment options are described below. Specific details for assigning parameters of the TS Adapter IE can be obtained from the TS Adapter IE documentation. Parameter assignment of the TS Adapter IE in direct connection Requirement There is a LAN connection to your TS Adapter IE. The TS Adapter IE Basic is connected to the power supply. Procedure To assign the parameters for the TS Adapter IE , follow these steps: 1. In the project tree of the TIA Portal, open the "Online access" folder. 2. Double-click on the Ethernet port of your computer. 3. Double-click on the "Display accessible nodes" command. The TS Adapter IE is then displayed. 4. Double-click on the <TS Adapter IE> folder and then on "Online and diagnostic", and assign the desired IP address to the TS Adapter IE in the following dialogs. Please note that the IP address of the PG/PC interface card is located in the same subnet as the IP address that you issue for the TS Adapter IE. 5. Update the view in the project tree for the "Accessible nodes", so that the TS Adapter IE is displayed with the newly allocated IP address. 6. Open the folder <TS Adapter IE> in the device list. 7. Double-click the command "Assign TS Adapter IE parameters". The allocated web interface opens for assigning the parameters of the TS Adapter IE. 8. Complete the "logon" for the web interface. 9. Set the required parameters in the individual tabs of the dialog. 10.Confirm your entries with "Save settings". Result The configured parameters are saved in the non-volatile memory of the TS Adapter IE. Parameter assignment is then complete. 7056 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Parameter assignment of the TS Adapter IE using a remote connection Requirement There is an established remote connection to a TS Adapter IE . Procedure 1. In the project tree of the TIA Portal, open the "Online access" folder. 2. Open the "TeleService" folder followed by the required system folder. 3. Double-click the command "Assign TS Adapter IE parameters". The associated web interface for assignment of the TS Adapter IE parameters opens. The "logon" for the web interface takes place automatically with the login data of the remote connection. 4. Set the required parameters in the individual tabs of the dialog. 5. Confirm your entries with "Save settings". Result The configured parameters are saved in the non-volatile memory of the TS Adapter IE. Parameter assignment is then complete. 14.7.3.6 Establishing a dial-up connection to a remote system Establishing a dial-up connection Introduction to establishing a remote dial-up connection A dial-up connection is established when you use TeleService to dial into a remote system via a telephone network. The programming device/personal computer is connected to the telephone network with TeleService via a modem. At the other end, the automation system is connected to the telephone line via a configured TS Adapter and a modem. Requirements A local modem is installed and configured. The TS Adapter is located in the remote system. A remote modem is installed and parameters have been assigned. WinCC Advanced V14 System Manual, 10/2016 7057 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Proceed as follows: 1. In the project tree of the TIA Portal, click the "Online access" folder. 2. Click on the "TeleService" folder it contains. 3. Double-click the "Set up/close remote connection" entry. The "Set up remote connection to the remote system" dialog opens. 4. In the "Adapter type" drop-down list, select the adapter type used. 5. Under "Connection type", select "Dial-up connection". 6. Select the modem you are using under "Local settings". 7. Enter the phone number to be dialed in the appropriate box or open the phone book by clicking on the button behind it and take the desired phone number from the phone book. 8. Enter your user name and the corresponding password. 9. If you want a "Connection setup with callback", select the appropriate option button. 10.Click the "Connect" button to establish the required remote connection. This button only becomes active when you have entered all the parameters needed to establish a remote connection. Any remote connection is displayed under "Status". Result The dial-up connection to the desired system is established. The dialog closes as soon as the dial-up connection is established. The following message appears in the status bar of the TIA Portal: "Remote connection is up". You can now use the remote connection with the TIA Portal and communicate with the automation system. Connection cannot be established If the connection cannot be established, try to find the cause using the "Notes on troubleshooting". Terminating the connection Once you have finished editing the remote system, exit the remote connection in the project tree by double-clicking on the entry "Establish/disconnect remote connection". By exiting the TIA Portal, you are also terminating the remote connection. 7058 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Terminating a dial-up connection Terminating an active dial-up connection Note Terminating the dial-up connection You should go offline in the TIA Portal before you terminate the remote connection. Proceed as follows: 1. Double-click the "Set up/close remote connection" entry in the TIA Portal. 2. Confirm the prompt in the dialog that follows with "Yes". Result The connection is terminated. 14.7.4 Remote VPN connections 14.7.4.1 Basics for establishing a VPN connection Using a TS Adapter IE Advanced for VPN connections A TS Adapter IE Advanced is required to establish a VPN connection using TeleService. VPN definition VPN stands for "Virtual Private Network". This is a private network of computers based on a public network infrastructure. VPN is used to create a connection that is as secure as possible between devices in a private network at different locations and the gateway of another network. A VPN device has direct access to the gateway in the other network over an encrypted connection. WinCC Advanced V14 System Manual, 10/2016 7059 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice VPN connections When a VPN connection is established with TeleService, a CA certificate and a unique fingerprint generated from it are used for the unique identification of the TS Adapter IE Advanced. The VPN connection allows a communication that is secure from tapping and manipulation between the remote PC and the TS Adapter. If you want to establish a VPN connection to multiple remote networks, you will require a separate TS Adapter IE Advanced as an interface for each network. The networks connected by the TS Adapter can used identical IP addresses internally. Only the external IP addresses (WAN) of the TS Adapters need to be different. Only one VPN connection to a TS Adapter is possible at any one time. Note Authentication Please not that the CA certificate exclusively authenticates the TS Adapter IE Advanced. As in the case of dial-up connections, users are authenticated via the login (user name and password). Therefore, use only a secure password for the login. See also Establishing VPN connections (Page 7065) Terminating VPN connections (Page 7067) 14.7.4.2 Basics of CA certificates Introduction To establish a secure VPN connection with TeleService, you need to generate a CA certificate with a unique fingerprint when you configure the TS Adapter IE Advanced. You can install this CA certificate as follows on each PC which is to access the TS Adapter IE Advanced: Using the automatic download in the TeleService connection dialog, by entering the fingerprint for the CA certificate Manually by using the Microsoft(R) Management Console. Definition of CA certificate A CA certificate is a digital certificate issued by a "certificate authority" or "certification authority", hereinafter referred to as "CA". In the case of the TS Adapter IE Advanced, selfsigned certificates are used; the certification authority in this case is the TS Adapter IE Advanced itself. 7060 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Certificates for "SSTP" (Secure Socket Tunneling Protocol) and "HTTPS" (Hypertext Transfer Protocol Secure) are derived from the CA certificate. CA certificates contain a "key" and additional information used for authentication and for encrypting and decrypting confidential data. Additional information includes the validity period, references to certificate revocation lists, etc. which are included in the certificate by the CA. Using CA certificates with TeleService A CA certificate with a unique fingerprint is generated by the TS Adapter to uniquely identify the TS Adapter IE Advanced as connection partner for the remote PC. This CA certificate must be saved in the Windows certificate store of your programming device/ PC before you can establish a VPN connection. When you access the Web server using a direct connection, a security warning will appear if no CA certificate exists. In such cases, however, you can choose to ignore the warning and allow the connection. Note Handling CA certificates Specialist knowledge of the operating system is required for handling CA certificates. CA certificates should only be managed by trained personnel! You require administrator rights to manage CA certificates. Definition of fingerprint The fingerprint is a 20-byte hexadecimal expression. It provides a unique value for a CA certificate and is used to identify a specific CA certificate. A fingerprint is calculated dynamically using the SHA-1 algorithm and is not physically contained in the CA certificate. Use of fingerprints with TeleService The CA certificate is used to uniquely identify the TS Adapter IE Advanced as connection partner. A unique 20-byte fingerprint of this certificate is generated each time a CA certificate is generated by the TS Adapter IE Advanced. It is calculated automatically by the TS Adapter IE Advanced when the certificate is generated. Each certificate has a specific, unique fingerprint. This fingerprint must be transferred securely to your computer, for example by phone or in an encrypted e-mail. You need to enter this fingerprint in the connection dialog when establishing a VPN connection with TeleService, unless the CA certificate is already saved on your PC in the Windows certificate store. You will find the fingerprint for your TS Adapter IE Advanced in the web interface for the TS Adapter IE Advanced. To open the web interface, double-click the command "Assign TS Adapter IE parameters" in the device list in the TIA Portal. Perform the Web login to view the fingerprint in the "Security > Certificates" tab. WinCC Advanced V14 System Manual, 10/2016 7061 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice CA certificate download during connection establishment When the connection is established, TeleService checks whether a suitable CA certificate is installed in the Windows certificate store of your programming device/PC. If an appropriate certificate is found, the VPN connection is established as an SSTP connection (Secure Socket Tunneling Protocol). If no appropriate CA certificate is found, the CA certificate is first loaded by the corresponding TS Adapter IE Advanced. The TS Adapter IE Advanced is called by the remote address entered in the connection dialog. If this download of the CA certificate is successful, the fingerprint of the downloaded CA certificate is calculated and compared with the fingerprint entered in the connection dialog. If the two fingerprints match, a dialog opens and you are prompted to save the CA certificate in the Windows certificate store of your programming device/PC. You require administrator rights to save the CA certificate. The VPN connection is then established. See also Installing CA certificates for VPN connections (Page 7062) Deleting CA certificates for VPN connections (Page 7065) 14.7.4.3 Installing CA certificates for VPN connections Installing CA certificates To establish a secure VPN connection between your programming device/PC and a remote system with TeleService, you require a valid CA certificate generated by the TS Adapter IE Advanced. This must be saved in the Windows certificate store of your programming device/ PC. A CA certificate can be installed manually or using an automatic download. CA certificates are managed with the Microsoft(R) Management Console. Note Handling CA certificates Specialist knowledge of the operating system is required for handling CA certificates. CA certificates should only be managed by trained personnel! You require administrator rights to manage CA certificates! Requirement A CA certificate has yet to be installed in the Windows certificate store on your computer. 7062 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Installing CA certificates using the automatic download Proceed as follows: 1. Log on to the system as administrator. 2. Transfer the fingerprint for the CA certificate from the TS Adapter IE Advanced to your computer using a "secure route", for example by phone or in an encrypted e-mail. You will find the fingerprint for your TS Adapter IE Advanced in the web interface for the TS Adapter IE Advanced. To open the web interface, double-click the command "Assign TS Adapter IE parameters" in the device list in the TIA Portal. Perform the Web login to view the fingerprint in the "Security > Certificates" tab. 3. In the project tree of the TIA Portal, click the "Online access" folder. 4. Click on the "TeleService" folder it contains. 5. Double-click the "Set up/close remote connection" entry. The "Set up remote connection to the remote system" dialog opens. 6. Select the "TS Adapter IE" as Adapter type from the drop-down list. 7. Under "Connection type", select "VPN". 8. Enter the IP address / DNS name for the TS Adapter IE Advanced to be contacted in the relevant field. Alternatively, you can apply any existing data from the phone book by clicking the corresponding button. 9. Enter your user name and the corresponding password. 10.Copy the fingerprint displayed in the web interface for the TS Adapter IE Advanced to the "Fingerprint" column. 11.Click the "Connect" button to establish the required remote connection. This button only becomes active when you have entered all the parameters needed to establish a remote connection. 12.No valid CA certificate is found, because no CA certificate has been installed on your PC yet. A "normal" connection (not a VPN connection) is therefore established and the certificate required is downloaded from the TS Adapter IE Advanced to the working memory of your computer. The fingerprint is then calculated (SHA-1 algorithm) and compared with the fingerprint entered in the connection dialog. If the two fingerprints match, a dialog opens and you are prompted to save the CA certificate in the Windows certificate store of your programming device/PC. 13.Confirm that you want to save the CA certificate. Note Restart of STEP 7 required after renewal of CA certificate STEP 7 must be restarted after renewal of the CA certificate on the TS Adapter IE Advanced before the remote connection can be established with the help of the new fingerprint. Otherwise, it may not be possible to store the CA certificate in the Windows certificate memory and the remote connection cannot be established. WinCC Advanced V14 System Manual, 10/2016 7063 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Result The VPN connection to the required TS Adapter IE Advanced is established. The dialog closes once the connection is established. Manual installation of CA certificates Proceed as follows: 1. Log on to the system as administrator. 2. Open the Windows Certificate Manager on your programming device/PC with the Microsoft(R) Management Console. Click "Start", enter "mmc" in the search field and press ENTER. The console will open. 3. Open the "File" menu and click "Add/remove snap-in...". The "Add/remove snap-in..." dialog will open. 4. Double-click "Certificates" in the "Snap-in" list and select "Computer account" in the dialog that opens. 5. Select "Local computer" in the next dialog and click "Finish" and "OK". The console root opens and the "Certificates (local computer)" folder appears. 6. Open the displayed "Certificates (local computer)" folder and click "Trusted certification authorities". 7. Click the "Certificates " folder and use the shortcut menu to access the command "All tasks" > "Import...". 8. Note the information that appears in the "Certificate - Import wizard" dialog and click "Next". 9. In the dialog that follows, click "Browse ..." and select the required CA certificate. 10.Then click "Next" twice and subsequently "Finish" to install the CA certificate. Result The selected CA certificate is installed at the specified location in the Windows certificate memory. Note Additional information ... ... on installing CA certificates can be found using the "F1" button in the online help of your operating system. 7064 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.4.4 Deleting CA certificates for VPN connections Deleting CA certificates Proceed as follows: 1. Log on to the system as administrator. 2. Open the Windows Certificate Manager on your programming device/PC with the Microsoft(R) Management Console. Click "Start", enter "mmc" in the search field and press the ENTER KEY. The console will open. 3. Open the "File" menu and click "Add/remove snap-in...". The snap-in selection dialog will open. 4. Double-click "Certificates" in the "Snap-in" list and select "Computer account" in the dialog that opens. 5. Select "Local computer" in the next dialog and click "Finish" and "OK". The console root opens and the "Certificates (local computer)" folder appears. 6. Open the displayed "Certificates (local computer)" folder and click "Trusted certification authorities". 7. Open the "Certificates" folder, select the required CA certificate and click "Delete" in the shortcut menu. 8. Confirm the next prompt with "Yes". Result The selected CA certificate is deleted from the list of available certificates. 14.7.4.5 Establishing a VPN connection to a remote system Establishing VPN connections Introduction to establishing VPN connections A VPN connection is established when you use TeleService to connect to a remote system over the Internet. Your programming device/PC with installed TIA Portal is connected to the Internet at one end for this. At the other end, the automation system is connected to the Internet via the WAN (Wide Area Network) interface of the configured TS Adapter IE Advanced. Requirement Your programming device/PC is connected to the Internet. There is a TS Adapter IE Advanced in the remote system. WinCC Advanced V14 System Manual, 10/2016 7065 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice The TS Adapter IE Advanced has been configured and is connected to the Internet. The CA certificate required for identifying the TS Adapter has been generated and installed in the Windows certificate store of your programming device/PC. Proceed as follows: 1. In the project tree of the TIA Portal, click the "Online access" folder. 2. Click on the "TeleService" folder it contains. 3. Double-click the "Set up/close remote connection" entry. The "Set up remote connection to the remote system" dialog opens. 4. Select the "TS Adapter IE Advanced" as "Adapter type" from the drop-down list. 5. Enter "VPN" as "connection type". 6. Enter the IP address / DNS name for the TS Adapter IE Advanced to be contacted in the relevant field. Alternatively, you can apply any existing data from the phone book by clicking the corresponding button. 7. Enter your user name and the corresponding password. 8. Click the "Establish" button to establish the required VPN connection. This button only becomes active once you have entered all the parameters needed for establishing the remote connection. Result The VPN connection to the required system is established. "Status" indicates the progress in establishing the connection. The dialog closes once the VPN connection is established. The following message appears in the status bar of the TIA Portal: "Remote connection is up". You can now use the remote connection with the TIA Portal and communicate with the automation system. Connection cannot be established If the connection cannot be established, try to find the cause using the "Notes on troubleshooting". Note Rules for IP addresses Only use IP addresses which have not yet been assigned in the plant network. If the IP address configured for the TS Adapter IE Advanced has already been assigned in the system network, the TS Adapter IE Advanced can only be addressed by its MAC address. See also Installing CA certificates for VPN connections (Page 7062) 7066 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Terminating VPN connections Terminating an active VPN connection Note Terminating the VPN connection You should go offline in the TIA Portal before you terminate the VPN connection. Proceed as follows: 1. Double-click the "Set up/close remote connection" entry in the TIA Portal. 2. Confirm the prompt in the dialog that follows with "Yes". Result The VPN connection is terminated. 14.7.4.6 TS Adapter IE Advanced Short description of the TS Adapter IE Advanced TS Adapter IE Advanced The TS Adapter IE Advanced has the following properties: Direct connection over Industrial Ethernet (IE), 2 ports WAN (Wide Area Network) interface for VPN connections Firmware update supported Plug-in modules Parameters are assigned via a Web interface. Note Further information on the TS Adapter IE Advanced For detailed information on your TS Adapter, please refer to the documentation supplied with your TS Adapter. WinCC Advanced V14 System Manual, 10/2016 7067 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Connection types TS Adapter IE Advanced connection types The following diagrams show the types of connection possible with the TS Adapter IE Advanced. Direct connection In the direct connection to the programming device/PC, you can set the TS Adapter IE Advanced parameters over the Ethernet. 760RGXOH 76$GDSWHU,($GYDQFHG 3*3& (WKHUQHW Figure 14-5 TS Adapter IE Advanced - direct connection Connection to the Internet (DSL modem/router) In order to connect to the Internet, you must operate the DSL modem/router at the WAN connection of the TS Adapter IE Advanced. 760RGXOH 76$GDSWHU,($GYDQFHG :$1 '6/ 0RGHP5RXWHU (WKHUQHW Figure 14-6 7068 TS Adapter IE Advanced - connection to the Internet WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Connection to the company network (Intranet) In order to connect to the Intranet, you must operate plant network (Ethernet) at one of the two LAN connections of the TS Adapter IE Advanced. 760RGXOH 76$GDSWHU,($GYDQFHG (QJLQHHULQJ6WDWLRQ 2SHUDWRU6WDWLRQ 6HUYHU (WKHUQHW $XWRPDWLVLHUXQJVV\VWHPH Figure 14-7 TS Adapter IE Advanced - connection to company network (Intranet) Additional information For more detailed information on the TS modules, please refer to the documentation supplied with your TS Adapter IE Advanced. TS Adapter IE Advanced parameter assignment options Basics on configuring the TS Adapter IE The TS Adapter IE Advanced is configured via a Web interface. Web help in the Web interface is available for assigning TS Adapter IE Advanced parameters. Parameter assignment options include: Reconfiguration Restoring default parameter assignment Importing adapter parameters Exporting adapter parameters Note Parameter assignment Configure your TS Adapter IE Advanced in accordance with the documentation supplied. This details the exact procedure for parameter assignment. WinCC Advanced V14 System Manual, 10/2016 7069 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Parameter assignment for TS Adapter IE Advanced Introduction The TS Adapter IE Advanced can be configured in both direct connection mode and via an existing remote connection. Both parameter assignment options are described below. Specific details on assigning parameters for the TS Adapter IE Advanced are available in the TS Adapter IE Advanced documentation. Assigning parameters for the TS Adapter IE Advanced in direct connection Requirement There is a LAN connection to your TS Adapter IE Advanced. Procedure To assign the parameters for the TS Adapter IE Advanced, proceed as follows: 1. In the project tree of the TIA Portal, open the "Online access" folder. 2. Double-click on the Ethernet port of your computer. 3. Double-click on the "Display accessible nodes" command. The TS Adapter IE Advanced is then displayed. 4. Double-click on the "TS Adapter IE Advanced" folder and then on "Online and diagnostics", and assign the desired IP address to the TS Adapter in the dialogs that follow. Please note that the IP address of the programming device/PC interface card must be located in the same subnet as the IP address that you assign for the TS Adapter IE Advanced. 5. Update the view in the project tree for the "Accessible nodes", so that the TS Adapter IE Advanced is displayed with the newly assigned IP address. 6. Open the folder "TS Adapter IE Advanced" in the device list. 7. Double-click the command "Assign TS Adapter IE parameters". The corresponding web interface opens for assigning TS Adapter parameters. 8. Complete the "logon" for the web interface. 9. Set the required parameters in the individual tabs of the dialog. 10.Confirm your entries with "Save settings". Result The configured parameters are saved in the non-volatile memory of the TS Adapter IE Advanced. Parameter assignment is then complete. 7070 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Assigning parameters for the TS Adapter IE Advanced using a remote connection Requirement There is an established remote connection to a TS Adapter IE Advanced.. Procedure 1. In the project tree of the TIA Portal, open the "Online access" folder. 2. Open the "TeleService" folder followed by the required plant folder. 3. Double-click the command "Assign TS Adapter IE parameters". The associated web interface for assignment of the TS Adapter IE parameters opens. The "logon" for the web interface takes place automatically with the login data of the remote connection. 4. Set the required parameters in the individual tabs of the dialog. 5. Confirm your entries with "Save settings". Result The configured parameters are saved in the non-volatile memory of the TS Adapter IE Advanced. Parameter assignment is then complete. 14.7.5 CPU controlled TeleService remote connections 14.7.5.1 Overview of CPU controlled remote connections Introduction TeleService offers a range of options for establishing remote connections; these differ according to the CPU used. The initiative for establishing a connection starts from the CPU. The communication instructions given below are used for the individual connection options. Connection establishment with S7-300/400 CPUs The following communication instructions are available: Communication instruction "PG_DIAL": Establish remote connection to programming device/PC Communication instruction "SMS_SEND": Send text message (SMS) Communication instruction "AS_DIAL": Establish remote connection to AS Communication instruction "AS_MAIL": Transfer email WinCC Advanced V14 System Manual, 10/2016 7071 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Connection establishment with S7-1200 CPUs The following communication instruction is available: Communication instruction "TM_MAIL": Transfer email Connection establishment with S7-1500 CPUs The following communication instruction is available: Communication instruction "TMAIL_C": Transfer email Note Description of individual communication instructions More detailed information on the available communication instructions can be found in the information system of the TIA Portal in the "References > Communication > TeleService" directory. See also TS Adapter IE parameter assignment options (Page 7055) TM_MAIL: Transfer email (Page 4451) 14.7.5.2 Establishing a connection from and to remote systens (PG-AS-remote coupling) Remote plant access to a programming device/personal computer Introduction You can establish a remote connection to and communicate with a remote system using the application TeleService and a TS Adapter MPI. The initiative for establishing the remote connection comes from the programming device/personal computer. However, events which require rapid intervention often occur at a remote system. In such cases, the automation system can initiate a remote connection to a programming device/ personal computer if an asynchronous event occurs. The graphic below shows the components which are required for establishing a connection from a plant to a programming device/personal computer. 7072 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice $XWRPDWLRQV\VWHP 6& &38 3URJUDPPLQJGHYLFH3& 8VHUSURJUDP 8VHUSURJUDP 352'$9($3,9 3*B',$/LQVWUXFWLRQ 5HPRWHFRQQHFWLRQ 6EDVLFFRPPXQLFDWLRQ 76b$GDSWHU 7HOH6HUYLFH 5HPRWHOLQN 0RGHP 7HOHSKRQHQHWZRUN 0RGHP 03,QHWZRUN Figure 14-8 How the "PG_DIAL" communications instruction works Requirements for establishing a connection Introduction Certain hardware and software requirements must be fulfilled if a remote system is to establish a remote connection to a programming device/personal computer. These requirements are detailed below. Hardware requirements: The only hardware required for establishing a remote connection from a remote system to a programming device/personal computer is that needed for accessing the remote system from the programming device/personal computer. Your user program calls the "PG_DIAL" communication instruction to establish the connection. This can only be executed on an S7-300 or S7-400 CPU on which S7 basic communication is implemented. A TS Adapter I , version 5.0 or later, or a TS Adapter II must be used. Software requirements on the system side: The "PG_DIAL" communication instruction is included in the scope of delivery of TeleService and is installed when the TIA Portal is installed. You will find the installed communication instructions in the "Communication > TeleService" folder in the task card of the block editor. If a remote system is to establish a remote connection to a programming device/PC, the user program of the system must call the "PG_DIAL" communication instruction. WinCC Advanced V14 System Manual, 10/2016 7073 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Software requirements on the programming device/PC side: You require a software product on the programming device/PC which, with TeleService, waits for a call from a remote system, recognizes this call and informs your user program. 14.7.5.3 Data exchange between remote systems (AS-AS-remote coupling) AS-AS remote link basics Introduction The AS-AS remote link allows two automation systems to exchange process data via the telephone network. Requirement Communication instruction "AS_DIAL" is available if you use a CPU from the S7-300/400 family. Definition: Local and remote automation system The automation system from which the initiative to establish the remote connection originates is described as local. The automation system to which the remote connection is to be established is described as remote. Data exchange over the AS-AS remote link Data exchange is carried out using specific communication instructions for non-configured S7 connections. Use the communication instruction "AS_DIAL" to establish a remote connection to the automation system. More detailed information on establishing the connection can be found in the information system in the directory "References > Communication > TeleService". The following graphic shows the components required for establishing a connection from a local to a remote automation system. 7074 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice /RFDO DXWRPDWLRQV\VWHP 6& /RFDO&38 5HPRWH DXWRPDWLRQV\VWHP 6& 5HPRWH&38 8VHUSURJUDP 8VHUSURJUDP $6B',$/LQVWUXFWLRQ ;B5&9 5HPRWHFRQQHFWLRQ ;B6(1';B387 ;B*(7 /RFDO 76$GDSWHU /RFDO03,3' QHWZRUN Figure 14-9 /RFDO PRGHP 5HPRWH PRGHP 5HPRWH 76$GDSWHU 7HOHSKRQH QHWZRUN 5HPRWH03,3' QHWZRUN Data exchange over the AS-AS remote link Hardware and software requirements for AS-AS remote link Introduction Certain hardware and software requirements must be fulfilled before a local automation system can establish a remote connection to a remote automation system. These requirements are detailed below. Hardware requirements The only hardware you need for transferring process data from a local to a remote automation system is that also needed for accessing the respective automation system from the programming device/personal computer. To establish and terminate the remote connection, the user program of the TIA Portal of the local CPU calls a communication instruction. This communication instruction can be executed on an S7-300/400 CPU or a C7 CPU. The communication instruction requires S7 basic communication to be implemented on the CPU. The remote CPU must also support S7 basic communication. A TS Adapter I, version V5.1 or later, or a TS Adapter II must be used. WinCC Advanced V14 System Manual, 10/2016 7075 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Software requirements The "AS_DIAL" communication instruction is included in the scope of delivery of TeleService. When installed, the instruction is integrated in the library of the TIA Portal in the task card of the Communication instructions folder under TeleService. In order to establish and terminate a remote connection to a remote automation system from a local automation system, the "AS_DIAL" communication instruction must be called in the user program of the TIA Portal on the local CPU. $6$6UHPRWHOLQN $XWRPDWLRQV\VWHP 6& $XWRPDWLRQV\VWHP 6& 8VHUSURJUDP 8VHUSURJUDP $6B',$/LQVWUXFWLRQ $6B',$/LQVWUXFWLRQ 6)&V 6)&V 03, 03, 76$GDSWHU 76$GDSWHU 0RGHP 7HOHSKRQH QHWZRUN 0RGHP Figure 14-10 Hardware and software requirements for AS-AS remote link 14.7.5.4 Send SMS from a system Requirements for sending an SMS Introduction Certain hardware and software requirements must be fulfilled before a system can send an SMS. These requirements are detailed below. Hardware requirements To send an SMS from a system, you will require a GSM wireless modem and a TS Adapter MPI. A TS Adapter I, version V5.2 or later, or a TS Adapter II must be used. 7076 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Software requirements on the system side The "SMS_SEND" communication instruction is included in the scope of delivery of TeleService. When installed, the instruction is integrated in the library of the TIA Portal in the task card of the Communication instructions folder under TeleService. If a system is to send an SMS, the user program of the system must call the "SMS_SEND" communication instruction. $XWRPDWLRQV\VWHP 6& &38 )D[ (PDLO 8VHUSURJUDP 606B6(1'LQVWUXFWLRQ 6EDVLFFRPPXQLFDWLRQ 76$GDSWHU :LUHOHVVPRGHP &HOO 03,QHWZRUN 7HOHSKRQHZLUHOHVV QHWZRUNDQG QHWZRUNSURYLGHU Figure 14-11 How the "SMS_SEND" communication instruction works Note You may be able to send an SMS not only to a cell phone but also to an email address or a fax device by using additional services offered by the cell phone service provider. 14.7.5.5 Send an email from a system Requirements for sending e-mails Introduction The following hardware and software requirements must be fulfilled if a system is to send an email: WinCC Advanced V14 System Manual, 10/2016 7077 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Hardware requirements You need a TS Adapter IE to send an email from a system and one of the CPUs listed below: a CPU 31x2 PN/DP as of firmware version V2.5 a CPU 41x-3 PN/DP a CPU of the S7-1200 series a CPU of the S7-1500 series Software requirements on the system side Various communication instructions are included in the scope of delivery of TeleService depending on the CPU. When installed, they are integrated in the library of the TIA Portal in the task card of the Communication instructions folder under TeleService. If a system is to send an email, the user program of the system must call the corresponding CPU-dependent communication instruction. The following communication instructions are available for sending an email: S7-300/400 CPUs: Uses the communication instruction "AS_MAIL": Transfer email S7-1200 CPU V2.x and V3.x: Uses the communication instruction "TM_MAIL": Transfer email S7-1200 CPU >V4.0: Uses the communication instruction "TMAIL_C": Transfer email S7-1500 CPUs: Uses the communication instruction "TMAIL_C": Transfer email The respective communication instruction transfers an email from a CPU to a mail server by means of the Simple Mail Transfer Protocol (SMTP) with the "LOGIN" authentication method. The data is transferred unencrypted with this SMTP process. The figure below shows an example with the "AS_MAIL" communication instruction: 7078 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice (PDLO 8QLILHG0HVVDJLQJ ,63 $XWRPDWLRQV\VWHP 66&38 ,3 :$1,QWHUQHW ,63 8VHUSURJUDP $6B0$,/LQVWUXFWLRQ 2SHQFRPPXQLFDWLRQYLD,QGXVWULDO (WKHUQHW 76$GDSWHU ,QGXVWULDO(WKHUQHW ,3 ,QGXVWULDO(WKHUQHWORFDOQHWZRUN The "Use gateway/router" property must also be set for the Ethernet interface in the configuration of the CPU on which the "AS_MAIL" communication instruction runs. (available in the device configuration under Ethernet addresses and there under IP protocol)The IP address of the Ethernet interface of the TS Adapter IE is to be specified as "Address". Note You can find further information in the task card in the "Communication instructions" folder under TeleService. WinCC Advanced V14 System Manual, 10/2016 7079 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.6 Notes on troubleshooting 14.7.6.1 General information on troubleshooting for modem problems Introduction The information below should help you establish and eliminate the causes of any modem problems. 1. Enable "Record log file" for data traffic between PG/PC and modem. The entries in this file can provide valuable information for determining the cause of errors. 2. Switch on the loudspeaker on your local modem. Select a volume loud enough to be clearly heard. You can then hear whether: - there is a dial tone at the connection - the modem called is busy - the modem called accepts the call. Common modem problems Modem connection problems are among the most common modem problems: Modem connection is not established Modem connection is interrupted The topics below contain tables detailing possible causes and providing information on eliminating the error in question. See also Dial-up connection to the TS Adapter is not established (Page 7081) Dial-up connection from the TS Adapter is not established (Page 7083) Modem connection is interrupted (Page 7084) Modem alarms (Page 7085) Recording a log file for the modem (Page 7080) 14.7.6.2 Recording a log file for the modem Introduction It is advisable to record a log file as this makes it easier to find the causes of faults in a modem. 7080 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Procedure: Proceed as follows: 1. Activate the properties dialog of the modem used via the "Phone and modem options" option in the Control Panel. 2. Check the settings of the "Log" option in the "Diagnostics" tab and, if necessary, change the log file settings so that the file is recorded. Result: Activity between the programming device/personal computer and the modem are entered in the log file. If there are problems establishing the connection, you can evaluate the data recorded in the log file to determine the cause of the error. 14.7.6.3 Dial-up connection to the TS Adapter is not established Dial-up connection to TS Adapter is not established The table below sets out possible causes and how to eliminate them if no remote connection to the TS Adapter can be established. Possible cause Check/Remedy Cabling faulty Are all the connecting cables connected correctly? Are the connectors loose? Dial parameters for main telephone line and extension incorrectly set Do the properties and dial parameters of your modem match the phone connection to main phone line or extension? Do not specify a dial-out code in the "Dial parameters" dialog if you operate your modem on a local loop (main telephone line). The fields for the dial-out code for local calls and long-distance calls must be empty. Dialing mode incorrectly set Is the correct dialing mode (tone/pulse) set in the dialog for the dial parameters of your modem? Use a connected telephone to check the connection on which you want to operate the modem. You should hear crackling noises on the telephone during pulse dialing and tones of varying pitches during tone dialing. Set the corresponding dialing mode in the modem dial parameters. WinCC Advanced V14 System Manual, 10/2016 7081 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice Possible cause Check/Remedy Dial disable active The dial disable function is a country-specific modem property which, depending on the modem, becomes effective after one or more unsuccessful attempts to establish a connection. If your modem still does not respond after several attempts to dial, the dial disable function may be active. Characters are still sent to the modem after the dial command but the modem does not start the dialing process. The driver receives a general error message. Refer to the modem documentation for information on how the dial disable function is implemented for your modem. Create a log file (Page 7080) (modemlog.txt) in which the activities between the programming device/personal computer and modem are recorded. Then check whether the file contains an entry caused by dial disable (e.g. DELAYED). Phone connection defective or busy Connect a phone and check whether a dial tone can be heard on this connection. Any analog phone connected on the same connection must be hung up. You cannot establish an additional modem connection on this connection if there is an existing phone connection. Serial parameters set incorrectly Are the correct values entered in the "Settings" tab for modem properties (8 data bits, no parity, 1 stop bit)? Is the correct COM interface set in the "General" tab for the modem properties? Initialization string of the TS Adapt Familiarize yourself with the modem initialization string requirements and set the er is not suitable for the modem. string accordingly. Procedure for configuring the TS Adapter IE (Page 7052) Settings for error correction be Adapt the modem settings. tween the modem at the TS Adapt Useful information on configuring the TS Adapter MPI (Page 7047) er and the modem at the PC/pro Restoring the default parameter assignment of a TS Adapter MPI (Page 7049) gramming device are not compati Procedure for configuring the TS Adapter IE (Page 7048) ble. 7082 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.6.4 Dial-up connection from the TS Adapter is not established No callback from TS Adapter The table below sets out possible causes and how to eliminate them if there is no callback from the TS Adapter. Possible cause Check/Remedy Errors in the location or call set tings in the TS Adapter Check the TS Adapter parameter assignment: Are the dialing mode and dial-out code set correctly for your phone connection? Does the modem at the TS Adapter support the characters configured for the dialout code? Is "Wait for dial tone before dialing" deactivated for an extension? Initialization of modem insuffi cient Check the string for modem initialization: The modem may require a further initialization in order to establish a remote connection. Properties of the modem initialization string for the TS Adapter MPI Callback number is incorrect Check the configuration of the callback number you assigned. No call from TS Adapter MPI The table below sets out possible causes and and how to remedy them if there is no call from the TS Adapter MPI. Possible cause Check/Remedy Phone number is incorrect Is the required number being transferred to the communication instruction "PG_DIAL" ? TS Adapter MPI parameter as signment incorrect Check the TS Adapter MPI parameter assignment: Are the dialing mode and dial-out code set correctly for your phone connection? Does the modem at the TS Adapter MPI support the characters configured for the dial-out code? Is "Wait for dial tone before dialing" deactivated for an extension? WinCC Advanced V14 System Manual, 10/2016 7083 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.6.5 Modem connection is interrupted Modem connection is interrupted The table below sets out possible causes and and how to remedy them if the modem connection is interrupted. Possible cause: Check / Remedy: Metering pulses in the line Metering pulses will be generated if you have applied to the phone company for a metering clock. This may mean that the modem no longer recognizes the carrier signal and switches off. Set a longer waiting or switch-off time at the modem. Have the metering pulse deactivated by the phone company. Shielding Are the connection cables used shielded sufficiently? Make sure that the modem cables do not run next to power cables and that they are as far as possible from power supply units and monitors. Protocol timeout Set fixed monitoring times. Automatic connection termination Deactivate the option that terminates an existing connection automatically after a specified time without data transfer ("Terminate after idle of ..."). Data flow control deactivated Click on the "Extended" button in the "Settings" tab of the modem properties and activate the following options in the dialog displayed (if available and not yet set): - Data flow control - Hardware (RTS/CTS) - Data compression - Error control Initialization string of the TS Adapt Set the modem initialization string in accordance with the following requirements. er is not suitable for the modem See also: TS Adapter IE parameter assignment options (Page 7055) See also TS adapter MPI configuration options (Page 7047) 14.7.6.6 Checklist for troubleshooting the modem Introduction The following list should help you establish the potential cause of any problems with the modem. The help topics below set out how and in which dialogs you define the relevant settings. Modem connection cannot be established: Check the cabling and the connections. Check whether the correct dialing mode (tone/pulse) is set. 7084 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice If your modem does not react after several attempts to dial, a dial disable function may be active. Familiarize yourself with dial disable on your modem. Are you operating your modem on a main telephone line or on an extension line? Configure the properties and dialing parameters of the modem accordingly. Enable the log file option in the advanced properties. The next attempt to establish a connection will then be recorded in a file in the Windows directory. Ensure that the ISDN TAs used work with the same B and D channel protocol. The modem connection is terminated: Metering pulses can have a negative affect on a connection. Have the pulses deactivated by your telephone company. Set fixed monitoring times. Deactivate the option that terminates an existing connection automatically after a specified time without data transfer (idle). Make sure that you have activated RTS/CTS for data flow control. 14.7.6.7 Modem alarms Information in the log file The modem alarms are entered in a log file if you have activated the recording function. The log file contains the following information: Alarm: Possible cause: Remedy: NO DIALTONE A phone call may currently be being carried out on this line. Repeat the process once the phone call is over. NO CARRIER The device dialed is not ready, is not a modem or cannot establish a connection in the set op erating mode. Check the numbers and the settings. BUSY The device dialed is busy. Try again later. DELAYED: ... Dial disable Refer to the modem documentation for information on how the dial disable function is implemented for your modem and if necessary remove it. WinCC Advanced V14 System Manual, 10/2016 7085 Using online and diagnostics functions 14.7 Establish remote connection with Teleservice 14.7.6.8 Possible error messages with VPN connections VPN connection to TS Adapter IE Advanced is not established The table below sets out possible errors and how to eliminate them if no VPN connection to the TS Adapter IE Advanced can be established. Possible errors Check/Remedy The error message "The webpage cannot be displayed" appears when the Web interface is accessed. Note: This problem occurs when the Windows certificate store contains a CA certificate with the same name as the CA certificate which has just been generated. If a CA certificate for this TS Adapter is already installed in the Windows certificate store and you have generated a new CA certificate on the TS Adapter, you need to remove the old CA certificate from the Windows certificate store and install the newly generated CA certificate. See also: Installing CA certificates for VPN connections (Page 7062) See also: Deleting CA certificates for VPN connections (Page 7065) Error message: "Unexpected error in application". Check whether other users have been saved in the TS Adapter IE Advanced user database. The user "Administrator" cannot establish a remote connection. Error message: "No corresponding Use the automatic certificate download. Enter the fingerprint in the corresponding CA certificate was found in the Win field in the connection dialog. dows certificate store". See also: Establishing VPN connections (Page 7065) Or Export the CA certificate from the Web interface of the TS Adapter IE Advanced and install it manually in the Windows certificate store. See also: Installing CA certificates for VPN connections (Page 7062) Error message: "The remote ad dress specified does not corre spond to the remote address of the TS Adapter". You must use the remote address which you specified in the TS Adapter IE Advanced to establish the connection. You cannot use the IP address if you have entered the DNS name (and vice versa). Error message: "The signature of If you have generated a new CA certificate on the TS Adapter IE Advanced, you the certificate could not be verified". need to delete the old CA certificate from the Windows certificate store and install the new one. See also: Deleting CA certificates for VPN connections (Page 7065) See also: Installing CA certificates for VPN connections (Page 7062) Error message: "Protocol error" Check that the IP address of the service PC is set in the configuration of the TS Adapter IE Advanced (Parameters > Plant network) Error message: "Connection setup error." Check to make sure that the LAN IP-address of the TS Adapter IE Advanced and the IP address of your network cards are in the same subnet. If this is the case, deactivate this network card before you establish the remote connection. An e-mail cannot be sent. Check whether there is a network/Internet connection at the WAN port. Check whether the mail server is accessible. Check whether the outgoing connections in the TS Adapter IE Advanced are valid. Check whether the SMTP port in the firewall is open for outgoing connections. 7086 WinCC Advanced V14 System Manual, 10/2016 Using online and diagnostics functions 14.8 Simulating devices with S7-PLCSIM 14.8 Simulating devices with S7-PLCSIM 14.8.1 Simulation of devices Introduction You can use the TIA Portal to run and test the hardware and software of the project in a simulated environment. The simulation is performed directly on the programming device or PC. No additional hardware is required. The simulation software provides a graphical user interface for monitoring and changing the configuration. It differs according to the currently selected device. Integration in the TIA Portal The simulation software is fully integrated in the TIA Portal but is only supported by certain devices. Therefore, the button for calling the simulation software is only active if the selected device supports simulation. The simulation software for some devices requires its own virtual interface to communicate with the simulated devices. The virtual interface can be found in the project tree under the "Online access" entry next to the physical interfaces of the programming device/PC. Once you have opened the software, additional help on the simulation software is available via a separate link. See also Starting the simulation (Page 7087) 14.8.2 Starting the simulation Some devices can be simulated with additional software. You therefore do not have to have the actual devices to perform comprehensive testing of your project. Procedure To start the simulation software, follow these steps: 1. Select the device you want to simulate, for example, in the project tree. 2. Select the "Simulation > Start" command in the "Online" menu. This calls the simulation software. See also Simulation of devices (Page 7087) WinCC Advanced V14 System Manual, 10/2016 7087 Using online and diagnostics functions 14.8 Simulating devices with S7-PLCSIM 7088 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects 15.1.1 Basics for shared commissioning 15 Introduction As part of Team Engineering , you have the option to perform shared commissioning of projects. Several editors can access one CPU at the same time with up to five Engineering Systems (ES) in this process. A special advantage is that parts of a master project can be edited independently and offline at the same time during the commissioning phase. The changes of the other editors are displayed in the dialog "Software synchronization" during loading and synchronized automatically, if possible. Depending on the firmware version of the CPU in use, certain online functions can also be executed at the same time from several Engineering Systems on the shared CPU, for example: Monitoring blocks on the CPU Modifying and forcing blocks on the CPU Trace functions The following online functions cannot be executed at the same time: Loading: Only one ES can load to the CPU. You can also find additional information on the topic of Team Engineering at Service and support in Siemens Industry online support (http://support.automation.siemens.com/WW/view/ en/82142829). WinCC Advanced V14 System Manual, 10/2016 7089 Using Team Engineering 15.1 Shared commissioning of projects Creating a master project A "master project" structured according to the specified rules (Page 7096), which already contains the complete configured hardware configuration with all required tags and blocks, is used as the basis for the shared commissioning. This project is loaded in the jointly used CPU and then distributed as "master project" by means of project copies to up to five participating Engineering Systems. (QJLQHHULQJSKDVH &RPPLVVLRQLQJSKDVH 3URMHFWFRS\ &UHDWHSURMHFWVWUXFWXUH &RQILJXUHKDUGZDUH&UHDWH SURJUDP &KDQJHV WR)%V)&V'%V LQSURJUDPSDUW &38 3URMHFWFRS\ &KDQJHV WR)%V)&V'%V LQSURJUDPSDUW 0DVWHUSURMHFW ([HFXWLQJFHQWUDO FKDQJHVWKDWDIIHFW VKDUHGSURMHFWSDUWV 6KDUHG&38 3URMHFWFRS\ &KDQJHV WR)%V)&V'%V LQSURJUDPSDUW Working with project copies Each Engineering System only processes the parts it was assigned within the specific project copy. This is especially important to avoid conflicts during loading and unintentional overwriting of blocks that were already modified by other Engineering Systems. Each ES loads its parts to the shared CPU after editing. The TIA Portal helps you during download to the CPU. The changes made since the last download are displayed in the dialog "Software synchronization before loading to a device" (hereafter referred to as "synchronization dialog"), by means of an online-offline comparison. You are provided recommendations during download to the CPU about how you can synchronize the offline data you have edited with the existing online data. If there are "competing changes", you may have to synchronize them manually. Competing changes are: when different editors edit the same block in different project copies at the same time. when PLC tags (I, Q, M, T, C) are added, changed or deleted in the project copies. 7090 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects when blocks that have relations to the hardware configuration are edited in the project copies. when F blocks are edited in the project copies. Each editor loads their changes only after all conflicts have been removed. The procedure for editing and loading of project copies can be repeated as often as necessary by the individual Engineering Systems until the shared commissioning is complete. Integrating project copies into the master project once again The individual project copies must once again be integrated into the master project at the end of commissioning at the same time. This way you also back up the data that only exist in the offline projects and have not been downloaded to the CPU. These include, for example, the project languages and text lists created in the project copies. To do this, open the master project and one project copy as reference object. You determine the differences between the two projects by performing an offline/offline comparison using the comparison editor. Copy the edited objects from the respective project copy to the master project. Repeat this step for all project copies. When the shared commissioning is completed, you have an executable master project with all created project data. The integration of the project data into the master project is required even if you determine during the commissioning phase that the shared central elements need to be expanded or corrected, for example, the PLC tag table needs to be expanded, or a new hardware component needs to be added. Notes on compatibility The following compatibility rules apply to shared commissioning: If an Engineering System with TIA Portal V13 or later is online on the CPU and performs a download, a second ES cannot establish an online connection, regardless of the version. If an Engineering System with TIA Portal < V13 is online on the CPU, a second ES cannot establish an online connection, regardless of the version. Team Engineering As part of Team Engineering , you have the option to perform shared commissioning of projects. Several editors can access one CPU in parallel and at the same time with multiple Engineering Systems (ES) in this process. Shared commissioning In shared commissioning, multiple Engineering Systems work together and in parallel on one CPU as part of team engineering. WinCC Advanced V14 System Manual, 10/2016 7091 Using Team Engineering 15.1 Shared commissioning of projects Master project The master project is a basic project for shared commissioning. It is a project structured according to the specified rules which already contains the fully configured hardware configuration with all required tags and blocks. This project is loaded into the jointly used CPU and then distributed as "master project" by means of project copies to the participating Engineering Systems. Each Engineering System only processes the parts it was assigned within the specific project copy. The project copies are then integrated into the master project once again. Project copy Project copies are created from structured master projects when working with team engineering and distributed to the participating Engineering Systems for editing. Each Engineering System only processes the parts it was assigned within the specific project copy as part of shared commissioning. The individual project copies are once again integrated into the master project at the end of shared commissioning. See also Requirements for shared commissioning (Page 7092) Procedure for shared commissioning (Page 7093) 15.1.2 Requirements for shared commissioning Software and hardware requirements For shared commissioning of projects, the minimum software and hardware requirements for the installation of TIA Portal V13 or later must be met. The following requirements also apply: Software: You have installed TIA Portal V13 or later and the "SIMATIC STEP 7 Professional" software package on the involved Engineering Systems. The same software version must be installed on all Engineering Systems. The master project must have been created with a project of V13 or later, which has been updated to the version of the TIA Portal used in the engineering system. After switching from a lower to a higher TIA Portal version, all involved engineering systems must use this version. After switching from a lower to a higher TIA Portal version, the master project must centrally adapted and new project copies must be transferred to the engineering systems involved. Hardware: You have access to a fully configured CPU S7-1500 as of firmware version V1.5. The involved Engineering Systems can establish an online connection to this CPU. 7092 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects Requirements for shared, parallel working on the project The following requirements are in effect for shared commissioning of projects: You have created a project with complete hardware configuration and fully programmed user program that can be commissioned. The project was downloaded to the CPU and defined as "master project". Multiple Engineering Systems have access to this CPU and can establish an online connection to this CPU. You are familiar with the defined rules and procedures for working together on one CPU. Note on compatibility mode The functions for shared commissioning are not available in compatibility mode. See also Basics for shared commissioning (Page 7089) Procedure for shared commissioning (Page 7093) Rules for shared commissioning (Page 7096) 15.1.3 Procedure for shared commissioning Introduction If you are performing shared commissioning a project as part of team engineering, it is very important that all editors of the project observe a defined procedure. Only when the specified procedure is observed are changes and corrections in the project automatically synchronized and applied, and changes of individual editors not unintentionally overwritten during loading or even lost in case of competing changes. Procedure for creating the master project The master project is created in the following steps: 1. Create a master project that includes the entire project structure. 2. Fully configure the hardware for the master project. 3. Define a language as project language, which must also be used exclusively by all participating engineering systems. 4. Create all tags and blocks that are required in the master project. WinCC Advanced V14 System Manual, 10/2016 7093 Using Team Engineering 15.1 Shared commissioning of projects 5. Create your own folders and groups for the blocks to be edited by the individual engineering systems. 6. Create a fully programmed and executable user program. 7. Download the master project to the shared CPU. 8. Save the master project following every download. For this, also observe the Rules for shared commissioning (Page 7096). Procedure for shared commissioning Shared commissioning takes place with the following steps: 1. Download the master project to the shared CPU. 2. Create copies of the master project and distribute them to the editors involved in the project on the associated engineering systems. 3. Inform all editors who is to edit the specific parts of the project copies and who may download to the CPU. 4. Have the project copies edited in the individual engineering systems. 5. After editing, the individual engineering systems download the changes one after the other to the CPU. 6. All changes are automatically detected during loading by means of an online-offline comparison. The displayed synchronization dialog offer you recommendations for synchronizing the modified data when possible. You may first have to download blocks that were edited by other editors to your ES before you can download your changes to the CPU. This may be needed to update the corrections of the other editors that have already been downloaded to the CPU in your project copy. The following synchronization options are available: - Download block: There are edited blocks on the CPU that must be updated in your project copy. - Download block: There are new blocks on the CPU that must be downloaded to your project copy. - Blocks with competing changes: System-supported synchronization is not possible in this case; the conflict must be resolved manually. 7. Manually resolve any conflicts that may occur due to competing changes or changes to central objects. 8. Download your project copy to the CPU when all conflicts have been removed. 9. Save your project copy following every download. 10.Repeat editing of project copies and download to the CPU as often as necessary until shared commissioning is complete. 11.Integrate the completely edited project copies into the master project once again in order to also back up the project data that only exist offline. You should also observe the Rules for shared commissioning (Page 7096). 7094 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects Procedure for manual synchronization of competing changes Manual synchronization of competing changes is performed in the following steps: 1. Start the comparison editor to manually resolve a conflict displayed in the synchronization dialog during download to the CPU. Select the shared CPU in the project tree and select the "Compare > Offline/Online" command in the shortcut menu. You can define certain actions depending on the status of the objects. Note, however, that you can only perform actions in one direction during synchronizing. 2. First, select the action "Upload from device" for all blocks that were changed by other editors on the CPU and which you want to apply. 3. If necessary, perform a detailed comparison of the blocks to identify differences between your offline blocks and the online blocks loaded on the CPU. 4. Manually correct the competing changes to the blocks. 5. Then download the affected blocks to the CPU using the "Continue without synchronization" command. 6. Save your project or project copy following every download. For this, also observe the Rules for shared commissioning (Page 7096). Note To prevent online changes occurring again while an engineering system is being manually synchronized, no downloading to the shared CPU should be performed by another participating engineering system during the manual synchronizing. Procedure for integrating project copies into the master project You integrate project copies into the master project with the following steps: 1. Open the master project and the project copy to be integrated as a reference object. 2. Copy the program parts you have edited from the respective project copy to the master project and confirm overwriting the existing objects. You can also use the comparison editor to apply your program parts to the master project. 3. Save the master project and download it to the shared CPU with the "Continue without synchronization" command. 4. Save the master project following every download. For this, also observe the Rules for shared commissioning (Page 7096). WinCC Advanced V14 System Manual, 10/2016 7095 Using Team Engineering 15.1 Shared commissioning of projects Procedure for modifying central objects within the master project Modification of central objects that have an effect on all program parts is performed with the following steps: 1. Stop further processing of the project copies. 2. Integrate all existing project copies one after the other into the master project as described above. 3. Download the master project to the shared CPU with the "Continue without synchronization" command. 4. Make the required modification on the shared objects such as in the hardware configuration, for example, or in the PLC tag table. The procedure is the same for modification of other central objects such as technology objects, F blocks, OBs, etc. 5. Download the master project into the CPU once again when modification is complete. 6. Save the master project following every download. 7. Distribute the updated project copies to the respective engineering systems for further processing. For this, also observe the Rules for shared commissioning (Page 7096). See also Basics for shared commissioning (Page 7089) Requirements for shared commissioning (Page 7092) Rules for shared commissioning (Page 7096) 15.1.4 Rules for shared commissioning Introduction If you are performing shared commissioning a project as part of team engineering, it is very important that all editors of the project observe predefined rules for successful cooperation. Rules for the master project The following rules are to be observed: Create a master project that is suitable for shared editing. Divide the user program into program parts that are independent of each other. Use "Groups" to visually separate the program parts from each other. Use a main OB and a central FC for each program part which calls the functions of the part program. 7096 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects If possible, create a separate PLC tag table for each part. In the master project, specify a project language which cannot be changed in the project copies. If you want to exchange data between the program parts, use the FC and FB interface parameters (IN, OUT, INOUT) or global data blocks. Use global data blocks to save the data for the individual program parts, no bit memories. Do not assign different names for blocks with identical addresses. Do not assign identical names for blocks with different addresses. Example of the program structure in the master project Here is an example of a team-capable, structured master project that is suitable for parallel editing during shared commissioning. The program parts to be edited by the individual Engineering Systems are: Program part 1: "Conveyer" Program part 2: "Drill" Program part 3: "FurtherProgramPart" Each program part contains a "main FB", which calls the specific lower-lever functions for this program part. Example: In the "Conveyer" program part, the "ConveyerMainFB" calls the "ConveyerStartupFC" function. WinCC Advanced V14 System Manual, 10/2016 7097 Using Team Engineering 15.1 Shared commissioning of projects In team engineering, this subdivision within the project structure allows the parallel editing of individual program parts and the automatic synchronization of changes during the shared commissioning phase. Rules for shared working on one CPU Observe the following rules for shared working: Editor only edits the blocks they have been assigned in the project copy in the assigned groups. Only OBs, FBs, DBs, FCs and UDTs may be changed in the project copies, which means the following program elements must not be edited in the project copies: - Hardware configurations - PLC tag table - Technology objects - Text lists and project language - F blocks Global data blocks should be used in programming instead of bit memories. IEC timers and counters should be used during programming instead of SIMATIC timers and counters. The project language specified in the master project may not be changed in the project copies. 7098 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects Rules for editing shared, central objects Observe the following rules for shared central objects: Changes to shared central objects always have to be made by means of the master project. These objects include: - Hardware configurations - PLC tag table - Technology objects - Text lists and project language - F blocks Before the shared central objects can be modified in the master project, the various working versions within the project copies must first be integrated into the master project once again. The modification can then be made within the master project, and the master project can then be downloaded to the shared CPU. Once modification is complete, new project copies can be created and distributed to the Engineering Systems for further processing. Rules for working with organization blocks Observe the following rules for editing OBs: OBs that already exist in the master project and that have already been downloaded to the CPU, can be modified in the respective project copies. These OBs are automatically synchronized during downloading. OBs that were newly created in a project copy and that have been edited, which means they do not exist in the master project yet, can also be downloaded to the CPU but without automatic synchronization. The changes made to the newly created OBs in the project copy must be synchronized manually. Rules for downloading to the CPU Observe the following rules for downloading: Editors can download the project copies one after the other to the CPU; only one Engineering System can download at any given time. The online connection of the involved Engineering Systems can be maintained when downloading the blocks (hardware may only be downloaded in the master project). Perform the synchronization that is offered automatically in the synchronization dialog during download. This ensures that changes from other editors are not unintentionally overwritten. Correct the name conflicts that are shown in the synchronization dialog, which you rename in your offline block before downloading to the CPU. A name conflict is indicated if you want to download to the CPU a block that already exists with identical name on the CPU. WinCC Advanced V14 System Manual, 10/2016 7099 Using Team Engineering 15.1 Shared commissioning of projects So-called "competing changes" must be corrected manually. Competing changes come about when two editors work on the same block on two Engineering Systems at the same time. The first editor can still download his or her changes to the CPU without any problems. However, if the second editor wants to download the same block with the changes the editor has made, the synchronization dialog displays a conflict that cannot be removed automatically. The previous changes made to this block would be undone by overwriting during download. The editors have to decide in this case which change is to be applied and which one is to be discarded. Alternatively, you can manually merge the changes with the help of the detailed comparison of the blocks in the comparison editor. Such changes should always be avoided by implementing a good project structure and corresponding agreements between the editors. Changes to central objects are displayed in the synchronization dialog but cannot be synchronized automatically. Changes to central objects and to the hardware configuration always have to be made by means of the master project. Save your project or project copy following every download. Note Creating and subsequent deleting of objects in the project copies Please note that a software synchronization is also required before downloading when you create a new object in a project copy and then delete this again immediately afterwards. The creation of an object causes a change in the internal data management which cannot be undone by the subsequent deleting of the object. As a result it is necessary to perform a synchronization before the next loading if the newly created object was deleted immediately thereafter and no change in the existing object is visible within the project copy. Rules for online functions The following rules are to be observed when using online functions: Loading: Only one Engineering System can download data to the CPU at any given time. Other Engineering Systems can use additional online functions during the download, such as monitoring and controlling. Monitoring and controlling: Up to five Engineering Systems can be monitored and controlled simultaneously on the CPU blocks. A specific code block can only be monitored and controlled by one Engineering System at a time. However, additional Engineering Systems can simultaneously monitor and control other code blocks. 7100 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.1 Shared commissioning of projects NOTICE Danger due to modifying an identical operand in parallel with different modify values in more than one watch table When working with more than one watch table, avoid modifying identical operands permanently multiple times with different modify values. If an identical operand is modified permanently with different modify values at the same time in different watch tables, all watch tables will display the last modified value, because the modify value assigned last will be used in this case. Force Forcing can only be implemented on the CPU from one Engineering System at a time. The Engineering Systems that starts the forcing has taken over the force job exclusively. Although the other Engineering Systems receive the information that a force job is running, they cannot access this job to make changes. Use the command "Update forced operands" to update all operands and values currently being forced on the CPU in the open force table. All forced operands in the open force table are updated with the relevant values. A red "F" is displayed in the first column indicating which operands are being forced. As soon as the Engineering System to which the force job belongs ends the online connection, the force job can be applied by another ES that establishes an online connection to the CPU and has executed the "Update forced operands" command. This enables the "Force all" and "Stop forcing" buttons and you can select these functions. Trace functions: Up to four Engineering Systems can perform trace functions simultaneously. The Engineering Systems that starts the tracing has taken over the trace job exclusively. Although the other Engineering Systems can see this job in the trace editor, they cannot access it. As soon as the Engineering System to which the trace job belongs closes the trace editor, the trace job can be taken over by another ES that re-opens the trace editor. See also Basics for shared commissioning (Page 7089) Requirements for shared commissioning (Page 7092) Procedure for shared commissioning (Page 7093) WinCC Advanced V14 System Manual, 10/2016 7101 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 15.2 Exchanging data with Inter Project Engineering (IPE) 15.2.1 Basics of Inter Project Engineering (IPE) Introduction to Inter Project Engineering (IPE) The functionality of Inter Project Engineering, hereinafter referred to as IPE, is used to exchange the controller data in a source project between different projects with the help of a device proxy. You can then transfer this data to other projects, for visualization in HMI, for example, and use it there for further configuration. Inter Project Engineering gives you a simple way of providing controller data from a PLC programming across multiple projects for an HMI configuration. Using the object "Device Proxy Data", you exchange controller data across multiple projects consistently and easily without redundant configuration overheads. This makes it possible for HMI project engineers to work on a project without the hardware configuration having to be present in their project. This means they can work on the PLC project and on the HMI project at the same time. You can exchange the following controller data between projects via the device proxy: Program blocks Technological objects PLC tags PLC alarms The following data is automatically included in the exchange: Controller interfaces Configured communication processors and communication modules This automatic data exchange ensures that the interfaces and the configured communication processors and modules are transferred along with the data you selected. This data is required to allow you to continue working consistently and without problems in your target project. Cross-project data exchange The following options are available for cross-project data exchange with Inter Project Engineering: Exchanging controller data via IPE file Exchanging controller data via project file 7102 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Exchanging controller data via IPE file The figure below shows cross-project data exchange via an IPE file. 6RXUFHSURMHFW 7DUJHWSURMHFW 3/&B$ ([SRUW 'HYLFHSUR[\GDWD 3/&B$ ,QLWLDOL]DWLRQ ,3(ILOH 'HYLFHSUR[\GDWD 3/&B$ 3/&GHYLFHSUR[\ The PLC controller data from the source project is transferred to the PLC in the target project via the object "Device Proxy Data". PLC data that is exchanged via an IPE file must originate from TIA Portal projects of V13 or higher. Exchanging controller data via a project file The figure below shows cross-project data exchange via a project file. 6RXUFHSURMHFW 3/&B$ 'HYLFHSUR[\GDWD 7DUJHWSURMHFW ,QLWLDOL]DWLRQ 3URMHFWILOH 3/&B% 'HYLFHSUR[\GDWD 3/&GHYLFHSUR[\ The PLC controller data from the source project is transferred to the PLC in the target project via a project file. You can easily transfer and continue to use controller data from older TIA Portal projects as well as STEP 7 Classic projects that are not integrated in TIA Portal in your current TIA Portal projects. WinCC Advanced V14 System Manual, 10/2016 7103 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Inter Project Engineering (IPE) The functionality of Inter Project Engineering, also referred to as "IPE", is used to exchange the controller data in a source project between different projects with the help of the "Device proxy data" object. IPE The functionality of Inter Project Engineering, also referred to as "IPE", is used to exchange the controller data in a source project between different projects with the help of the "Device proxy data" object. IPE file The IPE file includes CPU controller data from a source project which is transferred with the "Device proxy data" object to the CPU in the target project. Project file The project file transfers CPU controller data from a source project to the CPU in the target project. You can conveniently transfer and continue to use controller data from older TIA Portal projects as well as STEP 7 Classic projects that are not integrated in TIA Portal in your current TIA Portal projects. Device proxy data The "Device proxy data" object supports consistent data exchange of CPU controller data across projects between a source project and a target project without redundant configuration. Data exchange across projects with IPE The Inter Project Engineering (IPE) functionality gives you the following options for consistent data exchange across projects: Exchanging PLC data via an IPE file Exchanging controller data via a project file Both files transfer CPU controller data from a source project to a CPU in the target project. See also Requirements for Inter Project Engineering (IPE) (Page 7105) Overview for working with Inter Project Engineering (IPE) (Page 7105) 7104 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 15.2.2 Requirements for Inter Project Engineering (IPE) Software and hardware requirements To use the functionality of Inter Project Engineering, the minimum software and hardware requirements for the installation of TIA Portal V13 or higher must be met. The following requirements also apply: You have installed TIA Portal V13 or higher and the "SIMATIC STEP 7 Professional" software package. You are using a CPU of the S7-1200/1500 or S7-300/400 series. The same software version must be installed on all involved controllers. Requirements for IPE The requirements for accepting controller data from projects are as follows: You have created a project with hardware configuration and PLC data that can be transferred to another project. You have made sure that the project is consistent before you transfer the controller data by means of the "Device proxy data" object. You are familiar with the defined procedures for Inter Project Engineering. Notes on compatibility mode The functions for Inter Project Engineering are not available in compatibility mode. See also Basics of Inter Project Engineering (IPE) (Page 7102) Overview for working with Inter Project Engineering (IPE) (Page 7105) 15.2.3 Overview for working with Inter Project Engineering (IPE) Exchanging controller data across projects You can use the functionality of Inter Project Engineering to exchange existing controller data between different projects with the help of a "Device proxy" and to continue using this data in another project. The "Device proxy" provides you with a consistent and convenient way of exchanging data between projects without redundant configuration work. WinCC Advanced V14 System Manual, 10/2016 7105 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Procedure for exchanging controller data via an IPE file To exchange data via an IPE file, follow these steps: 1. Using TIA Portal V13 or higher, create a project with all required controller data and an executable user program. 2. Configure the hardware required for the project. 3. Compile the project to ensure consistency in your project. 4. In your project, create the object "Device Proxy Data" below the required CPU by clicking the corresponding command "Add device proxy data" in the "Device Proxy Data" folder. Result: The "Device Proxy Data" object has been created. 5. Select the required device proxy data in the project tree and double-click the object to open it in the editor. 6. Enter the required data for the device proxy data in the editor under "General" or apply the default setting. You can change the name and enter a comment for export of the controller data. In the "Define content" area of the editor select which of the existing controller data you wish to export as IPE file and click "Export device proxy data". 7. In the subsequent dialog, enter the name and storage location for the IPE file to be created and click "Save". You will be notified as soon as the export has been completed successfully. Result: The selected controller data has been exported as an IPE file. 8. In your target project, create a device proxy to be able to import the controller data contained in the IPE file. To do so, click the command "Add new device" and select the required device proxy in the dialog that opens. 9. Click the newly created device proxy and select the "Initialize device proxy" command from the shortcut menu. 10.Select the previously created IPE file to be used for the initialization, and confirm the selection in the following dialog with "OK". This starts the initialization. Result: The controller data from the source project contained in the IPE file is transferred to the device proxy in the target project. After the successful exchange of controller data, you can continue with the configuration in your target project and, for example, connect PLC tags with HMI tags. The controller data can be updated as often as required when it is changed in the source project. Procedure for exchanging controller data via a project file When exchanging controller data via a project file, device proxy data can either be predefined in the source project or it can be defined and selected from the target project. Follow these steps to exchange data via a project file: 1. Using TIA Portal V13 or higher, create a project with all required controller data and an executable user program. 2. Configure the hardware required for the project. 3. Compile the project to ensure consistency in your project. 7106 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 4. Open the TIA Portal project from which you want to import the controller data into the target project. 5. In your project, create the object "Device Proxy Data" below the required CPU by clicking the corresponding command "Add device proxy data" in the "Device Proxy Data" folder. Result: The "Device Proxy Data" object has been created. 6. Enter the required data for the device proxy data in the editor under "General" or apply the default setting. You can change the name and enter a comment for the device proxy data. 7. In the "Define content" area of the editor select which of the existing controller data you want to provide by means of the device proxy data. 8. Click "Save" to save the changes in the project. Result: You have successfully saved the selected controller data in your device proxy data. 9. In your target project, create a device proxy to import the controller data contained in the project file. To do so, click the command "Add new device" and select the required device proxy in the dialog that opens. 10.Click the newly created device proxy and select the "Initialize device proxy" command from the shortcut menu. 11.Select the previously created project file with the prepared device proxy data to be used for the initialization, and confirm the selection in the following dialog with "OK". This starts the initialization. Result: The controller data from the source project contained in the project file is transferred to the device proxy in the target project. After the successful exchange of controller data, you can continue with the configuration in your target project and, for example, connect PLC tags with HMI tags. The controller data can be updated as often as required when it is changed in the source project. Procedure for updating already transferred controller data System requirements for the update: The following requirements must be met for updating already transferred controller data with the help of the already created "Device Proxy Data" object: You are using the same project for the update as for the previous transfer of the controller data. You are using the already created "Device Proxy Data" for transfer of the controller data. You have not made any changes to the hardware configuration or the communication interfaces in the meantime. You can add new hardware components. Updating procedure: 1. Open the TIA Portal project from which you want to update the controller data in the target project. 2. Double-click the existing "Device Proxy Data" object and select under content which controller data you want to make available for the update. 3. Save the project or export the IPE file once again. 4. Open the required target project in the TIA Portal. WinCC Advanced V14 System Manual, 10/2016 7107 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 5. Click the existing device proxy in the target project and select the "Update device proxy" command from the shortcut menu. 6. Select the source which is to be used for the update, and confirm the selection. 7. In the following dialog, select under "Device" the CPU that was previously used as source, from which the controller data is to be re-imported. 8. Under "Defined device proxy data", select the required object and exit the dialog with "OK". 9. The update is then started and the selected device proxy data is transferred from the source project to the device proxy in the target project. After the successful updating of the controller data, you can continue with the configuration in your target object and, for example, connect PLC tags with HMI tags. The controller data can be updated as often as required when it is changed in the source project. See also Basics of Inter Project Engineering (IPE) (Page 7102) Requirements for Inter Project Engineering (IPE) (Page 7105) 15.2.4 Creating "Device proxy data" in the source project Introduction In order to exchange controller data across projects you require the "Device proxy data" object that can transfer the controller data of the associated CPU as an IPE file in the source project. Creating a "Device proxy data" object in the source project Proceed as follows to create a new "Device proxy data" object: 1. Open the "Device proxy data" folder below the CPU to which you want to create a "Device proxy data". 2. Click the command "Add new device proxy data". Result The "Device proxy data" object has been created and is displayed in the project navigation below the associated CPU. The created "Device proxy data" contains the controller data of the associated CPU. 7108 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 15.2.5 Creating an IPE file by means of the "Device proxy data" Opening the "Device proxy data" and defining the content for an IPE file Proceed as follows to create an IPE file by means of a "Device proxy data": 1. Open the required "Device Proxy Data" with a double-click in the "Device Proxy Data" folder in the project tree below the CPU. 2. Enter the required settings for the "Device proxy data" object in the editor under "General" or apply the default setting. You can change the name and enter a comment for export of the controller data. 3. In the "Define content" area of the editor select which of the existing controller data of the CU you wish to export as an IPE file and click "Export device proxy data". 4. In the subsequent dialog, enter the name and storage location for the IPE file to be created and click "Save". You will be notified as soon as the export has been completed successfully. Result The selected controller data have been exported as an IPE file. 15.2.6 Using controller data from other projects with IPE 15.2.6.1 Using controller data from other projects in an HMI device Basics on controller data Introduction In the source project of the PLC, you can select which controller data is to be stored as deviceproxy data. To this end, you create a device proxy data from a configured PLC. Which controller data can be exchanged? The following controller data can be exchanged via IPE: Data blocks Technology objects PLC tags PLC supervisions and PLC alarms WinCC Advanced V14 System Manual, 10/2016 7109 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) The following information is exchanged automatically: Interfaces of the PLC Configured communication processors and communication modules at the PLC Initializing a device proxy via an IPE file Initializing device proxy via an IPE file How does initialization of a device proxy via an IPE file work? You can exchange controller data between two or more projects using IPE files. Due to their small data volume, you can send IPE files by e-mail, for example. You can create multiple IPE files with different device proxy data for each PLC. A device proxy can only be filled with one device proxy data record in the target project. 6RXUFHSURMHFW 7DUJHWSURMHFW 3/&B$ ([SRUW 'HYLFHSUR[\GDWD 3/&B$ 'HYLFHSUR[\GDWD 3/&B$ ,QLWLDOL]DWLRQ ,3(ILOH 3/&GHYLFHSUR[\ An IPE file is exported from the source project. The IPE file contains device proxy data of the PLC "PLC_A". A device proxy is created in the target project. In the target project, the device proxy is then initialized with the device proxy data from the IPE file. Following initialization, all device proxy data from the IPE file is contained in the device proxy. If changes are made in the source project, the device proxy of PLC_A in the target project can be updated via the new IPE file. 7110 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Initializing a device proxy via an IPE file Introduction You initialize device proxy data using a dialog on the device proxy in the TIA Portal. The IPE file contains the device proxy data from the source project. Requirement IPE file is available. WinCC Advanced V14 System Manual, 10/2016 7111 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Procedure 1. Double-click "Add new device" in the project tree. 2. Select the device proxy under "Controller". A new device is created in the "Devices & Networks" editor. 3. Select the device proxy in the project tree. 7112 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 4. Click "Initialize device proxy" in the shortcut menu. 5. Select the IPE file and click "Open". The "Initialize device proxy" dialog opens. Note You cannot select the device proxy data before initialization in the target project. All device proxy data included in the IPE file is transferred. Initialize the device proxy via project file if you want to select specific device proxy data before initialization: Initializing a device proxy via a project file (Page 7116) 6. Click "OK". Initialization of the device proxy is started. Result Following initialization, all device proxy data from the IPE file is contained in the device proxy. You can now configure an HMI connection with the device proxy and connect PLC tags from the device proxy with HMI tags, for example. WinCC Advanced V14 System Manual, 10/2016 7113 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Updating a device proxy via an IPE file Introduction If changes were made to the device proxy data in the device proxy source project, the device proxy data can be updated in the target project. Requirement New IPE file contains the device proxy data from the source project. A device proxy has already been initialized using an IPE file in the target project. Procedure 1. Select the device proxy in the project tree. 2. Click "Update device proxy" in the shortcut menu. 7114 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 3. Select the IPE file. 4. Select whether you wish to update the PROFINET or PROFIBUS addresses. 5. Click "OK". WinCC Advanced V14 System Manual, 10/2016 7115 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Initializing a device proxy via a project file Initializing a device proxy via a project file How does an initialization via project file work? You can transfer controller data using a project file in your TIA Portal project: 6RXUFHSURMHFW 3/&B$ 'HYLFHSUR[\GDWD 3/&B% 'HYLFHSUR[\GDWD 7DUJHWSURMHFW ,QLWLDOL]DWLRQRIGHYLFH SUR[\GDWD 3/&GHYLFHSUR[\ There are two PLCs in the source project. Device proxy data objects of the two PLCs are created in the source project. The source project is saved. A device proxy is created in the target project. The source project (*.ap13) is first selected using the command for the initialization of device proxy in the device shortcut menu. The "PLC_A" and "PLC_B" controllers are available for selection and their device proxy data have already been created. After selection of device proxy data of "PLC_A", the data is stored in the PLC_Proxy of the target project. Changes from the source project can be transferred by an update via the project file. Initializing a device proxy via a project file Introduction You initialize the device proxy using a project file. Requirement Project file (*.ap13) exists. 7116 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Procedure 1. Double-click "Add new device" in the project tree. 2. Select the device proxy under "Controller". A new device is created in the "Devices & Networks" editor. 3. Select the device proxy in the project tree. WinCC Advanced V14 System Manual, 10/2016 7117 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 4. Click "Initialize device proxy" in the shortcut menu. 5. Select the following entry in the "Open device proxy data source" dialog: "TIA Portal projects (*.ap13)" 6. Select a project file and click "Open". The "Initialize device proxy" dialog opens. 7. Select a device proxy data object already created from an available PLC to initialize the device proxy. 8. Click "OK". Note During initialization of the device proxy a check is automatically carried out whether the selected data are consistent and can be imported into the target project. If the source project contains inconsistent data, compile your source project. Result Following initialization, the controller data from the project file in the selected device proxy data object is stored in the device proxy. You can now configure an HMI connection with the device proxy and connect PLC tags from the device proxy with HMI tags, for example. 7118 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Initializing via STEP 7 V5.5 projects You can find more information about importing control data from projects prior to TIA Portal V11 in the section Integrated configuration with WinCC and Simatic Manager (Page 7128). You can find additional information in the FAQ with entry ID: 73502293 (http:// support.automation.siemens.com/WW/view/en/73502293) Updating a device proxy via a project file Introduction If changes have been made to the controller data in the source project of the device proxy, you can update the device proxy in your TIA Portal project. Requirement Project file has been generated from the source project of the device proxy. A device proxy that has already been initialized is available in the target project. Procedure 1. Select the device proxy in the project tree. 2. Click "Update device proxy" in the shortcut menu. WinCC Advanced V14 System Manual, 10/2016 7119 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 3. Select the project file. The "Update device proxy" dialog opens. 7120 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 4. Select a device. Note If you have created several device proxy data objects in the source project, you need to select one device proxy data object. Note Already initialized device proxies cannot be overwritten with controller data from a different PLC. 5. Select whether you wish to update the PROFINET or PROFIBUS addresses. 6. Click "OK". 15.2.6.2 Communication with device proxies Basics of communication with device proxies Introduction Data exchange between the HMI device in your target project and existing controller from the source project is enabled in the TIA Portal using device proxies. You initialize a device proxy with device proxy data from the source project and link the HMI device to the device proxy PLC in the target project. The HMI device and the device proxy PLCs can communicate with each other directly via a subnet or across multiple subnets. For communication across multiple subnets, you need to configure a device proxy-PLC as a router that connects the HMI device and the target PLC. The communication between connection partners is possible via the following connections: PROFINET PROFIBUS MPI Setting network parameters In the TIA Portal, you connect the HMI device and the device proxy PLC in the "Devices & Networks" editor. Once you have connected an HMI device with the device proxy PLC, adapt the properties of the network parameters. Note the WinCC Advanced V14 System Manual, 10/2016 7121 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) network parameters from the source project and enter them in the properties of the network connection between the device proxy PLC and the HMI device. Note IPE does not transfer data to the network configuration. You therefore configure the required networks in the target project manually so that the network configuration in the target project corresponds to the configuration in the source project. The subnet IDs of the devices in the target project in particular must correspond to each other and to the IDs of the devices in the source project. Otherwise, communication will not be possible between the source device and the HMI devices in runtime Depending on the connection, provide the following parameters: Connection Parameters Ethernet S7 subnet ID MPI PROFIBUS S7 subnet ID Highest address Transmission rate Bus parameters Communication via S7 routing To establish a routed connection to these connection partners, a router must be interposed. Configure both the router and the target PLC as device proxies. The router and the target PLC can be initialized with an IPE file, TIA Portal project file or a STEP 7 V5.5 project file. Modules with communication capability (CPUs or CPs) used to establish gateways between the subnetworks must have routing capability. The S7 routing settings can be edited in the relevant interface properties. You can configure the S7 routing connection in the "Devices & Networks" editor. Note A routed connection must be configured in the source project for a routed connection to a connection partner that was loaded with the source project data. 7122 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) The routing path is determined in Runtime by the system and cannot be influenced by the user. During configuration, it is not possible to generate information about a faulty connection. All relevant routing paths have to be mapped in the TIA Portal exactly as they were configured in STEP 7 source project. Configuring a direct connection Introduction In the target project, configure a direct connection between a device proxy PLC and an HMI device in "Devices & Networks" editor. The following configuration describes a network for the following communication partners: HMI device Device proxy PLC Requirements Device proxy data were exported from the source project An HMI device has been created in the target project A proxy device has been created WinCC Advanced V14 System Manual, 10/2016 7123 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Procedure 1. Note the subnet ID of the connection in the source project. For an MPI or PROFIBUS connection, also note also the highest address, the transmission speed and the bus parameters. 2. Initialize the device proxy in the target project with the device proxy data from your source project. 3. Connect the communication interfaces of the HMI device and of the device proxy PLC. The corresponding S7 subnet is automatically generated. 4. Transfer the parameters that you noted from the source project into the parameters of the TIA project: - Enter the S7 subnet ID under "Properties > General". - Enter the highest address and the transmission rate under "Properties > Network Settings". - Enter the bus parameters under "Properties > Bus parameters". 7124 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Configuring a routed connection Introduction The HMI device and the device proxy PLCs can communicate with each other across multiple subnets. For a routed connection, configure a device proxy PLC as a router between the HMI device and the target PLC. Note For a routed connection to the connection partner from the source project, a routed connection must be configured in the source project. The following configuration describes a network for the following communication partners: HMI device Device proxy PLC as router Device proxy PLC as target PLC All subnets that are involved in the routing between the HMI device and the target PLC must be configured in the source project. They must be identically configured in the target project. Requirements Device proxy data were exported from the source project An HMI device has been created Two device proxies have been added WinCC Advanced V14 System Manual, 10/2016 7125 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Procedure 1. Note the subnet IDs of the connections in the source project. For a PROFIBUS connection, also note also the highest address, the transmission speed and the bus parameters. 2. Initialize the source proxy in the target project with the device proxy data from your source project. 3. Create the network connection between the HMI device and the router as well as between the router and the target PLC as it was configured in the source project. 4. Click the "Connections" button. 5. Connect the communication interfaces of the HMI device and of the router. Router and target PLC are connected automatically. 6. Create an HMI connection between the HMI device and the target PLC using drag-anddrop operation. The "Connect with subnet" dialog opens. 7126 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 7. Select "Add S7 routed connection". The routing connection is created. 8. Transfer the parameters that you noted from the source project into the parameters of the TIA project: - Enter the S7 subnet ID under "Properties > General". - Enter the highest address and the transmission rate under "Properties > Network Settings". - Enter the bus parameters under "Properties > Bus parameters". WinCC Advanced V14 System Manual, 10/2016 7127 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Result The created connection is displayed in the "HMI connections" editor. 15.2.6.3 Integrated configuring with WinCC and SIMATIC Manager Basic principles for configuring with WinCC and SIMATIC Manager Integrated configuring with WinCC and SIMATIC Manager The TIA Portal provides the option to create PLC programs and the HMI configurations using a uniform user interface. In some cases it is still necessary, for technical or customer-specific reasons, to create the PLC program with the "STEP 7 V5.x" software and the HMI configuration with the WinCC software (TIA Portal). You can directly access the PLCs configured in the SIMATIC Manager and their current data via the device proxy PLC and integrate this into WinCC (TIA Portal). Requirement WinCC with version V13 or higher SIMATIC Manager STEP 7 with version V5.4 SP3 or higher In SIMATIC Manager all required software option packages that are used in the STEP 7 project must be installed. The project must be consistent in the SIMATIC Manager. Supported PLCs S7-300 PLC S7-300F PLC S7-400 PLC S7-400F PLC 7128 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) S7-300 T-PLC ET200 PLC (IM 151-x CPU) Supported alarm procedures Discrete alarm types Analog alarm types Signal system fault (SFM) Alarm_S, Alarm_SQ, Alarm_D, Alarm_DQ Initializing a device proxy via a STEP 7 project file Introduction A connection to a CPU within the SIMATIC Manager is established through the initialization. After successful initialization the tags and messages contained in the SIMATIC Manager are also available in the WinCC project. Initializing a device proxy PLC 1. Initialize the device proxy via the project file (*.s7p) of your STEP 7 project. In the "Initialize device proxy" dialog, select the CPU, program blocks, symbols and PLC messages for the device proxy. 2. After successful initialization the selected data are displayed in the program folders in the project tree. Note The data are not processed in WinCC (TIA Portal). Only reading access to the tags is available. Changes to the STEP 7 program are always carried out in the SIMATIC Manager. Note Support of H-PLCs IPE functionality in the TIA Portal also supports the use of H-PLCs from STEP 7 as of V5.5. Only the master H-PLC is relevant during the initialization of the device proxy. Display of the original name of the source device 1. Open the device configuration of the device proxy PLC. 2. Select "Device view"". 3. Open "Properties > General > General > Device proxy information". The original name is displayed under "Proxy source". WinCC Advanced V14 System Manual, 10/2016 7129 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Creating a network connection between HMI and PLC As when using a "Standard PLC", you configure a network connection between the used HMI device and the device proxy PLC. 1. In the device configuration select "Network view". 2. Mark the device proxy PLC and enter the same connection properties under "Properties" that the PLC program has in the SIMATIC Manager. 3. Network and connect the two devices. Note Network connection and addresses Irrespective of whether you have created an Ethernet connection or a PROFIBUS connection, check the respective addresses and bus parameters of the modules used and if necessary adapt these. If you use PROFIBUS, observe the additional information under Adapting network parameters (Page 7130). Adapting network parameters Introduction If you have networked an HMI device with the device proxy PLC, you have to adapt the properties of the parameters in the STEP 7 5.x project in the following cases: You have a STEP 7 V5.x project. The HMI devices in this project created with WinCC flexible were migrated to WinCC (TIA Portal) and networked with the device proxy PLC. You have a STEP 7 V5.x project. The HMI devices were configured only with WinCC (TIA Portal) and are networked with the device proxy PLC. Depending on the connection, provide the following parameters: Connection Parameters Ethernet S7 subnet ID MPI PROFIBUS S7 subnet ID Highest address Transmission rate Bus parameters Record the parameters in the STEP 7 project and enter these in the TIA Portal at the properties of the network connection. Adapting network parameters 1. Open the hardware configuration of the CPU in the SIMATIC Manager. 2. Open the object properties of the PROFIBUS interface of the CPU. 3. Select the "Properties..." button under "General" in the "MPI/DP properties" dialog. The "Properties - PROFIBUS interface" dialog is opens. 7130 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 4. Select the "Properties..." button under "Parameters" in the "Properties - PROFIBUS interface" dialog. The "Properties - PROFIBUS" dialog is opens. 5. Note the S7 subnet ID. 6. If you adapt the PROFIBUS connection, record the "Highest address" and "Transmission rate" parameters in the "Network settings" dialog box. 7. If you adapt the PROFIBUS connection, select the "Bus Parameters" button in the "Properties - PROFIBUS" window under "Network settings". Note the bus parameters listed there. 8. In "Devices & Networks" editor of the TIA Portal, select the network connection between the device proxy PLC and the HMI device. WinCC Advanced V14 System Manual, 10/2016 7131 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 9. Select the "User-defined" profile under "Properties > General> Network Settings". 10.Transfer the parameters that you noted from the STEP 7 configuration into the parameters of the TIA project: - Enter the S7 subnet ID under "Properties > General". - Enter the highest address and the transmission rate under "Properties > Network Settings". - Enter the bus parameters under "Properties > Bus parameters". 7132 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) WinCC Advanced V14 System Manual, 10/2016 7133 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Checking inconsistent data Introduction During initialization of a device proxy a check is automatically carried out whether the selected data are consistent in the source project and can be imported into the target project. If the source project contains inconsistent data, repair them in the source project in the SIMATIC Manager. The following tools are available for determining and repairing the inconsistent data in STEP 7 V5.x: "Check block consistency" for checking data blocks and alarms "Symbol Editor" for checking the symbols Note You can find additional information on "Check block consistency" and "Symbol editor" in the STEP 7 V5.x documentation. Checking data blocks and messages 1. Open the source project in the S7 SIMATIC Manager. 2. Mark the block folder in the project window. 3. Select the "Check block consistency..." entry from the shortcut menu. The "Check block consistency" editor opens. 4. Select the "Program > Compile" command from the menu. Inconsistencies in the blocks are corrected automatically and objects are compiled. 5. If an inconsistency cannot be corrected automatically, an error message is output. By double-clicking the error message you jump to the faulty object. Correct the inconsistencies manually and save the project afterwards. Checking symbols 1. Open the source project in the S7 SIMATIC Manager. 2. Start the Symbol Editor by double-clicking the symbol table. The Symbol Editor is opened. 3. Invalid global symbols in the table are marked in red. 4. Repair or delete the invalid symbols. 7134 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Adapting tags and connections Introduction Adapt the connection names and synchronize the tags for establishing the connection after the migration. When the HMI device is networked with the device proxy PLC the system creates a connection and assigns a connection name. If an HMI connection already existed, adapt the new connection name. Adapting the connection name 1. Copy the previous connection name. 2. Delete the existing connection. 3. Replace the new connection name by the previous name. Symbolic connection of the tags 1. Call up the tag editor. 2. Select all the tags. 3. Click "Synchronize to compare with PLC tag". The "Options for synchronizing WinCC tags" window opens. 4. Select the options "Data type and absolute address agree" and "Replace WinCC tag name by the PLC tag name" in the window. 5. Click "Synchronize". Synchronization of the tags is carried out. Updating a device proxy via a STEP 7 project file Introduction The data of the device proxy PLC have to be updated whenever changes are made in the SIMATIC Manager that affect the HMI device. This is, for example, the case when address area in the data blocks have been changed or extended. Updating device proxy data 1. Update the data of the device proxy via the project file (*.s7p) of your STEP 7 project. 2. In the update dialog. select the same CPU that you also used during the initialization of the device proxy PLC as the data source. An update with a different hardware configuration is not allowed. WinCC Advanced V14 System Manual, 10/2016 7135 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 3. Through the dialog you have the possibility to select newly created data blocks from the SIMATIC Manager additionally. Only selected objects are imported in the TIA Portal project. Note All the data that were selected during the previous initialization are automatically selected again as well. You should only change this default setting if you consciously want to remove data from the device proxy PLC. If, for example, the DB1 was included in the TIA Portal project through the initialization, and you now deactivate the DB1, the DB1 is deleted from the TIA Portal project during updating. 4. Confirm the selection using the "OK" button. Updating of the tags is started. 5. The addresses of the tags were adapted automatically through the symbolic connection of the tags. This completes updating of the tags. Including tags from the SIMATIC Manager Introduction Through the initialization of the device proxy PLC you have included the tags from the SIMATIC Manager into the WinCC project. In WinCC, you insert tags of the device proxy PLC directly into an HMI screen or a screen object. Inserting a tag into the HMI configuration 1. Open the folder with the program blocks of the device proxy PLC in the project tree. 2. Select the block that contains the tags. 3. All the tags of the selected block are displayed in the detail view. 4. Drag&drop the tag from the detail view into the working area. An I/O field with the selected tag is created. Carry out further settings in the Inspector window. Alternatively configure an I/O field in the HMI screen and drag&drop the tag into the I/O field. Result The tag from a block of the device proxy PLC is inserted into the HMI project and connected with the I/O field. 7136 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) Configuring the "Direct keys" system function Introduction If you want to integrate HMI devices that can only be configured with WinCC (TIA Portal), for example SIMATIC HMI Comfort Panels, into the hardware configuration of the SIMATIC Manager, you require the corresponding matching GSD/GSDML files. The required GSD/GSDM files for WinCC are located in FAQs mutual configuration with WinCC (TIA Portal) and STEP 7 V5.x (http://support.automation.siemens.com/WW/llisapi.dll? aktprim=4&lang=en&referer=%2fWW %2f&func=cslib.csinfo&siteid=csius&groupid=4000002&extranet=standard&viewreg=WW&n odeid4=20229806&objaction=csopen) Installing GSD files 1. Open the hardware configuration in the SIMATIC Manager. 2. Select the "Options > Install New GSD Files" menu command. The "Install GSD files" dialog is displayed. 3. Use the "Browse" button to select the file folder that contains the GSD files. Note PROFINET / PROFIBUS storage paths in the SIMATIC Manager The GSDML files for the HMI devices are located in the hardware catalog under PROFINET IO > HMI > SIMATIC HMI > GSD > KP/x". The GSD files for the HMI devices are located in the hardware catalog under PROFIBUS DP > Weitere FELDGERATE > MMI > SIMATIC_HMI > HMI CP_x". 4. Mark all the files and click the "Install" command button. PROFINET connection: PROFINET IO direct keys 1. Note the properties used for the HMI device to be replaced. Take particular note of I/O addresses, device name, device number and diagnostic addresses if these are evaluated. 2. Remove the existing GSD file. 3. Drag&Drop the configured HMI device type from the hardware catalog onto the displayed PROFINET IO bus. 4. Adapt the properties as noted. Note Take the rules for the names of PROFINET IO devices into consideration for the device name. Use only lower-case characters and no special characters for the device name. 5. Confirm the entries with OK. WinCC Advanced V14 System Manual, 10/2016 7137 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) 6. Save and compile the configuration and transfer the hardware configuration to the controller. 7. Open the device configuration of the TP1200 Comfort and change to the "Device view". 8. Enter the PROFINET device name in the properties of the configured HMI device in WinCC under "Properties > General > PROFINET interface X1 > Ethernet addresses". To assign the PROFINET device name, deselect the option "Generate PROFINET device name automatically". Note The PROFINET name in the WinCC configuration must correspond to the PROFINET name stored in the SIMATIC Manager. 7138 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.2 Exchanging data with Inter Project Engineering (IPE) PROFIBUS connection: PROFIBUS DP direct keys Please note that the direct keys are configured in the SIMATIC Manager. Note If direct keys to several CPUs are configured from one panel, the direct keys will only function on one CPU. The further CPUs display a bus / group error. 1. Note the properties used for the HMI device to be replaced. Take particular note of I/O addresses, device name and diagnostic addresses if these are evaluated. 2. Remove the existing GSD file. 3. Drag-and-drop the GSD module that contains the configured HMI device type from the hardware catalog to the PROFIBUS DP bus displayed. 4. Adapt the properties I/O address, device name, PROFIBUS address and diagnostic address as previously noted. 5. Confirm the entries with OK. 6. Save and compile the configuration and transfer the hardware configuration to the controller. WinCC Advanced V14 System Manual, 10/2016 7139 Using Team Engineering 15.3 Using Multiuser Engineering 7. Open the device configuration of the HMI device that you want to use and change to the "Device view". 8. Network the PROFIBUS interface in the properties of the configured HMI device under "Properties > General > MPI/DP interface X2 > PROFIBUS address > Network interface with". 9. Specify the PROFIBUS address at "Parameters". Note The PROFIBUS address in the WinCC configuration must correspond to the PROFIBUS address stored in the SIMATIC Manager. 15.3 Using Multiuser Engineering 15.3.1 Introduction to Multiuser Engineering Introduction In the TIA Portal V14, you have the option of working with Multiuser Engineering . The advantage of this is that you can work with multiple users simultaneously in multiuser projects. This approach significantly reduces the configuring times for your projects. You can commission your plant faster and start production sooner. In Multiuser Engineering, you can also use other functionalities of Team Engineering , such as working together on a CPU and exchanging data with Inter Project Engineering (IPE). This is how Multiuser Engineering works in TIA Portal: 1. Project management is located either on a local or external server. 2. Different users work in local sessions, based on the projects managed by the server. 3. Users work independently from each other in local sessions. 4. The changes from the local sessions are transferred to the server project on check-in. 5. Checked-in changes from other editors are displayed and can be conveniently applied. 7140 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Note Working efficiently with Multiuser Engineering When working in parallel in multiple local sessions, you should correct errors that occur at an early stage so that the distributed work on a shared project stays efficient. Therefore, it is recommended to first compile pending changes before check-in in the multiuser editor. Several compiling options are available for this. If compiling errors are indicated, you should correct them remove before check-in. Compiling pending changed before check-in ensures that you are checking in and transferring an error-free project to other editors. WinCC Advanced V14 System Manual, 10/2016 7141 Using Team Engineering 15.3 Using Multiuser Engineering Different options are available for working simultaneously on a multiuser project, as can be seen in the table below: Application scenarios for Multiuser Engineering Scenario 1: Several configuration engineers work across multiple devices on different objects. In this scenario, each configuration engineer works on the objects assigned to them on different devices. Scenario 2: Several configuration engineers work device-oriented on different objects. In this scenario, each configuration engineer works on the objects assigned to them on only one device. Scenario 3: Several configuration engineers work technology-based on different objects. In this scenario, each configuration engineer works on defined technological objects (e.g. Motor_1 or Motor_2) on all existing devices. By working on different objects, such as different tags, blocks, PLC tags, interrupts, screens, text and graphic lists, technology objects etc., on one or multiple devices within a multiuser project at the same time, you can make your configuration times more effective and reduce them significantly. 7142 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering See also Overview of the mode of operation with Multiuser Engineering (Page 7143) Basics of the multiuser server concept (Page 7147) Requirements for working with Multiuser Engineering (Page 7150) Supported objects for Multiuser Engineering (Page 7152) 15.3.2 Overview of the mode of operation with Multiuser Engineering Introduction If you want to work with multiple users simultaneously in multiuser projects, specific procedures should be observed. Below you will find an overview of the general mode of operation with Multiuser Engineering. Requirements for working with Multiuser Engineering Please observe the following rules for working in multiuser projects: Before they can be used as multiuser projects, the projects to be edited should already contain the entire hardware configuration, the required blocks, connections and global settings. For more information on this topic, refer to: Requirements for multiuser projects (Page 7156) Avoid working on the same objects simultaneously by consulting beforehand with the other editors. All global settings, such as changes within the device configuration, must be made in the server project view (i.e. in the central server project). All objects of a multiuser project can be edited in the server project view. You can also edit objects that do not support the Multiuser Engineering functionality. WinCC Advanced V14 System Manual, 10/2016 7143 Using Team Engineering 15.3 Using Multiuser Engineering Overview of the mode of operation with Multiuser Engineering To use the Multiuser Engineering functionality, carry out the following steps: Action Example 1. Create multiuser project on the server 0XOWLXVHUVHUYHU 7,$ You install a multiuser server and upload a singleuser project to the multiuser server that is being used. The project should be structured so that the requirements for multiuser projects are fulfilled. Result: By uploading a project to the multiuser server, you generate a multiuser server project out of the singleuser project. )% )% )& )& 0XOWLXVHUVHUYHUSURMHFW 6LQJOHXVHUSURMHFW 2. Create local session for "Editor 1" 7,$ You create a "local session" as copy of the server project on your computer. Each editor marks the object they want edit in their local session. 6HUYHUSURMHFW Various objects can be edited at the same time by several users in the various local sessions. Result: )% Objects marked in their own local session are identi fied with a blue flag. The flags are also displayed in the project tree and the editors of the TIA Portal. 7144 )& /RFDOVHVVLRQ WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Action Example 3. Create local session for "Editor 2" 7,$ You create a second local session so that the second editor can edit their task in their own local session. 6HUYHUSURMHFW The second editor also marks the object they want to edit in their local session. Result: Objects marked in their own local session are identi fied with a blue flag. Objects marked in another local session are identi fied with a yellow flag. Therefore, each editor also sees which objects they are working on or which other editors are working on. )% )% )& )& /RFDOVHVVLRQ /RFDOVHVVLRQ 4. Checking in the changes by "Editor 1". As soon as the work in the local session has reached a certain working version, check the changes into the multiuser server project. The changes to marked objects are applied in the multiuser server project by the check-in. 7,$ )% &KHFNLQFKDQJHV 6HUYHUSURMHFW After the check-in, "Editor 2" is shown in their local session that a object is "outdated". RXWGDWHG Result: )% )% The changes of "Editor 1" are transferred to the serv er project. )& )& "Editor 2" can refresh their local session with the new server data, if required. WinCC Advanced V14 System Manual, 10/2016 /RFDOVHVVLRQ /RFDOVHVVLRQ 7145 Using Team Engineering 15.3 Using Multiuser Engineering Action Example 5. "Editor 2" updates their local session 7,$ "Editor 2" is shown in their local session that an object is available in a newer version in the server project and updates their local session. 6HUYHUSURMHFW The newer version is applied by the refresh and inserted in their own local session. 5HIUHVKORFDOVHVVLRQ All unmarked objects are overwritten with the current server version, all marked objects are retained. Result: )% )% The changes from the server project are transferred to the local session of "Editor 2". )& )& /RFDOVHVVLRQ /RFDOVHVVLRQ 6. "Editor 2" checks in changes to server project 7,$ )& "Editor 2" has completed their changes in the local session and checks their blue-marked objects into the multiuser server project. 6HUYHUSURMHFW The changes to marked objects are applied in the multiuser server project by the check-in. &KHFNLQFKDQJHV After the check-in, "Editor 1" is shown in their local session that an object is "outdated". Result: The changes of "Editor 2" are transferred to the serv er project. "Editor 1" can refresh their local session with the new server data, if required. 7146 /RFDOVHVVLRQ )% )% )& YHUDOWHW )& /RFDOVHVVLRQ WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Action Example 7. Processing is completed 7,$ The processing of the various configuration tasks in the local sessions has been completed. 6HUYHUSURMHFW &ORVHSURFHVVLQJ Result: &ORVHSURFHVVLQJ All changes are checked in to server project. The local sessions and the server project are synchronized. There are no more markings in the local sessions. You can save the multiuser server project as singleuser project and continue to use it in TIA Portal as usual. )% )% )& )& /RFDOVHVVLRQ!([SRUWDVVLQJOHXVHUSURMHFW Note: If required, you can export the local sessions as sin gle-user project and continue to work on them as usual in the TIA Portal. See also Requirements for working with Multiuser Engineering (Page 7150) Basics of the multiuser server concept (Page 7147) Supported objects for Multiuser Engineering (Page 7152) Requirements for multiuser projects (Page 7156) Exporting a local session as single-user project (Page 7241) 15.3.3 Basics of the multiuser server concept Introduction To work with Multiuser Engineering , you need a multiuser server that manages your multiuser projects and the local sessions. With the help of the multiuser server you can: Create new multiuser server projects in which multiple users can work at the same time. Display and manage existing server projects. Create and manage local sessions. WinCC Advanced V14 System Manual, 10/2016 7147 Using Team Engineering 15.3 Using Multiuser Engineering Requirement To use the functionality of the multiuser server, you must have installed the multiuser server software suitable for your version of the TIA Portal (e.g. TIA Portal V14 and multiuser server V14) or use the local multiuser server that was installed by default. Possible server constellations Different server constellations for the Multiuser Engineering functionality are available in TIA Portal V14 or higher: 1. The "local" multiuser server that is automatically installed in the TIA Portal. 2. The so-called "temporary multiuser server" in which the server functionality is implemented on a workstation. 3. The multiuser server that is implemented as dedicated external server for long-term collaboration. The table below provides an overview of working with the possible server constellations. 7148 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Overview of possible server constellations for Multiuser Engineering 1. Multiuser server as dedicated server The multiuser server can be installed with the TIA Portal or as a standalone product. 6HUYHUSURMHFWV This configuration is usually the one that is used as "office network configuration". The multiuser server runs on a separate computer. This server constellation can be reached at all times and supports integrated working "around the clock" by default. The multiuser server must be installed and configured. /RFDOVHVVLRQ /RFDOVHVVLRQ /RFDOVHVVLRQ 2. Temporary multiuser server: Editors of the multiuser project can apply the server function to their computer. This configuration is also a possible "office configuration". 6HUYHUSURMHFWV The temporary multiuser server must be installed and configured. /RFDOVHVVLRQ /RFDOVHVVLRQ WinCC Advanced V14 System Manual, 10/2016 /RFDOVHVVLRQ 7149 Using Team Engineering 15.3 Using Multiuser Engineering Overview of possible server constellations for Multiuser Engineering 3. Local multiuser server: The local multiuser server runs on the computer of the respective editor. It is available immediately without additional installation and configuration because it is installed with the TIA Portal. There is no multiuser license request for the local multiuser server. The local multiuser server cannot be accessed from other computers over a network. /RFDOVHVVLRQ 2ZQORFDO 6HUYHUSURMHFWV The local multiuser server is suitable for learning and testing the Multiuser Engineering functionality because it does not require server installation or configuration. The local multiuser server can also be used for separate project management with "rollback" function. See also Overview of the mode of operation with Multiuser Engineering (Page 7143) Requirements for working with Multiuser Engineering (Page 7150) Supported objects for Multiuser Engineering (Page 7152) 15.3.4 Requirements for working with Multiuser Engineering System requirements The same hardware and software requirements as for working with TIA Portal V14 apply to working with Multiuser Engineering in V14 . For information about the regulations in place for the products you have installed, go to "Installation" > "System requirements for installation". Note Identical software installation as requirement for working with Multiuser Engineering To work with Multiuser Engineering without any restrictions, it is important that the same software products of the TIA Portal are installed with identical product versions on all Engineering Systems used. 7150 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Multiuser server To work with the full functionality of Multiuser Engineering, you need an installed multiuser server. You need administrator rights in part for installing, configuring and administering the multiuser server. The multiuser server is configured and administered with the supplied multiuser tools. Two alternative procedures are available for this purpose: Using the graphical user interface Using the multiuser administrative tools and power tools which are executed with the command line. You can configure and administer the multiuser server using a convenient user interface or with command line commands. Both procedures lead to an identical result. A detailed description of the procedure is available under "Installing the multiuser server (Page 7165)" and under "Configuring and administering the multiuser server (Page 7168)". Multiuser network profiles You have the option of setting the required performance capability for the network profile you are using in the settings for the TIA Portal. To do so, select the required profile from the drop-down list in the TIA Portal under "Options" > "Settings" > "Multiuser" > "Multiuser network profiles". You will find a detailed description of the network profiles at Setting the multiuser network profiles (Page 7221) Licensing for Multiuser Engineering For working with Multiuser Engineering , you only need a license for a specific version (Floating License) and an associated License Key when you are working with a multiuser server. As long as you are only using the local multiuser server with limited functionality, you do not need an additional license for the installed TIA Portal. You can either include the License Key in the installation of the TIA Portal or transfer it using the Automation License Manager after the installation. Multiuser Engineering checks whether a valid license key exists as soon as you open a local session to edit objects. If a valid license key is found, the local session is opened and you can work in the local session without restrictions. If a valid license key is not found, you will receive an error message. You can temporarily activate a "Trial" license to work in a local session. Once the "Trial" license has expired, you need a valid multiuser license to work in local sessions. A license is not required for the following actions in the context of Multiuser Engineering: Configuring and starting the multiuser server Opening the multiuser project management WinCC Advanced V14 System Manual, 10/2016 7151 Using Team Engineering 15.3 Using Multiuser Engineering Adding projects to the multiuser server Creating local sessions Deleting local sessions Exporting local sessions as single-user projects Note Handling licenses Please observe the general information on handling licenses in the TIA Portal. This information is available in the "Installation" section of the respective products in the information system. Archiving and retrieving projects The archiving and dearchiving of local sessions is not supported by Multiuser Engineering. Archiving and retrieving of multiuser projects results in invalid local sessions, because the connection to the multiuser server is interrupted by these actions. Opening a local session as reference project It is not possible to open a local session as reference project when working with Multiuser Engineering. This prevents a local session from being opened multiple times simultaneously and therefore becoming invalid. Length of the path and file names in Multiuser Engineering If the path and file names have more than 259 characters in total, an error message is displayed when you are working with Multiuser Engineering. You are notified that the used names are too long and that the requested action cannot be performed for this reason. Shorten the path names or file names in this case so that the required action can be performed. See also Setting the multiuser network profiles (Page 7221) 15.3.5 Supported objects for Multiuser Engineering Introduction The Multiuser Engineering functionality is available for almost all objects in TIA Portal V14 or higher. Objects that do not support this functionality yet can be edited in the local session but cannot be marked. 7152 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering This means they are not applied to the server project during check-in. The changes to such objects are again overwritten with the contents of the server project and lost after check-in and after a refresh in the local session. You can edit unmarked objects in the server project view. You should make version changes to instructions in the server project view. In Multiuser Engineering, it is also possible to work with the Team Engineering functionality, such as working on a shared CPU and data exchange via Inter Project Engineering (IPE). Objects supported by STEP 7 for Multiuser Engineering The objects listed below for the STEP 7 product are supported: Blocks: OB, FB, FC, global DBs and instance DBs PLC data types and constants: With the exception of system data types generated automatically by the system. Tags: With the exception of system tags that are created and deleted by the system. Interrupts: With the exception of system interrupts. Program interrupts can only be marked for editing together with the associated FB or DB. Interrupt classes: With the exception of system interrupt classes Text lists: With the exception of system text lists Watch and force tables Library elements of the project libraries Technology objects: With the exception of technology objects for Standard Motion Control and Advanced Motion Control. Trace functionality: With the exception of online configurations Objects supported by WinCC for Multiuser Engineering The objects listed below are supported for the WinCC product: Screens: With the exception of global screen, overview screen, slide-in screens and global filtering of the alarm view. Scripts: With the exception of the header file "GlobalDefinitions.h". Tags: With the exception of system tags, recipe tags, archive tags and raw data tags generated by the system. WinCC Advanced V14 System Manual, 10/2016 7153 Using Team Engineering 15.3 Using Multiuser Engineering Alarms: With the exception of system alarms, controller alarms, predefined system alarm classes (including "Safety Warnings" for KTP700F, KTP900F), system class groups and system alarm groups as well as message blocks. Text lists, graphic lists and C text list entries NOTICE Editing unsupported objects in the local session Objects that are not supported can be edited in a local session but cannot be marked. Changes to unsupported objects are not applied to the server project during check-in. Changes to such objects are lost after check-in and after a refresh in the local session, because they are once again overwritten with the contents of the server project. You can, however, edit such objects that are not supported in the usual way in the server project view. 15.3.6 Settings for working with Multiuser Engineering Introduction For working with Multiuser Engineering you can make the following multiuser-specific settings in the TIA Portal under "Options > Settings" on the "Multiuser" tab: General Multiuser server connection Multiuser network profiles Searching in the project Storage settings Compilation settings The individual setting options are described below. General In the "General" settings, you can select whether the editors opened in the local session are to be hidden when the server project view is opened. This option is enabled by default. 7154 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Multiuser server connection This dialog is used to add new server connections for a selected multiuser server. To create this connection, click the "Add server connection" button. In the following dialog box, enter the server name and the associated host and port under "Server Name". Select the required transmission protocol for the server connection. "http" is selected by default as transmission protocol. Click "Add". The new multiuser server connection is added and displayed. See also Introduction to the multiuser server (Page 7220). Multiuser network profiles You have the option to select from the drop-down list the required network profile that matches the performance capability of the network you are using The selected multiuser network profile determines the time until a timeout message is generated. You will find a detailed description of the individual network profiles at Setting the multiuser network profiles (Page 7221). Searching in the project The data for the search must be indexed in order for the global search to also work in local sessions. This option is enabled by default so that the indexing for the search is always executed during check-in. This is the recommended setting. If you disable this option, the indexing is not executed during check-in but instead at a different time. The indexing data is then transferred first as file to the multiuser server. However, a search in the local session is only possible after indexing has been successfully completed. If no indexing was performed during check-in, this can result in somewhat longer waiting times when searching and prolong the check-in times of other editors that have activated this option. Storage settings Here you can define where your local sessions and your multiuser server projects will be saved. Storage location currently used This option is enabled by default. Defining a storage location by default Select the respective required storage location here by navigating to the required location. Click "Browse" for this purpose. Your settings are applied as default. WinCC Advanced V14 System Manual, 10/2016 7155 Using Team Engineering 15.3 Using Multiuser Engineering Compilation settings Define here the required compilation settings for your local sessions. The settings made here are applied as defaults in the multiuser editor and can no longer be changed there. Select the required settings. Compile before check-in This option is enabled by default and means that a compiling process is executed before the check-in. Compile mode: The compile mode defines the extent to which the software changes are compiled. You have the following options. - Marked objects (changes only) The changes made to the marked objects for the selected device are compiled together with the device-specific objects. - Device software (changes only) The changes made to the marked objects are compiled together with the software version on the assigned devices. Example: You have marked and changed several objects that belong to more than one device (for example to CPU_1 and to CPU_2). These marked objects are compiled together with the software versions of both CPUs during compiling. Disable compilation settings in the multiuser editor If you activate the option, you can no longer change the compilation settings in the multiuser editor. The settings you made here then apply as default. See also Setting the multiuser network profiles (Page 7221) Introduction to the multiuser server (Page 7220) 15.3.7 Requirements for multiuser projects Introduction To work with Multiuser Engineering simultaneously and in parallel, it is very important that the multiuser server project that serves as the work basis is clearly structured. Requirements for multiuser server projects To create multiuser capable server projects, start with a single-user project that fulfills the following requirements: The project should already include the hardware configuration with all required connections. Divide the user program into program parts that are independent of each other. 7156 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Create a useful, technology-oriented project structure with folders and groups for the objects to be edited by the individual users. When structuring the project, make sure that multiple users can work with the different project directories simultaneously and exclusively. Example: One user edits the blocks in group 1 while another user simultaneously edits the blocks in group 2. Use a main OB and a central FB or FC for each program part which calls the functions of the subprogram. If possible, create a separate PLC tag table for each group. You should define in advance all needed project languages that are to be used by the engineering systems involved. If possible, create all connections that are to be edited in the multiuser project. Define the screen resolution and specify the size of the HMI screens. Use global data blocks to save the data for the individual program parts, no bit memories. When you load a single-user project created according to these rules to a multiuser server, it becomes a multiuser project. Edit the defined objects of the multiuser project simultaneously with multiple users in the local sessions. When you create new objects in the local sessions, make sure that you use different symbolic names. Example of a server project for multiple users The figure below shows an example of a server project for multiple users with a clear structure that permits parallel editing of individual objects in the context of Multiuser Engineering . Each program part contains a "main FB", which calls the specific lower-lever functions for this program part. The program parts edited by the individual Engineering Systems are: Program part 1: "Conveyer" Program part 2: "Drill" Program part 3: "FurtherProgramPart" In the "Conveyer" program part, the "ConveyerMainFB" calls the "ConveyerStartupFC" function. WinCC Advanced V14 System Manual, 10/2016 7157 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.8 Operator controls in Multiuser Engineering 15.3.8.1 Multiuser icons in the user interface Introduction When you are working with Multiuser Engineering and a local session is open, you can see multiuser-specific icons in the TIA Portal user interface. Multiuser icons in the toolbar The Multiuser Engineering user interface shows the following icons in the toolbar when a local session is open: 7158 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Icon Meaning Check-in When you click this icon, the multiuser editor opens in the change view. In the modification view, all objects marked for check-in are displayed and you can select and check in the desired objects. Refresh When you click this icon, the multiuser editor opens in the "Refresh" view. In this view, you can, if you wish, refresh your local session with the new contents of the server project. Open/close server project When you click this icon, the multiuser server project associated with your local session is opened for editing. You can then make your changes directly in the server project. Server status "connected" This icon indicates that the associated multiuser server is available. Server status "locked" This icon indicates that the associated multiuser server is currently being used by a user and is therefore locked. The server is also displayed as locked when a user is working the server project view. If you place the mouse pointer on this icon, you will receive additional information about the lock. Server status "not connected" This icon indicates that the associated multiuser server is not connected. Icons for display of multiuser projects The following icons are displayed for multiuser projects and local sessions in the user interface: Icon Meaning Multiuser server This icon identifies a multiuser server. Multiuser project This icon identifies a multiuser project associated with a multiuser server. Local session This icon identifies a local session that is associated with a multiuser project that is assigned to a multiuser server. 15.3.8.2 Multiuser icons in the user interface Introduction When working with Multiuser Engineering , multiuser-specific icons are displayed in the TIA Portal user interface which make it easier for multiple users to work at the same time. A unique, user-specific visualization is intended to make collaboration within multiuser projects and in local sessions more effective and transparent. WinCC Advanced V14 System Manual, 10/2016 7159 Using Team Engineering 15.3 Using Multiuser Engineering Marking objects To edit an object using Multiuser Engineering, it should first be "marked". Only objects marked for check-in can be transferred into the server project after editing. Marking can only be added for "marked objects". Objects that cannot be edited in the local session also cannot be marked. Such objects can, however, be edited in the server project view. The icons described below show you which objects were marked by you or other editors. Icons for marking in Multiuser Engineering The following icons are used for marking in Multiuser Engineering : Icon Meaning Markable object This object can be marked for check-in by clicking it. Marked object The object was marked in your own local session for check-in. Marked object The object was marked for check-in in a different session or in the server project view. Marked object with conflict The object was marked for check-in in multiple local sessions or in a local session and in the server project view and causes a conflict. An object should only be marked for check-in once within the entire multiuser working area (with the local session and within the server project view). An object marked in red can still be checked in. However, the check-in may cause unwanted overwriting in the server project because only the last checked in version is applied in the server project. Object is outdated If one of the icons mentioned above Is also identified with this overlay, the object does no longer correspond to the latest version of the server project and should definitely be updated. If the object is checked in without refresh, the editing of the other user is overwritten and thus cancelled. The refresh ensures that all editors of a multiuser project have a consistent version. Note Objects without flags Note that objects without flag can only be edited in the server project view and not in the local session. 7160 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Display of multiuser markings in the TIA Portal When you are working with Multiuser Engineering in the local session or in the server project, the multiuser-specific markings are displayed in the following views of the TIA Portal in all editors: In the project tree In the detail view In the overview window In the library views An additional first table column is available in all table displays within the project tree when working with Multiuser Engineering. The first table column is reserved for the multiuser-specific markings described above. The following figure shows an example of multiple selected objects in the project tree: 15.3.8.3 Multiuser banner in the user interface Introduction When working with Multiuser Engineering , you are supported by the display of multiuserspecific banner texts in editors. Banner texts include notes and warnings on the further procedure which make your work easier. WinCC Advanced V14 System Manual, 10/2016 7161 Using Team Engineering 15.3 Using Multiuser Engineering Banner texts can be expanded and collapsed by clicking the yellow circle with the exclamation point. Example of a multiuser banner text Functionality of the multiuser banner texts Banner texts are displayed both when working into the local session and when working in the server project view. As soon as you need additional information to work with Multiuser Engineering , a yellow banner text appears. The multiuser banner texts have the following function: Information about how to edit the opened object: - Banner texts point out, for example, that the opened object has not been selected for check-in yet and your changes therefore cannot be applied to the server project. - Or they make you aware that this specific object cannot be edited in the local session but only in the server project view. Links make for easier execution of the further sequences required. - You can use the links, for example, to conveniently mark the open object or open the server project view in which you will continue editing. As soon as you have executed the required sequences in the individual editors, the banner texts are partially deleted in the editor once again and you can continue working as usual. 15.3.8.4 Functionality of the multiuser editor Introduction You can call the multiuser editor with the "Check-in" and "Refresh local session" buttons in the Multiuser Engineering toolbar. The multiuser editor has two different views, depending on the button with which the editor was started in the multiuser toolbar: "Check-in" view: Opened by clicking the "Check-in" button in the toolbar of the project tree. "Refresh" view: Opened by clicking the "Refresh local session" button in the toolbar of the project tree. The "Update" view can only be opened when the local session contains objects that can be updated. The structure of the multiuser editor is the same in both views, but each view offers different buttons and options. 7162 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Note Displaying in the multiuser editor If you have opened the multiuser editor and simultaneously make changes in your local session, these changes are only visible in the open editor after a "Refresh". To do this, click the "Refresh" button (circular arrow) in the open editor. Multiuser editor in the "Check-in" view The figure below shows an example of the multiuser editor in the "Check-in" view: WinCC Advanced V14 System Manual, 10/2016 7163 Using Team Engineering 15.3 Using Multiuser Engineering Multiuser editor in the "Refresh" view The figure below shows an example of the multiuser editor in the "Refresh" view: Structure of the multiuser editor The multiuser editor has the following structure: 1. Toolbar: Shows the icon for saving the layout settings. 2. Button area: Shows the multiuser-specific buttons for the check-in and refresh. 3. Working area: Shows the change view prior to check-in or refresh. Shows all objects marked in the local session for check-in and refresh as these are also displayed in the project tree. Shows the status messages with the results for the check-in and the refresh. The "PLC_Tags" folder can be opened. Clicking on the tag table in the bottom window in the detail view shows the tags selected for check-in. The "Library objects" folder is only displayed when library objects were marked for checkin. If the folder is selected, the selected library objects are displayed in the detailed view. The "Deleted objects" folder is only displayed if objects were deleted in the local session. If the folder is selected, all objects that were deleted in the local session are displayed in the detailed view. 4. Detailed view: 7164 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Shows information on lower-level elements (in this case, the selected PLC tags) and status messages. Note Procedure for working with the multiuser editor The procedures for working with the multiuser editor are described in detail in the sections below. 15.3.9 Installing and uninstalling the Multiuser server 15.3.9.1 Notes on the installation of the multiuser server Introduction Installation of the multiuser server gives you access to the Multiuser Engineering functionality that is available with TIA Portal V14. You can install the multiuser server as follows: Together with the installation of the TIA Portal. As standalone installation by means of a separate installation process without TIA Portal. Note Administrator rights are required for the server installation. Installation of the multiuser server with the TIA Portal The multiuser server is installed together with the following TIA Portal products: SIMATIC STEP 7 Basic V14.0 SIMATIC STEP 7 Professional V14.0 SIMATIC WinCC Basic V14.0 SIMATIC WinCC Comfort/Advanced V14.0 SIMATIC WinCC Professional V14.0 The multiuser server is usually activated in the product selection by default and is then installed with the TIA Portal. Check the settings during installation of the TIA Portal. You can find the specific default settings for the multiuser server during setup when selecting the product in the directory "Tools". By selecting or clearing the options, you can specify if the multiuser server is to be installed along with the TIA Portal or not. WinCC Advanced V14 System Manual, 10/2016 7165 Using Team Engineering 15.3 Using Multiuser Engineering Installation of the multiuser server as standalone installation The installation of the multiuser server can also be a standalone installation. A description of automated installation is also available on the product DVD in the directory "Documents\Readme\<language directory>". Identical TIA Portal versions during installation When installing different TIA Portal products on various clients, make sure that all participants use the same versions of software products for the installation. For example, if you have installed STEP 7 Professional, WinCC Advanced and Safety as well as the multiuser server with version V14.0, all other Team Engineering participants must also have installed this software in identical versions. The service packs and updates must be installed for all products at the same time. Installation path Do not use any UNICODE characters (for example, Chinese characters) in the installation path. Antivirus programs During the installation, read and write access to installed files is necessary. Some antivirus programs block this access. We therefore recommend that you disable antivirus programs during the installation of the multiuser server and enable them again afterwards. 15.3.9.2 Installing the multiuser server Introduction The multiuser server V14 can be installed as part of the TIA Portal V14 installation or as standalone product. A description of automated installation is also available on the product DVD in the directory "Documents\Readme\<language directory>". Installation rules Multiple versions of the multiuser server can be installed on a computer, but only one version of the multiuser server can be run with the corresponding version of the TIA Portal. Example: The multiuser server V14.0 can only be run with TIA Portal V14.0. Requirements for installation The same requirements apply to the installation of the multiuser server V14.0 as for the installation of the TIA Portal V14.0. 7166 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering For more details, see: AUTOHOTSPOT Installing the multiuser server with the TIA Portal Follow these steps for installation: 1. Note the requirements for the installation of the selected software package. 2. Start the setup program of the required product by inserting the installation medium into the respective drive. 3. Select the preferred settings and click the "Install" button. 4. Make sure that the multiuser server is selected in the product selection and observe the notes in the setup dialogs. Result The multiuser server is installed on your computer together with the TIA Portal. Installing the multiuser server as standalone product Follow these steps for installation: 1. Note the requirements for the installation of the multiuser server. 2. Start setup for the standalone installation of the multiuser server with a double-click on the self-extracting .exe file "TIA_Portal_Multiuser_Server_V14.exe". You can find these files in the directory "Support" on the corresponding product DVD. 3. Select the preferred settings and click the "Install" button. 4. Follow the instructions in the setup dialogs. Result The multiuser server is installed on your computer. 15.3.9.3 Uninstalling the multiuser server Introduction You can use the Control Panel to remove the multiuser server. Requirements for removal There is a multiuser server installed on your computer. WinCC Advanced V14 System Manual, 10/2016 7167 Using Team Engineering 15.3 Using Multiuser Engineering Uninstalling the multiuser server Proceed as follows for removal: 1. Open the Control Panel. 2. Click on "Uninstall a program" in the Control Panel. The "Uninstall or change a program" dialog opens. 3. Right-click the entry for the "Multiuser server" in the "Uninstall or change a program" dialog, and click "Uninstall". A security prompt appears. 4. Click "Yes" to confirm this prompt. Result The multiuser server is removed from your computer. 15.3.10 Configuring and managing the multiuser server 15.3.10.1 Options for configuring and administering the multiuser server Introduction The following options are also available for configuring and administering the multiuser server: Using the graphic tools (Configuration Tool and Administration Tool). Using the command line tools (Multiuser Administrative Tools and Multiuser Power Tools). You can configure and manage multiuser server with both methods. The graphical tools are easier to operate using the graphical user interface. The command line tools have a somewhat wider range of functions with respect to the error log. You can compress and send the error logs as a zip file. You have the option of using the procedure you prefer. Administrator rights are required for configuring the multiuser server irrespective of the selected procedure. You need administrator rights for some for administrative tasks (for "User Management") and users' rights. Note Available languages The tools for configuring and administering the multiuser server are available in English only. 7168 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Configuration and administration with the graphic tools The graphic tool provides you with a very convenient way of configuring and administering the multiuser server. You see at a glance all setting options and can activate these by selecting the corresponding options. You can find the exact procedure in: Using the graphic tool (Page 7169) Configuration and administration with the command line tools The configuration of the multiuser server is performed with the administrative tools. The power tools are used for administering the multiuser server. The power tools for performing administration tasks on the multiuser server are also available to you within the TIA Portal. You can find the exact procedure in: Using the command line tools (Page 7188) Note Working with the command line tools For working with the command line tools, you should have prior experience handling inputs in the command line. If you lack this experience, you should use the more user-friendly graphic user interface for configuring and administering the multiuser server. See also Using the command line tools (Page 7188) Using the graphic tool (Page 7169) 15.3.10.2 Using the graphic tool Introduction to the graphic multiuser tools Introduction The multiuser server can be easily configured and administered with the help of the graphic tools. You use the "ConfigurationTool" to configure the multiuser server. You use the "AdministrationTool" to administer the multiuser server. You need administrator rights in some areas to configure the multiuser server. WinCC Advanced V14 System Manual, 10/2016 7169 Using Team Engineering 15.3 Using Multiuser Engineering Note Configuration tool and Administration tool The user interfaces for both tools are available in English only. Requirement The multiuser server is installed. Steps for configuring the multiuser server with the "Configuration Tool" To configure the multiuser server, the following steps are required: Open the graphic tool for the multiuser server configuration with administrator rights. To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". Click on the "Multiuser Server V14 Configuration" entry to open the Configuration Tool. Enter the required information and click "Install service". You can find the exact procedure in: Configuring a multiuser server with the graphic tool (Page 7171) Steps for administering the multiuser server with the "Administration Tool" To administer the multiuser server, the following steps are required: Open the graphic tool for the multiuser server administration. To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". Click on the "Multiuser Server V14 Administration" to open the Administration Tool. Insert a connection to the desired multiuser server and enter the data for the administration of the server. Assign the desired roles and rights for working with the newly created multiuser server connection under "User Management". Administer your local sessions under "Sessions". Under "History", you will find the complete history with all activities for your projects. You can find the exact procedure in: Administering a multiuser server with the graphic tool (Page 7175) See also Configuring a multiuser server with the graphic tool (Page 7171) Administering a multiuser server with the graphic tool (Page 7175) 7170 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Configuring a multiuser server with the graphic tool Introduction You use the graphic "Configuration Tool" to configure the multiuser server. Note Configuration Tool The user interface for the Configuration tool is available in English only. You need administrator rights to work with the Configuration Tool. The following functions can be executed with the "Configuration Tool": "Server status" area Contains the above-displayed contents the first time the Configuration tool is opened. This area is not editable. Once the configuration has been successfully completed, the server can be uninstalled, started and stopped in this area. "Connection settings" area Allows you to select the connection data. "Security" area Offers the option to create a new certificate or to use an existing certificate for a selected https connection. "Storage" area Allows you to select the storage location for multiuser projects. Specifies how many project versions are available as "rollback". Note Changes to existing inputs To apply changes to existing inputs in the Configuration tool, you must click the "Apply" button. WinCC Advanced V14 System Manual, 10/2016 7171 Using Team Engineering 15.3 Using Multiuser Engineering Note Memory space on the multiuser server For the project management, you need to have sufficient free space on the multiuser server, depending on the project size and the number of project revisions. Basically, the provided space should be at least five times the expected size of the project. When using more than three project revisions, the free memory space must be increased accordingly. You set the number of project revisions when configuring the multiuser server. Generally, you should provide sufficient storage capacity and also take into account or evaluate the messages of the operating system as the memory space decreases. Requirement The multiuser server is installed. 7172 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering User interface of the Configuration tool The user interface of the Configuration tool contains the following the first time it is opened: WinCC Advanced V14 System Manual, 10/2016 7173 Using Team Engineering 15.3 Using Multiuser Engineering Configuring the multiuser server with the "Configuration Tool" To configure the multiuser server, follow these steps: 1. Open the graphic tool for the multiuser server configuration with administrator rights. To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". Click on the "Multiuser Server V14 Configuration" entry. The user interface of the Configuration Tool then opens. 2. In the "Connection settings" area, select the desired protocol. Default selection is "http". The text with yellow background is hidden as soon as you click on "https". With "https", communication is encrypted and a certificate is requested. This means communication has a higher security level than the unencrypted "http" communication. 3. Enter the desired port for the server connection if you do not want to use the default setting. 4. Select the desired "Timeout profile" for the server from the drop-down list. This setting defines the timeout behavior for the server. You have the option of selecting between three profiles: "Fast", "Middle" and "Slow", where the default setting is "Fast". 5. "Security" area: If you have selected "https" as the protocol, the "Security" area is activated. Select the desired option for the certificate. You have the option of creating a new certificate or using an existing certificate on your computer. If you activate the first option, a new certificate is created after successful completion of the configuration. If you activate the second option, you can click on the desired certificate in the displayed list of certificates to select it. 6. Under "Storage", specify the desired storage location for multiuser projects. You can enter the path directly or navigate to the desired location via "Browse". 7. Select the number of project versions to be stored from the subsequent drop-down list. Three project versions are saved by default. You can choose to store between "1" and "10" project versions. 8. Click "Install service" to complete the configuration. Result A message informs you that the configuration of the multiuser server was successful. In the "Server status" area, you will find the URL for the multiuser server and the fingerprint for the generated certificate under "Client info". Example: https://XY12345.ww00X.siemens.net:8735/ C35F81B179062BA92A3EAE4DBF18B0DEA9F50D8A If you access the server from the client side, you should always check the certificate in order to ensure secure communication with the multiuser server. The configuration of the multiuser server is now complete. 7174 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Error correction in the Configuration tool If warnings or errors occur, you will find specific information about these in ServerConfiguration.log. Proceed as follows: 1. Click on "View Log" in the yellow highlighted area in order to open ServerConfiguration.log. 2. Correct the errors and warnings displayed in the log file. 3. Restart the Configuration tool if it is no longer open. 4. Click the "Install Service" button. Result A message informs you that the configuration of the multiuser server was successful. The configuration of the multiuser server is now complete. Administering a multiuser server with the graphic tool Introduction You use the graphic "Administration Tool" to manage the multiuser server. Note Administration Tool The user interface for the Administration tool is available in English only. To work with the Administration Tool, you need administrator rights for "User Management". The Administration Tool is also available outside the multiuser server. The following functions can be performed with the "Administration Tool": 1. Add and delete server connections ("Add server" and "Remove server") 2. Define "User Management" for the server connections ("Manager", "Contributor", "Member") 3. Manage existing multiuser projects and sessions - Specify user management for projects and sessions: ("Manager", "Contributor", "Member") - Projects: Lock, unlock, and delete ("Lock/Unlock project", "Delete project") - Sessions: Display and delete ("Delete selected session") 4. Show "History": Project history with all data and display of the stored project revisions ("Rollback to selected revision" and "Export selected revision") WinCC Advanced V14 System Manual, 10/2016 7175 Using Team Engineering 15.3 Using Multiuser Engineering Requirement The multiuser server is installed. The multiuser server has already been configured. You have already created projects as multiuser projects and created local sessions in the TIA Portal. Note Multiuser projects and local sessions If you have not yet created multiuser projects and local sessions on the multiuser server in the TIA Portal, no information regarding these will be displayed when you administer the multiuser server. User interface of the Administration tool The user interface of the Administration tool has the following appearance the first time it is opened: Structure of the Administration Tool The left side of the tool shows you a list of configured server connections once you have established a connection to the multiuser server via "Add server connection". 7176 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering On the right side, you receive additional information about the objects selected on the left in a detail view. Both pages contain their own toolbar for executing the displayed administration functions. The view can be expanded and collapsed by clicking the "Administration" button. Note "Reload" button Clicking this button updates the display for the selected object in the Administration Tool. The exact procedures for working with the Administration tool are described in the following. See also Configuring a multiuser server with the graphic tool (Page 7171) Adding and deleting a new server connection Introduction You can add and delete new multiuser server connections with the graphic "Administration" tool. These commands can be executed using the commands in the toolbar or from the shortcut menu. Note Administration Tool The user interface for the Administration tool is available in English only. You need administrator rights to work with the Administration tool. Requirement The multiuser server is installed. The multiuser server has already been configured. WinCC Advanced V14 System Manual, 10/2016 7177 Using Team Engineering 15.3 Using Multiuser Engineering You have already created projects as multiuser projects and created local sessions in the TIA Portal. Note Multiuser projects and local sessions If you have not yet created multiuser projects and local sessions on the multiuser server in the TIA Portal, no information regarding these will be displayed when you administer the multiuser server. Adding a new server connection Proceed as follows: 1. Open the graphic tool for the multiuser server administration. To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". Click on the "Multiuser Server V14 Configuration" entry to open the Configuration Tool. 2. Click "Add server connection". 3. In the dialog that follows, enter the desired connection data for your server connection as shown by way of example in the graphic: Note Connection information for the local multiuser server If you want to connect to the local multiuser server, you must start it first. The local multiuser server is started automatically when you open a local session in the TIA Portal. Alternatively, you can restart the local multiuser server by double-clicking on the file "Siemens.Automation.Portal.LocalServer.exe" under "bin" in the installation directory of the TIA Portal. You can see the connection information for the local multiuser server after opening the displayed command window. 7178 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering 4. Click on "Add" to add the server connection. Servers in 5. Click on the triangle of the new server connection to activate the connection and view the project list. 6. If you use an "https" connection, you are prompted to confirm the validity of the displayed certificate. You have already specified the utilized connection protocol when configuring the multiuser server under "Connection settings". Compare the fingerprint of the displayed certificate with the certificate generated during configuration. Click "OK" when both fingerprints match. 7. If the multiuser server does not recognize the login data you used, you are prompted to enter alternative connection data for access to the server. Enter alternative login data that the multiuser server recognizes in the displayed "Sign in" dialog under "Sign in as another user". Result The new server connection is displayed in the left part of the Administration tool. You see the number of existing multiuser projects on the right. If you expand the new server connection in the left area, you see a list of all existing projects and other setting options. Delete an existing server connection Proceed as follows: 1. Select the desired server connection on the left side of the Administration tool. 2. Click on the "Remove server" button or select the command "Remove" from the shortcut menu. 3. Confirm the next prompt with "Yes". Result The selected server connection is deleted. WinCC Advanced V14 System Manual, 10/2016 7179 Using Team Engineering 15.3 Using Multiuser Engineering Accessibility of the multiuser server If the multiuser server is not accessible, you receive the following error message: Proceed as follows: 1. Check the displayed connection data. 2. Ensure that the selected server is started. 3. Delete the invalid server connection by clicking on it and then clicking "Remove server". 4. Confirm the next prompt with "Yes". 5. Click "Add server" and create a new server connection to a started multiuser server with valid connection data. Result The new server connection is displayed with valid connection information on the left. Define "User Management" for the multiuser servers and projects Introduction With the graphical "Administration Tool", you specify the rights for working with multiuser server connections, multiuser projects and local sessions. The rights concept is based on the Windows access rights for folders and files. You can find the "User Management" entry in the Adminstration Tool below each server connection as well as below each project and each local session. Depending on where you call the "User Management", you specify the corresponding authorizations. You use the "User Management" to specify explicit personal authorizations for the following roles: Manager (full access) Contributor (partial access, no deleting) Member (read-only authorization) 7180 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering The following functions can be executed for each role using the buttons: "Add new": Adds new users with the corresponding authorizations. "Remove selected user: Removes the selected user "Promote selected user": Moves the selected user up to the next higher authorization group. "Demote selected user": Moves the selected user down to the next lower authorization group. The rights that are specified for the server connections are passed on to the authorizations for projects and local sessions. Note Administration Tool The user interface for the Administration tool is available in English only. You need administrator rights to work with the "User management". After changing the permissions, the project must be restarted. Requirement The multiuser server is installed. The multiuser server has already been configured. You have already created projects as multiuser projects and created local sessions in the TIA Portal. Note Multiuser projects and local sessions If you have not yet created multiuser projects and local sessions on the multiuser server in the TIA Portal, no information regarding these will be displayed when you administer the multiuser server. WinCC Advanced V14 System Manual, 10/2016 7181 Using Team Engineering 15.3 Using Multiuser Engineering Assigning access rights Proceed as follows: 1. Open the graphic tool for the multiuser server administration. - To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". - Click on the "Multiuser Server V14 Administration" to open the Administration Tool. 2. Double-click "User Management" below the desired entry on the left side. - When you click on "User Management" below a server, you assign the rights for working with the server. - When you double-click "User Management" below a project, you assign the rights for working with the project. 3. "User Management" opens and displays the possible settings on the right side. You already see which rights have been assigned for the associated server connection. These rights are inherited for the projects. 4. Click on "Add new" to add new users for the displayed roles. 5. Enter the required data in the subsequent Windows dialog and click "OK". 6. You can use the "Demote selected user" and "Promote selected user" buttons to move users up and down to other permission groups. 7. You can use the "Remove selected user" button to remove the selected user again. 8. Assign the desired rights and roles via "User Management" for both the server as well as for the lower-level projects and sessions. 7182 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Managing multiuser projects and local sessions Introduction You can manage the sessions created for a project with the graphical "Administration Tool". Under "Sessions", you can see the local sessions for the selected multiuser project. You can find the "Sessions" entry in the "Administration Tool" below each project. Note Administration Tool The user interface for the Administration tool is available in English only. Requirement The multiuser server is installed. The multiuser server has already been configured. You have already created projects as multiuser projects and created local sessions in the TIA Portal. Note Multiuser projects and local sessions If you have not yet created multiuser projects and local sessions on the multiuser server in the TIA Portal, no information regarding these will be displayed when you administer the multiuser server. WinCC Advanced V14 System Manual, 10/2016 7183 Using Team Engineering 15.3 Using Multiuser Engineering Display project details and manage projects Proceed as follows: 1. Open the graphic tool for the multiuser server administration. - To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". - Click on the "Multiuser Server V14 Administration" to open the Administration Tool. 2. Click on the desired project so that the project details are displayed on the right side. The following information about the projects is displayed: "Project name": Displays the project name "State": Displays the project status ("locked" or "unlocked"). "Created by / date": Editor who created the project and the creation date for the project. "Last changed by / date": Editor who last amended the project and the change date for the project. "Number of sessions": Number of local sessions that belong to the project. "Comment": Display of project comments, if available. 3. To delete a project, select the respective project and then click on the "Delete project" button. Projects can only be deleted if there are no local sessions for them. 4. Confirm the next prompt to delete the project. 5. To unlock a locked project, select the respective project and then click on the "Unlock project" button. 6. Confirm the next prompt to unlock the project. 7184 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Display and delete local sessions Proceed as follows: 1. Open the graphic tool for the multiuser server administration. - To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". - Click on the "Multiuser Server V14 Administration" to open the Administration Tool. 2. Click on "Sessions" on the left below the desired multiuser project. 3. The following information on the existing sessions is displayed on the right in the "Administration Tool". "Id": Increments the existing sessions. "Local path": Displays the set local disk space for the sessions. "Computer name": Displays the name of the computer where the session is located. "Created by": Displays the name of the creator. "Project revision": Displays the project version to which each session belongs. 4. Select the desired session and click on the "Delete selected session" button to delete it. 5. In the following dialog, click "OK" to delete the selected session. Note Number of project revisions You set the number of project revisions when configuring the multiuser server. For more details, see: Configuring a multiuser server with the graphic tool (Page 7171) See also Configuring a multiuser server with the graphic tool (Page 7171) WinCC Advanced V14 System Manual, 10/2016 7185 Using Team Engineering 15.3 Using Multiuser Engineering Show "History" for projects Introduction You can view the history of the created projects with the graphical "Administration Tool". You can also perform a "rollback" to a desired revision and export a project as "single-user project". You can find the "History" entry in the "Administration Tool" below each project. Note Administration Tool The user interface for the Administration tool is available in English only. Requirement The multiuser server is installed. The multiuser server has already been configured. You have already created projects as multiuser projects and created local sessions in the TIA Portal. Note Multiuser projects and local sessions If you have not yet created multiuser projects and local sessions on the multiuser server in the TIA Portal, no information regarding these will be displayed when you administer the multiuser server. 7186 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Show "History" Proceed as follows: 1. Open the graphic tool for the multiuser server administration. - To open the start menu, click the command "Start" > "All Programs" > "Siemens Automation". - Click on the "Multiuser Server V14 Administration" to open the Administration Tool. 2. Click on "History" on the left below the desired multiuser project. The history displays all existing project revisions. The following information on the existing sessions is displayed on the right in the "Administration Tool". "Availability": Indicates whether the session on the server is still available. "Revision number": Displays the revision number. "Computer name": Displays the name of the computer on which the revision was created. "Created by": Displays the name of the creator. "Creation date": Displays the creation date of the revision. "Comment": Displays the comment for the revision, if any. 3. You can use the "Rollback to selected revision" button to roll back a selected session to the selected revision. 4. A new line is then created showing the new revision with the comment "Rollback to revision <number>". 5. To export the revision as a single-user project, click on the "Export selected revision" button. 6. Select the desired storage path in the subsequent dialog and click "OK". WinCC Advanced V14 System Manual, 10/2016 7187 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.10.3 Using the command line tools Introduction to the multiuser command line tools Introduction The multiuser server can be configured and managed with the help of the Multiuser Administrative Tools and the Multiuser Power Tools. Administrator rights are required for the configuration of the multiuser server with the Administrative Tools. User rights are required for administrative tasks with the Power Tools. The Multiuser Power Tools are also available in the TIA Portal for administrative tasks on the multiuser server. Requirement The multiuser server is installed. Steps for the configuration of the multiuser server with the Administrative Tools The server is installed and managed using a command line command. To configure the multiuser server, the following steps are required: Call the multiuser server Administrative Tools with administrator rights. The complete installation is executed with the command: musrv.exe install -r d:\TIA\SRV -p 5080 -b https The project directory (repository) is created automatically. The definition of the protocol and the port address is already contained in this command, together with the integrated certificate administration for secure HTTPS communication. Windows tools are used to create new certificates and select existing certificates. You can find additional commands for configuring the multiuser server here: Commands for configuring the multiuser server (Page 7192) Note Enabling the firewall port The specified port is automatically enabled in the firewall for access to the multiuser server. 7188 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Managing the multiuser server with the power tools To manage the multiuser server, the following steps are required after installation of the server: To access the multiuser server, a port may have to be enabled in the firewall. To manage the multiuser server, the multiuser management or the multiuser server power tools must be called. You can find additional commands for managing the multiuser server here: Commands for managing the multiuser server (Page 7195) User and rights management The user and rights management for the multiuser server is based on the user management for the Windows user accounts. Project-specific rights assignment is possible. The use of group guidelines enables simple, fast and clear assignment of rights. Project management Project management enables a fast overview of existing projects and associated local sessions. Multiuser projects and local servers can be conveniently managed. The project management can be automated by scripts (batch files). Error messages If an action cannot be executed successfully, a corresponding error message is displayed. You can find the error descriptions in the corresponding tools by calling the help for the tools: Calling help in the administrative tools: Open the Administrative Tools as follows: Copy the command "musrv" to the command line and press "Enter". Calling help in the power tools: Open the Power Tools as follows: Copy the command "mupt" to the command line and press "Enter". See also Commands for configuring the multiuser server (Page 7192) Commands for managing the multiuser server (Page 7195) WinCC Advanced V14 System Manual, 10/2016 7189 Using Team Engineering 15.3 Using Multiuser Engineering Configuring the multiuser server with the administrative tools Introduction Before you can use the installed external multiuser server as part of Multiuser Engineering , the server must be configured. When you configure the multiuser server using the Multiuser Administrative Tools , you use the commands described below, which you execute in the command line. The following actions are automatically executed when you input the "Install" command described below: The Windows service for the multiuser service is installed. A firewall activation for the specified port is added via a TCP connection. Performance monitoring installed to monitor the multiuser server. The storage directory, called "Repository", is created if it does not already exist. The "binding" is defined, whether you use "https" (recommended) or "http" as transfer protocol. The "fingerprint" to confirm a valid certificate is transferred to the server. The multiuser server can then be used. Note You need administrator rights to configure the multiuser server. Requirement The multiuser server is installed. Note The commands as well as the associated help and information texts within the command line are only available in English. 7190 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Procedure To configure the multiuser server, follow these steps: 1. Open the tool for the multiuser server configuration with administrator rights. Under "bin" in the installation directory of the TIA Portal, double-click on the file "start-musrv.bat" to do this. 2. Copy the following command for server configuration with the required parameters to the command line and press "Enter". Command: => musrv install -r <repository-path> -p <port> -b <binding> -h <certificate-hash> => musrv install Example of the entry: musrv install -r c:\TIA\SERVER -p 5080 -b https -h <certificatehash> 3. If the command "musrv install" could not be executed successfully, you receive an error message for which you can view an explanation. Once these commands have been executed successfully, the multiuser server is configured. Configuration example If you do not enter any parameters, the system will prompt you interactively for the required parameters. Command Description Define "Repository-path" Enter the name and the path of the directory (Repository) in which the server is to save the files. Used in the above example: -r c:\TIA\SERVER If you enter a new directory that does not exist yet, the directory is automati cally created by the system. Important note: This directory and the data storage is retained even after deleting the server. If you reinstall the multiuser server after deleting it and enter an existing di rectory as "Repository", the data is also available on the new server without any restrictions. Define "Port" Enter the port you want to use for communication with the multiuser server. Used in the above example: -p 5080 Define "Binding" Used in the above example: -b https WinCC Advanced V14 System Manual, 10/2016 Define whether you want to use "https" (recommended) or "http" as transfer protocol. With "https", communication is encrypted and a certificate is requested. This means communication has a higher security level than the unencrypted "http" communication. 7191 Using Team Engineering 15.3 Using Multiuser Engineering Command Description "Certificate hash" = fingerprint for the certifi cate used For secure server communication, enter the fingerprint for the certificate you created or the certificate used. For more information on creating a certificate, refer to the Help for the respec tive Windows operating system. "Run service" = start service Use it to start the Windows service for the multiuser server. Example: musrv start You can find additional commands for configuring the multiuser server here: Commands for configuring the multiuser server (Page 7192) See also Commands for configuring the multiuser server (Page 7192) Commands for configuring the multiuser server Introduction The commands for configuring the multiuser server are available in the Multiuser Administrative Tools . Observe the basic procedures for configuring the multiuser server: Configuring the multiuser server with the administrative tools (Page 7190) Note The commands as well as the associated help and information texts within the command line are only available in English. 7192 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Commands for configuring the multiuser server The commands listed below are available: Command Description Possible entries "Install" Installs the multiuser server and ena bles communication with the server. Parameters: A configuration example is available at: -r, --repository: Directory in which the server data is to be stored. Configuring the multiuser server with the administrative tools (Page 7190) -p, --port: Port number for the server access -b, --binding: Specifies the protocol for the communication (http or https) -c, --certhash: Fingerprint of the certificate which is to be used for secure data transfer (is only required for https). Example: musrv install -r <repository-path> -p <port> -b <binding> -h <certificate-hash> "Config" Displays the current configuration of the Parameters: multiuser server and offers optional dy -t, --timeout: (optional): Definition of the utilized timeout namic configuration parameters. profile ("fast", "middle" or "slow"). -d, --debug: (optional): Defines whether runtime debug information is displayed by the server. Note: If you use the option "-d", no debug logs are displayed. Example: musrv config -d "Start/Stop" Starts or stops the multiuser server. Parameters: [-f], [--force]: (optional): Activates the command without further query Example: musrv start musrv stop "Uninstall" Uninstalls the multiuser server. Parameters: Uninstallation can also take place with Windows mechanisms. - [-f], [--force]: (optional): Activates the command without further query Example: musrv uninstall See also Configuring the multiuser server with the administrative tools (Page 7190) WinCC Advanced V14 System Manual, 10/2016 7193 Using Team Engineering 15.3 Using Multiuser Engineering Managing the multiuser server with the power tools Introduction To manage server projects and local sessions on the multiuser server as part of Team Engineering , use the commands described below that can be executed with the help of the Power Tools in the command line. The multiuser server can be managed via the Power Tools from any computer on which TIA Portal and Power Tools are installed. Your entries are stored in a "Session memory" and are then available the next time the Power Tools are opened. Note You need user rights to manage the multiuser server. Requirement The multiuser server is installed and a port is enabled in the Windows firewall so that the multiuser server is accessible. Procedure To manage the multiuser server, follow these steps: 1. Open the Power Tool for the multiuser server administration with administrator rights. Under "bin" in the installation directory of the TIA Portal, double-click on the file "start-mupt.bat" to do this. 2. Copy the command "mupt" to the command line and press "Enter". The help for the multiuser power tools is displayed. 3. Enter the required command for server management in the command line and press "Enter". The available commands are described under: Commands for managing the multiuser server (Page 7195) 4. If the command could not be executed successfully, you receive an error message. See also Commands for managing the multiuser server (Page 7195) 7194 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Commands for managing the multiuser server Introduction The commands for managing the multiuser server are available in the Multiuser Power Tools . Note The commands as well as the associated help and information texts within the command line are only available in English. "User names" and "Role names" "User names": All "User names" that are used must take the following format into account: <domain-or-machine-name>\<account>, e.g. ww004\adgrfl0 or MD17E4MC\adgrfl0. If the <domain-or-machine-name> is not assigned, Windows will automatically propose a corresponding domain for the account. "Role names": The following "Role names" with the corresponding access rights are available: Member (only read access) Contributor (read & write access) Manager (read and write access and role management). WinCC Advanced V14 System Manual, 10/2016 7195 Using Team Engineering 15.3 Using Multiuser Engineering Commands for managing the multiuser server The commands listed below are available: Command Description Possible entries "Display project" Lists all projects on the current multius Parameters: er server. -s, --server: Multiuser server URI address Example: %InstallDirectory% > mupt project show -s http://192.168.0.100:8057/ Help: "show-projects -?" "Delete project" Deletes specific projects on the multius Parameters: er server -s, --server: Multiuser server URI address -p, --project: Definition of the project to be deleted -f --force: (optional): Activates the command without further query Example: %InstallDirectory% > project remove -s http://192.168.0.100:8057/ -p MyProject Help: "delete-project -?" "Display Sessions" Lists all local sessions that are part of the current server project. Parameters: -s, --server: Multiuser server URI address -p, --project: Selection of the project Example: %InstallDirectory% > mupt session show -s http://192.168.0.100:8057/ -p MyProject Help: "show-sessions -?" "Delete Session" Deletes the selected local session on the multiuser server Parameters: -s, --server: Multiuser server URI address -p, --project: Selection of the project -i, --id: Session identification number -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt session remove -s http://192.168.0.100:8057/ -p MyProject -i 15 Help: "delete-session -?" 7196 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Command Description Possible entries "Remove project lock" Removes the lock for the multiuser project Parameters: -s, --server: Multiuser server URI address -p, --project: Selection of the project -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt project unlock -s http://192.168.0.100:8057/ -p MyProject Help: "remove-projectlock -?" "Show check-in history" Displays the check-in history for the se Parameters: lected server and the selected local ses -s, --server: Multiuser server URI address sion. -p, --project: Selection of the project -i, --id: Session identification number -u, --user: User name by which to filter. -d, --date: Date by which to filter. -r, --revision: Project revision by which to filter. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt checkin show -s http://192.168.0.100:8057/ -p MyProject Help: "show-checkinhistory -?" "Show server ac cess rights" Displays the defined user rights for the selected server. Parameters: -s, --server: Multiuser server URI address Example: %InstallDirectory% > mupt user show -s http://192.168.0.100:8057/ Help: "show-serveraccessrights -?" "Modify server ac cess rights" Modifies the access rights for the selec Parameters: ted server. -s, --server: Multiuser server URI address -r, --role: Selecting the role -u, --user: User name by which to filter. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt user add -u user1 r Manager -s http://192.168.0.100:8057/ Help: "modify-serveraccessrights -?" WinCC Advanced V14 System Manual, 10/2016 7197 Using Team Engineering 15.3 Using Multiuser Engineering Command Description Possible entries "Remove server access rights" Removes the access rights for the se lected server. Parameters: -s, --server: Multiuser server URI address -u, --user: User name by which to filter. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt user remove -u user1 -s http://192.168.0.100:8057/ Help: "modify-serveraccessrights -?" "Show project ac cess rights" Displays the defined user rights for the selected project. Parameters: -s, --server: Multiuser server URI address -p, --project: Project name for which the user rights are to be listed. Example: %InstallDirectory% > mupt user show -s http://192.169.0.100:8057/ -p MYProject Help: "show-projectaccessrights -?" "Modify project ac Modifies the user rights for the selected cess rights" project. Parameters: -s, --server: Multiuser server URI address -p, --project: Project name for which the user rights are to be listed. -r, --role: Selecting the role -u, --user: User name by which to filter. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt user add -u user2, user3 -r Member -p MyProject -s http:// 192.168.0.100:8057/ Help: "modify-projectaccessrights -?" 7198 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Command Description "Remove project access rights" Removes the access rights of the selec Parameters: ted user for the selected project. -s, --server: Multiuser server URI address Possible entries -u, --user: User name by which to filter. -p, --project: Project name for which the user rights are to be listed. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt user remove -u user3 -p MyProject -s http:// 192.168.0.100:8057/ Help: "remove-serveraccessrights -?" "Export project to single user" Exports the multiuser project as single- Parameters: user project to the specified path. -s, --server: Multiuser server URI address -p, --project: Project name for which the user rights are to be listed. -t, --path: Selection of the storage path Example: %InstallDirectory% > mupt project export -s http://192.168.0.100:8057/ -p MyProject -t D: \MyDirectory\ Help: "export-projectassingleuser -?" Command to reset the server to an older revision The command listed below is available. This command can only be executed if the server is not locked. "Project rollback" Resets the server to an existing older revision. Parameters: -s, --server: Multiuser server URI address -p, --project: Project name for which the user rights are to be listed. -v, --revision: Revision number of the project to which it is to be reset. -f, --force: (optional): Activates the command without further query Example: %InstallDirectory% > mupt project rollback s http://192.168.0.100:8057/ -p MyProject -v 132 WinCC Advanced V14 System Manual, 10/2016 7199 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.10.4 Confirm the certificate for a multiuser server Introduction When working with Multiuser Engineering , you must first specify the SSL Server certificate in order to establish a secure connection to an installed multiuser server. As soon as you start working in a local session for the first time after installation of the server, you are prompted to confirm the displayed certificate. When an existing certificate has expired, you are prompted to confirm it again. The mechanisms provided by Windows are used for managing the SSL server certificates. If you do not confirm the SSL server certificate, a connection to the multiuser server cannot be established. Requirement You have installed TIA Portal V14 or higher and the required multiuser server software. The multiuser server must be configured and started with the help of the multiuser tools. You are working in the local session for the first time. Confirm the certificate for a multiuser server To confirm the certificate for the multiuser server, follow these steps: 1. When you are working with a connected multiuser server for the first time, for example, when opening a local session, the operating system automatically prompts you to confirm the server certificate for the multiuser server. 2. Check whether the displayed certificate is trustworthy. If so, click "OK" in the dialog that appears to confirm the certificate for the "TIA_Multiuser_Server". Result The dialog is closed. The certificate for the multiuser server is considered trustworthy and saved permanently. 15.3.10.5 Enter access data for the multiuser server Introduction When you are working with Multiuser Engineering and have installed a multiuser server, you must log on to the multiuser server if an authentication is required. In this case the multiuser server prompts you to log on. A dialog is displayed in which you can enter the access data. 7200 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering You have two options for logging on: Logon with your current Windows-user name und password Logon with the access data of a different user Requirement You have installed TIA Portal V14 or higher and a multiuser server. The multiuser server must be configured and started with the help of the Power Tools. Enter access data for the multiuser server To enter the user data, follow these steps: 1. Select the required option in the dialog by clicking it. - For logon with your current login, the user name is already entered and cannot be edited. - Alternatively, you can log on with the access data of a different user. 2. To do so, select the second option and enter the respective data for "User name" and "Password". 3. Click "OK". Result If authentication was successful, the dialog is closed and the connection to the multiuser server is being established. 15.3.10.6 Transferring server data to other multiuser servers Introduction If you work with Multiuser Engineering and have installed a multiuser server, you can transfer existing server data to another multiuser server without data loss. The data can be transferred to the same computer or to a another computer. Requirement You have installed TIA Portal as of V14 and at least one multiuser server. The multiuser server must be configured and started. WinCC Advanced V14 System Manual, 10/2016 7201 Using Team Engineering 15.3 Using Multiuser Engineering Transfer multiuser server data to other multiuser servers To transfer the server data of a multiuser server to another multiuser server, follow these steps: 1. Stop the active multiuser server. - Open the graphic ConfigurationTool for the multiuser server configuration with administrator rights. - Open the start menu by clicking the command "Start" > "All Programs" > "Siemens Automation". - Click on the "Multiuser Server V14 Configuration" entry. This will open the user interface of the Configuration Tool. - In the "Server status" area, click on the "Stop service" button. 2. Uninstall the "old" multiuser server. For more details, see: Installing and uninstalling the Multiuser server (Page 7165) 3. Copy the entire repository with the existing server data to the new storage location, for example, to another computer. 4. Install the multiuser server on the new computer. For more details, see: Installing and uninstalling the Multiuser server (Page 7165) 5. Configure the new storage directory for the new multiuser server. For more details, see: Configuring a multiuser server with the graphic tool (Page 7171) 6. Start the new multiuser server. In the Configuration Tool, click on "Start service" in the "Server status" area. Result The server data were transferred without data loss to the new multiuser server. See also Configuring a multiuser server with the graphic tool (Page 7171) Installing and uninstalling the Multiuser server (Page 7165) 15.3.10.7 Reading out error log for multiuser server Introduction To check the multiuser server functionality, you can read out the error logs. When server errors occur, the error logs provide you with additional information on the error messages displayed in the user interface. A separate log file is created by the server for each day. The log files are not deleted automatically. 7202 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Reading out the error log of a multiuser server To read out the error log, follow these steps: 1. Open the directory for the respective multiuser server in your archiving. 2. Select the desired log file under the path <Repository>\logs. 3. Open the requested log file to check the content Reading out error logs for a multiuser project To read out the error log, follow these steps: 1. Open the directory for the respective multiuser server in your archiving. 2. Select the desired log file under the path <Repository>\proj\<Project name>\logs. 3. Open the requested log file to check the content. Note Reading out the error log Keep in mind that the error log cannot be read out when you are working in debug mode. Check and/or change the server configuration in the command line via the administrative tools using the command "musrv config". Make sure that the option "-d" is not selected. Reading out Windows event view The event view is a tool with which detailed information about important events can be displayed on the computer. The event view can be helpful for dealing with problems and errors. The following security relevant events relating to the multiuser server also receive an entry in the Windows event view: If a user wants to the start the multiuser server and the multiuser server does not "know" this user; i.e. the user is not logged in on the server. If a user with an incorrect password want to log onto the multiuser server. To read out the event view, follow these steps: 1. Click "Start" > "Control Panel" > "System and Security" > "Administration". Alternatively, click "Start" and enter "Event view" in the search field. 2. Double-click to open the Event view. 3. Under "Windows protocols" click "Security" to display the logged security relevant events related to the multiuser server. Result The logged security relevant events for the multiuser server are shown in a list. WinCC Advanced V14 System Manual, 10/2016 7203 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.10.8 Error log for multiuser server packed as Zip file Introduction To check the multiuser server functionality, you can read out the error logs. When server errors occur, the error logs provide you with additional information on the error messages displayed in the user interface. You have the open of packing all existing error logs into a Zip file in order, if required, to forward these, for example, to Customer Support. To do so you must log yourself in as Administrator directly on the server. It is not possible to execute this action via the TIA Portal or via the administrative and power tools. Packing error logs as Zip file To create a Zip file for error logs, follow these steps: 1. Log onto the multiuser server as administrator. 2. Execute the command "musrv ziplogs". 3. Alternatively, you can execute the command with the following options: - -n, --name: Entering the storage path for the Zip file - -f, --force: Overwrites any already existing files without prompt. Result The Zip file with all existing error logs for the multiuser server is created. 15.3.10.9 Information on response of the multiuser server to errors Introduction The response of the multiuser server after the occurrence of an error is described below. If an error occurs, you receive a corresponding error message. Behavior of the server after the occurrence of an error The multiuser server exhibits the following behavior after the occurrence of an error: Project lock: Information on which project is locked may get lost after a server error. This information is no longer available after a restart. 7204 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Errors that occur during "Upload from device" or "Download to device": The refresh of the local session cannot be performed. The action is aborted with an error message. The check-in cannot be executed. The action is aborted with an error message. Any already loaded data are removed again from the server, the server has the same status as before the start of the faulty action. Note Manual restart of the server The server has to be manually restarted after the occurrence of an error. An automatic start of the server only occurs after the next restart of the computer on which the server is running. 15.3.10.10 Supported network configurations for the multiuser server Requirements for successful client-server communication Introduction Below is an overview of the requirements for successful client-server communication in the context of Multiuser Engineering with: Network communication Certificate management Authentication Requirements for network communication The network used must allow HTTPS communication between client and server. WinCC Advanced V14 System Manual, 10/2016 7205 Using Team Engineering 15.3 Using Multiuser Engineering There are two ways of doing this: Direct TCP communication between client and multiuser server via the enabled server port. - No outbound firewall settings blocks communication on the workstations. - No incoming firewall settings blocks communication on the server. - Both the multiuser server and all workstations are in the same IP network (without routing). - If a router is installed in between, the router should not block communication via the selected server port. Indirect communication via an HTTPS proxy server. - An HTTPS proxy server is available. - The HTTPS proxy server is configured at the client end in the Windows system and enabled for communication. Requirements for certificate management To establish secure communication, you should use "HTTPS". With "HTTPS", communication is encrypted and a certificate is requested. This means communication has a higher security level than the unencrypted "HTTP" communication. To establish HTTPS communication, the multiuser server must be configured in such a way that it uses a valid HTTPS certificate for data encryption. The certificate in the Windows certificate store is used on the multiuser server. The certificate must be currently valid and registered for use with "http.sys". The fingerprint of the certificate must be handed over to the client. Requirements for authentication Windows mechanisms are used for the authentication of the communication with the multiuser server. Multiuser Engineering supports both authentication through domain accounts and authentication through local Windows accounts. Authentication with domain account - Both the client and the multiuser server are members of the same Windows domain. - A valid user account for this domain is used. - Both the client and the multiuser server can establish network communication to the domain server. - The requirements for using a secure https communication must be met. 7206 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Authentication with local account - A local account on the multiuser server must be used for authentication. - The requirements for using a secure HTTPS communication must be met. Note NTLM authentication on the multiuser server NTLM is used for authentication on the multiuser server. For security reasons, we recommend you activate NTLM V2, which has been used as standard since Windows 2000, and not NTLM V1. NTLM V2 offers a logon method more secure than NTLM V1. Note In the following sections, you can find more information about supported network configurations for the multiuser server. See also Network with dedicated multiuser server (Page 7207) Network with temporary multiuser server (Page 7209) Network in a Windows domain (Page 7211) Network in a Windows domain with Internet access via VPN (Page 7213) Network in a Windows domain with Internet access via proxy (Page 7216) Network with dedicated multiuser server Introduction Below, you can find information on a server configuration with a dedicated multiuser server in an office network. The graph shows the possible structure of such a configuration: WinCC Advanced V14 System Manual, 10/2016 7207 Using Team Engineering 15.3 Using Multiuser Engineering 2IILFHQHWZRUNZLWKGHGLFDWHGPXOWLXVHUVHUYHU :RUNVWDWLRQ 0RELOH :RUNVWDWLRQ 2IILFHQHWZRUN 'HGLFDWHGPXOWLXVHUVHUYHU 7208 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Description of the network configuration with a dedicated multiuser server The network configuration should meet the following requirements. Configuration Description Network environment Configuration: Various Windows workstations on which the TIA Portal is installed. A dedicated Windows server, which is installed as a multiuser server. All workstations and servers are located in the same network. Network Requirements: There is a direct TCP connection between the workstations and the multiuser server via the selected port. No outbound firewall settings blocks communication on the workstations. No incoming firewall settings blocks communication on the server. Both the multiuser server and all workstations are in the same IP network (without routing). If a router is installed in between, the router should not block communication via the selected server port. Either no proxy server is configured, or there is a local bypass. The "Bypass proxy server for local addresses" option should be selected in the Windows settings for a local area network. Authentication User accounts and Windows workgroups: These must be created locally on the multiuser server. This must be configured in accordance with the multiuser rights and roles for servers and projects. Name and password for authentication are queried on all workstations. Only local accounts of the server system can be used for authentication. Note: The Windows authentication can be used to query name and password. You have to create local accounts, which are identical to the accounts that exist on the multiuser server. This procedure allows the server to automatically authenticate a local account with identical logon information for an existing server account. Restriction: User accounts and groups cannot be managed centrally; local users and groups are required for this. This configuration is therefore unsuitable for enterprise networks. Network with temporary multiuser server Introduction Below, you can find information on a server configuration with a temporary multiuser server in an office network. The graph shows the possible structure of such a configuration: WinCC Advanced V14 System Manual, 10/2016 7209 Using Team Engineering 15.3 Using Multiuser Engineering 2IILFHZRUNJURXS 7HPSRUDU\ZRUNJURXS :RUNVWDWLRQ 0RELOH :RUNVWDWLRQ 0RELOH :RUNVWDWLRQ 2IILFHQHWZRUN 0RELOHZRUNVWDWLRQGHGLFDWHGPXOWLXVHUVHUYHU 7210 7HPSRUDU\ QHWZRUN 0RELOHZRUNVWDWLRQWHPSRUDU\PXOWLXVHUVHUYHU WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Description of the network configuration with a temporary multiuser server The network configuration should meet the following requirements. Configuration Description Network environment Configuration: Various Windows workstations on which the TIA Portal is installed. A temporary Windows server, which is installed as a multiuser server at one of the workstations. The office environment may be left, for example, to perform commissioning in a factory. All workstations and temporary multiuser servers are located in the same network. With the temporary multiuser server, the office environment can be left and work can still continue. Network Requirements: There is a direct TCP connection between the workstations and the multiuser server via the selected port. No outbound firewall settings blocks communication on the workstations. No incoming firewall settings blocks communication on the server. Both the multiuser server and all workstations are in the same IP network (without routing). If a router is installed in between, the router should not block communication via the selected server port. Either no proxy server is configured, or there is a local bypass. The "Bypass proxy server for local addresses" option should be selected in the Windows settings for a local area network. Authentication User accounts and Windows workgroups: These must be created locally on the multiuser server. This must be configured in accordance with the multiuser rights and roles for servers and projects. Name and password for authentication are queried on all workstations. Only local accounts of the server system can be used for authentication. Note: The Windows authentication can be used to query name and password. You have to create local accounts, which are identical to the accounts that exist on the multiuser server. This procedure allows the server to automatically authenticate a local account with identical logon information for an existing server account. Restriction: User accounts and groups cannot be managed centrally; local groups are required for this. This configuration is therefore unsuitable for enterprise networks. Network in a Windows domain Introduction Below, you can find information on a server configuration with a dedicated multiuser server in a Windows domain. The graph shows the possible structure of such a configuration: WinCC Advanced V14 System Manual, 10/2016 7211 Using Team Engineering 15.3 Using Multiuser Engineering 1HWZRUNZLWKLQD:LQGRZVGRPDLQ :RUNVWDWLRQ 'RPDLQ FRQWUROOHU 0RELOH :RUNVWDWLRQ 2IILFHQHWZRUN 'HGLFDWHGPXOWLXVHUVHUYHU 7212 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Description of the network configuration in a Windows domain The network configuration should meet the following requirements. Configuration Description Network environment Configuration: All Windows workstations on which the TIA Portal is installed are members of the same domain. A dedicated Windows server as a multiuser server is also located in the same domain. All workstations and multiuser servers use the same LAN (Local Area Network). All workstations and multiuser servers can connect to the domain controller. Network Requirements: There is a direct TCP connection between the workstations and the multiuser server via the selected port. No outbound firewall settings blocks communication on the workstations. No incoming firewall settings blocks communication on the server. Both the multiuser server and all workstations are in the same IP network (without routing). If a router is installed in between, the router should not block communication via the selected server port. Either no proxy server is configured, or there is a local bypass. The "Bypass proxy server for local addresses" option should be selected in the Windows settings for a local area network. Authentication User accounts and Windows workgroups: These must be created on the domain controller. This must be configured in accordance with the multiuser rights and roles for servers and projects. Users at workstations on which the TIA Portal is running are automatically authenticated with their domain logon information. Note: You can also log on with other valid logon data on the multiuser server. Restriction: This configuration is not suitable for temporary server configurations, since they also need access to the domain controller. Network in a Windows domain with Internet access via VPN Introduction Below, you can find information on a server configuration with a dedicated multiuser server in a Windows domain with VPN (Virtual Private Network). The graph shows the possible structure of such a configuration: WinCC Advanced V14 System Manual, 10/2016 7213 Using Team Engineering 15.3 Using Multiuser Engineering ,QWHUQHW 2IILFHGRPDLQ :RUNVWDWLRQ 'RPDLQ &RQWUROOHU 0RELOH :RUNVWDWLRQ )LUHZDOO 931 2IILFHQHWZRUN 0RELOH :RUNVWDWLRQ 'HGLFDWHGPXOWLXVHUVHUYHU 7214 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Description of the network configuration in a Windows domain with VPN The network configuration should meet the following requirements. Configuration Description Network environment Configuration: All Windows workstations on which the TIA Portal is installed are members of the same domain. A dedicated Windows server as a multiuser server is also located in the same domain. All workstations and multiuser servers use the same LAN (Local Area Network). Both workstations and the multiuser server have access to the domain controller. Workstations can also be connected to the LAN via VPN. Network Requirements: There is a direct TCP connection via the selected port between the workstations and the multiuser server. No outbound firewall settings blocks communication on the workstations. No incoming firewall settings blocks communication on the server. Both the multiuser server and all workstations are in the same IP network (without routing). If a router is installed in between, the router should not block communication via the selected server port. Either no proxy server is configured, or there is a local bypass. The "Bypass proxy server for local addresses" option should be selected in the Windows settings for a local area network. For security reasons, we recommend using VPN solutions, such as "Routing and Remote Access Service". For security reasons, it is strongly recommended to set up a firewall. It is not necessary to open a port in the firewall for multiuser server when using VPN. WinCC Advanced V14 System Manual, 10/2016 7215 Using Team Engineering 15.3 Using Multiuser Engineering Configuration Description Authentication Authentication is performed based on the current configuration selected. User accounts and Windows workgroups when configured as an office workgroup: These must be created locally on the multiuser server. This must be configured in accordance with the multiuser rights and roles for servers and projects. Name and password for authentication are queried on all workstations. Only local accounts of the server system can be used for authentication. Note: The Windows authentication can be used to query name and password. You have to create local accounts, which are identical to the accounts that exist on the multiuser server. This procedure allows the server to automatically authenticate a local account with identical logon information for an existing server account. Restriction: User accounts and groups cannot be managed centrally; local users and groups are required for this. This configuration is therefore unsuitable for enterprise networks. User accounts and Windows workgroups with configuration as Windows domain: These must be created on the domain controller. This must be configured in accordance with the multiuser rights and roles for servers and projects. Users at workstations on which the TIA Portal is running are automatically authenticated with their domain logon information. Note: You can also log on with other valid logon data on the multiuser server. Restriction: This configuration is not suitable for temporary server configurations, since they also need access to the domain controller. Communication with a remote computer through a VPN demonstrates typical performance limitations for all client-server applications. The multiuser server is also affected. Network in a Windows domain with Internet access via proxy Introduction Below, you can find information on a server configuration with a dedicated multiuser server in a Windows domain with intranet/Internet access via a proxy. The graph shows the possible structure of such a configuration: 7216 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering ,QWHUQHW 2IILFHGRPDLQ :RUNVWDWLRQ 'RPDLQ &RQWUROOHU 0RELOH :RUNVWDWLRQ )LUHZDOO 3UR[\ 2IILFHQHWZRUN 0RELOH :RUNVWDWLRQ 'HGLFDWHGPXOWLXVHUVHUYHU WinCC Advanced V14 System Manual, 10/2016 7217 Using Team Engineering 15.3 Using Multiuser Engineering Description of the network configuration in a Windows domain with proxy The network configuration should meet the following requirements. Network environment Configuration: All Windows workstations on which the TIA Portal is installed are members of the same domain. A dedicated Windows server as a multiuser server is also located in the same domain. All workstations and multiuser servers use the same LAN (Local Area Network). Both workstations and the multiuser server have access to the domain controller. Workstations outside the LAN can also be connected to the LAN via a proxy server. Network Requirements: There is a direct TCP connection between the workstations and the multiuser server via the selected port. No outbound firewall settings blocks communication on the workstations. No incoming firewall settings blocks communication on the server. Both the multiuser server and all workstations are in the same IP network (without routing). If a router is installed in between, the router should not block communication via the selected server port. Either no proxy server is configured, or there is a local bypass. The "Bypass proxy server for local addresses" option should be selected in the Windows settings for a local area network. For security reasons, it is not recommended to make the multiuser server available on the Internet. For security reasons, it is strongly recommended to set up a firewall to accept the incoming connections to the selected port. The proxy server must accept HTTPS communication and forward it to the multiuser server on the selected port. 7218 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Authentication Authentication is performed based on the current configuration selected. User accounts and Windows workgroups when configured as an office workgroup: These must be created locally on the multiuser server. This must be configured in accordance with the multiuser rights and roles for servers and projects. Name and password for authentication are queried on all workstations. Only local accounts of the server system can be used for authentication. Note: The Windows authentication can be used to query name and password. You have to create local accounts, which are identical to the accounts that exist on the multiuser server. This procedure allows the server to automatically authenticate a local account with identical logon information for an existing server account. Restriction: User accounts and groups cannot be managed centrally; local users and groups are required for this. This configuration is therefore unsuitable for enterprise networks. User accounts and Windows workgroups with configuration as Windows domain: These must be created on the domain controller. This must be configured in accordance with the multiuser rights and roles for servers and projects. Users at workstations on which the TIA Portal is running are automatically authenticated with their domain logon information. Note: You can also log on with other valid logon data on the multiuser server. Restriction: This configuration is not suitable for temporary server configurations, since they also need access to the domain controller. Communication with a remote computer through a proxy demonstrates typical performance limitations for all client-server applications. The multiuser server is also affected. Port Note: Sometimes it is only possible to use port "443" for an https connection on a proxy server. A port other than "443" for an https connection cannot be set on some proxy servers. In this case, you need to install the multiuser server on port "443" as well. WinCC Advanced V14 System Manual, 10/2016 7219 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.11 Working with the multiuser server 15.3.11.1 Introduction to the multiuser server Introduction To be able to work with the full functionality of Multiuser Engineering , you need a multiuser server, which manages your multiuser projects. The multiuser server must be installed first and then configured and started with the help of the multiuser tools. The connections to the multiuser server in the TIA Portal can then be configured and administered using the "Options" > "Settings" > "Multiuser" command. In the TIA Portal, you can execute the following actions for the server connections: Add new multiuser server connections. Create, edit, and delete existing multiuser server connections Properties of the multiuser server The multiuser server has the following properties: You need administrator rights to install and configure the multiuser server. The installation of the server requires settings in the Windows firewall and may require a certificate. The multiuser server is configured and administered by an administrator with the supplied multiuser tools. The server is available to all editors of the multiuser project and it can also be accessed from the outside. The multiuser server can be started and administered outside the TIA Portal. The "Alias" assigned as the name for the multiuser server is used as an identifier and may not be changed at a later point in time. Quantity structure for the multiuser server For efficient work with Multiuser Engineering, you can create up to 100 multiuser server connections. When you have reached this number, you receive a message informing you that you cannot create any new server connections. Once you have deleted any server connections that are no longer required, you can once again create new connections up to the maximum number. The following configuration limits are available for a multiuser server depending on the respective hardware: 7220 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Number of projects on the multiuser server Standard multiuser server (application as a temporary multi user server) Hardware: Field PG M5 Advanced (or equivalent) Intel(R) CoreTM i5-6440EQ up to 3.4 GHz*,16 GB RAM (32 GB for large projects) SSD with 50 GB of available disk space Network 1 GB 15.6" Full HD Display (1920 x 1080) Maximum number of server projects per server: 100 Maximum number of local sessions per server: 200 Maximum number of local sessions per server project: 25 Note Server hardware When more powerful server hardware is used, even higher quantities are possible. See also Displaying the multiuser server connection (Page 7223) Editing the multiuser server connection (Page 7224) Deleting the multiuser server connection (Page 7226) 15.3.11.2 Setting the multiuser network profiles Introduction When working with Multiuser Engineering you have the option of selecting between three different network profiles, depending on the performance capability of your own network. The selected network profile determines the time until a timeout message is generated. Available multiuser network profiles The following network profiles are available for working with the multiuser server: WinCC Advanced V14 System Manual, 10/2016 7221 Using Team Engineering 15.3 Using Multiuser Engineering Network profile Area of application "Fast" Office environment Gigabit/Ethernet Stable and mostly interference-free network environment "Medium" Office environment, small workgroup with fixed location Fast Ethernet, WLAN, VPN connections Good network environment, rare interference "Slow" Commissioning, non-stationary workstations WLAN connection Interference possible (machines, electrical installations) Setting the multiuser network profiles To set the network profiles in the TIA Portal, follow these steps: 1. In the TIA Portal, select the command "Options" > "Settings" > "Multiuser". The available options for the network profiles are displayed in the following dialog. 2. From the drop-down list for "Multiuser network profiles", select the desired profile. Result The selected connection profile is activated. Note The timeout behavior of the current network profile is not affected at the changeover. 15.3.11.3 Adding a new multiuser server connection Introduction If you work with Multiuser Engineering and have installed a multiuser server, you can add up to 100 server connections to the multiuser server in the TIA Portal. Requirement You have installed TIA Portal V14 or higher and a multiuser server. The multiuser server must be configured and started with the help of the power tools. 7222 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Adding a new multiuser server connection To add a new multiuser server connection, follow these steps: 1. In the TIA Portal, select the command "Options > Settings > Multiuser". The "Multiuser server connections" tab is open and all existing server connections are displayed. If no multiuser server connection has been configured yet, only the entry for the "Local multiuser server" is available. 2. In the following editor, click the "Add server connection" command in the "Server name" column. If the maximum number of 100 server connections has already been reached, you receive a message informing you that you first have to delete one of the existing server connections before you can add a new one. If it is possible to add a new server connection, the "Add new Multiuser server connection" dialog box opens. 3. Enter the name for the multiuser server in the "Server name" field. You can use a maximum of 256 characters for the name and the path. The name can include letters, numbers and commas. You will be notified if the entered name is already being used or if the path is longer than 256 characters in total. 4. Select the required transmission protocol (https or http) for the multiuser server. The "http" protocol is selected by default. 5. Enter the required host and port for the server connection. You will be notified if the entered host and/or port is already in use. 6. Click "Add". Result The new multiuser server connection is added and displayed under "Options > Settings > Multiuser". 15.3.11.4 Displaying the multiuser server connection Introduction When you are working with Multiuser Engineering you can display the existing server connections to the multiuser server in the settings of the TIA Portal. Requirement You have installed TIA Portal V14 or higher and a multiuser server. The multiuser server must be configured and started with the help of the multiuser tools. WinCC Advanced V14 System Manual, 10/2016 7223 Using Team Engineering 15.3 Using Multiuser Engineering Displaying the multiuser server connection To display the existing multiuser server connections, follow these steps: 1. In the TIA Portal, select the command "Options > Settings > Multiuser". The existing multiuser server connections are displayed in the "Server name" column in the next editor. 2. If you are looking for a specific server connection, click the "Server name" or "Host" column headers to sort the content. Result The existing multiuser servers are displayed in the editor under "Options > Settings > Multiuser" 15.3.11.5 Editing the multiuser server connection Introduction When you are working with Multiuser Engineering you can edit the existing server connections to the multiuser server in the settings of the TIA Portal. Requirement You have installed TIA Portal V14 or higher and a multiuser server. The multiuser server must be configured and started with the help of the multiuser tools. Editing the multiuser server connection 1. In the TIA Portal, select the command "Options > Settings > Multiuser". All existing multiuser server connections are listed in the next dialog in the "Server name" column. Note It is not permitted to edit a multiuser server connection that is used in a currently open local session. 2. If necessary, click the "Server name" or "Host" column headers to sort the contents. 3. Double-click the server connection that you wish to edit. Result: The "Edit multiuser server connections" dialog box opens. 4. You can enter the desired changes here. - The "Server name" field cannot be edited. - The entry in the "Host" field can be edited. You can navigate to the required host by clicking the button with the dots. - The entry in the "Port" field can be edited. 7224 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering 5. If possible, select "https" as the transmission protocol to ensure secure data exchange with encryption and certificate. 6. Click "OK" for the changes to become effective. Result Your changes for the selected multiuser server connection are applied and displayed under "Options > Settings > Multiuser". 15.3.11.6 Restore multiuser server connection Introduction When you are working with Multiuser Engineering the existing server connection to the multiuser server can be interrupted. If this is the case, you will receive a corresponding error message after about 30 seconds. You have different options, depending on whether you are working in the local session or in the server project view. You have the following options when you are working in the local session: Restore the server connection Save and close the local session Close the local session without saving You have the following options when you are working in the server project view: Restore the server connection Discard changes Possible procedure in the local session To restore a multiuser server connection, follow these steps: 1. Click "Restore" in the displayed dialog. If the server connection can be restored, the dialog closes and you can continue working without restrictions. 2. Click "Save and close the local session", if you are not continuing to work at the moment but want to save your changes. 3. Click "Close local session", if you want to exit the local session without storing it. WinCC Advanced V14 System Manual, 10/2016 7225 Using Team Engineering 15.3 Using Multiuser Engineering Possible procedure in the server project view To restore a multiuser server connection, follow these steps: 1. Click "Restore" in the displayed dialog. If the server connection can be restored, the dialog closes and you can continue working without restrictions. 2. Click "Discard changes", if you exit the server project view without saving it and want to discard any changes you may have made. The server project view closes. The associated local session does not open, because there is currently no connection to the multiuser server. 15.3.11.7 Deleting the multiuser server connection Introduction When you are working with Multiuser Engineering you can delete the existing server connections to the multiuser server in the settings of the TIA Portal. You can create, edit and delete up to 100 multiuser server connections in the TIA Portal. Note Keep in mind that you can only delete a server connection if all existing local sessions for this server connection were deleted beforehand. Keep in mind that a connection from a local session to a deleted multiuser server connection is no longer possible. Requirement You have installed TIA Portal V14 or higher and a multiuser server. The multiuser server must be configured and started with the help of the multiuser tools. Deleting the multiuser server connection To delete an existing multiuser server connection, follow these steps: 1. In the TIA Portal, select the command "Options > Settings > Multiuser". All existing multiuser server connections are listed in the "Server name" column in the next editor. 2. If necessary, click the "Server name" or "Host" column headers to sort the contents. 3. Select one or more server connections that you wish to delete and click "Delete" in the shortcut menu. The "Delete" dialog box opens. 4. Click "Yes" to confirm the next message and to delete the selected server connection permanently. 7226 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Result The selected multiuser server connection is deleted and is no longer displayed under "Options > Settings > Multiuser". 15.3.12 Working with the local multiuser server 15.3.12.1 Introduction to the local multiuser server Introduction To work with Multiuser Engineering , you need a multiuser server that manages your multiuser projects. A local multiuser server is always installed automatically together with the installation of the TIA Portal and cannot be deleted. It does not require a separate software installation. The local multiuser server is displayed in the list of Multiuser servers as the first entry under the non-editable "Local Multiuser Server" name and can be called with the " Options" > "Settings" > "Multiuser" command. Advantages of the local multiuser server The local multiuser server offers the following advantages: You can try out Multiuser Engineering without having to install a dedicated multiuser server first. You can buffer your work progress on the local multiuser server. Requirement To use the functionality of the local multiuser server, TIA Portal V14 or higher must be installed. Properties of the local multiuser server Unlike a dedicated multiuser server, the local multiuser server offers only limited functionality. The local multiuser server has the following properties: It is only available to one user on their computer and cannot be deleted. It can only be started within the TIA Portal. It can only be called from the computer on which the local session is running that is assigned to this local multiuser server. It does not support management tasks. Its settings do not have to be adapted for the firewall and it does not need certificates. Only the port can be edited; the server name and host cannot be changed. WinCC Advanced V14 System Manual, 10/2016 7227 Using Team Engineering 15.3 Using Multiuser Engineering See also Configuring the local multiuser server (Page 7228) Displaying the local multiuser server (Page 7229) Starting the local multiuser server (Page 7229) Exiting the local multiuser server (Page 7231) 15.3.12.2 Configuring the local multiuser server Introduction A local multiuser server is installed by default during installation of the TIA Portal by default. It is displayed in the list of multiuser servers as the first entry and can be called with the command " "Options > Settings > Multiuser server". Requirement You have installed TIA Portal V14 or higher. Configuring the local multiuser server To configure the local multiuser server, follow these steps: 1. In the TIA Portal, select the command "Options > Settings > Multiuser server". All existing multiuser servers are displayed in the next dialog in the "Server name" column. 2. If necessary, click the "Server name" or "Host" column headers to sort the contents. 3. Double-click the entry "Local multiuser server". The "Server connection" dialog opens. 4. Enter your changes. - The "Server name" and "Host" fields cannot be edited for the local multiuser server. - The entry in the "Port" field can be edited. Enter the required port here. 5. Click "OK" for the changes to become effective. Result: Your changes to the local multiuser server are applied and displayed under "Options > Settings > Multiuser server". Note It is not permitted to configure the local multiuser server while it is connected to an open local session. If a local session has already been created and the local multiuser server is only reconfigured afterwards, the server must first be stopped and then restarted to prevent the existing local session from becoming invalid. 7228 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering See also Exiting the local multiuser server (Page 7231) 15.3.12.3 Displaying the local multiuser server Introduction A local multiuser server is installed by default during the installation of the TIA Portal. Requirement You have installed TIA Portal V14 or higher. Displaying the multiuser server To display the local multiuser server, follow these steps: 1. In the TIA Portal, select the command "Options > Settings > Multiuser server". In the next editor, the local multiuser server is displayed as the first entry in the "Server name" column. The dedicated multiuser servers you have created are listed below this. Note The local multiuser server cannot be deleted. The local multiuser server is displayed with the uneditable server name "Local Multiuser Server" in all languages. 15.3.12.4 Starting the local multiuser server Introduction A local multiuser server is installed by default during the installation of the TIA Portal. It is displayed in the list of multiuser servers as the first entry and can be called with the command " "Options > Settings > Multiuser server". WinCC Advanced V14 System Manual, 10/2016 7229 Using Team Engineering 15.3 Using Multiuser Engineering Starting the local multiuser server To start the local multiuser server, follow these steps: 1. In the TIA Portal, select the command "Project > Manage multiuser projects". The "Manage multiuser projects" dialog box opens. 2. In the "Select server" box, select the local multiuser server from the drop-down list. It is displayed under the name "Local Multiuser Server". - Any existing server projects are listed here. The individual columns include detailed information on the respective project and on which user has made which changes and when. If required, you can change the arrangement of the columns. - You will be informed if a connection to the selected server is not possible. - If the local multiuser server has not yet been started, you will be asked if you want to start it now. 3. Confirm the next query as to whether the local multiuser server is to be started on your computer with "Yes". Result The connection to the local multiuser server is being established. A command window opens and shows that the server is now activated. Note Although the connection to the local multiuser server is terminated by closing the TIA Portal, this server is not stopped automatically. To stop the local multiuser server, you must close the displayed command line. Opening the local session assigned to the local multiuser server As soon as you open a local session that is assigned to the local multiuser server and when the local multiuser server has not ben started, you are queried if you want to start the local multiuser server. If you answer this query with "Yes", the local multiuser server is started and the local session is opened for editing. You cancel the process with "No". Note Keep in mind that you can only delete a server connection if all existing local sessions for this server connection were deleted beforehand. Keep in mind that a connection from an existing local session to a deleted multiuser server project is no longer possible. 7230 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering 15.3.12.5 Exiting the local multiuser server Introduction When you open a local session that is assigned to the local multiuser server , a prompt appears asking whether the local multiuser server is to be started. When the local session is ended or the TIA Portal is closed, the local multiuser server is not automatically ended. The local multiuser server must be explicitly ended. Requirement The local multiuser server was started. Procedure To end the local multiuser server, follow these steps: 1. Terminate the local multiuser server by closing the displayed command line. 15.3.13 Creating and managing multiuser server projects 15.3.13.1 Introduction to working in multiuser server projects Introduction Once the multiuser server has been installed and then configured and started with the help of the multiuser tools , you can manage the multiuser server projects in the TIA Portal. Managing the multiuser server projects When you execute the command "Project > Manage multiuser server projects", all existing server projects for the existing server connections are displayed in the next dialog box. The local multiuser server is displayed first in the list of existing server connections, because it always exists (by default). If you have not added a multiuser server project yet, the list is empty. If server projects already exist, they are displayed. From the drop-down list, select the required server connection for which all existing server projects are then listed. You can execute the following actions with the individual buttons: Add and delete server connections. Add new server projects to the selected server connection. Delete existing server projects. WinCC Advanced V14 System Manual, 10/2016 7231 Using Team Engineering 15.3 Using Multiuser Engineering Create new local sessions for a server project. Open existing local sessions. Note Displaying server projects Server projects can only be displayed when a connection to the multiuser server exists and it has been started. You will be notified if a connection could not be established. Note Deleting server projects To prevent inconsistencies in the project management, server projects must not be deleted "manually" with the Explorer in the storage directory. In the context of Multiuser Engineering, server projects must always be deleted with the Multiuser Tools. All associated local sessions must be deleted before a server project can be deleted. 15.3.13.2 Adding a new multiuser server project Introduction When working with Multiuser Engineering, you must first create a multiuser server project. A multiuser server project is created by adding a standard project (single-user project) to the previously installed multiuser server and then be able to use this project as a multiuser server project. Note Multiuser server projects Observe the requirements described under Requirements for multiuser projects (Page 7156), which a multiuser project has to fulfill. Requirement The TIA Portal V14 is installed on your computer and executable. The multiuser server V14 is installed and can be accessed. 7232 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Procedure To create a multiuser server project, follow these steps: 1. In the TIA Portal, click the menu command "Project > Manage multiuser server projects". 2. Select the required sever connection from the drop-down list in the next dialog box. 3. In the last row, click the "Add project to the server" button. 4. Set the required path to the single-user project or navigate to the required directory via the "..." button. 5. Select the project which you want to add as multiuser server project. 6. Enter the necessary information under "Details". The server project name is always preset and cannot be edited. 7. The "Create local session" button is enabled by default. Disable this button if you do not want to create a local session for the newly added multiuser server project. 8. Click "Add". If the selected project already exists as multiuser server project or is currently opened by another user, you will be notified. Result The selected single-user project is added as new multiuser server project and displayed under "Project > Manage multiuser server projects". If the option "Create local multiuser session" was selected, a new local session is created and opened. See also Requirements for multiuser projects (Page 7156) 15.3.14 Working in the local session 15.3.14.1 Creating and managing a local session Creating a local session Introduction To work with Multiuser Engineering , you must create a local session. The local session is always assigned to a specific multiuser server project. Requirement You have installed TIA Portal V14 or higher and a multiuser server. WinCC Advanced V14 System Manual, 10/2016 7233 Using Team Engineering 15.3 Using Multiuser Engineering You have created an executable multiuser server project. Procedure To create a local session, follow these steps: 1. In the TIA Portal, select the command "Project > Manage multiuser projects". The "Manage multiuser projects" dialog box opens. 2. Select the required multiuser server in the drop-down list. 3. Select the required project from the displayed list and click "Create new local session". The "Create local session" dialog box opens. 4. In the "Create local session" dialog box, check your selection regarding the multiuser server and the multiuser server project. The displayed selection cannot be modified in this dialog box. If the displayed selection is not want you wanted, click "Cancel" and start again with step 1. 5. Add the detailed information to the local session: - Enter a valid path for storage of the local session or use the corresponding button to navigate to the required location. - Assign a name for the directory in which the local session is to be saved. The directory is created implicitly if it does not exist yet. - If required, enter a comment for the local session. Note Keep in mind that the author for the local session was already entered by default in this dialog box and cannot be edited. - The "Open local session" button is selected by default and causes the new local session to open as soon as it has been created. If desired, deactivate this button. 6. Click the "Create" button to execute this action. A message indicates that the local session is being created. Result The newly created local session is opened and displayed. See also Opening a local session (Page 7235) Saving a local session (Page 7237) Closing a local session (Page 7238) Deleting a local session (Page 7239) Displaying all local sessions associated with a server project (Page 7240) Exporting a local session as single-user project (Page 7241) 7234 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Opening a local session Introduction You have different options for opening a local session: In the TIA Portal with "Recently used projects" In the TIA Portal with the associated Multiuser server project With the Windows Explorer when the TIA Portal is closed As soon as you open a local session that is assigned to the local multiuser server, a prompt appears asking if you want to start the local multiuser server, if it has not yet been started. Click "Yes" to start the local multiuser server and to open the selected local session. Note Instructions for opening local sessions: A renamed or deleted local session can no longer be opened. A local session cannot be opened when the associated server is not available. A local session cannot be opened as a reference project. When opening a local session that meets one of the criteria listed above, you will see a note informing you that the session cannot be opened. In this case a prompt asks whether you want to export this local session as single-user project. Requirement You have installed TIA Portal V14 or higher and a multiuser server. You have created an executable multiuser server project and a valid local session. Opening a local session To open a recently used local session, follow these steps: 1. In the TIA Portal, select the command "Project > Open". The "Open project" dialog box opens with a list of recently used projects and sessions. The icons in the first column help you distinguish between single-user projects and multiuser projects. 2. Select the preferred local session and click "Open". Result The selected local session is opened. WinCC Advanced V14 System Manual, 10/2016 7235 Using Team Engineering 15.3 Using Multiuser Engineering Opening a local session by means of the associated server project To open a local session via the associated server project, follow these steps: 1. In the TIA Portal, select the command "Project > Manage multiuser projects". The "Manage multiuser projects" dialog box opens. 2. Select the required multiuser server in the drop-down list. 3. Select the desired local session from the displayed list and click the "Show local session" button. The "Open local session" dialog box opens and displays all existing local sessions for the selected server. The entry in the first row is selected by default. 4. Select the preferred local session and click "Open". Result All opened dialog boxes are closed and the selected local session is opened. Opening a local session with the Windows Explorer To open a local session with the Windows Explorer, follow these steps: 1. While the TIA Portal is closed, navigate to the directory in which your local sessions are stored in Windows Explorer. 2. Select the preferred local session with the file extension "*.als14" and double-click it. Result The TIA Portal is started and the selected local session is opened. Note You close a local session as you would a single-user project with the command "Project > Close". Opening a local session from a different storage location To open a local session that has been moved to another storage location in the meantime, follow these steps: 1. In the TIA Portal, select the command "Project > Open". The "Open project" dialog box opens with a list of recently used projects and sessions. 2. Select the preferred local session and click "Open". You are notified that you are trying to open a local session from a different storage location. 3. Confirm this query with "OK" if you want to execute the action. 7236 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Result The selected local session is opened from the new storage location. The information about the new storage location is saved in the associated server. See also Creating a local session (Page 7233) Saving a local session (Page 7237) Closing a local session (Page 7238) Deleting a local session (Page 7239) Displaying all local sessions associated with a server project (Page 7240) Exporting a local session as single-user project (Page 7241) Saving a local session Introduction You have different options for saving a local session: As "local session" with the file extension "*.als14" After an export as "single-user project" with the file extension "*.ap14". When you export and save a local session as single-user project, you can continue to edit this project in the familiar way without multiuser functionality. While working in the local session, you save this as usual as local session in order to continue to work in the context of Multiuser Engineering . Requirement You have installed TIA Portal V14 or higher and a multiuser server. You have created an executable multiuser server project and a valid local session. Procedure To save a local session, follow these steps: 1. Open the local session: 2. Make your required changes. 3. In the TIA Portal, select the command "Project > Save". Result The local session is saved on the associated multiuser server with the file extension "*.als14". WinCC Advanced V14 System Manual, 10/2016 7237 Using Team Engineering 15.3 Using Multiuser Engineering See also Creating a local session (Page 7233) Opening a local session (Page 7235) Closing a local session (Page 7238) Deleting a local session (Page 7239) Displaying all local sessions associated with a server project (Page 7240) Exporting a local session as single-user project (Page 7241) Closing a local session Introduction You close a local session as you would a single-user project with the command "Project > Close". Requirement You have installed TIA Portal V14 or higher and a multiuser server. You have created an executable multiuser server project and a valid local session that is open. Procedure To close a local session, follow these steps: 1. In the TIA Portal, select the command "Project > Close". 2. Confirm the next prompt with "Yes" if you want to save your changes. Result The local session is closed. See also Creating a local session (Page 7233) Opening a local session (Page 7235) Saving a local session (Page 7237) Displaying all local sessions associated with a server project (Page 7240) Exporting a local session as single-user project (Page 7241) 7238 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Deleting a local session Introduction To avoid inconsistencies in multiuser projects, you cannot delete a local session in the usual way with the command "Project > Delete project...". Local sessions can only be deleted in the context of the multiuser functionality and depending on the associated multiuser server project. Note If you have manually deleted a local session with the Windows Explorer from the storage directory, it is still displayed in the "Local sessions" dialog box but can no longer be opened. Delete this local session again explicitly in the multiuser context as described in the procedure below. Local sessions that existing in the multiuser server can also be deleted with the Multiuser Tools in the server management. For more details, see:Commands for managing the multiuser server (Page 7195) Requirement You have installed TIA Portal V14 or higher and a multiuser server. You have created an executable multiuser server project and a valid local session. The local session you wish to delete must not be open. Procedure To delete a local session in the TIA Portal, follow these steps: 1. In the TIA Portal, select the command "Project > Manage multiuser projects...". The "Manage multiuser projects" dialog box opens with a list of sessions available for the selected server. 2. Select the respective server from the drop-down list. 3. Select the relevant server project from the list and click the "Show local session" button. 4. In the next dialog box "Open local session", select the respective session and click the "Delete" button. Note A local session cannot be deleted if it is open; the delete command is inactive in this case. In this case, close the local session first and click the "Delete" button once again. 5. Confirm the next query regarding deletion with "Yes". WinCC Advanced V14 System Manual, 10/2016 7239 Using Team Engineering 15.3 Using Multiuser Engineering Result The selected local session is deleted and it is also deleted from the list of existing local sessions. See also Creating a local session (Page 7233) Opening a local session (Page 7235) Saving a local session (Page 7237) Closing a local session (Page 7238) Displaying all local sessions associated with a server project (Page 7240) Exporting a local session as single-user project (Page 7241) Commands for managing the multiuser server (Page 7195) Displaying all local sessions associated with a server project Introduction You have the option of displaying all local sessions associated with a multiuser server project in the TIA Portal. Requirement You have installed TIA Portal V14 or higher and a multiuser server. You have created an executable multiuser server project and a valid local session. Displaying all local sessions To display all local sessions belonging to a server project, follow these steps: 1. In the TIA Portal, select the command "Project > Manage multiuser projects". The "Manage multiuser projects" dialog box opens and displays all existing server connections for the multiuser server. 2. Select the required server connection. All server projects associated with this server connection are listed. 3. Select the relevant server project and click the "Show local sessions" button. 4. The "Open local session" dialog box opens and displays all existing local sessions for the selected server project. The entry in the first row is selected by default. If you want to open a local session, select the respective session and click "Open". Result All existing local sessions for the selected server project are displayed. 7240 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering See also Creating a local session (Page 7233) Opening a local session (Page 7235) Saving a local session (Page 7237) Closing a local session (Page 7238) Deleting a local session (Page 7239) Exporting a local session as single-user project (Page 7241) Exporting a local session as single-user project Introduction When working with Multiuser Engineering, you have the option of exporting a local session as single-user project. This is beneficial when a local session can currently not be opened, for example, because the multiuser server is not available. However, a local session may also become invalid and can therefore no longer be opened. A local session becomes invalid for the following reasons: When the local session was renamed. When the local session has been moved to a different storage location. When the settings for the associated server have been changed and the server is no longer available for this reason. If a local session is detected to be invalid when opened, you will receive a query as to whether you want to export the session as a single-user project. This means you can save the work results from the local session in a single-user project and still use them. You can apply the changes from the exported local session into your multiuser server project once again by copying them. You also have the option of exporting a local session with the multiuser Power Tools. For more details, see: Commands for managing the multiuser server (Page 7195) Exporting a local session as single-user project To export a local session as single-user project, follow these steps: 1. Click the command "Project > Manage multiuser projects". 2. Select the respective server from the drop-down list in the displayed dialog box. 3. Select the relevant server project and click the "Show local sessions" button. 4. Select the local session and click "Export as single-user project" in the shortcut menu. In the next dialog box, the name of the local session and the file extension ".ap14" are already preset. WinCC Advanced V14 System Manual, 10/2016 7241 Using Team Engineering 15.3 Using Multiuser Engineering 5. Under "Export to" enter the preferred storage location or navigate to the preferred storage location and click "Export". Alternatively, you will be notified by the system that the local session is invalid when you open it. 6. Confirm the subsequent query whether you want to export the invalid local session as singleuser project with "Yes". The "Export as single-user project" dialog box opens. The name of the local session and the name of the export file are preset and cannot be edited. 7. Enter the preferred export path or navigate to the preferred storage location and click "Export". Result The local session is exported as single-user project and saved under the set storage path. The export dialog box is closed and the server project list is displayed once again. See also Creating a local session (Page 7233) Opening a local session (Page 7235) Saving a local session (Page 7237) Closing a local session (Page 7238) Deleting a local session (Page 7239) Displaying all local sessions associated with a server project (Page 7240) Commands for managing the multiuser server (Page 7195) 15.3.14.2 Editing objects in the local session Introduction to working in local sessions Introduction Within the context of Multiuser Engineering , to work simultaneously with multiple users in a multiuser project, each editor must create their own local session. The respective editor can make changes in one or more local sessions, check them in to the multiuser server project and thus publish them. After check-in, the changes from the local session are once again available to all editors in the server project. They can be reused and modified once again in subsequent local sessions. 7242 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Procedure when working in local sessions The following steps are necessary to work as multiuser in the engineering tasks that have been assigned to you in a local session: You have installed TIA Portal V14 or higher and a multiuser server. Alternatively, you can use the local multiuser server installed by default. You have created an executable project for working with Multiuser Engineering. You have loaded the prepared project to the multiuser server and thus created a multiuser project. You have coordinated the task and the configuration limits for working in the local sessions with the other editors. You have created a local session for each engineering task. Rules for working in local sessions The following rules apply to working in local sessions: A local session is always assigned to a defined multiuser server and a defined multiuser server project. Each local session includes different tasks for different editors who are assigned to a multiuser server projects. A local session receives the file extension "*.als14" when it is saved and must not be renamed in Windows Explorer. While a local session is open, the associated multiuser server connection and the associated multiuser server project must not be renamed, moved or deleted. Local sessions can no longer be opened and edited when the associated multiuser server or the associated multiuser server project have been deleted. A local session cannot be opened without a server connection. A local session cannot be opened as reference project. A local session can be exported as single-user project and edited further without multiuser functionality. A local session cannot be archived or retrieved. These actions are possible as soon as the local session is once again edited as single-user project. Working with external tools is not possible in the local session. Changes by external tools in local sessions are lost after the local session is checked in and refreshed. External tools that make changes to the file structure of a multiuser project may only be used in the server project view. Changing of user-defined documentation is not possible in the local session. Changes to existing user-defined documentation are lost after the local session is checked in and refreshed. Changing of user-defined documentation is only possible in the server project view. WinCC Advanced V14 System Manual, 10/2016 7243 Using Team Engineering 15.3 Using Multiuser Engineering Note Renaming objects in local sessions Objects should be renamed only in the server project view, since this does not cause any inconsistencies in the server project. When renaming objects in the local session, you must ensure that all objects affected by the renaming and their places of use are also marked and checked in the server project. Otherwise, you get compiling errors and an inconsistent server project due to partial renaming. Before checking the places of use of the renamed object, you should be careful not to create conflicts (red flags) when marking and you should not mark any outdated objects; otherwise, you will overwrite the work of another user when checking in. Note Editing library objects in local sessions Library objects should be edited only in the server project view, since this does not cause any inconsistencies in the server project. With version changes to library objects in the local session, for example, when you create new versions of type instance objects, you must ensure that all relevant objects have been marked with a version change and checked into the server project. Otherwise, you get compiling errors and an inconsistent server project from creating new versions. Note You can find detailed instructions on working with local sessions in the sections below. See also Displaying usage info for marked objects (Page 7248) Unmarking objects (Page 7247) Check-in objects to the server project (Page 7251) Possible conflicts during check-in (Page 7254) Possible error messages during check-in (Page 7257) 7244 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Marking objects for editing Introduction For objects to be edited in Multiuser Engineering at the same time, each editor must mark the objects they want to edit in their local session. You can mark objects within the local session as follows: With the shortcut menu command "Mark objects for check-in". By clicking the displayed flags in the project tree and in the individual editors of the TIA Portal. In this version of the TIA Portal, edited objects are only marked automatically when objects are deleted. For marking of objects, multiple selections are also possible via the shortcut menu. A prerequisite for the marking is that the selection includes at least one object that can be marked. If the multiple selection does not include an object that can be marked, the shortcut menu commands are possibly not active. Rules for marking objects The following rules apply to marking: The markings and the marking column in the project tree and in the individual editors are only displayed in the context of Multiuser Engineering. Objects that can be marked are identified by a gray flag in the project tree and in the editors. You can only mark objects that can be edited with Multiuser Engineering. If an object does not have a gray flag in front of it, this object cannot be marked and it should not be edited in the local session as the changes cannot be checked into the server project. Such objects that cannot be marked should be edited in the server project view. Some higher-level directories cannot be marked themselves, but the individual objects in the folder can be marked. Example: "PLC tag table": The PLC tag table itself cannot be marked, but the individual tags in the open tag table can be marked. You mark them by clicking the gray flag or with the shortcut menu. The flag is shown in color as soon as an object has been marked. The color of the flags provides additional information about the marking: Icon Meaning Object can be marked for check-in. Object is marked in own local session. Object is marked in a different local session that is part of the same multiuser server project. Conflict: The object was marked in multiple sessions simultaneously. WinCC Advanced V14 System Manual, 10/2016 7245 Using Team Engineering 15.3 Using Multiuser Engineering Note Changes to objects that are not marked Changes to objects that are not marked in the local session are possible but cannot be applied to the server project. These changes are lost after update of the local session, because they are once again overwritten with the contents of the server project. As soon as you want to edit an object that is not marked, a banner text is displayed in the open editor. This banner text contains information on the further procedure. Procedure for marking objects To mark objects in a local session, follow these steps: 1. Open the required local session and click on the displayed gray flag to mark an object for check-in. 2. Alternatively, you can select the required object and mark it with the shortcut menu command "Mark object for check-in". 3. Mark all objects in your local session that you currently want to edit. You can make multiple selections for marking. After marking, you can edit and save the objects as usual. Note Multiple selections Once > = 50 objects are selected in the local session, both shortcut menu commands are active simultaneously: the command for marking the objects as well as the command for unmarking. Result The marked objects are displayed with a blue or red flag. If a blue flag is displayed, the object can be edited in the local session. If a red flag is displayed, you have a conflict that has to be resolved through coordination with the other editors. Note Markings with conflict (red flag) A marking conflict must be resolved by agreement of the editors, and a sequence for editing the marked objects must be specified. To solve the conflict, one editor must unmark the objects. 7246 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering See also Introduction to working in local sessions (Page 7242) Unmarking objects (Page 7247) Displaying usage info for marked objects (Page 7248) Unmarking objects Introduction For objects to be edited in Multiuser Engineering at the same time, each editor must mark the objects they want to edit in their local session. The objects marked for check-in can also be unmarked. This is necessary primarily in a conflict (indicated by a red flag) in which multiple editors have marked the same object for check-in in their respective local session. Note Markings with conflict (red flag) A marking conflict must be resolved by agreement of the editors, and a sequence for editing the marked objects must be specified. To solve the conflict, one editor must unmark the objects. Procedure To unmark objects in a local session, follow these steps: 1. Open the local session and click on the displayed blue or red flag to unmark an object. 2. Alternatively, you can also select the required object and delete the marking with the shortcut menu command "Unmark". Result The objects that are no longer marked and objects marked as conflict are displayed as follows: Icon before Action Icon after Unmark Unmark See also Introduction to working in local sessions (Page 7242) Marking objects for editing (Page 7245) Displaying usage info for marked objects (Page 7248) WinCC Advanced V14 System Manual, 10/2016 7247 Using Team Engineering 15.3 Using Multiuser Engineering Displaying usage info for marked objects Introduction For objects to be edited in Multiuser Engineering at the same time, each editor must mark the objects they want to edit in their local session. To avoid multiple marking of objects and any marking conflicts caused by it, you receive the following information for marked objects: User: Indicates who has marked the object Computer: Indicates on which computer the object was marked. Storage location: Indicates where the object was marked: in a local session or in the server project view. This information helps you coordinate the further procedure for marked objects or objects that are marked with a conflict with the other users. Show usage info To display the usage info for marked objects, follow these steps: 1. Select a yellow or red marked object in your local session or in the server project view. 2. Call the "Usage info" command from the shortcut menu. Result The "Usage info" dialog box opens and displays the above-mentioned information for the marked object. Note Markings with conflict (red flag) A marking conflict must be resolved by agreement of the editors, and a sequence for editing the marked objects must be specified. To solve the conflict, one editor must unmark the objects. See also Multiuser icons in the user interface (Page 7159) Introduction to working in local sessions (Page 7242) Marking objects for editing (Page 7245) Unmarking objects (Page 7247) 7248 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Refresh local session Introduction For objects to be edited in Multiuser Engineering at the same time, each editor must mark the objects they want to edit in their local session. Objects are labeled as "outdated" when their version is newer in the server project than in the local session. You can refresh these objects in the local session by clicking the "Refresh local session" icon in the multiuser toolbar. Other users may have created new objects or deleted objects in the server project that are not yet displayed in your local session. These new objects are also displayed in your local session after a refresh. The contents of "outdated" objects in the local session are overwritten with the more recent contents of the server project during the refresh. Note Refresh local session The button to refresh the local session only opens the "Refresh" view if there are objects to be updated in your local session which are available in a newer version in the server project. During the refresh, all changes to unmarked objects in your local session are overwritten with the contents of the server project. The marked objects remain unchanged. You can undo the refresh of the local session if required by clicking the "Restore" button. Your local session will then be restored with the contents prior to the refresh. Refresh procedure To refresh objects in a local session, follow these steps: 1. Open the local session that contains the objects that are to be updated. 2. Click the "Refresh local session" button in the multiuser toolbar. The multiuser editor opens in the refresh view and shows all objects marked in your local session. The objects you have marked are not overwritten during the refresh. Only unmarked objects are overwritten with the contents of the server project. 3. Click the "Start refresh" button to start the refresh. You are kept up-to-date on the progress of the refresh. You will receive an error message if an error occurs. 4. You receive the message that the refresh was completed successfully. Click "OK". Result All unmarked objects in your local session were refreshed. The objects marked in your local session were not synchronized with the server version. WinCC Advanced V14 System Manual, 10/2016 7249 Using Team Engineering 15.3 Using Multiuser Engineering Note Online/offline differences after the refresh After loading to the device, the online information on the loaded objects is stored in the local session in the TIA Portal. This enables a comparison between the online and offline version. However, because this online information is not checked in on the server, this information is no longer available in the local session after a refresh. If you then work online on the device after the refresh, the TIA Portal cannot perform a comparison because of missing information. The objects are displayed with online/offline differences although the contents of the objects are identical. To correct this, perform a new complete download to the device after a refresh of the local session. Restoring the local session after the refresh Introduction Unmarked objects which have a newer version in the server project can be updated in the local session. The unmarked objects in the local session are overwritten with the more recent contents of the server project during the refresh. You can undo the refresh of the local session if required. To do this, click the "Restore" button in the multiuser editor after the refresh. Your local session will then be restored with the contents prior to the refresh. Note "Restore" button The "Restore" button is only active after a refresh has been performed as long as a restore of the contents of the local session with the last version is possible. The "Restore" button is inactive if no restore of the local session can be performed, for example because no refresh was performed. Closing and opening the editor has no impact on the "Restore" button. If a refresh is available that can be undone, the button is still active even if you close the editor and open it again. 7250 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Procedure to restore the local session To restore the local session after the refresh, follow these steps: 1. Open the local session for which you have performed a refresh, if you have closed this in the meantime. Start with step 3 if the refresh view is still open. 2. Click the "Refresh local session" button in the multiuser toolbar to open the multiuser editor in the refresh view. 3. Click the "Restore" button to restore the version of the local session before the last refresh. 4. In the next dialog box, click "Yes" to answer the prompt. 5. When errors occur, you receive an error message that you have to acknowledge. 6. When the restore is successfully completed, you receive a message. Click "OK". Result Your local session was successfully restored with the version before the last refresh. See also Introduction to working in local sessions (Page 7242) Check-in objects to the server project Introduction After editing marked objects in the local session, you can check the changes into the server project. The following rules apply to check-in: Only changes to marked objects are applied during check-in to the server project. If you have edited unmarked objects or objects that cannot be marked in the local session, these changes are not applied during check-in. During the refresh of your local session after check-in, changes to unmarked objects and objects that cannot be marked are overwritten with the contents of the server project. When deleting unmarked objects in the local session, these objects are once again present in your local session after the refresh. Because these objects still exist in the server project, they are once again added to the local session. You will receive an error message with additional information if an error occurs during checkin. Correct the errors that occurred as specified, either in your local session or in the server project view. Then start the check-in process again. During check-in and editing of objects in the server project view, the respective user works exclusively on the multiuser server. The server is therefore locked for all other users. The server status is shown as "not available" in the toolbar during exclusive editing. You can nevertheless create a new local session and refresh local sessions. WinCC Advanced V14 System Manual, 10/2016 7251 Using Team Engineering 15.3 Using Multiuser Engineering Options for the check-in Compile You have the option to compile the changes made in the local session before check-in. Note Options displayed for the compilation during check-in The options displayed for the compilation during the check-in depend on the settings made in the TIA Portal under "Options > Settings > Multiuser" for "Compilation settings" . The compiling options may be deactivated in the multiuser editor based on these settings. Compile mode The compile mode defines the extent to which the software changes are compiled. You can select the following options from the drop-down list: Marked objects (changes only) The changes made to the marked objects for the selected device are compiled together with the device-specific objects. Device software (changes only) The changes made to the marked objects are compiled together with the software version on the assigned devices. Example: You have marked and changed several objects that belong to more than one device (for example to CPU_1 and to CPU_2). These marked objects are compiled together with the software versions of both CPUs during compiling. Display server project view When you enable this option, you have the possibility before check-in to again display your changes to the marked objects in the server project view together with the current contents of the server project. You can mark and edit all objects in the server project view and unmark them. After this, you can either save your changes in the server project or discard your changes and exit the server project view without further action. Requirement The connection to the multiuser server exists and the server is available. You have marked the objects edited in the local session for check-in. Procedure for check-in of changes To check-in the changes from the local session to the server project, follow these steps: 1. Open the local session that you want to check in. 2. Click the "Check-in" button in the multiuser toolbar. The multiuser editor opens in the "check-in" view and shows all objects marked in the local session that are applied to the server project during check-in. 3. Open the displayed folders and check the objects displayed and marked for check-in. 7252 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering 4. Select the preferred options for check-in. - "Compile": Select the required setting from the drop-down list. - "Open server project view": When you click this options, the server project view is opened in the project tree prior to check-in. 5. Click "Start check-in" after reviewing to check the displayed objects into the multiuser server project. - If you have opened the server project view, you can check in your changes with the "Save changes" button. If you click "Discard changes", your changes are not applied in the server project. - If you want to keep the marking in the local session even after the check-in, you must select the option "Keep markings for objects". - If you have marked and checked in only some of your changes, you should perform no refresh to retain your changes to the unmarked objects. 6. If check-in was successful, you receive a message to this effect. 7. If check-in was unsuccessful and aborted due to errors, you receive a corresponding error message. Correct the specified errors in your local session or in the server project view. Then start the check-in process again. Result Your local session is refreshed and opened with the contents of the server project after successful check-in. The local session will include all changes after the refresh that have been checked in in the server project in the meantime. If new objects were added to the server project, these objects are now also visible in your local session. If objects were deleted in the server project, these objects now no longer exist in your local session. Your markings in the local session are automatically deleted if you have not selected the option "Keep marking for objects". The server connection is released once again after check-in. The server status changes in the display within the toolbar from "busy" to "available". See also Possible conflicts during check-in (Page 7254) Possible error messages during check-in (Page 7257) Introduction to working in local sessions (Page 7242) Introduction to working in the server project view (Page 7260) Editing objects in the server project view (Page 7263) WinCC Advanced V14 System Manual, 10/2016 7253 Using Team Engineering 15.3 Using Multiuser Engineering Possible conflicts during check-in Introduction Errors can occur during check-in of changes from the local session to the associated multiuser server project that may prevent successful check-in. The error constellations listed below can be easily avoided through coordination between editors and by observing the recommended procedures. Possible naming conflicts during check-in Naming conflicts during check-in arise when identical names are used for different objects in different local sessions. Example: Editor 1 creates the tag "Motor_1" in their local session. Editor 2 also creates a tag "Motor_1" in their local session. Result: Editor 1 can check in their changes without errors. Editor 2 cannot check in their changes. When they want to check in their changes they receive an error message due to a naming conflict and the check-in is aborted. The error must be removed in the local session. Possible conflicts when creating devices in the local session If an editor adds new devices with marked objects in a local session, for example, a new CPU with blocks, the result will be a conflict during check-in. Example: Editor 1 creates a new CPU with two function blocks in their local session. Editor 1 marks the blocks appropriately before editing them. Result: Editor 1 receives an error message during check-in because the newly created CPU cannot be found in the server project. The transfer of devices is currently not supported in Multiuser Engineering. Check-in is aborted in this case and the server project view opens. Editor 1 can copy their newly created objects directly to the server project. This means the editing work is not lost. Possible conflicts when renaming objects in the local session Objects should be renamed only in the server project view, since this does not cause any inconsistencies in the server project. When renaming objects in the local session, you must ensure that all objects affected by the renaming and their places of use are also marked and checked in the server project. Otherwise, you get compiling errors and an inconsistent server project due to partial renaming. 7254 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Before checking the places of use of the renamed object, you should be careful not to create conflicts (red flags) when marking and you should not mark any outdated objects; otherwise, you will overwrite the work of another user when checking in. Possible conflicts when changing the device type in the local session If a device type is changed in a local session, e.g. a "CPU_1" of the type S7-15xx is replaced or renamed, the objects marked in the "old" CPU may no longer be displayed in the local session. Possible conflicts when deleting devices in the server project If devices with included objects are deleted in the server project, it may result in a transfer error. Example: Editor 1 works in their local session on marked objects that are part of "CPU_1". In the meantime, editor 2 deletes "CPU_1" in their server project view and saves the changes in the server project. Result: Editor 1 receives an error message during check-in because "CPU_1" no longer exists in the server project. In this case, editor 1 can add their edited objects in the server project view. The editor either copies "CPU_1" completely to the server project or they add the edited blocks to an existing CPU in the server project. Possible scenarios during check-in of objects that are deleted in the server project When you check in objects that are already deleted in the server project, these objects are recreated. Example: User 1 edits the marked tag "Tag_1" in their local session that is part of a group that includes a tag table with multiple tags. User 2 deletes this group with its entire tag table in the server project view and saves the changes in the server project. Result: User 1 ignores the display that "Tag_1" is outdated, continues working on it and checks in the changes. The group with the tag table is created once again in the server project, but it now only includes the tag "Tag_1". Renaming objects You should avoid renaming objects in the local session as it results in naming conflicts during check-in. If objects must be renamed, they should be renamed directly in the server project view. Any local session with marked objects that is associated with this server project must not be present at the same time. WinCC Advanced V14 System Manual, 10/2016 7255 Using Team Engineering 15.3 Using Multiuser Engineering Possible name conflicts when checking in deleted but not marked objects In the change view, you can also adapt the markings for the displayed objects. If the marking of a deleted object is removed in the change view and this object still has a name conflict with another object in the server project, the check-in cannot be performed. Without the marking, the information about the deletion of the object cannot be transferred to the server. Therefore, an identical name for an object created or renamed in the local session is still occupied by the previous object. During check-in, this results in a critical transfer error that must be corrected in the local session. Example: User 1 deletes the text list "TL_1" in his local session. The deleted text list is automatically marked and thereby transferred at the next check-in on the server. User 1 accidentally deletes the marking for deleted text list "TL_1" before check-in in the change editor. Removing the marking means that the information about the deletion of the text list "TL_1" in the local session is not transferred to the server project. The text list "TL_1" still exists in the server project. User 1 now creates a new text list, also named "TL_1", in the local session. The user marks this newly created text list and wants to check it into the server project. Result: Since the original text list "TL_1" is still present in the server project, however, the newly created text list "TL_1" in the local session causes a critical transfer error during check-in. The error must be corrected in the local session by renaming the newly created "TL_1", for example, to "TL_1_new". After this, the check-in can be performed by updating the local session. After the update, both text lists are again available in the local session and User 1 can delete the unneeded text list "TL_1" and check in the change. Different project languages in server project and local session If a project language is changed in a local session, these changes are lost in the local session after check-in and after refresh. If a project language is subsequently deleted in the server project view, this project language no longer exists in the server project. Changes to the project languages should always be made only directly in the server project view. Note that no local sessions with marking to this server project were edited or opened. See also Introduction to working in local sessions (Page 7242) Opening and closing the server project view (Page 7262) 7256 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Possible error messages during check-in Introduction The following described error messages can occur during check-in of marked changes from the local session to the multiuser server project : Transfer error Compilation error The procedure for dealing with these error messages is described below. Transfer error The following actions are automatically executed when transfer errors occur during check-in: An error message will inform you about the type of error that has occurred and the next steps. After acknowledgment, this message is closed. In the case of a critical transfer error, the status prior to check-in is restored in the local session as well as in the server project. Changes are not lost. Correct the error in your local session. If the transfer error can be corrected in the server project view, the server project view is opened. Correct the error in the server project view. The faulty objects are displayed and identified in the multiuser editor in the "Check-in" view. The multiuser server locked for check-in is released once again if the errors are corrected in the local session. The multiuser server remains locked in the server project view during error correction. Note that no other user can check in their changes during this time period. Correcting transfer errors After occurrence of a transfer error, you have the following options for the action to take: 1. Correct the errors in your local session or in the server project view. 2. Then start the check-in process again so that an error-free project can be checked in. WinCC Advanced V14 System Manual, 10/2016 7257 Using Team Engineering 15.3 Using Multiuser Engineering Compilation error If the option "Compile" is selected during check-in, a compilation process takes place after transfer of the marked changes to the server project with the selected option. The following compile modes are available: Marked objects (changes only) The changes made to the marked objects for the selected device are compiled together with the device-local objects. Device software (changes only) The changes made to the marked objects are compiled together with the software version on the assigned devices. Note Options displayed for the compilation during check-in The options for compiling that are displayed during check-in are dependent on the settings made in the TIA Portal under "Options > Settings > Multiuser" in "Compilation settings" . The compiling options may be deactivated in the multiuser editor due to these settings. If the compiling process is completed successfully, the changes from the local session are automatically transferred to the server project. The following actions are taken when a compilation error occurs: The progress indicator for check-in is closed, and the check-in is stopped. The faulty objects are displayed and identified in the multiuser editor in the "Check-in" view. The multiuser server remains locked in the server project view during error correction. Note that no other user can check in their changes during this time period. Correcting compilation errors After occurrence of a compilation error, you have the following options for the action to take: 1. Correct the indicated errors in your local session or in the server project view. 2. Then start the check-in with compilation again so that an error-free project can be checked in. Ignoring compilation errors You also have the option of ignoring the indicated compilation errors and checking in a project with errors. NOTICE Check-in with compilation errors This action is possible but not recommended! To enable efficient work to continue for all editors involved, you should check in only errorfree projects on the multiuser server whenever possible. 7258 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering See also Introduction to working in local sessions (Page 7242) Deleting objects in the local session Introduction When working with Multiuser Engineering , you can delete objects in the local session. The following rules apply to deleting objects: Deleted objects are no longer displayed in the local session. The "Undo" function can be use to undo the "Delete" action in the local session. Deleted objects are automatically marked by the system and displayed in the "Deleted objects" folder. If you unmark a deleted an object in the multiuser editor, the deleted object is not checkedin in the server project. This means that the deleted object is not deleted in the server project. The now deleted but not checked-in object is only displayed after the next refresh. When deleting unmarked objects in the local session, these objects are once again present in your local session after the refresh. Only marked objects are transferred during checkin. Since the deleted objects could not be marked, the deletion is not applied in the server project. During the next refresh of the local session, these objects are once again added to the local session. Requirement The connection to the multiuser server exists and the server is available. Procedure for deleting objects To delete object in the local session, follow these steps: 1. Open the required local session. 2. Delete the requested marked object or delete an unmarked but markable object. 3. Click the "Check-in" button in the multiuser toolbar. The multiuser editor opens in the "check-in" view and shows all objects marked in the local session that are applied to the server project during check-in. The objects deleted in the local session are displayed in the "Deleted objects" folder. 4. Check the objects displayed and marked for deletion. You can unmark any objects that are already marked if you do not want to delete them after all. WinCC Advanced V14 System Manual, 10/2016 7259 Using Team Engineering 15.3 Using Multiuser Engineering 5. Select the preferred options for check-in: - "Compile": When you click this option, your changes are compiled with the option "Software, changes only" prior to check-in. This means that the software changes you have made are compiled with all their dependent objects in the server project. - "Open server project view": When you click this options, the server project view is opened in the project tree prior to check-in. The server project view shows you in advance the content of the current server project with your changes marked for checkin. You can mark and edit all objects in the server project view and unmark them. 6. Click the "Check-in" button to check in the displayed objects into the multiuser server project. If you want to keep the markings in the local session even after check-in, you must select the option "Keep markings". 7. If check-in was unsuccessful and aborted due to errors, you will receive the corresponding error messages. Correct the errors in your local session or in the server project view. Then start the check-in process again. Result Your local session is refreshed and opened with the contents of the server project after successful check-in. The local session will include all changes after the refresh that have been checked in in the server project in the meantime. If new objects were added to the server project, these objects are now also visible in your local session. The objects deleted in the server project, now no longer exist in your local session. Your markings in the local session are automatically deleted if you have not selected the option "Keep objects marked". The server connection is released once again after check-in. The server status changes in the display within the toolbar from "busy" to "available". 15.3.15 Working in the server project view 15.3.15.1 Introduction to working in the server project view Introduction In Multiuser Engineering , you have the option of working directly in the server project view in addition to working in local sessions. The server project view can be opened for editing with the icon in the multiuser toolbar. 7260 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Structure of the server project view The server project view shows the current content of the server project in the project tree below the local session against a yellow background. The figure below shows an example of a multiuser project opened in the server project view: Actions in the server project view You can perform the following actions in the server project view: The server project view lets you work directly in the server project. All existing objects can be edited in the server project view, even those that could not be edited in the local session. In the server project view you can work with the functionality of Inter Project Engineering (IPE) and exchange data between CPU and HMI via a PLC proxy. Shared working on one CPU is also supported during shared commissioning. WinCC Advanced V14 System Manual, 10/2016 7261 Using Team Engineering 15.3 Using Multiuser Engineering Blocks or larger program parts from a CPU should only be uploaded in the server project view. You can also make changes to the configuration with the help of external tools in the server project view. This function is not supported when working in the local sessions. Changes to user-defined documentation, such as adding new user texts, should only be made in the server project view. The objects that are to be edited must also be marked for editing in the server project view so that other editors see that these objects are being changed. You can save or discard the changes made in the server project view with the "Save changes" and "Discard changes" buttons. Any changes you have made will be saved directly in the server project with the save step. Note Restrictions when working in the server project view The following conditions apply as soon as the server project view is open: The local session is locked to prevent editing. The server is locked for the other editors. The icon for the server status is shown in yellow in the toolbar. See also Opening and closing the server project view (Page 7262) Editing objects in the server project view (Page 7263) 15.3.15.2 Opening and closing the server project view Introduction The server project view lets you edit all objects that are available in the server project. You have the following options to open the server project view: Using the icon in the multiuser toolbar Using the link displayed in the banner texts Using the button in the multiuser editor in the "Check-in" view You will receive a message if the server project view cannot be opened because the server is currently in use by another editor and locked. Displayed contents in the server project view The server project view always shows the latest version of the multiuser server project. 7262 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering If the server project view is opened in the "Check-in" view in the multiuser editor, it also shows the changes made in the local session in addition to the current content of the server project. This means it offers a preview of how the server project will look after check-in of the changes made in the local session. Opening the server project view To open the server project view, follow these steps: 1. Open the required local session. 2. In the multiuser toolbar, click the "Open/close server project view" icon. Or you can click "Check-in" in the multiuser toolbar and then click "Open server project view before check-in" in the multiuser editor that opens. Alternatively, you can also click on the link in a displayed banner text. Closing the server project view To close the server project view, follow these steps: 1. In the multiuser toolbar, click the "Open/close server project view" icon once again. 2. If you have made changes in the server project view, you will be prompted as to whether you want to save or discard the changes. 3. Click "Yes" to save your changes or "No" to discard them. Alternatively, you can click on the corresponding button in the server project view before you close it to save or discard your changes. Result The server project view is closed. The local session is opened once again for editing. The server is released again; the server status is displayed in green. See also Introduction to working in the server project view (Page 7260) Editing objects in the server project view (Page 7263) 15.3.15.3 Editing objects in the server project view Introduction In the context of Multiuser Engineering you can also edit objects directly in the server project view . The server project view lets you edit all objects in the server project view, even those that must not be edited in the local session. WinCC Advanced V14 System Manual, 10/2016 7263 Using Team Engineering 15.3 Using Multiuser Engineering Working in the server project view is an exclusive working directly in the multiuser server project. The multiuser server is locked for other editors while you are working in the server project view. The associated local session cannot be edited during the working in the server project view. You also have to mark the objects you want to edit in the server project view. This enables you to ensure that other editors in your local session can see that you are currently editing these objects. Marking conflicts can hereby be avoided. Note Marking of identical objects in the local session and in the server project view Keep in mind that a marking conflict is displayed with red flag if you mark an object more than once, even if both markings belong to the same editor. Editing objects in the server project view You can, for example, perform the following actions in the server project view: Adding new objects that did not exist previously in the server project. Add or change hardware configuration and connections. Perform version changes on the instructions used. Working with Inter Project Engineering (IPE). Editing all objects regardless of whether these are marked or not. Renaming, moving and deleting objects. Establishing an online connection to a CPU and downloading or uploading objects. Executing all functions of the TIA Portal supported by Multiuser Engineering. Procedure for editing objects in the server project view To edit objects in the server project view, follow these steps: 1. Open the required local session. 2. In the multiuser toolbar, click the "Open/close server project view" icon. The server project view is then shown against a yellow background below the local session in the project tree. The server project view is closed again the next time you click this icon. 3. Mark the objects you want to edit in the server project view by clicking on the flag in front of them. Alternatively, you can also edit unmarked objects in the server project view. 4. Make your required changes. 5. Save your changes by clicking the "Save changes" button. If you do not want to apply your changes to the server project, click "Discard changes". 7264 WinCC Advanced V14 System Manual, 10/2016 Using Team Engineering 15.3 Using Multiuser Engineering Result The changes made in the server project view are saved in the server project. The server project view is closed and the local session is once again released for editing. The markings are removed in the server project view. The local session is not automatically refreshed with the new contents of the server project. See also Introduction to working in the server project view (Page 7260) Opening and closing the server project view (Page 7262) 15.3.15.4 Renaming objects in the server project view Introduction When you work with Multiuser Engineering , object can be renamed. Rules for renaming objects The following rules apply to renaming objects: You should avoid renaming objects in the local session as it can lead to naming conflicts during check-in. The renaming of objects should always be performed in the server project view. When objects are renamed in the server project view, the objects to be renamed must have no markings within local sessions. Name conflicts may occur due to the renaming. During renaming in the project, make sure that you do not again use an already used name. To avoid unintended references of objects, conflicts that occur during renaming are not automatically corrected. The renaming of devices does not create any conflicts for objects within a device, as devices are not identified by their name but by their ID. However the renaming of devices may create conflicts with any existing references between devices (PLC and HMI). After objects have been renamed, the other editors should refresh their local sessions. Requirement The connection to the multiuser server exists and the server is available. No other local session to this server project is open. WinCC Advanced V14 System Manual, 10/2016 7265 Using Team Engineering 15.3 Using Multiuser Engineering Renaming objects To rename objects in the server project view: 1. Open the required local session. 2. In the multiuser toolbar, click the "Open/close server project view" icon. The server project view is then shown against a yellow background below the local session in the project tree. The server project view is closed again the next time you click this icon. 3. Mark the required objects in the server project view and rename these. 4. Click the "Save changes" button to apply the changes in the multiuser server project. Result The changes made in the server project view are saved in the server project. The server project view is closed and the local session is once again released for editing. The markings are removed in the server project view. The local session is not automatically refreshed with the new contents of the server project. 7266 WinCC Advanced V14 System Manual, 10/2016 Index .Net versions, 56 -, 4749 " "Change color reference" dialog, 6243 "Transition/Interlock view" PLC code view, 6091 "WWW" instruction, 1049 # #, 4531 & &, 4757, 4758 ( (), 4758 * *, 4749 **, 4749 *.bmp, 5067 *.cer, 862 *.dat, 862 *.emf, 5067 *.gif, 5067 *.ico, 5067 *.jpeg, 5067 *.jpg, 5067 *.p12, 862 *.tif, 5067 *.wmf, 5067 . .Net control Add, 5064 Remove, 5065 .Net service packs, 56 WinCC Advanced V14 System Manual, 10/2016 / /, 4749 : :=, 4758, 4759 :P, 951 { {"Restore operation";"License key"}, 138 + +, 4749 < <, 4752 <=, 4752 <>, 4752, 4758 = =, 4752 ==, 4758 > >, 4752 >=, 4752 3 32-bit down counter, 1793 3DES, 839 A AB, 4596 Ability to read back connection parameters, 628 ABS, 2568, 2878, 3113 7267 Index Absolute Addressing of a tag, 5309 Absolute value, 2568, 2878, 3113 Access HMI tag, 5707 Local tag, 5707 Access control, 1328 Automatic learning, 1328 Access Point, 6002, 6041 Overlapping channels, Overview, Access protection, 5686 Access protection level 1, 7040 Access protection level 2, 7040 Advantages, 7040 Alarm view, 5237 Configuring, 5690 Factory state, 7039 User administration, 5684 Validity, 7039 Access to operands, 2011, 2012, 2013, 2015, 2016, 2017, 2019, 2168, 2174, 2177, 2182 Accessible devices, 1689 Accuracy, 2108 ACK Key, 6279, 6344 Acknowledge, 5404, 5998 Key, 6279, 6344 Acknowledge alarm Alarm group, 5410 AcknowledgeAlarm, 5941 Acknowledgment, 5408 Configuring, 5452, 5453, 5455 Acknowledgment concept Alarm with simple acknowledgment, 5410 Alarm without acknowledgment, 5410 Acknowledgment group Text, 6249, 6286 Acknowledgment model, 5410 ACL, 1328 ACOS, 2586, 2895, 3128 Acquisition cycle Tag, 5331, 5347, 5361 Acquisition mode Tag, 5331 ACT_TINT, 3654 Actions Basics of redoing actions, 344 Basics of undoing, 344 Redoing, 347 Undoing, 346 7268 activate, 5991 Project language, ActivateCleanScreen, 5970 ActivatePLCCodeView, 5898 ActivatePreviousScreen, 5788 ActivateScreen, 5785 ActivateScreenByNumber, 5787 ActivateSystemDiagnosticsView, 5907 Activating Font size adjustment, 5013 Active bus module (ET 200M), 1877 Active nodes, 843 ActiveX control Add, 5064 Remove, 5065 Acyclic triggers, 6047 AD, 4596 Adapting Connection name, 7135 Adapting a project For a different HMI device, 6269, 6331 Add, 2558, 2868 .Net control, 5064 ActiveX control, 5064 Graphic to graphics library, 6185 Objects to the group, 5074 Add empty line, 6702 Add separator line, 6702 Adding Adding timers with T_ADD, 3302 Additional field devices (PROFIBUS and PROFINET), 1653, 1699 Add-on Installing, 132 Removing, 132 Add-ons of third parties, 6356 address conversion Instructions for, 3867 Address multiplexing with absolute addresses, 5334 with symbolic addresses, 5335 Address overview, 567 Address packing, 1644 Address range, 808 Changing, 1022 Address register, 2029 Addresses Assigning, 1024 Determining a module with GEO_LOG, 3880 Interrupt with packed, 1650 Pack, 1644 Read station address with GetStationInfo, 3761 WinCC Advanced V14 System Manual, 10/2016 Index Reading out the MAC address with GetStationInfo, 3761 Unpack, 1644 Addressing, 951 Addressing tags indirectly, 5344, 5345 Changing, 1022 General, 1021 Multiplexing, 5344 Addressing operands, 2011, 2012, 2013, 2015, 2016, 2017, 2019, 2021, 2022, 2023, 2024, 2028, 2029, 2168, 2174, 2177, 2182 AdjustContrast, 5869 Administrator, 768 Advanced Encryption Algorithm, 713 Advanced Encryption Standard (AES), 839 Advanced mode Global firewall rules, 780 Advanced offline/online comparison Automatic device assignment, 709 Advanced recipe view, 5569, 5579 AES, 713, 839 AES-128, 833 Aggressive mode, 838 Aging time, 1332, 1334 Alarm acknowledge, 5477, 5479 Calling the infotext, 5480 Components, 5412 Configuring, 5422, 5433 Displaying, 5239, 5242 Editing, 5477 Event, 5489 Exporting, 6142 Importing, 6143 In Runtime, 5470, 5472 Sequence is not adhered to, 5729 System function, 5488 Alarm buffer, 5461 In Runtime, 5471, 5473 Memory size, 5461 Alarm buffer overflow, 5461, 5998 Alarm class, 5412 Diagnostics, 5442 Identifying, 5245 In Runtime, 5471, 5473 Layout, 5475, 5478 Alarm classes, 5405, 5406 Colors, 5238, 5245, 6249, 6286 Common, 5407 Custom, 5405, 5407 Name change through migration, 216 WinCC Advanced V14 System Manual, 10/2016 Predefined, 5405, 5407 Use, 5405, 5407 Alarm event Acknowledge, 5404 Incoming, 5404 Outgoing, 5404 Alarm group, 5411, 5413 Acknowledge alarm, 5410 Configuring, 5420 Creating, 5420 Migration, 215 Alarm indicator, 5249, 5436, 5480 Alarm classes, 5249 Application, 5480 Configuring, 5445 Events, 5249 In Runtime, 5472, 5474 Layout, 5249, 5480 Operation, 5480 Operation using the mouse, 5481 Alarm line, 5236, 5242 Alarm log, 5455, 5529 Configuring, 5458 Configuring an alarm view, 5449 Creating, 5456, 5458 Displaying contents, 5449 In Runtime, 5473 Migrating, 222 Naming conventions, 5534 Alarm logging, 5396 Alarm number, 5411, 5412 Alarm report Layout in reports, 5644 Use in reports, 5644 Alarm status, 5412 Acknowledged, 5404 Incoming, 5404 Outgoing, 5404 Alarm system, 5395 Alarm text, 5413 Formatting, 5425 Removing format settings, 5426 Alarm types, 5398, 5399 Alarm view, 5239, 5242, 5246, 5436, 5474, 5479 ~ configuring for logged alarms, 5444, 5460 Access protection, 5237 Alarm line, 5242 Alarm text window, 5479 Application, 5474 Column, 5241, 5244 Column headers, 5239 Column sequence, 5238 7269 Index Configuring, 5438 Configuring the display of S7 diagnostic alarms, 5442 Configuring the layout, 5441 Define columns, 5237 Define display area, 5239 Enable sorting, 5244 Filter alarms, 5238 Filter display, 5447 Identify alarm classes, 5238 Identifying an alarm class, 5245 Layout, 5240, 5475, 5478 Operation, 5475, 5479 Operation using the keyboard, 5476 Operation using the mouse, 5476 Operator control, 5241, 5243, 5475 Operator controls, 5237 Select alarm classes, 5237 Sorting, 5238 Alarm window, 5436, 5474 Application, 5474 Configuring, 5444 In Runtime, 5472, 5474 Operation, 5475 Operation using the keyboard, 5476 Operation using the mouse, 5476 Operator control, 5475 Alarm with simple acknowledgment, 5410 Alarm without acknowledgment, 5410 Alarms Output of a tag value, 5426 Output of texts from a text list, 5427 AlarmViewAcknowledgeAlarm, 5940 AlarmViewEditAlarm, 5939 AlarmViewShowOperatorNotes, 5940 AlarmViewUpdate, 5938 Align Object flush, 5036, 5634 Allen-Bradley DF1 Migrating data types, 231 Allen-Bradley DH485 Migrating data types, 231 Allen-Bradley Ethernet IP Migrating data types, 232 Alphanumeric key assignment, 6279, 6344 ALT Key, 6279, 6344 Analog alarm, 5399 Configuring, 5422, 5434 Analog alarm types, 5399 Analog alarms Configuring, 5413, 5414 7270 Analog module Resetting to factory settings, 1942 Analog value, 2659, 2661, 2970, 2972, 3209, 3211 Analog value processing, 2659, 2661, 2970, 2972, 3209, 3211 AND, 2697, 2745, 2746, 3008, 4757, 4758 Animation, 5110 Configuring, 5112, 5563 Diagonal movement, 5116 Direct movement, 5117 Green arrow in Overview, 5112 Horizontal movement, 5115 Multiple selection, 5125 Object group, 5122, 5123 Overview, 5112 Tag binding, 5121 Vertical movement, 5116 Antivirus programs, 117, 126 ANY, 2188 Appearance Dynamization of an object, 5113 Applet, 770 Applicant, 715 Application, 1701 Alarm indicator, 5480 Alarm view, 5474 Alarm window, 5474 Date/time field, 5640 Key switch, 5274 Recipe view, 5266, 5568, 5578 Simple alarm view, 5477 simple alarm window, 5477 Simple user view, 5197 User view, 5195 Application example Entering recipe data offline, 5611 Recipe with manual production sequence, 5612 Arccosine, 2586, 2895, 3128 ArchiveLogFile, 5821 Archiving projects, 362, 363 Arcsine, 2584, 2894, 3127 Arctangent, 3129 Arctangent value, 2587, 2897 Area of unplugged modules, 531 Area pointer Data record, 5549 Migration, 213 ARP, 912 Diagnostics, 912 Table, 912 Arrange Object in the screen, 5029 WinCC Advanced V14 System Manual, 10/2016 Index Arrangement of byte sequence, 2930, 3154 Array, 2177, 5348, 5351 Addressing, Creating, 5351 Declaration in global data blocks, Declaration in PLC data types, Declaration in the block interface, Example, Format, Indirect addressing, 5344 see ARRAY, 4533, 4560 ARRAY data block, 1965, 1968, 2013, 2016, 2121, 2621, 2624, 2626, 2629, 2932, 2934, 2936, 2939, 3156, 3158, 3160, 3163, 4486, 4551, 4555, 4587 ARRAY DB, 2121 ARRAY limits, 4762 Array tag, 5348 Article number, 541, 1179, 1450 AS interface, 1655 ASCII code table, 631 ASCII TSAP, 631 ASI_CTRL, 3557 Asian, 55 Asian characters Input on the HMI device, 6196 Interpretation, 6196 Memory requirements, 6196 Asian fonts loading to the HMI device, 6377 Asian languages Configuration, 6196 Font size, 6196 Text field length, 6196 Asian operating system, 6173 ASIN, 2584, 2894, 3127 Assembling manuals, 328 Assign a graphic to a function key, 5136 Object of a layer, 5143 Assigning a function to a function key, 5132 Function key, 5127, 5130, 5131 Assigning an IP address Basics, 1933 from the project context, 1935 Using "Accessible devices", 1934 Assigning symbol, 1024 Assigning tag, 1024 Assignment, 2442, 2752, 4759 Negate, 2444, 2753 Assignment list Defining filter, WinCC Advanced V14 System Manual, 10/2016 Delete filter, Displaying, Enabling the display of retentive bit memories, 4871 Example for displaying bit memory, 4864 Example for displaying inputs and outputs, 4864 Filter options, Filtering, Introduction, Meaning of symbols, Setting view options, Structure, 4864 Asymmetric encryption, 713 Asynchronous error event Delaying with DIS_AIRT, 3684 Disabling with DIS_IRT, 3681 Enabling with EN_AIRT, 3685 Enabling with EN_IRT, 3683 AT, 2019 ATAN, 2587, 2897, 3129 ATH, 3370 ATTACH, 957, 3631 Attacks, 991 ATTR_DB, 3853 Audit log, 857, 859 Audit Trail Checksum, 5376, 5465, 5535 Authentication, 1252, 1401, 1517 Authentication methods, 837, 838 Authorization Assignment, 5663, 5692 Changing the name, 5667 Configuring, 5683 Creating, 5661, 5690 Deleting, 5668 Managing, 5666 Autocompletion, 5704 Function, 4477 Insert tag, 4477, 4478 Inserting an instruction, 4478 Automatic Reporting, 5424 Automatic commissioning, 1689 Automatic update of the controller alarms Configuring, 5487 Automation system Local, 7074 Remote, 7074 Autonegotiation, 1688 Availability Object for Basic Panels, 5183 Object for Comfort Panel, 5186 7271 Index Object for Mobile Panels, 5189 Object for Panels, 5184 Object for WinCC Runtime Advanced, 5191 Objects for Multi Panels, 5188 Availability for specific devices Screen, 4981 Available system functions, 1129, 1413, 1417, 1420 Basic Panels, 5739, 5745 Comfort Panels, 5763 Mobile Panels, 5771 Multi Panels, 5757 Panels, 5751 WinCC Runtime, 5780 AW, 4596 AWP command, 1035, 1037 AWP_In_Variable, 1040 AWP_Out_Variable, 1038 AX, 4596 Axis and command table technology object List of ErrorIDs and ErrorInfo, 6758, 6840 B Back page Report, 5618 Back up RAM file system, 5804 Background color Dynamization, 5113 Backing up the table layout, 296 Backing up the user interface, 296 Backing up the layout in editors, 296 BACKSPACE key, 6278, 6343 Backup Deleting, 6235, 6323, 6359 Rename, 6235, 6323, 6359 Backup from online device, 6943, 6945 BackupRAMFileSystem, 5804 Bar, 5193 Color transition, 5194 Display limit lines, 5194 Bar segment Defining, 5194 BA-Send, 1821 BA-Send 1xFC, 1821 Basic mode, 4924 Basic Panel Display and operating object, 5183 Runtime start, 6266 Basic Panels Available system functions, 5739, 5745 Basics Migration, 196 7272 BCDCPL, 2743, 3054, 3296 Behavior Simple recipe view, 5558 Benefits of using TeleService, 7025 Bit (0, 1) Graphics list, 5101 Text list, 5090 Bit field Reset, 2757 Resetting, 2448 Set, 2756 Setting, 2447 Bit logic operation AND, 2745, 2746 EXCLUSIVE OR, 2749 Insert input, 2750 OR, 2747, 2748 Bit mask, 2734, 3046, 3288 Bit memories Enabling the display of retentive bit memories, 4871 Bit number (0 - 31) Graphics list, Text list, Bit selection Design analysis, 6249, 6286 Text and graphics lists, 6249, 6286 Bit string, 2136, 2137, 2138 64-bit, 2139 Bits Count, 2744, 3297 Counting, 3055 BITSUM, 2744, 3055, 3297 BLKMOV, 2643, 2953, 3192 Block, Block, 2953 Changing passwords for know-how protected blocks, 4521 Closing, 4505 Comparing, 4834 Comparing code blocks, 4831 Comparison, 4829 Compiling, 4808 Compiling in the program editor, 4812 Compiling in the project tree, 4811 Consistency check, 4808, 4876, 4881, 4882 Consistency check in the call structure, 4877 Copying, 4489, 4492 Deleting offline, 4506 Deleting online, 4506 Displaying properties, 4502 Download to device, 4821 WinCC Advanced V14 System Manual, 10/2016 Index Downloading to a memory card, 4827 Downloading to device, 4813 Downloading to device in RUN operating mode, 4817 Editing properties, 4502 Entering a comment, 4494 Entering a title, 4493 exporting to an external source file, 4510 Fill, 2613, 2648, 2923, 2959, 3148, 3198 Fill uninterruptible, 2616, 2927, 3151 Find and open, 4503 Inserting, 4489 Know-how protection, 4514 Leave, 3235 Loading blocks from device, 4826 Move, 2914, 3139, 3192 Move uninterruptible, 2611, 2646, 2921, 2956, 3146, 3195 Moving, 2604, 2643 Opening, 4503 Opening know-how protected blocks, 4519 Optimized access, 1968, 1970 Pasting, 4493 Printing know-how protected blocks, 4520 Properties, 4496 Removing copy protection, 4517 Renaming, 4505 Saving, 4504 Setting up copy protection, 4517 Time stamp, 4499 Types, 1962 Upload from device, 4813 Uploading blocks from a memory card, 4828 Using a library, 4487 Write to memory card, 4827 Block access Data block, 4566 Block call "Call by reference" or "Call by value", 1990 Basics, 1973 Calling as single instance or multi-instance, 1975 Changing, 4658, 4715 Correcting the call type, 4658, 4715 Inserting, 4655, 4712, 4788, 4790, 4791, 4792, 4793 Multi-instance, 1977 Nesting depth, 1973 Single instance, 1976 Transfer parameter as copy or as pointer, 1990 Updating, 4656, 4713, 4795 WinCC Advanced V14 System Manual, 10/2016 Block comment Hiding, 4468 Showing, 4468 Block comparison Basics, 4829 Comparing code blocks, 4831 Detailed comparison, 4836, 4837, 4838, 4842, 4845, 4848 Execute action, 396 Navigation, 4854 Synchronize scrolling, 4855 Updating comparison results, 393, 4857 Block consistency Checking, 4877 Checking in the dependency structure, 4882 Block folder, 4483 Block interface Declare STRING, 4535 Declaring ARRAY, 4533 Declaring PLC data type, 4536 Declaring STRUCT, 4534 Declaring tags, 4530, 4531, 4536 Hiding, 4467 Importing and exporting tags, 4548 Multi-instance, 4537 Purpose of variable declaration, 4522 Retentivity, 4527 Showing, 4467 Structure, 4529 Tag properties, 4541, 4543 Updating, 4548 Valid data types, 4525, 4527 Block parameters, 1987, 1988, 1990, 1993, 1995, 1996, 1997 Basics, 1015 Block interface, 4529 Block property Displaying, 4502 Editing, 4502 Function, 4495 Overview, 4496 BLOCK_DB_TO_WORD, 2434 Bookmarks Deleting, 4771 Function, 4769 Navigating, 4770 Setting, 4769 BOOL, 2136, 2201, 2249, 2335, 2354, 2401, 2412 BOOL_TO_, 2249, 2354, 2412 Borders Placeholder for document information, 412 Specifying the print area, 411 7273 Index Boundaries, 1689 Boundary reached, 5998 Box ID, 6010 Branch, 3223, 3225 Closing, 4675 Definition, 4673, 4730 Deleting, 4676, 4732 Inserting, 4674, 4731 Rules, 4674, 4731 BRCV, 4198 Bridge priority, 1447 Broadcast, 808, 817, 1335 Brute force, 991 Brute-force attack, 991 Brute-force attacks, 991 BSEND, 4196 Buffer overflow, 6249, 6286 Button, 5270 Adding a system diagnostics indicator, 6068 as release button, 6341 Configuring, 5690 Configuring access protection, 5686 Define hotkey, 5272 for release of operator control, 6338 Graphic, 5271 HTML browser, 5220 Lock/unlock, 6339 Mode, 5271 PDF view, 5251 Text, 5271 Buttons and Switches Library, 6118 BY, 3227 BYTE, 2136, 2202, 2251, 2336, 2355, 2402, 2413 BYTE_TO_, 2251, 2355, 2413 Bytes Swap, 2620, 2930, 3154 C CA certificate, 760, 764, 7060 CA group certificate, 764 Cabling rules (PROFINET), 1688 CALC, 2555, 2865 Calculate, 2555, 2865, 4659, 4716 CalibrateTouchScreen, 5870 Calibrating, 1940 Overview, 1939 Call environment Basics, 4906 Setting for blocks, 4907 Call hierarchy, 1973 7274 Call structure, 4871 Displaying, 4875 Introduction, 4871 Meaning of symbols, 4873 Setting view options, 4875 Structure, 4874 Callback to a number specified during connection establishment, 7042 Calling FAQs for a module, 545 Calling manuals for a module, 545 Calling user-defined documentation, 451 Camera URL, 5221 Camera view Configuring, 5221 CAN_DINT, 3666 CAN_TINT, 3653 Cancel Connection to the faceplate type, 5171 Canceling a calibration, 1942 Canceling printing, 417 Card type, (See Memory card) Cascaded counting function, 1793 CASE, 3225 Catalog, (see Hardware catalog) CD, 2522, 2833 CEIL, 2655, 2966, 3204 CER, 733 Certificate, 761, 837 Exporting, 761 Importing, 761 Renewing, 763 Replace, 764 Replacing, 764 self-signed, 763 signed by certificate authority, 763 Certificate authorities, 715 Certificate authority, 760, 761 Certificate check, 6284, 6356 Certificate holder, 715 Certificate manager, 761 Certificate manager (global), 730 Certificates Deleting (global), 736 Displaying, 736 Exporting (global), 733 Importing, 732 Renewing, 735 Replacing, 735 Change, 5992 ChangeConnection, 5866 ChangeConnectionEIP, 5868 Changeover contact, 1878 WinCC Advanced V14 System Manual, 10/2016 Index Changeover contact sensor type, 1878 Changing Colors, 6243 Displayed name of user group, 5667 Logoff time in runtime, 5678 Name of the user, 5677 Object property, 5731 Object size, 5034, 5631 Password, 5666 Recipe data record in runtime, 5575, 5576, 5585 User group in runtime, 5678 Changing a port interconnection Graphic view, 703 Changing and displaying operating mode (example), 5735 Changing the configuration online, 6931 Changing the device configuration online, 6931 Changing the name Authorization, 5667 User group, 5667 Users, 5665 CHAR, 2161, 2243, 2323, 2350, 2351, 2393, 2394, 2411, 2432 CHAR_TO_, 2323, 2393, 2394, 2432 Character, 2161, 2162 Character string, 79, 2162, 2165 Combining character strings with CONCAT, 3377 Comparing string tags with S_COMP, 3336 Converting from a hexadecimal number with HTA, 3373 Converting number string with STRG_VAL, 3341 Converting number to character string with VAL_STRG, 3345 Converting to a hexadecimal number with ATH, 3370 Converting with S_CONV, 3338 Copying characters to character string with Chars_TO_Strg, 3353 Deleting characters with DELETE, 3383 Determine maximum length with MAX_LEN, 3356 Determining length with LEN, 3375 Finding a character with FIND, 3390 Inserting characters with INSERT, 3385 Moving with S_MOVE, 3334 Reading out left character with LEFT, 3378 Reading out middle character with MID, 3381 Reading out right character with RIGHT, 3380 Replacing character with REPLACE, 3387 Characters, 55 Charging condition, 5228 Operation, 5228 Chars_TO_Strg, 3353 WinCC Advanced V14 System Manual, 10/2016 Check whether project can be migrated, 177 Checking Device version, 6232 Checking the connection, 4293 Checklist for troubleshooting the modem, 7084 Checksum, 5466 Audit Trail, 5376, 5465 Log, 5376, 5465, 5535 Reading out with GetChecksum, 3766 Updating WinCC, 5376, 5465 Circle, 5225 Radius, 5225 Circular log, 5457 Select size, 5369, 5469 Class of Service, 1288 Cleaning project for migration, 179 ClearAlarmBuffer, 5936 ClearAlarmBufferProTool, 5937 ClearAlarmBufferProtoolLegacy, 5937 ClearDataRecord, 5956 ClearDataRecordMemory, 5957 cleared, 5991 ClearLog, 5825 Click, 5996 Click when flashing, 5997 Client Overview, 1476 Client Supplicant, 1608 Clipping, 1842 Clock, 5292 Display, 5293 Display dial, 5293 Length of the pointer, 5293 Width of hands, 5293 Clock memory, 960, 984 CloseAllLogs, 5827 Closed loop control, 6674 CMP <, 2537, 2847 CMP <=, 2533, 2844 CMP <>, 2527, 2838 CMP ==, 2523, 2834 CMP >, 2535, 2846 CMP >=, 2531, 2842 Code templates inserting in user-defined functions, 5705 Coil, 2442 Negate, 2444 Color Diagnostics of Ethernet cables, 1904 Diagnostics of ports, 1904 Color of individual ranges Gauge, 5302 7275 Index Color transition Bar, 5194 Colors Alarm classes, 5238, 5245, 6249, 6286 Changing, 6243 Find and replace, 6242 Column Alarm view, 5241, 5244 Column headers Alarm view, 5239 Recipe view, 5265 Column sequence Alarm view, 5238 Column width User view, 5196 Comfort Panel Deleting HMI device images, 6238, 6325, 6362 Display and operating object, 5186 Comfort Panels Available system functions, 5763 Command table technology object Add new object, 6696 Basic parameters, 6698 Command table configuration, 6699 Command.Command[1...32] tags, 6926 Configuration window icons, 6697 Configuring activate warnings, 6699 Configuring duration, 6701 Configuring position / travel path, 6700 Configuring the command type, 6699 Configuring the next step, 6701 Configuring the step code, 6701 Configuring use axis parameters of, 6699 Configuring velocity, 6700 Extended parameters, 6711 General configuration, 6698 Tools, 6695 Usage, 6695 Comments Inserting in SCL program, 4798 Comments in Runtime, 6249, 6286 Common alarm classes, 5407 Communication, 990 Number of connections (PROFINET/ PROFIBUS), 672 Routing, 7121 S7 routing, 7125 Communication diagnostics, 1919 Communication error, 1627 Communication in the security mode Configuring, 6423 7276 Communication instruction "PG_DIAL", 7073 "SMS_SEND", 7076 Communication load, 960 Communication via PUT/GET instructions Basic information on PUT/GET instructions, 656 Creating and assigning parameters to a connection, 661 Deleting an interconnection, 662 Overview of connection configuration, 657 Requirements, 656 Starting connection parameter assignment, 660 Communications Cycle load, 967 Communications instruction "AS_DIAL", 7074, 7075 "AS_MAIL", 7077 "PG_DIAL", 7072 Communications load, 967 Communications module (CM), 4384 Communications modules, 976 Properties, 976 Communications options, 1607 Communications port Configuring, 976 Communications protocol Defining, 979 Overview, 979 Comparator operations Time tags, 3299 Compare Bit mask, 2734, 3046, 3288 Character strings with S_COMP, 3336 Equal, 2523, 2834 Greater or equal, 2531, 2842 Greater than, 2535, 2846 Less or equal, 2533, 2844 Less than, 2537, 2847 Not equal, 2527, 2838 Compare editor Changing the view, 397 Device comparison, 573 Filtering the view, 391 Overview, 384 Showing and hiding columns, 390 Specifying actions, 395 Compare offline/online Automatic device assignment, 707 Compare scan matrix, 2736, 3048, 3290 Comparing library elements, 57 Comparing library objects, 456 WinCC Advanced V14 System Manual, 10/2016 Index Compatibility, 63, 79, 6420 Backward compatibility of projects, 350 Projects from older program versions, 350 Projects with add-on software, 351 S7-1200 CPU firmware versions, 1019 WinCC version, 6227 Compatibility check, 6249, 6286 Project ID, 6249, 6286 Compatibility mode, 5325 Compile Block, 4811 Compiling Blocks, 4808 Consistency check, 4808 Correcting compilation errors, 4812 Migrated project, 200 Project, 6257, 6296 Complex user view Configuring, 5198 Components Alarm, 5412 CONCAT, 3377 Conditional spontaneous, 1101 Configuration DP slave, 1638 DP slave, simple, 1629 Hardware, 551 Loading to device, 1704 Loading to PG/PC, 1705 Tag, 5320 Configuration control, 1061, 1070, 1808, 1813, 1855, 1865, 1887 Configuration control with ET 200pro, 1887 Configuration control with ET 200AL, 1855 Configuration control with ET 200MP, 1865 Configuration control with ET 200SP, 1808 Configuration mode, 1225, 1490 Configuration PC Starting Runtime, 6319 Configuration rights, 770 Configure a PROFIBUS subnet Matching parameters to one another, 586 Setting bus parameters, 586 Configured Loop-in-alarm, 5431 Configuring, 5422, 5435, 5606 Access protection, 5690 Alarm acknowledgment, 5452, 5453, 5455 Alarm group, 5420 Alarm log, 5458 Alarm view, 5438 Alarm view for logged alarms, 5444, 5460 WinCC Advanced V14 System Manual, 10/2016 Analog alarm, 5422, 5434 Analog alarms, 5413, 5414 Animation, 5563 Authorization, 5683 Camera view, 5221 Controller alarms, 5413, 5414 Direct connection, 7123 Discrete alarm, 5420, 5433 Discrete alarms, 5413, 5414 Display of S7 diagnostic alarms, 5442 Event, 5562, 5572, 5582 Event-driven tasks, 5424 Function list, 5701 GRAPH overview, 6086 Handle for slide-in screen, 5003 HART variable, 1785 HMI device as OPC DA server, 6425 Integrated, 7128 I-slave, 1640 Layout of the alarm view, 5441 Logging tag, 5380 Multiple tags, 5321 OPC XML DA server in the OPC XML Manager, 6431 PLC code view, 5255, 6088 ProDiag overview, 6082 Project-wide alarm class, 5417 Properties for slide-in screen, 5003 Recipe screen, 5606 Recipe view, 5602, 5604 Rectangle, 5081 Slide-in screen, 5003 Slide-in screen for devices without multi-touch function, 5005 System events, 5413, 5414 Trend view for logging, 5389 Trend view for values from the PLC, 5382, 5387 User-defined VB function, 5712 WinCC OPC Client, 6429 Configuring a filter for fixed character string, 5447 Configuring a PROFIBUS subnet Meaning of the bus parameters, 587 Configuring HMI array tags, 5352 Configuring internal subnets manually, 903 Configuring IP network nodes manually, 903 Configuring MAC network nodes manually, 903 Configuring the network with Ethernet, 591 Creating private subnets, 593 Linking networks, 593 Relationship between IP address and subnet mask, 592 7277 Index Setting the IP address, 592 Setting the subnet mask, 592 Configuring the remote modem, 7038 Connecting a TS Adapter with an external modem, 7038 Connecting a TS Adapter with an internal modem, 7038 Connection, 633, 643 Address details, 1956 Change after migration, 212 Configuring a connection when there is no or no clear network assignment, 648 Creating, 606 Deleting, 609 integrated connection, 5309 Connection configuration Connection parameters, 602 General, 598 Overview, 600 Starting, 605 Connection description Changing parameter values, 628 Data block, 612, 615, 616, 618, 619, 620 Structure, 613, 615, 617, 618, 619, 621 Connection details, 1956 Connection diagnostics Detailed, 1954 Overview, 1952 Connection information, 1954 Connection mechanisms, 990 Connection name Adapting, 7135 Connection parameter assignment of PUT/GET instructions, 660 Connection parameters of PUT/GET instructions, 659 Connection resource, 634, 644 Connection resources, 667 Data record routing, 680 Display in STEP 7, 682 Display in the Web server, 685 HMI communication, 680 Module-specific, 673, 683 occupying, 681 Online, 1954, 1955 Overview, 676 S7 routing, 680 Station-specific, 673, 683 Connection rules, 924, 936 Connection status Displaying using icons, 1953 7278 Connections Number of connections (PROFINET/ PROFIBUS), 672 Consistency Slot rules, 559 Consistency check, 899, 4876, 4877, 4881, 4882 Introduction, 4876, 4881 local, 759 project-wide, 759 Consistency check before migration, 178 Consistency of data, 689 Constant Data types, 2008 Definition, 2006 Global constant, 2007, 2008, 2010, 4607, 4608, 4609, 4612 Local constant, 2007, 2008, 2010, 4529, 4530, 4541 Non-typed constant, 2006 Symbolic constant, 2007 Typed constant, 2006 Constants, 2113 Context filter, 543 CONTINUE, 3232 Control data record, 1061, 1813, 1855, 1887 Control data record 196, 1808, 1813, 1865, 1887 Control element Simple alarm view, 5478 Control unit, 1626 Controller alarm, 5399, 5401 System-defined, 5403 Controller alarms, 6249, 6286 Configuring, 5413, 5414 System-defined, 5400 Transferring to the HMI device, 5487 Controller data, 7109 Initializing, 6246, 7111 Controls Camera view, 5221 PDF view, 5250 ControlSmartServer, 5810 Control-timer alarm, 2727, 2730, 3039, 3042, 3281, 3284 ControlWebServer, 5810 Conventions for user-defined documentation, 448 WinCC Advanced V14 System Manual, 10/2016 Index Conversion, 2198, 2332, 2398 Explicit, 2249, 2251, 2254, 2257, 2261, 2265, 2269, 2272, 2276, 2279, 2283, 2286, 2290, 2293, 2296, 2299, 2301, 2304, 2307, 2310, 2313, 2316, 2318, 2320, 2323, 2325, 2327, 2330, 2354, 2355, 2357, 2360, 2364, 2367, 2370, 2373, 2376, 2379, 2382, 2385, 2388, 2390, 2391, 2392, 2393, 2394, 2395, 2397, 2412, 2413, 2415, 2417, 2420, 2423, 2426, 2427, 2428, 2430, 2431, 2432, 2433, 2434 Implicit, 2201, 2202, 2205, 2206, 2208, 2209, 2211, 2212, 2214, 2216, 2218, 2220, 2222, 2224, 2225, 2227, 2229, 2231, 2233, 2235, 2237, 2239, 2241, 2243, 2244, 2246, 2247, 2335, 2336, 2337, 2338, 2339, 2340, 2341, 2342, 2343, 2344, 2345, 2346, 2347, 2348, 2349, 2350, 2351, 2352, 2353, 2401, 2402, 2404, 2405, 2406, 2407, 2408, 2409, 2410, 2411 Conversion operations Converting timers with T_CONV, 3301 Conversions, 82 Convert, 2652, 2962, 3201 HW identifier to slot, 3867 IO address to HW identifier, 3867 Slot to HW identifier, 3867 Convert character string, 79 Converted name (PROFINET), 1665 Converting A character string to a hexadecimal number with ATH, 3370 Character string in array with Strg_TO_Chars, 3350 Character strings with S_CONV, 3338 Converting number string to number with STRG_VAL, 3341 Converting number to number string with VAL_STRG, 3345 Converting timers with T_CONV, 3301 Copying characters to numerical character string with Chars_TO_Strg, 3353 Hexadecimal number to character string with HTA, 3373 Converting an unspecified CPU, 247 Cookie, 1041 Coordinated transfer, 5549 With PLC, 5549 Copy Recipe data record in runtime, 5575, 5585 Screen, 4987 Tag, 5319 Template, 4993 Copy protection, 4517 WinCC Advanced V14 System Manual, 10/2016 Copying Adjusting screen size, 6221 Color, 6220 Excel format, 6138 Font, 6220 Function key, 6221 Hardware component, 563 Invalid object, 6219 Linked objects, 6222, 6223 Pop-up screen, 5000 Principle, 6217, 6219 Screen, 6220 Style sheet, 5020 User-defined folders, 6218 Corner points, 5259 Corners, 5257 Corporate libraries, 456 COS, 2582, 2891, 3125 Queue, CoS (Class of Service), 1144, 1431 Cosine, 2582, 2891, 3125 Count Down, 2508, 2516, 2522, 2819, 2827, 2833, 3097, 3105 Up, 2506, 2514, 2521, 2817, 2825, 2832, 3095, 3103 Up and down, 2511, 2518, 2822, 3100, 3107 Count (8 DI NAMUR), 1791 COUNTER, 2193, 2518, 3107 Counter input, 971 Counter mode, 971 Counter, high-speed, 970 Counters Control high-speed counter (extended), 3990 Control high-speed counters, 3988 High-speed counters, 3988, 3990 CountOfElements, 2635, 2945, 3188 Cover page Placeholder for document information, 412 CP 1613, 58 CP 1623, 58 CP 343-2, 65 CP 5512, 58 C-PLUG, 1533 Formatting, 1276, 1535 Saving the configuration, 1535 CPU Displaying the current LED status, 1915 Fill level of all types of memory, 1915, 1916 Inserting a signal board, 1026 Number of communication connections, 672 Properties, 959 7279 Index Reading date and time-of-day with RD_SYS_T, 3313 Reading out a diagnostics buffer, 1920 Selecting from the hardware catalog, 555 Setting the time-of-day time-of-day with WR_SYS_T, 3311 Switching operating mode, 1925 CPU control panel Display area, 1915 CPU data block Definition, 1967 Deleting, 4507 CPU firmware, 1019 CPU load through trace, 7012 CPU memory area Displaying, 4886 CPU properties, 960 Create Faceplate type, 5153 Global library, 6123 Group, 5072 Report, 5621 Report (overview), 5619 Template, 4994 Users, 5663 Users in runtime, 5675 Create script Faceplate type, 5176 CREATE_DB, 3840 Creating, 5593 Alarm group, 5420 Alarm log, 5456, 5458 Array, 5351 Connection to an OPC UA Server, 6428 Connection to OPC DA server, 6427 Cycle, 5362 Data log, 5367 External tag, 5314 Infotext, 5421, 5424 Internal tag, 5316 Network connection, 7130 Pop-up screen, 4999 Project-wide alarm class, 5417 Recipe, 5593 Recipe data record on the HMI device, 5565, 5566, 5575, 5584 Report (overview), 5619 Screen, 4986 Style sheet, 5017 User group, 5662, 5692 User-defined VB function, 5712 Users, 5693 7280 Creating a CHM file, 454 Creating a homepage for user-defined documentation, 447 Creating a new type Style, 6135 Style sheet, 6136 Creating a print preview, 413 Creating a route, 894 Creating a type Screen, 6134 Script, 6134 Creating a watch table, 4927 Creating custom documentation, 328 Creating labeling strips, 418 Creating user-defined documentation, 452 CRL, 733 Crossing Definition, 4676 Deleting, 4678 Inserting, 4677 rearranging, 4677 Cross-reference list, (See cross-references) Adding new objects, 4898 Benefits, 4888 Displaying, 4894 Introduction, 4888 Overview, 4894 Settings, 4891 Sorting columns, 4889 Source object, 4889 Structure, 4889 Uses, 4888 Cross-references Add new object, 4898 Displayed objects, 4888 Displaying, 4894 Introduction, 6163 Linking, 6164 Replace, 6164 Uses, 6163 CRT, 733 csv file, Example, 5390, 5490 Layout, 5390, 5490 CTD, 2508, 2819, 3097 CTRL Key, 6279, 6344 CTRL_HSC, 3988 CTRL_HSC_EXT, 3990 CTRL_PTO, 3790 CTRL_PWM, 3788 CTU, 2506, 2817, 3095 WinCC Advanced V14 System Manual, 10/2016 Index CTUD, 2511, 2822, 3100 CU, 2521, 2832 Cu10 sensor, 1839 Cursor key, 6277, 6342 Custom .Net control Add, 5064 Remove, 5065 Custom alarm classes, 5405, 5407 Customized VB function Rename, 5715 Cycle Creating, 5362 Cycle load, 967 Cycle monitoring time, 2685, 2996, 3246 Cycle time, 960, 966 display configured, 1908 display measured, 1914 Cyclic Continuous, 5331 In operation, 5331 Cyclic interrupt, 1005 Cyclic interrupt OB Assigning parameters, 1016 Description, 1005 Querying parameters with QRY_CINT, 3643 Setting parameters with SET_CINT, 3641 Cyclic program execution Options for interrupting, 998 Programming, 998 Cyclic triggers, 6045, 6055 D D_ACT_DP, 3509 Data backup, 138 HMI device, 6367 Data bit (DBX), 947 Data block Adjusting data values during commissioning, 4586, 4587, 4588, 4589, 4590 ARRAY data block, 1965, 1968, 2013, 2016, 4486, 4551, 4555, 4587 Based on a PLC data type, 4563 CPU data block, 1967 Creating, 4486, 4555 Creating with CREATE_DB, 3840 Declaration table, 4553 Declaring ARRAY, 4560 Declaring STRUCT, 4561 Default value, 4564 Deleting with DELETE_DB, 3857 WinCC Advanced V14 System Manual, 10/2016 Downloading changes without reinitialization, 4557 Global data block, 1965, 4551 Importing and exporting tags, 4576 Instance data block, 1966, 4551 Monitoring and modifying tags, 4578, 4579, 4580, 4581, 4583, 4584 Optimized access, 1968, 1970 Programming, 4551, 4559 Reading attributes with ATTR_DB, 3853 Reading from load memory with READ_DBL, 3845 Retentive behavior, 4566, 4567 Snapshot, 4581, 4582, 4584 Start value, 4564, 4565 Tag properties, 4568, 4571, 4572 Updating, 4556 Using setpoints, 4586, 4587, 4588, 4589, 4590 Writing to load memory with WRIT_DBL, 3848 Data block 196, 1808, 1865, 1887 Data block 197, 1808, 1865, 1887 Data byte (DBB), 947 Data consistency, 689, 4177 Data double word (DBD), 947 Data Encryption Standard (DES), 839 Data exchange DP slave, 1629 I-slave - DP master, 1630 Data exchange over the AS-AS remote link Communication instruction "AS_DIAL", 7074 Data Flow, 5542 Data flow control, 978 Data log, 1031, 5529 Acquisition cycle, 5364 Closing with DataLogClose, 3828 Creating, 5367 Creating with DataLogCreate, 3813 Creating with DataLogNewFile, 3831 Creating with DataLogTypedNewFile, 3833 Deleting with DataLogDelete, 3830 Empty with DataLogClear, 3824 Logging cycle, 5364 Naming conventions, 5534 Opening with DataLogOpen, 3820 Opening with DataLogTypedOpen, 3822 Output of the tag value, 5386 Tags, 5365, 5370 Tolerance band, 5370 Writing with DataLogWrite, 3826 Data logging, 5363, 5364 Application, 5363 7281 Index Data mailbox For recipes, 5549 Data point configuration, 1080 Data point type, 1086 Data record Asynchronously reading data record of a module with RD_DPARA, 3625 Exporting, 5588 Importing, 5588 Making available on I-device with PRVREC, 3542 read, 5577, 5587 Reading, 5566 Reading from configured system data with RD_DPARM, 3627 Reading of a module with RD_DPAR, 3619 Reading with RD_REC, 3530 Reading with RDREC, 3420 Receiving on I-device with RCVREC, 3540 Transfer, 5567, 5577, 5587 Transferring with WRREC, 3437 Writing and reading data records, 3618 Writing predefined parameters with WR_DPARM, 3629 Writing with WR_REC, 3535 Data type ANY, 2188 ARRAY, 2177 BOOL, 2136, 2201, 2249, 2335, 2354, 2401, 2412 BYTE, 2136, 2202, 2251, 2336, 2355, 2402, 2413 CHAR, 2161, 2243, 2323, 2350, 2351, 2393, 2394, 2411, 2432 Conversion, 2198, 2205, 2332, 2338, 2347, 2348, 2349, 2398, 2404, 2407, 2409, 2410 DATE, 2157, 2237, 2316, 2348, 2390, 2409, 2429 DINT, 2145, 2214, 2279, 2343, 2376, 2406, 2423 DT, 2158, 2231, 2307, 2410, 2431 DTL, 2160, 2235, 2313, 2350, 2392 DWORD, 2138, 2205, 2257, 2338, 2360, 2404, 2417 Explicit conversion, 2249, 2251, 2254, 2257, 2261, 2265, 2269, 2272, 2276, 2279, 2283, 2286, 2290, 2293, 2296, 2299, 2301, 2304, 2307, 2310, 2313, 2316, 2318, 2320, 2323, 2325, 2327, 2330, 2354, 2355, 2357, 2360, 2364, 2367, 2370, 2373, 2376, 2379, 2382, 2385, 2388, 2390, 2391, 2392, 2393, 2394, 2395, 2397, 2412, 2413, 2415, 2417, 2420, 2423, 2426, 2427, 2428, 2429, 2430, 2431, 2432, 2433, 2652, 2962, 3201 7282 Implicit conversion, 2201, 2202, 2203, 2206, 2208, 2209, 2211, 2212, 2214, 2216, 2218, 2220, 2222, 2224, 2225, 2227, 2229, 2231, 2233, 2235, 2237, 2239, 2241, 2243, 2244, 2246, 2247, 2335, 2336, 2337, 2339, 2340, 2341, 2342, 2343, 2344, 2345, 2346, 2350, 2351, 2352, 2353, 2401, 2402, 2403, 2405, 2406, 2408, 2410, 2411 INT, 2143, 2211, 2272, 2341, 2370, 2405, 2420 Internal tag, 5312 LDT, 2159, 2233, 2310 LINT, 2147, 2218, 2286 LREAL, 2151, 2224, 2296, 2346, 2385 LTIME, 2156, 2229, 2304 LTIME_OF_DAY, 2158 LTOD, 2241, 2320 LWORD, 2139, 2206, 2261 PLC data type, 2170, 4620 POINTER, 2185 REAL, 2150, 2222, 2293, 2345, 2382, 2406, 2426 S5TIME, 2154, 2225, 2299, 2408, 2428 SCL instruction, 4781, 4782, 4783 SINT, 2141, 2208, 2265, 2339, 2364 STRING, 2162, 2246, 2327, 2352, 2353, 2395, 2397, 2411, 2433 STRUCT, 2175 TIME, 2155, 2227, 2301, 2347, 2388, 2407, 2427 TIME_OF_DAY, 2157 TOD, 2239, 2318, 2349, 2391, 2410, 2430 UDINT, 2146, 2216, 2283, 2344, 2379 UINT, 2144, 2212, 2276, 2342, 2373 ULINT, 2148, 2220, 2290 USINT, 2142, 2209, 2269, 2340, 2367 Validity, 2131 VARIANT, 2191 WCHAR, 2162, 2244, 2325 WORD, 2137, 2203, 2254, 2337, 2357, 2403, 2415 WSTRING, 2165, 2247, 2330 Data types, 2057 Migration, 230 PLC code view, 6097 Data word (DBW), 947 DataLogClear, 3824 DataLogClose, 3828 DataLogCreate, 3813 DataLogDelete, 3830 DataLogNewFile, 3831 DataLogOpen, 3820 DataLogTypedNewFile, 3833 DataLogTypedOpen, 3822 DataLogWrite, 3826 WinCC Advanced V14 System Manual, 10/2016 Index Date, 2157, 2158, 2159, 2160 Date/time field, 5202 Application, 5640 Display system time, 5202 Format, 5202 Layout in reports, 5640 Using tags, 5202 DATE_AND_LTIME, 2159 DATE_AND_TIME, 2158 DATE_TO_, 2316, 2390, 2429 DB, 4486, 4555 DB variable Definition, 2004 DB_ANY_TO_VARIANT, 3216 DCAT, 2727, 3039, 3281 DCP server, 1225, 1489 Deactivate, 82, 5994 Dead peer detection (DPD), 846 Deadband Setting, 5424 Debugger Closing, 5727 Error types, 5720 Starting, 5726, 6303 Windows, 5718 Windows CE, 5718 DEC, 2567, 2877 Decimal places, 56, 2588, 2898, 3130 DECO, 2702, 3014, 3257 Decode, 2702, 3014, 3257 DecreaseFocusedValue, 5814 DecreaseTag, 5842 Decrement, 2567, 2877 Default font, 6193, 6250, 6287 Default style, 6249, 6286 Defining, 5012 Default template, 6249, 6286 Defective devices, 1897 Defective license, 124, 139 Define Reference object, 5060, 5633 Define columns Alarm view, 5237 Define display area Alarm view, 5239 Define hotkey, 5272 Defining, 5467 For the assignment list, 4868 DEL key, 6278, 6343 Delay time Setting, 5423 WinCC Advanced V14 System Manual, 10/2016 Delete, Template, 4993 DELETE_DB, 3857 Deleted tags Checking, 5320 Deleting Authorization, 5668 Filter in the assignment list, 4868 Hardware component, 562 Object, 5031, 5626 OPC XML DA server in the OPC XML Manager, 6431 Pop-up screen, 5000 Recipe data record in runtime, 5576, 5585 Report page, 5622 Screen, 4987 Style sheet, 5019 Tag, 5320 User group, 5667 Users, 5666 Deleting a category Faceplate type, 5159 Deleting a connection, 252 Deleting a property Faceplate type, 5159 Deleting CA certificates, 7065 Demultiplex, 2710, 3021, 3264 DEMUX, 80, 2710, 3021, 3264 Dependencies of rights, 773 Dependency on HMI device Logging, 5532 Dependency structure, 4877 Displaying, Introduction, 4877 Meaning of symbols, 4879 Setting view options, 4881 Structure, 4879 DER, 733 DES, 833, 839 Deserialize, 2596, 2906, 3132 Design analysis Bit selection, 6249, 6286 Designation TS Adapter, 7036, 7044, 7052 Designing a background, 5042 Designing a border, 5042 Destruction of license keys, 123 DETACH, 3636 Detail page Adding to report, 5622 remove from report, 5622 7283 Index Report, 5618 Sorting, 5622 Detail view PLC code view, 6090 Detailed comparison Performing, 392 Starting, 4836, 4837 Visualization of the comparison result for GRAPH, 4848 Visualization of the comparison result for LAD/ FBD, 4838 Visualization of the comparison result for SCL, 4845 Visualization of the comparison result for STL, 4842 Details view, 290 Determine diagnostics status, 1917 Determining time of day, 1927 Device Adding to a hardware configuration, 552 Copying, 563 Defective devices, 1897 Deleting, 562 Moving, 564 Renaming, 706 Device address, 1021 Device comparison, 573 Device information, 404, 1897 Device name, 1659, 1665 Device name, automatic commissioning (PROFINET), 1661 Device number, 1660 Device overview Address range, 1021 Device proxy Initializing, 7116 Updating, 7114, 7119 Device replacement, 565 Device Tool, 1702, 1703 Device version, 6264, 6372 Checking, 6232 Switching, 6231 Device view Area of unplugged modules, 531 Edit parameters, 566 Edit properties, 566 Hardware and network editor, 526 Inserting a signal board, 1025 Inserting module, 559 Racks, 557 Device wizard, 6241, 6245 7284 Device-dependent Font size, 5014 DeviceStates, 3767 DHCP Client, 1243, 1510 Server configuration, 897 DHCP server, 898 DHCPv4 Relay Agent General settings, 1380 DHCPv6 Client, 1374 PD Sub Client, 1375 Prefix delegation, 1374, 1375 Diagnose repeater, 1949 Diagnostic error interrupt, 1009 Diagnostic interrupt OB, 1009 Diagnostics, 849, 1802 Alarm class, 5442 DP slave, reading diagnostic data with DPNRM_DG, 3551 PROFINET IO components, 1919 Diagnostics buffer, 990 Basics, 950, 1944 Organization, 1944 Diagnostics data Reading out with GET_DIAG, 3780 Diagnostics status Determining and displaying online, 1898 Diagnostics user, 768 Diagonal movement Animation, 5116 Dialing rules in phone books, 7033 Dial-up connection Establishing, 7057 Terminating, 7059 Diffie-Hellman key exchange, 838 Digital certificates, 715 DINT, 2145, 2214, 2279, 2343, 2376, 2406, 2423 DINT_TO_, 2279, 2376, 2423 Direct access to the I/O, 951 Direct connection Configuring, 7123 Direct key, 6346 Direction output and travel direction relation, 6601 DirectKey, 5791 Configuring, 5138 DirectKeyScreenNumber, 5793 Directories for user-defined documentation, 449 DIS_AIRT, 3684 DIS_IRT, 3681 WinCC Advanced V14 System Manual, 10/2016 Index Disabling Project language, 6175 Disconnecting PROFIsafe, 6027 Discrete alarm, 5399, 5400 Configuring, 5420, 5433 Discrete alarm types, 5399 Discrete alarms Configuring, 5413, 5414 Display HMI backup, 6234, 6321, 6358 Infotext, Program name, 7129 Display classes, 5403 Display dial, 5293 Display number, 5268 Recipe view, 5265 Display object Availability for Basic Panels, 5183 Availability for Comfort Panels, 5186 Availability for Mobile Panels, 5189 Availability for Multi Panels, 5188 Availability for Panels, 5184 Availability for WinCC Runtime Advanced, 5191 Display PDF files, 119 Display peak value Gauge, 5301 Display problems Asian characters, 6377 Controller alarms, 6377 Display program status GRAPH overview, 5214 Display system time, 5202 Display Welcome Tour, 119 Displaying Assignment list, Call structure, 4875 CPU memory area, 4886 Cross-references, 4894 Dependency structure, Load memory, 4887 Log contents, 5457 Maximum load memory available, 4887 Program information, 4862 Displaying a force table, 4956 Displaying memory types of a CPU, 1915, 1916 Displaying monitor values for structures in the Inspector window, 4912 Displaying or hiding tag information, 4672, 4729, 4783 Displaying support for a module, 545 Displaying the call log, 452 WinCC Advanced V14 System Manual, 10/2016 Displaying the monitor values for structures in the Inspector window, 4912 Displaying the online status, 6936 Displaying types for an instance, 495 Displaying values As a trend, 5382 Distribute Objects evenly, 5036, 5635 Distributed I/O, 1627, 1800, 1821, 1852 DIV, 2562, 2872 Divide, 2562, 2872 DMSK_FLT, 3680 DNS client, 1230 DO, 3227, 3229 Documentation editor Layout, 408 Documentation settings Using frames and cover pages, 406 Double word, 2138 double-click, 5995 Download, , (See Loading to device) "Pack&Go" file to HMI device, 6312 Error messages, 6267, 6328 Project, 6265, 6309 via USB, 6313 Downloading Blocks to the device, 4817 Downloading blocks to a memory card, 4826 Downloading blocks to device, 4822, 4823 Downloading to a memory card, 374 in RUN operating mode, 4817 Uploading blocks from a memory card, 4828 Writing to a memory card, 374 DP interface, 1632 DP master, 1786 Add DP master system, 1635 Devices and modules, 1631 Disconnection from DP master system, 1635 Display on DP slave, 1633 DP interface, 1632 DP master system Add DP slave, 1636 Creating, 1628, 1631, 1638 Determining topology with DP_TOPOL, 3554 Disconnect DP slave, 1637 Disconnection from subnet, 1634 Edit properties, 1635 Highlight, 1634 Node disconnection, 1634 DP slave Activating and deactivating with D_ACT_DP, 3509 7285 Index Add to DP master system, 1636 Assign DP master system, 1637 Configuring, 1629 Data exchange, 1629 Disconnect from DP master system, 1637 DP master display, 1633 Hardware catalog, 1628 Intelligent, (See I-slave) Networking, 1638 Reading diagnostic data with DPNRM_DG, 3551 Slot rules, 1636 Synchronizing groups with DP_SYC_FR, 3545 Types, 1636 With preprocessing, (See I-slave) DP standard slave, DP standard slaves Reading a portion of the inputs with GETIO_PART, 3461 Reading all inputs with GETIO, 3454 Reading consistent data with DPRD_DAT, 3536 Writing a part of the outputs with SETIO_PART, 3463 Writing all outputs with SETIO, 3455 Writing consistent data with DPWR_DAT, 3538 DP/DP coupler, 1629 DP_TOPOL, 3554 DPNRM_DG, 3551 DPRD_DAT, 3536 DPSYC_FR, 3545 DPV1 Configuring an ET 200S, 1649 DPWR_DAT, 3538 Drive connection S7-1200 Motion Control, 6605 DRUM, 2721, 3033, 3274 DSCP, 1288 DST Daylight saving time, 1254, 1519, 1520 DT, 2158, 2231, 2307, 2410, 2431 DT_TO_, 2307, 2431 DTL, 2160, 2235, 2313, 2350, 2392 DTL_TO_, 2313, 2392 Duration, 2154 DWORD, 2138, 2205, 2257, 2338, 2360, 2404, 2417 DWORD_TO_, 2257, 2360, 2417 Dynamic control Object property, 5106 Dynamic reference temperature, 1872 Dynamization Color of an object, 5113 Control enable state of an object, 5118 Flashing, 5113 Object, 5106 7286 Dynamize Appearance of an object, 5113 Direct movement, 5117 Faceplate, 5172 Faceplate type, 5172 Green arrow in Overview, 5112 Movement of an object, 5115 Object appearance, 6068 Property list, 5109 Tag binding, 5121 E Eastern characters Input on the HMI device, 6196 EB, 4596 EC31-RTX, 65 ED, 4596 Edge Negative, 2453, 2456, 2459, 2763, 2766, 2768, 3057 Positive, 2452, 2455, 2457, 2761, 2764, 2767, 3056 Edit Object within a group, 5076 Edit networking Disconnecting from a network, 583 EditAlarm, 5936 Editing, (Tags) Folder link, 5067 Function list, 5703 OPC XML DA server in the OPC XML Manager, 6431 Style sheet, 5019 System event, 5428 Editing a version of a type in testing, 497 Editing language, 426, 6172 Selecting, 6176 Editing networking Copying a subnet, 583 Copying subnets and devices, 584 Editor Graphics, 6184 Effective range, 6002, 6011, 6013, 6016 Calculating signal quality, 5298 Configure effective range object, 6036 Configuring, 6034 Configuring logoff, 6035 Configuring logon, 6035 Logoff, 5295 Logon, 5294 Override function, 5298 WinCC Advanced V14 System Manual, 10/2016 Index Principle of Operation, 6004 Runtime, 6013 Work area, 6012 Effective range (RFID), 6014 Configuring, 6038 Configuring logoff, 6039 Configuring logon, 6039 Overview, 6037 Runtime, 6016 Work area, 6014 Effective range name, 5293 Effective range name (RFID), 5296 Effective range signal, 5297 Effective range (RFID) Logoff, 5297 Logon, 5296 Effective ranges editor, 6011, 6013 Ellipse, 5205 Horizontal radius, 5205 Vertical radius, 5206 ELSE, 3223, 3225 ELSIF, 3223 E-mail Transferring e-mail with TM_MAIL, 4451 Transferring e-mail with TMAIL_C, 4235 E-mail notification, 5436 Empty box Inserting a LAD element, 4649 Inserting an FBD element, 4706 EN/ENO mechanism Basics, 2037 FBD example, 2045 LAD example, 2044 SCL example, 2048 STL example, 2046 EN_AIRT, 3685 EN_IRT, 3683 Enable autonegation, 1687 Enable output ENO, 2059 Enable sorting Alarm view, 5244 Enabling Reporting, 5451 S7 diagnostic alarm, 5430 Enabling the firewall SCALANCE S, 885, 887 Enabling tunneled communication CP x43-1 Adv., 917 SCALANCE S, 885, 887 ENCO, 2703, 3015, 3259 Encode, 2703, 3015, 3259, 5789 EncodeEx, 5790 WinCC Advanced V14 System Manual, 10/2016 Encoder connection S7-1200 Motion Control, 6605 Encryption, 753 Encryption software, 126, 129 END key, 6278, 6343 End of detection of accessible devices, 1689 End of sync domain, 1689 End of topology discovery, 1689 END_CASE, 3225 END_FOR, 3227 END_IF, 3223 END_REPEAT, 3231 END_WHILE, 3229 End-entity certificate, 718 Endian, 3176, 3178, 3180, 3183 ENDIS_PW, 2678, 2989, 3238 Energy-saving mode, 6040 Engineering station Starting Runtime, 6319 ENO, 82, 2059 ENTER key, 6278, 6343 Entering Parameters in user-defined functions, 5704 Enumeration types, 1043 Enumerations Web server, 1045 EQ_ElemType, 2548, 2858 EQ_Type, 2544, 2854 Equal, 2552, 2861 EQUAL ARRAY, 2554, 2864, 3111 Error Logical error, 5720 Runtime error, 5720 Error analysis with RET_VAL, 2049 Error handling GetError, 2686, 2997, 3247 GetErrorID, 2690, 3001, 3251 Error information, 2049, 2686, 2690, 2997, 3001, 3247, 3251 Error messages Download, 6267, 6328 Error status, 1182, 1455 ESC key, 6278, 6343 ESP protocol, 839 Establishing a connection from a remote system ("PG_DIAL"), 7073 Establishing a remote connection, 7057 Procedure, 7058 ET 200AL, 1783, 1813 ET 200eco, 1783 ET 200eco PN, 1783, 1800 ET 200iSP, 1782 7287 Index ET 200iSP distributed I/O station Definition, 1786 ET 200L, 1782 ET 200M, 1782, 1877 Definition, 1876 ET 200MP, 1782, 1863 Pulse width modulation, 1874 ET 200pro, 1783 ET 200R, 1783 ET 200S, 1782 DPV1 mode, 1649 Option handling, 1646, 1648 Reference junctions, 1642 Slot rules, 1641 ET 200S COMPACT, 1782 ET 200SP, 1782, 1806, 1813 Application area, 1806 ET 200AL, 1821, 1852 Area of application, 1849 Configuration example, 1850 ET 200M distributed IO device, 1876 ET 200SP, 1821 ET 200SP with ET 200AL mixed mode, 1821, 1852 ET-Connection, 1821 ET-Connection rack, 1821 Ethernet, 591, 593 Number of communication connections, 672 Ethernet interface Displaying parameters, 6953 Ethernet module Removal/insertion, 62 Ethernet non IP frames, 778 Ethernet Statistics Frame length, 1192, 1460 Frame type, 1193, 1461 Interface statistics, 1192, 1459 Packet Errors, 1194, 1195, 1462 Evaluation unit, 1627 Event Acknowledge, 5998 activate, 5991 Alarm buffer overflow, 5998 Assigning organization block (OB) with ATTACH, 3631 Boundary reached, 5998 Canceling assignment to organization block (OB) with DETACH, 3636 Change, 5992 cleared, 5991 Click, 5996 Click when flashing, 5997 Configuring, 5562, 5572, 5582 7288 Deactivate, 5994 double-click, 5995 Dynamize, 5111 Execute, 5992 For function lists, 5346 Free space critically low, 6001 Incoming, 5996 Input finished, 5995 Loop-In-Alarm, 5997 Low free storage space, 6001 On exceeding, 5993 On falling below, 5993 Outgoing, 5996 Overflow, 5373, 6000 Press, 5995 Press ESC twice, 5996 Press key, 5999 release, 5997 Release key, 5999 Runtime Stop, 5999 Screen change, 5994 Selection changed, 5992 Switch OFF, 6000 Switch ON, 6000 Tags, 5346 Time expired, 6001 Toggle, 6000 User change, 5994 Value change, 6001 When dialog is closed, 5993 When dialog is opened, 5993 Event name, 1017 Event trigger, 6045, 6049, 6052 Event-driven output Report, 5623 Event-driven tasks Configuring:event-driven tasks, 5422 Events Configuration, 1238 Log table, 1181, 1452 Severity filter, 1241, 1508 EW, 4596 EX, 4596 Example Application for alarm classes, 5405, 5406 Calculating an equation, 4688, 4743 Changing and displaying operating mode, 5735 Configuration ET 200AL, 1850 Controlling a conveyor belt, 4681, 4801 Controlling room temperature, 4690, 4745 Detecting the direction of a conveyor belt, 4683, 4737, 4803 WinCC Advanced V14 System Manual, 10/2016 Index Detecting the fill level of a storage area, 4685, 4739, 4805 for displaying bit memory in the assignment list, 4864 for displaying inputs and outputs in the assignment list, 4864 For entering force values in the force table, 4959 Modify values in the watch table, 4931 System alarm, 5402 User-defined function for temperature conversion, 5731 Example of homepage for user-defined documentation, 448 Example of user-defined documentation, 453 Example: Discrete alarm, 5400 System event, 5402 Examples Controlling a conveyor belt, 4735 Exchangeable medium, 1689 Exchanging, 7109 EXCLUSIVE OR, 2748, 2749 Bit logic operation, 2748 Execute, 5992 Executing User-defined functions in Runtime, 5728 EXIT, 3233 User program, EXP, 2579, 2889, 3123 Expand ET 200SP, 1821 Expanded mode, 4924 Expanding and collapsing sections of code, 4767 Expanding ET 200SP with ET 200AL modules, 1821 Exponential value, 2579, 2889 Exponentiate, 2590, 2899 Export Alarm, 6142 Excel format, 6138 Project texts, 6161, 6182 Recipe, 5945, 6138 Tag, 6149 Text list, 6156 User administration, 5679 Export of labeling strips, 418 ExportDataRecords, 5943 ExportDataRecordsWithChecksum, 5945 ExportImportUserAdministration, 5832 Exporting Recipe, 5588 Recipe data record, 5544, 5588 Exporting an NTP server, 831 Exporting labeling data as XML, 421 WinCC Advanced V14 System Manual, 10/2016 Expression Arithmetic expression, 4749 Basics, 4748 Logical expression, 4757 Relational expressions, 4752 EXPT, 2590, 2899 Extended status information, 4762 External graphic Edit folder, 5067 Link folder, 5067 Removing the folder link, 5067 Rename folder, 5067 External image file add to graphics library, 6186 Managing, 5029 Storing in the image browser, 5068 External source file Basics, 4508 Editing, 4513 Exporting blocks, 4510 inserting, 4512 Linking file types to an editor, 4513 Opening, 4513 Rules for programming, 4510 F f(x) trend view, 5206 Toolbar, 5207 F_TRIG, 2461, 2771, 3057 Faceplate Cancel connection to faceplate type, 5171 Controlling properties dynamically, 5172 Create, 5174 Dynamically controlling included objects, 5178 Dynamize, 5172 Example, 5173 Faceplate type, 5148 Instance of the faceplate, 5148 Reset properties, 5148 Resetting the properties to values of faceplate type, 5148 Response to sizing, 5169 Faceplate type, 5148 Cancel connection, 5171 Create, 5153 Creating a tag, 5175 Defining properties, 5175 Deleting a category, 5159 Deleting a connection, 5157 Deleting a property, 5159 Deleting a property connection, 5157 7289 Index Duplicating, 5168 Dynamize, 5172 Edit, 5167 Enable, 5167 Event, 5152 Faceplate, 5170 Graphics list, 5153 Properties, 5152 Response to resizing, 5169 Script, 5152 Tag, 5152 Text list, 5152 Updating, 5167 Use, 5170 User text, 5153 Facility, 814 factory settings Resetting to, 6371 Fail-safe modules Selecting from the hardware catalog, 556 FALSE, 2460, 2461, 2769, 2771, 3056, 3057 Fault monitoring Connection status change, 1271, 1529 Power supply, 1270, 1528 Redundancy, 1271 Favorites Adding, 4653, 4710, 4784 Hiding, 4467 Removing, 4654, 4711, 4786 Showing, 4467 Using, 4653, 4710, 4785 FB, 1964 FBD, 4693, 4735, 4737, 4739 Detailed comparison, 4838 Migration, 187 FBD element Copying, 4720 Cutting, 4721 Deleting, 4726 Inserting, 4705, 4706 Inserting an operand, 4727 pasting from the clipboard, 4722 Replacing, 4722 Rules for inserting, 4704 Selecting, 4720 FBD network Branch, 4730 Deleting a branch, 4732 Inserting a block call, 4655, 4712 Inserting a branch, 4731 Program status display, 4916 Rules for branches, 4731 7290 FC, 1963 F-CM AS-i Safety ST, 65 F-CPU, 556 Feedback data record, 1813, 1855 FETCH/WRITE, 990 Field device, 1653, 1699 FieldRead, 2639, 2949 FieldWrite, 2641, 2951 FIFO, 2088 FIFOQueue, 2088 File Browser, 1031 File format CER, 733 CRL, 733 CRT, 733 DER, 733 P12, 733 PEM, 733 FILL, 2648, 2959, 3198 Block, Block uninterruptible, Fill style, 5281 FILL_BLK, 2613, 2923, 3148 Filter Defining for the assignment list, 4868 Delete, 4868 Hardware catalog, 543 In the assignment list, 4867 Selecting, 4869 Filter alarms Alarm view, 5238 Filtering the alarm view, 5447 Filters Assignment list, FIND, 3390 Find and replace Colors, 6242 Firewall Creating service groups, 797, 800 Defining ICMP services, 796 Firewall rules, 779 Managing service groups, 798, 800 Firmware, 1019 Firmware card, 944 Firmware update Basics, 1931 from the project context, 1933 from the project tree, 1932 Firmware update memory card, 945 Firmware versions, 59 Fixed aspect ratio, 5282 WinCC Advanced V14 System Manual, 10/2016 Index Fixed reference temperature, 1872 Flash test, 1948 Flashing, 5042, 5113 Flip, 5282 Object, 5029 Flip-flop Reset/set, 2450, 2760 Set/reset, 2449, 2759 Floating-point number, 2150, 2151 Check invalidity, 2543, 2853 Check validity, 2542, 2852 Floating-point numbers, 2152 Invalid, 2152 FLOOR, 2656, 2967, 3206 Flutter monitoring, 1879 Folder link Editing, 5067 Removing, 5068 Renaming, 5068 Following error monitoring, 6673 Font settings Migrate, 209 Font size Asian languages, 6196 Device-dependent, 5014 Font size adjustment Activating, 5013 Footer Report, 5618 FOR, 3227 Force Force all, 4974 Stop forcing, 4976, 4977 Force job on SD card, 58 Force table "Monitor once and now" command for tags, 4967 Basic mode, 4954 Changed display formats, 74 Display, 4956 Expanded mode, 4954 Functionality, 4951 Layout, 4953 Meaning of the columns, 4953 Meaning of the icons, 4955 Monitoring and modifying modes, 4938 Opening, 4956 Overview of the display formats, 4960 Overview of the test options, 4951 Permitted operands, 4958 Permitted operands for force values, 4959 Saving, 4957 WinCC Advanced V14 System Manual, 10/2016 Switching between basic mode and expanded mode, 4954 Syntax check, 4957 Test options, 4951 Force value Permitted operands, 4959 Forcing tags Safety precautions, 4952, 4969 Foreground color Dynamization, 5113 Form exponential value, 3123 Format, 5202 Formatting Alarm text, 5425 FRAC, 2588, 2898, 3130 Fragment, 1046, 1052 Free space critically low, 6001 Free-form comments Deleting, 4662, 4719 Editing, 4661, 4718 Inserting, 4661, 4717 Introduction, 4660, 4717 Frequency meter, 1797, 1800 FTP, 770, 772, 990 FTPS certificates, 761 Full-screen mode, 6249, 6286 Function, 5695 Assigning to a function key, 5132 Function list, 5705 Function (FC) Creating, 4485 Definition, 1963 exporting to an external source file, 4510 Function block (FB) Creating, 4485 Definition, 1964 exporting to an external source file, 4510 Instance data block, 1964 Function Block Diagram, 4693 Function key, 5127 Assigning a function, 5132 Assigning a graphic, 5136 Global assignment, 5130, 6280, 6345 Global screen, 4992 Local assignment, 4992, 5131, 6280, 6345 protect with password, 5134 Replacing devices, 6202 Use global assignment, 4992 used for screen navigation, 5140 Function keys, 6249, 6286 Function list, 5346, 5700, 6046 Asynchronous execution, 5727 7291 Index Configuring, 5701 Editing, 5703 Execution in Runtime, 5727 Synchronous execution, 5727 Function value, 81 Functional scope ProSave, 6367 Functionality of the force table, 4951 Functions Updating tag value, 5309 G GADR_LGC, 3885 Gateway, 591 Gauge, 5300 Color of individual ranges, 5302 Display peak value, 5301 GMP-relevant tag, 5300 Maximum value, 5301 Minimum value, 5301 Normal range visible, 5301 GBIT interface (CPU 1518-4 PN/DP), 1687 GE Fanuc SNP Migrating data types, 232 GEN_DIAG, 3777 Gen_UsrMsg, 3697 General information on troubleshooting, 7080 Generating diagnostics information, 3777 Generation of packed addresses, 1644 GEO_LOG, 3880 GEO2LOG, 3868 Geographic coordinates, 1228, 1493 GET, 4181 Get_AlarmState, 3693 GET_DIAG, 3780 Get_IM_Data, 3751 GET_NAME, 3757 GetBlockName, 3402 GetBrightness, 5874 GetChecksum, 3766 GetDataRecordFromPLC, 5952 GetDataRecordName, 5954 GetDataRecordTagsFromPLC, 5955 GetError, 2686, 2997, 3247 GetErrorID, 2690, 3001, 3251 GetGroupNumber, 5834 GetInstanceName, 3398 GetInstancePath, 3400 GETIO, 3454 GETIO_PART, 3461 GetPassword, 5834 7292 GetPLCMode, 5859 GetStationInfo, 3761 GetSymbolName, 3391 GetSymbolPath, 3395 GetUserName, 5833 Gigabit PROFINET interface, 1687 Global assignment Of a function key, 5127, 5130 Global data block, 1965 Retentive behavior, 4567 Global firewall rules, 780 Assigning, 782 Global libraries, 456 Archiving, 475 Backward compatibility with older product versions, 470 Corporate libraries, 456 Retrieving, 476 System libraries, 456 User libraries, 456 Global library, 6113 Adding types, 504 Archiving, 476 Cleaning up, 518 Closing, 473 Create, 6123 Creating, 469 Creating folders, 480 Deleting, 474 Displaying logs, 472, 6126 Migrating, 222 Open, 6125 Opening, 470 Save, 6124 Saving, 472 Showing properties, 471 Updating the project, 507 Upgrade, 6231 Using filter view, 483 Using the element view, 459 Using types, 506 Global packet filter rules, 782 Global screen, 4991 Function key, 4992 Template, 4993 Global softkey, 5130 Global tag, (See PLC tag) GMP, 6249, 6286 GMP-relevant tag Gauge, 5300 GMRP, 1333 WinCC Advanced V14 System Manual, 10/2016 Index Go online, 1946, 6935 connecting several devices, 6938, 6939 Multiple TIA Portal instances, 62 Going offline, 1948 GOTO, 3234 GoToEnd, 5979 GoToHome, 5979 GRAPH, 2048 Detailed comparison, 4848 Migration, 187 Program status display, 4919 GRAPH overview, 5212, 6077 Compatibility mode, 5213 Configuring, 6086 Display program status, 5214 Operating mode, 5213 Single-line mode, 5213 Graphic Adapting, 5209 Add to graphics library, 6185 Adjust, 5211 Alignment, 5049 Assigning to a function key, 5136 Button, 5271 Distance, 5049 Graphic view, 5209, 5642 Inserting, 5030, 5624 managing, 5066 Size adjustment, 5048 Stretching, 5643 Using from the graphic browser, 5066 With transparent background, 5066 Graphic browser, 5066, 6186, 6249 Graphic I/O field, 5210 Output graphics list, 5105 Use in reports, 5643 Graphic lists Bit selection, 6249, 6286 Graphic view, 5208, 5642 transparent color, 5210 Graphics, 5068 Editor, 6184 Graphics list Application, 5095 Bit (0, 1), 5101 Bit number (0 - 31), Creating, 5096 Graphic I/O field, 5105 Outputting configuration data, 5104 Range (0 - 31), Range (... - ...), 5100 WinCC Advanced V14 System Manual, 10/2016 Group Adding objects, 5074 Cancel, 5073 Creating, 5072 Edit, Editing, 5072 Removing an object, 5075 Ungroup, 5073 Group alarm, 991 Group name, 795, 798 Group properties, 838 Groups, 1396, 1589 GSD files Configuring devices (PROFIBUS), 1653 Delete, 1652 GSD revisions (PROFIBUS), 1651 Installation, 1651 GSD files (PROFINET), 1697 Changing revision, 1700 Delete, 1699 Installation, 1699 GSDML, (See GSD files (PROFINET)) H Handle for slide-in screen Configuring, 5003 Handshake Protocol, 714 Handshaking, 978 Handwheel, 5215 Tag, 5216 Hardware Configuring and assigning parameters, 551 Detection, 67 Edit parameters, 566 Edit properties, 566 Hardware and network editor Device view, 526 Network view, 524 Topology view, 533 Hardware and software limit switches Function, 6618 Hardware catalog Adding device, 552 Browsing, 542 DP slave, 1628 DP/DP coupler, 1629 I slave, 1628 Selecting fail-safe modules, 556 Selecting the hardware component, 555 Task card, 541 7293 Index Hardware configuration Adding device, 552 Adding module, 559 Overview of the settings, 523 Hardware configuration for Motion Control S7-1200, 6595 Hardware data types, 2196 Hardware detection, 554 Hardware diagnostics, 1895 Hardware editor Components, 522 Function, 521 Hardware catalog, 541 Inspector window, 535 Hardware identifier, 1021, 1810, 1860, 1867, 1891, 3867, 4339, 4608 Determining with LOG2MOD, 3873 Hardware interrupt, 1006 How it works, 957 Hardware interrupt OB Description, 1006 Parameter assignment, 1017 Hardware requirements, 124, 125 Communication instruction "AS_MAIL", 7078 Communication instruction "PG_DIAL", 7073 Communication instruction "SMS_SEND", 7076 Hardware requirements for AS-AS remote link Communication instruction "AS_DIAL", 7075 Hardware support package Installing, 152 Hardware version, 1179, 1450 Hardware-controlled data flow control, 978 Harmonizing Object size, 5034, 5631 HART, 1788 HART variables Configuring, 1785 Structure, 1785 Header Report, 5618 Help Browsing, 321 Call topic from favorites, 325 Components of the information system, 312 Delete topic from favorites, 325 Full-text search, 321 Help on messages, 316 Identification of help topics, 314 Navigation view, 319 Open tooltip cascades automatically, 328 Opening, 317, 318 Preparing your own help contents, 442 7294 Printing help topics, 327 Roll-out, 315 Save topics in favorites, 324 Settings for user-defined documentation, 445, 446 Tooltip, 315 Help indicator, 5216 Hidden input, 5204 Hidden parameters, 4671, 4729 Hiding Report sections, 5622 Hierarchy levels User rights, 6250, 6287 High-speed analog modules Isochronous mode, 1837 High-speed counter Configuring, 973 General, 970 How it works, 970 HMI backup Deleting, 6235, 6323, 6359 Display, 6234, 6321, 6358 Rename, 6235, 6323, 6359 HMI connection, 248, 633, 990 HMI device, 136 as OPC client, 6421 as OPC server, 6422 Changing the device type, 6269, 6331 Configuration, 6232 Data backup, 6365, 6366, 6367, 6369 Image, 6365, 6366 Load, 6311, 6365, 6366 Performance features, 6389, 6392, 6396, 6399, 6405, 6409, 6414 Reloading the operating system, 6371 Replacing, 6213 Reset to factory settings, 6372 Restoring data, 6367, 6370 Software, 6365, 6366 Style, 6249, 6286 System limits, 6389, 6392, 6396, 6399, 6405, 6409 Transferring license key, 6374 Updating the operating system (Windows CE), 6372 HMI device configuration, 6232 HMI device dependency System function, 5709 HMI device image Deleting, 6238, 6325, 6362 HMI device licensing Non-PC-based, 136 WinCC Advanced V14 System Manual, 10/2016 Index HMI device replacement by the migration, 206 HMI device signature, 6284, 6356 HMI device type Changing, 6269, 6331 HMI device version, 6213, 6231, 6232, (Device version) HMI device wizard, 6241, 6245 HMI style, 6135 HMI style sheet, 6136 HMI tag Access to user-defined VB functions, 5707 HMI tags Connect PLC array tags, 5351 HMI user data types Interconnecting with faceplates, 5157 HOME key, 6278, 6343 Homing Homing modes, 6620 Horizontal radius, 5205 How the frequency meter works, 1797 HSC, 970 HSP, (See support package) HTA, 3373 HTML browser, 5217 Button, 5220 Connection to the FTP server, 5217 File explorer, 5217 HTMLBrowerZoomIn, 5877 HTMLBrowserBack, 5882 HTMLBrowserForward, 5881, 5882 HTMLBrowserHome, 5881 HTMLBrowserPageDown, 5881 HTMLBrowserPageUp, 5880 HTMLBrowserRefresh, 5876 HTMLBrowserScrollDown, 5876 HTMLBrowserScrollLeft, 5879 HTMLBrowserScrollRight, 5879 HTMLBrowserScrollUp, 5877 HTMLBrowserStop, 5875 HTMLBrowserZoomOut, 5878 HTTP, 796 Load/save, 1233, 1500 HTTPS, 886, 1030 HTTPS server only, 1225 HW ID See Hardware identifier, 1021 I I address, 1021 WinCC Advanced V14 System Manual, 10/2016 I slave Hardware catalog, 1628 I&M data downloading to PROFINET IO devices, 1943 I&M data: Read with Get_IM_Data, 3751 I/O Direct access to, 951 I/O access error, 949 I/O address, 951, 1021 I/O communication, 1667 I/O field, 5203 application in reports, 5641 Data format, 5204 Display format in reports, 5641 Hidden input, 5204 Lock/unlock, 6339 Mode, 5203 I/O input, 947 I/O output, 947 I/Os, 2012 IB, 4596 ICMP, 802 Icon For comparison, 1902 For comparison status, 1953 for connection status, 1953 For hardware diagnostics, 1901 for operating state, 1903 For software diagnostics, 1902 Overlay icon, 1903 Icons in TeleService, 7029 Icons in the force table, 4955 Icons in the watch table, 4926 ID, 4596 Identify alarm classes Alarm view, 5238 Identifying Alarm class, 5245 I-device, 1655, 1670 Proxy device, 1712 IE/AS-i link PN IO, 1655 IE/PB Link, 65, 1691 IE/PB Link PN IO, 65 IEC Check, Setting, 2201, 2401 IEC counters, 2118 IEC timer, 2155, 2156 IEC timers, 2118 IEEE 802.11n, 1434, 1551 Channel bonding, 1436 Frame aggregation, 1436 7295 Index Guard interval, 1436 Maximum ratio combining, 1435 MIMO, 1435 Spatial multiplexing, 1435 IEEE 802.3, 778 IEEE tag, 1787 IF, 3223 IF_CONF for the configuration data (telecontrol), 4354 iFeatures iREF, 1442 IGMP, 1332 IGMP querier, 1332 IKE settings, 838 Illuminated pushbutton, 5229 Tag, 5230 IM0_Data, 3751 Image, 6231, 6263, 6264 HMI device, 6365, 6366 Image file Storing in the image browser, 5068, 6186 Image memory, 1093 IMC, 2734, 3046, 3288 Import Alarm, 6143 Analog alarm structure, 6144 Project texts, 6160, 6184 Recipe, 6140 Structure of discrete alarms, 6147 Structure of recipe data, 6141 Tag, 6151, 6153 Text list, 6158 User administration, 5680 ImportDataRecords, 5948 ImportDataRecordsWithChecksum, 5950 Importing Recipe, 5588 Recipe data record, 5544, 5588 Importing a recipe Structure for the import, 6141 Importing analog alarms Structure for the import, 6144 Importing discrete alarms Structure for the import, 6147 Importing NTP servers, 831 in the screen Arrange object, 5038, 5629 IN_RANGE, 2539, 2849 INC, 2566, 2876 Incoming, 5404, 5996 IncreaseFocusedValue, 5796 IncreaseTag, 5836 7296 Increment, 2566, 2876 Indenting and outdenting Lines, 4766 Index tag, 5344, 5345 Indirect addressing, 2021, 2022, 2023, 2024, 2028, 2029, 2058, 2069, 2072, 5344 Information ARP table, 1179, 1451 Ethernet Statistics, 1192, 1460 Event log, 1181, 1452 Frame type, 1193, 1461 Groups, 1224, 1469 Inter AP blocking, 1470 IPv6 Neighbor Table, 1180 LLDP, 1198 Packet Errors, 1194, 1195, 1462 Role, 1224, 1469 Security, 1221, 1223, 1466, 1468 Spanning Tree, 1183, 1456 Versions, 1178, 1449 WLAN authentication log, 1454 Information area PLC code view, 6089 Information system Components of the information system, 312 Help on messages, 316 Roll-out, 315 Tooltip, 315 Infotext, 5413 Creating, 5421, 5424 display, 6279, 6283, 6344, 6349 Key, 6279, 6344 INIT_RD, 2693, 3004, 3253 Initialization IPE file, 7110 Project file, 7116 Initialization (user-defined web pages), 1033 Initialize all retain data, 2693, 3004, 3253 Initializing Controller data, 6246 IPE file, 7111 Project file, 7116 Input Insert, 2750 Inserting, 4666 remove, 4667, 4724 Input (I), 947 Input byte (IB), 947 Input field Character mode, 6278, 6343 Standard mode, 6278, 6343 Input finished, 5995 WinCC Advanced V14 System Manual, 10/2016 Index Input on the HMI device By means of function key, 6280, 6345 Input word (IW), 947 INSERT, 3385 Insert a comment section, 3236 Insert empty line, 6702 Insert input, 4723 Insert separator line, 6702 Inserting Code template in user-defined functions, 5705 Graphic, 5030, 5624 Library object, 6132 Object, 5029, 5030, 5624 Rectangle, 5083 Inspector window, 566 Diagnostics tab, 1897 Hardware and network editor, Layout, 285 Reducing automatically, 279 Install update, 152 Installation Displaying software, 144 Licenses, 118 Log, 141 Modifying products, 145 Repairing products, 147 run automatically, 117 Starting, 142 Support package, 152 System requirements, 119 Target directory, 117 Updates, 152 Updating products, 145 Virtual environment (private cloud), 117 Installing, 132 Add-on, 132 Option, 6376 Powerpack, 140 Installing CA certificate, 7062 Installing license keys, 122 Installing support packages, 152 Installing the local modem, 7037 Instance Creating an instance, 494 Displaying associated type, 495 Instance data block Creating, 1966 Definition, 1966 Modifying the data types of IEC timers and IEC counters, 4783 Retentive behavior, 4566 WinCC Advanced V14 System Manual, 10/2016 Instruction Copying, 4800 Cutting, 4800 Deleting, 4800 Inserting, 4800 Rules, 4778 Search, 4470 Specify data type, 4650, 4652, 4707, 4709 Versions, 4471 Instruction profile Activating and deactivating, 4475 Basics, 4472 Creating, 4473 Deleting, 4476 Editing, 4474 Opening, 4474 Instructions Function list, 5705 PLC code view, 6093 Instructions for configuring a remote modem, 7039 INT, 2143, 2211, 2272, 2341, 2370, 2405, 2420 INT_TO_, 2272, 2370, 2420 Integer, 2658, 2969, 3207 16-bit, 2143, 2144 32-bit, 2145, 2146 64-bit, 2147, 2148 8-bit, 2141, 2142 Integrated Configuring, 7128 Integrated connection, 5309 Integrated project Converting an unspecified CPU, 247 Creating an integrated HMI connection, 248 Deleting an unspecified connection, 252 Linking HMI tags, 250 Migrating, 226, 243 Post-editing, 245 Intelligent DP slave, (See I-slave) Inter AP blocking Allowed addresses, 1614 Basic, 1613 Configuration, 1613 Information, 1470 Inter Project Engineering Creating "Device proxy data" in the source project, 7108 Exchanging controller data across projects, 7105 Exporting an IPE file by means of the "Device proxy data", 7109 Procedure for exchanging controller data via a project file, 7106 7297 Index Procedure for exchanging controller data via an IPE file, 7106 Procedure for updating already transferred controller data, 7107 Requirements, 7105 Software and hardware requirements, 7105 Inter Project Engineering (IPE) Exchanging controller data via IPE file, 7103 Exchanging controller data via project file, 7103 Introduction, 7102 Interconnecting, 593 Interconnecting of ports, 1679 Interconnecting ports Graphic view, 703, 705 Table view, 704, 706 Interface, (See block interface) Adding, 6951 Displaying, 1909 Renaming, 706 Interface properties, 1909 Interference frequency suppression, 1870 Internal network nodes Configuring, 843 Diagnostics, 855 Internal reference junction, 1872 Internet Key Exchange (IKE), 838 Interpolator OB, 1014, 6614, 6616 Inter-Project_Engineering IPE, 6246 Interrupt event Delaying with DIS_AIRT, 3684 Disabling with DIS_IRT, 3681 Enabling with EN_AIRT, 3685 Enabling with EN_IRT, 3683 Interrupts Activating time-of-day interrupt with ACT_TINT, 3654 Canceling time-delay interrupt with CAN_DINT, 3666 Canceling time-of-day interrupt with CAN_TINT, 3653 Querying time-delay interrupt with QRY_DINT, 3666 Querying time-of-day interrupt with QRY_TINT, 3655 Receiving from I/O module with RALRM, 3473 Setting time-of-day interrupt with SET_TINT, 3649 Setting time-of-day interrupt with SET_TINTL, 3651 7298 Starting time-delay interrupt with SRT_DINT, 3664 With packed addresses, 1650 Intrusion Detection System (IDS), 126, 129 Invalid cross-references, 6169 Invalid license With a time zone change, 124, 138 InverseLinearScaling, 5837 Invert, 2442, 2701, 2751, 3013 InvertBit, 5843 InvertBitInTag, 5845 InvertLinearScaling, 5837 IO address, 3867 IO controller Devices and modules, 1672 Display in the IO device, 1674 PN interface, 1673 IO device Display of the IO controller, 1674 Networking, 1677 Update time, 1680 Watchdog time, 1682 IO system, 1676 Creating, 1677 IO2MOD, 3874 IO-Link, 1703 IP access control list, 771 IP address, 58, 591, 593, 1659 IP address parameters, 1660, 1670 IP configuration Change parameters from the user program, 4298 IP mapping, 1480 IP packet filter rules, 802 IP parameters, 1910 IP rule sets, 780 IP services, 795 IP subnet, 593 iPCF, 1439 Configuration, 1486, 1487, 1615 How it works, 1439 PNIO communication, 1439 Restriction, 1441 iPCF-MC PNIO communication, 1439 IPE, 6246 Creating "Device proxy data" in the source project, 7108 Exchanging controller data across projects, 7105 Exporting controller data of the "Device proxy data" as an IPE file, 7109 File, 7110, 7111 WinCC Advanced V14 System Manual, 10/2016 Index Introduction, 7102 Software and hardware requirements, 7105 IPE data Updating, 7114, 7119 IPE file, 7110 Initialization, 7110 Initializing, 7111 iPRP Configuration, 1619 IPsec settings, 838 IPv4 OSPF, 1162 VRRP, 1160 VRRPv3, 1161 IPv4 addresses, 808 IPv4 routing NAT Translations, 1211 IPv4 routing over backplane bus (CM/ CP 154x1), 1894 IPv6 E-mail, 1895 FETCH/WRITE, 1895 FTP client, 1895 FTP server, 1895 Notation, 1139, 1894 OSPFv3, 1165 SNMP, 1895 Use with the CP 1543-1, 1895 VRRPv3, 1161 IPv6 addresses, 808 IPv6 routing OSPFv3 AS-Scope LSDB, 1216, 1217 OSPFv3 Interfaces, 1213 OSPFv3 Link-Scope LSDB, 1219 OSPFv3 Neighbors, 1214 OSPFv3 virtual neighbors, 1215 Routing table, 1212, 1219 Static routes, 1375 IQ sense, 1880 iREF, 1442 Configuration, 1620 IRT Setup recommendations, 1694 IS_ARRAY, 2554, 2864, 3111 IS_NULL, 2552, 2861 ISAKMP, 847 I-slave, 1630, 1639 Configuring, 1640 Data access, 1641 Data exchange, 1630 Proxy device, 1710 ISO protocol, 901 WinCC Advanced V14 System Manual, 10/2016 Isochronous mode, 1655, 1704, 1710 Oversampling, 1837 Isochronous real-time communication (IRT), 1655 ISO-on-TCP Characteristics, 611 TSAP, 629 IW, 4596 IX, 4596 J Jerk limit Function, 6619 JMP, 2668, 2980 JMP_LIST, 2672, 2983 JMPN, 2669, 2981 JOIN, 3357 Jump, 2668, 2669, 2670, 2672, 2673, 2676, 2980, 2981, 2982, 2983, 2984, 2987 Jump distributor, 2673, 2984 Jump label, 2670, 2982, 3234 Jump list, 2672, 2983 K K parameter, 80 Key Backspace, 6278, 6343 Cursor, 6277, 6342 Delete, 6278, 6343 END, 6278, 6343 ENTER, 6278, 6343 ESC, 6278, 6343 HOME, 6278, 6343 Infotext, 6279, 6344 Scrolling back, 6278, 6343 Scrolling up, 6278, 6343 TAB, 6277, 6342 Key assignment Replacing devices, 6202 Key operation, 6277, 6342 Key pair for password protection, 6254, 6292 Key switch Application, 5274 Layout, 5274 Tag, 5275 Keyboard layout, 6249, 6286 Keyboard operation, 548 Basic functions of the TIA Portal, 300 Customizing editors, 305 Editing objects, 306 7299 Index Editing texts, 307 Navigation in the TIA Portal, 303 Online functions, 309 Project editing, 302 Selecting objects, 306 Tables, 308 Window, 302 Keyboard shortcut Move object, 5037 Keyboard shortcuts, 6249 KEY-PLUG, 1274, 1276 Formatting, 1276, 1535 iFeatures, 1536 Keyword highlighting, 4762 Keywords, 1999 K-key Replacing devices, 6203 Know-how protection Changing a password, 4521, 5718 Introduction, 4514 opening a user-defined function, 5717 Opening blocks, 4519 Printing block, 4520 remove, 4522, 5717 Setting up, 4518, 5716 L LABEL, 2670, 2982 Recipe view, LACP, 1322 LAD, 4634, 4683 Detailed comparison, 4838 Migration, 187 LAD element Copying, 4663 Cutting, 4664 Deleting, 4669 Inserting, 4649 Inserting an operand, 4670 pasting from the clipboard, 4665 Replacing, 4665 Rules for inserting, 4646 Selecting, 4663 LAD network Branch, 4673 Closing a branch, 4675 Crossing, 4676 Deleting a branch, 4676 Deleting a crossing, 4678 Insert crossing, 4677 Inserting a block call, 4655, 4712 7300 Inserting a branch, 4674 Program status display, 4915 Prohibited interconnections, 4648 Rearranging a crossing, 4677 Rules for simultaneous branches, 4674 Ladder Logic, 4634 Language Activate project language, 6175 Asian languages, 6173 Asian operating system, 6173 Disabling the project language, 6175 Editing language, 6176 Language support, 6174 Language-dependent format, 6173 Language-specific graphic, 6184 Log, 5377, 5467, 6195 multilingual project, 6177 Reference language, 6176 Regional format of the date, time, currency, and numbers, 6173 Language abbreviation, 1056 Language and font, 6250, 6287 Language switching, 1057, 6189 In Runtime, 5731 Log, 5377, 5467, 6195 Order, 6250, 6287 Runtime language, 6192 Languages Migrating, 219 Layer Assigning objects to a layer, 5143 Layer 2, 778 MLD (IPv6), 1334 Layer 3, 778, 1276 Layer 3 (IPv6), 1372 Configuration, 1372 Layout Alarm indicator, 5249, 5480 Alarm line, 5242 Alarm report, 5644 Alarm view, 5239, 5240, 5243, 5247, 5475, 5478 Bar, 5193 Button, 5271 Camera view, 5221 Charging condition, 5228 Circle, 5225 Clock, 5293 Date/time field, 5202 Date/time field in reports, 5640 Effective range name, 5294 Effective range name (RFID), 5296 Effective range signal, 5297 WinCC Advanced V14 System Manual, 10/2016 Index Ellipse, 5205 f(x) trend view, 5206 Gauge, 5300 GRAPH overview, 5213 Graphic I/O field, 5211 Graphic I/O field in reports, 5643 Graphic view, 5208, 5642 Handwheel, 5215 HTML browser, 5218 I/O field, 5203 I/O field in reports, 5641 Illuminated pushbutton, 5229 Key switch, 5274 Line, 5232 Media Player, 5234 Page number in reports, 5647 Polygon, 5257 Polyline, 5258 Recipe report, 5646 Recipe view, 5264, 5268 Rectangle, 5263 Simple recipe view, 5557 Simple user view, 5197 Slider, 5273 Sm@rtClient view, 5278 Switch, 5269 Symbol library, 5281 Symbolic I/O field, 5283 Symbolic I/O field in reports, 5648 Text field, 5292, 5649 Trend view, 5226 User view, 5196, 5199 Watch table, 5200 WLAN reception, 5299 Zone name, 5302 Zone signal, 5303 Layout of the force table, 4953 LDT, 2159, 2233, 2310 LDT_TO_, 2310 Lead and lag algorithm, 2738, 3050, 3292 LEAD_LAG, 2738, 3050, 3292 Learning functionality, 844 Learning mode, 901 LED, 3749 LED status Reading out with LED, 3749 LEFT, 3378 LEN, 3375 LG GLOFA GM Migrating data types, 233 LGC_GADR, 3886 WinCC Advanced V14 System Manual, 10/2016 Library, 57, 6113 Adding a master copy, 482 Adding and using a block, 4487 Basics, 455 Buttons and Switches, 6118 Cleaning up, 518 Comparing library elements, 519 Copying a library object, 6117 Copying types to the clipboard, 513 Creating folders, 480 Cutting library elements, 513 Cutting master copies, 513 Cutting types, 513 Deleting instances, 514 Deleting types and versions, 514 Harmonizing names and path structure, 517 Master copies, 455 Master copy, 6117 Moving library elements, 514 Open, 6125 Opening a released type version, 488 Pasting master copies from the clipboard, 514 Pasting types from the clipboard, 513 PLC data types generated by the system, 71 Released type version, 487 Save, 6124 Storing an object, 6131 Style, 6135 Style sheet, 6136 System diagnostics indicator, 6065 Task card, 457 Type, 6117 Type version in progress, 486 Type version in test, 487 Types, 455 Using filter view, 483 Using master copies, 480, 484 Using the element view, 459 Using types, 484 Versioning of types, 485 Library management Displaying cross references of an instance, 467 Displaying instances of type versions, 467 Displaying relations between library objects, 468 Filtering, 6122 Filtering by non-released types, 466 Opening, 465, 6121 Overview, 463, 6120 Library object, 6113, 6114 Inserting, 6132 Library view Exit, 463 7301 Index Opening, 463 Overview, 460, 6115 License Defective, 124, 139 Defective license, 124, 139 Managing, 6374 Starting without a valid license, 133 Starting without valid license, 121 License key, 123, 137 Handling license keys, 123 Working with license keys, 137 License Keys, 6373 Transfer to an HMI device, 6374 License Manager Panel Plugin, 136 Licenses, 118 Life of certificates, 836 Light emitting diode Acknowledge, 6279, 6344 Toggle, 6279, 6344 LIMIT, 2573, 2883, 3118 Login attempts, Logon attempts, Limit and enable password legitimation, 2678, 2989, 3238 Limit value, 1828, 2573, 2883, 3118 Tag, 5328 Limits Display, 6249 Show in tooltip, 6286 Tag, 5327 Line, 5232 Design, 5042 Line end, 5042, 5233 Line start, 5233 Line break, 1803 Line end Line, 5233 Polyline, 5258 Line start Line, 5233 Polyline, 5258 Linear programming, 1960 LinearScaling, 5839 Link folder External graphic, 5067 Linked objects Copying, 6222, 6223 Linking, 6164 Linking HMI tags, 250 LINT, 2147, 2218, 2286 LINT_TO_, 2286 LLDP, 770, 772, 1198, 1689 7302 LLDP (Link Layer Discovery Protocol), 1689 LN, 2578, 2888, 3122 Load HMI device, 6311, 6365, 6366 Recipe data record in runtime, Load memory, 946, 4883 Displaying, 4887 Load names, 6249, 6286 Load window layout Loading additional window layouts, 297 Loading via quick access, 297 LoadDataRecord, 5951 Loading Configurations with PROFIBUS, 1709 Configurations with PROFINET, 1711 Configurations with Web server, 1709 Device configurations, 1707 Distributed I/O, 1708 Downloading project data to the device, 372 from a device, 63, 70 General information, 370 Going online, 1715 GSDML, 1711 HMI devices, 1714 I-device, 1712 IE/PB-Link, 1713 I-slave, 1710 Isochronous applications, 1704, 1710 Module comments, 64 Proxy device, 1710, 1712 Shared Devices, 1714 Subnets, 1708 to PG/PC, 1705 to the device, 63, 1704 Loading projects with connected HMI device, 6263, 6305 Without connected HMI device, 6306 Loading with S7 routing, 6264 Local assignment Of a function key, 5127, 5131 Local data bit (L), 947 Local data byte (LB), 947 Local data double word (LD), 947 Local data word (LW), 947 Local logging, 849 Local script, 5695 Local tag Access to user-defined VB functions, 5707 Local time, 960 Calculating with SET_TIMEZONE, 3320 Reading out with RD_LOC_T, 3315 Writing with WR_LOC_T, 3317 WinCC Advanced V14 System Manual, 10/2016 Index Local users, 1393, 1585 Local variable, 4522 Lock Operator control, 6338, 6339 Log, 6249, 6286 Alarm log, 5529 Automatic entries, 5531 Checksum, 5376, 5465, 5535 Data log, 5529 Language switching, 5377, 5467, 6195 Level-dependent management, 5369, 5469 Runtime language, 5377, 5467, 6195 Log behavior Control with system function, 5372 Level-dependent management, 5369, 5469 Managing upon system start, 5368, 5468 Log contents Displaying, 5365, 5457 Log data Migrating, 222 Log database Direct access with ODBC, 5378, 5391, 5462 Log entries, 5531 Log file Modem alarms, 7085 Log language, 5377, 5467, 6195 Log table Event log, 1181, 1452 WLAN authentication log, 1454 Log type, 5457 Log with level-dependent execution of system functions, 5457 Log with level-dependent system alarm, 5457 LOG_GEO, 3882 LOG2GEO, 3871 LOG2MOD, 3873 Logarithm, 2578, 2888, 3122 Logging, 849 Circular log, 5365 CP x43-1 Adv., 917 Log type, 5365, 5457 SCALANCE S, 885, 887 Segmented circular log, 5365 Tag value, 5363 Tags, 5365, 5370 Tolerance band, 5370 Within/outside the limit values, 5370 Logging cycle, 5370 Tag, 5361 Logging language, 6249, 6286 Logging method Circular log, 5365 WinCC Advanced V14 System Manual, 10/2016 Level-dependent, 5365 Segmented circular log, 5365 Logging tag Configuring, 5380 Logic analyzer function, 6966 Logic operation AND, 2697, 3008 EXCLUSIVE OR, 2700, 3011 OR, 2698, 3010 Logic path Deleting, 4734 Inserting, 4734 Use, 4733 Logical address Determining a module with GADR_LGC, 3885 Determining a module with RD_LGADR, 3883 Determining associated slot with LGC_GADR, 3886 Determining associated slot with LOG_GEO, 3882 Logical error, 5720 Login attempts Limit, 6250 Logoff, 5831 Configuring on the effective range, 6035 Configuring to effective range (RFID), 6039 Effective range, 5295 Effective range (RFID), 5297 Logoff time, 6250, 6287 Changing, 5666 Changing in runtime, 5678 Logon, 5831 Configuring on the effective range, 6035 Configuring to effective range (RFID), 6039 Effective range, 5294 Effective range (RFID), 5296 Logon failed, 5682 Reporting, 5687 User, 5681 Logon attempts Limit, 6287 Logon dialog Configuring access protection, 5686 Logon for web server, 1028 Logon web server, 1028 Logout Automatic, 1527 Logs Deleting logs, 361 Displaying logs, 361 LogTag, 5823 Long word, 2139 7303 Index LookupText, 5812 Loop, 3223, 3227, 3229, 3231, 3232, 3233 Loop monitoring with S7-1200/1500, 4911 Loop monitoring with S7-300/400, 4910 Loop-in alarm trigger, 5480 Loop-In-Alarm, 5997 Configured, Low free storage space, 6001 LREAL, 2108, 2151, 2224, 2296, 2346, 2385 LREAL_TO_, 2296, 2385 LTIME, 2156, 2229, 2304 LTIME_TO_, 2304 LTOD, 2158, 2241, 2320 LTOD_TO_, 2320 LWORD, 2139, 2206, 2261 LWORD_TO_, 2261 M MAC packet filter rules, 806 MAC rule sets, 780 MAC services, 798 Machine tailoring, (See Reconfiguring IO systems) Main, 998 Main mode, 838 Making characters available for WString/WChar, 5343 Managing Graphic, License, 6374 User group, 5666 Users, 5665 Users in runtime, 5677 Man-in-the-middle attack, 715 Manual fragment, 1052 Master copy Library, 6117 Math functions CALCULATE, 4659, 4716 Mathematical functions CALCULATE, 4688, 4743 MAX, 2571, 2881, 3116 MAX_LEN, 3356 Maximum, 2571, 2881, 3116 Maximum cycle time, 943, 966 Maximum load memory available Displaying, 4887 MB, 4596 MB_CLIENT, 4411, 4429 MB_COMM_LOAD, 4394 MB_MASTER, 4397 7304 MB_SERVER, 4419, 4441 MB_SLAVE, 4405 MC_ChangeDynamic Instruction, 3918, 3953 Parameter, 3918, 3953 MC_CommandTable Instruction, 3916, 3951 Parameter, 3917, 3952 MC_Halt Function chart, 3901, 3936 Instruction, 3899, 3934 Parameter, 3968 Parameters, 3900, 3935 MC_Home Instruction, 3894, 3930 Parameter, 3896, 3931 MC_MoveAbsolute Function chart, 3905, 3939 Instruction, 3902, 3937 Parameter, 3902, 3938 MC_MoveJog Function chart, 3915, 3950 Instruction, 3913, 3948 Parameter, 3914, 3949 MC_MoveRelative Function chart, 3908, 3943 Instruction, 3906, 3940 Parameter, 3907, 3941 MC_MoveVelocity Function chart, 3912, 3947 Instruction, 3909, 3944 MC_Power Function chart, 3892, 3927 Instruction, 3888, 3923 Parameters, 3888, 3924 MC_ReadParam Instruction, 3920, 3955 Parameter, 3921, 3956 MC_Reset, 3893, 3928 MC_WriteParam Instruction, 3922, 3957 Parameter, 3922, 3958 MCAT, 2730, 3042, 3284 MC-Interpolator OB, 1014, 6614, 6616 MC-PostServo OB, 1013 MC-PreServo OB, 1013 MC-Servo Assigning parameters, 1019 MC-Servo OB, 1012, 6614, 6616 MD, 4596 MD5, 833, 839 MDM, 328 WinCC Advanced V14 System Manual, 10/2016 Index Meaning of the columns in the force table, 4953 Measure program runtime, 2695, 3006, 3255 Measurements Project navigator, 6974 Measuring range, 1842 Measuring window (GATE), 1800 Media converter, 1679 Media Player, 5233 Number of replays, 5234 Media redundancy (MRP), 1655 Memory area Load memory, 946 Retentive memory areas, 948 Work memory, 946 Memory bit (M), 947 Memory byte (MB), 947 Memory card, 57, 944, (See Memory Card) Accessing, 440 Adding a card reader, 440 Formatting, 1930 Introduction, 439 Removal/insertion, 62 Showing properties, 441 Memory double word (MD), 947 Memory requirements Recipe, 6386, 6388 Memory reset, 944 Making, 1926 Memory size Alarm buffer, 5461 Memory word (MW), 947 Menu command Simple recipe view, 5558 Message Sending, 981 Specifying the end, 983 Specifying the start, 982 MIB, 770 Microsoft Script Debugger Registering, 5726 Registering as default script debugger, 5726 Starting automatically, 5726 MID, 3381 Migrated project Compiling, 200 Migrating projects Procedure, 173 Requirements, 172 Migration, 183, 187, 189 Adaptations beforehand, 203 Alarm groups, 215 Allen-Bradley DF1 data types, 231 WinCC Advanced V14 System Manual, 10/2016 Allen-Bradley DH485 data types, 231 Allen-Bradley Ethernet IP data types, 232 Area pointer, 213 Basics, 196 Data types Modicon Modbus, 235 Data types Modicon Modbus TCP/IP, 235 Data types Omron Hostlink/Multilink, 236 Data types OPC, 236 Data types SIMATIC 500/505 DP, 237 Data types SIMATIC 500/505 serial, 237 Data types SIMATIC HMI HTTP Protocol, 238 Data types SIMATIC S5 AS511, 238 Data types SIMATIC S5 DP, 239 Data types SIMATIC S7 200, 239 Data types SIMATIC S7 300/400, 240 Data types Telemecanique Uni-Telway, 243 Displaying a log file, 174 Displaying history, 174 Font settings, 209 GE Fanuc SNP data types, 232 Global library, 222 HMI device replacement, 206 Including the hardware configuration, 168 Integrated project, 243 Introduction, 195 Introduction to migration, 167 LG GLOFA GM data types, 233 Migrating an integrated project, 226, 243 Migrating projects, 199, 228 Mitsubishi FX data types, 233 Mitsubishi Protocol 4 data types, 234 of external tags, 230 of languages, 219 of log data, 222 of project text, 219 Project library, 221 Recipe data, 222 Reconfigure connection, 212 Runtime data, 222 Script, 218 Supported HMI devices, 201 Supported products, 167 Text, 219 The migration process, 167 User administration, 222 VB-script, 218 Migration of IP access protection lists when activating Security, 68 Migration of projects with Ethernet CPs and Security, 67 Migration of STEP 7 projects Alarms, 194 7305 Index CBA for IO controllers, 180 Device names of PROFINET IO devices, 179 GSD and GSDML devices, 181 I slaves and I-devices, 181 Introduction, 175 Isochronous mode with PROFINET IO, 180 Media redundancy, 180 Migratable types of connection, 182 Migration of project texts, 195 Multiproject, 182 Names of modules and racks, 179 PROFIBUS isochronous mode, 181 Requirements, 176 Requirements for the project, 177 Scope of migration, 175 Shared devices, 180 System error messages, 194 Transfer areas, 180 Update groups PROFINET IO, 181 Migration tool, 198 Creating a migration file, 172 Distribution and sources, 158 Including the hardware configuration, 170 Removing, 159 System requirements, 158 Using the migration tool, 169 Migration: Check migration readiness of the hardware, 169 MIN, 2570, 2880, 3114 Minimizing projects, 362 Minimum, 2570, 2880, 3114 Minimum cycle time, 943, 966 Mirroring, 1090, 1301, 1304 Missing supply voltage, 1869 Mitsubishi FX Migrating data types, 233 Mitsubishi Protocol 4 Migrating data types, 234 Mixed mode, 840 MLD, 1334 Mobile Panel Display and operating object, 5189 OPC, 6420 Mobile Panels Available system functions, 5771 Mobile Wireless, 6012, 6013 Work area, 6012 Zone ID / connection point ID, 6041 Mobile Wireless (RFID) Work area, 6014 Mobile Wireless V2, 6014 MOD, 2563, 2873, 4749 7306 Modbus communication as a slave with MB_SLAVE, 4405 as Modbus master with MB_MASTER, 4397 Configuring a port with MB_COMM_LOAD, 4394 Mode, 5271 Graphic I/O field, 5211 I/O field, 5203 Modem Local, 7037 Problem, 7080 Remote, 7038 Modem alarms Log file, 7085 Modem connection cannot be established, 7084 Modem connection is closed, 7085 Modem connection is interrupted, 7084 Causes and solutions, 7084 Modems without plug-and-play, 7038 Modicon Modbus Migrating data types, 235 Modicon Modbus TCP/IP Migrating data types, 235 Modify High-speed counters, 3988, 3990 Modify value Permitted operands, 4931 Modifying mode, 4938 Modifying recipe structures, 5590 Module Addressing, 1021 Asynchronously reading data record with RD_DPARA, 3625 Communication Status, 854 Copying, 563 Deleting, 562 Determine diagnostics status, 1917 Determining logical address of the slot with LOG_GEO, 3882 Determining logical address with GADR_LGC, 3885 Determining logical addresses with RD_LGADR, 3883 Determining slot of a logical address with LGC_GADR, 3886 Determining start address with GEO_LOG, 3880 Inserting, 62, 560, 561 Moving, 564 Reading data record with RD_DPAR, 3619 Removing, 62 Replacing, 565 Select, 558 Time of day on a module, 1927 WinCC Advanced V14 System Manual, 10/2016 Index Module addressing, 951 Module arrangement, 559 Module comments, 64 Module replacement, 247 Module rights, 770 Module titles, 557 Module version Updating, 570 ModuleStates, 3772 Monitor, 1684 Monitor GRAPH programs, 4919 Monitor SCL programs, 4918 Monitor STL programs, 4917 Monitoring "Monitor all" command, 4941, 4966 "Monitor now" command, 4967 "Monitor once and now" command, 4942 Monitoring and modifying tags in the DB editor, 4578, 4579, 4580 Monitoring and modifying modes, 4938 Monitoring FBD programs, 4916 Monitoring GRAPH programs, 4919 Monitoring LAD programs, 4915 Monitoring loops, 4910 Monitoring mode, 4938 Monitoring of the partner port..., 1679 Monitoring SCL programs, 4918 Monitoring STL programs, 4917 Monitoring structures, 4912 Monitoring structures (S7-1200/1500), 4912 Monitoring window, 1879 Mono-master system, 1630 Motion Control CPU S7-1200 Guidelines, 6622 Motion Control S7-1200 Drive and encoder connections, 6605 PROFIdrive, 6605 Telegram, 6605 Move, Block, 2604, 2643, 2914, 2953, 3139, 3192 Block uninterruptible, 2611, 2646, 2921, 2956, 3146, 3195 Character string in array with Strg_TO_Chars, 3350 Screen, 4987 Value, 2591, 2901 Move block, 2607, 2917, 3141 Move object Keyboard shortcut, 5037 Move view Keyboard operation, 550 Overview navigation, 525, 527, 534 WinCC Advanced V14 System Manual, 10/2016 MOVE_BLK, 2604, 2914, 3139 MOVE_BLK_VARIANT, 2085, 2607, 2917, 3141 MoveVelocity Parameter, 3910, 3945 Moving Hardware components, 564 Moving columns User view, 5196 Moving in a group Pop-up screen, 4999 MRP domain, 1913 MRP domain properties, 1912 MSK_FLT, 3679 MSTP, 1317, 1578 MUL, 2561, 2871 Multi Panel Display and operating object, 5188 OPC, 6420 Multi Panels Available system functions, 5757 Multicast, 817, 1331 Multi-instance, 2015 Declaring, 4537 Definition, 1977 Multiple instance Changing the call type, 4658, 4715 Multiple selection, 558, 5060, 5632 Multiple Spanning Tree, 1317, 1578 Multiplex, 2707, 3018, 3261 Multiplex/synchronous mode, 1885 Multiplexing, 5344 Address multiplexing, 5334 with absolute addresses, 5334 with symbolic addresses, 5335 Multiply, 2561, 2871 Multi-touch devices Gestures, 6337 Scrolling, 6335 Two-hand operation, 6338 Zoom in and out, 6336 Zooming, 6336 Multiuser Engineering Compiling and loading, Compiling in the local session, Compiling in the server project view, Installation of the multiuser server as standalone installation, 160, 7166 Installation of the multiuser server with the TIA Portal, 160, 7165 Introduction, 160, 7140, 7143, 7165 Rules and requirement for installation, 161, 7166 Rules for compiling and loading, 7307 Index Starting the installation of the multiuser server, 161, 7166 Uninstalling the multiuser server, 162, 7167 MUX, 80, 2707, 3018, 3261 MW, 4596 MX, 4596 My Documentation Manager, 328 N N, 2453, 2456, 2763, 2766 N_TRIG, 2459, 2768 Names of alarm classes Change through migration, 216 Naming conventions Alarm log, 5534 Data log, 5534 NAPT, 1438 Configuration, 1583 Configuring, 1371 NAT, 1438 Configuration, 1582 Configuring, 1369, 1370 NAT Translations, 1211 NAT/NAPT Routing, 816 NE_ElemType, 2550, 2860 NE_Type, 2546, 2856 NEG, 2565, 2875 Negate, 2565, 2875 Negotiation, 1264, 1538 Nesting depth, 1961, 1973 Network, 70 Closing, 4642, 4700 Copying, 4641, 4699 Deleting, 4641, 4699 Entering a comment, 4644, 4702 Insert title, 4643, 4701 Inserting, 4639, 4641, 4697, 4699 Navigating blocks, 4645, 4703 Opening, 4642, 4700 Selecting, 4640, 4698 Using, 4638, 4696 Network access Opening the properties, 6950 Network comments Hiding, 4468 Showing, 4468 Network connection Creating, 7130 Network drive, 56 7308 Network editor Components, 522 Function, 521 Hardware catalog, 541 Inspector window, Network ID, 894 Network overview Basic functions, 579 Basic functions for editing the network overview table, 580 Network Syslog, 849 Network view Adding device, 552 Hardware and network editor, 524 I/O communication, 1667 Networking devices Basics of configuring networks, 575 Editing interface addresses, 582 Editing interface parameters, 581 Editing network parameters, 581 Networking several interfaces at the same time, 577 Networking with an existing subnet, 578 Networking without an existing subnet, 577 Networks within a project, 575 Requirements, 581 Types of communication, 575 Networking in the device view Networking options, 580 Procedure, 580 Networking mode, 577 New data types, 2057 New key pair Generation, 6255, 6294 No supply voltage, 1828 Nodes with an unknown IP address, 841 Non-licensed mode Engineering System, 133 ES, 121 HMI devices, 136 Runtime, 134 non-typed, 2113 NORM_X, 2661, 2972, 3211 Normal range visible, 5301 Normalize, 2661, 2972, 3211 Normally closed contact, 2441 Normally open contact, 2439 NOT, 2442, 4757, 4758 Not equal, 2553, 2863 NOT_NULL, 2553, 2863 NOT_OK, 2543, 2853 NotifyUserAction, 5794 WinCC Advanced V14 System Manual, 10/2016 Index NTP, 1331 NTP (secure), 827 NTP server, 827 NULL, 2185 Number of lines User view, 5196 Number of replays Media Player, 5234 Numerical key assignment, 6279, 6344 NOT DEFINED add external graphic, 6186 O O, 6932 OB Events and OBs, 952 Overview, 952 OB 1, 998 OB 80, 1008 OB 82, 1009 OB for manufacturer-specific interrupt, 1003 OB for profile-specific interrupt, 1003 OB servo, 6616 OB 83, 1010 Object Arrange, 5029, 5038, 5629 Assigning to a layer, 5143 Availability for Basic Panels, 5183 Availability for Comfort Panels, 5186 Availability for Mobile Panels, 5189 Availability for Multi Panels, 5188 Availability for Panels, 5184 Availability for WinCC Runtime Advanced, 5191 Creating a new OLE object, 5029 Creating an OLE object from a file, 5029 Deleting, 5031, 5626 Design, 5042 Designing the background color, 5044 Designing the fill pattern, 5045 Dynamization, 5106 Dynamization of the appearance, 5113 Dynamize direct movement, 5117 editing within a group, 5076 Evenly distributing, 5036, 5635 Flashing, 5042 Flip, 5029 Flush alignment, 5036, 5634 WinCC Advanced V14 System Manual, 10/2016 Group, Grouping, 5072 Inserting, 5029, 5030, 5624 Inserting of the same type, 5029 Inserting several times, 5058, 5626 Multiplying, 5058, 5626 outside the area, 5039 Paste, Referencing, 5708 Repositioning and resizing multiple objects, 5029, 5062, 5634 Repositioning objects, 5032, 5628 Resize, 5034, 5631 Rotate, 5029, 5039, 5636 Select multiple objects, 5060, 5632 Selecting multiple objects, 5029 Storing in a library, 6131 Tab sequence, 5029 Transparency, 5045 Object group Animation, 5122, 5123 Editing an object within a group, 5076 Removing an object, 5075 Object list Tag, 5315 Object names Renaming upon migration, 196 Uniqueness, 196 Object properties Dynamization, 5106 Object size Harmonizing, 5034, 5631 Objects Alarm report, 5644 Page number, 5647 Pop-up screen, 4998 Recipe report, 5646 Slide-in screen, 5002 Obtaining user rights Logging on to the operating system with administrator privileges, 311 With Windows user account control, 311 Occupation of connection resources, 681 OF, 3225 Off delay, 2468, 2478, 2496, 2504, 2777, 2806, 2815, 3068, 3088 Offline, 753 OK, 2542, 2852 OLE object create from a file, 5029 Recreate, 5029 7309 Index Save in Graphics, 5068 Storing in the image browser, 6186 Omron Hostlink/Multilink Migrating data types, 236 On delay, 2465, 2476, 2491, 2501, 2774, 2801, 2812, 3065, 3083 Retentive, 2493, 2503, 2804, 2813, 3085 On demand, 5331 On exceeding, 5993 On falling below, 5993 Ones complement, 2701, 3013 Online, 753 Change connection path, 6935 Display of the online mode, 6936 Establish connection, 6935 Go offline, 6937 Hardware detection, 554 Recipe tag, 5546 Show accessible devices, 6929 Online access, 6947 Online and Diagnostics view, 1896 Online assignment (PROFINET device names), 1667 Online connection, 6932 Multiple TIA Portal instances, 62 Specifying a default connection path, 6934 Online device, 1897 Online diagnostics, 851 Online displays Orange color, 1905 Online mode, 6931 Display of the online mode, 6933 Go online, 6935, 6937 Standby or hibernation of the programming device / PC, 6932 Online operation, 62 Online Tools, 1896, 1906 On-screen keyboard, 6249 OP 177B mono Symbol library, 5281 OP 77A and TP 177A Differences in the recipe, 5547 OPC, 6419 Accessing tags, 6433 Compatibility, 6420 DCOM user rights, 6426 HMI device as OPC client, 6421 HMI device as OPC server, 6422 HTTP connection, 6420 Migrating data types, 236 Mobile Panel, 6420 Multi Panel, 6420 7310 OPC XML DA server, 6420 Permitted characters in tag names, 6433 Permitted data type, 6432 Specifications, 6419 OPC DA server Configuring HMI device as ~, 6425 Creating a connection, 6427 ProgID, 6421 OPC Gateway Proxy setting, 6430 OPC server Accessibility, 6421 OPC UA server Creating a connection, Security concept, 6422 Security settings, 6424 OPC Unified Architecture Server, 6250, 6287 OPC XML "Date/Time" data type, 6433 "STRING" data type, 6433 Configuring server, 6431 Permitted cycle time, 6433 OPC XML DA Deleting a server, 6431 Editing a server, 6431 OPC XML DA client, 6420 OPC XML DA server URL, 6421 Open Global library, 6125 Selection list, 6278, 6343 Open force job, 58 Open log file Packet filter events, 858, 860 Security events, 857, 859 System events, 856, 859 Open User Communication Ability to read back, 628 Changing IP configuration parameters with T_CONFIG, 4298 Changing parameter values, 628 Connection configuration, 598, 600 Connection description, 612, 615, 620 Connection establishment, 598 Connection parameters, 602 Creating a connection, 606 Deleting an interconnection, 609 Establishing a communication connection with TCON, 4255, 4258 Establishing a connection and reading data with TRCV_C, 4214, 4219 WinCC Advanced V14 System Manual, 10/2016 Index Establishing a connection and sending data with TSEND_C, 4200, 4205 General, 597 Instructions, 598 Port numbers, Protocols used, 610 Receiving data via UDP with TURCV, 4286 Receiving data with TRCV, 4273, 4277 Sending data via UDP with TUSEND, 4282 Sending data with TSEND, 4266, 4269 Starting connection parameter assignment, 605 TCON_FDL, 623 TCON_IP_RFC, 621 TCON_IP_v4, 615 TCON_IP_V4_SEC, 617 TCON_Param, 613 TCON_QDN, TCON_QDN_SEC, Terminating a communications connection with TDISCON, 4264 TSAP, 629 OpenAllLogs, 5826 OpenCommandPrompt, 5798 OpenControlPanel, 5799 OpenControlPanelDialog, 5797 OpenFileBrowser, 5971 Opening a force table, 4956 Opening a project, 353 Opening a watch table, 4928 Opening phone books, 7029 Opening Siemens Industry Online Support, 545 OpenInternetExplorer, 5799 OpenScreenKeyboard, 5973 OpenTaskManager, 5972 Operability Dynamization, 5118 Operand, 1998, 1999, 2004, 2006, 2007, 2008, 2010, 2011, 2012, 2013, 2015, 2016, 2017, 2019, 2168, 2174, 2177, 2182 Inserting, 4670, 4727 Operand area, 947 Operating behavior Enabling system memory, 984 Using clock memory, 984 Using time-of-day functions, 968 Operating element Availability for Basic Panels, 5183 Availability for Comfort Panels, 5186 Availability for Mobile Panels, 5189 Availability for Multi Panels, 5188 Availability for Panels, 5184 Availability for WinCC Runtime Advanced, 5191 WinCC Advanced V14 System Manual, 10/2016 Operating hours counters Handling with RTM, 3331 Operating mode, 916 GRAPH overview, 5213 Introduction, 938 RUN, 943 STARTUP, 940 STOP, 943 Transitions, 939 Operating object operation, 6278, 6343 Recipe view, 5569 Operating recipes Copying a recipe data record, 5575, 5585 Creating recipe data records, 5565, 5566, 5575, 5584 Deleting a recipe data record, 5576, 5585 Load recipe data record, 5575, 5576, 5585 Modifying a recipe data record, 5575, 5576, 5585 Modifying the recipe structure, 5590 Read recipe data record, 5566 Reading data records, 5577, 5587 Transfer data record, 5567 Transferring a data record, 5577, 5587 Operating system, 124, 1959 Asian language setting, 6173 Setting to Western, 6173 Operation, (Two-hand) Alarm indicator, 5480 Alarm view, 5475 Alarm window, 5475 Key, Operating object, Recipe view, 5569, 5579 Simple alarm view, 5478 Simple recipe view, 5557 Operation using the keyboard Alarm view, 5476 Alarm window, 5476 Simple alarm view, 5479 Operation using the mouse Alarm indicator, 5481 Alarm view, 5476 Alarm window, 5476 Simple alarm view, 5479 Operation with the keyboard PLC code view, 5256 Recipe view, 5573, 5583 Operation with the mouse Recipe view, 5573, 5583 Operator control Alarm view, 5241, 5243, 5247, 5475 7311 Index Alarm window, 5475 f(x) trend view, 5207 HTML browser, 5220 Lock/unlock, 6339 Locked, 6338 Media Player, 5234 PDF view, 5251 Recipe view, 5268, 5579 Trend view, 5227 Watch table, 5201 Operator controls Alarm view, 5237 Recipe view, 5264 Optimize position controller, 6718 Optimized access, 1968, 1970 Optimized block access, 2056 Option Installing, 6376 Uninstalling, 6376 Option handling, 1646, 1648, (See Configuration control (ET 200MP)), (See Configuration control (ET 200SP)) Option handling (see Configuration control), 1061, 1813, 1855, 1887 OR, 2698, 2747, 2748, 3010, 4758 Order Language switching, 6250, 6287 Order number, (See Article number) Organization block (OB) Assigning event with ATTACH, 3631 Canceling event assignment with DETACH, 3636 Creating, 4484 Cyclic interrupt OB, querying parameters with QRY_CINT, 3643 Cyclic interrupt OB, setting parameters with SET_CINT, 3641 exporting to an external source file, 4510 Function, 1962 Measuring runtime with RT_INFO, 3744 Reading start information with RD_SINFO, 3734 Start information, 1962 OSPF Area range, 1362 Areas, 1162, 1361 Interfaces, 1363 Link State Advertisement, 1162 OSPFv2 interfaces, 1205 OSPFv2 LSDB (information), 1209 OSPFv2 neighbors, 1206 OSPFv2 virtual neighbors, 1208 Router, 1162 7312 Router status, 1162 Virtual Links, 1365 OSPF (IPv6) Area Range, 1388 Areas, 1387 OSPFv3 AS-Scope LSDB, 1216, 1217 OSPFv3 Interfaces, 1213 OSPFv3 Link-Scope LSDB, 1219 OSPFv3 Neighbors, 1214 OSPFv3 virtual neighbors, 1215 Virtual Links, 1390 OSPFv2 Configuration, 1360 OSPFv3 Configuration, 1386 OUC, (See Open User Communication) OUT_RANGE, 2541, 2850 Outgoing, 5404, 5996 Output Inserting, 4666, 4723 remove, 4667, 4724 Output (O), 947 Output byte (QB), 947 Output double word (QD), 947 Output pulse sequence with preset frequency, 3790 Output rate (high-speed analog modules), 1838 Output word (QW), 947 Overflow, 1804, 1828, 6000 Overlay icon, 1903 Overlaying Tag, 2019 Overlaying tags, 4536 Override function, 5298 Oversampling, 1837 Overview Access point, 1470 Clients, 1476 Overlap APs, 1475 Overlapping channels, 1475 using the display formats in the force table, 4960 via the display formats in the watch table, 4933 Overview navigation, 525, 527, 534 Overview of the cross-reference list, 4894 Overview of the mode of operation with Multiuser Engineering, 7140, 7143 Overview of TS Adapters that can be used, 7036 Overview window, 292 Comparing objects, 294 Display all blocks, 295 Showing and hiding columns, 295 Sorting details view, 295 WinCC Advanced V14 System Manual, 10/2016 Index P P, 2452, 2455, 2761, 2764 P_TRIG, 2457, 2767 P12, 733 Pack&Go file Create, 6311 Download to HMI device, 6312 Packet filter log, 858, 860 Page Adding to report, 5622 Deleting report page, 5622 Maximum number of configurable in report, 5620 Sorting report page, 5622 Page number Layout in reports, 5647 Use in reports, 5647 PageDown, 5978 PageUp, 5978 Pane mode, 289 Panel Display and operating object, 5184 Panels Available system functions, 5751 Panning, (See move view) Parameter For CPU, 960 Hidden parameters, 4671, 4729 Predefined - writing with WR_DPARM, 3629 Parameter assignment Hardware, 535 Parameter assignment parameters Hardware, 551 Parameter passing, 1987 Parameter transfer, 1988, 1990, 1993, 1995, 1996, 1997 Transfer parameter as copy or as pointer, 1990 User-defined function, 5710 Parameter types, 2193 Partner port Information on monitoring, 1679 Password, 6250, 6287 Changing, 5666 For CPU access protection, 960 for function key, 5134 Hierarchy level, 5656, 5659 Options, 1398, 1585 Password aging, 5657 Password complexity, 5657, 5660 WinCC Advanced V14 System Manual, 10/2016 Password for transport Creating, 6255, 6293 Reset, 6255, 6294 Password legitimation, 2678, 2989, 3238 Password protection, 960, 985, 986, 1028 Protection concept, 398 Revoking access rights, 398 Password protection in runtime, 6254 Paste Tag, 7136 Pasting Adjusting screen size, 6221 Color, 6220 Font, 6220 Function key, 6221 Invalid object, 6219 Principle, 6217 PC CP, 751 PDF view Button, 5251 Configuring, 5250 Multi-touch operation, 5251 PDFFitToHeight, 5890 PDFFitToWidth, 5890 PDFGotoFirstPage, 5891 PDFGotoLastPage, 5891 PDFGotoNextPage, 5892 PDFGotoPage, 5893 PDFGotoPreviousPage, 5893 PDFScrollDown, 5888 PDFScrollLeft, 5895 PDFScrollRight, 5896 PDFScrollUp, 5889 PDFZoomIn, 5894 PDFZoomOriginal, 5896 PDFZoomOut, 5894 PE_CMD, 3571 PE_DS3_Write_ET200S, 3576 PE_End_RSP, 3607 PE_Error_RSP, 3605 PE_Get_Mode_RSP, 3610 PE_I_DEV, 3601 PE_List_Modes_RSP, 3609 PE_Measurement_List_RSP, 3615 PE_Measurement_Value_RSP, 3616 PE_PEM_Status_RSP, 3612 PE_Start_End, 3566 PE_Start_RSP, 3606 PE_WOL, 3577 PEEK, 3166 Read memory address, 3166 7313 Index PEEK_BOOL, 3168 Read memory bit, 3168 PEM, 733 Perfect Forward Secrecy, 839 Performance, 2055 Performance features HMI device, 6389, 6392, 6396, 6399, 6405, 6409, 6414 WinCC Runtime, 6414 Permanent area, 4996 Permanent connection, 1121 Permit access with PUT/GET communication from remote partners, 990 Permit overwriting of device name, 1689 Permitted data type OPC, 6432 Permitted file names, 450 Permitted operands for the force table, 4958 Permitted operands for the watch table, 4930 PG/PC interface Go online, 6937 Modifiable MPI interface parameters, 6956 Modifiable PROFIBUS interface parameters, 6956 PID_3Step In/out parameters, 4062 Input parameters, 4058, 4089 Instruction, 4049, 4081 Output parameters, 4060, 4091 Static tags, 4092 PID_Compact In/out parameters, 4004 Input parameters, 4001, 4032 Instruction, 4029 Output parameters, 4003, 4033 Static tags, 4005, 4034 PID_Temp ActivateRecoverMode tag, 4168 Cascade, 4126 Cascading, 6585 ErrorBits parameter, 4166 In/out parameters, 4126 Input parameters, 4122 Mode, 4126 Multi-zone applications, 6592 Operating principle, 4116 Output parameters, 4123 PID_Temp state and mode parameters, 4157 PwmPeriode, 4172 Static tags, 4127 Tag Warning, 4171 Ping, 1278, 1537 7314 PLC Enabling system diagnostics, 6064 System diagnostics view, 6064 Tag, 5334 PLC code view, 5254, 6077 "Transition/Interlock view", 6091 Configuring, 5255, 6088 Data types, 6097 Detail view, 6090 Information area, 6089 Instructions, 6093 Operation with the keyboard, 5256 Symbol table, 6090 Toolbar, 5255, 6092 PLC data, 7109 PLC data type, 2072, 2104 Addressing, 2174 Change the number, 4626 Comparing, 4860 Creating, 4624 Declaration in data blocks, 4563 Declaration in the block interface, 4536 Declaration table for PLC data types, 4623 Declaring, 4629 Declaring ARRAY, 4627 Declaring STRUCT, 4628 Definition, 2170, 4620 Deleting, 4625 PLC data types generated by the system in libraries, 71 Programming the structure, 4626 Tag properties, 4630, 4631 PLC data types, 2057, 5312 PLC prefix, 5325 PLC tag Automatically filling in cells, 4616 Comparing, 4858 Comparing a PLC tag table, 4832 Comparison, 4829 Copying, 4614 Declaring, 4601, 4602, 4604, 4606 Definition, 2004 Importing and exporting, 4617, 4618, 4619 Monitor, 4613 Offline/offline comparison, 4832 Permissible addresses and data types, 4598 PLC tag table, 4592, 4593, 4599, 4600 Properties, 4610, 4611 Reconnecting, 5326 Retentive behavior, 4603 Rules, 4598 WinCC Advanced V14 System Manual, 10/2016 Index Sorting rows, 4615 Updating comparison results, 393 PLC tags, 1037, 1038, 1040 PLC UDTs WinCC, 5312 PLC user data types Interconnecting with faceplates, 5157 PLCCodeViewDetails, 5899 PLCCodeViewMoveScrollBar PLCCodeViewMoveScrollbar, 5898 PLCCodeViewNextNetwork, 5900 PLCCodeViewPreviousNetwork, 5903 PLCCodeViewShowStepMode, 5900 PLCCodeViewSymbols, 5901 PLCCodeViewTransitionInterlock, 5902 PLCCodeViewZoomIn, 5902 PLCCodeViewZoomOut, 5903 PLUG, 1276 C-PLUG, 1533, (C-PLUG) KEY-PLUG, 1536, (KEY-PLUG) PN/PN couplers Grouping, 1701 Linking Ethernet subnets, 1701 Pointer, ANY, 2188 POINTER, 2185 VARIANT, 2191 point-to-point, 1150, 1448 Point-to-point communication (PtP), 975 Freeport protocol, 975 Point-to-point connection Configuring communication parameters with PORT_CFG, 4362 Configuring receive parameters with RCV_CFG, 4366 Configuring serial transmission parameters with SEND_CFG, 4364 Deleting receive buffer with RCV_RST, 4378 Enable receiving with RCV_PTP, 4376 Initiating data transfer with SEND_PTP, 4374 Querying the signal state with SGN_GET, 4379 Setting output signals with SGN_SET, 4380 POKE, 3170 Write memory address, 3170 POKE_BLK, 3173 Write memory area, 3173 POKE_BOOL, 3172 Write memory bit, 3172 Polygon, 5257 Configuring corners, 5257 Layout, 5257 Radii, 5257 WinCC Advanced V14 System Manual, 10/2016 Polyline, 5258 Configuring corners, 5259 Line end, 5258 Line start, 5258 Radii, 5259 Pop-up screen, 4997 Copying, 5000 Creating, 4999 Deleting, 5000 Moving in a group, 4999 Objects, 4998 Port, 593 102 (S7 protocol - TCP), 796 123 (NTP), 817, 827 161 (SNMP), 817 20/21 (FTP), 796 443 (HTTPS), 817 4500 (IPsec), 817 500 (IPsec), 817 500 (ISAKMP - UDP), 847 514 (Syslog), 817 80 (HTTP), 796 8448 (security diagnostics), 929, 932 Configuration, 1266, 1539 Interconnecting, 1679 Port configuration, 1263, 1270, 1537, 1540 Renaming, 706 Port configuration, 1270, 1540 Port diagnostics SFP diagnostics, 1282 Port numbers, 627 Port options, 1688 Enable autonegation, 1687 Monitor, 1684 Transmission rate/duplex, 1684 PORT_CFG, 4362 Portal view, 268 Position Editing multiple objects, 5062, 5634 Of objects, 5032, 5628 of objects in the report, 5620 Position control, 6674 Position monitoring, 6672 Positioning axis technology object Active homing, 6669 Actor tags, 6893 Actor variables, 6785 Add new object, 6636 Axis name configuration, 6638, 6831 Basic parameters, 6638, 6830 Changing the configuration parameters for dynamics in the user program, 6663 7315 Index Changing the configuration parameters for homing in the user program, 6671 Commissioning overview, 6635 Configuration overview, 6635 Configuration window icons, 6637 Configuring acceleration, 6658 Configuring active homing, 6665, 6835 Configuring approach/homing direction, 6666, 6836 Configuring deceleration, 6658 Configuring distance per motor revolution, 6650, 6833 Configuring end of homing switch, 6667, 6668 Configuring end of reference point switch, 6835, 6837 Configuring home position offset, 6667, 6837 Configuring homing switch input, 6666, 6668 Configuring invert direction signal, 6650, 6834 Configuring jerk limiter, 6659 Configuring maximum velocity / start/stop velocity, 6658 Configuring passive homing, 6667, 6834 Configuring permit auto reverse at the hardware limit switch, 6836 Configuring pulses per motor revolution, 6650, 6833 Configuring ramp-down time, 6658 Configuring ramp-up time, 6658 Configuring reference point position, 6667, 6669, 6835, 6837 Configuring reference point switch input, 6835, 6836 Configuring smoothing time, 6660 Configuring the homing speed, 6667, 6837 Configuring the velocity limiting unit configuration, 6658 Diagnostics overview, 6635 Drive enable configuration, 6833 Drive ready configuration, 6833 Drive signal configuration, 6642, 6833 DynamicDefaults tags, 6798, 6906 DynamicLimits tags, 6797, 6905 Emergency stop deceleration configuration, 6661 ErrorBits tags, 6816, 6922 Extended parameters, 6833 FollowingError tags, 6804, 6912 General dynamics configuration, 6657 Hardware and software components, 6631 Hardware interface configuration, 6640, 6831 Homing tags, 6802, 6910 Mechanics configuration, 6650, 6651, 6833 Mechanics tag, 6796, 6903 7316 Modulo tags, 6796, 6904 Passive homing, 6670 Position tag, 6782, 6891 PositionControl tags, 6804, 6911 PositionLimitsHW tags, 6908 PositionLimitsHW variables, 6801 PositionLimitsSW tags, 6907 PositionLimitsSW variables, 6800 PositionMonitoring tags, 6806, 6913 PTO and HSC configuration, 6641, 6831 Response when jerk limiter is activated, 6662 Sensor[1] tags, 6896 Sensor[1] variables, 6788 Sensor[1].ActiveHoming tags, 6900 Sensor[1].ActiveHoming variables, 6792 Sensor[1].Interface tags, 6897 Sensor[1].Interface variables, 6789 Sensor[1].Parameter tags, 6898 Sensor[1].Parameter variables, 6790 Sensor[1].PassiveHoming tags, 6901 Sensor[1].PassiveHoming variables, 6794 Simulation tag, 6807, 6808 StandstillSignal tags, 6807, 6914 StatusBits tags, 6918 StatusBits variables, 6811 StatusDrive tags, 6809, 6916 StatusPositioning tags, 6808, 6915 StatusSensor tags, 6810, 6917 Tag ActualPosition, 6784, 6892 Tag ActualVelocity, 6784, 6893 Tools, 6634 Unit of measurement configuration, 6639 Units tag, 6795, 6902, 6903 Updating the tags, 6818, 6924 User unit configuration, 6832 Velocity tag, 6783, 6891 PostServo OB, 1013 Power budget, 1864 Power Management, 6040 Powerpack, 140 Engineering system, 140 Installing, 140 Runtime, 140 Pragmas in SCL, 4797 Predefined alarm classes, 5405, 5407 Predefined firewall rules CP 1543-1, 929, 932 CP 1628, 920 CP x43-1 Adv., 918 SCALANCE S, 885, 887 Predefined styles, 5057 Preparing migration, 179 WinCC Advanced V14 System Manual, 10/2016 Index Prerequisites for establishing a VPN connection, 7065 PreServo OB, 1013 Pre-shared keys, 837 Press, 5995 Press ESC twice, 5996 Press key, 5999 PressButton, 5803 Print Network, 6386 Print scope, 401 Print server, 6385 Printable contents, 400 Printing Changing the settings, 401 Creating a cover page, 406 Creating frames, 405 Documentation settings, 399 Elements in the library, 405 Elements in the project tree, 404 Non-printable contents, 400 Non-printable objects, 401 Print contents, 403 Print server, 6385 Printing device view, 546 Printing network view, 546 Process a cover page, 407 Process borders, 407 Report, 5623, 5638 Specify layout, 402 Specify print layout, 402 Specifying the print area, 411 Structure of printout, 400 Use borders, 404 Use borders and cover pages, 399 Use cover page, 403 Printing a project, 416 Printing labeling strips, 420 Determining the correction value for the print shift, 425 Printing of alarms Configuring:printing of alarms, 5435 PrintReport, 5857 PrintScreen, 5856 Prioritization, 1289 Prioritized startup, 1655 Priority, 1289 Private Cloud, 59 Private Key, 711 Procedure for monitoring structures, 4913 Procedure when working with local sessions, 7243 WinCC Advanced V14 System Manual, 10/2016 Process data area Module addressing, 951 Module start address, 951 Process diagnostics overview, 6077 Process image, 951 Basics, 949 I/O access error, 949 Reading inputs with GETIO, 3454 Reading the process image area with GETIO_PART, 3461 Synchronizing the inputs with SYNC_PI, 3410 Synchronizing the outputs with SYNC_PO, 3411 Transferring the process image area with SETIO_PART, 3463 Updating, 949 Updating inputs with UPDAT_PI, 3404 Updating the outputs with UPDAT_PO, 3407 Writing outputs with SETIO, 3455 Process value logging, 5364 ProDiag overview, 5260 Configuring, 6082 Symbols, 6081 Use, 5260 PROFIBUS, 588 Connection with PROFINET, 1655 ET 200S in DPV1 mode, 1649 Number of communication connections, 672 PROFIBUS cable configuration Optical ring, 590 PROFIBUS DP, 1638 PROFIBUS profile, 588 Different profiles on the same subnet, 588 Effect on the transmission rate, 588 Meaning of profiles, 589 PROFIBUS DP, 1632 DirectKey, 5794 PROFIdrive, 6605 PROFIenergy, 1655 Control PROFIenergy commands in the IDevice, 3601 Description, 3564 Generate answer to command at end of pause, 3607 Generate answer to command at start of pause, 3606 Generate list of supported measured values as answer, 3615 Generate negative answer to command, 3605 Generate PEM status as answer, 3612 Generate queried energy data as answer, 3610 Generate queried energy savings modes as answer, 3609 7317 Index Generate queried measured values as answer, 3616 Generate supported PROFIenergy commands as answer, 3613 PE_CMD, 3571 PE_DS3_Write_ET200S, 3576 PE_End_RSP, 3607 PE_Error_RSP, 3605 PE_Get_Mode_RSP, 3610 PE_I_DEV, 3601 PE_Identify_RSP, 3613 PE_List_Modes_RSP, 3609 PE_Measurement_List_RSP, 3615 PE_Measurement_Value_RSP, 3616 PE_PEM_Status_RSP, 3612 PE_Start_End, 3566 PE_Start_RSP, 3606 Reading out status information, 3571 Set power module switching behavior, 3576 Start and exit energy-saving mode, 3566, 3571 Wake on LAN, 3577 Profile, (See bus profile) Profiles, 1003 PROFINET, 593, 901, 1141, 1437, 1531 Assigning a device name, 1667 Connection with PROFIBUS, 1655 Device replacement without exchangeable medium, 1689 Number of communication connections, 672 Optimizing with IRT, 1694 Optimizing with RT, 1692 PROFINET device name, 1665 PROFINET interface, 960, 1670, 1909 PROFINET IO, 1141, 1437, 1653, 1655, 1659, 1660, 1673, 1677 Port options, 1684 PROFINET IO device Assigning a name, 1935 Name assignment in the dialog, 1938 Name assignment in the online and diagnostics view, 1936, 1937 PROFINET IO devices Reading a portion of the inputs with GETIO_PART, 3461 Reading consistent data with DPRD_DAT, 3536 Writing a part of the outputs with SETIO_PART, 3463 Writing all outputs with SETIO, 3455 Writing consistent data with DPWR_DAT, 3538 PROFINET IO system, 1676 Creating, 1672 Highlighting, 1675 7318 PROFINET RT class, 1654 PROFIsafe Disconnecting, 6027 PROFIsafe address, 6040 Program alarm generating with Program_Alarm, 3686 Program card, 944 Program control operations, 2685, 2996, 3247 Program cycle OB Description, 998 Program editor "Instructions" task card, 4460 Block interface, 4460 Enlarging the programming window, 4466 Favorites, 4460 Function, 4458 General settings, 261, 263, 264, 4479 Programming window, 4460 Structure, 4459 Testing task card, 4461 Toolbar, 4459 Using the keyboard, 4462 Program execution Cyclic, 998 Program information Displaying, 4862 In the assignment list, 4863 In the call structure, 4871 In the dependency structure, 4877 in the tab, 4883 Views, 4862 Program name Displaying, 7129 Program resources, 4483 Program status Call environment, 4906, 4907 Editing blocks, 4914 FBD, 4916 Function, 4904 GRAPH, 4919 LAD, 4915 Modify tag, 4914 SCL, 4918 STL, 4917 Switching off, 4909 Switching on, 4909 Program_Alarm, 3686 Programming Linear, 1960 Structured, 1960 Programming language Changeover, 4483 WinCC Advanced V14 System Manual, 10/2016 Index FBD, 4693 LAD, 4634 Rules for changing, 4482 Programming recommendations, 2059 Programming window Customizing, 4765 SCL, 4764 Project Basics, 349 Carrying out an online/offline comparison, 382 Carrying out offline/offline comparisons, 383 Closing, 358 Comparing data, 379 compile (overview), 6256, 6294 Compiling, 6257, 6296 Compiling project data, 370 Creating, 352 Deleting, 360 Detailed comparison, 392 Download, 6265, 6309 download (overview), 6256, 6294 Harmonizing, 517 Migrate, 199, 228 multilingual, 6177 Removing, 359 Saving, 357 Showing properties, 357 Simulation with a tag simulator, 6259, 6299 Upgrade, 6230 Project archives, 362 Project data Compiling, 370 Downloading to a memory card, 374 Export alarm, 6142 Export text list, 6156 Exporting a recipe, 6138 Exporting tag, 6149 Importing a tag, 6150, 6152 Importing alarms, 6143 Information on compiling, 369 Information on loading, 370 Loading, 372 Uploading from a device, 376 Writing to a memory card, 374 Project file Initialization, 7116 Initializing, 7116 Project graphics, 6286 Project ID, 6249, 6286 Project language, 426, 6171 Activate, 6175 Disabling, 6175 WinCC Advanced V14 System Manual, 10/2016 Project languages Changing the editing language, 429 Specifying project languages, 428 System texts, 6178 Use, 426 User texts, 6178 Project library, 455, 6113, 6441 Adding types, 490 Assigning a common version to types, 509 Cleaning up, 518 Creating folders, 480 Discarding all versions, 500 Discarding the type version, 499 Duplicating types, 493 Migrating, 221 Performing a consistency check for a type version, 499 Release all versions, 502 Release the type versions, 500 Updating the project, 503 Using filter view, 483 Using the element view, 459 Using types, 494 Project size Reducing, 6270, 6329 Project text Exporting, 6161, 6182 Project texts Application example, 434 Changing the text of selected objects, 430 Displaying reference text, 430, 6181 Exporting all texts, 433 Exporting individual texts, 432 Exporting texts of a device, 432 Importing, 434, 6160, 6184 Migrating, 219 Translating individual texts, 5166, 6179 Translating project texts, 429 Translation into project languages, 426, 6178 Project tree Adding device, 552 Function, 273 Hiding, 4467 Reducing automatically, 279 Showing, 4467 Showing additional columns, 277 Project version Upgrade, 6230 Project view, 270 Project-wide alarm class Create, 5417 Use, 5417 7319 Index Properties (CPU), 960 Properties for slide-in screen Configuring, 5003 Properties of the VPN group, 838 Properties window, (See Inspector window) Property list Dynamize, 5109 ProSave, 6367 Asian fonts, 5343 Protect Function key with password, 5134 Protection concept, 987, 990 Introduction, 398 Revoking access rights, 398 Protection level, 985, 986 Revoking access rights, 398 Protocol, 795 Proxy Routing, 7121 Proxy ARP, 912 Proxy device, 1710, 1712 PRVREC, 3542 PT, 2793 PTC resistor, 1839 Public Key, 711 Pull/plug interrupt (ET 200M), 1877 Pull/plug interrupt OB, 1010 Pulse, 2462, 2474, 2485, 2498, 2772, 2795, 2809, 3062, 3077 Extended, 2488, 2500, 2798, 2810, 3080 Pulse extension, 1827 Pulse generator Enabling/disabling with CTRL_PWM, 3788 Pulse interface Principle, 6600 Pulse stretching, 1879 Pulse width modulation ET 200MP, 1874 PUT, 4187 PUT / GET, 990 PWM ET 200MP, 1874 Q Q address, 1021 QB, 4596 QD, 4596 QoS, 1289 QoS Trust, 1144, 1431 QRY_CINT, 3643 QRY_DINT, 3666 7320 QRY_TINT, 3655 QW, 4596 QX, 4596 R R, 588, 2445, 2754 R_TRIG, 2460, 2769, 3056 Rack error OB, 1011 Rack or station failure, 1011 Racks, 557 Inserting a module, 560 Radius, 5225, 5257, 5259 RALRM, 3473 Range Value outside range, 2541, 2850 Value within range, 2539, 2849 Range (... - ...) Graphics list, 5100 RCV_CFG, 4366 RCV_PTP, 4376 RCV_RST, 4378 RCVREC, 3540 RD_ADDR, 3877 RD_DPAR, 3619 RD_DPARA, 3625 RD_DPARM, 3627 RD_LGADR, 3883 RD_LOC_T, 3315 RD_REC, 3530 RD_SINFO, 3734 RD_SYS_T, 3313 RDREC, 3420 RE_TRIGR, 2685, 2996, 3246 Read continuously Tag, 5331 Read field, 2639, 2949 Read memory address, 3166 Read memory bit, 3168 Read PLC tags String or character tags in expressions, 1039 Tags of the type String and Character, 1039 Read system time with TIME_TCK, 3330 READ_BIG, 3180 READ_DBL, 3845 READ_ERR, 3680 READ_LITTLE, 3176 Readback data record, 1887, (See feedback data record) Readback data record 197, 1808, 1865, 1887 ReadFromArrayDB, 2621, 2932, 3156 ReadFromArrayDBL, 2626, 2936, 3160 WinCC Advanced V14 System Manual, 10/2016 Index Reading A data record with RD_REC, 3530 Asynchronously- data record of a module with RD_DPARA, 3625 Data record of a module with RD_DPAR, 3619 from a data block in load memory with READ_DBL, 3845 Reading data From DP standard slaves/PROFINET IO devices with DPRD_DAT, 3536 From remote CPU with GET, 4181 Reading out LED status with LED, 3749 Local time with RD_LOC_T, 3315 Reading out a diagnostics buffer, 1920 Reading tags, 1038 Read-only, 985 REAL, 2108, 2150, 2222, 2293, 2345, 2382, 2406, 2426 REAL_TO_, 2293, 2382, 2426 Receiving data on I-device with RCVREC, 3540 Receiving SMS messages (TC_RECV), 4344 Recipe, 1031, 5536, 5538, 5539, 6141 Application example: Machine parameter assignment, 5538 Application example:Batch production, 5538 Basics, 5536, 5538 Configuration option, 5545 Creating new, 5593 Data Flow, 5542 Data record, 5539 Differences in TP 177A and OP 77A, 5547 Entry, 5539 Export format, 5945 Exporting, 5588, 6138 Exporting to CSV file, 3793 Importing, 5588, 6140 Importing into data block, 3795 Memory requirements, 6386, 6388 Synchronizing recipe tag, 5576, 5586 Use, 5538 Use of text lists, 5551 Recipe data Migration, 222 Recipe data record Changing, 5575, 5576, 5585 Copy, 5575, 5585 Creating new, 5593 Creating on the HMI device, 5565, 5566, 5575, 5584 Deleting, 5576, 5585 WinCC Advanced V14 System Manual, 10/2016 Export format, 5945 Exporting, 5588 Importing, 5588 Importing and exporting, 5544 load, 5575, 5576, 5585 Synchronizing, 5576, 5586 Transfer option, 5542 Use of text lists, 5551 Recipe data record name Writing to a tag, 5561, 5571, 5581 Recipe data record number Writing to a tag, 5561, 5571, 5581 Recipe element Creating new, 5593 Recipe name Writing to a tag, 5561, 5571, 5581 Recipe number Writing to a tag, 5561, 5571, 5581 Recipe report application in reports, 5646 Layout in reports, 5646 Recipe screen, 5553, 5554 Automatic transfer, 5554 Configuring, 5606 Recipe tag, 5541 Synchronizing recipe value, 5553 Visual machine simulation, 5553 Recipe tag Synchronizing, 5545, 5576, 5586 Teach-in mode, 5546 Recipe value, 5553, 5554 Automatic transfer in the recipe screen, 5554 Synchronizing in the recipe screen, 5553 Recipe view, 5267, 5568, 5569, 5579 Advanced, 5569, 5579 Application, 5266, 5568, 5578 Behavior with screen change, 5574, 5584, 5590 Column headers, 5265 Configurable events, 5562, 5572, 5582 Configuring, 5602, 5604 Display number, 5265, 5268 Displaying one recipe only, 5571, 5580 Displaying values only, 5561 Dynamic properties, 5563 Label, 5265 Layout, 5264, 5266 Operating object, 5569 Operation, 5569, 5579 operation using function keys, 5564, 5573, 5583 Operation using the function key, 5591 Operation with the keyboard, 5573, 5583 Operation with the mouse, 5573, 5583 7321 Index Operator control, 5268, 5579 Operator controls, 5264 Recipe data record, 5540, 5541, 5591 Simple recipe view, 5267 Toolbar, 5266 Updating, 5570, 5580 Using as a drop-down list, 5572, 5581 RecipeExport, 3793 RecipeImport, 3795 Recipes Export CSV file from ES, 5601 Import CSV file to ES, 5600 RecipeViewBack, 5965 RecipeViewClearDataRecord, 5960 RecipeViewGetDataRecordFromPLC, 5959 RecipeViewMenu, 5960 RecipeViewNewDataRecord, 5959 RecipeViewOpen, 5961 RecipeViewRenameDataRecord, 5964 RecipeViewSaveAsDataRecord, 5963 RecipeViewSaveDataRecord, 5962 RecipeViewSetDataRecordToPLC, 5962 RecipeViewShowOperatorNotes, 5964 RecipeViewSynchronizeDataRecordWithTags, 5963 ReconfigIOSystem, 3513 Reconfiguration via user program, 1061, 1808, 1813, 1855, 1865, 1887 Reconfiguring IO systems, 3513 Reconnecting Tag, 5326 Reconnecting a PLC tag, 5326 Record Protocol, 714 Recording a log file for the modem, 7080 Rectangle Configuring, 5081 Inserting, 5083 Inserting and configuring, 5083 Radius corners X, 5263 Radius corners Y, 5263 Redoing actions Basics of redoing actions, 344 Redoing actions, 347 Reducing Project size, 6270, 6329 Redundancy methods HRP, 1151 Reference channel, 1828 Reference channel error, 1870 Reference channel of the module, 1872 Reference junction, 1642, 1789, 1804, 1828, 1831, 1871, 1872 7322 Reference language, 426, 6172 Selecting, 6176 Reference object Defining, 5060, 5633 Reference project Basics, 365 Closing, 365 Comparing, 367 Opening, 365 Reference temperature, 1828, 1831, 1871, 1872 References, 2057 Referencing Object, 5708 Regions in SCL, 4771, 4774, 4775, 4776, 4778 Reinitialization of technology objects, 6738 Release, User data type, 5358 Release button, 6338 Configuring, 6341 Release key, 5999 ReleaseButton, 5803 Remainder of division, 2563, 2873 Remote access user, 768 Remote connection as CPU-controlled remote connection, 7071 as dial-up connection, 7035 As VPN connection, 7059 Remote connection cannot be established, 7058 Remote connection from the TS Adapter is not established, 7083 Remote connection to the TS Adapter is not established, 7081 Remote system access to a programming device/ personal computer, 7072 Remove Formatting in the alarm text, 5426 Object from the group, 5075 Removing, 132 Add-on, 132 Folder link, 5068 Rename Customized VB function, 5715 Screen, 4987 Tag, 5319 Template, 4993 Renaming recipe data records, 5586 Renewing the CA group certificate, 843 REPEAT, 3231 Replace, Cross-references, 6164 HMI device, 6213 Replace delimiter, 5325 WinCC Advanced V14 System Manual, 10/2016 Index Replace modules during operation, 1877 Replacing Module, 565 Replacing devices, 565 Function key, 6202 K-key, 6203 Limitations on connections, 6200 Principle, 6200 Report Adding a detail page, 5622 Back page, 5618 Creating, 5621 creating (overview), 5619 Deleting page, 5622 Detail page, 5618 Event-driven output, 5623 Footer, 5618 Header, 5618 Maximum configurable number of pages, 5620 output to file, 5623 print, 5623 printing, 5638 Showing and hiding sections, 5622 Size and position of objects, 5620 Sorting pages, 5622 Steps for the output configuration, 5623 Time-driven output, 5623 Title page, 5618 Reporting enabling, 5451 Reports Alarm report, 5644 Date/time field, 5640 Graphic I/O field, 5643 I/O field, 5641 Page number, 5647 Recipe report, 5646 Symbolic I/O field, 5648 Requirements for establishing a remote connection, 7057 Requirements for sending an SMS, 7076 Requirements for sending emails, 7077 Reset, 1231, 1496 Bit field, 2448, 2757 IEC timer, 2482, 3074 Operand, 2445, 2450, 2754, 2760 Properties of a faceplate, 5148 to factory settings, 6371 Reset timer, 2792 RESET_BF, 2448, 2757 ResetBit, 5846 ResetBitInTag, 5848 WinCC Advanced V14 System Manual, 10/2016 ResetTagToHandWheel, 5813 Resetting HMI device to factory settings, 6372 to factory settings, 6371 Resetting the connection, 4291 Resetting the MPI/PROFIBUS settings, 6963 Resetting the TCP/IP settings, 6955 Resetting the user interface layout, 299 Resetting to factory settings, 1929 Resistance thermometers, (see Thermal resistor) Resizing Faceplate, 5169 Resources, 4883 Code work memory, 4883 Data work memory, 4883 Introduction, 4883 Load memory, 4883 Retentive memory, 4883 Retentive memory data, 4883 Work memory, 4883 Resources tab Structure, 4885 Response to resizing Faceplate type, 5169 Restart, 1231, 1496 Restart of technology objects, 6738 Restore Data of the HMI device, 6367, 6370 Restore window layout, 297 Restoring a backup, 6942, 6946 Restoring a device, 6942, 6946 Restoring data HMI device, 6367, 6370 Restrictions due to user rights, 310, 311 Recognizing, 311 RET, 2676, 2987 Retain, 1970 Retentive behavior Bit memory, timers, counters, 4603 Retentive bit memories Enabling the display, 4871 Retentive memory, 4883 Retentivity, 948, 1968 Bit memory, timers, counters, 4603 Block interface, 4527 Data block, 4566, 4567 PLC tag, 4603 Retentivity of IP address parameters, 1670 Retrieving projects, 364 Return, 81 RFC RFC 1518, 1137 7323 Index RFC 5280, 711 RFID tag, 6006 RIGHT, 3380 Ring buffer, 2088 Ring redundancy, HRP, 1286 MRP, 1285 RIP RIPv2 statistics, 1211 RIPng Configuration, 1392 Interfaces, 1392 RIPng Statistics, 1219 RIPv2 Configuration, 1367 Interfaces, 1367 RLO Invert, 2442, 2751 RMON History, 1339 Statistics, 1338 ROL, 2719, 3031, 3272 Role name, 769 Roles, 767, 1394, 1588 System-defined, 768 User-defined, 768 Root bridge, 1447 Root certificate, 718 Root certification authorities, 763 Root, square, 3121 ROR, 2717, 3029, 3270 Rotate Left, 2719, 3031, 3272 Object, 5029 Right, 2717, 3029, 3270 Round, 2654, 2655, 2656, 2658, 2964, 2966, 2967, 2969, 3203, 3204, 3206 Routed connection Configuring, 7125 Router, 591 Router IP address, 894 Routing, 1160 IPv6 routing table, 1212 Routing table, 1204 Static routes, 1160 VRRP, 1160 Routing connection Configuring, 7121 Routing mode, 815 RS, 2450, 2760 RS-232/PIP multi-master cable, 980 RT, 2482, 2792, 3074 7324 RT class, 1654 RT_INFO, 3744 RTM, 2196, 3331 Rules for configuring MPI networks Rules for assigning the MPI address, 584 Rules for loop monitoring with S7-1200/1500, 4911 Rules for loop monitoring with S7-300/400, 4910 Rules for monitoring structures (S7-1200/1500), 4912 Rules for network configuration for PROFIBUS networks Assigning device addresses, 584, 585 Rules for working in local sessions, 7243 RUN, 943 Rung Deleting, 4680 Inserting, 4680 Use, 4678 Runtime, 6013, 6016 Changing object property, 5731 Effective range, 6013 Effective range (RFID), 6016 Executing user-defined functions, 5728 Execution of the function list, 5727 Language switching, 5731 Measure program runtime, Measuring with RT_INFO, 3744 Simulating, 6258 Start screen, 4988 starting on a panel, 6267, 6320 starting on PC, 6320 Runtime data Migration, 222 Runtime error, 5720 Runtime language, 6172, 6188 Font, 6193 Log, 5377, 5467, 6195 Order for language switching, 6192 Selecting, 6190 Runtime languages, 6250, 6287 Runtime scripting, 5695 Function, 5695 System function, 5695 User-defined function, 5695 Runtime settings User administration, 4989, 5655, 5657, 5672, 5678, 5681 Runtime start Basic Panel, 6266 Runtime Stop, 5999 Runtime version, 6257 WinCC Advanced V14 System Manual, 10/2016 Index S S, 2446, 2755 S_AVERZ, 2496 S_CD, 2516, 2827 S_COMP, 3336 S_CONV, 79, 3338 S_CU, 2514, 2825, 3103 S_CUD, 2829 S_EVERZ, 2491 S_MOVE, 3334 S_ODT, 2491, 2801, 3083 S_ODTS, 2493, 2804, 3085 S_OFFDT, 2496, 2806, 3088 S_PEXT, 2488, 2798, 3080 S_PULSE, 2485, 2795, 3077 S_SEVERZ, 2493 S5TIME, 2154, 2225, 2299, 2408, 2428 S5TIME_TO_, 2299, 2428 S7 communication, 680 Parameter, 4178 Receive data from a remote partner instruction with BRCV, 4198 Receive data from a remote partner instruction with URCV, 4194 Send and receive parameters, 4180 Send data to a remote partner instruction with BSEND, 4196 Send data to a remote partner instruction with USEND, 4192 User data size, 4180 S7 connection, 643 TSAP, 654 S7 CPU Load memory, 946 Operand area, 947 Work memory, 946 S7 diagnostic alarm enabling, 5430 S7 diagnostic alarms, 5403 S7 routing, 65 Configuring, 7125 Connection resources, 680 Loading, 6264 via IE/PB Link, 65 S7-1200, 64 S7-1200 modules, 64 S7-1200 V2 Data types, 5312 S7-CP, 751 S7-PCT, 1703 WinCC Advanced V14 System Manual, 10/2016 SA lifetime, 839 Safe AS-i output, 1626 SafelyRemoveHardware, 5796 Safety guidelines, 329 Safety instruction Direct key, 6345 Safety precautions when forcing tags, 4952, 4969 Sampling rate (high-speed analog modules), 1838 Save Data of the HMI device, 6367, 6369 Global library, 6124 Save window layout, 296 SaveDataRecord, 5969 Saving a force table, 4957 Saving a watch table, 4929 Saving phone books, 7030 Saving the user interface Saving the window layout, 296 SC, 2520, 2831 Scalable measuring range, 1842 SCALANCE S, 751 Scale, 2659, 2664, 2970, 2975, 3209, 3218 SCALE_X, 2659, 2970, 3209 Scaling Applying linear scaling to a tag, 5331, 5333 Scan operand for negative signal edge, 2453, 2763 Scan operand for positive signal edge, 2452, 2761 Scan RLO for negative signal edge, 2459, 2768 Scan RLO for positive signal edge, 2457, 2767 Scheduler, 6041 Acyclic triggers, 6044, 6047 Administer task, 6050 Cyclic triggers, 6045, 6048, 6055 Deactivated task, 6044 Event trigger, 6044, 6045, 6049, 6052 Function list, 6046 Timers for cyclic and acyclic triggers, 6046 Triggers, 6044 Work area, 6042 SCL, 4747, 4801, 4803 Copying and inserting regions, 4775 Delete region, 4778 Detailed comparison, 4845 Insert comment, 3236 Insert pragmas, 4797 Inserting regions, 4774 Migration, 189 Navigating in regions, 4776 Programming window, 4764 Using regions, 4771 SCL instruction Changing the data type, 4782, 4783 7325 Index Data type basics, 4781 Inserting, 4779, 4780 Rules, 4778 Selecting, 4799 SCL program Inserting a block call, 4787, 4788, 4790, 4791, 4792, 4793 Inserting an instruction, 4779, 4780 Inserting comments, 4798 Program status display, 4918 Selecting an instruction, 4799 Showing and hiding the parameter list, 4796 Screen Availability for specific devices, 4981 Copy, 4987 Copying, 6220 Creating, 4986 Creating a type, 6134 Deleting, 4987 Font, 4982 Inserting, 4987 Library, 6134 Move, 4987 Rename, 4987 Use template, 4997 Working steps in creating, 4985 Zooming, 4985 Screen change, 5994 Displaying the screen on entering a zone, 6027, 6029, 6032 Screen keyboard, 6286 Basic Panels, 6273 Basic Panels 2nd Generation, 6274 RT Advanced, 6334 Screen object Dynamic movement, 5115 Dynamization of the control enable state, 5118 Screen resolution, 6249, 6286 Screen template, 5130 ScreenObjectCursorDown, 5973 ScreenObjectCursorLeft, 5977 ScreenObjectCursorRight, 5975 ScreenObjectCursorUp, 5974 ScreenObjectPageDown, 5976 ScreenObjectPageUp, 5976 Script Creating a type, 6134 Library, 6134 Migrating, 218 Updating tag value, 5309 Scrolling Multi-touch devices, 6335 7326 Scrolling back key, 6278, 6343 Scrolling up key, 6278, 6343 SD, 2500, 2501, 2812 SD card, 58, (See Memory card) SE, 2500, 2810 Search Additional options for searching in the editor, 340 Basics of searching, 331 Basics of searching in the project, 332 Examples for searching in the project, 338 Find and replace in the editor, 343 Find and replace palette, 341 Hardware catalog, 543 Replacing search terms in the editor, 343 Search editor, 333 Search in entire project, 335 Secure communication, 711 Secure Socket Layer, 714 Security, 70 Security Configuration Tool Configuration views, 753 Security event, 990, 991 Security events, 857, 859 Security mode, 6423 Security module, 751 Security online diagnostics of S7 CPs, 68 Security program, 126, 129 Security settings, 1250, 1516 Roles and rights, 731 SEG, 2741, 3052, 3295 Segment diagnostics Graphic display, 1950 Icons, 1950 Text display, 1950 Segmented circular log, 5457 SEL, 2705, 3016, 3260 Select, 2705, 3016, 3260 Multiple objects, 5060, 5632 Select alarm classes Alarm view, 5237 Selecting Multiple objects, 5029 Selection changed, 5992 Selection list Open, 6278, 6343 Self-signed certificates, 716 Send buffer, 1093 Send clock cycle, 1680 SEND_CFG, 4364 SEND_PTP, 4374 SendEMail, 5801 Sending SMS messages (TC_SEND), 4340 WinCC Advanced V14 System Manual, 10/2016 Index Sequence of columns, 5201 Sequencer, 2721, 3033, 3274 Serial number, 1179, 1450 Serialize, 2600, 2910, 3136 Service data Saving, 1924 Service groups, 797, 800 Servo motor, 6595 Servo OB, 1012, 1013, 6614, 6616 Set Bit field, 2447, 2756 Counter start value, 2520, 2831 Operand, 2446, 2449, 2755, 2759 Set limit value, 2573, 2883, 3118 Set operand on negative signal edge, 2456, 2766 Set operand on positive signal edge, 2455, 2764 SET_BF, 2447, 2756 SET_CINT, 3641 SET_TIMEZONE, 3320 SET_TINT, 3649 SET_TINTL, 3651 SetAccessModeViaWeb, 5866 SetAcousticSignal, 5871 SetAlarmReportingMode, 5858 SetAlarmReportMode, 5858 SetAndGetBrightness, 5873 SetBacklightColor, 5874 SetBit, 5852 SetBitInTag, 5853 SetBitWhileKeyPressed, 5855 SetBrightness, 5872 SetConnectionMode, 5864 SetDataRecordTagsToPLC, 5967 SetDataRecordToPLC, 5966 SetDaylightSavingTime, 5802 SetDeviceMode, 5860 SetDisplayMode, 5859 SETIO, 3455 SETIO_PART, 3463 SetLanguage, 5863 SetPLCMode, 5862, 5863 SetRecipeTags, 5968 SetScreenKeyboardMode, 5861 SetStartAtBoot, 5930 SetTag, 5840 SetTagToHandWheel, 5814 Setting Deadband, 5424 Delay time, 5423 Language, 6284, 6350 Languages in the operating system, 6172 Style, 5058 WinCC Advanced V14 System Manual, 10/2016 View options for the assignment list, 4867 View options for the dependency structure, 4881 Setting AS-i network configuration parameters, 1622 Setting ENO automatically, 4762 Setting language, 6284, 6350 Setting parameters for the Ethernet interface, 6954 Adding a dynamic IP address, 6954 Connecting to a subnet, 6953 Deleting dynamic IP addresses, 6955 Modifiable parameters, 6952 Options in the parameter settings, 6952 Setting the communication load, 591 Setting the font, size and color, 4765 Setting the mnemonics, 4469 Setting the tab spacing, 4765 Setting up DCOM user rights, 6426 Setting up DCOM user rights, 6426 Settings Changing, 265, 4480, 4637, 4696, 4763 FBD, 4637, 4695 General, 261, 263, 264, 4479 LAD, 4637, 4695 Online and diagnostic functions, 264 SCL, 4762 Settings for tags, 5324 Settings for the PG/PC interface, 6949 Automatic bus parameter detection, 6957 Setting parameters for the MPI interface, 6958 Setting parameters for the PROFIBUS interface, 6960 Settings for user help, 446 Settings in the cross-reference list, 4891 SetWebAccess, 5866 Seven-segment display, 2741, 3052, 3295 Severity, 814 SF, 2504, 2815 SFP diagnostics, 1282 SGN_GET, 4379 SGN_SET, 4380 SHA algorithm, 1250, 1516 SHA1, 833, 839 Shared device, 1655 Associated IO controllers, 1911 Shift Key, Left, 2715, 3027, 3269 Right, 2713, 3025, 3267 SHL, 2715, 3027, 3269 Short-circuit to ground, 1826 Short-circuit to L+, 1827 Shortcuts, 6286 7327 Index Show Limit lines on the bar, 5194 Show line numbers, 4765 Show/hide interfaces, 6950 ShowAlarmWindow, 5911, 5942 Showing Report sections, 5622 Showing and hiding absolute operands, 4765 Showing and hiding columns, 390, 4547, 4575, 4616, 4633 ShowLogonDialog, 5836 ShowOperatorNotes, 5815 ShowPopupScreen, 5817, 5818 ShowSlideInScreen, 5820 ShowSoftwareVersion, 5816 ShowSystemAlarm, 5942 ShowSystemDiagnosticsWindow, 5911 SHR, 2713, 3025, 3267 Shut down (PC system), 2683, 2994, 3244 Shut down target system, 2683, 2994, 3244 SHUT_DOWN, 2683, 2994, 3244 SiClock, 800 Sign, 2568, 2878 Signal board, 1025 Inserting, 1026 Signal quality Calculating the effective range, 5298 Signal recorder, 1561 Signature, 717 signature check Switching off, 6285, 6357 SIMATIC 500/505 DP Migrating data types, 237 SIMATIC 500/505 serial Migrating data types, 237 SIMATIC ET 200AL, 1821, 1848, 1852 SIMATIC HMI HTTP Protocol Migrating data types, 238 SIMATIC Logon, 5668 SIMATIC Manager, 7128 SIMATIC memory card Formatting, 1930 SIMATIC S5 AS511 Migrating data types, 238 SIMATIC S5 DP Migrating data types, 239 SIMATIC S7 Embedded Controller, 65 SIMATIC Logon, 6250, 6287 Certificate, 5670 encrypted communication, 5670 SIMATIC S7 200 Migrating data types, 239 7328 SIMATIC S7 300/400 Migrating data types, 240 SIMATIC-ACC, 654 Simple alarm view, 5477 Application, 5477 Control element, 5478 Operation, 5478 Operation using the keyboard, 5479 Operation using the mouse, 5479 simple alarm window Application, 5477 Simple recipe view, 5267 Behavior, 5558 Configuring, 5267 Layout, 5557 Menu command, 5558 Operation, 5557 Restrictions, 5563 Simple user view Application, 5197 Configuring, 5199, 5242 Display in Runtime, 5198 Layout, 5197 Number of lines, 5197 Simulate hardware, 7087 Simulate modules, 7087 Simulate software, 7087 SimulateSystemKey, 5805 SimulateTag, 5806 Simulating Define temporary start screen, 6301 Project with tag simulator, 6259, 6299 Simulating devices, 7087 Simulation Runtime, 6258 SIN, 2580, 2890, 3124 Sine, 2580, 2890, 3124 Single instance Correcting the call type, 4658, 4715 Definition, 1976 Example, 1976 Single-line mode GRAPH overview, 5213 SINT, 2141, 2208, 2265, 2339, 2364 SINT_TO_, 2265, 2364 Size Editing multiple objects, 5062, 5634 of objects in the report, 5620 Slice, 2068 Slice access, 2017, 2068 Slicing, 2058 WinCC Advanced V14 System Manual, 10/2016 Index Slide-in screen Configuring, 5003 Configuring for devices without multi-touch function, 5005 Objects, 5002 Use, 5006 Slider, 5272 Display bar, 5274 Display current value, 5274 Lock/unlock, 6339 Maximum value, 5273 Minimum value, 5273 Slot, 3867 Determining logical address with LGC_GADR, 3886 Determining logical address with LOG_GEO, 3882 Racks, 557 Select, 558 Slot rules, 558 DP slave, 1636 ET 200S, 1641 Sm@rtClient view, 5278 Shared use, 5279 View only, 5279 SmartClientViewConnect, 5906 SmartClientViewDisconnect, 5905 SmartClientViewLeave, 5907 SmartClientViewReadOnlyOff, 5904 SmartClientViewReadOnlyOn, 5905 SmartClientViewRefresh, 5904 SmartServer, 5810 SMC, 2736, 3048, 3290 Smoothing, 1803, 1870 SMS text (TC_RECV), 4346 SMS text (TC_SEND), 4342 SMS text (TCON_PHONE), 4352 SMTP Client, 1242, 1508 SNC_RTCB, 3329 SNMP, 770, 1146, 1226, 1250, 1445, 1490, 1516 Groups, 1250, 1516 SNMP trap, 1250, 1515 SNMPv1, 1146, 1445 SNMPv2cc, 1146, 1445 SNMPv3, 1146, 1445 Users, 1251, 1517 SNMPv1, 833 SNMPv3, 833 Softkey, 5127, 5131 global, 5130 SOFTNET Security Client Configuring in the project, 862 WinCC Advanced V14 System Manual, 10/2016 Creating a configuration file, 862 Database, 862 Using, 861 SOFTNET Security Client, 751 Software HMI device, 6365, 6366 Software controller Configuring, 6463 Software requirements, 124 Software requirements for AS-AS remote link Communication instruction "AS_DIAL", 7076 Software requirements on the programming device/ PC side Communication instruction "PG_DIAL", 7074 Software requirements on the system side Communication instruction "AS_MAIL", 7078 Communication instruction "PG_DIAL", 7073 Communication instruction "SMS_SEND", 7077 Software version, 1179, 1451 Software-controlled data flow control, 978 Sorting Alarm view, 5238 Report page, 5622 SP, 2498, 2809 Spanning Tree Information, 1183, 1456 Rapid Spanning Tree, 1150, 1448 Special characters in tags for Web server, 1037 Special features of CHM files, 451 Special tag (web server), 1041 Spectrum analyzer, 1565 Speedy Splitter, 524, 526, 533, 548 SPLIT, 3362 SQR, 2575, 2885, 3120 SQRT, 2576, 2886, 3121 Square, 2575, 2885, 3120 Square root, 2576, 2886, 3121 SR, 2449, 2759 SRT_DINT, 3664 SS, 2503, 2813 SSH server, 1225 SSL, 714 Stamping, 5058, 5626 Standard device, 1697 Standard router, 894 Standard slave, 1653 Standard user, 768 Standby module Substitute value, 1647 Standby redundancy, 1152 Standstill signal, 6674 7329 Index Start address, 951, 1021 Start information, 1962 Start off-delay timer, 2788 Start on-delay timer, 2786 Start pulse timer, 2784 Start screen, 4988, 6249, 6286 Start the online and diagnostics view, 1905 Start the simulation, 7087 Start value Tag, 5329, 5330 Start value of danger range Gauge, 5301 Start value of warning range Gauge, 5301 Starting Debugger, 5726, 6303 Runtime at Engineering Station, 6319 Runtime on a panel, 6267, 6320 Runtime on PC, 6320 Runtime on the configuration PC, 6319 Starting removal, 148 Starting the migration tool, 171 Starting the topology view, 694 StartLogging, 5828 StartNextLog, 5829 StartProgram, 5807 StartSequenceLog, 5829 STARTUP, Function, 940 Organization blocks, STARTUP activities, 941 Warm restart, 941 Startup language determine:Startup language, 5467 Startup OB Description, 998 Start-up parameters, 942 Startup routine, 998 Startup type, 960 Stateful packet inspection, 778 Static routes IPv6 routes, 1375 Station Copying, 563 Deleting, 562 Moving, 564 Read information with GetStationInfo, 3761 Renaming, 706 Station name, (See device name) Status, 1002 Module defective, 1918 Status interrupt, 1002 7330 Status interrupt OB, 1002 Status of the online connection, 1946 StatusForceGetValues, 5809 StatusForceSetValues, 5809 Stepper motor, 6595 STL Detailed comparison, 4842 Migration, 187 STL program Program status display, 4917 STL source Generating blocks, 4513 STOP, 943 Stop forcing, 4976, 4977 StopLogging, 5829 Stopping Debugger, 5727 StopRuntime, 5811 Storage location Database, 5535 File - CSV (ASCII), 5534 File - RDB, 5535 File - TXT (Unicode), 5534 Logs with checksum, 5535 Storage locations of the instance certificates, 6423 Storing External graphic, 5068 STP, 2685, 2996, 3247 Strg_TO_Chars, 3350 STRG_VAL, 3341 STRING, 82, 2028, 2162, 2246, 2327, 2352, 2353, 2395, 2397, 2411, 2433 Addressing, 2168 Comparing tags with S_COMP, Declaration in the block interface, 4535 STRING_TO_, 2327, 2395, 2397, 2433 STRUCT Addressing, 2177 Declaration in global data blocks, 4561 Declaration in the block interface, 4534 Declaring in a PLC data type, 4628 Structure, 2175 Structure, 1806, 1849, 1864 Call structure, 4874 of the cross-reference list, 4889 Of the dependency structure, 4879 Resources tab, 4885 STRUCT, 2175 Structured programming, 1960 Structures, 2072 Style Changing, 5012 WinCC Advanced V14 System Manual, 10/2016 Index Creating a new type, 6135 Define, 5010 Deleting, 5011 Duplicate, 5011 Edit, 5012 HMI device, 6249, 6286 Setting, 5058 Style sheet Copying, 5020 Creating, 5017 Creating a new type, 6136 Deleting, 5019 Editing, 5019 Use, 5021 SUB, 2559, 2869 Sub-cycle, 1837 Subnet, 593 Subnet mask, 591, 1137, 1660 Subnets Configuration (IPv6), 1373 Connected Subnets (IPv6), 1373 Substitute value Standby module, 1647 Subtract, 2559, 2869 Subtracting Subtracting timers with T_SUB, 3305 Supply voltage, 1828 Supported file formats, 449 Supported objects for Multiuser Engineering Multiuser Engineering, (Supported objects) SWAP, 2620, 2930, 3154 Swap bytes, 2620 SWITCH, 2673, 2984 Type, Switch OFF, 6000 Switch ON, 6000 Switching between basic mode and expanded mode in the force table, 4954 Switching between basic mode and expanded mode in the watch table, 4925 Switching operating mode, 1925 Switchover time, 981 Switchport, 1688 Symbol Alarm classes, 5437 For value comparison, 6470 Symbol library, 5280 Fill style, 5281 Fixed aspect ratio, 5282 Flip, 5282 OP 177B mono, 5281 WinCC Advanced V14 System Manual, 10/2016 Rotate, 5282 TP 177B mono, 5281 Symbol table PLC code view, 6090 Symbolic, 2068 Symbolic addressing, 2066 of a tag, 5310 Symbolic connection Tag, 7135 Symbolic I/O field, 5282 application in reports, 5648 Mode, 5283 Text list, 5093, 5283 Symbolic programming Displaying absolute addresses, 4469 Symbolism, 2055 Symbols In the assignment list, 4865 In the call structure, 4873 In the dependency structure, 4879 ProDiag overview, 6081 Symmetric encryption, 713 Sync domain, 1689, 1912 Sync domain properties, 1911 SYNC_PI, 3410 SYNC_PO, 3411 Synchronization From DP slaves with DP_SYC_FR, 3545 Slave clocks with SNC_RTCB, 3329 Synchronization (user-defined web pages), 1033 Synchronization of tags, 6287 Synchronization of variables, 6250 Synchronize, 5308, 5324 Synchronizing Object in user-defined functions, 5706 Recipe data record, 5576, 5586 Recipe tag, 5545 Recipe view and recipe screen, 5541 Tag in user-defined functions, 5706 Synchronizing a PLC tag, 5326 Synchronizing user-defined Web pages, 4323 Synchronous errors Masking with MSK_FLT, 3679 Querying the error register with READ_ERR, 3680 Unmasking with DMSK_FLT, 3680 Syntax errors Basics, 4481 Finding errors, 4481 Syntax for AWP commands, 1037 Syntax highlighting User-defined function, 5706 7331 Index Syslog Client, 1263, 1528 Syslog server, 849 System Configuration, 1489 General information, 1227, 1491 System configuration, 1225 System alarm, 5402 Meaning, 5495, 5496, 5504, 5512 System block System blocks folder, 4483 System constant, 4608 System diagnostic alarm, 6065 System diagnostic view Detail view, 5286 Device view, 5285 Diagnostic buffer view, 5285 System diagnostics, 6057, 6060 Button, 6068 Detail view, 6057, 6061 Device view, 6057, 6061 Diagnostic buffer view, 6058, 6061 Settings in the PLC, 6064 System diagnostics view, 6057, 6060 System diagnostics window, 6060, 6067 System diagnostics indicator Button as system diagnostics indicator, 6068 Inserting, 6065 System diagnostics window, 6065 System diagnostics view, 6060 Configuring, 6069, 6070, 6071 Icon, 5288 Layout, 5286 Settings in the PLC, 6064 Show split view, 5288 System diagnostics indicator, System diagnostics window, 6060, 6067 Configuring, 6067 Layout, 5290 System event, 5399, 5400, 5402 Editing, 5428 Meaning, 5493, 5494, 5495, 5496, 5497, 5499, 5502, 5504, 5505, 5506, 5508, 5509, 5510, 5512, 5513, 5514, 5515, 5517, 5518, 5521, 5522, 5527, 5528, 5529 Parameters, 5493 System events, 856, 859, 6249, 6286 Configuration, 1505 Configuring, 5413, 5414 System function, 5695, 5924 Application, 5697 Applications, 5696 DirectKeyScreenNumber, 5793 7332 HMI device dependency, 5709 HTMLBrowserScrollLeft, 5879 In a function list, 5696 In user-defined functions, 5696 Language dependency, 5697 SafelyRemoveHardware, 5796 Sequence is not adhered to, 5729 SetStartAtBoot, 5930 WinACMPArchive, 5927 WinACMPClearCycleTimeBuffer, 5929 WinACMPControl, 5934 WinACMPGetStartMode, 5928 WinACMPGetVersion, 5928 WinACMPRestore, 5935 WinACMPSetHMIEnableTime, 5931 WinACMPSetKeySwitch, 5930 WinACMPSetRestartCharacteristics, 5931 WinACMPSetSleeptime, 5932 WinACMPSetStartMode, 5932 WinACMPStartHistogram, 5933 WinACMPUpdateAverageCycleTime, 5916 WinACMPUpdateAverageExecTime, 5915 WinACMPUpdateBUSF1LED, 5913 WinACMPUpdateBUSF2LED, 5914 WinACMPUpdateEXTFLED, 5917 WinACMPUpdateINTFLED, 5919 WinACMPUpdateKeySwitchSetting, 5912 WinACMPUpdateLastCycleTime, 5920 WinACMPUpdateMaximumCycleTime, 5921 WinACMPUpdateMinimumCycleTime, 5922 WinACMPUpdatePowerLED, 5923 WinACMPUpdateRUNLED, 5925 WinACMPUpdateSleepTime, 5924 WinACMPUpdateStartupCharacteristics, 5911 WinACMPUpdateSTOPLED, 5926 System functions AcknowledgeAlarm, 5941 ActivateCleanScreen, 5970 ActivatePLCCodeView, 5898 ActivatePreviousScreen, 5788 ActivateScreen, 5785 ActivateScreenByNumber, 5787 ActivateSystemDiagnosticsView, 5907 AdjustContrast, 5869 AlarmViewAcknowledgeAlarm, 5940 AlarmViewEditAlarm, 5939 AlarmViewShowOperatorNotes, 5940 AlarmViewUpdate, 5938 ArchiveLogFile, 5821 Available for WinCC Runtime, 5780 Available on Comfort Panels, 5763 Available on mobile panels, 5771 WinCC Advanced V14 System Manual, 10/2016 Index Available on Multi Panels, 5757 Available on Panels, 5751 BackupRAMFileSystem, 5804 CalibrateTouchScreen, 5870 ChangeConnection, 5866 ChangeConnectionEIP, 5868 ClearAlarmBuffer, 5936 ClearAlarmBufferProTool, 5937 ClearDataRecord, 5956 ClearDataRecordMemory, 5957 ClearLog, 5825 CloseAllLogs, 5827 ControlSmartServer, 5810 ControlWebServer, 5810 DecreaseFocusedValue, 5814 DecreaseTag, 5842 DirectKey, 5791 EditAlarm, 5936 Encode, 5789 EncodeEx, 5790 ExportDataRecords, 5943 ExportDataRecordsWithChecksum, 5945 ExportImportUserAdministration, 5832 GetBrightness, 5874 GetDataRecordFromPLC, 5952 GetDataRecordName, 5954 GetDataRecordTagsFromPLC, 5955 GetGroupNumber, 5834 GetPassword, 5834 GetUserName, 5833 GoToEnd, 5979 GoToHome, 5979 HTMLBrowerZoomIn, 5877 HTMLBrowserBack, 5882 HTMLBrowserForward, 5881, 5882 HTMLBrowserHome, 5881 HTMLBrowserPageDown, 5881 HTMLBrowserPageUp, 5880 HTMLBrowserRefresh, 5876 HTMLBrowserScrollDown, 5876 HTMLBrowserScrollRight, 5879 HTMLBrowserScrollUp, 5877 HTMLBrowserStop, 5875 HTMLBrowserZoomOut, 5878 ImportDataRecords, 5948 ImportDataRecordsWithChecksum, 5950 IncreaseFocusedValue, 5796 IncreaseTag, 5836 InvertBit, 5843 InvertBitInTag, 5845 InvertLinearScaling, 5837 LinearScaling, 5839 WinCC Advanced V14 System Manual, 10/2016 LoadDataRecord, 5951 Logoff, 5831 Logon, 5831 LogTag, 5823 LookupText, 5812 NotifyUserAction, 5794 OpenAllLogs, 5826 OpenCommandPrompt, 5798 OpenControlPanel, 5799 OpenControlPanelDialog, 5797 OpenInternetExplorer, 5799 OpenScreenKeyboard, 5973 OpenTaskManager, 5972 PageDown, 5978 PageUp, 5978 PDFFitToHeight, 5890 PDFFitToWidth, 5890 PDFGotoFirstPage, 5891 PDFGotoLastPage, 5891 PDFGotoNextPage, 5892 PDFGotoPage, 5893 PDFGotoPreviousPage, 5893 PDFScrollDown, 5888 PDFScrollLeft, 5895 PDFScrollRight, 5896 PDFScrollUp, 5889 PDFZoomIn, 5894 PDFZoomOriginal, 5896 PDFZoomOut, 5894 PLCCodeViewDetails, 5899 PLCCodeViewMoveScrollBar, 5898 PLCCodeViewNextNetwork, 5900 PLCCodeViewPreviousNetwork, 5903 PLCCodeViewShowStepMode, 5900 PLCCodeViewSymbols, 5901 PLCCodeViewTransitionInterlock, 5902 PLCCodeViewZoomIn, 5902 PLCCodeViewZoomOut, 5903 PressButton, 5803 PrintReport, 5857 PrintScreen, 5856 RecipeViewBack, 5965 RecipeViewClearDataRecord, 5960 RecipeViewGetDataRecordFromPLC, 5959 RecipeViewMenu, 5960 RecipeViewNewDataRecord, 5959 RecipeViewOpen, 5961 RecipeViewRenameDataRecord, 5964 RecipeViewSaveAsDataRecord, 5963 RecipeViewSaveDataRecord, 5962 RecipeViewSetDataRecordToPLC, 5962 RecipeViewShowOperatorNotes, 5964 7333 Index RecipeViewSynchronizeDataRecordWithTags, 5963 ReleaseButton, 5803 ResetBit, 5846 ResetBitInTag, 5848 ResetTagToHandWheel, 5813 SaveDataRecord, 5969 ScreenObjectCursorDown, 5973 ScreenObjectCursorLeft, 5977 ScreenObjectCursorRight, 5975 ScreenObjectCursorUp, 5974 ScreenObjectPageDown, 5976 ScreenObjectPageUp, 5976 SendEMail, 5801 SetAcousticSignal, 5871 SetAlarmReportMode, 5858 SetAndGetBrightness, 5873 SetBit, 5852 SetBitInTag, 5853 SetBitWhileKeyPressed, 5855 SetBrightness, 5872 SetConnectionMode, 5864 SetDataRecordTagsToPLC, 5967 SetDataRecordToPLC, 5966 SetDaylightSavingTime, 5802 SetDeviceMode, 5860 SetDisplayMode, 5859 SetLanguage, 5863 SetRecipeTags, 5968 SetScreenKeyboardMode, 5861 SetTag, 5840 SetTagToHandWheel, 5814 SetWebAccess, 5866 ShowAlarmWindow, 5942 ShowLogonDialog, 5836 ShowOperatorNotes, 5815 ShowPopupScreen, 5817, 5818 ShowSlideInScreen, 5820 ShowSoftwareVersion, 5816 ShowSystemAlarm, 5942 ShowSystemDiagnosticsWindow, 5911 SimulateSystemKey, 5805 SimulateTag, 5806 SmartClientViewConnect, 5906 SmartClientViewDisconnect, 5905 SmartClientViewLeave, 5907 SmartClientViewReadOnlyOff, 5904 SmartClientViewReadOnlyOn, 5905 SmartClientViewRefresh, 5904 StartLogging, 5828 StartNextLog, 5829 StartProgram, 5807 7334 StatusForceGetValues, 5809 StatusForceSetValues, 5809 StopLogging, 5829 StopRuntime, 5811 SystemDiagnosticViewBack, 5910 SystemDiagnosticViewDetailView, 5908 SystemDiagnosticViewDeviceView, 5909 SystemDiagnosticViewDiagnosticBuffer, 5909 SystemDiagnosticViewUpdatePLCBuffer, 5908 TerminatePROFIsafe, 5800 TraceUserChange, 5835 TrendViewBackToBeginning, 5888 TrendViewCompress, 5885 TrendViewExtend, 5884 TrendViewRulerLeft, 5886 TrendViewRulerRight, 5885 TrendViewScrollBack, 5884 TrendViewScrollForward, 5883 TrendViewSetRulerMode, 5887 TrendViewStartStop, 5887 UpdateTag, 5788 System libraries, 456 System limits HMI device, 6389, 6392, 6396, 6399, 6405, 6409 System log, 856, 859 System memory, 960, 984 Diagnostics buffer, 950, 1944 Operand areas, 947 process image input/output, 949 System power supply, 1864 System requirement for WinCC Advanced, 127 System requirements STEP 7 Basic, 124 System texts, 426 System Time NTP Client, 1258, 1524 PTP Client, 1261 SNTP Client, 1256, 1522 System-defined controller alarm, 5403 System-defined controller alarms, 5400 System-defined role Administrator, 768 diagnostics, 768 Remote access, 768 standard, 768 System-defined text lists Editing, 438 Modifying texts, 438 SystemDiagnosticViewBack, 5910 SystemDiagnosticViewDetailView, 5908 SystemDiagnosticViewDeviceView, 5909 SystemDiagnosticViewDiagnosticBuffer, 5909 SystemDiagnosticViewUpdatePLCBuffer, 5908 WinCC Advanced V14 System Manual, 10/2016 Index System-relevant information Module information, 1907 Vendor information, 1907 T T_ADD, 3302 T_COMBINE, 3309 T_COMP, 3299 T_CONFIG, 4298 T_CONV, 3301 T_DIAG, 4293 T_DIFF, 3307 T_RESET, 4291 T_SUB, 3305 TAB key, 6277, 6342 Table:Designing a border, 5053 TADDR_Param, 4289 TADDR_RCV_IP, 4290 TADDR_SEND_QDN, 4290 Tag absolute addressing, 5309 Acquisition cycle, 5331, 5347, 5361 Acquisition mode, 5331 Addressing, 5314 Changing the PLC, 5334 Comment, 5316 Configuration, 5320 Configuring several tags, 5321 Connection to PLC, 5314 Copy, 5319 Creating external tags, 5314 Creating internal tags, 5316 Creating the user data type, 5355 Data log, 5365, 5370 Data type, 5316 Deleting, 5320 Displaying or hiding tag information, 4672, 4729, 4783 Displaying values, 5382 Event, 5346 Exporting, 6149 External tag, 5307 Faceplate type, 5175 Handwheel, 5216 Illuminated pushbutton, 5230 Importing, 6151, 6153 in Runtime, 5331 Index tag, 5344, 5345 Indirect addressing, 5344, 5345 Insert, 7136 Internal tag, 5312 WinCC Advanced V14 System Manual, 10/2016 Key switch, 5275 Length, 5316 Limit value, 5328 Limits, 5327 Linear scaling, 5331, 5333 Logging, 5365, 5370 Logging cycle, 5361 Multiplexing, 5344 Name, 5316 Negative, 2461, 2771 Object list, 5315 Output in alarm, 5426 Overlaying, 2019 Overview, 2004 PLC tag, 4592 PLC tags and DB tags, 2004 Positive, 2460, 2769 Read continuously, 5331 Reconnecting, 5326 Rename, 5319 RFID tag, 6003 Start value, 5329, 5330 symbolic addressing, 5310 Symbolic connection, 7135 Tolerance band, 5365, 5370 Transponder, 6003 Update, 5331, 5347 User data type, 5354 User data type element, 5354 Tag array, 5348 Tag binding Animation, 5121 Tag count with arrays, 5349 Tag data Structure for the import, 6154, 6159 Tag declaration Automatically filling in cells, 4547, 4575, 4616, 4633 Based on a PLC data type, 4563 Block interface, 4529 Declare STRING, 4535 Declaring ARRAY, 4533 Declaring PLC data type, 4536 Declaring STRUCT, 4534 Declaring tags, 4530, 4531, 4536 Deleting a tag, 4546, 4574, 4615, 4632 Importing and exporting tags, 4548, 4576 Inserting a table row, 4545, 4573, 4614, 4631 Inserting table rows at the end, 4546, 4573, 4632 Multi-instance, 4537 Overlaying tags, 4536 Purpose of variable declaration, 4522 7335 Index Reserved key words, 1999 Retentivity, 4527 Showing and hiding columns, 4547, 4575, 4616, 4633 Sorting rows, 4615 Tag properties, 4541, 4543, 4568, 4571, 4572 Updating the block interface, 4548 Valid data types, 4525, 4527 Tag import Tag data structure, 6154, 6159 Tag list Indirect addressing, 5344, 5345 Tag log Migrating, 222 Tag name Web server (PLC), 1037 Tag simulator, 6261, 6301 Tag table Default, 5306 for HMI devices, 5306 user-defined, 5306 Tag value Output, 5382, 5386 Tags Basics, 5305 Editing, 5321 Migration, 230 Monitor all, 4941, 4966 Monitor now, 4967 Monitor once and now, 4942 Tan, 3126 Tangent, 2583, 2892, 3126 Task, 6042 Changing during Runtime, 6053 Changing the name, 6050 Deactivate, 6044, 6045 Deleting, 6051 Task Card, Changing the pane mode, Find instructions, Function, Hardware catalog, Online Tools, 1906 Reducing automatically, Toolbox, 5025 Tools, 5022 Task switching, 6249, 6286 TCI (Tool Calling Interface), 1702 TCON, 4255, 4258 TCON_FDL, 623 TCON_IP_RFC, 621 TCON_IP_RFC for telecontrol connections, 4349 7336 TCON_IP_v4, 615 TCON_IP_V4 for telecontrol connections, 4349 TCON_IP_V4_SEC, 617 TCON_Param, 613 TCON_PHONE for telecontrol connections, 622, 4349 TCON_QDN, 618 TCON_QDN_SEC, 619 TCON_WDC for telecontrol connections, 4349 TCP, 795 Characteristics, 611 Port numbers, 627 TDISCON, 4264 Teach-in mode, 5546 Recipe tag, 5546 Team Engineering Creating a master project, 7090 Example of the program structure in the master project, 7097 Integrating project copies into the master project once again, 7091 Introduction to shared commissioning, 7089 Notes on compatibility, 7091 Procedure for creating the master project, 7093 Procedure for integrating project copies into the master project, 7095 Procedure for manual synchronization of competing changes, 7095 Procedure for modifying central objects within the master project, 7096 Procedure for shared commissioning, 7094 Requirements for shared, parallel working on the project, 7093 Rules for downloading to the CPU, 7099 Rules for editing shared central objects, 7099 Rules for online functions, 7100 Rules for shared working on one CPU, 7098 Rules for the master project, 7096 Rules for working with organization blocks, 7099 Software and hardware requirements, 7092 Working with project copies, 7090 Technology object command table: Shortcut menu commands, 6702 Technology objects PID_3Step, 6522 PID_Compact, 6490 PID_Temp, 6555 Telegram S7-1200 Motion Control, 6605 Telemecanique Uni-Telway Migrating data types, 243 TeleService Access to phone books, 7027 WinCC Advanced V14 System Manual, 10/2016 Index AS_DIAL, 7074 Callback variants, 7040 Communications instruction:"AS_DIAL", 7026 Communications instruction:"AS_MAIL", 7026 Communications instruction:"PG_DIAL", 7026 Communications instruction:"SMS_SEND", 7026 Communications instruction:"TM_MAIL", 7026 Communications instruction:"TMAIL_C", 7026 Connection establishment options:S7-1200 CPUs, 7072 Connection establishment options:S7-1500 CPUs, 7072 Connection establishment options:S7-300/400 CPUs, 7071 Defining dialing rules, 7033 Establish connection to AS, 7074 Export phone book, 7032 Functionality, 7026 Gateways, 7037 Import phone book, 7030 Inserting rows in the phone book, 7030 Meaning of the icons, 7029 Modem support, 7036 Modem types / media, 7037 Open phone book, 7029 Performance in telephone networks, 7037 Phone book, 7026 Phone book properties, 7027 Printing the phone book, 7033 Save phone book, 7030 Showing or hiding columns in the phone book, 7030 Structure of the phone book, 7028 Transferring e-mail with TM_MAIL, 4451 Working with the phone book, 7027 TeleService callback options, 7042 TeleService phone book, 7026 TeleService via WAN, 1125 Temperature coefficient, 1802, 1870 Temperature compensation, 1789, 1831 Template, 5127 Copy, 4993 Creating, 4994 Deleting, 4993 Global screen, 4993 Inserting, 4993 Move, 4993 Rename, 4993 Template, Use in screen, 4997 Temporary connection, 1121 Tens complement, 2743, 3054, 3296 WinCC Advanced V14 System Manual, 10/2016 Terminal modules and electronic modules, 1786 TerminatePROFIsafe, 5800 Terminating the remote connection, 7058 Test options in the force table, 4951 Testing User-defined function, 5714 Text Acknowledgment group, 6249, 6286 Button, 5271 Text field, 5292, 5649 Text field, 5291, 5648 Size, 5292, 5649 Text field length Asian languages, 6196 Text list Application, 5084 Bit (0, 1), 5090 Bit number (0 - 31), Creating, 5086 Exporting, 6156 Importing, 6158 Output in alarm, 5427 Symbolic I/O field, 5093, 5283 Value/Range, 5088 Text lists Bit selection, 6249, 6286 Introduction, 435 System-defined, 436 Text lists editor, 436 Use in recipe data records, 5551 User-defined, 436 Texts Exporting all texts, 433 Exporting individual texts, 432 Exporting texts of a device, 432 Importing, 434 Migrating, 219 Textual cross-references show, 6167 VB scripts, 6168 TFTP Load/save, 1235, 1502 THEN, 3223 Thermal resistor, 1831, 1842 Thermocouple, 1831, 1842 THIS, 2013 TIA Portal Exiting, 260 Starting, 260 TiaDefaultProjectPath, 60 TiaUserSettingsPath, 60 TIME, 2155, 2227, 2301, 2347, 2388, 2407, 2427 7337 Index Time accumulator, 2471, 2780, 2790, 3071 Time delay, 2694, 3005, 3255 Time delay interrupt, 1004 Time duration, 2483, 2793, 3075 Time error interrupt, 1008 Time error OB, 1008 Time expired, 6001 Time of day Precision Time Protocol, 1261 Setting the time of day in the Online and Diagnostics view, 1927 SNTP (Simple Network Time Protocol), 1256, 1522 System Time, 1253, 1518 Time-of-day synchronization, 1256, 1522 Time stamp, 5412 Time stamping, 1790 Time synchronization, 827, 960 TIME_TCK, 3330 TIME_TO_, 2301, 2388, 2427 Time-delay interrupt Canceling with CAN_DINT, 3666 Instructions, 3663 Querying with QRY_DINT, 3666 Starting with SRT_DINT, 3664 Time-delay interrupt OB, 1004 Time-driven output Report, 5623 Time-of-day, 2157, 2158, 2159, 2160 Calculating local time with SET_TIMEZONE, 3320 Reading the system time of the CPU with TIME_TCK, 3330 Reading time-of-day and date of CPU with RD_SYS_T, 3313 Setting for CPU with WR_SYS_T, 3311 Time-of-day function Basics, 968 Clock parameters, 969 Reading the time-of-day, 969 Setting the time-of-day, 969 Time-of-day format, 968 Time-of-day interrupt Activating with ACT_TINT, 3654 Cancel, 1000 Canceling with CAN_TINT, 3653 Function, 1000 Querying with QRY_TINT, 3655 Rules, 1000 Set and activate, 1000 Setting with SET_TINT, 3649, 3651 Status query, 1000 7338 Time-of-day interrupt OB Parameter assignment, 1015 Timer, 2155, 2485, 2795, 6046 Acyclic triggers, 6046 Cyclic triggers, 6046 Recording, 2480 Timers Adding with the instruction T_ADD, 3302 Combine date and time with T_COMBINE, 3309 Comparing time tags with T_COMP, 3299 Converting with T_CONV, 3301 Determining difference with T_DIFF, 3307 Subtracting with T_SUB, 3305 Title page Report, 5618 TLS, 714 TM_MAIL, 4451 TMAIL_C, 4235 TMAIL_C V4.0, 4239 TO, 3227 TO_PositioningAxis, 6636 TOD, 2157, 2239, 2318, 2349, 2391, 2410, 2430 TOD_TO_, 2318, 2391, 2430 TOF, 2468, 2478, 2777, 2788, 3068 Toggle, 6000 Between Runtime languages, 6189 Key, 6279, 6344 Tolerance band Tags, 5365, 5370 TON, 2465, 2476, 2774, 2786, 3065 TONR, 2471, 2480, 2780, 2790, 3071 Tool Calling Interface (TCI), 1702 Toolbar, 5207 Order, 5029, 5038, 5629 PLC code view, 5255, 6092 Toolbox, 5025 Tools, 5022 Tooltip Show limits, 6249, 6286 Topology discovery, 1689 Topology editor, 593 Topology overview, 533 Topology view Adding device, 552 Adopt devices identified online, 709 Adopt port interconnections identified online, 708 Advanced offline/online comparison, 701 Compare offline/online, 698 Configured topology, 695, 696 Diagnostics status in the graphic view, 697 Diagnostics status in the table view, 698 Differences compared with the network view, 693 WinCC Advanced V14 System Manual, 10/2016 Index Functions, 692 Hardware and network editor, 533 Interconnecting ports, 702 TP, 2462, 2474, 2772, 2784, 3062 TP 177B mono Symbol library, 5281 Trace, 6966, (Trigger time) Align overlay measurements, 7009 Analyze an ongoing recording, 6999 Apply overlay measurement, 6996 Bit track, 6978 Configure project navigator into groups, 6997 Copy measurement, 67 CPU load, 7012 Creating a trace configuration, 6995 Curve diagram, 6978, 7003 Data storage, 6969 Displaying a diagram, 6996 Displaying a trace configuration, 6996 Installed measurements (memory card), 6969, 6975 Installed trace, 6969 Lifetime of the values, 7011 Measurement, 6969, 7000, 7001 Measurement cursor, 7003 Measurement cursor pane, 6987 Memory usage, 67 Mouse wheel, 6979 Overlay measurement, 6969, 6976, 6984, 7007 Pre-trigger, 7017 Printing, 7009 Project navigator, 6972 Quantity structure, 7012 Quick start, 6990 Recordable tags, 7010 Recording, 6968, 6998, 6999 Recording conditions, 7014, 7019 Recording cycle, 6992, 7023 Recording duration, 7023 Recording levels, 7011 Reduction, 7015 Sampling, 6992 Save installed measurements, 7018, 7025 Saving the trace configuration, 7003 Signal group, 7006 Signal table, 6982, 7005 Signals, 7013, 7023 Snapshots pane, 6988 Status, 6973 Supported devices, 6966 Trace configuration, 6968, 6969, 6998, 7001, 7002, 7022 WinCC Advanced V14 System Manual, 10/2016 Trigger, 7024 Trigger mode, 7016 Trigger tag, 7016, 7019 User interface, 6970, 6989, 7012 Trace function, 6966 Trace S7-1200/1500, 7010 TraceUserChange, 5835 Transfer License key to HMI device, 6374 Transfer card, 944 Transfer card; see Transfer card, 944 Translate Editor, 6177 Translating texts, 426 Transmission medium/duplex, 1684 Transmission mode, 1101 Transmission protocol, 5221 Transparency In graphic, 5066 transparent color, 5210 Display on panels, 5210 Transponder, 6003, 6004 Transport Layer Security, 714 TRCV, 4273, 4277 TRCV_C, 4214, 4219 Trend, 5384 Trend view, 5226, 5384 Button, 5227 Configuring for logging, 5389 Configuring for values from the PLC, 5382, 5387 TrendViewBackToBeginning, 5888 TrendViewCompress, 5885 TrendViewExtend, 5884 TrendViewRulerLeft, 5886 TrendViewRulerRight, 5885 TrendViewScrollBack, 5884 TrendViewScrollForward, 5883 TrendViewSetRulerMode, 5887 TrendViewStartStop, 5887 Trigger tag, 5413 Trigger tag - resetting, 1100 Triggers, 6044 Acyclic, 6044, 6047 Changing, 6051 Cyclic, 6045, 6055 Event trigger, 6044, 6045, 6049, 6052 Standard cycle, 6045 TRUE, 2460, 2461, 2769, 2771, 3056, 3057 TRUNC, 2658, 2969, 3207 Trust Mode, 1289 TS Adapter IE Advanced Brief description, 7067 7339 Index Connection types, 7068 Parameter assignment, 7070 Parameter assignment options, 7069 TS Adapter MPI Brief description, 7044 Default parameter assignment, 7045 Direct connection, 7045 Establishing a modem connection, 7046 Establishing the direct connection, 7045 Exporting adapter parameters, 7050 Importing adapter parameters, 7050 Modem connection, 7046 Parameter assignment, 7048 Parameter assignment options, 7047 Principle of operation, 7044 Restoring the default parameter assignments, 7049 Setting up access protection, 7041 TS Adapter IE Brief description, 7051 Default parameter assignment, 7053 Parameter assignment, 7056, 7070 Principle of operation, 7052 TS Adapter IE Basic Connection to the GSM network, 7054 Connection to the telephone network, 7054 Connection to the telephone network through an external modem, 7055 Connection types, 7053 TSAP ASCII code table, 631 Structure, 629, 654 TSAP assignment Examples, 631 TSEND, 4266, 4269 TSEND_C, 4200, 4205 Tuning, 6718 TURCV, 4286 TUSEND, 4282 Two-hand operation Multi-touch devices, 6338 Twos complement, 2565, 2875 Type Changeable properties of a type, 489 Changeable properties of a version, 489 Creating an instance, 506 Displaying the properties of a type, 488 Displaying the properties of a version, 488 Library, 6117 typed, 2113 TypeOf, 3109 TypeOfElements, 3110 7340 Types Copying instances, 494 Creating an instance, 494 Pasting instances, 494 Using types, 494 Types of DP slaves, 1636 U UART data transmission, 975 UBLKMOV, 2646, 2956, 3195 UDINT, 2146, 2216, 2283, 2344, 2379 UDINT_TO_, 2283, 2379 UDP, 795, 802, 827 Characteristics, 612 Port numbers, 627 UDT, 2057, 2072, 2104 UFILL_BLK, 2616, 2927, 3151 UINT, 2144, 2212, 2276, 2342, 2373 UINT_TO_, 2276, 2373 ULINT, 2148, 2220, 2290 ULINT_TO_, 2290 UMOVE_BLK, 2611, 2921, 3146 Underflow, 1804, 1828 Undoing actions Basics of undoing, 344 Undoing last action, 346 Undoing multiple actions, 346 Uninstalling Option, 6376 Uninstalling license keys, 123 Uniqueness of object names, 196 Universal Serial Interface Protocol, (See USS protocol) Universal symbolism, 2055 Unknown peers, 841 Unlock Operator control, 6339 User, 5678 Unplugged module, 531 UNSCALE, 2666, 2977, 3221 Unsolicited, 1101 Unspecified CPU, 553 UNTIL, 3231 UPDAT_PI, 3404 UPDAT_PO, 3407 Update, 1003 Operating system of the HMI device (Windows CE), 6372 Tag, 5331, 5347 Update cycle, 5361 WinCC Advanced V14 System Manual, 10/2016 Index Update interrupt, 1003 Update interrupt OB, 1003 Update time, 1680 UpdateTag, 5788 Updating Device proxy, 7114, 7119 Faceplate type, 5167 IPE data, 7114, 7119 Updating a library, 515, 6127 Updating the device version, 6371 Updating the firmware, 6371 Updating the operating system, 6371 Updating types to the latest version, 515, 6127 Upgrade Global library, 6231 Project, 6230 Project version, 6230 Upload, 1705 Uploading from a device, 376 URCV, 4194 USB Download, 6313 Loading, 6314 USB card readers, 58 USB driver, 6314 Installation under Windows 7, 6314 USB port, 6314 Use, 5538 Faceplate type, 5170 Of recipes, 5538 ProDiag overview, 5260 Project-wide alarm class, 5417 Screen navigation function keys, 5140 Slide-in screen, 5006 Style sheet, 5021 Use global assignment Function key, 4992 Useful information on configuring the TS Adapter MPI, 7047 USEND, 4192 User Assigning roles, 769 Changing, 5677 Creating roles, 768 Deleting in runtime, 5678 Logon, 5681 Setting up, 766 Unlock, 5678 User administration, 5649, 6250, 6287 Central user administration, 5668 exporting, 5679 WinCC Advanced V14 System Manual, 10/2016 importing, 5680 Migration, 222 Object with access protection, 5684 Runtime settings, 4989, 5655, 5657, 5672, 5678, 5681 Setting up, 5688 SIMATIC Logon, 5668 User change, 5994, 6051 User data Area, 951 Backup, 5652 Restoring, 5652 User data type, 5354 Create, 5355 Creating, 5354 Creating a user data type element, 5355 Deleting, 5359 Editing, 5358 Release, 5358 Tags, 5354 User data type element Create, 5355 User data types Interconnecting with faceplates, 5157 User group Administer authorizations, 5666 Assigning, 5693 Assigning users, 5665 Change displayed name, 5667 Changing in runtime, 5678 Changing the name, 5667 Creating, 5692 Deleting, 5667 Managing, 5666 Unauthorized, 5682 User Groups, 1396, 1589 User interface "Reference projects" palette, 289 Details view, 290 Inspector window, 285 Maximizing the work area, 279 Minimizing the work area, 279 Overview window, 292 Portal view, 268 Project tree, 273 Project view, 270 Task card, 287 Views, 268 Work area, 277 User interface language, 6171 Selecting, 6174 User libraries, 456 7341 Index User name, 767 User pages, (See user-defined web pages) User program Finding errors, 4481 Function, 1959 Testing, 4903 User rights Hierarchy levels, 6250, 6287 User texts, 426 User view, 5673 Application, 5195 Column width, 5196 Columns moveable, 5199 Complex user view, 5198, 5674 Configuring, 5675 Layout, 5196 Moving columns, 5196 Number of lines, 5196, 5199 Simple user view, 5199, 5242 User-defined documentation, 442 Enabling the call log, 445, 446 Specifying settings, 445, 446 Specifying the central file directory, 445, 446 User-defined function, 5695 Adapting display properties, 5706 Applications, 5698 Autocompletion, 5704 Changing object property, 5731 Code templates, 5705 configuring with VBS, 5712 Entering parameters, 5704 Executing in Runtime, 5728 In a function list, 5698 In user-defined functions, 5698 Opening know-how protected functions, 5717 Parameter transfer, 5710 Properties, 5698 Return value in VBS, 5711 Sequence is not adhered to, 5729 Synchronizing object, 5706 Synchronizing tag, 5706 Syntax highlighting, 5706 Temperature conversion, 5731 Testing, 5714 Usage, 5698 Using a system function, 5728 User-defined roles, 768 User-defined text lists Creating, 437 Editing, 437 Editing value ranges and texts, 438 7342 User-defined web pages, 1032, 1035, 1045, 1046, 1047, 1048, 1049 Users Assigning a user group, 5665 Changing the name, 5665 Create, 5663 Creating, 5693 Creating in runtime, 5675 Deleting, 5666 Logging logons, 5687 Managing, 5665, 5677 Updating after change of user, 6051 Using a TS Adapter for TeleService, 7035, 7059 Using frames and cover pages from the library, 406 Using tags, 5202 Using the keyboard Editing texts, 4462 FBD, 4462 GRAPH, 4462 LAD, 4462 Program editor, 4462 SCL, 4462 STL, 4462 Using the on-screen keyboard, 310 Using UDTs, 2104 Using user data types (UDTs) in faceplates, 5156 USINT, 2142, 2209, 2269, 2340, 2367 USINT_TO_, 2269, 2367 USS communication Controlling a transmission to a drive with USS_PORT, 4386 Data exchange with drives via USS_DRIVE, 4387 Modifying parameters in the drive with USS_WPM, 4391 Reading parameters from the drive with USS_RPM, 4390 USS protocol Instructions, 4382 USS status codes, 4393 USS_DRIVE, 4387 USS_PORT, 4386 USS_RPM, 4390 USS_WPM, 4391 V VAL_STRG, 3345 Value, 2568, 2878 Value assignment, 4759 Value change, 6001 WinCC Advanced V14 System Manual, 10/2016 Index Value/Range Text list, 5088 Values Comparing, 6470 Variable index, 2069, 2072 VARIANT, 2078, 2081, 2082, 2085, 2088, 2191, 2544, 2546, 2548, 2550, 2632, 2633, 2635, 2854, 2856, 2858, 2860, 2942, 2943, 2945, 3109, 3110, 3185, 3187, 3188, 3214, 3216 VARIANT_TO_DB_ANY, 3214 VariantGet, 2632, 2942, 3185 VariantPut, 2633, 2943, 3187 VB-script Migrating, 218 Vendor ID, 1179, 1450 Version overview, 1019 Versioning of types Released version, 487 Version in progress, 486 Version in test, 487 Versions in WinCC, 6226 Vertical movement Animation, 5116 Vertical radius, 5206 View options For the assignment list, 4867 Setting the call structure, 4875 Setting the dependency structure, 4881 Virtual environment, 59 Virtual Machine (VM) Supported virtualization platforms, 125, 128 Virus scanners, 129 Visible column, 5201 VLAN, 1142, 1432 Day, 1297, 1570 Port VID, 1297, 1570 Priority, 1297, 1570 VLAN ID, 1145, 1432 VLAN tag, 1143, 1431 VLAN operation, 837 VLAN tagging, 837 VOID, 2193 VPN connection Deleting CA certificates, 7065 Establishing, 7065 Installing CA certificate, 7062 Terminating, 7067 VPN connection is not established Check and remedy, 7086 VPN group, 834 VRRP Address overview, 1353 WinCC Advanced V14 System Manual, 10/2016 Backup router, 1160 Configuration, 1351 Interface Tracking, 1354, 1359, 1385 Master router, 1160 Router, 1350 Virtual router, 1160 VRRP addresses overview (IPv4), 1358 VRRP router, 1160 VRRP routers (IPv4), 1355, 1381 VRRP Statistics, 1185 VRRPv3 address configuration (IPv6), 1385 VRRPv3 Addresses Configuration (IPv4), 1358 VRRPv3 addresses overview (IPv6), 1384 VRRPv3 Configuration (IPv4), 1356 VRRPv3 Configuration (IPv6), 1383 VRRPv3 VRRPv3 Statistics, 1187 W WAIT, 2694, 3005, 3255 Wake on LAN, 3577 WAN IP address Specifying, 847 Warm restart, 941 Watch table, 5200 Basic mode, 4924 Changed display formats, 74 Copying, 4928 Creating, 4927 Example of filling out a watch table, 4929 Expanded mode, 4924 Layout, 4924 Loading data blocks during an active control job, 74 Meaning of the columns, 4924 Meaning of the icons, 4926 Monitoring and modifying modes, 4938 Multiple access to the same CPU, 73 Opening, 4928 Operator control, 5201 Overview of the display formats, 4933 Overview of the test options, 4923 Permitted operands, 4930 Permitted operands for modify values, 4931 Possible applications, 4923 Saving, 4929 Sequence of columns, 5201 StatusForceGetValues, 5201 StatusForceSetValues, 5201 Switching between basic mode and expanded mode, 4925 7343 Index Syntax check, 4929 Testing wiring, 4923 Visible column, 5201 Watchdog time, 1682 WCHAR, 2162, 2244, 2325 WCHAR_TO_, 2325 WDS, 1553 Web address, 5218 Web application, 1032 Web browser, 6351 Web Control DB, 1050 Web data blocks, 1047, 1048 Web pages in browser, 1055 Web server, 1026, 1028, 1032, 1035, 1047, 1048, (See Web server) Enable, 1029 Enumerations, 1045 Fragment, 1046 HTTPS, 1030 Rules PLC tag names, 1037 User-defined web pages, 1032 WebKit engine, 6351 When dialog is closed, 5993 When dialog is opened, 5993 WHILE, 3229 WinACMPArchive, 5927 WinACMPClearCycleTimeBuffer, 5929 WinACMPControl, 5934 WinACMPGetStartMode, 5928 WinACMPGetVersion, 5928 WinACMPRestore, 5935 WinACMPSetHMIEnableTime, 5931 WinACMPSetKeySwitch, 5930 WinACMPSetSleeptime, 5932 WinACMPSetStartAtBoot, 5930 WinACMPSetStartMode, 5932 WinACMPStartHistogram, 5933 WinACMPStopHistogram, 5935 WinACMPUpdateAverageCycleTime, 5916 WinACMPUpdateAverageExecTime, 5915 WinACMPUpdateBUSF1LED, 5913 WinACMPUpdateBUSF2LED, 5914 WinACMPUpdateEXTFLED, 5917 WinACMPUpdateHMIEnableTime, 5918 WinACMPUpdateINTFLED, 5919 WinACMPUpdateKeySwitchSetting, 5912 WinACMPUpdateLastCycleTime, 5920 WinACMPUpdateMaximumCycleTime, 5921 WinACMPUpdateMinimumCycleTime, 5922 WinACMPUpdatePowerLED, 5923 WinACMPUpdateRUNLED, 5925 WinACMPUpdateStartupCharacteristics, 5911 7344 WinACMPUpdateSTOPLED, 5926 WinACSetStartMode, 5932 WinCC flexible project Migrate, 199, 228 WinCC OPC Client Configuring, 6429 WinCC Runtime Available system functions, 5780 WinCC Runtime Advanced Display and operating object, 5191 WinCC version Compatibility, 6227 Window layouts Changing order, 298 Deleting window layouts, 298 Windows, 124 Wire break, 1803, 1869 Wireless LAN/PB link, 1655 Wiring tests, 4923 Wizard Device wizard, 6241, 6245 WLAN WLAN authentication log, 1454 WLAN area, 6002 WLAN reception, 5299 Layout, 5299 WLAN statistics Fault, 1482 Received data frames, 1485 Sent data frames, 1485 WORD, 2137, 2203, 2254, 2337, 2357, 2403, 2415 WORD_TO_, 2254, 2357, 2415 WORD_TO_BLOCK_DB, 2434 Work area Effective range, 6012 Effective range (RFID), 6014 Embedding floating elements, 281 Floating elements, 281 Function, 277 Maximizing, 279 Maximizing elements, 284 Minimizing, 279 Minimizing elements, 284 Mobile Wireless, 6012 Mobile Wireless (RFID), 6014 Saving a layout of editors and tables, 298 Splitting, 280 Switching between elements, 284 Using grouped elements, 282 Zone, 6009, 6010 Work memory, 946, 4883 WinCC Advanced V14 System Manual, 10/2016 Index Working step to create screens, 4985 Working with local sessions, 7243 Working with Multiuser Engineering, 7140, 7143 WR_DPARM, 3629 WR_LOC_T, 3317 WR_REC, 3535 WR_SYS_T, 3311 WRIT_DBL, 3848 Write field, 2641, 2951 Write memory address, 3170 Write memory area, 3173 Write memory bit, 3172 WRITE_BIG, 3183 WRITE_LITTLE, 3178 WriteToArrayDB, 2624, 2934, 3158 WriteToArrayDBL, 2629, 2939, 3163 Writing A data record with WR_REC, 3535 Writing data in remote CPU with PUT, 4187 To DP standard slaves/PROFINET IO devices with DPWR_DAT, 3538 Writing tags, 1040 WRREC, 3437 WSTRING, 2028, 2165, 2247, 2330 Addressing, 2168 WSTRING_TO_, 2330 WWW (instruction), 1049 WWW Synchronizing user-defined web pages, 4323 Zone signal, 5303 Zones editor, 6008 Zoom Adjusting the zoom setting, 524, 527, 533 Keyboard operation, 550 Zoom in/out, (See Zoom) Zooming Multi-touch devices, 6336 Screen, 4985 X X.509, 711 xlsx file, 6143, 6150, 6152, 6156, 6157 Importing tags, 6150, 6152 Preparing for the import, 6150, 6152 XOR, 2700, 2748, 2749, 3011, 4757, 4758 Z Zone, 6003, 6004, 6008 Calculating quality, 5304 Configuring a screen change, 6029, 6032 Displaying an object in relation to the zone, 6030 ID Zone, 6030 On entry, 5303 Work area, 6009, 6010 Zone ID, 5303 Zone ID / connection point ID, 6041 Zone name, 5302 WinCC Advanced V14 System Manual, 10/2016 7345 Index 7346 WinCC Advanced V14 System Manual, 10/2016